tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-30 01:05:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

event advanced filter fixes

Browse Source
This commit is contained in:
fbsanchez 2019-06-19 16:52:14 +02:00
parent 524575171a
commit 44d8b977cb
4 changed files with 131 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
pandora_console/include/ajax/events.php
View File

@ -1079,29 +1079,37 @@ if ($get_extended_event) {
} }
// Check ACLs. // Check ACLs.
$access = false;
if (is_user_admin($config['id_user'])) { if (is_user_admin($config['id_user'])) {
// Do nothing if you're admin, you get full access. // Do nothing if you're admin, you get full access.
$__ignored_line = 0; $access = true;
} else if ($config['id_user'] == $event['owner_user']) { } else if ($config['id_user'] == $event['owner_user']) {
// Do nothing if you're the owner user, you get access. // Do nothing if you're the owner user, you get access.
$__ignored_line = 0; $access = true;
} else if ($event['id_grupo'] == 0) { } else if ($event['id_grupo'] == 0) {
// If the event has access to all groups, you get access. // If the event has access to all groups, you get access.
$__ignored_line = 0; $access = true;
} else { } else {
// Get your groups. // Get your groups.
$groups = users_get_groups($config['id_user'], 'ER'); $groups = users_get_groups($config['id_user'], 'ER');
if (in_array($event['id_grupo'], array_keys($groups))) { if (in_array($event['id_grupo'], array_keys($groups))) {
// If event group is among the groups of the user, you get access. // If event group is among the groups of the user, you get access.
$__ignored_line = 0; $access = true;
} else { } else if ($event['id_agente']
// If all the access types fail, abort. && agents_check_access_agent($event['id_agente'], 'ER')
echo 'Access denied'; ) {
return false; // Secondary group, indirect access.
$access = true;
} }
} }
if (!$access) {
// If all the access types fail, abort.
echo 'Access denied';
return false;
}
// Print group_rep in a hidden field to recover it from javascript. // Print group_rep in a hidden field to recover it from javascript.
html_print_input_hidden('group_rep', (int) $group_rep); html_print_input_hidden('group_rep', (int) $group_rep);

56
pandora_console/include/functions_events.php
View File

@ -641,32 +641,37 @@ function events_get_all(
} }
} }
if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) { $groups = $filter['id_group_filter'];
if (isset($groups) && $groups > 0) {
$propagate = db_get_value( $propagate = db_get_value(
'propagate', 'propagate',
'tgrupo', 'tgrupo',
'id_grupo', 'id_grupo',
$filter['id_group_filter'] $groups
); );
if (!$propagate) { if (!$propagate) {
$sql_filters[] = sprintf( $sql_filters[] = sprintf(
' AND te.id_grupo = %d ', ' AND (te.id_grupo = %d OR tasg.id_group = %d)',
$filter['id_group_filter'] $groups
); );
} else { } else {
$groups = [ $filter['id_group_filter'] ]; $children = groups_get_children($groups);
$childrens = groups_get_childrens($id_group, null, true); $_groups = [];
if (!empty($childrens)) { if (!empty($children)) {
foreach ($childrens as $child) { foreach ($children as $child) {
$groups[] = (int) $child['id_grupo']; $_groups[] = (int) $child['id_grupo'];
} }
$groups = $_groups;
} else {
$groups = [ $groups ];
} }
$filter['id_group_filter'] = $groups;
$sql_filters[] = sprintf( $sql_filters[] = sprintf(
' AND id_group IN (%s) ', ' AND (te.id_grupo IN (%s) OR tasg.id_group IN (%s)',
join(',', $filter['id_group_filter']) join(',', array_keys($groups)),
join(',', array_keys($groups))
); );
} }
} }
@ -702,8 +707,6 @@ function events_get_all(
} }
} }
$sg_active = enterprise_hook('agents_is_using_secondary_groups');
if (!$user_is_admin) { if (!$user_is_admin) {
$ER_groups = users_get_groups($config['id_user'], 'ER', false); $ER_groups = users_get_groups($config['id_user'], 'ER', false);
$EM_groups = users_get_groups($config['id_user'], 'EM', false, true); $EM_groups = users_get_groups($config['id_user'], 'EM', false, true);
@ -713,7 +716,8 @@ function events_get_all(
if (!$user_is_admin && !users_can_manage_group_all('ER')) { if (!$user_is_admin && !users_can_manage_group_all('ER')) {
// Get groups where user have ER grants. // Get groups where user have ER grants.
$sql_filters[] = sprintf( $sql_filters[] = sprintf(
' AND te.id_grupo IN ( %s )', ' AND (te.id_grupo IN ( %s ) OR tasg.id_group IN (%s))',
join(', ', array_keys($ER_groups)),
join(', ', array_keys($ER_groups)) join(', ', array_keys($ER_groups))
); );
} }
@ -1036,12 +1040,24 @@ function events_get_all(
$tgrupo_join = 'LEFT'; $tgrupo_join = 'LEFT';
$tgrupo_join_filters = []; $tgrupo_join_filters = [];
if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) { if (isset($groups)
&& (is_array($groups)
|| $groups > 0)
) {
$tgrupo_join = 'INNER'; $tgrupo_join = 'INNER';
$tgrupo_join_filters[] = sprintf( if (is_array($groups)) {
' AND tg.id_grupo = %s', $tgrupo_join_filters[] = sprintf(
$filter['id_group_filter'] ' AND (tg.id_grupo IN (%s) OR tasg.id_group IN (%s))',
); join(', ', array_keys($groups)),
join(', ', array_keys($groups))
);
} else {
$tgrupo_join_filters[] = sprintf(
' AND (tg.id_grupo = %s OR tasg.id_group = %s)',
$groups,
$groups
);
}
} }
// Secondary groups. // Secondary groups.

47
pandora_console/include/functions_groups.php
View File

@ -298,6 +298,53 @@ function groups_get_childrens_ids($parent, $groups=null)
/** /**
* Return a array of id_group of children of given parent.
*
* @param integer $parent The id_grupo parent to search its children.
* @param array $ignorePropagate Ignore propagate.
*/
function groups_get_children($parent, $ignorePropagate=false)
{
static $groups;
if (empty($groups)) {
$groups = db_get_all_rows_in_table('tgrupo');
$groups = array_reduce(
$groups,
function ($carry, $item) {
$carry[$item['id_grupo']] = $item;
return $carry;
}
);
}
$return = [];
foreach ($groups as $key => $g) {
if ($g['id_grupo'] == 0) {
continue;
}
if ($ignorePropagate || $parent == 0 || $groups[$parent]['propagate']) {
if ($g['parent'] == $parent) {
$return += [$g['id_grupo'] => $g];
if ($g['propagate'] || $ignorePropagate) {
$return += groups_get_children(
$g['id_grupo'],
$ignorePropagate
)
);
}
}
}
}
return $return;
}
/**
* XXX: This is not working. Expects 'propagate' on CHILD not on PARENT!!!
*
* Return a array of id_group of childrens (to branches down) * Return a array of id_group of childrens (to branches down)
* *
* @param integer $parent The id_group parent to search the childrens. * @param integer $parent The id_group parent to search the childrens.

64
pandora_console/operation/events/events.php
View File

@ -1591,38 +1591,6 @@ function process_datatables_item(item) {
module_status = '<div class="criticity" style="background: '; module_status = '<div class="criticity" style="background: ';
module_status += color + '">' + text + "</div>"; module_status += color + '">' + text + "</div>";
/* Agent name link */
if (item.id_agente > 0) {
item.agent_name = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>' +item.id_agente+'">' + item.agent_name + '</a>';
} else {
item.agent_name = '';
}
/* Agent ID link */
if (item.id_agente > 0) {
<?php
if (in_array('agent_name', $fields)) {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.id_agente + '</a>';
<?php
} else {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.agent_name + '</a>';
<?php
}
?>
} else {
item.id_agente = '';
}
/* Group name */
if (item.id_grupo == "0") {
item.id_grupo = "<?php echo __('All'); ?>";
} else {
item.id_grupo = item.group_name;
}
/* Options */ /* Options */
// Show more. // Show more.
item.options = '<a href="javascript:" onclick="show_event_dialog(\''; item.options = '<a href="javascript:" onclick="show_event_dialog(\'';
@ -1700,6 +1668,31 @@ function process_datatables_item(item) {
} }
/* Update column content now to avoid json poisoning. */ /* Update column content now to avoid json poisoning. */
/* Agent name link */
if (item.id_agente > 0) {
item.agent_name = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>' +item.id_agente+'">' + item.agent_name + '</a>';
} else {
item.agent_name = '';
}
/* Agent ID link */
if (item.id_agente > 0) {
<?php
if (in_array('agent_name', $fields)) {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.id_agente + '</a>';
<?php
} else {
?>
item.id_agente = '<a href="<?php echo ui_get_full_url('index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='); ?>'+item.id_agente+'">' + item.agent_name + '</a>';
<?php
}
?>
} else {
item.id_agente = '';
}
item.estado = '<div>'; item.estado = '<div>';
item.estado += img; item.estado += img;
item.estado += '</div>'; item.estado += '</div>';
@ -1719,6 +1712,13 @@ function process_datatables_item(item) {
// Add event severity format to itself. // Add event severity format to itself.
item.evento = evn; item.evento = evn;
/* Group name */
if (item.id_grupo == "0") {
item.id_grupo = "<?php echo __('All'); ?>";
} else {
item.id_grupo = item.group_name;
}
} }
/* Datatables auxiliary functions ends */ /* Datatables auxiliary functions ends */