Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-12023

Trigger permissions don't work properly

XMLWordPrintable

    • 14

      Triggers was not allowed for user if even one of related hosts in expression is not included to host group for that user.

      Steps to reproduce for

      • go to fronted of Zabbix v3.0.* (also can be re-producible on later versions) with PostgreSQL
      • add user: zbx9774
      • add user group: group-1
      • add user group: group-2
      • add user group: group-3
      • add host: TEST
      • add host: TEST2
      • add host: TEST3
      • add hostgroup: gTEST (with host TEST)
      • add hostgroup: gTEST2 (with host TEST2, TEST3)
      • add item: trap1 (for host TEST)
      • add item: trap2 (for host TEST2)
      • add item: trap3 (for host TEST3)
      • add trigger: (for host TEST) with expression: {TEST:trap1.last()}=1 or {TEST2:trap2.last()}=1 or {TEST3:trap3.last()}=1
      • run ./zabbix_sender -vv -z localhost -s "TEST" -k trap1 -o 1
      • run ./zabbix_sender -vv -z localhost -s "TEST2" -k trap2 -o 1
      • run ./zabbix_sender -vv -z localhost -s "TEST3" -k trap3 -o 1
      • for user-group:group-1 add read/write perm. for gTEST
      • login as zbx9774
      • goto Monitoring -> Problems (Monitoring -> Events for old frontend)

      ACTUAL RESULT:
      user can't see any events by this trigger
      Through API user can see all events:

      curl --request POST \
  --url http://localhost/zabbix30/api_jsonrpc.php \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{\n    "jsonrpc": "2.0",\n    "method": "event.get",\n    "params": {\n        "output": "extend",\n        "select_acknowledges": "extend",\n        "selectTags": "extend",\n        "sortfield": ["clock", "eventid"],\n        "sortorder": "DESC",\n        "limit": 10\n    },\n    "auth": "d806c25e68ae49c591b6e0de4f63b854",\n    "id": 1\n}'

      but can't see triggers

      curl --request POST \
  --url http://localhost/zabbix30/api_jsonrpc.php \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{\n    "jsonrpc": "2.0",\n    "method": "trigger.get",\n    "params": {\n        "output": "extend",\n        "select_acknowledges": "extend",\n        "selectTags": "extend",\n        "limit": 10\n    },\n    "auth": "5e5feacab92f9a8f335ba1310be6b4a3",\n    "id": 1\n}'

      EXPECTED RESULT:
      user should see all events on ./events.php page and can fetch trigger through API

        1. 2_2_ZBX_12023.patch
          3 kB
        2. 3_0_ZBX_12023.patch
          3 kB
        3. 3_2_ZBX_12023.patch
          1 kB

            Unassigned Unassigned
            maximt Maksims Tarleckis (Inactive)
            Team B
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: