tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-4662-bug-creacion-agente-API-visualizacion-Metaconsola' into 'develop' 

Ent 4662 bug creacion agente api visualizacion metaconsola

See merge request artica/pandorafms!2764
This commit is contained in:
Alejandro Fraguas 2019-10-11 11:25:16 +02:00
parent 9a165dc9d8 5fdf65c440
commit 7fc31d127d
1 changed files with 114 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

216
pandora_console/include/functions_api.php
View File

@ -1492,7 +1492,7 @@ function api_set_new_agent($thrash1, $thrash2, $other, $thrash3)
global $config; global $config;
if (!check_acl($config['id_user'], 0, 'AW')) { if (!check_acl($config['id_user'], 0, 'AW')) {
returnError('forbidden', 'string'); returnError('forbidden', 'you havent got permissions to do this');
return; return;
} }
@ -1500,127 +1500,101 @@ function api_set_new_agent($thrash1, $thrash2, $other, $thrash3)
return; return;
} }
$alias = $other['data'][0]; $alias = io_safe_input(trim(preg_replace('/[\/\\\|%#&$]/', '', $other['data'][0])));
$ip = $other['data'][1]; $direccion_agente = io_safe_input($other['data'][1]);
$idParent = $other['data'][2]; $nombre_agente = hash('sha256', $direccion_agente.'|'.$direccion_agente.'|'.time().'|'.sprintf('%04d', rand(0, 10000)));
$idGroup = $other['data'][3]; $id_parent = (int) $other['data'][2];
$cascadeProtection = $other['data'][4]; $grupo = (int) $other['data'][3];
$cascadeProtectionModule = $other['data'][5]; $cascade_protection = (int) $other['data'][4];
$intervalSeconds = $other['data'][6]; $cascade_protection_module = (int) $other['data'][5];
$idOS = $other['data'][7]; $intervalo = (string) $other['data'][6];
// $idServer = $other['data'][7]; $id_os = (int) $other['data'][7];
$nameServer = $other['data'][8]; $server_name = (string) $other['data'][8];
$customId = $other['data'][9]; $custom_id = (string) $other['data'][9];
$learningMode = $other['data'][10]; $modo = (int) $other['data'][10];
$disabled = $other['data'][11]; $disabled = (int) $other['data'][11];
$description = $other['data'][12]; $comentarios = (string) $other['data'][12];
$alias_as_name = $other['data'][13]; $alias_as_name = (int) $other['data'][13];
$update_module_count = (int) $config['metaconsole_agent_cache'] == 1;
if ($alias_as_name && !empty($alias)) { if ($cascade_protection == 1) {
$name = $alias; if (($id_parent != 0) && (db_get_value_sql(
} else {
$name = hash('sha256', $alias.'|'.$direccion_agente.'|'.time().'|'.sprintf('%04d', rand(0, 10000)));
if (empty($alias)) {
$alias = $name;
}
}
if ($cascadeProtection == 1) {
if (($idParent != 0) && (db_get_value_sql(
'SELECT id_agente_modulo 'SELECT id_agente_modulo
FROM tagente_modulo FROM tagente_modulo
WHERE id_agente = '.$idParent.' AND id_agente_modulo = '.$cascadeProtectionModule WHERE id_agente = '.$id_parent.' AND id_agente_modulo = '.$cascade_protection_module
) === false) ) === false)
) { ) {
returnError('parent_agent_not_exist', 'Is not a parent module to do cascade protection.'); returnError('parent_agent_not_exist', 'Is not a parent module to do cascade protection.');
return;
} }
} else { } else {
$cascadeProtectionModule = 0; $cascadeProtectionModule = 0;
} }
switch ($config['dbtype']) { $server_name = db_get_value_sql('SELECT name FROM tserver WHERE BINARY name LIKE "'.$server_name.'"');
case 'mysql':
$sql1 = 'SELECT name
FROM tserver WHERE BINARY name LIKE "'.$nameServer.'"';
break;
case 'postgresql': // Check if agent exists (BUG WC-50518-2).
case 'oracle': if ($alias == '' && $alias_as_name === 0) {
$sql1 = 'SELECT name returnError('alias_not_specified', 'No agent alias specified');
FROM tserver WHERE name LIKE \''.$nameServer.'\''; } else if (agents_get_agent_id($name)) {
break;
}
$nameServer = db_get_value_sql($sql1);
// Check ACL group
if (!check_acl($config['id_user'], $idGroup, 'AW')) {
returnError('forbidden', 'string');
return;
}
// Check selected parent
if ($idParent != 0) {
$parentCheck = agents_check_access_agent($idParent);
if ($parentCheck === null) {
returnError('parent_agent_not_exist', __('The agent parent don`t exist.'));
return;
}
if ($parentCheck === false) {
returnError('parent_agent_forbidden', __('The user cannot access to parent agent.'));
return;
}
}
if (agents_get_agent_id($name)) {
returnError('agent_name_exist', 'The name of agent yet exist in DB.'); returnError('agent_name_exist', 'The name of agent yet exist in DB.');
} else if (db_get_value_sql( } else if (db_get_value_sql('SELECT id_grupo FROM tgrupo WHERE id_grupo = '.$grupo) === false) {
'SELECT id_grupo
FROM tgrupo
WHERE id_grupo = '.$idGroup
) === false
) {
returnError('id_grupo_not_exist', 'The group don`t exist.'); returnError('id_grupo_not_exist', 'The group don`t exist.');
} else if (db_get_value_sql( } else if (db_get_value_sql('SELECT id_os FROM tconfig_os WHERE id_os = '.$id_os) === false) {
'SELECT id_os
FROM tconfig_os
WHERE id_os = '.$idOS
) === false
) {
returnError('id_os_not_exist', 'The OS don`t exist.'); returnError('id_os_not_exist', 'The OS don`t exist.');
} else if (db_get_value_sql($sql1) === false) { } else if ($server_name === false) {
returnError('server_not_exist', 'The '.get_product_name().' Server don`t exist.'); returnError('server_not_exist', 'The '.get_product_name().' Server don`t exist.');
} else { } else {
$idAgente = db_process_sql_insert( if ($alias_as_name === 1) {
'tagente', $exists_alias = db_get_row_sql('SELECT nombre FROM tagente WHERE nombre = "'.$alias.'"');
[ $nombre_agente = $alias;
'nombre' => $name, }
'alias' => $alias,
'direccion' => $ip, if ($direccion_agente != '') {
'id_grupo' => $idGroup, $exists_ip = db_get_row_sql('SELECT direccion FROM tagente WHERE direccion = "'.$direccion_agente.'"');
'intervalo' => $intervalSeconds, }
'comentarios' => $description,
'modo' => $learningMode, if (!$exists_alias && !$exists_ip) {
'id_os' => $idOS, $id_agente = db_process_sql_insert(
'disabled' => $disabled, 'tagente',
'cascade_protection' => $cascadeProtection, [
'cascade_protection_module' => $cascadeProtectionModule, 'nombre' => $nombre_agente,
'server_name' => $nameServer, 'alias' => $alias,
'id_parent' => $idParent, 'alias_as_name' => $alias_as_name,
'custom_id' => $customId, 'direccion' => $direccion_agente,
] 'id_grupo' => $grupo,
); 'intervalo' => $intervalo,
'comentarios' => $comentarios,
if (!empty($idAgente) && !empty($ip)) { 'modo' => $modo,
// register ip for this agent in 'taddress' 'id_os' => $id_os,
agents_add_address($idAgente, $ip); 'disabled' => $disabled,
'cascade_protection' => $cascade_protection,
'cascade_protection_module' => $cascade_protection_module,
'server_name' => $server_name,
'id_parent' => $id_parent,
'custom_id' => $custom_id,
'os_version' => '',
'agent_version' => '',
'timezone_offset' => 0,
'icon_path' => '',
'url_address' => '',
'update_module_count' => $update_module_count,
]
);
enterprise_hook('update_agent', [$id_agente]);
} else {
$id_agente = false;
}
if ($id_agente !== false) {
// Create address for this agent in taddress.
if ($direccion_agente != '') {
agents_add_address($id_agente, $direccion_agente);
} }
if ($idGroup && !empty($idAgente)) {
$tpolicy_group_old = db_get_all_rows_sql( $tpolicy_group_old = db_get_all_rows_sql(
'SELECT id_policy FROM tpolicy_groups 'SELECT id_policy FROM tpolicy_groups
WHERE id_group = '.$idGroup WHERE id_group = '.$grupo
); );
if ($tpolicy_group_old) { if ($tpolicy_group_old) {
@ -1629,18 +1603,54 @@ function api_set_new_agent($thrash1, $thrash2, $other, $thrash3)
'tpolicy_agents', 'tpolicy_agents',
[ [
'id_policy' => $old_group['id_policy'], 'id_policy' => $old_group['id_policy'],
'id_agent' => $idAgente, 'id_agent' => $id_agente,
] ]
); );
} }
} }
$info = '{"Name":"'.$nombre_agente.'",
"IP":"'.$direccion_agente.'",
"Group":"'.$grupo.'",
"Interval":"'.$intervalo.'",
"Comments":"'.$comentarios.'",
"Mode":"'.$modo.'",
"ID_parent:":"'.$id_parent.'",
"Server":"'.$server_name.'",
"ID os":"'.$id_os.'",
"Disabled":"'.$disabled.'",
"Custom ID":"'.$custom_id.'",
"Cascade protection":"'.$cascade_protection.'",
"Cascade protection module":"'.$cascade_protection_module.'"}';
$unsafe_alias = io_safe_output($alias);
db_pandora_audit(
'Agent management',
'Created agent '.$unsafe_alias,
false,
true,
$info
);
} else {
$id_agente = 0;
if ($exists_alias) {
$agent_creation_error = __('Could not be created, because name already exists');
} else if ($exists_ip) {
$agent_creation_error = __('Could not be created, because IP already exists');
} else {
$agent_creation_error = __('Could not be created for unknown reason');
}
returnError('generic error', $agent_creation_error);
return;
} }
returnData( returnData(
'string', 'string',
[ [
'type' => 'string', 'type' => 'string',
'data' => $idAgente, 'data' => $id_agente,
] ]
); );
} }