From 40af7361766743223879208c375a0b5a8a0246f8 Mon Sep 17 00:00:00 2001
From: zarzuelo <zarzuelo@gmail.com>
Date: Thu, 10 Jan 2013 16:00:30 +0000
Subject: [PATCH] 2013-01-10 Sergio Martin <sergio.martin@artica.es>
* include/functions_ui.php
include/functions_agents.php
include/functions_tags.php
operation/tree.php
operation/agentes/status_monitor.php
operation/agentes/alerts_status.php
operation/agentes/estado_ultimopaquete.php
operation/agentes/estado_agente.php
operation/agentes/status_events.php
operation/agentes/estado_monitores.php
operation/agentes/tactical.php
operation/agentes/group_view.php
operation/agentes/networkmap.php
operation/events/events_list.php
general/logon_ok.php
godmode/agentes/module_manager.php
godmode/alerts/alert_list.list.php: Add tags acl checks to modules
and alerts view. Add warn messages to zones with status counts when the
user has acl tags assigned
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7425 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
pandora_console/ChangeLog | 22 ++
pandora_console/general/logon_ok.php | 3 +
.../godmode/agentes/module_manager.php | 15 +-
.../godmode/alerts/alert_list.list.php | 7 -
pandora_console/include/functions_agents.php | 23 +-
pandora_console/include/functions_tags.php | 35 +-
pandora_console/include/functions_ui.php | 13 +
.../operation/agentes/alerts_status.php | 2 +-
.../operation/agentes/estado_agente.php | 4 +
.../operation/agentes/estado_monitores.php | 21 +-
.../agentes/estado_ultimopaquete.php | 19 +-
.../operation/agentes/group_view.php | 3 +
.../operation/agentes/networkmap.php | 4 +
.../operation/agentes/status_events.php | 5 +-
.../operation/agentes/status_monitor.php | 324 ++++++++----------
.../operation/agentes/tactical.php | 6 +-
.../operation/events/events_list.php | 14 +
pandora_console/operation/tree.php | 4 +
18 files changed, 293 insertions(+), 231 deletions(-)
diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index eef79d3805..12d6d62d1f 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,25 @@
+2013-01-10 Sergio Martin <sergio.martin@artica.es>
+
+ * include/functions_ui.php
+ include/functions_agents.php
+ include/functions_tags.php
+ operation/tree.php
+ operation/agentes/status_monitor.php
+ operation/agentes/alerts_status.php
+ operation/agentes/estado_ultimopaquete.php
+ operation/agentes/estado_agente.php
+ operation/agentes/status_events.php
+ operation/agentes/estado_monitores.php
+ operation/agentes/tactical.php
+ operation/agentes/group_view.php
+ operation/agentes/networkmap.php
+ operation/events/events_list.php
+ general/logon_ok.php
+ godmode/agentes/module_manager.php
+ godmode/alerts/alert_list.list.php: Add tags acl checks to modules
+ and alerts view. Add warn messages to zones with status counts when the
+ user has acl tags assigned
+
2013-01-10 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
* pandoradb_data.sql
diff --git a/pandora_console/general/logon_ok.php b/pandora_console/general/logon_ok.php
index 444205c207..6d2fd22f42 100644
--- a/pandora_console/general/logon_ok.php
+++ b/pandora_console/general/logon_ok.php
@@ -30,6 +30,9 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
ui_print_page_header (__('Welcome to Pandora FMS Web Console'));
+if(tags_has_user_acl_tags()) {
+ ui_print_tags_warning();
+}
// ---------------------------------------------------------------------------
// Site news !
// ---------------------------------------------------------------------------
diff --git a/pandora_console/godmode/agentes/module_manager.php b/pandora_console/godmode/agentes/module_manager.php
index acb4232ead..2028da4591 100644
--- a/pandora_console/godmode/agentes/module_manager.php
+++ b/pandora_console/godmode/agentes/module_manager.php
@@ -348,9 +348,6 @@ switch ($sortField) {
break;
}
-// TODO: CLEAN extra_sql
-$extra_sql = '';
-
// Build the order sql
if (!empty($order)) {
$order_sql = ' ORDER BY ';
@@ -383,6 +380,8 @@ $search_string_entities = io_safe_input($search_string);
$basic_where = sprintf("(nombre LIKE '%%%s%%' OR nombre LIKE '%%%s%%' OR descripcion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%') AND", $search_string, $search_string_entities, $search_string, $search_string_entities);
+$where_tags = tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 'tagente_modulo');
+
switch ($config["dbtype"]) {
case "postgresql":
$limit_sql = " LIMIT $limit OFFSET $offset ";
@@ -392,8 +391,8 @@ switch ($config["dbtype"]) {
}
$sql = sprintf("SELECT %s
FROM tagente_modulo
- WHERE %s (%s %s) %s %s",
- $params, $basic_where, $extra_sql, $where, $order_sql, $limit_sql);
+ WHERE %s %s %s %s %s",
+ $params, $basic_where, $where, $where_tags, $order_sql, $limit_sql);
$modules = db_get_all_rows_sql($sql);
break;
@@ -403,15 +402,15 @@ switch ($config["dbtype"]) {
$set['offset'] = $offset;
$sql = sprintf("SELECT %s
FROM tagente_modulo
- WHERE %s (%s %s) %s",
- $params, $basic_where, $extra_sql, $where, $order_sql);
+ WHERE %s %s %s %s",
+ $params, $basic_where, $where, $where_tags, $order_sql);
$modules = oracle_recode_query ($sql, $set, 'AND', false);
break;
}
$sql_total_modules = sprintf("SELECT count(*)
FROM tagente_modulo
- WHERE %s (%s %s)", $basic_where, $extra_sql, $where);
+ WHERE %s %s %s", $basic_where, $where, $where_tags);
$total_modules = db_get_value_sql($sql_total_modules);
diff --git a/pandora_console/godmode/alerts/alert_list.list.php b/pandora_console/godmode/alerts/alert_list.list.php
index 7b600b6b44..166d77e5ab 100644
--- a/pandora_console/godmode/alerts/alert_list.list.php
+++ b/pandora_console/godmode/alerts/alert_list.list.php
@@ -18,13 +18,6 @@ global $config;
// Login check
check_login ();
-if (! check_acl ($config['id_user'], 0, "LW")) {
- db_pandora_audit("ACL Violation",
- "Trying to access Alert Management");
- require ("general/noaccess.php");
- exit;
-}
-
/* Check if this page is included from a agent edition */
if (! check_acl ($config['id_user'], 0, "LW")) {
diff --git a/pandora_console/include/functions_agents.php b/pandora_console/include/functions_agents.php
index 9afc5e0b46..7bae68c09c 100644
--- a/pandora_console/include/functions_agents.php
+++ b/pandora_console/include/functions_agents.php
@@ -184,7 +184,10 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
if (is_array ($options)) {
$filter .= db_format_array_where_clause_sql ($options);
}
+
if (($id_agent !== false) && ($idGroup !== false)) {
+ $where_tags = tags_get_acl_tags($config['id_user'], $idGroup, 'AR', 'module_condition', 'AND', 'tagente_modulo');
+
if ($idGroup != 0) { //All group
$subQuery = 'SELECT id_agente_modulo
FROM tagente_modulo
@@ -194,10 +197,15 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
$subQuery = 'SELECT id_agente_modulo
FROM tagente_modulo WHERE delete_pending = 0';
}
+
+ $subQuery .= $where_tags;
}
else if ($id_agent === false) {
- if ($allModules) $disabled = '';
- else $disabled = 'WHERE disabled = 0';
+ if ($allModules)
+ $disabled = '';
+ else
+ $disabled = 'WHERE disabled = 0';
+
$subQuery = 'SELECT id_agente_modulo
FROM tagente_modulo ' . $disabled;
}
@@ -226,9 +234,6 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
$selectText = 'COUNT(talert_template_modules.id) AS count';
}
- // TODO: Clean extra_sql
- $extra_sql = '';
-
$sql = sprintf ("SELECT %s
FROM talert_template_modules
INNER JOIN tagente_modulo t2
@@ -237,8 +242,8 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
ON t2.id_agente = t3.id_agente
INNER JOIN talert_templates t4
ON talert_template_modules.id_alert_template = t4.id
- WHERE (%s id_agent_module in (%s)) %s %s %s",
- $selectText, $extra_sql, $subQuery, $where, $filter, $orderbyText);
+ WHERE id_agent_module in (%s) %s %s %s",
+ $selectText, $subQuery, $where, $filter, $orderbyText);
$alerts = db_get_all_rows_sql ($sql);
@@ -1282,6 +1287,10 @@ function agents_get_modules ($id_agent = null, $details = false, $filter = false
//$where .= " AND id_policy_module = 0 ";
+ $where_tags = tags_get_acl_tags($config['id_user'], $id_groups, 'AR', 'module_condition', 'AND', 'tagente_modulo');
+
+ $where .= $where_tags;
+
switch ($config["dbtype"]) {
case "mysql":
case "postgresql":
diff --git a/pandora_console/include/functions_tags.php b/pandora_console/include/functions_tags.php
index 15f9339960..cb5e0bb1d2 100644
--- a/pandora_console/include/functions_tags.php
+++ b/pandora_console/include/functions_tags.php
@@ -641,7 +641,7 @@ function tags_get_tags_formatted ($tags_array, $get_url = true) {
* @return mixed/string Tag ids
*/
-function tags_get_acl_tags($id_user, $id_group, $access, $return_mode = 'module_condition', $query_prefix = '', $query_table = '') {
+function tags_get_acl_tags($id_user, $id_group, $access = 'AR', $return_mode = 'module_condition', $query_prefix = '', $query_table = '') {
global $config;
if($id_user == false) {
$id_user = $config['id_user'];
@@ -851,6 +851,35 @@ function tags_get_acl_tags_event_condition($acltags) {
return $condition;
}
+/**
+ * Check if a user has assigned acl tags or not (if is admin, is like not acl tags)
+ *
+ * @param string ID of the user (with false the user will be taked from config)
+ *
+ * @return bool true if the user has tags and false if not
+ */
+function tags_has_user_acl_tags($id_user = false) {
+ global $config;
+
+ if($id_user === false) {
+ $id_user = $config['id_user'];
+ }
+
+ if(is_user_admin($id_user)) {
+ return false;
+ }
+
+ $query = sprintf("SELECT count(*)
+ FROM tusuario_perfil, tperfil
+ WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND
+ tusuario_perfil.id_usuario = '%s' AND tags != ''",
+ $id_user);
+
+ $user_tags = db_get_value_sql($query);
+
+ return (bool)$user_tags;
+}
+
/**
* Get the tags of a user in an ACL flag
*
@@ -868,7 +897,7 @@ function tags_get_user_tags($id_user = false, $access = 'AR') {
// Get all tags to have the name of all of them
$all_tags = tags_get_all_tags();
-
+
// If at least one of the profiles of this access flag hasent
// tags restrictions, the user can see all tags
$acl_column = get_acl_column($access);
@@ -885,7 +914,7 @@ function tags_get_user_tags($id_user = false, $access = 'AR') {
$id_user, $acl_column);
$profiles_without_tags = db_get_value_sql($query);
-
+
if($profiles_without_tags > 0) {
return $all_tags;
}
diff --git a/pandora_console/include/functions_ui.php b/pandora_console/include/functions_ui.php
index de8546104e..d2301c84b0 100644
--- a/pandora_console/include/functions_ui.php
+++ b/pandora_console/include/functions_ui.php
@@ -462,6 +462,19 @@ function ui_print_username ($username, $return = false) {
echo $string;
}
+function ui_print_tags_warning ($return = false) {
+ $msg = '<div id="notify_conf" class="notify">';
+ $msg .= __("Is possible that this view uses part of information which your user has not access");
+ $msg .= '</div>';
+
+ if($return) {
+ return $msg;
+ }
+ else {
+ echo $msg;
+ }
+}
+
/**
* Print group icon within a link
*
diff --git a/pandora_console/operation/agentes/alerts_status.php b/pandora_console/operation/agentes/alerts_status.php
index e455d9367f..0c9fd42b28 100644
--- a/pandora_console/operation/agentes/alerts_status.php
+++ b/pandora_console/operation/agentes/alerts_status.php
@@ -274,7 +274,7 @@ if ($print_agent) {
ui_toggle(printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_standby, true),__('Alert control filter'), __('Toggle filter(s)'));
}
-$table->width = '98%';
+$table->width = '100%';
$table->class = "databox";
$table->size = array ();
diff --git a/pandora_console/operation/agentes/estado_agente.php b/pandora_console/operation/agentes/estado_agente.php
index 00b54acc4e..56e3e0d0d3 100644
--- a/pandora_console/operation/agentes/estado_agente.php
+++ b/pandora_console/operation/agentes/estado_agente.php
@@ -168,6 +168,10 @@ if (check_acl ($config['id_user'], 0, "AW")) {
ui_print_page_header ( __("Agent detail"), "images/bricks.png", false, "agent_status", false, $onheader);
+if(tags_has_user_acl_tags()) {
+ ui_print_tags_warning();
+}
+
// User is deleting agent
if (isset($result_delete)) {
if ($result_delete)
diff --git a/pandora_console/operation/agentes/estado_monitores.php b/pandora_console/operation/agentes/estado_monitores.php
index 10fce500f8..6fcaee2247 100644
--- a/pandora_console/operation/agentes/estado_monitores.php
+++ b/pandora_console/operation/agentes/estado_monitores.php
@@ -152,8 +152,7 @@ switch ($config["dbtype"]) {
break;
}
-// TODO: Clean extra_sql
-$extra_sql = '';
+$tags_sql = tags_get_acl_tags($config['id_user'], $agent['id_grupo'], 'AR', 'module_condition', 'AND', 'tagente_modulo');
$status_filter_monitor = (int)get_parameter('status_filter_monitor', -1);
$status_text_monitor = get_parameter('status_text_monitor', '');
@@ -183,9 +182,10 @@ switch ($config["dbtype"]) {
LEFT JOIN tmodule_group
ON tagente_modulo.id_module_group = tmodule_group.id_mg
WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
- AND %s AND %s tagente_estado.utimestamp != 0
+ AND %s %s
+ AND tagente_estado.utimestamp != 0
ORDER BY tagente_modulo.id_module_group , %s %s",
- $id_agente, $status_text_monitor_sql, $status_filter_sql, $extra_sql, $order['field'], $order['order']);
+ $id_agente, $status_text_monitor_sql, $status_filter_sql, $tags_sql, $order['field'], $order['order']);
break;
case "oracle":
$sql = sprintf ("
@@ -196,12 +196,12 @@ switch ($config["dbtype"]) {
WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
AND tagente_modulo.id_agente = %d
AND tagente_modulo.nombre LIKE '%s'
- AND %s
+ AND %s %s
AND tagente_modulo.delete_pending = 0
AND tagente_modulo.disabled = 0
AND tagente_estado.utimestamp != 0
ORDER BY tagente_modulo.id_module_group , %s %s
- ", $id_agente, $status_text_monitor_sql, $status_filter_sql, $order['field'], $order['order']);
+ ", $id_agente, $status_text_monitor_sql, $status_filter_sql, $tags_sql, $order['field'], $order['order']);
break;
}
$count_modules = db_get_all_rows_sql ($sql);
@@ -223,9 +223,10 @@ switch ($config["dbtype"]) {
LEFT JOIN tmodule_group
ON tagente_modulo.id_module_group = tmodule_group.id_mg
WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
- AND %s AND %s tagente_estado.utimestamp != 0
+ AND %s %s
+ AND tagente_estado.utimestamp != 0
ORDER BY tagente_modulo.id_module_group , %s %s",
- $id_agente, $status_text_monitor_sql, $status_filter_sql, $extra_sql, $order['field'], $order['order']);
+ $id_agente, $status_text_monitor_sql, $status_filter_sql, $tags_sql, $order['field'], $order['order']);
break;
// If Dbms is Oracle then field_list in sql statement has to be recoded. See oracle_list_all_field_table()
case "oracle":
@@ -241,12 +242,12 @@ switch ($config["dbtype"]) {
WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
AND tagente_modulo.id_agente = %d
AND tagente_modulo.nombre LIKE '%s'
- AND %s
+ AND %s %s
AND tagente_modulo.delete_pending = 0
AND tagente_modulo.disabled = 0
AND tagente_estado.utimestamp != 0
ORDER BY tagente_modulo.id_module_group , %s %s
- ", $id_agente, $status_text_monitor_sql, $status_filter_sql, $order['field'], $order['order']);
+ ", $id_agente, $status_text_monitor_sql, $tags_sql, $status_filter_sql, $order['field'], $order['order']);
break;
}
diff --git a/pandora_console/operation/agentes/estado_ultimopaquete.php b/pandora_console/operation/agentes/estado_ultimopaquete.php
index 446627876a..a6dc1b8a0c 100644
--- a/pandora_console/operation/agentes/estado_ultimopaquete.php
+++ b/pandora_console/operation/agentes/estado_ultimopaquete.php
@@ -34,7 +34,7 @@ $timestamp_ref = $agent["ultimo_contacto_remoto"];
$timestamp_lof = $agent["ultimo_contacto"];
$intervalo_agente = $agent["intervalo"];
-// Get last packet
+// Get last packet (DEPRECATED CODE???)
switch ($config["dbtype"]) {
case "mysql":
case "postgresql":
@@ -175,10 +175,6 @@ switch ($sortField) {
break;
}
-// TODO: clean extra_sql
-$extra_sql = '';
-
-
// Build the order sql
if (!empty($order)) {
$order_sql = ' ORDER BY ';
@@ -220,7 +216,6 @@ $limit = (int) $config["block_size"];
$offset = (int) get_parameter ('offset');
$params = implode(',', array ('*'));
-$is_extra_sql = (int)$is_extra;
$where = sprintf("(tagente_modulo.id_policy_module = 0 AND disabled = 0 AND tagente_estado.utimestamp !=0 AND tagente_modulo.id_agente = %s AND delete_pending = 0)", $id_agente);
@@ -228,6 +223,8 @@ $search_string_entities = io_safe_input($search_string);
$basic_where = sprintf(" tagente_estado.utimestamp !=0 AND tagente_modulo.id_agente_modulo = tagente_estado.id_agente_modulo AND (nombre LIKE '%%%s%%' OR nombre LIKE '%%%s%%' OR descripcion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%') AND", $search_string, $search_string_entities, $search_string, $search_string_entities);
+$where_tags = tags_get_acl_tags($config['id_user'], $agent['id_grupo'], 'AR', 'module_condition', 'AND', 'tagente_modulo');
+
switch ($config["dbtype"]) {
case "postgresql":
$limit_sql = " LIMIT $limit OFFSET $offset ";
@@ -238,8 +235,8 @@ switch ($config["dbtype"]) {
$order[] = array('field' => 'tagente_modulo.nombre', 'order' => 'ASC');
- $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s (%s %s) %s %s",
- $params, $basic_where, $extra_sql, $where, $order_sql, $limit_sql);
+ $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s %s %s %s %s",
+ $params, $basic_where, $where, $where_tags, $order_sql, $limit_sql);
$modules = db_get_all_rows_sql($sql);
break;
@@ -249,13 +246,13 @@ switch ($config["dbtype"]) {
$set = array();
$set['limit'] = $limit;
$set['offset'] = $offset;
- $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s (%s %s) %s",
- $params, $basic_where, $extra_sql, $where, $order_sql);
+ $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s %s %s %s",
+ $params, $basic_where, $where, $where_tags, $order_sql);
$modules = oracle_recode_query ($sql, $set, 'AND', false);
break;
}
-$sql_total_modules = sprintf("SELECT count(*) FROM tagente_modulo, tagente_estado WHERE %s (%s %s)", $basic_where, $extra_sql, $where);
+$sql_total_modules = sprintf("SELECT count(*) FROM tagente_modulo, tagente_estado WHERE %s %s %s", $basic_where, $where, $where_tags);
$total_modules = db_get_value_sql($sql_total_modules);
$total_modules = isset ($total_modules) ? $total_modules : 0;
diff --git a/pandora_console/operation/agentes/group_view.php b/pandora_console/operation/agentes/group_view.php
index 02f41cd090..0a767759f4 100644
--- a/pandora_console/operation/agentes/group_view.php
+++ b/pandora_console/operation/agentes/group_view.php
@@ -74,6 +74,9 @@ else {
// Header
ui_print_page_header (__("Group view"), "images/bricks.png", false, "", false, $updated_time );
+if(tags_has_user_acl_tags()) {
+ ui_print_tags_warning();
+}
// Init vars
$groups_info = array ();
diff --git a/pandora_console/operation/agentes/networkmap.php b/pandora_console/operation/agentes/networkmap.php
index 41728e1acb..5b0d4cc693 100644
--- a/pandora_console/operation/agentes/networkmap.php
+++ b/pandora_console/operation/agentes/networkmap.php
@@ -269,6 +269,10 @@ if (!empty($name)) {
ui_print_page_header (__('Network map')." - ".$title, "images/bricks.png", false, "network_map", false, $buttons);
+if(tags_has_user_acl_tags()) {
+ ui_print_tags_warning();
+}
+
if ($delete_networkmap || $add_networkmap || $save_networkmap) {
echo $message;
}
diff --git a/pandora_console/operation/agentes/status_events.php b/pandora_console/operation/agentes/status_events.php
index ac5ec2a785..1d1a5458f4 100644
--- a/pandora_console/operation/agentes/status_events.php
+++ b/pandora_console/operation/agentes/status_events.php
@@ -25,6 +25,9 @@ if (!isset($id_agente)){
require_once ("include/functions_events.php");
echo "<h4 style='margin-top:0px !important;'>".__('Latest events for this agent')."</h4>";
-events_print_event_table ("WHERE id_agente = $id_agente", $limit = 10, $width='98%');
+
+$tags_condition = tags_get_acl_tags($config['id_user'], $agent['id_grupo'], 'ER', 'event_condition', 'AND');
+
+events_print_event_table ("WHERE id_agente = $id_agente $tags_condition", $limit = 10, $width='100%');
?>
diff --git a/pandora_console/operation/agentes/status_monitor.php b/pandora_console/operation/agentes/status_monitor.php
index f4b608f47c..b9dba60023 100644
--- a/pandora_console/operation/agentes/status_monitor.php
+++ b/pandora_console/operation/agentes/status_monitor.php
@@ -36,9 +36,6 @@ enterprise_include_once ('include/functions_metaconsole.php');
$isFunctionPolicies = enterprise_include_once ('include/functions_policies.php');
-// TODO: CLEAN extra_sql
-$extra_sql = '';
-
if (! defined ('METACONSOLE')) {
//Header
ui_print_page_header ("Monitor detail", "images/brick.png", false);
@@ -54,7 +51,6 @@ $offset = (int) get_parameter ('offset', 0);
$status = (int) get_parameter ('status', 4);
$modulegroup = get_parameter ('modulegroup', -1);
$tag_filter = get_parameter('tag_filter', 0);
-$sql_extra = '';
$refr = get_parameter('refr', 0);
// Sort functionality
@@ -65,9 +61,133 @@ echo '<form method="post" action="index.php?sec=estado&sec2=operation/agente
echo '<table cellspacing="4" cellpadding="4" width="98%" class="databox">
<tr>';
-
+
// Get Groups and profiles from user
$user_groups = implode (",", array_keys (users_get_groups ()));
+
+////////////////////////////////////
+// Begin Build SQL sentences
+$sql_from = " FROM tagente, tagente_modulo, tagente_estado ";
+
+$sql_conditions_base = " WHERE tagente.id_agente = tagente_modulo.id_agente
+ AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo";
+
+$sql_conditions = " AND tagente_modulo.disabled = 0 AND tagente.disabled = 0";
+
+// Agent group selector
+if (!defined('METACONSOLE')) {
+ if ($ag_group > 0 && check_acl ($config["id_user"], $ag_group, "AR")) {
+ $sql_conditions_group = sprintf (" AND tagente.id_grupo = %d", $ag_group);
+ }
+ elseif($user_groups != '') {
+ // User has explicit permission on group 1 ?
+ $sql_conditions_group = " AND tagente.id_grupo IN (".$user_groups.")";
+ }
+}
+else {
+ if ($ag_group != "0" && check_acl ($config["id_user"], $ag_group, "AR")) {
+ $sql_conditions_group = sprintf (" AND tagente.id_grupo IN ( SELECT id_grupo FROM tgrupo where nombre = '%s') ", $ag_group);
+ }
+ elseif($user_groups != '') {
+ // User has explicit permission on group 1 ?
+ $sql_conditions_group = " AND tagente.id_grupo IN (".$user_groups.")";
+ }
+}
+
+// Module group
+if (defined('METACONSOLE')) {
+ if ($modulegroup != '-1')
+ $sql_conditions .= sprintf (" AND tagente_modulo.id_module_group IN (SELECT id_mg
+ FROM tmodule_group WHERE name = '%s')", $modulegroup);
+}
+else if ($modulegroup > -1) {
+ $sql_conditions .= sprintf (" AND tagente_modulo.id_module_group = '%d'", $modulegroup);
+
+}
+
+// Module name selector
+if ($ag_modulename != "") {
+ $sql_conditions .= sprintf (" AND tagente_modulo.nombre = '%s'", $ag_modulename);
+}
+
+// Freestring selector
+if ($ag_freestring != "") {
+ $sql_conditions .= sprintf (" AND (tagente.nombre LIKE '%%%s%%'
+ OR tagente_modulo.nombre LIKE '%%%s%%'
+ OR tagente_modulo.descripcion LIKE '%%%s%%')",
+ $ag_freestring, $ag_freestring, $ag_freestring);
+}
+
+// Status selector
+if ($status == 0) { //Normal
+ $sql_conditions .= " AND tagente_estado.estado = 0
+ AND (utimestamp > 0 OR (tagente_modulo.id_tipo_modulo IN(21,22,23,100))) ";
+}
+elseif ($status == 2) { //Critical
+ $sql_conditions .= " AND tagente_estado.estado = 1 AND utimestamp > 0";
+}
+elseif ($status == 1) { //Warning
+ $sql_conditions .= " AND tagente_estado.estado = 2 AND utimestamp > 0";
+}
+elseif ($status == 4) { //Not normal
+ $sql_conditions .= " AND tagente_estado.estado <> 0";
+}
+elseif ($status == 3) { //Unknown
+ $sql_conditions .= " AND tagente_estado.estado = 3 AND tagente_estado.utimestamp <> 0";
+}
+elseif ($status == 5) { //Not init
+ $sql_conditions .= " AND tagente_estado.utimestamp = 0
+ AND tagente_modulo.id_tipo_modulo NOT IN (21,22,23,100)";
+}
+
+//Filter by tag
+if ($tag_filter !== 0) {
+ if (defined('METACONSOLE')) {
+ $sql_conditions .= " AND tagente_modulo.id_agente_modulo IN (
+ SELECT ttag_module.id_agente_modulo
+ FROM ttag_module
+ WHERE ttag_module.id_tag IN (SELECT id_tag FROM ttag where name LIKE '%" . $tag_filter . "%')
+ )";
+ }
+ else{
+ $sql_conditions .= " AND tagente_modulo.id_agente_modulo IN (
+ SELECT ttag_module.id_agente_modulo
+ FROM ttag_module
+ WHERE ttag_module.id_tag = " . $tag_filter . "
+ )";
+
+ }
+}
+
+$sql_conditions_tags = tags_get_acl_tags($config['id_user'], $ag_group, 'AR', 'module_condition', 'AND', 'tagente_modulo');
+
+// Two modes of filter. All the filters and only ACLs filter
+$sql_conditions_all = $sql_conditions_base . $sql_conditions . $sql_conditions_group . $sql_conditions_tags;
+$sql_conditions_acl = $sql_conditions_base . $sql_conditions_group . $sql_conditions_tags;
+
+// Get count to paginate
+if (!defined('METACONSOLE'))
+ $count = db_get_sql ("SELECT COUNT(tagente_modulo.id_agente_modulo) " . $sql_from . $sql_conditions_all);
+
+// Get limit_sql depend of the metaconsole or standard mode
+if (defined('METACONSOLE')) {
+ // Offset will be used to get the subset of modules
+ $inferior_limit = $offset;
+ $superior_limit = $config["block_size"] + $offset;
+ // Offset reset to get all elements
+ $offset = 0;
+ if (!isset($config["meta_num_elements"]))
+ $config["meta_num_elements"] = 100;
+
+ $limit_sql = $config["meta_num_elements"];
+}
+else
+ $limit_sql = $config["block_size"];
+
+// End Build SQL sentences
+/////////////////////////////////////
+
+// Query to get name of the modules to module name filter combo
switch ($config["dbtype"]) {
case "mysql":
case "postgresql":
@@ -90,29 +210,7 @@ switch ($config["dbtype"]) {
//The check of is_admin
$flag_is_admin = (bool)db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
- $sql = ' SELECT distinct(nombre)
- FROM tagente_modulo
- WHERE nombre <> \'delete_pending\' AND id_agente IN
- (
- SELECT id_agente
- FROM tagente
- WHERE';
-
- $sql .= $extra_sql.'(';
-
- if ($flag_is_admin || $flag_all_group) {
- $sql .= ' 1 = 1 ';
- }
- else {
- if (empty($id_groups)) {
- $sql .= ' 1 = 0 ';
- }
- else {
- $sql .= ' id_grupo IN (' . implode(',', $id_groups) . ') ';
- }
- }
-
- $sql .= '))';
+ $sql = ' SELECT distinct(tagente_modulo.nombre) '. $sql_from . $sql_conditions_acl;
break;
case "oracle":
$profiles = db_get_all_rows_sql('SELECT id_grupo
@@ -135,33 +233,10 @@ switch ($config["dbtype"]) {
$flag_is_admin = (bool)db_get_value('is_admin', 'tusuario',
'id_user', $config['id_user']);
- $sql = ' SELECT DISTINCT dbms_lob.substr(nombre,4000,1) AS nombre
- FROM tagente_modulo
- WHERE dbms_lob.substr(nombre,4000,1) <> \'delete_pending\'
- AND id_agente IN
- (
- SELECT id_agente
- FROM tagente
- WHERE';
-
- $sql .= $extra_sql . '(';
-
- if ($flag_is_admin || $flag_all_group) {
- $sql .= ' 1 = 1 ';
- }
- else {
- if (empty($id_groups)) {
- $sql .= ' 1 = 0 ';
- }
- else {
- $sql .= ' id_grupo IN (' . implode(',', $id_groups) . ') ';
- }
- }
-
- $sql .= '))';
+ $sql = ' SELECT DISTINCT dbms_lob.substr(nombre,4000,1) AS nombre'. $sql_from . $sql_conditions_acl;
break;
}
-
+
$modules = array();
$tags = array();
$rows_select = array();
@@ -174,11 +249,11 @@ if (defined('METACONSOLE')) {
// For each server defined and not disabled:
$servers = db_get_all_rows_sql ("SELECT * FROM tmetaconsole_setup WHERE disabled = 0");
+
if ($servers === false)
$servers = array();
$result = array();
-
foreach($servers as $server) {
// If connection was good then retrieve all data server
if (metaconsole_connect($server) == NOERR){
@@ -187,10 +262,10 @@ if (defined('METACONSOLE')) {
else{
$connection = false;
}
-
+
// Get all info for filters of all nodes
$modules_temp = db_get_all_rows_sql($sql);
-
+
$tags_temp = db_get_all_rows_sql('SELECT name, name
FROM ttag
WHERE id_tag IN (SELECT ttag_module.id_tag
@@ -219,7 +294,7 @@ if (defined('METACONSOLE')) {
if (!empty($groups_temp_processed)) {
$groups_select = array_unique(array_merge($groups_select, $groups_temp_processed));
}
-
+
if (!empty($modules_temp))
$modules = array_merge($modules, $modules_temp);
if (!empty($tags_temp))
@@ -228,7 +303,6 @@ if (defined('METACONSOLE')) {
metaconsole_restore_db();
}
unset($groups_select[__('All')]);
-
}
if (!defined('METACONSOLE')) {
@@ -312,18 +386,17 @@ echo '<td valign="middle" align="right">' .
ui_print_help_tip(__('Only it is show tags in use.'), true) .
'</td>';
echo '<td>';
-if (!defined('METACONSOLE'))
- $tags = db_get_all_rows_sql('SELECT id_tag, name
- FROM ttag
- WHERE id_tag IN (SELECT ttag_module.id_tag
- FROM ttag_module)');
+
+if (!defined('METACONSOLE')) {
+ $tags = tags_get_user_tags();
+}
if (empty($tags)) {
- echo __('None tag');
+ echo __('No tags');
}
else {
if (!defined('METACONSOLE'))
- html_print_select (index_array($tags, 'id_tag', 'name'), "tag_filter",
+ html_print_select ($tags, "tag_filter",
$tag_filter, '', __('All'), '', false, false, true, '', false, 'width: 150px;');
else
html_print_select (index_array($tags, 'name', 'name'), "tag_filter",
@@ -475,118 +548,7 @@ switch ($sortField) {
'order' => 'ASC');
break;
}
-
-// Begin Build SQL sentences
-$sql = " FROM tagente, tagente_modulo, tagente_estado
- WHERE $sql_extra (tagente.id_agente = tagente_modulo.id_agente
- AND tagente_modulo.disabled = 0
- AND tagente.disabled = 0
- AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo";
-
-// Agent group selector
-if (!defined('METACONSOLE')) {
- if ($ag_group > 0 && check_acl ($config["id_user"], $ag_group, "AR")) {
- $sql .= sprintf (" AND tagente.id_grupo = %d", $ag_group);
- }
- elseif($user_groups != '') {
- // User has explicit permission on group 1 ?
- $sql .= " AND tagente.id_grupo IN (".$user_groups.")";
- }
-}
-else {
- if ($ag_group != "0" && check_acl ($config["id_user"], $ag_group, "AR")) {
- $sql .= sprintf (" AND tagente.id_grupo IN ( SELECT id_grupo FROM tgrupo where nombre = '%s') ", $ag_group);
- }
- elseif($user_groups != '') {
- // User has explicit permission on group 1 ?
- $sql .= " AND tagente.id_grupo IN (".$user_groups.")";
- }
-}
-
-// Module group
-if (defined('METACONSOLE')) {
- if ($modulegroup != '-1')
- $sql .= sprintf (" AND tagente_modulo.id_module_group IN (SELECT id_mg
- FROM tmodule_group WHERE name = '%s')", $modulegroup);
-}
-else if ($modulegroup > -1) {
- $sql .= sprintf (" AND tagente_modulo.id_module_group = '%d'", $modulegroup);
-
-}
-
-// Module name selector
-if ($ag_modulename != "") {
- $sql .= sprintf (" AND tagente_modulo.nombre = '%s'", $ag_modulename);
-}
-
-// Freestring selector
-if ($ag_freestring != "") {
- $sql .= sprintf (" AND (tagente.nombre LIKE '%%%s%%'
- OR tagente_modulo.nombre LIKE '%%%s%%'
- OR tagente_modulo.descripcion LIKE '%%%s%%')",
- $ag_freestring, $ag_freestring, $ag_freestring);
-}
-
-// Status selector
-if ($status == 0) { //Normal
- $sql .= " AND tagente_estado.estado = 0
- AND (utimestamp > 0 OR (tagente_modulo.id_tipo_modulo IN(21,22,23,100))) ";
-}
-elseif ($status == 2) { //Critical
- $sql .= " AND tagente_estado.estado = 1 AND utimestamp > 0";
-}
-elseif ($status == 1) { //Warning
- $sql .= " AND tagente_estado.estado = 2 AND utimestamp > 0";
-}
-elseif ($status == 4) { //Not normal
- $sql .= " AND tagente_estado.estado <> 0";
-}
-elseif ($status == 3) { //Unknown
- $sql .= " AND tagente_estado.estado = 3 AND tagente_estado.utimestamp <> 0";
-}
-elseif ($status == 5) { //Not init
- $sql .= " AND tagente_estado.utimestamp = 0
- AND tagente_modulo.id_tipo_modulo NOT IN (21,22,23,100)";
-}
-
-//Filter by tag
-if ($tag_filter !== 0) {
- if (defined('METACONSOLE')) {
- $sql .= " AND tagente_modulo.id_agente_modulo IN (
- SELECT ttag_module.id_agente_modulo
- FROM ttag_module
- WHERE ttag_module.id_tag IN (SELECT id_tag FROM ttag where name LIKE '%" . $tag_filter . "%')
- )";
- }
- else{
- $sql .= " AND tagente_modulo.id_agente_modulo IN (
- SELECT ttag_module.id_agente_modulo
- FROM ttag_module
- WHERE ttag_module.id_tag = " . $tag_filter . "
- )";
-
- }
-}
-
-// Build final SQL sentences
-if (!defined('METACONSOLE'))
- $count = db_get_sql ("SELECT COUNT(tagente_modulo.id_agente_modulo) " .
- $sql . ")");
-
-if (defined('METACONSOLE')) {
- // Offset will be used to get the subset of modules
- $inferior_limit = $offset;
- $superior_limit = $config["block_size"] + $offset;
- // Offset reset to get all elements
- $offset = 0;
- if (!isset($config["meta_num_elements"]))
- $config["meta_num_elements"] = 100;
-
- $limit_sql = $config["meta_num_elements"];
-}
-else
- $limit_sql = $config["block_size"];
-
+
switch ($config["dbtype"]) {
case "mysql":
$sql = "SELECT
@@ -601,7 +563,6 @@ switch ($config["dbtype"]) {
tagente.intervalo AS agent_interval,
tagente.nombre AS agent_name,
tagente_modulo.nombre AS module_name,
- tagente_modulo.id_agente_modulo,
tagente_modulo.history_data,
tagente_modulo.flag AS flag,
tagente.id_grupo AS id_group,
@@ -623,7 +584,7 @@ switch ($config["dbtype"]) {
tagente_modulo.critical_instructions,
tagente_modulo.warning_instructions,
tagente_modulo.unknown_instructions,
- tagente_estado.utimestamp AS utimestamp".$sql.") ORDER BY " . $order['field'] . " " . $order['order']
+ tagente_estado.utimestamp AS utimestamp".$sql_from . $sql_conditions_all." ORDER BY " . $order['field'] . " " . $order['order']
. " LIMIT ".$offset.",".$limit_sql;
break;
case "postgresql":
@@ -639,7 +600,6 @@ switch ($config["dbtype"]) {
tagente.intervalo AS agent_interval,
tagente.nombre AS agent_name,
tagente_modulo.nombre AS module_name,
- tagente_modulo.id_agente_modulo,
tagente_modulo.history_data,
tagente_modulo.flag AS flag,
tagente.id_grupo AS id_group,
@@ -661,7 +621,7 @@ switch ($config["dbtype"]) {
tagente_modulo.critical_instructions,
tagente_modulo.warning_instructions,
tagente_modulo.unknown_instructions,
- tagente_estado.utimestamp AS utimestamp".$sql.") LIMIT " . $limit_sql . " OFFSET " . $offset;
+ tagente_estado.utimestamp AS utimestamp".$sql_form . $sql_conditions_all." LIMIT " . $limit_sql . " OFFSET " . $offset;
break;
case "oracle":
$set = array();
@@ -700,7 +660,7 @@ switch ($config["dbtype"]) {
tagente_modulo.critical_instructions,
tagente_modulo.warning_instructions,
tagente_modulo.unknown_instructions,
- tagente_estado.utimestamp AS utimestamp" . $sql;
+ tagente_estado.utimestamp AS utimestamp" . $sql_form . $sql_conditions_all;
$sql = oracle_recode_query ($sql, $set);
break;
}
diff --git a/pandora_console/operation/agentes/tactical.php b/pandora_console/operation/agentes/tactical.php
index 9014bc7654..efc01ca865 100644
--- a/pandora_console/operation/agentes/tactical.php
+++ b/pandora_console/operation/agentes/tactical.php
@@ -30,7 +30,7 @@ if (! check_acl ($config['id_user'], 0, "AR")) {
require ("general/noaccess.php");
return;
}
-
+
$is_admin = check_acl ($config['id_user'], 0, "PM");
$force_refresh = get_parameter ("force_refresh", "");
@@ -74,6 +74,10 @@ else {
ui_print_page_header (__("Tactical view"), "images/bricks.png", false, "", false, $updated_time );
$data = reporting_get_group_stats();
+if(tags_has_user_acl_tags()) {
+ ui_print_tags_warning();
+}
+
echo '<div style="width:20%; float:left; padding-right: 5%;" id="leftcolumn">';
// ---------------------------------------------------------------------
// The status horizontal bars (Global health, Monitor sanity...
diff --git a/pandora_console/operation/events/events_list.php b/pandora_console/operation/events/events_list.php
index e7deb59fa2..6067c35d56 100644
--- a/pandora_console/operation/events/events_list.php
+++ b/pandora_console/operation/events/events_list.php
@@ -574,6 +574,20 @@ echo '</div>';
// Choose the table where search if metaconsole or not
if($meta) {
$event_table = 'tmetaconsole_event';
+
+ // Show only the events of enabled nodes
+ $enabled_nodes = db_get_all_rows_sql('SELECT id FROM tmetaconsole_setup WHERE disabled = 0');
+
+ if(empty($enabled_nodes)) {
+ $sql_post .= ' AND 1 = 0';
+ }
+ else {
+ $enabled_nodes_id = array();
+ foreach($enabled_nodes as $en) {
+ $enabled_nodes_id[] = $en['id'];
+ }
+ $sql_post .= ' AND server_id IN ('.implode(',',$enabled_nodes_id).')';
+ }
}
else {
$event_table = 'tevento';
diff --git a/pandora_console/operation/tree.php b/pandora_console/operation/tree.php
index 121f83daaf..e34f6169e0 100644
--- a/pandora_console/operation/tree.php
+++ b/pandora_console/operation/tree.php
@@ -566,6 +566,10 @@ if (! defined ('METACONSOLE')) {
ui_meta_print_header(__("Tree view"), $subsection, $subsections);
}
+if(tags_has_user_acl_tags()) {
+ ui_print_tags_warning();
+}
+
echo "<br>";
if (! defined ('METACONSOLE')) {
echo '<form id="tree_search" method="post" action="index.php?extension_in_menu=estado&sec=estado&sec2=operation/tree&refr=0&sort_by='.$activeTab.'&pure='.$pure.'">';