tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

event advanced filter fixes

This commit is contained in:
fbsanchez 2019-06-19 16:52:14 +02:00
parent 524575171a
commit 44d8b977cb
4 changed files with 131 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
pandora_console/include/ajax/events.php
View File

@ -1079,29 +1079,37 @@ if ($get_extended_event) {
}
// Check ACLs.
$access = false;
if (is_user_admin($config['id_user'])) {
// Do nothing if you're admin, you get full access.
$__ignored_line = 0;
$access = true;
} else if ($config['id_user'] == $event['owner_user']) {
// Do nothing if you're the owner user, you get access.
$__ignored_line = 0;
$access = true;
} else if ($event['id_grupo'] == 0) {
// If the event has access to all groups, you get access.
$__ignored_line = 0;
$access = true;
} else {
// Get your groups.
$groups = users_get_groups($config['id_user'], 'ER');
if (in_array($event['id_grupo'], array_keys($groups))) {
// If event group is among the groups of the user, you get access.
$__ignored_line = 0;
} else {
// If all the access types fail, abort.
echo 'Access denied';
return false;
$access = true;
} else if ($event['id_agente']
&& agents_check_access_agent($event['id_agente'], 'ER')
) {
// Secondary group, indirect access.
$access = true;
}
}
if (!$access) {
// If all the access types fail, abort.
echo 'Access denied';
return false;
}
// Print group_rep in a hidden field to recover it from javascript.
html_print_input_hidden('group_rep', (int) $group_rep);

56
pandora_console/include/functions_events.php
View File

@ -641,32 +641,37 @@ function events_get_all(
}
}
if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) {
$groups = $filter['id_group_filter'];
if (isset($groups) && $groups > 0) {
$propagate = db_get_value(
'propagate',
'tgrupo',
'id_grupo',
$filter['id_group_filter']
$groups
);
if (!$propagate) {
$sql_filters[] = sprintf(
' AND te.id_grupo = %d ',
$filter['id_group_filter']
' AND (te.id_grupo = %d OR tasg.id_group = %d)',
$groups
);
} else {
$groups = [ $filter['id_group_filter'] ];
$childrens = groups_get_childrens($id_group, null, true);
if (!empty($childrens)) {
foreach ($childrens as $child) {
$groups[] = (int) $child['id_grupo'];
$children = groups_get_children($groups);
$_groups = [];
if (!empty($children)) {
foreach ($children as $child) {
$_groups[] = (int) $child['id_grupo'];
}
$groups = $_groups;
} else {
$groups = [ $groups ];
}
$filter['id_group_filter'] = $groups;
$sql_filters[] = sprintf(
' AND id_group IN (%s) ',
join(',', $filter['id_group_filter'])
' AND (te.id_grupo IN (%s) OR tasg.id_group IN (%s)',
join(',', array_keys($groups)),
join(',', array_keys($groups))
);
}
}
@ -702,8 +707,6 @@ function events_get_all(
}
}
$sg_active = enterprise_hook('agents_is_using_secondary_groups');
if (!$user_is_admin) {
$ER_groups = users_get_groups($config['id_user'], 'ER', false);
$EM_groups = users_get_groups($config['id_user'], 'EM', false, true);
@ -713,7 +716,8 @@ function events_get_all(
if (!$user_is_admin && !users_can_manage_group_all('ER')) {
// Get groups where user have ER grants.
$sql_filters[] = sprintf(
' AND te.id_grupo IN ( %s )',
' AND (te.id_grupo IN ( %s ) OR tasg.id_group IN (%s))',
join(', ', array_keys($ER_groups)),
join(', ', array_keys($ER_groups))
);
}
@ -1036,12 +1040,24 @@ function events_get_all(
$tgrupo_join = 'LEFT';
$tgrupo_join_filters = [];
if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) {
if (isset($groups)
&& (is_array($groups)
|| $groups > 0)
) {
$tgrupo_join = 'INNER';
$tgrupo_join_filters[] = sprintf(
' AND tg.id_grupo = %s',
$filter['id_group_filter']
);
if (is_array($groups)) {
$tgrupo_join_filters[] = sprintf(
' AND (tg.id_grupo IN (%s) OR tasg.id_group IN (%s))',
join(', ', array_keys($groups)),
join(', ', array_keys($groups))
);
} else {
$tgrupo_join_filters[] = sprintf(
' AND (tg.id_grupo = %s OR tasg.id_group = %s)',
$groups,
$groups
);
}
}
// Secondary groups.

47
pandora_console/include/functions_groups.php
View File

@ -298,6 +298,53 @@ function groups_get_childrens_ids($parent, $groups=null)
/**
* Return a array of id_group of children of given parent.
*
* @param integer $parent The id_grupo parent to search its children.
* @param array $ignorePropagate Ignore propagate.
*/
function groups_get_children($parent, $ignorePropagate=false)
{
static $groups;
if (empty($groups)) {
$groups = db_get_all_rows_in_table('tgrupo');
$groups = array_reduce(
$groups,
function ($carry, $item) {
$carry[$item['id_grupo']] = $item;
return $carry;
}
);
}
$return = [];
foreach ($groups as $key => $g) {
if ($g['id_grupo'] == 0) {
continue;
}
if ($ignorePropagate || $parent == 0 || $groups[$parent]['propagate']) {
if ($g['parent'] == $parent) {
$return += [$g['id_grupo'] => $g];
if ($g['propagate'] || $ignorePropagate) {
$return += groups_get_children(
$g['id_grupo'],
$ignorePropagate
)
);
}
}
}
}
return $return;
}
/**
* XXX: This is not working. Expects 'propagate' on CHILD not on PARENT!!!
*
* Return a array of id_group of childrens (to branches down)
*
* @param integer $parent The id_group parent to search the childrens.

64
pandora_console/operation/events/events.php
View File

@ -1591,38 +1591,6 @@ function process_datatables_item(item) {
module_status = '<div class="criticity" style="background: ';
module_status += color + '">' + text + "</div>";
/* Agent name link */
if (item.id_agente > 0) {
item.agent_name = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>' +item.id_agente+'">' + item.agent_name + '</a>';
} else {
item.agent_name = '';
}
/* Agent ID link */
if (item.id_agente > 0) {
<?php
if (in_array('agent_name', $fields)) {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.id_agente + '</a>';
<?php
} else {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.agent_name + '</a>';
<?php
}
?>
} else {
item.id_agente = '';
}
/* Group name */
if (item.id_grupo == "0") {
item.id_grupo = "<?php echo __('All'); ?>";
} else {
item.id_grupo = item.group_name;
}
/* Options */
// Show more.
item.options = '<a href="javascript:" onclick="show_event_dialog(\'';
@ -1700,6 +1668,31 @@ function process_datatables_item(item) {
}
/* Update column content now to avoid json poisoning. */
/* Agent name link */
if (item.id_agente > 0) {
item.agent_name = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>' +item.id_agente+'">' + item.agent_name + '</a>';
} else {
item.agent_name = '';
}
/* Agent ID link */
if (item.id_agente > 0) {
<?php
if (in_array('agent_name', $fields)) {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.id_agente + '</a>';
<?php
} else {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.agent_name + '</a>';
<?php
}
?>
} else {
item.id_agente = '';
}
item.estado = '<div>';
item.estado += img;
item.estado += '</div>';
@ -1719,6 +1712,13 @@ function process_datatables_item(item) {
// Add event severity format to itself.
item.evento = evn;
/* Group name */
if (item.id_grupo == "0") {
item.id_grupo = "<?php echo __('All'); ?>";
} else {
item.id_grupo = item.group_name;
}
}
/* Datatables auxiliary functions ends */