def query_limit_exceeded_warn(limit: Optional[int],
user_config: LoggedInUser) -> None:
"""Compare query reply against limits, warn in the GUI about incompleteness"""
text = HTML(_("Your query produced more than %d results. ") % limit)
if request.get_ascii_input(
"limit",
"soft") == "soft" and user_config.may("general.ignore_soft_limit"):
text += html.render_a(
_("Repeat query and allow more results."),
target="_self",
href=makeuri(request, [("limit", "hard")]),
)
elif request.get_ascii_input("limit") == "hard" and user_config.may(
"general.ignore_hard_limit"):
text += html.render_a(
_("Repeat query without limit."),
target="_self",
href=makeuri(request, [("limit", "none")]),
)
text += escaping.escape_to_html_permissive(" " + _(
"<b>Note:</b> the shown results are incomplete and do not reflect the sort order."
))
html.show_warning(text)
def _set_livestatus_auth(user: LoggedInUser,
force_authuser: Optional[UserId]) -> None:
user_id = _livestatus_auth_user(user, force_authuser)
if user_id is not None:
g.live.set_auth_user("read", user_id)
g.live.set_auth_user("action", user_id)
# May the user see all objects in BI aggregations or only some?
if not user.may("bi.see_all"):
g.live.set_auth_user("bi", user_id)
# May the user see all Event Console events or only some?
if not user.may("mkeventd.seeall"):
g.live.set_auth_user("ec", user_id)
# Default auth domain is read. Please set to None to switch off authorization
g.live.set_auth_domain("read")
def _livestatus_auth_user(
user: LoggedInUser,
force_authuser: Optional[UserId]) -> Optional[UserId]:
if not user.may("general.see_all"):
return user.id
if force_authuser == UserId("1"):
return user.id
if force_authuser == UserId("0"):
return None
if force_authuser:
return force_authuser # set a different user
if user.get_attribute("force_authuser"):
return user.id
return None