tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge

This commit is contained in:
Jose Gonzalez 2020-12-02 11:38:22 +01:00
parent eeac1ca35e bd17efa3dd
commit f2a94b9aa5
12 changed files with 235 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pandora_console/extras/mr/43.sql
View File

@ -2,10 +2,12 @@ START TRANSACTION;
ALTER TABLE `tagente_modulo` ADD COLUMN `debug_content` varchar(200);
INSERT IGNORE INTO tuser_task VALUES (8, 'cron_task_generate_csv_log', 'a:1:{i:0;a:2:{s:11:"description";s:14:"Send to e-mail";s:4:"type";s:4:"text";}}', 'Send csv log');
ALTER TABLE `talert_snmp` ADD COLUMN `al_field16` TEXT NOT NULL AFTER `al_field15`;
ALTER TABLE `talert_snmp` ADD COLUMN `al_field17` TEXT NOT NULL AFTER `al_field16`;
ALTER TABLE `talert_snmp` ADD COLUMN `al_field18` TEXT NOT NULL AFTER `al_field17`;
ALTER TABLE `talert_snmp` ADD COLUMN `al_field19` TEXT NOT NULL AFTER `al_field18`;
ALTER TABLE `talert_snmp` ADD COLUMN `al_field20` TEXT NOT NULL AFTER `al_field19`;
COMMIT;
COMMIT;

1
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -2493,6 +2493,7 @@ ALTER TABLE `tnetflow_filter` MODIFY COLUMN `router_ip` text NOT NULL;
-- Update table `tuser_task`
-- ----------------------------------------------------------------------
UPDATE tuser_task set parameters = 'a:5:{i:0;a:6:{s:11:\"description\";s:28:\"Report pending to be created\";s:5:\"table\";s:7:\"treport\";s:8:\"field_id\";s:9:\"id_report\";s:10:\"field_name\";s:4:\"name\";s:4:\"type\";s:3:\"int\";s:9:\"acl_group\";s:8:\"id_group\";}i:1;a:2:{s:11:\"description\";s:46:\"Send to email addresses (separated by a comma)\";s:4:\"type\";s:4:\"text\";}i:2;a:2:{s:11:\"description\";s:7:\"Subject\";s:8:\"optional\";i:1;}i:3;a:3:{s:11:\"description\";s:7:\"Message\";s:4:\"type\";s:4:\"text\";s:8:\"optional\";i:1;}i:4;a:2:{s:11:\"description\";s:11:\"Report Type\";s:4:\"type\";s:11:\"report_type\";}}' where function_name = "cron_task_generate_report";
INSERT IGNORE INTO tuser_task VALUES (8, 'cron_task_generate_csv_log', 'a:1:{i:0;a:2:{s:11:"description";s:14:"Send to e-mail";s:4:"type";s:4:"text";}}', 'Send csv log');
-- ----------------------------------------------------------------------
-- ADD message in table 'tnews'

10
pandora_console/godmode/setup/performance.php
View File

@ -642,6 +642,16 @@ $table_other->data[13][1] = html_print_input_text(
true
);
$table_other->data[14][0] = __('Row limit in csv log');
$table_other->data[14][1] = html_print_input_text(
'row_limit_csv',
$config['row_limit_csv'],
'',
5,
10,
true
);
echo '<form id="form_setup" method="post">';
echo '<fieldset>';

6
pandora_console/godmode/users/configure_user.php
View File

@ -759,13 +759,13 @@ if (!users_is_admin() && $config['id_user'] != $id && !$new_user) {
$sql = sprintf(
"SELECT tusuario_perfil.* FROM tusuario_perfil
INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0",
$id,
WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 1",
$config['id_user'],
$group_um_string
);
$result = db_get_all_rows_sql($sql);
if ($result == false || $user_info['is_admin']) {
if ($result == false && $user_info['is_admin'] == false) {
db_pandora_audit(
'ACL Violation',
'Trying to access User Management'

12
pandora_console/godmode/users/user_list.php
View File

@ -491,12 +491,6 @@ foreach ($info as $user_id => $user_info) {
foreach ($group_um as $key => $value) {
if (isset($user_profiles_aux[$key])) {
$user_profiles[$key] = $user_profiles_aux[$key];
if ($user_profiles_aux[$key]['user_management'] == 1) {
$user_info['edit'] = 0;
} else {
$user_info['edit'] = 1;
}
unset($user_profiles_aux[$key]);
}
}
@ -594,7 +588,11 @@ foreach ($info as $user_id => $user_info) {
$total_profile++;
}
$data[4] .= '</div>';
if (isset($user_info['not_delete'])) {
$data[4] .= __('Other profiles are also assigned.').ui_print_help_tip(__('Other profiles you cannot manage are also assigned. These profiles are not shown. You cannot enable/disable or delete this user.'), true);
}
$data[4] .= '</div>';
} else {
$data[4] .= __('The user doesn\'t have any assigned profile/group');
}

48
pandora_console/include/class/NetworkMap.class.php
View File

@ -2890,14 +2890,12 @@ class NetworkMap
$list_networkmaps = [];
}
$output .= '<div id="open_version_dialog" style="display: none;">';
$output .= __(
'In the Open version of %s can not be edited nodes or map',
get_product_name()
);
$output .= '</div>';
$id = 'dialog_node_edit';
if (!enterprise_installed()) {
$id = 'open_version_dialog';
}
$output .= '<div id="dialog_node_edit" style="display: none;" title="';
$output .= '<div id="'.$id.'" style="display: none;" title="';
$output .= __('Edit node').'">';
$output .= '<div style="text-align: left; width: 100%;">';
@ -3016,14 +3014,16 @@ class NetworkMap
true
);
$output .= ui_toggle(
html_print_table($table, true),
__('Node options'),
__('Node options'),
'',
true,
true
);
if (enterprise_installed()) {
$output .= ui_toggle(
html_print_table($table, true),
__('Node options'),
__('Node options'),
'',
true,
true
);
}
$table = new StdClass();
$table->id = 'relations_table';
@ -3077,14 +3077,16 @@ class NetworkMap
true
);
$output .= ui_toggle(
html_print_table($table, true),
__('Relations'),
__('Relations'),
'',
true,
true
);
if (enterprise_installed()) {
$output .= ui_toggle(
html_print_table($table, true),
__('Relations'),
__('Relations'),
'',
true,
true
);
}
$output .= '</div></div>';

8
pandora_console/include/functions_config.php
View File

@ -852,6 +852,10 @@ function config_update_config()
if (!config_update_value('max_execution_event_response', get_parameter('max_execution_event_response'))) {
$error_update[] = __('Max execution event response');
}
if (!config_update_value('row_limit_csv', get_parameter('row_limit_csv'))) {
$error_update[] = __('Row limit in csv log');
}
break;
case 'vis':
@ -1852,6 +1856,10 @@ function config_process_config()
config_update_value('max_macro_fields', 10);
}
if (!isset($config['row_limit_csv'])) {
config_update_value('row_limit_csv', 10000);
}
if (!isset($config['event_purge'])) {
config_update_value('event_purge', 15);
}

2
pandora_console/include/functions_profile.php
View File

@ -234,7 +234,7 @@ function profile_print_profile_table($id)
$sql = sprintf(
"SELECT tusuario_perfil.* FROM tusuario_perfil
INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0",
WHERE id_usuario like '%s' AND id_grupo IN (%s)",
$id,
$group_um_string
);

5
pandora_console/include/functions_users.php
View File

@ -752,6 +752,11 @@ function users_get_groups_UM($id_user)
foreach ($groups as $key => $group) {
if (!isset($return[$group['id_grupo']]) || (isset($return[$group['id_grupo']]) && $group['user_management'] != 0)) {
$return[$group['id_grupo']] = $group['user_management'];
$children = groups_get_children($group['id_grupo'], false, 'UM', false);
foreach ($children as $key => $child_group) {
$return[$child_group['id_grupo']] = $group['user_management'];
}
if ($group['id_grupo'] == '0') {
$return['group_all'] = $group['id_grupo'];
}

281
pandora_console/include/javascript/functions_pandora_networkmap.js
View File

@ -771,139 +771,137 @@ function move_to_networkmap(node) {
}
function edit_node(data_node, dblClick) {
if (enterprise_installed) {
var flag_edit_node = true;
var edit_node = null;
var flag_edit_node = true;
var edit_node = null;
//Only select one node
var selection = d3.selectAll(".node_selected");
var id;
//Only select one node
var selection = d3.selectAll(".node_selected");
var id;
if (selection[0].length == 1) {
edit_node = selection[0].pop();
} else if (selection[0].length > 1) {
edit_node = selection[0].pop();
} else if (dblClick) {
edit_node = d3.select("#id_node_" + data_node["id"] + networkmap_id);
edit_node = edit_node[0][0];
} else {
flag_edit_node = false;
if (selection[0].length == 1) {
edit_node = selection[0].pop();
} else if (selection[0].length > 1) {
edit_node = selection[0].pop();
} else if (dblClick) {
edit_node = d3.select("#id_node_" + data_node["id"] + networkmap_id);
edit_node = edit_node[0][0];
} else {
flag_edit_node = false;
}
if (flag_edit_node) {
d3.selectAll(".node_selected").classed("node_selected", false);
d3.select(edit_node).classed("node_selected", true);
id = d3
.select(edit_node)
.attr("id")
.replace("id_node_", "");
var id_networkmap_lenght = networkmap_id.toString().length;
var id_node_length = id.length - id_networkmap_lenght;
id = id.substring(0, id_node_length);
var index_node = $.inArray(data_node, graph.nodes);
var node_selected = graph.nodes[index_node];
var selected_links = get_relations(node_selected);
$("select[name='shape'] option[value='" + node_selected.shape + "']").prop(
"selected",
true
);
$("select[name='shape']").attr(
"onchange",
"javascript: change_shape(" + node_selected.id_db + ");"
);
$("#node_options-fictional_node_update_button-1 input").attr(
"onclick",
"update_fictional_node(" + node_selected.id_db + ");"
);
$("#node_options-node_name-2 input").attr(
"onclick",
"update_node_name(" + node_selected.id_db + ");"
);
var params = [];
params.push("get_agent_info=1");
params.push("id_agent=" + node_selected["id_agent"]);
params.push("page=enterprise/operation/agentes/pandora_networkmap.view");
if (!enterprise_installed) {
params.push("page=operation/agentes/pandora_networkmap.view");
}
if (flag_edit_node) {
d3.selectAll(".node_selected").classed("node_selected", false);
d3.select(edit_node).classed("node_selected", true);
id = d3
.select(edit_node)
.attr("id")
.replace("id_node_", "");
var id_networkmap_lenght = networkmap_id.toString().length;
var id_node_length = id.length - id_networkmap_lenght;
id = id.substring(0, id_node_length);
var index_node = $.inArray(data_node, graph.nodes);
var node_selected = graph.nodes[index_node];
var selected_links = get_relations(node_selected);
$(
"select[name='shape'] option[value='" + node_selected.shape + "']"
).prop("selected", true);
$("select[name='shape']").attr(
"onchange",
"javascript: change_shape(" + node_selected.id_db + ");"
);
$("#node_options-fictional_node_update_button-1 input").attr(
"onclick",
"update_fictional_node(" + node_selected.id_db + ");"
);
$("#node_options-node_name-2 input").attr(
"onclick",
"update_node_name(" + node_selected.id_db + ");"
);
var params = [];
params.push("get_agent_info=1");
params.push("id_agent=" + node_selected["id_agent"]);
params.push("page=enterprise/operation/agentes/pandora_networkmap.view");
jQuery.ajax({
data: params.join("&"),
dataType: "json",
type: "POST",
url: window.base_url_homedir + "/ajax.php",
success: function(data) {
$("#node_details-0-1").html(
'<a href="index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=' +
node_selected["id_agent"] +
'">' +
data["alias"] +
"</a>"
);
var addresses = "";
if (data["adressess"] instanceof Array) {
for (var i; i < data["adressess"].length; i++) {
addresses += data["adressess"][i] + "<br>";
}
} else {
for (var address in data["adressess"]) {
addresses += address + "<br>";
}
}
$("#node_details-1-1").html(addresses);
$("#node_details-2-1").html(data["os"]);
$("#node_details-3-1").html(data["group"]);
$("[aria-describedby=dialog_node_edit]").css({ top: "200px" });
$("#foot").css({
top: parseInt(
$("[aria-describedby=dialog_node_edit]").css("height") +
$("[aria-describedby=dialog_node_edit]").css("top")
),
position: "relative"
});
get_interface_data_to_table(node_selected, selected_links);
}
});
$("#dialog_node_edit").dialog(
"option",
"title",
dialog_node_edit_title.replace(
"%s",
ellipsize(node_selected["text"], 40)
)
); // It doesn't eval the possible XSS so it's ok
$("#dialog_node_edit").dialog("open");
if (node_selected.id_agent == undefined || node_selected.type == 3) {
//Fictional node
$("#node_options-fictional_node_name").css("display", "");
$("input[name='edit_name_fictional_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok
$("#node_options-fictional_node_networkmap_link").css("display", "");
$("#edit_networkmap_to_link").val(node_selected.networkmap_id);
$("#node_options-fictional_node_update_button").css("display", "");
$("#node_options-node_name").css("display", "none");
$("#node_options-node_update_button").css("display", "none");
} else {
$("input[name='edit_name_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok
$("#node_options-fictional_node_name").css("display", "none");
$("#node_options-fictional_node_networkmap_link").css(
"display",
"none"
jQuery.ajax({
data: params.join("&"),
dataType: "json",
type: "POST",
url: window.base_url_homedir + "/ajax.php",
success: function(data) {
$("#node_details-0-1").html(
'<a href="index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=' +
node_selected["id_agent"] +
'">' +
data["alias"] +
"</a>"
);
$("#node_options-fictional_node_update_button").css("display", "none");
$("#node_options-node_name").css("display", "");
}
//Clean
$("#relations_table .relation_link_row").remove();
//Show the no relations
$("#relations_table-loading").css("display", "none");
$("#relations_table-no_relations").css("display", "");
var addresses = "";
if (data["adressess"] instanceof Array) {
for (var i; i < data["adressess"].length; i++) {
addresses += data["adressess"][i] + "<br>";
}
} else {
for (var address in data["adressess"]) {
addresses += address + "<br>";
}
}
$("#node_details-1-1").html(addresses);
$("#node_details-2-1").html(data["os"]);
$("#node_details-3-1").html(data["group"]);
$("[aria-describedby=dialog_node_edit]").css({ top: "200px" });
$("#foot").css({
top: parseInt(
$("[aria-describedby=dialog_node_edit]").css("height") +
$("[aria-describedby=dialog_node_edit]").css("top")
),
position: "relative"
});
get_interface_data_to_table(node_selected, selected_links);
}
});
$("#dialog_node_edit").dialog(
"option",
"title",
dialog_node_edit_title.replace("%s", ellipsize(node_selected["text"], 40))
); // It doesn't eval the possible XSS so it's ok
$("#dialog_node_edit").dialog("open");
$("#open_version_dialog").dialog();
if (node_selected.id_agent == undefined || node_selected.type == 3) {
//Fictional node
$("#node_options-fictional_node_name").css("display", "");
$("input[name='edit_name_fictional_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok
$("#node_options-fictional_node_networkmap_link").css("display", "");
$("#edit_networkmap_to_link").val(node_selected.networkmap_id);
$("#node_options-fictional_node_update_button").css("display", "");
$("#node_options-node_name").css("display", "none");
$("#node_options-node_update_button").css("display", "none");
} else {
$("input[name='edit_name_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok
$("#node_options-fictional_node_name").css("display", "none");
$("#node_options-fictional_node_networkmap_link").css("display", "none");
$("#node_options-fictional_node_update_button").css("display", "none");
$("#node_options-node_name").css("display", "");
}
//Clean
$("#relations_table .relation_link_row").remove();
//Show the no relations
$("#relations_table-loading").css("display", "none");
$("#relations_table-no_relations").css("display", "");
}
}
@ -2871,18 +2869,35 @@ function init_drag_and_drop() {
});
});
} else {
var params = [];
params.push("update_node_alert=1");
params.push("map_id=" + networkmap_id);
params.push("page=operation/agentes/pandora_networkmap.view");
jQuery.ajax({
data: params.join("&"),
dataType: "json",
type: "POST",
url: window.base_url_homedir + "/ajax.php",
data: {
node: JSON.stringify(d),
update_node: 1,
page: "operation/agentes/pandora_networkmap.view"
},
success: function(data) {
if (data["correct"]) {
$("#open_version_dialog").dialog();
if (d.state == "holding_area") {
//It is out the holding area
if (data["state"] == "") {
//Remove the style of nodes and links
//in holding area
d3.select("#id_node_" + d.id + networkmap_id).classed(
"holding_area",
false
);
d3.select(".source_" + d.id + networkmap_id).classed(
"holding_area_link",
false
);
d3.select(".target_" + d.id + networkmap_id).classed(
"holding_area_link",
false
);
graph.nodes[d.id].state = "";
}
}
}
});

2
pandora_console/include/styles/wizard.css
View File

@ -11,10 +11,8 @@ ul.wizard {
ul.wizard li {
padding-bottom: 10px;
padding-top: 10px;
display: flex;
flex-direction: row;
align-items: center;
justify-content: flex-start;
}
ul.wizard li > label:not(.p-switch) {

26
pandora_console/operation/agentes/pandora_networkmap.view.php
View File

@ -53,6 +53,32 @@ if (is_ajax()) {
$module_get_status = (bool) get_parameter('module_get_status', false);
$update_node_alert = (bool) get_parameter('update_node_alert', false);
$process_migration = (bool) get_parameter('process_migration', false);
$get_agent_info = (bool) get_parameter('get_agent_info', false);
$update_node = (bool) get_parameter('update_node', false);
if ($update_node) {
$node_json = io_safe_output(get_parameter('node', ''));
$node = json_decode($node_json, true);
echo json_encode($node);
return;
}
if ($get_agent_info) {
$id_agent = (int) get_parameter('id_agent');
$return = [];
$return['alias'] = agents_get_alias($id_agent);
$return['adressess'] = agents_get_addresses($id_agent);
$id_group = agents_get_agent_group($id_agent);
$return['group'] = db_get_value('nombre', 'tgrupo', 'id_grupo', $id_group);
$id_os = agents_get_os($id_agent);
$return['os'] = ui_print_os_icon($id_os, true, true);
echo json_encode($return);
return;
}
if ($module_get_status) {
$id = (int) get_parameter('id', 0);