Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/zabbix/zabbix.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/ui/include/classes/api/CAudit.php
diff options
context:
space:
mode:
Diffstat (limited to 'ui/include/classes/api/CAudit.php')
-rw-r--r--ui/include/classes/api/CAudit.php163
1 files changed, 131 insertions, 32 deletions
diff --git a/ui/include/classes/api/CAudit.php b/ui/include/classes/api/CAudit.php
index b846e380071..1d15f35b17c 100644
--- a/ui/include/classes/api/CAudit.php
+++ b/ui/include/classes/api/CAudit.php
@@ -123,6 +123,7 @@ class CAudit {
self::RESOURCE_ICON_MAP => 'icon_map',
self::RESOURCE_IMAGE => 'images',
self::RESOURCE_ITEM => 'items',
+ self::RESOURCE_ITEM_PROTOTYPE => 'items',
self::RESOURCE_IT_SERVICE => 'services',
self::RESOURCE_MACRO => 'globalmacro',
self::RESOURCE_MAINTENANCE => 'maintenances',
@@ -130,6 +131,7 @@ class CAudit {
self::RESOURCE_MODULE => 'module',
self::RESOURCE_PROXY => 'hosts',
self::RESOURCE_REGEXP => 'regexps',
+ self::RESOURCE_SCENARIO => 'httptest',
self::RESOURCE_SCHEDULED_REPORT => 'report',
self::RESOURCE_SCRIPT => 'scripts',
self::RESOURCE_SETTINGS => 'config',
@@ -173,6 +175,7 @@ class CAudit {
self::RESOURCE_ICON_MAP => 'name',
self::RESOURCE_IMAGE => 'name',
self::RESOURCE_ITEM => 'name',
+ self::RESOURCE_ITEM_PROTOTYPE => 'name',
self::RESOURCE_IT_SERVICE => 'name',
self::RESOURCE_MACRO => 'macro',
self::RESOURCE_MAINTENANCE => 'name',
@@ -180,6 +183,7 @@ class CAudit {
self::RESOURCE_MODULE => 'id',
self::RESOURCE_PROXY => 'host',
self::RESOURCE_REGEXP => 'name',
+ self::RESOURCE_SCENARIO => 'name',
self::RESOURCE_SCHEDULED_REPORT => 'name',
self::RESOURCE_SCRIPT => 'name',
self::RESOURCE_SETTINGS => null,
@@ -212,6 +216,7 @@ class CAudit {
self::RESOURCE_ICON_MAP => 'iconmap',
self::RESOURCE_IMAGE => 'image',
self::RESOURCE_ITEM => 'item',
+ self::RESOURCE_ITEM_PROTOTYPE => 'itemprototype',
self::RESOURCE_IT_SERVICE => 'service',
self::RESOURCE_MACRO => 'usermacro',
self::RESOURCE_MAINTENANCE => 'maintenance',
@@ -246,6 +251,44 @@ class CAudit {
'paths' => ['hostprototype.macros.value'],
'conditions' => ['type' => ZBX_MACRO_TYPE_SECRET]
],
+ self::RESOURCE_ITEM => [
+ [
+ 'paths' => ['item.password'],
+ 'conditions' => [
+ [
+ 'type' => [ITEM_TYPE_SIMPLE, ITEM_TYPE_DB_MONITOR, ITEM_TYPE_SSH, ITEM_TYPE_TELNET,
+ ITEM_TYPE_JMX
+ ]
+ ],
+ [
+ 'type' => ITEM_TYPE_HTTPAGENT,
+ 'authtype' => [HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM, HTTPTEST_AUTH_KERBEROS,
+ HTTPTEST_AUTH_DIGEST
+ ]
+ ]
+ ]
+ ],
+ ['paths' => ['item.ssl_key_password'], 'conditions' => ['type' => ITEM_TYPE_HTTPAGENT]]
+ ],
+ self::RESOURCE_ITEM_PROTOTYPE => [
+ [
+ 'paths' => ['itemprototype.password'],
+ 'conditions' => [
+ [
+ 'type' => [ITEM_TYPE_SIMPLE, ITEM_TYPE_DB_MONITOR, ITEM_TYPE_SSH, ITEM_TYPE_TELNET,
+ ITEM_TYPE_JMX
+ ]
+ ],
+ [
+ 'type' => ITEM_TYPE_HTTPAGENT,
+ 'authtype' => [HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM, HTTPTEST_AUTH_KERBEROS,
+ HTTPTEST_AUTH_DIGEST
+ ]
+ ]
+ ]
+ ],
+ ['paths' => ['itemprototype.ssl_key_password'], 'conditions' => ['type' => ITEM_TYPE_HTTPAGENT]]
+ ],
self::RESOURCE_MACRO => [
'paths' => ['usermacro.value'],
'conditions' => ['type' => ZBX_MACRO_TYPE_SECRET]
@@ -312,6 +355,12 @@ class CAudit {
'hostprototype.tags' => 'host_tag',
'hostprototype.templates' => 'hosts_templates',
'iconmap.mappings' => 'icon_mapping',
+ 'item.parameters' => 'item_parameter',
+ 'item.preprocessing' => 'item_preproc',
+ 'item.tags' => 'item_tag',
+ 'itemprototype.parameters' => 'item_parameter',
+ 'itemprototype.preprocessing' => 'item_preproc',
+ 'itemprototype.tags' => 'item_tag',
'maintenance.groups' => 'maintenances_groups',
'maintenance.hosts' => 'maintenances_hosts',
'maintenance.tags' => 'maintenance_tag',
@@ -390,6 +439,12 @@ class CAudit {
'hostprototype.tags' => 'hosttagid',
'hostprototype.templates' => 'hosttemplateid',
'iconmap.mappings' => 'iconmappingid',
+ 'item.parameters' => 'item_parameterid',
+ 'item.preprocessing' => 'item_preprocid',
+ 'item.tags' => 'itemtagid',
+ 'itemprototype.parameters' => 'item_parameterid',
+ 'itemprototype.preprocessing' => 'item_preprocid',
+ 'itemprototype.tags' => 'itemtagid',
'maintenance.groups' => 'maintenance_groupid',
'maintenance.hosts' => 'maintenance_hostid',
'maintenance.tags' => 'maintenancetagid',
@@ -640,27 +695,60 @@ class CAudit {
}
$object_path = self::getLastObjectPath($path);
+ $abstract_path = self::getAbstractPath($path);
- if (!in_array(self::getAbstractPath($path), self::MASKED_PATHS[$resource]['paths'])) {
+ $rules = [];
+
+ if (array_key_exists('paths', self::MASKED_PATHS[$resource])) {
+ if (in_array($abstract_path, self::MASKED_PATHS[$resource]['paths'])) {
+ $rules = self::MASKED_PATHS[$resource];
+ }
+ }
+ else {
+ foreach (self::MASKED_PATHS[$resource] as $_rules) {
+ if (in_array($abstract_path, $_rules['paths'])) {
+ $rules = $_rules;
+ break;
+ }
+ }
+ }
+
+ if (!$rules) {
return false;
}
- if (!array_key_exists('conditions', self::MASKED_PATHS[$resource])) {
+ if (!array_key_exists('conditions', $rules)) {
return true;
}
- $all_conditions = count(self::MASKED_PATHS[$resource]['conditions']);
- $true_conditions = 0;
+ $or_conditions = $rules['conditions'];
+
+ if (!array_key_exists(0, $or_conditions)) {
+ $or_conditions = [$or_conditions];
+ }
+
+ foreach ($or_conditions as $and_conditions) {
+ $all_conditions = count($and_conditions);
+ $true_conditions = 0;
- foreach (self::MASKED_PATHS[$resource]['conditions'] as $condition_key => $value) {
- $condition_path = $object_path.'.'.$condition_key;
+ foreach ($and_conditions as $condition_key => $value) {
+ $condition_path = $object_path.'.'.$condition_key;
- if (array_key_exists($condition_path, $object) && $object[$condition_path] == $value) {
- $true_conditions++;
+ if (array_key_exists($condition_path, $object)) {
+ $values = is_array($value) ? $value : [$value];
+
+ if (in_array($object[$condition_path], $values)) {
+ $true_conditions++;
+ }
+ }
+ }
+
+ if ($true_conditions == $all_conditions) {
+ return true;
}
}
- return ($true_conditions == $all_conditions);
+ return false;
}
/**
@@ -739,6 +827,11 @@ class CAudit {
return false;
}
+ if ($schema_fields[$field_name]['type'] === DB::FIELD_TYPE_ID && $schema_fields[$field_name]['null']
+ && $value == 0) {
+ return true;
+ }
+
if (!array_key_exists('default', $schema_fields[$field_name])) {
return false;
}
@@ -824,19 +917,21 @@ class CAudit {
$result[self::getLastObjectPath($path)] = [self::DETAILS_ACTION_ADD];
}
- if (self::isDefaultValue($resource, $path, $value)) {
+ if (self::isValueToMask($resource, $path, $object)) {
+ $result[$path] = [self::DETAILS_ACTION_ADD, ZBX_SECRET_MASK];
continue;
}
- if (self::isValueToMask($resource, $path, $object)) {
- $result[$path] = [self::DETAILS_ACTION_ADD, ZBX_SECRET_MASK];
+ if (self::isDefaultValue($resource, $path, $value)) {
+ continue;
}
- elseif (in_array(self::getAbstractPath($path), self::BLOB_FIELDS)) {
+
+ if (in_array(self::getAbstractPath($path), self::BLOB_FIELDS)) {
$result[$path] = [self::DETAILS_ACTION_ADD];
+ continue;
}
- else {
- $result[$path] = [self::DETAILS_ACTION_ADD, $value];
- }
+
+ $result[$path] = [self::DETAILS_ACTION_ADD, $value];
}
return $result;
@@ -880,42 +975,46 @@ class CAudit {
}
foreach ($object as $path => $value) {
+ $is_value_to_mask = self::isValueToMask($resource, $path, $object);
$db_value = array_key_exists($path, $db_object) ? $db_object[$path] : null;
if ($db_value === null) {
+ $is_value_to_mask = self::isValueToMask($resource, $path, $object);
+
+ if ($is_value_to_mask) {
+ $result[$path] = [self::DETAILS_ACTION_ADD, ZBX_SECRET_MASK];
+ continue;
+ }
+
if (self::isDefaultValue($resource, $path, $value)) {
continue;
}
if (in_array(self::getAbstractPath($path), self::BLOB_FIELDS)) {
$result[$path] = [self::DETAILS_ACTION_ADD];
+ continue;
}
- else {
- $result[$path] = [
- self::DETAILS_ACTION_ADD,
- self::isValueToMask($resource, $path, $object) ? ZBX_SECRET_MASK : $value
- ];
- }
+
+ $result[$path] = [self::DETAILS_ACTION_ADD, $value];
}
else {
- $is_mask_value = self::isValueToMask($resource, $path, $object);
- $is_mask_db_value = self::isValueToMask($resource, $path, $db_object);
+ $is_db_value_to_mask = self::isValueToMask($resource, $path, $db_object);
- if ($value != $db_value || $is_mask_value || $is_mask_db_value) {
+ if ($value != $db_value || $is_value_to_mask || $is_db_value_to_mask) {
if (self::isNestedObjectProperty($path)) {
$result[self::getLastObjectPath($path)] = [self::DETAILS_ACTION_UPDATE];
}
if (in_array(self::getAbstractPath($path), self::BLOB_FIELDS)) {
$result[$path] = [self::DETAILS_ACTION_UPDATE];
+ continue;
}
- else {
- $result[$path] = [
- self::DETAILS_ACTION_UPDATE,
- $is_mask_value ? ZBX_SECRET_MASK : $value,
- $is_mask_db_value ? ZBX_SECRET_MASK : $db_value
- ];
- }
+
+ $result[$path] = [
+ self::DETAILS_ACTION_UPDATE,
+ $is_value_to_mask ? ZBX_SECRET_MASK : $value,
+ $is_db_value_to_mask ? ZBX_SECRET_MASK : $db_value
+ ];
}
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 08:30:04 +0300