tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2015-implementacion-de-grupos-secundarios' into 'develop' 

2015 implementacion de grupos secundarios

See merge request artica/pandorafms!1382
This commit is contained in:
vgilc 2018-04-10 09:56:40 +02:00
parent e2b52a76f7 2ffcecc5b5
commit 65c122c301
43 changed files with 1035 additions and 778 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pandora_agents/unix/AIX/pandora_agent.conf
View File

@ -102,6 +102,9 @@ transfer_mode tentacle
# Agent mode: Learn (default), No-learn, Autodisable # Agent mode: Learn (default), No-learn, Autodisable
# agent_mode autodisable # agent_mode autodisable
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
# Secondary server configuration # Secondary server configuration
# ============================== # ==============================

3
pandora_agents/unix/Darwin/pandora_agent.conf
View File

@ -143,6 +143,9 @@ transfer_mode tentacle
# Agent mode: Learn (default), No-learn, Autodisable # Agent mode: Learn (default), No-learn, Autodisable
# agent_mode autodisable # agent_mode autodisable
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
# Secondary server configuration # Secondary server configuration
# ============================== # ==============================

3
pandora_agents/unix/FreeBSD/pandora_agent.conf
View File

@ -153,6 +153,9 @@ xml_buffer 1
# Minimum available bytes in the temporal directory to enable the XML buffer # Minimum available bytes in the temporal directory to enable the XML buffer
temporal_min_size 1024 temporal_min_size 1024
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
#Secondary server configuration #Secondary server configuration
#============================== #==============================

3
pandora_agents/unix/HP-UX/pandora_agent.conf
View File

@ -104,6 +104,9 @@ transfer_mode tentacle
# Agent mode: Learn (default), No-learn, Autodisable # Agent mode: Learn (default), No-learn, Autodisable
# agent_mode autodisable # agent_mode autodisable
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
# Secondary server configuration # Secondary server configuration
# ============================== # ==============================

3
pandora_agents/unix/Linux/pandora_agent.conf
View File

@ -167,6 +167,9 @@ temporal_min_size 1024
# the eHorus agent's identifying key # the eHorus agent's identifying key
ehorus_conf /etc/ehorus/ehorus_agent.conf ehorus_conf /etc/ehorus/ehorus_agent.conf
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
# Secondary server configuration # Secondary server configuration
# ============================== # ==============================

3
pandora_agents/unix/NetBSD/pandora_agent.conf
View File

@ -116,6 +116,9 @@ transfer_mode tentacle
# Agent mode: Learn (default), No-learn, Autodisable # Agent mode: Learn (default), No-learn, Autodisable
# agent_mode autodisable # agent_mode autodisable
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
# Secondary server configuration # Secondary server configuration
# ============================== # ==============================

3
pandora_agents/unix/SunOS/pandora_agent.conf
View File

@ -107,6 +107,9 @@ transfer_mode tentacle
# Agent mode: Learn (default), No-learn, Autodisable # Agent mode: Learn (default), No-learn, Autodisable
# agent_mode autodisable # agent_mode autodisable
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
# Secondary server configuration # Secondary server configuration
# ============================== # ==============================

4
pandora_agents/unix/pandora_agent
View File

@ -3066,6 +3066,10 @@ while (1) {
$xml_header .= "' parent_agent_name='" .$Conf{'parent_agent_name'}; $xml_header .= "' parent_agent_name='" .$Conf{'parent_agent_name'};
} }
if (defined ($Conf{'secondary_groups'})) {
$xml_header .= "' secondary_groups='" .$Conf{'secondary_groups'};
}
if (defined ($Conf{'agent_mode'})) { if (defined ($Conf{'agent_mode'})) {
if ($Conf{'agent_mode'} =~ m/no.?learn/ig) { if ($Conf{'agent_mode'} =~ m/no.?learn/ig) {
$xml_header .= "' agent_mode='0"; $xml_header .= "' agent_mode='0";

3
pandora_agents/win32/bin/pandora_agent.conf
View File

@ -104,6 +104,9 @@ xml_buffer 1
#It try to find the EKID and set it like a custom field. #It try to find the EKID and set it like a custom field.
ehorus_conf "C:\Program Files\ehorus_agent\ehorus_agent.conf" ehorus_conf "C:\Program Files\ehorus_agent\ehorus_agent.conf"
# Secondary groups. You can select several groups separated by comma.
# secondary_groups Group1,Group2
# Secondary server configuration # Secondary server configuration
# ============================== # ==============================

1
pandora_agents/win32/pandora_windows_service.cc
View File

@ -635,6 +635,7 @@ Pandora_Windows_Service::getXmlHeader () {
"\" os_version=\"" + os_version + "\" os_version=\"" + os_version +
"\" group=\"" + conf->getValue ("group") + "\" group=\"" + conf->getValue ("group") +
"\" parent_agent_name=\"" + conf->getValue ("parent_agent_name") + "\" parent_agent_name=\"" + conf->getValue ("parent_agent_name") +
"\" secondary_groups=\"" + conf->getValue ("secondary_groups") +
"\" agent_mode=\"" + agent_mode + "\" agent_mode=\"" + agent_mode +
"\">\n"; "\">\n";
return xml; return xml;

37
pandora_console/extras/mr/14.sql
View File

@ -4,6 +4,43 @@ UPDATE `tagente` SET `id_os` = 100 WHERE `id_os` = 21 and (select `id_os` from `
DELETE FROM `tconfig_os` where `id_os` = 21 and `name` = 'Cluster'; DELETE FROM `tconfig_os` where `id_os` = 21 and `name` = 'Cluster';
-- ---------------------------------------------------------------------
-- Table `tagent_secondary_group`
-- ---------------------------------------------------------------------
create table IF NOT EXISTS `tagent_secondary_group`(
`id` int unsigned not null auto_increment,
`id_agent` int(10) unsigned NOT NULL,
`id_group` mediumint(4) unsigned NOT NULL,
PRIMARY KEY(`id`),
FOREIGN KEY(`id_agent`) REFERENCES tagente(`id_agente`)
ON DELETE CASCADE,
FOREIGN KEY(`id_group`) REFERENCES tgrupo(`id_grupo`)
ON DELETE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
-- Table `tmetaconsole_agent_secondary_group`
-- ---------------------------------------------------------------------
create table IF NOT EXISTS `tmetaconsole_agent_secondary_group`(
`id` int unsigned not null auto_increment,
`id_agent` int(10) unsigned NOT NULL,
`id_tagente` int(10) unsigned NOT NULL,
`id_tmetaconsole_setup` int(10) NOT NULL,
`id_group` mediumint(4) unsigned NOT NULL,
PRIMARY KEY(`id`),
FOREIGN KEY(`id_agent`) REFERENCES tmetaconsole_agent(`id_agente`)
ON DELETE CASCADE,
FOREIGN KEY(`id_group`) REFERENCES tgrupo(`id_grupo`)
ON DELETE CASCADE,
FOREIGN KEY (`id_tmetaconsole_setup`) REFERENCES tmetaconsole_setup(`id`)
ON DELETE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8;
ALTER TABLE tagente ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tmetaconsole_agent ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tusuario_perfil ADD COLUMN `is_secondary` tinyint(1) NOT NULL default '0';
SET @st_oum721 = (SELECT IF( SET @st_oum721 = (SELECT IF(
(SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = DATABASE() AND table_name = 'tuser_task_scheduled') > 0, (SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = DATABASE() AND table_name = 'tuser_task_scheduled') > 0,
"ALTER TABLE tuser_task_scheduled ADD (id_grupo int(10) unsigned NOT NULL Default 0)", "ALTER TABLE tuser_task_scheduled ADD (id_grupo int(10) unsigned NOT NULL Default 0)",

37
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -1604,3 +1604,40 @@ create table IF NOT EXISTS `tmigration_module_queue`(
ON DELETE CASCADE ON DELETE CASCADE
ON UPDATE CASCADE ON UPDATE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8; ) engine=InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
-- Table `tagent_secondary_group`
-- ---------------------------------------------------------------------
create table IF NOT EXISTS `tagent_secondary_group`(
`id` int unsigned not null auto_increment,
`id_agent` int(10) unsigned NOT NULL,
`id_group` mediumint(4) unsigned NOT NULL,
PRIMARY KEY(`id`),
FOREIGN KEY(`id_agent`) REFERENCES tagente(`id_agente`)
ON DELETE CASCADE,
FOREIGN KEY(`id_group`) REFERENCES tgrupo(`id_grupo`)
ON DELETE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
-- Table `tmetaconsole_agent_secondary_group`
-- ---------------------------------------------------------------------
create table IF NOT EXISTS `tmetaconsole_agent_secondary_group`(
`id` int unsigned not null auto_increment,
`id_agent` int(10) unsigned NOT NULL,
`id_tagente` int(10) unsigned NOT NULL,
`id_tmetaconsole_setup` int(10) NOT NULL,
`id_group` mediumint(4) unsigned NOT NULL,
PRIMARY KEY(`id`),
FOREIGN KEY(`id_agent`) REFERENCES tmetaconsole_agent(`id_agente`)
ON DELETE CASCADE,
FOREIGN KEY(`id_group`) REFERENCES tgrupo(`id_grupo`)
ON DELETE CASCADE,
FOREIGN KEY (`id_tmetaconsole_setup`) REFERENCES tmetaconsole_setup(`id`)
ON DELETE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8;
ALTER TABLE tagente ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tmetaconsole_agent ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tusuario_perfil ADD COLUMN `is_secondary` tinyint(1) NOT NULL default '0';

183
pandora_console/godmode/agentes/agent_manager.php
View File

@ -13,6 +13,16 @@
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details. // GNU General Public License for more details.
// Load global vars
enterprise_include ('godmode/agentes/agent_manager.php');
require_once ('include/functions_clippy.php');
require_once ('include/functions_servers.php');
require_once ('include/functions_gis.php');
require_once($config['homedir'] . "/include/functions_agents.php");
require_once ($config['homedir'] . '/include/functions_users.php');
if (is_ajax ()) { if (is_ajax ()) {
global $config; global $config;
@ -89,16 +99,27 @@ if (is_ajax ()) {
echo io_json_mb_encode($out); echo io_json_mb_encode($out);
} }
// And and remove groups use the same function
$add_secondary_groups = get_parameter('add_secondary_groups');
$remove_secondary_groups = get_parameter('remove_secondary_groups');
if ($add_secondary_groups || $remove_secondary_groups) {
$id_agent = get_parameter('id_agent');
$groups_to_add = get_parameter('groups');
if (enterprise_installed()) {
enterprise_include('include/functions_agents.php');
$ret = enterprise_hook(
'agents_update_secondary_groups',
array(
$id_agent,
$add_secondary_groups ? $groups_to_add : array(),
$remove_secondary_groups ? $groups_to_add : array())
);
// Echo 0 in case of error. 0 Otherwise.
echo $ret ? 1 : 0;
}
}
return; return;
} }
// Load global vars
enterprise_include ('godmode/agentes/agent_manager.php');
require_once ('include/functions_clippy.php');
require_once ('include/functions_servers.php');
require_once ('include/functions_gis.php');
require_once($config['homedir'] . "/include/functions_agents.php");
require_once ($config['homedir'] . '/include/functions_users.php');
ui_require_javascript_file('openlayers.pandora'); ui_require_javascript_file('openlayers.pandora');
@ -251,8 +272,13 @@ if(is_array($modules)){
} }
} }
$table->data[4][0] = __('Group'); $table->data[4][0] = __('Primary group');
$table->data[4][1] = html_print_select_groups(false, "AR", false, 'grupo', $grupo, '', '', 0, true); // Cannot change primary group if user have not permission for that group
if (isset($groups[$grupo]) || $new_agent) {
$table->data[4][1] = html_print_select_groups(false, "AR", false, 'grupo', $grupo, '', '', 0, true);
} else {
$table->data[4][1] = groups_get_name($grupo);
}
$table->data[4][1] .= ' <span id="group_preview">'; $table->data[4][1] .= ' <span id="group_preview">';
$table->data[4][1] .= ui_print_group_icon ($grupo, true); $table->data[4][1] .= ui_print_group_icon ($grupo, true);
$table->data[4][1] .= '</span>'; $table->data[4][1] .= '</span>';
@ -303,6 +329,54 @@ $table->style[0] = 'font-weight: bold; ';
$table->style[4] = 'font-weight: bold;'; $table->style[4] = 'font-weight: bold;';
$table->data = array (); $table->data = array ();
if (enterprise_installed()) {
$secondary_groups_selected = enterprise_hook('agents_get_secondary_groups', array($id_agente));
$table->data['secondary_groups'][0] = __('Secondary groups');
$table->data['secondary_groups'][1] = html_print_select_groups(
false, // Use the current user to select the groups
"AR", // ACL permission
false, // Not all group
'secondary_groups', // HTML id
'', // No select any by default
'', // Javascript onChange code
'', // Do not user no selected value
0, // Do not use no selected value
true, // Return HTML (not echo)
true, // Multiple selection
true, // Sorting by default
'', // CSS classnames (default)
false, // Not disabled (default)
false, // Inline styles (default)
false, // Option style select (default)
false, // Do not truncate the users tree (default)
'id_grupo', // Key to get as value (default)
false, // Not strict user (default)
$secondary_groups_selected['plain'] // Do not show the primary group in this selection
);
$table->data['secondary_groups'][2] =
html_print_input_image ('add_secondary', 'images/darrowright.png', 1, '', true, array (
'title' => __('Add secondary groups'),
'onclick' => "agent_manager_add_secondary_groups(event, " . $id_agente . ");"
)) .
'<br /><br /><br /><br />' .
html_print_input_image ('remove_secondary', 'images/darrowleft.png', 1, '', true, array (
'title' => __('Remove secondary groups'),
'onclick' => "agent_manager_remove_secondary_groups(event, " . $id_agente . ");"
));
$table->data['secondary_groups'][3] = html_print_select (
$secondary_groups_selected['for_select'], // Values
'secondary_groups_selected', // HTML id
'', // Selected
'', // Javascript onChange code
'', // Nothing selected
0, // Nothing selected
true, // Return HTML (not echo)
true // Multiple selection
);
}
// Custom ID // Custom ID
$table->data[0][0] = __('Custom ID'); $table->data[0][0] = __('Custom ID');
$table->data[0][1] = html_print_input_text ('custom_id', $custom_id, '', 16, 255, true); $table->data[0][1] = html_print_input_text ('custom_id', $custom_id, '', 16, 255, true);
@ -575,6 +649,95 @@ ui_require_jquery_file('bgiframe');
} }
} }
function agent_manager_add_secondary_groups (event, id_agent) {
event.preventDefault();
var primary_value = $("#grupo").val()
// The selected primary value cannot be selected like secondary
if ($("#secondary_groups option:selected[value=" + primary_value + "]").length > 0) {
alert("<?php echo __("Primary group cannot be secondary too.");?>")
return
}
var selected_items = new Array();
$("#secondary_groups option:selected").each(function(){
selected_items.push($(this).val())
})
var data = {
page: "godmode/agentes/agent_manager",
id_agent: id_agent,
groups: selected_items,
add_secondary_groups: 1,
}
// Make the AJAX call to update the secondary groups
$.ajax({
type: "POST",
url: "ajax.php",
dataType: "html",
data: data,
success: function (data) {
if (data == 1) {
// Move from one input to the other
$("#secondary_groups_selected option[value=0]").remove()
$("#secondary_groups option:selected").each(function() {
$(this).remove().appendTo("#secondary_groups_selected")
})
} else {
console.error("Error in AJAX call to add secondary groups")
}
},
error: function (data) {
console.error("Fatal error in AJAX call to add secondary groups")
}
});
}
function agent_manager_remove_secondary_groups (event, id_agent) {
event.preventDefault();
var selected_items = new Array();
$("#secondary_groups_selected option:selected").each(function(){
selected_items.push($(this).val())
})
var data = {
page: "godmode/agentes/agent_manager",
id_agent: id_agent,
groups: selected_items,
remove_secondary_groups: 1,
}
// Make the AJAX call to update the secondary groups
$.ajax({
type: "POST",
url: "ajax.php",
dataType: "html",
data: data,
success: function (data) {
if (data == 1) {
// Remove the groups selected if success
$("#secondary_groups_selected option:selected").each(function(){
$(this).remove().appendTo("#secondary_groups")
})
// Add none if empty select
if ($("#secondary_groups_selected option").length == 0) {
$("#secondary_groups_selected").append($('<option>',{
value: 0,
text: "<?php echo __("None");?>"
}))
}
} else {
console.error("Error in AJAX call to add secondary groups")
}
},
error: function (data) {
console.error("Fatal error in AJAX call to add secondary groups")
}
});
}
$(document).ready (function() { $(document).ready (function() {
$("select#id_os").pandoraSelectOS (); $("select#id_os").pandoraSelectOS ();

16
pandora_console/godmode/agentes/configurar_agente.php
View File

@ -32,15 +32,18 @@ $tab = get_parameter ('tab', 'main');
//See if id_agente is set (either POST or GET, otherwise -1 //See if id_agente is set (either POST or GET, otherwise -1
$id_agente = (int) get_parameter ("id_agente"); $id_agente = (int) get_parameter ("id_agente");
$group = 0; $group = 0;
if ($id_agente) $all_groups = array($group);
if ($id_agente) {
$group = agents_get_agent_group ($id_agente); $group = agents_get_agent_group ($id_agente);
$all_groups = agents_get_all_groups_agent($id_agente, $group);
}
if (!check_acl ($config["id_user"], $group, "AW", $id_agente)) { if (!check_acl_one_of_groups ($config["id_user"], $all_groups, "AW")) {
$access_granted = false; $access_granted = false;
switch ($tab) { switch ($tab) {
case 'alert': case 'alert':
case 'module': case 'module':
if (check_acl ($config["id_user"], $group, "AD", $id_agente)) { if (check_acl_one_of_groups ($config["id_user"], $all_groups, "AD")) {
$access_granted = true; $access_granted = true;
} }
break; break;
@ -447,7 +450,7 @@ if ($id_agente) {
$incidenttab['active'] = false; $incidenttab['active'] = false;
} }
if (check_acl ($config["id_user"], $group, "AW", $id_agente)) { if (check_acl_one_of_groups ($config["id_user"], $all_groups, "AW")) {
if ($has_remote_conf) { if ($has_remote_conf) {
$agent_name = agents_get_name($id_agente); $agent_name = agents_get_name($id_agente);
$agent_name = io_safe_output($agent_name); $agent_name = io_safe_output($agent_name);
@ -909,7 +912,7 @@ if ($update_agent) { // if modified some agent paramenter
if ($id_agente) { if ($id_agente) {
//This has been done in the beginning of the page, but if an agent was created, this id might change //This has been done in the beginning of the page, but if an agent was created, this id might change
$id_grupo = agents_get_agent_group ($id_agente); $id_grupo = agents_get_agent_group ($id_agente);
if (!check_acl ($config["id_user"], $id_grupo, "AW") && !check_acl ($config["id_user"], $id_grupo, "AD")) { if (!check_acl_one_of_groups ($config["id_user"], $all_groups, "AW") && !check_acl_one_of_groups ($config["id_user"], $all_groups, "AD")) {
db_pandora_audit("ACL Violation","Trying to admin an agent without access"); db_pandora_audit("ACL Violation","Trying to admin an agent without access");
require ("general/noaccess.php"); require ("general/noaccess.php");
exit; exit;
@ -1586,8 +1589,9 @@ if ($delete_module) { // DELETE agent module !
WHERE tam.id_agente_modulo = tae.id_agente_modulo WHERE tam.id_agente_modulo = tae.id_agente_modulo
AND tam.id_agente_modulo = ' . $id_borrar_modulo); AND tam.id_agente_modulo = ' . $id_borrar_modulo);
$id_grupo = (int) agents_get_agent_group($id_agente); $id_grupo = (int) agents_get_agent_group($id_agente);
$all_groups = agents_get_all_groups_agent ($id_agente, $id_grupo);
if (! check_acl ($config["id_user"], $id_grupo, "AW")) { if (! check_acl_one_of_groups ($config["id_user"], $all_groups, "AW")) {
db_pandora_audit("ACL Violation", db_pandora_audit("ACL Violation",
"Trying to delete a module without admin rights"); "Trying to delete a module without admin rights");
require ("general/noaccess.php"); require ("general/noaccess.php");

10
pandora_console/godmode/agentes/modificar_agente.php
View File

@ -79,16 +79,18 @@ $result = null;
if ($agent_to_delete) { if ($agent_to_delete) {
$id_agente = $agent_to_delete; $id_agente = $agent_to_delete;
$agent_name = agents_get_name ($id_agente); if (check_acl_one_of_groups (
$id_grupo = agents_get_agent_group($id_agente); $config["id_user"],
if (check_acl ($config["id_user"], $id_grupo, "AW")) { agents_get_all_groups_agent($id_agente),
"AW"
)) {
$id_agentes[0] = $id_agente; $id_agentes[0] = $id_agente;
$result = agents_delete_agent($id_agentes); $result = agents_delete_agent($id_agentes);
} }
else { else {
// NO permissions. // NO permissions.
db_pandora_audit("ACL Violation", db_pandora_audit("ACL Violation",
"Trying to delete agent \'$agent_name\'"); "Trying to delete agent \'" . agents_get_name ($id_agente). "\'");
require ("general/noaccess.php"); require ("general/noaccess.php");
exit; exit;
} }

21
pandora_console/godmode/agentes/module_manager.php
View File

@ -111,7 +111,13 @@ if (($policy_page) || (isset($agent))) {
$show_creation = true; $show_creation = true;
} }
else { else {
if (check_acl ($config['id_user'], $agent['id_grupo'], "AW")) if (!isset($all_groups)) {
$all_groups = agents_get_all_groups_agent (
$agent['id_agente'],
$agent['id_grupo']
);
}
if (check_acl_one_of_groups ($config['id_user'], $all_groups, "AW"))
$show_creation = true; $show_creation = true;
} }
@ -164,8 +170,9 @@ if ($multiple_delete) {
$count_correct_delete_modules = 0; $count_correct_delete_modules = 0;
foreach($id_agent_modules_delete as $id_agent_module_del) { foreach($id_agent_modules_delete as $id_agent_module_del) {
$id_grupo = (int) agents_get_agent_group($id_agente); $id_grupo = (int) agents_get_agent_group($id_agente);
$all_groups = agents_get_all_groups_agent($id_agente, $id_grupo);
if (! check_acl ($config["id_user"], $id_grupo, "AW")) { if (! check_acl_one_of_groups ($config["id_user"], $all_groups, "AW")) {
db_pandora_audit("ACL Violation", db_pandora_audit("ACL Violation",
"Trying to delete a module without admin rights"); "Trying to delete a module without admin rights");
require ("general/noaccess.php"); require ("general/noaccess.php");
@ -604,7 +611,7 @@ if ($checked) {
} }
foreach ($modules as $module) { foreach ($modules as $module) {
if (! check_acl ($config["id_user"], $group, "AW", $id_agente) && ! check_acl ($config["id_user"], $group, "AD", $id_agente)) { if (! check_acl_one_of_groups ($config["id_user"], $all_groups, "AW") && ! check_acl_one_of_groups ($config["id_user"], $all_groups, "AD")) {
continue; continue;
} }
@ -762,7 +769,7 @@ foreach ($modules as $module) {
array('alt' => __('Disable module'), 'title' => __('Disable module'))) ."</a>"; array('alt' => __('Disable module'), 'title' => __('Disable module'))) ."</a>";
} }
if (check_acl ($config['id_user'], $agent['id_grupo'], "AW") && $module['id_tipo_modulo'] != 25) { if (check_acl_one_of_groups ($config['id_user'], $all_groups, "AW") && $module['id_tipo_modulo'] != 25) {
$data[8] .= '&nbsp;<a href="index.php?sec=gagente&tab=module&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'&duplicate_module='.$module['id_agente_modulo'].'" $data[8] .= '&nbsp;<a href="index.php?sec=gagente&tab=module&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'&duplicate_module='.$module['id_agente_modulo'].'"
onClick="if (!confirm(\' ' . __('Are you sure?') . '\')) return false;">'; onClick="if (!confirm(\' ' . __('Are you sure?') . '\')) return false;">';
$data[8] .= html_print_image ('images/copy.png', true, $data[8] .= html_print_image ('images/copy.png', true,
@ -798,7 +805,7 @@ foreach ($modules as $module) {
} }
} }
if (check_acl ($config['id_user'], $agent['id_grupo'], "AW")) { if (check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) {
// Delete module // Delete module
$data[9] = html_print_checkbox('id_delete[]', $module['id_agente_modulo'], false, true); $data[9] = html_print_checkbox('id_delete[]', $module['id_agente_modulo'], false, true);
$data[9] .= '&nbsp;<a href="index.php?sec=gagente&tab=module&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'&delete_module='.$module['id_agente_modulo'].'" $data[9] .= '&nbsp;<a href="index.php?sec=gagente&tab=module&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'&delete_module='.$module['id_agente_modulo'].'"
@ -811,14 +818,14 @@ foreach ($modules as $module) {
array_push ($table->data, $data); array_push ($table->data, $data);
} }
if (check_acl ($config['id_user'], $agent['id_grupo'], "AW")) { if (check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) {
echo '<form method="post" action="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'&tab=module" echo '<form method="post" action="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'&tab=module"
onsubmit="if (! confirm (\'' . __('Are you sure?') . '\')) return false">'; onsubmit="if (! confirm (\'' . __('Are you sure?') . '\')) return false">';
} }
html_print_table ($table); html_print_table ($table);
if (check_acl ($config['id_user'], $agent['id_grupo'], "AW")) { if (check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) {
echo '<div class="action-buttons" style="width: ' . $table->width . '">'; echo '<div class="action-buttons" style="width: ' . $table->width . '">';
html_print_input_hidden ('multiple_delete', 1); html_print_input_hidden ('multiple_delete', 1);
html_print_submit_button (__('Delete'), 'multiple_delete', false, 'class="sub delete"'); html_print_submit_button (__('Delete'), 'multiple_delete', false, 'class="sub delete"');

19
pandora_console/godmode/alerts/alert_list.list.php
View File

@ -443,12 +443,11 @@ foreach ($simple_alerts as $alert) {
if (! $id_agente) { if (! $id_agente) {
$id_agent = modules_get_agentmodule_agent ($alert['id_agent_module']); $id_agent = modules_get_agentmodule_agent ($alert['id_agent_module']);
$all_groups = agents_get_all_groups_agent($id_agent);
$agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $id_agent);
$data[0] = ''; $data[0] = '';
if (check_acl ($config['id_user'], $agent_group, "AW")) { if (check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) {
$main_tab = 'main'; $main_tab = 'main';
} }
else { else {
@ -467,7 +466,7 @@ foreach ($simple_alerts as $alert) {
$data[0] .= '</a>'; $data[0] .= '</a>';
} }
else { else {
$agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $id_agente); $all_groups = agents_get_all_groups_agent($id_agente);
} }
$module_name = modules_get_agentmodule_name ($alert['id_agent_module']); $module_name = modules_get_agentmodule_name ($alert['id_agent_module']);
@ -544,7 +543,7 @@ foreach ($simple_alerts as $alert) {
$data[2] .= '</ul>'; $data[2] .= '</ul>';
// Is possible manage actions if have LW permissions in the agent group of the alert module // Is possible manage actions if have LW permissions in the agent group of the alert module
if (check_acl ($config['id_user'], $agent_group, "LW")) { if (check_acl_one_of_groups ($config['id_user'], $all_groups, "LW")) {
//~ $data[2] .= '<form method="post" action="' . $url . '" class="delete_link" style="display: inline; vertical-align: -50%;">'; //~ $data[2] .= '<form method="post" action="' . $url . '" class="delete_link" style="display: inline; vertical-align: -50%;">';
$data[2] .= '<form method="post" action="' . $url . '" class="delete_link" style="display: inline;">'; $data[2] .= '<form method="post" action="' . $url . '" class="delete_link" style="display: inline;">';
$data[2] .= html_print_input_image ('delete', $data[2] .= html_print_input_image ('delete',
@ -568,7 +567,7 @@ foreach ($simple_alerts as $alert) {
$data[2] .= '</div>'; $data[2] .= '</div>';
$data[2] .= '</table>'; $data[2] .= '</table>';
// Is possible manage actions if have LW permissions in the agent group of the alert module // Is possible manage actions if have LW permissions in the agent group of the alert module
if (check_acl ($config['id_user'], $agent_group, "LW") || check_acl ($config['id_user'], $template_group, "LM")) { if (check_acl_one_of_groups ($config['id_user'], $all_groups, "LW") || check_acl ($config['id_user'], $template_group, "LM")) {
$own_info = get_user_info($config['id_user']); $own_info = get_user_info($config['id_user']);
if (check_acl ($config['id_user'], $template_group, "LW")) if (check_acl ($config['id_user'], $template_group, "LW"))
$own_groups = users_get_groups($config['id_user'], 'LW', true); $own_groups = users_get_groups($config['id_user'], 'LW', true);
@ -666,7 +665,7 @@ foreach ($simple_alerts as $alert) {
$data[4] .= '</form>'; $data[4] .= '</form>';
// To manage alert is necessary LW permissions in the agent group // To manage alert is necessary LW permissions in the agent group
if(check_acl ($config['id_user'], $agent_group, "LW")) { if(check_acl_one_of_groups ($config['id_user'], $all_groups, "LW")) {
$data[4] .= '&nbsp;&nbsp;<form class="standby_alert_form" action="' . $url . '" method="post" style="display: inline;">'; $data[4] .= '&nbsp;&nbsp;<form class="standby_alert_form" action="' . $url . '" method="post" style="display: inline;">';
if (!$alert['standby']) { if (!$alert['standby']) {
$data[4] .= html_print_input_image ('standby_off', 'images/bell.png', 1, 'padding:0px;', true); $data[4] .= html_print_input_image ('standby_off', 'images/bell.png', 1, 'padding:0px;', true);
@ -681,7 +680,7 @@ foreach ($simple_alerts as $alert) {
} }
// To access to policy page is necessary have AW permissions in the agent // To access to policy page is necessary have AW permissions in the agent
if(check_acl ($config['id_user'], $agent_group, "AW")) { if(check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) {
if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) { if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$policyInfo = policies_is_alert_in_policy2($alert['id'], false); $policyInfo = policies_is_alert_in_policy2($alert['id'], false);
if ($policyInfo === false) if ($policyInfo === false)
@ -697,7 +696,7 @@ foreach ($simple_alerts as $alert) {
} }
// To manage alert is necessary LW permissions in the agent group // To manage alert is necessary LW permissions in the agent group
if(check_acl ($config['id_user'], $agent_group, "LW")) { if(check_acl_one_of_groups ($config['id_user'], $all_groups, "LW")) {
$data[4] .= '&nbsp;&nbsp;<form class="delete_alert_form" action="' . $url . '" method="post" style="display: inline;">'; $data[4] .= '&nbsp;&nbsp;<form class="delete_alert_form" action="' . $url . '" method="post" style="display: inline;">';
if ($alert['disabled']) { if ($alert['disabled']) {
$data[4] .= html_print_image('images/add.disabled.png', $data[4] .= html_print_image('images/add.disabled.png',
@ -714,7 +713,7 @@ foreach ($simple_alerts as $alert) {
$data[4] .= '</form>'; $data[4] .= '</form>';
} }
if(check_acl ($config['id_user'], $agent_group, "LM")) { if(check_acl_one_of_groups ($config['id_user'], $all_groups, "LM")) {
$data[4] .= '<form class="view_alert_form" method="post" style="display: inline;" action="index.php?sec=galertas&sec2=godmode/alerts/alert_view">'; $data[4] .= '<form class="view_alert_form" method="post" style="display: inline;" action="index.php?sec=galertas&sec2=godmode/alerts/alert_view">';
$data[4] .= html_print_input_image ('view_alert', 'images/eye.png', 1, '', true, array('title' => __('View alert advanced details'))); $data[4] .= html_print_input_image ('view_alert', 'images/eye.png', 1, '', true, array('title' => __('View alert advanced details')));
$data[4] .= html_print_input_hidden ('id_alert', $alert['id'], true); $data[4] .= html_print_input_hidden ('id_alert', $alert['id'], true);

4
pandora_console/godmode/alerts/alert_list.php
View File

@ -294,8 +294,8 @@ if ($id_agente) {
echo $messageAction; echo $messageAction;
require_once('godmode/alerts/alert_list.list.php'); require_once('godmode/alerts/alert_list.list.php');
$all_groups = agents_get_all_groups_agent ($id_agente, $agent['id_grupo']);
if(check_acl ($config['id_user'], $agent['id_grupo'], "LW") || check_acl ($config['id_user'], $agent['id_grupo'], "LM")) { if(check_acl_one_of_groups ($config['id_user'], $all_groups, "LW") || check_acl_one_of_groups ($config['id_user'], $all_groups, "LM")) {
require_once('godmode/alerts/alert_list.builder.php'); require_once('godmode/alerts/alert_list.builder.php');
} }

2
pandora_console/godmode/alerts/configure_alert_action.php
View File

@ -156,7 +156,6 @@ $table->data[5][1] = html_print_textarea ('command_preview', 5, 30, '',
$table->data[5][2] = html_print_textarea ('command_recovery_preview', 5, 30, '', $table->data[5][2] = html_print_textarea ('command_recovery_preview', 5, 30, '',
'disabled="disabled"', true); 'disabled="disabled"', true);
$row = 6;
for ($i = 1; $i <= $config['max_macro_fields']; $i++) { for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
$table->data['field' . $i][0] = html_print_image( $table->data['field' . $i][0] = html_print_image(
'images/spinner.gif', true); 'images/spinner.gif', true);
@ -178,6 +177,7 @@ for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
true); true);
} }
echo '<form method="post" action="' . echo '<form method="post" action="' .
'index.php?sec=' . $sec . '&' . 'index.php?sec=' . $sec . '&' .
'sec2=godmode/alerts/alert_actions&' . 'sec2=godmode/alerts/alert_actions&' .

121
pandora_console/godmode/users/configure_user.php
View File

@ -24,6 +24,7 @@ include_once($config['homedir'] . "/include/functions_profile.php");
include_once($config['homedir'] . '/include/functions_users.php'); include_once($config['homedir'] . '/include/functions_users.php');
include_once ($config['homedir'] . '/include/functions_groups.php'); include_once ($config['homedir'] . '/include/functions_groups.php');
include_once ($config['homedir'] . '/include/functions_visual_map.php'); include_once ($config['homedir'] . '/include/functions_visual_map.php');
enterprise_include_once('include/functions_profile.php');
$meta = false; $meta = false;
if(enterprise_installed() && defined("METACONSOLE")) { if(enterprise_installed() && defined("METACONSOLE")) {
@ -444,6 +445,7 @@ if ($add_profile) {
$group2 = (int) get_parameter ('assign_group'); $group2 = (int) get_parameter ('assign_group');
$profile2 = (int) get_parameter ('assign_profile'); $profile2 = (int) get_parameter ('assign_profile');
$tags = (array) get_parameter ('assign_tags'); $tags = (array) get_parameter ('assign_tags');
$is_secondary = (bool)get_parameter ('is_secondary', 0);
foreach ($tags as $k => $tag) { foreach ($tags as $k => $tag) {
if(empty($tag)) { if(empty($tag)) {
@ -451,15 +453,22 @@ if ($add_profile) {
} }
} }
$tags = implode(',', $tags); $tags = $is_secondary ? '' : implode(',', $tags);
db_pandora_audit("User management", db_pandora_audit("User management",
"Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags); "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags);
$return = profile_create_user_profile($id2, $profile2, $group2, false, $tags); if (profile_check_group_mode($id2, $group2, $is_secondary)) {
$return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $is_secondary);
ui_print_result_message ($return, ui_print_result_message ($return,
__('Profile added successfully'), __('Profile added successfully'),
__('Profile cannot be added')); __('Profile cannot be added'));
} else {
if ($is_secondary) {
ui_print_error_message ("A group assigned like primary cannot be assigned like secondary.");
} else {
ui_print_error_message ("A group assigned like secondary cannot be assigned like primary.");
}
}
} }
if ($delete_profile) { if ($delete_profile) {
@ -714,110 +723,8 @@ echo '<br />';
/* Don't show anything else if we're creating an user */ /* Don't show anything else if we're creating an user */
if (!empty ($id) && !$new_user) { if (!empty ($id) && !$new_user) {
if (!defined("METACONSOLE")) profile_print_profile_table($id, __('Profiles/Groups assigned to this user'));
echo '<h4>'. __('Profiles/Groups assigned to this user') . '</h4>'; enterprise_hook('profile_print_profile_secondary_table', array($id));
$table = new stdClass();
$table->width = '100%';
$table->class = 'databox data';
if (defined("METACONSOLE")) {
$table->head_colspan[0] = 0;
$table->width = '100%';
$table->class = 'databox_tactical data';
$table->title = __('Profiles/Groups assigned to this user');
}
$table->data = array ();
$table->head = array ();
$table->align = array ();
$table->style = array ();
if (!defined("METACONSOLE")) {
$table->style[0] = 'font-weight: bold';
$table->style[1] = 'font-weight: bold';
}
$table->head[0] = __('Profile name');
$table->head[1] = __('Group');
$table->head[2] = __('Tags');
$table->head[3] = __('Action');
$table->align[3] = 'center';
/*
if ($enterprise_include) {
add_enterprise_column_user_profile_form($table);
}
*/
$result = db_get_all_rows_field_filter ("tusuario_perfil", "id_usuario", $id);
if ($result === false) {
$result = array ();
}
foreach ($result as $profile) {
if($profile["id_grupo"] == -1) {
continue;
}
$data = array ();
$data[0] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.profile_get_name ($profile['id_perfil']).'</a>';
$data[1] = ui_print_group_icon($profile["id_grupo"], true);
if (!defined('METACONSOLE'))
$data[1] .= '<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id='.$profile['id_grupo'].'&pure='.$pure.'">';
$data[1] .= '&nbsp;' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT);
if (!defined('METACONSOLE'))
$data[1] .= '</a>';
if(empty($profile["tags"])) {
$data[2] = '';
}
else {
$tags_ids = explode(',',$profile["tags"]);
$tags = tags_get_tags($tags_ids);
$data[2] = tags_get_tags_formatted($tags);
}
$data[3] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[3] .= html_print_input_hidden ('delete_profile', 1, true);
$data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true);
$data[3] .= html_print_input_hidden ('id_user', $id, true);
$data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true);
$data[3] .= '</form>';
array_push ($table->data, $data);
}
$data = array ();
$data[0] = '<form method="post">';
if (check_acl ($config['id_user'], 0, "PM")) {
$data[0] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '',
__('None'), 0, true, false, false);
}
else {
$data[0] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1',
'db_management' => '<> 1')), 'assign_profile', 0, '', __('None'), 0,
true, false, false);
}
$data[1] = html_print_select_groups($config['id_user'], "UM",
$own_info['is_admin'], 'assign_group', -1, '', __('None'), -1, true,
false, false);
$tags = tags_get_all_tags();
$data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true);
$data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true);
$data[3] .= html_print_input_hidden ('id', $id, true);
$data[3] .= html_print_input_hidden ('add_profile', 1, true);
$data[3] .= '</form>';
array_push ($table->data, $data);
html_print_table ($table);
unset ($table);
} }

106
pandora_console/include/class/Tree.class.php
View File

@ -343,7 +343,7 @@ class Tree {
// ACL Group // ACL Group
$user_groups_str = "-1"; $user_groups_str = "-1";
$group_filter = ""; $group_filter = "";
if (!$this->strictACL) {
if (empty($this->userGroups)) { if (empty($this->userGroups)) {
return; return;
} }
@ -357,49 +357,63 @@ class Tree {
// Asking for all groups. // Asking for all groups.
else { else {
$user_groups_str = implode(",", array_keys($this->userGroups)); $user_groups_str = implode(",", array_keys($this->userGroups));
$group_filter = "AND ta.id_grupo IN ($user_groups_str)"; $group_filter = "AND (
} ta.id_grupo IN ($user_groups_str)
} OR tasg.id_group IN ($user_groups_str)
else { )";
if (!empty($this->acltags)) {
$groups = array();
foreach ($this->acltags as $group_id => $tags_str) {
if (empty($tags_str)) {
$hierarchy_groups = groups_get_id_recursive($group_id);
$groups = array_merge($groups, $hierarchy_groups);
}
}
if (!empty($groups)) {
if (array_search(0, $groups) === false) {
$user_groups_str = implode(",", $groups);
}
}
}
$group_filter = "AND ta.id_grupo IN ($user_groups_str)";
} }
if(!$search_hirearchy && (!empty($agent_search_filter) || !empty($module_search_filter))){ if(!$search_hirearchy && (!empty($agent_search_filter) || !empty($module_search_filter))){
if(is_metaconsole()){ if(is_metaconsole()){
$query_agent_search = " SELECT DISTINCT(ta.id_grupo) $id_groups_agents = db_get_all_rows_sql(
" SELECT DISTINCT(ta.id_grupo)
FROM tmetaconsole_agent ta FROM tmetaconsole_agent ta
LEFT JOIN tmetaconsole_agent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE ta.disabled = 0 WHERE ta.disabled = 0
$agent_search_filter"; $agent_search_filter"
$id_groups_agents = db_get_all_rows_sql($query_agent_search); );
$id_secondary_groups_agents = db_get_all_rows_sql(
" SELECT DISTINCT(tasg.id_group)
FROM tmetaconsole_agent ta
LEFT JOIN tmetaconsole_agent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE ta.disabled = 0
$agent_search_filter"
);
} }
else{ else{
$query_agent_search = " SELECT DISTINCT(ta.id_grupo) $id_groups_agents = db_get_all_rows_sql(
FROM tagente ta, tagente_modulo tam " SELECT DISTINCT(ta.id_grupo)
FROM tagente ta
LEFT JOIN tagent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
, tagente_modulo tam
WHERE tam.id_agente = ta.id_agente WHERE tam.id_agente = ta.id_agente
AND ta.disabled = 0 AND ta.disabled = 0
$agent_search_filter $agent_search_filter
$module_search_filter"; $module_search_filter"
$id_groups_agents = db_get_all_rows_sql($query_agent_search); );
$id_secondary_groups_agents = db_get_all_rows_sql(
" SELECT DISTINCT(tasg.id_group)
FROM tagente ta
LEFT JOIN tagent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
, tagente_modulo tam
WHERE tam.id_agente = ta.id_agente
AND ta.disabled = 0
$agent_search_filter
$module_search_filter"
);
} }
if($id_groups_agents != false){ if($id_groups_agents != false){
foreach ($id_groups_agents as $key => $value) { foreach ($id_groups_agents as $key => $value) {
$id_groups_agents_array[] = $value['id_grupo']; $id_groups_agents_array[$value['id_grupo']] = $value['id_grupo'];
}
foreach ($id_secondary_groups_agents as $key => $value) {
$id_groups_agents_array[$value['id_group']] = $value['id_group'];
} }
$user_groups_array = explode(",", $user_groups_str); $user_groups_array = explode(",", $user_groups_str);
$user_groups_array = array_intersect($user_groups_array, $id_groups_agents_array); $user_groups_array = array_intersect($user_groups_array, $id_groups_agents_array);
@ -435,13 +449,18 @@ class Tree {
else { else {
$agent_table = "SELECT COUNT(DISTINCT(ta.id_agente)) $agent_table = "SELECT COUNT(DISTINCT(ta.id_agente))
FROM tagente ta FROM tagente ta
LEFT JOIN tagent_secondary_group tasg
ON ta.id_agente=tasg.id_agent
LEFT JOIN tagente_modulo tam LEFT JOIN tagente_modulo tam
ON tam.disabled = 0 ON tam.disabled = 0
AND ta.id_agente = tam.id_agente AND ta.id_agente = tam.id_agente
$module_search_filter $module_search_filter
$module_status_join $module_status_join
WHERE ta.disabled = 0 WHERE ta.disabled = 0
AND ta.id_grupo = $item_for_count AND (
ta.id_grupo = $item_for_count
OR tasg.id_group = $item_for_count
)
$group_filter $group_filter
$agent_search_filter $agent_search_filter
$agent_status_filter"; $agent_status_filter";
@ -461,8 +480,13 @@ class Tree {
else { else {
$agent_table = "SELECT COUNT(DISTINCT(ta.id_agente)) $agent_table = "SELECT COUNT(DISTINCT(ta.id_agente))
FROM tmetaconsole_agent ta FROM tmetaconsole_agent ta
LEFT JOIN tmetaconsole_agent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE ta.disabled = 0 WHERE ta.disabled = 0
AND ta.id_grupo = $item_for_count AND (
ta.id_grupo = $item_for_count
OR tasg.id_group = $item_for_count
)
$group_filter $group_filter
$agent_search_filter $agent_search_filter
$agent_status_filter"; $agent_status_filter";
@ -471,7 +495,7 @@ class Tree {
} }
} }
else { else {
if (! is_metaconsole() || $this->strictACL) { if (! is_metaconsole()) {
$columns = 'ta.id_agente AS id, ta.nombre AS name, ta.alias, $columns = 'ta.id_agente AS id, ta.nombre AS name, ta.alias,
ta.fired_count, ta.normal_count, ta.warning_count, ta.fired_count, ta.normal_count, ta.warning_count,
ta.critical_count, ta.unknown_count, ta.notinit_count, ta.critical_count, ta.unknown_count, ta.notinit_count,
@ -484,13 +508,18 @@ class Tree {
$sql = "SELECT $columns $sql = "SELECT $columns
FROM tagente ta FROM tagente ta
LEFT JOIN tagent_secondary_group tasg
ON tasg.id_agent = ta.id_agente
LEFT JOIN tagente_modulo tam LEFT JOIN tagente_modulo tam
ON tam.disabled = 0 ON tam.disabled = 0
AND ta.id_agente = tam.id_agente AND ta.id_agente = tam.id_agente
$module_search_filter $module_search_filter
$module_status_join $module_status_join
WHERE ta.disabled = 0 WHERE ta.disabled = 0
AND ta.id_grupo = $rootID AND (
ta.id_grupo = $rootID
OR tasg.id_group = $rootID
)
$group_filter $group_filter
$agent_search_filter $agent_search_filter
$agent_status_filter $agent_status_filter
@ -501,13 +530,18 @@ class Tree {
$columns = 'ta.id_tagente AS id, ta.nombre AS name, ta.alias, $columns = 'ta.id_tagente AS id, ta.nombre AS name, ta.alias,
ta.fired_count, ta.normal_count, ta.warning_count, ta.fired_count, ta.normal_count, ta.warning_count,
ta.critical_count, ta.unknown_count, ta.notinit_count, ta.critical_count, ta.unknown_count, ta.notinit_count,
ta.total_count, ta.quiet, id_tmetaconsole_setup AS server_id'; ta.total_count, ta.quiet, ta.id_tmetaconsole_setup AS server_id';
$order_fields = 'ta.alias ASC, ta.id_tagente ASC'; $order_fields = 'ta.alias ASC, ta.id_tagente ASC';
$sql = "SELECT $columns $sql = "SELECT $columns
FROM tmetaconsole_agent ta FROM tmetaconsole_agent ta
LEFT JOIN tmetaconsole_agent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE ta.disabled = 0 WHERE ta.disabled = 0
AND ta.id_grupo = $rootID AND (
ta.id_grupo = $rootID
OR tasg.id_group = $rootID
)
$group_filter $group_filter
$agent_search_filter $agent_search_filter
$agent_status_filter $agent_status_filter
@ -542,12 +576,14 @@ class Tree {
} }
} }
$sql = "SELECT $columns $sql = "SELECT DISTINCT $columns
FROM tagente_modulo tam FROM tagente_modulo tam
$tag_join $tag_join
$module_status_join $module_status_join
INNER JOIN tagente ta INNER JOIN tagente ta
ON ta.disabled = 0 ON ta.disabled = 0
LEFT JOIN tagent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
AND tam.id_agente = ta.id_agente AND tam.id_agente = ta.id_agente
AND ta.id_grupo = $rootID AND ta.id_grupo = $rootID
$group_filter $group_filter

16
pandora_console/include/functions.php
View File

@ -1832,6 +1832,22 @@ function check_acl($id_user, $id_group, $access, $onlyOneGroup = false) {
return 0; return 0;
} }
/**
* Check the ACL of a list of groups.
*
* @param string $id_user to check the ACL
* @param Array $groups. All groups to check
* @param string $access. Profile to check
*
* @return bool True if at least one of this groups check the ACL
*/
function check_acl_one_of_groups($id_user, $groups, $access) {
foreach ($groups as $group) {
if (check_acl($id_user, $group, $access)) return true;
}
return false;
}
/** /**
* Get the name of the database column of one access flag * Get the name of the database column of one access flag
* *

110
pandora_console/include/functions_agents.php
View File

@ -180,8 +180,6 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
} }
if (($id_agent !== false) && ($idGroup !== false)) { if (($id_agent !== false) && ($idGroup !== false)) {
$groups = users_get_groups($config["id_user"]);
if ($idGroup != 0) { //All group if ($idGroup != 0) { //All group
$subQuery = 'SELECT id_agente_modulo $subQuery = 'SELECT id_agente_modulo
FROM tagente_modulo FROM tagente_modulo
@ -191,17 +189,6 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
$subQuery = 'SELECT id_agente_modulo $subQuery = 'SELECT id_agente_modulo
FROM tagente_modulo WHERE delete_pending = 0'; FROM tagente_modulo WHERE delete_pending = 0';
} }
if ($strict_user) {
$where_tags = tags_get_acl_tags($config['id_user'], $groups, 'AR', 'module_condition', 'AND', 'tagente_modulo');
// If there are any errors add imposible condition
if(in_array($where_tags, array(ERR_WRONG_PARAMETERS, ERR_ACL))) {
$subQuery .= ' AND 1 = 0';
}
else {
$subQuery .= $where_tags;
}
}
} }
else if ($id_agent === false || empty($id_agent)) { else if ($id_agent === false || empty($id_agent)) {
if ($allModules) if ($allModules)
@ -256,7 +243,6 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
$limit_sql = " LIMIT $offset, $limit "; $limit_sql = " LIMIT $offset, $limit ";
} }
$sql = sprintf("%s %s", $sql, $limit_sql); $sql = sprintf("%s %s", $sql, $limit_sql);
$alerts = db_get_all_rows_sql($sql); $alerts = db_get_all_rows_sql($sql);
break; break;
case "postgresql": case "postgresql":
@ -411,9 +397,11 @@ function agents_get_agents ($filter = false, $fields = false,
return false; return false;
} }
} }
$filter['id_group'] = $filter['id_grupo'];
if (in_array (0, $filter['id_grupo'])) { if (in_array (0, $filter['id_grupo'])) {
unset ($filter['id_grupo']); unset ($filter['id_grupo']);
unset ($filter['id_group']);
} }
if (!is_array ($fields)) { if (!is_array ($fields)) {
@ -439,7 +427,23 @@ function agents_get_agents ($filter = false, $fields = false,
unset($filter['id_agente']); unset($filter['id_agente']);
} }
$where = db_format_array_where_clause_sql ($filter, 'AND', ''); // Group filter with secondary groups
$where_secondary = '';
if (isset($filter['id_group']) && isset($filter['id_grupo'])) {
$where_secondary .= db_format_array_where_clause_sql (array(
'tagent_secondary_group.id_group' => $filter['id_group'],
'id_grupo' => $filter['id_grupo']
) , 'OR', '');
unset($filter['id_group']);
unset($filter['id_grupo']);
unset($filter_nogroup['id_grupo']);
unset($filter_nogroup['id_group']);
}
// Add the group filter to
$where = db_format_array_where_clause_sql ($filter, 'AND', "(" . $where_secondary . ") AND ");
if ($where == '' && $where_secondary != '') {
$where = $where_secondary;
}
$where_nogroup = db_format_array_where_clause_sql( $where_nogroup = db_format_array_where_clause_sql(
$filter_nogroup, 'AND', ''); $filter_nogroup, 'AND', '');
@ -471,49 +475,17 @@ function agents_get_agents ($filter = false, $fields = false,
$where = sprintf('%s AND %s AND (%s) %s AND %s %s', $where = sprintf('%s AND %s AND (%s) %s AND %s %s',
$where, $where_nogroup, $status_sql, $search, $disabled, $search_custom); $where, $where_nogroup, $status_sql, $search, $disabled, $search_custom);
} }
$sql = sprintf('SELECT %s $sql = sprintf('SELECT DISTINCT %s
FROM tagente FROM tagente LEFT JOIN tagent_secondary_group ON tagent_secondary_group.id_agent=tagente.id_agente
WHERE %s %s', implode(',',$fields), $where, $order); WHERE %s %s', implode(',',$fields), $where, $order);
switch ($config["dbtype"]) {
case "mysql":
$limit_sql = ''; $limit_sql = '';
if (isset($offset) && isset($limit)) { if (isset($offset) && isset($limit)) {
$limit_sql = " LIMIT $offset, $limit "; $limit_sql = " LIMIT $offset, $limit ";
} }
$sql = sprintf("%s %s", $sql, $limit_sql); $sql = sprintf("%s %s", $sql, $limit_sql);
if ($return) return $sql;
if ($return) else $agents = db_get_all_rows_sql($sql);
return $sql;
else
$agents = db_get_all_rows_sql($sql);
break;
case "postgresql":
$limit_sql = '';
if (isset($offset) && isset($limit)) {
$limit_sql = " OFFSET $offset LIMIT $limit ";
}
$sql = sprintf("%s %s", $sql, $limit_sql);
if ($return)
return $sql;
else
$agents = db_get_all_rows_sql($sql);
break;
case "oracle":
$set = array();
if (isset($offset) && isset($limit)) {
$set['limit'] = $limit;
$set['offset'] = $offset;
}
if ($return)
return $sql;
else
$agents = oracle_recode_query ($sql, $set, 'AND', false);
break;
}
return $agents; return $agents;
} }
@ -1098,7 +1070,6 @@ function agents_get_modules ($id_agent = null, $details = false,
$id_agent = safe_int ($id_agent, 1); $id_agent = safe_int ($id_agent, 1);
} }
$where = "( $where = "(
1 = ( 1 = (
SELECT is_admin SELECT is_admin
@ -1108,9 +1079,14 @@ function agents_get_modules ($id_agent = null, $details = false,
OR OR
tagente_modulo.id_agente IN ( tagente_modulo.id_agente IN (
SELECT id_agente SELECT id_agente
FROM tagente FROM tagente tas LEFT JOIN tagent_secondary_group tasgs
WHERE id_grupo IN ( ON tas.id_agente = tasgs.id_agent
WHERE (tas.id_grupo IN (
" . implode(',', $id_userGroups) . " " . implode(',', $id_userGroups) . "
) OR
tasgs.id_group IN (
" . implode(',', $id_userGroups) . "
)
) )
) )
OR 0 IN ( OR 0 IN (
@ -1863,8 +1839,8 @@ function agents_delete_agent ($id_agents, $disableACL = false) {
$agent_alias = io_safe_output(agents_get_alias($id_agent)); $agent_alias = io_safe_output(agents_get_alias($id_agent));
/* Check for deletion permissions */ /* Check for deletion permissions */
$id_group = agents_get_agent_group ($id_agent); $all_groups = agents_get_all_groups_agent ($id_agent);
if ((! check_acl ($config['id_user'], $id_group, "AW")) && !$disableACL) { if ((! check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) && !$disableACL) {
return false; return false;
} }
@ -2682,4 +2658,26 @@ function agents_generate_name ($alias, $address = '') {
return hash('sha256', $alias . '|' . $address . '|' . time() . '|' . sprintf('%04d', rand(0, 10000))); return hash('sha256', $alias . '|' . $address . '|' . time() . '|' . sprintf('%04d', rand(0, 10000)));
} }
/**
* Returns all the groups related to an agent. It includes all secondary groups.
*
* @param int $id_agent
* @param int $id_group. By default it will search for it in dtabase
*
* @return Array with the main and secondary groups
*/
function agents_get_all_groups_agent ($id_agent, $group = false) {
// Get the group if is not defined
if ($group === false) $group = agents_get_group_agents($id_agent);
$secondary_groups = enterprise_hook('agents_get_secondary_groups', array($id_agent));
// Return only an array with the group in open version
if ($secondary_groups == ENTERPRISE_NOT_HOOK) return array($group);
// Add a list of groups
$secondary_groups['plain'][] = $group;
return $secondary_groups['plain'];
}
?> ?>

52
pandora_console/include/functions_events.php
View File

@ -144,7 +144,7 @@ function events_get_events_grouped($sql_post, $offset = 0,
db_process_sql ('SET group_concat_max_len = 9999999'); db_process_sql ('SET group_concat_max_len = 9999999');
if ($total) { if ($total) {
$sql = "SELECT COUNT(*) FROM (SELECT * $sql = "SELECT COUNT(*) FROM (SELECT *
FROM $table te FROM $table te LEFT JOIN tagent_secondary_group tasg ON te.id_grupo = tasg.id_group
WHERE 1=1 " . $sql_post . " WHERE 1=1 " . $sql_post . "
GROUP BY estado, evento, id_agente, id_agentmodule" . $groupby_extra . ") AS t"; GROUP BY estado, evento, id_agente, id_agentmodule" . $groupby_extra . ") AS t";
} }
@ -159,7 +159,7 @@ function events_get_events_grouped($sql_post, $offset = 0,
(SELECT id_agente FROM $table WHERE id_evento = MAX(te.id_evento)) id_agente, (SELECT id_agente FROM $table WHERE id_evento = MAX(te.id_evento)) id_agente,
(SELECT criticity FROM $table WHERE id_evento = MAX(te.id_evento)) AS criticity, (SELECT criticity FROM $table WHERE id_evento = MAX(te.id_evento)) AS criticity,
(SELECT ack_utimestamp FROM $table WHERE id_evento = MAX(te.id_evento)) AS ack_utimestamp (SELECT ack_utimestamp FROM $table WHERE id_evento = MAX(te.id_evento)) AS ack_utimestamp
FROM $table te FROM $table te LEFT JOIN tagent_secondary_group tasg ON te.id_grupo = tasg.id_group
WHERE 1=1 " . $sql_post . " WHERE 1=1 " . $sql_post . "
GROUP BY estado, evento, id_agente, id_agentmodule" . $groupby_extra . " GROUP BY estado, evento, id_agente, id_agentmodule" . $groupby_extra . "
ORDER BY timestamp_rep " . $order . " LIMIT " . $offset . "," . $pagination; ORDER BY timestamp_rep " . $order . " LIMIT " . $offset . "," . $pagination;
@ -845,8 +845,8 @@ function events_print_event_table ($filter = "", $limit = 10, $width = 440, $ret
switch ($config["dbtype"]) { switch ($config["dbtype"]) {
case "mysql": case "mysql":
case "postgresql": case "postgresql":
$sql = sprintf ("SELECT * $sql = sprintf ("SELECT DISTINCT tevento.*
FROM tevento FROM tevento LEFT JOIN tagent_secondary_group tasg ON tevento.id_agente = tasg.id_agent
WHERE %s %s WHERE %s %s
ORDER BY utimestamp DESC LIMIT %d", $agent_condition, $filter, $limit); ORDER BY utimestamp DESC LIMIT %d", $agent_condition, $filter, $limit);
break; break;
@ -914,8 +914,16 @@ function events_print_event_table ($filter = "", $limit = 10, $width = 440, $ret
$table->align[5] = "left"; $table->align[5] = "left";
$table->size[5] = "15%"; $table->size[5] = "15%";
$all_groups = array();
if ($agent_id != 0) {
$all_groups = agents_get_all_groups_agent ($agent_id);
}
foreach ($result as $event) { foreach ($result as $event) {
if (! check_acl ($config["id_user"], $event["id_grupo"], "ER")) { // Copy all groups of the agent and append the event group
$check_events = $all_groups;
$check_events[] = $event["id_grupo"];
if (! check_acl_one_of_groups ($config["id_user"], $check_events, "ER")) {
continue; continue;
} }
@ -3307,41 +3315,15 @@ function events_get_events_grouped_by_agent($sql_post, $offset = 0,
$fields_extra = ''; $fields_extra = '';
} }
switch ($config["dbtype"]) {
case "mysql":
if ($total) { if ($total) {
$sql = "SELECT COUNT(*) FROM (select id_agente from $table WHERE 1=1 $sql = "SELECT COUNT(*) FROM (select id_agente from $table WHERE 1=1
$sql_post GROUP BY id_agente, event_type$groupby_extra ORDER BY id_agente ) AS t"; $sql_post GROUP BY id_agente, event_type$groupby_extra ORDER BY id_agente ) AS t";
} }
else { else {
$sql = "select id_agente, count(*) as total$fields_extra from $table $sql = "select id_agente, count(*) as total$fields_extra from $table te LEFT JOIN tagent_secondary_group tasg
ON te.id_grupo = tasg.id_group
WHERE id_agente > 0 $sql_post GROUP BY id_agente$groupby_extra ORDER BY id_agente LIMIT $offset,$pagination"; WHERE id_agente > 0 $sql_post GROUP BY id_agente$groupby_extra ORDER BY id_agente LIMIT $offset,$pagination";
} }
break;
case 'postgresql':
if ($total) {
}
else {
$sql = "select id_agente, count(*) as total$fields_extra from $table
WHERE id_agente > 0 $sql_post GROUP BY id_agente$groupby_extra ORDER BY id_agente LIMIT $offset,$pagination";
}
break;
case 'oracle':
if ($total) {
}
else {
$set = array();
$set['limit'] = $pagination;
$set['offset'] = $offset;
$sql = "select id_agente, count(*) as total$fields_extra from $table
WHERE id_agente > 0 $sql_post GROUP BY id_agente, event_type$groupby_extra ORDER BY id_agente ";
$sql = oracle_recode_query ($sql, $set);
}
break;
}
$result = array(); $result = array();
//Extract the events by filter (or not) from db //Extract the events by filter (or not) from db
@ -3364,7 +3346,9 @@ function events_get_events_grouped_by_agent($sql_post, $offset = 0,
'event_type' => $resultado['event_type']); 'event_type' => $resultado['event_type']);
} }
else { else {
$sql = "select event_type from $table $sql = "SELECT event_type FROM $table te
LEFT JOIN tagent_secondary_group tasg
ON te.id_agente = tasg.id_agent
WHERE id_agente = ".$event['id_agente']." $sql_post ORDER BY utimestamp DESC "; WHERE id_agente = ".$event['id_agente']." $sql_post ORDER BY utimestamp DESC ";
$resultado = db_get_row_sql($sql); $resultado = db_get_row_sql($sql);

39
pandora_console/include/functions_graph.php
View File

@ -2624,25 +2624,25 @@ function truncate_negatives(&$element) {
function graph_agent_status ($id_agent = false, $width = 300, $height = 200, $return = false, $show_not_init = false, $data_agents=false) { function graph_agent_status ($id_agent = false, $width = 300, $height = 200, $return = false, $show_not_init = false, $data_agents=false) {
global $config; global $config;
$filter = array('disabled' => 0, 'id_grupo' => array_keys(users_get_groups(false, 'AR', false)));
if (!empty($id_agent)) {
$filter['id_agente'] = $id_agent;
}
$fields = array('SUM(critical_count) AS Critical',
'SUM(warning_count) AS Warning',
'SUM(normal_count) AS Normal',
'SUM(unknown_count) AS Unknown');
if ($show_not_init) {
$fields[] = 'SUM(notinit_count) "Not init"';
}
if ($data_agents == false) { if ($data_agents == false) {
$data = db_get_row_filter('tagente', $filter, $fields); $groups = implode(',', array_keys(users_get_groups(false, 'AR', false)));
$data = db_get_row_sql(sprintf('SELECT
SUM(critical_count) AS Critical,
SUM(warning_count) AS Warning,
SUM(normal_count) AS Normal,
SUM(unknown_count) AS Unknown
%s
FROM tagente ta LEFT JOIN tagent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE
ta.disabled = 0 AND
%s
(ta.id_grupo IN (%s) OR tasg.id_group IN (%s))',
$show_not_init ? ', SUM(notinit_count) "Not init"' : '',
empty($id_agent) ? '' : "ta.id_agente = $id_agent AND",
$groups,
$groups
));
} else { } else {
$data = $data_agents; $data = $data_agents;
} }
@ -3586,7 +3586,8 @@ function grafico_eventos_grupo ($width = 300, $height = 200, $url = "", $meta =
//is required if both DISTINCT() and COUNT() are in the statement //is required if both DISTINCT() and COUNT() are in the statement
$sql = sprintf ('SELECT DISTINCT(id_agente) AS id_agente, $sql = sprintf ('SELECT DISTINCT(id_agente) AS id_agente,
COUNT(id_agente) AS count'.$field_extra.' COUNT(id_agente) AS count'.$field_extra.'
FROM '.$event_table.' FROM '.$event_table.' te LEFT JOIN tagent_secondary_group tasg
ON te.id_grupo = tasg.id_group
WHERE 1=1 %s %s WHERE 1=1 %s %s
GROUP BY id_agente'.$groupby_extra.' GROUP BY id_agente'.$groupby_extra.'
ORDER BY count DESC LIMIT 8', $url, $tags_condition); ORDER BY count DESC LIMIT 8', $url, $tags_condition);

265
pandora_console/include/functions_groupview.php
View File

@ -41,7 +41,7 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
$user_groups_ids = implode(',', array_keys($acltags)); $user_groups_ids = implode(',', array_keys($acltags));
if (!empty($user_groups_ids)) { if (!empty($user_groups_ids)) {
if (is_metaconsole() && (!$user_strict)) { if (is_metaconsole()) {
switch ($config["dbtype"]) { switch ($config["dbtype"]) {
case "mysql": case "mysql":
$list_groups = db_get_all_rows_sql(" $list_groups = db_get_all_rows_sql("
@ -123,7 +123,7 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
* Agent cache for metaconsole. * Agent cache for metaconsole.
* Retrieve the statistic data from the cache table. * Retrieve the statistic data from the cache table.
*/ */
if (!$user_strict && is_metaconsole()) { if (is_metaconsole()) {
foreach ($list_groups as $group) { foreach ($list_groups as $group) {
$group_agents = db_get_row_sql("SELECT SUM(warning_count) AS _monitors_warning_, $group_agents = db_get_row_sql("SELECT SUM(warning_count) AS _monitors_warning_,
SUM(critical_count) AS _monitors_critical_, SUM(critical_count) AS _monitors_critical_,
@ -133,7 +133,13 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
SUM(fired_count) AS _monitors_alerts_fired_, SUM(fired_count) AS _monitors_alerts_fired_,
COUNT(*) AS _total_agents_, id_grupo, intervalo, COUNT(*) AS _total_agents_, id_grupo, intervalo,
ultimo_contacto, disabled ultimo_contacto, disabled
FROM tmetaconsole_agent WHERE id_grupo = " . $group['id_grupo'] . " AND disabled = 0 GROUP BY id_grupo"); FROM tmetaconsole_agent ta
LEFT JOIN tmetaconsole_agent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE (
ta.id_grupo = " . $group['id_grupo'] . "
OR tasg.id_group = " . $group['id_grupo'] . "
) AND disabled = 0 GROUP BY id_grupo");
$list[$group['id_grupo']]['_monitors_critical_'] = (int)$group_agents['_monitors_critical_']; $list[$group['id_grupo']]['_monitors_critical_'] = (int)$group_agents['_monitors_critical_'];
$list[$group['id_grupo']]['_monitors_warning_'] = (int)$group_agents['_monitors_warning_']; $list[$group['id_grupo']]['_monitors_warning_'] = (int)$group_agents['_monitors_warning_'];
$list[$group['id_grupo']]['_monitors_unknown_'] = (int)$group_agents['_monitors_unknown_']; $list[$group['id_grupo']]['_monitors_unknown_'] = (int)$group_agents['_monitors_unknown_'];
@ -181,7 +187,7 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
} }
} }
} }
else if (($config["realtimestats"] == 0) && !$user_strict) { else if (false) { //FIXME: The cached group view is wasted. Avoid to reach this code.
$group_stat = db_get_all_rows_sql ("SELECT $group_stat = db_get_all_rows_sql ("SELECT
SUM(ta.normal_count) as normal, SUM(ta.critical_count) as critical, SUM(ta.normal_count) as normal, SUM(ta.critical_count) as critical,
@ -253,24 +259,24 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo'], 'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_NOT_INIT), 'status' => AGENT_STATUS_NOT_INIT),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0; $list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0;
$agent_unknown = agents_get_agents(array ( $agent_unknown = agents_get_agents(array (
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo'], 'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_UNKNOWN), 'status' => AGENT_STATUS_UNKNOWN),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0; $list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0;
$agent_critical = agents_get_agents(array ( $agent_critical = agents_get_agents(array (
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo'], 'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_CRITICAL), 'status' => AGENT_STATUS_CRITICAL),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_agents_critical_'] = isset ($agent_critical[0]['total']) ? $agent_critical[0]['total'] : 0; $list[$group['id_grupo']]['_agents_critical_'] = isset ($agent_critical[0]['total']) ? $agent_critical[0]['total'] : 0;
$agent_total = agents_get_agents(array ( $agent_total = agents_get_agents(array (
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo']), 'id_grupo' => $group['id_grupo']),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0; $list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0;
$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"]; $list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
$list[$group['id_grupo']]['_monitors_alerts_fired_'] = groupview_monitor_fired_alerts ($group['id_grupo'], $user_strict,array($group['id_grupo'])); $list[$group['id_grupo']]['_monitors_alerts_fired_'] = groupview_monitor_fired_alerts ($group['id_grupo'], $user_strict,array($group['id_grupo']));
@ -328,41 +334,6 @@ function groupview_get_all_data ($id_user = false, $user_strict = false, $acltag
GROUP BY estado"); GROUP BY estado");
$list[$group['id_grupo']]['_monitors_not_init_'] = isset ($result_not_init['contado']) ? $result_not_init['contado'] : 0; $list[$group['id_grupo']]['_monitors_not_init_'] = isset ($result_not_init['contado']) ? $result_not_init['contado'] : 0;
} }
if ($user_strict) {
$i = 1;
foreach ($user_tags as $group_id => $tag_name) {
$id = db_get_value('id_tag', 'ttag', 'name', $tag_name);
$list[$i]['_id_'] = $id;
$list[$i]['_name_'] = $tag_name;
$list[$i]['_iconImg_'] = html_print_image ("images/tag_red.png", true, array ("style" => 'vertical-align: middle;'));
$list[$i]['_is_tag_'] = 1;
$list[$i]['_total_agents_'] = (int) tags_get_total_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_unknown_'] = (int) tags_get_unknown_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_critical_'] = (int) tags_get_critical_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_not_init_'] = (int) tags_get_not_init_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_monitors_ok_'] = (int) tags_get_normal_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_critical_'] = (int) tags_get_critical_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_warning_'] = (int) tags_get_warning_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_not_init_'] = (int) tags_get_not_init_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_unknown_'] = (int) tags_get_unknown_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_alerts_fired_'] = tags_monitors_fired_alerts($id, $acltags);
if (! defined ('METACONSOLE')) {
if (($list[$i]['_agents_unknown_'] == 0) && ($list[$i]['_monitors_alerts_fired_'] == 0) && ($list[$i]['_total_agents_'] == 0) && ($list[$i]['_monitors_ok_'] == 0) && ($list[$i]['_monitors_critical_'] == 0) && ($list[$i]['_monitors_warning_'] == 0) && ($list[$i]['_monitors_unknown_'] == 0) && ($list[$i]['_monitors_not_init_'] == 0) && ($list[$i]['_agents_not_init_'] == 0)) {
unset($list[$i]);
}
}
else {
if (($list[$i]['_agents_unknown_'] == 0) && ($list[$i]['_monitors_alerts_fired_'] == 0) && ($list[$i]['_total_agents_'] == 0) && ($list[$i]['_monitors_ok_'] == 0) && ($list[$i]['_monitors_critical_'] == 0) && ($list[$i]['_monitors_warning_'] == 0)) {
unset($list[$i]);
}
}
$i++;
}
}
} }
return $list; return $list;
} }
@ -377,63 +348,9 @@ function groupview_status_modules_agents($id_user = false, $user_strict = false,
//$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict); //$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict);
$acltags = users_get_groups ($id_user, $access, true, true); $acltags = users_get_groups ($id_user, $access, true, true);
// If using metaconsole, the strict users will use the agent table of every node
if (is_metaconsole() && $user_strict) {
$servers = metaconsole_get_servers();
$result_list = array ();
foreach ($servers as $server) {
if (metaconsole_connect($server) != NOERR) {
continue;
}
$server_list = groupview_get_all_data($id_user, $user_strict,
$acltags, $returnAllGroup);
foreach ($server_list as $server_item) {
if (! isset ($result_list[$server_item['_name_']])) {
$result_list[$server_item['_name_']] = $server_item;
}
else {
$result_list[$server_item['_name_']]['_monitors_ok_'] += $server_item['_monitors_ok_'];
$result_list[$server_item['_name_']]['_monitors_critical_'] += $server_item['_monitors_critical_'];
$result_list[$server_item['_name_']]['_monitors_warning_'] += $server_item['_monitors_warning_'];
$result_list[$server_item['_name_']]['_agents_unknown_'] += $server_item['_agents_unknown_'];
$result_list[$server_item['_name_']]['_total_agents_'] += $server_item['_total_agents_'];
$result_list[$server_item['_name_']]['_monitors_alerts_fired_'] += $server_item['_monitors_alerts_fired_'];
$result_list[$server_item['_name_']]['_agents_ok_'] += $server_item['_agents_ok_'];
$result_list[$server_item['_name_']]['_agents_critical_'] += $server_item['_agents_critical_'];
$result_list[$server_item['_name_']]['_agents_warning_'] += $server_item['_agents_warning_'];
$result_list[$server_item['_name_']]['_monitors_alerts_'] += $server_item['_monitors_alerts_'];
$result_list[$server_item['_name_']]["_monitor_checks_"] += $server_item["_monitor_checks_"];
$result_list[$server_item['_name_']]["_monitor_not_normal_"] += $server_item["_monitor_not_normal_"];
$result_list[$server_item['_name_']]["_monitor_health_"] += $server_item["_monitor_health_"];
$result_list[$server_item['_name_']]["_module_sanity_"] += $server_item["_module_sanity_"];
$result_list[$server_item['_name_']]["_alerts_"] += $server_item["_alerts_"];
$result_list[$server_item['_name_']]["_alert_level_"] += $server_item["_alert_level_"];
$result_list[$server_item['_name_']]["_monitor_bad_"] += $server_item["_monitor_bad_"];
$result_list[$server_item['_name_']]["_global_health_"] += $server_item["_global_health_"];
$result_list[$server_item['_name_']]["_server_sanity_"] += $server_item["_server_sanity_"];
$result_list[$server_item['_name_']]["_monitor_alerts_fire_count_"] += $server_item["_monitor_alerts_fire_count_"];
$result_list[$server_item['_name_']]["_total_checks_"] += $server_item["_total_checks_"];
$result_list[$server_item['_name_']]["_total_alerts_"] += $server_item["_total_alerts_"];
}
}
metaconsole_restore_db();
}
return $result_list;
}
else {
$result_list = groupview_get_all_data ($id_user, $user_strict, $result_list = groupview_get_all_data ($id_user, $user_strict,
$acltags, false, array(), array(), $access); $acltags, false, array(), array(), $access);
return $result_list; return $result_list;
}
} }
function groupview_monitor_alerts ($group_array, $strict_user = false, $id_group_strict = false) { function groupview_monitor_alerts ($group_array, $strict_user = false, $id_group_strict = false) {
@ -521,52 +438,11 @@ function groupview_get_groups_list($id_user = false, $user_strict = false, $acce
$id_user = $config['id_user']; $id_user = $config['id_user'];
} }
//$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict);
//
$acltags = users_get_groups($id_user, $access, true, true); $acltags = users_get_groups($id_user, $access, true, true);
// If using metaconsole, the strict users will use the agent table of every node
if (is_metaconsole() && $user_strict) {
$servers = metaconsole_get_servers();
$result_list = array ();
foreach ($servers as $server) {
if (metaconsole_connect($server) != NOERR) {
continue;
}
$server_list = groupview_get_data ($id_user, $user_strict,
$acltags, $returnAllGroup);
foreach ($server_list as $server_item) {
if (! isset ($result_list[$server_item['_name_']])) {
$result_list[$server_item['_name_']] = $server_item;
}
else {
$result_list[$server_item['_name_']]['_monitors_ok_'] += $server_item['_monitors_ok_'];
$result_list[$server_item['_name_']]['_monitors_critical_'] += $server_item['_monitors_critical_'];
$result_list[$server_item['_name_']]['_monitors_warning_'] += $server_item['_monitors_warning_'];
$result_list[$server_item['_name_']]['_agents_unknown_'] += $server_item['_agents_unknown_'];
$result_list[$server_item['_name_']]['_total_agents_'] += $server_item['_total_agents_'];
$result_list[$server_item['_name_']]['_monitors_alerts_fired_'] += $server_item['_monitors_alerts_fired_'];
}
}
metaconsole_restore_db();
}
return $result_list;
}
// If using metaconsole, the not strict users will use the metaconsole's agent cache table
else {
$result_list = groupview_get_data ($id_user, $user_strict, $acltags, $result_list = groupview_get_data ($id_user, $user_strict, $acltags,
$returnAllGroup, array(), array(), $access); $returnAllGroup, array(), array(), $access);
return $result_list; return $result_list;
}
} }
function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array(), $access = 'AR') { function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $returnAllGroup = false, $agent_filter = array(), $module_filter = array(), $access = 'AR') {
@ -598,14 +474,17 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
$user_groups_ids = implode(',', array_keys($acltags)); $user_groups_ids = implode(',', array_keys($acltags));
if (!empty($user_groups_ids)) { if (!empty($user_groups_ids)) {
if (is_metaconsole() && (!$user_strict)) { if (is_metaconsole()) {
switch ($config["dbtype"]) { switch ($config["dbtype"]) {
case "mysql": case "mysql":
$list_groups = db_get_all_rows_sql(" $list_groups = db_get_all_rows_sql("
SELECT * SELECT *
FROM tgrupo FROM tgrupo
WHERE id_grupo IN (" . $user_groups_ids . ") WHERE id_grupo IN (" . $user_groups_ids . ")
AND id_grupo IN (SELECT id_grupo FROM tmetaconsole_agent WHERE disabled = 0) AND (
id_grupo IN (SELECT id_grupo FROM tmetaconsole_agent WHERE disabled = 0)
OR id_grupo IN (SELECT id_group FROM tmetaconsole_agent_secondary_group WHERE id_group IN (" . $user_groups_ids . "))
)
ORDER BY nombre COLLATE utf8_general_ci ASC"); ORDER BY nombre COLLATE utf8_general_ci ASC");
break; break;
case "postgresql": case "postgresql":
@ -633,7 +512,10 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
SELECT * SELECT *
FROM tgrupo FROM tgrupo
WHERE id_grupo IN (" . $user_groups_ids . ") WHERE id_grupo IN (" . $user_groups_ids . ")
AND id_grupo IN (SELECT id_grupo FROM tagente WHERE disabled = 0) AND (
id_grupo IN (SELECT id_grupo FROM tagente WHERE disabled = 0)
OR id_grupo IN (SELECT id_group FROM tagent_secondary_group WHERE id_group IN (" . $user_groups_ids . "))
)
ORDER BY nombre COLLATE utf8_general_ci ASC"); ORDER BY nombre COLLATE utf8_general_ci ASC");
break; break;
case "postgresql": case "postgresql":
@ -659,7 +541,11 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
//Add the group "All" at first //Add the group "All" at first
$group_all = array('id_grupo'=>0, 'nombre'=>'All', 'icon'=>'', 'parent'=>'', 'propagate'=>0, 'disabled'=>0, $group_all = array('id_grupo'=>0, 'nombre'=>'All', 'icon'=>'', 'parent'=>'', 'propagate'=>0, 'disabled'=>0,
'custom_id'=>'', 'id_skin'=>0, 'description'=>'', 'contact'=>'', 'other'=>'', 'password'=>''); 'custom_id'=>'', 'id_skin'=>0, 'description'=>'', 'contact'=>'', 'other'=>'', 'password'=>'');
if ($list_groups !== false) {
array_unshift($list_groups, $group_all); array_unshift($list_groups, $group_all);
} else {
$list_groups = array($group_all);
}
if (!$user_strict) { if (!$user_strict) {
//Takes the parents even without agents, first ids //Takes the parents even without agents, first ids
@ -744,8 +630,12 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
$list_groups = array(); $list_groups = array();
} }
if (!$user_strict && is_metaconsole()) { // Agent cache if (is_metaconsole()) { // Agent cache
foreach ($list_groups as $group) { foreach ($list_groups as $group) {
// If id group is 0 get all accesses groups
$group_id = $group['id_grupo'] == 0
? $user_groups_ids
: $group['id_grupo'];
$group_agents = db_get_row_sql("SELECT SUM(warning_count) AS _monitors_warning_, $group_agents = db_get_row_sql("SELECT SUM(warning_count) AS _monitors_warning_,
SUM(critical_count) AS _monitors_critical_, SUM(critical_count) AS _monitors_critical_,
SUM(normal_count) AS _monitors_ok_, SUM(normal_count) AS _monitors_ok_,
@ -754,8 +644,14 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
SUM(fired_count) AS _monitors_alerts_fired_, SUM(fired_count) AS _monitors_alerts_fired_,
COUNT(*) AS _total_agents_, id_grupo, intervalo, COUNT(*) AS _total_agents_, id_grupo, intervalo,
ultimo_contacto, disabled ultimo_contacto, disabled
FROM tmetaconsole_agent WHERE id_grupo = " . $group['id_grupo'] . " AND disabled = 0 GROUP BY id_grupo"); FROM tmetaconsole_agent ta
LEFT JOIN tmetaconsole_agent_secondary_group tasg
ON tasg.id_agent = ta.id_agente
WHERE (
ta.id_grupo IN (" . $group_id . ")
OR tasg.id_group IN (" . $group_id . ")
)
AND disabled = 0");
$list[$group['id_grupo']]['_monitors_critical_'] = (int)$group_agents['_monitors_critical_']; $list[$group['id_grupo']]['_monitors_critical_'] = (int)$group_agents['_monitors_critical_'];
$list[$group['id_grupo']]['_monitors_warning_'] = (int)$group_agents['_monitors_warning_']; $list[$group['id_grupo']]['_monitors_warning_'] = (int)$group_agents['_monitors_warning_'];
@ -778,16 +674,19 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
$total_agents = $list[$group['id_grupo']]['_total_agents_']; $total_agents = $list[$group['id_grupo']]['_total_agents_'];
if (($group['id_grupo'] != 0) && ($total_agents > 0)) { if ($total_agents > 0) {
$agents = db_get_all_rows_sql("SELECT warning_count, $agents = db_get_all_rows_sql(sprintf ("SELECT warning_count,
critical_count, critical_count,
normal_count, normal_count,
unknown_count, unknown_count,
notinit_count, notinit_count,
fired_count, fired_count,
disabled disabled
FROM tmetaconsole_agent FROM tmetaconsole_agent ta
WHERE id_grupo = " . $group['id_grupo'] ); LEFT JOIN tmetaconsole_agent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE ta.id_grupo IN (%s) OR tasg.id_group IN (%s)",
$group_id, $group_id));
foreach ($agents as $agent) { foreach ($agents as $agent) {
if ($agent['critical_count'] > 0) { if ($agent['critical_count'] > 0) {
$list[$group['id_grupo']]['_agents_critical_'] += 1; $list[$group['id_grupo']]['_agents_critical_'] += 1;
@ -808,7 +707,7 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
} }
} }
} }
else if (($config["realtimestats"] == 0) && !$user_strict) { else if (false) { //FIXME: The cached group view is wasted. Avoid to reach this code.
$group_stat = db_get_all_rows_sql ("SELECT $group_stat = db_get_all_rows_sql ("SELECT
SUM(ta.normal_count) as normal, SUM(ta.critical_count) as critical, SUM(ta.normal_count) as normal, SUM(ta.critical_count) as critical,
@ -876,28 +775,32 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
} }
else { else {
foreach ($list_groups as $group) { foreach ($list_groups as $group) {
// If id group is 0 get all accesses groups
$group_id = $group['id_grupo'] == 0
? $user_groups_ids
: $group['id_grupo'];
$agent_not_init = agents_get_agents(array ( $agent_not_init = agents_get_agents(array (
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo'], 'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_NOT_INIT), 'status' => AGENT_STATUS_NOT_INIT),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0; $list[$group['id_grupo']]['_agents_not_init_'] = isset ($agent_not_init[0]['total']) ? $agent_not_init[0]['total'] : 0;
$agent_unknown = agents_get_agents(array ( $agent_unknown = agents_get_agents(array (
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo'], 'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_UNKNOWN), 'status' => AGENT_STATUS_UNKNOWN),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0; $list[$group['id_grupo']]['_agents_unknown_'] = isset ($agent_unknown[0]['total']) ? $agent_unknown[0]['total'] : 0;
$agent_critical = agents_get_agents(array ( $agent_critical = agents_get_agents(array (
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo'], 'id_grupo' => $group['id_grupo'],
'status' => AGENT_STATUS_CRITICAL), 'status' => AGENT_STATUS_CRITICAL),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_agents_critical_'] = isset ($agent_critical[0]['total']) ? $agent_critical[0]['total'] : 0; $list[$group['id_grupo']]['_agents_critical_'] = isset ($agent_critical[0]['total']) ? $agent_critical[0]['total'] : 0;
$agent_total = agents_get_agents(array ( $agent_total = agents_get_agents(array (
'disabled' => 0, 'disabled' => 0,
'id_grupo' => $group['id_grupo']), 'id_grupo' => $group['id_grupo']),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0; $list[$group['id_grupo']]['_total_agents_'] = isset ($agent_total[0]['total']) ? $agent_total[0]['total'] : 0;
$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"]; $list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
$list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"]; $list[$group['id_grupo']]["_monitor_not_normal_"] = $list[$group['id_grupo']]["_monitor_checks_"] - $list[$group['id_grupo']]["_monitors_ok_"];
@ -906,11 +809,16 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
FROM tagente_estado tae INNER JOIN tagente ta FROM tagente_estado tae INNER JOIN tagente ta
ON tae.id_agente = ta.id_agente ON tae.id_agente = ta.id_agente
AND ta.disabled = 0 AND ta.disabled = 0
AND ta.id_grupo = " . $group['id_grupo'] . " LEFT JOIN tagent_secondary_group tasg
ON tasg.id_agent = ta.id_agente
INNER JOIN tagente_modulo tam INNER JOIN tagente_modulo tam
ON tae.id_agente_modulo = tam.id_agente_modulo ON tae.id_agente_modulo = tam.id_agente_modulo
AND tam.disabled = 0 AND tam.disabled = 0
WHERE tae.utimestamp > 0 WHERE tae.utimestamp > 0
AND (
ta.id_grupo IN (" . $group_id . ")
OR tasg.id_group IN (" . $group_id . ")
)
GROUP BY estado"); GROUP BY estado");
if ($result_list) { if ($result_list) {
foreach ($result_list as $result) { foreach ($result_list as $result) {
@ -934,12 +842,17 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
FROM tagente_estado tae INNER JOIN tagente ta FROM tagente_estado tae INNER JOIN tagente ta
ON tae.id_agente = ta.id_agente ON tae.id_agente = ta.id_agente
AND ta.disabled = 0 AND ta.disabled = 0
AND ta.id_grupo = " . $group['id_grupo'] . " LEFT JOIN tagent_secondary_group tasg
ON tasg.id_agent = ta.id_agente
INNER JOIN tagente_modulo tam INNER JOIN tagente_modulo tam
ON tae.id_agente_modulo = tam.id_agente_modulo ON tae.id_agente_modulo = tam.id_agente_modulo
AND tam.disabled = 0 AND tam.disabled = 0
WHERE tae.estado = 0 WHERE tae.estado = 0
AND (tae.utimestamp > 0 OR tam.id_tipo_modulo IN(21,22,23,100)) AND (tae.utimestamp > 0 OR tam.id_tipo_modulo IN(21,22,23,100))
AND (
ta.id_grupo IN (" . $group_id . ")
OR tasg.id_group IN (" . $group_id . ")
)
GROUP BY estado"); GROUP BY estado");
$list[$group['id_grupo']]['_monitors_ok_'] = isset ($result_normal['contado']) ? $result_normal['contado'] : 0; $list[$group['id_grupo']]['_monitors_ok_'] = isset ($result_normal['contado']) ? $result_normal['contado'] : 0;
@ -947,53 +860,23 @@ function groupview_get_data ($id_user = false, $user_strict = false, $acltags, $
FROM tagente_estado tae INNER JOIN tagente ta FROM tagente_estado tae INNER JOIN tagente ta
ON tae.id_agente = ta.id_agente ON tae.id_agente = ta.id_agente
AND ta.disabled = 0 AND ta.disabled = 0
AND ta.id_grupo = " . $group['id_grupo'] . " LEFT JOIN tagent_secondary_group tasg
ON tasg.id_agent = ta.id_agente
INNER JOIN tagente_modulo tam INNER JOIN tagente_modulo tam
ON tae.id_agente_modulo = tam.id_agente_modulo ON tae.id_agente_modulo = tam.id_agente_modulo
AND tam.disabled = 0 AND tam.disabled = 0
WHERE tae.utimestamp = 0 AND WHERE tae.utimestamp = 0 AND
tae.estado IN (".AGENT_MODULE_STATUS_NO_DATA.",".AGENT_MODULE_STATUS_NOT_INIT." ) tae.estado IN (".AGENT_MODULE_STATUS_NO_DATA.",".AGENT_MODULE_STATUS_NOT_INIT." )
AND tam.id_tipo_modulo NOT IN (21,22,23,100) AND tam.id_tipo_modulo NOT IN (21,22,23,100)
AND (
ta.id_grupo IN (" . $group_id . ")
OR tasg.id_group IN (" . $group_id . ")
)
GROUP BY estado"); GROUP BY estado");
$list[$group['id_grupo']]['_monitors_not_init_'] = isset ($result_not_init['contado']) ? $result_not_init['contado'] : 0; $list[$group['id_grupo']]['_monitors_not_init_'] = isset ($result_not_init['contado']) ? $result_not_init['contado'] : 0;
} }
} }
if ($user_strict) {
$i = 1;
foreach ($user_tags as $group_id => $tag_name) {
$id = db_get_value('id_tag', 'ttag', 'name', $tag_name);
$list[$i]['_id_'] = $id;
$list[$i]['_name_'] = $tag_name;
$list[$i]['_iconImg_'] = html_print_image ("images/tag_red.png", true, array ("style" => 'vertical-align: middle;'));
$list[$i]['_is_tag_'] = 1;
$list[$i]['_total_agents_'] = (int) tags_get_total_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_unknown_'] = (int) tags_get_unknown_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_not_init_'] = (int) tags_get_not_init_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_critical_'] = (int) tags_get_critical_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_monitors_ok_'] = (int) tags_get_normal_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_critical_'] = (int) tags_get_critical_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_warning_'] = (int) tags_get_warning_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_not_init_'] = (int) tags_get_not_init_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_unknown_'] = (int) tags_get_unknown_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_alerts_fired_'] = tags_monitors_fired_alerts($id, $acltags);
if (! defined ('METACONSOLE')) {
if (($list[$i]['_agents_unknown_'] == 0) && ($list[$i]['_monitors_alerts_fired_'] == 0) && ($list[$i]['_total_agents_'] == 0) && ($list[$i]['_monitors_ok_'] == 0) && ($list[$i]['_monitors_critical_'] == 0) && ($list[$i]['_monitors_warning_'] == 0) && ($list[$i]['_monitors_unknown_'] == 0) && ($list[$i]['_monitors_not_init_'] == 0) && ($list[$i]['_agents_not_init_'] == 0)) {
unset($list[$i]);
}
}
else {
if (($list[$i]['_agents_unknown_'] == 0) && ($list[$i]['_monitors_alerts_fired_'] == 0) && ($list[$i]['_total_agents_'] == 0) && ($list[$i]['_monitors_ok_'] == 0) && ($list[$i]['_monitors_critical_'] == 0) && ($list[$i]['_monitors_warning_'] == 0)) {
unset($list[$i]);
}
}
$i++;
}
}
return $list; return $list;
} }

161
pandora_console/include/functions_profile.php
View File

@ -68,17 +68,26 @@ function profile_get_profiles ($filter = false) {
* @param int Group ID (default 1 => All) * @param int Group ID (default 1 => All)
* @param string Assign User who assign the profile to user. * @param string Assign User who assign the profile to user.
* @param string tags where the view of the user in this group will be restricted * @param string tags where the view of the user in this group will be restricted
* @param bool Profile is secondary or not
* *
* @return mixed Number id if succesful, false if not * @return mixed Number id if succesful, false if not
*/ */
function profile_create_user_profile ($id_user, function profile_create_user_profile ($id_user,
$id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') { $id_profile = 1,
$id_group = 0,
$assignUser = false,
$tags = '',
$is_secondary = false
) {
global $config; global $config;
if (empty ($id_profile) || $id_group < 0) if (empty ($id_profile) || $id_group < 0)
return false; return false;
// Secondary server is an enterprise function
if (!enterprise_installed() && $is_secondary) return false;
// Checks if the user exists // Checks if the user exists
$result_user = users_get_user_by_id($id_user); $result_user = users_get_user_by_id($id_user);
@ -86,6 +95,9 @@ function profile_create_user_profile ($id_user,
return false; return false;
} }
// Cannot mix secondary and primary profiles
if (!profile_check_group_mode($id_user, $id_group, $is_secondary)) return false;
if (isset ($config["id_user"])) { if (isset ($config["id_user"])) {
//Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora) //Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora)
$assign = $config["id_user"]; $assign = $config["id_user"];
@ -94,15 +106,15 @@ function profile_create_user_profile ($id_user,
$assign = $id_user; $assign = $id_user;
} }
if ($assignUser !== false) if ($assignUser !== false) $assign = $assignUser;
$assign = $assignUser;
$insert = array ( $insert = array (
"id_usuario" => $id_user, "id_usuario" => $id_user,
"id_perfil" => $id_profile, "id_perfil" => $id_profile,
"id_grupo" => $id_group, "id_grupo" => $id_group,
"tags" => $tags, "tags" => $tags,
"assigned_by" => $assign "assigned_by" => $assign,
"is_secondary" => $is_secondary ? 1 : 0
); );
return db_process_sql_insert ("tusuario_perfil", $insert); return db_process_sql_insert ("tusuario_perfil", $insert);
@ -135,4 +147,145 @@ function profile_delete_profile ($id_profile) {
return (bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile)); return (bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile));
} }
/**
* Check if a group can be added being secondary or normal
*
* @param int User ID you want to check
* @param int Group ID you want to check
* @param bool Mode of profile will be inserted
*
* @return bool False if there is a group with the mode already added
*/
function profile_check_group_mode($user_id, $group_id, $is_secondary) {
$inserted_type = (int)db_get_value_sql(sprintf(
'SELECT COUNT(*) FROM tusuario_perfil WHERE
id_grupo=%d AND is_secondary=%d AND id_usuario="%s"',
$group_id, !$is_secondary ? 1 : 0, $user_id)
);
return $inserted_type === 0;
}
/**
* Print the table to display, create and delete profiles
*
* @param int User id
* @param string Title of the table view
* @param bool Show the tags select or not
*/
function profile_print_profile_table ($id, $title, $is_secondary = false) {
global $config;
$is_secondary = enterprise_installed() ? $is_secondary : false;
$table = new stdClass();
$table->width = '100%';
$table->class = 'databox data';
if (defined("METACONSOLE")) {
$table->head_colspan[0] = 0;
$table->width = '100%';
$table->class = 'databox_tactical data';
$table->title = $title;
} else {
echo '<h4>'. $title . '</h4>';
}
$table->data = array ();
$table->head = array ();
$table->align = array ();
$table->style = array ();
if (!defined("METACONSOLE")) {
$table->style[0] = 'font-weight: bold';
$table->style[1] = 'font-weight: bold';
}
$table->head[0] = __('Profile name');
$table->head[1] = __('Group');
if (!$is_secondary) {
$table->head[2] = __('Tags');
}
$table->head[3] = __('Action');
$table->align[3] = 'center';
$result = db_get_all_rows_filter ("tusuario_perfil", array (
"id_usuario" => $id,
"is_secondary" => $is_secondary ? 1 : 0
));
if ($result === false) {
$result = array ();
}
foreach ($result as $profile) {
if($profile["id_grupo"] == -1) {
continue;
}
$data = array ();
$data[0] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.profile_get_name ($profile['id_perfil']).'</a>';
$data[1] = ui_print_group_icon($profile["id_grupo"], true);
if (!defined('METACONSOLE')) {
$data[1] .= '<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id='.$profile['id_grupo'].'&pure='.$pure.'">';
}
$data[1] .= '&nbsp;' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT);
if (!defined('METACONSOLE'))
$data[1] .= '</a>';
if (!$is_secondary) {
if(empty($profile["tags"])) {
$data[2] = '';
}
else {
$tags_ids = explode(',',$profile["tags"]);
$tags = tags_get_tags($tags_ids);
$data[2] = tags_get_tags_formatted($tags);
}
}
$data[3] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[3] .= html_print_input_hidden ('delete_profile', 1, true);
$data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true);
$data[3] .= html_print_input_hidden ('id_user', $id, true);
$data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true);
$data[3] .= '</form>';
array_push ($table->data, $data);
}
$data = array ();
$data[0] = '<form method="post">';
if (check_acl ($config['id_user'], 0, "PM")) {
$data[0] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '',
__('None'), 0, true, false, false);
}
else {
$data[0] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1',
'db_management' => '<> 1')), 'assign_profile', 0, '', __('None'), 0,
true, false, false);
}
$data[1] = html_print_select_groups($config['id_user'], "UM",
users_is_admin($config['id_user']), 'assign_group', -1, '', __('None'), -1, true,
false, false);
if (!$is_secondary) {
$tags = tags_get_all_tags();
$data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true);
}
$data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true);
$data[3] .= html_print_input_hidden ('id', $id, true);
$data[3] .= html_print_input_hidden ('add_profile', 1, true);
if ($is_secondary) {
$data[3] .= html_print_input_hidden('is_secondary', 1, true);
}
$data[3] .= '</form>';
array_push ($table->data, $data);
html_print_table ($table);
unset ($table);
}
?> ?>

111
pandora_console/include/functions_tactical.php
View File

@ -81,7 +81,6 @@ function tactical_get_data ($id_user = false, $user_strict = false, $acltags, $r
$list['_monitors_not_init_'] = 0; $list['_monitors_not_init_'] = 0;
$list['_monitors_ok_'] = 0; $list['_monitors_ok_'] = 0;
if (empty($list_groups)) { if (empty($list_groups)) {
$list_groups = array(); $list_groups = array();
} }
@ -90,7 +89,7 @@ function tactical_get_data ($id_user = false, $user_strict = false, $acltags, $r
* Agent cache for metaconsole. * Agent cache for metaconsole.
* Retrieve the statistic data from the cache table. * Retrieve the statistic data from the cache table.
*/ */
if (!$user_strict && is_metaconsole() && !empty($list_groups)) { if (is_metaconsole() && !empty($list_groups)) {
$cache_table = 'tmetaconsole_agent'; $cache_table = 'tmetaconsole_agent';
$sql_stats = "SELECT id_grupo, COUNT(id_agente) AS agents_total, $sql_stats = "SELECT id_grupo, COUNT(id_agente) AS agents_total,
@ -197,7 +196,7 @@ function tactical_get_data ($id_user = false, $user_strict = false, $acltags, $r
} }
} }
if (!$user_strict && is_metaconsole()) { // Agent cache if (is_metaconsole()) { // Agent cache
// Get total count of monitors for this group, except disabled. // Get total count of monitors for this group, except disabled.
$list["_monitor_checks_"] = $list["_monitors_not_init_"] + $list["_monitors_unknown_"] + $list["_monitors_warning_"] + $list["_monitors_critical_"] + $list["_monitors_ok_"]; $list["_monitor_checks_"] = $list["_monitors_not_init_"] + $list["_monitors_unknown_"] + $list["_monitors_warning_"] + $list["_monitors_critical_"] + $list["_monitors_ok_"];
@ -243,7 +242,7 @@ function tactical_get_data ($id_user = false, $user_strict = false, $acltags, $r
$list["_server_sanity_"] = format_numeric (100 - $list["_module_sanity_"], 1); $list["_server_sanity_"] = format_numeric (100 - $list["_module_sanity_"], 1);
} }
else if (($config["realtimestats"] == 0) && !$user_strict) { else if (($config["realtimestats"] == 0)) {
$group_stat = db_get_all_rows_sql ("SELECT $group_stat = db_get_all_rows_sql ("SELECT
SUM(ta.normal_count) as normal, SUM(ta.critical_count) as critical, SUM(ta.normal_count) as normal, SUM(ta.critical_count) as critical,
@ -311,19 +310,7 @@ function tactical_get_data ($id_user = false, $user_strict = false, $acltags, $r
} }
else { else {
if ($user_strict) {
if (empty($acltags)) {
$_tag_condition = ''; $_tag_condition = '';
}
else {
$_tag_condition = 'AND ' . tags_get_acl_tags_module_condition($acltags,'tae');
}
}
else {
$_tag_condition = '';
}
$result_list = db_get_all_rows_sql("SELECT COUNT(*) as contado, estado $result_list = db_get_all_rows_sql("SELECT COUNT(*) as contado, estado
FROM tagente_estado tae INNER JOIN tagente ta FROM tagente_estado tae INNER JOIN tagente ta
ON tae.id_agente = ta.id_agente ON tae.id_agente = ta.id_agente
@ -370,7 +357,7 @@ function tactical_get_data ($id_user = false, $user_strict = false, $acltags, $r
$list['_monitors_alerts_fired_'] = tactical_monitor_fired_alerts (explode(',',$user_groups_ids), $user_strict,explode(',',$user_groups_ids)); $list['_monitors_alerts_fired_'] = tactical_monitor_fired_alerts (explode(',',$user_groups_ids), $user_strict,explode(',',$user_groups_ids));
$list['_monitors_alerts_'] = tactical_monitor_alerts (explode(',',$user_groups_ids), $user_strict,explode(',',$user_groups_ids)); $list['_monitors_alerts_'] = tactical_monitor_alerts (explode(',',$user_groups_ids), $user_strict,explode(',',$user_groups_ids));
$total_agentes = agents_get_agents (false, array('count(*) as total_agents'), 'AR',false, false, 1); $total_agentes = agents_get_agents (false, array('count(DISTINCT id_agente) as total_agents'), 'AR',false, false, 1);
$list['_total_agents_'] = $total_agentes[0]['total_agents']; $list['_total_agents_'] = $total_agentes[0]['total_agents'];
$list["_monitor_checks_"] = $list["_monitors_not_init_"] + $list["_monitors_unknown_"] + $list["_monitors_warning_"] + $list["_monitors_critical_"] + $list["_monitors_ok_"]; $list["_monitor_checks_"] = $list["_monitors_not_init_"] + $list["_monitors_unknown_"] + $list["_monitors_warning_"] + $list["_monitors_critical_"] + $list["_monitors_ok_"];
@ -379,44 +366,6 @@ function tactical_get_data ($id_user = false, $user_strict = false, $acltags, $r
$list["_monitor_not_normal_"] = $list["_monitor_checks_"] - $list["_monitors_ok_"]; $list["_monitor_not_normal_"] = $list["_monitor_checks_"] - $list["_monitors_ok_"];
} }
if ($user_strict) {
$i = 1;
$list = array();
foreach ($user_tags as $group_id => $tag_name) {
$id = db_get_value('id_tag', 'ttag', 'name', $tag_name);
$list[$i]['_id_'] = $id;
$list[$i]['_name_'] = $tag_name;
$list[$i]['_iconImg_'] = html_print_image ("images/tag_red.png", true, array ("style" => 'vertical-align: middle;'));
$list[$i]['_is_tag_'] = 1;
$list[$i]['_total_agents_'] = (int) tags_get_total_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_ok_'] = (int) tags_get_normal_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_warning_'] = (int) tags_get_warning_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_critical_'] = (int) tags_get_critical_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_unknown_'] = (int) tags_get_unknown_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_agents_not_init_'] = (int) tags_get_not_init_agents ($id, $acltags, $agent_filter, $module_filter, $config["realtimestats"]);
$list[$i]['_monitors_ok_'] = (int) tags_get_normal_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_critical_'] = (int) tags_get_critical_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_warning_'] = (int) tags_get_warning_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_not_init_'] = (int) tags_get_not_init_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_unknown_'] = (int) tags_get_unknown_monitors ($id, $acltags, $agent_filter, $module_filter);
$list[$i]['_monitors_alerts_fired_'] = tags_monitors_fired_alerts($id, $acltags);
if (! defined ('METACONSOLE')) {
if (($list[$i]['_agents_unknown_'] == 0) && ($list[$i]['_monitors_alerts_fired_'] == 0) && ($list[$i]['_total_agents_'] == 0) && ($list[$i]['_monitors_ok_'] == 0) && ($list[$i]['_monitors_critical_'] == 0) && ($list[$i]['_monitors_warning_'] == 0) && ($list[$i]['_monitors_unknown_'] == 0) && ($list[$i]['_monitors_not_init_'] == 0) && ($list[$i]['_agents_not_init_'] == 0)) {
unset($list[$i]);
}
}
else {
if (($list[$i]['_agents_unknown_'] == 0) && ($list[$i]['_monitors_alerts_fired_'] == 0) && ($list[$i]['_total_agents_'] == 0) && ($list[$i]['_monitors_ok_'] == 0) && ($list[$i]['_monitors_critical_'] == 0) && ($list[$i]['_monitors_warning_'] == 0)) {
unset($list[$i]);
}
}
$i++;
}
}
return $list; return $list;
} }
@ -429,59 +378,9 @@ function tactical_status_modules_agents($id_user = false, $user_strict = false,
$acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict); $acltags = tags_get_user_groups_and_tags ($id_user, $access, $user_strict);
// If using metaconsole, the strict users will use the agent table of every node $result_list = tactical_get_data ($id_user, $user_strict, $acltags);
if (is_metaconsole() && $user_strict) {
$servers = metaconsole_get_servers();
$result_list = array ();
foreach ($servers as $server) {
if (metaconsole_connect($server) != NOERR) {
continue;
}
$result_list = tactical_get_data ($id_user, $user_strict,
$acltags);
if (!isset ($result_list[$server_item['_name_']])) {
$result_list[$server_item['_name_']] = $server_item;
}
else {
$result_list[$server_item['_name_']]['_monitors_ok_'] += $server_item['_monitors_ok_'];
$result_list[$server_item['_name_']]['_monitors_critical_'] += $server_item['_monitors_critical_'];
$result_list[$server_item['_name_']]['_monitors_warning_'] += $server_item['_monitors_warning_'];
$result_list[$server_item['_name_']]['_agents_unknown_'] += $server_item['_agents_unknown_'];
$result_list[$server_item['_name_']]['_total_agents_'] += $server_item['_total_agents_'];
$result_list[$server_item['_name_']]['_monitors_alerts_fired_'] += $server_item['_monitors_alerts_fired_'];
$result_list[$server_item['_name_']]['_agents_ok_'] += $server_item['_agents_ok_'];
$result_list[$server_item['_name_']]['_agents_critical_'] += $server_item['_agents_critical_'];
$result_list[$server_item['_name_']]['_agents_warning_'] += $server_item['_agents_warning_'];
$result_list[$server_item['_name_']]['_monitors_alerts_'] += $server_item['_monitors_alerts_'];
$result_list[$server_item['_name_']]["_monitor_checks_"] += $server_item["_monitor_checks_"];
$result_list[$server_item['_name_']]["_monitor_not_normal_"] += $server_item["_monitor_not_normal_"];
$result_list[$server_item['_name_']]["_monitor_health_"] += $server_item["_monitor_health_"];
$result_list[$server_item['_name_']]["_module_sanity_"] += $server_item["_module_sanity_"];
$result_list[$server_item['_name_']]["_alerts_"] += $server_item["_alerts_"];
$result_list[$server_item['_name_']]["_alert_level_"] += $server_item["_alert_level_"];
$result_list[$server_item['_name_']]["_monitor_bad_"] += $server_item["_monitor_bad_"];
$result_list[$server_item['_name_']]["_global_health_"] += $server_item["_global_health_"];
$result_list[$server_item['_name_']]["_server_sanity_"] += $server_item["_server_sanity_"];
$result_list[$server_item['_name_']]["_monitor_alerts_fire_count_"] += $server_item["_monitor_alerts_fire_count_"];
$result_list[$server_item['_name_']]["_total_checks_"] += $server_item["_total_checks_"];
$result_list[$server_item['_name_']]["_total_alerts_"] += $server_item["_total_alerts_"];
}
}
metaconsole_restore_db();
return $result_list;
}
else {
$result_list = tactical_get_data ($id_user, $user_strict,
$acltags);
return $result_list; return $result_list;
}
} }
function tactical_monitor_alerts ($group_array, $strict_user = false, $id_group_strict = false) { function tactical_monitor_alerts ($group_array, $strict_user = false, $id_group_strict = false) {

9
pandora_console/include/functions_tags.php
View File

@ -663,7 +663,6 @@ function tags_get_acl_tags($id_user, $id_group, $access = 'AR',
elseif (!is_array($id_group)) { elseif (!is_array($id_group)) {
$id_group = array($id_group); $id_group = array($id_group);
} }
$groups = $id_group;
$acl_column = get_acl_column($access); $acl_column = get_acl_column($access);
if (empty($acl_column)) { if (empty($acl_column)) {
@ -740,8 +739,10 @@ function tags_get_acl_tags_module_condition($acltags, $modules_table = '') {
%s %s
INNER JOIN tagente tac INNER JOIN tagente tac
ON tamc.id_agente = tac.id_agente ON tamc.id_agente = tac.id_agente
AND tac.id_grupo = %d', LEFT JOIN tagent_secondary_group tasg
$tag_join, $group_id); ON tasg.id_agent = tac.id_agente
WHERE (tac.id_grupo = %d OR tasg.id_group = %d)',
$tag_join, $group_id, $group_id);
$sql_condition = sprintf('(%sid_agente_modulo IN (%s))', $modules_table, $agent_condition); $sql_condition = sprintf('(%sid_agente_modulo IN (%s))', $modules_table, $agent_condition);
$group_conditions[] = $sql_condition; $group_conditions[] = $sql_condition;
@ -858,7 +859,7 @@ function tags_get_acl_tags_event_condition($acltags, $meta = false, $force_group
// Tags condition (The module has at least one of the restricted tags) // Tags condition (The module has at least one of the restricted tags)
$tags_condition = ''; $tags_condition = '';
if (empty($group_tags)) { if (empty($group_tags)) {
$tags_condition = "id_grupo = ".$group_id; $tags_condition = "id_grupo = ".$group_id . " OR id_group = " . $group_id;
} }
else { else {
if (!is_array($group_tags)) { if (!is_array($group_tags)) {

8
pandora_console/include/functions_users.php
View File

@ -242,6 +242,7 @@ function groups_combine_acl($acl_group_a, $acl_group_b){
* @param boolean $returnAllColumns Flag to return all columns of groups. * @param boolean $returnAllColumns Flag to return all columns of groups.
* @param array $id_groups The list of group to scan to bottom child. By default null. * @param array $id_groups The list of group to scan to bottom child. By default null.
* @param string $keys_field The field of the group used in the array keys. By default ID * @param string $keys_field The field of the group used in the array keys. By default ID
* @param bool $cache Set it to false to not use cache
* *
* @return array A list of the groups the user has certain privileges. * @return array A list of the groups the user has certain privileges.
*/ */
@ -427,9 +428,10 @@ function users_access_to_agent ($id_agent, $mode = "AR", $id_user = false) {
$id_user = $config['id_user']; $id_user = $config['id_user'];
} }
$id_group = (int) db_get_value ('id_grupo', 'tagente', 'id_agente', (int) $id_agent); return (bool) check_acl_one_of_groups (
$id_user,
return (bool) check_acl ($id_user, $id_group, $mode); agents_get_all_groups_agent((int)$id_agent),
$mode);
} }
/** /**

22
pandora_console/operation/agentes/alerts_status.php
View File

@ -124,7 +124,11 @@ if ($idAgent != 0) {
$is_extra = false; $is_extra = false;
} }
if (!check_acl ($config["id_user"], $id_group, "AR") && !check_acl ($config["id_user"], $id_group, "AW") && !$is_extra) { // All groups is calculated in ver_agente.php. Avoid to calculate it again
if (!isset($all_groups)) {
$all_groups = agents_get_all_groups_agent ($idAgent, $id_group);
}
if (!check_acl_one_of_groups ($config["id_user"], $all_groups, "AR") && !check_acl_one_of_groups ($config["id_user"], $id_group, "AW") && !$is_extra) {
db_pandora_audit("ACL Violation","Trying to access alert view"); db_pandora_audit("ACL Violation","Trying to access alert view");
require ("general/noaccess.php"); require ("general/noaccess.php");
exit; exit;
@ -158,6 +162,8 @@ else {
users_get_groups($config["id_user"], $access, false)), false, 'lower', true)); users_get_groups($config["id_user"], $access, false)), false, 'lower', true));
$idGroup = $id_group; $idGroup = $id_group;
// If there is no agent defined, it means that it cannot search for the secondary groups
$all_groups = array($id_group);
$print_agent = true; $print_agent = true;
@ -170,7 +176,7 @@ else {
} }
if ($alert_validate) { if ($alert_validate) {
if (check_acl ($config["id_user"], $id_group, "AW") || check_acl ($config["id_user"], $id_group, "LM") ) { if (check_acl_one_of_groups ($config["id_user"], $all_groups, "AW") || check_acl_one_of_groups ($config["id_user"], $all_groups, "LM") ) {
validateAlert(); validateAlert();
} }
else { else {
@ -344,12 +350,14 @@ if (empty($id_groups)) {
$whereAlertSimple .= ' AND (1 = 0) '; $whereAlertSimple .= ' AND (1 = 0) ';
} }
else { else {
$whereAlertSimple .= ' AND id_agent_module IN ( $whereAlertSimple .= sprintf (' AND id_agent_module IN (
SELECT tam.id_agente_modulo SELECT tam.id_agente_modulo
FROM tagente_modulo tam FROM tagente_modulo tam
WHERE tam.id_agente IN (SELECT ta.id_agente WHERE tam.id_agente IN (SELECT ta.id_agente
FROM tagente ta FROM tagente ta LEFT JOIN tagent_secondary_group tasg ON
WHERE ta.id_grupo IN (' . implode(',', $id_groups) . '))) '; ta.id_agente = tasg.id_agent
WHERE (ta.id_grupo IN (%s) OR tasg.id_group IN (%s)))) ',
implode(',', $id_groups), implode(',', $id_groups));
} }
@ -495,7 +503,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$table->head[1] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>"; $table->head[1] = "<span title='" . __('Standby') . "'>" . __('S.') . "</span>";
if (!is_metaconsole()) { if (!is_metaconsole()) {
if (check_acl($config['id_user'], $id_group, "AW") || check_acl ($config["id_user"], $id_group, "LM")) if (check_acl_one_of_groups($config['id_user'], $all_groups, "AW") || check_acl_one_of_groups ($config["id_user"], $all_groups, "LM"))
$table->head[2] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>"; $table->head[2] = "<span title='" . __('Force execution') . "'>" . __('F.') . "</span>";
} }
@ -506,7 +514,7 @@ if ($isFunctionPolicies !== ENTERPRISE_NOT_HOOK) {
$table->head[7] = __('Status'); $table->head[7] = __('Status');
if (!is_metaconsole()) { if (!is_metaconsole()) {
$table->size[7] = '5%'; $table->size[7] = '5%';
if (check_acl ($config["id_user"], $id_group, "LW") || check_acl ($config["id_user"], $id_group, "LM")) { if (check_acl_one_of_groups ($config["id_user"], $all_groups, "LW") || check_acl_one_of_groups ($config["id_user"], $all_groups, "LM")) {
$table->head[8] = __('Validate'); $table->head[8] = __('Validate');
$table->align[8] = 'center'; $table->align[8] = 'center';
$table->size[8] = '5%'; $table->size[8] = '5%';

11
pandora_console/operation/agentes/custom_fields.php
View File

@ -29,15 +29,20 @@ if ($id_agente === -1) {
return; return;
} }
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config['id_user'], 0, "AW")) { // All groups is calculated in ver_agente.php. Avoid to calculate it again
if (!isset($all_groups)) {
$all_groups = agents_get_all_groups_agent ($idAgent, $id_group);
}
if (! check_acl_one_of_groups ($config["id_user"], $all_groups, "AR") && ! check_acl ($config['id_user'], 0, "AW")) {
db_pandora_audit("ACL Violation", db_pandora_audit("ACL Violation",
"Trying to access Agent General Information"); "Trying to access Agent General Information");
require_once ("general/noaccess.php"); require_once ("general/noaccess.php");
return; return;
} }
$all_customs_fields = (bool)check_acl($config["id_user"], $all_customs_fields = (bool)check_acl_one_of_groups($config["id_user"],
$agent["id_grupo"], "AW"); $all_groups, "AW");
if ($all_customs_fields) { if ($all_customs_fields) {
$fields = db_get_all_rows_filter('tagent_custom_fields'); $fields = db_get_all_rows_filter('tagent_custom_fields');

6
pandora_console/operation/agentes/estado_agente.php
View File

@ -95,8 +95,8 @@ if (is_ajax ()) {
if ($get_agent_module_last_value) { if ($get_agent_module_last_value) {
$id_module = (int) get_parameter ('id_agent_module'); $id_module = (int) get_parameter ('id_agent_module');
$id_agent = (int) modules_get_agentmodule_agent ((int) $id_module);
if (! check_acl ($config['id_user'], agents_get_agentmodule_group ($id_module), "AR")) { if (! check_acl_one_of_groups ($config['id_user'], agents_get_all_groups_agent ($id_agent), "AR")) {
db_pandora_audit("ACL Violation", db_pandora_audit("ACL Violation",
"Trying to access agent main list view"); "Trying to access agent main list view");
echo json_encode (false); echo json_encode (false);
@ -479,7 +479,7 @@ else {
'search' => $search_sql, 'search' => $search_sql,
'search_custom' => $search_sql_custom, 'search_custom' => $search_sql_custom,
'status' => $status), 'status' => $status),
array ('COUNT(*) as total'), $access, false); array ('COUNT(DISTINCT id_agente) as total'), $access, false);
$total_agents = isset ($total_agents[0]['total']) ? $total_agents = isset ($total_agents[0]['total']) ?
$total_agents[0]['total'] : 0; $total_agents[0]['total'] : 0;

31
pandora_console/operation/agentes/estado_generalagente.php
View File

@ -53,7 +53,7 @@ if ($is_extra === ENTERPRISE_NOT_HOOK) {
$is_extra = false; $is_extra = false;
} }
if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR") && ! check_acl ($config["id_user"], $agent["id_grupo"], "AW") && !$is_extra) { if (! check_acl_one_of_groups ($config["id_user"], $all_groups, "AR") && ! check_acl_one_of_groups ($config["id_user"], $all_groups, "AW") && !$is_extra) {
db_pandora_audit("ACL Violation", db_pandora_audit("ACL Violation",
"Trying to access Agent General Information"); "Trying to access Agent General Information");
require_once ("general/noaccess.php"); require_once ("general/noaccess.php");
@ -327,6 +327,22 @@ if (enterprise_installed()) {
} }
$table_data->data[] = $data; $table_data->data[] = $data;
$data = array();
$data[0] = '<b>' . __('Secondary groups') . '</b>';
$secondary_groups = enterprise_hook('agents_get_secondary_groups', array($id_agente));
if (!$secondary_groups) {
$data[1] = '<em>' . __('N/A') . '</em>';
}
else {
$secondary_links = array();
foreach ($secondary_groups['for_select'] as $id => $name) {
$secondary_links[] = '<a href="index.php?sec=estado&amp;sec2=operation/agentes/estado_agente&amp;refr=60&amp;group_id='.$id.'">'.$name.'</a>';
}
$data[1] = implode(', ', $secondary_links);
}
$table_data->data[] = $data;
} }
if ($config['activate_gis'] || $agent['url_address'] != '') { if ($config['activate_gis'] || $agent['url_address'] != '') {
@ -489,16 +505,7 @@ if (!empty($network_interfaces)) {
foreach ($network_interfaces as $interface_name => $interface) { foreach ($network_interfaces as $interface_name => $interface) {
if (!empty($interface['traffic'])) { if (!empty($interface['traffic'])) {
$permission = false; $permission = check_acl_one_of_groups($config['id_user'], $all_groups, "RR");
if ($strict_user) {
if (tags_check_acl_by_module($interface['traffic']['in'], $config['id_user'], 'RR') === true
&& tags_check_acl_by_module($interface['traffic']['out'], $config['id_user'], 'RR') === true)
$permission = true;
}
else {
$permission = check_acl($config['id_user'], $agent["id_grupo"], "RR");
}
if ($permission) { if ($permission) {
$params = array( $params = array(
@ -655,7 +662,7 @@ $table->rowspan[1][0] = 0;
$data[0][2] = '<div style="width:100%; text-align:right">'; $data[0][2] = '<div style="width:100%; text-align:right">';
$data[0][2] .= '<a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente='.$id_agente.'&amp;refr=60">' . html_print_image("images/refresh.png", true, array("border" => '0', "title" => __('Refresh data'), "alt" => "")) . '</a><br>'; $data[0][2] .= '<a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente='.$id_agente.'&amp;refr=60">' . html_print_image("images/refresh.png", true, array("border" => '0', "title" => __('Refresh data'), "alt" => "")) . '</a><br>';
if (check_acl ($config["id_user"], $agent["id_grupo"], "AW")) if (check_acl_one_of_groups ($config["id_user"], $all_groups, "AW"))
$data[0][2] .= '<a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;flag_agent=1&amp;id_agente='.$id_agente.'">' . html_print_image("images/target.png", true, array("border" => '0', "title" => __('Force remote checks'), "alt" => "")) . '</a>'; $data[0][2] .= '<a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;flag_agent=1&amp;id_agente='.$id_agente.'">' . html_print_image("images/target.png", true, array("border" => '0', "title" => __('Force remote checks'), "alt" => "")) . '</a>';
$data[0][2] .= '</div>'; $data[0][2] .= '</div>';

82
pandora_console/operation/agentes/group_view.php
View File

@ -69,9 +69,7 @@ else {
// Header // Header
ui_print_page_header (__("Group view"), "images/group.png", false, "", false, $updated_time); ui_print_page_header (__("Group view"), "images/group.png", false, "", false, $updated_time);
$strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']); $strict_user = false;
$all_data = groupview_status_modules_agents ($config['id_user'], $strict_user, ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR'), $strict_user);
$total_agentes = 0; $total_agentes = 0;
$monitor_ok = 0; $monitor_ok = 0;
@ -84,33 +82,53 @@ $agents_critical = 0;
$agents_notinit = 0; $agents_notinit = 0;
$all_alerts_fired = 0; $all_alerts_fired = 0;
foreach ($all_data as $group_all_data) { //Groups and tags
$total_agentes += $group_all_data["_total_agents_"]; $result_groups = groupview_get_groups_list($config['id_user'], $strict_user,
$monitor_ok += $group_all_data["_monitors_ok_"]; ($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR'), true, true);
$monitor_warning += $group_all_data["_monitors_warning_"]; $count = count($result_groups);
$monitor_critical += $group_all_data["_monitors_critical_"];
$monitor_unknown += $group_all_data["_monitors_unknown_"];
$monitor_not_init += $group_all_data["_monitors_not_init_"];
$agents_unknown += $group_all_data["_agents_unknown_"]; if ($result_groups[0]["_id_"] == 0) {
$agents_notinit += $group_all_data["_agents_not_init_"]; $total_agentes = $result_groups[0]["_total_agents_"];
$agents_critical += $group_all_data["_agents_critical_"]; $monitor_ok = $result_groups[0]["_monitors_ok_"];
$monitor_warning = $result_groups[0]["_monitors_warning_"];
$monitor_critical = $result_groups[0]["_monitors_critical_"];
$monitor_unknown = $result_groups[0]["_monitors_unknown_"];
$monitor_not_init = $result_groups[0]["_monitors_not_init_"];
$all_alerts_fired += $group_all_data["_monitors_alerts_fired_"]; $agents_unknown = $result_groups[0]["_agents_unknown_"];
$agents_notinit = $result_groups[0]["_agents_not_init_"];
$agents_critical = $result_groups[0]["_agents_critical_"];
$all_alerts_fired = $result_groups[0]["_monitors_alerts_fired_"];
} }
$total = $monitor_ok + $monitor_warning + $monitor_critical + $monitor_unknown + $monitor_not_init; $total = $monitor_ok + $monitor_warning + $monitor_critical + $monitor_unknown + $monitor_not_init;
//Monitors //Modules
$total_ok = format_numeric (($monitor_ok*100)/$total,2); $total_ok =0;
$total_warning = format_numeric (($monitor_warning*100)/$total,2); $total_warning =0;
$total_critical = format_numeric (($monitor_critical*100)/$total,2); $total_critical =0;
$total_unknown = format_numeric (($monitor_unknown*100)/$total,2); $total_unknown =0;
$total_monitor_not_init = format_numeric (($monitor_not_init*100)/$total,2); $total_monitor_not_init =0;
//Agents //Agents
$total_agent_unknown = format_numeric (($agents_unknown*100)/$total_agentes,2); $total_agent_unknown = 0;
$total_agent_critical = format_numeric (($agents_critical*100)/$total_agentes,2); $total_agent_critical = 0;
$total_not_init = format_numeric (($agents_notinit*100)/$total_agentes,2); $total_not_init = 0;
if ($total > 0) {
//Modules
$total_ok = format_numeric (($monitor_ok*100)/$total,2);
$total_warning = format_numeric (($monitor_warning*100)/$total,2);
$total_critical = format_numeric (($monitor_critical*100)/$total,2);
$total_unknown = format_numeric (($monitor_unknown*100)/$total,2);
$total_monitor_not_init = format_numeric (($monitor_not_init*100)/$total,2);
}
if ($total_agentes > 0) {
//Agents
$total_agent_unknown = format_numeric (($agents_unknown*100)/$total_agentes,2);
$total_agent_critical = format_numeric (($agents_critical*100)/$total_agentes,2);
$total_not_init = format_numeric (($agents_notinit*100)/$total_agentes,2);
}
echo '<table cellpadding="0" cellspacing="0" border="0" width="100%" class="databox">'; echo '<table cellpadding="0" cellspacing="0" border="0" width="100%" class="databox">';
echo "<tr>"; echo "<tr>";
@ -136,12 +154,6 @@ echo '<table cellpadding="0" cellspacing="0" border="0" width="100%" class="data
echo "</tr>"; echo "</tr>";
echo "</table>"; echo "</table>";
//Groups and tags
$result_groups = groupview_get_groups_list($config['id_user'], $strict_user,
($agent_a == true) ? 'AR' : (($agent_w == true) ? 'AW' : 'AR'), true, true);
$count = count($result_groups);
if ($count == 1) { if ($count == 1) {
if ($result_groups[0]['_id_'] == 0) { if ($result_groups[0]['_id_'] == 0) {
unset($result_groups[0]); unset($result_groups[0]);
@ -246,10 +258,16 @@ if (!empty($result_groups)) {
if (isset($data['_iconImg_']) && !empty($data['_iconImg_'])) if (isset($data['_iconImg_']) && !empty($data['_iconImg_']))
$item_icon = $data['_iconImg_']; $item_icon = $data['_iconImg_'];
if ($data['_name_'] != "All") if ($data['_name_'] != "All") {
echo $deep . $link . $group_name . "</a>"; echo $deep . $link . $group_name . "</a>";
else }
echo $link . $group_name . "</a>"; else {
$hint = '';
if (enterprise_hook('agents_is_using_secondary_groups')) {
$hint = ui_print_help_tip(__("This Pandora installation are using the secondary groups feature. For this reason, an agent can be counted several times."));
}
echo $link . $group_name . "</a>" . $hint;
}
if (isset($data['_is_tag_'])){ if (isset($data['_is_tag_'])){
echo '<a>' . html_print_image("images/tag.png", true, array("border" => '0', "style" => 'width:18px;margin-left:5px', "title" => __('Tag'))) . '</a>' ; echo '<a>' . html_print_image("images/tag.png", true, array("border" => '0', "style" => 'width:18px;margin-left:5px', "title" => __('Tag'))) . '</a>' ;

25
pandora_console/operation/agentes/status_monitor.php
View File

@ -91,7 +91,7 @@ $user_groups = implode (',', array_keys (users_get_groups ()));
//////////////////////////////////// ////////////////////////////////////
// Begin Build SQL sentences // Begin Build SQL sentences
$sql_from = ' FROM ttipo_modulo,tagente, tagente_modulo, tagente_estado,tmodule '; $sql_from = ' FROM ttipo_modulo,tagente LEFT JOIN tagent_secondary_group tasg ON tagente.id_agente = tasg.id_agent, tagente_modulo, tagente_estado,tmodule ';
$sql_conditions_base = ' WHERE tagente.id_agente = tagente_modulo.id_agente $sql_conditions_base = ' WHERE tagente.id_agente = tagente_modulo.id_agente
AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo AND tagente_modulo.id_tipo_modulo = ttipo_modulo.id_tipo AND tmodule.id_module = tagente_modulo.id_modulo'; AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo AND tagente_modulo.id_tipo_modulo = ttipo_modulo.id_tipo AND tmodule.id_module = tagente_modulo.id_modulo';
@ -108,20 +108,32 @@ else {
// Agent group selector // Agent group selector
if (!is_metaconsole()) { if (!is_metaconsole()) {
if ($ag_group > 0 && check_acl ($config['id_user'], $ag_group, 'AR')) { if ($ag_group > 0 && check_acl ($config['id_user'], $ag_group, 'AR')) {
$sql_conditions_group = sprintf (' AND tagente.id_grupo = %d', $ag_group); $sql_conditions_group = sprintf (
' AND (tagente.id_grupo = %d OR tasg.id_group = %d)',
$ag_group, $ag_group
);
} }
elseif ($user_groups != '') { elseif ($user_groups != '') {
// User has explicit permission on group 1 ? // User has explicit permission on group 1 ?
$sql_conditions_group = ' AND tagente.id_grupo IN ('.$user_groups.')'; $sql_conditions_group = ' AND (
tagente.id_grupo IN ('.$user_groups.')
OR tasg.id_group IN ('.$user_groups.')
)';
} }
} }
else { else {
if (((int)$ag_group !== 0) && (check_acl ($config['id_user'], $id_ag_group, 'AR'))) { if (((int)$ag_group !== 0) && (check_acl ($config['id_user'], $id_ag_group, 'AR'))) {
$sql_conditions_group = sprintf (' AND tagente.id_grupo IN (%s) ', $ag_group); $sql_conditions_group = sprintf (
' AND (tagente.id_grupo IN (%s) OR tasg.id_group IN (%s))',
$user_groups, $user_groups
);
} }
elseif ($user_groups != '') { elseif ($user_groups != '') {
// User has explicit permission on group 1 ? // User has explicit permission on group 1 ?
$sql_conditions_group = ' AND tagente.id_grupo IN ('.$user_groups.')'; $sql_conditions_group = ' AND (
tagente.id_grupo IN ('.$user_groups.')
OR tasg.id_group IN ('.$user_groups.')
)';
} }
} }
@ -254,7 +266,7 @@ $sql_conditions_acl = $sql_conditions_base . $sql_conditions_group . $sql_condit
// Get count to paginate // Get count to paginate
if (!defined('METACONSOLE')) if (!defined('METACONSOLE'))
$count = db_get_sql ('SELECT COUNT(tagente_modulo.id_agente_modulo) ' . $sql_from . $sql_conditions_all); $count = db_get_sql ('SELECT COUNT(DISTINCT tagente_modulo.id_agente_modulo)' . $sql_from . $sql_conditions_all);
// Get limit_sql depend of the metaconsole or standard mode // Get limit_sql depend of the metaconsole or standard mode
if (is_metaconsole()) { if (is_metaconsole()) {
@ -759,6 +771,7 @@ switch ($config['dbtype']) {
tagente_modulo.unknown_instructions, tagente_modulo.unknown_instructions,
tagente_estado.utimestamp AS utimestamp' . tagente_estado.utimestamp AS utimestamp' .
$sql_from . $sql_conditions_all . ' $sql_from . $sql_conditions_all . '
GROUP BY tagente_modulo.id_agente_modulo
ORDER BY ' . $order['field'] . " " . $order['order'] . ' ORDER BY ' . $order['field'] . " " . $order['order'] . '
LIMIT '.$offset.",".$limit_sql; LIMIT '.$offset.",".$limit_sql;
break; break;

14
pandora_console/operation/agentes/ver_agente.php
View File

@ -1021,7 +1021,9 @@ if ($is_extra === ENTERPRISE_NOT_HOOK) {
$is_extra = false; $is_extra = false;
} }
if (! check_acl ($config['id_user'], $id_grupo, "AR", $id_agente) && ! check_acl ($config['id_user'], $id_grupo, "AW", $id_agente) && !$is_extra) { $all_groups = agents_get_all_groups_agent ($id_agente, $id_grupo);
if (! check_acl_one_of_groups ($config['id_user'], $all_groups, "AR") && ! check_acl_one_of_groups ($config['id_user'], $all_groups, "AW", $id_agente) && !$is_extra) {
db_pandora_audit("ACL Violation", db_pandora_audit("ACL Violation",
"Trying to access (read) to agent ".agents_get_name($id_agente)); "Trying to access (read) to agent ".agents_get_name($id_agente));
include ("general/noaccess.php"); include ("general/noaccess.php");
@ -1031,7 +1033,7 @@ if (! check_acl ($config['id_user'], $id_grupo, "AR", $id_agente) && ! check_acl
// Check for Network FLAG change request // Check for Network FLAG change request
$flag = get_parameter('flag', ''); $flag = get_parameter('flag', '');
if ($flag !== '') { if ($flag !== '') {
if ($flag == 1 && check_acl ($config['id_user'], $id_grupo, "AW")) { if ($flag == 1 && check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) {
$id_agent_module = get_parameter('id_agente_modulo'); $id_agent_module = get_parameter('id_agente_modulo');
db_process_sql_update('tagente_modulo', db_process_sql_update('tagente_modulo',
@ -1041,7 +1043,7 @@ if ($flag !== '') {
// Check for Network FLAG change request // Check for Network FLAG change request
$flag_agent = get_parameter('flag_agent',''); $flag_agent = get_parameter('flag_agent','');
if ($flag_agent !== '') { if ($flag_agent !== '') {
if ($flag_agent == 1 && check_acl ($config['id_user'], $id_grupo, "AW")) { if ($flag_agent == 1 && check_acl_one_of_groups ($config['id_user'], $all_groups, "AW")) {
db_process_sql_update('tagente_modulo', array('flag' => 1), array('id_agente' =>$id_agente)); db_process_sql_update('tagente_modulo', array('flag' => 1), array('id_agente' =>$id_agente));
} }
} }
@ -1060,7 +1062,7 @@ $tab = get_parameter ("tab", "main");
/* Manage tab */ /* Manage tab */
$managetab = ""; $managetab = "";
if (check_acl ($config['id_user'],$id_grupo, "AW") || $is_extra) { if (check_acl_one_of_groups ($config['id_user'],$all_groups, "AW") || $is_extra) {
$managetab['text'] ='<a href="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'">' $managetab['text'] ='<a href="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'">'
. html_print_image("images/setup.png", true, array ("title" => __('Manage'))) . html_print_image("images/setup.png", true, array ("title" => __('Manage')))
. '</a>'; . '</a>';
@ -1218,7 +1220,7 @@ if (enterprise_installed() && $config['log_collector']) {
/* eHorus tab */ /* eHorus tab */
if ($config['ehorus_enabled'] && !empty($config['ehorus_custom_field']) if ($config['ehorus_enabled'] && !empty($config['ehorus_custom_field'])
&& (check_acl($config['id_user'], $id_grupo, 'AW') || is_user_admin($config['id_user']))) { && (check_acl_one_of_groups($config['id_user'], $all_groups, 'AW') || is_user_admin($config['id_user']))) {
$ehorus_agent_id = agents_get_agent_custom_field($id_agente, $config['ehorus_custom_field']); $ehorus_agent_id = agents_get_agent_custom_field($id_agente, $config['ehorus_custom_field']);
if (!empty($ehorus_agent_id)) { if (!empty($ehorus_agent_id)) {
$tab_url = 'index.php?sec=estado&sec2=operation/agentes/ver_agente&tab=ehorus&id_agente='.$id_agente; $tab_url = 'index.php?sec=estado&sec2=operation/agentes/ver_agente&tab=ehorus&id_agente='.$id_agente;
@ -1292,7 +1294,7 @@ if (isset($ehorus_tab) && !empty($ehorus_tab)) {
//Tabs for extensions //Tabs for extensions
foreach ($config['extensions'] as $extension) { foreach ($config['extensions'] as $extension) {
if (isset($extension['extension_ope_tab']) && !isset($extension['extension_god_tab'])) { if (isset($extension['extension_ope_tab']) && !isset($extension['extension_god_tab'])) {
if (check_acl($config['id_user'], $id_grupo, $extension['extension_ope_tab']['acl'])) { if (check_acl_one_of_groups($config['id_user'], $all_groups, $extension['extension_ope_tab']['acl'])) {
//VMware extension is only available for VMware OS //VMware extension is only available for VMware OS
if ($extension['extension_ope_tab']['id'] === "vmware_manager") { if ($extension['extension_ope_tab']['id'] === "vmware_manager") {
//Check if OS is vmware //Check if OS is vmware

5
pandora_console/operation/events/events.build_query.php
View File

@ -51,11 +51,12 @@ if ($id_group > 0 && in_array ($id_group, array_keys ($groups))) {
} }
else { else {
//If a group is selected and it's in the groups allowed //If a group is selected and it's in the groups allowed
$sql_post = " AND id_grupo = $id_group"; $sql_post = " AND (id_grupo = $id_group OR id_group = $id_group)";
} }
} }
else { else {
$sql_post = " AND id_grupo IN (" . implode (",", array_keys ($groups)) . ")"; $sql_post = sprintf(" AND (id_grupo IN (%s) OR id_group IN (%s)) ",
implode (",", array_keys ($groups)), implode (",", array_keys ($groups)));
} }
// Skip system messages if user is not PM // Skip system messages if user is not PM

36
pandora_console/operation/events/events_list.php
View File

@ -739,30 +739,11 @@ echo "</div>";
$event_table = events_get_events_table($meta, $history); $event_table = events_get_events_table($meta, $history);
if ($group_rep == 0) { if ($group_rep == 0) {
switch ($config["dbtype"]) { $sql = "SELECT DISTINCT te.*, 1 event_rep
case "mysql": FROM $event_table te LEFT JOIN tagent_secondary_group tasg
$sql = "SELECT *, 1 event_rep ON te.id_agente = tasg.id_agent
FROM $event_table
WHERE 1=1 " . $sql_post . " WHERE 1=1 " . $sql_post . "
ORDER BY utimestamp DESC LIMIT ".$offset.",".$pagination; ORDER BY utimestamp DESC LIMIT ".$offset.",".$pagination;
break;
case "postgresql":
$sql = "SELECT *, 1 event_rep
FROM $event_table
WHERE 1=1 " . $sql_post . "
ORDER BY utimestamp DESC LIMIT ".$pagination." OFFSET ".$offset;
break;
case "oracle":
$set = array();
$set['limit'] = $pagination;
$set['offset'] = $offset;
$sql = "SELECT $event_table.*, 1 event_rep
FROM $event_table
WHERE 1=1 " . $sql_post . "
ORDER BY utimestamp DESC";
$sql = oracle_recode_query ($sql, $set);
break;
}
//Extract the events by filter (or not) from db //Extract the events by filter (or not) from db
$result = db_get_all_rows_sql ($sql); $result = db_get_all_rows_sql ($sql);
@ -827,8 +808,10 @@ if (($config['dbtype'] == 'oracle') && ($result !== false)) {
} }
if ($group_rep == 0) { if ($group_rep == 0) {
$sql = "SELECT COUNT(id_evento) $sql = "SELECT COUNT(DISTINCT id_evento)
FROM $event_table FROM $event_table te
LEFT JOIN tagent_secondary_group tasg
ON te.id_agente = tasg.id_agent
WHERE 1=1 $sql_post"; WHERE 1=1 $sql_post";
$total_events = (int) db_get_sql ($sql); $total_events = (int) db_get_sql ($sql);
} }
@ -837,7 +820,10 @@ elseif ($group_rep == 1) {
false, $meta, $history, true, false); false, $meta, $history, true, false);
} }
elseif ($group_rep == 2) { elseif ($group_rep == 2) {
$sql = "SELECT COUNT(*) FROM (select id_agente as total from $event_table WHERE id_agente > 0 $sql = "SELECT COUNT(*) FROM (select id_agente as total from $event_table te
LEFT JOIN tagent_secondary_group tasg
ON te.id_grupo = tasg.id_group
WHERE id_agente > 0
$sql_post GROUP BY id_agente ORDER BY id_agente ) AS t"; $sql_post GROUP BY id_agente ORDER BY id_agente ) AS t";
$total_events = (int) db_get_sql ($sql); $total_events = (int) db_get_sql ($sql);
} }

37
pandora_console/pandoradb.sql
View File

@ -82,6 +82,7 @@ CREATE TABLE IF NOT EXISTS `tagente` (
`fired_count` bigint(20) NOT NULL default '0', `fired_count` bigint(20) NOT NULL default '0',
`update_module_count` tinyint(1) NOT NULL default '0', `update_module_count` tinyint(1) NOT NULL default '0',
`update_alert_count` tinyint(1) NOT NULL default '0', `update_alert_count` tinyint(1) NOT NULL default '0',
`update_secondary_groups` tinyint(1) NOT NULL default '0',
`alias` varchar(600) BINARY NOT NULL default '', `alias` varchar(600) BINARY NOT NULL default '',
`transactional_agent` tinyint(1) NOT NULL default '0', `transactional_agent` tinyint(1) NOT NULL default '0',
`alias_as_name` tinyint(2) NOT NULL default '0', `alias_as_name` tinyint(2) NOT NULL default '0',
@ -1131,6 +1132,7 @@ CREATE TABLE IF NOT EXISTS `tusuario_perfil` (
`id_usuario` varchar(100) NOT NULL default '', `id_usuario` varchar(100) NOT NULL default '',
`id_perfil` int(10) unsigned NOT NULL default '0', `id_perfil` int(10) unsigned NOT NULL default '0',
`id_grupo` int(10) NOT NULL default '0', `id_grupo` int(10) NOT NULL default '0',
`is_secondary` tinyint(1) NOT NULL default 0,
`assigned_by` varchar(100) NOT NULL default '', `assigned_by` varchar(100) NOT NULL default '',
`id_policy` int(10) unsigned NOT NULL default '0', `id_policy` int(10) unsigned NOT NULL default '0',
`tags` text NOT NULL, `tags` text NOT NULL,
@ -2982,6 +2984,7 @@ CREATE TABLE IF NOT EXISTS `tmetaconsole_agent` (
`fired_count` bigint(20) NOT NULL default '0', `fired_count` bigint(20) NOT NULL default '0',
`update_module_count` tinyint(1) NOT NULL default '0', `update_module_count` tinyint(1) NOT NULL default '0',
`update_alert_count` tinyint(1) NOT NULL default '0', `update_alert_count` tinyint(1) NOT NULL default '0',
`update_secondary_groups` tinyint(1) NOT NULL default '0',
`transactional_agent` tinyint(1) NOT NULL default '0', `transactional_agent` tinyint(1) NOT NULL default '0',
`alias` varchar(600) BINARY NOT NULL default '', `alias` varchar(600) BINARY NOT NULL default '',
`alias_as_name` tinyint(2) NOT NULL default '0', `alias_as_name` tinyint(2) NOT NULL default '0',
@ -3140,3 +3143,37 @@ create table IF NOT EXISTS `tmigration_module_queue`(
ON DELETE CASCADE ON DELETE CASCADE
ON UPDATE CASCADE ON UPDATE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8; ) engine=InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
-- Table `tagent_secondary_group`
-- ---------------------------------------------------------------------
create table IF NOT EXISTS `tagent_secondary_group`(
`id` int unsigned not null auto_increment,
`id_agent` int(10) unsigned NOT NULL,
`id_group` mediumint(4) unsigned NOT NULL,
PRIMARY KEY(`id`),
FOREIGN KEY(`id_agent`) REFERENCES tagente(`id_agente`)
ON DELETE CASCADE,
FOREIGN KEY(`id_group`) REFERENCES tgrupo(`id_grupo`)
ON DELETE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
-- Table `tmetaconsole_agent_secondary_group`
-- ---------------------------------------------------------------------
create table IF NOT EXISTS `tmetaconsole_agent_secondary_group`(
`id` int unsigned not null auto_increment,
`id_agent` int(10) unsigned NOT NULL,
`id_tagente` int(10) unsigned NOT NULL,
`id_tmetaconsole_setup` int(10) NOT NULL,
`id_group` mediumint(4) unsigned NOT NULL,
PRIMARY KEY(`id`),
FOREIGN KEY(`id_agent`) REFERENCES tmetaconsole_agent(`id_agente`)
ON DELETE CASCADE,
FOREIGN KEY(`id_group`) REFERENCES tgrupo(`id_grupo`)
ON DELETE CASCADE,
FOREIGN KEY (`id_tmetaconsole_setup`) REFERENCES tmetaconsole_setup(`id`)
ON DELETE CASCADE
) engine=InnoDB DEFAULT CHARSET=utf8;

6
pandora_server/bin/pandora_server
View File

@ -293,7 +293,7 @@ sub pandora_server_tasks ($) {
if (($counter % 30) == 0) { if (($counter % 30) == 0) {
# Update module status and fired alert counts # Update module status and fired alert counts
my @agents = get_db_rows ($dbh, 'SELECT id_agente, nombre, update_module_count, update_alert_count FROM tagente WHERE disabled = 0 AND (update_module_count=1 OR update_alert_count=1)'); my @agents = get_db_rows ($dbh, 'SELECT id_agente, nombre, update_module_count, update_alert_count, update_secondary_groups FROM tagente WHERE disabled = 0 AND (update_module_count=1 OR update_alert_count=1 OR update_secondary_groups=1)');
foreach my $agent (@agents) { foreach my $agent (@agents) {
logger ($pa_config, "Updating module status and fired alert counts for agent " . $agent->{'nombre'}, 10); logger ($pa_config, "Updating module status and fired alert counts for agent " . $agent->{'nombre'}, 10);
@ -304,6 +304,10 @@ sub pandora_server_tasks ($) {
if ($agent->{'update_alert_count'} == 1) { if ($agent->{'update_alert_count'} == 1) {
pandora_update_agent_alert_count ($pa_config, $dbh, $agent->{'id_agente'}); pandora_update_agent_alert_count ($pa_config, $dbh, $agent->{'id_agente'});
} }
if ($agent->{'update_secondary_groups'} == 1) {
pandora_update_secondary_groups_cache ($pa_config, $dbh, $agent->{'id_agente'});
}
} }
# Keepalive module control.(very DB intensive, not run frecuently # Keepalive module control.(very DB intensive, not run frecuently

15
pandora_server/lib/PandoraFMS/Core.pm
View File

@ -92,6 +92,8 @@ Exported Functions:
=item * C<pandora_update_server> =item * C<pandora_update_server>
=item * C<pandora_update_secondary_groups_cache>
=item * C<pandora_group_statistics> =item * C<pandora_group_statistics>
=item * C<pandora_server_statistics> =item * C<pandora_server_statistics>
@ -221,6 +223,7 @@ our @EXPORT = qw(
pandora_update_gis_data pandora_update_gis_data
pandora_update_module_on_error pandora_update_module_on_error
pandora_update_module_from_hash pandora_update_module_from_hash
pandora_update_secondary_groups_cache
pandora_update_server pandora_update_server
pandora_update_table_from_hash pandora_update_table_from_hash
pandora_update_template_module pandora_update_template_module
@ -5211,6 +5214,18 @@ sub pandora_update_agent_alert_count ($$$) {
enterprise_hook('update_agent_cache', [$pa_config, $dbh, $agent_id]) if ($pa_config->{'node_metaconsole'} == 1); enterprise_hook('update_agent_cache', [$pa_config, $dbh, $agent_id]) if ($pa_config->{'node_metaconsole'} == 1);
} }
##########################################################################
# Update the secondary group cache.
##########################################################################
sub pandora_update_secondary_groups_cache ($$$) {
my ($pa_config, $dbh, $agent_id) = @_;
db_do ($dbh, 'UPDATE tagente SET update_secondary_groups=0 WHERE id_agente = ' . $agent_id);
# Sync the agent cache every time the module count is updated.
enterprise_hook('update_agent_cache', [$pa_config, $dbh, $agent_id]) if ($pa_config->{'node_metaconsole'} == 1);
}
######################################################################## ########################################################################
# SUB pandora_get_os (string) # SUB pandora_get_os (string)
# Detect OS using a string, and return id_os # Detect OS using a string, and return id_os

3
pandora_server/lib/PandoraFMS/DataServer.pm
View File

@ -370,6 +370,9 @@ sub process_xml_data ($$$$$) {
return; return;
} }
# Update the secondary groups
enterprise_hook('add_secondary_groups_name', [$pa_config, $dbh, $agent_id, $data->{'secondary_groups'}]);
# This agent is new. # This agent is new.
$new_agent = 1; $new_agent = 1;