2011-05-11 Miguel de Dios <miguel.dedios@artica.es>

* operation/search_modules.php, operation/search_agents.php, operation/search_alerts.php: added the hook for ACL check for enterprise. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4338 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-05-11 14:46:35 +00:00 · 2011-05-11 14:46:35 +00:00 · 475309f2f0
parent d25a3dc9f9
commit 475309f2f0
3 changed files with 51 additions and 37 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,8 @@
+2011-05-11 Miguel de Dios  <miguel.dedios@artica.es>
+
+	* operation/search_modules.php, operation/search_agents.php,
+	operation/search_alerts.php: added the hook for ACL check for enterprise.
+
 2011-05-11  Vanessa Gil  <vanessa.gil@artica.es>

 	* godmode/agentes/module_manager_editor.php
--- a/pandora_console/operation/search_agents.php
+++ b/pandora_console/operation/search_agents.php
@ -17,6 +17,10 @@
 global $config;

 require_once ($config['homedir'].'/include/functions_users.php');
+$subquery_enterprise = '';
+if (ENTERPRISE_NOT_HOOK !== enterprise_include_once('include/functions_policies.php')) {
+	$subquery_enterprise = subquery_acl_enterprise();
+}

 $searchAgents = check_acl($config['id_user'], 0, "AR");

@ -119,29 +123,29 @@ if ($searchAgents) {
 					INNER JOIN tgrupo AS t2
 						ON t2.id_grupo = t1.id_grupo
 				WHERE (
-					1 = (
-						SELECT is_admin
-						FROM tusuario
-						WHERE id_user = '" . $config['id_user'] . "'
-					)
-					OR t1.id_grupo IN (
-						" . implode(',', $id_userGroups) . "
-					)
-					OR 0 IN (
-						SELECT id_grupo
-						FROM tusuario_perfil
-						WHERE id_usuario = '" . $config['id_user'] . "'
-							AND id_perfil IN (
-								SELECT id_perfil
-								FROM tperfil WHERE agent_view = 1
-							)
+						1 = (
+							SELECT is_admin
+							FROM tusuario
+							WHERE id_user = '" . $config['id_user'] . "'
 						)
+						OR t1.id_grupo IN (
+							" . implode(',', $id_userGroups) . "
+						)
+						OR 0 IN (
+							SELECT id_grupo
+							FROM tusuario_perfil
+							WHERE id_usuario = '" . $config['id_user'] . "'
+								AND id_perfil IN (
+									SELECT id_perfil
+									FROM tperfil WHERE agent_view = 1
+								)
+							)
 					)
 					AND (
 						t1.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR
 						t2.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%'
 					)
-			";
+			" . $subquery_enterprise;
 			break;
 		case "postgresql":
 		case "oracle":
@ -150,33 +154,34 @@ if ($searchAgents) {
 					INNER JOIN tgrupo AS t2
 						ON t2.id_grupo = t1.id_grupo
 				WHERE (
-					1 = (
-						SELECT is_admin
-						FROM tusuario
-						WHERE id_user = '" . $config['id_user'] . "'
-					)
-					OR t1.id_grupo IN (
-						" . implode(',', $id_userGroups) . "
-					)
-					OR 0 IN (
-						SELECT id_grupo
-						FROM tusuario_perfil
-						WHERE id_usuario = '" . $config['id_user'] . "'
-							AND id_perfil IN (
-								SELECT id_perfil
-								FROM tperfil WHERE agent_view = 1
-							)
+						1 = (
+							SELECT is_admin
+							FROM tusuario
+							WHERE id_user = '" . $config['id_user'] . "'
 						)
+						OR t1.id_grupo IN (
+							" . implode(',', $id_userGroups) . "
+						)
+						OR 0 IN (
+							SELECT id_grupo
+							FROM tusuario_perfil
+							WHERE id_usuario = '" . $config['id_user'] . "'
+								AND id_perfil IN (
+									SELECT id_perfil
+									FROM tperfil WHERE agent_view = 1
+								)
+							)
 					)
 					AND (
 						t1.nombre LIKE '%%" . $stringSearchSQL . "%%' OR
 						t2.nombre LIKE '%%" . $stringSearchSQL . "%%'
 					)
-			";
+			" . $subquery_enterprise;
 			break;
 	}
 	
-	$select = "SELECT t1.id_agente, t1.ultimo_contacto, t1.nombre, t1.id_os, t1.intervalo, t1.id_grupo, t1.disabled";
+	$select = 
+		"SELECT t1.id_agente, t1.ultimo_contacto, t1.nombre, t1.id_os, t1.intervalo, t1.id_grupo, t1.disabled";
 	$limit = " ORDER BY " . $order['field'] . " " . $order['order'] . 
 		" LIMIT " . $config['block_size'] . " OFFSET " . get_parameter ('offset',0);
 	
--- a/pandora_console/operation/search_alerts.php
+++ b/pandora_console/operation/search_alerts.php
@ -19,6 +19,10 @@ global $config;
 include_once('include/functions_alerts.php');
 include_once($config['homedir'] . "/include/functions_agents.php");
 include_once($config['homedir'] . "/include/functions_modules.php");
+$subquery_enterprise = '';
+if (ENTERPRISE_NOT_HOOK !== enterprise_include_once('include/functions_policies.php')) {
+	$subquery_enterprise = subquery_acl_enterprise();
+}


 $searchAlerts = check_acl($config['id_user'], 0, "AR");
@ -128,7 +132,7 @@ if($searchAlerts) {
 					WHERE id_agente IN (
 						SELECT id_agente
 						FROM tagente
-						WHERE nombre LIKE "%' . $stringSearchSQL . '%"))
+						WHERE nombre LIKE "%' . $stringSearchSQL . '%" ' . $subquery_enterprise . '))
 			)';
 			break;
 		case "postgresql":
@ -159,7 +163,7 @@ if($searchAlerts) {
 					WHERE id_agente IN (
 						SELECT id_agente
 						FROM tagente
-						WHERE nombre LIKE \'%' . $stringSearchSQL . '%\'))
+						WHERE nombre LIKE \'%' . $stringSearchSQL . '%\'  ' . $subquery_enterprise . '))
 			)';
 			break;
 	}