Zabbix

<?php declare(strict_types = 0);

/*

** Copyright (C) 2001-2025 Zabbix SIA

**

** This program is free software: you can redistribute it and/or modify it under the terms of

** the GNU Affero General Public License as published by the Free Software Foundation, version 3.

**

** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;

** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

** See the GNU Affero General Public License for more details.

**

** You should have received a copy of the GNU Affero General Public License along with this program.

** If not, see <https://www.gnu.org/licenses/>.

**/

​

​

class CControllerUsergroupEdit extends CController {

​

    /**

     * @var array  User group data from database.

     */

    private $user_group = [];

​

    protected function init() {

        $this->disableCsrfValidation();

    }

​

    protected function checkInput() {

        $fields = [

            'usrgrpid' =>               'db usrgrp.usrgrpid',

            'name' =>                   'db usrgrp.name',

            'userids' =>                'array_db users.userid',

            'gui_access' =>             'db usrgrp.gui_access|in '.implode(',', [GROUP_GUI_ACCESS_SYSTEM, GROUP_GUI_ACCESS_INTERNAL, GROUP_GUI_ACCESS_LDAP, GROUP_GUI_ACCESS_DISABLED]),

            'users_status' =>           'db usrgrp.users_status|in '.GROUP_STATUS_ENABLED.','.GROUP_STATUS_DISABLED,

            'debug_mode' =>             'db usrgrp.debug_mode|in '.GROUP_DEBUG_MODE_ENABLED.','.GROUP_DEBUG_MODE_DISABLED,

            'ms_hostgroup_right' =>     'array',

            'hostgroup_right' =>        'array',

            'ms_templategroup_right' => 'array',

            'templategroup_right' =>    'array',

            'tag_filters' =>            'array',

            'form_refresh' =>           'int32'

        ];

​

        $ret = $this->validateInput($fields);

​

        if (!$ret) {

            $this->setResponse(new CControllerResponseFatal());

        }

​

        return $ret;

    }

​

    protected function checkPermissions() {

        if (!$this->checkAccess(CRoleHelper::UI_ADMINISTRATION_USER_GROUPS)) {

            return false;

        }

​

        if ($this->hasInput('usrgrpid')) {

            $user_groups = API::UserGroup()->get([

                'output' => ['name', 'gui_access', 'users_status', 'debug_mode', 'userdirectoryid', 'mfa_status',

                    'mfaid'

                ],

                'selectTagFilters' => ['groupid', 'tag', 'value'],

                'usrgrpids' => $this->getInput('usrgrpid'),

                'editable' => true

            ]);

​

            if (!$user_groups) {

                return false;

            }

​

            $this->user_group = $user_groups[0];

        }

​

        return true;

    }

​

    protected function doAction() {

        $db_defaults = DB::getDefaults('usrgrp');

        $mfa_config_status = CAuthenticationHelper::get(CAuthenticationHelper::MFA_STATUS);

        $data = [

            'usrgrpid' => 0,

            'name' => $db_defaults['name'],

            'gui_access' => $db_defaults['gui_access'],

            'userdirectoryid' => 0,

            'users_status' => $db_defaults['users_status'],

            'debug_mode' => $db_defaults['debug_mode'],

            'form_refresh' => 0,

            'group_mfa_status' => $mfa_config_status ? GROUP_MFA_ENABLED : GROUP_MFA_DISABLED,

            'mfaid' => 0

        ];