Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-8448

A Zabbix Admin without "Super Admin" permission but just "Admin" rights can not edit a Host if it belongs to both a Read-Write and Read-Only "User Group".

    Details

      Description

      A Zabbix Admin without "Super Admin" permission but just "Admin" rights can not edit a Host if it belongs to both a Read-Write and Read-Only "User Group".

      Steps to recreate the problem:

      1. Create host groups "Test/Admin_Rights" and "Test/Read-Only_Rights"
      2. Create a host named "Host_Test" and add it to host groups "Test/Admin_Rights" and "Test/Read-Only_Rights"
      3. Create a user group "User_Test_Group" and give group permissions as follows:
      Read-Write -> "Test/Admin_Rights"
      Read-Only -> "Test/Read-Only_Rights"
      4. Create a user "Zabbix_Test" with only "Admin" rights (not superadmin) and assign user group "User_Test_Group" from step 3.
      5. Login with user "Zabbix_Test"
      6. Try and modify "Host_Test": Configuration -> Hosts -> "Host_Test" -> "Save"
      7. Permission error is thrown:
      No permissions to referred object or it does not exist! [hosts.php:482 ? CAPIObject->update() ? CAPIObject->__call() ? czbxrpc::call() ? czbxrpc::callAPI() ? call_user_func() ? CHost->update() ? CHost->massUpdate() ? CHost->massRemove() ? CHostGeneral->massRemove() ? CHostGroup->massRemove() ? CZBXAPI::exception() in /var/www/html/zabbix.dev.cbeyond.net/api/classes/CHostGroup.php:842]

      Error is thrown since Zabbix_Test user does not have read-write access to the "Test/Read-Only_Rights" host group under permissions but the host is in "Test/Admin_Rights" which the user has read-write access to.

      If you view the user permissions it shows "Host Test" has read-write rights.

      Screen shots provide.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                palmertree Kenneth Palmertree
              • Votes:
                1 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: