2014-03-28 Juan Manuel Ramon <juanmanuel.ramon@artica.es>

* godmode/reporting/map_builder.php
        godmode/netflow/nf_edit_form.php
        include/ajax/visual_console_builder.ajax.php    
        operation/menu.php: Fix ACLs in these views.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@9667 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f

pandora_console/ChangeLog

@@ -1,3 +1,10 @@
+2014-03-28 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
+
+	* godmode/reporting/map_builder.php
+	godmode/netflow/nf_edit_form.php
+	include/ajax/visual_console_builder.ajax.php	
+	operation/menu.php: Fix ACLs in these views.
+
 2014-03-28  Miguel de Dios <miguel.dedios@artica.es>
 	
 	* include/functions_gis.php: set a white background for the

pandora_console/godmode/netflow/nf_edit_form.php

@@ -24,7 +24,8 @@ include_once ($config['homedir'] . "/include/functions_groups.php");
 
 check_login ();
 
-if (! check_acl ($config["id_user"], 0, "IW")) {
+// Fix: Netflow have to check RW ACL
+if (! check_acl ($config["id_user"], 0, "RW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access event viewer");
 	require ($config['homedir'] . "/general/noaccess.php");
@@ -179,7 +180,8 @@ $table->data[0][1] = html_print_input_text ('name', $name, false, 20, 80, true);
 
 $own_info = get_user_info ($config['id_user']);
 $table->data[1][0] = '<b>'.__('Group').'</b>';
-$table->data[1][1] = html_print_select_groups($config['id_user'], "IW",
+// Fix: Netflow filters have to check RW ACL
+$table->data[1][1] = html_print_select_groups($config['id_user'], "RW",
 	$own_info['is_admin'], 'assign_group', $assign_group, '', '', -1, true,
 	false, false);
 

pandora_console/godmode/reporting/map_builder.php

@@ -144,8 +144,9 @@ $table->head[0] = __('Map name');
 $table->head[1] = __('Group');
 $table->head[2] = __('Items');
 
-//Only for IW flag
-if (check_acl ($config['id_user'], 0, "IW")) {
+// Fix: IW was the old ACL for report editing, now is RW
+//Only for RW flag
+if (check_acl ($config['id_user'], 0, "RW")) {
 	$table->head[3] = __('Copy');
 	$table->head[4] = __('Delete');
 }
@@ -185,7 +186,8 @@ else {
 		$data[1] = ui_print_group_icon ($map['id_group'], true);
 		$data[2] = db_get_sql ("SELECT COUNT(*) FROM tlayout_data WHERE id_layout = ".$map['id']);
 		
-		if (check_acl ($config['id_user'], 0, "IW")) {
+		// Fix: IW was the old ACL for report editing, now is RW
+		if (check_acl ($config['id_user'], 0, "RW")) {
 			
 			if (!defined('METACONSOLE')) {
 				$data[3] = '<a class="copy_visualmap" href="index.php?sec=reporting&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;copy_layout=1">'.html_print_image ("images/copy.png", true).'</a>';
@@ -210,8 +212,9 @@ else {
 	echo '<div class="action-buttons" style="width: '.$table->width.'">';
 }
 
-//Only for IW flag
-if (check_acl ($config['id_user'], 0, "IW")) {
+// Fix: IW was the old ACL to check for report editing, now is RW
+//Only for RW flag
+if (check_acl ($config['id_user'], 0, "RW")) {
 	if (!defined('METACONSOLE'))
 		echo '<form action="index.php?sec=reporting&amp;sec2=godmode/reporting/visual_console_builder" method="post">';
 	else {		

pandora_console/include/ajax/visual_console_builder.ajax.php

@@ -17,7 +17,8 @@ global $config;
 
 check_login ();
 
-if (! check_acl ($config['id_user'], 0, "IW")) {
+// Fix: IW was the old ACL to check for report editing, now is RW
+if (! check_acl ($config['id_user'], 0, "RW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access report builder");
 	require ("general/noaccess.php");

pandora_console/operation/menu.php

@@ -321,7 +321,8 @@ $menu_operation["workspace"]["sub"] = $sub;
 
 //End Workspace
 
-if (check_acl ($config['id_user'], 0, "IR")) {
+// Fix: Netflow interfaces have to check RR ACL
+if (check_acl ($config['id_user'], 0, "RR")) {
 	if ($config['activate_netflow']) {
 		$menu_operation["netf"]["text"] = __('Netflow Live View');
 		$menu_operation["netf"]["sec2"] = "operation/netflow/nf_live_view";