<?php
/**
 * User creation / update.
 *
 * @category   Users
 * @package    Pandora FMS
 * @subpackage Community
 * @version    1.0.0
 * @license    See below
 *
 *    ______                 ___                    _______ _______ ________
 *   |   __ \.-----.--.--.--|  |.-----.----.-----. |    ___|   |   |     __|
 *  |    __/|  _  |     |  _  ||  _  |   _|  _  | |    ___|       |__     |
 * |___|   |___._|__|__|_____||_____|__| |___._| |___|   |__|_|__|_______|
 *
 * ============================================================================
 * Copyright (c) 2005-2022 Artica Soluciones Tecnologicas
 * Please see http://pandorafms.org for full contribution list
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation for version 2.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * ============================================================================
 */

// Load global vars.
global $config;

check_login();

require_once $config['homedir'].'/vendor/autoload.php';

use PandoraFMS\Dashboard\Manager;

require_once $config['homedir'].'/include/functions_profile.php';
require_once $config['homedir'].'/include/functions_users.php';
require_once $config['homedir'].'/include/functions_groups.php';
require_once $config['homedir'].'/include/functions_visual_map.php';
require_once $config['homedir'].'/include/functions_custom_fields.php';
enterprise_include_once('include/functions_profile.php');

$meta = is_metaconsole();

$isFunctionSkins = enterprise_include_once('include/functions_skins.php');

// Add the columns for the enterprise Pandora edition.
$enterprise_include = false;
if (ENTERPRISE_NOT_HOOK !== enterprise_include('include/functions_policies.php')) {
    $enterprise_include = true;
}

if ($enterprise_include === true) {
    enterprise_include_once('meta/include/functions_users_meta.php');
}

if (is_metaconsole() === false) {
    date_default_timezone_set('UTC');
    include 'include/javascript/timezonepicker/includes/parser.inc';

    // Read in options for map builder.
    $bases = [
        'gray'           => 'Gray',
        'blue-marble'    => 'Blue marble',
        'night-electric' => 'Night Electric',
        'living'         => 'Living Earth',
    ];

    $local_file = 'include/javascript/timezonepicker/images/gray-400.png';

    // Dimensions must always be exact since the imagemap does not scale.
    $array_size = getimagesize($local_file);

    $map_width = $array_size[0];
    $map_height = $array_size[1];

    $timezones = timezone_picker_parse_files(
        $map_width,
        $map_height,
        'include/javascript/timezonepicker/tz_world.txt',
        'include/javascript/timezonepicker/tz_islands.txt'
    );


    foreach ($timezones as $timezone_name => $tz) {
        if ($timezone_name == 'America/Montreal') {
            $timezone_name = 'America/Toronto';
        } else if ($timezone_name == 'Asia/Chongqing') {
            $timezone_name = 'Asia/Shanghai';
        }

        $area_data_timezone_polys .= '';
        foreach ($tz['polys'] as $coords) {
            $area_data_timezone_polys .= '<area data-timezone="'.$timezone_name.'" data-country="'.$tz['country'].'" data-pin="'.implode(',', $tz['pin']).'" data-offset="'.$tz['offset'].'" shape="poly" coords="'.implode(',', $coords).'" />';
        }

        $area_data_timezone_rects .= '';
        foreach ($tz['rects'] as $coords) {
            $area_data_timezone_rects .= '<area data-timezone="'.$timezone_name.'" data-country="'.$tz['country'].'" data-pin="'.implode(',', $tz['pin']).'" data-offset="'.$tz['offset'].'" shape="rect" coords="'.implode(',', $coords).'" />';
        }
    }
}

// This defines the working user. Beware with this, old code get confusses
// and operates with current logged user (dangerous).
$id = get_parameter('id', get_parameter('id_user', ''));
// ID given as parameter.
$pure = get_parameter('pure', 0);

$user_info = get_user_info($id);
$is_err = false;

if ((bool) check_acl($config['id_user'], 0, 'UM') === false) {
    db_pandora_audit(
        AUDIT_LOG_ACL_VIOLATION,
        'Trying to access User Management'
    );
    include 'general/noaccess.php';

    return;
}

if (is_ajax() === true) {
    $delete_profile = (bool) get_parameter('delete_profile');
    $get_user_profile = (bool) get_parameter('get_user_profile');

    if ($delete_profile === true) {
        $id2 = (string) get_parameter('id_user');
        $id_up = (int) get_parameter('id_user_profile');

        $perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up);
        $id_perfil = $perfilUser['id_perfil'];
        $perfil = db_get_row('tperfil', 'id_perfil', $id_perfil);

        db_pandora_audit(
            AUDIT_LOG_USER_MANAGEMENT,
            'Deleted profile for user '.io_safe_output($id2),
            false,
            false,
            'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo']
        );

        $return = profile_delete_user_profile($id2, $id_up);
        ui_print_result_message(
            $return,
            __('Successfully deleted'),
            __('Could not be deleted')
        );


        $has_profile = db_get_row('tusuario_perfil', 'id_usuario', $id2);
        $user_is_global_admin = users_is_admin($id2);

        if ($has_profile === false && $user_is_global_admin === false) {
            $result = delete_user($id2);

            if ($result === true) {
                db_pandora_audit(
                    AUDIT_LOG_USER_MANAGEMENT,
                    __('Deleted user %s', io_safe_output($id_user))
                );
            }

            ui_print_result_message(
                $result,
                __('Successfully deleted'),
                __('There was a problem deleting the user')
            );

            // Delete the user in all the consoles.
            if (is_metaconsole() === true) {
                $servers = metaconsole_get_servers();
                foreach ($servers as $server) {
                    // Connect to the remote console.
                    metaconsole_connect($server);

                    // Delete the user.
                    $result = delete_user($id_user);
                    if ($result === true) {
                        db_pandora_audit(
                            AUDIT_LOG_USER_MANAGEMENT,
                            __('Deleted user %s from metaconsole', io_safe_output($id_user))
                        );
                    }

                    // Restore the db connection.
                    metaconsole_restore_db();

                    // Log to the metaconsole too.
                    if ($result === true) {
                        db_pandora_audit(
                            AUDIT_LOG_USER_MANAGEMENT,
                            __(
                                'Deleted user %s from %s',
                                io_safe_input($id_user),
                                io_safe_input($server['server_name'])
                            )
                        );
                    }

                    ui_print_result_message(
                        $result,
                        __('Successfully deleted from %s', io_safe_input($server['server_name'])),
                        __('There was a problem deleting the user from %s', io_safe_input($server['server_name']))
                    );
                }
            }
        }

        return;
    }

    if ($get_user_profile === true) {
        $profile_id = (int) get_parameter('profile_id');
        $group_id = (int) get_parameter('group_id', -1);
        $user_id = (string) get_parameter('user_id', '');
        $no_hierarchy = (int) get_parameter('no_hierarchy', -1);
        $assigned_by = (string) get_parameter('assigned_by', '');
        $id_policy = (int) get_parameter('id_policy', -1);
        $tags = (string) get_parameter('id_policy', '');

        $filter = [];

        if ($group_id > -1) {
            $filter['id_perfil'] = $profile_id;
        }

        if ($group_id > -1) {
            $filter['id_grupo'] = $group_id;
        }

        if ($user_id !== '') {
            $filter['id_usuario'] = $user_id;
        }

        if ($no_hierarchy > -1) {
            $filter['no_hierarchy'] = $no_hierarchy;
        }

        if ($assigned_by !== '') {
            $filter['assigned_by'] = $assigned_by;
        }

        if ($id_policy > -1) {
            $filter['id_policy'] = $id_policy;
        }

        if ($tags !== '') {
            $filter['tags'] = $tags;
        }

        $profile = db_get_all_rows_filter(
            'tusuario_perfil',
            $filter
        );

        if ($profile !== false && count($profile) > 0) {
            echo json_encode($profile);

            return;
        } else {
            echo json_encode('');
        }

        return;
    }
}

enterprise_hook('open_meta_frame');

$tab = get_parameter('tab', 'user');

// Header.
if (is_metaconsole() === true) {
    user_meta_print_header();
    $sec = 'advanced';
} else {
    $buttons = [
        'user'    => [
            'active' => false,
            'text'   => '<a href="index.php?sec=gusuarios&sec2=godmode/users/user_list&tab=user&pure='.$pure.'">'.html_print_image(
                'images/user.png',
                true,
                [
                    'title' => __('User management'),
                    'class' => 'invert_filter',
                ]
            ).'</a>',
        ],
        'profile' => [
            'active' => false,
            'text'   => '<a href="index.php?sec=gusuarios&sec2=godmode/users/profile_list&tab=profile&pure='.$pure.'">'.html_print_image(
                'images/profiles.png',
                true,
                [
                    'title' => __('Profile management'),
                    'class' => 'invert_filter',
                ]
            ).'</a>',
        ],
    ];

    $buttons[$tab]['active'] = true;

    ui_print_standard_header(
        (empty($id) === false) ? __('Update user') : __('Create user'),
        'images/gm_users.png',
        false,
        '',
        true,
        $buttons,
        [
            [
                'link'  => '',
                'label' => __('Profiles'),
            ],
            [
                'link'  => ui_get_full_url('index.php?sec=gusuarios&sec2=godmode/users/user_list'),
                'label' => __('Manage users'),
            ],
            [
                'link'  => '',
                'label' => __('User Detail Editor'),
            ],
        ]
    );

    $sec = 'gusuarios';
}


if ((bool) $config['user_can_update_info'] === true) {
    $view_mode = false;
} else {
    $view_mode = true;
}

$new_user = (bool) get_parameter('new_user');
$create_user = (bool) get_parameter('create_user');
$add_profile = (bool) get_parameter('add_profile');
$update_user = (bool) get_parameter('update_user');
$renewAPIToken = (bool) get_parameter('renewAPIToken');
$status = get_parameter('status', -1);
$json_profile = get_parameter('json_profile', '');

// Reset status var if current action is not update_user.
if ($new_user === true || $create_user === true || $add_profile === true
    || $delete_profile === true || $update_user === true
) {
    $status = -1;
}

if ($new_user === true && (bool) $config['admin_can_add_user'] === true) {
    $user_info = [];
    $id = '';
    $user_info['fullname'] = '';
    $user_info['firstname'] = '';
    $user_info['lastname'] = '';
    $user_info['email'] = '';
    $user_info['phone'] = '';
    $user_info['comments'] = '';
    $user_info['is_admin'] = 0;
    $user_info['language'] = 'default';
    $user_info['timezone'] = '';
    $user_info['not_login'] = false;
    $user_info['local_user'] = false;
    $user_info['strict_acl'] = false;
    $user_info['session_time'] = 0;
    $user_info['middlename'] = 0;

    if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
        $user_info['id_skin'] = '';
    }

    $user_info['section'] = '';
    $user_info['data_section'] = '';
    // This attributes are inherited from global configuration.
    $user_info['block_size'] = $config['block_size'];

    if (enterprise_installed() === true && is_metaconsole() === true) {
        $user_info['metaconsole_agents_manager'] = 0;
        $user_info['metaconsole_access_node'] = 0;
    }

    if ((bool) $config['ehorus_user_level_conf'] === true) {
        $user_info['ehorus_user_level_user'] = '';
        $user_info['ehorus_user_level_pass'] = '';
        $user_info['ehorus_user_level_enabled'] = true;
    }
}

if ($create_user === true) {
    if ((bool) $config['admin_can_add_user'] === false) {
        ui_print_error_message(
            __('The current authentication scheme doesn\'t support creating users on %s', get_product_name())
        );
        return;
    }

    if (html_print_csrf_error() === true) {
        return;
    }

    $user_is_admin = (get_parameter('is_admin', 0) === 0) ? 0 : 1;

    if (users_is_admin() === false && $user_is_admin !== 0) {
        db_pandora_audit(
            AUDIT_LOG_ACL_VIOLATION,
            'Trying to create with administrator privileges to user by non administrator user '.$config['id_user']
        );

        include 'general/noaccess.php';
        exit;
    }

    $values = [];
    $values['id_user'] = (string) get_parameter('id_user');
    $values['fullname'] = (string) get_parameter('fullname');
    $values['firstname'] = (string) get_parameter('firstname');
    $values['lastname'] = (string) get_parameter('lastname');
    $password_new = (string) get_parameter('password_new', '');
    $password_confirm = (string) get_parameter('password_confirm', '');
    $values['email'] = (string) get_parameter('email');
    $values['phone'] = (string) get_parameter('phone');
    $values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments'))));
    $values['allowed_ip_active'] = ((int) get_parameter_switch('allowed_ip_active', -1) === 0);
    $values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
    $values['is_admin'] = $user_is_admin;
    $values['language'] = get_parameter('language', 'default');
    $values['timezone'] = (string) get_parameter('timezone');
    $values['default_event_filter'] = (int) get_parameter('default_event_filter');
    $values['default_custom_view'] = (int) get_parameter('default_custom_view');
    $dashboard = get_parameter('dashboard', '');
    $visual_console = get_parameter('visual_console', '');

    if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
        $values['id_skin'] = (int) get_parameter('skin', 0);
    }

    $values['block_size'] = (int) get_parameter('block_size', $config['block_size']);

    $values['section'] = get_parameter('section');
    if (($values['section'] === 'Event list') || ($values['section'] === 'Group view') || ($values['section'] === 'Alert detail') || ($values['section'] === 'Tactical view') || ($values['section'] === 'Default')) {
        $values['data_section'] = '';
    } else if ($values['section'] === 'Dashboard') {
        $values['data_section'] = $dashboard;
    } else if (io_safe_output($values['section']) === 'Visual console') {
        $values['data_section'] = $visual_console;
    } else if ($values['section'] === 'Other' || io_safe_output($values['section']) === 'External link') {
        $values['data_section'] = get_parameter('data_section');
    }

    if (enterprise_installed() === true) {
        $values['force_change_pass'] = 1;
        $values['last_pass_change'] = date('Y/m/d H:i:s', get_system_time());
        if (is_metaconsole() === true) {
            $values['metaconsole_access'] = get_parameter('metaconsole_access', 'basic');
            $values['metaconsole_agents_manager'] = ($user_is_admin == 1 ? 1 : get_parameter('metaconsole_agents_manager', '0'));
            $values['metaconsole_access_node'] = ($user_is_admin == 1 ? 1 : get_parameter('metaconsole_access_node', '0'));
        }
    }

    $values['not_login'] = (bool) get_parameter('not_login', false);
    $values['local_user'] = (bool) get_parameter('local_user', false);
    $values['middlename'] = get_parameter('middlename', 0);
    $values['strict_acl'] = (bool) get_parameter('strict_acl', false);
    $values['session_time'] = (int) get_parameter('session_time', 0);

    // eHorus user level conf.
    if ((bool) $config['ehorus_user_level_conf'] === true) {
        $values['ehorus_user_level_enabled'] = (bool) get_parameter('ehorus_user_level_enabled', false);
        if ($values['ehorus_user_level_enabled'] === true) {
            $values['ehorus_user_level_user'] = (string) get_parameter('ehorus_user_level_user');
            $values['ehorus_user_level_pass'] = (string) get_parameter('ehorus_user_level_pass');
        } else {
            $values['ehorus_user_level_user'] = null;
            $values['ehorus_user_level_pass'] = null;
        }
    }

    // Generate new API token.
    $values['api_token'] = api_token_generate();

    if (empty($id) === true) {
        ui_print_error_message(__('User ID cannot be empty'));
        $is_err = true;
        $user_info = $values;
        $password_new = '';
        $password_confirm = '';
        $new_user = true;
    } else if (preg_match('/^\s+|\s+$/', io_safe_output($id))) {
        ui_print_error_message(__('Invalid user ID: leading or trailing blank spaces not allowed'));
        $is_err = true;
        $user_info = $values;
        $password_new = '';
        $password_confirm = '';
        $new_user = true;
    } else if (empty($password_new) === true) {
        $is_err = true;
        ui_print_error_message(__('Passwords cannot be empty'));
        $user_info = $values;
        $password_new = '';
        $password_confirm = '';
        $new_user = true;
    } else if ($password_new != $password_confirm) {
        $is_err = true;
        ui_print_error_message(__('Passwords didn\'t match'));
        $user_info = $values;
        $password_new = '';
        $password_confirm = '';
        $new_user = true;
    } else if (enterprise_hook('excludedPassword', [$password_new]) === true) {
        $is_err = true;
        ui_print_error_message(__('The password provided is not valid. Please set another one.'));
        $user_info = $values;
        $password_new = '';
        $password_confirm = '';
        $new_user = true;
    } else {
        if ((!is_user_admin($config['id_user']) || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
            $pass_ok = login_validate_pass($password_new, $id, true);
            if ($pass_ok != 1) {
                ui_print_error_message($pass_ok);
            } else {
                $result = create_user($id, $password_new, $values);
            }
        } else {
            $result = create_user($id, $password_new, $values);
        }

        $info = '{"Id_user":"'.$values['id_user'].'","FullName":"'.$values['fullname'].'","Firstname":"'.$values['firstname'].'","Lastname":"'.$values['lastname'].'","Email":"'.$values['email'].'","Phone":"'.$values['phone'].'","Comments":"'.$values['comments'].'","Is_admin":"'.$values['is_admin'].'","Language":"'.$values['language'].'","Timezone":"'.$values['timezone'].'","Block size":"'.$values['block_size'].'"';
        if ($values['allowed_ip_active'] === true) {
            $info .= ',"IPS Allowed":"'.$values['allowed_ip_list'].'"';
        }

        if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
            $info .= ',"Skin":"'.$values['id_skin'].'"}';
        } else {
            $info .= '}';
        }

        $can_create = false;



        if ($result) {
            $res = save_pass_history($id, $password_new);
        } else {
            $is_err = true;
            $user_info = $values;
            $password_new = '';
            $password_confirm = '';
            $new_user = true;
        }

        db_pandora_audit(
            AUDIT_LOG_USER_MANAGEMENT,
            'Created user '.io_safe_output($id),
            false,
            false,
            $info
        );

        ui_print_result_message(
            $result,
            __('Successfully created'),
            __('Could not be created')
        );

        $password_new = '';
        $password_confirm = '';

        if ($result) {
            if ($values['strict_acl']) {
                if ($values['is_admin']) {
                    ui_print_info_message(__('Strict ACL is not recommended for admin users because performance could be affected.'));
                }
            }

            $user_info = get_user_info($id);
            $new_user = false;

            if (!empty($json_profile)) {
                $json_profile = json_decode(io_safe_output($json_profile), true);
                foreach ($json_profile as $key => $profile) {
                    if (is_array($profile) === false) {
                        $profile = json_decode($profile, true);
                    }

                    if (!empty($profile)) {
                        $group2 = $profile['group'];
                        $profile2 = $profile['profile'];
                        $tags = $profile['tags'];
                        foreach ($tags as $k => $tag) {
                            if (empty($tag)) {
                                unset($tags[$k]);
                            }
                        }

                        $tags = implode(',', $tags);
                        $no_hierarchy = $profile['hierarchy'];

                        db_pandora_audit(
                            AUDIT_LOG_USER_MANAGEMENT,
                            'Added profile for user '.io_safe_output($id2),
                            false,
                            false,
                            'Profile: '.$profile2.' Group: '.$group2.' Tags: '.$tags
                        );

                        $result_profile = profile_create_user_profile($id, $profile2, $group2, false, $tags, $no_hierarchy);

                        if ($result_profile === false) {
                            $is_err = true;
                            $user_info = $values;
                            $password_new = '';
                            $password_confirm = '';
                            $new_user = true;
                        } else {
                            $pm = db_get_value_filter('pandora_management', 'tperfil', ['id_perfil' => $profile2]);

                            if ((int) $pm === 1) {
                                $user_source = db_get_value_filter(
                                    'id_source',
                                    'tnotification_source_user',
                                    [
                                        'id_source' => $notification['id'],
                                        'id_user'   => $id,
                                    ]
                                );
                                if ($user_source === false) {
                                    $notificationSources = db_get_all_rows_filter('tnotification_source', [], 'id');
                                    foreach ($notificationSources as $notification) {
                                        if ((int) $notification['id'] === 1 || (int) $notification['id'] === 5) {
                                            $notification_user = db_get_value_filter(
                                                'id_source',
                                                'tnotification_source_user',
                                                [
                                                    'id_source' => $notification['id'],
                                                    'id_user'   => $id,
                                                ]
                                            );
                                            if ($notification_user === false) {
                                                @db_process_sql_insert(
                                                    'tnotification_source_user',
                                                    [
                                                        'id_source' => $notification['id'],
                                                        'id_user'   => $id,
                                                    ]
                                                );
                                            }
                                        }
                                    }
                                }
                            }
                        }

                        ui_print_result_message(
                            $result_profile,
                            __('Profile added successfully'),
                            __('Profile cannot be added')
                        );
                    }
                }
            }
        } else {
            $user_info = $values;
            $new_user = true;
        }
    }
}

if ($update_user) {
    if (html_print_csrf_error() === true) {
        return;
    }

    $values = [];
    $values['id_user'] = (string) get_parameter('id_user');
    $values['fullname'] = (string) get_parameter('fullname');
    $values['firstname'] = (string) get_parameter('firstname');
    $values['lastname'] = (string) get_parameter('lastname');
    $values['email'] = (string) get_parameter('email');
    $values['phone'] = (string) get_parameter('phone');
    $values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments'))));
    $values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0);
    $values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
    $values['is_admin'] = (get_parameter('is_admin', 0) === 0) ? 0 : 1;
    $values['language'] = (string) get_parameter('language');
    $values['timezone'] = (string) get_parameter('timezone');
    $values['default_event_filter'] = (int) get_parameter('default_event_filter');
    $values['default_custom_view'] = (int) get_parameter('default_custom_view');
    // API Token information.
    $apiTokenRenewed = (bool) get_parameter('renewAPIToken');
    $values['api_token'] = ($apiTokenRenewed === true) ? api_token_generate() : users_get_API_token($values['id_user']);

    if (users_is_admin() === false && (bool) $values['is_admin'] !== false) {
        db_pandora_audit(
            AUDIT_LOG_ACL_VIOLATION,
            'Trying to add administrator privileges to user by non administrator user '.$config['id_user']
        );

        include 'general/noaccess.php';
        exit;
    }

    // Ehorus user level conf.
    $values['ehorus_user_level_enabled'] = (bool) get_parameter('ehorus_user_level_enabled', false);
    $values['ehorus_user_level_user'] = (string) get_parameter('ehorus_user_level_user');
    $values['ehorus_user_level_pass'] = (string) get_parameter('ehorus_user_level_pass');

    $values['middlename'] = get_parameter('middlename', 0);

    $dashboard = get_parameter('dashboard', '');
    $visual_console = get_parameter('visual_console', '');

    if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
        $values['id_skin'] = get_parameter('skin', 0);
    }

    $values['block_size'] = get_parameter('block_size', $config['block_size']);

    $values['section'] = get_parameter('section');
    if (($values['section'] === 'Event list') || ($values['section'] === 'Group view') || ($values['section'] === 'Alert detail') || ($values['section'] === 'Tactical view') || ($values['section'] === 'Default')) {
        $values['data_section'] = '';
    } else if ($values['section'] === 'Dashboard') {
        $values['data_section'] = $dashboard;
    } else if (io_safe_output($values['section']) === 'Visual console') {
        $values['data_section'] = $visual_console;
    } else if ($values['section'] === 'Other' || io_safe_output($values['section']) === 'External link') {
        $values['data_section'] = get_parameter('data_section');
    }

    if (enterprise_installed() === true && is_metaconsole() === true) {
        $values['metaconsole_access'] = get_parameter('metaconsole_access');
        $values['metaconsole_agents_manager'] = get_parameter('metaconsole_agents_manager', '0');
        $values['metaconsole_access_node'] = get_parameter('metaconsole_access_node', '0');
    }

    $values['not_login'] = (bool) get_parameter('not_login', false);
    $values['local_user'] = (bool) get_parameter('local_user', false);
    $values['strict_acl'] = (bool) get_parameter('strict_acl', false);
    $values['session_time'] = (int) get_parameter('session_time', 0);


    $res1 = update_user($id, $values);

    if ($config['user_can_update_password']) {
        $password_new = (string) get_parameter('password_new', '');
        $password_confirm = (string) get_parameter('password_confirm', '');
        $own_password_confirm = (string) get_parameter('own_password_confirm', '');

        if ($password_new != '') {
            $correct_password = false;

            $user_credentials_check = process_user_login($config['id_user'], $own_password_confirm, true);

            if ($user_credentials_check !== false) {
                $correct_password = true;
            }

            if ((string) $password_confirm === (string) $password_new) {
                if ($correct_password === true || is_user_admin($config['id_user'])) {
                    if ((is_user_admin($config['id_user']) === false || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
                        $pass_ok = login_validate_pass($password_new, $id, true);
                        if ($pass_ok != 1) {
                            ui_print_error_message($pass_ok);
                        } else {
                            $res2 = update_user_password($id, $password_new);
                            if ($res2) {
                                db_process_sql_insert(
                                    'tsesion',
                                    [
                                        'id_sesion'   => '',
                                        'id_usuario'  => $id,
                                        'ip_origen'   => $_SERVER['REMOTE_ADDR'],
                                        'accion'      => 'Password&#x20;change',
                                        'descripcion' => 'Access password updated',
                                        'fecha'       => date('Y-m-d H:i:s'),
                                        'utimestamp'  => time(),
                                    ]
                                );
                                $res3 = save_pass_history($id, $password_new);
                            }

                            ui_print_result_message(
                                $res1 || $res2,
                                __('User info successfully updated'),
                                __('Error updating user info (no change?)')
                            );
                        }
                    } else {
                        $res2 = update_user_password($id, $password_new);
                        if ($res2) {
                            $res3 = save_pass_history($id, $password_new);
                            db_process_sql_insert(
                                'tsesion',
                                [
                                    'id_sesion'   => '',
                                    'id_usuario'  => $id,
                                    'ip_origen'   => $_SERVER['REMOTE_ADDR'],
                                    'accion'      => 'Password&#x20;change',
                                    'descripcion' => 'Access password updated',
                                    'fecha'       => date('Y-m-d H:i:s'),
                                    'utimestamp'  => time(),
                                ]
                            );
                        }

                        ui_print_result_message(
                            $res1 || $res2,
                            __('User info successfully updated'),
                            __('Error updating user info (no change?)')
                        );
                    }
                } else {
                    if ($own_password_confirm === '') {
                        ui_print_error_message(__('Password of the active user is required to perform password change'));
                    } else {
                        ui_print_error_message(__('Password of active user is not correct'));
                    }
                }
            } else {
                db_process_sql_insert(
                    'tsesion',
                    [
                        'id_sesion'   => '',
                        'id_usuario'  => $id,
                        'ip_origen'   => $_SERVER['REMOTE_ADDR'],
                        'accion'      => 'Password&#x20;change',
                        'descripcion' => 'Access password update failed',
                        'fecha'       => date('Y-m-d H:i:s'),
                        'utimestamp'  => time(),
                    ]
                );
                ui_print_error_message(__('Passwords does not match'));
            }
        } else {
            $has_skin = false;
            $has_wizard = false;

            $info = '{"id_user":"'.$values['id_user'].'",
				"FullName":"'.$values['fullname'].'",
				"Firstname":"'.$values['firstname'].'",
				"Lastname":"'.$values['lastname'].'",
				"Email":"'.$values['email'].'",
				"Phone":"'.$values['phone'].'",
				"Comments":"'.$values['comments'].'",
				"Is_admin":"'.$values['is_admin'].'",
				"Language":"'.$values['language'].'",
				"Timezone":"'.$values['timezone'].'",
				"Block size":"'.$values['block_size'].'",
				"Section":"'.$values['section'].'"';

            if ($values['allowed_ip_active'] === true) {
                $info .= ',"IPS Allowed":"'.$values['allowed_ip_list'].'"';
            }

            if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
                $info .= ',"Skin":"'.$values['id_skin'].'"';
                $has_skin = true;
            }

            if (enterprise_installed() === true && is_metaconsole() === true) {
                $info .= ',"Wizard access":"'.$values['metaconsole_access'].'"}';
                $has_wizard = true;
            } else if ($has_skin === true) {
                $info .= '}';
            }

            if ($has_skin === false && $has_wizard === false) {
                $info .= '}';
            }


            db_pandora_audit(
                AUDIT_LOG_USER_MANAGEMENT,
                'Updated user '.io_safe_output($id),
                false,
                false,
                $info
            );

            ui_print_result_message(
                $res1,
                ($apiTokenRenewed === true) ? __('You have generated a new API Token.') : __('User info successfully updated'),
                __('Error updating user info (no change?)')
            );
        }
    } else {
        ui_print_result_message(
            $res1,
            __('User info successfully updated'),
            __('Error updating user info (no change?)')
        );
    }


    if ((bool) $values['strict_acl'] === true) {
        $count_groups = 0;
        $count_tags = 0;

        $profiles = db_get_all_rows_field_filter('tusuario_perfil', 'id_usuario', $id);
        if ($profiles === false) {
            $profiles = [];
        }

        foreach ($profiles as $profile) {
            $count_groups++;
            $arr_tags = explode(',', $profile['tags']);
            $count_tags = ($count_tags + count($arr_tags));
        }

        if (($count_groups > 3) && ($count_tags > 10)) {
            ui_print_info_message(__('Strict ACL is not recommended for this user. Performance could be affected.'));
        }
    }

    $user_info = $values;
}

if ((int) $status !== -1) {
    ui_print_result_message(
        $status,
        __('User info successfully updated'),
        __('Error updating user info (no change?)')
    );
}

if ($add_profile && empty($json_profile)) {
    $id2 = (string) get_parameter('id');
    $group2 = (int) get_parameter('assign_group');
    $profile2 = (int) get_parameter('assign_profile');
    $tags = (array) get_parameter('assign_tags');
    $no_hierarchy = (int) get_parameter('no_hierarchy', 0);

    foreach ($tags as $k => $tag) {
        if (empty($tag) === true) {
            unset($tags[$k]);
        }
    }

    $tags = implode(',', $tags);

    db_pandora_audit(
        AUDIT_LOG_USER_MANAGEMENT,
        'Added profile for user '.io_safe_output($id2),
        false,
        false,
        'Profile: '.$profile2.' Group: '.$group2.' Tags: '.$tags
    );
    $return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $no_hierarchy);
    if ($return === false) {
        $is_err = true;
    } else {
        $pm = db_get_value_filter('pandora_management', 'tperfil', ['id_perfil' => $profile2]);

        if ((int) $pm === 1) {
            $user_source = db_get_value_filter(
                'id_source',
                'tnotification_source_user',
                [
                    'id_source' => $notification['id'],
                    'id_user'   => $id,
                ]
            );
            if ($user_source === false) {
                $notificationSources = db_get_all_rows_filter('tnotification_source', [], 'id');
                foreach ($notificationSources as $notification) {
                    if ((int) $notification['id'] === 1 || (int) $notification['id'] === 5) {
                        $notification_user = db_get_value_filter(
                            'id_source',
                            'tnotification_source_user',
                            [
                                'id_source' => $notification['id'],
                                'id_user'   => $id,
                            ]
                        );
                        if ($notification_user === false) {
                            @db_process_sql_insert(
                                'tnotification_source_user',
                                [
                                    'id_source' => $notification['id'],
                                    'id_user'   => $id,
                                ]
                            );
                        }
                    }
                }
            }
        }
    }

    ui_print_result_message(
        $return,
        __('Profile added successfully'),
        __('Profile cannot be added')
    );
}

if ($values) {
    $user_info = $values;
}

if (!users_is_admin() && $config['id_user'] != $id && !$new_user) {
    $group_um = users_get_groups_UM($config['id_user']);
    if (isset($group_um[0])) {
        $group_um_string = implode(',', array_keys(users_get_groups($config['id_user'], 'um', true)));
    } else {
        $group_um_string = implode(',', array_keys($group_um));
    }

    $sql = sprintf(
        "SELECT tusuario_perfil.* FROM tusuario_perfil
        INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
        WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 1",
        $config['id_user'],
        $group_um_string
    );

    $result = db_get_all_rows_sql($sql);
    if ((bool) $result === false && (bool) $user_info['is_admin'] === false) {
        db_pandora_audit(
            AUDIT_LOG_ACL_VIOLATION,
            'Trying to access User Management'
        );
        include 'general/noaccess.php';

        return;
    }
}

if (is_metaconsole() === true) {
    html_print_div(
        [
            'class'   => 'user_form_title',
            'content' => ((bool) $id === true) ? __('Update User') : __('Create User'),
        ]
    );
}

if (!$new_user) {
    $user_id = '<div class="label_select_simple"><p class="edit_user_labels">'.__('User ID').': </p>';
    $user_id .= '<span>'.$id.'</span>';
    $user_id .= html_print_input_hidden('id_user', $id, true);
    $user_id .= '</div>';
    $user_id .= '<div class="label_select_simple"><p class="edit_user_labels">'.__('API Token').'</p>';
    $user_id .= html_print_anchor(
        [
            'onClick' => sprintf(
                'javascript:renewAPIToken(\'%s\', \'%s\', \'%s\')',
                __('Warning'),
                __('The API token will be renewed. After this action, the last token you were using will not work. Are you sure?'),
                'user_profile_form',
            ),
            'content' => html_print_image(
                'images/icono-refrescar.png',
                true,
                [
                    'class' => 'renew_api_token_image clickable',
                    'title' => __('Renew API Token'),
                ]
            ),
            'class'   => 'renew_api_token_link',
        ],
        true
    );

    $user_id .= html_print_anchor(
        [
            'onClick' => sprintf(
                'javascript:showAPIToken(\'%s\', \'%s\')',
                __('API Token'),
                base64_encode(__('Your API Token is:').'&nbsp;<br><span class="font_12pt bolder">'.users_get_API_token($id).'</span><br>&nbsp;'.__('Please, avoid share this string with others.')),
            ),
            'content' => html_print_image(
                'images/eye_show.png',
                true,
                [
                    'class' => 'renew_api_token_image clickable',
                    'title' => __('Show API Token'),
                ]
            ),
            'class'   => 'renew_api_token_link',
        ],
        true
    );
    $user_id .= '</div>';
} else {
    $user_id = '<div class="label_select_simple">'.html_print_input_text_extended(
        'id_user',
        $id,
        '',
        '',
        20,
        255,
        !$new_user || $view_mode,
        '',
        [
            'class'       => 'input_line user_icon_input',
            'placeholder' => __('User ID'),
        ],
        true
    ).'</div>';
}

if (is_user_admin($id) === true) {
    $avatar = html_print_image(
        'images/people_1.png',
        true,
        ['class' => 'user_avatar']
    );
} else {
    $avatar = html_print_image(
        'images/people_2.png',
        true,
        ['class' => 'user_avatar']
    );
}

$full_name = ' <div class="label_select_simple">'.html_print_input_text_extended(
    'fullname',
    $user_info['fullname'],
    'fullname',
    '',
    20,
    100,
    $view_mode,
    '',
    [
        'class'       => 'input',
        'placeholder' => __('Full (display) name'),
    ],
    true
).'</div>';

$language = '<div class="label_select"><p class="edit_user_labels">'.__('Language').'</p>';
$language .= html_print_select_from_sql(
    'SELECT id_language, name FROM tlanguage',
    'language',
    $user_info['language'],
    '',
    __('Default'),
    'default',
    true
).'</div>';


$timezone = '<div class="label_select"><p class="edit_user_labels">'.__('Timezone').ui_print_help_tip(
    __('The timezone must be that of the associated server.'),
    true
).'</p>';
$timezone .= html_print_timezone_select('timezone', $user_info['timezone']).'</div>';

if ($config['user_can_update_password']) {
    $new_pass = '<div class="label_select_simple"><span>'.html_print_input_text_extended(
        'password_new',
        '',
        'password_new',
        '',
        '25',
        '45',
        $view_mode,
        '',
        [
            'class'       => 'input',
            'placeholder' => __('Password'),
        ],
        true,
        true
    ).'</span></div>';
    $new_pass_confirm = '<div class="label_select_simple"><span>'.html_print_input_text_extended(
        'password_confirm',
        '',
        'password_conf',
        '',
        '20',
        '45',
        $view_mode,
        '',
        [
            'class'       => 'input',
            'placeholder' => __('Password confirmation'),
        ],
        true,
        true
    ).'</span></div>';

    if (!is_user_admin($config['id_user'])) {
        $own_pass_confirm = '<div class="label_select_simple"><span>'.html_print_input_text_extended(
            'own_password_confirm',
            '',
            'own_password_confirm',
            '',
            '20',
            '45',
            $view_mode,
            '',
            [
                'class'       => 'input',
                'placeholder' => __('Own password confirmation'),
            ],
            true,
            true
        ).'</span></div>';
    }
}

if (users_is_admin() === true) {
    $global_profile = '<div class="label_select_simple" style="display: flex;align-items: center;">';
    $global_profile .= '<p class="edit_user_labels" style="margin-top: 0;">'.__('Administrator user').'</p>';
    $global_profile .= html_print_checkbox_switch(
        'is_admin',
        0,
        $user_info['is_admin'],
        true
    );
    $global_profile .= '</div>';
} else {
    $global_profile = html_print_input_hidden(
        'is_admin_sent',
        0,
        true
    );
}

$email = '<div class="label_select_simple">'.html_print_input_text_extended(
    'email',
    $user_info['email'],
    'email',
    '',
    '25',
    '100',
    $view_mode,
    '',
    [
        'class'       => 'input input_line email_icon_input',
        'placeholder' => __('E-mail'),
    ],
    true
).'</div>';

$phone = '<div class="label_select_simple">'.html_print_input_text_extended(
    'phone',
    $user_info['phone'],
    'phone',
    '',
    '20',
    '30',
    $view_mode,
    '',
    [
        'class'       => 'input input_line phone_icon_input',
        'placeholder' => __('Phone number'),
    ],
    true
).'</div>';

$comments = '<p class="edit_user_labels">'.__('Comments').'</p>';
$comments .= html_print_textarea(
    'comments',
    2,
    65,
    $user_info['comments'],
    ($view_mode ? 'readonly="readonly"' : ''),
    true
);

$allowedIP = '<p class="edit_user_labels">';
$allowedIP .= __('Login allowed IP list').'&nbsp;';
$allowedIP .= ui_print_help_tip(__('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), true).'&nbsp;';
$allowedIP .= html_print_checkbox_switch(
    'allowed_ip_active',
    0,
    $user_info['allowed_ip_active'],
    true
);
$allowedIP .= '</p>';
$allowedIP .= html_print_textarea(
    'allowed_ip_list',
    2,
    65,
    $user_info['allowed_ip_list'],
    (((bool) $view_mode === true) ? 'readonly="readonly"' : ''),
    true
);


// If we want to create a new user, skins displayed are the skins of the creator's group. If we want to update, skins displayed are the skins of the modified user.
$own_info = get_user_info($config['id_user']);
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
    $display_all_group = true;
} else {
    $display_all_group = false;
}

if ($new_user) {
    $usr_groups = (users_get_groups($config['id_user'], 'AR', $display_all_group));
    $id_usr = $config['id_user'];
} else {
    $usr_groups = (users_get_groups($id, 'AR', $display_all_group));
    $id_usr = $id;
}

if ((bool) $meta === false) {
    // User only can change skins if has more than one group.
    if (count($usr_groups) > 1) {
        if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
            $skin = '<div class="label_select"><p class="edit_user_labels">'.__('Skin').'</p>';
            $skin .= skins_print_select($id_usr, 'skin', $user_info['id_skin'], '', __('None'), 0, true).'</div>';
        }
    }
}

if ((bool) $meta === true) {
    $array_filters = get_filters_custom_fields_view(0, true);

    $search_custom_fields_view = '<div class="label_select"><p class="edit_user_labels">'.__('Search custom field view').' '.ui_print_help_tip(__('Load by default the selected view in custom field view'), true).'</p>';
    $search_custom_fields_view .= html_print_select(
        $array_filters,
        'default_custom_view',
        $user_info['default_custom_view'],
        '',
        __('None'),
        0,
        true,
        false,
        true,
        '',
        false
    ).'</div>';
}

$values = [
    -1 => __('Use global conf'),
    1  => __('Yes'),
    0  => __('No'),
];

$home_screen = '<div class="label_select"><p class="edit_user_labels">'.__('Home screen').ui_print_help_tip(
    __('User can customize the home page. By default, will display \'Agent Detail\'. Example: Select \'Other\' and type index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=1 to show agent detail view'),
    true
).'</p>';
;
$values = [
    'Default'        => __('Default'),
    'Visual console' => __('Visual console'),
    'Event list'     => __('Event list'),
    'Group view'     => __('Group view'),
    'Tactical view'  => __('Tactical view'),
    'Alert detail'   => __('Alert detail'),
    'External link'  => __('External link'),
    'Other'          => __('Other'),
    'Dashboard'      => __('Dashboard'),
];

$home_screen .= html_print_select(
    $values,
    'section',
    io_safe_output($user_info['section']),
    'show_data_section();',
    '',
    -1,
    true,
    false,
    false
).'</div>';


$dashboards = Manager::getDashboards(
    -1,
    -1,
    false,
    false,
    $id_usr
);

$dashboards_aux = [];
if ($dashboards === false) {
    $dashboards = ['None' => 'None'];
} else {
    foreach ($dashboards as $key => $dashboard) {
        $dashboards_aux[$dashboard['id']] = $dashboard['name'];
    }
}

$home_screen .= '<div id="show_db" style="display: none; width: 100%;">';
$home_screen .= html_print_select($dashboards_aux, 'dashboard', $user_info['data_section'], '', '', '', true);
$home_screen .= '</div>';


$layouts = visual_map_get_user_layouts($config['id_user'], true);
$layouts_aux = [];
if ($layouts === false) {
    $layouts_aux = ['None' => 'None'];
} else {
    foreach ($layouts as $layout) {
        $layouts_aux[$layout] = $layout;
    }
}

$home_screen .= '<div id="show_vc" style="display: none; width: 100%;">';
$home_screen .= html_print_select(
    $layouts_aux,
    'visual_console',
    $user_info['data_section'],
    '',
    '',
    '',
    true
);
$home_screen .= '</div>';

$home_screen .= html_print_input_text(
    'data_section',
    $user_info['data_section'],
    '',
    60,
    255,
    true,
    false
);

$size_pagination = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Block size for pagination').'</p>';
$size_pagination .= html_print_input_text(
    'block_size',
    $user_info['block_size'],
    '',
    5,
    5,
    true
).'</div>';

if ($id == $config['id_user']) {
    $language .= html_print_input_hidden(
        'quick_language_change',
        1,
        true
    );
}

if (enterprise_installed() && defined('METACONSOLE')) {
    $user_info_metaconsole_access = 'only_console';
    if (isset($user_info['metaconsole_access'])) {
        $user_info_metaconsole_access = $user_info['metaconsole_access'];
    }

    // TODO review help tips on meta.
    $meta_access = '<div class="label_select"><p class="edit_user_labels">'.__('Metaconsole access').' './* ui_print_help_icon('meta_access', true). */'</p>';
    $metaconsole_accesses = [
        'basic'    => __('Basic'),
        'advanced' => __('Advanced'),
    ];
    $meta_access .= html_print_select(
        $metaconsole_accesses,
        'metaconsole_access',
        $user_info_metaconsole_access,
        '',
        '',
        -1,
        true,
        false,
        false
    ).'</div>';
}

$not_login = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Not Login').'</p>';
$not_login .= ui_print_help_tip(
    __('The user with not login set only can access to API.'),
    true
);
$not_login .= html_print_checkbox_switch(
    'not_login',
    1,
    $user_info['not_login'],
    true
).'</div>';

$local_user = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Local user').'</p>';
$local_user .= ui_print_help_tip(
    __('The user with local authentication enabled will always use local authentication.'),
    true
);
$local_user .= html_print_checkbox_switch(
    'local_user',
    1,
    $user_info['local_user'],
    true
).'</div>';

$session_time = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Session Time');
$session_time .= ui_print_help_tip(
    __('This is defined in minutes, If you wish a permanent session should putting -1 in this field.'),
    true
).'</p>';
$session_time .= html_print_input_text(
    'session_time',
    $user_info['session_time'],
    '',
    5,
    5,
    true.false,
    false,
    '',
    'class="input_line_small"'
).'</div>';

$user_groups = implode(',', array_keys((users_get_groups($id, 'AR', $display_all_group))));

if (empty($user_groups) === false) {
    $event_filter_data = db_get_all_rows_sql('SELECT id_name, id_filter FROM tevent_filter WHERE id_group_filter IN ('.$user_groups.')');
    if ($event_filter_data === false) {
        $event_filter_data = [];
    }
} else {
    $event_filter_data = [];
}


$event_filter = [];
$event_filter[0] = __('None');
foreach ($event_filter_data as $filter) {
    $event_filter[$filter['id_filter']] = $filter['id_name'];
}

$default_event_filter = '<div class="label_select"><p class="edit_user_labels">'.__('Default event filter').'</p>';
$default_event_filter .= html_print_select(
    $event_filter,
    'default_event_filter',
    $user_info['default_event_filter'],
    '',
    '',
    __('None'),
    true,
    false,
    false
).'</div>';

if ($config['ehorus_user_level_conf']) {
    $ehorus = '<div class="label_select_simple"><p class="edit_user_labels">'.__('eHorus user access enabled').'</p>';
    $ehorus .= html_print_checkbox_switch(
        'ehorus_user_level_enabled',
        1,
        $user_info['ehorus_user_level_enabled'],
        true
    ).'</div>';
    $ehorus .= '<div class="user_edit_ehorus_outer">';
    $ehorus .= '<div class="label_select_simple user_edit_ehorus_inner"><p class="edit_user_labels">'.__('eHorus user').'</p>';
    $ehorus .= html_print_input_text(
        'ehorus_user_level_user',
        $user_info['ehorus_user_level_user'],
        '',
        15,
        45,
        true
    ).'</div>';
    $ehorus .= '<div class="label_select_simple user_edit_ehorus_inner"><p class="edit_user_labels">'.__('eHorus password').'</p>';
    $ehorus .= html_print_input_password(
        'ehorus_user_level_pass',
        io_output_password($user_info['ehorus_user_level_pass']),
        '',
        15,
        45,
        true
    ).'</div>';
    $ehorus .= '</div>';
}

$double_auth_enabled = (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $id);

if ($config['double_auth_enabled'] && check_acl($config['id_user'], 0, 'PM')) {
    $double_authentication = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Double authentication').'</p>';
    if (($config['2FA_all_users'] == '' && !$double_auth_enabled)
        || ($config['double_auth_enabled'] == '' && $double_auth_enabled)
        || check_acl($config['id_user'], 0, 'PM')
    ) {
        if ($new_user === false) {
            $double_authentication .= html_print_checkbox_switch('double_auth', 1, $double_auth_enabled, true);
        } else {
            $double_authentication .= ui_print_help_tip(__('User must be created before activating double authentication.'), true);
        }
    }

    // Dialog.
    $double_authentication .= '<div id="dialog-double_auth" class="invisible"><div id="dialog-double_auth-container"></div></div>';
}

if ($double_auth_enabled && $config['double_auth_enabled'] && $config['2FA_all_users'] != '') {
    $double_authentication .= html_print_button(
        __('Show information'),
        'show_info',
        false,
        'javascript:show_double_auth_info();',
        '',
        true
    );
}

if (isset($double_authentication)) {
    $double_authentication .= '</div>';
}

if ($meta) {
    enterprise_include_once('include/functions_metaconsole.php');

    $access_node = db_get_value('metaconsole_access_node', 'tusuario', 'id_user', $id);

    $metaconsole_agents_manager = '<div class="label_select_simple" id="metaconsole_agents_manager_div"><p class="edit_user_labels">'.__('Enable agents managment').'</p>';
    $metaconsole_agents_manager .= html_print_checkbox_switch(
        'metaconsole_agents_manager',
        1,
        $user_info['metaconsole_agents_manager'],
        true
    ).'</div>';

    $metaconsole_access_node = '<div class="label_select_simple" id="metaconsole_access_node_div"><p class="edit_user_labels">'.__('Enable node access').ui_print_help_tip(__('With this option enabled, the user will can access to nodes console'), true).'</p>';
    $metaconsole_access_node .= html_print_checkbox(
        'metaconsole_access_node',
        1,
        $access_node,
        true
    ).'</div>';
}

echo '<form id="user_profile_form" name="user_profile_form" method="post" autocomplete="off" action="#">';


if (!$id) {
    $user_id_update_view = $user_id;
    $user_id_create = '';
} else {
    $user_id_update_view = '';
    $user_id_create = $user_id;
}

if (is_metaconsole() === true) {
    $access_or_pagination = $meta_access;
} else {
    $access_or_pagination = $size_pagination;
}

if ($id != '' && !$is_err) {
    $div_user_info = '<div class="edit_user_info_left">'.$avatar.$user_id_create.'</div>
    <div class="edit_user_info_right">'.$user_id_update_view.$full_name.$new_pass.$new_pass_confirm.$own_pass_confirm.$global_profile.'</div>';
} else {
    $div_user_info = '<div class="edit_user_info_left">'.$avatar.'</div>
    <div class="edit_user_info_right">'.$user_id_create.$user_id_update_view.$full_name.$new_pass.$new_pass_confirm.$global_profile.'</div>';
}

echo '<div id="user_form">
<div class="user_edit_first_row">
    <div class="edit_user_info white_box">'.$div_user_info.'</div>
    <div class="edit_user_autorefresh white_box"><p class="bolder">Extra info</p>'.$email.$phone.$not_login.$local_user.$session_time.'</div>
</div>
<div class="user_edit_second_row white_box">
    <div class="edit_user_options">'.$language.$access_or_pagination.$skin.$home_screen.$default_event_filter.$double_authentication.'</div>

    <div class="edit_user_timezone">'.$timezone;
if (is_metaconsole() === false) {
    echo '<div id="timezone-picker">
                        <img id="timezone-image" src="'.$local_file.'" width="'.$map_width.'" height="'.$map_height.'" usemap="#timezone-map" />
                        <img class="timezone-pin" src="include/javascript/timezonepicker/images/pin.png" class="pdd_t_4px" />
                        <map name="timezone-map" id="timezone-map">'.$area_data_timezone_polys.$area_data_timezone_rects.'</map>
                    </div>';
} else {
    echo $search_custom_fields_view.$metaconsole_agents_manager.$metaconsole_access_node;
}

echo '</div>
</div>

<div class="user_edit_third_row white_box">
    <div class="edit_user_comments">'.$comments.'</div>
</div>';

html_print_div(
    [
        'class'   => 'user_edit_third_row white_box',
        'content' => html_print_div(
            [
                'class'   => 'edit_user_allowed_ip',
                'content' => $allowedIP,
            ],
            true
        ),
    ]
);

if (!empty($ehorus)) {
    echo '<div class="user_edit_third_row white_box">'.$ehorus.'</div>';
}

echo '</div>';

echo '<div class="action-buttons w100p">';
if ($config['admin_can_add_user']) {
    html_print_csrf_hidden();
    if ($new_user) {
        html_print_input_hidden('create_user', 1);
    } else {
        html_print_input_hidden('update_user', 1);
    }
}

echo '</div>';
if ($new_user === true) {
    html_print_input_hidden('json_profile', $json_profile);
}


echo '</form>';

if ($is_err === true && $new_user === true) {
    profile_print_profile_table($id, io_safe_output($json_profile), false, true);
} else {
    profile_print_profile_table($id, io_safe_output($json_profile));
}

echo '<br />';

echo '<div class="action-buttons w100p">';
if ($config['admin_can_add_user']) {
    if ($new_user) {
        html_print_submit_button(
            __('Create'),
            'crtbutton',
            false,
            'class="sub wand" form="user_profile_form"'
        );
    } else {
        html_print_submit_button(
            __('Update'),
            'uptbutton',
            false,
            'class="sub upd" form="user_profile_form"'
        );
    }
}

echo '</div>';


echo '</div>';

enterprise_hook('close_meta_frame');
$delete_image = html_print_input_image(
    'del',
    'images/cross.png',
    1,
    '',
    true,
    [
        'onclick' => 'delete_profile(event, this)',
        'class'   => 'invert_filter',
    ]
);

if (!is_metaconsole()) {
    ?>

    <style>
        /* Styles for timezone map */
        #timezone-picker div.timezone-picker {
            margin: 0 auto;
        }
    </style>

    <script language="javascript" type="text/javascript">
        $(document).ready (function () {
            // Set up the picker to update target timezone and country select lists.
            $('#timezone-image').timezonePicker({
                target: '#timezone',
            });

            // Optionally an auto-detect button to trigger JavaScript geolocation.
            $('#timezone-detect').click(function() {
                $('#timezone-image').timezonePicker('detectLocation');
            });
        });
    </script>
    <?php
    // Include OpenLayers and timezone user map library.
    echo '<script type="text/javascript" src="'.ui_get_full_url('include/javascript/timezonepicker/lib/jquery.timezone-picker.min.js').'"></script>'."\n\t";
    echo '<script type="text/javascript" src="'.ui_get_full_url('include/javascript/timezonepicker/lib/jquery.maphilight.min.js').'"></script>'."\n\t";
    // Closes no meta condition.
}

?>

<script type="text/javascript">
var json_profile = $('#hidden-json_profile');
/* <![CDATA[ */
$(document).ready (function () {
    $("input#checkbox-double_auth").change(function (e) {
        e.preventDefault();
            if (this.checked) {
                show_double_auth_activation();
            } else {
                show_double_auth_deactivation();
            }
    });

    $('#checkbox-is_admin').change(function() {
        if ($('#checkbox-is_admin').is(':checked') == true) {
            $('#metaconsole_agents_manager_div').hide();
            $('#metaconsole_access_node_div').hide();
            $('#metaconsole_assigned_server_div').hide();
        } else {
            $('#metaconsole_agents_manager_div').show();
            $('#metaconsole_access_node_div').show();
            if ($('#checkbox-metaconsole_agents_manager').prop('checked')) {
                $('#metaconsole_assigned_server_div').show();
            }
        }
    });

    $('#checkbox-metaconsole_agents_manager').change(function() {
        if($('#checkbox-metaconsole_agents_manager').prop('checked')) {
            $('#metaconsole_assigned_server_div').show();
        } else {
            $('#metaconsole_assigned_server_div').hide();
        }
    });

    $('#checkbox-is_admin').trigger('change');
    $('#checkbox-metaconsole_agents_manager').trigger('change');

    show_data_section();
    $('#checkbox-ehorus_user_level_enabled').change(function () {
        switch_ehorus_conf();
    });
    $('#checkbox-ehorus_user_level_enabled').trigger('change');
    var img_delete = '<?php echo $delete_image; ?>';
    var id_user = '<?php echo io_safe_output($id); ?>';
    var is_metaconsole = '<?php echo $meta; ?>';
    var user_is_global_admin = '<?php echo users_is_admin($id); ?>';
    var is_err = '<?php echo $is_err; ?>';
    var data = [];
    var aux = 0;
    
    function addProfile(form) {
        try {
            var data = JSON.parse(json_profile.val());
        } catch {
            var data = [];
        }

        var profile = $('#assign_profile').val();
        var profile_text = $('#assign_profile option:selected').text();
        var group = $('#assign_group').val();
        var group_text = $('#assign_group option:selected').text();
        var tags = $('#assign_tags').val();
        var tags_text = $('#assign_tags option:selected').toArray().map(item => item.text).join();
        if ( $('#checkbox-no_hierarchy').is(':checked')) {
            var hierarchy = 1;
            var hierarchy_text = '<?php echo __('yes'); ?>';
        } else {
            var hierarchy = 0;
            var hierarchy_text = '<?php echo __('no'); ?>';
        }

        if (profile === '0' || group === '-1') {
            alert('<?php echo __('Please select profile and group'); ?>');
            return;
        }

        if (id_user == '' || is_err == 1) {
            let new_json = `{"profile":${profile},"group":${group},"tags":[${tags}],"hierarchy":${hierarchy}}`;

            var profile_is_added = Object.entries(data).find(function(_data) {
                return _data[1] === new_json;
            });

            if (typeof profile_is_added === 'undefined') {
                data.push(new_json);
            } else {
                alert('<?php echo __('This profile is already defined'); ?>');
                return;
            }

            json_profile.val(JSON.stringify(data));

            profile_text = `<a href="index.php?sec2=godmode/users/configure_profile&id=${profile}">${profile_text}</a>`;
            group_img = `<img id="img_group_${aux}" src="" data-title="${group_text}" data-use_title_for_force_title="1" class="bot forced_title" alt="${group_text}"/>`;
            group_text = `<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id=${group}">${group_img}${group_text}</a>`;

            $('#table_profiles tr:last').before(
                `<tr>
                    <td>${profile_text}</td>
                    <td>${group_text}</td>
                    <td>${tags_text}</td>
                    <td>${hierarchy_text}</td>
                    <td>${img_delete}</td>
                </tr>`
            );

            getGroupIcon(group, $(`#img_group_${aux}`));
            aux++;

        } else {
            form.submit();
        }
    }

    $('input:image[name="add"]').click(function (e) {
        e.preventDefault();

        if (id_user.length === 0) {
            addProfile(this.form);
            return;
        }

        var params = [];
        params.push("get_user_profile=1");
        params.push("profile_id=" + $('#assign_profile').val())
        params.push("group_id=" + $('#assign_group').val());
        params.push("user_id=" + id_user);
        params.push("page=godmode/users/configure_user");
        jQuery.ajax ({
            data: params.join("&"),
            type: 'POST',
            dataType: "json",
            async: false,
            form: this.form,
            url: action="<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
            success: function (data) {
                if (data.length > 0) {
                    alert('<?php echo __('This profile is already defined'); ?>');
                } else {
                    addProfile(this.form);
                }
            }
        });
    });

    $('input:image[name="del"]').click(function (e) {
        if($(json_profile).length > 0) return;
        if (!confirm ('Are you sure?')) return;
        e.preventDefault();
        var rows = $("#table_profiles tr").length;
        if (((is_metaconsole === '1' && rows <= 4) || (is_metaconsole === '' && rows <= 3)) && user_is_global_admin !== '1') {
            if (!confirm('<?php echo __('Deleting last profile will delete this user'); ?>' + '. ' + '<?php echo __('Are you sure?'); ?>')) {
                return;
            }
        }

        var id_user_profile = $(this).siblings();
        id_user_profile = id_user_profile[1].value;
        var row = $(this).closest('tr');

        var params = [];
        params.push("delete_profile=1");
        params.push("id_user=" + id_user);
        params.push("id_user_profile=" + id_user_profile);
        params.push("page=godmode/users/configure_user");
        jQuery.ajax ({
            data: params.join ("&"),
            type: 'POST',
            url: action="<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
            success: function (data) {
                row.remove();
                var rows = $("#table_profiles tr").length;

                if (is_metaconsole === '' && rows <= 2 && user_is_global_admin !== '1') {
                    window.location.replace("<?php echo ui_get_full_url('index.php?sec=gusuarios&sec2=godmode/users/user_list&tab=user&pure=0', false, false, false); ?>");
                } else if (is_metaconsole === '1' && rows <= 3 && user_is_global_admin !== '1') {
                    window.location.replace("<?php echo ui_get_full_url('index.php?sec=advanced&sec2=advanced/users_setup', false, false, true); ?>");
                }
            }
        });
    });

    function checkProfiles(e) {
        e.preventDefault();
        if ($('#checkbox-is_admin').is(':checked') == true) {
            // Admin does not require profiles.
            $('#user_profile_form').submit();
        } else {
            if ($('#table_profiles tbody').children().length == 1) {
                confirmDialog({
                    title: "<?php echo __('Warning'); ?>",
                    message: "<?php echo __('User will be created without profiles assigned and won\'t be able to log in, are you sure?'); ?>",
                    onAccept: function() {
                        $('#user_profile_form').submit();
                    }
                });
            } else {
                $('#user_profile_form').submit();
            }
        }
    }

    $('#submit-crtbutton').click(function (e) {
        checkProfiles(e);
    });

    $('#submit-uptbutton').click(function (e) {
        checkProfiles(e);
    });
});

function delete_profile(event, btn) {
    event.preventDefault();
    var row = btn.parentNode.parentNode;
    var position = row.rowIndex;
    row.parentNode.removeChild(row);

    var json = json_profile.val();
    var test = JSON.parse(json);

    var position_offset = <?php echo (is_metaconsole() === true) ? 2 : 1; ?>;

    test.splice(position-position_offset, 1);
    json_profile.val(JSON.stringify(test));
}

function show_data_section () {
    section = $("#section").val();
    
    switch (section) {
        case <?php echo "'".'Dashboard'."'"; ?>:
            $("#text-data_section").css("display", "none");
            $("#dashboard").css("display", "");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "inline-grid");
            break;
        case <?php echo "'".'Visual console'."'"; ?>:
            $("#text-data_section").css("display", "none");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "");
            $("#show_vc").css("display", "inline-grid");
            $("#show_db").css("display", "none");
            break;
        case <?php echo "'".'Event list'."'"; ?>:
            $("#text-data_section").css("display", "none");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "none");
            break;
        case <?php echo "'".'Group view'."'"; ?>:
            $("#text-data_section").css("display", "none");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "none");
            break;
        case <?php echo "'".'Tactical view'."'"; ?>:
            $("#text-data_section").css("display", "none");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "none");
            break;
        case <?php echo "'".'Alert detail'."'"; ?>:
            $("#text-data_section").css("display", "none");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "none");
            break;
        case <?php echo "'".'External link'."'"; ?>:
            $("#text-data_section").css("display", "");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "none");
            break;
        case <?php echo "'".'Other'."'"; ?>:
            $("#text-data_section").css("display", "");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "none");
            break;
        case <?php echo "'".'Default'."'"; ?>:
            $("#text-data_section").css("display", "none");
            $("#dashboard").css("display", "none");
            $("#visual_console").css("display", "none");
            $("#show_vc").css("display", "none");
            $("#show_db").css("display", "none");
            break;
    }
}

function switch_ehorus_conf()
{
    if(!$('#checkbox-ehorus_user_level_enabled').prop('checked')) 
    {
        $(".user_edit_ehorus_outer").hide();

    }else
    {
        $(".user_edit_ehorus_outer").show();
    }


}

function show_double_auth_info () {
    var userID = '<?php echo io_safe_output($id); ?>';

    var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
    var $dialogContainer = $("div#dialog-double_auth-container");

    $dialogContainer.html($loadingSpinner);
    // Load the info page
    var request = $.ajax({
        url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
        type: 'POST',
        dataType: 'html',
        data: {
            page: 'include/ajax/double_auth.ajax',
            id_user: userID,
            id_user_auth: userID,
            get_double_auth_data_page: 1,
            FA_forced: 1,
            containerID: $dialogContainer.prop('id')
        },
        complete: function(xhr, textStatus) {
            
        },
        success: function(data, textStatus, xhr) {
            // isNaN = is not a number
            if (isNaN(data)) {
                $dialogContainer.html(data);
            }
            // data is a number, convert it to integer to do the compare
            else if (Number(data) === -1) {
                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
            }
            else {
                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Error').'</div></b>'; ?>");
            }
        },
        error: function(xhr, textStatus, errorThrown) {
            $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error loading the data').'</div></b>'; ?>");
        }
    });

    $("div#dialog-double_auth")
        .css('display','block')
        .append($dialogContainer)
        .dialog({
            resizable: true,
            draggable: true,
            modal: true,
            title: "<?php echo __('Double autentication information'); ?>",
            overlay: {
                opacity: 0.5,
                background: "black"
            },
            width: 400,
            height: 375,
            close: function(event, ui) {
                // Abort the ajax request
                if (typeof request != 'undefined')
                    request.abort();
                // Remove the contained html
                $dialogContainer.empty();
            }
        })
        .show();

}

function show_double_auth_activation () {
    var userID = '<?php echo io_safe_output($id); ?>';

    var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
    var $dialogContainer = $("div#dialog-double_auth-container");
    // Uncheck until completed successfully.
    $("input#checkbox-double_auth").prop( "checked", false );

    $dialogContainer.html($loadingSpinner);

    // Load the info page
    var request = $.ajax({
        url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
        type: 'POST',
        dataType: 'html',
        data: {
            page: 'include/ajax/double_auth.ajax',
            id_user: userID,
            id_user_auth: userID,
            FA_forced: 1,
            get_double_auth_info_page: 1,
            containerID: $dialogContainer.prop('id')
        },
        complete: function(xhr, textStatus) {
            
        },
        success: function(data, textStatus, xhr) {
            // isNaN = is not a number
            if (isNaN(data)) {
                $dialogContainer.html(data);
            }
            // data is a number, convert it to integer to do the compare
            else if (Number(data) === -1) {
                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
            }
            else {
                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Error').'</div></b>'; ?>");
            }
        },
        error: function(xhr, textStatus, errorThrown) {
            $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error loading the data').'</div></b>'; ?>");
        }
    });

    $("div#dialog-double_auth").dialog({
            resizable: true,
            draggable: true,
            modal: true,
            title: "<?php echo __('Double authentication activation'); ?>",
            overlay: {
                opacity: 0.5,
                background: "black"
            },
            width: 500,
            height: 400,
            close: function(event, ui) {
                // Abort the ajax request
                if (typeof request != 'undefined')
                    request.abort();
                // Remove the contained html
                $dialogContainer.empty();
            }
        })
        .show();
}

function show_double_auth_deactivation () {
    var userID = '<?php echo io_safe_output($id); ?>';
    var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
    var $dialogContainer = $("div#dialog-double_auth-container");

    var message = "<p><?php echo __('Are you sure?').'<br>'.__('The double authentication will be deactivated'); ?></p>";
    var $button = $("<input type=\"button\" value=\"<?php echo __('Deactivate'); ?>\" />");
    // Prevent switch deactivaction until proceess is done
    $("input#checkbox-double_auth").prop( "checked", true );


    $dialogContainer
        .empty()
        .append(message)
        .append($button);

    var request;

    $button.click(function(e) {
        e.preventDefault();

        $dialogContainer.html($loadingSpinner);

        // Deactivate the double auth
        request = $.ajax({
            url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
            type: 'POST',
            dataType: 'json',
            data: {
                page: 'include/ajax/double_auth.ajax',
                id_user: userID,
                FA_forced: 1,
                deactivate_double_auth: 1
            },
            complete: function(xhr, textStatus) {
                
            },
            success: function(data, textStatus, xhr) {
                if (data === -1) {
                    $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
                }
                else if (data) {
                    $dialogContainer.html("<?php echo '<b><div class=\"green\">'.__('The double autentication was deactivated successfully').'</div></b>'; ?>");
                    $("input#checkbox-double_auth").prop( "checked", false );
                }
                else {
                    $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error deactivating the double autentication').'</div></b>'; ?>");
                }
            },
            error: function(xhr, textStatus, errorThrown) {
                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error deactivating the double autentication').'</div></b>'; ?>");
            }
        });
    });
    

    $("div#dialog-double_auth").dialog({
            resizable: true,
            draggable: true,
            modal: true,
            title: "<?php echo __('Double authentication activation'); ?>",
            overlay: {
                opacity: 0.5,
                background: "black"
            },
            width: 300,
            height: 150,
            close: function(event, ui) {
                // Abort the ajax request
                if (typeof request != 'undefined')
                    request.abort();
                // Remove the contained html
                $dialogContainer.empty();

            }
        })
        .show();
}


/* ]]> */
</script>