tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

new api 2.0

This commit is contained in:
daniel 2024-02-09 10:53:32 +01:00
parent 181f3ae7b3
commit 6a7dd0de9b
5 changed files with 102 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
pandora_console/include/lib/Modules/Events/Filters/Validations/EventFilterValidation.php
View File

@ -2,12 +2,14 @@
namespace PandoraFMS\Modules\Events\Filters\Validations;
use PandoraFMS\Agent;
use PandoraFMS\Module;
use PandoraFMS\Modules\Events\Enums\EventSeverityEnum;
use PandoraFMS\Modules\Events\Filters\Entities\EventFilter;
use PandoraFMS\Modules\Events\Filters\Enums\EventFilterAlertEnum;
use PandoraFMS\Modules\Events\Filters\Enums\EventFilterGroupByEnum;
use PandoraFMS\Modules\Events\Filters\Enums\EventFilterStatusEnum;
use PandoraFMS\Modules\Events\Filters\Services\ExistNameEventFilterService;
use PandoraFMS\Modules\Events\Enums\EventSeverityEnum;
use PandoraFMS\Modules\Groups\Services\GetGroupService;
use PandoraFMS\Modules\Shared\Exceptions\BadRequestException;
use PandoraFMS\Modules\Tags\Services\GetTagService;
@ -114,7 +116,10 @@ final class EventFilterValidation
}
if (empty($eventFilter->getIdAgentModule()) === false) {
$this->validateAgentModule($eventFilter->getIdAgentModule());
$this->validateAgentModule(
$eventFilter->getIdAgentModule(),
$eventFilter->getIdAgent()
);
}
if (empty($eventFilter->getServerId()) === false) {
@ -146,11 +151,42 @@ final class EventFilterValidation
protected function validateAgent(int $idAgent): void
{
// TODO: create new service for this.
try {
new Agent($idAgent);
} catch (\Exception $e) {
throw new BadRequestException(
__('Invalid id agent, %s', $e->getMessage())
);
}
}
protected function validateAgentModule(int $idAgentModule): void
protected function validateAgentModule(int $idAgentModule, ?int $idAgent = 0): void
{
// TODO: create new service for this.
try {
if(empty($idAgent) === false) {
$agent = new Agent($idAgent);
$existModule = $agent->searchModules(
['id_agente_modulo' => $idAgentModule],
1
);
if (empty($existModule) === true) {
throw new BadRequestException(
__(
'Id agent module not exist in agent %s',
io_safe_output($agent->alias())
)
);
}
} else {
new Module($idAgentModule);
}
} catch (\Exception $e) {
throw new BadRequestException(
__('Invalid id agent module, %s', $e->getMessage())
);
}
}
protected function validateNodes(array $nodes): void

48
pandora_console/include/lib/Modules/Events/Validations/EventValidation.php
View File

@ -2,12 +2,14 @@
namespace PandoraFMS\Modules\Events\Validations;
use PandoraFMS\Modules\Shared\Services\Config;
use PandoraFMS\Agent;
use PandoraFMS\Module;
use PandoraFMS\Modules\Events\Entities\Event;
use PandoraFMS\Modules\Events\Enums\EventSeverityEnum;
use PandoraFMS\Modules\Events\Enums\EventStatusEnum;
use PandoraFMS\Modules\Groups\Services\GetGroupService;
use PandoraFMS\Modules\Shared\Exceptions\BadRequestException;
use PandoraFMS\Modules\Shared\Services\Config;
use PandoraFMS\Modules\Shared\Services\Timestamp;
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
use PandoraFMS\Modules\Users\Services\GetUserService;
@ -51,7 +53,7 @@ final class EventValidation
}
if (empty($event->getIdAgentModule()) === false) {
$this->validateAgentModule($event->getIdAgentModule());
$this->validateAgentModule($event->getIdAgentModule(), $event->getIdAgent());
}
if ($event->getIdUser() === null) {
@ -114,21 +116,43 @@ final class EventValidation
protected function validateAgent(int $idAgent): void
{
$filter = ['id_agente' => $idAgent];
if(\is_metaconsole() === true) {
$agent = \agents_get_meta_agents($filter);
} else {
$agent = \agents_get_agents($filter);
}
if (! (bool) $agent) {
throw new BadRequestException(__('Invalid id agent'));
// TODO: create new service for this.
try {
new Agent($idAgent);
} catch (\Exception $e) {
throw new BadRequestException(
__('Invalid id agent, %s', $e->getMessage())
);
}
}
protected function validateAgentModule(int $idAgentModule): void
protected function validateAgentModule(int $idAgentModule, ?int $idAgent = 0): void
{
// TODO: create new service for this.
try {
if(empty($idAgent) === false) {
$agent = new Agent($idAgent);
$existModule = $agent->searchModules(
['id_agente_modulo' => $idAgentModule],
1
);
if (empty($existModule) === true) {
throw new BadRequestException(
__(
'Id agent module not exist in agent %s',
io_safe_output($agent->alias())
)
);
}
} else {
new Module($idAgentModule);
}
} catch (\Exception $e) {
throw new BadRequestException(
__('Invalid id agent module, %s', $e->getMessage())
);
}
}
protected function validateAlert(int $idAlert): void

2
pandora_console/include/lib/Modules/Groups/Controllers/CreateGroupController.php
View File

@ -42,6 +42,8 @@ final class CreateGroupController extends Controller
$this->acl->validate(0, 'UM', ' tried to manage user for groups');
$this->acl->validateUserCanManageAll('PM');
$this->management->isManagementAllowed('Group', true);
$result = $this->createGroupAction->__invoke($group);

17
pandora_console/include/lib/Modules/Groups/Repositories/GroupRepositoryMySQL.php
View File

@ -118,12 +118,17 @@ class GroupRepositoryMySQL extends RepositoryMySQL implements GroupRepository
// Check ACL for user list.
if (users_can_manage_group_all('AR') === false) {
$user_groups_acl = users_get_groups(false, 'AR', false);
if (empty($user_groups_acl) === false) {
$filters .= sprintf(
' AND tgrupo.id_grupo IN (%s)',
implode(',', array_keys($user_groups_acl))
);
// Si no tiene ningun grupo y no es administrador,
// se fuerza a que busque en el grupo 0, que no existe,
// ya que no tendra accesoa a ningun grupo.
if (empty($user_groups_acl) === true) {
$user_groups_acl = [0];
}
$filters .= sprintf(
' AND tgrupo.id_grupo IN (%s)',
implode(',', array_keys($user_groups_acl))
);
}
if ($count === false) {
@ -159,6 +164,8 @@ class GroupRepositoryMySQL extends RepositoryMySQL implements GroupRepository
$pagination
);
hd($sql, true);
return $sql;
}
}

15
pandora_console/include/lib/Modules/Shared/Services/ValidateAclSystem.php
View File

@ -81,13 +81,24 @@ class ValidateAclSystem
}
}
public function validateUserAdmin(
): void {
public function validateUserAdmin(): void
{
if ((bool) \users_is_admin() === false) {
throw new ForbiddenACLException(__('ACL Forbidden only administrator access'));
}
}
public function validateUserCanManageAll($acl = 'PM'): void
{
if ((bool) \users_is_admin() === false
&& (bool) \users_can_manage_group_all($acl) === false
) {
throw new ForbiddenACLException(
__('ACL Forbidden only administrator access or pandora manage all groups')
);
}
}
public function validateUserProfile(
int $idProfile
): void {