fix restricted application access for normal user (#10802)

* fix restricted application access for normal user * travis fix * use of Permissions class * travis fix * Update default.inc.php * Update overview.inc.php * travis fix
2019-11-13 03:08:21 +01:00 · 2019-11-13 03:08:21 +01:00 · dc751123bc
parent 2feb28440a
commit dc751123bc
2 changed files with 34 additions and 24 deletions
--- a/includes/html/pages/apps/default.inc.php
+++ b/includes/html/pages/apps/default.inc.php
@ -1,5 +1,8 @@
 <?php

+use App\Models\Application;
+use LibreNMS\Util\Url;
+
 $graph_array['height']      = '100';
 $graph_array['width']       = '220';
 $graph_array['to'] = \LibreNMS\Config::get('time.now');
@ -9,29 +12,31 @@ $graph_array_zoom['height'] = '150';
 $graph_array_zoom['width']  = '400';
 $graph_array['legend']      = 'no';

-$app_devices = dbFetchRows('SELECT * FROM `devices` AS D, `applications` AS A WHERE D.device_id = A.device_id AND A.app_type = ? ORDER BY hostname', array($vars['app']));
+$apps = Application::query()->hasAccess(Auth::user())->where('app_type', $vars['app'])->with('device')->get()->sortBy(function ($app) {
+    return $app->device->hostname;
+});

-foreach ($app_devices as $app_device) {
+foreach ($apps as $app) {
    echo '<div class="panel panel-default">
        <div class="panel-heading">
        <h3 class="panel-title">
-        '.generate_device_link($app_device, shorthost($app_device['hostname']), array('tab' => 'apps', 'app' => $vars['app'])).'
-        <div class="pull-right"><small class="muted">'.$app_device['app_instance'].' '.$app_device['app_status'].'</small></div>
+        '. Url::deviceLink($app->device, null, ['tab' => 'apps', 'app' => $app->app_type]).'
+        <div class="pull-right"><small class="muted">'.$app->app_instance.' '.$app->app_status.'</small></div>
        </h3>
        </div>
        <div class="panel-body">
        <div class="row">';

-    foreach ($graphs[$vars['app']] as $graph_type) {
-        $graph_array['type']      = empty($graph_type) ? 'application_'.$vars['app'] : 'application_'.$vars['app'].'_'.$graph_type;
-        $graph_array['id']        = $app_device['app_id'];
-        $graph_array_zoom['type'] = 'application_'.$vars['app'].'_'.$graph_type;
-        $graph_array_zoom['id']   = $app_device['app_id'];
+    foreach ($graphs[$app->app_type] as $graph_type) {
+        $graph_array['type']      = empty($graph_type) ? 'application_'.$app->app_type : 'application_'.$app->app_type.'_'.$graph_type;
+        $graph_array['id']        = $app->app_id;
+        $graph_array_zoom['type'] = 'application_'.$app->app_type.'_'.$graph_type;
+        $graph_array_zoom['id']   = $app->app_id;

-        $link = generate_url(array('page' => 'device', 'device' => $app_device['device_id'], 'tab' => 'apps', 'app' => $vars['app']));
+        $link = Url::generate(['page' => 'device', 'device' => $app->device_id, 'tab' => 'apps', 'app' => $app->app_type]);

        echo '<div class="pull-left">';
-        echo overlib_link($link, generate_lazy_graph_tag($graph_array), generate_graph_tag($graph_array_zoom), null);
+        echo Url::overlibLink($link, Url::lazyGraphTag($graph_array), Url::graphTag($graph_array_zoom), null);
        echo '</div>';
    }

--- a/includes/html/pages/apps/overview.inc.php
+++ b/includes/html/pages/apps/overview.inc.php
@ -1,5 +1,7 @@
 <?php

+use App\Models\Application;
+
 $graph_array['height']      = '100';
 $graph_array['width']       = '218';
 $graph_array['to'] = \LibreNMS\Config::get('time.now');
@ -9,36 +11,39 @@ $graph_array_zoom['height'] = '150';
 $graph_array_zoom['width']  = '400';
 $graph_array['legend']      = 'no';

-foreach ($apps as $app) {
+foreach (Application::query()->hasAccess(Auth::user())->with('device')->get()->groupBy('app_type') as $type => $groupedApps) {
    echo '<div style="clear: both;">';
-    echo '<h2>'.generate_link($app->displayName(), array('page' => 'apps', 'app' => $app->app_type)).'</h2>';
-    $app_devices = dbFetchRows('SELECT * FROM `devices` AS D, `applications` AS A WHERE D.device_id = A.device_id AND A.app_type = ? order by D.hostname', array($app->app_type));
-
-    foreach ($app_devices as $app_device) {
+    echo '<h2>'.generate_link($groupedApps->first()->displayName(), array('page' => 'apps', 'app' => $type)).'</h2>';
+    /** @var \Illuminate\Support\Collection $groupedApps */
+    $groupedApps = $groupedApps->sortBy(function ($app) {
+        return $app->device->hostname;
+    });
+    /** @var Application $app */
+    foreach ($groupedApps as $app) {
        $graph_type = $graphs[$app->app_type][0];

        $graph_array['type']      = 'application_'.$app->app_type.'_'.$graph_type;
-        $graph_array['id']        = $app_device['app_id'];
+        $graph_array['id']        = $app->app_id;
        $graph_array_zoom['type'] = 'application_'.$app->app_type.'_'.$graph_type;
-        $graph_array_zoom['id']   = $app_device['app_id'];
+        $graph_array_zoom['id']   = $app->app_id;

        $link_array           = $graph_array;
        $link_array['page']   = 'device';
-        $link_array['device'] = $app_device['device_id'];
+        $link_array['device'] = $app->device_id;
        $link_array['tab']    = 'apps';
        $link_array['app']    = $app->app_type;
        unset($link_array['height'], $link_array['width']);
        $overlib_url = generate_url($link_array);

-        $overlib_link = '<span style="float:left; margin-left: 10px; font-weight: bold;">'.shorthost($app_device['hostname']).'</span>';
-        if (!empty($app_device['app_instance'])) {
-            $overlib_link             .= '<span style="float:right; margin-right: 10px; font-weight: bold;">'.$app_device['app_instance'].'</span>';
-            $app_device['content_add'] = '('.$app_device['app_instance'].')';
+        $overlib_link = '<span style="float:left; margin-left: 10px; font-weight: bold;">'.optional($app->device)->shortDisplayName().'</span>';
+        if (!empty($app->app_instance)) {
+            $overlib_link             .= '<span style="float:right; margin-right: 10px; font-weight: bold;">'.$app->app_instance.'</span>';
+            $content_add = '('.$app->app_instance.')';
        }

        $overlib_link   .= '<br/>';
        $overlib_link   .= generate_graph_tag($graph_array);
-        $overlib_content = generate_overlib_content($graph_array, $app_device['hostname'].' - '.$app_device['app_type'].$app_device['content_add']);
+        $overlib_content = generate_overlib_content($graph_array, optional($app->device)->displayName().' - '.$app->app_type.$content_add);

        echo "<div style='display: block; padding: 1px; padding-top: 3px; margin: 2px; min-width: ".$width_div.'px; max-width:'.$width_div."px; min-height:165px; max-height:165px;
                      text-align: center; float: left; background-color: #f5f5f5;'>";