[ZBXNEXT-4481] Reveal User group permissions in Host groups Created: 2018 Apr 04 Updated: 2019 Apr 09 |
|
Status: | Open |
Project: | ZABBIX FEATURE REQUESTS |
Component/s: | API (A), Frontend (F) |
Affects Version/s: | 3.0.16 |
Fix Version/s: | None |
Type: | Change Request | Priority: | Major |
Reporter: | Marc | Assignee: | Alexander Vladishev |
Resolution: | Unresolved | Votes: | 2 |
Labels: | adminuser, permissions, usability | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
In the configuration view of a User group Zabbix-Admins may find out easily what permission applies to which host group(s) resp. host(s). But sometimes it is desirable to do the exercise the other way around too. That's to say, looking at a Host group and finding out which User groups apply permission to it and which users have finally access granted or explicitly denied. |
Comments |
Comment by Marc [ 2018 Jun 06 ] |
Just hacked together this one after a request of an admin on site - maybe it's for the time being useful to anyone else too (see last condition of WHERE clause!): zabbix=# SELECT ug.name user_group, zabbix-# p.name permission zabbix-# FROM groups hg, zabbix-# rights r, zabbix-# usrgrp ug, zabbix-# ( VALUES zabbix(# ( 1, 'Deny' ), zabbix(# ( 2, 'Read' ), zabbix(# ( 3, 'Read-Write' ) zabbix(# ) AS p ( id, NAME ) zabbix-# WHERE ug.usrgrpid = r.groupid zabbix-# AND r.permission = p.id zabbix-# AND r.id = hg.groupid zabbix-# AND hg.NAME = 'A Host group name one is interested in'; user_group | permission -----------------------------------------------+------------ A User group | Read-Write Another User group | Read Yet another User group | Read What shall I say, a User group | Read Should be fairly easy to extend it to reveal users behind user groups as well. |
Comment by Marc [ 2019 Apr 09 ] |
Similar statement working with MySQL (the one in the previous comment was for Postgres): SELECT ug.NAME user_group, CASE WHEN r.permission = 1 THEN 'Deny' WHEN r.permission = 2 THEN 'Read' WHEN r.permissionis = 3 THEN 'Read-Write' END AS permission FROM groups hg, rights r, usrgrp ug WHERE ug.usrgrpid = r.groupid AND r.id = hg.groupid AND hg.NAME = 'A Host group name one is interested in';
|