[ZBXNEXT-1076] Map is unavailable if rights are removed from an item in a submap Created: 2012 Jan 10 Updated: 2017 Sep 29 Resolved: 2017 Aug 24 |
|
Status: | Closed |
Project: | ZABBIX FEATURE REQUESTS |
Component/s: | API (A), Frontend (F) |
Affects Version/s: | 1.8.9 |
Fix Version/s: | 3.4.0alpha1, 3.4 (plan), 4.0.0alpha1, 4.0 (plan) |
Type: | Change Request | Priority: | Minor |
Reporter: | Dennis Kanbier | Assignee: | Unassigned |
Resolution: | Fixed | Votes: | 2 |
Labels: | maps, permissions | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Zabbix Server OS: CentOS 5 |
Attachments: | label_permissions.png | ||||||||
Issue Links: |
|
||||||||
Epic Link: | DEV-561 | ||||||||
Sprint: | Sprint 9, Sprint 10, Sprint 11, Sprint 12, Sprint 13, Sprint 14, Sprint 15 | ||||||||
Story Points: | 1 |
Description |
When view rights are removed (in our case by accident) from a component of a submap, the entire map structure which involves this component and map becomes unavailable. The feature request would be to instead of making the entire map and submaps unavailable, create an icon for the unavailable component. This way the map will be available, and it is easy to discover the component without the viewing rights. Miks.Kronkalns] |
Comments |
Comment by richlv [ 2012 Jan 10 ] |
this would result in cases where user sees a map with tons of "unavailable" icons and maybe on available only... probably not feasible without a more global permission system redesign |
Comment by Dennis Kanbier [ 2012 Jan 10 ] |
that is true, it is a possible outcome. However, because of the use of an "unavailable" icon the problem would be clear immediately where as of now it's anybody's guess why a map is not working. Not sure what solution would be the better. |
Comment by Volker Fröhlich [ 2014 Nov 04 ] |
Remotely connected to |
Comment by Rostislav Palivoda [ 2017 Jun 21 ] |
(1) Discussed - if no access to element we show only icon of this element, but no labels and other texts. Miks.Kronkalns Requirement included in spec. https://documentation.zabbix.lan/specifications/3.4/zbxnext-3732/changes-in-map-api and RESOLVED in svn://svn.zabbix.com/branches/dev/ZBXNEXT-1076 iivs Which revision? @Miks RESOLVED in r69429, r69451, r69466 oleg.egorov More coding style issues:
Miks.Kronkalns RESOLVED in r70531. oleg.egorov CLOSED |
Comment by Rostislav Palivoda [ 2017 Jun 22 ] |
(2) If user has no access to the submap this trigger should not be shown in triggers count. Test performance degradation. Miks.Kronkalns CLOSED as duplicate of |
Comment by Rostislav Palivoda [ 2017 Jun 28 ] |
(3) Icon shadowing should be improved, 50% from original. Miks.Kronkalns Requirement included in spec. https://documentation.zabbix.lan/specifications/3.4/zbxnext-3732/changes-in-map-api and RESOLVED in svn://svn.zabbix.com/branches/dev/ZBXNEXT-1076 iivs Which revision? What is shadowing anyway? Miks.Kronkalns Revisions in which this is done are r69453, r69463. Shadowing is not used and I have no idea what it is, but latest decision was to provide different effects to our design team to choose from. It is not still known what effects will be used for inaccessible elements. In any case, this subissue is not relevant to what is known so far. oleg.egorov Before in 3.2 if request empty /php/imgstore.php was white screen, now is Undefined offset: 4 [imgstore.php:41 → check_fields) → checl_fields() im include\validate.inc.php:262] Undefined offset: 4 [imgstore.php:41 → check_fields) → unset_if_zero() im include\validate.inc.php:97] Is not critical issue, but it is new undefined offset Miks.Kronkalns RESOLVED in r70494. oleg.egorov CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 04 ] |
(4) [A] have_selements_available has been implemented and is now returned for user. Miks.Kronkalns RESOLVED in r69776. iivs CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 04 ] |
(5) [A] selements property is now always visible for admins and superadmins even if it was not requested. Miks.Kronkalns Resolved in r69776. iivs CMap.php: L324 wrong indentation. REOPENED Miks.Kronkalns RESOLVED in r69981. iivs CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 04 ] |
(6) [AF] Maps with one element that has deny permissions should not be available at all.Having such maps upon opening in view or editor there are multiple errors on page. Same errors can be viewed when one of the elements have deny permissions. This also heavily affects having submaps. Miks.Kronkalns Can not reproduce. Most likely RESOLVED by r69962. iivs Not a reasuring sentence. You should update to older revision and check for your self whether it is the correct one or not. CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 04 ] |
(7) [AF] Links to triggers that have Deny permissions are always available and also cause errors in map constructor. Miks.Kronkalns RESOLVED in r69962. iivs CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 04 ] |
(8) [A] Regular user can no longer see a public map with no elements. Miks.Kronkalns RESOLVED in r69784. iivs selements_available is compared to 0, but there are three values in total: 0, -1 and 1. And that confuses me. It wouldn't matter if it's 1 or -1 it's still not 0. REOPENED Miks.Kronkalns 3 options was used to differ cases when user has element to at least one element in the map, when user has no access to elements in the map and when user has no access to elements in the map, but just because there are no elements present But now it's history and new after major changes, the old solution is gone. RESOLVED in r69962. iivs CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 05 ] |
(9) [AF] Users with Read-write sharing or owners are able to access contructor, properties and even delete maps that have elements with deny permissions. Miks.Kronkalns RESOLVED in r69977. iivs A regular admin with read-write has links to constructor and properties that lead to no permissions page. REOPENED Miks.Kronkalns RESOLVED in r70009. iivs CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 05 ] |
(10) [AF] Regular admins with Read sharing or owners are able to access constructor, properties and even delete maps that have elements with deny permissions. Miks.Kronkalns RESOLVED in r69977. iivs CLOSED |
Comment by Ivo Kurzemnieks [ 2017 Jul 05 ] |
(11) [F] Missing grayscaled icon in case user has deny permissions to host group element. Miks.Kronkalns RESOLVED in r69962. iivs CLOSED |
Comment by Miks Kronkalns [ 2017 Jul 07 ] |
(12) [A] Rename current property available to rights and use constancies like PERM_DENY and PERM_NONE to specify a state of rights. Document changes in spec. Miks.Kronkalns RESOLVED in r69962. Miks.Kronkalns REOPENED. Rename rights to permission. Miks.Kronkalns RESOLVED in r69978.
REOPENED Miks.Kronkalns RESOLVED in r70032. oleg.egorov CLOSED |
Comment by Miks Kronkalns [ 2017 Jul 10 ] |
(13) No translation string changes. iivs CLOSED |
Comment by Miks Kronkalns [ 2017 Jul 27 ] |
Merged in |
Comment by Martins Valkovskis [ 2017 Jul 31 ] |
(22) Updated general documentation: Please review. RESOLVED. Miks.Kronkalns REOPENED martins-v Added "However, trigger label is visible even if the user has no permission to the trigger." RESOLVED Miks.Kronkalns Thank you! CLOSED, but please consider to add same sentence also in "What's new" and "Upgrade notes" sections. sasha This page must be also updated. REOPENED Miks.Kronkalns martins-v Updated sections:
RESOLVED Miks.Kronkalns CLOSED |