Merge branch 'develop' of https://192.168.50.5:8081/artica/pandorafms into develop

2016-09-08 16:25:24 +02:00 · 2016-09-08 16:25:24 +02:00 · 4fc8cac7fb
parent 39c2cb3bad 581d3835db
commit 4fc8cac7fb
55 changed files with 481 additions and 370 deletions
--- a/pandora_console/godmode/agentes/planned_downtime.editor.php
+++ b/pandora_console/godmode/agentes/planned_downtime.editor.php
@ -17,8 +17,10 @@ global $config;
 check_login();
-
+$agent_d = check_acl ($config['id_user'], 0, "AD");
-if (! check_acl ($config['id_user'], 0, "AD")) {
+$agent_w = check_acl ($config['id_user'], 0, "AW");
 $access = ($agent_d == true) ? 'AD' : (($agent_w == true) ? 'AW' : 'AD');
 if (!$agent_d && !$agent_w) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access downtime scheduler");
 	require ("general/noaccess.php");
@ -82,8 +84,8 @@ $id_agent 				= (int) get_parameter ('id_agent');
 $insert_downtime_agent 	= (int) get_parameter ('insert_downtime_agent');
 $delete_downtime_agent 	= (int) get_parameter ('delete_downtime_agent');
-// User groups with AD permission for ACL checks
+// User groups with AD or AW permission for ACL checks
-$user_groups_ad = array_keys(users_get_groups($config['id_user'], 'AD'));
+$user_groups_ad = array_keys(users_get_groups($config['id_user'], $access));
 // INSERT A NEW DOWNTIME_AGENT ASSOCIATION
 if ($insert_downtime_agent === 1) {
@ -472,7 +474,7 @@ $table->data = array ();
 $table->data[0][0] = __('Name');
 $table->data[0][1] = html_print_input_text ('name', $name, '', 25, 40, true, $disabled_in_execution);
 $table->data[1][0] = __('Group');
-$table->data[1][1] = html_print_select_groups(false, "AD", true, 'id_group', $id_group, '', '', 0, true, false, true, '', $disabled_in_execution);
+$table->data[1][1] = html_print_select_groups(false, $access, true, 'id_group', $id_group, '', '', 0, true, false, true, '', $disabled_in_execution);
 $table->data[2][0] = __('Description');
 $table->data[2][1] = html_print_textarea ('description', 3, 35, $description, '', true);
@ -671,7 +673,7 @@ if ($id_downtime > 0) {
 	echo "<form method=post action='index.php?sec=estado&sec2=godmode/agentes/planned_downtime.editor&id_downtime=$id_downtime'>";
-	html_print_select_groups(false, "AD", true, 'filter_group', $filter_group, '', '', '', false, false, true, '', false, 'width:180px');
+	html_print_select_groups(false, $access, true, 'filter_group', $filter_group, '', '', '', false, false, true, '', false, 'width:180px');
 	echo "<br /><br />";
 	html_print_submit_button (__('Filter by group'), '', false, 'class="sub next"',false);
--- a/pandora_console/godmode/agentes/planned_downtime.list.php
+++ b/pandora_console/godmode/agentes/planned_downtime.list.php
@ -20,8 +20,10 @@ check_login();
 $read_permisson = check_acl ($config['id_user'], 0, "AR");
 $write_permisson = check_acl ($config['id_user'], 0, "AD");
 $manage_permisson = check_acl ($config['id_user'], 0, "AW");
 $access = ($read_permisson == true) ? 'AR' : (($write_permisson == true) ? 'AD' : (($manage_permisson == true) ? 'AW' : 'AR'));
-if (! $read_permisson) {
+if (! $read_permisson && !$manage_permisson) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access downtime scheduler");
 	require ("general/noaccess.php");
@ -64,7 +66,7 @@ if ($stop_downtime) {
 	$downtime = db_get_row('tplanned_downtime', 'id', $id_downtime);
 	// Check AD permission on the downtime
-	if (empty($downtime) || ! check_acl ($config['id_user'], $downtime['id_group'], "AD")) {
+	if (empty($downtime) || (! check_acl ($config['id_user'], $downtime['id_group'], "AD") && ! check_acl ($config['id_user'], $downtime['id_group'], "AW"))) {
 		db_pandora_audit("ACL Violation",
 			"Trying to access downtime scheduler");
 		require ("general/noaccess.php");
@ -87,7 +89,7 @@ if ($delete_downtime) {
 	$downtime = db_get_row('tplanned_downtime', 'id', $id_downtime);
 	// Check AD permission on the downtime
-	if (empty($downtime) || ! check_acl ($config['id_user'], $downtime['id_group'], "AD")) {
+	if (empty($downtime) || (! check_acl ($config['id_user'], $downtime['id_group'], "AD") && ! check_acl ($config['id_user'], $downtime['id_group'], "AW"))) {
 		db_pandora_audit("ACL Violation",
 			"Trying to access downtime scheduler");
 		require ("general/noaccess.php");
@ -180,7 +182,7 @@ $table_form->data[] = $row;
 // Useful to know if the user has done a form filtering
 $filter_performed = false;
-$groups = users_get_groups ();
+$groups = users_get_groups (false, $access);
 if (!empty($groups)) {
 	$where_values = "1=1";
@ -375,8 +377,8 @@ else {
 	ui_pagination($downtimes_number, "index.php?sec=estado&sec2=godmode/agentes/planned_downtime.list&$filter_params_str", $offset);
-	// User groups with AD permission
+	// User groups with AR, AD or AW permission
-	$groupsAD = users_get_groups($config['id_user'], 'AD');
+	$groupsAD = users_get_groups($config['id_user'], $access);
 	$groupsAD = array_keys($groupsAD);
 	// View available downtimes present in database (if any of them)
@ -394,7 +396,7 @@ else {
 	$table->head['configuration'] = __('Configuration');
 	$table->head['running'] = __('Running');
-	if ($write_permisson) {
+	if ($write_permisson || $manage_permisson) {
 		$table->head['stop'] = __('Stop downtime');
 		$table->head['edit'] = __('Edit');
 		$table->head['delete'] = __('Delete');
@ -404,7 +406,7 @@ else {
 	$table->align['group'] = "center";
 	$table->align['running'] = "center";
-	if ($write_permisson) {
+	if ($write_permisson || $manage_permisson) {
 		$table->align['stop'] = "center";
 		$table->align['edit'] = "center";
 		$table->align['delete'] = "center";
--- a/pandora_console/godmode/alerts/alert_list.list.php
+++ b/pandora_console/godmode/alerts/alert_list.list.php
@ -20,7 +20,9 @@ check_login ();
 /* Check if this page is included from a agent edition */
-if (! check_acl ($config['id_user'], 0, "LW") && ! check_acl ($config['id_user'], 0, "AD")) {
+if (! check_acl ($config['id_user'], 0, "LW") && 
 	! check_acl ($config['id_user'], 0, "AD") && 
 		! check_acl ($config['id_user'], 0, "LM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Alert Management");
 	require ("general/noaccess.php");
@ -88,7 +90,12 @@ $form_filter .= "</tr>";
 $all_groups = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
-$groups_user = users_get_groups($config['id_user'], 'AR', $all_groups);
+if (check_acl ($config['id_user'], 0, "AD"))
 	$groups_user = users_get_groups($config['id_user'], 'AD', $all_groups);
 elseif (check_acl ($config['id_user'], 0, "LW"))
 	$groups_user = users_get_groups($config['id_user'], 'LW', $all_groups);
 elseif (check_acl ($config['id_user'], 0, "LM"))
 	$groups_user = users_get_groups($config['id_user'], 'LM', $all_groups);
 if ($groups_user === false) {
 	$groups_user = array();
 }
@ -478,7 +485,7 @@ foreach ($simple_alerts as $alert) {
 		$data[1] .= html_print_image("images/zoom.png", true, array("id" => 'template-details-'.$alert['id_alert_template'], "class" => "img_help"));
 	$data[1] .= '</a> ';
-	if(check_acl ($config['id_user'], $template_group, "LW")) {
+	if(check_acl ($config['id_user'], $template_group, "LW") || check_acl ($config['id_user'], $template_group, "LM")) {
 		$data[1] .= "</a>";
 	}
@ -558,9 +565,12 @@ foreach ($simple_alerts as $alert) {
 	$data[2] .= '</div>';
 	$data[2] .= '</table>';
 	// Is possible manage actions if have LW permissions in the agent group of the alert module
-	if (check_acl ($config['id_user'], $agent_group, "LW")) {
+	if (check_acl ($config['id_user'], $agent_group, "LW") || check_acl ($config['id_user'], $template_group, "LM")) {
 		$own_info = get_user_info($config['id_user']);
 		if (check_acl ($config['id_user'], $template_group, "LW"))
 			$own_groups = users_get_groups($config['id_user'], 'LW', true);
 		elseif (check_acl ($config['id_user'], $template_group, "LM"))
 			$own_groups = users_get_groups($config['id_user'], 'LM', true);
 		$filter_groups = '';
 		$filter_groups = implode(',', array_keys($own_groups));
 		$actions = alerts_get_alert_actions_filter(true, 'id_group IN (' . $filter_groups . ')');
@ -723,7 +733,7 @@ if (isset($dont_display_alert_create_bttn))
 	if ($dont_display_alert_create_bttn)
 		$display_create = false;
-if ($display_create && check_acl ($config['id_user'], 0, "LW")) {
+if ($display_create && (check_acl ($config['id_user'], 0, "LW") || check_acl ($config['id_user'], $template_group, "LM"))) {
 	echo '<div class="action-buttons" style="width: ' . $table->width . '">';
 	echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/alerts/alert_list&tab=builder&pure='.$pure.'">';
 	html_print_submit_button (__('Create'), 'crtbtn', false, 'class="sub next"');
--- a/pandora_console/godmode/alerts/alert_list.php
+++ b/pandora_console/godmode/alerts/alert_list.php
@ -18,7 +18,9 @@ global $config;
 // Login check
 check_login ();
-if (! check_acl ($config['id_user'], 0, "LW") && ! check_acl ($config['id_user'], 0, "AD")) {
+if (! check_acl ($config['id_user'], 0, "LW") && 
 	! check_acl ($config['id_user'], 0, "AD") && 
 	! check_acl ($config['id_user'], 0, "LM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Alert Management");
 	require ("general/noaccess.php");
@ -294,7 +296,7 @@ if ($id_agente) {
 	require_once('godmode/alerts/alert_list.list.php');
-	if(check_acl ($config['id_user'], $agent['id_grupo'], "LW")) {
+	if(check_acl ($config['id_user'], $agent['id_grupo'], "LW") || check_acl ($config['id_user'], $agent['id_grupo'], "LM")) {
 		require_once('godmode/alerts/alert_list.builder.php');
 	}
@ -302,9 +304,9 @@ if ($id_agente) {
 }
 else {
 	$searchFlag = true;
-	if (!defined('METACONSOLE')) {
+	if (!is_metaconsole()) {
 		// The tabs will be shown only with manage alerts permissions
-		if(check_acl ($config['id_user'], 0, "LW")) {
+		if(check_acl ($config['id_user'], 0, "LW") || check_acl ($config['id_user'], 0, "LM")) {
 			$buttons = array(
 				'list' => array(
 					'active' => false,
@ -343,7 +345,7 @@ else {
 			else {
 				$groups = array(0 => __('All'));
 			}
-			$agents = agents_get_group_agents (array_keys ($groups), false, "none");
+			$agents = agents_get_group_agents (array_keys ($groups), false, "none",true);
 			require_once($config['homedir'] . '/godmode/alerts/alert_list.list.php');
--- a/pandora_console/godmode/events/custom_events.php
+++ b/pandora_console/godmode/events/custom_events.php
@ -18,7 +18,7 @@ global $config;
 check_login ();
-if (! check_acl($config['id_user'], 0, "EW")) {
+if (! check_acl($config['id_user'], 0, "PM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Custom events Management");
 	require ("general/noaccess.php");
--- a/pandora_console/godmode/events/event_edit_filter.php
+++ b/pandora_console/godmode/events/event_edit_filter.php
@ -18,7 +18,11 @@ global $config;
 check_login ();
-if (! check_acl ($config["id_user"], 0, "EW")) {
+$event_w = check_acl ($config['id_user'], 0, "EW");
 $event_m = check_acl ($config['id_user'], 0, "EM");
 $access = ($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'EW');
 if (!$event_w && !$event_m) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access events filter editor");
 	require ("general/noaccess.php");
@ -192,9 +196,7 @@ $table->style[0] = 'vertical-align: top;';
 $table->valign[1] = 'top';
-if (defined('METACONSOLE')) {
+if (is_metaconsole()) {
 	$table->width = '100%';
 	$table->border = 0;
 	if ($id) {
 		$table->head[0] = __('Update Filter');
 	}
@ -215,12 +217,12 @@ $table->data[0][1] =
 $table->data[1][0] = '<b>' . __('Save in group') . '</b>' .
 	ui_print_help_tip(__('This group will be use to restrict the visibility of this filter with ACLs'), true);
 $table->data[1][1] = html_print_select_groups(
-	$config['id_user'], "ER", users_can_manage_group_all(),
+	$config['id_user'], $access, users_can_manage_group_all(),
 	"id_group_filter", $id_group_filter, '', '', -1, true, false, false,
 	'', false, '', false, false, 'id_grupo', $strict_user);
 $table->data[2][0] = '<b>' . __('Group').'</b>';
-$table->data[2][1] = html_print_select_groups($config["id_user"], "ER",
+$table->data[2][1] = html_print_select_groups($config["id_user"], $access,
 	true, 'id_group', $id_group, '', '', -1, true, false, false, '',
 	false, false, false, false, 'id_grupo', $strict_user);
@ -253,7 +255,7 @@ $params['input_name'] = 'text_agent';
 $params['value'] = $text_agent;
 $params['return'] = true;
-if (defined('METACONSOLE')) {
+if (is_metaconsole()) {
 	$params['javascript_page'] = 'enterprise/meta/include/ajax/events.ajax';
 }
 else {
@ -285,7 +287,7 @@ if ($strict_user) {
 	$users = array($config['id_user'] => $config['id_user']);
 }
 else {
-	$users = users_get_user_users($config['id_user'], "ER",
+	$users = users_get_user_users($config['id_user'], $access,
 		users_can_manage_group_all());
 }
@ -314,7 +316,7 @@ if (empty($tag_without)) {
 }
 # Fix : only admin users can see all tags
-$tags = tags_get_user_tags($config['id_user'], 'ER');
+$tags = tags_get_user_tags($config['id_user'], $access);
 $tags_select_with = array();
 $tags_select_without = array();
--- a/pandora_console/godmode/events/event_filter.php
+++ b/pandora_console/godmode/events/event_filter.php
@ -18,7 +18,11 @@ global $config;
 check_login ();
-if (! check_acl ($config["id_user"], 0, "EW")) {
+$event_w = check_acl ($config['id_user'], 0, "EW");
 $event_m = check_acl ($config['id_user'], 0, "EM");
 $access = ($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'EW');
 if (!$event_w && !$event_m) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access events filter editor");
 	require ("general/noaccess.php");
@ -83,7 +87,7 @@ if ($strict_acl) {
 		users_can_manage_group_all());
 }
 else {
-	$groups_user = users_get_groups ($config['id_user'], "EW",
+	$groups_user = users_get_groups ($config['id_user'], $access,
 		users_can_manage_group_all(), true);
 }
@ -157,7 +161,7 @@ else {
 if (isset($data)) {
 	echo "<form method='post' action='index.php?sec=geventos&sec2=godmode/events/events&amp;pure=".$config['pure']."'>";
 	html_print_input_hidden('multiple_delete', 1);
-	if(!defined("METACONSOLE"))
+	if(!is_metaconsole())
 		echo "<div style='padding-bottom: 20px; text-align: right;'>";
 	else
 		echo "<div style='float:right; '>";
--- a/pandora_console/godmode/events/event_responses.editor.php
+++ b/pandora_console/godmode/events/event_responses.editor.php
@ -59,7 +59,7 @@ $table = new stdClass();
 $table->width = '100%';
 $table->class = 'databox filters';
-if(defined('METACONSOLE')) {
+if(is_metaconsole()) {
 	$table->head[0] = __('Edit event responses');
 	$table->head_colspan[0] = 5;
 	$table->headstyle[0] = 'text-align: center';
@ -79,7 +79,7 @@ $data[1] = html_print_input_text('name', $event_response['name'], '',
 $data[1] .= html_print_input_hidden('id_response',$event_response['id'],true);
 $data[2] = __('Group');
-$data[3] = html_print_select_groups(false, 'AR', true, 'id_group',$event_response['id_group'],'','','',true);
+$data[3] = html_print_select_groups(false, 'PM', true, 'id_group',$event_response['id_group'],'','','',true);
 $table->data[0] = $data;
 $data = array();
--- a/pandora_console/godmode/events/events.php
+++ b/pandora_console/godmode/events/events.php
@ -20,7 +20,7 @@ check_login ();
 enterprise_hook('open_meta_frame');
-if (! check_acl ($config["id_user"], 0, "EW")) {
+if (!check_acl ($config["id_user"], 0, "EW") && !check_acl ($config["id_user"], 0, "EM") && ! check_acl ($config["id_user"], 0, "PM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access event manage");
 	require ("general/noaccess.php");
@ -31,6 +31,7 @@ if (! check_acl ($config["id_user"], 0, "EW")) {
 $section = (string) get_parameter ("section", "filter");
 // Draws header
 if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0, "EM")) {
 	$buttons['view'] = array('active' => false, 
 		'text' => '<a href="index.php?sec=eventos&sec2=operation/events/events&amp;pure='.$config['pure'].'">' . 
 		html_print_image("images/events_list.png", true, array("title" => __('Event list'))) . '</a>',
@ -39,13 +40,14 @@ $buttons['view'] = array('active' => false,
 	$buttons['filter'] = array('active' => false, 
 		'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=filter&amp;pure='.$config['pure'].'">' .
 		html_print_image("images/filter_mc.png", true, array ("title" => __('Filter list'))) . '</a>');
 }
 if (check_acl ($config["id_user"], 0, "PM")) {
 	$buttons['responses'] = array('active' => false,
 		'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=responses&amp;pure='.$config['pure'].'">' .
 		html_print_image("images/event_responses.png", true, array ("title" => __('Event responses'))) . '</a>');
-	if (! defined ('METACONSOLE')) {
+	if (!is_metaconsole()) {
 		$buttons['fields'] = array('active' => false,
 			'text' => '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=fields&amp;pure='.$config['pure'].'">' .
 			html_print_image("images/custom_columns.png", true, array ("title" => __('Custom fields'))) . '</a>');
--- a/pandora_console/godmode/gis_maps/configure_gis_map.php
+++ b/pandora_console/godmode/gis_maps/configure_gis_map.php
@ -17,8 +17,11 @@ global $config;
 check_login ();
 $gis_w = check_acl ($config['id_user'], 0, 'MW');
 $gis_m = check_acl ($config['id_user'], 0, 'MM')
 $access = ($gis_w == true) ? 'MW' : (($gis_m == true) ? 'MM' : 'MW');
-if (! check_acl ($config['id_user'], 0, "IW")) {
+if (!$gis_w  && !$gis_m ) {
 	db_pandora_audit("ACL Violation", "Trying to access map builder");
 	require ("general/noaccess.php");
 	return;
@ -337,7 +340,7 @@ if (isset($invalidFields['map_connection_list'])) {
 $listConnectionTemp = db_get_all_rows_sql("SELECT id_tmap_connection, conection_name, group_id FROM tgis_map_connection");
 $listConnection = array();
 foreach ($listConnectionTemp as $connectionTemp) {
-	if (check_acl ($config["id_user"], $connectionTemp['group_id'], "IW")) {
+	if (check_acl ($config["id_user"], $connectionTemp['group_id'], "MW") || check_acl ($config["id_user"], $connectionTemp['group_id'], "MM")) {
 		$listConnection[$connectionTemp['id_tmap_connection']] = $connectionTemp['conection_name'];
 	}
 }
@ -356,7 +359,7 @@ $table->data[1][1] = "<table style='padding:0px;' class='no-class' border='0' id
 	</tr> " . gis_add_conection_maps_in_form($map_connection_list) . "
 </table>";
 $own_info = get_user_info($config['id_user']);
-if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
+if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "MM"))
 	$display_all_group = true;
 else
 	$display_all_group = false;
@ -408,7 +411,7 @@ $table->data[1][1] = '<div id="form_layer">
 			</tr>
 			<tr>
 				<td>' . __('Show agents from group') . ':</td>
-				<td colspan="3">' . html_print_select_groups(false, 'IW', $display_all_group, 'layer_group_form', '-1', '', __('None'), '-1', true) . '</td>
+				<td colspan="3">' . html_print_select_groups(false, $access, $display_all_group, 'layer_group_form', '-1', '', __('None'), '-1', true) . '</td>
 			</tr>
 			<tr>
 				<td colspan="4"><hr /></td>
--- a/pandora_console/godmode/menu.php
+++ b/pandora_console/godmode/menu.php
@ -24,18 +24,14 @@ require_once ('include/functions_menu.php');
 $menu_godmode = array ();
 $menu_godmode['class'] = 'godmode';
 if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0, "AD")) {
 	$menu_godmode["gagente"]["text"] = __('Resources');
 	$menu_godmode["gagente"]["sec2"] = "godmode/agentes/modificar_agente";
 	$menu_godmode["gagente"]["id"] = "god-resources";
 $sub = array ();
 if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0, "AD")) {
 	$sub['godmode/agentes/modificar_agente']['text'] = __('Manage agents');
 	$sub['godmode/agentes/modificar_agente']['id'] = 'Manage agents';
 	$sub["godmode/agentes/modificar_agente"]["subsecs"] = array(
 		"godmode/agentes/configurar_agente");
 }
 	if (check_acl ($config['id_user'], 0, "AW")) {
 if (check_acl ($config["id_user"], 0, "PM")) {
 	$sub["godmode/agentes/fields_manager"]["text"] = __('Custom fields');
 	$sub["godmode/agentes/fields_manager"]["id"] = 'Custom fields';
@ -54,27 +50,26 @@ if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0,
 	$sub["godmode/groups/modu_group_list"]["id"] = 'Module groups';
 }
-		if ($config['activate_netflow']) {
+if (check_acl ($config['id_user'], 0, "AW")) {	
 	//Netflow
 	if ($config['activate_netflow']) {
 		$sub["godmode/netflow/nf_edit"]["text"] = __('Netflow filters');
 		$sub["godmode/netflow/nf_edit"]["id"] = 'Netflow filters';
 	}
 }
 if (!empty($sub)) {
 	$menu_godmode["gagente"]["text"] = __('Resources');
 	$menu_godmode["gagente"]["sec2"] = "godmode/agentes/modificar_agente";
 	$menu_godmode["gagente"]["id"] = "god-resources";
 	$menu_godmode["gagente"]["sub"] = $sub;
 }
 if (check_acl ($config['id_user'], 0, "UM")) {
 	$menu_godmode["gusuarios"]["text"] = __('Profiles');
 	$menu_godmode["gusuarios"]["sec2"] = "godmode/users/user_list";
 	$menu_godmode["gusuarios"]["id"] = "god-users";
 $sub = array ();
-	$sub['godmode/users/user_list']['text'] = __('Users management');
+if (check_acl ($config['id_user'], 0, "AW")) {
 	$sub['godmode/users/user_list']['id'] = 'Users management';
 	$sub['godmode/users/profile_list']['text'] = __('Profile management');
 	$sub['godmode/users/profile_list']['id'] = 'Profile management';
 	$sub["godmode/groups/group_list"]["text"] = __('Manage agents groups');
 	$sub["godmode/groups/group_list"]["id"] = 'Manage agents groups';
 }
 if (check_acl ($config['id_user'], 0, "PM")) {
 	// Tag
@ -84,8 +79,18 @@ if (check_acl ($config['id_user'], 0, "UM")) {
 	enterprise_hook ('enterprise_acl_submenu');
 }
 if (check_acl ($config['id_user'], 0, "UM")) {
 	$sub['godmode/users/user_list']['text'] = __('Users management');
 	$sub['godmode/users/user_list']['id'] = 'Users management';
 	$sub['godmode/users/profile_list']['text'] = __('Profile management');
 	$sub['godmode/users/profile_list']['id'] = 'Profile management';
 }
 if (!empty($sub)) {
 	$menu_godmode["gusuarios"]["sub"] = $sub;
 	$menu_godmode["gusuarios"]["text"] = __('Profiles');
 	$menu_godmode["gusuarios"]["sec2"] = "godmode/users/user_list";
 	$menu_godmode["gusuarios"]["id"] = "god-users";
 }
 $sub = array ();
@ -117,11 +122,12 @@ if (check_acl ($config['id_user'], 0, "AW")) {
 	$sub2["godmode/massive/massive_operations&amp;tab=massive_alerts"]["text"] = __('Alerts operations');
 	enterprise_hook('massivepolicies_submenu');
 	enterprise_hook('massivesnmp_submenu');
 	enterprise_hook('massivesatellite_submenu');
 	$sub["gmassive"]["sub2"] = $sub2;
 }
 enterprise_hook('massivesatellite_submenu');
 if (!empty($sub)) {
 	$menu_godmode["gmodules"]["text"] = __('Configuration');
 	$menu_godmode["gmodules"]["sec2"] = "godmode/modules/manage_network_templates";
@ -129,7 +135,9 @@ if (!empty($sub)) {
 	$menu_godmode["gmodules"]["sub"] = $sub;
 }
-if (check_acl ($config['id_user'], 0, "LM") || check_acl ($config['id_user'], 0, "AD")) {
+if (check_acl ($config['id_user'], 0, "LW") || 
 	check_acl ($config['id_user'], 0, "LM") || 
 	check_acl ($config['id_user'], 0, "AD")) {
 	$menu_godmode["galertas"]["text"] = __('Alerts');
 	$menu_godmode["galertas"]["sec2"] = "godmode/alerts/alert_list";
 	$menu_godmode["galertas"]["id"] = "god-alerts";
@ -150,13 +158,10 @@ if (check_acl ($config['id_user'], 0, "LM") || check_acl ($config['id_user'], 0,
 		$sub["godmode/alerts/alert_actions"]["id"] = 'Actions';
 		$sub["godmode/alerts/alert_actions"]["pages"] =
 			array("godmode/alerts/configure_alert_action");
 		if (check_acl ($config['id_user'], 0, "PM")) {
 		$sub["godmode/alerts/alert_commands"]["text"] = __('Commands');
 		$sub["godmode/alerts/alert_commands"]["id"] = 'Commands';
 		$sub["godmode/alerts/alert_commands"]["pages"] =
 				array("godmode/alerts/configure_alert_command");
 		}
 		$sub["godmode/alerts/alert_special_days"]["text"] = __('Special days list');
 		$sub["godmode/alerts/alert_special_days"]["id"] = __('Special days list');
 		$sub["godmode/alerts/alert_special_days"]["pages"] =
@ -169,16 +174,13 @@ if (check_acl ($config['id_user'], 0, "LM") || check_acl ($config['id_user'], 0,
 	$menu_godmode["galertas"]["sub"] = $sub;
 }
 if (check_acl ($config['id_user'], 0, "EW")) {
 // Manage events
 	$menu_godmode["geventos"]["text"] = __('Events');
 	$menu_godmode["geventos"]["sec2"] = "godmode/events/events&amp;section=filter";
 	$menu_godmode["geventos"]["id"] = "god-events";
 	// Custom event fields
 $sub = array ();
 if (check_acl ($config['id_user'], 0, "EW") || check_acl ($config['id_user'], 0, "EM")) {
 	// Custom event fields
 	$sub["godmode/events/events&amp;section=filter"]["text"] = __('Event filters');
 	$sub["godmode/events/events&amp;section=filter"]["id"] = 'Event filters';
 }
 if (check_acl ($config['id_user'], 0, "PM")) {
 	$sub["godmode/events/events&amp;section=fields"]["text"] = __('Custom events');
@ -187,23 +189,30 @@ if (check_acl ($config['id_user'], 0, "EW")) {
 	$sub["godmode/events/events&amp;section=responses"]["id"] = 'Event responses';
 }
 if (!empty($sub)) {
 	$menu_godmode["geventos"]["text"] = __('Events');
 	$menu_godmode["geventos"]["sec2"] = "godmode/events/events&amp;section=filter";
 	$menu_godmode["geventos"]["id"] = "god-events";
 	$menu_godmode["geventos"]["sub"] = $sub;
 }
-if (check_acl ($config['id_user'], 0, "AW")) {
+
 if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0, "PM")) {
 	// Servers
 	$menu_godmode["gservers"]["text"] = __('Servers');
 	$menu_godmode["gservers"]["sec2"] = "godmode/servers/modificar_server";
 	$menu_godmode["gservers"]["id"] = "god-servers";
 	$sub = array ();
 	if (check_acl ($config['id_user'], 0, "AW")) {
 		$sub["godmode/servers/modificar_server"]["text"] = __('Manage servers');
 		$sub["godmode/servers/modificar_server"]["id"] = 'Manage servers';
 	}
 	//This subtabs are only for Pandora Admin
 	if (check_acl ($config['id_user'], 0, "PM")) {
 		$sub["godmode/servers/manage_recontask"]["text"] = __('Recon task');
 		$sub["godmode/servers/manage_recontask"]["id"] = 'Recon task';
 	//This subtabs are only for Pandora Admin
 	if (check_acl ($config['id_user'], 0, "PM")) {
 		$sub["godmode/servers/plugin"]["text"] = __('Plugins');
 		$sub["godmode/servers/plugin"]["id"] = 'Plugins';
@ -297,7 +306,7 @@ if (check_acl ($config['id_user'], 0, "PM") || check_acl ($config['id_user'], 0,
 		$sub["godmode/setup/file_manager"]["id"] = 'File manager';
 	}
-	if (check_acl ($config['id_user'], 0, "DM")) {
+	if (check_acl ($config['id_user'], 0, "DM") || check_acl ($config['id_user'], 0, "PM")) {
 		$sub["gdbman"]["text"] = __('DB maintenance');
 		$sub["gdbman"]["id"] = 'DB maintenance';
 		$sub["gdbman"]["type"] = "direct";
@ -388,10 +397,8 @@ if (is_array ($config['extensions'])) {
 	}
-	if (!empty($sub2))
+	if (!empty($sub2)) {
 		$sub["godmode/extensions"]["sub2"] = $sub2;
 	if (!empty($sub)) {
 		$sub["godmode/extensions"]["text"] = __('Extension manager');
 		$sub["godmode/extensions"]["id"] = 'Extension manager';
 		$submenu = array_merge($menu_godmode["gextensions"]["sub"],$sub);
--- a/pandora_console/godmode/reporting/graph_builder.graph_editor.php
+++ b/pandora_console/godmode/reporting/graph_builder.graph_editor.php
@ -17,7 +17,10 @@ global $config;
 check_login ();
-if (! check_acl ($config['id_user'], 0, "RW")) {
+$report_w = check_acl ($config['id_user'], 0, "RW");
 $report_m = check_acl ($config['id_user'], 0, "RM");
 if (!$report_w && !$report_m ) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access graph builder");
 	include ("general/noaccess.php");
@ -129,7 +132,6 @@ if (count($module_array) > 0) {
 }
 //Configuration form
 echo '<span id ="none_text" style="display: none;">' . __('None') . '</span>';
 echo "<form method='post' action='index.php?sec=reporting&sec2=godmode/reporting/graph_builder&tab=graph_editor&add_module=1&edit_graph=1&id=" . $id_graph . "'>";
@ -137,7 +139,9 @@ echo "<table width='100%' cellpadding='4' cellpadding='4' class='databox filters
 echo "<tr>";
 echo "<td colspan='3'>".__('Filter group')."</td>";
 echo "</tr><tr>";
-echo "<td colspan='3'>".html_print_select(groups_get_all(), 'group', '', "filterByGroup($('#group').val());", __('All'), '0', true)."</td>";
+echo "<td colspan='3'>".html_print_select_groups($config['id_user'], ($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RW'),
 	true, 'group', '', 'filterByGroup($(\'#group\').val());',
 	'', 0, true)."</td>";
 echo "</tr><tr>";
 echo "<td style='vertical-align: top;'>".__('Agents')."</td>";
 echo "<td></td>";
--- a/pandora_console/godmode/reporting/graph_builder.main.php
+++ b/pandora_console/godmode/reporting/graph_builder.main.php
@ -48,7 +48,7 @@ if (is_ajax ()) {
 check_login ();
-if (! check_acl ($config['id_user'], 0, "RW")) {
+if (! check_acl ($config['id_user'], 0, "RW") && ! check_acl ($config['id_user'], 0, "RM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access graph builder");
 	include ("general/noaccess.php");
@ -111,9 +111,12 @@ if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
 else	
 	$return_all_groups = false;
-echo "<td><b>".__('Group')."</b></td><td>" .
+echo "<td><b>".__('Group')."</b></td><td>";
-	html_print_select_groups($config['id_user'], "AR", $return_all_groups, 'graph_id_group', $id_group, '', '', '', true) .
+	if (check_acl ($config['id_user'], 0, "RW"))
-	"</td></tr>";
+		echo html_print_select_groups($config['id_user'], 'RW', $return_all_groups, 'graph_id_group', $id_group, '', '', '', true);
 	elseif (check_acl ($config['id_user'], 0, "RM"))
 		echo html_print_select_groups($config['id_user'], 'RM', $return_all_groups, 'graph_id_group', $id_group, '', '', '', true);
 echo "</td></tr>";
 echo "<tr>";
 echo "<td class='datos2'><b>".__('Description')."</b></td>";
 echo "<td class='datos2' colspan=3><textarea name='description' style='height:45px;' cols=55 rows=2>";
--- a/pandora_console/godmode/reporting/graph_builder.php
+++ b/pandora_console/godmode/reporting/graph_builder.php
@ -46,7 +46,7 @@ if (is_ajax ()) {
 check_login ();
-if (! check_acl ($config['id_user'], 0, "RW")) {
+if (! check_acl ($config['id_user'], 0, "RW") && ! check_acl ($config['id_user'], 0, "RM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access graph builder");
 	include ("general/noaccess.php");
--- a/pandora_console/godmode/reporting/graphs.php
+++ b/pandora_console/godmode/reporting/graphs.php
@ -20,7 +20,11 @@ require_once ('include/functions_custom_graphs.php');
 // Check user credentials
 check_login ();
-if (! check_acl ($config['id_user'], 0, "RR")) {
+$report_r = check_acl ($config['id_user'], 0, "RR");
 $report_w = check_acl ($config['id_user'], 0, "RW");
 $report_m = check_acl ($config['id_user'], 0, "RM");
 $access = ($report_r == true) ? 'RR' : (($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RR'));
 if (!$report_r && !$report_w && !$report_m) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Inventory Module Management");
 	require ("general/noaccess.php");
@ -72,7 +76,7 @@ ui_print_page_header (__('Reporting')." &raquo; ".__('Custom graphs'), "images/c
 // Delete module SQL code
 if ($delete_graph) {
-	if (check_acl ($config['id_user'], 0, "RW")) {
+	if ( $report_w || $report_m ) {
 		$exist = db_get_value("id_graph", "tgraph_source", "id_graph", $id);
 		if ($exist) {
@ -134,7 +138,7 @@ if ($multiple_delete) {
 }
-$graphs = custom_graphs_get_user ($config['id_user'], false, true, "RR");
+$graphs = custom_graphs_get_user ($config['id_user'], false, true, $access);
 $offset = (int) get_parameter ("offset");
 ui_pagination (count($graphs));
@ -154,7 +158,7 @@ if (!empty ($graphs)) {
 	$table->size[3] = '200px';
 	$table->align[2] = 'left';
 	$table->align[3] = 'left';
-	if (check_acl ($config['id_user'], 0, "RW")) {
+	if ($report_w || $report_m) {
 		$table->align[4] = 'left';
 		$table->head[4] = __('Op.') .
 			html_print_checkbox('all_delete', 0, false, true, false,
@ -176,7 +180,7 @@ if (!empty ($graphs)) {
 		$data[2] = $graph["graphs_count"];
 		$data[3] = ui_print_group_icon($graph['id_group'],true);
-		if (check_acl ($config['id_user'], 0, "RW") && users_can_manage_group_all($graph['id_group'])) {
+		if (($report_w || $report_m) && users_can_manage_group_all($access)) {
 			$data[4] = '<a href="index.php?sec=reporting&sec2=godmode/reporting/graph_builder&edit_graph=1&id='.
 			$graph['id_graph'].'">'.html_print_image("images/config.png", true).'</a>';
@ -204,7 +208,7 @@ if (!empty ($graphs)) {
 	echo "<div style='float: right;'>";
-		if (check_acl ($config['id_user'], 0, "RW")) {
+		if ($report_w || $report_m) {
 			echo '<form method="post" style="float:right;" action="index.php?sec=reporting&sec2=godmode/reporting/graph_builder">';
 				html_print_submit_button (__('Create graph'), 'create', false, 'class="sub next" style="margin-right:5px;"');
 			echo "</form>";
--- a/pandora_console/godmode/reporting/map_builder.php
+++ b/pandora_console/godmode/reporting/map_builder.php
@ -245,10 +245,10 @@ else {
 	$total_maps = count(visual_map_get_user_layouts ($config['id_user'], false,
 		false, false));
 }
-if (!$maps && !defined("METACONSOLE")) {
+if (!$maps && !is_metaconsole()) {
 	require_once ($config['homedir'] . "/general/firts_task/map_builder.php");
 }
-elseif (!$maps && defined("METACONSOLE")) {
+elseif (!$maps && is_metaconsole()) {
 	ui_print_info_message(
 		array(
 			'no_close'=>true,
@ -266,7 +266,7 @@ else {
 		$data = array ();
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$data[0] = '<a href="index.php?sec=network&amp;sec2=operation/visual_console/render_view&amp;id='.
 				$map['id'].'&amp;refr=' . $refr . '">'.$map['name'].'</a>';
 		}
@ -281,7 +281,7 @@ else {
 		// Fix: IW was the old ACL for report editing, now is RW
 		if ($vconsole_write || $vconsole_manage) {
-			if (!defined('METACONSOLE')) {
+			if (!is_metaconsole()) {
 				$data[3] = '<a class="copy_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;copy_layout=1">'.html_print_image ("images/copy.png", true).'</a>';
 				$data[4] = '<a class="delete_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;delete_layout=1">'.html_print_image ("images/cross.png", true).'</a>';
 			}
@ -295,7 +295,7 @@ else {
 	html_print_table ($table);
 }
 if ($maps) {
-	if (!defined('METACONSOLE'))
+	if (!is_metaconsole())
 		echo '<div class="action-buttons" style="width: 0px;">';
 	else
 		echo '<div class="" style="width: 100%; text-align: right;">';
--- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php
+++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php
@ -19,7 +19,7 @@ require_once ($config['homedir'] . '/include/db/oracle.php');
 // Login check
 check_login ();
-if (! check_acl ($config['id_user'], 0, "RW")) {
+if (! check_acl ($config['id_user'], 0, "RW") && ! check_acl ($config['id_user'], 0, "RM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access report builder");
 	require ("general/noaccess.php");
@ -31,12 +31,6 @@ if (($config['metaconsole'] == 1) && (defined('METACONSOLE'))) {
 	$meta = true;
 }
 $show_graph_options = Array();
 $show_graph_options[0] = __('Only table');
 $show_graph_options[1] = __('Table & Graph');
@ -632,7 +626,10 @@ $class = 'databox filters';
 				$own_info = get_user_info ($config['id_user']);
 				// Get group list that user has access
 				if (check_acl ($config['id_user'], 0, "RW"))
 					$groups_user = users_get_groups ($config['id_user'], "RW", $own_info['is_admin'], true);
 				elseif (check_acl ($config['id_user'], 0, "RM"))
 					$groups_user = users_get_groups ($config['id_user'], "RM", $own_info['is_admin'], true);
 				$groups_id = array();
 				foreach ($groups_user as $key => $groups) {
 					$groups_id[] = $groups['id_grupo'];
@ -821,8 +818,12 @@ $class = 'databox filters';
 			<td style="font-weight:bold;"><?php echo __('Group');?></td>
 			<td style="">
 				<?php
 				if(check_acl ($config['id_user'], 0, "RW"))
 					html_print_select_groups($config['id_user'],
-					"AR", true, 'combo_group', $group, '');
+						"RW", true, 'combo_group', $group, '');
 				elseif(check_acl ($config['id_user'], 0, "RM"))
 					html_print_select_groups($config['id_user'],
 						"RM", true, 'combo_group', $group, '');
 				?>
 			</td>
 		</tr>
--- a/pandora_console/godmode/reporting/reporting_builder.php
+++ b/pandora_console/godmode/reporting/reporting_builder.php
@ -21,8 +21,11 @@ global $config;
 check_login ();
 enterprise_hook('open_meta_frame');
-
+$report_r = check_acl ($config['id_user'], 0, "RR");
-if (! check_acl ($config['id_user'], 0, "RR")) {
+$report_w = check_acl ($config['id_user'], 0, "RW");
 $report_m = check_acl ($config['id_user'], 0, "RM");
 $access = ($report_r == true) ? 'RR' : (($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RR'));
 if (!$report_r  && !$report_w && !$report_m) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access report builder");
 	require ("general/noaccess.php");
@ -427,7 +430,7 @@ switch ($action) {
 		$table_aux->colspan[0][0] = 4;
 		$table_aux->data[0][0] = "<b>". __("Group") . "</b>";
-		$table_aux->data[0][1] = html_print_select_groups(false, "AR", true, 'id_group', $id_group, '', '', '', true, false, true, '', false, 'width:150px', false, false, 'id_grupo', $strict_user). '<br>';
+		$table_aux->data[0][1] = html_print_select_groups(false, $access, true, 'id_group', $id_group, '', '', '', true, false, true, '', false, 'width:150px', false, false, 'id_grupo', $strict_user). '<br>';
 		$table_aux->data[0][2] = "<b>". __("Free text for search: ") . ui_print_help_tip(
 		__('Search by report name or description, list matches.'),true) . "</b>";
@ -435,7 +438,7 @@ switch ($action) {
 		$table_aux->data[0][6] = html_print_submit_button(__('Search'), 'search_submit', false, 'class="sub upd"', true);
-		if (defined('METACONSOLE')) {
+		if (is_metaconsole()) {
 			$filter = "<form class ='' action='index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&id_group=$id_group&pure=$pure'
 				method='post'>";
 			$filter .= html_print_table($table_aux,true);
@ -449,13 +452,11 @@ switch ($action) {
 			echo "</form>";
 		}
 		ui_require_jquery_file ('pandora.controls');
 		ui_require_jquery_file ('ajaxqueue');
 		ui_require_jquery_file ('bgiframe');
 		ui_require_jquery_file ('autocomplete');
 		// Show only selected groups
 		if ($id_group > 0) {
 			$group = array("$id_group" => $id_group);
@ -465,7 +466,7 @@ switch ($action) {
 		}
 		$own_info = get_user_info ($config['id_user']);
-		if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
+		if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "RM"))
 			$return_all_group = true;
 		else
 			$return_all_group = false;
@ -505,10 +506,10 @@ switch ($action) {
 				'private',
 				'id_user',
 				'id_group',
-				'non_interactive'), $return_all_group, 'RR', $group, $strict_user);
+				'non_interactive'), $return_all_group, $access, $group, $strict_user);
 		$total_reports = (int) count(reports_get_reports ($filter,
-			array ('name'), $return_all_group, 'RR', $group, $strict_user));
+			array ('name'), $return_all_group, $access, $group, $strict_user));
 		if (sizeof ($reports)) {
@ -579,15 +580,19 @@ switch ($action) {
 				if (!is_user_admin ($config["id_user"])) {
 					if ($report["private"] && $report["id_user"] != $config['id_user'])
-						if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
+						if (!check_acl ($config["id_user"], $report["id_group"], "RR") && 
 								!check_acl ($config["id_user"], $report["id_group"], "RW") 
 								&& !check_acl ($config["id_user"], $report["id_group"], "RM"))
 							continue;
-					if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
+					if (!check_acl ($config["id_user"], $report["id_group"], "RR") && 
 							!check_acl ($config["id_user"], $report["id_group"], "RW") 
 								&& !check_acl ($config["id_user"], $report["id_group"], "RM"))
 						continue;
 				}
 				$data = array ();
-				if (check_acl ($config["id_user"], $report["id_group"], "RW")) {
+				if (check_acl ($config["id_user"], $report["id_group"], "RW") || check_acl ($config["id_user"], $report["id_group"], "RM")) {
 					$data[0] = '<a href="' . $config['homeurl'] . 'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&id_report='.
 						$report['id_report'].'&pure='.$pure.'">'.$report['name'].'</a>';
 				}
@ -721,7 +726,7 @@ switch ($action) {
 		else {
 			ui_print_info_message ( array ( 'no_close' => true, 'message' =>  __('No data found.') ) );
 		}
-		if (check_acl ($config['id_user'], 0, "RW")) {
+		if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 			echo '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&tab=main&action=new&pure='.$pure.'">';
 			if (defined("METACONSOLE"))
 				echo '<div class="action-buttons" style="width: 100%; ">';
--- a/pandora_console/godmode/servers/manage_recontask.php
+++ b/pandora_console/godmode/servers/manage_recontask.php
@ -19,7 +19,7 @@ global $config;
 check_login ();
-if (! check_acl ($config['id_user'], 0, "AW")) {
+if (! check_acl ($config['id_user'], 0, "PM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Recon Task Management");
 	require ("general/noaccess.php");
@ -32,10 +32,10 @@ if (check_acl ($config['id_user'], 0, "AW")) {
 	$options[]['text'] = "<a href='index.php?sec=estado&sec2=operation/servers/recon_view'>" . html_print_image ("images/operation.png", true, array ("title" =>__('View'))) . "</a>";
 }
-$user_groups_w = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
+$user_groups_w = users_get_groups(false, 'PM', true, false, null, 'id_grupo');
 $user_groups_w = array_keys($user_groups_w);
-$user_groups_r = users_get_groups(false, 'AR', true, false, null, 'id_grupo');
+$user_groups_r = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
 $user_groups_r = array_keys($user_groups_r);
 // Headers
--- a/pandora_console/godmode/servers/manage_recontask_form.php
+++ b/pandora_console/godmode/servers/manage_recontask_form.php
@ -18,7 +18,7 @@ global $config;
 check_login ();
-if (! check_acl ($config['id_user'], 0, "AW")) {
+if (! check_acl ($config['id_user'], 0, "PM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Agent Management");
 	require ("general/noaccess.php");
@ -298,8 +298,8 @@ $table->data[8][1] .= ui_print_help_tip(
 // Group
 $table->data[9][0] = "<b>".__('Group');
-$groups = users_get_groups (false, "AR", false);
+$groups = users_get_groups (false, "PM", false);
-$table->data[9][1] = html_print_select_groups(false, "AR", false, 'id_group', $id_group, '', '', 0, true);
+$table->data[9][1] = html_print_select_groups(false, "PM", true, 'id_group', $id_group, '', '', 0, true);
 // Incident
 $values = array (0 => __('No'), 1 => __('Yes'));
--- a/pandora_console/include/ajax/module.php
+++ b/pandora_console/include/ajax/module.php
@ -407,7 +407,9 @@ if ($list_modules) {
 	include_once($config['homedir'] . "/include/functions_tags.php");
 	include_once($config['homedir'] . "/include/functions_clippy.php");
-
+	$agent_a = check_acl ($config['id_user'], 0, "AR");
 	$agent_w = check_acl ($config['id_user'], 0, "AW");
 	$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
 	$id_agente = $id_agent = (int)get_parameter('id_agente', 0);
 	$url = 'index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente=' . $id_agent;
@ -499,10 +501,10 @@ if ($list_modules) {
 	}
 	// Fix: for tag functionality groups have to be all user_groups (propagate ACL funct!)
-	$groups = users_get_groups($config["id_user"]);
+	$groups = users_get_groups($config["id_user"], $access);
 	$tags_sql = tags_get_acl_tags($config['id_user'],
-		array_keys($groups), 'AR', 'module_condition', 'AND',
+		array_keys($groups), $access, 'module_condition', 'AND',
 		'tagente_modulo', false, array(), true);
 	$status_filter_monitor = (int)get_parameter('status_filter_monitor', -1);
--- a/pandora_console/include/ajax/tree.ajax.php
+++ b/pandora_console/include/ajax/tree.ajax.php
@ -47,11 +47,14 @@ if (is_ajax ()) {
 			);
 		$filter = get_parameter('filter', $default_filters);
 		$agent_a = check_acl ($config['id_user'], 0, "AR");
 		$agent_w = check_acl ($config['id_user'], 0, "AW");
 		$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
 		if (class_exists('TreeEnterprise')) {
-			$tree = new TreeEnterprise($type, $rootType, $id, $rootID, $serverID, $childrenMethod);
+			$tree = new TreeEnterprise($type, $rootType, $id, $rootID, $serverID, $childrenMethod, $access);
 		}
 		else {
-			$tree = new Tree($type, $rootType, $id, $rootID, $serverID, $childrenMethod);
+			$tree = new Tree($type, $rootType, $id, $rootID, $serverID, $childrenMethod, $access);
 		}
 		$tree->setFilter($filter);
--- a/pandora_console/include/class/Tree.class.php
+++ b/pandora_console/include/class/Tree.class.php
@ -27,8 +27,9 @@ class Tree {
 	protected $strictACL = false;
 	protected $acltags = false;
 	protected $access = false;
-	public function __construct($type, $rootType = '', $id = -1, $rootID = -1, $serverID = false, $childrenMethod = "on_demand") {
+	public function __construct($type, $rootType = '', $id = -1, $rootID = -1, $serverID = false, $childrenMethod = "on_demand", $access = 'AR') {
 		$this->type = $type;
 		$this->rootType = !empty($rootType) ? $rootType : $type;
@ -36,8 +37,9 @@ class Tree {
 		$this->rootID = !empty($rootID) ? $rootID : $id;
 		$this->serverID = $serverID;
 		$this->childrenMethod = $childrenMethod;		
 		$this->access = $access;		
-		$userGroups = users_get_groups();
+		$userGroups = users_get_groups(false, $this->access);
 		if (empty($userGroups))
 			$this->userGroups = false;
@ -54,7 +56,7 @@ class Tree {
 		$this->strictACL = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
-		$this->acltags = tags_get_user_module_and_tags($config['id_user'], 'AR');
+		$this->acltags = tags_get_user_module_and_tags($config['id_user'], $this->access);
 	}
 	public function setType($type) {
@ -2104,6 +2106,7 @@ class Tree {
 					$this->processAgents($newItems, $server[$j]);
 					$newItems = array_filter($newItems);
 					$items = array_merge($items, $newItems);
 					metaconsole_restore_db();
 					$j++;
 				}
--- a/pandora_console/include/functions_groupview.php
+++ b/pandora_console/include/functions_groupview.php
@ -17,7 +17,7 @@
 include_once ($config['homedir'] . "/include/functions_groups.php");
 include_once ($config['homedir'] . "/include/functions_tags.php");
-function groupview_get_all_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array()) {
+function groupview_get_all_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array(), $access = 'AR') {
 	global $config;
 	if ($id_user == false) {
 		$id_user = $config['id_user'];
@ -198,7 +198,7 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
 		$list['_monitors_critical_'] = $group_stat[0]["critical"];
 		$list['_monitors_unknown_'] = $group_stat[0]["unknown"];
 		$list['_monitors_not_init_'] = $group_stat[0]["not_init"];
-		$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), 'AR',false, false);
+		$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), $access,false, false);
 		$list['_total_agents_'] = $total_agentes[0]['total_agents'];
 		$list["_monitor_alerts_fire_count_"] = $group_stat[0]["alerts_fired"];
@ -253,18 +253,18 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
 				'disabled' => 0,
 				'id_grupo' => $group['id_grupo'],
 				'status' => AGENT_STATUS_NOT_INIT),
-				array ('COUNT(*) as total'), 'AR', false);
+				array ('COUNT(*) as total'), $access, false);
 			$list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0;
 			$agent_unknown = agents_get_agents(array (
 							'disabled' => 0,
 							'id_grupo' => $group['id_grupo'],
 							'status' => AGENT_STATUS_UNKNOWN),
-							array ('COUNT(*) as total'), 'AR', false);
+							array ('COUNT(*) as total'), $access, false);
 			$list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0;
 			$agent_total = agents_get_agents(array (
 							'disabled' => 0,
 							'id_grupo' => $group['id_grupo']),
-							array ('COUNT(*) as total'), 'AR', false);
+							array ('COUNT(*) as total'), $access, false);
 			$list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0;
 			$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
 			$list[$group['id_grupo']]['_monitors_alerts_fired_'] = groupview_monitor_fired_alerts ($group['id_grupo'], $user_strict,array($group['id_grupo']));
@ -423,7 +423,7 @@ function groupview_status_modules_agents($id_user = false, $user_strict = false,
 	else {
 		$result_list = groupview_get_all_data ($id_user, $user_strict,
-				$acltags);
+				$acltags, false, array(), array(), $access);
 		return $result_list;
 	}
 }
@ -551,18 +551,18 @@ function groupview_get_groups_list($id_user = false, $user_strict = false, $acce
 	// If using metaconsole, the not strict users will use the metaconsole's agent cache table
 	else {
 		$result_list = groupview_get_data ($id_user, $user_strict, $acltags,
-			$returnAllGroup);
+			$returnAllGroup, array(), array(), $access);
 		return $result_list;
 	}
 }
-function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array()) {
+function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array(), $access = 'AR') {
 	global $config;
 	if ($id_user == false) {
 		$id_user = $config['id_user'];
 	}
-	$groups_with_privileges = users_get_groups($id_user);
+	$groups_with_privileges = users_get_groups($id_user, $access);
 	$groups_with_privileges = implode('","', $groups_with_privileges);
 	$user_groups = array();
@ -811,7 +811,7 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
 		$list['_monitors_critical_'] = $group_stat[0]["critical"];
 		$list['_monitors_unknown_'] = $group_stat[0]["unknown"];
 		$list['_monitors_not_init_'] = $group_stat[0]["not_init"];
-		$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), 'AR',false, false);
+		$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), $access,false, false);
 		$list['_total_agents_'] = $total_agentes[0]['total_agents'];
 		$list["_monitor_alerts_fire_count_"] = $group_stat[0]["alerts_fired"];
@ -866,18 +866,18 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
 				'disabled' => 0,
 				'id_grupo' => $group['id_grupo'],
 				'status' => AGENT_STATUS_NOT_INIT),
-				array ('COUNT(*) as total'), 'AR', false);
+				array ('COUNT(*) as total'), $access, false);
 			$list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0;
 			$agent_unknown = agents_get_agents(array (
 							'disabled' => 0,
 							'id_grupo' => $group['id_grupo'],
 							'status' => AGENT_STATUS_UNKNOWN),
-							array ('COUNT(*) as total'), 'AR', false);
+							array ('COUNT(*) as total'), $access, false);
 			$list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0;
 			$agent_total = agents_get_agents(array (
 							'disabled' => 0,
 							'id_grupo' => $group['id_grupo']),
-							array ('COUNT(*) as total'), 'AR', false);
+							array ('COUNT(*) as total'), $access, false);
 			$list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0;
 			$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
 			$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
--- a/pandora_console/include/functions_treeview.php
+++ b/pandora_console/include/functions_treeview.php
@ -356,7 +356,7 @@ function treeview_printTable($id_agente, $server_data = array(), $no_head = fals
 		$is_extra = false;
 	}
-	if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && !$is_extra) {
+	if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config["id_user"], $agent["id_grupo"], "AW") && !$is_extra) {
 		db_pandora_audit("ACL Violation",
 			"Trying to access Agent General Information");
 		require_once ("general/noaccess.php");
--- a/pandora_console/include/functions_visual_map.php
+++ b/pandora_console/include/functions_visual_map.php
@ -2116,9 +2116,9 @@ function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter
 		$filter = array ();
 	if ($returnAllGroup)
-		$groups = users_get_groups ($id_user, 'RR');
+		$groups = users_get_groups ($id_user, 'VR');
 	else
-		$groups = users_get_groups ($id_user, 'RR', false);
+		$groups = users_get_groups ($id_user, 'VR', false);
 	if (!empty($groups)) {
 		if (empty($where))
--- a/pandora_console/operation/agentes/alerts_status.functions.php
+++ b/pandora_console/operation/agentes/alerts_status.functions.php
@ -34,7 +34,7 @@ function validateAlert() {
 	}
 }
-function printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_standby = false, $tag_filter = false,$action_filter = false, $return = false, $strict_user = false) {
+function printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_standby = false, $tag_filter = false,$action_filter = false, $return = false, $strict_user = false, $access = 'AR') {
 	global $config;
 	require_once ($config['homedir'] . "/include/functions_tags.php");
@ -66,7 +66,7 @@ function printFormFilterAlert($id_group, $filter, $free_search, $url, $filter_st
 	}
 	$table->data[0][0] = __('Group');
-	$table->data[0][1] = html_print_select_groups($config['id_user'], "AR", true, "ag_group", $id_group, '', '', '', true, false, false, '', false, '', false, false, 'id_grupo', $strict_user);
+	$table->data[0][1] = html_print_select_groups($config['id_user'], $access, true, "ag_group", $id_group, '', '', '', true, false, false, '', false, '', false, false, 'id_grupo', $strict_user);
 	$alert_status_filter = array();
 	$alert_status_filter['all_enabled'] = __('All (Enabled)');
--- a/pandora_console/operation/agentes/alerts_status.php
+++ b/pandora_console/operation/agentes/alerts_status.php
@ -91,7 +91,7 @@ if ($idAgent != 0) {
 		$is_extra = false;
 	}
-	if (!check_acl ($config["id_user"], $id_group, "AR") && !$is_extra) {
+	if (!check_acl ($config["id_user"], $id_group, "AR") && !check_acl ($config["id_user"], $id_group, "AW") && !$is_extra) {
 		db_pandora_audit("ACL Violation","Trying to access alert view");
 		require ("general/noaccess.php");
 		exit;
@ -109,7 +109,11 @@ if ($idAgent != 0) {
 	}
 }
 else {
-	if (!check_acl ($config["id_user"], 0, "AR")) {
+	$agent_a = check_acl ($config['id_user'], 0, "AR");
 	$agent_w = check_acl ($config['id_user'], 0, "AW");
 	$access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
 	if (!$agent_a && !$agent_w) {
 		db_pandora_audit("ACL Violation","Trying to access alert view");
 		require ("general/noaccess.php");
 		return;
@ -118,13 +122,13 @@ else {
 	$agents = array_keys(
 		agents_get_group_agents(
 			array_keys(
-				users_get_groups($config["id_user"], 'AR', false))));
+				users_get_groups($config["id_user"], $access, false)), false, 'lower', true));
 	$idGroup = $id_group;
 	$print_agent = true;
-	if (!defined('METACONSOLE')) {
+	if (!is_metaconsole()) {
 		ui_print_page_header (__('Alert detail'), "images/op_alerts.png", false, "alert_validation");
 	}
 	else {
@ -300,7 +304,7 @@ switch ($sortField) {
 //Add checks for user ACL
-$groups = users_get_groups($config["id_user"]);
+$groups = users_get_groups($config["id_user"], $access);
 $id_groups = array_keys($groups);
 if (empty($id_groups)) {
@ -333,7 +337,7 @@ else {
 	$filter_alert['disabled'] = $filter;
 }
-if (defined('METACONSOLE')) {
+if (is_metaconsole()) {
 	require_once ($config['homedir'] . '/enterprise/meta/include/functions_alerts_meta.php');
 	if ($idAgent != 0) {
 		$alerts['alerts_simple'] = alerts_meta_get_alerts ($agents, $filter_alert, $options_simple, $whereAlertSimple, false, false, $idGroup, false, $strict_user);
@ -357,7 +361,7 @@ else {
 	}
 	else {
 		$id_groups = array_keys(
-			users_get_groups($config["id_user"], 'AR', false));
+			users_get_groups($config["id_user"], $access, false));
 		$alerts['alerts_simple'] = get_group_alerts($id_groups, $filter_alert, $options_simple, $whereAlertSimple, false, false, $idGroup, false, $strict_user, $tag_filter,$action_filter);
@ -379,7 +383,7 @@ if ($free_search != ''){
 // Filter form
 if ($print_agent) {
-	if(defined('METACONSOLE')) {
+	if(is_metaconsole()) {
 		ui_toggle(
 			printFormFilterAlert($id_group, $filter, $free_search,
 				$url, $filter_standby, $tag_filter, true, $strict_user),
@ -389,7 +393,7 @@ if ($print_agent) {
 		ui_toggle(
 			printFormFilterAlert($id_group, $filter, $free_search,
 				$url, $filter_standby, $tag_filter, $action_filter, true, $strict_user),
-			__('Alert control filter'), __('Toggle filter(s)'));
+			__('Alert control filter'), __('Toggle filter(s)'), $access);
 	}
 }
@ -404,7 +408,7 @@ $table->align = array ();
 if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 	if ($print_agent) {
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[0] = "<span title='" . __('Policy') . "'>" .
 				__('P.') . "</span>";
 		}
@ -412,7 +416,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 		$table->head[1] = "<span title='" . __('Standby') . "'>" .
 			__('S.') . "</span>";
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[2] =
 				"<span title='" . __('Force execution') . "'>" .
 					__('F.') . "</span>";
@ -424,7 +428,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 		$table->head[6] = __('Action');
 		$table->head[7] = __('Last fired');
 		$table->head[8] = __('Status');
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->size[8] = '4%';
 			if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
 				$table->head[9] = __('Validate');
@ -436,7 +440,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 		$table->align[8] = 'center';
 		// Sort buttons are only for normal console
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[3] .= ' ' .
 				'<a href="' . $url . '&sort_field=agent&sort=up">' . html_print_image("images/sort_up.png", true, array("style" => $selectAgentUp)) . '</a>' .
 				'<a href="' . $url . '&sort_field=agent&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectAgentDown)) . '</a>';
@ -449,13 +453,13 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 		}
 	}
 	else {
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[0] = "<span title='" . __('Policy') . "'>" . __('P.') . "</span>";
 		}
 		$table->head[1] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>";
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[2] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>";
 		}
@ -464,7 +468,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 		$table->head[5] = __('Action');
 		$table->head[6] = __('Last fired');
 		$table->head[7] = __('Status');
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->size[7] = '5%';
 			if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
 				$table->head[8] = __('Validate');
@ -475,7 +479,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 		$table->align[7] = 'center';
 		// Sort buttons are only for normal console
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[3] .= ' ' .
 				'<a href="' . $url . '&sort_field=module&sort=up">' . html_print_image("images/sort_up.png", true, array("style" => $selectModuleUp)) . '</a>' .
 				'<a href="' . $url . '&sort_field=module&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectModuleDown)) . '</a>';
@ -488,7 +492,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
 else {
 	if ($print_agent) {
 		$table->head[0] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>";
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[1] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>";
 		}
 		$table->head[2] = __('Agent');
@ -497,7 +501,7 @@ else {
 		$table->head[5] = __('Action');
 		$table->head[6] = __('Last fired');
 		$table->head[7] = __('Status');
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->size[7] = '5%';
 			if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
 				$table->head[8] = __('Validate');
@ -508,7 +512,7 @@ else {
 		$table->align[7] = 'center';
 		// Sort buttons are only for normal console
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[2] .= ' ' .
 				'<a href="' . $url . '&sort_field=agent&sort=up">'. html_print_image("images/sort_up.png", true, array("style" => $selectAgentUp)) . '</a>' .
 				'<a href="' . $url . '&sort_field=agent&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectAgentDown)) . '</a>';
@ -522,7 +526,7 @@ else {
 	}
 	else {
 		$table->head[0] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>";
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[1] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>";
 		}
 		$table->head[2] = __('Module');
@ -530,7 +534,7 @@ else {
 		$table->head[4] = __('Action');
 		$table->head[5] = __('Last fired');
 		$table->head[6] = __('Status');
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->size[6] = '5%';
 			if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) {
 				$table->head[7] = __('Validate');
@ -541,7 +545,7 @@ else {
 		$table->align[6] = 'center';
 		// Sort buttons are only for normal console
-		if (!defined('METACONSOLE')) {
+		if (!is_metaconsole()) {
 			$table->head[2] .= ' ' .
 				'<a href="' . $url . '&sort_field=module&sort=up">' . html_print_image("images/sort_up.png", true, array("style" => $selectModuleUp)) . '</a>' .
 				'<a href="' . $url . '&sort_field=module&sort=down">' . html_print_image("images/sort_down.png", true, array("style" => $selectModuleDown)) . '</a>';
@ -574,7 +578,7 @@ if (!empty ($table->data)) {
 		'offset_simple');
 	html_print_table ($table);
-	if (!defined('METACONSOLE')) {
+	if (!is_metaconsole()) {
 		if (check_acl ($config["id_user"], $id_group, "AW") || check_acl ($config["id_user"], $id_group, "LM") ) {
 			if (count($alerts['alerts_simple']) > 0) {
 				echo '<div class="action-buttons" style="width: '.$table->width.';">';
@ -593,12 +597,8 @@ else {
 //strict user hidden
 echo '<div id="strict_hidden" style="display:none;">';
 html_print_input_text('strict_user_hidden', $strict_user);
-if (defined('METACONSOLE')) {
+
-	$is_meta = true;
+html_print_input_text('is_meta_hidden', (int) is_metaconsole());
 } else {
 	$is_meta = false;
 }
 html_print_input_text('is_meta_hidden', $is_meta);
 echo '</div>';
 enterprise_hook('close_meta_frame');
--- a/pandora_console/operation/agentes/custom_fields.php
+++ b/pandora_console/operation/agentes/custom_fields.php
@ -29,7 +29,7 @@ if ($id_agente === -1) {
 	return;
 }
-if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR")) {
+if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation", 
 		"Trying to access Agent General Information");
 	require_once ("general/noaccess.php");
--- a/pandora_console/operation/agentes/estado_agente.php
+++ b/pandora_console/operation/agentes/estado_agente.php
@ -26,7 +26,7 @@ enterprise_include_once('include/functions_config_agents.php');
 check_login ();
-if (! check_acl ($config['id_user'], 0, "AR")) {
+if (! check_acl ($config['id_user'], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation", "Trying to access agent main list view");
 	require ("general/noaccess.php");
@ -120,6 +120,9 @@ $recursion = get_parameter('recursion', 0);
 $status = (int) get_parameter ('status', -1);
 $strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']);
 $agent_a = (bool) check_acl ($config['id_user'], 0, "AR");
 $agent_w = (bool) check_acl ($config['id_user'], 0, "AW");
 $access = ($agent_a === true) ? 'AR' : (($agent_w === true) ? 'AW' : 'AR');
 $onheader = array();
@ -163,8 +166,9 @@ echo '<tr><td style="white-space:nowrap;">';
 echo __('Group') . '&nbsp;';
-$groups = users_get_groups ();
+$groups = users_get_groups (false, $access);
-html_print_select_groups(false, "AR", true, 'group_id', $group_id, 'this.form.submit()', '', '', false, false, true, '', false, 'width:150px');
+
 html_print_select_groups(false, $access, true, 'group_id', $group_id, 'this.form.submit()', '', '', false, false, true, '', false, 'width:150px');
 echo '</td><td style="white-space:nowrap;">';
@ -371,7 +375,7 @@ if ($group_id > 0) {
 }
 else {
 	$groups = array();
-	$user_groups = users_get_groups($config["id_user"], "AR");
+	$user_groups = users_get_groups($config["id_user"], $access);
 	$groups = array_keys($user_groups);
 }
@ -403,7 +407,7 @@ if ($strict_user) {
 	$fields = array ('tagente.id_agente','tagente.id_grupo','tagente.id_os','tagente.ultimo_contacto','tagente.intervalo','tagente.comentarios description','tagente.quiet',
 		'tagente.normal_count','tagente.warning_count','tagente.critical_count','tagente.unknown_count','tagente.notinit_count','tagente.total_count','tagente.fired_count');
-	$acltags = tags_get_user_module_and_tags ($config['id_user'], 'AR', $strict_user);
+	$acltags = tags_get_user_module_and_tags ($config['id_user'], $access, $strict_user);
 	$total_agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $count_filter, $fields, false, $strict_user, true);
 	$total_agents = count($total_agents);
@ -417,7 +421,7 @@ else {
 		'id_grupo' => $groups,
 		'search' => $search_sql,
 		'status' => $status),
-		array ('COUNT(*) as total'), 'AR', false);
+		array ('COUNT(*) as total'), $access, false);
 	$total_agents = isset ($total_agents[0]['total']) ?
 		$total_agents[0]['total'] : 0;
@ -444,7 +448,7 @@ else {
 			'notinit_count',
 			'total_count',
 			'fired_count'),
-		'AR',
+		$access,
 		$order);
 }
--- a/pandora_console/operation/agentes/estado_generalagente.php
+++ b/pandora_console/operation/agentes/estado_generalagente.php
@ -53,7 +53,7 @@ if ($is_extra === ENTERPRISE_NOT_HOOK) {
 	$is_extra = false;
 }
-if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && !$is_extra) {
+if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config["id_user"], $agent["id_grupo"], "AW") && !$is_extra) {
 	db_pandora_audit("ACL Violation", 
 		"Trying to access Agent General Information");
 	require_once ("general/noaccess.php");
--- a/pandora_console/operation/agentes/estado_monitores.php
+++ b/pandora_console/operation/agentes/estado_monitores.php
@ -442,11 +442,10 @@ function print_form_filter_monitors($id_agent, $status_filter_monitor = -1,
 	$table->data[0][3] = html_print_input_text('status_text_monitor', $status_text_monitor, '', 30, 100, true);
 	$table->data[0][4] = __('Module group');
-	$rows = db_get_all_rows_sql("SELECT *
+	$rows = db_get_all_rows_sql("SELECT * FROM tmodule_group where id_mg in (SELECT id_module_group from tagente_modulo where id_agente = $id_agent )  ORDER BY name");
 		FROM tmodule_group where id_mg in (SELECT id_module_group from tagente_modulo where id_agente = $id_agent )  ORDER BY name");
 	if (!empty($rows)) {
 	$rows_select[-1] = __('All');
 	if (!empty($rows)) {
 		foreach ($rows as $module_group)
 			$rows_select[$module_group['id_mg']] = __($module_group['name']);
 	}
--- a/pandora_console/operation/agentes/gis_view.php
+++ b/pandora_console/operation/agentes/gis_view.php
@ -18,7 +18,7 @@ global $config;
 check_login ();
-if (! check_acl ($config['id_user'], 0, "AR") && ! is_user_admin ($config['id_user'])) {
+if (! check_acl ($config['id_user'], 0, "MR") && ! check_acl ($config['id_user'], 0, "MW") && ! check_acl ($config['id_user'], 0, "MM") && ! is_user_admin ($config['id_user'])) {
 	db_pandora_audit("ACL Violation", "Trying to access GIS Agent view");
 	require ("general/noaccess.php");
 	return;
--- a/pandora_console/operation/agentes/graphs.php
+++ b/pandora_console/operation/agentes/graphs.php
@ -19,7 +19,7 @@ global $config;
 require_once ("include/functions_agents.php");
 require_once ("include/functions_custom_graphs.php");
-if (! check_acl ($config['id_user'], $id_grupo, "AR")) {
+if (! check_acl ($config['id_user'], $id_grupo, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access (read) to agent ".agents_get_name($id_agente));
 	include ("general/noaccess.php");
--- a/pandora_console/operation/agentes/group_view.php
+++ b/pandora_console/operation/agentes/group_view.php
@ -21,7 +21,10 @@ require_once ("include/functions_groupview.php");
 check_login ();
 // ACL Check
-if (! check_acl ($config['id_user'], 0, "AR")) {
+$agent_a = check_acl ($config['id_user'], 0, "AR");
 $agent_w = check_acl ($config['id_user'], 0, "AW");
 if (!$agent_a && !$agent_w) {
 	db_pandora_audit("ACL Violation", 
 	"Trying to access Agent view (Grouped)");
 	require ("general/noaccess.php");
@ -67,7 +70,7 @@ ui_print_page_header (__("Group view"), "images/group.png", false, "", false, $u
 $strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']);
-$all_data = groupview_status_modules_agents ($config['id_user'], $strict_user, 'AR', $strict_user);
+$all_data = groupview_status_modules_agents ($config['id_user'], $strict_user, ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR'), $strict_user);
 $total_agentes = 0;
 $monitor_ok = 0;
@ -130,7 +133,7 @@ echo "</table>";
 //Groups and tags
 $result_groups = groupview_get_groups_list($config['id_user'], $strict_user,
-	'AR', true, true);
+	($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR'), true, true);
 $count = count($result_groups);
--- a/pandora_console/operation/agentes/status_monitor.php
+++ b/pandora_console/operation/agentes/status_monitor.php
@ -20,7 +20,8 @@ global $config;
 check_login();
 if (! check_acl ($config['id_user'], 0, 'AR')
-	&& ! check_acl ($config['id_user'], 0, 'AW')) {
+	&& ! check_acl ($config['id_user'], 0, 'AW') && 
 		! check_acl ($config['id_user'], 0, 'AM')) {
 	db_pandora_audit('ACL Violation',
 		'Trying to access Agent Management');
 	require ('general/noaccess.php');
--- a/pandora_console/operation/agentes/tactical.php
+++ b/pandora_console/operation/agentes/tactical.php
@ -25,7 +25,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
 check_login ();
-if (! check_acl ($config['id_user'], 0, "AR")) {
+if (! check_acl ($config['id_user'], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation", 
 	"Trying to access Agent view (Grouped)");
 	require ("general/noaccess.php");
@ -182,7 +182,7 @@ echo '<td style="vertical-align: top; width: 75%; padding-top: 0px;" id="rightco
 // Last events information
 // ---------------------------------------------------------------------
-$acltags = tags_get_user_module_and_tags ($config['id_user'], $access = 'ER', $user_strict);
+$acltags = tags_get_user_module_and_tags ($config['id_user'], 'ER', $user_strict);
 if (!empty($acltags)) {
 	$tags_condition = tags_get_acl_tags_event_condition($acltags, false, $user_strict);
--- a/pandora_console/operation/agentes/ver_agente.php
+++ b/pandora_console/operation/agentes/ver_agente.php
@ -744,7 +744,9 @@ $id_agente = (int) get_parameter ("id_agente", 0);
 if (empty ($id_agente)) {
 	return;
 }
-
+$agent_a = check_acl ($config['id_user'], 0, "AR");
 $agent_w = check_acl ($config['id_user'], 0, "AW");
 $access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
 $agent = db_get_row ('tagente', 'id_agente', $id_agente);
 // get group for this id_agente
 $id_grupo = $agent['id_grupo'];
@ -755,7 +757,7 @@ if ($is_extra === ENTERPRISE_NOT_HOOK) {
 	$is_extra = false;
 }
-if (! check_acl ($config['id_user'], $id_grupo, "AR", $id_agente) && !$is_extra) {
+if (! check_acl ($config['id_user'], $id_grupo, "AR", $id_agente) && ! check_acl ($config['id_user'], $id_grupo, "AW", $id_agente) && !$is_extra) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access (read) to agent ".agents_get_name($id_agente));
 	include ("general/noaccess.php");
--- a/pandora_console/operation/events/event_statistics.php
+++ b/pandora_console/operation/events/event_statistics.php
@ -23,7 +23,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
 check_login ();
-if (! check_acl ($config['id_user'], 0, "ER")) {
+if (! check_acl ($config['id_user'], 0, "ER") && ! check_acl ($config['id_user'], 0, "EW") && ! check_acl ($config['id_user'], 0, "EM")) {
 	db_pandora_audit("ACL Violation","Trying to access event viewer");
 	require ("general/noaccess.php");
 	return;
--- a/pandora_console/operation/events/events.build_query.php
+++ b/pandora_console/operation/events/events.build_query.php
@ -13,7 +13,13 @@
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU General Public License for more details.
 if (check_acl ($id_user, 0, "ER"))
 	$groups = users_get_groups($id_user, 'ER');
 elseif (check_acl ($id_user, 0, "EW"))
 	$groups = users_get_groups($id_user, 'EW');
 elseif (check_acl ($id_user, 0, "EM"))
 	$groups = users_get_groups($id_user, 'EM');
 $propagate = db_get_value('propagate','tgrupo','id_grupo',$id_group);
@ -217,9 +223,15 @@ if ($id_group > 0 && in_array ($id_group, array_keys ($groups))) {
 else {
 	$group_array = array_keys($groups);
 }
-
+if (check_acl ($id_user, 0, "ER"))
 	$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'ER',
 		'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"
 elseif (check_acl ($id_user, 0, "EW"))
 	$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'EW',
 		'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"
 elseif (check_acl ($id_user, 0, "EM"))
 	$tags_acls_condition = tags_get_acl_tags($id_user, $group_array, 'EM',
 		'event_condition', 'AND', '', $meta, array(), true); //FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)"
 if (($tags_acls_condition != ERR_WRONG_PARAMETERS) && ($tags_acls_condition != ERR_ACL)&& ($tags_acls_condition != -110000)) {
 	$sql_post .= $tags_acls_condition;
--- a/pandora_console/operation/events/events.php
+++ b/pandora_console/operation/events/events.php
@ -27,7 +27,7 @@ check_login ();
-if (! check_acl ($config["id_user"], 0, "ER")) {
+if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW") && ! check_acl ($config["id_user"], 0, "EM")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access event viewer");
 	require ("general/noaccess.php");
@ -349,7 +349,7 @@ if ($config["pure"] == 0 || $meta) {
 	$sound_event['text'] = '<a href="javascript: openSoundEventWindow();">' . html_print_image('images/sound.png', true, array('title' => __('Sound events'))) . '</a>';
 	// If the user has administrator permission display manage tab
-	if (check_acl ($config["id_user"], 0, "EW")) {
+	if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0, "EM")) {
 		// Manage events
 		$manage_events['active'] = false;
 		$manage_events['text'] = '<a href="index.php?sec=eventos&sec2=godmode/events/events&amp;section=filter&amp;pure='.$config['pure'].'">' .
--- a/pandora_console/operation/events/events_list.php
+++ b/pandora_console/operation/events/events_list.php
@ -28,7 +28,12 @@ require_once ($config["homedir"] . "/include/functions_tags.php");
 check_login ();
-if (! check_acl ($config["id_user"], 0, "ER")) {
+$event_a = check_acl ($config['id_user'], 0, "ER");
 $event_w = check_acl ($config['id_user'], 0, "EW");
 $event_m = check_acl ($config['id_user'], 0, "EM");
 $access = ($event_a == true) ? 'ER' : (($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'ER'));
 if (!$event_a && !$event_w && !$event_m) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access event viewer");
 	require ("general/noaccess.php");
@ -144,7 +149,7 @@ if (is_ajax()) {
 $strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']);
 // Get the tags where the user have permissions in Events reading tasks
-$tags = tags_get_user_tags($config['id_user'], 'ER');
+$tags = tags_get_user_tags($config['id_user'], $access);
 if ($id_agent == 0 && !empty($text_agent)) {
@ -196,14 +201,13 @@ if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0,
 	$table->cellspacing = 4;
 	$table->cellpadding = 4;
 	$table->class = 'databox';
-	if (defined('METACONSOLE')) {
+	if (is_metaconsole()) {
 		$table->width = '100%';
 		$table->class = 'databox filters';
 		$table->cellspacing = 0;
 		$table->cellpadding = 0;
 	}
 	$table->styleTable = 'font-weight: bold; text-align:left;';
-	if (!defined("METACONSOLE"))
+	if (!is_metaconsole())
 		$table->style[0] = 'width: 50%; width:50%;';
 	$data = array();
@ -217,12 +221,12 @@ if (check_acl ($config["id_user"], 0, "EW") || check_acl ($config["id_user"], 0,
 	$table->rowid[1] = 'save_filter_row1';
 	$data[0] = __('Filter name') . $jump;
 	$data[0] .= html_print_input_text ('id_name', '', '', 15, 255, true);
-	if(defined('METACONSOLE'))
+	if(is_metaconsole())
 		$data[1] = __('Save in Group') . $jump;
 	else
 		$data[1] = __('Filter group') . $jump;
 	# Fix : Only admin users can see group ALL
-	$data[1] .= html_print_select_groups($config['id_user'], "ER", users_can_manage_group_all(), "id_group_filter",
+	$data[1] .= html_print_select_groups($config['id_user'], $access, users_can_manage_group_all(), "id_group_filter",
 				$id_group_filter, '', '', 0, true, false, false, 'w130', false, '', false, false, 'id_grupo', $strict_user);
 	$table->data[] = $data;
 	$table->rowclass[] = '';
@ -260,15 +264,14 @@ $table->width = '100%';
 $table->cellspacing = 4;
 $table->cellpadding = 4;
 $table->class = 'databox';
-if (defined('METACONSOLE')) {
+if (is_metaconsole()) {
 	$table->width = '100%';
 	$table->cellspacing = 0;
 	$table->cellpadding = 0;
 	$table->class = 'databox filters';
 }
 $table->styleTable = 'font-weight: bold; color: #555; text-align:left;';
-if (!defined("METACONSOLE"))
+if (!is_metaconsole())
 	$table->style[0] = 'width: 50%; width:50%;';
 $data = array();
 $table->rowid[3] = 'update_filter_row1';
@ -316,11 +319,9 @@ $tabletags_with->cellpadding = 4;
 $tabletags_with->class = 'noshadow';
 $tabletags_with->styleTable = 'border: 0px;';
 if (defined('METACONSOLE')) {
 	$tabletags_with->width = '100%';
 	$tabletags_with->class = 'nobady';
 	$tabletags_with->cellspacing = 0;
 	$tabletags_with->cellpadding = 0;
 	$tabletags_with->styleTable = 'border: 0px;';
 }
@ -347,7 +348,6 @@ $tabletags_without->cellspacing = 4;
 $tabletags_without->cellpadding = 4;
 $tabletags_without->class = 'noshadow';
 if (defined('METACONSOLE')) {
 	$tabletags_without->width = '100%';
 	$tabletags_without->class = 'nobady';
 	$tabletags_without->cellspacing = 0;
 	$tabletags_without->cellpadding = 0;
@ -370,7 +370,7 @@ $tabletags_without->rowclass[] = '';
 // EVENTS FILTER
 // Table for filter controls
-if (defined('METACONSOLE')) {
+if (is_metaconsole()) {
 	$events_filter = '<form id="form_filter" class="filters_form" method="post" action="index.php?sec=eventos&amp;sec2=operation/events/events&amp;refr='. 
 		(int)get_parameter("refr", 0) .'&amp;pure='.$config["pure"].'&amp;section=' . $section . '&amp;history='.(int)$history.'">';
 }
@ -431,8 +431,9 @@ $data[0] = __('User ack.') . $jump;
 if ($strict_user) {
 	$user_users = array($config['id_user']=>$config['id_user']);
-} else {
+}
-	$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
+else {
 	$user_users = users_get_user_users($config['id_user'], $access, users_can_manage_group_all());
 }
 $data[0] .= html_print_select($user_users, "id_user_ack", $id_user_ack, '',
@ -472,7 +473,7 @@ $table_advanced->rowclass[] = '';
 $data = array();
 $data[0] = __('Date from') . $jump;
-$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
+//~ $user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
 $data[0] .= html_print_input_text ('date_from', $date_from, '', 15, 10, true);
@ -542,9 +543,8 @@ $table->data = array();
 $data = array();
 $data[0] = __('Group') . $jump;
-$data[0] .= html_print_select_groups($config["id_user"], "ER", true, 
+$data[0] .= html_print_select_groups($config["id_user"], $access, true, 
 	'id_group', $id_group, '', '', 0, true, false, false, 'w130', false, false, false, false, 'id_grupo', $strict_user). $jump;
 //**********************************************************************
 // TODO
 // This code is disabled for to enabled in Pandora 5.1
@ -596,7 +596,7 @@ $table->rowclass[] = '';
 $data = array();
 $data[0] = '<div style="width:100%; text-align:left">';
-if (check_acl ($config["id_user"], 0, "EW")) {
+if ($event_w || $event_m) {
 	$data[0] .= '<a href="javascript:" onclick="show_save_filter_dialog();">' . 
 				html_print_image("images/disk.png", true, array("border" => '0', "title" => __('Save filter'), "alt" => __('Save filter'))) . '</a> &nbsp;';
 }
@ -638,7 +638,7 @@ $events_filter .= $botom_update;
 $events_filter .= "</form>"; //This is the filter div
-if (defined('METACONSOLE'))
+if (is_metaconsole())
 	ui_toggle($events_filter, __("Show Options"));
 else
 	ui_toggle($events_filter, __('Event control filter'), '', !$open_filter);
@ -796,7 +796,7 @@ if (!empty($result)) {
 if (!empty($result)) {
 	//~ Checking the event tags exactly. The event query filters approximated tags to keep events
 	//~ with several tags
-	$acltags = tags_get_user_module_and_tags ($config['id_user'],'ER', true);
+	$acltags = tags_get_user_module_and_tags ($config['id_user'], $access, true);
 	foreach ($result as $key=>$event_data) {
 		$has_tags = events_checks_event_tags($event_data, $acltags);
--- a/pandora_console/operation/events/events_marquee.php
+++ b/pandora_console/operation/events/events_marquee.php
@ -40,6 +40,11 @@ $config["id_user"] = $_SESSION["id_usuario"];
 // Session locking concurrency speedup!
 check_login ();
 $event_a = check_acl ($config['id_user'], 0, "ER");
 $event_w = check_acl ($config['id_user'], 0, "EW");
 $event_m = check_acl ($config['id_user'], 0, "EM");
 $access = ($event_a == true) ? 'ER' : (($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'ER'));
 if (!isInACL($_SERVER['REMOTE_ADDR'])) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access marquee without ACL Access");
@ -47,7 +52,8 @@ if (!isInACL($_SERVER['REMOTE_ADDR'])) {
 	exit;
 }
-$groups = users_get_groups ($config["id_user"], "ER");
+$groups = users_get_groups ($config["id_user"], $access);
 //Otherwise select all groups the user has rights to.
 if (!empty($groups)) {
 	$sql_group_filter = " AND id_grupo IN (".implode (",", array_keys ($groups)).")";
--- a/pandora_console/operation/events/export_csv.php
+++ b/pandora_console/operation/events/export_csv.php
@ -27,7 +27,7 @@ session_write_close ();
 $config["id_user"] = $_SESSION["id_usuario"];
-if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW")) {
+if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW") && ! check_acl ($config["id_user"], 0, "EM")) {
 	exit;
 }
@ -105,7 +105,8 @@ echo chr (13);
 $new = true;
 while ($event = db_get_all_row_by_steps_sql($new, $result, $sql)) {
 	$new = false;
-	if (!check_acl($config["id_user"], $event["id_grupo"], "ER") ||
+	if ((!check_acl($config["id_user"], $event["id_grupo"], "ER") && 
 		!check_acl($config["id_user"], $event["id_grupo"], "EW") && !check_acl($config["id_user"], $event["id_grupo"], "EM") ) ||
 	(!check_acl($config["id_user"], 0, "PM") && $event["event_type"] == 'system'))
 		continue;
--- a/pandora_console/operation/events/sound_events.php
+++ b/pandora_console/operation/events/sound_events.php
@ -32,7 +32,12 @@ global $config;
 check_login ();
 $config["id_user"] = $_SESSION["id_usuario"];
-if (! check_acl ($config['id_user'], 0, "ER")) {
+$event_a = check_acl ($config['id_user'], 0, "ER");
 $event_w = check_acl ($config['id_user'], 0, "EW");
 $event_m = check_acl ($config['id_user'], 0, "EM");
 $access = ($event_a == true) ? 'ER' : (($event_w == true) ? 'EW' : (($event_m == true) ? 'EM' : 'ER'));
 if (! check_acl ($config['id_user'], 0, "ER") && ! check_acl ($config['id_user'], 0, "EW") && ! check_acl ($config['id_user'], 0, "EM")) {
 	db_pandora_audit("ACL Violation","Trying to access event viewer");
 	require ("general/noaccess.php");
@ -69,7 +74,7 @@ $table->size[1] = '90%';
 $table->style[0] = 'font-weight: bold; vertical-align: top;';
 $table->data[0][0] = __('Group');
-$table->data[0][1] = html_print_select_groups(false, "ER", true, 'group', '', 'changeGroup();', '', 0, true);
+$table->data[0][1] = html_print_select_groups(false, $access, true, 'group', '', 'changeGroup();', '', 0, true);
 $table->data[1][0] = __('Type');
 $table->data[1][1] = html_print_checkbox('alert_fired', 'alert_fired', true, true, false, 'changeType();') . __('Alert fired') . '<br />' .
 	html_print_checkbox('critical', 'critical', true, true, false, 'changeType();') . __('Monitor critical') . '<br />' .
--- a/pandora_console/operation/gis_maps/gis_map.php
+++ b/pandora_console/operation/gis_maps/gis_map.php
@ -32,13 +32,13 @@ ui_print_page_header(__('GIS Maps'), "images/op_gis.png", false,
 	"configure_gis_map", false, $buttons);
 $own_info = get_user_info($config['id_user']);
-if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
+if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "MM"))
 	$display_default_column = true;
 else
 	$display_default_column = false;
 $edit_gis_maps = false;
-if (check_acl ($config['id_user'], 0, "IW")) {
+if (check_acl ($config['id_user'], 0, "MW") || check_acl ($config['id_user'], 0, "MM")) {
 	$edit_gis_maps = true;
 }
@ -128,7 +128,9 @@ $iterator = 0;
 if ($maps !== false) {
 	foreach ($maps as $map) {
-		if (!check_acl ($config["id_user"], $map["group_id"], "IR", 0, true)) {
+		if (!check_acl ($config["id_user"], $map["group_id"], "MR") && 
 			!check_acl ($config["id_user"], $map["group_id"], "MW") && 
 			!check_acl ($config["id_user"], $map["group_id"], "MM")) {
 			continue;
 		}
--- a/pandora_console/operation/gis_maps/render_view.php
+++ b/pandora_console/operation/gis_maps/render_view.php
@ -29,7 +29,7 @@ $show_history = get_parameter ('show_history', 'n');
 $map = db_get_row ('tgis_map', 'id_tgis_map', $idMap);
 $confMap = gis_get_map_conf($idMap);
-if (! check_acl ($config['id_user'], $map['group_id'], "IR")) {
+if (! check_acl ($config['id_user'], $map['group_id'], "MR") && ! check_acl ($config['id_user'], $map['group_id'], "MW") && ! check_acl ($config['id_user'], $map['group_id'], "MM")) {
 	db_pandora_audit("ACL Violation", "Trying to access map builder");
 	require ("general/noaccess.php");
 	return;
@ -103,7 +103,7 @@ else {
 		html_print_image ("images/normalscreen.png", true, array ("title" => __('Back to normal mode'))) . "</a>";
 }
-if (check_acl ($config["id_user"], $map['group_id'], "IW")) {
+if (check_acl ($config["id_user"], $map['group_id'], "MW") || check_acl ($config["id_user"], $map['group_id'], "MM")) {
 	$buttons['setup']['text'] = '<a href="index.php?sec=godgismaps&sec2=godmode/gis_maps/configure_gis_map&action=edit_map&map_id='. $idMap.'">'.html_print_image ("images/setup.png", true, array ("title" => __('Setup'))).'</a>';
 	$buttons['setup']['godmode'] = 1;
@ -146,7 +146,7 @@ ui_print_page_header(__('Map') . " &raquo; " . __('Map') . "&nbsp;" . $map['map_
 	"images/op_gis.png", false, "", false, $buttons);
 if ($config["pure"] == 0) {
-	echo "<div id='map' style='width: 99%; height: 500px; border: 1px solid black;' ></div>";
+	echo "<div id='map' style='width: 100%; height: 500px; border: 1px solid black;' ></div>";
 }
 else {
 	echo "<div id='map' style='position:absolute; top:40px; z-index:100; width: 100%; height: 500px; min-height:500px; border: 1px solid black;' ></div>";
--- a/pandora_console/operation/incidents/incident.php
+++ b/pandora_console/operation/incidents/incident.php
@ -18,7 +18,12 @@ require_once ("include/functions_incidents.php");
 check_login ();
-if (! check_acl ($config['id_user'], 0, "IR")) {
+$incident_r = check_acl ($config['id_user'], 0, "IR");
 $incident_w = check_acl ($config['id_user'], 0, "IW");
 $incident_m = check_acl ($config['id_user'], 0, "IM");
 $access = ($incident_r == true) ? 'IR' : (($incident_w == true) ? 'IW' : (($incident_m == true) ? 'IM' : 'IR'));
 if (!$incident_r && !$incident_w && !$incident_m) {
 	db_pandora_audit("ACL Violation","Trying to access incident viewer");
 	require ("general/noaccess.php");
 	exit;
--- a/pandora_console/operation/incidents/incident_detail.php
+++ b/pandora_console/operation/incidents/incident_detail.php
@ -21,7 +21,7 @@ require_once ("include/functions_events.php"); //To get events group information
 check_login ();
-if (! check_acl ($config["id_user"], 0, "IR")) {
+if (! check_acl ($config["id_user"], 0, "IR") && ! check_acl ($config["id_user"], 0, "IW") && ! check_acl ($config["id_user"], 0, "IM")) {
 	// Doesn't have access to this page
 	db_pandora_audit("ACL Violation", "Trying to access incident details");
 	require ("general/noaccess.php");
--- a/pandora_console/operation/incidents/incident_statistics.php
+++ b/pandora_console/operation/incidents/incident_statistics.php
@ -21,7 +21,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
 check_login ();
-if (! check_acl ($config['id_user'], 0, "IR") == 1) {
+if (! check_acl ($config['id_user'], 0, "IR") && ! check_acl ($config['id_user'], 0, "IW") && ! check_acl ($config['id_user'], 0, "IM")) {
 	db_pandora_audit("ACL Violation", "Trying to access Incident section");
 	require ("general/noaccess.php");
 	exit;
--- a/pandora_console/operation/menu.php
+++ b/pandora_console/operation/menu.php
@ -75,43 +75,44 @@ if (check_acl ($config['id_user'], 0, "AR")) {
 	if ($config['log_collector'] == 1) {
 		enterprise_hook ('log_collector_menu');
 	}
 	//End of view agents
 }
 //SNMP Console
 $sub2 = array();
 if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "AW") ) {
 	$sub2["operation/snmpconsole/snmp_view"]["text"] = __("SNMP console");
 	$sub2["operation/snmpconsole/snmp_browser"]["text"] = __("SNMP browser");
 	enterprise_hook ('snmpconsole_submenu');
 }
 if (check_acl ($config['id_user'], 0, "PM"))
 	$sub2["operation/snmpconsole/snmp_mib_uploader"]["text"] = __("MIB uploader");
 if (check_acl ($config['id_user'], 0, "LW") || check_acl ($config['id_user'], 0, "LM")) {
 	$sub2["godmode/snmpconsole/snmp_filters"]["text"] = __("SNMP filters");
 	$sub2["godmode/snmpconsole/snmp_trap_generator"]["text"] = __("SNMP trap generator");
 }
 if (!empty($sub2)) {
 	$sub["snmpconsole"]["sub2"] = $sub2;
 	$sub["snmpconsole"]["text"] = __('SNMP');
 	$sub["snmpconsole"]["id"] = 'SNMP';
 	$sub["snmpconsole"]["refr"] = 0;
 	$sub["snmpconsole"]["type"] = "direct";
 	$sub["snmpconsole"]["subtype"] = "nolink";
 	$sub2 = array();
 	$sub2["operation/snmpconsole/snmp_view"]["text"] = __("SNMP console");
 	$sub2["operation/snmpconsole/snmp_browser"]["text"] = __("SNMP browser");
 	if (check_acl ($config['id_user'], 0, "PM"))
 		$sub2["operation/snmpconsole/snmp_mib_uploader"]["text"] = __("MIB uploader");
 	if (check_acl ($config['id_user'], 0, "LW")) {
 		$sub2["godmode/snmpconsole/snmp_filters"]["text"] = __("SNMP filters");
 		$sub2["godmode/snmpconsole/snmp_trap_generator"]["text"] = __("SNMP trap generator");
 }
 	enterprise_hook ('snmpconsole_submenu');
 	$sub["snmpconsole"]["sub2"] = $sub2;
 if (!empty($sub)) {
 	$menu_operation["estado"]["text"] = __('Monitoring');
 	$menu_operation["estado"]["sec2"] = "operation/agentes/tactical";
 	$menu_operation["estado"]["refr"] = 0;
 	$menu_operation["estado"]["id"] = "oper-agents";
 	$menu_operation["estado"]["sub"] = $sub;
 	//End of view agents
 }
 if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "MR")) {
 //Start network view
 	$menu_operation["network"]["text"] = __('Topology maps');
 	$menu_operation["network"]["sec2"] = "operation/agentes/networkmap_list";
 	$menu_operation["network"]["refr"] = 0;
 	$menu_operation["network"]["id"] = "oper-networkconsole";
 $sub = array();
-}
+if (check_acl ($config['id_user'], 0, "MR") || check_acl ($config['id_user'], 0, "MW") || check_acl ($config['id_user'], 0, "MM")) {
 if (check_acl ($config['id_user'], 0, "MR")) {
 	$sub["operation/agentes/networkmap_list"]["text"] = __('Network map');
 	$sub["operation/agentes/networkmap_list"]["id"] = 'Network map';
 	$sub["operation/agentes/networkmap_list"]["refr"] = 0;
@ -133,7 +134,7 @@ enterprise_hook ('networkmap_console');
 enterprise_hook ('services_menu');
-if (check_acl ($config['id_user'], 0, "VR")) {		
+if (check_acl ($config['id_user'], 0, "VR") || check_acl ($config['id_user'], 0, "VW") || check_acl ($config['id_user'], 0, "VM")) {		
 	//Visual console
 	$sub["godmode/reporting/map_builder"]["text"] = __('Visual console');
 	$sub["godmode/reporting/map_builder"]["id"] = 'Visual console';
@ -155,7 +156,7 @@ if (check_acl ($config['id_user'], 0, "VR")) {
 		$firstLetterNameVisualToShow = array('_', ',', '[', '(');
 		foreach ($layouts as $layout) {
-			if (! check_acl ($config["id_user"], $layout["id_group"], "AR")) {
+			if (!check_acl ($config['id_user'], 0, "VR") && ! check_acl ($config['id_user'], 0, "VW") && ! check_acl ($config['id_user'], 0, "VM")) {
 				continue;
 			}
 			$name = io_safe_output($layout['name']);
@ -186,8 +187,10 @@ if (check_acl ($config['id_user'], 0, "VR")) {
 			$sub["godmode/reporting/map_builder"]["sub2"] = $sub2;
 	}
 }	
-// Agent read, Server read
+
-if (check_acl ($config['id_user'], 0, "AR")) {
+
 if (check_acl ($config['id_user'], 0, "MR") || check_acl ($config['id_user'], 0, "MW") || check_acl ($config['id_user'], 0, "MM")) {
 	//INI GIS Maps
 	if ($config['activate_gis']) {
 		$sub["gismaps"]["text"] = __('GIS Maps');
@ -228,12 +231,17 @@ if (check_acl ($config['id_user'], 0, "AR")) {
 	//END GIS Maps
 }
-if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "MR"))
+if (!empty($sub)) {
 	$menu_operation["network"]["text"] = __('Topology maps');
 	$menu_operation["network"]["sec2"] = "operation/agentes/networkmap_list";
 	$menu_operation["network"]["refr"] = 0;
 	$menu_operation["network"]["id"] = "oper-networkconsole";
 	$menu_operation["network"]["sub"] = $sub;
 }
 //End networkview
 // Reports read
-if (check_acl ($config['id_user'], 0, "RR")) {
+if (check_acl ($config['id_user'], 0, "RR") || check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 	// Reporting
 	$menu_operation["reporting"]["text"] = __('Reporting');
 	$menu_operation["reporting"]["sec2"] = "godmode/reporting/reporting_builder";
@ -281,15 +289,21 @@ if (check_acl ($config['id_user'], 0, "ER")
 	$sub["operation/events/event_statistics"]["text"] = __('Statistics');
 	$sub["operation/events/event_statistics"]["id"] = 'Statistics';
-	//RSS
+	//If ip doesn't is in list of allowed IP, isn't show this options
 	include_once ('include/functions_api.php');
 	if (isInACL($_SERVER['REMOTE_ADDR'])) {
 		$pss = get_user_info($config['id_user']);
 		$hashup = md5($config['id_user'].$pss['password']);
 		//RSS
 		$sub["operation/events/events_rss.php?user=".$config['id_user']."&amp;hashup=".$hashup."&search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["text"] = __('RSS');
 		$sub["operation/events/events_rss.php?user=".$config['id_user']."&amp;hashup=".$hashup."&search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["id"] = 'RSS';
 		$sub["operation/events/events_rss.php?user=".$config['id_user']."&amp;hashup=".$hashup."&search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["type"] = "direct";
 		//Marquee
 		$sub["operation/events/events_marquee.php"]["text"] = __('Marquee');
 		$sub["operation/events/events_marquee.php"]["id"] = 'Marquee';
 		$sub["operation/events/events_marquee.php"]["type"] = "direct";
 	}
 	//CSV
@ -297,11 +311,6 @@ if (check_acl ($config['id_user'], 0, "ER")
 	$sub["operation/events/export_csv.php?search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["id"] = 'CSV File';
 	$sub["operation/events/export_csv.php?search=&event_type=&severity=-1&status=3&id_group=0&refr=0&id_agent=0&pagination=20&group_rep=1&event_view_hr=8&id_user_ack=0&tag_with=&tag_without=&filter_only_alert-1&offset=0&toogle_filter=no&filter_id=0&id_name=&id_group=0&history=0&section=list&open_filter=0&pure="]["type"] = "direct";
 	//Marquee
 	$sub["operation/events/events_marquee.php"]["text"] = __('Marquee');
 	$sub["operation/events/events_marquee.php"]["id"] = 'Marquee';
 	$sub["operation/events/events_marquee.php"]["type"] = "direct";
 	//Sound Events
 	$javascript = "javascript: window.open('operation/events/sound_events.php');";
 	$javascript = 'javascript: alert(111);';
@ -319,7 +328,7 @@ if (check_acl ($config['id_user'], 0, "ER")
 		window.open(url,
 			'<?php __('Sound Alerts'); ?>',
-			'width=475, height=275, resizable=yes, toolbar=no, location=no, directories=no, status=no, menubar=no');
+			'width=400, height=350, resizable=yes, toolbar=no, location=no, directories=no, status=no, menubar=no');
 	}
 	</script>
 	<?php
@ -347,7 +356,9 @@ $sub["operation/users/webchat"]["refr"] = 0;
 //Incidents
-if (check_acl ($config['id_user'], 0, "IR")) {
+if (check_acl ($config['id_user'], 0, "IR") 
 	|| check_acl ($config['id_user'], 0, "IW") 
 	|| check_acl ($config['id_user'], 0, "IM")) {
 	$temp_sec2 = $sec2;
 	if($config['integria_enabled']) {
 		$sec2 = "incident";
@ -399,22 +410,21 @@ $menu_operation["workspace"]["sub"] = $sub;
 // Extensions menu additions
 if (is_array ($config['extensions'])) {
 	$sub = array ();
 	$sub2 = array ();
-	if (check_acl ($config['id_user'], 0, "RR")) {
+	if (check_acl ($config['id_user'], 0, "RR") || check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 		$sub["operation/agentes/exportdata"]["text"] = __('Export data');
 		$sub["operation/agentes/exportdata"]["id"] = 'Export data';
 		$sub["operation/agentes/exportdata"]["subsecs"] =  array("operation/agentes/exportdata");
 	}
-	if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "AD")) {
+	if (check_acl ($config['id_user'], 0, "AR") || check_acl ($config['id_user'], 0, "AD") || check_acl ($config['id_user'], 0, "AW")) {
 		$sub["godmode/agentes/planned_downtime.list"]["text"] = __('Scheduled downtime');
 		$sub["godmode/agentes/planned_downtime.list"]["id"] = 'Scheduled downtime';
 	}
-	if (check_acl ($config['id_user'], 0, "PM")) {
+	if (check_acl ($config['id_user'], 0, "AW")) {
 		$sub["operation/servers/recon_view"]["text"] = __('Recon view');
 		$sub["operation/servers/recon_view"]["id"] = 'Recon view';
 		$sub["operation/servers/recon_view"]["refr"] = 0;
--- a/pandora_console/operation/netflow/nf_live_view.php
+++ b/pandora_console/operation/netflow/nf_live_view.php
@ -24,7 +24,7 @@ ui_require_javascript_file ('calendar');
 // ACL
 check_login ();
-if (! check_acl ($config["id_user"], 0, "AR")) {
+if (! check_acl ($config["id_user"], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access event viewer");
 	require ("general/noaccess.php");
--- a/pandora_console/operation/snmpconsole/snmp_view.php
+++ b/pandora_console/operation/snmpconsole/snmp_view.php
@ -22,8 +22,10 @@ require_once("include/functions_agents.php");
 require_once("include/functions_snmp.php");
 check_login ();
-
+$agent_a = check_acl ($config['id_user'], 0, "AR");
-if (! check_acl ($config['id_user'], 0, "AR")) {
+$agent_w = check_acl ($config['id_user'], 0, "AW");
 $access = ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR');
 if (!$agent_a && !$agent_w) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access SNMP Console");
 	require ("general/noaccess.php");
@ -41,7 +43,7 @@ $trap_type = (int) get_parameter ('trap_type', -1);
 $group_by = (int)get_parameter('group_by', 0);
 $refr = (int)get_parameter("refr", 0);
-$user_groups = users_get_groups ($config['id_user'], "AR", false);
+$user_groups = users_get_groups ($config['id_user'], $access, false);
 $str_user_groups = '';
 $i = 0;
--- a/pandora_console/operation/visual_console/render_view.php
+++ b/pandora_console/operation/visual_console/render_view.php
@ -80,7 +80,7 @@ $vconsole_read = check_acl ($config["id_user"], $id_group, "VR");
 $vconsole_write = check_acl ($config["id_user"], $id_group, "VW");
 $vconsole_manage = check_acl ($config["id_user"], $id_group, "VM");
-if (! $vconsole_read) {
+if (! $vconsole_read && !$vconsole_write && !$vconsole_manage) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access visual console without group access");
 	require ("general/noaccess.php");