diff --git a/pandora_console/extras/mr/47.sql b/pandora_console/extras/mr/47.sql
index 99597d995f..ff25ad522f 100644
--- a/pandora_console/extras/mr/47.sql
+++ b/pandora_console/extras/mr/47.sql
@@ -2,5 +2,8 @@ START TRANSACTION;
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_user` VARCHAR(60);
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_pass` VARCHAR(45);
+ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
+ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
+ALTER TABLE `tperfil` DROP COLUMN `incident_management`;
COMMIT;
diff --git a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
index b8242b07e8..801327f212 100644
--- a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
+++ b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
@@ -4027,3 +4027,6 @@ DELETE FROM `tconfig` WHERE `token` = 'ipam_installed';
DELETE FROM `tconfig` WHERE `token` = 'ipam_recon_script_id';
+ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
+ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
+ALTER TABLE `tperfil` DROP COLUMN `incident_management`;
\ No newline at end of file
diff --git a/pandora_console/general/main_menu.php b/pandora_console/general/main_menu.php
index 9a5e4168b4..5a45058c58 100644
--- a/pandora_console/general/main_menu.php
+++ b/pandora_console/general/main_menu.php
@@ -88,7 +88,6 @@ if (check_acl($config['id_user'], 0, 'AW')
|| check_acl($config['id_user'], 0, 'LM')
|| check_acl($config['id_user'], 0, 'UM')
|| check_acl($config['id_user'], 0, 'LW')
- || check_acl($config['id_user'], 0, 'IW')
|| check_acl($config['id_user'], 0, 'EW')
|| check_acl($config['id_user'], 0, 'DW')
) {
diff --git a/pandora_console/godmode/agentes/agent_incidents.php b/pandora_console/godmode/agentes/agent_incidents.php
index c92dca6fab..3917c2f81a 100644
--- a/pandora_console/godmode/agentes/agent_incidents.php
+++ b/pandora_console/godmode/agentes/agent_incidents.php
@@ -39,7 +39,7 @@ $offset = (int) get_parameter('offset', 0);
// See if id_agente is set (either POST or GET, otherwise -1
$id_agent = (int) get_parameter('id_agente');
-$groups = users_get_groups($config['id_user'], 'IR');
+$groups = users_get_groups($config['id_user'], 'AR');
$filter = ' AND id_agent = '.$id_agent;
$url = 'index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=incident&id_agente='.$id_agent;
diff --git a/pandora_console/godmode/gis_maps/configure_gis_map.php b/pandora_console/godmode/gis_maps/configure_gis_map.php
index 5b68afaf37..4c921525e6 100644
--- a/pandora_console/godmode/gis_maps/configure_gis_map.php
+++ b/pandora_console/godmode/gis_maps/configure_gis_map.php
@@ -15,7 +15,7 @@ global $config;
check_login();
-$gis_w = check_acl($config['id_user'], 0, 'MW');
+$gis_w = check_acl($config['id_user'], 0, 'MW', false, true, true);
$gis_m = check_acl($config['id_user'], 0, 'MM');
$access = ($gis_w == true) ? 'MW' : (($gis_m == true) ? 'MM' : 'MW');
@@ -490,7 +490,7 @@ if (users_can_manage_group_all('MM') === true) {
$table->data[2][0] = __('Group');
$table->data[2][1] = html_print_select_groups(
false,
- 'IW',
+ 'AR',
$return_all_group,
'map_group_id',
$map_group_id,
diff --git a/pandora_console/godmode/netflow/nf_item_list.php b/pandora_console/godmode/netflow/nf_item_list.php
index 558cbb339c..d7a267aed6 100644
--- a/pandora_console/godmode/netflow/nf_item_list.php
+++ b/pandora_console/godmode/netflow/nf_item_list.php
@@ -20,15 +20,6 @@ require_once $config['homedir'].'/include/functions_html.php';
check_login();
-if (! check_acl($config['id_user'], 0, 'IW')) {
- db_pandora_audit(
- 'ACL Violation',
- 'Trying to access event viewer'
- );
- include 'general/noaccess.php';
- return;
-}
-
// id report
$id = (int) get_parameter('id');
diff --git a/pandora_console/godmode/setup/setup_netflow.php b/pandora_console/godmode/setup/setup_netflow.php
index 33ceb5295f..47d93790b4 100644
--- a/pandora_console/godmode/setup/setup_netflow.php
+++ b/pandora_console/godmode/setup/setup_netflow.php
@@ -24,15 +24,6 @@ require_once 'include/functions_ui.php';
check_login();
-if (! check_acl($config['id_user'], 0, 'IR')) {
- db_pandora_audit(
- 'ACL Violation',
- 'Trying to access netflow setup'
- );
- include 'general/noaccess.php';
- return;
-}
-
$update = (bool) get_parameter('update');
$table->width = '100%';
diff --git a/pandora_console/godmode/users/configure_profile.php b/pandora_console/godmode/users/configure_profile.php
index e41be191ea..44ef0e6a1e 100644
--- a/pandora_console/godmode/users/configure_profile.php
+++ b/pandora_console/godmode/users/configure_profile.php
@@ -85,11 +85,6 @@ if ($id_profile || $new_profile) {
// Name
$name = '';
- // Incidents
- $incident_view = 0;
- $incident_edit = 0;
- $incident_management = 0;
-
// Agents
$agent_view = 0;
$agent_edit = 0;
@@ -148,11 +143,6 @@ if ($id_profile || $new_profile) {
// Name
$name = $profile['name'];
- // Incidents
- $incident_view = (bool) $profile['incident_view'];
- $incident_edit = (bool) $profile['incident_edit'];
- $incident_management = (bool) $profile['incident_management'];
-
// Agents
$agent_view = (bool) $profile['agent_view'];
$agent_edit = (bool) $profile['agent_edit'];
@@ -197,7 +187,7 @@ if ($id_profile || $new_profile) {
);
enterprise_include_once('include/functions_audit.php');
- $info = 'Name: '.$name.' Incident view: '.$incident_view.' Incident edit: '.$incident_edit.' Incident management: '.$incident_management.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
+ $info = 'Name: '.$name.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
enterprise_hook('audit_pandora_enterprise', [$id_audit, $info]);
@@ -319,21 +309,6 @@ if ($id_profile || $new_profile) {
$table->data['VM'] = $row;
$table->data[] = '
';
- // Incidents
- $row = [];
- $row['name'] = __('View incidents');
- $row['input'] = html_print_checkbox('incident_view', 1, $incident_view, true);
- $table->data['IR'] = $row;
- $row = [];
- $row['name'] = __('Edit incidents');
- $row['input'] = html_print_checkbox('incident_edit', 1, $incident_edit, true, false, 'autoclick_profile_users(\'incident_edit\', \'incident_view\', \'false\')');
- $table->data['IW'] = $row;
- $row = [];
- $row['name'] = __('Manage incidents');
- $row['input'] = html_print_checkbox('incident_management', 1, $incident_management, true, false, 'autoclick_profile_users(\'incident_management\', \'incident_view\', \'incident_edit\');');
- $table->data['IM'] = $row;
- $table->data[] = '
';
-
$disable_option = 'javascript: return false;';
if (check_acl($config['id_user'], 0, 'PM') || users_is_admin()) {
$disable_option = '';
diff --git a/pandora_console/godmode/users/profile_list.php b/pandora_console/godmode/users/profile_list.php
index bd66475968..81973f6df7 100644
--- a/pandora_console/godmode/users/profile_list.php
+++ b/pandora_console/godmode/users/profile_list.php
@@ -107,11 +107,6 @@ if ($delete_profile) {
if ($create_profile || $update_profile) {
$name = get_parameter('name');
- // Incidents
- $incident_view = (bool) get_parameter('incident_view');
- $incident_edit = (bool) get_parameter('incident_edit');
- $incident_management = (bool) get_parameter('incident_management');
-
// Agents
$agent_view = (bool) get_parameter('agent_view');
$agent_edit = (bool) get_parameter('agent_edit');
@@ -152,9 +147,6 @@ if ($create_profile || $update_profile) {
$values = [
'name' => $name,
- 'incident_view' => $incident_view,
- 'incident_edit' => $incident_edit,
- 'incident_management' => $incident_management,
'agent_view' => $agent_view,
'agent_edit' => $agent_edit,
'agent_disable' => $agent_disable,
@@ -183,10 +175,7 @@ if ($update_profile) {
if ($name) {
$ret = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
if ($ret !== false) {
- $info = '{"Name":"'.$incident_view.'",
- "Incident view":"'.$incident_view.'",
- "Incident edit":"'.$incident_edit.'",
- "Incident management":"'.$incident_management.'",
+ $info = '{"Name":"'.$name.'",
"Agent view":"'.$agent_view.'",
"Agent edit":"'.$agent_edit.'",
"Agent disable":"'.$agent_disable.'",
@@ -234,10 +223,7 @@ if ($create_profile) {
if ($ret !== false) {
ui_print_success_message(__('Successfully created'));
- $info = '{"Name":"'.$incident_view.'",
- "Incident view":"'.$incident_view.'",
- "Incident edit":"'.$incident_edit.'",
- "Incident management":"'.$incident_management.'",
+ $info = '{"Name":"'.$name.'",
"Agent view":"'.$agent_view.'",
"Agent edit":"'.$agent_edit.'",
"Agent disable":"'.$agent_disable.'",
@@ -289,9 +275,6 @@ $table->align = [];
$table->head['profiles'] = __('Profiles');
-$table->head['IR'] = 'IR';
-$table->head['IW'] = 'IW';
-$table->head['IM'] = 'IM';
$table->head['AR'] = 'AR';
$table->head['AW'] = 'AW';
$table->head['AD'] = 'AD';
@@ -317,9 +300,6 @@ $table->head['operations'] = ''.__('Op.').'';
$table->align = array_fill(1, 11, 'center');
$table->size['profiles'] = '200px';
-$table->size['IR'] = '10px';
-$table->size['IW'] = '10px';
-$table->size['IM'] = '10px';
$table->size['AR'] = '10px';
$table->size['AW'] = '10px';
$table->size['AD'] = '10px';
@@ -358,9 +338,6 @@ $img = html_print_image(
foreach ($profiles as $profile) {
$data['profiles'] = ''.$profile['name'].'';
- $data['IR'] = ($profile['incident_view'] ? $img : '');
- $data['IW'] = ($profile['incident_edit'] ? $img : '');
- $data['IM'] = ($profile['incident_management'] ? $img : '');
$data['AR'] = ($profile['agent_view'] ? $img : '');
$data['AW'] = ($profile['agent_edit'] ? $img : '');
$data['AD'] = ($profile['agent_disable'] ? $img : '');
diff --git a/pandora_console/include/class/NetworkMap.class.php b/pandora_console/include/class/NetworkMap.class.php
index 1298fe1ef1..c953b74dec 100644
--- a/pandora_console/include/class/NetworkMap.class.php
+++ b/pandora_console/include/class/NetworkMap.class.php
@@ -3207,7 +3207,7 @@ class NetworkMap
$table->data[0][0] = __('Group');
$table->data[0][1] = html_print_select_groups(
false,
- 'IW',
+ 'AR',
false,
'group_for_show_agents',
-1,
diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php
index 32312238ce..20d7422053 100644
--- a/pandora_console/include/functions.php
+++ b/pandora_console/include/functions.php
@@ -2281,9 +2281,6 @@ function check_login($output=true)
* Check access privileges to resources
*
* Access can be:
- * IR - Incident/report Read
- * IW - Incident/report Write
- * IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
@@ -2374,9 +2371,6 @@ function check_acl_one_of_groups($id_user, $groups, $access, $cache=true)
* Check access privileges to resources (write or management is not allowed for 'all' group )
*
* Access can be:
- * IR - Incident/report Read
- * IW - Incident/report Write
- * IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
@@ -2445,18 +2439,6 @@ function check_acl_restricted_all($id_user, $id_group, $access, $onlyOneGroup=fa
function get_acl_column($access)
{
switch ($access) {
- case 'IR':
- return 'incident_view';
-
- break;
- case 'IW':
- return 'incident_edit';
-
- break;
- case 'IM':
- return 'incident_management';
-
- break;
case 'AR':
return 'agent_view';
@@ -2552,10 +2534,7 @@ function get_users_acl($id_user)
$rowdup = $users_acl_cache[$id_user];
} else {
$query = sprintf(
- "SELECT sum(tperfil.incident_view) as incident_view,
- sum(tperfil.incident_edit) as incident_edit,
- sum(tperfil.incident_management) as incident_management,
- sum(tperfil.agent_view) as agent_view,
+ "SELECT sum(tperfil.agent_view) as agent_view,
sum(tperfil.agent_edit) as agent_edit,
sum(tperfil.alert_edit) as alert_edit,
sum(tperfil.alert_management) as alert_management,
diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php
index de094fabad..0fd46701b4 100644
--- a/pandora_console/include/functions_api.php
+++ b/pandora_console/include/functions_api.php
@@ -486,7 +486,7 @@ function api_get_groups($thrash1, $thrash2, $other, $returnType, $user_in_db)
$returnAllColumns = ( $other['data'][2] == '1' ? true : false);
}
- $groups = users_get_groups($user_in_db, 'IR', $returnAllGroup, $returnAllColumns);
+ $groups = users_get_groups($user_in_db, 'AR', $returnAllGroup, $returnAllColumns);
$data_groups = [];
foreach ($groups as $id => $group) {
@@ -11358,9 +11358,6 @@ function api_get_user_profiles_info($thrash1, $thrash2, $thrash3, $returnType)
[
'id_perfil',
'name',
- 'incident_view as IR',
- 'incident_edit as IW',
- 'incident_management as IM',
'agent_view as AR',
'agent_edit as AW',
'agent_disable as AD',
@@ -11413,29 +11410,26 @@ function api_set_create_user_profile_info($thrash1, $thrash2, $other, $returnTyp
$values = [
'name' => (string) $other['data'][0],
- 'incident_view' => (bool) $other['data'][1] ? 1 : 0,
- 'incident_edit' => (bool) $other['data'][2] ? 1 : 0,
- 'incident_management' => (bool) $other['data'][3] ? 1 : 0,
- 'agent_view' => (bool) $other['data'][4] ? 1 : 0,
- 'agent_edit' => (bool) $other['data'][5] ? 1 : 0,
- 'agent_disable' => (bool) $other['data'][6] ? 1 : 0,
- 'alert_edit' => (bool) $other['data'][7] ? 1 : 0,
- 'alert_management' => (bool) $other['data'][8] ? 1 : 0,
- 'user_management' => (bool) $other['data'][9] ? 1 : 0,
- 'db_management' => (bool) $other['data'][10] ? 1 : 0,
- 'event_view' => (bool) $other['data'][11] ? 1 : 0,
- 'event_edit' => (bool) $other['data'][12] ? 1 : 0,
- 'event_management' => (bool) $other['data'][13] ? 1 : 0,
- 'report_view' => (bool) $other['data'][14] ? 1 : 0,
- 'report_edit' => (bool) $other['data'][15] ? 1 : 0,
- 'report_management' => (bool) $other['data'][16] ? 1 : 0,
- 'map_view' => (bool) $other['data'][17] ? 1 : 0,
- 'map_edit' => (bool) $other['data'][18] ? 1 : 0,
- 'map_management' => (bool) $other['data'][19] ? 1 : 0,
- 'vconsole_view' => (bool) $other['data'][20] ? 1 : 0,
- 'vconsole_edit' => (bool) $other['data'][21] ? 1 : 0,
- 'vconsole_management' => (bool) $other['data'][22] ? 1 : 0,
- 'pandora_management' => (bool) $other['data'][23] ? 1 : 0,
+ 'agent_view' => (bool) $other['data'][1] ? 1 : 0,
+ 'agent_edit' => (bool) $other['data'][2] ? 1 : 0,
+ 'agent_disable' => (bool) $other['data'][3] ? 1 : 0,
+ 'alert_edit' => (bool) $other['data'][4] ? 1 : 0,
+ 'alert_management' => (bool) $other['data'][5] ? 1 : 0,
+ 'user_management' => (bool) $other['data'][6] ? 1 : 0,
+ 'db_management' => (bool) $other['data'][7] ? 1 : 0,
+ 'event_view' => (bool) $other['data'][8] ? 1 : 0,
+ 'event_edit' => (bool) $other['data'][9] ? 1 : 0,
+ 'event_management' => (bool) $other['data'][10] ? 1 : 0,
+ 'report_view' => (bool) $other['data'][11] ? 1 : 0,
+ 'report_edit' => (bool) $other['data'][12] ? 1 : 0,
+ 'report_management' => (bool) $other['data'][13] ? 1 : 0,
+ 'map_view' => (bool) $other['data'][14] ? 1 : 0,
+ 'map_edit' => (bool) $other['data'][15] ? 1 : 0,
+ 'map_management' => (bool) $other['data'][16] ? 1 : 0,
+ 'vconsole_view' => (bool) $other['data'][17] ? 1 : 0,
+ 'vconsole_edit' => (bool) $other['data'][18] ? 1 : 0,
+ 'vconsole_management' => (bool) $other['data'][19] ? 1 : 0,
+ 'pandora_management' => (bool) $other['data'][20] ? 1 : 0,
];
$return = db_process_sql_insert('tperfil', $values);
@@ -11475,29 +11469,26 @@ function api_set_update_user_profile_info($id_profile, $thrash1, $other, $return
$values = [
'name' => $other['data'][0] == '' ? $profile['name'] : (string) $other['data'][0],
- 'incident_view' => $other['data'][1] == '' ? $profile['incident_view'] : (bool) $other['data'][1] ? 1 : 0,
- 'incident_edit' => $other['data'][2] == '' ? $profile['incident_edit'] : (bool) $other['data'][2] ? 1 : 0,
- 'incident_management' => $other['data'][3] == '' ? $profile['incident_management'] : (bool) $other['data'][3] ? 1 : 0,
- 'agent_view' => $other['data'][4] == '' ? $profile['agent_view'] : (bool) $other['data'][4] ? 1 : 0,
- 'agent_edit' => $other['data'][5] == '' ? $profile['agent_edit'] : (bool) $other['data'][5] ? 1 : 0,
- 'agent_disable' => $other['data'][6] == '' ? $profile['agent_disable'] : (bool) $other['data'][6] ? 1 : 0,
- 'alert_edit' => $other['data'][7] == '' ? $profile['alert_edit'] : (bool) $other['data'][7] ? 1 : 0,
- 'alert_management' => $other['data'][8] == '' ? $profile['alert_management'] : (bool) $other['data'][8] ? 1 : 0,
- 'user_management' => $other['data'][9] == '' ? $profile['user_management'] : (bool) $other['data'][9] ? 1 : 0,
- 'db_management' => $other['data'][10] == '' ? $profile['db_management'] : (bool) $other['data'][10] ? 1 : 0,
- 'event_view' => $other['data'][11] == '' ? $profile['event_view'] : (bool) $other['data'][11] ? 1 : 0,
- 'event_edit' => $other['data'][12] == '' ? $profile['event_edit'] : (bool) $other['data'][12] ? 1 : 0,
- 'event_management' => $other['data'][13] == '' ? $profile['event_management'] : (bool) $other['data'][13] ? 1 : 0,
- 'report_view' => $other['data'][14] == '' ? $profile['report_view'] : (bool) $other['data'][14] ? 1 : 0,
- 'report_edit' => $other['data'][15] == '' ? $profile['report_edit'] : (bool) $other['data'][15] ? 1 : 0,
- 'report_management' => $other['data'][16] == '' ? $profile['report_management'] : (bool) $other['data'][16] ? 1 : 0,
- 'map_view' => $other['data'][17] == '' ? $profile['map_view'] : (bool) $other['data'][17] ? 1 : 0,
- 'map_edit' => $other['data'][18] == '' ? $profile['map_edit'] : (bool) $other['data'][18] ? 1 : 0,
- 'map_management' => $other['data'][19] == '' ? $profile['map_management'] : (bool) $other['data'][19] ? 1 : 0,
- 'vconsole_view' => $other['data'][20] == '' ? $profile['vconsole_view'] : (bool) $other['data'][20] ? 1 : 0,
- 'vconsole_edit' => $other['data'][21] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][21] ? 1 : 0,
- 'vconsole_management' => $other['data'][22] == '' ? $profile['vconsole_management'] : (bool) $other['data'][22] ? 1 : 0,
- 'pandora_management' => $other['data'][23] == '' ? $profile['pandora_management'] : (bool) $other['data'][23] ? 1 : 0,
+ 'agent_view' => $other['data'][1] == '' ? $profile['agent_view'] : (bool) $other['data'][1] ? 1 : 0,
+ 'agent_edit' => $other['data'][2] == '' ? $profile['agent_edit'] : (bool) $other['data'][2] ? 1 : 0,
+ 'agent_disable' => $other['data'][3] == '' ? $profile['agent_disable'] : (bool) $other['data'][3] ? 1 : 0,
+ 'alert_edit' => $other['data'][4] == '' ? $profile['alert_edit'] : (bool) $other['data'][4] ? 1 : 0,
+ 'alert_management' => $other['data'][5] == '' ? $profile['alert_management'] : (bool) $other['data'][5] ? 1 : 0,
+ 'user_management' => $other['data'][6] == '' ? $profile['user_management'] : (bool) $other['data'][6] ? 1 : 0,
+ 'db_management' => $other['data'][7] == '' ? $profile['db_management'] : (bool) $other['data'][7] ? 1 : 0,
+ 'event_view' => $other['data'][8] == '' ? $profile['event_view'] : (bool) $other['data'][8] ? 1 : 0,
+ 'event_edit' => $other['data'][9] == '' ? $profile['event_edit'] : (bool) $other['data'][9] ? 1 : 0,
+ 'event_management' => $other['data'][10] == '' ? $profile['event_management'] : (bool) $other['data'][10] ? 1 : 0,
+ 'report_view' => $other['data'][11] == '' ? $profile['report_view'] : (bool) $other['data'][11] ? 1 : 0,
+ 'report_edit' => $other['data'][12] == '' ? $profile['report_edit'] : (bool) $other['data'][12] ? 1 : 0,
+ 'report_management' => $other['data'][13] == '' ? $profile['report_management'] : (bool) $other['data'][13] ? 1 : 0,
+ 'map_view' => $other['data'][14] == '' ? $profile['map_view'] : (bool) $other['data'][14] ? 1 : 0,
+ 'map_edit' => $other['data'][15] == '' ? $profile['map_edit'] : (bool) $other['data'][15] ? 1 : 0,
+ 'map_management' => $other['data'][16] == '' ? $profile['map_management'] : (bool) $other['data'][16] ? 1 : 0,
+ 'vconsole_view' => $other['data'][17] == '' ? $profile['vconsole_view'] : (bool) $other['data'][17] ? 1 : 0,
+ 'vconsole_edit' => $other['data'][18] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][18] ? 1 : 0,
+ 'vconsole_management' => $other['data'][19] == '' ? $profile['vconsole_management'] : (bool) $other['data'][19] ? 1 : 0,
+ 'pandora_management' => $other['data'][20] == '' ? $profile['pandora_management'] : (bool) $other['data'][20] ? 1 : 0,
];
$return = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
@@ -11545,101 +11536,6 @@ function api_set_delete_user_profile_info($id_profile, $thrash1, $thrash2, $retu
}
-/**
- * Create new incident in Pandora.
- *
- * @param $thrash1 Don't use.
- * @param $thrash2 Don't use.
- * @param array $other it's array, $other as param is ;<description>;
- * <origin>;<priority>;<state>;<group> in this order and separator char
- * (after text ; ) and separator (pass in param othermode as
- * othermode=url_encode_separator_<separator>)
- * example:
- *
- * api.php?op=set&op2=new_incident&other=titulo|descripcion%20texto|Logfiles|2|10|12&other_mode=url_encode_separator_|
- *
- * @param $thrash3 Don't use.
- */
-function api_set_new_incident($thrash1, $thrash2, $other, $thrash3)
-{
- global $config;
-
- if (defined('METACONSOLE')) {
- return;
- }
-
- if (!check_acl($config['id_user'], 0, 'IW')) {
- returnError('forbidden', 'string');
- return;
- }
-
- $title = $other['data'][0];
- $description = $other['data'][1];
- $origin = $other['data'][2];
- $priority = $other['data'][3];
- $id_creator = 'API';
- $state = $other['data'][4];
- $group = $other['data'][5];
-
- $values = [
- 'inicio' => 'NOW()',
- 'actualizacion' => 'NOW()',
- 'titulo' => $title,
- 'descripcion' => $description,
- 'id_usuario' => 'API',
- 'origen' => $origin,
- 'estado' => $state,
- 'prioridad' => $priority,
- 'id_grupo' => $group,
- 'id_creator' => $id_creator,
- ];
- $idIncident = db_process_sql_insert('tincidencia', $values);
-
- if ($idIncident === false) {
- returnError('A new incident could not be created.');
- } else {
- returnData('string', ['type' => 'string', 'data' => $idIncident]);
- }
-}
-
-
-/**
- * Add note into a incident.
- *
- * @param $id string Username author of note.
- * @param $id2 integer ID of incident.
- * @param $other string Note.
- * @param $thrash2 Don't use.
- */
-function api_set_new_note_incident($id, $id2, $other, $thrash2)
-{
- global $config;
-
- if (defined('METACONSOLE')) {
- return;
- }
-
- if (!check_acl($config['id_user'], 0, 'IW')) {
- returnError('forbidden', 'string');
- return;
- }
-
- $values = [
- 'id_usuario' => $id,
- 'id_incident' => $id2,
- 'nota' => $other['data'],
- ];
-
- $idNote = db_process_sql_insert('tnota', $values);
-
- if ($idNote === false) {
- returnError('A new incident could not be created+.');
- } else {
- returnData('string', ['type' => 'string', 'data' => $idNote]);
- }
-}
-
-
/**
* Disable a module, given agent and module name.
*
diff --git a/pandora_console/include/functions_integriaims.php b/pandora_console/include/functions_integriaims.php
index fd7e1b7c7c..e7463db933 100644
--- a/pandora_console/include/functions_integriaims.php
+++ b/pandora_console/include/functions_integriaims.php
@@ -79,22 +79,10 @@ function integriaims_tabs($active_tab, $view=false)
}
$onheader = [];
-
- if (check_acl($config['id_user'], 0, 'IR') && $view) {
- $onheader['view'] = $view_tab;
- }
-
- if (check_acl($config['id_user'], 0, 'PM')) {
- $onheader['configure'] = $setup_tab;
- }
-
- if (check_acl($config['id_user'], 0, 'IR')) {
- $onheader['list'] = $list_tab;
- }
-
- if (check_acl($config['id_user'], 0, 'IW')) {
- $onheader['create'] = $create_tab;
- }
+ $onheader['view'] = $view_tab;
+ $onheader['configure'] = $setup_tab;
+ $onheader['list'] = $list_tab;
+ $onheader['create'] = $create_tab;
return $onheader;
}
diff --git a/pandora_console/include/functions_netflow.php b/pandora_console/include/functions_netflow.php
index 69d9a85cd5..cd31986a2a 100644
--- a/pandora_console/include/functions_netflow.php
+++ b/pandora_console/include/functions_netflow.php
@@ -120,7 +120,7 @@ function netflow_check_filter_group($id_sg)
$id_group = db_get_value('id_group', 'tnetflow_filter', 'id_sg', $id_sg);
$own_info = get_user_info($config['id_user']);
// Get group list that user has access.
- $groups_user = users_get_groups($config['id_user'], 'IW', $own_info['is_admin'], true);
+ $groups_user = users_get_groups($config['id_user'], 'AR', $own_info['is_admin'], true);
$groups_id = [];
$has_permission = false;
diff --git a/pandora_console/include/functions_networkmap.php b/pandora_console/include/functions_networkmap.php
index ed76a6b880..7e0a467041 100644
--- a/pandora_console/include/functions_networkmap.php
+++ b/pandora_console/include/functions_networkmap.php
@@ -1500,7 +1500,7 @@ function networkmap_delete_relations($id_map)
function get_networkmaps($id)
{
- $groups = array_keys(users_get_groups(null, 'IW'));
+ $groups = array_keys(users_get_groups(null, 'MW'));
$filter = [];
$filter['id_group'] = $groups;
diff --git a/pandora_console/include/functions_users.php b/pandora_console/include/functions_users.php
index 17e2d8baf0..6eb975eaff 100755
--- a/pandora_console/include/functions_users.php
+++ b/pandora_console/include/functions_users.php
@@ -235,9 +235,6 @@ function groups_combine_acl($acl_group_a, $acl_group_b)
}
$acl_list = [
- 'incident_view' => 1,
- 'incident_edit' => 1,
- 'incident_management' => 1,
'agent_view' => 1,
'agent_edit' => 1,
'agent_disable' => 1,
diff --git a/pandora_console/operation/incidents/configure_integriaims_incident.php b/pandora_console/operation/incidents/configure_integriaims_incident.php
index c86fa428da..b8eceefd81 100644
--- a/pandora_console/operation/incidents/configure_integriaims_incident.php
+++ b/pandora_console/operation/incidents/configure_integriaims_incident.php
@@ -16,13 +16,6 @@ global $config;
check_login();
-if (!(check_acl($config['id_user'], 0, 'IW') && check_acl($config['id_user'], 0, 'IR'))) {
- // Doesn't have access to this page.
- db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
- include 'general/noaccess.php';
- exit;
-}
-
require_once $config['homedir'].'/include/functions_integriaims.php';
$update = (isset($_GET['incident_id']) === true);
diff --git a/pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php b/pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
index 596a336360..03f96c4a51 100644
--- a/pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
+++ b/pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
@@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
check_login();
-if (!check_acl($config['id_user'], 0, 'IR')) {
- // Doesn't have access to this page.
- db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
- include 'general/noaccess.php';
- exit;
-}
-
// Check if Integria integration enabled.
if ($config['integria_enabled'] == 0) {
ui_print_error_message(__('In order to access ticket management system, integration with Integria IMS must be enabled and properly configured'));
@@ -124,10 +117,7 @@ $table_files->head[1] = __('Timestamp');
$table_files->head[2] = __('Description');
$table_files->head[3] = __('User');
$table_files->head[4] = __('Size');
-
-if (check_acl($config['id_user'], 0, 'IW')) {
- $table_files->head[5] = __('Delete');
-}
+$table_files->head[5] = __('Delete');
$table_files->data = [];
@@ -240,11 +230,10 @@ foreach ($files as $key => $value) {
$table_files->data[$i][2] = $value[12];
$table_files->data[$i][3] = $value[8];
$table_files->data[$i][4] = $value[13];
- if (check_acl($config['id_user'], 0, 'IW')) {
- $table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
- onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
- $table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
- }
+ $table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
+ onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
+ $table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
+
$table_files->data[$i][5] .= '</a>';
@@ -267,9 +256,7 @@ $table_files_section->data[2][0] .= '<div class="w100p right">'.html_print_submi
$upload_file_form = '<div class="w100p">';
-if (check_acl($config['id_user'], 0, 'IW')) {
- $upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
-}
+$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
$upload_file_form .= '<h4>'.__('Attached files').'</h4>'.html_print_table($table_files, true).'</form></div>';
@@ -361,9 +348,8 @@ if (!empty($comments)) {
$upload_comment_form = '<div class="w100p">';
-if (check_acl($config['id_user'], 0, 'IW')) {
- $upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
-}
+$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
+
$upload_comment_form .= '<h4>'.__('Comments').'</h4>'.$comment_table.'</div>';
diff --git a/pandora_console/operation/incidents/incident_statistics.php b/pandora_console/operation/incidents/incident_statistics.php
index af1867264f..2aa97ad46c 100755
--- a/pandora_console/operation/incidents/incident_statistics.php
+++ b/pandora_console/operation/incidents/incident_statistics.php
@@ -18,11 +18,9 @@ require_once $config['homedir'].'/include/functions_graph.php';
check_login();
-if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
- db_pandora_audit('ACL Violation', 'Trying to access Incident section');
- include 'general/noaccess.php';
- exit;
-}
+db_pandora_audit('ACL Violation', 'Trying to access Incident section');
+require 'general/noaccess.php';
+exit;
ui_print_page_header(__('Incidents').' » '.__('Statistics'), 'images/book_edit.png', false, '', false, '');
diff --git a/pandora_console/operation/incidents/integriaims_export_csv.php b/pandora_console/operation/incidents/integriaims_export_csv.php
index d4be4443d6..04e0970ab4 100644
--- a/pandora_console/operation/incidents/integriaims_export_csv.php
+++ b/pandora_console/operation/incidents/integriaims_export_csv.php
@@ -20,14 +20,6 @@ require_once '../../include/functions_integriaims.php';
check_login();
-if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
- // Doesn't have access to this page.
- db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
- include 'general/noaccess.php';
- exit;
-}
-
-
// API calls.
$status_incident = integriaims_get_details('status');
$group_incident = integriaims_get_details('group');
diff --git a/pandora_console/operation/incidents/list_integriaims_incidents.php b/pandora_console/operation/incidents/list_integriaims_incidents.php
index c6f64750f1..eadf892b04 100644
--- a/pandora_console/operation/incidents/list_integriaims_incidents.php
+++ b/pandora_console/operation/incidents/list_integriaims_incidents.php
@@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
check_login();
-if (! check_acl($config['id_user'], 0, 'IR')) {
- // Doesn't have access to this page.
- db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
- include 'general/noaccess.php';
- exit;
-}
-
// Header tabs.
$onheader = integriaims_tabs('list_tab');
ui_print_page_header(
@@ -266,9 +259,7 @@ $table->head[4] = __('Prior');
$table->head[5] = __('Updated/Started');
$table->head[6] = __('Creator');
$table->head[7] = __('Owner');
-if (check_acl($config['id_user'], 0, 'IW') || check_acl($config['id_user'], 0, 'IM')) {
- $table->head[8] = '';
-}
+$table->head[8] = '';
$table->data = [];
$i = 0;
@@ -294,18 +285,14 @@ foreach ($incidents_paginated as $key => $value) {
$table->data[$i][7] = $array_get_incidents[$key][5];
$table->data[$i][8] = '';
$table->cellclass[$i][8] = 'action_buttons';
- if (check_acl($config['id_user'], 0, 'IW')) {
- $table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
- $table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
- $table->data[$i][8] .= '</a>';
- }
+ $table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
+ $table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
+ $table->data[$i][8] .= '</a>';
- if (check_acl($config['id_user'], 0, 'IM')) {
- $table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
- onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
- $table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
- $table->data[$i][8] .= '</a>';
- }
+ $table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
+ onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
+ $table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
+ $table->data[$i][8] .= '</a>';
$i++;
}
@@ -320,13 +307,11 @@ if (empty($table->data) === true) {
}
// Show button to create incident.
-if (check_acl($config['id_user'], 0, 'IR')) {
- echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
- echo '<div class="wi100p right">';
- html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
- echo '</div>';
- echo '</form>';
-}
+echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
+ echo '<div class="wi100p right">';
+ html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
+ echo '</div>';
+echo '</form>';
// Datapicker library for show calendar.
ui_require_jquery_file('ui.datepicker-'.get_user_language(), 'include/javascript/i18n/');
diff --git a/pandora_console/operation/menu.php b/pandora_console/operation/menu.php
index d43829b753..11b873e0b3 100644
--- a/pandora_console/operation/menu.php
+++ b/pandora_console/operation/menu.php
@@ -267,9 +267,9 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
- $own_groups = array_keys(users_get_groups($config['id_user'], 'IR'));
+ $own_groups = array_keys(users_get_groups($config['id_user'], 'MR'));
} else {
- $own_groups = array_keys(users_get_groups($config['id_user'], 'IR', false));
+ $own_groups = array_keys(users_get_groups($config['id_user'], 'MR', false));
}
foreach ($gisMaps as $gisMap) {
@@ -278,10 +278,6 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
continue;
}
- if (! check_acl($config['id_user'], $gisMap['group_id'], 'IR')) {
- continue;
- }
-
$sub2['operation/gis_maps/render_view&map_id='.$gisMap['id_tgis_map']]['text'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
$sub2['operation/gis_maps/render_view&map_id='.$gisMap['id_tgis_map']]['id'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
$sub2['operation/gis_maps/render_view&map_id='.$gisMap['id_tgis_map']]['title'] = io_safe_output($gisMap['map_name']);
@@ -459,30 +455,25 @@ $sub['operation/users/user_edit_notifications']['refr'] = 0;
// Incidents.
-if (check_acl($config['id_user'], 0, 'IR')
- || check_acl($config['id_user'], 0, 'IW')
- || check_acl($config['id_user'], 0, 'IM')
-) {
- $temp_sec2 = $sec2;
- $sec2 = 'incident';
- $sec2sub = 'operation/incidents/incident_statistics';
- $sub[$sec2]['text'] = __('Incidents');
- $sub[$sec2]['id'] = 'Incidents';
- $sub[$sec2]['type'] = 'direct';
- $sub[$sec2]['subtype'] = 'nolink';
- $sub[$sec2]['refr'] = 0;
- $sub[$sec2]['subsecs'] = [
- 'operation/incidents/incident_detail',
- 'operation/integria_incidents',
- ];
+$temp_sec2 = $sec2;
+$sec2 = 'incident';
+$sec2sub = 'operation/incidents/incident_statistics';
+$sub[$sec2]['text'] = __('Incidents');
+$sub[$sec2]['id'] = 'Incidents';
+$sub[$sec2]['type'] = 'direct';
+$sub[$sec2]['subtype'] = 'nolink';
+$sub[$sec2]['refr'] = 0;
+$sub[$sec2]['subsecs'] = [
+ 'operation/incidents/incident_detail',
+ 'operation/integria_incidents',
+];
- $sub2 = [];
- $sub2[$sec2sub]['text'] = __('Integria IMS statistics');
- $sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
+$sub2 = [];
+$sub2[$sec2sub]['text'] = __('Integria IMS statistics');
+$sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
- $sub[$sec2]['sub2'] = $sub2;
- $sec2 = $temp_sec2;
-}
+$sub[$sec2]['sub2'] = $sub2;
+$sec2 = $temp_sec2;
// Messages.
diff --git a/pandora_console/operation/netflow/nf_live_view.php b/pandora_console/operation/netflow/nf_live_view.php
index dae0c9457a..a27686f8a7 100644
--- a/pandora_console/operation/netflow/nf_live_view.php
+++ b/pandora_console/operation/netflow/nf_live_view.php
@@ -370,7 +370,7 @@ if (is_metaconsole()) {
).'</td>';
$own_info = get_user_info($config['id_user']);
echo '<td><span id="filter_group_color"><b>'.__('Group').'</b></span></td>';
- echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'IW', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
+ echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'AR', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
echo '</tr>';
$advanced_toggle = '<table class="w100p">';
diff --git a/pandora_console/operation/search_graphs.getdata.php b/pandora_console/operation/search_graphs.getdata.php
index 9874ef37e2..13db4c2923 100644
--- a/pandora_console/operation/search_graphs.getdata.php
+++ b/pandora_console/operation/search_graphs.getdata.php
@@ -16,7 +16,7 @@ global $config;
require_once 'include/functions_custom_graphs.php';
// Check ACL
-$searchGraphs = check_acl($config['id_user'], 0, 'IR');
+$searchGraphs = check_acl($config['id_user'], 0, 'RR');
$graphs = false;
diff --git a/pandora_console/operation/search_graphs.php b/pandora_console/operation/search_graphs.php
index 69df4e4ded..8f76f0dea8 100755
--- a/pandora_console/operation/search_graphs.php
+++ b/pandora_console/operation/search_graphs.php
@@ -15,7 +15,7 @@ global $config;
require_once 'include/functions_custom_graphs.php';
-$searchGraphs = check_acl($config['id_user'], 0, 'IR');
+$searchGraphs = check_acl($config['id_user'], 0, 'RR');
if ($graphs === false || !$searchGraphs) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";
diff --git a/pandora_console/operation/search_helps.php b/pandora_console/operation/search_helps.php
index 2433355571..b205d265ef 100644
--- a/pandora_console/operation/search_helps.php
+++ b/pandora_console/operation/search_helps.php
@@ -13,8 +13,6 @@
// GNU General Public License for more details.
global $config;
-$totalHelps = check_acl($config['id_user'], 0, 'IR');
-
if ($helps === false || !$searchHelps) {
echo "<br><div class='nf'>".__('Zero results found.').sprintf(
__('You can find more help in the <a class="underline" href="%s">wiki</a>'),
diff --git a/pandora_console/operation/search_maps.getdata.php b/pandora_console/operation/search_maps.getdata.php
index 2f8fa18a49..e96113cbb3 100644
--- a/pandora_console/operation/search_maps.getdata.php
+++ b/pandora_console/operation/search_maps.getdata.php
@@ -13,7 +13,7 @@
// GNU General Public License for more details.
global $config;
-$searchMaps = check_acl($config['id_user'], 0, 'IR');
+$searchMaps = check_acl($config['id_user'], 0, 'VR');
$maps = false;
$totalMaps = 0;
diff --git a/pandora_console/operation/search_maps.php b/pandora_console/operation/search_maps.php
index 804051f000..0ab656d9b5 100755
--- a/pandora_console/operation/search_maps.php
+++ b/pandora_console/operation/search_maps.php
@@ -13,7 +13,7 @@
// GNU General Public License for more details.
global $config;
-$searchMaps = check_acl($config['id_user'], 0, 'IR');
+$searchMaps = check_acl($config['id_user'], 0, 'VR');
if ($maps === false || !$searchMaps) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";
diff --git a/pandora_console/operation/search_reports.php b/pandora_console/operation/search_reports.php
index ee565676eb..d86b0c5446 100755
--- a/pandora_console/operation/search_reports.php
+++ b/pandora_console/operation/search_reports.php
@@ -19,9 +19,7 @@ require_once 'include/functions_reports.php';
$linkReport = false;
$searchReports = check_acl($config['id_user'], 0, 'RR');
-if (check_acl($config['id_user'], 0, 'IW')) {
- $linkReport = true;
-}
+$linkReport = true;
if ($reports === false || !$searchReports) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";
diff --git a/pandora_console/operation/search_results.php b/pandora_console/operation/search_results.php
index e1a9d078e3..5e0fa14384 100644
--- a/pandora_console/operation/search_results.php
+++ b/pandora_console/operation/search_results.php
@@ -19,7 +19,8 @@ enterprise_include('operation/reporting/custom_reporting.php');
$searchAgents = $searchAlerts = $searchModules = check_acl($config['id_user'], 0, 'AR');
$searchUsers = $searchPolicies = check_acl($config['id_user'], 0, 'AR');
-$searchMaps = $searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'IR');
+$searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'RR');
+$searchMaps = check_acl($config['id_user'], 0, 'VR');
$searchMain = true;
$searchHelps = true;
diff --git a/pandora_console/operation/snmpconsole/snmp_view.php b/pandora_console/operation/snmpconsole/snmp_view.php
index 5442f75823..1ac05621bc 100755
--- a/pandora_console/operation/snmpconsole/snmp_view.php
+++ b/pandora_console/operation/snmpconsole/snmp_view.php
@@ -133,10 +133,10 @@ if ($config['pure']) {
// OPERATIONS
-// Delete SNMP Trap entry Event (only incident management access).
+// Delete SNMP Trap entry Event.
if (isset($_GET['delete'])) {
$id_trap = (int) get_parameter_get('delete', 0);
- if ($id_trap > 0 && check_acl($config['id_user'], 0, 'IM')) {
+ if ($id_trap > 0) {
if ($group_by) {
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$id_trap.')
AND source IN (SELECT source FROM ttrap WHERE id_trap = '.$id_trap.')';
@@ -156,42 +156,30 @@ if (isset($_GET['delete'])) {
__('Could not be deleted')
);
}
- } else {
- db_pandora_audit(
- 'ACL Violation',
- 'Trying to delete SNMP event ID #'.$id_trap
- );
}
}
-// Check Event (only incident write access).
+// Check Event.
if (isset($_GET['check'])) {
$id_trap = (int) get_parameter_get('check', 0);
- if (check_acl($config['id_user'], 0, 'IW')) {
- $values = [
- 'status' => 1,
- 'id_usuario' => $config['id_user'],
- ];
- $result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
- enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
+ $values = [
+ 'status' => 1,
+ 'id_usuario' => $config['id_user'],
+ ];
+ $result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
+ enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
- ui_print_result_message(
- $result,
- __('Successfully updated'),
- __('Could not be updated')
- );
- } else {
- db_pandora_audit(
- 'ACL Violation',
- 'Trying to checkout SNMP Trap ID'.$id_trap
- );
- }
+ ui_print_result_message(
+ $result,
+ __('Successfully updated'),
+ __('Could not be updated')
+ );
}
// Mass-process DELETE.
if (isset($_POST['deletebt'])) {
$trap_ids = get_parameter_post('snmptrapid', []);
- if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
+ if (is_array($trap_ids)) {
if ($group_by) {
foreach ($trap_ids as $key => $value) {
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$value.')
@@ -210,28 +198,18 @@ if (isset($_POST['deletebt'])) {
enterprise_hook('snmp_update_forwarded_modules', [$forward_info]);
}
}
- } else {
- db_pandora_audit(
- 'ACL Violation',
- 'Trying to mass-delete SNMP Trap ID'
- );
}
}
// Mass-process UPDATE.
if (isset($_POST['updatebt'])) {
$trap_ids = get_parameter_post('snmptrapid', []);
- if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
+ if (is_array($trap_ids)) {
foreach ($trap_ids as $id_trap) {
$sql = sprintf("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config['id_user'], $id_trap);
db_process_sql($sql);
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
}
- } else {
- db_pandora_audit(
- 'ACL Violation',
- 'Trying to mass-delete SNMP Trap ID'
- );
}
}
@@ -1025,7 +1003,7 @@ if ($traps !== false) {
// Actions.
$data[8] = '';
- if (empty($trap['status']) && check_acl($config['id_user'], 0, 'IW')) {
+ if (empty($trap['status'])) {
$data[8] .= '<a href="'.$urlPagination.'&check='.$trap['id_trap'].'">'.html_print_image('images/ok.png', true, ['border' => '0', 'title' => __('Validate')]).'</a> ';
}
@@ -1045,17 +1023,15 @@ if ($traps !== false) {
} else {
$agent_trap_group = db_get_value('id_grupo', 'tagente', 'nombre', $trap['source']);
- if ((check_acl($config['id_user'], $agent_trap_group, 'IM'))) {
- $data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
- 'images/cross.png',
- true,
- [
- 'border' => '0',
- 'title' => __('Delete'),
- 'class' => 'invert_filter',
- ]
- ).'</a> ';
- }
+ $data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
+ 'images/cross.png',
+ true,
+ [
+ 'border' => '0',
+ 'title' => __('Delete'),
+ 'class' => 'invert_filter',
+ ]
+ ).'</a> ';
}
$data[8] .= '<a href="javascript: toggleVisibleExtendedInfo('.$trap['id_trap'].');">'.html_print_image(
@@ -1217,14 +1193,11 @@ if ($idx == 0) {
unset($table);
echo '<div class="w98p right">';
-if (check_acl($config['id_user'], 0, 'IW')) {
- html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
-}
-if (check_acl($config['id_user'], 0, 'IM')) {
- echo ' ';
- html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
-}
+html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
+
+echo ' ';
+html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
echo '</div></form>';
diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql
index b06ee1709a..59bfa1996e 100644
--- a/pandora_console/pandoradb.sql
+++ b/pandora_console/pandoradb.sql
@@ -1049,9 +1049,6 @@ CREATE TABLE IF NOT EXISTS `torigen` (
CREATE TABLE IF NOT EXISTS `tperfil` (
`id_perfil` int(10) unsigned NOT NULL auto_increment,
`name` TEXT NOT NULL,
- `incident_edit` tinyint(1) NOT NULL DEFAULT 0,
- `incident_view` tinyint(1) NOT NULL DEFAULT 0,
- `incident_management` tinyint(1) NOT NULL DEFAULT 0,
`agent_view` tinyint(1) NOT NULL DEFAULT 0,
`agent_edit` tinyint(1) NOT NULL DEFAULT 0,
`alert_edit` tinyint(1) NOT NULL DEFAULT 0,
diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl
index 49a8ea7d76..cfdced90cf 100755
--- a/pandora_server/util/pandora_manage.pl
+++ b/pandora_server/util/pandora_manage.pl
@@ -192,8 +192,8 @@ sub help_screen{
help_screen_line('--add_profile', '<user_name> <profile_name> <group_name>', 'Add perfil to user');
help_screen_line('--delete_profile', '<user_name> <profile_name> <group_name>', 'Delete perfil from user');
help_screen_line('--add_profile_to_user', '<user_id> <profile_name> [<group_name>]', 'Add a profile in group to a user');
- help_screen_line('--create_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
- help_screen_line('--update_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
+ help_screen_line('--create_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
+ help_screen_line('--update_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
help_screen_line('--disable_eacl', '', 'Disable enterprise ACL system');
help_screen_line('--enable_eacl', '', 'Enable enterprise ACL system');
help_screen_line('--disable_double_auth', '<user_name>', 'Disable the double authentication for the specified user');
@@ -563,14 +563,14 @@ sub pandora_create_user_profile ($$$$) {
##########################################################################
## Create profile.
##########################################################################
-sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
- my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
+sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$) {
+ my ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
- return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,incident_view,incident_edit,incident_management,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
- safe_input($profile_name), $incident_view,$incident_edit, $incident_management, $agent_view,
+ return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
+ safe_input($profile_name), $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
@@ -579,14 +579,14 @@ sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
##########################################################################
#### Update profile.
###########################################################################
-sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
- my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
+sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$) {
+ my ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
- return db_update ($dbh, 'UPDATE tperfil SET incident_view = ?, incident_edit = ?, incident_management = ?, agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
- $incident_view,$incident_edit, $incident_management, $agent_view,
+ return db_update ($dbh, 'UPDATE tperfil SET agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
+ $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management, safe_input($profile_name));
@@ -4008,7 +4008,7 @@ sub cli_add_profile() {
##############################################################################
sub cli_create_profile() {
- my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
+ my ($profile_name,$agent_view,
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
@@ -4016,7 +4016,7 @@ sub cli_create_profile() {
my $id_profile = get_profile_id($dbh,$profile_name);
non_exist_check($id_profile,'profile',$profile_name);
- pandora_create_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
+ pandora_create_profile ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
@@ -4028,7 +4028,7 @@ sub cli_create_profile() {
##############################################################################
#
sub cli_update_profile() {
- my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
+ my ($profile_name,$agent_view,
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
@@ -4036,7 +4036,7 @@ sub cli_update_profile() {
my $id_profile = get_profile_id($dbh,$profile_name);
exist_check($id_profile,'profile',$profile_name);
- pandora_update_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
+ pandora_update_profile ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);