From f537dbb961cb40ee1da166b47d0ce7cbdc1ab16e Mon Sep 17 00:00:00 2001
From: fermin831 <fermin.hernandez@artica.es>
Date: Mon, 22 Oct 2018 16:19:29 +0200
Subject: [PATCH] Validate the group command on action creation

---
 .../godmode/alerts/alert_actions.php          | 119 +-----------------
 .../godmode/alerts/configure_alert_action.php |  11 ++
 pandora_console/include/functions_alerts.php  | 112 +++++++++++++++++
 3 files changed, 126 insertions(+), 116 deletions(-)

diff --git a/pandora_console/godmode/alerts/alert_actions.php b/pandora_console/godmode/alerts/alert_actions.php
index 3bad38b982..fd83bb6638 100644
--- a/pandora_console/godmode/alerts/alert_actions.php
+++ b/pandora_console/godmode/alerts/alert_actions.php
@@ -57,7 +57,7 @@ else {
 	$sec = 'galertas';
 }
 
-if ((!$copy_action) && (!$delete_action) && (!$update_action)) {
+if ((!$copy_action) && (!$delete_action)) {
 	// Header	
 	if (defined('METACONSOLE')) {
 		alerts_meta_print_header ();
@@ -141,121 +141,8 @@ if ($copy_action) {
 		__('Could not be copied'));
 }
 
-if ($create_action) {
-	$name = (string) get_parameter ('name');
-	$id_alert_command = (int) get_parameter ('id_command');
-	
-	$fields_descriptions = array();
-	$fields_values = array();
-	$info_fields = '';
-	$values = array();
-	for($i=1;$i<=$config['max_macro_fields'];$i++) {
-		$values['field'.$i] = (string) get_parameter ('field'.$i.'_value');
-		$info_fields .= ' Field'.$i.': ' . $values['field'.$i];
-		$values['field'.$i.'_recovery'] = (string) get_parameter ('field'.$i.'_recovery_value');
-		$info_fields .= ' Field'.$i.'Recovery: ' . $values['field'.$i.'_recovery'];
-	}
-
-	$values['id_group'] = (string) get_parameter ('group');
-	$values['action_threshold'] = (int) get_parameter ('action_threshold');
-	
-	$name_check = db_get_value ('name', 'talert_actions', 'name', $name);
-	
-	if ($name_check) {
-		$result = '';
-	}
-	else {
-		$result = alerts_create_alert_action ($name, $id_alert_command,
-			$values);
-		
-		$info = '{"Name":"'.$name.'", "ID alert Command":"'.$id_alert_command.'", "Field information":"'.$info_fields.'", "Group":"'.$values['id_group'].'",
-			"Action threshold":"'.$values['action_threshold'].'"}';
-	}
-	
-	if ($result) {
-		db_pandora_audit("Command management", "Create alert action #" . $result, false, false, $info);
-	}
-	else {
-		db_pandora_audit("Command management", "Fail try to create alert action", false, false);
-	}
-	
-	ui_print_result_message ($result,
-		__('Successfully created'),
-		__('Could not be created'));
-}
-
-if ($update_action) {
-	$id = (string) get_parameter ('id');
-	
-	$al_action = alerts_get_alert_action ($id);
-	
-	if ($al_action !== false) {
-		if ($al_action['id_group'] == 0) {
-			if (! check_acl ($config['id_user'], 0, "PM")) {
-				db_pandora_audit("ACL Violation",
-					"Trying to access Alert Management");
-				require ("general/noaccess.php");
-				exit;
-			}
-			else {
-				// Header
-				if (defined('METACONSOLE')) {
-					alerts_meta_print_header ();
-				}
-				else {
-					ui_print_page_header (__('Alerts').' &raquo; '.__('Alert actions'), "images/gm_alerts.png", false, "alerts_config", true);
-				}
-			}
-		}
-	}
-	else {
-		// Header
-		if (defined('METACONSOLE')) {
-			alerts_meta_print_header ();
-		}
-		else {
-			ui_print_page_header (__('Alerts').' &raquo; '.__('Alert actions'), "images/gm_alerts.png", false, "alerts_config", true);
-		}
-	}
-	
-	
-	$name = (string) get_parameter ('name');
-	$id_alert_command = (int) get_parameter ('id_command');
-	$group = get_parameter ('group');
-	$action_threshold = (int) get_parameter ('action_threshold');
-	
-	$info_fields = '';
-	$values = array();
-	
-	for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
-		$values['field'.$i] = (string) get_parameter ('field'.$i.'_value');
-		$info_fields .= ' Field1: ' . $values['field'.$i];
-		$values['field'.$i.'_recovery'] = (string) get_parameter ('field'.$i.'_recovery_value');
-		$info_fields .= ' Field'.$i.'Recovery: ' . $values['field'.$i.'_recovery'];
-	}
-	
-	$values['name'] = $name;
-	$values['id_alert_command'] = $id_alert_command;
-	$values['id_group'] = $group;
-	$values['action_threshold'] = $action_threshold;
-	
-	if (!$name) {
-		$result = '';
-	}
-	else {
-		$result = alerts_update_alert_action ($id, $values);
-	}
-	
-	if ($result) {
-		db_pandora_audit("Command management", "Update alert action #" . $id, false, false, json_encode($values));
-	}
-	else {
-		db_pandora_audit("Command management", "Fail try to update alert action #" . $id, false, false, json_encode($values));
-	}
-	
-	ui_print_result_message ($result,
-		__('Successfully updated'),
-		__('Could not be updated'));
+if ($update_action || $create_action) {
+	alerts_ui_update_or_create_actions($update_action);
 }
 
 if ($delete_action) {
diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php
index d1fe842469..88b72e4f8b 100644
--- a/pandora_console/godmode/alerts/configure_alert_action.php
+++ b/pandora_console/godmode/alerts/configure_alert_action.php
@@ -282,6 +282,17 @@ $(document).ready (function () {
 				
 				var max_fields = parseInt('<?php echo $config["max_macro_fields"]; ?>');
 				
+				// Change the selected group
+				$("#group option").each(function(index, value) {
+					var current_group = $(value).val()
+					if (data.id_group != 0 && current_group != 0 && current_group != data.id_group) {
+						$(value).hide();
+					} else {
+						$(value).show();
+					}
+				});
+				$("#group").val(0);
+
 				for (i = 1; i <= max_fields; i++) {
 					var old_value = '';
 					var old_recovery_value = '';
diff --git a/pandora_console/include/functions_alerts.php b/pandora_console/include/functions_alerts.php
index 17cc0c8bde..752202ba1a 100644
--- a/pandora_console/include/functions_alerts.php
+++ b/pandora_console/include/functions_alerts.php
@@ -2268,5 +2268,117 @@ function alerts_normalize_actions_escalation($escalation) {
 		
 	return $escalation;
 }
+/**
+ * Check if a command can be added to an action.
+ *
+ * @param int Action group id
+ * @param int Command group id
+ *
+ * @return False if command group and alert group are distint of 0 and they are not equal
+ */
+function alerts_validate_command_to_action($action_group, $command_group) {
+	// If action group or command group is All, all commands can be applicated.
+	if ($action_group == 0 || $command_group == 0) return true;
+	return $action_group == $command_group;
+}
+
+/**
+ * Print the UI update actions
+ *
+ * @param bool Update or create
+ */
+function alerts_ui_update_or_create_actions($update = true) {
+	global $config;
+	$id = (string) get_parameter ('id');
+
+	// Check ACL of existing aler action
+	if($update) {
+		$al_action = alerts_get_alert_action ($id);
+		if ($al_action !== false) {
+			if ($al_action['id_group'] == 0) {
+				if (! check_acl ($config['id_user'], 0, "PM")) {
+					db_pandora_audit("ACL Violation",
+						"Trying to access Alert Management");
+					require ("general/noaccess.php");
+					exit;
+				}
+			}
+		}
+	}
+
+	$name = (string) get_parameter ('name');
+	$id_alert_command = (int) get_parameter ('id_command');
+	$group = get_parameter ('group');
+	$action_threshold = (int) get_parameter ('action_threshold');
+
+	// Validate the command
+	if (!$id_alert_command) {
+		ui_print_error_message(__('Invalid alert command.'));
+		return;
+	}
+	$comamnd_group = db_get_value('id_group', 'talert_commands', 'id', $id_alert_command);
+	if(!alerts_validate_command_to_action($group, $comamnd_group)) {
+		ui_print_error_message(__("Alert and command group does not match"));
+		return;
+	}
+
+	// Fill fields info
+	$info_fields = '';
+	$values = array();
+	for ($i = 1; $i <= $config['max_macro_fields']; $i++) {
+		$values['field'.$i] = (string) get_parameter ('field'.$i.'_value');
+		$info_fields .= ' Field'.$i.': ' . $values['field'.$i];
+		$values['field'.$i.'_recovery'] = (string) get_parameter ('field'.$i.'_recovery_value');
+		$info_fields .= ' Field'.$i.'Recovery: ' . $values['field'.$i.'_recovery'];
+	}
+
+	$values['id_group'] = $group;
+	$values['action_threshold'] = $action_threshold;
+	if ($update) {
+		$values['name'] = $name;
+		$values['id_alert_command'] = $id_alert_command;
+		$result = (!$name) ? '' : alerts_update_alert_action ($id, $values);
+	} else {
+		$name_check = db_get_value ('name', 'talert_actions', 'name', $name);
+		if ($name_check) {
+			$result = '';
+		}
+		else {
+			$result = alerts_create_alert_action ($name, $id_alert_command,
+				$values);
+			$values = array(
+				"Name" => $name,
+				"ID alert Command" => $id_alert_command,
+				"Field information" => $info_fields,
+				"Group" => $values['id_group'],
+				"Action threshold" => $values['action_threshold']
+			);
+		}
+	}
+
+	if ($result) {
+		db_pandora_audit(
+			"Command management",
+			$update ? "Update alert action #" . $id : "Create alert action #" . $result,
+			false,
+			false,
+			json_encode($values)
+		);
+	}
+	else {
+		db_pandora_audit(
+			"Command management",
+			$update ?  "Fail try to update alert action #" . $id : "Fail try to create alert action",
+			false,
+			false,
+			$update ? json_encode($values) : ''
+		);
+	}
+
+	ui_print_result_message ($result,
+		$update ? __('Successfully updated') : __('Successfully created'),
+		$update ? __('Could not be updated') : __('Could not be created')
+	);
+}
 
 ?>