diff --git a/pandora_agents/unix/DEBIAN/control b/pandora_agents/unix/DEBIAN/control index 79dd7ebbd2..092348f5cb 100644 --- a/pandora_agents/unix/DEBIAN/control +++ b/pandora_agents/unix/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-agent-unix -Version: 7.0NG.753-210414 +Version: 7.0NG.753-210415 Architecture: all Priority: optional Section: admin diff --git a/pandora_agents/unix/DEBIAN/make_deb_package.sh b/pandora_agents/unix/DEBIAN/make_deb_package.sh index 4bad64cd46..f85da39764 100644 --- a/pandora_agents/unix/DEBIAN/make_deb_package.sh +++ b/pandora_agents/unix/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.753-210414" +pandora_version="7.0NG.753-210415" echo "Test if you has the tools for to make the packages." whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null diff --git a/pandora_agents/unix/pandora_agent b/pandora_agents/unix/pandora_agent index f07627ae02..8ba4c19f8a 100755 --- a/pandora_agents/unix/pandora_agent +++ b/pandora_agents/unix/pandora_agent @@ -1015,7 +1015,7 @@ my $Sem = undef; my $ThreadSem = undef; use constant AGENT_VERSION => '7.0NG.753'; -use constant AGENT_BUILD => '210414'; +use constant AGENT_BUILD => '210415'; # Agent log default file size maximum and instances use constant DEFAULT_MAX_LOG_SIZE => 600000; diff --git a/pandora_agents/unix/pandora_agent.redhat.spec b/pandora_agents/unix/pandora_agent.redhat.spec index 138c0dc01b..5bb5168e74 100644 --- a/pandora_agents/unix/pandora_agent.redhat.spec +++ b/pandora_agents/unix/pandora_agent.redhat.spec @@ -3,7 +3,7 @@ # %define name pandorafms_agent_unix %define version 7.0NG.753 -%define release 210414 +%define release 210415 Summary: Pandora FMS Linux agent, PERL version Name: %{name} diff --git a/pandora_agents/unix/pandora_agent.spec b/pandora_agents/unix/pandora_agent.spec index a6016c7fa0..1bc2e0a0a1 100644 --- a/pandora_agents/unix/pandora_agent.spec +++ b/pandora_agents/unix/pandora_agent.spec @@ -3,7 +3,7 @@ # %define name pandorafms_agent_unix %define version 7.0NG.753 -%define release 210414 +%define release 210415 Summary: Pandora FMS Linux agent, PERL version Name: %{name} diff --git a/pandora_agents/unix/pandora_agent_installer b/pandora_agents/unix/pandora_agent_installer index b16bc68c8e..240a646ac6 100755 --- a/pandora_agents/unix/pandora_agent_installer +++ b/pandora_agents/unix/pandora_agent_installer @@ -10,7 +10,7 @@ # ********************************************************************** PI_VERSION="7.0NG.753" -PI_BUILD="210414" +PI_BUILD="210415" OS_NAME=`uname -s` FORCE=0 diff --git a/pandora_agents/win32/installer/pandora.mpi b/pandora_agents/win32/installer/pandora.mpi index c73ac3f92e..43b3793fb3 100644 --- a/pandora_agents/win32/installer/pandora.mpi +++ b/pandora_agents/win32/installer/pandora.mpi @@ -186,7 +186,7 @@ UpgradeApplicationID {} Version -{210414} +{210415} ViewReadme {Yes} diff --git a/pandora_agents/win32/pandora.cc b/pandora_agents/win32/pandora.cc index 1037a8feac..ef49d178ca 100644 --- a/pandora_agents/win32/pandora.cc +++ b/pandora_agents/win32/pandora.cc @@ -30,7 +30,7 @@ using namespace Pandora; using namespace Pandora_Strutils; #define PATH_SIZE _MAX_PATH+1 -#define PANDORA_VERSION ("7.0NG.753(Build 210414)") +#define PANDORA_VERSION ("7.0NG.753(Build 210415)") string pandora_path; string pandora_dir; diff --git a/pandora_agents/win32/versioninfo.rc b/pandora_agents/win32/versioninfo.rc index 2624d730d0..7cac310f11 100644 --- a/pandora_agents/win32/versioninfo.rc +++ b/pandora_agents/win32/versioninfo.rc @@ -11,7 +11,7 @@ BEGIN VALUE "LegalCopyright", "Artica ST" VALUE "OriginalFilename", "PandoraAgent.exe" VALUE "ProductName", "Pandora FMS Windows Agent" - VALUE "ProductVersion", "(7.0NG.753(Build 210414))" + VALUE "ProductVersion", "(7.0NG.753(Build 210415))" VALUE "FileVersion", "1.0.0.0" END END diff --git a/pandora_console/DEBIAN/control b/pandora_console/DEBIAN/control index 74c3407a7c..533ccc5147 100644 --- a/pandora_console/DEBIAN/control +++ b/pandora_console/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-console -Version: 7.0NG.753-210414 +Version: 7.0NG.753-210415 Architecture: all Priority: optional Section: admin diff --git a/pandora_console/DEBIAN/make_deb_package.sh b/pandora_console/DEBIAN/make_deb_package.sh index 00649207db..4d11da420a 100644 --- a/pandora_console/DEBIAN/make_deb_package.sh +++ b/pandora_console/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.753-210414" +pandora_version="7.0NG.753-210415" package_pear=0 package_pandora=1 diff --git a/pandora_console/godmode/alerts/alert_actions.php b/pandora_console/godmode/alerts/alert_actions.php index cdff3dbe2b..9fa04651dc 100644 --- a/pandora_console/godmode/alerts/alert_actions.php +++ b/pandora_console/godmode/alerts/alert_actions.php @@ -61,6 +61,11 @@ if (defined('METACONSOLE')) { $sec = 'galertas'; } +$can_edit_all = false; +if (check_acl_restricted_all($config['id_user'], 0, 'LM')) { + $can_edit_all = true; +} + // Header. if (defined('METACONSOLE')) { alerts_meta_print_header(); @@ -79,30 +84,13 @@ if ($copy_action) { $al_action = alerts_get_alert_action($id); - if (!check_acl_restricted_all($config['id_user'], $al_action['id_group'], 'LM')) { - db_pandora_audit( - 'ACL Violation', - 'Trying to access Alert Management' - ); - include 'general/noaccess.php'; - exit; - } - if ($al_action !== false) { - // If user tries to copy an action with group=ALL. - if ($al_action['id_group'] == 0) { - // Then must have "PM" access privileges. - if (! check_acl($config['id_user'], 0, 'PM')) { - db_pandora_audit( - 'ACL Violation', - 'Trying to access Alert Management' - ); - include 'general/noaccess.php'; - exit; - } + // If user who doesn't have permission to modify group all tries to copy an action with group=ALL. + if ($can_edit_all == false && $al_action['id_group'] == 0) { + $al_action['id_group'] = users_get_first_group(false, 'LM', false); } else { $own_info = get_user_info($config['id_user']); - if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) { + if ($can_edit_all == true || check_acl($config['id_user'], 0, 'PM')) { $own_groups = array_keys( users_get_groups($config['id_user'], 'LM') ); @@ -125,7 +113,7 @@ if ($copy_action) { } } - $result = alerts_clone_alert_action($id); + $result = alerts_clone_alert_action($id, $al_action['id_group']); if ($result) { db_pandora_audit( @@ -397,10 +385,9 @@ foreach ($actions as $action) { $data = []; - if (check_acl_restricted_all($config['id_user'], $action['id_group'], 'LM')) { - $data[0] = ''.$action['name'].''; - } else { - $data[0] = $action['name']; + $data[0] = ''.$action['name'].''; + if ($action['id_group'] == 0 && $can_edit_all == false) { + $data[0] .= ui_print_help_tip(__('You cannot edit this action, You don\'t have the permission to edit All group.'), true); } $data[1] = $action['command_name']; @@ -420,7 +407,7 @@ foreach ($actions as $action) { $data[4] = ''; if (is_central_policies_on_node() === false - && check_acl_restricted_all($config['id_user'], $action['id_group'], 'LM') + && check_acl($config['id_user'], $action['id_group'], 'LM') ) { $table->cellclass[] = [ 3 => 'action_buttons', @@ -430,10 +417,35 @@ foreach ($actions as $action) { $id_action = $action['id']; $text_confirm = __('Are you sure?'); - $data[3] = ''.html_print_image('images/copy.png', true, ['class' => 'invert_filter']).''; - $data[4] = ''.html_print_image('images/cross.png', true, ['class' => 'invert_filter']).''; + $data[3] = '
'; + $data[3] .= html_print_input_hidden('copy_action', 1, true); + $data[3] .= html_print_input_hidden('id', $id_action, true); + $data[3] .= html_print_input_image( + 'dup', + 'images/copy.png', + 1, + '', + true, + ['title' => __('Duplicate')] + ); + $data[3] .= '
'; + + if ($action['id_group'] != 0 || $can_edit_all == true) { + $data[4] = '
'; + $data[4] .= html_print_input_hidden('delete_action', 1, true); + $data[4] .= html_print_input_hidden('id', $id_action, true); + $data[4] .= html_print_input_image( + 'del', + 'images/cross.png', + 1, + '', + true, + ['title' => __('Delete')] + ); + $data[4] .= '
'; + } else { + $data[4] = ''; + } } array_push($table->data, $data); @@ -458,44 +470,3 @@ if (is_central_policies_on_node() === false) { enterprise_hook('close_meta_frame'); ?> - - - diff --git a/pandora_console/godmode/alerts/alert_commands.php b/pandora_console/godmode/alerts/alert_commands.php index 517af45387..da7bfee2e2 100644 --- a/pandora_console/godmode/alerts/alert_commands.php +++ b/pandora_console/godmode/alerts/alert_commands.php @@ -28,12 +28,6 @@ if (! check_acl($config['id_user'], 0, 'LM')) { exit; } -if (!check_acl($config['id_user'], 0, 'PM') && !is_user_admin($config['id_user'])) { - echo "'; -} - if (is_metaconsole()) { $sec = 'advanced'; } else { @@ -467,6 +461,17 @@ if (is_ajax()) { return; } +// This check should be after ajax. Because, ajax will be called from configure_alert_action. +if (!check_acl($config['id_user'], 0, 'PM') && !is_user_admin($config['id_user +'])) { + echo "
"; + echo "

".__('Command managem +ent is limited to administrator users or user profiles with permissions over Pan +dora FMS management').'

'; + echo '
'; +} + enterprise_hook('open_meta_frame'); if ($update_command) { diff --git a/pandora_console/godmode/alerts/alert_templates.php b/pandora_console/godmode/alerts/alert_templates.php index 6763e7f6e5..91a23ce366 100644 --- a/pandora_console/godmode/alerts/alert_templates.php +++ b/pandora_console/godmode/alerts/alert_templates.php @@ -401,17 +401,16 @@ foreach ($templates as $template) { $data = []; - if (check_acl_restricted_all($config['id_user'], $template['id_group'], 'LM')) { - $data[0] = ''.$template['name'].''; - } else { - $data[0] = $template['name']; + $data[0] = ''.$template['name'].''; + if (!check_acl_restricted_all($config['id_user'], $template['id_group'], 'LM')) { + $data[0] .= ui_print_help_tip(__('You cannot edit this alert template, You don\'t have the permission to edit All group.'), true); } $data[1] = ui_print_group_icon($template['id_group'], true); $data[3] = alerts_get_alert_templates_type_name($template['type']); if (is_central_policies_on_node() === false - && check_acl_restricted_all($config['id_user'], $template['id_group'], 'LM') + && check_acl($config['id_user'], $template['id_group'], 'LM') ) { $table->cellclass[][4] = 'action_buttons'; $data[4] = '
'; @@ -427,18 +426,20 @@ foreach ($templates as $template) { ); $data[4] .= '
'; - $data[4] .= '
'; - $data[4] .= html_print_input_hidden('delete_template', 1, true); - $data[4] .= html_print_input_hidden('id', $template['id'], true); - $data[4] .= html_print_input_image( - 'del', - 'images/cross.png', - 1, - '', - true, - ['title' => __('Delete')] - ); - $data[4] .= '
'; + if (check_acl_restricted_all($config['id_user'], $template['id_group'], 'LM')) { + $data[4] .= '
'; + $data[4] .= html_print_input_hidden('delete_template', 1, true); + $data[4] .= html_print_input_hidden('id', $template['id'], true); + $data[4] .= html_print_input_image( + 'del', + 'images/cross.png', + 1, + '', + true, + ['title' => __('Delete')] + ); + $data[4] .= '
'; + } } else { $data[4] = ''; } diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php index 7d44ffd25b..bf0dbff521 100644 --- a/pandora_console/godmode/alerts/configure_alert_action.php +++ b/pandora_console/godmode/alerts/configure_alert_action.php @@ -58,7 +58,7 @@ if (defined('METACONSOLE')) { if ($al_action !== false) { $own_info = get_user_info($config['id_user']); - if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) { + if ($own_info['is_admin'] || check_acl_restricted_all($config['id_user'], 0, 'LM')) { $own_groups = array_keys(users_get_groups($config['id_user'], 'LM')); } else { $own_groups = array_keys(users_get_groups($config['id_user'], 'LM', false)); @@ -91,8 +91,14 @@ if ($al_action !== false) { true ); } + $is_in_group = true; } +if (!$is_in_group && $al_action['id_group'] != 0) { + db_pandora_audit('ACL Violation', 'Trying to access unauthorized alert action configuration'); + include 'general/noaccess.php'; + exit; +} $is_central_policies_on_node = is_central_policies_on_node(); @@ -102,6 +108,11 @@ if ($is_central_policies_on_node === true) { ); } +$disabled = !$is_in_group; +$disabled_attr = ''; +if ($disabled) { + $disabled_attr = 'disabled="disabled"'; +} $name = ''; $id_command = ''; @@ -116,15 +127,6 @@ if ($id) { $group = $action['id_group']; $action_threshold = $action['action_threshold']; $create_wu_integria = $action['create_wu_integria']; - - if (!check_acl_restricted_all($config['id_user'], $action['id_group'], 'LM')) { - db_pandora_audit( - 'ACL Violation', - 'Trying to access Alert Management' - ); - include 'general/noaccess.php'; - exit; - } } // Hidden div with help hint to fill with javascript. @@ -175,7 +177,7 @@ $table->data[0][1] = html_print_input_text( '', '', '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); if (io_safe_output($name) == 'Monitoring Event') { @@ -194,7 +196,7 @@ $own_info = get_user_info($config['id_user']); $return_all_group = false; -if (users_can_manage_group_all('LW') === true) { +if (users_can_manage_group_all('LW') === true || $disabled) { $return_all_group = true; } @@ -211,7 +213,7 @@ $table->data[1][1] = '
'.html_print_select_groups( false, true, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ).'
'; $table->colspan[1][1] = 2; @@ -245,11 +247,11 @@ $table->data[2][1] = html_print_select_from_sql( true, false, false, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[2][1] .= ' '; if ($is_central_policies_on_node === false - && check_acl($config['id_user'], 0, 'PM') + && check_acl($config['id_user'], 0, 'PM') && !$disabled ) { $table->data[2][1] .= __('Create Command'); $table->data[2][1] .= ''; @@ -272,7 +274,7 @@ $table->data[3][1] = html_print_extended_select_for_time( false, true, '', - $is_central_policies_on_node, + $is_central_policies_on_node | $disabled, false, '', false, @@ -308,7 +310,7 @@ $table->data[6][0] = __('Create workunit on recovery').ui_print_help_tip( __('If closed status is set on recovery, a workunit will be added to the ticket in Integria IMS rather that closing the ticket.'), true ); -$table->data[6][1] = html_print_checkbox_switch_extended('create_wu_integria', 1, $create_wu_integria, false, '', '', true); +$table->data[6][1] = html_print_checkbox_switch_extended('create_wu_integria', 1, $create_wu_integria, false, '', $disabled_attr, true); for ($i = 1; $i <= $config['max_macro_fields']; $i++) { $table->data['field'.$i][0] = html_print_image( @@ -328,12 +330,16 @@ for ($i = 1; $i <= $config['max_macro_fields']; $i++) { $table->data['field'.$i][1] .= html_print_input_hidden( 'field'.$i.'_value', (!empty($action['field'.$i]) || $action['field'.$i] == 0) ? $action['field'.$i] : '', - true + true, + '', + $disabled_attr ); $table->data['field'.$i][2] .= html_print_input_hidden( 'field'.$i.'_recovery_value', (!empty($action['field'.$i.'_recovery']) || $action['field'.$i] == 0) ? $action['field'.$i.'_recovery'] : '', - true + true, + '', + $disabled_attr ); } @@ -346,18 +352,7 @@ if ($is_central_policies_on_node === false) { echo '
'; if ($id) { html_print_input_hidden('id', $id); - if ($al_action['id_group'] == 0) { - // Then must have "PM" access privileges. - if (check_acl($config['id_user'], 0, 'PM')) { - html_print_input_hidden('update_action', 1); - html_print_submit_button( - __('Update'), - 'create', - false, - 'class="sub upd"' - ); - } - } else { + if (!$disabled) { html_print_input_hidden('update_action', 1); html_print_submit_button( __('Update'), @@ -365,6 +360,12 @@ if ($is_central_policies_on_node === false) { false, 'class="sub upd"' ); + } else { + echo '
'; + echo '
'; + html_print_submit_button(__('Back'), 'back', false, 'class="sub upd"'); + echo '
'; + echo '
'; } } else { html_print_input_hidden('create_action', 1); @@ -608,6 +609,7 @@ $(document).ready (function () { for (i = 1; i <= max_fields; i++) { var old_value = ''; var old_recovery_value = ''; + var disabled = ''; var field_row = data["fields_rows"][i]; var $table_macros_field = $('#table_macros-field' + i); @@ -623,6 +625,7 @@ $(document).ready (function () { == ("hidden-field" + i + "_value")) { old_value = $("[name=field" + i + "_value]").val(); + disabled = $("[name=field" + i + "_value]").attr('disabled'); } if (($("[name=field" + i + "_recovery_value]").attr('id')) @@ -689,6 +692,10 @@ $(document).ready (function () { $('#help_alert_macros_hint').html()); } + if (disabled) { + $("[name=field" + i + "_value]").attr('disabled','disabled'); + $("[name=field" + i + "_recovery_value]").attr('disabled','disabled'); + } $table_macros_field.show(); } diff --git a/pandora_console/godmode/alerts/configure_alert_template.php b/pandora_console/godmode/alerts/configure_alert_template.php index cbfa4f0d8d..7486c97a94 100644 --- a/pandora_console/godmode/alerts/configure_alert_template.php +++ b/pandora_console/godmode/alerts/configure_alert_template.php @@ -38,7 +38,6 @@ $step = (int) get_parameter('step', 1); // We set here the number of steps. define('LAST_STEP', 3); -// If user tries to duplicate/edit a template with group=ALL then must have "PM" access privileges if ($duplicate_template) { $source_id = (int) get_parameter('source_id'); $a_template = alerts_get_alert_template($source_id); @@ -52,19 +51,14 @@ if (defined('METACONSOLE')) { $sec = 'galertas'; } +$can_edit_all = false; +if (check_acl_restricted_all($config['id_user'], 0, 'LM')) { + $can_edit_all = true; +} + if ($a_template !== false) { // If user tries to duplicate/edit a template with group=ALL if ($a_template['id_group'] == 0) { - if (users_can_manage_group_all('LM') === false) { - db_pandora_audit( - 'ACL Violation', - 'Trying to access Alert Management' - ); - include 'general/noaccess.php'; - exit; - } - - // Header if (defined('METACONSOLE')) { alerts_meta_print_header(); } else { @@ -146,7 +140,12 @@ if ($a_template !== false) { if ($duplicate_template) { $source_id = (int) get_parameter('source_id'); - $id = alerts_duplicate_alert_template($source_id); + // If user doesn't have the permission to access All group and source template is All group, then group is changed to the first group of user. + if ($can_edit_all == false && a_template['id_group'] == 0) { + $a_template['id_group'] = users_get_first_group(false, 'LM', false); + } + + $id = alerts_duplicate_alert_template($source_id, $a_template['id_group']); if ($id) { db_pandora_audit('Template alert management', 'Duplicate alert template '.$source_id.' clone to '.$id); @@ -386,6 +385,14 @@ $create_alert = (bool) get_parameter('create_alert'); $create_template = (bool) get_parameter('create_template'); $update_template = (bool) get_parameter('update_template'); +$disabled = false; +if (!$create_alert && !$create_template) { + // When user edits a template with All group, user must have "LM" access privileges againt All group. + if ($a_template['id_group'] == 0 && !$can_edit_all) { + $disabled = true; + } +} + $name = ''; $description = ''; $type = ''; @@ -602,7 +609,7 @@ if ($step == 2) { 1, $monday, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[0][1] .= __('Tue'); $table->data[0][1] .= html_print_checkbox( @@ -610,7 +617,7 @@ if ($step == 2) { 1, $tuesday, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[0][1] .= __('Wed'); $table->data[0][1] .= html_print_checkbox( @@ -618,7 +625,7 @@ if ($step == 2) { 1, $wednesday, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[0][1] .= __('Thu'); $table->data[0][1] .= html_print_checkbox( @@ -626,7 +633,7 @@ if ($step == 2) { 1, $thursday, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[0][1] .= __('Fri'); $table->data[0][1] .= html_print_checkbox( @@ -634,7 +641,7 @@ if ($step == 2) { 1, $friday, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[0][1] .= __('Sat'); $table->data[0][1] .= html_print_checkbox( @@ -642,7 +649,7 @@ if ($step == 2) { 1, $saturday, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[0][1] .= __('Sun'); $table->data[0][1] .= html_print_checkbox( @@ -650,7 +657,7 @@ if ($step == 2) { 1, $sunday, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[0][2] = __('Use special days list'); @@ -659,7 +666,7 @@ if ($step == 2) { 1, $special_day, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[1][0] = __('Time from'); @@ -680,7 +687,7 @@ if ($step == 2) { '', '', '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[1][2] = __('Time to'); $table->data[1][3] = html_print_input_text( @@ -700,7 +707,7 @@ if ($step == 2) { '', '', '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->colspan['threshold'][1] = 3; @@ -716,7 +723,7 @@ if ($step == 2) { false, true, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[3][0] = __('Min. number of alerts'); @@ -737,7 +744,7 @@ if ($step == 2) { '', '', '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[3][2] = __('Reset counter for non-sustained alerts'); @@ -750,7 +757,7 @@ if ($step == 2) { 1, $min_alerts_reset_counter, true, - $is_central_policies_on_node, + $is_central_policies_on_node | $disabled, '', false, $create_template == 1 ? 'checked=checked' : '' @@ -774,7 +781,7 @@ if ($step == 2) { '', '', '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[4][2] = __('Disable event'); @@ -783,7 +790,7 @@ if ($step == 2) { 1, $disable_event, true, - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[5][0] = __('Default action'); @@ -811,7 +818,7 @@ if ($step == 2) { true, false, false, - $is_central_policies_on_node, + $is_central_policies_on_node | $disabled, false, false, 0 @@ -833,7 +840,7 @@ if ($step == 2) { false, false, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[6][1] .= ''; $table->data[6][1] .= ' '.html_print_checkbox('matches_value', 1, $matches, true); @@ -886,7 +893,8 @@ if ($step == 2) { '', 5, 255, - true + true, + $disabled ); $table->colspan['min'][1] = 3; @@ -897,7 +905,8 @@ if ($step == 2) { '', 5, 255, - true + true, + $disabled ); $table->colspan['max'][1] = 3; @@ -940,7 +949,7 @@ if ($step == 2) { false, false, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->colspan[0][1] = 2; @@ -966,7 +975,7 @@ if ($step == 2) { 0, '', false, - $is_central_policies_on_node, + $is_central_policies_on_node | $disabled, "removeTinyMCE('textarea_field".$i."')", '', true @@ -979,7 +988,7 @@ if ($step == 2) { 0, '', true, - $is_central_policies_on_node, + $is_central_policies_on_node | $disabled, "addTinyMCE('textarea_field".$i."')", '', true @@ -995,7 +1004,7 @@ if ($step == 2) { 'class="fields" min-height-40px', true, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); // Recovery. @@ -1007,7 +1016,7 @@ if ($step == 2) { 0, '', false, - $is_central_policies_on_node, + $is_central_policies_on_node | $disabled, "removeTinyMCE('textarea_field".$i."_recovery')", '', true @@ -1020,7 +1029,7 @@ if ($step == 2) { 0, '', true, - $is_central_policies_on_node, + $is_central_policies_on_node | $disabled, "addTinyMCE('textarea_field".$i."_recovery')", '', true @@ -1036,7 +1045,7 @@ if ($step == 2) { 'class="fields min-height-40px"', true, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); } } else { @@ -1093,7 +1102,7 @@ if ($step == 2) { '', '', '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); @@ -1103,8 +1112,12 @@ if ($step == 2) { $return_all_group = false; - if (users_can_manage_group_all('LM') === true) { + if (users_can_manage_group_all('LM') === true || $disabled) { $return_all_group = true; + } else { + if ($id_group == 0) { + $id_group = users_get_first_group(false, 'LM', false); + } } $table->data[0][1] .= ' '; @@ -1121,7 +1134,7 @@ if ($step == 2) { false, true, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ).'
'; @@ -1134,7 +1147,7 @@ if ($step == 2) { '', true, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); $table->data[2][0] = __('Priority'); @@ -1149,7 +1162,7 @@ if ($step == 2) { false, false, '', - $is_central_policies_on_node + $is_central_policies_on_node | $disabled ); if (defined('METACONSOLE')) { @@ -1186,16 +1199,6 @@ if ($id) { html_print_input_hidden('create_template', 1); } -$disabled = false; -if (!$create_alert && !$create_template) { - if ($a_template['id_group'] == 0) { - // then must have "PM" access privileges - if (! check_acl($config['id_user'], 0, 'PM')) { - $disabled = true; - } - } -} - if (!$disabled) { if ($is_central_policies_on_node === false) { if ($step >= LAST_STEP) { diff --git a/pandora_console/images/visual_console.menu.png b/pandora_console/images/visual_console.menu.png new file mode 100644 index 0000000000..818beae6f2 Binary files /dev/null and b/pandora_console/images/visual_console.menu.png differ diff --git a/pandora_console/include/config_process.php b/pandora_console/include/config_process.php index 92d360fa6f..f3ac229799 100644 --- a/pandora_console/include/config_process.php +++ b/pandora_console/include/config_process.php @@ -20,7 +20,7 @@ /** * Pandora build version and version */ -$build_version = 'PC210414'; +$build_version = 'PC210415'; $pandora_version = 'v7.0NG.753'; // Do not overwrite default timezone set if defined. diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 6adf3a8db9..9a20858920 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -2255,12 +2255,16 @@ function check_login($output=true) return true; } } else { + include_once $config['homedir'].'/mobile/include/db.class.php'; + include_once $config['homedir'].'/mobile/include/system.class.php'; include_once $config['homedir'].'/mobile/include/user.class.php'; if (isset($_SESSION['user'])) { - $user = $_SESSION['user']; + $user = User::getInstance(); $id_user = $user->getIdUser(); if (is_user($id_user)) { + $_SESSION['id_usuario'] = $id_user; + $config['id_user'] = $id_user; return true; } } diff --git a/pandora_console/include/functions_alerts.php b/pandora_console/include/functions_alerts.php index 10ea71024f..d6cd569c91 100644 --- a/pandora_console/include/functions_alerts.php +++ b/pandora_console/include/functions_alerts.php @@ -448,10 +448,11 @@ function alerts_delete_alert_action($id_alert_action) * Clone an alert action. * * @param int Id of the original alert action + * @param int Agent group id if it wants to be changed when clone. * * @return mixed Id of the cloned action or false in case of fail. */ -function alerts_clone_alert_action($id_alert_action) +function alerts_clone_alert_action($id_alert_action, $id_group) { $id_alert_action = safe_int($id_alert_action, 1); if (empty($id_alert_action)) { @@ -464,6 +465,10 @@ function alerts_clone_alert_action($id_alert_action) return false; } + if ($id_group != '') { + $action['id_group'] = $id_group; + } + unset($action['id']); return alerts_create_alert_action($action['name'].' '.__('copy'), $action['id_alert_command'], $action); @@ -1130,10 +1135,11 @@ function alerts_get_alert_template_field3_recovery($id_alert_template) * Duplicates an alert template. * * @param int Id of an alert template. + * @param int Agent group id if it wants to be changed when duplicate. * * @return mixed Duplicates an alert template or false if something goes wrong. */ -function alerts_duplicate_alert_template($id_alert_template) +function alerts_duplicate_alert_template($id_alert_template, $id_group) { $template = alerts_get_alert_template($id_alert_template); @@ -1141,6 +1147,10 @@ function alerts_duplicate_alert_template($id_alert_template) return false; } + if ($id_group != '') { + $template['id_group'] = $id_group; + } + $name = io_safe_input(__('Copy of').' ').$template['name']; $type = $template['type']; diff --git a/pandora_console/include/rest-api/models/VisualConsole/Item.php b/pandora_console/include/rest-api/models/VisualConsole/Item.php index 350cda3491..dee99ebc73 100644 --- a/pandora_console/include/rest-api/models/VisualConsole/Item.php +++ b/pandora_console/include/rest-api/models/VisualConsole/Item.php @@ -1069,6 +1069,16 @@ class Item extends CachedModel { global $config; + $mobile_navigation = false; + + if (isset($_SERVER['PHP_SELF']) === true + && (strstr($_SERVER['PHP_SELF'], 'mobile/') !== false + || strstr($_SERVER['HTTP_REFERER'], 'mobile/') !== false) + ) { + $mobile_navigation = true; + } + + error_log(obhd($_SERVER['PHP_SELF'])); // Load side libraries. include_once $config['homedir'].'/include/functions_ui.php'; if (\is_metaconsole() === true) { @@ -1081,6 +1091,7 @@ class Item extends CachedModel $linkedAgent = static::extractLinkedAgent($data); $baseUrl = \ui_get_full_url('index.php'); + $mobileUrl = \ui_get_full_url('mobile/index.php'); if ((bool) $data['agentDisabled'] === true || (bool) $data['moduleDisabled'] === true @@ -1135,6 +1146,15 @@ class Item extends CachedModel * We are in a regular console. */ + if ($mobile_navigation === true) { + return $mobileUrl.'?'.http_build_query( + [ + 'page' => 'visualmap', + 'id' => $vcId, + ] + ); + } + return $baseUrl.'?'.http_build_query( [ 'sec' => 'network', @@ -1211,6 +1231,15 @@ class Item extends CachedModel ]; } + if ($mobile_navigation === true) { + return $mobileUrl.'?'.http_build_query( + [ + 'page' => 'module_graph', + 'id' => $moduleId, + ] + ); + } + return $baseUrl.'?'.http_build_query($queryParams); } else if (\is_metaconsole() === true && (bool) \can_user_access_node() === true @@ -1290,6 +1319,15 @@ class Item extends CachedModel * We are in a regular console. */ + if ($mobile_navigation === true) { + return $mobileUrl.'?'.http_build_query( + [ + 'page' => 'agent', + 'id' => $agentId, + ] + ); + } + return $baseUrl.'?'.http_build_query( [ 'sec' => 'estado', diff --git a/pandora_console/include/styles/dashboards.css b/pandora_console/include/styles/dashboards.css index 56c73e0ee4..96a6eea118 100644 --- a/pandora_console/include/styles/dashboards.css +++ b/pandora_console/include/styles/dashboards.css @@ -76,7 +76,7 @@ h1 { .grid-stack-item-content { color: #2c3e50; - /*text-align: center;*/ + text-align: center; background-color: #ffffff; border-radius: 5px; -webkit-box-shadow: 5px 5px 5px 0px rgba(214, 214, 214, 1); @@ -390,6 +390,7 @@ table.group_modules_status_box tr td > span { } table.group_modules_status_box tr td div { + background-color: #82b92e; width: 90%; padding: 3px; text-align: center; @@ -543,3 +544,14 @@ div#main_pure { color: inherit; font-family: inherit; } + +/* Mobile trick */ +.ui-mobile-viewport.ui-overlay-c > #main_page > .ui-content { + overflow: visible; + overflow-x: visible; + margin: 0 !important; + padding: 0 !important; +} +.ui-mobile-viewport.ui-overlay-c > #main_page > .ui-content div.label > p { + margin: 0; +} diff --git a/pandora_console/install.php b/pandora_console/install.php index c5f188732d..eb331b781f 100644 --- a/pandora_console/install.php +++ b/pandora_console/install.php @@ -129,7 +129,7 @@
.ui-listview { + margin: 0 !important; +} + #list_Modules *, #list_agent_Modules *, #list_agents *, @@ -1398,7 +1436,7 @@ div.nodata_container { } .ui-icon-delete { - margin-top: -3px !important; + margin-top: -3px; } .empty_advice { diff --git a/pandora_console/mobile/include/system.class.php b/pandora_console/mobile/include/system.class.php index 2e21a8cf0b..2cbf124b66 100644 --- a/pandora_console/mobile/include/system.class.php +++ b/pandora_console/mobile/include/system.class.php @@ -151,7 +151,7 @@ class System } - public function getDefaultACLFailText() + public static function getDefaultACLFailText() { return __('Access to this page is restricted to authorized users only, please contact your system administrator if you should need help.').'

'.__('Please remember that any attempts to access this page will be recorded on the %s System Database.', get_product_name()); } diff --git a/pandora_console/mobile/include/ui.class.php b/pandora_console/mobile/include/ui.class.php index 101354cf28..1709b51d8d 100755 --- a/pandora_console/mobile/include/ui.class.php +++ b/pandora_console/mobile/include/ui.class.php @@ -1,4 +1,5 @@ \n"; echo " \n"; + $loaded = []; + foreach ($this->cssList as $filename) { + if (in_array($filename, $loaded) === true) { + continue; + } + + array_push($loaded, $filename); + + $url_css = ui_get_full_url($filename, false, false, false); + echo ''."\n\t"; + } + + $js_loaded = []; + foreach ($this->jsList as $filename) { + if (in_array($filename, $js_loaded) === true) { + continue; + } + + array_push($js_loaded, $filename); + + $url_css = ui_get_full_url($filename, false, false, false); + echo ''."\n\t"; + } + echo " \n"; echo " \n"; echo include_javascript_dependencies_flot_graph(false, false); @@ -857,6 +896,88 @@ class Ui } + /** + * Add CSS file to be loaded. + * + * @param string $name Css file name, as in ui_require_css. + * @param string $path Path where search for css file. + * + * @return boolean True if success, False if not. + */ + public function require_css( + string $name, + string $path='include/styles/' + ):bool { + $filename = $path.$name.'.css'; + $system = System::getInstance(); + + if (file_exists($filename) === false + && file_exists($system->getConfig('homedir').'/'.$filename) === false + && file_exists($system->getConfig('homedir').'/'.ENTERPRISE_DIR.'/'.$filename) === false + ) { + return false; + } + + if (in_array($filename, $this->cssList) === false) { + $this->cssList[] = $filename; + } + + return true; + } + + + /** + * Add JS file to be loaded. + * + * @param string $name JAvascript file name, as in + * \ui_require_javascript_file. + * @param string $path Path where search for Javascript file. + * + * @return boolean True if success, False if not. + */ + public function require_javascript( + string $name, + string $path='include/javascript/' + ):bool { + $filename = $path.$name.'.js'; + $system = System::getInstance(); + + if (file_exists($filename) === false + && file_exists($system->getConfig('homedir').'/'.$filename) === false + && file_exists($system->getConfig('homedir').'/'.ENTERPRISE_DIR.'/'.$filename) === false + ) { + return false; + } + + if (in_array($filename, $this->jsList) === false) { + $this->jsList[] = $filename; + } + + return true; + } + + + /** + * Forces reload to retrieve with and height. + * + * @return void + */ + public function retrieveViewPort() + { + ?> + + + getSession('user', null); + if (is_object($user) === false) { + $user = json_decode($user, true); + } + if (!empty($user)) { - self::$instance = $user; + self::$instance = new self(); + foreach ($user as $k => $v) { + self::$instance->{$k} = $v; + } } else { self::$instance = new self(); } @@ -49,6 +56,12 @@ class User } + public function jsonSerialize() + { + return get_object_vars($this); + } + + public function saveLogin() { if ($this->logged) { @@ -59,7 +72,7 @@ class User $config['id_user'] = $this->user; $system->setSessionBase('id_usuario', $this->user); - $system->setSession('user', $this); + $system->setSession('user', json_encode($this->jsonSerialize())); config_user_set_custom_config(); } @@ -86,6 +99,46 @@ class User { $system = System::getInstance(); + if ($system->getConfig('auth', 'mysql') === 'saml') { + if ((bool) $system->getRequest('saml', false) === true) { + \enterprise_include_once('include/auth/saml.php'); + $saml_user_id = enterprise_hook('saml_process_user_login'); + if (!$saml_user_id) { + $this->logged = false; + $this->errorLogin = $system->getConfig('auth_error'); + \enterprise_hook('saml_logout', [true]); + } else { + $this->logged = true; + $this->user = $saml_user_id; + $this->loginTime = time(); + $this->errorLogin = false; + } + + $this->saveLogin(); + return $this->logged; + } + + // Maybe back from SAML login. + $saml_session = $system->getSession('samlid', null); + if ($saml_session !== null) { + $this->user = $system->getSession('id_usuario', null); + if ($this->user !== null) { + $this->loginTime = time(); + $this->errorLogin = false; + $this->logged = true; + } else { + // SAML Session OK but not in DB. + $this->logged = false; + $this->errorLogin = __( + 'User cannot log in into this console, please contact administrator' + ); + } + + $this->saveLogin(); + return $this->logged; + } + } + if (($user == null) && ($password == null)) { $user = $system->getRequest('user', null); $password = $system->getRequest('password', null); @@ -205,6 +258,12 @@ class User public function logout() { + $system = System::getInstance(); + if ($system->getConfig('auth', 'mysql') === 'saml') { + \enterprise_include_once('include/auth/saml.php'); + \enterprise_hook('saml_logout'); + } + $this->user = null; $this->logged = false; $this->loginTime = false; @@ -213,7 +272,6 @@ class User $this->needDoubleAuth = false; $this->errorDoubleAuth = false; - $system = System::getInstance(); $system->setSession('user', null); $system->sessionDestroy(); } @@ -230,7 +288,12 @@ class User if ($this->errorLogin) { $options['type'] = 'onStart'; $options['title_text'] = __('Login Failed'); - $options['content_text'] = __('User not found in database or incorrect password.'); + if ($this->errorLogin !== false) { + $options['content_text'] = $this->errorLogin; + } else { + $options['content_text'] = __('User not found in database or incorrect password.'); + } + $ui->addDialog($options); } @@ -286,7 +349,29 @@ class User 'name' => 'login_btn', ]; $ui->formAddSubmitButton($options); + $ui->endForm(); + + if ($system->getConfig('auth', 'mysql') === 'saml') { + // Add SAML login button. + $ui->beginForm(''); + $ui->formAddHtml( + html_print_input_hidden('action', 'login', true) + ); + $ui->formAddHtml( + html_print_input_hidden('saml', '1', true) + ); + $ui->formAddSubmitButton( + [ + 'value' => __('Login with SAML'), + 'icon' => 'arrow-r', + 'icon_pos' => 'right', + 'name' => 'login_button_saml', + ] + ); + $ui->endForm(''); + } + $ui->contentAddHtml('
'); $ui->endContent(); $ui->showPage(); diff --git a/pandora_console/mobile/index.php b/pandora_console/mobile/index.php index c2eedcb6d6..5087661bd7 100644 --- a/pandora_console/mobile/index.php +++ b/pandora_console/mobile/index.php @@ -183,7 +183,6 @@ switch ($action) { } return; - break; case 'login': if ($user->login() && $user->isLogged()) { if (file_exists('../enterprise/load_enterprise.php')) { @@ -279,9 +278,6 @@ switch ($action) { $page = 'events'; break; - case 'Group view': - break; - case 'Alert detail': $page = 'alerts'; break; @@ -295,6 +291,11 @@ switch ($action) { $id_map = (int) db_get_value('id', 'tlayout', 'name', $section_data); $_GET['id'] = $id_map; break; + + case 'Group view': + default: + // No content. + break; } } @@ -349,6 +350,17 @@ switch ($action) { $agent = new Agent(); $agent->show(); break; + + case 'visualmaps': + // Show a list of VC. + $vc_list = new Visualmaps(); + $vc_list->show(); + break; + + case 'visualmap': + $vc = new Visualmap(); + $vc->show(); + break; } break; } diff --git a/pandora_console/mobile/operation/agent.php b/pandora_console/mobile/operation/agent.php index 0d2b327de2..6441a0c21c 100644 --- a/pandora_console/mobile/operation/agent.php +++ b/pandora_console/mobile/operation/agent.php @@ -425,7 +425,12 @@ class Agent success: function(r) { $.mobile.hidePageLoadingMsg(); var className = $('#list_agent_Modules').attr('class'); - $('#list_agent_Modules').parent().html(r); + if (document.getElementById('list_agent_Modules') == null) { + $($('p.empty_advice')[0]).parent().html(r); + className = 'ui-responsive table-stroke ui-table ui-table-reflow'; + } else { + $('#list_agent_Modules').parent().html(r); + } $('#list_agent_Modules').addClass(className); }, error: function(r, t, e) { @@ -468,7 +473,7 @@ class Agent 'id_agent' => $this->id, 'all_modules' => true, 'status' => -1, - 'name' => $name_filter, + 'name' => '%'.$name_filter.'%', ]; } diff --git a/pandora_console/mobile/operation/home.php b/pandora_console/mobile/operation/home.php index 6e3cbf8703..0fa872df7a 100644 --- a/pandora_console/mobile/operation/home.php +++ b/pandora_console/mobile/operation/home.php @@ -60,42 +60,51 @@ class Home 'icon' => 'groups', ]; - if (!$system->getConfig('metaconsole')) { - $items['alerts'] = [ - 'name' => __('Alerts'), - 'filename' => 'alerts.php', + if ((bool) $system->getConfig('legacy_vc', false) === false) { + // Show Visual consoles only if new system is enabled. + $items['visualmaps'] = [ + 'name' => __('Visual consoles'), + 'filename' => 'visualmaps.php', 'menu_item' => true, - 'icon' => 'alerts', - ]; - - $items['agents'] = [ - 'name' => __('Agents'), - 'filename' => 'agents.php', - 'menu_item' => true, - 'icon' => 'agents', - ]; - $items['modules'] = [ - 'name' => __('Modules'), - 'filename' => 'modules.php', - 'menu_item' => true, - 'icon' => 'modules', - ]; - - // Not in home. - $items['agent'] = [ - 'name' => __('Agent'), - 'filename' => 'agent.php', - 'menu_item' => false, - 'icon' => '', - ]; - $items['module_graph'] = [ - 'name' => __('Module graph'), - 'filename' => 'module_graph.php', - 'menu_item' => false, - 'icon' => '', + 'icon' => 'visual_console', ]; } + $items['alerts'] = [ + 'name' => __('Alerts'), + 'filename' => 'alerts.php', + 'menu_item' => true, + 'icon' => 'alerts', + ]; + + $items['agents'] = [ + 'name' => __('Agents'), + 'filename' => 'agents.php', + 'menu_item' => true, + 'icon' => 'agents', + ]; + + $items['modules'] = [ + 'name' => __('Modules'), + 'filename' => 'modules.php', + 'menu_item' => true, + 'icon' => 'modules', + ]; + + // Not in home. + $items['agent'] = [ + 'name' => __('Agent'), + 'filename' => 'agent.php', + 'menu_item' => false, + 'icon' => '', + ]; + $items['module_graph'] = [ + 'name' => __('Module graph'), + 'filename' => 'module_graph.php', + 'menu_item' => false, + 'icon' => '', + ]; + $this->pagesItems = $items; } @@ -154,7 +163,7 @@ class Home $options = [ 'name' => 'free_search', 'value' => $this->global_search, - 'placeholder' => __('Global search'), + 'placeholder' => __('Agent search'), ]; $ui->formAddInputSearch($options); $ui->endForm(); diff --git a/pandora_console/mobile/operation/visualmap.php b/pandora_console/mobile/operation/visualmap.php index 675f0f1f34..1313fc0f24 100644 --- a/pandora_console/mobile/operation/visualmap.php +++ b/pandora_console/mobile/operation/visualmap.php @@ -1,59 +1,160 @@ checkACL($this->acl)) { - $this->correct_acl = true; + $this->validAcl = true; } else { - $this->correct_acl = false; + $this->validAcl = false; } } + /** + * Retrieve filters. + * + * @return void + */ private function getFilters() { $system = System::getInstance(); $this->id = (int) $system->getRequest('id', 0); + $this->width = (int) $system->getRequest('width', 0); + $this->height = (int) $system->getRequest('height', 0); + + if ($this->width < $this->height) { + $w = $this->width; + $this->width = $this->height; + $this->height = $w; + $this->rotate = true; + } } + /** + * Renders the view. + * + * @return void + */ public function show() { $this->getFilters(); + if (empty($this->width) === true + && empty($this->height) === true + ) { + // Reload forcing user to send width and height. + $ui = Ui::getInstance(); + $ui->retrieveViewPort(); + } + + $this->height -= 39; + $this->visualmap = db_get_row( 'tlayout', 'id', @@ -65,7 +166,7 @@ class Visualmap } $this->checkVisualmapACL($this->visualmap['id_group']); - if (!$this->correct_acl) { + if (!$this->validAcl) { $this->show_fail_acl(); } @@ -73,12 +174,25 @@ class Visualmap } - private function show_fail_acl() + /** + * Shows an error if ACL fails. + * + * @param string $msg Optional message. + * + * @return void + */ + private function show_fail_acl(string $msg='') { $error['type'] = 'onStart'; - $error['title_text'] = __('You don\'t have access to this page'); - $error['content_text'] = System::getDefaultACLFailText(); - if (class_exists('HomeEnterprise')) { + if (empty($msg) === false) { + $error['title_text'] = __('Error'); + $error['content_text'] = $msg; + } else { + $error['title_text'] = __('You don\'t have access to this page'); + $error['content_text'] = System::getDefaultACLFailText(); + } + + if (class_exists('HomeEnterprise') === true) { $home = new HomeEnterprise(); } else { $home = new Home(); @@ -88,11 +202,18 @@ class Visualmap } - public function ajax($parameter2=false) + /** + * Ajax call manager. + * + * @param string $parameter2 Not sure why is doing this stuff. + * + * @return void + */ + public function ajax(string $parameter2='') { $system = System::getInstance(); $this->checkVisualmapACL($this->visualmap['id_group']); - if (!$this->correct_acl) { + if ((bool) $this->validAcl === false) { $this->show_fail_acl(); } else { switch ($parameter2) { @@ -100,18 +221,55 @@ class Visualmap $map_id = $system->getRequest('map_id', '0'); $width = $system->getRequest('width', '400'); $height = $system->getRequest('height', '400'); - visual_map_print_visual_map($map_id, false, true, $width, $height); + visual_map_print_visual_map( + $map_id, + false, + true, + $width, + $height + ); + exit; + + default: exit; } } } + /** + * Generates HTML code to view target Visual console. + * + * @return void + */ private function show_visualmap() { $ui = Ui::getInstance(); $system = System::getInstance(); + include_once $system->getConfig('homedir').'/vendor/autoload.php'; + + // Query parameters. + $visualConsoleId = (int) $system->getRequest('id'); + + // Refresh interval in seconds. + $refr = (int) get_parameter('refr', $system->getConfig('vc_refr')); + + // Check groups can access user. + $aclUserGroups = []; + if (!users_can_manage_group_all('AR')) { + $aclUserGroups = array_keys(users_get_groups(false, 'AR')); + } + + // Load Visual Console. + $visualConsole = null; + try { + $visualConsole = VisualConsole::fromDB(['id' => $visualConsoleId]); + } catch (Throwable $e) { + $this->show_fail_acl($e->getMessage()); + exit; + } + $ui->createPage(); $ui->createDefaultHeader( sprintf( @@ -127,61 +285,167 @@ class Visualmap ] ) ); + + $ui->require_css('visual_maps'); + $ui->require_css('register'); + $ui->require_css('dashboards'); + $ui->require_javascript('pandora_visual_console'); + $ui->require_javascript('pandora_dashboards'); + $ui->require_javascript('jquery.cookie'); + $ui->require_css('modal'); + $ui->require_css('form'); + $ui->showFooter(false); $ui->beginContent(); - - ob_start(); - $rendered_map = '
'; - $rendered_map .= html_print_image('images/spinner.gif', true); - $rendered_map .= '
'; - ob_clean(); - - $ui->contentAddHtml($rendered_map); $ui->contentAddHtml( - "" + include_javascript_d3(true) ); + + $size = [ + 'width' => $this->width, + 'height' => $this->height, + ]; + + $visualConsoleData = $visualConsole->toArray(); + $ratio_visualconsole = ($visualConsoleData['height'] / $visualConsoleData['width']); + $ratio_t = ($size['width'] / $visualConsoleData['width']); + $radio_h = ($size['height'] / $visualConsoleData['height']); + + $visualConsoleData['width'] = $size['width']; + $visualConsoleData['height'] = ($size['width'] * $ratio_visualconsole); + + if ($visualConsoleData['height'] > $size['height']) { + $ratio_t = $radio_h; + + $visualConsoleData['height'] = $size['height']; + $visualConsoleData['width'] = ($size['height'] / $ratio_visualconsole); + } + + $uniq = uniqid(); + + $output = '
'; + // Style. + $style = 'width:'.$visualConsoleData['width'].'px;'; + $style .= 'height:'.$visualConsoleData['height'].'px;'; + $style .= 'background-size: cover;'; + + // Class. + $class = 'visual-console-container-dashboard c-'.$uniq; + // Id. + $id = 'visual-console-container-'.$uniq; + $output .= '
'; + $output .= '
'; + $output .= '
'; + + // Check groups can access user. + $aclUserGroups = []; + if (users_can_manage_group_all('AR') === true) { + $aclUserGroups = array_keys( + users_get_groups(false, 'AR') + ); + } + + $ignored_params['refr'] = ''; + \ui_require_javascript_file( + 'tiny_mce', + 'include/javascript/tiny_mce/' + ); + \ui_require_javascript_file( + 'pandora_visual_console', + 'include/javascript/', + true + ); + \include_javascript_d3(); + \visual_map_load_client_resources(); + + // Load Visual Console Items. + $visualConsoleItems = VisualConsole::getItemsFromDB( + $visualConsoleId, + $aclUserGroups, + $ratio_t + ); + + // Horrible trick! due to the use of tinyMCE + // it is necessary to modify specific classes of each + // of the visual consoles. + $output .= ''; + + $visualConsoleItems = array_reduce( + $visualConsoleItems, + function ($carry, $item) use ($ratio_t) { + $carry[] = $item->toArray(); + return $carry; + }, + [] + ); + + $settings = \json_encode( + [ + 'props' => $visualConsoleData, + 'items' => $visualConsoleItems, + 'baseUrl' => ui_get_full_url('/', false, false, false), + 'ratio' => $ratio_t, + 'size' => $size, + 'cellId' => $uniq, + ] + ); + + $output .= ''; + + $ui->contentAddHtml($output); + + // Load Visual Console Items. + $visualConsoleItems = VisualConsole::getItemsFromDB( + $visualConsoleId, + $aclUserGroups + ); + + $javascript = ob_get_clean(); + $ui->contentAddHtml($javascript); + $ui->endContent(); $ui->showPage(); } diff --git a/pandora_console/mobile/operation/visualmaps.php b/pandora_console/mobile/operation/visualmaps.php index 372ade6500..1159e14409 100644 --- a/pandora_console/mobile/operation/visualmaps.php +++ b/pandora_console/mobile/operation/visualmaps.php @@ -1,56 +1,107 @@ checkACL($this->acl)) { - $this->correct_acl = true; + $this->allowed = true; } else { - $this->correct_acl = false; + $this->allowed = false; } } + /** + * Prepare filters for current view. + * + * @return void + */ private function getFilters() { $system = System::getInstance(); $user = User::getInstance(); - $this->default_filters['group'] = true; - $this->default_filters['type'] = true; + $this->defaultFilters['group'] = true; + $this->defaultFilters['type'] = true; $this->group = (int) $system->getRequest('group', __('Group')); if (!$user->isInGroup($this->acl, $this->group)) { @@ -61,7 +112,7 @@ class Visualmaps $this->group = 0; } else { $this->default = false; - $this->default_filters['group'] = false; + $this->defaultFilters['group'] = false; } $this->type = $system->getRequest('type', __('Type')); @@ -69,14 +120,19 @@ class Visualmaps $this->type = '0'; } else { $this->default = false; - $this->default_filters['type'] = false; + $this->defaultFilters['type'] = false; } } + /** + * Run view. + * + * @return void + */ public function show() { - if (!$this->correct_acl) { + if (!$this->allowed) { $this->show_fail_acl(); } else { $this->getFilters(); @@ -85,12 +141,19 @@ class Visualmaps } + /** + * Show a message about failed ACL access. + * + * @return void + */ private function show_fail_acl() { $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = System::getDefaultACLFailText(); - if (class_exists('HomeEnterprise')) { + + // Redirect to main page. + if (class_exists('HomeEnterprise') === true) { $home = new HomeEnterprise(); } else { $home = new Home(); @@ -100,6 +163,11 @@ class Visualmaps } + /** + * Show visual console list header. + * + * @return void + */ private function show_visualmaps() { $ui = Ui::getInstance(); @@ -124,57 +192,44 @@ class Visualmaps } + /** + * Show list of visual consoles. + * + * @return void + */ private function listVisualmapsHtml() { $system = System::getInstance(); $ui = Ui::getInstance(); - // Create filter - $where = []; - // Order by type field - $where['order'] = 'type'; + $visualmaps = visual_map_get_user_layouts(); - if ($this->group != '0') { - $where['id_group'] = $this->group; - } - - if ($this->type != '0') { - $where['type'] = $this->type; - } - - // Only display maps of "All" group if user is administrator - // or has "RR" privileges, otherwise show only maps of user group - $id_user = $system->getConfig('id_user'); - $own_info = get_user_info($id_user); - if ($own_info['is_admin'] || $system->checkACL($this->acl)) { - $maps = visual_map_get_user_layouts(); - } else { - $maps = visual_map_get_user_layouts($id_user, false, false, false); - } - - if (empty($maps)) { - $maps = []; - } - - $list = []; - foreach ($maps as $map) { - $row = []; - $row[__('Name')] = ''.io_safe_output($map['name']).''; - // $row[__('Type')] = $map['type']; - $row[__('Group')] = ui_print_group_icon($map['id_group'], true, 'groups_small', '', false); - $list[] = $row; - } - - if (count($maps) == 0) { - $ui->contentAddHtml('

'.__('No maps defined').'

'); + if (empty($visualmaps) === true) { + $ui->contentAddHtml('

'.__('No maps defined').'

'); } else { $table = new Table(); + // Without header jquery.mobile crashes. + $table->addHeader(['']); $table->id = 'list_visualmaps'; - $table->importFromHash($list); - $ui->contentAddHtml($table->getHTML()); - } + foreach ($visualmaps as $map) { + $link = ''.io_safe_output($map['name']).''; - $ui->contentAddLinkListener('list_visualmaps'); + $row = $link; + $row .= ui_print_group_icon( + $map['id_group'], + true, + 'groups_small', + '', + false + ); + $table->addRow([ $map['id'].' flex-center' => $row]); + } + + $ui->contentAddHtml($table->getHTML()); + $ui->contentAddLinkListener('list_visualmaps'); + } } diff --git a/pandora_console/pandora_console.redhat.spec b/pandora_console/pandora_console.redhat.spec index a93fc526e8..0cd6d5a4f2 100644 --- a/pandora_console/pandora_console.redhat.spec +++ b/pandora_console/pandora_console.redhat.spec @@ -3,7 +3,7 @@ # %define name pandorafms_console %define version 7.0NG.753 -%define release 210414 +%define release 210415 # User and Group under which Apache is running %define httpd_name httpd diff --git a/pandora_console/pandora_console.rhel7.spec b/pandora_console/pandora_console.rhel7.spec index 7b5ad07818..2e3a08f9d1 100644 --- a/pandora_console/pandora_console.rhel7.spec +++ b/pandora_console/pandora_console.rhel7.spec @@ -3,7 +3,7 @@ # %define name pandorafms_console %define version 7.0NG.753 -%define release 210414 +%define release 210415 # User and Group under which Apache is running %define httpd_name httpd diff --git a/pandora_console/pandora_console.spec b/pandora_console/pandora_console.spec index a055e8d820..c0df69a0e1 100644 --- a/pandora_console/pandora_console.spec +++ b/pandora_console/pandora_console.spec @@ -3,7 +3,7 @@ # %define name pandorafms_console %define version 7.0NG.753 -%define release 210414 +%define release 210415 %define httpd_name httpd # User and Group under which Apache is running %define httpd_name apache2 diff --git a/pandora_server/DEBIAN/control b/pandora_server/DEBIAN/control index 51da18be12..6cff9ca95c 100644 --- a/pandora_server/DEBIAN/control +++ b/pandora_server/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-server -Version: 7.0NG.753-210414 +Version: 7.0NG.753-210415 Architecture: all Priority: optional Section: admin diff --git a/pandora_server/DEBIAN/make_deb_package.sh b/pandora_server/DEBIAN/make_deb_package.sh index 8ef71038a5..2bcc2f474e 100644 --- a/pandora_server/DEBIAN/make_deb_package.sh +++ b/pandora_server/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.753-210414" +pandora_version="7.0NG.753-210415" package_cpan=0 package_pandora=1 diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index 7788686d08..134305f8ab 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -45,7 +45,7 @@ our @EXPORT = qw( # version: Defines actual version of Pandora Server for this module only my $pandora_version = "7.0NG.753"; -my $pandora_build = "210414"; +my $pandora_build = "210415"; our $VERSION = $pandora_version." ".$pandora_build; # Setup hash diff --git a/pandora_server/lib/PandoraFMS/PluginTools.pm b/pandora_server/lib/PandoraFMS/PluginTools.pm index 61718a93a4..5fd5c293c5 100644 --- a/pandora_server/lib/PandoraFMS/PluginTools.pm +++ b/pandora_server/lib/PandoraFMS/PluginTools.pm @@ -34,7 +34,7 @@ our @ISA = qw(Exporter); # version: Defines actual version of Pandora Server for this module only my $pandora_version = "7.0NG.753"; -my $pandora_build = "210414"; +my $pandora_build = "210415"; our $VERSION = $pandora_version." ".$pandora_build; our %EXPORT_TAGS = ( 'all' => [ qw() ] ); diff --git a/pandora_server/pandora_server.redhat.spec b/pandora_server/pandora_server.redhat.spec index 4967ad6bf8..045e69b862 100644 --- a/pandora_server/pandora_server.redhat.spec +++ b/pandora_server/pandora_server.redhat.spec @@ -3,7 +3,7 @@ # %define name pandorafms_server %define version 7.0NG.753 -%define release 210414 +%define release 210415 Summary: Pandora FMS Server Name: %{name} diff --git a/pandora_server/pandora_server.spec b/pandora_server/pandora_server.spec index c923e517a8..dad510161b 100644 --- a/pandora_server/pandora_server.spec +++ b/pandora_server/pandora_server.spec @@ -3,7 +3,7 @@ # %define name pandorafms_server %define version 7.0NG.753 -%define release 210414 +%define release 210415 Summary: Pandora FMS Server Name: %{name} diff --git a/pandora_server/pandora_server_installer b/pandora_server/pandora_server_installer index 62e3f669de..230bc58247 100755 --- a/pandora_server/pandora_server_installer +++ b/pandora_server/pandora_server_installer @@ -9,7 +9,7 @@ # ********************************************************************** PI_VERSION="7.0NG.753" -PI_BUILD="210414" +PI_BUILD="210415" MODE=$1 if [ $# -gt 1 ]; then diff --git a/pandora_server/util/pandora_db.pl b/pandora_server/util/pandora_db.pl index 8486ae06f9..678e493a0e 100755 --- a/pandora_server/util/pandora_db.pl +++ b/pandora_server/util/pandora_db.pl @@ -35,7 +35,7 @@ use PandoraFMS::Config; use PandoraFMS::DB; # version: define current version -my $version = "7.0NG.753 PS210414"; +my $version = "7.0NG.753 PS210415"; # Pandora server configuration my %conf; diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index 3a9fc1d3ba..1070976276 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -36,7 +36,7 @@ use Encode::Locale; Encode::Locale::decode_argv; # version: define current version -my $version = "7.0NG.753 PS210414"; +my $version = "7.0NG.753 PS210415"; # save program name for logging my $progname = basename($0); @@ -193,6 +193,7 @@ sub help_screen{ help_screen_line('--delete_profile', ' ', 'Delete perfil from user'); help_screen_line('--add_profile_to_user', ' []', 'Add a profile in group to a user'); help_screen_line('--create_profile', " \n\t \n\t \n\t \n\t ", 'Create profile'); + help_screen_line('--update_profile', " \n\t \n\t \n\t \n\t ", 'Modify profile'); help_screen_line('--disable_eacl', '', 'Disable enterprise ACL system'); help_screen_line('--enable_eacl', '', 'Enable enterprise ACL system'); help_screen_line('--disable_double_auth', '', 'Disable the double authentication for the specified user'); @@ -568,13 +569,29 @@ sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) { $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_; - return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,incident_edit,incident_view,incident_management,agent_view,agent_edit,alert_edit,user_management,db_management,alert_management,pandora_management,report_view,report_edit,report_management,event_view,event_edit,event_management,agent_disable,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);', - $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view, + return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,incident_view,incident_edit,incident_management,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);', + safe_input($profile_name), $incident_view,$incident_edit, $incident_management, $agent_view, $agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management, $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management); } +########################################################################## +#### Update profile. +########################################################################### +sub pandora_update_profile ($$$$$$$$$$$$$$$$$$$$$$$$$) { + my ($dbh, $profile_name, $incident_view,$incident_edit, $incident_management, $agent_view, + $agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management, + $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, + $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_; + + return db_update ($dbh, 'UPDATE tperfil SET incident_view = ?, incident_edit = ?, incident_management = ?, agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;', + $incident_view,$incident_edit, $incident_management, $agent_view, + $agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management, + $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, + $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management, safe_input($profile_name)); +} + ########################################################################## ## Delete a profile from the given user/group. ########################################################################## @@ -4005,6 +4022,26 @@ sub cli_create_profile() { $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management); } +############################################################################## +## Update profile. +## Related option: --update_profile +############################################################################## +# +sub cli_update_profile() { + my ($profile_name,$incident_view,$incident_edit,$incident_management,$agent_view, + $agent_edit,$agent_disable,$alert_edit,$alert_management,$user_management,$db_management, + $event_view,$event_edit,$event_management,$report_view,$report_edit,$report_management, + $map_view,$map_edit,$map_management,$vconsole_view,$vconsole_edit,$vconsole_management,$pandora_management) = @ARGV[2..25]; + + my $id_profile = get_profile_id($dbh,$profile_name); + exist_check($id_profile,'profile',$profile_name); + + pandora_update_profile ($dbh, $profile_name, $incident_view, $incident_edit, $incident_management, $agent_view, + $agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management, + $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, + $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management); +} + ############################################################################## # Delete profile. # Related option: --delete_profile @@ -7432,6 +7469,10 @@ sub pandora_manage_main ($$$) { param_check($ltotal, 24); cli_create_profile(); } + elsif ($param eq '--update_profile') { + param_check($ltotal, 24); + cli_update_profile(); + } elsif ($param eq '--delete_profile') { param_check($ltotal, 3); cli_delete_profile(); diff --git a/pandora_server/util/recon_scripts/ipmi-recon.pl b/pandora_server/util/recon_scripts/ipmi-recon.pl old mode 100644 new mode 100755