tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed error and added new ACL checks

This commit is contained in:
Alejandro Gallardo Escobar 2014-10-15 18:12:51 +02:00
parent c07264dbc0
commit 3dcb6a14a2
14 changed files with 224 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
pandora_console/mobile/index.php
View File

@ -39,12 +39,14 @@ require_once('operation/networkmap.php');
require_once('operation/visualmaps.php');
require_once('operation/visualmap.php');
$enterpriseHook = enterprise_include('mobile/include/enterprise.class.php');
$enterpriseHook = enterprise_include('mobile/operation/home.php');
$system = System::getInstance();
$user = User::getInstance();
$user->hackInjectConfig();
$page = $system->getRequest('page', 'home');
$action = $system->getRequest('action');
if (!$user->isLogged()) {
$action = 'login';
@ -58,24 +60,20 @@ if ($action != "ajax") {
}
}
// Disable mobile console if ALC enterprise is enabled
if ($system->getConfig('enterprise_installed') == 1 && $system->getConfig('acl_enterprise') == 1) {
$ui = Ui::getInstance();
$system = System::getInstance();
$ui->createPage();
$ui->createHeader(__('Mobile console disabled'));
$ui->showFooter(false);
$ui->beginContent();
$ui->contentAddHtml(ui_print_info_message(array('title' => '', 'message' => __('Mobile console is not available with ACL enterprise enabled. Please contact with the administrator.'), 'no_close' => true, 'force_style' => 'margin: 0 auto;'), '', true));
$ui->endContent();
$ui->showPage();
return;
}
switch ($action) {
case 'ajax':
$parameter1 = $system->getRequest('parameter1', false);
$parameter2 = $system->getRequest('parameter2', false);
if (class_exists("Enterprise")) {
$enterprise = Enterprise::getInstance();
$permission = $enterprise->checkEnterpriseACL($parameter1);
if (!$permission) {
return false;
}
}
switch ($parameter1) {
case 'events':
@ -119,7 +117,10 @@ switch ($action) {
$l10n = new gettext_reader (new CachedFileReader('../include/languages/'.$user_language.'.mo'));
$l10n->load_tables();
}
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show();
}
else {
@ -132,11 +133,34 @@ switch ($action) {
$user->showLogin();
break;
default:
$page = $system->getRequest('page', 'home');
if (class_exists("Enterprise")) {
$enterprise = Enterprise::getInstance();
if ($page != "home") {
$permission = $enterprise->checkEnterpriseACL($page);
if (!$permission) {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
return;
}
}
}
switch ($page) {
case 'home':
default:
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show();
break;
case 'tactical':

6
pandora_console/mobile/operation/agent.php
View File

@ -54,9 +54,13 @@ class Agent {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/agents.php
View File

@ -141,9 +141,13 @@ class Agents {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/alerts.php
View File

@ -137,9 +137,13 @@ class Alerts {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/events.php
View File

@ -421,9 +421,13 @@ class Events {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/groups.php
View File

@ -47,9 +47,13 @@ class Groups {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

174
pandora_console/mobile/operation/home.php
View File

@ -13,20 +13,127 @@
// GNU General Public License for more details.
class Home {
private $global_search = '';
protected $global_search = '';
protected $pagesItems = array();
function __construct() {
$this->global_search = '';
}
public function getPagesItems () {
if (empty($this->pagesItems))
$this->loadPagesItems();
return $this->pagesItems;
}
protected function loadPagesItems () {
$items = array();
// In home
$items['tactical'] = array(
'name' => __('Tactical view'),
'filename' => 'tactical.php',
'menu_item' => true,
'icon' => 'tactical_view'
);
$items['events'] = array(
'name' => __('Events'),
'filename' => 'events.php',
'menu_item' => true,
'icon' => 'events'
);
$items['groups'] = array(
'name' => __('Groups'),
'filename' => 'groups.php',
'menu_item' => true,
'icon' => 'groups'
);
$items['alerts'] = array(
'name' => __('Alerts'),
'filename' => 'alerts.php',
'menu_item' => true,
'icon' => 'alerts'
);
$items['agents'] = array(
'name' => __('Agents'),
'filename' => 'agents.php',
'menu_item' => true,
'icon' => 'agents'
);
$items['modules'] = array(
'name' => __('Modules'),
'filename' => 'modules.php',
'menu_item' => true,
'icon' => 'modules'
);
$items['networkmaps'] = array(
'name' => __('Networkmaps'),
'filename' => 'networkmaps.php',
'menu_item' => true,
'icon' => 'network_maps'
);
$items['visualmaps'] = array(
'name' => __('Visual consoles'),
'filename' => 'visualmaps.php',
'menu_item' => true,
'icon' => 'visual_console'
);
// Not in home
$items['agent'] = array(
'name' => __('Agent'),
'filename' => 'agent.php',
'menu_item' => false,
'icon' => ''
);
$items['module_graph'] = array(
'name' => __('Module graph'),
'filename' => 'module_graph.php',
'menu_item' => false,
'icon' => ''
);
$items['networkmap'] = array(
'name' => __('Networkmap'),
'filename' => 'networkmap.php',
'menu_item' => false,
'icon' => ''
);
$items['visualmap'] = array(
'name' => __('Visualmap'),
'filename' => 'visualmap.php',
'menu_item' => false,
'icon' => ''
);
$this->pagesItems = $items;
}
protected function loadButtons ($ui) {
if (empty($this->pagesItems) && $this->pagesItems !== false)
$this->loadPagesItems();
foreach ($this->pagesItems as $page => $data) {
if ($data['menu_item']) {
$options = array(
'icon' => $data['icon'],
'pos' => 'right',
'text' => $data['name'],
'href' => "index.php?page=$page"
);
$ui->contentAddHtml($ui->createButton($options));
}
}
}
public function show() {
global $config;
require_once ($config["homedir"] . '/include/functions_graph.php');
public function show($error = false) {
$system = System::getInstance();
$ui = Ui::getInstance();
$system = System::getInstance();
require_once ($system->getConfig("homedir") . '/include/functions_graph.php');
$ui->createPage();
if ($system->getRequest('hide_logout', 0)) {
$left_button = null;
@ -39,8 +146,9 @@ class Home {
}
$user_logged = '';
if (isset($config['id_user'])) {
$user_logged = '<span id="user_logged">' . $config['id_user'] . '</span>';
$id_user = $system->getConfig("id_user");
if (!empty($id_user)) {
$user_logged = "<span id=\"user_logged\">$id_user</span>";
}
$ui->createHeader(__("Home"), $left_button, $user_logged);
@ -56,49 +164,13 @@ class Home {
$ui->endForm();
//List of buttons
$options = array('icon' => 'tactical_view',
'pos' => 'right',
'text' => __('Tactical view'),
'href' => 'index.php?page=tactical');
$ui->contentAddHtml($ui->createButton($options));
$options = array('icon' => 'events',
'pos' => 'right',
'text' => __('Events'),
'href' => 'index.php?page=events');
$ui->contentAddHtml($ui->createButton($options));
$options = array('icon' => 'groups',
'pos' => 'right',
'text' => __('Groups'),
'href' => 'index.php?page=groups');
$ui->contentAddHtml($ui->createButton($options));
$options = array('icon' => 'alerts',
'pos' => 'right',
'text' => __('Alerts'),
'href' => 'index.php?page=alerts');
$ui->contentAddHtml($ui->createButton($options));
$options = array('icon' => 'agents',
'pos' => 'right',
'text' => __('Agents'),
'href' => 'index.php?page=agents');
$ui->contentAddHtml($ui->createButton($options));
$options = array('icon' => 'modules',
'pos' => 'right',
'text' => __('Modules'),
'href' => 'index.php?page=modules');
$ui->contentAddHtml($ui->createButton($options));
$options = array('icon' => 'network_maps',
'pos' => 'right',
'text' => __('Networkmaps'),
'href' => 'index.php?page=networkmaps');
$ui->contentAddHtml($ui->createButton($options));
$options = array('icon' => 'visual_console',
'pos' => 'right',
'text' => __('Visual consoles'),
'href' => 'index.php?page=visualmaps');
$ui->contentAddHtml($ui->createButton($options));
$this->loadButtons($ui);
if (!empty($error)) {
$ui->addDialog($error);
}
$ui->endContent();
$ui->showPage();
return;
}
}
?>

6
pandora_console/mobile/operation/module_graph.php
View File

@ -265,9 +265,13 @@ class ModuleGraph {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/modules.php
View File

@ -169,9 +169,13 @@ class Modules {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/networkmap.php
View File

@ -69,9 +69,13 @@ class Networkmap {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/networkmaps.php
View File

@ -95,9 +95,13 @@ class Networkmaps {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/tactical.php
View File

@ -64,9 +64,13 @@ class Tactical {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/visualmap.php
View File

@ -53,9 +53,13 @@ class Visualmap {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}

6
pandora_console/mobile/operation/visualmaps.php
View File

@ -79,9 +79,13 @@ class Visualmaps {
}
private function show_fail_acl() {
$error['type'] = 'onStart';
$error['title_text'] = __('You don\'t have access to this page');
$error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance. <br><br>Please know that all attempts to access this page are recorded in security logs of Pandora System Database');
$home = new Home();
if (class_exists("HomeEnterprise"))
$home = new HomeEnterprise();
else
$home = new Home();
$home->show($error);
}