Ad Widget

Collapse

Zabbix 1.4.1: Monitoring -> Web -> "Permission Denied" for Read-Only Users

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Palmertree
    Senior Member
    • Sep 2005
    • 746
    #1

    Zabbix 1.4.1: Monitoring -> Web -> "Permission Denied" for Read-Only Users

    Not sure if this was by design or a bug so I decided to report this and a fix.

    If a read-only user with access to all the groups goes to "Monitoring" -> "Web" -> Expand an application -> Click on a Scenario. They get "Permission Denied" message. The user can go to latest data and see the result.

    Fix below:

    Modify /php/httpdetails.php around the top of the file.
    Modified the "RED".

    Before:
    check_fields($fields);

    $accessible_hosts = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_WRITE,null,null,$ZBX_CURNODEID);

    if(!($httptest_data = DBfetch(DBselect('select ht.* from httptest ht, applications a '.
    ' where a.hostid in ('.$accessible_hosts.') and a.applicationid=ht.applicationid '.
    ' and ht.httptestid='.$_REQUEST['httptestid']))))
    {
    After:
    check_fields($fields);

    $accessible_hosts = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_ONLY,null,null,$ZBX_CURNODEID);

    if(!($httptest_data = DBfetch(DBselect('select ht.* from httptest ht, applications a '.
    ' where a.hostid in ('.$accessible_hosts.') and a.applicationid=ht.applicationid '.
    ' and ht.httptestid='.$_REQUEST['httptestid']))))
    {
    Last edited by Palmertree; 03-07-2007, 00:58.
    Tags: None
    • murray
      Junior Member
      • Jul 2007
      • 4
      #2
      Monitoring -> Screens -> Slideshows: 'No slideshows defined' for Read-Only Users

      I think this is a similar issue. I cannot see any slideshows defined when I am not logged in (guest).

      Zabbix 1.4.1 with 1.4.2-pre frontend (due to bug when adding tcp simple checks).

      - Murray

        Comment

        • Alexei
          Founder, CEO
          Zabbix Certified Trainer
          Zabbix Certified SpecialistZabbix Certified Professional
          • Sep 2004
          • 5654
          #3
          Thanks for reporting this and for the fix! It seems to be correct yet it has to be verified.
          Alexei Vladishev
          Creator of Zabbix, Product manager
          New York | Tokyo | Riga
          My Twitter

            Comment

            • richlv
              Senior Member
              Zabbix Certified Trainer
              Zabbix Certified SpecialistZabbix Certified Professional
              • Oct 2005
              • 3112
              #4
              this was reported as still reproducible in 1.4.4 today on irc.
              Zabbix 3.0 Network Monitoring book

                Comment

                • murray
                  Junior Member
                  • Jul 2007
                  • 4
                  #5
                  I have sinced fixed my issue. I needed to add read-only permission to the 'guests' group for all hosts used on my slideshow.

                    Comment

                    • xs-
                      Senior Member
                      Zabbix Certified Specialist
                      • Dec 2007
                      • 393
                      #6
                      There is a bug like this in 1.4.4.
                      Its not really about read-only users but a bug in a query used in the perm.inc.php which will effect users of a host group where the host belongs to multiple groups.

                      The problem is subtle and there is an easy quickfix. So far i havent seen any negative side-effects of the patch
                      Fix here: http://www.zabbix.com/forum/showthread.php?t=8997

                        Comment

                        Previous template Next
                        Working...