2009-03-25 14:51:52 +01:00
|
|
|
<?php
|
|
|
|
|
|
2009-06-08 20:26:14 +02:00
|
|
|
// Pandora FMS - http://pandorafms.com
|
|
|
|
|
// ==================================================
|
|
|
|
|
// Copyright (c) 2005-2009 Artica Soluciones Tecnologicas
|
|
|
|
|
// Please see http://pandorafms.org for full contribution list
|
2009-03-25 14:51:52 +01:00
|
|
|
|
|
|
|
|
// This program is free software; you can redistribute it and/or
|
2009-06-08 20:26:14 +02:00
|
|
|
// modify it under the terms of the GNU Lesser General Public License
|
|
|
|
|
// as published by the Free Software Foundation; version 2
|
|
|
|
|
|
2009-03-25 14:51:52 +01:00
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2009-06-08 20:26:14 +02:00
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
2009-03-25 14:51:52 +01:00
|
|
|
// GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get a custom user report.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report id to get.
|
|
|
|
|
* @param array Extra filter.
|
|
|
|
|
* @param array Fields to get.
|
|
|
|
|
*
|
|
|
|
|
* @return Report with the given id. False if not available or readable.
|
|
|
|
|
*/
|
|
|
|
|
function get_report ($id_report, $filter = false, $fields = false) {
|
|
|
|
|
global $config;
|
|
|
|
|
|
|
|
|
|
$id_report = safe_int ($id_report);
|
|
|
|
|
if (empty ($id_report))
|
|
|
|
|
return false;
|
|
|
|
|
if (! is_array ($filter))
|
|
|
|
|
$filter = array ();
|
|
|
|
|
$filter['id_report'] = $id_report;
|
2009-04-02 Sancho Lerena <slerena@artica.es>
* pandoradb.sql: Final DB changes proposed for closing this month the DB
scheme. tagente-> new server_name field to assign server (old fields will
be removed). talert_templates has two new types (warning, critical).
tevento has "user_comment" new field. Tserver has three new fields,
server_type (so some old fields will be deleted), threads and queued_modules
this last two are for statistical options. Tusuario add language type to
override global language.
* update_manager/main.php: Minor changes for correct ACL usage. Non PM
users could see in what revision it the system, but only that.
* pandoradb_migrate_v2.x_to_v3.0.sql: Updated script for new DB changes.
* general/noaccess.php: Added footer and ending div. Page was very ugly
when showing noaccess errors, nobody see it ???.
* godmode/menu.php: A LOT of ACL fixes on several options.
* godmode/agentes/agent_manager.php: Fixed a crazy floating icon.
* godmode/agentes/manage_config_remote.php: A LOT of changes, rewriting
stuff, because was not working. This also adds a lot of ACL checks.
* godmode/agentes/massive_config.php, massive*: ACL changes.
* godmode/agentes/modificar_agente.php: Fixed ACL problems.
* godmode/agentes/module_manager_editor.php: Fixed bad module categories for
some types (data, plugin and prediction).
* godmode/alerts/alert_list.php: Fixed ACL problem.
* godmode/reporting/graph_builder.php: Added ACl restriction for
non-viewable agents for current user. Seems to be a problem with data
with more than 2 sources.
* godmode/reporting/map_builder.php: ACL checks improved.
* godmode/reporting/reporting_builder.php: ACL checks added (was missing),
some code ported from 2.1, other is new. New fields shown in list.
* include/functions.php: Fixed the annoying bug of "bad counters" in
function human_time_description_raw(). Function used,format_numeric() should
not be used never to calculate nothing, only to print formatted strings.
* include/functions_db.php: Added function user_access_to_agent() to know
if a given user has access to a given agent.
* include/functioins_report.php: get_report() should let admin to watch any
report. Fixed.
* agentes/alerts_status.php: Fixed ACL problem for view alert.
* operation/incidents/incident.php: Bad call for pagination() was giving
problems to pagination call. Somebody changes pagination() interface and
make this broken. Please if you change any interface, be sure that is compatible
with old code or make a post in the list about this !
* godmode/users/user_edit.php: Additional ACL check to do not let anybody
to watch non accesible users. Even for see the username or description.
* reporting/pchart_graph.php:Progress bar shown text in white when > 60%.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1594 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-02 21:16:59 +02:00
|
|
|
if (!is_user_admin ($config["id_user"]))
|
|
|
|
|
$filter[] = sprintf ('private = 0 OR (private = 1 AND id_user = "%s")', $config['id_user']);
|
2009-03-25 14:51:52 +01:00
|
|
|
if (is_array ($fields))
|
|
|
|
|
$fields[] = 'id_group';
|
|
|
|
|
|
|
|
|
|
$report = get_db_row_filter ('treport', $filter, $fields);
|
|
|
|
|
if (! give_acl ($config['id_user'], $report['id_group'], 'AR'))
|
|
|
|
|
return false;
|
|
|
|
|
return $report;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get a list of the reports the user can view.
|
|
|
|
|
*
|
|
|
|
|
* A user can view a report by two ways:
|
|
|
|
|
* - The user created the report (id_user field in treport)
|
|
|
|
|
* - The report is not private and the user has reading privileges on
|
|
|
|
|
* the group associated to the report
|
|
|
|
|
*
|
2009-04-02 14:53:27 +02:00
|
|
|
* @param array Extra filter to retrieve reports. All reports are returned by
|
|
|
|
|
* default
|
|
|
|
|
* @param array Fields to be fetched on every report.
|
2009-03-25 14:51:52 +01:00
|
|
|
*
|
|
|
|
|
* @return array An array with all the reports the user can view.
|
|
|
|
|
*/
|
|
|
|
|
function get_reports ($filter = false, $fields = false) {
|
|
|
|
|
global $config;
|
|
|
|
|
|
|
|
|
|
if (! is_array ($filter))
|
|
|
|
|
$filter = array ();
|
2009-04-02 Sancho Lerena <slerena@artica.es>
* pandoradb.sql: Final DB changes proposed for closing this month the DB
scheme. tagente-> new server_name field to assign server (old fields will
be removed). talert_templates has two new types (warning, critical).
tevento has "user_comment" new field. Tserver has three new fields,
server_type (so some old fields will be deleted), threads and queued_modules
this last two are for statistical options. Tusuario add language type to
override global language.
* update_manager/main.php: Minor changes for correct ACL usage. Non PM
users could see in what revision it the system, but only that.
* pandoradb_migrate_v2.x_to_v3.0.sql: Updated script for new DB changes.
* general/noaccess.php: Added footer and ending div. Page was very ugly
when showing noaccess errors, nobody see it ???.
* godmode/menu.php: A LOT of ACL fixes on several options.
* godmode/agentes/agent_manager.php: Fixed a crazy floating icon.
* godmode/agentes/manage_config_remote.php: A LOT of changes, rewriting
stuff, because was not working. This also adds a lot of ACL checks.
* godmode/agentes/massive_config.php, massive*: ACL changes.
* godmode/agentes/modificar_agente.php: Fixed ACL problems.
* godmode/agentes/module_manager_editor.php: Fixed bad module categories for
some types (data, plugin and prediction).
* godmode/alerts/alert_list.php: Fixed ACL problem.
* godmode/reporting/graph_builder.php: Added ACl restriction for
non-viewable agents for current user. Seems to be a problem with data
with more than 2 sources.
* godmode/reporting/map_builder.php: ACL checks improved.
* godmode/reporting/reporting_builder.php: ACL checks added (was missing),
some code ported from 2.1, other is new. New fields shown in list.
* include/functions.php: Fixed the annoying bug of "bad counters" in
function human_time_description_raw(). Function used,format_numeric() should
not be used never to calculate nothing, only to print formatted strings.
* include/functions_db.php: Added function user_access_to_agent() to know
if a given user has access to a given agent.
* include/functioins_report.php: get_report() should let admin to watch any
report. Fixed.
* agentes/alerts_status.php: Fixed ACL problem for view alert.
* operation/incidents/incident.php: Bad call for pagination() was giving
problems to pagination call. Somebody changes pagination() interface and
make this broken. Please if you change any interface, be sure that is compatible
with old code or make a post in the list about this !
* godmode/users/user_edit.php: Additional ACL check to do not let anybody
to watch non accesible users. Even for see the username or description.
* reporting/pchart_graph.php:Progress bar shown text in white when > 60%.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1594 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-02 21:16:59 +02:00
|
|
|
if (!is_user_admin ($config["id_user"]))
|
|
|
|
|
$filter[] = sprintf ('private = 0 OR (private = 1 AND id_user = "%s")', $config['id_user']);
|
2009-03-25 14:51:52 +01:00
|
|
|
if (is_array ($fields)) {
|
|
|
|
|
$fields[] = 'id_group';
|
|
|
|
|
$fields[] = 'id_user';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$reports = array ();
|
2009-04-02 14:53:27 +02:00
|
|
|
$all_reports = @get_db_all_rows_filter ('treport', $filter, $fields);
|
2009-03-31 16:32:58 +02:00
|
|
|
if ($all_reports !== FALSE)
|
2009-03-25 14:51:52 +01:00
|
|
|
foreach ($all_reports as $report){
|
|
|
|
|
if ($config['id_user'] != $report['id_user'] && ! give_acl ($config['id_user'], $report['id_group'], 'AR'))
|
|
|
|
|
continue;
|
|
|
|
|
array_push ($reports, $report);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $reports;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Creates a report.
|
|
|
|
|
*
|
|
|
|
|
* @param string Report name.
|
|
|
|
|
* @param int Group where the report will operate.
|
|
|
|
|
* @param array Extra values to be set. Notice that id_user is automatically
|
|
|
|
|
* set to the logged user.
|
|
|
|
|
*
|
|
|
|
|
* @return mixed New report id if created. False if it could not be created.
|
|
|
|
|
*/
|
|
|
|
|
function create_report ($name, $id_group, $values = false) {
|
|
|
|
|
global $config;
|
|
|
|
|
|
|
|
|
|
if (! is_array ($values))
|
|
|
|
|
$values = array ();
|
|
|
|
|
$values['name'] = $name;
|
|
|
|
|
$values['id_group'] = $id_group;
|
|
|
|
|
$values['id_user'] = $config['id_user'];
|
|
|
|
|
|
|
|
|
|
return @process_sql_insert ('treport', $values);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Updates a report.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report id.
|
|
|
|
|
* @param array Extra values to be set.
|
|
|
|
|
*
|
|
|
|
|
* @return bool True if the report was updated. False otherwise.
|
|
|
|
|
*/
|
|
|
|
|
function update_report ($id_report, $values) {
|
2009-06-08 15:07:16 +02:00
|
|
|
$report = get_report ($id_report, false, array ('id_report'));
|
2009-03-25 14:51:52 +01:00
|
|
|
if ($report === false)
|
|
|
|
|
return false;
|
|
|
|
|
return (@process_sql_update ('treport',
|
|
|
|
|
$values,
|
|
|
|
|
array ('id_report' => $id_report))) !== false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Deletes a report.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report id to be deleted.
|
|
|
|
|
*
|
|
|
|
|
* @return bool True if deleted, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
function delete_report ($id_report) {
|
|
|
|
|
$id_report = safe_int ($id_report);
|
|
|
|
|
if (empty ($id_report))
|
|
|
|
|
return false;
|
|
|
|
|
$report = get_report ($id_report);
|
|
|
|
|
if ($report === false)
|
|
|
|
|
return false;
|
2009-04-13 Esteban Sanchez <estebans@artica.es>
* general/footer.php: Removed Firefox icon. Style correction.
* godmode/agentes/agent_manager.php: Replaced > with ». Style
correction when setting bold attributes.
* godmode/agentes/manage_config_remote.php,
godmode/agentes/modificar_agente.php, godmode/agentes/module_manager.php,
godmode/alerts/alert_list.php, godmode/db/db_audit.php,
godmode/db/db_event.php, godmode/db/db_info.php, godmode/db/db_main.php,
godmode/db/db_purge.php, godmode/db/db_refine.php,
godmode/groups/configure_group.php, godmode/groups/group_list.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_network_components.php,
godmode/modules/manage_network_templates.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/module_list.php, godmode/profiles/profile_list.php,
godmode/reporting/graph_builder.php, godmode/reporting/map_builder.php,
godmode/reporting/reporting_builder.php, godmode/servers/manage_export.php,
godmode/servers/manage_export_form.php,
godmode/servers/manage_recontask.php,
godmode/servers/manage_recontask_form.php,
godmode/servers/modificar_server.php, godmode/setup/setup_visuals.php,
godmode/setup/links.php, godmode/setup/news.php,
godmode/snmpconsole/snmp_alert.php, godmode/users/configure_user.php,
godmode/users/user_list.php, operation/agentes/alerts_status.php,
operation/agentes/estado_generalagente.php,
operation/agentes/estado_agente.php, operation/agentes/estado_grupo.php,
operation/agentes/estado_ultimopaquete.php,
operation/agentes/exportdata.php, operation/agentes/networkmap.php,
operation/agentes/status_monitor.php, operation/agentes/tactical.php,
operation/events/events.php, operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/incidents/incident_statistics.php,
operation/messages/message.php, operation/reporting/custom_reporting.php,
operation/reporting/graph_viewer.php,
operation/reporting/reporting_viewer.php, operation/servers/view_server.php,
operation/users/user.php, operation/users/user_edit.php,
operation/users/user_statistics.php, operation/visual_console/index.php,
godmode/agentes/agent_template.php: Replaced > with »
* operation/agentes/datos_agente.php: Return instead of exit
* include/javascript/jquery.pandora.controls.js: Added pandoraSelectOS
control to preview the OS icon on a select.
* include/functions_reports.php: Fixed a bug on delete_report() that
returns error when the report has no content.
* include/functions_ui.php: Removed border attribute on print_os_icon().
Some fixes to meta refresh element on process_page_head(). Fixed
format_filesize() when length is zero.
* godmode/menu.php: Replaced link to file manager. Added enterprise hook.
* godmode/setup/file_manager.php: Renamed from obfuscated name filemgr.php
* include/styles/pandora.css: Textarea width reduced to 99%
* godmode/setup/setup.php: Added get_os_icon AJAX operation.
* images/mimetypes/, images/mimetypes/zip.png, images/mimetypes/image.png,
images/mimetypes/unknown.png, images/mimetypes/directory.png: Added to
repository. Mime type icons.
* extras/pandoradb_migrate_v2.x_to_v3.0.sql: Removed date comments.
* include/functions_filemanager.php: Added to repository. Minimal API for
file manager system.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1608 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-04-13 11:50:56 +02:00
|
|
|
@process_sql_delete ('treport_content', array ('id_report' => $id_report));
|
|
|
|
|
return @process_sql_delete ('treport', array ('id_report' => $id_report));
|
2009-03-25 14:51:52 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Deletes a content from a report.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report content id to be deleted.
|
|
|
|
|
*
|
|
|
|
|
* @return bool True if deleted, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
function get_report_content ($id_report_content, $filter = false, $fields = false) {
|
|
|
|
|
$id_report_content = safe_int ($id_report_content);
|
|
|
|
|
if (empty ($id_report_content))
|
|
|
|
|
return false;
|
|
|
|
|
if (! is_array ($filter))
|
|
|
|
|
$filter = array ();
|
|
|
|
|
if (is_array ($fields))
|
|
|
|
|
$fields[] = 'id_report';
|
|
|
|
|
$filter['id_rc'] = $id_report_content;
|
|
|
|
|
|
|
|
|
|
$content = @get_db_row_filter ('treport_content', $filter, $fields);
|
|
|
|
|
if ($content === false)
|
|
|
|
|
return false;
|
|
|
|
|
$report = get_report ($content['id_report']);
|
|
|
|
|
if ($report === false)
|
|
|
|
|
return false;
|
|
|
|
|
return $content;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get all the contents of a report.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report id to get contents.
|
|
|
|
|
* @param array Extra filters for the contents.
|
|
|
|
|
* @param array Fields to be fetched. All fields by default
|
|
|
|
|
*
|
|
|
|
|
* @return array All the contents of a report.
|
|
|
|
|
*/
|
|
|
|
|
function create_report_content ($id_report, $values) {
|
|
|
|
|
$id_report = safe_int ($id_report);
|
|
|
|
|
if (empty ($id_report))
|
|
|
|
|
return false;
|
|
|
|
|
$report = get_report ($id_report);
|
|
|
|
|
if ($report === false)
|
|
|
|
|
return false;
|
|
|
|
|
if (! is_array ($values))
|
|
|
|
|
return false;
|
|
|
|
|
$values['id_report'] = $id_report;
|
|
|
|
|
unset ($values['`order`']);
|
|
|
|
|
$order = (int) get_db_value ('MAX(`order`)', 'treport_content', 'id_report', $id_report);
|
|
|
|
|
$values['`order`'] = $order + 1;
|
|
|
|
|
|
|
|
|
|
return @process_sql_insert ('treport_content', $values);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get all the contents of a report.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report id to get contents.
|
|
|
|
|
* @param array Extra filters for the contents.
|
|
|
|
|
* @param array Fields to be fetched. All fields by default
|
|
|
|
|
*
|
|
|
|
|
* @return array All the contents of a report.
|
|
|
|
|
*/
|
|
|
|
|
function get_report_contents ($id_report, $filter = false, $fields = false) {
|
|
|
|
|
$id_report = safe_int ($id_report);
|
|
|
|
|
if (empty ($id_report))
|
|
|
|
|
return array ();
|
|
|
|
|
|
|
|
|
|
$report = get_report ($id_report);
|
|
|
|
|
if ($report === false)
|
|
|
|
|
return array ();
|
|
|
|
|
if (! is_array ($filter))
|
|
|
|
|
$filter = array ();
|
|
|
|
|
$filter['id_report'] = $id_report;
|
|
|
|
|
$filter['order'] = '`order`';
|
|
|
|
|
|
|
|
|
|
$contents = get_db_all_rows_filter ('treport_content', $filter, $fields);
|
|
|
|
|
if ($contents === false)
|
|
|
|
|
return array ();
|
|
|
|
|
return $contents;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Moves a content from a report up.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report content id to be moved.
|
|
|
|
|
*
|
|
|
|
|
* @return bool True if moved, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
function move_report_content_up ($id_report_content) {
|
|
|
|
|
if (empty ($id_report_content))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
$content = get_report_content ($id_report_content);
|
|
|
|
|
if ($content === false)
|
|
|
|
|
return false;
|
|
|
|
|
$order = get_db_value ('`order`', 'treport_content', 'id_rc', $id_report_content);
|
|
|
|
|
/* Set the previous element order to the current of the content we want to change */
|
|
|
|
|
process_sql_update ('treport_content',
|
|
|
|
|
array ('`order` = `order` + 1'),
|
|
|
|
|
array ('id_report' => $content['id_report'],
|
|
|
|
|
'`order` = '.($order - 1)));
|
|
|
|
|
return (@process_sql_update ('treport_content',
|
|
|
|
|
array ('`order` = `order` - 1'),
|
|
|
|
|
array ('id_rc' => $id_report_content))) !== false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Moves a content from a report up.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report content id to be moved.
|
|
|
|
|
*
|
|
|
|
|
* @return bool True if moved, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
function move_report_content_down ($id_report_content) {
|
|
|
|
|
if (empty ($id_report_content))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
$content = get_report_content ($id_report_content);
|
|
|
|
|
if ($content === false)
|
|
|
|
|
return false;
|
|
|
|
|
$order = get_db_value ('`order`', 'treport_content', 'id_rc', $id_report_content);
|
|
|
|
|
/* Set the previous element order to the current of the content we want to change */
|
|
|
|
|
process_sql_update ('treport_content',
|
|
|
|
|
array ('`order` = `order` - 1'),
|
|
|
|
|
array ('id_report' => (int) $content['id_report'],
|
|
|
|
|
'`order` = '.($order + 1)));
|
|
|
|
|
return (@process_sql_update ('treport_content',
|
|
|
|
|
array ('`order` = `order` + 1'),
|
|
|
|
|
array ('id_rc' => $id_report_content))) !== false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Deletes a content from a report.
|
|
|
|
|
*
|
|
|
|
|
* @param int Report content id to be deleted.
|
|
|
|
|
*
|
|
|
|
|
* @return bool True if deleted, false otherwise.
|
|
|
|
|
*/
|
|
|
|
|
function delete_report_content ($id_report_content) {
|
|
|
|
|
if (empty ($id_report_content))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
$content = get_report_content ($id_report_content);
|
|
|
|
|
if ($content === false)
|
|
|
|
|
return false;
|
|
|
|
|
$order = get_db_value ('`order`', 'treport_content', 'id_rc', $id_report_content);
|
|
|
|
|
process_sql_update ('treport_content',
|
|
|
|
|
array ('`order` = `order` - 1'),
|
|
|
|
|
array ('id_report' => (int) $content['id_report'],
|
|
|
|
|
'`order` > '.$order));
|
|
|
|
|
return (@process_sql_delete ('treport_content',
|
|
|
|
|
array ('id_rc' => $id_report_content))) !== false;
|
|
|
|
|
}
|
|
|
|
|
?>
|