From 233470f6e44d7eb2525de584da0dd0c4ee02c5f3 Mon Sep 17 00:00:00 2001
From: juanmanuelr <noreply@pandorafms.org>
Date: Tue, 15 Feb 2011 13:17:26 +0000
Subject: [PATCH] 2011-02-15 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
* godmode/menu.php: "godmode > manage alert > commands" tab only
displayed when user privileges are "PM".
* pandoradb_data.sql
pandoradb.data.postgreSQL.sql: Changed "Alert management" field to 1 in
"Chief Operator" row of tperfil table.
* godmode/alerts/alert_templates.php: If user tries to delete a
template with group=ALL then must have "PM" access privileges.
* godmode/alerts/configure_alert_template.php: If user tries to duplicate
/edit a template with group=ALL then must have "PM" access privileges.
* godmode/alerts/alert_actions.php: If user tries to duplicate/delete an
action with group=ALL then must have "PM" access privileges.
* godmode/alerts/configure_alert_action.php: If user tries to edit an
action with group=ALL then must have "PM" access privileges.
Fixes: #3180735
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3845 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
pandora_console/ChangeLog | 18 +++++
.../godmode/alerts/alert_actions.php | 68 +++++++++++++++++--
.../godmode/alerts/alert_templates.php | 29 ++++++--
.../godmode/alerts/configure_alert_action.php | 22 +++++-
.../alerts/configure_alert_template.php | 30 +++++++-
pandora_console/godmode/menu.php | 7 +-
pandora_console/pandoradb.data.postgreSQL.sql | 2 +-
pandora_console/pandoradb_data.sql | 2 +-
8 files changed, 160 insertions(+), 18 deletions(-)
diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 37ae83717a..5a56c36e3c 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,21 @@
+2011-02-15 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
+
+ * godmode/menu.php: "godmode > manage alert > commands" tab only
+ displayed when user privileges are "PM".
+ * pandoradb_data.sql
+ pandoradb.data.postgreSQL.sql: Changed "Alert management" field to 1 in
+ "Chief Operator" row of tperfil table.
+ * godmode/alerts/alert_templates.php: If user tries to delete a
+ template with group=ALL then must have "PM" access privileges.
+ * godmode/alerts/configure_alert_template.php: If user tries to duplicate
+ /edit a template with group=ALL then must have "PM" access privileges.
+ * godmode/alerts/alert_actions.php: If user tries to duplicate/delete an
+ action with group=ALL then must have "PM" access privileges.
+ * godmode/alerts/configure_alert_action.php: If user tries to edit an
+ action with group=ALL then must have "PM" access privileges.
+
+ Fixes: #3180735
+
2011-02-15 Javier Lanz <javier.lanz@artica.es>
* godmode/users/configure_user.php: Truncated group name on user detail
editor
diff --git a/pandora_console/godmode/alerts/alert_actions.php b/pandora_console/godmode/alerts/alert_actions.php
index 7f9670e536..a2cc0dad9c 100644
--- a/pandora_console/godmode/alerts/alert_actions.php
+++ b/pandora_console/godmode/alerts/alert_actions.php
@@ -39,16 +39,37 @@ if (is_ajax ()) {
return;
}
-// Header
-print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
-
$update_action = (bool) get_parameter ('update_action');
$create_action = (bool) get_parameter ('create_action');
$delete_action = (bool) get_parameter ('delete_action');
$copy_action = (bool) get_parameter ('copy_action');
+if ((!$copy_action) && (!$delete_action))
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+
if ($copy_action) {
$id = get_parameter ('id');
+
+ $al_action = get_alert_action ($id);
+
+ if ($al_action !== false){
+ if ($al_action['id_group'] == 0){
+ if (! give_acl ($config['id_user'], 0, "PM")) {
+ pandora_audit("ACL Violation",
+ "Trying to access Alert Management");
+ require ("general/noaccess.php");
+ exit;
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+
$result = clone_alert_action ($id);
@@ -95,6 +116,25 @@ if ($create_action) {
if ($update_action) {
$id = (string) get_parameter ('id');
+
+ $al_action = get_alert_action ($id);
+
+ if ($al_action !== false){
+ if ($al_action['id_group'] == 0){
+ if (! give_acl ($config['id_user'], 0, "PM")) {
+ pandora_audit("ACL Violation",
+ "Trying to access Alert Management");
+ require ("general/noaccess.php");
+ exit;
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+ }
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+
+
$name = (string) get_parameter ('name');
$id_alert_command = (int) get_parameter ('id_command');
$field1 = (string) get_parameter ('field1');
@@ -129,7 +169,27 @@ if ($update_action) {
if ($delete_action) {
$id = get_parameter ('id');
-
+
+ $al_action = get_alert_action ($id);
+
+ if ($al_action !== false){
+ if ($al_action['id_group'] == 0){
+ if (! give_acl ($config['id_user'], 0, "PM")) {
+ pandora_audit("ACL Violation",
+ "Trying to access Alert Management");
+ require ("general/noaccess.php");
+ exit;
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
+
+
$result = delete_alert_action ($id);
if ($result) {
diff --git a/pandora_console/godmode/alerts/alert_templates.php b/pandora_console/godmode/alerts/alert_templates.php
index ee4aa22370..272fe3c24d 100644
--- a/pandora_console/godmode/alerts/alert_templates.php
+++ b/pandora_console/godmode/alerts/alert_templates.php
@@ -106,12 +106,14 @@ if (! give_acl ($config['id_user'], 0, "LM")) {
exit;
}
-// Header
-print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
-
$update_template = (bool) get_parameter ('update_template');
$delete_template = (bool) get_parameter ('delete_template');
+// This prevents to duplicate the header in case delete_templete action is performed
+if (!$delete_template)
+// Header
+print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
+
if ($update_template) {
$id = (int) get_parameter ('id');
@@ -129,9 +131,28 @@ if ($update_template) {
__('Could not be updated'));
}
+// If user tries to delete a template with group=ALL then must have "PM" access privileges
if ($delete_template) {
$id = get_parameter ('id');
-
+ $al_template = get_alert_template($id);
+
+ if ($al_template !== false){
+ if ($al_template['id_group'] == 0){
+ if (! give_acl ($config['id_user'], 0, "PM")) {
+ pandora_audit("ACL Violation",
+ "Trying to access Alert Management");
+ require ("general/noaccess.php");
+ exit;
+ }else
+ // Header
+ print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
+ }else
+ // Header
+ print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
+ }else
+ // Header
+ print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
+
$result = delete_alert_template ($id);
if ($result) {
diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php
index 246f064670..91650fe15f 100644
--- a/pandora_console/godmode/alerts/configure_alert_action.php
+++ b/pandora_console/godmode/alerts/configure_alert_action.php
@@ -29,6 +29,26 @@ if (! give_acl ($config['id_user'], 0, "LM")) {
$id = (int) get_parameter ('id');
+$al_action = get_alert_action ($id);
+
+if ($al_action !== false){
+ if ($al_action['id_group'] == 0){
+ if (! give_acl ($config['id_user'], 0, "PM")) {
+ pandora_audit("ACL Violation",
+ "Trying to access Alert Management");
+ require ("general/noaccess.php");
+ exit;
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
+
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
+}else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
+
$name = '';
$id_command = '';
$field1 = '';
@@ -45,8 +65,6 @@ if ($id) {
$field3 = $action['field3'];
$group = $action ['id_group'];
}
-// Header
-print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
$table->width = '90%';
$table->style = array ();
diff --git a/pandora_console/godmode/alerts/configure_alert_template.php b/pandora_console/godmode/alerts/configure_alert_template.php
index 18fe09d36f..71678a3cbf 100644
--- a/pandora_console/godmode/alerts/configure_alert_template.php
+++ b/pandora_console/godmode/alerts/configure_alert_template.php
@@ -26,13 +26,37 @@ if (! give_acl ($config['id_user'], 0, "LM")) {
exit;
}
-// Header
-print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true);
-
$duplicate_template = (bool) get_parameter ('duplicate_template');
$id = (int) get_parameter ('id');
+// If user tries to duplicate/edit a template with group=ALL then must have "PM" access privileges
+if ($duplicate_template) {
+ $source_id = (int) get_parameter ('source_id');
+ $a_template = get_alert_template($source_id);
+}else{
+ $a_template = get_alert_template($id);
+}
+
+if ($a_template !== false){
+ if ($a_template['id_group'] == 0){
+ if (! give_acl ($config['id_user'], 0, "PM")) {
+ pandora_audit("ACL Violation",
+ "Trying to access Alert Management");
+ require ("general/noaccess.php");
+ exit;
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true);
+ }else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true);
+// This prevents to duplicate the header in case duplicate/edit_template action is performed
+}else
+ // Header
+ print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true);
+
+
if ($duplicate_template) {
$source_id = (int) get_parameter ('source_id');
diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php
index 0f424e8c7c..3af77e783a 100644
--- a/pandora_console/godmode/menu.php
+++ b/pandora_console/godmode/menu.php
@@ -93,10 +93,11 @@ if (give_acl ($config['id_user'], 0, "LM")) {
$sub["godmode/alerts/alert_actions"]["text"] = __('Actions');
- $sub["godmode/alerts/alert_commands"]["text"] = __('Commands');
-
+ if (give_acl ($config['id_user'], 0, "PM")) {
+ $sub["godmode/alerts/alert_commands"]["text"] = __('Commands');
+ }
$sub["godmode/alerts/alert_compounds"]["text"] = __('Correlation');
-
+
$menu["galertas"]["sub"] = $sub;
}
diff --git a/pandora_console/pandoradb.data.postgreSQL.sql b/pandora_console/pandoradb.data.postgreSQL.sql
index 76416956d8..60a75e2872 100644
--- a/pandora_console/pandoradb.data.postgreSQL.sql
+++ b/pandora_console/pandoradb.data.postgreSQL.sql
@@ -246,7 +246,7 @@ INSERT INTO "tusuario_perfil" VALUES (1,'admin',5,0,'admin');
--
-- Dumping data for table "tperfil"
--
-INSERT INTO "tperfil" VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,0,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,0,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1);
+INSERT INTO "tperfil" VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,1,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,0,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1);
INSERT INTO "tnews" ("id_news", "author", "subject", "text", "timestamp") VALUES (1,'admin','Welcome to Pandora FMS 3.2!','This is the new Pandora FMS Console. A lot of new features have been added since last version. Please read the documentation about it, and feel free to test any option.\r\n\r\nThe Pandora FMS Team.',NOW()),
(2,'admin','New GIS Feature','Try our new GIS representation, activate GIS in Setup to see new available options.',NOW());
diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql
index b89a881cae..f5f24eb8e1 100644
--- a/pandora_console/pandoradb_data.sql
+++ b/pandora_console/pandoradb_data.sql
@@ -259,7 +259,7 @@ INSERT INTO `tusuario_perfil` VALUES (1,'admin',5,0,'admin');
-- Dumping data for table `tperfil`
--
-INSERT INTO `tperfil` VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,0,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,0,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1);
+INSERT INTO `tperfil` VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,0,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,1,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1);
INSERT INTO `tnews` VALUES (1,'admin','Welcome to Pandora FMS 3.2!','This is the new Pandora FMS Console. A l/ot of new features have been added since last version. Please read the documentation about it, and feel free to test any option.\r\n\r\nThe Pandora FMS Team.',NOW()),
(2,'admin','New GIS Feature','Try our new GIS representation, activate GIS in Setup to see new available options.',NOW());