tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2012-12-28 Sergio Martin <sergio.martin@artica.es> 

* pandoradb_data.sql
	include/functions_users.php
	include/functions_visual_map.php
	include/ajax/skins.ajax.php
	include/ajax/events.php
	include/functions_custom_graphs.php
	include/functions.php
	include/functions_agents.php
	include/functions_graph.php
	include/functions_events.php
	include/functions_reporting.php
	include/functions_config.php
	include/functions_reports.php
	operation/visual_console/render_view.php
	operation/agentes/exportdata.php
	operation/menu.php
	operation/events/event_statistics.php
	operation/events/events_rss.php
	operation/events/export_csv.php
	operation/events/sound_events.php
	operation/events/events_list.php
	operation/events/events_marquee.php
	operation/events/events.php
	operation/reporting/reporting_viewer.php
	pandoradb.data.postgreSQL.sql
	pandoradb.data.oracle.sql
	extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql
	extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql
	extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql
	general/main_menu.php
	godmode/menu.php
	godmode/events/event_edit_filter.php
	godmode/events/events.php
	godmode/events/event_filter.php
	godmode/reporting/reporting_builder.list_items.php
	godmode/reporting/graph_builder.main.php
	godmode/reporting/visual_console_builder.wizard.php
	godmode/reporting/visual_console_builder.php
	godmode/reporting/reporting_builder.main.php
	godmode/reporting/visual_console_builder.data.php
	godmode/reporting/visual_console_builder.elements.php
	godmode/reporting/graph_builder.php
	godmode/reporting/graph_builder.graph_editor.php
	godmode/reporting/reporting_builder.php
	godmode/reporting/visual_console_builder.editor.php
	godmode/reporting/reporting_builder.item_editor.php
	godmode/reporting/graphs.php: Change all the event and reporting
	acl control to new flags ER,EW,EM,RR,RW,RM



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7342 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
zarzuelo 2012-12-28 17:06:17 +00:00
parent 2a319d8149
commit 56e32fd698
48 changed files with 425 additions and 261 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
pandora_console/ChangeLog
View File

@ -1,3 +1,54 @@
2012-12-28 Sergio Martin <sergio.martin@artica.es>
* pandoradb_data.sql
include/functions_users.php
include/functions_visual_map.php
include/ajax/skins.ajax.php
include/ajax/events.php
include/functions_custom_graphs.php
include/functions.php
include/functions_agents.php
include/functions_graph.php
include/functions_events.php
include/functions_reporting.php
include/functions_config.php
include/functions_reports.php
operation/visual_console/render_view.php
operation/agentes/exportdata.php
operation/menu.php
operation/events/event_statistics.php
operation/events/events_rss.php
operation/events/export_csv.php
operation/events/sound_events.php
operation/events/events_list.php
operation/events/events_marquee.php
operation/events/events.php
operation/reporting/reporting_viewer.php
pandoradb.data.postgreSQL.sql
pandoradb.data.oracle.sql
extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql
extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql
extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql
general/main_menu.php
godmode/menu.php
godmode/events/event_edit_filter.php
godmode/events/events.php
godmode/events/event_filter.php
godmode/reporting/reporting_builder.list_items.php
godmode/reporting/graph_builder.main.php
godmode/reporting/visual_console_builder.wizard.php
godmode/reporting/visual_console_builder.php
godmode/reporting/reporting_builder.main.php
godmode/reporting/visual_console_builder.data.php
godmode/reporting/visual_console_builder.elements.php
godmode/reporting/graph_builder.php
godmode/reporting/graph_builder.graph_editor.php
godmode/reporting/reporting_builder.php
godmode/reporting/visual_console_builder.editor.php
godmode/reporting/reporting_builder.item_editor.php
godmode/reporting/graphs.php: Change all the event and reporting
acl control to new flags ER,EW,EM,RR,RW,RM
2012-12-27 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
* include/functions_reports.php: Hide inventory changes report in

8
pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql
View File

@ -417,8 +417,8 @@ ALTER TABLE `tperfil` ADD COLUMN `event_view` tinyint(3) NOT NULL default '0';
ALTER TABLE `tperfil` ADD COLUMN `event_edit` tinyint(3) NOT NULL default '0';
ALTER TABLE `tperfil` ADD COLUMN `event_management` tinyint(3) NOT NULL default '0';
UPDATE tperfil SET `report_view`= 1 WHERE id_perfil = 1 AND name = "Operator&#x20;&#40;Read&#41;";
UPDATE tperfil SET `report_view`= 1, `report_edit`= 1 WHERE id_perfil = 2 AND name = "Operator&#x20;&#40;Write&#41;";
UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1 WHERE id_perfil = 3 AND name = "Chief&#x20;Operator";
UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1 WHERE id_perfil = 4 AND name = "Group&#x20;coordinator";
UPDATE tperfil SET `report_view`= 1, `event_view`= 1 WHERE id_perfil = 1 AND name = "Operator&#x20;&#40;Read&#41;";
UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `event_view`= 1, `event_edit`= 1 WHERE id_perfil = 2 AND name = "Operator&#x20;&#40;Write&#41;";
UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1 WHERE id_perfil = 3 AND name = "Chief&#x20;Operator";
UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 4 AND name = "Group&#x20;coordinator";
UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 5 AND name = "Pandora&#x20;Administrator";

8
pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql
View File

@ -447,8 +447,8 @@ ALTER TABLE tperfil ADD (event_view NUMBER(5, 0) default 0 NOT NULL);
ALTER TABLE tperfil ADD (event_edit NUMBER(5, 0) default 0 NOT NULL);
ALTER TABLE tperfil ADD (event_management NUMBER(5, 0) default 0 NOT NULL);
UPDATE tperfil SET report_view= 1 WHERE id_perfil = 1 AND name = 'Operator&#x20;&#40;Read&#41;';
UPDATE tperfil SET report_view= 1, report_edit= 1 WHERE id_perfil = 2 AND name = 'Operator&#x20;&#40;Write&#41;';
UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1 WHERE id_perfil = 3 AND name = 'Chief&#x20;Operator';
UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1 WHERE id_perfil = 4 AND name = 'Group&#x20;coordinator';
UPDATE tperfil SET report_view= 1, event_view= 1 WHERE id_perfil = 1 AND name = 'Operator&#x20;&#40;Read&#41;';
UPDATE tperfil SET report_view= 1, report_edit= 1, event_view= 1, event_edit= 1 WHERE id_perfil = 2 AND name = 'Operator&#x20;&#40;Write&#41;';
UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1 WHERE id_perfil = 3 AND name = 'Chief&#x20;Operator';
UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 4 AND name = 'Group&#x20;coordinator';
UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 5 AND name = 'Pandora&#x20;Administrator';

8
pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql
View File

@ -438,8 +438,8 @@ ALTER TABLE "tperfil" ADD COLUMN "event_view" SMALLINT NOT NULL default 0;
ALTER TABLE "tperfil" ADD COLUMN "event_edit" SMALLINT NOT NULL default 0;
ALTER TABLE "tperfil" ADD COLUMN "event_management" SMALLINT NOT NULL default 0;
UPDATE tperfil SET "report_view"= 1 WHERE id_perfil = 1 AND name = 'Operator&#x20;&#40;Read&#41;';
UPDATE tperfil SET "report_view"= 1, "report_edit"= 1 WHERE id_perfil = 2 AND name = 'Operator&#x20;&#40;Write&#41;';
UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1 WHERE id_perfil = 3 AND name = 'Chief&#x20;Operator';
UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1 WHERE id_perfil = 4 AND name = 'Group&#x20;coordinator';
UPDATE tperfil SET "report_view"= 1, "event_view"= 1 WHERE id_perfil = 1 AND name = 'Operator&#x20;&#40;Read&#41;';
UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "event_view"= 1, "event_edit"= 1 WHERE id_perfil = 2 AND name = 'Operator&#x20;&#40;Write&#41;';
UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1 WHERE id_perfil = 3 AND name = 'Chief&#x20;Operator';
UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 4 AND name = 'Group&#x20;coordinator';
UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 5 AND name = 'Pandora&#x20;Administrator';

1
pandora_console/general/main_menu.php
View File

@ -30,6 +30,7 @@ if (check_acl ($config['id_user'], 0, "AW") ||
check_acl ($config['id_user'], 0, "UM") ||
check_acl ($config['id_user'], 0, "LW") ||
check_acl ($config['id_user'], 0, "IW") ||
check_acl ($config['id_user'], 0, "EW") ||
check_acl ($config['id_user'], 0, "DW")) {
echo '<div class="tit bg3">:: '.__('Administration').' ::</div>';

14
pandora_console/godmode/events/event_edit_filter.php
View File

@ -18,7 +18,7 @@ global $config;
check_login ();
if (! check_acl ($config["id_user"], 0, "IR")) {
if (! check_acl ($config["id_user"], 0, "EW")) {
db_pandora_audit("ACL Violation",
"Trying to access event viewer");
require ("general/noaccess.php");
@ -188,13 +188,13 @@ $table->data[0][0] = '<b>'.__('Filter name').'</b>';
$table->data[0][1] = html_print_input_text ('id_name', $id_name, false, 20, 80, true);
$table->data[1][0] = '<b>'.__('Filter group').'</b>' . ui_print_help_tip(__('This group will be use to restrict the visibility of this filter with ACLs'), true);
$table->data[1][1] = html_print_select_groups($config['id_user'], "IW",
$table->data[1][1] = html_print_select_groups($config['id_user'], "EW",
$own_info['is_admin'], 'id_group_filter', $id_group_filter, '', '', -1, true,
false, false);
$table->data[2][0] = '<b>'.__('Group').'</b>';
$table->data[2][1] = html_print_select_groups($config['id_user'], "IW",
$own_info['is_admin'], 'id_group', $id_group, '', '', -1, true,
$table->data[2][1] = html_print_select_groups($config['id_user'], "EW",
users_can_manage_group_all(), 'id_group', $id_group, '', '', -1, true,
false, false);
$types = get_event_types ();
@ -322,12 +322,6 @@ $table->data[18][1] = html_print_button(__('Remove'), 'remove_whithout', $remove
$table->data[19][0] = '<b>' . __('Alert events') . '</b>';
$table->data[19][1] = html_print_select(
array('-1' => __('All'),

4
pandora_console/godmode/events/event_filter.php
View File

@ -18,7 +18,7 @@ global $config;
check_login ();
if (! check_acl ($config["id_user"], 0, "IR")) {
if (! check_acl ($config["id_user"], 0, "EW")) {
db_pandora_audit("ACL Violation",
"Trying to access event viewer");
require ("general/noaccess.php");
@ -83,7 +83,7 @@ if ($multiple_delete) {
$own_info = get_user_info ($config['id_user']);
// Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "AW", $own_info['is_admin'], true);
$groups_user = users_get_groups ($config['id_user'], "EW", users_can_manage_group_all(), true);
$sql = "SELECT * FROM tevent_filter WHERE id_group_filter IN (".implode(',', array_keys ($groups_user)).")";
$filters = db_get_all_rows_sql($sql);

29
pandora_console/godmode/events/events.php
View File

@ -18,7 +18,7 @@ global $config;
check_login ();
if (! check_acl ($config["id_user"], 0, "IW")) {
if (! check_acl ($config["id_user"], 0, "EW")) {
db_pandora_audit("ACL Violation",
"Trying to access event manage");
require ("general/noaccess.php");
@ -29,21 +29,22 @@ if (! check_acl ($config["id_user"], 0, "IW")) {
$section = (string) get_parameter ("section", "filter");
// Draws header
$buttons = array(
'filter' => array('active' => false,
$buttons['filter'] = array('active' => false,
'text' => '<a href="index.php?sec=geventos&sec2=godmode/events/events&amp;section=filter&amp;pure='.$config['pure'].'">' .
html_print_image("images/lightning_go.png", true, array ("title" => __('Create filter'))) . '</a>'),
'responses' => array('active' => false,
'text' => '<a href="index.php?sec=geventos&sec2=godmode/events/events&amp;section=responses&amp;pure='.$config['pure'].'">' .
html_print_image("images/cog.png", true, array ("title" => __('Event responses'))) . '</a>'),
'fields' => array('active' => false,
'text' => '<a href="index.php?sec=geventos&sec2=godmode/events/events&amp;section=fields&amp;pure='.$config['pure'].'">' .
html_print_image("images/pencil.png", true, array ("title" => __('Custom fields'))) . '</a>'),
'separator' => '',
'view' => array('active' => false,
html_print_image("images/lightning_go.png", true, array ("title" => __('Create filter'))) . '</a>');
if (check_acl ($config["id_user"], 0, "PM")) {
$buttons['responses'] = array('active' => false,
'text' => '<a href="index.php?sec=geventos&sec2=godmode/events/events&amp;section=responses&amp;pure='.$config['pure'].'">' .
html_print_image("images/cog.png", true, array ("title" => __('Event responses'))) . '</a>');
$buttons['fields'] = array('active' => false,
'text' => '<a href="index.php?sec=geventos&sec2=godmode/events/events&amp;section=fields&amp;pure='.$config['pure'].'">' .
html_print_image("images/pencil.png", true, array ("title" => __('Custom fields'))) . '</a>');
}
$buttons['separator'] = '';
$buttons['view'] = array('active' => false,
'text' => '<a href="index.php?sec=eventos&sec2=operation/events/events&amp;pure='.$config['pure'].'">' .
html_print_image("images/god6.png", true, array("title" => __('View events'))) . '</a>'),
);
html_print_image("images/god6.png", true, array("title" => __('View events'))) . '</a>');
switch ($section) {
case 'filter':

10
pandora_console/godmode/menu.php
View File

@ -145,7 +145,7 @@ if (check_acl ($config['id_user'], 0, "IW")) {
}
}
if (check_acl ($config['id_user'], 0, "IW")) {
if (check_acl ($config['id_user'], 0, "EW")) {
// Manage events
$menu_godmode["geventos"]["text"] = __('Manage events');
$menu_godmode["geventos"]["sec2"] = "godmode/events/events&amp;section=filter";
@ -153,8 +153,12 @@ if (check_acl ($config['id_user'], 0, "IW")) {
// Custom event fields
$sub = array ();
$sub["godmode/events/events&amp;section=fields"]["text"] = __('Custom events');
$sub["godmode/events/events&amp;section=responses"]["text"] = __('Event responses');
$sub["godmode/events/events&amp;section=filter"]["text"] = __('Event filters');
if (check_acl ($config['id_user'], 0, "PM")) {
$sub["godmode/events/events&amp;section=fields"]["text"] = __('Custom events');
$sub["godmode/events/events&amp;section=responses"]["text"] = __('Event responses');
}
$menu_godmode["geventos"]["sub"] = $sub;
}

2
pandora_console/godmode/reporting/graph_builder.graph_editor.php
View File

@ -17,7 +17,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access graph builder");
include ("general/noaccess.php");

2
pandora_console/godmode/reporting/graph_builder.main.php
View File

@ -48,7 +48,7 @@ if (is_ajax ()) {
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access graph builder");
include ("general/noaccess.php");

2
pandora_console/godmode/reporting/graph_builder.php
View File

@ -46,7 +46,7 @@ if (is_ajax ()) {
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access graph builder");
include ("general/noaccess.php");

20
pandora_console/godmode/reporting/graphs.php
View File

@ -20,7 +20,7 @@ require_once ('include/functions_custom_graphs.php');
// Check user credentials
check_login ();
if (! check_acl ($config['id_user'], 0, "IR")) {
if (! check_acl ($config['id_user'], 0, "RR")) {
db_pandora_audit("ACL Violation",
"Trying to access Inventory Module Management");
require ("general/noaccess.php");
@ -69,7 +69,7 @@ ui_print_page_header (__('Reporting')." &raquo; ".__('Custom graphs'), "images/r
// Delete module SQL code
if ($delete_graph) {
if (check_acl ($config['id_user'], 0, "AW")) {
if (check_acl ($config['id_user'], 0, "RW")) {
$result = db_process_sql_delete("tgraph_source", array('id_graph' =>$id));
if ($result)
@ -131,13 +131,9 @@ if ($multiple_delete) {
__('Successfully deleted'),
__('Not deleted. Error deleting data'));
}
$own_info = get_user_info ($config['id_user']);
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
$return_all_group = true;
else
$return_all_group = false;
$graphs = custom_graphs_get_user ($config['id_user'], false, $return_all_group, "IW");
$graphs = custom_graphs_get_user ($config['id_user'], false, true, "RR");
if (! empty ($graphs)) {
$table->width = '98%';
@ -152,7 +148,7 @@ if (! empty ($graphs)) {
$table->size[3] = '50px';
$table->align[2] = 'center';
$table->align[3] = 'center';
if (check_acl ($config['id_user'], 0, "AW")) {
if (check_acl ($config['id_user'], 0, "RW")) {
$table->align[4] = 'center';
$table->head[4] = __('Op.');
$table->size[4] = '70px';
@ -170,7 +166,7 @@ if (! empty ($graphs)) {
$data[2] = $graph["graphs_count"];
$data[3] = ui_print_group_icon($graph['id_group'],true);
if (check_acl ($config['id_user'], 0, "AW")) {
if (check_acl ($config['id_user'], 0, "RW") && users_can_manage_group_all($graph['id_group'])) {
$data[4] = '<a href="index.php?sec=reporting&sec2=godmode/reporting/graph_builder&edit_graph=1&id='.
$graph['id_graph'].'">'.html_print_image("images/config.png", true).'</a>';
@ -194,10 +190,10 @@ if (! empty ($graphs)) {
echo "</form>";
}
else {
echo "<div class='nf'>".__('There are no defined reportings')."</div>";
echo "<div class='nf'>".__('There are no defined graphs')."</div>";
}
if (check_acl ($config['id_user'], 0, "AW")) {
if (check_acl ($config['id_user'], 0, "RW")) {
echo '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/graph_builder">';
echo '<div class="action-buttons" style="width: 98%;">';
html_print_submit_button (__('Create graph'), 'create', false, 'class="sub next"');

4
pandora_console/godmode/reporting/reporting_builder.item_editor.php
View File

@ -16,7 +16,7 @@ global $config;
// Login check
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
@ -433,7 +433,7 @@ html_print_input_hidden('id_item', $idItem);
$own_info = get_user_info ($config['id_user']);
// Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "IW", $own_info['is_admin'], true);
$groups_user = users_get_groups ($config['id_user'], "RW", $own_info['is_admin'], true);
$groups_id = array();
foreach($groups_user as $key => $groups){
$groups_id[] = $groups['id_grupo'];

17
pandora_console/godmode/reporting/reporting_builder.list_items.php
View File

@ -16,7 +16,7 @@ global $config;
// Login check
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
@ -247,7 +247,9 @@ if ($items) {
}
$table->head[4] = __('Period');
$table->head[5] = __('Description');
$table->head[6] = '<span title="' . __('Options') . '">' . __('Op.') . '</span>';
if (check_acl ($config['id_user'], 0, "RM")) {
$table->head[6] = '<span title="' . __('Options') . '">' . __('Op.') . '</span>';
}
$table->head[7] = __('Sort');
$table->align[6] = 'center';
@ -367,11 +369,12 @@ foreach ($items as $item) {
$row[6] = '';
$row[6] .= '<a href="index.php?sec=reporting&sec2=' . $config['homedir'] . '/godmode/reporting/reporting_builder&tab=item_editor&action=edit&id_report=' . $idReport . '&id_item=' . $item['id_rc'] . '">' . html_print_image("images/wrench_orange.png", true, array("title" => __('Edit'))) . '</a>';
$row[6] .= '&nbsp;&nbsp;';
$row[6] .= '<a onClick="if (!confirm (\'Are you sure?\')) return false;" href="index.php?sec=reporting&sec2=' . $config['homedir'] . '/godmode/reporting/reporting_builder&tab=list_items&action=delete&id_report=' . $idReport . '&id_item=' . $item['id_rc'] . $urlFilter . '">' . html_print_image("images/cross.png", true, array("title" => __('Delete'))) .'</a>';
$row[6] .= html_print_checkbox_extended ('delete_multiple[]', $item['id_rc'], false, false, '', 'class="check_delete"', true);
if (check_acl ($config['id_user'], $item['id_group'], "RM")) {
$row[6] .= '<a href="index.php?sec=reporting&sec2=' . $config['homedir'] . '/godmode/reporting/reporting_builder&tab=item_editor&action=edit&id_report=' . $idReport . '&id_item=' . $item['id_rc'] . '">' . html_print_image("images/wrench_orange.png", true, array("title" => __('Edit'))) . '</a>';
$row[6] .= '&nbsp;&nbsp;';
$row[6] .= '<a onClick="if (!confirm (\'Are you sure?\')) return false;" href="index.php?sec=reporting&sec2=' . $config['homedir'] . '/godmode/reporting/reporting_builder&tab=list_items&action=delete&id_report=' . $idReport . '&id_item=' . $item['id_rc'] . $urlFilter . '">' . html_print_image("images/cross.png", true, array("title" => __('Delete'))) .'</a>';
$row[6] .= html_print_checkbox_extended ('delete_multiple[]', $item['id_rc'], false, false, '', 'class="check_delete"', true);
}
$row[7] = '';
//You can sort the items if the filter is not enable.
if (!$filterEnable) {

11
pandora_console/godmode/reporting/reporting_builder.main.php
View File

@ -16,7 +16,7 @@ global $config;
// Login check
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
@ -57,12 +57,7 @@ $table->data['name'][1] = html_print_input_text('name', $reportName,
__('Name'), 80, 100, true);
$table->data['group'][0] = __('Group');
$own_info = get_user_info ($config['id_user']);
if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
$return_all_groups = true;
else
$return_all_groups = false;
$table->data['group'][1] = html_print_select_groups(false, "AR", $return_all_groups, 'id_group', $idGroupReport, false, '', '', true);
$table->data['group'][1] = html_print_select_groups(false, "RW", users_can_manage_group_all(), 'id_group', $idGroupReport, false, '', '', true);
if ($report_id_user == $config['id_user'] ||
is_user_admin ($config["id_user"])) {
@ -81,7 +76,7 @@ if ($report_id_user == $config['id_user'] ||
$style = "";
$table->data['access'][1] .= '<span style="' . $style . '" class="access_subform" id="group_edit">
' .
html_print_select_groups(false, "AR", false,
html_print_select_groups(false, "RW", false,
'id_group_edit', $id_group_edit, false, '', '', true) . '
</span>';
}

99
pandora_console/godmode/reporting/reporting_builder.php
View File

@ -20,7 +20,7 @@ global $config;
// Login check
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RR")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
@ -55,10 +55,10 @@ if ($idReport != 0) {
$edit = false;
switch ($type_access_selected) {
case 'group_view':
$edit = check_acl($config['id_user'], $report['id_group'], "IW");
$edit = check_acl($config['id_user'], $report['id_group'], "RW");
break;
case 'group_edit':
$edit = check_acl($config['id_user'], $report['id_group_edit'], "IW");
$edit = check_acl($config['id_user'], $report['id_group_edit'], "RW");
break;
case 'user_edit':
if ($config['id_user'] == $report['id_user'] ||
@ -343,7 +343,7 @@ switch ($action) {
$reports = reports_get_reports ($filter,
array ('name', 'id_report', 'description', 'private',
'id_user', 'id_group'), $return_all_group, 'IR', $group);
'id_user', 'id_group'), $return_all_group, 'RR', $group);
$table->width = '0px';
if (sizeof ($reports)) {
$table->id = 'report_list';
@ -366,7 +366,7 @@ switch ($action) {
}
//Admin options only for IW flag
if (check_acl ($config['id_user'], 0, "IW")) {
if (check_acl ($config['id_user'], 0, "RM")) {
$table->head[$next] = __('Private');
$table->size[$next] = '40px';
@ -384,15 +384,15 @@ switch ($action) {
foreach ($reports as $report) {
if (!is_user_admin ($config["id_user"])){
if ($report["private"] && $report["id_user"] != $config['id_user'])
if (!check_acl ($config["id_user"], $report["id_group"], "AR"))
if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
continue;
if (!check_acl ($config["id_user"], $report["id_group"], "AR"))
if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
continue;
}
$data = array ();
if (check_acl ($config["id_user"], $report["id_group"], "AW")) {
if (check_acl ($config["id_user"], $report["id_group"], "RW") && users_can_manage_group_all($report["id_group"])) {
$data[0] = '<a href="' . $config['homeurl'] . 'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&id_report='.
$report['id_report'].'&pure='.$pure.'">'.$report['name'].'</a>';
}
@ -414,48 +414,47 @@ switch ($action) {
$next = 6;
}
//Admin options only for IW flag
if (check_acl ($config['id_user'], 0, "IW")) {
if ($report["private"] == 1)
$data[$next] = __('Yes');
else
$data[$next] = __('No');
if ($report["private"] == 1)
$data[$next] = __('Yes');
else
$data[$next] = __('No');
$next++;
$data[$next] = ui_print_group_icon($report['id_group'], true, "groups_small", '', !defined('METACONSOLE'));
$next++;
$type_access_selected = reports_get_type_access($report);
$edit = false;
switch ($type_access_selected) {
case 'group_view':
$edit = check_acl($config['id_user'], $report['id_group'], "RW") && users_can_manage_group_all($report["id_group"]);
break;
case 'group_edit':
$edit = check_acl($config['id_user'], $report['id_group_edit'], "RW") && users_can_manage_group_all($report["id_group_edit"]);
break;
case 'user_edit':
if ($config['id_user'] == $report['id_user'] ||
is_user_admin ($config["id_user"]))
$edit = true;
break;
}
if ($edit) {
$data[$next] = '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&pure='.$pure.'" style="display:inline">';
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
$data[$next] .= html_print_input_image ('edit', 'images/config.png', 1, '', true, array ('title' => __('Edit')));
$data[$next] .= '</form>';
$next++;
$data[$next] = ui_print_group_icon($report['id_group'], true, "groups_small", '', !defined('METACONSOLE'));
$next++;
$type_access_selected = reports_get_type_access($report);
$edit = false;
switch ($type_access_selected) {
case 'group_view':
$edit = check_acl($config['id_user'], $report['id_group'], "IW");
break;
case 'group_edit':
$edit = check_acl($config['id_user'], $report['id_group_edit'], "IW");
break;
case 'user_edit':
if ($config['id_user'] == $report['id_user'] ||
is_user_admin ($config["id_user"]))
$edit = true;
break;
}
if ($edit) {
$data[$next] = '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&pure='.$pure.'" style="display:inline">';
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
$data[$next] .= html_print_input_image ('edit', 'images/config.png', 1, '', true, array ('title' => __('Edit')));
$data[$next] .= '</form>';
$data[$next] .= '&nbsp;&nbsp;<form method="post" style="display:inline" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
$data[$next] .= html_print_input_hidden ('action','delete_report', true);
$data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '',
true, array ('title' => __('Delete')));
$data[$next] .= '</form>';
}
$data[$next] .= '&nbsp;&nbsp;<form method="post" style="display:inline" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
$data[$next] .= html_print_input_hidden ('action','delete_report', true);
$data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '',
true, array ('title' => __('Delete')));
$data[$next] .= '</form>';
}
array_push ($table->data, $data);
@ -464,7 +463,7 @@ switch ($action) {
html_print_table ($table);
}
if (check_acl ($config['id_user'], 0, "IW")) {
if (check_acl ($config['id_user'], 0, "RW")) {
echo '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&tab=main&action=new&pure='.$pure.'">';
echo '<div class="action-buttons" style="width: 98%;">';
html_print_submit_button (__('Create report'), 'create', false, 'class="sub next"');

6
pandora_console/godmode/reporting/visual_console_builder.data.php
View File

@ -17,7 +17,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
@ -75,7 +75,7 @@ $table->data[0][0] = __('Name:'). ui_print_help_tip (__("Use [ or ( as first cha
$table->data[0][1] = html_print_input_text ('name', $visualConsoleName, '', 80, 100, true);
$table->data[1][0] = __('Group:');
$groups = users_get_groups ($config['id_user']);
$groups = users_get_groups ($config['id_user'], 'RW');
$own_info = get_user_info($config['id_user']);
// Only display group "All" if user is administrator or has "PM" privileges
@ -84,7 +84,7 @@ if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
else
$display_all_group = false;
$table->data[1][1] = html_print_select_groups($config['id_user'], "AR", $display_all_group, 'id_group', $idGroup, '', '', '', true);
$table->data[1][1] = html_print_select_groups($config['id_user'], "RW", $display_all_group, 'id_group', $idGroup, '', '', '', true);
$backgrounds_list = list_files ($config['homedir'] . '/images/console/background/', "jpg", 1, 0);
$backgrounds_list = array_merge ($backgrounds_list, list_files ($config['homedir'] . '/images/console/background/', "png", 1, 0));
$table->data[2][0] = __('Background');

2
pandora_console/godmode/reporting/visual_console_builder.editor.php
View File

@ -17,7 +17,7 @@ global $config;
// Login check
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");

2
pandora_console/godmode/reporting/visual_console_builder.elements.php
View File

@ -17,7 +17,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");

2
pandora_console/godmode/reporting/visual_console_builder.php
View File

@ -17,7 +17,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");

2
pandora_console/godmode/reporting/visual_console_builder.wizard.php
View File

@ -17,7 +17,7 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "IW")) {
if (! check_acl ($config['id_user'], 0, "RW")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");

28
pandora_console/include/ajax/events.php
View File

@ -247,14 +247,14 @@ if($get_extended_event) {
}
else {
// Get your groups
$groups = users_get_groups($config['id_user'], 'IR');
$groups = users_get_groups($config['id_user'], 'ER');
if(in_array ($event['id_grupo'], array_keys ($groups))) {
//If the event group is among the groups of the user, you get access
}
else {
// If all the access types fail, abort
echo 'fail';
echo 'Access denied';
return false;
}
}
@ -267,13 +267,15 @@ if($get_extended_event) {
}
// Tabs
$tabs = "<ul style='background:#eeeeee;border:0px'>
<li><a href='#extended_event_general_page' id='link_general'>".html_print_image('images/lightning_go.png',true).__('General')."</a></li>
<li><a href='#extended_event_details_page' id='link_details'>".html_print_image('images/zoom.png',true).__('Details')."</a></li>
<li><a href='#extended_event_custom_fields_page' id='link_custom_fields'>".html_print_image('images/note.png',true).__('Agent fields')."</a></li>
<li><a href='#extended_event_comments_page' id='link_comments'>".html_print_image('images/pencil.png',true).__('Comments')."</a></li>
<li><a href='#extended_event_responses_page' id='link_responses'>".html_print_image('images/cog.png',true).__('Responses')."</a></li>
</ul>";
$tabs = "<ul style='background:#eeeeee;border:0px'>";
$tabs .= "<li><a href='#extended_event_general_page' id='link_general'>".html_print_image('images/lightning_go.png',true).__('General')."</a></li>";
$tabs .= "<li><a href='#extended_event_details_page' id='link_details'>".html_print_image('images/zoom.png',true).__('Details')."</a></li>";
$tabs .= "<li><a href='#extended_event_custom_fields_page' id='link_custom_fields'>".html_print_image('images/note.png',true).__('Agent fields')."</a></li>";
$tabs .= "<li><a href='#extended_event_comments_page' id='link_comments'>".html_print_image('images/pencil.png',true).__('Comments')."</a></li>";
if (check_acl ($config['id_user'], 0, "EW") || check_acl ($config['id_user'], 0, "EM")) {
$tabs .= "<li><a href='#extended_event_responses_page' id='link_responses'>".html_print_image('images/cog.png',true).__('Responses')."</a></li>";
}
$tabs .= "</ul>";
// Get criticity image
switch ($event["criticity"]) {
@ -300,9 +302,13 @@ if($get_extended_event) {
$img_sev = "images/status_sets/default/severity_major.png";
break;
}
$responses = events_page_responses($event);
if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) {
$responses = events_page_responses($event);
}
else {
$responses = '';
}
$console_url = '';
// If metaconsole switch to node to get details and custom fields

7
pandora_console/include/ajax/skins.ajax.php
View File

@ -17,13 +17,6 @@ global $config;
check_login ();
if (! check_acl ($config['id_user'], 0, "IR")) {
db_pandora_audit("ACL Violation",
"Trying to access report builder");
require ("general/noaccess.php");
exit;
}
$get_image_path = get_parameter('get_image_path', 0);
/* skins image checks */

30
pandora_console/include/functions.php
View File

@ -1475,7 +1475,10 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) {
tperfil.incident_management, tperfil.agent_view,
tperfil.agent_edit, tperfil.alert_edit,
tperfil.alert_management, tperfil.pandora_management,
tperfil.db_management, tperfil.user_management
tperfil.db_management, tperfil.user_management,
tperfil.report_view, tperfil.report_edit,
tperfil.report_management, tperfil.event_view,
tperfil.event_edit, tperfil.event_management
FROM tusuario_perfil, tperfil
WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s'", $id_user);
@ -1486,14 +1489,17 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) {
tperfil.incident_management, tperfil.agent_view,
tperfil.agent_edit, tperfil.alert_edit,
tperfil.alert_management, tperfil.pandora_management,
tperfil.db_management, tperfil.user_management
tperfil.db_management, tperfil.user_management,
tperfil.report_view, tperfil.report_edit,
tperfil.report_management, tperfil.event_view,
tperfil.event_edit, tperfil.event_management
FROM tusuario_perfil, tperfil
WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s'
AND (tusuario_perfil.id_grupo IN (%s)
OR tusuario_perfil.id_grupo = 0)", $id_user, implode(', ', $parents_id));
}
$rowdup = db_get_all_rows_sql ($query);
if (empty ($rowdup))
@ -1533,6 +1539,24 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) {
case "UM":
$result += $row["user_management"];
break;
case "RR":
$result += $row["report_view"];
break;
case "RW":
$result += $row["report_edit"];
break;
case "RM":
$result += $row["report_management"];
break;
case "ER":
$result += $row["event_view"];
break;
case "EW":
$result += $row["event_edit"];
break;
case "EM":
$result += $row["event_management"];
break;
}
}

1
pandora_console/include/functions_agents.php
View File

@ -482,7 +482,6 @@ function agents_get_agents ($filter = false, $fields = false, $access = 'AR', $o
$limit_sql = " LIMIT $offset, $limit ";
}
$sql = sprintf("%s %s", $sql, $limit_sql);
//html_debug_print($sql, true);
if ($return)
return $sql;
else

6
pandora_console/include/functions_config.php
View File

@ -315,9 +315,13 @@ function config_update_config () {
*/
function config_process_config () {
global $config;
<<<<<<< .mine
=======
>>>>>>> .r7341
$configs = db_get_all_rows_in_table ('tconfig');
if (empty ($configs)) {
include ($config["homedir"]."/general/error_emptyconfig.php");
exit;

6
pandora_console/include/functions_custom_graphs.php
View File

@ -39,15 +39,15 @@ require_once ($config['homedir'] . '/include/functions_users.php');
*
* @return Custom graphs of a an user. Empty array if none.
*/
function custom_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'IR') {
function custom_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'RR') {
global $config;
if (!$id_user) {
$id_user = $config['id_user'];
}
$groups = users_get_groups ($id_user, $privileges, $returnAllGroup);
$all_graphs = db_get_all_rows_in_table ('tgraph', 'name');
if ($all_graphs === false)
return array ();

133
pandora_console/include/functions_events.php
View File

@ -61,7 +61,7 @@ function events_get_event ($id, $fields = false) {
}
$event = db_get_row ('tevento', 'id_evento', $id, $fields);
if (! check_acl ($config['id_user'], $event['id_grupo'], 'IR'))
if (! check_acl ($config['id_user'], $event['id_grupo'], 'ER'))
return false;
return $event;
}
@ -192,13 +192,13 @@ function events_delete_event ($id_event, $similar = true, $meta = false) {
foreach ($id_event as $event) {
if($meta) {
$event_group = events_get_group ($event);
}
else {
$event_group = events_meta_get_group ($event);
}
else {
$event_group = events_get_group ($event);
}
if (check_acl ($config["id_user"], $event_group, "IM") == 0) {
if (check_acl ($config["id_user"], $event_group, "EM") == 0) {
//Check ACL
db_pandora_audit("ACL Violation", "Attempted deleting event #".$event);
$errors++;
@ -302,7 +302,7 @@ function events_validate_event ($id_event, $similars = true, $new_status = 1, $m
$alerts[] = $event['id_alert_am'];
}
if (check_acl ($config["id_user"], $event_group, "IW") == 0) {
if (check_acl ($config["id_user"], $event_group, "EW") == 0) {
db_pandora_audit("ACL Violation", "Attempted updating event #".$event);
return false;
@ -414,7 +414,7 @@ function events_change_status ($id_event, $new_status, $meta) {
$alerts[] = $event['id_alert_am'];
}
if (check_acl ($config["id_user"], $event_group, "IW") == 0) {
if (check_acl ($config["id_user"], $event_group, "EW") == 0) {
db_pandora_audit("ACL Violation", "Attempted updating event #".$id);
unset($id_event[$k]);
@ -494,7 +494,7 @@ function events_change_owner ($id_event, $new_owner = false, $force = false, $me
else {
$event_group = events_get_group ($id);
}
if (check_acl ($config["id_user"], $event_group, "IW") == 0) {
if (check_acl ($config["id_user"], $event_group, "EW") == 0) {
db_pandora_audit("ACL Violation", "Attempted updating event #".$id);
unset($id_event[$k]);
}
@ -563,7 +563,7 @@ function events_comment ($id_event, $comment = '', $action = 'Added comment', $m
else {
$event_group = events_get_group ($id);
}
if (check_acl ($config["id_user"], $event_group, "IW") == 0) {
if (check_acl ($config["id_user"], $event_group, "EW") == 0) {
db_pandora_audit("ACL Violation", "Attempted updating event #".$id);
unset($id_event[$k]);
@ -748,7 +748,7 @@ function events_print_event_table ($filter = "", $limit = 10, $width = 440, $ret
$table->align[5] = "right";
foreach ($result as $event) {
if (! check_acl ($config["id_user"], $event["id_grupo"], "AR")) {
if (! check_acl ($config["id_user"], $event["id_grupo"], "ER")) {
continue;
}
$data = array ();
@ -1052,7 +1052,7 @@ function events_print_type_description ($type, $return = false) {
function events_get_group_events ($id_group, $period, $date) {
global $config;
$id_group = groups_safe_acl ($config["id_user"], $id_group, "AR");
$id_group = groups_safe_acl ($config["id_user"], $id_group, "ER");
if (empty ($id_group)) {
//An empty array means the user doesn't have access
@ -1274,7 +1274,7 @@ function events_check_event_filter_group ($id_filter) {
$id_group = db_get_value('id_group', 'tevent_filter', 'id_filter', $id_filter);
$own_info = get_user_info ($config['id_user']);
// Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "IW", $own_info['is_admin'], true);
$groups_user = users_get_groups ($config['id_user'], "EW", $own_info['is_admin'], true);
$groups_id = array();
$has_permission = false;
@ -1326,7 +1326,10 @@ function events_get_event_filter ($id_filter, $filter = false, $fields = false)
function events_get_event_filter_select(){
global $config;
$user_groups = users_get_groups ($config['id_user'], "AW", true, true);
$user_groups = users_get_groups ($config['id_user'], "EW", true, true);
if(empty($user_groups)) {
return array();
}
$sql = "SELECT id_filter, id_name FROM tevent_filter WHERE id_group IN (".implode(',', array_keys ($user_groups)).")";
$event_filters = db_get_all_rows_sql($sql);
@ -1362,38 +1365,67 @@ function events_page_responses ($event) {
$table_responses->style[1] = 'text-align: left;';
$table_responses->class = "databox alternate";
// Owner
$data = array();
$data[0] = __('Change owner');
if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) {
// Owner
$data = array();
$data[0] = __('Change owner');
$users = groups_get_users(array_keys(users_get_groups(false, "EM", false)));
$users = groups_get_users(array_keys(users_get_groups(false, "AR", false)));
foreach($users as $u) {
$owners[$u['id_user']] = $u['fullname'];
foreach($users as $u) {
$owners[$u['id_user']] = $u['fullname'];
}
if($event['owner_user'] == '') {
$owner_name = __('None');
}
else {
$owner_name = db_get_value('fullname', 'tusuario', 'id_user', $event['owner_user']);
$owners[$event['owner_user']] = $owner_name;
}
$data[1] = html_print_select($owners, 'id_owner', $event['owner_user'], '', __('None'), -1, true);
$data[1] .= html_print_button(__('Update'),'owner_button',false,'event_change_owner();','class="sub next"',true);
$table_responses->data[] = $data;
}
if($event['owner_user'] == '') {
$owner_name = __('None');
}
else {
$owner_name = db_get_value('fullname', 'tusuario', 'id_user', $event['owner_user']);
$owners[$event['owner_user']] = $owner_name;
}
$data[1] = html_print_select($owners, 'id_owner', $event['owner_user'], '', __('None'), -1, true);
$data[1] .= html_print_button(__('Update'),'owner_button',false,'event_change_owner();','class="sub next"',true);
$table_responses->data[] = $data;
// Status
$data = array();
$data[0] = __('Change status');
$status = array(0 => __('New'), 2 => __('In process'), 1 => __('Validated'));
$status_blocked = false;
if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) {
// If the user has manager acls, the status can be changed to all possibilities always
$status = array(0 => __('New'), 2 => __('In process'), 1 => __('Validated'));
}
else {
switch($event['estado']) {
case 0:
// If the user hasnt manager acls and the event is new. The status can be changed
$status = array(2 => __('In process'), 1 => __('Validated'));
break;
case 1:
// If the user hasnt manager acls and the event is validated. The status cannot be changed
$status = array(1 => __('Validated'));
$status_blocked = true;
break;
case 2:
// If the user hasnt manager acls and the event is in process. The status only can be changed to validated
$status = array(1 => __('Validated'));
break;
}
$data[1] = html_print_select($status, 'estado', $event['estado'], '', '', 0, true, false, false);
$data[1] .= html_print_button(__('Update'),'status_button',false,'event_change_status(\''.$event['similar_ids'] .'\');','class="sub next"',true);
}
// The change status option will be enabled only when is possible change the status
$data[1] = html_print_select($status, 'estado', $event['estado'], '', '', 0, true, false, false, '', $status_blocked);
if(!$status_blocked) {
$data[1] .= html_print_button(__('Update'),'status_button',false,'event_change_status(\''.$event['similar_ids'] .'\');','class="sub next"',true);
}
$table_responses->data[] = $data;
// Comments
@ -1403,16 +1435,18 @@ function events_page_responses ($event) {
$table_responses->data[] = $data;
// Delete
$data = array();
$data[0] = __('Delete event');
$data[1] = '<form method="post">';
$data[1] .= html_print_button(__('Delete event'),'delete_button',false,'if(!confirm(\''.__('Are you sure?').'\')) { return false; } this.form.submit();','class="sub cancel"',true);
$data[1] .= html_print_input_hidden('delete', 1, true);
$data[1] .= html_print_input_hidden('validate_ids', $event['id_evento'], true);
$data[1] .= '</form>';
if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) {
// Delete
$data = array();
$data[0] = __('Delete event');
$data[1] = '<form method="post">';
$data[1] .= html_print_button(__('Delete event'),'delete_button',false,'if(!confirm(\''.__('Are you sure?').'\')) { return false; } this.form.submit();','class="sub cancel"',true);
$data[1] .= html_print_input_hidden('delete', 1, true);
$data[1] .= html_print_input_hidden('validate_ids', $event['id_evento'], true);
$data[1] .= '</form>';
$table_responses->data[] = $data;
$table_responses->data[] = $data;
}
// Custom responses
$data = array();
@ -2009,8 +2043,13 @@ function events_page_comments ($event) {
$table_comments->data[] = $data;
}
$comments_form = '<br><div id="comments_form" style="width:98%;">'.html_print_textarea("comment", 3, 10, '', 'style="min-height: 15px; width: 100%;"', true);
$comments_form .= '<br><div style="text-align:right;">'.html_print_button(__('Add comment'),'comment_button',false,'event_comment();','class="sub next"',true).'</div><br></div>';
if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) {
$comments_form = '<br><div id="comments_form" style="width:98%;">'.html_print_textarea("comment", 3, 10, '', 'style="min-height: 15px; width: 100%;"', true);
$comments_form .= '<br><div style="text-align:right;">'.html_print_button(__('Add comment'),'comment_button',false,'event_comment();','class="sub next"',true).'</div><br></div>';
}
else {
$comments_form = '';
}
$comments = '<div id="extended_event_comments_page" class="extended_event_pages">'.$comments_form.html_print_table($table_comments, true).'</div>';

4
pandora_console/include/functions_graph.php
View File

@ -1534,7 +1534,7 @@ function grafico_db_agentes_paquetes($width = 380, $height = 300) {
$data = array ();
$legend = array ();
$agents = agents_get_group_agents (array_keys (users_get_groups ()), false, "none");
$agents = agents_get_group_agents (array_keys (users_get_groups (false, 'RR')), false, "none");
$count = agents_get_modules_data_count (array_keys ($agents));
unset ($count["total"]);
arsort ($count, SORT_NUMERIC);
@ -1909,7 +1909,7 @@ function grafico_eventos_grupo ($width = 300, $height = 200, $url = "", $meta =
$other_events = 0;
foreach ($result as $row) {
if (!check_acl ($config["id_user"], $row["id_grupo"], "AR") == 1)
if (!check_acl ($config["id_user"], $row["id_grupo"], "ER") == 1)
continue;
if ($loop >= NUM_PIECES_PIE) {

12
pandora_console/include/functions_reporting.php
View File

@ -902,12 +902,12 @@ function reporting_get_group_stats ($id_group = 0) {
$cur_time = get_system_time ();
//Check for access credentials using check_acl. More overhead, much safer
if (!check_acl ($config["id_user"], $id_group, "AR")) {
if (!check_acl ($config["id_user"], $id_group, "RR")) {
return $data;
}
if ($id_group == 0) {
$id_group = array_keys (users_get_groups ($config['id_user'], "AR", false));
$id_group = array_keys (users_get_groups ($config['id_user'], "RR", false));
}
// -----------------------------------------------------------------
@ -2017,7 +2017,7 @@ function reporting_get_agent_module_info ($id_agent, $filter = false) {
$return["alert_img"] = ui_print_status_image (STATUS_ALERT_NOT_FIRED, __('Alert not fired'), true);
$return["agent_group"] = agents_get_agent_group ($id_agent);
if (!check_acl ($config["id_user"], $return["agent_group"], "AR")) {
if (!check_acl ($config["id_user"], $return["agent_group"], "RR")) {
return $return;
}
@ -3307,6 +3307,10 @@ function reporting_render_report_html_item ($content, $table, $report, $mini = f
// Get events of the last 8 hours
$events = events_get_group_events ($content['id_group'], 28800, $report['datetime']);
if($events === false) {
$events = array();
}
reporting_header_content($mini, $content, $report, $table, __('Group report').': "'.$group_name.'"');
$data = array ();
@ -5371,7 +5375,7 @@ function reporting_get_agentmodule_ttr ($id_agent_module, $period, $date = 0) {
*
* @return template graphs of a an user. Empty array if none.
*/
function reporting_template_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'IR') {
function reporting_template_graphs_get_user ($id_user = 0, $only_names = false, $returnAllGroup = true, $privileges = 'RR') {
global $config;
if (!$id_user) {

6
pandora_console/include/functions_reports.php
View File

@ -62,7 +62,7 @@ function reports_get_report ($id_report, $filter = false, $fields = false) {
$report = db_get_row_filter ('treport', $filter, $fields);
if (! check_acl ($config['id_user'], $report['id_group'], 'AR'))
if (! check_acl ($config['id_user'], $report['id_group'], 'RR'))
return false;
return $report;
@ -82,7 +82,7 @@ function reports_get_report ($id_report, $filter = false, $fields = false) {
*
* @return array An array with all the reports the user can view.
*/
function reports_get_reports ($filter = false, $fields = false, $returnAllGroup = true, $privileges = 'IR', $group = false) {
function reports_get_reports ($filter = false, $fields = false, $returnAllGroup = true, $privileges = 'RR', $group = false) {
global $config;
if (! is_array ($filter))
@ -118,7 +118,7 @@ function reports_get_reports ($filter = false, $fields = false, $returnAllGroup
if (!in_array($report['id_group'], array_keys($groups)))
continue;
if ($config['id_user'] != $report['id_user']
&& ! check_acl ($config['id_user'], $report['id_group'], 'AR'))
&& ! check_acl ($config['id_user'], $report['id_group'], 'RR'))
continue;
}
array_push ($reports, $report);

19
pandora_console/include/functions_users.php
View File

@ -782,4 +782,23 @@ function users_check_users() {
return;
}
// Check if a user can manage a group when group is all
// This function dont check acls of the group, only if the
// user is admin or pandora manager and the group is all
function users_can_manage_group_all($id_group = 0) {
global $config;
if($id_group != 0) {
return true;
}
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
if (check_acl ($config['id_user'], 0, "PM") || $is_admin) {
return true;
}
return false;
}
?>

4
pandora_console/include/functions_visual_map.php
View File

@ -1706,9 +1706,9 @@ function visual_map_get_user_layouts ($id_user = 0, $only_names = false, $filter
$where = db_format_array_where_clause_sql ($filter);
if ($returnAllGroup)
$groups = users_get_groups ($id_user);
$groups = users_get_groups ($id_user, 'RR');
else
$groups = users_get_groups ($id_user, 'IR', false);
$groups = users_get_groups ($id_user, 'RR', false);
if (!empty($groups)) {
if ($where != '') {

10
pandora_console/operation/agentes/exportdata.php
View File

@ -24,7 +24,7 @@ require_once ('include/functions_users.php');
check_login();
if (!check_acl ($config['id_user'], 0, "AR")) {
if (!check_acl ($config['id_user'], 0, "RR")) {
require ("general/noaccess.php");
return;
}
@ -186,10 +186,10 @@ if (empty($export_btn)) {
//Group selector
$table->data[0][0] = '<b>'.__('Group').'</b>';
$groups = users_get_groups ($config['id_user'], "AR");
$groups = users_get_groups ($config['id_user'], "RR", users_can_manage_group_all());
$table->data[0][1] = html_print_select_groups($config['id_user'],
"AR", true, "group", $group, '', '', 0, true, false, true,
"RR", users_can_manage_group_all(), "group", $group, '', '', 0, true, false, true,
'w130', false);
//Agent selector
@ -203,7 +203,7 @@ if (empty($export_btn)) {
}
$agents = array ();
$rows = agents_get_agents ($filter, false, 'AR');
$rows = agents_get_agents ($filter, false, 'RR');
if ($rows == null) $rows = array();
foreach ($rows as $row) {
$agents[$row['id_agente']] = $row['nombre'];

2
pandora_console/operation/events/event_statistics.php
View File

@ -23,7 +23,7 @@ require_once ($config["homedir"] . '/include/functions_graph.php');
check_login ();
if (! check_acl ($config['id_user'], 0, "AR")) {
if (! check_acl ($config['id_user'], 0, "ER")) {
db_pandora_audit("ACL Violation","Trying to access event viewer");
require ("general/noaccess.php");
return;

30
pandora_console/operation/events/events.php
View File

@ -25,7 +25,7 @@ require_once ($config['homedir'].'/include/functions_ui.php');
check_login ();
if (! check_acl ($config["id_user"], 0, "IR")) {
if (! check_acl ($config["id_user"], 0, "ER")) {
db_pandora_audit("ACL Violation",
"Trying to access event viewer");
require ("general/noaccess.php");
@ -185,7 +185,7 @@ $id_group = (int) get_parameter('id_group', 0);
$search = io_safe_output(preg_replace ("/&([A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/", "&", rawurldecode (get_parameter ("search"))));
users_get_groups ($config["id_user"], "IR");
users_get_groups ($config["id_user"], "ER");
$ids = (array) get_parameter ("eventid", -1);
@ -230,7 +230,7 @@ if ($config["pure"] == 0 || defined ('METACONSOLE')) {
$sound_event['text'] = '<a href="javascript: openSoundEventWindow();">' . html_print_image('images/music_note.png', true, array('title' => __('Sound events'))) . '</a>';
// If the user has administrator permission display manage tab
if (check_acl ($config["id_user"], 0, "IW")) {
if (check_acl ($config["id_user"], 0, "EW")) {
// Manage events
$manage_events['active'] = false;
$manage_events['text'] = '<a href="index.php?sec=geventos&sec2=godmode/events/events&amp;section=filter&amp;pure='.$config['pure'].'">' .
@ -384,8 +384,29 @@ $(document).ready( function() {
$("input[name=all_validate_box]").change (function() {
$("input[name='validate_ids[]']").attr('checked', $(this).attr('checked'));
$("input[name='validate_ids[]']").trigger('change');
});
// If some of the checkbox checked cahnnot be deleted disable the delete button
$("input[name='validate_ids[]']").change (function() {
var canDeleted = 1;
$("input[name='validate_ids[]']").each(function() {
if($(this).attr('checked') == 'checked') {
var classs = $(this).attr('class');
classs = classs.split(' ');
if(classs[0] != 'candeleted') {
canDeleted = 0;
}
}
});
if(canDeleted == 0) {
$('#button-delete_button').attr('disabled','disabled');
}
else {
$('#button-delete_button').removeAttr('disabled');
}
});
$('#select_validate').change (function() {
$option = $('#select_validate').val();
@ -595,6 +616,9 @@ $(document).ready( function() {
$tr = $(this).parents ("tr");
id = this.id.split ("-").pop ();
$("#delete_cross_"+id).attr ("src", "images/spinner.gif");
jQuery.post ("<?php echo ui_get_full_url("ajax.php", false, false, false); ?>",
{"page" : "operation/events/events",
"delete_event" : 1,

35
pandora_console/operation/events/events_list.php
View File

@ -29,7 +29,7 @@ require_once ($config["homedir"] . '/include/functions_tags.php');
check_login ();
if (! check_acl ($config["id_user"], 0, "IR")) {
if (! check_acl ($config["id_user"], 0, "ER")) {
db_pandora_audit("ACL Violation",
"Trying to access event viewer");
require ("general/noaccess.php");
@ -147,7 +147,7 @@ if ($id_agent == 0 && $text_agent != __('All')) {
$id_agent = -1;
}
$groups = users_get_groups($config['id_user'], 'IR');
$groups = users_get_groups($config['id_user'], 'ER');
//Group selection
if ($ev_group > 0 && in_array ($ev_group, array_keys ($groups))) {
@ -317,12 +317,12 @@ echo "</td>";
// Filter group
echo "<td id='filter_group_color'>".__('Filter group')."</td><td>";
html_print_select_groups($config["id_user"], "IR", true, 'id_group', $id_group, '', '', 0, false, false, false, 'w130');
html_print_select_groups($config["id_user"], "ER", true, 'id_group', $id_group, '', '', 0, false, false, false, 'w130');
echo "</td></tr>";
// Group combo
echo "<td>".__('Group')."</td><td>";
html_print_select_groups($config["id_user"], "IR", true, 'ev_group', $ev_group, '', '', 0, false, false, false, 'w130');
html_print_select_groups($config["id_user"], "ER", true, 'ev_group', $ev_group, '', '', 0, false, false, false, 'w130');
echo "</td>";
// Event type
@ -735,7 +735,7 @@ if ($i != 0) {
$table->align[$i] = 'center';
$table->size[$i] = '80px';
$i++;
if (check_acl ($config["id_user"], 0, "IW") == 1) {
if (check_acl ($config["id_user"], 0, "EW") == 1) {
$table->head[$i] = html_print_checkbox ("all_validate_box", "1", false, true);
$table->align[$i] = 'center';
}
@ -1023,19 +1023,17 @@ foreach ($result as $event) {
//Actions
$data[$i] = '';
// Validate event
if (($event["estado"] != 1) and (check_acl ($config["id_user"], $event["id_grupo"], "IW") == 1)) {
if (($event["estado"] != 1) and (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1)) {
$data[$i] .= '<a href="javascript:validate_event_advanced('.$event["id_evento"].', 1)" id="validate-'.$event["id_evento"].'">';
$data[$i] .= html_print_image ("images/ok.png", true,
array ("title" => __('Validate event')));
$data[$i] .= '</a>&nbsp;';
}
else {
$data[$i] .= '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
}
// Delete event
if (check_acl ($config["id_user"], $event["id_grupo"], "IM") == 1) {
if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) {
if($event['estado'] != 2) {
$data[$i] .= '<a class="delete_event" href="#" id="delete-'.$event['id_evento'].'">';
$data[$i] .= '<a class="delete_event" href="javascript:" id="delete-'.$event['id_evento'].'">';
$data[$i] .= html_print_image ("images/cross.png", true,
array ("title" => __('Delete event'), "id" => 'delete_cross_' . $event['id_evento']));
$data[$i] .= '</a>&nbsp;';
@ -1053,10 +1051,19 @@ foreach ($result as $event) {
$data[$i] .= '</a>&nbsp;';
$i++;
if (check_acl ($config["id_user"], $event["id_grupo"], "IW") == 1) {
if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) {
//Checkbox
// Class 'candeleted' must be the fist class to be parsed from javascript. Dont change
$data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="candeleted chk_val"', true);
}
else if (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1) {
//Checkbox
$data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="chk_val"', true);
}
else if (isset($table->header[$i]) || true) {
$data[$i] = '';
}
array_push ($table->data, $data);
}
@ -1074,10 +1081,10 @@ if (!empty ($table->data)) {
html_print_table ($table);
echo '<div style="width:'.$table->width.';" class="action-buttons">';
if (check_acl ($config["id_user"], 0, "IW") == 1) {
if (check_acl ($config["id_user"], 0, "EW") == 1) {
html_print_button(__('Validate selected'), 'validate_button', false, 'validate_selected();', 'class="sub ok"');
}
if (check_acl ($config["id_user"], 0,"IM") == 1) {
if (check_acl ($config["id_user"], 0,"EM") == 1) {
html_print_button(__('Delete selected'), 'delete_button', false, 'delete_selected();', 'class="sub delete"');
?>
<script type="text/javascript">

2
pandora_console/operation/events/events_marquee.php
View File

@ -49,7 +49,7 @@ if (!isInACL($_SERVER['REMOTE_ADDR'])) {
exit;
}
$groups = users_get_groups ($config["id_user"], "AR");
$groups = users_get_groups ($config["id_user"], "ER");
//Otherwise select all groups the user has rights to.
if (!empty($groups)) {
$sql_group_filter = " AND id_grupo IN (".implode (",", array_keys ($groups)).")";

2
pandora_console/operation/events/events_rss.php
View File

@ -228,7 +228,7 @@ if (empty ($result)) {
}
foreach ($result as $row) {
if (!check_acl($user, $row["id_group"], "AR")) {
if (!check_acl($user, $row["id_group"], "ER")) {
continue;
}
if ($row["event_type"] == "system") {

4
pandora_console/operation/events/export_csv.php
View File

@ -27,7 +27,7 @@ session_write_close ();
$config["id_user"] = $_SESSION["id_usuario"];
if (! check_acl ($config["id_user"], 0, "AR") && ! check_acl ($config["id_user"], 0, "AW")) {
if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW")) {
exit;
}
@ -146,7 +146,7 @@ $sql .= $filter_state . $timestamp_filter . ' ORDER BY timestamp DESC';
$new = true;
while ($event = db_get_all_row_by_steps_sql($new, $result, $sql)) {
$new = false;
if (!check_acl($config["id_user"], $event["id_grupo"], "AR") ||
if (!check_acl($config["id_user"], $event["id_grupo"], "ER") ||
(!check_acl($config["id_user"], 0, "PM") && $event["event_type"] == 'system'))
continue;

4
pandora_console/operation/events/sound_events.php
View File

@ -34,7 +34,7 @@ check_login ();
$config["id_user"] = $_SESSION["id_usuario"];
if (! check_acl ($config['id_user'], 0, "AR")) {
if (! check_acl ($config['id_user'], 0, "ER")) {
db_pandora_audit("ACL Violation","Trying to access event viewer");
require ("general/noaccess.php");
@ -72,7 +72,7 @@ $table->size[1] = '90%';
$table->style[0] = 'font-weight: bold; vertical-align: top;';
$table->data[0][0] = __('Group');
$table->data[0][1] = html_print_select_groups(false, "AR", true, 'group', '', 'changeGroup();', '', 0, true);
$table->data[0][1] = html_print_select_groups(false, "ER", true, 'group', '', 'changeGroup();', '', 0, true);
$table->data[1][0] = __('Type');
$table->data[1][1] = html_print_checkbox('alert_fired', 'alert_fired', true, true, false, 'changeType();') . __('Alert fired') . '<br />' .
html_print_checkbox('critical', 'critical', true, true, false, 'changeType();') . __('Monitor critical') . '<br />' .

13
pandora_console/operation/menu.php
View File

@ -104,7 +104,10 @@ if (check_acl ($config['id_user'], 0, "AR")) {
$menu_operation["network"]["sub"] = $sub;
//End networkview
}
// Reports read
if (check_acl ($config['id_user'], 0, "RR")) {
// Reporting
$menu_operation["reporting"]["text"] = __('Reporting');
$menu_operation["reporting"]["sec2"] = "godmode/reporting/reporting_builder";
@ -190,7 +193,11 @@ if (check_acl ($config['id_user'], 0, "AR")) {
$menu_operation["reporting"]["sub"] = $sub;
//End reporting
}
// Agent read, Server read
if (check_acl ($config['id_user'], 0, "AR")) {
//INI GIS Maps
if ($config['activate_gis']) {
@ -231,8 +238,8 @@ if (check_acl ($config['id_user'], 0, "AR")) {
//END GIS Maps
}
// Rest of options, all with AR privilege (or should events be with incidents?)
if (check_acl ($config['id_user'], 0, "AR")) {
// Events reading
if (check_acl ($config['id_user'], 0, "ER")) {
// Events
$menu_operation["eventos"]["text"] = __('View events');
$menu_operation["eventos"]["refr"] = 0;

8
pandora_console/operation/reporting/reporting_viewer.php
View File

@ -31,7 +31,7 @@ if (! $id_report) {
$report = db_get_row ('treport', 'id_report', $id_report);
// Check ACL on the report to see if user has access to the report.
if (! check_acl ($config['id_user'], $report['id_group'], "AR")) {
if (! check_acl ($config['id_user'], $report['id_group'], "RR")) {
db_pandora_audit("ACL Violation","Trying to access graph reader");
include ("general/noaccess.php");
exit;
@ -43,12 +43,6 @@ require_once ($config['homedir'] . '/include/functions_groups.php');
enterprise_include("include/functions_reporting.php");
if ($report['id_group'] != 0 &&
!is_user_admin ($config['id_user'])) {
include ("general/noaccess.php");
return;
}
$pure = get_parameter('pure',0);
// Get different date to search the report.

4
pandora_console/operation/visual_console/render_view.php
View File

@ -52,7 +52,7 @@ $bheight = $layout["height"];
$pure_url = "&pure=".$config["pure"];
if (! check_acl ($config["id_user"], $id_group, "AR")) {
if (! check_acl ($config["id_user"], $id_group, "RR")) {
db_pandora_audit("ACL Violation", "Trying to access visual console without group access");
require ("general/noaccess.php");
exit;
@ -61,7 +61,7 @@ if (! check_acl ($config["id_user"], $id_group, "AR")) {
// Render map
$options = array();
if (check_acl ($config["id_user"], $id_group, "AW")) {
if (check_acl ($config["id_user"], $id_group, "RW")) {
$hash = md5($config["dbpass"]. $id_layout. $config["id_user"]);

8
pandora_console/pandoradb.data.oracle.sql
View File

@ -313,10 +313,10 @@ END;;
--
BEGIN
LOCK TABLE tperfil IN EXCLUSIVE MODE;
INSERT INTO tperfil VALUES (1,'Operator&#x20;&#40;Read&#41;',0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0);
INSERT INTO tperfil VALUES (2,'Operator&#x20;&#40;Write&#41;',1,1,0,1,0,0,0,0,0,0,1,1,0,0,0,0);
INSERT INTO tperfil VALUES (3,'Chief&#x20;Operator',1,1,1,1,0,0,0,0,1,0,1,1,1,1,0,0);
INSERT INTO tperfil VALUES (4,'Group&#x20;coordinator',1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,0);
INSERT INTO tperfil VALUES (1,'Operator&#x20;&#40;Read&#41;',0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0);
INSERT INTO tperfil VALUES (2,'Operator&#x20;&#40;Write&#41;',1,1,0,1,0,0,0,0,0,0,1,1,0,1,1,0);
INSERT INTO tperfil VALUES (3,'Chief&#x20;Operator',1,1,1,1,0,0,0,0,1,0,1,1,1,1,1,0);
INSERT INTO tperfil VALUES (4,'Group&#x20;coordinator',1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,1);
INSERT INTO tperfil VALUES (5,'Pandora&#x20;Administrator',1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1);
COMMIT;
END;;

2
pandora_console/pandoradb.data.postgreSQL.sql
View File

@ -284,7 +284,7 @@ SELECT setval('tusuario_perfil_id_up_seq', (SELECT (SELECT MAX(id_up) FROM tusua
--
-- Dumping data for table "tperfil"
--
INSERT INTO "tperfil" VALUES (1,'Operator&#x20;&#40;Read&#41;',0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0),(2,'Operator&#x20;&#40;Write&#41;',1,1,0,1,0,0,0,0,0,0,1,1,0,0,0,0),(3,'Chief&#x20;Operator',1,1,1,1,0,0,0,0,1,0,1,1,1,1,0,0),(4,'Group&#x20;coordinator',1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,0),(5,'Pandora&#x20;Administrator',1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1);
INSERT INTO "tperfil" VALUES (1,'Operator&#x20;&#40;Read&#41;',0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0),(2,'Operator&#x20;&#40;Write&#41;',1,1,0,1,0,0,0,0,0,0,1,1,0,1,1,0),(3,'Chief&#x20;Operator',1,1,1,1,0,0,0,0,1,0,1,1,1,1,1,0),(4,'Group&#x20;coordinator',1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,1),(5,'Pandora&#x20;Administrator',1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1);
SELECT setval('tperfil_id_perfil_seq', (SELECT (SELECT MAX(id_perfil) FROM tperfil)));
--

2
pandora_console/pandoradb_data.sql
View File

@ -287,7 +287,7 @@ INSERT INTO `tusuario_perfil` VALUES (1,'admin',5,0,'admin',0);
-- Dumping data for table `tperfil`
--
INSERT INTO `tperfil` VALUES (1,'Operator&#x20;&#40;Read&#41;',0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0),(2,'Operator&#x20;&#40;Write&#41;',1,1,0,1,0,0,0,0,0,0,1,1,0,0,0,0),(3,'Chief&#x20;Operator',1,1,1,1,0,0,0,0,0,0,1,1,1,1,0,0),(4,'Group&#x20;coordinator',1,1,1,1,1,1,1,0,1,0,1,1,1,1,1,0),(5,'Pandora&#x20;Administrator',1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1);
INSERT INTO `tperfil` VALUES (1,'Operator&#x20;&#40;Read&#41;',0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0),(2,'Operator&#x20;&#40;Write&#41;',1,1,0,1,0,0,0,0,0,0,1,1,0,1,1,0),(3,'Chief&#x20;Operator',1,1,1,1,0,0,0,0,0,0,1,1,1,1,1,0),(4,'Group&#x20;coordinator',1,1,1,1,1,1,1,0,1,0,1,1,1,1,1,1),(5,'Pandora&#x20;Administrator',1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1);
--
-- Dumping data for table `tnews`