pandorafms/pandora_console/include/rest-api/index.php

423 lines
12 KiB
PHP
Raw Normal View History

<?php
global $config;
2019-07-31 11:03:13 +02:00
if (!is_ajax()) {
return;
}
require_once $config['homedir'].'/vendor/autoload.php';
2021-02-02 18:40:55 +01:00
// Require also some stuff from Pandora FMS.
enterprise_include('include/functions_metaconsole.php');
use Models\VisualConsole\Container as VisualConsole;
2019-10-02 18:37:50 +02:00
use Models\VisualConsole\View as Viewer;
2020-01-07 15:43:44 +01:00
use Models\VisualConsole\Item as Item;
2022-03-08 14:50:59 +01:00
use PandoraFMS\User;
2019-10-02 18:37:50 +02:00
$method = get_parameter('method');
if ($method) {
$viewer = new Viewer();
try {
2020-01-08 17:28:03 +01:00
if (method_exists($viewer, $method) === true) {
2019-10-02 18:37:50 +02:00
echo $viewer->{$method}();
}
} catch (Exception $e) {
2019-10-02 18:43:27 +02:00
echo json_encode(['error' => $e->getMessage()]);
2019-10-02 18:37:50 +02:00
return;
}
return;
}
$visualConsoleId = (int) get_parameter('visualConsoleId');
$getVisualConsole = (bool) get_parameter('getVisualConsole');
$getVisualConsoleItems = (bool) get_parameter('getVisualConsoleItems');
2022-03-08 14:50:59 +01:00
$doLogin = (bool) get_parameter('doLogin');
2019-06-18 10:13:56 +02:00
$updateVisualConsoleItem = (bool) get_parameter('updateVisualConsoleItem');
2019-10-02 12:28:17 +02:00
$createVisualConsoleItem = (bool) get_parameter('createVisualConsoleItem');
2019-07-08 17:51:01 +02:00
$getVisualConsoleItem = (bool) get_parameter('getVisualConsoleItem');
2019-07-25 17:58:37 +02:00
$removeVisualConsoleItem = (bool) get_parameter('removeVisualConsoleItem');
2019-07-31 13:23:25 +02:00
$copyVisualConsoleItem = (bool) get_parameter('copyVisualConsoleItem');
2019-08-05 14:58:27 +02:00
$getImagesVisualConsole = (bool) get_parameter('getImagesVisualConsole');
2020-01-21 17:43:41 +01:00
$createColorRangeVisualConsole = (bool) get_parameter(
'createColorRangeVisualConsole'
2019-09-20 15:14:26 +02:00
);
2020-01-21 17:43:41 +01:00
$getTimeZoneVisualConsole = (bool) get_parameter('getTimeZoneVisualConsole');
2019-09-22 20:35:51 +02:00
$serviceListVisualConsole = (bool) get_parameter(
'serviceListVisualConsole'
);
2019-12-17 10:57:19 +01:00
$loadtabs = (bool) get_parameter('loadtabs');
ob_clean();
2022-03-08 14:50:59 +01:00
if ($doLogin === true) {
$id_user = get_parameter('id_user', '');
$password = get_parameter('password', '');
if (User::login(
[
'id_usuario' => $id_user,
'password' => $password,
]
) === true
) {
2022-10-04 18:00:47 +02:00
$newGeneratedSecret = bin2hex(openssl_random_pseudo_bytes(15));
$res_update = update_user(
$id_user,
['auth_token_secret' => $newGeneratedSecret]
);
if ($res_update === false) {
http_response_code(404);
return;
}
echo json_encode(['auth_hash' => User::generatePublicHash($newGeneratedSecret)]);
2022-03-08 14:50:59 +01:00
} else {
db_pandora_audit(
AUDIT_LOG_ACL_VIOLATION,
2023-01-05 09:44:59 +01:00
'Trying to login using invalid credentials with API Rest',
$id_user
2022-03-08 14:50:59 +01:00
);
http_response_code(403);
return;
}
return;
}
2019-12-17 10:57:19 +01:00
if ($visualConsoleId) {
// Retrieve the visual console.
2020-03-26 12:29:38 +01:00
$visualConsole = VisualConsole::fromDB(['id' => $visualConsoleId], $ratio);
2019-12-17 10:57:19 +01:00
$visualConsoleData = $visualConsole->toArray();
$vcGroupId = $visualConsoleData['groupId'];
2019-12-17 10:57:19 +01:00
// ACL.
$aclRead = check_acl($config['id_user'], $vcGroupId, 'VR');
$aclWrite = check_acl($config['id_user'], $vcGroupId, 'VW');
$aclManage = check_acl($config['id_user'], $vcGroupId, 'VM');
2019-12-17 10:57:19 +01:00
if (!$aclRead && !$aclWrite && !$aclManage) {
db_pandora_audit(
2022-01-20 10:55:23 +01:00
AUDIT_LOG_ACL_VIOLATION,
2019-12-17 10:57:19 +01:00
'Trying to access visual console without group access'
);
http_response_code(403);
return;
}
}
if ($getVisualConsole === true) {
echo $visualConsole;
return;
} else if ($getVisualConsoleItems === true) {
// Check groups can access user.
$aclUserGroups = [];
if (!users_can_manage_group_all('AR')) {
$aclUserGroups = array_keys(users_get_groups(false, 'AR'));
}
2020-03-26 12:29:38 +01:00
$size = get_parameter('size', []);
$width = get_parameter('widthScreen', 0);
$mode = get_parameter('mode', '');
2020-03-26 12:29:38 +01:00
$ratio = 0;
if (isset($size) === true
&& is_array($size) === true
&& empty($size) === false
) {
$ratio = $visualConsole->adjustToViewport($size, $mode);
2020-03-26 12:29:38 +01:00
$visualConsoleData = $visualConsole->toArray();
}
$widthRatio = 0;
if ($visualConsoleData['autoAdjust'] === true && $width > 0) {
$widthRatio = ($width / $visualConsoleData['width']);
}
2020-03-26 12:29:38 +01:00
$vcItems = VisualConsole::getItemsFromDB(
$visualConsoleId,
$aclUserGroups,
$ratio,
$widthRatio
2020-03-26 12:29:38 +01:00
);
2020-10-29 17:20:16 +01:00
echo '['.implode(',', $vcItems).']';
return;
} else if ($getVisualConsoleItem === true
|| $updateVisualConsoleItem === true
) {
$itemId = (int) get_parameter('visualConsoleItemId');
try {
$item = VisualConsole::getItemFromDB($itemId);
} catch (Throwable $e) {
// Bad params.
echo $e->getMessage();
if (__DEBUG === 1) {
echo ' at '.$e->getFile().':'.$e->getLine();
}
2019-08-08 11:05:21 +02:00
http_response_code(400);
return;
}
$itemData = $item->toArray();
$itemType = $itemData['type'];
$itemAclGroupId = $itemData['aclGroupId'];
// ACL.
$aclRead = check_acl($config['id_user'], $itemAclGroupId, 'VR');
$aclWrite = check_acl($config['id_user'], $itemAclGroupId, 'VW');
$aclManage = check_acl($config['id_user'], $itemAclGroupId, 'VM');
if (!$aclRead && !$aclWrite && !$aclManage) {
db_pandora_audit(
2022-01-20 10:55:23 +01:00
AUDIT_LOG_ACL_VIOLATION,
'Trying to access visual console without group access'
);
http_response_code(403);
return;
}
// Check also the group Id for the group item.
if ($itemType === GROUP_ITEM) {
2019-07-29 17:45:59 +02:00
$itemGroupId = $itemData['groupId'];
// ACL.
$aclRead = check_acl($config['id_user'], $itemGroupId, 'VR');
$aclWrite = check_acl($config['id_user'], $itemGroupId, 'VW');
$aclManage = check_acl($config['id_user'], $itemGroupId, 'VM');
if (!$aclRead && !$aclWrite && !$aclManage) {
db_pandora_audit(
2022-01-20 10:55:23 +01:00
AUDIT_LOG_ACL_VIOLATION,
'Trying to access visual console without group access'
);
http_response_code(403);
return;
}
}
2019-07-08 17:51:01 +02:00
if ($getVisualConsoleItem === true) {
echo $item;
return;
} else if ($updateVisualConsoleItem === true) {
$data = get_parameter('data');
2020-01-15 17:37:24 +01:00
if (isset($data) === true) {
2019-08-09 15:19:35 +02:00
$data['id'] = $itemId;
2020-01-15 17:37:24 +01:00
$data['id_layout'] = $visualConsoleId;
2019-08-09 15:19:35 +02:00
$result = $item->save($data);
echo $item;
}
2019-07-08 17:51:01 +02:00
return;
}
2019-10-02 12:28:17 +02:00
} else if ($createVisualConsoleItem === true) {
// TODO: ACL.
$data = get_parameter('data');
if ($data) {
// Inserted data in new item.
$class = VisualConsole::getItemClass((int) $data['type']);
try {
// Save the new item.
$data['id_layout'] = $visualConsoleId;
$result = $class::save($data);
} catch (\Throwable $th) {
// There is no item in the database.
echo false;
return;
}
// Extract data new item inserted.
try {
$item = VisualConsole::getItemFromDB($result);
} catch (Throwable $e) {
// Bad params.
echo $e->getMessage();
if (__DEBUG === 1) {
echo ' at '.$e->getFile().':'.$e->getLine();
}
2019-10-02 12:28:17 +02:00
http_response_code(400);
return;
}
echo $item;
} else {
echo false;
}
return;
2019-07-25 17:58:37 +02:00
} else if ($removeVisualConsoleItem === true) {
$itemId = (int) get_parameter('visualConsoleItemId');
2019-07-26 14:17:14 +02:00
try {
$item = VisualConsole::getItemFromDB($itemId);
} catch (\Throwable $th) {
// There is no item in the database.
2019-08-08 11:05:21 +02:00
http_response_code(404);
2019-07-26 14:17:14 +02:00
return;
}
2019-07-30 11:20:03 +02:00
$itemData = $item->toArray();
$itemAclGroupId = $itemData['aclGroupId'];
$aclWrite = check_acl($config['id_user'], $itemAclGroupId, 'VW');
$aclManage = check_acl($config['id_user'], $itemAclGroupId, 'VM');
// ACL.
if (!$aclWrite && !$aclManage) {
db_pandora_audit(
2022-01-20 10:55:23 +01:00
AUDIT_LOG_ACL_VIOLATION,
2019-07-30 11:20:03 +02:00
'Trying to delete visual console item without group access'
);
http_response_code(403);
return;
}
2019-07-25 17:58:37 +02:00
$data = get_parameter('data');
$result = $item->delete($itemId);
2019-07-31 13:23:25 +02:00
echo $result;
return;
} else if ($copyVisualConsoleItem === true) {
$itemId = (int) get_parameter('visualConsoleItemId');
// Get a copy of the item.
$item = VisualConsole::getItemFromDB($itemId);
$data = $item->toArray();
$data['id_layout'] = $visualConsoleId;
2020-10-29 17:20:16 +01:00
if ($data['type'] === LINE_ITEM
|| $data['type'] === NETWORK_LINK
) {
2020-01-20 16:01:53 +01:00
$data['endX'] = ($data['endX'] + 20);
$data['endY'] = ($data['endY'] + 20);
$data['startX'] = ($data['startX'] + 20);
$data['startY'] = ($data['startY'] + 20);
} else {
$data['x'] = ($data['x'] + 20);
$data['y'] = ($data['y'] + 20);
}
2019-07-31 13:23:25 +02:00
unset($data['id']);
$class = VisualConsole::getItemClass((int) $data['type']);
try {
// Save the new item.
2022-01-13 11:31:11 +01:00
$result = $class::create($data);
2019-07-31 13:23:25 +02:00
} catch (\Throwable $th) {
// There is no item in the database.
echo false;
return;
}
2019-07-25 17:58:37 +02:00
echo $result;
return;
2019-08-05 14:58:27 +02:00
} else if ($getImagesVisualConsole) {
2020-01-07 15:43:44 +01:00
$img = get_parameter('nameImg', 'appliance');
$only = (bool) get_parameter('only', 0);
$count = Item::imagesElementsVC($img, $only);
echo json_encode($count);
return;
2020-01-21 17:43:41 +01:00
} else if ($createColorRangeVisualConsole) {
2020-01-22 12:48:31 +01:00
$uniqId = \uniqid();
2020-01-21 17:43:41 +01:00
$baseUrl = ui_get_full_url('/', false, false, false);
$from = get_parameter('from', 0);
$to = get_parameter('to', 0);
$color = get_parameter('color', 0);
$rangeFrom = [
'name' => 'rangeFrom[]',
'type' => 'number',
'value' => $from,
'return' => true,
];
$rangeTo = [
'name' => 'rangeTo[]',
'type' => 'number',
'value' => $to,
'return' => true,
];
$rangeColor = [
'wrapper' => 'div',
'name' => 'rangeColor[]',
'type' => 'color',
'value' => $color,
'return' => true,
];
$removeBtn = [
'name' => 'Remove',
2023-03-21 18:42:31 +01:00
'label' => __('Remove'),
2020-01-21 17:43:41 +01:00
'type' => 'button',
2023-03-21 18:42:31 +01:00
'attributes' => [
'mode' => 'mini secondary',
'icon' => 'delete',
],
2020-01-21 17:43:41 +01:00
'return' => true,
2023-03-21 18:42:31 +01:00
'script' => 'removeColorRange("'.$uniqId.'")',
2020-01-21 17:43:41 +01:00
];
2020-01-22 12:48:31 +01:00
$classRangeColor = 'interval-color-ranges flex-row flex-start w100p';
$liRangeColor = '<li id="li-'.$uniqId.'" class="'.$classRangeColor.'">';
2020-01-21 17:43:41 +01:00
$liRangeColor .= '<label>'.__('From').'</label>';
$liRangeColor .= html_print_input($rangeFrom);
$liRangeColor .= '<label>'.__('To').'</label>';
$liRangeColor .= html_print_input($rangeTo);
$liRangeColor .= '<label>'.__('Color').'</label>';
$liRangeColor .= '<div>';
$liRangeColor .= html_print_input($rangeColor);
$liRangeColor .= '</div>';
2023-03-21 18:42:31 +01:00
$liRangeColor .= html_print_input($removeBtn, 'div', true);
2020-01-21 17:43:41 +01:00
$liRangeColor .= '<li>';
echo $liRangeColor;
return;
2020-01-13 17:13:52 +01:00
} else if ($getTimeZoneVisualConsole) {
$zone = get_parameter('zone', 'Europe');
$zones = Item::zonesVC($zone);
echo json_encode($zones);
return;
2019-09-22 20:35:51 +02:00
} else if ($serviceListVisualConsole) {
if (!enterprise_installed()) {
echo json_encode(false);
return;
}
enterprise_include_once('include/functions_services.php');
// Services list.
$services = [];
$services = enterprise_hook(
'services_get_services',
[
false,
[
'id',
'name',
],
]
);
echo io_safe_output(json_encode($services));
2019-12-17 10:57:19 +01:00
return;
} else if ($loadtabs) {
$viewer = new Viewer();
echo $viewer->loadForm();
2019-09-22 20:35:51 +02:00
return;
}
exit;