diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index eef79d3805..12d6d62d1f 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,25 @@ +2013-01-10 Sergio Martin + + * include/functions_ui.php + include/functions_agents.php + include/functions_tags.php + operation/tree.php + operation/agentes/status_monitor.php + operation/agentes/alerts_status.php + operation/agentes/estado_ultimopaquete.php + operation/agentes/estado_agente.php + operation/agentes/status_events.php + operation/agentes/estado_monitores.php + operation/agentes/tactical.php + operation/agentes/group_view.php + operation/agentes/networkmap.php + operation/events/events_list.php + general/logon_ok.php + godmode/agentes/module_manager.php + godmode/alerts/alert_list.list.php: Add tags acl checks to modules + and alerts view. Add warn messages to zones with status counts when the + user has acl tags assigned + 2013-01-10 Juan Manuel Ramon * pandoradb_data.sql diff --git a/pandora_console/general/logon_ok.php b/pandora_console/general/logon_ok.php index 444205c207..6d2fd22f42 100644 --- a/pandora_console/general/logon_ok.php +++ b/pandora_console/general/logon_ok.php @@ -30,6 +30,9 @@ require_once ($config["homedir"] . '/include/functions_graph.php'); ui_print_page_header (__('Welcome to Pandora FMS Web Console')); +if(tags_has_user_acl_tags()) { + ui_print_tags_warning(); +} // --------------------------------------------------------------------------- // Site news ! // --------------------------------------------------------------------------- diff --git a/pandora_console/godmode/agentes/module_manager.php b/pandora_console/godmode/agentes/module_manager.php index acb4232ead..2028da4591 100644 --- a/pandora_console/godmode/agentes/module_manager.php +++ b/pandora_console/godmode/agentes/module_manager.php @@ -348,9 +348,6 @@ switch ($sortField) { break; } -// TODO: CLEAN extra_sql -$extra_sql = ''; - // Build the order sql if (!empty($order)) { $order_sql = ' ORDER BY '; @@ -383,6 +380,8 @@ $search_string_entities = io_safe_input($search_string); $basic_where = sprintf("(nombre LIKE '%%%s%%' OR nombre LIKE '%%%s%%' OR descripcion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%') AND", $search_string, $search_string_entities, $search_string, $search_string_entities); +$where_tags = tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 'tagente_modulo'); + switch ($config["dbtype"]) { case "postgresql": $limit_sql = " LIMIT $limit OFFSET $offset "; @@ -392,8 +391,8 @@ switch ($config["dbtype"]) { } $sql = sprintf("SELECT %s FROM tagente_modulo - WHERE %s (%s %s) %s %s", - $params, $basic_where, $extra_sql, $where, $order_sql, $limit_sql); + WHERE %s %s %s %s %s", + $params, $basic_where, $where, $where_tags, $order_sql, $limit_sql); $modules = db_get_all_rows_sql($sql); break; @@ -403,15 +402,15 @@ switch ($config["dbtype"]) { $set['offset'] = $offset; $sql = sprintf("SELECT %s FROM tagente_modulo - WHERE %s (%s %s) %s", - $params, $basic_where, $extra_sql, $where, $order_sql); + WHERE %s %s %s %s", + $params, $basic_where, $where, $where_tags, $order_sql); $modules = oracle_recode_query ($sql, $set, 'AND', false); break; } $sql_total_modules = sprintf("SELECT count(*) FROM tagente_modulo - WHERE %s (%s %s)", $basic_where, $extra_sql, $where); + WHERE %s %s %s", $basic_where, $where, $where_tags); $total_modules = db_get_value_sql($sql_total_modules); diff --git a/pandora_console/godmode/alerts/alert_list.list.php b/pandora_console/godmode/alerts/alert_list.list.php index 7b600b6b44..166d77e5ab 100644 --- a/pandora_console/godmode/alerts/alert_list.list.php +++ b/pandora_console/godmode/alerts/alert_list.list.php @@ -18,13 +18,6 @@ global $config; // Login check check_login (); -if (! check_acl ($config['id_user'], 0, "LW")) { - db_pandora_audit("ACL Violation", - "Trying to access Alert Management"); - require ("general/noaccess.php"); - exit; -} - /* Check if this page is included from a agent edition */ if (! check_acl ($config['id_user'], 0, "LW")) { diff --git a/pandora_console/include/functions_agents.php b/pandora_console/include/functions_agents.php index 9afc5e0b46..7bae68c09c 100644 --- a/pandora_console/include/functions_agents.php +++ b/pandora_console/include/functions_agents.php @@ -184,7 +184,10 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f if (is_array ($options)) { $filter .= db_format_array_where_clause_sql ($options); } + if (($id_agent !== false) && ($idGroup !== false)) { + $where_tags = tags_get_acl_tags($config['id_user'], $idGroup, 'AR', 'module_condition', 'AND', 'tagente_modulo'); + if ($idGroup != 0) { //All group $subQuery = 'SELECT id_agente_modulo FROM tagente_modulo @@ -194,10 +197,15 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f $subQuery = 'SELECT id_agente_modulo FROM tagente_modulo WHERE delete_pending = 0'; } + + $subQuery .= $where_tags; } else if ($id_agent === false) { - if ($allModules) $disabled = ''; - else $disabled = 'WHERE disabled = 0'; + if ($allModules) + $disabled = ''; + else + $disabled = 'WHERE disabled = 0'; + $subQuery = 'SELECT id_agente_modulo FROM tagente_modulo ' . $disabled; } @@ -226,9 +234,6 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f $selectText = 'COUNT(talert_template_modules.id) AS count'; } - // TODO: Clean extra_sql - $extra_sql = ''; - $sql = sprintf ("SELECT %s FROM talert_template_modules INNER JOIN tagente_modulo t2 @@ -237,8 +242,8 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f ON t2.id_agente = t3.id_agente INNER JOIN talert_templates t4 ON talert_template_modules.id_alert_template = t4.id - WHERE (%s id_agent_module in (%s)) %s %s %s", - $selectText, $extra_sql, $subQuery, $where, $filter, $orderbyText); + WHERE id_agent_module in (%s) %s %s %s", + $selectText, $subQuery, $where, $filter, $orderbyText); $alerts = db_get_all_rows_sql ($sql); @@ -1282,6 +1287,10 @@ function agents_get_modules ($id_agent = null, $details = false, $filter = false //$where .= " AND id_policy_module = 0 "; + $where_tags = tags_get_acl_tags($config['id_user'], $id_groups, 'AR', 'module_condition', 'AND', 'tagente_modulo'); + + $where .= $where_tags; + switch ($config["dbtype"]) { case "mysql": case "postgresql": diff --git a/pandora_console/include/functions_tags.php b/pandora_console/include/functions_tags.php index 15f9339960..cb5e0bb1d2 100644 --- a/pandora_console/include/functions_tags.php +++ b/pandora_console/include/functions_tags.php @@ -641,7 +641,7 @@ function tags_get_tags_formatted ($tags_array, $get_url = true) { * @return mixed/string Tag ids */ -function tags_get_acl_tags($id_user, $id_group, $access, $return_mode = 'module_condition', $query_prefix = '', $query_table = '') { +function tags_get_acl_tags($id_user, $id_group, $access = 'AR', $return_mode = 'module_condition', $query_prefix = '', $query_table = '') { global $config; if($id_user == false) { $id_user = $config['id_user']; @@ -851,6 +851,35 @@ function tags_get_acl_tags_event_condition($acltags) { return $condition; } +/** + * Check if a user has assigned acl tags or not (if is admin, is like not acl tags) + * + * @param string ID of the user (with false the user will be taked from config) + * + * @return bool true if the user has tags and false if not + */ +function tags_has_user_acl_tags($id_user = false) { + global $config; + + if($id_user === false) { + $id_user = $config['id_user']; + } + + if(is_user_admin($id_user)) { + return false; + } + + $query = sprintf("SELECT count(*) + FROM tusuario_perfil, tperfil + WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND + tusuario_perfil.id_usuario = '%s' AND tags != ''", + $id_user); + + $user_tags = db_get_value_sql($query); + + return (bool)$user_tags; +} + /** * Get the tags of a user in an ACL flag * @@ -868,7 +897,7 @@ function tags_get_user_tags($id_user = false, $access = 'AR') { // Get all tags to have the name of all of them $all_tags = tags_get_all_tags(); - + // If at least one of the profiles of this access flag hasent // tags restrictions, the user can see all tags $acl_column = get_acl_column($access); @@ -885,7 +914,7 @@ function tags_get_user_tags($id_user = false, $access = 'AR') { $id_user, $acl_column); $profiles_without_tags = db_get_value_sql($query); - + if($profiles_without_tags > 0) { return $all_tags; } diff --git a/pandora_console/include/functions_ui.php b/pandora_console/include/functions_ui.php index de8546104e..d2301c84b0 100644 --- a/pandora_console/include/functions_ui.php +++ b/pandora_console/include/functions_ui.php @@ -462,6 +462,19 @@ function ui_print_username ($username, $return = false) { echo $string; } +function ui_print_tags_warning ($return = false) { + $msg = '
'; + $msg .= __("Is possible that this view uses part of information which your user has not access"); + $msg .= '
'; + + if($return) { + return $msg; + } + else { + echo $msg; + } +} + /** * Print group icon within a link * diff --git a/pandora_console/operation/agentes/alerts_status.php b/pandora_console/operation/agentes/alerts_status.php index e455d9367f..0c9fd42b28 100644 --- a/pandora_console/operation/agentes/alerts_status.php +++ b/pandora_console/operation/agentes/alerts_status.php @@ -274,7 +274,7 @@ if ($print_agent) { ui_toggle(printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_standby, true),__('Alert control filter'), __('Toggle filter(s)')); } -$table->width = '98%'; +$table->width = '100%'; $table->class = "databox"; $table->size = array (); diff --git a/pandora_console/operation/agentes/estado_agente.php b/pandora_console/operation/agentes/estado_agente.php index 00b54acc4e..56e3e0d0d3 100644 --- a/pandora_console/operation/agentes/estado_agente.php +++ b/pandora_console/operation/agentes/estado_agente.php @@ -168,6 +168,10 @@ if (check_acl ($config['id_user'], 0, "AW")) { ui_print_page_header ( __("Agent detail"), "images/bricks.png", false, "agent_status", false, $onheader); +if(tags_has_user_acl_tags()) { + ui_print_tags_warning(); +} + // User is deleting agent if (isset($result_delete)) { if ($result_delete) diff --git a/pandora_console/operation/agentes/estado_monitores.php b/pandora_console/operation/agentes/estado_monitores.php index 10fce500f8..6fcaee2247 100644 --- a/pandora_console/operation/agentes/estado_monitores.php +++ b/pandora_console/operation/agentes/estado_monitores.php @@ -152,8 +152,7 @@ switch ($config["dbtype"]) { break; } -// TODO: Clean extra_sql -$extra_sql = ''; +$tags_sql = tags_get_acl_tags($config['id_user'], $agent['id_grupo'], 'AR', 'module_condition', 'AND', 'tagente_modulo'); $status_filter_monitor = (int)get_parameter('status_filter_monitor', -1); $status_text_monitor = get_parameter('status_text_monitor', ''); @@ -183,9 +182,10 @@ switch ($config["dbtype"]) { LEFT JOIN tmodule_group ON tagente_modulo.id_module_group = tmodule_group.id_mg WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo - AND %s AND %s tagente_estado.utimestamp != 0 + AND %s %s + AND tagente_estado.utimestamp != 0 ORDER BY tagente_modulo.id_module_group , %s %s", - $id_agente, $status_text_monitor_sql, $status_filter_sql, $extra_sql, $order['field'], $order['order']); + $id_agente, $status_text_monitor_sql, $status_filter_sql, $tags_sql, $order['field'], $order['order']); break; case "oracle": $sql = sprintf (" @@ -196,12 +196,12 @@ switch ($config["dbtype"]) { WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo AND tagente_modulo.id_agente = %d AND tagente_modulo.nombre LIKE '%s' - AND %s + AND %s %s AND tagente_modulo.delete_pending = 0 AND tagente_modulo.disabled = 0 AND tagente_estado.utimestamp != 0 ORDER BY tagente_modulo.id_module_group , %s %s - ", $id_agente, $status_text_monitor_sql, $status_filter_sql, $order['field'], $order['order']); + ", $id_agente, $status_text_monitor_sql, $status_filter_sql, $tags_sql, $order['field'], $order['order']); break; } $count_modules = db_get_all_rows_sql ($sql); @@ -223,9 +223,10 @@ switch ($config["dbtype"]) { LEFT JOIN tmodule_group ON tagente_modulo.id_module_group = tmodule_group.id_mg WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo - AND %s AND %s tagente_estado.utimestamp != 0 + AND %s %s + AND tagente_estado.utimestamp != 0 ORDER BY tagente_modulo.id_module_group , %s %s", - $id_agente, $status_text_monitor_sql, $status_filter_sql, $extra_sql, $order['field'], $order['order']); + $id_agente, $status_text_monitor_sql, $status_filter_sql, $tags_sql, $order['field'], $order['order']); break; // If Dbms is Oracle then field_list in sql statement has to be recoded. See oracle_list_all_field_table() case "oracle": @@ -241,12 +242,12 @@ switch ($config["dbtype"]) { WHERE tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo AND tagente_modulo.id_agente = %d AND tagente_modulo.nombre LIKE '%s' - AND %s + AND %s %s AND tagente_modulo.delete_pending = 0 AND tagente_modulo.disabled = 0 AND tagente_estado.utimestamp != 0 ORDER BY tagente_modulo.id_module_group , %s %s - ", $id_agente, $status_text_monitor_sql, $status_filter_sql, $order['field'], $order['order']); + ", $id_agente, $status_text_monitor_sql, $tags_sql, $status_filter_sql, $order['field'], $order['order']); break; } diff --git a/pandora_console/operation/agentes/estado_ultimopaquete.php b/pandora_console/operation/agentes/estado_ultimopaquete.php index 446627876a..a6dc1b8a0c 100644 --- a/pandora_console/operation/agentes/estado_ultimopaquete.php +++ b/pandora_console/operation/agentes/estado_ultimopaquete.php @@ -34,7 +34,7 @@ $timestamp_ref = $agent["ultimo_contacto_remoto"]; $timestamp_lof = $agent["ultimo_contacto"]; $intervalo_agente = $agent["intervalo"]; -// Get last packet +// Get last packet (DEPRECATED CODE???) switch ($config["dbtype"]) { case "mysql": case "postgresql": @@ -175,10 +175,6 @@ switch ($sortField) { break; } -// TODO: clean extra_sql -$extra_sql = ''; - - // Build the order sql if (!empty($order)) { $order_sql = ' ORDER BY '; @@ -220,7 +216,6 @@ $limit = (int) $config["block_size"]; $offset = (int) get_parameter ('offset'); $params = implode(',', array ('*')); -$is_extra_sql = (int)$is_extra; $where = sprintf("(tagente_modulo.id_policy_module = 0 AND disabled = 0 AND tagente_estado.utimestamp !=0 AND tagente_modulo.id_agente = %s AND delete_pending = 0)", $id_agente); @@ -228,6 +223,8 @@ $search_string_entities = io_safe_input($search_string); $basic_where = sprintf(" tagente_estado.utimestamp !=0 AND tagente_modulo.id_agente_modulo = tagente_estado.id_agente_modulo AND (nombre LIKE '%%%s%%' OR nombre LIKE '%%%s%%' OR descripcion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%') AND", $search_string, $search_string_entities, $search_string, $search_string_entities); +$where_tags = tags_get_acl_tags($config['id_user'], $agent['id_grupo'], 'AR', 'module_condition', 'AND', 'tagente_modulo'); + switch ($config["dbtype"]) { case "postgresql": $limit_sql = " LIMIT $limit OFFSET $offset "; @@ -238,8 +235,8 @@ switch ($config["dbtype"]) { $order[] = array('field' => 'tagente_modulo.nombre', 'order' => 'ASC'); - $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s (%s %s) %s %s", - $params, $basic_where, $extra_sql, $where, $order_sql, $limit_sql); + $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s %s %s %s %s", + $params, $basic_where, $where, $where_tags, $order_sql, $limit_sql); $modules = db_get_all_rows_sql($sql); break; @@ -249,13 +246,13 @@ switch ($config["dbtype"]) { $set = array(); $set['limit'] = $limit; $set['offset'] = $offset; - $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s (%s %s) %s", - $params, $basic_where, $extra_sql, $where, $order_sql); + $sql = sprintf("SELECT %s FROM tagente_modulo, tagente_estado WHERE %s %s %s %s", + $params, $basic_where, $where, $where_tags, $order_sql); $modules = oracle_recode_query ($sql, $set, 'AND', false); break; } -$sql_total_modules = sprintf("SELECT count(*) FROM tagente_modulo, tagente_estado WHERE %s (%s %s)", $basic_where, $extra_sql, $where); +$sql_total_modules = sprintf("SELECT count(*) FROM tagente_modulo, tagente_estado WHERE %s %s %s", $basic_where, $where, $where_tags); $total_modules = db_get_value_sql($sql_total_modules); $total_modules = isset ($total_modules) ? $total_modules : 0; diff --git a/pandora_console/operation/agentes/group_view.php b/pandora_console/operation/agentes/group_view.php index 02f41cd090..0a767759f4 100644 --- a/pandora_console/operation/agentes/group_view.php +++ b/pandora_console/operation/agentes/group_view.php @@ -74,6 +74,9 @@ else { // Header ui_print_page_header (__("Group view"), "images/bricks.png", false, "", false, $updated_time ); +if(tags_has_user_acl_tags()) { + ui_print_tags_warning(); +} // Init vars $groups_info = array (); diff --git a/pandora_console/operation/agentes/networkmap.php b/pandora_console/operation/agentes/networkmap.php index 41728e1acb..5b0d4cc693 100644 --- a/pandora_console/operation/agentes/networkmap.php +++ b/pandora_console/operation/agentes/networkmap.php @@ -269,6 +269,10 @@ if (!empty($name)) { ui_print_page_header (__('Network map')." - ".$title, "images/bricks.png", false, "network_map", false, $buttons); +if(tags_has_user_acl_tags()) { + ui_print_tags_warning(); +} + if ($delete_networkmap || $add_networkmap || $save_networkmap) { echo $message; } diff --git a/pandora_console/operation/agentes/status_events.php b/pandora_console/operation/agentes/status_events.php index ac5ec2a785..1d1a5458f4 100644 --- a/pandora_console/operation/agentes/status_events.php +++ b/pandora_console/operation/agentes/status_events.php @@ -25,6 +25,9 @@ if (!isset($id_agente)){ require_once ("include/functions_events.php"); echo "

".__('Latest events for this agent')."

"; -events_print_event_table ("WHERE id_agente = $id_agente", $limit = 10, $width='98%'); + +$tags_condition = tags_get_acl_tags($config['id_user'], $agent['id_grupo'], 'ER', 'event_condition', 'AND'); + +events_print_event_table ("WHERE id_agente = $id_agente $tags_condition", $limit = 10, $width='100%'); ?> diff --git a/pandora_console/operation/agentes/status_monitor.php b/pandora_console/operation/agentes/status_monitor.php index f4b608f47c..b9dba60023 100644 --- a/pandora_console/operation/agentes/status_monitor.php +++ b/pandora_console/operation/agentes/status_monitor.php @@ -36,9 +36,6 @@ enterprise_include_once ('include/functions_metaconsole.php'); $isFunctionPolicies = enterprise_include_once ('include/functions_policies.php'); -// TODO: CLEAN extra_sql -$extra_sql = ''; - if (! defined ('METACONSOLE')) { //Header ui_print_page_header ("Monitor detail", "images/brick.png", false); @@ -54,7 +51,6 @@ $offset = (int) get_parameter ('offset', 0); $status = (int) get_parameter ('status', 4); $modulegroup = get_parameter ('modulegroup', -1); $tag_filter = get_parameter('tag_filter', 0); -$sql_extra = ''; $refr = get_parameter('refr', 0); // Sort functionality @@ -65,9 +61,133 @@ echo '
'; - + // Get Groups and profiles from user $user_groups = implode (",", array_keys (users_get_groups ())); + +//////////////////////////////////// +// Begin Build SQL sentences +$sql_from = " FROM tagente, tagente_modulo, tagente_estado "; + +$sql_conditions_base = " WHERE tagente.id_agente = tagente_modulo.id_agente + AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo"; + +$sql_conditions = " AND tagente_modulo.disabled = 0 AND tagente.disabled = 0"; + +// Agent group selector +if (!defined('METACONSOLE')) { + if ($ag_group > 0 && check_acl ($config["id_user"], $ag_group, "AR")) { + $sql_conditions_group = sprintf (" AND tagente.id_grupo = %d", $ag_group); + } + elseif($user_groups != '') { + // User has explicit permission on group 1 ? + $sql_conditions_group = " AND tagente.id_grupo IN (".$user_groups.")"; + } +} +else { + if ($ag_group != "0" && check_acl ($config["id_user"], $ag_group, "AR")) { + $sql_conditions_group = sprintf (" AND tagente.id_grupo IN ( SELECT id_grupo FROM tgrupo where nombre = '%s') ", $ag_group); + } + elseif($user_groups != '') { + // User has explicit permission on group 1 ? + $sql_conditions_group = " AND tagente.id_grupo IN (".$user_groups.")"; + } +} + +// Module group +if (defined('METACONSOLE')) { + if ($modulegroup != '-1') + $sql_conditions .= sprintf (" AND tagente_modulo.id_module_group IN (SELECT id_mg + FROM tmodule_group WHERE name = '%s')", $modulegroup); +} +else if ($modulegroup > -1) { + $sql_conditions .= sprintf (" AND tagente_modulo.id_module_group = '%d'", $modulegroup); + +} + +// Module name selector +if ($ag_modulename != "") { + $sql_conditions .= sprintf (" AND tagente_modulo.nombre = '%s'", $ag_modulename); +} + +// Freestring selector +if ($ag_freestring != "") { + $sql_conditions .= sprintf (" AND (tagente.nombre LIKE '%%%s%%' + OR tagente_modulo.nombre LIKE '%%%s%%' + OR tagente_modulo.descripcion LIKE '%%%s%%')", + $ag_freestring, $ag_freestring, $ag_freestring); +} + +// Status selector +if ($status == 0) { //Normal + $sql_conditions .= " AND tagente_estado.estado = 0 + AND (utimestamp > 0 OR (tagente_modulo.id_tipo_modulo IN(21,22,23,100))) "; +} +elseif ($status == 2) { //Critical + $sql_conditions .= " AND tagente_estado.estado = 1 AND utimestamp > 0"; +} +elseif ($status == 1) { //Warning + $sql_conditions .= " AND tagente_estado.estado = 2 AND utimestamp > 0"; +} +elseif ($status == 4) { //Not normal + $sql_conditions .= " AND tagente_estado.estado <> 0"; +} +elseif ($status == 3) { //Unknown + $sql_conditions .= " AND tagente_estado.estado = 3 AND tagente_estado.utimestamp <> 0"; +} +elseif ($status == 5) { //Not init + $sql_conditions .= " AND tagente_estado.utimestamp = 0 + AND tagente_modulo.id_tipo_modulo NOT IN (21,22,23,100)"; +} + +//Filter by tag +if ($tag_filter !== 0) { + if (defined('METACONSOLE')) { + $sql_conditions .= " AND tagente_modulo.id_agente_modulo IN ( + SELECT ttag_module.id_agente_modulo + FROM ttag_module + WHERE ttag_module.id_tag IN (SELECT id_tag FROM ttag where name LIKE '%" . $tag_filter . "%') + )"; + } + else{ + $sql_conditions .= " AND tagente_modulo.id_agente_modulo IN ( + SELECT ttag_module.id_agente_modulo + FROM ttag_module + WHERE ttag_module.id_tag = " . $tag_filter . " + )"; + + } +} + +$sql_conditions_tags = tags_get_acl_tags($config['id_user'], $ag_group, 'AR', 'module_condition', 'AND', 'tagente_modulo'); + +// Two modes of filter. All the filters and only ACLs filter +$sql_conditions_all = $sql_conditions_base . $sql_conditions . $sql_conditions_group . $sql_conditions_tags; +$sql_conditions_acl = $sql_conditions_base . $sql_conditions_group . $sql_conditions_tags; + +// Get count to paginate +if (!defined('METACONSOLE')) + $count = db_get_sql ("SELECT COUNT(tagente_modulo.id_agente_modulo) " . $sql_from . $sql_conditions_all); + +// Get limit_sql depend of the metaconsole or standard mode +if (defined('METACONSOLE')) { + // Offset will be used to get the subset of modules + $inferior_limit = $offset; + $superior_limit = $config["block_size"] + $offset; + // Offset reset to get all elements + $offset = 0; + if (!isset($config["meta_num_elements"])) + $config["meta_num_elements"] = 100; + + $limit_sql = $config["meta_num_elements"]; +} +else + $limit_sql = $config["block_size"]; + +// End Build SQL sentences +///////////////////////////////////// + +// Query to get name of the modules to module name filter combo switch ($config["dbtype"]) { case "mysql": case "postgresql": @@ -90,29 +210,7 @@ switch ($config["dbtype"]) { //The check of is_admin $flag_is_admin = (bool)db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']); - $sql = ' SELECT distinct(nombre) - FROM tagente_modulo - WHERE nombre <> \'delete_pending\' AND id_agente IN - ( - SELECT id_agente - FROM tagente - WHERE'; - - $sql .= $extra_sql.'('; - - if ($flag_is_admin || $flag_all_group) { - $sql .= ' 1 = 1 '; - } - else { - if (empty($id_groups)) { - $sql .= ' 1 = 0 '; - } - else { - $sql .= ' id_grupo IN (' . implode(',', $id_groups) . ') '; - } - } - - $sql .= '))'; + $sql = ' SELECT distinct(tagente_modulo.nombre) '. $sql_from . $sql_conditions_acl; break; case "oracle": $profiles = db_get_all_rows_sql('SELECT id_grupo @@ -135,33 +233,10 @@ switch ($config["dbtype"]) { $flag_is_admin = (bool)db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']); - $sql = ' SELECT DISTINCT dbms_lob.substr(nombre,4000,1) AS nombre - FROM tagente_modulo - WHERE dbms_lob.substr(nombre,4000,1) <> \'delete_pending\' - AND id_agente IN - ( - SELECT id_agente - FROM tagente - WHERE'; - - $sql .= $extra_sql . '('; - - if ($flag_is_admin || $flag_all_group) { - $sql .= ' 1 = 1 '; - } - else { - if (empty($id_groups)) { - $sql .= ' 1 = 0 '; - } - else { - $sql .= ' id_grupo IN (' . implode(',', $id_groups) . ') '; - } - } - - $sql .= '))'; + $sql = ' SELECT DISTINCT dbms_lob.substr(nombre,4000,1) AS nombre'. $sql_from . $sql_conditions_acl; break; } - + $modules = array(); $tags = array(); $rows_select = array(); @@ -174,11 +249,11 @@ if (defined('METACONSOLE')) { // For each server defined and not disabled: $servers = db_get_all_rows_sql ("SELECT * FROM tmetaconsole_setup WHERE disabled = 0"); + if ($servers === false) $servers = array(); $result = array(); - foreach($servers as $server) { // If connection was good then retrieve all data server if (metaconsole_connect($server) == NOERR){ @@ -187,10 +262,10 @@ if (defined('METACONSOLE')) { else{ $connection = false; } - + // Get all info for filters of all nodes $modules_temp = db_get_all_rows_sql($sql); - + $tags_temp = db_get_all_rows_sql('SELECT name, name FROM ttag WHERE id_tag IN (SELECT ttag_module.id_tag @@ -219,7 +294,7 @@ if (defined('METACONSOLE')) { if (!empty($groups_temp_processed)) { $groups_select = array_unique(array_merge($groups_select, $groups_temp_processed)); } - + if (!empty($modules_temp)) $modules = array_merge($modules, $modules_temp); if (!empty($tags_temp)) @@ -228,7 +303,6 @@ if (defined('METACONSOLE')) { metaconsole_restore_db(); } unset($groups_select[__('All')]); - } if (!defined('METACONSOLE')) { @@ -312,18 +386,17 @@ echo '' . ui_print_help_tip(__('Only it is show tags in use.'), true) . ''; echo ''; -if (!defined('METACONSOLE')) - $tags = db_get_all_rows_sql('SELECT id_tag, name - FROM ttag - WHERE id_tag IN (SELECT ttag_module.id_tag - FROM ttag_module)'); + +if (!defined('METACONSOLE')) { + $tags = tags_get_user_tags(); +} if (empty($tags)) { - echo __('None tag'); + echo __('No tags'); } else { if (!defined('METACONSOLE')) - html_print_select (index_array($tags, 'id_tag', 'name'), "tag_filter", + html_print_select ($tags, "tag_filter", $tag_filter, '', __('All'), '', false, false, true, '', false, 'width: 150px;'); else html_print_select (index_array($tags, 'name', 'name'), "tag_filter", @@ -475,118 +548,7 @@ switch ($sortField) { 'order' => 'ASC'); break; } - -// Begin Build SQL sentences -$sql = " FROM tagente, tagente_modulo, tagente_estado - WHERE $sql_extra (tagente.id_agente = tagente_modulo.id_agente - AND tagente_modulo.disabled = 0 - AND tagente.disabled = 0 - AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo"; - -// Agent group selector -if (!defined('METACONSOLE')) { - if ($ag_group > 0 && check_acl ($config["id_user"], $ag_group, "AR")) { - $sql .= sprintf (" AND tagente.id_grupo = %d", $ag_group); - } - elseif($user_groups != '') { - // User has explicit permission on group 1 ? - $sql .= " AND tagente.id_grupo IN (".$user_groups.")"; - } -} -else { - if ($ag_group != "0" && check_acl ($config["id_user"], $ag_group, "AR")) { - $sql .= sprintf (" AND tagente.id_grupo IN ( SELECT id_grupo FROM tgrupo where nombre = '%s') ", $ag_group); - } - elseif($user_groups != '') { - // User has explicit permission on group 1 ? - $sql .= " AND tagente.id_grupo IN (".$user_groups.")"; - } -} - -// Module group -if (defined('METACONSOLE')) { - if ($modulegroup != '-1') - $sql .= sprintf (" AND tagente_modulo.id_module_group IN (SELECT id_mg - FROM tmodule_group WHERE name = '%s')", $modulegroup); -} -else if ($modulegroup > -1) { - $sql .= sprintf (" AND tagente_modulo.id_module_group = '%d'", $modulegroup); - -} - -// Module name selector -if ($ag_modulename != "") { - $sql .= sprintf (" AND tagente_modulo.nombre = '%s'", $ag_modulename); -} - -// Freestring selector -if ($ag_freestring != "") { - $sql .= sprintf (" AND (tagente.nombre LIKE '%%%s%%' - OR tagente_modulo.nombre LIKE '%%%s%%' - OR tagente_modulo.descripcion LIKE '%%%s%%')", - $ag_freestring, $ag_freestring, $ag_freestring); -} - -// Status selector -if ($status == 0) { //Normal - $sql .= " AND tagente_estado.estado = 0 - AND (utimestamp > 0 OR (tagente_modulo.id_tipo_modulo IN(21,22,23,100))) "; -} -elseif ($status == 2) { //Critical - $sql .= " AND tagente_estado.estado = 1 AND utimestamp > 0"; -} -elseif ($status == 1) { //Warning - $sql .= " AND tagente_estado.estado = 2 AND utimestamp > 0"; -} -elseif ($status == 4) { //Not normal - $sql .= " AND tagente_estado.estado <> 0"; -} -elseif ($status == 3) { //Unknown - $sql .= " AND tagente_estado.estado = 3 AND tagente_estado.utimestamp <> 0"; -} -elseif ($status == 5) { //Not init - $sql .= " AND tagente_estado.utimestamp = 0 - AND tagente_modulo.id_tipo_modulo NOT IN (21,22,23,100)"; -} - -//Filter by tag -if ($tag_filter !== 0) { - if (defined('METACONSOLE')) { - $sql .= " AND tagente_modulo.id_agente_modulo IN ( - SELECT ttag_module.id_agente_modulo - FROM ttag_module - WHERE ttag_module.id_tag IN (SELECT id_tag FROM ttag where name LIKE '%" . $tag_filter . "%') - )"; - } - else{ - $sql .= " AND tagente_modulo.id_agente_modulo IN ( - SELECT ttag_module.id_agente_modulo - FROM ttag_module - WHERE ttag_module.id_tag = " . $tag_filter . " - )"; - - } -} - -// Build final SQL sentences -if (!defined('METACONSOLE')) - $count = db_get_sql ("SELECT COUNT(tagente_modulo.id_agente_modulo) " . - $sql . ")"); - -if (defined('METACONSOLE')) { - // Offset will be used to get the subset of modules - $inferior_limit = $offset; - $superior_limit = $config["block_size"] + $offset; - // Offset reset to get all elements - $offset = 0; - if (!isset($config["meta_num_elements"])) - $config["meta_num_elements"] = 100; - - $limit_sql = $config["meta_num_elements"]; -} -else - $limit_sql = $config["block_size"]; - + switch ($config["dbtype"]) { case "mysql": $sql = "SELECT @@ -601,7 +563,6 @@ switch ($config["dbtype"]) { tagente.intervalo AS agent_interval, tagente.nombre AS agent_name, tagente_modulo.nombre AS module_name, - tagente_modulo.id_agente_modulo, tagente_modulo.history_data, tagente_modulo.flag AS flag, tagente.id_grupo AS id_group, @@ -623,7 +584,7 @@ switch ($config["dbtype"]) { tagente_modulo.critical_instructions, tagente_modulo.warning_instructions, tagente_modulo.unknown_instructions, - tagente_estado.utimestamp AS utimestamp".$sql.") ORDER BY " . $order['field'] . " " . $order['order'] + tagente_estado.utimestamp AS utimestamp".$sql_from . $sql_conditions_all." ORDER BY " . $order['field'] . " " . $order['order'] . " LIMIT ".$offset.",".$limit_sql; break; case "postgresql": @@ -639,7 +600,6 @@ switch ($config["dbtype"]) { tagente.intervalo AS agent_interval, tagente.nombre AS agent_name, tagente_modulo.nombre AS module_name, - tagente_modulo.id_agente_modulo, tagente_modulo.history_data, tagente_modulo.flag AS flag, tagente.id_grupo AS id_group, @@ -661,7 +621,7 @@ switch ($config["dbtype"]) { tagente_modulo.critical_instructions, tagente_modulo.warning_instructions, tagente_modulo.unknown_instructions, - tagente_estado.utimestamp AS utimestamp".$sql.") LIMIT " . $limit_sql . " OFFSET " . $offset; + tagente_estado.utimestamp AS utimestamp".$sql_form . $sql_conditions_all." LIMIT " . $limit_sql . " OFFSET " . $offset; break; case "oracle": $set = array(); @@ -700,7 +660,7 @@ switch ($config["dbtype"]) { tagente_modulo.critical_instructions, tagente_modulo.warning_instructions, tagente_modulo.unknown_instructions, - tagente_estado.utimestamp AS utimestamp" . $sql; + tagente_estado.utimestamp AS utimestamp" . $sql_form . $sql_conditions_all; $sql = oracle_recode_query ($sql, $set); break; } diff --git a/pandora_console/operation/agentes/tactical.php b/pandora_console/operation/agentes/tactical.php index 9014bc7654..efc01ca865 100644 --- a/pandora_console/operation/agentes/tactical.php +++ b/pandora_console/operation/agentes/tactical.php @@ -30,7 +30,7 @@ if (! check_acl ($config['id_user'], 0, "AR")) { require ("general/noaccess.php"); return; } - + $is_admin = check_acl ($config['id_user'], 0, "PM"); $force_refresh = get_parameter ("force_refresh", ""); @@ -74,6 +74,10 @@ else { ui_print_page_header (__("Tactical view"), "images/bricks.png", false, "", false, $updated_time ); $data = reporting_get_group_stats(); +if(tags_has_user_acl_tags()) { + ui_print_tags_warning(); +} + echo '
'; // --------------------------------------------------------------------- // The status horizontal bars (Global health, Monitor sanity... diff --git a/pandora_console/operation/events/events_list.php b/pandora_console/operation/events/events_list.php index e7deb59fa2..6067c35d56 100644 --- a/pandora_console/operation/events/events_list.php +++ b/pandora_console/operation/events/events_list.php @@ -574,6 +574,20 @@ echo '
'; // Choose the table where search if metaconsole or not if($meta) { $event_table = 'tmetaconsole_event'; + + // Show only the events of enabled nodes + $enabled_nodes = db_get_all_rows_sql('SELECT id FROM tmetaconsole_setup WHERE disabled = 0'); + + if(empty($enabled_nodes)) { + $sql_post .= ' AND 1 = 0'; + } + else { + $enabled_nodes_id = array(); + foreach($enabled_nodes as $en) { + $enabled_nodes_id[] = $en['id']; + } + $sql_post .= ' AND server_id IN ('.implode(',',$enabled_nodes_id).')'; + } } else { $event_table = 'tevento'; diff --git a/pandora_console/operation/tree.php b/pandora_console/operation/tree.php index 121f83daaf..e34f6169e0 100644 --- a/pandora_console/operation/tree.php +++ b/pandora_console/operation/tree.php @@ -566,6 +566,10 @@ if (! defined ('METACONSOLE')) { ui_meta_print_header(__("Tree view"), $subsection, $subsections); } +if(tags_has_user_acl_tags()) { + ui_print_tags_warning(); +} + echo "
"; if (! defined ('METACONSOLE')) { echo '';