tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-12171-graficas-en-alertas-de-mail-no-se-ven' into 'develop' 

Api asign admin status to server api calls instead assignin user admin

See merge request artica/pandorafms!6543
This commit is contained in:
Rafael Ameijeiras 2023-10-13 06:23:31 +00:00
parent 4727829e90 3813ae45aa
commit a7a80029d9
3 changed files with 33 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pandora_console/include/api.php
View File

@ -124,18 +124,22 @@ if (empty($apiPassword) === true
) { ) {
// Allow internal direct node -> metaconsole connection // Allow internal direct node -> metaconsole connection
// or node -> own console connection. // or node -> own console connection.
$server_uid = get_parameter(('server_auth'));
$config['__internal_call'] = true; $config['__internal_call'] = true;
$config['id_usuario'] = 'admin'; $config['id_usuario'] = $server_uid;
// Compat. // Compat.
$config['id_user'] = 'admin'; $config['id_user'] = $server_uid;
$correctLogin = true; $correctLogin = true;
$config['is_admin'][$server_uid] = true;
// Bypass credentials if server-auth and api-pass are correct. // Bypass credentials if server-auth and api-pass are correct.
} else if (($config['server_unique_identifier'] === get_parameter('server_auth')) } else if (($config['server_unique_identifier'] === get_parameter('server_auth'))
&& ($api_password === $apiPassword) && ($api_password === $apiPassword)
&& ((bool) isInACL($ipOrigin) === true) && ((bool) isInACL($ipOrigin) === true)
) { ) {
$config['id_usuario'] = 'admin'; $server_uid = get_parameter(('server_auth'));
$config['id_user'] = 'admin'; $config['id_usuario'] = $server_uid;
$config['id_user'] = $server_uid;
$config['is_admin'][$server_uid] = true;
$correctLogin = true; $correctLogin = true;
} else if ((bool) isInACL($ipOrigin) === true) { } else if ((bool) isInACL($ipOrigin) === true) {
// External access. // External access.

23
pandora_console/include/chart_generator.php
View File

@ -66,13 +66,34 @@ global $config;
// Care whit this!!! check_login not working if you remove this. // Care whit this!!! check_login not working if you remove this.
$config['id_user'] = $id_user; $config['id_user'] = $id_user;
$_SESSION['id_usuario'] = $id_user; $_SESSION['id_usuario'] = $id_user;
// Checks for server api req.
$bypassLogin = false;
if ($data_decoded['apipass'] !== null
&& ($config['server_unique_identifier'] === $_SESSION['id_usuario'])
) {
$apiPassword = io_output_password(
db_get_value_filter(
'value',
'tconfig',
['token' => 'api_password']
)
);
if ($apiPassword === $data_decoded['apipass']) {
$bypassLogin = true;
}
}
if (!isset($config[$slicebar])) { if (!isset($config[$slicebar])) {
$config[$slicebar] = $slicebar_value; $config[$slicebar] = $slicebar_value;
} }
// Try to initialize session using existing php session id. // Try to initialize session using existing php session id.
$user = new PandoraFMS\User(['phpsessionid' => $session_id]); $user = new PandoraFMS\User(['phpsessionid' => $session_id]);
if (check_login(false) === false) {
if (check_login(false) === false && $bypassLogin !== true) {
// Error handler. // Error handler.
?> ?>
<!DOCTYPE html> <!DOCTYPE html>

3
pandora_console/include/functions.php
View File

@ -4336,6 +4336,8 @@ function generator_chart_to_pdf(
'id_user' => $config['id_user'], 'id_user' => $config['id_user'],
'slicebar' => $_SESSION['slicebar'], 'slicebar' => $_SESSION['slicebar'],
'slicebar_value' => $config[$_SESSION['slicebar']], 'slicebar_value' => $config[$_SESSION['slicebar']],
'apipass' => get_parameter('apipass', null),
]; ];
} else { } else {
$data = [ $data = [
@ -4345,6 +4347,7 @@ function generator_chart_to_pdf(
'id_user' => $config['id_user'], 'id_user' => $config['id_user'],
'slicebar' => $_SESSION['slicebar'], 'slicebar' => $_SESSION['slicebar'],
'slicebar_value' => $config[$_SESSION['slicebar']], 'slicebar_value' => $config[$_SESSION['slicebar']],
'apipass' => get_parameter('apipass', null),
]; ];
} }