tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '1749-sistena-cache-de-acl-s-de-la-consola' into 'develop' 

Modified users_get_groups

See merge request
This commit is contained in:
vgilc 2018-01-31 15:15:50 +01:00
parent 08623ac5f3 0d0b7ada48
commit 3cad7be4a5
27 changed files with 569 additions and 358 deletions

2
pandora_console/extensions/insert_data.php
View File

@ -147,7 +147,7 @@ function mainInsertData() {
$config['remote_config']);
echo '</div>';
$table = null;
$table = new stdClass();
$table->width = '100%';
$table->class = 'databox filters';
$table->style = array();

2
pandora_console/general/login_page.php
View File

@ -23,7 +23,7 @@ else {
include_once($homedir . 'include/functions_ui.php');
include_once($homedir . 'include/functions.php');
include_once($homedir . 'include/functions_html.php');
include_once(__DIR__ . '/../include/functions_html.php');
if($config['visual_animation']){

6
pandora_console/godmode/agentes/agent_manager.php
View File

@ -245,8 +245,10 @@ $modules = db_get_all_rows_sql("SELECT id_agente_modulo as id_module, nombre as
WHERE id_agente = " . $id_parent);
$modules_values = array();
$modules_values[0] = __('Any');
foreach ($modules as $m) {
$modules_values[$m['id_module']] = $m['name'];
if(is_array($modules)){
foreach ($modules as $m) {
$modules_values[$m['id_module']] = $m['name'];
}
}
$table->data[4][0] = __('Group');

1
pandora_console/godmode/groups/group_list.php
View File

@ -342,6 +342,7 @@ if ($create_group || $delete_group || $update_group) {
$groups = users_get_groups_tree ($config['id_user'], "AR", true);
}
$table = new StdClass();
$table->width = '100%';
$all_parents = array();

2
pandora_console/godmode/menu.php
View File

@ -354,7 +354,7 @@ if (is_array ($config['extensions'])) {
$sub2[$extmenu["sec2"]]["refr"] = 0;
}
else {
if (array_key_exists('fatherId',$extmenu)) {
if (is_array($extmenu) && array_key_exists('fatherId',$extmenu)) {
if (strlen($extmenu['fatherId']) > 0) {
if (array_key_exists('subfatherId',$extmenu)) {
if (strlen($extmenu['subfatherId']) > 0) {

1
pandora_console/godmode/netflow/nf_edit.php
View File

@ -111,6 +111,7 @@ $filters = db_get_all_rows_sql($sql);
if ($filters === false)
$filters = array ();
$table = new stdClass();
$table->width = '100%';
$table->class = 'databox data';

50
pandora_console/godmode/reporting/map_builder.php
View File

@ -258,15 +258,11 @@ $table->head = array ();
$table->head[0] = __('Map name');
$table->head[1] = __('Group');
$table->head[2] = __('Items');
$table->head[3] = __('Copy');
$table->head[4] = __('Delete');
$table->size[3] = "6%";
$table->size[4] = "6%";
// Fix: IW was the old ACL for report editing, now is RW
//Only for RW flag
if ($vconsoles_write || $vconsoles_manage) {
$table->head[3] = __('Copy');
$table->head[4] = __('Delete');
$table->size[3] = "6%";
$table->size[4] = "6%";
}
$table->align = array ();
$table->align[0] = 'left';
@ -299,25 +295,22 @@ if ($own_info['is_admin'] || $vconsoles_read) {
$maps = visual_map_get_user_layouts (0,false,$filters,false);
unset($filters['offset']);
unset($filters['limit']);
$total_maps = count(visual_map_get_user_layouts(0,false,$filters,false));
$total_maps = count($maps);
}else{
$maps = visual_map_get_user_layouts (0,false,$filters);
$maps = visual_map_get_user_layouts (0,false,$filters, false);
unset($filters['offset']);
unset($filters['limit']);
$total_maps = count(visual_map_get_user_layouts(0,false,$filters));
$total_maps = count($maps);
}
}
else {
$maps = visual_map_get_user_layouts ($config['id_user'], false,
$filters, false);
$maps = visual_map_get_user_layouts ($config['id_user'], false, $filters, false);
unset($filters['offset']);
unset($filters['limit']);
$total_maps = count(visual_map_get_user_layouts ($config['id_user'], false,
$filters, false));
$total_maps = count($maps);
}
if (!$maps && !is_metaconsole()) {
$total = count(visual_map_get_user_layouts ($config['id_user'], false,
false, false));
$total = count(visual_map_get_user_layouts ($config['id_user'], false, false, false));
if(!$total){
require_once ($config['homedir'] . "/general/firts_task/map_builder.php");
} else {
@ -328,8 +321,7 @@ if (!$maps && !is_metaconsole()) {
}
}
elseif (!$maps && is_metaconsole()) {
$total = count(visual_map_get_user_layouts ($config['id_user'], false,
false, false));
$total = count(visual_map_get_user_layouts ($config['id_user'], false, false, false));
if(!$total){
ui_print_info_message(
array(
@ -345,14 +337,18 @@ elseif (!$maps && is_metaconsole()) {
}
else {
ui_pagination ($total_maps, $url, $offset, $pagination);
foreach ($maps as $map) {
// ACL for the visual console permission
$vconsole_write = check_acl ($config['id_user'],
$map['id_group'], "VW");
$vconsole_manage = check_acl ($config['id_user'],
$map['id_group'], "VM");
$vconsole_write = false;
$vconsole_manage = false;
if(isset($map['vw'])){
$vconsole_write = true;
}
if(isset($map['vm'])){
$vconsole_manage = true;
}
$data = array ();
if (!is_metaconsole()) {
@ -369,7 +365,6 @@ else {
// Fix: IW was the old ACL for report editing, now is RW
if ($vconsole_write || $vconsole_manage) {
if (!is_metaconsole()) {
$data[3] = '<a class="copy_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;copy_layout=1">'.html_print_image ("images/copy.png", true).'</a>';
$data[4] = '<a class="delete_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;delete_layout=1">'.html_print_image ("images/cross.png", true).'</a>';
@ -379,6 +374,11 @@ else {
$data[4] = '<a class="delete_visualmap" href="index.php?sec=screen&sec2=screens/screens&action=visualmap&pure=' . $pure . '&id_layout='.$map['id'].'&amp;delete_layout=1">'.html_print_image ("images/cross.png", true).'</a>';
}
}
else{
$data[3] = '';
$data[4] = '';
}
array_push ($table->data, $data);
}
html_print_table ($table);

3
pandora_console/godmode/users/user_list.php
View File

@ -248,8 +248,7 @@ else {
}
$table = null;
$table = new stdClass();
$table->cellpadding = 0;
$table->cellspacing = 0;
$table->width = '100%';

15
pandora_console/include/auth/mysql.php
View File

@ -445,9 +445,8 @@ function process_user_login_remote ($login, $pass, $api = false) {
* @return bool True is the user is admin
*/
function is_user_admin ($id_user) {
$is_admin = (bool) db_get_value ('is_admin', 'tusuario', 'id_user', $id_user);
return $is_admin;
require_once(__DIR__ . "/../functions_users.php");
return users_is_admin($id_user);
}
@ -531,7 +530,15 @@ function get_user_email ($user) {
* @return mixed An array of users
*/
function get_user_info ($user) {
return db_get_row ("tusuario", "id_user", get_user_id ($user));
static $cache_user_info = array();
if (array_key_exists($user, $cache_user_info)){
return $cache_user_info[$user];
}
else{
$return = db_get_row ("tusuario", "id_user", get_user_id ($user));
$cache_user_info[$user] = $return;
return $return;
}
}
/**

2
pandora_console/include/class/Tree.class.php
View File

@ -53,7 +53,7 @@ class Tree {
$this->strictACL = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
$this->acltags = tags_get_user_module_and_tags($config['id_user'], $this->access);
$this->acltags = tags_get_user_groups_and_tags($config['id_user'], $this->access);
}
public function setFilter($filter) {

132
pandora_console/include/functions.php
View File

@ -1809,85 +1809,26 @@ function check_acl($id_user, $id_group, $access, $onlyOneGroup = false) {
$id_group = (int) $id_group;
}
$three_eyes_crow_groups = db_get_all_rows_sql("SELECT tperfil.*, tusuario_perfil.id_perfil FROM tperfil, tusuario_perfil WHERE tusuario_perfil.id_usuario = '" .
$id_user . "' AND tusuario_perfil.id_grupo = 0 AND tusuario_perfil.id_perfil = tperfil.id_perfil");
if ($id_group != 0 || $onlyOneGroup === true) {
$groups_list_acl = users_get_groups ($id_user, 'AR', false, true, null);
}
else{
$groups_list_acl = get_users_acl($id_user);
}
if ($three_eyes_crow_groups && !empty($three_eyes_crow_groups)) {
$acl_column = get_acl_column($access);
foreach ($three_eyes_crow_groups as $three_eyes_crow_group) {
if (isset($three_eyes_crow_group[$acl_column]) && $three_eyes_crow_group[$acl_column] == 1) {
if(is_array($groups_list_acl)){
if(isset($groups_list_acl[$id_group])){
$access = get_acl_column($access);
if(isset($groups_list_acl[$id_group][$access])
&& $groups_list_acl[$id_group][$access] > 0){
return 1;
}
else{
return 0;
}
}
}
$parents_id = array($id_group);
if ($id_group != 0 && $onlyOneGroup !== true) {
$group = db_get_row_filter('tgrupo', array('id_grupo' => $id_group));
$parents = groups_get_parents($group['parent'], true);
foreach ($parents as $parent) {
$parents_id[] = $parent['id_grupo'];
}
}
// TODO: To reduce this querys in one adding the group condition if necessary (only one line is different)
//Joined multiple queries into one. That saves on the query overhead and query cache.
if ($id_group == 0 && $onlyOneGroup !== true) {
$query = sprintf("SELECT tperfil.incident_view, tperfil.incident_edit,
tperfil.incident_management, tperfil.agent_view,
tperfil.agent_edit, tperfil.alert_edit,
tperfil.alert_management, tperfil.pandora_management,
tperfil.db_management, tperfil.user_management,
tperfil.report_view, tperfil.report_edit,
tperfil.report_management, tperfil.event_view,
tperfil.event_edit, tperfil.event_management,
tperfil.agent_disable,
tperfil.map_view, tperfil.map_edit, tperfil.map_management,
tperfil.vconsole_view, tperfil.vconsole_edit, tperfil.vconsole_management
FROM tusuario_perfil, tperfil
WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s'", $id_user);
//GroupID = 0 and onlyOneGroup = false, group id doesnt matter (use with caution!)
}
else {
$query = sprintf("SELECT tperfil.incident_view, tperfil.incident_edit,
tperfil.incident_management, tperfil.agent_view,
tperfil.agent_edit, tperfil.alert_edit,
tperfil.alert_management, tperfil.pandora_management,
tperfil.db_management, tperfil.user_management,
tperfil.report_view, tperfil.report_edit,
tperfil.report_management, tperfil.event_view,
tperfil.event_edit, tperfil.event_management,
tperfil.agent_disable,
tperfil.map_view, tperfil.map_edit, tperfil.map_management,
tperfil.vconsole_view, tperfil.vconsole_edit, tperfil.vconsole_management
FROM tusuario_perfil, tperfil
WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s'
AND (tusuario_perfil.id_grupo IN (%s)
OR tusuario_perfil.id_grupo = 0)", $id_user, implode(', ', $parents_id));
}
$rowdup = db_get_all_rows_sql ($query);
if (empty ($rowdup))
return 0;
$result = 0;
$acl_column = get_acl_column($access);
foreach ($rowdup as $row) {
// For each profile for this pair of group and user do...
if (isset($row[$acl_column])) {
$result += $row[$acl_column];
}
}
if ($result >= 1) {
return 1;
}
return 0;
}
@ -1975,6 +1916,51 @@ function get_acl_column($access) {
}
}
function get_users_acl($id_user){
static $users_acl_cache = array();
if (is_array($users_acl_cache[$id_user])) {
$rowdup = $users_acl_cache[$id_user];
}
else {
$query = sprintf("SELECT sum(tperfil.incident_view) as incident_view,
sum(tperfil.incident_edit) as incident_edit,
sum(tperfil.incident_management) as incident_management,
sum(tperfil.agent_view) as agent_view,
sum(tperfil.agent_edit) as agent_edit,
sum(tperfil.alert_edit) as alert_edit,
sum(tperfil.alert_management) as alert_management,
sum(tperfil.pandora_management) as pandora_management,
sum(tperfil.db_management) as db_management,
sum(tperfil.user_management) as user_management,
sum(tperfil.report_view) as report_view,
sum(tperfil.report_edit) as report_edit,
sum(tperfil.report_management) as report_management,
sum(tperfil.event_view) as event_view,
sum(tperfil.event_edit) as event_edit,
sum(tperfil.event_management) as event_management,
sum(tperfil.agent_disable) as agent_disable,
sum(tperfil.map_view) as map_view,
sum(tperfil.map_edit) as map_edit,
sum(tperfil.map_management) as map_management,
sum(tperfil.vconsole_view) as vconsole_view,
sum(tperfil.vconsole_edit) as vconsole_edit,
sum(tperfil.vconsole_management) as vconsole_management
FROM tusuario_perfil, tperfil
WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s'", $id_user);
$rowdup = db_get_all_rows_sql ($query);
$users_acl_cache[$id_user] = $rowdup;
}
if (empty ($rowdup) || !$rowdup)
return 0;
return $rowdup;
}
/**
* Get the name of a plugin
*

10
pandora_console/include/functions_agents.php
View File

@ -2601,7 +2601,9 @@ function select_modules_for_agent_group($id_group, $id_agents,
}
if ($selection == 1 || (count($id_agents) == 1)) {
$modules = db_get_all_rows_sql("SELECT DISTINCT nombre, id_agente_modulo FROM tagente_modulo WHERE 1 = 1" . $filter_agent . $filter_group);
$modules = db_get_all_rows_sql("SELECT DISTINCT nombre, id_agente_modulo
FROM tagente_modulo
WHERE 1 = 1" . $filter_agent . $filter_group);
if (empty($modules)) $modules = array();
@ -2614,13 +2616,15 @@ function select_modules_for_agent_group($id_group, $id_agents,
}
}
else {
$modules = db_get_all_rows_sql("SELECT nombre, id_agente_modulo FROM tagente_modulo WHERE 1 = 1" . $filter_agent . $filter_group);
$modules = db_get_all_rows_sql("SELECT nombre, id_agente_modulo
FROM tagente_modulo
WHERE 1 = 1" . $filter_agent . $filter_group);
if (empty($modules)) $modules = array();
foreach ($modules as $m) {
$is_in_all_agents = true;
$module_name = modules_get_agentmodule_name($m['id_agente_modulo']);
$module_name = $m['nombre'];
foreach ($id_agents as $a) {
$module_in_agent = db_get_value_filter('id_agente_modulo',
'tagente_modulo', array('id_agente' => $a, 'nombre' => $module_name));

19
pandora_console/include/functions_config.php
View File

@ -1630,7 +1630,7 @@ function config_process_config () {
if ($is_user_updating == 'operation/users/user_edit') {
$id = get_parameter_get ("id", $config["id_user"]); // ID given as parameter
$user_info = get_user_info ($id);
//If current user is editing himself or if the user has UM (User Management) rights on any groups the user is part of AND the authorization scheme allows for users/admins to update info
if (($config["id_user"] == $id || check_acl ($config["id_user"], users_get_groups ($id), "UM")) && $config["user_can_update_info"]) {
$view_mode = false;
@ -1645,10 +1645,19 @@ function config_process_config () {
}
}
if (isset($config['id_user']))
$relative_path = enterprise_hook('skins_set_image_skin_path',array($config['id_user']));
else
$relative_path = enterprise_hook('skins_set_image_skin_path',array(get_parameter('nick')));
if(!is_metaconsole()) {
// Skins are available only in console mode
if (isset($config['id_user'])){
$relative_path = enterprise_hook('skins_set_image_skin_path',array($config['id_user']));
}
else{
$relative_path = enterprise_hook('skins_set_image_skin_path',array(get_parameter('nick')));
}
}
else {
$relative_path = '';
}
$config['relative_path'] = $relative_path;
}
}

4
pandora_console/include/functions_groups.php
View File

@ -573,7 +573,7 @@ function groups_get_status ($id_group = 0, $strict_user = false) {
require_once ($config['homedir'].'/include/functions_reporting.php');
if ($strict_user) {
$acltags = tags_get_user_module_and_tags ($config['id_user'], 'AR', $strict_user);
$acltags = tags_get_user_groups_and_tags ($config['id_user'], 'AR', $strict_user);
$group_status = group_get_data ($config['id_user'], $strict_user, $acltags, false, 'group');
$data['monitor_alerts_fired'] = $groups_status['_monitors_alerts_fired_'];
$data['agent_critical'] = $groups_status['_agents_critical_'];
@ -3010,7 +3010,7 @@ function group_get_groups_list($id_user = false, $user_strict = false, $access =
$id_user = $config['id_user'];
}
$acltags = tags_get_user_module_and_tags ($id_user, $access, $user_strict);
$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict);
// If using metaconsole, the strict users will use the agent table of every node
if (is_metaconsole() && $user_strict) {

83
pandora_console/include/functions_groupview.php
View File

@ -24,14 +24,13 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
}
$user_groups = array();
$groups_without_tags = array();
foreach ($acltags as $group => $tags) {
if ($user_strict) { //Remove groups with tags
$groups_without_tags[$group] = $group;
}
$user_groups[$group] = groups_get_name($group);
if ($tags != '') {
$tags_group = explode(',', $tags);
$user_tags = array();
foreach ($acltags as $item) {
$user_groups[$item["id_grupo"]] = $item["nombre"];
if ($item["tags"] != '') {
$tags_group = explode(',', $item["tags"]);
foreach ($tags_group as $tag) {
$user_tags[$tag] = tags_get_name($tag);
@ -39,12 +38,7 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
}
}
if ($user_strict) {
$user_groups_ids = implode(',', array_keys($groups_without_tags));
}
else {
$user_groups_ids = implode(',', array_keys($acltags));
}
$user_groups_ids = implode(',', array_keys($acltags));
if (!empty($user_groups_ids)) {
if (is_metaconsole() && (!$user_strict)) {
@ -380,7 +374,8 @@ function groupview_status_modules_agents($id_user = false, $user_strict = false,
$id_user = $config['id_user'];
}
$acltags = tags_get_user_module_and_tags ($id_user, $access, $user_strict);
//$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict);
$acltags = users_get_groups ($id_user, $access, true, true);
// If using metaconsole, the strict users will use the agent table of every node
if (is_metaconsole() && $user_strict) {
@ -526,7 +521,11 @@ function groupview_get_groups_list($id_user = false, $user_strict = false, $acce
$id_user = $config['id_user'];
}
$acltags = tags_get_user_module_and_tags ($id_user, $access, $user_strict);
//$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict);
//
$acltags = users_get_groups($id_user, $access, true, true);
// If using metaconsole, the strict users will use the agent table of every node
if (is_metaconsole() && $user_strict) {
@ -575,19 +574,15 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
if ($id_user == false) {
$id_user = $config['id_user'];
}
$groups_with_privileges = users_get_groups($id_user, $access);
$groups_with_privileges = implode('","', $groups_with_privileges);
$user_groups = array();
$user_tags = array();
$groups_without_tags = array();
foreach ($acltags as $group => $tags) {
if ($user_strict) { //Remove groups with tags
$groups_without_tags[$group] = $group;
}
$user_groups[$group] = groups_get_name($group);
if ($tags != '') {
$tags_group = explode(',', $tags);
$user_tags = array();
foreach ($acltags as $item) {
$user_groups[$item["id_grupo"]] = $item["nombre"];
if ($item["tags"] != '') {
$tags_group = explode(',', $item["tags"]);
foreach ($tags_group as $tag) {
$user_tags[$tag] = tags_get_name($tag);
@ -595,15 +590,12 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
}
}
$groups_with_privileges = implode(',', array_keys($acltags));
if (!$user_strict)
$acltags[0] = 0;
if ($user_strict) {
$user_groups_ids = implode(',', array_keys($groups_without_tags));
}
else {
$user_groups_ids = implode(',', array_keys($acltags));
}
$user_groups_ids = implode(',', array_keys($acltags));
if (!empty($user_groups_ids)) {
if (is_metaconsole() && (!$user_strict)) {
@ -700,7 +692,7 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
SELECT *
FROM tgrupo
WHERE id_grupo IN (" . $fathers_id . ")
AND nombre IN (\"". $groups_with_privileges ."\")
AND id_grupo IN (" . $groups_with_privileges . ")
ORDER BY nombre COLLATE utf8_general_ci ASC");
if (!empty($list_father_groups)) {
//Merges the arrays and eliminates the duplicates groups
@ -763,17 +755,20 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
COUNT(*) AS _total_agents_, id_grupo, intervalo,
ultimo_contacto, disabled
FROM tmetaconsole_agent WHERE id_grupo = " . $group['id_grupo'] . " AND disabled = 0 GROUP BY id_grupo");
$list[$group['id_grupo']]['_monitors_critical_'] = (int)$group_agents['_monitors_critical_'];
$list[$group['id_grupo']]['_monitors_warning_'] = (int)$group_agents['_monitors_warning_'];
$list[$group['id_grupo']]['_monitors_unknown_'] = (int)$group_agents['_monitors_unknown_'];
$list[$group['id_grupo']]['_monitors_not_init_'] = (int)$group_agents['_monitors_not_init_'];
$list[$group['id_grupo']]['_monitors_ok_'] = (int)$group_agents['_monitors_ok_'];
$list[$group['id_grupo']]['_monitors_critical_'] = (int)$group_agents['_monitors_critical_'];
$list[$group['id_grupo']]['_monitors_warning_'] = (int)$group_agents['_monitors_warning_'];
$list[$group['id_grupo']]['_monitors_unknown_'] = (int)$group_agents['_monitors_unknown_'];
$list[$group['id_grupo']]['_monitors_not_init_'] = (int)$group_agents['_monitors_not_init_'];
$list[$group['id_grupo']]['_monitors_ok_'] = (int)$group_agents['_monitors_ok_'];
$list[$group['id_grupo']]['_monitors_alerts_fired_'] = (int)$group_agents['_monitors_alerts_fired_'];
$list[$group['id_grupo']]['_total_agents_'] = (int)$group_agents['_total_agents_'];
$list[$group['id_grupo']]["_monitor_checks_"] = $list[$group['id_grupo']]["_monitors_not_init_"] + $list[$group['id_grupo']]["_monitors_unknown_"] + $list[$group['id_grupo']]["_monitors_warning_"] + $list[$group['id_grupo']]["_monitors_critical_"] + $list[$group['id_grupo']]["_monitors_ok_"];
$list[$group['id_grupo']]['_total_agents_'] = (int)$group_agents['_total_agents_'];
$list[$group['id_grupo']]["_monitor_checks_"] = $list[$group['id_grupo']]["_monitors_not_init_"]
+ $list[$group['id_grupo']]["_monitors_unknown_"]
+ $list[$group['id_grupo']]["_monitors_warning_"]
+ $list[$group['id_grupo']]["_monitors_critical_"]
+ $list[$group['id_grupo']]["_monitors_ok_"];
if ($group['icon'])
$list[$group['id_grupo']]["_iconImg_"] = html_print_image ("images/".$group['icon'].".png", true, array ("style" => 'vertical-align: middle;'));

10
pandora_console/include/functions_io.php
View File

@ -372,8 +372,16 @@ function io_unsafe_string ($string) {
*/
function __ ($string /*, variable arguments */) {
global $l10n;
global $config;
static $extensions_cache = array();
$extensions = extensions_get_extensions();
if (array_key_exists($config["id_user"], $extensions_cache)) {
$extensions = $extensions_cache[$config["id_user"]];
}
else {
$extensions = extensions_get_extensions();
$extensions_cache[$config["id_user"]] = $extensions;
}
if (empty($extensions))
$extensions = array();

16
pandora_console/include/functions_modules.php
View File

@ -2552,7 +2552,9 @@ function modules_get_modules_name ($sql_from , $sql_conditions = '', $meta = fal
foreach ($rows_temp as $module_group_key => $modules_group_val)
$rows_temp_processed[$modules_group_val['name']] = $modules_group_val['name'];
$rows_select = array_unique(array_merge($rows_select, $rows_temp_processed));
if(is_array($rows_select) && is_array($rows_temp_processed)){
$rows_select = array_unique(array_merge($rows_select, $rows_temp_processed));
}
}
$groups_temp = users_get_groups_for_select(false, "AR", true, true, false);
@ -2565,7 +2567,9 @@ function modules_get_modules_name ($sql_from , $sql_conditions = '', $meta = fal
}
if (!empty($groups_temp_processed)) {
$groups_select = array_unique(array_merge($groups_select, $groups_temp_processed));
if(is_array($rows_select) && is_array($rows_temp_processed)){
$groups_select = array_unique(array_merge($groups_select, $groups_temp_processed));
}
}
if (!empty($modules_temp))
@ -2574,7 +2578,13 @@ function modules_get_modules_name ($sql_from , $sql_conditions = '', $meta = fal
metaconsole_restore_db();
}
unset($groups_select[__('All')]);
$key_group_all = array_search(__('All'), $groups_select);
if(is_array($groups_select)){
$key_group_all = array_search(__('All'), $groups_select);
}
else{
$key_group_all = false;
}
if ($key_group_all !== false)
unset($groups_select[$key_group_all]);
return $modules;

10
pandora_console/include/functions_networkmap.php
View File

@ -317,7 +317,7 @@ function networkmap_generate_dot ($pandora_name, $group = 0,
$fields = array ('tagente.id_grupo, tagente.nombre, tagente.id_os, tagente.id_parent, tagente.id_agente,
tagente.normal_count, tagente.warning_count, tagente.critical_count,
tagente.unknown_count, tagente.total_count, tagente.notinit_count');
$acltags = tags_get_user_module_and_tags ($config['id_user'],'AR', $strict_user);
$acltags = tags_get_user_groups_and_tags ($config['id_user'],'AR', $strict_user);
$agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $filter, $fields, false, $strict_user, true);
}
else {
@ -343,7 +343,7 @@ function networkmap_generate_dot ($pandora_name, $group = 0,
$fields = array ('tagente.id_grupo, tagente.nombre, tagente.id_os, tagente.id_parent, tagente.id_agente,
tagente.normal_count, tagente.warning_count, tagente.critical_count,
tagente.unknown_count, tagente.total_count, tagente.notinit_count');
$acltags = tags_get_user_module_and_tags ($config['id_user'],'AR', $strict_user);
$acltags = tags_get_user_groups_and_tags ($config['id_user'],'AR', $strict_user);
$agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $filter, $fields, false, $strict_user, true);
}
else {
@ -625,7 +625,7 @@ function networkmap_generate_dot_groups ($pandora_name, $group = 0,
global $config;
if ($strict_user) {
$acltags = tags_get_user_module_and_tags ($config['id_user'],'AR', $strict_user);
$acltags = tags_get_user_groups_and_tags ($config['id_user'],'AR', $strict_user);
}
$parents = array();
$orphans = array();
@ -1003,7 +1003,7 @@ function networkmap_create_agent_node ($agent, $simple = 0, $font_size = 10, $cu
if ($strict_user) {
require_once($config['homedir']."/include/functions_tags.php");
$acltags = tags_get_user_module_and_tags ($config["id_user"], 'AR', $strict_user);
$acltags = tags_get_user_groups_and_tags ($config["id_user"], 'AR', $strict_user);
$agent_filter = array("id" => $agent["id_agente"]);
$strict_data['normal_count'] = (int) groups_get_normal_monitors ($agent['id_grupo'], $agent_filter, array(), $strict_user, $acltags);
@ -1798,7 +1798,7 @@ function networkmap_get_new_nodes_from_ip_mask($ip_mask,
if ($strict_user) {
$filter['group_by'] = 'tagente.id_agente';
$fields = array ('tagente.id_agente');
$acltags = tags_get_user_module_and_tags ($config['id_user'],'AR', $strict_user);
$acltags = tags_get_user_groups_and_tags ($config['id_user'],'AR', $strict_user);
$user_agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $filter, $fields, false, $strict_user, true);
foreach ($all_user_agents as $agent) {

2
pandora_console/include/functions_reporting.php
View File

@ -8713,7 +8713,7 @@ function reporting_tiny_stats ($counts_info, $return = false, $type = 'agent', $
if ($strict_user && $type == 'agent') {
$acltags = tags_get_user_module_and_tags ($config['id_user'],'AR', $strict_user);
$acltags = tags_get_user_groups_and_tags ($config['id_user'],'AR', $strict_user);
$filter['disabled'] = 0;
$id_agent = $counts_info['id_agente'];

10
pandora_console/include/functions_reporting_html.php
View File

@ -3625,7 +3625,7 @@ function reporting_get_total_servers ($num_servers) {
function reporting_get_events ($data, $links = false) {
global $config;
$table_events = new stdClass();
$table_events->width = "100%";
if (defined('METACONSOLE'))
$style = " vertical-align:middle;";
@ -3697,7 +3697,7 @@ function reporting_get_last_activity() {
global $config;
// Show last activity from this user
$table = new stdClass();
$table->width = '100%';
$table->data = array ();
$table->size = array ();
@ -4010,8 +4010,10 @@ function reporting_get_event_histogram_meta ($width) {
$events = db_get_all_rows_sql($sql);
$events_criticity = array();
foreach ($events as $key => $value) {
array_push($events_criticity,$value['criticity']);
if(is_array($events)){
foreach ($events as $key => $value) {
array_push($events_criticity,$value['criticity']);
}
}
if (!empty($events)) {

2
pandora_console/include/functions_tactical.php
View File

@ -427,7 +427,7 @@ function tactical_status_modules_agents($id_user = false, $user_strict = false,
$id_user = $config['id_user'];
}
$acltags = tags_get_user_module_and_tags ($id_user, $access, $user_strict);
$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict);
// If using metaconsole, the strict users will use the agent table of every node
if (is_metaconsole() && $user_strict) {

252
pandora_console/include/functions_tags.php
View File

@ -670,30 +670,19 @@ function tags_get_acl_tags($id_user, $id_group, $access = 'AR',
return ERR_WRONG_PARAMETERS;
}
$acltags = tags_get_user_module_and_tags($id_user, $access);
// Delete the groups without tag restrictions from the acl tags array if $force_group_and_tag == false
// Delete the groups that aren't in the received groups id
$acltags_aux = array();
if (!empty($groups) && in_array(0, $groups)) {
$acltags_aux[0] = "";
}
foreach ($acltags as $group_id => $tags) {
if (!empty($groups) && array_search($group_id, $groups) === false) {
unset($acltags[$group_id]);
$raw_acltags = tags_get_user_groups_and_tags($id_user, $access);
$acltags = array();
foreach ($raw_acltags as $group => $taglist) {
if (!empty($taglist)) {
$acltags[$group] = explode(',', $taglist);
}
else {
if (!empty($tags))
$tags = explode(",", $tags);
$acltags_aux[$group_id] = $tags;
$acltags[$group] = '';
}
}
// Clean the possible empty elements
if (!$force_group_and_tag)
$acltags_aux = array_filter($acltags_aux);
$acltags = $acltags_aux;
switch ($return_mode) {
case 'data':
// Stop here and return the array
@ -711,6 +700,7 @@ function tags_get_acl_tags($id_user, $id_group, $access = 'AR',
case 'event_condition':
// Return the condition of the tags for tevento table
$condition = tags_get_acl_tags_event_condition($acltags, $meta, $force_group_and_tag);
if (!empty($condition)) {
return " $query_prefix " . "(" . $condition . ")";
}
@ -735,7 +725,7 @@ function tags_get_acl_tags_module_condition($acltags, $modules_table = '') {
$group_conditions = array();
// The acltags array contains the groups with the acl propagation applied
// after the changes done into the 'tags_get_user_module_and_tags' function.
// after the changes done into the 'tags_get_user_groups_and_tags' function.
foreach ($acltags as $group_id => $group_tags) {
$tag_join = '';
if (!empty($group_tags)) {
@ -859,83 +849,84 @@ function tags_get_acl_tags_event_condition($acltags, $meta = false, $force_group
// Juanma (08/05/2014) Fix : Will have all groups retrieved (also propagated ones)
$_groups_not_in = '';
foreach ($acltags as $group_id => $group_tags) {
// Group condition (The module belongs to an agent of the group X)
// Juanma (08/05/2014) Fix : Get all groups (children also, Propagate ACL func!)
$group_condition = sprintf('id_grupo IN (%s)', implode(',', array_values(groups_get_id_recursive($group_id, true))));
$_groups_not_in .= implode(',', array_values(groups_get_id_recursive($group_id))) . ',';
// Tags condition (The module has at least one of the restricted tags)
$tags_condition = '';
if (empty($group_tags)) {
$tags_condition = "id_grupo = ".$group_id;
}
else {
if (!is_array($group_tags)) {
$group_tags = explode(',', $group_tags);
if($acltags[0]){
foreach ($acltags as $group_id => $group_tags) {
// Group condition (The module belongs to an agent of the group X)
$group_condition = sprintf('id_grupo IN (%s)', implode(',', array_values(groups_get_id_recursive($group_id, true))));
//$_groups_not_in .= implode(',', array_values(groups_get_id_recursive($group_id))) . ',';
// Tags condition (The module has at least one of the restricted tags)
$tags_condition = '';
if (empty($group_tags)) {
$tags_condition = "id_grupo = ".$group_id;
}
else {
if (!is_array($group_tags)) {
$group_tags = explode(',', $group_tags);
}
foreach ($group_tags as $tag) {
// If the tag ID doesnt exist, ignore
if (!isset($all_tags[$tag])) {
continue;
}
if ($tags_condition != '') {
$tags_condition .= " OR \n";
}
//~ // Add as condition all the posibilities of the serialized tags
//~ $tags_condition .= sprintf('tags LIKE "%s,%%"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s,%%"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%s %%"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s %%"',io_safe_input($all_tags[$tag]));
if ($force_group_and_tag) {
if (!empty($all_tags[$tag])) {
if ($force_equal) {
$tags_condition .= sprintf('(tags = "%s"',io_safe_input($all_tags[$tag]));
} else {
$tags_condition .= "(tags LIKE '%".io_safe_input($all_tags[$tag])."%'";
}
$childrens = groups_get_childrens($group_id, null, true);
if (empty($childrens)) {
$tags_condition .= sprintf(' AND id_grupo = %d )', $group_id);
} else {
$childrens_ids[] = $group_id;
foreach ($childrens as $child) {
$childrens_ids[] = (int)$child['id_grupo'];
}
$ids_str = implode(',', $childrens_ids);
$tags_condition .= sprintf(' AND id_grupo IN (%s) )', $ids_str);
}
} else {
$tags_condition .= "id_grupo = ".$group_id;
}
} else {
if ($force_equal) {
$tags_condition .= sprintf('tags = "%s"',io_safe_input($all_tags[$tag]));
} else {
$tags_condition .= "tags LIKE '%".io_safe_input($all_tags[$tag])."%'";
}
}
}
}
foreach ($group_tags as $tag) {
// If the tag ID doesnt exist, ignore
if (!isset($all_tags[$tag])) {
continue;
}
if ($tags_condition != '') {
$tags_condition .= " OR \n";
}
//~ // Add as condition all the posibilities of the serialized tags
//~ $tags_condition .= sprintf('tags LIKE "%s,%%"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s,%%"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%s %%"',io_safe_input($all_tags[$tag]));
//~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s %%"',io_safe_input($all_tags[$tag]));
if ($force_group_and_tag) {
if (!empty($all_tags[$tag])) {
if ($force_equal) {
$tags_condition .= sprintf('(tags = "%s"',io_safe_input($all_tags[$tag]));
} else {
$tags_condition .= "(tags LIKE '%".io_safe_input($all_tags[$tag])."%'";
}
$childrens = groups_get_childrens($group_id, null, true);
if (empty($childrens)) {
$tags_condition .= sprintf(' AND id_grupo = %d )', $group_id);
} else {
$childrens_ids[] = $group_id;
foreach ($childrens as $child) {
$childrens_ids[] = (int)$child['id_grupo'];
}
$ids_str = implode(',', $childrens_ids);
$tags_condition .= sprintf(' AND id_grupo IN (%s) )', $ids_str);
}
} else {
$tags_condition .= "id_grupo = ".$group_id;
}
} else {
if ($force_equal) {
$tags_condition .= sprintf('tags = "%s"',io_safe_input($all_tags[$tag]));
} else {
$tags_condition .= "tags LIKE '%".io_safe_input($all_tags[$tag])."%'";
}
}
// If there is not tag condition ignore
if (empty($tags_condition)) {
continue;
}
if ($condition != '') {
$condition .= ' OR ';
}
$condition .= "($tags_condition)\n";
}
// If there is not tag condition ignore
if (empty($tags_condition)) {
continue;
}
if ($condition != '') {
$condition .= ' OR ';
}
$condition .= "($tags_condition)\n";
}
//Commented because ACLs propagation don't work
@ -2402,76 +2393,21 @@ function __add_acltags (&$acltags, $group_id, $tags_str) {
}
/* Return array with groups and their tags */
function tags_get_user_module_and_tags ($id_user = false, $access = 'AR', $strict_user = false) {
function tags_get_user_groups_and_tags ($id_user = false, $access = 'AR', $strict_user = false) {
global $config;
if ($id_user == false) {
$id_user = $config['id_user'];
}
$acl_column = get_acl_column($access);
$sql = sprintf("SELECT tags, id_grupo
FROM tusuario_perfil, tperfil
WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND
tusuario_perfil.id_usuario = '%s' AND
tperfil.%s = 1
ORDER BY id_grupo", $id_user, $acl_column);
$tags_and_groups = db_get_all_rows_sql($sql);
if ($tags_and_groups === false)
$tags_and_groups = array();
$acltags = array();
// Change the 'All' group with all groups
$user_groups = users_get_groups($id_user, $access, false);
$user_groups_ids = array();
if (!empty($user_groups) && is_array($user_groups)) {
$user_groups_ids = array_keys($user_groups);
$acls = users_get_groups ($id_user, $access, false, true);
$return = array();
foreach ($acls as $acl) {
$return[$acl["id_grupo"]] = $acl["tags"];
}
// If the user is admin, he should have access to the all group with the required permission
if (is_user_admin($id_user))
array_unshift($tags_and_groups, array('id_grupo' => 0, 'tags' => ''));
$tags_and_groups_aux = array();
foreach ($tags_and_groups as $data) {
// All group
if ((int)$data['id_grupo'] === 0) {
// All group with empty tags. All groups without tags permission!
if (empty($data['tags'])) {
foreach ($user_groups_ids as $group_id) {
$acltags[$group_id] = '';
}
return $acltags; // End of the function
}
// Create a new element for every group with the tags
else {
foreach ($user_groups_ids as $group_id) {
$tags_and_groups_aux[] = array(
'id_grupo' => $group_id,
'tags' => $data['tags']
);
}
}
}
// Specific group
else {
$tags_and_groups_aux[] = $data;
}
}
$tags_and_groups = $tags_and_groups_aux;
unset($tags_and_groups_aux);
foreach ($tags_and_groups as $group_tag) {
__add_acltags($acltags, $group_tag['id_grupo'], $group_tag['tags']);
}
return $acltags;
return $return;
}
/**

248
pandora_console/include/functions_users.php
View File

@ -139,6 +139,101 @@ function users_get_groups_for_select($id_user, $privilege = "AR", $returnAllGro
return $fields;
}
function get_group_ancestors($group_id, $groups) {
if (!isset($groups[$group_id])) {
return null;
}
$parent = $groups[$group_id]["parent"];
if ($groups[$group_id]["propagate"] == 0){
return $group_id;
}
if ($parent == 0) {
return 0;
}
$r = get_group_ancestors($parent, $groups);
if (is_array($r)) {
$r = array_merge(array($parent), $r);
}
else {
$r = array($parent, $r);
}
return $r;
}
function groups_combine_acl($acl_group_a, $acl_group_b){
if(!is_array($acl_group_a)){
if(is_array($acl_group_b)){
return $acl_group_b;
}
else{
return null;
}
}
else{
if(!is_array($acl_group_b)){
return $acl_group_a;
}
}
$acl_list = array (
"incident_view" => 1,
"incident_edit" => 1,
"incident_management" => 1,
"agent_view" => 1,
"agent_edit" => 1,
"agent_disable" => 1,
"alert_edit" => 1,
"alert_management" => 1,
"pandora_management" => 1,
"db_management" => 1,
"user_management" => 1,
"report_view" => 1,
"report_edit" => 1,
"report_management" => 1,
"event_view" => 1,
"event_edit" => 1,
"event_management" => 1,
"map_view" => 1,
"map_edit" => 1,
"map_management" => 1,
"vconsole_view" => 1,
"vconsole_edit" => 1,
"vconsole_management" => 1,
"tags" => 1,
);
foreach ($acl_list as $acl => $aux) {
if($acl == "tags") {
// Mix tags
if (isset($acl_group_a[$acl]) && ($acl_group_a[$acl] != "")) {
if (isset($acl_group_b[$acl]) && ($acl_group_b[$acl] != "")) {
if ($acl_group_b[$acl] != ($acl_group_a[$acl])) {
$acl_group_b[$acl] = $acl_group_a[$acl] . "," . $acl_group_b[$acl];
}
}
else {
$acl_group_b[$acl] = $acl_group_a[$acl];
}
}
continue;
}
// propagate ACL
$acl_group_b[$acl] = $acl_group_a[$acl] || $acl_group_b[$acl];
}
return $acl_group_b;
}
/**
* Get all the groups a user has reading privileges.
*
@ -152,6 +247,143 @@ function users_get_groups_for_select($id_user, $privilege = "AR", $returnAllGro
* @return array A list of the groups the user has certain privileges.
*/
function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup = true, $returnAllColumns = false,
$id_groups = null, $keys_field = 'id_grupo', $cache = true) {
static $group_cache = array();
// Added users_group_cache to avoid unnecessary proccess on massive calls...
static $users_group_cache = array();
$users_group_cache_key = $id_user . "|" . $privilege . "|" . $returnAllGroup . "|" . $returnAllColumns;
if (empty ($id_user)) {
global $config;
$id_user = null;
if (isset($config['id_user'])) {
$id_user = $config['id_user'];
}
}
// Check the group cache first.
if (array_key_exists($id_user, $group_cache) && $cache) {
$forest_acl = $group_cache[$id_user];
}
else {
// Admin.
if (is_user_admin($id_user)) {
$forest_acl = db_get_all_rows_sql ("SELECT * FROM tgrupo ORDER BY nombre");
}
// Per-group permissions.
else {
$query = "SELECT * FROM tgrupo ORDER BY parent,id_grupo DESC";
$raw_groups = db_get_all_rows_sql($query);
$query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags FROM tgrupo, tusuario_perfil, tperfil
WHERE (tgrupo.id_grupo = tusuario_perfil.id_grupo OR tusuario_perfil.id_grupo = 0)
AND tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s' ORDER BY nombre", $id_user);
$raw_forest = db_get_all_rows_sql ($query);
foreach ($raw_forest as $g) {
// XXX, following code must be remade (TAG)
if (!isset($forest_acl[$g["id_grupo"]] )) {
$forest_acl[$g["id_grupo"]] = $g;
}
else {
$forest_acl[$g["id_grupo"]]["tags"] .= "," . $g["tags"];
}
}
$groups = array();
foreach ($raw_groups as $g) {
$groups[$g["id_grupo"]] = $g;
}
foreach ($groups as $group) {
$parents = get_group_ancestors($group["id_grupo"],$groups);
if (is_array($parents)) {
foreach ($parents as $parent) {
if ( (isset($forest_acl[$parent])) && ($groups[$parent]["propagate"] == 1)) {
if (isset($forest_acl[$group["id_grupo"]])) {
// update ACL propagation
$tmp = groups_combine_acl($forest_acl[$parent], $forest_acl[$group["id_grupo"]]);
}
else {
// add group to user ACL forest
$tmp = groups_combine_acl($forest_acl[$parent], $group);
}
if ($tmp !== null) {
// add only if valid
$forest_acl[$group["id_grupo"]] = $tmp;
}
}
}
}
else {
// no parents, direct assignment already done
}
}
}
// Update the group cache.
$group_cache[$id_user] = $forest_acl;
}
$user_groups = array ();
if (!$forest_acl) {
return $user_groups;
}
if ($returnAllGroup) { //All group
$groupall = array('id_grupo' => 0, 'nombre' => __('All'),
'icon' => 'world', 'parent' => 0, 'disabled' => 0,
'custom_id' => null, 'description' => '', 'propagate' => 0);
// Add the All group to the beginning to be always the first
array_unshift($forest_acl, $groupall);
}
$acl_column = get_acl_column($privilege);
if (array_key_exists($users_group_cache_key, $users_group_cache)) {
return $users_group_cache[$users_group_cache_key];
}
foreach ($forest_acl as $group) {
# Check the specific permission column. acl_column is undefined for admins.
if (isset($group[$acl_column]) && $group[$acl_column] != '1') {
continue;
}
if ($returnAllColumns) {
$user_groups[$group[$keys_field]] = $group;
}
else {
$user_groups[$group[$keys_field]] = $group['nombre'];
}
}
$users_group_cache[$users_group_cache_key] = $user_groups;
return $user_groups;
}
/**
* Get all the groups a user has reading privileges.
*
* @param string User id
* @param string The privilege to evaluate, and it is false then no check ACL.
* @param boolean $returnAllGroup Flag the return group, by default true.
* @param boolean $returnAllColumns Flag to return all columns of groups.
* @param array $id_groups The list of group to scan to bottom child. By default null.
* @param string $keys_field The field of the group used in the array keys. By default ID
*
* @return array A list of the groups the user has certain privileges.
*/
function old_users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup = true, $returnAllColumns = false,
$id_groups = null, $keys_field = 'id_grupo', $cache = true) {
static $group_cache = array();
@ -171,7 +403,7 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
// Admin.
if (is_user_admin($id_user)) {
$groups = db_get_all_rows_sql ("SELECT * FROM tgrupo ORDER BY nombre");
}
}
// Per-group permissions.
else {
$query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags FROM tgrupo, tusuario_perfil, tperfil
@ -797,15 +1029,23 @@ function users_get_last_type_message() {
function users_is_admin($id_user = false) {
global $config;
if (!isset($config["is_admin"])) {
$config["is_admin"] = array();
}
if ($id_user === false) {
$id_user = $config['id_user'];
}
$is_admin = (bool)db_get_value('is_admin',
if (isset($config["is_admin"][$id_user])) {
return $config["is_admin"][$id_user];
}
$config["is_admin"][$id_user] = (bool)db_get_value('is_admin',
'tusuario', 'id_user', $id_user);
return $is_admin;
return $config["is_admin"][$id_user];
}
function users_is_last_system_message() {

39
pandora_console/include/functions_visual_map.php
View File

@ -3364,7 +3364,8 @@ function visual_map_print_visual_map ($id_layout, $show_links = true,
*
* @return array A list of layouts the user can see.
*/
function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter = false, $returnAllGroup = true, $favourite = false) {
function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter = false,
$returnAllGroup = true, $favourite = false) {
if (! is_array ($filter)){
$filter = array ();
} else {
@ -3386,20 +3387,19 @@ function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter
$where .= "is_favourite = 1";
}
if ($returnAllGroup) {
$groups = users_get_groups ($id_user, 'VR');
$groups = users_get_groups ($id_user, 'VR', true, true);
} else {
if(!empty($filter['group'])) {
$permissions_group = users_get_groups ($id_user, 'VR', false);
$permissions_group = users_get_groups ($id_user, 'VR', false, true);
if(empty($permissions_group)){
$permissions_group = users_get_groups ($id_user, 'VM', false);
$permissions_group = users_get_groups ($id_user, 'VM', false, true);
}
$groups = array_intersect_key($filter['group'], $permissions_group);
} else {
$groups = users_get_groups ($id_user, 'VR', false);
$groups = users_get_groups ($id_user, 'VR', false, true);
if(empty($groups)) {
$groups = users_get_groups ($id_user, 'VM', false);
$groups = users_get_groups ($id_user, 'VM', false, true);
}
}
unset($filter['group']);
@ -3420,9 +3420,9 @@ function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter
if ($where == '') {
$where = array();
}
$layouts = db_get_all_rows_filter ('tlayout', $where);
if ($layouts == false)
return array ();
@ -3432,6 +3432,17 @@ function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter
$retval[$layout['id']] = $layout['name'];
else
$retval[$layout['id']] = $layout;
//add_perms
if ($groups[$layout['id_group']]['vconsole_view']){
$retval[$layout['id']]['vr'] = $groups[$layout['id_group']]['vconsole_view'];
}
if ($groups[$layout['id_group']]['vconsole_edit']){
$retval[$layout['id']]['vw'] = $groups[$layout['id_group']]['vconsole_edit'];
}
if ($groups[$layout['id_group']]['vconsole_management']){
$retval[$layout['id']]['vm'] = $groups[$layout['id_group']]['vconsole_management'];
}
}
return $retval;
@ -3486,8 +3497,8 @@ function visual_map_get_layout_status ($id_layout = 0, $depth = 0, $elements_in_
if ($data['type'] == 0) {
$stcount++;
if ($data["id_layout_linked"] == 0 && $data["id_agente_modulo"] == 0 && $data["id_agent"] == 0) {
$stcount_u++;
}
$stcount_u++;
}
}
}
if ($stcount == 0 || $stcount_u == $stcount) {
@ -3568,9 +3579,9 @@ function visual_map_get_layout_status ($id_layout = 0, $depth = 0, $elements_in_
}
else {
$status = VISUAL_MAP_STATUS_NORMAL;
if (count($elements_in_child) == 0) {
$status = VISUAL_MAP_STATUS_UNKNOWN;
}
if (count($elements_in_child) == 0) {
$status = VISUAL_MAP_STATUS_UNKNOWN;
}
}
}
}

2
pandora_console/operation/agentes/estado_agente.php
View File

@ -465,7 +465,7 @@ if ($strict_user) {
$fields = array ('tagente.id_agente','tagente.id_grupo','tagente.id_os','tagente.ultimo_contacto','tagente.intervalo','tagente.comentarios description','tagente.quiet',
'tagente.normal_count','tagente.warning_count','tagente.critical_count','tagente.unknown_count','tagente.notinit_count','tagente.total_count','tagente.fired_count', 'tagente.nombre', 'tagente.alias');
$acltags = tags_get_user_module_and_tags ($config['id_user'], $access, $strict_user);
$acltags = tags_get_user_groups_and_tags ($config['id_user'], $access, $strict_user);
$total_agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $count_filter, $fields, false, $strict_user, true);
$total_agents = count($total_agents);

2
pandora_console/operation/agentes/tactical.php
View File

@ -178,7 +178,7 @@ echo '<td style="vertical-align: top; width: 75%; padding-top: 0px;" id="rightco
// Last events information
// ---------------------------------------------------------------------
$acltags = tags_get_user_module_and_tags ($config['id_user'], 'ER', $user_strict);
$acltags = tags_get_user_groups_and_tags ($config['id_user'], 'ER', $user_strict);
if (!empty($acltags)) {
$tags_condition = tags_get_acl_tags_event_condition($acltags, false, $user_strict);

2
pandora_console/operation/events/events_list.php
View File

@ -807,7 +807,7 @@ enterprise_hook('print_event_tags_active_filters',
if (!empty($result)) {
//~ Checking the event tags exactly. The event query filters approximated tags to keep events
//~ with several tags
$acltags = tags_get_user_module_and_tags ($config['id_user'], $access, true);
$acltags = tags_get_user_groups_and_tags ($config['id_user'], $access, true);
foreach ($result as $key=>$event_data) {
$has_tags = events_checks_event_tags($event_data, $acltags);