2011-02-16 Juan Manuel Ramon <juanmanuel.ramon@artica.es>

* include/functions_alerts.php: New function get_alert_actions_filter. * operation/agentes/estado_agente.php: If user is not admin or doesn't have 'PM' privileges then don't display alerts of others groups. * godmode/alerts/configure_alert_template.php: If user is not admin or doesn't have 'PM' privileges then don't display templates of others groups. * godmode/alerts/configure_alert_action.php: Don't show "create command" option in this view if current user is not administrator or or doesn't have 'PM' privileges. * godmode/alerts/alert_list.builder.php: If user is not admin or doesn't have 'PM' privileges then don't display alerts of others groups. Fixes: #3182557, 3182566 * include/functions_visual_map.php: Added a parameter in function get_user_layouts for return All group or not. * godmode/reporting/visual_console_builder.data.php: In map creation only display "All" group if user has 'PM' privileges or is administrator. * godmode/reporting/map_builder.php: If user is not admin or doesn't have 'PM' privileges then don't display maps of others groups. * operation/visual_console/index.php: If user is not admin or doesn't have 'PM' privileges then don't display maps of others groups. Fixes: #3175721, 3175730 * godmode/users/configure_user.php: Only are shown "pandora management" and "database management" profiles if current user is not administrator or or doesn't have 'PM' privileges. * godmode/alerts/alert_list.list.php: Fixed query for alert search. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3887 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-02-16 18:39:28 +00:00 · 2011-02-16 18:39:28 +00:00 · 7e67360fda
parent 55f1028987
commit 7e67360fda
12 changed files with 149 additions and 24 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,34 @@
+2011-02-16 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
+
+	* include/functions_alerts.php: New function get_alert_actions_filter.
+	* operation/agentes/estado_agente.php: If user is not admin or doesn't have
+	'PM' privileges then don't display alerts of others groups.
+	* godmode/alerts/configure_alert_template.php: If user is not admin or doesn't have
+	'PM' privileges then don't display templates of others groups.
+	* godmode/alerts/configure_alert_action.php: Don't show "create command" option
+	in this view if current user is not administrator or or doesn't have
+	'PM' privileges.
+	* godmode/alerts/alert_list.builder.php: If user is not admin or doesn't have
+	'PM' privileges then don't display alerts of others groups.
+
+	Fixes: #3182557, 3182566 	
+
+	* include/functions_visual_map.php: Added a parameter in function get_user_layouts for 
+	return All group or not.
+	* godmode/reporting/visual_console_builder.data.php: In map creation only display "All"
+	group if user has 'PM' privileges or is administrator.
+	* godmode/reporting/map_builder.php: If user is not admin or doesn't have
+	'PM' privileges then don't display maps of others groups.
+	* operation/visual_console/index.php: If user is not admin or doesn't have
+	'PM' privileges then don't display maps of others groups.
+
+	Fixes: #3175721, 3175730	
+
+      	* godmode/users/configure_user.php: Only are shown "pandora management" and 
+	"database management" profiles if current user is not administrator or or doesn't have
+	'PM' privileges.	
+	* godmode/alerts/alert_list.list.php: Fixed query for alert search. 
+
 2011-02-16  Ramon Novoa  <rnovoa@artica.es>

 	* include/functions_menu.php: Fixed a typo.
--- a/pandora_console/godmode/alerts/alert_list.builder.php
+++ b/pandora_console/godmode/alerts/alert_list.builder.php
@ -64,7 +64,15 @@ $table->data[0][1] .= print_image('images/spinner.png', true) . '</span>';
 $table->data[1][0] = __('Template');

 $table->data[1][0] = __('Template');
-$templates = get_alert_templates (false, array ('id', 'name'));
+$own_info = get_user_info ($config['id_user']);
+if ($own_info['is_admin'])
+	$templates = get_alert_templates (false, array ('id', 'name'));
+else{
+	$usr_groups = get_user_groups($config['id_user'], 'LW', false);
+	$filter_groups = '';
+	$filter_groups = implode(',', array_keys($usr_groups));
+	$templates = get_alert_templates (array ('id_group IN (' . $filter_groups . ')'), array ('id', 'name'));
+}	

 $table->data[1][1] = print_select (index_array ($templates, 'id', 'name'),
 	'template', '', '', __('Select'), 0, true);
--- a/pandora_console/godmode/alerts/alert_list.list.php
+++ b/pandora_console/godmode/alerts/alert_list.list.php
@ -131,7 +131,7 @@ if ($searchFlag) {
 			FROM tagente AS t1 INNER JOIN tagente_modulo AS t2 ON t1.id_agente = t2.id_agente
 			WHERE t1.nombre LIKE '" . trim($agentName) . "')";
 	if ($actionID != -1)
-		$where .= " AND id IN (SELECT id_alert_template_module FROM talert_template_module_actions WHERE id_alert_action = " . $actionID . ")";
+		$where .= " AND talert_template_modules.id IN (SELECT id_alert_template_module FROM talert_template_module_actions WHERE id_alert_action = " . $actionID . ")";
 	if ($enabledisable != -1)
 		$where .= " AND talert_template_modules.disabled =" . $enabledisable;
 	if ($standby != -1)
@ -479,7 +479,11 @@ foreach ($simple_alerts as $alert) {
 	$data[6] .= '<form id="add_action_form-'.$alert['id'].'" method="post" class="invisible">';
 	$data[6] .= print_input_hidden ('add_action', 1, true);
 	$data[6] .= print_input_hidden ('id_alert_module', $alert['id'], true);
-	$actions = get_alert_actions ();
+	$own_info = get_user_info($config['id_user']);
+	$own_groups = get_user_groups($config['id_user'], 'LW', $own_info['is_admin']);
+	$filter_groups = '';
+	$filter_groups = implode(',', array_keys($own_groups));
+	$actions = get_alert_actions_filter(true, 'id_group IN (' . $filter_groups . ')');
 	$data[6] .= print_select ($actions, 'action', '', '', __('None'), 0, true);
 	$data[6] .= '<br />';
 	$data[6] .= '<span><a href="#" class="show_advanced_actions">'.__('Advanced options').' &raquo; </a></span>';
--- a/pandora_console/godmode/alerts/configure_alert_action.php
+++ b/pandora_console/godmode/alerts/configure_alert_action.php
@ -80,16 +80,24 @@ $table->data[0][1] = print_input_text ('name', $name, '', 35, 255, true);
 $table->data[1][0] = __('Group');

 $groups = get_user_groups ();
-$table->data[1][1] = print_select_groups(false, "AR", true, 'group', $group, '', '', 0, true);
+$own_info = get_user_info ($config['id_user']);
+// Only display group "All" if user is administrator or has "PM" privileges
+if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
+	$display_all_group = true;
+else	
+	$display_all_group = false;
+$table->data[1][1] = print_select_groups(false, "LW", $display_all_group, 'group', $group, '', '', 0, true);

 $table->data[2][0] = __('Command');
 $table->data[2][1] = print_select_from_sql ('SELECT id, name FROM talert_commands',
 	'id_command', $id_command, '', __('None'), 0, true);
 $table->data[2][1] .= ' ';
-$table->data[2][1] .= print_image ('images/add.png', true);
-$table->data[2][1] .= '<a href="index.php?sec=galertas&sec2=godmode/alerts/configure_alert_command">';
-$table->data[2][1] .= __('Create Command');
-$table->data[2][1] .= '</a>';
+if (give_acl ($config['id_user'], 0, "PM")){
+	$table->data[2][1] .= print_image ('images/add.png', true);
+	$table->data[2][1] .= '<a href="index.php?sec=galertas&sec2=godmode/alerts/configure_alert_command">';
+	$table->data[2][1] .= __('Create Command');
+	$table->data[2][1] .= '</a>';
+}
 $table->data[3][0] = __('Threshold');
 $table->data[3][1] = print_input_text ('action_threshold', $action_threshold, '', 5, 7, true);
 $table->data[3][1] .= ' '.__('seconds') . print_help_icon ('action_threshold', true);
--- a/pandora_console/godmode/alerts/configure_alert_template.php
+++ b/pandora_console/godmode/alerts/configure_alert_template.php
@ -497,7 +497,13 @@ if ($step == 2) {

 	$table->data[0][1] .= "&nbsp;&nbsp;". __("Group");
 	$groups = get_user_groups ();
-	$table->data[0][1] .= "&nbsp;".print_select_groups(false, "AR", true, 'id_group', $id_group, '', '', 0, true);
+	$own_info = get_user_info($config['id_user']);
+	// Only display group "All" if user is administrator or has "PM" privileges
+	if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
+		$display_all_group = true;
+	else	
+		$display_all_group = false;
+	$table->data[0][1] .= "&nbsp;".print_select_groups(false, "AR", $display_all_group, 'id_group', $id_group, '', '', 0, true);

 	$table->data[1][0] = __('Description');
 	$table->data[1][1] =  print_textarea ('description', 10, 30,
--- a/pandora_console/godmode/reporting/map_builder.php
+++ b/pandora_console/godmode/reporting/map_builder.php
@ -15,6 +15,8 @@

 global $config;

+require_once ('include/functions_visual_map.php');
+
 print_page_header (__('Visual console builder'), "", false, "map_builder", true);

 $id_layout = (int) get_parameter ('id_layout');
@ -113,7 +115,13 @@ $table->align[2] = 'center';
 $table->align[3] = 'center';
 $table->align[4] = 'center';

-$maps = get_db_all_rows_in_table ('tlayout','name');
+// Only display maps of "All" group if user is administrator or has "PM" privileges, otherwise show only maps of user group
+$own_info = get_user_info ($config['id_user']);
+if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
+	$maps = get_user_layouts ();	
+else
+	$maps = get_user_layouts ($config['id_user'], false, false, false);
+
 if (!$maps) {
 	echo '<div class="nf">'.('No maps defined').'</div>';
 } else {
--- a/pandora_console/godmode/reporting/visual_console_builder.data.php
+++ b/pandora_console/godmode/reporting/visual_console_builder.data.php
@ -48,7 +48,15 @@ $table->data[0][0] = __('Name:');
 $table->data[0][1] = print_input_text ('name', $visualConsoleName, '', 15, 50, true);
 $table->data[1][0] = __('Group:');
 $groups = get_user_groups ($config['id_user']);
-$table->data[1][1] = print_select_groups($config['id_user'], "AR", true, 'id_group', $idGroup, '', '', '', true);
+
+$own_info = get_user_info($config['id_user']);
+// Only display group "All" if user is administrator or has "PM" privileges
+if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
+	$display_all_group = true;
+else	
+	$display_all_group = false;
+
+$table->data[1][1] = print_select_groups($config['id_user'], "AR", $display_all_group, 'id_group', $idGroup, '', '', '', true);
 $backgrounds_list = list_files ('images/console/background/', "jpg", 1, 0);
 $backgrounds_list = array_merge ($backgrounds_list, list_files ('images/console/background/', "png", 1, 0));
 $table->data[2][0] = __('Background');
--- a/pandora_console/godmode/users/configure_user.php
+++ b/pandora_console/godmode/users/configure_user.php
@ -364,8 +364,12 @@ foreach ($result as $profile) {

 $data = array ();
 $data[0] = '<form method="post">';
-$data[0] .= print_select (get_profiles (), 'assign_profile', 0, '', __('None'),
-	0, true, false, false);
+if (give_acl ($config['id_user'], 0, "PM"))
+	$data[0] .= print_select (get_profiles (), 'assign_profile', 0, '', __('None'),
+		0, true, false, false);
+else
+	$data[0] .= print_select (get_profiles_filter ('pandora_management <> 1 and db_management <> 1'), 'assign_profile', 0, '', __('None'),
+		0, true, false, false);
 $data[1] = print_select_groups($config['id_user'], "UM", $own_info['is_admin'],
 	'assign_group', -1, '', __('None'), -1, true, false, false);
 $data[2] = print_input_image ('add', 'images/add.png', 1, '', true);
--- a/pandora_console/include/functions_alerts.php
+++ b/pandora_console/include/functions_alerts.php
@ -236,6 +236,38 @@ function get_alert_actions ($only_names = true, $acl = false) {
 	return $actions;
 }

+/**
+ * Get actions alerts filtered.
+ * 
+ * @param bool Return all fields or not.
+ * @param variant String with SQL filter or false in case you don't want to filter.
+ *
+ * @return mixed A matrix with all the values returned from the SQL statement or
+ * false in case of empty result
+ */
+function get_alert_actions_filter ($only_names = true, $filter = false) {
+
+	if (!$filter)
+		$all_actions = get_db_all_rows_in_table ('talert_actions');
+	elseif (is_string($filter))
+		$all_actions = get_db_all_rows_filter ('talert_actions', $filter);
+	else
+		$all_actions = false;
+	
+	if ($all_actions === false)
+		return array ();
+	
+	if (! $only_names)
+		return $all_actions;
+	
+	$actions = array ();
+	foreach ($all_actions as $action) {
+		$actions[$action['id']] = $action['name'];
+	}
+	
+	return $actions;
+}
+
 function get_alert_action ($id_alert_action) {
 	$id_alert_action = safe_int ($id_alert_action, 1);
 	if (empty ($id_alert_action))
--- a/pandora_console/include/functions_visual_map.php
+++ b/pandora_console/include/functions_visual_map.php
@ -850,10 +850,11 @@ function get_layout_data_types () {
 * @param bool Wheter to return all the fields or only the name (to use in
 * print_select() directly)
 * @param array Additional filters to filter the layouts.
+ * @param bool Whether to return All group or not.
 *
 * @return array A list of layouts the user can see.
 */
-function get_user_layouts ($id_user = 0, $only_names = false, $filter = false) {
+function get_user_layouts ($id_user = 0, $only_names = false, $filter = false, $returnAllGroup = true) {
 	if (! is_array ($filter))
 		$filter = array ();
 	
@ -861,7 +862,10 @@ function get_user_layouts ($id_user = 0, $only_names = false, $filter = false) {
 	if ($where != '') {
 		$where .= ' AND ';
 	}
-	$groups = get_user_groups ($id_user);
+	if ($returnAllGroup)
+		$groups = get_user_groups ($id_user);
+	else
+		$groups = get_user_groups ($id_user, 'IR', false);
 	$where .= sprintf ('id_group IN (%s)', implode (",", array_keys ($groups)));
 	
 	$layouts = get_db_all_rows_filter ('tlayout', $where);
--- a/pandora_console/operation/agentes/estado_agente.php
+++ b/pandora_console/operation/agentes/estado_agente.php
@ -30,22 +30,28 @@ if (is_ajax ()) {
 	$get_agent_module_last_value = (bool) get_parameter ('get_agent_module_last_value');
 	$get_actions_alert_template = (bool) get_parameter("get_actions_alert_template");
 	
-	$groups = get_user_groups(false, "AR", true);
-	if ($groups === false) {
-		$groups = array();
-	}
-	$id_groups = array_keys($groups);
-	
 	if ($get_actions_alert_template) {
 		$id_template = get_parameter("id_template");
+
+		$own_info = get_user_info ($config['id_user']);
+		$usr_groups = array();
+		if ($own_info['is_admin'])
+			$usr_groups = get_user_groups ($config['id_user'], 'LW', true);
+			
+		else
+			$usr_groups = get_user_groups($config['id_user'], 'LW', false);
+		
+		$filter_groups = '';
+		$filter_groups = implode(',', array_keys($usr_groups));		
+
 		$sql = sprintf ("SELECT t1.id, t1.name,
 				(SELECT COUNT(t2.id) 
 					FROM talert_templates AS t2 
 					WHERE t2.id =  %d 
 						AND t2.id_alert_action = t1.id) as 'sort_order'
 			FROM talert_actions AS t1
-			WHERE id_group IN (" . implode(',', $id_groups) . ")
-			ORDER BY sort_order DESC", $id_template);
+			WHERE id_group IN (%s) 
+			ORDER BY sort_order DESC", $id_template, $filter_groups);
 			
 		$rows = get_db_all_rows_sql($sql);
 		
--- a/pandora_console/operation/visual_console/index.php
+++ b/pandora_console/operation/visual_console/index.php
@ -22,7 +22,13 @@ check_login ();
 print_page_header (__("Visual console"), "images/monitor.png", false, "operation_visual_console");

 require_once ('include/functions_visual_map.php');
-$layouts = get_user_layouts ();
+
+// Only display maps of "All" group if user is administrator or has "PM" privileges, otherwise show only maps of user group
+$own_info = get_user_info ($config['id_user']);
+if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
+	$layouts = get_user_layouts ();	
+else
+	$layouts = get_user_layouts ($config['id_user'], false, false, false);

 $table->width = "70%";
 $table->data = array ();