tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

API CV #8677

This commit is contained in:
Daniel Barbero Martin 2022-03-08 14:50:59 +01:00
parent 9f03db37c1
commit 4f67ec2f22
4 changed files with 185 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
pandora_console/ajax.php
View File

@ -107,24 +107,33 @@ $auth_class = io_safe_output(
get_parameter('auth_class', 'PandoraFMS\User')
);
$page = (string) get_parameter('page');
$page = safe_url_extraclean($page);
$page .= '.php';
$public_hash = get_parameter('auth_hash', false);
$public_login = false;
// Check user.
if (class_exists($auth_class) === false || $public_hash === false) {
check_login();
} else {
if ($auth_class::validatePublicHash($public_hash) === false) {
db_pandora_audit(
AUDIT_LOG_USER_REGISTRATION,
'Trying to access public dashboard (Invalid public hash)'
);
include 'general/noaccess.php';
exit;
}
// OK. Simulated user log in. If you want to use your own auth_class
// remember to set $config['force_instant_logout'] to true to avoid
// persistent user login.
if (false === ((bool) get_parameter('doLogin', false) === true
&& $page === 'include/rest-api/index.php')
) {
// Check user.
if (class_exists($auth_class) === false || $public_hash === false) {
check_login();
} else {
if ($auth_class::validatePublicHash($public_hash) === false) {
db_pandora_audit(
AUDIT_LOG_USER_REGISTRATION,
'Trying to access public dashboard (Invalid public hash)'
);
include 'general/noaccess.php';
exit;
}
// OK. Simulated user log in. If you want to use your own auth_class
// remember to set $config['force_instant_logout'] to true to avoid
// persistent user login.
}
}
ob_start();
@ -136,9 +145,6 @@ if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php') === true) {
$config['remote_addr'] = $_SERVER['REMOTE_ADDR'];
$page = (string) get_parameter('page');
$page = safe_url_extraclean($page);
$page .= '.php';
$config['id_user'] = $_SESSION['id_usuario'];
$isFunctionSkins = enterprise_include_once('include/functions_skins.php');
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {

20
pandora_console/include/lib/User.php
View File

@ -95,6 +95,7 @@ class User implements PublicLogin
);
if ($user_in_db !== false) {
$config['id_usuario'] = $user_in_db;
$config['id_user'] = $user_in_db;
// Originally at api.php.
if (session_status() === PHP_SESSION_NONE) {
@ -116,6 +117,25 @@ class User implements PublicLogin
}
/**
* Process login
*
* @param array|null $data Data.
*
* @return boolean
*/
public static function login(?array $data)
{
$user = new self($data);
if ($user === null) {
return false;
}
return true;
}
/**
* Generates a hash to authenticate in public views.
*

27
pandora_console/include/rest-api/index.php
View File

@ -16,6 +16,7 @@ enterprise_include('include/functions_metaconsole.php');
use Models\VisualConsole\Container as VisualConsole;
use Models\VisualConsole\View as Viewer;
use Models\VisualConsole\Item as Item;
use PandoraFMS\User;
$method = get_parameter('method');
if ($method) {
@ -35,6 +36,7 @@ if ($method) {
$visualConsoleId = (int) get_parameter('visualConsoleId');
$getVisualConsole = (bool) get_parameter('getVisualConsole');
$getVisualConsoleItems = (bool) get_parameter('getVisualConsoleItems');
$doLogin = (bool) get_parameter('doLogin');
$updateVisualConsoleItem = (bool) get_parameter('updateVisualConsoleItem');
$createVisualConsoleItem = (bool) get_parameter('createVisualConsoleItem');
$getVisualConsoleItem = (bool) get_parameter('getVisualConsoleItem');
@ -53,6 +55,31 @@ $loadtabs = (bool) get_parameter('loadtabs');
ob_clean();
if ($doLogin === true) {
$id_user = get_parameter('id_user', '');
$password = get_parameter('password', '');
if (User::login(
[
'id_usuario' => $id_user,
'password' => $password,
]
) === true
) {
echo json_encode(['auth_hash' => User::generatePublicHash()]);
} else {
db_pandora_audit(
AUDIT_LOG_ACL_VIOLATION,
'Trying to login using invalid credentials'
);
http_response_code(403);
return;
}
return;
}
if ($visualConsoleId) {
// Retrieve the visual console.
$visualConsole = VisualConsole::fromDB(['id' => $visualConsoleId], $ratio);

114
pandora_console/include/rest-api/readme.md Normal file
View File

@ -0,0 +1,114 @@
# Documentación de la api.
path = `http://localhost/pandora_console/ajax.php`
# Los metodos son:
- ## Pedir token:
- **data:**
```json
{
page: include/rest-api/index,
doLogin: 1,
id_user: xxxxxx,
password: xxxxx
}
```
- **ejemplo resultado:**
```
ce015de2941dac933621d23d3f32ac5ead8254b7ea3f390494cfcf586d38de27
```
- **ejemplo peticion:**
```
curl "http://localhost/pandora_console/ajax.php?page=include/rest-api/index&doLogin=1&id_user=admin&password=pandora"
```
- ## Traer todos los elementos de una CV.
- **data:**
```javascript
{
page: include/rest-api/index,
id_user: XXX,
getVisualConsoleItems: 1
visualConsoleId: XX,
size: [
widht => XXX,
height => YYY
],
widthScreen: xxx
}
```
- **ejemplo resultado:**
```javascript
[
{
"aclGroupId":0,
"agentDisabled":false,
"cacheExpiration":0,
"colorStatus":"#B2B2B2",
"height":132,
"id":180,
"image":"worldmap",
"imageSrc":"http:\/\/localhost\/pandora_console\/images\/console\/icons\/worldmap.png",
"isLinkEnabled":true,
"isOnTop":false,"label":"",
"labelPosition":"down",
"link":"http:\/\/localhost\/pandora_console\/index.php?sec=network&sec2=operation%2Fvisual_console%2Fview&id=3&pure=0",
"linkedLayoutId":3,
"linkedLayoutNodeId":0,"linkedLayoutStatusType":"default","moduleDisabled":false,
"parentId":0,
"type":5,
"width":200,
"x":1675,
"y":184
},
{
"aclGroupId":0,
"agentDisabled":false,
"cacheExpiration":0,
"colorStatus":"#B2B2B2","height":132,"id":181,"image":"europemap","imageSrc":"http:\/\/localhost\/pandora_console\/images\/console\/icons\/europemap.png",
"isLinkEnabled":true,
"isOnTop":false,
"label":"",
"labelPosition":"down",
"link":"http:\/\/localhost\/pandora_console\/index.php?sec=network&sec2=operation%2Fvisual_console%2Fview&id=4&pure=0",
"linkedLayoutId":4,
"linkedLayoutNodeId":0,"linkedLayoutStatusType":"default","moduleDisabled":false,
"parentId":0,
"type":5,
"width":200,
"x":1673,
"y":340
}
...
]
```
- **ejemplo peticion:**
```
curl "http://localhost/pandora_console/ajax.php?page=include/rest-api/index&getVisualConsoleItems=1&auth_hash=ce015de2941dac933621d23d3f32ac5ead8254b7ea3f390494cfcf586d38de27&visualConsoleId=7&id_user=admin"
```
- ## Traer los datos del propio item.
- **data:**
```javascript
{
page: include/rest-api/index,
,
getVisualConsoleItem: 1,
visualConsoleId: XX,
visualConsoleItemId: XX
}
```
- **ejemplo resultado:**
`javascript { "aclGroupId":0, "agentDisabled":false, "cacheExpiration":0, "clockFormat":"time", "clockTimezone":"Europe\/Madrid", "clockTimezoneOffset":3600, "clockType":"digital", "color":"#FFFFFF", "colorStatus":"#B2B2B2", "height":50, "id":212, "isLinkEnabled":true, "isOnTop":false,"label":"", "labelPosition":"down", "link":null, "linkedLayoutId":0, "linkedLayoutNodeId":0, "linkedLayoutStatusType":"default", "moduleDisabled":false, "parentId":0, "showClockTimezone":true, "type":19, "width":100, "x":848, "y":941 }`
- **ejemplo peticion:**
`curl "http://localhost/pandora_console/ajax.php?page=include/rest-api/index&getVisualConsoleItem=1&auth_hash=ce015de2941dac933621d23d3f32ac5ead8254b7ea3f390494cfcf586d38de27&visualConsoleId=7&visualConsoleItemId=212&id_user=admin"`