tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 00:34:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

[Secondary groups] Fixed modules permissions in some views

Browse Source
This commit is contained in:
fermin831 2018-08-08 11:49:54 +02:00
parent 323599f50e
commit 4315cef4c9
5 changed files with 27 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
pandora_console/include/class/Tree.class.php
View File

@ -1046,16 +1046,21 @@ class Tree {
// Modules SQL // Modules SQL
if ($item_for_count === false) { if ($item_for_count === false) {
html_debug("traza", true);
//FIXME This group ACL should be the same in all modules view
$group_acl = " AND (ta.id_grupo IN ($user_groups_str) OR tasg.id_group IN ($user_groups_str))";
$sql = "SELECT $columns $sql = "SELECT $columns
FROM tagente_modulo tam FROM tagente_modulo tam
INNER JOIN tagente ta INNER JOIN tagente ta
ON ta.disabled = 0 ON ta.disabled = 0
AND tam.id_agente = ta.id_agente AND tam.id_agente = ta.id_agente
$group_acl LEFT JOIN tagent_secondary_group tasg
ON tasg.id_agent = ta.id_agente
$agent_search_filter $agent_search_filter
$agent_status_filter $agent_status_filter
$module_status_join $module_status_join
WHERE tam.disabled = 0 WHERE tam.disabled = 0
$group_acl
$module_search_filter $module_search_filter
GROUP BY tam.nombre GROUP BY tam.nombre
ORDER BY $order_fields"; ORDER BY $order_fields";
@ -1634,20 +1639,15 @@ class Tree {
// Link to the Module graph // Link to the Module graph
// ACL // ACL
$group_id = (int) modules_get_agent_group($module['id']); $all_groups = modules_get_agent_groups($module['id']);
$acl_graphs = false; $acl_graphs = false;
$module["showGraphs"] = 0; $module["showGraphs"] = 0;
// Avoid the check on the metaconsole. Too slow to show/hide an icon depending on the permissions // Avoid the check on the metaconsole. Too slow to show/hide an icon depending on the permissions
if (!empty($group_id) && !is_metaconsole()) { if (!empty($group_id) && !is_metaconsole()) {
if ($this->strictACL) { $acl_graphs = check_acl_one_of_groups($config['id_user'], $all_groups, "RR");
$acl_graphs = tags_check_acl_by_module($module['id'], $config['id_user'], 'RR') === true;
}
else {
$acl_graphs = check_acl($config['id_user'], $group_id, "RR");
}
} }
else if (!empty($group_id)) { else if (!empty($all_groups)) {
$acl_graphs = true; $acl_graphs = true;
} }

4
pandora_console/include/functions_modules.php
View File

@ -780,14 +780,14 @@ function modules_get_raw_data($id_agent_module, $date_init, $date_end) {
return $data; return $data;
} }
function modules_get_agent_group($id_agent_module) { function modules_get_agent_groups($id_agent_module) {
$return = false; $return = false;
$id_agent = modules_get_agentmodule_agent( $id_agent = modules_get_agentmodule_agent(
$id_agent_module); $id_agent_module);
if (!empty($id_agent)) { if (!empty($id_agent)) {
$return = agents_get_agent_group($id_agent); $return = agents_get_all_groups_agent($id_agent);
} }
return $return; return $return;

33
pandora_console/include/functions_tags.php
View File

@ -1184,23 +1184,25 @@ function tags_get_tags_for_module_search($id_user = false, $access = 'AR') {
function tags_check_acl_by_module($id_module = 0, $id_user = false, function tags_check_acl_by_module($id_module = 0, $id_user = false,
$access = 'AW') { $access = 'AW') {
global $config; global $config;
$return = false; $return = false;
if (!empty($id_module)) { if (!empty($id_module)) {
$tags = tags_get_module_tags($id_module); $tags = tags_get_module_tags($id_module);
$group = modules_get_agent_group($id_module); $groups = modules_get_agent_groups($id_module);
if ($id_user === false) { if ($id_user === false) {
$id_user = $config["id_user"]; $id_user = $config["id_user"];
} }
$return = tags_check_acl($id_user, $group, $access, $tags, true); foreach ($groups as $group) {
if (tags_check_acl($id_user, $group, $access, $tags, true)) {
return true;
}
}
} }
return $return; return $return;
} }
@ -2480,17 +2482,10 @@ function tags_get_all_user_agents ($id_tag = false, $id_user = false,
} }
$select_fields = implode(',',$fields); $select_fields = implode(',',$fields);
$groups_clause = ""; $groups_clause = "";
if ($strict_user) { $groups_clause = " AND tagente.id_grupo IN (".implode(',', array_keys($groups_and_tags)).")";
if (!empty($groups_and_tags)) {
$groups_clause = " AND ".tags_get_acl_tags_module_condition($groups_and_tags, "tagente_modulo");
}
}
else {
$groups_clause = " AND tagente.id_grupo IN (".implode(',', array_keys($groups_and_tags)).")";
}
if (!empty($filter['id_group'])) { if (!empty($filter['id_group'])) {
if (is_array($filter['id_group'])) if (is_array($filter['id_group']))
$groups_str = implode(",", $filter['id_group']); $groups_str = implode(",", $filter['id_group']);

3
pandora_console/operation/agentes/status_monitor.php
View File

@ -1036,7 +1036,8 @@ if (!empty($result)) {
$data[2] = html_print_image('images/' . modules_show_icon_type ($row['module_type']), true); $data[2] = html_print_image('images/' . modules_show_icon_type ($row['module_type']), true);
if (check_acl ($config['id_user'], $row['id_group'], 'AW')) { $agent_groups = agents_get_all_groups_agent($row['id_agent'], $row['id_group']);
if (check_acl_one_of_groups ($config['id_user'], $agent_groups, 'AW')) {
$show_edit_icon = true; $show_edit_icon = true;
if (defined('METACONSOLE')) { if (defined('METACONSOLE')) {
if (!can_user_access_node ()) { if (!can_user_access_node ()) {

2
pandora_console/operation/events/events.build_table.php
View File

@ -790,7 +790,6 @@ else {
if ($allow_action) { if ($allow_action) {
echo '<div style="width:' . $table->width . ';" class="action-buttons">'; echo '<div style="width:' . $table->width . ';" class="action-buttons">';
//~ if (!$readonly && tags_check_acl ($config["id_user"], 0, "EW", $event['clean_tags']) == 1) {
if (!$readonly && $show_validate_button) { if (!$readonly && $show_validate_button) {
html_print_button(__('In progress selected'), 'validate_button', false, 'validate_selected(2);', 'class="sub ok"'); html_print_button(__('In progress selected'), 'validate_button', false, 'validate_selected(2);', 'class="sub ok"');
echo " "; echo " ";
@ -808,7 +807,6 @@ else {
</script> </script>
<?php <?php
} }
//~ if (!$readonly && tags_check_acl ($config["id_user"], 0,"EM", $event['clean_tags']) == 1) {
if (!$readonly && ($show_delete_button)) { if (!$readonly && ($show_delete_button)) {
html_print_button(__('Delete selected'), 'delete_button', false, 'delete_selected();', 'class="sub delete"'); html_print_button(__('Delete selected'), 'delete_button', false, 'delete_selected();', 'class="sub delete"');
?> ?>