From a441884a754726678ec4a47a5aaa38467b3dee52 Mon Sep 17 00:00:00 2001 From: Alejandro Gallardo Escobar Date: Wed, 15 Oct 2014 18:12:51 +0200 Subject: [PATCH] Fixed error and added new ACL checks --- pandora_console/mobile/index.php | 58 ++++-- pandora_console/mobile/operation/agent.php | 6 +- pandora_console/mobile/operation/agents.php | 6 +- pandora_console/mobile/operation/alerts.php | 6 +- pandora_console/mobile/operation/events.php | 6 +- pandora_console/mobile/operation/groups.php | 6 +- pandora_console/mobile/operation/home.php | 174 +++++++++++++----- .../mobile/operation/module_graph.php | 6 +- pandora_console/mobile/operation/modules.php | 6 +- .../mobile/operation/networkmap.php | 6 +- .../mobile/operation/networkmaps.php | 6 +- pandora_console/mobile/operation/tactical.php | 6 +- .../mobile/operation/visualmap.php | 6 +- .../mobile/operation/visualmaps.php | 6 +- 14 files changed, 224 insertions(+), 80 deletions(-) diff --git a/pandora_console/mobile/index.php b/pandora_console/mobile/index.php index f63737da2b..a2fe7a5e3f 100644 --- a/pandora_console/mobile/index.php +++ b/pandora_console/mobile/index.php @@ -39,12 +39,14 @@ require_once('operation/networkmap.php'); require_once('operation/visualmaps.php'); require_once('operation/visualmap.php'); $enterpriseHook = enterprise_include('mobile/include/enterprise.class.php'); +$enterpriseHook = enterprise_include('mobile/operation/home.php'); $system = System::getInstance(); $user = User::getInstance(); $user->hackInjectConfig(); +$page = $system->getRequest('page', 'home'); $action = $system->getRequest('action'); if (!$user->isLogged()) { $action = 'login'; @@ -58,24 +60,20 @@ if ($action != "ajax") { } } -// Disable mobile console if ALC enterprise is enabled -if ($system->getConfig('enterprise_installed') == 1 && $system->getConfig('acl_enterprise') == 1) { - $ui = Ui::getInstance(); - $system = System::getInstance(); - $ui->createPage(); - $ui->createHeader(__('Mobile console disabled')); - $ui->showFooter(false); - $ui->beginContent(); - $ui->contentAddHtml(ui_print_info_message(array('title' => '', 'message' => __('Mobile console is not available with ACL enterprise enabled. Please contact with the administrator.'), 'no_close' => true, 'force_style' => 'margin: 0 auto;'), '', true)); - $ui->endContent(); - $ui->showPage(); - return; -} - switch ($action) { case 'ajax': $parameter1 = $system->getRequest('parameter1', false); $parameter2 = $system->getRequest('parameter2', false); + + if (class_exists("Enterprise")) { + $enterprise = Enterprise::getInstance(); + + $permission = $enterprise->checkEnterpriseACL($parameter1); + + if (!$permission) { + return false; + } + } switch ($parameter1) { case 'events': @@ -119,7 +117,10 @@ switch ($action) { $l10n = new gettext_reader (new CachedFileReader('../include/languages/'.$user_language.'.mo')); $l10n->load_tables(); } - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show(); } else { @@ -132,11 +133,34 @@ switch ($action) { $user->showLogin(); break; default: - $page = $system->getRequest('page', 'home'); + if (class_exists("Enterprise")) { + $enterprise = Enterprise::getInstance(); + + if ($page != "home") { + $permission = $enterprise->checkEnterpriseACL($page); + + if (!$permission) { + $error['type'] = 'onStart'; + $error['title_text'] = __('You don\'t have access to this page'); + $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); + $home->show($error); + + return; + } + } + } + switch ($page) { case 'home': default: - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show(); break; case 'tactical': diff --git a/pandora_console/mobile/operation/agent.php b/pandora_console/mobile/operation/agent.php index 1d00ae110f..ddff185966 100644 --- a/pandora_console/mobile/operation/agent.php +++ b/pandora_console/mobile/operation/agent.php @@ -54,9 +54,13 @@ class Agent { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/agents.php b/pandora_console/mobile/operation/agents.php index d4eff0eb3c..6dae8ab623 100644 --- a/pandora_console/mobile/operation/agents.php +++ b/pandora_console/mobile/operation/agents.php @@ -141,9 +141,13 @@ class Agents { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/alerts.php b/pandora_console/mobile/operation/alerts.php index 074afb73df..b3ebfeded6 100644 --- a/pandora_console/mobile/operation/alerts.php +++ b/pandora_console/mobile/operation/alerts.php @@ -137,9 +137,13 @@ class Alerts { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/events.php b/pandora_console/mobile/operation/events.php index 465c6fa7e5..106971661e 100644 --- a/pandora_console/mobile/operation/events.php +++ b/pandora_console/mobile/operation/events.php @@ -421,9 +421,13 @@ class Events { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/groups.php b/pandora_console/mobile/operation/groups.php index e61a3d4e7b..820751cbe2 100644 --- a/pandora_console/mobile/operation/groups.php +++ b/pandora_console/mobile/operation/groups.php @@ -47,9 +47,13 @@ class Groups { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/home.php b/pandora_console/mobile/operation/home.php index d89de77c7d..5b089d95ac 100644 --- a/pandora_console/mobile/operation/home.php +++ b/pandora_console/mobile/operation/home.php @@ -13,20 +13,127 @@ // GNU General Public License for more details. class Home { - private $global_search = ''; + protected $global_search = ''; + + protected $pagesItems = array(); function __construct() { $this->global_search = ''; } + + public function getPagesItems () { + if (empty($this->pagesItems)) + $this->loadPagesItems(); + + return $this->pagesItems; + } + + protected function loadPagesItems () { + $items = array(); + + // In home + $items['tactical'] = array( + 'name' => __('Tactical view'), + 'filename' => 'tactical.php', + 'menu_item' => true, + 'icon' => 'tactical_view' + ); + $items['events'] = array( + 'name' => __('Events'), + 'filename' => 'events.php', + 'menu_item' => true, + 'icon' => 'events' + ); + $items['groups'] = array( + 'name' => __('Groups'), + 'filename' => 'groups.php', + 'menu_item' => true, + 'icon' => 'groups' + ); + $items['alerts'] = array( + 'name' => __('Alerts'), + 'filename' => 'alerts.php', + 'menu_item' => true, + 'icon' => 'alerts' + ); + $items['agents'] = array( + 'name' => __('Agents'), + 'filename' => 'agents.php', + 'menu_item' => true, + 'icon' => 'agents' + ); + $items['modules'] = array( + 'name' => __('Modules'), + 'filename' => 'modules.php', + 'menu_item' => true, + 'icon' => 'modules' + ); + $items['networkmaps'] = array( + 'name' => __('Networkmaps'), + 'filename' => 'networkmaps.php', + 'menu_item' => true, + 'icon' => 'network_maps' + ); + $items['visualmaps'] = array( + 'name' => __('Visual consoles'), + 'filename' => 'visualmaps.php', + 'menu_item' => true, + 'icon' => 'visual_console' + ); + + // Not in home + $items['agent'] = array( + 'name' => __('Agent'), + 'filename' => 'agent.php', + 'menu_item' => false, + 'icon' => '' + ); + $items['module_graph'] = array( + 'name' => __('Module graph'), + 'filename' => 'module_graph.php', + 'menu_item' => false, + 'icon' => '' + ); + $items['networkmap'] = array( + 'name' => __('Networkmap'), + 'filename' => 'networkmap.php', + 'menu_item' => false, + 'icon' => '' + ); + $items['visualmap'] = array( + 'name' => __('Visualmap'), + 'filename' => 'visualmap.php', + 'menu_item' => false, + 'icon' => '' + ); + + + $this->pagesItems = $items; + } + + protected function loadButtons ($ui) { + if (empty($this->pagesItems) && $this->pagesItems !== false) + $this->loadPagesItems(); + + foreach ($this->pagesItems as $page => $data) { + if ($data['menu_item']) { + $options = array( + 'icon' => $data['icon'], + 'pos' => 'right', + 'text' => $data['name'], + 'href' => "index.php?page=$page" + ); + $ui->contentAddHtml($ui->createButton($options)); + } + } + } - public function show() { - global $config; - - require_once ($config["homedir"] . '/include/functions_graph.php'); - + public function show($error = false) { + $system = System::getInstance(); $ui = Ui::getInstance(); - $system = System::getInstance(); - + + require_once ($system->getConfig("homedir") . '/include/functions_graph.php'); + $ui->createPage(); if ($system->getRequest('hide_logout', 0)) { $left_button = null; @@ -39,8 +146,9 @@ class Home { } $user_logged = ''; - if (isset($config['id_user'])) { - $user_logged = '' . $config['id_user'] . ''; + $id_user = $system->getConfig("id_user"); + if (!empty($id_user)) { + $user_logged = "$id_user"; } $ui->createHeader(__("Home"), $left_button, $user_logged); @@ -56,49 +164,13 @@ class Home { $ui->endForm(); //List of buttons - $options = array('icon' => 'tactical_view', - 'pos' => 'right', - 'text' => __('Tactical view'), - 'href' => 'index.php?page=tactical'); - $ui->contentAddHtml($ui->createButton($options)); - $options = array('icon' => 'events', - 'pos' => 'right', - 'text' => __('Events'), - 'href' => 'index.php?page=events'); - $ui->contentAddHtml($ui->createButton($options)); - $options = array('icon' => 'groups', - 'pos' => 'right', - 'text' => __('Groups'), - 'href' => 'index.php?page=groups'); - $ui->contentAddHtml($ui->createButton($options)); - $options = array('icon' => 'alerts', - 'pos' => 'right', - 'text' => __('Alerts'), - 'href' => 'index.php?page=alerts'); - $ui->contentAddHtml($ui->createButton($options)); - $options = array('icon' => 'agents', - 'pos' => 'right', - 'text' => __('Agents'), - 'href' => 'index.php?page=agents'); - $ui->contentAddHtml($ui->createButton($options)); - $options = array('icon' => 'modules', - 'pos' => 'right', - 'text' => __('Modules'), - 'href' => 'index.php?page=modules'); - $ui->contentAddHtml($ui->createButton($options)); - $options = array('icon' => 'network_maps', - 'pos' => 'right', - 'text' => __('Networkmaps'), - 'href' => 'index.php?page=networkmaps'); - $ui->contentAddHtml($ui->createButton($options)); - $options = array('icon' => 'visual_console', - 'pos' => 'right', - 'text' => __('Visual consoles'), - 'href' => 'index.php?page=visualmaps'); - $ui->contentAddHtml($ui->createButton($options)); + $this->loadButtons($ui); + + if (!empty($error)) { + $ui->addDialog($error); + } $ui->endContent(); $ui->showPage(); - return; } } ?> diff --git a/pandora_console/mobile/operation/module_graph.php b/pandora_console/mobile/operation/module_graph.php index 04f21736d0..c1b18fb427 100644 --- a/pandora_console/mobile/operation/module_graph.php +++ b/pandora_console/mobile/operation/module_graph.php @@ -265,9 +265,13 @@ class ModuleGraph { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/modules.php b/pandora_console/mobile/operation/modules.php index 3506e05763..2a0ab74d57 100644 --- a/pandora_console/mobile/operation/modules.php +++ b/pandora_console/mobile/operation/modules.php @@ -169,9 +169,13 @@ class Modules { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/networkmap.php b/pandora_console/mobile/operation/networkmap.php index 0832b017bc..52fcb677e4 100755 --- a/pandora_console/mobile/operation/networkmap.php +++ b/pandora_console/mobile/operation/networkmap.php @@ -69,9 +69,13 @@ class Networkmap { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/networkmaps.php b/pandora_console/mobile/operation/networkmaps.php index 397e19060c..b1d96e5ae1 100755 --- a/pandora_console/mobile/operation/networkmaps.php +++ b/pandora_console/mobile/operation/networkmaps.php @@ -95,9 +95,13 @@ class Networkmaps { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/tactical.php b/pandora_console/mobile/operation/tactical.php index df57e6e14b..2251e2ea2f 100755 --- a/pandora_console/mobile/operation/tactical.php +++ b/pandora_console/mobile/operation/tactical.php @@ -64,9 +64,13 @@ class Tactical { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/visualmap.php b/pandora_console/mobile/operation/visualmap.php index a07b9e6005..def96a3c81 100644 --- a/pandora_console/mobile/operation/visualmap.php +++ b/pandora_console/mobile/operation/visualmap.php @@ -53,9 +53,13 @@ class Visualmap { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); } diff --git a/pandora_console/mobile/operation/visualmaps.php b/pandora_console/mobile/operation/visualmaps.php index e4578cc937..e08e6f34dd 100644 --- a/pandora_console/mobile/operation/visualmaps.php +++ b/pandora_console/mobile/operation/visualmaps.php @@ -79,9 +79,13 @@ class Visualmaps { } private function show_fail_acl() { + $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = __('Access to this page is restricted to authorized users only, please contact system administrator if you need assistance.

Please know that all attempts to access this page are recorded in security logs of Pandora System Database'); - $home = new Home(); + if (class_exists("HomeEnterprise")) + $home = new HomeEnterprise(); + else + $home = new Home(); $home->show($error); }