2009-10-26 Ramon Novoa <rnovoa@artica.es>
* extensions/update_manager.php, operation/incidents/incident.php, operation/menu.php, godmode/setup/links.php, godmode/users/configure_user.php, godmode/agentes/planned_downtime.php, godmode/agentes/agent_manager.php, godmode/reporting/reporting_builder.php, godmode/reporting/map_builder.php, godmode/reporting/graphs.php, godmode/reporting/graph_builder.php, godmode/alerts/alert_templates.php, godmode/menu.php: Several ACL related fixes. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2053 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
a4e7d0a352
commit
ef7b127da5
|
@ -1,3 +1,19 @@
|
|||
2009-10-26 Ramon Novoa <rnovoa@artica.es>
|
||||
|
||||
* extensions/update_manager.php,
|
||||
operation/incidents/incident.php,
|
||||
operation/menu.php,
|
||||
godmode/setup/links.php,
|
||||
godmode/users/configure_user.php,
|
||||
godmode/agentes/planned_downtime.php,
|
||||
godmode/agentes/agent_manager.php,
|
||||
godmode/reporting/reporting_builder.php,
|
||||
godmode/reporting/map_builder.php,
|
||||
godmode/reporting/graphs.php,
|
||||
godmode/reporting/graph_builder.php,
|
||||
godmode/alerts/alert_templates.php,
|
||||
godmode/menu.php: Several ACL related fixes.
|
||||
|
||||
2009-10-26 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* pandora_console/godmode/agentes/module_manager_editor.php: fix the
|
||||
|
|
|
@ -69,6 +69,11 @@ function pandora_update_manager_main () {
|
|||
global $config;
|
||||
global $db;
|
||||
|
||||
if (! give_acl ($config['id_user'], 0, "PM")) {
|
||||
require ("general/noaccess.php");
|
||||
return;
|
||||
}
|
||||
|
||||
load_update_manager_lib ();
|
||||
update_settings_database_connection ();
|
||||
|
||||
|
|
|
@ -142,7 +142,8 @@ $table->data[2][1] = print_input_text_extended ('id_parent', get_agent_name ($id
|
|||
$table->data[2][1] .= print_checkbox ("cascade_protection", 1, $cascade_protection, true).__('Cascade protection'). " " . print_help_icon("cascade_protection", true);
|
||||
|
||||
$table->data[3][0] = __('Group');
|
||||
$table->data[3][1] = print_select_from_sql ('SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1 ORDER BY nombre', 'grupo', $grupo, '', '', 0, true);
|
||||
$groups = get_user_groups ();
|
||||
$table->data[3][1] = print_select ($groups, 'grupo', $grupo, '', '', 0, true);
|
||||
|
||||
$table->data[4][0] = __('Interval');
|
||||
|
||||
|
|
|
@ -27,6 +27,7 @@ if (! give_acl ($config['id_user'], 0, "AW")) {
|
|||
|
||||
//Initialize data
|
||||
$id_agent = get_parameter ("id_agent");
|
||||
$id_group = (int) get_parameter ("id_group", 1);
|
||||
$name = '';
|
||||
$description = '';
|
||||
$date_from = (string) get_parameter ('date_from', date ('Y-m-j'));
|
||||
|
@ -46,6 +47,7 @@ $id_downtime = (int) get_parameter ('id_downtime',0);
|
|||
$insert_downtime_agent = (int) get_parameter ("insert_downtime_agent", 0);
|
||||
$delete_downtime_agent = (int) get_parameter ("delete_downtime_agent", 0);
|
||||
|
||||
$groups = get_user_groups ();
|
||||
|
||||
// INSERT A NEW DOWNTIME_AGENT ASSOCIATION
|
||||
if ($insert_downtime_agent == 1){
|
||||
|
@ -94,17 +96,17 @@ if ($create_downtime || $update_downtime) {
|
|||
$sql = '';
|
||||
if ($create_downtime) {
|
||||
$sql = sprintf ("INSERT INTO tplanned_downtime (`name`,
|
||||
`description`, `date_from`, `date_to`)
|
||||
VALUES ('%s','%s',%d,%d)",
|
||||
`description`, `date_from`, `date_to`, `id_group`)
|
||||
VALUES ('%s','%s',%d,%d, %d)",
|
||||
$name, $description, $datetime_from,
|
||||
$datetime_to);
|
||||
$datetime_to, $id_group);
|
||||
} else if ($update_downtime) {
|
||||
$sql = sprintf ("UPDATE tplanned_downtime
|
||||
SET `name`='%s', `description`='%s', `date_from`=%d,
|
||||
`date_to`=%d
|
||||
`date_to`=%d, `id_group`=%d
|
||||
WHERE `id` = '%d'",
|
||||
$name, $description, $datetime_from,
|
||||
$datetime_to, $id_downtime);
|
||||
$datetime_to, $id_group, $id_downtime);
|
||||
}
|
||||
|
||||
$result = process_sql ($sql);
|
||||
|
@ -148,7 +150,9 @@ echo __('Planned Downtime').'</h2>';
|
|||
$table->data[4][0] = __('Timestamp to');
|
||||
$table->data[4][1] = print_input_text ('date_to', $date_to, '', 10, 10, true);
|
||||
$table->data[4][1] .= print_input_text ('time_to', $time_to, '', 7, 7, true);
|
||||
|
||||
|
||||
$table->data[5][0] = __('Group');
|
||||
$table->data[5][1] = print_select ($groups, 'id_group', $id_group, '', '', 0, true);
|
||||
echo '<form method="POST" action="index.php?sec=gagente&sec2=godmode/agentes/planned_downtime">';
|
||||
|
||||
if ($id_downtime > 0){
|
||||
|
@ -180,23 +184,24 @@ echo __('Planned Downtime').'</h2>';
|
|||
echo '<h3>'.__('Available agents').':</h3>';
|
||||
|
||||
|
||||
$filter_group = get_parameter("filter_group", -1);
|
||||
if ($filter_group != -1)
|
||||
$filter_group = get_parameter("filter_group", 1);
|
||||
if ($filter_group != 1)
|
||||
$filter_cond = " AND id_grupo = $filter_group ";
|
||||
else
|
||||
$filter_cond = "";
|
||||
$sql = sprintf ("SELECT tagente.id_agente, tagente.nombre FROM tagente WHERE tagente.id_agente NOT IN (SELECT tagente.id_agente FROM tagente, tplanned_downtime_agents WHERE tplanned_downtime_agents.id_agent = tagente.id_agente AND tplanned_downtime_agents.id_downtime = %d) AND disabled = 0 $filter_cond ORDER by tagente.nombre", $id_downtime);
|
||||
|
||||
$sql = sprintf ("SELECT tagente.id_agente, tagente.nombre, tagente.id_grupo FROM tagente WHERE tagente.id_agente NOT IN (SELECT tagente.id_agente FROM tagente, tplanned_downtime_agents WHERE tplanned_downtime_agents.id_agent = tagente.id_agente AND tplanned_downtime_agents.id_downtime = %d) AND disabled = 0 $filter_cond ORDER by tagente.nombre", $id_downtime);
|
||||
$downtimes = get_db_all_rows_sql ($sql);
|
||||
$data = array ();
|
||||
if ($downtimes)
|
||||
foreach ($downtimes as $downtime) {
|
||||
$data[$downtime['id_agente']] = $downtime['nombre'];
|
||||
if (give_acl ($config["id_user"], $downtime['id_grupo'], "AR")) {
|
||||
$data[$downtime['id_agente']] = $downtime['nombre'];
|
||||
}
|
||||
}
|
||||
|
||||
echo "<form method=post action='index.php?sec=gagente&sec2=godmode/agentes/planned_downtime&first_update=1&id_downtime=$id_downtime'>";
|
||||
|
||||
print_select_from_sql ("SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1", "filter_group", $filter_group, '', __("Any"), -1, false, false);
|
||||
|
||||
print_select ($groups, 'filter_group', $filter_group);
|
||||
echo "<br /><br />";
|
||||
print_submit_button (__('Filter by group'), '', false, 'class="sub next"',false);
|
||||
echo "</form>";
|
||||
|
@ -261,13 +266,14 @@ echo __('Planned Downtime').'</h2>';
|
|||
$table->head = array ();
|
||||
$table->head[0] = __('Name #Ag.');
|
||||
$table->head[1] = __('Description');
|
||||
$table->head[2] = __('From');
|
||||
$table->head[3] = __('To');
|
||||
$table->head[4] = __('Delete');
|
||||
$table->head[5] = __('Update');
|
||||
$table->head[6] = __('Running');
|
||||
$table->head[2] = __('Group');
|
||||
$table->head[3] = __('From');
|
||||
$table->head[4] = __('To');
|
||||
$table->head[5] = __('Delete');
|
||||
$table->head[6] = __('Update');
|
||||
$table->head[7] = __('Running');
|
||||
|
||||
$sql = "SELECT * FROM tplanned_downtime";
|
||||
$sql = "SELECT * FROM tplanned_downtime WHERE id_group IN (" . implode (",", array_keys ($groups)) . ")";
|
||||
$downtimes = get_db_all_rows_sql ($sql);
|
||||
if (!$downtimes) {
|
||||
echo '<div class="nf">'.__('No planned downtime').'</div>';
|
||||
|
@ -279,19 +285,20 @@ echo __('Planned Downtime').'</h2>';
|
|||
|
||||
$data[0] = $downtime['name']. " ($total)";
|
||||
$data[1] = $downtime['description'];
|
||||
$data[2] = date ("Y-m-d H:i", $downtime['date_from']);
|
||||
$data[3] = date ("Y-m-d H:i", $downtime['date_to']);
|
||||
$data[2] = print_group_icon ($downtime['id_group'], true);
|
||||
$data[3] = date ("Y-m-d H:i", $downtime['date_from']);
|
||||
$data[4] = date ("Y-m-d H:i", $downtime['date_to']);
|
||||
if ($downtime["executed"] == 0){
|
||||
$data[4] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/planned_downtime&id_agent='.
|
||||
$data[5] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/planned_downtime&id_agent='.
|
||||
$id_agent.'&delete_downtime=1&id_downtime='.$downtime['id'].'">
|
||||
<img src="images/cross.png" border="0" alt="'.__('Delete').'" /></a>';
|
||||
$data[5] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/planned_downtime&edit_downtime=1&first_update=1&id_downtime='.$downtime['id'].'">
|
||||
$data[6] = '<a href="index.php?sec=gagente&sec2=godmode/agentes/planned_downtime&edit_downtime=1&first_update=1&id_downtime='.$downtime['id'].'">
|
||||
<img src="images/config.png" border="0" alt="'.__('Update').'" /></a>';
|
||||
}
|
||||
if ($downtime["executed"] == 0)
|
||||
$data[6] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Executed')));
|
||||
$data[7] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Executed')));
|
||||
else
|
||||
$data[6] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Not executed')));
|
||||
$data[7] = print_image ("images/pixel_green.png", true, array ('width' => 20, 'height' => 20, 'alt' => __('Not executed')));
|
||||
|
||||
array_push ($table->data, $data);
|
||||
}
|
||||
|
|
|
@ -19,14 +19,6 @@ require_once ('include/functions_alerts.php');
|
|||
|
||||
check_login ();
|
||||
|
||||
if (! give_acl ($config['id_user'], 0, "LM")) {
|
||||
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
require ("general/noaccess.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
if (is_ajax ()) {
|
||||
$get_template_tooltip = (bool) get_parameter ('get_template_tooltip');
|
||||
|
||||
|
@ -103,6 +95,13 @@ if (is_ajax ()) {
|
|||
return;
|
||||
}
|
||||
|
||||
if (! give_acl ($config['id_user'], 0, "LM")) {
|
||||
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
require ("general/noaccess.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
echo "<h2>".__('Alerts')." » ";
|
||||
echo __('Alert templates')."</h2>";
|
||||
$update_template = (bool) get_parameter ('update_template');
|
||||
|
|
|
@ -17,15 +17,6 @@ require_once ('include/config.php');
|
|||
|
||||
check_login ();
|
||||
|
||||
if ((! give_acl ($config['id_user'], 0, "LM"))
|
||||
&& (! give_acl ($config['id_user'], 0, "AW"))
|
||||
&& (! give_acl ($config['id_user'], 0, "LW"))
|
||||
&& (! give_acl ($config['id_user'], 0, "PM"))
|
||||
&& (! give_acl ($config['id_user'], 0, "DM"))
|
||||
&& (! give_acl ($config['id_user'], 0, "UM"))) {
|
||||
return;
|
||||
}
|
||||
|
||||
enterprise_include ('godmode/menu.php');
|
||||
require_once ('include/functions_menu.php');
|
||||
|
||||
|
@ -86,7 +77,9 @@ if (give_acl ($config['id_user'], 0, "LM")) {
|
|||
$menu["galertas"]["sub"] = $sub;
|
||||
}
|
||||
|
||||
enterprise_hook ('policies_menu');
|
||||
if (give_acl ($config['id_user'], 0, "AW")) {
|
||||
enterprise_hook ('policies_menu');
|
||||
}
|
||||
|
||||
if (give_acl ($config['id_user'], 0, "UM")) {
|
||||
$menu["gusuarios"]["text"] = __('Manage users');
|
||||
|
@ -109,7 +102,7 @@ if (give_acl($config['id_user'], 0, "LW")) {
|
|||
}
|
||||
|
||||
// Reporting
|
||||
if (give_acl ($config['id_user'], 0, "AW")) {
|
||||
if (give_acl ($config['id_user'], 0, "IW")) {
|
||||
$menu["greporting"]["text"] = __('Manage reports');
|
||||
$menu["greporting"]["sec2"] = "godmode/reporting/reporting_builder";
|
||||
$menu["greporting"]["id"] = "god-reporting";
|
||||
|
|
|
@ -50,7 +50,7 @@ if ($config['flash_charts']) {
|
|||
|
||||
check_login ();
|
||||
|
||||
if (! give_acl ($config['id_user'], 0, "AW")) {
|
||||
if (! give_acl ($config['id_user'], 0, "IW")) {
|
||||
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
|
||||
"Trying to access graph builder");
|
||||
include ("general/noaccess.php");
|
||||
|
|
|
@ -20,7 +20,7 @@ require_once ('include/functions_custom_graphs.php');
|
|||
// Check user credentials
|
||||
check_login ();
|
||||
|
||||
if (! give_acl ($config['id_user'], 0, "AW")) {
|
||||
if (! give_acl ($config['id_user'], 0, "IW")) {
|
||||
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
|
||||
"Trying to access Inventory Module Management");
|
||||
require ("general/noaccess.php");
|
||||
|
@ -111,4 +111,4 @@ echo '<div class="action-buttons" style="width: 650px;">';
|
|||
print_submit_button (__('Create graph'), 'create', false, 'class="sub next"');
|
||||
echo "</div>";
|
||||
echo "</form>";
|
||||
?>
|
||||
?>
|
||||
|
|
|
@ -42,7 +42,7 @@ require_once ("include/config.php");
|
|||
|
||||
check_login ();
|
||||
|
||||
if (! give_acl ($config['id_user'], 0, "AW")) {
|
||||
if (! give_acl ($config['id_user'], 0, "IW")) {
|
||||
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access map builder");
|
||||
require ("general/noaccess.php");
|
||||
return;
|
||||
|
|
|
@ -19,7 +19,7 @@ require_once ("include/config.php");
|
|||
|
||||
check_login ();
|
||||
|
||||
if (! give_acl ($config['id_user'], 0, "AW")) {
|
||||
if (! give_acl ($config['id_user'], 0, "IW")) {
|
||||
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
|
||||
"Trying to access report builder");
|
||||
require ("general/noaccess.php");
|
||||
|
|
|
@ -313,12 +313,15 @@ if ($count < 1) {
|
|||
|
||||
echo '<form method="post" action="'.$url.'&action=mass" style="margin-bottom: 0px;">';
|
||||
print_table ($table);
|
||||
if (give_acl ($config["id_user"], 0, "IM")) {
|
||||
echo '<div style="text-align:right; float:right; padding-right: 30px;">';
|
||||
echo '<div style="text-align:right; float:right; padding-right: 30px;">';
|
||||
if (give_acl ($config["id_user"], 0, "IW")) {
|
||||
print_submit_button (__('Delete incidents'), 'delete_btn', false, 'class="sub delete"');
|
||||
print_submit_button (__('Become owner'), 'own_btn', false, 'class="sub upd"');
|
||||
echo '</div>';
|
||||
}
|
||||
|
||||
if (give_acl ($config["id_user"], 0, "IM")) {
|
||||
print_submit_button (__('Become owner'), 'own_btn', false, 'class="sub upd"');
|
||||
}
|
||||
echo '</div>';
|
||||
echo '</form>';
|
||||
unset ($table);
|
||||
}
|
||||
|
|
|
@ -196,28 +196,28 @@ if (give_acl ($config['id_user'], 0, "AR")) {
|
|||
}
|
||||
|
||||
$menu["extensions"]["sub"] = $sub;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Add the extensions
|
||||
*/
|
||||
foreach($config['extensions'] as $extension) {
|
||||
$operationModeMenu = $extension['operation_menu'];
|
||||
if ($operationModeMenu == null)
|
||||
continue;
|
||||
|
||||
if (array_key_exists('fatherId',$operationModeMenu)) {
|
||||
if (strlen($operationModeMenu['fatherId']) > 0) {
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["text"] = __($operationModeMenu['name']);
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["refr"] = 60;
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["icon"] = $operationModeMenu['icon'];
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["sec"] = 'extensions';
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["extension"] = true;
|
||||
$menu[$operationModeMenu['fatherId']]['hasExtensions'] = true;
|
||||
/**
|
||||
* Add the extensions
|
||||
*/
|
||||
foreach($config['extensions'] as $extension) {
|
||||
$operationModeMenu = $extension['operation_menu'];
|
||||
if ($operationModeMenu == null)
|
||||
continue;
|
||||
|
||||
if (array_key_exists('fatherId',$operationModeMenu)) {
|
||||
if (strlen($operationModeMenu['fatherId']) > 0) {
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["text"] = __($operationModeMenu['name']);
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["refr"] = 60;
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["icon"] = $operationModeMenu['icon'];
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["sec"] = 'extensions';
|
||||
$menu[$operationModeMenu['fatherId']]['sub'][$operationModeMenu['sec2']]["extension"] = true;
|
||||
$menu[$operationModeMenu['fatherId']]['hasExtensions'] = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
print_menu ($menu);
|
||||
|
|
Loading…
Reference in New Issue