summaryrefslogtreecommitdiffstats
path: root/configuration.php
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 12:43:12 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 12:43:12 +0000
commitcd989f9c3aff968e19a3aeabc4eb9085787a6673 (patch)
treefbff2135e7013f196b891bbde54618eb050e4aaf /configuration.php
parentInitial commit. (diff)
downloadicingaweb2-module-director-upstream.tar.xz
icingaweb2-module-director-upstream.zip
Adding upstream version 1.10.2.upstream/1.10.2upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--configuration.php181
1 files changed, 181 insertions, 0 deletions
diff --git a/configuration.php b/configuration.php
new file mode 100644
index 0000000..4536d5d
--- /dev/null
+++ b/configuration.php
@@ -0,0 +1,181 @@
+<?php
+
+use Icinga\Application\Icinga;
+use Icinga\Web\Window;
+
+/** @var \Icinga\Application\Modules\Module $this */
+if ($this->getConfig()->get('frontend', 'disabled', 'no') === 'yes') {
+ return;
+}
+$this->providePermission('director/api', $this->translate('Allow to access the director API'));
+$this->providePermission('director/audit', $this->translate('Allow to access the full audit log'));
+$this->providePermission(
+ 'director/showconfig',
+ $this->translate('Allow to show configuration (could contain sensitive information)')
+);
+$this->providePermission(
+ 'director/showsql',
+ $this->translate('Allow to show the full executed SQL queries in some places')
+);
+$this->providePermission('director/deploy', $this->translate('Allow to deploy configuration'));
+$this->providePermission('director/hosts', $this->translate('Allow to configure hosts'));
+$this->providePermission('director/services', $this->translate('Allow to configure services'));
+$this->providePermission('director/servicesets', $this->translate('Allow to configure service sets'));
+$this->providePermission('director/service_set/apply', $this->translate('Allow to define Service Set Apply Rules'));
+$this->providePermission('director/users', $this->translate('Allow to configure users'));
+$this->providePermission('director/notifications', $this->translate('Allow to configure notifications (unrestricted)'));
+$this->providePermission(
+ 'director/scheduled-downtimes',
+ $this->translate('Allow to configure notifications (unrestricted)')
+);
+$this->providePermission(
+ 'director/inspect',
+ $this->translate(
+ 'Allow to inspect objects through the Icinga 2 API (could contain sensitive information)'
+ )
+);
+$this->providePermission(
+ 'director/monitoring/services-ro',
+ $this->translate('Allow readonly users to see where a Service came from')
+);
+$this->providePermission(
+ 'director/monitoring/hosts',
+ $this->translate('Allow users to modify Hosts they are allowed to see in the monitoring module')
+);
+$this->providePermission(
+ 'director/monitoring/services',
+ $this->translate('Allow users to modify Service they are allowed to see in the monitoring module')
+);
+$this->providePermission('director/*', $this->translate('Allow unrestricted access to Icinga Director'));
+
+$this->provideRestriction(
+ 'director/filter/hostgroups',
+ $this->translate(
+ 'Limit access to the given comma-separated list of hostgroups'
+ )
+);
+
+$this->provideRestriction(
+ 'director/monitoring/rw-object-filter',
+ $this->translate(
+ 'Additional (monitoring module) object filter to further restrict write access'
+ )
+);
+
+$this->providePermission(
+ 'director/groups-for-restricted-hosts',
+ $this->translate('Allow users with Hostgroup restrictions to access the Groups field')
+);
+
+$this->provideRestriction(
+ 'director/service/apply/filter-by-name',
+ $this->translate(
+ 'Filter available service apply rules'
+ )
+);
+
+$this->provideRestriction(
+ 'director/notification/apply/filter-by-name',
+ $this->translate(
+ 'Filter available notification apply rules'
+ )
+);
+
+$this->provideRestriction(
+ 'director/scheduled-downtime/apply/filter-by-name',
+ $this->translate(
+ 'Filter available scheduled downtime rules'
+ )
+);
+
+$this->provideRestriction(
+ 'director/service_set/filter-by-name',
+ $this->translate(
+ 'Filter available service set templates. Use asterisks (*) as wildcards,'
+ . ' like in DB* or *net*'
+ )
+);
+
+$this->provideSearchUrl($this->translate('Host configs'), 'director/hosts?limit=10', 60);
+
+/*
+// Disabled unless available
+$this->provideRestriction(
+ 'director/hosttemplates/filter',
+ $this->translate('Allow to use only host templates matching this filter')
+);
+
+$this->provideRestriction(
+ 'director/db_resource',
+ $this->translate('Allow to use only these db resources (comma separated list)')
+);
+*/
+
+$this->provideConfigTab('config', array(
+ 'title' => 'Configuration',
+ 'url' => 'settings'
+));
+$mainTitle = N_('Icinga Director');
+
+try {
+ $app = Icinga::app();
+ if ($app->isWeb()) {
+ $request = $app->getRequest();
+ $id = $request->getHeader('X-Icinga-WindowId');
+ if ($id !== false) {
+ $window = new Window($id);
+ /** @var \Icinga\Web\Session\SessionNamespace $session */
+ $session = $window->getSessionNamespace('director');
+ $dbName = $session->get('db_resource');
+ if ($dbName && $dbName !== $this->getConfig()->get('db', 'resource')) {
+ $dbName = ucfirst(str_replace('_', ' ', $dbName));
+ if (stripos($dbName, 'Director') === false) {
+ $dbName = 'Director: ' . $dbName;
+ }
+ $mainTitle = $dbName;
+ }
+ }
+ }
+} catch (\Exception $e) {
+ // There isn't much we can do, we don't want to break the menu
+ $mainTitle .= ' (?!)';
+}
+
+$section = $this->menuSection(
+ $mainTitle
+)->setUrl('director')->setPriority(60)->setIcon(
+ 'cubes'
+)->setRenderer(array(
+ 'SummaryNavigationItemRenderer',
+ 'state' => 'critical'
+));
+
+$section->add(N_('Hosts'))
+ ->setUrl('director/dashboard?name=hosts')
+ ->setPermission('director/hosts')
+ ->setPriority(30);
+$section->add(N_('Services'))
+ ->setUrl('director/dashboard?name=services')
+ ->setPermission('director/services')
+ ->setPriority(40);
+$section->add(N_('Commands'))
+ ->setUrl('director/dashboard?name=commands')
+ ->setPermission('director/admin')
+ ->setPriority(50);
+$section->add(N_('Notifications'))
+ ->setUrl('director/dashboard?name=notifications')
+ ->setPermission('director/notifications')
+ ->setPriority(70);
+$section->add(N_('Automation'))
+ ->setUrl('director/importsources')
+ ->setPermission('director/admin')
+ ->setPriority(901);
+$section->add(N_('Activity log'))
+ ->setUrl('director/config/activities')
+ ->setPriority(902)
+ ->setPermission('director/audit')
+ ->setRenderer('ConfigHealthItemRenderer');
+$section->add(N_('Deployments'))
+ ->setUrl('director/config/deployments')
+ ->setPriority(902)
+ ->setPermission('director/deployments');