2013-06-04 Miguel de Dios <miguel.dedios@artica.es>

* godmode/agentes/agent_manager.php, godmode/menu.php, godmode/alerts/configure_alert_template.php, godmode/alerts/configure_alert_action.php, godmode/alerts/alert_templates.php, godmode/alerts/alert_actions.php, godmode/groups/group_list.php, godmode/groups/configure_group.php, include/functions.php, include/functions_profile.php: fixed the ACLs. Fixes: #2256 git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@8254 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2013-06-04 16:06:58 +00:00 · 2013-06-04 16:06:58 +00:00 · dd6c1cc7be
parent bf3dbc3836
commit dd6c1cc7be
11 changed files with 159 additions and 126 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,15 @@
 2013-06-04 Miguel de Dios <miguel.dedios@artica.es>
 	* godmode/agentes/agent_manager.php, godmode/menu.php,
 	godmode/alerts/configure_alert_template.php,
 	godmode/alerts/configure_alert_action.php,
 	godmode/alerts/alert_templates.php,
 	godmode/alerts/alert_actions.php, godmode/groups/group_list.php,
 	godmode/groups/configure_group.php, include/functions.php,
 	include/functions_profile.php: fixed the ACLs.
 	Fixes: #2256
 2013-06-04 Miguel de Dios <miguel.dedios@artica.es>
 	* godmode/massive/massive_delete_alerts.php: fixed the delete
--- a/pandora_console/godmode/agentes/agent_manager.php
+++ b/pandora_console/godmode/agentes/agent_manager.php
@ -264,10 +264,10 @@ if (!$new_agent) {
 		$table->data[3][1] .= '</a>'.ui_print_help_tip (__('Delete this conf file implies that for restore you must reactive remote config in the local agent.'), true);
 	}
 	else
-		$table->data[3][1] = '<em>'.__('Not available').'</em>';
+		$table->data[3][1] = '<em>' . __('Not available') . '</em>';
 }
 else
-	$table->data[3][1] = '<em>'.__('Not available').'</em>';
+	$table->data[3][1] = '<em>' . __('Not available') . '</em>';
 $listIcons = gis_get_array_list_icons();
--- a/pandora_console/godmode/alerts/alert_actions.php
+++ b/pandora_console/godmode/alerts/alert_actions.php
@ -225,7 +225,7 @@ if ($update_action) {
 	$info_fields = '';
 	$values = array();
-	for($i=1;$i<=10;$i++) {
+	for ($i = 1; $i <= 10; $i++) {
 		$values['field'.$i] = (string) get_parameter ('field'.$i.'_value');
 		$info_fields .= ' Field1: ' . $values['field'.$i];
 	}
@ -369,16 +369,23 @@ foreach ($actions as $action) {
 	$data[0] = '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_action&id='.$action['id'].'&pure='.$pure.'">'.
 		$action['name'].'</a>';
 	$data[1] = ui_print_group_icon ($action["id_group"], true) .'&nbsp;';
 	$hack_id_group_all = $action["id_group"];
 	if ($hack_id_group_all == 0) {
 		//To avoid check all groups instead the pseudo-group all
 		$hack_id_group_all = -1;
 	}
 	if (check_acl($config['id_user'], $hack_id_group_all, "LM")) {
 		$data[2] = '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/alert_actions&amp;copy_action=1&amp;id='.$action['id'].'&pure='.$pure.'"
 			onClick="if (!confirm(\''.__('Are you sure?').'\')) return false;">' .
 			html_print_image("images/copy.png", true) . '</a>';
 		$data[3] = '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/alert_actions&delete_action=1&id='.$action['id'].'&pure='.$pure.'"
 			onClick="if (!confirm(\''.__('Are you sure?').'\')) return false;">'.
 			html_print_image("images/cross.png", true) . '</a>';
 	}
 	array_push ($table->data, $data);
 }
-if (isset($data)){
+if (isset($data)) {
 	html_print_table ($table);
 }
 else {
--- a/pandora_console/godmode/alerts/alert_templates.php
+++ b/pandora_console/godmode/alerts/alert_templates.php
@ -247,7 +247,7 @@ $table->data[0][4] .= html_print_submit_button (__('Search'), 'search', false,
 	'class="sub search"', true);
 $table->data[0][4] .= '</div>';
-echo '<form method="post" action="'.$url.'">';
+echo '<form method="post" action="' . $url . '">';
 html_print_table ($table);
 echo '</form>';
@ -304,6 +304,12 @@ foreach ($templates as $template) {
 	$data[1] = ui_print_group_icon ($template["id_group"], true);
 	$data[3] = alerts_get_alert_templates_type_name ($template['type']);
 	$hack_id_group_all = $template["id_group"];
 	if ($hack_id_group_all == 0) {
 		//To avoid check all groups instead the pseudo-group all
 		$hack_id_group_all = -1;
 	}
 	if (check_acl($config['id_user'], $hack_id_group_all, "LM")) {
 		$data[4] = '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_template&pure='.$pure.'" style="display: inline; float: left">';
 		$data[4] .= html_print_input_hidden ('duplicate_template', 1, true);
 		$data[4] .= html_print_input_hidden ('source_id', $template['id'], true);
@ -315,6 +321,10 @@ foreach ($templates as $template) {
 		$data[4] .= html_print_input_hidden ('id', $template['id'], true);
 		$data[4] .= html_print_input_image ('del', 'images/cross.png', 1, '', true, array ('title' => __('Delete')));
 		$data[4] .= '</form> ';
 	}
 	else {
 		$data[4] = '';
 	}
 	array_push ($table->data, $data);
 }
@ -324,7 +334,8 @@ if (isset($data)) {
 	html_print_table ($table);
 }
 else {
-	echo "<div class='nf'>".__('No alert templates defined')."</div>";
+	echo "<div class='nf'>" . __('No alert templates defined') .
 		"</div>";
 }
 echo '<div class="action-buttons" style="width: '.$table->width.'">';
 echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_template&pure='.$pure.'">';
--- a/pandora_console/godmode/alerts/configure_alert_action.php
+++ b/pandora_console/godmode/alerts/configure_alert_action.php
@ -39,46 +39,19 @@ if (defined('METACONSOLE'))
 else
 	$sec = 'galertas';
-if ($al_action !== false){
+if ($al_action !== false) {
 	// If user tries to edit an action with group=ALL
 	if ($al_action['id_group'] == 0){
 		// then must have "PM" access privileges
 		if (! check_acl ($config['id_user'], 0, "PM")) {
 			db_pandora_audit("ACL Violation",
 				"Trying to access Alert Management");
 			require ("general/noaccess.php");
 			exit;
 		}
 		else {
 			// Header
 			if (defined('METACONSOLE'))
 				alerts_meta_print_header();
 			else
 				ui_print_page_header (__('Alerts').' &raquo; '.__('Configure alert action'), "images/gm_alerts.png", false, "", true);
 		}
 	} // If user tries to edit an action of others groups
 	else {
 		$own_info = get_user_info ($config['id_user']);
 		if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
 			$own_groups = array_keys(users_get_groups($config['id_user'], "LM"));
 		else
 			$own_groups = array_keys(users_get_groups($config['id_user'], "LM", false));
 		$is_in_group = in_array($al_action['id_group'], $own_groups);
-		// Then action group have to be in his own groups
+		
 		if ($is_in_group) {
 		// Header
 		if (defined('METACONSOLE'))
 			alerts_meta_print_header();
 		else
 			ui_print_page_header (__('Alerts').' &raquo; '.__('Configure alert action'), "images/gm_alerts.png", false, "", true);
 		}
 		else {
 			db_pandora_audit("ACL Violation",
 			"Trying to access Alert Management");
 			require ("general/noaccess.php");
 			exit;
 		}
 	}
 }
 else {
 	// Header
@ -129,19 +102,20 @@ else
 $table->data[1][1] = html_print_select_groups(false, "LW", $display_all_group, 'group', $group, '', '', 0, true);
 $table->data[2][0] = __('Command');
-$table->data[2][1] = html_print_select_from_sql ('SELECT id, name FROM talert_commands',
+$table->data[2][1] = html_print_select_from_sql ('SELECT id, name
 	FROM talert_commands',
 	'id_command', $id_command, '', __('None'), 0, true);
 $table->data[2][1] .= ' ';
 if (check_acl ($config['id_user'], 0, "PM")) {
 	$table->data[2][1] .= html_print_image ('images/add.png', true);
-	$table->data[2][1] .= '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_command&pure='.$pure.'">';
+	$table->data[2][1] .= '<a href="index.php?sec=' . $sec . '&sec2=godmode/alerts/configure_alert_command&pure='.$pure.'">';
 	$table->data[2][1] .= __('Create Command');
 	$table->data[2][1] .= '</a>';
 }
 $table->data[2][1] .= '<div id="command_description" style=""></div>';
 $table->data[3][0] = __('Threshold');
 $table->data[3][1] = html_print_input_text ('action_threshold', $action_threshold, '', 5, 7, true);
-$table->data[3][1] .= ' '.__('seconds') . ui_print_help_icon ('action_threshold', true);
+$table->data[3][1] .= ' ' . __('seconds') . ui_print_help_icon ('action_threshold', true);
 $table->data[4][0] = __('Command preview');
 $table->data[4][1] = html_print_textarea ('command_preview', 10, 30, '',
 	'disabled="disabled"', true);
@ -153,14 +127,19 @@ for ($i = 1; $i <= 10; $i++) {
 	$table->data['field'.$i][1] .= html_print_input_hidden('field'.$i.'_value', isset($action['field'.$i]) ? $action['field'.$i] : '', true);
 }
-echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/alerts/alert_actions&pure='.$pure.'">';
+echo '<form method="post" action="index.php?sec=' . $sec . '&sec2=godmode/alerts/alert_actions&pure='.$pure.'">';
 html_print_table ($table);
 echo '<div class="action-buttons" style="width: '.$table->width.'">';
 if ($id) {
 	html_print_input_hidden ('id', $id);
 	if ($al_action['id_group'] == 0) {
 		// then must have "PM" access privileges
 		if (check_acl ($config['id_user'], 0, "PM")) {
 			html_print_input_hidden ('update_action', 1);
 			html_print_submit_button (__('Update'), 'create', false, 'class="sub upd"');
 		}
 	}
 }
 else {
 	html_print_input_hidden ('create_action', 1);
--- a/pandora_console/godmode/alerts/configure_alert_template.php
+++ b/pandora_console/godmode/alerts/configure_alert_template.php
@ -51,26 +51,19 @@ else {
 if ($a_template !== false) {
 	// If user tries to duplicate/edit a template with group=ALL
-	if ($a_template['id_group'] == 0){
+	if ($a_template['id_group'] == 0) {
 		// then must have "PM" access privileges
 		if (! check_acl ($config['id_user'], 0, "PM")) {
 			db_pandora_audit("ACL Violation",
 				"Trying to access Alert Management");
 			require ("general/noaccess.php");
 			exit;
 		}
 		else {
 		// Header
 		if (defined('METACONSOLE')) {
 			alerts_meta_print_header();
 		}
 		else {
-				ui_print_page_header (__('Alerts').' &raquo; '.__('Configure alert template'), "", false, "conf_alert_template", true);
+			ui_print_page_header (__('Alerts') .
 				' &raquo; ' . __('Configure alert template'), "",
 				false, "conf_alert_template", true);
 		}
 	}
 	} // If user tries to duplicate/edit a template of others groups
 	else {
 		// If user tries to duplicate/edit a template of others groups
 		$own_info = get_user_info ($config['id_user']);
 		if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM"))
 			$own_groups = array_keys(users_get_groups($config['id_user'], "LM"));
@ -150,13 +143,13 @@ function print_alert_template_steps ($step, $id) {
 	if ($id) {
 		echo '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_template&id='.$id.'&pure='.$pure.'">';
-		echo __('Step').' 1 &raquo; ';
+		echo __('Step') . ' 1 &raquo; ';
-		echo '<span>'.__('Conditions').'</span>';
+		echo '<span>' . __('Conditions') . '</span>';
 		echo '</a>';
 	}
 	else {
-		echo __('Step').' 1 &raquo; ';
+		echo __('Step') . ' 1 &raquo; ';
-		echo '<span>'.__('Conditions').'</span>';
+		echo '<span>' . __('Conditions') . '</span>';
 	}
 	echo '</li>';
@ -332,6 +325,7 @@ define ('LAST_STEP', 3);
 $step = (int) get_parameter ('step', 1);
 $create_alert = (bool) get_parameter ('create_alert');
 $create_template = (bool) get_parameter ('create_template');
 $update_template = (bool) get_parameter ('update_template');
@ -353,13 +347,13 @@ $sunday = true;
 $special_day = false;
 $default_action = 0;
 $fields = array();
-for($i=1;$i<=10;$i++) {
+for ($i = 1; $i <= 10; $i++) {
 	$fields[$i] = '';
 }
 $priority = 1;
 $min_alerts = 0;
 $max_alerts = 1;
-$threshold = 86400;
+$threshold = SECONDS_1DAY;
 $recovery_notify = false;
 $field2_recovery = '';
 $field3_recovery = '';
@ -389,7 +383,7 @@ if ($create_template) {
 		'priority' => $priority,
 		'wizard_level' => $wizard_level);
-	if($config['dbtype'] == "oracle") {
+	if ($config['dbtype'] == "oracle") {
 		$values['field3'] = ' ';
 		$values['field3_recovery'] = ' ';
 	}
@ -454,13 +448,13 @@ if ($id && ! $create_template) {
 	$min_alerts = $template['min_alerts'];
 	$threshold = $template['time_threshold'];
 	$fields = array();
-	for($i=1;$i<=10;$i++) {
+	for ($i = 1; $i <= 10; $i++) {
 		$fields[$i] = $template['field'.$i];
 	}
 	$recovery_notify = $template['recovery_notify'];
 	$fields_recovery = array();
-	for($i=2;$i<=10;$i++) {
+	for ($i = 2; $i <= 10; $i++) {
 		$fields_recovery[$i] = $template['field'.$i.'_recovery'];
 	}
@ -527,8 +521,8 @@ if ($step == 2) {
 	$table->colspan['fields_switch'][0] = 4;
 	$table->data['fields_switch'][0] = '<a href="javascript:toggle_fields();">'.__('Advanced fields management').' '.html_print_image('images/down.png',true).'</a>';
-	for($i=1;$i<=10;$i++) {
+	for ($i = 1; $i <= 10; $i++) {
-		if(isset($template[$name])) {
+		if (isset($template[$name])) {
 			$value = $template[$name];
 		}
 		else {
@ -547,10 +541,16 @@ if ($step == 2) {
 	switch ($config['dbtype']){
 		case "mysql":
 		case "postgresql":
-			$sql_query = sprintf('SELECT id, name FROM talert_actions WHERE id_group IN (%s) ORDER BY name', $usr_groups);
+			$sql_query = sprintf('SELECT id, name
 				FROM talert_actions
 				WHERE id_group IN (%s)
 				ORDER BY name', $usr_groups);
 			break;
 		case "oracle":
-			$sql_query = sprintf('SELECT id, dbms_lob.substr(name,4000,1) as nombre FROM talert_actions WHERE id_group IN (%s) ORDER BY dbms_lob.substr(name,4000,1)', $usr_groups);
+			$sql_query = sprintf('SELECT id, dbms_lob.substr(name,4000,1) as nombre
 				FROM talert_actions
 				WHERE id_group IN (%s)
 				ORDER BY dbms_lob.substr(name,4000,1)', $usr_groups);
 			break;
 	}
 	$table->data[4][1] = html_print_select_from_sql ($sql_query,
@ -617,6 +617,7 @@ else {
 	$table->data[0][0] = __('Name');
 	$table->data[0][1] = html_print_input_text ('name', $name, '', 35, 255, true);
 	$table->data[0][1] .= "&nbsp;&nbsp;". __("Group");
 	$groups = users_get_groups ();
 	$own_info = get_user_info($config['id_user']);
@ -625,7 +626,9 @@ else {
 		$display_all_group = true;
 	else
 		$display_all_group = false;
-	$table->data[0][1] .= "&nbsp;".html_print_select_groups(false, "AR", $display_all_group, 'id_group', $id_group, '', '', 0, true);
+	$table->data[0][1] .= "&nbsp;" .
 		html_print_select_groups(false, "AR", $display_all_group, 'id_group', $id_group, '', '', 0, true);
 	$table->data[1][0] = __('Description');
 	$table->data[1][1] =  html_print_textarea ('description', 10, 30,
@ -637,8 +640,9 @@ else {
 	if(defined('METACONSOLE')) {
 		$table->data[3][0] = __('Wizard level');
-		$wizard_levels = array('basic' => __('Basic'),
+		$wizard_levels = array(
-								'advanced' => __('Advanced')								);
+			'basic' => __('Basic'),
 			'advanced' => __('Advanced'));
 		$table->data[3][1] = html_print_select($wizard_levels,'wizard_level',$wizard_level,'','',-1,true, false, false);
 	}
 	else {
@ -688,7 +692,7 @@ else {
 }
 html_print_table ($table);
-echo '<div class="action-buttons" style="width: '.$table->width.'">';
+echo '<div class="action-buttons" style="width: ' . $table->width . '">';
 if ($id) {
 	html_print_input_hidden ('id', $id);
 	html_print_input_hidden ('update_template', 1);
@ -697,13 +701,26 @@ else {
 	html_print_input_hidden ('create_template', 1);
 }
-if ($step >= LAST_STEP) {
+$disabled = false;
-	html_print_submit_button (__('Finish'), 'finish', false, 'class="sub upd"');
+if (!$create_alert && !$create_template) {
 	if ($a_template['id_group'] == 0) {
 		// then must have "PM" access privileges
 		if (! check_acl ($config['id_user'], 0, "PM")) {
 			$disabled = true;
 		}
 	}
 }
-else {
+
 if (!$disabled) {
 	if ($step >= LAST_STEP) {
 		html_print_submit_button (__('Finish'), 'finish', false, 'class="sub upd"');
 	}
 	else {
 		html_print_input_hidden ('step', $step + 1);
 		html_print_submit_button (__('Next'), 'next', false, 'class="sub next"');
 	}
 }
 echo '</div>';
 echo '</form>';
--- a/pandora_console/godmode/groups/configure_group.php
+++ b/pandora_console/godmode/groups/configure_group.php
@ -18,7 +18,7 @@ global $config;
 check_login ();
-if (! check_acl ($config['id_user'], 0, "PM")) {
+if (! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation", "Trying to access Group Management2");
 	require ("general/noaccess.php");
 	return;
--- a/pandora_console/godmode/groups/group_list.php
+++ b/pandora_console/godmode/groups/group_list.php
@ -97,7 +97,7 @@ if (is_ajax ()) {
 	return;
 }
-if (! check_acl($config['id_user'], 0, "PM")) {
+if (! check_acl($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Group Management");
 	require ("general/noaccess.php");
@ -126,7 +126,7 @@ $delete_group = (bool) get_parameter ('delete_group');
 $pure = get_parameter('pure', 0);
 /* Create group */
-if ($create_group) {
+if (($create_group) && (check_acl($config['id_user'], 0, "PM"))) {
 	$name = (string) get_parameter ('name');
 	$icon = (string) get_parameter ('icon');
 	$id_parent = (int) get_parameter ('id_parent');
@ -219,7 +219,7 @@ if ($update_group) {
 }
 /* Delete group */
-if ($delete_group) {
+if (($delete_group) && (check_acl($config['id_user'], 0, "PM"))) {
 	$id_group = (int) get_parameter ('id_group');
 	$usedGroup = groups_check_used($id_group);
@ -253,12 +253,14 @@ db_clean_cache();
 $groups = users_get_groups_tree ($config['id_user'], "AR", true);
 $table->width = '98%';
-echo '<br />';
+if (check_acl($config['id_user'], 0, "PM")) {
-echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/groups/configure_group&pure='.$pure.'">';
+	echo '<br />';
-echo '<div class="action-buttons" style="width: '.$table->width.'">';
+	echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/groups/configure_group&pure='.$pure.'">';
-html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"');
+	echo '<div class="action-buttons" style="width: '.$table->width.'">';
-echo '</div>';
+	html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"');
-echo '</form>';
+	echo '</div>';
 	echo '</form>';
 }
 if (!empty($groups)) {
 	$table->head = array ();
@ -429,11 +431,13 @@ else {
 	echo "<div class='nf'>".__('There are no defined groups')."</div>";
 }
-echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/groups/configure_group&pure='.$pure.'">';
+if (check_acl($config['id_user'], 0, "PM")) {
-echo '<div class="action-buttons" style="width: '.$table->width.'">';
+	echo '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/groups/configure_group&pure='.$pure.'">';
-html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"');
+	echo '<div class="action-buttons" style="width: '.$table->width.'">';
-echo '</div>';
+	html_print_submit_button (__('Create group'), 'crt', false, 'class="sub next"');
-echo '</form>';
+	echo '</div>';
 	echo '</form>';
 }
 enterprise_hook('close_meta_frame');
--- a/pandora_console/godmode/menu.php
+++ b/pandora_console/godmode/menu.php
@ -37,8 +37,10 @@ if (check_acl ($config['id_user'], 0, "AW") || check_acl ($config['id_user'], 0,
 		enterprise_hook("duplicate_confi_submenu");
-		if (check_acl ($config["id_user"], 0, "PM")) {
+		if (check_acl ($config["id_user"], 0, "AW")) {
 			$sub["godmode/groups/group_list"]["text"] = __('Manage groups');
 		}
 		if (check_acl ($config["id_user"], 0, "PM")) {
 			$sub["godmode/groups/modu_group_list"]["text"] = __('Module groups');
 			$sub["godmode/agentes/planned_downtime.list"]["text"] = __('Scheduled downtime');
 			$sub["godmode/agentes/fields_manager"]["text"] = __('Manage custom fields');
--- a/pandora_console/include/functions_profile.php
+++ b/pandora_console/include/functions_profile.php
@ -114,6 +114,7 @@ function profile_delete_user_profile ($id_user, $id_profile) {
 	$where = array(
 		'id_usuario' => $id_user,
 		'id_up' => $id_profile);
 	return (bool)db_process_sql_delete('tusuario_perfil', $where);
 }