diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index 3a035272c7..c68ce99b19 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,114 @@ +2011-02-27 Miguel de Dios + * extensions/users_connected.php: fixed the double negation in the + check_acl. + + * include/functions_events.php, include/functions_modules.php, + include/functions_reporting.php, include/functions_filemanager.php, + include/functions_config.php, include/ajax/reporting.ajax.php, + include/ajax/visual_console_builder.ajax.php, + include/ajax/alert_list.ajax.php, include/help/es/modu_group_list.php, + include/fgraph.php, include/functions.php, include/functions_db.php, + include/functions_alerts.php, include/functions_reports.php, + extensions/insert_data.php, extensions/system_info.php, + extensions/pandora_logs.php, extensions/agents_modules.php, + extensions/dbmanager.php, extensions/resource_registration.php, + extensions/update_manager/settings.php, extensions/update_manager/main.php, + extensions/plugin_registration.php, operation/incidents/incident.php, + operation/incidents/incident_detail.php, + operation/incidents/incident_statistics.php, operation/extensions.php, + operation/visual_console/render_view.php, + operation/visual_console/index.php, operation/agentes/status_monitor.php, + operation/agentes/export_csv.php, + operation/agentes/estado_ultimopaquete.php, + operation/agentes/datos_agente.php, operation/agentes/alerts_status.php, + operation/agentes/estado_generalagente.php, + operation/agentes/custom_fields.php, operation/agentes/estado_agente.php, + operation/agentes/networkmap.topology.php, + operation/agentes/networkmap.groups.php, operation/agentes/sla_view.php, + operation/agentes/exportdata.php, operation/agentes/gis_view.php, + operation/agentes/estado_monitores.php, operation/agentes/ver_agente.php, + operation/agentes/graphs.php, operation/agentes/agent_fields.php, + operation/agentes/group_view.php, operation/agentes/networkmap.php, + operation/servers/view_server.php, operation/servers/view_server_detail.php, + operation/menu.php, operation/snmpconsole/snmp_view.php, + operation/users/user_edit.php, operation/events/event_statistics.php, + operation/events/export_csv.php, operation/events/sound_events.php, + operation/events/events_validate.php, operation/events/events_list.php, + operation/events/events_marquee.php, operation/events/events.php, + operation/search_reports.php, operation/reporting/reporting_xml.php, + operation/reporting/reporting_viewer.php, + operation/reporting/graph_viewer.php, operation/search_maps.php, + mobile/operation/agents/monitor_status.php, + mobile/operation/agents/view_agents.php, mobile/index.php, + general/ui/agents_list.php, godmode/groups/modu_group_list.php, + godmode/groups/configure_group.php, godmode/groups/configure_modu_group.php, + godmode/groups/group_list.php, godmode/admin_access_logs.php, + godmode/extensions.php, godmode/db/db_main.php, godmode/db/db_audit.php, + godmode/db/db_sanity.php, godmode/db/db_refine.php, godmode/db/db_info.php, + godmode/db/db_event.php, godmode/db/db_purge.php, + godmode/agentes/fields_manager.php, godmode/agentes/module_manager.php, + godmode/agentes/modificar_agente.php, godmode/agentes/configurar_agente.php, + godmode/agentes/configure_field.php, godmode/agentes/planned_downtime.php, + godmode/agentes/manage_config_remote.php, godmode/servers/recon_script.php, + godmode/servers/plugin.php, godmode/servers/manage_recontask.php, + godmode/servers/modificar_server.php, + godmode/servers/manage_recontask_form.php, godmode/menu.php, + godmode/alerts/alert_list.list.php, + godmode/alerts/configure_alert_compound.php, + godmode/alerts/alert_compounds.php, godmode/alerts/alert_list.php, + godmode/alerts/configure_alert_template.php, + godmode/alerts/alert_templates.php, + godmode/alerts/configure_alert_action.php, + godmode/alerts/configure_alert_command.php, + godmode/alerts/alert_actions.php, godmode/alerts/alert_list.builder.php, + godmode/alerts/alert_commands.php, godmode/snmpconsole/snmp_alert.php, + godmode/snmpconsole/snmp_filters.php, godmode/setup/file_manager.php, + godmode/setup/os.list.php, godmode/setup/news.php, + godmode/setup/gis_step_2.php, godmode/setup/links.php, + godmode/setup/setup.php, godmode/setup/os.php, + godmode/setup/performance.php, godmode/setup/setup_auth.php, + godmode/setup/gis.php, godmode/setup/os.builder.php, + godmode/setup/setup_visuals.php, godmode/users/user_list.php, + godmode/users/configure_user.php, godmode/users/configure_profile.php, + godmode/gis_maps/configure_gis_map.php, godmode/gis_maps/index.php, + godmode/massive/massive_add_alerts.php, + godmode/massive/massive_copy_modules.php, + godmode/massive/massive_delete_agents.php, + godmode/massive/massive_operations.php, + godmode/massive/massive_edit_agents.php, + godmode/massive/massive_delete_action_alerts.php, + godmode/massive/massive_delete_modules.php, + godmode/massive/massive_delete_alerts.php, + godmode/massive/massive_edit_modules.php, + godmode/massive/massive_add_action_alerts.php, + godmode/modules/manage_network_components_form.php, + godmode/modules/manage_nc_groups_form.php, + godmode/modules/manage_network_templates.php, + godmode/modules/module_list.php, + godmode/modules/manage_network_components_form_common.php, + godmode/modules/manage_network_components_form_network.php, + godmode/modules/manage_network_templates_form.php, + godmode/modules/manage_network_components_form_wmi.php, + godmode/modules/manage_network_components.php, + godmode/modules/manage_nc_groups.php, + godmode/reporting/reporting_builder.list_items.php, + godmode/reporting/graph_builder.main.php, + godmode/reporting/visual_console_builder.wizard.php, + godmode/reporting/visual_console_builder.php, + godmode/reporting/reporting_builder.preview.php, + godmode/reporting/reporting_builder.main.php, + godmode/reporting/visual_console_builder.data.php, + godmode/reporting/visual_console_builder.elements.php, + godmode/reporting/graph_builder.php, + godmode/reporting/visual_console_builder.preview.php, + godmode/reporting/graph_builder.graph_editor.php, + godmode/reporting/reporting_builder.php, + godmode/reporting/visual_console_builder.editor.php, + godmode/reporting/reporting_builder.item_editor.php, + godmode/reporting/map_builder.php, godmode/reporting/graphs.php, + godmode/reporting/graph_builder.preview.php: replaced obsolete "give_acl" to + "check_acl" and erased the "give_acl". + 2011-02-28 Juan Manuel Ramon * include/ajax/visual_console_builder.ajax.php diff --git a/pandora_console/extensions/agents_modules.php b/pandora_console/extensions/agents_modules.php index 26e1a49fcc..1b4e928ec1 100644 --- a/pandora_console/extensions/agents_modules.php +++ b/pandora_console/extensions/agents_modules.php @@ -20,7 +20,7 @@ function mainAgentsModules() { check_login (); // ACL Check - if (! give_acl ($config['id_user'], 0, "AR")) { + if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Agent view (Grouped)"); require ("general/noaccess.php"); @@ -32,7 +32,7 @@ function mainAgentsModules() { // Made it a subquery, much faster on both the database and server side if (isset ($_GET["update_netgroup"])) { $group = get_parameter_get ("update_netgroup", 0); - if (give_acl ($config['id_user'], $group, "AW")) { + if (check_acl ($config['id_user'], $group, "AW")) { $sql = sprintf ("UPDATE tagente_modulo SET `flag` = 1 WHERE `id_agente` = ANY(SELECT id_agente FROM tagente WHERE `id_grupo` = %d)",$group); process_sql ($sql); } diff --git a/pandora_console/extensions/dbmanager.php b/pandora_console/extensions/dbmanager.php index 168a0ace75..18375b6c85 100644 --- a/pandora_console/extensions/dbmanager.php +++ b/pandora_console/extensions/dbmanager.php @@ -50,7 +50,7 @@ function dbmgr_extension_main () { require_css_file ('dbmanager', 'extensions/dbmanager/'); global $config; - if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { + if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/extensions/insert_data.php b/pandora_console/extensions/insert_data.php index 2bccc6ae66..a090480105 100644 --- a/pandora_console/extensions/insert_data.php +++ b/pandora_console/extensions/insert_data.php @@ -48,7 +48,7 @@ function mainInsertData() { - if (! give_acl ($config['id_user'], 0, "AW") && ! is_user_admin ($config['id_user'])) { + if (! check_acl ($config['id_user'], 0, "AW") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/extensions/pandora_logs.php b/pandora_console/extensions/pandora_logs.php index dd98572767..b418b8e0af 100644 --- a/pandora_console/extensions/pandora_logs.php +++ b/pandora_console/extensions/pandora_logs.php @@ -36,7 +36,7 @@ function view_logfile ($file_name) { function pandoralogs_extension_main () { global $config; - if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { + if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/extensions/plugin_registration.php b/pandora_console/extensions/plugin_registration.php index 827880b14d..bb83966569 100644 --- a/pandora_console/extensions/plugin_registration.php +++ b/pandora_console/extensions/plugin_registration.php @@ -15,7 +15,7 @@ function pluginreg_extension_main () { global $config; - if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { + if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/extensions/resource_registration.php b/pandora_console/extensions/resource_registration.php index 7bfdcca676..f45b8b9e71 100644 --- a/pandora_console/extensions/resource_registration.php +++ b/pandora_console/extensions/resource_registration.php @@ -29,7 +29,7 @@ In the xml is the tag "module_source" function resource_registration_extension_main() { global $config; - if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { + if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/extensions/system_info.php b/pandora_console/extensions/system_info.php index e1f803e5e8..8cf14655c3 100644 --- a/pandora_console/extensions/system_info.php +++ b/pandora_console/extensions/system_info.php @@ -213,7 +213,7 @@ function show_array($title, $anchor, $array = array()) { function mainSystemInfo() { global $config; - if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { + if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/extensions/update_manager/main.php b/pandora_console/extensions/update_manager/main.php index c5ce77d154..eb9e444aaa 100644 --- a/pandora_console/extensions/update_manager/main.php +++ b/pandora_console/extensions/update_manager/main.php @@ -55,7 +55,7 @@ if ($update_package) { $package = um_client_check_latest_update ($settings, $user_key); -if (give_acl ($config['id_user'], 0, 'PM')) { +if (check_acl ($config['id_user'], 0, 'PM')) { if (is_int ($package) && $package == 1) { echo '
'.__('Your system is up-to-date').'.
'; diff --git a/pandora_console/extensions/update_manager/settings.php b/pandora_console/extensions/update_manager/settings.php index 899ddfc932..cd8fbd1c52 100644 --- a/pandora_console/extensions/update_manager/settings.php +++ b/pandora_console/extensions/update_manager/settings.php @@ -16,7 +16,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, 'PM')) { +if (! check_acl ($config['id_user'], 0, 'PM')) { pandora_audit("ACL Violation", "Trying to use Open Update Manager extension"); include ("general/noaccess.php"); return; diff --git a/pandora_console/extensions/users_connected.php b/pandora_console/extensions/users_connected.php index 94128deeff..b9dc0b3fe2 100644 --- a/pandora_console/extensions/users_connected.php +++ b/pandora_console/extensions/users_connected.php @@ -18,7 +18,7 @@ function users_extension_main() { function users_extension_main_god ($god = true) { if (isset($config["id_user"])) { - if (!!give_acl ($config["id_user"], 0, "UM")) { + if (!check_acl ($config["id_user"], 0, "UM")) { return; } } @@ -71,7 +71,7 @@ function users_extension_main_god ($god = true) { add_godmode_menu_option (__('Users connected'), 'UM','gusuarios',"users/icon.png"); if (isset($config["id_user"])) { - if (give_acl ($config["id_user"], 0, "UM")) { + if (check_acl ($config["id_user"], 0, "UM")) { add_operation_menu_option(__('Users connected'), 'usuarios',"users/icon.png"); } } diff --git a/pandora_console/general/ui/agents_list.php b/pandora_console/general/ui/agents_list.php index 1668227d8c..a1fc44d906 100644 --- a/pandora_console/general/ui/agents_list.php +++ b/pandora_console/general/ui/agents_list.php @@ -24,7 +24,7 @@ if (is_ajax ()) { $filter = str_replace ("\\\"", "\"", $_POST['filter']); $filter = json_decode ($filter, true); $id_group = (int) get_parameter ('id_group'); - if ($id_group > 0 && give_acl ($config['id_user'], $id_group, $access)) + if ($id_group > 0 && check_acl ($config['id_user'], $id_group, $access)) $filter['id_grupo'] = $id_group; else $filter['id_grupo'] = array_keys (get_user_groups (false, $access)); diff --git a/pandora_console/godmode/admin_access_logs.php b/pandora_console/godmode/admin_access_logs.php index 309549d912..cd748519a4 100644 --- a/pandora_console/godmode/admin_access_logs.php +++ b/pandora_console/godmode/admin_access_logs.php @@ -24,7 +24,7 @@ check_login (); $enterprise_include = enterprise_include_once('godmode/admin_access_logs.php'); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit( "ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/agentes/configurar_agente.php b/pandora_console/godmode/agentes/configurar_agente.php index 169500fbb3..2ebf172da9 100644 --- a/pandora_console/godmode/agentes/configurar_agente.php +++ b/pandora_console/godmode/agentes/configurar_agente.php @@ -27,7 +27,7 @@ $group = 0; if ($id_agente) $group = get_agent_group ($id_agente); -if (! give_acl ($config["id_user"], $group, "AW")) { +if (! check_acl ($config["id_user"], $group, "AW")) { pandora_audit("ACL Violation", "Trying to access agent manager"); require ("general/noaccess.php"); @@ -488,7 +488,7 @@ if ($update_agent) { // if modified some agent paramenter if ($id_agente) { //This has been done in the beginning of the page, but if an agent was created, this id might change $id_grupo = get_agent_group ($id_agente); - if (give_acl ($config["id_user"], $id_grupo, "AW") != 1) { + if (check_acl ($config["id_user"], $id_grupo, "AW") != 1) { pandora_audit("ACL Violation","Trying to admin an agent without access"); require ("general/noaccess.php"); exit; @@ -528,7 +528,7 @@ $edit_module = (bool) get_parameter ('edit_module'); if ($update_module || $create_module) { $id_grupo = get_agent_group ($id_agente); - if (! give_acl ($config["id_user"], $id_grupo, "AW")) { + if (! check_acl ($config["id_user"], $id_grupo, "AW")) { pandora_audit("ACL Violation", "Trying to create a module without admin rights"); require ("general/noaccess.php"); @@ -752,7 +752,7 @@ if ($delete_module) { // DELETE agent module ! $module_data = get_db_row ('tagente_modulo', 'id_agente_modulo', $id_borrar_modulo); $id_grupo = (int) dame_id_grupo ($id_agente); - if (! give_acl ($config["id_user"], $id_grupo, "AW")) { + if (! check_acl ($config["id_user"], $id_grupo, "AW")) { pandora_audit("ACL Violation", "Trying to delete a module without admin rights"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/agentes/configure_field.php b/pandora_console/godmode/agentes/configure_field.php index 99c7409479..21bc418fc6 100755 --- a/pandora_console/godmode/agentes/configure_field.php +++ b/pandora_console/godmode/agentes/configure_field.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Group Management2"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/agentes/fields_manager.php b/pandora_console/godmode/agentes/fields_manager.php index cbd3f627fd..b9b29989ef 100644 --- a/pandora_console/godmode/agentes/fields_manager.php +++ b/pandora_console/godmode/agentes/fields_manager.php @@ -19,7 +19,7 @@ global $config; check_login(); -if (! give_acl($config['id_user'], 0, "PM")) { +if (! check_acl($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Group Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/agentes/manage_config_remote.php b/pandora_console/godmode/agentes/manage_config_remote.php index eb4ad5238d..cb99854013 100644 --- a/pandora_console/godmode/agentes/manage_config_remote.php +++ b/pandora_console/godmode/agentes/manage_config_remote.php @@ -23,7 +23,7 @@ $id_group = get_parameter ("id_group", -1); $update_agent = get_parameter ("update_agent", -1); $update_group = get_parameter ("update_group", -1); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access remote config copy tool"); require ("general/noaccess.php"); @@ -123,7 +123,7 @@ if ((isset($_GET["operacion"])) AND ($update_group == -1) ) { $result=mysql_query($sql1); while ($row=mysql_fetch_array($result)){ - if (give_acl ($config["id_user"], $row["id_grupo"], "AR")){ + if (check_acl ($config["id_user"], $row["id_grupo"], "AR")){ $source = $config["remote_config"]."/conf/". md5($row["nombre"]).".conf"; if (file_exists($source)){ echo ""; @@ -144,7 +144,7 @@ if ((isset($_GET["operacion"])) AND ($update_group == -1) ) { $result=mysql_query($sql1); while ($row=mysql_fetch_array($result)){ - if (give_acl ($config["id_user"], $row["id_grupo"], "AW")) + if (check_acl ($config["id_user"], $row["id_grupo"], "AW")) echo ""; } echo ''; diff --git a/pandora_console/godmode/agentes/modificar_agente.php b/pandora_console/godmode/agentes/modificar_agente.php index 81c78d7112..a80cfa9069 100644 --- a/pandora_console/godmode/agentes/modificar_agente.php +++ b/pandora_console/godmode/agentes/modificar_agente.php @@ -29,7 +29,7 @@ if ($ag_group == -1 ) if (($ag_group == -1) && ($group_id != 0)) $ag_group = $group_id; -if (! give_acl ($config["id_user"], 0, "AW")) { +if (! check_acl ($config["id_user"], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access agent manager"); require ("general/noaccess.php"); @@ -46,7 +46,7 @@ if (!empty($agent_to_delete)) { $id_agente = $agent_to_delete; $agent_name = get_agent_name ($id_agente); $id_grupo = dame_id_grupo ($id_agente); - if (give_acl ($config["id_user"], $id_grupo, "AW")==1) { + if (check_acl ($config["id_user"], $id_grupo, "AW")==1) { $id_agentes[0] = $id_agente; delete_agent($id_agentes); pandora_audit("Agent management", "Delete Agent " . $agent_name); @@ -245,7 +245,7 @@ if ($agents !== false) { $iterator = 0; foreach ($agents as $agent) { $id_grupo = $agent["id_grupo"]; - if (! give_acl ($config["id_user"], $id_grupo, "AW")) + if (! check_acl ($config["id_user"], $id_grupo, "AW")) continue; if ($color == 1){ $tdcolor = "datos"; diff --git a/pandora_console/godmode/agentes/module_manager.php b/pandora_console/godmode/agentes/module_manager.php index a670ee8ebd..90140cb9f6 100644 --- a/pandora_console/godmode/agentes/module_manager.php +++ b/pandora_console/godmode/agentes/module_manager.php @@ -83,7 +83,7 @@ if ($multiple_delete) { foreach($id_agent_modules_delete as $id_agent_module_del) { $id_grupo = (int) dame_id_grupo ($id_agente); - if (! give_acl ($config["id_user"], $id_grupo, "AW")) { + if (! check_acl ($config["id_user"], $id_grupo, "AW")) { pandora_audit("ACL Violation", "Trying to delete a module without admin rights"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/agentes/planned_downtime.php b/pandora_console/godmode/agentes/planned_downtime.php index 0c15af5192..bec29b5d98 100644 --- a/pandora_console/godmode/agentes/planned_downtime.php +++ b/pandora_console/godmode/agentes/planned_downtime.php @@ -18,7 +18,7 @@ global $config; check_login(); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access downtime scheduler"); require ("general/noaccess.php"); @@ -199,7 +199,7 @@ if ($create_downtime || $update_downtime) { $data = array (); if ($downtimes) foreach ($downtimes as $downtime) { - if (give_acl ($config["id_user"], $downtime['id_grupo'], "AR")) { + if (check_acl ($config["id_user"], $downtime['id_grupo'], "AR")) { $data[$downtime['id_agente']] = $downtime['nombre']; } } diff --git a/pandora_console/godmode/alerts/alert_actions.php b/pandora_console/godmode/alerts/alert_actions.php index 37158eac45..f9398a5670 100644 --- a/pandora_console/godmode/alerts/alert_actions.php +++ b/pandora_console/godmode/alerts/alert_actions.php @@ -20,7 +20,7 @@ require_once ("include/functions_alerts.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Alert actions"); require ("general/noaccess.php"); @@ -57,7 +57,7 @@ if ($copy_action) { // If user tries to copy an action with group=ALL if ($al_action['id_group'] == 0){ // then must have "PM" access privileges - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -68,7 +68,7 @@ if ($copy_action) { // If user tries to copy an action of others groups }else{ $own_info = get_user_info ($config['id_user']); - if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) + if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $own_groups = array_keys(get_user_groups($config['id_user'], "LM")); else $own_groups = array_keys(get_user_groups($config['id_user'], "LM", false)); @@ -142,7 +142,7 @@ if ($update_action) { if ($al_action !== false){ if ($al_action['id_group'] == 0){ - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -200,7 +200,7 @@ if ($delete_action) { // If user tries to delete an action with group=ALL if ($al_action['id_group'] == 0){ // then must have "PM" access privileges - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -211,7 +211,7 @@ if ($delete_action) { // If user tries to delete an action of others groups }else{ $own_info = get_user_info ($config['id_user']); - if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) + if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $own_groups = array_keys(get_user_groups($config['id_user'], "LM")); else $own_groups = array_keys(get_user_groups($config['id_user'], "LM", false)); diff --git a/pandora_console/godmode/alerts/alert_commands.php b/pandora_console/godmode/alerts/alert_commands.php index 04d280ec90..bba3886aa3 100644 --- a/pandora_console/godmode/alerts/alert_commands.php +++ b/pandora_console/godmode/alerts/alert_commands.php @@ -21,7 +21,7 @@ require_once ("include/functions_alerts.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/alerts/alert_compounds.php b/pandora_console/godmode/alerts/alert_compounds.php index 181f138eab..1d88bd413a 100644 --- a/pandora_console/godmode/alerts/alert_compounds.php +++ b/pandora_console/godmode/alerts/alert_compounds.php @@ -15,7 +15,7 @@ check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/alerts/alert_list.builder.php b/pandora_console/godmode/alerts/alert_list.builder.php index 012fec4859..34f59f9a8e 100644 --- a/pandora_console/godmode/alerts/alert_list.builder.php +++ b/pandora_console/godmode/alerts/alert_list.builder.php @@ -18,7 +18,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "LW")) { +if (! check_acl ($config['id_user'], 0, "LW")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -65,7 +65,7 @@ $table->data[1][0] = __('Template'); $table->data[1][0] = __('Template'); $own_info = get_user_info ($config['id_user']); -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $templates = get_alert_templates (false, array ('id', 'name')); else{ $usr_groups = get_user_groups($config['id_user'], 'LW', true); @@ -78,7 +78,7 @@ $table->data[1][1] = print_select (index_array ($templates, 'id', 'name'), 'template', '', '', __('Select'), 0, true); $table->data[1][1] .= ' '; -if (give_acl ($config['id_user'], 0, "LM")) { +if (check_acl ($config['id_user'], 0, "LM")) { $table->data[1][1] .= print_image ('images/add.png', true); $table->data[1][1] .= ''; $table->data[1][1] .= __('Create Template'); @@ -101,7 +101,7 @@ $table->data[2][1] .= print_input_text ('fires_max', '', '', 4, 10, true); $table->data[2][1] .= print_help_icon ("alert-matches", true); $table->data[2][1] .= ''; $table->data[2][1] .= ''; -if (give_acl ($config['id_user'], 0, "LM")) { +if (check_acl ($config['id_user'], 0, "LM")) { $table->data[2][1] .= print_image ('images/add.png', true); $table->data[2][1] .= ''; $table->data[2][1] .= __('Create Action'); diff --git a/pandora_console/godmode/alerts/alert_list.list.php b/pandora_console/godmode/alerts/alert_list.list.php index b6d5b05b39..0234af40c6 100644 --- a/pandora_console/godmode/alerts/alert_list.list.php +++ b/pandora_console/godmode/alerts/alert_list.list.php @@ -18,7 +18,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "LW")) { +if (! check_acl ($config['id_user'], 0, "LW")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -27,7 +27,7 @@ if (! give_acl ($config['id_user'], 0, "LW")) { /* Check if this page is included from a agent edition */ -if (! give_acl ($config['id_user'], 0, "LW")) { +if (! check_acl ($config['id_user'], 0, "LW")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/alerts/alert_list.php b/pandora_console/godmode/alerts/alert_list.php index 345bf3d4e3..9b145815a1 100644 --- a/pandora_console/godmode/alerts/alert_list.php +++ b/pandora_console/godmode/alerts/alert_list.php @@ -18,7 +18,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "LW")) { +if (! check_acl ($config['id_user'], 0, "LW")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/alerts/alert_templates.php b/pandora_console/godmode/alerts/alert_templates.php index 0fe9df9f19..43734778de 100644 --- a/pandora_console/godmode/alerts/alert_templates.php +++ b/pandora_console/godmode/alerts/alert_templates.php @@ -99,7 +99,7 @@ if (is_ajax ()) { return; } -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -139,7 +139,7 @@ if ($delete_template) { if ($al_template !== false){ // If user tries to delete a template with group=ALL then must have "PM" access privileges if ($al_template['id_group'] == 0){ - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -150,7 +150,7 @@ if ($delete_template) { // If user tries to delete a template of others groups }else{ $own_info = get_user_info ($config['id_user']); - if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) + if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $own_groups = array_keys(get_user_groups($config['id_user'], "LM")); else $own_groups = array_keys(get_user_groups($config['id_user'], "LM", false)); diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php index b6684b92dc..0be1330147 100644 --- a/pandora_console/godmode/alerts/configure_alert_action.php +++ b/pandora_console/godmode/alerts/configure_alert_action.php @@ -20,7 +20,7 @@ require_once ('include/functions_alerts.php'); check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -35,7 +35,7 @@ if ($al_action !== false){ // If user tries to edit an action with group=ALL if ($al_action['id_group'] == 0){ // then must have "PM" access privileges - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -46,7 +46,7 @@ if ($al_action !== false){ // If user tries to edit an action of others groups }else{ $own_info = get_user_info ($config['id_user']); - if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) + if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $own_groups = array_keys(get_user_groups($config['id_user'], "LM")); else $own_groups = array_keys(get_user_groups($config['id_user'], "LM", false)); @@ -99,7 +99,7 @@ $table->data[1][0] = __('Group'); $groups = get_user_groups (); $own_info = get_user_info ($config['id_user']); // Only display group "All" if user is administrator or has "PM" privileges -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $display_all_group = true; else $display_all_group = false; @@ -109,7 +109,7 @@ $table->data[2][0] = __('Command'); $table->data[2][1] = print_select_from_sql ('SELECT id, name FROM talert_commands', 'id_command', $id_command, '', __('None'), 0, true); $table->data[2][1] .= ' '; -if (give_acl ($config['id_user'], 0, "PM")){ +if (check_acl ($config['id_user'], 0, "PM")){ $table->data[2][1] .= print_image ('images/add.png', true); $table->data[2][1] .= ''; $table->data[2][1] .= __('Create Command'); diff --git a/pandora_console/godmode/alerts/configure_alert_command.php b/pandora_console/godmode/alerts/configure_alert_command.php index 01e486fef7..ad6f21840d 100644 --- a/pandora_console/godmode/alerts/configure_alert_command.php +++ b/pandora_console/godmode/alerts/configure_alert_command.php @@ -19,7 +19,7 @@ require_once ("include/functions_alerts.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/alerts/configure_alert_compound.php b/pandora_console/godmode/alerts/configure_alert_compound.php index c1c2c27f70..234876f457 100644 --- a/pandora_console/godmode/alerts/configure_alert_compound.php +++ b/pandora_console/godmode/alerts/configure_alert_compound.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -227,7 +227,7 @@ if ($id && ! $create_compound) { $field3_recovery = $compound['field3_recovery']; $id_agent = $compound['id_agent']; $id_group = get_agent_group ($id_agent); - if (! give_acl ($config['id_user'], $id_group, "AW")) { + if (! check_acl ($config['id_user'], $id_group, "AW")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/alerts/configure_alert_template.php b/pandora_console/godmode/alerts/configure_alert_template.php index 429c798576..0ca3baf63d 100644 --- a/pandora_console/godmode/alerts/configure_alert_template.php +++ b/pandora_console/godmode/alerts/configure_alert_template.php @@ -19,7 +19,7 @@ require_once ('include/functions_alerts.php'); check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -42,7 +42,7 @@ if ($a_template !== false){ // If user tries to duplicate/edit a template with group=ALL if ($a_template['id_group'] == 0){ // then must have "PM" access privileges - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -53,7 +53,7 @@ if ($a_template !== false){ // If user tries to duplicate/edit a template of others groups }else{ $own_info = get_user_info ($config['id_user']); - if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) + if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $own_groups = array_keys(get_user_groups($config['id_user'], "LM")); else $own_groups = array_keys(get_user_groups($config['id_user'], "LM", false)); @@ -519,7 +519,7 @@ if ($step == 2) { $groups = get_user_groups (); $own_info = get_user_info($config['id_user']); // Only display group "All" if user is administrator or has "PM" privileges - if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) + if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $display_all_group = true; else $display_all_group = false; diff --git a/pandora_console/godmode/db/db_audit.php b/pandora_console/godmode/db/db_audit.php index 22190b83b9..bded01762b 100644 --- a/pandora_console/godmode/db/db_audit.php +++ b/pandora_console/godmode/db/db_audit.php @@ -20,7 +20,7 @@ print_page_header (__('Database maintenance').' » '.__('Database audit pur check_login (); -if (! give_acl ($config['id_user'], 0, "DM")) { +if (! check_acl ($config['id_user'], 0, "DM")) { pandora_audit("ACL Violation", "Trying to access Database Management Audit"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/db/db_event.php b/pandora_console/godmode/db/db_event.php index 69865289ea..fb9b1b8089 100644 --- a/pandora_console/godmode/db/db_event.php +++ b/pandora_console/godmode/db/db_event.php @@ -20,7 +20,7 @@ check_login (); print_page_header (__('Database maintenance').' » '.__('Event database cleanup'), "images/god8.png", false, "", true); -if (! give_acl ($config['id_user'], 0, "DM")) { +if (! check_acl ($config['id_user'], 0, "DM")) { pandora_audit("ACL Violation", "Trying to access Database Management Event"); require ("general/noaccess.php"); exit; diff --git a/pandora_console/godmode/db/db_info.php b/pandora_console/godmode/db/db_info.php index d315566274..1df99dcb35 100644 --- a/pandora_console/godmode/db/db_info.php +++ b/pandora_console/godmode/db/db_info.php @@ -26,7 +26,7 @@ print_page_header (__('Database maintenance').' » '.__('Database informati check_login (); -if (! give_acl ($config['id_user'], 0, "DM")) { +if (! check_acl ($config['id_user'], 0, "DM")) { pandora_audit("ACL Violation", "Trying to access Database Management Info"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/db/db_main.php b/pandora_console/godmode/db/db_main.php index e30aefd0d0..a0fe28b49d 100644 --- a/pandora_console/godmode/db/db_main.php +++ b/pandora_console/godmode/db/db_main.php @@ -23,7 +23,7 @@ if ($config['flash_charts']) { check_login (); -if (! give_acl ($config['id_user'], 0, "DM")) { +if (! check_acl ($config['id_user'], 0, "DM")) { pandora_audit("ACL Violation", "Trying to access Database Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/db/db_purge.php b/pandora_console/godmode/db/db_purge.php index 0f6902e1ef..72585ff35d 100644 --- a/pandora_console/godmode/db/db_purge.php +++ b/pandora_console/godmode/db/db_purge.php @@ -24,7 +24,7 @@ if ($config['flash_charts']) { check_login (); -if (! give_acl ($config['id_user'], 0, "DM")) { +if (! check_acl ($config['id_user'], 0, "DM")) { pandora_audit( "ACL Violation", "Trying to access Database Purge Section"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/db/db_refine.php b/pandora_console/godmode/db/db_refine.php index 7acaf0e2b0..f36c638636 100644 --- a/pandora_console/godmode/db/db_refine.php +++ b/pandora_console/godmode/db/db_refine.php @@ -20,7 +20,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "DM")) { +if (! check_acl ($config['id_user'], 0, "DM")) { pandora_audit("ACL Violation","Trying to access Database Debug Admin section"); require ("general/noaccess.php"); exit; diff --git a/pandora_console/godmode/db/db_sanity.php b/pandora_console/godmode/db/db_sanity.php index d2cc2f5dc4..a8a2a270e3 100644 --- a/pandora_console/godmode/db/db_sanity.php +++ b/pandora_console/godmode/db/db_sanity.php @@ -19,7 +19,7 @@ global $config; check_login(); -if (! give_acl ($config["id_user"], 0, "DM")) { +if (! check_acl ($config["id_user"], 0, "DM")) { pandora_audit("ACL Violation", "Trying to access Database cure section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/extensions.php b/pandora_console/godmode/extensions.php index cdf3dd2109..a6d1b15045 100644 --- a/pandora_console/godmode/extensions.php +++ b/pandora_console/godmode/extensions.php @@ -15,7 +15,7 @@ check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access extensions list"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/gis_maps/configure_gis_map.php b/pandora_console/godmode/gis_maps/configure_gis_map.php index d5e740e69c..7d95eb0d34 100644 --- a/pandora_console/godmode/gis_maps/configure_gis_map.php +++ b/pandora_console/godmode/gis_maps/configure_gis_map.php @@ -78,7 +78,7 @@ function updateArrowLayers() { data[1][1] = " " . addConectionMapsInForm($map_connection_list) . "
"; $own_info = get_user_info($config['id_user']); -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $display_all_group = true; else $display_all_group = false; diff --git a/pandora_console/godmode/gis_maps/index.php b/pandora_console/godmode/gis_maps/index.php index d1e1257102..e0cf113531 100644 --- a/pandora_console/godmode/gis_maps/index.php +++ b/pandora_console/godmode/gis_maps/index.php @@ -21,7 +21,7 @@ require_once ('include/functions_gis.php'); require_javascript_file('openlayers.pandora'); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access map builder"); require ("general/noaccess.php"); return; @@ -50,7 +50,7 @@ if (is_ajax ()) { $action = get_parameter('action'); $own_info = get_user_info($config['id_user']); -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $display_default_column = true; else $display_default_column = false; @@ -91,7 +91,7 @@ if (!$maps) { if (!check_acl ($config["id_user"], $map["group_id"], "IR")) { continue; } - if ($map['group_id'] == 0 && (!$own_info['is_admin'] || !give_acl ($config['id_user'], 0, "PM"))) + if ($map['group_id'] == 0 && (!$own_info['is_admin'] || !check_acl ($config['id_user'], 0, "PM"))) continue; $checked = false; if ($map['default_map']) { diff --git a/pandora_console/godmode/groups/configure_group.php b/pandora_console/godmode/groups/configure_group.php index cdd04a9f88..4f9a694f5c 100644 --- a/pandora_console/godmode/groups/configure_group.php +++ b/pandora_console/godmode/groups/configure_group.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Group Management2"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/groups/configure_modu_group.php b/pandora_console/godmode/groups/configure_modu_group.php index 40ab1ec939..9a670e951e 100644 --- a/pandora_console/godmode/groups/configure_modu_group.php +++ b/pandora_console/godmode/groups/configure_modu_group.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Group Management2"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/groups/group_list.php b/pandora_console/godmode/groups/group_list.php index 0b0f3f9596..5b2ddd1a48 100644 --- a/pandora_console/godmode/groups/group_list.php +++ b/pandora_console/godmode/groups/group_list.php @@ -22,7 +22,7 @@ check_login(); require_once("include/functions_groups.php"); if (is_ajax ()) { - if (! give_acl($config['id_user'], 0, "AR")) { + if (! check_acl($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Group Management"); require ("general/noaccess.php"); return; @@ -46,7 +46,7 @@ if (is_ajax ()) { return; } - if (! give_acl ($config['id_user'], $id_group, "AR")) { + if (! check_acl ($config['id_user'], $id_group, "AR")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); echo json_encode (false); @@ -63,7 +63,7 @@ if (is_ajax ()) { $id_group = (int) get_parameter ('id_group'); $disabled = (int) get_parameter ('disabled', 0); - if (! give_acl ($config['id_user'], $id_group, "AR")) { + if (! check_acl ($config['id_user'], $id_group, "AR")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); echo json_encode (false); @@ -77,7 +77,7 @@ if (is_ajax ()) { return; } -if (! give_acl($config['id_user'], 0, "PM")) { +if (! check_acl($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Group Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/groups/modu_group_list.php b/pandora_console/godmode/groups/modu_group_list.php index e90362f0a0..2509913be5 100644 --- a/pandora_console/godmode/groups/modu_group_list.php +++ b/pandora_console/godmode/groups/modu_group_list.php @@ -20,7 +20,7 @@ global $config; check_login(); -if (! give_acl($config['id_user'], 0, "PM")) { +if (! check_acl($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Group Management"); require ("general/noaccess.php"); @@ -34,7 +34,7 @@ if (is_ajax ()) { if ($get_group_json) { $id_group = (int) get_parameter ('id_group'); - if (! give_acl ($config['id_user'], $id_group, "AR")) { + if (! check_acl ($config['id_user'], $id_group, "AR")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); echo json_encode (false); diff --git a/pandora_console/godmode/massive/massive_add_action_alerts.php b/pandora_console/godmode/massive/massive_add_action_alerts.php index 1ba52ff023..a9e440ba6e 100644 --- a/pandora_console/godmode/massive/massive_add_action_alerts.php +++ b/pandora_console/godmode/massive/massive_add_action_alerts.php @@ -16,7 +16,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access massive agent deletion section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_add_alerts.php b/pandora_console/godmode/massive/massive_add_alerts.php index c7aa9e2617..5cb061c8ef 100644 --- a/pandora_console/godmode/massive/massive_add_alerts.php +++ b/pandora_console/godmode/massive/massive_add_alerts.php @@ -17,7 +17,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access massive alert deletion"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_copy_modules.php b/pandora_console/godmode/massive/massive_copy_modules.php index a1f69adb94..5e13e17253 100644 --- a/pandora_console/godmode/massive/massive_copy_modules.php +++ b/pandora_console/godmode/massive/massive_copy_modules.php @@ -17,7 +17,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access Agent Config Management Admin section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_delete_action_alerts.php b/pandora_console/godmode/massive/massive_delete_action_alerts.php index ea4f5f5830..c5e0c3fa3b 100644 --- a/pandora_console/godmode/massive/massive_delete_action_alerts.php +++ b/pandora_console/godmode/massive/massive_delete_action_alerts.php @@ -16,7 +16,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access massive agent deletion section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_delete_agents.php b/pandora_console/godmode/massive/massive_delete_agents.php index 88dc38222f..d0dfd1fd70 100644 --- a/pandora_console/godmode/massive/massive_delete_agents.php +++ b/pandora_console/godmode/massive/massive_delete_agents.php @@ -16,7 +16,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access massive agent deletion section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_delete_alerts.php b/pandora_console/godmode/massive/massive_delete_alerts.php index d053559938..27569ef105 100644 --- a/pandora_console/godmode/massive/massive_delete_alerts.php +++ b/pandora_console/godmode/massive/massive_delete_alerts.php @@ -17,7 +17,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access massive alert deletion"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_delete_modules.php b/pandora_console/godmode/massive/massive_delete_modules.php index 03cd4797cd..8ecf327fc6 100644 --- a/pandora_console/godmode/massive/massive_delete_modules.php +++ b/pandora_console/godmode/massive/massive_delete_modules.php @@ -17,7 +17,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access agent massive deletion"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_edit_agents.php b/pandora_console/godmode/massive/massive_edit_agents.php index 8af3b5b210..3931d7c419 100644 --- a/pandora_console/godmode/massive/massive_edit_agents.php +++ b/pandora_console/godmode/massive/massive_edit_agents.php @@ -16,7 +16,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access massive agent deletion section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_edit_modules.php b/pandora_console/godmode/massive/massive_edit_modules.php index 76df4c3f20..ebd1c26e3b 100644 --- a/pandora_console/godmode/massive/massive_edit_modules.php +++ b/pandora_console/godmode/massive/massive_edit_modules.php @@ -16,7 +16,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access massive module update"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/massive/massive_operations.php b/pandora_console/godmode/massive/massive_operations.php index 46406aec9a..41c0294f6b 100644 --- a/pandora_console/godmode/massive/massive_operations.php +++ b/pandora_console/godmode/massive/massive_operations.php @@ -16,7 +16,7 @@ // Load global vars check_login (); -if (! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access massive operation section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php index 3af77e783a..1a22b9e235 100644 --- a/pandora_console/godmode/menu.php +++ b/pandora_console/godmode/menu.php @@ -23,7 +23,7 @@ require_once ('include/functions_menu.php'); $menu = array (); $menu['class'] = 'godmode'; -if (give_acl ($config['id_user'], 0, "AW")) { +if (check_acl ($config['id_user'], 0, "AW")) { $menu["gagente"]["text"] = __('Manage agents'); $menu["gagente"]["sec2"] = "godmode/agentes/modificar_agente"; $menu["gagente"]["id"] = "god-agents"; @@ -31,7 +31,7 @@ if (give_acl ($config['id_user'], 0, "AW")) { $sub = array (); $sub["godmode/agentes/manage_config_remote"]["text"] = __('Duplicate config'); - if (give_acl ($config["id_user"], 0, "PM")) { + if (check_acl ($config["id_user"], 0, "PM")) { $sub["godmode/groups/group_list"]["text"] = __('Manage groups'); $sub["godmode/groups/modu_group_list"]["text"] = __('Module groups'); @@ -43,7 +43,7 @@ if (give_acl ($config['id_user'], 0, "AW")) { $menu["gagente"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "AW")) { +if (check_acl ($config['id_user'], 0, "AW")) { $menu["gmassive"]["text"] = __('Massive operations'); $menu["gmassive"]["sec2"] = "godmode/massive/massive_operations"; $menu["gmassive"]["id"] = "god-massive"; @@ -60,11 +60,11 @@ if (give_acl ($config['id_user'], 0, "AW")) { $menu["gmassive"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "AW")) { +if (check_acl ($config['id_user'], 0, "AW")) { enterprise_hook ('services_godmenu'); } -if (give_acl ($config['id_user'], 0, "PM")) { +if (check_acl ($config['id_user'], 0, "PM")) { $menu["gmodules"]["text"] = __('Manage modules'); $menu["gmodules"]["sec2"] = "godmode/modules/module_list"; $menu["gmodules"]["id"] = "god-modules"; @@ -83,7 +83,7 @@ if (give_acl ($config['id_user'], 0, "PM")) { $menu["gmodules"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "LM")) { +if (check_acl ($config['id_user'], 0, "LM")) { $menu["galertas"]["text"] = __('Manage alerts'); $menu["galertas"]["sec2"] = "godmode/alerts/alert_list"; $menu["galertas"]["id"] = "god-alerts"; @@ -93,7 +93,7 @@ if (give_acl ($config['id_user'], 0, "LM")) { $sub["godmode/alerts/alert_actions"]["text"] = __('Actions'); - if (give_acl ($config['id_user'], 0, "PM")) { + if (check_acl ($config['id_user'], 0, "PM")) { $sub["godmode/alerts/alert_commands"]["text"] = __('Commands'); } $sub["godmode/alerts/alert_compounds"]["text"] = __('Correlation'); @@ -101,11 +101,11 @@ if (give_acl ($config['id_user'], 0, "LM")) { $menu["galertas"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "AW")) { +if (check_acl ($config['id_user'], 0, "AW")) { enterprise_hook ('policies_menu'); } -if (give_acl ($config['id_user'], 0, "UM")) { +if (check_acl ($config['id_user'], 0, "UM")) { $menu["gusuarios"]["text"] = __('Manage users'); $menu["gusuarios"]["sec2"] = "godmode/users/user_list"; $menu["gusuarios"]["id"] = "god-users"; @@ -113,7 +113,7 @@ if (give_acl ($config['id_user'], 0, "UM")) { } // SNMP console -if (give_acl($config['id_user'], 0, "LW")) { +if (check_acl($config['id_user'], 0, "LW")) { $menu["gsnmpconsole"]["text"] = __('Manage SNMP console'); $menu["gsnmpconsole"]["sec2"] = "godmode/snmpconsole/snmp_alert"; $menu["gsnmpconsole"]["id"] = "god-snmpc"; @@ -128,7 +128,7 @@ if (give_acl($config['id_user'], 0, "LW")) { } // Reporting -if (give_acl ($config['id_user'], 0, "IW")) { +if (check_acl ($config['id_user'], 0, "IW")) { $menu["greporting"]["text"] = __('Manage reports'); $menu["greporting"]["sec2"] = "godmode/reporting/reporting_builder"; $menu["greporting"]["id"] = "god-reporting"; @@ -144,7 +144,7 @@ if (give_acl ($config['id_user'], 0, "IW")) { $menu["greporting"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "IW")) { +if (check_acl ($config['id_user'], 0, "IW")) { // Custom map builder $menu["gmap"]["text"] = __('Visual console builder'); $menu["gmap"]["sec2"] = "godmode/reporting/map_builder"; @@ -158,7 +158,7 @@ if (give_acl ($config['id_user'], 0, "IW")) { } } -if (give_acl ($config['id_user'], 0, "PM")) { +if (check_acl ($config['id_user'], 0, "PM")) { // Servers $menu["gservers"]["text"] = __('Manage servers'); @@ -177,11 +177,11 @@ if (give_acl ($config['id_user'], 0, "PM")) { $menu["gservers"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "LW")) { +if (check_acl ($config['id_user'], 0, "LW")) { enterprise_hook ('snmpconsole_menu'); } -if (give_acl ($config['id_user'], 0, "PM")) { +if (check_acl ($config['id_user'], 0, "PM")) { // Audit $menu["glog"]["text"] = __('System audit log'); $menu["glog"]["sec2"] = "godmode/admin_access_logs"; @@ -211,7 +211,7 @@ if (give_acl ($config['id_user'], 0, "PM")) { $menu["gsetup"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "DM")) { +if (check_acl ($config['id_user'], 0, "DM")) { $menu["gdbman"]["text"] = __('DB maintenance'); $menu["gdbman"]["sec2"] = "godmode/db/db_main"; $menu["gdbman"]["id"] = "god-dbmaint"; @@ -232,7 +232,7 @@ if (give_acl ($config['id_user'], 0, "DM")) { $menu["gdbman"]["sub"] = $sub; } -if (give_acl ($config['id_user'], 0, "PM")) { +if (check_acl ($config['id_user'], 0, "PM")) { if (is_array ($config['extensions'])) { $menu["gextensions"]["text"] = __('Extensions'); $menu["gextensions"]["sec2"] = "godmode/extensions"; @@ -241,7 +241,7 @@ if (give_acl ($config['id_user'], 0, "PM")) { $sub = array (); foreach ($config['extensions'] as $extension) { $extmenu = $extension['godmode_menu']; - if ($extension['godmode_menu'] == '' || ! give_acl ($config['id_user'], 0, $extmenu['acl'])) { + if ($extension['godmode_menu'] == '' || ! check_acl ($config['id_user'], 0, $extmenu['acl'])) { continue; } diff --git a/pandora_console/godmode/modules/manage_nc_groups.php b/pandora_console/godmode/modules/manage_nc_groups.php index afe1881147..69ee7ca4c2 100644 --- a/pandora_console/godmode/modules/manage_nc_groups.php +++ b/pandora_console/godmode/modules/manage_nc_groups.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access SNMP Group Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_nc_groups_form.php b/pandora_console/godmode/modules/manage_nc_groups_form.php index 6a0ed5c1d0..a79f127215 100644 --- a/pandora_console/godmode/modules/manage_nc_groups_form.php +++ b/pandora_console/godmode/modules/manage_nc_groups_form.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access SNMO Groups Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_network_components.php b/pandora_console/godmode/modules/manage_network_components.php index 30b59730c7..5f7719f0f1 100644 --- a/pandora_console/godmode/modules/manage_network_components.php +++ b/pandora_console/godmode/modules/manage_network_components.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_network_components_form.php b/pandora_console/godmode/modules/manage_network_components_form.php index c42f89091c..d1a9180b14 100644 --- a/pandora_console/godmode/modules/manage_network_components_form.php +++ b/pandora_console/godmode/modules/manage_network_components_form.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_network_components_form_common.php b/pandora_console/godmode/modules/manage_network_components_form_common.php index 7f203a6f41..030fbec92a 100644 --- a/pandora_console/godmode/modules/manage_network_components_form_common.php +++ b/pandora_console/godmode/modules/manage_network_components_form_common.php @@ -15,7 +15,7 @@ global $config; -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_network_components_form_network.php b/pandora_console/godmode/modules/manage_network_components_form_network.php index 7a32123664..685793a453 100644 --- a/pandora_console/godmode/modules/manage_network_components_form_network.php +++ b/pandora_console/godmode/modules/manage_network_components_form_network.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_network_components_form_wmi.php b/pandora_console/godmode/modules/manage_network_components_form_wmi.php index 336b6ac881..f4e40546e5 100644 --- a/pandora_console/godmode/modules/manage_network_components_form_wmi.php +++ b/pandora_console/godmode/modules/manage_network_components_form_wmi.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_network_templates.php b/pandora_console/godmode/modules/manage_network_templates.php index 03075e0716..8b5f082854 100644 --- a/pandora_console/godmode/modules/manage_network_templates.php +++ b/pandora_console/godmode/modules/manage_network_templates.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Network Profile Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/manage_network_templates_form.php b/pandora_console/godmode/modules/manage_network_templates_form.php index c2c4f2f045..103cb447da 100644 --- a/pandora_console/godmode/modules/manage_network_templates_form.php +++ b/pandora_console/godmode/modules/manage_network_templates_form.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Network Profile Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/modules/module_list.php b/pandora_console/godmode/modules/module_list.php index a725486688..386984ac63 100644 --- a/pandora_console/godmode/modules/module_list.php +++ b/pandora_console/godmode/modules/module_list.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation","Trying to access module management"); require ("general/noaccess.php"); exit; diff --git a/pandora_console/godmode/reporting/graph_builder.graph_editor.php b/pandora_console/godmode/reporting/graph_builder.graph_editor.php index cafb8fe986..f82cd8c4a2 100644 --- a/pandora_console/godmode/reporting/graph_builder.graph_editor.php +++ b/pandora_console/godmode/reporting/graph_builder.graph_editor.php @@ -21,7 +21,7 @@ if ($config['flash_charts']) { check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/graph_builder.main.php b/pandora_console/godmode/reporting/graph_builder.main.php index a1f7f1e936..89baccff87 100644 --- a/pandora_console/godmode/reporting/graph_builder.main.php +++ b/pandora_console/godmode/reporting/graph_builder.main.php @@ -50,7 +50,7 @@ if ($config['flash_charts']) { check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); @@ -103,7 +103,7 @@ if ($edit_graph) { echo ">"; $own_info = get_user_info ($config['id_user']); -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $return_all_groups = true; else $return_all_groups = false; diff --git a/pandora_console/godmode/reporting/graph_builder.php b/pandora_console/godmode/reporting/graph_builder.php index 1698125822..eab8be3c83 100644 --- a/pandora_console/godmode/reporting/graph_builder.php +++ b/pandora_console/godmode/reporting/graph_builder.php @@ -50,7 +50,7 @@ if ($config['flash_charts']) { check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/graph_builder.preview.php b/pandora_console/godmode/reporting/graph_builder.preview.php index 0c44b1b185..a3655bb27e 100644 --- a/pandora_console/godmode/reporting/graph_builder.preview.php +++ b/pandora_console/godmode/reporting/graph_builder.preview.php @@ -52,7 +52,7 @@ if ($config['flash_charts']) { check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/graphs.php b/pandora_console/godmode/reporting/graphs.php index 3ce2c89889..2f510ba478 100644 --- a/pandora_console/godmode/reporting/graphs.php +++ b/pandora_console/godmode/reporting/graphs.php @@ -20,7 +20,7 @@ require_once ('include/functions_custom_graphs.php'); // Check user credentials check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access Inventory Module Management"); require ("general/noaccess.php"); @@ -36,7 +36,7 @@ print_page_header (__('Graphs management'), "", false, "", true); // Delete module SQL code if ($delete_graph) { - if (give_acl ($config['id_user'], 0, "AW")) { + if (check_acl ($config['id_user'], 0, "AW")) { $sql = "DELETE FROM tgraph_source WHERE id_graph = $id"; if ($res=mysql_query($sql)) $result = "

".__('Successfully deleted')."

"; @@ -57,7 +57,7 @@ if ($delete_graph) { } $own_info = get_user_info ($config['id_user']); -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $return_all_group = true; else $return_all_group = false; @@ -80,7 +80,7 @@ if (! empty ($graphs)) { $table->size[0] = '20px'; $table->size[3] = '125px'; $table->size[4] = '50px'; - if (give_acl ($config['id_user'], 0, "AW")) { + if (check_acl ($config['id_user'], 0, "AW")) { $table->align[5] = 'center'; $table->head[5] = __('Delete'); $table->size[5] = '50px'; @@ -99,7 +99,7 @@ if (! empty ($graphs)) { $data[3] = $graph["graphs_count"]; $data[4] = print_group_icon($graph['id_group'],true); - if (give_acl ($config['id_user'], 0, "AW")) { + if (check_acl ($config['id_user'], 0, "AW")) { $data[5] = '' . print_image("images/cross.png", true) . ''; diff --git a/pandora_console/godmode/reporting/map_builder.php b/pandora_console/godmode/reporting/map_builder.php index 73f6cca9d4..3709410866 100644 --- a/pandora_console/godmode/reporting/map_builder.php +++ b/pandora_console/godmode/reporting/map_builder.php @@ -117,7 +117,7 @@ $table->align[4] = 'center'; // Only display maps of "All" group if user is administrator or has "PM" privileges, otherwise show only maps of user group $own_info = get_user_info ($config['id_user']); -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $maps = get_user_layouts (); else $maps = get_user_layouts ($config['id_user'], false, false, false); @@ -126,7 +126,7 @@ if (!$maps) { echo '
'.('No maps defined').'
'; } else { foreach ($maps as $map) { - if (give_acl ($config['id_user'], $map['id_group'], "IW")){ + if (check_acl ($config['id_user'], $map['id_group'], "IW")) { $data = array (); $data[0] = ''.$map['name'].''; diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 44b8b7979e..8c948f0864 100644 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -16,7 +16,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/reporting_builder.list_items.php b/pandora_console/godmode/reporting/reporting_builder.list_items.php index f9626b90eb..17cfd343f2 100644 --- a/pandora_console/godmode/reporting/reporting_builder.list_items.php +++ b/pandora_console/godmode/reporting/reporting_builder.list_items.php @@ -16,7 +16,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/reporting_builder.main.php b/pandora_console/godmode/reporting/reporting_builder.main.php index e4f583c7fb..fa800be461 100644 --- a/pandora_console/godmode/reporting/reporting_builder.main.php +++ b/pandora_console/godmode/reporting/reporting_builder.main.php @@ -16,7 +16,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -53,7 +53,7 @@ $table->data['name'][1] = print_input_text('name', $reportName, __('Name'), 20, $table->data['group'][0] = __('Group'); $own_info = get_user_info ($config['id_user']); -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $return_all_groups = true; else $return_all_groups = false; diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index 669c1f163f..5b7b168786 100644 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -16,7 +16,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -51,7 +51,7 @@ switch ($action) { } $own_info = get_user_info ($config['id_user']); - if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) + if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $return_all_group = true; else $return_all_group = false; @@ -80,9 +80,9 @@ switch ($action) { if (!is_user_admin ($config["id_user"])){ if ($report["private"] && $report["id_user"] != $config['id_user']) - if (!give_acl ($config["id_user"], $report["id_group"], "AW")) + if (!check_acl ($config["id_user"], $report["id_group"], "AW")) continue; - if (!give_acl ($config["id_user"], $report["id_group"], "AW")) + if (!check_acl ($config["id_user"], $report["id_group"], "AW")) continue; } diff --git a/pandora_console/godmode/reporting/reporting_builder.preview.php b/pandora_console/godmode/reporting/reporting_builder.preview.php index dd525da900..b811b78db2 100644 --- a/pandora_console/godmode/reporting/reporting_builder.preview.php +++ b/pandora_console/godmode/reporting/reporting_builder.preview.php @@ -23,7 +23,7 @@ $id_report = (int) get_parameter ('id_report'); $report = get_db_row ('treport', 'id_report', $id_report); // Check ACL on the report to see if user has access to the report. -if (! give_acl ($config['id_user'], $report['id_group'], "AR")) { +if (! check_acl ($config['id_user'], $report['id_group'], "AR")) { pandora_audit("ACL Violation","Trying to access graph reader"); include ("general/noaccess.php"); exit; diff --git a/pandora_console/godmode/reporting/visual_console_builder.data.php b/pandora_console/godmode/reporting/visual_console_builder.data.php index 00f71771a6..879e094731 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.data.php +++ b/pandora_console/godmode/reporting/visual_console_builder.data.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); @@ -52,7 +52,7 @@ $groups = get_user_groups ($config['id_user']); $own_info = get_user_info($config['id_user']); // Only display group "All" if user is administrator or has "PM" privileges -if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM")) +if ($own_info['is_admin'] || check_acl ($config['id_user'], 0, "PM")) $display_all_group = true; else $display_all_group = false; diff --git a/pandora_console/godmode/reporting/visual_console_builder.editor.php b/pandora_console/godmode/reporting/visual_console_builder.editor.php index 915d181b52..985463e988 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.editor.php +++ b/pandora_console/godmode/reporting/visual_console_builder.editor.php @@ -17,7 +17,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/visual_console_builder.elements.php b/pandora_console/godmode/reporting/visual_console_builder.elements.php index ef178bf1ab..bc03727257 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.elements.php +++ b/pandora_console/godmode/reporting/visual_console_builder.elements.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php index 379a718daf..a6f718c78f 100755 --- a/pandora_console/godmode/reporting/visual_console_builder.php +++ b/pandora_console/godmode/reporting/visual_console_builder.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/visual_console_builder.preview.php b/pandora_console/godmode/reporting/visual_console_builder.preview.php index 0f27121884..b8ce1c0c9c 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.preview.php +++ b/pandora_console/godmode/reporting/visual_console_builder.preview.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/reporting/visual_console_builder.wizard.php b/pandora_console/godmode/reporting/visual_console_builder.wizard.php index 79b1c3326a..d3c958ec3c 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.wizard.php +++ b/pandora_console/godmode/reporting/visual_console_builder.wizard.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/servers/manage_recontask.php b/pandora_console/godmode/servers/manage_recontask.php index 85d587d71b..4c7a707c17 100644 --- a/pandora_console/godmode/servers/manage_recontask.php +++ b/pandora_console/godmode/servers/manage_recontask.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Recon Task Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/servers/manage_recontask_form.php b/pandora_console/godmode/servers/manage_recontask_form.php index d959bd4ab6..38ee754d42 100644 --- a/pandora_console/godmode/servers/manage_recontask_form.php +++ b/pandora_console/godmode/servers/manage_recontask_form.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/servers/modificar_server.php b/pandora_console/godmode/servers/modificar_server.php index 113e3683ed..43ac13aee7 100644 --- a/pandora_console/godmode/servers/modificar_server.php +++ b/pandora_console/godmode/servers/modificar_server.php @@ -20,7 +20,7 @@ require_once ("include/functions_servers.php"); check_login(); -if (! give_acl ($config["id_user"], 0, "PM")) { +if (! check_acl ($config["id_user"], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Server Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/servers/plugin.php b/pandora_console/godmode/servers/plugin.php index c1522c1bc4..6ec6494087 100644 --- a/pandora_console/godmode/servers/plugin.php +++ b/pandora_console/godmode/servers/plugin.php @@ -29,7 +29,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access Plugin Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/servers/recon_script.php b/pandora_console/godmode/servers/recon_script.php index c56e028d9b..098b1ba399 100644 --- a/pandora_console/godmode/servers/recon_script.php +++ b/pandora_console/godmode/servers/recon_script.php @@ -29,7 +29,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "LM")) { +if (! check_acl ($config['id_user'], 0, "LM")) { pandora_audit("ACL Violation", "Trying to access recon script Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/setup/file_manager.php b/pandora_console/godmode/setup/file_manager.php index 261536f07a..a095bdb25d 100644 --- a/pandora_console/godmode/setup/file_manager.php +++ b/pandora_console/godmode/setup/file_manager.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/gis.php b/pandora_console/godmode/setup/gis.php index 1b91769755..4c8d3e4870 100755 --- a/pandora_console/godmode/setup/gis.php +++ b/pandora_console/godmode/setup/gis.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Visual Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/gis_step_2.php b/pandora_console/godmode/setup/gis_step_2.php index 1eee156a57..e7b0d7fb38 100755 --- a/pandora_console/godmode/setup/gis_step_2.php +++ b/pandora_console/godmode/setup/gis_step_2.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Visual Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/links.php b/pandora_console/godmode/setup/links.php index 1c6923716d..75d0245022 100644 --- a/pandora_console/godmode/setup/links.php +++ b/pandora_console/godmode/setup/links.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Link Management"); require ("general/noaccess.php"); exit; diff --git a/pandora_console/godmode/setup/news.php b/pandora_console/godmode/setup/news.php index f1ec3a0e05..8c8872379c 100644 --- a/pandora_console/godmode/setup/news.php +++ b/pandora_console/godmode/setup/news.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Link Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/setup/os.builder.php b/pandora_console/godmode/setup/os.builder.php index 1a530bc375..90909fb4e1 100644 --- a/pandora_console/godmode/setup/os.builder.php +++ b/pandora_console/godmode/setup/os.builder.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/os.list.php b/pandora_console/godmode/setup/os.list.php index bc90cfd1a4..0fec9bd1d5 100644 --- a/pandora_console/godmode/setup/os.list.php +++ b/pandora_console/godmode/setup/os.list.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/os.php b/pandora_console/godmode/setup/os.php index 8fda89f08d..2e066750f5 100644 --- a/pandora_console/godmode/setup/os.php +++ b/pandora_console/godmode/setup/os.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/performance.php b/pandora_console/godmode/setup/performance.php index 68778d9be6..c12c014aab 100644 --- a/pandora_console/godmode/setup/performance.php +++ b/pandora_console/godmode/setup/performance.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/setup.php b/pandora_console/godmode/setup/setup.php index f254c22c00..9b36953f36 100644 --- a/pandora_console/godmode/setup/setup.php +++ b/pandora_console/godmode/setup/setup.php @@ -31,7 +31,7 @@ if (is_ajax ()) { } -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/setup_auth.php b/pandora_console/godmode/setup/setup_auth.php index acd57b5c56..78af0c00b2 100644 --- a/pandora_console/godmode/setup/setup_auth.php +++ b/pandora_console/godmode/setup/setup_auth.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/setup/setup_visuals.php b/pandora_console/godmode/setup/setup_visuals.php index 7b7532f005..a7e39c5ce8 100644 --- a/pandora_console/godmode/setup/setup_visuals.php +++ b/pandora_console/godmode/setup/setup_visuals.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access Visual Setup Management"); require ("general/noaccess.php"); return; diff --git a/pandora_console/godmode/snmpconsole/snmp_alert.php b/pandora_console/godmode/snmpconsole/snmp_alert.php index 5c7405147e..3224ba5505 100644 --- a/pandora_console/godmode/snmpconsole/snmp_alert.php +++ b/pandora_console/godmode/snmpconsole/snmp_alert.php @@ -16,7 +16,7 @@ // Load global vars -if (! give_acl ($config['id_user'], 0, "LW")) { +if (! check_acl ($config['id_user'], 0, "LW")) { pandora_audit("ACL Violation", "Trying to access SNMP Alert Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/snmpconsole/snmp_filters.php b/pandora_console/godmode/snmpconsole/snmp_filters.php index ea6c0e09c9..7b0c09a57f 100644 --- a/pandora_console/godmode/snmpconsole/snmp_filters.php +++ b/pandora_console/godmode/snmpconsole/snmp_filters.php @@ -15,7 +15,7 @@ // Check ACL -if (! give_acl ($config['id_user'], 0, "LW")) { +if (! check_acl ($config['id_user'], 0, "LW")) { pandora_audit("ACL Violation", "Trying to access SNMP Filter Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/users/configure_profile.php b/pandora_console/godmode/users/configure_profile.php index 8a5cd592d5..4124d510dd 100644 --- a/pandora_console/godmode/users/configure_profile.php +++ b/pandora_console/godmode/users/configure_profile.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "PM")) { +if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Profile Management"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index ffd855b4cc..c33e9d88e9 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -28,7 +28,7 @@ if ($user_info["language"] == ""){ $user_info["language"] = $config["language"]; } -if (! give_acl ($config['id_user'], 0, "UM")) { +if (! check_acl ($config['id_user'], 0, "UM")) { pandora_audit("ACL Violation", "Trying to access User Management"); require ("general/noaccess.php"); @@ -364,7 +364,7 @@ foreach ($result as $profile) { $data = array (); $data[0] = '
'; -if (give_acl ($config['id_user'], 0, "PM")) +if (check_acl ($config['id_user'], 0, "PM")) $data[0] .= print_select (get_profiles (), 'assign_profile', 0, '', __('None'), 0, true, false, false); else diff --git a/pandora_console/godmode/users/user_list.php b/pandora_console/godmode/users/user_list.php index d07b567963..74eb97c342 100644 --- a/pandora_console/godmode/users/user_list.php +++ b/pandora_console/godmode/users/user_list.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "UM")) { +if (! check_acl ($config['id_user'], 0, "UM")) { pandora_audit("ACL Violation", "Trying to access User Management"); require ("general/noaccess.php"); diff --git a/pandora_console/include/ajax/alert_list.ajax.php b/pandora_console/include/ajax/alert_list.ajax.php index e223f15ae3..6eeab9b624 100644 --- a/pandora_console/include/ajax/alert_list.ajax.php +++ b/pandora_console/include/ajax/alert_list.ajax.php @@ -17,7 +17,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "LW")) { +if (! check_acl ($config['id_user'], 0, "LW")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); require ("general/noaccess.php"); @@ -40,7 +40,7 @@ if ($get_agent_alerts_simple) { } $id_group = get_agent_group ($id_agent); - if (! give_acl ($config['id_user'], $id_group, "AR")) { + if (! check_acl ($config['id_user'], $id_group, "AR")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); echo json_encode (false); diff --git a/pandora_console/include/ajax/reporting.ajax.php b/pandora_console/include/ajax/reporting.ajax.php index 8a8319779f..83cb349ccc 100644 --- a/pandora_console/include/ajax/reporting.ajax.php +++ b/pandora_console/include/ajax/reporting.ajax.php @@ -19,7 +19,7 @@ global $config; // Login check check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/include/ajax/visual_console_builder.ajax.php b/pandora_console/include/ajax/visual_console_builder.ajax.php index bc16ad5dfd..51c61d7b26 100644 --- a/pandora_console/include/ajax/visual_console_builder.ajax.php +++ b/pandora_console/include/ajax/visual_console_builder.ajax.php @@ -17,7 +17,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "IW")) { +if (! check_acl ($config['id_user'], 0, "IW")) { pandora_audit("ACL Violation", "Trying to access report builder"); require ("general/noaccess.php"); diff --git a/pandora_console/include/fgraph.php b/pandora_console/include/fgraph.php index 372ede5449..239e1ae215 100644 --- a/pandora_console/include/fgraph.php +++ b/pandora_console/include/fgraph.php @@ -882,7 +882,7 @@ function grafico_eventos_grupo ($width = 300, $height = 200, $url = "") { } foreach ($result as $row) { - if (!give_acl ($config["id_user"], $row["id_grupo"], "AR") == 1) + if (!check_acl ($config["id_user"], $row["id_grupo"], "AR") == 1) continue; if ($loop >= NUM_PIECES_PIE) { diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 66c0268c1e..db0da2d104 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -650,7 +650,7 @@ function get_report_types () { $types['text'] = __ ('Text'); # Only pandora managers have access to the whole database - if (give_acl ($config['id_user'], 0, "PM")) { + if (check_acl ($config['id_user'], 0, "PM")) { $types['sql'] = __('SQL query'); $types['sql_graph_vbar'] = __('SQL vertical bar graph'); $types['sql_graph_pie'] = __('SQL pie graph'); diff --git a/pandora_console/include/functions_alerts.php b/pandora_console/include/functions_alerts.php index 23ccb67978..6d3cac9dfe 100644 --- a/pandora_console/include/functions_alerts.php +++ b/pandora_console/include/functions_alerts.php @@ -686,7 +686,7 @@ function validate_alert_agent_module ($id_alert_agent_module) { $agent_id = get_agentmodule_agent ($alert["id_agent_module"]); $group_id = get_agentmodule_group ($agent_id); - if (! give_acl ($config['id_user'], $group_id, "AW")) { + if (! check_acl ($config['id_user'], $group_id, "AW")) { continue; } $result = process_sql_update ('talert_template_modules', @@ -929,7 +929,7 @@ function validate_alert_compound ($id_alert_compound) { $agent_id = $alert["id_agent"]; $group_id = get_agent_group ($agent_id); - if (! give_acl ($config['id_user'], $group_id, "AW")) { + if (! check_acl ($config['id_user'], $group_id, "AW")) { continue; } $result = process_sql_update ('talert_compound', diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php index 229238ea82..55175ef1be 100644 --- a/pandora_console/include/functions_config.php +++ b/pandora_console/include/functions_config.php @@ -130,7 +130,7 @@ function update_config () { if (! isset ($config['id_user'])) return false; - if (! give_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) + if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) return false; $update_config = (bool) get_parameter ('update_config'); diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index c304b97f02..7c8447ceb2 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -188,7 +188,7 @@ function get_parents($parent, $onlyPropagate = false, $groups = null) { * * @return bool 1 if the user has privileges, 0 if not. */ -function check_acl ($id_user, $id_group, $access) { +function check_acl($id_user, $id_group, $access) { if (empty ($id_user)) { //User ID needs to be specified trigger_error ("Security error: check_acl got an empty string for user id", E_USER_WARNING); @@ -287,13 +287,6 @@ function check_acl ($id_user, $id_group, $access) { return 0; } -/* - * @deprecated Use check_acl instead - */ -function give_acl ($id_user, $id_group, $access) { - return check_acl ($id_user, $id_group, $access); -} - /** * Filter out groups the user doesn't have access to * @@ -1619,7 +1612,7 @@ function get_all_groups($groupWithAgents = false) { $return = array(); foreach ($rows as $row) { - if (give_acl ($config['id_user'], $row["id_grupo"], "AR")) + if (check_acl ($config['id_user'], $row["id_grupo"], "AR")) $return[$row['id_grupo']] = $row['nombre']; } @@ -3278,7 +3271,7 @@ function delete_agent ($id_agents, $disableACL = false) { /* Check for deletion permissions */ $id_group = get_agent_group ($id_agent); - if ((! give_acl ($config['id_user'], $id_group, "AW")) && !$disableACL) { + if ((! check_acl ($config['id_user'], $id_group, "AW")) && !$disableACL) { process_sql_rollback (); return false; } @@ -3725,6 +3718,6 @@ function user_access_to_agent ($id_agent, $mode = "AR", $id_user = false) { } $id_group = (int) get_db_value ('id_grupo', 'tagente', 'id_agente', (int) $id_agent); - return (bool) give_acl ($id_user, $id_group, $mode); + return (bool) check_acl ($id_user, $id_group, $mode); } ?> diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index 06994f8933..cfa2810c66 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -57,7 +57,7 @@ function get_event ($id, $fields = false) { } $event = get_db_row ('tevento', 'id_evento', $id, $fields); - if (! give_acl ($config['id_user'], $event['id_grupo'], 'IR')) + if (! check_acl ($config['id_user'], $event['id_grupo'], 'IR')) return false; return $event; } @@ -119,7 +119,7 @@ function delete_event ($id_event, $similar = true) { $sql = sprintf ("DELETE FROM tevento WHERE id_evento = %d", $event); $ret = process_sql ($sql); - if (give_acl ($config["id_user"], get_event_group ($event), "IM") == 0) { + if (check_acl ($config["id_user"], get_event_group ($event), "IM") == 0) { //Check ACL pandora_audit("ACL Violation", "Attempted deleting event #".$event); } @@ -197,7 +197,7 @@ function validate_event ($id_event, $similars = true, $comment = '', $new_status $sql = sprintf ("UPDATE tevento SET estado = %d, id_usuario = '%s', user_comment = '%s' WHERE id_evento = %d", $new_status, $config['id_user'], $comment, $event); $ret = process_sql ($sql); - if (give_acl ($config["id_user"], get_event_group ($event), "IW") == 0) { + if (check_acl ($config["id_user"], get_event_group ($event), "IW") == 0) { //Check ACL pandora_audit("ACL Violation", "Attempted updating event #".$event); } elseif ($ret !== false) { @@ -323,7 +323,7 @@ function print_events_table ($filter = "", $limit = 10, $width = 440, $return = $table->align[6] = "right"; foreach ($result as $event) { - if (! give_acl ($config["id_user"], $event["id_grupo"], "AR")) { + if (! check_acl ($config["id_user"], $event["id_grupo"], "AR")) { continue; } $data = array (); diff --git a/pandora_console/include/functions_filemanager.php b/pandora_console/include/functions_filemanager.php index e2db0057bf..4219f0f1e3 100644 --- a/pandora_console/include/functions_filemanager.php +++ b/pandora_console/include/functions_filemanager.php @@ -134,7 +134,7 @@ if ($upload_file) { check_login (); - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; @@ -187,7 +187,7 @@ if ($create_text_file) { check_login (); - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; @@ -238,7 +238,7 @@ if ($upload_zip) { check_login (); - if (! give_acl ($config['id_user'], 0, "PM")) { + if (! check_acl ($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access File manager"); require ("general/noaccess.php"); return; diff --git a/pandora_console/include/functions_modules.php b/pandora_console/include/functions_modules.php index 0dffdcfac7..a9e8c3abd0 100644 --- a/pandora_console/include/functions_modules.php +++ b/pandora_console/include/functions_modules.php @@ -282,7 +282,7 @@ function format_delete($id) $txt = ""; - if (give_acl ($config['id_user'], $group, "AW") ==1) { + if (check_acl ($config['id_user'], $group, "AW") ==1) { $txt = '' . print_image("images/cross.png", true, array("border" => '0')) . ''; } return $txt; @@ -294,7 +294,7 @@ function format_delete_string($id) $txt = ""; - if (give_acl ($config['id_user'], $group, "AW") ==1) { + if (check_acl ($config['id_user'], $group, "AW") ==1) { $txt = '' . print_image("images/cross.png", true, array("border" => '0')) . ''; } return $txt; @@ -306,7 +306,7 @@ function format_delete_log4x($id) $txt = ""; - if (give_acl ($config['id_user'], $group, "AW") ==1) { + if (check_acl ($config['id_user'], $group, "AW") ==1) { $txt = '' . print_image("images/cross.png", true, array("border" => '0')) . ''; } return $txt; diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index d4844348aa..95b302d0bb 100644 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -533,8 +533,8 @@ function get_group_stats ($id_group = 0) { $cur_time = get_system_time (); - //Check for access credentials using give_acl. More overhead, much safer - if (!give_acl ($config["id_user"], $id_group, "AR")) { + //Check for access credentials using check_acl. More overhead, much safer + if (!check_acl ($config["id_user"], $id_group, "AR")) { return $data; } @@ -1527,7 +1527,7 @@ function get_agent_module_info ($id_agent, $filter = false) { $return["alert_img"] = print_status_image (STATUS_ALERT_NOT_FIRED, __('Alert not fired'), true); $return["agent_group"] = get_agent_group ($id_agent); - if (!give_acl ($config["id_user"], $return["agent_group"], "AR")) { + if (!check_acl ($config["id_user"], $return["agent_group"], "AR")) { return $return; } diff --git a/pandora_console/include/functions_reports.php b/pandora_console/include/functions_reports.php index c1cef8106b..bd7660b962 100644 --- a/pandora_console/include/functions_reports.php +++ b/pandora_console/include/functions_reports.php @@ -43,7 +43,7 @@ function get_report ($id_report, $filter = false, $fields = false) { $fields[] = 'id_group'; $report = get_db_row_filter ('treport', $filter, $fields); - if (! give_acl ($config['id_user'], $report['id_group'], 'AR')) + if (! check_acl ($config['id_user'], $report['id_group'], 'AR')) return false; return $report; } @@ -82,7 +82,7 @@ function get_reports ($filter = false, $fields = false, $returnAllGroup = true, foreach ($all_reports as $report){ if (!in_array($report['id_group'], array_keys($groups))) continue; - if ($config['id_user'] != $report['id_user'] && ! give_acl ($config['id_user'], $report['id_group'], 'AR')) + if ($config['id_user'] != $report['id_user'] && ! check_acl ($config['id_user'], $report['id_group'], 'AR')) continue; array_push ($reports, $report); } diff --git a/pandora_console/include/help/es/modu_group_list.php b/pandora_console/include/help/es/modu_group_list.php index 90193ccd16..e940cce72b 100644 --- a/pandora_console/include/help/es/modu_group_list.php +++ b/pandora_console/include/help/es/modu_group_list.php @@ -19,7 +19,7 @@ global $config; check_login(); -if (! give_acl($config['id_user'], 0, "PM")) { +if (! check_acl($config['id_user'], 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Group Management"); require ("general/noaccess.php"); @@ -33,7 +33,7 @@ if (is_ajax ()) { if ($get_group_json) { $id_group = (int) get_parameter ('id_group'); - if (! give_acl ($config['id_user'], $id_group, "AR")) { + if (! check_acl ($config['id_user'], $id_group, "AR")) { pandora_audit("ACL Violation", "Trying to access Alert Management"); echo json_encode (false); diff --git a/pandora_console/mobile/index.php b/pandora_console/mobile/index.php index 686a58185d..2722d18467 100644 --- a/pandora_console/mobile/index.php +++ b/pandora_console/mobile/index.php @@ -58,7 +58,7 @@ $user->hackinjectConfig(); $user->hackinjectConfig(); menu(); - if (! give_acl($system->getConfig('id_user'), 0, "AR")) { + if (! check_acl($system->getConfig('id_user'), 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("../general/noaccess.php"); @@ -93,7 +93,7 @@ $user->hackinjectConfig(); break; default: case 'tactical': - if (! give_acl($system->getConfig('id_user'), 0, "AR")) { + if (! check_acl($system->getConfig('id_user'), 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("../general/noaccess.php"); @@ -104,7 +104,7 @@ $user->hackinjectConfig(); $tactical->show(); break; case 'agents': - if (! give_acl($system->getConfig('id_user'), 0, "AR")) { + if (! check_acl($system->getConfig('id_user'), 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("../general/noaccess.php"); @@ -130,7 +130,7 @@ $user->hackinjectConfig(); } break; case 'servers': - if (! give_acl($system->getConfig('id_user'), 0, "PM")) { + if (! check_acl($system->getConfig('id_user'), 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("../general/noaccess.php"); @@ -141,7 +141,7 @@ $user->hackinjectConfig(); $viewServers->show(); break; case 'alerts': - if (! give_acl($system->getConfig('id_user'), 0, "PM")) { + if (! check_acl($system->getConfig('id_user'), 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("../general/noaccess.php"); @@ -152,7 +152,7 @@ $user->hackinjectConfig(); $viewAlerts->show(); break; case 'groups': - if (! give_acl($system->getConfig('id_user'), 0, "PM")) { + if (! check_acl($system->getConfig('id_user'), 0, "PM")) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("../general/noaccess.php"); @@ -163,7 +163,7 @@ $user->hackinjectConfig(); $groupView->show(); break; case 'events': - if (! give_acl($system->getConfig('id_user'), 0, "IR")) { + if (! check_acl($system->getConfig('id_user'), 0, "IR")) { pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); @@ -174,7 +174,7 @@ $user->hackinjectConfig(); $eventsView->show(); break; case 'monitor': - if (! give_acl($system->getConfig('id_user'), 0, "AR")) { + if (! check_acl($system->getConfig('id_user'), 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("../general/noaccess.php"); diff --git a/pandora_console/mobile/operation/agents/monitor_status.php b/pandora_console/mobile/operation/agents/monitor_status.php index 6bc60ef5b5..64740e6724 100644 --- a/pandora_console/mobile/operation/agents/monitor_status.php +++ b/pandora_console/mobile/operation/agents/monitor_status.php @@ -68,7 +68,7 @@ class MonitorStatus { // Agent group selector - if (($group > 0) && (give_acl($system->getConfig('id_user'), $group, "AR"))) { + if (($group > 0) && (check_acl($system->getConfig('id_user'), $group, "AR"))) { $sqlGroup = sprintf (" AND tagente.id_grupo = %d", $ag_group); } else { diff --git a/pandora_console/mobile/operation/agents/view_agents.php b/pandora_console/mobile/operation/agents/view_agents.php index e726991c93..d970fe5618 100644 --- a/pandora_console/mobile/operation/agents/view_agents.php +++ b/pandora_console/mobile/operation/agents/view_agents.php @@ -172,7 +172,7 @@ class ViewAgent { public function show() { $idGroup = $this->agent['id_grupo']; - if (! give_acl ($this->system->getConfig('id_user'), $idGroup, "AR")) { + if (! check_acl ($this->system->getConfig('id_user'), $idGroup, "AR")) { pandora_audit("ACL Violation", "Trying to access (read) to agent ".get_agent_name($this->idAgent)); include ("../general/noaccess.php"); @@ -419,7 +419,7 @@ class viewGraph { function show() { $idGroup = $this->agent['id_grupo']; - if (! give_acl ($this->system->getConfig('id_user'), $idGroup, "AR")) { + if (! check_acl ($this->system->getConfig('id_user'), $idGroup, "AR")) { pandora_audit("ACL Violation", "Trying to access (read) to agent ".get_agent_name($this->idAgent)); include ("../general/noaccess.php"); diff --git a/pandora_console/operation/agentes/agent_fields.php b/pandora_console/operation/agentes/agent_fields.php index 9e178da278..a9a96dd9ca 100755 --- a/pandora_console/operation/agentes/agent_fields.php +++ b/pandora_console/operation/agentes/agent_fields.php @@ -33,7 +33,7 @@ if ($id_agente === -1) { return; } -if (! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) { +if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR")) { pandora_audit("ACL Violation", "Trying to access Agent General Information"); require_once ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/alerts_status.php b/pandora_console/operation/agentes/alerts_status.php index 70683e7681..d25b74fd32 100644 --- a/pandora_console/operation/agentes/alerts_status.php +++ b/pandora_console/operation/agentes/alerts_status.php @@ -42,7 +42,7 @@ $tab = get_parameter_get ("tab", null); $url = 'index.php?sec='.$sec.'&sec2='.$sec2.'&refr='.$config["refr"].'&filter='.$filter.'&filter_standby='.$filter_standby.'&ag_group='.$id_group; -if ($flag_alert == 1 && give_acl($config['id_user'], $id_group, "AW")) { +if ($flag_alert == 1 && check_acl($config['id_user'], $id_group, "AW")) { forceExecution($id_group); } @@ -54,7 +54,7 @@ if ($idAgent != 0) { $id_group = get_agent_group ($idAgent); - if (give_acl ($config["id_user"], $id_group, "AR") == 0) { + if (check_acl ($config["id_user"], $id_group, "AR") == 0) { pandora_audit("ACL Violation","Trying to access alert view"); require ("general/noaccess.php"); exit; @@ -68,7 +68,7 @@ if ($idAgent != 0) { echo "

" . __('Alerts') . "

"; } else { - if (!give_acl ($config["id_user"], 0, "AR")) { + if (!check_acl ($config["id_user"], 0, "AR")) { pandora_audit("ACL Violation","Trying to access alert view"); require ("general/noaccess.php"); return; diff --git a/pandora_console/operation/agentes/custom_fields.php b/pandora_console/operation/agentes/custom_fields.php index 5c19e19a7e..1fa31cf866 100644 --- a/pandora_console/operation/agentes/custom_fields.php +++ b/pandora_console/operation/agentes/custom_fields.php @@ -33,7 +33,7 @@ if ($id_agente === -1) { return; } -if (! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) { +if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR")) { pandora_audit("ACL Violation", "Trying to access Agent General Information"); require_once ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/datos_agente.php b/pandora_console/operation/agentes/datos_agente.php index 057014b227..53892dcbfc 100644 --- a/pandora_console/operation/agentes/datos_agente.php +++ b/pandora_console/operation/agentes/datos_agente.php @@ -28,7 +28,7 @@ $group = get_agentmodule_group ($module_id); $agentId = get_parameter("id_agente"); -if (! give_acl ($config['id_user'], $group, "AR") || $module_id == 0) { +if (! check_acl ($config['id_user'], $group, "AR") || $module_id == 0) { pandora_audit("ACL Violation", "Trying to access Agent Data view"); require ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/estado_agente.php b/pandora_console/operation/agentes/estado_agente.php index c99f487dee..a996f97b96 100644 --- a/pandora_console/operation/agentes/estado_agente.php +++ b/pandora_console/operation/agentes/estado_agente.php @@ -19,7 +19,7 @@ global $config; require_once ("include/functions_reporting.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access agent main list view"); require ("general/noaccess.php"); @@ -63,7 +63,7 @@ if (is_ajax ()) { if ($get_agent_module_last_value) { $id_module = (int) get_parameter ('id_agent_module'); - if (! give_acl ($config['id_user'], get_agentmodule_group ($id_module), "AR")) { + if (! check_acl ($config['id_user'], get_agentmodule_group ($id_module), "AR")) { pandora_audit("ACL Violation", "Trying to access agent main list view"); echo json_encode (false); @@ -302,7 +302,7 @@ foreach ($agents as $agent) { $data = array (); $data[0] = ''; - if (give_acl ($config['id_user'], $agent["id_grupo"], "AW")) { + if (check_acl ($config['id_user'], $agent["id_grupo"], "AW")) { $data[0] .= ''; $data[0] .= print_image ("images/setup.png", true, array ("border" => 0, "width" => 16)); $data[0] .= ' '; @@ -370,9 +370,9 @@ if (!empty ($table->data)) { /* Godmode controls SHOULD NOT BE HERE -if (give_acl ($config['id_user'], 0, "LM") || give_acl ($config['id_user'], 0, "AW") - || give_acl ($config['id_user'], 0, "PM") || give_acl ($config['id_user'], 0, "DM") - || give_acl ($config['id_user'], 0, "UM")) { +if (check_acl ($config['id_user'], 0, "LM") || check_acl ($config['id_user'], 0, "AW") + || check_acl ($config['id_user'], 0, "PM") || check_acl ($config['id_user'], 0, "DM") + || check_acl ($config['id_user'], 0, "UM")) { echo ''; print_input_hidden ('new_agent', 1); diff --git a/pandora_console/operation/agentes/estado_generalagente.php b/pandora_console/operation/agentes/estado_generalagente.php index 1c91af5627..8a9adbbcbb 100644 --- a/pandora_console/operation/agentes/estado_generalagente.php +++ b/pandora_console/operation/agentes/estado_generalagente.php @@ -35,7 +35,7 @@ if ($agent === false) { return; } -if (! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) { +if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR")) { pandora_audit("ACL Violation", "Trying to access Agent General Information"); require_once ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/estado_monitores.php b/pandora_console/operation/agentes/estado_monitores.php index c7797ae191..62f317577a 100644 --- a/pandora_console/operation/agentes/estado_monitores.php +++ b/pandora_console/operation/agentes/estado_monitores.php @@ -245,7 +245,7 @@ foreach ($modules as $module) { $data[2] = show_server_type ($module['id_modulo']); - if (give_acl ($config['id_user'], $id_grupo, "AW")) + if (check_acl ($config['id_user'], $id_grupo, "AW")) $data[2] .= '' . print_image("images/config.png", true, array("alt" => '0', "border" => "")) . ''; $data[3] = print_string_substr ($module["nombre"], 25, true); diff --git a/pandora_console/operation/agentes/estado_ultimopaquete.php b/pandora_console/operation/agentes/estado_ultimopaquete.php index 7add8361aa..4441d21341 100644 --- a/pandora_console/operation/agentes/estado_ultimopaquete.php +++ b/pandora_console/operation/agentes/estado_ultimopaquete.php @@ -183,7 +183,7 @@ echo "".__('Timestamp') . ' ' . echo ""; $texto=''; $last_modulegroup = 0; $color = 1; -$write = give_acl ($config['id_user'], $agent['id_grupo'], "AW"); +$write = check_acl ($config['id_user'], $agent['id_grupo'], "AW"); foreach ($modules as $module) { // Calculate table line color if ($color == 1){ diff --git a/pandora_console/operation/agentes/export_csv.php b/pandora_console/operation/agentes/export_csv.php index 0640c96fcd..240b3c1133 100644 --- a/pandora_console/operation/agentes/export_csv.php +++ b/pandora_console/operation/agentes/export_csv.php @@ -20,7 +20,7 @@ require_once ("../../include/functions.php"); require_once ("../../include/functions_db.php"); $config["id_user"] = $_SESSION["id_usuario"]; -if (! give_acl ($config['id_user'], 0, "AR") && ! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) { require ("../../general/noaccess.php"); return; } @@ -29,7 +29,7 @@ if (isset ($_GET["agentmodule"]) && isset ($_GET["agent"]) ){ $id_agentmodule = $_GET["agentmodule"]; $id_agent = $_GET["agent"]; $agentmodule_name = get_agentmodule_name ($id_agentmodule); - if (! give_acl ($config['id_user'], dame_id_grupo ($id_agent), "AR")) { + if (! check_acl ($config['id_user'], dame_id_grupo ($id_agent), "AR")) { pandora_audit("ACL Violation", "Trying to access Agent Export Data"); require ("../../general/noaccess.php"); diff --git a/pandora_console/operation/agentes/exportdata.php b/pandora_console/operation/agentes/exportdata.php index 9c443bbd6b..6ae6220cb3 100644 --- a/pandora_console/operation/agentes/exportdata.php +++ b/pandora_console/operation/agentes/exportdata.php @@ -65,7 +65,7 @@ require_once ("include/functions_reporting.php"); check_login(); -if (!give_acl ($config['id_user'], 0, "AR")) { +if (!check_acl ($config['id_user'], 0, "AR")) { require ("general/noaccess.php"); return; } diff --git a/pandora_console/operation/agentes/gis_view.php b/pandora_console/operation/agentes/gis_view.php index 2d0b5edb54..57e2bf2f80 100644 --- a/pandora_console/operation/agentes/gis_view.php +++ b/pandora_console/operation/agentes/gis_view.php @@ -18,7 +18,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "AR") && ! is_user_admin ($config['id_user'])) { +if (! check_acl ($config['id_user'], 0, "AR") && ! is_user_admin ($config['id_user'])) { pandora_audit("ACL Violation", "Trying to access GIS Agent view"); require ("general/noaccess.php"); return; diff --git a/pandora_console/operation/agentes/graphs.php b/pandora_console/operation/agentes/graphs.php index eada36a477..f5bed93b39 100644 --- a/pandora_console/operation/agentes/graphs.php +++ b/pandora_console/operation/agentes/graphs.php @@ -18,7 +18,7 @@ global $config; require_once ("include/functions_agents.php"); -if (! give_acl ($config['id_user'], $id_grupo, "AR")) { +if (! check_acl ($config['id_user'], $id_grupo, "AR")) { pandora_audit("ACL Violation", "Trying to access (read) to agent ".get_agent_name($id_agente)); include ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/group_view.php b/pandora_console/operation/agentes/group_view.php index 6290d32266..3df2fe8391 100644 --- a/pandora_console/operation/agentes/group_view.php +++ b/pandora_console/operation/agentes/group_view.php @@ -18,7 +18,7 @@ require_once ("include/functions_reporting.php"); check_login (); // ACL Check -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Agent view (Grouped)"); require ("general/noaccess.php"); @@ -30,7 +30,7 @@ if (! give_acl ($config['id_user'], 0, "AR")) { // Made it a subquery, much faster on both the database and server side if (isset ($_GET["update_netgroup"])) { $group = get_parameter_get ("update_netgroup", 0); - if (give_acl ($config['id_user'], $group, "AW")) { + if (check_acl ($config['id_user'], $group, "AW")) { $sql = sprintf ("UPDATE tagente_modulo SET `flag` = 1 WHERE `id_agente` = ANY(SELECT id_agente FROM tagente WHERE `id_grupo` = %d)",$group); process_sql ($sql); } else { @@ -118,7 +118,7 @@ foreach ($groups as $id_group => $group_name) { echo ""; echo ""; echo ""; - if (give_acl ($config['id_user'], $id_group, "AW")) { + if (check_acl ($config['id_user'], $id_group, "AW")) { echo '' . print_image("images/target.png", true, array("border" => '0')) . ''; } echo ""; diff --git a/pandora_console/operation/agentes/networkmap.groups.php b/pandora_console/operation/agentes/networkmap.groups.php index c281d82335..45b724d6a5 100644 --- a/pandora_console/operation/agentes/networkmap.groups.php +++ b/pandora_console/operation/agentes/networkmap.groups.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access node graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/networkmap.php b/pandora_console/operation/agentes/networkmap.php index 8c94b4bf6d..da5e697d06 100644 --- a/pandora_console/operation/agentes/networkmap.php +++ b/pandora_console/operation/agentes/networkmap.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access node graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/networkmap.topology.php b/pandora_console/operation/agentes/networkmap.topology.php index d15b23a7d9..db964a3554 100644 --- a/pandora_console/operation/agentes/networkmap.topology.php +++ b/pandora_console/operation/agentes/networkmap.topology.php @@ -19,7 +19,7 @@ global $config; check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access node graph builder"); include ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/sla_view.php b/pandora_console/operation/agentes/sla_view.php index a8f8134656..127bd320d4 100644 --- a/pandora_console/operation/agentes/sla_view.php +++ b/pandora_console/operation/agentes/sla_view.php @@ -21,7 +21,7 @@ require_once ("include/functions_reporting.php"); check_login(); -if (! give_acl ($config['id_user'], 0, "AR") && ! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access SLA View"); require ("general/noaccess.php"); diff --git a/pandora_console/operation/agentes/status_monitor.php b/pandora_console/operation/agentes/status_monitor.php index 2aae0bfc7d..99bdd5025b 100644 --- a/pandora_console/operation/agentes/status_monitor.php +++ b/pandora_console/operation/agentes/status_monitor.php @@ -21,7 +21,7 @@ global $config; check_login(); -if (! give_acl ($config['id_user'], 0, "AR") && ! give_acl ($config['id_user'], 0, "AW")) { +if (! check_acl ($config['id_user'], 0, "AR") && ! check_acl ($config['id_user'], 0, "AW")) { pandora_audit("ACL Violation", "Trying to access Agent Management"); require ('general/noaccess.php'); @@ -132,7 +132,7 @@ $sql = " FROM tagente, tagente_modulo, tagente_estado AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo"; // Agent group selector -if ($ag_group > 0 && give_acl ($config["id_user"], $ag_group, "AR")) { +if ($ag_group > 0 && check_acl ($config["id_user"], $ag_group, "AR")) { $sql .= sprintf (" AND tagente.id_grupo = %d", $ag_group); } else { diff --git a/pandora_console/operation/agentes/ver_agente.php b/pandora_console/operation/agentes/ver_agente.php index 31bdb83b52..7fd10a913a 100644 --- a/pandora_console/operation/agentes/ver_agente.php +++ b/pandora_console/operation/agentes/ver_agente.php @@ -315,7 +315,7 @@ if (empty ($id_agente)) { $agent = get_db_row ('tagente', 'id_agente', $id_agente); // get group for this id_agente $id_grupo = $agent['id_grupo']; -if (! give_acl ($config['id_user'], $id_grupo, "AR")) { +if (! check_acl ($config['id_user'], $id_grupo, "AR")) { pandora_audit("ACL Violation", "Trying to access (read) to agent ".get_agent_name($id_agente)); include ("general/noaccess.php"); @@ -325,7 +325,7 @@ if (! give_acl ($config['id_user'], $id_grupo, "AR")) { // Check for Network FLAG change request $flag = get_parameter('flag', ''); if ($flag !== '') { - if ($flag == 1 && give_acl ($config['id_user'], $id_grupo, "AW")) { + if ($flag == 1 && check_acl ($config['id_user'], $id_grupo, "AW")) { $id_agent_module = get_parameter('id_agente_modulo'); $sql = sprintf("UPDATE tagente_modulo SET flag=1 WHERE id_agente_modulo = %d", $id_agent_module); process_sql ($sql); @@ -334,7 +334,7 @@ if ($flag !== '') { // Check for Network FLAG change request $flag_agent = get_parameter('flag_agent',''); if ($flag_agent !== ''){ - if ($flag_agent == 1 && give_acl ($config['id_user'], $id_grupo, "AW")) { + if ($flag_agent == 1 && check_acl ($config['id_user'], $id_grupo, "AW")) { $sql = sprintf("UPDATE tagente_modulo SET flag=1 WHERE id_agente = %d", $id_agente); process_sql ($sql); } @@ -354,7 +354,7 @@ $tab = get_parameter ("tab", "main"); $managetab = ""; -if (give_acl ($config['id_user'],$id_grupo, "AW")) { +if (check_acl ($config['id_user'],$id_grupo, "AW")) { $managetab['text'] ='' . print_image("images/setup.png", true, array ("title" => __('Manage'))) . ''; diff --git a/pandora_console/operation/events/event_statistics.php b/pandora_console/operation/events/event_statistics.php index c008960c60..c60fa1244b 100644 --- a/pandora_console/operation/events/event_statistics.php +++ b/pandora_console/operation/events/event_statistics.php @@ -23,7 +23,7 @@ require_once ("include/fgraph.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation","Trying to access event viewer"); require ("general/noaccess.php"); return; diff --git a/pandora_console/operation/events/events.php b/pandora_console/operation/events/events.php index 533a574cb2..76a0975920 100644 --- a/pandora_console/operation/events/events.php +++ b/pandora_console/operation/events/events.php @@ -22,7 +22,7 @@ require_once ("include/functions_alerts.php"); //Alerts processing functions check_login (); -if (! give_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "IR")) { pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); diff --git a/pandora_console/operation/events/events_list.php b/pandora_console/operation/events/events_list.php index e81e06f0b0..0852df57d9 100644 --- a/pandora_console/operation/events/events_list.php +++ b/pandora_console/operation/events/events_list.php @@ -22,7 +22,7 @@ require_once ("include/functions_alerts.php"); //Alerts processing functions check_login (); -if (! give_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "IR")) { pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); @@ -77,7 +77,7 @@ else { } // Skip system messages if user is not PM -if (!give_acl ($config["id_user"], 0, "PM")) { +if (!check_acl ($config["id_user"], 0, "PM")) { $sql_post .= " AND id_grupo != 0"; } @@ -377,7 +377,7 @@ foreach ($result as $event) { //Actions $data[4] = ''; // Validate event - if (($event["estado"] != 1) and (give_acl ($config["id_user"], $event["id_grupo"], "IW") == 1)) { + if (($event["estado"] != 1) and (check_acl ($config["id_user"], $event["id_grupo"], "IW") == 1)) { $data[4] .= ''; $data[4] .= print_image ("images/ok.png", true, array ("title" => __('Validate event'))); @@ -388,7 +388,7 @@ foreach ($result as $event) { array ("title" => __('Event validated'))).' '; } // Delete event - if (give_acl ($config["id_user"], $event["id_grupo"], "IM") == 1) { + if (check_acl ($config["id_user"], $event["id_grupo"], "IM") == 1) { if($event['estado'] != 2) { $data[4] .= ''; $data[4] .= print_image ("images/cross.png", true, @@ -407,7 +407,7 @@ foreach ($result as $event) { $data[4] .= ' '; // Create incident from this event - if (give_acl ($config["id_user"], $event["id_grupo"], "IW") == 1) { + if (check_acl ($config["id_user"], $event["id_grupo"], "IW") == 1) { $data[4] .= ''; $data[4] .= print_image ("images/page_lightning.png", true, array ("title" => __('Create incident from event'))); @@ -575,10 +575,10 @@ if (!empty ($table->data)) { print_table ($table); echo '
'; - if (give_acl ($config["id_user"], 0, "IW") == 1) { + if (check_acl ($config["id_user"], 0, "IW") == 1) { print_submit_button (__('Change status'), 'validate_btn', false, 'class="sub ok"'); } - if (give_acl ($config["id_user"], 0,"IM") == 1) { + if (check_acl ($config["id_user"], 0,"IM") == 1) { print_submit_button (__('Delete'), 'delete', false, 'class="sub delete"'); } echo '
'; diff --git a/pandora_console/operation/events/events_marquee.php b/pandora_console/operation/events/events_marquee.php index 8b803ae1d0..2b4e2cf26f 100644 --- a/pandora_console/operation/events/events_marquee.php +++ b/pandora_console/operation/events/events_marquee.php @@ -53,7 +53,7 @@ $groups = get_user_groups ($config["id_user"], "AR"); $sql_group_filter = " AND id_grupo IN (".implode (",", array_keys ($groups)).")"; // Skip system messages if user is not PM -if (!give_acl ($config["id_user"], 0, "PM")) { +if (!check_acl ($config["id_user"], 0, "PM")) { $sql_group_filter .= " AND id_grupo != 0"; } diff --git a/pandora_console/operation/events/events_validate.php b/pandora_console/operation/events/events_validate.php index 9c4ce5a21d..37281d4f94 100644 --- a/pandora_console/operation/events/events_validate.php +++ b/pandora_console/operation/events/events_validate.php @@ -22,7 +22,7 @@ require_once ("include/functions_alerts.php"); //Alerts processing functions check_login (); -if (! give_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "IR")) { pandora_audit("ACL Violation", "Trying to access event viewer"); require ("general/noaccess.php"); diff --git a/pandora_console/operation/events/export_csv.php b/pandora_console/operation/events/export_csv.php index 611ac273f7..b8a839e560 100644 --- a/pandora_console/operation/events/export_csv.php +++ b/pandora_console/operation/events/export_csv.php @@ -25,7 +25,7 @@ session_write_close (); $config["id_user"] = $_SESSION["id_usuario"]; -if (! give_acl ($config["id_user"], 0, "AR") && ! give_acl ($config["id_user"], 0, "AW")) { +if (! check_acl ($config["id_user"], 0, "AR") && ! check_acl ($config["id_user"], 0, "AW")) { exit; } diff --git a/pandora_console/operation/events/sound_events.php b/pandora_console/operation/events/sound_events.php index 8dcd9d5e41..5789416125 100644 --- a/pandora_console/operation/events/sound_events.php +++ b/pandora_console/operation/events/sound_events.php @@ -34,7 +34,7 @@ check_login (); $config["id_user"] = $_SESSION["id_usuario"]; -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation","Trying to access event viewer"); require ("general/noaccess.php"); diff --git a/pandora_console/operation/extensions.php b/pandora_console/operation/extensions.php index 3f388710c7..47f59543a6 100644 --- a/pandora_console/operation/extensions.php +++ b/pandora_console/operation/extensions.php @@ -15,7 +15,7 @@ check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access extensions list"); include ("general/noaccess.php"); @@ -44,7 +44,7 @@ if ($delete != ""){ $table->width = '500px'; $table->head = array (); $table->head[0] = __('Name'); -//if (give_acl ($config['id_user'], 0, "PM")){ +//if (check_acl ($config['id_user'], 0, "PM")){ // $table->head[1] = __('Delete'); // $table->align[1] = "center"; //} @@ -59,7 +59,7 @@ foreach ($config['extensions'] as $extension) { $data = array (); $data[0] = '
'.$extension['operation_menu']['name']; -// if (give_acl ($config['id_user'], 0, "PM")) { +// if (check_acl ($config['id_user'], 0, "PM")) { // $data[1] = ''; // } diff --git a/pandora_console/operation/incidents/incident.php b/pandora_console/operation/incidents/incident.php index a212540a39..75feb0de9d 100644 --- a/pandora_console/operation/incidents/incident.php +++ b/pandora_console/operation/incidents/incident.php @@ -18,7 +18,7 @@ require_once ("include/functions_incidents.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "IR")) { +if (! check_acl ($config['id_user'], 0, "IR")) { pandora_audit("ACL Violation","Trying to access incident viewer"); require ("general/noaccess.php"); exit; @@ -45,7 +45,7 @@ if ($action == "mass") { $own_btn = get_parameter_post ("own_btn", -1); foreach ($id_inc as $incident) { - if (give_acl ($config['id_user'], get_incidents_group ($incident), "IM") || get_incidents_author ($incident) == $config["id_user"] || get_incidents_owner ($incident) == $config["id_user"]) { + if (check_acl ($config['id_user'], get_incidents_group ($incident), "IM") || get_incidents_author ($incident) == $config["id_user"] || get_incidents_owner ($incident) == $config["id_user"]) { continue; } pandora_audit("ACL Forbidden","Mass-update or deletion of incident"); @@ -73,7 +73,7 @@ elseif ($action == "update") { $owner = get_incidents_owner ($id_inc); $grupo = get_incidents_group ($id_inc); - if ($author != $config["id_user"] && $owner != $config["id_user"] && !give_acl ($config['id_user'], $grupo, "IM")) { // Only admins (manage incident) or owners/creators can modify incidents + if ($author != $config["id_user"] && $owner != $config["id_user"] && !check_acl ($config['id_user'], $grupo, "IM")) { // Only admins (manage incident) or owners/creators can modify incidents pandora_audit("ACL Forbidden", "Update incident #".$id_inc, $author); require ("general/noaccess.php"); exit; @@ -103,7 +103,7 @@ elseif ($action == "update") { //Create incident $grupo = get_parameter_post ("grupo_form", 1); - if (!give_acl ($config['id_user'], $grupo, "IW")) { + if (!check_acl ($config['id_user'], $grupo, "IW")) { pandora_audit("ACL Forbidden", "User ".$config["id_user"]." tried to update incident"); require ("general/noaccess.php"); exit; @@ -146,7 +146,7 @@ if ($estado >= 0) //-1 = All $grupo = (int) get_parameter ("grupo", 0); if ($grupo > 0) { $filter .= sprintf (" AND id_grupo = %d", $grupo); - if (give_acl ($config['id_user'], $grupo, "IM") == 0) { + if (check_acl ($config['id_user'], $grupo, "IM") == 0) { pandora_audit("ACL Forbidden","User tried to read incidents from group without access"); include ("general/noaccess.php"); exit; @@ -300,7 +300,7 @@ if ($count < 1) { $data[6] = $row["origen"]; $data[7] = print_username ($row["id_usuario"], true); - if (give_acl ($config["id_user"], $row["id_grupo"], "IM") || $config["id_user"] == $row["id_usuario"] || $config["id_user"] == $row["id_creator"]) { + if (check_acl ($config["id_user"], $row["id_grupo"], "IM") || $config["id_user"] == $row["id_usuario"] || $config["id_user"] == $row["id_creator"]) { $data[8] = print_checkbox ("id_inc[]", $row["id_incidencia"], false, true); } else { $data[8] = ''; @@ -313,11 +313,11 @@ if ($count < 1) { print_table ($table); echo '
'; echo ''.__('Action').': ' ; - if (give_acl ($config["id_user"], 0, "IW")) { + if (check_acl ($config["id_user"], 0, "IW")) { print_submit_button (__('Delete incidents'), 'delete_btn', false, 'class="sub delete"'); } - if (give_acl ($config["id_user"], 0, "IM")) { + if (check_acl ($config["id_user"], 0, "IM")) { print_submit_button (__('Become owner'), 'own_btn', false, 'class="sub upd"'); } echo '
'; @@ -325,7 +325,7 @@ if ($count < 1) { unset ($table); } echo '

'; -if (give_acl ($config["id_user"], 0, "IW")) { +if (check_acl ($config["id_user"], 0, "IW")) { echo '
'; echo '
'; print_submit_button (__('Create incident'), 'crt', false, 'class="sub next"'); diff --git a/pandora_console/operation/incidents/incident_detail.php b/pandora_console/operation/incidents/incident_detail.php index 4daed9ec8d..66fa299111 100644 --- a/pandora_console/operation/incidents/incident_detail.php +++ b/pandora_console/operation/incidents/incident_detail.php @@ -21,7 +21,7 @@ require_once ("include/functions_events.php"); //To get events group information check_login (); -if (! give_acl ($config["id_user"], 0, "IR")) { +if (! check_acl ($config["id_user"], 0, "IR")) { // Doesn't have access to this page pandora_audit("ACL Violation", "Trying to access incident details"); require ("general/noaccess.php"); @@ -70,7 +70,7 @@ if (isset ($_GET["id"])) { if (isset ($_POST["delete_nota"])) { $id_nota = get_parameter_post ("delete_nota", 0); $note_user = get_incidents_notes_author ($id_nota); - if (((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($note_user == $config["id_user"])) OR ($id_owner == $config["id_user"])) { + if (((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($note_user == $config["id_user"])) OR ($id_owner == $config["id_user"])) { // Only admins (manage incident) or owners can modify // incidents notes. note authors are // able to delete their own notes @@ -86,7 +86,7 @@ if (isset ($_GET["id"])) { } // Delete file - if (((give_acl ($config["id_user"], $id_grupo, "IM")==1) OR ($id_owner == $config["id_user"])) AND isset ($_POST["delete_file"])) { + if (((check_acl ($config["id_user"], $id_grupo, "IM")==1) OR ($id_owner == $config["id_user"])) AND isset ($_POST["delete_file"])) { $file_id = (int) get_parameter_post ("delete_file", 0); $filename = get_db_value ("filename", "tattachment", "id_attachment", $file_id); $sql = sprintf ("DELETE FROM tattachment WHERE id_attachment = %d",$file_id); @@ -103,7 +103,7 @@ if (isset ($_GET["id"])) { } // Upload file - if ((give_acl ($config["id_user"], $id_grupo, "IW") == 1) AND isset ($_GET["upload_file"]) AND ($_FILES['userfile']['name'] != "")) { + if ((check_acl ($config["id_user"], $id_grupo, "IW") == 1) AND isset ($_GET["upload_file"]) AND ($_FILES['userfile']['name'] != "")) { $description = get_parameter_post ("file_description", __('No description available')); // Insert into database @@ -211,7 +211,7 @@ if (isset ($id_inc)) { //If $id_inc is set (when $_GET["id"] is set, not $_GET[" echo ''; echo '
'.__('Incident').''; -if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { +if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { print_input_text ("titulo", $titulo,'', 70); } else { print_input_text_extended ("titulo", $titulo, "", "", 70, "", false, "", "readonly"); @@ -224,14 +224,14 @@ echo ''.__('Updated at').''.date echo '
'.__('Owner').''; -if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { +if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { print_select (get_users_info (), "usuario_form", $usuario, '', 'SYSTEM', '', false, false, true, "w135"); } else { print_select (get_users_info (), "usuario_form", $usuario, '', 'SYSTEM', '', false, false, true, "w135", true); } echo ''.__('Status').''; -if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { +if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { print_select (get_incidents_status (), "estado_form", $estado, '', '', '', false, false, false, 'w135'); } else { print_select (get_incidents_status (), "estado_form", $estado, '', '', '', false, false, false, 'w135', true); @@ -250,7 +250,7 @@ foreach ($return as $row) { } // Only owner could change source or user with Incident management privileges -if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { +if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135'); } else { print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135', true); @@ -258,7 +258,7 @@ if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $confi echo ''.__('Group').''; // Group combo -if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { +if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { print_select_groups($config["id_user"], "IR", true, "grupo_form", $id_grupo, '', '', '', false, false, false, 'w135'); } else { print_select_groups($config["id_user"], "IR", true, "grupo_form", $id_grupo, '', '', '', false, false, true, 'w135', true); @@ -266,7 +266,7 @@ if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $confi echo '
'.__('Priority').''; -if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { +if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { print_select (get_incidents_priorities (), "prioridad_form", $prioridad, '', '', '', false, false, false, 'w135'); } else { print_select (get_incidents_priorities (), "prioridad_form", $prioridad, '', '', '', false, false, false, 'w135', true); @@ -281,7 +281,7 @@ if (empty ($id_creator)) { echo '
'; -if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { +if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { print_textarea ("descripcion", 15, 80, $texto, 'style="height:200px;"'); } else { print_textarea ("descripcion", 15, 80, $texto, 'style="height:200px;" disabled'); @@ -290,9 +290,9 @@ if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $confi echo '
'; // Only if user is the used who opened incident or (s)he is admin -if (isset ($id_inc) AND ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"]))) { +if (isset ($id_inc) AND ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"]))) { print_submit_button (__('Update incident'), "accion", false, 'class="sub upd"'); -} elseif (give_acl ($config["id_user"], $id_grupo, "IW")) { +} elseif (check_acl ($config["id_user"], $id_grupo, "IW")) { print_submit_button (__('Create'), "accion", false, 'class="sub wand"'); } else { print_submit_button (__('Submit'), "accion", true, 'class="sub upd"'); @@ -335,7 +335,7 @@ if (isset ($id_inc)) { $data = array (); $data[0] = ''; - if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($row["id_usuario"] == $config["id_user"])) { + if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($row["id_usuario"] == $config["id_user"])) { $data[0] .= print_input_image ("delete_nota", "images/cross.png", $row["id_nota"], 'border:0px;" onClick="if (!confirm(\' '.__('Are you sure?').'\')) return false;', true); } $data[1] = $row["nota"]; @@ -376,7 +376,7 @@ if (isset ($id_inc)) { $data[0] = print_image("images/disk.png", true, array("border" => '0', "align" => "top")) . '  '.$row["filename"].''; $data[1] = $row["description"]; $data[2] = format_for_graph ($row["size"])."B"; - if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { + if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { $data[3] = print_input_image ("delete_file", "images/cross.png", $row["id_attachment"], 'border:0px;" onClick="if (!confirm(\' '.__('Are you sure?').'\')) return false;', true); } else { $data[3] = ''; @@ -398,7 +398,7 @@ if (isset ($id_inc)) { // Upload control - if ((give_acl($config["id_user"], $id_grupo, "IW")==1)) { + if ((check_acl($config["id_user"], $id_grupo, "IW")==1)) { echo '
'; echo ''; diff --git a/pandora_console/operation/incidents/incident_statistics.php b/pandora_console/operation/incidents/incident_statistics.php index 31dbecd088..36623ad6e1 100644 --- a/pandora_console/operation/incidents/incident_statistics.php +++ b/pandora_console/operation/incidents/incident_statistics.php @@ -20,7 +20,7 @@ require_once ("include/fgraph.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "IR") == 1) { +if (! check_acl ($config['id_user'], 0, "IR") == 1) { pandora_audit("ACL Violation", "Trying to access Incident section"); require ("general/noaccess.php"); exit; diff --git a/pandora_console/operation/menu.php b/pandora_console/operation/menu.php index 0e693fdb1e..02966cf133 100644 --- a/pandora_console/operation/menu.php +++ b/pandora_console/operation/menu.php @@ -26,7 +26,7 @@ $menu = array (); $menu['class'] = 'operation'; // Agent read, Server read -if (give_acl ($config['id_user'], 0, "AR")) { +if (check_acl ($config['id_user'], 0, "AR")) { enterprise_hook ('metaconsole_menu'); @@ -109,7 +109,7 @@ if (give_acl ($config['id_user'], 0, "AR")) { $firstLetterNameVisualToShow = array('_', ',', '[', '('); foreach ($layouts as $layout) { - if (! give_acl ($config["id_user"], $layout["id_group"], "AR")) { + if (! check_acl ($config["id_user"], $layout["id_group"], "AR")) { continue; } $name = safe_output($layout['name']); @@ -132,7 +132,7 @@ if (give_acl ($config['id_user'], 0, "AR")) { } // Agent read, Server read -if (give_acl ($config['id_user'], 0, "AR")) { +if (check_acl ($config['id_user'], 0, "AR")) { // Server view $menu["estado_server"]["text"] = __('Pandora servers'); @@ -146,7 +146,7 @@ if (give_acl ($config['id_user'], 0, "AR")) { if ($servers === false) { $servers = array (); } - if (give_acl ($config['id_user'], 0, "PM")) { + if (check_acl ($config['id_user'], 0, "PM")) { foreach ($servers as $serverItem) { $sub["operation/servers/view_server_detail&server_id=".$serverItem["id_server"]]["text"] = $serverItem["name"]; } @@ -160,7 +160,7 @@ if (give_acl ($config['id_user'], 0, "AR")) { enterprise_hook ('inventory_menu'); //Incidents -if (give_acl ($config['id_user'], 0, "IR") == 1) { +if (check_acl ($config['id_user'], 0, "IR") == 1) { $menu["incidencias"]["text"] = __('Manage incidents'); $menu["incidencias"]["sec2"] = "operation/incidents/incident"; $menu["incidencias"]["refr"] = 0; @@ -173,7 +173,7 @@ if (give_acl ($config['id_user'], 0, "IR") == 1) { } // Rest of options, all with AR privilege (or should events be with incidents?) -if (give_acl ($config['id_user'], 0, "AR")) { +if (check_acl ($config['id_user'], 0, "AR")) { // Events $menu["eventos"]["text"] = __('View events'); $menu["eventos"]["refr"] = 0; @@ -227,7 +227,7 @@ if (give_acl ($config['id_user'], 0, "AR")) { //End of Users // Rest of options, all with AR privilege (or should events be with incidents?) -if (give_acl ($config['id_user'], 0, "AR")) { +if (check_acl ($config['id_user'], 0, "AR")) { //SNMP Console $menu["snmpconsole"]["text"] = __('SNMP console'); diff --git a/pandora_console/operation/reporting/graph_viewer.php b/pandora_console/operation/reporting/graph_viewer.php index 9987668443..04cea716cb 100644 --- a/pandora_console/operation/reporting/graph_viewer.php +++ b/pandora_console/operation/reporting/graph_viewer.php @@ -27,7 +27,7 @@ $id_graph = (int) get_parameter ('id'); // Delete module SQL code if ($delete_graph) { - if (give_acl ($config['id_user'], 0, "AW")) { + if (check_acl ($config['id_user'], 0, "AW")) { $sql = "DELETE FROM tgraph_source WHERE id_graph = $id_graph"; if ($res=mysql_query($sql)) $result = "

".__('Successfully deleted')."

"; diff --git a/pandora_console/operation/reporting/reporting_viewer.php b/pandora_console/operation/reporting/reporting_viewer.php index 96e9153c72..a8aec11c44 100644 --- a/pandora_console/operation/reporting/reporting_viewer.php +++ b/pandora_console/operation/reporting/reporting_viewer.php @@ -31,7 +31,7 @@ if (! $id_report) { $report = get_db_row ('treport', 'id_report', $id_report); // Check ACL on the report to see if user has access to the report. -if (! give_acl ($config['id_user'], $report['id_group'], "AR")) { +if (! check_acl ($config['id_user'], $report['id_group'], "AR")) { pandora_audit("ACL Violation","Trying to access graph reader"); include ("general/noaccess.php"); exit; diff --git a/pandora_console/operation/reporting/reporting_xml.php b/pandora_console/operation/reporting/reporting_xml.php index 0f989dd158..69a113d423 100644 --- a/pandora_console/operation/reporting/reporting_xml.php +++ b/pandora_console/operation/reporting/reporting_xml.php @@ -115,7 +115,7 @@ $report = get_db_row ('treport', 'id_report', $id_report); $report["datetime"] = get_system_time(); -if (! give_acl ($config['id_user'], $report['id_group'], "AR")) { +if (! check_acl ($config['id_user'], $report['id_group'], "AR")) { pandora_audit("ACL Violation","Trying to access graph reader"); include ("general/noaccess.php"); exit; diff --git a/pandora_console/operation/search_maps.php b/pandora_console/operation/search_maps.php index e9842c29ca..3da8052be6 100755 --- a/pandora_console/operation/search_maps.php +++ b/pandora_console/operation/search_maps.php @@ -27,7 +27,7 @@ if ($searchMaps) { if($maps !== false) { $maps_id = array(); foreach($maps as $key => $map) { - if (!give_acl ($config["id_user"], $map["id_group"], "AR")) { + if (!check_acl ($config["id_user"], $map["id_group"], "AR")) { unset($maps[$key]); }else { $maps_id[] = $map['id']; diff --git a/pandora_console/operation/search_reports.php b/pandora_console/operation/search_reports.php index 60baaa84ae..18e7354341 100755 --- a/pandora_console/operation/search_reports.php +++ b/pandora_console/operation/search_reports.php @@ -19,7 +19,7 @@ include_once('include/functions_reports.php'); $linkReport = false; $searchReports = check_acl ($config["id_user"], 0, "IR"); -if (give_acl ($config['id_user'], 0, "IW")) { +if (check_acl ($config['id_user'], 0, "IW")) { $linkReport = true; } diff --git a/pandora_console/operation/servers/view_server.php b/pandora_console/operation/servers/view_server.php index 1e46c84e7b..368ccdc407 100644 --- a/pandora_console/operation/servers/view_server.php +++ b/pandora_console/operation/servers/view_server.php @@ -21,7 +21,7 @@ require_once ("include/functions_servers.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access Server view"); require ("general/noaccess.php"); diff --git a/pandora_console/operation/servers/view_server_detail.php b/pandora_console/operation/servers/view_server_detail.php index 119991a22d..8c424901e5 100644 --- a/pandora_console/operation/servers/view_server_detail.php +++ b/pandora_console/operation/servers/view_server_detail.php @@ -26,7 +26,7 @@ $options = "
  • '.print_image ("images/wrench_orange.png", true).''; } else { $data[8] = ''; diff --git a/pandora_console/operation/snmpconsole/snmp_view.php b/pandora_console/operation/snmpconsole/snmp_view.php index facd479189..fd46c5dc62 100644 --- a/pandora_console/operation/snmpconsole/snmp_view.php +++ b/pandora_console/operation/snmpconsole/snmp_view.php @@ -21,7 +21,7 @@ enterprise_include ("operation/snmpconsole/snmp_view.php"); check_login (); -if (! give_acl ($config['id_user'], 0, "AR")) { +if (! check_acl ($config['id_user'], 0, "AR")) { pandora_audit("ACL Violation", "Trying to access SNMP Console"); require ("general/noaccess.php"); @@ -54,7 +54,7 @@ print_page_header (__("SNMP Console"), "images/computer_error.png", false, "", f // Delete SNMP Trap entry Event (only incident management access). if (isset ($_GET["delete"])){ $id_trap = (int) get_parameter_get ("delete", 0); - if ($id_trap > 0 && give_acl ($config['id_user'], 0, "IM")) { + if ($id_trap > 0 && check_acl ($config['id_user'], 0, "IM")) { $sql = sprintf ("DELETE FROM ttrap WHERE id_trap = %d", $id_trap); $result = process_sql ($sql); print_result_message ($result, @@ -69,7 +69,7 @@ if (isset ($_GET["delete"])){ // Check Event (only incident write access). if (isset ($_GET["check"])) { $id_trap = (int) get_parameter_get ("check", 0); - if ($id_trap > 1 && give_acl ($config['id_user'], 0, "IW")) { + if ($id_trap > 1 && check_acl ($config['id_user'], 0, "IW")) { $sql = sprintf ("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config["id_user"], $id_trap); $result = process_sql ($sql); print_result_message ($result, @@ -84,7 +84,7 @@ if (isset ($_GET["check"])) { // Mass-process DELETE if (isset ($_POST["deletebt"])) { $trap_ids = get_parameter_post ("snmptrapid", array ()); - if (is_array ($trap_ids) && give_acl ($config['id_user'], 0, "IW")) { + if (is_array ($trap_ids) && check_acl ($config['id_user'], 0, "IW")) { foreach ($trap_ids as $id_trap) { $sql = sprintf ("DELETE FROM ttrap WHERE id_trap = %d", $id_trap); process_sql ($sql); @@ -98,7 +98,7 @@ if (isset ($_POST["deletebt"])) { // Mass-process UPDATE if (isset ($_POST["updatebt"])) { $trap_ids = get_parameter_post ("snmptrapid", array ()); - if (is_array ($trap_ids) && give_acl ($config['id_user'], 0, "IW")) { + if (is_array ($trap_ids) && check_acl ($config['id_user'], 0, "IW")) { foreach ($trap_ids as $id_trap) { $sql = sprintf ("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config["id_user"], $id_trap); process_sql ($sql); @@ -313,12 +313,12 @@ if ($traps !== false) { // Agent matching source address $agent = get_agent_with_ip ($trap['source']); if ($agent === false) { - if (! give_acl ($config["id_user"], 0, "AW")) { + if (! check_acl ($config["id_user"], 0, "AW")) { continue; } $data[1] = ''.$trap["source"].''; } else { - if (! give_acl ($config["id_user"], $agent["id_grupo"], "AR")) { + if (! check_acl ($config["id_user"], $agent["id_grupo"], "AR")) { continue; } $data[1] = ''; @@ -375,10 +375,10 @@ if ($traps !== false) { //Actions $data[8] = ""; - if (empty ($trap["status"]) && give_acl ($config["id_user"], 0, "IW")) { + if (empty ($trap["status"]) && check_acl ($config["id_user"], 0, "IW")) { $data[8] .= '' . print_image("images/ok.png", true, array("border" => '0', "title" => __('Validate'))) . ''; } - if (give_acl ($config["id_user"], 0, "IM")) { + if (check_acl ($config["id_user"], 0, "IM")) { $data[8] .= '' . print_image("images/cross.png", true, array("border" => "0", "title" => __('Delete'))) . ''; } $data[8] .= '' . print_image("images/eye.png", true, array("alt" => __('Show more'), "title" => __('Show more'))) .''; @@ -415,11 +415,11 @@ if ($idx == 0) { unset ($table); echo '
    '; -if (give_acl ($config["id_user"], 0, "IW")) { +if (check_acl ($config["id_user"], 0, "IW")) { print_submit_button (__('Validate'), "updatebt", false, 'class="sub ok"'); } -if (give_acl ($config['id_user'], 0, "IM")) { +if (check_acl ($config['id_user'], 0, "IM")) { echo " "; print_submit_button (__('Delete'), "deletebt", false, 'class="sub delete" onClick="javascript:return confirm(\''.__('Are you sure?').'\')"'); } diff --git a/pandora_console/operation/users/user_edit.php b/pandora_console/operation/users/user_edit.php index 5fadd412aa..614a74afe2 100644 --- a/pandora_console/operation/users/user_edit.php +++ b/pandora_console/operation/users/user_edit.php @@ -27,14 +27,14 @@ if ($user_info["language"] == ""){ $id = $user_info["id_user"]; //This is done in case there are problems with uppercase/lowercase (MySQL auth has that problem) -if ((!give_acl ($config["id_user"], get_user_groups ($id), "UM")) AND ($id != $config["id_user"])){ +if ((!check_acl ($config["id_user"], get_user_groups ($id), "UM")) AND ($id != $config["id_user"])){ pandora_audit("ACL Violation","Trying to view a user without privileges"); require ("general/noaccess.php"); exit; } //If current user is editing himself or if the user has UM (User Management) rights on any groups the user is part of AND the authorization scheme allows for users/admins to update info -if (($config["id_user"] == $id || give_acl ($config["id_user"], get_user_groups ($id), "UM")) && $config["user_can_update_info"]) { +if (($config["id_user"] == $id || check_acl ($config["id_user"], get_user_groups ($id), "UM")) && $config["user_can_update_info"]) { $view_mode = false; } else { $view_mode = true; diff --git a/pandora_console/operation/visual_console/index.php b/pandora_console/operation/visual_console/index.php index b322ea9621..a82435773c 100644 --- a/pandora_console/operation/visual_console/index.php +++ b/pandora_console/operation/visual_console/index.php @@ -45,7 +45,7 @@ foreach ($layouts as $layout) { $rowPair = !$rowPair; $iterator++; - if (!give_acl ($config["id_user"], $layout["id_group"], "AR")) { + if (!check_acl ($config["id_user"], $layout["id_group"], "AR")) { continue; } $data = array (); diff --git a/pandora_console/operation/visual_console/render_view.php b/pandora_console/operation/visual_console/render_view.php index 7bf60c9ceb..3eacb3f023 100644 --- a/pandora_console/operation/visual_console/render_view.php +++ b/pandora_console/operation/visual_console/render_view.php @@ -45,7 +45,7 @@ $bheight = $layout["height"]; $pure_url = "&pure=".$config["pure"]; -if (! give_acl ($config["id_user"], $id_group, "AR")) { +if (! check_acl ($config["id_user"], $id_group, "AR")) { pandora_audit("ACL Violation", "Trying to access visual console without group access"); require ("general/noaccess.php"); exit; @@ -54,7 +54,7 @@ if (! give_acl ($config["id_user"], $id_group, "AR")) { // Render map $options = array(); -if (give_acl ($config["id_user"], $id_group, "AW")) { +if (check_acl ($config["id_user"], $id_group, "AW")) { $options['setup']['text'] = ''.print_image ("images/setup.png", true, array ("title" => __('Setup'))).''; $options['setup']['active'] = false; }