From 6c41ccc0f3a8847514b59cc414bfa15824932bd2 Mon Sep 17 00:00:00 2001 From: miguel angel rasteu Date: Mon, 17 Jul 2023 08:59:19 +0200 Subject: [PATCH 01/22] #11699 fix css filter --- pandora_console/include/styles/pandora_black.css | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pandora_console/include/styles/pandora_black.css b/pandora_console/include/styles/pandora_black.css index 652d777f72..999810c367 100644 --- a/pandora_console/include/styles/pandora_black.css +++ b/pandora_console/include/styles/pandora_black.css @@ -1464,6 +1464,10 @@ ul.datatable_filter:has(li > div.action-buttons) { background-color: #222 !important; } +ul.datatable_filter { + background-color: #222 !important; +} + span.ui-dialog-title { color: #fff !important; } From aead8d006e84f01f30607e32d7d4f7f5ea90631e Mon Sep 17 00:00:00 2001 From: Jorge Rincon Date: Tue, 29 Aug 2023 14:11:32 +0200 Subject: [PATCH 02/22] #11894 Fixed links does not update the page when creating or deleting links --- pandora_console/godmode/setup/links.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/pandora_console/godmode/setup/links.php b/pandora_console/godmode/setup/links.php index fc27454b48..20e61e95b0 100644 --- a/pandora_console/godmode/setup/links.php +++ b/pandora_console/godmode/setup/links.php @@ -54,8 +54,12 @@ if (isset($_POST['create'])) { if (! $result) { ui_print_error_message(__('There was a problem creating link')); } else { - ui_print_success_message(__('Successfully created')); $id_link = $result; + ui_print_result_message( + $id_link, + __('Successfully created'), + __('Could not be created') + ); } } @@ -111,8 +115,8 @@ if ((isset($_GET['form_add'])) or (isset($_GET['form_edit']))) { $link = ''; } - echo ''; echo ''; + echo '
'; if ($creation_mode == 1) { echo ""; } else { @@ -179,10 +183,10 @@ if ((isset($_GET['form_add'])) or (isset($_GET['form_edit']))) { ) ); - echo '
'; + echo ''; } else { - // Main list view for Links editor - $rows = db_get_all_rows_in_table('tlink', 'name'); + // Main list view for Links editor. + $rows = db_get_all_fields_in_table('tlink', '', '', 'name'); if ($rows === false) { $rows = []; } From c3184cecd161b26164e059dce5a9f92a0bde6fcd Mon Sep 17 00:00:00 2001 From: Jorge Rincon Date: Mon, 11 Sep 2023 11:38:25 +0200 Subject: [PATCH 03/22] #11832 Fixed domain name change in pandoradb_data.sql file --- pandora_console/pandoradb_data.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index 1962582965..b47990b6ff 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -1183,7 +1183,7 @@ INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALU INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (2, 'Discovery.Cloud', 'Discovery Cloud script to monitor Cloud technologies (AWS.EC2, AWS.S3, AWS.RDS, RDS,ȊWS.EKS)', '/usr/share/pandora_server/util/recon_scripts/pcm_client.pl', '{"1":{"macro":"_field1_","desc":"Configuration file","help":"","value":"","hide":""}}'); -- IPAM is 3. -INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (4, 'IPMI Recon','Specific Pandora FMS Intel DCM Discovery (c) Artica ST 2011 <info@artica.es> Usage: ./ipmi-recon.pl <task_id> <group_id> <custom_field1> <custom_field2> <custom_field3> <custom_field4> * custom_field1 = Network i.e.: 192.168.100.0/24 * custom_field2 = Username * custom_field3 = Password * custom_field4 = Additional parameters i.e.: -D LAN_2_0','/usr/share/pandora_server/util/recon_scripts/ipmi-recon.pl','{\"1\":{\"macro\":\"_field1_\",\"desc\":\"Network\",\"help\":\"i.e.: 192.168.100.0/24\",\"value\":\"\",\"hide\":\"\"},\"2\":{\"macro\":\"_field2_\",\"desc\":\"Username\",\"help\":\"\",\"value\":\"\",\"hide\":\"\"},\"3\":{\"macro\":\"_field3_\",\"desc\":\"Password\",\"help\":\"\",\"value\":\"\",\"hide\":\"1\"},\"4\":{\"macro\":\"_field4_\",\"desc\":\"Additional parameters\",\"help\":\"Optional additional parameters such as -D LAN_2_0 to use IPMI ver 2.0 instead of 1.5. These options will also be passed to the IPMI plugin when the current values are read.\",\"value\":\"\",\"hide\":\"\"}}'); +INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (4, 'IPMI Recon','Specific Pandora FMS Intel DCM Discovery (c) Artica ST 2011 <info@pandorafms.com> Usage: ./ipmi-recon.pl <task_id> <group_id> <custom_field1> <custom_field2> <custom_field3> <custom_field4> * custom_field1 = Network i.e.: 192.168.100.0/24 * custom_field2 = Username * custom_field3 = Password * custom_field4 = Additional parameters i.e.: -D LAN_2_0','/usr/share/pandora_server/util/recon_scripts/ipmi-recon.pl','{\"1\":{\"macro\":\"_field1_\",\"desc\":\"Network\",\"help\":\"i.e.: 192.168.100.0/24\",\"value\":\"\",\"hide\":\"\"},\"2\":{\"macro\":\"_field2_\",\"desc\":\"Username\",\"help\":\"\",\"value\":\"\",\"hide\":\"\"},\"3\":{\"macro\":\"_field3_\",\"desc\":\"Password\",\"help\":\"\",\"value\":\"\",\"hide\":\"1\"},\"4\":{\"macro\":\"_field4_\",\"desc\":\"Additional parameters\",\"help\":\"Optional additional parameters such as -D LAN_2_0 to use IPMI ver 2.0 instead of 1.5. These options will also be passed to the IPMI plugin when the current values are read.\",\"value\":\"\",\"hide\":\"\"}}'); INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (3, 'IPAM Recon', 'This script is used to automatically detect network hosts availability and name, used as Recon Custom Script in the recon task. Parameters used are:\n\n* custom_field1 = network. i.e.: 192.168.100.0/24\n* custom_field2 = associated IPAM network id. i.e.: 4. Please do not change this value, it is assigned automatically in IPAM management.\n\nSee documentation for more information.', '/usr/share/pandora_server/util/recon_scripts/IPAMrecon.pl', '{"1":{"macro":"_field1_","desc":"Network","help":"i.e.: 192.168.100.0/24","value":"","hide":""}}'); @@ -1203,7 +1203,7 @@ INSERT INTO `tplugin` (`id`, `name`, `description`, `max_timeout`, `max_retries` INSERT INTO `tagent_custom_fields` VALUES (1,'Serial Number',0,0,'',0),(2,'Department',0,0,'',0),(3,'Additional ID',0,0,'',0),(4,'eHorusID',0,0,'',0); -INSERT INTO `ttag` VALUES (1,'network','Network equipment','http://artica.es','','',''),(2,'critical','Critical modules','','','',''),(3,'dmz','DMZ Network Zone','','','',''),(4,'performance','Performance anda capacity modules','','','',''),(5,'configuration','','','','',''); +INSERT INTO `ttag` VALUES (1,'network','Network equipment','http://pandorafms.com','','',''),(2,'critical','Critical modules','','','',''),(3,'dmz','DMZ Network Zone','','','',''),(4,'performance','Performance anda capacity modules','','','',''),(5,'configuration','','','','',''); INSERT INTO `tevent_response` VALUES (1,'Ping to host','Ping to the agent host','ping -c 5 _agent_address_','command',0,620,500,0,'',0,90,0),(3,'Create incident from event','Create a incident from the event with the standard incidents system of Pandora FMS','index.php?sec=workspace&sec2=operation/incidents/incident_detail&insert_form&from_event=_event_id_','url',0,0,0,1,'',0,90,0),(5,'Restart agent','Restart the agent with using UDP protocol. To use this response is necessary to have installed Pandora FMS server and console in the same machine.','/usr/share/pandora_server/util/udp_client.pl _agent_address_ 41122 "REFRESH AGENT"','command',0,620,500,0,'',0,90,0),(6,'Ping to module agent host','Ping to the module agent host','ping -c 5 _module_address_','command',0,620,500,0,'',0,90,0); From 24b8937b113c7e90808d64ae81039bc6d2731dc9 Mon Sep 17 00:00:00 2001 From: Jorge Rincon Date: Mon, 11 Sep 2023 13:21:44 +0200 Subject: [PATCH 04/22] The hint is added to the module field. --- pandora_console/include/lib/Dashboard/Widgets/single_graph.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/include/lib/Dashboard/Widgets/single_graph.php b/pandora_console/include/lib/Dashboard/Widgets/single_graph.php index 957159824c..0f3ccddff1 100644 --- a/pandora_console/include/lib/Dashboard/Widgets/single_graph.php +++ b/pandora_console/include/lib/Dashboard/Widgets/single_graph.php @@ -324,7 +324,7 @@ class SingleGraphWidget extends Widget // Autocomplete module. $inputs[] = [ - 'label' => __('Module'), + 'label' => __('Module').ui_print_help_tip(__('Warning, this requires to have data for a mid-term (days/weeks) of the source data, if not, projection will not be reliable.'), true), 'arguments' => [ 'type' => 'autocomplete_module', 'name' => 'moduleId', From 2c430929cbba7f9d6ee70a5e956d81c5a3009920 Mon Sep 17 00:00:00 2001 From: Jorge Rincon Date: Mon, 11 Sep 2023 16:53:52 +0200 Subject: [PATCH 05/22] #11831 Fixed menu option literals --- pandora_console/extensions/dbmanager.php | 2 +- pandora_console/godmode/setup/setup.php | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/pandora_console/extensions/dbmanager.php b/pandora_console/extensions/dbmanager.php index 983e208bef..acaaadd12c 100644 --- a/pandora_console/extensions/dbmanager.php +++ b/pandora_console/extensions/dbmanager.php @@ -90,7 +90,7 @@ function dbmgr_extension_main() // Header. ui_print_standard_header( - __('Database interface'), + __('DB interface'), 'images/gm_db.png', false, '', diff --git a/pandora_console/godmode/setup/setup.php b/pandora_console/godmode/setup/setup.php index 7e17f9fe4c..e6ae8d7bab 100644 --- a/pandora_console/godmode/setup/setup.php +++ b/pandora_console/godmode/setup/setup.php @@ -93,7 +93,7 @@ $buttons['general'] = [ 'images/setup.png', true, [ - 'title' => __('General'), + 'title' => __('General setup'), 'class' => 'invert_filter', ] @@ -265,7 +265,7 @@ if (enterprise_installed()) { switch ($section) { case 'general': $buttons['general']['active'] = true; - $subpage = __('General'); + $subpage = __('General setup'); $help_header = 'setup_general_tab'; break; @@ -377,7 +377,7 @@ switch ($section) { // Header. ui_print_standard_header( - $subpage, + __('Setup').' » '.$subpage, '', false, $help_header, @@ -388,6 +388,10 @@ ui_print_standard_header( 'link' => '', 'label' => __('Setup'), ], + [ + 'link' => '', + 'label' => $subpage, + ], ] ); From 50351c6ff466899030cfe7c3b7c6fdeedab18d5b Mon Sep 17 00:00:00 2001 From: Jorge Rincon Date: Tue, 12 Sep 2023 10:38:22 +0200 Subject: [PATCH 06/22] #11911 fixed Item Default mail to send alerts from the Welcome dialog --- pandora_console/include/class/WelcomeWindow.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pandora_console/include/class/WelcomeWindow.class.php b/pandora_console/include/class/WelcomeWindow.class.php index 5e66268403..897417a9f3 100644 --- a/pandora_console/include/class/WelcomeWindow.class.php +++ b/pandora_console/include/class/WelcomeWindow.class.php @@ -372,7 +372,7 @@ class WelcomeWindow extends Wizard $flag_um = true; } - if (empty($config['welcome_mail_configured']) === false) { + if (empty($config['email_username']) === false && empty($config['email_password']) === false) { $btn_configure_mail_class = ''; $li_configure_mail_class = 'row_green'; $flag_cm = true; @@ -1136,7 +1136,7 @@ class WelcomeWindow extends Wizard } function configureEmail() { - window.location = ''; + window.location = ''; } function serversUp() { From 2c98ee5628b03ba42ae38bff44a944aa0a085910 Mon Sep 17 00:00:00 2001 From: miguel angel rasteu Date: Mon, 18 Sep 2023 09:09:52 +0200 Subject: [PATCH 07/22] #12036 Fix duplicate widget --- .../include/javascript/pandora_dashboards.js | 25 ++++++-------- .../include/lib/Dashboard/Manager.php | 34 ++++++++++++++++--- pandora_console/views/dashboard/cell.php | 14 +++++--- 3 files changed, 50 insertions(+), 23 deletions(-) diff --git a/pandora_console/include/javascript/pandora_dashboards.js b/pandora_console/include/javascript/pandora_dashboards.js index 79fde538b4..471adc877a 100644 --- a/pandora_console/include/javascript/pandora_dashboards.js +++ b/pandora_console/include/javascript/pandora_dashboards.js @@ -310,8 +310,6 @@ function initialiceLayout(data) { } function duplicateWidget(original_cellId, original_widgetId) { - let duplicate_cellId = insertCellLayoutForDuplicate(); - $.ajax({ method: "post", url: data.url, @@ -320,16 +318,14 @@ function initialiceLayout(data) { method: "duplicateWidget", dashboardId: data.dashboardId, widgetId: original_widgetId, - cellId: original_cellId, - duplicateCellId: duplicate_cellId + cellId: original_cellId }, dataType: "json", - success: function(success) { - console.log(success); + success: function(data) { + addCell(data.cellId, 0, 0, 4, 4, true, 0, 2000, 0, 2000, 0, true); }, - error: function(error) { - console.log(error); - return []; + error: function(xhr, textStatus, errorMessage) { + console.log("ERROR" + errorMessage + textStatus + xhr); } }); } @@ -428,8 +424,8 @@ function initialiceLayout(data) { } }); } - - function insertCellLayoutForDuplicate() { + /* + function insertCellLayoutForDuplicate(original_cell_id) { let duplicateCellId = 0; $.ajax({ async: false, @@ -441,7 +437,8 @@ function initialiceLayout(data) { dashboardId: data.dashboardId, auth_class: data.auth.class, auth_hash: data.auth.hash, - id_user: data.auth.user + id_user: data.auth.user, + copy: original_cell_id }, dataType: "json", success: function(data) { @@ -449,7 +446,7 @@ function initialiceLayout(data) { // width and height = 4 // position auto = true. if (data.cellId !== 0) { - addCell(data.cellId, 0, 0, 4, 4, true, 0, 2000, 0, 2000, 0, true); + addCell(data.cellId, 0, 0, 4, 4, true, 0, 2000, 0, 2000, 0, true, original_cell_id); duplicateCellId = data.cellId; } }, @@ -458,7 +455,7 @@ function initialiceLayout(data) { } }); return duplicateCellId; - } + }*/ function configurationWidget(cellId, widgetId, size) { load_modal({ diff --git a/pandora_console/include/lib/Dashboard/Manager.php b/pandora_console/include/lib/Dashboard/Manager.php index 40b6d2d1a0..dfcdfe0238 100644 --- a/pandora_console/include/lib/Dashboard/Manager.php +++ b/pandora_console/include/lib/Dashboard/Manager.php @@ -609,10 +609,25 @@ class Manager implements PublicLogin /** * Duplicate widget. * - * @return integer + * @return void */ - public function duplicateWidget():int + public function duplicateWidget():void { + global $config; + + $return = false; + + $position = [ + 'x' => 0, + 'y' => 0, + 'width' => 4, + 'height' => 4, + ]; + + $cellClass = new Cell($position, $this->dashboardId); + $dataCell = $cellClass->get(); + + // $result = ['cellId' => $dataCell['id']]; $original_widget = []; $original_cellId = $this->cellId; @@ -632,12 +647,23 @@ class Manager implements PublicLogin 'options' => $options_json, 'id_widget' => $original_widget['id_widget'], ]; + $res = \db_process_sql_update( 'twidget_dashboard', $values, - ['id' => $this->duplicateCellId] + ['id' => $dataCell['id']] ); - return $res; + + if ($res === 1) { + $return = [ + 'cellId' => $dataCell['id'], + 'widgetId' => $original_widget['id_widget'], + ]; + + $json_return = json_encode($return); + } + + echo $json_return; } diff --git a/pandora_console/views/dashboard/cell.php b/pandora_console/views/dashboard/cell.php index 919ce9e07e..7816f79351 100644 --- a/pandora_console/views/dashboard/cell.php +++ b/pandora_console/views/dashboard/cell.php @@ -34,9 +34,8 @@ if ($redraw === false) { $output .= '
'; $output .= '
'; - -if ((int) $cellData['id_widget'] !== 0) { - $options = json_decode($cellData['options'], true); +$options = json_decode($cellData['options'], true); +if ($cellData['id_widget'] !== '0') { $output .= $options['title']; } else { $output .= __('New widget'); @@ -44,10 +43,15 @@ if ((int) $cellData['id_widget'] !== 0) { $output .= '
'; $output .= '
'; - if ($manageDashboards !== 0 || $writeDashboards !== 0) { if ((int) $cellData['id_widget'] !== 0) { - $output .= ''; + $count_options = count(json_decode($cellData['options'], true)); + $invisible = ''; + if ($count_options <= 2 && $options['copy'] == 0) { + $invisible = 'invisible'; + } + + $output .= ''; $output .= html_print_image( 'images/copy.svg', true, From f2f17de6433de51bee29a80401c7f73544de14b2 Mon Sep 17 00:00:00 2001 From: miguel angel rasteu Date: Mon, 18 Sep 2023 16:33:47 +0200 Subject: [PATCH 08/22] #12023 Fix write access group in reports --- .../godmode/reporting/reporting_builder.main.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pandora_console/godmode/reporting/reporting_builder.main.php b/pandora_console/godmode/reporting/reporting_builder.main.php index c0381acca2..d4914d2b58 100755 --- a/pandora_console/godmode/reporting/reporting_builder.main.php +++ b/pandora_console/godmode/reporting/reporting_builder.main.php @@ -180,8 +180,8 @@ if ($report_id_user == $config['id_user'] $options['div_class'] = ''; } - $table->data[2][1] = html_print_label_input_block( - __('Group'), + $table->data[3][0] = html_print_label_input_block( + __('Write Access Group'), html_print_select_groups( false, 'RW', @@ -216,7 +216,7 @@ if ($enterpriseEnable) { if (enterprise_installed() === true) { - $table->data[3][0] = html_print_label_input_block( + $table->data[4][0] = html_print_label_input_block( __('Generate cover page in PDF render'), html_print_checkbox_switch( 'cover_page_render', @@ -226,7 +226,7 @@ if (enterprise_installed() === true) { ) ); - $table->data[3][1] = html_print_label_input_block( + $table->data[4][1] = html_print_label_input_block( __('Generate index in PDF render'), html_print_checkbox_switch( 'index_render', From 05be3e143efcbf95e7f19a3b7aa4e59a2dddce7f Mon Sep 17 00:00:00 2001 From: Jonathan Date: Fri, 3 Nov 2023 11:27:27 +0100 Subject: [PATCH 09/22] #12387 bug agent module widget edit agent --- pandora_console/include/functions_html.php | 45 +++++++++++++++------- 1 file changed, 31 insertions(+), 14 deletions(-) diff --git a/pandora_console/include/functions_html.php b/pandora_console/include/functions_html.php index 888531e915..7cd53ba0e8 100644 --- a/pandora_console/include/functions_html.php +++ b/pandora_console/include/functions_html.php @@ -1740,20 +1740,37 @@ function html_print_select_multiple_modules_filtered(array $data):string } } - $output .= html_print_input( - [ - 'label' => __('Agents'), - 'label_class' => 'font-title-font', - 'type' => 'select_from_sql', - 'sql' => 'SELECT `id_agente`,`nombre` FROM tagente', - 'name' => 'filtered-module-agents-'.$uniqId, - 'selected' => explode(',', $data['mAgents']), - 'return' => true, - 'multiple' => true, - 'style' => 'min-width: 200px;max-width:200px;', - 'script' => 'fmModuleChange(\''.$uniqId.'\', '.(int) is_metaconsole().')', - ] - ); + if (is_metaconsole() === true) { + $output .= html_print_input( + [ + 'label' => __('Agents'), + 'label_class' => 'font-title-font', + 'type' => 'select', + 'fields' => $agents, + 'name' => 'filtered-module-agents-'.$uniqId, + 'selected' => explode(',', $data['mAgents']), + 'return' => true, + 'multiple' => true, + 'style' => 'min-width: 200px;max-width:200px;', + 'script' => 'fmModuleChange(\''.$uniqId.'\', '.(int) is_metaconsole().')', + ] + ); + } else { + $output .= html_print_input( + [ + 'label' => __('Agents'), + 'label_class' => 'font-title-font', + 'type' => 'select_from_sql', + 'sql' => 'SELECT `id_agente`,`nombre` FROM tagente', + 'name' => 'filtered-module-agents-'.$uniqId, + 'selected' => explode(',', $data['mAgents']), + 'return' => true, + 'multiple' => true, + 'style' => 'min-width: 200px;max-width:200px;', + 'script' => 'fmModuleChange(\''.$uniqId.'\', '.(int) is_metaconsole().')', + ] + ); + } $commonModules = 0; if (empty($data['mShowCommonModules']) === false) { From 2336e7c8da54b0cf5e201074ede5220306b8fda0 Mon Sep 17 00:00:00 2001 From: Jorge Rincon Date: Tue, 14 Nov 2023 12:49:27 +0100 Subject: [PATCH 10/22] #12372 fixed link advanced_editor for remote conf server --- pandora_console/godmode/servers/servers.build_table.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/godmode/servers/servers.build_table.php b/pandora_console/godmode/servers/servers.build_table.php index 101a99d955..a2cde656c2 100644 --- a/pandora_console/godmode/servers/servers.build_table.php +++ b/pandora_console/godmode/servers/servers.build_table.php @@ -273,7 +273,7 @@ foreach ($servers as $server) { $data[8] .= ''; if (($names_servers[$safe_server_name] === true) && ($ext === '_server' || $server['type'] === 'enterprise satellite')) { - $data[8] .= ''; + $data[8] .= ''; $data[8] .= html_print_image( 'images/agents@svg.svg', true, From 2db0d05a3703bbce023ea08c93e2d1eb8d7ee408 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Wed, 15 Nov 2023 09:46:40 +0100 Subject: [PATCH 11/22] #12250 new report detail security --- .../reporting_builder.item_editor.php | 90 +++++++++++++++++++ .../godmode/reporting/reporting_builder.php | 20 +++++ .../include/functions_reporting.php | 8 ++ .../include/functions_reporting_html.php | 68 ++++++++++++++ pandora_console/include/functions_reports.php | 5 ++ 5 files changed, 191 insertions(+) diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index bb06d3a800..013b623c8b 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -1084,6 +1084,15 @@ switch ($action) { $period = $item['period']; break; + case 'vuls_by_agent': + $group = $item['id_group']; + $es = json_decode($item['external_source'], true); + $selected_agent_custom_field_filter = $es['agent_custom_field_filter']; + $security_hardening_score = $es['security_hardening_score']; + $vulnerabilities_status = $es['vulnerabilities_status']; + $secmon_status = $es['secmon_status']; + break; + default: // It's not possible. break; @@ -3913,6 +3922,76 @@ if (is_metaconsole() === true) { ?> + + + + + + + __('ALL'), + 'critical' => __('CRITICAL'), + 'warning' => __('WARNING'), + ], + 'secmon_status', + $secmon_status, + ); + ?> + + + + + + + + + __('ALL'), + '90' => __('< 90%'), + '80' => __('< 80%'), + '70' => __('< 70%'), + '60' => __('< 60%'), + '50' => __('< 50%'), + '40' => __('< 40%'), + '30' => __('< 30%'), + '20' => __('< 20%'), + '10' => __('< 10%'), + ], + 'security_hardening_score', + (empty($security_hardening_score) === false) ? $security_hardening_score : 'all', + ); + ?> + + + + + + + + + __('ALL'), + 'crit' => __('CRITICAL'), + 'warn' => __('WARNING'), + ], + 'vulnerabilities_status', + $vulnerabilities_status, + ); + ?> + + @@ -6850,6 +6929,9 @@ function chooseType() { $("#row_cat_security_hardening").hide(); $("#row_ignore_skipped").hide(); $("#row_status_check").hide(); + $("#row_secmon_status").hide(); + $("#row_security_hardening_score").hide(); + $("#row_vulnerabilities_status").hide(); // SLA list default state. $("#sla_list").hide(); @@ -7749,6 +7831,14 @@ function chooseType() { $("#row_group").show(); $('#row_period').show(); break; + + case 'vuls_by_agent': + $("#row_group").show(); + $("#row_custom_field_filter").show(); + $("#row_secmon_status").show(); + $("#row_security_hardening_score").show(); + $("#row_vulnerabilities_status").show(); + break; } switch (type) { diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index 095f79b14a..a85792f3e6 100755 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -2045,6 +2045,16 @@ switch ($action) { $good_format = true; break; + case 'vuls_by_agent': + $values['id_group'] = get_parameter('combo_group'); + $es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter'); + $es['secmon_status'] = get_parameter('secmon_status'); + $es['security_hardening_score'] = get_parameter('security_hardening_score'); + $es['vulnerabilities_status'] = get_parameter('vulnerabilities_status'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( @@ -2977,6 +2987,16 @@ switch ($action) { $good_format = true; break; + case 'vuls_by_agent': + $values['id_group'] = get_parameter('combo_group'); + $es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter'); + $es['secmon_status'] = get_parameter('secmon_status'); + $es['security_hardening_score'] = get_parameter('security_hardening_score'); + $es['vulnerabilities_status'] = get_parameter('vulnerabilities_status'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index 39f1642fa0..167a0db389 100755 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -1023,6 +1023,14 @@ function reporting_make_reporting_data( ); break; + case 'vuls_by_agent': + $report['contents'][] = reporting_vuls_by_agent( + $report, + $content, + $type + ); + break; + default: // Default. break; diff --git a/pandora_console/include/functions_reporting_html.php b/pandora_console/include/functions_reporting_html.php index 99f3af63ad..92508ac00b 100644 --- a/pandora_console/include/functions_reporting_html.php +++ b/pandora_console/include/functions_reporting_html.php @@ -507,6 +507,10 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust case 'evolution': reporting_evolution_graph($table, $item); break; + + case 'vuls_by_agent': + reporting_html_vuls_by_agent($table, $item); + break; } if ($item['type'] == 'agent_module') { @@ -522,6 +526,70 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust } +/** + * Function to print the all vulnerabilities by agent. + * + * @param object $table Head table or false if it comes from pdf. + * @param array $item Items data. + * @param integer $pdf Flag for return table. + * + * @return mixed + */ +function reporting_html_vuls_by_agent($table, $item, $pdf=0) +{ + $table->width = '99%'; + $table->styleTable = 'border: 0px;'; + $table->colspan[2][0] = 3; + $table1 = new stdClass(); + $table1->headstyle[0] = 'text-align: left'; + $table1->headstyle[1] = 'text-align: left'; + $table1->headstyle[2] = 'text-align: left'; + $table1->width = '99%'; + $table1->class = 'info_table'; + $table1->titleclass = 'title_table_pdf'; + $table1->rowclass[0] = ''; + $table1->head[0] = __('Agent'); + $table1->head[1] = __('OS'); + $table1->head[2] = __('OS Version'); + $table1->head[3] = __('Group'); + $table1->head[4] = __('Ip'); + $table1->head[5] = __('Status'); + $table1->head[6] = __('SecMon'); + $table1->head[7] = __('Hardening'); + $table1->head[8] = __('Vulnerability'); + $table1->head[9] = __('Last contact'); + $table1->head[10] = __('L.S. Change'); + + $row = 1; + foreach ($item['data'] as $key => $vul) { + $table1->data[$row][0] = $vul['alias']; + $table1->data[$row][2] = $vul['name']; + $table1->data[$row][3] = $vul['os_version']; + $table1->data[$row][4] = $vul['nombre_gr']; + $table1->data[$row][5] = $vul['direccion']; + $table1->data[$row][6] = $vul['status']; + $table1->data[$row][7] = $vul['secmon']; + $table1->data[$row][8] = $vul['hardening']; + $table1->data[$row][9] = $vul['vulnerabilities']; + $table1->data[$row][10] = $vul['ultimo_contacto']; + $table1->data[$row][11] = $vul['last_status_c']; + $row++; + } + + if ($pdf === 1) { + $table1->title = $item['title']; + $table1->titleclass = 'title_table_pdf'; + $table1->titlestyle = 'text-align:left;'; + } + + $table->data[2][0] = html_print_table($table1, true); + + if ($pdf === 1) { + return html_print_table($table1, true); + } +} + + /** * Function to print the security hardening evolution. * diff --git a/pandora_console/include/functions_reports.php b/pandora_console/include/functions_reports.php index 3da9993933..27533fa5a3 100755 --- a/pandora_console/include/functions_reports.php +++ b/pandora_console/include/functions_reports.php @@ -1003,6 +1003,11 @@ function reports_get_report_types($template=false, $not_editor=false) 'optgroup' => __('Security hardening'), 'name' => __('Evolution'), ]; + + $types['vuls_by_agent'] = [ + 'optgroup' => __('Vulnerabilities'), + 'name' => __('Detailed security report'), + ]; } return $types; From bb9cd812443b5e5d80e5de9a613cba2e73cb7c87 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Tue, 21 Nov 2023 10:31:06 +0100 Subject: [PATCH 12/22] #12253 added reports vulnerabilities --- .../reporting_builder.item_editor.php | 24 ++++++ .../godmode/reporting/reporting_builder.php | 30 +++++++ .../include/functions_reporting.php | 24 ++++++ .../include/functions_reporting_html.php | 84 +++++++++++++++++++ pandora_console/include/functions_reports.php | 15 ++++ 5 files changed, 177 insertions(+) diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 1c85daed6e..28122bb054 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -1084,6 +1084,18 @@ switch ($action) { $period = $item['period']; break; + case 'vuls_severity_graph': + $group = $item['id_group']; + break; + + case 'vuls_attack_complexity': + $group = $item['id_group']; + break; + + case 'vuls_by_packages': + $group = $item['id_group']; + break; + case 'vuls_by_agent': $group = $item['id_group']; $es = json_decode($item['external_source'], true); @@ -7865,6 +7877,18 @@ function chooseType() { $('#row_period').show(); break; + case 'vuls_severity_graph': + $("#row_group").show(); + break; + + case 'vuls_attack_complexity': + $("#row_group").show(); + break; + + case 'vuls_by_packages': + $("#row_group").show(); + break; + case 'vuls_by_agent': $("#row_group").show(); $("#row_custom_field_filter").show(); diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index a85792f3e6..b4ffafee6f 100755 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -2045,6 +2045,21 @@ switch ($action) { $good_format = true; break; + case 'vuls_severity_graph': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_attack_complexity': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_by_packages': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + case 'vuls_by_agent': $values['id_group'] = get_parameter('combo_group'); $es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter'); @@ -2987,6 +3002,21 @@ switch ($action) { $good_format = true; break; + case 'vuls_severity_graph': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_attack_complexity': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_by_packages': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + case 'vuls_by_agent': $values['id_group'] = get_parameter('combo_group'); $es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter'); diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index 167a0db389..a77b212957 100755 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -1023,6 +1023,30 @@ function reporting_make_reporting_data( ); break; + case 'vuls_severity_graph': + $report['contents'][] = reporting_vuls_severity_graph( + $report, + $content, + $type + ); + break; + + case 'vuls_attack_complexity': + $report['contents'][] = reporting_vuls_attack_complexity_graph( + $report, + $content, + $type + ); + break; + + case 'vuls_by_packages': + $report['contents'][] = reporting_vuls_by_packages_graph( + $report, + $content, + $type + ); + break; + case 'vuls_by_agent': $report['contents'][] = reporting_vuls_by_agent( $report, diff --git a/pandora_console/include/functions_reporting_html.php b/pandora_console/include/functions_reporting_html.php index 92508ac00b..937fa1f39d 100644 --- a/pandora_console/include/functions_reporting_html.php +++ b/pandora_console/include/functions_reporting_html.php @@ -508,6 +508,18 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust reporting_evolution_graph($table, $item); break; + case 'vuls_severity_graph': + reporting_html_vuls_severity_graph($table, $item); + break; + + case 'vuls_attack_complexity': + reporting_html_vuls_attack_complexity($table, $item); + break; + + case 'vuls_by_packages': + reporting_html_vuls_by_packages($table, $item); + break; + case 'vuls_by_agent': reporting_html_vuls_by_agent($table, $item); break; @@ -526,6 +538,78 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust } +/** + * Function to print total vulnerabilities by packages in graph. + * + * @param object $table Head table or false if it comes from pdf. + * @param array $item Items data. + * @param integer $pdf Flag for return table. + * + * @return mixed + */ +function reporting_html_vuls_by_packages($table, $item, $pdf=0) +{ + $table->rowclass[0] = ''; + $table->colspan['chart']['cell'] = 3; + $table->cellstyle['chart']['cell'] = 'text-align: center;'; + $table->data['chart']['cell'] = $item['chart']; + + if ($pdf === 1) { + return html_print_table($table, true); + } +} + + +/** + * Function to print attack complexity in graph + * + * @param object $table Head table or false if it comes from pdf. + * @param array $item Items data. + * @param integer $pdf Flag for return table. + * + * @return mixed + */ +function reporting_html_vuls_attack_complexity($table, $item, $pdf=0) +{ + $table->rowclass[0] = ''; + $table->colspan['chart']['cell'] = 3; + $table->cellstyle['chart']['cell'] = 'text-align: center;'; + $table->data['chart']['cell'] = html_print_div( + [ + 'content' => $item['chart'], + 'style' => 'width: 450px; height: 300px; margin: 0 auto;', + ], + true + ); + + if ($pdf === 1) { + return html_print_table($table, true); + } +} + + +/** + * Function to print the severity vuls in graph. + * + * @param object $table Head table or false if it comes from pdf. + * @param array $item Items data. + * @param integer $pdf Flag for return table. + * + * @return mixed + */ +function reporting_html_vuls_severity_graph($table, $item, $pdf=0) +{ + $table->rowclass[0] = ''; + $table->colspan['chart']['cell'] = 3; + $table->cellstyle['chart']['cell'] = 'text-align: center;'; + $table->data['chart']['cell'] = $item['chart']; + + if ($pdf === 1) { + return html_print_table($table, true); + } +} + + /** * Function to print the all vulnerabilities by agent. * diff --git a/pandora_console/include/functions_reports.php b/pandora_console/include/functions_reports.php index 27533fa5a3..2ca7181938 100755 --- a/pandora_console/include/functions_reports.php +++ b/pandora_console/include/functions_reports.php @@ -1004,6 +1004,21 @@ function reports_get_report_types($template=false, $not_editor=false) 'name' => __('Evolution'), ]; + $types['vuls_severity_graph'] = [ + 'optgroup' => __('Vulnerabilities'), + 'name' => __('Severity graph bar'), + ]; + + $types['vuls_attack_complexity'] = [ + 'optgroup' => __('Vulnerabilities'), + 'name' => __('Attack complexity graph donut'), + ]; + + $types['vuls_by_packages'] = [ + 'optgroup' => __('Vulnerabilities'), + 'name' => __('By packages in graph pie'), + ]; + $types['vuls_by_agent'] = [ 'optgroup' => __('Vulnerabilities'), 'name' => __('Detailed security report'), From 4c673ea530a0f17c4fe6c034930995319ba89846 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Wed, 22 Nov 2023 08:58:47 +0100 Subject: [PATCH 13/22] #12253 report vulnerabilibies agent --- .../reporting_builder.item_editor.php | 212 ++++++++++++++++++ .../godmode/reporting/reporting_builder.php | 26 +++ .../include/functions_reporting.php | 8 + .../include/functions_reporting_html.php | 74 ++++++ pandora_console/include/functions_reports.php | 5 + 5 files changed, 325 insertions(+) diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 28122bb054..d1050d47ea 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -1105,6 +1105,17 @@ switch ($action) { $secmon_status = $es['secmon_status']; break; + case 'vuls_info_agent': + $idAgent = $item['id_agent']; + $es = json_decode($item['external_source'], true); + $vul_package = $es['vul_package']; + $vul_severity = $es['vul_severity']; + $vul_ac = $es['vul_ac']; + $vul_pr = $es['vul_pr']; + $vul_ui = $es['vul_ui']; + $vul_av = (empty($es['vul_av']) === true) ? 'all' : $es['vul_av']; + break; + default: // It's not possible. break; @@ -4037,6 +4048,135 @@ if (is_metaconsole() === true) { ?> + + + + + + + __('All'), + ], + 'vul_package', + $vul_package, + ); + ?> + + + + + + + + + __('All'), + 'high' => __('High'), + 'low' => __('Low'), + 'none' => __('None'), + ], + 'vul_severity', + $vul_severity, + ); + ?> + + + + + + + + + __('All'), + 'H' => __('High'), + 'L' => __('Low'), + ], + 'vul_ac', + $vul_ac, + ); + ?> + + + + + + + + + __('All'), + 'H' => __('High'), + 'L' => __('Low'), + 'N' => __('None'), + ], + 'vul_pr', + $vul_pr, + ); + ?> + + + + + + + + + __('All'), + 'R' => __('Required'), + 'N' => __('None'), + ], + 'vul_ui', + $vul_ui, + ); + ?> + + + + + + + + + __('All'), + 'A' => __('Adjacent Network'), + 'L' => __('Local'), + 'N' => __('Network'), + 'P' => __('Physical'), + ], + 'vul_av', + (empty($vul_av) === true) ? 'all' : $vul_av, + ); + ?> + + + @@ -5764,6 +5904,12 @@ $(document).ready (function () { return false; } break; + case 'vuls_info_agent': + if ($("#hidden-id_agent").val() == 0) { + dialog_message('#message_no_agent'); + return false; + } + break; default: break; } @@ -5918,6 +6064,12 @@ $(document).ready (function () { return false; } break; + case 'vuls_info_agent': + if ($("#hidden-id_agent").val() == 0) { + dialog_message('#message_no_agent'); + return false; + } + break; default: break; @@ -6977,6 +7129,12 @@ function chooseType() { $("#row_secmon_status").hide(); $("#row_security_hardening_score").hide(); $("#row_vulnerabilities_status").hide(); + $("#row_vulnerabilities_packages").hide(); + $("#row_vulnerabilities_severity").hide(); + $("#row_vulnerabilities_ac").hide(); + $("#row_vulnerabilities_pr").hide(); + $("#row_vulnerabilities_ui").hide(); + $("#row_vulnerabilities_av").hide(); // SLA list default state. $("#sla_list").hide(); @@ -7896,6 +8054,20 @@ function chooseType() { $("#row_security_hardening_score").show(); $("#row_vulnerabilities_status").show(); break; + + case 'vuls_info_agent': + $("#row_agent").show(); + $("#row_vulnerabilities_packages").show(); + $("#row_vulnerabilities_severity").show(); + $("#row_vulnerabilities_ac").show(); + $("#row_vulnerabilities_pr").show(); + $("#row_vulnerabilities_ui").show(); + $("#row_vulnerabilities_av").show(); + updatePackages(); + $('#row_agent input[type=text]').change(function(e) { + updatePackages(); + }); + break; } switch (type) { @@ -8138,6 +8310,46 @@ function control_period_range() { }, 800); } } + + + + +function updateSelect(element, fields, selected) { + if (typeof fields === "object") { + $(element).find("select").empty(); + $(element).find(".select2-container .select2-selection__rendered").empty(); + Object.keys(fields).forEach(function(key) { + if (key === selected) { + $(element).find(".select2-container .select2-selection__rendered").append(`${fields[key]}`); + $(element).find("select").append(``); + } else { + $(element).find("select").append(``); + } + }); + } +} + +function updatePackages() { + let id_agent = $('#hidden-id_agent').val(); + let server_id = $('#hidden-server_id').val(); + $.ajax({ + method: "POST", + url: "", + data: { + page: "", + action: "updatePackages", + id_agent: id_agent, + server_id: server_id, + }, + success: function(data) { + const json = JSON.parse(data); + if (json.success) { + updateSelect("#row_vulnerabilities_packages", json.data, ''); + } + } + }); +} + $(document).ready(function () { $('[id^=period], #combo_graph_options, #combo_sla_sort_options').next().css('z-index', 0); diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index b4ffafee6f..a69704abdd 100755 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -2070,6 +2070,19 @@ switch ($action) { $good_format = true; break; + case 'vuls_info_agent': + $values['id_agent'] = get_parameter('id_agent'); + $es['server_id'] = get_parameter('server_id'); + $es['vul_package'] = get_parameter('vul_package'); + $es['vul_severity'] = get_parameter('vul_severity'); + $es['vul_ac'] = get_parameter('vul_ac'); + $es['vul_pr'] = get_parameter('vul_pr'); + $es['vul_ui'] = get_parameter('vul_ui'); + $es['vul_av'] = get_parameter('vul_av'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( @@ -3027,6 +3040,19 @@ switch ($action) { $good_format = true; break; + case 'vuls_info_agent': + $values['id_agent'] = get_parameter('id_agent'); + $es['server_id'] = get_parameter('server_id'); + $es['vul_package'] = get_parameter('vul_package'); + $es['vul_severity'] = get_parameter('vul_severity'); + $es['vul_ac'] = get_parameter('vul_ac'); + $es['vul_pr'] = get_parameter('vul_pr'); + $es['vul_ui'] = get_parameter('vul_ui'); + $es['vul_av'] = get_parameter('vul_av'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index a77b212957..9e128191c1 100755 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -1055,6 +1055,14 @@ function reporting_make_reporting_data( ); break; + case 'vuls_info_agent': + $report['contents'][] = reporting_vuls_info_agent( + $report, + $content, + $type + ); + break; + default: // Default. break; diff --git a/pandora_console/include/functions_reporting_html.php b/pandora_console/include/functions_reporting_html.php index 937fa1f39d..b78fadab88 100644 --- a/pandora_console/include/functions_reporting_html.php +++ b/pandora_console/include/functions_reporting_html.php @@ -523,6 +523,10 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust case 'vuls_by_agent': reporting_html_vuls_by_agent($table, $item); break; + + case 'vuls_info_agent': + reporting_html_vuls_info_agent($table, $item); + break; } if ($item['type'] == 'agent_module') { @@ -538,6 +542,76 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust } +/** + * Function to print vulnerabilities of agent. + * + * @param object $table Head table or false if it comes from pdf. + * @param array $item Items data. + * @param integer $pdf Flag for return table. + * + * @return mixed + */ +function reporting_html_vuls_info_agent($table, $item, $pdf=0) +{ + $table->width = '99%'; + $table->styleTable = 'border: 0px;'; + $table->colspan[2][0] = 3; + $table1 = new stdClass(); + $table1->headstyle[0] = 'text-align: left'; + $table1->headstyle[1] = 'text-align: left'; + $table1->headstyle[2] = 'text-align: left'; + $table1->width = '99%'; + $table1->class = 'info_table'; + $table1->titleclass = 'title_table_pdf'; + $table1->rowclass[0] = ''; + $table1->head[0] = __('Name'); + $table1->head[1] = __('CVE'); + $table1->head[2] = __('Version'); + $table1->head[3] = __('Score'); + $table1->head[4] = __('Detection time'); + $table1->head[5] = __('Severity'); + $table1->head[6] = __('Version'); + $table1->head[7] = __('Attack Vector'); + $table1->head[8] = __('Attack Complexity'); + $table1->head[9] = __('Privileges Required'); + $table1->head[10] = __('User Interaction'); + $table1->head[11] = __('Scope'); + $table1->head[12] = __('Confidentiality'); + $table1->head[13] = __('Integrity'); + $table1->head[14] = __('Availability'); + + $row = 1; + foreach ($item['data'] as $key => $vul) { + $table1->data[$row][0] = $vul['name']; + $table1->data[$row][1] = $vul['cve']; + $table1->data[$row][2] = $vul['version']; + $table1->data[$row][3] = $vul['score']; + $table1->data[$row][4] = $vul['detection_time']; + $table1->data[$row][5] = $vul['severity']; + $table1->data[$row][6] = $vul['CVSS']; + $table1->data[$row][7] = $vul['AV']; + $table1->data[$row][8] = $vul['AC']; + $table1->data[$row][9] = $vul['PR']; + $table1->data[$row][10] = $vul['UI']; + $table1->data[$row][11] = $vul['S']; + $table1->data[$row][12] = $vul['C']; + $table1->data[$row][13] = $vul['I']; + $table1->data[$row][14] = $vul['A']; + + $row++; + } + + $table->data[2][0] = html_print_table($table1, true); + + if ($pdf === 1) { + $table1->title = $item['title']; + $table1->titleclass = 'title_table_pdf'; + $table1->titlestyle = 'text-align:left;'; + return html_print_table($table1, true); + } +} + + /** * Function to print total vulnerabilities by packages in graph. * diff --git a/pandora_console/include/functions_reports.php b/pandora_console/include/functions_reports.php index 2ca7181938..7c46469a7c 100755 --- a/pandora_console/include/functions_reports.php +++ b/pandora_console/include/functions_reports.php @@ -1023,6 +1023,11 @@ function reports_get_report_types($template=false, $not_editor=false) 'optgroup' => __('Vulnerabilities'), 'name' => __('Detailed security report'), ]; + + $types['vuls_info_agent'] = [ + 'optgroup' => __('Vulnerabilities'), + 'name' => __('Vulnerabilities of agent'), + ]; } return $types; From 47420e06c484ea40394a04e116c4bfabf87668da Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Wed, 22 Nov 2023 16:31:51 +0100 Subject: [PATCH 14/22] #12250 fixed order all in select --- .../godmode/reporting/reporting_builder.item_editor.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 013b623c8b..b3f89508db 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -3967,6 +3967,12 @@ if (is_metaconsole() === true) { ], 'security_hardening_score', (empty($security_hardening_score) === false) ? $security_hardening_score : 'all', + '', + '', + 0, + false, + false, + false ); ?> From d0185c7a1083c2c83d3fa3663c07dae8472addae Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Wed, 22 Nov 2023 16:36:32 +0100 Subject: [PATCH 15/22] #12250 unified fields selects --- .../reporting/reporting_builder.item_editor.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index b3f89508db..e1ae1df015 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -3933,9 +3933,9 @@ if (is_metaconsole() === true) { __('ALL'), - 'critical' => __('CRITICAL'), - 'warning' => __('WARNING'), + 'all' => __('All'), + 'critical' => __('Critical'), + 'warning' => __('Warning'), ], 'secmon_status', $secmon_status, @@ -3954,7 +3954,7 @@ if (is_metaconsole() === true) { __('ALL'), + 'all' => __('All'), '90' => __('< 90%'), '80' => __('< 80%'), '70' => __('< 70%'), @@ -3988,9 +3988,9 @@ if (is_metaconsole() === true) { __('ALL'), - 'crit' => __('CRITICAL'), - 'warn' => __('WARNING'), + 'all' => __('All'), + 'crit' => __('Critical'), + 'warn' => __('Warning'), ], 'vulnerabilities_status', $vulnerabilities_status, From 8350bdcec8545705f8e2bb26197e794a799fe096 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Wed, 22 Nov 2023 16:41:20 +0100 Subject: [PATCH 16/22] #12253 fixed input order --- .../godmode/reporting/reporting_builder.item_editor.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index ef5aceab11..794605bdaa 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -4178,6 +4178,12 @@ if (is_metaconsole() === true) { ], 'vul_av', (empty($vul_av) === true) ? 'all' : $vul_av, + '', + '', + 0, + false, + false, + false ); ?> From c16992f69a1d86a024e05db3d23ff1f5f9b4a172 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Thu, 23 Nov 2023 15:29:26 +0100 Subject: [PATCH 17/22] #12517 hide allowlist if token is disabled --- .../godmode/users/user_management.php | 67 ++++++++++++------- 1 file changed, 41 insertions(+), 26 deletions(-) diff --git a/pandora_console/godmode/users/user_management.php b/pandora_console/godmode/users/user_management.php index 8d9efea97b..0dc0a90044 100644 --- a/pandora_console/godmode/users/user_management.php +++ b/pandora_console/godmode/users/user_management.php @@ -857,10 +857,34 @@ $userManagementTable->data['fields_addSettings'][0] = html_print_textarea( '' ); -$userManagementTable->data['captions_addSettings'][1] = __('Login allowed IP list'); -$userManagementTable->data['fields_addSettings'][1] = html_print_div( +$allowAllIpsContent = []; +$allowAllIpsContent[] = ''.__('Enable IP allowlist').''; +$allowAllIpsContent[] = html_print_div( [ - 'class' => 'edit_user_allowed_ip', + 'content' => html_print_checkbox_switch( + 'allowed_ip_active', + 0, + ($user_info['allowed_ip_active'] ?? 0), + true, + false, + 'handleIpAllowlist(this)' + ), + ], + true +); + +$userManagementTable->data['captions_addSettings'][1] = html_print_div( + [ + 'class' => 'margin-top-10', + 'style' => 'display: flex; flex-direction: row-reverse; align-items: center;', + 'content' => implode('', $allowAllIpsContent), + ], + true +); + +$userManagementTable->data['fields_addSettings'][1] .= html_print_div( + [ + 'class' => 'edit_user_allowed_ip '.(((int) $user_info['allowed_ip_active'] === 1) ? '' : 'invisible'), 'content' => html_print_textarea( 'allowed_ip_list', 5, @@ -875,30 +899,11 @@ $userManagementTable->data['fields_addSettings'][1] = html_print_div( $userManagementTable->data['fields_addSettings'][1] .= ui_print_input_placeholder( __('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), - true -); - -$allowAllIpsContent = []; -$allowAllIpsContent[] = ''.__('Allow all IPs').''; -$allowAllIpsContent[] = html_print_div( + true, [ - 'content' => html_print_checkbox_switch( - 'allowed_ip_active', - 0, - ($user_info['allowed_ip_active'] ?? 0), - true - ), - ], - true -); - -$userManagementTable->data['fields_addSettings'][1] .= html_print_div( - [ - 'class' => 'margin-top-10', - 'style' => 'display: flex; flex-direction: row-reverse; align-items: center;', - 'content' => implode('', $allowAllIpsContent), - ], - true + 'id' => 'info_allowed_ip', + 'class' => ((int) $user_info['allowed_ip_active'] === 1) ? 'input_sub_placeholder' : 'input_sub_placeholder invisible', + ] ); @@ -1038,4 +1043,14 @@ $(document).ready(function () { } }) }); + +function handleIpAllowlist(e){ + if(e.checked === true) { + $('.edit_user_allowed_ip').show(); + $('#info_allowed_ip').show(); + } else { + $('.edit_user_allowed_ip').hide(); + $('#info_allowed_ip').hide(); + } +} \ No newline at end of file From 7cd163b01e73ddafa32040c6c710e5d191717bcd Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Mon, 27 Nov 2023 13:25:52 +0100 Subject: [PATCH 18/22] #12253 new reports --- .../godmode/agentes/agent_manager.php | 35 ++--- .../reporting_builder.item_editor.php | 50 ++++++- .../godmode/reporting/reporting_builder.php | 24 ++++ .../include/functions_reporting.php | 16 +++ .../include/functions_reporting_html.php | 126 +++++++++++++++--- pandora_console/include/functions_reports.php | 10 ++ 6 files changed, 229 insertions(+), 32 deletions(-) diff --git a/pandora_console/godmode/agentes/agent_manager.php b/pandora_console/godmode/agentes/agent_manager.php index 9fd0d8c7ef..557b855e09 100644 --- a/pandora_console/godmode/agentes/agent_manager.php +++ b/pandora_console/godmode/agentes/agent_manager.php @@ -922,22 +922,25 @@ $tableAdvancedAgent->data['safe_operation'][] = html_print_label_input_block( ) ); -$tableAdvancedAgent->data['vul_scan_enabled'][] = html_print_label_input_block( - __('Vulnerability scanning'), - html_print_select( - [ - 0 => __('Disabled'), - 1 => __('Enabled'), - 2 => __('Use global settings'), - ], - 'vul_scan_enabled', - $vul_scan_enabled, - '', - '', - 0, - true - ) -); +if (enterprise_installed() === true) { + $tableAdvancedAgent->data['vul_scan_enabled'][] = html_print_label_input_block( + __('Vulnerability scanning'), + html_print_select( + [ + 0 => __('Disabled'), + 1 => __('Enabled'), + 2 => __('Use global settings'), + ], + 'vul_scan_enabled', + $vul_scan_enabled, + '', + '', + 0, + true + ) + ); +} + ui_toggle( html_print_table($tableAdvancedAgent, true), diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 794605bdaa..58dd396fbf 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -1116,6 +1116,18 @@ switch ($action) { $vul_av = (empty($es['vul_av']) === true) ? 'all' : $es['vul_av']; break; + case 'top_n_agents_vuls': + $group = $item['id_group']; + $recursion = $item['recursion']; + $top_n_value = (empty($item['top_n_value']) === true) ? 10 : $item['top_n_value']; + break; + + case 'top_n_vuls_count': + $group = $item['id_group']; + $recursion = $item['recursion']; + $top_n_value = (empty($item['top_n_value']) === true) ? 10 : $item['top_n_value']; + break; + default: // It's not possible. break; @@ -5922,6 +5934,21 @@ $(document).ready (function () { return false; } break; + + case 'top_n_agents_vuls': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; + + case 'top_n_vuls_count': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; + default: break; } @@ -6082,7 +6109,18 @@ $(document).ready (function () { return false; } break; - + case 'top_n_agents_vuls': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; + case 'top_n_vuls_count': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; default: break; } @@ -8080,6 +8118,16 @@ function chooseType() { updatePackages(); }); break; + + case 'top_n_agents_vuls': + $("#row_group").show(); + $("#row_max_items").show(); + break; + + case 'top_n_vuls_count': + $("#row_group").show(); + $("#row_max_items").show(); + break; } switch (type) { diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index a69704abdd..8b07b6263f 100755 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -2083,6 +2083,18 @@ switch ($action) { $good_format = true; break; + case 'top_n_agents_vuls': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + + case 'top_n_vuls_count': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( @@ -3053,6 +3065,18 @@ switch ($action) { $good_format = true; break; + case 'top_n_agents_vuls': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + + case 'top_n_vuls_count': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index 9e128191c1..0588b9b972 100755 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -1063,6 +1063,22 @@ function reporting_make_reporting_data( ); break; + case 'top_n_agents_vuls': + $report['contents'][] = reporting_top_n_agents_vuls( + $report, + $content, + $type + ); + break; + + case 'top_n_vuls_count': + $report['contents'][] = reporting_top_n_vuls_count( + $report, + $content, + $type + ); + break; + default: // Default. break; diff --git a/pandora_console/include/functions_reporting_html.php b/pandora_console/include/functions_reporting_html.php index b78fadab88..40d3d6e6b2 100644 --- a/pandora_console/include/functions_reporting_html.php +++ b/pandora_console/include/functions_reporting_html.php @@ -527,6 +527,14 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust case 'vuls_info_agent': reporting_html_vuls_info_agent($table, $item); break; + + case 'top_n_agents_vuls': + reporting_html_top_n_agents_vuls($table, $item); + break; + + case 'top_n_vuls_count': + reporting_html_top_n_vuls_count($table, $item); + break; } if ($item['type'] == 'agent_module') { @@ -542,6 +550,94 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust } +/** + * Function to print top vulnerabiries more common. + * + * @param object $table Head table or false if it comes from pdf. + * @param array $item Items data. + * @param integer $pdf Flag for return table. + * + * @return mixed + */ +function reporting_html_top_n_vuls_count($table, $item, $pdf=0) +{ + global $config; + $table->width = '99%'; + $table->styleTable = 'border: 0px;'; + $table->colspan[2][0] = 3; + $table1 = new stdClass(); + $table1->headstyle = []; + $table1->width = '99%'; + $table1->class = 'info_table'; + $table1->titleclass = 'title_table_pdf'; + $table1->rowclass[0] = ''; + $table1->head[0] = __('Vulnerability'); + $table1->head[2] = __('Total'); + + $row = 2; + foreach ($item['data'] as $key => $vul) { + $table1->data[$row][0] = $vul['cve_id']; + $table1->data[$row][2] = $vul['count']; + $row++; + } + + if ($pdf === 1) { + $table1->title = $item['title']; + $table1->titleclass = 'title_table_pdf'; + $table1->titlestyle = 'text-align:left;'; + } + + $table->data[2][0] = html_print_table($table1, true); + if ($pdf === 1) { + return html_print_table($table, true); + } +} + + +/** + * Function to print top agents with worst score. + * + * @param object $table Head table or false if it comes from pdf. + * @param array $item Items data. + * @param integer $pdf Flag for return table. + * + * @return mixed + */ +function reporting_html_top_n_agents_vuls($table, $item, $pdf=0) +{ + global $config; + $table->width = '99%'; + $table->styleTable = 'border: 0px;'; + $table->colspan[2][0] = 3; + $table1 = new stdClass(); + $table1->headstyle = []; + $table1->width = '99%'; + $table1->class = 'info_table'; + $table1->titleclass = 'title_table_pdf'; + $table1->rowclass[0] = ''; + $table1->head[0] = __('Agent'); + $table1->head[2] = __('Risk'); + + $row = 2; + foreach ($item['data'] as $key => $agent) { + $table1->data[$row][0] = $agent['alias']; + $table1->data[$row][2] = $agent['score']; + $row++; + } + + if ($pdf === 1) { + $table1->title = $item['title']; + $table1->titleclass = 'title_table_pdf'; + $table1->titlestyle = 'text-align:left;'; + } + + $table->data[2][0] = html_print_table($table1, true); + if ($pdf === 1) { + return html_print_table($table, true); + } +} + + /** * Function to print vulnerabilities of agent. * @@ -582,21 +678,21 @@ function reporting_html_vuls_info_agent($table, $item, $pdf=0) $row = 1; foreach ($item['data'] as $key => $vul) { - $table1->data[$row][0] = $vul['name']; - $table1->data[$row][1] = $vul['cve']; - $table1->data[$row][2] = $vul['version']; - $table1->data[$row][3] = $vul['score']; - $table1->data[$row][4] = $vul['detection_time']; - $table1->data[$row][5] = $vul['severity']; - $table1->data[$row][6] = $vul['CVSS']; - $table1->data[$row][7] = $vul['AV']; - $table1->data[$row][8] = $vul['AC']; - $table1->data[$row][9] = $vul['PR']; - $table1->data[$row][10] = $vul['UI']; - $table1->data[$row][11] = $vul['S']; - $table1->data[$row][12] = $vul['C']; - $table1->data[$row][13] = $vul['I']; - $table1->data[$row][14] = $vul['A']; + $table1->data[$row][0] = (key_exists('name', $vul) === true) ? $vul['name'] : ''; + $table1->data[$row][1] = (key_exists('cve', $vul) === true) ? $vul['cve'] : ''; + $table1->data[$row][2] = (key_exists('version', $vul) === true) ? $vul['version'] : ''; + $table1->data[$row][3] = (key_exists('score', $vul) === true) ? $vul['score'] : ''; + $table1->data[$row][4] = (key_exists('detection_time', $vul) === true) ? $vul['detection_time'] : ''; + $table1->data[$row][5] = (key_exists('severity', $vul) === true) ? $vul['severity'] : ''; + $table1->data[$row][6] = (key_exists('CVSS', $vul) === true) ? $vul['CVSS'] : ''; + $table1->data[$row][7] = (key_exists('AV', $vul) === true) ? $vul['AV'] : ''; + $table1->data[$row][8] = (key_exists('AC', $vul) === true) ? $vul['AC'] : ''; + $table1->data[$row][9] = (key_exists('PR', $vul) === true) ? $vul['PR'] : ''; + $table1->data[$row][10] = (key_exists('UI', $vul) === true) ? $vul['UI'] : ''; + $table1->data[$row][11] = (key_exists('S', $vul) === true) ? $vul['S'] : ''; + $table1->data[$row][12] = (key_exists('C', $vul) === true) ? $vul['C'] : ''; + $table1->data[$row][13] = (key_exists('I', $vul) === true) ? $vul['I'] : ''; + $table1->data[$row][14] = (key_exists('A', $vul) === true) ? $vul['A'] : ''; $row++; } diff --git a/pandora_console/include/functions_reports.php b/pandora_console/include/functions_reports.php index 7c46469a7c..e5b8f52b7b 100755 --- a/pandora_console/include/functions_reports.php +++ b/pandora_console/include/functions_reports.php @@ -1028,6 +1028,16 @@ function reports_get_report_types($template=false, $not_editor=false) 'optgroup' => __('Vulnerabilities'), 'name' => __('Vulnerabilities of agent'), ]; + + $types['top_n_agents_vuls'] = [ + 'optgroup' => __('Vulnerabilities'), + 'name' => __('Top-N agents with more risk'), + ]; + + $types['top_n_vuls_count'] = [ + 'optgroup' => __('Vulnerabilities'), + 'name' => __('Top-N common vulnerabilities'), + ]; } return $types; From afa6a7d415624d7e96593254f136eb439a540685 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Mon, 27 Nov 2023 13:55:08 +0100 Subject: [PATCH 19/22] #12517 allow ip limited to user admin --- .../godmode/users/user_management.php | 93 ++++++++++--------- 1 file changed, 47 insertions(+), 46 deletions(-) diff --git a/pandora_console/godmode/users/user_management.php b/pandora_console/godmode/users/user_management.php index 0dc0a90044..3e0a030195 100644 --- a/pandora_console/godmode/users/user_management.php +++ b/pandora_console/godmode/users/user_management.php @@ -857,55 +857,56 @@ $userManagementTable->data['fields_addSettings'][0] = html_print_textarea( '' ); -$allowAllIpsContent = []; -$allowAllIpsContent[] = ''.__('Enable IP allowlist').''; -$allowAllIpsContent[] = html_print_div( - [ - 'content' => html_print_checkbox_switch( - 'allowed_ip_active', - 0, - ($user_info['allowed_ip_active'] ?? 0), - true, - false, - 'handleIpAllowlist(this)' - ), - ], - true -); +if (users_is_admin($config['id_user']) === true || check_acl($config['id_user'], 0, 'PM') === true) { + $allowAllIpsContent = []; + $allowAllIpsContent[] = ''.__('Enable IP allowlist').''; + $allowAllIpsContent[] = html_print_div( + [ + 'content' => html_print_checkbox_switch( + 'allowed_ip_active', + 0, + ($user_info['allowed_ip_active'] ?? 0), + true, + false, + 'handleIpAllowlist(this)' + ), + ], + true + ); -$userManagementTable->data['captions_addSettings'][1] = html_print_div( - [ - 'class' => 'margin-top-10', - 'style' => 'display: flex; flex-direction: row-reverse; align-items: center;', - 'content' => implode('', $allowAllIpsContent), - ], - true -); + $userManagementTable->data['captions_addSettings'][1] = html_print_div( + [ + 'class' => 'margin-top-10', + 'style' => 'display: flex; flex-direction: row-reverse; align-items: center;', + 'content' => implode('', $allowAllIpsContent), + ], + true + ); -$userManagementTable->data['fields_addSettings'][1] .= html_print_div( - [ - 'class' => 'edit_user_allowed_ip '.(((int) $user_info['allowed_ip_active'] === 1) ? '' : 'invisible'), - 'content' => html_print_textarea( - 'allowed_ip_list', - 5, - 65, - ($user_info['allowed_ip_list'] ?? ''), - (((bool) $view_mode === true) ? 'readonly="readonly"' : ''), - true - ), - ], - true -); - -$userManagementTable->data['fields_addSettings'][1] .= ui_print_input_placeholder( - __('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), - true, - [ - 'id' => 'info_allowed_ip', - 'class' => ((int) $user_info['allowed_ip_active'] === 1) ? 'input_sub_placeholder' : 'input_sub_placeholder invisible', - ] -); + $userManagementTable->data['fields_addSettings'][1] .= html_print_div( + [ + 'class' => 'edit_user_allowed_ip '.(((int) $user_info['allowed_ip_active'] === 1) ? '' : 'invisible'), + 'content' => html_print_textarea( + 'allowed_ip_list', + 5, + 65, + ($user_info['allowed_ip_list'] ?? ''), + (((bool) $view_mode === true) ? 'readonly="readonly"' : ''), + true + ), + ], + true + ); + $userManagementTable->data['fields_addSettings'][1] .= ui_print_input_placeholder( + __('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), + true, + [ + 'id' => 'info_allowed_ip', + 'class' => ((int) $user_info['allowed_ip_active'] === 1) ? 'input_sub_placeholder' : 'input_sub_placeholder invisible', + ] + ); +} if ($config['ITSM_enabled'] && $config['ITSM_user_level_conf']) { // Pandora ITSM user remote login. From 139d88452521403a659358f0b6146fc035e26296 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Mon, 27 Nov 2023 16:59:21 +0100 Subject: [PATCH 20/22] #12517 fixed permission --- pandora_console/godmode/users/user_management.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pandora_console/godmode/users/user_management.php b/pandora_console/godmode/users/user_management.php index 3e0a030195..322a71d79d 100644 --- a/pandora_console/godmode/users/user_management.php +++ b/pandora_console/godmode/users/user_management.php @@ -857,7 +857,7 @@ $userManagementTable->data['fields_addSettings'][0] = html_print_textarea( '' ); -if (users_is_admin($config['id_user']) === true || check_acl($config['id_user'], 0, 'PM') === true) { +if (users_is_admin($config['id_user']) === true || (bool) check_acl($config['id_user'], 0, 'PM') === true) { $allowAllIpsContent = []; $allowAllIpsContent[] = ''.__('Enable IP allowlist').''; $allowAllIpsContent[] = html_print_div( From dde1146ccb10b9720a3fcc6966c3ecfa906c1127 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Mon, 27 Nov 2023 17:54:05 +0100 Subject: [PATCH 21/22] #fixed delete allow ip when edit user --- pandora_console/godmode/users/configure_user.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index fd62dde741..3b5bb1c9be 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -596,8 +596,11 @@ if ($update_user) { $values['email'] = (string) get_parameter('email'); $values['phone'] = (string) get_parameter('phone'); $values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments')))); - $values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0); - $values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list')))); + if (users_is_admin($config['id_user']) === true || (bool) check_acl($config['id_user'], 0, 'PM') === true) { + $values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0); + $values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list')))); + } + $values['is_admin'] = (get_parameter('is_admin', 0) === 0) ? 0 : 1; $values['language'] = (string) get_parameter('language'); $values['timezone'] = (string) get_parameter('timezone'); From bb7c618528c37a3b67cb022b9af7229bcda0a1ae Mon Sep 17 00:00:00 2001 From: alejandro Date: Tue, 28 Nov 2023 10:59:04 +0100 Subject: [PATCH 22/22] re merge mr changes --- pandora_console/extras/mr/67.sql | 13 +++++++++++++ pandora_console/pandoradb_data.sql | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/pandora_console/extras/mr/67.sql b/pandora_console/extras/mr/67.sql index a31ea6e670..a0e13a2ab5 100644 --- a/pandora_console/extras/mr/67.sql +++ b/pandora_console/extras/mr/67.sql @@ -5,4 +5,17 @@ DROP TABLE tagent_access; ALTER TABLE treport_content ADD check_unknowns_graph tinyint DEFAULT 0 NULL; +-- Update macros for plugin oracle + +UPDATE `tdiscovery_apps` SET `version` = '1.1' WHERE `short_name` = 'pandorafms.oracle'; + +SET @id_app := (SELECT `id_app` FROM `tdiscovery_apps` WHERE `short_name` = 'pandorafms.oracle'); + +UPDATE `tdiscovery_apps_tasks_macros` SET `value` = 'agents_group_id=__taskGroupID__ interval=__taskInterval__ user=_dbuser_ password=_dbpass_ thick_mode=_thickMode_ client_path=_clientPath_ threads=_threads_ modules_prefix=_prefixModuleName_ execute_custom_queries=_executeCustomQueries_ analyze_connections=_checkConnections_ engine_uptime=_checkUptime_ query_stats=_queryStats_ cache_stats=_checkCache_ fragmentation_ratio=_checkFragmentation_ check_tablescpaces=_checkTablespaces_' WHERE `macro` = '_tempfileConf_' AND `id_task` IN (SELECT `id_rt` FROM `trecon_task` WHERE `id_app` = @id_app); + +INSERT IGNORE INTO `tdiscovery_apps_tasks_macros` (`id_task`, `macro`, `type`, `value`, `temp_conf`) SELECT id_rt, '_thickMode_', 'custom', 0, 0 FROM `trecon_task` WHERE `id_app` = @id_app; +INSERT IGNORE INTO `tdiscovery_apps_tasks_macros` (`id_task`, `macro`, `type`, `value`, `temp_conf`) SELECT id_rt, '_clientPath_', 'custom', '', 0 FROM `trecon_task` WHERE `id_app` = @id_app; +UPDATE `trecon_task` SET `setup_complete` = 1 WHERE `id_app` = @id_app; + + COMMIT; diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index 478013d621..1628aa7d5d 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -2775,7 +2775,7 @@ SET @short_name = 'pandorafms.oracle'; SET @name = 'Oracle'; SET @section = 'app'; SET @description = 'Monitor Oracle databases'; -SET @version = '1.0'; +SET @version = '1.1'; INSERT IGNORE INTO `tdiscovery_apps` (`id_app`, `short_name`, `name`, `section`, `description`, `version`) VALUES ('', @short_name, @name, @section, @description, @version); SELECT @id_app := `id_app` FROM `tdiscovery_apps` WHERE `short_name` = @short_name;