tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop' into ent-4461-Configuracion-integracion-integria

This commit is contained in:
alejandro-campos 2019-09-24 15:16:22 +02:00
parent 20cebbe988 8e728eed6b
commit a5ea095734
37 changed files with 1352 additions and 1039 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_agents/unix/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-agent-unix
Version: 7.0NG.738-190923
Version: 7.0NG.738-190924
Architecture: all
Priority: optional
Section: admin

2
pandora_agents/unix/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.738-190923"
pandora_version="7.0NG.738-190924"
echo "Test if you has the tools for to make the packages."
whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null

2
pandora_agents/unix/pandora_agent
View File

@ -42,7 +42,7 @@ my $Sem = undef;
my $ThreadSem = undef;
use constant AGENT_VERSION => '7.0NG.738';
use constant AGENT_BUILD => '190923';
use constant AGENT_BUILD => '190924';
# Agent log default file size maximum and instances
use constant DEFAULT_MAX_LOG_SIZE => 600000;

2
pandora_agents/unix/pandora_agent.redhat.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_agent_unix
%define version 7.0NG.738
%define release 190923
%define release 190924
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

2
pandora_agents/unix/pandora_agent.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_agent_unix
%define version 7.0NG.738
%define release 190923
%define release 190924
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

2
pandora_agents/unix/pandora_agent_installer
View File

@ -10,7 +10,7 @@
# **********************************************************************
PI_VERSION="7.0NG.738"
PI_BUILD="190923"
PI_BUILD="190924"
OS_NAME=`uname -s`
FORCE=0

2
pandora_agents/win32/installer/pandora.mpi
View File

@ -186,7 +186,7 @@ UpgradeApplicationID
{}
Version
{190923}
{190924}
ViewReadme
{Yes}

2
pandora_agents/win32/pandora.cc
View File

@ -30,7 +30,7 @@ using namespace Pandora;
using namespace Pandora_Strutils;
#define PATH_SIZE _MAX_PATH+1
#define PANDORA_VERSION ("7.0NG.738(Build 190923)")
#define PANDORA_VERSION ("7.0NG.738(Build 190924)")
string pandora_path;
string pandora_dir;

2
pandora_agents/win32/versioninfo.rc
View File

@ -11,7 +11,7 @@ BEGIN
VALUE "LegalCopyright", "Artica ST"
VALUE "OriginalFilename", "PandoraAgent.exe"
VALUE "ProductName", "Pandora FMS Windows Agent"
VALUE "ProductVersion", "(7.0NG.738(Build 190923))"
VALUE "ProductVersion", "(7.0NG.738(Build 190924))"
VALUE "FileVersion", "1.0.0.0"
END
END

2
pandora_console/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-console
Version: 7.0NG.738-190923
Version: 7.0NG.738-190924
Architecture: all
Priority: optional
Section: admin

2
pandora_console/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.738-190923"
pandora_version="7.0NG.738-190924"
package_pear=0
package_pandora=1

604
pandora_console/godmode/groups/credential_store.php
View File

@ -29,599 +29,43 @@
// Begin.
global $config;
// Check access.
check_login();
require_once $config['homedir'].'/include/class/CredentialStore.class.php';
if (! check_acl($config['id_user'], 0, 'PM')) {
db_pandora_audit(
'ACL Violation',
'Trying to access event viewer'
);
$ajaxPage = 'godmode/groups/credential_store';
// Control call flow.
try {
// User access and validation is being processed on class constructor.
$cs = new CredentialStore($ajaxPage);
} catch (Exception $e) {
if (is_ajax()) {
return ['error' => 'noaccess'];
echo json_encode(['error' => '[CredentialStore]'.$e->getMessage() ]);
exit;
} else {
echo '[CredentialStore]'.$e->getMessage();
}
include 'general/noaccess.php';
// Stop this execution, but continue 'globally'.
return;
}
// Required files.
ui_require_css_file('credential_store');
require_once $config['homedir'].'/include/functions_credential_store.php';
require_once $config['homedir'].'/include/functions_io.php';
// AJAX controller.
if (is_ajax()) {
$draw = get_parameter('draw', 0);
$filter = get_parameter('filter', []);
$get_key = get_parameter('get_key', 0);
$new_form = get_parameter('new_form', 0);
$new_key = get_parameter('new_key', 0);
$update_key = get_parameter('update_key', 0);
$delete_key = get_parameter('delete_key', 0);
$method = get_parameter('method');
if ($new_form) {
echo print_inputs();
exit;
}
if ($delete_key) {
$identifier = get_parameter('identifier', null);
if (empty($identifier)) {
ajax_msg('error', __('identifier cannot be empty'));
}
if (db_process_sql_delete(
'tcredential_store',
['identifier' => $identifier]
) === false
) {
ajax_msg('error', $config['dbconnection']->error, true);
if (method_exists($cs, $method) === true) {
if ($cs->ajaxMethod($method) === true) {
$cs->{$method}();
} else {
ajax_msg('result', $identifier, true);
$cs->error('Unavailable method.');
}
} else {
$cs->error('Method not found. ['.$method.']');
}
if ($update_key) {
$data = get_parameter('values', null);
if ($data === null || !is_array($data)) {
echo json_encode(['error' => __('Invalid parameters, please retry')]);
exit;
}
$values = [];
foreach ($data as $key => $value) {
if ($key == 'identifier') {
$identifier = base64_decode($value);
} else if ($key == 'product') {
$product = base64_decode($value);
} else {
$values[$key] = base64_decode($value);
}
}
if (empty($identifier)) {
ajax_msg('error', __('identifier cannot be empty'));
}
if (empty($product)) {
ajax_msg('error', __('product cannot be empty'));
}
if (db_process_sql_update(
'tcredential_store',
$values,
['identifier' => $identifier]
) === false
) {
ajax_msg('error', $config['dbconnection']->error);
} else {
ajax_msg('result', $identifier);
}
exit;
}
if ($new_key) {
$data = get_parameter('values', null);
if ($data === null || !is_array($data)) {
echo json_encode(['error' => __('Invalid parameters, please retry')]);
exit;
}
$values = [];
foreach ($data as $key => $value) {
$values[$key] = base64_decode($value);
if ($key == 'identifier') {
$values[$key] = preg_replace('/\s+/', '-', trim($values[$key]));
}
}
$identifier = $values['identifier'];
if (empty($identifier)) {
ajax_msg('error', __('identifier cannot be empty'));
}
if (empty($values['product'])) {
ajax_msg('error', __('product cannot be empty'));
}
if (db_process_sql_insert('tcredential_store', $values) === false) {
ajax_msg('error', $config['dbconnection']->error);
} else {
ajax_msg('result', $identifier);
}
exit;
}
if ($get_key) {
$identifier = get_parameter('identifier', null);
$key = get_key($identifier);
echo print_inputs($key);
exit;
}
if ($draw) {
// Datatables offset, limit and order.
$start = get_parameter('start', 0);
$length = get_parameter('length', $config['block_size']);
$order = get_datatable_order(true);
try {
ob_start();
$fields = [
'cs.*',
'tg.nombre as `group`',
];
// Retrieve data.
$data = credentials_get_all(
// Fields.
$fields,
// Filter.
$filter,
// Offset.
$start,
// Limit.
$length,
// Order.
$order['direction'],
// Sort field.
$order['field']
);
// Retrieve counter.
$count = credentials_get_all(
'count',
$filter
);
if ($data) {
$data = array_reduce(
$data,
function ($carry, $item) {
// Transforms array of arrays $data into an array
// of objects, making a post-process of certain fields.
$tmp = (object) $item;
$tmp->username = io_safe_output($tmp->username);
if (empty($tmp->group)) {
$tmp->group = __('All');
} else {
$tmp->group = io_safe_output($tmp->group);
}
$carry[] = $tmp;
return $carry;
}
);
}
// Datatables format: RecordsTotal && recordsfiltered.
echo json_encode(
[
'data' => $data,
'recordsTotal' => $count,
'recordsFiltered' => $count,
]
);
// Capture output.
$response = ob_get_clean();
} catch (Exception $e) {
return json_encode(['error' => $e->getMessage()]);
}
// If not valid, show error with issue.
json_decode($response);
if (json_last_error() == JSON_ERROR_NONE) {
// If valid dump.
echo $response;
} else {
echo json_encode(
['error' => $response]
);
}
exit;
}
// Stop any execution.
exit;
} else {
// Run.
$cs->run();
}
// Datatables list.
try {
$columns = [
'group',
'identifier',
'product',
'username',
'options',
];
$column_names = [
__('Group'),
__('Identifier'),
__('Product'),
__('User'),
[
'text' => __('Options'),
'class' => 'action_buttons',
],
];
$table_id = 'keystore';
// Load datatables user interface.
ui_print_datatable(
[
'id' => $table_id,
'class' => 'info_table',
'style' => 'width: 100%',
'columns' => $columns,
'column_names' => $column_names,
'ajax_url' => 'godmode/groups/credential_store',
'ajax_postprocess' => 'process_datatables_item(item)',
'no_sortable_columns' => [-1],
'order' => [
'field' => 'identifier',
'direction' => 'asc',
],
'search_button_class' => 'sub filter float-right',
'form' => [
'inputs' => [
[
'label' => __('Group'),
'type' => 'select',
'id' => 'filter_id_group',
'name' => 'filter_id_group',
'options' => users_get_groups_for_select(
$config['id_user'],
'AR',
true,
true,
false
),
],
[
'label' => __('Free search'),
'type' => 'text',
'class' => 'mw250px',
'id' => 'free_search',
'name' => 'free_search',
],
],
],
]
);
} catch (Exception $e) {
echo $e->getMessage();
}
// Auxiliar div.
$new = '<div id="new_key" style="display: none"><form id="form_new">';
$new .= '</form></div>';
$details = '<div id="info_key" style="display: none"><form id="form_update">';
$details .= '</form></div>';
$aux = '<div id="aux" style="display: none"></div>';
echo $new.$details.$aux;
// Create button.
echo '<div class="w100p flex-content-right">';
html_print_submit_button(
__('Add key'),
'create',
false,
'class="sub next"'
);
echo '</div>';
?>
<script type="text/javascript">
function process_datatables_item(item) {
item.options = '<a href="javascript:" onclick="display_key(\'';
item.options += item.identifier;
item.options += '\')" ><?php echo html_print_image('images/eye.png', true, ['title' => __('Show')]); ?></a>';
item.options += '<a href="javascript:" onclick="delete_key(\'';
item.options += item.identifier;
item.options += '\')" ><?php echo html_print_image('images/cross.png', true, ['title' => __('Delete')]); ?></a>';
}
function handle_response(data) {
var title = "<?php echo __('Success'); ?>";
var text = '';
var failed = 0;
try {
data = JSON.parse(data);
text = data['result'];
} catch (err) {
title = "<?php echo __('Failed'); ?>";
text = err.message;
failed = 1;
}
if (!failed && data['error'] != undefined) {
title = "<?php echo __('Failed'); ?>";
text = data['error'];
failed = 1;
}
$('#aux').empty();
$('#aux').html(text);
$('#aux').dialog({
width: 450,
position: {
my: 'center',
at: 'center',
of: window,
collision: 'fit'
},
title: title,
buttons: [
{
text: 'OK',
click: function(e) {
if (!failed) {
dt_<?php echo $table_id; ?>.draw(0);
$(".ui-dialog-content").dialog("close");
cleanupDOM();
} else {
$(this).dialog('close');
}
}
}
]
});
}
function delete_key(id) {
$('#aux').empty();
$('#aux').text('<?php echo __('Are you sure?'); ?>');
$('#aux').dialog({
title: '<?php echo __('Delete'); ?> ' + id,
buttons: [
{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub upd submit-cancel',
text: '<?php echo __('Cancel'); ?>',
click: function(e) {
$(this).dialog('close');
cleanupDOM();
}
},
{
text: 'Delete',
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub ok submit-next',
click: function(e) {
$.ajax({
method: 'post',
url: '<?php echo ui_get_full_url('ajax.php', false, false, false); ?>',
data: {
page: 'godmode/groups/credential_store',
delete_key: 1,
identifier: id
},
datatype: "json",
success: function (data) {
handle_response(data);
},
error: function(e) {
handle_response(e);
}
});
}
}
]
});
}
function display_key(id) {
$('#form_update').empty();
$('#form_update').html('Loading...');
$.ajax({
method: 'post',
url: '<?php echo ui_get_full_url('ajax.php', false, false, false); ?>',
data: {
page: 'godmode/groups/credential_store',
get_key: 1,
identifier: id
},
success: function (data) {
$('#info_key').dialog({
width: 580,
height: 400,
position: {
my: 'center',
at: 'center',
of: window,
collision: 'fit'
},
title: id,
buttons: [
{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub upd submit-cancel',
text: '<?php echo __('Cancel'); ?>',
click: function(e) {
$(this).dialog('close');
cleanupDOM();
}
},
{
text: 'Update',
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub ok submit-next',
click: function(e) {
var values = {};
$('#form_update :input').each(function() {
values[this.name] = btoa($(this).val());
});
$.ajax({
method: 'post',
url: '<?php echo ui_get_full_url('ajax.php', false, false, false); ?>',
data: {
page: 'godmode/groups/credential_store',
update_key: 1,
values: values
},
datatype: "json",
success: function (data) {
handle_response(data);
},
error: function(e) {
handle_response(e);
}
});
}
}
]
});
$('#form_update').html(data);
}
})
}
function cleanupDOM() {
$('#div-identifier').empty();
$('#div-product').empty();
$('#div-username').empty();
$('#div-password').empty();
$('#div-extra_1').empty();
$('#div-extra_2').empty();
}
function calculate_inputs() {
if ($('#product :selected').val() == "CUSTOM") {
$('#div-username label').text('<?php echo __('User'); ?>');
$('#div-password label').text('<?php echo __('Password'); ?>');
$('#div-extra_1').hide();
$('#div-extra_2').hide();
} else if ($('#product :selected').val() == "AWS") {
$('#div-username label').text('<?php echo __('Access key ID'); ?>');
$('#div-password label').text('<?php echo __('Secret access key'); ?>');
$('#div-extra_1').hide();
$('#div-extra_2').hide();
} else if ($('#product :selected').val() == "AZURE") {
$('#div-username label').text('<?php echo __('Client ID'); ?>');
$('#div-password label').text('<?php echo __('Application secret'); ?>');
$('#div-extra_1 label').text('<?php echo __('Tenant or domain name'); ?>');
$('#div-extra_2 label').text('<?php echo __('Subscription id'); ?>');
$('#div-extra_1').show();
$('#div-extra_2').show();
}
}
function add_key() {
// Clear form.
$('#form_update').empty();
$('#form_update').html('Loading...');
$.ajax({
method: 'post',
url: '<?php echo ui_get_full_url('ajax.php', false, false, false); ?>',
data: {
page: 'godmode/groups/credential_store',
new_form: 1
},
success: function(data) {
$('#form_new').html(data);
$('#id_group').val(0);
// By default CUSTOM.
$('#product').val('CUSTOM');
calculate_inputs();
$('#product').on('change', function() {
calculate_inputs()
});
// Show form.
$('#new_key').dialog({
width: 580,
height: 400,
position: {
my: 'center',
at: 'center',
of: window,
collision: 'fit'
},
title: "<?php echo __('Register new key into keystore'); ?>",
buttons: [
{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub upd submit-cancel',
text: "<?php echo __('Cancel'); ?>",
click: function(e) {
$(this).dialog('close');
cleanupDOM();
}
},
{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub ok submit-next',
text: 'OK',
click: function(e) {
var values = {};
$('#form_new :input').each(function() {
values[this.name] = btoa($(this).val());
});
$.ajax({
method: 'post',
url: '<?php echo ui_get_full_url('ajax.php', false, false, false); ?>',
data: {
page: 'godmode/groups/credential_store',
new_key: 1,
values: values
},
datatype: "json",
success: function (data) {
handle_response(data);
},
error: function(e) {
handle_response(e);
}
});
}
},
]
});
}
})
}
$(document).ready(function(){
$("#submit-create").on('click', function(){
add_key();
});
});
</script>

1203
pandora_console/include/class/CredentialStore.class.php Normal file
View File

File diff suppressed because it is too large Load Diff

2
pandora_console/include/config_process.php
View File

@ -20,7 +20,7 @@
/**
* Pandora build version and version
*/
$build_version = 'PC190923';
$build_version = 'PC190924';
$pandora_version = 'v7.0NG.738';
// Do not overwrite default timezone set if defined.

420
pandora_console/include/functions_credential_store.php
View File

@ -24,422 +24,8 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* ============================================================================
*
* Moved to CredentialStore.class.php
*/
// Begin.
/**
* Returns an array with all the credentials matching filter and ACL.
*
* @param array $fields Fields array or 'count' keyword to retrieve count.
* @param array $filter Filters to be applied.
* @param integer $offset Offset (pagination).
* @param integer $limit Limit (pagination).
* @param string $order Sort order.
* @param string $sort_field Sort field.
*
* @return array With all results or false if error.
* @throws Exception On error.
*/
function credentials_get_all(
$fields,
array $filter,
$offset=null,
$limit=null,
$order=null,
$sort_field=null
) {
$sql_filters = [];
$order_by = '';
$pagination = '';
global $config;
if (!is_array($filter)) {
error_log('[credential_get_all] Filter must be an array.');
throw new Exception('[credential_get_all] Filter must be an array.');
}
$count = false;
if (!is_array($fields) && $fields == 'count') {
$fields = ['cs.*'];
$count = true;
} else if (!is_array($fields)) {
error_log('[credential_get_all] Fields must be an array or "count".');
throw new Exception('[credential_get_all] Fields must be an array or "count".');
}
if (isset($filter['product']) && !empty($filter['product'])) {
$sql_filters[] = sprintf(' AND cs.product = "%s"', $filter['product']);
}
if (isset($filter['free_search']) && !empty($filter['free_search'])) {
$sql_filters[] = vsprintf(
' AND (lower(cs.username) like lower("%%%s%%")
OR cs.identifier like "%%%s%%"
OR lower(cs.product) like lower("%%%s%%"))',
array_fill(0, 3, $filter['free_search'])
);
}
if (isset($filter['filter_id_group']) && $filter['filter_id_group'] > 0) {
$propagate = db_get_value(
'propagate',
'tgrupo',
'id_grupo',
$filter['filter_id_group']
);
if (!$propagate) {
$sql_filters[] = sprintf(
' AND cs.id_group = %d ',
$filter['filter_id_group']
);
} else {
$groups = [ $filter['filter_id_group'] ];
$childrens = groups_get_childrens($id_group, null, true);
if (!empty($childrens)) {
foreach ($childrens as $child) {
$groups[] = (int) $child['id_grupo'];
}
}
$filter['filter_id_group'] = $groups;
$sql_filters[] = sprintf(
' AND cs.id_group IN (%s) ',
join(',', $filter['filter_id_group'])
);
}
}
if (isset($filter['group_list']) && is_array($filter['group_list'])) {
$sql_filters[] = sprintf(
' AND cs.id_group IN (%s) ',
join(',', $filter['group_list'])
);
}
if (isset($order)) {
$dir = 'asc';
if ($order == 'desc') {
$dir = 'desc';
};
if (in_array(
$sort_field,
[
'group',
'identifier',
'product',
'username',
'options',
]
)
) {
$order_by = sprintf(
'ORDER BY `%s` %s',
$sort_field,
$dir
);
}
}
if (isset($limit) && $limit > 0
&& isset($offset) && $offset >= 0
) {
$pagination = sprintf(
' LIMIT %d OFFSET %d ',
$limit,
$offset
);
}
$sql = sprintf(
'SELECT %s
FROM tcredential_store cs
LEFT JOIN tgrupo tg
ON tg.id_grupo = cs.id_group
WHERE 1=1
%s
%s
%s',
join(',', $fields),
join(' ', $sql_filters),
$order_by,
$pagination
);
if ($count) {
$sql = sprintf('SELECT count(*) as n FROM ( %s ) tt', $sql);
return db_get_value_sql($sql);
}
return db_get_all_rows_sql($sql);
}
/**
* Retrieves target key from keystore or false in case of error.
*
* @param string $identifier Key identifier.
*
* @return array Key or false if error.
*/
function get_key($identifier)
{
return db_get_row_filter(
'tcredential_store',
[ 'identifier' => $identifier ]
);
}
/**
* Minor function to dump json message as ajax response.
*
* @param string $type Type: result || error.
* @param string $msg Message.
* @param boolean $delete Deletion messages.
*
* @return void
*/
function ajax_msg($type, $msg, $delete=false)
{
$msg_err = 'Failed while saving: %s';
$msg_ok = 'Successfully saved into keystore ';
if ($delete) {
$msg_err = 'Failed while removing: %s';
$msg_ok = 'Successfully deleted ';
}
if ($type == 'error') {
echo json_encode(
[
$type => ui_print_error_message(
__(
$msg_err,
$msg
),
'',
true
),
]
);
} else {
echo json_encode(
[
$type => ui_print_success_message(
__(
$msg_ok,
$msg
),
'',
true
),
]
);
}
exit;
}
/**
* Generates inputs for new/update forms.
*
* @param array $values Values or null.
*
* @return string Inputs.
*/
function print_inputs($values=null)
{
if (!is_array($values)) {
$values = [];
}
$return = '';
$return .= html_print_input(
[
'label' => __('Identifier'),
'name' => 'identifier',
'input_class' => 'flex-row',
'type' => 'text',
'value' => $values['identifier'],
'disabled' => (bool) $values['identifier'],
'return' => true,
'script' => 'alert(\'puta\')',
]
);
$return .= html_print_input(
[
'label' => __('Group'),
'name' => 'id_group',
'id' => 'id_group',
'input_class' => 'flex-row',
'type' => 'select_groups',
'selected' => $values['id_group'],
'return' => true,
'class' => 'w50p',
]
);
$return .= html_print_input(
[
'label' => __('Product'),
'name' => 'product',
'input_class' => 'flex-row',
'type' => 'select',
'script' => 'calculate_inputs()',
'fields' => [
'CUSTOM' => __('Custom'),
'AWS' => __('Aws'),
'AZURE' => __('Azure'),
// 'GOOGLE' => __('Google'),
],
'selected' => $values['product'],
'disabled' => (bool) $values['product'],
'return' => true,
]
);
$user_label = __('Username');
$pass_label = __('Password');
$extra_1_label = __('Extra');
$extra_2_label = __('Extra (2)');
$extra1 = true;
$extra2 = true;
// Remember to update credential_store.php also.
switch ($values['product']) {
case 'AWS':
$user_label = __('Access key ID');
$pass_label = __('Secret access key');
$extra1 = false;
$extra2 = false;
break;
case 'AZURE':
$user_label = __('Account ID');
$pass_label = __('Application secret');
$extra_1_label = __('Tenant or domain name');
$extra_2_label = __('Subscription id');
break;
case 'GOOGLE':
// Need further investigation.
case 'CUSTOM':
$user_label = __('Account ID');
$pass_label = __('Password');
$extra1 = false;
$extra2 = false;
default:
// Use defaults.
break;
}
$return .= html_print_input(
[
'label' => $user_label,
'name' => 'username',
'input_class' => 'flex-row',
'type' => 'text',
'value' => $values['username'],
'return' => true,
]
);
$return .= html_print_input(
[
'label' => $pass_label,
'name' => 'password',
'input_class' => 'flex-row',
'type' => 'password',
'value' => $values['password'],
'return' => true,
]
);
if ($extra1) {
$return .= html_print_input(
[
'label' => $extra_1_label,
'name' => 'extra_1',
'input_class' => 'flex-row',
'type' => 'text',
'value' => $values['extra_1'],
'return' => true,
]
);
}
if ($extra2) {
$return .= html_print_input(
[
'label' => $extra_2_label,
'name' => 'extra_2',
'input_class' => 'flex-row',
'type' => 'text',
'value' => $values['extra_2'],
'return' => true,
'display' => $extra2,
]
);
}
return $return;
}
/**
* Retrieve all identifiers available for current user.
*
* @param string $product Target product.
*
* @return array Of account identifiers.
*/
function credentials_list_accounts($product)
{
global $config;
check_login();
include_once $config['homedir'].'/include/functions_users.php';
static $user_groups;
if (!isset($user_groups)) {
$user_groups = users_get_groups(
$config['id_user'],
'AR'
);
// Always add group 'ALL' because 'ALL' group credentials
// must be available for all users.
if (is_array($user_groups)) {
$user_groups = ([0] + array_keys($user_groups));
} else {
$user_groups = [0];
}
}
$creds = credentials_get_all(
['identifier'],
[
'product' => $product,
'group_list' => $user_groups,
]
);
if ($creds === false) {
return [];
}
$ret = array_reduce(
$creds,
function ($carry, $item) {
$carry[$item['identifier']] = $item['identifier'];
return $carry;
}
);
return $ret;
}
// Deprecated.

4
pandora_console/include/functions_events.php
View File

@ -2739,6 +2739,10 @@ function events_get_agent(
$date = time_w_fixed_tz($date);
}
if (is_metaconsole() && $events_group === false) {
$id_server = true;
}
if (empty($date)) {
$date = get_system_time();
}

8
pandora_console/include/functions_html.php
View File

@ -1475,6 +1475,14 @@ function html_print_input_password(
$attr['class'] = $class;
}
if ($disabled === false) {
// Trick to avoid password completion on most browsers.
if ($autocomplete !== 'on') {
$disabled = true;
$attr['onfocus'] = "this.removeAttribute('readonly');";
}
}
return html_print_input_text_extended($name, $value, 'password-'.$name, $alt, $size, $maxlength, $disabled, '', $attr, $return, true, '', $autocomplete);
}

29
pandora_console/include/functions_io.php
View File

@ -507,7 +507,7 @@ function ___($string /*, variable arguments */)
}
/*
/**
* json_encode for multibyte characters.
*
* @param string Text string to be encoded.
@ -528,7 +528,7 @@ function io_json_mb_encode($string, $encode_options=0)
}
/*
/**
* Prepare the given password to be stored in the Pandora FMS Database,
* encrypting it if necessary.
*
@ -541,16 +541,22 @@ function io_input_password($password)
global $config;
enterprise_include_once('include/functions_crypto.php');
$ciphertext = enterprise_hook('openssl_encrypt_decrypt', ['encrypt', io_safe_output($password)]);
$ciphertext = enterprise_hook(
'openssl_encrypt_decrypt',
[
'encrypt',
io_safe_input($password),
]
);
if ($ciphertext === ENTERPRISE_NOT_HOOK) {
return $password;
return io_safe_input($password);
}
return $ciphertext;
}
/*
/**
* Process the given password read from the Pandora FMS Database,
* decrypting it if necessary.
*
@ -563,10 +569,17 @@ function io_output_password($password)
global $config;
enterprise_include_once('include/functions_crypto.php');
$plaintext = enterprise_hook('openssl_encrypt_decrypt', ['decrypt', io_safe_output($password)]);
$plaintext = enterprise_hook(
'openssl_encrypt_decrypt',
[
'decrypt',
$password,
]
);
if ($plaintext === ENTERPRISE_NOT_HOOK) {
return $password;
return io_safe_output($password);
}
return $plaintext;
return io_safe_output($plaintext);
}

20
pandora_console/include/javascript/pandora.js
View File

@ -1890,6 +1890,16 @@ function load_modal(settings) {
width = settings.onshow.width;
}
settings.target.html("Loading modal...");
settings.target
.dialog({
title: "Loading",
close: false,
width: 200,
buttons: []
})
.show();
$.ajax({
method: "post",
url: settings.url,
@ -1898,6 +1908,9 @@ function load_modal(settings) {
data: data,
success: function(data) {
settings.target.html(data);
if (settings.onload != undefined) {
settings.onload(data);
}
settings.target.dialog({
resizable: true,
draggable: true,
@ -1927,6 +1940,9 @@ function load_modal(settings) {
click: function() {
if (AJAX_RUNNING) return;
AJAX_RUNNING = 1;
if (settings.onsubmit.preaction != undefined) {
settings.onsubmit.preaction();
}
var formdata = new FormData();
if (settings.extradata) {
settings.extradata.forEach(function(item) {
@ -1954,7 +1970,9 @@ function load_modal(settings) {
contentType: false,
data: formdata,
success: function(data) {
settings.ajax_callback(data);
if (settings.ajax_callback != undefined) {
settings.ajax_callback(data);
}
AJAX_RUNNING = 0;
}
});

30
pandora_console/include/styles/credential_store.css
View File

@ -10,3 +10,33 @@
#new_key select {
width: 60%;
}
ul.wizard li > label:not(.p-switch) {
width: auto;
}
form.top-action-buttons ul.wizard {
display: flex;
flex-direction: row;
}
ul.wizard li {
margin-right: 1em;
}
form.modal ul.wizard li {
display: flex;
flex-direction: row;
width: 90%;
margin: 0 auto;
justify-items: center;
}
form.modal ul.wizard li * {
flex: 1;
}
ul.wizard li.flex-indep {
flex: 1;
margin: 0;
}

4
pandora_console/include/styles/pandoraPDF.css
View File

@ -27,9 +27,6 @@
* GNU General Public License for more details.
* ============================================================================
*/
table {
text-align: center;
}
table.header_table {
width: 100%;
@ -72,6 +69,7 @@ table.table_beauty tbody tr td {
table.databox {
margin-bottom: 20px;
text-align: center;
}
th.title_table_pdf {

2
pandora_console/install.php
View File

@ -129,7 +129,7 @@
<div style='height: 10px'>
<?php
$version = '7.0NG.738';
$build = '190923';
$build = '190924';
$banner = "v$version Build $build";
error_reporting(0);

2
pandora_console/operation/reporting/reporting_viewer.php
View File

@ -124,7 +124,7 @@ if (!defined('METACONSOLE')) {
}
// Page header for metaconsole
if ($config['metaconsole'] == 1 and defined('METACONSOLE')) {
if (is_metaconsole()) {
// Bread crumbs
ui_meta_add_breadcrumb(['link' => 'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder', 'text' => __('Reporting')]);

2
pandora_console/pandora_console.redhat.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.738
%define release 190923
%define release 190924
# User and Group under which Apache is running
%define httpd_name httpd

2
pandora_console/pandora_console.rhel7.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.738
%define release 190923
%define release 190924
# User and Group under which Apache is running
%define httpd_name httpd

2
pandora_console/pandora_console.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_console
%define version 7.0NG.738
%define release 190923
%define release 190924
%define httpd_name httpd
# User and Group under which Apache is running
%define httpd_name apache2

2
pandora_server/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-server
Version: 7.0NG.738-190923
Version: 7.0NG.738-190924
Architecture: all
Priority: optional
Section: admin

2
pandora_server/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.738-190923"
pandora_version="7.0NG.738-190924"
package_cpan=0
package_pandora=1

4
pandora_server/lib/PandoraFMS/Config.pm
View File

@ -45,7 +45,7 @@ our @EXPORT = qw(
# version: Defines actual version of Pandora Server for this module only
my $pandora_version = "7.0NG.738";
my $pandora_build = "190923";
my $pandora_build = "190924";
our $VERSION = $pandora_version." ".$pandora_build;
# Setup hash
@ -1037,7 +1037,7 @@ sub pandora_load_config {
$pa_config->{'console_pass'}= safe_input(clean_blank($1));
}
elsif ($parametro =~ m/^encryption_passphrase\s(.*)/i) { # 6.0
$pa_config->{'encryption_passphrase'}= safe_input(clean_blank($1));
$pa_config->{'encryption_passphrase'} = clean_blank($1);
}
elsif ($parametro =~ m/^unknown_interval\s+([0-9]*)/i) { # > 5.1SP2
$pa_config->{'unknown_interval'}= clean_blank($1);

13
pandora_server/lib/PandoraFMS/Core.pm
View File

@ -3155,11 +3155,20 @@ sub pandora_get_config_value ($$) {
##########################################################################
## Get credential from credential store
##########################################################################
sub pandora_get_credential ($$) {
my ($dbh, $identifier) = @_;
sub pandora_get_credential ($$$) {
my ($pa_config, $dbh, $identifier) = @_;
my $key = get_db_single_row($dbh, 'SELECT * FROM tcredential_store WHERE identifier = ?', $identifier);
$key->{'username'} = pandora_output_password(
$pa_config,
safe_output($key->{'username'})
);
$key->{'password'} = pandora_output_password(
$pa_config,
safe_output($key->{'password'})
);
return $key;
}

2
pandora_server/lib/PandoraFMS/PluginTools.pm
View File

@ -32,7 +32,7 @@ our @ISA = qw(Exporter);
# version: Defines actual version of Pandora Server for this module only
my $pandora_version = "7.0NG.738";
my $pandora_build = "190923";
my $pandora_build = "190924";
our $VERSION = $pandora_version." ".$pandora_build;
our %EXPORT_TAGS = ( 'all' => [ qw() ] );

2
pandora_server/lib/PandoraFMS/Tools.pm
View File

@ -624,7 +624,7 @@ sub logger ($$;$) {
$message = safe_output ($message);
$level = 1 unless defined ($level);
return if ($level > $pa_config->{'verbosity'});
return if (!defined ($pa_config->{'verbosity'}) || $level > $pa_config->{'verbosity'});
if (!defined($pa_config->{'log_file'})) {
print strftime ("%Y-%m-%d %H:%M:%S", localtime()) . " [V". $level ."] " . $message . "\n";

2
pandora_server/pandora_server.redhat.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_server
%define version 7.0NG.738
%define release 190923
%define release 190924
Summary: Pandora FMS Server
Name: %{name}

2
pandora_server/pandora_server.spec
View File

@ -3,7 +3,7 @@
#
%define name pandorafms_server
%define version 7.0NG.738
%define release 190923
%define release 190924
Summary: Pandora FMS Server
Name: %{name}

2
pandora_server/pandora_server_installer
View File

@ -9,7 +9,7 @@
# **********************************************************************
PI_VERSION="7.0NG.738"
PI_BUILD="190923"
PI_BUILD="190924"
MODE=$1
if [ $# -gt 1 ]; then

2
pandora_server/util/pandora_db.pl
View File

@ -34,7 +34,7 @@ use PandoraFMS::Config;
use PandoraFMS::DB;
# version: define current version
my $version = "7.0NG.738 PS190923";
my $version = "7.0NG.738 PS190924";
# Pandora server configuration
my %conf;

2
pandora_server/util/pandora_manage.pl
View File

@ -36,7 +36,7 @@ use Encode::Locale;
Encode::Locale::decode_argv;
# version: define current version
my $version = "7.0NG.738 PS190923";
my $version = "7.0NG.738 PS190924";
# save program name for logging
my $progname = basename($0);