See www.zabbix.com for the official Zabbix site.

Docs/specs/ZBXNEXT-3007

From Zabbix.org
Jump to: navigation, search

Private maps

ZBXNEXT-3007

Status: v1.1

Owner: Alexei

Summary

Zabbix will support public as well as private maps with ability to share them with other users and user groups.

Specification

The functionality will enable creation and management of maps for regular users without admin rights.

Configuration -> Maps will be removed. Instead, Monitoring -> Maps will be extended to support management of maps.

All maps will have ownership, a user who created this map. Map will be visible only to map owner if it is private or to visible everyone if map public. Access to a map can be also shared with other users and user groups. Two sharing modes will be available for each share: read and read-write. Only user groups and their users of map owner user groups will be available for sharing.

Map name must be unique.

Map permissions

A map is visible to user only if the user has read permissions to all map elements. Also he must be owner of the map or be in the list of users or a member of user groups for sharing.

Read permission for map element is needed if user wants to add this element to a map.

Super admins, regular admins, map owners and users with read-write permissions will be allowed to remove map and modify all its properties. Note that not all sharing information may be visible to regular admins and map owner.

If map owner loses map permissions (no rights to see a map element), the map will no longer be visible to the map owner.

Disabled user status does not affect any map related functionality.

Front-end changes

  • Removal of Configuration -> Maps
  • Monitoring -> Maps will display last visited page (map view or list of maps). List of maps will be displayed with ability to filter by map name and by element name/label.
    • List of maps: Map name (sortable)
    • Click on map name -> Map view mode with ability to go quickly back to the list and map editing mode
    • Two button will be available: "Create map", "Import".
    • Mass operations: "Export", "Delete"
  • In map edit mode
    • All map related information could be modified: name, sizing as well as map elements, everything. This is split into three tabs: Map, Sharing and Constructor.

Map edit

Three tabs with be introduced: Map and Sharing.

  • Map: edit map attributes
 As first field should be added possibility to change map owner (only for admins), otherwise displayed map owner in disabled field. Select is regular pop-up. Since only one user can be selected, pop-up must not have checkboxes.
       .------------------------.
 Owner | User alias (full name) | Select
       '------------------------'
  • Sharing: Private (default)/Public, Share with [User groups/Users]. Users and groups are added via link Add which opens a pop-up with users or groups. The pop-up has checkboxes, since multiple users and groups can be selected.
 [Private | Public] radio button
 List of user shares:
 [User]   [Read/Read-write] Remove
 List of user group shares:
 [User group]   [Read/Read-write] Remove

List of users and user groups will be available in both Public and Private modes. It will not be possible to add Read shares in Public mode and user will get an error message: Map "%1$s" is public and read-only sharing is disallowed.

Buttons

 .------------.  .-------.  .--------.  .--------.
 | Add/Update |  | Clone |  | Delete |  | Cancel |
 '------------'  '-------'  '--------'  '--------'

Cloning

Clone will copy all map elements and attributes except sharing data. Cloned map will be private by default.

XML import/export

Export

  • Sharing data will not be exported.

Import

  • Import will now provide controls and rules for regular users.
  • New imported maps will be private.
  • The one who imports new maps, is the new owner.

API changes

map

map.get new options:

  • userids - (array) select maps with only given user IDs.
  • selectUsers - (query) select users that are shared with map.
  • selectUserGroups - (query) select users groups that are shared with map.

map.create new fields:

  • userid - (integer/string) Map owner user IDs (optional).
  • private - (integer/string) Private or public (optional).
  • users - (array) Shared users (optional). Contains two properties: userid, permission.
  • userGroups - (array) Shared user groups (optional). Contains two properties: usrgrpid, permission.

Example:

{
    "name": "api.created",
    "width": 600,
    "height": 600,
    "userid": 3,
    "private": 1,
    "users": [
        {
            "userid": 4,
            "permission": 2
        }
    ],
    "userGroups": [
        {
            "usrgrpid": 11,
            "permission": 2
        }
    ]
}

map.update new fields:

  • userid - (integer/string) Map owner user IDs (optional).
  • private - (integer/string) Private or public (optional).
  • users - (array) Shared users (optional). Contains two properties: userid, permission.
  • userGroups - (array) Shared user groups (optional). Contains two properties: usrgrpid, permission.

Example:

{
    "sysmapid": 9,
    "width": 600,
    "height": 600,
    "userid": 3,
    "private": 1,
    "users": [
        {
            "userid": 4,
            "permission": 3
        },
        {
            "userid": 5,
            "permission": 2
        }
    ],
    "userGroups": [
        {
            "usrgrpid": 11,
            "permission": 2
        },
        {
            "usrgrpid": 13,
            "permission": 3
        }
    ]
}

user

user.get:

  • Possible to select other users from group that user belongs to.

user.delete:

  • validation should check if user is owner of at least one map. User cannot be deleted if he is a map owner. Trying to delete such user, API will throw an error message: Error message User "%1$s" is map "%2$s" owner.

usergroup

usergroup.get:

  • Possible to select user group that user belongs to.

Added translation strings:

  • All maps
  • Constructor
  • Delete selected map?
  • Duplicate "name" value "%1$s" for map.
  • Duplicate userid "%1$s" in users for map "%2$s".
  • Duplicate usrgrpid "%1$s" in user groups for map "%2$s".
  • Empty map ID.
  • Field "%1$s" is missing a value for map "%2$s".
  • Inaccessible user
  • Incorrect "height" value for map "%1$s".
  • Incorrect "permission" value "%1$s" in user groups for map "%2$s".
  • Incorrect "permission" value "%1$s" in users for map "%2$s".
  • Incorrect "private" value "%1$s" for map "%2$s".
  • Incorrect "width" value for map "%1$s".
  • Incorrect map ID.
  • Incorrect user ID specified for map "%1$s".
  • Incorrect user group ID specified for map "%1$s".
  • List of user group shares
  • List of user shares
  • Map "%1$s" already exists.
  • Map "%1$s" is public and read-only sharing is disallowed.
  • Map name cannot be empty.
  • Map owner cannot be empty.
  • No "%1$s" given for map.
  • Only administrators can set map owner.
  • Owner
  • Private
  • Properties
  • Public
  • Read-only
  • Sharing
  • Sharing option "%1$s" is missing a value for map "%2$s".
  • URL name should be unique for map "%1$s".
  • URL should have both "name" and "url" fields for map "%1$s".
  • User "%1$s" is map "%2$s" owner.
  • User group sharing is missing parameters: %1$s for map "%2$s".
  • User sharing is missing parameters: %1$s for map "%2$s".

Removed translation strings:

  • Delete network map?
  • Duplicate map name for map "%s".
  • Incorrect map height value for map "%s".
  • Incorrect map width value for map "%s".
  • Map with name "%s" already exists.
  • No maps found.
  • URL name should be unique for map "%s".
  • URL should have both "name" and "url" fields for map "%s

Database changes

Table sysmaps, new fields:

 FIELD       |userid        |t_id       |   |NOT NULL   |0   |3|users  |RESTRICT
 FIELD       |private       |t_integer  |’1’|NOT NULL   |0

New tables:

 TABLE|sysmap_user|sysmapuserid|ZBX_DATA
 FIELD       |sysmapuserid  |t_id       |   |NOT NULL   |0
 FIELD       |sysmapid      |t_id       |   |NOT NULL   |0    |1|sysmaps
 FIELD       |userid        |t_id       |   |NOT NULL   |0    |2|users
 FIELD       |permission    |t_integer  |’2’|NOT NULL   |0        # 2 - read, 3 - read-write    
 UNIQUE      |1             |sysmapid,userid
 TABLE|sysmap_usrgrp|sysmapusrgrpid|ZBX_DATA
 FIELD       |sysmapusrgrpid|t_id       |   |NOT NULL   |0
 FIELD       |sysmapid      |t_id       |   |NOT NULL   |0    |1|sysmaps
 FIELD       |usrgrpid      |t_id       |   |NOT NULL   |0    |2|usrgrp
 FIELD       |permission    |t_integer  |’2’|NOT NULL   |0        # 2 - read, 3 - read-write    
 UNIQUE      |1             |sysmapid,usrgrpid
  • Database patch to assign owner and private flag (set to '0') to all existing maps. All maps will be assigned to a super admin having smallest userid.
  • Default map "Local network" should belong to "Admin" user and it is public.

Also discussed

  • Only super admins and regular admins can change map owner.
  • Read only permission enough for cloning.
  • Public map - read only permissions for all users, private map - deny for all users, excluding admins and super admins, they have read-write permissions for all maps regardless of the map type.
  • No new filters for private/public maps in list view for now.
  • Label name in map edit should be called "Owner".

Documentation

  • Zabbix Manual 3.0
  • Release notes
    • Also include information that now it is possible to add map components having only read-only permissions to the components
  • Upgrade notes (Configuration -> Maps going away)
  • API documentation
  • Internal documentation

ChangeLog

  • 2015.11.10 v1.0 initial release
  • 2015.11.24 added API changes
  • 2015.11.26 added new translation strings
  • 1.1
    • added "RESTRICT" constraint for sysmaps.userid field because user cannot be deleted with attached maps