Source of CControllerPopupLdapEdit.php - Zabbix

Raw file
Source viewDiff to previous
7.75 KB
xxxxxxxxxx
 
<?php declare(strict_types = 0);
/*
** Copyright (C) 2001-2025 Zabbix SIA
**
** This program is free software: you can redistribute it and/or modify it under the terms of
** the GNU Affero General Public License as published by the Free Software Foundation, version 3.
**
** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
** See the GNU Affero General Public License for more details.
**
** You should have received a copy of the GNU Affero General Public License along with this program.
** If not, see <https://www.gnu.org/licenses/>.
**/
​
​
class CControllerPopupLdapEdit extends CController {
​
    const LDAP_MEMBER_OF = 0;
    const LDAP_GROUP_OF_NAMES = 1;
​
    protected function init() {
        $this->disableCsrfValidation();
    }
​
    protected function checkInput(): bool {
        $fields = [
            'row_index' =>                      'required|int32',
            'userdirectoryid' =>                'db userdirectory.userdirectoryid',
            'name' =>                           'db userdirectory.name',
            'host' =>                           'db userdirectory_ldap.host',
            'port' =>                           'db userdirectory_ldap.port|ge '.ZBX_MIN_PORT_NUMBER.'|le '.ZBX_MAX_PORT_NUMBER,
            'base_dn' =>                        'db userdirectory_ldap.base_dn',
            'bind_dn' =>                        'db userdirectory_ldap.bind_dn',
            'bind_password' =>                  'db userdirectory_ldap.bind_password',
            'search_attribute' =>               'db userdirectory_ldap.search_attribute',
            'start_tls' =>                      'in '.ZBX_AUTH_START_TLS_OFF.','.ZBX_AUTH_START_TLS_ON,
            'search_filter' =>                  'db userdirectory_ldap.search_filter',
            'case_sensitive' =>                 'in '.ZBX_AUTH_CASE_INSENSITIVE.','.ZBX_AUTH_CASE_SENSITIVE,
            'description' =>                    'db userdirectory.description',
            'group_basedn' =>                   'db userdirectory_ldap.group_basedn',
            'group_name' =>                     'db userdirectory_ldap.group_name',
            'group_member' =>                   'db userdirectory_ldap.group_member',
            'user_ref_attr' =>                  'db userdirectory_ldap.user_ref_attr',
            'group_filter' =>                   'db userdirectory_ldap.group_filter',
            'group_membership' =>               'db userdirectory_ldap.group_membership',
            'user_username' =>                  'db userdirectory_ldap.user_username',
            'user_lastname' =>                  'db userdirectory_ldap.user_lastname',
            'add_ldap_server' =>                'in 0,1',
            'group_configuration' =>            'in '.self::LDAP_MEMBER_OF.','.self::LDAP_GROUP_OF_NAMES,
            'provision_status' =>               'in '.JIT_PROVISIONING_DISABLED.','.JIT_PROVISIONING_ENABLED,
            'provision_groups' =>               'array',
            'provision_media' =>                'array'
        ];
​
        $ret = $this->validateInput($fields) && $this->validateProvisionGroups() && $this->validateProvisionMedia();
​
        if (!$ret) {
            $this->setResponse(
                (new CControllerResponseData([
                    'main_block' => json_encode([
                        'error' => [
                            'title' => _('Invalid LDAP configuration'),