From 9bb62f1f43e9a1128d1d64f4f8cc0ed6bb399866 Mon Sep 17 00:00:00 2001 From: Alejandro Gallardo Escobar Date: Tue, 31 Mar 2015 12:26:29 +0200 Subject: [PATCH] Added the new way to store the maps in groups and ACL improvements --- .../mobile/operation/networkmap.php | 17 +- .../mobile/operation/networkmaps.php | 10 +- .../operation/agentes/networkmap.dinamic.php | 2 +- .../operation/agentes/networkmap.groups.php | 2 +- .../operation/agentes/networkmap.php | 167 +++++++++++------- .../operation/agentes/networkmap.topology.php | 2 +- .../operation/agentes/networkmap_list.php | 24 +-- 7 files changed, 139 insertions(+), 85 deletions(-) diff --git a/pandora_console/mobile/operation/networkmap.php b/pandora_console/mobile/operation/networkmap.php index 52fcb677e4..c5d5e39006 100755 --- a/pandora_console/mobile/operation/networkmap.php +++ b/pandora_console/mobile/operation/networkmap.php @@ -21,15 +21,20 @@ class Networkmap { private $id = 0; private $network_map = null; - function __construct() { + function __construct($id = false) { $system = System::getInstance(); - if ($system->checkACL($this->acl)) { + if ($id === false) + $this->getFilters(); + else + $this->id = $id; + + $store_group = db_get_value('store_group', + 'tnetwork_map', 'id_networkmap', $this->id); + + if ($store_group !== false + && $system->checkACL($this->acl, $store_group)) $this->correct_acl = true; - } - else { - $this->correct_acl = false; - } } public function ajax($parameter2 = false) { diff --git a/pandora_console/mobile/operation/networkmaps.php b/pandora_console/mobile/operation/networkmaps.php index b1d96e5ae1..33b72c39e1 100755 --- a/pandora_console/mobile/operation/networkmaps.php +++ b/pandora_console/mobile/operation/networkmaps.php @@ -168,10 +168,10 @@ class Networkmaps { $where['order'] = 'type'; if ($this->group != '0') { - $where['id_group'] = $this->group; + $where['store_group'] = $this->group; } else { - $where['id_group'] = array_keys(users_get_groups()); + $where['store_group'] = array_keys(users_get_groups()); } if ($this->type != '0') @@ -184,13 +184,17 @@ class Networkmaps { } $list = array(); foreach ($network_maps as $networkmap) { + // ACL + if (! $system->checkACL("AR", $networkmap['store_group'])) + continue; + // If enterprise not loaded then skip this code if ($networkmap['type'] == 'policies' and (!defined('PANDORA_ENTERPRISE'))) continue; $row = array(); $row[__('Name')] = '' . io_safe_output($networkmap['name']) . ''; $row[__('Type')] = $networkmap['type']; - $row[__('Group')] = ui_print_group_icon($networkmap["id_group"], true, "groups_small", "" , false); + $row[__('Group')] = ui_print_group_icon($networkmap["store_group"], true, "groups_small", "" , false); $list[] = $row; } diff --git a/pandora_console/operation/agentes/networkmap.dinamic.php b/pandora_console/operation/agentes/networkmap.dinamic.php index 2f8d2849de..a51d659a48 100755 --- a/pandora_console/operation/agentes/networkmap.dinamic.php +++ b/pandora_console/operation/agentes/networkmap.dinamic.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], $store_group, "AR")) { db_pandora_audit("ACL Violation", "Trying to access node graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/networkmap.groups.php b/pandora_console/operation/agentes/networkmap.groups.php index bb85d2ecb4..d21830cd02 100644 --- a/pandora_console/operation/agentes/networkmap.groups.php +++ b/pandora_console/operation/agentes/networkmap.groups.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], $store_group, "AR")) { db_pandora_audit("ACL Violation", "Trying to access node graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/networkmap.php b/pandora_console/operation/agentes/networkmap.php index a7975bc167..8b9de395c0 100644 --- a/pandora_console/operation/agentes/networkmap.php +++ b/pandora_console/operation/agentes/networkmap.php @@ -66,35 +66,44 @@ if ($add_networkmap) { $font_size = 12; $text_filter = ''; $dont_show_subgroups = false; + $store_group = 0; $group = 0; $module_group = 0; $center = 0; $name = $activeTab; + $show_snmp_modules = 0; + $l2_network = 0; $check = db_get_value('name', 'tnetwork_map', 'name', $name); $sql = db_get_value_filter('COUNT(name)', 'tnetwork_map', array('name' => "%$name")); - if ($check) { - $id_networkmap = networkmap_create_networkmap("($sql) ".$name, - $activeTab, $layout, $nooverlap, $simple, $regen, - $font_size, $group, $module_group, $depth, $modwithalerts, - $hidepolicymodules, $zoom, $ranksep, $center, $text_filter, - $dont_show_subgroups); + $values = array( + 'name' => ($check ? "($sql) $name" : $name), + 'type' => $activeTab, + 'layout' => $layout, + 'nooverlap' => $nooverlap, + 'simple' => $simple, + 'regenerate' => $regen, + 'font_size' => $font_size, + 'store_group' => $store_group, + 'id_group' => $group, + 'id_module_group' => $module_group, + 'depth' => $depth, + 'only_modules_with_alerts' => $modwithalerts, + 'hide_policy_modules' => $hidepolicymodules, + 'zoom' => $zoom, + 'distance_nodes' => $ranksep, + 'text_filter' => $text_filter, + 'dont_show_subgroups' => $dont_show_subgroups, + 'center' => $center, + 'show_snmp_modules' => $show_snmp_modules, + 'l2_network' => $l2_network + ); + $id_networkmap = networkmap_create_networkmap($values); - $message = ui_print_result_message ($id_networkmap, - __('Network map created successfully'), - __('Could not create network map'), '', true); - } - else { - $id_networkmap = networkmap_create_networkmap($name, $activeTab, - $layout, $nooverlap, $simple, $regen, $font_size, $group, - $module_group, $depth, $modwithalerts, $hidepolicymodules, - $zoom, $ranksep, $center, $text_filter, $dont_show_subgroups); - - $message = ui_print_result_message ($id_networkmap, - __('Network map created successfully'), - __('Could not create network map'), '', true); - } + $message = ui_print_result_message ($id_networkmap, + __('Network map created successfully'), + __('Could not create network map'), '', true); } if ($save_networkmap || $update_networkmap) { @@ -112,6 +121,7 @@ if ($save_networkmap || $update_networkmap) { $font_size = (int) get_parameter ('font_size', 12); $text_filter = get_parameter ('text_filter', ''); $dont_show_subgroups = (bool)get_parameter ('dont_show_subgroups', 0); + $store_group = (int) get_parameter ('store_group', 0); $group = (int) get_parameter ('group', 0); $module_group = (int) get_parameter ('module_group', 0); $center = (int) get_parameter ('center', 0); @@ -126,7 +136,8 @@ if ($save_networkmap || $update_networkmap) { 'nooverlap' => $nooverlap, 'simple' => $simple, 'regenerate' => $regen, - 'font_size' => $font_size, + 'font_size' => $font_size, + 'store_group' => $store_group, 'id_group' => $group, 'id_module_group' => $module_group, 'depth' => $depth, @@ -177,6 +188,7 @@ if (!$update_networkmap && !$save_networkmap && $id_networkmap != 0) { $font_size = $networkmap_data['font_size']; $text_filter = $networkmap_data['text_filter']; $dont_show_subgroups = $networkmap_data['dont_show_subgroups']; + $store_group = $networkmap_data['store_group']; $group = $networkmap_data['id_group']; $module_group = $networkmap_data['id_module_group']; $center = $networkmap_data['center']; @@ -252,6 +264,7 @@ if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, 'tab=' . $activeTab . '&' . 'save_networkmap=1&' . 'name=' . $name . '&' . + 'store_group=' . $store_group . '&' . 'group=' . $group . '&' . 'layout=' . $layout . '&' . 'nooverlap=' . $nooverlap . '&' . @@ -328,84 +341,88 @@ $layout_array = array ( $options_form = '
'; +// Fill an array with the form inputs +$form_elems = array(); - -unset($table); -$table->width = '98%'; -$table->class = 'databox'; -$table->data = array(); -$table->data[0][] = __('Name:') . ' ' . +// Name +$element = __('Name') . ' ' . html_print_input_text ('name', $name, '', 25, 50, true); -if ($activeTab == 'groups'){ - $table->data[0][0] .= clippy_context_help("topology_group"); -} -$table->data[0][] = __('Group:') . ' ' . +if ($activeTab == 'groups') + $element .= clippy_context_help("topology_group"); +$form_elems[] = $element; + +// Store group +$form_elems[] = __('Store group') . ' ' . + html_print_select_groups(false, 'AR', false, 'store_group', $store_group, '', 'All', 0, true); + +// Group +$form_elems[] = __('Group') . ' ' . html_print_select_groups(false, 'AR', false, 'group', $group, '', 'All', 0, true); + +// Module group if ($activeTab == 'groups' || $activeTab == 'policies' || $activeTab == 'radial_dynamic') { - $table->data[0][] = __('Module group') . ' ' . + $form_elems[] = __('Module group') . ' ' . html_print_select_from_sql (' SELECT id_mg, name FROM tmodule_group', 'module_group', $module_group, '', 'All', 0, true); } +// Interfaces if ($activeTab == 'topology') { - $table->data[0][] = __('Show interfaces') . ' ' . + $form_elems[] = __('Show interfaces') . ' ' . html_print_checkbox ('show_snmp_modules', '1', $show_snmp_modules, true); } +// Layout if ($activeTab != 'dinamic' && $activeTab != 'radial_dynamic') { - $table->data[0][] = __('Layout') . ' ' . + $form_elems[] = __('Layout') . ' ' . html_print_select ($layout_array, 'layout', $layout, '', '', '', true); } +// Depth if ($activeTab == 'groups') { $depth_levels = array( 'all' => __('All'), 'agent' => __('Agents'), 'group' => __('Groups')); - $table->data[0][] = __('Depth') . ' ' . - html_print_select ($depth_levels, 'depth', $depth, '', '', '', true, false, false); -} - -if ($activeTab == 'policies') { - $depth_levels = array( - 'all' => __('All'), - 'agent' => __('Agents'), - 'policy' => __('Policies')); - $table->data[0][] = __('Depth') . ' ' . + $form_elems[] = __('Depth') . ' ' . html_print_select ($depth_levels, 'depth', $depth, '', '', '', true, false, false); } +// No overlap if ($activeTab != 'dinamic' && $activeTab != 'radial_dynamic') { - $table->data[1][] = __('No Overlap') . ' ' . + $form_elems[] = __('No Overlap') . ' ' . html_print_checkbox ('nooverlap', '1', $nooverlap, true); } -if (($activeTab == 'groups' || $activeTab == 'policies') && - $depth == 'all') { - $table->data[1][] = __('Only modules with alerts') . ' ' . +// Modules with alerts +if (($activeTab == 'groups' || $activeTab == 'policies') && $depth == 'all') { + $form_elems[] = __('Only modules with alerts') . ' ' . html_print_checkbox ('modwithalerts', '1', $modwithalerts, true); - - if ($activeTab == 'groups') { - if ($config['enterprise_installed']) { - $table->data[1][] = __('Hide policy modules') . ' ' . - html_print_checkbox ('hidepolicymodules', '1', $hidepolicymodules, true); - } +} + +// Hide policy modules +if ($activeTab == 'groups') { + if ($config['enterprise_installed']) { + $form_elems[] = __('Hide policy modules') . ' ' . + html_print_checkbox ('hidepolicymodules', '1', $hidepolicymodules, true); } } +// Simple if ($activeTab != 'dinamic' && $activeTab != 'radial_dynamic') { - $table->data[1][] = __('Simple') . ' ' . + $form_elems[] = __('Simple') . ' ' . html_print_checkbox ('simple', '1', $simple, true); } +// Regenerate if ($activeTab != 'dinamic' && $activeTab != 'radial_dynamic') { - $table->data[1][] = __('Regenerate') . ' ' . + $form_elems[] = __('Regenerate') . ' ' . html_print_checkbox ('regen', '1', $regen, true); } +// Zoom if ($pure == "1") { - // Zoom $zoom_array = array ( '1' => 'x1', '1.2' => 'x2', @@ -415,38 +432,62 @@ if ($pure == "1") { '5' => 'x10', ); - $table->data[1][] = __('Zoom') . ' ' . + $form_elems[] = __('Zoom') . ' ' . html_print_select ($zoom_array, 'zoom', $zoom, '', '', '', true, false, false, false); } +// Font if ($activeTab != 'dinamic' && $activeTab != 'radial_dynamic') { - $table->data[1][] = __('Font') . ' ' . + $form_elems[] = __('Font') . ' ' . html_print_input_text ('font_size', $font_size, $alt = 'Font size (in pt)', 2, 4, true); } +// Free text if ($activeTab != 'radial_dynamic') { - $table->data[2][] = __('Free text for search (*):') . ' ' . + $form_elems[] = __('Free text for search (*):') . ' ' . html_print_input_text('text_filter', $text_filter, '', 30, 100, true); } +// Don't show subgroups if (($activeTab == 'groups') || ($activeTab == 'topology')) { - $table->data[2][] = __('Don\'t show subgroups:') . + $form_elems[] = __('Don\'t show subgroups:') . ui_print_help_tip(__('Only run with it is filter for any group'), true) . ' ' . html_print_checkbox ('dont_show_subgroups', '1', $dont_show_subgroups, true); } +// L2 network if ($activeTab == 'topology') { - $table->data[2][] = __('L2 network interfaces') . ' ' . + $form_elems[] = __('L2 network interfaces') . ' ' . html_print_checkbox ('l2_network', '1', $l2_network, true); } +// Distance between nodes if ($nooverlap == 1) { - $table->data[2][] = __('Distance between nodes') . ' ' . + $form_elems[] = __('Distance between nodes') . ' ' . html_print_input_text ('ranksep', $ranksep, __('Separation between elements in the map (in Non-overlap mode)'), 3, 4, true); } +unset($table); +$table->width = '98%'; +$table->class = 'databox'; +$table->data = array(); + +$max_col = 5; +$col = 0; +$row = 0; + +foreach ($form_elems as $key => $element) { + if ($col >= $max_col) { + $col = 0; + $row++; + } + + $table->data[$row][$col] = $element; + $col++; +} + $options_form .= html_print_input_hidden('update_networkmap',1, true) . html_print_input_hidden('hidden_options',0, true); $options_form .= html_print_table ($table, true); diff --git a/pandora_console/operation/agentes/networkmap.topology.php b/pandora_console/operation/agentes/networkmap.topology.php index ad587e79f4..f9799e84a0 100644 --- a/pandora_console/operation/agentes/networkmap.topology.php +++ b/pandora_console/operation/agentes/networkmap.topology.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], $store_group, "AR")) { db_pandora_audit("ACL Violation", "Trying to access node graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/networkmap_list.php b/pandora_console/operation/agentes/networkmap_list.php index 6cef0715fe..aac56b6c8a 100644 --- a/pandora_console/operation/agentes/networkmap_list.php +++ b/pandora_console/operation/agentes/networkmap_list.php @@ -170,12 +170,12 @@ $id_groups = array_keys(users_get_groups()); // Create filter $where = array(); -$where['id_group'] = $id_groups; +$where['store_group'] = $id_groups; // Order by type field $where['order'] = 'type'; if (!empty($group_search)) - $where['id_group'] = $group_search; + $where['store_group'] = $group_search; if ($type_search != '0') $where['type'] = $type_search; @@ -183,11 +183,6 @@ if ($type_search != '0') //Check for maps only visible for this user $user_info = users_get_user_by_id($config['id_user']); -//If the user is not admin only user map are shown. -//if (!$user_info['is_admin']) { -// $where['id_user'] = $config['id_user']; -//} - $network_maps = db_get_all_rows_filter('tnetwork_map', $where); if ($network_maps === false) { @@ -197,6 +192,10 @@ if ($network_maps === false) { else { $table->data = array(); foreach ($network_maps as $network_map) { + // ACL + if (!check_acl ($config['id_user'], $network_map['store_group'], "RR")) + continue; + // If enterprise not loaded then skip this code if ($network_map['type'] == 'policies' and (!defined('PANDORA_ENTERPRISE'))) continue; @@ -204,18 +203,23 @@ else { if (($network_map['type'] == 'radial_dynamic' || $network_map['type'] == 'policies') && ($strict_user)) { continue; } - + $data = array(); $data[0] = '' . $network_map['name'] . ''; $data[1] = $network_map['type']; + $data[2] = ui_print_group_icon ($network_map['store_group'], true); - $data[2] = ui_print_group_icon ($network_map['id_group'], true); - if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) { + if (check_acl ($config['id_user'], $network_map['store_group'], "RW") || check_acl ($config['id_user'], $network_map['store_group'], "RM")) { $data[3] = '' . html_print_image("images/config.png", true) . ''; $data[4] = '' . html_print_image('images/cross.png', true) . ''; // The value of the checkbox will be the networkmap id to recover it in js to perform the massive deletion $data[5] = html_print_checkbox('check_delete', $network_map['id_networkmap'], false, true); } + else { + $data[3] = ''; + $data[4] = ''; + $data[5] = ''; + } $table->data[] = $data; }