diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index 05d7c5f292..19dcc00b35 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,10 @@ +2011-07-21 Sergio Martin + + * godmode/users/profile_list.php + godmode/users/configure_profile.php: Fixed url sec into + profile management and target screen when create, update + or delete a profile for bug 3372293 + 2011-07-21 Sergio Martin * operation/incidents/incident.list.php: fixed table diff --git a/pandora_console/godmode/users/configure_profile.php b/pandora_console/godmode/users/configure_profile.php index e4faaacf52..67f674f54e 100644 --- a/pandora_console/godmode/users/configure_profile.php +++ b/pandora_console/godmode/users/configure_profile.php @@ -43,125 +43,8 @@ $buttons[$tab]['active'] = true; ui_print_page_header (__('User management').' » '.__('Profiles defined in Pandora'), "images/god3.png", false, "", true, $buttons); $new_profile = (bool) get_parameter ('new_profile'); -$create_profile = (bool) get_parameter ('create_profile'); -$delete_profile = (bool) get_parameter ('delete_profile'); -$update_profile = (bool) get_parameter ('update_profile'); $id_profile = (int) get_parameter ('id'); -// Profile deletion -if ($delete_profile) { - // Delete profile - $profile = db_get_row('tperfil', 'id_perfil', $id_profile); - $sql = sprintf ('DELETE FROM tperfil WHERE id_perfil = %d', $id_profile); - $ret = db_process_sql ($sql); - if ($ret === false) { - echo '

'.__('There was a problem deleting the profile').'

'; - } - else { - db_pandora_audit("Profile management", - "Delete profile ". $profile['name']); - - echo '

'.__('Successfully deleted').'

'; - echo '« Back'; - } - - //Delete profile from user data - $sql = sprintf ('DELETE FROM tusuario_perfil WHERE id_perfil = %d', $id_profile); - db_process_sql ($sql); - - $id_profile = 0; -} - -// Update profile -if ($update_profile) { - $name = get_parameter ("name"); - $incident_view = (bool) get_parameter ("incident_view"); - $incident_edit = (bool) get_parameter ("incident_edit"); - $incident_management = (bool) get_parameter ("incident_management"); - $agent_view = (bool) get_parameter ("agent_view"); - $agent_edit = (bool) get_parameter ("agent_edit"); - $alert_edit = (bool) get_parameter ("alert_edit"); - $user_management = (bool) get_parameter ("user_management"); - $db_management = (bool) get_parameter ("db_management"); - $alert_management = (bool) get_parameter ("alert_management"); - $pandora_management = (bool) get_parameter ("pandora_management"); - - $sql = sprintf ('UPDATE tperfil SET - name = "%s", incident_view = %d, incident_edit = %d, - incident_management = %d, agent_view = %d, agent_edit = %d, - alert_edit = %d, user_management = %d, db_management = %d, - alert_management = %d, pandora_management = %d WHERE id_perfil = %d', - $name, $incident_view, $incident_edit, $incident_management, - $agent_view, $agent_edit, $alert_edit, $user_management, - $db_management, $alert_management, $pandora_management, - $id_profile); - $ret = db_process_sql ($sql); - if ($ret !== false) { - $info = 'Name: ' . $name . ' Incident view: ' . $incident_view . - ' Incident edit: ' . $incident_edit . ' Incident management: ' . $incident_management . - ' Agent view: ' . $agent_view . ' Agent edit: ' . $agent_edit . - ' Alert edit: ' . $alert_edit . ' User management: ' . $user_management . - ' DB management: ' . $db_management . ' Alert management: ' . $alert_management . - ' Pandora Management: ' . $pandora_management; - db_pandora_audit("User management", - "Update profile ". $name, false, false, $info); - - echo '

'.__('Successfully updated').'

'; - echo '« Back'; - } - else { - echo '

'; - } - $id_profile = 0; -} - -// Create profile -if ($create_profile) { - $name = get_parameter ("name"); - $incident_view = (bool) get_parameter ("incident_view"); - $incident_edit = (bool) get_parameter ("incident_edit"); - $incident_management = (bool) get_parameter ("incident_management"); - $agent_view = (bool) get_parameter ("agent_view"); - $agent_edit = (bool) get_parameter ("agent_edit"); - $alert_edit = (bool) get_parameter ("alert_edit"); - $user_management = (bool) get_parameter ("user_management"); - $db_management = (bool) get_parameter ("db_management"); - $alert_management = (bool) get_parameter ("alert_management"); - $pandora_management = (bool) get_parameter ("pandora_management"); - - $values = array( - 'name' => $name, - 'incident_view' => $incident_view, - 'incident_edit' => $incident_edit, - 'incident_management' => $incident_management, - 'agent_view' => $agent_view, - 'agent_edit' => $agent_edit, - 'alert_edit' => $alert_edit, - 'user_management' => $user_management, - 'db_management' => $db_management, - 'alert_management' => $alert_management, - 'pandora_management' => $pandora_management); - $ret = db_process_sql_insert('tperfil', $values); - - if ($ret !== false) { - echo '

'.__('Successfully created').'

'; - echo '« Back'; - - $info = 'Name: ' . $name . ' Incident view: ' . $incident_view . - ' Incident edit: ' . $incident_edit . ' Incident management: ' . $incident_management . - ' Agent view: ' . $agent_view . ' Agent edit: ' . $agent_edit . - ' Alert edit: ' . $alert_edit . ' User management: ' . $user_management . - ' DB management: ' . $db_management . ' Alert management: ' . $alert_management . - ' Pandora Management: ' . $pandora_management; - db_pandora_audit("User management", - "Created profile ". $name, false, false, $info); - } - else { - echo '

'.__('There was a problem creating this profile').'

'; - } - $id_profile = 0; -} - // Edit profile if ($id_profile || $new_profile) { @@ -243,16 +126,16 @@ if ($id_profile || $new_profile) { $table->data[5][1] = html_print_checkbox ('agent_edit', 1, $agent_edit, true); $table->data[6][0] = __('Edit alerts'); $table->data[6][1] = html_print_checkbox ('alert_edit', 1, $alert_edit, true); - $table->data[7][0] = __('Manage alerts'); - $table->data[7][1] = html_print_checkbox ('alert_management', 1, $alert_management, true); - $table->data[8][0] = __('Manage users'); - $table->data[8][1] = html_print_checkbox ('user_management', 1, $user_management, true); - $table->data[9][0] = __('Manage Database'); - $table->data[9][1] = html_print_checkbox ('db_management', 1, $db_management, true); + $table->data[7][0] = __('Manage users'); + $table->data[7][1] = html_print_checkbox ('user_management', 1, $user_management, true); + $table->data[8][0] = __('Manage Database'); + $table->data[8][1] = html_print_checkbox ('db_management', 1, $db_management, true); + $table->data[9][0] = __('Manage alerts'); + $table->data[9][1] = html_print_checkbox ('alert_management', 1, $alert_management, true); $table->data[10][0] = __('Pandora management'); $table->data[10][1] = html_print_checkbox ('pandora_management', 1, $pandora_management, true); - echo '
'; + echo ''; html_print_table ($table); diff --git a/pandora_console/godmode/users/profile_list.php b/pandora_console/godmode/users/profile_list.php index ba2788bae4..b3df77c14d 100644 --- a/pandora_console/godmode/users/profile_list.php +++ b/pandora_console/godmode/users/profile_list.php @@ -47,6 +47,122 @@ $buttons[$tab]['active'] = true; // Header ui_print_page_header (__('User management').' » '.__('Profiles defined in Pandora'), "images/god3.png", false, "", true, $buttons); +$delete_profile = (bool) get_parameter ('delete_profile'); +$create_profile = (bool) get_parameter ('create_profile'); +$update_profile = (bool) get_parameter ('update_profile'); +$id_profile = (int) get_parameter ('id'); + +// Profile deletion +if ($delete_profile) { + // Delete profile + $profile = db_get_row('tperfil', 'id_perfil', $id_profile); + $sql = sprintf ('DELETE FROM tperfil WHERE id_perfil = %d', $id_profile); + $ret = db_process_sql ($sql); + if ($ret === false) { + echo '

'.__('There was a problem deleting the profile').'

'; + } + else { + db_pandora_audit("Profile management", + "Delete profile ". $profile['name']); + + echo '

'.__('Successfully deleted').'

'; + } + + //Delete profile from user data + $sql = sprintf ('DELETE FROM tusuario_perfil WHERE id_perfil = %d', $id_profile); + db_process_sql ($sql); + + $id_profile = 0; +} + +// Update profile +if ($update_profile) { + $name = get_parameter ("name"); + $incident_view = (bool) get_parameter ("incident_view"); + $incident_edit = (bool) get_parameter ("incident_edit"); + $incident_management = (bool) get_parameter ("incident_management"); + $agent_view = (bool) get_parameter ("agent_view"); + $agent_edit = (bool) get_parameter ("agent_edit"); + $alert_edit = (bool) get_parameter ("alert_edit"); + $user_management = (bool) get_parameter ("user_management"); + $db_management = (bool) get_parameter ("db_management"); + $alert_management = (bool) get_parameter ("alert_management"); + $pandora_management = (bool) get_parameter ("pandora_management"); + + $sql = sprintf ('UPDATE tperfil SET + name = "%s", incident_view = %d, incident_edit = %d, + incident_management = %d, agent_view = %d, agent_edit = %d, + alert_edit = %d, user_management = %d, db_management = %d, + alert_management = %d, pandora_management = %d WHERE id_perfil = %d', + $name, $incident_view, $incident_edit, $incident_management, + $agent_view, $agent_edit, $alert_edit, $user_management, + $db_management, $alert_management, $pandora_management, + $id_profile); + $ret = db_process_sql ($sql); + if ($ret !== false) { + $info = 'Name: ' . $name . ' Incident view: ' . $incident_view . + ' Incident edit: ' . $incident_edit . ' Incident management: ' . $incident_management . + ' Agent view: ' . $agent_view . ' Agent edit: ' . $agent_edit . + ' Alert edit: ' . $alert_edit . ' User management: ' . $user_management . + ' DB management: ' . $db_management . ' Alert management: ' . $alert_management . + ' Pandora Management: ' . $pandora_management; + db_pandora_audit("User management", + "Update profile ". $name, false, false, $info); + + echo '

'.__('Successfully updated').'

'; + } + else { + echo '

'; + } + $id_profile = 0; +} + +// Create profile +if ($create_profile) { + $name = get_parameter ("name"); + $incident_view = (bool) get_parameter ("incident_view"); + $incident_edit = (bool) get_parameter ("incident_edit"); + $incident_management = (bool) get_parameter ("incident_management"); + $agent_view = (bool) get_parameter ("agent_view"); + $agent_edit = (bool) get_parameter ("agent_edit"); + $alert_edit = (bool) get_parameter ("alert_edit"); + $user_management = (bool) get_parameter ("user_management"); + $db_management = (bool) get_parameter ("db_management"); + $alert_management = (bool) get_parameter ("alert_management"); + $pandora_management = (bool) get_parameter ("pandora_management"); + + $values = array( + 'name' => $name, + 'incident_view' => $incident_view, + 'incident_edit' => $incident_edit, + 'incident_management' => $incident_management, + 'agent_view' => $agent_view, + 'agent_edit' => $agent_edit, + 'alert_edit' => $alert_edit, + 'user_management' => $user_management, + 'db_management' => $db_management, + 'alert_management' => $alert_management, + 'pandora_management' => $pandora_management); + $ret = db_process_sql_insert('tperfil', $values); + + if ($ret !== false) { + echo '

'.__('Successfully created').'

'; + + $info = 'Name: ' . $name . ' Incident view: ' . $incident_view . + ' Incident edit: ' . $incident_edit . ' Incident management: ' . $incident_management . + ' Agent view: ' . $agent_view . ' Agent edit: ' . $agent_edit . + ' Alert edit: ' . $alert_edit . ' User management: ' . $user_management . + ' DB management: ' . $db_management . ' Alert management: ' . $alert_management . + ' Pandora Management: ' . $pandora_management; + db_pandora_audit("User management", + "Created profile ". $name, false, false, $info); + } + else { + echo '

'.__('There was a problem creating this profile').'

'; + } + $id_profile = 0; +} + $table->cellpadding = 4; $table->cellspacing = 4; $table->class = 'databox'; @@ -94,7 +210,7 @@ foreach ($profiles as $profile) { $data[9] = ($profile["alert_management"] ? $img : ''); $data[10] = ($profile["pandora_management"] ? $img : ''); $data[11] = ''. html_print_image('images/config.png', true, array('title' => __('Edit'))) .''; - $data[11] .= '  '. html_print_image("images/cross.png", true) . ''; + $data[11] .= '  '. html_print_image("images/cross.png", true) . ''; array_push ($table->data, $data); }