Fixed acl in module graph view

2018-08-01 13:16:21 +02:00 · 2018-08-01 13:16:21 +02:00 · 04cfbe4ef9
parent 1088c5390d
commit 04cfbe4ef9
3 changed files with 10 additions and 27 deletions
--- a/pandora_console/operation/agentes/interface_traffic_graph_win.php
+++ b/pandora_console/operation/agentes/interface_traffic_graph_win.php
@ -30,6 +30,7 @@ require_once ($config['homedir'] . '/include/functions_custom_graphs.php');
 require_once ($config['homedir'] . '/include/functions_modules.php');
 require_once ($config['homedir'] . '/include/functions_agents.php');
 require_once ($config['homedir'] . '/include/functions_tags.php');
+enterprise_include_once('include/functions_agents.php');

 check_login();

@ -108,28 +109,8 @@ $interface_traffic_modules = array(
 	<body bgcolor="#ffffff" style='background:#ffffff;'>
 <?php
 		// ACL
-		$permission = false;
-		$agent_group = (int) agents_get_agent_group($agent_id);
-		$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
-
-		// The traffic modules should belong to the agent id
-		$in_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_in']);
-		$out_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_out']);
-		$traffic_modules_belong_to_agent = $agent_id == $in_agent_id && $agent_id == $out_agent_id;
-
-		if (!empty($agent_group) && !empty($params['traffic_module_in'])
-				&& !empty($params['traffic_module_out']) && $traffic_modules_belong_to_agent) {
-			if ($strict_user) {
-				if (tags_check_acl_by_module($params['traffic_module_in'], $config['id_user'], 'RR') === true
-						&& tags_check_acl_by_module($params['traffic_module_out'], $config['id_user'], 'RR') === true)
-					$permission = true;
-			}
-			else {
-				$permission = check_acl($config['id_user'], $agent_group, "RR");
-			}
-		}
-
-		if (!$permission) {
+		$all_groups = agents_get_all_groups_agent($agent_id);
+		if (!check_acl_one_of_groups ($config["id_user"], $all_groups, "AR")) {
 			require ($config['homedir'] . "/general/noaccess.php");
 			exit;
 		}
--- a/pandora_console/operation/agentes/realtime_win.php
+++ b/pandora_console/operation/agentes/realtime_win.php
@ -83,6 +83,10 @@ echo '<link rel="stylesheet" href="../../include/styles/pandora.css" type="text/
 	</head>
 	<body bgcolor="#ffffff" style='background:#ffffff;'>
 		<?php
+            if (!check_acl ($config["id_user"], 0, "AR")) {
+                require ($config['homedir'] . "/general/noaccess.php");
+                exit;
+            }
            $config['extensions'] = extensions_get_extensions (false, '../../');
            if (!extensions_is_enabled_extension("realtime_graphs.php")) {
 				ui_print_error_message(__('Realtime extension is not enabled.'));
--- a/pandora_console/operation/agentes/stat_win.php
+++ b/pandora_console/operation/agentes/stat_win.php
@ -29,6 +29,7 @@ require_once ($config['homedir'] . '/include/functions_graph.php');
 require_once ($config['homedir'] . '/include/functions_modules.php');
 require_once ($config['homedir'] . '/include/functions_agents.php');
 require_once ($config['homedir'] . '/include/functions_tags.php');
+enterprise_include_once('include/functions_agents.php');

 check_login ();

@ -112,11 +113,8 @@ $alias    = db_get_value ("alias","tagente","id_agente",$id_agent);
 		}

 		// ACL
-		$permission  = false;
-		$agent_group = (int) agents_get_agent_group($agent_id);
-		$permission = check_acl($config['id_user'], $agent_group, "AR");
-			
-			if (!$permission) {
+		$all_groups = agents_get_all_groups_agent($agent_id);
+		if (!check_acl_one_of_groups ($config["id_user"], $all_groups, "AR")) {
 			require ($config['homedir'] . "/general/noaccess.php");
 			exit;
 		}