From 06b8dca841f172162ed0ca267c34806ea14f9382 Mon Sep 17 00:00:00 2001 From: zarzuelo Date: Wed, 9 Jan 2013 09:25:07 +0000 Subject: [PATCH] 2013-01-09 Sergio Martin * pandoradb_data.sql pandoradb.sql pandoradb.postgreSQL.sql pandoradb.oracle.sql extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql: Add profile tags to the database structure * include/ajax/events.php include/functions.php include/functions_events.php include/functions_reporting.php include/functions_treeview.php include/functions_profile.php include/constants.php include/functions_tags.php operation/tree.php operation/users/user_edit.php operation/events/events_list.php pandoradb.data.postgreSQL.sql pandoradb.data.oracle.sql godmode/users/configure_user.php: Add new acl control with tags in events and tree views. Fix a lot of little bugs like ACLs in tree view (tags mode), add the tags mode on tree view of the normal console, pass the ACL flag to some forgotten functions, etc. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7383 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 29 ++ .../pandoradb_migrate_4.0.x_to_5.0.mysql.sql | 5 + .../pandoradb_migrate_4.0.x_to_5.0.oracle.sql | 5 + ...doradb_migrate_4.0.x_to_5.0.postgreSQL.sql | 6 +- .../godmode/users/configure_user.php | 54 ++- pandora_console/include/ajax/events.php | 7 +- pandora_console/include/constants.php | 2 + pandora_console/include/functions.php | 115 ++--- pandora_console/include/functions_events.php | 46 +- pandora_console/include/functions_profile.php | 6 +- .../include/functions_reporting.php | 113 ++--- pandora_console/include/functions_tags.php | 412 +++++++++++++++++- .../include/functions_treeview.php | 133 +++++- .../operation/events/events_list.php | 50 +-- pandora_console/operation/tree.php | 49 ++- pandora_console/operation/users/user_edit.php | 7 + pandora_console/pandoradb.data.oracle.sql | 3 +- pandora_console/pandoradb.data.postgreSQL.sql | 3 +- pandora_console/pandoradb.oracle.sql | 3 +- pandora_console/pandoradb.postgreSQL.sql | 3 +- pandora_console/pandoradb.sql | 1 + pandora_console/pandoradb_data.sql | 2 +- 22 files changed, 843 insertions(+), 211 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index bd14922903..e6d6a4f24b 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,32 @@ +2013-01-09 Sergio Martin + + * pandoradb_data.sql + pandoradb.sql + pandoradb.postgreSQL.sql + pandoradb.oracle.sql + extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql + extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql + extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql: + Add profile tags to the database structure + + * include/ajax/events.php + include/functions.php + include/functions_events.php + include/functions_reporting.php + include/functions_treeview.php + include/functions_profile.php + include/constants.php + include/functions_tags.php + operation/tree.php + operation/users/user_edit.php + operation/events/events_list.php + pandoradb.data.postgreSQL.sql + pandoradb.data.oracle.sql + godmode/users/configure_user.php: Add new acl control with + tags in events and tree views. Fix a lot of little bugs like ACLs + in tree view (tags mode), add the tags mode on tree view of the normal + console, pass the ACL flag to some forgotten functions, etc. + 2013-01-09 Junichi Satoh * include/help/ja/help_reporting_advanced_tab.php: Translated diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql index 555307d2d3..80769a9370 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql @@ -423,6 +423,11 @@ UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, ` UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 4 AND name = "Group coordinator"; UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 5 AND name = "Pandora Administrator"; +-- --------------------------------------------------------------------- +-- Table `tusuario_perfil` +-- --------------------------------------------------------------------- +ALTER TABLE `tusuario_perfil` ADD COLUMN `tags` TEXT NOT NULL; + -- --------------------------------------------------------------------- -- Table `ttag` -- --------------------------------------------------------------------- diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql index 23d494841a..4543a5453c 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql @@ -453,6 +453,11 @@ UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_v UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 5 AND name = 'Pandora Administrator'; +-- --------------------------------------------------------------------- +-- Table `tusuario_perfil` +-- --------------------------------------------------------------------- +ALTER TABLE tusuario_perfil ADD (tags CLOB NOT NULL default ''); + -- --------------------------------------------------------------------- -- Table `ttag` -- --------------------------------------------------------------------- diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql index f70fb336d5..a2a5712ead 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql @@ -444,8 +444,12 @@ UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, " UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 5 AND name = 'Pandora Administrator'; +-- --------------------------------------------------------------------- +-- Table `tusuario_perfil` +-- --------------------------------------------------------------------- +ALTER TABLE "tusuario_perfil" ADD COLUMN "tags" text default ''; + -- --------------------------------------------------------------------- -- Table `ttag` -- --------------------------------------------------------------------- ALTER TABLE "ttag" ADD COLUMN "email" TEXT NULL; - diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index d31d6c3ba7..63ae38bf38 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -328,9 +328,19 @@ if ($add_profile) { $id2 = (string) get_parameter ('id'); $group2 = (int) get_parameter ('assign_group'); $profile2 = (int) get_parameter ('assign_profile'); + $tags = (array) get_parameter ('assign_tags'); + + foreach ($tags as $k => $tag) { + if(empty($tag)) { + unset($tags[$k]); + } + } + + $tags = implode(',', $tags); + db_pandora_audit("User management", - "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2); - $return = profile_create_user_profile($id2, $profile2, $group2); + "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags); + $return = profile_create_user_profile($id2, $profile2, $group2, false, $tags); ui_print_result_message ($return, __('Profile added successfully'), @@ -501,8 +511,9 @@ $table->style[0] = 'font-weight: bold'; $table->style[1] = 'font-weight: bold'; $table->head[0] = __('Profile name'); $table->head[1] = __('Group'); -$table->head[2] = __('Action'); -$table->align[2] = 'center'; +$table->head[2] = __('Tags'); +$table->head[3] = __('Action'); +$table->align[3] = 'center'; /* if ($enterprise_include) { @@ -530,12 +541,23 @@ foreach ($result as $profile) { $data[1] .= ' ' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT); if (!defined('METACONSOLE')) $data[1] .= ''; - $data[2] = '
'; - $data[2] .= html_print_input_hidden ('delete_profile', 1, true); - $data[2] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true); - $data[2] .= html_print_input_hidden ('id_user', $id, true); - $data[2] .= html_print_input_image ('del', 'images/cross.png', 1, '', true); - $data[2] .= '
'; + + if(empty($profile["tags"])) { + $data[2] = ''; + } + else { + $tags_ids = explode(',',$profile["tags"]); + $tags = tags_get_tags($tags_ids); + + $data[2] = tags_get_tags_formatted($tags); + } + + $data[3] = '
'; + $data[3] .= html_print_input_hidden ('delete_profile', 1, true); + $data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true); + $data[3] .= html_print_input_hidden ('id_user', $id, true); + $data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true); + $data[3] .= '
'; array_push ($table->data, $data); } @@ -556,11 +578,15 @@ else { $data[1] = html_print_select_groups($config['id_user'], "UM", $own_info['is_admin'], 'assign_group', -1, '', __('None'), -1, true, false, false); + +$tags = tags_get_all_tags(); -$data[2] = html_print_input_image ('add', 'images/add.png', 1, '', true); -$data[2] .= html_print_input_hidden ('id', $id, true); -$data[2] .= html_print_input_hidden ('add_profile', 1, true); -$data[2] .= ''; +$data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('None'), '', true, true); + +$data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true); +$data[3] .= html_print_input_hidden ('id', $id, true); +$data[3] .= html_print_input_hidden ('add_profile', 1, true); +$data[3] .= ''; array_push ($table->data, $data); diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index b37d2ae36a..3c92d0f855 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -215,6 +215,9 @@ if($get_extended_event) { else { $event = events_get_event($event_id); } + + // Clean url from events and store in array + $event['clean_tags'] = events_clean_tags($event['tags']); // If the event is not found, we abort if(empty($event)) { @@ -272,7 +275,7 @@ if($get_extended_event) { $tabs .= "
  • ".html_print_image('images/zoom.png',true).__('Details')."
    • "; $tabs .= "
  • ".html_print_image('images/note.png',true).__('Agent fields')."
    • "; $tabs .= "
  • ".html_print_image('images/pencil.png',true).__('Comments')."
    • "; - if (check_acl ($config['id_user'], 0, "EW") || check_acl ($config['id_user'], 0, "EM")) { + if (tags_check_acl ($config['id_user'], $event['id_grupo'], "EW", $event['clean_tags']) || tags_check_acl ($config['id_user'], $event['id_grupo'], "EM", $event['clean_tags'])) { $tabs .= "
  • ".html_print_image('images/cog.png',true).__('Responses')."
    • "; } $tabs .= ""; @@ -303,7 +306,7 @@ if($get_extended_event) { break; } - if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) { + if (tags_check_acl ($config['id_user'], $event['id_grupo'], "EW", $event['clean_tags']) || tags_check_acl ($config['id_user'], $event['id_grupo'], "EM", $event['clean_tags'])) { $responses = events_page_responses($event); } else { diff --git a/pandora_console/include/constants.php b/pandora_console/include/constants.php index c72fd17fca..ecc7108f78 100644 --- a/pandora_console/include/constants.php +++ b/pandora_console/include/constants.php @@ -51,6 +51,8 @@ define ('ERR_CONNECTION', -80000); define ('ERR_DISABLED', -90000); define ('ERR_WRONG', -100000); define ('ERR_WRONG_NAME', -100001); +define ('ERR_WRONG_PARAMETERS', -100002); +define ('ERR_ACL', -110000); /* Event status code */ define ('EVENT_STATUS_NEW',0); diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index bc9d54af34..d20b48e003 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -1513,57 +1513,11 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) { return 0; $result = 0; + $acl_column = get_acl_column($access); foreach ($rowdup as $row) { // For each profile for this pair of group and user do... - switch ($access) { - case "IR": - $result += $row["incident_view"]; - break; - case "IW": - $result += $row["incident_edit"]; - break; - case "IM": - $result += $row["incident_management"]; - break; - case "AR": - $result += $row["agent_view"]; - break; - case "AW": - $result += $row["agent_edit"]; - break; - case "LW": - $result += $row["alert_edit"]; - break; - case "LM": - $result += $row["alert_management"]; - break; - case "PM": - $result += $row["pandora_management"]; - break; - case "DM": - $result += $row["db_management"]; - break; - case "UM": - $result += $row["user_management"]; - break; - case "RR": - $result += $row["report_view"]; - break; - case "RW": - $result += $row["report_edit"]; - break; - case "RM": - $result += $row["report_management"]; - break; - case "ER": - $result += $row["event_view"]; - break; - case "EW": - $result += $row["event_edit"]; - break; - case "EM": - $result += $row["event_management"]; - break; + if(isset($row[$acl_column])) { + $result += $row[$acl_column]; } } @@ -1574,6 +1528,69 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) { return 0; } +/** + * Get the name of the database column of one access flag + * + * @param string access flag + * + * @return string Column name + */ +function get_acl_column($access) { + switch ($access) { + case "IR": + return "incident_view"; + break; + case "IW": + return "incident_edit"; + break; + case "IM": + return "incident_management"; + break; + case "AR": + return "agent_view"; + break; + case "AW": + return "agent_edit"; + break; + case "LW": + return "alert_edit"; + break; + case "LM": + return "alert_management"; + break; + case "PM": + return "pandora_management"; + break; + case "DM": + return "db_management"; + break; + case "UM": + return "user_management"; + break; + case "RR": + return "report_view"; + break; + case "RW": + return "report_edit"; + break; + case "RM": + return "report_management"; + break; + case "ER": + return "event_view"; + break; + case "EW": + return "event_edit"; + break; + case "EM": + return "event_management"; + break; + default: + return ""; + break; + } +} + /** * Get the name of a plugin * diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index c9c16e023c..62a9a6434a 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -588,7 +588,9 @@ function events_comment ($id_event, $comment = '', $action = 'Added comment', $m $commentbox = ''; } - $comment = '-- ' . $action . ' ' . __('by') . ' '.$config['id_user'].' '.'['.date ($config["date_format"]).'] --
    '.$commentbox.'
    '; + // Don't translate 'by' word because if various users with different languages + // make comments in the same console will be a mess + $comment = '-- ' . $action . ' by '.$config['id_user'].' '.'['.date ($config["date_format"]).'] --
    '.$commentbox.'
    '; // Update comment switch ($config['dbtype']) { @@ -1406,8 +1408,8 @@ function events_page_responses ($event) { $table_responses->style[0] = 'width:35%; font-weight: bold; text-align: left;'; $table_responses->style[1] = 'text-align: left;'; $table_responses->class = "databox alternate"; - - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags'])) { // Owner $data = array(); $data[0] = __('Change owner'); @@ -1438,7 +1440,7 @@ function events_page_responses ($event) { $status_blocked = false; - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags'])) { // If the user has manager acls, the status can be changed to all possibilities always $status = array(0 => __('New'), 2 => __('In process'), 1 => __('Validated')); } @@ -1477,7 +1479,7 @@ function events_page_responses ($event) { $table_responses->data[] = $data; - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags'])) { // Delete $data = array(); $data[0] = __('Delete event'); @@ -2002,27 +2004,8 @@ function events_page_general ($event) { $data[0] = __('Tags'); if ($event["tags"] != '') { - $tags_array = explode(',',$event["tags"]); - - $tags = array(); - foreach($tags_array as $t) { - $tag_url = explode(' ', $t); - $tag = $tag_url[0]; - if(isset($tag_url[1]) && $tag_url[1] != '') { - $title = __($tag_url[1]); - $link = ''.html_print_image('images/zoom.png',true, array('alt' => $title, 'title' => $title)).''; - } - else { - $link = ''; - } - - $tags[] = $tag.$link; - } - - $tags = implode(',',$tags); - - $tags = str_replace(',',' , ',$tags); - + $tags = tags_get_tags_formatted($event["tags"]); + $data[1] = $tags; } else { @@ -2085,7 +2068,7 @@ function events_page_comments ($event) { $table_comments->data[] = $data; } - if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) { + if (tags_check_acl ($config['id_user'], $event['id_grupo'], "EW", $event['clean_tags']) || tags_check_acl ($config['id_user'], $event['id_grupo'], "EM", $event['clean_tags'])) { $comments_form = '
    '.html_print_textarea("comment", 3, 10, '', 'style="min-height: 15px; width: 100%;"', true); $comments_form .= '
    '.html_print_button(__('Add comment'),'comment_button',false,'event_comment();','class="sub next"',true).'

    '; } @@ -2098,6 +2081,15 @@ function events_page_comments ($event) { return $comments; } +function events_clean_tags ($tags) { + if(empty($tags)) { + return array(); + } + + $event_tags = tags_get_tags_formatted ($tags, false); + return explode(',',str_replace(' ','',$event_tags)); +} + /** * Get all the events happened in a group during a period of time. * diff --git a/pandora_console/include/functions_profile.php b/pandora_console/include/functions_profile.php index 6a2443c0cf..ebf6fc4880 100644 --- a/pandora_console/include/functions_profile.php +++ b/pandora_console/include/functions_profile.php @@ -63,10 +63,11 @@ function profile_get_profiles ($filter = false) { * @param int Profile ID (default 1 => AR) * @param int Group ID (default 1 => All) * @param string Assign User who assign the profile to user. + * @param string tags where the view of the user in this group will be restricted * * @return mixed Number id if succesful, false if not */ -function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, $assignUser = false) { +function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') { global $config; if (empty ($id_profile) || $id_group < 0) @@ -78,7 +79,7 @@ function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, if (!$result_user){ return false; } - + if (isset ($config["id_user"])) { //Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora) $assign = $config["id_user"]; @@ -93,6 +94,7 @@ function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, "id_usuario" => $id_user, "id_perfil" => $id_profile, "id_grupo" => $id_group, + "tags" => $tags, "assigned_by" => $assign ); diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index e8b1dfca1c..89c85a992c 100644 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -869,7 +869,7 @@ function reporting_get_agentmodule_sla_array ($id_agent_module, $period = 0, $mi * * @return array Group statistics */ -function reporting_get_group_stats ($id_group = 0) { +function reporting_get_group_stats ($id_group = 0, $access = 'AR') { global $config; $data = array (); @@ -903,12 +903,12 @@ function reporting_get_group_stats ($id_group = 0) { $cur_time = get_system_time (); //Check for access credentials using check_acl. More overhead, much safer - if (!check_acl ($config["id_user"], $id_group, "RR")) { + if (!check_acl ($config["id_user"], $id_group, $access)) { return $data; } if ($id_group == 0) { - $id_group = array_keys (users_get_groups ($config['id_user'], "RR", false)); + $id_group = array_keys (users_get_groups ($config['id_user'], $access, false)); } // ----------------------------------------------------------------- @@ -1001,65 +1001,70 @@ function reporting_get_group_stats ($id_group = 0) { } if (!empty($group_array)) { + // FOR THE FUTURE: Split the groups into groups with tags restrictions and groups without it + // To calculate in the light way the non tag restricted and in the heavy way the others + /* + $group_restricted_data = tags_get_acl_tags($config['id_user'], $group_array, $access, 'data'); + $tags_restricted_groups = array_keys($group_restricted_data); - // Get unknown agents by using the status code in modules. + $no_tags_restricted_groups = $group_array; + foreach($no_tags_restricted_groups as $k => $v) { + if(in_array($v, $tags_restricted_groups)) { + unset($no_tags_restricted_groups[$k]); + } + } + */ + + if(!empty($group_array)) { + // Get unknown agents by using the status code in modules + $data["agents_unknown"] += groups_agent_unknown ($group_array); + + // Get monitor NOT INIT, except disabled AND async modules + $data["monitor_not_init"] += groups_monitor_not_init ($group_array); - $data["agents_unknown"] += groups_agent_unknown ($group_array); + // Get monitor OK, except disabled and non-init + $data["monitor_ok"] += groups_monitor_ok ($group_array); - // Get monitor NOT INIT, except disabled AND async modules - - $data["monitor_not_init"] += groups_monitor_not_init ($group_array); - - // Get monitor OK, except disabled and non-init + // Get monitor CRITICAL, except disabled and non-init + $data["monitor_critical"] += groups_monitor_critical ($group_array); + + // Get monitor WARNING, except disabled and non-init + $data["monitor_warning"] += groups_monitor_warning ($group_array); - $data["monitor_ok"] += groups_monitor_ok ($group_array); - - // Get monitor CRITICAL, except disabled and non-init - - $data["monitor_critical"] += groups_monitor_critical ($group_array); + // Get monitor UNKNOWN, except disabled and non-init + $data["monitor_unknown"] += groups_monitor_unknown ($group_array); + + // Get alerts configured, except disabled + $data["monitor_alerts"] += groups_monitor_alerts ($group_array) ; + + // Get alert configured currently FIRED, except disabled + $data["monitor_alerts_fired"] += groups_monitor_fired_alerts ($group_array); + + // Calculate totals using partial counts from above + + // Get TOTAL agents in a group + $data["total_agents"] += groups_total_agents ($group_array); - // Get monitor WARNING, except disabled and non-init + // Get TOTAL non-init modules, except disabled ones and async modules + $data["total_not_init"] += $data["monitor_not_init"]; - $data["monitor_warning"] += groups_monitor_warning ($group_array); - - // Get monitor UNKNOWN, except disabled and non-init - - $data["monitor_unknown"] += groups_monitor_unknown ($group_array); - - // Get alerts configured, except disabled - - $data["monitor_alerts"] += groups_monitor_alerts ($group_array) ; - - // Get alert configured currently FIRED, except disabled - - $data["monitor_alerts_fired"] += groups_monitor_fired_alerts ($group_array); - - // Calculate totals using partial counts from above - - // Get TOTAL agents in a group - $data["total_agents"] += groups_total_agents ($group_array); - - // Get TOTAL non-init modules, except disabled ones and async modules - - $data["total_not_init"] += $data["monitor_not_init"]; - - // Get Agents OK - $data["agent_ok"] += groups_agent_ok($group_array); - - // Get Agents Warning - $data["agent_warning"] += groups_agent_warning($group_array); - - // Get Agents Critical - $data["agent_critical"] += groups_agent_critical($group_array); - - // Get Agents Unknown - $data["agent_unknown"] += groups_agent_unknown($group_array); - - // Get Agents Not init - $data["agent_not_init"] += groups_agent_not_init($group_array); + // Get Agents OK + $data["agent_ok"] += groups_agent_ok($group_array); + + // Get Agents Warning + $data["agent_warning"] += groups_agent_warning($group_array); + + // Get Agents Critical + $data["agent_critical"] += groups_agent_critical($group_array); + + // Get Agents Unknown + $data["agent_unknown"] += groups_agent_unknown($group_array); + + // Get Agents Not init + $data["agent_not_init"] += groups_agent_not_init($group_array); + } // Get total count of monitors for this group, except disabled. - $data["monitor_checks"] = $data["monitor_not_init"] + $data["monitor_unknown"] + $data["monitor_warning"] + $data["monitor_critical"] + $data["monitor_ok"]; } diff --git a/pandora_console/include/functions_tags.php b/pandora_console/include/functions_tags.php index b9ce24ed6c..15f9339960 100644 --- a/pandora_console/include/functions_tags.php +++ b/pandora_console/include/functions_tags.php @@ -555,17 +555,423 @@ function tags_get_policy_module_tags ($id_policy_module){ * * @return mixed Array with tags. */ -function tags_get_all_tags () { +function tags_get_all_tags ($return_url = false) { $tags = db_get_all_fields_in_table('ttag', 'name'); if ($tags === false) return false; $return = array(); - foreach ($tags as $id => $tag) { - $return[$id] = $tag['name']; + foreach ($tags as $tag) { + $return[$tag['id_tag']] = $tag['name']; + if($return_url) { + $return[$tag['id_tag']] .= ' '.$tag['url']; + } } return $return; } + +/** + * Get the tags required + * + * @return mixed Array with tags. + */ +function tags_get_tags ($ids) { + $all_tags = tags_get_all_tags(true); + + $tags = array(); + foreach($ids as $id) { + if(isset($all_tags[$id])) { + $tags[$id] = $all_tags[$id]; + } + } + + return $tags; +} + +/** + * Give format to tags when go concatened with url. + * + * @param string name of tags serialized + * @param bool flag to return the url or not + * + * @return string Tags with url format + */ +function tags_get_tags_formatted ($tags_array, $get_url = true) { + if(!is_array($tags_array)) { + $tags_array = explode(',',$tags_array); + } + + $tags = array(); + foreach($tags_array as $t) { + $tag_url = explode(' ', trim($t)); + $tag = $tag_url[0]; + if(isset($tag_url[1]) && $tag_url[1] != '' && $get_url) { + $title = $tag_url[1]; + //$link = ''.html_print_image('images/zoom.png',true, array('alt' => $title, 'title' => $title)).''; + $link = '' . html_print_image('images/zoom.png', true, array('title' => __('Click here to open a popup window with URL tag'))) . ''; + + } + else { + $link = ''; + } + + $tags[] = $tag.$link; + } + + $tags = implode(',',$tags); + + $tags = str_replace(',',' , ',$tags); + + return $tags; +} + +/** + * Get the tags (more restrictive) of an access flag in a group + * + * @param string id of the user + * @param string id of the group + * @param string access flag (AR,AW...) + * @param string return_mode + * - 'data' for return array with groups and tags + * - 'module_condition' for return string with sql condition for tagente_module + * - 'event_condition' for return string with sql condition for tevento + * + * @return mixed/string Tag ids + */ + +function tags_get_acl_tags($id_user, $id_group, $access, $return_mode = 'module_condition', $query_prefix = '', $query_table = '') { + global $config; + if($id_user == false) { + $id_user = $config['id_user']; + } + + if (is_user_admin ($id_user)) { + switch($return_mode) { + case 'data': + return array(); + break; + case 'event_condition': + case 'module_condition': + return ""; + break; + } + } + + if((string)$id_group === "0") { + $id_group = array_keys(users_get_groups($id_user, $access, false)); + + if(empty($id_group)) { + return ERR_WRONG_PARAMETERS; + } + } + elseif(empty($id_group)) { + return ERR_WRONG_PARAMETERS; + } + elseif(!is_array($id_group)) { + $id_group = (array) $id_group; + } + + $acl_column = get_acl_column($access); + + if(empty($acl_column)) { + return ERR_WRONG_PARAMETERS; + } + + $query = sprintf("SELECT tags, id_grupo + FROM tusuario_perfil, tperfil + WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND + tusuario_perfil.id_usuario = '%s' AND + tperfil.%s = 1 AND + (tusuario_perfil.id_grupo IN (%s) OR tusuario_perfil.id_grupo = 0) + ORDER BY id_grupo", $id_user, $acl_column, implode(',',$id_group)); + $tags = db_get_all_rows_sql($query); + + // If not profiles returned, the user havent acl permissions + if(empty($tags)) { + return ERR_ACL; + } + + // Array to store groups where there arent tags restriction + $non_restriction_groups = array(); + + $acltags = array(); + foreach($tags as $tagsone) { + if(empty($tagsone['tags'])) { + // If there arent tags restriction in all groups (group 0), return no condition + if($tagsone['id_grupo'] == 0) { + switch($return_mode) { + case 'data': + return array(); + break; + case 'event_condition': + case 'module_condition': + return ""; + break; + } + } + + $non_restriction_groups[] = $tagsone['id_grupo']; + continue; + } + + $tags_array = explode(',',$tagsone['tags']); + + if(!isset($acltags[$tagsone['id_grupo']])) { + $acltags[$tagsone['id_grupo']] = $tags_array; + } + else { + $acltags[$tagsone['id_grupo']] = array_unique(array_merge($acltags[$tagsone['id_grupo']], $tags_array)); + } + } + + // Delete the groups without tag restrictions from the acl tags array + foreach($non_restriction_groups as $nrgroup) { + if(isset($acltags[$nrgroup])) { + unset($acltags[$nrgroup]); + } + } + + switch($return_mode) { + case 'data': + // Stop here and return the array + return $acltags; + break; + case 'module_condition': + // Return the condition of the tags for tagente_modulo table + $condition = tags_get_acl_tags_module_condition($acltags, $query_table); + if(!empty($condition)) { + return " $query_prefix ".$condition; + } + break; + case 'event_condition': + // Return the condition of the tags for tevento table + $condition = tags_get_acl_tags_event_condition($acltags); + + if(!empty($condition)) { + return " $query_prefix ".$condition; + } + break; + } + + return ""; +} + +/** + * Transform the acl_groups data into a SQL condition + * + * @param mixed acl_groups data calculated in tags_get_acl_tags function + * + * @return string SQL condition for tagente_module + */ + +function tags_get_acl_tags_module_condition($acltags, $modules_table = '') { + if(!empty($modules_table)) { + $modules_table .= '.'; + } + + $condition = ''; + foreach($acltags as $group_id => $group_tags) { + if($condition != '') { + $condition .= ' OR '; + } + + // Group condition (The module belongs to an agent of the group X) + $group_condition = sprintf('%sid_agente IN (SELECT id_agente FROM tagente WHERE id_grupo = %d)', $modules_table, $group_id); + // Tags condition (The module has at least one of the restricted tags) + $tags_condition = sprintf('%sid_agente_modulo IN (SELECT id_agente_modulo FROM ttag_module WHERE id_tag IN (%s))', $modules_table, implode(',',$group_tags)); + + $condition .= "($group_condition AND \n$tags_condition)\n"; + } + + if(!empty($condition)) { + $condition = sprintf("\n((%s) OR %sid_agente NOT IN (SELECT id_agente FROM tagente WHERE id_grupo IN (%s)))", $condition, $modules_table, implode(',',array_keys($acltags))); + } + + return $condition; +} + +/** + * Transform the acl_groups data into a SQL condition + * + * @param mixed acl_groups data calculated in tags_get_acl_tags function + * + * @return string SQL condition for tagente_module + */ + +function tags_get_acl_tags_event_condition($acltags) { + $condition = ''; + + // Get all tags of the system + $all_tags = tags_get_all_tags(false); + + foreach($acltags as $group_id => $group_tags) { + // Group condition (The module belongs to an agent of the group X) + $group_condition = sprintf('id_grupo = %d',$group_id); + + // Tags condition (The module has at least one of the restricted tags) + $tags_condition = ''; + foreach($group_tags as $tag) { + // If the tag ID doesnt exist, ignore + if(!isset($all_tags[$tag])) { + continue; + } + + if($tags_condition != '') { + $tags_condition .= " OR \n"; + } + + //~ // Add as condition all the posibilities of the serialized tags + //~ $tags_condition .= sprintf('tags LIKE "%s,%%"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s,%%"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%s %%"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s %%"',io_safe_input($all_tags[$tag])); + + $tags_condition .= sprintf('tags LIKE "%%%s%%"',io_safe_input($all_tags[$tag])); + } + + // If there is not tag condition ignore + if(empty($tags_condition)) { + continue; + } + + if($condition != '') { + $condition .= ' OR '; + } + + $condition .= "($group_condition AND \n($tags_condition))\n"; + } + + if(!empty($condition)) { + $condition = sprintf("\n((%s) OR id_grupo NOT IN (%s))", $condition, implode(',',array_keys($acltags))); + } + + return $condition; +} + +/** + * Get the tags of a user in an ACL flag + * + * @param string ID of the user (with false the user will be taked from config) + * @param string Access flag where check what tags have the user + * + * @return string SQL condition for tagente_module + */ +function tags_get_user_tags($id_user = false, $access = 'AR') { + global $config; + + if($id_user === false) { + $id_user = $config['id_user']; + } + + // Get all tags to have the name of all of them + $all_tags = tags_get_all_tags(); + + // If at least one of the profiles of this access flag hasent + // tags restrictions, the user can see all tags + $acl_column = get_acl_column($access); + + if(empty($acl_column)) { + return array(); + } + + $query = sprintf("SELECT count(*) + FROM tusuario_perfil, tperfil + WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND + tusuario_perfil.id_usuario = '%s' AND + tperfil.%s = 1 AND tags = ''", + $id_user, $acl_column); + + $profiles_without_tags = db_get_value_sql($query); + + if($profiles_without_tags > 0) { + return $all_tags; + } + + // Get the tags of the required access flag for each group + $tags = tags_get_acl_tags($id_user, 0, $access, 'data'); + + // Merge the tags to get an array with all of them + $user_tags_id = array(); + + foreach($tags as $t) { + if(empty($user_tags_id)) { + $user_tags_id = $t; + } + else { + $user_tags_id = array_unique(array_merge($t,$user_tags_id)); + } + } + + // Set the format id=>name to tags + $user_tags = array(); + foreach($user_tags_id as $id) { + if(!isset($all_tags[$id])) { + continue; + } + $user_tags[$id] = $all_tags[$id]; + } + + + return $user_tags; +} + +/** + * Check the ACLs with tags + * + * @param string ID of the user (with false the user will be taked from config) + * @param string id of the group (0 means for at least one) + * @param string access flag (AR,AW...) + * @param mixed tags to be checked (array() means for at least one) + * + * @return bool true if the acl check has success, false otherwise + */ +function tags_check_acl($id_user, $id_group, $access, $tags = array()) { + global $config; + + if($id_user === false) { + $id_user = $config['id_user']; + } + + $acls = tags_get_acl_tags($id_user, $id_group, $access, 'data'); + + // If there are wrong parameters or fail ACL check, return false + if($acls === ERR_WRONG_PARAMETERS || $acls === ERR_ACL) { + return false; + } + + // If there are not tags restrictions or tags passed, return true + if(empty($acls) || empty($tags)) { + return true; + } + + if($id_group > 0) { + if(isset($acls[$id_group])) { + foreach($tags as $tag) { + $tag = tags_get_id($tag); + + if(in_array($tag, $acls[$id_group])) { + return true; + } + } + } + else { + return false; + } + } + else { + foreach($acls as $acl_tags) { + foreach($tags as $tag) { + $tag = tags_get_id($tag); + if(in_array($tag, $acl_tags)) { + return true; + } + } + } + } + + return false; +} ?> diff --git a/pandora_console/include/functions_treeview.php b/pandora_console/include/functions_treeview.php index d76c0ea667..1838bdc919 100755 --- a/pandora_console/include/functions_treeview.php +++ b/pandora_console/include/functions_treeview.php @@ -14,6 +14,55 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. +function treeview_printAlertsTable($id_module, $console_url = '') { + global $config; + + $module_alerts = alerts_get_alerts_agent_module($id_module); + $module_name = db_get_value('nombre', 'tagente_modulo', 'id_agente_modulo', $id_module); + $agent_id = db_get_value('id_agente', 'tagente_modulo', 'id_agente_modulo', $id_module); + + if ($module_alerts === false) { + echo '

    '.__('There was a problem loading alerts').'

    '; + return; + } + + echo '
    '; + echo ''; + echo ''; + + echo ''; + echo ''; + + foreach($module_alerts as $module_alert) { + //Template name + echo ''; + $template_name = db_get_value('name','talert_templates','id',$module_alert['id_alert_template']); + echo ''; + $actions = alerts_get_alert_agent_module_actions($module_alert['id']); + echo ''; + } + echo '
    '.$module_name.'
    '.__('Template').''.__('Actions').'
    '.$template_name.''; + if(empty($actions)) { + echo ''.__('N/A').''; + } + else { + echo '
      '; + foreach($actions as $act) { + echo '
    • '; + echo $act['name']; + echo '
      • '; + } + echo '
    '; + } + echo '
    '; + + echo '
    '; + echo '
    '; + html_print_submit_button (__('Go to alerts detail'), 'upd_button', false, 'class="sub search"'); + echo '
    '; + echo '
    '; +} + function treeview_printTable($id_agente, $console_url = '') { global $config; @@ -181,7 +230,7 @@ function treeview_printTable($id_agente, $console_url = '') { echo '
    '; echo '
    '; - html_print_submit_button (__('Go to agent detail'), 'upd_button', false, 'class="sub upd"'); + html_print_submit_button (__('Go to agent detail'), 'upd_button', false, 'class="sub search"'); echo '
    '; echo '
    '; @@ -301,7 +350,7 @@ function treeview_getData ($type, $server=false) { $select_status = get_parameter('status', -1); //Get all groups - $avariableGroups = users_get_groups (); //db_get_all_rows_in_table('tgrupo', 'nombre'); + $avariableGroups = users_get_groups (); //Get all groups with agents $full_groups = db_get_all_rows_sql("SELECT DISTINCT id_grupo FROM tagente WHERE total_count > 0"); @@ -386,7 +435,6 @@ function treeview_getData ($type, $server=false) { $sql_search =''; } - switch ($type) { case 'os': $sql = agents_get_agents(array ( @@ -621,6 +669,8 @@ function treeview_getData ($type, $server=false) { if ($select_status != -1) $sql_search .= " AND estado = " . $select_status . " "; + $sql_search .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); + switch ($config["dbtype"]) { case "mysql": case "postgresql": @@ -645,7 +695,8 @@ function treeview_getData ($type, $server=false) { t1.id_agente_modulo = t3.id_agente_modulo AND t2.disabled = 0 AND t1.disabled = 0 AND - t3.utimestamp !=0 + t3.utimestamp !=0' . + $sql_search.' GROUP BY dbms_lob.substr(t1.nombre,4000,1) ORDER BY dbms_lob.substr(t1.nombre,4000,1) ASC'); break; @@ -653,20 +704,31 @@ function treeview_getData ($type, $server=false) { break; case 'tag': - $sql = 'SELECT DISTINCT ttag.name + // Restrict the tags showed to the user tags + $user_tags = tags_get_user_tags(); + if(empty($user_tags)) { + $user_tags_sql = ' AND 1 = 0'; + } + else { + $user_tags_sql = sprintf(' AND ttag.id_tag IN (%s)', implode(',', array_keys($user_tags))); + } + + if ($search_free == '') { + $search_sql = ''; + } + else { + $search_sql = sprintf(" AND tagente.nombre COLLATE utf8_general_ci LIKE '%%%s%%'", $search_free); + } + + $sql = "SELECT DISTINCT ttag.name FROM ttag, ttag_module, tagente, tagente_modulo WHERE ttag.id_tag = ttag_module.id_tag AND tagente.id_agente = tagente_modulo.id_agente AND tagente.disabled = 0 - AND ttag_module.id_agente_modulo = tagente_modulo.id_agente_modulo'; - if ($search_free != '') { - $sql = "SELECT DISTINCT ttag.name - FROM ttag, ttag_module, tagente, tagente_modulo - WHERE ttag.id_tag = ttag_module.id_tag - AND tagente.id_agente = tagente_modulo.id_agente - AND tagente.disabled = 0 - AND ttag_module.id_agente_modulo = tagente_modulo.id_agente_modulo AND tagente.nombre COLLATE utf8_general_ci LIKE '%$search_free%'"; - } + AND ttag_module.id_agente_modulo = tagente_modulo.id_agente_modulo" . + $search_sql . + $user_tags_sql; + $list = db_get_all_rows_sql($sql); break; } @@ -769,7 +831,7 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel else { $search_sql = ''; } - + //Extract all rows of data for each type switch ($type) { case 'group': @@ -865,10 +927,9 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel //"Load_articapandora_32_pandoraartica_Average" //result -> "Load Average" $name = str_replace(array('_articapandora_'.ord(' ').'_pandoraartica_', '_articapandora_'.ord('#').'_pandoraartica_','_articapandora_'.ord('/').'_pandoraartica_'),array(' ','#','/'),$id); - - $name = io_safe_input($name); - - + + $name = io_safe_input(io_safe_output($name)); + $sql = agents_get_agents(array ( 'order' => 'nombre COLLATE utf8_general_ci ASC', 'disabled' => 0, @@ -885,18 +946,33 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel WHERE nombre = \'%s\' AND disabled = 0 ) ', $name); + break; case 'tag': - $id = tags_get_id (pack ('H*', $id)); + if (defined ('METACONSOLE')) { + $id = tags_get_id (pack ('H*', $id)); + if ($id == '') { + return false; + } + } + if ($id === false) { return false; } + + if(empty($groups_sql)) { + $groups_condition = ' AND 1 = 0'; + } + else { + $groups_condition = sprintf(' AND tagente.id_grupo IN (%s)', $groups_sql); + } + $sql = "SELECT tagente.* FROM tagente, tagente_modulo, ttag_module WHERE tagente.id_agente = tagente_modulo.id_agente AND tagente_modulo.id_agente_modulo = ttag_module.id_agente_modulo - AND ttag_module.id_tag = " . $id; - + AND ttag_module.id_tag = " . $id . $groups_condition; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 'tagente_modulo'); break; } @@ -911,25 +987,27 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel // Get SQL for the second tree branch function treeview_getSecondBranchSQL ($fatherType, $id, $id_father) { global $config; - switch ($fatherType) { case 'group': $sql = 'SELECT * FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; case 'os': $sql = 'SELECT * FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; case 'module_group': $sql = 'SELECT * FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id . ' AND id_module_group = ' . $id_father; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; case 'policies': $whereQuery = ''; @@ -943,6 +1021,7 @@ function treeview_getSecondBranchSQL ($fatherType, $id, $id_father) { FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id . $whereQuery; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; default: case 'module': @@ -964,7 +1043,13 @@ function treeview_getSecondBranchSQL ($fatherType, $id, $id_father) { } break; case 'tag': - $id_father = tags_get_id ($id_father); + if (defined ('METACONSOLE')) { + $id_father = tags_get_id (pack ('H*', $id_father)); + if ($id == '') { + return false; + } + } + if ($id_father === false) { return false; } diff --git a/pandora_console/operation/events/events_list.php b/pandora_console/operation/events/events_list.php index a409986928..e7deb59fa2 100644 --- a/pandora_console/operation/events/events_list.php +++ b/pandora_console/operation/events/events_list.php @@ -128,7 +128,8 @@ if (is_ajax()) { return; } -$tags = tags_search_tag(false, false, true); +// Get the tags where the user have permissions in Events reading tasks +$tags = tags_get_user_tags($config['id_user'], 'ER'); // Error div for ajax messages echo "
    "; @@ -273,6 +274,18 @@ if (isset($filter_only_alert)) { $sql_post .= " AND event_type LIKE '%alert%'"; } +// Tags ACLS +if ($ev_group > 0 && in_array ($ev_group, array_keys ($groups))) { + $group_array = (array) $ev_group; +} +else { + $group_array = array_keys($groups); +} + +$tags_acls_condition = tags_get_acl_tags($config['id_user'], $group_array, 'ER', 'event_condition', 'AND'); + +$sql_post .= $tags_acls_condition; + $url = "index.php?sec=eventos&sec2=operation/events/events&search=" . rawurlencode(io_safe_input($search)) . "&event_type=" . $event_type . @@ -747,6 +760,9 @@ $idx = 0; foreach ($result as $event) { $data = array (); + // Clean url from events and store in array + $event['clean_tags'] = events_clean_tags($event['tags']); + //First pass along the class of this row $myclass = get_priority_class ($event["criticity"]); $table->rowclass[] = $myclass; @@ -978,25 +994,7 @@ foreach ($result as $event) { } if (in_array('tags',$show_fields)) { - if ($event["tags"] != '') { - $tag_array = explode(',', $event["tags"]); - $data[$i] = ''; - foreach ($tag_array as $tag_element) { - $blank_char_pos = strpos($tag_element, ' '); - $tag_name = substr($tag_element, 0, $blank_char_pos); - $tag_url = substr($tag_element, $blank_char_pos + 1); - $data[$i] .= ' ' .$tag_name; - if (!empty($tag_url)) { - $data[$i] .= ' ' . html_print_image('images/lupa.png', true, array('title' => __('Click here to open a popup window with URL tag'))) . ' '; - } - $data[$i] .= ','; - } - $data[$i] = rtrim($data[$i], ','); - } - else { - $data[$i] = ''; - } - + $data[$i] = tags_get_tags_formatted($event['tags']); $i++; } @@ -1024,7 +1022,7 @@ foreach ($result as $event) { //Actions $data[$i] = ''; // Validate event - if (($event["estado"] != 1) and (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1)) { + if (($event["estado"] != 1) && (tags_check_acl ($config["id_user"], $event["id_grupo"], "EW", $event['clean_tags']) == 1)) { $data[$i] .= ''; $data[$i] .= html_print_image ("images/ok.png", true, array ("title" => __('Validate event'))); @@ -1032,7 +1030,7 @@ foreach ($result as $event) { } // Delete event - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags']) == 1) { if($event['estado'] != 2) { $data[$i] .= ''; $data[$i] .= html_print_image ("images/cross.png", true, @@ -1052,12 +1050,12 @@ foreach ($result as $event) { $data[$i] .= ' '; $i++; - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags']) == 1) { //Checkbox // Class 'candeleted' must be the fist class to be parsed from javascript. Dont change $data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="candeleted chk_val"', true); } - else if (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1) { + else if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EW", $event['clean_tags']) == 1) { //Checkbox $data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="chk_val"', true); } @@ -1082,10 +1080,10 @@ if (!empty ($table->data)) { html_print_table ($table); echo '
    '; - if (check_acl ($config["id_user"], 0, "EW") == 1) { + if (tags_check_acl ($config["id_user"], 0, "EW", $event['clean_tags']) == 1) { html_print_button(__('Validate selected'), 'validate_button', false, 'validate_selected();', 'class="sub ok"'); } - if (check_acl ($config["id_user"], 0,"EM") == 1) { + if (tags_check_acl ($config["id_user"], 0,"EM", $event['clean_tags']) == 1) { html_print_button(__('Delete selected'), 'delete_button', false, 'delete_selected();', 'class="sub delete"'); ?> diff --git a/pandora_console/operation/users/user_edit.php b/pandora_console/operation/users/user_edit.php index a371ad51f0..32281b8712 100644 --- a/pandora_console/operation/users/user_edit.php +++ b/pandora_console/operation/users/user_edit.php @@ -312,6 +312,7 @@ $table->style[0] = 'font-weight: bold'; $table->style[1] = 'font-weight: bold'; $table->head[0] = __('Profile name'); $table->head[1] = __('Group'); +$table->head[2] = __('Tags'); $table->align = array(); $table->align[1] = 'center'; @@ -325,6 +326,12 @@ if ($result === false) { foreach ($result as $profile) { $data[0] = ''.profile_get_name ($profile["id_perfil"]).''; $data[1] = ui_print_group_icon ($profile["id_grupo"], true).' '; + + $tags_ids = explode(',',$profile["tags"]); + $tags = tags_get_tags($tags_ids); + + $data[2] = tags_get_tags_formatted($tags); + array_push ($table->data, $data); } diff --git a/pandora_console/pandoradb.data.oracle.sql b/pandora_console/pandoradb.data.oracle.sql index 879d88dae1..9c2f6eb27f 100644 --- a/pandora_console/pandoradb.data.oracle.sql +++ b/pandora_console/pandoradb.data.oracle.sql @@ -304,7 +304,8 @@ END;; -- BEGIN LOCK TABLE tusuario_perfil IN EXCLUSIVE MODE; -INSERT INTO tusuario_perfil VALUES (1,'admin',5,0,'admin',0); +INSERT INTO tusuario_perfil (id_up, id_usuario, id_perfil, id_grupo, assigned_by, id_policy) +VALUES (1,'admin',5,0,'admin',0); COMMIT; END;; diff --git a/pandora_console/pandoradb.data.postgreSQL.sql b/pandora_console/pandoradb.data.postgreSQL.sql index b2d0f85625..3d208f66f3 100644 --- a/pandora_console/pandoradb.data.postgreSQL.sql +++ b/pandora_console/pandoradb.data.postgreSQL.sql @@ -278,7 +278,8 @@ INSERT INTO "tusuario" ("id_user", "fullname", "firstname", "lastname", "middlen -- -- Dumping data for table "tusuario_perfil" -- -INSERT INTO "tusuario_perfil" VALUES (1,'admin',5,0,'admin',0); +INSERT INTO "tusuario_perfil" ("id_up", "id_usuario", "id_perfil", "id_grupo", "assigned_by", "id_policy") VALUES +(1,'admin',5,0,'admin',0); SELECT setval('tusuario_perfil_id_up_seq', (SELECT (SELECT MAX(id_up) FROM tusuario_perfil))); -- diff --git a/pandora_console/pandoradb.oracle.sql b/pandora_console/pandoradb.oracle.sql index 0701c1681a..907191ffb2 100644 --- a/pandora_console/pandoradb.oracle.sql +++ b/pandora_console/pandoradb.oracle.sql @@ -1015,7 +1015,8 @@ CREATE TABLE tusuario_perfil ( id_perfil NUMBER(10, 0) default 0 NOT NULL, id_grupo NUMBER(10, 0) default 0 NOT NULL, assigned_by VARCHAR2(100) default '', - id_policy NUMBER(10, 0) DEFAULT 0 NOT NULL + id_policy NUMBER(10, 0) DEFAULT 0 NOT NULL, + tags CLOB ); CREATE SEQUENCE tusuario_perfil_s INCREMENT BY 1 START WITH 1; CREATE OR REPLACE TRIGGER tusuario_perfil_inc BEFORE INSERT ON tusuario_perfil REFERENCING NEW AS NEW FOR EACH ROW BEGIN SELECT tusuario_perfil_s.nextval INTO :NEW.ID_UP FROM dual; END tusuario_perfil_inc;; diff --git a/pandora_console/pandoradb.postgreSQL.sql b/pandora_console/pandoradb.postgreSQL.sql index b178b0fbfe..16a5c4161f 100644 --- a/pandora_console/pandoradb.postgreSQL.sql +++ b/pandora_console/pandoradb.postgreSQL.sql @@ -879,7 +879,8 @@ CREATE TABLE "tusuario_perfil" ( "id_perfil" INTEGER NOT NULL default 0, "id_grupo" INTEGER NOT NULL default 0, "assigned_by" varchar(100) NOT NULL default '', - "id_policy" INTEGER DEFAULT 0 NOT NULL + "id_policy" INTEGER DEFAULT 0 NOT NULL, + "tags" text NOT NULL ); -- ----------------------------------------------------- diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index 6ceaeceb31..83ef30019a 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -974,6 +974,7 @@ CREATE TABLE IF NOT EXISTS `tusuario_perfil` ( `id_grupo` int(10) NOT NULL default '0', `assigned_by` varchar(100) NOT NULL default '', `id_policy` int(10) unsigned NOT NULL default '0', + `tags` text NOT NULL, PRIMARY KEY (`id_up`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index 4a7f595e69..c063ef8620 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -281,7 +281,7 @@ INSERT INTO `tusuario` (`id_user`, `fullname`, `firstname`, `lastname`, `middlen -- Dumping data for table `tusuario_perfil` -- -INSERT INTO `tusuario_perfil` VALUES (1,'admin',5,0,'admin',0); +INSERT INTO `tusuario_perfil` (`id_up`, `id_usuario`, `id_perfil`, `id_grupo`, `assigned_by`, `id_policy`) VALUES (1,'admin',5,0,'admin',0); -- -- Dumping data for table `tperfil`