tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' of https://192.168.50.5:8081/artica/pandorafms into develop

This commit is contained in:
Daniel Maya 2016-09-08 16:25:24 +02:00
parent 39c2cb3bad 581d3835db
commit 4fc8cac7fb
55 changed files with 481 additions and 370 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pandora_console/godmode/agentes/planned_downtime.editor.php
View File

@ -17,8 +17,10 @@ global $config;
check_login();
if (! check_acl ($config['id_user'], 0, "AD")) {
$agent_d = check_acl ($config['id_user'], 0, "AD");
$agent_w = check_acl ($config['id_user'], 0, "AW");
$access = ($agent_d == true) ? 'AD' : (($agent_w == true) ? 'AW' : 'AD');
if (!$agent_d && !$agent_w) {
db_pandora_audit("ACL Violation",
"Trying to access downtime scheduler");
require ("general/noaccess.php");
@ -82,8 +84,8 @@ $id_agent = (int) get_parameter ('id_agent');
$insert_downtime_agent = (int) get_parameter ('insert_downtime_agent');
$delete_downtime_agent = (int) get_parameter ('delete_downtime_agent');
// User groups with AD permission for ACL checks
$user_groups_ad = array_keys(users_get_groups($config['id_user'], 'AD'));
// User groups with AD or AW permission for ACL checks
$user_groups_ad = array_keys(users_get_groups($config['id_user'], $access));
// INSERT A NEW DOWNTIME_AGENT ASSOCIATION
if ($insert_downtime_agent === 1) {
@ -472,7 +474,7 @@ $table->data = array ();
$table->data[0][0] = __('Name');
$table->data[0][1] = html_print_input_text ('name', $name, '', 25, 40, true, $disabled_in_execution);
$table->data[1][0] = __('Group');
$table->data[1][1] = html_print_select_groups(false, "AD", true, 'id_group', $id_group, '', '', 0, true, false, true, '', $disabled_in_execution);
$table->data[1][1] = html_print_select_groups(false, $access, true, 'id_group', $id_group, '', '', 0, true, false, true, '', $disabled_in_execution);
$table->data[2][0] = __('Description');
$table->data[2][1] = html_print_textarea ('description', 3, 35, $description, '', true);
@ -671,7 +673,7 @@ if ($id_downtime > 0) {
echo "<form method=post action='index.php?sec=estado&sec2=godmode/agentes/planned_downtime.editor&id_downtime=$id_downtime'>";
html_print_select_groups(false, "AD", true, 'filter_group', $filter_group, '', '', '', false, false, true, '', false, 'width:180px');
html_print_select_groups(false, $access, true, 'filter_group', $filter_group, '', '', '', false, false, true, '', false, 'width:180px');
echo "<br /><br />";
html_print_submit_button (__('Filter by group'), '', false, 'class="sub next"',false);

18
pandora_console/godmode/agentes/planned_downtime.list.php
View File

@ -20,8 +20,10 @@ check_login();
$read_permisson = check_acl ($config['id_user'], 0, "AR");
$write_permisson = check_acl ($config['id_user'], 0, "AD");
$manage_permisson = check_acl ($config['id_user'], 0, "AW");
$access = ($read_permisson == true) ? 'AR' : (($write_permisson == true) ? 'AD' : (($manage_permisson == true) ? 'AW' : 'AR'));
if (! $read_permisson) {
if (! $read_permisson && !$manage_permisson) {
db_pandora_audit("ACL Violation",
"Trying to access downtime scheduler");
require ("general/noaccess.php");
@ -64,7 +66,7 @@ if ($stop_downtime) {
$downtime = db_get_row('tplanned_downtime', 'id', $id_downtime);
// Check AD permission on the downtime
if (empty($downtime) || ! check_acl ($config['id_user'], $downtime['id_group'], "AD")) {
if (empty($downtime) || (! check_acl ($config['id_user'], $downtime['id_group'], "AD") && ! check_acl ($config['id_user'], $downtime['id_group'], "AW"))) {
db_pandora_audit("ACL Violation",
"Trying to access downtime scheduler");
require ("general/noaccess.php");
@ -87,7 +89,7 @@ if ($delete_downtime) {
$downtime = db_get_row('tplanned_downtime', 'id', $id_downtime);
// Check AD permission on the downtime
if (empty($downtime) || ! check_acl ($config['id_user'], $downtime['id_group'], "AD")) {
if (empty($downtime) || (! check_acl ($config['id_user'], $downtime['id_group'], "AD") && ! check_acl ($config['id_user'], $downtime['id_group'], "AW"))) {
db_pandora_audit("ACL Violation",
"Trying to access downtime scheduler");
require ("general/noaccess.php");
@ -180,7 +182,7 @@ $table_form->data[] = $row;
// Useful to know if the user has done a form filtering
$filter_performed = false;
$groups = users_get_groups ();
$groups = users_get_groups (false, $access);
if (!empty($groups)) {
$where_values = "1=1";
@ -375,8 +377,8 @@ else {
ui_pagination($downtimes_number, "index.php?sec=estado&sec2=godmode/agentes/planned_downtime.list&$filter_params_str", $offset);
// User groups with AD permission
$groupsAD = users_get_groups($config['id_user'], 'AD');
// User groups with AR, AD or AW permission
$groupsAD = users_get_groups($config['id_user'], $access);
$groupsAD = array_keys($groupsAD);
// View available downtimes present in database (if any of them)
@ -394,7 +396,7 @@ else {
$table->head['configuration'] = __('Configuration');
$table->head['running'] = __('Running');
if ($write_permisson) {
if ($write_permisson || $manage_permisson) {
$table->head['stop'] = __('Stop downtime');
$table->head['edit'] = __('Edit');
$table->head['delete'] = __('Delete');
@ -404,7 +406,7 @@ else {
$table->align['group'] = "center";
$table->align['running'] = "center";
if ($write_permisson) {
if ($write_permisson || $manage_permisson) {
$table->align['stop'] = "center";
$table->align['edit'] = "center";
$table->align['delete'] = "center";

22
pandora_console/godmode/alerts/alert_list.list.php
View File

@ -20,7 +20,9 @@ check_login ();
/* Check if this page is included from a agent edition */
if (! check_acl ($config['id_user'], 0, "LW") && ! check_acl ($config['id_user'], 0, "AD")) {
if (! check_acl ($config['id_user'], 0, "LW") &&
! check_acl ($config['id_user'], 0, "AD") &&
! check_acl ($config['id_user'], 0, "LM")) {
db_pandora_audit("ACL Violation",
"Trying to access Alert Management");
require ("general/noaccess.php");
@ -88,7 +90,12 @@ $form_filter .= "</tr>";
$all_groups = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
$groups_user = users_get_groups($config['id_user'], 'AR', $all_groups);
if (check_acl ($config['id_user'], 0, "AD"))
$groups_user = users_get_groups($config['id_user'], 'AD', $all_groups);
elseif (check_acl ($config['id_user'], 0, "LW"))
$groups_user = users_get_groups($config['id_user'], 'LW', $all_groups);
elseif (check_acl ($config['id_user'], 0, "LM"))
$groups_user = users_get_groups($config['id_user'], 'LM', $all_groups);
if ($groups_user === false) {
$groups_user = array();
}
@ -478,7 +485,7 @@ foreach ($simple_alerts as $alert) {
$data[1] .= html_print_image("images/zoom.png", true, array("id" => 'template-details-'.$alert['id_alert_template'], "class" => "img_help"));
$data[1] .= '</a> ';
if(check_acl ($config['id_user'], $template_group, "LW")) {
if(check_acl ($config['id_user'], $template_group, "LW") || check_acl ($config['id_user'], $template_group, "LM")) {
$data[1] .= "</a>";
}
@ -558,9 +565,12 @@ foreach ($simple_alerts as $alert) {
$data[2] .= '</div>';
$data[2] .= '</table>';
// Is possible manage actions if have LW permissions in the agent group of the alert module
if (check_acl ($config['id_user'], $agent_group, "LW")) {
if (check_acl ($config['id_user'], $agent_group, "LW") || check_acl ($config['id_user'], $template_group, "LM")) {
$own_info = get_user_info($config['id_user']);
$own_groups = users_get_groups($config['id_user'], 'LW', true);
if (check_acl ($config['id_user'], $template_group, "LW"))
$own_groups = users_get_groups($config['id_user'], 'LW', true);
elseif (check_acl ($config['id_user'], $template_group, "LM"))
$own_groups = users_get_groups($config['id_user'], 'LM', true);
$filter_groups = '';
$filter_groups = implode(',', array_keys($own_groups));
$actions = alerts_get_alert_actions_filter(true, 'id_group IN (' . $filter_groups . ')');
@ -723,7 +733,7 @@ if (isset($dont_display_alert_create_bttn))
if ($dont_display_alert_create_bttn)
$display_create = false;
if ($display_create && check_acl ($config['id_user'], 0, "LW")) {
if ($display_create && (check_acl ($config['id_user'], 0, "LW") || check_acl ($config['id_user'], $template_group, "LM"))) {
echo '<div class="action-buttons" style="width: ' . $table->width . '">';
echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/alerts/alert_list&tab=builder&pure='.$pure.'">';
html_print_submit_button (__('Create'), 'crtbtn', false, 'class="sub next"');

12
pandora_console/godmode/alerts/alert_list.php
View File

@ -18,7 +18,9 @@ global $config;
// Login check
check_login ();
if (! check_acl ($config['id_user'], 0, "LW") && ! check_acl ($config['id_user'], 0, "AD")) {
if (! check_acl ($config['id_user'], 0, "LW") &&
! check_acl ($config['id_user'], 0, "AD") &&
! check_acl ($config['id_user'], 0, "LM")) {
db_pandora_audit("ACL Violation",
"Trying to access Alert Management");
require ("general/noaccess.php");
@ -294,7 +296,7 @@ if ($id_agente) {
require_once('godmode/alerts/alert_list.list.php');
if(check_acl ($config['id_user'], $agent['id_grupo'], "LW")) {
if(check_acl ($config['id_user'], $agent['id_grupo'], "LW") || check_acl ($config['id_user'], $agent['id_grupo'], "LM")) {
require_once('godmode/alerts/alert_list.builder.php');
}
@ -302,9 +304,9 @@ if ($id_agente) {
}
else {
$searchFlag = true;
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
// The tabs will be shown only with manage alerts permissions
if(check_acl ($config['id_user'], 0, "LW")) {
if(check_acl ($config['id_user'], 0, "LW") || check_acl ($config['id_user'], 0, "LM")) {
$buttons = array(
'list' => array(
'active' => false,
@ -343,7 +345,7 @@ else {
else {
$groups = array(0 => __('All'));
}
$agents = agents_get_group_agents (array_keys ($groups), false, "none");
$agents = agents_get_group_agents (array_keys ($groups), false, "none",true);
require_once($config['homedir'] . '/godmode/alerts/alert_list.list.php');

2
pandora_console/godmode/events/custom_events.php
View File

@ -18,7 +18,7 @@ global $config;
check_login ();
if (! check_acl($config['id_user'], 0, "EW")) {
if (! check_acl($config['id_user'], 0, "PM")) {
db_pandora_audit("ACL Violation",
"Trying to access Custom events Management");
require ("general/noaccess.php");

20
pandora_console/godmode/events/event_edit_filter.php
View File

@ -18,7 +18,11 @@ global $config;
check_login ();
if (! check_acl ($config["id_user"], 0, "EW")) {
$event_w = check_acl ($config['id_user'], 0, "EW");
$event_m = check_acl ($config['id_user'], 0, "EM");
$access = ($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'EW');
if (!$event_w && !$event_m) {
db_pandora_audit("ACL Violation",
"Trying to access events filter editor");
require ("general/noaccess.php");
@ -192,9 +196,7 @@ $table->style[0] = 'vertical-align: top;';
$table->valign[1] = 'top';
if (defined('METACONSOLE')) {
$table->width = '100%';
$table->border = 0;
if (is_metaconsole()) {
if ($id) {
$table->head[0] = __('Update Filter');
}
@ -215,12 +217,12 @@ $table->data[0][1] =
$table->data[1][0] = '<b>' . __('Save in group') . '</b>' .
ui_print_help_tip(__('This group will be use to restrict the visibility of this filter with ACLs'), true);
$table->data[1][1] = html_print_select_groups(
$config['id_user'], "ER", users_can_manage_group_all(),
$config['id_user'], $access, users_can_manage_group_all(),
"id_group_filter", $id_group_filter, '', '', -1, true, false, false,
'', false, '', false, false, 'id_grupo', $strict_user);
$table->data[2][0] = '<b>' . __('Group').'</b>';
$table->data[2][1] = html_print_select_groups($config["id_user"], "ER",
$table->data[2][1] = html_print_select_groups($config["id_user"], $access,
true, 'id_group', $id_group, '', '', -1, true, false, false, '',
false, false, false, false, 'id_grupo', $strict_user);
@ -253,7 +255,7 @@ $params['input_name'] = 'text_agent';
$params['value'] = $text_agent;
$params['return'] = true;
if (defined('METACONSOLE')) {
if (is_metaconsole()) {
$params['javascript_page'] = 'enterprise/meta/include/ajax/events.ajax';
}
else {
@ -285,7 +287,7 @@ if ($strict_user) {
$users = array($config['id_user'] => $config['id_user']);
}
else {
$users = users_get_user_users($config['id_user'], "ER",
$users = users_get_user_users($config['id_user'], $access,
users_can_manage_group_all());
}
@ -314,7 +316,7 @@ if (empty($tag_without)) {
}
# Fix : only admin users can see all tags
$tags = tags_get_user_tags($config['id_user'], 'ER');
$tags = tags_get_user_tags($config['id_user'], $access);
$tags_select_with = array();
$tags_select_without = array();

10
pandora_console/godmode/events/event_filter.php
View File

@ -18,7 +18,11 @@ global $config;
check_login ();
if (! check_acl ($config["id_user"], 0, "EW")) {
$event_w = check_acl ($config['id_user'], 0, "EW");
$event_m = check_acl ($config['id_user'], 0, "EM");
$access = ($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'EW');
if (!$event_w && !$event_m) {
db_pandora_audit("ACL Violation",
"Trying to access events filter editor");
require ("general/noaccess.php");
@ -83,7 +87,7 @@ if ($strict_acl) {
users_can_manage_group_all());
}
else {
$groups_user = users_get_groups ($config['id_user'], "EW",
$groups_user = users_get_groups ($config['id_user'], $access,
users_can_manage_group_all(), true);
}
@ -157,7 +161,7 @@ else {
if (isset($data)) {
echo "<form method='post' action='index.php?sec=geventos&sec2=godmode/events/events&amp;pure=".$config['pure']."'>";
html_print_input_hidden('multiple_delete', 1);
if(!defined("METACONSOLE"))
if(!is_metaconsole())
echo "<div style='padding-bottom: 20px; text-align: right;'>";
else
echo "<div style='float:right; '>";

4
pandora_console/godmode/events/event_responses.editor.php
View File

@ -59,7 +59,7 @@ $table = new stdClass();
$table->width = '100%';
$table->class = 'databox filters';
if(defined('METACONSOLE')) {
if(is_metaconsole()) {
$table->head[0] = __('Edit event responses');
$table->head_colspan[0] = 5;
$table->headstyle[0] = 'text-align: center';
@ -79,7 +79,7 @@ $data[1] = html_print_input_text('name', $event_response['name'], '',
$data[1] .= html_print_input_hidden('id_response',$event_response['id'],true);
$data[2] = __('Group');
$data[3] = html_print_select_groups(false, 'AR', true, 'id_group',$event_response['id_group'],'','','',true);
$data[3] = html_print_select_groups(false, 'PM', true, 'id_group',$event_response['id_group'],'','','',true);
$table->data[0] = $data;
$data = array();

32
pandora_console/godmode/events/events.php
View File

@ -20,7 +20,7 @@ check_login ();
enterprise_hook('open_meta_frame');
if (! check_acl ($config["id_user"], 0, "EW")) {
if (!check_acl ($config["id_user"], 0, "EW") && !check_acl ($config["id_user"], 0, "EM") && ! check_acl ($config["id_user"], 0, "PM")) {
db_pandora_audit("ACL Violation",
"Trying to access event manage");
require ("general/noaccess.php");
@ -31,29 +31,31 @@ if (! check_acl ($config["id_user"], 0, "EW")) {
$section = (string) get_parameter ("section", "filter");
// Draws header
$buttons['view'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=operation/events/events&amp;pure='.$config['pure'].'">' .
html_print_image("images/events_list.png", true, array("title" => __('Event list'))) . '</a>',
'operation' => true);
if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0, "EM")) {
$buttons['view'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=operation/events/events&amp;pure='.$config['pure'].'">' .
html_print_image("images/events_list.png", true, array("title" => __('Event list'))) . '</a>',
'operation' => true);
$buttons['filter'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=filter&amp;pure='.$config['pure'].'">' .
html_print_image("images/filter_mc.png", true, array ("title" => __('Filter list'))) . '</a>');
$buttons['filter'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=filter&amp;pure='.$config['pure'].'">' .
html_print_image("images/filter_mc.png", true, array ("title" => __('Filter list'))) . '</a>');
}
if (check_acl ($config["id_user"], 0, "PM")) {
$buttons['responses'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=responses&amp;pure='.$config['pure'].'">' .
html_print_image("images/event_responses.png", true, array ("title" => __('Event responses'))) . '</a>');
'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=responses&amp;pure='.$config['pure'].'">' .
html_print_image("images/event_responses.png", true, array ("title" => __('Event responses'))) . '</a>');
if (! defined ('METACONSOLE')) {
if (!is_metaconsole()) {
$buttons['fields'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=fields&amp;pure='.$config['pure'].'">' .
html_print_image("images/custom_columns.png", true, array ("title" => __('Custom fields'))) . '</a>');
'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=fields&amp;pure='.$config['pure'].'">' .
html_print_image("images/custom_columns.png", true, array ("title" => __('Custom fields'))) . '</a>');
}
else {
$buttons['fields'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=event/custom_events&amp;section=fields&amp;pure='.$config['pure'].'">' .
html_print_image("images/custom_columns.png", true, array ("title" => __('Custom fields'))) . '</a>');
'text' => '<a href="index.php?sec=eventos&sec2=event/custom_events&amp;section=fields&amp;pure='.$config['pure'].'">' .
html_print_image("images/custom_columns.png", true, array ("title" => __('Custom fields'))) . '</a>');
}
}

11
pandora_console/godmode/gis_maps/configure_gis_map.php
View File

@ -17,8 +17,11 @@ global $config;
check_login ();
$gis_w = check_acl ($config['id_user'], 0, 'MW');
$gis_m = check_acl ($config['id_user'], 0, 'MM')
$access = ($gis_w == true) ? 'MW' : (($gis_m == true) ? 'MM' : 'MW');
if (! check_acl ($config['id_user'], 0, "IW")) {
if (!$gis_w && !$gis_m ) {
db_pandora_audit("ACL Violation", "Trying to access map builder");
require ("general/noaccess.php");
return;
@ -337,7 +340,7 @@ if (isset($invalidFields['map_connection_list'])) {
$listConnectionTemp = db_get_all_rows_sql("SELECT id_tmap_connection, conection_name, group_id FROM tgis_map_connection");
$listConnection = array();
foreach ($listConnectionTemp as $connectionTemp) {
if (check_acl ($config["id_user"], $connectionTemp['group_id'], "IW")) {
if (check_acl ($config["id_user"], $connectionTemp['group_id'], "MW") || check_acl ($config["id_user"], $connectionTemp['group_id'], "MM")) {
$listConnection[$connectionTemp['id_tmap_connection']] = $connectionTemp['conection_name'];
}
}
@ -356,7 +359,7 @@ $table->data[1][1] = "<table style='padding:0px;' class='no-class' border='0' id
</tr> " . gis_add_conection_maps_in_form($map_connection_list) . "
</table>";
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "MM"))
$display_all_group = true;
else
$display_all_group = false;
@ -408,7 +411,7 @@ $table->data[1][1] = '<div id="form_layer">
</tr>
<tr>
<td>' . __('Show agents from group') . ':</td>
<td colspan="3">' . html_print_select_groups(false, 'IW', $display_all_group, 'layer_group_form', '-1', '', __('None'), '-1', true) . '</td>
<td colspan="3">' . html_print_select_groups(false, $access, $display_all_group, 'layer_group_form', '-1', '', __('None'), '-1', true) . '</td>
</tr>
<tr>
<td colspan="4"><hr /></td>

167
pandora_console/godmode/menu.php
View File

@ -24,68 +24,73 @@ require_once ('include/functions_menu.php');
$menu_godmode = array ();
$menu_godmode['class'] = 'godmode';
$sub = array ();
if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0, "AD")) {
$menu_godmode["gagente"]["text"] = __('Resources');
$menu_godmode["gagente"]["sec2"] = "godmode/agentes/modificar_agente";
$menu_godmode["gagente"]["id"] = "god-resources";
$sub = array ();
$sub['godmode/agentes/modificar_agente']['text'] = __('Manage agents');
$sub['godmode/agentes/modificar_agente']['id'] = 'Manage agents';
$sub["godmode/agentes/modificar_agente"]["subsecs"] = array(
"godmode/agentes/configurar_agente");
}
if (check_acl ($config["id_user"], 0, "PM")) {
$sub["godmode/agentes/fields_manager"]["text"] = __('Custom fields');
$sub["godmode/agentes/fields_manager"]["id"] = 'Custom fields';
if (check_acl ($config['id_user'], 0, "AW")) {
if (check_acl ($config["id_user"], 0, "PM")) {
$sub["godmode/agentes/fields_manager"]["text"] = __('Custom fields');
$sub["godmode/agentes/fields_manager"]["id"] = 'Custom fields';
$sub["godmode/modules/manage_nc_groups"]["text"] = __('Component groups');
$sub["godmode/modules/manage_nc_groups"]["id"] = 'Component groups';
// Category
$sub["godmode/category/category"]["text"] = __('Module categories');
$sub["godmode/category/category"]["id"] = 'Module categories';
$sub["godmode/category/category"]["subsecs"] = "godmode/category/edit_category";
$sub["godmode/modules/module_list"]["text"] = __('Module types');
$sub["godmode/modules/module_list"]["id"] = 'Module types';
$sub["godmode/groups/modu_group_list"]["text"] = __('Module groups');
$sub["godmode/groups/modu_group_list"]["id"] = 'Module groups';
}
if ($config['activate_netflow']) {
//Netflow
$sub["godmode/netflow/nf_edit"]["text"] = __('Netflow filters');
$sub["godmode/netflow/nf_edit"]["id"] = 'Netflow filters';
}
$sub["godmode/modules/manage_nc_groups"]["text"] = __('Component groups');
$sub["godmode/modules/manage_nc_groups"]["id"] = 'Component groups';
// Category
$sub["godmode/category/category"]["text"] = __('Module categories');
$sub["godmode/category/category"]["id"] = 'Module categories';
$sub["godmode/category/category"]["subsecs"] = "godmode/category/edit_category";
$sub["godmode/modules/module_list"]["text"] = __('Module types');
$sub["godmode/modules/module_list"]["id"] = 'Module types';
$sub["godmode/groups/modu_group_list"]["text"] = __('Module groups');
$sub["godmode/groups/modu_group_list"]["id"] = 'Module groups';
}
if (check_acl ($config['id_user'], 0, "AW")) {
//Netflow
if ($config['activate_netflow']) {
$sub["godmode/netflow/nf_edit"]["text"] = __('Netflow filters');
$sub["godmode/netflow/nf_edit"]["id"] = 'Netflow filters';
}
}
if (!empty($sub)) {
$menu_godmode["gagente"]["text"] = __('Resources');
$menu_godmode["gagente"]["sec2"] = "godmode/agentes/modificar_agente";
$menu_godmode["gagente"]["id"] = "god-resources";
$menu_godmode["gagente"]["sub"] = $sub;
}
$sub = array ();
if (check_acl ($config['id_user'], 0, "AW")) {
$sub["godmode/groups/group_list"]["text"] = __('Manage agents groups');
$sub["godmode/groups/group_list"]["id"] = 'Manage agents groups';
}
if (check_acl ($config['id_user'], 0, "PM")) {
// Tag
$sub["godmode/tag/tag"]["text"] = __('Module tags');
$sub["godmode/tag/tag"]["id"] = 'Module tags';
$sub["godmode/tag/tag"]["subsecs"] = "godmode/tag/edit_tag";
enterprise_hook ('enterprise_acl_submenu');
}
if (check_acl ($config['id_user'], 0, "UM")) {
$menu_godmode["gusuarios"]["text"] = __('Profiles');
$menu_godmode["gusuarios"]["sec2"] = "godmode/users/user_list";
$menu_godmode["gusuarios"]["id"] = "god-users";
$sub = array ();
$sub['godmode/users/user_list']['text'] = __('Users management');
$sub['godmode/users/user_list']['id'] = 'Users management';
$sub['godmode/users/profile_list']['text'] = __('Profile management');
$sub['godmode/users/profile_list']['id'] = 'Profile management';
$sub["godmode/groups/group_list"]["text"] = __('Manage agents groups');
$sub["godmode/groups/group_list"]["id"] = 'Manage agents groups';
if (check_acl ($config['id_user'], 0, "PM")) {
// Tag
$sub["godmode/tag/tag"]["text"] = __('Module tags');
$sub["godmode/tag/tag"]["id"] = 'Module tags';
$sub["godmode/tag/tag"]["subsecs"] = "godmode/tag/edit_tag";
enterprise_hook ('enterprise_acl_submenu');
}
}
if (!empty($sub)) {
$menu_godmode["gusuarios"]["sub"] = $sub;
$menu_godmode["gusuarios"]["text"] = __('Profiles');
$menu_godmode["gusuarios"]["sec2"] = "godmode/users/user_list";
$menu_godmode["gusuarios"]["id"] = "god-users";
}
$sub = array ();
@ -117,11 +122,12 @@ if (check_acl ($config['id_user'], 0, "AW")) {
$sub2["godmode/massive/massive_operations&amp;tab=massive_alerts"]["text"] = __('Alerts operations');
enterprise_hook('massivepolicies_submenu');
enterprise_hook('massivesnmp_submenu');
enterprise_hook('massivesatellite_submenu');
$sub["gmassive"]["sub2"] = $sub2;
}
enterprise_hook('massivesatellite_submenu');
if (!empty($sub)) {
$menu_godmode["gmodules"]["text"] = __('Configuration');
$menu_godmode["gmodules"]["sec2"] = "godmode/modules/manage_network_templates";
@ -129,11 +135,13 @@ if (!empty($sub)) {
$menu_godmode["gmodules"]["sub"] = $sub;
}
if (check_acl ($config['id_user'], 0, "LM") || check_acl ($config['id_user'], 0, "AD")) {
if (check_acl ($config['id_user'], 0, "LW") ||
check_acl ($config['id_user'], 0, "LM") ||
check_acl ($config['id_user'], 0, "AD")) {
$menu_godmode["galertas"]["text"] = __('Alerts');
$menu_godmode["galertas"]["sec2"] = "godmode/alerts/alert_list";
$menu_godmode["galertas"]["id"] = "god-alerts";
$sub = array ();
$sub["godmode/alerts/alert_list"]["text"] = __('List of Alerts');
$sub["godmode/alerts/alert_list"]["id"] = 'List of Alerts';
@ -150,13 +158,10 @@ if (check_acl ($config['id_user'], 0, "LM") || check_acl ($config['id_user'], 0,
$sub["godmode/alerts/alert_actions"]["id"] = 'Actions';
$sub["godmode/alerts/alert_actions"]["pages"] =
array("godmode/alerts/configure_alert_action");
if (check_acl ($config['id_user'], 0, "PM")) {
$sub["godmode/alerts/alert_commands"]["text"] = __('Commands');
$sub["godmode/alerts/alert_commands"]["id"] = 'Commands';
$sub["godmode/alerts/alert_commands"]["pages"] =
$sub["godmode/alerts/alert_commands"]["text"] = __('Commands');
$sub["godmode/alerts/alert_commands"]["id"] = 'Commands';
$sub["godmode/alerts/alert_commands"]["pages"] =
array("godmode/alerts/configure_alert_command");
}
$sub["godmode/alerts/alert_special_days"]["text"] = __('Special days list');
$sub["godmode/alerts/alert_special_days"]["id"] = __('Special days list');
$sub["godmode/alerts/alert_special_days"]["pages"] =
@ -169,41 +174,45 @@ if (check_acl ($config['id_user'], 0, "LM") || check_acl ($config['id_user'], 0,
$menu_godmode["galertas"]["sub"] = $sub;
}
if (check_acl ($config['id_user'], 0, "EW")) {
// Manage events
// Manage events
$sub = array ();
if (check_acl ($config['id_user'], 0, "EW") || check_acl ($config['id_user'], 0, "EM")) {
// Custom event fields
$sub["godmode/events/events&amp;section=filter"]["text"] = __('Event filters');
$sub["godmode/events/events&amp;section=filter"]["id"] = 'Event filters';
}
if (check_acl ($config['id_user'], 0, "PM")) {
$sub["godmode/events/events&amp;section=fields"]["text"] = __('Custom events');
$sub["godmode/events/events&amp;section=fields"]["id"] = 'Custom events';
$sub["godmode/events/events&amp;section=responses"]["text"] = __('Event responses');
$sub["godmode/events/events&amp;section=responses"]["id"] = 'Event responses';
}
if (!empty($sub)) {
$menu_godmode["geventos"]["text"] = __('Events');
$menu_godmode["geventos"]["sec2"] = "godmode/events/events&amp;section=filter";
$menu_godmode["geventos"]["id"] = "god-events";
// Custom event fields
$sub = array ();
$sub["godmode/events/events&amp;section=filter"]["text"] = __('Event filters');
$sub["godmode/events/events&amp;section=filter"]["id"] = 'Event filters';
if (check_acl ($config['id_user'], 0, "PM")) {
$sub["godmode/events/events&amp;section=fields"]["text"] = __('Custom events');
$sub["godmode/events/events&amp;section=fields"]["id"] = 'Custom events';
$sub["godmode/events/events&amp;section=responses"]["text"] = __('Event responses');
$sub["godmode/events/events&amp;section=responses"]["id"] = 'Event responses';
}
$menu_godmode["geventos"]["sub"] = $sub;
}
if (check_acl ($config['id_user'], 0, "AW")) {
if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0, "PM")) {
// Servers
$menu_godmode["gservers"]["text"] = __('Servers');
$menu_godmode["gservers"]["sec2"] = "godmode/servers/modificar_server";
$menu_godmode["gservers"]["id"] = "god-servers";
$sub = array ();
$sub["godmode/servers/modificar_server"]["text"] = __('Manage servers');
$sub["godmode/servers/modificar_server"]["id"] = 'Manage servers';
$sub["godmode/servers/manage_recontask"]["text"] = __('Recon task');
$sub["godmode/servers/manage_recontask"]["id"] = 'Recon task';
if (check_acl ($config['id_user'], 0, "AW")) {
$sub["godmode/servers/modificar_server"]["text"] = __('Manage servers');
$sub["godmode/servers/modificar_server"]["id"] = 'Manage servers';
}
//This subtabs are only for Pandora Admin
if (check_acl ($config['id_user'], 0, "PM")) {
$sub["godmode/servers/manage_recontask"]["text"] = __('Recon task');
$sub["godmode/servers/manage_recontask"]["id"] = 'Recon task';
$sub["godmode/servers/plugin"]["text"] = __('Plugins');
$sub["godmode/servers/plugin"]["id"] = 'Plugins';
@ -297,7 +306,7 @@ if (check_acl ($config['id_user'], 0, "PM") || check_acl ($config['id_user'], 0,
$sub["godmode/setup/file_manager"]["id"] = 'File manager';
}
if (check_acl ($config['id_user'], 0, "DM")) {
if (check_acl ($config['id_user'], 0, "DM") || check_acl ($config['id_user'], 0, "PM")) {
$sub["gdbman"]["text"] = __('DB maintenance');
$sub["gdbman"]["id"] = 'DB maintenance';
$sub["gdbman"]["type"] = "direct";
@ -388,10 +397,8 @@ if (is_array ($config['extensions'])) {
}
if (!empty($sub2))
if (!empty($sub2)) {
$sub["godmode/extensions"]["sub2"] = $sub2;
if (!empty($sub)) {
$sub["godmode/extensions"]["text"] = __('Extension manager');
$sub["godmode/extensions"]["id"] = 'Extension manager';
$submenu = array_merge($menu_godmode["gextensions"]["sub"],$sub);

10
pandora_console/godmode/reporting/graph_builder.graph_editor.php
View File

@ -17,7 +17,10 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "RW")) {
$report_w = check_acl ($config['id_user'], 0, "RW");
$report_m = check_acl ($config['id_user'], 0, "RM");
if (!$report_w && !$report_m ) {
db_pandora_audit("ACL Violation",
"Trying to access graph builder");
include ("general/noaccess.php");
@ -129,7 +132,6 @@ if (count($module_array) > 0) {
}
//Configuration form
echo '<span id ="none_text" style="display: none;">' . __('None') . '</span>';
echo "<form method='post' action='index.php?sec=reporting&sec2=godmode/reporting/graph_builder&tab=graph_editor&add_module=1&edit_graph=1&id=" . $id_graph . "'>";
@ -137,7 +139,9 @@ echo "<table width='100%' cellpadding='4' cellpadding='4' class='databox filters
echo "<tr>";
echo "<td colspan='3'>".__('Filter group')."</td>";
echo "</tr><tr>";
echo "<td colspan='3'>".html_print_select(groups_get_all(), 'group', '', "filterByGroup($('#group').val());", __('All'), '0', true)."</td>";
echo "<td colspan='3'>".html_print_select_groups($config['id_user'], ($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RW'),
true, 'group', '', 'filterByGroup($(\'#group\').val());',
'', 0, true)."</td>";
echo "</tr><tr>";
echo "<td style='vertical-align: top;'>".__('Agents')."</td>";
echo "<td></td>";

11
pandora_console/godmode/reporting/graph_builder.main.php
View File

@ -48,7 +48,7 @@ if (is_ajax ()) {
check_login ();
if (! check_acl ($config['id_user'], 0, "RW")) {
if (! check_acl ($config['id_user'], 0, "RW") && ! check_acl ($config['id_user'], 0, "RM")) {
db_pandora_audit("ACL Violation",
"Trying to access graph builder");
include ("general/noaccess.php");
@ -111,9 +111,12 @@ if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
else
$return_all_groups = false;
echo "<td><b>".__('Group')."</b></td><td>" .
html_print_select_groups($config['id_user'], "AR", $return_all_groups, 'graph_id_group', $id_group, '', '', '', true) .
"</td></tr>";
echo "<td><b>".__('Group')."</b></td><td>";
if (check_acl ($config['id_user'], 0, "RW"))
echo html_print_select_groups($config['id_user'], 'RW', $return_all_groups, 'graph_id_group', $id_group, '', '', '', true);
elseif (check_acl ($config['id_user'], 0, "RM"))
echo html_print_select_groups($config['id_user'], 'RM', $return_all_groups, 'graph_id_group', $id_group, '', '', '', true);
echo "</td></tr>";
echo "<tr>";
echo "<td class='datos2'><b>".__('Description')."</b></td>";
echo "<td class='datos2' colspan=3><textarea name='description' style='height:45px;' cols=55 rows=2>";

2
pandora_console/godmode/reporting/graph_builder.php
View File

@ -46,7 +46,7 @@ if (is_ajax ()) {
check_login ();
if (! check_acl ($config['id_user'], 0, "RW")) {
if (! check_acl ($config['id_user'], 0, "RW") && ! check_acl ($config['id_user'], 0, "RM")) {
db_pandora_audit("ACL Violation",
"Trying to access graph builder");
include ("general/noaccess.php");

16
pandora_console/godmode/reporting/graphs.php
View File

@ -20,7 +20,11 @@ require_once ('include/functions_custom_graphs.php');
// Check user credentials
check_login ();
if (! check_acl ($config['id_user'], 0, "RR")) {
$report_r = check_acl ($config['id_user'], 0, "RR");
$report_w = check_acl ($config['id_user'], 0, "RW");
$report_m = check_acl ($config['id_user'], 0, "RM");
$access = ($report_r == true) ? 'RR' : (($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RR'));
if (!$report_r && !$report_w && !$report_m) {
db_pandora_audit("ACL Violation",
"Trying to access Inventory Module Management");
require ("general/noaccess.php");
@ -72,7 +76,7 @@ ui_print_page_header (__('Reporting')." &raquo; ".__('Custom graphs'), "images/c
// Delete module SQL code
if ($delete_graph) {
if (check_acl ($config['id_user'], 0, "RW")) {
if ( $report_w || $report_m ) {
$exist = db_get_value("id_graph", "tgraph_source", "id_graph", $id);
if ($exist) {
@ -134,7 +138,7 @@ if ($multiple_delete) {
}
$graphs = custom_graphs_get_user ($config['id_user'], false, true, "RR");
$graphs = custom_graphs_get_user ($config['id_user'], false, true, $access);
$offset = (int) get_parameter ("offset");
ui_pagination (count($graphs));
@ -154,7 +158,7 @@ if (!empty ($graphs)) {
$table->size[3] = '200px';
$table->align[2] = 'left';
$table->align[3] = 'left';
if (check_acl ($config['id_user'], 0, "RW")) {
if ($report_w || $report_m) {
$table->align[4] = 'left';
$table->head[4] = __('Op.') .
html_print_checkbox('all_delete', 0, false, true, false,
@ -176,7 +180,7 @@ if (!empty ($graphs)) {
$data[2] = $graph["graphs_count"];
$data[3] = ui_print_group_icon($graph['id_group'],true);
if (check_acl ($config['id_user'], 0, "RW") && users_can_manage_group_all($graph['id_group'])) {
if (($report_w || $report_m) && users_can_manage_group_all($access)) {
$data[4] = '<a href="index.php?sec=reporting&sec2=godmode/reporting/graph_builder&edit_graph=1&id='.
$graph['id_graph'].'">'.html_print_image("images/config.png", true).'</a>';
@ -204,7 +208,7 @@ if (!empty ($graphs)) {
echo "<div style='float: right;'>";
if (check_acl ($config['id_user'], 0, "RW")) {
if ($report_w || $report_m) {
echo '<form method="post" style="float:right;" action="index.php?sec=reporting&sec2=godmode/reporting/graph_builder">';
html_print_submit_button (__('Create graph'), 'create', false, 'class="sub next" style="margin-right:5px;"');
echo "</form>";

10
pandora_console/godmode/reporting/map_builder.php
View File

@ -245,10 +245,10 @@ else {
$total_maps = count(visual_map_get_user_layouts ($config['id_user'], false,
false, false));
}
if (!$maps && !defined("METACONSOLE")) {
if (!$maps && !is_metaconsole()) {
require_once ($config['homedir'] . "/general/firts_task/map_builder.php");
}
elseif (!$maps && defined("METACONSOLE")) {
elseif (!$maps && is_metaconsole()) {
ui_print_info_message(
array(
'no_close'=>true,
@ -266,7 +266,7 @@ else {
$data = array ();
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$data[0] = '<a href="index.php?sec=network&amp;sec2=operation/visual_console/render_view&amp;id='.
$map['id'].'&amp;refr=' . $refr . '">'.$map['name'].'</a>';
}
@ -281,7 +281,7 @@ else {
// Fix: IW was the old ACL for report editing, now is RW
if ($vconsole_write || $vconsole_manage) {
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$data[3] = '<a class="copy_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;copy_layout=1">'.html_print_image ("images/copy.png", true).'</a>';
$data[4] = '<a class="delete_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;delete_layout=1">'.html_print_image ("images/cross.png", true).'</a>';
}
@ -295,7 +295,7 @@ else {
html_print_table ($table);
}
if ($maps) {
if (!defined('METACONSOLE'))
if (!is_metaconsole())
echo '<div class="action-buttons" style="width: 0px;">';
else
echo '<div class="" style="width: 100%; text-align: right;">';

21
pandora_console/godmode/reporting/reporting_builder.item_editor.php
View File

@ -19,7 +19,7 @@ require_once ($config['homedir'] . '/include/db/oracle.php');
// Login check
check_login ();
if (! check_acl ($config['id_user'], 0, "RW")) {
if (! check_acl ($config['id_user'], 0, "RW") && ! check_acl ($config['id_user'], 0, "RM")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
@ -31,12 +31,6 @@ if (($config['metaconsole'] == 1) && (defined('METACONSOLE'))) {
$meta = true;
}
$show_graph_options = Array();
$show_graph_options[0] = __('Only table');
$show_graph_options[1] = __('Table & Graph');
@ -632,7 +626,10 @@ $class = 'databox filters';
$own_info = get_user_info ($config['id_user']);
// Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "RW", $own_info['is_admin'], true);
if (check_acl ($config['id_user'], 0, "RW"))
$groups_user = users_get_groups ($config['id_user'], "RW", $own_info['is_admin'], true);
elseif (check_acl ($config['id_user'], 0, "RM"))
$groups_user = users_get_groups ($config['id_user'], "RM", $own_info['is_admin'], true);
$groups_id = array();
foreach ($groups_user as $key => $groups) {
$groups_id[] = $groups['id_grupo'];
@ -821,8 +818,12 @@ $class = 'databox filters';
<td style="font-weight:bold;"><?php echo __('Group');?></td>
<td style="">
<?php
html_print_select_groups($config['id_user'],
"AR", true, 'combo_group', $group, '');
if(check_acl ($config['id_user'], 0, "RW"))
html_print_select_groups($config['id_user'],
"RW", true, 'combo_group', $group, '');
elseif(check_acl ($config['id_user'], 0, "RM"))
html_print_select_groups($config['id_user'],
"RM", true, 'combo_group', $group, '');
?>
</td>
</tr>

33
pandora_console/godmode/reporting/reporting_builder.php
View File

@ -21,8 +21,11 @@ global $config;
check_login ();
enterprise_hook('open_meta_frame');
if (! check_acl ($config['id_user'], 0, "RR")) {
$report_r = check_acl ($config['id_user'], 0, "RR");
$report_w = check_acl ($config['id_user'], 0, "RW");
$report_m = check_acl ($config['id_user'], 0, "RM");
$access = ($report_r == true) ? 'RR' : (($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RR'));
if (!$report_r && !$report_w && !$report_m) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
@ -427,15 +430,15 @@ switch ($action) {
$table_aux->colspan[0][0] = 4;
$table_aux->data[0][0] = "<b>". __("Group") . "</b>";
$table_aux->data[0][1] = html_print_select_groups(false, "AR", true, 'id_group', $id_group, '', '', '', true, false, true, '', false, 'width:150px', false, false, 'id_grupo', $strict_user). '<br>';
$table_aux->data[0][1] = html_print_select_groups(false, $access, true, 'id_group', $id_group, '', '', '', true, false, true, '', false, 'width:150px', false, false, 'id_grupo', $strict_user). '<br>';
$table_aux->data[0][2] = "<b>". __("Free text for search: ") . ui_print_help_tip(
__('Search by report name or description, list matches.'),true) . "</b>";
__('Search by report name or description, list matches.'),true) . "</b>";
$table_aux->data[0][3] = html_print_input_text ("search", $search, '', 30, '', true);
$table_aux->data[0][6] = html_print_submit_button(__('Search'), 'search_submit', false, 'class="sub upd"', true);
if (defined('METACONSOLE')) {
if (is_metaconsole()) {
$filter = "<form class ='' action='index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&id_group=$id_group&pure=$pure'
method='post'>";
$filter .= html_print_table($table_aux,true);
@ -449,13 +452,11 @@ switch ($action) {
echo "</form>";
}
ui_require_jquery_file ('pandora.controls');
ui_require_jquery_file ('ajaxqueue');
ui_require_jquery_file ('bgiframe');
ui_require_jquery_file ('autocomplete');
// Show only selected groups
if ($id_group > 0) {
$group = array("$id_group" => $id_group);
@ -465,7 +466,7 @@ switch ($action) {
}
$own_info = get_user_info ($config['id_user']);
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "RM"))
$return_all_group = true;
else
$return_all_group = false;
@ -505,10 +506,10 @@ switch ($action) {
'private',
'id_user',
'id_group',
'non_interactive'), $return_all_group, 'RR', $group, $strict_user);
'non_interactive'), $return_all_group, $access, $group, $strict_user);
$total_reports = (int) count(reports_get_reports ($filter,
array ('name'), $return_all_group, 'RR', $group, $strict_user));
array ('name'), $return_all_group, $access, $group, $strict_user));
if (sizeof ($reports)) {
@ -579,15 +580,19 @@ switch ($action) {
if (!is_user_admin ($config["id_user"])) {
if ($report["private"] && $report["id_user"] != $config['id_user'])
if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
if (!check_acl ($config["id_user"], $report["id_group"], "RR") &&
!check_acl ($config["id_user"], $report["id_group"], "RW")
&& !check_acl ($config["id_user"], $report["id_group"], "RM"))
continue;
if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
if (!check_acl ($config["id_user"], $report["id_group"], "RR") &&
!check_acl ($config["id_user"], $report["id_group"], "RW")
&& !check_acl ($config["id_user"], $report["id_group"], "RM"))
continue;
}
$data = array ();
if (check_acl ($config["id_user"], $report["id_group"], "RW")) {
if (check_acl ($config["id_user"], $report["id_group"], "RW") || check_acl ($config["id_user"], $report["id_group"], "RM")) {
$data[0] = '<a href="' . $config['homeurl'] . 'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&id_report='.
$report['id_report'].'&pure='.$pure.'">'.$report['name'].'</a>';
}
@ -721,7 +726,7 @@ switch ($action) {
else {
ui_print_info_message ( array ( 'no_close' => true, 'message' => __('No data found.') ) );
}
if (check_acl ($config['id_user'], 0, "RW")) {
if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
echo '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&tab=main&action=new&pure='.$pure.'">';
if (defined("METACONSOLE"))
echo '<div class="action-buttons" style="width: 100%; ">';

6
pandora_console/godmode/servers/manage_recontask.php
View File

@ -19,7 +19,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "AW")) {
if (! check_acl ($config['id_user'], 0, "PM")) {
db_pandora_audit("ACL Violation",
"Trying to access Recon Task Management");
require ("general/noaccess.php");
@ -32,10 +32,10 @@ if (check_acl ($config['id_user'], 0, "AW")) {
$options[]['text'] = "<a href='index.php?sec=estado&sec2=operation/servers/recon_view'>" . html_print_image ("images/operation.png", true, array ("title" =>__('View'))) . "</a>";
}
$user_groups_w = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
$user_groups_w = users_get_groups(false, 'PM', true, false, null, 'id_grupo');
$user_groups_w = array_keys($user_groups_w);
$user_groups_r = users_get_groups(false, 'AR', true, false, null, 'id_grupo');
$user_groups_r = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
$user_groups_r = array_keys($user_groups_r);
// Headers

6
pandora_console/godmode/servers/manage_recontask_form.php
View File

@ -18,7 +18,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "AW")) {
if (! check_acl ($config['id_user'], 0, "PM")) {
db_pandora_audit("ACL Violation",
"Trying to access Agent Management");
require ("general/noaccess.php");
@ -298,8 +298,8 @@ $table->data[8][1] .= ui_print_help_tip(
// Group
$table->data[9][0] = "<b>".__('Group');
$groups = users_get_groups (false, "AR", false);
$table->data[9][1] = html_print_select_groups(false, "AR", false, 'id_group', $id_group, '', '', 0, true);
$groups = users_get_groups (false, "PM", false);
$table->data[9][1] = html_print_select_groups(false, "PM", true, 'id_group', $id_group, '', '', 0, true);
// Incident
$values = array (0 => __('No'), 1 => __('Yes'));

2
pandora_console/godmode/servers/modificar_server.php
View File

@ -88,7 +88,7 @@ else {
ui_print_success_message(__('Successfully action'));
}
}
if (isset ($_GET["delete"])) {
$id_server = get_parameter_get ("server_del");

8
pandora_console/include/ajax/module.php
View File

@ -407,7 +407,9 @@ if ($list_modules) {
include_once($config['homedir'] . "/include/functions_tags.php");
include_once($config['homedir'] . "/include/functions_clippy.php");
$agent_a = check_acl ($config['id_user'], 0, "AR");
$agent_w = check_acl ($config['id_user'], 0, "AW");
$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
$id_agente = $id_agent = (int)get_parameter('id_agente', 0);
$url = 'index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente=' . $id_agent;
@ -499,10 +501,10 @@ if ($list_modules) {
}
// Fix: for tag functionality groups have to be all user_groups (propagate ACL funct!)
$groups = users_get_groups($config["id_user"]);
$groups = users_get_groups($config["id_user"], $access);
$tags_sql = tags_get_acl_tags($config['id_user'],
array_keys($groups), 'AR', 'module_condition', 'AND',
array_keys($groups), $access, 'module_condition', 'AND',
'tagente_modulo', false, array(), true);
$status_filter_monitor = (int)get_parameter('status_filter_monitor', -1);

7
pandora_console/include/ajax/tree.ajax.php
View File

@ -47,11 +47,14 @@ if (is_ajax ()) {
);
$filter = get_parameter('filter', $default_filters);
$agent_a = check_acl ($config['id_user'], 0, "AR");
$agent_w = check_acl ($config['id_user'], 0, "AW");
$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
if (class_exists('TreeEnterprise')) {
$tree = new TreeEnterprise($type, $rootType, $id, $rootID, $serverID, $childrenMethod);
$tree = new TreeEnterprise($type, $rootType, $id, $rootID, $serverID, $childrenMethod, $access);
}
else {
$tree = new Tree($type, $rootType, $id, $rootID, $serverID, $childrenMethod);
$tree = new Tree($type, $rootType, $id, $rootID, $serverID, $childrenMethod, $access);
}
$tree->setFilter($filter);

15
pandora_console/include/class/Tree.class.php
View File

@ -27,17 +27,19 @@ class Tree {
protected $strictACL = false;
protected $acltags = false;
protected $access = false;
public function __construct($type, $rootType = '', $id = -1, $rootID = -1, $serverID = false, $childrenMethod = "on_demand") {
public function __construct($type, $rootType = '', $id = -1, $rootID = -1, $serverID = false, $childrenMethod = "on_demand", $access = 'AR') {
$this->type = $type;
$this->rootType = !empty($rootType) ? $rootType : $type;
$this->id = $id;
$this->rootID = !empty($rootID) ? $rootID : $id;
$this->serverID = $serverID;
$this->childrenMethod = $childrenMethod;
$userGroups = users_get_groups();
$this->childrenMethod = $childrenMethod;
$this->access = $access;
$userGroups = users_get_groups(false, $this->access);
if (empty($userGroups))
$this->userGroups = false;
@ -53,8 +55,8 @@ class Tree {
enterprise_include_once("meta/include/functions_ui_meta.php");
$this->strictACL = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
$this->acltags = tags_get_user_module_and_tags($config['id_user'], 'AR');
$this->acltags = tags_get_user_module_and_tags($config['id_user'], $this->access);
}
public function setType($type) {
@ -2104,6 +2106,7 @@ class Tree {
$this->processAgents($newItems, $server[$j]);
$newItems = array_filter($newItems);
$items = array_merge($items, $newItems);
metaconsole_restore_db();
$j++;
}

32
pandora_console/include/functions_groupview.php
View File

@ -17,7 +17,7 @@
include_once ($config['homedir'] . "/include/functions_groups.php");
include_once ($config['homedir'] . "/include/functions_tags.php");
function groupview_get_all_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array()) {
function groupview_get_all_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array(), $access = 'AR') {
global $config;
if ($id_user == false) {
$id_user = $config['id_user'];
@ -198,7 +198,7 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
$list['_monitors_critical_'] = $group_stat[0]["critical"];
$list['_monitors_unknown_'] = $group_stat[0]["unknown"];
$list['_monitors_not_init_'] = $group_stat[0]["not_init"];
$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), 'AR',false, false);
$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), $access,false, false);
$list['_total_agents_'] = $total_agentes[0]['total_agents'];
$list["_monitor_alerts_fire_count_"] = $group_stat[0]["alerts_fired"];
@ -253,18 +253,18 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
'disabled' => 0,
'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_NOT_INIT),
array ('COUNT(*) as total'), 'AR', false);
array ('COUNT(*) as total'), $access, false);
$list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0;
$agent_unknown = agents_get_agents(array (
'disabled' => 0,
'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_UNKNOWN),
array ('COUNT(*) as total'), 'AR', false);
array ('COUNT(*) as total'), $access, false);
$list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0;
$agent_total = agents_get_agents(array (
'disabled' => 0,
'id_grupo' => $group['id_grupo']),
array ('COUNT(*) as total'), 'AR', false);
array ('COUNT(*) as total'), $access, false);
$list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0;
$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
$list[$group['id_grupo']]['_monitors_alerts_fired_'] = groupview_monitor_fired_alerts ($group['id_grupo'], $user_strict,array($group['id_grupo']));
@ -421,9 +421,9 @@ function groupview_status_modules_agents($id_user = false, $user_strict = false,
return $result_list;
}
else {
$result_list = groupview_get_all_data ($id_user, $user_strict,
$acltags);
$acltags, false, array(), array(), $access);
return $result_list;
}
}
@ -551,20 +551,20 @@ function groupview_get_groups_list($id_user = false, $user_strict = false, $acce
// If using metaconsole, the not strict users will use the metaconsole's agent cache table
else {
$result_list = groupview_get_data ($id_user, $user_strict, $acltags,
$returnAllGroup);
$returnAllGroup, array(), array(), $access);
return $result_list;
}
}
function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array()) {
function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array(), $access = 'AR') {
global $config;
if ($id_user == false) {
$id_user = $config['id_user'];
}
$groups_with_privileges = users_get_groups($id_user);
$groups_with_privileges = users_get_groups($id_user, $access);
$groups_with_privileges = implode('","', $groups_with_privileges);
$user_groups = array();
$user_tags = array();
$groups_without_tags = array();
@ -591,7 +591,7 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
else {
$user_groups_ids = implode(',', array_keys($acltags));
}
if (!empty($user_groups_ids)) {
if (is_metaconsole() && (!$user_strict)) {
switch ($config["dbtype"]) {
@ -811,7 +811,7 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
$list['_monitors_critical_'] = $group_stat[0]["critical"];
$list['_monitors_unknown_'] = $group_stat[0]["unknown"];
$list['_monitors_not_init_'] = $group_stat[0]["not_init"];
$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), 'AR',false, false);
$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), $access,false, false);
$list['_total_agents_'] = $total_agentes[0]['total_agents'];
$list["_monitor_alerts_fire_count_"] = $group_stat[0]["alerts_fired"];
@ -866,18 +866,18 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
'disabled' => 0,
'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_NOT_INIT),
array ('COUNT(*) as total'), 'AR', false);
array ('COUNT(*) as total'), $access, false);
$list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0;
$agent_unknown = agents_get_agents(array (
'disabled' => 0,
'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_UNKNOWN),
array ('COUNT(*) as total'), 'AR', false);
array ('COUNT(*) as total'), $access, false);
$list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0;
$agent_total = agents_get_agents(array (
'disabled' => 0,
'id_grupo' => $group['id_grupo']),
array ('COUNT(*) as total'), 'AR', false);
array ('COUNT(*) as total'), $access, false);
$list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0;
$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];

2
pandora_console/include/functions_treeview.php
View File

@ -356,7 +356,7 @@ function treeview_printTable($id_agente, $server_data = array(), $no_head = fals
$is_extra = false;
}
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && !$is_extra) {
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config["id_user"], $agent["id_grupo"], "AW") && !$is_extra) {
db_pandora_audit("ACL Violation",
"Trying to access Agent General Information");
require_once ("general/noaccess.php");

4
pandora_console/include/functions_visual_map.php
View File

@ -2116,9 +2116,9 @@ function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter
$filter = array ();
if ($returnAllGroup)
$groups = users_get_groups ($id_user, 'RR');
$groups = users_get_groups ($id_user, 'VR');
else
$groups = users_get_groups ($id_user, 'RR', false);
$groups = users_get_groups ($id_user, 'VR', false);
if (!empty($groups)) {
if (empty($where))

4
pandora_console/operation/agentes/alerts_status.functions.php
View File

@ -34,7 +34,7 @@ function validateAlert() {
}
}
function printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_standby = false, $tag_filter = false,$action_filter = false, $return = false, $strict_user = false) {
function printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_standby = false, $tag_filter = false,$action_filter = false, $return = false, $strict_user = false, $access = 'AR') {
global $config;
require_once ($config['homedir'] . "/include/functions_tags.php");
@ -66,7 +66,7 @@ function printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_st
}
$table->data[0][0] = __('Group');
$table->data[0][1] = html_print_select_groups($config['id_user'], "AR", true, "ag_group", $id_group, '', '', '', true, false, false, '', false, '', false, false, 'id_grupo', $strict_user);
$table->data[0][1] = html_print_select_groups($config['id_user'], $access, true, "ag_group", $id_group, '', '', '', true, false, false, '', false, '', false, false, 'id_grupo', $strict_user);
$alert_status_filter = array();
$alert_status_filter['all_enabled'] = __('All (Enabled)');

60
pandora_console/operation/agentes/alerts_status.php
View File

@ -91,7 +91,7 @@ if ($idAgent != 0) {
$is_extra = false;
}
if (!check_acl ($config["id_user"], $id_group, "AR") && !$is_extra) {
if (!check_acl ($config["id_user"], $id_group, "AR") && !check_acl ($config["id_user"], $id_group, "AW") && !$is_extra) {
db_pandora_audit("ACL Violation","Trying to access alert view");
require ("general/noaccess.php");
exit;
@ -109,7 +109,11 @@ if ($idAgent != 0) {
}
}
else {
if (!check_acl ($config["id_user"], 0, "AR")) {
$agent_a = check_acl ($config['id_user'], 0, "AR");
$agent_w = check_acl ($config['id_user'], 0, "AW");
$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
if (!$agent_a && !$agent_w) {
db_pandora_audit("ACL Violation","Trying to access alert view");
require ("general/noaccess.php");
return;
@ -118,13 +122,13 @@ else {
$agents = array_keys(
agents_get_group_agents(
array_keys(
users_get_groups($config["id_user"], 'AR', false))));
users_get_groups($config["id_user"], $access, false)), false, 'lower', true));
$idGroup = $id_group;
$print_agent = true;
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
ui_print_page_header (__('Alert detail'), "images/op_alerts.png", false, "alert_validation");
}
else {
@ -300,7 +304,7 @@ switch ($sortField) {
//Add checks for user ACL
$groups = users_get_groups($config["id_user"]);
$groups = users_get_groups($config["id_user"], $access);
$id_groups = array_keys($groups);
if (empty($id_groups)) {
@ -333,7 +337,7 @@ else {
$filter_alert['disabled'] = $filter;
}
if (defined('METACONSOLE')) {
if (is_metaconsole()) {
require_once ($config['homedir'] . '/enterprise/meta/include/functions_alerts_meta.php');
if ($idAgent != 0) {
$alerts['alerts_simple'] = alerts_meta_get_alerts ($agents, $filter_alert, $options_simple, $whereAlertSimple, false, false, $idGroup, false, $strict_user);
@ -357,7 +361,7 @@ else {
}
else {
$id_groups = array_keys(
users_get_groups($config["id_user"], 'AR', false));
users_get_groups($config["id_user"], $access, false));
$alerts['alerts_simple'] = get_group_alerts($id_groups, $filter_alert, $options_simple, $whereAlertSimple, false, false, $idGroup, false, $strict_user, $tag_filter,$action_filter);
@ -379,7 +383,7 @@ if ($free_search != ''){
// Filter form
if ($print_agent) {
if(defined('METACONSOLE')) {
if(is_metaconsole()) {
ui_toggle(
printFormFilterAlert($id_group, $filter, $free_search,
$url, $filter_standby, $tag_filter, true, $strict_user),
@ -389,7 +393,7 @@ if ($print_agent) {
ui_toggle(
printFormFilterAlert($id_group, $filter, $free_search,
$url, $filter_standby, $tag_filter, $action_filter, true, $strict_user),
__('Alert control filter'), __('Toggle filter(s)'));
__('Alert control filter'), __('Toggle filter(s)'), $access);
}
}
@ -404,7 +408,7 @@ $table->align = array ();
if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
if ($print_agent) {
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[0] = "<span title='" . __('Policy') . "'>" .
__('P.') . "</span>";
}
@ -412,7 +416,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$table->head[1] = "<span title='" . __('Standby') . "'>" .
__('S.') . "</span>";
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[2] =
"<span title='" . __('Force execution') . "'>" .
__('F.') . "</span>";
@ -424,7 +428,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$table->head[6] = __('Action');
$table->head[7] = __('Last fired');
$table->head[8] = __('Status');
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->size[8] = '4%';
if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
$table->head[9] = __('Validate');
@ -436,7 +440,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$table->align[8] = 'center';
// Sort buttons are only for normal console
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[3] .= ' ' .
'<a href="' . $url . '&sort_field=agent&sort=up">' . html_print_image("images/sort_up.png", true, array("style" => $selectAgentUp)) . '</a>' .
'<a href="' . $url . '&sort_field=agent&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectAgentDown)) . '</a>';
@ -449,13 +453,13 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
}
}
else {
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[0] = "<span title='" . __('Policy') . "'>" . __('P.') . "</span>";
}
$table->head[1] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>";
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[2] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>";
}
@ -464,7 +468,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$table->head[5] = __('Action');
$table->head[6] = __('Last fired');
$table->head[7] = __('Status');
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->size[7] = '5%';
if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
$table->head[8] = __('Validate');
@ -475,7 +479,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$table->align[7] = 'center';
// Sort buttons are only for normal console
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[3] .= ' ' .
'<a href="' . $url . '&sort_field=module&sort=up">' . html_print_image("images/sort_up.png", true, array("style" => $selectModuleUp)) . '</a>' .
'<a href="' . $url . '&sort_field=module&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectModuleDown)) . '</a>';
@ -488,7 +492,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
else {
if ($print_agent) {
$table->head[0] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>";
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[1] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>";
}
$table->head[2] = __('Agent');
@ -497,7 +501,7 @@ else {
$table->head[5] = __('Action');
$table->head[6] = __('Last fired');
$table->head[7] = __('Status');
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->size[7] = '5%';
if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
$table->head[8] = __('Validate');
@ -508,7 +512,7 @@ else {
$table->align[7] = 'center';
// Sort buttons are only for normal console
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[2] .= ' ' .
'<a href="' . $url . '&sort_field=agent&sort=up">'. html_print_image("images/sort_up.png", true, array("style" => $selectAgentUp)) . '</a>' .
'<a href="' . $url . '&sort_field=agent&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectAgentDown)) . '</a>';
@ -522,7 +526,7 @@ else {
}
else {
$table->head[0] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>";
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[1] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>";
}
$table->head[2] = __('Module');
@ -530,7 +534,7 @@ else {
$table->head[4] = __('Action');
$table->head[5] = __('Last fired');
$table->head[6] = __('Status');
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->size[6] = '5%';
if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
$table->head[7] = __('Validate');
@ -541,7 +545,7 @@ else {
$table->align[6] = 'center';
// Sort buttons are only for normal console
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
$table->head[2] .= ' ' .
'<a href="' . $url . '&sort_field=module&sort=up">' . html_print_image("images/sort_up.png", true, array("style" => $selectModuleUp)) . '</a>' .
'<a href="' . $url . '&sort_field=module&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectModuleDown)) . '</a>';
@ -574,7 +578,7 @@ if (!empty ($table->data)) {
'offset_simple');
html_print_table ($table);
if (!defined('METACONSOLE')) {
if (!is_metaconsole()) {
if (check_acl ($config["id_user"], $id_group, "AW") || check_acl ($config["id_user"], $id_group, "LM") ) {
if (count($alerts['alerts_simple']) > 0) {
echo '<div class="action-buttons" style="width: '.$table->width.';">';
@ -593,12 +597,8 @@ else {
//strict user hidden
echo '<div id="strict_hidden" style="display:none;">';
html_print_input_text('strict_user_hidden', $strict_user);
if (defined('METACONSOLE')) {
$is_meta = true;
} else {
$is_meta = false;
}
html_print_input_text('is_meta_hidden', $is_meta);
html_print_input_text('is_meta_hidden', (int) is_metaconsole());
echo '</div>';
enterprise_hook('close_meta_frame');

2
pandora_console/operation/agentes/custom_fields.php
View File

@ -29,7 +29,7 @@ if ($id_agente === -1) {
return;
}
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR")) {
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
db_pandora_audit("ACL Violation",
"Trying to access Agent General Information");
require_once ("general/noaccess.php");

18
pandora_console/operation/agentes/estado_agente.php
View File

@ -26,7 +26,7 @@ enterprise_include_once('include/functions_config_agents.php');
check_login ();
if (! check_acl ($config['id_user'], 0, "AR")) {
if (! check_acl ($config['id_user'], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
db_pandora_audit("ACL Violation", "Trying to access agent main list view");
require ("general/noaccess.php");
@ -120,6 +120,9 @@ $recursion = get_parameter('recursion', 0);
$status = (int) get_parameter ('status', -1);
$strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']);
$agent_a = (bool) check_acl ($config['id_user'], 0, "AR");
$agent_w = (bool) check_acl ($config['id_user'], 0, "AW");
$access = ($agent_a === true) ? 'AR' : (($agent_w === true) ? 'AW' : 'AR');
$onheader = array();
@ -163,8 +166,9 @@ echo '<tr><td style="white-space:nowrap;">';
echo __('Group') . '&nbsp;';
$groups = users_get_groups ();
html_print_select_groups(false, "AR", true, 'group_id', $group_id, 'this.form.submit()', '', '', false, false, true, '', false, 'width:150px');
$groups = users_get_groups (false, $access);
html_print_select_groups(false, $access, true, 'group_id', $group_id, 'this.form.submit()', '', '', false, false, true, '', false, 'width:150px');
echo '</td><td style="white-space:nowrap;">';
@ -371,7 +375,7 @@ if ($group_id > 0) {
}
else {
$groups = array();
$user_groups = users_get_groups($config["id_user"], "AR");
$user_groups = users_get_groups($config["id_user"], $access);
$groups = array_keys($user_groups);
}
@ -403,7 +407,7 @@ if ($strict_user) {
$fields = array ('tagente.id_agente','tagente.id_grupo','tagente.id_os','tagente.ultimo_contacto','tagente.intervalo','tagente.comentarios description','tagente.quiet',
'tagente.normal_count','tagente.warning_count','tagente.critical_count','tagente.unknown_count','tagente.notinit_count','tagente.total_count','tagente.fired_count');
$acltags = tags_get_user_module_and_tags ($config['id_user'], 'AR', $strict_user);
$acltags = tags_get_user_module_and_tags ($config['id_user'], $access, $strict_user);
$total_agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $count_filter, $fields, false, $strict_user, true);
$total_agents = count($total_agents);
@ -417,7 +421,7 @@ else {
'id_grupo' => $groups,
'search' => $search_sql,
'status' => $status),
array ('COUNT(*) as total'), 'AR', false);
array ('COUNT(*) as total'), $access, false);
$total_agents = isset ($total_agents[0]['total']) ?
$total_agents[0]['total'] : 0;
@ -444,7 +448,7 @@ else {
'notinit_count',
'total_count',
'fired_count'),
'AR',
$access,
$order);
}

2
pandora_console/operation/agentes/estado_generalagente.php
View File

@ -53,7 +53,7 @@ if ($is_extra === ENTERPRISE_NOT_HOOK) {
$is_extra = false;
}
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && !$is_extra) {
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config["id_user"], $agent["id_grupo"], "AW") && !$is_extra) {
db_pandora_audit("ACL Violation",
"Trying to access Agent General Information");
require_once ("general/noaccess.php");

5
pandora_console/operation/agentes/estado_monitores.php
View File

@ -442,11 +442,10 @@ function print_form_filter_monitors($id_agent, $status_filter_monitor = -1,
$table->data[0][3] = html_print_input_text('status_text_monitor', $status_text_monitor, '', 30, 100, true);
$table->data[0][4] = __('Module group');
$rows = db_get_all_rows_sql("SELECT *
FROM tmodule_group where id_mg in (SELECT id_module_group from tagente_modulo where id_agente = $id_agent ) ORDER BY name");
$rows = db_get_all_rows_sql("SELECT * FROM tmodule_group where id_mg in (SELECT id_module_group from tagente_modulo where id_agente = $id_agent ) ORDER BY name");
$rows_select[-1] = __('All');
if (!empty($rows)) {
$rows_select[-1] = __('All');
foreach ($rows as $module_group)
$rows_select[$module_group['id_mg']] = __($module_group['name']);
}

2
pandora_console/operation/agentes/gis_view.php
View File

@ -18,7 +18,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "AR") && ! is_user_admin ($config['id_user'])) {
if (! check_acl ($config['id_user'], 0, "MR") && ! check_acl ($config['id_user'], 0, "MW") && ! check_acl ($config['id_user'], 0, "MM") && ! is_user_admin ($config['id_user'])) {
db_pandora_audit("ACL Violation", "Trying to access GIS Agent view");
require ("general/noaccess.php");
return;

2
pandora_console/operation/agentes/graphs.php
View File

@ -19,7 +19,7 @@ global $config;
require_once ("include/functions_agents.php");
require_once ("include/functions_custom_graphs.php");
if (! check_acl ($config['id_user'], $id_grupo, "AR")) {
if (! check_acl ($config['id_user'], $id_grupo, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
db_pandora_audit("ACL Violation",
"Trying to access (read) to agent ".agents_get_name($id_agente));
include ("general/noaccess.php");

9
pandora_console/operation/agentes/group_view.php
View File

@ -21,7 +21,10 @@ require_once ("include/functions_groupview.php");
check_login ();
// ACL Check
if (! check_acl ($config['id_user'], 0, "AR")) {
$agent_a = check_acl ($config['id_user'], 0, "AR");
$agent_w = check_acl ($config['id_user'], 0, "AW");
if (!$agent_a && !$agent_w) {
db_pandora_audit("ACL Violation",
"Trying to access Agent view (Grouped)");
require ("general/noaccess.php");
@ -67,7 +70,7 @@ ui_print_page_header (__("Group view"), "images/group.png", false, "", false, $u
$strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']);
$all_data = groupview_status_modules_agents ($config['id_user'], $strict_user, 'AR', $strict_user);
$all_data = groupview_status_modules_agents ($config['id_user'], $strict_user, ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR'), $strict_user);
$total_agentes = 0;
$monitor_ok = 0;
@ -130,7 +133,7 @@ echo "</table>";
//Groups and tags
$result_groups = groupview_get_groups_list($config['id_user'], $strict_user,
'AR', true, true);
($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR'), true, true);
$count = count($result_groups);

3
pandora_console/operation/agentes/status_monitor.php
View File

@ -20,7 +20,8 @@ global $config;
check_login();
if (! check_acl ($config['id_user'], 0, 'AR')
&& ! check_acl ($config['id_user'], 0, 'AW')) {
&& ! check_acl ($config['id_user'], 0, 'AW') &&
! check_acl ($config['id_user'], 0, 'AM')) {
db_pandora_audit('ACL Violation',
'Trying to access Agent Management');
require ('general/noaccess.php');

4
pandora_console/operation/agentes/tactical.php
View File

@ -25,7 +25,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
check_login ();
if (! check_acl ($config['id_user'], 0, "AR")) {
if (! check_acl ($config['id_user'], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
db_pandora_audit("ACL Violation",
"Trying to access Agent view (Grouped)");
require ("general/noaccess.php");
@ -182,7 +182,7 @@ echo '<td style="vertical-align: top; width: 75%; padding-top: 0px;" id="rightco
// Last events information
// ---------------------------------------------------------------------
$acltags = tags_get_user_module_and_tags ($config['id_user'], $access = 'ER', $user_strict);
$acltags = tags_get_user_module_and_tags ($config['id_user'], 'ER', $user_strict);
if (!empty($acltags)) {
$tags_condition = tags_get_acl_tags_event_condition($acltags, false, $user_strict);

6
pandora_console/operation/agentes/ver_agente.php
View File

@ -744,7 +744,9 @@ $id_agente = (int) get_parameter ("id_agente", 0);
if (empty ($id_agente)) {
return;
}
$agent_a = check_acl ($config['id_user'], 0, "AR");
$agent_w = check_acl ($config['id_user'], 0, "AW");
$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
$agent = db_get_row ('tagente', 'id_agente', $id_agente);
// get group for this id_agente
$id_grupo = $agent['id_grupo'];
@ -755,7 +757,7 @@ if ($is_extra === ENTERPRISE_NOT_HOOK) {
$is_extra = false;
}
if (! check_acl ($config['id_user'], $id_grupo, "AR", $id_agente) && !$is_extra) {
if (! check_acl ($config['id_user'], $id_grupo, "AR", $id_agente) && ! check_acl ($config['id_user'], $id_grupo, "AW", $id_agente) && !$is_extra) {
db_pandora_audit("ACL Violation",
"Trying to access (read) to agent ".agents_get_name($id_agente));
include ("general/noaccess.php");

2
pandora_console/operation/events/event_statistics.php
View File

@ -23,7 +23,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
check_login ();
if (! check_acl ($config['id_user'], 0, "ER")) {
if (! check_acl ($config['id_user'], 0, "ER") && ! check_acl ($config['id_user'], 0, "EW") && ! check_acl ($config['id_user'], 0, "EM")) {
db_pandora_audit("ACL Violation","Trying to access event viewer");
require ("general/noaccess.php");
return;

20
pandora_console/operation/events/events.build_query.php
View File

@ -13,7 +13,13 @@
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
$groups = users_get_groups($id_user, 'ER');
if (check_acl ($id_user, 0, "ER"))
$groups = users_get_groups($id_user, 'ER');
elseif (check_acl ($id_user, 0, "EW"))
$groups = users_get_groups($id_user, 'EW');
elseif (check_acl ($id_user, 0, "EM"))
$groups = users_get_groups($id_user, 'EM');
$propagate = db_get_value('propagate','tgrupo','id_grupo',$id_group);
@ -217,9 +223,15 @@ if ($id_group > 0 && in_array ($id_group, array_keys ($groups))) {
else {
$group_array = array_keys($groups);
}
$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'ER',
'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"
if (check_acl ($id_user, 0, "ER"))
$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'ER',
'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"
elseif (check_acl ($id_user, 0, "EW"))
$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'EW',
'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"
elseif (check_acl ($id_user, 0, "EM"))
$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'EM',
'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"
if (($tags_acls_condition != ERR_WRONG_PARAMETERS) && ($tags_acls_condition != ERR_ACL)&& ($tags_acls_condition != -110000)) {
$sql_post .= $tags_acls_condition;

4
pandora_console/operation/events/events.php
View File

@ -27,7 +27,7 @@ check_login ();
if (! check_acl ($config["id_user"], 0, "ER")) {
if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW") && ! check_acl ($config["id_user"], 0, "EM")) {
db_pandora_audit("ACL Violation",
"Trying to access event viewer");
require ("general/noaccess.php");
@ -349,7 +349,7 @@ if ($config["pure"] == 0 || $meta) {
$sound_event['text'] = '<a href="javascript: openSoundEventWindow();">' . html_print_image('images/sound.png', true, array('title' => __('Sound events'))) . '</a>';
// If the user has administrator permission display manage tab
if (check_acl ($config["id_user"], 0, "EW")) {
if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0, "EM")) {
// Manage events
$manage_events['active'] = false;
$manage_events['text'] = '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=filter&amp;pure='.$config['pure'].'">' .

44
pandora_console/operation/events/events_list.php
View File

@ -28,7 +28,12 @@ require_once ($config["homedir"] . "/include/functions_tags.php");
check_login ();
if (! check_acl ($config["id_user"], 0, "ER")) {
$event_a = check_acl ($config['id_user'], 0, "ER");
$event_w = check_acl ($config['id_user'], 0, "EW");
$event_m = check_acl ($config['id_user'], 0, "EM");
$access = ($event_a == true) ? 'ER' : (($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'ER'));
if (!$event_a && !$event_w && !$event_m) {
db_pandora_audit("ACL Violation",
"Trying to access event viewer");
require ("general/noaccess.php");
@ -144,7 +149,7 @@ if (is_ajax()) {
$strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']);
// Get the tags where the user have permissions in Events reading tasks
$tags = tags_get_user_tags($config['id_user'], 'ER');
$tags = tags_get_user_tags($config['id_user'], $access);
if ($id_agent == 0 && !empty($text_agent)) {
@ -196,14 +201,13 @@ if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0,
$table->cellspacing = 4;
$table->cellpadding = 4;
$table->class = 'databox';
if (defined('METACONSOLE')) {
$table->width = '100%';
if (is_metaconsole()) {
$table->class = 'databox filters';
$table->cellspacing = 0;
$table->cellpadding = 0;
}
$table->styleTable = 'font-weight: bold; text-align:left;';
if (!defined("METACONSOLE"))
if (!is_metaconsole())
$table->style[0] = 'width: 50%; width:50%;';
$data = array();
@ -217,12 +221,12 @@ if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0,
$table->rowid[1] = 'save_filter_row1';
$data[0] = __('Filter name') . $jump;
$data[0] .= html_print_input_text ('id_name', '', '', 15, 255, true);
if(defined('METACONSOLE'))
if(is_metaconsole())
$data[1] = __('Save in Group') . $jump;
else
$data[1] = __('Filter group') . $jump;
# Fix : Only admin users can see group ALL
$data[1] .= html_print_select_groups($config['id_user'], "ER", users_can_manage_group_all(), "id_group_filter",
$data[1] .= html_print_select_groups($config['id_user'], $access, users_can_manage_group_all(), "id_group_filter",
$id_group_filter, '', '', 0, true, false, false, 'w130', false, '', false, false, 'id_grupo', $strict_user);
$table->data[] = $data;
$table->rowclass[] = '';
@ -260,15 +264,14 @@ $table->width = '100%';
$table->cellspacing = 4;
$table->cellpadding = 4;
$table->class = 'databox';
if (defined('METACONSOLE')) {
$table->width = '100%';
if (is_metaconsole()) {
$table->cellspacing = 0;
$table->cellpadding = 0;
$table->class = 'databox filters';
}
$table->styleTable = 'font-weight: bold; color: #555; text-align:left;';
if (!defined("METACONSOLE"))
if (!is_metaconsole())
$table->style[0] = 'width: 50%; width:50%;';
$data = array();
$table->rowid[3] = 'update_filter_row1';
@ -316,11 +319,9 @@ $tabletags_with->cellpadding = 4;
$tabletags_with->class = 'noshadow';
$tabletags_with->styleTable = 'border: 0px;';
if (defined('METACONSOLE')) {
$tabletags_with->width = '100%';
$tabletags_with->class = 'nobady';
$tabletags_with->cellspacing = 0;
$tabletags_with->cellpadding = 0;
$tabletags_with->styleTable = 'border: 0px;';
}
@ -347,7 +348,6 @@ $tabletags_without->cellspacing = 4;
$tabletags_without->cellpadding = 4;
$tabletags_without->class = 'noshadow';
if (defined('METACONSOLE')) {
$tabletags_without->width = '100%';
$tabletags_without->class = 'nobady';
$tabletags_without->cellspacing = 0;
$tabletags_without->cellpadding = 0;
@ -370,7 +370,7 @@ $tabletags_without->rowclass[] = '';
// EVENTS FILTER
// Table for filter controls
if (defined('METACONSOLE')) {
if (is_metaconsole()) {
$events_filter = '<form id="form_filter" class="filters_form" method="post" action="index.php?sec=eventos&amp;sec2=operation/events/events&amp;refr='.
(int)get_parameter("refr", 0) .'&amp;pure='.$config["pure"].'&amp;section=' . $section . '&amp;history='.(int)$history.'">';
}
@ -431,8 +431,9 @@ $data[0] = __('User ack.') . $jump;
if ($strict_user) {
$user_users = array($config['id_user']=>$config['id_user']);
} else {
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
}
else {
$user_users = users_get_user_users($config['id_user'], $access, users_can_manage_group_all());
}
$data[0] .= html_print_select($user_users, "id_user_ack", $id_user_ack, '',
@ -472,7 +473,7 @@ $table_advanced->rowclass[] = '';
$data = array();
$data[0] = __('Date from') . $jump;
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
//~ $user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
$data[0] .= html_print_input_text ('date_from', $date_from, '', 15, 10, true);
@ -542,9 +543,8 @@ $table->data = array();
$data = array();
$data[0] = __('Group') . $jump;
$data[0] .= html_print_select_groups($config["id_user"], "ER", true,
$data[0] .= html_print_select_groups($config["id_user"], $access, true,
'id_group', $id_group, '', '', 0, true, false, false, 'w130', false, false, false, false, 'id_grupo', $strict_user). $jump;
//**********************************************************************
// TODO
// This code is disabled for to enabled in Pandora 5.1
@ -596,7 +596,7 @@ $table->rowclass[] = '';
$data = array();
$data[0] = '<div style="width:100%; text-align:left">';
if (check_acl ($config["id_user"], 0, "EW")) {
if ($event_w || $event_m) {
$data[0] .= '<a href="javascript:" onclick="show_save_filter_dialog();">' .
html_print_image("images/disk.png", true, array("border" => '0', "title" => __('Save filter'), "alt" => __('Save filter'))) . '</a> &nbsp;';
}
@ -638,7 +638,7 @@ $events_filter .= $botom_update;
$events_filter .= "</form>"; //This is the filter div
if (defined('METACONSOLE'))
if (is_metaconsole())
ui_toggle($events_filter, __("Show Options"));
else
ui_toggle($events_filter, __('Event control filter'), '', !$open_filter);
@ -796,7 +796,7 @@ if (!empty($result)) {
if (!empty($result)) {
//~ Checking the event tags exactly. The event query filters approximated tags to keep events
//~ with several tags
$acltags = tags_get_user_module_and_tags ($config['id_user'],'ER', true);
$acltags = tags_get_user_module_and_tags ($config['id_user'], $access, true);
foreach ($result as $key=>$event_data) {
$has_tags = events_checks_event_tags($event_data, $acltags);

8
pandora_console/operation/events/events_marquee.php
View File

@ -40,6 +40,11 @@ $config["id_user"] = $_SESSION["id_usuario"];
// Session locking concurrency speedup!
check_login ();
$event_a = check_acl ($config['id_user'], 0, "ER");
$event_w = check_acl ($config['id_user'], 0, "EW");
$event_m = check_acl ($config['id_user'], 0, "EM");
$access = ($event_a == true) ? 'ER' : (($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'ER'));
if (!isInACL($_SERVER['REMOTE_ADDR'])) {
db_pandora_audit("ACL Violation",
"Trying to access marquee without ACL Access");
@ -47,7 +52,8 @@ if (!isInACL($_SERVER['REMOTE_ADDR'])) {
exit;
}
$groups = users_get_groups ($config["id_user"], "ER");
$groups = users_get_groups ($config["id_user"], $access);
//Otherwise select all groups the user has rights to.
if (!empty($groups)) {
$sql_group_filter = " AND id_grupo IN (".implode (",", array_keys ($groups)).")";

5
pandora_console/operation/events/export_csv.php
View File

@ -27,7 +27,7 @@ session_write_close ();
$config["id_user"] = $_SESSION["id_usuario"];
if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW")) {
if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW") && ! check_acl ($config["id_user"], 0, "EM")) {
exit;
}
@ -105,7 +105,8 @@ echo chr (13);
$new = true;
while ($event = db_get_all_row_by_steps_sql($new, $result, $sql)) {
$new = false;
if (!check_acl($config["id_user"], $event["id_grupo"], "ER") ||
if ((!check_acl($config["id_user"], $event["id_grupo"], "ER") &&
!check_acl($config["id_user"], $event["id_grupo"], "EW") && !check_acl($config["id_user"], $event["id_grupo"], "EM") ) ||
(!check_acl($config["id_user"], 0, "PM") && $event["event_type"] == 'system'))
continue;

9
pandora_console/operation/events/sound_events.php
View File

@ -32,7 +32,12 @@ global $config;
check_login ();
$config["id_user"] = $_SESSION["id_usuario"];
if (! check_acl ($config['id_user'], 0, "ER")) {
$event_a = check_acl ($config['id_user'], 0, "ER");
$event_w = check_acl ($config['id_user'], 0, "EW");
$event_m = check_acl ($config['id_user'], 0, "EM");
$access = ($event_a == true) ? 'ER' : (($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'ER'));
if (! check_acl ($config['id_user'], 0, "ER") && ! check_acl ($config['id_user'], 0, "EW") && ! check_acl ($config['id_user'], 0, "EM")) {
db_pandora_audit("ACL Violation","Trying to access event viewer");
require ("general/noaccess.php");
@ -69,7 +74,7 @@ $table->size[1] = '90%';
$table->style[0] = 'font-weight: bold; vertical-align: top;';
$table->data[0][0] = __('Group');
$table->data[0][1] = html_print_select_groups(false, "ER", true, 'group', '', 'changeGroup();', '', 0, true);
$table->data[0][1] = html_print_select_groups(false, $access, true, 'group', '', 'changeGroup();', '', 0, true);
$table->data[1][0] = __('Type');
$table->data[1][1] = html_print_checkbox('alert_fired', 'alert_fired', true, true, false, 'changeType();') . __('Alert fired') . '<br />' .
html_print_checkbox('critical', 'critical', true, true, false, 'changeType();') . __('Monitor critical') . '<br />' .

8
pandora_console/operation/gis_maps/gis_map.php
View File

@ -32,13 +32,13 @@ ui_print_page_header(__('GIS Maps'), "images/op_gis.png", false,
"configure_gis_map", false, $buttons);
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "MM"))
$display_default_column = true;
else
$display_default_column = false;
$edit_gis_maps = false;
if (check_acl ($config['id_user'], 0, "IW")) {
if (check_acl ($config['id_user'], 0, "MW") || check_acl ($config['id_user'], 0, "MM")) {
$edit_gis_maps = true;
}
@ -128,7 +128,9 @@ $iterator = 0;
if ($maps !== false) {
foreach ($maps as $map) {
if (!check_acl ($config["id_user"], $map["group_id"], "IR", 0, true)) {
if (!check_acl ($config["id_user"], $map["group_id"], "MR") &&
!check_acl ($config["id_user"], $map["group_id"], "MW") &&
!check_acl ($config["id_user"], $map["group_id"], "MM")) {
continue;
}

6
pandora_console/operation/gis_maps/render_view.php
View File

@ -29,7 +29,7 @@ $show_history = get_parameter ('show_history', 'n');
$map = db_get_row ('tgis_map', 'id_tgis_map', $idMap);
$confMap = gis_get_map_conf($idMap);
if (! check_acl ($config['id_user'], $map['group_id'], "IR")) {
if (! check_acl ($config['id_user'], $map['group_id'], "MR") && ! check_acl ($config['id_user'], $map['group_id'], "MW") && ! check_acl ($config['id_user'], $map['group_id'], "MM")) {
db_pandora_audit("ACL Violation", "Trying to access map builder");
require ("general/noaccess.php");
return;
@ -103,7 +103,7 @@ else {
html_print_image ("images/normalscreen.png", true, array ("title" => __('Back to normal mode'))) . "</a>";
}
if (check_acl ($config["id_user"], $map['group_id'], "IW")) {
if (check_acl ($config["id_user"], $map['group_id'], "MW") || check_acl ($config["id_user"], $map['group_id'], "MM")) {
$buttons['setup']['text'] = '<a href="index.php?sec=godgismaps&sec2=godmode/gis_maps/configure_gis_map&action=edit_map&map_id='. $idMap.'">'.html_print_image ("images/setup.png", true, array ("title" => __('Setup'))).'</a>';
$buttons['setup']['godmode'] = 1;
@ -146,7 +146,7 @@ ui_print_page_header(__('Map') . " &raquo; " . __('Map') . "&nbsp;" . $map['map_
"images/op_gis.png", false, "", false, $buttons);
if ($config["pure"] == 0) {
echo "<div id='map' style='width: 99%; height: 500px; border: 1px solid black;' ></div>";
echo "<div id='map' style='width: 100%; height: 500px; border: 1px solid black;' ></div>";
}
else {
echo "<div id='map' style='position:absolute; top:40px; z-index:100; width: 100%; height: 500px; min-height:500px; border: 1px solid black;' ></div>";

7
pandora_console/operation/incidents/incident.php
View File

@ -18,7 +18,12 @@ require_once ("include/functions_incidents.php");
check_login ();
if (! check_acl ($config['id_user'], 0, "IR")) {
$incident_r = check_acl ($config['id_user'], 0, "IR");
$incident_w = check_acl ($config['id_user'], 0, "IW");
$incident_m = check_acl ($config['id_user'], 0, "IM");
$access = ($incident_r == true) ? 'IR' : (($incident_w == true) ? 'IW' : (($incident_m == true) ? 'IM' : 'IR'));
if (!$incident_r && !$incident_w && !$incident_m) {
db_pandora_audit("ACL Violation","Trying to access incident viewer");
require ("general/noaccess.php");
exit;

2
pandora_console/operation/incidents/incident_detail.php
View File

@ -21,7 +21,7 @@ require_once ("include/functions_events.php"); //To get events group information
check_login ();
if (! check_acl ($config["id_user"], 0, "IR")) {
if (! check_acl ($config["id_user"], 0, "IR") && ! check_acl ($config["id_user"], 0, "IW") && ! check_acl ($config["id_user"], 0, "IM")) {
// Doesn't have access to this page
db_pandora_audit("ACL Violation", "Trying to access incident details");
require ("general/noaccess.php");

2
pandora_console/operation/incidents/incident_statistics.php
View File

@ -21,7 +21,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
check_login ();
if (! check_acl ($config['id_user'], 0, "IR") == 1) {
if (! check_acl ($config['id_user'], 0, "IR") && ! check_acl ($config['id_user'], 0, "IW") && ! check_acl ($config['id_user'], 0, "IM")) {
db_pandora_audit("ACL Violation", "Trying to access Incident section");
require ("general/noaccess.php");
exit;

108
pandora_console/operation/menu.php
View File

@ -75,43 +75,44 @@ if (check_acl ($config['id_user'], 0, "AR")) {
if ($config['log_collector'] == 1) {
enterprise_hook ('log_collector_menu');
}
//SNMP Console
//End of view agents
}
//SNMP Console
$sub2 = array();
if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "AW") ) {
$sub2["operation/snmpconsole/snmp_view"]["text"] = __("SNMP console");
$sub2["operation/snmpconsole/snmp_browser"]["text"] = __("SNMP browser");
enterprise_hook ('snmpconsole_submenu');
}
if (check_acl ($config['id_user'], 0, "PM"))
$sub2["operation/snmpconsole/snmp_mib_uploader"]["text"] = __("MIB uploader");
if (check_acl ($config['id_user'], 0, "LW") || check_acl ($config['id_user'], 0, "LM")) {
$sub2["godmode/snmpconsole/snmp_filters"]["text"] = __("SNMP filters");
$sub2["godmode/snmpconsole/snmp_trap_generator"]["text"] = __("SNMP trap generator");
}
if (!empty($sub2)) {
$sub["snmpconsole"]["sub2"] = $sub2;
$sub["snmpconsole"]["text"] = __('SNMP');
$sub["snmpconsole"]["id"] = 'SNMP';
$sub["snmpconsole"]["refr"] = 0;
$sub["snmpconsole"]["type"] = "direct";
$sub["snmpconsole"]["subtype"] = "nolink";
$sub2 = array();
$sub2["operation/snmpconsole/snmp_view"]["text"] = __("SNMP console");
$sub2["operation/snmpconsole/snmp_browser"]["text"] = __("SNMP browser");
if (check_acl ($config['id_user'], 0, "PM"))
$sub2["operation/snmpconsole/snmp_mib_uploader"]["text"] = __("MIB uploader");
if (check_acl ($config['id_user'], 0, "LW")) {
$sub2["godmode/snmpconsole/snmp_filters"]["text"] = __("SNMP filters");
$sub2["godmode/snmpconsole/snmp_trap_generator"]["text"] = __("SNMP trap generator");
}
enterprise_hook ('snmpconsole_submenu');
$sub["snmpconsole"]["sub2"] = $sub2;
}
if (!empty($sub)) {
$menu_operation["estado"]["text"] = __('Monitoring');
$menu_operation["estado"]["sec2"] = "operation/agentes/tactical";
$menu_operation["estado"]["refr"] = 0;
$menu_operation["estado"]["id"] = "oper-agents";
$menu_operation["estado"]["sub"] = $sub;
//End of view agents
}
if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "MR")) {
//Start network view
$menu_operation["network"]["text"] = __('Topology maps');
$menu_operation["network"]["sec2"] = "operation/agentes/networkmap_list";
$menu_operation["network"]["refr"] = 0;
$menu_operation["network"]["id"] = "oper-networkconsole";
$sub = array();
}
if (check_acl ($config['id_user'], 0, "MR")) {
//Start network view
$sub = array();
if (check_acl ($config['id_user'], 0, "MR") || check_acl ($config['id_user'], 0, "MW") || check_acl ($config['id_user'], 0, "MM")) {
$sub["operation/agentes/networkmap_list"]["text"] = __('Network map');
$sub["operation/agentes/networkmap_list"]["id"] = 'Network map';
$sub["operation/agentes/networkmap_list"]["refr"] = 0;
@ -133,7 +134,7 @@ enterprise_hook ('networkmap_console');
enterprise_hook ('services_menu');
if (check_acl ($config['id_user'], 0, "VR")) {
if (check_acl ($config['id_user'], 0, "VR") || check_acl ($config['id_user'], 0, "VW") || check_acl ($config['id_user'], 0, "VM")) {
//Visual console
$sub["godmode/reporting/map_builder"]["text"] = __('Visual console');
$sub["godmode/reporting/map_builder"]["id"] = 'Visual console';
@ -155,7 +156,7 @@ if (check_acl ($config['id_user'], 0, "VR")) {
$firstLetterNameVisualToShow = array('_', ',', '[', '(');
foreach ($layouts as $layout) {
if (! check_acl ($config["id_user"], $layout["id_group"], "AR")) {
if (!check_acl ($config['id_user'], 0, "VR") && ! check_acl ($config['id_user'], 0, "VW") && ! check_acl ($config['id_user'], 0, "VM")) {
continue;
}
$name = io_safe_output($layout['name']);
@ -185,9 +186,11 @@ if (check_acl ($config['id_user'], 0, "VR")) {
if (!empty($sub2))
$sub["godmode/reporting/map_builder"]["sub2"] = $sub2;
}
}
// Agent read, Server read
if (check_acl ($config['id_user'], 0, "AR")) {
}
if (check_acl ($config['id_user'], 0, "MR") || check_acl ($config['id_user'], 0, "MW") || check_acl ($config['id_user'], 0, "MM")) {
//INI GIS Maps
if ($config['activate_gis']) {
$sub["gismaps"]["text"] = __('GIS Maps');
@ -225,15 +228,20 @@ if (check_acl ($config['id_user'], 0, "AR")) {
$sub["gismaps"]["sub2"] = $sub2;
}
//END GIS Maps
//END GIS Maps
}
if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "MR"))
if (!empty($sub)) {
$menu_operation["network"]["text"] = __('Topology maps');
$menu_operation["network"]["sec2"] = "operation/agentes/networkmap_list";
$menu_operation["network"]["refr"] = 0;
$menu_operation["network"]["id"] = "oper-networkconsole";
$menu_operation["network"]["sub"] = $sub;
}
//End networkview
// Reports read
if (check_acl ($config['id_user'], 0, "RR")) {
if (check_acl ($config['id_user'], 0, "RR") || check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
// Reporting
$menu_operation["reporting"]["text"] = __('Reporting');
$menu_operation["reporting"]["sec2"] = "godmode/reporting/reporting_builder";
@ -281,15 +289,21 @@ if (check_acl ($config['id_user'], 0, "ER")
$sub["operation/events/event_statistics"]["text"] = __('Statistics');
$sub["operation/events/event_statistics"]["id"] = 'Statistics';
//RSS
//If ip doesn't is in list of allowed IP, isn't show this options
include_once ('include/functions_api.php');
if (isInACL($_SERVER['REMOTE_ADDR'])) {
$pss = get_user_info($config['id_user']);
$hashup = md5($config['id_user'].$pss['password']);
//RSS
$sub["operation/events/events_rss.php?user=".$config['id_user']."&amp;hashup=".$hashup."&search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["text"] = __('RSS');
$sub["operation/events/events_rss.php?user=".$config['id_user']."&amp;hashup=".$hashup."&search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["id"] = 'RSS';
$sub["operation/events/events_rss.php?user=".$config['id_user']."&amp;hashup=".$hashup."&search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["type"] = "direct";
//Marquee
$sub["operation/events/events_marquee.php"]["text"] = __('Marquee');
$sub["operation/events/events_marquee.php"]["id"] = 'Marquee';
$sub["operation/events/events_marquee.php"]["type"] = "direct";
}
//CSV
@ -297,11 +311,6 @@ if (check_acl ($config['id_user'], 0, "ER")
$sub["operation/events/export_csv.php?search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["id"] = 'CSV File';
$sub["operation/events/export_csv.php?search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["type"] = "direct";
//Marquee
$sub["operation/events/events_marquee.php"]["text"] = __('Marquee');
$sub["operation/events/events_marquee.php"]["id"] = 'Marquee';
$sub["operation/events/events_marquee.php"]["type"] = "direct";
//Sound Events
$javascript = "javascript: window.open('operation/events/sound_events.php');";
$javascript = 'javascript: alert(111);';
@ -319,7 +328,7 @@ if (check_acl ($config['id_user'], 0, "ER")
window.open(url,
'<?php __('Sound Alerts'); ?>',
'width=475, height=275, resizable=yes, toolbar=no, location=no, directories=no, status=no, menubar=no');
'width=400, height=350, resizable=yes, toolbar=no, location=no, directories=no, status=no, menubar=no');
}
</script>
<?php
@ -347,7 +356,9 @@ $sub["operation/users/webchat"]["refr"] = 0;
//Incidents
if (check_acl ($config['id_user'], 0, "IR")) {
if (check_acl ($config['id_user'], 0, "IR")
|| check_acl ($config['id_user'], 0, "IW")
|| check_acl ($config['id_user'], 0, "IM")) {
$temp_sec2 = $sec2;
if($config['integria_enabled']) {
$sec2 = "incident";
@ -399,22 +410,21 @@ $menu_operation["workspace"]["sub"] = $sub;
// Extensions menu additions
if (is_array ($config['extensions'])) {
$sub = array ();
$sub2 = array ();
if (check_acl ($config['id_user'], 0, "RR")) {
if (check_acl ($config['id_user'], 0, "RR") || check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
$sub["operation/agentes/exportdata"]["text"] = __('Export data');
$sub["operation/agentes/exportdata"]["id"] = 'Export data';
$sub["operation/agentes/exportdata"]["subsecs"] = array("operation/agentes/exportdata");
}
if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "AD")) {
if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "AD") || check_acl ($config['id_user'], 0, "AW")) {
$sub["godmode/agentes/planned_downtime.list"]["text"] = __('Scheduled downtime');
$sub["godmode/agentes/planned_downtime.list"]["id"] = 'Scheduled downtime';
}
if (check_acl ($config['id_user'], 0, "PM")) {
if (check_acl ($config['id_user'], 0, "AW")) {
$sub["operation/servers/recon_view"]["text"] = __('Recon view');
$sub["operation/servers/recon_view"]["id"] = 'Recon view';
$sub["operation/servers/recon_view"]["refr"] = 0;

2
pandora_console/operation/netflow/nf_live_view.php
View File

@ -24,7 +24,7 @@ ui_require_javascript_file ('calendar');
// ACL
check_login ();
if (! check_acl ($config["id_user"], 0, "AR")) {
if (! check_acl ($config["id_user"], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
db_pandora_audit("ACL Violation",
"Trying to access event viewer");
require ("general/noaccess.php");

8
pandora_console/operation/snmpconsole/snmp_view.php
View File

@ -22,8 +22,10 @@ require_once("include/functions_agents.php");
require_once("include/functions_snmp.php");
check_login ();
if (! check_acl ($config['id_user'], 0, "AR")) {
$agent_a = check_acl ($config['id_user'], 0, "AR");
$agent_w = check_acl ($config['id_user'], 0, "AW");
$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
if (!$agent_a && !$agent_w) {
db_pandora_audit("ACL Violation",
"Trying to access SNMP Console");
require ("general/noaccess.php");
@ -41,7 +43,7 @@ $trap_type = (int) get_parameter ('trap_type', -1);
$group_by = (int)get_parameter('group_by', 0);
$refr = (int)get_parameter("refr", 0);
$user_groups = users_get_groups ($config['id_user'], "AR", false);
$user_groups = users_get_groups ($config['id_user'], $access, false);
$str_user_groups = '';
$i = 0;

2
pandora_console/operation/visual_console/render_view.php
View File

@ -80,7 +80,7 @@ $vconsole_read = check_acl ($config["id_user"], $id_group, "VR");
$vconsole_write = check_acl ($config["id_user"], $id_group, "VW");
$vconsole_manage = check_acl ($config["id_user"], $id_group, "VM");
if (! $vconsole_read) {
if (! $vconsole_read && !$vconsole_write && !$vconsole_manage) {
db_pandora_audit("ACL Violation",
"Trying to access visual console without group access");
require ("general/noaccess.php");