[ZBXNEXT-2581] Return permissions with usergroup.get Created: 2014 Nov 10  Updated: 2015 Oct 17  Resolved: 2015 Oct 17

Status: Closed
Project: ZABBIX FEATURE REQUESTS
Component/s: API (A)
Affects Version/s: 2.2.6
Fix Version/s: 3.0.0alpha2

Type: New Feature Request Priority: Blocker
Reporter: richlv Assignee: Unassigned
Resolution: Fixed Votes: 7
Labels: patch, permissions
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: Text File CUserGroup.php-patch-2.4.txt     File usergroup.get.select_rights-1.8.patch    
Issue Links:
Duplicate

 Description   

api usergroup methods "create" and "update" allow to set permissions/rights, but there is no way to actually query/retrieve permissions - usergroup.get does not support that.

Specification

 Comments   
Comment by Pavels Jelisejevs (Inactive) [ 2014 Nov 12 ]

Here's a simple patch that implements a "select_rights" parameter for usergroup.get for 1.8 .

Comment by Alain Ganuchaud [ 2015 Jan 02 ]

Same idea for version 2.4 (tested with 2.4.3): method usergroup.get with a new parameter selectUsrgrpRights.

Comment by Gunars Pujats (Inactive) [ 2015 Aug 31 ]

(1) No translation strings changed.

iivs CLOSED.

Comment by Gunars Pujats (Inactive) [ 2015 Aug 31 ]

RESOLVED in development branch svn://svn.zabbix.com/branches/dev/ZBXNEXT-2581

Comment by Ivo Kurzemnieks [ 2015 Sep 01 ]

(2) Having no users assigned to a user group, the request is not returning rights, but it should. This is due to incorrect usage of relation map.

gunarspujats RESOLVED in r55332.

iivs Now relation map is removed. I think it is better to create relation map and use primary key in rights table. See (6).
CLOSED.

Comment by Ivo Kurzemnieks [ 2015 Sep 01 ]

(3) If user is not superadmin, but normal admin it should not see IDs with DENY permission. Only READ and READ-WRITE permissions should be displayed.
(specification updated).

gunarspujats RESOLVED in r55332.

iivs dbConditionInt() is not efficent to use for single variable, so I propose to write it like this: 

'r.permission>'.PERM_DENY

See (6).
CLOSED.

Comment by Ivo Kurzemnieks [ 2015 Sep 01 ]

(4) Please follow the specification:

  • the new option should be named more readable like "selectRights" instead of "selectUsrgrpRights";
  • the output property should be named "rights" not "usrgrprights";
  • output should have "permission" and "id" instead of plain key and value.

gunarspujats RESOLVED in r55332.

iivs Thanks, but I see that all fields are in output. Output is an array of only requested fields. See (6).
CLOSED.

Comment by Ivo Kurzemnieks [ 2015 Sep 01 ]

(5) Coding style:

  • the comments on lines 695, 698, 701 and 712 are redundant. The code is self explanatory;
  • the Db on lines 703 and 708 should be used as prefix for variables, not postfix. For example $db_rights;
  • variable on line 699 $usrgrpIds is used in once. We can use the same code array_keys($result) inside dbConditionInt(...) function.

gunarspujats RESOLVED in r55332.

iivs CLOSED.

Comment by Ivo Kurzemnieks [ 2015 Sep 02 ]

(6) I added back relation map and used rights table primary key. Also I fixed output by selecting requested fields. Please, see my changes in r55339

gunarspujats CLOSED.

Comment by Ivo Kurzemnieks [ 2015 Sep 02 ]

TESTED.

Comment by Gunars Pujats (Inactive) [ 2015 Sep 02 ]

(7) API documentation:

iivs I slightly improved the description of selectRights option.
Please, review may changes: https://www.zabbix.com/documentation/3.0/manual/api/reference/usergroup/get?do=diff&rev2[0]=1441198456&rev2[1]=1441275101&difftype=sidebyside

gunarspujats REVIEWED.

iivs CLOSED.

Comment by Alexander Vladishev [ 2015 Sep 07 ]

(8) Zabbix documentation:

martins-v Updated: https://www.zabbix.com/documentation/3.0/manual/introduction/whatsnew300#returning_permissions_with_usergroupget

RESOLVED.

sasha CLOSED

Comment by Alexander Vladishev [ 2015 Sep 11 ]

Available in pre-3.0.0alpha2 (trunk) r55389

Generated at Tue Apr 16 12:26:56 EEST 2024 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.