diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index 106695283c..9a340b7fae 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,15 @@ +2013-06-04 Miguel de Dios + + * godmode/agentes/agent_manager.php, godmode/menu.php, + godmode/alerts/configure_alert_template.php, + godmode/alerts/configure_alert_action.php, + godmode/alerts/alert_templates.php, + godmode/alerts/alert_actions.php, godmode/groups/group_list.php, + godmode/groups/configure_group.php, include/functions.php, + include/functions_profile.php: fixed the ACLs. + + Fixes: #2256 + 2013-06-04 Miguel de Dios * godmode/massive/massive_delete_alerts.php: fixed the delete diff --git a/pandora_console/godmode/agentes/agent_manager.php b/pandora_console/godmode/agentes/agent_manager.php index b155e767af..f79a74ac4c 100644 --- a/pandora_console/godmode/agentes/agent_manager.php +++ b/pandora_console/godmode/agentes/agent_manager.php @@ -264,10 +264,10 @@ if (!$new_agent) { $table->data[3][1] .= ''.ui_print_help_tip (__('Delete this conf file implies that for restore you must reactive remote config in the local agent.'), true); } else - $table->data[3][1] = ''.__('Not available').''; + $table->data[3][1] = '' . __('Not available') . ''; } else - $table->data[3][1] = ''.__('Not available').''; + $table->data[3][1] = '' . __('Not available') . ''; $listIcons = gis_get_array_list_icons(); diff --git a/pandora_console/godmode/alerts/alert_actions.php b/pandora_console/godmode/alerts/alert_actions.php index 6dc46554ec..26f81a82df 100644 --- a/pandora_console/godmode/alerts/alert_actions.php +++ b/pandora_console/godmode/alerts/alert_actions.php @@ -225,7 +225,7 @@ if ($update_action) { $info_fields = ''; $values = array(); - for($i=1;$i<=10;$i++) { + for ($i = 1; $i <= 10; $i++) { $values['field'.$i] = (string) get_parameter ('field'.$i.'_value'); $info_fields .= ' Field1: ' . $values['field'.$i]; } @@ -369,16 +369,23 @@ foreach ($actions as $action) { $data[0] = ''. $action['name'].''; $data[1] = ui_print_group_icon ($action["id_group"], true) .' '; - $data[2] = '' . - html_print_image("images/copy.png", true) . ''; - $data[3] = ''. - html_print_image("images/cross.png", true) . ''; + $hack_id_group_all = $action["id_group"]; + if ($hack_id_group_all == 0) { + //To avoid check all groups instead the pseudo-group all + $hack_id_group_all = -1; + } + if (check_acl($config['id_user'], $hack_id_group_all, "LM")) { + $data[2] = '' . + html_print_image("images/copy.png", true) . ''; + $data[3] = ''. + html_print_image("images/cross.png", true) . ''; + } array_push ($table->data, $data); } -if (isset($data)){ +if (isset($data)) { html_print_table ($table); } else { diff --git a/pandora_console/godmode/alerts/alert_templates.php b/pandora_console/godmode/alerts/alert_templates.php index 4ff3c8baab..c48977b110 100644 --- a/pandora_console/godmode/alerts/alert_templates.php +++ b/pandora_console/godmode/alerts/alert_templates.php @@ -137,7 +137,7 @@ if ($update_template) { $id = (int) get_parameter ('id'); $recovery_notify = (bool) get_parameter ('recovery_notify'); - + $fields_recovery = array(); for($i=2;$i<=10;$i++) { $fields_recovery['field'.$i.'_recovery'] = (string) get_parameter ('field'.$i); @@ -247,7 +247,7 @@ $table->data[0][4] .= html_print_submit_button (__('Search'), 'search', false, 'class="sub search"', true); $table->data[0][4] .= ''; -echo '
'; +echo ''; html_print_table ($table); echo '
'; @@ -304,17 +304,27 @@ foreach ($templates as $template) { $data[1] = ui_print_group_icon ($template["id_group"], true); $data[3] = alerts_get_alert_templates_type_name ($template['type']); - $data[4] = '
'; - $data[4] .= html_print_input_hidden ('duplicate_template', 1, true); - $data[4] .= html_print_input_hidden ('source_id', $template['id'], true); - $data[4] .= html_print_input_image ('dup', 'images/copy.png', 1, '', true, array ('title' => __('Duplicate'))); - $data[4] .= '
'; - - $data[4] .= '
'; - $data[4] .= html_print_input_hidden ('delete_template', 1, true); - $data[4] .= html_print_input_hidden ('id', $template['id'], true); - $data[4] .= html_print_input_image ('del', 'images/cross.png', 1, '', true, array ('title' => __('Delete'))); - $data[4] .= '
'; + $hack_id_group_all = $template["id_group"]; + if ($hack_id_group_all == 0) { + //To avoid check all groups instead the pseudo-group all + $hack_id_group_all = -1; + } + if (check_acl($config['id_user'], $hack_id_group_all, "LM")) { + $data[4] = '
'; + $data[4] .= html_print_input_hidden ('duplicate_template', 1, true); + $data[4] .= html_print_input_hidden ('source_id', $template['id'], true); + $data[4] .= html_print_input_image ('dup', 'images/copy.png', 1, '', true, array ('title' => __('Duplicate'))); + $data[4] .= '
'; + + $data[4] .= '
'; + $data[4] .= html_print_input_hidden ('delete_template', 1, true); + $data[4] .= html_print_input_hidden ('id', $template['id'], true); + $data[4] .= html_print_input_image ('del', 'images/cross.png', 1, '', true, array ('title' => __('Delete'))); + $data[4] .= '
'; + } + else { + $data[4] = ''; + } array_push ($table->data, $data); } @@ -324,7 +334,8 @@ if (isset($data)) { html_print_table ($table); } else { - echo "
".__('No alert templates defined')."
"; + echo "
" . __('No alert templates defined') . + "
"; } echo '
'; echo '
'; diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php index 25659a5d56..4964dddfe7 100644 --- a/pandora_console/godmode/alerts/configure_alert_action.php +++ b/pandora_console/godmode/alerts/configure_alert_action.php @@ -39,46 +39,19 @@ if (defined('METACONSOLE')) else $sec = 'galertas'; -if ($al_action !== false){ - // If user tries to edit an action with group=ALL - if ($al_action['id_group'] == 0){ - // then must have "PM" access privileges - if (! check_acl ($config['id_user'], 0, "PM")) { - db_pandora_audit("ACL Violation", - "Trying to access Alert Management"); - require ("general/noaccess.php"); - exit; - } - else { - // Header - if (defined('METACONSOLE')) - alerts_meta_print_header(); - else - ui_print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/gm_alerts.png", false, "", true); - } - } // If user tries to edit an action of others groups - else { +if ($al_action !== false) { $own_info = get_user_info ($config['id_user']); if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $own_groups = array_keys(users_get_groups($config['id_user'], "LM")); else $own_groups = array_keys(users_get_groups($config['id_user'], "LM", false)); $is_in_group = in_array($al_action['id_group'], $own_groups); - // Then action group have to be in his own groups - if ($is_in_group) { - // Header - if (defined('METACONSOLE')) - alerts_meta_print_header(); - else - ui_print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/gm_alerts.png", false, "", true); - } - else { - db_pandora_audit("ACL Violation", - "Trying to access Alert Management"); - require ("general/noaccess.php"); - exit; - } - } + + // Header + if (defined('METACONSOLE')) + alerts_meta_print_header(); + else + ui_print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/gm_alerts.png", false, "", true); } else { // Header @@ -129,19 +102,20 @@ else $table->data[1][1] = html_print_select_groups(false, "LW", $display_all_group, 'group', $group, '', '', 0, true); $table->data[2][0] = __('Command'); -$table->data[2][1] = html_print_select_from_sql ('SELECT id, name FROM talert_commands', +$table->data[2][1] = html_print_select_from_sql ('SELECT id, name + FROM talert_commands', 'id_command', $id_command, '', __('None'), 0, true); $table->data[2][1] .= ' '; if (check_acl ($config['id_user'], 0, "PM")) { $table->data[2][1] .= html_print_image ('images/add.png', true); - $table->data[2][1] .= ''; + $table->data[2][1] .= ''; $table->data[2][1] .= __('Create Command'); $table->data[2][1] .= ''; } $table->data[2][1] .= '
'; $table->data[3][0] = __('Threshold'); $table->data[3][1] = html_print_input_text ('action_threshold', $action_threshold, '', 5, 7, true); -$table->data[3][1] .= ' '.__('seconds') . ui_print_help_icon ('action_threshold', true); +$table->data[3][1] .= ' ' . __('seconds') . ui_print_help_icon ('action_threshold', true); $table->data[4][0] = __('Command preview'); $table->data[4][1] = html_print_textarea ('command_preview', 10, 30, '', 'disabled="disabled"', true); @@ -153,14 +127,19 @@ for ($i = 1; $i <= 10; $i++) { $table->data['field'.$i][1] .= html_print_input_hidden('field'.$i.'_value', isset($action['field'.$i]) ? $action['field'.$i] : '', true); } -echo ''; +echo ''; html_print_table ($table); echo '
'; if ($id) { html_print_input_hidden ('id', $id); - html_print_input_hidden ('update_action', 1); - html_print_submit_button (__('Update'), 'create', false, 'class="sub upd"'); + if ($al_action['id_group'] == 0) { + // then must have "PM" access privileges + if (check_acl ($config['id_user'], 0, "PM")) { + html_print_input_hidden ('update_action', 1); + html_print_submit_button (__('Update'), 'create', false, 'class="sub upd"'); + } + } } else { html_print_input_hidden ('create_action', 1); diff --git a/pandora_console/godmode/alerts/configure_alert_template.php b/pandora_console/godmode/alerts/configure_alert_template.php index 8419df1a84..79fc711b70 100644 --- a/pandora_console/godmode/alerts/configure_alert_template.php +++ b/pandora_console/godmode/alerts/configure_alert_template.php @@ -51,26 +51,19 @@ else { if ($a_template !== false) { // If user tries to duplicate/edit a template with group=ALL - if ($a_template['id_group'] == 0){ - // then must have "PM" access privileges - if (! check_acl ($config['id_user'], 0, "PM")) { - db_pandora_audit("ACL Violation", - "Trying to access Alert Management"); - require ("general/noaccess.php"); - exit; + if ($a_template['id_group'] == 0) { + // Header + if (defined('METACONSOLE')) { + alerts_meta_print_header(); } else { - // Header - if (defined('METACONSOLE')) { - alerts_meta_print_header(); - } - else { - ui_print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "conf_alert_template", true); - } + ui_print_page_header (__('Alerts') . + ' » ' . __('Configure alert template'), "", + false, "conf_alert_template", true); } - - } // If user tries to duplicate/edit a template of others groups + } else { + // If user tries to duplicate/edit a template of others groups $own_info = get_user_info ($config['id_user']); if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $own_groups = array_keys(users_get_groups($config['id_user'], "LM")); @@ -150,13 +143,13 @@ function print_alert_template_steps ($step, $id) { if ($id) { echo ''; - echo __('Step').' 1 » '; - echo ''.__('Conditions').''; + echo __('Step') . ' 1 » '; + echo '' . __('Conditions') . ''; echo ''; } else { - echo __('Step').' 1 » '; - echo ''.__('Conditions').''; + echo __('Step') . ' 1 » '; + echo '' . __('Conditions') . ''; } echo ''; @@ -332,6 +325,7 @@ define ('LAST_STEP', 3); $step = (int) get_parameter ('step', 1); +$create_alert = (bool) get_parameter ('create_alert'); $create_template = (bool) get_parameter ('create_template'); $update_template = (bool) get_parameter ('update_template'); @@ -353,13 +347,13 @@ $sunday = true; $special_day = false; $default_action = 0; $fields = array(); -for($i=1;$i<=10;$i++) { +for ($i = 1; $i <= 10; $i++) { $fields[$i] = ''; } $priority = 1; $min_alerts = 0; $max_alerts = 1; -$threshold = 86400; +$threshold = SECONDS_1DAY; $recovery_notify = false; $field2_recovery = ''; $field3_recovery = ''; @@ -389,7 +383,7 @@ if ($create_template) { 'priority' => $priority, 'wizard_level' => $wizard_level); - if($config['dbtype'] == "oracle") { + if ($config['dbtype'] == "oracle") { $values['field3'] = ' '; $values['field3_recovery'] = ' '; } @@ -454,13 +448,13 @@ if ($id && ! $create_template) { $min_alerts = $template['min_alerts']; $threshold = $template['time_threshold']; $fields = array(); - for($i=1;$i<=10;$i++) { + for ($i = 1; $i <= 10; $i++) { $fields[$i] = $template['field'.$i]; } $recovery_notify = $template['recovery_notify']; $fields_recovery = array(); - for($i=2;$i<=10;$i++) { + for ($i = 2; $i <= 10; $i++) { $fields_recovery[$i] = $template['field'.$i.'_recovery']; } @@ -526,18 +520,18 @@ if ($step == 2) { $table->colspan['fields_switch'][0] = 4; $table->data['fields_switch'][0] = ''.__('Advanced fields management').' '.html_print_image('images/down.png',true).''; - - for($i=1;$i<=10;$i++) { - if(isset($template[$name])) { + + for ($i = 1; $i <= 10; $i++) { + if (isset($template[$name])) { $value = $template[$name]; } else { $value = ''; } - + $table->colspan['field'.$i][1] = 3; $table->rowclass['field'.$i] = 'row_field'; - + $table->data['field'.$i][0] = sprintf(__('Field %s'), $i) . ui_print_help_icon ('alert_macros', true); $table->data['field'.$i][1] = html_print_textarea ('field'.$i, 1, 1, isset($fields[$i]) ? $fields[$i] : '', 'style="min-height:40px;" class="fields"', true); } @@ -547,10 +541,16 @@ if ($step == 2) { switch ($config['dbtype']){ case "mysql": case "postgresql": - $sql_query = sprintf('SELECT id, name FROM talert_actions WHERE id_group IN (%s) ORDER BY name', $usr_groups); + $sql_query = sprintf('SELECT id, name + FROM talert_actions + WHERE id_group IN (%s) + ORDER BY name', $usr_groups); break; case "oracle": - $sql_query = sprintf('SELECT id, dbms_lob.substr(name,4000,1) as nombre FROM talert_actions WHERE id_group IN (%s) ORDER BY dbms_lob.substr(name,4000,1)', $usr_groups); + $sql_query = sprintf('SELECT id, dbms_lob.substr(name,4000,1) as nombre + FROM talert_actions + WHERE id_group IN (%s) + ORDER BY dbms_lob.substr(name,4000,1)', $usr_groups); break; } $table->data[4][1] = html_print_select_from_sql ($sql_query, @@ -617,6 +617,7 @@ else { $table->data[0][0] = __('Name'); $table->data[0][1] = html_print_input_text ('name', $name, '', 35, 255, true); + $table->data[0][1] .= "  ". __("Group"); $groups = users_get_groups (); $own_info = get_user_info($config['id_user']); @@ -625,7 +626,9 @@ else { $display_all_group = true; else $display_all_group = false; - $table->data[0][1] .= " ".html_print_select_groups(false, "AR", $display_all_group, 'id_group', $id_group, '', '', 0, true); + $table->data[0][1] .= " " . + html_print_select_groups(false, "AR", $display_all_group, 'id_group', $id_group, '', '', 0, true); + $table->data[1][0] = __('Description'); $table->data[1][1] = html_print_textarea ('description', 10, 30, @@ -634,11 +637,12 @@ else { $table->data[2][0] = __('Priority'); $table->data[2][1] = html_print_select (get_priorities (), 'priority', $priority, '', 0, 0, true, false, false); - + if(defined('METACONSOLE')) { $table->data[3][0] = __('Wizard level'); - $wizard_levels = array('basic' => __('Basic'), - 'advanced' => __('Advanced') ); + $wizard_levels = array( + 'basic' => __('Basic'), + 'advanced' => __('Advanced')); $table->data[3][1] = html_print_select($wizard_levels,'wizard_level',$wizard_level,'','',-1,true, false, false); } else { @@ -671,7 +675,7 @@ else { //Min first, then max, that's more logical $table->data['min'][0] = __('Min.'); $table->data['min'][1] = html_print_input_text ('min', $min, '', 5, 255, true); - + $table->data['max'][0] = __('Max.'); $table->data['max'][1] = html_print_input_text ('max', $max, '', 5, 255, true); @@ -688,7 +692,7 @@ else { } html_print_table ($table); -echo '
'; +echo '
'; if ($id) { html_print_input_hidden ('id', $id); html_print_input_hidden ('update_template', 1); @@ -697,13 +701,26 @@ else { html_print_input_hidden ('create_template', 1); } -if ($step >= LAST_STEP) { - html_print_submit_button (__('Finish'), 'finish', false, 'class="sub upd"'); +$disabled = false; +if (!$create_alert && !$create_template) { + if ($a_template['id_group'] == 0) { + // then must have "PM" access privileges + if (! check_acl ($config['id_user'], 0, "PM")) { + $disabled = true; + } + } } -else { - html_print_input_hidden ('step', $step + 1); - html_print_submit_button (__('Next'), 'next', false, 'class="sub next"'); + +if (!$disabled) { + if ($step >= LAST_STEP) { + html_print_submit_button (__('Finish'), 'finish', false, 'class="sub upd"'); + } + else { + html_print_input_hidden ('step', $step + 1); + html_print_submit_button (__('Next'), 'next', false, 'class="sub next"'); + } } + echo '
'; echo ''; @@ -792,7 +809,7 @@ function toggle_fields() { } //toggle_fields(); - + $(document).ready (function () { }) /* ]]> */ - + \ No newline at end of file diff --git a/pandora_console/godmode/groups/configure_group.php b/pandora_console/godmode/groups/configure_group.php index 4b1c0026c8..f76818b1db 100644 --- a/pandora_console/godmode/groups/configure_group.php +++ b/pandora_console/godmode/groups/configure_group.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! check_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "AW")) { db_pandora_audit("ACL Violation", "Trying to access Group Management2"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/groups/group_list.php b/pandora_console/godmode/groups/group_list.php index 62ec7d5d20..256739b4eb 100644 --- a/pandora_console/godmode/groups/group_list.php +++ b/pandora_console/godmode/groups/group_list.php @@ -97,7 +97,7 @@ if (is_ajax ()) { return; } -if (! check_acl($config['id_user'], 0, "PM")) { +if (! check_acl($config['id_user'], 0, "AW")) { db_pandora_audit("ACL Violation", "Trying to access Group Management"); require ("general/noaccess.php"); @@ -126,7 +126,7 @@ $delete_group = (bool) get_parameter ('delete_group'); $pure = get_parameter('pure', 0); /* Create group */ -if ($create_group) { +if (($create_group) && (check_acl($config['id_user'], 0, "PM"))) { $name = (string) get_parameter ('name'); $icon = (string) get_parameter ('icon'); $id_parent = (int) get_parameter ('id_parent'); @@ -219,7 +219,7 @@ if ($update_group) { } /* Delete group */ -if ($delete_group) { +if (($delete_group) && (check_acl($config['id_user'], 0, "PM"))) { $id_group = (int) get_parameter ('id_group'); $usedGroup = groups_check_used($id_group); @@ -253,12 +253,14 @@ db_clean_cache(); $groups = users_get_groups_tree ($config['id_user'], "AR", true); $table->width = '98%'; -echo '
'; -echo '
'; -echo '
'; -html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"'); -echo '
'; -echo '
'; +if (check_acl($config['id_user'], 0, "PM")) { + echo '
'; + echo '
'; + echo '
'; + html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"'); + echo '
'; + echo '
'; +} if (!empty($groups)) { $table->head = array (); @@ -429,11 +431,13 @@ else { echo "
".__('There are no defined groups')."
"; } -echo '
'; -echo '
'; -html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"'); -echo '
'; -echo '
'; +if (check_acl($config['id_user'], 0, "PM")) { + echo '
'; + echo '
'; + html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"'); + echo '
'; + echo '
'; +} enterprise_hook('close_meta_frame'); diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php index af9f506d0a..01432cb4d2 100644 --- a/pandora_console/godmode/menu.php +++ b/pandora_console/godmode/menu.php @@ -37,8 +37,10 @@ if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0, enterprise_hook("duplicate_confi_submenu"); - if (check_acl ($config["id_user"], 0, "PM")) { + if (check_acl ($config["id_user"], 0, "AW")) { $sub["godmode/groups/group_list"]["text"] = __('Manage groups'); + } + if (check_acl ($config["id_user"], 0, "PM")) { $sub["godmode/groups/modu_group_list"]["text"] = __('Module groups'); $sub["godmode/agentes/planned_downtime.list"]["text"] = __('Scheduled downtime'); $sub["godmode/agentes/fields_manager"]["text"] = __('Manage custom fields'); diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index c430105316..4da949d2d9 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -1803,7 +1803,7 @@ function is_array_empty($InputVariable) // Return 0 if the user hasnt access to node/detail 1 otherwise function can_user_access_node () { global $config; - + $userinfo = get_user_info ($config['id_user']); if (defined('METACONSOLE')) { diff --git a/pandora_console/include/functions_profile.php b/pandora_console/include/functions_profile.php index a5768f190d..c22463bb91 100644 --- a/pandora_console/include/functions_profile.php +++ b/pandora_console/include/functions_profile.php @@ -114,6 +114,7 @@ function profile_delete_user_profile ($id_user, $id_profile) { $where = array( 'id_usuario' => $id_user, 'id_up' => $id_profile); + return (bool)db_process_sql_delete('tusuario_perfil', $where); }