From faee7b7b14ab699b5e9674d7fb17515c37d8f60a Mon Sep 17 00:00:00 2001 From: "marcos.alconada" Date: Wed, 13 Mar 2019 16:32:58 +0100 Subject: [PATCH 01/37] Pending Q&A Former-commit-id: f41aafc6077f1b725cf7c9f360974ba62609eedd --- pandora_console/godmode/agentes/modificar_agente.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/godmode/agentes/modificar_agente.php b/pandora_console/godmode/agentes/modificar_agente.php index 4673bf2f46..dfaf6bcba8 100644 --- a/pandora_console/godmode/agentes/modificar_agente.php +++ b/pandora_console/godmode/agentes/modificar_agente.php @@ -162,7 +162,7 @@ echo ''; echo __('Group').' '; $own_info = get_user_info($config['id_user']); -if (!$own_info['is_admin'] && !check_acl($config['id_user'], 0, 'AW')) { +if (!$own_info['is_admin'] && !check_acl($config['id_user'], 0, 'AR')) { $return_all_group = false; } else { $return_all_group = true; From 97df41245e4b77efedd6659faa6b249b1698a3d9 Mon Sep 17 00:00:00 2001 From: "marcos.alconada" Date: Wed, 13 Mar 2019 16:36:30 +0100 Subject: [PATCH 02/37] Para revision Former-commit-id: 5823cfd9976382ad8074d2ed8cf0340e24181693 --- pandora_console/godmode/agentes/modificar_agente.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/godmode/agentes/modificar_agente.php b/pandora_console/godmode/agentes/modificar_agente.php index dfaf6bcba8..3094c2fdc8 100644 --- a/pandora_console/godmode/agentes/modificar_agente.php +++ b/pandora_console/godmode/agentes/modificar_agente.php @@ -162,7 +162,7 @@ echo ''; echo __('Group').' '; $own_info = get_user_info($config['id_user']); -if (!$own_info['is_admin'] && !check_acl($config['id_user'], 0, 'AR')) { +if (!$own_info['is_admin'] && check_acl($config['id_user'], 0, 'AW')) { $return_all_group = false; } else { $return_all_group = true; From 4c95a160defd8039fa345c36e361537b29c867bf Mon Sep 17 00:00:00 2001 From: Luis Calvo Date: Mon, 1 Apr 2019 17:57:22 +0200 Subject: [PATCH 03/37] Changed Jquery .text for .html for html conversion Former-commit-id: 9dd9c63e637e504ff51e38165687bacfae59ed38 --- pandora_console/godmode/alerts/configure_alert_action.php | 4 ++-- pandora_console/include/javascript/pandora_alerts.js | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php index c29cda623b..e7927a2a3a 100644 --- a/pandora_console/godmode/alerts/configure_alert_action.php +++ b/pandora_console/godmode/alerts/configure_alert_action.php @@ -318,9 +318,9 @@ $(document).ready (function () { jQuery.post (, values, function (data, status) { - original_command = js_html_entity_decode (data["command"]); + original_command = data["command"]; render_command_preview (original_command); - command_description = js_html_entity_decode (data["description"]); + command_description = data["description"]; render_command_description(command_description); var max_fields = parseInt(''); diff --git a/pandora_console/include/javascript/pandora_alerts.js b/pandora_console/include/javascript/pandora_alerts.js index 41f8d20ad8..668950ce9c 100644 --- a/pandora_console/include/javascript/pandora_alerts.js +++ b/pandora_console/include/javascript/pandora_alerts.js @@ -1,5 +1,4 @@ var original_command = ""; - function parse_alert_command(command, classs) { if (classs == "recovery") { classs = "fields_recovery"; @@ -28,13 +27,13 @@ function parse_alert_command(command, classs) { } function render_command_preview(original_command) { - $("#textarea_command_preview").text( + $("#textarea_command_preview").html( parse_alert_command(original_command, "") ); } function render_command_recovery_preview(original_command) { - $("#textarea_command_recovery_preview").text( + $("#textarea_command_recovery_preview").html( parse_alert_command(original_command, "recovery") ); } From 9c3d26f12030f683f8e7e32a13fe3aafd819ec22 Mon Sep 17 00:00:00 2001 From: Luis Calvo Date: Wed, 3 Apr 2019 11:22:20 +0200 Subject: [PATCH 04/37] Deleted Servers menu option for operator(read) Former-commit-id: 89723d23cb2199152cfc9f3d72997ddcd7b31796 --- pandora_console/godmode/menu.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php index ac3154b657..6224d361c9 100644 --- a/pandora_console/godmode/menu.php +++ b/pandora_console/godmode/menu.php @@ -208,7 +208,7 @@ if (!empty($sub)) { } -if (check_acl($config['id_user'], 0, 'AW') || check_acl($config['id_user'], 0, 'PM') || check_acl($config['id_user'], 0, 'RR')) { +if (check_acl($config['id_user'], 0, 'AW') || check_acl($config['id_user'], 0, 'PM')) { // Servers $menu_godmode['gservers']['text'] = __('Servers'); $menu_godmode['gservers']['sec2'] = 'godmode/servers/modificar_server'; From 9df4cb86dc496c8aecd56be96f785695da16b25d Mon Sep 17 00:00:00 2001 From: Luis Calvo Date: Thu, 4 Apr 2019 09:45:29 +0200 Subject: [PATCH 05/37] Added inline-block and fixed size to label Former-commit-id: 40c1ca6d5c06fb771eb7e8d1ac81dde6e7012cfb --- pandora_console/include/styles/login.css | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pandora_console/include/styles/login.css b/pandora_console/include/styles/login.css index bffcda19d5..648eadb503 100644 --- a/pandora_console/include/styles/login.css +++ b/pandora_console/include/styles/login.css @@ -407,6 +407,8 @@ div.form_message_alert ul li input { } div.form_message_alert ul li label { + display: inline-block; + width: 145px; font-size: 10pt; padding-right: 20px; } From 1b6a01cfd5ac0f97266abd35471788ef32cca8fb Mon Sep 17 00:00:00 2001 From: Luis Calvo Date: Thu, 4 Apr 2019 14:11:44 +0200 Subject: [PATCH 06/37] Changed modal size to fit err. msg Former-commit-id: 2676ac1d217cc5245ce09277b8b76d1d562cdf5f --- .../include/javascript/jquery.pandora.js | 697 +++++++++--------- 1 file changed, 358 insertions(+), 339 deletions(-) diff --git a/pandora_console/include/javascript/jquery.pandora.js b/pandora_console/include/javascript/jquery.pandora.js index 9e0b3447af..ed75400386 100644 --- a/pandora_console/include/javascript/jquery.pandora.js +++ b/pandora_console/include/javascript/jquery.pandora.js @@ -1,386 +1,405 @@ (function($) { - $.fn.check = function () { - return this.each (function () { - this.checked = true; - });}; + $.fn.check = function() { + return this.each(function() { + this.checked = true; + }); + }; - $.fn.uncheck = function () { - return this.each (function () { - this.checked = false; - });}; + $.fn.uncheck = function() { + return this.each(function() { + this.checked = false; + }); + }; - $.fn.enable = function () { - return $(this).removeAttr ("disabled"); - }; + $.fn.enable = function() { + return $(this).removeAttr("disabled"); + }; - $.fn.disable = function () { - return $(this).attr ("disabled", "disabled"); - }; + $.fn.disable = function() { + return $(this).attr("disabled", "disabled"); + }; - $.fn.pulsate = function () { - var i = 0; - for (i = 0; i <= 2; i++) { - $(this).fadeOut ("slow").fadeIn ("slow"); - } - }; + $.fn.pulsate = function() { + var i = 0; + for (i = 0; i <= 2; i++) { + $(this) + .fadeOut("slow") + .fadeIn("slow"); + } + }; - $.fn.showMessage = function (msg) { - return $(this).hide ().empty () - // here, previously .text (msg) - .html (msg) - .slideDown (); - }; -}) (jQuery); + $.fn.showMessage = function(msg) { + return ( + $(this) + .hide() + .empty() + // here, previously .text (msg) + .html(msg) + .slideDown() + ); + }; +})(jQuery); -$(document).ready (function () { - $("a#show_messages_dialog").click (function () { - jQuery.post ("ajax.php", - { - "page": "operation/messages/message_list" - }, - function (data, status) { - $("#dialog_messages").hide () - .empty () - .append (data) - .dialog ({ - title: $("a#show_messages_dialog").attr ("title"), - resizable: false, - modal: true, - overlay: { - opacity: 0.5, - background: "black" - }, - width: 700, - height: 300 - }).show (); - }, - "html" - ); +$(document).ready(function() { + $("a#show_messages_dialog").click(function() { + jQuery.post( + "ajax.php", + { + page: "operation/messages/message_list" + }, + function(data, status) { + $("#dialog_messages") + .hide() + .empty() + .append(data) + .dialog({ + title: $("a#show_messages_dialog").attr("title"), + resizable: false, + modal: true, + overlay: { + opacity: 0.5, + background: "black" + }, + width: 700, + height: 300 + }) + .show(); + }, + "html" + ); - return false; - }); + return false; + }); - $("a.show_systemalert_dialog").click (function () { - $('body').append( "
" ); - $("#opacidad").css('opacity', 0.5); + $("a.show_systemalert_dialog").click(function() { + $("body").append( + "
" + ); + $("#opacidad").css("opacity", 0.5); - jQuery.post ("ajax.php", - { - "page": "operation/system_alert"}, - function (data, status) { - $("#alert_messages").show(); - $("#alert_messages").empty ().append (data); - $("#alert_messages").css('opacity', 1); + jQuery.post( + "ajax.php", + { + page: "operation/system_alert" + }, + function(data, status) { + $("#alert_messages").show(); + $("#alert_messages") + .empty() + .append(data); + $("#alert_messages").css("opacity", 1); + }, + "html" + ); + }); - }, - "html" - ); - }); - - $("a.modalpopup").click (function () { - var elem = $(this).attr("id"); - $('body').append( "
" ); - $("#opacidad").css('opacity', 0.5); + $("a.modalpopup").click(function() { + var elem = $(this).attr("id"); + $("body").append( + "
" + ); + $("#opacidad").css("opacity", 0.5); - jQuery.post ("ajax.php", - { - "page": "general/alert_enterprise", - "message": elem - }, - function (data, status) { - $("#alert_messages").show(); - $("#alert_messages").empty ().append (data); - $("#alert_messages").css('opacity', 1); - }, - "html" - ); - return false; - }); + jQuery.post( + "ajax.php", + { + page: "general/alert_enterprise", + message: elem + }, + function(data, status) { + $("#alert_messages").show(); + $("#alert_messages") + .empty() + .append(data); + $("#alert_messages").css("opacity", 1); + }, + "html" + ); + return false; + }); - // Creacion de ventana modal y botones - $(".publienterprise").click (function () { - var elem = $(this).attr("id"); - $('body').append( "
" ); - $("#opacidad").css('opacity', 0.5); + // Creacion de ventana modal y botones + $(".publienterprise").click(function() { + var elem = $(this).attr("id"); + $("body").append( + "
" + ); + $("#opacidad").css("opacity", 0.5); - jQuery.post ("ajax.php", - { - "page": "general/alert_enterprise", - "message": elem - }, - function (data, status) { - $("#alert_messages").show(); - $("#alert_messages").empty ().append (data); - $("#alert_messages").css('opacity', 1); - }, - "html" - ); - return false; - }); - - - $(".publienterprisehide").click (function () { - var elem = $(this).attr("id"); - $('body').append( "
" ); - $("#opacidad").css('opacity', 0.5); + jQuery.post( + "ajax.php", + { + page: "general/alert_enterprise", + message: elem + }, + function(data, status) { + $("#alert_messages").show(); + $("#alert_messages") + .empty() + .append(data); + $("#alert_messages").css("opacity", 1); + }, + "html" + ); + return false; + }); - jQuery.post ("ajax.php", - { - "page": "general/alert_enterprise", - "message": elem - }, - function (data, status) { - $("#alert_messages").show(); - $("#alert_messages").empty ().append (data); - $("#alert_messages").css('opacity', 1); - }, - "html" - ); - return false; - }); + $(".publienterprisehide").click(function() { + var elem = $(this).attr("id"); + $("body").append( + "
" + ); + $("#opacidad").css("opacity", 0.5); + jQuery.post( + "ajax.php", + { + page: "general/alert_enterprise", + message: elem + }, + function(data, status) { + $("#alert_messages").show(); + $("#alert_messages") + .empty() + .append(data); + $("#alert_messages").css("opacity", 1); + }, + "html" + ); + return false; + }); + if ($("#license_error_msg_dialog").length) { + if (typeof process_login_ok == "undefined") process_login_ok = 0; - if ($('#license_error_msg_dialog').length) { - if (typeof(process_login_ok) == "undefined") - process_login_ok = 0; + if (typeof show_error_license == "undefined") show_error_license = 0; - if (typeof(show_error_license) == "undefined") - show_error_license = 0; + if (process_login_ok || show_error_license) { + $("#license_error_msg_dialog").dialog({ + dialogClass: "no-close", + closeOnEscape: false, + resizable: false, + draggable: true, + modal: true, + height: 470, + width: 850, + overlay: { + opacity: 0.5, + background: "black" + }, + open: function() { + var remaining = 30; - if (process_login_ok || show_error_license) { + // Timeout counter. + var count = function() { + if (remaining > 0) { + $("#license_error_remaining").text(remaining); + remaining -= 1; + } else { + $("#license_error_remaining").hide(); + $("#ok_buttom").show(); + clearInterval(count); + } + }; - $( "#license_error_msg_dialog" ).dialog({ - dialogClass: "no-close", - closeOnEscape: false, - resizable: false, - draggable: true, - modal: true, - height: 450, - width: 850, - overlay: { - opacity: 0.5, - background: "black" - }, - open: function() { - var remaining = 30; + setInterval(count, 1000); + } + }); - // Timeout counter. - var count = function() { - if (remaining > 0) { - $("#license_error_remaining").text(remaining); - remaining -= 1; - } else { - $("#license_error_remaining").hide(); - $("#ok_buttom").show(); - clearInterval(count); - } - } + $("#submit-hide-license-error-msg").click(function() { + $("#license_error_msg_dialog").dialog("close"); + }); + } + } - setInterval(count, 1000); - } - }); + if ($("#msg_change_password").length) { + $("#msg_change_password").dialog({ + resizable: false, + draggable: true, + modal: true, + height: 450, + width: 620, + overlay: { + opacity: 0.5, + background: "black" + } + }); + } - $("#submit-hide-license-error-msg").click (function () { - $("#license_error_msg_dialog" ).dialog('close') - }); + if ($("#login_blocked").length) { + $("#login_blocked").dialog({ + resizable: true, + draggable: true, + modal: true, + height: 200, + width: 520, + overlay: { + opacity: 0.5, + background: "black" + } + }); + } - } - } + if ($("#login_correct_pass").length) { + $("#login_correct_pass").dialog({ + resizable: true, + draggable: true, + modal: true, + height: 200, + width: 520, + overlay: { + opacity: 0.5, + background: "black" + } + }); + } + forced_title_callback(); - if ($('#msg_change_password').length) { + $(document).on("scroll", function() { + if ( + document.documentElement.scrollTop != 0 || + document.body.scrollTop != 0 + ) { + if ($("#head").css("position") == "fixed") { + if ($("#menu").css("position") == "fixed") { + $("#menu").css("top", "80px"); + } else { + $("#menu").css("top", "60px"); + } + } else { + if ($("#menu").css("position") == "fixed") { + $("#menu").css("top", "20px"); + } else { + $("#menu").css("top", "80px"); + } + } + } else { + if ($("#head").css("position") == "fixed") { + if ($("#menu").css("position") == "fixed") { + $("#menu").css("top", "80px"); + } else { + $("#menu").css("top", "60px"); + } + } else { + if ($("#menu").css("position") == "fixed") { + $("#menu").css("top", "80px"); + } else { + $("#menu").css("top", "80px"); + } + } + } - $( "#msg_change_password" ).dialog({ - resizable: false, - draggable: true, - modal: true, - height: 350, - width: 620, - overlay: { - opacity: 0.5, - background: "black" - } - }); + // if((document.documentElement.scrollTop != 0 || document.body.scrollTop != 0) && $('#menu').css('position') =='fixed'){ + // if($('#head').css('position') =='fixed'){ + // $('#menu').css('top','80px'); + // } + // else{ + // $('#menu').css('top','20px'); + // } + // } + // else{ + // if($('#head').css('position') =='fixed'){ + // if(document.documentElement.scrollTop != 0 || document.body.scrollTop != 0){ + // $('#menu').css('top','60px'); + // }else{ + // $('#menu').css('top','80px'); + // } + // + // } + // else{ + // $('#menu').css('top','60px'); + // } + // } + }); - } - - if ($('#login_blocked').length) { - - $( "#login_blocked" ).dialog({ - resizable: true, - draggable: true, - modal: true, - height: 200, - width: 520, - overlay: { - opacity: 0.5, - background: "black" - } - }); - - } - - if ($('#login_correct_pass').length) { - - $( "#login_correct_pass" ).dialog({ - resizable: true, - draggable: true, - modal: true, - height: 200, - width: 520, - overlay: { - opacity: 0.5, - background: "black" - } - }); - - } - - forced_title_callback(); - - - $(document).on("scroll", function(){ - - if(document.documentElement.scrollTop != 0 || document.body.scrollTop != 0){ - if($('#head').css('position') =='fixed'){ - if($('#menu').css('position') =='fixed'){ - $('#menu').css('top','80px'); - } else { - $('#menu').css('top','60px'); - } - } else { - if($('#menu').css('position') =='fixed'){ - $('#menu').css('top','20px'); - } else { - $('#menu').css('top','80px'); - } - } - } else { - if($('#head').css('position') =='fixed'){ - if($('#menu').css('position') =='fixed'){ - $('#menu').css('top','80px'); - } else { - $('#menu').css('top','60px'); - } - } else { - if($('#menu').css('position') =='fixed'){ - $('#menu').css('top','80px'); - } else { - $('#menu').css('top','80px'); - } - } - } - - // if((document.documentElement.scrollTop != 0 || document.body.scrollTop != 0) && $('#menu').css('position') =='fixed'){ - // if($('#head').css('position') =='fixed'){ - // $('#menu').css('top','80px'); - // } - // else{ - // $('#menu').css('top','20px'); - // } - // } - // else{ - // if($('#head').css('position') =='fixed'){ - // if(document.documentElement.scrollTop != 0 || document.body.scrollTop != 0){ - // $('#menu').css('top','60px'); - // }else{ - // $('#menu').css('top','80px'); - // } - // - // } - // else{ - // $('#menu').css('top','60px'); - // } - // } - }); - - $("#alert_messages").draggable(); - $("#alert_messages").css({'left':+parseInt(screen.width/2)-parseInt($("#alert_messages").css('width'))/2+'px'}); - + $("#alert_messages").draggable(); + $("#alert_messages").css({ + left: + +parseInt(screen.width / 2) - + parseInt($("#alert_messages").css("width")) / 2 + + "px" + }); }); - - - function forced_title_callback() { - // Forced title code - $('body').on('mouseenter', '.forced_title', function() { - /////////////////////////////////////////// - // Put the layer in the left-top corner to fill it - /////////////////////////////////////////// - $('#forced_title_layer').css('left', 0); - $('#forced_title_layer').css('top', 0); + // Forced title code + $("body").on("mouseenter", ".forced_title", function() { + /////////////////////////////////////////// + // Put the layer in the left-top corner to fill it + /////////////////////////////////////////// + $("#forced_title_layer").css("left", 0); + $("#forced_title_layer").css("top", 0); - /////////////////////////////////////////// - // Get info of the image - /////////////////////////////////////////// + /////////////////////////////////////////// + // Get info of the image + /////////////////////////////////////////// - var img_top = $(this).offset().top; - var img_width = $(this).width(); - var img_height = $(this).height(); - var img_id = $(this).attr('id'); - var img_left_mid = $(this).offset().left + (img_width / 2); + var img_top = $(this).offset().top; + var img_width = $(this).width(); + var img_height = $(this).height(); + var img_id = $(this).attr("id"); + var img_left_mid = $(this).offset().left + img_width / 2; - /////////////////////////////////////////// - // Put title in the layer - /////////////////////////////////////////// + /////////////////////////////////////////// + // Put title in the layer + /////////////////////////////////////////// - // If the '.forced_title' element has 'use_title_for_force_title' = 1 - // into their 'data' prop, the element title will be used for the - // content. - if ($(this).data("use_title_for_force_title")) { - var title = $(this).data("title"); - } - else { - var title = $('#forced_title_'+img_id).html(); - } + // If the '.forced_title' element has 'use_title_for_force_title' = 1 + // into their 'data' prop, the element title will be used for the + // content. + if ($(this).data("use_title_for_force_title")) { + var title = $(this).data("title"); + } else { + var title = $("#forced_title_" + img_id).html(); + } - $('#forced_title_layer').html(title); + $("#forced_title_layer").html(title); - /////////////////////////////////////////// - // Get info of the layer - /////////////////////////////////////////// + /////////////////////////////////////////// + // Get info of the layer + /////////////////////////////////////////// - var layer_width = $('#forced_title_layer').width(); - var layer_height = $('#forced_title_layer').height(); + var layer_width = $("#forced_title_layer").width(); + var layer_height = $("#forced_title_layer").height(); - /////////////////////////////////////////// - // Obtain the new position of the layer - /////////////////////////////////////////// + /////////////////////////////////////////// + // Obtain the new position of the layer + /////////////////////////////////////////// - // Jquery doesnt know the padding of the layer - var layer_padding = 4; + // Jquery doesnt know the padding of the layer + var layer_padding = 4; - // Deduct padding of both sides - var layer_top = img_top - layer_height - (layer_padding * 2) - 5; - if (layer_top < 0) { - layer_top = img_top + img_height + (layer_padding * 2); - } + // Deduct padding of both sides + var layer_top = img_top - layer_height - layer_padding * 2 - 5; + if (layer_top < 0) { + layer_top = img_top + img_height + layer_padding * 2; + } - // Deduct padding of one side - var layer_left = img_left_mid - (layer_width / 2) - layer_padding; - if (layer_left < 0) { - layer_left = 0; - } + // Deduct padding of one side + var layer_left = img_left_mid - layer_width / 2 - layer_padding; + if (layer_left < 0) { + layer_left = 0; + } - var real_layer_width = layer_width + (layer_padding * 2) + 5; - var layer_right = layer_left + real_layer_width; - var screen_width = $(window).width(); - if (screen_width < layer_right) { - layer_left = screen_width - real_layer_width; - } + var real_layer_width = layer_width + layer_padding * 2 + 5; + var layer_right = layer_left + real_layer_width; + var screen_width = $(window).width(); + if (screen_width < layer_right) { + layer_left = screen_width - real_layer_width; + } - /////////////////////////////////////////// - // Set the layer position and show - /////////////////////////////////////////// + /////////////////////////////////////////// + // Set the layer position and show + /////////////////////////////////////////// - $('#forced_title_layer').css('left', layer_left); - $('#forced_title_layer').css('top', layer_top); - $('#forced_title_layer').show(); - }); - $('body').on('mouseout', '.forced_title', function () { - $('#forced_title_layer').hide().empty(); - }); + $("#forced_title_layer").css("left", layer_left); + $("#forced_title_layer").css("top", layer_top); + $("#forced_title_layer").show(); + }); + $("body").on("mouseout", ".forced_title", function() { + $("#forced_title_layer") + .hide() + .empty(); + }); } - From 553ec48f5451a331f33e292ee37ff14bbe88bc57 Mon Sep 17 00:00:00 2001 From: "marcos.alconada" Date: Mon, 15 Apr 2019 15:21:07 +0200 Subject: [PATCH 07/37] changed title plugin creation to plugin registration Former-commit-id: bd5ee299d91c52d3064eafa85b092b525b70381a --- pandora_console/godmode/servers/plugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/godmode/servers/plugin.php b/pandora_console/godmode/servers/plugin.php index b04643e1c3..5ff8022afa 100644 --- a/pandora_console/godmode/servers/plugin.php +++ b/pandora_console/godmode/servers/plugin.php @@ -281,7 +281,7 @@ if (($create != '') || ($view != '')) { } else { if ($create != '') { ui_print_page_header( - __('Plugin creation'), + __('Plugin registration'), 'images/gm_servers.png', false, 'plugin_definition', From d5ac57064bf3deceef1c99cdcc229afe7029c480 Mon Sep 17 00:00:00 2001 From: "marcos.alconada" Date: Wed, 29 May 2019 11:34:23 +0200 Subject: [PATCH 08/37] Condition is added to keep the selection color in the main menu --- pandora_console/include/functions_menu.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pandora_console/include/functions_menu.php b/pandora_console/include/functions_menu.php index 0dbe1049bc..e26acd5cac 100644 --- a/pandora_console/include/functions_menu.php +++ b/pandora_console/include/functions_menu.php @@ -50,6 +50,12 @@ function menu_print_menu(&$menu) $sec = (string) get_parameter('sec'); $sec2 = (string) get_parameter('sec2'); + if ($sec2 == 'operation/agentes/ver_agente') { + $sec2 = 'godmode/agentes/configurar_agente'; + } else { + $sec2 = (string) get_parameter('sec2'); + } + $menu_selected = false; $allsec2 = explode('sec2=', $_SERVER['REQUEST_URI']); From f1787c7920a54bd04b2cf4235184d11868291ddd Mon Sep 17 00:00:00 2001 From: Tatiana Llorente Date: Thu, 13 Jun 2019 10:11:03 +0200 Subject: [PATCH 09/37] Removed empty help in unknown modules - #4208 --- pandora_console/include/help/clippy/module_unknow.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/include/help/clippy/module_unknow.php b/pandora_console/include/help/clippy/module_unknow.php index 28656c9ba2..d3a6245032 100644 --- a/pandora_console/include/help/clippy/module_unknow.php +++ b/pandora_console/include/help/clippy/module_unknow.php @@ -32,7 +32,7 @@ function clippy_module_unknow() $return_tours['tours']['module_unknow']['steps'] = []; $return_tours['tours']['module_unknow']['steps'][] = [ 'init_step_context' => true, - 'intro' => ''.''.''.''.''.''.''.'
'.__('You have unknown modules in this agent.').'
'.__('Unknown modules are modules which receive data normally at least in one occassion, but at this time are not receving data. Please check our troubleshoot help page to help you determine why you have unknown modules.').ui_print_help_icon('context_module_unknow', true, '', 'images/help.png').'
', + 'intro' => ''.''.''.''.''.''.''.'
'.__('You have unknown modules in this agent.').'
'.__('Unknown modules are modules which receive data normally at least in one occassion, but at this time are not receving data. Please check our troubleshoot help page to help you determine why you have unknown modules.').'
', ]; $return_tours['tours']['module_unknow']['conf'] = []; $return_tours['tours']['module_unknow']['conf']['autostart'] = false; From 018c942ecb0e84f94f5e90008a5ac6c100ad3978 Mon Sep 17 00:00:00 2001 From: Tatiana Llorente Date: Thu, 13 Jun 2019 15:04:39 +0200 Subject: [PATCH 10/37] Added meta option in function ui_print_os_icon - #3999 --- pandora_console/include/functions_ui.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/pandora_console/include/functions_ui.php b/pandora_console/include/functions_ui.php index c81148b9c9..f9a8e784e3 100755 --- a/pandora_console/include/functions_ui.php +++ b/pandora_console/include/functions_ui.php @@ -760,6 +760,12 @@ function ui_print_os_icon( $subfolder .= '/so_big_icons'; } + if (is_metaconsole()) { + $no_in_meta = true; + } else { + $no_in_meta = false; + } + $icon = (string) db_get_value('icon_name', 'tconfig_os', 'id_os', (int) $id_os); $os_name = get_os_name($id_os); if (empty($icon)) { @@ -770,7 +776,7 @@ function ui_print_os_icon( $options, true, $relative, - false, + $no_in_meta, true ); } else { @@ -778,13 +784,13 @@ function ui_print_os_icon( } } else if ($apply_skin) { if ($only_src) { - $output = html_print_image('images/'.$subfolder.'/'.$icon, true, $options, true, $relative, false, true); + $output = html_print_image('images/'.$subfolder.'/'.$icon, true, $options, true, $relative, $no_in_meta, true); } else { if (!isset($options['title'])) { $options['title'] = $os_name; } - $output = html_print_image('images/'.$subfolder.'/'.$icon, true, $options, false, $relative, false, true); + $output = html_print_image('images/'.$subfolder.'/'.$icon, true, $options, false, $relative, $no_in_meta, true); } } else { // $output = "" . $os_name . ""; From 524575171a8360968cf28fdca5ea1b8a6917aef8 Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Wed, 19 Jun 2019 12:56:16 +0200 Subject: [PATCH 11/37] event history viewer --- pandora_console/include/functions_ui.php | 6 +- pandora_console/operation/events/events.php | 73 ++++++++++++--------- 2 files changed, 45 insertions(+), 34 deletions(-) diff --git a/pandora_console/include/functions_ui.php b/pandora_console/include/functions_ui.php index ea07c20d6a..c18ef5a52b 100755 --- a/pandora_console/include/functions_ui.php +++ b/pandora_console/include/functions_ui.php @@ -2936,15 +2936,15 @@ function ui_print_datatable(array $parameters) } if (!isset($parameters['order']['field'])) { - $order = 1; + $order = 0; } else { $order = array_search( $parameters['order']['field'], $parameters['columns'] ); - if (empty($order)) { - $order = 1; + if ($order === false) { + $order = 0; } } diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index 7e8ce16ec3..88621b7711 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -109,6 +109,8 @@ $date_to = get_parameter('filter[date_to]'); $source = get_parameter('filter[source]'); $id_extra = get_parameter('filter[id_extra]'); $user_comment = get_parameter('filter[user_comment]'); +$history = get_parameter('history', false); +$section = get_parameter('section', false); // Ajax responses. if (is_ajax()) { @@ -155,7 +157,9 @@ if (is_ajax()) { } $events = events_get_all( + // Fields. $fields, + // Filter. $filter, // Offset. $start, @@ -164,7 +168,9 @@ if (is_ajax()) { // Order. $order['direction'], // Sort field. - $order['field'] + $order['field'], + // History. + $history ); $count = events_get_all( 'count', @@ -1227,7 +1233,10 @@ try { 'class' => 'info_table events', 'style' => 'width: 100%;', 'ajax_url' => 'operation/events/events', - 'ajax_data' => ['get_events' => 1], + 'ajax_data' => [ + 'get_events' => 1, + 'history' => (int) $history, + ], 'form' => [ 'id' => 'events_form', 'class' => 'flex-row', @@ -1280,39 +1289,41 @@ try { $sql_event_resp = "SELECT id, name FROM tevent_response WHERE type LIKE 'command'"; $event_responses = db_get_all_rows_sql($sql_event_resp); -if (check_acl($config['id_user'], 0, 'EW') == 1 && !$readonly) { - $array_events_actions['in_progress_selected'] = __('In progress selected'); - $array_events_actions['validate_selected'] = __('Validate selected'); -} +if ($config['event_replication'] != 1) { + if (check_acl($config['id_user'], 0, 'EW') == 1 && !$readonly) { + $array_events_actions['in_progress_selected'] = __('In progress selected'); + $array_events_actions['validate_selected'] = __('Validate selected'); + } -if (check_acl($config['id_user'], 0, 'EM') == 1 && !$readonly) { - $array_events_actions['delete_selected'] = __('Delete selected'); + if (check_acl($config['id_user'], 0, 'EM') == 1 && !$readonly) { + $array_events_actions['delete_selected'] = __('Delete selected'); + } } foreach ($event_responses as $val) { $array_events_actions[$val['id']] = $val['name']; } -if ($config['event_replication'] != 1) { - echo '
'; - echo '
'; - echo ''; - html_print_select($array_events_actions, 'response_id', '', '', '', 0, false, false, false); - echo '  '; - html_print_button(__('Execute event response'), 'submit_event_response', false, 'execute_event_response(true);', 'class="sub next"'); - echo "'; - echo '
'; - echo ''; - echo ''; - echo '
'; -} + +echo '
'; +echo '
'; +echo ''; +html_print_select($array_events_actions, 'response_id', '', '', '', 0, false, false, false); +echo '  '; +html_print_button(__('Execute event response'), 'submit_event_response', false, 'execute_event_response(true);', 'class="sub next"'); +echo "'; +echo '
'; +echo ''; +echo ''; +echo '
'; + // Close viewer. enterprise_hook('close_meta_frame'); @@ -1658,6 +1669,9 @@ function process_datatables_item(item) { item.options += ' __('Delete event')]); ?>'; } } + // Multi select. item.m = ' /* Status */ img = ' __('Unknown'), 'class' => 'forced-title']); ?>'; From 44d8b977cbc8948867eb1573ea57a6d1d178a2a8 Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Wed, 19 Jun 2019 16:52:14 +0200 Subject: [PATCH 12/37] event advanced filter fixes --- pandora_console/include/ajax/events.php | 24 +++++--- pandora_console/include/functions_events.php | 56 +++++++++++------ pandora_console/include/functions_groups.php | 47 ++++++++++++++ pandora_console/operation/events/events.php | 64 ++++++++++---------- 4 files changed, 131 insertions(+), 60 deletions(-) diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index ce173898b2..12f86c4852 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -1079,29 +1079,37 @@ if ($get_extended_event) { } // Check ACLs. + $access = false; if (is_user_admin($config['id_user'])) { // Do nothing if you're admin, you get full access. - $__ignored_line = 0; + $access = true; } else if ($config['id_user'] == $event['owner_user']) { // Do nothing if you're the owner user, you get access. - $__ignored_line = 0; + $access = true; } else if ($event['id_grupo'] == 0) { // If the event has access to all groups, you get access. - $__ignored_line = 0; + $access = true; } else { // Get your groups. $groups = users_get_groups($config['id_user'], 'ER'); if (in_array($event['id_grupo'], array_keys($groups))) { // If event group is among the groups of the user, you get access. - $__ignored_line = 0; - } else { - // If all the access types fail, abort. - echo 'Access denied'; - return false; + $access = true; + } else if ($event['id_agente'] + && agents_check_access_agent($event['id_agente'], 'ER') + ) { + // Secondary group, indirect access. + $access = true; } } + if (!$access) { + // If all the access types fail, abort. + echo 'Access denied'; + return false; + } + // Print group_rep in a hidden field to recover it from javascript. html_print_input_hidden('group_rep', (int) $group_rep); diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index 9339322a7d..da2efa1bd1 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -641,32 +641,37 @@ function events_get_all( } } - if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) { + $groups = $filter['id_group_filter']; + if (isset($groups) && $groups > 0) { $propagate = db_get_value( 'propagate', 'tgrupo', 'id_grupo', - $filter['id_group_filter'] + $groups ); if (!$propagate) { $sql_filters[] = sprintf( - ' AND te.id_grupo = %d ', - $filter['id_group_filter'] + ' AND (te.id_grupo = %d OR tasg.id_group = %d)', + $groups ); } else { - $groups = [ $filter['id_group_filter'] ]; - $childrens = groups_get_childrens($id_group, null, true); - if (!empty($childrens)) { - foreach ($childrens as $child) { - $groups[] = (int) $child['id_grupo']; + $children = groups_get_children($groups); + $_groups = []; + if (!empty($children)) { + foreach ($children as $child) { + $_groups[] = (int) $child['id_grupo']; } + + $groups = $_groups; + } else { + $groups = [ $groups ]; } - $filter['id_group_filter'] = $groups; $sql_filters[] = sprintf( - ' AND id_group IN (%s) ', - join(',', $filter['id_group_filter']) + ' AND (te.id_grupo IN (%s) OR tasg.id_group IN (%s)', + join(',', array_keys($groups)), + join(',', array_keys($groups)) ); } } @@ -702,8 +707,6 @@ function events_get_all( } } - $sg_active = enterprise_hook('agents_is_using_secondary_groups'); - if (!$user_is_admin) { $ER_groups = users_get_groups($config['id_user'], 'ER', false); $EM_groups = users_get_groups($config['id_user'], 'EM', false, true); @@ -713,7 +716,8 @@ function events_get_all( if (!$user_is_admin && !users_can_manage_group_all('ER')) { // Get groups where user have ER grants. $sql_filters[] = sprintf( - ' AND te.id_grupo IN ( %s )', + ' AND (te.id_grupo IN ( %s ) OR tasg.id_group IN (%s))', + join(', ', array_keys($ER_groups)), join(', ', array_keys($ER_groups)) ); } @@ -1036,12 +1040,24 @@ function events_get_all( $tgrupo_join = 'LEFT'; $tgrupo_join_filters = []; - if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) { + if (isset($groups) + && (is_array($groups) + || $groups > 0) + ) { $tgrupo_join = 'INNER'; - $tgrupo_join_filters[] = sprintf( - ' AND tg.id_grupo = %s', - $filter['id_group_filter'] - ); + if (is_array($groups)) { + $tgrupo_join_filters[] = sprintf( + ' AND (tg.id_grupo IN (%s) OR tasg.id_group IN (%s))', + join(', ', array_keys($groups)), + join(', ', array_keys($groups)) + ); + } else { + $tgrupo_join_filters[] = sprintf( + ' AND (tg.id_grupo = %s OR tasg.id_group = %s)', + $groups, + $groups + ); + } } // Secondary groups. diff --git a/pandora_console/include/functions_groups.php b/pandora_console/include/functions_groups.php index 8fe37c0e48..0e88d86004 100644 --- a/pandora_console/include/functions_groups.php +++ b/pandora_console/include/functions_groups.php @@ -298,6 +298,53 @@ function groups_get_childrens_ids($parent, $groups=null) /** + * Return a array of id_group of children of given parent. + * + * @param integer $parent The id_grupo parent to search its children. + * @param array $ignorePropagate Ignore propagate. + */ +function groups_get_children($parent, $ignorePropagate=false) +{ + static $groups; + + if (empty($groups)) { + $groups = db_get_all_rows_in_table('tgrupo'); + $groups = array_reduce( + $groups, + function ($carry, $item) { + $carry[$item['id_grupo']] = $item; + return $carry; + } + ); + } + + $return = []; + foreach ($groups as $key => $g) { + if ($g['id_grupo'] == 0) { + continue; + } + + if ($ignorePropagate || $parent == 0 || $groups[$parent]['propagate']) { + if ($g['parent'] == $parent) { + $return += [$g['id_grupo'] => $g]; + if ($g['propagate'] || $ignorePropagate) { + $return += groups_get_children( + $g['id_grupo'], + $ignorePropagate + ) + ); + } + } + } + } + + return $return; +} + + +/** + * XXX: This is not working. Expects 'propagate' on CHILD not on PARENT!!! + * * Return a array of id_group of childrens (to branches down) * * @param integer $parent The id_group parent to search the childrens. diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index 88621b7711..95ac221164 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -1591,38 +1591,6 @@ function process_datatables_item(item) { module_status = '
' + text + "
"; - - /* Agent name link */ - if (item.id_agente > 0) { - item.agent_name = '' + item.agent_name + ''; - } else { - item.agent_name = ''; - } - - /* Agent ID link */ - if (item.id_agente > 0) { - - item.id_agente = '' + item.id_agente + ''; - - item.id_agente = '' + item.agent_name + ''; - - } else { - item.id_agente = ''; - } - - /* Group name */ - if (item.id_grupo == "0") { - item.id_grupo = ""; - } else { - item.id_grupo = item.group_name; - } - /* Options */ // Show more. item.options = '' +item.id_agente+'">' + item.agent_name + ''; + } else { + item.agent_name = ''; + } + + /* Agent ID link */ + if (item.id_agente > 0) { + + item.id_agente = '' + item.id_agente + ''; + + item.id_agente = '' + item.agent_name + ''; + + } else { + item.id_agente = ''; + } + item.estado = '
'; item.estado += img; item.estado += '
'; @@ -1719,6 +1712,13 @@ function process_datatables_item(item) { // Add event severity format to itself. item.evento = evn; + /* Group name */ + if (item.id_grupo == "0") { + item.id_grupo = ""; + } else { + item.id_grupo = item.group_name; + } + } /* Datatables auxiliary functions ends */ From 6b944ead9735241fa50e550f816f0691708fe9c6 Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Wed, 19 Jun 2019 17:08:18 +0200 Subject: [PATCH 13/37] minor fix --- pandora_console/include/functions_groups.php | 1 - 1 file changed, 1 deletion(-) diff --git a/pandora_console/include/functions_groups.php b/pandora_console/include/functions_groups.php index 0e88d86004..a1448e37f2 100644 --- a/pandora_console/include/functions_groups.php +++ b/pandora_console/include/functions_groups.php @@ -331,7 +331,6 @@ function groups_get_children($parent, $ignorePropagate=false) $return += groups_get_children( $g['id_grupo'], $ignorePropagate - ) ); } } From 275261e6b3ce2777f7c19eea5419de706dffd3be Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Wed, 19 Jun 2019 17:30:32 +0200 Subject: [PATCH 14/37] wip csv export events --- pandora_console/operation/events/events.php | 26 ++++++++++++++----- .../operation/events/export_csv.php | 15 +++++++++++ 2 files changed, 34 insertions(+), 7 deletions(-) diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index 95ac221164..400f3e9d6d 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -111,11 +111,11 @@ $id_extra = get_parameter('filter[id_extra]'); $user_comment = get_parameter('filter[user_comment]'); $history = get_parameter('history', false); $section = get_parameter('section', false); +$filter = get_parameter('filter', []); // Ajax responses. if (is_ajax()) { $get_events = get_parameter('get_events', 0); - $filter = get_parameter('filter', []); // Datatables offset, limit. $start = get_parameter('start', 0); $length = get_parameter('length', $config['block_size']); @@ -493,27 +493,27 @@ if ($pure) { // Fullscreen. $fullscreen['active'] = false; - $fullscreen['text'] = ''.html_print_image('images/full_screen.png', true, ['title' => __('Full screen')]).''; + $fullscreen['text'] = ''.html_print_image('images/full_screen.png', true, ['title' => __('Full screen')]).''; // Event list. $list['active'] = false; - $list['text'] = ''.html_print_image('images/events_list.png', true, ['title' => __('Event list')]).''; + $list['text'] = ''.html_print_image('images/events_list.png', true, ['title' => __('Event list')]).''; // History event list. $history_list['active'] = false; - $history_list['text'] = ''.html_print_image('images/books.png', true, ['title' => __('History event list')]).''; + $history_list['text'] = ''.html_print_image('images/books.png', true, ['title' => __('History event list')]).''; // RSS. $rss['active'] = false; - $rss['text'] = ''.html_print_image('images/rss.png', true, ['title' => __('RSS Events')]).''; + $rss['text'] = ''.html_print_image('images/rss.png', true, ['title' => __('RSS Events')]).''; // Marquee. $marquee['active'] = false; - $marquee['text'] = ''.html_print_image('images/heart.png', true, ['title' => __('Marquee display')]).''; + $marquee['text'] = ''.html_print_image('images/heart.png', true, ['title' => __('Marquee display')]).''; // CSV. $csv['active'] = false; - $csv['text'] = ''.html_print_image('images/csv_mc.png', true, ['title' => __('Export to CSV file')]).''; + $csv['text'] = ''.html_print_image('images/csv_mc.png', true, ['title' => __('Export to CSV file')]).''; // Sound events. $sound_event['active'] = false; @@ -1969,6 +1969,18 @@ function reorder_tags_inputs() { /* Tag management ends */ $(document).ready( function() { + /* Filter to a href */ + $('.events_link').on('click', function(e) { + e.preventDefault(); + + console.log(e.currentTarget); + + + + + + }); + /* Multi select handler */ $('#checkbox-all_validate_box').on('change', function() { if($('#checkbox-all_validate_box').is(":checked")) { diff --git a/pandora_console/operation/events/export_csv.php b/pandora_console/operation/events/export_csv.php index dbc20abb6a..be0bb52b71 100644 --- a/pandora_console/operation/events/export_csv.php +++ b/pandora_console/operation/events/export_csv.php @@ -27,6 +27,21 @@ if (! check_acl($config['id_user'], 0, 'ER') && ! check_acl($config['id_user'], exit; } +hd($_REQUEST); + +$fb64 = get_parameter('fb64', ''); + + +try { + $filter = json_decode(base64_decode($fb64), true); +} catch (Exception $e) { + echo $e; + exit; +} + +hd($filter); + +die(); global $config; // loading l10n tables, because of being invoked not through index.php. From e828fd6690f744b46b5efa021dff247a69658364 Mon Sep 17 00:00:00 2001 From: Daniel Maya Date: Thu, 20 Jun 2019 09:49:54 +0200 Subject: [PATCH 15/37] Fixed Advanced Permissions LDAP --- pandora_console/include/auth/mysql.php | 109 ++++++++++--------------- 1 file changed, 42 insertions(+), 67 deletions(-) diff --git a/pandora_console/include/auth/mysql.php b/pandora_console/include/auth/mysql.php index 5ef2fed828..ed5e56782a 100644 --- a/pandora_console/include/auth/mysql.php +++ b/pandora_console/include/auth/mysql.php @@ -1257,11 +1257,8 @@ function fill_permissions_ldap($sr) global $config; $permissions = []; $permissions_profile = []; - if (defined('METACONSOLE')) { - $meta = true; - } - if ($meta && (bool) $config['ldap_save_profile'] === false && $config['ldap_advanced_config'] == 0) { + if ((bool) $config['ldap_save_profile'] === false && ($config['ldap_advanced_config'] == 0 || $config['ldap_advanced_config'] == '')) { $result = 0; $result = db_get_all_rows_filter( 'tusuario_perfil', @@ -1287,43 +1284,9 @@ function fill_permissions_ldap($sr) return $permissions_profile; } - if ((bool) $config['ldap_save_profile'] === false && $config['ldap_advanced_config'] == '') { - $result = db_get_all_rows_filter( - 'tusuario_perfil', - ['id_usuario' => $sr['uid'][0]] - ); - if ($result == false) { - $permissions[0]['profile'] = $config['default_remote_profile']; - $permissions[0]['groups'][] = $config['default_remote_group']; - $permissions[0]['tags'] = $config['default_assign_tags']; - $permissions[0]['no_hierarchy'] = $config['default_no_hierarchy']; - return $permissions; - } - - foreach ($result as $perms) { - $permissions_profile[] = [ - 'profile' => $perms['id_perfil'], - 'groups' => [$perms['id_grupo']], - 'tags' => $perms['tags'], - 'no_hierarchy' => (bool) $perms['no_hierarchy'] ? 1 : 0, - ]; - } - - return $permissions_profile; - } - if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == 1) { $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true); - foreach ($ldap_adv_perms as $ldap_adv_perm) { - $permissions[] = [ - 'profile' => $ldap_adv_perm['profile'], - 'groups' => $ldap_adv_perm['group'], - 'tags' => implode(',', $ldap_adv_perm['tags']), - 'no_hierarchy' => (bool) $ldap_adv_perm['no_hierarchy'] ? 1 : 0, - ]; - } - - return $permissions; + return get_advanced_permissions($ldap_adv_perms, $sr); } if ($config['ldap_advanced_config'] == 1 && $config['ldap_save_profile'] == 0) { @@ -1333,25 +1296,16 @@ function fill_permissions_ldap($sr) ); if ($result == false) { $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true); - foreach ($ldap_adv_perms as $ldap_adv_perm) { - $permissions[] = [ - 'profile' => $ldap_adv_perm['profile'], - 'groups' => $ldap_adv_perm['group'], - 'tags' => implode(',', $ldap_adv_perm['tags']), - 'no_hierarchy' => (bool) $ldap_adv_perm['no_hierarchy'] ? 1 : 0, - ]; - } - - return $permissions; + return get_advanced_permissions($ldap_adv_perms, $sr); } foreach ($result as $perms) { - $permissions_profile[] = [ - 'profile' => $perms['id_perfil'], - 'groups' => [$perms['id_grupo']], - 'tags' => $perms['tags'], - 'no_hierarchy' => (bool) $perms['no_hierarchy'] ? 1 : 0, - ]; + $permissions_profile[] = [ + 'profile' => $perms['id_perfil'], + 'groups' => [$perms['id_grupo']], + 'tags' => $perms['tags'], + 'no_hierarchy' => (bool) $perms['no_hierarchy'] ? 1 : 0, + ]; }; return $permissions_profile; @@ -1365,22 +1319,43 @@ function fill_permissions_ldap($sr) return $permissions; } - // Decode permissions in advanced mode - $ldap_adv_perms = json_decode(io_safe_output($config['ldap_adv_perms']), true); + return $permissions; +} + + +/** + * Get permissions in advanced mode. + * + * @param array ldap_adv_perms + * + * @return array + */ +function get_advanced_permissions($ldap_adv_perms, $sr) +{ + $permissions = []; foreach ($ldap_adv_perms as $ldap_adv_perm) { $attributes = $ldap_adv_perm['groups_ldap']; - foreach ($attributes as $attr) { - $attr = explode('=', $attr, 2); - foreach ($sr[$attr[0]] as $s_attr) { - if (preg_match('/'.$attr[1].'/', $s_attr)) { - $permissions[] = [ - 'profile' => $ldap_adv_perm['profile'], - 'groups' => $ldap_adv_perm['group'], - 'tags' => implode(',', $ldap_adv_perm['tags']), - 'no_hierarchy' => (bool) $ldap_adv_perm['no_hierarchy'] ? 1 : 0, - ]; + if (!empty($attributes[0])) { + foreach ($attributes as $attr) { + $attr = explode('=', $attr, 2); + foreach ($sr[$attr[0]] as $s_attr) { + if (preg_match('/'.$attr[1].'/', $s_attr)) { + $permissions[] = [ + 'profile' => $ldap_adv_perm['profile'], + 'groups' => $ldap_adv_perm['group'], + 'tags' => implode(',', $ldap_adv_perm['tags']), + 'no_hierarchy' => (bool) $ldap_adv_perm['no_hierarchy'] ? 1 : 0, + ]; + } } } + } else { + $permissions[] = [ + 'profile' => $ldap_adv_perm['profile'], + 'groups' => $ldap_adv_perm['group'], + 'tags' => implode(',', $ldap_adv_perm['tags']), + 'no_hierarchy' => (bool) $ldap_adv_perm['no_hierarchy'] ? 1 : 0, + ]; } } From cfe16ee8c342564934bbba50c130bc0776450fd1 Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Thu, 20 Jun 2019 11:46:01 +0200 Subject: [PATCH 16/37] minor fixes --- pandora_console/include/functions_events.php | 141 +++++++- pandora_console/operation/events/events.php | 39 ++- .../operation/events/export_csv.php | 312 ++++++++++-------- 3 files changed, 331 insertions(+), 161 deletions(-) diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index da2efa1bd1..a958a3a957 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -34,6 +34,143 @@ enterprise_include_once('meta/include/functions_agents_meta.php'); enterprise_include_once('meta/include/functions_modules_meta.php'); +/** + * Translates a numeric value module_status into descriptive text. + * + * @param integer $status Module status. + * + * @return string Descriptive text. + */ +function events_translate_module_status($status) +{ + switch ($status) { + case AGENT_MODULE_STATUS_NORMAL: + return __('NORMAL'); + + case AGENT_MODULE_STATUS_CRITICAL_BAD: + return __('CRITICAL'); + + case AGENT_MODULE_STATUS_NO_DATA: + return __('NOT INIT'); + + case AGENT_MODULE_STATUS_CRITICAL_ALERT: + case AGENT_MODULE_STATUS_NORMAL_ALERT: + case AGENT_MODULE_STATUS_WARNING_ALERT: + return __('ALERT'); + + case AGENT_MODULE_STATUS_WARNING: + return __('WARNING'); + + default: + return __('UNKNOWN'); + } +} + + +/** + * Translates a numeric value event_type into descriptive text. + * + * @param integer $event_type Event type. + * + * @return string Descriptive text. + */ +function events_translate_event_type($event_type) +{ + // Event type prepared. + switch ($event_type) { + case EVENTS_ALERT_FIRED: + case EVENTS_ALERT_RECOVERED: + case EVENTS_ALERT_CEASED: + case EVENTS_ALERT_MANUAL_VALIDATION: + return __('ALERT'); + + case EVENTS_RECON_HOST_DETECTED: + case EVENTS_SYSTEM: + case EVENTS_ERROR: + case EVENTS_NEW_AGENT: + case EVENTS_CONFIGURATION_CHANGE: + return __('SYSTEM'); + + case EVENTS_GOING_UP_WARNING: + case EVENTS_GOING_DOWN_WARNING: + return __('WARNING'); + + case EVENTS_GOING_DOWN_NORMAL: + case EVENTS_GOING_UP_NORMAL: + return __('NORMAL'); + + case EVENTS_GOING_DOWN_CRITICAL: + case EVENTS_GOING_UP_CRITICAL: + return __('CRITICAL'); + + case EVENTS_UNKNOWN: + case EVENTS_GOING_UNKNOWN: + default: + return __('UNKNOWN'); + } +} + + +/** + * Translates a numeric value event_status into descriptive text. + * + * @param integer $status Event status. + * + * @return string Descriptive text. + */ +function events_translate_event_status($status) +{ + switch ($status) { + case EVENT_STATUS_NEW: + default: + return __('NEW'); + + case EVENT_STATUS_INPROCESS: + return __('IN PROCESS'); + + case EVENT_STATUS_VALIDATED: + return __('VALIDATED'); + } +} + + +/** + * Translates a numeric value criticity into descriptive text. + * + * @param integer $criticity Event criticity. + * + * @return string Descriptive text. + */ +function events_translate_event_criticity($criticity) +{ + switch ($criticity) { + case EVENT_CRIT_CRITICAL: + return __('CRITICAL'); + + case EVENT_CRIT_MAINTENANCE: + return __('MAINTENANCE'); + + case EVENT_CRIT_INFORMATIONAL: + return __('INFORMATIONAL'); + + case EVENT_CRIT_MAJOR: + return __('MAJOR'); + + case EVENT_CRIT_MINOR: + return __('MINOR'); + + case EVENT_CRIT_NORMAL: + return __('NORMAL'); + + case EVENT_CRIT_WARNING: + return __('WARNING'); + + default: + return __('UNKNOWN'); + } +} + + /** * Return all header string for each event field. * @@ -6465,10 +6602,6 @@ function events_get_sql_order($sort_field='timestamp', $sort='DESC', $group_rep= */ function events_get_secondary_groups_left_join($table) { - if (users_is_admin()) { - return ''; - } - if ($table == 'tevento') { return 'LEFT JOIN tagent_secondary_group tasg ON te.id_agente = tasg.id_agent'; } diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index 400f3e9d6d..ec073082bf 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -1,7 +1,6 @@ '.html_print_image('images/full_screen.png', true, ['title' => __('Full screen')]).''; + $fullscreen['text'] = ''.html_print_image('images/full_screen.png', true, ['title' => __('Full screen')]).''; // Event list. $list['active'] = false; - $list['text'] = ''.html_print_image('images/events_list.png', true, ['title' => __('Event list')]).''; + $list['text'] = ''.html_print_image('images/events_list.png', true, ['title' => __('Event list')]).''; // History event list. $history_list['active'] = false; - $history_list['text'] = ''.html_print_image('images/books.png', true, ['title' => __('History event list')]).''; + $history_list['text'] = ''.html_print_image('images/books.png', true, ['title' => __('History event list')]).''; // RSS. $rss['active'] = false; - $rss['text'] = ''.html_print_image('images/rss.png', true, ['title' => __('RSS Events')]).''; + $rss['text'] = ''.html_print_image('images/rss.png', true, ['title' => __('RSS Events')]).''; // Marquee. $marquee['active'] = false; - $marquee['text'] = ''.html_print_image('images/heart.png', true, ['title' => __('Marquee display')]).''; + $marquee['text'] = ''.html_print_image('images/heart.png', true, ['title' => __('Marquee display')]).''; // CSV. $csv['active'] = false; - $csv['text'] = ''.html_print_image('images/csv_mc.png', true, ['title' => __('Export to CSV file')]).''; + $csv['text'] = ''.html_print_image('images/csv_mc.png', true, ['title' => __('Export to CSV file')]).''; // Sound events. $sound_event['active'] = false; @@ -1225,6 +1224,7 @@ try { $active_filters_div .= ''; $table_id = 'events'; + $form_id = 'events_form'; // Print datatable. ui_print_datatable( @@ -1238,7 +1238,7 @@ try { 'history' => (int) $history, ], 'form' => [ - 'id' => 'events_form', + 'id' => $form_id, 'class' => 'flex-row', 'html' => $filter, 'inputs' => [], @@ -1528,7 +1528,7 @@ function process_datatables_item(item) { case "": case "": - $tex = ""; + text = ""; color = ""; break; @@ -1654,15 +1654,15 @@ function process_datatables_item(item) { /* Status */ img = ' __('Unknown'), 'class' => 'forced-title']); ?>'; switch (item.estado) { - case "0": + case "": img = ' __('New event'), 'class' => 'forced-title']); ?>'; break; - case "1": + case "": img = ' __('Event validated'), 'class' => 'forced-title']); ?>'; break; - case "2": + case "": img = ' __('Event in process'), 'class' => 'forced-title']); ?>'; break; } @@ -1968,16 +1968,21 @@ function reorder_tags_inputs() { } /* Tag management ends */ $(document).ready( function() { - /* Filter to a href */ $('.events_link').on('click', function(e) { e.preventDefault(); - console.log(e.currentTarget); - - + inputs = $("# :input"); + values = {}; + inputs.each(function() { + values[this.name] = $(this).val(); + }) + values['history'] = ""; + var url = e.currentTarget.href; + url += 'fb64=' + btoa(JSON.stringify(values)); + document.location = url; }); diff --git a/pandora_console/operation/events/export_csv.php b/pandora_console/operation/events/export_csv.php index be0bb52b71..0c16a16f9d 100644 --- a/pandora_console/operation/events/export_csv.php +++ b/pandora_console/operation/events/export_csv.php @@ -1,18 +1,34 @@ load_tables(); } -$offset = (int) get_parameter('offset'); -$id_group = (int) get_parameter('id_group'); -// group -$event_type = (string) get_parameter('event_type', 'all'); -// 0 all -$severity = (int) get_parameter('severity', -1); -// -1 all -$status = (int) get_parameter('status', -1); -// -1 all, 0 only red, 1 only green -$id_agent = (int) get_parameter('id_agent', -1); +$column_names = [ + 'id_evento', + 'evento', + 'timestamp', + 'estado', + 'event_type', + 'utimestamp', + 'id_agente', + 'agent_name', + 'id_usuario', + 'id_grupo', + 'id_agentmodule', + 'id_alert_am', + 'criticity', + 'user_comment', + 'tags', + 'source', + 'id_extra', + 'critical_instructions', + 'warning_instructions', + 'unknown_instructions', + 'owner_user', + 'ack_utimestamp', + 'custom_data', + 'data', + 'module_status', +]; -$id_event = (int) get_parameter('id_event', -1); -$event_view_hr = (int) get_parameter('event_view_hr', $config['event_view_hr']); -$id_user_ack = get_parameter('id_user_ack', 0); -$search = io_safe_output(preg_replace('/&([A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/', '&', rawurldecode(get_parameter('search')))); -$text_agent = (string) get_parameter('text_agent', __('All')); - -$tag_with_json = base64_decode(get_parameter('tag_with', '')); -$tag_with_json_clean = io_safe_output($tag_with_json); -$tag_with_base64 = base64_encode($tag_with_json_clean); -$tag_with = json_decode($tag_with_json_clean, true); -if (empty($tag_with)) { - $tag_with = []; -} - -$tag_with = array_diff($tag_with, [0 => 0]); - -$tag_without_json = base64_decode(get_parameter('tag_without', '')); -$tag_without_json_clean = io_safe_output($tag_without_json); -$tag_without_base64 = base64_encode($tag_without_json_clean); -$tag_without = json_decode($tag_without_json_clean, true); -if (empty($tag_without)) { - $tag_without = []; -} - -$tag_without = array_diff($tag_without, [0 => 0]); - -$filter_only_alert = (int) get_parameter('filter_only_alert', -1); - -// -// Build the condition of the events query -$sql_post = ''; -$meta = false; - -$id_user = $config['id_user']; - -require 'events.build_query.php'; - -// Now $sql_post have all the where condition -// -switch ($config['dbtype']) { - case 'mysql': - case 'postgresql': - case 'oracle': - $sql = 'SELECT * - FROM tevento te - LEFT JOIN tagent_secondary_group tasg - ON te.id_grupo = tasg.id_group - WHERE 1=1 '.$sql_post.' - ORDER BY utimestamp DESC'; - break; -} +$fields = [ + 'te.id_evento', + 'te.evento', + 'te.timestamp', + 'te.estado', + 'te.event_type', + 'te.utimestamp', + 'te.id_agente', + 'ta.alias as agent_name', + 'te.id_usuario', + 'te.id_grupo', + 'te.id_agentmodule', + 'am.nombre as module_name', + 'te.id_alert_am', + 'te.criticity', + 'te.user_comment', + 'te.tags', + 'te.source', + 'te.id_extra', + 'te.critical_instructions', + 'te.warning_instructions', + 'te.unknown_instructions', + 'te.owner_user', + 'te.ack_utimestamp', + 'te.custom_data', + 'te.data', + 'te.module_status', + 'tg.nombre as group_name', +]; $now = date('Y-m-d'); -// Show contentype header +// Download header. header('Content-type: text/txt'); header('Content-Disposition: attachment; filename="pandora_export_event'.$now.'.csv"'); -echo 'timestamp'; -echo $config['csv_divider']; -echo 'agent'; -echo $config['csv_divider']; -echo 'group'; -echo $config['csv_divider']; -echo 'event'; -echo $config['csv_divider']; -echo 'status'; -echo $config['csv_divider']; -echo 'user'; -echo $config['csv_divider']; -echo 'event_type'; -echo $config['csv_divider']; -echo 'severity'; -echo $config['csv_divider']; -echo 'id'; -echo chr(13); - -$new = true; -while ($event = db_get_all_row_by_steps_sql($new, $result, $sql)) { - $new = false; - $alias = db_get_value('alias', 'tagente', 'id_agente', $event['id_agente']); - if ((!check_acl($config['id_user'], $event['id_grupo'], 'ER') - && !check_acl($config['id_user'], $event['id_grupo'], 'EW') && !check_acl($config['id_user'], $event['id_grupo'], 'EM') ) - || (!check_acl($config['id_user'], 0, 'PM') && $event['event_type'] == 'system') - ) { - continue; +try { + $fb64 = get_parameter('fb64', null); + $plain_filter = base64_decode($fb64); + $filter = json_decode($plain_filter, true); + if (json_last_error() != JSON_ERROR_NONE) { + throw new Exception('Invalid filter. ['.$plain_filter.']'); + } + + $names = events_get_column_names($column_names); + + // Dump headers. + foreach ($names as $n) { + echo io_safe_output($n).$config['csv_divider']; } - echo date($config['date_format'], $event['utimestamp']); - echo $config['csv_divider']; - echo io_safe_output($alias); - echo $config['csv_divider']; - echo io_safe_output(groups_get_name($event['id_grupo'])); - echo $config['csv_divider']; - echo io_safe_output($event['evento']); - echo $config['csv_divider']; - echo io_safe_output($event['estado']); - echo $config['csv_divider']; - echo io_safe_output($event['id_usuario']); - echo $config['csv_divider']; - echo io_safe_output($event['event_type']); - echo $config['csv_divider']; - echo $event['criticity']; - echo $config['csv_divider']; - echo $event['id_evento']; echo chr(13); + + // Dump events. + $events_per_step = 1000; + $step = 0; + while (1) { + $events = events_get_all( + $fields, + $filter, + (($step++) * $events_per_step), + $events_per_step, + 'desc', + 'timestamp', + $filter['history'] + ); + + if ($events === false) { + break; + } + + foreach ($events as $row) { + foreach ($column_names as $val) { + $key = $val; + if ($val == 'id_grupo') { + $key = 'group_name'; + } else if ($val == 'id_agentmodule') { + $key = 'module_name'; + } + + switch ($key) { + case 'module_status': + echo events_translate_module_status( + $row[$key] + ); + break; + + case 'event_type': + echo events_translate_event_type( + $row[$key] + ); + break; + + case 'criticity': + echo events_translate_event_criticity( + $row[$key] + ); + break; + + default: + echo io_safe_output($row[$key]); + break; + } + + echo $config['csv_divider']; + } + + echo chr(13); + } + } +} catch (Exception $e) { + echo 'ERROR'.chr(13); + echo $e->getMessage(); + exit; } + +exit; From aa238165d97964a67047dda592e9f56bae9a0735 Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Thu, 20 Jun 2019 13:33:37 +0200 Subject: [PATCH 17/37] events rss --- .../operation/events/events_rss.php | 492 +++++++++++------- 1 file changed, 299 insertions(+), 193 deletions(-) diff --git a/pandora_console/operation/events/events_rss.php b/pandora_console/operation/events/events_rss.php index 2a38643a9c..95ce7cd07b 100644 --- a/pandora_console/operation/events/events_rss.php +++ b/pandora_console/operation/events/events_rss.php @@ -1,18 +1,37 @@ '; + $output .= ''; + $output .= ''; + return $output."\n"; } -// Check user credentials -$user = get_parameter('user'); -$hashup = get_parameter('hashup'); -$pss = get_user_info($user); -$hashup2 = md5($user.$pss['password']); +/** + * Escape entities for XML. + * + * @param string $str String. + * + * @return string Escaped string. + */ +function xml_entities($str) +{ + if (!is_string($str)) { + return ''; + } -if ($hashup != $hashup2) { - rss_error_handler( - null, - null, - null, - null, - __('The URL of your feed has bad hash.') - ); + if (preg_match_all('/(&[^;]+;)/', $str, $matches) != 0) { + $matches = $matches[0]; - exit; + foreach ($matches as $entity) { + $char = html_entity_decode($entity, (ENT_COMPAT | ENT_HTML401), 'UTF-8'); + + $html_entity_numeric = '&#'.uniord($char).';'; + + $str = str_replace($entity, $html_entity_numeric, $str); + } + } + + return $str; } -header('Content-Type: application/xml; charset=UTF-8'); -// Send header before starting to output + +/** + * Undocumented function. + * + * @param string $u U. + * + * @return integer Ord. + */ +function uniord($u) +{ + $k = mb_convert_encoding($u, 'UCS-2LE', 'UTF-8'); + $k1 = ord(substr($k, 0, 1)); + $k2 = ord(substr($k, 1, 1)); + + return ($k2 * 256 + $k1); +} + + +/** + * Generate RSS header. + * + * @param integer $lastbuild Date, last build. + * + * @return string RSS header. + */ +function rss_header($lastbuild=0) +{ + $selfurl = ui_get_full_url('?'.$_SERVER['QUERY_STRING'], false, true); + + // ' '."\n"; + $rss_feed .= ''."\n"; + $rss_feed .= ''."\n"; + $rss_feed .= ''.io_safe_output(get_product_name()).' Events Feed'."\n"; + $rss_feed .= 'Latest events on '.get_product_name().''."\n"; + $rss_feed .= ''.date(DATE_RFC822, $lastbuild).''."\n"; + // Last build date is the last event - that way readers won't mark it as having new posts. + $rss_feed .= ''.$url.''."\n"; + // Link back to the main Pandora page. + $rss_feed .= ''."\n"; + + return $rss_feed; +} + + +/** + * RSS error handler. + * + * @param string $errno Errno. + * @param string $errstr Errstr. + * @param string $errfile Errfile. + * @param string $errline Errline. + * @param string $error_human_description Error_human_description. + * + * @return void + */ function rss_error_handler($errno, $errstr, $errfile, $errline, $error_human_description=null) { $url = ui_get_full_url(false); $selfurl = ui_get_full_url('?'.$_SERVER['QUERY_STRING'], false, true); - $rss_feed = ''; - // ' Fixes certain highlighters freaking out on the PHP closing tag - $rss_feed .= "\n"; - $rss_feed .= ''; - $rss_feed .= "\n"; - $rss_feed .= ''; - $rss_feed .= "\n"; - $rss_feed .= ''.get_product_name().' RSS Feed'; - $rss_feed .= "\n"; - $rss_feed .= 'Latest events on '.get_product_name().''; - $rss_feed .= "\n"; - $rss_feed .= ''.date(DATE_RFC822, 0).''; - $rss_feed .= "\n"; - $rss_feed .= ''.$url.''; - // Link back to the main Pandora page - $rss_feed .= "\n"; - $rss_feed .= ''; - // Alternative for Atom feeds. It's the same. + // ' Fixes certain highlighters freaking out on the PHP closing tag. + $rss_feed = rss_header(0); $rss_feed .= "\n"; $rss_feed .= ''; $rss_feed .= "\n"; @@ -104,169 +173,206 @@ function rss_error_handler($errno, $errstr, $errfile, $errline, $error_human_des $rss_feed .= "\n"; $rss_feed .= ''; - exit($rss_feed); - // Exit by displaying the feed + echo $rss_feed; } +// Errors output as RSS. set_error_handler('rss_error_handler', E_ERROR); -// Errors output as RSS -$id_group = get_parameter('id_group', 0); -// group -$event_type = get_parameter('event_type', ''); -// 0 all -$severity = (int) get_parameter('severity', -1); -// -1 all -$status = (int) get_parameter('status', 0); -// -1 all, 0 only red, 1 only green -$id_agent = (int) get_parameter('id_agent', -1); -$id_event = (int) get_parameter('id_event', -1); -// This will allow to select only 1 event (eg. RSS) -$event_view_hr = (int) get_parameter('event_view_hr', 0); -$id_user_ack = get_parameter('id_user_ack', 0); -$search = io_safe_output(preg_replace('/&([A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/', '&', rawurldecode(get_parameter('search')))); -$text_agent = (string) get_parameter('text_agent', __('All')); +// Send header before starting to output. +header('Content-Type: application/xml; charset=UTF-8'); -$tag_with_json = base64_decode(get_parameter('tag_with', '')); -$tag_with_json_clean = io_safe_output($tag_with_json); -$tag_with_base64 = base64_encode($tag_with_json_clean); -$tag_with = json_decode($tag_with_json_clean, true); -if (empty($tag_with)) { - $tag_with = []; +$ipOrigin = $_SERVER['REMOTE_ADDR']; + +// Uncoment this to activate ACL on RSS Events. +if (!isInACL($ipOrigin)) { + rss_error_handler( + null, + null, + null, + null, + __('Your IP is not into the IP list with API access.') + ); + + exit; } -$tag_with = array_diff($tag_with, [0 => 0]); +// Check user credentials. +$user = get_parameter('user'); +$hashup = get_parameter('hashup'); -$tag_without_json = base64_decode(get_parameter('tag_without', '')); -$tag_without_json_clean = io_safe_output($tag_without_json); -$tag_without_base64 = base64_encode($tag_without_json_clean); -$tag_without = json_decode($tag_without_json_clean, true); -if (empty($tag_without)) { - $tag_without = []; +$pss = get_user_info($user); +$hashup2 = md5($user.$pss['password']); + +if ($hashup != $hashup2) { + rss_error_handler( + null, + null, + null, + null, + __('The URL of your feed has bad hash.') + ); + + exit; } -$tag_without = array_diff($tag_without, [0 => 0]); - -$filter_only_alert = (int) get_parameter('filter_only_alert', -1); - -// -// Build the condition of the events query -$sql_post = ''; -$meta = false; - -$id_user = $user; - -require 'events.build_query.php'; - -// Now $sql_post have all the where condition -// -$sql = 'SELECT * - FROM tevento te LEFT JOIN tagent_secondary_group tasg - ON te.id_grupo = tasg.id_group - WHERE 1=1 '.$sql_post.' - ORDER BY utimestamp DESC'; - -$result = db_get_all_rows_sql($sql); - -$url = ui_get_full_url(false); -$selfurl = ui_get_full_url('?'.$_SERVER['QUERY_STRING'], false, true); - -if (empty($result)) { - $lastbuild = 0; - // Last build in 1970 -} else { - $lastbuild = (int) $result[0]['utimestamp']; +$reset_session = false; +if (empty($config['id_user'])) { + $config['id_user'] = $user; + $reset_session = true; } -$rss_feed = ''."\n"; -// ' '."\n"; -$rss_feed .= ''."\n"; -$rss_feed .= ''.get_product_name().' RSS Feed'."\n"; -$rss_feed .= 'Latest events on '.get_product_name().''."\n"; -$rss_feed .= ''.date(DATE_RFC822, $lastbuild).''."\n"; -// Last build date is the last event - that way readers won't mark it as having new posts -$rss_feed .= ''.$url.''."\n"; -// Link back to the main Pandora page -$rss_feed .= ''."\n"; -; -// Alternative for Atom feeds. It's the same. -if (empty($result)) { - $result = []; - $rss_feed .= ''.xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events')).'No results'; - $rss_feed .= 'There are no results. Click on the link to see all Pending events'; - $rss_feed .= ''.xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events')).''."\n"; -} +$column_names = [ + 'id_evento', + 'evento', + 'timestamp', + 'estado', + 'event_type', + 'utimestamp', + 'id_agente', + 'agent_name', + 'id_usuario', + 'id_grupo', + 'id_agentmodule', + 'id_alert_am', + 'criticity', + 'user_comment', + 'tags', + 'source', + 'id_extra', + 'critical_instructions', + 'warning_instructions', + 'unknown_instructions', + 'owner_user', + 'ack_utimestamp', + 'custom_data', + 'data', + 'module_status', +]; -foreach ($result as $row) { - if (!check_acl($user, $row['id_grupo'], 'ER')) { - continue; +$fields = [ + 'te.id_evento', + 'te.evento', + 'te.timestamp', + 'te.estado', + 'te.event_type', + 'te.utimestamp', + 'te.id_agente', + 'ta.alias as agent_name', + 'te.id_usuario', + 'te.id_grupo', + 'te.id_agentmodule', + 'am.nombre as module_name', + 'te.id_alert_am', + 'te.criticity', + 'te.user_comment', + 'te.tags', + 'te.source', + 'te.id_extra', + 'te.critical_instructions', + 'te.warning_instructions', + 'te.unknown_instructions', + 'te.owner_user', + 'te.ack_utimestamp', + 'te.custom_data', + 'te.data', + 'te.module_status', + 'tg.nombre as group_name', +]; + + +try { + $fb64 = get_parameter('fb64', null); + $plain_filter = base64_decode($fb64); + $filter = json_decode($plain_filter, true); + if (json_last_error() != JSON_ERROR_NONE) { + throw new Exception('Invalid filter. ['.$plain_filter.']'); } - if ($row['event_type'] == 'system') { - $agent_name = __('System'); - } else if ($row['id_agente'] > 0) { - // Agent name - $agent_name = agents_get_alias($row['id_agente']); - } else { - $agent_name = __('Alert').__('SNMP'); + // Dump events. + $limit = get_parameter('limit', 20); + $offset = get_parameter('offset', 0); + $events = events_get_all( + $fields, + $filter, + $offset, + $limit, + 'desc', + 'timestamp', + $filter['history'] + ); + + $last_timestamp = 0; + if (is_array($events)) { + $last_timestamp = $events[0]['utimestamp']; } - // This is mandatory - $rss_feed .= ''; - $rss_feed .= xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events&id_event='.$row['id_evento'])); - $rss_feed .= ''; - $rss_feed .= xml_entities($agent_name); - $rss_feed .= ''; - $rss_feed .= xml_entities($row['evento']); - if ($row['estado'] == 1) { - $rss_feed .= xml_entities(io_safe_input('

'.'Validated by '.$row['id_usuario'])); - } + // Dump headers. + $rss = rss_header($last_timestamp); + $url = ui_get_full_url(false); - $rss_feed .= '
'; - $rss_feed .= xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events&id_event='.$row['id_evento'])); - $rss_feed .= ''; + if (is_array($events)) { + foreach ($events as $row) { + $rss .= ''; + $rss .= xml_entry('title', $row['evento']); + if (!empty($row['id_agente'])) { + $rss .= xml_entry('link', $url.'index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$row['id_agente']); + } - // The rest is optional - $rss_feed .= ''.date(DATE_RFC822, $row['utimestamp']).''; + $rss .= xml_entry('comments', $row['']); + $rss .= xml_entry('pubDate', $row['timestamp']); + $rss .= xml_entry('category', $row['source']); + foreach ($column_names as $val) { + $key = $val; + if ($val == 'id_grupo') { + $key = 'group_name'; + } else if ($val == 'id_agentmodule') { + $key = 'module_name'; + } - // This is mandatory again - $rss_feed .= ''."\n"; -} + switch ($key) { + case 'module_status': + $value = events_translate_module_status( + $row[$key] + ); + break; -$rss_feed .= "
\n
\n"; + case 'event_type': + $value = events_translate_event_type( + $row[$key] + ); + break; -echo $rss_feed; + case 'criticity': + $value = events_translate_event_criticity( + $row[$key] + ); + break; + default: + $value = $row[$key]; + break; + } -function xml_entities($str) -{ - if (!is_string($str)) { - return ''; - } + $rss .= xml_entry($key, $value); + } - if (preg_match_all('/(&[^;]+;)/', $str, $matches) != 0) { - $matches = $matches[0]; - - foreach ($matches as $entity) { - $char = html_entity_decode($entity, (ENT_COMPAT | ENT_HTML401), 'UTF-8'); - - $html_entity_numeric = '&#'.uniord($char).';'; - - $str = str_replace($entity, $html_entity_numeric, $str); + $rss .= ''; } + } else { + $rss .= ''.xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events')).'No results'; + $rss .= 'There are no results. Click on the link to see all Pending events'; + $rss .= ''.xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events')).''."\n"; } - return $str; + $rss .= "\n\n"; + + echo $rss; +} catch (Exception $e) { + echo rss_error_handler(200, 'Controlled error', '', '', $e->getMessage()); } - -function uniord($u) -{ - $k = mb_convert_encoding($u, 'UCS-2LE', 'UTF-8'); - $k1 = ord(substr($k, 0, 1)); - $k2 = ord(substr($k, 1, 1)); - - return ($k2 * 256 + $k1); +if ($reset_session) { + unset($config['id_user']); } From 2c5cd007d247bcc1e275f4b38acb7d58c7fbf5db Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Thu, 20 Jun 2019 14:18:49 +0200 Subject: [PATCH 18/37] reset form on load filter none --- pandora_console/include/ajax/events.php | 11 ++ pandora_console/operation/events/events.php | 130 ++++++++++++++++---- 2 files changed, 118 insertions(+), 23 deletions(-) diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index 12f86c4852..d6b4e61eaa 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -267,6 +267,17 @@ if ($get_filter_values) { $event_filter = events_get_event_filter($id_filter); + if ($event_filter === false) { + $event_filter = [ + 'status' => EVENT_NO_VALIDATED, + 'event_view_hr' => $config['event_view_hr'], + 'group_rep' => 1, + 'tag_with' => [], + 'tag_without' => [], + 'history' => false, + ]; + } + $event_filter['search'] = io_safe_output($event_filter['search']); $event_filter['id_name'] = io_safe_output($event_filter['id_name']); $event_filter['tag_with'] = base64_encode( diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index ec073082bf..3f730325d8 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -87,30 +87,114 @@ if (is_metaconsole()) { ui_require_javascript_file('pandora_events'); // Get requests. -$id_group = get_parameter('filter[id_group]'); -$event_type = get_parameter('filter[event_type]'); -$severity = get_parameter('filter[severity]'); -$status = get_parameter('filter[status]', EVENT_NO_VALIDATED); -$search = get_parameter('filter[search]'); -$text_agent = get_parameter('filter[text_agent]'); -$id_agent = get_parameter('filter[id_agent]'); -$id_agent_module = get_parameter('filter[id_agent_module]'); -$pagination = get_parameter('filter[pagination]'); -$event_view_hr = get_parameter('filter[event_view_hr]', $config['event_view_hr']); -$id_user_ack = get_parameter('filter[id_user_ack]'); -$group_rep = get_parameter('filter[group_rep]', 1); -$tag_with = get_parameter('filter[tag_with]', []); -$tag_without = get_parameter('filter[tag_without]', []); -$filter_only_alert = get_parameter('filter[filter_only_alert]'); -$id_group_filter = get_parameter('filter[id_group_filter]'); -$date_from = get_parameter('filter[date_from]'); -$date_to = get_parameter('filter[date_to]'); -$source = get_parameter('filter[source]'); -$id_extra = get_parameter('filter[id_extra]'); -$user_comment = get_parameter('filter[user_comment]'); -$history = get_parameter('history', false); +$default_filter = [ + 'status' => EVENT_NO_VALIDATED, + 'event_view_hr' => $config['event_view_hr'], + 'group_rep' => 1, + 'tag_with' => [], + 'tag_without' => [], + 'history' => false, +]; + +$fb64 = get_parameter('fb64', null); +if (isset($fb64)) { + $filter = json_decode(base64_decode($fb64), true); +} else { + $filter = get_parameter( + 'filter', + $default_filter + ); +} + +$id_group = get_parameter( + 'filter[id_group]', + $filter['id_group'] +); +$event_type = get_parameter( + 'filter[event_type]', + $filter['event_type'] +); +$severity = get_parameter( + 'filter[severity]', + $filter['severity'] +); +$status = get_parameter( + 'filter[status]', + $filter['status'] +); +$search = get_parameter( + 'filter[search]', + $filter['search'] +); +$text_agent = get_parameter( + 'filter[text_agent]', + $filter['text_agent'] +); +$id_agent = get_parameter( + 'filter[id_agent]', + $filter['id_agent'] +); +$id_agent_module = get_parameter( + 'filter[id_agent_module]', + $filter['id_agent_module'] +); +$pagination = get_parameter( + 'filter[pagination]', + $filter['pagination'] +); +$event_view_hr = get_parameter( + 'filter[event_view_hr]', + $filter['event_view_hr'] +); +$id_user_ack = get_parameter( + 'filter[id_user_ack]', + $filter['id_user_ack'] +); +$group_rep = get_parameter( + 'filter[group_rep]', + $filter['group_rep'] +); +$tag_with = get_parameter( + 'filter[tag_with]', + $filter['tag_with'] +); +$tag_without = get_parameter( + 'filter[tag_without]', + $filter['tag_without'] +); +$filter_only_alert = get_parameter( + 'filter[filter_only_alert]', + $filter['filter_only_alert'] +); +$id_group_filter = get_parameter( + 'filter[id_group_filter]', + $filter['id_group_filter'] +); +$date_from = get_parameter( + 'filter[date_from]', + $filter['date_from'] +); +$date_to = get_parameter( + 'filter[date_to]', + $filter['date_to'] +); +$source = get_parameter( + 'filter[source]', + $filter['source'] +); +$id_extra = get_parameter( + 'filter[id_extra]', + $filter['id_extra'] +); +$user_comment = get_parameter( + 'filter[user_comment]', + $filter['user_comment'] +); +$history = get_parameter( + 'history', + $filter['history'] +); $section = get_parameter('section', false); -$filter = get_parameter('filter', []); // Ajax responses. if (is_ajax()) { From 8671c7c88c97b9793b1d20e46ee7b5b956dbbcfa Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Thu, 20 Jun 2019 19:23:13 +0200 Subject: [PATCH 19/37] events qa adjustments --- pandora_console/godmode/events/events.php | 15 +++----- pandora_console/include/ajax/events.php | 15 +++++--- pandora_console/include/functions_events.php | 15 ++++++++ pandora_console/operation/events/events.php | 36 ++++++++++++-------- 4 files changed, 51 insertions(+), 30 deletions(-) diff --git a/pandora_console/godmode/events/events.php b/pandora_console/godmode/events/events.php index c937ad281c..72ae001fe1 100644 --- a/pandora_console/godmode/events/events.php +++ b/pandora_console/godmode/events/events.php @@ -50,17 +50,10 @@ if (check_acl($config['id_user'], 0, 'PM')) { 'text' => ''.html_print_image('images/event_responses.png', true, ['title' => __('Event responses')]).'', ]; - if (!is_metaconsole()) { - $buttons['fields'] = [ - 'active' => false, - 'text' => ''.html_print_image('images/custom_columns.png', true, ['title' => __('Custom fields')]).'', - ]; - } else { - $buttons['fields'] = [ - 'active' => false, - 'text' => ''.html_print_image('images/custom_columns.png', true, ['title' => __('Custom fields')]).'', - ]; - } + $buttons['fields'] = [ + 'active' => false, + 'text' => ''.html_print_image('images/custom_columns.png', true, ['title' => __('Custom fields')]).'', + ]; } switch ($section) { diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index d6b4e61eaa..05a6e3ad07 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -75,13 +75,20 @@ $graphic_event_group = (bool) get_parameter('graphic_event_group'); $get_table_response_command = (bool) get_parameter('get_table_response_command'); $save_filter_modal = get_parameter('save_filter_modal', 0); $load_filter_modal = get_parameter('load_filter_modal', 0); -$save_filter = get_parameter('save_filter', 0); $get_filter_values = get_parameter('get_filter_values', 0); $update_event_filter = get_parameter('update_event_filter', 0); $save_event_filter = get_parameter('save_event_filter', 0); $in_process_event = get_parameter('in_process_event', 0); $validate_event = get_parameter('validate_event', 0); $delete_event = get_parameter('delete_event', 0); +$get_event_filters = get_parameter('get_event_filters', 0); + + +if ($get_event_filters) { + $event_filter = events_get_event_filter_select(); + + echo io_json_mb_encode($event_filter); +} // Delete event (filtered or not). if ($delete_event) { @@ -601,7 +608,7 @@ function save_new_filter() { jQuery.post ("", { - "page" : "operation/events/events_list", + "page" : "include/ajax/events", "save_event_filter" : 1, "id_name" : $("#text-id_name").val(), "id_group" : $("select#id_group").val(), @@ -670,7 +677,7 @@ function save_update_filter() { var name_filter_update = $("#overwrite_filter option[value='"+id_filter_update+"']").text(); jQuery.post ("", - {"page" : "operation/events/events_list", + {"page" : "include/ajax/events", "update_event_filter" : 1, "id" : $("#overwrite_filter").val(), "id_group" : $("select#id_group").val(), @@ -723,7 +730,7 @@ function save_update_filter() { $('#filter_id').append ($('').html ( ).attr ("value", 0)); // Reload filters select jQuery.post ("", - {"page" : "operation/events/events_list", + {"page" : "include/ajax/events", "get_event_filters" : 1 }, function (data) { diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index a958a3a957..0f72e0b55c 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -1197,6 +1197,19 @@ function events_get_all( } } + $server_join = ''; + if (is_metaconsole()) { + $server_join = ' LEFT JOIN tmetaconsole_setup ts + ON ts.id = te.server_id'; + if (!empty($filter['server_id'])) { + $server_join = sprintf( + ' LEFT JOIN tmetaconsole_setup ts + ON ts.id = te.server_id AND ts.id= %d', + $filter['server_id'] + ); + } + } + // Secondary groups. db_process_sql('SET group_concat_max_len = 9999999'); $event_lj = events_get_secondary_groups_left_join($table); @@ -1229,6 +1242,7 @@ function events_get_all( %s JOIN tgrupo tg ON te.id_grupo = tg.id_grupo %s + %s WHERE 1=1 %s %s @@ -1247,6 +1261,7 @@ function events_get_all( join(' ', $agent_join_filters), $tgrupo_join, join(' ', $tgrupo_join_filters), + $server_join, join(' ', $sql_filters), $group_by, $order_by, diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index 3f730325d8..2ee276c820 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -44,9 +44,13 @@ require_once $config['homedir'].'/include/functions_ui.php'; // Check access. check_login(); -if (! check_acl($config['id_user'], 0, 'ER') - && ! check_acl($config['id_user'], 0, 'EW') - && ! check_acl($config['id_user'], 0, 'EM') +$event_a = check_acl($config['id_user'], 0, 'ER'); +$event_w = check_acl($config['id_user'], 0, 'EW'); +$event_m = check_acl($config['id_user'], 0, 'EM'); + +if (! $event_a + && ! $event_w + && ! $event_m ) { db_pandora_audit( 'ACL Violation', @@ -61,9 +65,6 @@ if (! check_acl($config['id_user'], 0, 'ER') } -$event_a = check_acl($config['id_user'], 0, 'ER'); -$event_w = check_acl($config['id_user'], 0, 'EW'); -$event_m = check_acl($config['id_user'], 0, 'EM'); $access = ($event_a == true) ? 'ER' : (($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'ER')); @@ -237,6 +238,9 @@ if (is_ajax()) { ]; if (!is_metaconsole()) { $fields[] = 'am.nombre as id_agentmodule'; + $fields[] = 'ta.server_name as server_name'; + } else { + $fields[] = 'ts.server_name as server_name'; } $events = events_get_all( @@ -603,7 +607,7 @@ if ($pure) { $sound_event['text'] = ''.html_print_image('images/sound.png', true, ['title' => __('Sound events')]).''; // If the user has administrator permission display manage tab. - if (check_acl($config['id_user'], 0, 'EW') || check_acl($config['id_user'], 0, 'EM')) { + if ($event_w || $event_m) { // Manage events. $manage_events['active'] = false; $manage_events['text'] = ''.html_print_image('images/setup.png', true, ['title' => __('Manage events')]).''; @@ -880,12 +884,14 @@ $buttons[] = [ 'onclick' => '', ]; -$buttons[] = [ - 'id' => 'save-filter', - 'class' => 'float-left margin-right-2 sub wand', - 'text' => __('Save filter'), - 'onclick' => '', -]; +if ($event_w || $event_m) { + $buttons[] = [ + 'id' => 'save-filter', + 'class' => 'float-left margin-right-2 sub wand', + 'text' => __('Save filter'), + 'onclick' => '', + ]; +} /* * Advanced filter. @@ -1374,12 +1380,12 @@ $sql_event_resp = "SELECT id, name FROM tevent_response WHERE type LIKE 'command $event_responses = db_get_all_rows_sql($sql_event_resp); if ($config['event_replication'] != 1) { - if (check_acl($config['id_user'], 0, 'EW') == 1 && !$readonly) { + if ($event_w && !$readonly) { $array_events_actions['in_progress_selected'] = __('In progress selected'); $array_events_actions['validate_selected'] = __('Validate selected'); } - if (check_acl($config['id_user'], 0, 'EM') == 1 && !$readonly) { + if ($event_m == 1 && !$readonly) { $array_events_actions['delete_selected'] = __('Delete selected'); } } From 526ebdebd9f2ca8dc1f0008245b4af84ad81bb26 Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Thu, 20 Jun 2019 21:11:56 +0200 Subject: [PATCH 20/37] ajax comments --- pandora_console/include/ajax/events.php | 100 +++++++++- pandora_console/include/functions_events.php | 178 +++++++++--------- .../include/javascript/pandora_events.js | 5 +- pandora_console/operation/events/events.php | 10 +- 4 files changed, 194 insertions(+), 99 deletions(-) diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index 05a6e3ad07..a7d23ca015 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -82,12 +82,65 @@ $in_process_event = get_parameter('in_process_event', 0); $validate_event = get_parameter('validate_event', 0); $delete_event = get_parameter('delete_event', 0); $get_event_filters = get_parameter('get_event_filters', 0); +$get_comments = get_parameter('get_comments', 0); +if ($get_comments) { + $event = get_parameter('event', false); + $filter = get_parameter('filter', false); + + if ($event === false) { + return __('Failed to retrieve comments'); + } + + if ($filter['group_rep'] == 1) { + $events = events_get_all( + ['te.*'], + // Filter. + $filter, + // Offset. + null, + // Limit. + null, + // Order. + null, + // Sort_field. + null, + // History. + $filter['history'], + // Return_sql. + false, + // Having. + sprintf( + ' HAVING max_id_evento = %d', + $event['id_evento'] + ) + ); + if ($events !== false) { + $event = $events[0]; + } + } else { + $events = events_get_event( + $event['id_evento'], + false, + $meta, + $history + ); + + if ($events !== false) { + $event = $events[0]; + } + } + + echo events_page_comments($event, true); + + return; +} if ($get_event_filters) { $event_filter = events_get_event_filter_select(); echo io_json_mb_encode($event_filter); + return; } // Delete event (filtered or not). @@ -1058,6 +1111,7 @@ if ($get_extended_event) { global $config; $event = get_parameter('event', false); + $filter = get_parameter('filter', false); if ($event === false) { return; @@ -1253,7 +1307,7 @@ if ($get_extended_event) { $general = events_page_general($event); - $comments = events_page_comments($event); + $comments = '
'; $notifications = ''; $notifications .= ''; @@ -1264,6 +1318,18 @@ if ($get_extended_event) { $loading = ''; + $i = 0; + $tab['general'] = $i++; + $tab['details'] = $i++; + if (!empty($related)) { + $tab['related'] = $i++; + } + + $tab['custom_fields'] = $i++; + $tab['comments'] = $i++; + $tab['responses'] = $i++; + $tab['custom_data'] = $i++; + $out = '
'.$tabs.$notifications.$loading.$general.$details.$related.$custom_fields.$comments.$responses.$custom_data.html_print_input_hidden('id_event', $event['id_evento']).'
'; $js = '