From 139460946e7217b7cc3c7f552d75a6afe0398fb7 Mon Sep 17 00:00:00 2001
From: slerena <slerena@gmail.com>
Date: Tue, 12 Jun 2007 18:30:19 +0000
Subject: [PATCH] 2007-06-12  Sancho Lerena  <slerena@artica.es>

        * operation/reporting/reporting_viewer.php: Solved problems with ACL.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@508 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     |   2 +
 .../operation/reporting/reporting_viewer.php  | 395 +++++++++---------
 2 files changed, 202 insertions(+), 195 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 9c1dcc7d6a..2c245c6bb7 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,5 +1,7 @@
 2007-06-12  Sancho Lerena  <slerena@artica.es>
 
+        * operation/reporting/reporting_viewer.php: Solved problems with ACL.
+	
 	* operation/reporting/graph_viewer.php: ACL to delete graph
 	
 	* include/functions_reporting.php: Added event reporting and alert
diff --git a/pandora_console/operation/reporting/reporting_viewer.php b/pandora_console/operation/reporting/reporting_viewer.php
index 93f7b53a63..d839447200 100644
--- a/pandora_console/operation/reporting/reporting_viewer.php
+++ b/pandora_console/operation/reporting/reporting_viewer.php
@@ -27,8 +27,8 @@ if (comprueba_login() != 0) {
 	exit;
 }
 
-if ((give_acl($id_user,0,"AW") != 1 ) AND (dame_admin($id_user)!=1)) {
-	audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access graph builder");
+if ((give_acl($id_user,0,"AR") != 1 ) AND (dame_admin($id_user)!=1)) {
+	audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access graph builder");
 	include ("general/noaccess.php");
 	exit;
 }
@@ -45,205 +45,210 @@ require ("include/functions_reporting.php");
 
 $report_name = give_db_value ("name", "treport", "id_report", $id_report);
 $report_description = give_db_value ("description", "treport", "id_report", $id_report);
-//echo "SLA for Tato: %".return_module_SLA (50, 604800, 1, 1);
-echo "<h1>".$lang_label["custom_reporting"]." - ".$report_name."</h1>";
+$report_private= give_db_value ("private", "treport", "id_report", $id_report);
+$report_user = give_db_value ("id_user", "treport", "id_report", $id_report);
+if (($report_user == $id_user) OR (dame_admin($id_user)==1) OR ($report_private == 0)) {
+	//echo "SLA for Tato: %".return_module_SLA (50, 604800, 1, 1);
+	echo "<h1>".$lang_label["custom_reporting"]." - ".$report_name."</h1>";
 
-echo "<table class='databox' cellpadding= 4 cellspacing=4 width=750>";
-echo "<tr>";
-echo "<td width=50 align='left'><img src='images/reporting.png' width=32 height=32>";
-echo "<td>".$report_description."</td>";
-echo "</table>";
+	echo "<table class='databox' cellpadding= 4 cellspacing=4 width=750>";
+	echo "<tr>";
+	echo "<td width=50 align='left'><img src='images/reporting.png' width=32 height=32>";
+	echo "<td>".$report_description."</td>";
+	echo "</table>";
 
-echo "<table width=750 cellpadding=4 cellspacing=4 class='databox'>";
-$sql = "SELECT * FROM treport_content WHERE id_report = $id_report ORDER by type, id_agent_module DESC";
-$res=mysql_query($sql);
-while ($row = mysql_fetch_array($res)){
-	$type = $row["type"];
-	$sla_max = $row["sla_max"];
-	$sla_min = $row["sla_min"];
-	$sla_limit = $row["sla_limit"];
-	$id_agent_module = $row["id_agent_module"];
-	$period = $row["period"];
-	$id_gs = $row["id_gs"];
+	echo "<table width=750 cellpadding=4 cellspacing=4 class='databox'>";
+	$sql = "SELECT * FROM treport_content WHERE id_report = $id_report ORDER by type, id_agent_module DESC";
+	$res=mysql_query($sql);
+	while ($row = mysql_fetch_array($res)){
+		$type = $row["type"];
+		$sla_max = $row["sla_max"];
+		$sla_min = $row["sla_min"];
+		$sla_limit = $row["sla_limit"];
+		$id_agent_module = $row["id_agent_module"];
+		$period = $row["period"];
+		$id_gs = $row["id_gs"];
 
-	switch($type){
-		case 2: // SLA
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				$sla_result = format_numeric(return_module_SLA ($id_agent_module, $period, $sla_max, $sla_min), 2);
-				
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["SLA"]."</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr>";
-				echo "<td colspan=2 class=datos>";
-				echo "<font size='0.6em'>";
-				echo $lang_label["sla_max"]. " : ".$sla_max. "<br>";
-				echo $lang_label["sla_min"]. " : ".$sla_min. "<br>";
-				echo $lang_label["sla_limit"]. " : ".$sla_limit. "<br>";
-				echo "</font>";
-				echo "<td class=datos valign='middle' align='right' >";
-				if ($sla_result >= $sla_limit)
-					echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
-				else
-					echo "<p style='font: bold 3em Arial, Sans-serif; color: #ff0000;'>";
-				echo $sla_result. " %";
-				echo "</p>";
-				echo "</td></tr>";
-				break;
-		case 0: // Simple graph
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["simple_graph"]."</h4>";
-				echo "<td class='datos3'>";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' valign='top'>";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr><td colspan=3 class='datos' valign='top'>";
-				echo "<img src='reporting/fgraph.php?tipo=sparse&id=$id_agent_module&height=230&width=720&period=$period&avg_only=1&pure=1' border=0 alt=''>";
-				echo "</tr>";
-				break;
-		case 1: // Custom/Combined graph
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				$graph_name = give_db_value ("name", "tgraph", "id_graph", $id_gs);
-				$sql2="SELECT * FROM tgraph_source WHERE id_graph = $id_gs";
-				$res2=mysql_query($sql2);
-				while ( $row2 = mysql_fetch_array($res2)){
-					$weight = $row2["weight"];
-					$id_agent_module = $row2["id_agent_module"];
-					if (!isset($modules)){
-						$modules = $id_agent_module;
-						$weights = $weight;
-					} else {
-						$modules = $modules.",".$id_agent_module;
-						$weights = $weights.",".$weight;
+		switch($type){
+			case 2: // SLA
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					$sla_result = format_numeric(return_module_SLA ($id_agent_module, $period, $sla_max, $sla_min), 2);
+					
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["SLA"]."</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr>";
+					echo "<td colspan=2 class=datos>";
+					echo "<font size='0.6em'>";
+					echo $lang_label["sla_max"]. " : ".$sla_max. "<br>";
+					echo $lang_label["sla_min"]. " : ".$sla_min. "<br>";
+					echo $lang_label["sla_limit"]. " : ".$sla_limit. "<br>";
+					echo "</font>";
+					echo "<td class=datos valign='middle' align='right' >";
+					if ($sla_result >= $sla_limit)
+						echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
+					else
+						echo "<p style='font: bold 3em Arial, Sans-serif; color: #ff0000;'>";
+					echo $sla_result. " %";
+					echo "</p>";
+					echo "</td></tr>";
+					break;
+			case 0: // Simple graph
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["simple_graph"]."</h4>";
+					echo "<td class='datos3'>";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' valign='top'>";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr><td colspan=3 class='datos' valign='top'>";
+					echo "<img src='reporting/fgraph.php?tipo=sparse&id=$id_agent_module&height=230&width=720&period=$period&avg_only=1&pure=1' border=0 alt=''>";
+					echo "</tr>";
+					break;
+			case 1: // Custom/Combined graph
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					$graph_name = give_db_value ("name", "tgraph", "id_graph", $id_gs);
+					$sql2="SELECT * FROM tgraph_source WHERE id_graph = $id_gs";
+					$res2=mysql_query($sql2);
+					while ( $row2 = mysql_fetch_array($res2)){
+						$weight = $row2["weight"];
+						$id_agent_module = $row2["id_agent_module"];
+						if (!isset($modules)){
+							$modules = $id_agent_module;
+							$weights = $weight;
+						} else {
+							$modules = $modules.",".$id_agent_module;
+							$weights = $weights.",".$weight;
+						}
 					}
-				}
-				echo "<tr><td class=datos3 >";
-				echo "<h4>".$lang_label["custom_graph"]."</h4>";
-				echo "<td class=datos3>";
-				echo "<h4>$graph_name</h4>";
-				echo "<td class=datos3>";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr><td colspan=3 class=datos valign='top' align='right'>";
-				echo "<img src='reporting/fgraph.php?tipo=combined&id=$modules&weight_l=$weights&height=230&width=720&period=$period&pure=1' border=1 alt=''>";
-				echo "</tr>";
-				break;
-		case 6: // AVG value
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				$avg_value = format_for_graph(return_moduledata_avg_value ($id_agent_module, $period),2);
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["avg_value"]."</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr>";
-				echo "<td colspan=2 class=datos>";
-				echo "<td class=datos valign='middle' align='right' >";
-				echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
-				echo $avg_value;
-				echo "</p>";
-				echo "</td></tr>";
-				break;
-		case 7: // MAX value
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				$max_value = format_for_graph(return_moduledata_max_value ($id_agent_module, $period),2);
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["max_value"]."</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr>";
-				echo "<td colspan=2 class=datos>";
-				echo "<td class=datos valign='middle' align='right' >";
-				echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
-				echo $max_value;
-				echo "</p>";
-				echo "</td></tr>";
-				break;
-		case 8: // MIN value
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				$min_value = format_for_graph(return_moduledata_min_value ($id_agent_module, $period),2);
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["min_value"]."</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr>";
-				echo "<td colspan=2 class=datos>";
-				echo "<td class=datos valign='middle' align='right' >";
-				echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
-				echo $min_value;
-				echo "</p>";
-				echo "</td></tr>";
-				break;
-		case 5: // Monitor report
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				$monitor_value = $sla_result = format_numeric(return_module_SLA ($id_agent_module, $period, 1, 1), 2);
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["monitor_report"]."</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr>";
-				echo "<td colspan=2 class=datos>";
-				echo "<td class=datos valign='middle' align='right' >";
-				echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
-				echo $monitor_value." %"."<img src='images/b_green.gif' height=32 width=32>";
-				echo "</p>";
-				$monitor_value2 = 100 - $monitor_value ;
-				echo "<p style='font: bold 3em Arial, Sans-serif; color: #ff0000;'>";
-				echo $monitor_value2." %"."<img src='images/b_red.gif' height=32 width=32>";
-				echo "</p>";
-				echo "</td></tr>";
-				break;
-		case 3: // Event report
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					echo "<tr><td class=datos3 >";
+					echo "<h4>".$lang_label["custom_graph"]."</h4>";
+					echo "<td class=datos3>";
+					echo "<h4>$graph_name</h4>";
+					echo "<td class=datos3>";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr><td colspan=3 class=datos valign='top' align='right'>";
+					echo "<img src='reporting/fgraph.php?tipo=combined&id=$modules&weight_l=$weights&height=230&width=720&period=$period&pure=1' border=1 alt=''>";
+					echo "</tr>";
+					break;
+			case 6: // AVG value
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					$avg_value = format_for_graph(return_moduledata_avg_value ($id_agent_module, $period),2);
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["avg_value"]."</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr>";
+					echo "<td colspan=2 class=datos>";
+					echo "<td class=datos valign='middle' align='right' >";
+					echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
+					echo $avg_value;
+					echo "</p>";
+					echo "</td></tr>";
+					break;
+			case 7: // MAX value
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					$max_value = format_for_graph(return_moduledata_max_value ($id_agent_module, $period),2);
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["max_value"]."</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr>";
+					echo "<td colspan=2 class=datos>";
+					echo "<td class=datos valign='middle' align='right' >";
+					echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
+					echo $max_value;
+					echo "</p>";
+					echo "</td></tr>";
+					break;
+			case 8: // MIN value
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					$min_value = format_for_graph(return_moduledata_min_value ($id_agent_module, $period),2);
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["min_value"]."</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr>";
+					echo "<td colspan=2 class=datos>";
+					echo "<td class=datos valign='middle' align='right' >";
+					echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
+					echo $min_value;
+					echo "</p>";
+					echo "</td></tr>";
+					break;
+			case 5: // Monitor report
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					$monitor_value = $sla_result = format_numeric(return_module_SLA ($id_agent_module, $period, 1, 1), 2);
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["monitor_report"]."</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr>";
+					echo "<td colspan=2 class=datos>";
+					echo "<td class=datos valign='middle' align='right' >";
+					echo "<p style='font: bold 3em Arial, Sans-serif; color: #000000;'>";
+					echo $monitor_value." %"."<img src='images/b_green.gif' height=32 width=32>";
+					echo "</p>";
+					$monitor_value2 = 100 - $monitor_value ;
+					echo "<p style='font: bold 3em Arial, Sans-serif; color: #ff0000;'>";
+					echo $monitor_value2." %"."<img src='images/b_red.gif' height=32 width=32>";
+					echo "</p>";
+					echo "</td></tr>";
+					break;
+			case 3: // Event report
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
 
-				$id_agent = dame_agente_id ($agent_name);
-				
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["event_report"]."</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr>";
-				echo "<td colspan=3 class=datos>";
-				event_reporting ($id_agent, $period);
+					$id_agent = dame_agente_id ($agent_name);
+					
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["event_report"]."</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr>";
+					echo "<td colspan=3 class=datos>";
+					event_reporting ($id_agent, $period);
 
-				echo "</td></tr>";
-				break;
-		case 4: // Alert report
-				$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
-				$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
-				
-				echo "<tr><td class='datos3'>";
-				echo "<h4>".$lang_label["alert_report"]."</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>$agent_name - $module_name</h4>";
-				echo "<td class='datos3' >";
-				echo "<h4>".human_time_description($period)."</h4>";
-				echo "<tr>";
-				echo "<td colspan=3 class=datos>";
-				alert_reporting ($id_agent_module);
-				echo "</td></tr>";
-				break;
+					echo "</td></tr>";
+					break;
+			case 4: // Alert report
+					$module_name = give_db_value ("nombre", "tagente_modulo", "id_agente_modulo", $id_agent_module);
+					$agent_name = dame_nombre_agente_agentemodulo ($id_agent_module);
+					
+					echo "<tr><td class='datos3'>";
+					echo "<h4>".$lang_label["alert_report"]."</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>$agent_name - $module_name</h4>";
+					echo "<td class='datos3' >";
+					echo "<h4>".human_time_description($period)."</h4>";
+					echo "<tr>";
+					echo "<td colspan=3 class=datos>";
+					alert_reporting ($id_agent_module);
+					echo "</td></tr>";
+					break;
+		}
 	}
+	echo "</table>";
 }
-echo "</table>";
+
 ?>