tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop' into ent-6126-add-csv-json-save-to-disk-console-task

This commit is contained in:
Luis Calvo 2021-01-27 09:25:12 +01:00
parent 954c12646b 096bcd1ed3
commit f2addc837a
141 changed files with 1558 additions and 694 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.gitignore vendored
View File

@ -1 +1,11 @@
pandora_console/attachment/agents
.vstags
MYMETA.json
MYMETA.yml
.vscode
.vscode*
.vstags
**/blib
**/PandoraFMS-Enterprise/Makefile
**/PandoraFMS-Enterprise/pm_to_blib
**/pandora_console/attachment/cache
**/pandora_console/attachment/agents

23
extras/docker/centos8/base/Dockerfile
View File

@ -9,7 +9,7 @@ RUN dnf install -y --setopt=tsflags=nodocs \
http://rpms.remirepo.net/enterprise/remi-release-8.rpm
RUN dnf module reset -y php && dnf module install -y php:remi-7.3
RUN dnf config-manager --set-enabled PowerTools
RUN dnf config-manager --set-enabled powertools
# Install console
RUN dnf install -y --setopt=tsflags=nodocs \
@ -88,7 +88,7 @@ RUN dnf install -y --setopt=tsflags=nodocs \
xorg-x11-fonts-75dpi \
xorg-x11-fonts-misc \
poppler-data \
php-yaml; yum clean all
php-yaml
RUN mkdir -p /run/php-fpm/ ; chown -R root:apache /run/php-fpm/
# not installed perl-Net-Telnet gtk-update-icon-cach ghostscript-fonts
@ -242,16 +242,31 @@ RUN dnf install -y --setopt=tsflags=nodocs \
perl-DBD-MySQL \
perl-DBI \
initscripts \
vim \
fping \
perl-IO-Compress \
perl-Time-HiRes \
perl-Math-Complex \
libnsl \
mysql \
java \
net-snmp-utils \
net-tools \
nmap-ncat \
nmap \
net-snmp-utils \
sudo \
http://firefly.artica.es/centos8/perl-Net-Telnet-3.04-1.el8.noarch.rpm \
http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/wmi-1.3.14-4.el7.art.x86_64.rpm
http://firefly.artica.es/centos8/wmi-1.3.14-4.el7.art.x86_64.rpm
# install utils
RUN dnf install -y supervisor crontabs http://firefly.artica.es/centos8/phantomjs-2.1.1-1.el7.x86_64.rpm --setopt=tsflags=nodocs
# SDK VMware perl dependencies
RUN dnf install -y http://firefly.artica.es/centos8/perl-Crypt-OpenSSL-AES-0.02-1.el8.x86_64.rpm http://firefly.artica.es/centos8/perl-Crypt-SSLeay-0.73_07-1.gf.el8.x86_64.rpm perl-Net-HTTP perl-libwww-perl openssl-devel perl-Crypt-CBC perl-Bytes-Random-Secure perl-Crypt-Random-Seed perl-Math-Random-ISAAC perl-JSON http://firefly.artica.es/centos8/VMware-vSphere-Perl-SDK-6.5.0-4566394.x86_64.rpm
# Instant client Oracle
RUN dnf install -y https://download.oracle.com/otn_software/linux/instantclient/19800/oracle-instantclient19.8-basic-19.8.0.0.0-1.x86_64.rpm https://download.oracle.com/otn_software/linux/instantclient/19800/oracle-instantclient19.8-sqlplus-19.8.0.0.0-1.x86_64.rpm
RUN dnf install -y supervisor crontabs mysql http://firefly.artica.es/centos8/phantomjs-2.1.1-1.el7.x86_64.rpm --setopt=tsflags=nodocs
RUN dnf install -y supervisor crontabs http://firefly.artica.es/centos8/phantomjs-2.1.1-1.el7.x86_64.rpm --setopt=tsflags=nodocs
EXPOSE 80 443 41121 162/udp

4
extras/docker/centos8/build_image_el8.sh
View File

@ -64,6 +64,7 @@ wget $oconsoleurl
wget $oserverurl
if [ "$BASEBUILD" == 1 ] ; then
docker pull centos:8
# Open Base image
echo "building Base el8 image"
cd $DOCKER_PATH/base
@ -71,9 +72,12 @@ if [ "$BASEBUILD" == 1 ] ; then
echo "Taging Open stack el8 latest image before upload"
docker tag $OBASE_IMAGE:$VERSION $OBASE_IMAGE:latest
echo -e ">>>> \n"
else
docker pull pandorafms/pandorafms-open-base-el8
fi
if [ "$DBBUILD" == 1 ] ; then
docker pull percona:5.7
# Percona image
echo "building Percona image"
cd $OPEN/extras/docker/percona

2
pandora_agents/pc/AIX/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, AIX version
# Version 7.0NG.752, AIX version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/pc/FreeBSD/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, FreeBSD Version
# Version 7.0NG.752, FreeBSD Version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/pc/HP-UX/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, HP-UX Version
# Version 7.0NG.752, HP-UX Version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/pc/Linux/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, GNU/Linux
# Version 7.0NG.752, GNU/Linux
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/pc/NT4/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, GNU/Linux
# Version 7.0NG.752, GNU/Linux
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/pc/SunOS/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, Solaris Version
# Version 7.0NG.752, Solaris Version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/pc/Win32/pandora_agent.conf
View File

@ -1,6 +1,6 @@
# Base config file for Pandora FMS Windows Agent
# (c) 2006-2021 Artica Soluciones Tecnologicas
# Version 7.0NG.751
# Version 7.0NG.752
# This program is Free Software, you can redistribute it and/or modify it
# under the terms of the GNU General Public Licence as published by the Free Software
# Foundation; either version 2 of the Licence or any later version

2
pandora_agents/shellscript/aix/pandora_agent.conf
View File

@ -1,6 +1,6 @@
# Fichero de configuracion base de agentes de Pandora
# Base config file for Pandora agents
# Version 7.0NG.751, AIX version
# Version 7.0NG.752, AIX version
# General Parameters
# ==================

2
pandora_agents/shellscript/bsd-ipso/pandora_agent.conf
View File

@ -1,6 +1,6 @@
# Fichero de configuracion base de agentes de Pandora
# Base config file for Pandora agents
# Version 7.0NG.751
# Version 7.0NG.752
# FreeBSD/IPSO version
# Licenced under GPL licence, 2003-2007 Sancho Lerena

2
pandora_agents/shellscript/hp-ux/pandora_agent.conf
View File

@ -1,6 +1,6 @@
# Fichero de configuracion base de agentes de Pandora
# Base config file for Pandora agents
# Version 7.0NG.751, HPUX Version
# Version 7.0NG.752, HPUX Version
# General Parameters
# ==================

2
pandora_agents/shellscript/linux/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751
# Version 7.0NG.752
# Licensed under GPL license v2,
# (c) 2003-2021 Artica Soluciones Tecnologicas
# please visit http://pandora.sourceforge.net

2
pandora_agents/shellscript/mac_osx/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751
# Version 7.0NG.752
# Licensed under GPL license v2,
# (c) 2003-2021 Artica Soluciones Tecnologicas
# please visit http://pandora.sourceforge.net

2
pandora_agents/shellscript/openWRT/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751
# Version 7.0NG.752
# Licensed under GPL license v2,
# please visit http://pandora.sourceforge.net

2
pandora_agents/shellscript/solaris/pandora_agent.conf
View File

@ -1,6 +1,6 @@
# Fichero de configuracion base de agentes de Pandora
# Base config file for Pandora agents
# Version 7.0NG.751, Solaris version
# Version 7.0NG.752, Solaris version
# General Parameters
# ==================

2
pandora_agents/unix/AIX/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, AIX version
# Version 7.0NG.752, AIX version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/unix/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-agent-unix
Version: 7.0NG.751-210122
Version: 7.0NG.752-210127
Architecture: all
Priority: optional
Section: admin

2
pandora_agents/unix/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.751-210122"
pandora_version="7.0NG.752-210127"
echo "Test if you has the tools for to make the packages."
whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null

2
pandora_agents/unix/Darwin/dmg/build_darwin_dmg.sh
View File

@ -24,7 +24,7 @@ fi
if [ "$#" -ge 2 ]; then
VERSION="$2"
else
VERSION="7.0NG.751"
VERSION="7.0NG.752"
fi
# Path for the generated DMG file

4
pandora_agents/unix/Darwin/dmg/extras/distribution.xml
View File

@ -19,11 +19,11 @@
<choice id="com.pandorafms.pandorafms_src" visible="false">
<pkg-ref id="com.pandorafms.pandorafms_src"/>
</choice>
<pkg-ref id="com.pandorafms.pandorafms_src" version="7.0NG.751" onConclusion="none">pandorafms_src.pdk</pkg-ref>
<pkg-ref id="com.pandorafms.pandorafms_src" version="7.0NG.752" onConclusion="none">pandorafms_src.pdk</pkg-ref>
<choice id="com.pandorafms.pandorafms_uninstall" visible="true" customLocation="/Applications">
<pkg-ref id="com.pandorafms.pandorafms_uninstall"/>
</choice>
<pkg-ref id="com.pandorafms.pandorafms_uninstall" version="7.0NG.751" onConclusion="none">pandorafms_uninstall.pdk</pkg-ref>
<pkg-ref id="com.pandorafms.pandorafms_uninstall" version="7.0NG.752" onConclusion="none">pandorafms_uninstall.pdk</pkg-ref>
<!-- <installation-check script="check()" />
<script>
<![CDATA[

6
pandora_agents/unix/Darwin/dmg/files/pandorafms_uninstall/PandoraFMS agent uninstaller.app/Contents/Info.plist
View File

@ -5,9 +5,9 @@
<key>CFBundleIconFile</key> <string>pandorafms.icns</string>
<key>CFBundleIdentifier</key> <string>com.pandorafms.pandorafms_uninstall</string>
<key>CFBundleVersion</key> <string>7.0NG.751</string>
<key>CFBundleGetInfoString</key> <string>7.0NG.751 Pandora FMS Agent uninstaller for MacOS by Artica ST on Aug 2020</string>
<key>CFBundleShortVersionString</key> <string>7.0NG.751</string>
<key>CFBundleVersion</key> <string>7.0NG.752</string>
<key>CFBundleGetInfoString</key> <string>7.0NG.752 Pandora FMS Agent uninstaller for MacOS by Artica ST on Aug 2020</string>
<key>CFBundleShortVersionString</key> <string>7.0NG.752</string>
<key>NSPrincipalClass</key><string>NSApplication</string>
<key>NSMainNibFile</key><string>MainMenu</string>

2
pandora_agents/unix/Darwin/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, GNU/Linux
# Version 7.0NG.752, GNU/Linux
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/unix/FreeBSD/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, FreeBSD Version
# Version 7.0NG.752, FreeBSD Version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/unix/HP-UX/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, HP-UX Version
# Version 7.0NG.752, HP-UX Version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/unix/Linux/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, GNU/Linux
# Version 7.0NG.752, GNU/Linux
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/unix/NT4/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, GNU/Linux
# Version 7.0NG.752, GNU/Linux
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/unix/NetBSD/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, NetBSD Version
# Version 7.0NG.752, NetBSD Version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

2
pandora_agents/unix/SunOS/pandora_agent.conf
View File

@ -1,5 +1,5 @@
# Base config file for Pandora FMS agents
# Version 7.0NG.751, Solaris Version
# Version 7.0NG.752, Solaris Version
# Licensed under GPL license v2,
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com

4
pandora_agents/unix/pandora_agent
View File

@ -1015,8 +1015,8 @@ my $Sem = undef;
# Semaphore used to control the number of threads
my $ThreadSem = undef;
use constant AGENT_VERSION => '7.0NG.751';
use constant AGENT_BUILD => '210122';
use constant AGENT_VERSION => '7.0NG.752';
use constant AGENT_BUILD => '210127';
# Agent log default file size maximum and instances
use constant DEFAULT_MAX_LOG_SIZE => 600000;

4
pandora_agents/unix/pandora_agent.redhat.spec
View File

@ -2,8 +2,8 @@
#Pandora FMS Linux Agent
#
%define name pandorafms_agent_unix
%define version 7.0NG.751
%define release 210122
%define version 7.0NG.752
%define release 210127
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

4
pandora_agents/unix/pandora_agent.spec
View File

@ -2,8 +2,8 @@
#Pandora FMS Linux Agent
#
%define name pandorafms_agent_unix
%define version 7.0NG.751
%define release 210122
%define version 7.0NG.752
%define release 210127
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

4
pandora_agents/unix/pandora_agent_installer
View File

@ -9,8 +9,8 @@
# Please see http://www.pandorafms.org. This code is licensed under GPL 2.0 license.
# **********************************************************************
PI_VERSION="7.0NG.751"
PI_BUILD="210122"
PI_VERSION="7.0NG.752"
PI_BUILD="210127"
OS_NAME=`uname -s`
FORCE=0

2
pandora_agents/win32/bin/pandora_agent.conf
View File

@ -1,6 +1,6 @@
# Base config file for Pandora FMS Windows Agent
# (c) 2006-2021 Artica Soluciones Tecnologicas
# Version 7.0NG.751
# Version 7.0NG.752
# This program is Free Software, you can redistribute it and/or modify it
# under the terms of the GNU General Public Licence as published by the Free Software
# Foundation; either version 2 of the Licence or any later version

4
pandora_agents/win32/installer/pandora.mpi
View File

@ -3,7 +3,7 @@ AllowLanguageSelection
{Yes}
AppName
{Pandora FMS Windows Agent v7.0NG.751}
{Pandora FMS Windows Agent v7.0NG.752}
ApplicationID
{17E3D2CF-CA02-406B-8A80-9D31C17BD08F}
@ -186,7 +186,7 @@ UpgradeApplicationID
{}
Version
{210122}
{210127}
ViewReadme
{Yes}

2
pandora_agents/win32/pandora.cc
View File

@ -30,7 +30,7 @@ using namespace Pandora;
using namespace Pandora_Strutils;
#define PATH_SIZE _MAX_PATH+1
#define PANDORA_VERSION ("7.0NG.751(Build 210122)")
#define PANDORA_VERSION ("7.0NG.752(Build 210127)")
string pandora_path;
string pandora_dir;

2
pandora_agents/win32/versioninfo.rc
View File

@ -11,7 +11,7 @@ BEGIN
VALUE "LegalCopyright", "Artica ST"
VALUE "OriginalFilename", "PandoraAgent.exe"
VALUE "ProductName", "Pandora FMS Windows Agent"
VALUE "ProductVersion", "(7.0NG.751(Build 210122))"
VALUE "ProductVersion", "(7.0NG.752(Build 210127))"
VALUE "FileVersion", "1.0.0.0"
END
END

2
pandora_console/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-console
Version: 7.0NG.751-210122
Version: 7.0NG.752-210127
Architecture: all
Priority: optional
Section: admin

2
pandora_console/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.751-210122"
pandora_version="7.0NG.752-210127"
package_pear=0
package_pandora=1

18
pandora_console/extensions/quick_shell.php
View File

@ -94,12 +94,23 @@ function quickShell()
config_update_value('gotty_ssh_port', 8081);
}
// Context to allow self-signed certs.
$context = stream_context_create(
[
'http' => [ 'method' => 'GET'],
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
],
]
);
// Username. Retrieve from form.
if (empty($username) === true) {
// No username provided, ask for it.
$wiz = new Wizard();
$test = file_get_contents($ws_url);
$test = file_get_contents($ws_url, false, $context);
if ($test === false) {
ui_print_error_message(__('WebService engine has not been started, please check documentation.'));
$wiz->printForm(
@ -197,8 +208,9 @@ function quickShell()
return;
}
// If rediretion is enabled, we will try to connect to http:// or https:// endpoint.
$test = get_headers($ws_url);
// If rediretion is enabled, we will try to connect using
// http:// or https:// endpoint.
$test = get_headers($ws_url, null, $context);
if ($test === false) {
if (empty($wiz) === true) {
$wiz = new Wizard();

49
pandora_console/extensions/users_connected.php
View File

@ -36,27 +36,50 @@ function users_extension_main_god($god=true)
// Header
ui_print_page_header(__('Users connected'), $image, false, '', $god);
// Get user conected last 5 minutes
// Get groups user has permission
$group_um = users_get_groups_UM($config['id_user']);
// Is admin or has group permissions all.
$groups = implode(',', array_keys($group_um, 1));
// Get user conected last 5 minutes.Show only those on which the user has permission.
switch ($config['dbtype']) {
case 'mysql':
$sql = 'SELECT id_user, last_connect
FROM tusuario
WHERE last_connect > (UNIX_TIMESTAMP(NOW()) - '.SECONDS_5MINUTES.')
ORDER BY last_connect DESC';
$sql = sprintf(
'SELECT tusuario.id_user, tusuario.last_connect
FROM tusuario
INNER JOIN tusuario_perfil ON tusuario_perfil.id_usuario = tusuario.id_user
AND tusuario_perfil.id_grupo IN (%s)
WHERE last_connect > (UNIX_TIMESTAMP(NOW()) - '.SECONDS_5MINUTES.')
GROUP BY tusuario.id_user
ORDER BY last_connect DESC',
$groups
);
break;
case 'postgresql':
$sql = "SELECT id_user, last_connect
FROM tusuario
WHERE last_connect > (ceil(date_part('epoch', CURRENT_TIMESTAMP)) - ".SECONDS_5MINUTES.')
ORDER BY last_connect DESC';
$sql = sprintf(
"SELECT tusuario.id_user, tusuario.last_connect
FROM tusuario
INNER JOIN tusuario_perfil ON tusuario_perfil.id_usuario = tusuario.id_user
AND tusuario_perfil.id_grupo IN (%s)
WHERE last_connect > (ceil(date_part('epoch', CURRENT_TIMESTAMP)) - ".SECONDS_5MINUTES.')
GROUP BY tusuario.id_user
ORDER BY last_connect DESC',
$groups
);
break;
case 'oracle':
$sql = "SELECT id_user, last_connect
FROM tusuario
WHERE last_connect > (ceil((sysdate - to_date('19700101000000','YYYYMMDDHH24MISS')) * (".SECONDS_1DAY.')) - '.SECONDS_5MINUTES.')
ORDER BY last_connect DESC';
$sql = sprintf(
"SELECT tusuario.id_user, tusuario.last_connect
FROM tusuario
INNER JOIN tusuario_perfil ON tusuario_perfil.id_usuario = tusuario.id_user
AND tusuario_perfil.id_grupo IN (%s)
WHERE last_connect > (ceil((sysdate - to_date('19700101000000','YYYYMMDDHH24MISS')) * (".SECONDS_1DAY.')) - '.SECONDS_5MINUTES.')
GROUP BY tusuario.id_user
ORDER BY last_connect DESC',
$groups
);
break;
}

7
pandora_console/extras/mr/44.sql
View File

@ -131,6 +131,8 @@ ADD COLUMN `field16` TEXT NOT NULL AFTER `field15`
,ADD COLUMN `field19_recovery` TEXT NOT NULL AFTER `field18_recovery`
,ADD COLUMN `field20_recovery` TEXT NOT NULL AFTER `field19_recovery`;
UPDATE `trecon_script` SET `description`='Specific&#x20;Pandora&#x20;FMS&#x20;Intel&#x20;DCM&#x20;Discovery&#x20;&#40;c&#41;&#x20;Artica&#x20;ST&#x20;2011&#x20;&lt;info@artica.es&gt;&#x0d;&#x0a;&#x0d;&#x0a;Usage:&#x20;./ipmi-recon.pl&#x20;&lt;task_id&gt;&#x20;&lt;group_id&gt;&#x20;&lt;custom_field1&gt;&#x20;&lt;custom_field2&gt;&#x20;&lt;custom_field3&gt;&#x20;&lt;custom_field4&gt;&#x0d;&#x0a;&#x0d;&#x0a;*&#x20;custom_field1&#x20;=&#x20;Network&#x20;i.e.:&#x20;192.168.100.0/24&#x0d;&#x0a;*&#x20;custom_field2&#x20;=&#x20;Username&#x0d;&#x0a;*&#x20;custom_field3&#x20;=&#x20;Password&#x0d;&#x0a;*&#x20;custom_field4&#x20;=&#x20;Additional&#x20;parameters&#x20;i.e.:&#x20;-D&#x20;LAN_2_0' WHERE `name`='IPMI&#x20;Recon';
ALTER TABLE `trecon_task` MODIFY COLUMN `review_mode` TINYINT(1) UNSIGNED DEFAULT 1;
DELETE FROM `tuser_task` WHERE id = 6;
@ -148,4 +150,7 @@ UPDATE `tuser_task_scheduled` SET
`args`= REPLACE(`args`, 's:15:"first_execution"', 'i:2;s:0:"";i:3;s:3:"XML";s:15:"first_execution"')
WHERE `id_user_task` = 6;
COMMIT;
COMMIT;
ALTER TABLE `ttag` MODIFY COLUMN `name` text NOT NULL default '';
COMMIT;

2
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -1402,6 +1402,7 @@ ALTER TABLE `tmap` MODIFY COLUMN `id_user` varchar(250) NOT NULL DEFAULT '';
-- Table `ttag`
-- ---------------------------------------------------------------------
ALTER TABLE `ttag` ADD COLUMN `previous_name` text NULL;
ALTER TABLE `ttag` MODIFY COLUMN `name` text NOT NULL default '';
-- ---------------------------------------------------------------------
-- Table `tconfig`
@ -2697,6 +2698,7 @@ CREATE TABLE `tremote_command_target` (
-- Table `trecon_script`
-- ---------------------------------------------------------------------
ALTER TABLE `trecon_script` ADD COLUMN `type` int(11) NOT NULL DEFAULT '0';
UPDATE `trecon_script` SET `description`='Specific&#x20;Pandora&#x20;FMS&#x20;Intel&#x20;DCM&#x20;Discovery&#x20;&#40;c&#41;&#x20;Artica&#x20;ST&#x20;2011&#x20;&lt;info@artica.es&gt;&#x0d;&#x0a;&#x0d;&#x0a;Usage:&#x20;./ipmi-recon.pl&#x20;&lt;task_id&gt;&#x20;&lt;group_id&gt;&#x20;&lt;custom_field1&gt;&#x20;&lt;custom_field2&gt;&#x20;&lt;custom_field3&gt;&#x20;&lt;custom_field4&gt;&#x0d;&#x0a;&#x0d;&#x0a;*&#x20;custom_field1&#x20;=&#x20;Network&#x20;i.e.:&#x20;192.168.100.0/24&#x0d;&#x0a;*&#x20;custom_field2&#x20;=&#x20;Username&#x0d;&#x0a;*&#x20;custom_field3&#x20;=&#x20;Password&#x0d;&#x0a;*&#x20;custom_field4&#x20;=&#x20;Additional&#x20;parameters&#x20;i.e.:&#x20;-D&#x20;LAN_2_0' WHERE `name`='IPMI&#x20;Recon';
-- ---------------------------------------------------------------------
-- Table `tusuario_perfil`

40
pandora_console/godmode/agentes/planned_downtime.editor.php
View File

@ -143,16 +143,29 @@ $user_groups_ad = array_keys(
users_get_groups($config['id_user'], $access)
);
// Check AD permission on downtime.
$downtime_group = db_get_value(
'id_group',
'tplanned_downtime',
'id',
$id_downtime
);
if ($id_downtime > 0) {
if (!check_acl_restricted_all($config['id_user'], $downtime_group, 'AW')
&& !check_acl_restricted_all($config['id_user'], $downtime_group, 'AD')
) {
db_pandora_audit(
'ACL Violation',
'Trying to access downtime scheduler'
);
include 'general/noaccess.php';
return;
}
}
// INSERT A NEW DOWNTIME_AGENT ASSOCIATION.
if ($insert_downtime_agent === 1) {
// Check AD permission on downtime.
$downtime_group = db_get_value(
'id_group',
'tplanned_downtime',
'id',
$id_downtime
);
if ($downtime_group === false
|| !in_array($downtime_group, $user_groups_ad)
) {
@ -644,11 +657,20 @@ $table->data[0][1] = html_print_input_text(
true,
$disabled_in_execution
);
$return_all_group = false;
if (users_can_manage_group_all('AW') === true
|| users_can_manage_group_all('AD') === true
) {
$return_all_group = true;
}
$table->data[1][0] = __('Group');
$table->data[1][1] = '<div class="w250px">'.html_print_select_groups(
false,
$access,
true,
$return_all_group,
'id_group',
$id_group,
'',

38
pandora_console/godmode/agentes/planned_downtime.list.php
View File

@ -476,22 +476,42 @@ else {
if (in_array($downtime['id_group'], $groupsAD)) {
// Stop button
if ($downtime['type_execution'] == 'once' && $downtime['executed'] == 1) {
$data['stop'] = '<a href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.list'.'&stop_downtime=1&id_downtime='.$downtime['id'].'&'.$filter_params_str.'">'.html_print_image('images/cancel.png', true, ['title' => __('Stop downtime')]);
if (check_acl_restricted_all($config['id_user'], $downtime['id_group'], 'AW')
|| check_acl_restricted_all($config['id_user'], $downtime['id_group'], 'AD')
) {
$data['stop'] = '<a href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.list'.'&stop_downtime=1&id_downtime='.$downtime['id'].'&'.$filter_params_str.'">'.html_print_image('images/cancel.png', true, ['title' => __('Stop downtime')]);
} else {
$data['stop'] = html_print_image('images/cancel.png', true, ['title' => __('Stop downtime')]);
}
} else {
$data['stop'] = '';
}
// Edit & delete buttons.
if ($downtime['executed'] == 0) {
// Edit.
$data['edit'] = '<a href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.editor&edit_downtime=1&id_downtime='.$downtime['id'].'">'.html_print_image('images/config.png', true, ['title' => __('Update')]).'</a>';
// Delete.
$data['delete'] = '<a id="delete_downtime" href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.list'.'&delete_downtime=1&id_downtime='.$downtime['id'].'&'.$filter_params_str.'">'.html_print_image('images/cross.png', true, ['title' => __('Delete')]);
if (check_acl_restricted_all($config['id_user'], $downtime['id_group'], 'AW')
|| check_acl_restricted_all($config['id_user'], $downtime['id_group'], 'AD')
) {
// Edit.
$data['edit'] = '<a href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.editor&edit_downtime=1&id_downtime='.$downtime['id'].'">'.html_print_image('images/config.png', true, ['title' => __('Update')]).'</a>';
// Delete.
$data['delete'] = '<a id="delete_downtime" href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.list'.'&delete_downtime=1&id_downtime='.$downtime['id'].'&'.$filter_params_str.'">'.html_print_image('images/cross.png', true, ['title' => __('Delete')]);
} else {
$data['edit'] = '';
$data['delete'] = '';
}
} else if ($downtime['executed'] == 1 && $downtime['type_execution'] == 'once') {
// Edit.
$data['edit'] = '<a href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.editor&edit_downtime=1&id_downtime='.$downtime['id'].'">'.html_print_image('images/config.png', true, ['title' => __('Update')]).'</a>';
// Delete.
$data['delete'] = __('N/A');
if (check_acl_restricted_all($config['id_user'], $downtime['id_group'], 'AW')
|| check_acl_restricted_all($config['id_user'], $downtime['id_group'], 'AD')
) {
// Edit.
$data['edit'] = '<a href="index.php?sec=extensions&sec2=godmode/agentes/planned_downtime.editor&edit_downtime=1&id_downtime='.$downtime['id'].'">'.html_print_image('images/config.png', true, ['title' => __('Update')]).'</a>';
// Delete.
$data['delete'] = __('N/A');
} else {
$data['edit'] = '';
$data['delete'] = '';
}
} else {
$data['edit'] = '';
$data['delete'] = '';

39
pandora_console/godmode/alerts/alert_actions.php
View File

@ -77,6 +77,15 @@ if ($copy_action) {
$al_action = alerts_get_alert_action($id);
if (!check_acl_restricted_all($config['id_user'], $al_action['id_group'], 'LM')) {
db_pandora_audit(
'ACL Violation',
'Trying to access Alert Management'
);
include 'general/noaccess.php';
exit;
}
if ($al_action !== false) {
// If user tries to copy an action with group=ALL.
if ($al_action['id_group'] == 0) {
@ -144,6 +153,15 @@ if ($delete_action) {
$al_action = alerts_get_alert_action($id);
if (!check_acl_restricted_all($config['id_user'], $al_action['id_group'], 'LM')) {
db_pandora_audit(
'ACL Violation',
'Trying to access Alert Management'
);
include 'general/noaccess.php';
exit;
}
if ($al_action !== false) {
// If user tries to delete an action with group=ALL.
if ($al_action['id_group'] == 0) {
@ -236,11 +254,18 @@ $table_filter->data[0][1] = html_print_input_text(
255,
true
);
$return_all_group = false;
if (users_can_manage_group_all('LM') === true) {
$return_all_group = true;
}
$table_filter->data[0][2] = __('Group');
$table_filter->data[0][3] = html_print_select_groups(
$config['id_user'],
'LM',
true,
$return_all_group,
'group_search',
$group_search,
'',
@ -370,7 +395,12 @@ foreach ($actions as $action) {
$data = [];
$data[0] = '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_action&id='.$action['id'].'&pure='.$pure.'">'.$action['name'].'</a>';
if (check_acl_restricted_all($config['id_user'], $action['id_group'], 'LM')) {
$data[0] = '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_action&id='.$action['id'].'&pure='.$pure.'">'.$action['name'].'</a>';
} else {
$data[0] = $action['name'];
}
$data[1] = $action['command_name'];
$data[2] = ui_print_group_icon($action['id_group'], true).'&nbsp;';
if (!alerts_validate_command_to_action($action['id_group'], $action['command_group'])) {
@ -384,8 +414,11 @@ foreach ($actions as $action) {
);
}
$data[3] = '';
$data[4] = '';
if (is_central_policies_on_node() === false
&& check_acl($config['id_user'], $action['id_group'], 'LM')
&& check_acl_restricted_all($config['id_user'], $action['id_group'], 'LM')
) {
$table->cellclass[] = [
3 => 'action_buttons',

8
pandora_console/godmode/alerts/alert_commands.php
View File

@ -556,7 +556,9 @@ foreach ($commands as $command) {
$data = [];
$data['name'] = '<span style="font-size: 7.5pt">';
if (! $command['internal']) {
// (IMPORTANT, DO NOT CHANGE!) only users with permissions over "All" group have access to edition of commands belonging to "All" group.
if (!$command['internal'] && check_acl_restricted_all($config['id_user'], $command['id_group'], 'LM')) {
$data['name'] .= '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_command&id='.$command['id'].'&pure='.$pure.'">'.$command['name'].'</a>';
} else {
$data['name'] .= $command['name'];
@ -580,7 +582,9 @@ foreach ($commands as $command) {
);
$data['action'] = '';
$table->cellclass[]['action'] = 'action_buttons';
if ($is_central_policies_on_node === false && !$command['internal']) {
// (IMPORTANT, DO NOT CHANGE!) only users with permissions over "All" group have access to edition of commands belonging to "All" group.
if ($is_central_policies_on_node === false && !$command['internal'] && check_acl_restricted_all($config['id_user'], $command['id_group'], 'LM')) {
$data['action'] = '<span style="display: inline-flex">';
$data['action'] .= '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/alert_commands&amp;copy_command=1&id='.$command['id'].'&pure='.$pure.'"
onClick="if (!confirm(\''.__('Are you sure?').'\')) return false;">'.html_print_image('images/copy.png', true).'</a>';

8
pandora_console/godmode/alerts/alert_templates.php
View File

@ -401,13 +401,17 @@ foreach ($templates as $template) {
$data = [];
$data[0] = '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_template&id='.$template['id'].'&pure='.$pure.'">'.$template['name'].'</a>';
if (check_acl_restricted_all($config['id_user'], $template['id_group'], 'LM')) {
$data[0] = '<a href="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_template&id='.$template['id'].'&pure='.$pure.'">'.$template['name'].'</a>';
} else {
$data[0] = $template['name'];
}
$data[1] = ui_print_group_icon($template['id_group'], true);
$data[3] = alerts_get_alert_templates_type_name($template['type']);
if (is_central_policies_on_node() === false
&& check_acl($config['id_user'], $template['id_group'], 'LM')
&& check_acl_restricted_all($config['id_user'], $template['id_group'], 'LM')
) {
$table->cellclass[][4] = 'action_buttons';
$data[4] = '<form method="post" action="index.php?sec='.$sec.'&sec2=godmode/alerts/configure_alert_template&pure='.$pure.'" style="display: inline; float: left">';

17
pandora_console/godmode/alerts/configure_alert_action.php
View File

@ -101,6 +101,15 @@ if ($id) {
$group = $action['id_group'];
$action_threshold = $action['action_threshold'];
if (!check_acl_restricted_all($config['id_user'], $action['id_group'], 'LM')) {
db_pandora_audit(
'ACL Violation',
'Trying to access Alert Management'
);
include 'general/noaccess.php';
exit;
}
}
// Hidden div with help hint to fill with javascript.
@ -168,10 +177,16 @@ $table->data[1][0] = __('Group');
$own_info = get_user_info($config['id_user']);
$return_all_group = false;
if (users_can_manage_group_all('LW') === true) {
$return_all_group = true;
}
$table->data[1][1] = '<div class="w250px inline">'.html_print_select_groups(
false,
'LW',
true,
$return_all_group,
'group',
$group,
'',

19
pandora_console/godmode/alerts/configure_alert_command.php
View File

@ -48,15 +48,18 @@ if (is_metaconsole() === true) {
);
}
if ($update_command) {
$id = (int) get_parameter('id');
if ($id > 0) {
$alert = alerts_get_alert_command($id);
if ($alert['internal']) {
if ($alert['internal'] || !check_acl_restricted_all($config['id_user'], $alert['id_group'], 'LM')) {
db_pandora_audit('ACL Violation', 'Trying to access Alert Management');
include 'general/noaccess.php';
exit;
}
}
if ($update_command) {
$alert = alerts_get_alert_command($id);
$name = (string) get_parameter('name');
$command = (string) get_parameter('command');
@ -216,12 +219,18 @@ $table->data['command'][1] = html_print_textarea(
$is_central_policies_on_node
);
$return_all_group = false;
if (users_can_manage_group_all('LM') === true) {
$return_all_group = true;
}
$table->colspan['group'][1] = 3;
$table->data['group'][0] = __('Group');
$table->data['group'][1] = '<div class="w250px inline">'.html_print_select_groups(
false,
'LM',
true,
$return_all_group,
'id_group',
$id_group,
false,

27
pandora_console/godmode/alerts/configure_alert_template.php
View File

@ -55,6 +55,15 @@ if (defined('METACONSOLE')) {
if ($a_template !== false) {
// If user tries to duplicate/edit a template with group=ALL
if ($a_template['id_group'] == 0) {
if (users_can_manage_group_all('LM') === false) {
db_pandora_audit(
'ACL Violation',
'Trying to access Alert Management'
);
include 'general/noaccess.php';
exit;
}
// Header
if (defined('METACONSOLE')) {
alerts_meta_print_header();
@ -1091,18 +1100,18 @@ if ($step == 2) {
$table->data[0][1] .= '&nbsp;&nbsp;'.__('Group');
$groups = users_get_groups();
$own_info = get_user_info($config['id_user']);
// Only display group "All" if user is administrator or has "PM" privileges.
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
$display_all_group = true;
} else {
$display_all_group = false;
$return_all_group = false;
if (users_can_manage_group_all('LM') === true) {
$return_all_group = true;
}
$table->data[0][1] .= '&nbsp;';
$table->data[0][1] .= '<div class="w250px inline">'.html_print_select_groups(
false,
'AR',
$display_all_group,
$return_all_group,
'id_group',
$id_group,
'',
@ -1422,7 +1431,11 @@ if ($step == 2) {
case "unknown":
$("#template-value, #template-max, span#matches_value, #template-min").hide ();
$("#template-example").show ();
if ($("#text-min_alerts").val() > 0 ) {
unknown = <?php echo "'".__('The alert would fire when the module is in unknown status. Warning: unknown_updates of pandora_server.conf must be equal to 1')."'"; ?>;
}
/* Show example */
$("span#example").empty ().append (unknown);
break;

18
pandora_console/godmode/events/event_edit_filter.php
View File

@ -40,7 +40,15 @@ $strict_user = db_get_value(
);
if ($id) {
$permission = events_check_event_filter_group($id);
$restrict_all_group = false;
if (!users_can_manage_group_all('EW') === true
&& !users_can_manage_group_all('EM') === true
) {
$restrict_all_group = true;
}
$permission = events_check_event_filter_group($id, $restrict_all_group);
if (!$permission) {
// User doesn't have permissions to see this filter
include 'general/noaccess.php';
@ -276,12 +284,18 @@ $table->data[1][1] = '<div class="w250px">'.html_print_select_groups(
$strict_user
).'</div>';
$return_all_group = false;
if (users_can_manage_group_all('AR') === true) {
$return_all_group = true;
}
$table->data[2][0] = '<b>'.__('Group').'</b>';
$display_all_group = (users_is_admin() || users_can_manage_group_all('AR'));
$table->data[2][1] = '<div class="w250px">'.html_print_select_groups(
$config['id_user'],
'AR',
$display_all_group,
$return_all_group,
'id_group',
$id_group,
'',

33
pandora_console/godmode/events/event_filter.php
View File

@ -35,6 +35,19 @@ $multiple_delete = (bool) get_parameter('multiple_delete', 0);
if ($delete) {
$id = (int) get_parameter('id');
$filter_group = (int) db_get_value('id_group', 'tevent_filter', 'id_filter', $id);
if (!check_acl_restricted_all($config['id_user'], $filter_group, 'EW')
&& !check_acl_restricted_all($config['id_user'], $filter_group, 'EM')
) {
db_pandora_audit(
'ACL Violation',
'Trying to access events filter editor'
);
include 'general/noaccess.php';
return;
}
$id_filter = db_get_value('id_filter', 'tevent_filter', 'id_filter', $id);
if ($id_filter === false) {
@ -151,13 +164,27 @@ foreach ($filters as $filter) {
$data = [];
$data[0] = html_print_checkbox_extended('delete_multiple[]', $filter['id_filter'], false, false, '', 'class="check_delete"', true);
$data[1] = '<a href="index.php?sec=geventos&sec2=godmode/events/events&section=edit_filter&id='.$filter['id_filter'].'&pure='.$config['pure'].'">'.$filter['id_name'].'</a>';
if (!check_acl_restricted_all($config['id_user'], $filter['id_group'], 'EW')
&& !check_acl_restricted_all($config['id_user'], $filter['id_group'], 'EM')
) {
$data[1] = $filter['id_name'];
} else {
$data[1] = '<a href="index.php?sec=geventos&sec2=godmode/events/events&section=edit_filter&id='.$filter['id_filter'].'&pure='.$config['pure'].'">'.$filter['id_name'].'</a>';
}
$data[2] = ui_print_group_icon($filter['id_group_filter'], true);
$data[3] = events_get_event_types($filter['event_type']);
$data[4] = events_get_status($filter['status']);
$data[5] = events_get_severity_types($filter['severity']);
$table->cellclass[][6] = 'action_buttons';
$data[6] = "<a onclick='if(confirm(\"".__('Are you sure?')."\")) return true; else return false;'href='index.php?sec=geventos&sec2=godmode/events/events&section=filter&delete=1&id=".$filter['id_filter'].'&offset=0&pure='.$config['pure']."'>".html_print_image('images/cross.png', true, ['title' => __('Delete')]).'</a>';
$data[6] = '';
if (check_acl_restricted_all($config['id_user'], $filter['id_group'], 'EW')
|| check_acl_restricted_all($config['id_user'], $filter['id_group'], 'EM')
) {
$table->cellclass[][6] = 'action_buttons';
$data[6] = "<a onclick='if(confirm(\"".__('Are you sure?')."\")) return true; else return false;'href='index.php?sec=geventos&sec2=godmode/events/events&section=filter&delete=1&id=".$filter['id_filter'].'&offset=0&pure='.$config['pure']."'>".html_print_image('images/cross.png', true, ['title' => __('Delete')]).'</a>';
}
array_push($table->data, $data);
}

18
pandora_console/godmode/events/event_responses.editor.php
View File

@ -39,6 +39,16 @@ $event_response_id = get_parameter('id_response', 0);
if ($event_response_id > 0) {
$event_response = db_get_row('tevent_response', 'id', $event_response_id);
// ACL check for event response edition.
if (!check_acl_restricted_all($config['id_user'], $event_response['id_group'], 'PM')) {
db_pandora_audit(
'ACL Violation',
'Trying to access Group Management'
);
include 'general/noaccess.php';
return;
}
} else {
$event_response = [];
$event_response['name'] = '';
@ -84,8 +94,14 @@ $data[1] = html_print_input_text(
);
$data[1] .= html_print_input_hidden('id_response', $event_response['id'], true);
$return_all_group = false;
if (users_can_manage_group_all('PM') === true) {
$return_all_group = true;
}
$data[2] = __('Group');
$data[3] = html_print_select_groups(false, 'PM', true, 'id_group', $event_response['id_group'], '', '', '', true);
$data[3] = html_print_select_groups(false, 'PM', $return_all_group, 'id_group', $event_response['id_group'], '', '', '', true);
$table->data[0] = $data;
$data = [];

4
pandora_console/godmode/events/event_responses.list.php
View File

@ -55,6 +55,10 @@ $table->head[3] = __('Actions');
$table->data = [];
foreach ($event_responses as $response) {
if (!check_acl_restricted_all($config['id_user'], $response['id_group'], 'PM')) {
continue;
}
$data = [];
$data[0] = '<a href="index.php?sec=geventos&sec2=godmode/events/events&section=responses&mode=editor&id_response='.$response['id'].'&amp;pure='.$config['pure'].'">'.$response['name'].'</a>';
$data[1] = $response['description'];

19
pandora_console/godmode/gis_maps/configure_gis_map.php
View File

@ -30,6 +30,14 @@ require_once 'include/functions_gis.php';
$idMap = (int) get_parameter('map_id', 0);
$action = get_parameter('action', 'new_map');
$gis_map_group = db_get_value('group_id', 'tgis_map', 'id_tgis_map', $idMap);
if ($idMap > 0 && !check_acl_restricted_all($config['id_user'], $gis_map_group, 'MW') && !check_acl_restricted_all($config['id_user'], $gis_map_group, 'MW')) {
db_pandora_audit('ACL Violation', 'Trying to access map builder');
include 'general/noaccess.php';
return;
}
$sec2 = get_parameter_get('sec2');
$sec2 = safe_url_extraclean($sec2);
@ -453,14 +461,15 @@ $table->data[1][1] = "<table style='padding:0px;' class='no-class' border='0' id
</tr> ".gis_add_conection_maps_in_form($map_connection_list).'
</table>';
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'MM')) {
$display_all_group = true;
} else {
$display_all_group = false;
$return_all_group = false;
if (users_can_manage_group_all('MM') === true) {
$return_all_group = true;
}
$table->data[2][0] = __('Group');
$table->data[2][1] = html_print_select_groups(false, 'IW', $display_all_group, 'map_group_id', $map_group_id, '', '', '', true);
$table->data[2][1] = html_print_select_groups(false, 'IW', $return_all_group, 'map_group_id', $map_group_id, '', '', '', true);
$table->data[3][0] = __('Default zoom');
$table->data[3][1] = html_print_input_text('map_zoom_level', $map_zoom_level, '', 2, 4, true).html_print_input_hidden('map_levels_zoom', $map_levels_zoom, true);

35
pandora_console/godmode/netflow/nf_edit.php
View File

@ -68,6 +68,19 @@ $multiple_delete = (bool) get_parameter('multiple_delete', 0);
$id = (int) get_parameter('id');
$name = (string) get_parameter('name');
if ($id > 0) {
$filter_group = db_get_value('id_group', 'tnetflow_filter', 'id_sg', $id);
if (!check_acl_restricted_all($config['id_user'], $filter_group, 'AW')) {
db_pandora_audit(
'ACL Violation',
'Trying to access events filter editor'
);
include 'general/noaccess.php';
return;
}
}
if ($delete) {
$id_filter = db_get_value('id_name', 'tnetflow_filter', 'id_sg', $id);
$result = db_process_sql_delete(
@ -164,12 +177,24 @@ $total_filters = $total_filters[0]['total'];
foreach ($filters as $filter) {
$data = [];
$data[0] = html_print_checkbox_extended('delete_multiple[]', $filter['id_sg'], false, false, '', 'class="check_delete"', true);
$data[1] = '<a href="'.$config['homeurl'].'index.php?sec=netf&sec2=godmode/netflow/nf_edit_form&id='.$filter['id_sg'].'&pure='.$pure.'">'.$filter['id_name'].'</a>';
$data[0] = '';
if (check_acl_restricted_all($config['id_user'], $filter['id_group'], 'AW')) {
$data[0] = html_print_checkbox_extended('delete_multiple[]', $filter['id_sg'], false, false, '', 'class="check_delete"', true);
$data[1] = '<a href="'.$config['homeurl'].'index.php?sec=netf&sec2=godmode/netflow/nf_edit_form&id='.$filter['id_sg'].'&pure='.$pure.'">'.$filter['id_name'].'</a>';
} else {
$data[1] = $filter['id_name'];
}
$data[2] = ui_print_group_icon($filter['id_group'], true, 'groups_small', '', !defined('METACONSOLE'));
$table->cellclass[][3] = 'action_buttons';
$data[3] = "<a onclick='if(confirm(\"".__('Are you sure?')."\")) return true; else return false;'
href='".$config['homeurl'].'index.php?sec=netf&sec2=godmode/netflow/nf_edit&delete=1&id='.$filter['id_sg']."&offset=0&pure=$pure'>".html_print_image('images/cross.png', true, ['title' => __('Delete')]).'</a>';
$data[3] = '';
if (check_acl_restricted_all($config['id_user'], $filter['id_group'], 'AW')) {
$table->cellclass[][3] = 'action_buttons';
$data[3] = "<a onclick='if(confirm(\"".__('Are you sure?')."\")) return true; else return false;'
href='".$config['homeurl'].'index.php?sec=netf&sec2=godmode/netflow/nf_edit&delete=1&id='.$filter['id_sg']."&offset=0&pure=$pure'>".html_print_image('images/cross.png', true, ['title' => __('Delete')]).'</a>';
}
array_push($table->data, $data);
}

12
pandora_console/godmode/reporting/graph_builder.main.php
View File

@ -132,12 +132,20 @@ $output .= '>';
$own_info = get_user_info($config['id_user']);
$return_all_group = true;
if (users_can_manage_group_all('RW') === false
&& users_can_manage_group_all('RM') === false
) {
$return_all_group = false;
}
$output .= '<td><b>'.__('Group').'</b></td><td>';
if (check_acl($config['id_user'], 0, 'RW')) {
$output .= html_print_select_groups(
$config['id_user'],
'RW',
true,
$return_all_group,
'graph_id_group',
$id_group,
'',
@ -149,7 +157,7 @@ if (check_acl($config['id_user'], 0, 'RW')) {
$output .= html_print_select_groups(
$config['id_user'],
'RM',
true,
$return_all_group,
'graph_id_group',
$id_group,
'',

14
pandora_console/godmode/reporting/graph_builder.php
View File

@ -83,6 +83,20 @@ $change_weight = (bool) get_parameter('change_weight', false);
$change_label = (bool) get_parameter('change_label', false);
$id_graph = (int) get_parameter('id', 0);
if ($id_graph > 0) {
$graph_group = db_get_value('id_group', 'tgraph', 'id_graph', $id_graph);
if (!check_acl_restricted_all($config['id_user'], $graph_group, 'RW')
&& !check_acl_restricted_all($config['id_user'], $graph_group, 'RM')
) {
db_pandora_audit(
'ACL Violation',
'Trying to access graph builder'
);
include 'general/noaccess.php';
exit;
}
}
if ($id_graph !== 0) {
$sql = "SELECT * FROM tgraph
WHERE (private = 0 OR (private = 1 AND id_user = '".$config['id_user']."'))

15
pandora_console/godmode/reporting/graphs.php
View File

@ -88,7 +88,11 @@ ui_print_page_header(__('Reporting').' &raquo; '.__('Custom graphs'), 'images/ch
// Delete module SQL code
if ($delete_graph) {
if ($report_w || $report_m) {
$graph_group = db_get_value('id_group', 'tgraph', 'id_graph', $id);
if (check_acl_restricted_all($config['id_user'], $graph_group, 'RW')
|| check_acl_restricted_all($config['id_user'], $graph_group, 'RM')
) {
$exist = db_get_value('id_graph', 'tgraph_source', 'id_graph', $id);
if ($exist) {
$result = db_process_sql_delete('tgraph_source', ['id_graph' => $id]);
@ -299,16 +303,17 @@ $table_aux = new stdClass();
$data[4] = '';
$table->cellclass[][4] = 'action_buttons';
if (($report_w || $report_m)) {
if (check_acl_restricted_all($config['id_user'], $graph['id_group'], 'RM')
|| check_acl_restricted_all($config['id_user'], $graph['id_group'], 'RW')
) {
$data[4] = '<a href="index.php?sec=reporting&sec2=godmode/reporting/graph_builder&edit_graph=1&id='.$graph['id_graph'].'">'.html_print_image('images/config.png', true).'</a>';
}
if ($report_m) {
$data[5] = '';
if (check_acl_restricted_all($config['id_user'], $graph['id_group'], 'RM')) {
$data[4] .= '<a href="index.php?sec=reporting&sec2=godmode/reporting/graphs&delete_graph=1&id='.$graph['id_graph'].'" onClick="if (!confirm(\''.__('Are you sure?').'\'))
return false;">'.html_print_image('images/cross.png', true, ['alt' => __('Delete'), 'title' => __('Delete')]).'</a>';
}
if ($report_m) {
$data[5] .= html_print_checkbox_extended('delete_multiple[]', $graph['id_graph'], false, false, '', 'class="check_delete" style="margin-left:2px;"', true);
}

10
pandora_console/godmode/reporting/map_builder.php
View File

@ -123,8 +123,8 @@ if ($delete_layout || $copy_layout) {
// ACL for the visual console
// $vconsole_read = check_acl ($config['id_user'], $group_id, "VR");
$vconsole_write = check_acl($config['id_user'], $group_id, 'VW');
$vconsole_manage = check_acl($config['id_user'], $group_id, 'VM');
$vconsole_write = check_acl_restricted_all($config['id_user'], $group_id, 'VW');
$vconsole_manage = check_acl_restricted_all($config['id_user'], $group_id, 'VM');
if (!$vconsole_write && !$vconsole_manage) {
db_pandora_audit(
@ -441,8 +441,10 @@ if (!$maps && !is_metaconsole()) {
$data[1] = ui_print_group_icon($map['id_group'], true);
$data[2] = db_get_sql('SELECT COUNT(*) FROM tlayout_data WHERE id_layout = '.$map['id']);
// Fix: IW was the old ACL for report editing, now is RW
if ($vconsoles_write || $vconsoles_manage) {
$vconsoles_write_action_btn = check_acl_restricted_all($config['id_user'], $map['id_group'], 'VW');
$vconsoles_manage_action_btn = check_acl_restricted_all($config['id_user'], $map['id_group'], 'VM');
if ($vconsoles_write_action_btn || $vconsoles_manage_action_btn) {
if (!is_metaconsole()) {
$table->cellclass[] = [
3 => 'action_buttons',

8
pandora_console/godmode/reporting/reporting_builder.main.php
View File

@ -114,11 +114,17 @@ if (isset($write_groups[$idGroupReport]) === false && $idGroupReport) {
$write_groups[$idGroupReport] = groups_get_name($idGroupReport);
}
$return_all_group = false;
if (users_can_manage_group_all('RW') === true) {
$return_all_group = true;
}
$table->data['group'][1] = '<div class="w290px inline">';
$table->data['group'][1] .= html_print_select_groups(
$config['id_user'],
'AR',
true,
$return_all_group,
'id_group',
$idGroupReport,
'',

28
pandora_console/godmode/reporting/reporting_builder.php
View File

@ -158,6 +158,26 @@ $pure = get_parameter('pure', 0);
$schedule_report = get_parameter('schbutton', '');
$pagination = (int) get_parameter('pagination', $config['block_size']);
if ($action == 'edit' && $idReport > 0) {
$report_group = db_get_value(
'id_group',
'treport',
'id_report',
$idReport
);
if (! check_acl_restricted_all($config['id_user'], $report_group, 'RW')
&& ! check_acl_restricted_all($config['id_user'], $report_group, 'RM')
) {
db_pandora_audit(
'ACL Violation',
'Trying to access report builder'
);
include 'general/noaccess.php';
exit;
}
}
if ($schedule_report != '') {
$id_user_task = 1;
$scheduled = 'no';
@ -909,8 +929,8 @@ switch ($action) {
$data = [];
if (check_acl($config['id_user'], $report['id_group'], 'RW')
|| check_acl($config['id_user'], $report['id_group'], 'RM')
if (check_acl_restricted_all($config['id_user'], $report['id_group'], 'RW')
|| check_acl_restricted_all($config['id_user'], $report['id_group'], 'RM')
) {
$data[0] = '<a href="'.$config['homeurl'].'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&id_report='.$report['id_report'].'&pure='.$pure.'">'.ui_print_truncate_text($report['name'], 70).'</a>';
} else {
@ -994,7 +1014,7 @@ switch ($action) {
switch ($type_access_selected) {
case 'group_view':
$edit = check_acl(
$edit = check_acl_restricted_all(
$config['id_user'],
$report['id_group'],
'RW'
@ -1005,7 +1025,7 @@ switch ($action) {
break;
case 'group_edit':
$edit = check_acl(
$edit = check_acl_restricted_all(
$config['id_user'],
$report['id_group_edit'],
'RW'

9
pandora_console/godmode/reporting/visual_console_builder.data.php
View File

@ -133,13 +133,18 @@ if ($action == 'new') {
src="">';
}
$table->data[1][0] = __('Group:');
$table->data[1][0] = __('Group');
$return_all_group = false;
if (users_can_manage_group_all('RW') === true) {
$return_all_group = true;
}
$table->data[1][1] = '<div class="w250px">'.html_print_select_groups(
$config['id_user'],
'RW',
true,
$return_all_group,
'id_group',
$idGroup,
'',

8
pandora_console/godmode/reporting/visual_console_builder.php
View File

@ -85,8 +85,8 @@ else if ($activeTab != 'data' || ($activeTab == 'data' && $action != 'new')) {
// ACL for the existing visual console
// $vconsole_read = check_acl ($config['id_user'], $visualConsole['id_group'], "VR");
$vconsole_write = check_acl($config['id_user'], $visualConsole['id_group'], 'VW');
$vconsole_manage = check_acl($config['id_user'], $visualConsole['id_group'], 'VM');
$vconsole_write = check_acl_restricted_all($config['id_user'], $visualConsole['id_group'], 'VW');
$vconsole_manage = check_acl_restricted_all($config['id_user'], $visualConsole['id_group'], 'VM');
} else {
db_pandora_audit(
'ACL Violation',
@ -143,8 +143,8 @@ switch ($activeTab) {
// ACL for the new visual console
// $vconsole_read_new = check_acl ($config['id_user'], $idGroup, "VR");
$vconsole_write_new = check_acl($config['id_user'], $idGroup, 'VW');
$vconsole_manage_new = check_acl($config['id_user'], $idGroup, 'VM');
$vconsole_write_new = check_acl_restricted_all($config['id_user'], $idGroup, 'VW');
$vconsole_manage_new = check_acl_restricted_all($config['id_user'], $idGroup, 'VM');
// The user should have permissions on the new group
if (!$vconsole_write_new && !$vconsole_manage_new) {

35
pandora_console/godmode/servers/modificar_server.php
View File

@ -101,7 +101,40 @@ if (isset($_GET['server'])) {
// Headers.
$id_server = get_parameter_get('server_remote');
$ext = get_parameter('ext', '');
ui_print_page_header(__('Remote Configuration'), 'images/gm_servers.png', false, 'servers', true);
$tab = get_parameter('tab', 'standard_editor');
$advanced_editor = true;
$server_type = (int) db_get_value(
'server_type',
'tserver',
'id_server',
$id_server
);
$buttons = '';
if ($server_type !== 13) {
// Buttons.
$buttons = [
'standard_editor' => [
'active' => false,
'text' => '<a href="index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_remote='.$id_server.'&ext='.$ext.'&tab=standard_editor&pure='.$pure.'">'.html_print_image('images/list.png', true, ['title' => __('Standard editor')]).'</a>',
],
'advanced_editor' => [
'active' => false,
'text' => '<a href="index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_remote='.$id_server.'&ext='.$ext.'&tab=advanced_editor&pure='.$pure.'">'.html_print_image('images/pen.png', true, ['title' => __('Advanced editor')]).'</a>',
],
];
$buttons[$tab]['active'] = true;
}
ui_print_page_header(__('Remote Configuration'), 'images/gm_servers.png', false, 'servers', true, $buttons);
if ($server_type !== 13 && $tab == 'standard_editor') {
$advanced_editor = false;
}
enterprise_include('godmode/servers/server_disk_conf_editor.php');
} else {
// Header.

52
pandora_console/godmode/snmpconsole/snmp_alert.php
View File

@ -494,6 +494,15 @@ if ($update_alert || $duplicate_alert) {
$position = $alert['position'];
$disable_event = $alert['disable_event'];
$group = $alert['id_group'];
if (!check_acl_restricted_all($config['id_user'], $group, 'LW')) {
db_pandora_audit(
'ACL Violation',
'Trying to access SNMP Alert Management'
);
include 'general/noaccess.php';
return;
}
} else if ($create_alert) {
// Variable init
$id_as = -1;
@ -814,13 +823,19 @@ if ($create_alert || $update_alert) {
html_print_input_text('source_ip', $source_ip, '', 20);
echo '</td></tr>';
$return_all_group = false;
if (users_can_manage_group_all('LW') === true) {
$return_all_group = true;
}
// Group
echo '<tr id="tr-group"><td class="datos2">'.__('Group').'</td><td class="datos2">';
echo '<div class="w250px">';
html_print_select_groups(
$config['id_user'],
'AR',
true,
$return_all_group,
'group',
$group,
'',
@ -1346,10 +1361,17 @@ if ($create_alert || $update_alert) {
$url = 'index.php?'.'sec=snmpconsole&'.'sec2=godmode/snmpconsole/snmp_alert&'.'id_alert_snmp='.$row['id_as'].'&'.'update_alert=1';
$data[1] = '<table>';
$data[1] .= '<tr>';
$data[1] .= '<a href="'.$url.'">'.alerts_get_alert_action_name($row['id_alert']).'</a>';
if (check_acl_restricted_all($config['id_user'], $row['id_group'], 'LW')) {
$data[1] .= '<a href="'.$url.'">'.alerts_get_alert_action_name($row['id_alert']).'</a>';
} else {
$data[1] .= alerts_get_alert_action_name($row['id_alert']);
}
$other_actions = db_get_all_rows_filter('talert_snmp_action', ['id_alert_snmp' => $row['id_as']]);
$data[1] .= '</tr>';
if ($other_actions != false) {
foreach ($other_actions as $action) {
$data[1] .= '<tr>';
@ -1361,6 +1383,7 @@ if ($create_alert || $update_alert) {
$data[1] .= '</table>';
$data[2] = $row['agent'];
$data[3] = $row['oid'];
$data[4] = $row['custom_oid'];
@ -1373,18 +1396,23 @@ if ($create_alert || $update_alert) {
$data[7] = __('Never');
}
$data[8] = '<a href="index.php?'.'sec=snmpconsole&'.'sec2=godmode/snmpconsole/snmp_alert&'.'duplicate_alert=1&'.'id_alert_snmp='.$row['id_as'].'">'.html_print_image('images/copy.png', true, ['alt' => __('Duplicate'), 'title' => __('Duplicate')]).'</a>'.'<a href="index.php?'.'sec=snmpconsole&'.'sec2=godmode/snmpconsole/snmp_alert&'.'update_alert=1&'.'id_alert_snmp='.$row['id_as'].'">'.html_print_image('images/config.png', true, ['border' => '0', 'alt' => __('Update')]).'</a>'.'<a href="javascript:show_add_action_snmp(\''.$row['id_as'].'\');">'.html_print_image('images/add.png', true, ['title' => __('Add action')]).'</a>'.'<a href="index.php?sec=snmpconsole&sec2=godmode/snmpconsole/snmp_alert&delete_alert='.$row['id_as'].'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image('images/cross.png', true, ['border' => '0', 'alt' => __('Delete')]).'</a>';
if (check_acl_restricted_all($config['id_user'], $row['id_group'], 'LW')) {
$data[8] = '<a href="index.php?'.'sec=snmpconsole&'.'sec2=godmode/snmpconsole/snmp_alert&'.'duplicate_alert=1&'.'id_alert_snmp='.$row['id_as'].'">'.html_print_image('images/copy.png', true, ['alt' => __('Duplicate'), 'title' => __('Duplicate')]).'</a>'.'<a href="index.php?'.'sec=snmpconsole&'.'sec2=godmode/snmpconsole/snmp_alert&'.'update_alert=1&'.'id_alert_snmp='.$row['id_as'].'">'.html_print_image('images/config.png', true, ['border' => '0', 'alt' => __('Update')]).'</a>'.'<a href="javascript:show_add_action_snmp(\''.$row['id_as'].'\');">'.html_print_image('images/add.png', true, ['title' => __('Add action')]).'</a>'.'<a href="index.php?sec=snmpconsole&sec2=godmode/snmpconsole/snmp_alert&delete_alert='.$row['id_as'].'" onClick="javascript:return confirm(\''.__('Are you sure?').'\')">'.html_print_image('images/cross.png', true, ['border' => '0', 'alt' => __('Delete')]).'</a>';
$data[9] = html_print_checkbox_extended(
'delete_ids[]',
$row['id_as'],
false,
false,
false,
'class="chk_delete"',
true
);
$data[9] = html_print_checkbox_extended(
'delete_ids[]',
$row['id_as'],
false,
false,
false,
'class="chk_delete"',
true
);
} else {
$data[8] = '';
$data[9] = '';
}
$idx = count($table->data);
// The current index of the table is 1 less than the count of table data so we count before adding to table->data

92
pandora_console/include/ajax/hostDevices.ajax.php Normal file
View File

@ -0,0 +1,92 @@
<?php
/**
* Hook in Host&Devices for CSV import.
*
* @category Wizard
* @package Pandora FMS
* @subpackage Host&Devices - CSV Import Agents
* @version 1.0.0
* @license See below
*
* ______ ___ _______ _______ ________
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ==========================================================
* Copyright (c) 2004-2019 Artica Soluciones Tecnológicas S.L
* This code is NOT free software. This code is NOT licenced under GPL2 licence
* You cannnot redistribute it without written permission of copyright holder.
* ============================================================================
*/
$get_explanation = (bool) get_parameter('get_explanation', 0);
$get_recon_script_macros = get_parameter('get_recon_script_macros', 0);
if ($get_explanation) {
$id = (int) get_parameter('id', 0);
$explanation = db_get_value(
'description',
'trecon_script',
'id_recon_script',
$id
);
echo io_safe_output($explanation);
return;
}
if ($get_recon_script_macros) {
$id_recon_script = (int) get_parameter('id');
$id_recon_task = (int) get_parameter('id_rt');
if (!empty($id_recon_task) && empty($id_recon_script)) {
$recon_script_macros = db_get_value(
'macros',
'trecon_task',
'id_rt',
$id_recon_task
);
} else if (!empty($id_recon_task)) {
$recon_task_id_rs = (int) db_get_value(
'id_recon_script',
'trecon_task',
'id_rt',
$id_recon_task
);
if ($id_recon_script == $recon_task_id_rs) {
$recon_script_macros = db_get_value(
'macros',
'trecon_task',
'id_rt',
$id_recon_task
);
} else {
$recon_script_macros = db_get_value(
'macros',
'trecon_script',
'id_recon_script',
$id_recon_script
);
}
} else if (!empty($id_recon_script)) {
$recon_script_macros = db_get_value(
'macros',
'trecon_script',
'id_recon_script',
$id_recon_script
);
} else {
$recon_script_macros = [];
}
$macros = [];
$macros['base64'] = base64_encode($recon_script_macros);
$macros['array'] = json_decode($recon_script_macros, true);
echo io_json_mb_encode($macros);
return;
}

5
pandora_console/include/class/AgentWizard.class.php
View File

@ -2408,6 +2408,9 @@ class AgentWizard extends HTML
}
}
// If value comes empty, must return a "Empty" value for view it in console.
$value = (empty($value) === true) ? '<i>'.__('Empty').'</i>' : $value;
return $value;
}
@ -3329,7 +3332,7 @@ class AgentWizard extends HTML
} else {
preg_match('/\.\d+$/', $key, $index);
$tmp = explode(': ', $oid_unit);
$output[$index[0]] = $tmp[1];
$output[$index[0]] = ($tmp[1] ?? '');
}
}
}

25
pandora_console/include/class/CredentialStore.class.php
View File

@ -351,7 +351,21 @@ class CredentialStore extends Wizard
return db_get_value_sql($sql);
}
return db_get_all_rows_sql($sql);
$return = db_get_all_rows_sql($sql);
// Filter out those items of group all that cannot be edited by user.
$return = array_filter(
$return,
function ($item) {
if ($item['id_group'] == 0 && users_can_manage_group_all('AR') === false) {
return false;
} else {
return true;
}
}
);
return $return;
}
@ -857,6 +871,12 @@ class CredentialStore extends Wizard
$values = [];
}
$return_all_group = false;
if (users_can_manage_group_all('AR') === true) {
$return_all_group = true;
}
$form = [
'action' => '#',
'id' => 'modal_form',
@ -886,7 +906,7 @@ class CredentialStore extends Wizard
'id' => 'id_group',
'input_class' => 'flex-row',
'type' => 'select_groups',
'returnAllGroup' => true,
'returnAllGroup' => $return_all_group,
'selected' => $values['id_group'],
'return' => true,
'class' => 'w50p',
@ -1045,6 +1065,7 @@ class CredentialStore extends Wizard
* Process datatable item before draw it.
*/
function process_datatables_item(item) {
id = item.identifier;
idrow = '<b><a href="javascript:" onclick="show_form(\'';

25
pandora_console/include/class/ManageNetScanScripts.class.php
View File

@ -350,28 +350,21 @@ class ManageNetScanScripts extends Wizard
['id_recon_script' => $id_script]
);
$result_dlt2 = db_process_sql_delete(
'trecon_task',
['id_recon_script' => $id_script]
);
if (!$result_dlt) {
$result = [
'error' => 1,
'msg' => __('Problem deleting Net scan Scripts'),
];
} else {
$result_dlt2 = db_process_sql_delete(
'trecon_task',
['id_recon_script' => $id_script]
);
if (!$result_dlt2) {
$result = [
'error' => 1,
'msg' => __('Problem deleting Net scan Scripts'),
];
} else {
$result = [
'error' => 0,
'msg' => __('Deleted successfully'),
];
}
$result = [
'error' => 0,
'msg' => __('Deleted successfully'),
];
}
return $result;

56
pandora_console/include/class/NetworkMap.class.php
View File

@ -3499,39 +3499,41 @@ class NetworkMap
*
* @return string HTML code.
*/
public function printMap($return=false)
public function printMap($return=false, $ignore_acl=false)
{
global $config;
$networkmap = $this->map;
// ACL.
$networkmap_read = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MR'
);
$networkmap_write = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MW'
);
$networkmap_manage = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MM'
);
if (!$networkmap_read
&& !$networkmap_write
&& !$networkmap_manage
) {
db_pandora_audit(
'ACL Violation',
'Trying to access networkmap'
if ($ignore_acl === false) {
// ACL.
$networkmap_read = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MR'
);
include 'general/noaccess.php';
return '';
$networkmap_write = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MW'
);
$networkmap_manage = check_acl(
$config['id_user'],
$networkmap['id_group'],
'MM'
);
if (!$networkmap_read
&& !$networkmap_write
&& !$networkmap_manage
) {
db_pandora_audit(
'ACL Violation',
'Trying to access networkmap'
);
include 'general/noaccess.php';
return '';
}
}
$user_readonly = !$networkmap_write && !$networkmap_manage;

4
pandora_console/include/config_process.php
View File

@ -20,8 +20,8 @@
/**
* Pandora build version and version
*/
$build_version = 'PC210122';
$pandora_version = 'v7.0NG.751';
$build_version = 'PC210127';
$pandora_version = 'v7.0NG.752';
// Do not overwrite default timezone set if defined.
$script_tz = @date_default_timezone_get();

65
pandora_console/include/functions.php
View File

@ -2363,6 +2363,71 @@ function check_acl_one_of_groups($id_user, $groups, $access, $cache=true)
}
/**
* Check access privileges to resources (write or management is not allowed for 'all' group )
*
* Access can be:
* IR - Incident/report Read
* IW - Incident/report Write
* IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
* UM - User Management
* DM - DB Management
* LM - Alert Management
* PM - Pandora Management
*
* @param integer $id_user User id
* @param integer $id_group Agents group id to check from
* @param string $access Access privilege
* @param boolean $onlyOneGroup Flag to check acl for specified group only (not to roots up, or check acl for 'All' group when $id_group is 0).
*
* @return boolean 1 if the user has privileges, 0 if not.
*/
function check_acl_restricted_all($id_user, $id_group, $access, $onlyOneGroup=false)
{
if (empty($id_user)) {
// User ID needs to be specified
trigger_error('Security error: check_acl got an empty string for user id', E_USER_WARNING);
return 0;
} else if (is_user_admin($id_user)) {
return 1;
} else {
$id_group = (int) $id_group;
}
$access_string = get_acl_column($access);
if ($id_group != 0 || $onlyOneGroup === true) {
$groups_list_acl = users_get_groups($id_user, $access, false, true, null);
} else {
$groups_list_acl = get_users_acl($id_user);
// Only allow view ACL tokens in case user cannot manage group all.
if (users_can_manage_group_all($access) === false) {
if (preg_match('/_view/i', $access_string) == 0) {
return 0;
}
}
}
if (is_array($groups_list_acl)) {
if (isset($groups_list_acl[$id_group])) {
if (isset($groups_list_acl[$id_group][$access_string])
&& $groups_list_acl[$id_group][$access_string] > 0
) {
return 1;
} else {
return 0;
}
}
}
return 0;
}
/**
* Get the name of the database column of one access flag
*

9
pandora_console/include/functions_alerts.php
View File

@ -2125,6 +2125,8 @@ function get_group_alerts(
$disabled = $filter;
}
$filter .= ' AND talert_template_modules.disabled = 0 ';
switch ($disabled) {
case 'notfired':
$filter .= ' AND times_fired = 0 AND talert_template_modules.disabled = 0';
@ -2181,7 +2183,7 @@ function get_group_alerts(
if (empty($id_group)) {
$subQuery = 'SELECT id_agente_modulo
FROM tagente_modulo
WHERE 1 = 0';
WHERE 1 = 0';
} else {
$subQuery = 'SELECT id_agente_modulo
FROM tagente_modulo
@ -2190,7 +2192,8 @@ function get_group_alerts(
FROM tagente ta
LEFT JOIN tagent_secondary_group tasg
ON ta.id_agente = tasg.id_agent
WHERE
WHERE ta.disabled = 0
AND
id_grupo IN ('.implode(',', $id_group).')
OR id_group IN ('.implode(',', $id_group).'))';
}
@ -2199,7 +2202,7 @@ function get_group_alerts(
FROM tagente_modulo
WHERE delete_pending = 0
AND id_agente IN (SELECT id_agente
FROM tagente WHERE id_grupo = '.$idGroup.')';
FROM tagente WHERE id_grupo = '.$idGroup.' AND tagente.disabled = 0)';
}
} else {
// ALL GROUP

8
pandora_console/include/functions_events.php
View File

@ -3284,7 +3284,7 @@ function events_get_status($status_id)
*
* @return boolean True if the user has permissions or false otherwise.
*/
function events_check_event_filter_group($id_filter)
function events_check_event_filter_group($id_filter, $restrict_all_group=false)
{
global $config;
@ -3295,7 +3295,11 @@ function events_check_event_filter_group($id_filter)
// Permissions in any group allow to edit "All group" filters.
if ($id_group == 0 && !empty($groups_user)) {
return true;
if ($restrict_all_group === true) {
return false;
} else {
return true;
}
}
$groups_id = [];

30
pandora_console/include/functions_html.php
View File

@ -1249,13 +1249,15 @@ function html_print_select_multiple_modules_filtered(array $data):string
$uniqId = $data['uniqId'];
$return_all_group = isset($data['mReturnAllGroup']) ? $data['mReturnAllGroup'] : true;
// Group.
$output = '<div>';
$output .= html_print_input(
[
'label' => __('Group'),
'name' => 'filtered-module-group-'.$uniqId,
'returnAllGroup' => true,
'returnAllGroup' => $return_all_group,
'privilege' => 'AR',
'type' => 'select_groups',
'return' => true,
@ -1312,6 +1314,15 @@ function html_print_select_multiple_modules_filtered(array $data):string
$agents = [];
}
if ($data['mShowSelectedOtherGroups']) {
$selected_agents = explode(',', $data['mAgents']);
foreach ($selected_agents as $agent_id) {
if (!array_key_exists($agent_id, $agents)) {
$agents[$agent_id] = agents_get_alias($agent_id);
}
}
}
$output .= html_print_input(
[
'label' => __('Agents'),
@ -1350,6 +1361,17 @@ function html_print_select_multiple_modules_filtered(array $data):string
false
);
if ($data['mShowSelectedOtherGroups']) {
$selected_modules_ids = explode(',', $data['mModules']);
foreach ($selected_modules_ids as $id) {
if (!array_key_exists($id, $all_modules)) {
$module_data = modules_get_agentmodule($id);
$all_modules[$id] = $module_data['nombre'];
}
}
}
$output .= html_print_input(
[
'label' => __('Modules'),
@ -4756,7 +4778,11 @@ function html_print_input($data, $wrapper='div', $input_only=false)
}
if ($data['from_wux'] === true) {
$string_filter = ' AND id_tipo_modulo = 25 ';
$string_filter = ' AND id_tipo_modulo = 25';
}
if (isset($data['filter_modules']) && !empty($data['filter_modules'])) {
$string_filter = ' AND id_agente_modulo IN ('.implode(',', $data['filter_modules']).')';
}
$sql = sprintf(

5
pandora_console/include/functions_networkmap.php
View File

@ -1234,7 +1234,8 @@ function networkmap_get_networkmaps(
$id_user=null,
$type=null,
$optgrouped=true,
$strict_user=false
$strict_user=false,
$return_all_group=true
) {
global $config;
@ -1245,7 +1246,7 @@ function networkmap_get_networkmaps(
// Configure filters
$where = [];
$where['type'] = MAP_TYPE_NETWORKMAP;
$where['id_group'] = array_keys(users_get_groups($id_user));
$where['id_group'] = array_keys(users_get_groups($id_user, 'AR', $return_all_group));
if (!empty($type)) {
$where['subtype'] = $type;
}

4
pandora_console/include/functions_reporting.php
View File

@ -9962,7 +9962,7 @@ function reporting_get_group_stats($id_group=0, $access='AR', $recursion=true)
*
* @return array Group statistics
*/
function reporting_get_group_stats_resume($id_group=0, $access='AR')
function reporting_get_group_stats_resume($id_group=0, $access='AR', $ignore_permissions=false)
{
global $config;
@ -9998,7 +9998,7 @@ function reporting_get_group_stats_resume($id_group=0, $access='AR')
$cur_time = get_system_time();
// Check for access credentials using check_acl. More overhead, much safer.
if (!check_acl($config['id_user'], $id_group, $access)) {
if ($ignore_permissions === false && !check_acl($config['id_user'], $id_group, $access)) {
return $data;
}

4
pandora_console/include/functions_reports.php
View File

@ -150,6 +150,10 @@ function reports_get_reports(
) {
continue;
}
} else {
if ($returnAllGroup === false) {
continue;
}
}
array_push($reports, $report);

60
pandora_console/include/functions_tactical.php
View File

@ -1,16 +1,46 @@
<?php
/**
* Tactical view functions script
*
* @category Functions
* @package Pandora FMS
* @subpackage Tactical View
* @version 1.0.0
* @license See below
*
* ______ ___ _______ _______ ________
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
* Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation for version 2.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* ============================================================================
*/
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// Begin.
/**
* Undocumented function
*
* @param boolean $id_user
* @param boolean $user_strict
* @param [type] $acltags
* @param boolean $returnAllGroup
* @param string $mode
* @param array $agent_filter
* @param array $module_filter
* @return void
*/
function tactical_get_data($id_user=false, $user_strict=false, $acltags, $returnAllGroup=false, $mode='group', $agent_filter=[], $module_filter=[])
{
global $config;
@ -368,7 +398,7 @@ function tactical_get_data($id_user=false, $user_strict=false, $acltags, $return
break;
case AGENT_MODULE_STATUS_NORMAL_ALERT:
// Do nothing.
break;
case AGENT_MODULE_STATUS_NORMAL:
@ -383,7 +413,7 @@ function tactical_get_data($id_user=false, $user_strict=false, $acltags, $return
$total_agentes = agents_get_agents(false, ['count(DISTINCT id_agente) as total_agents'], 'AR', false, false, 1);
$list['_total_agents_'] = $total_agentes[0]['total_agents'];
$list['_monitor_checks_'] = ($list['_monitors_not_init_'] + $list['_monitors_unknown_'] + $list['_monitors_warning_'] + $list['_monitors_critical_'] + $list['_monitors_ok_']);
$list['_monitor_checks_'] = ($list['_monitors_unknown_'] + $list['_monitors_warning_'] + $list['_monitors_critical_'] + $list['_monitors_ok_']);
// Calculate not_normal monitors
$list['_monitor_not_normal_'] = ($list['_monitor_checks_'] - $list['_monitors_ok_']);
@ -427,6 +457,8 @@ function tactical_monitor_alerts($group_array, $strict_user=false, $id_group_str
$sql = "SELECT COUNT(talert_template_modules.id)
FROM talert_template_modules, tagente_modulo, tagente_estado, tagente
WHERE tagente.id_grupo IN $group_clause_strict AND tagente_modulo.id_agente = tagente.id_agente
AND tagente.disabled = 0
AND talert_template_modules.disabled = 0
AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
AND talert_template_modules.id_agent_module = tagente_modulo.id_agente_modulo";
$count = db_get_sql($sql);
@ -437,6 +469,8 @@ function tactical_monitor_alerts($group_array, $strict_user=false, $id_group_str
"SELECT COUNT(talert_template_modules.id)
FROM talert_template_modules, tagente_modulo, tagente_estado, tagente
WHERE tagente.id_grupo IN $group_clause AND tagente_modulo.id_agente = tagente.id_agente
AND tagente.disabled = 0
AND talert_template_modules.disabled = 0
AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
AND talert_template_modules.id_agent_module = tagente_modulo.id_agente_modulo"
);

7
pandora_console/include/functions_users.php
View File

@ -123,12 +123,17 @@ function users_get_groups_for_select(
$returnAllColumns=false,
$id_groups=null,
$keys_field='id_grupo',
$ajax_format=false
$ajax_format=false,
$check_user_can_manage_all=false
) {
if ($id_groups === false) {
$id_groups = null;
}
if ($check_user_can_manage_all === true && users_can_manage_group_all($privilege) === false) {
$returnAllGroup = false;
}
$user_groups = users_get_groups(
$id_user,
$privilege,

19
pandora_console/include/functions_visual_map.php
View File

@ -3716,7 +3716,8 @@ function visual_map_get_user_layouts(
$only_names=false,
$filter=false,
$returnAllGroup=true,
$favourite=false
$favourite=false,
$check_user_groups=true
) {
if (! is_array($filter)) {
$filter = [];
@ -3763,7 +3764,21 @@ function visual_map_get_user_layouts(
unset($filter['group']);
}
if (!empty($groups)) {
$return_all_group = false;
if (users_can_manage_group_all()) {
$return_all_group = true;
}
if (isset($filter['can_manage_group_all'])) {
if ($filter['can_manage_group_all'] === false) {
unset($groups[0]);
}
unset($filter['can_manage_group_all']);
}
if ($check_user_groups === true && !empty($groups)) {
if (empty($where)) {
$where = '';
}

3
pandora_console/include/javascript/pandora_dashboards.js
View File

@ -782,7 +782,8 @@ function dashboardLoadNetworkMap(settings) {
zoom_dash: settings.zoom_dash,
auth_class: settings.auth_class,
auth_hash: settings.auth_hash,
id_user: settings.id_user
id_user: settings.id_user,
ignore_acl: 1
},
dataType: "html",
success: function(data) {

4
pandora_console/include/javascript/pandora_modules.js
View File

@ -1225,7 +1225,7 @@ function get_explanation_recon_script(id, id_rt, url) {
var xhr = jQuery.ajax({
data: {
page: "enterprise/include/ajax/hostDevices.ajax",
page: "include/ajax/hostDevices.ajax",
get_explanation: 1,
id: id,
id_rt: id_rt
@ -1253,7 +1253,7 @@ function get_explanation_recon_script(id, id_rt, url) {
var xhr = jQuery.ajax({
data: {
page: "enterprise/include/ajax/hostDevices.ajax",
page: "include/ajax/hostDevices.ajax",
get_recon_script_macros: 1,
id: id,
id_rt: id_rt

264
pandora_console/include/javascript/pandora_ui.js
View File

@ -173,138 +173,150 @@ function load_modal(settings) {
}
if (settings.modal.ok != undefined) {
var btnClickHandler = function(d) {
if (AJAX_RUNNING) return;
if (settings.onsubmit != undefined) {
if (settings.onsubmit.preaction != undefined) {
settings.onsubmit.preaction();
}
AJAX_RUNNING = 1;
if (settings.onsubmit.dataType == undefined) {
settings.onsubmit.dataType = "html";
}
var formdata = new FormData();
if (settings.extradata) {
settings.extradata.forEach(function(item) {
if (item.value != undefined) formdata.append(item.name, item.value);
});
}
formdata.append("page", settings.onsubmit.page);
formdata.append("method", settings.onsubmit.method);
var flagError = false;
if (Array.isArray(settings.form) === false) {
$("#" + settings.form + " :input").each(function() {
if (this.checkValidity() === false) {
$(this).attr("title", this.validationMessage);
$(this).tooltip({
tooltipClass: "uitooltip",
position: {
my: "right bottom",
at: "right top",
using: function(position, feedback) {
$(this).css(position);
$("<div>")
.addClass("arrow")
.addClass(feedback.vertical)
.addClass(feedback.horizontal)
.appendTo(this);
}
}
});
$(this).tooltip("open");
var element = $(this);
setTimeout(
function(element) {
element.tooltip("destroy");
element.removeAttr("title");
},
3000,
element
);
flagError = true;
}
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
});
} else {
settings.form.forEach(function(element) {
$("#" + element + " :input, #" + element + " textarea").each(
function() {
// TODO VALIDATE ALL INPUTS.
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
}
);
});
}
if (flagError === false) {
if (
settings.onsubmitClose != undefined &&
settings.onsubmitClose == 1
) {
d.dialog("close");
}
$.ajax({
method: "post",
url: settings.url,
processData: false,
contentType: false,
data: formdata,
dataType: settings.onsubmit.dataType,
success: function(data) {
console.log("successsssssssssssss");
console.log(data);
if (settings.ajax_callback != undefined) {
if (settings.idMsgCallback != undefined) {
settings.ajax_callback(data, settings.idMsgCallback);
} else {
settings.ajax_callback(data);
}
}
AJAX_RUNNING = 0;
}
});
} else {
AJAX_RUNNING = 0;
}
} else {
// No onsumbit configured. Directly close.
d.dialog("close");
if (document.getElementById(settings.form) != undefined) {
document.getElementById(settings.form).submit();
}
}
};
required_buttons.push({
class:
"ui-widget ui-state-default ui-corner-all ui-button-text-only sub ok submit-next",
text: settings.modal.ok,
click: function() {
if (AJAX_RUNNING) return;
if (settings.onsubmit != undefined) {
if (settings.onsubmit.preaction != undefined) {
settings.onsubmit.preaction();
}
AJAX_RUNNING = 1;
if (settings.onsubmit.dataType == undefined) {
settings.onsubmit.dataType = "html";
}
var formdata = new FormData();
if (settings.extradata) {
settings.extradata.forEach(function(item) {
if (item.value != undefined)
formdata.append(item.name, item.value);
});
}
formdata.append("page", settings.onsubmit.page);
formdata.append("method", settings.onsubmit.method);
var flagError = false;
if (Array.isArray(settings.form) === false) {
$("#" + settings.form + " :input").each(function() {
if (this.checkValidity() === false) {
$(this).attr("title", this.validationMessage);
$(this).tooltip({
tooltipClass: "uitooltip",
position: {
my: "right bottom",
at: "right top",
using: function(position, feedback) {
$(this).css(position);
$("<div>")
.addClass("arrow")
.addClass(feedback.vertical)
.addClass(feedback.horizontal)
.appendTo(this);
}
}
});
$(this).tooltip("open");
var element = $(this);
setTimeout(
function(element) {
element.tooltip("destroy");
element.removeAttr("title");
},
3000,
element
);
flagError = true;
}
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
});
} else {
settings.form.forEach(function(element) {
$("#" + element + " :input, #" + element + " textarea").each(
function() {
// TODO VALIDATE ALL INPUTS.
if (this.type == "file") {
if ($(this).prop("files")[0]) {
formdata.append(this.name, $(this).prop("files")[0]);
}
} else {
if ($(this).attr("type") == "checkbox") {
if (this.checked) {
formdata.append(this.name, "on");
}
} else {
formdata.append(this.name, $(this).val());
}
}
}
);
});
}
if (flagError === false) {
if (
settings.onsubmitClose != undefined &&
settings.onsubmitClose == 1
) {
$(this).dialog("close");
}
$.ajax({
method: "post",
url: settings.url,
processData: false,
contentType: false,
data: formdata,
dataType: settings.onsubmit.dataType,
success: function(data) {
if (settings.ajax_callback != undefined) {
if (settings.idMsgCallback != undefined) {
settings.ajax_callback(data, settings.idMsgCallback);
} else {
settings.ajax_callback(data);
}
}
AJAX_RUNNING = 0;
}
});
} else {
AJAX_RUNNING = 0;
}
if (
settings.onsubmit != undefined &&
settings.onsubmit.onConfirmSubmit != undefined
) {
settings.onsubmit.onConfirmSubmit(btnClickHandler, $(this));
} else {
// No onsumbit configured. Directly close.
$(this).dialog("close");
if (document.getElementById(settings.form) != undefined) {
document.getElementById(settings.form).submit();
}
btnClickHandler($(this));
}
},
error: function(data) {

2
pandora_console/include/lib/Dashboard/Manager.php
View File

@ -1008,6 +1008,7 @@ class Manager
'dashboardName' => $this->dashboardFields['name'],
'hash' => self::generatePublicHash(),
'publicLink' => $this->publicLink,
'dashboardGroup' => $this->dashboardFields['id_group'],
]
);
} else {
@ -1025,6 +1026,7 @@ class Manager
'cells' => $this->cells,
'cellModeSlides' => $this->cellModeSlides,
'cellId' => ($this->cellId === 0) ? $this->cells[0]['id'] : $this->cellId,
'dashboardGroup' => $this->dashboardFields['id_group'],
]
);
}

38
pandora_console/include/lib/Dashboard/Widgets/agent_module.php
View File

@ -246,18 +246,26 @@ class AgentModuleWidget extends Widget
'label' => __('Filter modules'),
];
$return_all_group = false;
if (users_can_manage_group_all('RM') || $this->values['mGroup'] == 0) {
$return_all_group = true;
}
$inputs[] = [
'class' => 'flex flex-row',
'id' => 'select_multiple_modules_filtered',
'arguments' => [
'type' => 'select_multiple_modules_filtered',
'uniqId' => $this->cellId,
'mGroup' => $this->values['mGroup'],
'mRecursion' => $this->values['mRecursion'],
'mModuleGroup' => $this->values['mModuleGroup'],
'mAgents' => $this->values['mAgents'],
'mShowCommonModules' => $this->values['mShowCommonModules'],
'mModules' => $this->values['mModules'],
'type' => 'select_multiple_modules_filtered',
'uniqId' => $this->cellId,
'mGroup' => $this->values['mGroup'],
'mRecursion' => $this->values['mRecursion'],
'mModuleGroup' => $this->values['mModuleGroup'],
'mAgents' => $this->values['mAgents'],
'mShowCommonModules' => $this->values['mShowCommonModules'],
'mModules' => $this->values['mModules'],
'mShowSelectedOtherGroups' => true,
'mReturnAllGroup' => $return_all_group,
],
];
@ -326,10 +334,6 @@ class AgentModuleWidget extends Widget
}
foreach ($agents as $agent) {
if (users_access_to_agent($agent['id_agente']) === false) {
continue;
}
$row = [];
$row['agent_status'] = agents_get_status(
$agent['id_agente'],
@ -337,10 +341,18 @@ class AgentModuleWidget extends Widget
);
$row['agent_name'] = $agent['nombre'];
$row['agent_alias'] = $agent['alias'];
$agent_modules = agents_get_modules(
$sql = sprintf(
'SELECT id_agente_modulo, nombre
FROM tagente_modulo
WHERE id_agente = %d',
$agent['id_agente']
);
$agent_modules = db_get_all_rows_sql($sql);
$agent_modules = array_combine(array_column($agent_modules, 'id_agente_modulo'), array_column($agent_modules, 'nombre'));
$row['modules'] = [];
foreach ($modules_by_name as $module) {
$row['modules'][$module['name']] = null;

8
pandora_console/include/lib/Dashboard/Widgets/alerts_fired.php
View File

@ -215,13 +215,19 @@ class AlertsFiredWidget extends Widget
// Retrieve global - common inputs.
$inputs = parent::getFormInputs();
$return_all_group = false;
if (users_can_manage_group_all('RM') || $values['groupId'] == 0) {
$return_all_group = true;
}
// Groups.
$inputs[] = [
'label' => __('Group'),
'arguments' => [
'type' => 'select_groups',
'name' => 'groupId',
'returnAllGroup' => true,
'returnAllGroup' => $return_all_group,
'privilege' => 'AR',
'selected' => $values['groupId'],
'return' => true,

17
pandora_console/include/lib/Dashboard/Widgets/custom_graph.php
View File

@ -243,8 +243,23 @@ class CustomGraphWidget extends Widget
$values['showLegend'] = 1;
}
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
// Custom graph.
$fields = \custom_graphs_get_user();
$fields = \custom_graphs_get_user(0, false, $return_all_group);
// If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['id_graph'] !== null && !array_key_exists($values['id_graph'], $fields)) {
$selected_graph = db_get_row('tgraph', 'id_graph', $values['id_graph']);
$fields[$values['id_graph']] = $selected_graph;
}
$inputs[] = [
'label' => __('Graph'),
'arguments' => [

43
pandora_console/include/lib/Dashboard/Widgets/events_list.php
View File

@ -364,6 +364,14 @@ class EventsListWidget extends Widget
],
];
$return_all_group = false;
$selected_groups_array = explode(',', $values['groupId'][0]);
if (users_can_manage_group_all('RM') || ($selected_groups_array[0] !== '' && in_array(0, $selected_groups_array) === true)) {
// Return all group if user has permissions or it is a currently selected group.
$return_all_group = true;
}
// Groups.
$inputs[] = [
'label' => __('Groups'),
@ -372,9 +380,10 @@ class EventsListWidget extends Widget
'name' => 'groupId[]',
'returnAllGroup' => true,
'privilege' => 'AR',
'selected' => explode(',', $values['groupId'][0]),
'selected' => $selected_groups_array,
'return' => true,
'multiple' => true,
'returnAllGroup' => $return_all_group,
],
];
@ -429,7 +438,14 @@ class EventsListWidget extends Widget
global $config;
$output = '';
$user_groups = \users_get_groups();
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$user_groups = \users_get_groups(false, 'AR', $return_all_group);
ui_require_css_file('events', 'include/styles/', true);
ui_require_css_file('tables', 'include/styles/', true);
@ -442,14 +458,6 @@ class EventsListWidget extends Widget
return $output;
}
foreach ($this->values['groupId'] as $id_group) {
// Sanity check for user access.
if (isset($user_groups[$id_group]) === false) {
$output .= __('You must select some group');
return;
}
}
$useTags = \tags_has_user_acl_tags($config['id_user']);
if ($useTags) {
if (empty($this->values['tagsId']) === true) {
@ -465,9 +473,20 @@ class EventsListWidget extends Widget
$filter = [];
// Group all.
if (in_array(0, $this->values['groupId'])) {
$filter['id_grupo'] = array_keys(users_get_groups());
$filter['id_grupo'] = array_keys($user_groups);
} else {
$filter['id_grupo'] = $this->values['groupId'];
$filter['id_grupo'] = array_intersect($this->values['groupId'], array_keys($user_groups));
}
if (empty($filter['id_grupo'])) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You have no access'),
'',
true
);
$output .= '</div>';
return $output;
}
$filter['utimestamp'] = '>'.$unixtime;

23
pandora_console/include/lib/Dashboard/Widgets/graph_module_histogram.php
View File

@ -312,6 +312,7 @@ class GraphModuleHistogramWidget extends Widget
'agent_id' => $values['agentId'],
'metaconsole_id' => $values['metaconsoleId'],
'style' => 'width: inherit;',
'filter_modules' => users_access_to_agent($values['agentId']) === false ? [$values['moduleId']] : [],
],
];
@ -384,28 +385,6 @@ class GraphModuleHistogramWidget extends Widget
$id_group = \agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$content = [
'id_agent_module' => $id_module,
'period' => $period,

29
pandora_console/include/lib/Dashboard/Widgets/groups_status.php
View File

@ -259,33 +259,10 @@ class GroupsStatusWidget extends Widget
include_once $config['homedir'].'/include/functions_graph.php';
$output = '';
// Check ACL.
$user_groups = \users_get_groups(false, 'AR', false);
if (empty($this->values['groupId']) === true) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
// Sanity check for user access.
if (isset($user_groups[$this->values['groupId']]) === false) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$stats = \reporting_get_group_stats_resume($this->values['groupId']);
$stats = \reporting_get_group_stats_resume($this->values['groupId'], 'AR', true);
$data = '<div class="widget-groups-status"><span>';
$data .= ui_print_group_icon(
@ -301,7 +278,7 @@ class GroupsStatusWidget extends Widget
$url .= '&refr=60&group_id='.$this->values['groupId'];
$data .= '<h1>';
$data .= '<a href="'.$url.'">';
$data .= $user_groups[$this->values['groupId']];
$data .= groups_get_name($this->values['groupId']);
$data .= '</a>';
$data .= '</h1></div>';

35
pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
View File

@ -229,7 +229,26 @@ class MapsMadeByUser extends Widget
// Retrieve global - common inputs.
$inputs = parent::getFormInputs();
$fields = \visual_map_get_user_layouts($config['id_user'], true);
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$fields = \visual_map_get_user_layouts(
$config['id_user'],
true,
['can_manage_group_all' => $return_all_group],
$return_all_group
);
// If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
if ($values['vcId'] !== null && !array_key_exists($values['vcId'], $fields)) {
$selected_vc = db_get_value('name', 'tlayout', 'id', $values['vcId']);
$fields[$values['vcId']] = $selected_vc;
}
// Visual console.
$inputs[] = [
@ -308,20 +327,6 @@ class MapsMadeByUser extends Widget
$groupId = $visualConsoleData['groupId'];
$visualConsoleName = $visualConsoleData['name'];
// ACL.
$aclRead = check_acl($config['id_user'], $groupId, 'VR');
$aclWrite = check_acl($config['id_user'], $groupId, 'VW');
$aclManage = check_acl($config['id_user'], $groupId, 'VM');
if ($aclRead === 0 && $aclWrite === 0 && $aclManage === 0) {
db_pandora_audit(
'ACL Violation',
'Trying to access visual console without group access'
);
include 'general/noaccess.php';
exit;
}
$uniq = uniqid();
$output = '<div class="container-center">';

30
pandora_console/include/lib/Dashboard/Widgets/maps_status.php
View File

@ -215,14 +215,41 @@ class MapsStatusWidget extends Widget
include_once $config['homedir'].'/include/functions_visual_map.php';
$dataVc = \visual_map_get_user_layouts(
$return_all_group = false;
if (users_can_manage_group_all('RM')) {
$return_all_group = true;
}
$selected = explode(',', $values['maps'][0]);
$dataAllVc = \visual_map_get_user_layouts(
$config['id_user'],
false,
[],
true,
false,
false
);
$dataVc = \visual_map_get_user_layouts(
$config['id_user'],
false,
['can_manage_group_all' => $return_all_group],
$return_all_group,
false
);
$diff = array_diff_key($dataAllVc, $dataVc);
if (!empty($diff)) {
foreach ($diff as $key => $value) {
if (in_array($key, $selected)) {
$dataVc[$key] = $value;
}
}
}
$fields = array_reduce(
$dataVc,
function ($carry, $item) {
@ -280,6 +307,7 @@ class MapsStatusWidget extends Widget
false,
[],
true,
false,
false
);

22
pandora_console/include/lib/Dashboard/Widgets/module_icon.php
View File

@ -342,6 +342,7 @@ class ModuleIconWidget extends Widget
'agent_id' => $values['agentId'],
'metaconsole_id' => $values['metaconsoleId'],
'style' => 'width: inherit;',
'filter_modules' => users_access_to_agent($values['agentId']) === false ? [$values['moduleId']] : [],
],
];
@ -480,32 +481,11 @@ class ModuleIconWidget extends Widget
$output = '';
$id_group = \agents_get_agent_group($this->values['agentId']);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$modulesAgent = \modules_get_agentmodule_agent(
$this->values['moduleId']
);
if ($modulesAgent !== (int) $this->values['agentId']) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = \modules_get_last_value(
$this->values['moduleId']
);

23
pandora_console/include/lib/Dashboard/Widgets/module_status.php
View File

@ -332,6 +332,7 @@ class ModuleStatusWidget extends Widget
'agent_id' => $values['agentId'],
'metaconsole_id' => $values['metaconsoleId'],
'style' => 'width: inherit;',
'filter_modules' => users_access_to_agent($values['agentId']) === false ? [$values['moduleId']] : [],
],
];
@ -457,30 +458,8 @@ class ModuleStatusWidget extends Widget
$id_agent = $this->values['agentId'];
$id_group = agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$id_module = $this->values['moduleId'];
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$icon = $this->values['imageSrc'];
$label = $this->values['label'];
$sizeLabel = (isset($this->values['sizeLabel']) === true) ? $this->values['sizeLabel'] : 30;

23
pandora_console/include/lib/Dashboard/Widgets/module_table_value.php
View File

@ -291,6 +291,7 @@ class ModuleTableValueWidget extends Widget
'agent_id' => $values['agentId'],
'metaconsole_id' => $values['metaconsoleId'],
'style' => 'width: inherit;',
'filter_modules' => users_access_to_agent($values['agentId']) === false ? [$values['moduleId']] : [],
],
];
@ -366,28 +367,6 @@ class ModuleTableValueWidget extends Widget
$id_module = $this->values['moduleId'];
$size_text = $this->values['sizeLabel'];
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = modules_get_last_value($id_module);
$value = (string) $data_module;

23
pandora_console/include/lib/Dashboard/Widgets/module_value.php
View File

@ -316,6 +316,7 @@ class ModuleValueWidget extends Widget
'agent_id' => $values['agentId'],
'metaconsole_id' => $values['metaconsoleId'],
'style' => 'width: inherit;',
'filter_modules' => users_access_to_agent($values['agentId']) === false ? [$values['moduleId']] : [],
],
];
@ -382,30 +383,8 @@ class ModuleValueWidget extends Widget
$id_agent = $this->values['agentId'];
$id_group = agents_get_agent_group($id_agent);
if (check_acl($config['id_user'], $id_group, 'AR') === 0) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$id_module = $this->values['moduleId'];
if (modules_get_agentmodule_agent($id_module) !== (int) $id_agent) {
$output .= '<div class="container-center">';
$output .= \ui_print_error_message(
__('You don\'t have access'),
'',
true
);
$output .= '</div>';
return $output;
}
$data_module = \modules_get_last_value($id_module);
$label = $this->values['label'];

Some files were not shown because too many files have changed in this diff Show More