tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop' into ent-9423-respuestas-de-evento-en-metaconsola-usan-configuracion-de-nodo

This commit is contained in:
Daniel Barbero 2022-09-27 09:52:24 +02:00
parent fbce8b7533 fa8386194c
commit 7bedb8ecf7
36 changed files with 404 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_agents/unix/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-agent-unix
Version: 7.0NG.764-220923
Version: 7.0NG.764-220927
Architecture: all
Priority: optional
Section: admin

2
pandora_agents/unix/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.764-220923"
pandora_version="7.0NG.764-220927"
echo "Test if you has the tools for to make the packages."
whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null

2
pandora_agents/unix/pandora_agent
View File

@ -1015,7 +1015,7 @@ my $Sem = undef;
my $ThreadSem = undef;
use constant AGENT_VERSION => '7.0NG.764';
use constant AGENT_BUILD => '220923';
use constant AGENT_BUILD => '220927';
# Agent log default file size maximum and instances
use constant DEFAULT_MAX_LOG_SIZE => 600000;

2
pandora_agents/unix/pandora_agent.redhat.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_agent_unix
%define version 7.0NG.764
%define release 220923
%define release 220927
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

2
pandora_agents/unix/pandora_agent.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_agent_unix
%define version 7.0NG.764
%define release 220923
%define release 220927
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

2
pandora_agents/unix/pandora_agent_installer
View File

@ -10,7 +10,7 @@
# **********************************************************************
PI_VERSION="7.0NG.764"
PI_BUILD="220923"
PI_BUILD="220927"
OS_NAME=`uname -s`
FORCE=0

2
pandora_agents/win32/installer/pandora.mpi
View File

@ -186,7 +186,7 @@ UpgradeApplicationID
{}
Version
{220923}
{220927}
ViewReadme
{Yes}

2
pandora_agents/win32/pandora.cc
View File

@ -30,7 +30,7 @@ using namespace Pandora;
using namespace Pandora_Strutils;
#define PATH_SIZE _MAX_PATH+1
#define PANDORA_VERSION ("7.0NG.764 Build 220923")
#define PANDORA_VERSION ("7.0NG.764 Build 220927")
string pandora_path;
string pandora_dir;

2
pandora_agents/win32/versioninfo.rc
View File

@ -11,7 +11,7 @@ BEGIN
VALUE "LegalCopyright", "Artica ST"
VALUE "OriginalFilename", "PandoraAgent.exe"
VALUE "ProductName", "Pandora FMS Windows Agent"
VALUE "ProductVersion", "(7.0NG.764(Build 220923))"
VALUE "ProductVersion", "(7.0NG.764(Build 220927))"
VALUE "FileVersion", "1.0.0.0"
END
END

2
pandora_console/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-console
Version: 7.0NG.764-220923
Version: 7.0NG.764-220927
Architecture: all
Priority: optional
Section: admin

2
pandora_console/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.764-220923"
pandora_version="7.0NG.764-220927"
package_pear=0
package_pandora=1

3
pandora_console/extras/mr/57.sql
View File

@ -3,6 +3,9 @@ START TRANSACTION;
ALTER TABLE `tplanned_downtime` ADD COLUMN `cron_interval_from` VARCHAR(100) DEFAULT '';
ALTER TABLE `tplanned_downtime` ADD COLUMN `cron_interval_to` VARCHAR(100) DEFAULT '';
ALTER TABLE `tusuario` ADD COLUMN `allowed_ip_active` TINYINT DEFAULT 0;
ALTER TABLE `tusuario` ADD COLUMN `allowed_ip_list` TEXT;
SET @id_config := (SELECT id_config FROM tconfig WHERE `token` = 'metaconsole_node_id' AND `value` IS NOT NULL ORDER BY id_config DESC LIMIT 1);
DELETE FROM tconfig WHERE `token` = 'metaconsole_node_id' AND (id_config < @id_config OR `value` IS NULL);

2
pandora_console/godmode/reporting/reporting_builder.item_editor.php
View File

@ -2335,7 +2335,7 @@ $class = 'databox filters';
<td class="bolder">
<?php
echo __('SQL query').ui_print_help_tip(
__('The entities of the fields that contain them must be included.'),
__('The entities of the fields that contain them must be included. Also is possible use macros like `_start_date_` or `_end_date_`.'),
true
);
?>

151
pandora_console/godmode/users/configure_user.php
View File

@ -1,17 +1,32 @@
<?php
/**
* User creation / update.
*
* @category Users
* @package Pandora FMS
* @subpackage Community
* @version 1.0.0
* @license See below
*
* ______ ___ _______ _______ ________
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
* Copyright (c) 2005-2022 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation for version 2.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* ============================================================================
*/
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// Load global vars
// Load global vars.
global $config;
check_login();
@ -343,6 +358,8 @@ if ($create_user) {
$values['email'] = (string) get_parameter('email');
$values['phone'] = (string) get_parameter('phone');
$values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments'))));
$values['allowed_ip_active'] = ((int) get_parameter_switch('allowed_ip_active', -1) === 0);
$values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
$values['is_admin'] = $user_is_admin;
$values['language'] = get_parameter('language', 'default');
$values['timezone'] = (string) get_parameter('timezone');
@ -358,20 +375,20 @@ if ($create_user) {
$values['block_size'] = (int) get_parameter('block_size', $config['block_size']);
$values['section'] = get_parameter('section');
if (($values['section'] == 'Event list') || ($values['section'] == 'Group view') || ($values['section'] == 'Alert detail') || ($values['section'] == 'Tactical view') || ($values['section'] == 'Default')) {
if (($values['section'] === 'Event list') || ($values['section'] === 'Group view') || ($values['section'] === 'Alert detail') || ($values['section'] === 'Tactical view') || ($values['section'] === 'Default')) {
$values['data_section'] = '';
} else if ($values['section'] == 'Dashboard') {
} else if ($values['section'] === 'Dashboard') {
$values['data_section'] = $dashboard;
} else if (io_safe_output($values['section']) == 'Visual console') {
} else if (io_safe_output($values['section']) === 'Visual console') {
$values['data_section'] = $visual_console;
} else if ($values['section'] == 'Other' || io_safe_output($values['section']) == 'External link') {
} else if ($values['section'] === 'Other' || io_safe_output($values['section']) === 'External link') {
$values['data_section'] = get_parameter('data_section');
}
if (enterprise_installed()) {
if (enterprise_installed() === true) {
$values['force_change_pass'] = 1;
$values['last_pass_change'] = date('Y/m/d H:i:s', get_system_time());
if (defined('METACONSOLE')) {
if (is_metaconsole() === true) {
$values['metaconsole_access'] = get_parameter('metaconsole_access', 'basic');
$values['metaconsole_agents_manager'] = ($user_is_admin == 1 ? 1 : get_parameter('metaconsole_agents_manager', '0'));
$values['metaconsole_access_node'] = ($user_is_admin == 1 ? 1 : get_parameter('metaconsole_access_node', '0'));
@ -384,8 +401,8 @@ if ($create_user) {
$values['strict_acl'] = (bool) get_parameter('strict_acl', false);
$values['session_time'] = (int) get_parameter('session_time', 0);
// eHorus user level conf
if ($config['ehorus_user_level_conf']) {
// eHorus user level conf.
if ((bool) $config['ehorus_user_level_conf'] === true) {
$values['ehorus_user_level_enabled'] = (bool) get_parameter('ehorus_user_level_enabled', false);
if ($values['ehorus_user_level_enabled'] === true) {
$values['ehorus_user_level_user'] = (string) get_parameter('ehorus_user_level_user');
@ -397,7 +414,7 @@ if ($create_user) {
}
if ($id == '') {
if (empty($id) === true) {
ui_print_error_message(__('User ID cannot be empty'));
$is_err = true;
$user_info = $values;
@ -411,7 +428,7 @@ if ($create_user) {
$password_new = '';
$password_confirm = '';
$new_user = true;
} else if ($password_new == '') {
} else if (empty($password_new) === true) {
$is_err = true;
ui_print_error_message(__('Passwords cannot be empty'));
$user_info = $values;
@ -438,6 +455,9 @@ if ($create_user) {
}
$info = '{"Id_user":"'.$values['id_user'].'","FullName":"'.$values['fullname'].'","Firstname":"'.$values['firstname'].'","Lastname":"'.$values['lastname'].'","Email":"'.$values['email'].'","Phone":"'.$values['phone'].'","Comments":"'.$values['comments'].'","Is_admin":"'.$values['is_admin'].'","Language":"'.$values['language'].'","Timezone":"'.$values['timezone'].'","Block size":"'.$values['block_size'].'"';
if ($values['allowed_ip_active'] === true) {
$info .= ',"IPS Allowed":"'.$values['allowed_ip_list'].'"';
}
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
$info .= ',"Skin":"'.$values['id_skin'].'"}';
@ -540,6 +560,8 @@ if ($update_user) {
$values['email'] = (string) get_parameter('email');
$values['phone'] = (string) get_parameter('phone');
$values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments'))));
$values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0);
$values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
$values['is_admin'] = (get_parameter('is_admin', 0) === 0) ? 0 : 1;
$values['language'] = (string) get_parameter('language');
$values['timezone'] = (string) get_parameter('timezone');
@ -573,17 +595,17 @@ if ($update_user) {
$values['block_size'] = get_parameter('block_size', $config['block_size']);
$values['section'] = get_parameter('section');
if (($values['section'] == 'Event list') || ($values['section'] == 'Group view') || ($values['section'] == 'Alert detail') || ($values['section'] == 'Tactical view') || ($values['section'] == 'Default')) {
if (($values['section'] === 'Event list') || ($values['section'] === 'Group view') || ($values['section'] === 'Alert detail') || ($values['section'] === 'Tactical view') || ($values['section'] === 'Default')) {
$values['data_section'] = '';
} else if ($values['section'] == 'Dashboard') {
} else if ($values['section'] === 'Dashboard') {
$values['data_section'] = $dashboard;
} else if (io_safe_output($values['section']) == 'Visual console') {
} else if (io_safe_output($values['section']) === 'Visual console') {
$values['data_section'] = $visual_console;
} else if ($values['section'] == 'Other' || io_safe_output($values['section']) == 'External link') {
} else if ($values['section'] === 'Other' || io_safe_output($values['section']) === 'External link') {
$values['data_section'] = get_parameter('data_section');
}
if (enterprise_installed() && defined('METACONSOLE')) {
if (enterprise_installed() === true && is_metaconsole() === true) {
$values['metaconsole_access'] = get_parameter('metaconsole_access');
$values['metaconsole_agents_manager'] = get_parameter('metaconsole_agents_manager', '0');
$values['metaconsole_access_node'] = get_parameter('metaconsole_access_node', '0');
@ -611,9 +633,9 @@ if ($update_user) {
$correct_password = true;
}
if ($password_confirm == $password_new) {
if ((string) $password_confirm === (string) $password_new) {
if ($correct_password === true || is_user_admin($config['id_user'])) {
if ((!is_user_admin($config['id_user']) || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
if ((is_user_admin($config['id_user']) === false || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
$pass_ok = login_validate_pass($password_new, $id, true);
if ($pass_ok != 1) {
ui_print_error_message($pass_ok);
@ -704,19 +726,23 @@ if ($update_user) {
"Block size":"'.$values['block_size'].'",
"Section":"'.$values['section'].'"';
if ($values['allowed_ip_active'] === true) {
$info .= ',"IPS Allowed":"'.$values['allowed_ip_list'].'"';
}
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
$info .= ',"Skin":"'.$values['id_skin'].'"';
$has_skin = true;
}
if (enterprise_installed() && defined('METACONSOLE')) {
if (enterprise_installed() === true && is_metaconsole() === true) {
$info .= ',"Wizard access":"'.$values['metaconsole_access'].'"}';
$has_wizard = true;
} else if ($has_skin) {
} else if ($has_skin === true) {
$info .= '}';
}
if (!$has_skin && !$has_wizard) {
if ($has_skin === false && $has_wizard === false) {
$info .= '}';
}
@ -744,7 +770,7 @@ if ($update_user) {
}
if ($values['strict_acl']) {
if ((bool) $values['strict_acl'] === true) {
$count_groups = 0;
$count_tags = 0;
@ -754,7 +780,7 @@ if ($update_user) {
}
foreach ($profiles as $profile) {
$count_groups = ($count_groups + 1);
$count_groups++;
$arr_tags = explode(',', $profile['tags']);
$count_tags = ($count_tags + count($arr_tags));
}
@ -783,7 +809,7 @@ if ($add_profile && empty($json_profile)) {
$no_hierarchy = (int) get_parameter('no_hierarchy', 0);
foreach ($tags as $k => $tag) {
if (empty($tag)) {
if (empty($tag) === true) {
unset($tags[$k]);
}
}
@ -826,7 +852,7 @@ if (!users_is_admin() && $config['id_user'] != $id && !$new_user) {
);
$result = db_get_all_rows_sql($sql);
if ($result == false && $user_info['is_admin'] == false) {
if ((bool) $result === false && (bool) $user_info['is_admin'] === false) {
db_pandora_audit(
AUDIT_LOG_ACL_VIOLATION,
'Trying to access User Management'
@ -837,12 +863,13 @@ if (!users_is_admin() && $config['id_user'] != $id && !$new_user) {
}
}
if (defined('METACONSOLE')) {
if ($id) {
echo '<div class="user_form_title">'.__('Update User').'</div>';
} else {
echo '<div class="user_form_title">'.__('Create User').'</div>';
}
if (is_metaconsole() === true) {
html_print_div(
[
'class' => 'user_form_title',
'content' => ((bool) $id === true) ? __('Update User') : __('Create User'),
]
);
}
if (!$new_user) {
@ -1030,6 +1057,26 @@ $comments .= html_print_textarea(
true
);
$allowedIP = '<p class="edit_user_labels">';
$allowedIP .= __('Login allowed IP list').'&nbsp;';
$allowedIP .= ui_print_help_tip(__('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), true).'&nbsp;';
$allowedIP .= html_print_checkbox_switch(
'allowed_ip_active',
0,
$user_info['allowed_ip_active'],
true
);
$allowedIP .= '</p>';
$allowedIP .= html_print_textarea(
'allowed_ip_list',
2,
65,
$user_info['allowed_ip_list'],
(((bool) $view_mode === true) ? 'readonly="readonly"' : ''),
true
);
// If we want to create a new user, skins displayed are the skins of the creator's group. If we want to update, skins displayed are the skins of the modified user.
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
@ -1046,8 +1093,8 @@ if ($new_user) {
$id_usr = $id;
}
if (!$meta) {
// User only can change skins if has more than one group
if ((bool) $meta === false) {
// User only can change skins if has more than one group.
if (count($usr_groups) > 1) {
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
$skin = '<div class="label_select"><p class="edit_user_labels">'.__('Skin').'</p>';
@ -1056,7 +1103,7 @@ if (!$meta) {
}
}
if ($meta) {
if ((bool) $meta === true) {
$array_filters = get_filters_custom_fields_view(0, true);
$search_custom_fields_view = '<div class="label_select"><p class="edit_user_labels">'.__('Search custom field view').' '.ui_print_help_tip(__('Load by default the selected view in custom field view'), true).'</p>';
@ -1413,6 +1460,20 @@ echo '</div>
<div class="user_edit_third_row white_box">
<div class="edit_user_comments">'.$comments.'</div>
</div>';
html_print_div(
[
'class' => 'user_edit_third_row white_box',
'content' => html_print_div(
[
'class' => 'edit_user_allowed_ip',
'content' => $allowedIP,
],
true
),
]
);
if (!empty($ehorus)) {
echo '<div class="user_edit_third_row white_box">'.$ehorus.'</div>';
}

2
pandora_console/include/class/ConsoleSupervisor.php
View File

@ -1466,7 +1466,7 @@ class ConsoleSupervisor
[
'type' => 'NOTIF.PHP.INPUT_TIME',
'title' => sprintf(
__("'%s' value in PHP configuration is not recommended"),
__('%s value in PHP configuration is not recommended'),
'max_input_time'
),
'message' => sprintf(

2
pandora_console/include/config_process.php
View File

@ -20,7 +20,7 @@
/**
* Pandora build version and version
*/
$build_version = 'PC220923';
$build_version = 'PC220927';
$pandora_version = 'v7.0NG.764';
// Do not overwrite default timezone set if defined.

145
pandora_console/include/functions_events.php
View File

@ -1494,6 +1494,15 @@ function events_get_all(
MAX(id_evento) as max_id_evento',
($idx !== false) ? 'GROUP_CONCAT(DISTINCT user_comment SEPARATOR "<br>") AS comments,' : ''
);
$group_selects_trans = sprintf(
',tmax_event.event_rep,
%s
tmax_event.timestamp_last,
tmax_event.timestamp_first,
tmax_event.max_id_evento',
($idx !== false) ? 'tmax_event.comments,' : ''
);
}
} else {
$idx = array_search('te.user_comment', $fields);
@ -1502,43 +1511,107 @@ function events_get_all(
}
}
$sql = sprintf(
'SELECT %s
if ((int) $filter['group_rep'] === 1 && $count === false) {
$sql = sprintf(
'SELECT %s
%s
FROM %s
INNER JOIN (
SELECT te.id_evento %s
FROM %s
%s
%s
%s JOIN %s ta
ON ta.%s = te.id_agente
%s
%s
%s JOIN tgrupo tg
ON %s
WHERE 1=1
%s
%s
%s
%s
%s
) tmax_event
ON te.id_evento = tmax_event.max_id_evento
%s
FROM %s
%s
%s
%s JOIN %s ta
ON ta.%s = te.id_agente
%s
%s
%s JOIN tgrupo tg
ON %s
WHERE 1=1
%s
%s
%s
%s
%s
',
join(',', $fields),
$group_selects,
$tevento,
$event_lj,
$agentmodule_join,
$tagente_join,
$tagente_table,
$tagente_field,
$conditionMetaconsole,
join(' ', $agent_join_filters),
$tgrupo_join,
join(' ', $tgrupo_join_filters),
join(' ', $sql_filters),
$group_by,
$order_by,
$pagination,
$having
);
%s
%s JOIN %s ta
ON ta.%s = te.id_agente
%s
%s
%s JOIN tgrupo tg
ON %s',
join(',', $fields),
$group_selects_trans,
$tevento,
$group_selects,
$tevento,
$event_lj,
$agentmodule_join,
$tagente_join,
$tagente_table,
$tagente_field,
$conditionMetaconsole,
join(' ', $agent_join_filters),
$tgrupo_join,
join(' ', $tgrupo_join_filters),
join(' ', $sql_filters),
$group_by,
$order_by,
$pagination,
$having,
$event_lj,
$agentmodule_join,
$tagente_join,
$tagente_table,
$tagente_field,
$conditionMetaconsole,
join(' ', $agent_join_filters),
$tgrupo_join,
join(' ', $tgrupo_join_filters),
join(' ', $sql_filters)
);
} else {
$sql = sprintf(
'SELECT %s
%s
FROM %s
%s
%s
%s JOIN %s ta
ON ta.%s = te.id_agente
%s
%s
%s JOIN tgrupo tg
ON %s
WHERE 1=1
%s
%s
%s
%s
%s
',
join(',', $fields),
$group_selects,
$tevento,
$event_lj,
$agentmodule_join,
$tagente_join,
$tagente_table,
$tagente_field,
$conditionMetaconsole,
join(' ', $agent_join_filters),
$tgrupo_join,
join(' ', $tgrupo_join_filters),
join(' ', $sql_filters),
$group_by,
$order_by,
$pagination,
$having
);
}
if ($return_sql === true) {
return $sql;

21
pandora_console/include/functions_reporting.php
View File

@ -7213,7 +7213,7 @@ function reporting_sql($report, $content)
$sql = $content['external_source'];
}
// Check if exist sql macro
// Check if exist sql macro.
$sql = reporting_sql_macro($report, $sql);
// Do a security check on SQL coming from the user.
@ -14718,6 +14718,25 @@ function reporting_sql_macro(array $report, string $sql): string
);
}
if (preg_match('/_start_date_/', $sql)) {
$date_init = get_parameter('date_init', date(DATE_FORMAT, (strtotime(date('Y-m-j')) - SECONDS_1DAY)));
$time_init = get_parameter('time_init', date(TIME_FORMAT, (strtotime(date('Y-m-j')) - SECONDS_1DAY)));
$datetime_init = strtotime($date_init.' '.$time_init);
$sql = str_replace(
'_start_date_',
$datetime_init,
$sql
);
}
if (preg_match('/_end_date_/', $sql)) {
$sql = str_replace(
'_end_date_',
$report['datetime'],
$sql
);
}
return $sql;
}

49
pandora_console/include/functions_users.php
View File

@ -877,3 +877,52 @@ function users_get_users_group_by_group($id_group)
return $users;
}
/**
* Check if IP is in range. Check wildcard `*`, single IP and IP ranges.
*
* @param array $arrayIP List of IPs.
* @param string $userIP IP for determine if is in the list.
*
* @return boolean True if IP is in range.
*/
function checkIPInRange(
array $arrayIP,
string $userIP=''
) {
$output = false;
if (empty($userIP) === true) {
$userIP = $_SERVER['REMOTE_ADDR'];
}
if (empty($arrayIP) === false) {
foreach ($arrayIP as $ip) {
if ($ip === '*') {
// The list has wildcard, this accept all IPs.
$output = true;
break;
} else if ($ip === $userIP) {
$output = true;
break;
} else if (preg_match('/([0-2]?[0-9]{1,2})[.]([0-2]?[0-9]{1,2})[.]([0-2]?[0-9]{0,2})[.](0){1}/', $ip) > 0) {
$rangeArrayIP = explode('.', $ip);
$userArrayIP = explode('.', $userIP);
foreach ($rangeArrayIP as $position => $segmentIP) {
if ($segmentIP === $userArrayIP[$position]) {
$output = true;
} else if ((string) $segmentIP === '0') {
break 2;
} else {
$output = false;
}
}
} else {
$output = false;
}
}
}
return $output;
}

34
pandora_console/index.php
View File

@ -299,6 +299,40 @@ if (isset($config['id_user']) === false) {
// Since now, only the $pass variable are needed.
unset($_GET['pass'], $_POST['pass'], $_REQUEST['pass']);
// IP allowed check.
$user_info = users_get_user_by_id($nick);
if ((bool) $user_info['allowed_ip_active'] === true) {
$userIP = $_SERVER['REMOTE_ADDR'];
$allowedIP = false;
$arrayIP = explode(',', $user_info['allowed_ip_list']);
// By default, if the IP definition is no correct, allows all.
if (empty($arrayIP) === true) {
$allowedIP = true;
} else {
$allowedIP = checkIPInRange($arrayIP, $userIP);
}
if ($allowedIP === false) {
$config['auth_error'] = 'IP not allowed';
$login_failed = true;
include_once 'general/login_page.php';
db_pandora_audit(
AUDIT_LOG_USER_REGISTRATION,
sprintf(
'IP %s not allowed for user %s',
$userIP,
$nick
),
$userIP
);
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
}
// If the auth_code exists, we assume the user has come from
// double authorization page.
if (isset($_POST['auth_code']) === true) {

2
pandora_console/install.php
View File

@ -129,7 +129,7 @@
<div style='height: 10px'>
<?php
$version = '7.0NG.764';
$build = '220923';
$build = '220927';
$banner = "v$version Build $build";
error_reporting(0);

53
pandora_console/operation/users/user_edit.php
View File

@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
* Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Copyright (c) 2005-2022 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@ -75,6 +75,9 @@ if (isset($_GET['modified']) && !$view_mode) {
$upd_info['email'] = get_parameter_post('email', '');
$upd_info['phone'] = get_parameter_post('phone', '');
$upd_info['comments'] = get_parameter_post('comments', '');
$upd_info['allowed_ip_active'] = ((int) get_parameter_switch('allowed_ip_active', -1) === 0);
$upd_info['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
$upd_info['comments'] = get_parameter_post('comments', '');
$upd_info['language'] = get_parameter_post('language', $user_info['language']);
$upd_info['timezone'] = get_parameter_post('timezone', '');
$upd_info['id_skin'] = get_parameter('skin', $user_info['id_skin']);
@ -111,14 +114,14 @@ if (isset($_GET['modified']) && !$view_mode) {
$section = io_safe_output($upd_info['section']);
if (($section == 'Event list') || ($section == 'Group view')
|| ($section == 'Alert detail') || ($section == 'Tactical view')
|| ($section == 'Default')
if (($section === 'Event list') || ($section === 'Group view')
|| ($section === 'Alert detail') || ($section === 'Tactical view')
|| ($section === 'Default')
) {
$upd_info['data_section'] = '';
} else if ($section == 'Dashboard') {
} else if ($section === 'Dashboard') {
$upd_info['data_section'] = $dashboard;
} else if ($section == 'Visual console') {
} else if ($section === 'Visual console') {
$upd_info['data_section'] = $visual_console;
}
@ -168,13 +171,13 @@ if (isset($_GET['modified']) && !$view_mode) {
// (no changes in data) SQL function returns 0 (FALSE), but is not an error,
// just no change. Previous error message could be confussing to the user.
if ($return) {
if (!empty($password_new) && !empty($password_confirm)) {
if (empty($password_new) === false && empty($password_confirm) === false) {
$success_msg = __('Password successfully updated');
}
// If info is valid then proceed with update.
if ((filter_var($upd_info['email'], FILTER_VALIDATE_EMAIL) || $upd_info['email'] == '')
&& (preg_match('/^[0-9- ]+$/D', $upd_info['phone']) || $upd_info['phone'] == '')
if ((filter_var($upd_info['email'], FILTER_VALIDATE_EMAIL) || empty($upd_info['email']) === true)
&& (preg_match('/^[0-9- ]+$/D', $upd_info['phone']) || empty($upd_info['phone']) === true)
) {
$return_update_user = update_user($id, $upd_info);
@ -183,7 +186,7 @@ if (isset($_GET['modified']) && !$view_mode) {
} else if ($return_update_user == true) {
$success_msg = __('User info successfully updated');
} else {
if (!empty($password_new) && !empty($password_confirm)) {
if (empty($password_new) === false && empty($password_confirm) === false) {
$success_msg = __('Password successfully updated');
} else if ($upd_info['id_skin'] !== $user_info['id_skin']) {
$success_msg = __('Skin successfully updated');
@ -614,6 +617,26 @@ $comments .= html_print_textarea(
);
$comments .= html_print_input_hidden('quick_language_change', 1, true);
$allowedIP = '<p class="edit_user_labels">';
$allowedIP .= __('Login allowed IP list').'&nbsp;';
$allowedIP .= ui_print_help_tip(__('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), true).'&nbsp;';
$allowedIP .= html_print_checkbox_switch(
'allowed_ip_active',
0,
$user_info['allowed_ip_active'],
true
);
$allowedIP .= '</p>';
$allowedIP .= html_print_textarea(
'allowed_ip_list',
2,
65,
$user_info['allowed_ip_list'],
($view_mode ? 'readonly="readonly"' : ''),
true
);
foreach ($timezones as $timezone_name => $tz) {
if ($timezone_name == 'America/Montreal') {
@ -655,7 +678,7 @@ if (is_metaconsole()) {
if (!is_metaconsole()) {
if (is_metaconsole() === false) {
echo '<div id="timezone-picker">
<img id="timezone-image" src="'.$local_file.'" width="'.$map_width.'" height="'.$map_height.'" usemap="#timezone-map" />
<img class="timezone-pin pdd_t_4px" src="include/javascript/timezonepicker/images/pin.png" />
@ -664,10 +687,14 @@ if (!is_metaconsole()) {
}
echo '</div>
</div>
</div>
<div class="user_edit_third_row white_box">
<div class="edit_user_comments">'.$comments.'</div>
</div>
</div>
<div class="user_edit_third_row white_box">
<div class="edit_user_allowed_ip">'.$allowedIP.'</div>
</div>
</div>';
if ($config['ehorus_enabled'] && $config['ehorus_user_level_conf']) {

2
pandora_console/pandora_console.redhat.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.764
%define release 220923
%define release 220927
# User and Group under which Apache is running
%define httpd_name httpd

2
pandora_console/pandora_console.rhel7.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.764
%define release 220923
%define release 220927
# User and Group under which Apache is running
%define httpd_name httpd

2
pandora_console/pandora_console.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.764
%define release 220923
%define release 220927
%define httpd_name httpd
# User and Group under which Apache is running
%define httpd_name apache2

2
pandora_console/pandoradb.sql
View File

@ -1306,6 +1306,8 @@ CREATE TABLE IF NOT EXISTS `tusuario` (
`ehorus_user_level_enabled` TINYINT,
`integria_user_level_user` VARCHAR(60),
`integria_user_level_pass` VARCHAR(45),
`allowed_ip_active` TINYINT UNSIGNED DEFAULT 0,
`allowed_ip_list` TEXT,
CONSTRAINT `fk_filter_id` FOREIGN KEY (`id_filter`) REFERENCES tevent_filter (`id_filter`) ON DELETE SET NULL,
UNIQUE KEY `id_user` (`id_user`)
) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4;

2
pandora_server/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-server
Version: 7.0NG.764-220923
Version: 7.0NG.764-220927
Architecture: all
Priority: optional
Section: admin

2
pandora_server/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.764-220923"
pandora_version="7.0NG.764-220927"
package_cpan=0
package_pandora=1

2
pandora_server/lib/PandoraFMS/Config.pm
View File

@ -46,7 +46,7 @@ our @EXPORT = qw(
# version: Defines actual version of Pandora Server for this module only
my $pandora_version = "7.0NG.764";
my $pandora_build = "220923";
my $pandora_build = "220927";
our $VERSION = $pandora_version." ".$pandora_build;
# Setup hash

21
pandora_server/lib/PandoraFMS/PluginServer.pm
View File

@ -160,28 +160,35 @@ sub data_consumer ($$) {
if($timeout <= 0) {
$timeout = 15;
}
# Build command to execute
my $command = $plugin->{'execute'};
if (!defined($plugin->{'parameters'})){
$plugin->{'parameters'} = "";
}
my $parameters = $plugin->{'parameters'};
my %plugin_macros_for_alert_processing;
if (!defined($module->{'macros'})){
$module->{'macros'} = "";
}
# Plugin macros
eval {
if ($module->{'macros'} ne '') {
logger ($pa_config, "Decoding json macros from # $module_id plugin command '$command'", 10);
my $macros = p_decode_json($pa_config, encode_utf8($module->{'macros'}));
my %macros = %{$macros};
if(ref($macros) eq "HASH") {
my %macros;
if(ref($macros) eq "ARRAY") {
my $count = 1;
%macros = map { $count++ => $_ } @$macros;
} else {
%macros = %{$macros};
}
if(ref(\%macros) eq "HASH") {
foreach my $macro_id (keys(%macros))
{
my $macro_field = safe_output($macros{$macro_id}{'macro'});

2
pandora_server/lib/PandoraFMS/PluginTools.pm
View File

@ -34,7 +34,7 @@ our @ISA = qw(Exporter);
# version: Defines actual version of Pandora Server for this module only
my $pandora_version = "7.0NG.764";
my $pandora_build = "220923";
my $pandora_build = "220927";
our $VERSION = $pandora_version." ".$pandora_build;
our %EXPORT_TAGS = ( 'all' => [ qw() ] );

2
pandora_server/pandora_server.redhat.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_server
%define version 7.0NG.764
%define release 220923
%define release 220927
Summary: Pandora FMS Server
Name: %{name}

2
pandora_server/pandora_server.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_server
%define version 7.0NG.764
%define release 220923
%define release 220927
Summary: Pandora FMS Server
Name: %{name}

2
pandora_server/pandora_server_installer
View File

@ -9,7 +9,7 @@
# **********************************************************************
PI_VERSION="7.0NG.764"
PI_BUILD="220923"
PI_BUILD="220927"
MODE=$1
if [ $# -gt 1 ]; then

2
pandora_server/util/pandora_db.pl
View File

@ -35,7 +35,7 @@ use PandoraFMS::Config;
use PandoraFMS::DB;
# version: define current version
my $version = "7.0NG.764 Build 220923";
my $version = "7.0NG.764 Build 220927";
# Pandora server configuration
my %conf;

2
pandora_server/util/pandora_manage.pl
View File

@ -36,7 +36,7 @@ use Encode::Locale;
Encode::Locale::decode_argv;
# version: define current version
my $version = "7.0NG.764 Build 220923";
my $version = "7.0NG.764 Build 220927";
# save program name for logging
my $progname = basename($0);