[ZBX-12023] Trigger permissions don't work properly Created: 2017 Apr 07 Updated: 2018 Feb 16 Resolved: 2018 Feb 16 |
|
Status: | Closed |
Project: | ZABBIX BUGS AND ISSUES |
Component/s: | API (A) |
Affects Version/s: | 3.0.7 |
Fix Version/s: | 2.2.19rc1, 3.0.10rc1, 3.2.7rc1, 3.4.0alpha1 |
Type: | Incident report | Priority: | Major |
Reporter: | Maksims Tarleckis (Inactive) | Assignee: | Unassigned |
Resolution: | Fixed | Votes: | 0 |
Labels: | events, graphprototypes, graphs, permissions, triggerprototypes, triggers | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | 2_2_ZBX_12023.patch 3_0_ZBX_12023.patch 3_2_ZBX_12023.patch |
Team: | Team B |
Story Points: | 14 |
Description |
Triggers was not allowed for user if even one of related hosts in expression is not included to host group for that user. Steps to reproduce for
ACTUAL RESULT: curl --request POST \ --url http://localhost/zabbix30/api_jsonrpc.php \ --header 'cache-control: no-cache' \ --header 'content-type: application/json' \ --data '{\n "jsonrpc": "2.0",\n "method": "event.get",\n "params": {\n "output": "extend",\n "select_acknowledges": "extend",\n "selectTags": "extend",\n "sortfield": ["clock", "eventid"],\n "sortorder": "DESC",\n "limit": 10\n },\n "auth": "d806c25e68ae49c591b6e0de4f63b854",\n "id": 1\n}' but can't see triggers curl --request POST \ --url http://localhost/zabbix30/api_jsonrpc.php \ --header 'cache-control: no-cache' \ --header 'content-type: application/json' \ --data '{\n "jsonrpc": "2.0",\n "method": "trigger.get",\n "params": {\n "output": "extend",\n "select_acknowledges": "extend",\n "selectTags": "extend",\n "limit": 10\n },\n "auth": "5e5feacab92f9a8f335ba1310be6b4a3",\n "id": 1\n}' EXPECTED RESULT: |
Comments |
Comment by Alexander Vladishev [ 2017 Jun 01 ] |
Permissions in triggers.get() method works as expected. event.get() and problem.get() methods are fixed with
event.get() method is fixed in:
|
Comment by Ivo Kurzemnieks [ 2018 Feb 14 ] |
(1) No translation string changes. sasha CLOSED |
Comment by Ivo Kurzemnieks [ 2018 Feb 14 ] |
(2) [D] API documentation has no mentions about this. And changelog "fixed permission issue with event.get method" is just too cryptic for any user to understand what has been fixed. I understand that the issue was that event.get (and problem.get) returned events that were generated from triggers that belong to multiple groups and user had permissions to only one group. If that is so, why not write that in changelog and API documentation? sasha WON'T FIX |