tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2011-08-09 Javier Lanz <javier.lanz@artica.es> 

* operation/incidents/incident.incident.php,
        operation/incidents/incident.files.php,
        operation/incidents/incident.tracking.php,
        operation/incidents/incident.workunits.php,
        operation/incidents/incident.download_file.php,
        operation/incidents/incident.list.php: Deleted.

        * operation/incidents/incident.php,
        operation/incidents/incident_detail.php: Restored from a
        previous version due an incident moving and copying files.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4694 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
javilanz 2011-08-09 16:58:32 +00:00
parent ac3a44d4d1
commit 59d85fe496
9 changed files with 324 additions and 738 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pandora_console/ChangeLog
View File

@ -1,3 +1,17 @@
2011-08-09 Javier Lanz <javier.lanz@artica.es>
* operation/incidents/incident.incident.php,
operation/incidents/incident.files.php,
operation/incidents/incident.tracking.php,
operation/incidents/incident.workunits.php,
operation/incidents/incident.download_file.php,
operation/incidents/incident.list.php: Deleted.
* operation/incidents/incident.php,
operation/incidents/incident_detail.php: Restored from a previous
version due an incident moving and copying files.
2011-08-09 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
* extensions/module_groups.php: Add tooltip message when a module group

36
pandora_console/operation/incidents/incident.download_file.php
View File

@ -1,36 +0,0 @@
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
require_once ("../../include/functions_incidents.php");
require_once ("../../include/config.php");
$id_file = $_GET["id_file"];
$filename = $_GET["filename"];
$id_user = $_GET["id_user"];
$integria_api = $config['integria_url']."/include/api.php?return_type=csv&user=".$config['id_user']."&pass=".$config['integria_api_password'];
$url = $integria_api."&op=download_file&params=".$id_file;
// Call the integria API
$file = incidents_call_api($url);
header("Content-type: binary");
header("Content-Disposition: attachment; filename=\"".$filename."\"");
header("Pragma: no-cache");
header("Expires: 0");
echo base64_decode($file);
?>

72
pandora_console/operation/incidents/incident.files.php
View File

@ -1,72 +0,0 @@
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $result;
$table->width = "98%";
$table->class = "databox";
$table->data = array();
$profiles = array();
$table->data[0][0] = "<b>".__('File')."</b><br/>".html_print_input_file ('new_file', true, array('size' => "50%"));
$table->data[1][0] = "<b>".__('Description')."</b><br/>".html_print_textarea('description', 3, 6, '' , '', true);
$form = "<form method='post' action='' enctype='multipart/form-data'>";
$form .= html_print_table($table, true);
$form .= html_print_submit_button(__('Add'), 'submit_button', false, '', true);
$form .= html_print_input_hidden('tab', 'files', true);
$form .= html_print_input_hidden('attach_file', '1', true);
$form .= html_print_input_hidden('id_incident', $id_incident, true);
$form .= "</form>";
ui_toggle($form, __('Add a file'));
unset($table);
$table->width = "98%";
$table->class = "databox";
$table->head[0] = __('Filename');
$table->head[1] = __('Timestamp');
$table->head[2] = __('Description');
$table->head[3] = __('Size');
$table->head[4] = __('Delete');
$table->data = array();
if(isset($result['file'][0]) && is_array($result['file'][0])){
$files = $result['file'];
}
else {
$files = $result;
}
$row = 0;
foreach($files as $value) {
$table->data[$row][0] = '<a href="operation/integria_incidents/incident.download_file.php?tab=files&id_incident='.$value['id_incidencia'].'&id_file='.$value['id_attachment'].'&filename='.$value['filename'].'&id_user='.$config['id_user'].'&rintegria_server='.$config['rintegria_server'].'">'.$value['filename'].'</a>';
$table->data[$row][1] = $value['id_usuario'];
if(is_array($value['description'])) {
$value['description'] = '';
}
$table->data[$row][2] = $value['description'];
$table->data[$row][3] = $value['size'];
$table->data[$row][4] = "<a href='index.php?sec=incidencias&sec2=operation/integria_incidents/incident&tab=files&id_incident=".$value['id_incidencia']."&delete_file=".$value['id_attachment']."'>".html_print_image("images/cross.png", true, array('title' => __('Delete file')))."</a>";
$row++;
}
html_print_table($table);
?>

119
pandora_console/operation/incidents/incident.incident.php
View File

@ -1,119 +0,0 @@
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $result;
global $result_resolutions;
global $result_status;
global $result_sources;
global $result_groups;
global $result_users;
$resolutions[0] = __('None');
foreach($result_resolutions['resolution'] as $res) {
$resolutions[$res['id']] = $res['name'];
}
foreach($result_status['status'] as $st) {
$status[$st['id']] = $st['name'];
}
foreach($result_sources['source'] as $src) {
$sources[$src['id']] = $src['name'];
}
foreach($result_groups['group'] as $gr) {
$groups[$gr['id']] = $gr['name'];
}
foreach($result_users['id_user'] as $usr) {
$users[$usr] = $usr;
}
if(!isset($result['id_incidencia'])) {
$result['titulo'] = '';
$result['sla_disabled'] = 0;
$result['notify_email'] = 0;
$result['estado'] = 0;
$result['prioridad'] = 0;
$result['resolution'] = 0;
$result['id_parent'] = 0;
$result['origen'] = 0;
$result['id_incident_type'] = 0;
$result['id_task'] = 0;
$result['id_creator'] = $config['id_user'];
$result['id_grupo'] = 0;
$result['id_usuario'] = 0;
$result['id_task'] = 0;
$result['descripcion'] = '';
$result['epilog'] = '';
}
$table->width = "98%";
$table->class = "databox";
$table->data = array();
$table->colspan[0][0] = 3;
$table->colspan[3][0] = 3;
$table->colspan[4][0] = 3;
$table->data[0][0] = "<b>".__('Title')."</b><br/>".html_print_input_text("title", $result['titulo'], '', 50, 255, true);
if(isset($result['id_incidencia'])) {
$table->data[1][2] = "<b>".__('Assigned user')."</b><br/>".html_print_select ($users, 'id_user', $result['id_usuario'], '', '', 0, true, false, false);
}
else {
$table->data[1][2] = "";
}
$table->data[1][0] = "<b>".__('Group')."</b><br/>".html_print_select ($groups, 'group', $result['id_grupo'], '', '', 0, true, false, false);
$table->data[1][1] = "<b>".__('Priority')."</b><br/>".html_print_select (incidents_get_priorities (), 'priority', $result['prioridad'], '', '', 0, true, false, false);
$table->data[1][2] = "<b>".__('Creator')."</b><br/>".$result['id_creator'];
if(isset($result['id_incidencia'])) {
$table->data[2][0] = "<b>".__('Source')."</b><br/>".html_print_select ($sources, 'source', $result['origen'], '', '', 0, true, false, false);
$table->data[2][1] = "<b>".__('Resolution')."</b><br/>".html_print_select ($resolutions, 'resolution', $result['resolution'], '', '', 0, true, false, false);
$table->data[2][2] = "<b>".__('Status')."</b><br/>".html_print_select ($status, 'status', $result['estado'], '', '', 0, true, false, false);
}
if(is_array($result['descripcion'])) {
$result['descripcion'] = "";
}
$table->data[3][0] = "<b>".__('Description')."</b><br/>".html_print_textarea("description", 10, 6, $result['descripcion'] , '', true);
if(isset($result['id_incidencia'])) {
if(is_array($result['epilog'])) {
$result['epilog'] = implode(',', $result['epilog']);
}
$table->data[4][0] = "<b>".__('Resolution epilog')."</b><br/>".html_print_textarea("epilog", 10, 6, $result['epilog'] , '', true);
}
if(isset($result['id_incidencia'])) {
echo "<form method='post' action=''>";
html_print_table($table);
html_print_submit_button(__('Update'), 'submit_button');
html_print_input_hidden('tab', 'incident');
html_print_input_hidden('update_incident', '1');
html_print_input_hidden('id_incident', $result['id_incidencia']);
echo "</form>";
}
else {
echo "<form method='post' action=''>";
html_print_table($table);
html_print_submit_button(__('Create'), 'submit_button');
html_print_input_hidden('tab', 'incident');
html_print_input_hidden('create_incident', '1');
echo "</form>";
}
?>

144
pandora_console/operation/incidents/incident.list.php
View File

@ -1,144 +0,0 @@
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $search_status;
global $search_group;
global $search_string;
global $result;
global $result_status;
global $result_groups;
global $result_resolutions;
if (!empty($result_status)) {
foreach($result_status['status'] as $st) {
$status[$st['id']] = $st['name'];
}
}
// Add special status cases
$status[0] = __('Any');
$status[-10] = __('Not closed');
if (!empty($result_groups)) {
foreach($result_groups['group'] as $gr) {
$groups[$gr['id']] = $gr['name'];
}
}
else {
$groups = array();
}
$resolutions[0] = __('None');
if (!empty($result_resolutions)) {
foreach($result_resolutions['resolution'] as $res) {
$resolutions[$res['id']] = $res['name'];
}
}
echo '<form method="post">';
echo '<br><table width="98%" border=0>';
echo '<tr>';
echo '<td>';
echo "<b>".__('Search string')."</b>";
echo '</td>';
echo '<td>';
echo "<b>".__('Status')."</b>";
echo '</td>';
echo '<td>';
echo "<b>".__('Group')."</b>";
echo '</td>';
echo '</tr><tr>';
echo '<td>';
html_print_input_text('search_string', $search_string, '');
echo '</td>';
echo '<td>';
html_print_select ($status, 'search_status', $search_status, '', '', 0, false);
echo '</td>';
echo '<td>';
html_print_select ($groups, 'search_group', $search_group, '', '', 0, false, false, false);
echo '</td>';
echo '<td>';
html_print_submit_button (__('Search'));
echo '</td>';
echo '</tr></table>';
echo '</form>';
// Show headers
$table->width = "98%";
$table->class = "databox";
$table->cellpadding = 4;
$table->cellspacing = 4;
$table->head = array ();
$table->data = array ();
$table->size = array ();
$table->align = array ();
$table->head[0] = __('ID');
//$table->head[1] = __('SLA');
$table->head[2] = __('Incident');
$table->head[3] = __('Group');
$table->head[4] = __('Status')."<br/><i>".__('Resolution')."</i>";
$table->head[5] = __('Priority');
$table->head[6] = __('Updated')."<br/><i>".__('Started')."</i>";
$table->head[7] = __('Details');
$table->head[8] = __('Creator');
$table->head[9] = __('Owner');
$table->head[10] = __('Action');
$table->align[4] = "center";
$table->align[5] = "center";
if(isset($result['incident'][0]) && is_array($result['incident'][0])){
$incidents = $result['incident'];
}
else {
$incidents = $result;
}
$rowPair = true;
$iterator = 0;
foreach ($incidents as $row) {
if ($rowPair)
$table->rowclass[$iterator] = 'rowPair';
else
$table->rowclass[$iterator] = 'rowOdd';
$rowPair = !$rowPair;
$iterator++;
$data = array();
$data[0] = '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=incident&id_incident='.$row["id_incidencia"].'">'.$row["id_incidencia"].'</a>';
//$data[1] = "";
$data[2] = '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=incident&id_incident='.$row["id_incidencia"].'">'.substr(io_safe_output($row["titulo"]),0,45).'</a>';
$data[3] = $groups[$row["id_grupo"]];
$data[4] = $status[$row["estado"]]."<br/><i>".$resolutions[$row["resolution"]]."</i>";
$data[5] = incidents_print_priority_img ($row["prioridad"], true);
$data[6] = ui_print_timestamp ($row["actualizacion"], true)."<br/><i>" . ui_print_timestamp ($row["inicio"], true)."</i>";
$data[7] = $row["workunits_hours"]." ".__('Hours')."<br/>".$row["workunits_count"]." ".__('Workunits');
$data[8] = $row["id_creator"];
$data[9] = $row["id_usuario"];
$data[10] = "<a href='index.php?sec=incidencias&sec2=operation/integria_incidents/incident&delete_incident=".$row['id_incidencia']."'>".html_print_image("images/cross.png", true, array('title' => __('Delete incident')))."</a><a href='index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=incident&id_incident=".$row["id_incidencia"]."'>".html_print_image("images/config.png", true, array('title' => __('View incident details')))."</a>";
array_push ($table->data, $data);
}
if(isset($data)) {
html_print_table ($table);
}
else {
echo "<div class='nf'>".__('There are no defined incidents')."</div>";
}
?>

514
pandora_console/operation/incidents/incident.php
View File

@ -24,247 +24,313 @@ if (! check_acl ($config['id_user'], 0, "IR")) {
exit;
}
$tab = get_parameter('tab', 'list');
$id_incident = get_parameter('id_incident', 0);
// We choose a strange token to use texts with commas, etc.
$token = ';,;';
// Header
if($tab == 'list' || $tab == 'editor') {
$buttons = array(
'list' => array(
'active' => false,
'text' => '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=list">' .
html_print_image ("images/page_white_text.png", true, array ("title" => __('Incidents'))) .'</a>'),
'editor' => array(
'active' => false,
'text' => '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=editor">' .
html_print_image ("images/add.png", true, array ("title" => __('New Incident'))) .'</a>'));
}
else {
$buttons = array(
'list' => array(
'active' => false,
'text' => '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=list">' .
html_print_image ("images/page_white_text.png", true, array ("title" => __('Incidents'))) .'</a>'),
'incident' => array(
'active' => false,
'text' => '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=incident&id_incident='.$id_incident.'">' .
html_print_image ("images/eye.png", true, array ("title" => __('Incident details'))) .'</a>'),
'workunits' => array(
'active' => false,
'text' => '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=workunits&id_incident='.$id_incident.'">' .
html_print_image ("images/computer.png", true, array ("title" => __('Workunits'))) .'</a>'),
'files' => array(
'active' => false,
'text' => '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=files&id_incident='.$id_incident.'"">' .
html_print_image ("images/file.png", true, array ("title" => __('Files'))) .'</a>'),
'tracking' => array(
'active' => false,
'text' => '<a href="index.php?login=1&sec=incidencias&sec2=operation/integria_incidents/incident&tab=tracking&id_incident='.$id_incident.'"">' .
html_print_image ("images/comments.png", true, array ("title" => __('Tracking'))) .'</a>'));
ui_print_page_header (__('Incident management'), "images/book_edit.png", false, "", false, "");
// Take input parameters
// Offset adjustment
if (isset($_GET["offset"])) {
$offset = get_parameter ("offset");
} else {
$offset = 0;
}
// Check action. Try to get author and group
$action = get_parameter ("action");
if ($action == "mass") {
$id_inc = get_parameter ("id_inc", array ());
$delete_btn = get_parameter ("delete_btn", -1);
$own_btn = get_parameter ("own_btn", -1);
$buttons[$tab]['active'] = true;
ui_print_page_header (__('Incident management'), "images/book_edit.png", false, "", false, $buttons);
$update_incident = get_parameter('update_incident', 0);
$integria_api = $config['integria_url']."/include/api.php?return_type=xml&user=".$config['id_user']."&pass=".$config['integria_api_password'];
if($update_incident == 1) {
$values[0] = $id_incident;
$values[1] = str_replace(" ", "%20", io_safe_output(get_parameter('title')));
$values[2] = str_replace(" ", "%20", io_safe_output(get_parameter('description')));
$values[3] = str_replace(" ", "%20", io_safe_output(get_parameter('epilog')));
$values[4] = get_parameter('group');
$values[5] = get_parameter('priority');
$values[6] = get_parameter('source');
$values[7] = get_parameter('resolution');
$values[8] = get_parameter('status');
$values[9] = get_parameter('creator', get_parameter('creator_fix'));
$params = implode($token, $values);
$url = $integria_api."&op=update_incident&token=".$token."&params=".$params;
// Call the integria API
$result = incidents_call_api($url);
}
$create_incident = get_parameter('create_incident', 0);
if($create_incident == 1) {
$values[0] = str_replace(" ", "%20", io_safe_output(get_parameter('title')));
$values[1] = get_parameter('group');
$values[2] = get_parameter('priority');
$values[3] = str_replace(" ", "%20", io_safe_output(get_parameter('description')));
$values[4] = $config['integria_inventory'];
foreach ($id_inc as $incident) {
if (check_acl ($config['id_user'], incidents_get_group ($incident), "IM") || incidents_get_author ($incident) == $config["id_user"] || incidents_get_owner ($incident) == $config["id_user"]) {
continue;
}
db_pandora_audit("ACL Forbidden","Mass-update or deletion of incident");
require ("general/noaccess.php");
exit;
}
$params = implode($token, $values);
if ($delete_btn != -1) {
$result = incidents_delete_incident ($id_inc);
ui_print_result_message ($result,
__('Successfully deleted'),
__('Could not be deleted'));
}
if ($own_btn != -1) {
$result = incidents_process_chown ($id_inc, $config["id_user"]);
ui_print_result_message ($result,
__('Successfully reclaimed ownership'),
__('Could not reclame ownership'));
}
$url = $integria_api."&op=create_incident&token=".$token."&params=".$params;
// Call the integria API
$result = incidents_call_api($url);
}
elseif ($action == "update") {
$id_inc = get_parameter ("id_inc", 0);
$author = incidents_get_author ($id_inc);
$owner = incidents_get_owner ($id_inc);
$grupo = incidents_get_group ($id_inc);
if ($author != $config["id_user"] && $owner != $config["id_user"] && !check_acl ($config['id_user'], $grupo, "IM")) { // Only admins (manage incident) or owners/creators can modify incidents
db_pandora_audit("ACL Forbidden", "Update incident #".$id_inc, $author);
require ("general/noaccess.php");
exit;
}
$titulo = get_parameter ("titulo");
$descripcion = get_parameter ("descripcion");
$origen = get_parameter ("origen_form");
$prioridad = get_parameter ("prioridad_form", 0);
$estado = get_parameter ("estado_form", 0);
$grupo = get_parameter ("grupo_form", 1);
$usuario = get_parameter ("usuario_form", $config["id_user"]);
$sql = sprintf ("UPDATE tincidencia SET titulo = '%s', origen = '%s', estado = %d, id_grupo = %d, id_usuario = '%s', prioridad = %d, descripcion = '%s', id_lastupdate = '%s' WHERE id_incidencia = %d",
$titulo, $origen, $estado, $grupo, $usuario, $prioridad, $descripcion, $config["id_user"], $id_inc);
$result = db_process_sql ($sql);
$attach_file = get_parameter('attach_file', 0);
if ($result !== false) {
db_pandora_audit("Incident updated","User ".$config['id_user']." updated incident #".$id_inc);
}
ui_print_result_message ($result,
__('Successfully updated'),
__('Could not be updated'));
} elseif ($action == "insert") {
//Create incident
$grupo = get_parameter ("grupo_form", 1);
if (!check_acl ($config['id_user'], $grupo, "IW")) {
db_pandora_audit("ACL Forbidden", "User ".$config["id_user"]." tried to update incident");
require ("general/noaccess.php");
exit;
}
if($attach_file == 1) {
if($_FILES['new_file']['name'] != "" && $_FILES['new_file']['error'] == 0) {
$file_content = file_get_contents($_FILES["new_file"]["tmp_name"]);
$values[0] = $id_incident;
$values[1] = $_FILES['new_file']['name'];
$values[2] = $_FILES['new_file']['size'];
$values[3] = str_replace(" ", "%20", io_safe_output(get_parameter('description'), __('No description available')));
$values[4] = base64_encode($file_content);
$params = implode($token, $values);
// Read input variables
$titulo = get_parameter ("titulo");
$descripcion = get_parameter ("descripcion");
$origen = get_parameter ("origen_form");
$prioridad = get_parameter ("prioridad_form");
$id_creator = $config['id_user'];
$estado = get_parameter ("estado_form");
$sql = sprintf ("INSERT INTO tincidencia (inicio, actualizacion, titulo, descripcion, id_usuario, origen, estado, prioridad, id_grupo, id_creator) VALUES
(NOW(), NOW(), '%s', '%s', '%s', '%s', %d, %d, '%s', '%s')", $titulo, $descripcion, $config["id_user"], $origen, $estado, $prioridad, $grupo, $config["id_user"]);
$id_inc = db_process_sql ($sql, "insert_id");
$url = $integria_api."&op=attach_file&token=".$token;
// Call the integria API
$result = incidents_call_api($url, array('params' => $params));
if ($id_inc === false) {
echo '<h3 class="error">'.__('Error creating incident').'</h3>';
}
else {
switch ($_FILES['new_file']['error']) {
case 1:
echo '<h3 class="error">'.__('File is too big').'</h3>';
break;
case 3:
echo '<h3 class="error">'.__('File was partially uploaded. Please try again').'</h3>';
break;
case 4:
echo '<h3 class="error">'.__('No file was uploaded').'</h3>';
break;
default:
echo '<h3 class="error">'.__('Generic upload error').'(Code: '.$_FILES['new_file']['error'].')</h3>';
db_pandora_audit("Incident created", "User ".$config["id_user"]." created incident #".$id_inc);
}
}
// Search
$filter = "";
$texto = (string) get_parameter ("texto", "");
if ($texto != "")
$filter .= sprintf (" AND (titulo LIKE '%%%s%%' OR descripcion LIKE '%%%s%%')", $texto, $texto);
$usuario = (string) get_parameter ("usuario", "");
if ($usuario != "")
$filter .= sprintf (" AND id_usuario = '%s'", $usuario);
$estado = (int) get_parameter ("estado", -1);
if ($estado >= 0) //-1 = All
$filter .= sprintf (" AND estado = %d", $estado);
$grupo = (int) get_parameter ("grupo", 0);
if ($grupo > 0) {
$filter .= sprintf (" AND id_grupo = %d", $grupo);
if (check_acl ($config['id_user'], $grupo, "IM") == 0) {
db_pandora_audit("ACL Forbidden","User tried to read incidents from group without access");
include ("general/noaccess.php");
exit;
}
}
$prioridad = (int) get_parameter ("prioridad", -1);
if ($prioridad != -1) //-1 = All
$filter .= sprintf (" AND prioridad = %d", $prioridad);
$offset = (int) get_parameter ("offset", 0);
$groups = users_get_groups ($config["id_user"], "IR");
//Select incidencts where the user has access to ($groups from
//get_user_groups), array_keys for the id, implode to pass to SQL
$sql = "SELECT * FROM tincidencia WHERE
id_grupo IN (".implode (",",array_keys ($groups)).")".$filter."
ORDER BY actualizacion DESC LIMIT ".$offset.",".$config["block_size"];
$result = db_get_all_rows_sql ($sql);
if (empty ($result)) {
$result = array ();
$count = 0;
} else {
$count = count ($result);
}
echo '<form name="visualizacion" method="post" action="index.php?sec=incidencias&amp;sec2=operation/incidents/incident">';
echo '<table class="databox" cellpadding="4" cellspacing="4" width="95%"><tr>
<td valign="middle"><h3>'.__('Filter').'</h3>';
$fields = incidents_get_status ();
html_print_select ($fields, "estado", $estado, 'javascript:this.form.submit();', __('All incidents'), -1, false, false, false, 'w155');
//Legend
echo '</td><td valign="middle"><noscript>';
html_print_submit_button (__('Show'), 'submit-estado', false, array ("class" => "sub"));
echo '</noscript></td><td rowspan="7" class="f9" style="padding-left: 30px; vertical-align: top;"><h3>'.__('Status').'</h3>';
foreach (incidents_get_status () as $id => $str) {
incidents_print_status_img ($id);
echo ' - ' . $str . '<br />';
}
echo '</td><td rowspan="7" class="f9" style="padding-left: 30px; vertical-align: top;"><h3>'.__('Priority').'</h3>';
foreach (incidents_get_priorities () as $id => $str) {
incidents_print_priority_img ($id);
echo ' - ' . $str . '<br />';
}
echo '</td></tr><tr><td>';
$fields = incidents_get_priorities ();
html_print_select ($fields, "prioridad", $prioridad, 'javascript:this.form.submit();', __('All priorities'), -1,false,false,false,'w155');
echo '</td></tr><tr><td>';
html_print_select (users_get_info (), "usuario", $usuario, 'javascript:this.form.submit();', __('All users'), "", false, false, false, "w155");
echo '</td></tr><tr><td colspan=3>';
html_print_select_groups($config["id_user"], "IR", true, "grupo", $grupo, 'javascript:this.form.submit();', '', '',false,false,false,'w155');
echo "&nbsp;&nbsp;&nbsp;&nbsp;";
html_print_input_text ('texto', $texto, '', 45);
echo '&nbsp;';
html_print_input_image ("submit", "images/zoom.png", __('Search'), 'padding:0;', false, array ("alt" => __('Search')));
echo "</td></tr></table>";
echo '</form>';
if ($count < 1) {
echo '<div class="nf">'.__('No incidents match your search filter').'</div><br />';
} else {
// TOTAL incidents
$url = "index.php?sec=incidencias&amp;sec2=operation/incidents/incident";
$estado = -1;
// add form filter values for group, priority, state, and search fields: user and text
if ($grupo != -1)
$url .= "&amp;grupo=".$grupo;
if ($prioridad != -1)
$url .= "&amp;prioridad=".$prioridad;
if ($estado != -1)
$url .= "&amp;estado=".$estado;
if ($usuario != '')
$url .= "&amp;usuario=".$usuario;
if ($texto != '')
$url .= "&amp;texto=".$texto;
// Show pagination
ui_pagination ($count + $offset, $url, $offset, 15, false); //($count + $offset) it's real count of incidents because it's use LIMIT $offset in query.
echo '<br />';
// Show headers
$table->width = "100%";
$table->class = "databox";
$table->cellpadding = 4;
$table->cellspacing = 4;
$table->head = array ();
$table->data = array ();
$table->size = array ();
$table->align = array ();
$table->head[0] = __('ID');
$table->head[1] = __('Status');
$table->head[2] = __('Incident');
$table->head[3] = __('Priority');
$table->head[4] = __('Group');
$table->head[5] = __('Updated');
$table->head[6] = __('Source');
$table->head[7] = __('Owner');
$table->head[8] = __('Action');
$table->size[0] = 43;
$table->size[7] = 50;
$table->align[1] = "center";
$table->align[3] = "center";
$table->align[4] = "center";
$table->align[8] = "center";
$rowPair = true;
$iterator = 0;
foreach ($result as $row) {
if ($rowPair)
$table->rowclass[$iterator] = 'rowPair';
else
$table->rowclass[$iterator] = 'rowOdd';
$rowPair = !$rowPair;
$iterator++;
$data = array();
$data[0] = '<a href="index.php?sec=incidencias&amp;sec2=operation/incidents/incident_detail&amp;id='.$row["id_incidencia"].'">'.$row["id_incidencia"].'</a>';
$attach = incidents_get_attach ($row["id_incidencia"]);
if (!empty ($attach))
$data[0] .= '&nbsp;&nbsp;'.html_print_image ("images/attachment.png", true, array ("style" => "align:middle;"));
$data[1] = incidents_print_status_img ($row["estado"], true);
$data[2] = '<a href="index.php?sec=incidencias&amp;sec2=operation/incidents/incident_detail&amp;id='.$row["id_incidencia"].'">'.substr(io_safe_output($row["titulo"]),0,45).'</a>';
$data[3] = incidents_print_priority_img ($row["prioridad"], true);
$data[4] = ui_print_group_icon ($row["id_grupo"], true);
$data[5] = ui_print_timestamp ($row["actualizacion"], true);
$data[6] = $row["origen"];
$data[7] = ui_print_username ($row["id_usuario"], true);
if (check_acl ($config["id_user"], $row["id_grupo"], "IM") || $config["id_user"] == $row["id_usuario"] || $config["id_user"] == $row["id_creator"]) {
$data[8] = html_print_checkbox ("id_inc[]", $row["id_incidencia"], false, true);
} else {
$data[8] = '';
}
array_push ($table->data, $data);
}
}
$delete_file = get_parameter('delete_file', 0);
if($delete_file != 0) {
$url = $integria_api."&op=delete_file&params=".$delete_file;
// Call the integria API
$result = incidents_call_api($url);
}
$delete_incident = get_parameter('delete_incident', 0);
if($delete_incident != 0) {
$url = $integria_api."&op=delete_incident&params=".$delete_incident;
// Call the integria API
$result = incidents_call_api($url);
}
$create_workunit = get_parameter('create_workunit', 0);
if($create_workunit == 1) {
$values[0] = $id_incident;
$values[1] = str_replace(" ", "%20", io_safe_output(get_parameter('description')));
$values[2] = get_parameter('time_used');
$values[3] = get_parameter('have_cost');
$values[4] = get_parameter('public');
$values[5] = get_parameter('profile');
$params = implode($token, $values);
$url = $integria_api."&op=create_workunit&token=".$token."&params=".$params;
// Call the integria API
$result = incidents_call_api($url);
}
// Set the url with parameters to call the api
switch($tab) {
case 'list':
$search_string = get_parameter('search_string', "");
$params[0] = $search_string;
$search_status = get_parameter('search_status', -10);
$params[1] = $search_status;
$search_group = get_parameter('search_group', 1);
$params[2] = $search_group;
$params = implode($token,$params);
$url = $integria_api."&op=get_incidents&token=".$token."&params=".$params;
$url_resolutions = $integria_api."&op=get_incidents_resolutions";
$url_status = $integria_api."&op=get_incidents_status";
$url_groups = $integria_api."&op=get_groups&params=1";
break;
case 'incident':
$url = $integria_api."&op=get_incident_details&params=".$id_incident;
case 'editor':
$url_resolutions = $integria_api."&op=get_incidents_resolutions";
$url_status = $integria_api."&op=get_incidents_status";
$url_sources = $integria_api."&op=get_incidents_sources";
$url_groups = $integria_api."&op=get_groups&params=0";
$url_users = $integria_api."&op=get_users";
break;
case 'workunits':
$url = $integria_api."&op=get_incident_workunits&params=".$id_incident;
break;
case 'files':
$url = $integria_api."&op=get_incident_files&params=".$id_incident;
break;
case 'tracking':
$url = $integria_api."&op=get_incident_tracking&params=".$id_incident;
break;
}
if(isset($url)) {
// Call the integria API
$xml = incidents_call_api($url);
}
else {
$xml = "<xml></xml>";
}
// If is a valid XML, parse it
if(xml_parse(xml_parser_create(), $xml)) {
$result = incidents_xml_to_array($xml);
if($result == false) {
$result = array();
echo '<form method="post" action="'.$url.'&amp;action=mass" style="margin-bottom: 0px;">';
html_print_table ($table);
echo '<div style="text-align:right; float:right; padding-right: 2px;">';
echo '<b>'.__('Action').': </b>' ;
if (check_acl ($config["id_user"], 0, "IW")) {
html_print_submit_button (__('Delete incidents'), 'delete_btn', false, 'class="sub delete"');
}
switch($tab) {
case 'list':
$result_resolutions = incidents_xml_to_array(incidents_call_api($url_resolutions));
$result_status = incidents_xml_to_array(incidents_call_api($url_status));
$result_groups = incidents_xml_to_array(incidents_call_api($url_groups));
require_once('incident.list.php');
break;
case 'editor':
case 'incident':
$result_resolutions = incidents_xml_to_array(incidents_call_api($url_resolutions));
$result_status = incidents_xml_to_array(incidents_call_api($url_status));
$result_sources = incidents_xml_to_array(incidents_call_api($url_sources));
$result_groups = incidents_xml_to_array(incidents_call_api($url_groups));
$result_users = incidents_xml_to_array(incidents_call_api($url_users));
require_once('incident.incident.php');
break;
case 'workunits':
require_once('incident.workunits.php');
break;
case 'files':
require_once('incident.files.php');
break;
case 'tracking':
require_once('incident.tracking.php');
break;
if (check_acl ($config["id_user"], 0, "IM")) {
html_print_submit_button (__('Become owner'), 'own_btn', false, 'class="sub upd"');
}
echo '</div>';
echo '</form>';
unset ($table);
}
echo '<br><br>';
if (check_acl ($config["id_user"], 0, "IW")) {
echo '<div style="text-align:right; float:right; padding-right: 2px;">';
echo '<form method="post" action="index.php?sec=incidencias&amp;sec2=operation/incidents/incident_detail&amp;insert_form=1">';
html_print_submit_button (__('Create incident'), 'crt', false, 'class="sub next"');
echo '</form>';
echo '</div>';
}
echo '<div style="clear:both">&nbsp;</div>';
?>

45
pandora_console/operation/incidents/incident.tracking.php
View File

@ -1,45 +0,0 @@
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $result;
$table->width = "98%";
$table->class = "databox";
$table->head[0] = __('Description');
$table->head[1] = __('User');
$table->head[2] = __('Date');
$table->data = array();
if(isset($result['tracking'][0]) && is_array($result['tracking'][0])){
$tracking = $result['tracking'];
}
else {
$tracking = $result;
}
$row = 0;
foreach($tracking as $value) {
$table->data[$row][0] = $value['description'];
$table->data[$row][1] = $value['id_user'];
$table->data[$row][2] = $value['timestamp'];
$row++;
}
html_print_table($table);
?>

67
pandora_console/operation/incidents/incident.workunits.php
View File

@ -1,67 +0,0 @@
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $result;
global $id_incident;
$table->width = "98%";
$table->class = "databox";
$table->data = array();
$table->colspan[1][0] = 3;
$profiles = array();
$default_time = "0.25";
$table->data[0][0] = "<b>".__('Time used')."</b><br/>".html_print_input_text ('time_used', $default_time, '', 10, 255, true);
$table->data[0][1] = "<b>".__('Have cost')."</b><br/>".html_print_checkbox ('have_cost', '', false, true);
$table->data[0][2] = "<b>".__('Public')."</b><br/>".html_print_checkbox ('public', '', true, true);
$table->data[1][0] = "<b>".__('Description')."</b><br/>".html_print_textarea('description', 3, 6, '' , '', true);
$form = "<form method='post' action=''>";
$form .= html_print_table($table, true);
$form .= html_print_submit_button(__('Add'), 'submit_button', false, '', true);
$form .= html_print_input_hidden('tab', 'workunits', true);
$form .= html_print_input_hidden('create_workunit', '1', true);
$form .= html_print_input_hidden('id_incident', $id_incident, true);
$form .= html_print_input_hidden('profile', '0', true);
$form .= "</form>";
ui_toggle($form, __('Add workunit'));
if(isset($result['workunit'][0]) && is_array($result['workunit'][0])){
$workunits = $result['workunit'];
}
else {
$workunits = $result;
}
foreach($workunits as $value) {
$table->width = "98%";
$table->class = "databox";
$table->colspan[1][0] = 4;
$table->size[0] = "80%";
$table->size[1] = "20%";
$table->data = array();
$table->data[0][0] = $value['id_user']." ".__('said')." ".$value['timestamp'];
$table->data[0][1] = $value['duration']." ".__('Hours')." ".__('Public').": ".$value['public'];
$table->data[1][0] = $value['description'];
html_print_table($table);
}
?>

51
pandora_console/operation/incidents/incident_detail.php
View File

@ -18,7 +18,6 @@
global $config;
require_once ("include/functions_incidents.php");
require_once ("include/functions_events.php"); //To get events group information
require_once ($config['homedir'] . "/include/functions_users.php");
check_login ();
@ -34,7 +33,7 @@ $actualizacion = get_system_time ();
// EDITION MODE
if (isset ($_GET["id"])) {
$id_inc = (int) get_parameter_get ("id", 0);
$id_inc = (int) get_parameter ("id", 0);
// Obtain group of this incident
$row = db_get_row ("tincidencia","id_incidencia",$id_inc);
@ -54,13 +53,10 @@ if (isset ($_GET["id"])) {
// Note add - everybody that can read incidents, can add notes
if (isset ($_GET["insertar_nota"])) {
$nota = get_parameter_post ("nota");
$nota = get_parameter ("nota");
$values = array(
'id_usuario' => $config["id_user"],
'id_incident' => $id_inc,
'nota' => $nota);
$id_nota = db_process_sql_insert('tnota', $values);
$sql = sprintf ("INSERT INTO tnota (id_usuario, id_incident, nota) VALUES ('%s', %d, '%s')",$config["id_user"],$id_inc, $nota);
$id_nota = db_process_sql ($sql, "insert_id");
if ($id_nota !== false) {
incidents_process_touch ($id_inc);
@ -72,7 +68,7 @@ if (isset ($_GET["id"])) {
// Delete note
if (isset ($_POST["delete_nota"])) {
$id_nota = get_parameter_post ("delete_nota", 0);
$id_nota = get_parameter ("delete_nota", 0);
$note_user = incidents_get_notes_author ($id_nota);
if (((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($note_user == $config["id_user"])) OR ($id_owner == $config["id_user"])) {
// Only admins (manage incident) or owners can modify
@ -91,10 +87,10 @@ if (isset ($_GET["id"])) {
// Delete file
if (((check_acl ($config["id_user"], $id_grupo, "IM")==1) OR ($id_owner == $config["id_user"])) AND isset ($_POST["delete_file"])) {
$file_id = (int) get_parameter_post ("delete_file", 0);
$file_id = (int) get_parameter ("delete_file", 0);
$filename = db_get_value ("filename", "tattachment", "id_attachment", $file_id);
$result = db_process_sql_delete('tattachment', array('id_attachment' => $file_id));
$sql = sprintf ("DELETE FROM tattachment WHERE id_attachment = %d",$file_id);
$result = db_process_sql ($sql);
if (!empty ($result)) {
unlink ($config["attachment_store"]."/pand".$file_id."_".$filename);
@ -108,7 +104,7 @@ if (isset ($_GET["id"])) {
// Upload file
if ((check_acl ($config["id_user"], $id_grupo, "IW") == 1) AND isset ($_GET["upload_file"]) AND ($_FILES['userfile']['name'] != "")) {
$description = get_parameter_post ("file_description", __('No description available'));
$description = get_parameter ("file_description", __('No description available'));
// Insert into database
$filename = io_safe_input ($_FILES['userfile']['name']);
@ -126,20 +122,16 @@ if (isset ($_GET["id"])) {
}
}
$values = array(
'id_incidencia' => $id_inc,
'id_usuario' => $config["id_user"],
'filename' => $filename,
'description' => $description,
'size' => $filesize);
$id_attachment = db_process_sql_insert('tattachment', $values);
$sql = sprintf ("INSERT INTO tattachment (id_incidencia, id_usuario, filename, description, size)
VALUES (%d, '%s', '%s', '%s', %d)", $id_inc, $config["id_user"],$filename,$description,$filesize);
$id_attachment = db_process_sql ($sql,"insert_id");
// Copy file to directory and change name
if ($id_attachment !== false) {
$nombre_archivo = $config["attachment_store"]."/pand".$id_attachment."_".$filename;
$result = copy ($_FILES['userfile']['tmp_name'], $nombre_archivo);
}
else {
} else {
echo '<h3 class="error">'.__('File could not be saved due to database error').'</h3>';
$result = false;
}
@ -147,9 +139,8 @@ if (isset ($_GET["id"])) {
if ($result !== false) {
unlink ($_FILES['userfile']['tmp_name']);
incidents_process_touch ($id_inc);
}
else {
db_process_sql_delete('tattachment', array('id_attachment' => $id_attachment));
} else {
db_process_sql ("DELETE FROM tattachment WHERE id_attachment = ".$id_attachment);
}
ui_print_result_message ($result,
@ -170,7 +161,7 @@ elseif (isset ($_GET["insert_form"])) {
$id_creator = $config["id_user"];
if (isset ($_GET["from_event"])) {
$event = get_parameter_get ("from_event");
$event = get_parameter ("from_event");
$titulo = events_get_description ($event);
$id_grupo = events_get_group ($event);
$origen = "Pandora FMS event";
@ -242,8 +233,7 @@ echo '</td><td class="datos"><b>'.__('Status').'</b></td><td class="datos">';
if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) {
html_print_select (incidents_get_status (), "estado_form", $estado, '', '', '', false, false, false, 'w135');
}
else {
} else {
html_print_select (incidents_get_status (), "estado_form", $estado, '', '', '', false, false, false, 'w135', true);
}
echo '</td></tr>';
@ -262,8 +252,7 @@ foreach ($return as $row) {
// Only owner could change source or user with Incident management privileges
if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) {
html_print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135');
}
else {
} else {
html_print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135', true);
}
echo '</td><td class="datos2"><b>'.__('Group').'</b></td><td class="datos2">';
@ -341,7 +330,7 @@ if (isset ($id_inc)) {
foreach ($result as $row) {
$data = array ();
$data[0] = html_print_image("images/page_white_text.png", true, array("border" => '0'));
$data[1] = __('Author').': ' . ui_print_username ($row["id_usuario"], true).' (' . ui_print_timestamp ($row["timestamp"], true).')';
$data[1] = __('Author').': '.ui_print_username ($row["id_usuario"], true).' ('.ui_print_timestamp ($row["timestamp"], true).')';
array_push ($table->data, $data);
$data = array ();