tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2290-seguridad-en-la-api' into 'develop'

Browse Source 
2290 seguridad en la api

See merge request artica/pandorafms!1513
This commit is contained in:
vgilc 2018-06-12 09:09:26 +02:00
commit c389661057
5 changed files with 1368 additions and 568 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/include/api.php
View File

@ -133,8 +133,6 @@ if ($correctLogin) {
$id_os = db_get_value_sql('select id_os from tagente where nombre = "'.$id.'"'); $id_os = db_get_value_sql('select id_os from tagente where nombre = "'.$id.'"');
html_debug($id_os);
if($id_os == 100){ if($id_os == 100){
returnError('not_allowed_operation_cluster', $returnType); returnError('not_allowed_operation_cluster', $returnType);
return false; return false;

43
pandora_console/include/functions_agents.php
View File

@ -2670,7 +2670,10 @@ function agents_generate_name ($alias, $address = '') {
*/ */
function agents_get_all_groups_agent ($id_agent, $group = false) { function agents_get_all_groups_agent ($id_agent, $group = false) {
// Get the group if is not defined // Get the group if is not defined
if ($group === false) $group = agents_get_group_agents($id_agent); if ($group === false) $group = agents_get_agent_group($id_agent);
// If cannot retrieve the group, it means that agent does not exist
if (!$group) return array();
$secondary_groups = enterprise_hook('agents_get_secondary_groups', array($id_agent)); $secondary_groups = enterprise_hook('agents_get_secondary_groups', array($id_agent));
@ -2682,4 +2685,42 @@ function agents_get_all_groups_agent ($id_agent, $group = false) {
return $secondary_groups['plain']; return $secondary_groups['plain'];
} }
/**
* @brief Get the total agents with a filter and an access bit
*
* @param Array filter agentes array. It is the same that agents_get_agents function
* @param string ACL bit
*
* @return int Total agents retrieved with the filter
*/
function agents_count_agents_filter ($filter = array(), $access = "AR") {
$total_agents = agents_get_agents(
array ('id_group' => $id_group),
array ('COUNT(DISTINCT id_agente) as total'),
$access
);
return ($total_agents !== false)
? $total_agents[0]['total']
: 0;
}
/**
* @brief Check if an agent is accessible by the user
*
* @param int Id agent
* @param string ACL access bit
*
* @return True if user has access, false if user has not permissions and
* null if id agent does not exist
*/
function agents_check_access_agent ($id_agent, $access = "AR") {
global $config;
if (users_access_to_agent($id_agent, $access)) return true;
// If agent exist return false
if (agents_check_agent_exists($id_agent)) return false;
// Return null otherwise
return null;
}
?> ?>

1843
pandora_console/include/functions_api.php
View File

File diff suppressed because it is too large Load Diff

28
pandora_console/include/functions_planned_downtimes.php
View File

@ -752,10 +752,20 @@ function planned_downtimes_items ($filter) {
$downtime_agents = db_get_all_rows_filter('tplanned_downtime_agents',$filter, 'id_agent,id_downtime,all_modules'); $downtime_agents = db_get_all_rows_filter('tplanned_downtime_agents',$filter, 'id_agent,id_downtime,all_modules');
$downtime = db_get_row_filter('tplanned_downtime',array('id' => $filter['id_downtime']), 'type_downtime'); $downtime = db_get_row_filter('tplanned_downtime',array('id' => $filter['id_downtime']), 'type_downtime');
$return = array(
'id_agents' => array(),
'id_downtime' => $filter['id_downtime'],
'all_modules' => 0,
'modules' => array(),
);
foreach ( $downtime_agents as $key => $data ) { foreach ( $downtime_agents as $key => $data ) {
$return = $data; // Do not add the agent information if no permissions
$modules = array(); if (!agents_check_access_agent($data['id_agent'], "AR")) continue;
$return['id_agents'][] = $data['id_agent'];
$return['id_downtime'] = $data['id_downtime'];
$return['all_modules'] = $data['all_modules'];
if ($downtime['type_downtime'] === 'quiet') { if ($downtime['type_downtime'] === 'quiet') {
if (!$data['all_modules']) { if (!$data['all_modules']) {
$second_filter = array( $second_filter = array(
@ -765,14 +775,18 @@ function planned_downtimes_items ($filter) {
$downtime_modules = db_get_all_rows_filter('tplanned_downtime_modules',$second_filter, 'id_agent_module'); $downtime_modules = db_get_all_rows_filter('tplanned_downtime_modules',$second_filter, 'id_agent_module');
if ( $downtime_modules ) { if ( $downtime_modules ) {
foreach ( $downtime_modules as $data2 ) { foreach ( $downtime_modules as $data2 ) {
$modules[] = $data2['id_agent_module']; $return['modules'][$data2['id_agent_module']] = $data2['id_agent_module'];
} }
$return['modules'] = implode(',', $modules);
} }
} }
} }
} }
if (empty($return['id_agents'])) return false;
// Implode agents and modules
$return['id_agents'] = implode(',', $return['id_agents']);
$return['modules'] = implode(',', $return['modules']);
return $return; return $return;
} }

20
pandora_console/operation/agentes/estado_agente.php
View File

@ -473,16 +473,16 @@ if ($strict_user) {
$agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $filter, $fields, false, $strict_user, true); $agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $filter, $fields, false, $strict_user, true);
} }
else { else {
$total_agents = agents_get_agents(array ( $total_agents = agents_count_agents_filter(
'disabled' => 0, array (
'id_grupo' => $groups, 'disabled' => 0,
'search' => $search_sql, 'id_grupo' => $groups,
'search_custom' => $search_sql_custom, 'search' => $search_sql,
'status' => $status), 'search_custom' => $search_sql_custom,
array ('COUNT(DISTINCT id_agente) as total'), $access, false); 'status' => $status
$total_agents = isset ($total_agents[0]['total']) ? ), $access
$total_agents[0]['total'] : 0; );
$agents = agents_get_agents(array ( $agents = agents_get_agents(array (
'order' => 'nombre ' . $order_collation . ' ASC', 'order' => 'nombre ' . $order_collation . ' ASC',
'id_grupo' => $groups, 'id_grupo' => $groups,