tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2294-requisitos-api-cluster' into 'develop' 

Fixed some acl issues in cluster api methods

See merge request artica/pandorafms!1557
This commit is contained in:
slerena 2018-06-20 12:33:27 +02:00
parent d960d6f89b 1f06a15d7c
commit 5efc2d220e
1 changed files with 94 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
pandora_console/include/functions_api.php
View File

@ -10867,12 +10867,11 @@ function api_set_new_cluster($thrash1, $thrash2, $other, $thrash3) {
$description = $other['data'][2]; $description = $other['data'][2];
$idGroup = $other['data'][3]; $idGroup = $other['data'][3];
if (!users_is_admin($config['id_user'])) {
if(!check_acl($config['id_user'], $idGroup, "AW")) { if(!check_acl($config['id_user'], $idGroup, "AW")) {
returnError('forbidden', 'string'); returnError('forbidden', 'string');
return; return;
} }
}
$name_exist = db_process_sql('select count(name) as already_exist from tcluster as already_exist where name = "'.$name.'"'); $name_exist = db_process_sql('select count(name) as already_exist from tcluster as already_exist where name = "'.$name.'"');
@ -10958,17 +10957,18 @@ function api_set_new_cluster($thrash1, $thrash2, $other, $thrash3) {
function api_set_add_cluster_agent($thrash1, $thrash2, $other, $thrash3) { function api_set_add_cluster_agent($thrash1, $thrash2, $other, $thrash3) {
global $config; global $config;
if (defined ('METACONSOLE')) {
return;
}
$array_json = json_decode(base64_decode(io_safe_output($other['data'][0])), true); $array_json = json_decode(base64_decode(io_safe_output($other['data'][0])), true);
if(!empty($array_json)){ if(!empty($array_json)){
foreach ($array_json as $key => $element) { foreach ($array_json as $key => $element) {
$check_cluster_group = clusters_get_group ($element['id']); $check_cluster_group = clusters_get_group ($element['id']);
if (!users_is_admin($config['id_user'])) { if((!check_acl($config['id_user'], $check_cluster_group, "AW"))
if (!$check_cluster_group
|| (!check_acl($config['id_user'], $check_cluster_group, "AW"))
|| (!agents_check_access_agent($element['id_agent'], "AW"))) { || (!agents_check_access_agent($element['id_agent'], "AW"))) {
continue; continue;
} }
}
$tcluster_agent = db_process_sql('insert into tcluster_agent values ('.$element["id"].','.$element["id_agent"].')'); $tcluster_agent = db_process_sql('insert into tcluster_agent values ('.$element["id"].','.$element["id_agent"].')');
} }
} }
@ -10992,11 +10992,9 @@ function api_set_add_cluster_item($thrash1, $thrash2, $other, $thrash3) {
if (is_array($array_json)) { if (is_array($array_json)) {
foreach ($array_json as $key => $element) { foreach ($array_json as $key => $element) {
$cluster_group = clusters_get_group ($element['id']); $cluster_group = clusters_get_group ($element['id']);
if (!users_is_admin($config["id_user"])) { if(!check_acl($config['id_user'], $cluster_group, "AW")){
if(!$cluster_group || !check_acl($config['id_user'], $cluster_group, "AW")){
continue; continue;
} }
}
if($element["type"] == "AA"){ if($element["type"] == "AA"){
$tcluster_module = db_process_sql_insert('tcluster_item',array('name'=>io_safe_input($element["name"]),'id_cluster'=>$element["id_cluster"],'critical_limit'=>$element["critical_limit"],'warning_limit'=>$element["warning_limit"])); $tcluster_module = db_process_sql_insert('tcluster_item',array('name'=>io_safe_input($element["name"]),'id_cluster'=>$element["id_cluster"],'critical_limit'=>$element["critical_limit"],'warning_limit'=>$element["warning_limit"]));
@ -11129,7 +11127,7 @@ function api_set_delete_cluster($id, $thrash1, $thrast2, $thrash3) {
} }
$cluster_group = clusters_get_group($id); $cluster_group = clusters_get_group($id);
if(!$cluster_group || !check_acl($config['id_user'], $cluster_group, "AD")){ if(!check_acl($config['id_user'], $cluster_group, "AD")){
returnError('error_set_delete_cluster', __('The user cannot access to the cluster')); returnError('error_set_delete_cluster', __('The user cannot access to the cluster'));
return; return;
} }
@ -11214,7 +11212,7 @@ function api_set_delete_cluster_item($id, $thrash1, $thrast2, $thrast3) {
} }
$cluster_group = clusters_get_group($id); $cluster_group = clusters_get_group($id);
if(!$cluster_group || !check_acl($config['id_user'], $cluster_group, "AD")){ if(!check_acl($config['id_user'], $cluster_group, "AD")){
returnError('error_set_delete_cluster_item', __('The user cannot access to the cluster')); returnError('error_set_delete_cluster_item', __('The user cannot access to the cluster'));
return; return;
} }
@ -11231,6 +11229,7 @@ function api_set_delete_cluster_item($id, $thrash1, $thrast2, $thrast3) {
} }
function api_set_apply_module_template($id_template, $id_agent, $thrash3, $thrash4) { function api_set_apply_module_template($id_template, $id_agent, $thrash3, $thrash4) {
global $config;
if (isset ($id_template)) { if (isset ($id_template)) {
@ -11379,14 +11378,14 @@ function api_get_cluster_status($id_cluster, $trash1, $trash2, $returnType) {
} }
$cluster_group = clusters_get_group($id_cluster); $cluster_group = clusters_get_group($id_cluster);
if(!$cluster_group || !check_acl($config['id_user'], $cluster_group, "AR")){ if(!check_acl($config['id_user'], $cluster_group, "AR")){
returnError('error_get_cluster_status', __('The user cannot access to the cluster')); returnError('error_get_cluster_status', __('The user cannot access to the cluster'));
return; return;
} }
$sql = 'select estado from tagente_estado INNER JOIN tagente_modulo ON tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo ' $sql = 'select ae.estado from tagente_estado ae, tagente_modulo tam, tcluster tc'
. ' and tagente_modulo.nombre = "' . io_safe_input("Cluster status") . '" ' . ' where tam.id_agente=tc.id_agent and ae.id_agente_modulo=tam.id_agente_modulo '
. ' and tagente_modulo.id_agente = (select id_agent from tcluster where id = ".$id_cluster.")'; . ' and tc.id=' . $id_cluster . ' and tam.nombre = "' . io_safe_input("Cluster status") . '" ';
$value = db_get_value_sql($sql); $value = db_get_value_sql($sql);
@ -11407,19 +11406,15 @@ function api_get_cluster_id_by_name($cluster_name, $trash1, $trash2, $returnType
} }
$value = cluster_get_id_by_name($cluster_name); $value = cluster_get_id_by_name($cluster_name);
if(($value === false) || ($value === null)){ if(($value === false) || ($value === null)){
returnError('id_not_found', $returnType); returnError('id_not_found', $returnType);
} }
$cluster_group = clusters_get_group($value); $cluster_group = clusters_get_group($value);
if(!check_acl($config['id_user'], $cluster_group, "AR")) {
if (!users_is_admin($config['id_user'])) {
if(!$cluster_group || !check_acl($config['id_user'], $cluster_group, "AR")) {
returnError('error_get_cluster_status', __('The user cannot access to the cluster')); returnError('error_get_cluster_status', __('The user cannot access to the cluster'));
return; return;
} }
}
$data = array('type' => 'string', 'data' => $value); $data = array('type' => 'string', 'data' => $value);
@ -11427,10 +11422,18 @@ function api_get_cluster_id_by_name($cluster_name, $trash1, $trash2, $returnType
} }
function api_get_agents_id_name_by_cluster_id($cluster_id, $trash1, $trash2, $returnType) { function api_get_agents_id_name_by_cluster_id($cluster_id, $trash1, $trash2, $returnType) {
global $config;
if (defined ('METACONSOLE')) { if (defined ('METACONSOLE')) {
return; return;
} }
$cluster_group = clusters_get_group($cluster_id);
if(!check_acl($config['id_user'], $cluster_group, "AR")) {
returnError('error_get_cluster_status', __('The user cannot access to the cluster'));
return;
}
$all_agents = cluster_get_agents_id_name_by_cluster_id($cluster_id); $all_agents = cluster_get_agents_id_name_by_cluster_id($cluster_id);
if ($all_agents !== false) { if ($all_agents !== false) {
@ -11444,11 +11447,24 @@ function api_get_agents_id_name_by_cluster_id($cluster_id, $trash1, $trash2, $re
} }
function api_get_agents_id_name_by_cluster_name($cluster_name, $trash1, $trash2, $returnType) { function api_get_agents_id_name_by_cluster_name($cluster_name, $trash1, $trash2, $returnType) {
global $config;
if (defined ('METACONSOLE')) { if (defined ('METACONSOLE')) {
return; return;
} }
$all_agents = cluster_get_agents_id_name_by_cluster_name($cluster_name); $value = cluster_get_id_by_name($cluster_name);
if(($value === false) || ($value === null)){
returnError('id_not_found', $returnType);
}
$cluster_group = clusters_get_group($value);
if(!check_acl($config['id_user'], $cluster_group, "AR")) {
returnError('error_get_cluster_status', __('The user cannot access to the cluster'));
return;
}
$all_agents = cluster_get_agents_id_name_by_cluster_id($cluster_name);
if (count($all_agents) > 0 and $all_agents !== false) { if (count($all_agents) > 0 and $all_agents !== false) {
$data = array('type' => 'json', 'data' => $all_agents); $data = array('type' => 'json', 'data' => $all_agents);
@ -11461,10 +11477,18 @@ function api_get_agents_id_name_by_cluster_name($cluster_name, $trash1, $trash2,
} }
function api_get_modules_id_name_by_cluster_id ($cluster_id){ function api_get_modules_id_name_by_cluster_id ($cluster_id){
global $config;
if (defined ('METACONSOLE')) { if (defined ('METACONSOLE')) {
return; return;
} }
$cluster_group = clusters_get_group($cluster_id);
if(!check_acl($config['id_user'], $cluster_group, "AR")) {
returnError('error_get_cluster_status', __('The user cannot access to the cluster'));
return;
}
$all_modules = cluster_get_modules_id_name_by_cluster_id($cluster_id); $all_modules = cluster_get_modules_id_name_by_cluster_id($cluster_id);
if (count($all_modules) > 0 and $all_modules !== false) { if (count($all_modules) > 0 and $all_modules !== false) {
@ -11479,11 +11503,24 @@ function api_get_modules_id_name_by_cluster_id ($cluster_id){
} }
function api_get_modules_id_name_by_cluster_name ($cluster_name){ function api_get_modules_id_name_by_cluster_name ($cluster_name){
global $config;
if (defined ('METACONSOLE')) { if (defined ('METACONSOLE')) {
return; return;
} }
$all_modules = cluster_get_modules_id_name_by_cluster_name($cluster_name); $value = cluster_get_id_by_name($cluster_name);
if(($value === false) || ($value === null)){
returnError('id_not_found', $returnType);
}
$cluster_group = clusters_get_group($value);
if(!check_acl($config['id_user'], $cluster_group, "AR")) {
returnError('error_get_cluster_status', __('The user cannot access to the cluster'));
return;
}
$all_modules = cluster_get_modules_id_name_by_cluster_id($value);
if (count($all_modules) > 0 and $all_modules !== false) { if (count($all_modules) > 0 and $all_modules !== false) {
$data = array('type' => 'json', 'data' => $all_modules); $data = array('type' => 'json', 'data' => $all_modules);
@ -11496,6 +11533,31 @@ function api_get_modules_id_name_by_cluster_name ($cluster_name){
} }
function api_get_cluster_items ($cluster_id){
global $config;
if (defined ('METACONSOLE')) {
return;
}
$cluster_group = clusters_get_group($cluster_id);
if(!check_acl($config['id_user'], $cluster_group, "AR")) {
returnError('error_get_cluster_status', __('The user cannot access to the cluster'));
return;
}
$all_items = cluster_get_items($cluster_id);
if (count($all_items) > 0 and $all_items !== false) {
$data = array('type' => 'json', 'data' => $all_items);
returnData('json', $data);
}
else {
returnError('error_cluster_items', 'No items retrieved.');
}
}
///////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////
// AUX FUNCTIONS // AUX FUNCTIONS
///////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////
@ -11515,19 +11577,7 @@ function util_api_check_agent_and_print_error($id_agent, $returnType, $access =
return false; return false;
} }
function api_get_cluster_items ($cluster_id){
$all_items = cluster_get_items($cluster_id);
if (count($all_items) > 0 and $all_items !== false) {
$data = array('type' => 'json', 'data' => $all_items);
returnData('json', $data);
}
else {
returnError('error_cluster_items', 'No items retrieved.');
}
}