pandorafms/pandora_console/include/class/WebServerModuleDebug.class.php

407 lines
12 KiB
PHP
Raw Normal View History

2021-03-22 17:37:15 +01:00
<?php
/**
* WebServer Module debug feature.
*
* @category Class
* @package Pandora FMS
* @subpackage Web Server Module
* @version 1.0.0
* @license See below
*
* ______ ___ _______ _______ ________
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
* Copyright (c) 2005-2020 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation for version 2.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* ============================================================================
*/
// Begin.
global $config;
require_once $config['homedir'].'/godmode/wizards/Wizard.main.php';
/**
* Class WebServerModuleDebug.
*/
class WebServerModuleDebug extends Wizard
{
/**
* Controller Url.
*
* @var string
*/
private $ajaxController;
/**
* Timeout for HTTP requests.
*
* @var integer
*/
private $requestTimeout;
/**
* CURL Query.
*
* @var string
*/
private $query;
/**
* Id of the current module.
*
* @var integer
*/
private $idAgentModule;
/**
* Class constructor.
*
* @param string $ajaxController Ajax Page Controller.
* @param integer $idAgentModule Id of the module.
*/
public function __construct(string $ajaxController, int $idAgentModule)
{
global $config;
// Check access.
check_login();
if (! check_acl($config['id_user'], 0, 'AR')) {
db_pandora_audit(
2022-01-20 10:55:23 +01:00
AUDIT_LOG_ACL_VIOLATION,
2021-03-22 17:37:15 +01:00
'Trying to access event viewer'
);
if (is_ajax()) {
echo json_encode(['error' => 'noaccess']);
}
include 'general/noaccess.php';
exit;
}
// Parameter assigments.
$this->ajaxController = $ajaxController;
$this->query = '';
$this->idAgentModule = $idAgentModule;
// Hardcoded request timeout.
$this->requestTimeout = 15;
return $this;
}
/**
* Run Module Debug window.
*
* @return void
*/
public function run()
{
// Added all necessary basic files for QueryResult.
ui_require_css_file('ace');
ui_require_javascript_file('ace', 'include/javascript/ace/');
// Load Javascript.
$this->loadJS();
// CSS.
ui_require_css_file('wizard');
ui_require_css_file('discovery');
// Specific CSS for this feature.
ui_require_css_file('WebServerModuleDebug', '/include/styles/', true);
}
/**
* Show the modal with the QueryResult.
*
* @return void
*/
public function showWebServerDebug()
{
// Show QueryResult editor.
ui_query_result_editor('webserverdebug');
// Spinner for wait loads.
html_print_div(
[
'id' => 'WebServerDebugSpinner',
'style' => 'visibility: hidden;',
'content' => __('Performing query. Please wait.').'&nbsp;'.html_print_image('images/spinner.gif', true),
]
);
?>
<script type="text/javascript">
$(document).ready(function(){
// Query section
var query = ace.edit("webserverdebug_editor");
let queryDefined = "<?php echo $this->defineQuery(); ?>";
let queryRegex = /([-]+[a-zA-Z]\s)|(([-]{2})+[a-z]+[-]*[a-z]*)/g;
query.setValue(queryDefined.replace(queryRegex, "\n$&"));
query.clearSelection();
// Result section
var results = ace.edit("webserverdebug_view");
var text = '';
results.setTheme("ace/theme/textmate");
results.session.setMode("ace/mode/json");
results.renderer.setShowGutter(false);
results.setReadOnly(true);
results.setShowPrintMargin(false);
$("#submit-execute_query").click(function() {
// Show the spinner.
showSpinner(true);
// Empty the results container.
results.setValue("");
// Get the entire text.
text = query.getValue();
// There are not values in the query section.
if (text === null || text === undefined) {
results.setValue('<?php echo __('No results'); ?>');
results.clearSelection();
// Hide spinner.
showSpinner(false);
return;
}
// Clean the carriage jumps.
text = text.split("\n").join("");
// Call to the method for execute the command.
$.ajax({
method: "post",
url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
data: {
page: "<?php echo $this->ajaxController; ?>",
method: "executeCommand",
text: text,
idAgentModule: "<?php echo $this->idAgentModule; ?>",
},
datatype: "json",
success: function(result) {
results.setValue(result);
},
error: function(e) {
results.setValue('<?php echo __('Error performing execution'); ?>');
},
complete: function() {
results.clearSelection();
showSpinner(false);
}
});
});
});
</script>
<?php
}
/**
* Definition of the query
*
* @return string
*/
private function defineQuery()
{
// Get the value of the debug_content.
$outputDebugQuery = db_get_value_filter(
'debug_content',
'tagente_modulo',
[
'id_agente_modulo' => $this->idAgentModule,
]
);
$this->query = ($outputDebugQuery !== false) ? $outputDebugQuery : __('Please, wait for a first execution of module');
return $this->query;
}
/**
* Perform the cURL execution.
*
* @return void
* @throws Exception $e Error message.
*/
public function executeCommand()
{
try {
$executionForPerform = io_safe_output(get_parameter('text'));
// If the execution comes empty.
if (empty($executionForPerform) === true) {
throw new Exception('Execution failed');
}
// For security reasons, only allow the 'curl' command.
$executionForPerform = strstr($executionForPerform, 'curl');
// Avoid pipes or concatenation of commands.
$unallowedChars = [
'|',
'&',
'||',
'&&',
';',
'\n',
];
$executionForPerform = str_replace(
$unallowedChars,
' ',
$executionForPerform
);
// Set execution timeout.
$executionForPerform .= sprintf(
$executionForPerform.' -m %d',
$this->requestTimeout
);
// Perform the execution.
system($executionForPerform, $returnCode);
// If execution does not got well.
if ($returnCode != 0) {
switch ($returnCode) {
case '2':
throw new Exception('Failed to initialize. Review the syntax.');
case '3':
throw new Exception('URL malformed. The syntax was not correct.');
case '5':
throw new Exception('Couldn\'t resolve proxy. The given proxy host could not be resolved.');
case '6':
throw new Exception('Couldn\'t resolve host. The given remote host could not be resolved.');
case '7':
throw new Exception('Failed to connect to host.');
default:
throw new Exception('Failed getting data.');
}
}
} catch (Exception $e) {
// Show execution error message.
echo __($e->getMessage());
}
exit;
}
/**
* Loads JS and return code.
*
* @return string
*/
public function loadJS()
{
$str = '';
ob_start();
?>
<script type="text/javascript">
$(document).ready(function(){
$('#button-btn_debugModule').click(function() {
load_modal({
target: $("#modal"),
form: "add_module_form",
url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
ajax_callback: showMsg,
modal: {
title: "<?php echo __('Debug'); ?>",
},
extradata: [
{
name: "idAgentModule",
value: "<?php echo $this->idAgentModule; ?>"
}],
onshow: {
page: "<?php echo $this->ajaxController; ?>",
width: 800,
method: "showWebServerDebug"
}
});
});
});
/**
* Toggle the visibility of spinner.
*/
function showSpinner(setVisibility) {
var spinner = $('#WebServerDebugSpinner');
if (setVisibility) {
spinner.css('visibility', 'visible');
} else {
spinner.css('visibility', 'hidden');
}
}
/**
* Process ajax responses and shows a dialog with results.
*/
function showMsg(data) {
var title = "<?php echo __('Success'); ?>";
var text = "";
var failed = 0;
try {
data = JSON.parse(data);
text = data["result"];
} catch (err) {
title = "<?php echo __('Failed'); ?>";
text = err.message;
failed = 1;
}
if (!failed && data["error"] != undefined) {
title = "<?php echo __('Failed'); ?>";
text = data["error"];
failed = 1;
}
if (data["report"] != undefined) {
data["report"].forEach(function(item) {
text += "<br>" + item;
});
}
$("#msg").empty();
$("#msg").html(text);
$("#msg").dialog({
width: 450,
position: {
my: "center",
at: "center",
of: window,
collision: "fit"
},
title: title
});
}
</script>
<?php
// Get the JS script.
$str = ob_get_clean();
// Return the loaded JS.
echo $str;
return $str;
}
}