From 75e070ebb05ab41d7f60f725b38e98953582b4f7 Mon Sep 17 00:00:00 2001 From: Junichi Satoh Date: Tue, 1 Dec 2020 16:46:09 +0900 Subject: [PATCH 1/4] Fixed UM permission problems. --- pandora_console/godmode/users/configure_user.php | 6 +++--- pandora_console/godmode/users/user_list.php | 12 ++++-------- pandora_console/include/functions_profile.php | 2 +- pandora_console/include/functions_users.php | 4 ++++ 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index f9618b64a1..2e0cdd8d7d 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -759,13 +759,13 @@ if (!users_is_admin() && $config['id_user'] != $id && !$new_user) { $sql = sprintf( "SELECT tusuario_perfil.* FROM tusuario_perfil INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil - WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0", - $id, + WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 1", + $config['id_user'], $group_um_string ); $result = db_get_all_rows_sql($sql); - if ($result == false || $user_info['is_admin']) { + if ($result == false && $user_info['is_admin'] == false) { db_pandora_audit( 'ACL Violation', 'Trying to access User Management' diff --git a/pandora_console/godmode/users/user_list.php b/pandora_console/godmode/users/user_list.php index 77ca07acce..31c6b3c119 100644 --- a/pandora_console/godmode/users/user_list.php +++ b/pandora_console/godmode/users/user_list.php @@ -491,12 +491,6 @@ foreach ($info as $user_id => $user_info) { foreach ($group_um as $key => $value) { if (isset($user_profiles_aux[$key])) { $user_profiles[$key] = $user_profiles_aux[$key]; - if ($user_profiles_aux[$key]['user_management'] == 1) { - $user_info['edit'] = 0; - } else { - $user_info['edit'] = 1; - } - unset($user_profiles_aux[$key]); } } @@ -593,8 +587,10 @@ foreach ($info as $user_id => $user_info) { $total_profile++; } - - $data[4] .= ''; + if (isset($user_info['not_delete'])) { + $data[4] .= __('Other profiles are also assigned.') . ui_print_help_tip(__('Other profiles you cannot manage are also assigned. These profiles are not shown. You cannot enable/disable or delete this user.'), true); + } + $data[4] .= ''; } else { $data[4] .= __('The user doesn\'t have any assigned profile/group'); } diff --git a/pandora_console/include/functions_profile.php b/pandora_console/include/functions_profile.php index 4406fd72b6..e55a37ddf8 100644 --- a/pandora_console/include/functions_profile.php +++ b/pandora_console/include/functions_profile.php @@ -234,7 +234,7 @@ function profile_print_profile_table($id) $sql = sprintf( "SELECT tusuario_perfil.* FROM tusuario_perfil INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil - WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0", + WHERE id_usuario like '%s' AND id_grupo IN (%s)", $id, $group_um_string ); diff --git a/pandora_console/include/functions_users.php b/pandora_console/include/functions_users.php index 73e7340838..7929edeaab 100755 --- a/pandora_console/include/functions_users.php +++ b/pandora_console/include/functions_users.php @@ -752,6 +752,10 @@ function users_get_groups_UM($id_user) foreach ($groups as $key => $group) { if (!isset($return[$group['id_grupo']]) || (isset($return[$group['id_grupo']]) && $group['user_management'] != 0)) { $return[$group['id_grupo']] = $group['user_management']; + $children = groups_get_children($group['id_grupo'], false, 'UM', false); + foreach ($children as $key => $child_group) { + $return[$child_group['id_grupo']] = $group['user_management']; + } if ($group['id_grupo'] == '0') { $return['group_all'] = $group['id_grupo']; } From f72d924f1eda4bdf79f9f71c97a4f59c88eb0f29 Mon Sep 17 00:00:00 2001 From: Marcos Alconada Date: Wed, 2 Dec 2020 10:10:34 +0100 Subject: [PATCH 2/4] ticket 6435 --- .../include/class/NetworkMap.class.php | 48 +-- .../functions_pandora_networkmap.js | 281 +++++++++--------- .../agentes/pandora_networkmap.view.php | 26 ++ 3 files changed, 199 insertions(+), 156 deletions(-) diff --git a/pandora_console/include/class/NetworkMap.class.php b/pandora_console/include/class/NetworkMap.class.php index 0eaea52134..4a1f196ce9 100644 --- a/pandora_console/include/class/NetworkMap.class.php +++ b/pandora_console/include/class/NetworkMap.class.php @@ -2890,14 +2890,12 @@ class NetworkMap $list_networkmaps = []; } - $output .= ''; + $id = 'dialog_node_edit'; + if (!enterprise_installed()) { + $id = 'open_version_dialog'; + } - $output .= ''; diff --git a/pandora_console/include/javascript/functions_pandora_networkmap.js b/pandora_console/include/javascript/functions_pandora_networkmap.js index bb306ccd66..3450caa518 100644 --- a/pandora_console/include/javascript/functions_pandora_networkmap.js +++ b/pandora_console/include/javascript/functions_pandora_networkmap.js @@ -771,139 +771,137 @@ function move_to_networkmap(node) { } function edit_node(data_node, dblClick) { - if (enterprise_installed) { - var flag_edit_node = true; - var edit_node = null; + var flag_edit_node = true; + var edit_node = null; - //Only select one node - var selection = d3.selectAll(".node_selected"); - var id; + //Only select one node + var selection = d3.selectAll(".node_selected"); + var id; - if (selection[0].length == 1) { - edit_node = selection[0].pop(); - } else if (selection[0].length > 1) { - edit_node = selection[0].pop(); - } else if (dblClick) { - edit_node = d3.select("#id_node_" + data_node["id"] + networkmap_id); - edit_node = edit_node[0][0]; - } else { - flag_edit_node = false; + if (selection[0].length == 1) { + edit_node = selection[0].pop(); + } else if (selection[0].length > 1) { + edit_node = selection[0].pop(); + } else if (dblClick) { + edit_node = d3.select("#id_node_" + data_node["id"] + networkmap_id); + edit_node = edit_node[0][0]; + } else { + flag_edit_node = false; + } + + if (flag_edit_node) { + d3.selectAll(".node_selected").classed("node_selected", false); + d3.select(edit_node).classed("node_selected", true); + + id = d3 + .select(edit_node) + .attr("id") + .replace("id_node_", ""); + var id_networkmap_lenght = networkmap_id.toString().length; + var id_node_length = id.length - id_networkmap_lenght; + id = id.substring(0, id_node_length); + var index_node = $.inArray(data_node, graph.nodes); + var node_selected = graph.nodes[index_node]; + var selected_links = get_relations(node_selected); + + $("select[name='shape'] option[value='" + node_selected.shape + "']").prop( + "selected", + true + ); + $("select[name='shape']").attr( + "onchange", + "javascript: change_shape(" + node_selected.id_db + ");" + ); + $("#node_options-fictional_node_update_button-1 input").attr( + "onclick", + "update_fictional_node(" + node_selected.id_db + ");" + ); + + $("#node_options-node_name-2 input").attr( + "onclick", + "update_node_name(" + node_selected.id_db + ");" + ); + + var params = []; + params.push("get_agent_info=1"); + params.push("id_agent=" + node_selected["id_agent"]); + params.push("page=enterprise/operation/agentes/pandora_networkmap.view"); + + if (!enterprise_installed) { + params.push("page=operation/agentes/pandora_networkmap.view"); } - if (flag_edit_node) { - d3.selectAll(".node_selected").classed("node_selected", false); - d3.select(edit_node).classed("node_selected", true); - - id = d3 - .select(edit_node) - .attr("id") - .replace("id_node_", ""); - var id_networkmap_lenght = networkmap_id.toString().length; - var id_node_length = id.length - id_networkmap_lenght; - id = id.substring(0, id_node_length); - var index_node = $.inArray(data_node, graph.nodes); - var node_selected = graph.nodes[index_node]; - var selected_links = get_relations(node_selected); - - $( - "select[name='shape'] option[value='" + node_selected.shape + "']" - ).prop("selected", true); - $("select[name='shape']").attr( - "onchange", - "javascript: change_shape(" + node_selected.id_db + ");" - ); - $("#node_options-fictional_node_update_button-1 input").attr( - "onclick", - "update_fictional_node(" + node_selected.id_db + ");" - ); - - $("#node_options-node_name-2 input").attr( - "onclick", - "update_node_name(" + node_selected.id_db + ");" - ); - - var params = []; - params.push("get_agent_info=1"); - params.push("id_agent=" + node_selected["id_agent"]); - params.push("page=enterprise/operation/agentes/pandora_networkmap.view"); - - jQuery.ajax({ - data: params.join("&"), - dataType: "json", - type: "POST", - url: window.base_url_homedir + "/ajax.php", - success: function(data) { - $("#node_details-0-1").html( - '' + - data["alias"] + - "" - ); - - var addresses = ""; - if (data["adressess"] instanceof Array) { - for (var i; i < data["adressess"].length; i++) { - addresses += data["adressess"][i] + "
"; - } - } else { - for (var address in data["adressess"]) { - addresses += address + "
"; - } - } - $("#node_details-1-1").html(addresses); - $("#node_details-2-1").html(data["os"]); - $("#node_details-3-1").html(data["group"]); - - $("[aria-describedby=dialog_node_edit]").css({ top: "200px" }); - $("#foot").css({ - top: parseInt( - $("[aria-describedby=dialog_node_edit]").css("height") + - $("[aria-describedby=dialog_node_edit]").css("top") - ), - position: "relative" - }); - - get_interface_data_to_table(node_selected, selected_links); - } - }); - - $("#dialog_node_edit").dialog( - "option", - "title", - dialog_node_edit_title.replace( - "%s", - ellipsize(node_selected["text"], 40) - ) - ); // It doesn't eval the possible XSS so it's ok - $("#dialog_node_edit").dialog("open"); - - if (node_selected.id_agent == undefined || node_selected.type == 3) { - //Fictional node - $("#node_options-fictional_node_name").css("display", ""); - $("input[name='edit_name_fictional_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok - $("#node_options-fictional_node_networkmap_link").css("display", ""); - $("#edit_networkmap_to_link").val(node_selected.networkmap_id); - $("#node_options-fictional_node_update_button").css("display", ""); - $("#node_options-node_name").css("display", "none"); - $("#node_options-node_update_button").css("display", "none"); - } else { - $("input[name='edit_name_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok - $("#node_options-fictional_node_name").css("display", "none"); - $("#node_options-fictional_node_networkmap_link").css( - "display", - "none" + jQuery.ajax({ + data: params.join("&"), + dataType: "json", + type: "POST", + url: window.base_url_homedir + "/ajax.php", + success: function(data) { + $("#node_details-0-1").html( + '' + + data["alias"] + + "" ); - $("#node_options-fictional_node_update_button").css("display", "none"); - $("#node_options-node_name").css("display", ""); - } - //Clean - $("#relations_table .relation_link_row").remove(); - //Show the no relations - $("#relations_table-loading").css("display", "none"); - $("#relations_table-no_relations").css("display", ""); + var addresses = ""; + if (data["adressess"] instanceof Array) { + for (var i; i < data["adressess"].length; i++) { + addresses += data["adressess"][i] + "
"; + } + } else { + for (var address in data["adressess"]) { + addresses += address + "
"; + } + } + $("#node_details-1-1").html(addresses); + $("#node_details-2-1").html(data["os"]); + $("#node_details-3-1").html(data["group"]); + + $("[aria-describedby=dialog_node_edit]").css({ top: "200px" }); + $("#foot").css({ + top: parseInt( + $("[aria-describedby=dialog_node_edit]").css("height") + + $("[aria-describedby=dialog_node_edit]").css("top") + ), + position: "relative" + }); + + get_interface_data_to_table(node_selected, selected_links); + } + }); + + $("#dialog_node_edit").dialog( + "option", + "title", + dialog_node_edit_title.replace("%s", ellipsize(node_selected["text"], 40)) + ); // It doesn't eval the possible XSS so it's ok + $("#dialog_node_edit").dialog("open"); + $("#open_version_dialog").dialog(); + + if (node_selected.id_agent == undefined || node_selected.type == 3) { + //Fictional node + $("#node_options-fictional_node_name").css("display", ""); + $("input[name='edit_name_fictional_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok + $("#node_options-fictional_node_networkmap_link").css("display", ""); + $("#edit_networkmap_to_link").val(node_selected.networkmap_id); + $("#node_options-fictional_node_update_button").css("display", ""); + $("#node_options-node_name").css("display", "none"); + $("#node_options-node_update_button").css("display", "none"); + } else { + $("input[name='edit_name_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok + $("#node_options-fictional_node_name").css("display", "none"); + $("#node_options-fictional_node_networkmap_link").css("display", "none"); + $("#node_options-fictional_node_update_button").css("display", "none"); + $("#node_options-node_name").css("display", ""); } + + //Clean + $("#relations_table .relation_link_row").remove(); + //Show the no relations + $("#relations_table-loading").css("display", "none"); + $("#relations_table-no_relations").css("display", ""); } } @@ -2871,18 +2869,35 @@ function init_drag_and_drop() { }); }); } else { - var params = []; - params.push("update_node_alert=1"); - params.push("map_id=" + networkmap_id); - params.push("page=operation/agentes/pandora_networkmap.view"); jQuery.ajax({ - data: params.join("&"), dataType: "json", type: "POST", url: window.base_url_homedir + "/ajax.php", + data: { + node: JSON.stringify(d), + update_node: 1, + page: "operation/agentes/pandora_networkmap.view" + }, success: function(data) { - if (data["correct"]) { - $("#open_version_dialog").dialog(); + if (d.state == "holding_area") { + //It is out the holding area + if (data["state"] == "") { + //Remove the style of nodes and links + //in holding area + d3.select("#id_node_" + d.id + networkmap_id).classed( + "holding_area", + false + ); + d3.select(".source_" + d.id + networkmap_id).classed( + "holding_area_link", + false + ); + d3.select(".target_" + d.id + networkmap_id).classed( + "holding_area_link", + false + ); + graph.nodes[d.id].state = ""; + } } } }); diff --git a/pandora_console/operation/agentes/pandora_networkmap.view.php b/pandora_console/operation/agentes/pandora_networkmap.view.php index eb612fdf69..d09f7d5e48 100644 --- a/pandora_console/operation/agentes/pandora_networkmap.view.php +++ b/pandora_console/operation/agentes/pandora_networkmap.view.php @@ -53,6 +53,32 @@ if (is_ajax()) { $module_get_status = (bool) get_parameter('module_get_status', false); $update_node_alert = (bool) get_parameter('update_node_alert', false); $process_migration = (bool) get_parameter('process_migration', false); + $get_agent_info = (bool) get_parameter('get_agent_info', false); + $update_node = (bool) get_parameter('update_node', false); + + if ($update_node) { + $node_json = io_safe_output(get_parameter('node', '')); + $node = json_decode($node_json, true); + echo json_encode($node); + + return; + } + + if ($get_agent_info) { + $id_agent = (int) get_parameter('id_agent'); + + $return = []; + $return['alias'] = agents_get_alias($id_agent); + $return['adressess'] = agents_get_addresses($id_agent); + $id_group = agents_get_agent_group($id_agent); + $return['group'] = db_get_value('nombre', 'tgrupo', 'id_grupo', $id_group); + $id_os = agents_get_os($id_agent); + $return['os'] = ui_print_os_icon($id_os, true, true); + + echo json_encode($return); + + return; + } if ($module_get_status) { $id = (int) get_parameter('id', 0); From 3a0f14e7bdb89880df67211a932655a4bdc2a5d0 Mon Sep 17 00:00:00 2001 From: Daniel Maya Date: Wed, 2 Dec 2020 10:13:22 +0100 Subject: [PATCH 3/4] Ent 5835 9693 error al exportar csv el log view parte 2 --- pandora_console/extras/mr/43.sql | 4 +++- .../extras/pandoradb_migrate_6.0_to_7.0.mysql.sql | 1 + pandora_console/godmode/setup/performance.php | 10 ++++++++++ pandora_console/include/functions_config.php | 8 ++++++++ 4 files changed, 22 insertions(+), 1 deletion(-) diff --git a/pandora_console/extras/mr/43.sql b/pandora_console/extras/mr/43.sql index 656679ebd0..3935b7f913 100644 --- a/pandora_console/extras/mr/43.sql +++ b/pandora_console/extras/mr/43.sql @@ -1,9 +1,11 @@ START TRANSACTION; +INSERT IGNORE INTO tuser_task VALUES (8, 'cron_task_generate_csv_log', 'a:1:{i:0;a:2:{s:11:"description";s:14:"Send to e-mail";s:4:"type";s:4:"text";}}', 'Send csv log'); + ALTER TABLE `talert_snmp` ADD COLUMN `al_field16` TEXT NOT NULL AFTER `al_field15`; ALTER TABLE `talert_snmp` ADD COLUMN `al_field17` TEXT NOT NULL AFTER `al_field16`; ALTER TABLE `talert_snmp` ADD COLUMN `al_field18` TEXT NOT NULL AFTER `al_field17`; ALTER TABLE `talert_snmp` ADD COLUMN `al_field19` TEXT NOT NULL AFTER `al_field18`; ALTER TABLE `talert_snmp` ADD COLUMN `al_field20` TEXT NOT NULL AFTER `al_field19`; -COMMIT; \ No newline at end of file +COMMIT; diff --git a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql index bc252093fd..6248cdaaf0 100644 --- a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql +++ b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql @@ -2492,6 +2492,7 @@ ALTER TABLE `tnetflow_filter` MODIFY COLUMN `router_ip` text NOT NULL; -- Update table `tuser_task` -- ---------------------------------------------------------------------- UPDATE tuser_task set parameters = 'a:5:{i:0;a:6:{s:11:\"description\";s:28:\"Report pending to be created\";s:5:\"table\";s:7:\"treport\";s:8:\"field_id\";s:9:\"id_report\";s:10:\"field_name\";s:4:\"name\";s:4:\"type\";s:3:\"int\";s:9:\"acl_group\";s:8:\"id_group\";}i:1;a:2:{s:11:\"description\";s:46:\"Send to email addresses (separated by a comma)\";s:4:\"type\";s:4:\"text\";}i:2;a:2:{s:11:\"description\";s:7:\"Subject\";s:8:\"optional\";i:1;}i:3;a:3:{s:11:\"description\";s:7:\"Message\";s:4:\"type\";s:4:\"text\";s:8:\"optional\";i:1;}i:4;a:2:{s:11:\"description\";s:11:\"Report Type\";s:4:\"type\";s:11:\"report_type\";}}' where function_name = "cron_task_generate_report"; +INSERT IGNORE INTO tuser_task VALUES (8, 'cron_task_generate_csv_log', 'a:1:{i:0;a:2:{s:11:"description";s:14:"Send to e-mail";s:4:"type";s:4:"text";}}', 'Send csv log'); -- ---------------------------------------------------------------------- -- ADD message in table 'tnews' diff --git a/pandora_console/godmode/setup/performance.php b/pandora_console/godmode/setup/performance.php index 096defb664..29c61dcf51 100644 --- a/pandora_console/godmode/setup/performance.php +++ b/pandora_console/godmode/setup/performance.php @@ -642,6 +642,16 @@ $table_other->data[13][1] = html_print_input_text( true ); +$table_other->data[14][0] = __('Row limit in csv log'); +$table_other->data[14][1] = html_print_input_text( + 'row_limit_csv', + $config['row_limit_csv'], + '', + 5, + 10, + true +); + echo '
'; echo '
'; diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php index 3edda7e357..4d3665db4d 100644 --- a/pandora_console/include/functions_config.php +++ b/pandora_console/include/functions_config.php @@ -852,6 +852,10 @@ function config_update_config() if (!config_update_value('max_execution_event_response', get_parameter('max_execution_event_response'))) { $error_update[] = __('Max execution event response'); } + + if (!config_update_value('row_limit_csv', get_parameter('row_limit_csv'))) { + $error_update[] = __('Row limit in csv log'); + } break; case 'vis': @@ -1852,6 +1856,10 @@ function config_process_config() config_update_value('max_macro_fields', 10); } + if (!isset($config['row_limit_csv'])) { + config_update_value('row_limit_csv', 10000); + } + if (!isset($config['event_purge'])) { config_update_value('event_purge', 15); } From 909645b4ab42c4e4ca97375f7a8c5e61bc4905a4 Mon Sep 17 00:00:00 2001 From: Marcos Alconada Date: Wed, 2 Dec 2020 10:15:33 +0100 Subject: [PATCH 4/4] fixed visual error alert correlated alerts --- pandora_console/include/styles/wizard.css | 2 -- 1 file changed, 2 deletions(-) diff --git a/pandora_console/include/styles/wizard.css b/pandora_console/include/styles/wizard.css index 0ef0df5ee6..90eec99364 100644 --- a/pandora_console/include/styles/wizard.css +++ b/pandora_console/include/styles/wizard.css @@ -11,10 +11,8 @@ ul.wizard { ul.wizard li { padding-bottom: 10px; padding-top: 10px; - display: flex; flex-direction: row; align-items: center; - justify-content: flex-start; } ul.wizard li > label:not(.p-switch) {