WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/html/includes/actions/contact.inc.php

251 lines
9.9 KiB
PHP
Raw Blame History

<?php
/**
* Observium
*
* This file is part of Observium.
*
* @package observium
* @subpackage web
* @copyright (C) Adam Armstrong
*
*/
// Secure Write Actions
if (!$securewrite) {
return;
}
switch ($vars['action']) {
case 'contact_alert_checker_add': // new ([target]_[type]_[action])
if (safe_empty($vars['contact_id'])) {
return;
}
if (is_numeric($vars['alert_checker_id'])) {
$vars['alert_test_id'] = $vars['alert_checker_id'];
} elseif (!is_numeric($vars['alert_test_id'])) {
return;
}
$rows_updated = 0;
foreach ((array)$vars['contact_id'] as $contact_id) {
if (!is_numeric($contact_id)) {
continue;
}
$id = dbInsert('alert_contacts_assoc', [ 'aca_type' => 'alert', // $vars['type']
'contact_id' => $contact_id,
'alert_checker_id' => $vars['alert_test_id'] ]);
if ($id) {
$rows_updated++;
}
}
return $rows_updated;
case 'contact_alert_checker_addall':
if (!is_numeric($vars['alert_test_id']) || !$vars['confirm_add_all']) {
return;
}
$exist_contacts = dbFetchColumn('SELECT `contact_id` FROM `alert_contacts_assoc` WHERE `aca_type` = ? AND `alert_checker_id` = ?', [ 'alert', $vars['alert_test_id'] ]);
//print_vars($exist_contacts);
$sql = "SELECT `contact_id` FROM `alert_contacts` WHERE `contact_disabled` = 0 AND `contact_method` != 'syscontact'" .
generate_query_values_and($exist_contacts, 'contact_id', '!='); // exclude exist contacts
//print_vars($sql);
$rows_updated = 0;
foreach (dbFetchColumn($sql) as $contact_id) {
$id = dbInsert('alert_contacts_assoc', [ 'aca_type' => 'alert',
'contact_id' => $contact_id,
'alert_checker_id' => $vars['alert_test_id'] ]);
if ($id) {
$rows_updated++;
}
}
return $rows_updated;
case 'contact_alert_checker_delete':
if (safe_empty($vars['contact_id'])) {
return;
}
if (!is_numeric($vars['alert_test_id'])) {
return;
}
$rows_updated = 0;
foreach ((array)$vars['contact_id'] as $contact_id) {
if (!is_numeric($contact_id)) {
continue;
}
$rows_updated += dbDelete('alert_contacts_assoc', '`aca_type` = ? AND `contact_id` = ? AND `alert_checker_id` = ?', [ 'alert', $contact_id, $vars['alert_test_id'] ]);
}
return $rows_updated;
case 'contact_alert_checker_deleteall':
if (!is_numeric($vars['alert_test_id']) || !$vars['confirm_delete_all']) {
return;
}
return dbDelete('alert_contacts_assoc', '`aca_type` = ? AND `alert_checker_id` = ?', [ 'alert', $vars['alert_test_id'] ]);
case 'contact_syslog_rule_add':
if (!is_numeric($vars['la_id']) || safe_empty($vars['contact_id'])) {
return;
}
$rows_updated = 0;
foreach ((array)$vars['contact_id'] as $contact_id) {
$id = dbInsert('alert_contacts_assoc', [ 'aca_type' => 'syslog', // $vars['type']
'contact_id' => $vars['contact_id'],
'alert_checker_id' => $vars['la_id'] ]);
if ($id) {
$rows_updated++;
}
}
if ($rows_updated) {
set_obs_attrib('syslog_rules_changed', time()); // Trigger reload syslog script
}
return $rows_updated;
case 'contact_syslog_rule_delete':
if (!is_numeric($vars['la_id']) || safe_empty($vars['contact_id'])) {
return;
}
$rows_updated = 0;
foreach ((array)$vars['contact_id'] as $contact_id) {
if (!is_numeric($contact_id)) {
continue;
}
$rows_updated += dbDelete('alert_contacts_assoc', '`aca_type` = ? AND `contact_id` = ? AND `alert_checker_id` = ?', [ 'syslog', $contact_id, $vars['la_id'] ]);
}
if ($rows_updated) {
set_obs_attrib('syslog_rules_changed', time()); // Trigger reload syslog script
}
return $rows_updated;
}
// Admin only actions
if (!$readwrite) { // Only valid forms from level 10 users
return;
}
switch ($vars['action']) {
case 'contact_add':
// Only proceed if the contact_method is valid in our transports array
if (is_array($config['transports'][$vars['contact_method']])) {
foreach ($config['transports'][$vars['contact_method']]['parameters'] as $section => $parameters) {
foreach ($parameters as $parameter => $param_data) {
if (isset($vars['contact_' . $vars['contact_method'] . '_' . $parameter])) {
$value = smart_quotes($vars['contact_' . $vars['contact_method'] . '_' . $parameter]);
// Validate if passed correct JSON
if ($param_data['format'] === 'json' && !valid_json_notification($value)) {
// Incorrect JSON
print_error('Contact not added. Incorrect JSON.');
break 2;
}
$endpoint_data[$parameter] = $value;
}
}
}
if ($endpoint_data) {
dbInsert('alert_contacts', ['contact_descr' => $vars['contact_descr'], 'contact_endpoint' => safe_json_encode($endpoint_data), 'contact_method' => $vars['contact_method']]);
}
}
break;
case 'contact_edit':
$update_state = [];
$contact = get_contact_by_id($vars['contact_id']);
foreach (safe_json_decode($contact['contact_endpoint']) as $field => $value) {
$contact['endpoint_parameters'][$field] = $value;
}
$update_state['contact_disabled'] = get_var_true($vars['contact_enabled']) ? 0 : 1;
if (!safe_empty($vars['contact_descr']) && $vars['contact_descr'] != $contact['contact_descr']) {
$update_state['contact_descr'] = $vars['contact_descr'];
}
$data = $config['transports'][$contact['contact_method']];
if (!safe_count($data['parameters']['global'])) {
// Temporary until we separate "global" out.
$data['parameters']['global'] = [];
}
if (!safe_count($data['parameters']['optional'])) {
$data['parameters']['optional'] = [];
}
// Plan: add defaults for transport types to global settings, which we use by default, then be able to override the settings via this GUI
// This needs supporting code in the transport to check for set variable and if not, use the global default
$update_endpoint = $contact['endpoint_parameters'];
foreach (array_merge((array)$data['parameters']['required'],
(array)$data['parameters']['global'],
(array)$data['parameters']['optional']) as $parameter => $param_data) {
if ((isset($data['parameters']['optional'][$parameter]) || // Allow optional param as empty
is_array($vars['contact_endpoint_' . $parameter]) || strlen($vars['contact_endpoint_' . $parameter])) &&
smart_quotes($vars['contact_endpoint_' . $parameter]) != $contact['endpoint_parameters'][$parameter]) {
$value = smart_quotes($vars['contact_endpoint_' . $parameter]);
// Validate if passed correct JSON
if ($param_data['format'] === 'json' && !valid_json_notification($value)) {
//r($value);
//r($param_data);
// Incorrect JSON
print_error('Contact not updated. Incorrect JSON.');
break 2;
}
$update_endpoint[$parameter] = $value;
}
}
//r($update_endpoint);
$update_endpoint = safe_json_encode($update_endpoint);
if ($update_endpoint != $contact['contact_endpoint']) {
//r($update_endpoint);
//r($contact['contact_endpoint']);
$update_state['contact_endpoint'] = $update_endpoint;
}
// custom template
$vars['contact_message_custom'] = get_var_true($vars['contact_message_custom']);
if ($vars['contact_message_custom'] != (bool)$contact['contact_message_custom']) {
$update_state['contact_message_custom'] = $vars['contact_message_custom'] ? '1' : '0';
}
if ($vars['contact_message_custom'] && $vars['contact_message_template'] != $contact['contact_message_template']) {
$update_state['contact_message_template'] = $vars['contact_message_template'];
}
//r($contact);
//r($vars);
if ($rows_updated = dbUpdate($update_state, 'alert_contacts', 'contact_id = ?', [$vars['contact_id']])) {
print_success('Contact updated.');
}
break;
case 'contact_delete':
if (get_var_true($vars['confirm_' . $vars['contact_id']], 'confirm')) {
$rows_deleted = dbDelete('alert_contacts', '`contact_id` = ?', [$vars['contact_id']]);
$rows_deleted += dbDelete('alert_contacts_assoc', '`contact_id` = ?', [$vars['contact_id']]);
if ($rows_deleted) {
print_success('Deleted contact and all associations (' . $vars['contact_id'] . ')');
}
}
unset($vars['contact_id']);
break;
}
unset($vars['action'], $vars['confirm'], $vars['confirm_' . $vars['contact_id']], $vars['requesttoken']);
// EOF
View Git Blame Copy Permalink