diff --git a/pandora_console/godmode/servers/manage_recontask.php b/pandora_console/godmode/servers/manage_recontask.php
index 226ac48771..022dc9457c 100644
--- a/pandora_console/godmode/servers/manage_recontask.php
+++ b/pandora_console/godmode/servers/manage_recontask.php
@@ -32,6 +32,9 @@ if (check_acl ($config['id_user'], 0, "AW")) {
$options[]['text'] = "" . html_print_image ("images/operation.png", true, array ("title" =>__('View'))) . "";
}
+$user_groups = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
+$user_groups = array_keys($user_groups);
+
// Headers
//ui_print_page_header (__('Manage recontask'), "images/gm_servers.png", false, "", true);
ui_print_page_header (__('Manage recontask'), "images/gm_servers.png", false, "", true, $options);
@@ -261,8 +264,8 @@ if ($result !== false) {
foreach ($result as $row) {
$data = array();
- $data[0] = ''.$row["name"].'';
-
+ //$data[0] = ''.$row["name"].'';
+ $data[0] = $row["name"];
if ($row["id_recon_script"] == 0)
$data[1] = $row["subnet"];
else
@@ -314,16 +317,21 @@ if ($result !== false) {
}
// ACTION
- $data[8] = '' . html_print_image("images/eye.png", true) . '';
- $data[8] .= '' . html_print_image("images/cross.png", true, array("border" => '0')) . '';
- $data[8] .= '' .html_print_image("images/config.png", true) . '';
+ $task_group = $row["id_group"];
+
+ if (in_array($task_group, $user_groups)){
+ $data[8] = '' . html_print_image("images/eye.png", true) . '';
+ $data[8] .= '' . html_print_image("images/cross.png", true, array("border" => '0')) . '';
+ $data[8] .= '' .html_print_image("images/config.png", true) . '';
- if($row["disabled"] == 0) {
- $data[8] .= '' .html_print_image("images/lightbulb.png", true) . '';
- }
- else {
- $data[8] .= '' .html_print_image("images/lightbulb_off.png", true) . '';
+ if($row["disabled"] == 0) {
+ $data[8] .= '' .html_print_image("images/lightbulb.png", true) . '';
+ }
+ else {
+ $data[8] .= '' .html_print_image("images/lightbulb_off.png", true) . '';
+ }
}
+
$table->data[] = $data;
}
diff --git a/pandora_console/godmode/servers/manage_recontask_form.php b/pandora_console/godmode/servers/manage_recontask_form.php
index d213efadbb..b05aa1a644 100644
--- a/pandora_console/godmode/servers/manage_recontask_form.php
+++ b/pandora_console/godmode/servers/manage_recontask_form.php
@@ -27,6 +27,9 @@ if (! check_acl ($config['id_user'], 0, "AW")) {
require_once ($config['homedir'].'/include/functions_users.php');
+$user_groups = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
+$user_groups = array_keys($user_groups);
+
if (is_ajax ()) {
$get_explanation = (bool) get_parameter('get_explanation', 0);
@@ -124,6 +127,13 @@ if (isset($_GET["update"]) || (isset($_GET["crt"]))) {
$name_script = db_get_value('name',
'trecon_script', 'id_recon_script', $id_recon_script);
+
+ if (! in_array($id_group, $user_groups)){
+ db_pandora_audit("ACL Violation",
+ "Trying to access Recon Task Management");
+ require ("general/noaccess.php");
+ return;
+ }
}
}
elseif (isset($_GET["create"]) || isset($_GET["crt"])) {