2011-06-06 Dario Rodriguez <dario.rodriguez@artica.es>

* godmode/servers/manage_recontask.php: User with flag AW can manage recon task, only for their group. * godmode/servers/modificar_server.php: User with AW flag can view server status but only Pandora Admin can delete one of them. * godmode/servers/manage_recontask_form.php: User with flag AW can manage recon task, but only for their group. * godmode/menu.php: Allowing user with flag AW see manage server tab and manage recon task subtab. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4408 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-06-06 14:00:48 +00:00 · 2011-06-06 14:00:48 +00:00 · e99f60754f
parent 0f13923eff
commit e99f60754f
5 changed files with 47 additions and 15 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,14 @@
 2011-06-06  Dario Rodriguez  <dario.rodriguez@artica.es>
 	* godmode/servers/manage_recontask.php: User with flag AW can manage recon
 	task, only for their group.
 	* godmode/servers/modificar_server.php: User with AW flag can view server
 	status but only Pandora Admin can delete one of them.
 	* godmode/servers/manage_recontask_form.php: User with flag AW can manage recon
 	task, but only for their group.
 	* godmode/menu.php: Allowing user with flag AW see manage server tab and 
 	manage recon task subtab.
 2011-06-06 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
 	* include/functions_tags.php: Fixed problem on
--- a/pandora_console/godmode/menu.php
+++ b/pandora_console/godmode/menu.php
@ -149,7 +149,7 @@ if (check_acl ($config['id_user'], 0, "IW")) {
 	}
 }
-if (check_acl ($config['id_user'], 0, "PM")) {
+if (check_acl ($config['id_user'], 0, "AW")) {
 	// Servers
 	$menu["gservers"]["text"] = __('Manage servers');
@ -158,9 +158,15 @@ if (check_acl ($config['id_user'], 0, "PM")) {
 	$sub = array ();
 	$sub["godmode/servers/manage_recontask"]["text"] = __('Manage recontask');
-	$sub["godmode/servers/plugin"]["text"] = __('Manage plugins');
+	
-	$sub["godmode/servers/recon_script"]["text"] = __('Manage recon script');
+	//This subtabs are only for Pandora Admin
-	enterprise_hook('export_target_submenu');
+	if (give_acl ($config['id_user'], 0, "PM")) {
 		$sub["godmode/servers/plugin"]["text"] = __('Manage plugins');
 		$sub["godmode/servers/recon_script"]["text"] = __('Manage recon script');
 		enterprise_hook('export_target_submenu');
 	}
 	$menu["gservers"]["sub"] = $sub;
 }
--- a/pandora_console/godmode/servers/manage_recontask.php
+++ b/pandora_console/godmode/servers/manage_recontask.php
@ -19,7 +19,7 @@ global $config;
 check_login ();
-if (! check_acl ($config['id_user'], 0, "PM")) {
+if (! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Recon Task Management");
 	require ("general/noaccess.php");
@ -169,9 +169,16 @@ if (isset($_GET["create"])) {
 // --------------------------------
 // SHOW TABLE WITH ALL RECON TASKs
 // --------------------------------
 //Pandora Admin must see all columns
 if (! give_acl ($config['id_user'], 0, "PM")) {
 	$sql = sprintf('SELECT * FROM trecon_task RT, tusuario_perfil UP WHERE 
 					UP.id_usuario = "%s" AND UP.id_grupo = RT.id_group', 
 					$config['id_user']);
-
+	$result = db_get_db_all_rows_sql ($sql);
-$result = db_get_all_rows_in_table ("trecon_task");
+} else {
 	$result = db_get_db_all_rows_in_table('trecon_task');
 }
 $color=1;
 if ($result !== false) {
 	$table->head = array  (__('Name'), __('Network'), __('Mode'), __('Group'), __('Incident'), __('OS'), __('Interval'), __('Ports'), __('Action'));
--- a/pandora_console/godmode/servers/manage_recontask_form.php
+++ b/pandora_console/godmode/servers/manage_recontask_form.php
@ -18,7 +18,7 @@ global $config;
 check_login ();
-if (! check_acl ($config['id_user'], 0, "PM")) {
+if (! check_acl ($config['id_user'], 0, "AW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Agent Management");
 	require ("general/noaccess.php");
--- a/pandora_console/godmode/servers/modificar_server.php
+++ b/pandora_console/godmode/servers/modificar_server.php
@ -20,7 +20,7 @@ require_once ("include/functions_servers.php");
 check_login();
-if (! check_acl ($config["id_user"], 0, "PM")) {
+if (! check_acl ($config["id_user"], 0, "AW")) {
 	db_pandora_audit("ACL Violation",
 		"Trying to access Server Management");
 	require ("general/noaccess.php");
@ -105,7 +105,11 @@ else {
 		$table->head[3] = __('Type');
 		$table->head[4] = __('Started');
 		$table->head[5] = __('Updated');
-		$table->head[6] = __('Delete');
+		
 		//Only Pandora Administrator can delete servers
 		if (give_acl ($config["id_user"], 0, "PM")) {
 			$table->head[6] = __('Delete');
 		}
 		foreach ($servers as $server) {
 			if ($server['status'] == 0) {
@ -122,9 +126,13 @@ else {
 			$data[3] = $server['img'];
 			$data[4] = human_time_comparation ($server["laststart"]);
 			$data[5] = human_time_comparation ($server["keepalive"]);
-			$data[6] = '<a href="index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_del='.$server["id_server"].'&amp;delete=1">';
+
-			$data[6] .= html_print_image ('images/cross.png', true, array ('title' => __('Delete'), 'onclick' => "if (! confirm ('" . __('Modules run by this server will stop working. Do you want to continue?') ."')) return false"));
+			//Only Pandora Administrator can delete servers
-			$data[6] .= '</a>';
+			if (give_acl ($config["id_user"], 0, "PM")) {
 				$data[6] = '<a href="index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_del='.$server["id_server"].'&amp;delete=1">';
 				$data[6] .= html_print_image ('images/cross.png', true, array ('title' => __('Delete'), 'onclick' => "if (! confirm ('" . __('Modules run by this server will stop working. Do you want to continue?') ."')) return false"));
 				$data[6] .= '</a>';
 			}
 			array_push ($table->data, $data);
 		}