tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/ent-6631-Bug-en-dashboard-de-usuario-sin-permiso-2' into ent-6631-Bug-en-dashboard-de-usuario-sin-permiso

This commit is contained in:
alejandro-campos 2021-01-18 13:38:54 +01:00
parent f0ff1c72d4 5b9d7bcb81
commit d697ffb703
27 changed files with 523 additions and 397 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
pandora_console/include/class/NetworkMap.class.php
View File

@ -3499,39 +3499,41 @@ class NetworkMap
*
* @return string HTML code.
*/
public function printMap($return=false)
public function printMap($return=false, $ignore_acl=false)
{
global $config;
$networkmap = $this->map;
// ACL.
$networkmap_read = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MR'
);
$networkmap_write = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MW'
);
$networkmap_manage = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MM'
);
if (!$networkmap_read
&& !$networkmap_write
&& !$networkmap_manage
) {
db_pandora_audit(
'ACL Violation',
'Trying to access networkmap'
if ($ignore_acl === false) {
// ACL.
$networkmap_read = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MR'
);
include 'general/noaccess.php';
return '';
$networkmap_write = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MW'
);
$networkmap_manage = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MM'
);
if (!$networkmap_read
&& !$networkmap_write
&& !$networkmap_manage
) {
db_pandora_audit(
'ACL Violation',
'Trying to access networkmap'
);
include 'general/noaccess.php';
return '';
}
}
$user_readonly = !$networkmap_write && !$networkmap_manage;

24
pandora_console/include/functions_html.php
View File

@ -1249,13 +1249,15 @@ function html_print_select_multiple_modules_filtered(array $data):string
$uniqId = $data['uniqId'];
$return_all_group = isset($data['mReturnAllGroup']) ? $data['mReturnAllGroup'] : true;
// Group.
$output = '<div>';
$output .= html_print_input(
[
'label' => __('Group'),
'name' => 'filtered-module-group-'.$uniqId,
'returnAllGroup' => true,
'returnAllGroup' => $return_all_group,
'privilege' => 'AR',
'type' => 'select_groups',
'return' => true,
@ -1312,6 +1314,15 @@ function html_print_select_multiple_modules_filtered(array $data):string
$agents = [];
}
if ($data['mShowSelectedOtherGroups']) {
$selected_agents = explode(',', $data['mAgents']);
foreach ($selected_agents as $agent_id) {
if (!array_key_exists($agent_id, $agents)) {
$agents[$agent_id] = agents_get_alias($agent_id);
}
}
}
$output .= html_print_input(
[
'label' => __('Agents'),
@ -1350,6 +1361,17 @@ function html_print_select_multiple_modules_filtered(array $data):string
false
);
if ($data['mShowSelectedOtherGroups']) {
$selected_modules_ids = explode(',', $data['mModules']);
foreach ($selected_modules_ids as $id) {
if (!array_key_exists($id, $all_modules)) {
$module_data = modules_get_agentmodule($id);
$all_modules[$id] = $module_data['nombre'];
}
}
}
$output .= html_print_input(
[
'label' => __('Modules'),

5
pandora_console/include/functions_networkmap.php
View File

@ -1234,7 +1234,8 @@ function networkmap_get_networkmaps(
$id_user=null,
$type=null,
$optgrouped=true,
$strict_user=false
$strict_user=false,
$return_all_group=true
) {
global $config;
@ -1245,7 +1246,7 @@ function networkmap_get_networkmaps(
// Configure filters
$where = [];
$where['type'] = MAP_TYPE_NETWORKMAP;
$where['id_group'] = array_keys(users_get_groups($id_user));
$where['id_group'] = array_keys(users_get_groups($id_user, 'AR', $return_all_group));
if (!empty($type)) {
$where['subtype'] = $type;
}

4
pandora_console/include/functions_reporting.php
View File

@ -9962,7 +9962,7 @@ function reporting_get_group_stats($id_group=0, $access='AR', $recursion=true)
*
* @return array Group statistics
*/
function reporting_get_group_stats_resume($id_group=0, $access='AR')
function reporting_get_group_stats_resume($id_group=0, $access='AR', $ignore_permissions=false)
{
global $config;
@ -9998,7 +9998,7 @@ function reporting_get_group_stats_resume($id_group=0, $access='AR')
$cur_time = get_system_time();
// Check for access credentials using check_acl. More overhead, much safer.
if (!check_acl($config['id_user'], $id_group, $access)) {
if ($ignore_permissions === false && !check_acl($config['id_user'], $id_group, $access)) {
return $data;
}

4
pandora_console/include/functions_reports.php
View File

@ -150,6 +150,10 @@ function reports_get_reports(
) {
continue;
}
} else {
if ($returnAllGroup === false) {
continue;
}
}
array_push($reports, $report);

19
pandora_console/include/functions_visual_map.php
View File

@ -3716,7 +3716,8 @@ function visual_map_get_user_layouts(
$only_names=false,
$filter=false,
$returnAllGroup=true,
$favourite=false
$favourite=false,
$check_user_groups=true
) {
if (! is_array($filter)) {
$filter = [];
@ -3763,7 +3764,21 @@ function visual_map_get_user_layouts(
unset($filter['group']);
}
if (!empty($groups)) {
$return_all_group = false;
if (users_can_manage_group_all()) {
$return_all_group = true;
}
if (isset($filter['can_manage_group_all'])) {
if ($filter['can_manage_group_all'] === false) {
unset($groups[0]);
}
unset($filter['can_manage_group_all']);
}
if ($check_user_groups === true && !empty($groups)) {
if (empty($where)) {
$where = '';
}

3
pandora_console/include/javascript/pandora_dashboards.js
View File

@ -782,7 +782,8 @@ function dashboardLoadNetworkMap(settings) {
zoom_dash: settings.zoom_dash,
auth_class: settings.auth_class,
auth_hash: settings.auth_hash,
id_user: settings.id_user
id_user: settings.id_user,
ignore_acl: 1
},
dataType: "html",
success: function(data) {

262
pandora_console/include/javascript/pandora_ui.js
View File

@ -173,138 +173,148 @@ function load_modal(settings) {
}
if (settings.modal.ok != undefined) {
var btnClickHandler = function(d) {
if (AJAX_RUNNING) return;
if (settings.onsubmit != undefined) {
if (settings.onsubmit.preaction != undefined) {
settings.onsubmit.preaction();
}
AJAX_RUNNING = 1;
if (settings.onsubmit.dataType == undefined) {
settings.onsubmit.dataType = "html";
}
var formdata = new FormData();
if (settings.extradata) {
settings.extradata.forEach(function(item) {
if (item.value != undefined)
formdata.append(item.name, item.value);
});
}
formdata.append("page", settings.onsubmit.page);
formdata.append("method", settings.onsubmit.method);
var flagError = false;
if (Array.isArray(settings.form) === false) {
$("#" + settings.form + " :input").each(function() {
if (this.checkValidity() === false) {
$(this).attr("title", this.validationMessage);
$(this).tooltip({
tooltipClass: "uitooltip",
position: {
my: "right bottom",
at: "right top",
using: function(position, feedback) {
$(this).css(position);
$("<div>")
.addClass("arrow")
.addClass(feedback.vertical)
.addClass(feedback.horizontal)
.appendTo(this);
}
}
});
$(this).tooltip("open");
var element = $(this);
setTimeout(
function(element) {
element.tooltip("destroy");
element.removeAttr("title");
},
3000,
element
);
flagError = true;
}
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
});
} else {
settings.form.forEach(function(element) {
$("#" + element + " :input, #" + element + " textarea").each(
function() {
// TODO VALIDATE ALL INPUTS.
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
}
);
});
}
if (flagError === false) {
if (
settings.onsubmitClose != undefined &&
settings.onsubmitClose == 1
) {
d.dialog("close");
}
$.ajax({
method: "post",
url: settings.url,
processData: false,
contentType: false,
data: formdata,
dataType: settings.onsubmit.dataType,
success: function(data) {
console.log("successsssssssssssss");
console.log(data);
if (settings.ajax_callback != undefined) {
if (settings.idMsgCallback != undefined) {
settings.ajax_callback(data, settings.idMsgCallback);
} else {
settings.ajax_callback(data);
}
}
AJAX_RUNNING = 0;
}
});
} else {
AJAX_RUNNING = 0;
}
} else {
// No onsumbit configured. Directly close.
d.dialog("close");
if (document.getElementById(settings.form) != undefined) {
document.getElementById(settings.form).submit();
}
}
}
required_buttons.push({
class:
"ui-widget ui-state-default ui-corner-all ui-button-text-only sub ok submit-next",
text: settings.modal.ok,
click: function() {
if (AJAX_RUNNING) return;
if (settings.onsubmit != undefined) {
if (settings.onsubmit.preaction != undefined) {
settings.onsubmit.preaction();
}
AJAX_RUNNING = 1;
if (settings.onsubmit.dataType == undefined) {
settings.onsubmit.dataType = "html";
}
var formdata = new FormData();
if (settings.extradata) {
settings.extradata.forEach(function(item) {
if (item.value != undefined)
formdata.append(item.name, item.value);
});
}
formdata.append("page", settings.onsubmit.page);
formdata.append("method", settings.onsubmit.method);
var flagError = false;
if (Array.isArray(settings.form) === false) {
$("#" + settings.form + " :input").each(function() {
if (this.checkValidity() === false) {
$(this).attr("title", this.validationMessage);
$(this).tooltip({
tooltipClass: "uitooltip",
position: {
my: "right bottom",
at: "right top",
using: function(position, feedback) {
$(this).css(position);
$("<div>")
.addClass("arrow")
.addClass(feedback.vertical)
.addClass(feedback.horizontal)
.appendTo(this);
}
}
});
$(this).tooltip("open");
var element = $(this);
setTimeout(
function(element) {
element.tooltip("destroy");
element.removeAttr("title");
},
3000,
element
);
flagError = true;
}
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
});
} else {
settings.form.forEach(function(element) {
$("#" + element + " :input, #" + element + " textarea").each(
function() {
// TODO VALIDATE ALL INPUTS.
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
}
);
});
}
if (flagError === false) {
if (
settings.onsubmitClose != undefined &&
settings.onsubmitClose == 1
) {
$(this).dialog("close");
}
$.ajax({
method: "post",
url: settings.url,
processData: false,
contentType: false,
data: formdata,
dataType: settings.onsubmit.dataType,
success: function(data) {
if (settings.ajax_callback != undefined) {
if (settings.idMsgCallback != undefined) {
settings.ajax_callback(data, settings.idMsgCallback);
} else {
settings.ajax_callback(data);
}
}
AJAX_RUNNING = 0;
}
});
} else {
AJAX_RUNNING = 0;
}
if (settings.onsubmit != undefined && settings.onsubmit.onConfirmSubmit != undefined) {
settings.onsubmit.onConfirmSubmit(btnClickHandler, $(this));
} else {
// No onsumbit configured. Directly close.
$(this).dialog("close");
if (document.getElementById(settings.form) != undefined) {
document.getElementById(settings.form).submit();
}
btnClickHandler($(this));
}
},
error: function(data) {

38
pandora_console/include/lib/Dashboard/Widgets/agent_module.php
View File

@ -246,18 +246,26 @@ class AgentModuleWidget extends Widget
'label' => __('Filter modules'),
];
$return_all_group = false;
if (users_can_manage_group_all('RM') || $this->values['mGroup'] == 0) {
$return_all_group = true;
}
$inputs[] = [
'class' => 'flex flex-row',
'id' => 'select_multiple_modules_filtered',
'arguments' => [
'type' => 'select_multiple_modules_filtered',
'uniqId' => $this->cellId,
'mGroup' => $this->values['mGroup'],
'mRecursion' => $this->values['mRecursion'],
'mModuleGroup' => $this->values['mModuleGroup'],
'mAgents' => $this->values['mAgents'],
'mShowCommonModules' => $this->values['mShowCommonModules'],
'mModules' => $this->values['mModules'],
'type' => 'select_multiple_modules_filtered',
'uniqId' => $this->cellId,
'mGroup' => $this->values['mGroup'],
'mRecursion' => $this->values['mRecursion'],
'mModuleGroup' => $this->values['mModuleGroup'],
'mAgents' => $this->values['mAgents'],
'mShowCommonModules' => $this->values['mShowCommonModules'],
'mModules' => $this->values['mModules'],
'mShowSelectedOtherGroups' => true,
'mReturnAllGroup' => $return_all_group,
],
];
@ -326,10 +334,6 @@ class AgentModuleWidget extends Widget
}
foreach ($agents as $agent) {
if (users_access_to_agent($agent['id_agente']) === false) {
continue;
}
$row = [];
$row['agent_status'] = agents_get_status(
$agent['id_agente'],
@ -337,10 +341,18 @@ class AgentModuleWidget extends Widget
);
$row['agent_name'] = $agent['nombre'];
$row['agent_alias'] = $agent['alias'];
$agent_modules = agents_get_modules(
$sql = sprintf(
'SELECT id_agente_modulo, nombre
FROM tagente_modulo
WHERE id_agente = %d',
$agent['id_agente']
);
$agent_modules = db_get_all_rows_sql($sql);
$agent_modules = array_combine(array_column($agent_modules, 'id_agente_modulo'), array_column($agent_modules, 'nombre'));
$row['modules'] = [];
foreach ($modules_by_name as $module) {
$row['modules'][$module['name']] = null;

8
pandora_console/include/lib/Dashboard/Widgets/alerts_fired.php
View File

@ -215,13 +215,19 @@ class AlertsFiredWidget extends Widget
// Retrieve global - common inputs.
$inputs = parent::getFormInputs();
$return_all_group = false;
if (users_can_manage_group_all('RM') || $values['groupId'] == 0) {
$return_all_group = true;
}
// Groups.
$inputs[] = [
'label' => __('Group'),
'arguments' => [
'type' => 'select_groups',
'name' => 'groupId',
'returnAllGroup' => true,
'returnAllGroup' => $return_all_group,
'privilege' => 'AR',
'selected' => $values['groupId'],
'return' => true,

17
pandora_console/include/lib/Dashboard/Widgets/custom_graph.php
View File

@ -243,8 +243,23 @@ class CustomGraphWidget extends Widget
$values['showLegend'] = 1;
}
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Custom graph.
$fields = \custom_graphs_get_user();
$fields = \custom_graphs_get_user(0, false, $return_all_group);
// If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['id_graph'] !== null && !array_key_exists($values['id_graph'], $fields)) {
$selected_graph = db_get_row('tgraph', 'id_graph', $values['id_graph']);
$fields[$values['id_graph']] = $selected_graph;
}
$inputs[] = [
'label' => __('Graph'),
'arguments' => [

43
pandora_console/include/lib/Dashboard/Widgets/events_list.php
View File

@ -364,6 +364,14 @@ class EventsListWidget extends Widget
],
];
$return_all_group = false;
$selected_groups_array = explode(',', $values['groupId'][0]);
if (users_can_manage_group_all('RM') || in_array(0, $selected_groups_array) === true) {
// Return all group if user has permissions or it is a currently selected group.
$return_all_group = true;
}
// Groups.
$inputs[] = [
'label' => __('Groups'),
@ -372,9 +380,10 @@ class EventsListWidget extends Widget
'name' => 'groupId[]',
'returnAllGroup' => true,
'privilege' => 'AR',
'selected' => explode(',', $values['groupId'][0]),
'selected' => $selected_groups_array,
'return' => true,
'multiple' => true,
'returnAllGroup' => $return_all_group,
],
];
@ -429,7 +438,14 @@ class EventsListWidget extends Widget
global $config;
$output = '';
$user_groups = \users_get_groups();
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$user_groups = \users_get_groups(false, 'AR', $return_all_group);
ui_require_css_file('events', 'include/styles/', true);
ui_require_css_file('tables', 'include/styles/', true);
@ -442,14 +458,6 @@ class EventsListWidget extends Widget
return $output;
}
foreach ($this->values['groupId'] as $id_group) {
// Sanity check for user access.
if (isset($user_groups[$id_group]) === false) {
$output .= __('You must select some group');
return;
}
}
$useTags = \tags_has_user_acl_tags($config['id_user']);
if ($useTags) {
if (empty($this->values['tagsId']) === true) {
@ -465,9 +473,20 @@ class EventsListWidget extends Widget
$filter = [];
// Group all.
if (in_array(0, $this->values['groupId'])) {
$filter['id_grupo'] = array_keys(users_get_groups());
$filter['id_grupo'] = array_keys($user_groups);
} else {
$filter['id_grupo'] = $this->values['groupId'];
$filter['id_grupo'] = array_intersect($this->values['groupId'], array_keys($user_groups));
}
if (empty($filter['id_grupo'])) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You have no access'),
'',
true
);
$output .= '</div>';
return $output;
}
$filter['utimestamp'] = '>'.$unixtime;

22
pandora_console/include/lib/Dashboard/Widgets/graph_module_histogram.php
View File

@ -384,28 +384,6 @@ class GraphModuleHistogramWidget extends Widget
$id_group = \agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$content = [
'id_agent_module' => $id_module,
'period' => $period,

27
pandora_console/include/lib/Dashboard/Widgets/groups_status.php
View File

@ -259,33 +259,10 @@ class GroupsStatusWidget extends Widget
include_once $config['homedir'].'/include/functions_graph.php';
$output = '';
// Check ACL.
$user_groups = \users_get_groups(false, 'AR', false);
if (empty($this->values['groupId']) === true) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
// Sanity check for user access.
if (isset($user_groups[$this->values['groupId']]) === false) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$stats = \reporting_get_group_stats_resume($this->values['groupId']);
$stats = \reporting_get_group_stats_resume($this->values['groupId'], 'AR', true);
$data = '<div class="widget-groups-status"><span>';
$data .= ui_print_group_icon(

35
pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
View File

@ -229,7 +229,26 @@ class MapsMadeByUser extends Widget
// Retrieve global - common inputs.
$inputs = parent::getFormInputs();
$fields = \visual_map_get_user_layouts($config['id_user'], true);
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$fields = \visual_map_get_user_layouts(
$config['id_user'],
true,
['can_manage_group_all' => $return_all_group],
$return_all_group
);
// If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['vcId'] !== null && !array_key_exists($values['vcId'], $fields)) {
$selected_vc = db_get_value('name', 'tlayout', 'id', $values['vcId']);
$fields[$values['vcId']] = $selected_vc;
}
// Visual console.
$inputs[] = [
@ -308,20 +327,6 @@ class MapsMadeByUser extends Widget
$groupId = $visualConsoleData['groupId'];
$visualConsoleName = $visualConsoleData['name'];
// ACL.
$aclRead = check_acl($config['id_user'], $groupId, 'VR');
$aclWrite = check_acl($config['id_user'], $groupId, 'VW');
$aclManage = check_acl($config['id_user'], $groupId, 'VM');
if ($aclRead === 0 && $aclWrite === 0 && $aclManage === 0) {
db_pandora_audit(
'ACL Violation',
'Trying to access visual console without group access'
);
include 'general/noaccess.php';
exit;
}
$uniq = uniqid();
$output = '<div class="container-center">';

30
pandora_console/include/lib/Dashboard/Widgets/maps_status.php
View File

@ -215,14 +215,41 @@ class MapsStatusWidget extends Widget
include_once $config['homedir'].'/include/functions_visual_map.php';
$dataVc = \visual_map_get_user_layouts(
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$selected = explode(',', $values['maps'][0]);
$dataAllVc = \visual_map_get_user_layouts(
$config['id_user'],
false,
[],
true,
false,
false
);
$dataVc = \visual_map_get_user_layouts(
$config['id_user'],
false,
['can_manage_group_all' => $return_all_group],
$return_all_group,
false
);
$diff = array_diff_key($dataAllVc, $dataVc);
if (!empty($diff)) {
foreach ($diff as $key => $value) {
if (in_array($key, $selected)) {
$dataVc[$key] = $value;
}
}
}
$fields = array_reduce(
$dataVc,
function ($carry, $item) {
@ -280,6 +307,7 @@ class MapsStatusWidget extends Widget
false,
[],
true,
false,
false
);

21
pandora_console/include/lib/Dashboard/Widgets/module_icon.php
View File

@ -480,32 +480,11 @@ class ModuleIconWidget extends Widget
$output = '';
$id_group = \agents_get_agent_group($this->values['agentId']);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$modulesAgent = \modules_get_agentmodule_agent(
$this->values['moduleId']
);
if ($modulesAgent !== (int) $this->values['agentId']) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = \modules_get_last_value(
$this->values['moduleId']
);

22
pandora_console/include/lib/Dashboard/Widgets/module_status.php
View File

@ -457,30 +457,8 @@ class ModuleStatusWidget extends Widget
$id_agent = $this->values['agentId'];
$id_group = agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$id_module = $this->values['moduleId'];
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$icon = $this->values['imageSrc'];
$label = $this->values['label'];
$sizeLabel = (isset($this->values['sizeLabel']) === true) ? $this->values['sizeLabel'] : 30;

22
pandora_console/include/lib/Dashboard/Widgets/module_table_value.php
View File

@ -366,28 +366,6 @@ class ModuleTableValueWidget extends Widget
$id_module = $this->values['moduleId'];
$size_text = $this->values['sizeLabel'];
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = modules_get_last_value($id_module);
$value = (string) $data_module;

22
pandora_console/include/lib/Dashboard/Widgets/module_value.php
View File

@ -382,30 +382,8 @@ class ModuleValueWidget extends Widget
$id_agent = $this->values['agentId'];
$id_group = agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$id_module = $this->values['moduleId'];
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = \modules_get_last_value($id_module);
$label = $this->values['label'];

15
pandora_console/include/lib/Dashboard/Widgets/network_map.php
View File

@ -262,8 +262,21 @@ class NetworkMapWidget extends Widget
$values['zoomLevel'] = 0.5;
}
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Map.
$fields = \networkmap_get_networkmaps();
$fields = \networkmap_get_networkmaps(null, null, true, false, $return_all_group);
// If currently selected networkmap is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
if ($values['networkmapId'] !== null && !array_key_exists($values['networkmapId'], $fields)) {
$selected_networkmap = db_get_row('tmap', 'id', $values['networkmapId']);
$fields[$values['networkmapId']] = $selected_networkmap;
}
$inputs[] = [
'label' => __('Map'),

17
pandora_console/include/lib/Dashboard/Widgets/reports.php
View File

@ -217,8 +217,23 @@ class ReportsWidget extends Widget
// Retrieve global - common inputs.
$inputs = parent::getFormInputs();
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Reports.
$reports = \reports_get_reports(false, ['id_report', 'name']);
$reports = \reports_get_reports(false, ['id_report', 'name'], $return_all_group);
// If currently selected report is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['reportId'] !== null && !in_array($values['reportId'], array_column($reports, 'id_report'))) {
$selected_report = db_get_row('treport', 'id_report', $values['reportId']);
$reports[] = $selected_report;
}
$fields = array_reduce(
$reports,
function ($carry, $item) {

9
pandora_console/include/lib/Dashboard/Widgets/service_map.php
View File

@ -254,6 +254,15 @@ class ServiceMapWidget extends Widget
$inputs = parent::getFormInputs();
$services_res = services_get_services();
// If currently selected report is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['serviceId'] !== null && !in_array($values['serviceId'], array_column($services_res, 'id'))) {
$selected_service = db_get_row('tservice', 'id', $values['serviceId']);
$services_res[] = $selected_service;
}
$services = [0 => __('None')];
if ($services_res !== false) {
$fields = array_reduce(

164
pandora_console/include/lib/Dashboard/Widgets/system_group_status.php
View File

@ -267,10 +267,21 @@ class SystemGroupStatusWidget extends Widget
);
}
$return_all_group = false;
// Restrict access to group.
$selected_groups = [];
if ($values['groupId']) {
$selected_groups = explode(',', $values['groupId'][0]);
if (users_can_manage_group_all('RM') || ($selected_groups[0] !== '' && in_array(0, $selected_groups) === true)) {
// Return all group if user has permissions or it is a currently selected group.
$return_all_group = true;
}
} else {
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
}
$inputs[] = [
@ -283,6 +294,7 @@ class SystemGroupStatusWidget extends Widget
'selected' => $selected_groups,
'return' => true,
'multiple' => true,
'returnAllGroup' => $return_all_group,
],
];
@ -351,33 +363,84 @@ class SystemGroupStatusWidget extends Widget
exit;
}
// Groups and tags.
$result_groups_info = \groupview_get_groups_list(
$config['id_user'],
($agent_a === 1) ? 'AR' : (($agent_w === 1) ? 'AW' : 'AR')
);
$return_all_group = false;
$result_groups = $result_groups_info['groups'];
$result_groups = array_reduce(
$result_groups,
function ($carry, $item) {
$carry[$item['_id_']] = $item;
return $carry;
},
[]
);
$this->values['groupId'] = explode(',', $this->values['groupId'][0]);
if (count($this->values['groupId']) === 1
&& in_array(0, $this->values['groupId']) === true
) {
$this->values['groupId'] = [];
foreach ($result_groups as $key => $value) {
$this->values['groupId'][] = $key;
}
if (users_can_manage_group_all('AR')) {
$return_all_group = true;
}
$user_groups = users_get_groups(false, 'AR', $return_all_group);
$selected_groups = explode(',', $this->values['groupId'][0]);
if ($selected_groups[0] === '') {
return;
}
$all_counters = [];
if (in_array(0, $selected_groups)) {
$all_groups = db_get_all_rows_sql('select id_grupo from tgrupo');
$all_groups_id = array_column($all_groups, 'id_grupo');
$all_groups_counters = groupview_get_modules_counters($all_groups_id);
$all_counters['g'] = 0;
$all_counters['name'] = __('All');
$all_counters['total_module_normal'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_normal'];
},
0
);
$all_counters['total_module_warning'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_warning'];
},
0
);
$all_counters['total_module_critical'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_critical'];
},
0
);
$all_counters['total_module_alerts'] = array_reduce(
$all_groups_counters,
function ($sum, $item) {
return $sum += $item['total_module_alerts'];
},
0
);
$all_group_key = array_search(0, $selected_groups);
unset($selected_groups[$all_group_key]);
}
$module_counters = groupview_get_modules_counters($selected_groups);
foreach ($module_counters as $key => $item) {
$module_counters[$key]['name'] = groups_get_name($item['g']);
}
$keys = array_column($module_counters, 'g');
$values = array_values($module_counters);
$result_groups = array_combine($keys, $values);
if (empty($all_counters) === false) {
$result_groups[0] = $all_counters;
}
$this->values['groupId'] = explode(',', $this->values['groupId'][0]);
$this->values['status'] = explode(',', $this->values['status'][0]);
$style = 'font-size: 12px; text-align: center;';
@ -423,38 +486,25 @@ class SystemGroupStatusWidget extends Widget
$group = $result_groups[$groupId];
} else {
$group = [
'_monitors_critical_' => 0,
'_monitors_warning_' => 0,
'_monitors_unknown_' => 0,
'_monitors_not_init_' => 0,
'_monitors_ok_' => 0,
'_monitor_checks_' => 0,
'_monitors_alerts_fired_' => 0,
'_agents_critical_' => 0,
'_agents_warning_' => 0,
'_agents_unknown_' => 0,
'_agents_not_init_' => 0,
'_agents_ok_' => 0,
'_total_agents_' => 0,
'_name_' => groups_get_name($groupId),
'_id_' => $groupId,
'_icon_' => groups_get_icon($groupId),
'_monitor_not_normal_' => 0,
'total_module_critical' => 0,
'_monitors_warning_' => 0,
'total_module_normal' => 0,
'total_module_alerts' => 0,
'total_module_warning' => 0,
'name' => groups_get_name($groupId),
'g' => $groupId,
];
}
if ($group['_id_'] === 0) {
continue;
}
$flag_groups = true;
$show_link = array_key_exists($group['g'], $user_groups);
if ((in_array($group['_id_'], $this->values['groupId'])) === true) {
$table->data[$i][] = '<span>'.$group['_name_'].'</span>';
if ((in_array($group['g'], $this->values['groupId'])) === true) {
$table->data[$i][] = '<span>'.$group['name'].'</span>';
$url = $config['homeurl'].'index.php';
$url .= '?sec=estado&sec2=operation/agentes/status_monitor';
$url .= '&ag_group='.$group['_id_'];
$url .= '&ag_group='.$group['g'];
if ($show_normal === true) {
$outputLine = '<div style="background-color:#82b92e">';
@ -462,9 +512,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= '<a title="'.__('Modules in normal status');
$outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url;
$outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&status='.AGENT_STATUS_NORMAL.'">';
$outputLine .= $group['_monitors_ok_'];
$outputLine .= $group['total_module_normal'];
$outputLine .= '</a>';
$outputLine .= '</span>';
$outputLine .= '</div>';
@ -478,9 +528,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= '<a title="'.__('Modules in warning status');
$outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url;
$outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&status='.AGENT_STATUS_WARNING.'">';
$outputLine .= $group['_monitors_warning_'];
$outputLine .= $group['total_module_warning'];
$outputLine .= '</a>';
$outputLine .= '</span>';
$outputLine .= '</div>';
@ -495,9 +545,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= __('Modules in critical status');
$outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url;
$outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&status='.AGENT_STATUS_CRITICAL.'">';
$outputLine .= $group['_monitors_critical_'];
$outputLine .= $group['total_module_critical'];
$outputLine .= '</a>';
$outputLine .= '</span>';
$outputLine .= '</div>';
@ -511,9 +561,9 @@ class SystemGroupStatusWidget extends Widget
$outputLine .= '<a title="'.__('Alerts fired');
$outputLine .= '" class="group_view_data"';
$outputLine .= ' style="'.$style.'"';
$outputLine .= '" href="'.$url;
$outputLine .= $show_link === true ? '" href="'.$url : '';
$outputLine .= '&filter=fired">';
$outputLine .= $group['_monitors_alerts_fired_'];
$outputLine .= $group['total_module_alerts'];
$outputLine .= '</a>';
$outputLine .= '</span>';
$outputLine .= '</div>';
@ -533,7 +583,7 @@ class SystemGroupStatusWidget extends Widget
} else {
$output .= '<div class="container-center">';
$output .= \ui_print_info_message(
__('Not modules in this groups'),
__('No modules in selected groups'),
'',
true
);

12
pandora_console/include/lib/Dashboard/Widgets/top_n_events_by_group.php
View File

@ -277,10 +277,21 @@ class TopNEventByGroupWidget extends Widget
],
];
$return_all_group = false;
// Groups.
$selected_groups = [];
if ($values['groupId']) {
$selected_groups = explode(',', $values['groupId'][0]);
if (users_can_manage_group_all('RM') || in_array(0, $selected_groups) === true) {
// Return all group if user has permissions or it is a currently selected group.
$return_all_group = true;
}
} else {
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
}
$inputs[] = [
@ -293,6 +304,7 @@ class TopNEventByGroupWidget extends Widget
'selected' => $selected_groups,
'return' => true,
'multiple' => true,
'returnAllGroup' => $return_all_group,
],
];

12
pandora_console/include/lib/Dashboard/Widgets/top_n_events_by_module.php
View File

@ -277,9 +277,20 @@ class TopNEventByModuleWidget extends Widget
],
];
$return_all_group = false;
$selected_groups = [];
if ($values['groupId']) {
$selected_groups = explode(',', $values['groupId'][0]);
if (users_can_manage_group_all('RM') || in_array(0, $selected_groups) === true) {
// Return all group if user has permissions or it is a currently selected group.
$return_all_group = true;
}
} else {
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
}
// Groups.
@ -293,6 +304,7 @@ class TopNEventByModuleWidget extends Widget
'selected' => $selected_groups,
'return' => true,
'multiple' => true,
'returnAllGroup' => $return_all_group,
],
];

7
pandora_console/include/lib/Dashboard/Widgets/tree_view.php
View File

@ -344,6 +344,12 @@ class TreeViewWidget extends Widget
],
];
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Groups.
$inputs[] = [
'label' => __('Groups'),
@ -354,6 +360,7 @@ class TreeViewWidget extends Widget
'privilege' => 'AR',
'selected' => $values['groupId'],
'return' => true,
'returnAllGroup' => $return_all_group,
],
];