tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

removed deprecated incident permissions

This commit is contained in:
alejandro.campos@artica.es 2021-05-13 13:33:45 +02:00
parent fdeaf52912
commit 9cde8c345f
33 changed files with 156 additions and 445 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pandora_console/extras/mr/47.sql
View File

@ -2,5 +2,8 @@ START TRANSACTION;
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_user` VARCHAR(60);
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_pass` VARCHAR(45);
ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
ALTER TABLE `tperfil` DROP COLUMN `incident_management`;
COMMIT;

3
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -4027,3 +4027,6 @@ DELETE FROM `tconfig` WHERE `token` = 'ipam_installed';
DELETE FROM `tconfig` WHERE `token` = 'ipam_recon_script_id';
ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
ALTER TABLE `tperfil` DROP COLUMN `incident_management`;

1
pandora_console/general/main_menu.php
View File

@ -88,7 +88,6 @@ if (check_acl($config['id_user'], 0, 'AW')
|| check_acl($config['id_user'], 0, 'LM')
|| check_acl($config['id_user'], 0, 'UM')
|| check_acl($config['id_user'], 0, 'LW')
|| check_acl($config['id_user'], 0, 'IW')
|| check_acl($config['id_user'], 0, 'EW')
|| check_acl($config['id_user'], 0, 'DW')
) {

2
pandora_console/godmode/agentes/agent_incidents.php
View File

@ -39,7 +39,7 @@ $offset = (int) get_parameter('offset', 0);
// See if id_agente is set (either POST or GET, otherwise -1
$id_agent = (int) get_parameter('id_agente');
$groups = users_get_groups($config['id_user'], 'IR');
$groups = users_get_groups($config['id_user'], 'AR');
$filter = ' AND id_agent = '.$id_agent;
$url = 'index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=incident&id_agente='.$id_agent;

4
pandora_console/godmode/gis_maps/configure_gis_map.php
View File

@ -15,7 +15,7 @@ global $config;
check_login();
$gis_w = check_acl($config['id_user'], 0, 'MW');
$gis_w = check_acl($config['id_user'], 0, 'MW', false, true, true);
$gis_m = check_acl($config['id_user'], 0, 'MM');
$access = ($gis_w == true) ? 'MW' : (($gis_m == true) ? 'MM' : 'MW');
@ -490,7 +490,7 @@ if (users_can_manage_group_all('MM') === true) {
$table->data[2][0] = __('Group');
$table->data[2][1] = html_print_select_groups(
false,
'IW',
'AR',
$return_all_group,
'map_group_id',
$map_group_id,

9
pandora_console/godmode/netflow/nf_item_list.php
View File

@ -20,15 +20,6 @@ require_once $config['homedir'].'/include/functions_html.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IW')) {
db_pandora_audit(
'ACL Violation',
'Trying to access event viewer'
);
include 'general/noaccess.php';
return;
}
// id report
$id = (int) get_parameter('id');

9
pandora_console/godmode/setup/setup_netflow.php
View File

@ -24,15 +24,6 @@ require_once 'include/functions_ui.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR')) {
db_pandora_audit(
'ACL Violation',
'Trying to access netflow setup'
);
include 'general/noaccess.php';
return;
}
$update = (bool) get_parameter('update');
$table->width = '100%';

27
pandora_console/godmode/users/configure_profile.php
View File

@ -85,11 +85,6 @@ if ($id_profile || $new_profile) {
// Name
$name = '';
// Incidents
$incident_view = 0;
$incident_edit = 0;
$incident_management = 0;
// Agents
$agent_view = 0;
$agent_edit = 0;
@ -148,11 +143,6 @@ if ($id_profile || $new_profile) {
// Name
$name = $profile['name'];
// Incidents
$incident_view = (bool) $profile['incident_view'];
$incident_edit = (bool) $profile['incident_edit'];
$incident_management = (bool) $profile['incident_management'];
// Agents
$agent_view = (bool) $profile['agent_view'];
$agent_edit = (bool) $profile['agent_edit'];
@ -197,7 +187,7 @@ if ($id_profile || $new_profile) {
);
enterprise_include_once('include/functions_audit.php');
$info = 'Name: '.$name.' Incident view: '.$incident_view.' Incident edit: '.$incident_edit.' Incident management: '.$incident_management.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
$info = 'Name: '.$name.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
enterprise_hook('audit_pandora_enterprise', [$id_audit, $info]);
@ -319,21 +309,6 @@ if ($id_profile || $new_profile) {
$table->data['VM'] = $row;
$table->data[] = '<hr>';
// Incidents
$row = [];
$row['name'] = __('View incidents');
$row['input'] = html_print_checkbox('incident_view', 1, $incident_view, true);
$table->data['IR'] = $row;
$row = [];
$row['name'] = __('Edit incidents');
$row['input'] = html_print_checkbox('incident_edit', 1, $incident_edit, true, false, 'autoclick_profile_users(\'incident_edit\', \'incident_view\', \'false\')');
$table->data['IW'] = $row;
$row = [];
$row['name'] = __('Manage incidents');
$row['input'] = html_print_checkbox('incident_management', 1, $incident_management, true, false, 'autoclick_profile_users(\'incident_management\', \'incident_view\', \'incident_edit\');');
$table->data['IM'] = $row;
$table->data[] = '<hr>';
$disable_option = 'javascript: return false;';
if (check_acl($config['id_user'], 0, 'PM') || users_is_admin()) {
$disable_option = '';

27
pandora_console/godmode/users/profile_list.php
View File

@ -107,11 +107,6 @@ if ($delete_profile) {
if ($create_profile || $update_profile) {
$name = get_parameter('name');
// Incidents
$incident_view = (bool) get_parameter('incident_view');
$incident_edit = (bool) get_parameter('incident_edit');
$incident_management = (bool) get_parameter('incident_management');
// Agents
$agent_view = (bool) get_parameter('agent_view');
$agent_edit = (bool) get_parameter('agent_edit');
@ -152,9 +147,6 @@ if ($create_profile || $update_profile) {
$values = [
'name' => $name,
'incident_view' => $incident_view,
'incident_edit' => $incident_edit,
'incident_management' => $incident_management,
'agent_view' => $agent_view,
'agent_edit' => $agent_edit,
'agent_disable' => $agent_disable,
@ -183,10 +175,7 @@ if ($update_profile) {
if ($name) {
$ret = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
if ($ret !== false) {
$info = '{"Name":"'.$incident_view.'",
"Incident view":"'.$incident_view.'",
"Incident edit":"'.$incident_edit.'",
"Incident management":"'.$incident_management.'",
$info = '{"Name":"'.$name.'",
"Agent view":"'.$agent_view.'",
"Agent edit":"'.$agent_edit.'",
"Agent disable":"'.$agent_disable.'",
@ -234,10 +223,7 @@ if ($create_profile) {
if ($ret !== false) {
ui_print_success_message(__('Successfully created'));
$info = '{"Name":"'.$incident_view.'",
"Incident view":"'.$incident_view.'",
"Incident edit":"'.$incident_edit.'",
"Incident management":"'.$incident_management.'",
$info = '{"Name":"'.$name.'",
"Agent view":"'.$agent_view.'",
"Agent edit":"'.$agent_edit.'",
"Agent disable":"'.$agent_disable.'",
@ -289,9 +275,6 @@ $table->align = [];
$table->head['profiles'] = __('Profiles');
$table->head['IR'] = 'IR';
$table->head['IW'] = 'IW';
$table->head['IM'] = 'IM';
$table->head['AR'] = 'AR';
$table->head['AW'] = 'AW';
$table->head['AD'] = 'AD';
@ -317,9 +300,6 @@ $table->head['operations'] = '<span title="Operations">'.__('Op.').'</span>';
$table->align = array_fill(1, 11, 'center');
$table->size['profiles'] = '200px';
$table->size['IR'] = '10px';
$table->size['IW'] = '10px';
$table->size['IM'] = '10px';
$table->size['AR'] = '10px';
$table->size['AW'] = '10px';
$table->size['AD'] = '10px';
@ -358,9 +338,6 @@ $img = html_print_image(
foreach ($profiles as $profile) {
$data['profiles'] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.$profile['name'].'</a>';
$data['IR'] = ($profile['incident_view'] ? $img : '');
$data['IW'] = ($profile['incident_edit'] ? $img : '');
$data['IM'] = ($profile['incident_management'] ? $img : '');
$data['AR'] = ($profile['agent_view'] ? $img : '');
$data['AW'] = ($profile['agent_edit'] ? $img : '');
$data['AD'] = ($profile['agent_disable'] ? $img : '');

2
pandora_console/include/class/NetworkMap.class.php
View File

@ -3207,7 +3207,7 @@ class NetworkMap
$table->data[0][0] = __('Group');
$table->data[0][1] = html_print_select_groups(
false,
'IW',
'AR',
false,
'group_for_show_agents',
-1,

23
pandora_console/include/functions.php
View File

@ -2281,9 +2281,6 @@ function check_login($output=true)
* Check access privileges to resources
*
* Access can be:
* IR - Incident/report Read
* IW - Incident/report Write
* IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
@ -2374,9 +2371,6 @@ function check_acl_one_of_groups($id_user, $groups, $access, $cache=true)
* Check access privileges to resources (write or management is not allowed for 'all' group )
*
* Access can be:
* IR - Incident/report Read
* IW - Incident/report Write
* IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
@ -2445,18 +2439,6 @@ function check_acl_restricted_all($id_user, $id_group, $access, $onlyOneGroup=fa
function get_acl_column($access)
{
switch ($access) {
case 'IR':
return 'incident_view';
break;
case 'IW':
return 'incident_edit';
break;
case 'IM':
return 'incident_management';
break;
case 'AR':
return 'agent_view';
@ -2552,10 +2534,7 @@ function get_users_acl($id_user)
$rowdup = $users_acl_cache[$id_user];
} else {
$query = sprintf(
"SELECT sum(tperfil.incident_view) as incident_view,
sum(tperfil.incident_edit) as incident_edit,
sum(tperfil.incident_management) as incident_management,
sum(tperfil.agent_view) as agent_view,
"SELECT sum(tperfil.agent_view) as agent_view,
sum(tperfil.agent_edit) as agent_edit,
sum(tperfil.alert_edit) as alert_edit,
sum(tperfil.alert_management) as alert_management,

186
pandora_console/include/functions_api.php
View File

@ -486,7 +486,7 @@ function api_get_groups($thrash1, $thrash2, $other, $returnType, $user_in_db)
$returnAllColumns = ( $other['data'][2] == '1' ? true : false);
}
$groups = users_get_groups($user_in_db, 'IR', $returnAllGroup, $returnAllColumns);
$groups = users_get_groups($user_in_db, 'AR', $returnAllGroup, $returnAllColumns);
$data_groups = [];
foreach ($groups as $id => $group) {
@ -11358,9 +11358,6 @@ function api_get_user_profiles_info($thrash1, $thrash2, $thrash3, $returnType)
[
'id_perfil',
'name',
'incident_view as IR',
'incident_edit as IW',
'incident_management as IM',
'agent_view as AR',
'agent_edit as AW',
'agent_disable as AD',
@ -11413,29 +11410,26 @@ function api_set_create_user_profile_info($thrash1, $thrash2, $other, $returnTyp
$values = [
'name' => (string) $other['data'][0],
'incident_view' => (bool) $other['data'][1] ? 1 : 0,
'incident_edit' => (bool) $other['data'][2] ? 1 : 0,
'incident_management' => (bool) $other['data'][3] ? 1 : 0,
'agent_view' => (bool) $other['data'][4] ? 1 : 0,
'agent_edit' => (bool) $other['data'][5] ? 1 : 0,
'agent_disable' => (bool) $other['data'][6] ? 1 : 0,
'alert_edit' => (bool) $other['data'][7] ? 1 : 0,
'alert_management' => (bool) $other['data'][8] ? 1 : 0,
'user_management' => (bool) $other['data'][9] ? 1 : 0,
'db_management' => (bool) $other['data'][10] ? 1 : 0,
'event_view' => (bool) $other['data'][11] ? 1 : 0,
'event_edit' => (bool) $other['data'][12] ? 1 : 0,
'event_management' => (bool) $other['data'][13] ? 1 : 0,
'report_view' => (bool) $other['data'][14] ? 1 : 0,
'report_edit' => (bool) $other['data'][15] ? 1 : 0,
'report_management' => (bool) $other['data'][16] ? 1 : 0,
'map_view' => (bool) $other['data'][17] ? 1 : 0,
'map_edit' => (bool) $other['data'][18] ? 1 : 0,
'map_management' => (bool) $other['data'][19] ? 1 : 0,
'vconsole_view' => (bool) $other['data'][20] ? 1 : 0,
'vconsole_edit' => (bool) $other['data'][21] ? 1 : 0,
'vconsole_management' => (bool) $other['data'][22] ? 1 : 0,
'pandora_management' => (bool) $other['data'][23] ? 1 : 0,
'agent_view' => (bool) $other['data'][1] ? 1 : 0,
'agent_edit' => (bool) $other['data'][2] ? 1 : 0,
'agent_disable' => (bool) $other['data'][3] ? 1 : 0,
'alert_edit' => (bool) $other['data'][4] ? 1 : 0,
'alert_management' => (bool) $other['data'][5] ? 1 : 0,
'user_management' => (bool) $other['data'][6] ? 1 : 0,
'db_management' => (bool) $other['data'][7] ? 1 : 0,
'event_view' => (bool) $other['data'][8] ? 1 : 0,
'event_edit' => (bool) $other['data'][9] ? 1 : 0,
'event_management' => (bool) $other['data'][10] ? 1 : 0,
'report_view' => (bool) $other['data'][11] ? 1 : 0,
'report_edit' => (bool) $other['data'][12] ? 1 : 0,
'report_management' => (bool) $other['data'][13] ? 1 : 0,
'map_view' => (bool) $other['data'][14] ? 1 : 0,
'map_edit' => (bool) $other['data'][15] ? 1 : 0,
'map_management' => (bool) $other['data'][16] ? 1 : 0,
'vconsole_view' => (bool) $other['data'][17] ? 1 : 0,
'vconsole_edit' => (bool) $other['data'][18] ? 1 : 0,
'vconsole_management' => (bool) $other['data'][19] ? 1 : 0,
'pandora_management' => (bool) $other['data'][20] ? 1 : 0,
];
$return = db_process_sql_insert('tperfil', $values);
@ -11475,29 +11469,26 @@ function api_set_update_user_profile_info($id_profile, $thrash1, $other, $return
$values = [
'name' => $other['data'][0] == '' ? $profile['name'] : (string) $other['data'][0],
'incident_view' => $other['data'][1] == '' ? $profile['incident_view'] : (bool) $other['data'][1] ? 1 : 0,
'incident_edit' => $other['data'][2] == '' ? $profile['incident_edit'] : (bool) $other['data'][2] ? 1 : 0,
'incident_management' => $other['data'][3] == '' ? $profile['incident_management'] : (bool) $other['data'][3] ? 1 : 0,
'agent_view' => $other['data'][4] == '' ? $profile['agent_view'] : (bool) $other['data'][4] ? 1 : 0,
'agent_edit' => $other['data'][5] == '' ? $profile['agent_edit'] : (bool) $other['data'][5] ? 1 : 0,
'agent_disable' => $other['data'][6] == '' ? $profile['agent_disable'] : (bool) $other['data'][6] ? 1 : 0,
'alert_edit' => $other['data'][7] == '' ? $profile['alert_edit'] : (bool) $other['data'][7] ? 1 : 0,
'alert_management' => $other['data'][8] == '' ? $profile['alert_management'] : (bool) $other['data'][8] ? 1 : 0,
'user_management' => $other['data'][9] == '' ? $profile['user_management'] : (bool) $other['data'][9] ? 1 : 0,
'db_management' => $other['data'][10] == '' ? $profile['db_management'] : (bool) $other['data'][10] ? 1 : 0,
'event_view' => $other['data'][11] == '' ? $profile['event_view'] : (bool) $other['data'][11] ? 1 : 0,
'event_edit' => $other['data'][12] == '' ? $profile['event_edit'] : (bool) $other['data'][12] ? 1 : 0,
'event_management' => $other['data'][13] == '' ? $profile['event_management'] : (bool) $other['data'][13] ? 1 : 0,
'report_view' => $other['data'][14] == '' ? $profile['report_view'] : (bool) $other['data'][14] ? 1 : 0,
'report_edit' => $other['data'][15] == '' ? $profile['report_edit'] : (bool) $other['data'][15] ? 1 : 0,
'report_management' => $other['data'][16] == '' ? $profile['report_management'] : (bool) $other['data'][16] ? 1 : 0,
'map_view' => $other['data'][17] == '' ? $profile['map_view'] : (bool) $other['data'][17] ? 1 : 0,
'map_edit' => $other['data'][18] == '' ? $profile['map_edit'] : (bool) $other['data'][18] ? 1 : 0,
'map_management' => $other['data'][19] == '' ? $profile['map_management'] : (bool) $other['data'][19] ? 1 : 0,
'vconsole_view' => $other['data'][20] == '' ? $profile['vconsole_view'] : (bool) $other['data'][20] ? 1 : 0,
'vconsole_edit' => $other['data'][21] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][21] ? 1 : 0,
'vconsole_management' => $other['data'][22] == '' ? $profile['vconsole_management'] : (bool) $other['data'][22] ? 1 : 0,
'pandora_management' => $other['data'][23] == '' ? $profile['pandora_management'] : (bool) $other['data'][23] ? 1 : 0,
'agent_view' => $other['data'][1] == '' ? $profile['agent_view'] : (bool) $other['data'][1] ? 1 : 0,
'agent_edit' => $other['data'][2] == '' ? $profile['agent_edit'] : (bool) $other['data'][2] ? 1 : 0,
'agent_disable' => $other['data'][3] == '' ? $profile['agent_disable'] : (bool) $other['data'][3] ? 1 : 0,
'alert_edit' => $other['data'][4] == '' ? $profile['alert_edit'] : (bool) $other['data'][4] ? 1 : 0,
'alert_management' => $other['data'][5] == '' ? $profile['alert_management'] : (bool) $other['data'][5] ? 1 : 0,
'user_management' => $other['data'][6] == '' ? $profile['user_management'] : (bool) $other['data'][6] ? 1 : 0,
'db_management' => $other['data'][7] == '' ? $profile['db_management'] : (bool) $other['data'][7] ? 1 : 0,
'event_view' => $other['data'][8] == '' ? $profile['event_view'] : (bool) $other['data'][8] ? 1 : 0,
'event_edit' => $other['data'][9] == '' ? $profile['event_edit'] : (bool) $other['data'][9] ? 1 : 0,
'event_management' => $other['data'][10] == '' ? $profile['event_management'] : (bool) $other['data'][10] ? 1 : 0,
'report_view' => $other['data'][11] == '' ? $profile['report_view'] : (bool) $other['data'][11] ? 1 : 0,
'report_edit' => $other['data'][12] == '' ? $profile['report_edit'] : (bool) $other['data'][12] ? 1 : 0,
'report_management' => $other['data'][13] == '' ? $profile['report_management'] : (bool) $other['data'][13] ? 1 : 0,
'map_view' => $other['data'][14] == '' ? $profile['map_view'] : (bool) $other['data'][14] ? 1 : 0,
'map_edit' => $other['data'][15] == '' ? $profile['map_edit'] : (bool) $other['data'][15] ? 1 : 0,
'map_management' => $other['data'][16] == '' ? $profile['map_management'] : (bool) $other['data'][16] ? 1 : 0,
'vconsole_view' => $other['data'][17] == '' ? $profile['vconsole_view'] : (bool) $other['data'][17] ? 1 : 0,
'vconsole_edit' => $other['data'][18] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][18] ? 1 : 0,
'vconsole_management' => $other['data'][19] == '' ? $profile['vconsole_management'] : (bool) $other['data'][19] ? 1 : 0,
'pandora_management' => $other['data'][20] == '' ? $profile['pandora_management'] : (bool) $other['data'][20] ? 1 : 0,
];
$return = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
@ -11545,101 +11536,6 @@ function api_set_delete_user_profile_info($id_profile, $thrash1, $thrash2, $retu
}
/**
* Create new incident in Pandora.
*
* @param $thrash1 Don't use.
* @param $thrash2 Don't use.
* @param array $other it's array, $other as param is <title>;<description>;
* <origin>;<priority>;<state>;<group> in this order and separator char
* (after text ; ) and separator (pass in param othermode as
* othermode=url_encode_separator_<separator>)
* example:
*
* api.php?op=set&op2=new_incident&other=titulo|descripcion%20texto|Logfiles|2|10|12&other_mode=url_encode_separator_|
*
* @param $thrash3 Don't use.
*/
function api_set_new_incident($thrash1, $thrash2, $other, $thrash3)
{
global $config;
if (defined('METACONSOLE')) {
return;
}
if (!check_acl($config['id_user'], 0, 'IW')) {
returnError('forbidden', 'string');
return;
}
$title = $other['data'][0];
$description = $other['data'][1];
$origin = $other['data'][2];
$priority = $other['data'][3];
$id_creator = 'API';
$state = $other['data'][4];
$group = $other['data'][5];
$values = [
'inicio' => 'NOW()',
'actualizacion' => 'NOW()',
'titulo' => $title,
'descripcion' => $description,
'id_usuario' => 'API',
'origen' => $origin,
'estado' => $state,
'prioridad' => $priority,
'id_grupo' => $group,
'id_creator' => $id_creator,
];
$idIncident = db_process_sql_insert('tincidencia', $values);
if ($idIncident === false) {
returnError('A new incident could not be created.');
} else {
returnData('string', ['type' => 'string', 'data' => $idIncident]);
}
}
/**
* Add note into a incident.
*
* @param $id string Username author of note.
* @param $id2 integer ID of incident.
* @param $other string Note.
* @param $thrash2 Don't use.
*/
function api_set_new_note_incident($id, $id2, $other, $thrash2)
{
global $config;
if (defined('METACONSOLE')) {
return;
}
if (!check_acl($config['id_user'], 0, 'IW')) {
returnError('forbidden', 'string');
return;
}
$values = [
'id_usuario' => $id,
'id_incident' => $id2,
'nota' => $other['data'],
];
$idNote = db_process_sql_insert('tnota', $values);
if ($idNote === false) {
returnError('A new incident could not be created+.');
} else {
returnData('string', ['type' => 'string', 'data' => $idNote]);
}
}
/**
* Disable a module, given agent and module name.
*

20
pandora_console/include/functions_integriaims.php
View File

@ -79,22 +79,10 @@ function integriaims_tabs($active_tab, $view=false)
}
$onheader = [];
if (check_acl($config['id_user'], 0, 'IR') && $view) {
$onheader['view'] = $view_tab;
}
if (check_acl($config['id_user'], 0, 'PM')) {
$onheader['configure'] = $setup_tab;
}
if (check_acl($config['id_user'], 0, 'IR')) {
$onheader['list'] = $list_tab;
}
if (check_acl($config['id_user'], 0, 'IW')) {
$onheader['create'] = $create_tab;
}
$onheader['view'] = $view_tab;
$onheader['configure'] = $setup_tab;
$onheader['list'] = $list_tab;
$onheader['create'] = $create_tab;
return $onheader;
}

2
pandora_console/include/functions_netflow.php
View File

@ -120,7 +120,7 @@ function netflow_check_filter_group($id_sg)
$id_group = db_get_value('id_group', 'tnetflow_filter', 'id_sg', $id_sg);
$own_info = get_user_info($config['id_user']);
// Get group list that user has access.
$groups_user = users_get_groups($config['id_user'], 'IW', $own_info['is_admin'], true);
$groups_user = users_get_groups($config['id_user'], 'AR', $own_info['is_admin'], true);
$groups_id = [];
$has_permission = false;

2
pandora_console/include/functions_networkmap.php
View File

@ -1500,7 +1500,7 @@ function networkmap_delete_relations($id_map)
function get_networkmaps($id)
{
$groups = array_keys(users_get_groups(null, 'IW'));
$groups = array_keys(users_get_groups(null, 'MW'));
$filter = [];
$filter['id_group'] = $groups;

3
pandora_console/include/functions_users.php
View File

@ -235,9 +235,6 @@ function groups_combine_acl($acl_group_a, $acl_group_b)
}
$acl_list = [
'incident_view' => 1,
'incident_edit' => 1,
'incident_management' => 1,
'agent_view' => 1,
'agent_edit' => 1,
'agent_disable' => 1,

7
pandora_console/operation/incidents/configure_integriaims_incident.php
View File

@ -16,13 +16,6 @@ global $config;
check_login();
if (!(check_acl($config['id_user'], 0, 'IW') && check_acl($config['id_user'], 0, 'IR'))) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
require_once $config['homedir'].'/include/functions_integriaims.php';
$update = (isset($_GET['incident_id']) === true);

30
pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
View File

@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
check_login();
if (!check_acl($config['id_user'], 0, 'IR')) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
// Check if Integria integration enabled.
if ($config['integria_enabled'] == 0) {
ui_print_error_message(__('In order to access ticket management system, integration with Integria IMS must be enabled and properly configured'));
@ -124,10 +117,7 @@ $table_files->head[1] = __('Timestamp');
$table_files->head[2] = __('Description');
$table_files->head[3] = __('User');
$table_files->head[4] = __('Size');
if (check_acl($config['id_user'], 0, 'IW')) {
$table_files->head[5] = __('Delete');
}
$table_files->head[5] = __('Delete');
$table_files->data = [];
@ -240,11 +230,10 @@ foreach ($files as $key => $value) {
$table_files->data[$i][2] = $value[12];
$table_files->data[$i][3] = $value[8];
$table_files->data[$i][4] = $value[13];
if (check_acl($config['id_user'], 0, 'IW')) {
$table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
}
$table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
$table_files->data[$i][5] .= '</a>';
@ -267,9 +256,7 @@ $table_files_section->data[2][0] .= '<div class="w100p right">'.html_print_submi
$upload_file_form = '<div class="w100p">';
if (check_acl($config['id_user'], 0, 'IW')) {
$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
}
$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
$upload_file_form .= '<h4>'.__('Attached files').'</h4>'.html_print_table($table_files, true).'</form></div>';
@ -361,9 +348,8 @@ if (!empty($comments)) {
$upload_comment_form = '<div class="w100p">';
if (check_acl($config['id_user'], 0, 'IW')) {
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
}
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
$upload_comment_form .= '<h4>'.__('Comments').'</h4>'.$comment_table.'</div>';

8
pandora_console/operation/incidents/incident_statistics.php
View File

@ -18,11 +18,9 @@ require_once $config['homedir'].'/include/functions_graph.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
db_pandora_audit('ACL Violation', 'Trying to access Incident section');
include 'general/noaccess.php';
exit;
}
db_pandora_audit('ACL Violation', 'Trying to access Incident section');
require 'general/noaccess.php';
exit;
ui_print_page_header(__('Incidents').' &raquo; '.__('Statistics'), 'images/book_edit.png', false, '', false, '');

8
pandora_console/operation/incidents/integriaims_export_csv.php
View File

@ -20,14 +20,6 @@ require_once '../../include/functions_integriaims.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
// API calls.
$status_incident = integriaims_get_details('status');
$group_incident = integriaims_get_details('group');

41
pandora_console/operation/incidents/list_integriaims_incidents.php
View File

@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR')) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
// Header tabs.
$onheader = integriaims_tabs('list_tab');
ui_print_page_header(
@ -266,9 +259,7 @@ $table->head[4] = __('Prior');
$table->head[5] = __('Updated/Started');
$table->head[6] = __('Creator');
$table->head[7] = __('Owner');
if (check_acl($config['id_user'], 0, 'IW') || check_acl($config['id_user'], 0, 'IM')) {
$table->head[8] = '';
}
$table->head[8] = '';
$table->data = [];
$i = 0;
@ -294,18 +285,14 @@ foreach ($incidents_paginated as $key => $value) {
$table->data[$i][7] = $array_get_incidents[$key][5];
$table->data[$i][8] = '';
$table->cellclass[$i][8] = 'action_buttons';
if (check_acl($config['id_user'], 0, 'IW')) {
$table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
$table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
$table->data[$i][8] .= '</a>';
}
$table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
$table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
$table->data[$i][8] .= '</a>';
if (check_acl($config['id_user'], 0, 'IM')) {
$table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
$table->data[$i][8] .= '</a>';
}
$table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
$table->data[$i][8] .= '</a>';
$i++;
}
@ -320,13 +307,11 @@ if (empty($table->data) === true) {
}
// Show button to create incident.
if (check_acl($config['id_user'], 0, 'IR')) {
echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
echo '<div class="wi100p right">';
html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
echo '</div>';
echo '</form>';
}
echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
echo '<div class="wi100p right">';
html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
echo '</div>';
echo '</form>';
// Datapicker library for show calendar.
ui_require_jquery_file('ui.datepicker-'.get_user_language(), 'include/javascript/i18n/');

47
pandora_console/operation/menu.php
View File

@ -267,9 +267,9 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
$own_groups = array_keys(users_get_groups($config['id_user'], 'IR'));
$own_groups = array_keys(users_get_groups($config['id_user'], 'MR'));
} else {
$own_groups = array_keys(users_get_groups($config['id_user'], 'IR', false));
$own_groups = array_keys(users_get_groups($config['id_user'], 'MR', false));
}
foreach ($gisMaps as $gisMap) {
@ -278,10 +278,6 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
continue;
}
if (! check_acl($config['id_user'], $gisMap['group_id'], 'IR')) {
continue;
}
$sub2['operation/gis_maps/render_view&amp;map_id='.$gisMap['id_tgis_map']]['text'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
$sub2['operation/gis_maps/render_view&amp;map_id='.$gisMap['id_tgis_map']]['id'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
$sub2['operation/gis_maps/render_view&amp;map_id='.$gisMap['id_tgis_map']]['title'] = io_safe_output($gisMap['map_name']);
@ -459,30 +455,25 @@ $sub['operation/users/user_edit_notifications']['refr'] = 0;
// Incidents.
if (check_acl($config['id_user'], 0, 'IR')
|| check_acl($config['id_user'], 0, 'IW')
|| check_acl($config['id_user'], 0, 'IM')
) {
$temp_sec2 = $sec2;
$sec2 = 'incident';
$sec2sub = 'operation/incidents/incident_statistics';
$sub[$sec2]['text'] = __('Incidents');
$sub[$sec2]['id'] = 'Incidents';
$sub[$sec2]['type'] = 'direct';
$sub[$sec2]['subtype'] = 'nolink';
$sub[$sec2]['refr'] = 0;
$sub[$sec2]['subsecs'] = [
'operation/incidents/incident_detail',
'operation/integria_incidents',
];
$temp_sec2 = $sec2;
$sec2 = 'incident';
$sec2sub = 'operation/incidents/incident_statistics';
$sub[$sec2]['text'] = __('Incidents');
$sub[$sec2]['id'] = 'Incidents';
$sub[$sec2]['type'] = 'direct';
$sub[$sec2]['subtype'] = 'nolink';
$sub[$sec2]['refr'] = 0;
$sub[$sec2]['subsecs'] = [
'operation/incidents/incident_detail',
'operation/integria_incidents',
];
$sub2 = [];
$sub2[$sec2sub]['text'] = __('Integria IMS statistics');
$sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
$sub2 = [];
$sub2[$sec2sub]['text'] = __('Integria IMS statistics');
$sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
$sub[$sec2]['sub2'] = $sub2;
$sec2 = $temp_sec2;
}
$sub[$sec2]['sub2'] = $sub2;
$sec2 = $temp_sec2;
// Messages.

2
pandora_console/operation/netflow/nf_live_view.php
View File

@ -370,7 +370,7 @@ if (is_metaconsole()) {
).'</td>';
$own_info = get_user_info($config['id_user']);
echo '<td><span id="filter_group_color"><b>'.__('Group').'</b></span></td>';
echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'IW', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'AR', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
echo '</tr>';
$advanced_toggle = '<table class="w100p">';

2
pandora_console/operation/search_graphs.getdata.php
View File

@ -16,7 +16,7 @@ global $config;
require_once 'include/functions_custom_graphs.php';
// Check ACL
$searchGraphs = check_acl($config['id_user'], 0, 'IR');
$searchGraphs = check_acl($config['id_user'], 0, 'RR');
$graphs = false;

2
pandora_console/operation/search_graphs.php
View File

@ -15,7 +15,7 @@ global $config;
require_once 'include/functions_custom_graphs.php';
$searchGraphs = check_acl($config['id_user'], 0, 'IR');
$searchGraphs = check_acl($config['id_user'], 0, 'RR');
if ($graphs === false || !$searchGraphs) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";

2
pandora_console/operation/search_helps.php
View File

@ -13,8 +13,6 @@
// GNU General Public License for more details.
global $config;
$totalHelps = check_acl($config['id_user'], 0, 'IR');
if ($helps === false || !$searchHelps) {
echo "<br><div class='nf'>".__('Zero results found.').sprintf(
__('You can find more help in the <a class="underline" href="%s">wiki</a>'),

2
pandora_console/operation/search_maps.getdata.php
View File

@ -13,7 +13,7 @@
// GNU General Public License for more details.
global $config;
$searchMaps = check_acl($config['id_user'], 0, 'IR');
$searchMaps = check_acl($config['id_user'], 0, 'VR');
$maps = false;
$totalMaps = 0;

2
pandora_console/operation/search_maps.php
View File

@ -13,7 +13,7 @@
// GNU General Public License for more details.
global $config;
$searchMaps = check_acl($config['id_user'], 0, 'IR');
$searchMaps = check_acl($config['id_user'], 0, 'VR');
if ($maps === false || !$searchMaps) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";

4
pandora_console/operation/search_reports.php
View File

@ -19,9 +19,7 @@ require_once 'include/functions_reports.php';
$linkReport = false;
$searchReports = check_acl($config['id_user'], 0, 'RR');
if (check_acl($config['id_user'], 0, 'IW')) {
$linkReport = true;
}
$linkReport = true;
if ($reports === false || !$searchReports) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";

3
pandora_console/operation/search_results.php
View File

@ -19,7 +19,8 @@ enterprise_include('operation/reporting/custom_reporting.php');
$searchAgents = $searchAlerts = $searchModules = check_acl($config['id_user'], 0, 'AR');
$searchUsers = $searchPolicies = check_acl($config['id_user'], 0, 'AR');
$searchMaps = $searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'IR');
$searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'RR');
$searchMaps = check_acl($config['id_user'], 0, 'VR');
$searchMain = true;
$searchHelps = true;

87
pandora_console/operation/snmpconsole/snmp_view.php
View File

@ -133,10 +133,10 @@ if ($config['pure']) {
// OPERATIONS
// Delete SNMP Trap entry Event (only incident management access).
// Delete SNMP Trap entry Event.
if (isset($_GET['delete'])) {
$id_trap = (int) get_parameter_get('delete', 0);
if ($id_trap > 0 && check_acl($config['id_user'], 0, 'IM')) {
if ($id_trap > 0) {
if ($group_by) {
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$id_trap.')
AND source IN (SELECT source FROM ttrap WHERE id_trap = '.$id_trap.')';
@ -156,42 +156,30 @@ if (isset($_GET['delete'])) {
__('Could not be deleted')
);
}
} else {
db_pandora_audit(
'ACL Violation',
'Trying to delete SNMP event ID #'.$id_trap
);
}
}
// Check Event (only incident write access).
// Check Event.
if (isset($_GET['check'])) {
$id_trap = (int) get_parameter_get('check', 0);
if (check_acl($config['id_user'], 0, 'IW')) {
$values = [
'status' => 1,
'id_usuario' => $config['id_user'],
];
$result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
$values = [
'status' => 1,
'id_usuario' => $config['id_user'],
];
$result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
ui_print_result_message(
$result,
__('Successfully updated'),
__('Could not be updated')
);
} else {
db_pandora_audit(
'ACL Violation',
'Trying to checkout SNMP Trap ID'.$id_trap
);
}
ui_print_result_message(
$result,
__('Successfully updated'),
__('Could not be updated')
);
}
// Mass-process DELETE.
if (isset($_POST['deletebt'])) {
$trap_ids = get_parameter_post('snmptrapid', []);
if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
if (is_array($trap_ids)) {
if ($group_by) {
foreach ($trap_ids as $key => $value) {
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$value.')
@ -210,28 +198,18 @@ if (isset($_POST['deletebt'])) {
enterprise_hook('snmp_update_forwarded_modules', [$forward_info]);
}
}
} else {
db_pandora_audit(
'ACL Violation',
'Trying to mass-delete SNMP Trap ID'
);
}
}
// Mass-process UPDATE.
if (isset($_POST['updatebt'])) {
$trap_ids = get_parameter_post('snmptrapid', []);
if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
if (is_array($trap_ids)) {
foreach ($trap_ids as $id_trap) {
$sql = sprintf("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config['id_user'], $id_trap);
db_process_sql($sql);
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
}
} else {
db_pandora_audit(
'ACL Violation',
'Trying to mass-delete SNMP Trap ID'
);
}
}
@ -1025,7 +1003,7 @@ if ($traps !== false) {
// Actions.
$data[8] = '';
if (empty($trap['status']) && check_acl($config['id_user'], 0, 'IW')) {
if (empty($trap['status'])) {
$data[8] .= '<a href="'.$urlPagination.'&check='.$trap['id_trap'].'">'.html_print_image('images/ok.png', true, ['border' => '0', 'title' => __('Validate')]).'</a> ';
}
@ -1045,17 +1023,15 @@ if ($traps !== false) {
} else {
$agent_trap_group = db_get_value('id_grupo', 'tagente', 'nombre', $trap['source']);
if ((check_acl($config['id_user'], $agent_trap_group, 'IM'))) {
$data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
'images/cross.png',
true,
[
'border' => '0',
'title' => __('Delete'),
'class' => 'invert_filter',
]
).'</a> ';
}
$data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
'images/cross.png',
true,
[
'border' => '0',
'title' => __('Delete'),
'class' => 'invert_filter',
]
).'</a> ';
}
$data[8] .= '<a href="javascript: toggleVisibleExtendedInfo('.$trap['id_trap'].');">'.html_print_image(
@ -1217,14 +1193,11 @@ if ($idx == 0) {
unset($table);
echo '<div class="w98p right">';
if (check_acl($config['id_user'], 0, 'IW')) {
html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
}
if (check_acl($config['id_user'], 0, 'IM')) {
echo '&nbsp;';
html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
}
html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
echo '&nbsp;';
html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
echo '</div></form>';

3
pandora_console/pandoradb.sql
View File

@ -1049,9 +1049,6 @@ CREATE TABLE IF NOT EXISTS `torigen` (
CREATE TABLE IF NOT EXISTS `tperfil` (
`id_perfil` int(10) unsigned NOT NULL auto_increment,
`name` TEXT NOT NULL,
`incident_edit` tinyint(1) NOT NULL DEFAULT 0,
`incident_view` tinyint(1) NOT NULL DEFAULT 0,
`incident_management` tinyint(1) NOT NULL DEFAULT 0,
`agent_view` tinyint(1) NOT NULL DEFAULT 0,
`agent_edit` tinyint(1) NOT NULL DEFAULT 0,
`alert_edit` tinyint(1) NOT NULL DEFAULT 0,

28
pandora_server/util/pandora_manage.pl
View File

@ -192,8 +192,8 @@ sub help_screen{
help_screen_line('--add_profile', '<user_name> <profile_name> <group_name>', 'Add perfil to user');
help_screen_line('--delete_profile', '<user_name> <profile_name> <group_name>', 'Delete perfil from user');
help_screen_line('--add_profile_to_user', '<user_id> <profile_name> [<group_name>]', 'Add a profile in group to a user');
help_screen_line('--create_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
help_screen_line('--update_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
help_screen_line('--create_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
help_screen_line('--update_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
help_screen_line('--disable_eacl', '', 'Disable enterprise ACL system');
help_screen_line('--enable_eacl', '', 'Enable enterprise ACL system');
help_screen_line('--disable_double_auth', '<user_name>', 'Disable the double authentication for the specified user');
@ -563,14 +563,14 @@ sub pandora_create_user_profile ($$$$) {
##########################################################################
## Create profile.
##########################################################################
sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,incident_view,incident_edit,incident_management,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
safe_input($profile_name), $incident_view,$incident_edit, $incident_management, $agent_view,
return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
safe_input($profile_name), $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
@ -579,14 +579,14 @@ sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
##########################################################################
#### Update profile.
###########################################################################
sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
return db_update ($dbh, 'UPDATE tperfil SET incident_view = ?, incident_edit = ?, incident_management = ?, agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
$incident_view,$incident_edit, $incident_management, $agent_view,
return db_update ($dbh, 'UPDATE tperfil SET agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
$agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management, safe_input($profile_name));
@ -4008,7 +4008,7 @@ sub cli_add_profile() {
##############################################################################
sub cli_create_profile() {
my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
my ($profile_name,$agent_view,
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
@ -4016,7 +4016,7 @@ sub cli_create_profile() {
my $id_profile = get_profile_id($dbh,$profile_name);
non_exist_check($id_profile,'profile',$profile_name);
pandora_create_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
pandora_create_profile ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
@ -4028,7 +4028,7 @@ sub cli_create_profile() {
##############################################################################
#
sub cli_update_profile() {
my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
my ($profile_name,$agent_view,
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
@ -4036,7 +4036,7 @@ sub cli_update_profile() {
my $id_profile = get_profile_id($dbh,$profile_name);
exist_check($id_profile,'profile',$profile_name);
pandora_update_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
pandora_update_profile ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);