tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 08:45:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Jose Gonzalez 2020-12-02 11:38:22 +01:00
commit f2a94b9aa5
12 changed files with 235 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/extras/mr/43.sql
View File

@ -2,6 +2,8 @@ START TRANSACTION;
ALTER TABLE `tagente_modulo` ADD COLUMN `debug_content` varchar(200); ALTER TABLE `tagente_modulo` ADD COLUMN `debug_content` varchar(200);
INSERT IGNORE INTO tuser_task VALUES (8, 'cron_task_generate_csv_log', 'a:1:{i:0;a:2:{s:11:"description";s:14:"Send to e-mail";s:4:"type";s:4:"text";}}', 'Send csv log');
ALTER TABLE `talert_snmp` ADD COLUMN `al_field16` TEXT NOT NULL AFTER `al_field15`; ALTER TABLE `talert_snmp` ADD COLUMN `al_field16` TEXT NOT NULL AFTER `al_field15`;
ALTER TABLE `talert_snmp` ADD COLUMN `al_field17` TEXT NOT NULL AFTER `al_field16`; ALTER TABLE `talert_snmp` ADD COLUMN `al_field17` TEXT NOT NULL AFTER `al_field16`;
ALTER TABLE `talert_snmp` ADD COLUMN `al_field18` TEXT NOT NULL AFTER `al_field17`; ALTER TABLE `talert_snmp` ADD COLUMN `al_field18` TEXT NOT NULL AFTER `al_field17`;

1
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -2493,6 +2493,7 @@ ALTER TABLE `tnetflow_filter` MODIFY COLUMN `router_ip` text NOT NULL;
-- Update table `tuser_task` -- Update table `tuser_task`
-- ---------------------------------------------------------------------- -- ----------------------------------------------------------------------
UPDATE tuser_task set parameters = 'a:5:{i:0;a:6:{s:11:\"description\";s:28:\"Report pending to be created\";s:5:\"table\";s:7:\"treport\";s:8:\"field_id\";s:9:\"id_report\";s:10:\"field_name\";s:4:\"name\";s:4:\"type\";s:3:\"int\";s:9:\"acl_group\";s:8:\"id_group\";}i:1;a:2:{s:11:\"description\";s:46:\"Send to email addresses (separated by a comma)\";s:4:\"type\";s:4:\"text\";}i:2;a:2:{s:11:\"description\";s:7:\"Subject\";s:8:\"optional\";i:1;}i:3;a:3:{s:11:\"description\";s:7:\"Message\";s:4:\"type\";s:4:\"text\";s:8:\"optional\";i:1;}i:4;a:2:{s:11:\"description\";s:11:\"Report Type\";s:4:\"type\";s:11:\"report_type\";}}' where function_name = "cron_task_generate_report"; UPDATE tuser_task set parameters = 'a:5:{i:0;a:6:{s:11:\"description\";s:28:\"Report pending to be created\";s:5:\"table\";s:7:\"treport\";s:8:\"field_id\";s:9:\"id_report\";s:10:\"field_name\";s:4:\"name\";s:4:\"type\";s:3:\"int\";s:9:\"acl_group\";s:8:\"id_group\";}i:1;a:2:{s:11:\"description\";s:46:\"Send to email addresses (separated by a comma)\";s:4:\"type\";s:4:\"text\";}i:2;a:2:{s:11:\"description\";s:7:\"Subject\";s:8:\"optional\";i:1;}i:3;a:3:{s:11:\"description\";s:7:\"Message\";s:4:\"type\";s:4:\"text\";s:8:\"optional\";i:1;}i:4;a:2:{s:11:\"description\";s:11:\"Report Type\";s:4:\"type\";s:11:\"report_type\";}}' where function_name = "cron_task_generate_report";
INSERT IGNORE INTO tuser_task VALUES (8, 'cron_task_generate_csv_log', 'a:1:{i:0;a:2:{s:11:"description";s:14:"Send to e-mail";s:4:"type";s:4:"text";}}', 'Send csv log');
-- ---------------------------------------------------------------------- -- ----------------------------------------------------------------------
-- ADD message in table 'tnews' -- ADD message in table 'tnews'

10
pandora_console/godmode/setup/performance.php
View File

@ -642,6 +642,16 @@ $table_other->data[13][1] = html_print_input_text(
true true
); );
$table_other->data[14][0] = __('Row limit in csv log');
$table_other->data[14][1] = html_print_input_text(
'row_limit_csv',
$config['row_limit_csv'],
'',
5,
10,
true
);
echo '<form id="form_setup" method="post">'; echo '<form id="form_setup" method="post">';
echo '<fieldset>'; echo '<fieldset>';

6
pandora_console/godmode/users/configure_user.php
View File

@ -759,13 +759,13 @@ if (!users_is_admin() && $config['id_user'] != $id && !$new_user) {
$sql = sprintf( $sql = sprintf(
"SELECT tusuario_perfil.* FROM tusuario_perfil "SELECT tusuario_perfil.* FROM tusuario_perfil
INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0", WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 1",
$id, $config['id_user'],
$group_um_string $group_um_string
); );
$result = db_get_all_rows_sql($sql); $result = db_get_all_rows_sql($sql);
if ($result == false || $user_info['is_admin']) { if ($result == false && $user_info['is_admin'] == false) {
db_pandora_audit( db_pandora_audit(
'ACL Violation', 'ACL Violation',
'Trying to access User Management' 'Trying to access User Management'

10
pandora_console/godmode/users/user_list.php
View File

@ -491,12 +491,6 @@ foreach ($info as $user_id => $user_info) {
foreach ($group_um as $key => $value) { foreach ($group_um as $key => $value) {
if (isset($user_profiles_aux[$key])) { if (isset($user_profiles_aux[$key])) {
$user_profiles[$key] = $user_profiles_aux[$key]; $user_profiles[$key] = $user_profiles_aux[$key];
if ($user_profiles_aux[$key]['user_management'] == 1) {
$user_info['edit'] = 0;
} else {
$user_info['edit'] = 1;
}
unset($user_profiles_aux[$key]); unset($user_profiles_aux[$key]);
} }
} }
@ -594,6 +588,10 @@ foreach ($info as $user_id => $user_info) {
$total_profile++; $total_profile++;
} }
if (isset($user_info['not_delete'])) {
$data[4] .= __('Other profiles are also assigned.').ui_print_help_tip(__('Other profiles you cannot manage are also assigned. These profiles are not shown. You cannot enable/disable or delete this user.'), true);
}
$data[4] .= '</div>'; $data[4] .= '</div>';
} else { } else {
$data[4] .= __('The user doesn\'t have any assigned profile/group'); $data[4] .= __('The user doesn\'t have any assigned profile/group');

16
pandora_console/include/class/NetworkMap.class.php
View File

@ -2890,14 +2890,12 @@ class NetworkMap
$list_networkmaps = []; $list_networkmaps = [];
} }
$output .= '<div id="open_version_dialog" style="display: none;">'; $id = 'dialog_node_edit';
$output .= __( if (!enterprise_installed()) {
'In the Open version of %s can not be edited nodes or map', $id = 'open_version_dialog';
get_product_name() }
);
$output .= '</div>';
$output .= '<div id="dialog_node_edit" style="display: none;" title="'; $output .= '<div id="'.$id.'" style="display: none;" title="';
$output .= __('Edit node').'">'; $output .= __('Edit node').'">';
$output .= '<div style="text-align: left; width: 100%;">'; $output .= '<div style="text-align: left; width: 100%;">';
@ -3016,6 +3014,7 @@ class NetworkMap
true true
); );
if (enterprise_installed()) {
$output .= ui_toggle( $output .= ui_toggle(
html_print_table($table, true), html_print_table($table, true),
__('Node options'), __('Node options'),
@ -3024,6 +3023,7 @@ class NetworkMap
true, true,
true true
); );
}
$table = new StdClass(); $table = new StdClass();
$table->id = 'relations_table'; $table->id = 'relations_table';
@ -3077,6 +3077,7 @@ class NetworkMap
true true
); );
if (enterprise_installed()) {
$output .= ui_toggle( $output .= ui_toggle(
html_print_table($table, true), html_print_table($table, true),
__('Relations'), __('Relations'),
@ -3085,6 +3086,7 @@ class NetworkMap
true, true,
true true
); );
}
$output .= '</div></div>'; $output .= '</div></div>';

8
pandora_console/include/functions_config.php
View File

@ -852,6 +852,10 @@ function config_update_config()
if (!config_update_value('max_execution_event_response', get_parameter('max_execution_event_response'))) { if (!config_update_value('max_execution_event_response', get_parameter('max_execution_event_response'))) {
$error_update[] = __('Max execution event response'); $error_update[] = __('Max execution event response');
} }
if (!config_update_value('row_limit_csv', get_parameter('row_limit_csv'))) {
$error_update[] = __('Row limit in csv log');
}
break; break;
case 'vis': case 'vis':
@ -1852,6 +1856,10 @@ function config_process_config()
config_update_value('max_macro_fields', 10); config_update_value('max_macro_fields', 10);
} }
if (!isset($config['row_limit_csv'])) {
config_update_value('row_limit_csv', 10000);
}
if (!isset($config['event_purge'])) { if (!isset($config['event_purge'])) {
config_update_value('event_purge', 15); config_update_value('event_purge', 15);
} }

2
pandora_console/include/functions_profile.php
View File

@ -234,7 +234,7 @@ function profile_print_profile_table($id)
$sql = sprintf( $sql = sprintf(
"SELECT tusuario_perfil.* FROM tusuario_perfil "SELECT tusuario_perfil.* FROM tusuario_perfil
INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0", WHERE id_usuario like '%s' AND id_grupo IN (%s)",
$id, $id,
$group_um_string $group_um_string
); );

5
pandora_console/include/functions_users.php
View File

@ -752,6 +752,11 @@ function users_get_groups_UM($id_user)
foreach ($groups as $key => $group) { foreach ($groups as $key => $group) {
if (!isset($return[$group['id_grupo']]) || (isset($return[$group['id_grupo']]) && $group['user_management'] != 0)) { if (!isset($return[$group['id_grupo']]) || (isset($return[$group['id_grupo']]) && $group['user_management'] != 0)) {
$return[$group['id_grupo']] = $group['user_management']; $return[$group['id_grupo']] = $group['user_management'];
$children = groups_get_children($group['id_grupo'], false, 'UM', false);
foreach ($children as $key => $child_group) {
$return[$child_group['id_grupo']] = $group['user_management'];
}
if ($group['id_grupo'] == '0') { if ($group['id_grupo'] == '0') {
$return['group_all'] = $group['id_grupo']; $return['group_all'] = $group['id_grupo'];
} }

55
pandora_console/include/javascript/functions_pandora_networkmap.js
View File

@ -771,7 +771,6 @@ function move_to_networkmap(node) {
} }
function edit_node(data_node, dblClick) { function edit_node(data_node, dblClick) {
if (enterprise_installed) {
var flag_edit_node = true; var flag_edit_node = true;
var edit_node = null; var edit_node = null;
@ -805,9 +804,10 @@ function edit_node(data_node, dblClick) {
var node_selected = graph.nodes[index_node]; var node_selected = graph.nodes[index_node];
var selected_links = get_relations(node_selected); var selected_links = get_relations(node_selected);
$( $("select[name='shape'] option[value='" + node_selected.shape + "']").prop(
"select[name='shape'] option[value='" + node_selected.shape + "']" "selected",
).prop("selected", true); true
);
$("select[name='shape']").attr( $("select[name='shape']").attr(
"onchange", "onchange",
"javascript: change_shape(" + node_selected.id_db + ");" "javascript: change_shape(" + node_selected.id_db + ");"
@ -827,6 +827,10 @@ function edit_node(data_node, dblClick) {
params.push("id_agent=" + node_selected["id_agent"]); params.push("id_agent=" + node_selected["id_agent"]);
params.push("page=enterprise/operation/agentes/pandora_networkmap.view"); params.push("page=enterprise/operation/agentes/pandora_networkmap.view");
if (!enterprise_installed) {
params.push("page=operation/agentes/pandora_networkmap.view");
}
jQuery.ajax({ jQuery.ajax({
data: params.join("&"), data: params.join("&"),
dataType: "json", dataType: "json",
@ -871,12 +875,10 @@ function edit_node(data_node, dblClick) {
$("#dialog_node_edit").dialog( $("#dialog_node_edit").dialog(
"option", "option",
"title", "title",
dialog_node_edit_title.replace( dialog_node_edit_title.replace("%s", ellipsize(node_selected["text"], 40))
"%s",
ellipsize(node_selected["text"], 40)
)
); // It doesn't eval the possible XSS so it's ok ); // It doesn't eval the possible XSS so it's ok
$("#dialog_node_edit").dialog("open"); $("#dialog_node_edit").dialog("open");
$("#open_version_dialog").dialog();
if (node_selected.id_agent == undefined || node_selected.type == 3) { if (node_selected.id_agent == undefined || node_selected.type == 3) {
//Fictional node //Fictional node
@ -890,10 +892,7 @@ function edit_node(data_node, dblClick) {
} else { } else {
$("input[name='edit_name_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok $("input[name='edit_name_node']").val(node_selected.text); // It doesn't eval the possible XSS so it's ok
$("#node_options-fictional_node_name").css("display", "none"); $("#node_options-fictional_node_name").css("display", "none");
$("#node_options-fictional_node_networkmap_link").css( $("#node_options-fictional_node_networkmap_link").css("display", "none");
"display",
"none"
);
$("#node_options-fictional_node_update_button").css("display", "none"); $("#node_options-fictional_node_update_button").css("display", "none");
$("#node_options-node_name").css("display", ""); $("#node_options-node_name").css("display", "");
} }
@ -905,7 +904,6 @@ function edit_node(data_node, dblClick) {
$("#relations_table-no_relations").css("display", ""); $("#relations_table-no_relations").css("display", "");
} }
} }
}
function get_interface_data_to_table(node_selected, selected_links) { function get_interface_data_to_table(node_selected, selected_links) {
$("#interface_information") $("#interface_information")
@ -2871,18 +2869,35 @@ function init_drag_and_drop() {
}); });
}); });
} else { } else {
var params = [];
params.push("update_node_alert=1");
params.push("map_id=" + networkmap_id);
params.push("page=operation/agentes/pandora_networkmap.view");
jQuery.ajax({ jQuery.ajax({
data: params.join("&"),
dataType: "json", dataType: "json",
type: "POST", type: "POST",
url: window.base_url_homedir + "/ajax.php", url: window.base_url_homedir + "/ajax.php",
data: {
node: JSON.stringify(d),
update_node: 1,
page: "operation/agentes/pandora_networkmap.view"
},
success: function(data) { success: function(data) {
if (data["correct"]) { if (d.state == "holding_area") {
$("#open_version_dialog").dialog(); //It is out the holding area
if (data["state"] == "") {
//Remove the style of nodes and links
//in holding area
d3.select("#id_node_" + d.id + networkmap_id).classed(
"holding_area",
false
);
d3.select(".source_" + d.id + networkmap_id).classed(
"holding_area_link",
false
);
d3.select(".target_" + d.id + networkmap_id).classed(
"holding_area_link",
false
);
graph.nodes[d.id].state = "";
}
} }
} }
}); });

2
pandora_console/include/styles/wizard.css
View File

@ -11,10 +11,8 @@ ul.wizard {
ul.wizard li { ul.wizard li {
padding-bottom: 10px; padding-bottom: 10px;
padding-top: 10px; padding-top: 10px;
display: flex;
flex-direction: row; flex-direction: row;
align-items: center; align-items: center;
justify-content: flex-start;
} }
ul.wizard li > label:not(.p-switch) { ul.wizard li > label:not(.p-switch) {

26
pandora_console/operation/agentes/pandora_networkmap.view.php
View File

@ -53,6 +53,32 @@ if (is_ajax()) {
$module_get_status = (bool) get_parameter('module_get_status', false); $module_get_status = (bool) get_parameter('module_get_status', false);
$update_node_alert = (bool) get_parameter('update_node_alert', false); $update_node_alert = (bool) get_parameter('update_node_alert', false);
$process_migration = (bool) get_parameter('process_migration', false); $process_migration = (bool) get_parameter('process_migration', false);
$get_agent_info = (bool) get_parameter('get_agent_info', false);
$update_node = (bool) get_parameter('update_node', false);
if ($update_node) {
$node_json = io_safe_output(get_parameter('node', ''));
$node = json_decode($node_json, true);
echo json_encode($node);
return;
}
if ($get_agent_info) {
$id_agent = (int) get_parameter('id_agent');
$return = [];
$return['alias'] = agents_get_alias($id_agent);
$return['adressess'] = agents_get_addresses($id_agent);
$id_group = agents_get_agent_group($id_agent);
$return['group'] = db_get_value('nombre', 'tgrupo', 'id_grupo', $id_group);
$id_os = agents_get_os($id_agent);
$return['os'] = ui_print_os_icon($id_os, true, true);
echo json_encode($return);
return;
}
if ($module_get_status) { if ($module_get_status) {
$id = (int) get_parameter('id', 0); $id = (int) get_parameter('id', 0);