From 400fcdca26a25d47f5af076778fb2fe2d20405a6 Mon Sep 17 00:00:00 2001
From: daniel <daniel.barbero@artica.es>
Date: Wed, 10 May 2017 09:42:39 +0200
Subject: [PATCH] fixed errors in massive copy modules

---
 .../include/ajax/alert_list.ajax.php          | 35 +++++++++++++++----
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/pandora_console/include/ajax/alert_list.ajax.php b/pandora_console/include/ajax/alert_list.ajax.php
index de34dbdeea..9f1b454905 100644
--- a/pandora_console/include/ajax/alert_list.ajax.php
+++ b/pandora_console/include/ajax/alert_list.ajax.php
@@ -17,13 +17,6 @@ global $config;
 // Login check
 check_login ();
 
-if (! check_acl ($config['id_user'], 0, "LW")) {
-	db_pandora_audit("ACL Violation",
-		"Trying to access Alert Management");
-	require ("general/noaccess.php");
-	exit;
-}
-
 require_once ('include/functions_agents.php');
 require_once ('include/functions_alerts.php');
 $isFunctionPolicies = enterprise_include ('include/functions_policies.php');
@@ -48,6 +41,13 @@ if ($get_agent_alerts_simple) {
 		echo json_encode (false);
 		return;
 	}
+
+	if (! check_acl ($config['id_user'], 0, "LW")) {
+		db_pandora_audit("ACL Violation",
+		"Trying to access Alert Management");
+		echo json_encode (false);
+		return;
+	}
 	
 	require_once ('include/functions_agents.php');
 	require_once ('include/functions_alerts.php');
@@ -73,6 +73,12 @@ if ($get_agent_alerts_simple) {
 }
 
 if ($enable_alert) {
+	if (! check_acl ($config['id_user'], 0, "LW")) {
+		db_pandora_audit("ACL Violation",
+			"Trying to access Alert Management");
+		return false;
+	}
+
 	$id_alert = (int) get_parameter ('id_alert');
 
 	$result = alerts_agent_module_disable ($id_alert, false);
@@ -84,6 +90,11 @@ if ($enable_alert) {
 }
 
 if ($disable_alert) {
+	if (! check_acl ($config['id_user'], 0, "LW")) {
+		db_pandora_audit("ACL Violation",
+			"Trying to access Alert Management");
+		return false;
+	}
 	$id_alert = (int) get_parameter ('id_alert');
 
 	$result = alerts_agent_module_disable ($id_alert, true);
@@ -95,6 +106,11 @@ if ($disable_alert) {
 }
 
 if ($get_actions_module) {
+	if (! check_acl ($config['id_user'], 0, "LW")) {
+		db_pandora_audit("ACL Violation",
+			"Trying to access Alert Management");
+		return false;
+	}
 	$id_module = get_parameter ('id_module');
 	
 	if (empty($id_module))
@@ -107,6 +123,11 @@ if ($get_actions_module) {
 }
 
 if ($show_update_action_menu) {
+	if (! check_acl ($config['id_user'], 0, "LW")) {
+		db_pandora_audit("ACL Violation",
+			"Trying to access Alert Management");
+		return false;
+	}
 	$id_agent_module = (int) get_parameter ('id_agent_module');
 	$id_module_action = (int) get_parameter ('id_module_action');
 	$id_agent = (int) get_parameter ('id_agent');