tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

add feature to enable obfuscation on command fields when creating or updating commands

Browse Source 
Former-commit-id: ac5a1fb86e7e690bccc9c4f672678781acd1414d
This commit is contained in:
alejandro-campos 2019-05-03 13:46:52 +02:00
parent 7f7a727c21
commit 5b3dfcbf74
6 changed files with 72 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pandora_console/extras/mr/28.sql Normal file
View File

@ -0,0 +1,5 @@
START TRANSACTION;
ALTER TABLE `talert_commands` ADD COLUMN `fields_hidden` text;
COMMIT;

1
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -1197,6 +1197,7 @@ ALTER TABLE talert_actions ADD COLUMN `field15_recovery` TEXT NOT NULL DEFAULT "
UPDATE `talert_commands` SET `fields_descriptions` = '[\"Integria IMS API path\",\"Integria IMS API pass\",\"Integria IMS user\",\"Integria IMS user pass\",\"Ticket title\",\"Ticket group ID\",\"Ticket priority\",\"Email copy\",\"Ticket owner\",\"Ticket description\"]', `fields_values` = '[\"\",\"\",\"\",\"\",\"\",\"\",\"10,Maintenance;0,Informative;1,Low;2,Medium;3,Serious;4,Very Serious\",\"\",\"\",\"\"]' WHERE `id` = 11 AND `name` = 'Integria IMS Ticket'; UPDATE `talert_commands` SET `fields_descriptions` = '[\"Integria IMS API path\",\"Integria IMS API pass\",\"Integria IMS user\",\"Integria IMS user pass\",\"Ticket title\",\"Ticket group ID\",\"Ticket priority\",\"Email copy\",\"Ticket owner\",\"Ticket description\"]', `fields_values` = '[\"\",\"\",\"\",\"\",\"\",\"\",\"10,Maintenance;0,Informative;1,Low;2,Medium;3,Serious;4,Very Serious\",\"\",\"\",\"\"]' WHERE `id` = 11 AND `name` = 'Integria IMS Ticket';
UPDATE `talert_commands` SET `description` = 'This alert send an email using internal Pandora FMS Server SMTP capabilities (defined in each server, using:
_field1_ as destination email address, and
_field2_ as subject for message. 
_field3_ as text of message. 
_field4_ as content type (text/plain or html/text).', `fields_descriptions` = '[\"Destination address\",\"Subject\",\"Text\",\"Content Type\",\"\",\"\",\"\",\"\",\"\",\"\"]', `fields_values` = '[\"\",\"\",\"_html_editor_\",\"_content_type_\",\"\",\"\",\"\",\"\",\"\",\"\"]' WHERE id=1; UPDATE `talert_commands` SET `description` = 'This alert send an email using internal Pandora FMS Server SMTP capabilities (defined in each server, using:
_field1_ as destination email address, and
_field2_ as subject for message. 
_field3_ as text of message. 
_field4_ as content type (text/plain or html/text).', `fields_descriptions` = '[\"Destination address\",\"Subject\",\"Text\",\"Content Type\",\"\",\"\",\"\",\"\",\"\",\"\"]', `fields_values` = '[\"\",\"\",\"_html_editor_\",\"_content_type_\",\"\",\"\",\"\",\"\",\"\",\"\"]' WHERE id=1;
ALTER TABLE `talert_commands` ADD COLUMN `id_group` mediumint(8) unsigned NULL default 0; ALTER TABLE `talert_commands` ADD COLUMN `id_group` mediumint(8) unsigned NULL default 0;
ALTER TABLE `talert_commands` ADD COLUMN `fields_hidden` text;
UPDATE `talert_actions` SET `field4` = 'text/html', `field4_recovery` = 'text/html' WHERE id = 1; UPDATE `talert_actions` SET `field4` = 'text/html', `field4_recovery` = 'text/html' WHERE id = 1;

17
pandora_console/godmode/alerts/alert_commands.php
View File

@ -63,6 +63,8 @@ if (is_ajax()) {
$fields_descriptions = empty($command['fields_descriptions']) ? '' : json_decode(io_safe_output($command['fields_descriptions']), true); $fields_descriptions = empty($command['fields_descriptions']) ? '' : json_decode(io_safe_output($command['fields_descriptions']), true);
// Fields values are stored in json // Fields values are stored in json
$fields_values = empty($command['fields_values']) ? '' : io_safe_output(json_decode($command['fields_values'], true)); $fields_values = empty($command['fields_values']) ? '' : io_safe_output(json_decode($command['fields_values'], true));
// Fields hidden conditions are stored in json
$fields_hidden_checked = empty($command['fields_hidden']) ? '' : io_safe_output(json_decode($command['fields_hidden'], true));
$fields_rows = []; $fields_rows = [];
for ($i = 1; $i <= $config['max_macro_fields']; $i++) { for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
@ -72,6 +74,8 @@ if (is_ajax()) {
$field_description = $fields_descriptions[($i - 1)]; $field_description = $fields_descriptions[($i - 1)];
$field_value = $fields_values[($i - 1)]; $field_value = $fields_values[($i - 1)];
$field_hidden = $fields_hidden_checked[($i - 1)];
if (!empty($field_description)) { if (!empty($field_description)) {
// If the value is 5, this because severity in snmp alerts is not permit to show // If the value is 5, this because severity in snmp alerts is not permit to show
@ -107,6 +111,8 @@ if (is_ajax()) {
} }
} }
$style = ((int) $field_hidden === 1) ? '-webkit-text-security: disc;' : '';
if (!empty($field_value)) { if (!empty($field_value)) {
$field_value = io_safe_output($field_value); $field_value = io_safe_output($field_value);
// HTML type // HTML type
@ -200,7 +206,7 @@ if (is_ajax()) {
1, 1,
1, 1,
$fv[0], $fv[0],
'style="min-height:40px" class="fields"', 'style="min-height:40px; '.$style.'" class="fields"',
true true
); );
$rfield = html_print_textarea( $rfield = html_print_textarea(
@ -208,7 +214,7 @@ if (is_ajax()) {
1, 1,
1, 1,
$fv[0], $fv[0],
'style="min-height:40px" class="fields_recovery"', 'style="min-height:40px; '.$style.'" class="fields_recovery',
true true
); );
} }
@ -219,7 +225,7 @@ if (is_ajax()) {
1, 1,
1, 1,
'', '',
'style="min-height:40px" class="fields"', 'style="min-height:40px; '.$style.'" class="fields"',
true true
); );
$rfield = html_print_textarea( $rfield = html_print_textarea(
@ -227,7 +233,7 @@ if (is_ajax()) {
1, 1,
1, 1,
'', '',
'style="min-height:40px" class="fields_recovery"', 'style="min-height:40px; '.$style.'" class="fields_recovery"',
true true
); );
} }
@ -283,16 +289,19 @@ if ($create_command) {
$fields_descriptions = []; $fields_descriptions = [];
$fields_values = []; $fields_values = [];
$fields_hidden = [];
$info_fields = ''; $info_fields = '';
$values = []; $values = [];
for ($i = 1; $i <= $config['max_macro_fields']; $i++) { for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
$fields_descriptions[] = (string) get_parameter('field'.$i.'_description'); $fields_descriptions[] = (string) get_parameter('field'.$i.'_description');
$fields_values[] = (string) get_parameter('field'.$i.'_values'); $fields_values[] = (string) get_parameter('field'.$i.'_values');
$fields_hidden[] = get_parameter('field'.$i.'_hide');
$info_fields .= ' Field'.$i.': '.$fields_values[($i - 1)]; $info_fields .= ' Field'.$i.': '.$fields_values[($i - 1)];
} }
$values['fields_values'] = io_json_mb_encode($fields_values); $values['fields_values'] = io_json_mb_encode($fields_values);
$values['fields_descriptions'] = io_json_mb_encode($fields_descriptions); $values['fields_descriptions'] = io_json_mb_encode($fields_descriptions);
$values['fields_hidden'] = io_json_mb_encode($fields_hidden);
$values['description'] = $description; $values['description'] = $description;
$values['id_group'] = $id_group; $values['id_group'] = $id_group;

47
pandora_console/godmode/alerts/configure_alert_command.php
View File

@ -64,16 +64,19 @@ if ($update_command) {
$fields_descriptions = []; $fields_descriptions = [];
$fields_values = []; $fields_values = [];
$fields_hidden = [];
$info_fields = ''; $info_fields = '';
$values = []; $values = [];
for ($i = 1; $i <= $config['max_macro_fields']; $i++) { for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
$fields_descriptions[] = (string) get_parameter('field'.$i.'_description'); $fields_descriptions[] = (string) get_parameter('field'.$i.'_description');
$fields_values[] = (string) get_parameter('field'.$i.'_values'); $fields_values[] = (string) get_parameter('field'.$i.'_values');
$fields_hidden[] = get_parameter('field'.$i.'_hide');
$info_fields .= ' Field'.$i.': '.$fields_values[($i - 1)]; $info_fields .= ' Field'.$i.': '.$fields_values[($i - 1)];
} }
$values['fields_values'] = io_json_mb_encode($fields_values); $values['fields_values'] = io_json_mb_encode($fields_values);
$values['fields_descriptions'] = io_json_mb_encode($fields_descriptions); $values['fields_descriptions'] = io_json_mb_encode($fields_descriptions);
$values['fields_hidden'] = io_json_mb_encode($fields_hidden);
$values['name'] = $name; $values['name'] = $name;
$values['command'] = $command; $values['command'] = $command;
@ -117,6 +120,7 @@ if ($id) {
$id_group = $alert['id_group']; $id_group = $alert['id_group'];
$fields_descriptions = $alert['fields_descriptions']; $fields_descriptions = $alert['fields_descriptions'];
$fields_values = $alert['fields_values']; $fields_values = $alert['fields_values'];
$fields_hidden = $alert['fields_hidden'];
} }
if (!empty($fields_descriptions)) { if (!empty($fields_descriptions)) {
@ -127,6 +131,10 @@ if (!empty($fields_values)) {
$fields_values = json_decode($fields_values, true); $fields_values = json_decode($fields_values, true);
} }
if (!empty($fields_hidden)) {
$fields_hidden = json_decode($fields_hidden, true);
}
$table = new stdClass(); $table = new stdClass();
$table->width = '100%'; $table->width = '100%';
$table->class = 'databox filters'; $table->class = 'databox filters';
@ -141,6 +149,7 @@ $table->style = [];
if (!defined('METACONSOLE')) { if (!defined('METACONSOLE')) {
$table->style[0] = 'font-weight: bold'; $table->style[0] = 'font-weight: bold';
$table->style[2] = 'font-weight: bold'; $table->style[2] = 'font-weight: bold';
$table->style[4] = 'font-weight: bold';
} }
$table->size = []; $table->size = [];
@ -189,7 +198,7 @@ for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
$field_description = ''; $field_description = '';
} }
$table->data['field'.$i][1] = html_print_input_text('field'.$i.'_description', $field_description, '', 35, 255, true); $table->data['field'.$i][1] = html_print_input_text('field'.$i.'_description', $field_description, '', 30, 255, true);
$table->data['field'.$i][2] = sprintf(__('Field %s values'), $i); $table->data['field'.$i][2] = sprintf(__('Field %s values'), $i);
@ -204,7 +213,17 @@ for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
$field_values = ''; $field_values = '';
} }
$table->data['field'.$i][3] = html_print_input_text('field'.$i.'_values', $field_values, '', 65, 255, true); if (!empty($fields_hidden)) {
$selected = (bool) $fields_hidden[($i - 1)];
} else {
$selected = false;
}
$table->data['field'.$i][3] = html_print_input_text('field'.$i.'_values', $field_values, '', 55, 255, true, false, false, '', 'field_value');
$table->data['field'.$i][4] = __('Hide');
$table->data['field'.$i][5] = html_print_checkbox_extended('field'.$i.'_hide', 1, $selected, false, 'cursor: \'pointer\'', 'class="hide_inputs"', true);
} }
echo '<form method="post" action="index.php?sec=galertas&sec2=godmode/alerts/alert_commands&pure='.$pure.'">'; echo '<form method="post" action="index.php?sec=galertas&sec2=godmode/alerts/alert_commands&pure='.$pure.'">';
@ -224,3 +243,27 @@ echo '</div>';
echo '</form>'; echo '</form>';
enterprise_hook('close_meta_frame'); enterprise_hook('close_meta_frame');
?>
<script type="text/javascript">
$(document).ready (function () {
$(".hide_inputs").each(function(index) {
var $input_in_row = $(this).closest('tr').find('.field_value');
if($(this).is(':checked')) {
$input_in_row.prop('style', '-webkit-text-security: disc;');
} else {
$input_in_row.prop('style', '');
}
});
$(".hide_inputs").click(function() {
var $input_in_row = $(this).closest('tr').find('.field_value');
if($(this).is(':checked')) {
$input_in_row.prop('style', '-webkit-text-security: disc;');
} else {
$input_in_row.prop('style', '');
}
});
});
</script>

8
pandora_console/include/javascript/pandora_alerts.js
View File

@ -19,8 +19,14 @@ function parse_alert_command(command, classs) {
var regex = new RegExp(field, "gi"); var regex = new RegExp(field, "gi");
command = command.replace(regex, $(this).val()); if ($(this).css("-webkit-text-security") == "disc") {
var hidden_character = "*";
var hidden_string = hidden_character.repeat($(this).val().length);
command = command.replace(regex, hidden_string);
} else {
command = command.replace(regex, $(this).val());
}
nfield++; nfield++;
}); });

1
pandora_console/pandoradb.sql
View File

@ -378,6 +378,7 @@ CREATE TABLE IF NOT EXISTS `talert_commands` (
`internal` tinyint(1) default 0, `internal` tinyint(1) default 0,
`fields_descriptions` TEXT, `fields_descriptions` TEXT,
`fields_values` TEXT, `fields_values` TEXT,
`fields_hidden` TEXT,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8;