From d7773ac23be6710bfb95176535587bc34cd842f5 Mon Sep 17 00:00:00 2001
From: ramonn <noreply@pandorafms.org>
Date: Wed, 21 Oct 2009 16:15:22 +0000
Subject: [PATCH] 2009-10-21  Ramon Novoa  <rnovoa@artica.es>

	* include/functions_custom_graphs.php,
          operation/snmpconsole/snmp_view.php,
          operation/events/events.php,
          godmode/servers/manage_export.php,
          godmode/servers/manage_recontask.php,
          godmode/servers/modificar_server.php: ACL related fixes.




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2045 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     |  9 ++++++++
 .../godmode/servers/manage_export.php         |  2 +-
 .../godmode/servers/manage_recontask.php      |  2 +-
 .../godmode/servers/modificar_server.php      |  2 +-
 .../include/functions_custom_graphs.php       |  8 -------
 pandora_console/operation/events/events.php   |  2 +-
 .../operation/snmpconsole/snmp_view.php       | 23 +++++++++----------
 7 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index fd795826c0..21322877b5 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,12 @@
+2009-10-21  Ramon Novoa  <rnovoa@artica.es>
+
+	* include/functions_custom_graphs.php,
+	  operation/snmpconsole/snmp_view.php,
+	  operation/events/events.php,
+	  godmode/servers/manage_export.php,
+	  godmode/servers/manage_recontask.php,
+	  godmode/servers/modificar_server.php: ACL related fixes.
+
 2009-10-20  Sancho Lerena <slerena@artica.es>
 
 	RC1 Release 
diff --git a/pandora_console/godmode/servers/manage_export.php b/pandora_console/godmode/servers/manage_export.php
index f3361c7a31..176e8fab32 100644
--- a/pandora_console/godmode/servers/manage_export.php
+++ b/pandora_console/godmode/servers/manage_export.php
@@ -20,7 +20,7 @@ require ("include/config.php");
 
 check_login ();
 
-if (! give_acl ($config['id_user'], 0, "LM")) {
+if (! give_acl ($config['id_user'], 0, "PM")) {
 	audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
 		"Trying to access Export Server Management");
 	require ("general/noaccess.php");
diff --git a/pandora_console/godmode/servers/manage_recontask.php b/pandora_console/godmode/servers/manage_recontask.php
index b3fea20458..b4ab5458d7 100644
--- a/pandora_console/godmode/servers/manage_recontask.php
+++ b/pandora_console/godmode/servers/manage_recontask.php
@@ -19,7 +19,7 @@ require ("include/config.php");
 
 check_login ();
 
-if (! give_acl ($config['id_user'], 0, "LM")) {
+if (! give_acl ($config['id_user'], 0, "PM")) {
 	audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
 		"Trying to access Recon Task Management");
 	require ("general/noaccess.php");
diff --git a/pandora_console/godmode/servers/modificar_server.php b/pandora_console/godmode/servers/modificar_server.php
index 562052c74c..d109aca36c 100644
--- a/pandora_console/godmode/servers/modificar_server.php
+++ b/pandora_console/godmode/servers/modificar_server.php
@@ -18,7 +18,7 @@ require("include/config.php");
 
 check_login();
 
-if (! give_acl ($config["id_user"], 0, "AR") && ! give_acl($config['id_user'], 0, "AW")) {
+if (! give_acl ($config["id_user"], 0, "PM")) {
 	audit_db ($config["id_user"], $REMOTE_ADDR, "ACL Violation",
 		"Trying to access Server Management");
 	require ("general/noaccess.php");
diff --git a/pandora_console/include/functions_custom_graphs.php b/pandora_console/include/functions_custom_graphs.php
index 33b9bafd40..298550819a 100644
--- a/pandora_console/include/functions_custom_graphs.php
+++ b/pandora_console/include/functions_custom_graphs.php
@@ -84,14 +84,6 @@ function print_custom_graph ($id_graph, $height, $width, $period, $stacked, $ret
 	$modules = array ();
 	$weights = array ();
 	foreach ($sources as $source) {
-		$sql = sprintf ("SELECT id_grupo
-			FROM tagente, tagente_modulo
-			WHERE tagente_modulo.id_agente_modulo = %d
-			AND tagente.id_agente = tagente_modulo.id_agente",
-			$source['id_agent_module']);
-		$id_group = get_db_sql ($sql);
-		if (! give_acl ($config["id_user"], $id_group, 'AR'))
-			continue;
 		array_push ($modules, $source['id_agent_module']);
 		array_push ($weights, $source['weight']);
 	}	
diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php
index 47869df7bc..332fcd3055 100644
--- a/pandora_console/operation/events/events.php
+++ b/pandora_console/operation/events/events.php
@@ -102,7 +102,7 @@ $status = (int) get_parameter ("status", 0); // -1 all, 0 only red, 1 only green
 $id_agent = (int) get_parameter ("id_agent", -1); //-1 all, 0 system
 $id_event = (int) get_parameter ("id_event", -1);
 $pagination = (int) get_parameter ("pagination", $config["block_size"]);
-$groups = get_user_groups ($config["id_user"], "AR");
+$groups = get_user_groups ($config["id_user"], "IR");
 $event_view_hr = (int) get_parameter ("event_view_hr", $config["event_view_hr"]);
 $id_user_ack = get_parameter ("id_user_ack", 0);
 $group_rep = (int) get_parameter ("group_rep", 1);
diff --git a/pandora_console/operation/snmpconsole/snmp_view.php b/pandora_console/operation/snmpconsole/snmp_view.php
index 837c903fef..a80b10c879 100644
--- a/pandora_console/operation/snmpconsole/snmp_view.php
+++ b/pandora_console/operation/snmpconsole/snmp_view.php
@@ -276,18 +276,15 @@ foreach ($traps as $trap) {
 
 	// Agent matching source address
 	$agent = get_agent_with_ip ($trap['source']);
-	if ($agent !== false && ! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) {
-		//Agent found, no rights
-		continue;
-	} elseif ($agent === false) {
-		//Agent not found
-		$data[1] = $trap["source"];
-		if (give_acl ($config["id_user"], 0, "AW")) {
-			//We have rights to create agents
-			$data[1] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&new_agent=1&direccion='.$data[1].'" title="'.__('Create agent').'">'.$data[1].'</a>';	
+	if ($agent === false) {
+		if (! give_acl ($config["id_user"], 0, "AW")) {
+			continue;
 		}
+		$data[1] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&new_agent=1&direccion='.$trap["source"].'" title="'.__('Create agent').'">'.$trap["source"].'</a>';	
 	} else {
-		//Agent found
+		if (! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) {
+			continue;
+		}
 		$data[1] = '<a href="index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$agent["id_agente"].'" title="'.__('View agent details').'">';
 		$data[1] .= '<strong>'.$agent["nombre"].'</strong></a>';
 	}
@@ -348,7 +345,7 @@ foreach ($traps as $trap) {
 	if (empty ($trap["status"]) && give_acl ($config["id_user"], 0, "IW")) {
 		$data[8] .= '<a href="index.php?sec=snmpconsole&sec2=operation/snmpconsole/snmp_view&check='.$trap["id_trap"].'"><img src="images/ok.png" border="0" title="'.__('Validate').'" /></a>';
 	}
-	if (give_acl ($config["id_user"], 0, "IW")) {
+	if (give_acl ($config["id_user"], 0, "IM")) {
 		$data[8] .= '<a href="index.php?sec=snmpconsole&sec2=operation/snmpconsole/snmp_view&delete='.$trap["id_trap"].'&offset='.$offset.'" onClick="javascript:confirm(\''.__('Are you sure?').'\')"><img src="images/cross.png" border="0" title="'.__('Delete').'"/></a>';
 	}
 	
@@ -368,7 +365,9 @@ if ($idx == 0) {
 unset ($table);
 
 echo '<div style="width:735px; text-align:right;">';
-print_submit_button (__('Validate'), "updatebt", false, 'class="sub ok"');
+if (give_acl ($config["id_user"], 0, "IW")) {
+	print_submit_button (__('Validate'), "updatebt", false, 'class="sub ok"');
+}
 
 if (give_acl ($config['id_user'], 0, "IM")) {
 	echo "&nbsp;";