#10194 fixed acl in view

2023-10-19 16:18:36 +02:00 · 2023-10-19 16:18:36 +02:00 · b1b7a1e57d
parent 17f761afbe
commit b1b7a1e57d
2 changed files with 29 additions and 0 deletions
--- a/pandora_console/general/logon_ok.php
+++ b/pandora_console/general/logon_ok.php
@ -28,5 +28,22 @@

 use PandoraFMS\TacticalView\GeneralTacticalView;

+ // Config functions.
+ require_once 'include/config.php';
+
+ // This solves problems in enterprise load.
+ global $config;
+
+ check_login();
+ // ACL Check.
+if (check_acl($config['id_user'], 0, 'AR') === 0) {
+    db_pandora_audit(
+        AUDIT_LOG_ACL_VIOLATION,
+        'Trying to access Default view'
+    );
+    include 'general/noaccess.php';
+    exit;
+}
+
 $tacticalView = new GeneralTacticalView();
 $tacticalView->render();
--- a/pandora_console/operation/agentes/tactical.php
+++ b/pandora_console/operation/agentes/tactical.php
@ -29,5 +29,17 @@
 // Begin.
 use PandoraFMS\TacticalView\GeneralTacticalView;

+global $config;
+check_login();
+
+if (! check_acl($config['id_user'], 0, 'AR') && ! check_acl($config['id_user'], 0, 'AW')) {
+    db_pandora_audit(
+        AUDIT_LOG_ACL_VIOLATION,
+        'Trying to access Agent view (Grouped)'
+    );
+    include 'general/noaccess.php';
+    return;
+}
+
 $tacticalView = new GeneralTacticalView();
 $tacticalView->render();