From 7655c236371f288909c25c5074e4c5c198fea26d Mon Sep 17 00:00:00 2001 From: Daniel Barbero Date: Wed, 2 Nov 2022 13:40:23 +0100 Subject: [PATCH 1/4] fix api get events pandora_enterprise#9723 --- pandora_console/include/functions_api.php | 544 +++++-------------- pandora_console/include/functions_events.php | 8 +- 2 files changed, 140 insertions(+), 412 deletions(-) diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php index 0f5f01590d..260bd2c166 100644 --- a/pandora_console/include/functions_api.php +++ b/pandora_console/include/functions_api.php @@ -64,6 +64,7 @@ use PandoraFMS\Agent; use PandoraFMS\Module; use PandoraFMS\Enterprise\Cluster; use PandoraFMS\Enterprise\Metaconsole\Node; +use PandoraFMS\Event; use PandoraFMS\SpecialDay; @@ -11228,366 +11229,6 @@ function api_set_gis_agent($id_agent, $trash1, $other, $return_type, $user_in_db } -function get_events_with_user($trash1, $trash2, $other, $returnType, $user_in_db) -{ - global $config; - - $table_events = 'tevento'; - - // By default. - $status = 3; - $search = ''; - $event_type = ''; - $severity = -1; - $id_agent = -1; - $id_agentmodule = -1; - $id_alert_am = -1; - $id_event = -1; - $id_user_ack = 0; - $event_view_hr = 0; - $tag = ''; - $group_rep = EVENT_GROUP_REP_ALL; - $utimestamp_upper = 0; - $utimestamp_bottom = 0; - $id_alert_template = -1; - - $use_agent_name = ($other['data'][16] === '1') ? true : false; - - $filter = otherParameter2Filter($other, true, $use_agent_name); - - if (isset($filter['criticity'])) { - $severity = $filter['criticity']; - } - - if (isset($filter['id_agente'])) { - $id_agent = $filter['id_agente']; - } - - if (isset($filter['id_agentmodule'])) { - $id_agentmodule = $filter['id_agentmodule'][0]; - } - - if (isset($filter['id_alert_am'])) { - $id_alert_am = $filter['id_alert_am']; - } - - if (isset($filter['id_usuario'])) { - $id_user_ack = $filter['id_usuario']; - } - - if (isset($filter['estado'])) { - $status = $filter['estado']; - } - - if (isset($filter['evento'])) { - $search = $filter['evento']; - } - - if (isset($filter['id_alert_template'])) { - $id_alert_template = $filter['id_alert_template']; - } - - $id_group = (int) $filter['id_group']; - - $user_groups = users_get_groups($user_in_db, 'ER'); - $user_id_groups = []; - if (!empty($user_groups)) { - $user_id_groups = array_keys($user_groups); - } - - $is_admin = (bool) db_get_value( - 'is_admin', - 'tusuario', - 'id_user', - $user_in_db - ); - - if (isset($filter['id_group'])) { - // The admin can see all groups - if ($is_admin) { - if (($id_group !== -1) && ($id_group !== 0)) { - $id_groups = [$id_group]; - } - } else { - if (empty($id_group)) { - $id_groups = $user_id_groups; - } else { - if (in_array($id_group, $user_id_groups)) { - $id_groups = [$id_group]; - } else { - $id_groups = []; - } - } - } - } else { - if (!$is_admin) { - $id_groups = $user_id_groups; - } - } - - if (isset($filter['tag'])) { - $tag = $filter['tag']; - } - - if (isset($filter['event_type'])) { - $event_type = $filter['event_type']; - } - - if ($filter['utimestamp']) { - if (isset($filter['utimestamp']['>'])) { - $utimestamp_upper = $filter['utimestamp']['>']; - } - - if (isset($filter['utimestamp']['<'])) { - $utimestamp_bottom = $filter['utimestamp']['<']; - } - } - - // TODO MOVE THIS CODE AND THE CODE IN pandora_console/operation/events/events_list.php - // to a function. - $sql_post = ''; - - if (!empty($id_groups)) { - $sql_post = ' AND id_grupo IN ('.implode(',', $id_groups).')'; - } else { - // The admin can see all groups - if (!$is_admin) { - $sql_post = ' AND 1=0'; - } - } - - // Skip system messages if user is not PM - if (!check_acl($user_in_db, 0, 'PM')) { - $sql_post .= ' AND id_grupo != 0'; - } - - switch ($status) { - case 0: - case 1: - case 2: - $sql_post .= ' AND estado = '.$status; - break; - - case 3: - $sql_post .= ' AND (estado = 0 OR estado = 2)'; - break; - } - - if ($search != '') { - $sql_post .= " AND evento LIKE '%".io_safe_input($search)."%'"; - } - - if ($event_type != '') { - // If normal, warning, could be several (going_up_warning, going_down_warning... too complex - // for the user so for him is presented only "warning, critical and normal" - if ($event_type == 'warning' || $event_type == 'critical' || $event_type == 'normal') { - $sql_post .= " AND event_type LIKE '%$event_type%' "; - } else if ($event_type == 'not_normal') { - $sql_post .= " AND ( event_type LIKE '%warning%' - OR event_type LIKE '%critical%' OR event_type LIKE '%unknown%' ) "; - } else { - $sql_post .= " AND event_type = '".$event_type."'"; - } - } - - if ($severity != -1) { - $sql_post .= ' AND criticity = '.$severity; - } - - if ($id_agent != -1) { - $sql_post .= ' AND id_agente = '.$id_agent; - } - - if ($id_agentmodule != -1) { - $sql_post .= ' AND id_agentmodule = '.$id_agentmodule; - } - - if ($id_event != -1) { - $sql_post .= ' AND id_evento = '.$id_event; - } - - if ($id_user_ack != '0') { - $sql_post .= " AND id_usuario = '".$id_user_ack."'"; - } - - if ($utimestamp_upper != 0) { - $sql_post .= ' AND utimestamp >= '.$utimestamp_upper; - } - - if ($utimestamp_bottom != 0) { - $sql_post .= ' AND utimestamp <= '.$utimestamp_bottom; - } - - if ($event_view_hr > 0) { - // Put hours in seconds - $unixtime = (get_system_time() - ($event_view_hr * SECONDS_1HOUR)); - $sql_post .= ' AND (utimestamp > '.$unixtime.' OR estado = 2)'; - } - - // Search by tag - if ($tag != '') { - $sql_post .= " AND tags LIKE '".io_safe_input($tag)."'"; - } - - // Inject the raw sql - if (isset($filter['sql'])) { - $sql_post .= ' AND ('.$filter['sql'].') '; - } - - // Inject agent ID filter (it is set as the first numeric key in filter array). - if (isset($filter[0]) === true) { - $sql_post .= ' AND '.$filter[0]; - } - - if ($id_alert_template !== -1) { - $sql_post .= ' AND talert_template_modules.id_alert_template = '.$id_alert_template; - } - - $alert_join = ''; - - if ($id_alert_template !== -1) { - $alert_join = ' INNER JOIN talert_template_modules ON '.$table_events.'.id_alert_am=talert_template_modules.id'; - } - - if ($group_rep == EVENT_GROUP_REP_ALL) { - if ($filter['total']) { - $sql = 'SELECT COUNT(*) - FROM '.$table_events.' - WHERE 1=1 '.$sql_post; - } else if ($filter['more_criticity']) { - $sql = 'SELECT criticity - FROM '.$table_events.' - WHERE 1=1 '.$sql_post.' - ORDER BY criticity DESC - LIMIT 1'; - } else { - if (is_metaconsole() === true) { - $sql = 'SELECT *, - (SELECT t2.nombre - FROM tgrupo t2 - WHERE t2.id_grupo = '.$table_events.'.id_grupo) AS group_name, - (SELECT t2.icon - FROM tgrupo t2 - WHERE t2.id_grupo = '.$table_events.'.id_grupo) AS group_icon - FROM '.$table_events.$alert_join.' - WHERE 1=1 '.$sql_post.' - ORDER BY utimestamp DESC'; - } else { - $sql = 'SELECT *, - (SELECT t1.alias - FROM tagente t1 - WHERE t1.id_agente = tevento.id_agente) AS agent_name, - (SELECT t2.nombre - FROM tgrupo t2 - WHERE t2.id_grupo = tevento.id_grupo) AS group_name, - (SELECT t2.icon - FROM tgrupo t2 - WHERE t2.id_grupo = tevento.id_grupo) AS group_icon, - (SELECT tmodule.name - FROM tmodule - WHERE id_module IN ( - SELECT tagente_modulo.id_modulo - FROM tagente_modulo - WHERE tagente_modulo.id_agente_modulo=tevento.id_agentmodule)) AS module_name - FROM '.$table_events.$alert_join.' - WHERE 1=1 '.$sql_post.' - ORDER BY utimestamp DESC'; - } - } - } else { - db_process_sql('SET group_concat_max_len = 9999999'); - - $sql = "SELECT *, MAX(id_evento) AS id_evento, - GROUP_CONCAT(DISTINCT user_comment SEPARATOR '') AS user_comment, - MIN(estado) AS min_estado, MAX(estado) AS max_estado, - COUNT(*) AS event_rep, MAX(utimestamp) AS timestamp_last - FROM ".$table_events.' - WHERE 1=1 '.$sql_post.' - GROUP BY evento, id_agentmodule - ORDER BY timestamp_last DESC'; - } - - if ($other['type'] == 'string') { - if ($other['data'] != '') { - returnError('Parameter error.'); - return; - } else { - // Default values - $separator = ';'; - } - } else if ($other['type'] == 'array') { - $separator = $other['data'][0]; - } - - $result = db_get_all_rows_sql($sql); - - if (($result !== false) - && (!$filter['total']) - && (!$filter['more_criticity']) - ) { - $urlImage = ui_get_full_url(false); - - // Add the description and image - foreach ($result as $key => $row) { - if (defined('METACONSOLE')) { - $row['agent_name'] = agents_meta_get_name( - $row['id_agente'], - 'none', - $row['server_id'] - ); - - $row['module_name'] = meta_modules_get_name( - $row['id_agentmodule'], - $row['server_id'] - ); - } - - // FOR THE TEST THE API IN THE ANDROID - // $row['evento'] = $row['id_evento']; - $row['description_event'] = events_print_type_description($row['event_type'], true); - $row['img_description'] = events_print_type_img($row['event_type'], true, true); - $row['criticity_name'] = get_priority_name($row['criticity']); - - switch ($row['criticity']) { - default: - case EVENT_CRIT_MAINTENANCE: - $img_sev = $urlImage.'/images/status_sets/default/severity_maintenance.png'; - break; - case EVENT_CRIT_INFORMATIONAL: - $img_sev = $urlImage.'/images/status_sets/default/severity_informational.png'; - break; - - case EVENT_CRIT_NORMAL: - $img_sev = $urlImage.'/images/status_sets/default/severity_normal.png'; - break; - - case EVENT_CRIT_WARNING: - $img_sev = $urlImage.'/images/status_sets/default/severity_warning.png'; - break; - - case EVENT_CRIT_CRITICAL: - $img_sev = $urlImage.'/images/status_sets/default/severity_critical.png'; - break; - } - - $row['img_criticy'] = $img_sev; - - $result[$key] = $row; - } - } - - $data['type'] = 'array'; - $data['data'] = $result; - - returnData($returnType, $data, $separator); - if (empty($result)) { - return false; - } - - return true; -} - - /** * Update an event * @@ -11657,71 +11298,158 @@ function api_set_event($id_event, $unused1, $params, $unused2, $unused3) /** + * Get events. * * @param $trash1 * @param $trah2 * @param $other * @param $returnType - * @param $user_in_db */ -function api_get_events($node_id, $trash2, $other, $returnType, $user_in_db=null) +function api_get_events($node_id, $trash2, $other, $returnType) { - if ($user_in_db !== null) { - $correct = get_events_with_user( - $trash1, - $trash2, - $other, - $returnType, - $user_in_db - ); + $separator = (isset($other['data'][0]) === true && empty($other['data'][0]) === false) ? $other['data'][0] : ';'; - $last_error = error_get_last(); - if (!$correct && !empty($last_error)) { - $errors = [ - E_ERROR, - E_WARNING, - E_USER_ERROR, - E_USER_WARNING, - ]; - if (in_array($last_error['type'], $errors)) { - returnError('ERROR_API_PANDORAFMS', $returnType); - } - } - - return; - } - - if ($other['type'] == 'string') { - if ($other['data'] != '') { - returnError('Parameter error.'); - return; + if (is_metaconsole() === true) { + if (empty($node_id) === true && (int) $node_id !== 0) { + $node_id = array_keys(metaconsole_get_names(['disabled' => 0])); + $node_id[] = 0; } else { - // Default values - $separator = ';'; + $node_id = [(int) $node_id]; } - } else if ($other['type'] == 'array') { - $separator = $other['data'][0]; - - // By default it uses agent alias. - $use_agent_name = ($other['data'][16] === '1') ? true : false; - - $filterString = otherParameter2Filter($other, false, $use_agent_name); + } else { + $node_id = 0; } - $dataRows = db_get_all_rows_filter('tevento', $filterString); + $filters = [ + 'group_rep' => EVENT_GROUP_REP_ALL, + 'severity' => (isset($other['data'][1]) === true) ? $other['data'][1] : null, + 'agent_alias' => (isset($other['data'][2]) === true) ? $other['data'][2] : null, + 'module_search' => (isset($other['data'][3]) === true) ? $other['data'][3] : null, + 'filter_only_alert' => (isset($other['data'][4]) === true) ? $other['data'][4] : null, + 'id_user_ack' => (isset($other['data'][5]) === true) ? $other['data'][5] : null, + 'date_from' => (isset($other['data'][6]) === true && empty($other['data'][6]) === false) ? date('y-m-d', $other['data'][6]) : null, + 'date_to' => (isset($other['data'][7]) === true && empty($other['data'][7]) === false) ? date('y-m-d', $other['data'][7]) : null, + 'time_from' => (isset($other['data'][6]) === true && empty($other['data'][6]) === false) ? date('h:i:s', $other['data'][6]) : null, + 'time_to' => (isset($other['data'][7]) === true && empty($other['data'][7]) === false) ? date('h:i:s', $other['data'][7]) : null, + 'status' => (isset($other['data'][8]) === true) ? $other['data'][8] : null, + 'search' => (isset($other['data'][9]) === true) ? $other['data'][9] : null, + 'id_group_filter' => (isset($other['data'][13]) === true) ? $other['data'][13] : null, + 'tag_with' => (isset($other['data'][14]) === true) ? $other['data'][14] : null, + 'event_type' => (isset($other['data'][15]) === true) ? $other['data'][15] : null, + 'id_server' => $node_id, + ]; - $last_error = error_get_last(); - if (empty($dataRows)) { - if (!empty($last_error)) { - returnError('ERROR_API_PANDORAFMS', $returnType); - - return; + $limit = null; + if (isset($other['data'][10]) === true) { + if (empty($other['data'][10]) === true) { + $limit = 0; + } else { + $limit = $other['data'][10]; } } - $data['type'] = 'array'; - $data['data'] = $dataRows; + $offset = null; + if (isset($other['data'][11]) === true) { + if (empty($other['data'][11]) === true) { + $offset = 0; + } else { + $offset = $other['data'][11]; + } + } + $fields = ['te.*']; + $order_direction = 'desc'; + $order_field = 'te.utimestamp'; + $filter_total = false; + if (isset($other['data'][12]) === true + && empty($other['data'][12]) === false + ) { + $filter_total = true; + if ($other['data'][12] === 'total') { + $fields = ['count']; + $limit = null; + $offset = null; + } else if ($other['data'][12] === 'more_criticity') { + $fields = ['te.criticity']; + $order_direction = 'desc'; + $order_field = 'te.criticity'; + $limit = 1; + $offset = 0; + } + } + + $events = Event::search( + $fields, + $filters, + $offset, + $limit, + $order_direction, + $order_field + ); + + $result = $events; + if (is_metaconsole() === true && empty($limit) === false) { + $result = $events['data']; + } + + if (is_array($result) === true && $filter_total === false) { + $urlImage = ui_get_full_url(false); + + // Add the description and image. + foreach ($result as $key => $row) { + if (is_metaconsole() === true) { + if (empty($row['id_agente']) === false) { + $row['agent_name'] = agents_meta_get_name( + $row['id_agente'], + 'none', + $row['server_id'] + ); + } + + if (empty($row['id_agentmodule']) === false) { + $row['module_name'] = meta_modules_get_name( + $row['id_agentmodule'], + $row['server_id'] + ); + } + } + + // FOR THE TEST THE API IN THE ANDROID. + $row['description_event'] = events_print_type_description($row['event_type'], true); + $row['img_description'] = events_print_type_img($row['event_type'], true, true); + $row['criticity_name'] = get_priority_name($row['criticity']); + + switch ($row['criticity']) { + default: + case EVENT_CRIT_MAINTENANCE: + $img_sev = $urlImage.'/images/status_sets/default/severity_maintenance.png'; + break; + + case EVENT_CRIT_INFORMATIONAL: + $img_sev = $urlImage.'/images/status_sets/default/severity_informational.png'; + break; + + case EVENT_CRIT_NORMAL: + $img_sev = $urlImage.'/images/status_sets/default/severity_normal.png'; + break; + + case EVENT_CRIT_WARNING: + $img_sev = $urlImage.'/images/status_sets/default/severity_warning.png'; + break; + + case EVENT_CRIT_CRITICAL: + $img_sev = $urlImage.'/images/status_sets/default/severity_critical.png'; + break; + } + + $row['img_criticy'] = $img_sev; + + $result[$key] = $row; + } + } + + $data['type'] = $returnType; + $data['data'] = $result; returnData($returnType, $data, $separator); return; } diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index 3aa121ec6a..7a70d3bcd7 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -1311,7 +1311,7 @@ function events_get_all( 'te.', // Alt table tag for id_grupo. $user_admin_group_all, - (bool) $filter['search_secondary_groups'] + (bool) (isset($filter['search_secondary_groups']) === true) ? $filter['search_secondary_groups'] : false ); // FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)". } else if (check_acl($config['id_user'], 0, 'EW')) { @@ -1338,7 +1338,7 @@ function events_get_all( 'te.', // Alt table tag for id_grupo. $user_admin_group_all, - (bool) $filter['search_secondary_groups'] + (bool) (isset($filter['search_secondary_groups']) === true) ? $filter['search_secondary_groups'] : false ); // FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)". } else if (check_acl($config['id_user'], 0, 'EM')) { @@ -1365,7 +1365,7 @@ function events_get_all( 'te.', // Alt table tag for id_grupo. $user_admin_group_all, - (bool) $filter['search_secondary_groups'] + (bool) (isset($filter['search_secondary_groups']) === true) ? $filter['search_secondary_groups'] : false ); // FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)". } @@ -1870,7 +1870,7 @@ function events_get_all( return $return; } else { - return $data; + return ['count' => count($data)]; } } From b8939cb6244255b99c94c914aba6c62808778767 Mon Sep 17 00:00:00 2001 From: Daniel Barbero Date: Tue, 8 Nov 2022 09:00:25 +0100 Subject: [PATCH 2/4] fix api get agent criticity pandora_enterprise#9723 --- pandora_console/include/functions_events.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index 7a70d3bcd7..d7854b81c3 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -800,7 +800,7 @@ function events_get_all( } } - if (isset($filter['severity']) === true && $filter['severity'] > 0) { + if (isset($filter['severity']) === true) { if (is_array($filter['severity']) === true) { if (in_array(-1, $filter['severity']) === false) { $not_normal = array_search(EVENT_CRIT_NOT_NORMAL, $filter['severity']); From c16901a5e2bef83a4a4ad8d7600045ce9e742515 Mon Sep 17 00:00:00 2001 From: Daniel Barbero Date: Thu, 10 Nov 2022 09:19:32 +0100 Subject: [PATCH 3/4] fixed get events API pandora_enterprise#9723 --- pandora_console/include/functions_api.php | 2 +- pandora_console/include/functions_events.php | 11 ++--------- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php index 260bd2c166..cbeb0ead02 100644 --- a/pandora_console/include/functions_api.php +++ b/pandora_console/include/functions_api.php @@ -11310,7 +11310,7 @@ function api_get_events($node_id, $trash2, $other, $returnType) $separator = (isset($other['data'][0]) === true && empty($other['data'][0]) === false) ? $other['data'][0] : ';'; if (is_metaconsole() === true) { - if (empty($node_id) === true && (int) $node_id !== 0) { + if (empty($node_id) === true && $node_id != 0) { $node_id = array_keys(metaconsole_get_names(['disabled' => 0])); $node_id[] = 0; } else { diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index d7854b81c3..df90f261cd 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -800,7 +800,7 @@ function events_get_all( } } - if (isset($filter['severity']) === true) { + if (isset($filter['severity']) === true && $filter['severity'] !== '') { if (is_array($filter['severity']) === true) { if (in_array(-1, $filter['severity']) === false) { $not_normal = array_search(EVENT_CRIT_NOT_NORMAL, $filter['severity']); @@ -1033,14 +1033,13 @@ function events_get_all( // Prepare agent join sql filters. $table = 'tevento'; $tevento = 'tevento te'; - $agent_join_filters = []; $tagente_table = 'tagente'; $tagente_field = 'id_agente'; $conditionMetaconsole = ''; // Agent alias. if (empty($filter['agent_alias']) === false) { - $agent_join_filters[] = sprintf( + $sql_filters[] = sprintf( ' AND ta.alias = "%s" ', $filter['agent_alias'] ); @@ -1561,7 +1560,6 @@ function events_get_all( %s JOIN %s ta ON ta.%s = te.id_agente %s - %s %s JOIN tgrupo tg ON %s WHERE 1=1 @@ -1577,7 +1575,6 @@ function events_get_all( %s JOIN %s ta ON ta.%s = te.id_agente %s - %s %s JOIN tgrupo tg ON %s %s @@ -1593,7 +1590,6 @@ function events_get_all( $tagente_table, $tagente_field, $conditionMetaconsole, - join(' ', $agent_join_filters), $tgrupo_join, join(' ', $tgrupo_join_filters), join(' ', $sql_filters), @@ -1607,7 +1603,6 @@ function events_get_all( $tagente_table, $tagente_field, $conditionMetaconsole, - join(' ', $agent_join_filters), $tgrupo_join, join(' ', $tgrupo_join_filters), join(' ', $sql_filters), @@ -1623,7 +1618,6 @@ function events_get_all( %s JOIN %s ta ON ta.%s = te.id_agente %s - %s %s JOIN tgrupo tg ON %s WHERE 1=1 @@ -1642,7 +1636,6 @@ function events_get_all( $tagente_table, $tagente_field, $conditionMetaconsole, - join(' ', $agent_join_filters), $tgrupo_join, join(' ', $tgrupo_join_filters), join(' ', $sql_filters), From e003d0d13a71bd117587447f2fe908d50bcfec53 Mon Sep 17 00:00:00 2001 From: Daniel Barbero Date: Fri, 11 Nov 2022 08:55:20 +0100 Subject: [PATCH 4/4] fixed get events API pandora_enterprise#9723 --- pandora_console/include/functions_api.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php index cbeb0ead02..c179303c7a 100644 --- a/pandora_console/include/functions_api.php +++ b/pandora_console/include/functions_api.php @@ -11355,6 +11355,10 @@ function api_get_events($node_id, $trash2, $other, $returnType) } else { $offset = $other['data'][11]; } + } else { + if (isset($other['data'][10]) === true) { + $offset = 0; + } } $fields = ['te.*'];