diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index ea3af77cea..c948cb15c9 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,19 @@ +2009-10-26 Ramon Novoa + + * extensions/update_manager.php, + operation/incidents/incident.php, + operation/menu.php, + godmode/setup/links.php, + godmode/users/configure_user.php, + godmode/agentes/planned_downtime.php, + godmode/agentes/agent_manager.php, + godmode/reporting/reporting_builder.php, + godmode/reporting/map_builder.php, + godmode/reporting/graphs.php, + godmode/reporting/graph_builder.php, + godmode/alerts/alert_templates.php, + godmode/menu.php: Several ACL related fixes. + 2009-10-26 Miguel de Dios * pandora_console/godmode/agentes/module_manager_editor.php: fix the diff --git a/pandora_console/extensions/update_manager.php b/pandora_console/extensions/update_manager.php index 6bd8ca4733..99dd248dad 100644 --- a/pandora_console/extensions/update_manager.php +++ b/pandora_console/extensions/update_manager.php @@ -69,6 +69,11 @@ function pandora_update_manager_main () { global $config; global $db; + if (! give_acl ($config['id_user'], 0, "PM")) { + require ("general/noaccess.php"); + return; + } + load_update_manager_lib (); update_settings_database_connection (); diff --git a/pandora_console/godmode/agentes/agent_manager.php b/pandora_console/godmode/agentes/agent_manager.php index 25d305cbc1..f2d4071372 100644 --- a/pandora_console/godmode/agentes/agent_manager.php +++ b/pandora_console/godmode/agentes/agent_manager.php @@ -142,7 +142,8 @@ $table->data[2][1] = print_input_text_extended ('id_parent', get_agent_name ($id $table->data[2][1] .= print_checkbox ("cascade_protection", 1, $cascade_protection, true).__('Cascade protection'). " " . print_help_icon("cascade_protection", true); $table->data[3][0] = __('Group'); -$table->data[3][1] = print_select_from_sql ('SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1 ORDER BY nombre', 'grupo', $grupo, '', '', 0, true); +$groups = get_user_groups (); +$table->data[3][1] = print_select ($groups, 'grupo', $grupo, '', '', 0, true); $table->data[4][0] = __('Interval'); diff --git a/pandora_console/godmode/agentes/planned_downtime.php b/pandora_console/godmode/agentes/planned_downtime.php index de6ee25815..78c65f32ea 100644 --- a/pandora_console/godmode/agentes/planned_downtime.php +++ b/pandora_console/godmode/agentes/planned_downtime.php @@ -27,6 +27,7 @@ if (! give_acl ($config['id_user'], 0, "AW")) { //Initialize data $id_agent = get_parameter ("id_agent"); +$id_group = (int) get_parameter ("id_group", 1); $name = ''; $description = ''; $date_from = (string) get_parameter ('date_from', date ('Y-m-j')); @@ -46,6 +47,7 @@ $id_downtime = (int) get_parameter ('id_downtime',0); $insert_downtime_agent = (int) get_parameter ("insert_downtime_agent", 0); $delete_downtime_agent = (int) get_parameter ("delete_downtime_agent", 0); +$groups = get_user_groups (); // INSERT A NEW DOWNTIME_AGENT ASSOCIATION if ($insert_downtime_agent == 1){ @@ -94,17 +96,17 @@ if ($create_downtime || $update_downtime) { $sql = ''; if ($create_downtime) { $sql = sprintf ("INSERT INTO tplanned_downtime (`name`, - `description`, `date_from`, `date_to`) - VALUES ('%s','%s',%d,%d)", + `description`, `date_from`, `date_to`, `id_group`) + VALUES ('%s','%s',%d,%d, %d)", $name, $description, $datetime_from, - $datetime_to); + $datetime_to, $id_group); } else if ($update_downtime) { $sql = sprintf ("UPDATE tplanned_downtime SET `name`='%s', `description`='%s', `date_from`=%d, - `date_to`=%d + `date_to`=%d, `id_group`=%d WHERE `id` = '%d'", $name, $description, $datetime_from, - $datetime_to, $id_downtime); + $datetime_to, $id_group, $id_downtime); } $result = process_sql ($sql); @@ -148,7 +150,9 @@ echo __('Planned Downtime').''; $table->data[4][0] = __('Timestamp to'); $table->data[4][1] = print_input_text ('date_to', $date_to, '', 10, 10, true); $table->data[4][1] .= print_input_text ('time_to', $time_to, '', 7, 7, true); - + + $table->data[5][0] = __('Group'); + $table->data[5][1] = print_select ($groups, 'id_group', $id_group, '', '', 0, true); echo '
'; if ($id_downtime > 0){ @@ -180,23 +184,24 @@ echo __('Planned Downtime').''; echo '

'.__('Available agents').':

'; - $filter_group = get_parameter("filter_group", -1); - if ($filter_group != -1) + $filter_group = get_parameter("filter_group", 1); + if ($filter_group != 1) $filter_cond = " AND id_grupo = $filter_group "; else $filter_cond = ""; - $sql = sprintf ("SELECT tagente.id_agente, tagente.nombre FROM tagente WHERE tagente.id_agente NOT IN (SELECT tagente.id_agente FROM tagente, tplanned_downtime_agents WHERE tplanned_downtime_agents.id_agent = tagente.id_agente AND tplanned_downtime_agents.id_downtime = %d) AND disabled = 0 $filter_cond ORDER by tagente.nombre", $id_downtime); - + $sql = sprintf ("SELECT tagente.id_agente, tagente.nombre, tagente.id_grupo FROM tagente WHERE tagente.id_agente NOT IN (SELECT tagente.id_agente FROM tagente, tplanned_downtime_agents WHERE tplanned_downtime_agents.id_agent = tagente.id_agente AND tplanned_downtime_agents.id_downtime = %d) AND disabled = 0 $filter_cond ORDER by tagente.nombre", $id_downtime); $downtimes = get_db_all_rows_sql ($sql); $data = array (); if ($downtimes) foreach ($downtimes as $downtime) { - $data[$downtime['id_agente']] = $downtime['nombre']; + if (give_acl ($config["id_user"], $downtime['id_grupo'], "AR")) { + $data[$downtime['id_agente']] = $downtime['nombre']; + } } echo ""; - - print_select_from_sql ("SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1", "filter_group", $filter_group, '', __("Any"), -1, false, false); + + print_select ($groups, 'filter_group', $filter_group); echo "

"; print_submit_button (__('Filter by group'), '', false, 'class="sub next"',false); echo "
"; @@ -261,13 +266,14 @@ echo __('Planned Downtime').''; $table->head = array (); $table->head[0] = __('Name #Ag.'); $table->head[1] = __('Description'); - $table->head[2] = __('From'); - $table->head[3] = __('To'); - $table->head[4] = __('Delete'); - $table->head[5] = __('Update'); - $table->head[6] = __('Running'); + $table->head[2] = __('Group'); + $table->head[3] = __('From'); + $table->head[4] = __('To'); + $table->head[5] = __('Delete'); + $table->head[6] = __('Update'); + $table->head[7] = __('Running'); - $sql = "SELECT * FROM tplanned_downtime"; + $sql = "SELECT * FROM tplanned_downtime WHERE id_group IN (" . implode (",", array_keys ($groups)) . ")"; $downtimes = get_db_all_rows_sql ($sql); if (!$downtimes) { echo '
'.__('No planned downtime').'
'; @@ -279,19 +285,20 @@ echo __('Planned Downtime').''; $data[0] = $downtime['name']. " ($total)"; $data[1] = $downtime['description']; - $data[2] = date ("Y-m-d H:i", $downtime['date_from']); - $data[3] = date ("Y-m-d H:i", $downtime['date_to']); + $data[2] = print_group_icon ($downtime['id_group'], true); + $data[3] = date ("Y-m-d H:i", $downtime['date_from']); + $data[4] = date ("Y-m-d H:i", $downtime['date_to']); if ($downtime["executed"] == 0){ - $data[4] = ' '.__('Delete').''; - $data[5] = ' + $data[6] = ' '.__('Update').''; } if ($downtime["executed"] == 0) - $data[6] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Executed'))); + $data[7] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Executed'))); else - $data[6] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Not executed'))); + $data[7] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Not executed'))); array_push ($table->data, $data); } diff --git a/pandora_console/godmode/alerts/alert_templates.php b/pandora_console/godmode/alerts/alert_templates.php index 397dd9b11e..c55b702ba1 100644 --- a/pandora_console/godmode/alerts/alert_templates.php +++ b/pandora_console/godmode/alerts/alert_templates.php @@ -19,14 +19,6 @@ require_once ('include/functions_alerts.php'); check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { - audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", - "Trying to access Alert Management"); - require ("general/noaccess.php"); - exit; -} - - if (is_ajax ()) { $get_template_tooltip = (bool) get_parameter ('get_template_tooltip'); @@ -103,6 +95,13 @@ if (is_ajax ()) { return; } +if (! give_acl ($config['id_user'], 0, "LM")) { + audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", + "Trying to access Alert Management"); + require ("general/noaccess.php"); + exit; +} + echo "

".__('Alerts')." » "; echo __('Alert templates')."

"; $update_template = (bool) get_parameter ('update_template'); diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php index 8e73ccd3a7..a18b0e7f5b 100644 --- a/pandora_console/godmode/menu.php +++ b/pandora_console/godmode/menu.php @@ -17,15 +17,6 @@ require_once ('include/config.php'); check_login (); -if ((! give_acl ($config['id_user'], 0, "LM")) -&& (! give_acl ($config['id_user'], 0, "AW")) -&& (! give_acl ($config['id_user'], 0, "LW")) -&& (! give_acl ($config['id_user'], 0, "PM")) -&& (! give_acl ($config['id_user'], 0, "DM")) -&& (! give_acl ($config['id_user'], 0, "UM"))) { - return; -} - enterprise_include ('godmode/menu.php'); require_once ('include/functions_menu.php'); @@ -86,7 +77,9 @@ if (give_acl ($config['id_user'], 0, "LM")) { $menu["galertas"]["sub"] = $sub; } -enterprise_hook ('policies_menu'); +if (give_acl ($config['id_user'], 0, "AW")) { + enterprise_hook ('policies_menu'); +} if (give_acl ($config['id_user'], 0, "UM")) { $menu["gusuarios"]["text"] = __('Manage users'); @@ -109,7 +102,7 @@ if (give_acl($config['id_user'], 0, "LW")) { } // Reporting -if (give_acl ($config['id_user'], 0, "AW")) { +if (give_acl ($config['id_user'], 0, "IW")) { $menu["greporting"]["text"] = __('Manage reports'); $menu["greporting"]["sec2"] = "godmode/reporting/reporting_builder"; $menu["greporting"]["id"] = "god-reporting"; diff --git a/pandora_console/godmode/reporting/graph_builder.php b/pandora_console/godmode/reporting/graph_builder.php index 836643e0f2..ba3301b7fd 100644 --- a/pandora_console/godmode/reporting/graph_builder.php +++ b/pandora_console/godmode/reporting/graph_builder.php @@ -50,7 +50,7 @@ if ($config['flash_charts']) { check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! give_acl ($config['id_user'], 0, "IW")) { audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/graphs.php b/pandora_console/godmode/reporting/graphs.php index 00bc627bb7..e277ba422b 100644 --- a/pandora_console/godmode/reporting/graphs.php +++ b/pandora_console/godmode/reporting/graphs.php @@ -20,7 +20,7 @@ require_once ('include/functions_custom_graphs.php'); // Check user credentials check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! give_acl ($config['id_user'], 0, "IW")) { audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access Inventory Module Management"); require ("general/noaccess.php"); @@ -111,4 +111,4 @@ echo '
'; print_submit_button (__('Create graph'), 'create', false, 'class="sub next"'); echo "
"; echo ""; -?> \ No newline at end of file +?> diff --git a/pandora_console/godmode/reporting/map_builder.php b/pandora_console/godmode/reporting/map_builder.php index 5e761cf6ed..b8c76ed00d 100644 --- a/pandora_console/godmode/reporting/map_builder.php +++ b/pandora_console/godmode/reporting/map_builder.php @@ -42,7 +42,7 @@ require_once ("include/config.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! give_acl ($config['id_user'], 0, "IW")) { audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access map builder"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index c24a1c8b4e..e1bd0e9186 100644 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -19,7 +19,7 @@ require_once ("include/config.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! give_acl ($config['id_user'], 0, "IW")) { audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/operation/incidents/incident.php b/pandora_console/operation/incidents/incident.php index 1f2a3d29c6..1757031079 100644 --- a/pandora_console/operation/incidents/incident.php +++ b/pandora_console/operation/incidents/incident.php @@ -313,12 +313,15 @@ if ($count < 1) { echo '
'; print_table ($table); - if (give_acl ($config["id_user"], 0, "IM")) { - echo '
'; + echo '
'; + if (give_acl ($config["id_user"], 0, "IW")) { print_submit_button (__('Delete incidents'), 'delete_btn', false, 'class="sub delete"'); - print_submit_button (__('Become owner'), 'own_btn', false, 'class="sub upd"'); - echo '
'; } + + if (give_acl ($config["id_user"], 0, "IM")) { + print_submit_button (__('Become owner'), 'own_btn', false, 'class="sub upd"'); + } + echo '
'; echo '
'; unset ($table); } diff --git a/pandora_console/operation/menu.php b/pandora_console/operation/menu.php index cb2d698693..17b58ef86b 100644 --- a/pandora_console/operation/menu.php +++ b/pandora_console/operation/menu.php @@ -196,28 +196,28 @@ if (give_acl ($config['id_user'], 0, "AR")) { } $menu["extensions"]["sub"] = $sub; - } -} -/** - * Add the extensions - */ - foreach($config['extensions'] as $extension) { - $operationModeMenu = $extension['operation_menu']; - if ($operationModeMenu == null) - continue; - - if (array_key_exists('fatherId',$operationModeMenu)) { - if (strlen($operationModeMenu['fatherId']) > 0) { - $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["text"] = __($operationModeMenu['name']); - $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["refr"] = 60; - $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["icon"] = $operationModeMenu['icon']; - $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["sec"] = 'extensions'; - $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["extension"] = true; - $menu[$operationModeMenu['fatherId']]['hasExtensions'] = true; + /** + * Add the extensions + */ + foreach($config['extensions'] as $extension) { + $operationModeMenu = $extension['operation_menu']; + if ($operationModeMenu == null) + continue; + + if (array_key_exists('fatherId',$operationModeMenu)) { + if (strlen($operationModeMenu['fatherId']) > 0) { + $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["text"] = __($operationModeMenu['name']); + $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["refr"] = 60; + $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["icon"] = $operationModeMenu['icon']; + $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["sec"] = 'extensions'; + $menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["extension"] = true; + $menu[$operationModeMenu['fatherId']]['hasExtensions'] = true; + } + } } } - } +} print_menu ($menu);