tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-5219-fallo-cambiar-grupo-mapa-red' into 'develop' 

Fixed group change on networkmap.ACL and source group working separated

See merge request artica/pandorafms!3010
This commit is contained in:
Daniel Rodriguez 2020-01-15 12:14:37 +01:00
parent 6bf5d07a2c 2926ead13b
commit 4cc0fb0090
7 changed files with 148 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pandora_console/extras/mr/35.sql
View File

@ -1,5 +1,6 @@
START TRANSACTION;
ALTER TABLE `tmap` ADD COLUMN `id_group_map` INT(10) UNSIGNED NOT NULL default 0;
ALTER TABLE `tevent_filter` MODIFY `severity` TEXT NOT NULL;
COMMIT;
COMMIT;

2
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -1195,6 +1195,8 @@ CREATE TABLE IF NOT EXISTS `tmap` (
`generation_method` INTEGER UNSIGNED NOT NULL default 0,
`generated` INTEGER UNSIGNED NOT NULL default 0,
`filter` TEXT,
`id_group_map` INT(10) UNSIGNED NOT NULL default 0,
PRIMARY KEY(`id`)
) ENGINE = InnoDB DEFAULT CHARSET=utf8;

14
pandora_console/include/functions_networkmap.php
View File

@ -1453,6 +1453,20 @@ function networkmap_delete_nodes($id_map)
}
/**
* Delete relations given id_map
*
* @param integer $id_map
* @return integer result
*/
function networkmap_delete_relations($id_map)
{
$result = db_process_sql_delete('trel_item', ['id_map' => $id_map]);
return $result;
}
function get_networkmaps($id)
{
$groups = array_keys(users_get_groups(null, 'IW'));

90
pandora_console/operation/agentes/pandora_networkmap.editor.php
View File

@ -81,8 +81,8 @@ if ($edit_networkmap) {
$id_group = $values['id_group'];
// ACL for the network map.
$networkmap_write = check_acl($config['id_user'], $id_group, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group, 'MM');
$networkmap_write = check_acl($config['id_user'], $id_group_map, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group_map, 'MM');
if (!$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -95,6 +95,9 @@ if ($edit_networkmap) {
$name = io_safe_output($values['name']);
// Id group of the map itself, not data source.
$id_group_map = $values['id_group_map'];
$description = $values['description'];
$filter = json_decode($values['filter'], true);
@ -267,8 +270,8 @@ if ($not_found) {
$config['id_user'],
'AR',
true,
'id_group',
$id_group,
'id_group_map',
$id_group_map,
'',
'',
'',
@ -329,6 +332,28 @@ if ($not_found) {
$table->data['source_data_ip_mask'][0] = __('Source from CIDR IP mask');
$table->data['source_data_ip_mask'][1] = html_print_input_text('ip_mask', $ip_mask, '', 20, 255, true, $disabled_source);
$table->data['source_data_group'][0] = __('Source group');
$table->data['source_data_group'][1] = html_print_select_groups(
$config['id_user'],
'AR',
true,
'id_group',
$id_group,
'',
'',
'',
true
);
$table->data['source_data_group'][1] .= html_print_image(
'images/error.png',
true,
[
'id' => 'group_change_warning',
'title' => __('Source id group changed. All elements in networkmap will be lost.'),
'style' => 'display : none',
]
);
$table->data['source_data_dont_show_subgroups'][0] = __('Don\'t show subgroups:');
$table->data['source_data_dont_show_subgroups'][1] = html_print_checkbox(
'dont_show_subgroups',
@ -379,7 +404,7 @@ if ($not_found) {
$table->data['kval'][0] = __('Default ideal node separation');
$table->data['kval'][1] = html_print_input_text('kval', $kval, '', 5, 10, true, $disabled_source, false, $itemClass).ui_print_help_tip(__('Only fdp. Default ideal node separation in the layout. By default 0.3'), true);
echo '<form method="post" action="index.php?sec=network&amp;sec2=operation/agentes/pandora_networkmap">';
echo '<form id="networkmap_options_form" method="post" action="index.php?sec=network&amp;sec2=operation/agentes/pandora_networkmap">';
html_print_table($table);
@ -420,8 +445,11 @@ $(document).ready(function() {
.css('display', 'none');
$("#form_editor-source_data_dont_show_subgroups")
.css('display', 'none');
$("#form_editor-source_data_group")
.css('display', 'none');
$("#form_editor-source_data_recon_task")
.css('display', '');
}
else if (source == 'ip_mask') {
$("#form_editor-source_data_ip_mask")
@ -430,6 +458,8 @@ $(document).ready(function() {
.css('display', 'none');
$("#form_editor-source_data_dont_show_subgroups")
.css('display', 'none');
$("#form_editor-source_data_group")
.css('display', 'none');
}
else if (source == 'group') {
$("#form_editor-source_data_ip_mask")
@ -438,6 +468,8 @@ $(document).ready(function() {
.css('display', 'none');
$("#form_editor-source_data_dont_show_subgroups")
.css('display', '');
$("#form_editor-source_data_group")
.css('display', '');
}
});
@ -508,5 +540,53 @@ $(document).ready(function() {
$("input[name='source']").trigger("change");
$("#method").trigger("change");
// Control if id_group has changed.
var id_group_old = $("#id_group").val();
var id_group_changed = false;
$("#id_group").on('change',{id_group_old: id_group_old}, function () {
var id_group_new = $("#id_group").val();
if((id_group_old != id_group_new) && (update_networkmap == 1 )) {
id_group_changed = true;
$("#group_change_warning").show();
} else {
id_group_changed = false;
$("#group_change_warning").hide();
}
});
var update_networkmap = 0;
// Show advice if id_group has changed.
update_networkmap = $("input[name='update_networkmap']").val();
$( "#submit-crt" ).click(function( event ) {
if(update_networkmap == 1 && id_group_changed === true) {
confirmDialog({
title: '<?php echo __('Are you sure?'); ?>',
message: '<?php echo __('Source id group changed. All elements in Networkmap will be lost'); ?>',
ok: '<?php echo __('OK'); ?>',
cancel: '<?php echo __('Cancel'); ?>',
onDeny: function() {
// Continue execution.
return false;
},
onAccept: function () {
// Submit form
$("#networkmap_options_form").submit();
}
})
event.preventDefault();
}
});
});
</script>

63
pandora_console/operation/agentes/pandora_networkmap.php
View File

@ -12,10 +12,10 @@
// Load global variables
global $config;
// Check user credentials
// Check user credentials.
check_login();
// General ACL for the network maps
// General ACL for the network maps.
$networkmaps_read = check_acl($config['id_user'], 0, 'MR');
$networkmaps_write = check_acl($config['id_user'], 0, 'MW');
$networkmaps_manage = check_acl($config['id_user'], 0, 'MM');
@ -53,11 +53,12 @@ if (enterprise_installed()) {
if ($save_empty_networkmap) {
$id_group = (int) get_parameter('id_group', 0);
$id_group_map = (int) get_paramater('id_group_map', 0);
// ACL for the network map
// ACL for the network map.
// $networkmap_read = check_acl ($config['id_user'], $id_group, "MR");
$networkmap_write = check_acl($config['id_user'], $id_group, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group, 'MM');
$networkmap_write = check_acl($config['id_user'], $id_group_map, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group_map, 'MM');
if (!$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -93,6 +94,7 @@ if (enterprise_installed()) {
$values['description'] = $description;
$values['source'] = 0;
$values['source_data'] = $id_group;
$values['id_group_map'] = $id_group_map;
if (!$networkmap_write && !$networkmap_manage) {
@ -139,10 +141,12 @@ if (enterprise_installed()) {
}
} else if ($update_empty_networkmap) {
$id_group = (int) get_parameter('id_group', 0);
$id_group_map = (int) get_parameter('id_group_map', 0);
// ACL for the new network map
$networkmap_write_new = check_acl($config['id_user'], $id_group, 'MW');
$networkmap_manage_new = check_acl($config['id_user'], $id_group, 'MM');
$networkmap_write_new = check_acl($config['id_user'], $id_group_map, 'MW');
$networkmap_manage_new = check_acl($config['id_user'], $id_group_map, 'MM');
if (!$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -221,11 +225,13 @@ if ($new_networkmap || $save_networkmap) {
if ($save_networkmap) {
$id_group = (int) get_parameter('id_group', 0);
$id_group_map = (int) get_parameter('id_group_map', 0);
// ACL for the network map
// $networkmap_read = check_acl ($config['id_user'], $id_group, "MR");
$networkmap_write = check_acl($config['id_user'], $id_group, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group, 'MM');
$networkmap_write = check_acl($config['id_user'], $id_group_map, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group_map, 'MM');
if (!$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -282,6 +288,7 @@ if ($new_networkmap || $save_networkmap) {
$values['height'] = $height;
$values['id_user'] = $config['id_user'];
$values['description'] = $description;
$values['id_group_map'] = $id_group_map;
switch ($method) {
case 'twopi':
@ -401,8 +408,10 @@ else if ($update_networkmap || $copy_networkmap || $delete) {
return;
}
$id_group_old = db_get_value('id_group', 'tmap', 'id', $id);
if ($id_group_old === false) {
// ACL for the network map.
$id_group_map_old = db_get_value('id_group_map', 'tmap', 'id', $id);
if ($id_group_map_old === false) {
db_pandora_audit(
'ACL Violation',
'Trying to accessnode graph builder'
@ -411,9 +420,8 @@ else if ($update_networkmap || $copy_networkmap || $delete) {
return;
}
// ACL for the network map
$networkmap_write = check_acl($config['id_user'], $id_group_old, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group_old, 'MM');
$networkmap_write = check_acl($config['id_user'], $id_group_map_old, 'MW');
$networkmap_manage = check_acl($config['id_user'], $id_group_map_old, 'MM');
if (!$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -426,10 +434,14 @@ else if ($update_networkmap || $copy_networkmap || $delete) {
if ($update_networkmap) {
$id_group = (int) get_parameter('id_group', 0);
// Get id of old group source to check changes.
$id_group_old = db_get_value('id_group', 'tmap', 'id', $id);
// ACL for the new network map
$networkmap_write_new = check_acl($config['id_user'], $id_group, 'MW');
$networkmap_manage_new = check_acl($config['id_user'], $id_group, 'MM');
$id_group_map = (int) get_parameter('id_group_map', 0);
$networkmap_write_new = check_acl($config['id_user'], $id_group_map, 'MW');
$networkmap_manage_new = check_acl($config['id_user'], $id_group_map, 'MM');
if (!$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -456,6 +468,7 @@ else if ($update_networkmap || $copy_networkmap || $delete) {
$values = [];
$values['name'] = $name;
$values['id_group'] = $id_group;
$values['id_group_map'] = $id_group_map;
$description = get_parameter('description', '');
$values['description'] = $description;
@ -493,6 +506,8 @@ else if ($update_networkmap || $copy_networkmap || $delete) {
// If change the group, the map must be regenerated
if ($id_group != $id_group_old) {
networkmap_delete_nodes($id);
// Delete relations.
networkmap_delete_relations($id);
}
$networkmap_write = $networkmap_write_new;
@ -701,9 +716,9 @@ switch ($tab) {
$network_maps = db_get_all_rows_filter(
'tmap',
[
'id_group' => $id_groups,
'limit' => $limit,
'offset' => $offset,
'id_group_map' => $id_groups,
'limit' => $limit,
'offset' => $offset,
]
);
@ -712,9 +727,9 @@ switch ($tab) {
foreach ($network_maps as $network_map) {
// ACL for the network map
$networkmap_read = check_acl($config['id_user'], $network_map['id_group'], 'MR');
$networkmap_write = check_acl($config['id_user'], $network_map['id_group'], 'MW');
$networkmap_manage = check_acl($config['id_user'], $network_map['id_group'], 'MM');
$networkmap_read = check_acl($config['id_user'], $network_map['id_group_map'], 'MR');
$networkmap_write = check_acl($config['id_user'], $network_map['id_group_map'], 'MW');
$networkmap_manage = check_acl($config['id_user'], $network_map['id_group_map'], 'MM');
if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -722,7 +737,7 @@ switch ($tab) {
'Trying to access networkmap enterprise'
);
include 'general/noaccess.php';
return;
continue;
}
$data = [];
@ -768,7 +783,7 @@ switch ($tab) {
}
}
$data['groups'] = ui_print_group_icon($network_map['id_group'], true);
$data['groups'] = ui_print_group_icon($network_map['id_group_map'], true);
if ($networkmap_write || $networkmap_manage) {
$table->cellclass[] = [

10
pandora_console/operation/agentes/pandora_networkmap.view.php
View File

@ -576,8 +576,8 @@ if (is_ajax()) {
$filter = json_encode($array_filter);
// ACL for the network map.
$networkmap_write = check_acl($config['id_user'], $networkmap['id_group'], 'MW');
$networkmap_manage = check_acl($config['id_user'], $networkmap['id_group'], 'MM');
$networkmap_write = check_acl($config['id_user'], $networkmap['id_group_map'], 'MW');
$networkmap_manage = check_acl($config['id_user'], $networkmap['id_group_map'], 'MM');
if (!$networkmap_write && !$networkmap_manage) {
db_pandora_audit(
@ -800,9 +800,9 @@ if ($networkmap === false) {
return;
} else {
// ACL for the network map.
$networkmap_read = check_acl($config['id_user'], $networkmap['id_group'], 'MR');
$networkmap_write = check_acl($config['id_user'], $networkmap['id_group'], 'MW');
$networkmap_manage = check_acl($config['id_user'], $networkmap['id_group'], 'MM');
$networkmap_read = check_acl($config['id_user'], $networkmap['id_group_map'], 'MR');
$networkmap_write = check_acl($config['id_user'], $networkmap['id_group_map'], 'MW');
$networkmap_manage = check_acl($config['id_user'], $networkmap['id_group_map'], 'MM');
if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) {
db_pandora_audit(

1
pandora_console/pandoradb.sql
View File

@ -2188,6 +2188,7 @@ CREATE TABLE IF NOT EXISTS `tmap` (
`generation_method` INTEGER UNSIGNED NOT NULL default 0,
`generated` INTEGER UNSIGNED NOT NULL default 0,
`filter` TEXT,
`id_group_map` INT(10) UNSIGNED NOT NULL default 0,
PRIMARY KEY(`id`)
) ENGINE = InnoDB DEFAULT CHARSET=utf8;