tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

TODO List

This commit is contained in:
danielmaya 2018-09-27 13:30:32 +02:00
parent 631c38ca84
commit 453fb3f67b
12 changed files with 59 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/extensions/matrix_events/ajax.php
View File

@ -30,7 +30,7 @@ if (is_ajax()) {
require_once ('include/functions_tags.php');
$limit = (int) get_parameter("limit", 5);
// TODO revision tag
$tags_condition = tags_get_acl_tags($config['id_user'], 0, 'ER', 'event_condition', 'AND');
$filter = "estado<>1 $tags_condition";

2
pandora_console/godmode/agentes/module_manager.php
View File

@ -451,7 +451,7 @@ $where = sprintf("delete_pending = 0 AND id_agente = %s", $id_agente);
$search_string_entities = io_safe_input($search_string);
$basic_where = sprintf("(nombre LIKE '%%%s%%' OR nombre LIKE '%%%s%%' OR descripcion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%') AND", $search_string, $search_string_entities, $search_string, $search_string_entities);
// TODO revision tag
$where_tags = tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 'tagente_modulo');
$paginate_module = false;

2
pandora_console/include/ajax/events.php
View File

@ -555,7 +555,7 @@ if ($table_events) {
// Fix: for tag functionality groups have to be all user_groups (propagate ACL funct!)
$groups = users_get_groups($config["id_user"]);
// TODO revision tag
$tags_condition = tags_get_acl_tags($config['id_user'],
array_keys($groups), 'ER', 'event_condition', 'AND');
echo '<div id="div_all_events_24h">';

1
pandora_console/include/ajax/module.php
View File

@ -551,6 +551,7 @@ if ($list_modules) {
$groups = users_get_groups($config["id_user"], $access);
if($cluster_list != 1){
// TODO revision tag
$tags_sql = tags_get_acl_tags($config['id_user'],
array_keys($groups), $access, 'module_condition', 'AND',
'tagente_modulo', false, array(), true);

1
pandora_console/include/functions_agents.php
View File

@ -1240,6 +1240,7 @@ function agents_get_modules ($id_agent = null, $details = false,
//$where .= " AND id_policy_module = 0 ";
if (tags_has_user_acl_tags($config['id_user'])){
// TODO revision tag
$where_tags = tags_get_acl_tags($config['id_user'], $id_groups, 'AR',
'module_condition', 'AND', 'tagente_modulo', false, array(),
true);

1
pandora_console/include/functions_alerts.php
View File

@ -1814,6 +1814,7 @@ function get_group_alerts($id_group, $filter = '', $options = false,
$groups = users_get_groups($config["id_user"]);
if ($idGroup !== 0) {
// TODO revision tag
$where_tags = tags_get_acl_tags($config['id_user'], $idGroup, 'AR', 'module_condition', 'AND', 'tagente_modulo', true, array(), true);
} else {
$where_tags = tags_get_acl_tags($config['id_user'], array_keys($groups), 'AR', 'module_condition', 'AND', 'tagente_modulo', true, array(), true);

2
pandora_console/include/functions_events.php
View File

@ -3554,7 +3554,7 @@ function events_sql_events_grouped_agents($id_agent, $server_id = -1,
else {
$group_array = array_keys($groups);
}
// TODO revision tag
$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'ER',
'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"

3
pandora_console/include/functions_graph.php
View File

@ -2471,6 +2471,7 @@ function graph_event_module ($width = 300, $height = 200, $id_agent) {
// Fix: tag filters implemented! for tag functionality groups have to be all user_groups (propagate ACL funct!)
$groups = users_get_groups($config["id_user"]);
// TODO revision tag
$tags_condition = tags_get_acl_tags($config['id_user'], array_keys($groups), 'ER', 'event_condition', 'AND');
$data = array ();
@ -3350,6 +3351,7 @@ function grafico_eventos_grupo ($width = 300, $height = 200, $url = "", $meta =
}
// Add tags condition to filter
// TODO revision tag
$tags_condition = tags_get_acl_tags($config['id_user'], 0, 'ER', 'event_condition', 'AND');
//This will give the distinct id_agente, give the id_grupo that goes
@ -3501,6 +3503,7 @@ function grafico_eventos_total($filter = "", $width = 320, $height = 200, $noWat
$filter = str_replace ( "\\" , "", $filter);
// Add tags condition to filter
// TODO revision tag
$tags_condition = tags_get_acl_tags($config['id_user'], 0, 'ER', 'event_condition', 'AND');
$filter .= $tags_condition;

104
pandora_console/include/functions_tags.php
View File

@ -690,7 +690,7 @@ function tags_get_acl_tags($id_user, $id_group, $access = 'AR',
case 'module_condition':
// Return the condition of the tags for tagente_modulo table
$condition = tags_get_acl_tags_module_condition($acltags,
$condition = tags_get_acl_tags_module_condition_old($acltags,
$query_table);
if (!empty($condition)) {
return " $query_prefix " . $condition;
@ -757,68 +757,54 @@ function tags_get_acl_tags_module_condition($acltags, $modules_table = '') {
* @return string SQL condition for tagente_module
*/
function tags_get_acl_tags_module_condition_old($acltags, $modules_table = '') {
if (!empty($modules_table)) {
if (!empty($modules_table))
$modules_table .= '.';
}
$condition = '';
// Fix: Wrap SQL expression with "()" to avoid bad SQL sintax that makes Pandora retrieve all modules without taking care of id_agent => id_agent = X AND (sql_tag_expression)
$i = 0;
$group_conditions = array();
// The acltags array contains the groups with the acl propagation applied
// after the changes done into the 'tags_get_user_groups_and_tags' function.
foreach ($acltags as $group_id => $group_tags) {
if ($condition != '') {
$condition .= ' OR ';
$tag_join = '';
if (!empty($group_tags)) {
$tag_join = sprintf('INNER JOIN ttag_module ttmc
ON tamc.id_agente_modulo = ttmc.id_agente_modulo
AND ttmc.id_tag IN (%s)',
is_array($group_tags) ? implode(',', $group_tags) : $group_tags);
}
// Fix: Wrap SQL expression with "()" to avoid bad SQL sintax that makes Pandora retrieve all modules without taking care of id_agent => id_agent = X AND (sql_tag_expression)
if ($i == 0)
$condition .= ' ( ' . "\n";
// Group condition (The module belongs to an agent of the group X)
// Juanma (08/05/2014) Fix: Now group and tag is checked at the same time, before only tag was checked due to a bad condition
if (!array_key_exists(0, $acltags)) {
// Juanma (08/05/2014) Fix: get all groups recursively (Acl proc func!)
$group_condition = sprintf('%sid_agente IN (SELECT id_agente FROM tagente WHERE id_grupo IN (%s))', $modules_table, implode(',', array_values(groups_get_id_recursive($group_id))));
// FIXME: Not properly way to increse performance
if(enterprise_hook('agents_is_using_secondary_groups')){
$agent_condition = sprintf('SELECT tamc.id_agente_modulo
FROM tagente_modulo tamc
%s
INNER JOIN tagente tac
ON tamc.id_agente = tac.id_agente
LEFT JOIN tagent_secondary_group tasg
ON tasg.id_agent = tac.id_agente
WHERE (tac.id_grupo = %d OR tasg.id_group = %d)',
$tag_join, $group_id, $group_id);
}
else {
//Avoid the user profiles with all group access.
$group_condition = " 1 = 1 ";
else{
$agent_condition = sprintf('SELECT tamc.id_agente_modulo
FROM tagente_modulo tamc
%s
INNER JOIN tagente tac
ON tamc.id_agente = tac.id_agente
AND tac.id_grupo = %d',
$tag_join, $group_id);
}
//When the acl is only group without tags
if (empty($group_tags)) {
$condition .= "($group_condition)\n";
}
else {
if (is_array($group_tags)) {
$group_tags_query = implode(',',$group_tags);
} else {
$group_tags_query = $group_tags;
}
// Tags condition (The module has at least one of the restricted tags)
$tags_condition = sprintf('%sid_agente_modulo IN (SELECT id_agente_modulo FROM ttag_module WHERE id_tag IN (%s))', $modules_table, $group_tags_query);
$condition .=
" ( \n" .
" $group_condition \n" .
" AND \n" .
" $tags_condition \n" .
" )\n";
}
$sql_condition = sprintf('(%sid_agente_modulo IN (%s))', $modules_table, $agent_condition);
$group_conditions[] = $sql_condition;
$i++;
}
// Fix: Wrap SQL expression with "()" to avoid bad SQL sintax that makes Pandora retrieve all modules without taking care of id_agent => id_agent = X AND (sql_tag_expression)
if (!empty($acltags))
$condition .= ' ) ';
//Avoid the user profiles with all group access.
//if (!empty($condition)) {
if (!empty($condition) &&
!array_key_exists(0, array_keys($acltags))) {
$condition = sprintf("\n((%s) OR %sid_agente NOT IN (SELECT id_agente FROM tagente WHERE id_grupo IN (%s)))", $condition, $modules_table, implode(',',array_keys($acltags)));
}
if (!empty($group_conditions))
$condition = implode(' OR ', $group_conditions);
$condition = !empty($condition) ? "($condition)" : '';
return $condition;
}
@ -1042,6 +1028,7 @@ function tags_get_user_tags($id_user = false, $access = 'AR', $return_tag_any =
}
// Get the tags of the required access flag for each group
// TODO revision tag
$tags = tags_get_acl_tags($id_user, 0, $access, 'data');
// If there are wrong parameters or fail ACL check, return false
if ($tags_user === ERR_WRONG_PARAMETERS || $tags_user === ERR_ACL) {
@ -1130,6 +1117,7 @@ function tags_get_tags_for_module_search($id_user = false, $access = 'AR') {
return false;
}
// Get the tags of the required access flag for each group
// TODO revision tag
$tags = tags_get_acl_tags($id_user, 0, $access, 'data');
// If there are wrong parameters or fail ACL check, return false
if ($tags_user === ERR_WRONG_PARAMETERS || $tags_user === ERR_ACL) {
@ -1213,7 +1201,7 @@ function tags_check_acl($id_user, $id_group, $access, $tags = array(), $flag_id_
$id_group[] = $parent['id_grupo'];
}
}
// TODO revision tag
$acls = tags_get_acl_tags($id_user, $id_group, $access, 'data');
// If there are wrong parameters or fail ACL check, return false
@ -1319,7 +1307,7 @@ function tags_check_acl_event($id_user, $id_group, $access, $tags = array(),$p =
if($id_user === false) {
$id_user = $config['id_user'];
}
// TODO revision tag
$acls = tags_get_acl_tags($id_user, $id_group, $access, 'data');
// If there are wrong parameters or fail ACL check, return false
@ -1424,7 +1412,7 @@ function tags_checks_event_acl($id_user, $id_group, $access, $tags = array(), $c
if (users_is_admin($id_user)) {
return true;
}
// TODO revision tag
$tags_user = tags_get_acl_tags($id_user, $id_group, $access, 'data', '', '', true, $childrens_ids, true);
// If there are wrong parameters or fail ACL check, return false
if ($tags_user === ERR_WRONG_PARAMETERS || $tags_user === ERR_ACL) {

1
pandora_console/mobile/operation/modules.php
View File

@ -302,6 +302,7 @@ class Modules {
// Part SQL for the Tag
// TODO revision tag
$sql_conditions_tags = tags_get_acl_tags($user->getIdUser(),
$user->getIdGroups($this->acl), $this->acl, 'module_condition', 'AND', 'tagente_modulo');

1
pandora_console/operation/agentes/estado_generalagente.php
View File

@ -550,6 +550,7 @@ if (!empty($network_interfaces)) {
else {
$group_array = $user_groups_ids;
}
// TODO revision tag
$acl_tags = tags_get_acl_tags($config['id_user'], $group_array, 'ER',
'event_condition', 'AND', '', true, array(), true);

1
pandora_console/operation/events/events.build_query.php
View File

@ -310,6 +310,7 @@ if ($id_group > 0 && in_array ($id_group, array_keys ($groups))) {
else {
$group_array = array_keys($groups);
}
// TODO revision tag
if (check_acl ($id_user, 0, "ER"))
$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'ER',
'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"