Fixed some general and ACL errors and improved some pieces of code
Downtime editor.
Some of the ACL checks added are:
-Permission check on downtime before adding an agent
-Permission check on agent before adding an agent
-Permission check on downtime before deleting an agent
-Permission check on agent before deleting an agent
-Permission check on downtime before creating or updating the downtime
-Removed the ACL check for every result item (it is done before, into the query)
-Permission check on the query for the agents added to the downtime
Downtime editor ajax.
Some of the ACL checks added are:
-Permission check on downtime before retrieving the modules
-Permission check on agent before retrieving the modules
-Permission check on downtime before deleting the modules
-Permission check on agent before deleting the modules
-Permission check on downtime before adding the modules
-Permission check on agent before adding the modules
(cherry picked from commit 4d43033d46
)
Conflicts resolved:
pandora_console/include/ajax/planned_downtime.ajax.php
This commit is contained in:
parent
c7aabdb6f1
commit
daedfa6a21
|
@ -25,7 +25,8 @@ if (! check_acl ($config['id_user'], 0, "AW")) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$config["past_planned_downtimes"] = isset($config["past_planned_downtimes"]) ? $config["past_planned_downtimes"] : 1;
|
// Default
|
||||||
|
set_unless_defined ($config["past_planned_downtimes"], 1);
|
||||||
|
|
||||||
require_once ('include/functions_users.php');
|
require_once ('include/functions_users.php');
|
||||||
|
|
||||||
|
@ -81,43 +82,59 @@ $id_agent = (int) get_parameter ('id_agent');
|
||||||
$insert_downtime_agent = (int) get_parameter ('insert_downtime_agent');
|
$insert_downtime_agent = (int) get_parameter ('insert_downtime_agent');
|
||||||
$delete_downtime_agent = (int) get_parameter ('delete_downtime_agent');
|
$delete_downtime_agent = (int) get_parameter ('delete_downtime_agent');
|
||||||
|
|
||||||
|
// User groups with AW permission for ACL checks
|
||||||
|
$user_groups_aw = array_keys(users_get_groups($config['id_user'], 'AW'));
|
||||||
|
|
||||||
// INSERT A NEW DOWNTIME_AGENT ASSOCIATION
|
// INSERT A NEW DOWNTIME_AGENT ASSOCIATION
|
||||||
if ($insert_downtime_agent === 1) {
|
if ($insert_downtime_agent === 1) {
|
||||||
|
|
||||||
|
// Check AW permission on downtime
|
||||||
|
$downtime_group = db_get_value('id_group', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
|
|
||||||
|
if ($downtime_group === false || !in_array($downtime_group, $user_groups_aw)) {
|
||||||
|
db_pandora_audit("ACL Violation",
|
||||||
|
"Trying to access downtime scheduler");
|
||||||
|
require ("general/noaccess.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$agents = (array) get_parameter ('id_agents');
|
$agents = (array) get_parameter ('id_agents');
|
||||||
$module_names = (array) get_parameter ('module');
|
$module_names = (array) get_parameter ('module');
|
||||||
|
|
||||||
$all_modules = false;
|
$all_modules = (empty($module_names) || in_array(0, $module_names));
|
||||||
if (empty($module_names)) {
|
|
||||||
$all_modules = true;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
//It is empty.
|
|
||||||
if ($module_names[0] == "0")
|
|
||||||
$all_modules = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
$executed = db_get_value ('executed', 'tplanned_downtime', 'id', $id_downtime);
|
// 'Is running' check
|
||||||
if ($executed == 1) {
|
$is_running = (bool) db_get_value ('executed', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
|
if ($is_running) {
|
||||||
ui_print_error_message(__("This elements cannot be modified while the downtime is being executed"));
|
ui_print_error_message(__("This elements cannot be modified while the downtime is being executed"));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$num_agents = count($agents);
|
foreach ($agents as $agent_id) {
|
||||||
for ($a = 0; $a < $num_agents; $a++) {
|
|
||||||
$id_agente_dt = $agents[$a];
|
// Check AW permission on agent
|
||||||
|
$agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $agent_id);
|
||||||
|
|
||||||
|
if ($agent_group === false || !in_array($agent_group, $user_groups_aw)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
$values = array(
|
$values = array(
|
||||||
'id_downtime' => $id_downtime,
|
'id_downtime' => $id_downtime,
|
||||||
'id_agent' => $id_agente_dt,
|
'id_agent' => $agent_id,
|
||||||
'all_modules' => $all_modules
|
'all_modules' => $all_modules
|
||||||
);
|
);
|
||||||
|
|
||||||
$result = db_process_sql_insert('tplanned_downtime_agents', $values);
|
$result = db_process_sql_insert('tplanned_downtime_agents', $values);
|
||||||
|
|
||||||
if ($result && !$all_modules) {
|
if ($result && !$all_modules) {
|
||||||
foreach ($module_names as $module_name) {
|
foreach ($module_names as $module_name) {
|
||||||
$module = modules_get_agentmodule_id($module_name, $id_agente_dt);
|
$module = modules_get_agentmodule_id($module_name, $agent_id);
|
||||||
|
|
||||||
|
if (empty($module))
|
||||||
|
continue;
|
||||||
|
|
||||||
$values = array(
|
$values = array(
|
||||||
'id_downtime' => $id_downtime,
|
'id_downtime' => $id_downtime,
|
||||||
'id_agent' => $id_agente_dt,
|
'id_agent' => $agent_id,
|
||||||
'id_agent_module' => $module["id_agente_modulo"]
|
'id_agent_module' => $module["id_agente_modulo"]
|
||||||
);
|
);
|
||||||
$result = db_process_sql_insert('tplanned_downtime_modules', $values);
|
$result = db_process_sql_insert('tplanned_downtime_modules', $values);
|
||||||
|
@ -138,8 +155,29 @@ if ($delete_downtime_agent === 1) {
|
||||||
|
|
||||||
$id_da = (int) get_parameter ('id_downtime_agent');
|
$id_da = (int) get_parameter ('id_downtime_agent');
|
||||||
|
|
||||||
$executed = db_get_value ('executed', 'tplanned_downtime', 'id', $id_downtime);
|
// Check AW permission on downtime
|
||||||
if ($executed == 1) {
|
$downtime_group = db_get_value('id_group', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
|
|
||||||
|
if ($downtime_group === false || !in_array($downtime_group, $user_groups_aw)) {
|
||||||
|
db_pandora_audit("ACL Violation",
|
||||||
|
"Trying to access downtime scheduler");
|
||||||
|
require ("general/noaccess.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check AW permission on agent
|
||||||
|
$agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $id_agent);
|
||||||
|
|
||||||
|
if ($agent_group === false || !in_array($agent_group, $user_groups_aw)) {
|
||||||
|
db_pandora_audit("ACL Violation",
|
||||||
|
"Trying to access downtime scheduler");
|
||||||
|
require ("general/noaccess.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 'Is running' check
|
||||||
|
$is_running = (bool) db_get_value ('executed', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
|
if ($is_running) {
|
||||||
ui_print_error_message(__("This elements cannot be modified while the downtime is being executed"));
|
ui_print_error_message(__("This elements cannot be modified while the downtime is being executed"));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -158,11 +196,11 @@ if ($delete_downtime_agent === 1) {
|
||||||
|
|
||||||
// UPDATE OR CREATE A DOWNTIME (MAIN DATA, NOT AGENT ASSOCIATION)
|
// UPDATE OR CREATE A DOWNTIME (MAIN DATA, NOT AGENT ASSOCIATION)
|
||||||
if ($create_downtime || $update_downtime) {
|
if ($create_downtime || $update_downtime) {
|
||||||
$check = db_get_value ('name', 'tplanned_downtime', 'name', $name);
|
$check = (bool) db_get_value ('name', 'tplanned_downtime', 'name', $name);
|
||||||
|
|
||||||
$datetime_from = strtotime ($once_date_from . ' ' . $once_time_from);
|
$datetime_from = strtotime ($once_date_from . ' ' . $once_time_from);
|
||||||
$datetime_to = strtotime ($once_date_to . ' ' . $once_time_to);
|
$datetime_to = strtotime ($once_date_to . ' ' . $once_time_to);
|
||||||
$now = strtotime(date(DATE_FORMAT). ' ' . date(TIME_FORMAT));
|
$now = time();
|
||||||
|
|
||||||
if ($type_execution == 'once' && !$config["past_planned_downtimes"] && $datetime_from < $now) {
|
if ($type_execution == 'once' && !$config["past_planned_downtimes"] && $datetime_from < $now) {
|
||||||
ui_print_error_message(__('Not created. Error inserting data. Start time must be higher than the current time' ));
|
ui_print_error_message(__('Not created. Error inserting data. Start time must be higher than the current time' ));
|
||||||
|
@ -184,6 +222,15 @@ if ($create_downtime || $update_downtime) {
|
||||||
else {
|
else {
|
||||||
$sql = '';
|
$sql = '';
|
||||||
if ($create_downtime) {
|
if ($create_downtime) {
|
||||||
|
|
||||||
|
// Check AW permission on new downtime
|
||||||
|
if (!in_array($id_group, $user_groups_aw)) {
|
||||||
|
db_pandora_audit("ACL Violation",
|
||||||
|
"Trying to access downtime scheduler");
|
||||||
|
require ("general/noaccess.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (trim(io_safe_output($name)) != '') {
|
if (trim(io_safe_output($name)) != '') {
|
||||||
if (!$check) {
|
if (!$check) {
|
||||||
$values = array(
|
$values = array(
|
||||||
|
@ -228,44 +275,65 @@ if ($create_downtime || $update_downtime) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if ($update_downtime) {
|
else if ($update_downtime) {
|
||||||
$has_been_executed = db_get_value ('executed', 'tplanned_downtime', 'name', $name);
|
$old_downtime = db_get_row('tplanned_downtime', 'id', $id_downtime);
|
||||||
|
|
||||||
|
// Check AW permission on OLD downtime
|
||||||
|
if (empty($old_downtime) || !in_array($old_downtime['id_group'], $user_groups_aw)) {
|
||||||
|
db_pandora_audit("ACL Violation",
|
||||||
|
"Trying to access downtime scheduler");
|
||||||
|
require ("general/noaccess.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check AW permission on NEW downtime group
|
||||||
|
if (!in_array($id_group, $user_groups_aw)) {
|
||||||
|
db_pandora_audit("ACL Violation",
|
||||||
|
"Trying to access downtime scheduler");
|
||||||
|
require ("general/noaccess.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 'Is running' check
|
||||||
|
$is_running = (bool) $old_downtime['executed'];
|
||||||
|
|
||||||
$values = array();
|
$values = array();
|
||||||
if (trim(io_safe_output($name)) == '') {
|
if (trim(io_safe_output($name)) == '') {
|
||||||
ui_print_error_message(__('Planned downtime must have a name'));
|
ui_print_error_message(__('Planned downtime must have a name'));
|
||||||
}
|
}
|
||||||
else if ($has_been_executed == 1 && $type_execution == 'once') {
|
// When running only certain items can be modified for the 'once' type
|
||||||
|
else if ($is_running && $type_execution == 'once') {
|
||||||
$values = array(
|
$values = array(
|
||||||
'description' => $description,
|
'description' => $description,
|
||||||
'date_to' => $datetime_to,
|
'date_to' => $datetime_to,
|
||||||
'id_user' => $config['id_user']
|
'id_user' => $config['id_user']
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
else if ($has_been_executed == 1) {
|
else if ($is_running) {
|
||||||
ui_print_error_message(__('No updates. Planned Downtime has been executed'));
|
ui_print_error_message(__('Cannot be modified while the downtime is being executed'));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$values = array(
|
$values = array(
|
||||||
'name' => $name,
|
'name' => $name,
|
||||||
'description' => $description,
|
'description' => $description,
|
||||||
'date_from' => $datetime_from,
|
'date_from' => $datetime_from,
|
||||||
'date_to' => $datetime_to,
|
'date_to' => $datetime_to,
|
||||||
'id_group' => $id_group,
|
'id_group' => $id_group,
|
||||||
'only_alerts' => 0,
|
'only_alerts' => 0,
|
||||||
'monday' => $monday,
|
'monday' => $monday,
|
||||||
'tuesday' => $tuesday,
|
'tuesday' => $tuesday,
|
||||||
'wednesday' => $wednesday,
|
'wednesday' => $wednesday,
|
||||||
'thursday' => $thursday,
|
'thursday' => $thursday,
|
||||||
'friday' => $friday,
|
'friday' => $friday,
|
||||||
'saturday' => $saturday,
|
'saturday' => $saturday,
|
||||||
'sunday' => $sunday,
|
'sunday' => $sunday,
|
||||||
'periodically_time_from' => $periodically_time_from,
|
'periodically_time_from' => $periodically_time_from,
|
||||||
'periodically_time_to' => $periodically_time_to,
|
'periodically_time_to' => $periodically_time_to,
|
||||||
'periodically_day_from' => $periodically_day_from,
|
'periodically_day_from' => $periodically_day_from,
|
||||||
'periodically_day_to' => $periodically_day_to,
|
'periodically_day_to' => $periodically_day_to,
|
||||||
'type_downtime' => $type_downtime,
|
'type_downtime' => $type_downtime,
|
||||||
'type_execution' => $type_execution,
|
'type_execution' => $type_execution,
|
||||||
'type_periodicity' => $type_periodicity,
|
'type_periodicity' => $type_periodicity,
|
||||||
'id_user' => $config['id_user']
|
'id_user' => $config['id_user']
|
||||||
);
|
);
|
||||||
if ($config["dbtype"] == 'oracle') {
|
if ($config["dbtype"] == 'oracle') {
|
||||||
$values['periodically_time_from'] = '1970/01/01 ' . $values['periodically_time_from'];
|
$values['periodically_time_from'] = '1970/01/01 ' . $values['periodically_time_from'];
|
||||||
|
@ -354,11 +422,16 @@ if ($id_downtime > 0) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
$groupsAW = users_get_groups($config['id_user'], 'AW', true, false, null, 'id_grupo');
|
|
||||||
$groupsAW = array_keys($groupsAW);
|
|
||||||
|
|
||||||
$result = db_get_row_sql ($sql);
|
$result = db_get_row_sql ($sql);
|
||||||
|
|
||||||
|
// Permission check for the downtime with the AW user groups
|
||||||
|
if (empty($result) || !in_array($result['id_group'], $user_groups_aw) ){
|
||||||
|
db_pandora_audit("ACL Violation",
|
||||||
|
"Trying to access downtime scheduler");
|
||||||
|
require ("general/noaccess.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$name = (string) $result["name"];
|
$name = (string) $result["name"];
|
||||||
$id_group = (int) $result['id_group'];
|
$id_group = (int) $result['id_group'];
|
||||||
|
|
||||||
|
@ -386,18 +459,11 @@ if ($id_downtime > 0) {
|
||||||
$saturday = (bool) $result['saturday'];
|
$saturday = (bool) $result['saturday'];
|
||||||
$sunday = (bool) $result['sunday'];
|
$sunday = (bool) $result['sunday'];
|
||||||
|
|
||||||
$executed = (bool) $result['executed'];
|
$running = (bool) $result['executed'];
|
||||||
|
|
||||||
if ( !in_array($id_group, $groupsAW) ){
|
|
||||||
db_pandora_audit("ACL Violation",
|
|
||||||
"Trying to access downtime scheduler");
|
|
||||||
require ("general/noaccess.php");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// when the planned down time is in execution, only action to postpone on once type is enabled and the other are disabled.
|
// when the planned downtime is in execution, only action to postpone on once type is enabled and the other are disabled.
|
||||||
$disabled_in_execution = $executed ? 1 : 0;
|
$disabled_in_execution = (int) $running;
|
||||||
|
|
||||||
$table = new StdClass();
|
$table = new StdClass();
|
||||||
$table->class = 'databox filters';
|
$table->class = 'databox filters';
|
||||||
|
@ -564,42 +630,42 @@ if ($id_downtime > 0) {
|
||||||
// Show available agents to include into downtime
|
// Show available agents to include into downtime
|
||||||
echo '<h4>' . __('Available agents') . ':</h4>';
|
echo '<h4>' . __('Available agents') . ':</h4>';
|
||||||
|
|
||||||
$filter_group = get_parameter("filter_group", 0);
|
$filter_group = (int) get_parameter("filter_group", 0);
|
||||||
|
|
||||||
$groupsAW = users_get_groups($config['id_user'], 'AW', true, false, null, 'id_grupo');
|
// User AW groups to str for the filter
|
||||||
$groupsAW = array_keys($groupsAW);
|
$id_groups_str = implode(",", $user_groups_aw);
|
||||||
$id_groups_list = implode(",", $groupsAW);
|
|
||||||
|
|
||||||
if (empty($id_groups_list)){
|
if (empty($id_groups_str)) {
|
||||||
$id_groups_list = -1;
|
// Restrictive filter on error. This will filter all the downtimes
|
||||||
|
$id_groups_str = '-1';
|
||||||
}
|
}
|
||||||
|
|
||||||
$filter_cond = '';
|
$filter_cond = '';
|
||||||
if ($filter_group > 0)
|
if ($filter_group > 0)
|
||||||
$filter_cond = " AND id_grupo = $filter_group ";
|
$filter_cond = " AND id_grupo = $filter_group ";
|
||||||
$sql = sprintf ("SELECT tagente.id_agente, tagente.nombre,
|
$sql = sprintf("SELECT tagente.id_agente, tagente.nombre
|
||||||
tagente.id_grupo
|
|
||||||
FROM tagente
|
FROM tagente
|
||||||
WHERE tagente.id_agente NOT IN (
|
WHERE tagente.id_agente NOT IN (
|
||||||
SELECT tagente.id_agente
|
SELECT tagente.id_agente
|
||||||
FROM tagente, tplanned_downtime_agents
|
FROM tagente, tplanned_downtime_agents
|
||||||
WHERE tplanned_downtime_agents.id_agent = tagente.id_agente
|
WHERE tplanned_downtime_agents.id_agent = tagente.id_agente
|
||||||
AND tplanned_downtime_agents.id_downtime = %d
|
AND tplanned_downtime_agents.id_downtime = %d
|
||||||
) AND disabled = 0 $filter_cond
|
) AND disabled = 0 %s
|
||||||
AND tagente.id_grupo IN (%s)
|
AND tagente.id_grupo IN (%s)
|
||||||
ORDER by tagente.nombre", $id_downtime, $id_groups_list);
|
ORDER BY tagente.nombre", $id_downtime, $filter_cond, $id_groups_str);
|
||||||
$downtimes = db_get_all_rows_sql ($sql);
|
$agents = db_get_all_rows_sql ($sql);
|
||||||
$data = array ();
|
if (empty($agents))
|
||||||
if ($downtimes) {
|
$agents = array();
|
||||||
foreach ($downtimes as $downtime) {
|
|
||||||
if (check_acl ($config["id_user"], $downtime['id_grupo'], "AW")) {
|
$agent_ids = extract_column($agents, 'id_agente');
|
||||||
$data[$downtime['id_agente']] = $downtime['nombre'];
|
$agent_names = extract_column($agents, 'nombre');
|
||||||
}
|
// item[<id>] = <name>;
|
||||||
}
|
$agents = array_combine($agent_ids, $agent_names);
|
||||||
}
|
if ($agents === false)
|
||||||
|
$agents = array();
|
||||||
|
|
||||||
$disabled_add_button = false;
|
$disabled_add_button = false;
|
||||||
if (empty($data) || $disabled_in_execution) {
|
if (empty($agents) || $disabled_in_execution) {
|
||||||
$disabled_add_button = true;
|
$disabled_add_button = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -613,7 +679,7 @@ if ($id_downtime > 0) {
|
||||||
|
|
||||||
echo "<form method=post action='index.php?sec=estado&sec2=godmode/agentes/planned_downtime.editor&insert_downtime_agent=1&id_downtime=$id_downtime'>";
|
echo "<form method=post action='index.php?sec=estado&sec2=godmode/agentes/planned_downtime.editor&insert_downtime_agent=1&id_downtime=$id_downtime'>";
|
||||||
|
|
||||||
echo html_print_select ($data, "id_agents[]", '', '', '', 0, false, true, true, '', false, 'width: 180px;');
|
echo html_print_select ($agents, "id_agents[]", '', '', '', 0, false, true, true, '', false, 'width: 180px;');
|
||||||
echo '<h4>' . __('Available modules:') .
|
echo '<h4>' . __('Available modules:') .
|
||||||
ui_print_help_tip (__('Only for type Quiet for downtimes.'), true) . '</h4>';
|
ui_print_help_tip (__('Only for type Quiet for downtimes.'), true) . '</h4>';
|
||||||
|
|
||||||
|
@ -631,17 +697,20 @@ if ($id_downtime > 0) {
|
||||||
//Start Overview of existing planned downtime
|
//Start Overview of existing planned downtime
|
||||||
echo '<h4>'.__('Agents planned for this downtime').':</h4>';
|
echo '<h4>'.__('Agents planned for this downtime').':</h4>';
|
||||||
|
|
||||||
$sql = sprintf ("SELECT tagente.nombre, tplanned_downtime_agents.id,
|
// User the $id_groups_str built before
|
||||||
tagente.id_os, tagente.id_agente, tagente.id_grupo,
|
$sql = sprintf("SELECT ta.nombre, tpda.id,
|
||||||
tagente.ultimo_contacto, tplanned_downtime_agents.all_modules
|
ta.id_os, ta.id_agente, ta.id_grupo,
|
||||||
FROM tagente, tplanned_downtime_agents
|
ta.ultimo_contacto, tpda.all_modules
|
||||||
WHERE tplanned_downtime_agents.id_agent = tagente.id_agente
|
FROM tagente ta
|
||||||
AND tplanned_downtime_agents.id_downtime = %d ", $id_downtime);
|
INNER JOIN tplanned_downtime_agents tpda
|
||||||
|
ON ta.id_agente = tpda.id_agent
|
||||||
|
AND tpda.id_downtime = %d
|
||||||
|
WHERE ta.id_grupo IN (%s)",
|
||||||
|
$id_downtime, $id_groups_str);
|
||||||
|
$downtimes_agents = db_get_all_rows_sql ($sql);
|
||||||
|
|
||||||
$downtimes = db_get_all_rows_sql ($sql);
|
if (empty($downtimes_agents)) {
|
||||||
if ($downtimes === false) {
|
echo '<div class="nf">' . __('There are no agents') . '</div>';
|
||||||
echo '<div class="nf">' .
|
|
||||||
__('There are no scheduled downtimes') . '</div>';
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$table = new stdClass();
|
$table = new stdClass();
|
||||||
|
@ -656,24 +725,24 @@ if ($id_downtime > 0) {
|
||||||
$table->head[3] = __('Last contact');
|
$table->head[3] = __('Last contact');
|
||||||
$table->head['count_modules'] = __('Modules');
|
$table->head['count_modules'] = __('Modules');
|
||||||
|
|
||||||
if (!$executed) {
|
if (!$running) {
|
||||||
$table->head[5] = __('Actions');
|
$table->head[5] = __('Actions');
|
||||||
$table->align[5] = "center";
|
$table->align[5] = "center";
|
||||||
$table->size[5] = "5%";
|
$table->size[5] = "5%";
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($downtimes as $downtime) {
|
foreach ($downtimes_agents as $downtime_agent) {
|
||||||
$data = array ();
|
$data = array ();
|
||||||
|
|
||||||
$data[0] = $downtime['nombre'];
|
$data[0] = $downtime_agent['nombre'];
|
||||||
|
|
||||||
$data[1] = db_get_sql ("SELECT nombre
|
$data[1] = db_get_sql ("SELECT nombre
|
||||||
FROM tgrupo
|
FROM tgrupo
|
||||||
WHERE id_grupo = " . $downtime["id_grupo"]);
|
WHERE id_grupo = " . $downtime_agent["id_grupo"]);
|
||||||
|
|
||||||
$data[2] = ui_print_os_icon($downtime["id_os"], true, true);
|
$data[2] = ui_print_os_icon($downtime_agent["id_os"], true, true);
|
||||||
|
|
||||||
$data[3] = $downtime["ultimo_contacto"];
|
$data[3] = $downtime_agent["ultimo_contacto"];
|
||||||
|
|
||||||
if ($type_downtime == 'disable_agents_alerts') {
|
if ($type_downtime == 'disable_agents_alerts') {
|
||||||
$data['count_modules'] = __("All alerts");
|
$data['count_modules'] = __("All alerts");
|
||||||
|
@ -682,7 +751,7 @@ if ($id_downtime > 0) {
|
||||||
$data['count_modules'] = __("Entire agent");
|
$data['count_modules'] = __("Entire agent");
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if ($downtime["all_modules"]) {
|
if ($downtime_agent["all_modules"]) {
|
||||||
$data['count_modules'] = __("All modules");
|
$data['count_modules'] = __("All modules");
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -690,19 +759,19 @@ if ($id_downtime > 0) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$executed) {
|
if (!$running) {
|
||||||
$data[5] = '';
|
$data[5] = '';
|
||||||
if ($type_downtime != 'disable_agents_alerts' && $type_downtime != 'disable_agents') {
|
if ($type_downtime != 'disable_agents_alerts' && $type_downtime != 'disable_agents') {
|
||||||
$data[5] = '<a href="javascript:show_editor_module(' . $downtime["id_agente"] . ');">' .
|
$data[5] = '<a href="javascript:show_editor_module(' . $downtime_agent["id_agente"] . ');">' .
|
||||||
html_print_image("images/config.png", true, array("border" => '0', "alt" => __('Delete'))) . "</a>";
|
html_print_image("images/config.png", true, array("border" => '0', "alt" => __('Delete'))) . "</a>";
|
||||||
}
|
}
|
||||||
|
|
||||||
$data[5] .= '<a href="index.php?sec=estado&sec2=godmode/agentes/planned_downtime.editor&id_agent=' . $downtime["id_agente"] .
|
$data[5] .= '<a href="index.php?sec=estado&sec2=godmode/agentes/planned_downtime.editor&id_agent=' . $downtime_agent["id_agente"] .
|
||||||
'&delete_downtime_agent=1&id_downtime_agent=' . $downtime["id"] . '&id_downtime=' . $id_downtime . '">' .
|
'&delete_downtime_agent=1&id_downtime_agent=' . $downtime_agent["id"] . '&id_downtime=' . $id_downtime . '">' .
|
||||||
html_print_image("images/cross.png", true, array("border" => '0', "alt" => __('Delete'))) . "</a>";
|
html_print_image("images/cross.png", true, array("border" => '0', "alt" => __('Delete'))) . "</a>";
|
||||||
}
|
}
|
||||||
|
|
||||||
$table->data['agent_' . $downtime["id_agente"]] = $data;
|
$table->data['agent_' . $downtime_agent["id_agente"]] = $data;
|
||||||
}
|
}
|
||||||
html_print_table ($table);
|
html_print_table ($table);
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,10 +17,16 @@
|
||||||
include_once($config['homedir'] . "/include/functions_io.php");
|
include_once($config['homedir'] . "/include/functions_io.php");
|
||||||
include_once($config['homedir'] . "/include/functions_db.php");
|
include_once($config['homedir'] . "/include/functions_db.php");
|
||||||
include_once($config['homedir'] . "/include/functions_modules.php");
|
include_once($config['homedir'] . "/include/functions_modules.php");
|
||||||
|
include_once($config['homedir'] . "/include/functions_groups.php");
|
||||||
|
|
||||||
$get_modules_downtime = (bool)get_parameter('get_modules_downtime', 0);
|
ob_clean();
|
||||||
$delete_module_from_downtime = (bool)get_parameter('delete_module_from_downtime', 0);
|
|
||||||
$add_module_into_downtime = (bool)get_parameter('add_module_into_downtime', 0);
|
$get_modules_downtime = (bool)get_parameter('get_modules_downtime', 0);
|
||||||
|
$delete_module_from_downtime = (bool)get_parameter('delete_module_from_downtime', 0);
|
||||||
|
$add_module_into_downtime = (bool)get_parameter('add_module_into_downtime', 0);
|
||||||
|
|
||||||
|
// User groups with AW permission for ACL checks
|
||||||
|
$user_groups_aw = array_keys(users_get_groups($config['id_user'], 'AW'));
|
||||||
|
|
||||||
if ($get_modules_downtime) {
|
if ($get_modules_downtime) {
|
||||||
$return = array();
|
$return = array();
|
||||||
|
@ -28,38 +34,58 @@ if ($get_modules_downtime) {
|
||||||
$return['in_agent'] = array();
|
$return['in_agent'] = array();
|
||||||
$return['in_downtime'] = array();
|
$return['in_downtime'] = array();
|
||||||
|
|
||||||
$id_agent = (int)get_parameter('id_agent', 0);
|
$id_agent = (int) get_parameter('id_agent', 0);
|
||||||
$id_downtime = (int)get_parameter('id_downtime', 0);
|
$id_downtime = (int) get_parameter('id_downtime', 0);
|
||||||
$none_value = (bool)get_parameter('none_value', false);
|
$none_value = (bool) get_parameter('none_value', false);
|
||||||
|
|
||||||
$rows = db_get_all_rows_filter('tplanned_downtime_modules',
|
// Check AW permission on downtime
|
||||||
array('id_agent' => $id_agent, 'id_downtime' => $id_downtime));
|
$downtime_group = db_get_value('id_group', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
if (empty($rows))
|
|
||||||
$rows = array();
|
if ($downtime_group === false || !in_array($downtime_group, $user_groups_aw)) {
|
||||||
$id_modules_downtime = array();
|
$return['correct'] = 0;
|
||||||
foreach ($rows as $row) {
|
echo json_encode($return);
|
||||||
$id_modules_downtime[$row['id_agent_module']] = true;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$modules = db_get_all_rows_filter('tagente_modulo', array('id_agente' => $id_agent));
|
// Check AW permission on agent
|
||||||
|
$agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $id_agent);
|
||||||
|
|
||||||
|
if ($agent_group === false || !in_array($agent_group, $user_groups_aw)) {
|
||||||
|
$return['correct'] = 0;
|
||||||
|
echo json_encode($return);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$filter = array(
|
||||||
|
'id_agent' => $id_agent,
|
||||||
|
'id_downtime' => $id_downtime
|
||||||
|
);
|
||||||
|
$downtime_modules = db_get_all_rows_filter('tplanned_downtime_modules', $filter);
|
||||||
|
if (empty($downtime_modules))
|
||||||
|
$downtime_modules = array();
|
||||||
|
|
||||||
|
$downtime_module_ids = extract_column($downtime_modules, 'id_agent_module');
|
||||||
|
$downtime_modules = array_fill_keys($downtime_module_ids, true);
|
||||||
|
|
||||||
|
$filter = array(
|
||||||
|
'id_agente' => $id_agent
|
||||||
|
);
|
||||||
|
$modules = db_get_all_rows_filter('tagente_modulo', $filter);
|
||||||
if (empty($modules))
|
if (empty($modules))
|
||||||
$modules = array();
|
$modules = array();
|
||||||
|
|
||||||
foreach ($modules as $module) {
|
$module_ids = extract_column($modules, 'id_agente_modulo');
|
||||||
if (empty($id_modules_downtime[$module['id_agente_modulo']])) {
|
$module_names = extract_column($modules, 'nombre');
|
||||||
$return['in_agent'][$module['id_agente_modulo']] = io_safe_output($module['nombre']);
|
$modules = array_combine($module_ids, $module_names);
|
||||||
}
|
|
||||||
else {
|
|
||||||
$return['in_downtime'][$module['id_agente_modulo']] = io_safe_output($module['nombre']);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($none_value) {
|
$return['in_downtime'] = array_intersect_key($modules, $downtime_modules);
|
||||||
|
$return['in_agent'] = array_diff($modules, $return['in_downtime']);
|
||||||
|
|
||||||
|
if ($none_value)
|
||||||
$return['in_agent'][0] = __('None');
|
$return['in_agent'][0] = __('None');
|
||||||
}
|
|
||||||
|
|
||||||
echo json_encode($return);
|
echo json_encode($return);
|
||||||
exit;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($delete_module_from_downtime) {
|
if ($delete_module_from_downtime) {
|
||||||
|
@ -68,38 +94,65 @@ if ($delete_module_from_downtime) {
|
||||||
$return['all_modules'] = 0;
|
$return['all_modules'] = 0;
|
||||||
$return['id_agent'] = 0;
|
$return['id_agent'] = 0;
|
||||||
|
|
||||||
$id_module = (int)get_parameter('id_module', 0);
|
$id_module = (int) get_parameter('id_module', 0);
|
||||||
$id_downtime = (int)get_parameter('id_downtime', 0);
|
$id_downtime = (int) get_parameter('id_downtime', 0);
|
||||||
|
$id_agent = db_get_value('id_agente', 'tagente_modulo', 'id_agente_modulo', $id_module);
|
||||||
|
|
||||||
$row = db_get_row_filter('tplanned_downtime_modules',
|
// Check AW permission on downtime
|
||||||
array('id_agent_module' => $id_module,
|
$downtime_group = db_get_value('id_group', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
'id_downtime' => $id_downtime));
|
|
||||||
$return['id_agent'] = $row['id_agent'];
|
|
||||||
|
|
||||||
$result = db_process_sql_delete('tplanned_downtime_modules',
|
if ($downtime_group === false || !in_array($downtime_group, $user_groups_aw)) {
|
||||||
array('id_downtime' => $id_downtime,
|
$return['correct'] = 0;
|
||||||
'id_agent_module' => $id_module));
|
echo json_encode($return);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check AW permission on agent
|
||||||
|
$agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $id_agent);
|
||||||
|
|
||||||
|
if ($id_agent === false || $agent_group === false || !in_array($agent_group, $user_groups_aw)) {
|
||||||
|
$return['correct'] = 0;
|
||||||
|
echo json_encode($return);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$is_running = db_get_value ('executed', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
|
if ($is_running) {
|
||||||
|
$return['executed'] = 1;
|
||||||
|
echo json_encode($return);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$return['id_agent'] = $id_agent;
|
||||||
|
|
||||||
|
$filter = array(
|
||||||
|
'id_agent_module' => $id_module,
|
||||||
|
'id_downtime' => $id_downtime
|
||||||
|
);
|
||||||
|
$result = db_process_sql_delete('tplanned_downtime_modules', $filter);
|
||||||
|
|
||||||
if ($result) {
|
if ($result) {
|
||||||
$rows = db_get_all_rows_filter('tplanned_downtime_modules',
|
db_clean_cache();
|
||||||
array('id_downtime' => $id_downtime,
|
|
||||||
'id_agent' => $row['id_agent']));
|
$filter = array(
|
||||||
|
'id_agent' => $id_agent,
|
||||||
|
'id_downtime' => $id_downtime
|
||||||
|
);
|
||||||
|
$rows = db_get_all_rows_filter('tplanned_downtime_modules', $filter);
|
||||||
|
|
||||||
if (empty($rows)) {
|
if (empty($rows)) {
|
||||||
db_process_sql_update('tplanned_downtime_agents',
|
$values = array('all_modules' => 1);
|
||||||
array('all_modules' => 1),
|
db_process_sql_update('tplanned_downtime_agents', $values, $filter);
|
||||||
array('id_agent' => $row['id_agent'],
|
|
||||||
'id_downtime' => $id_downtime));
|
|
||||||
|
|
||||||
$return['all_modules'] = 1;
|
$return['all_modules'] = 1;
|
||||||
$return['id_agent'] = $row['id_agent'];
|
$return['id_agent'] = $id_agent;
|
||||||
}
|
}
|
||||||
|
|
||||||
$return['correct'] = 1;
|
$return['correct'] = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
echo json_encode($return);
|
echo json_encode($return);
|
||||||
exit;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($add_module_into_downtime) {
|
if ($add_module_into_downtime) {
|
||||||
|
@ -107,9 +160,34 @@ if ($add_module_into_downtime) {
|
||||||
$return['correct'] = 0;
|
$return['correct'] = 0;
|
||||||
$return['name'] = '';
|
$return['name'] = '';
|
||||||
|
|
||||||
$id_agent = (int)get_parameter('id_agent', 0);
|
$id_agent = (int) get_parameter('id_agent', 0);
|
||||||
$id_module = (int)get_parameter('id_module', 0);
|
$id_module = (int) get_parameter('id_module', 0);
|
||||||
$id_downtime = (int)get_parameter('id_downtime', 0);
|
$id_downtime = (int) get_parameter('id_downtime', 0);
|
||||||
|
|
||||||
|
// Check AW permission on downtime
|
||||||
|
$downtime_group = db_get_value('id_group', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
|
|
||||||
|
if ($downtime_group === false || !in_array($downtime_group, $user_groups_aw)) {
|
||||||
|
$return['correct'] = 0;
|
||||||
|
echo json_encode($return);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check AW permission on agent
|
||||||
|
$agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $id_agent);
|
||||||
|
|
||||||
|
if ($agent_group === false || !in_array($agent_group, $user_groups_aw)) {
|
||||||
|
$return['correct'] = 0;
|
||||||
|
echo json_encode($return);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$is_running = db_get_value ('executed', 'tplanned_downtime', 'id', $id_downtime);
|
||||||
|
if ($is_running) {
|
||||||
|
$return['executed'] = 1;
|
||||||
|
echo json_encode($return);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$values = array();
|
$values = array();
|
||||||
$values['id_agent'] = $id_agent;
|
$values['id_agent'] = $id_agent;
|
||||||
|
@ -130,6 +208,7 @@ if ($add_module_into_downtime) {
|
||||||
}
|
}
|
||||||
|
|
||||||
echo json_encode($return);
|
echo json_encode($return);
|
||||||
exit;
|
return;
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue