diff --git a/pandora_console/extras/mr/35.sql b/pandora_console/extras/mr/35.sql index 86236df36f..3a002f44f8 100644 --- a/pandora_console/extras/mr/35.sql +++ b/pandora_console/extras/mr/35.sql @@ -1,5 +1,6 @@ START TRANSACTION; +ALTER TABLE `tmap` ADD COLUMN `id_group_map` INT(10) UNSIGNED NOT NULL default 0; ALTER TABLE `tevent_filter` MODIFY `severity` TEXT NOT NULL; -COMMIT; \ No newline at end of file +COMMIT; diff --git a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql index 0c95628752..bbc07ad08c 100644 --- a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql +++ b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql @@ -1195,6 +1195,8 @@ CREATE TABLE IF NOT EXISTS `tmap` ( `generation_method` INTEGER UNSIGNED NOT NULL default 0, `generated` INTEGER UNSIGNED NOT NULL default 0, `filter` TEXT, + `id_group_map` INT(10) UNSIGNED NOT NULL default 0, + PRIMARY KEY(`id`) ) ENGINE = InnoDB DEFAULT CHARSET=utf8; diff --git a/pandora_console/include/functions_networkmap.php b/pandora_console/include/functions_networkmap.php index dda25538ee..56172331c6 100644 --- a/pandora_console/include/functions_networkmap.php +++ b/pandora_console/include/functions_networkmap.php @@ -1453,6 +1453,20 @@ function networkmap_delete_nodes($id_map) } +/** + * Delete relations given id_map + * + * @param integer $id_map + * @return integer result + */ +function networkmap_delete_relations($id_map) +{ + $result = db_process_sql_delete('trel_item', ['id_map' => $id_map]); + + return $result; +} + + function get_networkmaps($id) { $groups = array_keys(users_get_groups(null, 'IW')); diff --git a/pandora_console/operation/agentes/pandora_networkmap.editor.php b/pandora_console/operation/agentes/pandora_networkmap.editor.php index 7f698d8653..d719df08cd 100644 --- a/pandora_console/operation/agentes/pandora_networkmap.editor.php +++ b/pandora_console/operation/agentes/pandora_networkmap.editor.php @@ -81,8 +81,8 @@ if ($edit_networkmap) { $id_group = $values['id_group']; // ACL for the network map. - $networkmap_write = check_acl($config['id_user'], $id_group, 'MW'); - $networkmap_manage = check_acl($config['id_user'], $id_group, 'MM'); + $networkmap_write = check_acl($config['id_user'], $id_group_map, 'MW'); + $networkmap_manage = check_acl($config['id_user'], $id_group_map, 'MM'); if (!$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -95,6 +95,9 @@ if ($edit_networkmap) { $name = io_safe_output($values['name']); + // Id group of the map itself, not data source. + $id_group_map = $values['id_group_map']; + $description = $values['description']; $filter = json_decode($values['filter'], true); @@ -267,8 +270,8 @@ if ($not_found) { $config['id_user'], 'AR', true, - 'id_group', - $id_group, + 'id_group_map', + $id_group_map, '', '', '', @@ -329,6 +332,28 @@ if ($not_found) { $table->data['source_data_ip_mask'][0] = __('Source from CIDR IP mask'); $table->data['source_data_ip_mask'][1] = html_print_input_text('ip_mask', $ip_mask, '', 20, 255, true, $disabled_source); + $table->data['source_data_group'][0] = __('Source group'); + $table->data['source_data_group'][1] = html_print_select_groups( + $config['id_user'], + 'AR', + true, + 'id_group', + $id_group, + '', + '', + '', + true + ); + $table->data['source_data_group'][1] .= html_print_image( + 'images/error.png', + true, + [ + 'id' => 'group_change_warning', + 'title' => __('Source id group changed. All elements in networkmap will be lost.'), + 'style' => 'display : none', + ] + ); + $table->data['source_data_dont_show_subgroups'][0] = __('Don\'t show subgroups:'); $table->data['source_data_dont_show_subgroups'][1] = html_print_checkbox( 'dont_show_subgroups', @@ -379,7 +404,7 @@ if ($not_found) { $table->data['kval'][0] = __('Default ideal node separation'); $table->data['kval'][1] = html_print_input_text('kval', $kval, '', 5, 10, true, $disabled_source, false, $itemClass).ui_print_help_tip(__('Only fdp. Default ideal node separation in the layout. By default 0.3'), true); - echo '
'; + echo ''; html_print_table($table); @@ -420,8 +445,11 @@ $(document).ready(function() { .css('display', 'none'); $("#form_editor-source_data_dont_show_subgroups") .css('display', 'none'); + $("#form_editor-source_data_group") + .css('display', 'none'); $("#form_editor-source_data_recon_task") .css('display', ''); + } else if (source == 'ip_mask') { $("#form_editor-source_data_ip_mask") @@ -430,6 +458,8 @@ $(document).ready(function() { .css('display', 'none'); $("#form_editor-source_data_dont_show_subgroups") .css('display', 'none'); + $("#form_editor-source_data_group") + .css('display', 'none'); } else if (source == 'group') { $("#form_editor-source_data_ip_mask") @@ -438,6 +468,8 @@ $(document).ready(function() { .css('display', 'none'); $("#form_editor-source_data_dont_show_subgroups") .css('display', ''); + $("#form_editor-source_data_group") + .css('display', ''); } }); @@ -508,5 +540,53 @@ $(document).ready(function() { $("input[name='source']").trigger("change"); $("#method").trigger("change"); + + + // Control if id_group has changed. + var id_group_old = $("#id_group").val(); + var id_group_changed = false; + + $("#id_group").on('change',{id_group_old: id_group_old}, function () { + + var id_group_new = $("#id_group").val(); + if((id_group_old != id_group_new) && (update_networkmap == 1 )) { + id_group_changed = true; + $("#group_change_warning").show(); + + } else { + id_group_changed = false; + $("#group_change_warning").hide(); + } + }); + + var update_networkmap = 0; + // Show advice if id_group has changed. + update_networkmap = $("input[name='update_networkmap']").val(); + + $( "#submit-crt" ).click(function( event ) { + + if(update_networkmap == 1 && id_group_changed === true) { + confirmDialog({ + title: '', + message: '', + ok: '', + cancel: '', + onDeny: function() { + // Continue execution. + return false; + }, + onAccept: function () { + // Submit form + $("#networkmap_options_form").submit(); + } + }) + event.preventDefault(); + } + }); + + +}); + + diff --git a/pandora_console/operation/agentes/pandora_networkmap.php b/pandora_console/operation/agentes/pandora_networkmap.php index 2aa1404e30..97ebcf82c3 100644 --- a/pandora_console/operation/agentes/pandora_networkmap.php +++ b/pandora_console/operation/agentes/pandora_networkmap.php @@ -12,10 +12,10 @@ // Load global variables global $config; -// Check user credentials +// Check user credentials. check_login(); -// General ACL for the network maps +// General ACL for the network maps. $networkmaps_read = check_acl($config['id_user'], 0, 'MR'); $networkmaps_write = check_acl($config['id_user'], 0, 'MW'); $networkmaps_manage = check_acl($config['id_user'], 0, 'MM'); @@ -53,11 +53,12 @@ if (enterprise_installed()) { if ($save_empty_networkmap) { $id_group = (int) get_parameter('id_group', 0); + $id_group_map = (int) get_paramater('id_group_map', 0); - // ACL for the network map + // ACL for the network map. // $networkmap_read = check_acl ($config['id_user'], $id_group, "MR"); - $networkmap_write = check_acl($config['id_user'], $id_group, 'MW'); - $networkmap_manage = check_acl($config['id_user'], $id_group, 'MM'); + $networkmap_write = check_acl($config['id_user'], $id_group_map, 'MW'); + $networkmap_manage = check_acl($config['id_user'], $id_group_map, 'MM'); if (!$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -93,6 +94,7 @@ if (enterprise_installed()) { $values['description'] = $description; $values['source'] = 0; $values['source_data'] = $id_group; + $values['id_group_map'] = $id_group_map; if (!$networkmap_write && !$networkmap_manage) { @@ -139,10 +141,12 @@ if (enterprise_installed()) { } } else if ($update_empty_networkmap) { $id_group = (int) get_parameter('id_group', 0); + $id_group_map = (int) get_parameter('id_group_map', 0); + // ACL for the new network map - $networkmap_write_new = check_acl($config['id_user'], $id_group, 'MW'); - $networkmap_manage_new = check_acl($config['id_user'], $id_group, 'MM'); + $networkmap_write_new = check_acl($config['id_user'], $id_group_map, 'MW'); + $networkmap_manage_new = check_acl($config['id_user'], $id_group_map, 'MM'); if (!$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -221,11 +225,13 @@ if ($new_networkmap || $save_networkmap) { if ($save_networkmap) { $id_group = (int) get_parameter('id_group', 0); + $id_group_map = (int) get_parameter('id_group_map', 0); + // ACL for the network map // $networkmap_read = check_acl ($config['id_user'], $id_group, "MR"); - $networkmap_write = check_acl($config['id_user'], $id_group, 'MW'); - $networkmap_manage = check_acl($config['id_user'], $id_group, 'MM'); + $networkmap_write = check_acl($config['id_user'], $id_group_map, 'MW'); + $networkmap_manage = check_acl($config['id_user'], $id_group_map, 'MM'); if (!$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -282,6 +288,7 @@ if ($new_networkmap || $save_networkmap) { $values['height'] = $height; $values['id_user'] = $config['id_user']; $values['description'] = $description; + $values['id_group_map'] = $id_group_map; switch ($method) { case 'twopi': @@ -401,8 +408,10 @@ else if ($update_networkmap || $copy_networkmap || $delete) { return; } - $id_group_old = db_get_value('id_group', 'tmap', 'id', $id); - if ($id_group_old === false) { + // ACL for the network map. + $id_group_map_old = db_get_value('id_group_map', 'tmap', 'id', $id); + + if ($id_group_map_old === false) { db_pandora_audit( 'ACL Violation', 'Trying to accessnode graph builder' @@ -411,9 +420,8 @@ else if ($update_networkmap || $copy_networkmap || $delete) { return; } - // ACL for the network map - $networkmap_write = check_acl($config['id_user'], $id_group_old, 'MW'); - $networkmap_manage = check_acl($config['id_user'], $id_group_old, 'MM'); + $networkmap_write = check_acl($config['id_user'], $id_group_map_old, 'MW'); + $networkmap_manage = check_acl($config['id_user'], $id_group_map_old, 'MM'); if (!$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -426,10 +434,14 @@ else if ($update_networkmap || $copy_networkmap || $delete) { if ($update_networkmap) { $id_group = (int) get_parameter('id_group', 0); + // Get id of old group source to check changes. + $id_group_old = db_get_value('id_group', 'tmap', 'id', $id); + // ACL for the new network map - $networkmap_write_new = check_acl($config['id_user'], $id_group, 'MW'); - $networkmap_manage_new = check_acl($config['id_user'], $id_group, 'MM'); + $id_group_map = (int) get_parameter('id_group_map', 0); + $networkmap_write_new = check_acl($config['id_user'], $id_group_map, 'MW'); + $networkmap_manage_new = check_acl($config['id_user'], $id_group_map, 'MM'); if (!$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -456,6 +468,7 @@ else if ($update_networkmap || $copy_networkmap || $delete) { $values = []; $values['name'] = $name; $values['id_group'] = $id_group; + $values['id_group_map'] = $id_group_map; $description = get_parameter('description', ''); $values['description'] = $description; @@ -493,6 +506,8 @@ else if ($update_networkmap || $copy_networkmap || $delete) { // If change the group, the map must be regenerated if ($id_group != $id_group_old) { networkmap_delete_nodes($id); + // Delete relations. + networkmap_delete_relations($id); } $networkmap_write = $networkmap_write_new; @@ -701,9 +716,9 @@ switch ($tab) { $network_maps = db_get_all_rows_filter( 'tmap', [ - 'id_group' => $id_groups, - 'limit' => $limit, - 'offset' => $offset, + 'id_group_map' => $id_groups, + 'limit' => $limit, + 'offset' => $offset, ] ); @@ -712,9 +727,9 @@ switch ($tab) { foreach ($network_maps as $network_map) { // ACL for the network map - $networkmap_read = check_acl($config['id_user'], $network_map['id_group'], 'MR'); - $networkmap_write = check_acl($config['id_user'], $network_map['id_group'], 'MW'); - $networkmap_manage = check_acl($config['id_user'], $network_map['id_group'], 'MM'); + $networkmap_read = check_acl($config['id_user'], $network_map['id_group_map'], 'MR'); + $networkmap_write = check_acl($config['id_user'], $network_map['id_group_map'], 'MW'); + $networkmap_manage = check_acl($config['id_user'], $network_map['id_group_map'], 'MM'); if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -722,7 +737,7 @@ switch ($tab) { 'Trying to access networkmap enterprise' ); include 'general/noaccess.php'; - return; + continue; } $data = []; @@ -768,7 +783,7 @@ switch ($tab) { } } - $data['groups'] = ui_print_group_icon($network_map['id_group'], true); + $data['groups'] = ui_print_group_icon($network_map['id_group_map'], true); if ($networkmap_write || $networkmap_manage) { $table->cellclass[] = [ diff --git a/pandora_console/operation/agentes/pandora_networkmap.view.php b/pandora_console/operation/agentes/pandora_networkmap.view.php index 2ee34806d9..3c4565fe9a 100644 --- a/pandora_console/operation/agentes/pandora_networkmap.view.php +++ b/pandora_console/operation/agentes/pandora_networkmap.view.php @@ -576,8 +576,8 @@ if (is_ajax()) { $filter = json_encode($array_filter); // ACL for the network map. - $networkmap_write = check_acl($config['id_user'], $networkmap['id_group'], 'MW'); - $networkmap_manage = check_acl($config['id_user'], $networkmap['id_group'], 'MM'); + $networkmap_write = check_acl($config['id_user'], $networkmap['id_group_map'], 'MW'); + $networkmap_manage = check_acl($config['id_user'], $networkmap['id_group_map'], 'MM'); if (!$networkmap_write && !$networkmap_manage) { db_pandora_audit( @@ -800,9 +800,9 @@ if ($networkmap === false) { return; } else { // ACL for the network map. - $networkmap_read = check_acl($config['id_user'], $networkmap['id_group'], 'MR'); - $networkmap_write = check_acl($config['id_user'], $networkmap['id_group'], 'MW'); - $networkmap_manage = check_acl($config['id_user'], $networkmap['id_group'], 'MM'); + $networkmap_read = check_acl($config['id_user'], $networkmap['id_group_map'], 'MR'); + $networkmap_write = check_acl($config['id_user'], $networkmap['id_group_map'], 'MW'); + $networkmap_manage = check_acl($config['id_user'], $networkmap['id_group_map'], 'MM'); if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) { db_pandora_audit( diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index a42a9592c3..134eceba32 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -2188,6 +2188,7 @@ CREATE TABLE IF NOT EXISTS `tmap` ( `generation_method` INTEGER UNSIGNED NOT NULL default 0, `generated` INTEGER UNSIGNED NOT NULL default 0, `filter` TEXT, + `id_group_map` INT(10) UNSIGNED NOT NULL default 0, PRIMARY KEY(`id`) ) ENGINE = InnoDB DEFAULT CHARSET=utf8;