removed deprecated incident permissions
This commit is contained in:
alejandro.campos@artica.es
parent
fdeaf52912
commit
9cde8c345f
|
|
@ -2,5 +2,8 @@ START TRANSACTION;
|
|||
|
||||
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_user` VARCHAR(60);
|
||||
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_pass` VARCHAR(45);
|
||||
ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
|
||||
ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
|
||||
ALTER TABLE `tperfil` DROP COLUMN `incident_management`;
|
||||
|
||||
COMMIT;
|
||||
|
|
|
|||
|
|
@ -4027,3 +4027,6 @@ DELETE FROM `tconfig` WHERE `token` = 'ipam_installed';
|
|||
|
||||
DELETE FROM `tconfig` WHERE `token` = 'ipam_recon_script_id';
|
||||
|
||||
ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
|
||||
ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
|
||||
ALTER TABLE `tperfil` DROP COLUMN `incident_management`;
|
||||
|
|
@ -88,7 +88,6 @@ if (check_acl($config['id_user'], 0, 'AW')
|
|||
|| check_acl($config['id_user'], 0, 'LM')
|
||||
|| check_acl($config['id_user'], 0, 'UM')
|
||||
|| check_acl($config['id_user'], 0, 'LW')
|
||||
|| check_acl($config['id_user'], 0, 'IW')
|
||||
|| check_acl($config['id_user'], 0, 'EW')
|
||||
|| check_acl($config['id_user'], 0, 'DW')
|
||||
) {
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ $offset = (int) get_parameter('offset', 0);
|
|||
|
||||
// See if id_agente is set (either POST or GET, otherwise -1
|
||||
$id_agent = (int) get_parameter('id_agente');
|
||||
$groups = users_get_groups($config['id_user'], 'IR');
|
||||
$groups = users_get_groups($config['id_user'], 'AR');
|
||||
$filter = ' AND id_agent = '.$id_agent;
|
||||
$url = 'index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=incident&id_agente='.$id_agent;
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ global $config;
|
|||
|
||||
check_login();
|
||||
|
||||
$gis_w = check_acl($config['id_user'], 0, 'MW');
|
||||
$gis_w = check_acl($config['id_user'], 0, 'MW', false, true, true);
|
||||
$gis_m = check_acl($config['id_user'], 0, 'MM');
|
||||
$access = ($gis_w == true) ? 'MW' : (($gis_m == true) ? 'MM' : 'MW');
|
||||
|
||||
|
|
@ -490,7 +490,7 @@ if (users_can_manage_group_all('MM') === true) {
|
|||
$table->data[2][0] = __('Group');
|
||||
$table->data[2][1] = html_print_select_groups(
|
||||
false,
|
||||
'IW',
|
||||
'AR',
|
||||
$return_all_group,
|
||||
'map_group_id',
|
||||
$map_group_id,
|
||||
|
|
|
|||
|
|
@ -20,15 +20,6 @@ require_once $config['homedir'].'/include/functions_html.php';
|
|||
|
||||
check_login();
|
||||
|
||||
if (! check_acl($config['id_user'], 0, 'IW')) {
|
||||
db_pandora_audit(
|
||||
'ACL Violation',
|
||||
'Trying to access event viewer'
|
||||
);
|
||||
include 'general/noaccess.php';
|
||||
return;
|
||||
}
|
||||
|
||||
// id report
|
||||
$id = (int) get_parameter('id');
|
||||
|
||||
|
|
|
|||
|
|
@ -24,15 +24,6 @@ require_once 'include/functions_ui.php';
|
|||
|
||||
check_login();
|
||||
|
||||
if (! check_acl($config['id_user'], 0, 'IR')) {
|
||||
db_pandora_audit(
|
||||
'ACL Violation',
|
||||
'Trying to access netflow setup'
|
||||
);
|
||||
include 'general/noaccess.php';
|
||||
return;
|
||||
}
|
||||
|
||||
$update = (bool) get_parameter('update');
|
||||
|
||||
$table->width = '100%';
|
||||
|
|
|
|||
|
|
@ -85,11 +85,6 @@ if ($id_profile || $new_profile) {
|
|||
// Name
|
||||
$name = '';
|
||||
|
||||
// Incidents
|
||||
$incident_view = 0;
|
||||
$incident_edit = 0;
|
||||
$incident_management = 0;
|
||||
|
||||
// Agents
|
||||
$agent_view = 0;
|
||||
$agent_edit = 0;
|
||||
|
|
@ -148,11 +143,6 @@ if ($id_profile || $new_profile) {
|
|||
// Name
|
||||
$name = $profile['name'];
|
||||
|
||||
// Incidents
|
||||
$incident_view = (bool) $profile['incident_view'];
|
||||
$incident_edit = (bool) $profile['incident_edit'];
|
||||
$incident_management = (bool) $profile['incident_management'];
|
||||
|
||||
// Agents
|
||||
$agent_view = (bool) $profile['agent_view'];
|
||||
$agent_edit = (bool) $profile['agent_edit'];
|
||||
|
|
@ -197,7 +187,7 @@ if ($id_profile || $new_profile) {
|
|||
);
|
||||
enterprise_include_once('include/functions_audit.php');
|
||||
|
||||
$info = 'Name: '.$name.' Incident view: '.$incident_view.' Incident edit: '.$incident_edit.' Incident management: '.$incident_management.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
|
||||
$info = 'Name: '.$name.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
|
||||
|
||||
enterprise_hook('audit_pandora_enterprise', [$id_audit, $info]);
|
||||
|
||||
|
|
@ -319,21 +309,6 @@ if ($id_profile || $new_profile) {
|
|||
$table->data['VM'] = $row;
|
||||
$table->data[] = '<hr>';
|
||||
|
||||
// Incidents
|
||||
$row = [];
|
||||
$row['name'] = __('View incidents');
|
||||
$row['input'] = html_print_checkbox('incident_view', 1, $incident_view, true);
|
||||
$table->data['IR'] = $row;
|
||||
$row = [];
|
||||
$row['name'] = __('Edit incidents');
|
||||
$row['input'] = html_print_checkbox('incident_edit', 1, $incident_edit, true, false, 'autoclick_profile_users(\'incident_edit\', \'incident_view\', \'false\')');
|
||||
$table->data['IW'] = $row;
|
||||
$row = [];
|
||||
$row['name'] = __('Manage incidents');
|
||||
$row['input'] = html_print_checkbox('incident_management', 1, $incident_management, true, false, 'autoclick_profile_users(\'incident_management\', \'incident_view\', \'incident_edit\');');
|
||||
$table->data['IM'] = $row;
|
||||
$table->data[] = '<hr>';
|
||||
|
||||
$disable_option = 'javascript: return false;';
|
||||
if (check_acl($config['id_user'], 0, 'PM') || users_is_admin()) {
|
||||
$disable_option = '';
|
||||
|
|
|
|||
|
|
@ -107,11 +107,6 @@ if ($delete_profile) {
|
|||
if ($create_profile || $update_profile) {
|
||||
$name = get_parameter('name');
|
||||
|
||||
// Incidents
|
||||
$incident_view = (bool) get_parameter('incident_view');
|
||||
$incident_edit = (bool) get_parameter('incident_edit');
|
||||
$incident_management = (bool) get_parameter('incident_management');
|
||||
|
||||
// Agents
|
||||
$agent_view = (bool) get_parameter('agent_view');
|
||||
$agent_edit = (bool) get_parameter('agent_edit');
|
||||
|
|
@ -152,9 +147,6 @@ if ($create_profile || $update_profile) {
|
|||
|
||||
$values = [
|
||||
'name' => $name,
|
||||
'incident_view' => $incident_view,
|
||||
'incident_edit' => $incident_edit,
|
||||
'incident_management' => $incident_management,
|
||||
'agent_view' => $agent_view,
|
||||
'agent_edit' => $agent_edit,
|
||||
'agent_disable' => $agent_disable,
|
||||
|
|
@ -183,10 +175,7 @@ if ($update_profile) {
|
|||
if ($name) {
|
||||
$ret = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
|
||||
if ($ret !== false) {
|
||||
$info = '{"Name":"'.$incident_view.'",
|
||||
"Incident view":"'.$incident_view.'",
|
||||
"Incident edit":"'.$incident_edit.'",
|
||||
"Incident management":"'.$incident_management.'",
|
||||
$info = '{"Name":"'.$name.'",
|
||||
"Agent view":"'.$agent_view.'",
|
||||
"Agent edit":"'.$agent_edit.'",
|
||||
"Agent disable":"'.$agent_disable.'",
|
||||
|
|
@ -234,10 +223,7 @@ if ($create_profile) {
|
|||
|
||||
if ($ret !== false) {
|
||||
ui_print_success_message(__('Successfully created'));
|
||||
$info = '{"Name":"'.$incident_view.'",
|
||||
"Incident view":"'.$incident_view.'",
|
||||
"Incident edit":"'.$incident_edit.'",
|
||||
"Incident management":"'.$incident_management.'",
|
||||
$info = '{"Name":"'.$name.'",
|
||||
"Agent view":"'.$agent_view.'",
|
||||
"Agent edit":"'.$agent_edit.'",
|
||||
"Agent disable":"'.$agent_disable.'",
|
||||
|
|
@ -289,9 +275,6 @@ $table->align = [];
|
|||
|
||||
$table->head['profiles'] = __('Profiles');
|
||||
|
||||
$table->head['IR'] = 'IR';
|
||||
$table->head['IW'] = 'IW';
|
||||
$table->head['IM'] = 'IM';
|
||||
$table->head['AR'] = 'AR';
|
||||
$table->head['AW'] = 'AW';
|
||||
$table->head['AD'] = 'AD';
|
||||
|
|
@ -317,9 +300,6 @@ $table->head['operations'] = '<span title="Operations">'.__('Op.').'</span>';
|
|||
$table->align = array_fill(1, 11, 'center');
|
||||
|
||||
$table->size['profiles'] = '200px';
|
||||
$table->size['IR'] = '10px';
|
||||
$table->size['IW'] = '10px';
|
||||
$table->size['IM'] = '10px';
|
||||
$table->size['AR'] = '10px';
|
||||
$table->size['AW'] = '10px';
|
||||
$table->size['AD'] = '10px';
|
||||
|
|
@ -358,9 +338,6 @@ $img = html_print_image(
|
|||
|
||||
foreach ($profiles as $profile) {
|
||||
$data['profiles'] = '<a href="index.php?sec='.$sec.'&sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.$profile['name'].'</a>';
|
||||
$data['IR'] = ($profile['incident_view'] ? $img : '');
|
||||
$data['IW'] = ($profile['incident_edit'] ? $img : '');
|
||||
$data['IM'] = ($profile['incident_management'] ? $img : '');
|
||||
$data['AR'] = ($profile['agent_view'] ? $img : '');
|
||||
$data['AW'] = ($profile['agent_edit'] ? $img : '');
|
||||
$data['AD'] = ($profile['agent_disable'] ? $img : '');
|
||||
|
|
|
|||
|
|
@ -3207,7 +3207,7 @@ class NetworkMap
|
|||
$table->data[0][0] = __('Group');
|
||||
$table->data[0][1] = html_print_select_groups(
|
||||
false,
|
||||
'IW',
|
||||
'AR',
|
||||
false,
|
||||
'group_for_show_agents',
|
||||
-1,
|
||||
|
|
|
|||
|
|
@ -2281,9 +2281,6 @@ function check_login($output=true)
|
|||
* Check access privileges to resources
|
||||
*
|
||||
* Access can be:
|
||||
* IR - Incident/report Read
|
||||
* IW - Incident/report Write
|
||||
* IM - Incident/report Management
|
||||
* AR - Agent Read
|
||||
* AW - Agent Write
|
||||
* LW - Alert Write
|
||||
|
|
@ -2374,9 +2371,6 @@ function check_acl_one_of_groups($id_user, $groups, $access, $cache=true)
|
|||
* Check access privileges to resources (write or management is not allowed for 'all' group )
|
||||
*
|
||||
* Access can be:
|
||||
* IR - Incident/report Read
|
||||
* IW - Incident/report Write
|
||||
* IM - Incident/report Management
|
||||
* AR - Agent Read
|
||||
* AW - Agent Write
|
||||
* LW - Alert Write
|
||||
|
|
@ -2445,18 +2439,6 @@ function check_acl_restricted_all($id_user, $id_group, $access, $onlyOneGroup=fa
|
|||
function get_acl_column($access)
|
||||
{
|
||||
switch ($access) {
|
||||
case 'IR':
|
||||
return 'incident_view';
|
||||
|
||||
break;
|
||||
case 'IW':
|
||||
return 'incident_edit';
|
||||
|
||||
break;
|
||||
case 'IM':
|
||||
return 'incident_management';
|
||||
|
||||
break;
|
||||
case 'AR':
|
||||
return 'agent_view';
|
||||
|
||||
|
|
@ -2552,10 +2534,7 @@ function get_users_acl($id_user)
|
|||
$rowdup = $users_acl_cache[$id_user];
|
||||
} else {
|
||||
$query = sprintf(
|
||||
"SELECT sum(tperfil.incident_view) as incident_view,
|
||||
sum(tperfil.incident_edit) as incident_edit,
|
||||
sum(tperfil.incident_management) as incident_management,
|
||||
sum(tperfil.agent_view) as agent_view,
|
||||
"SELECT sum(tperfil.agent_view) as agent_view,
|
||||
sum(tperfil.agent_edit) as agent_edit,
|
||||
sum(tperfil.alert_edit) as alert_edit,
|
||||
sum(tperfil.alert_management) as alert_management,
|
||||
|
|
|
|||
|
|
@ -486,7 +486,7 @@ function api_get_groups($thrash1, $thrash2, $other, $returnType, $user_in_db)
|
|||
$returnAllColumns = ( $other['data'][2] == '1' ? true : false);
|
||||
}
|
||||
|
||||
$groups = users_get_groups($user_in_db, 'IR', $returnAllGroup, $returnAllColumns);
|
||||
$groups = users_get_groups($user_in_db, 'AR', $returnAllGroup, $returnAllColumns);
|
||||
|
||||
$data_groups = [];
|
||||
foreach ($groups as $id => $group) {
|
||||
|
|
@ -11358,9 +11358,6 @@ function api_get_user_profiles_info($thrash1, $thrash2, $thrash3, $returnType)
|
|||
[
|
||||
'id_perfil',
|
||||
'name',
|
||||
'incident_view as IR',
|
||||
'incident_edit as IW',
|
||||
'incident_management as IM',
|
||||
'agent_view as AR',
|
||||
'agent_edit as AW',
|
||||
'agent_disable as AD',
|
||||
|
|
@ -11413,29 +11410,26 @@ function api_set_create_user_profile_info($thrash1, $thrash2, $other, $returnTyp
|
|||
|
||||
$values = [
|
||||
'name' => (string) $other['data'][0],
|
||||
'incident_view' => (bool) $other['data'][1] ? 1 : 0,
|
||||
'incident_edit' => (bool) $other['data'][2] ? 1 : 0,
|
||||
'incident_management' => (bool) $other['data'][3] ? 1 : 0,
|
||||
'agent_view' => (bool) $other['data'][4] ? 1 : 0,
|
||||
'agent_edit' => (bool) $other['data'][5] ? 1 : 0,
|
||||
'agent_disable' => (bool) $other['data'][6] ? 1 : 0,
|
||||
'alert_edit' => (bool) $other['data'][7] ? 1 : 0,
|
||||
'alert_management' => (bool) $other['data'][8] ? 1 : 0,
|
||||
'user_management' => (bool) $other['data'][9] ? 1 : 0,
|
||||
'db_management' => (bool) $other['data'][10] ? 1 : 0,
|
||||
'event_view' => (bool) $other['data'][11] ? 1 : 0,
|
||||
'event_edit' => (bool) $other['data'][12] ? 1 : 0,
|
||||
'event_management' => (bool) $other['data'][13] ? 1 : 0,
|
||||
'report_view' => (bool) $other['data'][14] ? 1 : 0,
|
||||
'report_edit' => (bool) $other['data'][15] ? 1 : 0,
|
||||
'report_management' => (bool) $other['data'][16] ? 1 : 0,
|
||||
'map_view' => (bool) $other['data'][17] ? 1 : 0,
|
||||
'map_edit' => (bool) $other['data'][18] ? 1 : 0,
|
||||
'map_management' => (bool) $other['data'][19] ? 1 : 0,
|
||||
'vconsole_view' => (bool) $other['data'][20] ? 1 : 0,
|
||||
'vconsole_edit' => (bool) $other['data'][21] ? 1 : 0,
|
||||
'vconsole_management' => (bool) $other['data'][22] ? 1 : 0,
|
||||
'pandora_management' => (bool) $other['data'][23] ? 1 : 0,
|
||||
'agent_view' => (bool) $other['data'][1] ? 1 : 0,
|
||||
'agent_edit' => (bool) $other['data'][2] ? 1 : 0,
|
||||
'agent_disable' => (bool) $other['data'][3] ? 1 : 0,
|
||||
'alert_edit' => (bool) $other['data'][4] ? 1 : 0,
|
||||
'alert_management' => (bool) $other['data'][5] ? 1 : 0,
|
||||
'user_management' => (bool) $other['data'][6] ? 1 : 0,
|
||||
'db_management' => (bool) $other['data'][7] ? 1 : 0,
|
||||
'event_view' => (bool) $other['data'][8] ? 1 : 0,
|
||||
'event_edit' => (bool) $other['data'][9] ? 1 : 0,
|
||||
'event_management' => (bool) $other['data'][10] ? 1 : 0,
|
||||
'report_view' => (bool) $other['data'][11] ? 1 : 0,
|
||||
'report_edit' => (bool) $other['data'][12] ? 1 : 0,
|
||||
'report_management' => (bool) $other['data'][13] ? 1 : 0,
|
||||
'map_view' => (bool) $other['data'][14] ? 1 : 0,
|
||||
'map_edit' => (bool) $other['data'][15] ? 1 : 0,
|
||||
'map_management' => (bool) $other['data'][16] ? 1 : 0,
|
||||
'vconsole_view' => (bool) $other['data'][17] ? 1 : 0,
|
||||
'vconsole_edit' => (bool) $other['data'][18] ? 1 : 0,
|
||||
'vconsole_management' => (bool) $other['data'][19] ? 1 : 0,
|
||||
'pandora_management' => (bool) $other['data'][20] ? 1 : 0,
|
||||
];
|
||||
|
||||
$return = db_process_sql_insert('tperfil', $values);
|
||||
|
|
@ -11475,29 +11469,26 @@ function api_set_update_user_profile_info($id_profile, $thrash1, $other, $return
|
|||
|
||||
$values = [
|
||||
'name' => $other['data'][0] == '' ? $profile['name'] : (string) $other['data'][0],
|
||||
'incident_view' => $other['data'][1] == '' ? $profile['incident_view'] : (bool) $other['data'][1] ? 1 : 0,
|
||||
'incident_edit' => $other['data'][2] == '' ? $profile['incident_edit'] : (bool) $other['data'][2] ? 1 : 0,
|
||||
'incident_management' => $other['data'][3] == '' ? $profile['incident_management'] : (bool) $other['data'][3] ? 1 : 0,
|
||||
'agent_view' => $other['data'][4] == '' ? $profile['agent_view'] : (bool) $other['data'][4] ? 1 : 0,
|
||||
'agent_edit' => $other['data'][5] == '' ? $profile['agent_edit'] : (bool) $other['data'][5] ? 1 : 0,
|
||||
'agent_disable' => $other['data'][6] == '' ? $profile['agent_disable'] : (bool) $other['data'][6] ? 1 : 0,
|
||||
'alert_edit' => $other['data'][7] == '' ? $profile['alert_edit'] : (bool) $other['data'][7] ? 1 : 0,
|
||||
'alert_management' => $other['data'][8] == '' ? $profile['alert_management'] : (bool) $other['data'][8] ? 1 : 0,
|
||||
'user_management' => $other['data'][9] == '' ? $profile['user_management'] : (bool) $other['data'][9] ? 1 : 0,
|
||||
'db_management' => $other['data'][10] == '' ? $profile['db_management'] : (bool) $other['data'][10] ? 1 : 0,
|
||||
'event_view' => $other['data'][11] == '' ? $profile['event_view'] : (bool) $other['data'][11] ? 1 : 0,
|
||||
'event_edit' => $other['data'][12] == '' ? $profile['event_edit'] : (bool) $other['data'][12] ? 1 : 0,
|
||||
'event_management' => $other['data'][13] == '' ? $profile['event_management'] : (bool) $other['data'][13] ? 1 : 0,
|
||||
'report_view' => $other['data'][14] == '' ? $profile['report_view'] : (bool) $other['data'][14] ? 1 : 0,
|
||||
'report_edit' => $other['data'][15] == '' ? $profile['report_edit'] : (bool) $other['data'][15] ? 1 : 0,
|
||||
'report_management' => $other['data'][16] == '' ? $profile['report_management'] : (bool) $other['data'][16] ? 1 : 0,
|
||||
'map_view' => $other['data'][17] == '' ? $profile['map_view'] : (bool) $other['data'][17] ? 1 : 0,
|
||||
'map_edit' => $other['data'][18] == '' ? $profile['map_edit'] : (bool) $other['data'][18] ? 1 : 0,
|
||||
'map_management' => $other['data'][19] == '' ? $profile['map_management'] : (bool) $other['data'][19] ? 1 : 0,
|
||||
'vconsole_view' => $other['data'][20] == '' ? $profile['vconsole_view'] : (bool) $other['data'][20] ? 1 : 0,
|
||||
'vconsole_edit' => $other['data'][21] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][21] ? 1 : 0,
|
||||
'vconsole_management' => $other['data'][22] == '' ? $profile['vconsole_management'] : (bool) $other['data'][22] ? 1 : 0,
|
||||
'pandora_management' => $other['data'][23] == '' ? $profile['pandora_management'] : (bool) $other['data'][23] ? 1 : 0,
|
||||
'agent_view' => $other['data'][1] == '' ? $profile['agent_view'] : (bool) $other['data'][1] ? 1 : 0,
|
||||
'agent_edit' => $other['data'][2] == '' ? $profile['agent_edit'] : (bool) $other['data'][2] ? 1 : 0,
|
||||
'agent_disable' => $other['data'][3] == '' ? $profile['agent_disable'] : (bool) $other['data'][3] ? 1 : 0,
|
||||
'alert_edit' => $other['data'][4] == '' ? $profile['alert_edit'] : (bool) $other['data'][4] ? 1 : 0,
|
||||
'alert_management' => $other['data'][5] == '' ? $profile['alert_management'] : (bool) $other['data'][5] ? 1 : 0,
|
||||
'user_management' => $other['data'][6] == '' ? $profile['user_management'] : (bool) $other['data'][6] ? 1 : 0,
|
||||
'db_management' => $other['data'][7] == '' ? $profile['db_management'] : (bool) $other['data'][7] ? 1 : 0,
|
||||
'event_view' => $other['data'][8] == '' ? $profile['event_view'] : (bool) $other['data'][8] ? 1 : 0,
|
||||
'event_edit' => $other['data'][9] == '' ? $profile['event_edit'] : (bool) $other['data'][9] ? 1 : 0,
|
||||
'event_management' => $other['data'][10] == '' ? $profile['event_management'] : (bool) $other['data'][10] ? 1 : 0,
|
||||
'report_view' => $other['data'][11] == '' ? $profile['report_view'] : (bool) $other['data'][11] ? 1 : 0,
|
||||
'report_edit' => $other['data'][12] == '' ? $profile['report_edit'] : (bool) $other['data'][12] ? 1 : 0,
|
||||
'report_management' => $other['data'][13] == '' ? $profile['report_management'] : (bool) $other['data'][13] ? 1 : 0,
|
||||
'map_view' => $other['data'][14] == '' ? $profile['map_view'] : (bool) $other['data'][14] ? 1 : 0,
|
||||
'map_edit' => $other['data'][15] == '' ? $profile['map_edit'] : (bool) $other['data'][15] ? 1 : 0,
|
||||
'map_management' => $other['data'][16] == '' ? $profile['map_management'] : (bool) $other['data'][16] ? 1 : 0,
|
||||
'vconsole_view' => $other['data'][17] == '' ? $profile['vconsole_view'] : (bool) $other['data'][17] ? 1 : 0,
|
||||
'vconsole_edit' => $other['data'][18] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][18] ? 1 : 0,
|
||||
'vconsole_management' => $other['data'][19] == '' ? $profile['vconsole_management'] : (bool) $other['data'][19] ? 1 : 0,
|
||||
'pandora_management' => $other['data'][20] == '' ? $profile['pandora_management'] : (bool) $other['data'][20] ? 1 : 0,
|
||||
];
|
||||
|
||||
$return = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
|
||||
|
|
@ -11545,101 +11536,6 @@ function api_set_delete_user_profile_info($id_profile, $thrash1, $thrash2, $retu
|
|||
}
|
||||
|
||||
|
||||
/**
|
||||
* Create new incident in Pandora.
|
||||
*
|
||||
* @param $thrash1 Don't use.
|
||||
* @param $thrash2 Don't use.
|
||||
* @param array $other it's array, $other as param is <title>;<description>;
|
||||
* <origin>;<priority>;<state>;<group> in this order and separator char
|
||||
* (after text ; ) and separator (pass in param othermode as
|
||||
* othermode=url_encode_separator_<separator>)
|
||||
* example:
|
||||
*
|
||||
* api.php?op=set&op2=new_incident&other=titulo|descripcion%20texto|Logfiles|2|10|12&other_mode=url_encode_separator_|
|
||||
*
|
||||
* @param $thrash3 Don't use.
|
||||
*/
|
||||
function api_set_new_incident($thrash1, $thrash2, $other, $thrash3)
|
||||
{
|
||||
global $config;
|
||||
|
||||
if (defined('METACONSOLE')) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!check_acl($config['id_user'], 0, 'IW')) {
|
||||
returnError('forbidden', 'string');
|
||||
return;
|
||||
}
|
||||
|
||||
$title = $other['data'][0];
|
||||
$description = $other['data'][1];
|
||||
$origin = $other['data'][2];
|
||||
$priority = $other['data'][3];
|
||||
$id_creator = 'API';
|
||||
$state = $other['data'][4];
|
||||
$group = $other['data'][5];
|
||||
|
||||
$values = [
|
||||
'inicio' => 'NOW()',
|
||||
'actualizacion' => 'NOW()',
|
||||
'titulo' => $title,
|
||||
'descripcion' => $description,
|
||||
'id_usuario' => 'API',
|
||||
'origen' => $origin,
|
||||
'estado' => $state,
|
||||
'prioridad' => $priority,
|
||||
'id_grupo' => $group,
|
||||
'id_creator' => $id_creator,
|
||||
];
|
||||
$idIncident = db_process_sql_insert('tincidencia', $values);
|
||||
|
||||
if ($idIncident === false) {
|
||||
returnError('A new incident could not be created.');
|
||||
} else {
|
||||
returnData('string', ['type' => 'string', 'data' => $idIncident]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Add note into a incident.
|
||||
*
|
||||
* @param $id string Username author of note.
|
||||
* @param $id2 integer ID of incident.
|
||||
* @param $other string Note.
|
||||
* @param $thrash2 Don't use.
|
||||
*/
|
||||
function api_set_new_note_incident($id, $id2, $other, $thrash2)
|
||||
{
|
||||
global $config;
|
||||
|
||||
if (defined('METACONSOLE')) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!check_acl($config['id_user'], 0, 'IW')) {
|
||||
returnError('forbidden', 'string');
|
||||
return;
|
||||
}
|
||||
|
||||
$values = [
|
||||
'id_usuario' => $id,
|
||||
'id_incident' => $id2,
|
||||
'nota' => $other['data'],
|
||||
];
|
||||
|
||||
$idNote = db_process_sql_insert('tnota', $values);
|
||||
|
||||
if ($idNote === false) {
|
||||
returnError('A new incident could not be created+.');
|
||||
} else {
|
||||
returnData('string', ['type' => 'string', 'data' => $idNote]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Disable a module, given agent and module name.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -79,22 +79,10 @@ function integriaims_tabs($active_tab, $view=false)
|
|||
}
|
||||
|
||||
$onheader = [];
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IR') && $view) {
|
||||
$onheader['view'] = $view_tab;
|
||||
}
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'PM')) {
|
||||
$onheader['configure'] = $setup_tab;
|
||||
}
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IR')) {
|
||||
$onheader['list'] = $list_tab;
|
||||
}
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$onheader['create'] = $create_tab;
|
||||
}
|
||||
$onheader['view'] = $view_tab;
|
||||
$onheader['configure'] = $setup_tab;
|
||||
$onheader['list'] = $list_tab;
|
||||
$onheader['create'] = $create_tab;
|
||||
|
||||
return $onheader;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -120,7 +120,7 @@ function netflow_check_filter_group($id_sg)
|
|||
$id_group = db_get_value('id_group', 'tnetflow_filter', 'id_sg', $id_sg);
|
||||
$own_info = get_user_info($config['id_user']);
|
||||
// Get group list that user has access.
|
||||
$groups_user = users_get_groups($config['id_user'], 'IW', $own_info['is_admin'], true);
|
||||
$groups_user = users_get_groups($config['id_user'], 'AR', $own_info['is_admin'], true);
|
||||
$groups_id = [];
|
||||
$has_permission = false;
|
||||
|
||||
|
|
|
|||
|
|
@ -1500,7 +1500,7 @@ function networkmap_delete_relations($id_map)
|
|||
|
||||
function get_networkmaps($id)
|
||||
{
|
||||
$groups = array_keys(users_get_groups(null, 'IW'));
|
||||
$groups = array_keys(users_get_groups(null, 'MW'));
|
||||
|
||||
$filter = [];
|
||||
$filter['id_group'] = $groups;
|
||||
|
|
|
|||
|
|
@ -235,9 +235,6 @@ function groups_combine_acl($acl_group_a, $acl_group_b)
|
|||
}
|
||||
|
||||
$acl_list = [
|
||||
'incident_view' => 1,
|
||||
'incident_edit' => 1,
|
||||
'incident_management' => 1,
|
||||
'agent_view' => 1,
|
||||
'agent_edit' => 1,
|
||||
'agent_disable' => 1,
|
||||
|
|
|
|||
|
|
@ -16,13 +16,6 @@ global $config;
|
|||
|
||||
check_login();
|
||||
|
||||
if (!(check_acl($config['id_user'], 0, 'IW') && check_acl($config['id_user'], 0, 'IR'))) {
|
||||
// Doesn't have access to this page.
|
||||
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
|
||||
include 'general/noaccess.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
require_once $config['homedir'].'/include/functions_integriaims.php';
|
||||
|
||||
$update = (isset($_GET['incident_id']) === true);
|
||||
|
|
|
|||
|
|
@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
|
|||
|
||||
check_login();
|
||||
|
||||
if (!check_acl($config['id_user'], 0, 'IR')) {
|
||||
// Doesn't have access to this page.
|
||||
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
|
||||
include 'general/noaccess.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
// Check if Integria integration enabled.
|
||||
if ($config['integria_enabled'] == 0) {
|
||||
ui_print_error_message(__('In order to access ticket management system, integration with Integria IMS must be enabled and properly configured'));
|
||||
|
|
@ -124,10 +117,7 @@ $table_files->head[1] = __('Timestamp');
|
|||
$table_files->head[2] = __('Description');
|
||||
$table_files->head[3] = __('User');
|
||||
$table_files->head[4] = __('Size');
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$table_files->head[5] = __('Delete');
|
||||
}
|
||||
$table_files->head[5] = __('Delete');
|
||||
|
||||
$table_files->data = [];
|
||||
|
||||
|
|
@ -240,11 +230,10 @@ foreach ($files as $key => $value) {
|
|||
$table_files->data[$i][2] = $value[12];
|
||||
$table_files->data[$i][3] = $value[8];
|
||||
$table_files->data[$i][4] = $value[13];
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
|
||||
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
|
||||
$table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
|
||||
}
|
||||
$table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
|
||||
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
|
||||
$table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
|
||||
|
||||
|
||||
$table_files->data[$i][5] .= '</a>';
|
||||
|
||||
|
|
@ -267,9 +256,7 @@ $table_files_section->data[2][0] .= '<div class="w100p right">'.html_print_submi
|
|||
|
||||
$upload_file_form = '<div class="w100p">';
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
|
||||
}
|
||||
$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
|
||||
|
||||
$upload_file_form .= '<h4>'.__('Attached files').'</h4>'.html_print_table($table_files, true).'</form></div>';
|
||||
|
||||
|
|
@ -361,9 +348,8 @@ if (!empty($comments)) {
|
|||
|
||||
$upload_comment_form = '<div class="w100p">';
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
|
||||
}
|
||||
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
|
||||
|
||||
|
||||
$upload_comment_form .= '<h4>'.__('Comments').'</h4>'.$comment_table.'</div>';
|
||||
|
||||
|
|
|
|||
|
|
@ -18,11 +18,9 @@ require_once $config['homedir'].'/include/functions_graph.php';
|
|||
|
||||
check_login();
|
||||
|
||||
if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
|
||||
db_pandora_audit('ACL Violation', 'Trying to access Incident section');
|
||||
include 'general/noaccess.php';
|
||||
exit;
|
||||
}
|
||||
db_pandora_audit('ACL Violation', 'Trying to access Incident section');
|
||||
require 'general/noaccess.php';
|
||||
exit;
|
||||
|
||||
ui_print_page_header(__('Incidents').' » '.__('Statistics'), 'images/book_edit.png', false, '', false, '');
|
||||
|
||||
|
|
|
|||
|
|
@ -20,14 +20,6 @@ require_once '../../include/functions_integriaims.php';
|
|||
|
||||
check_login();
|
||||
|
||||
if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
|
||||
// Doesn't have access to this page.
|
||||
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
|
||||
include 'general/noaccess.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
// API calls.
|
||||
$status_incident = integriaims_get_details('status');
|
||||
$group_incident = integriaims_get_details('group');
|
||||
|
|
|
|||
|
|
@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
|
|||
|
||||
check_login();
|
||||
|
||||
if (! check_acl($config['id_user'], 0, 'IR')) {
|
||||
// Doesn't have access to this page.
|
||||
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
|
||||
include 'general/noaccess.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
// Header tabs.
|
||||
$onheader = integriaims_tabs('list_tab');
|
||||
ui_print_page_header(
|
||||
|
|
@ -266,9 +259,7 @@ $table->head[4] = __('Prior');
|
|||
$table->head[5] = __('Updated/Started');
|
||||
$table->head[6] = __('Creator');
|
||||
$table->head[7] = __('Owner');
|
||||
if (check_acl($config['id_user'], 0, 'IW') || check_acl($config['id_user'], 0, 'IM')) {
|
||||
$table->head[8] = '';
|
||||
}
|
||||
$table->head[8] = '';
|
||||
|
||||
$table->data = [];
|
||||
$i = 0;
|
||||
|
|
@ -294,18 +285,14 @@ foreach ($incidents_paginated as $key => $value) {
|
|||
$table->data[$i][7] = $array_get_incidents[$key][5];
|
||||
$table->data[$i][8] = '';
|
||||
$table->cellclass[$i][8] = 'action_buttons';
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
|
||||
$table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
|
||||
$table->data[$i][8] .= '</a>';
|
||||
}
|
||||
$table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
|
||||
$table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
|
||||
$table->data[$i][8] .= '</a>';
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IM')) {
|
||||
$table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
|
||||
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
|
||||
$table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
|
||||
$table->data[$i][8] .= '</a>';
|
||||
}
|
||||
$table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
|
||||
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
|
||||
$table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
|
||||
$table->data[$i][8] .= '</a>';
|
||||
|
||||
$i++;
|
||||
}
|
||||
|
|
@ -320,13 +307,11 @@ if (empty($table->data) === true) {
|
|||
}
|
||||
|
||||
// Show button to create incident.
|
||||
if (check_acl($config['id_user'], 0, 'IR')) {
|
||||
echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
|
||||
echo '<div class="wi100p right">';
|
||||
html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
|
||||
echo '</div>';
|
||||
echo '</form>';
|
||||
}
|
||||
echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
|
||||
echo '<div class="wi100p right">';
|
||||
html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
|
||||
echo '</div>';
|
||||
echo '</form>';
|
||||
|
||||
// Datapicker library for show calendar.
|
||||
ui_require_jquery_file('ui.datepicker-'.get_user_language(), 'include/javascript/i18n/');
|
||||
|
|
|
|||
|
|
@ -267,9 +267,9 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
|
|||
|
||||
$own_info = get_user_info($config['id_user']);
|
||||
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
|
||||
$own_groups = array_keys(users_get_groups($config['id_user'], 'IR'));
|
||||
$own_groups = array_keys(users_get_groups($config['id_user'], 'MR'));
|
||||
} else {
|
||||
$own_groups = array_keys(users_get_groups($config['id_user'], 'IR', false));
|
||||
$own_groups = array_keys(users_get_groups($config['id_user'], 'MR', false));
|
||||
}
|
||||
|
||||
foreach ($gisMaps as $gisMap) {
|
||||
|
|
@ -278,10 +278,6 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
|
|||
continue;
|
||||
}
|
||||
|
||||
if (! check_acl($config['id_user'], $gisMap['group_id'], 'IR')) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$sub2['operation/gis_maps/render_view&map_id='.$gisMap['id_tgis_map']]['text'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
|
||||
$sub2['operation/gis_maps/render_view&map_id='.$gisMap['id_tgis_map']]['id'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
|
||||
$sub2['operation/gis_maps/render_view&map_id='.$gisMap['id_tgis_map']]['title'] = io_safe_output($gisMap['map_name']);
|
||||
|
|
@ -459,30 +455,25 @@ $sub['operation/users/user_edit_notifications']['refr'] = 0;
|
|||
|
||||
|
||||
// Incidents.
|
||||
if (check_acl($config['id_user'], 0, 'IR')
|
||||
|| check_acl($config['id_user'], 0, 'IW')
|
||||
|| check_acl($config['id_user'], 0, 'IM')
|
||||
) {
|
||||
$temp_sec2 = $sec2;
|
||||
$sec2 = 'incident';
|
||||
$sec2sub = 'operation/incidents/incident_statistics';
|
||||
$sub[$sec2]['text'] = __('Incidents');
|
||||
$sub[$sec2]['id'] = 'Incidents';
|
||||
$sub[$sec2]['type'] = 'direct';
|
||||
$sub[$sec2]['subtype'] = 'nolink';
|
||||
$sub[$sec2]['refr'] = 0;
|
||||
$sub[$sec2]['subsecs'] = [
|
||||
'operation/incidents/incident_detail',
|
||||
'operation/integria_incidents',
|
||||
];
|
||||
$temp_sec2 = $sec2;
|
||||
$sec2 = 'incident';
|
||||
$sec2sub = 'operation/incidents/incident_statistics';
|
||||
$sub[$sec2]['text'] = __('Incidents');
|
||||
$sub[$sec2]['id'] = 'Incidents';
|
||||
$sub[$sec2]['type'] = 'direct';
|
||||
$sub[$sec2]['subtype'] = 'nolink';
|
||||
$sub[$sec2]['refr'] = 0;
|
||||
$sub[$sec2]['subsecs'] = [
|
||||
'operation/incidents/incident_detail',
|
||||
'operation/integria_incidents',
|
||||
];
|
||||
|
||||
$sub2 = [];
|
||||
$sub2[$sec2sub]['text'] = __('Integria IMS statistics');
|
||||
$sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
|
||||
$sub2 = [];
|
||||
$sub2[$sec2sub]['text'] = __('Integria IMS statistics');
|
||||
$sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
|
||||
|
||||
$sub[$sec2]['sub2'] = $sub2;
|
||||
$sec2 = $temp_sec2;
|
||||
}
|
||||
$sub[$sec2]['sub2'] = $sub2;
|
||||
$sec2 = $temp_sec2;
|
||||
|
||||
|
||||
// Messages.
|
||||
|
|
|
|||
|
|
@ -370,7 +370,7 @@ if (is_metaconsole()) {
|
|||
).'</td>';
|
||||
$own_info = get_user_info($config['id_user']);
|
||||
echo '<td><span id="filter_group_color"><b>'.__('Group').'</b></span></td>';
|
||||
echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'IW', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
|
||||
echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'AR', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
|
||||
echo '</tr>';
|
||||
|
||||
$advanced_toggle = '<table class="w100p">';
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ global $config;
|
|||
require_once 'include/functions_custom_graphs.php';
|
||||
|
||||
// Check ACL
|
||||
$searchGraphs = check_acl($config['id_user'], 0, 'IR');
|
||||
$searchGraphs = check_acl($config['id_user'], 0, 'RR');
|
||||
|
||||
$graphs = false;
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ global $config;
|
|||
|
||||
require_once 'include/functions_custom_graphs.php';
|
||||
|
||||
$searchGraphs = check_acl($config['id_user'], 0, 'IR');
|
||||
$searchGraphs = check_acl($config['id_user'], 0, 'RR');
|
||||
|
||||
if ($graphs === false || !$searchGraphs) {
|
||||
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";
|
||||
|
|
|
|||
|
|
@ -13,8 +13,6 @@
|
|||
// GNU General Public License for more details.
|
||||
global $config;
|
||||
|
||||
$totalHelps = check_acl($config['id_user'], 0, 'IR');
|
||||
|
||||
if ($helps === false || !$searchHelps) {
|
||||
echo "<br><div class='nf'>".__('Zero results found.').sprintf(
|
||||
__('You can find more help in the <a class="underline" href="%s">wiki</a>'),
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
// GNU General Public License for more details.
|
||||
global $config;
|
||||
|
||||
$searchMaps = check_acl($config['id_user'], 0, 'IR');
|
||||
$searchMaps = check_acl($config['id_user'], 0, 'VR');
|
||||
|
||||
$maps = false;
|
||||
$totalMaps = 0;
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
// GNU General Public License for more details.
|
||||
global $config;
|
||||
|
||||
$searchMaps = check_acl($config['id_user'], 0, 'IR');
|
||||
$searchMaps = check_acl($config['id_user'], 0, 'VR');
|
||||
|
||||
if ($maps === false || !$searchMaps) {
|
||||
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";
|
||||
|
|
|
|||
|
|
@ -19,9 +19,7 @@ require_once 'include/functions_reports.php';
|
|||
$linkReport = false;
|
||||
$searchReports = check_acl($config['id_user'], 0, 'RR');
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$linkReport = true;
|
||||
}
|
||||
$linkReport = true;
|
||||
|
||||
if ($reports === false || !$searchReports) {
|
||||
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";
|
||||
|
|
|
|||
|
|
@ -19,7 +19,8 @@ enterprise_include('operation/reporting/custom_reporting.php');
|
|||
|
||||
$searchAgents = $searchAlerts = $searchModules = check_acl($config['id_user'], 0, 'AR');
|
||||
$searchUsers = $searchPolicies = check_acl($config['id_user'], 0, 'AR');
|
||||
$searchMaps = $searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'IR');
|
||||
$searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'RR');
|
||||
$searchMaps = check_acl($config['id_user'], 0, 'VR');
|
||||
$searchMain = true;
|
||||
$searchHelps = true;
|
||||
|
||||
|
|
|
|||
|
|
@ -133,10 +133,10 @@ if ($config['pure']) {
|
|||
|
||||
|
||||
// OPERATIONS
|
||||
// Delete SNMP Trap entry Event (only incident management access).
|
||||
// Delete SNMP Trap entry Event.
|
||||
if (isset($_GET['delete'])) {
|
||||
$id_trap = (int) get_parameter_get('delete', 0);
|
||||
if ($id_trap > 0 && check_acl($config['id_user'], 0, 'IM')) {
|
||||
if ($id_trap > 0) {
|
||||
if ($group_by) {
|
||||
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$id_trap.')
|
||||
AND source IN (SELECT source FROM ttrap WHERE id_trap = '.$id_trap.')';
|
||||
|
|
@ -156,42 +156,30 @@ if (isset($_GET['delete'])) {
|
|||
__('Could not be deleted')
|
||||
);
|
||||
}
|
||||
} else {
|
||||
db_pandora_audit(
|
||||
'ACL Violation',
|
||||
'Trying to delete SNMP event ID #'.$id_trap
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// Check Event (only incident write access).
|
||||
// Check Event.
|
||||
if (isset($_GET['check'])) {
|
||||
$id_trap = (int) get_parameter_get('check', 0);
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
$values = [
|
||||
'status' => 1,
|
||||
'id_usuario' => $config['id_user'],
|
||||
];
|
||||
$result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
|
||||
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
|
||||
$values = [
|
||||
'status' => 1,
|
||||
'id_usuario' => $config['id_user'],
|
||||
];
|
||||
$result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
|
||||
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
|
||||
|
||||
ui_print_result_message(
|
||||
$result,
|
||||
__('Successfully updated'),
|
||||
__('Could not be updated')
|
||||
);
|
||||
} else {
|
||||
db_pandora_audit(
|
||||
'ACL Violation',
|
||||
'Trying to checkout SNMP Trap ID'.$id_trap
|
||||
);
|
||||
}
|
||||
ui_print_result_message(
|
||||
$result,
|
||||
__('Successfully updated'),
|
||||
__('Could not be updated')
|
||||
);
|
||||
}
|
||||
|
||||
// Mass-process DELETE.
|
||||
if (isset($_POST['deletebt'])) {
|
||||
$trap_ids = get_parameter_post('snmptrapid', []);
|
||||
if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
|
||||
if (is_array($trap_ids)) {
|
||||
if ($group_by) {
|
||||
foreach ($trap_ids as $key => $value) {
|
||||
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$value.')
|
||||
|
|
@ -210,28 +198,18 @@ if (isset($_POST['deletebt'])) {
|
|||
enterprise_hook('snmp_update_forwarded_modules', [$forward_info]);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
db_pandora_audit(
|
||||
'ACL Violation',
|
||||
'Trying to mass-delete SNMP Trap ID'
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// Mass-process UPDATE.
|
||||
if (isset($_POST['updatebt'])) {
|
||||
$trap_ids = get_parameter_post('snmptrapid', []);
|
||||
if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
|
||||
if (is_array($trap_ids)) {
|
||||
foreach ($trap_ids as $id_trap) {
|
||||
$sql = sprintf("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config['id_user'], $id_trap);
|
||||
db_process_sql($sql);
|
||||
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
|
||||
}
|
||||
} else {
|
||||
db_pandora_audit(
|
||||
'ACL Violation',
|
||||
'Trying to mass-delete SNMP Trap ID'
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1025,7 +1003,7 @@ if ($traps !== false) {
|
|||
// Actions.
|
||||
$data[8] = '';
|
||||
|
||||
if (empty($trap['status']) && check_acl($config['id_user'], 0, 'IW')) {
|
||||
if (empty($trap['status'])) {
|
||||
$data[8] .= '<a href="'.$urlPagination.'&check='.$trap['id_trap'].'">'.html_print_image('images/ok.png', true, ['border' => '0', 'title' => __('Validate')]).'</a> ';
|
||||
}
|
||||
|
||||
|
|
@ -1045,17 +1023,15 @@ if ($traps !== false) {
|
|||
} else {
|
||||
$agent_trap_group = db_get_value('id_grupo', 'tagente', 'nombre', $trap['source']);
|
||||
|
||||
if ((check_acl($config['id_user'], $agent_trap_group, 'IM'))) {
|
||||
$data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
|
||||
'images/cross.png',
|
||||
true,
|
||||
[
|
||||
'border' => '0',
|
||||
'title' => __('Delete'),
|
||||
'class' => 'invert_filter',
|
||||
]
|
||||
).'</a> ';
|
||||
}
|
||||
$data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
|
||||
'images/cross.png',
|
||||
true,
|
||||
[
|
||||
'border' => '0',
|
||||
'title' => __('Delete'),
|
||||
'class' => 'invert_filter',
|
||||
]
|
||||
).'</a> ';
|
||||
}
|
||||
|
||||
$data[8] .= '<a href="javascript: toggleVisibleExtendedInfo('.$trap['id_trap'].');">'.html_print_image(
|
||||
|
|
@ -1217,14 +1193,11 @@ if ($idx == 0) {
|
|||
unset($table);
|
||||
|
||||
echo '<div class="w98p right">';
|
||||
if (check_acl($config['id_user'], 0, 'IW')) {
|
||||
html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
|
||||
}
|
||||
|
||||
if (check_acl($config['id_user'], 0, 'IM')) {
|
||||
echo ' ';
|
||||
html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
|
||||
}
|
||||
html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
|
||||
|
||||
echo ' ';
|
||||
html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
|
||||
|
||||
echo '</div></form>';
|
||||
|
||||
|
|
|
|||
|
|
@ -1049,9 +1049,6 @@ CREATE TABLE IF NOT EXISTS `torigen` (
|
|||
CREATE TABLE IF NOT EXISTS `tperfil` (
|
||||
`id_perfil` int(10) unsigned NOT NULL auto_increment,
|
||||
`name` TEXT NOT NULL,
|
||||
`incident_edit` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`incident_view` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`incident_management` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`agent_view` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`agent_edit` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`alert_edit` tinyint(1) NOT NULL DEFAULT 0,
|
||||
|
|
|
|||
|
|
@ -192,8 +192,8 @@ sub help_screen{
|
|||
help_screen_line('--add_profile', '<user_name> <profile_name> <group_name>', 'Add perfil to user');
|
||||
help_screen_line('--delete_profile', '<user_name> <profile_name> <group_name>', 'Delete perfil from user');
|
||||
help_screen_line('--add_profile_to_user', '<user_id> <profile_name> [<group_name>]', 'Add a profile in group to a user');
|
||||
help_screen_line('--create_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
|
||||
help_screen_line('--update_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
|
||||
help_screen_line('--create_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
|
||||
help_screen_line('--update_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
|
||||
help_screen_line('--disable_eacl', '', 'Disable enterprise ACL system');
|
||||
help_screen_line('--enable_eacl', '', 'Enable enterprise ACL system');
|
||||
help_screen_line('--disable_double_auth', '<user_name>', 'Disable the double authentication for the specified user');
|
||||
|
|
@ -563,14 +563,14 @@ sub pandora_create_user_profile ($$$$) {
|
|||
##########################################################################
|
||||
## Create profile.
|
||||
##########################################################################
|
||||
sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
|
||||
my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
|
||||
sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$) {
|
||||
my ($dbh, $profile_name, $agent_view,
|
||||
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
|
||||
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
|
||||
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
|
||||
|
||||
return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,incident_view,incident_edit,incident_management,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
|
||||
safe_input($profile_name), $incident_view,$incident_edit, $incident_management, $agent_view,
|
||||
return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
|
||||
safe_input($profile_name), $agent_view,
|
||||
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
|
||||
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
|
||||
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
|
||||
|
|
@ -579,14 +579,14 @@ sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
|
|||
##########################################################################
|
||||
#### Update profile.
|
||||
###########################################################################
|
||||
sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
|
||||
my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
|
||||
sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$) {
|
||||
my ($dbh, $profile_name, $agent_view,
|
||||
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
|
||||
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
|
||||
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
|
||||
|
||||
return db_update ($dbh, 'UPDATE tperfil SET incident_view = ?, incident_edit = ?, incident_management = ?, agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
|
||||
$incident_view,$incident_edit, $incident_management, $agent_view,
|
||||
return db_update ($dbh, 'UPDATE tperfil SET agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
|
||||
$agent_view,
|
||||
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
|
||||
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
|
||||
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management, safe_input($profile_name));
|
||||
|
|
@ -4008,7 +4008,7 @@ sub cli_add_profile() {
|
|||
##############################################################################
|
||||
|
||||
sub cli_create_profile() {
|
||||
my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
|
||||
my ($profile_name,$agent_view,
|
||||
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
|
||||
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
|
||||
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
|
||||
|
|
@ -4016,7 +4016,7 @@ sub cli_create_profile() {
|
|||
my $id_profile = get_profile_id($dbh,$profile_name);
|
||||
non_exist_check($id_profile,'profile',$profile_name);
|
||||
|
||||
pandora_create_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
|
||||
pandora_create_profile ($dbh, $profile_name, $agent_view,
|
||||
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
|
||||
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
|
||||
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
|
||||
|
|
@ -4028,7 +4028,7 @@ sub cli_create_profile() {
|
|||
##############################################################################
|
||||
#
|
||||
sub cli_update_profile() {
|
||||
my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
|
||||
my ($profile_name,$agent_view,
|
||||
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
|
||||
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
|
||||
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
|
||||
|
|
@ -4036,7 +4036,7 @@ sub cli_update_profile() {
|
|||
my $id_profile = get_profile_id($dbh,$profile_name);
|
||||
exist_check($id_profile,'profile',$profile_name);
|
||||
|
||||
pandora_update_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
|
||||
pandora_update_profile ($dbh, $profile_name, $agent_view,
|
||||
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
|
||||
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
|
||||
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
|
||||
|
|
|
|||
Loading…
Reference in New Issue