Zabbix

<?php declare(strict_types=1);

/*

** Zabbix

** Copyright (C) 2001-2022 Zabbix SIA

**

** This program is free software; you can redistribute it and/or modify

** it under the terms of the GNU General Public License as published by

** the Free Software Foundation; either version 2 of the License, or

** (at your option) any later version.

**

** This program is distributed in the hope that it will be useful,

** but WITHOUT ANY WARRANTY; without even the implied warranty of

** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

** GNU General Public License for more details.

**

** You should have received a copy of the GNU General Public License

** along with this program; if not, write to the Free Software

** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

**/

​

​

/**

 * Class containing methods for operations with authorization tokens.

 */

class CToken extends CApiService {

​

    public const ACCESS_RULES = [

        'create' => ['min_user_type' => USER_TYPE_ZABBIX_USER, 'action' => CRoleHelper::ACTIONS_MANAGE_API_TOKENS],

        'delete' => ['min_user_type' => USER_TYPE_ZABBIX_USER, 'action' => CRoleHelper::ACTIONS_MANAGE_API_TOKENS],

        'get' => ['min_user_type' => USER_TYPE_ZABBIX_USER, 'action' => CRoleHelper::ACTIONS_MANAGE_API_TOKENS],

        'update' => ['min_user_type' => USER_TYPE_ZABBIX_USER, 'action' => CRoleHelper::ACTIONS_MANAGE_API_TOKENS],

        'generate' => ['min_user_type' => USER_TYPE_ZABBIX_USER, 'action' => CRoleHelper::ACTIONS_MANAGE_API_TOKENS]

    ];

​

    protected $tableName = 'token';

    protected $tableAlias = 't';

    protected $sortColumns = ['tokenid', 'name', 'lastaccess', 'status', 'expires_at', 'created_at'];

​

    /**

     * @param array $options

     *

     * @throws APIException if the input is invalid.

     *

     * @return array|int

     */

    public function get(array $options = []) {

        $token_fields = ['tokenid', 'name', 'description', 'userid', 'lastaccess', 'status', 'expires_at',

            'created_at', 'creator_userid'

        ];

​

        $api_input_rules = ['type' => API_OBJECT, 'fields' => [

            // filter

            'tokenids' =>               ['type' => API_IDS, 'flags' => API_ALLOW_NULL | API_NORMALIZE, 'default' => null],

            'userids' =>                ['type' => API_IDS, 'flags' => API_ALLOW_NULL | API_NORMALIZE, 'default' => null],

            'token' =>                  ['type' => API_STRING_UTF8, 'flags' => API_ALLOW_NULL | API_NORMALIZE, 'length' => 64, 'default' => null],

            'valid_at' =>               ['type' => API_INT32, 'flags' => API_ALLOW_NULL, 'default' => null],

            'expired_at' =>             ['type' => API_INT32, 'flags' => API_ALLOW_NULL, 'default' => null],

            'filter' =>                 ['type' => API_OBJECT, 'flags' => API_ALLOW_NULL, 'default' => null, 'fields' => [

                'tokenid' =>                ['type' => API_IDS, 'flags' => API_ALLOW_NULL | API_NORMALIZE],

                'name' =>                   ['type' => API_STRINGS_UTF8, 'flags' => API_ALLOW_NULL | API_NORMALIZE],

                'userid' =>                 ['type' => API_IDS, 'flags' => API_ALLOW_NULL | API_NORMALIZE],

                'lastaccess' =>             ['type' => API_INTS32, 'flags' => API_ALLOW_NULL | API_NORMALIZE],

                'status' =>                 ['type' => API_INTS32, 'flags' => API_ALLOW_NULL | API_NORMALIZE, 'in' => implode(',', [ZBX_AUTH_TOKEN_ENABLED, ZBX_AUTH_TOKEN_DISABLED])],

                'expires_at' =>             ['type' => API_INTS32, 'flags' => API_ALLOW_NULL | API_NORMALIZE],

                'created_at' =>             ['type' => API_INTS32, 'flags' => API_ALLOW_NULL | API_NORMALIZE],

                'creator_userid' =>         ['type' => API_IDS, 'flags' => API_ALLOW_NULL | API_NORMALIZE]

            ]],

            'search' =>                 ['type' => API_OBJECT, 'flags' => API_ALLOW_NULL, 'default' => null, 'fields' => [

                'name' =>                   ['type' => API_STRINGS_UTF8, 'flags' => API_ALLOW_NULL | API_NORMALIZE],

                'description' =>            ['type' => API_STRINGS_UTF8, 'flags' => API_ALLOW_NULL | API_NORMALIZE]

            ]],

            'searchByAny' =>            ['type' => API_BOOLEAN, 'default' => false],

            'startSearch' =>            ['type' => API_FLAG, 'default' => false],

            'excludeSearch' =>          ['type' => API_FLAG, 'default' => false],

            'searchWildcardsEnabled' => ['type' => API_BOOLEAN, 'default' => false],

            // output

            'output' =>                 ['type' => API_OUTPUT, 'in' => implode(',', $token_fields), 'default' => API_OUTPUT_EXTEND],

            'countOutput' =>            ['type' => API_FLAG, 'default' => false],

            // sort and limit

            'sortfield' =>              ['type' => API_STRINGS_UTF8, 'flags' => API_NORMALIZE, 'in' => implode(',', $this->sortColumns), 'uniq' => true, 'default' => []],

            'sortorder' =>              ['type' => API_SORTORDER, 'default' => []],

            'limit' =>                  ['type' => API_INT32, 'flags' => API_ALLOW_NULL, 'in' => '1:'.ZBX_MAX_INT32, 'default' => null],

            // flags

            'preservekeys' =>           ['type' => API_BOOLEAN, 'default' => false]

        ]];

​

        if (!CApiInputValidator::validate($api_input_rules, $options, '/', $error)) {

            self::exception(ZBX_API_ERROR_PARAMETERS, $error);

        }

​

        $sql_parts = [