Menu
▾
▴
[Nagios-checkins] SF.net SVN: nagios:[1812] nagiosvshell/trunk/vshell
|
From: <mgu...@us...> - 2011-09-19 20:21:52
|
Revision: 1812
http://nagios.svn.sourceforge.net/nagios/?rev=1812&view=rev
Author: mguthrie88
Date: 2011-09-19 20:21:45 +0000 (Mon, 19 Sep 2011)
Log Message:
-----------
Final fixes and updates for 1.8 and user-level authorizations.
Modified Paths:
--------------
nagiosvshell/trunk/vshell/INSTALL.txt
nagiosvshell/trunk/vshell/data/NagiosUser.php
nagiosvshell/trunk/vshell/data/read_perms.php
nagiosvshell/trunk/vshell/doc/CHANGELOG
nagiosvshell/trunk/vshell/doc/TODO.txt
nagiosvshell/trunk/vshell/index.php
nagiosvshell/trunk/vshell/views/hostdetails.php
nagiosvshell/trunk/vshell/views/servicedetails.php
Modified: nagiosvshell/trunk/vshell/INSTALL.txt
===================================================================
--- nagiosvshell/trunk/vshell/INSTALL.txt 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/INSTALL.txt 2011-09-19 20:21:45 UTC (rev 1812)
@@ -110,7 +110,10 @@
cgi.cfg file for Nagios Core. Most permissions for Nagios Core should be
reflected in the Nagios V-Shell as well. To get started, log into your Nagios
webserver at http://<yourserver>/vshell, and enter your Nagios Core
-authentication information.
+authentication information. Nagios V-Shell requires a valid user defined in
+the /path/to/nagios/etc/cgi.cfg file in order to display information for hosts and services.
+ NOTE: V-Shell needs a username from either an apache authentication method or the name
+need to be hard-coded into the index.php file. See the code comments for the hard-coded option.
V-Shell maintains most of the same features of Nagios Core, while utilizing
a top menu bar for site navigation. This is done to maximize space for table
Modified: nagiosvshell/trunk/vshell/data/NagiosUser.php
===================================================================
--- nagiosvshell/trunk/vshell/data/NagiosUser.php 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/data/NagiosUser.php 2011-09-19 20:21:45 UTC (rev 1812)
@@ -29,7 +29,7 @@
'authorized_for_configuration_information' => false,
'authorized_for_system_commands' => false,
'authorized_for_system_information' => false,
- 'authorized_for_read_only' => true,
+ 'authorized_for_read_only' => false,
);
/**
Modified: nagiosvshell/trunk/vshell/data/read_perms.php
===================================================================
--- nagiosvshell/trunk/vshell/data/read_perms.php 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/data/read_perms.php 2011-09-19 20:21:45 UTC (rev 1812)
@@ -60,7 +60,7 @@
}
$keywords = array('host_commands', 'hosts', 'service_commands', 'services',
- 'configuration_information', 'system_commands', 'system_information');
+ 'configuration_information', 'system_commands', 'system_information', 'read_only');
$keyword_regex = '/('.join('|', $keywords).')/';
while(!feof($cgi)) //read through file and assign host and service status into separate arrays
Modified: nagiosvshell/trunk/vshell/doc/CHANGELOG
===================================================================
--- nagiosvshell/trunk/vshell/doc/CHANGELOG 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/doc/CHANGELOG 2011-09-19 20:21:45 UTC (rev 1812)
@@ -1,3 +1,11 @@
+====September 19 - 2011 Mike Guthrie - trunk 1.8
+- Implemented major revisions to the permissions in V-Shell
+ - User-level viewing permissions now match Nagios Core. Users can only see objects they are contacts for unless specified otherwise in the cgi.cfg file
+ - Read-only users specified in the cgi.cfg are now implemented
+ - A valid user from either HTTP Basic, HTTP Digest, or hard-coded in the index.php file is now required in order utilize the V-Shell interface
+ - Checks added to prevent users from viewing information from a direct URL get request.
+
+
====August 12th - 2011 Mike Guthrie - trunk 1.7
- Implemented gettext support submitted by Wesley Zhao
- Rewrote install script to have user feedback and more flexibility with Ubuntu/Debian installs
Modified: nagiosvshell/trunk/vshell/doc/TODO.txt
===================================================================
--- nagiosvshell/trunk/vshell/doc/TODO.txt 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/doc/TODO.txt 2011-09-19 20:21:45 UTC (rev 1812)
@@ -12,8 +12,6 @@
CONTROLLER
-*** - need ability to filter hosts and services by contact. Read only users who are contacts for specific hosts should onl be able to view their hosts and child services.
-
-create filter function based on monitoring features from Tactical Overview
- update xml viewer for all pages and insert links into pages
##There is an xml builder built into the V-Shell, although it's not fully implemented yet. If you pass the arguments index.php?xml=hosts you'll see what I mean. I've only added this for some things so far, but it basically just turns an array into xml data and writes it to an xml file in the tmp directory.
Modified: nagiosvshell/trunk/vshell/index.php
===================================================================
--- nagiosvshell/trunk/vshell/index.php 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/index.php 2011-09-19 20:21:45 UTC (rev 1812)
@@ -67,7 +67,7 @@
init_vshell();
//needs a username to do anything
-if($username) //if logged in, display the page
+if($NagiosUser->get_username()) //if logged in, display the page
{
//set_perms($username); //set global $authorization
page_router();
Modified: nagiosvshell/trunk/vshell/views/hostdetails.php
===================================================================
--- nagiosvshell/trunk/vshell/views/hostdetails.php 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/views/hostdetails.php 2011-09-19 20:21:45 UTC (rev 1812)
@@ -43,7 +43,7 @@
";
- if($NagiosUser->if_has_authKey('authorized_for_all_host_commands'))
+ if(!$NagiosUser->if_has_authKey('authorized_for_read_only'))
$page.="
<fieldset class='attributes'>
@@ -86,18 +86,24 @@
<!-- begin comment table -->
<div class='commentTable'>
+ ";
+
+ if(!$NagiosUser->if_has_authKey('authorized_for_read_only'))
+ {
+ $page .="
<h5 class='commentTable'>".gettext('Comments')."</h5>
<p class='commentTable'><a class='label' href='{$dets['AddComment']}' title='".gettext('Add Comment')."'>".gettext('Add Comment')."</a></p>
- <table class='commentTable'><tr><th>".gettext('Author')."</th><th>".gettext('Entry Time')."</th><th>".gettext('Comment')."</th><th>".gettext('Actions')."</th></tr>
- ";
- //host comments table from Nagios core
-
- //print host comments in table rows if any exist
- //see display_functions.php for function
- $page .= get_host_comments($dets['Host']);
- //close comment table
- $page .= '</table>';
+ <table class='commentTable'><tr><th>".gettext('Author')."</th><th>".gettext('Entry Time')."</th><th>".gettext('Comment')."</th><th>".gettext('Actions')."</th></tr>
+ ";
+ //host comments table from Nagios core
+
+ //print host comments in table rows if any exist
+ //see display_functions.php for function
+ $page .= get_host_comments($dets['Host']);
+ //close comment table
+ $page .= '</table>';
+ }
$page.='</div><br />';
return $page;
}
Modified: nagiosvshell/trunk/vshell/views/servicedetails.php
===================================================================
--- nagiosvshell/trunk/vshell/views/servicedetails.php 2011-09-19 19:52:48 UTC (rev 1811)
+++ nagiosvshell/trunk/vshell/views/servicedetails.php 2011-09-19 20:21:45 UTC (rev 1812)
@@ -95,7 +95,7 @@
<div class='rightContainer'>
";
- if($NagiosUser->if_has_authKey('authorized_for_all_service_commands'))
+ if(!$NagiosUser->if_has_authKey('authorized_for_read_only'))
$page.="
<fieldset class='attributes'>
<legend>".gettext('Service Attributes')."</legend>
@@ -134,15 +134,21 @@
<!-- begin comment table -->
<div class='commentTable'>
- <h5 class='commentTable'>".gettext('Comments')."</h5>
- <p class='commentTable'><a class='label' href='{$dets['AddComment']}' title='".gettext('Add Comment')."'>".gettext('Add Comment')."</a></p>
- <table class='commentTable'><tr><th>".gettext('Author')."</th><th>".gettext('Entry Time')."</th><th>".gettext('Comment')."</th><th>".gettext('Actions')."</th></tr>
- ";
- //print service comments in table rows if any exist
- //see display_functions.php for function
- $page .= get_service_comments($dets['Host'], $dets['Service']);
- //close comment table
- $page .= '</table>';
+ ";
+
+ if(!$NagiosUser->if_has_authKey('authorized_for_read_only'))
+ {
+ $page.="
+ <h5 class='commentTable'>".gettext('Comments')."</h5>
+ <p class='commentTable'><a class='label' href='{$dets['AddComment']}' title='".gettext('Add Comment')."'>".gettext('Add Comment')."</a></p>
+ <table class='commentTable'><tr><th>".gettext('Author')."</th><th>".gettext('Entry Time')."</th><th>".gettext('Comment')."</th><th>".gettext('Actions')."</th></tr>
+ ";
+ //print service comments in table rows if any exist
+ //see display_functions.php for function
+ $page .= get_service_comments($dets['Host'], $dets['Service']);
+ //close comment table
+ $page .= '</table>';
+ }
$page.='</div><br />';
return $page;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|