1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<?php declare(strict_types=1);
/*
** Zabbix
** Copyright (C) 2001-2021 Zabbix SIA
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
**/
class CControllerTokenCreate extends CController {
protected function checkInput() {
$fields = [
'name' => 'db token.name|required|not_empty',
'description' => 'db token.description',
'userid' => 'db users.userid|required',
'expires_state' => 'in 0,1|required',
'expires_at' => 'range_time',
'status' => 'db token.status|required|in '.ZBX_AUTH_TOKEN_ENABLED.','.ZBX_AUTH_TOKEN_DISABLED,
'action_src' => 'fatal|required|in token.edit,user.token.edit',
'action_dst' => 'fatal|required|in token.view,user.token.view'
];
$ret = $this->validateInput($fields);
if (!$ret) {
switch ($this->getValidationError()) {
case self::VALIDATION_ERROR:
$location = (new CUrl('zabbix.php'))->setArgument('action', $this->getInput('action_src'));
$response = new CControllerResponseRedirect($location);
$response->setFormData($this->getInputAll());
CMessageHelper::setErrorTitle(_('Cannot add API token'));
$this->setResponse($response);
break;
case self::VALIDATION_FATAL_ERROR:
$this->setResponse(new CControllerResponseFatal());
break;
}
}
return $ret;
}
protected function checkPermissions() {
if (CWebUser::isGuest()) {
return false;
}
return $this->checkAccess(CRoleHelper::ACTIONS_MANAGE_API_TOKENS);
}
protected function doAction() {
$this->getInputs($token, ['name', 'description', 'userid', 'expires_at', 'status']);
$token['expires_at'] = $this->getInput('expires_state')
? (new DateTime($token['expires_at']))->getTimestamp()
: 0;
$result = API::Token()->create($token);
if ($result) {
['tokenids' => $tokenids] = $result;
[['token' => $auth_token]] = API::Token()->generate($tokenids);
$response = new CControllerResponseRedirect((new CUrl('zabbix.php'))
->setArgumentSID()
->setArgument('action', $this->getInput('action_dst'))
);
[$user] = (CWebUser::$data['userid'] != $token['userid'])
? API::User()->get([
'output' => ['username', 'name', 'surname'],
'userids' => $token['userid']
])
: [CWebUser::$data];
$response->setFormData([
'name' => $token['name'],
'user' => getUserFullname($user),
'auth_token' => $auth_token,
'expires_at' => $token['expires_at'],
'description' => $token['description'],
'status' => $token['status']
]);
CMessageHelper::setSuccessTitle(_('API token added'));
}
else {
$response = new CControllerResponseRedirect((new CUrl('zabbix.php'))
->setArgument('action', $this->getInput('action_src'))
);
$response->setFormData($this->getInputAll());
CMessageHelper::setErrorTitle(_('Cannot add API token'));
}
$this->setResponse($response);
}
}
|
