1<?php
2/*
3** Zabbix
4** Copyright (C) 2001-2021 Zabbix SIA
5**
6** This program is free software; you can redistribute it and/or modify
7** it under the terms of the GNU General Public License as published by
8** the Free Software Foundation; either version 2 of the License, or
9** (at your option) any later version.
10**
11** This program is distributed in the hope that it will be useful,
12** but WITHOUT ANY WARRANTY; without even the implied warranty of
13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14** GNU General Public License for more details.
15**
16** You should have received a copy of the GNU General Public License
17** along with this program; if not, write to the Free Software
18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19**/
20
21
22require_once dirname(__FILE__).'/include/config.inc.php';
23require_once dirname(__FILE__).'/include/screens.inc.php';
24require_once dirname(__FILE__).'/include/ident.inc.php';
25require_once dirname(__FILE__).'/include/forms.inc.php';
26require_once dirname(__FILE__).'/include/maps.inc.php';
27
28if (hasRequest('action') && getRequest('action') == 'screen.export' && hasRequest('screens')) {
29	$isExportData = true;
30
31	$page['type'] = detect_page_type(PAGE_TYPE_XML);
32	$page['file'] = 'zbx_export_screens.xml';
33}
34else {
35	$isExportData = false;
36
37	$page['type'] = detect_page_type(PAGE_TYPE_HTML);
38	$page['title'] = _('Configuration of screens');
39	$page['file'] = 'screenconf.php';
40	$page['scripts'] = ['multiselect.js'];
41}
42
43require_once dirname(__FILE__).'/include/page_header.php';
44
45// VAR	TYPE	OPTIONAL	FLAGS	VALIDATION	EXCEPTION
46$fields = [
47	'screens' =>		[T_ZBX_INT, O_OPT, P_SYS,	DB_ID,			null],
48	'screenid' =>		[T_ZBX_INT, O_NO,	P_SYS,	DB_ID,			'isset({form}) && {form} == "update"'],
49	'templateid' =>		[T_ZBX_INT, O_OPT, P_SYS,	DB_ID,			null],
50	'name' =>			[T_ZBX_STR, O_OPT, null,	NOT_EMPTY,		'isset({add}) || isset({update})', _('Name')],
51	'hsize' =>			[T_ZBX_INT, O_OPT, null,	BETWEEN(SCREEN_MIN_SIZE, SCREEN_MAX_SIZE),
52		'isset({add}) || isset({update})', _('Columns')
53	],
54	'vsize' =>			[T_ZBX_INT, O_OPT, null,	BETWEEN(SCREEN_MIN_SIZE, SCREEN_MAX_SIZE),
55		'isset({add}) || isset({update})', _('Rows')
56	],
57	'userid' =>			[T_ZBX_INT, O_OPT, P_SYS,	DB_ID,			null],
58	'private' =>		[T_ZBX_INT, O_OPT, null,	BETWEEN(0, 1),	null],
59	'users' =>			[T_ZBX_INT, O_OPT, null,	null,			null],
60	'userGroups' =>		[T_ZBX_INT, O_OPT, null,	null,			null],
61	// actions
62	'action' =>			[T_ZBX_STR, O_OPT, P_SYS|P_ACT, IN('"screen.export","screen.massdelete"'),		null],
63	'add' =>			[T_ZBX_STR, O_OPT, P_SYS|P_ACT, null,		null],
64	'update' =>			[T_ZBX_STR, O_OPT, P_SYS|P_ACT, null,		null],
65	'delete' =>			[T_ZBX_STR, O_OPT, P_SYS|P_ACT, null,		null],
66	'cancel' =>			[T_ZBX_STR, O_OPT, P_SYS,	null,			null],
67	'form' =>			[T_ZBX_STR, O_OPT, P_SYS,	null,			null],
68	'form_refresh' =>	[T_ZBX_INT, O_OPT, null,	null,			null],
69	// filter
70	'filter_set' =>		[T_ZBX_STR, O_OPT, P_SYS,	null,			null],
71	'filter_rst' =>		[T_ZBX_STR, O_OPT, P_SYS,	null,			null],
72	'filter_name' =>	[T_ZBX_STR, O_OPT, null,	null,			null],
73	// sort and sortorder
74	'sort' =>					[T_ZBX_STR, O_OPT, P_SYS, IN('"name"'),								null],
75	'sortorder' =>				[T_ZBX_STR, O_OPT, P_SYS, IN('"'.ZBX_SORT_DOWN.'","'.ZBX_SORT_UP.'"'),	null]
76];
77check_fields($fields);
78
79CProfile::update('web.screenconf.config', getRequest('config', 0), PROFILE_TYPE_INT);
80
81/*
82 * Permissions
83 */
84if (hasRequest('screenid')) {
85	if (hasRequest('templateid')) {
86		$screens = API::TemplateScreen()->get([
87			'output' => ['screenid', 'name', 'hsize', 'vsize', 'templateid'],
88			'screenids' => getRequest('screenid'),
89			'editable' => true
90		]);
91	}
92	else {
93		$screens = API::Screen()->get([
94			'output' => ['screenid', 'name', 'hsize', 'vsize', 'templateid', 'userid', 'private'],
95			'selectUsers' => ['userid', 'permission'],
96			'selectUserGroups' => ['usrgrpid', 'permission'],
97			'screenids' => getRequest('screenid'),
98			'editable' => true
99		]);
100	}
101
102	if (!$screens) {
103		access_deny();
104	}
105
106	$screen = reset($screens);
107}
108else {
109	$screen = [];
110}
111
112/*
113 * Export
114 */
115if ($isExportData) {
116	$screens = getRequest('screens', []);
117
118	$export = new CConfigurationExport(['screens' => $screens]);
119	$export->setBuilder(new CConfigurationExportBuilder());
120	$export->setWriter(CExportWriterFactory::getWriter(CExportWriterFactory::XML));
121	$exportData = $export->export();
122
123	if (hasErrorMesssages()) {
124		show_messages();
125	}
126	else {
127		print($exportData);
128	}
129
130	exit;
131}
132
133/*
134 * Actions
135 */
136if (hasRequest('add') || hasRequest('update')) {
137	DBstart();
138
139	if (hasRequest('update')) {
140		$screen = [
141			'screenid' => getRequest('screenid'),
142			'name' => getRequest('name'),
143			'hsize' => getRequest('hsize'),
144			'vsize' => getRequest('vsize')
145		];
146
147		$messageSuccess = _('Screen updated');
148		$messageFailed = _('Cannot update screen');
149
150		if (hasRequest('templateid')) {
151			$screenOld = API::TemplateScreen()->get([
152				'screenids' => getRequest('screenid'),
153				'output' => API_OUTPUT_EXTEND,
154				'editable' => true
155			]);
156			$screenOld = reset($screenOld);
157
158			$result = API::TemplateScreen()->update($screen);
159		}
160		else {
161			$screen['userid'] = getRequest('userid', '');
162			$screen['private'] = getRequest('private', PRIVATE_SHARING);
163			$screen['users'] = getRequest('users', []);
164			$screen['userGroups'] = getRequest('userGroups', []);
165
166			// Only administrators can set screen owner.
167			if (CWebUser::getType() == USER_TYPE_ZABBIX_USER) {
168				unset($screen['userid']);
169			}
170			// Screen update with inaccessible user.
171			elseif (CWebUser::getType() == USER_TYPE_ZABBIX_ADMIN && $screen['userid'] === '') {
172				$user_exist = API::User()->get([
173					'output' => ['userid'],
174					'userids' => [$screen['userid']]
175				]);
176
177				if (!$user_exist) {
178					unset($screen['userid']);
179				}
180			}
181
182			$screenOld = API::Screen()->get([
183				'screenids' => getRequest('screenid'),
184				'output' => API_OUTPUT_EXTEND,
185				'editable' => true
186			]);
187			$screenOld = reset($screenOld);
188
189			$result = API::Screen()->update($screen);
190		}
191
192		if ($result) {
193			add_audit_ext(AUDIT_ACTION_UPDATE, AUDIT_RESOURCE_SCREEN, $screen['screenid'], $screen['name'], 'screens',
194				$screenOld, $screen
195			);
196		}
197	}
198	else {
199		$screen = [
200			'name' => getRequest('name'),
201			'hsize' => getRequest('hsize'),
202			'vsize' => getRequest('vsize')
203		];
204
205		$messageSuccess = _('Screen added');
206		$messageFailed = _('Cannot add screen');
207
208		if (hasRequest('templateid')) {
209			$screen['templateid'] = getRequest('templateid');
210
211			$screenids = API::TemplateScreen()->create($screen);
212		}
213		else {
214			$screen['userid'] = getRequest('userid', '');
215			$screen['private'] = getRequest('private', PRIVATE_SHARING);
216			$screen['users'] = getRequest('users', []);
217			$screen['userGroups'] = getRequest('userGroups', []);
218
219			$screenids = API::Screen()->create($screen);
220		}
221
222		$result = (bool) $screenids;
223
224		if ($result) {
225			$screenid = reset($screenids);
226			$screenid = reset($screenid);
227
228			add_audit_details(AUDIT_ACTION_ADD, AUDIT_RESOURCE_SCREEN, $screenid, $screen['name']);
229		}
230	}
231
232	$result = DBend($result);
233
234	if ($result) {
235		unset($_REQUEST['form'], $_REQUEST['screenid']);
236		uncheckTableRows();
237	}
238	show_messages($result, $messageSuccess, $messageFailed);
239}
240elseif ((hasRequest('delete') && hasRequest('screenid'))
241		|| (hasRequest('action') && getRequest('action') === 'screen.massdelete' && hasRequest('screens'))) {
242	$screenids = getRequest('screens', []);
243	if (hasRequest('screenid')) {
244		$screenids[] = getRequest('screenid');
245	}
246
247	DBstart();
248
249	$screens = API::Screen()->get([
250		'screenids' => $screenids,
251		'output' => API_OUTPUT_EXTEND,
252		'editable' => true
253	]);
254
255	if ($screens) {
256		$result = API::Screen()->delete($screenids);
257
258		if ($result) {
259			foreach ($screens as $screen) {
260				add_audit_details(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_SCREEN, $screen['screenid'], $screen['name']);
261			}
262		}
263	}
264	else {
265		$result = API::TemplateScreen()->delete($screenids);
266
267		if ($result) {
268			$templatedScreens = API::TemplateScreen()->get([
269				'screenids' => $screenids,
270				'output' => API_OUTPUT_EXTEND,
271				'editable' => true
272			]);
273
274			foreach ($templatedScreens as $screen) {
275				add_audit_details(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_SCREEN, $screen['screenid'], $screen['name']);
276			}
277		}
278	}
279
280	$result = DBend($result);
281
282	if ($result) {
283		unset($_REQUEST['screenid'], $_REQUEST['form']);
284		uncheckTableRows();
285	}
286	show_messages($result, _('Screen deleted'), _('Cannot delete screen'));
287}
288
289/*
290 * Display
291 */
292if (hasRequest('form')) {
293	$current_userid = CWebUser::$data['userid'];
294	$userids[$current_userid] = true;
295	$user_groupids = [];
296
297	if (!hasRequest('templateid') && (!array_key_exists('templateid', $screen) || !$screen['templateid'])) {
298		if (!hasRequest('screenid') || hasRequest('form_refresh')) {
299			// Screen owner.
300			$screen_owner = getRequest('userid', $current_userid);
301			$userids[$screen_owner] = true;
302
303			foreach (getRequest('users', []) as $user) {
304				$userids[$user['userid']] = true;
305			}
306
307			foreach (getRequest('userGroups', []) as $user_group) {
308				$user_groupids[$user_group['usrgrpid']] = true;
309			}
310		}
311		else {
312			// Screen owner.
313			$userids[$screen['userid']] = true;
314
315			foreach ($screen['users'] as $user) {
316				$userids[$user['userid']] = true;
317			}
318
319			foreach ($screen['userGroups'] as $user_group) {
320				$user_groupids[$user_group['usrgrpid']] = true;
321			}
322		}
323
324		$data['users'] = API::User()->get([
325			'output' => ['userid', 'alias', 'name', 'surname'],
326			'userids' => array_keys($userids),
327			'preservekeys' => true
328		]);
329
330		$data['user_groups'] = API::UserGroup()->get([
331			'output' => ['usrgrpid', 'name'],
332			'usrgrpids' => array_keys($user_groupids),
333			'preservekeys' => true
334		]);
335	}
336
337	if (!hasRequest('screenid') || hasRequest('form_refresh')) {
338		$data['screen'] = [
339			'screenid' => getRequest('screenid'),
340			'name' => getRequest('name', ''),
341			'hsize' => getRequest('hsize', 1),
342			'vsize' => getRequest('vsize', 1)
343		];
344
345		if (hasRequest('templateid')) {
346			$data['screen']['templateid'] = getRequest('templateid');
347		}
348		else {
349			$data['screen']['userid'] = getRequest('userid', hasRequest('form_refresh') ? '' : $current_userid);
350			$data['screen']['private'] = getRequest('private', PRIVATE_SHARING);
351			$data['screen']['users'] = getRequest('users', []);
352			$data['screen']['userGroups'] = getRequest('userGroups', []);
353			$data['screen']['templateid'] = null;
354		}
355	}
356	else {
357		$data['screen'] = $screen;
358	}
359
360	$data['form'] = getRequest('form');
361	$data['current_user_userid'] = $current_userid;
362	$data['form_refresh'] = getRequest('form_refresh');
363
364	// render view
365	$screenView = new CView('monitoring.screen.edit', $data);
366	$screenView->render();
367	$screenView->show();
368}
369else {
370	CProfile::delete('web.screens.elementid');
371
372	$sortField = getRequest('sort', CProfile::get('web.'.$page['file'].'.sort', 'name'));
373	$sortOrder = getRequest('sortorder', CProfile::get('web.'.$page['file'].'.sortorder', ZBX_SORT_UP));
374
375	CProfile::update('web.'.$page['file'].'.sort', $sortField, PROFILE_TYPE_STR);
376	CProfile::update('web.'.$page['file'].'.sortorder', $sortOrder, PROFILE_TYPE_STR);
377
378	$config = select_config();
379
380	$data = [
381		'templateid' => getRequest('templateid'),
382		'sort' => $sortField,
383		'sortorder' => $sortOrder
384	];
385
386	if ($data['templateid']) {
387		$data['screens'] = API::TemplateScreen()->get([
388			'output' => ['screenid', 'name', 'hsize', 'vsize'],
389			'templateids' => $data['templateid'],
390			'sortfield' => $sortField,
391			'limit' => $config['search_limit'] + 1,
392			'editable' => true,
393			'preservekeys' => true
394		]);
395	}
396	else {
397		if (hasRequest('filter_set')) {
398			CProfile::update('web.screenconf.filter_name', getRequest('filter_name', ''), PROFILE_TYPE_STR);
399		}
400		elseif (hasRequest('filter_rst')) {
401			DBStart();
402			CProfile::delete('web.screenconf.filter_name');
403			DBend();
404		}
405
406		$data['filter'] = [
407			'name' => CProfile::get('web.screenconf.filter_name', '')
408		];
409
410		$data['screens'] = API::Screen()->get([
411			'output' => ['screenid', 'name', 'hsize', 'vsize'],
412			'sortfield' => $sortField,
413			'limit' => $config['search_limit'] + 1,
414			'search' => [
415				'name' => ($data['filter']['name'] === '') ? null : $data['filter']['name']
416			],
417			'preservekeys' => true
418		]);
419
420		$user_type = CWebUser::getType();
421
422		if ($user_type != USER_TYPE_SUPER_ADMIN && $user_type != USER_TYPE_ZABBIX_ADMIN) {
423			$editable_screens = API::Screen()->get([
424				'output' => [],
425				'screenids' => array_keys($data['screens']),
426				'editable' => true,
427				'preservekeys' => true
428			]);
429
430			foreach ($data['screens'] as &$screen) {
431				$screen['editable'] = array_key_exists($screen['screenid'], $editable_screens);
432			}
433			unset($screen);
434		}
435	}
436	order_result($data['screens'], $sortField, $sortOrder);
437
438	// paging
439	$data['paging'] = getPagingLine($data['screens'], $sortOrder, new CUrl('screenconf.php'));
440
441	// render view
442	$screenView = new CView('monitoring.screen.list', $data);
443	$screenView->render();
444	$screenView->show();
445}
446
447require_once dirname(__FILE__).'/include/page_footer.php';
448