diff --git a/pandora_console/extras/mr/29.sql b/pandora_console/extras/mr/29.sql
index 032dd407b1..5b88329fbf 100644
--- a/pandora_console/extras/mr/29.sql
+++ b/pandora_console/extras/mr/29.sql
@@ -1,5 +1,7 @@
START TRANSACTION;
+ALTER TABLE `tmetaconsole_agent` ADD INDEX `id_tagente_idx` (`id_tagente`);
+
DELETE FROM `ttipo_modulo` WHERE `nombre` LIKE 'log4x';
diff --git a/pandora_console/godmode/events/custom_events.php b/pandora_console/godmode/events/custom_events.php
index bfb0e8c64d..cfdf50cf17 100644
--- a/pandora_console/godmode/events/custom_events.php
+++ b/pandora_console/godmode/events/custom_events.php
@@ -113,6 +113,8 @@ $fields_available['instructions'] = __('Instructions');
$fields_available['server_name'] = __('Server Name');
$fields_available['data'] = __('Data');
$fields_available['module_status'] = __('Module Status');
+$fields_available['mini_severity'] = __('Severity mini');
+
// Remove fields already selected.
foreach ($fields_available as $key => $available) {
diff --git a/pandora_console/godmode/events/events.php b/pandora_console/godmode/events/events.php
index c937ad281c..72ae001fe1 100644
--- a/pandora_console/godmode/events/events.php
+++ b/pandora_console/godmode/events/events.php
@@ -50,17 +50,10 @@ if (check_acl($config['id_user'], 0, 'PM')) {
'text' => ''.html_print_image('images/event_responses.png', true, ['title' => __('Event responses')]).'',
];
- if (!is_metaconsole()) {
- $buttons['fields'] = [
- 'active' => false,
- 'text' => ''.html_print_image('images/custom_columns.png', true, ['title' => __('Custom fields')]).'',
- ];
- } else {
- $buttons['fields'] = [
- 'active' => false,
- 'text' => ''.html_print_image('images/custom_columns.png', true, ['title' => __('Custom fields')]).'',
- ];
- }
+ $buttons['fields'] = [
+ 'active' => false,
+ 'text' => ''.html_print_image('images/custom_columns.png', true, ['title' => __('Custom fields')]).'',
+ ];
}
switch ($section) {
diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php
index ce173898b2..a7d23ca015 100644
--- a/pandora_console/include/ajax/events.php
+++ b/pandora_console/include/ajax/events.php
@@ -75,13 +75,73 @@ $graphic_event_group = (bool) get_parameter('graphic_event_group');
$get_table_response_command = (bool) get_parameter('get_table_response_command');
$save_filter_modal = get_parameter('save_filter_modal', 0);
$load_filter_modal = get_parameter('load_filter_modal', 0);
-$save_filter = get_parameter('save_filter', 0);
$get_filter_values = get_parameter('get_filter_values', 0);
$update_event_filter = get_parameter('update_event_filter', 0);
$save_event_filter = get_parameter('save_event_filter', 0);
$in_process_event = get_parameter('in_process_event', 0);
$validate_event = get_parameter('validate_event', 0);
$delete_event = get_parameter('delete_event', 0);
+$get_event_filters = get_parameter('get_event_filters', 0);
+$get_comments = get_parameter('get_comments', 0);
+
+if ($get_comments) {
+ $event = get_parameter('event', false);
+ $filter = get_parameter('filter', false);
+
+ if ($event === false) {
+ return __('Failed to retrieve comments');
+ }
+
+ if ($filter['group_rep'] == 1) {
+ $events = events_get_all(
+ ['te.*'],
+ // Filter.
+ $filter,
+ // Offset.
+ null,
+ // Limit.
+ null,
+ // Order.
+ null,
+ // Sort_field.
+ null,
+ // History.
+ $filter['history'],
+ // Return_sql.
+ false,
+ // Having.
+ sprintf(
+ ' HAVING max_id_evento = %d',
+ $event['id_evento']
+ )
+ );
+ if ($events !== false) {
+ $event = $events[0];
+ }
+ } else {
+ $events = events_get_event(
+ $event['id_evento'],
+ false,
+ $meta,
+ $history
+ );
+
+ if ($events !== false) {
+ $event = $events[0];
+ }
+ }
+
+ echo events_page_comments($event, true);
+
+ return;
+}
+
+if ($get_event_filters) {
+ $event_filter = events_get_event_filter_select();
+
+ echo io_json_mb_encode($event_filter);
+ return;
+}
// Delete event (filtered or not).
if ($delete_event) {
@@ -267,6 +327,17 @@ if ($get_filter_values) {
$event_filter = events_get_event_filter($id_filter);
+ if ($event_filter === false) {
+ $event_filter = [
+ 'status' => EVENT_NO_VALIDATED,
+ 'event_view_hr' => $config['event_view_hr'],
+ 'group_rep' => 1,
+ 'tag_with' => [],
+ 'tag_without' => [],
+ 'history' => false,
+ ];
+ }
+
$event_filter['search'] = io_safe_output($event_filter['search']);
$event_filter['id_name'] = io_safe_output($event_filter['id_name']);
$event_filter['tag_with'] = base64_encode(
@@ -590,7 +661,7 @@ function save_new_filter() {
jQuery.post ("",
{
- "page" : "operation/events/events_list",
+ "page" : "include/ajax/events",
"save_event_filter" : 1,
"id_name" : $("#text-id_name").val(),
"id_group" : $("select#id_group").val(),
@@ -659,7 +730,7 @@ function save_update_filter() {
var name_filter_update = $("#overwrite_filter option[value='"+id_filter_update+"']").text();
jQuery.post ("",
- {"page" : "operation/events/events_list",
+ {"page" : "include/ajax/events",
"update_event_filter" : 1,
"id" : $("#overwrite_filter").val(),
"id_group" : $("select#id_group").val(),
@@ -712,7 +783,7 @@ function save_update_filter() {
$('#filter_id').append ($('').html ( ).attr ("value", 0));
// Reload filters select
jQuery.post ("",
- {"page" : "operation/events/events_list",
+ {"page" : "include/ajax/events",
"get_event_filters" : 1
},
function (data) {
@@ -1040,6 +1111,7 @@ if ($get_extended_event) {
global $config;
$event = get_parameter('event', false);
+ $filter = get_parameter('filter', false);
if ($event === false) {
return;
@@ -1079,29 +1151,37 @@ if ($get_extended_event) {
}
// Check ACLs.
+ $access = false;
if (is_user_admin($config['id_user'])) {
// Do nothing if you're admin, you get full access.
- $__ignored_line = 0;
+ $access = true;
} else if ($config['id_user'] == $event['owner_user']) {
// Do nothing if you're the owner user, you get access.
- $__ignored_line = 0;
+ $access = true;
} else if ($event['id_grupo'] == 0) {
// If the event has access to all groups, you get access.
- $__ignored_line = 0;
+ $access = true;
} else {
// Get your groups.
$groups = users_get_groups($config['id_user'], 'ER');
if (in_array($event['id_grupo'], array_keys($groups))) {
// If event group is among the groups of the user, you get access.
- $__ignored_line = 0;
- } else {
- // If all the access types fail, abort.
- echo 'Access denied';
- return false;
+ $access = true;
+ } else if ($event['id_agente']
+ && agents_check_access_agent($event['id_agente'], 'ER')
+ ) {
+ // Secondary group, indirect access.
+ $access = true;
}
}
+ if (!$access) {
+ // If all the access types fail, abort.
+ echo 'Access denied';
+ return false;
+ }
+
// Print group_rep in a hidden field to recover it from javascript.
html_print_input_hidden('group_rep', (int) $group_rep);
@@ -1227,7 +1307,7 @@ if ($get_extended_event) {
$general = events_page_general($event);
- $comments = events_page_comments($event);
+ $comments = '';
$notifications = '';
$notifications .= '';
@@ -1238,6 +1318,18 @@ if ($get_extended_event) {
$loading = ''.html_print_image('images/spinner.gif', true).'
';
+ $i = 0;
+ $tab['general'] = $i++;
+ $tab['details'] = $i++;
+ if (!empty($related)) {
+ $tab['related'] = $i++;
+ }
+
+ $tab['custom_fields'] = $i++;
+ $tab['comments'] = $i++;
+ $tab['responses'] = $i++;
+ $tab['custom_data'] = $i++;
+
$out = ''.$tabs.$notifications.$loading.$general.$details.$related.$custom_fields.$comments.$responses.$custom_data.html_print_input_hidden('id_event', $event['id_evento']).'
';
$js = '