tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 08:45:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

ACL improvements for the module graphs

Browse Source
This commit is contained in:
Alejandro Gallardo Escobar 2015-03-25 12:26:16 +01:00
parent de65702f9a
commit b945ee8892
3 changed files with 79 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
pandora_console/include/functions_treeview.php
View File

@ -314,6 +314,8 @@ function treeview_printTable($id_agente, $server_data = array()) {
enterprise_include_once ('meta/include/functions_ui_meta.php'); enterprise_include_once ('meta/include/functions_ui_meta.php');
include_graphs_dependencies(); include_graphs_dependencies();
$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
$is_extra = enterprise_hook('policies_is_agent_extra_policy', array($id_agente)); $is_extra = enterprise_hook('policies_is_agent_extra_policy', array($id_agente));
if ($is_extra === ENTERPRISE_NOT_HOOK) { if ($is_extra === ENTERPRISE_NOT_HOOK) {
@ -545,25 +547,41 @@ function treeview_printTable($id_agente, $server_data = array()) {
$table->data = array(); $table->data = array();
foreach ($network_interfaces as $interface_name => $interface) { foreach ($network_interfaces as $interface_name => $interface) {
if (!empty($interface['traffic']) && check_acl($config['id_user'], $agent["id_grupo"], "RR")) { if (!empty($interface['traffic'])) {
$params = array( $permission = false;
'interface_name' => $interface_name,
'agent_id' => $id_agente,
'traffic_module_in' => $interface['traffic']['in'],
'traffic_module_out' => $interface['traffic']['out']
);
if (defined('METACONSOLE') && !empty($server_id)) if ($strict_user) {
$params["server"] = $server_id; if (tags_check_acl_by_module($interface['traffic']['in'], $config['id_user'], 'RR') === true
&& tags_check_acl_by_module($interface['traffic']['out'], $config['id_user'], 'RR') === true)
$permission = true;
}
else {
$permission = check_acl($config['id_user'], $agent["id_grupo"], "RR");
}
$params_json = json_encode($params); if ($permission) {
$params_encoded = base64_encode($params_json); $params = array(
$url = ui_get_full_url("operation/agentes/interface_traffic_graph_win.php", false, false, false); 'interface_name' => $interface_name,
$graph_url = "$url?params=$params_encoded"; 'agent_id' => $id_agente,
$win_handle = dechex(crc32($interface['status_module_id'].$interface_name)); 'traffic_module_in' => $interface['traffic']['in'],
'traffic_module_out' => $interface['traffic']['out']
$graph_link = "<a href=\"javascript:winopeng('$graph_url','$win_handle')\">" . );
html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
if (defined('METACONSOLE') && !empty($server_id))
$params["server"] = $server_id;
$params_json = json_encode($params);
$params_encoded = base64_encode($params_json);
$url = ui_get_full_url("operation/agentes/interface_traffic_graph_win.php", false, false, false);
$graph_url = "$url?params=$params_encoded";
$win_handle = dechex(crc32($interface['status_module_id'].$interface_name));
$graph_link = "<a href=\"javascript:winopeng('$graph_url','$win_handle')\">" .
html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
}
else {
$graph_link = "";
}
} }
else { else {
$graph_link = ""; $graph_link = "";

39
pandora_console/operation/agentes/estado_generalagente.php
View File

@ -29,6 +29,7 @@ include_once($config['homedir'] . "/include/functions_clippy.php");
check_login (); check_login ();
$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
$id_agente = get_parameter_get ("id_agente", -1); $id_agente = get_parameter_get ("id_agente", -1);
@ -415,17 +416,33 @@ if (!empty($network_interfaces)) {
foreach ($network_interfaces as $interface_name => $interface) { foreach ($network_interfaces as $interface_name => $interface) {
if (!empty($interface['traffic'])) { if (!empty($interface['traffic'])) {
$params = array( $permission = false;
'interface_name' => $interface_name,
'agent_id' => $id_agente, if ($strict_user) {
'traffic_module_in' => $interface['traffic']['in'], if (tags_check_acl_by_module($interface['traffic']['in'], $config['id_user'], 'RR') === true
'traffic_module_out' => $interface['traffic']['out'] && tags_check_acl_by_module($interface['traffic']['out'], $config['id_user'], 'RR') === true)
); $permission = true;
$params_json = json_encode($params); }
$params_encoded = base64_encode($params_json); else {
$win_handle = dechex(crc32($interface['status_module_id'].$interface_name)); $permission = check_acl($config['id_user'], $agent["id_grupo"], "RR");
$graph_link = "<a href=\"javascript:winopeng('operation/agentes/interface_traffic_graph_win.php?params=$params_encoded','$win_handle')\">" . }
html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
if ($permission) {
$params = array(
'interface_name' => $interface_name,
'agent_id' => $id_agente,
'traffic_module_in' => $interface['traffic']['in'],
'traffic_module_out' => $interface['traffic']['out']
);
$params_json = json_encode($params);
$params_encoded = base64_encode($params_json);
$win_handle = dechex(crc32($interface['status_module_id'].$interface_name));
$graph_link = "<a href=\"javascript:winopeng('operation/agentes/interface_traffic_graph_win.php?params=$params_encoded','$win_handle')\">" .
html_print_image("images/chart_curve.png", true, array("title" => __('Interface traffic'))) . "</a>";
}
else {
$graph_link = "";
}
} }
else { else {
$graph_link = ""; $graph_link = "";

21
pandora_console/operation/agentes/interface_traffic_graph_win.php
View File

@ -21,13 +21,15 @@ if (! isset($_SESSION['id_usuario'])) {
// Global & session management // Global & session management
require_once ('../../include/config.php'); require_once ('../../include/config.php');
require_once ('../../include/auth/mysql.php'); require_once ($config['homedir'] . '/include/auth/mysql.php');
require_once ($config['homedir'] . '/include/functions.php'); require_once ($config['homedir'] . '/include/functions.php');
require_once ($config['homedir'] . '/include/functions_db.php'); require_once ($config['homedir'] . '/include/functions_db.php');
require_once ($config['homedir'] . '/include/functions_reporting.php'); require_once ($config['homedir'] . '/include/functions_reporting.php');
require_once ($config['homedir'] . '/include/functions_graph.php'); require_once ($config['homedir'] . '/include/functions_graph.php');
require_once ($config['homedir'] . '/include/functions_custom_graphs.php'); require_once ($config['homedir'] . '/include/functions_custom_graphs.php');
require_once ($config['homedir'] . '/include/functions_modules.php'); require_once ($config['homedir'] . '/include/functions_modules.php');
require_once ($config['homedir'] . '/include/functions_agents.php');
require_once ($config['homedir'] . '/include/functions_tags.php');
check_login(); check_login();
@ -36,7 +38,7 @@ $params = json_decode($params_json, true);
// Metaconsole connection to the node // Metaconsole connection to the node
$server_id = (int) (isset($params['server']) ? $params['server'] : 0); $server_id = (int) (isset($params['server']) ? $params['server'] : 0);
if (!empty($server_id) && function_exists("metaconsole_get_connection_by_id")) { if ($config["metaconsole"] && !empty($server_id)) {
$server = metaconsole_get_connection_by_id($server_id); $server = metaconsole_get_connection_by_id($server_id);
// Error connecting // Error connecting
@ -110,15 +112,24 @@ $interface_traffic_modules = array(
// ACL // ACL
$permission = false; $permission = false;
$agent_group = (int) agents_get_agent_group($agent_id); $agent_group = (int) agents_get_agent_group($agent_id);
$strict_user = (bool) db_get_value("strict_acl", "tusuario", "id_user", $config['id_user']);
// The traffic modules should belong to the agent id // The traffic modules should belong to the agent id
$in_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_in']); $in_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_in']);
$out_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_out']); $out_agent_id = (int) db_get_value("id_agente", "tagente_modulo", "id_agente_modulo", $params['traffic_module_out']);
$traffic_modules_belong_to_agent = $agent_id == $in_agent_id && $agent_id == $out_agent_id; $traffic_modules_belong_to_agent = $agent_id == $in_agent_id && $agent_id == $out_agent_id;
if (!empty($agent_group) && !empty($params['traffic_module_in']) && !empty($params['traffic_module_out']) if (!empty($agent_group) && !empty($params['traffic_module_in'])
&& $traffic_modules_belong_to_agent && check_acl($config['id_user'], $agent_group, "RR")) { && !empty($params['traffic_module_out']) && $traffic_modules_belong_to_agent) {
$permission = true;
if ($strict_user) {
if (tags_check_acl_by_module($params['traffic_module_in'], $config['id_user'], 'RR') === true
&& tags_check_acl_by_module($params['traffic_module_out'], $config['id_user'], 'RR') === true)
$permission = true;
}
else {
$permission = check_acl($config['id_user'], $agent_group, "RR");
}
} }
if (!$permission) { if (!$permission) {