#11126 added token in config agent and setup

This commit is contained in:
Daniel Cebrian 2023-10-24 18:02:14 +02:00
parent 490e39c2d8
commit a862a8018c
7 changed files with 60 additions and 42 deletions

View File

@ -313,8 +313,7 @@ ALTER TABLE `tservice` ADD COLUMN `enable_horizontal_tree` TINYINT NOT NULL DEFA
INSERT IGNORE INTO `tmodule_inventory` (`id_module_inventory`, `id_os`, `name`, `description`, `interpreter`, `data_format`, `code`, `block_mode`,`script_mode`) VALUES (43,1,'Vulnerabilities','Plugin for security scan','','Package;Version;CVE','',0,2);
ALTER TABLE `tagente` ADD COLUMN `vul_scan_enabled` TINYINT NOT NULL DEFAULT 0;
ALTER TABLE `tagente` ADD COLUMN `vul_scan_interval` INT NOT NULL DEFAULT 300;
ALTER TABLE `tagente` ADD COLUMN `vul_scan_enabled` TINYINT NOT NULL DEFAULT 2;
CREATE TABLE IF NOT EXISTS `pandora_cve` (
`cve_id` VARCHAR(20),

View File

@ -922,6 +922,23 @@ $tableAdvancedAgent->data['safe_operation'][] = html_print_label_input_block(
)
);
$tableAdvancedAgent->data['vul_scan_enabled'][] = html_print_label_input_block(
__('Vulnerability scanning'),
html_print_select(
[
0 => __('Disabled'),
1 => __('Enabled'),
2 => __('Use global settings'),
],
'vul_scan_enabled',
$vul_scan_enabled,
'',
'',
0,
true
)
);
ui_toggle(
html_print_table($tableAdvancedAgent, true),
'<span class="subsection_header_title">'.__('Advanced options').'</span>',

View File

@ -231,6 +231,7 @@ if ($create_agent) {
$quiet = (int) get_parameter('quiet', 0);
$cps = (int) get_parameter_switch('cps', -1);
$fixed_ip = (int) get_parameter_switch('fixed_ip', 0);
$vul_scan_enabled = (int) get_parameter_switch('vul_scan_enabled', 2);
$secondary_groups = (array) get_parameter('secondary_groups_selected', '');
$fields = db_get_all_fields_in_table('tagent_custom_fields');
@ -298,6 +299,7 @@ if ($create_agent) {
'quiet' => $quiet,
'cps' => $cps,
'fixed_ip' => $fixed_ip,
'vul_scan_enabled' => $vul_scan_enabled,
]
);
} else {
@ -610,11 +612,6 @@ if ($id_agente) {
$agent_wizard['active'] = false;
}
// Vulnerabilities tab.
$vulnerabilities = enterprise_hook('vulnerabilities_tab');
if ($vulnerabilities === ENTERPRISE_NOT_HOOK) {
$vulnerabilities = '';
}
if (check_acl_one_of_groups($config['id_user'], $all_groups, 'AW') === true) {
if ($has_remote_conf !== false) {
@ -1017,6 +1014,7 @@ if ($update_agent) {
$secondary_groups = (array) get_parameter('secondary_groups_selected', '');
$satellite_server = (int) get_parameter('satellite_server', 0);
$fixed_ip = (int) get_parameter_switch('fixed_ip', 0);
$vul_scan_enabled = (int) get_parameter_switch('vul_scan_enabled', 2);
if ($fields === false) {
$fields = [];
@ -1143,6 +1141,7 @@ if ($update_agent) {
'safe_mode_module' => $safe_mode_module,
'satellite_server' => $satellite_server,
'fixed_ip' => $fixed_ip,
'vul_scan_enabled' => $vul_scan_enabled,
];
if ($config['metaconsole_agent_cache'] == 1) {
@ -1300,6 +1299,7 @@ if ($id_agente) {
$safe_mode = ($safe_mode_module) ? 1 : 0;
$satellite_server = (int) $agent['satellite_server'];
$fixed_ip = (int) $agent['fixed_ip'];
$vul_scan_enabled = (int) $agent['vul_scan_enabled'];
}
$update_module = (bool) get_parameter('update_module');
@ -2376,29 +2376,6 @@ if ($updateGIS === true) {
}
}
// UPDATE VULNERABILITIES.
$updateVul = (bool) get_parameter('update_vulnerabilities', 0);
if ($updateVul === true) {
$vul_scan_enabled = get_parameter('vul_scan_enabled', 0);
$vul_scan_interval = (int) get_parameter_post('vul_scan_interval', SECONDS_5MINUTES);
$idAgente = get_parameter('id_agente');
$result = db_process_sql_update(
'tagente',
[
'vul_scan_enabled' => $vul_scan_enabled,
'vul_scan_interval' => $vul_scan_interval,
],
['id_agente' => $idAgente]
);
ui_print_result_message(
$result,
__('Successfully updated'),
__('Could not be updated')
);
}
// -----------------------------------
// Load page depending on tab selected
// -----------------------------------

View File

@ -767,6 +767,16 @@ $table->data[$i][] = html_print_label_input_block(
)
);
$table->data[$i][] = html_print_label_input_block(
__('Agent vulnerability scanning'),
html_print_checkbox_switch(
'agent_vulnerabilities',
1,
$config['agent_vulnerabilities'],
true
)
);
echo '<form class="max_floating_element_size" id="form_setup" method="post" action="index.php?sec=gsetup&sec2=godmode/setup/setup&amp;section=general&amp;pure='.$config['pure'].'">';
echo '<fieldset class="margin-bottom-10">';

View File

@ -371,6 +371,10 @@ function config_update_config()
$error_update[] = __('show_experimental_features');
}
if (config_update_value('agent_vulnerabilities', get_parameter('agent_vulnerabilities'), true) === false) {
$error_update[] = __('agent_vulnerabilities');
}
if (config_update_value('console_log_enabled', get_parameter('console_log_enabled'), true) === false) {
$error_update[] = __('Console log enabled');
}
@ -2441,6 +2445,10 @@ function config_process_config()
config_update_value('show_experimental_features', 0);
}
if (!isset($config['agent_vulnerabilities'])) {
config_update_value('agent_vulnerabilities', 1);
}
if (!isset($config['console_log_enabled'])) {
config_update_value('console_log_enabled', 0);
}

View File

@ -44,6 +44,7 @@ ui_require_css_file('agent_view');
enterprise_include_once('operation/agentes/ver_agente.php');
enterprise_include_once('include/functions_security_hardening.php');
enterprise_include_once('include/functions_vulnerabilities.php');
check_login();
if (is_ajax()) {
@ -1869,19 +1870,26 @@ if (enterprise_installed() === true && security_hardening_installed() === true)
$security_hardening['active'] = ($tab === 'security_hardening');
}
if (enterprise_installed() === true && (bool) $agent['vul_scan_enabled'] === true) {
$vulnerabilities['text'] = html_print_menu_button(
[
'href' => 'index.php?sec=estado&sec2=operation/agentes/ver_agente&tab=vulnerabilities&id_agente='.$id_agente,
'image' => 'images/vulnerability_scan@svg.svg',
'title' => __('Vulnerabilities'),
],
true
);
if (function_exists('vulnerabilities_last_scan_agent') === true) {
if (enterprise_installed() === true
&& (int) $agent['vul_scan_enabled'] !== 0
&& ((int) $agent['vul_scan_enabled'] === 1 || (int) $config['agent_vulnerabilities'] === 1)
&& vulnerabilities_last_scan_agent($id_agente) !== 0
) {
$vulnerabilities['text'] = html_print_menu_button(
[
'href' => 'index.php?sec=estado&sec2=operation/agentes/ver_agente&tab=vulnerabilities&id_agente='.$id_agente,
'image' => 'images/vulnerability_scan@svg.svg',
'title' => __('Vulnerabilities'),
],
true
);
$vulnerabilities['active'] = ($tab === 'vulnerabilities');
$vulnerabilities['active'] = ($tab === 'vulnerabilities');
}
}
$onheader = [
'manage' => ($managetab ?? null),
'main' => ($maintab ?? null),

View File

@ -91,8 +91,7 @@ CREATE TABLE IF NOT EXISTS `tagente` (
`satellite_server` INT NOT NULL DEFAULT 0,
`fixed_ip` TINYINT NOT NULL DEFAULT 0,
`disabled_by_downtime` TINYINT NOT NULL DEFAULT 0,
`vul_scan_enabled` TINYINT NOT NULL DEFAULT 0,
`vul_scan_interval` INT NOT NULL DEFAULT 300,
`vul_scan_enabled` TINYINT NOT NULL DEFAULT 2,
PRIMARY KEY (`id_agente`),
KEY `nombre` (`nombre`(255)),
KEY `direccion` (`direccion`),