search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'maint/7.0'
[ninja.git] / application / models / custom_command.php
blob471d836b9ffb27573bca835c6663aba4b4146fcb
1 <?php defined('SYSPATH') OR die('No direct access allowed.');
2
3 /**
4 * Authorize and parse custom command.
5 */
6 class Custom_command_Model extends Model
7 {
8 /**
9 * Parses custom variables and returns custom commands
10 * @param $custom_variables array
11 * @param $specific string
12 * @return array
13 */
14 public static function parse_custom_variables($custom_variables, $specific = false) {
15 $custom_commands = array();
16 // Need at least 2 custom variables for this to make any sense.
17 if (count($custom_variables) >= 2) {
18 foreach ($custom_variables as $key => $value) {
19 // Does custom variable name match pattern?
20 if (substr($key, 0, 3) === 'OP5') {
21 $parts = explode('__', $key);
22 $command_name = $parts[count($parts)-1];
23 if ($specific !== false && $specific !== $command_name) {
24 // We wanted a specific command which doesn't exist. Go to next loop.
25 continue;
26 }
27 if (!isset($custom_commands[$command_name])) {
28 $custom_commands[$command_name] = array();
29 }
30 if (in_array('ACCESS', $parts)) {
31 $custom_commands[$command_name]['access'] = explode(',',$value);
32 }
33 if (in_array('ACTION', $parts)) {
34 $custom_commands[$command_name]['action'] = $value;
35 }
36 }
37 }
38 }
39 if (count($custom_commands) > 0) {
40 foreach ($custom_commands as $command_name => $params) {
41 if (isset($custom_commands[$command_name]['access']) && isset($custom_commands[$command_name]['action'])) {
42 // Check authorization.
43 $user_groups = op5auth::instance()->get_groups();
44 $user_group_access = false;
45 $set = ContactGroupPool_Model::none();
46 $all_set = ContactGroupPool_Model::all();
47 foreach ($custom_commands[$command_name]['access'] as $group) {
48 $set = $set->union($all_set->reduce_by('name', $group, "="));
49 if (in_array($group, $user_groups)) {
50 $user_group_access = true;
51 }
52 }
53 $set = $set->reduce_by('members', Auth::instance()->get_user()->username, '>=');
54 // If we got any matches set action, if not unset custom command
55 if ( $user_group_access || count($set) > 0 ) {
56 $custom_commands[$command_name] = $custom_commands[$command_name]['action'];
57 } else {
58 unset($custom_commands[$command_name]);
59 }
60 } else {
61 // Incomplete custom command due to not having both ACCESS and ACTION with the same name. Unset
62 unset($custom_commands[$command_name]);
63 }
64 }
65 }
66 return $custom_commands;
67 }
68 }
This is an effort to rewrite the Nagios GUI in PHP. It uses the Kohana framework to do much of the heavy lifting.