tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-28 08:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

2012-01-11 Vanessa Gil <vanessa.gil@artica.es>

Browse Source 
godmode/netflow/nf_edit_form.php
	  godmode/netflow/nf_report.php
	  godmode/netflow/nf_report_form.php
	  godmode/netflow/nf_report_item.php
	  include/functions_netflow.php
	  operation/netflow/nf_view.php: netflow acl.


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@5350 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
vgilc 2012-01-11 18:12:33 +00:00
parent 5a79d640cf
commit adb9a8b750
7 changed files with 104 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pandora_console/ChangeLog
View File

@ -1,3 +1,11 @@
2012-01-11 Vanessa Gil <vanessa.gil@artica.es>
godmode/netflow/nf_edit_form.php
godmode/netflow/nf_report.php
godmode/netflow/nf_report_form.php
godmode/netflow/nf_report_item.php
include/functions_netflow.php
operation/netflow/nf_view.php: netflow acl.
2012-01-11 Ramon Novoa <rnovoa@artica.es> 2012-01-11 Ramon Novoa <rnovoa@artica.es>
* include/functions_graph.php, * include/functions_graph.php,

8
pandora_console/godmode/netflow/nf_edit_form.php
View File

@ -36,6 +36,14 @@ $name = db_get_value('id_name', 'tnetflow_filter', 'id_sg', $id);
$update = (string)get_parameter('update', 0); $update = (string)get_parameter('update', 0);
$create = (string)get_parameter('create', 0); $create = (string)get_parameter('create', 0);
if ($id){
$permission = netflow_check_filter_group ($id);
if (!$permission) { //no tiene permisos para acceder a un filtro
require ("general/noaccess.php");
return;
}
}
$buttons['edit'] = '<a href="index.php?sec=netf&sec2=godmode/netflow/nf_edit">' $buttons['edit'] = '<a href="index.php?sec=netf&sec2=godmode/netflow/nf_edit">'
. html_print_image ("images/edit.png", true, array ("title" => __('Filter list'))) . html_print_image ("images/edit.png", true, array ("title" => __('Filter list')))
. '</a>'; . '</a>';

5
pandora_console/godmode/netflow/nf_report.php
View File

@ -89,15 +89,14 @@ $reports = db_get_all_rows_filter ('tnetflow_report', $filter);
// Get group list that user has access // Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "IW", false, true); $groups_user = users_get_groups ($config['id_user'], "IW", false, true);
html_debug_print($groups_user);
$groups_id = array(); $groups_id = array();
foreach($groups_user as $key => $groups){ foreach($groups_user as $key => $groups){
$groups_id[] = $groups['id_grupo']; $groups_id[] = $groups['id_grupo'];
} }
html_debug_print($groups_id);
$sql = "SELECT * FROM tnetflow_report WHERE id_group IN (".implode(',',$groups_id).")"; $sql = "SELECT * FROM tnetflow_report WHERE id_group IN (".implode(',',$groups_id).")";
html_debug_print($sql);
$reports = db_get_all_rows_sql($sql); $reports = db_get_all_rows_sql($sql);
if ($reports === false) if ($reports === false)
$reports = array(); $reports = array();

8
pandora_console/godmode/netflow/nf_report_form.php
View File

@ -34,6 +34,14 @@ $id = (int)get_parameter('id');
$update = (string)get_parameter('update', 0); $update = (string)get_parameter('update', 0);
$create = (string)get_parameter('create', 0); $create = (string)get_parameter('create', 0);
if ($id) {
$permission = netflow_check_report_group ($id);
if (!$permission) { //no tiene permisos para acceder a un informe
require ("general/noaccess.php");
return;
}
}
if ($id) { if ($id) {
$report = netflow_reports_get_reports ($id); $report = netflow_reports_get_reports ($id);
$name = $report['id_name']; $name = $report['id_name'];

6
pandora_console/godmode/netflow/nf_report_item.php
View File

@ -79,7 +79,6 @@ if ($update) {
} }
if ($create){ if ($create){
$id_filter = get_parameter('id_filter'); $id_filter = get_parameter('id_filter');
$name_filter = db_get_value('id_name', 'tnetflow_filter', 'id_sg', $id_filter); $name_filter = db_get_value('id_name', 'tnetflow_filter', 'id_sg', $id_filter);
$max_val = get_parameter('max','2'); $max_val = get_parameter('max','2');
@ -112,9 +111,10 @@ $filters = netflow_get_filters ();
if ($filters === false) { if ($filters === false) {
$filters = array (); $filters = array ();
} }
html_debug_print($filters);
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
// Get group list that user has access // Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "IW", false, true); $groups_user = users_get_groups ($config['id_user'], "IW", $is_admin, true);
$groups_id = array(); $groups_id = array();
foreach($groups_user as $key => $groups){ foreach($groups_user as $key => $groups){
$groups_id[] = $groups['id_grupo']; $groups_id[] = $groups['id_grupo'];

62
pandora_console/include/functions_netflow.php
View File

@ -14,6 +14,9 @@
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details. // GNU General Public License for more details.
include_once("include/functions_users.php");
// Date format for nfdump // Date format for nfdump
$nfdump_date_format = 'Y/m/d.H:i:s'; $nfdump_date_format = 'Y/m/d.H:i:s';
@ -66,6 +69,42 @@ function netflow_get_reports ($filter = false) {
return $return; return $return;
} }
//permite validar si un filtro pertenece a un grupo permitido para el usuario
function netflow_check_filter_group ($id_sg) {
global $config;
$id_group = db_get_value('id_group', 'tnetflow_filter', 'id_sg', $id_sg);
// Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "IW", false, true);
$groups_id = array();
$has_permission = false;
foreach($groups_user as $key => $groups){
if ($groups['id_grupo'] == $id_group)
return true;
}
return false;
}
//permite validar si un informe pertenece a un grupo permitido para el usuario
function netflow_check_report_group ($id_report) {
global $config;
$id_group = db_get_value('id_group', 'tnetflow_report', 'id_report', $id_report);
// Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "IW", false, true);
$groups_id = array();
$has_permission = false;
foreach($groups_user as $key => $groups){
if ($groups['id_grupo'] == $id_group)
return true;
}
return false;
}
/** /**
* Get a filter. * Get a filter.
* *
@ -76,13 +115,32 @@ function netflow_get_reports ($filter = false) {
* @return array A netflow filter matching id and filter. * @return array A netflow filter matching id and filter.
*/ */
function netflow_filter_get_filter ($id_sg, $filter = false, $fields = false) { function netflow_filter_get_filter ($id_sg, $filter = false, $fields = false) {
if (empty ($id_sg)) global $config;
return false;
/*
$id_group = db_get_value('id_group', 'tnetflow_filter', 'id_sg', $id_sg);
// Get group list that user has access
$groups_user = users_get_groups ($config['id_user'], "AR", false, true);
$groups_id = array();
$has_permission = false;
foreach($groups_user as $key => $groups){
if ($groups['id_grupo'] == $id_group)
$has_permission = true;
}
*/
//if ($has_permission) {
if (! is_array ($filter)) if (! is_array ($filter))
$filter = array (); $filter = array ();
$filter['id_sg'] = (int) $id_sg; $filter['id_sg'] = (int) $id_sg;
return db_get_row_filter ('tnetflow_filter', $filter, $fields); return db_get_row_filter ('tnetflow_filter', $filter, $fields);
/*
} else {
return false;
}
*/
} }
/** /**

9
pandora_console/operation/netflow/nf_view.php
View File

@ -31,6 +31,15 @@ if (! check_acl ($config["id_user"], 0, "AR")) {
} }
$id = io_safe_input (get_parameter('id')); $id = io_safe_input (get_parameter('id'));
if ($id) {
$permission = netflow_check_report_group ($id);
if (!$permission) { //no tiene permisos para acceder a un informe
require ("general/noaccess.php");
return;
}
}
$period = get_parameter('period', '86400'); $period = get_parameter('period', '86400');
$update_date = get_parameter('update_date', 0); $update_date = get_parameter('update_date', 0);
if($update_date){ if($update_date){