diff --git a/pandora_console/operation/agentes/networkmap.dinamic.php b/pandora_console/operation/agentes/networkmap.dinamic.php
index a51d659a48..edc5823803 100755
--- a/pandora_console/operation/agentes/networkmap.dinamic.php
+++ b/pandora_console/operation/agentes/networkmap.dinamic.php
@@ -19,7 +19,34 @@ global $config;
check_login ();
-if (! check_acl ($config['id_user'], $store_group, "AR")) {
+// Networkmap id required
+if (!isset($id_networkmap)) {
+ db_pandora_audit("ACL Violation",
+ "Trying to access node graph builder");
+ require ("general/noaccess.php");
+ exit;
+}
+
+// Get the group for ACL
+if (!isset($store_group)) {
+ $store_group = db_get_value("store_group", "tnetwork_map", "id_networkmap", $id_networkmap);
+ if ($store_group === false) {
+ db_pandora_audit("ACL Violation",
+ "Trying to accessnode graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
+}
+
+// ACL for the networkmap permission
+if (!isset($networkmap_read))
+ $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+if (!isset($networkmap_write))
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+if (!isset($networkmap_manage))
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) {
db_pandora_audit("ACL Violation",
"Trying to access node graph builder");
include ("general/noaccess.php");
diff --git a/pandora_console/operation/agentes/networkmap.groups.php b/pandora_console/operation/agentes/networkmap.groups.php
index d21830cd02..b6004367c8 100644
--- a/pandora_console/operation/agentes/networkmap.groups.php
+++ b/pandora_console/operation/agentes/networkmap.groups.php
@@ -19,7 +19,34 @@ global $config;
check_login ();
-if (! check_acl ($config['id_user'], $store_group, "AR")) {
+// Networkmap id required
+if (!isset($id_networkmap)) {
+ db_pandora_audit("ACL Violation",
+ "Trying to access node graph builder");
+ require ("general/noaccess.php");
+ exit;
+}
+
+// Get the group for ACL
+if (!isset($store_group)) {
+ $store_group = db_get_value("store_group", "tnetwork_map", "id_networkmap", $id_networkmap);
+ if ($store_group === false) {
+ db_pandora_audit("ACL Violation",
+ "Trying to accessnode graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
+}
+
+// ACL for the networkmap permission
+if (!isset($networkmap_read))
+ $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+if (!isset($networkmap_write))
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+if (!isset($networkmap_manage))
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) {
db_pandora_audit("ACL Violation",
"Trying to access node graph builder");
include ("general/noaccess.php");
diff --git a/pandora_console/operation/agentes/networkmap.php b/pandora_console/operation/agentes/networkmap.php
index 8b9de395c0..3cc7512e0c 100644
--- a/pandora_console/operation/agentes/networkmap.php
+++ b/pandora_console/operation/agentes/networkmap.php
@@ -19,13 +19,6 @@ global $config;
check_login ();
-if (! check_acl ($config['id_user'], 0, "AR")) {
- db_pandora_audit("ACL Violation",
- "Trying to access node graph builder");
- include ("general/noaccess.php");
- exit;
-}
-
require_once ('include/functions_networkmap.php');
require_once ('include/functions_clippy.php');
@@ -42,16 +35,54 @@ $update_networkmap = get_parameter ('update_networkmap', 0);
$recenter_networkmap = get_parameter ('recenter_networkmap', 0);
$hidden_options = get_parameter ('hidden_options', 1);
-if ($delete_networkmap) {
- $result = networkmap_delete_networkmap($id_networkmap);
- $message = ui_print_result_message ($result,
- __('Network map deleted successfully'),
- __('Could not delete network map'), '', true);
+// ACL checks //
+// New networkmap.
+if ($add_networkmap) {
+ // ACL for the new network map
+ // $networkmap_read = check_acl ($config['id_user'], 0, "MR");
+ $networkmap_write = check_acl ($config['id_user'], 0, "MW");
+ $networkmap_manage = check_acl ($config['id_user'], 0, "MM");
+
+ if (!$networkmap_write && !$networkmap_manage) {
+ db_pandora_audit("ACL Violation",
+ "Trying to accessnode graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
+}
+// The networkmap exist. Should have id and store goup.
+else {
+ // Networkmap id required
+ if (empty($id_networkmap)) {
+ db_pandora_audit("ACL Violation",
+ "Trying to access node graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
+ // Get the group for ACL
+ $store_group = db_get_value("store_group", "tnetwork_map", "id_networkmap", $id_networkmap);
+ if ($store_group === false) {
+ db_pandora_audit("ACL Violation",
+ "Trying to accessnode graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
- $id_networkmap = 0;
+ // ACL for the general permission
+ $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+ if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) {
+ db_pandora_audit("ACL Violation",
+ "Trying to access node graph builder");
+ include ("general/noaccess.php");
+ exit;
+ }
}
+// Create
if ($add_networkmap) {
// Load variables
$layout = 'radial';
@@ -100,81 +131,126 @@ if ($add_networkmap) {
'l2_network' => $l2_network
);
$id_networkmap = networkmap_create_networkmap($values);
-
+
$message = ui_print_result_message ($id_networkmap,
__('Network map created successfully'),
__('Could not create network map'), '', true);
-}
-
-if ($save_networkmap || $update_networkmap) {
- // Load variables
- $layout = (string) get_parameter ('layout', 'radial');
- $depth = (string) get_parameter ('depth', 'all');
- $nooverlap = (bool) get_parameter ('nooverlap', 0);
- $modwithalerts = (int) get_parameter ('modwithalerts', 0);
- $hidepolicymodules = (int) get_parameter ('hidepolicymodules', 0);
- $zoom = (float) get_parameter ('zoom', 1);
- $ranksep = (float) get_parameter ('ranksep', 2.5);
- $simple = (int) get_parameter ('simple', 0);
- $regen = (int) get_parameter ('regen', 0);
- $show_snmp_modules = (int) get_parameter ('show_snmp_modules', 0);
- $font_size = (int) get_parameter ('font_size', 12);
- $text_filter = get_parameter ('text_filter', '');
- $dont_show_subgroups = (bool)get_parameter ('dont_show_subgroups', 0);
- $store_group = (int) get_parameter ('store_group', 0);
- $group = (int) get_parameter ('group', 0);
- $module_group = (int) get_parameter ('module_group', 0);
- $center = (int) get_parameter ('center', 0);
- $name = (string) get_parameter ('name', $activeTab);
- $l2_network = (int) get_parameter ('l2_network', 0);
- if ($save_networkmap) {
- $result = networkmap_update_networkmap($id_networkmap,
- array('name' => $name,
- 'type' => $activeTab,
- 'layout' => $layout,
- 'nooverlap' => $nooverlap,
- 'simple' => $simple,
- 'regenerate' => $regen,
- 'font_size' => $font_size,
- 'store_group' => $store_group,
- 'id_group' => $group,
- 'id_module_group' => $module_group,
- 'depth' => $depth,
- 'only_modules_with_alerts' => $modwithalerts,
- 'hide_policy_modules' => $hidepolicymodules,
- 'zoom' => $zoom,
- 'distance_nodes' => $ranksep,
- 'text_filter' => $text_filter,
- 'dont_show_subgroups' => $dont_show_subgroups,
- 'center' => $center,
- 'show_snmp_modules' => (int)$show_snmp_modules,
- 'l2_network' => (int)$l2_network));
-
+ // Exit when the networkmap was not created
+ if ($id_networkmap === false) {
+ return;
+ }
+}
+// Action in existing networkmap
+else if ($delete_networkmap || $save_networkmap || $update_networkmap) {
+
+ // ACL for the network map
+ // if (!isset($networkmap_read))
+ // $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+ if (!isset($networkmap_write))
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+ if (!isset($networkmap_manage))
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+ if (!$networkmap_write && !$networkmap_manage) {
+ db_pandora_audit("ACL Violation",
+ "Trying to accessnode graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
+
+ // Actions //
+
+ // Not used now. The new behaviour is delete the map posting to the list.
+ if ($delete_networkmap) {
+ $result = networkmap_delete_networkmap($id_networkmap);
$message = ui_print_result_message ($result,
- __('Network map saved successfully'),
- __('Could not save network map'), '', true);
+ __('Network map deleted successfully'),
+ __('Could not delete network map'), '', true);
+
+ return;
}
-}
-
-$networkmaps = networkmap_get_networkmaps('','', true, $strict_user);
-
-$nomaps = false;
-if ($networkmaps === false) {
- $nomaps = true;
-}
-
-// If the map id is not defined, we set the first id of the active type
-if (!$nomaps && $id_networkmap == 0) {
- $networkmaps_of_type = networkmap_get_networkmaps('', $activeTab);
- if ($networkmaps_of_type !== false) {
- $id_networkmap = reset(array_keys($networkmaps_of_type));
- }
-}
-
-if (!$update_networkmap && !$save_networkmap && $id_networkmap != 0) {
- $networkmap_data = networkmap_get_networkmap($id_networkmap);
+ // Save updates the db data, update only updates the view.
+ if ($save_networkmap || $update_networkmap) {
+ // Load variables
+ $layout = (string) get_parameter ('layout', 'radial');
+ $depth = (string) get_parameter ('depth', 'all');
+ $nooverlap = (bool) get_parameter ('nooverlap', 0);
+ $modwithalerts = (int) get_parameter ('modwithalerts', 0);
+ $hidepolicymodules = (int) get_parameter ('hidepolicymodules', 0);
+ $zoom = (float) get_parameter ('zoom', 1);
+ $ranksep = (float) get_parameter ('ranksep', 2.5);
+ $simple = (int) get_parameter ('simple', 0);
+ $regen = (int) get_parameter ('regen', 0);
+ $show_snmp_modules = (int) get_parameter ('show_snmp_modules', 0);
+ $font_size = (int) get_parameter ('font_size', 12);
+ $text_filter = get_parameter ('text_filter', '');
+ $dont_show_subgroups = (bool)get_parameter ('dont_show_subgroups', 0);
+ $store_group = (int) get_parameter ('store_group', 0);
+ $group = (int) get_parameter ('group', 0);
+ $module_group = (int) get_parameter ('module_group', 0);
+ $center = (int) get_parameter ('center', 0);
+ $name = (string) get_parameter ('name', $activeTab);
+ $l2_network = (int) get_parameter ('l2_network', 0);
+
+ if ($save_networkmap) {
+ // ACL for the new network map
+ $networkmap_read_new = check_acl ($config['id_user'], $store_group, "MR");
+ $networkmap_write_new = check_acl ($config['id_user'], $store_group, "MW");
+ $networkmap_manage_new = check_acl ($config['id_user'], $store_group, "MM");
+
+ if (!$networkmap_write_new && !$networkmap_manage_new) {
+ db_pandora_audit("ACL Violation",
+ "Trying to accessnode graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
+
+ $result = networkmap_update_networkmap($id_networkmap,
+ array('name' => $name,
+ 'type' => $activeTab,
+ 'layout' => $layout,
+ 'nooverlap' => $nooverlap,
+ 'simple' => $simple,
+ 'regenerate' => $regen,
+ 'font_size' => $font_size,
+ 'store_group' => $store_group,
+ 'id_group' => $group,
+ 'id_module_group' => $module_group,
+ 'depth' => $depth,
+ 'only_modules_with_alerts' => $modwithalerts,
+ 'hide_policy_modules' => $hidepolicymodules,
+ 'zoom' => $zoom,
+ 'distance_nodes' => $ranksep,
+ 'text_filter' => $text_filter,
+ 'dont_show_subgroups' => $dont_show_subgroups,
+ 'center' => $center,
+ 'show_snmp_modules' => (int)$show_snmp_modules,
+ 'l2_network' => (int)$l2_network));
+
+ $message = ui_print_result_message ($result,
+ __('Network map saved successfully'),
+ __('Could not save network map'), '', true);
+
+ if ($result) {
+ // Save the new ACL permisison
+ $networkmap_read = $networkmap_read_new;
+ $networkmap_write = $networkmap_write_new;
+ $networkmap_manage = $networkmap_manage_new;
+ }
+ }
+ }
+}
+
+if (!$update_networkmap && !$save_networkmap) {
+ $networkmap_data = networkmap_get_networkmap($id_networkmap);
+ if (empty($networkmap_data)) {
+ ui_print_error_message(__('There was an error loading the network map'));
+ return;
+ }
+
+ // Load variables
$layout = $networkmap_data['layout'];
$depth = $networkmap_data['depth'];
$nooverlap = (bool)$networkmap_data['nooverlap'];
@@ -202,107 +278,128 @@ if ($recenter_networkmap) {
}
/* Main code */
+
+$qs = http_build_query(array(
+ "sec" => "network",
+ "sec2" => "operation/agentes/networkmap_list"
+ ));
+$href = "index.php?$qs";
+
+$buttons['list'] = array('active' => false, 'text' => "" .
+ html_print_image("images/list.png", true, array ("title" => __('List'))) ."");
+
if ($pure == 1) {
- $buttons['screen'] = array('active' => false,
- 'text' => '' .
- html_print_image("images/normal_screen.png", true, array ('title' => __('Normal screen'))) .'');
+ $qs = http_build_query(array(
+ "sec" => "network",
+ "sec2" => "operation/agentes/networkmap",
+ "id_networkmap" => $id_networkmap,
+ "tab" => $activeTab
+ ));
+ $href = "index.php?$qs";
+
+ $buttons['screen'] = array('active' => false, 'text' => "" .
+ html_print_image("images/normal_screen.png", true, array ('title' => __('Normal screen'))) ."");
}
else {
- $buttons['screen'] = array('active' => false,
- 'text' => '' .
- html_print_image("images/full_screen.png", true, array ('title' => __('Full screen'))) .'');
-}
-if (($config['enterprise_installed']) && (!$strict_user)) {
- $buttons['policies'] = array('active' => $activeTab == 'policies',
- 'text' => '' .
- html_print_image("images/policies_mc.png", true, array ("title" => __('Policies view'))) .'');
-}
-
-$buttons['groups'] = array('active' => $activeTab == 'groups',
- 'text' => '' .
- html_print_image("images/group.png", true, array ("title" => __('Groups view'))) .'');
-
-$buttons['topology'] = array('active' => $activeTab == 'topology',
- 'text' => '' .
- html_print_image("images/op_network.png", true, array ("title" => __('Topology view'))) .'');
-
-$buttons['dinamic'] = array('active' => $activeTab == 'dinamic',
- 'text' => '' .
- html_print_image("images/dynamic_network_icon.png", true, array ("title" => __('Dynamic view'))) .'');
-
-if (!$strict_user) {
- $buttons['radial_dinamic'] = array('active' => $activeTab == 'radial_dynamic',
- 'text' => '' .
- html_print_image("images/radial_dynamic_network_icon.png", true, array ("title" => __('Radial dynamic view'))) .'');
-}
-
-$combolist = '';
-
-$buttons['combolist'] = $combolist;
-
-if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
- $buttons['addmap'] = array('active' => $activeTab == false,
- 'text' => '' .
- html_print_image("images/add_mc.png", true, array ("title" => __('Add map'))) .'');
+ $qs = http_build_query(array(
+ "sec" => "network",
+ "sec2" => "operation/agentes/networkmap",
+ "id_networkmap" => $id_networkmap,
+ "tab" => $activeTab,
+ "pure" => 1
+ ));
+ $href = "index.php?$qs";
- if (!$nomaps && $id_networkmap != 0) {
- $buttons['deletemap'] = array('active' => $activeTab == false,
- 'text' => '' .
- html_print_image("images/delete_mc.png", true, array ("title" => __('Delete map'))) .'');
-
- $buttons['savemap'] = array('active' => $activeTab == false,
- 'text' => '' .
- html_print_image("images/save_mc.png", true, array ("title" => __('Save map'))) .'');
- }
+ $buttons['screen'] = array('active' => false, 'text' => "" .
+ html_print_image("images/full_screen.png", true, array ('title' => __('Full screen'))) ."");
}
+if ($networkmap_write || $networkmap_manage) {
+
+ $qs = http_build_query(array(
+ "sec" => "network",
+ "sec2" => "operation/agentes/networkmap_list",
+ "id_networkmap" => $id_networkmap,
+ "delete_networkmap" => 1
+ ));
+ $href = "index.php?$qs";
+
+ $buttons['deletemap'] = array('active' => false, 'text' => "" .
+ html_print_image("images/delete_mc.png", true, array ("title" => __('Delete map'))) ."");
+
+ $qs = http_build_query(array(
+ "sec" => "network",
+ "sec2" => "operation/agentes/networkmap",
+ "id_networkmap" => $id_networkmap,
+ "save_networkmap" => 1,
+ "tab" => $activeTab,
+ "name" => $name,
+ "store_group" => $store_group,
+ "group" => $group,
+ "layout" => $layout,
+ "nooverlap" => $nooverlap,
+ "simple" => $simple,
+ "regen" => $regen,
+ "zoom" => $zoom,
+ "ranksep" => $$ranksep,
+ "font_size" => $font_size,
+ "depth" => $depth,
+ "modwithalerts" => $modwithalerts,
+ "text_filter" => $text_filter,
+ "dont_show_subgroups" => $dont_show_subgroups,
+ "hidepolicymodules" => $hidepolicymodules,
+ "module_group" => $module_group,
+ "hidden_options" => (int)$hidden_options,
+ "show_snmp_modules" => (int)$show_snmp_modules,
+ "l2_network" => (int)$l2_network,
+ "pure" => $pure
+ ));
+ $href = "index.php?$qs";
+
+ $buttons['savemap'] = array('active' => false, 'text' => "" .
+ html_print_image("images/save_mc.png", true, array ("title" => __('Save map'))) .'');
+}
+
+// Disabled. It's a waste of resources to check the ACL of every networkmap
+// for only provide a shorthand feature.
+// $combolist = '';
+
+// $buttons['combolist'] = $combolist;
+
$title = '';
+$icon = "images/op_network.png";
switch ($activeTab) {
case 'topology':
$title = __('Topology view');
+ $icon = "images/op_network.png";
break;
case 'groups':
$title = __('Groups view');
+ $icon = "images/group.png";
break;
case 'policies':
$title = __('Policies view');
+ $icon = "images/policies_mc.png";
break;
case 'dinamic':
$title = __('Dynamic view');
+ $icon = "images/dynamic_network_icon.png";
break;
- case 'radial_dinamic':
+ case 'radial_dynamic':
$title = __('Radial dynamic view');
+ $icon = "images/radial_dynamic_network_icon.png";
break;
}
@@ -311,7 +408,7 @@ if (!empty($name)) {
}
ui_print_page_header (__('Network map') . " - " . $title,
- "images/op_network.png", false, "network_map", false, $buttons);
+ $icon, false, "network_map", false, $buttons);
if ((tags_has_user_acl_tags()) && (!$strict_user)) {
ui_print_tags_warning();
@@ -321,12 +418,6 @@ if ($delete_networkmap || $add_networkmap || $save_networkmap) {
echo $message;
}
-if ($id_networkmap == 0) {
- echo "" .
- __('There are no defined maps in this view') . "
";
- return;
-}
-
// CONFIGURATION FORM
echo "
";
@@ -498,24 +589,22 @@ $options_form .= '';
ui_toggle($options_form, __('Map options'), '', $hidden_options);
-if ($id_networkmap != 0) {
- switch ($activeTab) {
- case 'groups':
- require_once('operation/agentes/networkmap.groups.php');
- break;
- case 'policies':
- require_once(ENTERPRISE_DIR . '/operation/policies/networkmap.policies.php');
- break;
- case 'dinamic':
- require_once('operation/agentes/networkmap.dinamic.php');
- break;
- case 'radial_dynamic':
- require_once('operation/agentes/networkmap.dinamic.php');
- break;
- default:
- case 'topology':
- require_once('operation/agentes/networkmap.topology.php');
- break;
- }
+switch ($activeTab) {
+ case 'groups':
+ require_once('operation/agentes/networkmap.groups.php');
+ break;
+ case 'policies':
+ require_once(ENTERPRISE_DIR . '/operation/policies/networkmap.policies.php');
+ break;
+ case 'dinamic':
+ require_once('operation/agentes/networkmap.dinamic.php');
+ break;
+ case 'radial_dynamic':
+ require_once('operation/agentes/networkmap.dinamic.php');
+ break;
+ default:
+ case 'topology':
+ require_once('operation/agentes/networkmap.topology.php');
+ break;
}
?>
diff --git a/pandora_console/operation/agentes/networkmap.topology.php b/pandora_console/operation/agentes/networkmap.topology.php
index f9799e84a0..29048be445 100644
--- a/pandora_console/operation/agentes/networkmap.topology.php
+++ b/pandora_console/operation/agentes/networkmap.topology.php
@@ -19,7 +19,34 @@ global $config;
check_login ();
-if (! check_acl ($config['id_user'], $store_group, "AR")) {
+// Networkmap id required
+if (!isset($id_networkmap)) {
+ db_pandora_audit("ACL Violation",
+ "Trying to access node graph builder");
+ require ("general/noaccess.php");
+ exit;
+}
+
+// Get the group for ACL
+if (!isset($store_group)) {
+ $store_group = db_get_value("store_group", "tnetwork_map", "id_networkmap", $id_networkmap);
+ if ($store_group === false) {
+ db_pandora_audit("ACL Violation",
+ "Trying to accessnode graph builder");
+ require ("general/noaccess.php");
+ exit;
+ }
+}
+
+// ACL for the networkmap permission
+if (!isset($networkmap_read))
+ $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+if (!isset($networkmap_write))
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+if (!isset($networkmap_manage))
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+if (!$networkmap_read && !$networkmap_write && !$networkmap_manage) {
db_pandora_audit("ACL Violation",
"Trying to access node graph builder");
include ("general/noaccess.php");
diff --git a/pandora_console/operation/agentes/networkmap_list.php b/pandora_console/operation/agentes/networkmap_list.php
index 2bb25c7211..ccd003e8c6 100644
--- a/pandora_console/operation/agentes/networkmap_list.php
+++ b/pandora_console/operation/agentes/networkmap_list.php
@@ -19,7 +19,12 @@ global $config;
check_login ();
-if (! check_acl ($config['id_user'], 0, "AR")) {
+// ACL for the general permission
+$networkmaps_read = check_acl ($config['id_user'], 0, "MR");
+$networkmaps_write = check_acl ($config['id_user'], 0, "MW");
+$networkmaps_manage = check_acl ($config['id_user'], 0, "MM");
+
+if (!$networkmaps_read && !$networkmaps_write && !$networkmaps_manage) {
db_pandora_audit("ACL Violation",
"Trying to access Networkmap builder");
if (is_ajax()) {
@@ -45,10 +50,15 @@ if (is_ajax()) {
foreach ($ids_networkmap as $id) {
$store_group = (int) db_get_value('store_group', 'tnetwork_map', 'id_networkmap',$id_networkmap);
- if (check_acl ($config['id_user'], $store_group, "RM")) {
+ // ACL
+ // $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+ if ($networkmap_manage) {
$results[$id] = (bool) networkmap_delete_networkmap($id);
}
- else if (check_acl ($config['id_user'], $store_group, "RW")) {
+ else if ($networkmap_write) {
$results[$id] = (bool) networkmap_delete_user_networkmap($config['id_user'], $id);
}
}
@@ -74,12 +84,16 @@ $id_networkmap = get_parameter ('id_networkmap', 0);
$delete_networkmap = get_parameter ('delete_networkmap', 0);
if ($delete_networkmap) {
- if (is_user_admin ($config['id_user'])){
+
+ // ACL
+ // $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+ if ($networkmap_manage || is_user_admin ($config['id_user'])) {
$result = networkmap_delete_networkmap($id_networkmap);
}
- elseif (check_acl ($config['id_user'], 0, "RM")) {
- $result = networkmap_delete_networkmap($id_networkmap);
- }elseif (check_acl ($config['id_user'], 0, "RW")) {
+ else if ($networkmap_write) {
$result = networkmap_delete_user_networkmap($config['id_user'], $id_networkmap);
}
$message = ui_print_result_message ($result,
@@ -138,14 +152,13 @@ $table->style[1] = 'text-align: center;';
$table->style[2] = 'text-align: center;';
$table->style[3] = 'text-align: center;';
$table->style[4] = 'text-align: center;';
-$table->style[5] = 'text-align: center;';
$table->size = array();
$table->size[0] = '80%';
$table->size[1] = '60px';
$table->size[2] = '30px';
-if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
+if ($networkmaps_write || $networkmaps_manage) {
$table->size[3] = '30px';
$table->size[4] = '30px';
}
@@ -154,11 +167,10 @@ $table->head = array();
$table->head[0] = __('Name');
$table->head[1] = __('Type');
$table->head[2] = __('Group');
-if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
- $table->head[3] = __('Edit');
- $table->head[4] = __('Delete');
+if ($networkmaps_write || $networkmaps_manage) {
+ $table->head[3] = __('Delete');
// Checkbox to select all the another checkboxes
- $table->head[5] = html_print_checkbox('check_delete_all', 0, false, true);
+ $table->head[4] = html_print_checkbox('check_delete_all', 0, false, true);
}
$id_groups = array_keys(users_get_groups());
@@ -187,32 +199,36 @@ else {
$table->data = array();
foreach ($network_maps as $network_map) {
// ACL
- if (!check_acl ($config['id_user'], $network_map['store_group'], "RR"))
+ $networkmap_read = check_acl ($config['id_user'], $store_group, "MR");
+ $networkmap_write = check_acl ($config['id_user'], $store_group, "MW");
+ $networkmap_manage = check_acl ($config['id_user'], $store_group, "MM");
+
+ // ACL
+ if (!$networkmap_read && !$networkmap_write && !$networkmap_manage)
continue;
// If enterprise not loaded then skip this code
- if ($network_map['type'] == 'policies' and (!defined('PANDORA_ENTERPRISE')))
+ if ($network_map['type'] == 'policies' && !defined('PANDORA_ENTERPRISE'))
continue;
- if (($network_map['type'] == 'radial_dynamic' || $network_map['type'] == 'policies') && ($strict_user)) {
+ if (($network_map['type'] == 'radial_dynamic' || $network_map['type'] == 'policies') && $strict_user) {
continue;
}
$data = array();
- $data[0] = '' . $network_map['name'] . '';
+ $data[0] = '' . $network_map['name'] . '';
$data[1] = $network_map['type'];
$data[2] = ui_print_group_icon ($network_map['store_group'], true);
- if (check_acl ($config['id_user'], $network_map['store_group'], "RW") || check_acl ($config['id_user'], $network_map['store_group'], "RM")) {
- $data[3] = '' . html_print_image("images/config.png", true) . '';
- $data[4] = '' . html_print_image('images/cross.png', true) . '';
+ if ($networkmap_write || $networkmap_manage) {
+ $data[3] = '' . html_print_image('images/cross.png', true) . '';
// The value of the checkbox will be the networkmap id to recover it in js to perform the massive deletion
- $data[5] = html_print_checkbox('check_delete', $network_map['id_networkmap'], false, true);
+ $data[4] = html_print_checkbox('check_delete', $network_map['id_networkmap'], false, true);
}
else {
$data[3] = '';
$data[4] = '';
- $data[5] = '';
}
$table->data[] = $data;
@@ -222,7 +238,7 @@ else {
}
// Create networkmap form
-if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
+if ($networkmaps_write || $networkmaps_manage) {
$table_manage = new StdClass();
$table_manage->width = "100%";
$table_manage->style = array();
diff --git a/pandora_console/operation/visual_console/render_view.php b/pandora_console/operation/visual_console/render_view.php
index 048f2e5f85..e4ae5c1d82 100755
--- a/pandora_console/operation/visual_console/render_view.php
+++ b/pandora_console/operation/visual_console/render_view.php
@@ -74,7 +74,12 @@ $bheight = $layout["height"];
$pure_url = "&pure=" . $config["pure"];
-if (! check_acl ($config["id_user"], $id_group, "RR")) {
+// ACL
+$vconsole_read = check_acl ($config["id_user"], $id_group, "VR");
+$vconsole_write = check_acl ($config["id_user"], $id_group, "VW");
+$vconsole_manage = check_acl ($config["id_user"], $id_group, "VM");
+
+if (! $vconsole_read) {
db_pandora_audit("ACL Violation",
"Trying to access visual console without group access");
require ("general/noaccess.php");
@@ -89,7 +94,7 @@ $options['consoles_list']['text'] =
html_print_image ("images/visual_console.png", true,
array ("title" => __('Visual consoles list'))) . '';
-if (check_acl ($config["id_user"], $id_group, "RW")) {
+if ($vconsole_write || $vconsole_manage) {
$url_base = 'index.php?sec=reporting&sec2=godmode/reporting/visual_console_builder&action=';
$hash = md5($config["dbpass"] . $id_layout . $config["id_user"]);
@@ -123,7 +128,7 @@ if (check_acl ($config["id_user"], $id_group, "RW")) {
$options['view']['text'] = '' . html_print_image ("images/operation.png", true, array ("title" => __('View'))) .'';
$options['view']['active'] = true;
-if (!defined('METACONSOLE')) {
+if (! defined('METACONSOLE')) {
if ($config["pure"] == 0) {
$options['pure']['text'] = '' . html_print_image ("images/full_screen.png", true, array ("title" => __('Full screen mode')))
. "";
@@ -138,18 +143,15 @@ if (!defined('METACONSOLE')) {
$options = array('view' => $options['view'], 'pure' => $options['pure']);
}
$options['pure']['active'] = false;
-}
-
-//Set the hidden value for the javascript
-if (defined('METACONSOLE')) {
- html_print_input_hidden('metaconsole', 1);
-}
-else {
+
+ //Set the hidden value for the javascript
html_print_input_hidden('metaconsole', 0);
ui_print_page_header ($layout_name, "images/visual_console.png", false, '', false, $options);
}
-
-
+else {
+ //Set the hidden value for the javascript
+ html_print_input_hidden('metaconsole', 1);
+}
visual_map_print_visual_map ($id_layout);