Performance improvements.

pandora_console/include/class/Tree.class.php

@@ -325,10 +325,21 @@ class Tree {
 				$user_groups_str = "-1";
 				$group_acl =  "";
 				if (!$this->strictACL) {
-					if (!empty($this->userGroups)) {
+					if (empty($this->userGroups)) {
-						$user_groups_str = implode(",", array_keys($this->userGroups));
+						return;
+					}
+
+					// Asking for a specific group.
+					if ($item_for_count !== false) {
+						if (!isset($this->userGroups[$item_for_count])) {
+							return;
+						}
+					}
+					// Asking for all groups.
+					else {
+						$user_groups_str = implode(",", array_keys($this->userGroups));
+						$group_acl = "AND ta.id_grupo IN ($user_groups_str)";
 					}
-					$group_acl = "AND ta.id_grupo IN ($user_groups_str)";
 				}
 				else {
 					if (!empty($this->acltags)) {
@@ -1142,7 +1153,7 @@ class Tree {
 		}
 
 		// If user have not permissions in parent, set parent node to 0 (all)
-		$user_groups_with_privileges = users_get_groups($config['id_user']);
+		$user_groups_with_privileges = $this->userGroups;
 		foreach ($groups as $id => $group) {
 			if (!in_array($groups[$id]['parent'], array_keys($user_groups_with_privileges))) {
 				$groups[$id]['parent'] = 0;
@@ -1306,7 +1317,7 @@ class Tree {
 
 		// Get the counters of the group (special case)
 		if ($processed_item['type'] == 'group') {
-			$counters = $this->getCounters($item['id']);
+			$counters = $this->getGroupCounters($item['id']);
 			if (!empty($counters)) {
 				foreach ($counters as $type => $value) {
 					$item[$type] = $value;
@@ -2608,6 +2619,50 @@ class Tree {
 		return $tree_modules;
 	}
 
+	protected function getGroupCounters($group_id) {
+		global $config;
+		static $group_stats = false;
+
+		# Do not use the group stat cache when using tags or real time group stats.
+		if ($config['realtimestats'] == 1 || (isset($this->userGroups[$group_id]['tags']) && $this->userGroups[$group_id]['tags'] != "")) {
+			return $this->getCounters($group_id);
+		}
+
+		# Update the group stat cache.
+		if ( $group_stats === false) {
+			$group_stats = array();
+			$stats = db_get_all_rows_sql('SELECT * FROM tgroup_stat');
+				
+			foreach ($stats as $group) {
+				if ($group['modules'] > 0) {
+					$group_stats[$group['id_group']]['total_count'] = $group['modules'] > 0 ? $group['agents'] : 0;
+					$group_stats[$group['id_group']]['total_critical_count'] = $group['critical'];
+					$group_stats[$group['id_group']]['total_unknown_count'] = $group['unknown'];
+					$group_stats[$group['id_group']]['total_warning_count'] = $group['warning'];
+					$group_stats[$group['id_group']]['total_not_init_count'] = $group['non-init'];
+					$group_stats[$group['id_group']]['total_normal_count'] = $group['normal'];
+					$group_stats[$group['id_group']]['total_fired_count'] = $group['alerts_fired'];
+				}
+				# Skip groups without modules.
+				else {
+					$group_stats[$group['id_group']]['total_count'] = 0;
+					$group_stats[$group['id_group']]['total_critical_count'] = 0;
+					$group_stats[$group['id_group']]['total_unknown_count'] = 0;
+					$group_stats[$group['id_group']]['total_warning_count'] = 0;
+					$group_stats[$group['id_group']]['total_not_init_count'] = 0;
+					$group_stats[$group['id_group']]['total_normal_count'] = 0;
+					$group_stats[$group['id_group']]['total_fired_count'] = 0;
+				}
+			}
+		}
+
+		if ($group_stats !== false && isset($group_stats[$group_id])) {
+			return $group_stats[$group_id];
+		}
+
+		return $this->getCounters($group_id);
+	}
+
 	static function recursive_modules_tree_view (&$new_modules, &$new_modules_child, $i, $child) {
 		foreach ($new_modules as $index => $module) {
 			if ($module['id'] == $child['parent']) {

pandora_console/include/functions_users.php

@@ -161,57 +161,95 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
 		}
 	}
 
-	if (isset($id_groups)) {
+	// Check the group cache first.
-		//Get recursive id groups
+	if (array_key_exists($id_user, $group_cache)) {
-		$list_id_groups = array();
+		$groups = $group_cache[$id_user];
-		foreach ((array)$id_groups as $id_group) {
+	} else {
-			$list_id_groups = array_merge($list_id_groups, groups_get_id_recursive($id_group));
+		// Admin.
+		if (is_user_admin($id_user)) {
+			$groups = db_get_all_rows_sql ("SELECT * FROM tgrupo");
+	 	}
+		// Per-group permissions.
+		else {
+			$query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags FROM tgrupo, tusuario_perfil, tperfil
+			        WHERE (tgrupo.id_grupo = tusuario_perfil.id_grupo OR tusuario_perfil.id_grupo = 0)
+					AND tusuario_perfil.id_perfil = tperfil.id_perfil
+					AND tusuario_perfil.id_usuario = '%s'", $id_user);
+			$groups = db_get_all_rows_sql ($query);
+
+			// Get children groups.
+			$parent_ids = array();
+			$parents = $groups;
+			$seen = array();
+			while (!empty($parents)) {
+				$children = array();
+				foreach ($parents as $parent) {
+					// Do not process the same parent twice.
+					if (array_key_exists($parent['id_grupo'], $seen)) {
+						continue;
+					}
+					$seen[$parent['id_grupo']] = 1;
+	
+					// Does this group propagate ACLs?
+					if ($parent['propagate'] == '0') {
+						continue;
+					}
+
+					// Save a list of parents in the tree to search for user profiles, including the current parent!
+					$parent_ids[$parent['id_grupo']] = isset($parent_ids[$parent['parent']]) ? array_merge(array($parent['id_grupo']), $parent_ids[$parent['parent']]) : array($parent['id_grupo']);
+
+					// Get children groups from the DB.
+					$query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags FROM tgrupo, tusuario_perfil, tperfil
+			    	    WHERE tgrupo.parent = %d
+						AND tusuario_perfil.id_grupo IN (%s)
+						AND tusuario_perfil.id_perfil = tperfil.id_perfil
+						AND tusuario_perfil.id_usuario = '%s'", $parent['id_grupo'], join(',', $parent_ids[$parent['id_grupo']]), $id_user);
+					$local_children = db_get_all_rows_sql ($query);
+					if (!empty($local_children)) {
+						$children = array_merge($children, $local_children);
+					}
+				}
+	
+				if (!empty($children)) {
+					$groups = array_merge($groups, $children);
+				}
+	
+				// Move down in the hierarchy.
+				$parents = $children;
+			}
 		}
-		
+
-		$list_id_groups = array_unique($list_id_groups);
+		// Update the group cache.
-		
+		$group_cache[$id_user] = $groups;
-		$groups = db_get_all_rows_filter('tgrupo', array('id_grupo' => $list_id_groups, 'order' => 'parent, nombre'));
-	}
-	else {
-		$groups = db_get_all_rows_in_table ('tgrupo', 'parent, nombre');
 	}
 
 	$user_groups = array ();
-	
 	if (!$groups) {
 		return $user_groups;
 	}
 	
 	if ($returnAllGroup) { //All group
-		if ($returnAllColumns) {
+		$groupall = array('id_grupo' => 0, 'nombre' => __('All'),
-			$groupall = array('id_grupo' => 0, 'nombre' => __('All'),
+			'icon' => 'world', 'parent' => 0, 'disabled' => 0,
-				'icon' => 'world', 'parent' => 0, 'disabled' => 0,
+			'custom_id' => null, 'description' => '', 'propagate' => 0); 
-				'custom_id' => null, 'description' => '', 'propagate' => 0); 
-		}
-		else {
-			$groupall = array('id_grupo' => 0, 'nombre' => __("All"));
-		}
 		
 		// Add the All group to the beginning to be always the first
 		array_unshift($groups, $groupall);
 	}
 
+	$acl_column = get_acl_column($privilege);
 	foreach ($groups as $group) {
-		if ($privilege === false) {
+
-			if ($returnAllColumns) {
+		# Check the specific permission column. acl_column is undefined for admins.
-				$user_groups[$group[$keys_field]] = $group;
+		if (defined($group[$acl_column]) && $group[$acl_column] != '1') {
-			}
+			continue;
-			else {
-				$user_groups[$group[$keys_field]] = $group['nombre'];
-			}
 		}
-		else if (check_acl($id_user, $group["id_grupo"], $privilege)) {
+
-			if ($returnAllColumns) {
+		if ($returnAllColumns) {
-				$user_groups[$group[$keys_field]] = $group;
+			$user_groups[$group[$keys_field]] = $group;
-			}
+		}
-			else {
+		else {
-				$user_groups[$group[$keys_field]] = $group['nombre'];
+			$user_groups[$group[$keys_field]] = $group['nombre'];
-			}
 		}
 	}