diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index bd14922903..e6d6a4f24b 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,32 @@ +2013-01-09 Sergio Martin + + * pandoradb_data.sql + pandoradb.sql + pandoradb.postgreSQL.sql + pandoradb.oracle.sql + extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql + extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql + extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql: + Add profile tags to the database structure + + * include/ajax/events.php + include/functions.php + include/functions_events.php + include/functions_reporting.php + include/functions_treeview.php + include/functions_profile.php + include/constants.php + include/functions_tags.php + operation/tree.php + operation/users/user_edit.php + operation/events/events_list.php + pandoradb.data.postgreSQL.sql + pandoradb.data.oracle.sql + godmode/users/configure_user.php: Add new acl control with + tags in events and tree views. Fix a lot of little bugs like ACLs + in tree view (tags mode), add the tags mode on tree view of the normal + console, pass the ACL flag to some forgotten functions, etc. + 2013-01-09 Junichi Satoh * include/help/ja/help_reporting_advanced_tab.php: Translated diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql index 555307d2d3..80769a9370 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.mysql.sql @@ -423,6 +423,11 @@ UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, ` UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 4 AND name = "Group coordinator"; UPDATE tperfil SET `report_view`= 1, `report_edit`= 1, `report_management`= 1, `event_view`= 1, `event_edit`= 1, `event_management`= 1 WHERE id_perfil = 5 AND name = "Pandora Administrator"; +-- --------------------------------------------------------------------- +-- Table `tusuario_perfil` +-- --------------------------------------------------------------------- +ALTER TABLE `tusuario_perfil` ADD COLUMN `tags` TEXT NOT NULL; + -- --------------------------------------------------------------------- -- Table `ttag` -- --------------------------------------------------------------------- diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql index 23d494841a..4543a5453c 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.oracle.sql @@ -453,6 +453,11 @@ UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_v UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; UPDATE tperfil SET report_view= 1, report_edit= 1, report_management= 1, event_view= 1, event_edit= 1, event_management= 1 WHERE id_perfil = 5 AND name = 'Pandora Administrator'; +-- --------------------------------------------------------------------- +-- Table `tusuario_perfil` +-- --------------------------------------------------------------------- +ALTER TABLE tusuario_perfil ADD (tags CLOB NOT NULL default ''); + -- --------------------------------------------------------------------- -- Table `ttag` -- --------------------------------------------------------------------- diff --git a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql index f70fb336d5..a2a5712ead 100644 --- a/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql +++ b/pandora_console/extras/pandoradb_migrate_4.0.x_to_5.0.postgreSQL.sql @@ -444,8 +444,12 @@ UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, " UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 4 AND name = 'Group coordinator'; UPDATE tperfil SET "report_view"= 1, "report_edit"= 1, "report_management"= 1, "event_view"= 1, "event_edit"= 1, "event_management"= 1 WHERE id_perfil = 5 AND name = 'Pandora Administrator'; +-- --------------------------------------------------------------------- +-- Table `tusuario_perfil` +-- --------------------------------------------------------------------- +ALTER TABLE "tusuario_perfil" ADD COLUMN "tags" text default ''; + -- --------------------------------------------------------------------- -- Table `ttag` -- --------------------------------------------------------------------- ALTER TABLE "ttag" ADD COLUMN "email" TEXT NULL; - diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index d31d6c3ba7..63ae38bf38 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -328,9 +328,19 @@ if ($add_profile) { $id2 = (string) get_parameter ('id'); $group2 = (int) get_parameter ('assign_group'); $profile2 = (int) get_parameter ('assign_profile'); + $tags = (array) get_parameter ('assign_tags'); + + foreach ($tags as $k => $tag) { + if(empty($tag)) { + unset($tags[$k]); + } + } + + $tags = implode(',', $tags); + db_pandora_audit("User management", - "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2); - $return = profile_create_user_profile($id2, $profile2, $group2); + "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags); + $return = profile_create_user_profile($id2, $profile2, $group2, false, $tags); ui_print_result_message ($return, __('Profile added successfully'), @@ -501,8 +511,9 @@ $table->style[0] = 'font-weight: bold'; $table->style[1] = 'font-weight: bold'; $table->head[0] = __('Profile name'); $table->head[1] = __('Group'); -$table->head[2] = __('Action'); -$table->align[2] = 'center'; +$table->head[2] = __('Tags'); +$table->head[3] = __('Action'); +$table->align[3] = 'center'; /* if ($enterprise_include) { @@ -530,12 +541,23 @@ foreach ($result as $profile) { $data[1] .= ' ' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT); if (!defined('METACONSOLE')) $data[1] .= ''; - $data[2] = '
'; - $data[2] .= html_print_input_hidden ('delete_profile', 1, true); - $data[2] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true); - $data[2] .= html_print_input_hidden ('id_user', $id, true); - $data[2] .= html_print_input_image ('del', 'images/cross.png', 1, '', true); - $data[2] .= '
'; + + if(empty($profile["tags"])) { + $data[2] = ''; + } + else { + $tags_ids = explode(',',$profile["tags"]); + $tags = tags_get_tags($tags_ids); + + $data[2] = tags_get_tags_formatted($tags); + } + + $data[3] = '
'; + $data[3] .= html_print_input_hidden ('delete_profile', 1, true); + $data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true); + $data[3] .= html_print_input_hidden ('id_user', $id, true); + $data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true); + $data[3] .= '
'; array_push ($table->data, $data); } @@ -556,11 +578,15 @@ else { $data[1] = html_print_select_groups($config['id_user'], "UM", $own_info['is_admin'], 'assign_group', -1, '', __('None'), -1, true, false, false); + +$tags = tags_get_all_tags(); -$data[2] = html_print_input_image ('add', 'images/add.png', 1, '', true); -$data[2] .= html_print_input_hidden ('id', $id, true); -$data[2] .= html_print_input_hidden ('add_profile', 1, true); -$data[2] .= ''; +$data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('None'), '', true, true); + +$data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true); +$data[3] .= html_print_input_hidden ('id', $id, true); +$data[3] .= html_print_input_hidden ('add_profile', 1, true); +$data[3] .= ''; array_push ($table->data, $data); diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index b37d2ae36a..3c92d0f855 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -215,6 +215,9 @@ if($get_extended_event) { else { $event = events_get_event($event_id); } + + // Clean url from events and store in array + $event['clean_tags'] = events_clean_tags($event['tags']); // If the event is not found, we abort if(empty($event)) { @@ -272,7 +275,7 @@ if($get_extended_event) { $tabs .= "
  • ".html_print_image('images/zoom.png',true).__('Details')."
    • "; $tabs .= "
  • ".html_print_image('images/note.png',true).__('Agent fields')."
    • "; $tabs .= "
  • ".html_print_image('images/pencil.png',true).__('Comments')."
    • "; - if (check_acl ($config['id_user'], 0, "EW") || check_acl ($config['id_user'], 0, "EM")) { + if (tags_check_acl ($config['id_user'], $event['id_grupo'], "EW", $event['clean_tags']) || tags_check_acl ($config['id_user'], $event['id_grupo'], "EM", $event['clean_tags'])) { $tabs .= "
  • ".html_print_image('images/cog.png',true).__('Responses')."
    • "; } $tabs .= ""; @@ -303,7 +306,7 @@ if($get_extended_event) { break; } - if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) { + if (tags_check_acl ($config['id_user'], $event['id_grupo'], "EW", $event['clean_tags']) || tags_check_acl ($config['id_user'], $event['id_grupo'], "EM", $event['clean_tags'])) { $responses = events_page_responses($event); } else { diff --git a/pandora_console/include/constants.php b/pandora_console/include/constants.php index c72fd17fca..ecc7108f78 100644 --- a/pandora_console/include/constants.php +++ b/pandora_console/include/constants.php @@ -51,6 +51,8 @@ define ('ERR_CONNECTION', -80000); define ('ERR_DISABLED', -90000); define ('ERR_WRONG', -100000); define ('ERR_WRONG_NAME', -100001); +define ('ERR_WRONG_PARAMETERS', -100002); +define ('ERR_ACL', -110000); /* Event status code */ define ('EVENT_STATUS_NEW',0); diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index bc9d54af34..d20b48e003 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -1513,57 +1513,11 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) { return 0; $result = 0; + $acl_column = get_acl_column($access); foreach ($rowdup as $row) { // For each profile for this pair of group and user do... - switch ($access) { - case "IR": - $result += $row["incident_view"]; - break; - case "IW": - $result += $row["incident_edit"]; - break; - case "IM": - $result += $row["incident_management"]; - break; - case "AR": - $result += $row["agent_view"]; - break; - case "AW": - $result += $row["agent_edit"]; - break; - case "LW": - $result += $row["alert_edit"]; - break; - case "LM": - $result += $row["alert_management"]; - break; - case "PM": - $result += $row["pandora_management"]; - break; - case "DM": - $result += $row["db_management"]; - break; - case "UM": - $result += $row["user_management"]; - break; - case "RR": - $result += $row["report_view"]; - break; - case "RW": - $result += $row["report_edit"]; - break; - case "RM": - $result += $row["report_management"]; - break; - case "ER": - $result += $row["event_view"]; - break; - case "EW": - $result += $row["event_edit"]; - break; - case "EM": - $result += $row["event_management"]; - break; + if(isset($row[$acl_column])) { + $result += $row[$acl_column]; } } @@ -1574,6 +1528,69 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) { return 0; } +/** + * Get the name of the database column of one access flag + * + * @param string access flag + * + * @return string Column name + */ +function get_acl_column($access) { + switch ($access) { + case "IR": + return "incident_view"; + break; + case "IW": + return "incident_edit"; + break; + case "IM": + return "incident_management"; + break; + case "AR": + return "agent_view"; + break; + case "AW": + return "agent_edit"; + break; + case "LW": + return "alert_edit"; + break; + case "LM": + return "alert_management"; + break; + case "PM": + return "pandora_management"; + break; + case "DM": + return "db_management"; + break; + case "UM": + return "user_management"; + break; + case "RR": + return "report_view"; + break; + case "RW": + return "report_edit"; + break; + case "RM": + return "report_management"; + break; + case "ER": + return "event_view"; + break; + case "EW": + return "event_edit"; + break; + case "EM": + return "event_management"; + break; + default: + return ""; + break; + } +} + /** * Get the name of a plugin * diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index c9c16e023c..62a9a6434a 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -588,7 +588,9 @@ function events_comment ($id_event, $comment = '', $action = 'Added comment', $m $commentbox = ''; } - $comment = '-- ' . $action . ' ' . __('by') . ' '.$config['id_user'].' '.'['.date ($config["date_format"]).'] --
    '.$commentbox.'
    '; + // Don't translate 'by' word because if various users with different languages + // make comments in the same console will be a mess + $comment = '-- ' . $action . ' by '.$config['id_user'].' '.'['.date ($config["date_format"]).'] --
    '.$commentbox.'
    '; // Update comment switch ($config['dbtype']) { @@ -1406,8 +1408,8 @@ function events_page_responses ($event) { $table_responses->style[0] = 'width:35%; font-weight: bold; text-align: left;'; $table_responses->style[1] = 'text-align: left;'; $table_responses->class = "databox alternate"; - - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags'])) { // Owner $data = array(); $data[0] = __('Change owner'); @@ -1438,7 +1440,7 @@ function events_page_responses ($event) { $status_blocked = false; - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags'])) { // If the user has manager acls, the status can be changed to all possibilities always $status = array(0 => __('New'), 2 => __('In process'), 1 => __('Validated')); } @@ -1477,7 +1479,7 @@ function events_page_responses ($event) { $table_responses->data[] = $data; - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags'])) { // Delete $data = array(); $data[0] = __('Delete event'); @@ -2002,27 +2004,8 @@ function events_page_general ($event) { $data[0] = __('Tags'); if ($event["tags"] != '') { - $tags_array = explode(',',$event["tags"]); - - $tags = array(); - foreach($tags_array as $t) { - $tag_url = explode(' ', $t); - $tag = $tag_url[0]; - if(isset($tag_url[1]) && $tag_url[1] != '') { - $title = __($tag_url[1]); - $link = ''.html_print_image('images/zoom.png',true, array('alt' => $title, 'title' => $title)).''; - } - else { - $link = ''; - } - - $tags[] = $tag.$link; - } - - $tags = implode(',',$tags); - - $tags = str_replace(',',' , ',$tags); - + $tags = tags_get_tags_formatted($event["tags"]); + $data[1] = $tags; } else { @@ -2085,7 +2068,7 @@ function events_page_comments ($event) { $table_comments->data[] = $data; } - if (check_acl ($config['id_user'], $event['id_grupo'], "EW") || check_acl ($config['id_user'], $event['id_grupo'], "EM")) { + if (tags_check_acl ($config['id_user'], $event['id_grupo'], "EW", $event['clean_tags']) || tags_check_acl ($config['id_user'], $event['id_grupo'], "EM", $event['clean_tags'])) { $comments_form = '
    '.html_print_textarea("comment", 3, 10, '', 'style="min-height: 15px; width: 100%;"', true); $comments_form .= '
    '.html_print_button(__('Add comment'),'comment_button',false,'event_comment();','class="sub next"',true).'

    '; } @@ -2098,6 +2081,15 @@ function events_page_comments ($event) { return $comments; } +function events_clean_tags ($tags) { + if(empty($tags)) { + return array(); + } + + $event_tags = tags_get_tags_formatted ($tags, false); + return explode(',',str_replace(' ','',$event_tags)); +} + /** * Get all the events happened in a group during a period of time. * diff --git a/pandora_console/include/functions_profile.php b/pandora_console/include/functions_profile.php index 6a2443c0cf..ebf6fc4880 100644 --- a/pandora_console/include/functions_profile.php +++ b/pandora_console/include/functions_profile.php @@ -63,10 +63,11 @@ function profile_get_profiles ($filter = false) { * @param int Profile ID (default 1 => AR) * @param int Group ID (default 1 => All) * @param string Assign User who assign the profile to user. + * @param string tags where the view of the user in this group will be restricted * * @return mixed Number id if succesful, false if not */ -function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, $assignUser = false) { +function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') { global $config; if (empty ($id_profile) || $id_group < 0) @@ -78,7 +79,7 @@ function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, if (!$result_user){ return false; } - + if (isset ($config["id_user"])) { //Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora) $assign = $config["id_user"]; @@ -93,6 +94,7 @@ function profile_create_user_profile ($id_user, $id_profile = 1, $id_group = 0, "id_usuario" => $id_user, "id_perfil" => $id_profile, "id_grupo" => $id_group, + "tags" => $tags, "assigned_by" => $assign ); diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index e8b1dfca1c..89c85a992c 100644 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -869,7 +869,7 @@ function reporting_get_agentmodule_sla_array ($id_agent_module, $period = 0, $mi * * @return array Group statistics */ -function reporting_get_group_stats ($id_group = 0) { +function reporting_get_group_stats ($id_group = 0, $access = 'AR') { global $config; $data = array (); @@ -903,12 +903,12 @@ function reporting_get_group_stats ($id_group = 0) { $cur_time = get_system_time (); //Check for access credentials using check_acl. More overhead, much safer - if (!check_acl ($config["id_user"], $id_group, "RR")) { + if (!check_acl ($config["id_user"], $id_group, $access)) { return $data; } if ($id_group == 0) { - $id_group = array_keys (users_get_groups ($config['id_user'], "RR", false)); + $id_group = array_keys (users_get_groups ($config['id_user'], $access, false)); } // ----------------------------------------------------------------- @@ -1001,65 +1001,70 @@ function reporting_get_group_stats ($id_group = 0) { } if (!empty($group_array)) { + // FOR THE FUTURE: Split the groups into groups with tags restrictions and groups without it + // To calculate in the light way the non tag restricted and in the heavy way the others + /* + $group_restricted_data = tags_get_acl_tags($config['id_user'], $group_array, $access, 'data'); + $tags_restricted_groups = array_keys($group_restricted_data); - // Get unknown agents by using the status code in modules. + $no_tags_restricted_groups = $group_array; + foreach($no_tags_restricted_groups as $k => $v) { + if(in_array($v, $tags_restricted_groups)) { + unset($no_tags_restricted_groups[$k]); + } + } + */ + + if(!empty($group_array)) { + // Get unknown agents by using the status code in modules + $data["agents_unknown"] += groups_agent_unknown ($group_array); + + // Get monitor NOT INIT, except disabled AND async modules + $data["monitor_not_init"] += groups_monitor_not_init ($group_array); - $data["agents_unknown"] += groups_agent_unknown ($group_array); + // Get monitor OK, except disabled and non-init + $data["monitor_ok"] += groups_monitor_ok ($group_array); - // Get monitor NOT INIT, except disabled AND async modules - - $data["monitor_not_init"] += groups_monitor_not_init ($group_array); - - // Get monitor OK, except disabled and non-init + // Get monitor CRITICAL, except disabled and non-init + $data["monitor_critical"] += groups_monitor_critical ($group_array); + + // Get monitor WARNING, except disabled and non-init + $data["monitor_warning"] += groups_monitor_warning ($group_array); - $data["monitor_ok"] += groups_monitor_ok ($group_array); - - // Get monitor CRITICAL, except disabled and non-init - - $data["monitor_critical"] += groups_monitor_critical ($group_array); + // Get monitor UNKNOWN, except disabled and non-init + $data["monitor_unknown"] += groups_monitor_unknown ($group_array); + + // Get alerts configured, except disabled + $data["monitor_alerts"] += groups_monitor_alerts ($group_array) ; + + // Get alert configured currently FIRED, except disabled + $data["monitor_alerts_fired"] += groups_monitor_fired_alerts ($group_array); + + // Calculate totals using partial counts from above + + // Get TOTAL agents in a group + $data["total_agents"] += groups_total_agents ($group_array); - // Get monitor WARNING, except disabled and non-init + // Get TOTAL non-init modules, except disabled ones and async modules + $data["total_not_init"] += $data["monitor_not_init"]; - $data["monitor_warning"] += groups_monitor_warning ($group_array); - - // Get monitor UNKNOWN, except disabled and non-init - - $data["monitor_unknown"] += groups_monitor_unknown ($group_array); - - // Get alerts configured, except disabled - - $data["monitor_alerts"] += groups_monitor_alerts ($group_array) ; - - // Get alert configured currently FIRED, except disabled - - $data["monitor_alerts_fired"] += groups_monitor_fired_alerts ($group_array); - - // Calculate totals using partial counts from above - - // Get TOTAL agents in a group - $data["total_agents"] += groups_total_agents ($group_array); - - // Get TOTAL non-init modules, except disabled ones and async modules - - $data["total_not_init"] += $data["monitor_not_init"]; - - // Get Agents OK - $data["agent_ok"] += groups_agent_ok($group_array); - - // Get Agents Warning - $data["agent_warning"] += groups_agent_warning($group_array); - - // Get Agents Critical - $data["agent_critical"] += groups_agent_critical($group_array); - - // Get Agents Unknown - $data["agent_unknown"] += groups_agent_unknown($group_array); - - // Get Agents Not init - $data["agent_not_init"] += groups_agent_not_init($group_array); + // Get Agents OK + $data["agent_ok"] += groups_agent_ok($group_array); + + // Get Agents Warning + $data["agent_warning"] += groups_agent_warning($group_array); + + // Get Agents Critical + $data["agent_critical"] += groups_agent_critical($group_array); + + // Get Agents Unknown + $data["agent_unknown"] += groups_agent_unknown($group_array); + + // Get Agents Not init + $data["agent_not_init"] += groups_agent_not_init($group_array); + } // Get total count of monitors for this group, except disabled. - $data["monitor_checks"] = $data["monitor_not_init"] + $data["monitor_unknown"] + $data["monitor_warning"] + $data["monitor_critical"] + $data["monitor_ok"]; } diff --git a/pandora_console/include/functions_tags.php b/pandora_console/include/functions_tags.php index b9ce24ed6c..15f9339960 100644 --- a/pandora_console/include/functions_tags.php +++ b/pandora_console/include/functions_tags.php @@ -555,17 +555,423 @@ function tags_get_policy_module_tags ($id_policy_module){ * * @return mixed Array with tags. */ -function tags_get_all_tags () { +function tags_get_all_tags ($return_url = false) { $tags = db_get_all_fields_in_table('ttag', 'name'); if ($tags === false) return false; $return = array(); - foreach ($tags as $id => $tag) { - $return[$id] = $tag['name']; + foreach ($tags as $tag) { + $return[$tag['id_tag']] = $tag['name']; + if($return_url) { + $return[$tag['id_tag']] .= ' '.$tag['url']; + } } return $return; } + +/** + * Get the tags required + * + * @return mixed Array with tags. + */ +function tags_get_tags ($ids) { + $all_tags = tags_get_all_tags(true); + + $tags = array(); + foreach($ids as $id) { + if(isset($all_tags[$id])) { + $tags[$id] = $all_tags[$id]; + } + } + + return $tags; +} + +/** + * Give format to tags when go concatened with url. + * + * @param string name of tags serialized + * @param bool flag to return the url or not + * + * @return string Tags with url format + */ +function tags_get_tags_formatted ($tags_array, $get_url = true) { + if(!is_array($tags_array)) { + $tags_array = explode(',',$tags_array); + } + + $tags = array(); + foreach($tags_array as $t) { + $tag_url = explode(' ', trim($t)); + $tag = $tag_url[0]; + if(isset($tag_url[1]) && $tag_url[1] != '' && $get_url) { + $title = $tag_url[1]; + //$link = ''.html_print_image('images/zoom.png',true, array('alt' => $title, 'title' => $title)).''; + $link = '' . html_print_image('images/zoom.png', true, array('title' => __('Click here to open a popup window with URL tag'))) . ''; + + } + else { + $link = ''; + } + + $tags[] = $tag.$link; + } + + $tags = implode(',',$tags); + + $tags = str_replace(',',' , ',$tags); + + return $tags; +} + +/** + * Get the tags (more restrictive) of an access flag in a group + * + * @param string id of the user + * @param string id of the group + * @param string access flag (AR,AW...) + * @param string return_mode + * - 'data' for return array with groups and tags + * - 'module_condition' for return string with sql condition for tagente_module + * - 'event_condition' for return string with sql condition for tevento + * + * @return mixed/string Tag ids + */ + +function tags_get_acl_tags($id_user, $id_group, $access, $return_mode = 'module_condition', $query_prefix = '', $query_table = '') { + global $config; + if($id_user == false) { + $id_user = $config['id_user']; + } + + if (is_user_admin ($id_user)) { + switch($return_mode) { + case 'data': + return array(); + break; + case 'event_condition': + case 'module_condition': + return ""; + break; + } + } + + if((string)$id_group === "0") { + $id_group = array_keys(users_get_groups($id_user, $access, false)); + + if(empty($id_group)) { + return ERR_WRONG_PARAMETERS; + } + } + elseif(empty($id_group)) { + return ERR_WRONG_PARAMETERS; + } + elseif(!is_array($id_group)) { + $id_group = (array) $id_group; + } + + $acl_column = get_acl_column($access); + + if(empty($acl_column)) { + return ERR_WRONG_PARAMETERS; + } + + $query = sprintf("SELECT tags, id_grupo + FROM tusuario_perfil, tperfil + WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND + tusuario_perfil.id_usuario = '%s' AND + tperfil.%s = 1 AND + (tusuario_perfil.id_grupo IN (%s) OR tusuario_perfil.id_grupo = 0) + ORDER BY id_grupo", $id_user, $acl_column, implode(',',$id_group)); + $tags = db_get_all_rows_sql($query); + + // If not profiles returned, the user havent acl permissions + if(empty($tags)) { + return ERR_ACL; + } + + // Array to store groups where there arent tags restriction + $non_restriction_groups = array(); + + $acltags = array(); + foreach($tags as $tagsone) { + if(empty($tagsone['tags'])) { + // If there arent tags restriction in all groups (group 0), return no condition + if($tagsone['id_grupo'] == 0) { + switch($return_mode) { + case 'data': + return array(); + break; + case 'event_condition': + case 'module_condition': + return ""; + break; + } + } + + $non_restriction_groups[] = $tagsone['id_grupo']; + continue; + } + + $tags_array = explode(',',$tagsone['tags']); + + if(!isset($acltags[$tagsone['id_grupo']])) { + $acltags[$tagsone['id_grupo']] = $tags_array; + } + else { + $acltags[$tagsone['id_grupo']] = array_unique(array_merge($acltags[$tagsone['id_grupo']], $tags_array)); + } + } + + // Delete the groups without tag restrictions from the acl tags array + foreach($non_restriction_groups as $nrgroup) { + if(isset($acltags[$nrgroup])) { + unset($acltags[$nrgroup]); + } + } + + switch($return_mode) { + case 'data': + // Stop here and return the array + return $acltags; + break; + case 'module_condition': + // Return the condition of the tags for tagente_modulo table + $condition = tags_get_acl_tags_module_condition($acltags, $query_table); + if(!empty($condition)) { + return " $query_prefix ".$condition; + } + break; + case 'event_condition': + // Return the condition of the tags for tevento table + $condition = tags_get_acl_tags_event_condition($acltags); + + if(!empty($condition)) { + return " $query_prefix ".$condition; + } + break; + } + + return ""; +} + +/** + * Transform the acl_groups data into a SQL condition + * + * @param mixed acl_groups data calculated in tags_get_acl_tags function + * + * @return string SQL condition for tagente_module + */ + +function tags_get_acl_tags_module_condition($acltags, $modules_table = '') { + if(!empty($modules_table)) { + $modules_table .= '.'; + } + + $condition = ''; + foreach($acltags as $group_id => $group_tags) { + if($condition != '') { + $condition .= ' OR '; + } + + // Group condition (The module belongs to an agent of the group X) + $group_condition = sprintf('%sid_agente IN (SELECT id_agente FROM tagente WHERE id_grupo = %d)', $modules_table, $group_id); + // Tags condition (The module has at least one of the restricted tags) + $tags_condition = sprintf('%sid_agente_modulo IN (SELECT id_agente_modulo FROM ttag_module WHERE id_tag IN (%s))', $modules_table, implode(',',$group_tags)); + + $condition .= "($group_condition AND \n$tags_condition)\n"; + } + + if(!empty($condition)) { + $condition = sprintf("\n((%s) OR %sid_agente NOT IN (SELECT id_agente FROM tagente WHERE id_grupo IN (%s)))", $condition, $modules_table, implode(',',array_keys($acltags))); + } + + return $condition; +} + +/** + * Transform the acl_groups data into a SQL condition + * + * @param mixed acl_groups data calculated in tags_get_acl_tags function + * + * @return string SQL condition for tagente_module + */ + +function tags_get_acl_tags_event_condition($acltags) { + $condition = ''; + + // Get all tags of the system + $all_tags = tags_get_all_tags(false); + + foreach($acltags as $group_id => $group_tags) { + // Group condition (The module belongs to an agent of the group X) + $group_condition = sprintf('id_grupo = %d',$group_id); + + // Tags condition (The module has at least one of the restricted tags) + $tags_condition = ''; + foreach($group_tags as $tag) { + // If the tag ID doesnt exist, ignore + if(!isset($all_tags[$tag])) { + continue; + } + + if($tags_condition != '') { + $tags_condition .= " OR \n"; + } + + //~ // Add as condition all the posibilities of the serialized tags + //~ $tags_condition .= sprintf('tags LIKE "%s,%%"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s,%%"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%s %%"',io_safe_input($all_tags[$tag])); + //~ $tags_condition .= sprintf(' OR tags LIKE "%%,%s %%"',io_safe_input($all_tags[$tag])); + + $tags_condition .= sprintf('tags LIKE "%%%s%%"',io_safe_input($all_tags[$tag])); + } + + // If there is not tag condition ignore + if(empty($tags_condition)) { + continue; + } + + if($condition != '') { + $condition .= ' OR '; + } + + $condition .= "($group_condition AND \n($tags_condition))\n"; + } + + if(!empty($condition)) { + $condition = sprintf("\n((%s) OR id_grupo NOT IN (%s))", $condition, implode(',',array_keys($acltags))); + } + + return $condition; +} + +/** + * Get the tags of a user in an ACL flag + * + * @param string ID of the user (with false the user will be taked from config) + * @param string Access flag where check what tags have the user + * + * @return string SQL condition for tagente_module + */ +function tags_get_user_tags($id_user = false, $access = 'AR') { + global $config; + + if($id_user === false) { + $id_user = $config['id_user']; + } + + // Get all tags to have the name of all of them + $all_tags = tags_get_all_tags(); + + // If at least one of the profiles of this access flag hasent + // tags restrictions, the user can see all tags + $acl_column = get_acl_column($access); + + if(empty($acl_column)) { + return array(); + } + + $query = sprintf("SELECT count(*) + FROM tusuario_perfil, tperfil + WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND + tusuario_perfil.id_usuario = '%s' AND + tperfil.%s = 1 AND tags = ''", + $id_user, $acl_column); + + $profiles_without_tags = db_get_value_sql($query); + + if($profiles_without_tags > 0) { + return $all_tags; + } + + // Get the tags of the required access flag for each group + $tags = tags_get_acl_tags($id_user, 0, $access, 'data'); + + // Merge the tags to get an array with all of them + $user_tags_id = array(); + + foreach($tags as $t) { + if(empty($user_tags_id)) { + $user_tags_id = $t; + } + else { + $user_tags_id = array_unique(array_merge($t,$user_tags_id)); + } + } + + // Set the format id=>name to tags + $user_tags = array(); + foreach($user_tags_id as $id) { + if(!isset($all_tags[$id])) { + continue; + } + $user_tags[$id] = $all_tags[$id]; + } + + + return $user_tags; +} + +/** + * Check the ACLs with tags + * + * @param string ID of the user (with false the user will be taked from config) + * @param string id of the group (0 means for at least one) + * @param string access flag (AR,AW...) + * @param mixed tags to be checked (array() means for at least one) + * + * @return bool true if the acl check has success, false otherwise + */ +function tags_check_acl($id_user, $id_group, $access, $tags = array()) { + global $config; + + if($id_user === false) { + $id_user = $config['id_user']; + } + + $acls = tags_get_acl_tags($id_user, $id_group, $access, 'data'); + + // If there are wrong parameters or fail ACL check, return false + if($acls === ERR_WRONG_PARAMETERS || $acls === ERR_ACL) { + return false; + } + + // If there are not tags restrictions or tags passed, return true + if(empty($acls) || empty($tags)) { + return true; + } + + if($id_group > 0) { + if(isset($acls[$id_group])) { + foreach($tags as $tag) { + $tag = tags_get_id($tag); + + if(in_array($tag, $acls[$id_group])) { + return true; + } + } + } + else { + return false; + } + } + else { + foreach($acls as $acl_tags) { + foreach($tags as $tag) { + $tag = tags_get_id($tag); + if(in_array($tag, $acl_tags)) { + return true; + } + } + } + } + + return false; +} ?> diff --git a/pandora_console/include/functions_treeview.php b/pandora_console/include/functions_treeview.php index d76c0ea667..1838bdc919 100755 --- a/pandora_console/include/functions_treeview.php +++ b/pandora_console/include/functions_treeview.php @@ -14,6 +14,55 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. +function treeview_printAlertsTable($id_module, $console_url = '') { + global $config; + + $module_alerts = alerts_get_alerts_agent_module($id_module); + $module_name = db_get_value('nombre', 'tagente_modulo', 'id_agente_modulo', $id_module); + $agent_id = db_get_value('id_agente', 'tagente_modulo', 'id_agente_modulo', $id_module); + + if ($module_alerts === false) { + echo '

    '.__('There was a problem loading alerts').'

    '; + return; + } + + echo '
    '; + echo ''; + echo ''; + + echo ''; + echo ''; + + foreach($module_alerts as $module_alert) { + //Template name + echo ''; + $template_name = db_get_value('name','talert_templates','id',$module_alert['id_alert_template']); + echo ''; + $actions = alerts_get_alert_agent_module_actions($module_alert['id']); + echo ''; + } + echo '
    '.$module_name.'
    '.__('Template').''.__('Actions').'
    '.$template_name.''; + if(empty($actions)) { + echo ''.__('N/A').''; + } + else { + echo '
      '; + foreach($actions as $act) { + echo '
    • '; + echo $act['name']; + echo '
      • '; + } + echo '
    '; + } + echo '
    '; + + echo '
    '; + echo '
    '; + html_print_submit_button (__('Go to alerts detail'), 'upd_button', false, 'class="sub search"'); + echo '
    '; + echo '
    '; +} + function treeview_printTable($id_agente, $console_url = '') { global $config; @@ -181,7 +230,7 @@ function treeview_printTable($id_agente, $console_url = '') { echo '
    '; echo '
    '; - html_print_submit_button (__('Go to agent detail'), 'upd_button', false, 'class="sub upd"'); + html_print_submit_button (__('Go to agent detail'), 'upd_button', false, 'class="sub search"'); echo '
    '; echo '
    '; @@ -301,7 +350,7 @@ function treeview_getData ($type, $server=false) { $select_status = get_parameter('status', -1); //Get all groups - $avariableGroups = users_get_groups (); //db_get_all_rows_in_table('tgrupo', 'nombre'); + $avariableGroups = users_get_groups (); //Get all groups with agents $full_groups = db_get_all_rows_sql("SELECT DISTINCT id_grupo FROM tagente WHERE total_count > 0"); @@ -386,7 +435,6 @@ function treeview_getData ($type, $server=false) { $sql_search =''; } - switch ($type) { case 'os': $sql = agents_get_agents(array ( @@ -621,6 +669,8 @@ function treeview_getData ($type, $server=false) { if ($select_status != -1) $sql_search .= " AND estado = " . $select_status . " "; + $sql_search .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); + switch ($config["dbtype"]) { case "mysql": case "postgresql": @@ -645,7 +695,8 @@ function treeview_getData ($type, $server=false) { t1.id_agente_modulo = t3.id_agente_modulo AND t2.disabled = 0 AND t1.disabled = 0 AND - t3.utimestamp !=0 + t3.utimestamp !=0' . + $sql_search.' GROUP BY dbms_lob.substr(t1.nombre,4000,1) ORDER BY dbms_lob.substr(t1.nombre,4000,1) ASC'); break; @@ -653,20 +704,31 @@ function treeview_getData ($type, $server=false) { break; case 'tag': - $sql = 'SELECT DISTINCT ttag.name + // Restrict the tags showed to the user tags + $user_tags = tags_get_user_tags(); + if(empty($user_tags)) { + $user_tags_sql = ' AND 1 = 0'; + } + else { + $user_tags_sql = sprintf(' AND ttag.id_tag IN (%s)', implode(',', array_keys($user_tags))); + } + + if ($search_free == '') { + $search_sql = ''; + } + else { + $search_sql = sprintf(" AND tagente.nombre COLLATE utf8_general_ci LIKE '%%%s%%'", $search_free); + } + + $sql = "SELECT DISTINCT ttag.name FROM ttag, ttag_module, tagente, tagente_modulo WHERE ttag.id_tag = ttag_module.id_tag AND tagente.id_agente = tagente_modulo.id_agente AND tagente.disabled = 0 - AND ttag_module.id_agente_modulo = tagente_modulo.id_agente_modulo'; - if ($search_free != '') { - $sql = "SELECT DISTINCT ttag.name - FROM ttag, ttag_module, tagente, tagente_modulo - WHERE ttag.id_tag = ttag_module.id_tag - AND tagente.id_agente = tagente_modulo.id_agente - AND tagente.disabled = 0 - AND ttag_module.id_agente_modulo = tagente_modulo.id_agente_modulo AND tagente.nombre COLLATE utf8_general_ci LIKE '%$search_free%'"; - } + AND ttag_module.id_agente_modulo = tagente_modulo.id_agente_modulo" . + $search_sql . + $user_tags_sql; + $list = db_get_all_rows_sql($sql); break; } @@ -769,7 +831,7 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel else { $search_sql = ''; } - + //Extract all rows of data for each type switch ($type) { case 'group': @@ -865,10 +927,9 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel //"Load_articapandora_32_pandoraartica_Average" //result -> "Load Average" $name = str_replace(array('_articapandora_'.ord(' ').'_pandoraartica_', '_articapandora_'.ord('#').'_pandoraartica_','_articapandora_'.ord('/').'_pandoraartica_'),array(' ','#','/'),$id); - - $name = io_safe_input($name); - - + + $name = io_safe_input(io_safe_output($name)); + $sql = agents_get_agents(array ( 'order' => 'nombre COLLATE utf8_general_ci ASC', 'disabled' => 0, @@ -885,18 +946,33 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel WHERE nombre = \'%s\' AND disabled = 0 ) ', $name); + break; case 'tag': - $id = tags_get_id (pack ('H*', $id)); + if (defined ('METACONSOLE')) { + $id = tags_get_id (pack ('H*', $id)); + if ($id == '') { + return false; + } + } + if ($id === false) { return false; } + + if(empty($groups_sql)) { + $groups_condition = ' AND 1 = 0'; + } + else { + $groups_condition = sprintf(' AND tagente.id_grupo IN (%s)', $groups_sql); + } + $sql = "SELECT tagente.* FROM tagente, tagente_modulo, ttag_module WHERE tagente.id_agente = tagente_modulo.id_agente AND tagente_modulo.id_agente_modulo = ttag_module.id_agente_modulo - AND ttag_module.id_tag = " . $id; - + AND ttag_module.id_tag = " . $id . $groups_condition; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 'tagente_modulo'); break; } @@ -911,25 +987,27 @@ function treeview_getFirstBranchSQL ($type, $id, $avariableGroupsIds, $statusSel // Get SQL for the second tree branch function treeview_getSecondBranchSQL ($fatherType, $id, $id_father) { global $config; - switch ($fatherType) { case 'group': $sql = 'SELECT * FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; case 'os': $sql = 'SELECT * FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; case 'module_group': $sql = 'SELECT * FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id . ' AND id_module_group = ' . $id_father; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; case 'policies': $whereQuery = ''; @@ -943,6 +1021,7 @@ function treeview_getSecondBranchSQL ($fatherType, $id, $id_father) { FROM tagente_modulo AS t1 INNER JOIN tagente_estado AS t2 ON t1.id_agente_modulo = t2.id_agente_modulo WHERE t1.id_agente = ' . $id . $whereQuery; + $sql .= tags_get_acl_tags($config['id_user'], 0, 'AR', 'module_condition', 'AND', 't1'); break; default: case 'module': @@ -964,7 +1043,13 @@ function treeview_getSecondBranchSQL ($fatherType, $id, $id_father) { } break; case 'tag': - $id_father = tags_get_id ($id_father); + if (defined ('METACONSOLE')) { + $id_father = tags_get_id (pack ('H*', $id_father)); + if ($id == '') { + return false; + } + } + if ($id_father === false) { return false; } diff --git a/pandora_console/operation/events/events_list.php b/pandora_console/operation/events/events_list.php index a409986928..e7deb59fa2 100644 --- a/pandora_console/operation/events/events_list.php +++ b/pandora_console/operation/events/events_list.php @@ -128,7 +128,8 @@ if (is_ajax()) { return; } -$tags = tags_search_tag(false, false, true); +// Get the tags where the user have permissions in Events reading tasks +$tags = tags_get_user_tags($config['id_user'], 'ER'); // Error div for ajax messages echo "
    "; @@ -273,6 +274,18 @@ if (isset($filter_only_alert)) { $sql_post .= " AND event_type LIKE '%alert%'"; } +// Tags ACLS +if ($ev_group > 0 && in_array ($ev_group, array_keys ($groups))) { + $group_array = (array) $ev_group; +} +else { + $group_array = array_keys($groups); +} + +$tags_acls_condition = tags_get_acl_tags($config['id_user'], $group_array, 'ER', 'event_condition', 'AND'); + +$sql_post .= $tags_acls_condition; + $url = "index.php?sec=eventos&sec2=operation/events/events&search=" . rawurlencode(io_safe_input($search)) . "&event_type=" . $event_type . @@ -747,6 +760,9 @@ $idx = 0; foreach ($result as $event) { $data = array (); + // Clean url from events and store in array + $event['clean_tags'] = events_clean_tags($event['tags']); + //First pass along the class of this row $myclass = get_priority_class ($event["criticity"]); $table->rowclass[] = $myclass; @@ -978,25 +994,7 @@ foreach ($result as $event) { } if (in_array('tags',$show_fields)) { - if ($event["tags"] != '') { - $tag_array = explode(',', $event["tags"]); - $data[$i] = ''; - foreach ($tag_array as $tag_element) { - $blank_char_pos = strpos($tag_element, ' '); - $tag_name = substr($tag_element, 0, $blank_char_pos); - $tag_url = substr($tag_element, $blank_char_pos + 1); - $data[$i] .= ' ' .$tag_name; - if (!empty($tag_url)) { - $data[$i] .= ' ' . html_print_image('images/lupa.png', true, array('title' => __('Click here to open a popup window with URL tag'))) . ' '; - } - $data[$i] .= ','; - } - $data[$i] = rtrim($data[$i], ','); - } - else { - $data[$i] = ''; - } - + $data[$i] = tags_get_tags_formatted($event['tags']); $i++; } @@ -1024,7 +1022,7 @@ foreach ($result as $event) { //Actions $data[$i] = ''; // Validate event - if (($event["estado"] != 1) and (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1)) { + if (($event["estado"] != 1) && (tags_check_acl ($config["id_user"], $event["id_grupo"], "EW", $event['clean_tags']) == 1)) { $data[$i] .= ''; $data[$i] .= html_print_image ("images/ok.png", true, array ("title" => __('Validate event'))); @@ -1032,7 +1030,7 @@ foreach ($result as $event) { } // Delete event - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags']) == 1) { if($event['estado'] != 2) { $data[$i] .= ''; $data[$i] .= html_print_image ("images/cross.png", true, @@ -1052,12 +1050,12 @@ foreach ($result as $event) { $data[$i] .= ' '; $i++; - if (check_acl ($config["id_user"], $event["id_grupo"], "EM") == 1) { + if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EM", $event['clean_tags']) == 1) { //Checkbox // Class 'candeleted' must be the fist class to be parsed from javascript. Dont change $data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="candeleted chk_val"', true); } - else if (check_acl ($config["id_user"], $event["id_grupo"], "EW") == 1) { + else if (tags_check_acl ($config["id_user"], $event["id_grupo"], "EW", $event['clean_tags']) == 1) { //Checkbox $data[$i] = html_print_checkbox_extended ("validate_ids[]", $event['id_evento'], false, false, false, 'class="chk_val"', true); } @@ -1082,10 +1080,10 @@ if (!empty ($table->data)) { html_print_table ($table); echo '
    '; - if (check_acl ($config["id_user"], 0, "EW") == 1) { + if (tags_check_acl ($config["id_user"], 0, "EW", $event['clean_tags']) == 1) { html_print_button(__('Validate selected'), 'validate_button', false, 'validate_selected();', 'class="sub ok"'); } - if (check_acl ($config["id_user"], 0,"EM") == 1) { + if (tags_check_acl ($config["id_user"], 0,"EM", $event['clean_tags']) == 1) { html_print_button(__('Delete selected'), 'delete_button', false, 'delete_selected();', 'class="sub delete"'); ?> diff --git a/pandora_console/operation/users/user_edit.php b/pandora_console/operation/users/user_edit.php index a371ad51f0..32281b8712 100644 --- a/pandora_console/operation/users/user_edit.php +++ b/pandora_console/operation/users/user_edit.php @@ -312,6 +312,7 @@ $table->style[0] = 'font-weight: bold'; $table->style[1] = 'font-weight: bold'; $table->head[0] = __('Profile name'); $table->head[1] = __('Group'); +$table->head[2] = __('Tags'); $table->align = array(); $table->align[1] = 'center'; @@ -325,6 +326,12 @@ if ($result === false) { foreach ($result as $profile) { $data[0] = ''.profile_get_name ($profile["id_perfil"]).''; $data[1] = ui_print_group_icon ($profile["id_grupo"], true).' '; + + $tags_ids = explode(',',$profile["tags"]); + $tags = tags_get_tags($tags_ids); + + $data[2] = tags_get_tags_formatted($tags); + array_push ($table->data, $data); } diff --git a/pandora_console/pandoradb.data.oracle.sql b/pandora_console/pandoradb.data.oracle.sql index 879d88dae1..9c2f6eb27f 100644 --- a/pandora_console/pandoradb.data.oracle.sql +++ b/pandora_console/pandoradb.data.oracle.sql @@ -304,7 +304,8 @@ END;; -- BEGIN LOCK TABLE tusuario_perfil IN EXCLUSIVE MODE; -INSERT INTO tusuario_perfil VALUES (1,'admin',5,0,'admin',0); +INSERT INTO tusuario_perfil (id_up, id_usuario, id_perfil, id_grupo, assigned_by, id_policy) +VALUES (1,'admin',5,0,'admin',0); COMMIT; END;; diff --git a/pandora_console/pandoradb.data.postgreSQL.sql b/pandora_console/pandoradb.data.postgreSQL.sql index b2d0f85625..3d208f66f3 100644 --- a/pandora_console/pandoradb.data.postgreSQL.sql +++ b/pandora_console/pandoradb.data.postgreSQL.sql @@ -278,7 +278,8 @@ INSERT INTO "tusuario" ("id_user", "fullname", "firstname", "lastname", "middlen -- -- Dumping data for table "tusuario_perfil" -- -INSERT INTO "tusuario_perfil" VALUES (1,'admin',5,0,'admin',0); +INSERT INTO "tusuario_perfil" ("id_up", "id_usuario", "id_perfil", "id_grupo", "assigned_by", "id_policy") VALUES +(1,'admin',5,0,'admin',0); SELECT setval('tusuario_perfil_id_up_seq', (SELECT (SELECT MAX(id_up) FROM tusuario_perfil))); -- diff --git a/pandora_console/pandoradb.oracle.sql b/pandora_console/pandoradb.oracle.sql index 0701c1681a..907191ffb2 100644 --- a/pandora_console/pandoradb.oracle.sql +++ b/pandora_console/pandoradb.oracle.sql @@ -1015,7 +1015,8 @@ CREATE TABLE tusuario_perfil ( id_perfil NUMBER(10, 0) default 0 NOT NULL, id_grupo NUMBER(10, 0) default 0 NOT NULL, assigned_by VARCHAR2(100) default '', - id_policy NUMBER(10, 0) DEFAULT 0 NOT NULL + id_policy NUMBER(10, 0) DEFAULT 0 NOT NULL, + tags CLOB ); CREATE SEQUENCE tusuario_perfil_s INCREMENT BY 1 START WITH 1; CREATE OR REPLACE TRIGGER tusuario_perfil_inc BEFORE INSERT ON tusuario_perfil REFERENCING NEW AS NEW FOR EACH ROW BEGIN SELECT tusuario_perfil_s.nextval INTO :NEW.ID_UP FROM dual; END tusuario_perfil_inc;; diff --git a/pandora_console/pandoradb.postgreSQL.sql b/pandora_console/pandoradb.postgreSQL.sql index b178b0fbfe..16a5c4161f 100644 --- a/pandora_console/pandoradb.postgreSQL.sql +++ b/pandora_console/pandoradb.postgreSQL.sql @@ -879,7 +879,8 @@ CREATE TABLE "tusuario_perfil" ( "id_perfil" INTEGER NOT NULL default 0, "id_grupo" INTEGER NOT NULL default 0, "assigned_by" varchar(100) NOT NULL default '', - "id_policy" INTEGER DEFAULT 0 NOT NULL + "id_policy" INTEGER DEFAULT 0 NOT NULL, + "tags" text NOT NULL ); -- ----------------------------------------------------- diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index 6ceaeceb31..83ef30019a 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -974,6 +974,7 @@ CREATE TABLE IF NOT EXISTS `tusuario_perfil` ( `id_grupo` int(10) NOT NULL default '0', `assigned_by` varchar(100) NOT NULL default '', `id_policy` int(10) unsigned NOT NULL default '0', + `tags` text NOT NULL, PRIMARY KEY (`id_up`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index 4a7f595e69..c063ef8620 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -281,7 +281,7 @@ INSERT INTO `tusuario` (`id_user`, `fullname`, `firstname`, `lastname`, `middlen -- Dumping data for table `tusuario_perfil` -- -INSERT INTO `tusuario_perfil` VALUES (1,'admin',5,0,'admin',0); +INSERT INTO `tusuario_perfil` (`id_up`, `id_usuario`, `id_perfil`, `id_grupo`, `assigned_by`, `id_policy`) VALUES (1,'admin',5,0,'admin',0); -- -- Dumping data for table `tperfil`