tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-7482-Integracion-Pandora-Integria-credenciales-de-usuario' into 'develop' 

implemented user level authentication for integria ims integration

See merge request artica/pandorafms!4117
This commit is contained in:
Daniel Rodriguez 2021-05-17 14:41:11 +00:00
parent 7244100737 663d1dcf75
commit b8fe685028
41 changed files with 409 additions and 504 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pandora_console/extras/mr/47.sql
View File

@ -1,9 +1,14 @@
START TRANSACTION;
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_user` VARCHAR(60);
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_pass` VARCHAR(45);
ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
ALTER TABLE `tperfil` DROP COLUMN `incident_management`;
ALTER TABLE `talert_snmp_action` ADD COLUMN `al_field16` TEXT NOT NULL AFTER `al_field15`;
ALTER TABLE `talert_snmp_action` ADD COLUMN `al_field17` TEXT NOT NULL AFTER `al_field16`;
ALTER TABLE `talert_snmp_action` ADD COLUMN `al_field18` TEXT NOT NULL AFTER `al_field17`;
ALTER TABLE `talert_snmp_action` ADD COLUMN `al_field19` TEXT NOT NULL AFTER `al_field18`;
ALTER TABLE `talert_snmp_action` ADD COLUMN `al_field20` TEXT NOT NULL AFTER `al_field19`;
COMMIT;
COMMIT;

5
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -1532,6 +1532,8 @@ ALTER TABLE `tusuario` MODIFY COLUMN `default_event_filter` int(10) unsigned NOT
ADD CONSTRAINT `fk_filter_id` FOREIGN KEY `fk_filter_id` (`id_filter`) REFERENCES `tevent_filter` (`id_filter`) ON DELETE SET NULL ON UPDATE RESTRICT,
DROP FOREIGN KEY `fk_id_filter`,
DROP INDEX `fk_id_filter`;
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_user` VARCHAR(60);
ALTER TABLE `tusuario` ADD COLUMN `integria_user_level_pass` VARCHAR(45);
-- ---------------------------------------------------------------------
@ -4030,3 +4032,6 @@ DELETE FROM `tconfig` WHERE `token` = 'ipam_installed';
DELETE FROM `tconfig` WHERE `token` = 'ipam_recon_script_id';
ALTER TABLE `tperfil` DROP COLUMN `incident_view`;
ALTER TABLE `tperfil` DROP COLUMN `incident_edit`;
ALTER TABLE `tperfil` DROP COLUMN `incident_management`;

1
pandora_console/general/main_menu.php
View File

@ -88,7 +88,6 @@ if (check_acl($config['id_user'], 0, 'AW')
|| check_acl($config['id_user'], 0, 'LM')
|| check_acl($config['id_user'], 0, 'UM')
|| check_acl($config['id_user'], 0, 'LW')
|| check_acl($config['id_user'], 0, 'IW')
|| check_acl($config['id_user'], 0, 'EW')
|| check_acl($config['id_user'], 0, 'DW')
) {

4
pandora_console/godmode/agentes/agent_incidents.php
View File

@ -39,7 +39,7 @@ $offset = (int) get_parameter('offset', 0);
// See if id_agente is set (either POST or GET, otherwise -1
$id_agent = (int) get_parameter('id_agente');
$groups = users_get_groups($config['id_user'], 'IR');
$groups = users_get_groups($config['id_user'], 'AR');
$filter = ' AND id_agent = '.$id_agent;
$url = 'index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=incident&id_agente='.$id_agent;
@ -55,7 +55,7 @@ $params = [
agents_get_name($id_agent),
];
$result = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incidents', $params, false, 'json', ',');
$result = integria_api_call(null, null, null, null, 'get_incidents', $params, false, 'json', ',');
$result = json_decode($result, true);

2
pandora_console/godmode/alerts/configure_alert_action.php
View File

@ -43,7 +43,7 @@ if (is_ajax()) {
if ($get_integria_ticket_custom_types) {
$ticket_type_id = get_parameter('ticket_type_id');
$api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_fields', $ticket_type_id, false, 'json');
$api_call = integria_api_call(null, null, null, null, 'get_incident_fields', $ticket_type_id, false, 'json');
echo $api_call;
return;

4
pandora_console/godmode/gis_maps/configure_gis_map.php
View File

@ -15,7 +15,7 @@ global $config;
check_login();
$gis_w = check_acl($config['id_user'], 0, 'MW');
$gis_w = check_acl($config['id_user'], 0, 'MW', false, true, true);
$gis_m = check_acl($config['id_user'], 0, 'MM');
$access = ($gis_w == true) ? 'MW' : (($gis_m == true) ? 'MM' : 'MW');
@ -490,7 +490,7 @@ if (users_can_manage_group_all('MM') === true) {
$table->data[2][0] = __('Group');
$table->data[2][1] = html_print_select_groups(
false,
'IW',
'AR',
$return_all_group,
'map_group_id',
$map_group_id,

9
pandora_console/godmode/netflow/nf_item_list.php
View File

@ -20,15 +20,6 @@ require_once $config['homedir'].'/include/functions_html.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IW')) {
db_pandora_audit(
'ACL Violation',
'Trying to access event viewer'
);
include 'general/noaccess.php';
return;
}
// id report
$id = (int) get_parameter('id');

49
pandora_console/godmode/setup/setup_integria.php
View File

@ -41,8 +41,10 @@ if (is_ajax()) {
$integria_pass = get_parameter('integria_pass', '');
$integria_api_hostname = get_parameter('api_hostname', '');
$integria_api_pass = get_parameter('api_pass', '');
$user_level_conf = get_parameter('user_level_conf', 0);
$user_level_conf_bool = $user_level_conf === 'true' ? true : false;
$login_result = integria_api_call($integria_api_hostname, $integria_user, $integria_pass, $integria_api_pass, 'get_login', []);
$login_result = integria_api_call($integria_api_hostname, $integria_user, $integria_pass, $integria_api_pass, 'get_login', [], false, '', '', $user_level_conf_bool);
if ($login_result != false) {
echo json_encode(['login' => 1]);
@ -53,7 +55,7 @@ if (is_ajax()) {
return;
}
$has_connection = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_login', []);
$has_connection = integria_api_call(null, null, null, null, 'get_login', []);
if ($has_connection === false && $config['integria_enabled']) {
ui_print_error_message(__('Integria IMS API is not reachable'));
@ -86,7 +88,7 @@ if (get_parameter('update_config', 0) == 1) {
);
}
$ticket_types = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_types', '', false, 'json');
$ticket_types = integria_api_call(null, null, null, null, 'get_types', '', false, 'json');
$types_string = '';
@ -216,19 +218,19 @@ $integria_users_values = [];
$integria_types_values = [];
$integria_status_values = [];
$integria_groups_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_groups', []);
$integria_groups_csv = integria_api_call(null, null, null, null, 'get_groups', []);
get_array_from_csv_data_pair($integria_groups_csv, $integria_group_values);
$integria_status_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incidents_status', []);
$integria_status_csv = integria_api_call(null, null, null, null, 'get_incidents_status', []);
get_array_from_csv_data_pair($integria_status_csv, $integria_status_values);
$integria_criticity_levels_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_priorities', []);
$integria_criticity_levels_csv = integria_api_call(null, null, null, null, 'get_incident_priorities', []);
get_array_from_csv_data_pair($integria_criticity_levels_csv, $integria_criticity_values);
$integria_users_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_users', []);
$integria_users_csv = integria_api_call(null, null, null, null, 'get_users', []);
$csv_array = explode("\n", $integria_users_csv);
@ -238,7 +240,7 @@ foreach ($csv_array as $csv_line) {
}
}
$integria_types_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_types', []);
$integria_types_csv = integria_api_call(null, null, null, null, 'get_types', []);
get_array_from_csv_data_pair($integria_types_csv, $integria_types_values);
@ -267,6 +269,12 @@ $table_remote->class = 'databox filters';
$table_remote->size['name'] = '30%';
$table_remote->style['name'] = 'font-weight: bold';
// Enable eHorus user configuration.
$row = [];
$row['name'] = ('Integria configuration at user level');
$row['control'] = html_print_checkbox_switch('integria_user_level_conf', 1, $config['integria_user_level_conf'], true);
$table_remote->data['integria_user_level_conf'] = $row;
// Integria user.
$row = [];
$row['name'] = __('User');
@ -629,6 +637,29 @@ echo '</form>';
<script type="text/javascript">
if($('input:checkbox[name="integria_user_level_conf"]').is(':checked'))
{
$('#integria-remote-setup-integria_user').hide();
$('#integria-remote-setup-integria_pass').hide()
}
var handleUserLevel = function(event) {
var is_checked = $('input:checkbox[name="integria_enabled"]').is(':checked');
var is_checked_userlevel = $('input:checkbox[name="integria_user_level_conf"]').is(':checked');
if (event.target.value == '1' && is_checked && !is_checked_userlevel) {
showUserPass();
$('input:checkbox[name="integria_user_level_conf"]').attr('checked', true);
}
else {
hideUserPass();
$('input:checkbox[name="integria_user_level_conf"]').attr('checked', false);
};
}
$('input:checkbox[name="integria_enabled"]').change(handleEnable);
$('input:checkbox[name="integria_user_level_conf"]').change(handleUserLevel);
if(!$('input:checkbox[name="integria_enabled"]').is(':checked')) {
$('#form_remote').hide();
$('#form_custom_response_settings').hide();
@ -720,6 +751,7 @@ echo '</form>';
var integria_pass = $('input[name=integria_pass]').val();
var api_hostname = $('input[name=integria_hostname]').val();
var api_pass = $('input[name=integria_api_pass]').val();
var user_level_conf = $('input:checkbox[name="integria_user_level_conf"]').is(':checked');
var data = {
page: 'godmode/setup/setup_integria',
@ -728,6 +760,7 @@ echo '</form>';
integria_pass: integria_pass,
api_hostname: api_hostname,
api_pass: api_pass,
user_level_conf: user_level_conf,
}
// AJAX call to check API connection.

9
pandora_console/godmode/setup/setup_netflow.php
View File

@ -24,15 +24,6 @@ require_once 'include/functions_ui.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR')) {
db_pandora_audit(
'ACL Violation',
'Trying to access netflow setup'
);
include 'general/noaccess.php';
return;
}
$update = (bool) get_parameter('update');
$table->width = '100%';

27
pandora_console/godmode/users/configure_profile.php
View File

@ -85,11 +85,6 @@ if ($id_profile || $new_profile) {
// Name
$name = '';
// Incidents
$incident_view = 0;
$incident_edit = 0;
$incident_management = 0;
// Agents
$agent_view = 0;
$agent_edit = 0;
@ -148,11 +143,6 @@ if ($id_profile || $new_profile) {
// Name
$name = $profile['name'];
// Incidents
$incident_view = (bool) $profile['incident_view'];
$incident_edit = (bool) $profile['incident_edit'];
$incident_management = (bool) $profile['incident_management'];
// Agents
$agent_view = (bool) $profile['agent_view'];
$agent_edit = (bool) $profile['agent_edit'];
@ -197,7 +187,7 @@ if ($id_profile || $new_profile) {
);
enterprise_include_once('include/functions_audit.php');
$info = 'Name: '.$name.' Incident view: '.$incident_view.' Incident edit: '.$incident_edit.' Incident management: '.$incident_management.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
$info = 'Name: '.$name.' Agent view: '.$agent_view.' Agent edit: '.$agent_edit.' Agent disable: '.$agent_disable.' Alert edit: '.$alert_edit.' Alert management: '.$alert_management.' User management: '.$user_management.' DB management: '.$db_management.' Event view: '.$event_view.' Event edit: '.$event_edit.' Event management: '.$event_management.' Report view: '.$report_view.' Report edit: '.$report_edit.' Report management: '.$report_management.' Network map view: '.$map_view.' Network map edit: '.$map_edit.' Network map management: '.$map_management.' Visual console view: '.$vconsole_view.' Visual console edit: '.$vconsole_edit.' Visual console management: '.$vconsole_management.' '.get_product_name().' Management: '.$pandora_management;
enterprise_hook('audit_pandora_enterprise', [$id_audit, $info]);
@ -319,21 +309,6 @@ if ($id_profile || $new_profile) {
$table->data['VM'] = $row;
$table->data[] = '<hr>';
// Incidents
$row = [];
$row['name'] = __('View incidents');
$row['input'] = html_print_checkbox('incident_view', 1, $incident_view, true);
$table->data['IR'] = $row;
$row = [];
$row['name'] = __('Edit incidents');
$row['input'] = html_print_checkbox('incident_edit', 1, $incident_edit, true, false, 'autoclick_profile_users(\'incident_edit\', \'incident_view\', \'false\')');
$table->data['IW'] = $row;
$row = [];
$row['name'] = __('Manage incidents');
$row['input'] = html_print_checkbox('incident_management', 1, $incident_management, true, false, 'autoclick_profile_users(\'incident_management\', \'incident_view\', \'incident_edit\');');
$table->data['IM'] = $row;
$table->data[] = '<hr>';
$disable_option = 'javascript: return false;';
if (check_acl($config['id_user'], 0, 'PM') || users_is_admin()) {
$disable_option = '';

27
pandora_console/godmode/users/profile_list.php
View File

@ -107,11 +107,6 @@ if ($delete_profile) {
if ($create_profile || $update_profile) {
$name = get_parameter('name');
// Incidents
$incident_view = (bool) get_parameter('incident_view');
$incident_edit = (bool) get_parameter('incident_edit');
$incident_management = (bool) get_parameter('incident_management');
// Agents
$agent_view = (bool) get_parameter('agent_view');
$agent_edit = (bool) get_parameter('agent_edit');
@ -152,9 +147,6 @@ if ($create_profile || $update_profile) {
$values = [
'name' => $name,
'incident_view' => $incident_view,
'incident_edit' => $incident_edit,
'incident_management' => $incident_management,
'agent_view' => $agent_view,
'agent_edit' => $agent_edit,
'agent_disable' => $agent_disable,
@ -183,10 +175,7 @@ if ($update_profile) {
if ($name) {
$ret = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
if ($ret !== false) {
$info = '{"Name":"'.$incident_view.'",
"Incident view":"'.$incident_view.'",
"Incident edit":"'.$incident_edit.'",
"Incident management":"'.$incident_management.'",
$info = '{"Name":"'.$name.'",
"Agent view":"'.$agent_view.'",
"Agent edit":"'.$agent_edit.'",
"Agent disable":"'.$agent_disable.'",
@ -234,10 +223,7 @@ if ($create_profile) {
if ($ret !== false) {
ui_print_success_message(__('Successfully created'));
$info = '{"Name":"'.$incident_view.'",
"Incident view":"'.$incident_view.'",
"Incident edit":"'.$incident_edit.'",
"Incident management":"'.$incident_management.'",
$info = '{"Name":"'.$name.'",
"Agent view":"'.$agent_view.'",
"Agent edit":"'.$agent_edit.'",
"Agent disable":"'.$agent_disable.'",
@ -289,9 +275,6 @@ $table->align = [];
$table->head['profiles'] = __('Profiles');
$table->head['IR'] = 'IR';
$table->head['IW'] = 'IW';
$table->head['IM'] = 'IM';
$table->head['AR'] = 'AR';
$table->head['AW'] = 'AW';
$table->head['AD'] = 'AD';
@ -317,9 +300,6 @@ $table->head['operations'] = '<span title="Operations">'.__('Op.').'</span>';
$table->align = array_fill(1, 11, 'center');
$table->size['profiles'] = '200px';
$table->size['IR'] = '10px';
$table->size['IW'] = '10px';
$table->size['IM'] = '10px';
$table->size['AR'] = '10px';
$table->size['AW'] = '10px';
$table->size['AD'] = '10px';
@ -358,9 +338,6 @@ $img = html_print_image(
foreach ($profiles as $profile) {
$data['profiles'] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.$profile['name'].'</a>';
$data['IR'] = ($profile['incident_view'] ? $img : '');
$data['IW'] = ($profile['incident_edit'] ? $img : '');
$data['IM'] = ($profile['incident_management'] ? $img : '');
$data['AR'] = ($profile['agent_view'] ? $img : '');
$data['AW'] = ($profile['agent_edit'] ? $img : '');
$data['AD'] = ($profile['agent_disable'] ? $img : '');

2
pandora_console/include/ajax/integria_incidents.ajax.php
View File

@ -35,7 +35,7 @@ if (check_login()) {
$search_term = get_parameter('search_term', '');
if ($get_users) {
$integria_users_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_users', []);
$integria_users_csv = integria_api_call(null, null, null, null, 'get_users', []);
$csv_array = explode("\n", $integria_users_csv);

2
pandora_console/include/class/NetworkMap.class.php
View File

@ -3207,7 +3207,7 @@ class NetworkMap
$table->data[0][0] = __('Group');
$table->data[0][1] = html_print_select_groups(
false,
'IW',
'AR',
false,
'group_for_show_agents',
-1,

23
pandora_console/include/functions.php
View File

@ -2281,9 +2281,6 @@ function check_login($output=true)
* Check access privileges to resources
*
* Access can be:
* IR - Incident/report Read
* IW - Incident/report Write
* IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
@ -2374,9 +2371,6 @@ function check_acl_one_of_groups($id_user, $groups, $access, $cache=true)
* Check access privileges to resources (write or management is not allowed for 'all' group )
*
* Access can be:
* IR - Incident/report Read
* IW - Incident/report Write
* IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
@ -2445,18 +2439,6 @@ function check_acl_restricted_all($id_user, $id_group, $access, $onlyOneGroup=fa
function get_acl_column($access)
{
switch ($access) {
case 'IR':
return 'incident_view';
break;
case 'IW':
return 'incident_edit';
break;
case 'IM':
return 'incident_management';
break;
case 'AR':
return 'agent_view';
@ -2552,10 +2534,7 @@ function get_users_acl($id_user)
$rowdup = $users_acl_cache[$id_user];
} else {
$query = sprintf(
"SELECT sum(tperfil.incident_view) as incident_view,
sum(tperfil.incident_edit) as incident_edit,
sum(tperfil.incident_management) as incident_management,
sum(tperfil.agent_view) as agent_view,
"SELECT sum(tperfil.agent_view) as agent_view,
sum(tperfil.agent_edit) as agent_edit,
sum(tperfil.alert_edit) as alert_edit,
sum(tperfil.alert_management) as alert_management,

186
pandora_console/include/functions_api.php
View File

@ -503,7 +503,7 @@ function api_get_groups($thrash1, $thrash2, $other, $returnType, $user_in_db)
$returnAllColumns = ( $other['data'][2] == '1' ? true : false);
}
$groups = users_get_groups($user_in_db, 'IR', $returnAllGroup, $returnAllColumns);
$groups = users_get_groups($user_in_db, 'AR', $returnAllGroup, $returnAllColumns);
$data_groups = [];
foreach ($groups as $id => $group) {
@ -11672,9 +11672,6 @@ function api_get_user_profiles_info($thrash1, $thrash2, $thrash3, $returnType)
[
'id_perfil',
'name',
'incident_view as IR',
'incident_edit as IW',
'incident_management as IM',
'agent_view as AR',
'agent_edit as AW',
'agent_disable as AD',
@ -11727,29 +11724,26 @@ function api_set_create_user_profile_info($thrash1, $thrash2, $other, $returnTyp
$values = [
'name' => (string) $other['data'][0],
'incident_view' => (bool) $other['data'][1] ? 1 : 0,
'incident_edit' => (bool) $other['data'][2] ? 1 : 0,
'incident_management' => (bool) $other['data'][3] ? 1 : 0,
'agent_view' => (bool) $other['data'][4] ? 1 : 0,
'agent_edit' => (bool) $other['data'][5] ? 1 : 0,
'agent_disable' => (bool) $other['data'][6] ? 1 : 0,
'alert_edit' => (bool) $other['data'][7] ? 1 : 0,
'alert_management' => (bool) $other['data'][8] ? 1 : 0,
'user_management' => (bool) $other['data'][9] ? 1 : 0,
'db_management' => (bool) $other['data'][10] ? 1 : 0,
'event_view' => (bool) $other['data'][11] ? 1 : 0,
'event_edit' => (bool) $other['data'][12] ? 1 : 0,
'event_management' => (bool) $other['data'][13] ? 1 : 0,
'report_view' => (bool) $other['data'][14] ? 1 : 0,
'report_edit' => (bool) $other['data'][15] ? 1 : 0,
'report_management' => (bool) $other['data'][16] ? 1 : 0,
'map_view' => (bool) $other['data'][17] ? 1 : 0,
'map_edit' => (bool) $other['data'][18] ? 1 : 0,
'map_management' => (bool) $other['data'][19] ? 1 : 0,
'vconsole_view' => (bool) $other['data'][20] ? 1 : 0,
'vconsole_edit' => (bool) $other['data'][21] ? 1 : 0,
'vconsole_management' => (bool) $other['data'][22] ? 1 : 0,
'pandora_management' => (bool) $other['data'][23] ? 1 : 0,
'agent_view' => (bool) $other['data'][1] ? 1 : 0,
'agent_edit' => (bool) $other['data'][2] ? 1 : 0,
'agent_disable' => (bool) $other['data'][3] ? 1 : 0,
'alert_edit' => (bool) $other['data'][4] ? 1 : 0,
'alert_management' => (bool) $other['data'][5] ? 1 : 0,
'user_management' => (bool) $other['data'][6] ? 1 : 0,
'db_management' => (bool) $other['data'][7] ? 1 : 0,
'event_view' => (bool) $other['data'][8] ? 1 : 0,
'event_edit' => (bool) $other['data'][9] ? 1 : 0,
'event_management' => (bool) $other['data'][10] ? 1 : 0,
'report_view' => (bool) $other['data'][11] ? 1 : 0,
'report_edit' => (bool) $other['data'][12] ? 1 : 0,
'report_management' => (bool) $other['data'][13] ? 1 : 0,
'map_view' => (bool) $other['data'][14] ? 1 : 0,
'map_edit' => (bool) $other['data'][15] ? 1 : 0,
'map_management' => (bool) $other['data'][16] ? 1 : 0,
'vconsole_view' => (bool) $other['data'][17] ? 1 : 0,
'vconsole_edit' => (bool) $other['data'][18] ? 1 : 0,
'vconsole_management' => (bool) $other['data'][19] ? 1 : 0,
'pandora_management' => (bool) $other['data'][20] ? 1 : 0,
];
$return = db_process_sql_insert('tperfil', $values);
@ -11789,29 +11783,26 @@ function api_set_update_user_profile_info($id_profile, $thrash1, $other, $return
$values = [
'name' => $other['data'][0] == '' ? $profile['name'] : (string) $other['data'][0],
'incident_view' => $other['data'][1] == '' ? $profile['incident_view'] : (bool) $other['data'][1] ? 1 : 0,
'incident_edit' => $other['data'][2] == '' ? $profile['incident_edit'] : (bool) $other['data'][2] ? 1 : 0,
'incident_management' => $other['data'][3] == '' ? $profile['incident_management'] : (bool) $other['data'][3] ? 1 : 0,
'agent_view' => $other['data'][4] == '' ? $profile['agent_view'] : (bool) $other['data'][4] ? 1 : 0,
'agent_edit' => $other['data'][5] == '' ? $profile['agent_edit'] : (bool) $other['data'][5] ? 1 : 0,
'agent_disable' => $other['data'][6] == '' ? $profile['agent_disable'] : (bool) $other['data'][6] ? 1 : 0,
'alert_edit' => $other['data'][7] == '' ? $profile['alert_edit'] : (bool) $other['data'][7] ? 1 : 0,
'alert_management' => $other['data'][8] == '' ? $profile['alert_management'] : (bool) $other['data'][8] ? 1 : 0,
'user_management' => $other['data'][9] == '' ? $profile['user_management'] : (bool) $other['data'][9] ? 1 : 0,
'db_management' => $other['data'][10] == '' ? $profile['db_management'] : (bool) $other['data'][10] ? 1 : 0,
'event_view' => $other['data'][11] == '' ? $profile['event_view'] : (bool) $other['data'][11] ? 1 : 0,
'event_edit' => $other['data'][12] == '' ? $profile['event_edit'] : (bool) $other['data'][12] ? 1 : 0,
'event_management' => $other['data'][13] == '' ? $profile['event_management'] : (bool) $other['data'][13] ? 1 : 0,
'report_view' => $other['data'][14] == '' ? $profile['report_view'] : (bool) $other['data'][14] ? 1 : 0,
'report_edit' => $other['data'][15] == '' ? $profile['report_edit'] : (bool) $other['data'][15] ? 1 : 0,
'report_management' => $other['data'][16] == '' ? $profile['report_management'] : (bool) $other['data'][16] ? 1 : 0,
'map_view' => $other['data'][17] == '' ? $profile['map_view'] : (bool) $other['data'][17] ? 1 : 0,
'map_edit' => $other['data'][18] == '' ? $profile['map_edit'] : (bool) $other['data'][18] ? 1 : 0,
'map_management' => $other['data'][19] == '' ? $profile['map_management'] : (bool) $other['data'][19] ? 1 : 0,
'vconsole_view' => $other['data'][20] == '' ? $profile['vconsole_view'] : (bool) $other['data'][20] ? 1 : 0,
'vconsole_edit' => $other['data'][21] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][21] ? 1 : 0,
'vconsole_management' => $other['data'][22] == '' ? $profile['vconsole_management'] : (bool) $other['data'][22] ? 1 : 0,
'pandora_management' => $other['data'][23] == '' ? $profile['pandora_management'] : (bool) $other['data'][23] ? 1 : 0,
'agent_view' => $other['data'][1] == '' ? $profile['agent_view'] : (bool) $other['data'][1] ? 1 : 0,
'agent_edit' => $other['data'][2] == '' ? $profile['agent_edit'] : (bool) $other['data'][2] ? 1 : 0,
'agent_disable' => $other['data'][3] == '' ? $profile['agent_disable'] : (bool) $other['data'][3] ? 1 : 0,
'alert_edit' => $other['data'][4] == '' ? $profile['alert_edit'] : (bool) $other['data'][4] ? 1 : 0,
'alert_management' => $other['data'][5] == '' ? $profile['alert_management'] : (bool) $other['data'][5] ? 1 : 0,
'user_management' => $other['data'][6] == '' ? $profile['user_management'] : (bool) $other['data'][6] ? 1 : 0,
'db_management' => $other['data'][7] == '' ? $profile['db_management'] : (bool) $other['data'][7] ? 1 : 0,
'event_view' => $other['data'][8] == '' ? $profile['event_view'] : (bool) $other['data'][8] ? 1 : 0,
'event_edit' => $other['data'][9] == '' ? $profile['event_edit'] : (bool) $other['data'][9] ? 1 : 0,
'event_management' => $other['data'][10] == '' ? $profile['event_management'] : (bool) $other['data'][10] ? 1 : 0,
'report_view' => $other['data'][11] == '' ? $profile['report_view'] : (bool) $other['data'][11] ? 1 : 0,
'report_edit' => $other['data'][12] == '' ? $profile['report_edit'] : (bool) $other['data'][12] ? 1 : 0,
'report_management' => $other['data'][13] == '' ? $profile['report_management'] : (bool) $other['data'][13] ? 1 : 0,
'map_view' => $other['data'][14] == '' ? $profile['map_view'] : (bool) $other['data'][14] ? 1 : 0,
'map_edit' => $other['data'][15] == '' ? $profile['map_edit'] : (bool) $other['data'][15] ? 1 : 0,
'map_management' => $other['data'][16] == '' ? $profile['map_management'] : (bool) $other['data'][16] ? 1 : 0,
'vconsole_view' => $other['data'][17] == '' ? $profile['vconsole_view'] : (bool) $other['data'][17] ? 1 : 0,
'vconsole_edit' => $other['data'][18] == '' ? $profile['vconsole_edit'] : (bool) $other['data'][18] ? 1 : 0,
'vconsole_management' => $other['data'][19] == '' ? $profile['vconsole_management'] : (bool) $other['data'][19] ? 1 : 0,
'pandora_management' => $other['data'][20] == '' ? $profile['pandora_management'] : (bool) $other['data'][20] ? 1 : 0,
];
$return = db_process_sql_update('tperfil', $values, ['id_perfil' => $id_profile]);
@ -11859,101 +11850,6 @@ function api_set_delete_user_profile_info($id_profile, $thrash1, $thrash2, $retu
}
/**
* Create new incident in Pandora.
*
* @param $thrash1 Don't use.
* @param $thrash2 Don't use.
* @param array $other it's array, $other as param is <title>;<description>;
* <origin>;<priority>;<state>;<group> in this order and separator char
* (after text ; ) and separator (pass in param othermode as
* othermode=url_encode_separator_<separator>)
* example:
*
* api.php?op=set&op2=new_incident&other=titulo|descripcion%20texto|Logfiles|2|10|12&other_mode=url_encode_separator_|
*
* @param $thrash3 Don't use.
*/
function api_set_new_incident($thrash1, $thrash2, $other, $thrash3)
{
global $config;
if (defined('METACONSOLE')) {
return;
}
if (!check_acl($config['id_user'], 0, 'IW')) {
returnError('forbidden', 'string');
return;
}
$title = $other['data'][0];
$description = $other['data'][1];
$origin = $other['data'][2];
$priority = $other['data'][3];
$id_creator = 'API';
$state = $other['data'][4];
$group = $other['data'][5];
$values = [
'inicio' => 'NOW()',
'actualizacion' => 'NOW()',
'titulo' => $title,
'descripcion' => $description,
'id_usuario' => 'API',
'origen' => $origin,
'estado' => $state,
'prioridad' => $priority,
'id_grupo' => $group,
'id_creator' => $id_creator,
];
$idIncident = db_process_sql_insert('tincidencia', $values);
if ($idIncident === false) {
returnError('A new incident could not be created.');
} else {
returnData('string', ['type' => 'string', 'data' => $idIncident]);
}
}
/**
* Add note into a incident.
*
* @param $id string Username author of note.
* @param $id2 integer ID of incident.
* @param $other string Note.
* @param $thrash2 Don't use.
*/
function api_set_new_note_incident($id, $id2, $other, $thrash2)
{
global $config;
if (defined('METACONSOLE')) {
return;
}
if (!check_acl($config['id_user'], 0, 'IW')) {
returnError('forbidden', 'string');
return;
}
$values = [
'id_usuario' => $id,
'id_incident' => $id2,
'nota' => $other['data'],
];
$idNote = db_process_sql_insert('tnota', $values);
if ($idNote === false) {
returnError('A new incident could not be created+.');
} else {
returnData('string', ['type' => 'string', 'data' => $idNote]);
}
}
/**
* Disable a module, given agent and module name.
*

8
pandora_console/include/functions_config.php
View File

@ -1642,6 +1642,10 @@ function config_update_config()
break;
case 'integria':
if (!config_update_value('integria_user_level_conf', (int) get_parameter('integria_user_level_conf', 0))) {
$error_update[] = __('Integria user login');
}
if (!config_update_value('integria_enabled', (int) get_parameter('integria_enabled', 0))) {
$error_update[] = __('Enable Integria IMS');
}
@ -3244,6 +3248,10 @@ function config_process_config()
}
// Integria.
if (!isset($config['integria_user_level_conf'])) {
config_update_value('integria_user_level_conf', 0);
}
if (!isset($config['integria_enabled'])) {
config_update_value('integria_enabled', 0);
}

14
pandora_console/include/functions_graph.php
View File

@ -2978,9 +2978,9 @@ function grafico_incidente_prioridad()
{
global $config;
$integria_ticket_count_by_priority_json = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_tickets_count', ['prioridad', 30], false, '', '|;|');
$integria_ticket_count_by_priority_json = integria_api_call(null, null, null, null, 'get_tickets_count', ['prioridad', 30], false, '', '|;|');
$integria_priorities_map_json = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_priorities', '', false, 'json');
$integria_priorities_map_json = integria_api_call(null, null, null, null, 'get_incident_priorities', '', false, 'json');
$integria_ticket_count_by_priority = json_decode($integria_ticket_count_by_priority_json, true);
$integria_priorities_map = json_decode($integria_priorities_map_json, true);
@ -3023,9 +3023,9 @@ function graph_incidents_status()
{
global $config;
$integria_ticket_count_by_status_json = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_tickets_count', ['estado', 30], false, '', '|;|');
$integria_ticket_count_by_status_json = integria_api_call(null, null, null, null, 'get_tickets_count', ['estado', 30], false, '', '|;|');
$integria_status_map_json = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incidents_status', '', false, 'json');
$integria_status_map_json = integria_api_call(null, null, null, null, 'get_incidents_status', '', false, 'json');
$integria_ticket_count_by_status = json_decode($integria_ticket_count_by_status_json, true);
$integria_status_map = json_decode($integria_status_map_json, true);
@ -3068,9 +3068,9 @@ function graphic_incident_group()
{
global $config;
$integria_ticket_count_by_group_json = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_tickets_count', ['id_grupo', 30], false, '', '|;|');
$integria_ticket_count_by_group_json = integria_api_call(null, null, null, null, 'get_tickets_count', ['id_grupo', 30], false, '', '|;|');
$integria_group_map_json = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_groups', '', false, 'json');
$integria_group_map_json = integria_api_call(null, null, null, null, 'get_groups', '', false, 'json');
$integria_ticket_count_by_group = json_decode($integria_ticket_count_by_group_json, true);
$integria_group_map = json_decode($integria_group_map_json, true);
@ -3114,7 +3114,7 @@ function graphic_incident_user()
{
global $config;
$integria_ticket_count_by_user_json = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_tickets_count', ['id_usuario', 30], false, '', '|;|');
$integria_ticket_count_by_user_json = integria_api_call(null, null, null, null, 'get_tickets_count', ['id_usuario', 30], false, '', '|;|');
$integria_ticket_count_by_user = json_decode($integria_ticket_count_by_user_json, true);

67
pandora_console/include/functions_integriaims.php
View File

@ -21,6 +21,7 @@ global $config;
require_once $config['homedir'].'/include/functions_ui.php';
require_once $config['homedir'].'/include/functions_html.php';
require_once $config['homedir'].'/include/functions_users.php';
require_once $config['homedir'].'/include/functions.php';
@ -78,22 +79,10 @@ function integriaims_tabs($active_tab, $view=false)
}
$onheader = [];
if (check_acl($config['id_user'], 0, 'IR') && $view) {
$onheader['view'] = $view_tab;
}
if (check_acl($config['id_user'], 0, 'PM')) {
$onheader['configure'] = $setup_tab;
}
if (check_acl($config['id_user'], 0, 'IR')) {
$onheader['list'] = $list_tab;
}
if (check_acl($config['id_user'], 0, 'IW')) {
$onheader['create'] = $create_tab;
}
$onheader['view'] = $view_tab;
$onheader['configure'] = $setup_tab;
$onheader['list'] = $list_tab;
$onheader['create'] = $create_tab;
return $onheader;
}
@ -137,7 +126,7 @@ function integriaims_get_details($details, $detail_index=false)
break;
}
$api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], $operation);
$api_call = integria_api_call(null, null, null, null, $operation);
$result = [];
get_array_from_csv_data_pair($api_call, $result);
@ -165,8 +154,42 @@ function integriaims_get_details($details, $detail_index=false)
*
* @return boolean True if API request succeeded, false if API request failed.
*/
function integria_api_call($api_hostname, $user, $user_pass, $api_pass, $operation, $params='', $show_credentials_error_msg=false, $return_type='', $token='')
function integria_api_call($api_hostname=null, $user=null, $user_pass=null, $api_pass=null, $operation, $params='', $show_credentials_error_msg=false, $return_type='', $token='', $user_level_conf=null)
{
global $config;
if ($user_level_conf === null) {
$user_level_conf = (bool) $config['integria_user_level_conf'];
}
$user_info = users_get_user_by_id($config['id_user']);
// API access data.
if ($api_hostname === null) {
$api_hostname = $config['integria_hostname'];
}
if ($api_pass === null) {
$api_pass = $config['integria_api_pass'];
}
// Integria user and password.
if ($user === null || $user_level_conf === true) {
$user = $config['integria_user'];
if ($user_level_conf === true) {
$user = $user_info['integria_user_level_user'];
}
}
if ($user_pass === null || $user_level_conf === true) {
$user_pass = $config['integria_pass'];
if ($user_level_conf === true) {
$user_pass = $user_info['integria_user_level_pass'];
}
}
if (is_array($params)) {
$params = implode($token, $params);
}
@ -352,10 +375,10 @@ function get_tickets_integriaims($tickets_filters)
// API call.
$result_api_call_list = integria_api_call(
$config['integria_hostname'],
$config['integria_user'],
$config['integria_pass'],
$config['integria_api_pass'],
null,
null,
null,
null,
'get_incidents',
[
$incident_text,

2
pandora_console/include/functions_netflow.php
View File

@ -120,7 +120,7 @@ function netflow_check_filter_group($id_sg)
$id_group = db_get_value('id_group', 'tnetflow_filter', 'id_sg', $id_sg);
$own_info = get_user_info($config['id_user']);
// Get group list that user has access.
$groups_user = users_get_groups($config['id_user'], 'IW', $own_info['is_admin'], true);
$groups_user = users_get_groups($config['id_user'], 'AR', $own_info['is_admin'], true);
$groups_id = [];
$has_permission = false;

2
pandora_console/include/functions_networkmap.php
View File

@ -1500,7 +1500,7 @@ function networkmap_delete_relations($id_map)
function get_networkmaps($id)
{
$groups = array_keys(users_get_groups(null, 'IW'));
$groups = array_keys(users_get_groups(null, 'MW'));
$filter = [];
$filter['id_group'] = $groups;

3
pandora_console/include/functions_users.php
View File

@ -235,9 +235,6 @@ function groups_combine_acl($acl_group_a, $acl_group_b)
}
$acl_list = [
'incident_view' => 1,
'incident_edit' => 1,
'incident_management' => 1,
'agent_view' => 1,
'agent_edit' => 1,
'agent_disable' => 1,

3
pandora_console/include/styles/pandora.css
View File

@ -4877,7 +4877,8 @@ input:checked + .p-slider:before {
.user_edit_first_row,
.user_edit_second_row,
.user_edit_third_row {
.user_edit_third_row,
.user_edit_fourth_row {
margin-bottom: 20px;
}

25
pandora_console/operation/incidents/configure_integriaims_incident.php
View File

@ -16,13 +16,6 @@ global $config;
check_login();
if (!(check_acl($config['id_user'], 0, 'IW') && check_acl($config['id_user'], 0, 'IR'))) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
require_once $config['homedir'].'/include/functions_integriaims.php';
$update = (isset($_GET['incident_id']) === true);
@ -42,7 +35,7 @@ if ($config['integria_enabled'] == 0) {
}
// Check connection to Integria IMS API.
$has_connection = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_login');
$has_connection = integria_api_call(null, null, null, null, 'get_login');
if ($has_connection === false) {
ui_print_error_message(__('Integria IMS API is not reachable'));
@ -59,19 +52,19 @@ $integria_users_values = [];
$integria_types_values = [];
$integria_status_values = [];
$integria_groups_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_groups');
$integria_groups_csv = integria_api_call(null, null, null, null, 'get_groups');
get_array_from_csv_data_pair($integria_groups_csv, $integria_group_values);
$integria_status_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incidents_status');
$integria_status_csv = integria_api_call(null, null, null, null, 'get_incidents_status');
get_array_from_csv_data_pair($integria_status_csv, $integria_status_values);
$integria_criticity_levels_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_priorities');
$integria_criticity_levels_csv = integria_api_call(null, null, null, null, 'get_incident_priorities');
get_array_from_csv_data_pair($integria_criticity_levels_csv, $integria_criticity_values);
$integria_users_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_users');
$integria_users_csv = integria_api_call(null, null, null, null, 'get_users');
$csv_array = explode("\n", $integria_users_csv);
@ -81,7 +74,7 @@ foreach ($csv_array as $csv_line) {
}
}
$integria_types_csv = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_types');
$integria_types_csv = integria_api_call(null, null, null, null, 'get_types');
get_array_from_csv_data_pair($integria_types_csv, $integria_types_values);
@ -105,7 +98,7 @@ $incident_content = str_replace(',', ':::', $incident_content);
// Perform action.
if ($create_incident === true) {
// Call Integria IMS API method to create an incident.
$result_api_call = integria_api_call($config['integria_hostname'], $incident_creator, $config['integria_pass'], $config['integria_api_pass'], 'create_incident', [$incident_title, $incident_group_id, $incident_criticity_id, $incident_content, '', $incident_type, '', $incident_owner, '0', $incident_status], false, '', ',');
$result_api_call = integria_api_call(null, null, null, null, 'create_incident', [$incident_title, $incident_group_id, $incident_criticity_id, $incident_content, '', $incident_type, '', $incident_owner, '0', $incident_status], false, '', ',');
// Necessary to explicitly set true if not false because function returns api call result in case of success instead of true value.
$incident_created_ok = ($result_api_call != false) ? true : false;
@ -117,7 +110,7 @@ if ($create_incident === true) {
);
} else if ($update_incident === true) {
// Call Integria IMS API method to update an incident.
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'update_incident', [$incident_id_edit, $incident_title, $incident_content, '', $incident_group_id, $incident_criticity_id, 0, $incident_status, $incident_owner, 0, $incident_type], false, '', ',');
$result_api_call = integria_api_call(null, null, null, null, 'update_incident', [$incident_id_edit, $incident_title, $incident_content, '', $incident_group_id, $incident_criticity_id, 0, $incident_status, $incident_owner, 0, $incident_type], false, '', ',');
// Necessary to explicitly set true if not false because function returns api call result in case of success instead of true value.
$incident_updated_ok = ($result_api_call != false) ? true : false;
@ -132,7 +125,7 @@ if ($create_incident === true) {
// If incident id is specified, retrieve incident values from api to populate combos with such values.
if ($update) {
// Call Integria IMS API method to get details of an incident given its id.
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_details', [$incident_id_edit], false, '', ',');
$result_api_call = integria_api_call(null, null, null, null, 'get_incident_details', [$incident_id_edit], false, '', ',');
// API call does not return indexes, therefore future modifications of API function in Integria IMS may lead to inconsistencies when accessing resulting array in this file.
$incident_details_separator = explode(',', $result_api_call);

56
pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
View File

@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
check_login();
if (!check_acl($config['id_user'], 0, 'IR')) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
// Check if Integria integration enabled.
if ($config['integria_enabled'] == 0) {
ui_print_error_message(__('In order to access ticket management system, integration with Integria IMS must be enabled and properly configured'));
@ -32,7 +25,7 @@ if ($config['integria_enabled'] == 0) {
}
// Check connection to Integria IMS API.
$has_connection = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_login', []);
$has_connection = integria_api_call(null, null, null, null, 'get_login', []);
if ($has_connection === false) {
ui_print_error_message(__('Integria IMS API is not reachable'));
@ -46,10 +39,10 @@ ui_require_css_file('integriaims');
$incident_id = (int) get_parameter('incident_id');
// API call.
$result_api_call_list = integria_api_call(
$config['integria_hostname'],
$config['integria_user'],
$config['integria_pass'],
$config['integria_api_pass'],
null,
null,
null,
null,
'get_incident_details',
[$incident_id]
);
@ -124,10 +117,7 @@ $table_files->head[1] = __('Timestamp');
$table_files->head[2] = __('Description');
$table_files->head[3] = __('User');
$table_files->head[4] = __('Size');
if (check_acl($config['id_user'], 0, 'IW')) {
$table_files->head[5] = __('Delete');
}
$table_files->head[5] = __('Delete');
$table_files->data = [];
@ -159,9 +149,7 @@ if ($upload_file && ($_FILES['userfile']['name'] != '')) {
$filecontent = base64_encode(file_get_contents($_FILES['userfile']['tmp_name']));
$filename = str_replace('&#x20;', '+', $filename);
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'attach_file', [$incident_id, $filename, $filesize, $filedescription, $filecontent], false, '', '|;|');
$result_api_call = integria_api_call(null, null, null, null, 'attach_file', [$incident_id, $filename, $filesize, $filedescription, $filecontent], false, '', '|;|');
// API method returns '0' string if success.
$file_added = ($result_api_call === '0') ? true : false;
@ -178,7 +166,7 @@ if ($upload_file && ($_FILES['userfile']['name'] != '')) {
// Delete file.
if (isset($_GET['delete_file'])) {
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'delete_file', [$delete_file_id]);
$result_api_call = integria_api_call(null, null, null, null, 'delete_file', [$delete_file_id]);
$file_deleted = false;
@ -195,7 +183,7 @@ if (isset($_GET['delete_file'])) {
// Download file.
if (isset($_GET['download_file'])) {
$file_base64 = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'download_file', [$download_file_id]);
$file_base64 = integria_api_call(null, null, null, null, 'download_file', [$download_file_id]);
ob_end_clean();
$decoded = base64_decode($file_base64);
@ -221,7 +209,7 @@ if (isset($_GET['download_file'])) {
}
// Retrieve files belonging to incident and create list table.
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_files', [$incident_id]);
$result_api_call = integria_api_call(null, null, null, null, 'get_incident_files', [$incident_id]);
if ($result_api_call != false && strlen($result_api_call) > 0) {
$files = [];
@ -242,11 +230,10 @@ foreach ($files as $key => $value) {
$table_files->data[$i][2] = $value[12];
$table_files->data[$i][3] = $value[8];
$table_files->data[$i][4] = $value[13];
if (check_acl($config['id_user'], 0, 'IW')) {
$table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
}
$table_files->data[$i][5] .= '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&delete_file='.$value[0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table_files->data[$i][5] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
$table_files->data[$i][5] .= '</a>';
@ -269,9 +256,7 @@ $table_files_section->data[2][0] .= '<div class="w100p right">'.html_print_submi
$upload_file_form = '<div class="w100p">';
if (check_acl($config['id_user'], 0, 'IW')) {
$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
}
$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
$upload_file_form .= '<h4>'.__('Attached files').'</h4>'.html_print_table($table_files, true).'</form></div>';
@ -324,7 +309,7 @@ $table_comments_section->data[1][1] .= '<div class="w100p right">'.html_print_su
// Upload comment. If ticket is closed, this action cannot be performed.
if ($upload_comment && $array_get_incidents[6] != 7) {
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'create_workunit', [$incident_id, $comment_description, '0.00', 0, 1, '0'], false, '', '|;|');
$result_api_call = integria_api_call(null, null, null, null, 'create_workunit', [$incident_id, $comment_description, '0.00', 0, 1, '0'], false, '', '|;|');
// API method returns id of new comment if success.
$comment_added = ($result_api_call >= '0') ? true : false;
@ -337,7 +322,7 @@ if ($upload_comment && $array_get_incidents[6] != 7) {
}
// Retrieve comments belonging to incident and create comments table.
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_workunits', [$incident_id]);
$result_api_call = integria_api_call(null, null, null, null, 'get_incident_workunits', [$incident_id]);
if ($result_api_call != false && strlen($result_api_call) > 0) {
$comments = [];
@ -363,9 +348,8 @@ if (!empty($comments)) {
$upload_comment_form = '<div class="w100p">';
if (check_acl($config['id_user'], 0, 'IW')) {
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
}
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
$upload_comment_form .= '<h4>'.__('Comments').'</h4>'.$comment_table.'</div>';
@ -487,4 +471,4 @@ $(document).ready (function () {
});
});
</script>
</script>

6
pandora_console/operation/incidents/incident_statistics.php
View File

@ -18,12 +18,6 @@ require_once $config['homedir'].'/include/functions_graph.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
db_pandora_audit('ACL Violation', 'Trying to access Incident section');
include 'general/noaccess.php';
exit;
}
ui_print_page_header(__('Incidents').' &raquo; '.__('Statistics'), 'images/book_edit.png', false, '', false, '');
if (!$config['integria_enabled']) {

8
pandora_console/operation/incidents/integriaims_export_csv.php
View File

@ -20,14 +20,6 @@ require_once '../../include/functions_integriaims.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
// API calls.
$status_incident = integriaims_get_details('status');
$group_incident = integriaims_get_details('group');

51
pandora_console/operation/incidents/list_integriaims_incidents.php
View File

@ -18,13 +18,6 @@ require_once 'include/functions_integriaims.php';
check_login();
if (! check_acl($config['id_user'], 0, 'IR')) {
// Doesn't have access to this page.
db_pandora_audit('ACL Violation', 'Trying to access IntegriaIMS ticket creation');
include 'general/noaccess.php';
exit;
}
// Header tabs.
$onheader = integriaims_tabs('list_tab');
ui_print_page_header(
@ -43,7 +36,7 @@ if ($config['integria_enabled'] == 0) {
}
// Check connection to Integria IMS API.
$has_connection = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_login', []);
$has_connection = integria_api_call(null, null, null, null, 'get_login', []);
if ($has_connection === false) {
ui_print_error_message(__('Integria IMS API is not reachable'));
@ -70,10 +63,10 @@ $delete_incident = get_parameter('delete_incident');
if ($delete_incident) {
// Call Integria IMS API method to delete an incident.
$result_api_call_delete = integria_api_call(
$config['integria_hostname'],
$config['integria_user'],
$config['integria_pass'],
$config['integria_api_pass'],
null,
null,
null,
null,
'delete_incident',
[$delete_incident]
);
@ -266,9 +259,7 @@ $table->head[4] = __('Prior');
$table->head[5] = __('Updated/Started');
$table->head[6] = __('Creator');
$table->head[7] = __('Owner');
if (check_acl($config['id_user'], 0, 'IW') || check_acl($config['id_user'], 0, 'IM')) {
$table->head[8] = '';
}
$table->head[8] = '';
$table->data = [];
$i = 0;
@ -294,18 +285,14 @@ foreach ($incidents_paginated as $key => $value) {
$table->data[$i][7] = $array_get_incidents[$key][5];
$table->data[$i][8] = '';
$table->cellclass[$i][8] = 'action_buttons';
if (check_acl($config['id_user'], 0, 'IW')) {
$table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
$table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
$table->data[$i][8] .= '</a>';
}
$table->data[$i][8] .= '<a href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident&incident_id='.$array_get_incidents[$key][0]).'">';
$table->data[$i][8] .= html_print_image('images/config.png', true, ['title' => __('Edit')]);
$table->data[$i][8] .= '</a>';
if (check_acl($config['id_user'], 0, 'IM')) {
$table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
$table->data[$i][8] .= '</a>';
}
$table->data[$i][8] .= '<a id="link_delete_incident" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/list_integriaims_incidents&delete_incident='.$array_get_incidents[$key][0]).'"
onClick="javascript:if (!confirm(\''.__('Are you sure?').'\')) return false;">';
$table->data[$i][8] .= html_print_image('images/cross.png', true, ['title' => __('Delete'), 'class' => 'invert_filter']);
$table->data[$i][8] .= '</a>';
$i++;
}
@ -320,13 +307,11 @@ if (empty($table->data) === true) {
}
// Show button to create incident.
if (check_acl($config['id_user'], 0, 'IR')) {
echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
echo '<div class="wi100p right">';
html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
echo '</div>';
echo '</form>';
}
echo '<form method="POST" action="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/configure_integriaims_incident').'">';
echo '<div class="wi100p right">';
html_print_submit_button(__('Create'), 'create_new_incident', false, 'class="sub next"');
echo '</div>';
echo '</form>';
// Datapicker library for show calendar.
ui_require_jquery_file('ui.datepicker-'.get_user_language(), 'include/javascript/i18n/');

47
pandora_console/operation/menu.php
View File

@ -270,9 +270,9 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
$own_groups = array_keys(users_get_groups($config['id_user'], 'IR'));
$own_groups = array_keys(users_get_groups($config['id_user'], 'MR'));
} else {
$own_groups = array_keys(users_get_groups($config['id_user'], 'IR', false));
$own_groups = array_keys(users_get_groups($config['id_user'], 'MR', false));
}
foreach ($gisMaps as $gisMap) {
@ -281,10 +281,6 @@ if (check_acl($config['id_user'], 0, 'MR') || check_acl($config['id_user'], 0, '
continue;
}
if (! check_acl($config['id_user'], $gisMap['group_id'], 'IR')) {
continue;
}
$sub2['operation/gis_maps/render_view&amp;map_id='.$gisMap['id_tgis_map']]['text'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
$sub2['operation/gis_maps/render_view&amp;map_id='.$gisMap['id_tgis_map']]['id'] = mb_substr(io_safe_output($gisMap['map_name']), 0, 15);
$sub2['operation/gis_maps/render_view&amp;map_id='.$gisMap['id_tgis_map']]['title'] = io_safe_output($gisMap['map_name']);
@ -462,30 +458,25 @@ $sub['operation/users/user_edit_notifications']['refr'] = 0;
// Incidents.
if (check_acl($config['id_user'], 0, 'IR')
|| check_acl($config['id_user'], 0, 'IW')
|| check_acl($config['id_user'], 0, 'IM')
) {
$temp_sec2 = $sec2;
$sec2 = 'incident';
$sec2sub = 'operation/incidents/incident_statistics';
$sub[$sec2]['text'] = __('Incidents');
$sub[$sec2]['id'] = 'Incidents';
$sub[$sec2]['type'] = 'direct';
$sub[$sec2]['subtype'] = 'nolink';
$sub[$sec2]['refr'] = 0;
$sub[$sec2]['subsecs'] = [
'operation/incidents/incident_detail',
'operation/integria_incidents',
];
$temp_sec2 = $sec2;
$sec2 = 'incident';
$sec2sub = 'operation/incidents/incident_statistics';
$sub[$sec2]['text'] = __('Incidents');
$sub[$sec2]['id'] = 'Incidents';
$sub[$sec2]['type'] = 'direct';
$sub[$sec2]['subtype'] = 'nolink';
$sub[$sec2]['refr'] = 0;
$sub[$sec2]['subsecs'] = [
'operation/incidents/incident_detail',
'operation/integria_incidents',
];
$sub2 = [];
$sub2[$sec2sub]['text'] = __('Integria IMS statistics');
$sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
$sub2 = [];
$sub2[$sec2sub]['text'] = __('Integria IMS statistics');
$sub2['operation/incidents/list_integriaims_incidents']['text'] = __('Integria IMS ticket list');
$sub[$sec2]['sub2'] = $sub2;
$sec2 = $temp_sec2;
}
$sub[$sec2]['sub2'] = $sub2;
$sec2 = $temp_sec2;
// Messages.

2
pandora_console/operation/netflow/nf_live_view.php
View File

@ -370,7 +370,7 @@ if (is_metaconsole()) {
).'</td>';
$own_info = get_user_info($config['id_user']);
echo '<td><span id="filter_group_color"><b>'.__('Group').'</b></span></td>';
echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'IW', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
echo "<td colspan='2'>".html_print_select_groups($config['id_user'], 'AR', $own_info['is_admin'], 'assign_group', $filter['id_group'], '', '', -1, true, false, false).'</td>';
echo '</tr>';
$advanced_toggle = '<table class="w100p">';

2
pandora_console/operation/search_graphs.getdata.php
View File

@ -16,7 +16,7 @@ global $config;
require_once 'include/functions_custom_graphs.php';
// Check ACL
$searchGraphs = check_acl($config['id_user'], 0, 'IR');
$searchGraphs = check_acl($config['id_user'], 0, 'RR');
$graphs = false;

2
pandora_console/operation/search_graphs.php
View File

@ -15,7 +15,7 @@ global $config;
require_once 'include/functions_custom_graphs.php';
$searchGraphs = check_acl($config['id_user'], 0, 'IR');
$searchGraphs = check_acl($config['id_user'], 0, 'RR');
if ($graphs === false || !$searchGraphs) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";

2
pandora_console/operation/search_helps.php
View File

@ -13,8 +13,6 @@
// GNU General Public License for more details.
global $config;
$totalHelps = check_acl($config['id_user'], 0, 'IR');
if ($helps === false || !$searchHelps) {
echo "<br><div class='nf'>".__('Zero results found.').sprintf(
__('You can find more help in the <a class="underline" href="%s">wiki</a>'),

2
pandora_console/operation/search_maps.getdata.php
View File

@ -13,7 +13,7 @@
// GNU General Public License for more details.
global $config;
$searchMaps = check_acl($config['id_user'], 0, 'IR');
$searchMaps = check_acl($config['id_user'], 0, 'VR');
$maps = false;
$totalMaps = 0;

2
pandora_console/operation/search_maps.php
View File

@ -13,7 +13,7 @@
// GNU General Public License for more details.
global $config;
$searchMaps = check_acl($config['id_user'], 0, 'IR');
$searchMaps = check_acl($config['id_user'], 0, 'VR');
if ($maps === false || !$searchMaps) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";

4
pandora_console/operation/search_reports.php
View File

@ -19,9 +19,7 @@ require_once 'include/functions_reports.php';
$linkReport = false;
$searchReports = check_acl($config['id_user'], 0, 'RR');
if (check_acl($config['id_user'], 0, 'IW')) {
$linkReport = true;
}
$linkReport = true;
if ($reports === false || !$searchReports) {
echo "<br><div class='nf'>".__('Zero results found')."</div>\n";

3
pandora_console/operation/search_results.php
View File

@ -19,7 +19,8 @@ enterprise_include('operation/reporting/custom_reporting.php');
$searchAgents = $searchAlerts = $searchModules = check_acl($config['id_user'], 0, 'AR');
$searchUsers = $searchPolicies = check_acl($config['id_user'], 0, 'AR');
$searchMaps = $searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'IR');
$searchReports = $searchGraphs = check_acl($config['id_user'], 0, 'RR');
$searchMaps = check_acl($config['id_user'], 0, 'VR');
$searchMain = true;
$searchHelps = true;

87
pandora_console/operation/snmpconsole/snmp_view.php
View File

@ -133,10 +133,10 @@ if ($config['pure']) {
// OPERATIONS
// Delete SNMP Trap entry Event (only incident management access).
// Delete SNMP Trap entry Event.
if (isset($_GET['delete'])) {
$id_trap = (int) get_parameter_get('delete', 0);
if ($id_trap > 0 && check_acl($config['id_user'], 0, 'IM')) {
if ($id_trap > 0) {
if ($group_by) {
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$id_trap.')
AND source IN (SELECT source FROM ttrap WHERE id_trap = '.$id_trap.')';
@ -156,42 +156,30 @@ if (isset($_GET['delete'])) {
__('Could not be deleted')
);
}
} else {
db_pandora_audit(
'ACL Violation',
'Trying to delete SNMP event ID #'.$id_trap
);
}
}
// Check Event (only incident write access).
// Check Event.
if (isset($_GET['check'])) {
$id_trap = (int) get_parameter_get('check', 0);
if (check_acl($config['id_user'], 0, 'IW')) {
$values = [
'status' => 1,
'id_usuario' => $config['id_user'],
];
$result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
$values = [
'status' => 1,
'id_usuario' => $config['id_user'],
];
$result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]);
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
ui_print_result_message(
$result,
__('Successfully updated'),
__('Could not be updated')
);
} else {
db_pandora_audit(
'ACL Violation',
'Trying to checkout SNMP Trap ID'.$id_trap
);
}
ui_print_result_message(
$result,
__('Successfully updated'),
__('Could not be updated')
);
}
// Mass-process DELETE.
if (isset($_POST['deletebt'])) {
$trap_ids = get_parameter_post('snmptrapid', []);
if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
if (is_array($trap_ids)) {
if ($group_by) {
foreach ($trap_ids as $key => $value) {
$sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$value.')
@ -210,28 +198,18 @@ if (isset($_POST['deletebt'])) {
enterprise_hook('snmp_update_forwarded_modules', [$forward_info]);
}
}
} else {
db_pandora_audit(
'ACL Violation',
'Trying to mass-delete SNMP Trap ID'
);
}
}
// Mass-process UPDATE.
if (isset($_POST['updatebt'])) {
$trap_ids = get_parameter_post('snmptrapid', []);
if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) {
if (is_array($trap_ids)) {
foreach ($trap_ids as $id_trap) {
$sql = sprintf("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config['id_user'], $id_trap);
db_process_sql($sql);
enterprise_hook('snmp_update_forwarded_modules', [$id_trap]);
}
} else {
db_pandora_audit(
'ACL Violation',
'Trying to mass-delete SNMP Trap ID'
);
}
}
@ -1025,7 +1003,7 @@ if ($traps !== false) {
// Actions.
$data[8] = '';
if (empty($trap['status']) && check_acl($config['id_user'], 0, 'IW')) {
if (empty($trap['status'])) {
$data[8] .= '<a href="'.$urlPagination.'&check='.$trap['id_trap'].'">'.html_print_image('images/ok.png', true, ['border' => '0', 'title' => __('Validate')]).'</a> ';
}
@ -1045,17 +1023,15 @@ if ($traps !== false) {
} else {
$agent_trap_group = db_get_value('id_grupo', 'tagente', 'nombre', $trap['source']);
if ((check_acl($config['id_user'], $agent_trap_group, 'IM'))) {
$data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
'images/cross.png',
true,
[
'border' => '0',
'title' => __('Delete'),
'class' => 'invert_filter',
]
).'</a> ';
}
$data[8] .= '<a href="'.$urlPagination.'&delete='.$trap['id_trap'].'&offset='.$offset.'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image(
'images/cross.png',
true,
[
'border' => '0',
'title' => __('Delete'),
'class' => 'invert_filter',
]
).'</a> ';
}
$data[8] .= '<a href="javascript: toggleVisibleExtendedInfo('.$trap['id_trap'].');">'.html_print_image(
@ -1217,14 +1193,11 @@ if ($idx == 0) {
unset($table);
echo '<div class="w98p right">';
if (check_acl($config['id_user'], 0, 'IW')) {
html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
}
if (check_acl($config['id_user'], 0, 'IM')) {
echo '&nbsp;';
html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
}
html_print_submit_button(__('Validate'), 'updatebt', false, 'class="sub ok"');
echo '&nbsp;';
html_print_submit_button(__('Delete'), 'deletebt', false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"');
echo '</div></form>';

123
pandora_console/operation/users/user_edit.php
View File

@ -127,7 +127,8 @@ if (isset($_GET['modified']) && !$view_mode) {
$upd_info['ehorus_user_level_pass'] = get_parameter('ehorus_user_level_pass');
$upd_info['ehorus_user_level_enabled'] = get_parameter('ehorus_user_level_enabled', 0);
$upd_info['integria_user_level_user'] = get_parameter('integria_user_level_user');
$upd_info['integria_user_level_pass'] = get_parameter('integria_user_level_pass');
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $id);
@ -731,12 +732,57 @@ if ($config['ehorus_enabled'] && $config['ehorus_user_level_conf']) {
$row['control'] .= '<span id="test-ehorus-message" class="invisible"></span>';
$table_remote->data['ehorus_test'] = $row;
echo '<div class="ehorus_user_conf">';
echo '<div class="ehorus_user_conf user_edit_fourth_row">';
html_print_table($table_remote);
echo '</div>';
}
if ($config['integria_enabled'] && $config['integria_user_level_conf']) {
// Integria IMS user remote login.
$table_remote = new StdClass();
$table_remote->data = [];
$table_remote->width = '100%';
$table_remote->id = 'integria-remote-setup';
$table_remote->class = 'white_box';
$table_remote->size['name'] = '30%';
$table_remote->style['name'] = 'font-weight: bold';
// Integria IMS user level authentication.
// Title
$row = [];
$row['control'] = '<p class="edit_user_labels">'.__('Integria user configuration').': </p>';
$table_remote->data['integria_user_level_conf'] = $row;
// Integria IMS user.
$row = [];
$row['name'] = __('User');
$row['control'] = html_print_input_text('integria_user_level_user', $user_info['integria_user_level_user'], '', 30, 100, true);
$table_remote->data['integria_user_level_user'] = $row;
// Integria IMS pass.
$row = [];
$row['name'] = __('Password');
$row['control'] = html_print_input_password('integria_user_level_pass', io_output_password($user_info['integria_user_level_pass']), '', 30, 100, true);
$table_remote->data['integria_user_level_pass'] = $row;
// Test.
$integria_host = db_get_value('value', 'tconfig', 'token', 'integria_hostname');
$integria_api_pass = db_get_value('value', 'tconfig', 'token', 'integria_api_pass');
$row = [];
$row['name'] = __('Test');
$row['control'] = html_print_button(__('Start'), 'test-integria', false, 'integria_connection_test(&quot;'.$integria_host.'&quot;,'.$integria_api_pass.')', 'class="sub next"', true);
$row['control'] .= '&nbsp;<span id="test-integria-spinner" class="invisible">&nbsp;'.html_print_image('images/spinner.gif', true).'</span>';
$row['control'] .= '&nbsp;<span id="test-integria-success" class="invisible">&nbsp;'.html_print_image('images/status_sets/default/severity_normal.png', true).'</span>';
$row['control'] .= '&nbsp;<span id="test-integria-failure" class="invisible">&nbsp;'.html_print_image('images/status_sets/default/severity_critical.png', true).'</span>';
$row['control'] .= '<span id="test-integria-message" class="invisible"></span>';
$table_remote->data['integria_test'] = $row;
echo '<div class="integria_user_conf">';
html_print_table($table_remote);
echo '</div>';
}
echo '<div class="edit_user_button">';
if (!$config['user_can_update_info']) {
@ -1280,4 +1326,75 @@ function ehorus_connection_test(host, port) {
hideLoadingImage();
});
}
function integria_connection_test(api_hostname, api_pass) {
var user = $('input#text-integria_user_level_user').val();
var pass = $('input#password-integria_user_level_pass').val();
var badRequestMessage = '<?php echo __('Empty user or password'); ?>';
var notFoundMessage = '<?php echo __('User not found'); ?>';
var invalidPassMessage = '<?php echo __('Invalid password'); ?>';
var hideLoadingImage = function () {
$('#test-integria-spinner').hide();
}
var showLoadingImage = function () {
$('#test-integria-spinner').show();
}
var hideSuccessImage = function () {
$('#test-integria-success').hide();
}
var showSuccessImage = function () {
$('#test-integria-success').show();
}
var hideFailureImage = function () {
$('#test-integria-failure').hide();
}
var showFailureImage = function () {
$('#test-integria-failure').show();
}
var hideMessage = function () {
$('#test-integria-message').hide();
}
var showMessage = function () {
$('#test-integria-message').show();
}
var changeTestMessage = function (message) {
$('#test-integria-message').text(message);
}
hideSuccessImage();
hideFailureImage();
hideMessage();
showLoadingImage();
$.ajax({
url: "ajax.php",
type: 'POST',
dataType: 'json',
data: {
page: 'godmode/setup/setup_integria',
operation: 'check_api_access',
integria_user: user,
integria_pass: pass,
api_hostname: api_hostname,
api_pass: api_pass,
}
})
.done(function(data, textStatus, xhr) {
if (data.login == '1') {
showSuccessImage();
} else {
showFailureImage();
showMessage();
}
})
.fail(function(xhr, textStatus, errorThrown) {
showFailureImage();
showMessage();
})
.always(function(xhr, textStatus) {
hideLoadingImage();
});
}
</script>

5
pandora_console/pandoradb.sql
View File

@ -1049,9 +1049,6 @@ CREATE TABLE IF NOT EXISTS `torigen` (
CREATE TABLE IF NOT EXISTS `tperfil` (
`id_perfil` int(10) unsigned NOT NULL auto_increment,
`name` TEXT NOT NULL,
`incident_edit` tinyint(1) NOT NULL DEFAULT 0,
`incident_view` tinyint(1) NOT NULL DEFAULT 0,
`incident_management` tinyint(1) NOT NULL DEFAULT 0,
`agent_view` tinyint(1) NOT NULL DEFAULT 0,
`agent_edit` tinyint(1) NOT NULL DEFAULT 0,
`alert_edit` tinyint(1) NOT NULL DEFAULT 0,
@ -1267,6 +1264,8 @@ CREATE TABLE IF NOT EXISTS `tusuario` (
`ehorus_user_level_user` VARCHAR(60),
`ehorus_user_level_pass` VARCHAR(45),
`ehorus_user_level_enabled` TINYINT(1),
`integria_user_level_user` VARCHAR(60),
`integria_user_level_pass` VARCHAR(45),
CONSTRAINT `fk_filter_id` FOREIGN KEY (`id_filter`) REFERENCES tevent_filter (`id_filter`) ON DELETE SET NULL,
UNIQUE KEY `id_user` (`id_user`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

2
pandora_console/pandoradb_data.sql
View File

@ -364,7 +364,7 @@ INSERT INTO `tusuario_perfil` (`id_up`, `id_usuario`, `id_perfil`, `id_grupo`, `
-- Dumping data for table `tperfil`
--
INSERT INTO `tperfil` VALUES (1,'Operator&#x20;&#40;Read&#41;',0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0,0,1,0,0,1,0,0),(2,'Operator&#x20;&#40;Write&#41;',1,1,0,1,0,0,0,0,0,0,1,1,0,1,1,0,0,1,1,0,1,1,0),(3,'Chief&#x20;Operator',1,1,1,1,0,0,0,0,0,0,1,1,1,1,1,0,1,1,1,1,1,1,1),(4,'Group&#x20;coordinator',1,1,1,1,1,1,1,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1),(5,'Pandora&#x20;Administrator',1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1);
INSERT INTO `tperfil` VALUES (1,'Operator&#x20;&#40;Read&#41;',1,0,0,0,0,0,0,1,0,0,1,0,0,0,1,0,0,1,0,0),(2,'Operator&#x20;&#40;Write&#41;',1,0,0,0,0,0,0,1,1,0,1,1,0,0,1,1,0,1,1,0),(3,'Chief&#x20;Operator',1,0,0,0,0,0,0,1,1,1,1,1,0,1,1,1,1,1,1,1),(4,'Group&#x20;coordinator',1,1,1,1,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1),(5,'Pandora&#x20;Administrator',1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1);
--
-- Dumping data for table `tnews`

28
pandora_server/util/pandora_manage.pl
View File

@ -192,8 +192,8 @@ sub help_screen{
help_screen_line('--add_profile', '<user_name> <profile_name> <group_name>', 'Add perfil to user');
help_screen_line('--delete_profile', '<user_name> <profile_name> <group_name>', 'Delete perfil from user');
help_screen_line('--add_profile_to_user', '<user_id> <profile_name> [<group_name>]', 'Add a profile in group to a user');
help_screen_line('--create_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
help_screen_line('--update_profile', "<profile_name> <incident_view> <incident_edit> <incident_management> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
help_screen_line('--create_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Create profile');
help_screen_line('--update_profile', "<profile_name> <agent_view>\n\t <agent_edit> <agent_disable> <alert_edit> <alert_management> <user_management> <db_management>\n\t <event_view> <event_edit> <event_management> <report_view> <report_edit> <report_management>\n\t <map_view> <map_edit> <map_management> <vconsole_view> <vconsole_edit> <vconsole_management>\n\t <pandora_management>", 'Modify profile');
help_screen_line('--disable_eacl', '', 'Disable enterprise ACL system');
help_screen_line('--enable_eacl', '', 'Enable enterprise ACL system');
help_screen_line('--disable_double_auth', '<user_name>', 'Disable the double authentication for the specified user');
@ -563,14 +563,14 @@ sub pandora_create_user_profile ($$$$) {
##########################################################################
## Create profile.
##########################################################################
sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,incident_view,incident_edit,incident_management,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
safe_input($profile_name), $incident_view,$incident_edit, $incident_management, $agent_view,
return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);',
safe_input($profile_name), $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
@ -579,14 +579,14 @@ sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
##########################################################################
#### Update profile.
###########################################################################
sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view,
sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$) {
my ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_;
return db_update ($dbh, 'UPDATE tperfil SET incident_view = ?, incident_edit = ?, incident_management = ?, agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
$incident_view,$incident_edit, $incident_management, $agent_view,
return db_update ($dbh, 'UPDATE tperfil SET agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;',
$agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management, safe_input($profile_name));
@ -4008,7 +4008,7 @@ sub cli_add_profile() {
##############################################################################
sub cli_create_profile() {
my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
my ($profile_name,$agent_view,
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
@ -4016,7 +4016,7 @@ sub cli_create_profile() {
my $id_profile = get_profile_id($dbh,$profile_name);
non_exist_check($id_profile,'profile',$profile_name);
pandora_create_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
pandora_create_profile ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);
@ -4028,7 +4028,7 @@ sub cli_create_profile() {
##############################################################################
#
sub cli_update_profile() {
my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view,
my ($profile_name,$agent_view,
$agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management,
$event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management,
$map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25];
@ -4036,7 +4036,7 @@ sub cli_update_profile() {
my $id_profile = get_profile_id($dbh,$profile_name);
exist_check($id_profile,'profile',$profile_name);
pandora_update_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view,
pandora_update_profile ($dbh, $profile_name, $agent_view,
$agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management,
$event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management,
$map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management);