tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-6074-Ya-no-existe-el-public-link-para-dashboards' into 'develop' 

Add public link dashboards

See merge request artica/pandorafms!3347
This commit is contained in:
Daniel Rodriguez 2020-07-22 10:56:16 +02:00
parent b6af8758cb fdad32e4f0
commit fe5fcfbb1d
14 changed files with 392 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
pandora_console/ajax.php
View File

@ -41,7 +41,9 @@ if (__PAN_XHPROF__ === 1) {
} }
} }
if ((! file_exists('include/config.php')) || (! is_readable('include/config.php'))) { if ((! file_exists('include/config.php'))
|| (! is_readable('include/config.php'))
) {
exit; exit;
} }
@ -52,7 +54,9 @@ require_once 'include/functions.php';
require_once 'include/functions_db.php'; require_once 'include/functions_db.php';
require_once 'include/auth/mysql.php'; require_once 'include/auth/mysql.php';
if (isset($config['console_log_enabled']) && $config['console_log_enabled'] == 1) { if (isset($config['console_log_enabled']) === true
&& $config['console_log_enabled'] == 1
) {
ini_set('log_errors', 1); ini_set('log_errors', 1);
ini_set('error_log', $config['homedir'].'/log/console.log'); ini_set('error_log', $config['homedir'].'/log/console.log');
} else { } else {
@ -60,14 +64,15 @@ if (isset($config['console_log_enabled']) && $config['console_log_enabled'] == 1
ini_set('error_log', 0); ini_set('error_log', 0);
} }
// Hash login process.
// Hash login process if (isset($_GET['loginhash']) === true) {
if (isset($_GET['loginhash'])) {
$loginhash_data = get_parameter('loginhash_data', ''); $loginhash_data = get_parameter('loginhash_data', '');
$loginhash_user = str_rot13(get_parameter('loginhash_user', '')); $loginhash_user = str_rot13(get_parameter('loginhash_user', ''));
if ($config['loginhash_pwd'] != '' if ($config['loginhash_pwd'] != ''
&& $loginhash_data == md5($loginhash_user.io_output_password($config['loginhash_pwd'])) && $loginhash_data == md5(
$loginhash_user.io_output_password($config['loginhash_pwd'])
)
) { ) {
db_logon($loginhash_user, $_SERVER['REMOTE_ADDR']); db_logon($loginhash_user, $_SERVER['REMOTE_ADDR']);
$_SESSION['id_usuario'] = $loginhash_user; $_SESSION['id_usuario'] = $loginhash_user;
@ -76,14 +81,38 @@ if (isset($_GET['loginhash'])) {
include_once 'general/login_page.php'; include_once 'general/login_page.php';
db_pandora_audit('Logon Failed (loginhash', '', 'system'); db_pandora_audit('Logon Failed (loginhash', '', 'system');
while (@ob_end_flush()) { while (@ob_end_flush()) {
// Dumping...
continue;
} }
exit('</html>'); exit('</html>');
} }
} }
$auth_class = io_safe_output(
get_parameter('auth_class', 'PandoraFMS\Dashboard\Manager')
);
$public_hash = get_parameter('auth_hash', false);
$public_login = false;
// Check user. // Check user.
check_login(); if (class_exists($auth_class) === false || $public_hash === false) {
check_login();
} else {
if ($auth_class::validatePublicHash($public_hash) === false) {
db_pandora_audit(
'Invalid public hash',
'Trying to access public dashboard'
);
include 'general/noaccess.php';
exit;
}
// OK. Simulated user log in. If you want to use your own auth_class
// remember to set $config['force_instant_logout'] to true to avoid
// persistent user login.
}
ob_start();
// Enterprise support. // Enterprise support.
if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php')) { if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php')) {
@ -98,7 +127,10 @@ $page .= '.php';
$config['id_user'] = $_SESSION['id_usuario']; $config['id_user'] = $_SESSION['id_usuario'];
$isFunctionSkins = enterprise_include_once('include/functions_skins.php'); $isFunctionSkins = enterprise_include_once('include/functions_skins.php');
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) { if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
$config['relative_path'] = enterprise_hook('skins_set_image_skin_path', [$config['id_user']]); $config['relative_path'] = enterprise_hook(
'skins_set_image_skin_path',
[$config['id_user']]
);
} }
if (is_metaconsole()) { if (is_metaconsole()) {
@ -115,3 +147,29 @@ if (file_exists($page)) {
if (__PAN_XHPROF__ === 1) { if (__PAN_XHPROF__ === 1) {
pandora_xhprof_display_result('ajax', 'console'); pandora_xhprof_display_result('ajax', 'console');
} }
if ($config['force_instant_logout'] === true) {
// Force user logout.
if (session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
$iduser = $_SESSION['id_usuario'];
$_SESSION = [];
session_destroy();
header_remove('Set-Cookie');
setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
if ($config['auth'] == 'saml') {
include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
$as = new SimpleSAML_Auth_Simple('PandoraFMS');
$as->logout();
}
}
while (@ob_end_flush()) {
// Dumping...
continue;
}

9
pandora_console/include/functions_reporting.php
View File

@ -11739,7 +11739,6 @@ function reporting_get_stats_servers()
$table_srv->style[1] = $table_srv->style[3] = 'text-align: left; padding: 5px;'; $table_srv->style[1] = $table_srv->style[3] = 'text-align: left; padding: 5px;';
$tdata = []; $tdata = [];
'<span class="big_data">'.format_numeric($server_performance['total_local_modules']).'</span>';
$tdata[0] = html_print_image('images/module.png', true, ['title' => __('Total running modules')]); $tdata[0] = html_print_image('images/module.png', true, ['title' => __('Total running modules')]);
$tdata[1] = '<span class="big_data">'.format_numeric($server_performance['total_modules']).'</span>'; $tdata[1] = '<span class="big_data">'.format_numeric($server_performance['total_modules']).'</span>';
$tdata[2] = '<span class="med_data">'.format_numeric($server_performance['total_modules_rate'], 2).'</span>'; $tdata[2] = '<span class="med_data">'.format_numeric($server_performance['total_modules_rate'], 2).'</span>';
@ -11846,12 +11845,6 @@ function reporting_get_stats_servers()
); );
$tdata[1] = '<span class="big_data" id="total_events">'.html_print_image('images/spinner.gif', true).'</span>'; $tdata[1] = '<span class="big_data" id="total_events">'.html_print_image('images/spinner.gif', true).'</span>';
/*
Hello there! :)
We added some of what seems to be "buggy" messages to the openSource version recently. This is not to force open-source users to move to the enterprise version, this is just to inform people using Pandora FMS open source that it requires skilled people to maintain and keep it running smoothly without professional support. This does not imply open-source version is limited in any way. If you check the recently added code, it contains only warnings and messages, no limitations except one: we removed the option to add custom logo in header. In the Update Manager section, it warns about the 'danger of applying automated updates without a proper backup, remembering in the process that the Enterprise version comes with a human-tested package. Maintaining an OpenSource version with more than 500 agents is not so easy, that's why someone using a Pandora with 8000 agents should consider asking for support. It's not a joke, we know of many setups with a huge number of agents, and we hate to hear that “its becoming unstable and slow” :(
You can of course remove the warnings, that's why we include the source and do not use any kind of trick. And that's why we added here this comment, to let you know this does not reflect any change in our opensource mentality of does the last 14 years.
*/
if ($system_events > 50000 && !enterprise_installed()) { if ($system_events > 50000 && !enterprise_installed()) {
$tdata[2] = "<div id='monitoreventsmodal' class='publienterprise' title='Community version' style='text-align:left'><img data-title='Enterprise version' class='img_help forced_title' data-use_title_for_force_title='1' src='images/alert_enterprise.png'></div>"; $tdata[2] = "<div id='monitoreventsmodal' class='publienterprise' title='Community version' style='text-align:left'><img data-title='Enterprise version' class='img_help forced_title' data-use_title_for_force_title='1' src='images/alert_enterprise.png'></div>";
} else { } else {
@ -11865,7 +11858,7 @@ function reporting_get_stats_servers()
$output = '<fieldset class="databox tactical_set"> $output = '<fieldset class="databox tactical_set">
<legend>'.__('Server performance').'</legend>'.html_print_table($table_srv, true).'</fieldset>'; <legend>'.__('Server performance').'</legend>'.html_print_table($table_srv, true).'</fieldset>';
$public_hash = get_parameter('hash', false); $public_hash = get_parameter('auth_hash', false);
if ($public_hash === false) { if ($public_hash === false) {
$output .= '<script type="text/javascript">'; $output .= '<script type="text/javascript">';
$output .= '$(document).ready(function () {'; $output .= '$(document).ready(function () {';

39
pandora_console/include/functions_treeview.php
View File

@ -19,7 +19,7 @@ function treeview_printModuleTable($id_module, $server_data=false, $no_head=fals
$server_name = ''; $server_name = '';
$server_id = ''; $server_id = '';
$url_hash = ''; $url_hash = '';
$console_url = ''; $console_url = ui_get_full_url('/');
} else { } else {
$server_name = $server_data['server_name']; $server_name = $server_data['server_name'];
$server_id = $server_data['id']; $server_id = $server_data['id'];
@ -500,7 +500,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
$server_name = ''; $server_name = '';
$server_id = ''; $server_id = '';
$url_hash = ''; $url_hash = '';
$console_url = ''; $console_url = ui_get_full_url('/');
} else { } else {
$server_name = $server_data['server_name']; $server_name = $server_data['server_name'];
$server_id = $server_data['id']; $server_id = $server_data['id'];
@ -567,7 +567,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
$table->head = []; $table->head = [];
$table->data = []; $table->data = [];
// Agent name // Agent name.
if ($agent['disabled']) { if ($agent['disabled']) {
$cellName = '<em>'; $cellName = '<em>';
} else { } else {
@ -576,10 +576,10 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
if (is_metaconsole()) { if (is_metaconsole()) {
$pwd = $server_data['auth_token']; $pwd = $server_data['auth_token'];
// Create HASH login info // Create HASH login info.
$user = $config['id_user']; $user = $config['id_user'];
// Extract auth token from serialized field // Extract auth token from serialized field.
$pwd_deserialiced = json_decode($pwd, true); $pwd_deserialiced = json_decode($pwd, true);
$hashdata = $user.$pwd_deserialiced['auth_token']; $hashdata = $user.$pwd_deserialiced['auth_token'];
@ -588,7 +588,11 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
$cellName .= '<a href="'.$url.'">'.'<b><span style="font-weight:bold;text-transform:uppercase;" title="'.$agent['nombre'].'">'.$agent['alias'].'</span></b></a>'; $cellName .= '<a href="'.$url.'">'.'<b><span style="font-weight:bold;text-transform:uppercase;" title="'.$agent['nombre'].'">'.$agent['alias'].'</span></b></a>';
} else { } else {
$cellName .= '<a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente='.$agent['id_agente'].'">'.'<b><span style="font-weight:bold;text-transform:uppercase;" title="'.$agent['nombre'].'">'.$agent['alias'].'</span></b></a>'; $url = ui_get_full_url(
'index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente='.$agent['id_agente']
);
$cellName .= '<a href="'.$url.'">';
$cellName .= '<b><span style="font-weight:bold;text-transform:uppercase;" title="'.$agent['nombre'].'">'.$agent['alias'].'</span></b></a>';
} }
if ($agent['disabled']) { if ($agent['disabled']) {
@ -600,7 +604,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
$row['data'] = $cellName; $row['data'] = $cellName;
$table->data['name'] = $row; $table->data['name'] = $row;
// Addresses // Addresses.
$ips = []; $ips = [];
$addresses = agents_get_addresses($id_agente); $addresses = agents_get_addresses($id_agente);
$address = agents_get_address($id_agente); $address = agents_get_address($id_agente);
@ -611,8 +615,11 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
} }
} }
if (!empty($addresses)) { if (empty($addresses) === false) {
$address .= ui_print_help_tip(__('Other IP addresses').': <br>'.implode('<br>', $addresses), true); $address .= ui_print_help_tip(
__('Other IP addresses').': <br>'.implode('<br>', $addresses),
true
);
} }
$row = []; $row = [];
@ -620,25 +627,27 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
$row['data'] = $address; $row['data'] = $address;
$table->data['address'] = $row; $table->data['address'] = $row;
// Agent Interval // Agent Interval.
$row = []; $row = [];
$row['title'] = __('Interval'); $row['title'] = __('Interval');
$row['data'] = human_time_description_raw($agent['intervalo']); $row['data'] = human_time_description_raw($agent['intervalo']);
$table->data['interval'] = $row; $table->data['interval'] = $row;
// Comments // Comments.
$row = []; $row = [];
$row['title'] = __('Description'); $row['title'] = __('Description');
$row['data'] = $agent['comentarios']; $row['data'] = $agent['comentarios'];
$table->data['description'] = $row; $table->data['description'] = $row;
// Last contact // Last contact.
$last_contact = ui_print_timestamp($agent['ultimo_contacto'], true); $last_contact = ui_print_timestamp($agent['ultimo_contacto'], true);
if ($agent['ultimo_contacto_remoto'] == '01-01-1970 00:00:00') { if ($agent['ultimo_contacto_remoto'] == '01-01-1970 00:00:00') {
$last_remote_contact = __('Never'); $last_remote_contact = __('Never');
} else { } else {
$last_remote_contact = date_w_fixed_tz($agent['ultimo_contacto_remoto']); $last_remote_contact = date_w_fixed_tz(
$agent['ultimo_contacto_remoto']
);
} }
$row = []; $row = [];
@ -646,7 +655,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
$row['data'] = "$last_contact / $last_remote_contact"; $row['data'] = "$last_contact / $last_remote_contact";
$table->data['contact'] = $row; $table->data['contact'] = $row;
// Next contact (agent) // Next contact (agent).
$progress = agents_get_next_contact($id_agente); $progress = agents_get_next_contact($id_agente);
$row = []; $row = [];
@ -660,7 +669,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
); );
$table->data['next_contact'] = $row; $table->data['next_contact'] = $row;
// End of table // End of table.
$agent_table = html_print_table($table, true); $agent_table = html_print_table($table, true);
if ($user_access_node && check_acl($config['id_user'], $agent['id_grupo'], 'AW')) { if ($user_access_node && check_acl($config['id_user'], $agent['id_grupo'], 'AW')) {

5
pandora_console/include/functions_ui.php
View File

@ -1708,9 +1708,8 @@ function ui_process_page_head($string, $bitfield)
<meta name="author" content="'.get_copyright_notice().'" /> <meta name="author" content="'.get_copyright_notice().'" />
<meta name="copyright" content="(c) '.get_copyright_notice().'" /> <meta name="copyright" content="(c) '.get_copyright_notice().'" />
<meta name="robots" content="index, follow" />'; <meta name="robots" content="index, follow" />';
$output .= '<link rel="icon" href="'.ui_get_favicon().'" type="image/ico" />'; $output .= '<link rel="icon" href="'.ui_get_full_url('/').ui_get_favicon().'" type="image/ico" />';
$output .= ' $output .= '<link rel="shortcut icon" href="'.ui_get_full_url('/').ui_get_favicon().'" type="image/x-icon" />
<link rel="shortcut icon" href="'.ui_get_favicon().'" type="image/x-icon" />
<link rel="alternate" href="operation/events/events_rss.php" title="Pandora RSS Feed" type="application/rss+xml" />'; <link rel="alternate" href="operation/events/events_rss.php" title="Pandora RSS Feed" type="application/rss+xml" />';
if ($config['language'] != 'en') { if ($config['language'] != 'en') {

73
pandora_console/include/javascript/pandora_dashboards.js
View File

@ -86,11 +86,14 @@ function initialiceLayout(data) {
data: { data: {
page: data.page, page: data.page,
method: "getCellsLayout", method: "getCellsLayout",
dashboardId: data.dashboardId dashboardId: data.dashboardId,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "json", dataType: "json",
success: function(data) { success: function(d) {
loadLayout(data); loadLayout(d);
}, },
error: function(error) { error: function(error) {
console.error(error); console.error(error);
@ -136,7 +139,8 @@ function initialiceLayout(data) {
position.maxWidth, position.maxWidth,
position.minHeight, position.minHeight,
position.maxHeight, position.maxHeight,
widgetId widgetId,
false
); );
}); });
// Commit. // Commit.
@ -167,7 +171,10 @@ function initialiceLayout(data) {
dashboardId: data.dashboardId, dashboardId: data.dashboardId,
cellId: id, cellId: id,
widgetId: widgetId, widgetId: widgetId,
gridWidth: gridWidth gridWidth: gridWidth,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "html", dataType: "html",
success: function(cellData) { success: function(cellData) {
@ -205,7 +212,10 @@ function initialiceLayout(data) {
widgetId: widgetId, widgetId: widgetId,
newWidth: newWidth, newWidth: newWidth,
newHeight: newHeight, newHeight: newHeight,
gridWidth: gridWidth gridWidth: gridWidth,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "html", dataType: "html",
success: function(widgetData) { success: function(widgetData) {
@ -291,7 +301,10 @@ function initialiceLayout(data) {
page: data.page, page: data.page,
method: "saveLayout", method: "saveLayout",
dashboardId: data.dashboardId, dashboardId: data.dashboardId,
items: items items: items,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "html", dataType: "html",
success: function(data) { success: function(data) {
@ -313,11 +326,14 @@ function initialiceLayout(data) {
page: data.page, page: data.page,
dashboardId: data.dashboardId, dashboardId: data.dashboardId,
method: "deleteCell", method: "deleteCell",
cellId: cellId cellId: cellId,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "json", dataType: "json",
success: function(data) { success: function(data) {
// For defect x and y = 0 // By default x and y = 0
// width and height = 4 // width and height = 4
// position auto = true. // position auto = true.
if (data.result !== 0) { if (data.result !== 0) {
@ -338,11 +354,14 @@ function initialiceLayout(data) {
data: { data: {
page: data.page, page: data.page,
method: "insertCellLayout", method: "insertCellLayout",
dashboardId: data.dashboardId dashboardId: data.dashboardId,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "json", dataType: "json",
success: function(data) { success: function(data) {
// For defect x and y = 0 // By default x and y = 0
// width and height = 4 // width and height = 4
// position auto = true. // position auto = true.
if (data.cellId !== 0) { if (data.cellId !== 0) {
@ -536,7 +555,10 @@ function initialiceLayout(data) {
method: "drawAddWidget", method: "drawAddWidget",
cellId: cellId, cellId: cellId,
offset: offset, offset: offset,
search: search search: search,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "html", dataType: "html",
success: function(data) { success: function(data) {
@ -606,7 +628,10 @@ function initialiceLayout(data) {
cellId: cellId, cellId: cellId,
widgetId: widgetId, widgetId: widgetId,
gridWidth: gridWidth, gridWidth: gridWidth,
redraw: true redraw: true,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "html", dataType: "html",
success: function(cellData) { success: function(cellData) {
@ -633,7 +658,10 @@ function initialiceLayout(data) {
newWidth: newWidth, newWidth: newWidth,
newHeight: newHeight, newHeight: newHeight,
gridWidth: gridWidth, gridWidth: gridWidth,
widgetId: widgetId widgetId: widgetId,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
}, },
dataType: "html", dataType: "html",
success: function(dataWidget) { success: function(dataWidget) {
@ -755,8 +783,9 @@ function dashboardLoadNetworkMap(settings) {
x_offset: settings.x_offset, x_offset: settings.x_offset,
y_offset: settings.y_offset, y_offset: settings.y_offset,
zoom_dash: settings.zoom_dash, zoom_dash: settings.zoom_dash,
id_user: settings.id_user, auth_class: settings.auth_class,
hash: settings.hash auth_hash: settings.auth_hash,
id_user: settings.id_user
}, },
dataType: "html", dataType: "html",
success: function(data) { success: function(data) {
@ -784,6 +813,8 @@ function dashboardLoadWuxStats(settings) {
id_agent: settings.id_agent, id_agent: settings.id_agent,
transaction: settings.transaction, transaction: settings.transaction,
view_all_stats: settings.view_all_stats, view_all_stats: settings.view_all_stats,
auth_class: settings.auth_class,
auth_hash: settings.auth_hash,
id_user: settings.id_user id_user: settings.id_user
}, },
dataType: "html", dataType: "html",
@ -821,9 +852,10 @@ function processTreeSearch(settings) {
data: { data: {
getChildren: 1, getChildren: 1,
page: settings.page, page: settings.page,
id_user: settings.user,
hash: settings.hash,
type: settings.type, type: settings.type,
auth_class: settings.auth_class,
auth_hash: settings.auth_hash,
id_user: settings.id_user,
filter: filters filter: filters
}, },
success: function(data) { success: function(data) {
@ -858,8 +890,11 @@ function processTreeSearch(settings) {
emptyMessage: settings.translate.emptyMessage, emptyMessage: settings.translate.emptyMessage,
foundMessage: settings.translate.foundMessage, foundMessage: settings.translate.foundMessage,
tree: data.tree, tree: data.tree,
baseURL: settings.baseURL, auth_hash: settings.auth_hash,
auth_class: settings.auth_class,
id_user: settings.id_user,
ajaxURL: settings.ajaxUrl, ajaxURL: settings.ajaxUrl,
baseURL: settings.baseUrl,
filter: filters, filter: filters,
counterTitles: { counterTitles: {
total: { total: {

25
pandora_console/include/javascript/tree/TreeController.js
View File

@ -450,7 +450,10 @@ var TreeController = {
var postData = { var postData = {
page: controller.ajaxPage, page: controller.ajaxPage,
getDetail: 1, getDetail: 1,
type: type type: type,
auth_class: controller.auth_class,
id_user: controller.id_user,
auth_hash: controller.auth_hash
}; };
if (typeof id !== "undefined") postData.id = id; if (typeof id !== "undefined") postData.id = id;
@ -970,11 +973,6 @@ var TreeController = {
}); });
} }
} }
// Get hash and user.
var public_hash = $("#hidden-publi_dash_tree_view_hash").val();
if (typeof public_hash === "undefined") public_hash = 0;
var public_user = $("#hidden-publi_dash_tree_view_id_user").val();
if (typeof public_user === "undefined") public_user = 0;
if ( if (
typeof element.searchChildren != "undefined" && typeof element.searchChildren != "undefined" &&
@ -1014,8 +1012,9 @@ var TreeController = {
rootType: element.rootType, rootType: element.rootType,
metaID: element.metaID, metaID: element.metaID,
filter: controller.filter, filter: controller.filter,
hash: public_hash, auth_class: controller.auth_class,
id_user: public_user id_user: controller.id_user,
auth_hash: controller.auth_hash
}, },
complete: function(xhr, textStatus) { complete: function(xhr, textStatus) {
$node.removeClass("leaf-loading"); $node.removeClass("leaf-loading");
@ -1150,6 +1149,16 @@ var TreeController = {
this.filter = data.filter; this.filter = data.filter;
} }
if (typeof data.auth_class !== "undefined") {
this.auth_class = data.auth_class;
}
if (typeof data.id_user !== "undefined") {
this.id_user = data.id_user;
}
if (typeof data.auth_hash !== "undefined") {
this.auth_hash = data.auth_hash;
}
this.load(); this.load();
}, },
remove: function() { remove: function() {

119
pandora_console/include/lib/Dashboard/Manager.php
View File

@ -183,8 +183,25 @@ class Manager
{ {
global $config; global $config;
// Check access. // Check ACL.
$hash = get_parameter('hash', false);
// Check user access.
if ($hash === false) {
check_login(); check_login();
if (check_acl($config['id_user'], 0, 'RR') === 0) {
include 'general/noaccess.php';
return;
}
} else {
if (self::validatePublicHash($hash) === false) {
db_pandora_audit(
'Invalid public hash',
'Trying to access public dashboard'
);
include 'general/noaccess.php';
exit;
}
}
// User is admin. // User is admin.
$this->isAdmin = (bool) \is_user_admin($config['id_user']); $this->isAdmin = (bool) \is_user_admin($config['id_user']);
@ -259,6 +276,86 @@ class Manager
} }
/**
* Generates a hash to authenticate in public dashboards.
*
* @param string|null $other_secret To authenticate some parts
* of public dashboards (like visual consoles or wux widgets)
* another hash is needed. Other secret avoid
* to reuse the main hash to view other components.
*
* @return string Returns a hash with the authenticaction.
*/
public static function generatePublicHash(?string $other_secret=''):string
{
global $config;
$str = $config['dbpass'];
$str .= $config['id_user'];
$str .= $other_secret;
return hash('sha256', $str);
}
/**
* Validates a hash to authenticate in public dashboards.
*
* @param string $hash Hash to be checked.
* @param string $other_secret Yo need to provide it to
* authenticate some parts of widgets.
*
* @return boolean Returns true if hash is valid.
*/
public static function validatePublicHash(
string $hash,
string $other_secret=''
):bool {
global $config;
if (isset($config['id_user']) === true) {
// Already logged in.
return true;
}
$userFromParams = false;
// Try to get id_user from parameters if it is missing.
if (isset($config['id_user']) === false) {
$userFromParams = true;
$config['id_user'] = get_parameter('id_user', false);
// It is impossible to authenticate without an id user.
if ($config['id_user'] === false) {
unset($config['id_user']);
return false;
}
} else {
$config['public_dashboard'] = false;
}
// Build a hash to check.
$hashCheck = self::generatePublicHash($other_secret);
if ($hashCheck === $hash) {
// "Log" user in.
if (session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
$_SESSION['id_usuario'] = $config['id_user'];
session_write_close();
$config['public_dashboard'] = true;
$config['force_instant_logout'] = true;
return true;
}
// Remove id user from config array if authentication has failed.
if ($userFromParams === true) {
unset($config['id_user']);
}
return false;
}
/** /**
* Instance Widget. * Instance Widget.
* *
@ -854,7 +951,7 @@ class Manager
'dashboardId' => $this->dashboardId, 'dashboardId' => $this->dashboardId,
]; ];
exit(json_encode($result)); echo json_encode($result);
} }
@ -889,6 +986,7 @@ class Manager
'refr' => $this->refr, 'refr' => $this->refr,
'url' => $this->url, 'url' => $this->url,
'dashboardName' => $this->dashboardFields['name'], 'dashboardName' => $this->dashboardFields['name'],
'hash' => self::generatePublicHash(),
] ]
); );
} else { } else {
@ -920,7 +1018,9 @@ class Manager
'url' => \ui_get_full_url('ajax.php'), 'url' => \ui_get_full_url('ajax.php'),
'createDashboard' => $this->createDashboard, 'createDashboard' => $this->createDashboard,
'updateDashboard' => $this->updateDashboard, 'updateDashboard' => $this->updateDashboard,
'cellIdCreate' => get_parameter('cellIdCreate', 0), 'cellIdCreate' => \get_parameter('cellIdCreate', 0),
'class' => (($config['public_dashboard'] === true) ? quotemeta(__CLASS__) : ''),
'hash' => (($config['public_dashboard'] === true) ? self::generatePublicHash() : ''),
] ]
); );
} else { } else {
@ -938,9 +1038,6 @@ class Manager
'widgetId' => $cellData['id_widget'], 'widgetId' => $cellData['id_widget'],
'cellId' => $this->cellId, 'cellId' => $this->cellId,
]; ];
} else {
// TODO:XXX
$output = 'no tiene widget';
} }
View::render( View::render(
@ -991,7 +1088,7 @@ class Manager
); );
} }
exit(json_encode($result)); echo json_encode($result);
} }
@ -1016,7 +1113,7 @@ class Manager
$result = ['cellId' => $dataCell['id']]; $result = ['cellId' => $dataCell['id']];
exit(json_encode($result)); echo json_encode($result);
} }
@ -1149,7 +1246,7 @@ class Manager
} }
} }
exit(json_encode($result)); echo json_encode($result);
} }
@ -1171,7 +1268,7 @@ class Manager
$result = ['result' => $res]; $result = ['result' => $res];
exit(json_encode($result)); echo json_encode($result);
} }
@ -1264,7 +1361,7 @@ class Manager
]; ];
} }
exit(json_encode($result)); echo json_encode($result);
} }

6
pandora_console/include/lib/Dashboard/Widgets/network_map.php
View File

@ -28,6 +28,8 @@
namespace PandoraFMS\Dashboard; namespace PandoraFMS\Dashboard;
use PandoraFMS\Dashboard\Manager;
/** /**
* Network map Widgets. * Network map Widgets.
*/ */
@ -389,8 +391,8 @@ class NetworkMapWidget extends Widget
'y_offset' => $y_offset, 'y_offset' => $y_offset,
'zoom_dash' => $zoom_dash, 'zoom_dash' => $zoom_dash,
'id_user' => $config['id_user'], 'id_user' => $config['id_user'],
'hash' => $hash, 'auth_class' => 'PandoraFMS\Dashboard\Manager',
'auth_hash' => Manager::generatePublicHash(),
] ]
); );

14
pandora_console/include/lib/Dashboard/Widgets/tree_view.php
View File

@ -28,6 +28,8 @@
namespace PandoraFMS\Dashboard; namespace PandoraFMS\Dashboard;
use PandoraFMS\Dashboard\Manager;
/** /**
* Tree view Widgets. * Tree view Widgets.
*/ */
@ -547,12 +549,7 @@ class TreeViewWidget extends Widget
true true
); );
$base_url = \ui_get_full_url( $base_url = \ui_get_full_url('/');
false,
false,
false,
\is_metaconsole()
);
// Spinner. // Spinner.
$output .= \html_print_image( $output .= \html_print_image(
@ -585,8 +582,9 @@ class TreeViewWidget extends Widget
$settings = [ $settings = [
'page' => 'include/ajax/tree.ajax', 'page' => 'include/ajax/tree.ajax',
'user' => $config['id_user'], 'id_user' => $config['id_user'],
'hash' => $hash, 'auth_class' => 'PandoraFMS\Dashboard\Manager',
'auth_hash' => Manager::generatePublicHash(),
'type' => $tab, 'type' => $tab,
'cellId' => $id_cell, 'cellId' => $id_cell,
'ajaxUrl' => ui_get_full_url('ajax.php', false, false, false), 'ajaxUrl' => ui_get_full_url('ajax.php', false, false, false),

4
pandora_console/include/lib/Dashboard/Widgets/wux_transaction_stats.php
View File

@ -28,6 +28,8 @@
namespace PandoraFMS\Dashboard; namespace PandoraFMS\Dashboard;
use PandoraFMS\Dashboard\Manager;
/** /**
* Wux transaction stats Widgets. * Wux transaction stats Widgets.
*/ */
@ -342,6 +344,8 @@ class WuxStatsWidget extends Widget
'transaction' => $transaction, 'transaction' => $transaction,
'view_all_stats' => $view_all_stats, 'view_all_stats' => $view_all_stats,
'id_user' => $config['id_user'], 'id_user' => $config['id_user'],
'auth_class' => 'PandoraFMS\Dashboard\Manager',
'auth_hash' => Manager::generatePublicHash(),
'cellId' => $this->cellId, 'cellId' => $this->cellId,
] ]
); );

4
pandora_console/operation/dashboard/dashboard.php
View File

@ -42,7 +42,6 @@ try {
} catch (Exception $e) { } catch (Exception $e) {
if (is_ajax() === true) { if (is_ajax() === true) {
echo json_encode(['error' => '[Dashboards]'.$e->getMessage() ]); echo json_encode(['error' => '[Dashboards]'.$e->getMessage() ]);
exit;
} else { } else {
echo '[Dashboards]'.$e->getMessage(); echo '[Dashboards]'.$e->getMessage();
} }
@ -64,9 +63,6 @@ if (is_ajax() === true) {
} else { } else {
$cs->error('Method not found. ['.$method.']'); $cs->error('Method not found. ['.$method.']');
} }
// Stop any execution.
exit;
} else { } else {
// Run. // Run.
$cs->run(); $cs->run();

66
pandora_console/operation/dashboard/public_dashboard.php Normal file
View File

@ -0,0 +1,66 @@
<?php
/**
* Public access to dashboard.
*
* @category Dashboards
* @package Pandora FMS
* @subpackage Community
* @version 1.0.0
* @license See below
*
* ______ ___ _______ _______ ________
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
* Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
* Please see http://pandorafms.org for full contribution list
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation for version 2.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* ============================================================================
*/
// Begin.
require_once __DIR__.'/../../include/config.php';
global $config;
chdir($config['homedir']);
ob_start('ui_process_page_head');
ob_start();
// Fullscreen by default.
$config['pure'] = get_parameter('pure', 1);
require_once 'dashboard.php';
// Clean session to avoid direct access.
if ($config['force_instant_logout'] === true) {
// Force user logout.
$iduser = $_SESSION['id_usuario'];
if (session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
$_SESSION = [];
session_destroy();
header_remove('Set-Cookie');
setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
if ($config['auth'] == 'saml') {
include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
$as = new SimpleSAML_Auth_Simple('PandoraFMS');
$as->logout();
}
}
while (@ob_end_flush()) {
// Dumping...
continue;
}

37
pandora_console/views/dashboard/header.php
View File

@ -101,12 +101,35 @@ $slides['text'] .= html_print_image(
); );
$slides['text'] .= '</a>'; $slides['text'] .= '</a>';
// Refresh selector time dashboards. // Public Url.
$queryRefresh = [ $queryPublic = [
'dashboardId' => $dashboardId, 'dashboardId' => $dashboardId,
'hash' => $hash,
'id_user' => $config['id_user'],
'pure' => 1, 'pure' => 1,
]; ];
$urlRefresh = $url.'&'.http_build_query($queryRefresh); $publicUrl = ui_get_full_url(
'operation/dashboard/public_dashboard.php?'.http_build_query($queryPublic)
);
$publiclink['text'] = '<a id="public_link" href="'.$publicUrl.'" target="_blank">';
$publiclink['text'] .= html_print_image(
'images/camera_mc.png',
true,
['title' => __('Show link to public dashboard')]
);
$publiclink['text'] .= '</a>';
// Refresh selector time dashboards.
if ($config['public_dashboard'] === true) {
$urlRefresh = $publicUrl;
} else {
$queryRefresh = [
'dashboardId' => $dashboardId,
'pure' => 1,
];
$urlRefresh = $url.'&'.http_build_query($queryRefresh);
}
$comboRefresh['text'] = '<div class="dashboard-countdown" style="display: inline;"></div>'; $comboRefresh['text'] = '<div class="dashboard-countdown" style="display: inline;"></div>';
$comboRefresh['text'] .= '<form id="refr-form" method="post" action="'.$urlRefresh.'">'; $comboRefresh['text'] .= '<form id="refr-form" method="post" action="'.$urlRefresh.'">';
$comboRefresh['text'] .= __('Refresh').':'; $comboRefresh['text'] .= __('Refresh').':';
@ -165,7 +188,12 @@ $newWidget['text'] .= html_print_image(
); );
$newWidget['text'] .= '</a>'; $newWidget['text'] .= '</a>';
if ($config['pure']) { if ($config['public_dashboard'] === true) {
$buttons = [
'combo_refresh_one_dashboard' => $comboRefresh,
// 'slides' => $slides,
];
} else if ($config['pure']) {
$buttons = [ $buttons = [
'back_to_dashboard_list' => $back_to_dashboard_list, 'back_to_dashboard_list' => $back_to_dashboard_list,
'save_layout' => $save_layout_dashboard, 'save_layout' => $save_layout_dashboard,
@ -180,6 +208,7 @@ if ($config['pure']) {
'back_to_dashboard_list' => $back_to_dashboard_list, 'back_to_dashboard_list' => $back_to_dashboard_list,
'fullscreen' => $fullscreen, 'fullscreen' => $fullscreen,
'slides' => $slides, 'slides' => $slides,
'public_link' => $publiclink,
'combo_dashboard' => $combo_dashboard, 'combo_dashboard' => $combo_dashboard,
'options' => $options, 'options' => $options,
'newWidget' => $newWidget, 'newWidget' => $newWidget,

7
pandora_console/views/dashboard/layout.php
View File

@ -63,7 +63,12 @@ echo $output;
initialiceLayout({ initialiceLayout({
page: '<?php echo $ajaxController; ?>', page: '<?php echo $ajaxController; ?>',
url: '<?php echo $url; ?>', url: '<?php echo $url; ?>',
dashboardId: '<?php echo $dashboardId; ?>' dashboardId: '<?php echo $dashboardId; ?>',
auth: {
class: '<?php echo $class; ?>',
hash: '<?php echo $hash; ?>',
user: '<?php echo $config['id_user']; ?>'
}
}); });
// Mode for create new dashboard. // Mode for create new dashboard.