From 7f0359283dbed41c1927267d73cf70780b988289 Mon Sep 17 00:00:00 2001 From: m-lopez-f Date: Mon, 6 Mar 2017 12:54:48 +0100 Subject: [PATCH] Fixed problems with ACL permmisions. Gitlab: #451 --- .../extensions/disabled/ssh_gateway.php | 2 +- .../extensions/disabled/vnc_view.php | 2 +- .../general/firts_task/incidents.php | 7 +- .../general/firts_task/map_builder.php | 4 + .../general/firts_task/service_list.php | 38 ++++---- .../general/firts_task/transactional_list.php | 10 ++- pandora_console/general/logon_ok.php | 10 ++- .../godmode/agentes/configurar_agente.php | 39 ++++---- .../include/functions_extensions.php | 6 +- .../operation/agentes/tactical.php | 7 +- .../operation/agentes/ver_agente.php | 90 +++++++++---------- 11 files changed, 116 insertions(+), 99 deletions(-) mode change 100644 => 100755 pandora_console/include/functions_extensions.php diff --git a/pandora_console/extensions/disabled/ssh_gateway.php b/pandora_console/extensions/disabled/ssh_gateway.php index f39f63fc71..9ddcf50f53 100644 --- a/pandora_console/extensions/disabled/ssh_gateway.php +++ b/pandora_console/extensions/disabled/ssh_gateway.php @@ -20,7 +20,7 @@ $id_agente = get_parameter ("id_agente"); $address = agents_get_address($id_agente); if (!empty($address) || empty($id_agente)) { - extensions_add_opemode_tab_agent ('ssh_gateway','SSH Gateway','extensions/ssh_gateway/secure_console.png',"ssh_gateway", "v1r1"); + extensions_add_opemode_tab_agent ('ssh_gateway','SSH Gateway','extensions/ssh_gateway/secure_console.png',"ssh_gateway", "v1r1", 'AW'); } function ssh_gateway () { diff --git a/pandora_console/extensions/disabled/vnc_view.php b/pandora_console/extensions/disabled/vnc_view.php index f10000c981..16bb353688 100644 --- a/pandora_console/extensions/disabled/vnc_view.php +++ b/pandora_console/extensions/disabled/vnc_view.php @@ -39,6 +39,6 @@ $id_agente = get_parameter ("id_agente"); $address = agents_get_address($id_agente); if (!empty($address) || empty($id_agente)) { - extensions_add_opemode_tab_agent('vnc_view', __('VNC view'), 'images/vnc.png', 'vnc_view', "v1r1"); + extensions_add_opemode_tab_agent('vnc_view', __('VNC view'), 'images/vnc.png', 'vnc_view', "v1r1", 'AW'); } ?> diff --git a/pandora_console/general/firts_task/incidents.php b/pandora_console/general/firts_task/incidents.php index c7bd0eed3b..32924ac626 100644 --- a/pandora_console/general/firts_task/incidents.php +++ b/pandora_console/general/firts_task/incidents.php @@ -15,12 +15,16 @@ // GNU General Public License for more details. global $config; +global $incident_w; +global $incident_m; check_login (); ui_require_css_file ('firts_task'); ?> true, 'message'=> __('There are no incidents defined yet.') ) ); +ui_print_info_message ( array('no_close'=>true, 'message'=> __('There are no incidents defined yet.') ) ); + +if ($incident_w || $incident_m) { ?>
@@ -41,3 +45,4 @@ ui_print_info_message ( array('no_close'=>true, 'message'=> __('There are no in
+ diff --git a/pandora_console/general/firts_task/map_builder.php b/pandora_console/general/firts_task/map_builder.php index 705e553447..40eee2a215 100755 --- a/pandora_console/general/firts_task/map_builder.php +++ b/pandora_console/general/firts_task/map_builder.php @@ -15,6 +15,8 @@ // GNU General Public License for more details. global $config; +global $vconsoles_write; +global $vconsoles_manage; check_login (); ui_require_css_file ('firts_task'); @@ -22,6 +24,7 @@ ui_print_info_message( array( 'no_close'=>true, 'message'=> __('There are no visual console defined yet.'))); +if ($vconsoles_write || $vconsoles_manage) { ?>
@@ -41,3 +44,4 @@ ui_print_info_message(
+ diff --git a/pandora_console/general/firts_task/service_list.php b/pandora_console/general/firts_task/service_list.php index cb56dbedb2..9bb647e8b3 100755 --- a/pandora_console/general/firts_task/service_list.php +++ b/pandora_console/general/firts_task/service_list.php @@ -15,25 +15,31 @@ // GNU General Public License for more details. global $config; +global $agent_w; + check_login (); ui_require_css_file ('firts_task'); ?> true, 'message'=> __('There are no services defined yet.') ) ); ?> -
-
- __('Services')));?> + +
+
+ __('Services')));?> +
+
+

+

+ +
+ +
+ +
-
-

-

-
- -
-
-
+ \ No newline at end of file diff --git a/pandora_console/general/firts_task/transactional_list.php b/pandora_console/general/firts_task/transactional_list.php index f8fca1cdc1..a309c1040e 100644 --- a/pandora_console/general/firts_task/transactional_list.php +++ b/pandora_console/general/firts_task/transactional_list.php @@ -15,10 +15,15 @@ // GNU General Public License for more details. global $config; +global $networkmaps_write; +global $networkmaps_manage; check_login (); ui_require_css_file ('firts_task'); ?> -true, 'message'=> __('There are no transactions defined yet.') ) ); ?> +true, 'message'=> __('There are no transactions defined yet.') ) ); + +if ($networkmaps_write || $networkmaps_manage) { +?>
@@ -33,4 +38,5 @@ Transaction graphs represent the different processes within our infrastructure t
-
\ No newline at end of file +
+ diff --git a/pandora_console/general/logon_ok.php b/pandora_console/general/logon_ok.php index 5dc04bbcff..3a43795fd5 100644 --- a/pandora_console/general/logon_ok.php +++ b/pandora_console/general/logon_ok.php @@ -146,10 +146,12 @@ if (!empty($all_data)) { $table->data[] = $tdata; // Users - $tdata = array(); - $tdata[0] = reporting_get_stats_users($data); - $table->rowclass[] = ''; - $table->data[] = $tdata; + if (users_is_admin()) { + $tdata = array(); + $tdata[0] = reporting_get_stats_users($data); + $table->rowclass[] = ''; + $table->data[] = $tdata; + } html_print_table($table); unset($table); diff --git a/pandora_console/godmode/agentes/configurar_agente.php b/pandora_console/godmode/agentes/configurar_agente.php index d80ca2b8da..8fc218678c 100644 --- a/pandora_console/godmode/agentes/configurar_agente.php +++ b/pandora_console/godmode/agentes/configurar_agente.php @@ -471,25 +471,27 @@ if ($id_agente) { //Extensions tabs foreach ($config['extensions'] as $extension) { - if (isset($extension['extension_god_tab']) && check_acl ($config["id_user"], $group, "AW", $id_agente)) { - $image = $extension['extension_god_tab']['icon']; - $name = $extension['extension_god_tab']['name']; - $id = $extension['extension_god_tab']['id']; - - $id_extension = get_parameter('id_extension', ''); - - if ($id_extension == $id) { - $active = true; + if (isset($extension['extension_god_tab'])) { + if (check_acl ($config["id_user"], $group, $extension['extension_god_tab']['acl'])) { + $image = $extension['extension_god_tab']['icon']; + $name = $extension['extension_god_tab']['name']; + $id = $extension['extension_god_tab']['id']; + + $id_extension = get_parameter('id_extension', ''); + + if ($id_extension == $id) { + $active = true; + } + else { + $active = false; + } + + $url = 'index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=extension&id_agente='.$id_agente . '&id_extension=' . $id; + + $extension_tab = array('text' => '' . html_print_image ($image, true, array ( "title" => $name)) . '', 'active' => $active); + + $onheader = $onheader + array($id => $extension_tab); } - else { - $active = false; - } - - $url = 'index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=extension&id_agente='.$id_agente . '&id_extension=' . $id; - - $extension_tab = array('text' => '' . html_print_image ($image, true, array ( "title" => $name)) . '', 'active' => $active); - - $onheader = $onheader + array($id => $extension_tab); } } @@ -591,7 +593,6 @@ if ($delete_conf_file) { __('Could not delete conf file')); } - // Show agent creation results if ($create_agent) { if (!isset($agent_creation_error)) { diff --git a/pandora_console/include/functions_extensions.php b/pandora_console/include/functions_extensions.php old mode 100644 new mode 100755 index 5de2b2e1a8..f80b5b5964 --- a/pandora_console/include/functions_extensions.php +++ b/pandora_console/include/functions_extensions.php @@ -409,7 +409,7 @@ function extensions_add_godmode_menu_option ($name, $acl, $fatherId = null, $ico * @param tabIcon Path to the image icon * @param tabFunction Name of the function to execute when this extension is called */ -function extensions_add_godmode_tab_agent($tabId, $tabName, $tabIcon, $tabFunction, $version="N/A") { +function extensions_add_godmode_tab_agent($tabId, $tabName, $tabIcon, $tabFunction, $version="N/A", $acl = 'AW') { global $config; global $extension_file; @@ -420,6 +420,7 @@ function extensions_add_godmode_tab_agent($tabId, $tabName, $tabIcon, $tabFuncti $extension['extension_god_tab']['icon'] = $tabIcon; $extension['extension_god_tab']['function'] = $tabFunction; $extension['extension_god_tab']['version'] = $version; + $extension['extension_ope_tab']['acl'] = $acl; } /** @@ -430,7 +431,7 @@ function extensions_add_godmode_tab_agent($tabId, $tabName, $tabIcon, $tabFuncti * @param tabIcon Path to the image icon * @param tabFunction Name of the function to execute when this extension is called */ -function extensions_add_opemode_tab_agent($tabId, $tabName, $tabIcon, $tabFunction, $version="N/A") { +function extensions_add_opemode_tab_agent($tabId, $tabName, $tabIcon, $tabFunction, $version="N/A", $acl = 'AR') { global $config; global $extension_file; @@ -441,6 +442,7 @@ function extensions_add_opemode_tab_agent($tabId, $tabName, $tabIcon, $tabFuncti $extension['extension_ope_tab']['icon'] = $tabIcon; $extension['extension_ope_tab']['function'] = $tabFunction; $extension['extension_ope_tab']['version'] = $version; + $extension['extension_ope_tab']['acl'] = $acl; } /** diff --git a/pandora_console/operation/agentes/tactical.php b/pandora_console/operation/agentes/tactical.php index 6826ddd2f9..5c73d6d363 100755 --- a/pandora_console/operation/agentes/tactical.php +++ b/pandora_console/operation/agentes/tactical.php @@ -157,19 +157,15 @@ $data_agents = array( $table->data[1][0] = reporting_get_stats_alerts($data); $table->data[2][0] = reporting_get_stats_modules_status($data, 180, 100, false, $data_agents); $table->data[3][0] = reporting_get_stats_agents_monitors($data); + $table->rowclass[] = ''; - - - // --------------------------------------------------------------------- // Server performance // --------------------------------------------------------------------- if ($is_admin) { - $table->data[4][0] = reporting_get_stats_servers(false); $table->rowclass[] = ''; - } html_print_table($table); @@ -178,7 +174,6 @@ echo ''; //Left column echo ''; - // --------------------------------------------------------------------- // Last events information // --------------------------------------------------------------------- diff --git a/pandora_console/operation/agentes/ver_agente.php b/pandora_console/operation/agentes/ver_agente.php index 4758da5e9d..1114e2699f 100644 --- a/pandora_console/operation/agentes/ver_agente.php +++ b/pandora_console/operation/agentes/ver_agente.php @@ -1155,57 +1155,53 @@ if (isset($ehorus_tab) && !empty($ehorus_tab)) { //Tabs for extensions foreach ($config['extensions'] as $extension) { if (isset($extension['extension_ope_tab'])) { - - //VMware extension is only available for VMware OS - if ($extension['extension_ope_tab']['id'] === "vmware_manager") { - - //Check if OS is vmware - $id_remote_field = db_get_value ("id_field", - "tagent_custom_fields", "name", "vmware_type"); - - $vmware_type = db_get_value_filter("description", - "tagent_custom_data", - array("id_field" => $id_remote_field, "id_agent" => $agent["id_agente"])); - - if ($vmware_type != "vm") { - continue; + if (check_acl($config['id_user'], $id_grupo, $extension['extension_ope_tab']['acl'])) { + //VMware extension is only available for VMware OS + if ($extension['extension_ope_tab']['id'] === "vmware_manager") { + //Check if OS is vmware + $id_remote_field = db_get_value ("id_field", + "tagent_custom_fields", "name", "vmware_type"); + + $vmware_type = db_get_value_filter("description", + "tagent_custom_data", + array("id_field" => $id_remote_field, "id_agent" => $agent["id_agente"])); + + if ($vmware_type != "vm") { + continue; + } } - } - - //RHEV extension is only available for RHEV Virtual Machines - if ($extension['extension_ope_tab']['id'] === "rhev_manager") { - //Get id for remote field "rhev_type" - $id_remote_field = db_get_value("id_field", "tagent_custom_fields", "name", "rhev_type"); - - //Get rhev type for this agent - $rhev_type = db_get_value_filter ("description", "tagent_custom_data", array ("id_field" => $id_remote_field, "id_agent" => $agent['id_agente'])); - - //Check if rhev type is a vm - if ($rhev_type != "vm") { - continue; + //RHEV extension is only available for RHEV Virtual Machines + if ($extension['extension_ope_tab']['id'] === "rhev_manager") { + //Get id for remote field "rhev_type" + $id_remote_field = db_get_value("id_field", "tagent_custom_fields", "name", "rhev_type"); + //Get rhev type for this agent + $rhev_type = db_get_value_filter ("description", "tagent_custom_data", array ("id_field" => $id_remote_field, "id_agent" => $agent['id_agente'])); + //Check if rhev type is a vm + if ($rhev_type != "vm") { + continue; + } } + + $image = $extension['extension_ope_tab']['icon']; + $name = $extension['extension_ope_tab']['name']; + $id = $extension['extension_ope_tab']['id']; + + $id_extension = get_parameter('id_extension', ''); + + if ($id_extension == $id) { + $active = true; + } + else { + $active = false; + } + + $url = 'index.php?sec=estado&sec2=operation/agentes/ver_agente&tab=extension&id_agente='.$id_agente . '&id_extension=' . $id; + + $extension_tab = array('text' => '' . html_print_image ($image, true, array ( "title" => $name)) . '', 'active' => $active); + + $onheader = $onheader + array($id => $extension_tab); } - - - $image = $extension['extension_ope_tab']['icon']; - $name = $extension['extension_ope_tab']['name']; - $id = $extension['extension_ope_tab']['id']; - - $id_extension = get_parameter('id_extension', ''); - - if ($id_extension == $id) { - $active = true; - } - else { - $active = false; - } - - $url = 'index.php?sec=estado&sec2=operation/agentes/ver_agente&tab=extension&id_agente='.$id_agente . '&id_extension=' . $id; - - $extension_tab = array('text' => '' . html_print_image ($image, true, array ( "title" => $name)) . '', 'active' => $active); - - $onheader = $onheader + array($id => $extension_tab); } }