tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2010-10-27 Miguel de Dios <miguel.dedios@artica.es> 

* include/functions_db.php: in function "pandora_audit" added new parameter
	$info for to set more info in the audit. Cleaned source code style.
	
	* godmode/users/configure_user.php, godmode/users/configure_profile.php: now
	in the source code pick more info in the audit for actions to create,
	update and delete profiles and user, and for action to add and remove
	profiles to user.
	


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3470 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
mdtrooper 2010-10-27 16:02:53 +00:00
parent 0fee8a061a
commit b0b231688f
5 changed files with 100 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pandora_console/ChangeLog
View File

@ -1,3 +1,13 @@
2010-10-27 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_db.php: in function "pandora_audit" added new parameter
$info for to set more info in the audit. Cleaned source code style.
* godmode/users/configure_user.php, godmode/users/configure_profile.php: now
in the source code pick more info in the audit for actions to create,
update and delete profiles and user, and for action to add and remove
profiles to user.
2010-10-27 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_db.php: in function "pandora_audit" clean source code

4
pandora_console/godmode/reporting/visual_console_builder.editor.js
View File

@ -833,7 +833,7 @@ function eventsItems() {
event.stopPropagation();
if (!openPropertiesPanel) {
divParent = $(event.target).parent();
unselectAll()
unselectAll();
$(divParent).css('border', '2px blue dotted');
if ($(divParent).hasClass('static_graph')) {
@ -894,7 +894,7 @@ function eventsItems() {
event.stopPropagation();
if (!openPropertiesPanel) {
divParent = $(event.target).parent();
unselectAll()
unselectAll();
$(divParent).css('border', '2px blue dotted');
if ($(divParent).hasClass('static_graph')) {

50
pandora_console/godmode/users/configure_profile.php
View File

@ -37,11 +37,16 @@ $id_profile = (int) get_parameter ('id');
// Profile deletion
if ($delete_profile) {
// Delete profile
$profile = get_db_row('tperfil', 'id_perfil', $id_profile);
$sql = sprintf ('DELETE FROM tperfil WHERE id_perfil = %d', $id_profile);
$ret = process_sql ($sql);
if ($ret === false) {
echo '<h3 class="error">'.__('There was a problem deleting the profile').'</h3>';
} else {
}
else {
pandora_audit("Profile management",
"Delete profile ".safe_input($profile['name']));
echo '<h3 class="suc">'.__('Successfully deleted').'</h3>';
echo '<a href="index.php?sec=gusuarios&sec2=godmode/users/user_list">&laquo; Back</a>';
}
@ -78,9 +83,19 @@ if ($update_profile) {
$id_profile);
$ret = process_sql ($sql);
if ($ret !== false) {
$info = 'Name: ' . $name . ' Incident view: ' . $incident_view .
' Incident edit: ' . $incident_edit . ' Incident management: ' . $incident_management .
' Agent view: ' . $agent_view . ' Agent edit: ' . $agent_edit .
' Alert edit: ' . $alert_edit . ' User management: ' . $user_management .
' DB management: ' . $db_management . ' Alert management: ' . $alert_management .
' Pandora Management: ' . $pandora_management;
pandora_audit("User management",
"Update profile ".safe_input($name), false, false, $info);
echo '<h3 class="suc">'.__('Successfully updated').'</h3>';
echo '<a href="index.php?sec=gusuarios&sec2=godmode/users/user_list">&laquo; Back</a>';
} else {
}
else {
echo '<h3 class="error"'.__('There was a problem updating this profile').'</h3>';
}
$id_profile = 0;
@ -113,7 +128,17 @@ if ($create_profile) {
if ($ret !== false) {
echo '<h3 class="suc">'.__('Successfully created').'</h3>';
echo '<a href="index.php?sec=gusuarios&sec2=godmode/users/user_list">&laquo; Back</a>';
} else {
$info = 'Name: ' . $name . ' Incident view: ' . $incident_view .
' Incident edit: ' . $incident_edit . ' Incident management: ' . $incident_management .
' Agent view: ' . $agent_view . ' Agent edit: ' . $agent_edit .
' Alert edit: ' . $alert_edit . ' User management: ' . $user_management .
' DB management: ' . $db_management . ' Alert management: ' . $alert_management .
' Pandora Management: ' . $pandora_management;
pandora_audit("User management",
"Created profile ".safe_input($name), false, false, $info);
}
else {
echo '<h3 class="error">'.__('There was a problem creating this profile').'</h3>';
}
$id_profile = 0;
@ -136,7 +161,8 @@ if ($id_profile || $new_profile) {
$pandora_management = 0;
$page_title = __('Create profile');
} else {
}
else {
$profile = get_db_row ('tperfil', 'id_perfil', $id_profile);
if ($profile === false) {
@ -144,6 +170,22 @@ if ($id_profile || $new_profile) {
include ("general/footer.php");
exit;
}
$id_audit = pandora_audit("User management",
"Edit profile ".safe_input($name));
enterprise_include_once('include/functions_audit.php');
$info = 'Name: ' . $name . ' Incident view: ' . $incident_view .
' Incident edit: ' . $incident_edit . ' Incident management: ' . $incident_management .
' Agent view: ' . $agent_view . ' Agent edit: ' . $agent_edit .
' Alert edit: ' . $alert_edit . ' User management: ' . $user_management .
' DB management: ' . $db_management . ' Alert management: ' . $alert_management .
' Pandora Management: ' . $pandora_management;
enterprise_hook('pandora_audit_enterprise', array($id_audit, $info));
$name = $profile["name"];
$incident_view = (bool) $profile["incident_view"];
$incident_edit = (bool) $profile["incident_edit"];

36
pandora_console/godmode/users/configure_user.php
View File

@ -105,10 +105,14 @@ if ($create_user) {
$new_user = true;
}
else {
$result = create_user ($id, $password_new, $values);
$info = 'FullName: ' . $values['fullname'] . ' Firstname: ' . $values['firstname'] .
' Lastname: ' . $values['lastname'] . ' Email: ' . $values['email'] .
' Phone: ' . $values['phone'] . ' Comments: ' . $values['comments'] .
' Is_admin: ' . $values['is_admin'] .
' Laguage: ' . $values['language'];
pandora_audit("User management",
"Created user ".safe_input($id));
"Created user ".safe_input($id), false, false, $info);
print_result_message ($result,
__('Successfully created'),
@ -151,17 +155,27 @@ if ($update_user) {
print_result_message ($res1 || $res2,
__('User info successfully updated'),
__('Error updating user info (no change?)'));
} else {
}
else {
print_error_message (__('Passwords does not match'));
}
} else {
pandora_audit("User management",
"Updated user ".safe_input($id));
}
else {
$info = 'FullName: ' . $values['fullname'] . ' Firstname: ' . $values['firstname'] .
' Lastname: ' . $values['lastname'] . ' Email: ' . $values['email'] .
' Phone: ' . $values['phone'] . ' Comments: ' . $values['comments'] .
' Is_admin: ' . $values['is_admin'] .
' Laguage: ' . $values['language'];
pandora_audit("User management", "Updated user ".safe_input($id),
false, false, $info);
print_result_message ($res1,
__('User info successfully updated'),
__('Error updating user info (no change?)'));
}
} else {
}
else {
print_result_message ($res1,
__('User info successfully updated'),
__('Error updating user info (no change?)'));
@ -175,7 +189,7 @@ if ($add_profile) {
$group2 = (int) get_parameter ('assign_group');
$profile2 = (int) get_parameter ('assign_profile');
pandora_audit("User management",
"Added profile for user ".safe_input($id2));
"Added profile for user ".safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2);
$return = create_user_profile ($id2, $profile2, $group2);
print_result_message ($return,
__('Profile added successfully'),
@ -185,9 +199,13 @@ if ($add_profile) {
if ($delete_profile) {
$id2 = (string) get_parameter ('id_user');
$id_up = (int) get_parameter ('id_user_profile');
$perfilUser = get_db_row('tusuario_perfil', 'id_up', $id_up);
$id_perfil = $perfilUser['id_perfil'];
$perfil = get_db_row('tperfil', 'id_perfil', $id_perfil);
pandora_audit("User management",
"Deleted profile for user ".safe_input($id2));
"Deleted profile for user ".safe_input($id2), false, false, 'The profile with id ' . $id_perfil . ' in the group ' . $perfilUser['id_grupo']);
$return = delete_user_profile ($id2, $id_up);
print_result_message ($return,

19
pandora_console/include/functions_db.php
View File

@ -306,10 +306,11 @@ function safe_acl_group ($id_user, $id_groups, $access) {
* @param string $descripcion Long action description
* @param string $id User id, by default is the user that login.
* @param string $ip The ip to make the action, by default is $_SERVER['REMOTE_ADDR'] or $config["remote_addr"]
* @param string $info The extended info for enterprise audit, by default is empty string.
*
* @return int Return the id of row in tsesion or false in case of fail.
*/
function pandora_audit ($accion, $descripcion, $user_id = false, $ip = false) {
function pandora_audit ($accion, $descripcion, $user_id = false, $ip = false, $info = '') {
global $config;
if ($ip !== false) {
@ -344,7 +345,12 @@ function pandora_audit ($accion, $descripcion, $user_id = false, $ip = false) {
'fecha' => date('Y-m-d H:i:s'),
'utimestamp' => time());
return process_sql_insert('tsesion', $values);
$id_audit = process_sql_insert('tsesion', $values);
enterprise_include_once('include/functions_audit.php');
enterprise_hook('pandora_audit_enterprise', array($id_audit, $info));
return $id_audit;
}
@ -1902,10 +1908,12 @@ function get_db_value ($field, $table, $field_search = 1, $condition = 1, $searc
if (is_int ($condition)) {
$sql = sprintf ("SELECT %s FROM %s WHERE %s = %d LIMIT 1",
$field, $table, $field_search, $condition);
} else if (is_float ($condition) || is_double ($condition)) {
}
else if (is_float ($condition) || is_double ($condition)) {
$sql = sprintf ("SELECT %s FROM %s WHERE %s = %f LIMIT 1",
$field, $table, $field_search, $condition);
} else {
}
else {
$sql = sprintf ("SELECT %s FROM %s WHERE %s = '%s' LIMIT 1",
$field, $table, $field_search, $condition);
}
@ -1913,8 +1921,11 @@ function get_db_value ($field, $table, $field_search = 1, $condition = 1, $searc
if ($result === false)
return false;
if ($field[0] == '`')
$field = str_replace ('`', '', $field);
return $result[0][$field];
}