Disabled events
| "; + if (in_array($module_name, $allModules) === true) { + $style = 'background-color: transparent;'; + $table_data .= " | "; $table_data .= ' | '; } else { continue; } } else { - $table_data .= ""; + $style = 'text-align: center;'; + $style .= ' background-color: transparent;'; + $table_data .= " | ";
switch ($module) {
case AGENT_STATUS_NORMAL:
$table_data .= \ui_print_status_image(
@@ -592,70 +602,49 @@ class AgentModuleWidget extends Widget
return $output;
}
- if (isset($this->values['mAgents']) === true
- && empty($this->values['mAgents']) === false
- ) {
- $sql = sprintf(
- 'SELECT id_agente,nombre,alias
- FROM tagente
- WHERE id_agente IN (%s)
- ORDER BY id_agente',
- $this->values['mAgents']
- );
- $agents = db_get_all_rows_sql($sql);
- if ($agents === false) {
- $agents = [];
+ // Estract info all modules selected.
+ $target_modules = explode(',', $this->values['mModules']);
+ $all_modules = Module::search(
+ ['id_agente_modulo' => $target_modules]
+ );
+ $reduceAllModules = array_reduce(
+ $all_modules,
+ function ($carry, $item) {
+ $carry[$item->name()] = null;
+ return $carry;
}
+ );
- $modules = false;
- if (isset($this->values['mModules']) === true
- && empty($this->values['mModules']) === false
- ) {
- $sql = sprintf(
- 'SELECT nombre
- FROM tagente_modulo
- WHERE id_agente_modulo IN (%s)',
- $this->values['mModules']
+ \ksort($reduceAllModules);
+
+ $visualData = [];
+ // Estract info agents selected.
+ $target_agents = explode(',', $this->values['mAgents']);
+ foreach ($target_agents as $agent_id) {
+ try {
+ $agent = new Agent($agent_id);
+ $visualData[$agent_id]['agent_status'] = $agent->lastStatus();
+ $visualData[$agent_id]['agent_name'] = $agent->name();
+ $visualData[$agent_id]['agent_alias'] = $agent->alias();
+
+ $modules = $agent->searchModules(
+ ['id_agente_modulo' => $target_modules]
);
- $arrayNames = db_get_all_rows_sql($sql);
- $names = array_reduce(
- $arrayNames,
- function ($carry, $item) {
- $carry[] = $item['nombre'];
- return $carry;
- }
- );
-
- $sql = sprintf(
- 'SELECT id_agente_modulo,nombre
- FROM tagente_modulo
- WHERE id_agente IN (%s)
- AND nombre IN ("%s")
- AND delete_pending = 0
- ORDER BY nombre',
- $this->values['mAgents'],
- implode('","', $names)
- );
-
- $modules = index_array(
- db_get_all_rows_sql($sql),
- 'id_agente_modulo',
- 'nombre'
- );
+ $visualData[$agent_id]['modules'] = $reduceAllModules;
+ foreach ($modules as $module) {
+ $visualData[$agent_id]['modules'][$module->name()] = $module->getStatus()->estado();
+ }
+ } catch (Exception $e) {
+ echo 'Error: '.$e->getMessage();
}
-
- if ($modules === false) {
- $modules = [];
- }
- } else {
- $agents = [];
- $modules = [];
}
- $visualData = $this->generateDataAgentModule($agents, $modules);
-
- $output = $this->generateViewAgentModule($visualData);
+ $allModules = array_keys($reduceAllModules);
+ $output = $this->generateViewAgentModule(
+ $visualData,
+ $allModules
+ );
return $output;
}
diff --git a/pandora_console/include/lib/Dashboard/Widgets/alerts_fired.php b/pandora_console/include/lib/Dashboard/Widgets/alerts_fired.php
index 4aadb73dae..fdb5c3648a 100755
--- a/pandora_console/include/lib/Dashboard/Widgets/alerts_fired.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/alerts_fired.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -215,13 +215,19 @@ class AlertsFiredWidget extends Widget
// Retrieve global - common inputs.
$inputs = parent::getFormInputs();
+ $return_all_group = false;
+
+ if (users_can_manage_group_all('RM') || $values['groupId'] == 0) {
+ $return_all_group = true;
+ }
+
// Groups.
$inputs[] = [
'label' => __('Group'),
'arguments' => [
'type' => 'select_groups',
'name' => 'groupId',
- 'returnAllGroup' => true,
+ 'returnAllGroup' => $return_all_group,
'privilege' => 'AR',
'selected' => $values['groupId'],
'return' => true,
diff --git a/pandora_console/include/lib/Dashboard/Widgets/clock.php b/pandora_console/include/lib/Dashboard/Widgets/clock.php
index 8ad514e023..5d90f0f863 100644
--- a/pandora_console/include/lib/Dashboard/Widgets/clock.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/clock.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/pandora_console/include/lib/Dashboard/Widgets/custom_graph.php b/pandora_console/include/lib/Dashboard/Widgets/custom_graph.php
index b35ce233a1..ebd0597dbf 100644
--- a/pandora_console/include/lib/Dashboard/Widgets/custom_graph.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/custom_graph.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -243,8 +243,23 @@ class CustomGraphWidget extends Widget
$values['showLegend'] = 1;
}
+ $return_all_group = false;
+
+ if (users_can_manage_group_all('RM')) {
+ $return_all_group = true;
+ }
+
// Custom graph.
- $fields = \custom_graphs_get_user();
+ $fields = \custom_graphs_get_user(0, false, $return_all_group);
+
+ // If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
+ // This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
+ if ($values['id_graph'] !== null && !array_key_exists($values['id_graph'], $fields)) {
+ $selected_graph = db_get_row('tgraph', 'id_graph', $values['id_graph']);
+
+ $fields[$values['id_graph']] = $selected_graph;
+ }
+
$inputs[] = [
'label' => __('Graph'),
'arguments' => [
diff --git a/pandora_console/include/lib/Dashboard/Widgets/events_list.php b/pandora_console/include/lib/Dashboard/Widgets/events_list.php
index 8c896aa75f..5cce5ae1d7 100644
--- a/pandora_console/include/lib/Dashboard/Widgets/events_list.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/events_list.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -364,6 +364,14 @@ class EventsListWidget extends Widget
],
];
+ $return_all_group = false;
+ $selected_groups_array = explode(',', $values['groupId'][0]);
+
+ if (users_can_manage_group_all('RM') || ($selected_groups_array[0] !== '' && in_array(0, $selected_groups_array) === true)) {
+ // Return all group if user has permissions or it is a currently selected group.
+ $return_all_group = true;
+ }
+
// Groups.
$inputs[] = [
'label' => __('Groups'),
@@ -372,9 +380,10 @@ class EventsListWidget extends Widget
'name' => 'groupId[]',
'returnAllGroup' => true,
'privilege' => 'AR',
- 'selected' => explode(',', $values['groupId'][0]),
+ 'selected' => $selected_groups_array,
'return' => true,
'multiple' => true,
+ 'returnAllGroup' => $return_all_group,
],
];
@@ -429,7 +438,14 @@ class EventsListWidget extends Widget
global $config;
$output = '';
- $user_groups = \users_get_groups();
+
+ $return_all_group = false;
+
+ if (users_can_manage_group_all('RM')) {
+ $return_all_group = true;
+ }
+
+ $user_groups = \users_get_groups(false, 'AR', $return_all_group);
ui_require_css_file('events', 'include/styles/', true);
ui_require_css_file('tables', 'include/styles/', true);
@@ -442,14 +458,6 @@ class EventsListWidget extends Widget
return $output;
}
- foreach ($this->values['groupId'] as $id_group) {
- // Sanity check for user access.
- if (isset($user_groups[$id_group]) === false) {
- $output .= __('You must select some group');
- return;
- }
- }
-
$useTags = \tags_has_user_acl_tags($config['id_user']);
if ($useTags) {
if (empty($this->values['tagsId']) === true) {
@@ -465,9 +473,20 @@ class EventsListWidget extends Widget
$filter = [];
// Group all.
if (in_array(0, $this->values['groupId'])) {
- $filter['id_grupo'] = array_keys(users_get_groups());
+ $filter['id_grupo'] = array_keys($user_groups);
} else {
- $filter['id_grupo'] = $this->values['groupId'];
+ $filter['id_grupo'] = array_intersect($this->values['groupId'], array_keys($user_groups));
+ }
+
+ if (empty($filter['id_grupo'])) {
+ $output .= ' ';
+ $output .= \ui_print_error_message(
+ __('You have no access'),
+ '',
+ true
+ );
+ $output .= ' ';
+ return $output;
}
$filter['utimestamp'] = '>'.$unixtime;
diff --git a/pandora_console/include/lib/Dashboard/Widgets/example.php b/pandora_console/include/lib/Dashboard/Widgets/example.php
index 8c0664464c..2c163214d8 100644
--- a/pandora_console/include/lib/Dashboard/Widgets/example.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/example.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/pandora_console/include/lib/Dashboard/Widgets/graph_module_histogram.php b/pandora_console/include/lib/Dashboard/Widgets/graph_module_histogram.php
index 948b20acc7..30c512a98b 100644
--- a/pandora_console/include/lib/Dashboard/Widgets/graph_module_histogram.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/graph_module_histogram.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -312,6 +312,7 @@ class GraphModuleHistogramWidget extends Widget
'agent_id' => $values['agentId'],
'metaconsole_id' => $values['metaconsoleId'],
'style' => 'width: inherit;',
+ 'filter_modules' => users_access_to_agent($values['agentId']) === false ? [$values['moduleId']] : [],
],
];
@@ -384,28 +385,6 @@ class GraphModuleHistogramWidget extends Widget
$id_group = \agents_get_agent_group($id_agent);
- if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
- $output .= '';
- $output .= \ui_print_error_message(
- __('You don\'t have access'),
- '',
- true
- );
- $output .= ' ';
- return $output;
- }
-
- if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
- $output .= '';
- $output .= \ui_print_error_message(
- __('You don\'t have access'),
- '',
- true
- );
- $output .= ' ';
- return $output;
- }
-
$content = [
'id_agent_module' => $id_module,
'period' => $period,
diff --git a/pandora_console/include/lib/Dashboard/Widgets/groups_status.php b/pandora_console/include/lib/Dashboard/Widgets/groups_status.php
index 5b7fa16395..181a283d79 100755
--- a/pandora_console/include/lib/Dashboard/Widgets/groups_status.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/groups_status.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -259,33 +259,10 @@ class GroupsStatusWidget extends Widget
include_once $config['homedir'].'/include/functions_graph.php';
$output = '';
- // Check ACL.
+
$user_groups = \users_get_groups(false, 'AR', false);
- if (empty($this->values['groupId']) === true) {
- $output .= '';
- $output .= \ui_print_error_message(
- __('You don\'t have access'),
- '',
- true
- );
- $output .= ' ';
- return $output;
- }
-
- // Sanity check for user access.
- if (isset($user_groups[$this->values['groupId']]) === false) {
- $output .= '';
- $output .= \ui_print_error_message(
- __('You don\'t have access'),
- '',
- true
- );
- $output .= ' ';
- return $output;
- }
-
- $stats = \reporting_get_group_stats_resume($this->values['groupId']);
+ $stats = \reporting_get_group_stats_resume($this->values['groupId'], 'AR', true);
$data = '';
diff --git a/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php b/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
index f480c45389..5c5a12e16f 100644
--- a/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
@@ -14,7 +14,7 @@
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
- * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -229,7 +229,26 @@ class MapsMadeByUser extends Widget
// Retrieve global - common inputs.
$inputs = parent::getFormInputs();
- $fields = \visual_map_get_user_layouts($config['id_user'], true);
+ $return_all_group = false;
+
+ if (users_can_manage_group_all('RM')) {
+ $return_all_group = true;
+ }
+
+ $fields = \visual_map_get_user_layouts(
+ $config['id_user'],
+ true,
+ ['can_manage_group_all' => $return_all_group],
+ $return_all_group
+ );
+
+ // If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
+ // This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
+ if ($values['vcId'] !== null && !array_key_exists($values['vcId'], $fields)) {
+ $selected_vc = db_get_value('name', 'tlayout', 'id', $values['vcId']);
+
+ $fields[$values['vcId']] = $selected_vc;
+ }
// Visual console.
$inputs[] = [
@@ -308,20 +327,6 @@ class MapsMadeByUser extends Widget
$groupId = $visualConsoleData['groupId'];
$visualConsoleName = $visualConsoleData['name'];
- // ACL.
- $aclRead = check_acl($config['id_user'], $groupId, 'VR');
- $aclWrite = check_acl($config['id_user'], $groupId, 'VW');
- $aclManage = check_acl($config['id_user'], $groupId, 'VM');
-
- if ($aclRead === 0 && $aclWrite === 0 && $aclManage === 0) {
- db_pandora_audit(
- 'ACL Violation',
- 'Trying to access visual console without group access'
- );
- include 'general/noaccess.php';
- exit;
- }
-
$uniq = uniqid();
$output = '';
@@ -368,26 +373,27 @@ class MapsMadeByUser extends Widget
// of the visual consoles.
$output .= ' |