Zabbix
Public
Source
xxxxxxxxxx<?php/*** Copyright (C) 2001-2025 Zabbix SIA**** This program is free software: you can redistribute it and/or modify it under the terms of** the GNU Affero General Public License as published by the Free Software Foundation, version 3.**** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.** See the GNU Affero General Public License for more details.**** You should have received a copy of the GNU Affero General Public License along with this program.** If not, see <https://www.gnu.org/licenses/>.**/class CControllerAuthenticationEdit extends CController { protected function init() { $this->disableCsrfValidation(); } /** * Validate user input. * * @return bool */ protected function checkInput() { global $ALLOW_HTTP_AUTH; $fields = [ 'form_refresh' => 'int32', 'authentication_type' => 'in '.ZBX_AUTH_INTERNAL.','.ZBX_AUTH_LDAP, 'disabled_usrgrpid' => 'id', 'ldap_auth_enabled' => 'in '.ZBX_AUTH_LDAP_DISABLED.','.ZBX_AUTH_LDAP_ENABLED, 'ldap_servers' => 'array', 'ldap_default_row_index' => 'int32', 'ldap_case_sensitive' => 'in '.ZBX_AUTH_CASE_INSENSITIVE.','.ZBX_AUTH_CASE_SENSITIVE, 'ldap_removed_userdirectoryids' => 'array_id', 'jit_provision_interval' => 'db config.jit_provision_interval', 'ldap_jit_status' => 'in '.JIT_PROVISIONING_DISABLED.','.JIT_PROVISIONING_ENABLED, 'saml_auth_enabled' => 'in '.ZBX_AUTH_SAML_DISABLED.','.ZBX_AUTH_SAML_ENABLED, 'saml_jit_status' => 'in '.JIT_PROVISIONING_DISABLED.','.JIT_PROVISIONING_ENABLED, 'idp_entityid' => 'db userdirectory_saml.idp_entityid', 'sso_url' => 'db userdirectory_saml.sso_url', 'slo_url' => 'db userdirectory_saml.slo_url', 'username_attribute' => 'db userdirectory_saml.username_attribute', 'sp_entityid' => 'db userdirectory_saml.sp_entityid', 'nameid_format' => 'db userdirectory_saml.nameid_format', 'sign_messages' => 'in 0,1', 'sign_assertions' => 'in 0,1', 'sign_authn_requests' => 'in 0,1', 'sign_logout_requests' => 'in 0,1', 'sign_logout_responses' => 'in 0,1', 'encrypt_nameid' => 'in 0,1', 'encrypt_assertions' => 'in 0,1', 'saml_provision_status' => 'in '.JIT_PROVISIONING_DISABLED.','.JIT_PROVISIONING_ENABLED, 'saml_case_sensitive' => 'in '.ZBX_AUTH_CASE_INSENSITIVE.','.ZBX_AUTH_CASE_SENSITIVE, 'saml_group_name' => 'db userdirectory_saml.group_name', 'saml_user_username' => 'db userdirectory_saml.user_username', 'saml_user_lastname' => 'db userdirectory_saml.user_lastname', 'saml_provision_groups' => 'array', 'saml_provision_media' => 'array', 'scim_status' => 'in '.ZBX_AUTH_SCIM_PROVISIONING_DISABLED.','.ZBX_AUTH_SCIM_PROVISIONING_ENABLED, 'passwd_min_length' => 'int32', 'passwd_check_rules' => 'int32|ge 0|le '.(PASSWD_CHECK_CASE | PASSWD_CHECK_DIGITS | PASSWD_CHECK_SPECIAL | PASSWD_CHECK_SIMPLE), 'mfa_status' => 'in '.MFA_DISABLED.','.MFA_ENABLED, 'mfa_methods' => 'array', 'mfa_default_row_index' => 'int32', 'mfa_removed_mfaids' => 'array_id' ]; if ($ALLOW_HTTP_AUTH) { $fields += [ 'http_auth_enabled' => 'in '.ZBX_AUTH_HTTP_DISABLED.','.ZBX_AUTH_HTTP_ENABLED, 'http_login_form' => 'in '.ZBX_AUTH_FORM_ZABBIX.','.ZBX_AUTH_FORM_HTTP, 'http_strip_domains' => 'db config.http_strip_domains', 'http_case_sensitive' => 'in '.ZBX_AUTH_CASE_INSENSITIVE.','.ZBX_AUTH_CASE_SENSITIVE ]; } $ret = $this->validateInput($fields); if (!$ret) { $this->setResponse(new CControllerResponseFatal()); } return $ret; } /**