Merge branch 'ent-13321-un-dashboard-con-enlace-publico-permite-ver-el-resto-de-los-dashboards-registrados' into 'develop'

Ent 13321 un dashboard con enlace publico permite ver el resto de los dashboards registrados See merge request artica/pandorafms!7179
2024-04-16 07:57:29 +00:00 · 2024-04-16 07:57:29 +00:00 · 610708f434
parent afd9704e6c fe73ffcb44
commit 610708f434
4 changed files with 52 additions and 25 deletions
--- a/pandora_console/include/lib/Dashboard/Manager.php
+++ b/pandora_console/include/lib/Dashboard/Manager.php
@ -994,6 +994,27 @@ class Manager implements PublicLogin
        ui_require_css_file('modal');
        ui_require_css_file('form');

+        $hash_aux = get_parameter('hash');
+        if (empty($dashboardId)) {
+            $dashboards = $this->getDashboards();
+            $dashboards = array_reduce(
+                $dashboards,
+                function ($carry, $item) {
+                    $carry[$item['id']] = $item['name'];
+                    return $carry;
+                },
+                []
+            );
+
+            foreach ($dashboards as $key => $layout) {
+                $hash_compare = self::generatePublicHash($key);
+                if (hash_equals($hash_aux, $hash_compare)) {
+                    $this->dashboardId = $key;
+                    break;
+                }
+            }
+        }
+
        if ($this->dashboardId === 0
            || $this->deleteDashboard === true
            || $this->copyDashboard === true
@ -1164,11 +1185,10 @@ class Manager implements PublicLogin
                [
                    'dashboards'     => $dashboards,
                    'ajaxController' => $this->ajaxController,
-                    'dashboardId'    => $this->dashboardId,
                    'refr'           => $this->refr,
                    'url'            => $this->url,
                    'dashboardName'  => $this->dashboardFields['name'],
-                    'hash'           => self::generatePublicHash(),
+                    'hash'           => self::generatePublicHash($this->dashboardId),
                    'publicLink'     => $this->publicLink,
                    'dashboardGroup' => $this->dashboardFields['id_group'],
                    'dashboardUser'  => $this->dashboardFields['id_user'],
@ -1210,7 +1230,7 @@ class Manager implements PublicLogin
                    'updateDashboard' => $this->updateDashboard,
                    'cellIdCreate'    => \get_parameter('cellIdCreate', 0),
                    'class'           => (($config['public_dashboard'] === true) ? quotemeta(__CLASS__) : ''),
-                    'hash'            => (($config['public_dashboard'] === true) ? self::generatePublicHash() : ''),
+                    'hash'            => (($config['public_dashboard'] === true) ? self::generatePublicHash($this->dashboardId) : ''),
                ]
            );
        } else {
--- a/pandora_console/operation/visual_console/public_view.php
+++ b/pandora_console/operation/visual_console/public_view.php
@ -64,7 +64,16 @@ $hash = (string) get_parameter('hash');

 // Check input hash.
 // DO NOT move it after of get parameter user id.
-if (User::validatePublicHash($hash) !== true) {
+$vcs = visual_map_get_user_layouts();
+foreach ($vcs as $key => $data) {
+    $hash_compare = User::generatePublicHash($key);
+    if (hash_equals($hash_compare, $hash)) {
+        $visualConsoleId = (int) $key;
+        break;
+    }
+}
+
+if (empty($visualConsoleId) === true) {
    db_pandora_audit(
        AUDIT_LOG_VISUAL_CONSOLE_MANAGEMENT,
        'Trying to access public visual console'
@ -73,7 +82,6 @@ if (User::validatePublicHash($hash) !== true) {
    exit;
 }

-$visualConsoleId = (int) get_parameter('id_layout');
 $userAccessMaintenance = null;
 if (empty($config['id_user']) === true) {
    $config['id_user'] = (string) get_parameter('id_user');
--- a/pandora_console/operation/visual_console/view.php
+++ b/pandora_console/operation/visual_console/view.php
@ -154,10 +154,10 @@ if ($aclWrite === true || $aclManage === true) {
        $baseUrl = 'index.php?operation=edit_visualmap&sec=screen&sec2=screens/screens&action=visualmap&pure='.$pure.'&action2='.$action;
    }

-    $hash = User::generatePublicHash();
+    $hash = User::generatePublicHash($visualConsoleId);

    $options['public_link']['text'] = '<a href="'.ui_get_full_url(
-        'operation/visual_console/public_console.php?hash='.$hash.'&id_layout='.$visualConsoleId.'&refr='.$refr.'&id_user='.$config['id_user'],
+        'operation/visual_console/public_console.php?hash='.$hash.'&refr='.$refr.'&id_user='.$config['id_user'],
        false,
        false,
        false
@ -774,17 +774,6 @@ ui_require_css_file('form');

            var regex_hash = /(hash=)[^&]+(&?)/gi;
            var replacement_hash = '$1' + newProps.hash + '$2';
-            // Tab links.
-            var menuLinks = document.querySelectorAll("div#menu_tab a");
-            if (menuLinks !== null) {
-                menuLinks.forEach(function (menuLink) {
-                    menuLink.href = menuLink.href.replace(regex, replacement);
-                    menuLink.href = menuLink.href.replace(
-                        regex_hash,
-                        replacement_hash
-                    );
-                });
-            }

            // Go back from fullscreen button.
            var btnNoFull = document.querySelector("a.vc-btn-no-fullscreen");
--- a/pandora_console/views/dashboard/header.php
+++ b/pandora_console/views/dashboard/header.php
@ -27,12 +27,23 @@
 */

 // Button for display full screen mode.
+use PandoraFMS\Dashboard\Manager;
 global $config;

+if (empty($dashboardId)) {
+    foreach ($dashboards as $key => $layout) {
+        $hash_compare = Manager::generatePublicHash($key);
+        if (hash_equals($hash, $hash_compare)) {
+            $dashboardId = $key;
+            break;
+        }
+    }
+}
+
 $queryFull = [
-    'dashboardId' => $dashboardId,
-    'refr'        => $refr,
-    'pure'        => 1,
+    'refr' => $refr,
+    'pure' => 1,
+    'hash' => $hash,
 ];
 $urlFull = $url.'&'.http_build_query($queryFull);
 $fullscreen['text'] = '<a id="full_screen_link" href="'.$urlFull.'">';
@ -124,10 +135,9 @@ $slides['text'] .= '</a>';

 // Public Url.
 $queryPublic = [
-    'dashboardId' => $dashboardId,
-    'hash'        => $hash,
-    'id_user'     => $config['id_user'],
-    'pure'        => 1,
+    'hash'    => $hash,
+    'id_user' => $config['id_user'],
+    'pure'    => 1,
 ];
 $publicUrl = ui_get_full_url(
    'operation/dashboard/public_dashboard.php?'.http_build_query($queryPublic)