diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index b7083c2615..7be1cd9316 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,54 @@ +2012-12-28 Sergio Martin + + * pandoradb_data.sql + include/functions_users.php + include/functions_visual_map.php + include/ajax/skins.ajax.php + include/ajax/events.php + include/functions_custom_graphs.php + include/functions.php + include/functions_agents.php + include/functions_graph.php + include/functions_events.php + include/functions_reporting.php + include/functions_config.php + include/functions_reports.php + operation/visual_console/render_view.php + operation/agentes/exportdata.php + operation/menu.php + operation/events/event_statistics.php + operation/events/events_rss.php + operation/events/export_csv.php + operation/events/sound_events.php + operation/events/events_list.php + operation/events/events_marquee.php + operation/events/events.php + operation/reporting/reporting_viewer.php + pandoradb.data.postgreSQL.sql + pandoradb.data.oracle.sql + extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql + extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql + extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql + general/main_menu.php + godmode/menu.php + godmode/events/event_edit_filter.php + godmode/events/events.php + godmode/events/event_filter.php + godmode/reporting/reporting_builder.list_items.php + godmode/reporting/graph_builder.main.php + godmode/reporting/visual_console_builder.wizard.php + godmode/reporting/visual_console_builder.php + godmode/reporting/reporting_builder.main.php + godmode/reporting/visual_console_builder.data.php + godmode/reporting/visual_console_builder.elements.php + godmode/reporting/graph_builder.php + godmode/reporting/graph_builder.graph_editor.php + godmode/reporting/reporting_builder.php + godmode/reporting/visual_console_builder.editor.php + godmode/reporting/reporting_builder.item_editor.php + godmode/reporting/graphs.php: Change all the event and reporting + acl control to new flags ER,EW,EM,RR,RW,RM + 2012-12-27 Juan Manuel Ramon * include/functions_reports.php: Hide inventory changes report in diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql index 8603957af2..7c25bf24f7 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql @@ -417,8 +417,8 @@ ALTER TABLE `tperfil` ADD COLUMN `event_view` tinyint(3) NOT NULL default '0'; ALTER TABLE `tperfil` ADD COLUMN `event_edit` tinyint(3) NOT NULL default '0'; ALTER TABLE `tperfil` ADD COLUMN `event_management` tinyint(3) NOT NULL default '0'; -UPDATE tperfil SET `report_view`= 1 WHERE id_perfil = 1 AND name = "Operator (Read)"; -UPDATE tperfil SET `report_view`= 1, `report_edit`= 1 WHERE id_perfil = 2 AND name = "Operator (Write)"; -UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1 WHERE id_perfil = 3 AND name = "Chief Operator"; -UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1 WHERE id_perfil = 4 AND name = "Group coordinator"; +UPDATE tperfil SET `report_view`= 1, `event_view`= 1 WHERE id_perfil = 1 AND name = "Operator (Read)"; +UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `event_view`= 1, `event_edit`= 1 WHERE id_perfil = 2 AND name = "Operator (Write)"; +UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1 WHERE id_perfil = 3 AND name = "Chief Operator"; +UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 4 AND name = "Group coordinator"; UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 5 AND name = "Pandora Administrator"; diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql index 59d73f5fe9..d4255acfdf 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql @@ -447,8 +447,8 @@ ALTER TABLE tperfil ADD (event_view NUMBER(5, 0) default 0 NOT NULL); ALTER TABLE tperfil ADD (event_edit NUMBER(5, 0) default 0 NOT NULL); ALTER TABLE tperfil ADD (event_management NUMBER(5, 0) default 0 NOT NULL); -UPDATE tperfil SET report_view= 1 WHERE id_perfil = 1 AND name = 'Operator (Read)'; -UPDATE tperfil SET report_view= 1, report_edit= 1 WHERE id_perfil = 2 AND name = 'Operator (Write)'; -UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1 WHERE id_perfil = 3 AND name = 'Chief Operator'; -UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; +UPDATE tperfil SET report_view= 1, event_view= 1 WHERE id_perfil = 1 AND name = 'Operator (Read)'; +UPDATE tperfil SET report_view= 1, report_edit= 1, event_view= 1, event_edit= 1 WHERE id_perfil = 2 AND name = 'Operator (Write)'; +UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1 WHERE id_perfil = 3 AND name = 'Chief Operator'; +UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 5 AND name = 'Pandora Administrator'; diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql index 076733b91b..1de331882d 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql @@ -438,8 +438,8 @@ ALTER TABLE "tperfil" ADD COLUMN "event_view" SMALLINT NOT NULL default 0; ALTER TABLE "tperfil" ADD COLUMN "event_edit" SMALLINT NOT NULL default 0; ALTER TABLE "tperfil" ADD COLUMN "event_management" SMALLINT NOT NULL default 0; -UPDATE tperfil SET "report_view"= 1 WHERE id_perfil = 1 AND name = 'Operator (Read)'; -UPDATE tperfil SET "report_view"= 1, "report_edit"= 1 WHERE id_perfil = 2 AND name = 'Operator (Write)'; -UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1 WHERE id_perfil = 3 AND name = 'Chief Operator'; -UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; +UPDATE tperfil SET "report_view"= 1, "event_view"= 1 WHERE id_perfil = 1 AND name = 'Operator (Read)'; +UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "event_view"= 1, "event_edit"= 1 WHERE id_perfil = 2 AND name = 'Operator (Write)'; +UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1 WHERE id_perfil = 3 AND name = 'Chief Operator'; +UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 5 AND name = 'Pandora Administrator'; diff --git a/pandora_console/general/main_menu.php b/pandora_console/general/main_menu.php index 81b80bc864..b8e48cde85 100644 --- a/pandora_console/general/main_menu.php +++ b/pandora_console/general/main_menu.php @@ -30,6 +30,7 @@ if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0, "UM") || check_acl ($config['id_user'], 0, "LW") || check_acl ($config['id_user'], 0, "IW") || + check_acl ($config['id_user'], 0, "EW") || check_acl ($config['id_user'], 0, "DW")) { echo '
:: '.__('Administration').' ::
'; diff --git a/pandora_console/godmode/events/event_edit_filter.php b/pandora_console/godmode/events/event_edit_filter.php index ad4add2833..01fa5b61fa 100644 --- a/pandora_console/godmode/events/event_edit_filter.php +++ b/pandora_console/godmode/events/event_edit_filter.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! check_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "EW")) { db_pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); @@ -188,13 +188,13 @@ $table->data[0][0] = ''.__('Filter name').''; $table->data[0][1] = html_print_input_text ('id_name', $id_name, false, 20, 80, true); $table->data[1][0] = ''.__('Filter group').'' . ui_print_help_tip(__('This group will be use to restrict the visibility of this filter with ACLs'), true); -$table->data[1][1] = html_print_select_groups($config['id_user'], "IW", +$table->data[1][1] = html_print_select_groups($config['id_user'], "EW", $own_info['is_admin'], 'id_group_filter', $id_group_filter, '', '', -1, true, false, false); $table->data[2][0] = ''.__('Group').''; -$table->data[2][1] = html_print_select_groups($config['id_user'], "IW", - $own_info['is_admin'], 'id_group', $id_group, '', '', -1, true, +$table->data[2][1] = html_print_select_groups($config['id_user'], "EW", + users_can_manage_group_all(), 'id_group', $id_group, '', '', -1, true, false, false); $types = get_event_types (); @@ -322,12 +322,6 @@ $table->data[18][1] = html_print_button(__('Remove'), 'remove_whithout', $remove - - - - - - $table->data[19][0] = '' . __('Alert events') . ''; $table->data[19][1] = html_print_select( array('-1' => __('All'), diff --git a/pandora_console/godmode/events/event_filter.php b/pandora_console/godmode/events/event_filter.php index fb01e24d19..e823491c35 100644 --- a/pandora_console/godmode/events/event_filter.php +++ b/pandora_console/godmode/events/event_filter.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! check_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "EW")) { db_pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); @@ -83,7 +83,7 @@ if ($multiple_delete) { $own_info = get_user_info ($config['id_user']); // Get group list that user has access -$groups_user = users_get_groups ($config['id_user'], "AW", $own_info['is_admin'], true); +$groups_user = users_get_groups ($config['id_user'], "EW", users_can_manage_group_all(), true); $sql = "SELECT * FROM tevent_filter WHERE id_group_filter IN (".implode(',', array_keys ($groups_user)).")"; $filters = db_get_all_rows_sql($sql); diff --git a/pandora_console/godmode/events/events.php b/pandora_console/godmode/events/events.php index 2bb1e770a9..06b438e194 100644 --- a/pandora_console/godmode/events/events.php +++ b/pandora_console/godmode/events/events.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! check_acl ($config["id_user"], 0, "IW")) { +if (! check_acl ($config["id_user"], 0, "EW")) { db_pandora_audit("ACL Violation", "Trying to access event manage"); require ("general/noaccess.php"); @@ -29,21 +29,22 @@ if (! check_acl ($config["id_user"], 0, "IW")) { $section = (string) get_parameter ("section", "filter"); // Draws header -$buttons = array( - 'filter' => array('active' => false, +$buttons['filter'] = array('active' => false, 'text' => '' . - html_print_image("images/lightning_go.png", true, array ("title" => __('Create filter'))) . ''), - 'responses' => array('active' => false, - 'text' => '' . - html_print_image("images/cog.png", true, array ("title" => __('Event responses'))) . ''), - 'fields' => array('active' => false, - 'text' => '' . - html_print_image("images/pencil.png", true, array ("title" => __('Custom fields'))) . ''), - 'separator' => '', - 'view' => array('active' => false, + html_print_image("images/lightning_go.png", true, array ("title" => __('Create filter'))) . ''); + +if (check_acl ($config["id_user"], 0, "PM")) { + $buttons['responses'] = array('active' => false, + 'text' => '' . + html_print_image("images/cog.png", true, array ("title" => __('Event responses'))) . ''); + $buttons['fields'] = array('active' => false, + 'text' => '' . + html_print_image("images/pencil.png", true, array ("title" => __('Custom fields'))) . ''); +} +$buttons['separator'] = ''; +$buttons['view'] = array('active' => false, 'text' => '' . - html_print_image("images/god6.png", true, array("title" => __('View events'))) . ''), - ); + html_print_image("images/god6.png", true, array("title" => __('View events'))) . ''); switch ($section) { case 'filter': diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php index 2aca7b07a4..0eb29419b9 100644 --- a/pandora_console/godmode/menu.php +++ b/pandora_console/godmode/menu.php @@ -145,7 +145,7 @@ if (check_acl ($config['id_user'], 0, "IW")) { } } -if (check_acl ($config['id_user'], 0, "IW")) { +if (check_acl ($config['id_user'], 0, "EW")) { // Manage events $menu_godmode["geventos"]["text"] = __('Manage events'); $menu_godmode["geventos"]["sec2"] = "godmode/events/events&section=filter"; @@ -153,8 +153,12 @@ if (check_acl ($config['id_user'], 0, "IW")) { // Custom event fields $sub = array (); - $sub["godmode/events/events&section=fields"]["text"] = __('Custom events'); - $sub["godmode/events/events&section=responses"]["text"] = __('Event responses'); + $sub["godmode/events/events&section=filter"]["text"] = __('Event filters'); + + if (check_acl ($config['id_user'], 0, "PM")) { + $sub["godmode/events/events&section=fields"]["text"] = __('Custom events'); + $sub["godmode/events/events&section=responses"]["text"] = __('Event responses'); + } $menu_godmode["geventos"]["sub"] = $sub; } diff --git a/pandora_console/godmode/reporting/graph_builder.graph_editor.php b/pandora_console/godmode/reporting/graph_builder.graph_editor.php index 475875a9c4..3c8567c5c6 100644 --- a/pandora_console/godmode/reporting/graph_builder.graph_editor.php +++ b/pandora_console/godmode/reporting/graph_builder.graph_editor.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/graph_builder.main.php b/pandora_console/godmode/reporting/graph_builder.main.php index 2fbc2bfab7..235aa4e2ab 100644 --- a/pandora_console/godmode/reporting/graph_builder.main.php +++ b/pandora_console/godmode/reporting/graph_builder.main.php @@ -48,7 +48,7 @@ if (is_ajax ()) { check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/graph_builder.php b/pandora_console/godmode/reporting/graph_builder.php index e6445f4547..1d69372c79 100644 --- a/pandora_console/godmode/reporting/graph_builder.php +++ b/pandora_console/godmode/reporting/graph_builder.php @@ -46,7 +46,7 @@ if (is_ajax ()) { check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/graphs.php b/pandora_console/godmode/reporting/graphs.php index 9fcbb1bc64..43589c9162 100644 --- a/pandora_console/godmode/reporting/graphs.php +++ b/pandora_console/godmode/reporting/graphs.php @@ -20,7 +20,7 @@ require_once ('include/functions_custom_graphs.php'); // Check user credentials check_login (); -if (! check_acl ($config['id_user'], 0, "IR")) { +if (! check_acl ($config['id_user'], 0, "RR")) { db_pandora_audit("ACL Violation", "Trying to access Inventory Module Management"); require ("general/noaccess.php"); @@ -69,7 +69,7 @@ ui_print_page_header (__('Reporting')." » ".__('Custom graphs'), "images/r // Delete module SQL code if ($delete_graph) { - if (check_acl ($config['id_user'], 0, "AW")) { + if (check_acl ($config['id_user'], 0, "RW")) { $result = db_process_sql_delete("tgraph_source", array('id_graph' =>$id)); if ($result) @@ -131,13 +131,9 @@ if ($multiple_delete) { __('Successfully deleted'), __('Not deleted. Error deleting data')); } -$own_info = get_user_info ($config['id_user']); -if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) - $return_all_group = true; -else - $return_all_group = false; -$graphs = custom_graphs_get_user ($config['id_user'], false, $return_all_group, "IW"); + +$graphs = custom_graphs_get_user ($config['id_user'], false, true, "RR"); if (! empty ($graphs)) { $table->width = '98%'; @@ -152,7 +148,7 @@ if (! empty ($graphs)) { $table->size[3] = '50px'; $table->align[2] = 'center'; $table->align[3] = 'center'; - if (check_acl ($config['id_user'], 0, "AW")) { + if (check_acl ($config['id_user'], 0, "RW")) { $table->align[4] = 'center'; $table->head[4] = __('Op.'); $table->size[4] = '70px'; @@ -170,7 +166,7 @@ if (! empty ($graphs)) { $data[2] = $graph["graphs_count"]; $data[3] = ui_print_group_icon($graph['id_group'],true); - if (check_acl ($config['id_user'], 0, "AW")) { + if (check_acl ($config['id_user'], 0, "RW") && users_can_manage_group_all($graph['id_group'])) { $data[4] = ''.html_print_image("images/config.png", true).''; @@ -194,10 +190,10 @@ if (! empty ($graphs)) { echo ""; } else { - echo "
".__('There are no defined reportings')."
"; + echo "
".__('There are no defined graphs')."
"; } -if (check_acl ($config['id_user'], 0, "AW")) { +if (check_acl ($config['id_user'], 0, "RW")) { echo '
'; echo '
'; html_print_submit_button (__('Create graph'), 'create', false, 'class="sub next"'); diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 1a527a1624..2fc93719c9 100644 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -16,7 +16,7 @@ global $config; // Login check check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -433,7 +433,7 @@ html_print_input_hidden('id_item', $idItem); $own_info = get_user_info ($config['id_user']); // Get group list that user has access - $groups_user = users_get_groups ($config['id_user'], "IW", $own_info['is_admin'], true); + $groups_user = users_get_groups ($config['id_user'], "RW", $own_info['is_admin'], true); $groups_id = array(); foreach($groups_user as $key => $groups){ $groups_id[] = $groups['id_grupo']; diff --git a/pandora_console/godmode/reporting/reporting_builder.list_items.php b/pandora_console/godmode/reporting/reporting_builder.list_items.php index 895444b159..905a5df43b 100644 --- a/pandora_console/godmode/reporting/reporting_builder.list_items.php +++ b/pandora_console/godmode/reporting/reporting_builder.list_items.php @@ -16,7 +16,7 @@ global $config; // Login check check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -247,7 +247,9 @@ if ($items) { } $table->head[4] = __('Period'); $table->head[5] = __('Description'); - $table->head[6] = '' . __('Op.') . ''; + if (check_acl ($config['id_user'], 0, "RM")) { + $table->head[6] = '' . __('Op.') . ''; + } $table->head[7] = __('Sort'); $table->align[6] = 'center'; @@ -367,11 +369,12 @@ foreach ($items as $item) { $row[6] = ''; - $row[6] .= '' . html_print_image("images/wrench_orange.png", true, array("title" => __('Edit'))) . ''; - $row[6] .= '  '; - $row[6] .= '' . html_print_image("images/cross.png", true, array("title" => __('Delete'))) .''; - $row[6] .= html_print_checkbox_extended ('delete_multiple[]', $item['id_rc'], false, false, '', 'class="check_delete"', true); - + if (check_acl ($config['id_user'], $item['id_group'], "RM")) { + $row[6] .= '' . html_print_image("images/wrench_orange.png", true, array("title" => __('Edit'))) . ''; + $row[6] .= '  '; + $row[6] .= '' . html_print_image("images/cross.png", true, array("title" => __('Delete'))) .''; + $row[6] .= html_print_checkbox_extended ('delete_multiple[]', $item['id_rc'], false, false, '', 'class="check_delete"', true); + } $row[7] = ''; //You can sort the items if the filter is not enable. if (!$filterEnable) { diff --git a/pandora_console/godmode/reporting/reporting_builder.main.php b/pandora_console/godmode/reporting/reporting_builder.main.php index 9b290ec7d3..70582567d9 100644 --- a/pandora_console/godmode/reporting/reporting_builder.main.php +++ b/pandora_console/godmode/reporting/reporting_builder.main.php @@ -16,7 +16,7 @@ global $config; // Login check check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -57,12 +57,7 @@ $table->data['name'][1] = html_print_input_text('name', $reportName, __('Name'), 80, 100, true); $table->data['group'][0] = __('Group'); -$own_info = get_user_info ($config['id_user']); -if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) - $return_all_groups = true; -else - $return_all_groups = false; -$table->data['group'][1] = html_print_select_groups(false, "AR", $return_all_groups, 'id_group', $idGroupReport, false, '', '', true); +$table->data['group'][1] = html_print_select_groups(false, "RW", users_can_manage_group_all(), 'id_group', $idGroupReport, false, '', '', true); if ($report_id_user == $config['id_user'] || is_user_admin ($config["id_user"])) { @@ -81,7 +76,7 @@ if ($report_id_user == $config['id_user'] || $style = ""; $table->data['access'][1] .= ' ' . - html_print_select_groups(false, "AR", false, + html_print_select_groups(false, "RW", false, 'id_group_edit', $id_group_edit, false, '', '', true) . ' '; } diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index 1033d497bc..12ab93a134 100644 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -20,7 +20,7 @@ global $config; // Login check check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RR")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -55,10 +55,10 @@ if ($idReport != 0) { $edit = false; switch ($type_access_selected) { case 'group_view': - $edit = check_acl($config['id_user'], $report['id_group'], "IW"); + $edit = check_acl($config['id_user'], $report['id_group'], "RW"); break; case 'group_edit': - $edit = check_acl($config['id_user'], $report['id_group_edit'], "IW"); + $edit = check_acl($config['id_user'], $report['id_group_edit'], "RW"); break; case 'user_edit': if ($config['id_user'] == $report['id_user'] || @@ -343,7 +343,7 @@ switch ($action) { $reports = reports_get_reports ($filter, array ('name', 'id_report', 'description', 'private', - 'id_user', 'id_group'), $return_all_group, 'IR', $group); + 'id_user', 'id_group'), $return_all_group, 'RR', $group); $table->width = '0px'; if (sizeof ($reports)) { $table->id = 'report_list'; @@ -366,7 +366,7 @@ switch ($action) { } //Admin options only for IW flag - if (check_acl ($config['id_user'], 0, "IW")) { + if (check_acl ($config['id_user'], 0, "RM")) { $table->head[$next] = __('Private'); $table->size[$next] = '40px'; @@ -384,15 +384,15 @@ switch ($action) { foreach ($reports as $report) { if (!is_user_admin ($config["id_user"])){ if ($report["private"] && $report["id_user"] != $config['id_user']) - if (!check_acl ($config["id_user"], $report["id_group"], "AR")) + if (!check_acl ($config["id_user"], $report["id_group"], "RR")) continue; - if (!check_acl ($config["id_user"], $report["id_group"], "AR")) + if (!check_acl ($config["id_user"], $report["id_group"], "RR")) continue; } $data = array (); - if (check_acl ($config["id_user"], $report["id_group"], "AW")) { + if (check_acl ($config["id_user"], $report["id_group"], "RW") && users_can_manage_group_all($report["id_group"])) { $data[0] = ''.$report['name'].''; } @@ -414,48 +414,47 @@ switch ($action) { $next = 6; } - //Admin options only for IW flag - if (check_acl ($config['id_user'], 0, "IW")) { - if ($report["private"] == 1) - $data[$next] = __('Yes'); - else - $data[$next] = __('No'); + + if ($report["private"] == 1) + $data[$next] = __('Yes'); + else + $data[$next] = __('No'); + + $next++; + + + $data[$next] = ui_print_group_icon($report['id_group'], true, "groups_small", '', !defined('METACONSOLE')); + $next++; + + $type_access_selected = reports_get_type_access($report); + $edit = false; + switch ($type_access_selected) { + case 'group_view': + $edit = check_acl($config['id_user'], $report['id_group'], "RW") && users_can_manage_group_all($report["id_group"]); + break; + case 'group_edit': + $edit = check_acl($config['id_user'], $report['id_group_edit'], "RW") && users_can_manage_group_all($report["id_group_edit"]); + break; + case 'user_edit': + if ($config['id_user'] == $report['id_user'] || + is_user_admin ($config["id_user"])) + $edit = true; + break; + } + + + if ($edit) { + $data[$next] = ''; + $data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true); + $data[$next] .= html_print_input_image ('edit', 'images/config.png', 1, '', true, array ('title' => __('Edit'))); + $data[$next] .= ''; - $next++; - - - $data[$next] = ui_print_group_icon($report['id_group'], true, "groups_small", '', !defined('METACONSOLE')); - $next++; - - $type_access_selected = reports_get_type_access($report); - $edit = false; - switch ($type_access_selected) { - case 'group_view': - $edit = check_acl($config['id_user'], $report['id_group'], "IW"); - break; - case 'group_edit': - $edit = check_acl($config['id_user'], $report['id_group_edit'], "IW"); - break; - case 'user_edit': - if ($config['id_user'] == $report['id_user'] || - is_user_admin ($config["id_user"])) - $edit = true; - break; - } - - if ($edit) { - $data[$next] = '
'; - $data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true); - $data[$next] .= html_print_input_image ('edit', 'images/config.png', 1, '', true, array ('title' => __('Edit'))); - $data[$next] .= '
'; - - $data[$next] .= '  
'; - $data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true); - $data[$next] .= html_print_input_hidden ('action','delete_report', true); - $data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '', - true, array ('title' => __('Delete'))); - $data[$next] .= '
'; - } + $data[$next] .= '  
'; + $data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true); + $data[$next] .= html_print_input_hidden ('action','delete_report', true); + $data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '', + true, array ('title' => __('Delete'))); + $data[$next] .= '
'; } array_push ($table->data, $data); @@ -464,7 +463,7 @@ switch ($action) { html_print_table ($table); } - if (check_acl ($config['id_user'], 0, "IW")) { + if (check_acl ($config['id_user'], 0, "RW")) { echo '
'; echo '
'; html_print_submit_button (__('Create report'), 'create', false, 'class="sub next"'); diff --git a/pandora_console/godmode/reporting/visual_console_builder.data.php b/pandora_console/godmode/reporting/visual_console_builder.data.php index 1cc73a1c65..2d4d2d6907 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.data.php +++ b/pandora_console/godmode/reporting/visual_console_builder.data.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -75,7 +75,7 @@ $table->data[0][0] = __('Name:'). ui_print_help_tip (__("Use [ or ( as first cha $table->data[0][1] = html_print_input_text ('name', $visualConsoleName, '', 80, 100, true); $table->data[1][0] = __('Group:'); -$groups = users_get_groups ($config['id_user']); +$groups = users_get_groups ($config['id_user'], 'RW'); $own_info = get_user_info($config['id_user']); // Only display group "All" if user is administrator or has "PM" privileges @@ -84,7 +84,7 @@ if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) else $display_all_group = false; -$table->data[1][1] = html_print_select_groups($config['id_user'], "AR", $display_all_group, 'id_group', $idGroup, '', '', '', true); +$table->data[1][1] = html_print_select_groups($config['id_user'], "RW", $display_all_group, 'id_group', $idGroup, '', '', '', true); $backgrounds_list = list_files ($config['homedir'] . '/images/console/background/', "jpg", 1, 0); $backgrounds_list = array_merge ($backgrounds_list, list_files ($config['homedir'] . '/images/console/background/', "png", 1, 0)); $table->data[2][0] = __('Background'); diff --git a/pandora_console/godmode/reporting/visual_console_builder.editor.php b/pandora_console/godmode/reporting/visual_console_builder.editor.php index 094147c059..2afefa2eb6 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.editor.php +++ b/pandora_console/godmode/reporting/visual_console_builder.editor.php @@ -17,7 +17,7 @@ global $config; // Login check check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/visual_console_builder.elements.php b/pandora_console/godmode/reporting/visual_console_builder.elements.php index 0008d95bc2..95c8035114 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.elements.php +++ b/pandora_console/godmode/reporting/visual_console_builder.elements.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php index 0b92741548..715d4d795f 100755 --- a/pandora_console/godmode/reporting/visual_console_builder.php +++ b/pandora_console/godmode/reporting/visual_console_builder.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/visual_console_builder.wizard.php b/pandora_console/godmode/reporting/visual_console_builder.wizard.php index 529751901b..b8cfea9809 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.wizard.php +++ b/pandora_console/godmode/reporting/visual_console_builder.wizard.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "RW")) { db_pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index 03f5f05477..b37d2ae36a 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -247,14 +247,14 @@ if($get_extended_event) { } else { // Get your groups - $groups = users_get_groups($config['id_user'], 'IR'); + $groups = users_get_groups($config['id_user'], 'ER'); if(in_array ($event['id_grupo'], array_keys ($groups))) { //If the event group is among the groups of the user, you get access } else { // If all the access types fail, abort - echo 'fail'; + echo 'Access denied'; return false; } } @@ -267,13 +267,15 @@ if($get_extended_event) { } // Tabs - $tabs = ""; + $tabs = ""; // Get criticity image switch ($event["criticity"]) { @@ -300,9 +302,13 @@ if($get_extended_event) { $img_sev = "images/status_sets/default/severity_major.png"; break; } - - $responses = events_page_responses($event); + if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) { + $responses = events_page_responses($event); + } + else { + $responses = ''; + } $console_url = ''; // If metaconsole switch to node to get details and custom fields diff --git a/pandora_console/include/ajax/skins.ajax.php b/pandora_console/include/ajax/skins.ajax.php index e9edc903cc..b48e5a4719 100644 --- a/pandora_console/include/ajax/skins.ajax.php +++ b/pandora_console/include/ajax/skins.ajax.php @@ -17,13 +17,6 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "IR")) { - db_pandora_audit("ACL Violation", - "Trying to access report builder"); - require ("general/noaccess.php"); - exit; -} - $get_image_path = get_parameter('get_image_path', 0); /* skins image checks */ diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 37445b1dd0..2850f859bb 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -1475,7 +1475,10 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) { tperfil.incident_management, tperfil.agent_view, tperfil.agent_edit, tperfil.alert_edit, tperfil.alert_management, tperfil.pandora_management, - tperfil.db_management, tperfil.user_management + tperfil.db_management, tperfil.user_management, + tperfil.report_view, tperfil.report_edit, + tperfil.report_management, tperfil.event_view, + tperfil.event_edit, tperfil.event_management FROM tusuario_perfil, tperfil WHERE tusuario_perfil.id_perfil = tperfil.id_perfil AND tusuario_perfil.id_usuario = '%s'", $id_user); @@ -1486,14 +1489,17 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) { tperfil.incident_management, tperfil.agent_view, tperfil.agent_edit, tperfil.alert_edit, tperfil.alert_management, tperfil.pandora_management, - tperfil.db_management, tperfil.user_management + tperfil.db_management, tperfil.user_management, + tperfil.report_view, tperfil.report_edit, + tperfil.report_management, tperfil.event_view, + tperfil.event_edit, tperfil.event_management FROM tusuario_perfil, tperfil WHERE tusuario_perfil.id_perfil = tperfil.id_perfil AND tusuario_perfil.id_usuario = '%s' AND (tusuario_perfil.id_grupo IN (%s) OR tusuario_perfil.id_grupo = 0)", $id_user, implode(', ', $parents_id)); } - + $rowdup = db_get_all_rows_sql ($query); if (empty ($rowdup)) @@ -1533,6 +1539,24 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) { case "UM": $result += $row["user_management"]; break; + case "RR": + $result += $row["report_view"]; + break; + case "RW": + $result += $row["report_edit"]; + break; + case "RM": + $result += $row["report_management"]; + break; + case "ER": + $result += $row["event_view"]; + break; + case "EW": + $result += $row["event_edit"]; + break; + case "EM": + $result += $row["event_management"]; + break; } } diff --git a/pandora_console/include/functions_agents.php b/pandora_console/include/functions_agents.php index 40ab077b46..47855fd545 100644 --- a/pandora_console/include/functions_agents.php +++ b/pandora_console/include/functions_agents.php @@ -482,7 +482,6 @@ function agents_get_agents ($filter = false, $fields = false, $access = 'AR', $o $limit_sql = " LIMIT $offset, $limit "; } $sql = sprintf("%s %s", $sql, $limit_sql); - //html_debug_print($sql, true); if ($return) return $sql; else diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php index 2616fa5746..e7584db040 100644 --- a/pandora_console/include/functions_config.php +++ b/pandora_console/include/functions_config.php @@ -315,9 +315,13 @@ function config_update_config () { */ function config_process_config () { global $config; +<<<<<<< .mine + +======= +>>>>>>> .r7341 $configs = db_get_all_rows_in_table ('tconfig'); - + if (empty ($configs)) { include ($config["homedir"]."/general/error_emptyconfig.php"); exit; diff --git a/pandora_console/include/functions_custom_graphs.php b/pandora_console/include/functions_custom_graphs.php index 1a13f46c47..faeb9e2fab 100644 --- a/pandora_console/include/functions_custom_graphs.php +++ b/pandora_console/include/functions_custom_graphs.php @@ -39,15 +39,15 @@ require_once ($config['homedir'] . '/include/functions_users.php'); * * @return Custom graphs of a an user. Empty array if none. */ -function custom_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'IR') { +function custom_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'RR') { global $config; if (!$id_user) { $id_user = $config['id_user']; } - + $groups = users_get_groups ($id_user, $privileges, $returnAllGroup); - + $all_graphs = db_get_all_rows_in_table ('tgraph', 'name'); if ($all_graphs === false) return array (); diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index dcd9e828a2..73b8dec1ed 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -61,7 +61,7 @@ function events_get_event ($id, $fields = false) { } $event = db_get_row ('tevento', 'id_evento', $id, $fields); - if (! check_acl ($config['id_user'], $event['id_grupo'], 'IR')) + if (! check_acl ($config['id_user'], $event['id_grupo'], 'ER')) return false; return $event; } @@ -192,13 +192,13 @@ function events_delete_event ($id_event, $similar = true, $meta = false) { foreach ($id_event as $event) { if($meta) { - $event_group = events_get_group ($event); - } - else { $event_group = events_meta_get_group ($event); } + else { + $event_group = events_get_group ($event); + } - if (check_acl ($config["id_user"], $event_group, "IM") == 0) { + if (check_acl ($config["id_user"], $event_group, "EM") == 0) { //Check ACL db_pandora_audit("ACL Violation", "Attempted deleting event #".$event); $errors++; @@ -302,7 +302,7 @@ function events_validate_event ($id_event, $similars = true, $new_status = 1, $m $alerts[] = $event['id_alert_am']; } - if (check_acl ($config["id_user"], $event_group, "IW") == 0) { + if (check_acl ($config["id_user"], $event_group, "EW") == 0) { db_pandora_audit("ACL Violation", "Attempted updating event #".$event); return false; @@ -414,7 +414,7 @@ function events_change_status ($id_event, $new_status, $meta) { $alerts[] = $event['id_alert_am']; } - if (check_acl ($config["id_user"], $event_group, "IW") == 0) { + if (check_acl ($config["id_user"], $event_group, "EW") == 0) { db_pandora_audit("ACL Violation", "Attempted updating event #".$id); unset($id_event[$k]); @@ -494,7 +494,7 @@ function events_change_owner ($id_event, $new_owner = false, $force = false, $me else { $event_group = events_get_group ($id); } - if (check_acl ($config["id_user"], $event_group, "IW") == 0) { + if (check_acl ($config["id_user"], $event_group, "EW") == 0) { db_pandora_audit("ACL Violation", "Attempted updating event #".$id); unset($id_event[$k]); } @@ -563,7 +563,7 @@ function events_comment ($id_event, $comment = '', $action = 'Added comment', $m else { $event_group = events_get_group ($id); } - if (check_acl ($config["id_user"], $event_group, "IW") == 0) { + if (check_acl ($config["id_user"], $event_group, "EW") == 0) { db_pandora_audit("ACL Violation", "Attempted updating event #".$id); unset($id_event[$k]); @@ -748,7 +748,7 @@ function events_print_event_table ($filter = "", $limit = 10, $width = 440, $ret $table->align[5] = "right"; foreach ($result as $event) { - if (! check_acl ($config["id_user"], $event["id_grupo"], "AR")) { + if (! check_acl ($config["id_user"], $event["id_grupo"], "ER")) { continue; } $data = array (); @@ -1052,7 +1052,7 @@ function events_print_type_description ($type, $return = false) { function events_get_group_events ($id_group, $period, $date) { global $config; - $id_group = groups_safe_acl ($config["id_user"], $id_group, "AR"); + $id_group = groups_safe_acl ($config["id_user"], $id_group, "ER"); if (empty ($id_group)) { //An empty array means the user doesn't have access @@ -1274,7 +1274,7 @@ function events_check_event_filter_group ($id_filter) { $id_group = db_get_value('id_group', 'tevent_filter', 'id_filter', $id_filter); $own_info = get_user_info ($config['id_user']); // Get group list that user has access - $groups_user = users_get_groups ($config['id_user'], "IW", $own_info['is_admin'], true); + $groups_user = users_get_groups ($config['id_user'], "EW", $own_info['is_admin'], true); $groups_id = array(); $has_permission = false; @@ -1326,7 +1326,10 @@ function events_get_event_filter ($id_filter, $filter = false, $fields = false) function events_get_event_filter_select(){ global $config; - $user_groups = users_get_groups ($config['id_user'], "AW", true, true); + $user_groups = users_get_groups ($config['id_user'], "EW", true, true); + if(empty($user_groups)) { + return array(); + } $sql = "SELECT id_filter, id_name FROM tevent_filter WHERE id_group IN (".implode(',', array_keys ($user_groups)).")"; $event_filters = db_get_all_rows_sql($sql); @@ -1362,38 +1365,67 @@ function events_page_responses ($event) { $table_responses->style[1] = 'text-align: left;'; $table_responses->class = "databox alternate"; - // Owner - $data = array(); - $data[0] = __('Change owner'); + if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + // Owner + $data = array(); + $data[0] = __('Change owner'); + + $users = groups_get_users(array_keys(users_get_groups(false, "EM", false))); - $users = groups_get_users(array_keys(users_get_groups(false, "AR", false))); - - foreach($users as $u) { - $owners[$u['id_user']] = $u['fullname']; + foreach($users as $u) { + $owners[$u['id_user']] = $u['fullname']; + } + + if($event['owner_user'] == '') { + $owner_name = __('None'); + } + else { + $owner_name = db_get_value('fullname', 'tusuario', 'id_user', $event['owner_user']); + $owners[$event['owner_user']] = $owner_name; + } + + $data[1] = html_print_select($owners, 'id_owner', $event['owner_user'], '', __('None'), -1, true); + $data[1] .= html_print_button(__('Update'),'owner_button',false,'event_change_owner();','class="sub next"',true); + + $table_responses->data[] = $data; } - if($event['owner_user'] == '') { - $owner_name = __('None'); - } - else { - $owner_name = db_get_value('fullname', 'tusuario', 'id_user', $event['owner_user']); - $owners[$event['owner_user']] = $owner_name; - } - - $data[1] = html_print_select($owners, 'id_owner', $event['owner_user'], '', __('None'), -1, true); - $data[1] .= html_print_button(__('Update'),'owner_button',false,'event_change_owner();','class="sub next"',true); - - $table_responses->data[] = $data; - // Status $data = array(); $data[0] = __('Change status'); - $status = array(0 => __('New'), 2 => __('In process'), 1 => __('Validated')); + $status_blocked = false; + + if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + // If the user has manager acls, the status can be changed to all possibilities always + $status = array(0 => __('New'), 2 => __('In process'), 1 => __('Validated')); + } + else { + switch($event['estado']) { + case 0: + // If the user hasnt manager acls and the event is new. The status can be changed + $status = array(2 => __('In process'), 1 => __('Validated')); + break; + case 1: + // If the user hasnt manager acls and the event is validated. The status cannot be changed + $status = array(1 => __('Validated')); + $status_blocked = true; + break; + case 2: + // If the user hasnt manager acls and the event is in process. The status only can be changed to validated + $status = array(1 => __('Validated')); + break; + } - $data[1] = html_print_select($status, 'estado', $event['estado'], '', '', 0, true, false, false); - $data[1] .= html_print_button(__('Update'),'status_button',false,'event_change_status(\''.$event['similar_ids'] .'\');','class="sub next"',true); + } + // The change status option will be enabled only when is possible change the status + $data[1] = html_print_select($status, 'estado', $event['estado'], '', '', 0, true, false, false, '', $status_blocked); + + if(!$status_blocked) { + $data[1] .= html_print_button(__('Update'),'status_button',false,'event_change_status(\''.$event['similar_ids'] .'\');','class="sub next"',true); + } + $table_responses->data[] = $data; // Comments @@ -1403,16 +1435,18 @@ function events_page_responses ($event) { $table_responses->data[] = $data; - // Delete - $data = array(); - $data[0] = __('Delete event'); - $data[1] = ''; - $data[1] .= html_print_button(__('Delete event'),'delete_button',false,'if(!confirm(\''.__('Are you sure?').'\')) { return false; } this.form.submit();','class="sub cancel"',true); - $data[1] .= html_print_input_hidden('delete', 1, true); - $data[1] .= html_print_input_hidden('validate_ids', $event['id_evento'], true); - $data[1] .= ''; + if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + // Delete + $data = array(); + $data[0] = __('Delete event'); + $data[1] = '
'; + $data[1] .= html_print_button(__('Delete event'),'delete_button',false,'if(!confirm(\''.__('Are you sure?').'\')) { return false; } this.form.submit();','class="sub cancel"',true); + $data[1] .= html_print_input_hidden('delete', 1, true); + $data[1] .= html_print_input_hidden('validate_ids', $event['id_evento'], true); + $data[1] .= '
'; - $table_responses->data[] = $data; + $table_responses->data[] = $data; + } // Custom responses $data = array(); @@ -2009,8 +2043,13 @@ function events_page_comments ($event) { $table_comments->data[] = $data; } - $comments_form = '
'.html_print_textarea("comment", 3, 10, '', 'style="min-height: 15px; width: 100%;"', true); - $comments_form .= '
'.html_print_button(__('Add comment'),'comment_button',false,'event_comment();','class="sub next"',true).'

'; + if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) { + $comments_form = '
'.html_print_textarea("comment", 3, 10, '', 'style="min-height: 15px; width: 100%;"', true); + $comments_form .= '
'.html_print_button(__('Add comment'),'comment_button',false,'event_comment();','class="sub next"',true).'

'; + } + else { + $comments_form = ''; + } $comments = '
'.$comments_form.html_print_table($table_comments, true).'
'; diff --git a/pandora_console/include/functions_graph.php b/pandora_console/include/functions_graph.php index cd1e3582f6..5d72f3dd32 100755 --- a/pandora_console/include/functions_graph.php +++ b/pandora_console/include/functions_graph.php @@ -1534,7 +1534,7 @@ function grafico_db_agentes_paquetes($width = 380, $height = 300) { $data = array (); $legend = array (); - $agents = agents_get_group_agents (array_keys (users_get_groups ()), false, "none"); + $agents = agents_get_group_agents (array_keys (users_get_groups (false, 'RR')), false, "none"); $count = agents_get_modules_data_count (array_keys ($agents)); unset ($count["total"]); arsort ($count, SORT_NUMERIC); @@ -1909,7 +1909,7 @@ function grafico_eventos_grupo ($width = 300, $height = 200, $url = "", $meta = $other_events = 0; foreach ($result as $row) { - if (!check_acl ($config["id_user"], $row["id_grupo"], "AR") == 1) + if (!check_acl ($config["id_user"], $row["id_grupo"], "ER") == 1) continue; if ($loop >= NUM_PIECES_PIE) { diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index 3b7072768d..2085aa66be 100644 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -902,12 +902,12 @@ function reporting_get_group_stats ($id_group = 0) { $cur_time = get_system_time (); //Check for access credentials using check_acl. More overhead, much safer - if (!check_acl ($config["id_user"], $id_group, "AR")) { + if (!check_acl ($config["id_user"], $id_group, "RR")) { return $data; } if ($id_group == 0) { - $id_group = array_keys (users_get_groups ($config['id_user'], "AR", false)); + $id_group = array_keys (users_get_groups ($config['id_user'], "RR", false)); } // ----------------------------------------------------------------- @@ -2017,7 +2017,7 @@ function reporting_get_agent_module_info ($id_agent, $filter = false) { $return["alert_img"] = ui_print_status_image (STATUS_ALERT_NOT_FIRED, __('Alert not fired'), true); $return["agent_group"] = agents_get_agent_group ($id_agent); - if (!check_acl ($config["id_user"], $return["agent_group"], "AR")) { + if (!check_acl ($config["id_user"], $return["agent_group"], "RR")) { return $return; } @@ -3307,6 +3307,10 @@ function reporting_render_report_html_item ($content, $table, $report, $mini = f // Get events of the last 8 hours $events = events_get_group_events ($content['id_group'], 28800, $report['datetime']); + if($events === false) { + $events = array(); + } + reporting_header_content($mini, $content, $report, $table, __('Group report').': "'.$group_name.'"'); $data = array (); @@ -5371,7 +5375,7 @@ function reporting_get_agentmodule_ttr ($id_agent_module, $period, $date = 0) { * * @return template graphs of a an user. Empty array if none. */ -function reporting_template_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'IR') { +function reporting_template_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'RR') { global $config; if (!$id_user) { diff --git a/pandora_console/include/functions_reports.php b/pandora_console/include/functions_reports.php index 1594d39e16..3073bf75a7 100644 --- a/pandora_console/include/functions_reports.php +++ b/pandora_console/include/functions_reports.php @@ -62,7 +62,7 @@ function reports_get_report ($id_report, $filter = false, $fields = false) { $report = db_get_row_filter ('treport', $filter, $fields); - if (! check_acl ($config['id_user'], $report['id_group'], 'AR')) + if (! check_acl ($config['id_user'], $report['id_group'], 'RR')) return false; return $report; @@ -82,7 +82,7 @@ function reports_get_report ($id_report, $filter = false, $fields = false) { * * @return array An array with all the reports the user can view. */ -function reports_get_reports ($filter = false, $fields = false, $returnAllGroup = true, $privileges = 'IR', $group = false) { +function reports_get_reports ($filter = false, $fields = false, $returnAllGroup = true, $privileges = 'RR', $group = false) { global $config; if (! is_array ($filter)) @@ -118,7 +118,7 @@ function reports_get_reports ($filter = false, $fields = false, $returnAllGroup if (!in_array($report['id_group'], array_keys($groups))) continue; if ($config['id_user'] != $report['id_user'] - && ! check_acl ($config['id_user'], $report['id_group'], 'AR')) + && ! check_acl ($config['id_user'], $report['id_group'], 'RR')) continue; } array_push ($reports, $report); diff --git a/pandora_console/include/functions_users.php b/pandora_console/include/functions_users.php index 18bf0f2b91..0e3540fa29 100644 --- a/pandora_console/include/functions_users.php +++ b/pandora_console/include/functions_users.php @@ -782,4 +782,23 @@ function users_check_users() { return; } + +// Check if a user can manage a group when group is all +// This function dont check acls of the group, only if the +// user is admin or pandora manager and the group is all +function users_can_manage_group_all($id_group = 0) { + global $config; + + if($id_group != 0) { + return true; + } + + $is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']); + + if (check_acl ($config['id_user'], 0, "PM") || $is_admin) { + return true; + } + + return false; +} ?> diff --git a/pandora_console/include/functions_visual_map.php b/pandora_console/include/functions_visual_map.php index 405a624f93..ba512eba83 100644 --- a/pandora_console/include/functions_visual_map.php +++ b/pandora_console/include/functions_visual_map.php @@ -1706,9 +1706,9 @@ function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter $where = db_format_array_where_clause_sql ($filter); if ($returnAllGroup) - $groups = users_get_groups ($id_user); + $groups = users_get_groups ($id_user, 'RR'); else - $groups = users_get_groups ($id_user, 'IR', false); + $groups = users_get_groups ($id_user, 'RR', false); if (!empty($groups)) { if ($where != '') { diff --git a/pandora_console/operation/agentes/exportdata.php b/pandora_console/operation/agentes/exportdata.php index db0ce6c809..4d63992448 100644 --- a/pandora_console/operation/agentes/exportdata.php +++ b/pandora_console/operation/agentes/exportdata.php @@ -24,7 +24,7 @@ require_once ('include/functions_users.php'); check_login(); -if (!check_acl ($config['id_user'], 0, "AR")) { +if (!check_acl ($config['id_user'], 0, "RR")) { require ("general/noaccess.php"); return; } @@ -186,10 +186,10 @@ if (empty($export_btn)) { //Group selector $table->data[0][0] = ''.__('Group').''; - $groups = users_get_groups ($config['id_user'], "AR"); - + $groups = users_get_groups ($config['id_user'], "RR", users_can_manage_group_all()); + $table->data[0][1] = html_print_select_groups($config['id_user'], - "AR", true, "group", $group, '', '', 0, true, false, true, + "RR", users_can_manage_group_all(), "group", $group, '', '', 0, true, false, true, 'w130', false); //Agent selector @@ -203,7 +203,7 @@ if (empty($export_btn)) { } $agents = array (); - $rows = agents_get_agents ($filter, false, 'AR'); + $rows = agents_get_agents ($filter, false, 'RR'); if ($rows == null) $rows = array(); foreach ($rows as $row) { $agents[$row['id_agente']] = $row['nombre']; diff --git a/pandora_console/operation/events/event_statistics.php b/pandora_console/operation/events/event_statistics.php index 0e1947b143..ad48bad989 100644 --- a/pandora_console/operation/events/event_statistics.php +++ b/pandora_console/operation/events/event_statistics.php @@ -23,7 +23,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php'); check_login (); -if (! check_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "ER")) { db_pandora_audit("ACL Violation","Trying to access event viewer"); require ("general/noaccess.php"); return; diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index 77f9196388..2ab1269b7c 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -25,7 +25,7 @@ require_once ($config['homedir'].'/include/functions_ui.php'); check_login (); -if (! check_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "ER")) { db_pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); @@ -185,7 +185,7 @@ $id_group = (int) get_parameter('id_group', 0); $search = io_safe_output(preg_replace ("/&([A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/", "&", rawurldecode (get_parameter ("search")))); -users_get_groups ($config["id_user"], "IR"); +users_get_groups ($config["id_user"], "ER"); $ids = (array) get_parameter ("eventid", -1); @@ -230,7 +230,7 @@ if ($config["pure"] == 0 || defined ('METACONSOLE')) { $sound_event['text'] = '' . html_print_image('images/music_note.png', true, array('title' => __('Sound events'))) . ''; // If the user has administrator permission display manage tab - if (check_acl ($config["id_user"], 0, "IW")) { + if (check_acl ($config["id_user"], 0, "EW")) { // Manage events $manage_events['active'] = false; $manage_events['text'] = '' . @@ -384,8 +384,29 @@ $(document).ready( function() { $("input[name=all_validate_box]").change (function() { $("input[name='validate_ids[]']").attr('checked', $(this).attr('checked')); + $("input[name='validate_ids[]']").trigger('change'); }); + // If some of the checkbox checked cahnnot be deleted disable the delete button + $("input[name='validate_ids[]']").change (function() { + var canDeleted = 1; + $("input[name='validate_ids[]']").each(function() { + if($(this).attr('checked') == 'checked') { + var classs = $(this).attr('class'); + classs = classs.split(' '); + if(classs[0] != 'candeleted') { + canDeleted = 0; + } + } + }); + + if(canDeleted == 0) { + $('#button-delete_button').attr('disabled','disabled'); + } + else { + $('#button-delete_button').removeAttr('disabled'); + } + }); $('#select_validate').change (function() { $option = $('#select_validate').val(); @@ -595,6 +616,9 @@ $(document).ready( function() { $tr = $(this).parents ("tr"); id = this.id.split ("-").pop (); + + $("#delete_cross_"+id).attr ("src", "images/spinner.gif"); + jQuery.post ("", {"page" : "operation/events/events", "delete_event" : 1, diff --git a/pandora_console/operation/events/events_list.php b/pandora_console/operation/events/events_list.php index 5b45e45230..1d006c7b8e 100644 --- a/pandora_console/operation/events/events_list.php +++ b/pandora_console/operation/events/events_list.php @@ -29,7 +29,7 @@ require_once ($config["homedir"] . '/include/functions_tags.php'); check_login (); -if (! check_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "ER")) { db_pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); @@ -147,7 +147,7 @@ if ($id_agent == 0 && $text_agent != __('All')) { $id_agent = -1; } -$groups = users_get_groups($config['id_user'], 'IR'); +$groups = users_get_groups($config['id_user'], 'ER'); //Group selection if ($ev_group > 0 && in_array ($ev_group, array_keys ($groups))) { @@ -317,12 +317,12 @@ echo ""; // Filter group echo "".__('Filter group').""; -html_print_select_groups($config["id_user"], "IR", true, 'id_group', $id_group, '', '', 0, false, false, false, 'w130'); +html_print_select_groups($config["id_user"], "ER", true, 'id_group', $id_group, '', '', 0, false, false, false, 'w130'); echo ""; // Group combo echo "".__('Group').""; -html_print_select_groups($config["id_user"], "IR", true, 'ev_group', $ev_group, '', '', 0, false, false, false, 'w130'); +html_print_select_groups($config["id_user"], "ER", true, 'ev_group', $ev_group, '', '', 0, false, false, false, 'w130'); echo ""; // Event type @@ -735,7 +735,7 @@ if ($i != 0) { $table->align[$i] = 'center'; $table->size[$i] = '80px'; $i++; - if (check_acl ($config["id_user"], 0, "IW") == 1) { + if (check_acl ($config["id_user"], 0, "EW") == 1) { $table->head[$i] = html_print_checkbox ("all_validate_box", "1", false, true); $table->align[$i] = 'center'; } @@ -1023,19 +1023,17 @@ foreach ($result as $event) { //Actions $data[$i] = ''; // Validate event - if (($event["estado"] != 1) and (check_acl ($config["id_user"], $event["id_grupo"], "IW") == 1)) { + if (($event["estado"] != 1) and (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1)) { $data[$i] .= ''; $data[$i] .= html_print_image ("images/ok.png", true, array ("title" => __('Validate event'))); $data[$i] .= ' '; } - else { - $data[$i] .= '      '; - } + // Delete event - if (check_acl ($config["id_user"], $event["id_grupo"], "IM") == 1) { + if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { if($event['estado'] != 2) { - $data[$i] .= ''; + $data[$i] .= ''; $data[$i] .= html_print_image ("images/cross.png", true, array ("title" => __('Delete event'), "id" => 'delete_cross_' . $event['id_evento'])); $data[$i] .= ' '; @@ -1053,10 +1051,19 @@ foreach ($result as $event) { $data[$i] .= ' '; $i++; - if (check_acl ($config["id_user"], $event["id_grupo"], "IW") == 1) { + if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + //Checkbox + // Class 'candeleted' must be the fist class to be parsed from javascript. Dont change + $data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="candeleted chk_val"', true); + } + else if (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1) { //Checkbox $data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="chk_val"', true); } + else if (isset($table->header[$i]) || true) { + $data[$i] = ''; + } + array_push ($table->data, $data); } @@ -1074,10 +1081,10 @@ if (!empty ($table->data)) { html_print_table ($table); echo '
'; - if (check_acl ($config["id_user"], 0, "IW") == 1) { + if (check_acl ($config["id_user"], 0, "EW") == 1) { html_print_button(__('Validate selected'), 'validate_button', false, 'validate_selected();', 'class="sub ok"'); } - if (check_acl ($config["id_user"], 0,"IM") == 1) { + if (check_acl ($config["id_user"], 0,"EM") == 1) { html_print_button(__('Delete selected'), 'delete_button', false, 'delete_selected();', 'class="sub delete"'); ?>