From 3c3ff1a2e638f23cd897339ad737e5c1980a44a4 Mon Sep 17 00:00:00 2001 From: daniel Date: Tue, 30 Jan 2024 16:27:02 +0100 Subject: [PATCH] new api 2.0 --- pandora_console/api/v1/config/container.php | 5 + pandora_console/api/v1/public/swagger.json | 14 ++ pandora_console/include/functions_events.php | 1 - .../Controllers/GetEventCommentController.php | 2 +- .../lib/Modules/Events/Entities/Event.php | 18 +- .../Events/Entities/EventDataMapper.php | 6 +- .../DeleteEventFilterController.php | 2 +- .../Filters/Entities/EventFilterFilter.php | 33 ++++ .../Repositories/EventRepositoryMySQL.php | 4 +- .../Events/Validations/EventValidation.php | 4 +- .../Controllers/CreateGroupController.php | 2 +- .../Controllers/DeleteGroupController.php | 2 +- .../Groups/Controllers/GetGroupController.php | 2 + .../Controllers/ListGroupController.php | 2 + .../Controllers/UpdateGroupController.php | 2 +- .../lib/Modules/Groups/Entities/Group.php | 72 ++++++-- .../Groups/Repositories/GroupRepository.php | 57 +----- .../Repositories/GroupRepositoryMySQL.php | 164 ++++++++++++++++++ .../Controllers/CreateProfileController.php | 1 + .../Controllers/DeleteProfileController.php | 1 + .../Controllers/GetProfileController.php | 1 + .../Controllers/ListProfileController.php | 1 + .../Controllers/UpdateProfileController.php | 1 + .../Shared/Core/DataMapperAbstract.php | 2 +- .../Shared/Repositories/RepositoryMySQL.php | 4 +- .../Modules/Shared/Services/Management.php | 32 ++++ .../Shared/Services/ValidateAclSystem.php | 7 + .../Tags/Controllers/CreateTagController.php | 2 +- .../Tags/Controllers/DeleteTagController.php | 2 +- .../Tags/Controllers/GetTagController.php | 2 +- .../Tags/Controllers/ListTagController.php | 2 +- .../Tags/Controllers/UpdateTagController.php | 2 +- .../Controllers/CreateUserController.php | 4 + .../Controllers/DeleteUserController.php | 6 +- .../Users/Controllers/ListUserController.php | 2 + .../Controllers/UpdateUserController.php | 6 +- .../Repositories/UserRepositoryMySQL.php | 23 ++- .../Services/CheckOldPasswordUserService.php | 19 +- .../CreateUserProfileController.php | 2 +- .../DeleteUserProfileController.php | 2 + .../Controllers/GetUserProfileController.php | 2 + .../Controllers/ListUserProfileController.php | 2 + 42 files changed, 404 insertions(+), 116 deletions(-) create mode 100644 pandora_console/include/lib/Modules/Groups/Repositories/GroupRepositoryMySQL.php create mode 100644 pandora_console/include/lib/Modules/Shared/Services/Management.php diff --git a/pandora_console/api/v1/config/container.php b/pandora_console/api/v1/config/container.php index 8f917f758a..9d878e4337 100644 --- a/pandora_console/api/v1/config/container.php +++ b/pandora_console/api/v1/config/container.php @@ -2,6 +2,8 @@ use PandoraFMS\Modules\Events\Repositories\EventRepository; use PandoraFMS\Modules\Events\Repositories\EventRepositoryMySQL; +use PandoraFMS\Modules\Groups\Repositories\GroupRepository; +use PandoraFMS\Modules\Groups\Repositories\GroupRepositoryMySQL; use PandoraFMS\Modules\Shared\Repositories\Repository; use PandoraFMS\Modules\Shared\Repositories\RepositoryMySQL; use PandoraFMS\Modules\Users\Repositories\UserRepository; @@ -41,6 +43,9 @@ return [ UserRepository::class => function (ContainerInterface $container) { return $container->get(UserRepositoryMySQL::class); }, + GroupRepository::class => function (ContainerInterface $container) { + return $container->get(GroupRepositoryMySQL::class); + }, EventRepository::class => function (ContainerInterface $container) { return $container->get(EventRepositoryMySQL::class); }, diff --git a/pandora_console/api/v1/public/swagger.json b/pandora_console/api/v1/public/swagger.json index 80517d0b01..4a9b5a7317 100644 --- a/pandora_console/api/v1/public/swagger.json +++ b/pandora_console/api/v1/public/swagger.json @@ -2318,6 +2318,20 @@ "default": null, "nullable": true }, + "parentName": { + "description": "name group parent", + "type": "string", + "default": null, + "readOnly": "true", + "nullable": true + }, + "hasChild": { + "description": "Group has child", + "type": "boolean", + "default": null, + "readOnly": "true", + "nullable": true + }, "isPropagate": { "description": "Group propagate", "type": "boolean", diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index bce2a3a7fb..a3eea8a0fa 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -825,7 +825,6 @@ function events_get_all( ); } - hd($filter, true); $sql_filters = get_filter_date($filter); if (isset($filter['id_event']) === true && $filter['id_event'] > 0) { diff --git a/pandora_console/include/lib/Modules/Events/Comments/Controllers/GetEventCommentController.php b/pandora_console/include/lib/Modules/Events/Comments/Controllers/GetEventCommentController.php index afb22049bb..ecaee0fbf1 100644 --- a/pandora_console/include/lib/Modules/Events/Comments/Controllers/GetEventCommentController.php +++ b/pandora_console/include/lib/Modules/Events/Comments/Controllers/GetEventCommentController.php @@ -43,7 +43,7 @@ final class GetEventCommentController extends Controller $this->acl->validateUserGroups( $event->getIdGroup(), - 'EW', + 'ER', ' tried to manage event' ); diff --git a/pandora_console/include/lib/Modules/Events/Entities/Event.php b/pandora_console/include/lib/Modules/Events/Entities/Event.php index b7133124fe..6823dc15c2 100644 --- a/pandora_console/include/lib/Modules/Events/Entities/Event.php +++ b/pandora_console/include/lib/Modules/Events/Entities/Event.php @@ -271,7 +271,7 @@ final class Event extends Entity private ?EventTypeEnum $eventType = null; private ?int $idAgentModule = null; private ?int $idAlertAm = null; - private ?EventSeverityEnum $criticity = null; + private ?EventSeverityEnum $severity = null; private ?string $tags = null; private ?string $source = null; private ?string $idExtra = null; @@ -313,7 +313,7 @@ final class Event extends Entity 'eventType' => $this->getEventType()?->name, 'idAgentModule' => $this->getIdAgentModule(), 'idAlertAm' => $this->getIdAlertAm(), - 'criticity' => $this->getCriticity()?->name, + 'severity' => $this->getSeverity()?->name, 'tags' => $this->getTags(), 'source' => $this->getSource(), 'idExtra' => $this->getIdExtra(), @@ -361,7 +361,7 @@ final class Event extends Entity EventValidator::INTEGER, EventValidator::GREATEREQUALTHAN, ], - 'criticity' => EventValidator::VALIDSEVERITY, + 'severity' => EventValidator::VALIDSEVERITY, 'tags' => EventValidator::STRING, 'source' => EventValidator::STRING, 'idExtra' => EventValidator::STRING, @@ -505,16 +505,16 @@ final class Event extends Entity return $this; } - public function getCriticity(): ?EventSeverityEnum + public function getSeverity(): ?EventSeverityEnum { - return $this->criticity; + return $this->severity; } - public function setCriticity(null|string|EventSeverityEnum $criticity): self + public function setSeverity(null|string|EventSeverityEnum $severity): self { - if (is_string($criticity) === true) { - $this->criticity = EventSeverityEnum::get(strtoupper($criticity)); + if (is_string($severity) === true) { + $this->severity = EventSeverityEnum::get(strtoupper($severity)); } else { - $this->criticity = $criticity; + $this->severity = $severity; } return $this; diff --git a/pandora_console/include/lib/Modules/Events/Entities/EventDataMapper.php b/pandora_console/include/lib/Modules/Events/Entities/EventDataMapper.php index a0dc303757..72169989f5 100644 --- a/pandora_console/include/lib/Modules/Events/Entities/EventDataMapper.php +++ b/pandora_console/include/lib/Modules/Events/Entities/EventDataMapper.php @@ -24,7 +24,7 @@ final class EventDataMapper extends DataMapperAbstract public const EVENT_TYPE = 'event_type'; public const ID_AGENTMODULE = 'id_agentmodule'; public const ID_ALERT_AM = 'id_alert_am'; - public const CRITICITY = 'criticity'; + public const SEVERITY = 'criticity'; public const TAGS = 'tags'; public const SOURCE = 'source'; public const ID_EXTRA = 'id_extra'; @@ -67,7 +67,7 @@ final class EventDataMapper extends DataMapperAbstract 'eventType' => EventTypeEnum::get($data[self::EVENT_TYPE]), 'idAgentModule' => $data[self::ID_AGENTMODULE], 'idAlertAm' => $data[self::ID_ALERT_AM], - 'criticity' => EventSeverityEnum::get($data[self::CRITICITY]), + 'severity' => EventSeverityEnum::get($data[self::SEVERITY]), 'tags' => $data[self::TAGS], 'source' => $data[self::SOURCE], 'idExtra' => $data[self::ID_EXTRA], @@ -98,7 +98,7 @@ final class EventDataMapper extends DataMapperAbstract self::EVENT_TYPE => $data->getEventType()?->value, self::ID_AGENTMODULE => $data->getIdAgentModule(), self::ID_ALERT_AM => $data->getIdAlertAm(), - self::CRITICITY => $data->getCriticity()?->value, + self::SEVERITY => $data->getSeverity()?->value, self::TAGS => $data->getTags(), self::SOURCE => $data->getSource(), self::ID_EXTRA => $data->getIdExtra(), diff --git a/pandora_console/include/lib/Modules/Events/Filters/Controllers/DeleteEventFilterController.php b/pandora_console/include/lib/Modules/Events/Filters/Controllers/DeleteEventFilterController.php index ff369b9f3b..87261b3116 100644 --- a/pandora_console/include/lib/Modules/Events/Filters/Controllers/DeleteEventFilterController.php +++ b/pandora_console/include/lib/Modules/Events/Filters/Controllers/DeleteEventFilterController.php @@ -39,7 +39,7 @@ final class DeleteEventFilterController extends Controller $idEventFilter = $this->getParam($request, 'idEventFilter'); $eventFilter = $this->getEventFilterAction->__invoke($idEventFilter); - $this->acl->validate(0, 'EW', ' tried to write event'); + $this->acl->validate(0, 'EM', ' tried to write event'); $result = $this->deleteEventFilterAction->__invoke($eventFilter); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Events/Filters/Entities/EventFilterFilter.php b/pandora_console/include/lib/Modules/Events/Filters/Entities/EventFilterFilter.php index b336415016..be28bc4a8b 100644 --- a/pandora_console/include/lib/Modules/Events/Filters/Entities/EventFilterFilter.php +++ b/pandora_console/include/lib/Modules/Events/Filters/Entities/EventFilterFilter.php @@ -40,6 +40,7 @@ use PandoraFMS\Modules\Shared\Validators\Validator; final class EventFilterFilter extends FilterAbstract { private ?string $freeSearch = null; + private ?string $fieldAclGroupMysql = EventFilterDataMapper::ID_GROUP; public function __construct() { @@ -154,4 +155,36 @@ final class EventFilterFilter extends FilterAbstract return [EventFilterDataMapper::NAME]; } + /** + * Get the value of fieldAclGroupMysql. + * + * @return ?string + */ + public function getFieldAclGroupMysql(): ?string + { + return $this->fieldAclGroupMysql; + } + + /** + * Set the value of fieldAclGroupMysql. + * + * @param ?string $fieldAclGroupMysql + * + */ + public function setFieldAclGroupMysql(?string $fieldAclGroupMysql): self + { + $this->fieldAclGroupMysql = $fieldAclGroupMysql; + + return $this; + } + + /** + * Get the value of mode for check ACL. + * + * @return ?string + */ + public function getModeAclGroupMysql(): ?string + { + return ''; + } } diff --git a/pandora_console/include/lib/Modules/Events/Repositories/EventRepositoryMySQL.php b/pandora_console/include/lib/Modules/Events/Repositories/EventRepositoryMySQL.php index aa398618d7..090f921ea7 100644 --- a/pandora_console/include/lib/Modules/Events/Repositories/EventRepositoryMySQL.php +++ b/pandora_console/include/lib/Modules/Events/Repositories/EventRepositoryMySQL.php @@ -121,8 +121,8 @@ class EventRepositoryMySQL extends RepositoryMySQL implements EventRepository public function create(Event $event): Event { - $this->__create($event, $this->eventDataMapper); - return $event; + $id = $this->__create($event, $this->eventDataMapper); + return $event->setIdEvent($id); } public function update(Event $event): Event diff --git a/pandora_console/include/lib/Modules/Events/Validations/EventValidation.php b/pandora_console/include/lib/Modules/Events/Validations/EventValidation.php index 48f2bf76b4..d5c62964b6 100644 --- a/pandora_console/include/lib/Modules/Events/Validations/EventValidation.php +++ b/pandora_console/include/lib/Modules/Events/Validations/EventValidation.php @@ -75,8 +75,8 @@ final class EventValidation $event->setIdAlertAm(0); } - if ($event->getCriticity() === null) { - $event->setCriticity(EventSeverityEnum::MAINTENANCE); + if ($event->getSeverity() === null) { + $event->setSeverity(EventSeverityEnum::MAINTENANCE); } if ($event->getOwnerUser() === null) { diff --git a/pandora_console/include/lib/Modules/Groups/Controllers/CreateGroupController.php b/pandora_console/include/lib/Modules/Groups/Controllers/CreateGroupController.php index cc6faccc23..3f4f5a2477 100644 --- a/pandora_console/include/lib/Modules/Groups/Controllers/CreateGroupController.php +++ b/pandora_console/include/lib/Modules/Groups/Controllers/CreateGroupController.php @@ -38,7 +38,7 @@ final class CreateGroupController extends Controller // @var Group $group. $group = $this->fromRequest($request, Group::class); - $this->acl->validate(0, 'UM', ' tried to manage user'); + $this->acl->validate(0, 'UM', ' tried to manage user for groups'); $result = $this->createGroupAction->__invoke($group); diff --git a/pandora_console/include/lib/Modules/Groups/Controllers/DeleteGroupController.php b/pandora_console/include/lib/Modules/Groups/Controllers/DeleteGroupController.php index 5cc8f39316..84c880db58 100644 --- a/pandora_console/include/lib/Modules/Groups/Controllers/DeleteGroupController.php +++ b/pandora_console/include/lib/Modules/Groups/Controllers/DeleteGroupController.php @@ -39,7 +39,7 @@ final class DeleteGroupController extends Controller $idGroup = $this->getParam($request, 'idGroup'); $group = $this->getGroupAction->__invoke($idGroup); - $this->acl->validate(0, 'UM', ' tried to manage user'); + $this->acl->validate(0, 'UM', ' tried to manage user for groups'); $result = $this->deleteGroupAction->__invoke($group); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Groups/Controllers/GetGroupController.php b/pandora_console/include/lib/Modules/Groups/Controllers/GetGroupController.php index dfe202ce75..032a15eb03 100644 --- a/pandora_console/include/lib/Modules/Groups/Controllers/GetGroupController.php +++ b/pandora_console/include/lib/Modules/Groups/Controllers/GetGroupController.php @@ -36,6 +36,8 @@ final class GetGroupController extends Controller { $idGroup = $this->getParam($request, 'idGroup'); + $this->acl->validate(0, 'AR', ' tried to read agents for groups'); + $result = $this->getGroupAction->__invoke($idGroup); return $this->getResponse($response, $result); } diff --git a/pandora_console/include/lib/Modules/Groups/Controllers/ListGroupController.php b/pandora_console/include/lib/Modules/Groups/Controllers/ListGroupController.php index 1df772c42d..31850053b8 100644 --- a/pandora_console/include/lib/Modules/Groups/Controllers/ListGroupController.php +++ b/pandora_console/include/lib/Modules/Groups/Controllers/ListGroupController.php @@ -66,6 +66,8 @@ final class ListGroupController extends Controller // @var GroupFilter $groupFilter. $groupFilter = $this->fromRequest($request, GroupFilter::class); + $this->acl->validate(0, 'AR', ' tried to read agents for groups'); + $result = $this->listGroupAction->__invoke($groupFilter); return $this->getResponse($response, $result); } diff --git a/pandora_console/include/lib/Modules/Groups/Controllers/UpdateGroupController.php b/pandora_console/include/lib/Modules/Groups/Controllers/UpdateGroupController.php index 5af1d042e7..14be288e86 100644 --- a/pandora_console/include/lib/Modules/Groups/Controllers/UpdateGroupController.php +++ b/pandora_console/include/lib/Modules/Groups/Controllers/UpdateGroupController.php @@ -44,7 +44,7 @@ final class UpdateGroupController extends Controller $params = $this->extractParams($request); $group->fromArray($params); - $this->acl->validate(0, 'UM', ' tried to manage user'); + $this->acl->validate(0, 'UM', ' tried to manage user for groups'); $result = $this->updateGroupAction->__invoke($group, $oldGroup); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Groups/Entities/Group.php b/pandora_console/include/lib/Modules/Groups/Entities/Group.php index 7ce38faf36..bcc37d17cf 100644 --- a/pandora_console/include/lib/Modules/Groups/Entities/Group.php +++ b/pandora_console/include/lib/Modules/Groups/Entities/Group.php @@ -39,6 +39,22 @@ use PandoraFMS\Modules\Shared\Validators\Validator; * description="Id Group parent", * ), * @OA\Property( + * property="parentName", + * type="string", + * nullable=true, + * default=null, + * description="name group parent", + * readOnly="true" + * ), + * @OA\Property( + * property="hasChild", + * type="boolean", + * nullable=true, + * default=null, + * description="Group has child", + * readOnly="true" + * ), + * @OA\Property( * property="isPropagate", * type="boolean", * nullable=false, @@ -145,6 +161,8 @@ final class Group extends Entity private ?string $name = null; private ?string $icon = null; private ?int $parent = null; + private ?string $parentName = null; + private ?bool $haschild = null; private ?bool $isPropagate = null; private ?bool $isAlertEnabled = null; private ?string $customId = null; @@ -167,18 +185,20 @@ final class Group extends Entity public function jsonSerialize(): mixed { return [ - 'idGroup' => $this->getIdGroup(), - 'name' => $this->getName(), - 'icon' => $this->getIcon(), - 'parent' => $this->getParent(), - 'isPropagate' => $this->getIsPropagate(), - 'isAlertEnabled' => $this->getIsAlertEnabled(), - 'customId' => $this->getCustomId(), - 'idSkin' => $this->getIdSkin(), - 'description' => $this->getDescription(), - 'contact' => $this->getContact(), - 'other' => $this->getOther(), - 'maxAgents' => $this->getMaxAgents(), + 'idGroup' => $this->getIdGroup(), + 'name' => $this->getName(), + 'icon' => $this->getIcon(), + 'parent' => $this->getParent(), + 'parentName' => $this->getParentName(), + 'hasChild' => $this->getHasChild(), + 'isPropagate' => $this->getIsPropagate(), + 'isAlertEnabled' => $this->getIsAlertEnabled(), + 'customId' => $this->getCustomId(), + 'idSkin' => $this->getIdSkin(), + 'description' => $this->getDescription(), + 'contact' => $this->getContact(), + 'other' => $this->getOther(), + 'maxAgents' => $this->getMaxAgents(), ]; } @@ -195,10 +215,10 @@ final class Group extends Entity Validator::INTEGER, Validator::GREATEREQUALTHAN, ], - 'isPropagate' => Validator::BOOLEAN, - 'isAlertEnabled' => Validator::BOOLEAN, - 'customId' => Validator::STRING, - 'idSkin' => [ + 'isPropagate' => Validator::BOOLEAN, + 'isAlertEnabled' => Validator::BOOLEAN, + 'customId' => Validator::STRING, + 'idSkin' => [ Validator::INTEGER, Validator::GREATEREQUALTHAN, ], @@ -346,4 +366,24 @@ final class Group extends Entity $this->maxAgents = $maxAgents; return $this; } + + public function getParentName(): ?string + { + return $this->parentName; + } + public function setParentName(?string $parentName): self + { + $this->parentName = $parentName; + return $this; + } + + public function getHaschild(): ?bool + { + return $this->haschild; + } + public function setHaschild(?bool $haschild): self + { + $this->haschild = $haschild; + return $this; + } } diff --git a/pandora_console/include/lib/Modules/Groups/Repositories/GroupRepository.php b/pandora_console/include/lib/Modules/Groups/Repositories/GroupRepository.php index c60a569c8f..9f31a76131 100644 --- a/pandora_console/include/lib/Modules/Groups/Repositories/GroupRepository.php +++ b/pandora_console/include/lib/Modules/Groups/Repositories/GroupRepository.php @@ -3,63 +3,22 @@ namespace PandoraFMS\Modules\Groups\Repositories; use PandoraFMS\Modules\Groups\Entities\Group; -use PandoraFMS\Modules\Groups\Entities\GroupDataMapper; use PandoraFMS\Modules\Groups\Entities\GroupFilter; -use PandoraFMS\Modules\Shared\Repositories\Repository; -class GroupRepository +interface GroupRepository { - public function __construct( - private Repository $repository, - private GroupDataMapper $groupDataMapper - ) { - } - /** * @return Group[], - */ - public function list(GroupFilter $groupFilter): array - { - return $this->repository->__list( - $groupFilter, - $this->groupDataMapper - ); - } + */ + public function list(GroupFilter $groupFilter): array; - public function count(GroupFilter $groupFilter): int - { - return $this->repository->__count( - $groupFilter, - $this->groupDataMapper - ); - } + public function count(GroupFilter $groupFilter): int; - public function getOne(GroupFilter $groupFilter): Group - { - return $this->repository->__getOne( - $groupFilter, - $this->groupDataMapper - ); - } + public function getOne(GroupFilter $groupFilter): Group; - public function create(Group $group): Group - { - $id = $this->repository->__create($group, $this->groupDataMapper); - return $group->setIdGroup($id); - } + public function create(Group $group): Group; - public function update(Group $group): Group - { - return $this->repository->__update( - $group, - $this->groupDataMapper, - $group->getIdGroup() - ); - } - - public function delete(int $id): void - { - $this->repository->__delete($id, $this->groupDataMapper); - } + public function update(Group $group): Group; + public function delete(int $id): void; } diff --git a/pandora_console/include/lib/Modules/Groups/Repositories/GroupRepositoryMySQL.php b/pandora_console/include/lib/Modules/Groups/Repositories/GroupRepositoryMySQL.php new file mode 100644 index 0000000000..6915ac6de6 --- /dev/null +++ b/pandora_console/include/lib/Modules/Groups/Repositories/GroupRepositoryMySQL.php @@ -0,0 +1,164 @@ +getGroupsQuery($groupFilter, $this->groupDataMapper); + $list = $this->dbGetAllRowsSql($sql); + } catch (\Throwable $th) { + // Capture errors mysql. + throw new InvalidArgumentException( + strip_tags($th->getMessage()), + HttpCodesEnum::INTERNAL_SERVER_ERROR + ); + } + + if (is_array($list) === false) { + throw new NotFoundException(__('%s not found', $this->groupDataMapper->getStringNameClass())); + } + + $result = []; + foreach ($list as $fields) { + $result[] = $this->groupDataMapper->fromDatabase($fields); + } + + return $result; + } + + public function count(GroupFilter $groupFilter): int + { + $sql = $this->getGroupsQuery($groupFilter, $this->groupDataMapper, true); + try { + $count = $this->dbGetValueSql($sql); + } catch (\Throwable $th) { + // Capture errors mysql. + throw new InvalidArgumentException( + strip_tags($th->getMessage()), + HttpCodesEnum::INTERNAL_SERVER_ERROR + ); + } + + return (int) $count; + } + + public function getOne(GroupFilter $groupFilter): Group + { + try { + $sql = $this->getGroupsQuery($groupFilter, $this->groupDataMapper); + $result = $this->dbGetRowSql($sql); + } catch (\Throwable $th) { + // Capture errors mysql. + throw new InvalidArgumentException( + strip_tags($th->getMessage()), + HttpCodesEnum::INTERNAL_SERVER_ERROR + ); + } + + if (empty($result) === true) { + throw new NotFoundException(__('%s not found', $this->groupDataMapper->getStringNameClass())); + } + + return $this->groupDataMapper->fromDatabase($result); + } + + public function create(Group $group): Group + { + $id = $this->__create($group, $this->groupDataMapper); + return $group->setIdGroup($id); + } + + public function update(Group $group): Group + { + return $this->__update( + $group, + $this->groupDataMapper, + $group->getIdGroup() + ); + } + + public function delete(int $id): void + { + $this->__delete($id, $this->groupDataMapper); + } + + private function getGroupsQuery( + FilterAbstract $filter, + DataMapperAbstract $mapper, + bool $count = false + ): string { + $pagination = ''; + $orderBy = ''; + $fields = 'COUNT(DISTINCT tgrupo.id_grupo) as count'; + $filters = $this->buildQueryFilters($filter, $mapper); + + // Check ACL for user list. + if (users_can_manage_group_all('AR') === false) { + $user_groups_acl = users_get_groups(false, 'AR', false); + if (empty($user_groups_acl) === false) { + $filters .= sprintf( + ' AND tgrupo.id_grupo IN (%s)', + implode(',', array_keys($user_groups_acl)) + ); + } + } + + if ($count === false) { + $pagination = $this->buildQueryPagination($filter); + $orderBy = $this->buildQueryOrderBy($filter); + if (empty($filter->getFields()) === true) { + $fields = 'tgrupo.*, tparent.nombre AS parent_name, IF(tgrupo.parent=tparent.id_grupo, 1, 0) AS has_child'; + } else { + $buildFields = ''; + foreach ($filter->getFields() as $field) { + if (empty($buildFields) === false) { + $buildFields .= ' , '; + } + + $buildFields .= $field; + } + + $fields = $buildFields; + } + } + + $sql = sprintf( + 'SELECT %s + FROM tgrupo + LEFT JOIN tgrupo tparent + ON tgrupo.parent=tparent.id_grupo + WHERE %s + %s + %s', + $fields, + $filters, + $orderBy, + $pagination + ); + + return $sql; + } +} diff --git a/pandora_console/include/lib/Modules/Profiles/Controllers/CreateProfileController.php b/pandora_console/include/lib/Modules/Profiles/Controllers/CreateProfileController.php index 3ee9289668..967a3b29ee 100644 --- a/pandora_console/include/lib/Modules/Profiles/Controllers/CreateProfileController.php +++ b/pandora_console/include/lib/Modules/Profiles/Controllers/CreateProfileController.php @@ -38,6 +38,7 @@ final class CreateProfileController extends Controller // @var Profile $profile. $profile = $this->fromRequest($request, Profile::class); + $this->acl->validateUserAdmin(); $this->acl->validate(0, 'UM', ' tried to manage profile'); $result = $this->createProfileAction->__invoke($profile); diff --git a/pandora_console/include/lib/Modules/Profiles/Controllers/DeleteProfileController.php b/pandora_console/include/lib/Modules/Profiles/Controllers/DeleteProfileController.php index 9961ac9b2d..7efe367cbf 100644 --- a/pandora_console/include/lib/Modules/Profiles/Controllers/DeleteProfileController.php +++ b/pandora_console/include/lib/Modules/Profiles/Controllers/DeleteProfileController.php @@ -39,6 +39,7 @@ final class DeleteProfileController extends Controller $idProfile = $this->getParam($request, 'idProfile'); $profile = $this->getProfileAction->__invoke($idProfile); + $this->acl->validateUserAdmin(); $this->acl->validate(0, 'UM', ' tried to manage profile'); $result = $this->deleteProfileAction->__invoke($profile); diff --git a/pandora_console/include/lib/Modules/Profiles/Controllers/GetProfileController.php b/pandora_console/include/lib/Modules/Profiles/Controllers/GetProfileController.php index 6db003271d..113606d548 100644 --- a/pandora_console/include/lib/Modules/Profiles/Controllers/GetProfileController.php +++ b/pandora_console/include/lib/Modules/Profiles/Controllers/GetProfileController.php @@ -36,6 +36,7 @@ final class GetProfileController extends Controller { $idProfile = $this->getParam($request, 'idProfile'); + $this->acl->validateUserAdmin(); $this->acl->validate(0, 'UM', ' tried to manage profile'); $result = $this->getProfileAction->__invoke($idProfile); diff --git a/pandora_console/include/lib/Modules/Profiles/Controllers/ListProfileController.php b/pandora_console/include/lib/Modules/Profiles/Controllers/ListProfileController.php index 0e870b4c51..c2a290c9af 100644 --- a/pandora_console/include/lib/Modules/Profiles/Controllers/ListProfileController.php +++ b/pandora_console/include/lib/Modules/Profiles/Controllers/ListProfileController.php @@ -66,6 +66,7 @@ final class ListProfileController extends Controller // @var ProfileFilter $profileFilter. $profileFilter = $this->fromRequest($request, ProfileFilter::class); + $this->acl->validateUserAdmin(); $this->acl->validate(0, 'UM', ' tried to manage profile'); $result = $this->listProfileAction->__invoke($profileFilter); diff --git a/pandora_console/include/lib/Modules/Profiles/Controllers/UpdateProfileController.php b/pandora_console/include/lib/Modules/Profiles/Controllers/UpdateProfileController.php index f92d5be8c6..441e39b622 100644 --- a/pandora_console/include/lib/Modules/Profiles/Controllers/UpdateProfileController.php +++ b/pandora_console/include/lib/Modules/Profiles/Controllers/UpdateProfileController.php @@ -44,6 +44,7 @@ final class UpdateProfileController extends Controller $params = $this->extractParams($request); $profile->fromArray($params); + $this->acl->validateUserAdmin(); $this->acl->validate(0, 'UM', ' tried to manage profile'); $result = $this->updateProfileAction->__invoke($profile, $oldProfile); diff --git a/pandora_console/include/lib/Modules/Shared/Core/DataMapperAbstract.php b/pandora_console/include/lib/Modules/Shared/Core/DataMapperAbstract.php index 1367012739..3880bc31a9 100644 --- a/pandora_console/include/lib/Modules/Shared/Core/DataMapperAbstract.php +++ b/pandora_console/include/lib/Modules/Shared/Core/DataMapperAbstract.php @@ -86,7 +86,7 @@ abstract class DataMapperAbstract 'PandoraFMS\\Modules\\Users\\UserProfiles\\Entities\\UserProfile' => 'UserProfile', 'PandoraFMS\\Modules\\Profiles\\Entities\\Profile' => 'Profile', 'PandoraFMS\\Modules\\Events\\Entities\\Event' => 'Event', - 'PandoraFMS\\Modules\\Events\Filters\\Entities\\EventFilter' => 'EventFilter', + 'PandoraFMS\\Modules\\Events\\Filters\\Entities\\EventFilter' => 'EventFilter', 'PandoraFMS\\Modules\\Groups\\Entities\\Group' => 'Group', 'PandoraFMS\\Modules\\Tags\\Entities\\Tag' => 'Tag', ]; diff --git a/pandora_console/include/lib/Modules/Shared/Repositories/RepositoryMySQL.php b/pandora_console/include/lib/Modules/Shared/Repositories/RepositoryMySQL.php index cf39189a96..ba691d19b7 100644 --- a/pandora_console/include/lib/Modules/Shared/Repositories/RepositoryMySQL.php +++ b/pandora_console/include/lib/Modules/Shared/Repositories/RepositoryMySQL.php @@ -326,7 +326,7 @@ class RepositoryMySQL extends Repository public function checkAclGroupMysql(string $field, ?string $mode = ''): string { $config = new Config(); - $isAdmin = users_is_admin($config->get('id_user')); + $isAdmin = \users_is_admin($config->get('id_user')); if ($isAdmin === true) { return ''; } @@ -334,7 +334,7 @@ class RepositoryMySQL extends Repository $userGroups = array_keys( \users_get_groups( $config->get('id_user'), - 'IM', + 'AR', true, false ) diff --git a/pandora_console/include/lib/Modules/Shared/Services/Management.php b/pandora_console/include/lib/Modules/Shared/Services/Management.php new file mode 100644 index 0000000000..277162e361 --- /dev/null +++ b/pandora_console/include/lib/Modules/Shared/Services/Management.php @@ -0,0 +1,32 @@ +fromRequest($request, Tag::class); - $this->acl->validate(0, 'UM', ' tried to manage tag'); + $this->acl->validate(0, 'PM', ' tried to manage tag'); $result = $this->createTagAction->__invoke($tag); diff --git a/pandora_console/include/lib/Modules/Tags/Controllers/DeleteTagController.php b/pandora_console/include/lib/Modules/Tags/Controllers/DeleteTagController.php index d2b44719fd..715e34bbff 100644 --- a/pandora_console/include/lib/Modules/Tags/Controllers/DeleteTagController.php +++ b/pandora_console/include/lib/Modules/Tags/Controllers/DeleteTagController.php @@ -39,7 +39,7 @@ final class DeleteTagController extends Controller $idTag = $this->getParam($request, 'idTag'); $tag = $this->getTagAction->__invoke($idTag); - $this->acl->validate(0, 'UM', ' tried to manage tag'); + $this->acl->validate(0, 'PM', ' tried to manage tag'); $result = $this->deleteTagAction->__invoke($tag); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Tags/Controllers/GetTagController.php b/pandora_console/include/lib/Modules/Tags/Controllers/GetTagController.php index f450a14b63..e3d736b40b 100644 --- a/pandora_console/include/lib/Modules/Tags/Controllers/GetTagController.php +++ b/pandora_console/include/lib/Modules/Tags/Controllers/GetTagController.php @@ -36,7 +36,7 @@ final class GetTagController extends Controller { $idTag = $this->getParam($request, 'idTag'); - $this->acl->validate(0, 'UM', ' tried to manage tag'); + $this->acl->validate(0, 'PM', ' tried to manage tag'); $result = $this->getTagAction->__invoke($idTag); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Tags/Controllers/ListTagController.php b/pandora_console/include/lib/Modules/Tags/Controllers/ListTagController.php index bb8b4058e2..e4dfab7a85 100644 --- a/pandora_console/include/lib/Modules/Tags/Controllers/ListTagController.php +++ b/pandora_console/include/lib/Modules/Tags/Controllers/ListTagController.php @@ -66,7 +66,7 @@ final class ListTagController extends Controller // @var TagFilter $tagFilter. $tagFilter = $this->fromRequest($request, TagFilter::class); - $this->acl->validate(0, 'UM', ' tried to manage tag'); + $this->acl->validate(0, 'PM', ' tried to manage tag'); $result = $this->listTagAction->__invoke($tagFilter); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Tags/Controllers/UpdateTagController.php b/pandora_console/include/lib/Modules/Tags/Controllers/UpdateTagController.php index 416ab76434..dc80e22f0c 100644 --- a/pandora_console/include/lib/Modules/Tags/Controllers/UpdateTagController.php +++ b/pandora_console/include/lib/Modules/Tags/Controllers/UpdateTagController.php @@ -44,7 +44,7 @@ final class UpdateTagController extends Controller $params = $this->extractParams($request); $tag->fromArray($params); - $this->acl->validate(0, 'UM', ' tried to manage tag'); + $this->acl->validate(0, 'PM', ' tried to manage tag'); $result = $this->updateTagAction->__invoke($tag, $oldTag); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Users/Controllers/CreateUserController.php b/pandora_console/include/lib/Modules/Users/Controllers/CreateUserController.php index 627d5b5616..45c73dad3d 100644 --- a/pandora_console/include/lib/Modules/Users/Controllers/CreateUserController.php +++ b/pandora_console/include/lib/Modules/Users/Controllers/CreateUserController.php @@ -3,6 +3,7 @@ namespace PandoraFMS\Modules\Users\Controllers; use PandoraFMS\Modules\Shared\Controllers\Controller; +use PandoraFMS\Modules\Shared\Services\Management; use PandoraFMS\Modules\Shared\Services\ValidateAclSystem; use PandoraFMS\Modules\Users\Actions\CreateUserAction; use PandoraFMS\Modules\Users\Entities\User; @@ -15,6 +16,7 @@ final class CreateUserController extends Controller public function __construct( private CreateUserAction $createUserAction, private ValidateAclSystem $acl, + private Management $management ) { } @@ -40,6 +42,8 @@ final class CreateUserController extends Controller $this->acl->validate(0, 'UM', ' tried to manage user'); + $this->management->isManagementAllowed('User'); + $result = $this->createUserAction->__invoke($user); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Users/Controllers/DeleteUserController.php b/pandora_console/include/lib/Modules/Users/Controllers/DeleteUserController.php index ffb5ff9410..ffa3af6553 100644 --- a/pandora_console/include/lib/Modules/Users/Controllers/DeleteUserController.php +++ b/pandora_console/include/lib/Modules/Users/Controllers/DeleteUserController.php @@ -3,6 +3,7 @@ namespace PandoraFMS\Modules\Users\Controllers; use PandoraFMS\Modules\Shared\Controllers\Controller; +use PandoraFMS\Modules\Shared\Services\Management; use PandoraFMS\Modules\Shared\Services\ValidateAclSystem; use PandoraFMS\Modules\Users\Actions\DeleteUserAction; use PandoraFMS\Modules\Users\Actions\GetUserAction; @@ -15,7 +16,8 @@ final class DeleteUserController extends Controller public function __construct( private DeleteUserAction $deleteUserAction, private ValidateAclSystem $acl, - private GetUserAction $getUserAction + private GetUserAction $getUserAction, + private Management $management ) { } @@ -41,6 +43,8 @@ final class DeleteUserController extends Controller $this->acl->validate(0, 'UM', ' tried to manage user'); + $this->management->isManagementAllowed('User'); + $result = $this->deleteUserAction->__invoke($user); return $this->getResponse($response, $result); } diff --git a/pandora_console/include/lib/Modules/Users/Controllers/ListUserController.php b/pandora_console/include/lib/Modules/Users/Controllers/ListUserController.php index 8faa04e8cd..75f8ca5b4a 100644 --- a/pandora_console/include/lib/Modules/Users/Controllers/ListUserController.php +++ b/pandora_console/include/lib/Modules/Users/Controllers/ListUserController.php @@ -66,6 +66,8 @@ final class ListUserController extends Controller // @var UserFilter $userFilter. $userFilter = $this->fromRequest($request, UserFilter::class); + $this->acl->validate(0, 'UM', ' tried to manage user'); + $result = $this->listUserAction->__invoke($userFilter); return $this->getResponse($response, $result); diff --git a/pandora_console/include/lib/Modules/Users/Controllers/UpdateUserController.php b/pandora_console/include/lib/Modules/Users/Controllers/UpdateUserController.php index 92857f9f01..6730074cb5 100644 --- a/pandora_console/include/lib/Modules/Users/Controllers/UpdateUserController.php +++ b/pandora_console/include/lib/Modules/Users/Controllers/UpdateUserController.php @@ -3,6 +3,7 @@ namespace PandoraFMS\Modules\Users\Controllers; use PandoraFMS\Modules\Shared\Controllers\Controller; +use PandoraFMS\Modules\Shared\Services\Management; use PandoraFMS\Modules\Shared\Services\ValidateAclSystem; use PandoraFMS\Modules\Users\Actions\GetUserAction; use PandoraFMS\Modules\Users\Actions\UpdateUserAction; @@ -31,7 +32,8 @@ final class UpdateUserController extends Controller public function __construct( private UpdateUserAction $updateUserAction, private ValidateAclSystem $acl, - private GetUserAction $getUserAction + private GetUserAction $getUserAction, + private Management $management ) { } @@ -46,6 +48,8 @@ final class UpdateUserController extends Controller $this->acl->validate(0, 'UM', ' tried to manage user'); + $this->management->isManagementAllowed('User'); + $result = $this->updateUserAction->__invoke($user, $oldUser); return $this->getResponse($response, $result); } diff --git a/pandora_console/include/lib/Modules/Users/Repositories/UserRepositoryMySQL.php b/pandora_console/include/lib/Modules/Users/Repositories/UserRepositoryMySQL.php index 9e8993dc45..9aae38fc34 100644 --- a/pandora_console/include/lib/Modules/Users/Repositories/UserRepositoryMySQL.php +++ b/pandora_console/include/lib/Modules/Users/Repositories/UserRepositoryMySQL.php @@ -3,6 +3,7 @@ namespace PandoraFMS\Modules\Users\Repositories; use InvalidArgumentException; +use PandoraFMS\Core\Config; use PandoraFMS\Modules\Shared\Core\DataMapperAbstract; use PandoraFMS\Modules\Shared\Core\FilterAbstract; use PandoraFMS\Modules\Shared\Enums\HttpCodesEnum; @@ -15,7 +16,8 @@ use PandoraFMS\Modules\Users\Entities\UserFilter; class UserRepositoryMySQL extends RepositoryMySQL implements UserRepository { public function __construct( - private UserDataMapper $userDataMapper + private UserDataMapper $userDataMapper, + private Config $config ) { } @@ -85,8 +87,8 @@ class UserRepositoryMySQL extends RepositoryMySQL implements UserRepository public function create(User $user): User { - $this->__create($user, $this->userDataMapper); - return $user; + $id = $this->__create($user, $this->userDataMapper); + return $user->setIdUser($id); } public function update(User $user): User @@ -113,6 +115,21 @@ class UserRepositoryMySQL extends RepositoryMySQL implements UserRepository $fields = 'COUNT(DISTINCT tusuario.id_user) as count'; $filters = $this->buildQueryFilters($filter, $mapper); + // Check ACL for user list. + if (\users_is_admin() !== true) { + // No admin. + $filters .= ' AND tusuario.is_admin = 0'; + + // Only search in groups UM User management. + $group_um = \users_get_groups_UM($this->config->get('id_user')); + if (empty($group_um) === false && isset($group_um[0]) === false) { + $filters .= sprintf( + ' AND tusuario_perfil.id_grupo IN (%s)', + implode(',', array_keys($group_um)) + ); + } + } + if ($count === false) { $pagination = $this->buildQueryPagination($filter); $orderBy = $this->buildQueryOrderBy($filter); diff --git a/pandora_console/include/lib/Modules/Users/Services/CheckOldPasswordUserService.php b/pandora_console/include/lib/Modules/Users/Services/CheckOldPasswordUserService.php index 7fdf3ae305..cb348cb453 100644 --- a/pandora_console/include/lib/Modules/Users/Services/CheckOldPasswordUserService.php +++ b/pandora_console/include/lib/Modules/Users/Services/CheckOldPasswordUserService.php @@ -4,32 +4,21 @@ namespace PandoraFMS\Modules\Users\Services; use PandoraFMS\Modules\Shared\Exceptions\BadRequestException; use PandoraFMS\Modules\Shared\Exceptions\NotFoundException; -use PandoraFMS\Modules\Shared\Repositories\Repository; use PandoraFMS\Modules\Users\Entities\User; -use PandoraFMS\Modules\Users\Entities\UserDataMapper; -use PandoraFMS\Modules\Users\Entities\UserFilter; final class CheckOldPasswordUserService { public function __construct( - private Repository $repository, - private UserDataMapper $userDataMapper ) { } public function __invoke(User $user): void { - $userFilter = new UserFilter(); - /** @var User $entityFilter */ - $entityFilter = $userFilter->getEntityFilter(); - $entityFilter->setIdUser($user->getIdUser()); - $entityFilter->setPassword($user->getOldPassword()); - try { - $this->repository->__getOne( - $userFilter, - $this->userDataMapper - ); + // TODO: change to service. + if (!\process_user_login($user->getIdUser(), $user->getOldPassword())) { + throw new BadRequestException(__('User or the old password is not correct')); + } } catch (NotFoundException) { throw new BadRequestException(__('User or the old password is not correct')); } diff --git a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/CreateUserProfileController.php b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/CreateUserProfileController.php index 1a702e9ede..ff9afdc4d5 100644 --- a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/CreateUserProfileController.php +++ b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/CreateUserProfileController.php @@ -44,7 +44,7 @@ final class CreateUserProfileController extends Controller $idUser = $this->getParam($request, 'idUser'); $this->getUserAction->__invoke($idUser); - $this->acl->validate(0, 'UM', ' tried to manage user'); + $this->acl->validate(0, 'UM', ' tried to manage user profile'); $idProfile = $this->getParam($request, 'idProfile'); $this->getProfileAction->__invoke($idProfile); diff --git a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/DeleteUserProfileController.php b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/DeleteUserProfileController.php index 359b86918e..56b623acdb 100644 --- a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/DeleteUserProfileController.php +++ b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/DeleteUserProfileController.php @@ -44,6 +44,8 @@ final class DeleteUserProfileController extends Controller $idUser = $this->getParam($request, 'idUser'); $user = $this->getUserAction->__invoke($idUser); + $this->acl->validate(0, 'UM', ' tried to manage user profile'); + $idProfile = $this->getParam($request, 'idProfile'); $profile = $this->getProfileAction->__invoke($idProfile); diff --git a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/GetUserProfileController.php b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/GetUserProfileController.php index ef9197c3c1..81221fd0d5 100644 --- a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/GetUserProfileController.php +++ b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/GetUserProfileController.php @@ -42,6 +42,8 @@ final class GetUserProfileController extends Controller $idUser = $this->getParam($request, 'idUser'); $user = $this->getUserAction->__invoke($idUser); + $this->acl->validate(0, 'UM', ' tried to manage user profile'); + $idProfile = $this->getParam($request, 'idProfile'); $this->getProfileAction->__invoke($idProfile); diff --git a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/ListUserProfileController.php b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/ListUserProfileController.php index 9ec36ba741..bcdc26239d 100644 --- a/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/ListUserProfileController.php +++ b/pandora_console/include/lib/Modules/Users/UserProfiles/Controllers/ListUserProfileController.php @@ -69,6 +69,8 @@ final class ListUserProfileController extends Controller $idUser = $this->getParam($request, 'idUser'); $this->getUserAction->__invoke($idUser); + $this->acl->validate(0, 'UM', ' tried to manage user profile'); + // @var UserProfileFilter $userProfileFilter. $userProfileFilter = $this->fromRequest($request, UserProfileFilter::class); $userProfileFilter->getEntityFilter()->setIdUser($idUser);