tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

changes in dashboard permissions

This commit is contained in:
alejandro-campos 2021-01-15 13:52:31 +01:00
parent 884a7cabf7
commit a0931d7ada
21 changed files with 456 additions and 381 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
pandora_console/include/class/NetworkMap.class.php
View File

@ -3499,39 +3499,41 @@ class NetworkMap
* *
* @return string HTML code. * @return string HTML code.
*/ */
public function printMap($return=false) public function printMap($return=false, $ignore_acl=false)
{ {
global $config; global $config;
$networkmap = $this->map; $networkmap = $this->map;
// ACL. if ($ignore_acl === false) {
$networkmap_read = check_acl( // ACL.
$config['id_user'], $networkmap_read = check_acl(
$networkmap['id_group'], $config['id_user'],
'MR' $networkmap['id_group'],
); 'MR'
$networkmap_write = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MW'
);
$networkmap_manage = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MM'
);
if (!$networkmap_read
&& !$networkmap_write
&& !$networkmap_manage
) {
db_pandora_audit(
'ACL Violation',
'Trying to access networkmap'
); );
include 'general/noaccess.php'; $networkmap_write = check_acl(
return ''; $config['id_user'],
$networkmap['id_group'],
'MW'
);
$networkmap_manage = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MM'
);
if (!$networkmap_read
&& !$networkmap_write
&& !$networkmap_manage
) {
db_pandora_audit(
'ACL Violation',
'Trying to access networkmap'
);
include 'general/noaccess.php';
return '';
}
} }
$user_readonly = !$networkmap_write && !$networkmap_manage; $user_readonly = !$networkmap_write && !$networkmap_manage;

24
pandora_console/include/functions_html.php
View File

@ -1249,13 +1249,15 @@ function html_print_select_multiple_modules_filtered(array $data):string
$uniqId = $data['uniqId']; $uniqId = $data['uniqId'];
$return_all_group = isset($data['mReturnAllGroup']) ? $data['mReturnAllGroup'] : true;
// Group. // Group.
$output = '<div>'; $output = '<div>';
$output .= html_print_input( $output .= html_print_input(
[ [
'label' => __('Group'), 'label' => __('Group'),
'name' => 'filtered-module-group-'.$uniqId, 'name' => 'filtered-module-group-'.$uniqId,
'returnAllGroup' => true, 'returnAllGroup' => $return_all_group,
'privilege' => 'AR', 'privilege' => 'AR',
'type' => 'select_groups', 'type' => 'select_groups',
'return' => true, 'return' => true,
@ -1312,6 +1314,15 @@ function html_print_select_multiple_modules_filtered(array $data):string
$agents = []; $agents = [];
} }
if ($data['mShowSelectedOtherGroups']) {
$selected_agents = explode(',', $data['mAgents']);
foreach ($selected_agents as $agent_id) {
if (!array_key_exists($agent_id, $agents)) {
$agents[$agent_id] = agents_get_alias($agent_id);
}
}
}
$output .= html_print_input( $output .= html_print_input(
[ [
'label' => __('Agents'), 'label' => __('Agents'),
@ -1350,6 +1361,17 @@ function html_print_select_multiple_modules_filtered(array $data):string
false false
); );
if ($data['mShowSelectedOtherGroups']) {
$selected_modules_ids = explode(',', $data['mModules']);
foreach ($selected_modules_ids as $id) {
if (!array_key_exists($id, $all_modules)) {
$module_data = modules_get_agentmodule($id);
$all_modules[$id] = $module_data['nombre'];
}
}
}
$output .= html_print_input( $output .= html_print_input(
[ [
'label' => __('Modules'), 'label' => __('Modules'),

5
pandora_console/include/functions_networkmap.php
View File

@ -1234,7 +1234,8 @@ function networkmap_get_networkmaps(
$id_user=null, $id_user=null,
$type=null, $type=null,
$optgrouped=true, $optgrouped=true,
$strict_user=false $strict_user=false,
$return_all_group=true
) { ) {
global $config; global $config;
@ -1245,7 +1246,7 @@ function networkmap_get_networkmaps(
// Configure filters // Configure filters
$where = []; $where = [];
$where['type'] = MAP_TYPE_NETWORKMAP; $where['type'] = MAP_TYPE_NETWORKMAP;
$where['id_group'] = array_keys(users_get_groups($id_user)); $where['id_group'] = array_keys(users_get_groups($id_user, 'AR', $return_all_group));
if (!empty($type)) { if (!empty($type)) {
$where['subtype'] = $type; $where['subtype'] = $type;
} }

4
pandora_console/include/functions_reporting.php
View File

@ -9962,7 +9962,7 @@ function reporting_get_group_stats($id_group=0, $access='AR', $recursion=true)
* *
* @return array Group statistics * @return array Group statistics
*/ */
function reporting_get_group_stats_resume($id_group=0, $access='AR') function reporting_get_group_stats_resume($id_group=0, $access='AR', $ignore_permissions=false)
{ {
global $config; global $config;
@ -9998,7 +9998,7 @@ function reporting_get_group_stats_resume($id_group=0, $access='AR')
$cur_time = get_system_time(); $cur_time = get_system_time();
// Check for access credentials using check_acl. More overhead, much safer. // Check for access credentials using check_acl. More overhead, much safer.
if (!check_acl($config['id_user'], $id_group, $access)) { if ($ignore_permissions === false && !check_acl($config['id_user'], $id_group, $access)) {
return $data; return $data;
} }

4
pandora_console/include/functions_reports.php
View File

@ -150,6 +150,10 @@ function reports_get_reports(
) { ) {
continue; continue;
} }
} else {
if ($returnAllGroup === false) {
continue;
}
} }
array_push($reports, $report); array_push($reports, $report);

19
pandora_console/include/functions_visual_map.php
View File

@ -3716,7 +3716,8 @@ function visual_map_get_user_layouts(
$only_names=false, $only_names=false,
$filter=false, $filter=false,
$returnAllGroup=true, $returnAllGroup=true,
$favourite=false $favourite=false,
$check_user_groups=true
) { ) {
if (! is_array($filter)) { if (! is_array($filter)) {
$filter = []; $filter = [];
@ -3763,7 +3764,21 @@ function visual_map_get_user_layouts(
unset($filter['group']); unset($filter['group']);
} }
if (!empty($groups)) { $return_all_group = false;
if (users_can_manage_group_all()) {
$return_all_group = true;
}
if (isset($filter['can_manage_group_all'])) {
if ($filter['can_manage_group_all'] === false) {
unset($groups[0]);
}
unset($filter['can_manage_group_all']);
}
if ($check_user_groups === true && !empty($groups)) {
if (empty($where)) { if (empty($where)) {
$where = ''; $where = '';
} }

3
pandora_console/include/javascript/pandora_dashboards.js
View File

@ -782,7 +782,8 @@ function dashboardLoadNetworkMap(settings) {
zoom_dash: settings.zoom_dash, zoom_dash: settings.zoom_dash,
auth_class: settings.auth_class, auth_class: settings.auth_class,
auth_hash: settings.auth_hash, auth_hash: settings.auth_hash,
id_user: settings.id_user id_user: settings.id_user,
ignore_acl: 1
}, },
dataType: "html", dataType: "html",
success: function(data) { success: function(data) {

262
pandora_console/include/javascript/pandora_ui.js
View File

@ -173,138 +173,148 @@ function load_modal(settings) {
} }
if (settings.modal.ok != undefined) { if (settings.modal.ok != undefined) {
var btnClickHandler = function(d) {
if (AJAX_RUNNING) return;
if (settings.onsubmit != undefined) {
if (settings.onsubmit.preaction != undefined) {
settings.onsubmit.preaction();
}
AJAX_RUNNING = 1;
if (settings.onsubmit.dataType == undefined) {
settings.onsubmit.dataType = "html";
}
var formdata = new FormData();
if (settings.extradata) {
settings.extradata.forEach(function(item) {
if (item.value != undefined)
formdata.append(item.name, item.value);
});
}
formdata.append("page", settings.onsubmit.page);
formdata.append("method", settings.onsubmit.method);
var flagError = false;
if (Array.isArray(settings.form) === false) {
$("#" + settings.form + " :input").each(function() {
if (this.checkValidity() === false) {
$(this).attr("title", this.validationMessage);
$(this).tooltip({
tooltipClass: "uitooltip",
position: {
my: "right bottom",
at: "right top",
using: function(position, feedback) {
$(this).css(position);
$("<div>")
.addClass("arrow")
.addClass(feedback.vertical)
.addClass(feedback.horizontal)
.appendTo(this);
}
}
});
$(this).tooltip("open");
var element = $(this);
setTimeout(
function(element) {
element.tooltip("destroy");
element.removeAttr("title");
},
3000,
element
);
flagError = true;
}
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
});
} else {
settings.form.forEach(function(element) {
$("#" + element + " :input, #" + element + " textarea").each(
function() {
// TODO VALIDATE ALL INPUTS.
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
}
);
});
}
if (flagError === false) {
if (
settings.onsubmitClose != undefined &&
settings.onsubmitClose == 1
) {
d.dialog("close");
}
$.ajax({
method: "post",
url: settings.url,
processData: false,
contentType: false,
data: formdata,
dataType: settings.onsubmit.dataType,
success: function(data) {
console.log("successsssssssssssss");
console.log(data);
if (settings.ajax_callback != undefined) {
if (settings.idMsgCallback != undefined) {
settings.ajax_callback(data, settings.idMsgCallback);
} else {
settings.ajax_callback(data);
}
}
AJAX_RUNNING = 0;
}
});
} else {
AJAX_RUNNING = 0;
}
} else {
// No onsumbit configured. Directly close.
d.dialog("close");
if (document.getElementById(settings.form) != undefined) {
document.getElementById(settings.form).submit();
}
}
}
required_buttons.push({ required_buttons.push({
class: class:
"ui-widget ui-state-default ui-corner-all ui-button-text-only sub ok submit-next", "ui-widget ui-state-default ui-corner-all ui-button-text-only sub ok submit-next",
text: settings.modal.ok, text: settings.modal.ok,
click: function() { click: function() {
if (AJAX_RUNNING) return; if (settings.onsubmit != undefined && settings.onsubmit.onConfirmSubmit != undefined) {
if (settings.onsubmit != undefined) { settings.onsubmit.onConfirmSubmit(btnClickHandler, $(this));
if (settings.onsubmit.preaction != undefined) {
settings.onsubmit.preaction();
}
AJAX_RUNNING = 1;
if (settings.onsubmit.dataType == undefined) {
settings.onsubmit.dataType = "html";
}
var formdata = new FormData();
if (settings.extradata) {
settings.extradata.forEach(function(item) {
if (item.value != undefined)
formdata.append(item.name, item.value);
});
}
formdata.append("page", settings.onsubmit.page);
formdata.append("method", settings.onsubmit.method);
var flagError = false;
if (Array.isArray(settings.form) === false) {
$("#" + settings.form + " :input").each(function() {
if (this.checkValidity() === false) {
$(this).attr("title", this.validationMessage);
$(this).tooltip({
tooltipClass: "uitooltip",
position: {
my: "right bottom",
at: "right top",
using: function(position, feedback) {
$(this).css(position);
$("<div>")
.addClass("arrow")
.addClass(feedback.vertical)
.addClass(feedback.horizontal)
.appendTo(this);
}
}
});
$(this).tooltip("open");
var element = $(this);
setTimeout(
function(element) {
element.tooltip("destroy");
element.removeAttr("title");
},
3000,
element
);
flagError = true;
}
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
});
} else {
settings.form.forEach(function(element) {
$("#" + element + " :input, #" + element + " textarea").each(
function() {
// TODO VALIDATE ALL INPUTS.
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
}
);
});
}
if (flagError === false) {
if (
settings.onsubmitClose != undefined &&
settings.onsubmitClose == 1
) {
$(this).dialog("close");
}
$.ajax({
method: "post",
url: settings.url,
processData: false,
contentType: false,
data: formdata,
dataType: settings.onsubmit.dataType,
success: function(data) {
if (settings.ajax_callback != undefined) {
if (settings.idMsgCallback != undefined) {
settings.ajax_callback(data, settings.idMsgCallback);
} else {
settings.ajax_callback(data);
}
}
AJAX_RUNNING = 0;
}
});
} else {
AJAX_RUNNING = 0;
}
} else { } else {
// No onsumbit configured. Directly close. btnClickHandler($(this));
$(this).dialog("close");
if (document.getElementById(settings.form) != undefined) {
document.getElementById(settings.form).submit();
}
} }
}, },
error: function(data) { error: function(data) {

38
pandora_console/include/lib/Dashboard/Widgets/agent_module.php
View File

@ -244,18 +244,26 @@ class AgentModuleWidget extends Widget
'label' => __('Filter modules'), 'label' => __('Filter modules'),
]; ];
$return_all_group = false;
if (users_can_manage_group_all('RM') || $this->values['mGroup'] == 0) {
$return_all_group = true;
}
$inputs[] = [ $inputs[] = [
'class' => 'flex flex-row', 'class' => 'flex flex-row',
'id' => 'select_multiple_modules_filtered', 'id' => 'select_multiple_modules_filtered',
'arguments' => [ 'arguments' => [
'type' => 'select_multiple_modules_filtered', 'type' => 'select_multiple_modules_filtered',
'uniqId' => $this->cellId, 'uniqId' => $this->cellId,
'mGroup' => $this->values['mGroup'], 'mGroup' => $this->values['mGroup'],
'mRecursion' => $this->values['mRecursion'], 'mRecursion' => $this->values['mRecursion'],
'mModuleGroup' => $this->values['mModuleGroup'], 'mModuleGroup' => $this->values['mModuleGroup'],
'mAgents' => $this->values['mAgents'], 'mAgents' => $this->values['mAgents'],
'mShowCommonModules' => $this->values['mShowCommonModules'], 'mShowCommonModules' => $this->values['mShowCommonModules'],
'mModules' => $this->values['mModules'], 'mModules' => $this->values['mModules'],
'mShowSelectedOtherGroups' => true,
'mReturnAllGroup' => $return_all_group,
], ],
]; ];
@ -324,10 +332,6 @@ class AgentModuleWidget extends Widget
} }
foreach ($agents as $agent) { foreach ($agents as $agent) {
if (!users_access_to_agent($agent['id_agente'])) {
continue;
}
$row = []; $row = [];
$row['agent_status'] = agents_get_status( $row['agent_status'] = agents_get_status(
$agent['id_agente'], $agent['id_agente'],
@ -335,10 +339,18 @@ class AgentModuleWidget extends Widget
); );
$row['agent_name'] = $agent['nombre']; $row['agent_name'] = $agent['nombre'];
$row['agent_alias'] = $agent['alias']; $row['agent_alias'] = $agent['alias'];
$agent_modules = agents_get_modules(
$sql = sprintf(
'SELECT id_agente_modulo, nombre
FROM tagente_modulo
WHERE id_agente = %d',
$agent['id_agente'] $agent['id_agente']
); );
$agent_modules = db_get_all_rows_sql($sql);
$agent_modules = array_combine(array_column($agent_modules, 'id_agente_modulo'), array_column($agent_modules, 'nombre'));
$row['modules'] = []; $row['modules'] = [];
foreach ($modules_by_name as $module) { foreach ($modules_by_name as $module) {
$row['modules'][$module['name']] = null; $row['modules'][$module['name']] = null;

17
pandora_console/include/lib/Dashboard/Widgets/custom_graph.php
View File

@ -243,8 +243,23 @@ class CustomGraphWidget extends Widget
$values['showLegend'] = 1; $values['showLegend'] = 1;
} }
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Custom graph. // Custom graph.
$fields = \custom_graphs_get_user(); $fields = \custom_graphs_get_user(0, false, $return_all_group);
// If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['id_graph'] !== null && !array_key_exists($values['id_graph'], $fields)) {
$selected_graph = db_get_row('tgraph', 'id_graph', $values['id_graph']);
$fields[$values['id_graph']] = $selected_graph;
}
$inputs[] = [ $inputs[] = [
'label' => __('Graph'), 'label' => __('Graph'),
'arguments' => [ 'arguments' => [

43
pandora_console/include/lib/Dashboard/Widgets/events_list.php
View File

@ -364,6 +364,14 @@ class EventsListWidget extends Widget
], ],
]; ];
$return_all_group = false;
$selected_groups_array = explode(',', $values['groupId'][0]);
if (users_can_manage_group_all('RM') || in_array(0, $selected_groups_array) === true) {
// Return all group if user has permissions or it is a currently selected group.
$return_all_group = true;
}
// Groups. // Groups.
$inputs[] = [ $inputs[] = [
'label' => __('Groups'), 'label' => __('Groups'),
@ -372,9 +380,10 @@ class EventsListWidget extends Widget
'name' => 'groupId[]', 'name' => 'groupId[]',
'returnAllGroup' => true, 'returnAllGroup' => true,
'privilege' => 'AR', 'privilege' => 'AR',
'selected' => explode(',', $values['groupId'][0]), 'selected' => $selected_groups_array,
'return' => true, 'return' => true,
'multiple' => true, 'multiple' => true,
'returnAllGroup' => $return_all_group,
], ],
]; ];
@ -429,7 +438,14 @@ class EventsListWidget extends Widget
global $config; global $config;
$output = ''; $output = '';
$user_groups = \users_get_groups();
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$user_groups = \users_get_groups(false, 'AR', $return_all_group);
ui_require_css_file('events', 'include/styles/', true); ui_require_css_file('events', 'include/styles/', true);
ui_require_css_file('tables', 'include/styles/', true); ui_require_css_file('tables', 'include/styles/', true);
@ -442,14 +458,6 @@ class EventsListWidget extends Widget
return $output; return $output;
} }
foreach ($this->values['groupId'] as $id_group) {
// Sanity check for user access.
if (isset($user_groups[$id_group]) === false) {
$output .= __('You must select some group');
return;
}
}
$useTags = \tags_has_user_acl_tags($config['id_user']); $useTags = \tags_has_user_acl_tags($config['id_user']);
if ($useTags) { if ($useTags) {
if (empty($this->values['tagsId']) === true) { if (empty($this->values['tagsId']) === true) {
@ -465,9 +473,20 @@ class EventsListWidget extends Widget
$filter = []; $filter = [];
// Group all. // Group all.
if (in_array(0, $this->values['groupId'])) { if (in_array(0, $this->values['groupId'])) {
$filter['id_grupo'] = array_keys(users_get_groups()); $filter['id_grupo'] = array_keys($user_groups);
} else { } else {
$filter['id_grupo'] = $this->values['groupId']; $filter['id_grupo'] = array_intersect($this->values['groupId'], array_keys($user_groups));
}
if (empty($filter['id_grupo'])) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You have no access'),
'',
true
);
$output .= '</div>';
return $output;
} }
$filter['utimestamp'] = '>'.$unixtime; $filter['utimestamp'] = '>'.$unixtime;

22
pandora_console/include/lib/Dashboard/Widgets/graph_module_histogram.php
View File

@ -384,28 +384,6 @@ class GraphModuleHistogramWidget extends Widget
$id_group = \agents_get_agent_group($id_agent); $id_group = \agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$content = [ $content = [
'id_agent_module' => $id_module, 'id_agent_module' => $id_module,
'period' => $period, 'period' => $period,

27
pandora_console/include/lib/Dashboard/Widgets/groups_status.php
View File

@ -259,33 +259,10 @@ class GroupsStatusWidget extends Widget
include_once $config['homedir'].'/include/functions_graph.php'; include_once $config['homedir'].'/include/functions_graph.php';
$output = ''; $output = '';
// Check ACL.
$user_groups = \users_get_groups(false, 'AR', false); $user_groups = \users_get_groups(false, 'AR', false);
if (empty($this->values['groupId']) === true) { $stats = \reporting_get_group_stats_resume($this->values['groupId'], 'AR', true);
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
// Sanity check for user access.
if (isset($user_groups[$this->values['groupId']]) === false) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$stats = \reporting_get_group_stats_resume($this->values['groupId']);
$data = '<div class="widget-groups-status"><span>'; $data = '<div class="widget-groups-status"><span>';
$data .= ui_print_group_icon( $data .= ui_print_group_icon(

30
pandora_console/include/lib/Dashboard/Widgets/maps_status.php
View File

@ -215,14 +215,41 @@ class MapsStatusWidget extends Widget
include_once $config['homedir'].'/include/functions_visual_map.php'; include_once $config['homedir'].'/include/functions_visual_map.php';
$dataVc = \visual_map_get_user_layouts( $return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$selected = explode(',', $values['maps'][0]);
$dataAllVc = \visual_map_get_user_layouts(
$config['id_user'], $config['id_user'],
false, false,
[], [],
true, true,
false,
false false
); );
$dataVc = \visual_map_get_user_layouts(
$config['id_user'],
false,
['can_manage_group_all' => $return_all_group],
$return_all_group,
false
);
$diff = array_diff_key($dataAllVc, $dataVc);
if (!empty($diff)) {
foreach ($diff as $key => $value) {
if (in_array($key, $selected)) {
$dataVc[$key] = $value;
}
}
}
$fields = array_reduce( $fields = array_reduce(
$dataVc, $dataVc,
function ($carry, $item) { function ($carry, $item) {
@ -280,6 +307,7 @@ class MapsStatusWidget extends Widget
false, false,
[], [],
true, true,
false,
false false
); );

21
pandora_console/include/lib/Dashboard/Widgets/module_icon.php
View File

@ -480,32 +480,11 @@ class ModuleIconWidget extends Widget
$output = ''; $output = '';
$id_group = \agents_get_agent_group($this->values['agentId']); $id_group = \agents_get_agent_group($this->values['agentId']);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$modulesAgent = \modules_get_agentmodule_agent( $modulesAgent = \modules_get_agentmodule_agent(
$this->values['moduleId'] $this->values['moduleId']
); );
if ($modulesAgent !== (int) $this->values['agentId']) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = \modules_get_last_value( $data_module = \modules_get_last_value(
$this->values['moduleId'] $this->values['moduleId']
); );

22
pandora_console/include/lib/Dashboard/Widgets/module_status.php
View File

@ -457,30 +457,8 @@ class ModuleStatusWidget extends Widget
$id_agent = $this->values['agentId']; $id_agent = $this->values['agentId'];
$id_group = agents_get_agent_group($id_agent); $id_group = agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$id_module = $this->values['moduleId']; $id_module = $this->values['moduleId'];
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$icon = $this->values['imageSrc']; $icon = $this->values['imageSrc'];
$label = $this->values['label']; $label = $this->values['label'];
$sizeLabel = (isset($this->values['sizeLabel']) === true) ? $this->values['sizeLabel'] : 30; $sizeLabel = (isset($this->values['sizeLabel']) === true) ? $this->values['sizeLabel'] : 30;

22
pandora_console/include/lib/Dashboard/Widgets/module_table_value.php
View File

@ -366,28 +366,6 @@ class ModuleTableValueWidget extends Widget
$id_module = $this->values['moduleId']; $id_module = $this->values['moduleId'];
$size_text = $this->values['sizeLabel']; $size_text = $this->values['sizeLabel'];
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = modules_get_last_value($id_module); $data_module = modules_get_last_value($id_module);
$value = (string) $data_module; $value = (string) $data_module;

22
pandora_console/include/lib/Dashboard/Widgets/module_value.php
View File

@ -382,30 +382,8 @@ class ModuleValueWidget extends Widget
$id_agent = $this->values['agentId']; $id_agent = $this->values['agentId'];
$id_group = agents_get_agent_group($id_agent); $id_group = agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$id_module = $this->values['moduleId']; $id_module = $this->values['moduleId'];
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = \modules_get_last_value($id_module); $data_module = \modules_get_last_value($id_module);
$label = $this->values['label']; $label = $this->values['label'];

15
pandora_console/include/lib/Dashboard/Widgets/network_map.php
View File

@ -262,8 +262,21 @@ class NetworkMapWidget extends Widget
$values['zoomLevel'] = 0.5; $values['zoomLevel'] = 0.5;
} }
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Map. // Map.
$fields = \networkmap_get_networkmaps(); $fields = \networkmap_get_networkmaps(null, null, true, false, $return_all_group);
// If currently selected networkmap is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
if ($values['networkmapId'] !== null && !array_key_exists($values['networkmapId'], $fields)) {
$selected_networkmap = db_get_row('tmap', 'id', $values['networkmapId']);
$fields[$values['networkmapId']] = $selected_networkmap;
}
$inputs[] = [ $inputs[] = [
'label' => __('Map'), 'label' => __('Map'),

17
pandora_console/include/lib/Dashboard/Widgets/reports.php
View File

@ -217,8 +217,23 @@ class ReportsWidget extends Widget
// Retrieve global - common inputs. // Retrieve global - common inputs.
$inputs = parent::getFormInputs(); $inputs = parent::getFormInputs();
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Reports. // Reports.
$reports = \reports_get_reports(false, ['id_report', 'name']); $reports = \reports_get_reports(false, ['id_report', 'name'], $return_all_group);
// If currently selected report is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['reportId'] !== null && !in_array($values['reportId'], array_column($reports, 'id_report'))) {
$selected_report = db_get_row('treport', 'id_report', $values['reportId']);
$reports[] = $selected_report;
}
$fields = array_reduce( $fields = array_reduce(
$reports, $reports,
function ($carry, $item) { function ($carry, $item) {

164
pandora_console/include/lib/Dashboard/Widgets/system_group_status.php
View File

@ -267,10 +267,21 @@ class SystemGroupStatusWidget extends Widget
); );
} }
$return_all_group = false;
// Restrict access to group. // Restrict access to group.
$selected_groups = []; $selected_groups = [];
if ($values['groupId']) { if ($values['groupId']) {
$selected_groups = explode(',', $values['groupId'][0]); $selected_groups = explode(',', $values['groupId'][0]);
if (users_can_manage_group_all('RM') || ($selected_groups[0] !== '' && in_array(0, $selected_groups) === true)) {
// Return all group if user has permissions or it is a currently selected group.
$return_all_group = true;
}
} else {
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
} }
$inputs[] = [ $inputs[] = [
@ -283,6 +294,7 @@ class SystemGroupStatusWidget extends Widget
'selected' => $selected_groups, 'selected' => $selected_groups,
'return' => true, 'return' => true,
'multiple' => true, 'multiple' => true,
'returnAllGroup' => $return_all_group,
], ],
]; ];
@ -351,33 +363,84 @@ class SystemGroupStatusWidget extends Widget
exit; exit;
} }
// Groups and tags. $return_all_group = false;
$result_groups_info = \groupview_get_groups_list(
$config['id_user'],
($agent_a === 1) ? 'AR' : (($agent_w === 1) ? 'AW' : 'AR')
);
$result_groups = $result_groups_info['groups']; if (users_can_manage_group_all('AR')) {
$result_groups = array_reduce( $return_all_group = true;
$result_groups,
function ($carry, $item) {
$carry[$item['_id_']] = $item;
return $carry;
},
[]
);
$this->values['groupId'] = explode(',', $this->values['groupId'][0]);
if (count($this->values['groupId']) === 1
&& in_array(0, $this->values['groupId']) === true
) {
$this->values['groupId'] = [];
foreach ($result_groups as $key => $value) {
$this->values['groupId'][] = $key;
}
} }
$user_groups = users_get_groups(false, 'AR', $return_all_group);
$selected_groups = explode(',', $this->values['groupId'][0]);
if ($selected_groups[0] === '') {
return;
}
$all_counters = [];
if (in_array(0, $selected_groups)) {
$all_groups = db_get_all_rows_sql('select id_grupo from tgrupo');
$all_groups_id = array_column($all_groups, 'id_grupo');
$all_groups_counters = groupview_get_modules_counters($all_groups_id);
$all_counters['g'] = 0;
$all_counters['name'] = __('All');
$all_counters['total_module_normal'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_normal'];
},
0
);
$all_counters['total_module_warning'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_warning'];
},
0
);
$all_counters['total_module_critical'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_critical'];
},
0
);
$all_counters['total_module_alerts'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_alerts'];
},
0
);
$all_group_key = array_search(0, $selected_groups);
unset($selected_groups[$all_group_key]);
}
$module_counters = groupview_get_modules_counters($selected_groups);
foreach ($module_counters as $key => $item) {
$module_counters[$key]['name'] = groups_get_name($item['g']);
}
$keys = array_column($module_counters, 'g');
$values = array_values($module_counters);
$result_groups = array_combine($keys, $values);
if (empty($all_counters) === false) {
$result_groups[0] = $all_counters;
}
$this->values['groupId'] = explode(',', $this->values['groupId'][0]);
$this->values['status'] = explode(',', $this->values['status'][0]); $this->values['status'] = explode(',', $this->values['status'][0]);
$style = 'font-size: 12px; text-align: center;'; $style = 'font-size: 12px; text-align: center;';
@ -423,38 +486,25 @@ class SystemGroupStatusWidget extends Widget
$group = $result_groups[$groupId]; $group = $result_groups[$groupId];
} else { } else {
$group = [ $group = [
'_monitors_critical_' => 0, 'total_module_critical' => 0,
'_monitors_warning_' => 0, '_monitors_warning_' => 0,
'_monitors_unknown_' => 0, 'total_module_normal' => 0,
'_monitors_not_init_' => 0, 'total_module_alerts' => 0,
'_monitors_ok_' => 0, 'total_module_warning' => 0,
'_monitor_checks_' => 0, 'name' => groups_get_name($groupId),
'_monitors_alerts_fired_' => 0, 'g' => $groupId,
'_agents_critical_' => 0,
'_agents_warning_' => 0,
'_agents_unknown_' => 0,
'_agents_not_init_' => 0,
'_agents_ok_' => 0,
'_total_agents_' => 0,
'_name_' => groups_get_name($groupId),
'_id_' => $groupId,
'_icon_' => groups_get_icon($groupId),
'_monitor_not_normal_' => 0,
]; ];
} }
if ($group['_id_'] === 0) {
continue;
}
$flag_groups = true; $flag_groups = true;
$show_link = array_key_exists($group['g'], $user_groups);
if ((in_array($group['_id_'], $this->values['groupId'])) === true) { if ((in_array($group['g'], $this->values['groupId'])) === true) {
$table->data[$i][] = '<span>'.$group['_name_'].'</span>'; $table->data[$i][] = '<span>'.$group['name'].'</span>';
$url = $config['homeurl'].'index.php'; $url = $config['homeurl'].'index.php';
$url .= '?sec=estado&sec2=operation/agentes/status_monitor'; $url .= '?sec=estado&sec2=operation/agentes/status_monitor';
$url .= '&ag_group='.$group['_id_']; $url .= '&ag_group='.$group['g'];
if ($show_normal === true) { if ($show_normal === true) {
$outputLine = '<div style="background-color:#82b92e">'; $outputLine = '<div style="background-color:#82b92e">';
@ -462,9 +512,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= '<a title="'.__('Modules in normal status'); $outputLine .= '<a title="'.__('Modules in normal status');
$outputLine .= '" class="group_view_data"'; $outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"'; $outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url; $outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&status='.AGENT_STATUS_NORMAL.'">'; $outputLine .= '&status='.AGENT_STATUS_NORMAL.'">';
$outputLine .= $group['_monitors_ok_']; $outputLine .= $group['total_module_normal'];
$outputLine .= '</a>'; $outputLine .= '</a>';
$outputLine .= '</span>'; $outputLine .= '</span>';
$outputLine .= '</div>'; $outputLine .= '</div>';
@ -478,9 +528,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= '<a title="'.__('Modules in warning status'); $outputLine .= '<a title="'.__('Modules in warning status');
$outputLine .= '" class="group_view_data"'; $outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"'; $outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url; $outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&status='.AGENT_STATUS_WARNING.'">'; $outputLine .= '&status='.AGENT_STATUS_WARNING.'">';
$outputLine .= $group['_monitors_warning_']; $outputLine .= $group['total_module_warning'];
$outputLine .= '</a>'; $outputLine .= '</a>';
$outputLine .= '</span>'; $outputLine .= '</span>';
$outputLine .= '</div>'; $outputLine .= '</div>';
@ -495,9 +545,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= __('Modules in critical status'); $outputLine .= __('Modules in critical status');
$outputLine .= '" class="group_view_data"'; $outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"'; $outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url; $outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&status='.AGENT_STATUS_CRITICAL.'">'; $outputLine .= '&status='.AGENT_STATUS_CRITICAL.'">';
$outputLine .= $group['_monitors_critical_']; $outputLine .= $group['total_module_critical'];
$outputLine .= '</a>'; $outputLine .= '</a>';
$outputLine .= '</span>'; $outputLine .= '</span>';
$outputLine .= '</div>'; $outputLine .= '</div>';
@ -511,9 +561,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= '<a title="'.__('Alerts fired'); $outputLine .= '<a title="'.__('Alerts fired');
$outputLine .= '" class="group_view_data"'; $outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"'; $outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url; $outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&filter=fired">'; $outputLine .= '&filter=fired">';
$outputLine .= $group['_monitors_alerts_fired_']; $outputLine .= $group['total_module_alerts'];
$outputLine .= '</a>'; $outputLine .= '</a>';
$outputLine .= '</span>'; $outputLine .= '</span>';
$outputLine .= '</div>'; $outputLine .= '</div>';
@ -533,7 +583,7 @@ class SystemGroupStatusWidget extends Widget
} else { } else {
$output .= '<div class="container-center">'; $output .= '<div class="container-center">';
$output .= \ui_print_info_message( $output .= \ui_print_info_message(
__('Not modules in this groups'), __('No modules in selected groups'),
'', '',
true true
); );