tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2009-10-21 Ramon Novoa <rnovoa@artica.es> 

* include/functions_custom_graphs.php,
          operation/snmpconsole/snmp_view.php,
          operation/events/events.php,
          godmode/servers/manage_export.php,
          godmode/servers/manage_recontask.php,
          godmode/servers/modificar_server.php: ACL related fixes.




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2045 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
Ramon Novoa 2009-10-21 16:15:22 +00:00
parent 2792f5b2d5
commit e04aa51564
7 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pandora_console/ChangeLog
View File

@ -1,3 +1,12 @@
2009-10-21 Ramon Novoa <rnovoa@artica.es>
* include/functions_custom_graphs.php,
operation/snmpconsole/snmp_view.php,
operation/events/events.php,
godmode/servers/manage_export.php,
godmode/servers/manage_recontask.php,
godmode/servers/modificar_server.php: ACL related fixes.
2009-10-20 Sancho Lerena <slerena@artica.es>
RC1 Release

2
pandora_console/godmode/servers/manage_export.php
View File

@ -20,7 +20,7 @@ require ("include/config.php");
check_login ();
if (! give_acl ($config['id_user'], 0, "LM")) {
if (! give_acl ($config['id_user'], 0, "PM")) {
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
"Trying to access Export Server Management");
require ("general/noaccess.php");

2
pandora_console/godmode/servers/manage_recontask.php
View File

@ -19,7 +19,7 @@ require ("include/config.php");
check_login ();
if (! give_acl ($config['id_user'], 0, "LM")) {
if (! give_acl ($config['id_user'], 0, "PM")) {
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
"Trying to access Recon Task Management");
require ("general/noaccess.php");

2
pandora_console/godmode/servers/modificar_server.php
View File

@ -18,7 +18,7 @@ require("include/config.php");
check_login();
if (! give_acl ($config["id_user"], 0, "AR") && ! give_acl($config['id_user'], 0, "AW")) {
if (! give_acl ($config["id_user"], 0, "PM")) {
audit_db ($config["id_user"], $REMOTE_ADDR, "ACL Violation",
"Trying to access Server Management");
require ("general/noaccess.php");

8
pandora_console/include/functions_custom_graphs.php
View File

@ -84,14 +84,6 @@ function print_custom_graph ($id_graph, $height, $width, $period, $stacked, $ret
$modules = array ();
$weights = array ();
foreach ($sources as $source) {
$sql = sprintf ("SELECT id_grupo
FROM tagente, tagente_modulo
WHERE tagente_modulo.id_agente_modulo = %d
AND tagente.id_agente = tagente_modulo.id_agente",
$source['id_agent_module']);
$id_group = get_db_sql ($sql);
if (! give_acl ($config["id_user"], $id_group, 'AR'))
continue;
array_push ($modules, $source['id_agent_module']);
array_push ($weights, $source['weight']);
}

2
pandora_console/operation/events/events.php
View File

@ -102,7 +102,7 @@ $status = (int) get_parameter ("status", 0); // -1 all, 0 only red, 1 only green
$id_agent = (int) get_parameter ("id_agent", -1); //-1 all, 0 system
$id_event = (int) get_parameter ("id_event", -1);
$pagination = (int) get_parameter ("pagination", $config["block_size"]);
$groups = get_user_groups ($config["id_user"], "AR");
$groups = get_user_groups ($config["id_user"], "IR");
$event_view_hr = (int) get_parameter ("event_view_hr", $config["event_view_hr"]);
$id_user_ack = get_parameter ("id_user_ack", 0);
$group_rep = (int) get_parameter ("group_rep", 1);

23
pandora_console/operation/snmpconsole/snmp_view.php
View File

@ -276,18 +276,15 @@ foreach ($traps as $trap) {
// Agent matching source address
$agent = get_agent_with_ip ($trap['source']);
if ($agent !== false && ! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) {
//Agent found, no rights
continue;
} elseif ($agent === false) {
//Agent not found
$data[1] = $trap["source"];
if (give_acl ($config["id_user"], 0, "AW")) {
//We have rights to create agents
$data[1] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&new_agent=1&direccion='.$data[1].'" title="'.__('Create agent').'">'.$data[1].'</a>';
if ($agent === false) {
if (! give_acl ($config["id_user"], 0, "AW")) {
continue;
}
$data[1] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&new_agent=1&direccion='.$trap["source"].'" title="'.__('Create agent').'">'.$trap["source"].'</a>';
} else {
//Agent found
if (! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) {
continue;
}
$data[1] = '<a href="index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$agent["id_agente"].'" title="'.__('View agent details').'">';
$data[1] .= '<strong>'.$agent["nombre"].'</strong></a>';
}
@ -348,7 +345,7 @@ foreach ($traps as $trap) {
if (empty ($trap["status"]) && give_acl ($config["id_user"], 0, "IW")) {
$data[8] .= '<a href="index.php?sec=snmpconsole&sec2=operation/snmpconsole/snmp_view&check='.$trap["id_trap"].'"><img src="images/ok.png" border="0" title="'.__('Validate').'" /></a>';
}
if (give_acl ($config["id_user"], 0, "IW")) {
if (give_acl ($config["id_user"], 0, "IM")) {
$data[8] .= '<a href="index.php?sec=snmpconsole&sec2=operation/snmpconsole/snmp_view&delete='.$trap["id_trap"].'&offset='.$offset.'" onClick="javascript:confirm(\''.__('Are you sure?').'\')"><img src="images/cross.png" border="0" title="'.__('Delete').'"/></a>';
}
@ -368,7 +365,9 @@ if ($idx == 0) {
unset ($table);
echo '<div style="width:735px; text-align:right;">';
print_submit_button (__('Validate'), "updatebt", false, 'class="sub ok"');
if (give_acl ($config["id_user"], 0, "IW")) {
print_submit_button (__('Validate'), "updatebt", false, 'class="sub ok"');
}
if (give_acl ($config['id_user'], 0, "IM")) {
echo "&nbsp;";