Implements bitmap-based limited privileges for non-admins

Implements #4489
2026-05-05 19:15:03 +00:00 · 2020-10-09 15:50:22 +02:00 · 2020-10-09 15:50:22 +02:00 · 049bfdcf4a
commit 049bfdcf4a
parent a64095f244
26 changed files with 180 additions and 36 deletions
--- a/scripts/plugins/monitors/network/active_monitoring/web_gui/active_monitoring_stats.lua
+++ b/scripts/plugins/monitors/network/active_monitoring/web_gui/active_monitoring_stats.lua
@ -19,6 +19,7 @@ local am_pool = active_monitoring_pools:create()
 local graph_utils = require("graph_utils")
 local alert_utils = require("alert_utils")
 local user_scripts = require("user_scripts")
+local auth = require "auth"

 local ts_creation = plugins_utils.timeseriesCreationEnabled()

@ -73,7 +74,7 @@ if ((host ~= nil) and (page ~= "overview")) then
    title = title .. ": " .. host.label
 end

-if isAdministrator() then
+if auth.has_capability(auth.capabilities.active_monitoring) then
    if (_POST["action"] == "reset_config") then
        active_monitoring_utils.resetConfig()
    end
@ -91,7 +92,7 @@ page_utils.print_navbar(title, url, {
        page_name = "historical",
        label = "<i class='fas fa-lg fa-chart-area'></i>"
    }, {
-        hidden = not isAdministrator() or
+       hidden = not auth.has_capability(auth.capabilities.active_monitoring) or
            not plugins_utils.hasAlerts(getSystemInterfaceId(), {
                entity = alert_consts.alertEntity("am_host")
            }),
@ -206,7 +207,7 @@ elseif ((page == "historical") and (host ~= nil) and (measurement_info ~= nil))
                           url, selected_epoch,
                           {timeseries = timeseries, notes = notes})

-elseif ((page == "alerts") and isAdministrator()) then
+elseif ((page == "alerts") and auth.has_capability(auth.capabilities.active_monitoring)) then
    local old_ifname = ifname
    local ts_utils = require("ts_utils")
    local influxdb = ts_utils.getQueryDriver()
--- a/scripts/plugins/monitors/network/active_monitoring/web_gui/edit_active_monitoring_host.lua
+++ b/scripts/plugins/monitors/network/active_monitoring/web_gui/edit_active_monitoring_host.lua
@ -10,6 +10,7 @@ require "lua_utils"
 local json = require("dkjson")
 local plugins_utils = require("plugins_utils")
 local am_utils = plugins_utils.loadModule("active_monitoring", "am_utils")
+local auth = require "auth"

 sendHTTPContentTypeHeader('application/json')

@ -67,7 +68,7 @@ if isEmptyString(measurement) then
   return
 end

-if not haveAdminPrivileges() then
+if not auth.has_capability(auth.capabilities.active_monitoring) then
   reportError(i18n("not_admin"))
   return
 end