From e1e0b534e9505a168f82cc6b44cfd90fe5297864 Mon Sep 17 00:00:00 2001 From: juanmanuelr Date: Tue, 15 Feb 2011 13:17:26 +0000 Subject: [PATCH] 2011-02-15 Juan Manuel Ramon * godmode/menu.php: "godmode > manage alert > commands" tab only displayed when user privileges are "PM". * pandoradb_data.sql pandoradb.data.postgreSQL.sql: Changed "Alert management" field to 1 in "Chief Operator" row of tperfil table. * godmode/alerts/alert_templates.php: If user tries to delete a template with group=ALL then must have "PM" access privileges. * godmode/alerts/configure_alert_template.php: If user tries to duplicate /edit a template with group=ALL then must have "PM" access privileges. * godmode/alerts/alert_actions.php: If user tries to duplicate/delete an action with group=ALL then must have "PM" access privileges. * godmode/alerts/configure_alert_action.php: If user tries to edit an action with group=ALL then must have "PM" access privileges. Fixes: #3180735 git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3845 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 18 +++++ .../godmode/alerts/alert_actions.php | 68 +++++++++++++++++-- .../godmode/alerts/alert_templates.php | 29 ++++++-- .../godmode/alerts/configure_alert_action.php | 22 +++++- .../alerts/configure_alert_template.php | 30 +++++++- pandora_console/godmode/menu.php | 7 +- pandora_console/pandoradb.data.postgreSQL.sql | 2 +- pandora_console/pandoradb_data.sql | 2 +- 8 files changed, 160 insertions(+), 18 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index 37ae83717a..5a56c36e3c 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,21 @@ +2011-02-15 Juan Manuel Ramon + + * godmode/menu.php: "godmode > manage alert > commands" tab only + displayed when user privileges are "PM". + * pandoradb_data.sql + pandoradb.data.postgreSQL.sql: Changed "Alert management" field to 1 in + "Chief Operator" row of tperfil table. + * godmode/alerts/alert_templates.php: If user tries to delete a + template with group=ALL then must have "PM" access privileges. + * godmode/alerts/configure_alert_template.php: If user tries to duplicate + /edit a template with group=ALL then must have "PM" access privileges. + * godmode/alerts/alert_actions.php: If user tries to duplicate/delete an + action with group=ALL then must have "PM" access privileges. + * godmode/alerts/configure_alert_action.php: If user tries to edit an + action with group=ALL then must have "PM" access privileges. + + Fixes: #3180735 + 2011-02-15 Javier Lanz * godmode/users/configure_user.php: Truncated group name on user detail editor diff --git a/pandora_console/godmode/alerts/alert_actions.php b/pandora_console/godmode/alerts/alert_actions.php index 7f9670e536..a2cc0dad9c 100644 --- a/pandora_console/godmode/alerts/alert_actions.php +++ b/pandora_console/godmode/alerts/alert_actions.php @@ -39,16 +39,37 @@ if (is_ajax ()) { return; } -// Header -print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); - $update_action = (bool) get_parameter ('update_action'); $create_action = (bool) get_parameter ('create_action'); $delete_action = (bool) get_parameter ('delete_action'); $copy_action = (bool) get_parameter ('copy_action'); +if ((!$copy_action) && (!$delete_action)) + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + if ($copy_action) { $id = get_parameter ('id'); + + $al_action = get_alert_action ($id); + + if ($al_action !== false){ + if ($al_action['id_group'] == 0){ + if (! give_acl ($config['id_user'], 0, "PM")) { + pandora_audit("ACL Violation", + "Trying to access Alert Management"); + require ("general/noaccess.php"); + exit; + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + $result = clone_alert_action ($id); @@ -95,6 +116,25 @@ if ($create_action) { if ($update_action) { $id = (string) get_parameter ('id'); + + $al_action = get_alert_action ($id); + + if ($al_action !== false){ + if ($al_action['id_group'] == 0){ + if (! give_acl ($config['id_user'], 0, "PM")) { + pandora_audit("ACL Violation", + "Trying to access Alert Management"); + require ("general/noaccess.php"); + exit; + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + } + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + + $name = (string) get_parameter ('name'); $id_alert_command = (int) get_parameter ('id_command'); $field1 = (string) get_parameter ('field1'); @@ -129,7 +169,27 @@ if ($update_action) { if ($delete_action) { $id = get_parameter ('id'); - + + $al_action = get_alert_action ($id); + + if ($al_action !== false){ + if ($al_action['id_group'] == 0){ + if (! give_acl ($config['id_user'], 0, "PM")) { + pandora_audit("ACL Violation", + "Trying to access Alert Management"); + require ("general/noaccess.php"); + exit; + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + }else + // Header + print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true); + + $result = delete_alert_action ($id); if ($result) { diff --git a/pandora_console/godmode/alerts/alert_templates.php b/pandora_console/godmode/alerts/alert_templates.php index ee4aa22370..272fe3c24d 100644 --- a/pandora_console/godmode/alerts/alert_templates.php +++ b/pandora_console/godmode/alerts/alert_templates.php @@ -106,12 +106,14 @@ if (! give_acl ($config['id_user'], 0, "LM")) { exit; } -// Header -print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true); - $update_template = (bool) get_parameter ('update_template'); $delete_template = (bool) get_parameter ('delete_template'); +// This prevents to duplicate the header in case delete_templete action is performed +if (!$delete_template) +// Header +print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true); + if ($update_template) { $id = (int) get_parameter ('id'); @@ -129,9 +131,28 @@ if ($update_template) { __('Could not be updated')); } +// If user tries to delete a template with group=ALL then must have "PM" access privileges if ($delete_template) { $id = get_parameter ('id'); - + $al_template = get_alert_template($id); + + if ($al_template !== false){ + if ($al_template['id_group'] == 0){ + if (! give_acl ($config['id_user'], 0, "PM")) { + pandora_audit("ACL Violation", + "Trying to access Alert Management"); + require ("general/noaccess.php"); + exit; + }else + // Header + print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true); + }else + // Header + print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true); + }else + // Header + print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true); + $result = delete_alert_template ($id); if ($result) { diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php index 246f064670..91650fe15f 100644 --- a/pandora_console/godmode/alerts/configure_alert_action.php +++ b/pandora_console/godmode/alerts/configure_alert_action.php @@ -29,6 +29,26 @@ if (! give_acl ($config['id_user'], 0, "LM")) { $id = (int) get_parameter ('id'); +$al_action = get_alert_action ($id); + +if ($al_action !== false){ + if ($al_action['id_group'] == 0){ + if (! give_acl ($config['id_user'], 0, "PM")) { + pandora_audit("ACL Violation", + "Trying to access Alert Management"); + require ("general/noaccess.php"); + exit; + }else + // Header + print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true); + + }else + // Header + print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true); +}else + // Header + print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true); + $name = ''; $id_command = ''; $field1 = ''; @@ -45,8 +65,6 @@ if ($id) { $field3 = $action['field3']; $group = $action ['id_group']; } -// Header -print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true); $table->width = '90%'; $table->style = array (); diff --git a/pandora_console/godmode/alerts/configure_alert_template.php b/pandora_console/godmode/alerts/configure_alert_template.php index 18fe09d36f..71678a3cbf 100644 --- a/pandora_console/godmode/alerts/configure_alert_template.php +++ b/pandora_console/godmode/alerts/configure_alert_template.php @@ -26,13 +26,37 @@ if (! give_acl ($config['id_user'], 0, "LM")) { exit; } -// Header -print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true); - $duplicate_template = (bool) get_parameter ('duplicate_template'); $id = (int) get_parameter ('id'); +// If user tries to duplicate/edit a template with group=ALL then must have "PM" access privileges +if ($duplicate_template) { + $source_id = (int) get_parameter ('source_id'); + $a_template = get_alert_template($source_id); +}else{ + $a_template = get_alert_template($id); +} + +if ($a_template !== false){ + if ($a_template['id_group'] == 0){ + if (! give_acl ($config['id_user'], 0, "PM")) { + pandora_audit("ACL Violation", + "Trying to access Alert Management"); + require ("general/noaccess.php"); + exit; + }else + // Header + print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true); + }else + // Header + print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true); +// This prevents to duplicate the header in case duplicate/edit_template action is performed +}else + // Header + print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true); + + if ($duplicate_template) { $source_id = (int) get_parameter ('source_id'); diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php index 0f424e8c7c..3af77e783a 100644 --- a/pandora_console/godmode/menu.php +++ b/pandora_console/godmode/menu.php @@ -93,10 +93,11 @@ if (give_acl ($config['id_user'], 0, "LM")) { $sub["godmode/alerts/alert_actions"]["text"] = __('Actions'); - $sub["godmode/alerts/alert_commands"]["text"] = __('Commands'); - + if (give_acl ($config['id_user'], 0, "PM")) { + $sub["godmode/alerts/alert_commands"]["text"] = __('Commands'); + } $sub["godmode/alerts/alert_compounds"]["text"] = __('Correlation'); - + $menu["galertas"]["sub"] = $sub; } diff --git a/pandora_console/pandoradb.data.postgreSQL.sql b/pandora_console/pandoradb.data.postgreSQL.sql index 76416956d8..60a75e2872 100644 --- a/pandora_console/pandoradb.data.postgreSQL.sql +++ b/pandora_console/pandoradb.data.postgreSQL.sql @@ -246,7 +246,7 @@ INSERT INTO "tusuario_perfil" VALUES (1,'admin',5,0,'admin'); -- -- Dumping data for table "tperfil" -- -INSERT INTO "tperfil" VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,0,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,0,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1); +INSERT INTO "tperfil" VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,1,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,0,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1); INSERT INTO "tnews" ("id_news", "author", "subject", "text", "timestamp") VALUES (1,'admin','Welcome to Pandora FMS 3.2!','This is the new Pandora FMS Console. A lot of new features have been added since last version. Please read the documentation about it, and feel free to test any option.\r\n\r\nThe Pandora FMS Team.',NOW()), (2,'admin','New GIS Feature','Try our new GIS representation, activate GIS in Setup to see new available options.',NOW()); diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index b89a881cae..f5f24eb8e1 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -259,7 +259,7 @@ INSERT INTO `tusuario_perfil` VALUES (1,'admin',5,0,'admin'); -- Dumping data for table `tperfil` -- -INSERT INTO `tperfil` VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,0,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,0,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1); +INSERT INTO `tperfil` VALUES (1,'Operator (Read)',0,1,0,1,0,0,0,0,0,0),(2,'Operator (Write)',1,1,0,1,0,0,0,0,0,0),(3,'Chief Operator',1,1,1,1,0,0,0,0,0,0),(4,'Group coordinator',1,1,1,1,1,1,1,0,1,0),(5,'Pandora Administrator',1,1,1,1,1,1,1,1,1,1); INSERT INTO `tnews` VALUES (1,'admin','Welcome to Pandora FMS 3.2!','This is the new Pandora FMS Console. A l/ot of new features have been added since last version. Please read the documentation about it, and feel free to test any option.\r\n\r\nThe Pandora FMS Team.',NOW()), (2,'admin','New GIS Feature','Try our new GIS representation, activate GIS in Setup to see new available options.',NOW());