diff --git a/pandora_agents/unix/DEBIAN/control b/pandora_agents/unix/DEBIAN/control index a0e9dd27f6..045e64391c 100644 --- a/pandora_agents/unix/DEBIAN/control +++ b/pandora_agents/unix/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-agent-unix -Version: 7.0NG.754-210521 +Version: 7.0NG.754-210524 Architecture: all Priority: optional Section: admin diff --git a/pandora_agents/unix/DEBIAN/make_deb_package.sh b/pandora_agents/unix/DEBIAN/make_deb_package.sh index 191fa502e0..f3df492a0a 100644 --- a/pandora_agents/unix/DEBIAN/make_deb_package.sh +++ b/pandora_agents/unix/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.754-210521" +pandora_version="7.0NG.754-210524" echo "Test if you has the tools for to make the packages." whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null diff --git a/pandora_agents/unix/pandora_agent b/pandora_agents/unix/pandora_agent index b6444182dc..021ee8e55d 100755 --- a/pandora_agents/unix/pandora_agent +++ b/pandora_agents/unix/pandora_agent @@ -1015,7 +1015,7 @@ my $Sem = undef; my $ThreadSem = undef; use constant AGENT_VERSION => '7.0NG.754'; -use constant AGENT_BUILD => '210521'; +use constant AGENT_BUILD => '210524'; # Agent log default file size maximum and instances use constant DEFAULT_MAX_LOG_SIZE => 600000; diff --git a/pandora_agents/unix/pandora_agent.redhat.spec b/pandora_agents/unix/pandora_agent.redhat.spec index 503d2d3015..874752b725 100644 --- a/pandora_agents/unix/pandora_agent.redhat.spec +++ b/pandora_agents/unix/pandora_agent.redhat.spec @@ -3,7 +3,7 @@ # %define name pandorafms_agent_unix %define version 7.0NG.754 -%define release 210521 +%define release 210524 Summary: Pandora FMS Linux agent, PERL version Name: %{name} diff --git a/pandora_agents/unix/pandora_agent.spec b/pandora_agents/unix/pandora_agent.spec index 83ab42a6bb..1439223b1f 100644 --- a/pandora_agents/unix/pandora_agent.spec +++ b/pandora_agents/unix/pandora_agent.spec @@ -3,7 +3,7 @@ # %define name pandorafms_agent_unix %define version 7.0NG.754 -%define release 210521 +%define release 210524 Summary: Pandora FMS Linux agent, PERL version Name: %{name} diff --git a/pandora_agents/unix/pandora_agent_installer b/pandora_agents/unix/pandora_agent_installer index 3c45c8f265..7450490f02 100755 --- a/pandora_agents/unix/pandora_agent_installer +++ b/pandora_agents/unix/pandora_agent_installer @@ -10,7 +10,7 @@ # ********************************************************************** PI_VERSION="7.0NG.754" -PI_BUILD="210521" +PI_BUILD="210524" OS_NAME=`uname -s` FORCE=0 diff --git a/pandora_agents/win32/installer/pandora.mpi b/pandora_agents/win32/installer/pandora.mpi index aad385a042..dd496ed43f 100644 --- a/pandora_agents/win32/installer/pandora.mpi +++ b/pandora_agents/win32/installer/pandora.mpi @@ -186,7 +186,7 @@ UpgradeApplicationID {} Version -{210521} +{210524} ViewReadme {Yes} diff --git a/pandora_agents/win32/pandora.cc b/pandora_agents/win32/pandora.cc index ce40bf37b0..9d89f4aa72 100644 --- a/pandora_agents/win32/pandora.cc +++ b/pandora_agents/win32/pandora.cc @@ -30,7 +30,7 @@ using namespace Pandora; using namespace Pandora_Strutils; #define PATH_SIZE _MAX_PATH+1 -#define PANDORA_VERSION ("7.0NG.754 Build 210521") +#define PANDORA_VERSION ("7.0NG.754 Build 210524") string pandora_path; string pandora_dir; diff --git a/pandora_agents/win32/versioninfo.rc b/pandora_agents/win32/versioninfo.rc index ff384ab202..f603ecfefb 100644 --- a/pandora_agents/win32/versioninfo.rc +++ b/pandora_agents/win32/versioninfo.rc @@ -11,7 +11,7 @@ BEGIN VALUE "LegalCopyright", "Artica ST" VALUE "OriginalFilename", "PandoraAgent.exe" VALUE "ProductName", "Pandora FMS Windows Agent" - VALUE "ProductVersion", "(7.0NG.754(Build 210521))" + VALUE "ProductVersion", "(7.0NG.754(Build 210524))" VALUE "FileVersion", "1.0.0.0" END END diff --git a/pandora_console/DEBIAN/control b/pandora_console/DEBIAN/control index 55dac40038..5d77e0a847 100644 --- a/pandora_console/DEBIAN/control +++ b/pandora_console/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-console -Version: 7.0NG.754-210521 +Version: 7.0NG.754-210524 Architecture: all Priority: optional Section: admin diff --git a/pandora_console/DEBIAN/make_deb_package.sh b/pandora_console/DEBIAN/make_deb_package.sh index 67b434af1b..263a5d1387 100644 --- a/pandora_console/DEBIAN/make_deb_package.sh +++ b/pandora_console/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.754-210521" +pandora_version="7.0NG.754-210524" package_pear=0 package_pandora=1 diff --git a/pandora_console/ajax.php b/pandora_console/ajax.php index 849a4e8567..f0032476e2 100644 --- a/pandora_console/ajax.php +++ b/pandora_console/ajax.php @@ -31,18 +31,18 @@ require 'vendor/autoload.php'; define('AJAX', true); -if (!defined('__PAN_XHPROF__')) { +if (defined('__PAN_XHPROF__') === false) { define('__PAN_XHPROF__', 0); } if (__PAN_XHPROF__ === 1) { - if (function_exists('tideways_xhprof_enable')) { + if (function_exists('tideways_xhprof_enable') === true) { tideways_xhprof_enable(); } } -if ((! file_exists('include/config.php')) - || (! is_readable('include/config.php')) +if (file_exists('include/config.php') === false + || is_readable('include/config.php') === false ) { exit; } @@ -57,11 +57,11 @@ require_once 'include/auth/mysql.php'; if (isset($config['console_log_enabled']) === true && $config['console_log_enabled'] == 1 ) { - ini_set('log_errors', 1); + ini_set('log_errors', true); ini_set('error_log', $config['homedir'].'/log/console.log'); } else { - ini_set('log_errors', 0); - ini_set('error_log', null); + ini_set('log_errors', false); + ini_set('error_log', ''); } // Sometimes input is badly retrieved from caller... @@ -98,8 +98,11 @@ if (isset($_GET['loginhash']) === true) { } } -// Auth class example: PandoraFMS\Dashboard\Manager. -$auth_class = io_safe_output(get_parameter('auth_class', null)); +// Another auth class example: PandoraFMS\Dashboard\Manager. +$auth_class = io_safe_output( + get_parameter('auth_class', 'PandoraFMS\User') +); + $public_hash = get_parameter('auth_hash', false); $public_login = false; // Check user. @@ -123,7 +126,7 @@ if (class_exists($auth_class) === false || $public_hash === false) { ob_start(); // Enterprise support. -if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php')) { +if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php') === true) { include_once ENTERPRISE_DIR.'/load_enterprise.php'; } @@ -141,12 +144,12 @@ if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) { ); } -if (is_metaconsole()) { +if (is_metaconsole() === true) { // Backward compatibility. define('METACONSOLE', true); } -if (file_exists($page)) { +if (file_exists($page) === true) { include_once $page; } else { echo '
Sorry! I can\'t find the page '.$page.'!'; @@ -171,7 +174,7 @@ if (isset($config['force_instant_logout']) === true header_remove('Set-Cookie'); setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/'); - if ($config['auth'] == 'saml') { + if ($config['auth'] === 'saml') { include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php'; $as = new SimpleSAML_Auth_Simple('PandoraFMS'); $as->logout(); diff --git a/pandora_console/extras/delete_files/delete_files.txt b/pandora_console/extras/delete_files/delete_files.txt index 2af20efb7d..24063c8601 100644 --- a/pandora_console/extras/delete_files/delete_files.txt +++ b/pandora_console/extras/delete_files/delete_files.txt @@ -90,3 +90,4 @@ enterprise/meta/advanced/synchronizing.alert.php enterprise/meta/advanced/synchronizing.user.php enterprise/meta/advanced/synchronizing.tag.php enterprise/meta/advanced/synchronizing.group.php +operation/visual_console/pure_ajax.php diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php index b03b55dd76..4bbd818c62 100755 --- a/pandora_console/godmode/reporting/visual_console_builder.php +++ b/pandora_console/godmode/reporting/visual_console_builder.php @@ -14,6 +14,8 @@ global $config; global $statusProcessInDB; +use PandoraFMS\User; + check_login(); require_once $config['homedir'].'/include/functions_visual_map.php'; @@ -753,8 +755,8 @@ if (!defined('METACONSOLE')) { $url_view = 'index.php?sec=screen&sec2=screens/screens&action=visualmap&pure=0&id_visualmap='.$idVisualConsole.'&refr='.$view_refresh; } -// Hash for auto-auth in public link -$hash = md5($config['dbpass'].$idVisualConsole.$config['id_user']); +// Hash for auto-auth in public link. +$hash = User::generatePublicHash(); $buttons = []; diff --git a/pandora_console/include/config_process.php b/pandora_console/include/config_process.php index 929554ed13..a542a6a4fe 100644 --- a/pandora_console/include/config_process.php +++ b/pandora_console/include/config_process.php @@ -20,7 +20,7 @@ /** * Pandora build version and version */ -$build_version = 'PC210521'; +$build_version = 'PC210524'; $pandora_version = 'v7.0NG.754'; // Do not overwrite default timezone set if defined. diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index 348e72424b..c1d7aeb404 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -3152,10 +3152,6 @@ function events_get_agent( } } - if (is_metaconsole() === true && empty($id_server) === false) { - $sql_where .= ' AND server_id = '.$id_server; - } - if ($show_summary_group) { return events_get_events_grouped( $sql_where, @@ -3169,7 +3165,7 @@ function events_get_agent( } else { return events_get_events_no_grouped( $sql_where, - (is_metaconsole() === true && empty($id_server) === false) ? true : false, + (is_metaconsole() === true && (int) $id_server === 0) ? true : false, $history ); } diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index e82bac98ce..b2d1edb62d 100755 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -1837,6 +1837,7 @@ function reporting_event_report_group( $content['name'] = __('Event Report Group'); } + $id_meta = 0; if (is_metaconsole() === true && empty($content['server_name']) === false) { $id_meta = metaconsole_get_id_server($content['server_name']); $server = metaconsole_get_connection_by_id($id_meta); @@ -1928,7 +1929,7 @@ function reporting_event_report_group( true, false, false, - false, + $id_meta, $filter_event_filter_exclude ); @@ -2176,10 +2177,6 @@ function reporting_event_report_module( ); } - if (is_metaconsole()) { - metaconsole_restore_db(); - } - $return['description'] = $content['description']; $return['show_extended_events'] = $content['show_extended_events']; $return['date'] = reporting_get_date_text($report, $content); @@ -2241,7 +2238,7 @@ function reporting_event_report_module( $return['data'] = array_reverse($data); } - if ($config['metaconsole']) { + if (is_metaconsole() === true) { metaconsole_restore_db(); } @@ -3242,10 +3239,6 @@ function reporting_event_report_agent( ); } - if ($config['metaconsole']) { - metaconsole_restore_db(); - } - $label = (isset($content['style']['label'])) ? $content['style']['label'] : ''; if ($label != '') { $label = reporting_label_macro( @@ -3292,9 +3285,14 @@ function reporting_event_report_agent( $filter_event_type, $filter_event_status, $filter_event_filter_search, - $filter_event_filter_exclude + $filter_event_filter_exclude, + $id_server ); + if (is_metaconsole() === true) { + metaconsole_restore_db(); + } + reporting_set_conf_charts( $width, $height, @@ -9580,12 +9578,21 @@ function reporting_get_module_detailed_event( * It construct a table object with all the grouped events happened in an agent * during a period of time. * - * @param mixed Agent id(s) to get the report from. - * @param int Period of time (in seconds) to get the report. - * @param int Beginning date (unixtime) of the report - * @param bool Flag to return or echo the report table (echo by default). + * @param mixed $id_agents Agent id(s) to get the report from. + * @param integer $period Period of time (in seconds) to get the report. + * @param integer $date Beginning date (unixtime) of the report. + * @param boolean $return Flag to return or echo the report table (echo by default). + * @param boolean $only_data Only data. + * @param boolean $history History. + * @param boolean $show_summary_group Show summary group. + * @param boolean $filter_event_severity Filter. + * @param boolean $filter_event_type Filter. + * @param boolean $filter_event_status Filter. + * @param boolean $filter_event_filter_search Filter. + * @param boolean $filter_event_filter_exclude Filter. + * @param integer $id_server Id server. * - * @return A table object (XHTML) + * @return array table object (XHTML) */ function reporting_get_agents_detailed_event( $id_agents, @@ -9599,7 +9606,8 @@ function reporting_get_agents_detailed_event( $filter_event_type=false, $filter_event_status=false, $filter_event_filter_search=false, - $filter_event_filter_exclude=false + $filter_event_filter_exclude=false, + $id_server=0 ) { global $config; @@ -9634,7 +9642,7 @@ function reporting_get_agents_detailed_event( false, false, false, - false, + $id_server, $filter_event_filter_exclude ); diff --git a/pandora_console/include/javascript/pandora_dashboards.js b/pandora_console/include/javascript/pandora_dashboards.js index efefaf1195..0b370deab7 100644 --- a/pandora_console/include/javascript/pandora_dashboards.js +++ b/pandora_console/include/javascript/pandora_dashboards.js @@ -1151,7 +1151,9 @@ function dashboardLoadVC(settings) { 300 * 1000, handleUpdate, beforeUpdate, - settings.size + settings.size, + settings.id_user, + settings.hash ); } diff --git a/pandora_console/include/javascript/pandora_visual_console.js b/pandora_console/include/javascript/pandora_visual_console.js index 30a3d3f795..0400ca56ad 100755 --- a/pandora_console/include/javascript/pandora_visual_console.js +++ b/pandora_console/include/javascript/pandora_visual_console.js @@ -17,6 +17,9 @@ * @param {function | null} onUpdate Callback which will be execuded when the Visual Console. * is updated. It will receive two arguments with the old and the new Visual Console's * data structure. + * @param {string|null} id_user User id given for public access. + * @param {string|null} hash Authorization hash given for public access. + * * @return {VisualConsole | null} The Visual Console instance or a null value. */ // eslint-disable-next-line no-unused-vars @@ -28,7 +31,9 @@ function createVisualConsole( updateInterval, onUpdate, beforeUpdate, - size + size, + id_user, + hash ) { if (container == null || props == null || items == null) return null; if (baseUrl == null) baseUrl = ""; @@ -46,6 +51,8 @@ function createVisualConsole( baseUrl, visualConsoleId, size, + id_user, + hash, function(error, data) { if (error) { //Remove spinner change VC. @@ -69,7 +76,7 @@ function createVisualConsole( "[API]", error.message ); - done(); + abortable.abort(); return; } @@ -651,6 +658,8 @@ function createVisualConsole( * Fetch a Visual Console's structure and its items. * @param {string} baseUrl Base URL to build the API path. * @param {number} vcId Identifier of the Visual Console. + * @param {string|null} id_user User id given for public access. + * @param {string|null} hash Authorization hash given for public access. * @param {function} callback Function to be executed on request success or fail. * On success, the function will receive an object with the next properties: * - `props`: object with the Visual Console's data structure. @@ -658,7 +667,7 @@ function createVisualConsole( * @return {Object} Cancellable. Object which include and .abort([statusText]) function. */ // eslint-disable-next-line no-unused-vars -function loadVisualConsoleData(baseUrl, vcId, size, callback) { +function loadVisualConsoleData(baseUrl, vcId, size, id_user, hash, callback) { // var apiPath = baseUrl + "/include/rest-api"; var apiPath = baseUrl + "/ajax.php"; var vcJqXHR = null; @@ -720,7 +729,9 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) { { page: "include/rest-api/index", getVisualConsole: 1, - visualConsoleId: vcId + visualConsoleId: vcId, + id_user: typeof id_user == undefined ? id_user : null, + auth_hash: typeof hash == undefined ? hash : null }, "json" ) @@ -735,7 +746,9 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) { page: "include/rest-api/index", getVisualConsoleItems: 1, size: size, - visualConsoleId: vcId + visualConsoleId: vcId, + id_user: typeof id_user == undefined ? id_user : null, + auth_hash: typeof hash == undefined ? hash : null }, "json" ) diff --git a/pandora_console/include/lib/Dashboard/Manager.php b/pandora_console/include/lib/Dashboard/Manager.php index be87ef8732..e72f292537 100644 --- a/pandora_console/include/lib/Dashboard/Manager.php +++ b/pandora_console/include/lib/Dashboard/Manager.php @@ -5,11 +5,12 @@ namespace PandoraFMS\Dashboard; use PandoraFMS\View; use PandoraFMS\Dashboard\Cell; +use PandoraFMS\PublicLogin; /** * Dashboard manager. */ -class Manager +class Manager implements PublicLogin { /** diff --git a/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php b/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php index 32a095e132..9bbd69d470 100644 --- a/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php +++ b/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php @@ -29,7 +29,7 @@ namespace PandoraFMS\Dashboard; // Load Visual Console. use Models\VisualConsole\Container as VisualConsole; - +use PandoraFMS\User; /** * Maps by users Widgets. */ @@ -498,6 +498,8 @@ class MapsMadeByUser extends Widget 'ratio' => $ratio_t, 'size' => $size, 'cellId' => $this->cellId, + 'hash' => User::generatePublicHash(), + 'id_user' => $config['id_user'], ] ); diff --git a/pandora_console/include/lib/PublicLogin.php b/pandora_console/include/lib/PublicLogin.php new file mode 100644 index 0000000000..b6124a62e7 --- /dev/null +++ b/pandora_console/include/lib/PublicLogin.php @@ -0,0 +1,61 @@ +idUser = $data['id_usuario']; @@ -113,4 +116,81 @@ class User } + /** + * Generates a hash to authenticate in public views. + * + * @param string|null $other_secret If you need to authenticate using a + * varable string, use this 'other_secret' to customize the hash. + * + * @return string Returns a hash with the authenticaction. + */ + public static function generatePublicHash(?string $other_secret=''):string + { + global $config; + + $str = $config['dbpass']; + $str .= $config['id_user']; + $str .= $other_secret; + return hash('sha256', $str); + } + + + /** + * Validates a hash to authenticate in public view. + * + * @param string $hash Hash to be checked. + * @param string $other_secret Any custom string needed for you. + * + * @return boolean Returns true if hash is valid. + */ + public static function validatePublicHash( + string $hash, + string $other_secret='' + ):bool { + global $config; + + if (isset($config['id_user']) === true) { + // Already logged in. + return true; + } + + $userFromParams = false; + // Try to get id_user from parameters if it is missing. + if (isset($config['id_user']) === false) { + $userFromParams = true; + $config['id_user'] = get_parameter('id_user', false); + // It is impossible to authenticate without an id user. + if ($config['id_user'] === false) { + unset($config['id_user']); + return false; + } + } else { + $config['public_access'] = false; + } + + // Build a hash to check. + $hashCheck = self::generatePublicHash($other_secret); + if ($hashCheck === $hash) { + // "Log" user in. + if (session_status() !== PHP_SESSION_ACTIVE) { + session_start(); + } + + $_SESSION['id_usuario'] = $config['id_user']; + session_write_close(); + + $config['public_access'] = true; + $config['force_instant_logout'] = true; + return true; + } + + // Remove id user from config array if authentication has failed. + if ($userFromParams === true) { + unset($config['id_user']); + } + + return false; + } + + } diff --git a/pandora_console/include/lib/Websockets/WebSocketUser.php b/pandora_console/include/lib/Websockets/WebSocketUser.php index bcbe30cc17..9ab6c9e5da 100644 --- a/pandora_console/include/lib/Websockets/WebSocketUser.php +++ b/pandora_console/include/lib/Websockets/WebSocketUser.php @@ -147,8 +147,8 @@ class WebSocketUser /** * Initializes a websocket user. * - * @param string $id Id of the new user. - * @param Socket $socket Socket where communication is stablished. + * @param string $id Id of the new user. + * @param \Socket $socket Socket where communication is stablished. */ public function __construct($id, $socket) { diff --git a/pandora_console/include/rest-api/models/VisualConsole/Item.php b/pandora_console/include/rest-api/models/VisualConsole/Item.php index c391917731..028551e09d 100644 --- a/pandora_console/include/rest-api/models/VisualConsole/Item.php +++ b/pandora_console/include/rest-api/models/VisualConsole/Item.php @@ -1071,9 +1071,8 @@ class Item extends CachedModel $mobile_navigation = false; - if (isset($_SERVER['PHP_SELF']) === true - && (strstr($_SERVER['PHP_SELF'], 'mobile/') !== false - || strstr($_SERVER['HTTP_REFERER'], 'mobile/') !== false) + if (strstr(($_SERVER['PHP_SELF'] ?? ''), 'mobile/') !== false + || strstr(($_SERVER['HTTP_REFERER'] ?? ''), 'mobile/') !== false ) { $mobile_navigation = true; } diff --git a/pandora_console/include/styles/alert.css b/pandora_console/include/styles/alert.css index eb8f2d7583..63b97a0414 100644 --- a/pandora_console/include/styles/alert.css +++ b/pandora_console/include/styles/alert.css @@ -2,6 +2,10 @@ display: inline-block; } +#rules { + display: block; +} + li#li-buttons-alert-list > div { margin-left: 10px; } @@ -132,11 +136,14 @@ div.target { width: 100%; } div.target.flex { - display: block; border: 2px dashed #ddd; margin-left: 0em; margin-top: 10px; padding: 1em; + display: flex; + flex-direction: row; + flex-wrap: wrap; + height: fit-content; } .fields, @@ -190,6 +197,8 @@ div#rules.show { font-weight: 600; background-color: #333; word-break: break-all; + height: fit-content; + min-height: 2.3em; } .field.opacityElements { @@ -215,6 +224,11 @@ div#rules.show { background-color: #82b92e; } +.variable:empty::before { + content: "empty"; + font-style: italic; +} + .modifier { background-color: #cba9d2; } diff --git a/pandora_console/install.php b/pandora_console/install.php index 9112b68b61..1298209bb4 100644 --- a/pandora_console/install.php +++ b/pandora_console/install.php @@ -129,7 +129,7 @@
\ No newline at end of file + diff --git a/pandora_console/operation/visual_console/legacy_public_view.php b/pandora_console/operation/visual_console/legacy_public_view.php index eae9f1767f..f7c23f8d00 100644 --- a/pandora_console/operation/visual_console/legacy_public_view.php +++ b/pandora_console/operation/visual_console/legacy_public_view.php @@ -15,7 +15,11 @@ // The session is configured and started inside the config process. require_once '../../include/config.php'; -// Set root on homedir, as defined in setup +require_once $config['homedir'].'/vendor/autoload.php'; + +use PandoraFMS\User; + +// Set root on homedir, as defined in setup. chdir($config['homedir']); ob_start(); @@ -61,10 +65,13 @@ $id_layout = (int) get_parameter('id_layout'); $graph_javascript = (bool) get_parameter('graph_javascript'); $config['id_user'] = get_parameter('id_user'); -$myhash = md5($config['dbpass'].$id_layout.$config['id_user']); - -// Check input hash -if ($myhash != $hash) { +// Check input hash. +if (User::validatePublicHash($hash) !== true) { + db_pandora_audit( + 'Invalid public visual console', + 'Trying to access public visual console' + ); + include 'general/noaccess.php'; exit; } diff --git a/pandora_console/operation/visual_console/legacy_view.php b/pandora_console/operation/visual_console/legacy_view.php index c9b4c086b2..3dab575425 100644 --- a/pandora_console/operation/visual_console/legacy_view.php +++ b/pandora_console/operation/visual_console/legacy_view.php @@ -13,6 +13,8 @@ // GNU General Public License for more details. global $config; +use PandoraFMS\User; + // Login check require_once $config['homedir'].'/include/functions_visual_map.php'; ui_require_css_file('visual_maps'); @@ -122,7 +124,9 @@ $options['consoles_list']['text'] = ', - handleUpdate + handleUpdate, + // BeforeUpdate. + null, + // Size. + null, + // User id. + "", + // Hash. + "" ); var controls = document.getElementById('vc-controls'); diff --git a/pandora_console/operation/visual_console/pure_ajax.php b/pandora_console/operation/visual_console/pure_ajax.php deleted file mode 100644 index 9ef9fe3f56..0000000000 --- a/pandora_console/operation/visual_console/pure_ajax.php +++ /dev/null @@ -1,314 +0,0 @@ -'.html_print_image( - 'images/visual_console.png', - true, - ['title' => __('Visual consoles list')] -).''; - -if ($vconsole_write || $vconsole_manage) { - $url_base = 'index.php?sec=network&sec2=godmode/reporting/visual_console_builder&action='; - - $hash = md5($config['dbpass'].$id_layout.$config['id_user']); - - $options['public_link']['text'] = ''.html_print_image( - 'images/camera_mc.png', - true, - [ - 'title' => __('Show link to public Visual Console'), - 'class' => 'invert_filter', - ] - ).''; - $options['public_link']['active'] = false; - - $options['data']['text'] = ''.html_print_image( - 'images/op_reporting.png', - true, - [ - 'title' => __('Main data'), - 'class' => 'invert_filter', - ] - ).''; - $options['list_elements']['text'] = ''.html_print_image( - 'images/list.png', - true, - [ - 'title' => __('List elements'), - 'class' => 'invert_filter', - ] - ).''; - - if (enterprise_installed()) { - $options['wizard_services']['text'] = ''.html_print_image( - 'images/wand_services.png', - true, - [ - 'title' => __('Services wizard'), - 'class' => 'invert_filter', - ] - ).''; - } - - $options['wizard']['text'] = ''.html_print_image( - 'images/wand.png', - true, - [ - 'title' => __('Wizard'), - 'class' => 'invert_filter', - ] - ).''; - $options['editor']['text'] = ''.html_print_image( - 'images/builder.png', - true, - [ - 'title' => __('Builder'), - 'class' => 'invert_filter', - ] - ).''; -} - -$options['view']['text'] = ''.html_print_image( - 'images/eye.png', - true, - [ - 'title' => __('View'), - 'class' => 'invert_filter', - ] -).''; -$options['view']['active'] = true; - -if (!is_metaconsole()) { - if (!$config['pure']) { - $options['pure']['text'] = ''.html_print_image( - 'images/full_screen.png', - true, - [ - 'title' => __('Full screen mode'), - 'class' => 'invert_filter', - ] - ).''; - ui_print_page_header($layout_name, 'images/visual_console.png', false, '', false, $options); - } - - // Set the hidden value for the javascript - html_print_input_hidden('metaconsole', 0); -} else { - // Set the hidden value for the javascript - html_print_input_hidden('metaconsole', 1); -} - - visual_map_print_visual_map( - $id_layout, - true, - true, - null, - null, - '', - false, - $graph_javascript - ); - - ?> - - - - \ No newline at end of file diff --git a/pandora_console/pandora_console.redhat.spec b/pandora_console/pandora_console.redhat.spec index b3110e168c..587c6c790d 100644 --- a/pandora_console/pandora_console.redhat.spec +++ b/pandora_console/pandora_console.redhat.spec @@ -3,7 +3,7 @@ # %define name pandorafms_console %define version 7.0NG.754 -%define release 210521 +%define release 210524 # User and Group under which Apache is running %define httpd_name httpd diff --git a/pandora_console/pandora_console.rhel7.spec b/pandora_console/pandora_console.rhel7.spec index 4a5fc9e715..3a885aae7f 100644 --- a/pandora_console/pandora_console.rhel7.spec +++ b/pandora_console/pandora_console.rhel7.spec @@ -3,7 +3,7 @@ # %define name pandorafms_console %define version 7.0NG.754 -%define release 210521 +%define release 210524 # User and Group under which Apache is running %define httpd_name httpd diff --git a/pandora_console/pandora_console.spec b/pandora_console/pandora_console.spec index 06d7a541ac..cb7e5c6578 100644 --- a/pandora_console/pandora_console.spec +++ b/pandora_console/pandora_console.spec @@ -3,7 +3,7 @@ # %define name pandorafms_console %define version 7.0NG.754 -%define release 210521 +%define release 210524 %define httpd_name httpd # User and Group under which Apache is running %define httpd_name apache2 diff --git a/pandora_console/vendor/composer/autoload_classmap.php b/pandora_console/vendor/composer/autoload_classmap.php index 21475c568b..934f8e77e2 100644 --- a/pandora_console/vendor/composer/autoload_classmap.php +++ b/pandora_console/vendor/composer/autoload_classmap.php @@ -321,6 +321,7 @@ return array( 'PandoraFMS\\Module' => $baseDir . '/include/lib/Module.php', 'PandoraFMS\\ModuleStatus' => $baseDir . '/include/lib/ModuleStatus.php', 'PandoraFMS\\ModuleType' => $baseDir . '/include/lib/ModuleType.php', + 'PandoraFMS\\PublicLogin' => $baseDir . '/include/lib/PublicLogin.php', 'PandoraFMS\\User' => $baseDir . '/include/lib/User.php', 'PandoraFMS\\View' => $baseDir . '/include/lib/View.php', 'PandoraFMS\\Websockets\\WSManager' => $baseDir . '/include/lib/Websockets/WSManager.php', diff --git a/pandora_console/vendor/composer/autoload_static.php b/pandora_console/vendor/composer/autoload_static.php index 1eaf7dedb8..fc522a2370 100644 --- a/pandora_console/vendor/composer/autoload_static.php +++ b/pandora_console/vendor/composer/autoload_static.php @@ -403,6 +403,7 @@ class ComposerStaticInitfdecadadce22e6dde51e9535fe4ad7aa 'PandoraFMS\\Module' => __DIR__ . '/../..' . '/include/lib/Module.php', 'PandoraFMS\\ModuleStatus' => __DIR__ . '/../..' . '/include/lib/ModuleStatus.php', 'PandoraFMS\\ModuleType' => __DIR__ . '/../..' . '/include/lib/ModuleType.php', + 'PandoraFMS\\PublicLogin' => __DIR__ . '/../..' . '/include/lib/PublicLogin.php', 'PandoraFMS\\User' => __DIR__ . '/../..' . '/include/lib/User.php', 'PandoraFMS\\View' => __DIR__ . '/../..' . '/include/lib/View.php', 'PandoraFMS\\Websockets\\WSManager' => __DIR__ . '/../..' . '/include/lib/Websockets/WSManager.php', diff --git a/pandora_server/DEBIAN/control b/pandora_server/DEBIAN/control index 17ea3f36f9..6627e82df5 100644 --- a/pandora_server/DEBIAN/control +++ b/pandora_server/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-server -Version: 7.0NG.754-210521 +Version: 7.0NG.754-210524 Architecture: all Priority: optional Section: admin diff --git a/pandora_server/DEBIAN/make_deb_package.sh b/pandora_server/DEBIAN/make_deb_package.sh index 33f1f4f967..762fc17f74 100644 --- a/pandora_server/DEBIAN/make_deb_package.sh +++ b/pandora_server/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.754-210521" +pandora_version="7.0NG.754-210524" package_cpan=0 package_pandora=1 diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index ec15f86c95..e52e4764b1 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -45,7 +45,7 @@ our @EXPORT = qw( # version: Defines actual version of Pandora Server for this module only my $pandora_version = "7.0NG.754"; -my $pandora_build = "210521"; +my $pandora_build = "210524"; our $VERSION = $pandora_version." ".$pandora_build; # Setup hash diff --git a/pandora_server/lib/PandoraFMS/PluginTools.pm b/pandora_server/lib/PandoraFMS/PluginTools.pm index 927d34eb5e..0776ee36d7 100644 --- a/pandora_server/lib/PandoraFMS/PluginTools.pm +++ b/pandora_server/lib/PandoraFMS/PluginTools.pm @@ -34,7 +34,7 @@ our @ISA = qw(Exporter); # version: Defines actual version of Pandora Server for this module only my $pandora_version = "7.0NG.754"; -my $pandora_build = "210521"; +my $pandora_build = "210524"; our $VERSION = $pandora_version." ".$pandora_build; our %EXPORT_TAGS = ( 'all' => [ qw() ] ); diff --git a/pandora_server/pandora_server.redhat.spec b/pandora_server/pandora_server.redhat.spec index abd371287a..af1008efd8 100644 --- a/pandora_server/pandora_server.redhat.spec +++ b/pandora_server/pandora_server.redhat.spec @@ -3,7 +3,7 @@ # %define name pandorafms_server %define version 7.0NG.754 -%define release 210521 +%define release 210524 Summary: Pandora FMS Server Name: %{name} diff --git a/pandora_server/pandora_server.spec b/pandora_server/pandora_server.spec index ed8148d8e3..deba06403b 100644 --- a/pandora_server/pandora_server.spec +++ b/pandora_server/pandora_server.spec @@ -3,7 +3,7 @@ # %define name pandorafms_server %define version 7.0NG.754 -%define release 210521 +%define release 210524 Summary: Pandora FMS Server Name: %{name} diff --git a/pandora_server/pandora_server_installer b/pandora_server/pandora_server_installer index de6776d5a2..2745df7b03 100755 --- a/pandora_server/pandora_server_installer +++ b/pandora_server/pandora_server_installer @@ -9,7 +9,7 @@ # ********************************************************************** PI_VERSION="7.0NG.754" -PI_BUILD="210521" +PI_BUILD="210524" MODE=$1 if [ $# -gt 1 ]; then diff --git a/pandora_server/util/pandora_db.pl b/pandora_server/util/pandora_db.pl index 4fce21053d..3696fde9d6 100755 --- a/pandora_server/util/pandora_db.pl +++ b/pandora_server/util/pandora_db.pl @@ -35,7 +35,7 @@ use PandoraFMS::Config; use PandoraFMS::DB; # version: define current version -my $version = "7.0NG.754 Build 210521"; +my $version = "7.0NG.754 Build 210524"; # Pandora server configuration my %conf; diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index f147280de5..fb44c7d7b2 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -36,7 +36,7 @@ use Encode::Locale; Encode::Locale::decode_argv; # version: define current version -my $version = "7.0NG.754 Build 210521"; +my $version = "7.0NG.754 Build 210524"; # save program name for logging my $progname = basename($0);