Collections Async synchronization Meta <=> Nodes

pandora_console/include/api.php

@@ -29,12 +29,14 @@
 // Begin.
 require_once 'config.php';
 require_once 'functions_api.php';
-require '../vendor/autoload.php';
 global $config;
 
 define('DEBUG', 0);
 define('VERBOSE', 0);
 
+// Load extra classes.
+require_once $config['homedir'].'/vendor/autoload.php';
+
 // Enterprise support.
 if (file_exists($config['homedir'].'/'.ENTERPRISE_DIR.'/load_enterprise.php') === true) {
     include_once $config['homedir'].'/'.ENTERPRISE_DIR.'/load_enterprise.php';
@@ -91,8 +93,21 @@ if ($info == 'version') {
     exit;
 }
 
-if (isInACL($ipOrigin)) {
-    if (empty($apiPassword) || (!empty($apiPassword) && $api_password === $apiPassword)) {
+if (empty($apiPassword) === true
+    || (empty($apiPassword) === false && $api_password === $apiPassword)
+    && enterprise_hook(
+        'metaconsole_validate_origin',
+        [get_parameter('server_auth')]
+) === true
+) {
+    // Allow internal direct node -> metaconsole connection.
+    $config['id_usuario'] = 'admin';
+    // Compat.
+    $config['id_user'] = 'admin';
+    $correctLogin = true;
+} else if ((bool) isInACL($ipOrigin) === true) {
+    // External access.
+    if (empty($apiPassword) === true || (empty($apiPassword) === false && $api_password === $apiPassword)) {
         $user_in_db = process_user_login($user, $password, true);
         if ($user_in_db !== false) {
             $config['id_usuario'] = $user_in_db;
@@ -109,13 +124,6 @@ if (isInACL($ipOrigin)) {
 
             config_prepare_session();
             session_write_close();
-        } else if (enterprise_hook(
-            'metaconsole_validate_origin',
-            [get_parameter('server_auth')]
-        ) === true
-        ) {
-            // Allow direct node -> metaconsole connection.
-            $correctLogin = true;
         } else {
             $no_login_msg = 'Incorrect user credentials';
         }

pandora_server/bin/pandora_server

@@ -588,15 +588,7 @@ sub main() {
 
 	# Only if console_api_url was not defined
 	if( !defined($Config{"console_api_url"}) ) {
-		my $console_api_url = pandora_get_tconfig_token ($DBH, 'public_url', '');
-		my $include_api = 'include/api.php';
-		# If public_url is empty in database
-		if ( $console_api_url eq '' ) {
-			$Config{"console_api_url"} = 'http://127.0.0.1/pandora_console/' . $include_api;
-			logger(\%Config, "Assuming default path for API url: " . $Config{"console_api_url"}, 3);
-		} else {
-			$Config{"console_api_url"} = $console_api_url . $include_api;	
-		}
+		$Config{"console_api_url"} = get_console_api_url(\%Config, $DBH);
 	}
 
 	# Definition of configuration file
@@ -657,6 +649,10 @@ sub main() {
 			print CFG "console_pass " .$Config{"console_pass"} . "\n";
 
 			close (CFG);
+
+			pandora_set_tconfig_token($DBH, 'internal_user_pass',
+				pandora_input_password(\%Config, $Config{"console_pass"})
+			);
 		} else {
 			logger(\%Config, "[WARNING] Error with configuration file when define `console_pass`: $!", 3);
 		}
@@ -701,6 +697,8 @@ sub main() {
 					print CFG "\n# Console User (created for API use)\n";
 					print CFG "console_user " . $Config{"console_user"} . "\n";
 					close (CFG);
+
+					pandora_set_tconfig_token($DBH, 'internal_user', $Config{"console_user"});
 				} else {
 					logger(\%Config, "Warning. Was not possible edit configuration file for add console user", 3);
 				}

pandora_server/lib/PandoraFMS/Config.pm

@@ -39,6 +39,7 @@ our @EXPORT = qw(
 	pandora_start_log
 	pandora_get_sharedconfig
 	pandora_get_tconfig_token
+	pandora_set_tconfig_token
 	pandora_get_initial_product_name
 	pandora_get_initial_copyright_notice
 	);
@@ -1333,6 +1334,29 @@ sub pandora_get_tconfig_token ($$$) {
 	return $default_value;
 }
 
+##########################################################################
+# Write the given token to tconfig table.
+##########################################################################
+sub pandora_set_tconfig_token ($$$) {
+	my ($dbh, $token, $value) = @_;
+	
+	my $token_value = get_db_value ($dbh, "SELECT value FROM tconfig WHERE token = ?", $token);
+	if (defined ($token_value) && $token_value ne '') {
+		db_update($dbh,
+			'UPDATE `tconfig` SET `value`=? WHERE `token`= ?',
+			safe_input($value),
+			$token
+		);
+	} else {
+		db_insert($dbh, 'id_config',
+			'INSERT INTO `tconfig`(`token`, `value`) VALUES (?, ?)',
+			$token,
+			safe_input($value)
+		);
+	}
+	
+}
+
 ##########################################################################
 # Get the product name in previous tasks to read from database.
 ##########################################################################

pandora_server/lib/PandoraFMS/DB.pm

@@ -69,6 +69,7 @@ our @EXPORT = qw(
 		get_alert_template_module_id
 		get_alert_template_name
 		get_command_id
+		get_console_api_url
 		get_db_rows
 		get_db_rows_limit
 		get_db_single_row
@@ -212,6 +213,30 @@ sub db_disconnect ($) {
 	$dbh->disconnect();
 }
 
+########################################################################
+## Return local console API url. 
+########################################################################
+sub get_console_api_url ($$) {
+	my ($pa_config, $dbh) = @_;
+
+	# Only if console_api_url was not defined
+	if( !defined($pa_config->{"console_api_url"}) ) {
+		my $console_api_url = PandoraFMS::Config::pandora_get_tconfig_token(
+			$dbh, 'public_url', ''
+		);
+
+		my $include_api = 'include/api.php';
+		# If public_url is empty in database
+		if ( $console_api_url eq '' ) {
+			$pa_config->{"console_api_url"} = 'http://127.0.0.1/pandora_console/' . $include_api;
+			logger($pa_config, "Assuming default path for API url: " . $pa_config->{"console_api_url"}, 3);
+		} else {
+			$pa_config->{"console_api_url"} = $console_api_url . $include_api;	
+		}
+	}
+	return $pa_config->{'console_api_url'};
+}
+
 ########################################################################
 ## Return action ID given the action name.
 ########################################################################