Merge branch 'develop' into feature/#1978-REESCRITURA_DEL_MOTOR_DE_INFORMES

pandora_agents/unix/DEBIAN/control

@@ -1,5 +1,5 @@
 package: pandorafms-agent-unix
-Version: 6.0dev-150324
+Version: 6.0dev-150326
 Architecture: all
 Priority: optional
 Section: admin

pandora_agents/unix/DEBIAN/make_deb_package.sh

@@ -14,7 +14,7 @@
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 
-pandora_version="6.0dev-150324"
+pandora_version="6.0dev-150326"
 
 echo "Test if you has the tools for to make the packages."
 whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null

pandora_agents/unix/pandora_agent

@@ -41,7 +41,7 @@ my $Sem = undef;
 my $ThreadSem = undef;
 
 use constant AGENT_VERSION => '6.0dev';
-use constant AGENT_BUILD => '150324';
+use constant AGENT_BUILD => '150326';
 
 # Commands to retrieve total memory information in kB
 use constant TOTALMEMORY_CMDS => {

pandora_agents/unix/pandora_agent.redhat.spec

@@ -3,7 +3,7 @@
 #
 %define name        pandorafms_agent_unix
 %define version     6.0dev
-%define release     150324
+%define release     150326
 
 Summary:            Pandora FMS Linux agent, PERL version
 Name:               %{name}

pandora_agents/unix/pandora_agent.spec

@@ -3,7 +3,7 @@
 #
 %define name        pandorafms_agent_unix
 %define version     6.0dev
-%define release     150324
+%define release     150326
 
 Summary:            Pandora FMS Linux agent, PERL version
 Name:               %{name}

pandora_agents/win32/installer/pandora.mpi

@@ -186,7 +186,7 @@ UpgradeApplicationID
 {}
 
 Version
-{150324}
+{150326}
 
 ViewReadme
 {Yes}

pandora_agents/win32/pandora.cc

@@ -30,7 +30,7 @@ using namespace Pandora;
 using namespace Pandora_Strutils;
 
 #define PATH_SIZE    _MAX_PATH+1
-#define PANDORA_VERSION ("6.0dev(Build 150324)")
+#define PANDORA_VERSION ("6.0dev(Build 150326)")
 
 string pandora_path;
 string pandora_dir;

pandora_agents/win32/versioninfo.rc

@@ -11,7 +11,7 @@ BEGIN
       VALUE "LegalCopyright", "Artica ST"
       VALUE "OriginalFilename", "PandoraAgent.exe"
       VALUE "ProductName", "Pandora FMS Windows Agent"
-      VALUE "ProductVersion", "(6.0dev(Build 150324))"
+      VALUE "ProductVersion", "(6.0dev(Build 150326))"
       VALUE "FileVersion", "1.0.0.0"
     END
   END

pandora_console/DEBIAN/control

@@ -1,5 +1,5 @@
 package: pandorafms-console
-Version: 6.0dev-150324
+Version: 6.0dev-150326
 Architecture: all
 Priority: optional
 Section: admin

pandora_console/DEBIAN/make_deb_package.sh

@@ -14,7 +14,7 @@
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 
-pandora_version="6.0dev-150324"
+pandora_version="6.0dev-150326"
 
 package_pear=0
 package_pandora=1

pandora_console/extras/pandoradb_migrate_5.1_to_6.0.mysql.sql

@@ -62,4 +62,11 @@ UPDATE `talert_commands` SET `fields_descriptions` = '[\"Destination addres
 -- ---------------------------------------------------------------------
 -- Table `tconfig`
 -- ---------------------------------------------------------------------
-INSERT INTO `tconfig` (`token`, `value`) VALUES  ('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}');
+INSERT INTO `tconfig` (`token`, `value`) VALUES  ('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}');
+
+-- ---------------------------------------------------------------------
+-- Table `tnetwork_map`
+-- ---------------------------------------------------------------------
+ALTER TABLE `tnetwork_map` ADD COLUMN `id_tag` int(11) DEFAULT 0;
+ALTER TABLE `tnetwork_map` ADD COLUMN `store_group` int(11) DEFAULT 0;
+UPDATE `tnetwork_map` SET `store_group` = `id_group`;

pandora_console/extras/pandoradb_migrate_5.1_to_6.0.oracle.sql

@@ -62,4 +62,11 @@ UPDATE talert_commands SET fields_descriptions = '[\"Destination address\",
 -- ---------------------------------------------------------------------
 -- Table `tconfig`
 -- ---------------------------------------------------------------------
-INSERT INTO tconfig (token, value) VALUES ('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}');
+INSERT INTO tconfig (token, value) VALUES ('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}');
+
+-- ---------------------------------------------------------------------
+-- Table `tnetwork_map`
+-- ---------------------------------------------------------------------
+ALTER TABLE tnetwork_map ADD COLUMN id_tag NUMBER(11, 0) DEFAULT 0;
+ALTER TABLE tnetwork_map ADD COLUMN store_group NUMBER(11, 0) DEFAULT 0;
+UPDATE tnetwork_map SET store_group = id_group;

pandora_console/extras/pandoradb_migrate_5.1_to_6.0.postgreSQL.sql

@@ -60,4 +60,11 @@ UPDATE "talert_commands" SET "fields_descriptions" = '[\"Destination addres
 -- ---------------------------------------------------------------------
 -- Table `tconfig`
 -- ---------------------------------------------------------------------
-INSERT INTO "tconfig" ("token", "value") VALUES ('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}');
+INSERT INTO "tconfig" ("token", "value") VALUES ('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.0009765625":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}');
+
+-- ---------------------------------------------------------------------
+-- Table `tnetwork_map`
+-- ---------------------------------------------------------------------
+ALTER TABLE "tnetwork_map" ADD COLUMN "id_tag" INTEGER DEFAULT 0;
+ALTER TABLE "tnetwork_map" ADD COLUMN "store_group" INTEGER DEFAULT 0;
+UPDATE "tnetwork_map" SET "store_group" = "id_group";

pandora_console/godmode/alerts/alert_commands.php

@@ -120,24 +120,32 @@ if (is_ajax ()) {
 					$fields_value_select = array();
 					$fv = explode(';', $field_value);
 					
-					if (!empty($fv)) {
-						foreach ($fv as $fv_option) {
-							$fv_option = explode(',', $fv_option);
-							
-							if (empty($fv_option))
-								continue;
-							
-							if (!isset($fv_option[1]))
-								$fv_option[1] = $fv_option[0];
-							
-							$fields_value_select[$fv_option[0]] = $fv_option[1];
+					if (count($fv) > 1) {
+						if (!empty($fv)) {
+							foreach ($fv as $fv_option) {
+								$fv_option = explode(',', $fv_option);
+								
+								if (empty($fv_option))
+									continue;
+								
+								if (!isset($fv_option[1]))
+									$fv_option[1] = $fv_option[0];
+								
+								$fields_value_select[$fv_option[0]] = $fv_option[1];
+							}
 						}
-					}
 					
-					$ffield = html_print_select($fields_value_select,
-						'field'.$i.'_value', '', '', '', 0, true, false, false, 'fields');
-					$rfield = html_print_select($fields_value_select,
-						'field'.$i.'_recovery_value', '', '', '', 0, true, false, false, 'fields_recovery');
+						$ffield = html_print_select($fields_value_select,
+							'field'.$i.'_value', '', '', '', 0, true, false, false, 'fields');
+						$rfield = html_print_select($fields_value_select,
+							'field'.$i.'_recovery_value', '', '', '', 0, true, false, false, 'fields_recovery');
+					}
+					else{
+						$ffield = html_print_textarea ('field' . $i . '_value',1, 1, $fv[0],
+											'style="min-height:40px" class="fields"', true);
+						$rfield = html_print_textarea ('field' . $i . '_recovery_value', 1, 1, $fv[0],
+											'style="min-height:40px" class="fields_recovery"', true);
+					}
 				}
 			}
 			else {

pandora_console/godmode/alerts/configure_alert_action.php

@@ -284,7 +284,8 @@ $(document).ready (function () {
 						$table_macros_field.hide();
 						continue;
 					}
-					
+					old_value = '';
+					old_recovery_value = '';
 					// Only keep the value if is provided from hidden (first time)
 					if (($("[name=field" + i + "_value]").attr('id'))
 						== ("hidden-field" + i + "_value")) {
@@ -301,10 +302,14 @@ $(document).ready (function () {
 					
 					// Replace the old column with the new
 					$table_macros_field.replaceWith(field_row);
-					
-					$("[name=field" + i + "_value]").val(old_value);
-					$("[name=field" + i + "_recovery_value]").val(old_recovery_value);
-					
+					if (old_value != '' && old_recovery_value != ''){
+						$("[name=field" + i + "_value]").val(old_value);
+						$("[name=field" + i + "_recovery_value]").val(old_recovery_value);
+					}
+					else{
+						$("[name=field" + i + "_value]").val($("[name=field" + i + "_value]").val());
+						$("[name=field" + i + "_recovery_value]").val($("[name=field" + i + "_recovery_value]").val());
+					}					
 					// Add help hint only in first field
 					if (i == 1) {
 						var td_content = $table_macros_field.find('td').eq(0);

pandora_console/godmode/menu.php

@@ -64,7 +64,6 @@ if (check_acl ($config['id_user'], 0, "AW")) {
 		$sub["godmode/massive/massive_operations&tab=massive_users"]["text"] = __('Users operations');
 	}
 	$sub["godmode/massive/massive_operations&tab=massive_alerts"]["text"] = __('Alerts operations');
-	$sub["godmode/massive/massive_operations&tab=massive_tags"]["text"] = __('Tags operations');
 	enterprise_hook('massivepolicies_submenu');
 	enterprise_hook('massivesnmp_submenu');
 	enterprise_hook('massivesatellite_submenu');

pandora_console/godmode/reporting/reporting_builder.php

@@ -631,7 +631,10 @@ switch ($action) {
 			}
 			html_print_table ($table);
 		}
-		
+		else{
+			echo "<br />";
+			echo "<div class='nf'>".__('No data found.')."</div>";
+		}
 		if (check_acl ($config['id_user'], 0, "RW")) {
 			echo '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&tab=main&action=new&pure='.$pure.'">';
 			if (defined("METACONSOLE"))

pandora_console/godmode/users/user_list.php

@@ -236,11 +236,11 @@ $table->data[0][4] = html_print_submit_button(__('Search'), 'search',
 
 
 if(defined('METACONSOLE')){
-	$table->width = '50%';
+	$table->width = '96%';
 	$form_filter = "<form class='filters_form' method='post'>";
 	$form_filter .= html_print_table($table, true);
 	$form_filter .= "</form>";
-	echo $form_filter;
+	ui_toggle($form_filter, __('Show Options'));
 }else{
 	$form_filter = "<form method='post'>";
 	$form_filter .= html_print_table($table, true);

pandora_console/include/class/Tree.class.php

@@ -1307,12 +1307,27 @@ class Tree {
 		$module['serverTypeHTML'] = servers_show_type($module['server_type']);
 		
 		// Link to the Module graph
-		$group_id = (int) modules_get_agent_group($module['id']);
-		$module["showGraphs"] = 0;
 		
 		// ACL
-		if (!empty($group_id)) {
-			$module["showGraphs"] = (int) check_acl($config['id_user'], $group_id, "RR");
+		$group_id = (int) modules_get_agent_group($module['id']);
+		$acl_graphs = false;
+		$module["showGraphs"] = 0;
+		
+		// Avoid the check on the metaconsole. Too slow to show/hide an icon depending on the permissions
+		if (!empty($group_id) && !defined("METACONSOLE")) {
+			if ($this->strictACL) {
+				$acl_graphs = tags_check_acl_by_module($module['id'], $config['id_user'], 'RR') === true;
+			}
+			else {
+				$acl_graphs = check_acl($config['id_user'], $group_id, "RR");
+			}
+		}
+		else if (!empty($group_id)) {
+			$acl_graphs = true;
+		}
+		
+		if ($acl_graphs) {
+			$module["showGraphs"] = 1;
 		}
 		
 		if ($module["showGraphs"]) {
@@ -1329,6 +1344,7 @@ class Tree {
 				);
 			
 			if (defined('METACONSOLE') && !empty($server)) {
+				$graph_params["avg_only"] = 1;
 				// Set the server id
 				$graph_params["server"] = $module['serverID'];
 			}

pandora_console/include/config_process.php

@@ -22,7 +22,7 @@
 /**
  * Pandora build version and version 
  */
-$build_version = 'PC150324';
+$build_version = 'PC150326';
 $pandora_version = 'v6.0dev';
 
 // Do not overwrite default timezone set if defined.

pandora_console/include/functions_agents.php

@@ -1161,9 +1161,11 @@ function agents_get_modules ($id_agent = null, $details = false,
 	
 	//$where .= " AND id_policy_module = 0 ";
 	
-	$where_tags = tags_get_acl_tags($config['id_user'], $id_groups, 'AR', 'module_condition', 'AND', 'tagente_modulo'); 
+	$where_tags = tags_get_acl_tags($config['id_user'], $id_groups, 'AR',
+		'module_condition', 'AND', 'tagente_modulo', false, array(),
+		true); 
 	
-	$where .= $where_tags;
+	$where .= "\n\n" . $where_tags;
 	
 	switch ($config["dbtype"]) {
 		case "mysql":
@@ -1189,6 +1191,7 @@ function agents_get_modules ($id_agent = null, $details = false,
 			break;
 	}
 	
+	
 	$result = db_get_all_rows_sql ($sql);
 	
 	if (empty ($result)) {

pandora_console/include/functions_events.php

@@ -1914,13 +1914,17 @@ function events_page_details ($event, $server = "") {
 	global $config;
 	
 	// If server is provided, get the hash parameters
-	if (!empty($server)) { 
+	if (!empty($server) && defined("METACONSOLE")) { 
 		$hashdata = metaconsole_get_server_hashdata($server);
 		$hashstring = "&" .
 			"loginhash=auto&" .
 			"loginhash_data=" . $hashdata . "&" .
 			"loginhash_user=" . str_rot13($config["id_user"]);
 		$serverstring = $server['server_url'] . "/";
+		
+		if (metaconsole_connect($server) !== NOERR) {
+			return ui_print_error_message(__('There was an error connecting to the node'), '', true);
+		}
 	}
 	else {
 		$hashstring = "";
@@ -1951,14 +1955,7 @@ function events_page_details ($event, $server = "") {
 	}
 	
 	if ($event["id_agente"] != 0) {
-		if (!empty($server)) { 
-			$agent = agents_meta_get_agent(array('id_agent' => $event["id_agente"], 
-												'id_server' => $server['id'], 
-												'server_name' => $server['server_name']));
-		}
-		else {
-			$agent = db_get_row('tagente','id_agente',$event["id_agente"]);
-		}
+		$agent = db_get_row('tagente','id_agente',$event["id_agente"]);
 	}
 	else {
 		$agent = array();
@@ -2007,12 +2004,7 @@ function events_page_details ($event, $server = "") {
 	}
 	
 	if ($event["id_agentmodule"] != 0) {
-		if (!empty($server)) { 
-			$module = meta_modules_get_agentmodule ($event["id_agentmodule"], $server['id']);
-		}
-		else {
-			$module = db_get_row_filter('tagente_modulo',array('id_agente_modulo' => $event["id_agentmodule"], 'delete_pending' => 0));
-		}
+		$module = db_get_row_filter('tagente_modulo',array('id_agente_modulo' => $event["id_agentmodule"], 'delete_pending' => 0));
 	}
 	else {
 		$module = array();
@@ -2046,7 +2038,20 @@ function events_page_details ($event, $server = "") {
 		}
 		$table_details->data[] = $data;
 		
-		if (check_acl($config['id_user'], $agent['id_grupo'], "RR")) {
+		// ACL
+		$acl_graph = false;
+		$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
+		
+		if (!empty($agent['id_grupo'])) {
+			if ($strict_user) {
+				$acl_graph = tags_check_acl_by_module($module["id_agente_modulo"], $config['id_user'], 'RR') === true;
+			}
+			else {
+				$acl_graph = check_acl($config['id_user'], $agent['id_grupo'], "RR");
+			}
+		}
+		
+		if ($acl_graph) {
 			$data = array();
 			$data[0] = '<div style="font-weight:normal; margin-left: 20px;">'.__('Graph').'</div>';
 			
@@ -2068,6 +2073,7 @@ function events_page_details ($event, $server = "") {
 				);
 			
 			if (defined('METACONSOLE')) {
+				$graph_params["avg_only"] = 1;
 				// Set the server id
 				$graph_params["server"] = $server["id"];
 			}
@@ -2191,6 +2197,9 @@ function events_page_details ($event, $server = "") {
 	
 	$details = '<div id="extended_event_details_page" class="extended_event_pages">'.html_print_table($table_details, true).'</div>';
 	
+	if (!empty($server) && defined("METACONSOLE"))
+		metaconsole_restore_db();
+	
 	return $details;
 }
 

pandora_console/include/functions_reporting.php

@@ -1623,4 +1623,4 @@ function reporting_get_agentmodule_data_average ($id_agent_module, $period=0, $d
 	
 	return $total / $count;	
 }
-?>
+?>

pandora_console/include/functions_tags.php

@@ -596,7 +596,10 @@ function tags_get_tags_formatted ($tags_array, $get_url = true) {
  * @return mixed/string Tag ids
  */
  
-function tags_get_acl_tags($id_user, $id_group, $access = 'AR', $return_mode = 'module_condition', $query_prefix = '', $query_table = '', $meta = false, $childrens_ids = array(), $force_group_and_tag = false) {
+function tags_get_acl_tags($id_user, $id_group, $access = 'AR',
+	$return_mode = 'module_condition', $query_prefix = '',
+	$query_table = '', $meta = false, $childrens_ids = array(),
+	$force_group_and_tag = false) {
 	
 	global $config;
 	
@@ -635,6 +638,7 @@ function tags_get_acl_tags($id_user, $id_group, $access = 'AR', $return_mode = '
 	
 	$acltags = tags_get_user_module_and_tags($id_user, $access);
 	
+	
 	// Delete the groups without tag restrictions from the acl tags array if $force_group_and_tag == false
 	// Delete the groups that aren't in the received groups id
 	$acltags_aux = array();
@@ -660,7 +664,9 @@ function tags_get_acl_tags($id_user, $id_group, $access = 'AR', $return_mode = '
 			break;
 		case 'module_condition':
 			// Return the condition of the tags for tagente_modulo table
-			$condition = tags_get_acl_tags_module_condition($acltags, $query_table, true);
+			
+			$condition = tags_get_acl_tags_module_condition($acltags,
+				$query_table);
 			if (!empty($condition)) {
 				return " $query_prefix " . $condition;
 			}
@@ -701,7 +707,7 @@ function tags_get_acl_tags_module_condition($acltags, $modules_table = '') {
 		
 		// Fix: Wrap SQL expression with "()" to avoid bad SQL sintax that makes Pandora retrieve all modules without taking care of id_agent => id_agent = X AND (sql_tag_expression) 
 		if ($i == 0)
-			$condition .= ' ( ';
+			$condition .= ' ( ' . "\n";
 		
 		// Group condition (The module belongs to an agent of the group X)
 		// Juanma (08/05/2014) Fix: Now group and tag is checked at the same time, before only tag was checked due to a bad condition
@@ -713,7 +719,7 @@ function tags_get_acl_tags_module_condition($acltags, $modules_table = '') {
 			//Avoid the user profiles with all group access.
 			$group_condition = " 1 = 1 ";
 		}
-			
+		
 		//When the acl is only group without tags
 		if (empty($group_tags)) {
 			$condition .= "($group_condition)\n";
@@ -727,9 +733,14 @@ function tags_get_acl_tags_module_condition($acltags, $modules_table = '') {
 			// Tags condition (The module has at least one of the restricted tags)
 			$tags_condition = sprintf('%sid_agente_modulo IN (SELECT id_agente_modulo FROM ttag_module WHERE id_tag IN (%s))', $modules_table, $group_tags_query);
 			
-			$condition .= "($group_condition AND \n$tags_condition)\n";
+			$condition .=
+				"	( \n" .
+				"		$group_condition \n" .
+				"			AND \n" .
+				"		$tags_condition \n" .
+				"	)\n";
 		}
-				
+		
 		$i++;
 	}
 	
@@ -1029,9 +1040,15 @@ function tags_check_acl($id_user, $id_group, $access, $tags = array(), $flag_id_
 		return false;
 	}
 	
-	// If there are not tags restrictions or tags passed, return true
+	// If there are not tags restrictions or tags passed, check the group access
 	if (empty($acls) || empty($tags)) {
-		return true;
+		if (!is_array($id_group))
+			$group_id_array = array($id_group);
+			
+		foreach ($id_group as $group) {
+			if (check_acl($id_user, $group, $access))
+				return true;
+		}
 	}
 	
 	# Fix: If user profile has more than one group, due to ACL propagation then id_group can be an array
@@ -1127,9 +1144,15 @@ function tags_check_acl_event($id_user, $id_group, $access, $tags = array(),$p =
 		return false;
 	}
 
-	// If there are not tags restrictions or tags passed, return true
-	if(empty($acls) || empty($tags)) {
-		return true;
+	// If there are not tags restrictions or tags passed, check the group access
+	if (empty($acls) || empty($tags)) {
+		if (!is_array($id_group))
+			$group_id_array = array($id_group);
+			
+		foreach ($id_group as $group) {
+			if (check_acl($id_user, $group, $access))
+				return true;
+		}
 	}
 
 	# Fix: If user profile has more than one group, due to ACL propagation then id_group can be an array
@@ -2135,10 +2158,10 @@ function tags_get_monitors_alerts ($id_tag, $groups_and_tags = array(), $id_agen
 		AND tagente_modulo.id_agente_modulo IN (SELECT id_agente_modulo FROM ttag_module WHERE id_tag = $id_tag)
 		$agents_clause
 		$groups_clause";
-
+	
 	$count = db_get_sql ($sql);
-			
-	return $count;	
+	
+	return $count;
 }
 
 function __add_acltags (&$acltags, $group_id, $tags_str) {
@@ -2195,7 +2218,7 @@ function tags_get_user_module_and_tags ($id_user = false, $access = 'AR', $stric
 	}
 	
 	$acl_column = get_acl_column($access);
-
+	
 	$sql = sprintf("SELECT tags, id_grupo 
 					FROM tusuario_perfil, tperfil
 					WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND
@@ -2203,7 +2226,7 @@ function tags_get_user_module_and_tags ($id_user = false, $access = 'AR', $stric
 						tperfil.%s = 1
 					ORDER BY id_grupo", $id_user, $acl_column);
 	$tags_and_groups = db_get_all_rows_sql($sql);
-
+	
 	if ($tags_and_groups === false)
 		$tags_and_groups = array();
 	
@@ -2214,11 +2237,12 @@ function tags_get_user_module_and_tags ($id_user = false, $access = 'AR', $stric
 	$all_groups = groups_get_all();
 	if (!empty($all_groups))
 		$all_group_ids = array_keys($all_groups);
-
+	
+	
 	$tags_and_groups_aux = array();
 	foreach ($tags_and_groups as $data) {
 		// All group
-		if ($data['id_grupo'] == 0) {
+		if ($data['id_grupo'] === 0) {
 			// All group with empty tags. All groups without tags permission!
 			if (empty($data['tags'])) {
 				foreach ($all_group_ids as $group_id) {
@@ -2245,10 +2269,12 @@ function tags_get_user_module_and_tags ($id_user = false, $access = 'AR', $stric
 	$tags_and_groups = $tags_and_groups_aux;
 	unset($tags_and_groups_aux);
 	
+	
 	foreach ($tags_and_groups as $group_tag) {
 		__add_acltags($acltags, $group_tag['id_grupo'], $group_tag['tags']);
 	}
 	
+	
 	return $acltags;
 }
 

pandora_console/include/functions_treeview.php

@@ -314,6 +314,8 @@ function treeview_printTable($id_agente, $server_data = array()) {
 	enterprise_include_once ('meta/include/functions_ui_meta.php');
 	include_graphs_dependencies();
 	
+	$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
+	
 	$is_extra = enterprise_hook('policies_is_agent_extra_policy', array($id_agente));
 	
 	if ($is_extra === ENTERPRISE_NOT_HOOK) {
@@ -546,31 +548,40 @@ function treeview_printTable($id_agente, $server_data = array()) {
 		
 		foreach ($network_interfaces as $interface_name => $interface) {
 			if (!empty($interface['traffic'])) {
-				$params = array(
-						'interface_name' => $interface_name,
-						'agent_id' => $id_agente,
-						'traffic_module_in' => $interface['traffic']['in'],
-						'traffic_module_out' => $interface['traffic']['out']
-					);
-				$params_json = json_encode($params);
-				$params_encoded = base64_encode($params_json);
-				$win_handle = dechex(crc32($interface['status_module_id'].$interface_name));
+				$permission = false;
 				
-				$graph_url = '';
-				if (!defined('METACONSOLE')) {
-					$graph_url = $config['homeurl'] .
-						"operation/agentes/interface_traffic_graph_win.php?" .
-						"params=$params_encoded";
+				if ($strict_user) {
+					if (tags_check_acl_by_module($interface['traffic']['in'], $config['id_user'], 'RR') === true
+							&& tags_check_acl_by_module($interface['traffic']['out'], $config['id_user'], 'RR') === true)
+						$permission = true;
 				}
-				else if (!empty($server_data)) {
-					$graph_url = ui_meta_get_url_console_child(
-						$server_data, null, null, null, null,
-						"operation/agentes/interface_traffic_graph_win.php?" .
-						"params=$params_encoded");
+				else {
+					$permission = check_acl($config['id_user'], $agent["id_grupo"], "RR");
 				}
 				
-				$graph_link = "<a href=\"javascript:winopeng('$graph_url','$win_handle')\">" .
-					html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
+				if ($permission) {
+					$params = array(
+							'interface_name' => $interface_name,
+							'agent_id' => $id_agente,
+							'traffic_module_in' => $interface['traffic']['in'],
+							'traffic_module_out' => $interface['traffic']['out']
+						);
+					
+					if (defined('METACONSOLE') && !empty($server_id))
+						$params["server"] = $server_id;
+					
+					$params_json = json_encode($params);
+					$params_encoded = base64_encode($params_json);
+					$url = ui_get_full_url("operation/agentes/interface_traffic_graph_win.php", false, false, false);
+					$graph_url = "$url?params=$params_encoded";
+					$win_handle = dechex(crc32($interface['status_module_id'].$interface_name));
+					
+					$graph_link = "<a href=\"javascript:winopeng('$graph_url','$win_handle')\">" .
+						html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
+				}
+				else {
+					$graph_link = "";
+				}
 			}
 			else {
 				$graph_link = "";

pandora_console/include/javascript/tree/TreeController.js

@@ -22,7 +22,7 @@ TreeController = {
 			index: -1,
 			recipient: '',
 			tree: [],
-			emptyMessage: "Empty",
+			emptyMessage: "No data found.",
 			errorMessage: "Error",
 			baseURL: "",
 			ajaxURL: "ajax.php",
@@ -709,7 +709,7 @@ TreeNodeDetailController = {
 			type: 'none',
 			id: -1,
 			serverID: -1,
-			emptyMessage: "Empty",
+			emptyMessage: "No data found.",
 			errorMessage: "Error",
 			baseURL: "",
 			ajaxURL: "ajax.php",

pandora_console/install.php

@@ -63,7 +63,7 @@
 		<div style='height: 10px'>
 			<?php
 $version = '6.0dev';
-$build = '150324';
+$build = '150326';
 			$banner = "v$version Build $build";
 			
 			error_reporting(0);

pandora_console/operation/agentes/estado_generalagente.php

@@ -29,6 +29,7 @@ include_once($config['homedir'] . "/include/functions_clippy.php");
 
 check_login ();
 
+$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
 
 $id_agente = get_parameter_get ("id_agente", -1);
 
@@ -415,17 +416,33 @@ if (!empty($network_interfaces)) {
 	
 	foreach ($network_interfaces as $interface_name => $interface) {
 		if (!empty($interface['traffic'])) {
-			$params = array(
-					'interface_name' => $interface_name,
-					'agent_id' => $id_agente,
-					'traffic_module_in' => $interface['traffic']['in'],
-					'traffic_module_out' => $interface['traffic']['out']
-				);
-			$params_json = json_encode($params);
-			$params_encoded = base64_encode($params_json);
-			$win_handle = dechex(crc32($interface['status_module_id'].$interface_name));
-			$graph_link = "<a href=\"javascript:winopeng('operation/agentes/interface_traffic_graph_win.php?params=$params_encoded','$win_handle')\">" .
-				html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
+			$permission = false;
+			
+			if ($strict_user) {
+				if (tags_check_acl_by_module($interface['traffic']['in'], $config['id_user'], 'RR') === true
+						&& tags_check_acl_by_module($interface['traffic']['out'], $config['id_user'], 'RR') === true)
+					$permission = true;
+			}
+			else {
+				$permission = check_acl($config['id_user'], $agent["id_grupo"], "RR");
+			}
+			
+			if ($permission) {
+				$params = array(
+						'interface_name' => $interface_name,
+						'agent_id' => $id_agente,
+						'traffic_module_in' => $interface['traffic']['in'],
+						'traffic_module_out' => $interface['traffic']['out']
+					);
+				$params_json = json_encode($params);
+				$params_encoded = base64_encode($params_json);
+				$win_handle = dechex(crc32($interface['status_module_id'].$interface_name));
+				$graph_link = "<a href=\"javascript:winopeng('operation/agentes/interface_traffic_graph_win.php?params=$params_encoded','$win_handle')\">" .
+					html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
+			}
+			else {
+				$graph_link = "";
+			}
 		}
 		else {
 			$graph_link = "";

pandora_console/operation/agentes/interface_traffic_graph_win.php

@@ -21,31 +21,37 @@ if (! isset($_SESSION['id_usuario'])) {
 
 // Global & session management
 require_once ('../../include/config.php');
-require_once ('../../include/auth/mysql.php');
+require_once ($config['homedir'] . '/include/auth/mysql.php');
 require_once ($config['homedir'] . '/include/functions.php');
 require_once ($config['homedir'] . '/include/functions_db.php');
 require_once ($config['homedir'] . '/include/functions_reporting.php');
 require_once ($config['homedir'] . '/include/functions_graph.php');
 require_once ($config['homedir'] . '/include/functions_custom_graphs.php');
 require_once ($config['homedir'] . '/include/functions_modules.php');
-
-// Hash login process
-if (! isset ($config['id_user']) && get_parameter("loginhash", 0)) {
-	$loginhash_data = get_parameter("loginhash_data", "");
-	$loginhash_user = str_rot13(get_parameter("loginhash_user", ""));
-	
-	if ($config["loginhash_pwd"] != "" && $loginhash_data == md5($loginhash_user.io_output_password($config["loginhash_pwd"]))) {
-		db_logon ($loginhash_user, $_SERVER['REMOTE_ADDR']);
-		$_SESSION['id_usuario'] = $loginhash_user;
-		$config["id_user"] = $loginhash_user;
-		
-		$hash_connection_data = true;
-	}
-	
-}
+require_once ($config['homedir'] . '/include/functions_agents.php');
+require_once ($config['homedir'] . '/include/functions_tags.php');
 
 check_login();
 
+$params_json = base64_decode((string) get_parameter('params'));
+$params = json_decode($params_json, true);
+
+// Metaconsole connection to the node
+$server_id = (int) (isset($params['server']) ? $params['server'] : 0);
+if ($config["metaconsole"] && !empty($server_id)) {
+	$server = metaconsole_get_connection_by_id($server_id);
+
+	// Error connecting
+	if (metaconsole_connect($server) !== NOERR) {
+		echo "<html>";
+			echo "<body>";
+				ui_print_error_message(__('There was a problem connecting with the node'));
+			echo "</body>";
+		echo "</html>";
+		exit;
+	}
+}
+
 $user_language = get_user_language($config['id_user']);
 if (file_exists ('../../include/languages/'.$user_language.'.mo')) {
 	$l10n = new gettext_reader (new CachedFileReader ('../../include/languages/'.$user_language.'.mo'));
@@ -54,9 +60,6 @@ if (file_exists ('../../include/languages/'.$user_language.'.mo')) {
 
 echo '<link rel="stylesheet" href="../../include/styles/pandora.css" type="text/css"/>';
 
-$params_json = base64_decode((string) get_parameter('params'));
-$params = json_decode($params_json, true);
-
 $interface_name = (string) $params['interface_name'];
 $agent_id = (int) $params['agent_id'];
 $interface_traffic_modules = array(
@@ -106,6 +109,34 @@ $interface_traffic_modules = array(
 	<body bgcolor="#ffffff" style='background:#ffffff;'>
 <?php
 		
+		// ACL
+		$permission = false;
+		$agent_group = (int) agents_get_agent_group($agent_id);
+		$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
+		
+		// The traffic modules should belong to the agent id
+		$in_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_in']);
+		$out_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_out']);
+		$traffic_modules_belong_to_agent = $agent_id == $in_agent_id && $agent_id == $out_agent_id;
+		
+		if (!empty($agent_group) && !empty($params['traffic_module_in'])
+				&& !empty($params['traffic_module_out']) && $traffic_modules_belong_to_agent) {
+			
+			if ($strict_user) {
+				if (tags_check_acl_by_module($params['traffic_module_in'], $config['id_user'], 'RR') === true
+						&& tags_check_acl_by_module($params['traffic_module_out'], $config['id_user'], 'RR') === true)
+					$permission = true;
+			}
+			else {
+				$permission = check_acl($config['id_user'], $agent_group, "RR");
+			}
+		}
+		
+		if (!$permission) {
+			require ($config['homedir'] . "/general/noaccess.php");
+			exit;
+		}
+		
 		// Get input parameters
 		$period = (int) get_parameter('period', SECONDS_1HOUR);
 		$width = (int) get_parameter("width", 555);
@@ -165,16 +196,6 @@ $interface_traffic_modules = array(
 		$side_layer_params['body_text'] .= '<form method="get" action="interface_traffic_graph_win.php">';
 		$side_layer_params['body_text'] .= html_print_input_hidden("params", base64_encode($params_json), true);
 		
-		if (isset($hash_connection_data)) {
-			$side_layer_params['body_text'] .=
-				html_print_input_hidden("loginhash", "auto", true);
-			$side_layer_params['body_text'] .=
-				html_print_input_hidden("loginhash_data", $loginhash_data, true);
-			$side_layer_params['body_text'] .=
-				html_print_input_hidden("loginhash_user",
-					str_rot13($loginhash_user), true);
-		}
-		
 		// FORM TABLE
 		
 		$table = html_get_predefined_table('transparent', 2);

pandora_console/operation/agentes/stat_win.php

@@ -28,6 +28,7 @@ require_once ($config['homedir'] . '/include/functions_reporting.php');
 require_once ($config['homedir'] . '/include/functions_graph.php');
 require_once ($config['homedir'] . '/include/functions_modules.php');
 require_once ($config['homedir'] . '/include/functions_agents.php');
+require_once ($config['homedir'] . '/include/functions_tags.php');
 
 check_login ();
 
@@ -112,9 +113,15 @@ $label = base64_decode(get_parameter('label', ''));
 		// ACL
 		$permission = false;
 		$agent_group = (int) agents_get_agent_group($agent_id);
+		$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
 		
-		if (!empty($agent_group) && check_acl($config['id_user'], $agent_group, "RR")) {
-			$permission = true;
+		if (!empty($agent_group)) {
+			if ($strict_user) {
+				$permission = tags_check_acl_by_module($id, $config['id_user'], 'RR') === true;
+			}
+			else {
+				$permission = check_acl($config['id_user'], $agent_group, "RR");
+			}
 		}
 		
 		if (!$permission) {

pandora_console/operation/agentes/status_monitor.php

@@ -1197,7 +1197,22 @@ foreach ($result as $row) {
 	
 	$data[7] = "";
 	
-	if ($row['history_data'] == 1 && check_acl($config['id_user'], $row['id_group'], "RR")) {
+	$acl_graphs = false;
+	
+	// Avoid the check on the metaconsole. Too slow to show/hide an icon depending on the permissions
+	if (!defined("METACONSOLE")) {
+		if ($strict_user) {
+			$acl_graphs = tags_check_acl_by_module($row['id_agente_modulo'], $config['id_user'], 'RR') === true;
+		}
+		else {
+			$acl_graphs = check_acl($config['id_user'], $row['id_group'], "RR");
+		}
+	}
+	else {
+		$acl_graphs = true;
+	}
+	
+	if ($row['history_data'] == 1 && $acl_graphs) {
 		
 		$graph_type = return_graphtype ($row["module_type"]);
 		
@@ -1214,6 +1229,7 @@ foreach ($result as $row) {
 			);
 		
 		if (defined('METACONSOLE') && isset($row["server_id"])) {
+			$graph_params["avg_only"] = 1;
 			// Set the server id
 			$graph_params["server"] = $row["server_id"];
 		}

pandora_console/operation/snmpconsole/snmp_view.php

@@ -477,7 +477,15 @@ if ($traps !== false) {
 		
 		//OID
 		$table->cellclass[$idx][2] = get_priority_class ($severity);
-		$data[2] = '<a href="javascript: toggleVisibleExtendedInfo(' . $trap["id_trap"] . ');">' . (empty($trap["oid"]) ? __('N/A') : $trap["oid"]) .'</a>';
+		if (! empty($trap["text"])) {
+			$enterprise_string = $trap["text"];
+		} else if (! empty($trap["oid"])) {
+			$enterprise_string = $trap["oid"];
+		} else {
+			$enterprise_string = __('N/A');
+		}
+
+		$data[2] = '<a href="javascript: toggleVisibleExtendedInfo(' . $trap["id_trap"] . ');">' . $enterprise_string .'</a>';
 		
 		//Count
 		if ($group_by) {
@@ -591,13 +599,6 @@ if ($traps !== false) {
 				</tr>';
 		}
 		
-		if ($trap["text"] != "") {
-			$string .= '<tr>
-					<td align="left" valign="top">' . '<b>' . __('Text:') . '</td>
-					<td align="left">' . $trap['text'] . '</td>
-				</tr>';
-		}
-		
 		if ($trap["type"] != "") {
 			$trap_types = array(-1 => __('None'), 0 => __('Cold start (0)'), 1 => __('Warm start (1)'), 2 => __('Link down (2)'), 3 => __('Link up (3)'), 4 => __('Authentication failure (4)'), 5 => __('Other'));
 			

pandora_console/pandora_console.redhat.spec

@@ -3,7 +3,7 @@
 #
 %define name        pandorafms_console
 %define version     6.0dev
-%define release     150324
+%define release     150326
 
 # User and Group under which Apache is running
 %define httpd_name  httpd

pandora_console/pandora_console.spec

@@ -3,7 +3,7 @@
 #
 %define name        pandorafms_console
 %define version     6.0dev
-%define release     150324
+%define release     150326
 %define httpd_name      httpd
 # User and Group under which Apache is running
 %define httpd_name  apache2

pandora_console/pandoradb_data.sql

@@ -38,7 +38,7 @@ INSERT INTO `tconfig` (`token`, `value`) VALUES
 ('graph_res','5'),
 ('step_compact','1'),
 ('db_scheme_version','6.0dev'),
-('db_scheme_build','PD150324'),
+('db_scheme_build','PD150326'),
 ('show_unknown','0'),
 ('show_lastalerts','1'),
 ('style','pandora'),

pandora_server/DEBIAN/control

@@ -1,5 +1,5 @@
 package: pandorafms-server
-Version: 6.0dev-150324
+Version: 6.0dev-150326
 Architecture: all
 Priority: optional
 Section: admin

pandora_server/DEBIAN/make_deb_package.sh

@@ -14,7 +14,7 @@
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 
-pandora_version="6.0dev-150324"
+pandora_version="6.0dev-150326"
 
 package_cpan=0
 package_pandora=1

pandora_server/lib/PandoraFMS/Config.pm

@@ -43,7 +43,7 @@ our @EXPORT = qw(
 
 # version: Defines actual version of Pandora Server for this module only
 my $pandora_version = "6.0dev";
-my $pandora_build = "150324";
+my $pandora_build = "150326";
 our $VERSION = $pandora_version." ".$pandora_build;
 
 # Setup hash

pandora_server/lib/PandoraFMS/DB.pm

@@ -73,10 +73,13 @@ our @EXPORT = qw(
 		get_profile_id
 		get_priority_name
 		get_server_id
+		get_tag_id
+		get_group_name
 		get_template_id
 		get_template_module_id
 		get_user_disabled
 		get_user_exists
+		get_user_profile_id
 		is_agent_address
 		is_group_disabled
 		get_agent_status
@@ -191,6 +194,18 @@ sub get_server_id ($$$) {
 	return defined ($rc) ? $rc : -1;
 }
 
+########################################################################
+## Return the ID of a tag given the tag name.
+########################################################################
+sub get_tag_id ($$) {
+	my ($dbh, $tag_name) = @_;
+
+	my $rc = get_db_value ($dbh, "SELECT id_tag FROM ttag
+					WHERE name = ?",
+					safe_input($tag_name));
+	return defined ($rc) ? $rc : -1;
+}
+
 ########################################################################
 ## Return the first enabled server name found.
 ########################################################################
@@ -549,6 +564,22 @@ sub get_nc_profile_name ($$) {
 	return get_db_value ($dbh, "SELECT * FROM tnetwork_profile WHERE id_np = ?", $nc_id);
 }
 
+##########################################################################
+## Return user profile ID given the user id, group id and profile id.
+##########################################################################
+sub get_user_profile_id ($$$$) {
+	my ($dbh, $user_id, $profile_id, $group_id) = @_;
+	
+	my $rc = get_db_value ($dbh, "SELECT id_up FROM tusuario_perfil
+	                              WHERE id_usuario = ?
+								  AND id_perfil = ?
+								  AND id_grupo = ?",
+								  safe_input($user_id),
+								  $profile_id,
+								  $group_id);
+	return defined ($rc) ? $rc : -1;
+}
+
 ##########################################################################
 ## Return profile ID given the profile name.
 ##########################################################################

pandora_server/lib/PandoraFMS/NetworkServer.pm

@@ -108,7 +108,7 @@ sub data_producer ($) {
 		'AND tagente_modulo.disabled = 0
 		AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 		AND (tagente_modulo.flag = 1 OR ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())) 
-		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC ', $pa_config->{'servername'});
+		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC ', safe_input($pa_config->{'servername'}));
     } else {
 		@rows = get_db_rows ($dbh, 'SELECT tagente_modulo.id_agente_modulo, tagente_modulo.flag, tagente_estado.last_execution_try, tagente_estado.current_interval + tagente_estado.last_execution_try AS time_left, last_execution_try
 		FROM tagente, tagente_modulo, tagente_estado
@@ -121,7 +121,7 @@ sub data_producer ($) {
 		. (defined ($network_filter) ? $network_filter : ' ') .
 		'AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 		AND (tagente_modulo.flag = 1 OR ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP()))
-		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC', $pa_config->{'servername'}, DATASERVER);
+		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC', safe_input($pa_config->{'servername'}), NETWORKSERVER);
 	}
 
 	foreach my $row (@rows) {

pandora_server/lib/PandoraFMS/PluginServer.pm

@@ -106,7 +106,7 @@ sub data_producer ($) {
 			AND tagente_modulo.disabled = 0
 			AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND (tagente_modulo.flag = 1 OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'});
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}));
     } else {
 		@rows = get_db_rows ($dbh, 'SELECT DISTINCT(tagente_modulo.id_agente_modulo), tagente_modulo.flag, tagente_estado.current_interval + tagente_estado.last_execution_try AS time_left, last_execution_try
 			FROM tagente, tagente_modulo, tagente_estado
@@ -117,7 +117,7 @@ sub data_producer ($) {
 			AND tagente_modulo.id_plugin != 0
 			AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND (tagente_modulo.flag = 1 OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'}, PLUGINSERVER);
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}), PLUGINSERVER);
 	}
 
 	foreach my $row (@rows) {

pandora_server/lib/PandoraFMS/PredictionServer.pm

@@ -105,7 +105,7 @@ sub data_producer ($) {
 				AND tagente_modulo.id_modulo = 5
 				AND (tagente_modulo.flag = 1
 				OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY last_execution_try ASC ', $pa_config->{'servername'});
+			ORDER BY last_execution_try ASC ', safe_input($pa_config->{'servername'}));
 	}
 	else {
 		@rows = get_db_rows ($dbh, 'SELECT DISTINCT(tagente_modulo.id_agente_modulo),
@@ -123,7 +123,7 @@ sub data_producer ($) {
 				AND tagente_modulo.id_modulo = 5
 				AND (tagente_modulo.flag = 1
 				OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY last_execution_try ASC', $pa_config->{'servername'}, PREDICTIONSERVER);
+			ORDER BY last_execution_try ASC', safe_input($pa_config->{'servername'}), PREDICTIONSERVER);
 	}
 	
 	foreach my $row (@rows) {

pandora_server/lib/PandoraFMS/WMIServer.pm

@@ -105,7 +105,7 @@ sub data_producer ($) {
 			AND	tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP() 
 			OR tagente_modulo.flag = 1)				
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'});		
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}));
 	} else {
 		@rows = get_db_rows ($dbh, 'SELECT DISTINCT(tagente_modulo.id_agente_modulo), tagente_modulo.flag, tagente_estado.current_interval + tagente_estado.last_execution_try AS time_left, last_execution_try
 			FROM tagente, tagente_modulo, tagente_estado, tserver
@@ -116,7 +116,7 @@ sub data_producer ($) {
 			AND tagente_modulo.id_modulo = 6
 			AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP() OR tagente_modulo.flag = 1 )
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'}, WMISERVER);
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}), WMISERVER);
 	}
 
 	foreach my $row (@rows) {

pandora_server/pandora_server.redhat.spec

@@ -3,7 +3,7 @@
 #
 %define name        pandorafms_server
 %define version     6.0dev
-%define release     150324
+%define release     150326
 
 Summary:            Pandora FMS Server
 Name:               %{name}

pandora_server/pandora_server.spec

@@ -3,7 +3,7 @@
 #
 %define name        pandorafms_server
 %define version     6.0dev
-%define release     150324
+%define release     150326
 
 Summary:            Pandora FMS Server
 Name:               %{name}

pandora_server/util/pandora_db.pl

@@ -33,7 +33,7 @@ use PandoraFMS::Tools;
 use PandoraFMS::DB;
 
 # version: define current version
-my $version = "6.0dev PS150324";
+my $version = "6.0dev PS150326";
 
 # Pandora server configuration
 my %conf;

pandora_server/util/pandora_manage.pl

@@ -20,6 +20,7 @@ use File::Basename;
 use JSON qw(decode_json encode_json);
 use MIME::Base64;
 use Encode qw(decode encode_utf8);
+use LWP::Simple;
 
 # Default lib dir for RPM and DEB packages
 use lib '/usr/lib/perl5';
@@ -34,7 +35,7 @@ use Encode::Locale;
 Encode::Locale::decode_argv;
 
 # version: define current version
-my $version = "6.0dev PS150324";
+my $version = "6.0dev PS150326";
 
 # save program name for logging
 my $progname = basename($0);
@@ -186,10 +187,50 @@ sub help_screen{
     print "\nSETUP:\n\n" unless $param ne '';
 	help_screen_line('--set_event_storm_protection', '<value>', "Enable (1) or disable (0) event \n\t  storm protection");
 	
+    print "\nTAGS\n\n" unless $param ne '';
+    help_screen_line('--create_tag', '<tag_name> <tag_description> [<tag_url>] [<tag_email>]', 'Create a new tag');
+    help_screen_line('--add_tag_to_user_profile', '<user_id> <tag_name> <group_name> <profile_name>', 'Add a tag to the given user profile');
+    help_screen_line('--add_tag_to_module', '<agent_name> <module_name> <tag_name>', 'Add a tag to the given module');
+
     print "\n";
 	exit;
 }
 
+###############################################################################
+# 
+###############################################################################
+sub api_call($$$;$$$) {
+	my ($pa_config, $op, $op2, $id, $id2, $other) = @_;
+	my $content = undef;
+
+	eval {
+		# Set the parameters for the POST request.
+		my $params = {};
+		$params->{"apipass"} = $pa_config->{"console_api_pass"};
+		$params->{"user"} = $pa_config->{"console_user"};
+		$params->{"pass"} = $pa_config->{"console_pass"};
+		$params->{"op"} = $op;
+		$params->{"op2"} = $op2;
+		$params->{"id"} = $id;
+		$params->{"id2"} = $id2;
+		$params->{"other"} = $other;
+		$params->{"other_mode"} = "url_encode_separator_|";
+		
+		# Call the API.
+		my $ua = new LWP::UserAgent;
+		my $url = $pa_config->{"console_api_url"};
+		my $response = $ua->post($url, $params);
+				
+		if ($response->is_success) {
+			$content = $response->decoded_content();
+		} else {
+			$content = $response->decoded_content();
+		}
+	};
+
+	return $content;
+}
+
 ###############################################################################
 # Disable a entire group
 ###############################################################################
@@ -4083,6 +4124,18 @@ sub pandora_manage_main ($$$) {
 			param_check($ltotal, 1);
 			cli_recreate_collection();
 		}
+		elsif ($param eq '--create_tag') {
+			param_check($ltotal, 4, 2);
+			cli_create_tag();
+		} 
+		elsif ($param eq '--add_tag_to_user_profile') {
+			param_check($ltotal, 4);
+			cli_add_tag_to_user_profile();
+		} 
+		elsif ($param eq '--add_tag_to_module') {
+			param_check($ltotal, 3);
+			cli_add_tag_to_module();
+		} 
 		else {
 			print_log "[ERROR] Invalid option '$param'.\n\n";
 			$param = '';
@@ -4281,5 +4334,77 @@ sub cli_create_local_component() {
 	$parameters{'ff_timeout'} = $ff_timeout unless !defined ($ff_timeout);
 	
 	my $component_id = enterprise_hook('pandora_create_local_component_from_hash',[$conf, \%parameters, $dbh]);
-
+}
+
+##############################################################################
+# Create a new tag.
+##############################################################################
+
+sub cli_create_tag() {
+	my ($tag_name, $tag_description, $tag_url, $tag_email) = @ARGV[2..5];
+
+	# Call the API.
+	my $result = api_call(\%conf, 'set', 'create_tag', undef, undef, "$tag_name|$tag_description|$tag_url|$tag_email");
+	print "\n$result\n";
+}
+
+##############################################################################
+# Add a tag to the specified profile and group. 
+##############################################################################
+
+sub cli_add_tag_to_user_profile() {
+	my ($user_id, $tag_name, $group_name, $profile_name) = @ARGV[2..5];
+
+	# Check the user.
+	my $user_exists = get_user_exists($dbh, $user_id);
+	exist_check($user_exists, 'user', $user_id);
+
+	# Check the group.
+	my $group_id;
+	if ($group_name eq 'All') {
+		$group_id = 0;
+	} else {
+		$group_id = get_group_id($dbh, $group_name);
+		exist_check($group_id, 'group', $group_name);
+	}
+
+	# Check the profile.
+	my $profile_id = get_profile_id($dbh, $profile_name);
+	exist_check($profile_id, 'profile', $profile_name);
+
+	# Make sure the tag exists.
+	my $tag_id = get_tag_id($dbh, $tag_name);
+	exist_check($tag_id, 'tag', $tag_name);
+
+	# Make sure the profile is associated to the user.
+	my $user_profile_id = get_user_profile_id($dbh, $user_id, $profile_id, $group_id);
+	exist_check($user_profile_id, 'given profile and group combination for user', $user_id);
+
+	# Call the API.
+	my $result = api_call(\%conf, 'set', 'tag_user_profile', $user_id, $tag_id, "$group_id|$profile_id");
+	print "\n$result\n";
+}
+
+##############################################################################
+# Add a tag to the specified profile and group. 
+##############################################################################
+
+sub cli_add_tag_to_module() {
+	my ($agent_name, $module_name, $tag_name) = @ARGV[2..4];
+
+	# Check the tag.
+	my $tag_id = get_tag_id($dbh, $tag_name);
+	exist_check($tag_id, 'tag', $tag_name);
+
+	# Check the agent.
+	my $agent_id = get_agent_id($dbh, $agent_name);
+	exist_check($agent_id, 'agent', $agent_name);
+
+	# Check the module.
+	my $module_id = get_agent_module_id($dbh, $module_name, $agent_id);
+	exist_check($module_id, 'module name', $module_name);
+
+	# Call the API.
+	my $result = api_call(\%conf, 'set', 'add_tag_module', $module_id, $tag_id);
+	print "\n$result\n";
 }