2326 lines
86 KiB
PHP
2326 lines
86 KiB
PHP
<?php
|
|
/**
|
|
* User creation / update.
|
|
*
|
|
* @category Users
|
|
* @package Pandora FMS
|
|
* @subpackage Community
|
|
* @version 1.0.0
|
|
* @license See below
|
|
*
|
|
* ______ ___ _______ _______ ________
|
|
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
|
|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
|
|
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
|
|
*
|
|
* ============================================================================
|
|
* Copyright (c) 2005-2023 Pandora FMS
|
|
* Please see https://pandorafms.com/community/ for full contribution list
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation for version 2.
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
* ============================================================================
|
|
*/
|
|
|
|
// Load global vars.
|
|
global $config;
|
|
|
|
check_login();
|
|
|
|
require_once $config['homedir'].'/vendor/autoload.php';
|
|
|
|
require_once $config['homedir'].'/include/functions_profile.php';
|
|
require_once $config['homedir'].'/include/functions_users.php';
|
|
require_once $config['homedir'].'/include/functions_groups.php';
|
|
require_once $config['homedir'].'/include/functions_visual_map.php';
|
|
require_once $config['homedir'].'/include/functions_custom_fields.php';
|
|
enterprise_include_once('include/functions_profile.php');
|
|
|
|
$isFunctionSkins = enterprise_include_once('include/functions_skins.php');
|
|
|
|
// Add the columns for the enterprise Pandora edition.
|
|
$enterprise_include = false;
|
|
if (ENTERPRISE_NOT_HOOK !== enterprise_include('include/functions_policies.php')) {
|
|
$enterprise_include = true;
|
|
}
|
|
|
|
if ($enterprise_include === true) {
|
|
enterprise_include_once('meta/include/functions_users_meta.php');
|
|
}
|
|
|
|
$homeScreenValues = [
|
|
HOME_SCREEN_DEFAULT => __('Default'),
|
|
HOME_SCREEN_VISUAL_CONSOLE => __('Visual console'),
|
|
HOME_SCREEN_EVENT_LIST => __('Event list'),
|
|
HOME_SCREEN_GROUP_VIEW => __('Group view'),
|
|
HOME_SCREEN_TACTICAL_VIEW => __('Tactical view'),
|
|
HOME_SCREEN_ALERT_DETAIL => __('Alert detail'),
|
|
HOME_SCREEN_EXTERNAL_LINK => __('External link'),
|
|
HOME_SCREEN_OTHER => __('Other'),
|
|
HOME_SCREEN_DASHBOARD => __('Dashboard'),
|
|
];
|
|
|
|
// This defines the working user. Beware with this, old code get confusses
|
|
// and operates with current logged user (dangerous).
|
|
$id = get_parameter('id', get_parameter('id_user', ''));
|
|
|
|
if (empty($id) === true) {
|
|
$id = $config['id_user'];
|
|
}
|
|
|
|
// Check if we are the same user for edit or we have a proper profile for edit users.
|
|
if ($id !== $config['id_user']) {
|
|
if ((bool) check_acl($config['id_user'], 0, 'UM') === false) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_ACL_VIOLATION,
|
|
'Trying to access User Management'
|
|
);
|
|
include 'general/noaccess.php';
|
|
|
|
return;
|
|
}
|
|
}
|
|
|
|
// ID given as parameter.
|
|
$pure = get_parameter('pure', 0);
|
|
$user_info = get_user_info($id);
|
|
|
|
if (is_metaconsole() === true) {
|
|
$user_info['section'] = $user_info['metaconsole_section'];
|
|
$user_info['data_section'] = $user_info['metaconsole_data_section'];
|
|
$user_info['default_event_filter'] = $user_info['metaconsole_default_event_filter'];
|
|
}
|
|
|
|
$is_err = false;
|
|
|
|
if (is_ajax() === true) {
|
|
$delete_profile = (bool) get_parameter('delete_profile');
|
|
$get_user_profile = (bool) get_parameter('get_user_profile');
|
|
|
|
if ($get_user_profile === true) {
|
|
$profile_id = (int) get_parameter('profile_id');
|
|
$group_id = (int) get_parameter('group_id', -1);
|
|
$user_id = (string) get_parameter('user_id', '');
|
|
$no_hierarchy = (int) get_parameter('no_hierarchy', -1);
|
|
$assigned_by = (string) get_parameter('assigned_by', '');
|
|
$id_policy = (int) get_parameter('id_policy', -1);
|
|
$tags = (string) get_parameter('id_policy', '');
|
|
|
|
$filter = [];
|
|
|
|
if ($group_id > -1) {
|
|
$filter['id_perfil'] = $profile_id;
|
|
}
|
|
|
|
if ($group_id > -1) {
|
|
$filter['id_grupo'] = $group_id;
|
|
}
|
|
|
|
if ($user_id !== '') {
|
|
$filter['id_usuario'] = $user_id;
|
|
}
|
|
|
|
if ($no_hierarchy > -1) {
|
|
$filter['no_hierarchy'] = $no_hierarchy;
|
|
}
|
|
|
|
if ($assigned_by !== '') {
|
|
$filter['assigned_by'] = $assigned_by;
|
|
}
|
|
|
|
if ($id_policy > -1) {
|
|
$filter['id_policy'] = $id_policy;
|
|
}
|
|
|
|
if ($tags !== '') {
|
|
$filter['tags'] = $tags;
|
|
}
|
|
|
|
$profile = db_get_all_rows_filter(
|
|
'tusuario_perfil',
|
|
$filter
|
|
);
|
|
|
|
if ($profile !== false && count($profile) > 0) {
|
|
echo json_encode($profile);
|
|
|
|
return;
|
|
} else {
|
|
echo json_encode('');
|
|
}
|
|
|
|
return;
|
|
}
|
|
|
|
if ($delete_profile === true) {
|
|
// Get parameters.
|
|
$result = false;
|
|
$id_user = (string) get_parameter('id_user');
|
|
$id_up = (int) get_parameter('id_user_profile');
|
|
$delete_user = (bool) get_parameter('delete_user', false);
|
|
$user_is_global_admin = users_is_admin($id_user);
|
|
|
|
$perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up);
|
|
$id_perfil = $perfilUser['id_perfil'];
|
|
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
'Deleted profile for user '.io_safe_output($id_user),
|
|
false,
|
|
false,
|
|
'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo']
|
|
);
|
|
// Delete profile.
|
|
$profile_deleted = profile_delete_user_profile($id_user, $id_up);
|
|
// Check if exists more profiles.
|
|
$has_profile = db_get_row('tusuario_perfil', 'id_usuario', $id_user);
|
|
if ($profile_deleted === true) {
|
|
if ($has_profile === false && $user_is_global_admin === false && $delete_user === true) {
|
|
if (is_metaconsole() === true) {
|
|
$servers = metaconsole_get_servers();
|
|
foreach ($servers as $server) {
|
|
// Connect to the remote console.
|
|
metaconsole_connect($server);
|
|
|
|
// Delete the user.
|
|
$result = delete_user($id_user);
|
|
if ($result === true) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
__('Deleted user %s from metaconsole', io_safe_output($id_user))
|
|
);
|
|
}
|
|
|
|
// Restore the db connection.
|
|
metaconsole_restore_db();
|
|
|
|
// Log to the metaconsole too.
|
|
if ($result === true) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
__(
|
|
'Deleted user %s from %s',
|
|
io_safe_input($id_user),
|
|
io_safe_input($server['server_name'])
|
|
)
|
|
);
|
|
}
|
|
}
|
|
|
|
$result = delete_user((string) $id_user);
|
|
|
|
if ($result === true) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
__('Deleted user %s', io_safe_output($id_user))
|
|
);
|
|
}
|
|
} else {
|
|
$result = delete_user((string) $id_user);
|
|
if ($result === true) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
__('Deleted user %s', io_safe_output($id_user))
|
|
);
|
|
}
|
|
}
|
|
} else {
|
|
$result = $profile_deleted;
|
|
}
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
}
|
|
|
|
$tab = get_parameter('tab', 'user');
|
|
// Save autorefresh list.
|
|
$autorefresh_list = (array) get_parameter_post('autorefresh_list');
|
|
$autorefresh_white_list = (($autorefresh_list[0] === '') || ($autorefresh_list[0] === '0')) ? '' : json_encode($autorefresh_list);
|
|
// Header.
|
|
if (is_metaconsole() === true) {
|
|
user_meta_print_header();
|
|
$sec = 'advanced';
|
|
} else {
|
|
if ((bool) check_acl($config['id_user'], 0, 'UM') === false) {
|
|
$buttons = [];
|
|
} else {
|
|
$buttons = [
|
|
'user' => [
|
|
'active' => false,
|
|
'text' => '<a href="index.php?sec=gusuarios&sec2=godmode/users/user_list&tab=user&pure='.$pure.'">'.html_print_image(
|
|
'images/user.svg',
|
|
true,
|
|
[
|
|
'title' => __('User management'),
|
|
'class' => 'invert_filter main_menu_icon',
|
|
]
|
|
).'</a>',
|
|
],
|
|
'profile' => [
|
|
'active' => false,
|
|
'text' => '<a href="index.php?sec=gusuarios&sec2=godmode/users/profile_list&tab=profile&pure='.$pure.'">'.html_print_image(
|
|
'images/suitcase@svg.svg',
|
|
true,
|
|
[
|
|
'title' => __('Profile management'),
|
|
'class' => 'invert_filter main_menu_icon',
|
|
]
|
|
).'</a>',
|
|
],
|
|
];
|
|
$buttons[$tab]['active'] = true;
|
|
}
|
|
|
|
$edit_user = get_parameter('edit_user');
|
|
|
|
ui_print_standard_header(
|
|
($edit_user) ? sprintf('%s [ %s ]', __('Update User'), $id) : __('Create User'),
|
|
'images/gm_users.png',
|
|
false,
|
|
'',
|
|
true,
|
|
$buttons,
|
|
[
|
|
[
|
|
'link' => '',
|
|
'label' => __('Profiles'),
|
|
],
|
|
[
|
|
'link' => ui_get_full_url('index.php?sec=gusuarios&sec2=godmode/users/user_list'),
|
|
'label' => __('Manage users'),
|
|
],
|
|
[
|
|
'link' => '',
|
|
'label' => __('User Detail Editor'),
|
|
],
|
|
]
|
|
);
|
|
$sec = 'gusuarios';
|
|
}
|
|
|
|
if ((bool) $config['user_can_update_info'] === true) {
|
|
$view_mode = false;
|
|
} else {
|
|
$view_mode = true;
|
|
}
|
|
|
|
$delete_profile = (bool) get_parameter('delete_profile');
|
|
$new_user = (bool) get_parameter('new_user');
|
|
$create_user = (bool) get_parameter('create_user');
|
|
$add_profile = (bool) get_parameter('add_profile');
|
|
$update_user = (bool) get_parameter('update_user');
|
|
$renewAPIToken = (bool) get_parameter('renewAPIToken');
|
|
$status = get_parameter('status', -1);
|
|
$json_profile = get_parameter('json_profile', '');
|
|
|
|
// Reset status var if current action is not update_user.
|
|
if ($new_user === true || $create_user === true || $add_profile === true
|
|
|| $delete_profile === true || $update_user === true
|
|
) {
|
|
$status = -1;
|
|
}
|
|
|
|
if ($new_user === true && (bool) $config['admin_can_add_user'] === true) {
|
|
$user_info = [];
|
|
$id = '';
|
|
$user_info['fullname'] = '';
|
|
$user_info['firstname'] = '';
|
|
$user_info['lastname'] = '';
|
|
$user_info['email'] = '';
|
|
$user_info['phone'] = '';
|
|
$user_info['comments'] = '';
|
|
$user_info['is_admin'] = 0;
|
|
$user_info['language'] = 'default';
|
|
$user_info['timezone'] = '';
|
|
$user_info['not_login'] = false;
|
|
$user_info['local_user'] = false;
|
|
$user_info['strict_acl'] = false;
|
|
$user_info['session_time'] = 0;
|
|
$user_info['middlename'] = 0;
|
|
|
|
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
|
|
$user_info['id_skin'] = '';
|
|
}
|
|
|
|
$user_info['section'] = '';
|
|
$user_info['data_section'] = '';
|
|
// This attributes are inherited from global configuration.
|
|
$user_info['block_size'] = $config['block_size'];
|
|
|
|
if (enterprise_installed() === true && is_metaconsole() === true) {
|
|
$user_info['metaconsole_agents_manager'] = 0;
|
|
$user_info['metaconsole_access_node'] = 0;
|
|
}
|
|
|
|
if (isset($config['ehorus_user_level_conf']) === true && (bool) $config['ehorus_user_level_conf'] === true) {
|
|
$user_info['ehorus_user_level_user'] = '';
|
|
$user_info['ehorus_user_level_pass'] = '';
|
|
$user_info['ehorus_user_level_enabled'] = true;
|
|
}
|
|
}
|
|
|
|
if ($create_user === true) {
|
|
if ((bool) $config['admin_can_add_user'] === false) {
|
|
ui_print_error_message(
|
|
__('The current authentication scheme doesn\'t support creating users on %s', get_product_name())
|
|
);
|
|
return;
|
|
}
|
|
|
|
if (html_print_csrf_error() === true) {
|
|
return;
|
|
}
|
|
|
|
$user_is_admin = (get_parameter('is_admin', 0) === 0) ? 0 : 1;
|
|
|
|
if (users_is_admin() === false && $user_is_admin !== 0) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_ACL_VIOLATION,
|
|
'Trying to create with administrator privileges to user by non administrator user '.$config['id_user']
|
|
);
|
|
|
|
include 'general/noaccess.php';
|
|
exit;
|
|
}
|
|
|
|
$values = [];
|
|
$values['id_user'] = (string) get_parameter('id_user');
|
|
$values['fullname'] = (string) get_parameter('fullname');
|
|
$values['firstname'] = (string) get_parameter('firstname');
|
|
$values['lastname'] = (string) get_parameter('lastname');
|
|
$password_new = (string) get_parameter('password_new', '');
|
|
$password_confirm = (string) get_parameter('password_confirm', '');
|
|
$values['email'] = (string) get_parameter('email');
|
|
$values['phone'] = (string) get_parameter('phone');
|
|
$values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments'))));
|
|
$values['allowed_ip_active'] = ((int) get_parameter_switch('allowed_ip_active', -1) === 0);
|
|
$values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
|
|
$values['is_admin'] = $user_is_admin;
|
|
$values['language'] = get_parameter('language', 'default');
|
|
$values['timezone'] = (string) get_parameter('timezone');
|
|
$values['default_event_filter'] = (int) get_parameter('default_event_filter');
|
|
$values['default_custom_view'] = (int) get_parameter('default_custom_view');
|
|
$values['time_autorefresh'] = (int) get_parameter('time_autorefresh', 0);
|
|
$values['show_tips_startup'] = (int) get_parameter_switch('show_tips_startup');
|
|
$values['integria_user_level_pass'] = (string) get_parameter('integria_user_level_pass');
|
|
$dashboard = get_parameter('dashboard', '');
|
|
$visual_console = get_parameter('visual_console', '');
|
|
|
|
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
|
|
$values['id_skin'] = (int) get_parameter('skin', 0);
|
|
}
|
|
|
|
$values['block_size'] = (int) get_parameter('block_size', $config['block_size']);
|
|
|
|
$values['section'] = get_parameter('section');
|
|
if (($values['section'] === HOME_SCREEN_EVENT_LIST) || ($values['section'] === HOME_SCREEN_GROUP_VIEW) || ($values['section'] === HOME_SCREEN_ALERT_DETAIL) || ($values['section'] === HOME_SCREEN_TACTICAL_VIEW) || ($values['section'] === HOME_SCREEN_DEFAULT)) {
|
|
$values['data_section'] = '';
|
|
} else if ($values['section'] === HOME_SCREEN_DASHBOARD) {
|
|
$values['data_section'] = $dashboard;
|
|
} else if (io_safe_output($values['section']) === HOME_SCREEN_VISUAL_CONSOLE) {
|
|
$values['data_section'] = $visual_console;
|
|
} else if ($values['section'] === HOME_SCREEN_OTHER || io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) {
|
|
$values['data_section'] = get_parameter('data_section');
|
|
}
|
|
|
|
if (is_metaconsole() === true) {
|
|
$values['metaconsole_section'] = $values['section'];
|
|
$values['metaconsole_data_section'] = $values['data_section'];
|
|
}
|
|
|
|
// $values['section'] = $homeScreenValues[$values['section']];
|
|
if (enterprise_installed() === true) {
|
|
$values['force_change_pass'] = 1;
|
|
$values['last_pass_change'] = date('Y/m/d H:i:s', get_system_time());
|
|
if (is_metaconsole() === true) {
|
|
$values['metaconsole_access'] = get_parameter('metaconsole_access', 'basic');
|
|
$values['metaconsole_agents_manager'] = ($user_is_admin == 1 ? 1 : get_parameter('metaconsole_agents_manager', '0'));
|
|
$values['metaconsole_access_node'] = ($user_is_admin == 1 ? 1 : get_parameter('metaconsole_access_node', '0'));
|
|
}
|
|
}
|
|
|
|
$values['not_login'] = (bool) get_parameter('not_login', false);
|
|
$values['local_user'] = (bool) get_parameter('local_user', false);
|
|
$values['middlename'] = get_parameter('middlename', 0);
|
|
$values['strict_acl'] = (bool) get_parameter('strict_acl', false);
|
|
$values['session_time'] = (int) get_parameter('session_time', 0);
|
|
|
|
// Previously defined.
|
|
$values['autorefresh_white_list'] = $autorefresh_white_list;
|
|
|
|
// eHorus user level conf.
|
|
if ((bool) $config['ehorus_user_level_conf'] === true) {
|
|
$values['ehorus_user_level_enabled'] = (bool) get_parameter('ehorus_user_level_enabled', false);
|
|
if ($values['ehorus_user_level_enabled'] === true) {
|
|
$values['ehorus_user_level_user'] = (string) get_parameter('ehorus_user_level_user');
|
|
$values['ehorus_user_level_pass'] = (string) get_parameter('ehorus_user_level_pass');
|
|
} else {
|
|
$values['ehorus_user_level_user'] = null;
|
|
$values['ehorus_user_level_pass'] = null;
|
|
}
|
|
}
|
|
|
|
// Generate new API token.
|
|
$values['api_token'] = api_token_generate();
|
|
// Validate the user ID if it already exists.
|
|
$user_exists = get_user_info($values['id_user']);
|
|
if (empty($values['id_user']) === true) {
|
|
ui_print_error_message(__('User ID cannot be empty'));
|
|
$is_err = true;
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
} else if (isset($user_exists['id_user'])) {
|
|
$is_err = true;
|
|
ui_print_error_message(__('User ID already exists'));
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
} else if (preg_match('/^\s+|\s+$/', io_safe_output($id))) {
|
|
ui_print_error_message(__('Invalid user ID: leading or trailing blank spaces not allowed'));
|
|
$is_err = true;
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
} else if (empty($password_new) === true) {
|
|
$is_err = true;
|
|
ui_print_error_message(__('Passwords cannot be empty'));
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
} else if ($password_new != $password_confirm) {
|
|
$is_err = true;
|
|
ui_print_error_message(__('Passwords didn\'t match'));
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
} else if (enterprise_hook('excludedPassword', [$password_new]) === true) {
|
|
$is_err = true;
|
|
ui_print_error_message(__('The password provided is not valid. Please set another one.'));
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
} else {
|
|
if ((!is_user_admin($config['id_user']) || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
|
|
$pass_ok = login_validate_pass($password_new, $id, true);
|
|
if ($pass_ok != 1) {
|
|
ui_print_error_message($pass_ok);
|
|
} else {
|
|
$result = create_user($id, $password_new, $values);
|
|
}
|
|
} else {
|
|
$result = create_user($id, $password_new, $values);
|
|
}
|
|
|
|
$info = '{"Id_user":"'.$values['id_user'].'","FullName":"'.$values['fullname'].'","Firstname":"'.$values['firstname'].'","Lastname":"'.$values['lastname'].'","Email":"'.$values['email'].'","Phone":"'.$values['phone'].'","Comments":"'.$values['comments'].'","Is_admin":"'.$values['is_admin'].'","Language":"'.$values['language'].'","Timezone":"'.$values['timezone'].'","Block size":"'.$values['block_size'].'"';
|
|
if ($values['allowed_ip_active'] === true) {
|
|
$info .= ',"IPS Allowed":"'.$values['allowed_ip_list'].'"';
|
|
}
|
|
|
|
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
|
|
$info .= ',"Skin":"'.$values['id_skin'].'"}';
|
|
} else {
|
|
$info .= '}';
|
|
}
|
|
|
|
$can_create = false;
|
|
|
|
|
|
|
|
if ($result) {
|
|
$res = save_pass_history($id, $password_new);
|
|
} else {
|
|
$is_err = true;
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
}
|
|
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
'Created user '.io_safe_output($id),
|
|
false,
|
|
false,
|
|
$info
|
|
);
|
|
|
|
ui_print_result_message(
|
|
$result,
|
|
__('Successfully created'),
|
|
__('Could not be created')
|
|
);
|
|
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
|
|
if ($result) {
|
|
if ($values['strict_acl']) {
|
|
if ($values['is_admin']) {
|
|
ui_print_info_message(__('Strict ACL is not recommended for admin users because performance could be affected.'));
|
|
}
|
|
}
|
|
|
|
$user_info = get_user_info($id);
|
|
$new_user = false;
|
|
|
|
if (empty($json_profile) === false) {
|
|
$json_profile = json_decode(io_safe_output($json_profile), true);
|
|
foreach ($json_profile as $key => $profile) {
|
|
if (is_array($profile) === false) {
|
|
$profile = json_decode($profile, true);
|
|
}
|
|
|
|
if (!empty($profile)) {
|
|
$group2 = $profile['group'];
|
|
$profile2 = $profile['profile'];
|
|
$tags = $profile['tags'];
|
|
foreach ($tags as $k => $tag) {
|
|
if (empty($tag)) {
|
|
unset($tags[$k]);
|
|
}
|
|
}
|
|
|
|
$tags = implode(',', $tags);
|
|
$no_hierarchy = $profile['hierarchy'];
|
|
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
'Added profile for user '.io_safe_output($id2),
|
|
false,
|
|
false,
|
|
'Profile: '.$profile2.' Group: '.$group2.' Tags: '.$tags
|
|
);
|
|
|
|
$result_profile = profile_create_user_profile($id, $profile2, $group2, false, $tags, $no_hierarchy);
|
|
|
|
if ($result_profile === false) {
|
|
$is_err = true;
|
|
$user_info = $values;
|
|
$password_new = '';
|
|
$password_confirm = '';
|
|
$new_user = true;
|
|
} else {
|
|
$pm = db_get_value_filter('pandora_management', 'tperfil', ['id_perfil' => $profile2]);
|
|
|
|
if ((int) $pm === 1) {
|
|
$user_source = db_get_value_filter(
|
|
'id_source',
|
|
'tnotification_source_user',
|
|
[
|
|
'id_source' => $notification['id'],
|
|
'id_user' => $id,
|
|
]
|
|
);
|
|
if ($user_source === false) {
|
|
$notificationSources = db_get_all_rows_filter('tnotification_source', [], 'id');
|
|
foreach ($notificationSources as $notification) {
|
|
if ((int) $notification['id'] === 1 || (int) $notification['id'] === 5) {
|
|
$notification_user = db_get_value_filter(
|
|
'id_source',
|
|
'tnotification_source_user',
|
|
[
|
|
'id_source' => $notification['id'],
|
|
'id_user' => $id,
|
|
]
|
|
);
|
|
if ($notification_user === false) {
|
|
@db_process_sql_insert(
|
|
'tnotification_source_user',
|
|
[
|
|
'id_source' => $notification['id'],
|
|
'id_user' => $id,
|
|
]
|
|
);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
ui_print_result_message(
|
|
$result_profile,
|
|
__('Profile added successfully'),
|
|
__('Profile cannot be added')
|
|
);
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
$user_info = $values;
|
|
$new_user = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($update_user) {
|
|
if (html_print_csrf_error() === true) {
|
|
return;
|
|
}
|
|
|
|
$values = [];
|
|
$values['fullname'] = (string) get_parameter('fullname');
|
|
$values['firstname'] = (string) get_parameter('firstname');
|
|
$values['lastname'] = (string) get_parameter('lastname');
|
|
$values['email'] = (string) get_parameter('email');
|
|
$values['phone'] = (string) get_parameter('phone');
|
|
$values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments'))));
|
|
if (users_is_admin($config['id_user']) === true || (bool) check_acl($config['id_user'], 0, 'PM') === true) {
|
|
$values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0);
|
|
$values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
|
|
}
|
|
|
|
$values['is_admin'] = (get_parameter('is_admin', 0) === 0) ? 0 : 1;
|
|
$values['language'] = (string) get_parameter('language');
|
|
$values['timezone'] = (string) get_parameter('timezone');
|
|
$values['default_event_filter'] = (int) get_parameter('default_event_filter');
|
|
$values['default_custom_view'] = (int) get_parameter('default_custom_view');
|
|
$values['show_tips_startup'] = (int) get_parameter_switch('show_tips_startup');
|
|
$values['time_autorefresh'] = (int) get_parameter('time_autorefresh');
|
|
// API Token information.
|
|
$apiTokenRenewed = (bool) get_parameter('renewAPIToken');
|
|
$values['api_token'] = ($apiTokenRenewed === true) ? api_token_generate() : users_get_API_token($id);
|
|
|
|
if (users_is_admin() === false && (bool) $values['is_admin'] !== false) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_ACL_VIOLATION,
|
|
'Trying to add administrator privileges to user by non administrator user '.$config['id_user']
|
|
);
|
|
|
|
include 'general/noaccess.php';
|
|
exit;
|
|
}
|
|
|
|
// Ehorus user level conf.
|
|
$values['ehorus_user_level_enabled'] = (bool) get_parameter('ehorus_user_level_enabled', false);
|
|
$values['ehorus_user_level_user'] = (string) get_parameter('ehorus_user_level_user');
|
|
$values['ehorus_user_level_pass'] = (string) get_parameter('ehorus_user_level_pass');
|
|
$values['integria_user_level_pass'] = (string) get_parameter('integria_user_level_pass');
|
|
|
|
$values['middlename'] = get_parameter('middlename', 0);
|
|
|
|
$dashboard = get_parameter('dashboard', '');
|
|
$visual_console = get_parameter('visual_console', '');
|
|
|
|
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
|
|
$values['id_skin'] = get_parameter('skin', 0);
|
|
}
|
|
|
|
$values['block_size'] = get_parameter('block_size', $config['block_size']);
|
|
|
|
$values['section'] = get_parameter('section');
|
|
if (($values['section'] === HOME_SCREEN_EVENT_LIST) || ($values['section'] === HOME_SCREEN_GROUP_VIEW) || ($values['section'] === HOME_SCREEN_ALERT_DETAIL) || ($values['section'] === HOME_SCREEN_TACTICAL_VIEW) || ($values['section'] === HOME_SCREEN_DEFAULT)) {
|
|
$values['data_section'] = '';
|
|
} else if ($values['section'] === HOME_SCREEN_DASHBOARD) {
|
|
$values['data_section'] = $dashboard;
|
|
} else if (io_safe_output($values['section']) === HOME_SCREEN_VISUAL_CONSOLE) {
|
|
$values['data_section'] = $visual_console;
|
|
} else if ($values['section'] === HOME_SCREEN_OTHER || io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) {
|
|
$values['data_section'] = get_parameter('data_section');
|
|
}
|
|
|
|
// $values['section'] = $homeScreenValues[$values['section']];
|
|
if (enterprise_installed() === true && is_metaconsole() === true) {
|
|
if (users_is_admin() === true) {
|
|
$values['metaconsole_access'] = get_parameter('metaconsole_access');
|
|
$values['metaconsole_agents_manager'] = get_parameter('metaconsole_agents_manager', '0');
|
|
$values['metaconsole_access_node'] = get_parameter('metaconsole_access_node', '0');
|
|
} else {
|
|
$values['metaconsole_access'] = $user_info['metaconsole_access'];
|
|
$values['metaconsole_agents_manager'] = $user_info['metaconsole_agents_manager'];
|
|
$values['metaconsole_access_node'] = db_get_value('metaconsole_access_node', 'tusuario', 'id_user', $id);
|
|
}
|
|
}
|
|
|
|
$values['not_login'] = (bool) get_parameter('not_login', false);
|
|
$values['local_user'] = (bool) get_parameter('local_user', false);
|
|
$values['strict_acl'] = (bool) get_parameter('strict_acl', false);
|
|
$values['session_time'] = (int) get_parameter('session_time', 0);
|
|
|
|
$force_update_session_expire = false;
|
|
if ($values['session_time'] !== $user_info['session_time']) {
|
|
$force_update_session_expire = true;
|
|
}
|
|
|
|
// Previously defined.
|
|
$values['autorefresh_white_list'] = $autorefresh_white_list;
|
|
|
|
$res1 = update_user($id, $values);
|
|
|
|
if ($force_update_session_expire === true) {
|
|
config_prepare_expire_time_session(true);
|
|
}
|
|
|
|
if ($config['user_can_update_password']) {
|
|
$password_new = (string) get_parameter('password_new', '');
|
|
$password_confirm = (string) get_parameter('password_confirm', '');
|
|
$own_password_confirm = (string) get_parameter('own_password_confirm', '');
|
|
$id_user = (string) get_parameter('id_user', '');
|
|
|
|
if ($password_new != '') {
|
|
if ($config['auth'] !== 'mysql' && $values['local_user'] === false) {
|
|
ui_print_error_message(__('It is not possible to change the password because external authentication is being used'));
|
|
} else {
|
|
$correct_password = false;
|
|
|
|
$user_credentials_check = process_user_login($id_user, $own_password_confirm, true);
|
|
|
|
if ($user_credentials_check !== false) {
|
|
$correct_password = true;
|
|
}
|
|
|
|
if ((string) $password_confirm === (string) $password_new) {
|
|
if ($correct_password === true || is_user_admin($config['id_user'])) {
|
|
if ((is_user_admin($config['id_user']) === false || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) {
|
|
$pass_ok = login_validate_pass($password_new, $id, true);
|
|
if ($pass_ok != 1) {
|
|
ui_print_error_message($pass_ok);
|
|
} else {
|
|
$res2 = update_user_password($id, $password_new);
|
|
if ($res2) {
|
|
db_process_sql_insert(
|
|
'tsesion',
|
|
[
|
|
'id_sesion' => '',
|
|
'id_usuario' => $id,
|
|
'ip_origen' => $_SERVER['REMOTE_ADDR'],
|
|
'accion' => 'Password change',
|
|
'descripcion' => 'Access password updated',
|
|
'fecha' => date('Y-m-d H:i:s'),
|
|
'utimestamp' => time(),
|
|
]
|
|
);
|
|
$res3 = save_pass_history($id, $password_new);
|
|
|
|
// Generate new API token.
|
|
$newToken = api_token_generate();
|
|
$res4 = update_user($id, ['api_token' => $newToken]);
|
|
}
|
|
|
|
ui_print_result_message(
|
|
$res1 || $res2,
|
|
__('User info successfully updated'),
|
|
__('Error updating user info (no change?)')
|
|
);
|
|
}
|
|
} else {
|
|
$res2 = update_user_password($id, $password_new);
|
|
if ($res2) {
|
|
$res3 = save_pass_history($id, $password_new);
|
|
db_process_sql_insert(
|
|
'tsesion',
|
|
[
|
|
'id_sesion' => '',
|
|
'id_usuario' => $id,
|
|
'ip_origen' => $_SERVER['REMOTE_ADDR'],
|
|
'accion' => 'Password change',
|
|
'descripcion' => 'Access password updated',
|
|
'fecha' => date('Y-m-d H:i:s'),
|
|
'utimestamp' => time(),
|
|
]
|
|
);
|
|
|
|
// Generate new API token.
|
|
$newToken = api_token_generate();
|
|
$res4 = update_user($id, ['api_token' => $newToken]);
|
|
}
|
|
|
|
ui_print_result_message(
|
|
$res1 || $res2,
|
|
__('User info successfully updated'),
|
|
__('Error updating user info (no change?)')
|
|
);
|
|
}
|
|
} else {
|
|
if ($own_password_confirm === '') {
|
|
ui_print_error_message(__('Password of the active user is required to perform password change'));
|
|
} else {
|
|
ui_print_error_message(__('Password of active user is not correct'));
|
|
}
|
|
}
|
|
} else {
|
|
db_process_sql_insert(
|
|
'tsesion',
|
|
[
|
|
'id_sesion' => '',
|
|
'id_usuario' => $id,
|
|
'ip_origen' => $_SERVER['REMOTE_ADDR'],
|
|
'accion' => 'Password change',
|
|
'descripcion' => 'Access password update failed',
|
|
'fecha' => date('Y-m-d H:i:s'),
|
|
'utimestamp' => time(),
|
|
]
|
|
);
|
|
ui_print_error_message(__('Passwords does not match'));
|
|
}
|
|
}
|
|
} else {
|
|
$has_skin = false;
|
|
$has_wizard = false;
|
|
|
|
$info = '{"id_user":"'.$id.'",
|
|
"FullName":"'.$values['fullname'].'",
|
|
"Firstname":"'.$values['firstname'].'",
|
|
"Lastname":"'.$values['lastname'].'",
|
|
"Email":"'.$values['email'].'",
|
|
"Phone":"'.$values['phone'].'",
|
|
"Comments":"'.$values['comments'].'",
|
|
"Is_admin":"'.$values['is_admin'].'",
|
|
"Language":"'.$values['language'].'",
|
|
"Timezone":"'.$values['timezone'].'",
|
|
"Block size":"'.$values['block_size'].'",
|
|
"Section":"'.$values['section'].'"';
|
|
|
|
if ($values['allowed_ip_active'] === true) {
|
|
$info .= ',"IPS Allowed":"'.$values['allowed_ip_list'].'"';
|
|
}
|
|
|
|
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
|
|
$info .= ',"Skin":"'.$values['id_skin'].'"';
|
|
$has_skin = true;
|
|
}
|
|
|
|
if (enterprise_installed() === true && is_metaconsole() === true) {
|
|
$info .= ',"Wizard access":"'.$values['metaconsole_access'].'"}';
|
|
$has_wizard = true;
|
|
} else if ($has_skin === true) {
|
|
$info .= '}';
|
|
}
|
|
|
|
if ($has_skin === false && $has_wizard === false) {
|
|
$info .= '}';
|
|
}
|
|
|
|
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
'Updated user '.io_safe_output($id),
|
|
false,
|
|
false,
|
|
$info
|
|
);
|
|
|
|
ui_print_result_message(
|
|
$res1,
|
|
($apiTokenRenewed === true) ? __('You have generated a new API Token.') : __('User info successfully updated'),
|
|
__('Error updating user info (no change?)')
|
|
);
|
|
}
|
|
} else {
|
|
ui_print_result_message(
|
|
$res1,
|
|
__('User info successfully updated'),
|
|
__('Error updating user info (no change?)')
|
|
);
|
|
}
|
|
|
|
|
|
if ((bool) $values['strict_acl'] === true) {
|
|
$count_groups = 0;
|
|
$count_tags = 0;
|
|
|
|
$profiles = db_get_all_rows_field_filter('tusuario_perfil', 'id_usuario', $id);
|
|
if ($profiles === false) {
|
|
$profiles = [];
|
|
}
|
|
|
|
foreach ($profiles as $profile) {
|
|
$count_groups++;
|
|
$arr_tags = explode(',', $profile['tags']);
|
|
$count_tags = ($count_tags + count($arr_tags));
|
|
}
|
|
|
|
if (($count_groups > 3) && ($count_tags > 10)) {
|
|
ui_print_info_message(__('Strict ACL is not recommended for this user. Performance could be affected.'));
|
|
}
|
|
}
|
|
|
|
$user_info = $values;
|
|
}
|
|
|
|
if ((int) $status !== -1) {
|
|
ui_print_result_message(
|
|
$status,
|
|
__('User info successfully updated'),
|
|
__('Error updating user info (no change?)')
|
|
);
|
|
}
|
|
|
|
if ($add_profile && empty($json_profile)) {
|
|
$id2 = (string) get_parameter('id', get_parameter('id_user'));
|
|
$group2 = (int) get_parameter('assign_group');
|
|
$profile2 = (int) get_parameter('assign_profile');
|
|
$tags = (array) get_parameter('assign_tags');
|
|
$no_hierarchy = (int) get_parameter('no_hierarchy', 0);
|
|
|
|
foreach ($tags as $k => $tag) {
|
|
if (empty($tag) === true) {
|
|
unset($tags[$k]);
|
|
}
|
|
}
|
|
|
|
$tags = implode(',', $tags);
|
|
|
|
db_pandora_audit(
|
|
AUDIT_LOG_USER_MANAGEMENT,
|
|
'Added profile for user '.io_safe_output($id2),
|
|
false,
|
|
false,
|
|
'Profile: '.$profile2.' Group: '.$group2.' Tags: '.$tags
|
|
);
|
|
|
|
$return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $no_hierarchy);
|
|
if ($return === false) {
|
|
$is_err = true;
|
|
} else {
|
|
$pm = db_get_value_filter('pandora_management', 'tperfil', ['id_perfil' => $profile2]);
|
|
|
|
if ((int) $pm === 1) {
|
|
$user_source = db_get_value_filter(
|
|
'id_source',
|
|
'tnotification_source_user',
|
|
[
|
|
'id_source' => $notification['id'],
|
|
'id_user' => $id,
|
|
]
|
|
);
|
|
if ($user_source === false) {
|
|
$notificationSources = db_get_all_rows_filter('tnotification_source', [], 'id');
|
|
foreach ($notificationSources as $notification) {
|
|
if ((int) $notification['id'] === 1 || (int) $notification['id'] === 5) {
|
|
$notification_user = db_get_value_filter(
|
|
'id_source',
|
|
'tnotification_source_user',
|
|
[
|
|
'id_source' => $notification['id'],
|
|
'id_user' => $id,
|
|
]
|
|
);
|
|
if ($notification_user === false) {
|
|
@db_process_sql_insert(
|
|
'tnotification_source_user',
|
|
[
|
|
'id_source' => $notification['id'],
|
|
'id_user' => $id,
|
|
]
|
|
);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
ui_print_result_message(
|
|
$return,
|
|
__('Profile added successfully'),
|
|
__('Profile cannot be added')
|
|
);
|
|
}
|
|
|
|
if (isset($values) === true && empty($values) === false) {
|
|
$user_info = $values;
|
|
}
|
|
|
|
if (!users_is_admin() && $config['id_user'] !== $id && $new_user === false) {
|
|
$group_um = users_get_groups_UM($config['id_user']);
|
|
if (isset($group_um[0]) === true) {
|
|
$group_um_string = implode(',', array_keys(users_get_groups($config['id_user'], 'um', true)));
|
|
} else {
|
|
$group_um_string = implode(',', array_keys($group_um));
|
|
}
|
|
|
|
$sql = sprintf(
|
|
"SELECT tusuario_perfil.* FROM tusuario_perfil
|
|
INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
|
|
WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 1",
|
|
$config['id_user'],
|
|
$group_um_string
|
|
);
|
|
|
|
$result = db_get_all_rows_sql($sql);
|
|
if ((bool) $result === false && (bool) $user_info['is_admin'] === false) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_ACL_VIOLATION,
|
|
'Trying to access User Management'
|
|
);
|
|
include 'general/noaccess.php';
|
|
|
|
return;
|
|
}
|
|
}
|
|
|
|
if (!$new_user) {
|
|
$user_id = '<div class="label_select_simple"><p class="edit_user_labels">'.__('User ID').': </p>';
|
|
$user_id .= '<span>'.$id.'</span>';
|
|
$user_id .= html_print_input_hidden('id_user', $id, true);
|
|
$user_id .= '</div>';
|
|
|
|
$apiTokenContentElements[] = '<span style="line-height: 15px; height: 15px;font-size: 14px;">'.__('API Token').'</span>';
|
|
$apiTokenContentElements[] = html_print_button(
|
|
__('Renew'),
|
|
'renew_api_token',
|
|
false,
|
|
sprintf(
|
|
'javascript:renewAPIToken("%s", "%s", "%s")',
|
|
__('Warning'),
|
|
__('The API token will be renewed. After this action, the last token you were using will not work. Are you sure?'),
|
|
'user_profile_form',
|
|
),
|
|
[
|
|
'mode' => 'link',
|
|
'style' => 'min-width: initial;',
|
|
],
|
|
true,
|
|
);
|
|
$apiTokenContentElements[] = html_print_button(
|
|
__('Show'),
|
|
'show_api_token',
|
|
false,
|
|
sprintf(
|
|
'javascript:showAPIToken("%s", "%s", "%s", "%s")',
|
|
__('API Token'),
|
|
__('Your API Token is:'),
|
|
base64_encode(users_get_API_token($id)),
|
|
__('Please, avoid share this string with others.'),
|
|
),
|
|
[
|
|
'mode' => 'link',
|
|
'style' => 'min-width: initial;',
|
|
],
|
|
true,
|
|
);
|
|
|
|
$apiTokenContent = html_print_div(
|
|
[
|
|
'class' => 'flex-row-center',
|
|
'content' => implode('', $apiTokenContentElements),
|
|
],
|
|
true
|
|
);
|
|
|
|
$user_id .= $apiTokenContent;
|
|
|
|
$CodeQRContent .= html_print_div(['id' => 'qr_container_image', 'class' => 'scale-0-8'], true);
|
|
$CodeQRContent .= html_print_anchor(
|
|
['id' => 'qr_code_agent_view'],
|
|
true
|
|
);
|
|
$CodeQRContent .= '<br/>'.$custom_id_div;
|
|
|
|
// QR code div.
|
|
$CodeQRTable = html_print_div(
|
|
[
|
|
'class' => 'agent_qr',
|
|
'content' => $CodeQRContent,
|
|
],
|
|
true
|
|
);
|
|
} else {
|
|
$user_id = '<div class="label_select_simple">'.html_print_input_text_extended(
|
|
'id_user',
|
|
$id,
|
|
'',
|
|
'',
|
|
20,
|
|
255,
|
|
!$new_user || $view_mode,
|
|
'',
|
|
[
|
|
'class' => 'input_line',
|
|
'placeholder' => __('User ID'),
|
|
],
|
|
true
|
|
).'</div>';
|
|
}
|
|
|
|
if (is_user_admin($id) === true) {
|
|
$avatar = html_print_image(
|
|
'images/people_1.png',
|
|
true,
|
|
['class' => 'user_avatar']
|
|
);
|
|
} else {
|
|
$avatar = html_print_image(
|
|
'images/people_2.png',
|
|
true,
|
|
['class' => 'user_avatar']
|
|
);
|
|
}
|
|
|
|
html_print_div(
|
|
[
|
|
'id' => 'delete_profile_modal',
|
|
'content' => '',
|
|
]
|
|
);
|
|
|
|
$full_name = ' <div class="label_select_simple">'.html_print_input_text_extended(
|
|
'fullname',
|
|
$user_info['fullname'],
|
|
'fullname',
|
|
'',
|
|
20,
|
|
100,
|
|
$view_mode,
|
|
'',
|
|
[
|
|
'class' => 'input',
|
|
'placeholder' => __('Full (display) name'),
|
|
],
|
|
true
|
|
).'</div>';
|
|
|
|
$language = '<div class="label_select"><p class="edit_user_labels">'.__('Language').'</p>';
|
|
$language .= html_print_select_from_sql(
|
|
'SELECT id_language, name FROM tlanguage',
|
|
'language',
|
|
$user_info['language'],
|
|
'',
|
|
__('Default'),
|
|
'default',
|
|
true
|
|
).'</div>';
|
|
|
|
|
|
$timezone = '<div class="label_select"><p class="edit_user_labels">'.__('Timezone').ui_print_help_tip(
|
|
__('The timezone must be that of the associated server.'),
|
|
true
|
|
).'</p>';
|
|
$timezone .= html_print_timezone_select('timezone', $user_info['timezone']).'</div>';
|
|
|
|
if ($config['user_can_update_password']) {
|
|
$new_pass = '<div class="label_select_simple"><span>'.html_print_input_text_extended(
|
|
'password_new',
|
|
'',
|
|
'password_new',
|
|
'',
|
|
'25',
|
|
'45',
|
|
$view_mode,
|
|
'',
|
|
[
|
|
'class' => 'input',
|
|
'placeholder' => __('Password'),
|
|
],
|
|
true,
|
|
true
|
|
).'</span></div>';
|
|
$new_pass_confirm = '<div class="label_select_simple"><span>'.html_print_input_text_extended(
|
|
'password_confirm',
|
|
'',
|
|
'password_conf',
|
|
'',
|
|
'20',
|
|
'45',
|
|
$view_mode,
|
|
'',
|
|
[
|
|
'class' => 'input',
|
|
'placeholder' => __('Password confirmation'),
|
|
],
|
|
true,
|
|
true
|
|
).'</span></div>';
|
|
|
|
if (!is_user_admin($config['id_user'])) {
|
|
$own_pass_confirm = '<div class="label_select_simple"><span>'.html_print_input_text_extended(
|
|
'own_password_confirm',
|
|
'',
|
|
'own_password_confirm',
|
|
'',
|
|
'20',
|
|
'45',
|
|
$view_mode,
|
|
'',
|
|
[
|
|
'class' => 'input',
|
|
'placeholder' => __('Own password confirmation'),
|
|
],
|
|
true,
|
|
true
|
|
).'</span></div>';
|
|
}
|
|
}
|
|
|
|
if (users_is_admin() === true) {
|
|
$global_profile = '<div class="label_select_simple" style="display: flex;align-items: center;">';
|
|
$global_profile .= '<p class="edit_user_labels" style="margin-top: 0;">'.__('Administrator user').'</p>';
|
|
$global_profile .= html_print_checkbox_switch(
|
|
'is_admin',
|
|
0,
|
|
$user_info['is_admin'],
|
|
true
|
|
);
|
|
$global_profile .= '</div>';
|
|
} else {
|
|
$global_profile = html_print_input_hidden(
|
|
'is_admin_sent',
|
|
0,
|
|
true
|
|
);
|
|
}
|
|
|
|
$email = '<div class="label_select_simple">'.html_print_input_text_extended(
|
|
'email',
|
|
$user_info['email'],
|
|
'email',
|
|
'',
|
|
'25',
|
|
'100',
|
|
$view_mode,
|
|
'',
|
|
[
|
|
'class' => 'input input_line',
|
|
'placeholder' => __('E-mail'),
|
|
],
|
|
true
|
|
).'</div>';
|
|
|
|
$phone = '<div class="label_select_simple">'.html_print_input_text_extended(
|
|
'phone',
|
|
$user_info['phone'],
|
|
'phone',
|
|
'',
|
|
'20',
|
|
'30',
|
|
$view_mode,
|
|
'',
|
|
[
|
|
'class' => 'input input_line phone_icon_input',
|
|
'placeholder' => __('Phone number'),
|
|
],
|
|
true
|
|
).'</div>';
|
|
|
|
$comments = '<p class="edit_user_labels">'.__('Comments').'</p>';
|
|
$comments .= html_print_textarea(
|
|
'comments',
|
|
2,
|
|
65,
|
|
$user_info['comments'],
|
|
($view_mode ? 'readonly="readonly"' : ''),
|
|
true
|
|
);
|
|
|
|
$allowedIP = '<p class="edit_user_labels">';
|
|
$allowedIP .= __('Login allowed IP list').' ';
|
|
$allowedIP .= ui_print_help_tip(__('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), true).' ';
|
|
$allowedIP .= html_print_checkbox_switch(
|
|
'allowed_ip_active',
|
|
0,
|
|
($user_info['allowed_ip_active'] ?? 0),
|
|
true
|
|
);
|
|
$allowedIP .= '</p>';
|
|
$allowedIP .= html_print_textarea(
|
|
'allowed_ip_list',
|
|
2,
|
|
65,
|
|
($user_info['allowed_ip_list'] ?? 0),
|
|
(((bool) $view_mode === true) ? 'readonly="readonly"' : ''),
|
|
true
|
|
);
|
|
|
|
|
|
// If we want to create a new user, skins displayed are the skins of the creator's group. If we want to update, skins displayed are the skins of the modified user.
|
|
$own_info = get_user_info($config['id_user']);
|
|
if ($own_info['is_admin'] || check_acl($config['id_user'], 0, 'PM')) {
|
|
$display_all_group = true;
|
|
} else {
|
|
$display_all_group = false;
|
|
}
|
|
|
|
if ($new_user) {
|
|
$usr_groups = (users_get_groups($config['id_user'], 'AR', $display_all_group));
|
|
$id_usr = $config['id_user'];
|
|
} else {
|
|
$usr_groups = (users_get_groups($id, 'AR', $display_all_group));
|
|
$id_usr = $id;
|
|
}
|
|
|
|
if (is_metaconsole() === false) {
|
|
// User only can change skins if has more than one group.
|
|
if (function_exists('skins_print_select')) {
|
|
if (count($usr_groups) > 1) {
|
|
if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
|
|
$skin = '<div class="label_select"><p class="edit_user_labels">'.__('Skin').'</p>';
|
|
$skin .= skins_print_select($id_usr, 'skin', $user_info['id_skin'], '', __('None'), 0, true).'</div>';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if (is_metaconsole() === true) {
|
|
$array_filters = get_filters_custom_fields_view(0, true);
|
|
|
|
$searchCustomFieldView = [];
|
|
$searchCustomFieldView[] = __('Search custom field view');
|
|
$searchCustomFieldView[] = html_print_select(
|
|
$array_filters,
|
|
'default_custom_view',
|
|
$user_info['default_custom_view'],
|
|
'',
|
|
__('None'),
|
|
0,
|
|
true,
|
|
false,
|
|
true,
|
|
'',
|
|
false
|
|
).ui_print_input_placeholder(
|
|
__('Load by default the selected view in custom field view'),
|
|
true
|
|
);
|
|
}
|
|
|
|
$size_pagination = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Block size for pagination').'</p>';
|
|
$size_pagination .= html_print_input_text(
|
|
'block_size',
|
|
$user_info['block_size'],
|
|
'',
|
|
5,
|
|
5,
|
|
true
|
|
).'</div>';
|
|
|
|
if ($id === $config['id_user']) {
|
|
$language .= html_print_input_hidden(
|
|
'quick_language_change',
|
|
1,
|
|
true
|
|
);
|
|
}
|
|
|
|
if (enterprise_installed() === true && is_metaconsole() === true) {
|
|
$user_info_metaconsole_access = 'only_console';
|
|
if (isset($user_info['metaconsole_access'])) {
|
|
$user_info_metaconsole_access = $user_info['metaconsole_access'];
|
|
}
|
|
|
|
$metaconsole_accesses = [
|
|
'basic' => __('Basic'),
|
|
'advanced' => __('Advanced'),
|
|
];
|
|
|
|
$outputMetaAccess = [];
|
|
$outputMetaAccess[] = __('Metaconsole access');
|
|
$outputMetaAccess[] = html_print_select(
|
|
$metaconsole_accesses,
|
|
'metaconsole_access',
|
|
$user_info_metaconsole_access,
|
|
'',
|
|
'',
|
|
-1,
|
|
true,
|
|
false,
|
|
false
|
|
);
|
|
}
|
|
|
|
$user_groups = implode(',', array_keys((users_get_groups($id, 'AR', $display_all_group))));
|
|
|
|
if (empty($user_groups) === false) {
|
|
$event_filter_data = db_get_all_rows_sql('SELECT id_name, id_filter FROM tevent_filter WHERE id_group_filter IN ('.$user_groups.')');
|
|
if ($event_filter_data === false) {
|
|
$event_filter_data = [];
|
|
}
|
|
} else {
|
|
$event_filter_data = [];
|
|
}
|
|
|
|
|
|
$event_filter = [];
|
|
$event_filter[0] = __('None');
|
|
foreach ($event_filter_data as $filter) {
|
|
$event_filter[$filter['id_filter']] = $filter['id_name'];
|
|
}
|
|
|
|
if (is_metaconsole() === true && empty($user_info['metaconsole_default_event_filter']) !== true) {
|
|
$user_info['default_event_filter'] = $user_info['metaconsole_default_event_filter'];
|
|
}
|
|
|
|
$default_event_filter = '<div class="label_select"><p class="edit_user_labels">'.__('Default event filter').'</p>';
|
|
$default_event_filter .= html_print_select(
|
|
$event_filter,
|
|
'default_event_filter',
|
|
($user_info['default_event_filter'] ?? 0),
|
|
'',
|
|
'',
|
|
__('None'),
|
|
true,
|
|
false,
|
|
false
|
|
).'</div>';
|
|
|
|
if (isset($config['ehorus_user_level_conf']) === true && (bool) $config['ehorus_user_level_conf'] === true) {
|
|
$ehorus = '<div class="label_select_simple"><p class="edit_user_labels">'.__('eHorus user access enabled').'</p>';
|
|
$ehorus .= html_print_checkbox_switch(
|
|
'ehorus_user_level_enabled',
|
|
1,
|
|
$user_info['ehorus_user_level_enabled'],
|
|
true
|
|
).'</div>';
|
|
$ehorus .= '<div class="user_edit_ehorus_outer">';
|
|
$ehorus .= '<div class="label_select_simple user_edit_ehorus_inner"><p class="edit_user_labels">'.__('eHorus user').'</p>';
|
|
$ehorus .= html_print_input_text(
|
|
'ehorus_user_level_user',
|
|
$user_info['ehorus_user_level_user'],
|
|
'',
|
|
15,
|
|
45,
|
|
true
|
|
).'</div>';
|
|
$ehorus .= '<div class="label_select_simple user_edit_ehorus_inner"><p class="edit_user_labels">'.__('eHorus password').'</p>';
|
|
$ehorus .= html_print_input_password(
|
|
'ehorus_user_level_pass',
|
|
io_output_password($user_info['ehorus_user_level_pass']),
|
|
'',
|
|
15,
|
|
45,
|
|
true
|
|
).'</div>';
|
|
$ehorus .= '</div>';
|
|
}
|
|
|
|
// Double authentication.
|
|
$doubleAuthElementsContent = [];
|
|
if (isset($config['double_auth_enabled']) === true && (bool) ($config['double_auth_enabled']) === true && check_acl($config['id_user'], 0, 'PM')) {
|
|
// Know if Double Auth is enabled.
|
|
$double_auth_enabled = (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $id);
|
|
// Double authentication elements.
|
|
$doubleAuthElementsSubContent = [];
|
|
// Caption.
|
|
$doubleAuthElementsSubContent[] = '<span>'.__('Double authentication').'</span>';
|
|
// Switch.
|
|
if (($config['2FA_all_users'] == '' && !$double_auth_enabled)
|
|
|| ($config['double_auth_enabled'] == '' && $double_auth_enabled)
|
|
|| check_acl($config['id_user'], 0, 'PM')
|
|
) {
|
|
if ($new_user === false) {
|
|
$doubleAuthElementsSubContent[] = html_print_checkbox_switch('double_auth', 1, $double_auth_enabled, true);
|
|
} else {
|
|
$doubleAuthElementsSubContent[] = ui_print_help_tip(__('User must be created before activating double authentication.'), true);
|
|
}
|
|
}
|
|
|
|
// Control for show.
|
|
$doubleAuthElementsContent[] = html_print_div(
|
|
[
|
|
'style' => 'display: flex; flex-direction: row-reverse; align-items: center;',
|
|
'class' => 'margin-top-10',
|
|
'content' => implode('', $doubleAuthElementsSubContent),
|
|
],
|
|
true
|
|
);
|
|
|
|
// Dialog.
|
|
$doubleAuthElementsContent[] = html_print_div(
|
|
[
|
|
'id' => 'dialog-double_auth',
|
|
'class' => 'invisible',
|
|
'content' => html_print_div(['id' => 'dialog-double_auth-container'], true),
|
|
],
|
|
true
|
|
);
|
|
}
|
|
|
|
if ($double_auth_enabled === true && (bool) $config['double_auth_enabled'] === true && empty($config['2FA_all_users']) === false) {
|
|
$doubleAuthElementsContent[] = html_print_button(
|
|
__('Show information'),
|
|
'show_info',
|
|
false,
|
|
'javascript:show_double_auth_info();',
|
|
'',
|
|
true
|
|
);
|
|
}
|
|
|
|
if (empty($doubleAuthElementsContent) === false) {
|
|
$doubleAuthentication = html_print_div(['content' => implode('', $doubleAuthElementsContent)], true);
|
|
} else {
|
|
$doubleAuthentication = '';
|
|
}
|
|
|
|
$autorefresh_list_out = [];
|
|
if (is_metaconsole() === false || is_centralized() === true) {
|
|
$autorefresh_list_out['operation/agentes/estado_agente'] = 'Agent detail';
|
|
$autorefresh_list_out['operation/agentes/ver_agente'] = 'Agent view';
|
|
$autorefresh_list_out['operation/agentes/alerts_status'] = 'Alert detail';
|
|
$autorefresh_list_out['enterprise/operation/cluster/cluster'] = 'Cluster view';
|
|
$autorefresh_list_out['operation/gis_maps/render_view'] = 'Gis Map';
|
|
$autorefresh_list_out['operation/reporting/graph_viewer'] = 'Graph Viewer';
|
|
$autorefresh_list_out['operation/snmpconsole/snmp_view'] = 'SNMP console';
|
|
|
|
if (enterprise_installed()) {
|
|
$autorefresh_list_out['general/sap_view'] = 'SAP view';
|
|
}
|
|
}
|
|
|
|
$autorefresh_list_out['operation/agentes/tactical'] = 'Tactical view';
|
|
$autorefresh_list_out['operation/agentes/group_view'] = 'Group view';
|
|
$autorefresh_list_out['operation/agentes/status_monitor'] = 'Monitor detail';
|
|
$autorefresh_list_out['enterprise/operation/services/services'] = 'Services';
|
|
$autorefresh_list_out['operation/dashboard/dashboard'] = 'Dashboard';
|
|
|
|
$autorefresh_list_out['operation/visual_console/render_view'] = 'Visual console';
|
|
$autorefresh_list_out['operation/events/events'] = 'Events';
|
|
|
|
|
|
if (isset($autorefresh_list) === false || empty($autorefresh_list) === true || empty($autorefresh_list[0]) === true) {
|
|
$select = db_process_sql("SELECT autorefresh_white_list FROM tusuario WHERE id_user = '".$id."'");
|
|
$autorefresh_list = json_decode($select[0]['autorefresh_white_list']);
|
|
if ($autorefresh_list === null || $autorefresh_list === 0) {
|
|
$autorefresh_list = [];
|
|
$autorefresh_list[0] = __('None');
|
|
} else {
|
|
$aux = [];
|
|
$count_autorefresh_list = count($autorefresh_list);
|
|
for ($i = 0; $i < $count_autorefresh_list; $i++) {
|
|
if ($autorefresh_list[$i] === 'operation/agentes/pandora_networkmap') {
|
|
continue;
|
|
}
|
|
|
|
$aux[$autorefresh_list[$i]] = $autorefresh_list_out[$autorefresh_list[$i]];
|
|
unset($autorefresh_list_out[$autorefresh_list[$i]]);
|
|
$autorefresh_list[$i] = $aux;
|
|
}
|
|
|
|
$autorefresh_list = $aux;
|
|
}
|
|
} else {
|
|
if (is_array($autorefresh_list) === false || empty($autorefresh_list[0]) === true || $autorefresh_list[0] === '0') {
|
|
$autorefresh_list = [];
|
|
$autorefresh_list[0] = __('None');
|
|
} else {
|
|
$aux = [];
|
|
$count_autorefresh_list = count($autorefresh_list);
|
|
for ($i = 0; $i < $count_autorefresh_list; $i++) {
|
|
$aux[$autorefresh_list[$i]] = $autorefresh_list_out[$autorefresh_list[$i]];
|
|
unset($autorefresh_list_out[$autorefresh_list[$i]]);
|
|
$autorefresh_list[$i] = $aux;
|
|
}
|
|
|
|
$autorefresh_list = $aux;
|
|
}
|
|
}
|
|
|
|
if (is_metaconsole() === true) {
|
|
enterprise_include_once('include/functions_metaconsole.php');
|
|
|
|
$access_node = db_get_value('metaconsole_access_node', 'tusuario', 'id_user', $id);
|
|
|
|
$metaconsoleAgentManager = [];
|
|
$metaconsoleAgentManager[] = __('Enable agents managment');
|
|
$metaconsoleAgentManager[] = html_print_checkbox_switch(
|
|
'metaconsole_agents_manager',
|
|
1,
|
|
$user_info['metaconsole_agents_manager'],
|
|
true
|
|
);
|
|
|
|
$metaconsoleAgentManager[] = __('Enable node access').ui_print_help_tip(
|
|
__('With this option enabled, the user will can access to nodes console'),
|
|
true
|
|
);
|
|
$metaconsoleAgentManager[] = html_print_checkbox_switch(
|
|
'metaconsole_access_node',
|
|
1,
|
|
$access_node,
|
|
true
|
|
);
|
|
}
|
|
|
|
echo '<div class="max_floating_element_size">';
|
|
echo '<form id="user_profile_form" name="user_profile_form" method="post" autocomplete="off" action="#">';
|
|
|
|
if (!$id) {
|
|
$user_id_update_view = $user_id;
|
|
$user_id_create = '';
|
|
} else {
|
|
$user_id_update_view = '';
|
|
$user_id_create = $user_id;
|
|
}
|
|
|
|
// User management form.
|
|
require_once 'user_management.php';
|
|
|
|
if ((bool) $config['admin_can_add_user'] === true) {
|
|
html_print_csrf_hidden();
|
|
html_print_input_hidden((($new_user === true) ? 'create_user' : 'update_user'), 1);
|
|
}
|
|
|
|
echo '</div>';
|
|
html_print_input_hidden('json_profile', $json_profile);
|
|
|
|
echo '</form>';
|
|
|
|
// User Profile definition table. (Only where user is not creating).
|
|
if ((bool) check_acl($config['id_user'], 0, 'UM') === true) {
|
|
profile_print_profile_table($id, io_safe_output($json_profile), false, ($is_err === true));
|
|
}
|
|
|
|
echo '</div>';
|
|
|
|
$actionButtons = [];
|
|
|
|
if ((bool) $config['admin_can_add_user'] === true) {
|
|
if ($new_user === true) {
|
|
$submitButtonCaption = __('Create');
|
|
$submitButtonName = 'crtbutton';
|
|
$submitButtonIcon = 'wand';
|
|
} else {
|
|
$submitButtonCaption = __('Update');
|
|
$submitButtonName = 'uptbutton';
|
|
$submitButtonIcon = 'update';
|
|
}
|
|
|
|
$actionButtons[] = html_print_submit_button(
|
|
$submitButtonCaption,
|
|
$submitButtonName,
|
|
false,
|
|
[
|
|
'icon' => $submitButtonIcon,
|
|
'form' => 'user_profile_form',
|
|
],
|
|
true
|
|
);
|
|
}
|
|
|
|
if ((bool) check_acl($config['id_user'], 0, 'UM') === true) {
|
|
$actionButtons[] = html_print_go_back_button(
|
|
ui_get_full_url('index.php?sec=gusuarios&sec2=godmode/users/user_list&tab=user&pure=0'),
|
|
['button_class' => ''],
|
|
true
|
|
);
|
|
}
|
|
|
|
html_print_action_buttons(implode('', $actionButtons), ['type' => 'form_action']);
|
|
|
|
echo '</div>';
|
|
|
|
// This is an image generated for JS.
|
|
$delete_image = html_print_input_image(
|
|
'del',
|
|
'images/delete.svg',
|
|
1,
|
|
'',
|
|
true,
|
|
[
|
|
'onclick' => 'delete_profile(event, this)',
|
|
'class' => 'invert_filter main_menu_icon',
|
|
]
|
|
);
|
|
|
|
if (is_metaconsole() === false) {
|
|
?>
|
|
|
|
<style>
|
|
/* Styles for timezone map */
|
|
#timezone-picker div.timezone-picker {
|
|
margin: 0 auto;
|
|
}
|
|
</style>
|
|
|
|
<script language="javascript" type="text/javascript">
|
|
$(document).ready(function() {
|
|
// Set up the picker to update target timezone and country select lists.
|
|
$('#timezone-image').timezonePicker({
|
|
target: '#timezone1',
|
|
});
|
|
|
|
// Optionally an auto-detect button to trigger JavaScript geolocation.
|
|
$('#timezone-detect').click(function() {
|
|
$('#timezone-image').timezonePicker('detectLocation');
|
|
});
|
|
});
|
|
</script>
|
|
<?php
|
|
// Include OpenLayers and timezone user map library.
|
|
echo '<script type="text/javascript" src="'.ui_get_full_url('include/javascript/timezonepicker/lib/jquery.timezone-picker.min.js').'"></script>'."\n\t";
|
|
echo '<script type="text/javascript" src="'.ui_get_full_url('include/javascript/timezonepicker/lib/jquery.maphilight.min.js').'"></script>'."\n\t";
|
|
// Closes no meta condition.
|
|
}
|
|
|
|
?>
|
|
|
|
<script type="text/javascript">
|
|
var json_profile = $('#hidden-json_profile');
|
|
/* <![CDATA[ */
|
|
$(document).ready(function() {
|
|
$("#right_autorefreshlist").click(function() {
|
|
jQuery.each($("select[name='autorefresh_list_out[]'] option:selected"), function(key, value) {
|
|
imodule_name = $(value).html();
|
|
if (imodule_name != <?php echo "'".__('None')."'"; ?>) {
|
|
id_imodule = $(value).attr('value');
|
|
$("select[name='autorefresh_list[]'] option").each(function() { $(this).attr("selected", true) });
|
|
$("select[name='autorefresh_list[]']").append($("<option></option>").val(id_imodule).html('<i>' + imodule_name + '</i>').attr("selected", true));
|
|
$("#autorefresh_list_out").find("option[value='" + id_imodule + "']").remove();
|
|
$("#autorefresh_list").find("option[value='']").remove();
|
|
$("#autorefresh_list").find("option[value='0']").remove();
|
|
if ($("#autorefresh_list_out option").length == 0) {
|
|
$("select[name='autorefresh_list_out[]']").append($("<option></option>").val('').html('<i><?php echo __('None'); ?></i>'));
|
|
}
|
|
}
|
|
});
|
|
});
|
|
|
|
$("#left_autorefreshlist").click(function() {
|
|
jQuery.each($("select[name='autorefresh_list[]'] option:selected"), function(key, value) {
|
|
imodule_name = $(value).html();
|
|
if (imodule_name != <?php echo "'".__('None')."'"; ?>) {
|
|
id_imodule = $(value).attr('value');
|
|
$("#autorefresh_list").find("option[value='" + id_imodule + "']").remove();
|
|
$("#autorefresh_list_out").find("option[value='']").remove();
|
|
$("select[name='autorefresh_list_out[]']").append($("<option><option>").val(id_imodule).html('<i>' + imodule_name + '</i>'));
|
|
$("#autorefresh_list_out option").last().remove();
|
|
if ($("#autorefresh_list option").length == 0) {
|
|
$("select[name='autorefresh_list[]']").append($("<option></option>").val('').html('<i><?php echo __('None'); ?></i>'));
|
|
}
|
|
}
|
|
});
|
|
});
|
|
|
|
$("#button-uptbutton").click (function () {
|
|
if($("#autorefresh_list option").length > 0) {
|
|
$('#autorefresh_list option').prop('selected', true);
|
|
}
|
|
});
|
|
|
|
$("input#checkbox-double_auth").change(function(e) {
|
|
e.preventDefault();
|
|
if (this.checked) {
|
|
show_double_auth_activation();
|
|
} else {
|
|
show_double_auth_deactivation();
|
|
}
|
|
});
|
|
|
|
$('#checkbox-is_admin').change(function() {
|
|
if ($('#checkbox-is_admin').is(':checked') == true) {
|
|
$('#metaconsole_agents_manager_div').hide();
|
|
$('#metaconsole_access_node_div').hide();
|
|
$('#metaconsole_assigned_server_div').hide();
|
|
} else {
|
|
$('#metaconsole_agents_manager_div').show();
|
|
$('#metaconsole_access_node_div').show();
|
|
if ($('#checkbox-metaconsole_agents_manager').prop('checked')) {
|
|
$('#metaconsole_assigned_server_div').show();
|
|
}
|
|
}
|
|
});
|
|
|
|
$('#checkbox-metaconsole_agents_manager').change(function() {
|
|
if ($('#checkbox-metaconsole_agents_manager').prop('checked')) {
|
|
$('#metaconsole_assigned_server_div').show();
|
|
} else {
|
|
$('#metaconsole_assigned_server_div').hide();
|
|
}
|
|
});
|
|
|
|
$('#checkbox-is_admin').trigger('change');
|
|
$('#checkbox-metaconsole_agents_manager').trigger('change');
|
|
|
|
show_data_section();
|
|
$('#checkbox-ehorus_user_level_enabled').change(function() {
|
|
switch_ehorus_conf();
|
|
});
|
|
$('#checkbox-ehorus_user_level_enabled').trigger('change');
|
|
var img_delete = '<?php echo $delete_image; ?>';
|
|
var id_user = '<?php echo io_safe_output($id); ?>';
|
|
var is_metaconsole = '<?php echo is_metaconsole(); ?>';
|
|
var user_is_global_admin = '<?php echo users_is_admin($id); ?>';
|
|
var is_err = '<?php echo $is_err; ?>';
|
|
var data = [];
|
|
var aux = 0;
|
|
|
|
function addProfile(form) {
|
|
try {
|
|
var data = JSON.parse(json_profile.val());
|
|
} catch {
|
|
var data = [];
|
|
}
|
|
|
|
var profile = $('#assign_profile').val();
|
|
var profile_text = $('#assign_profile option:selected').text();
|
|
var group = $('#assign_group').val();
|
|
var group_text = $('#assign_group option:selected').text();
|
|
var tags = $('#assign_tags').val();
|
|
var tags_text = $('#assign_tags option:selected').toArray().map(item => item.text).join();
|
|
if ($('#checkbox-no_hierarchy').is(':checked')) {
|
|
var hierarchy = 1;
|
|
var hierarchy_text = '<?php echo __('yes'); ?>';
|
|
} else {
|
|
var hierarchy = 0;
|
|
var hierarchy_text = '<?php echo __('no'); ?>';
|
|
}
|
|
|
|
if (profile === '0' || group === '-1') {
|
|
alert('<?php echo __('Please select profile and group'); ?>');
|
|
return;
|
|
}
|
|
|
|
if (id_user == '' || is_err == 1) {
|
|
let new_json = `{"profile":${profile},"group":${group},"tags":[${tags}],"hierarchy":${hierarchy}}`;
|
|
|
|
var profile_is_added = Object.entries(data).find(function(_data) {
|
|
return _data[1] === new_json;
|
|
});
|
|
|
|
if (typeof profile_is_added === 'undefined') {
|
|
data.push(new_json);
|
|
} else {
|
|
alert('<?php echo __('This profile is already defined'); ?>');
|
|
return;
|
|
}
|
|
|
|
json_profile.val(JSON.stringify(data));
|
|
|
|
profile_text = `<a href="index.php?sec2=godmode/users/configure_profile&id=${profile}">${profile_text}</a>`;
|
|
group_img = `<img id="img_group_${aux}" src="" data-title="${group_text}" data-use_title_for_force_title="1" class="invert_filter main_menu_icon bot forced_title" alt="${group_text}"/>`;
|
|
group_text = `<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id=${group}">${group_img} ${group_text}</a>`;
|
|
|
|
$('#table_profiles tr:last').before(
|
|
`<tr>
|
|
<td>${profile_text}</td>
|
|
<td>${group_text}</td>
|
|
<td>${tags_text}</td>
|
|
<td>${hierarchy_text}</td>
|
|
<td>${img_delete}</td>
|
|
</tr>`
|
|
);
|
|
|
|
getGroupIcon(group, $(`#img_group_${aux}`));
|
|
aux++;
|
|
|
|
} else {
|
|
form.submit();
|
|
}
|
|
}
|
|
|
|
$('input:image[name="add"]').click(function(e) {
|
|
e.preventDefault();
|
|
|
|
if (id_user.length === 0) {
|
|
addProfile(this.form);
|
|
return;
|
|
}
|
|
|
|
var params = [];
|
|
params.push("get_user_profile=1");
|
|
params.push("profile_id=" + $('#assign_profile').val())
|
|
params.push("group_id=" + $('#assign_group').val());
|
|
params.push("user_id=" + id_user);
|
|
params.push("page=godmode/users/configure_user");
|
|
jQuery.ajax({
|
|
data: params.join("&"),
|
|
type: 'POST',
|
|
dataType: "json",
|
|
async: false,
|
|
form: this.form,
|
|
url: action = "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
|
|
success: function(data) {
|
|
if (data.length > 0) {
|
|
alert('<?php echo __('This profile is already defined'); ?>');
|
|
} else {
|
|
addProfile(this.form);
|
|
}
|
|
}
|
|
});
|
|
});
|
|
|
|
$('input:image[name="del"]').click(function(e) {
|
|
|
|
|
|
var rows = $("#table_profiles tr").length;
|
|
let deleteuser = 0;
|
|
e.preventDefault();
|
|
var id_user_profile = $(this).siblings();
|
|
id_user_profile = id_user_profile[1].value;
|
|
var row = $(this).closest('tr');
|
|
|
|
if (((is_metaconsole === '1' && rows <= 3) || (is_metaconsole !== '1' && rows <= 3)) && user_is_global_admin !== '1') {
|
|
$("#delete_profile_modal")
|
|
.empty()
|
|
.html("<?php echo __('Deleting this profile will leave your user without a profile or group. You can continue by deleting the user or preserving it.'); ?>");
|
|
// Set the title.
|
|
$("#delete_profile_modal").prop("title", "<?php echo __('Are you sure?'); ?>");
|
|
// Build the dialog for show the mesage.
|
|
$("#delete_profile_modal").dialog({
|
|
resizable: true,
|
|
draggable: true,
|
|
modal: true,
|
|
width: 500,
|
|
buttons: [
|
|
{
|
|
text: "Cancel",
|
|
click: function() {
|
|
$(this).dialog("close");
|
|
return false;
|
|
}
|
|
},
|
|
{
|
|
text: "Delete",
|
|
click: function() {
|
|
$(this).dialog("close");
|
|
deleteuser = 1;
|
|
delete_user_profile(id_user_profile, row, id_user, deleteuser);
|
|
}
|
|
},
|
|
{
|
|
text: "Preserve",
|
|
click: function() {
|
|
$(this).dialog("close");
|
|
deleteuser = 0;
|
|
delete_user_profile(id_user_profile, row, id_user, deleteuser)
|
|
}
|
|
}
|
|
],
|
|
overlay: {
|
|
opacity: 0.5,
|
|
background: "black"
|
|
},
|
|
closeOnEscape: false,
|
|
open: function(event, ui) {
|
|
$(".ui-dialog-titlebar-close").hide();
|
|
}
|
|
});
|
|
} else {
|
|
if (((is_metaconsole === '1' && rows <= 3) || (is_metaconsole === '' && rows <= 3)) && user_is_global_admin !== '1') {
|
|
if (!confirm('<?php echo __('Deleting last profile will delete this user'); ?>' + '. ' + '<?php echo __('Are you sure?'); ?>')) {
|
|
return false;
|
|
} else {
|
|
delete_user_profile(id_user_profile, row, id_user, deleteuser);
|
|
}
|
|
} else {
|
|
if (!confirm('Are you sure?')) {
|
|
return false;
|
|
} else {
|
|
delete_user_profile(id_user_profile, row, id_user, deleteuser);
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($(json_profile).length > 0) return;
|
|
});
|
|
|
|
function delete_user_profile(id_user_profile, row, id_user, deleteuser){
|
|
var params = [];
|
|
params.push("delete_profile=1");
|
|
params.push("edit_user=1");
|
|
params.push("delete_user=" + deleteuser);
|
|
params.push("id_user=" + id_user);
|
|
params.push("id_user_profile=" + id_user_profile);
|
|
params.push("page=godmode/users/configure_user");
|
|
jQuery.ajax({
|
|
data: params.join("&"),
|
|
type: 'POST',
|
|
url: action = "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
|
|
success: function(data) {
|
|
row.remove();
|
|
var rows = $("#table_profiles tr").length;
|
|
if (is_metaconsole === '' && rows <= 2 && user_is_global_admin !== '1' && deleteuser == '1') {
|
|
window.location.replace("<?php echo ui_get_full_url('index.php?sec=gusuarios&sec2=godmode/users/user_list&tab=user&pure=0', false, false, false); ?>");
|
|
} else if (is_metaconsole === '1' && rows <= 2 && user_is_global_admin !== '1' && deleteuser == '1') {
|
|
window.location.replace("<?php echo ui_get_full_url('index.php?sec=advanced&sec2=advanced/users_setup', false, false, true); ?>");
|
|
}
|
|
}
|
|
});
|
|
}
|
|
|
|
function checkProfiles(e) {
|
|
e.preventDefault();
|
|
if ($('#checkbox-is_admin').is(':checked') == true) {
|
|
// Admin does not require profiles.
|
|
$('#user_profile_form').submit();
|
|
} else {
|
|
if ($('#table_profiles tbody').children().length == 1) {
|
|
confirmDialog({
|
|
title: "<?php echo __('Warning'); ?>",
|
|
message: "<?php echo __('User will be created without profiles assigned and won\'t be able to log in, are you sure?'); ?>",
|
|
onAccept: function() {
|
|
$('#user_profile_form').submit();
|
|
}
|
|
});
|
|
} else {
|
|
$('#user_profile_form').submit();
|
|
}
|
|
}
|
|
}
|
|
|
|
$('#submit-crtbutton').click(function(e) {
|
|
checkProfiles(e);
|
|
});
|
|
|
|
$('#submit-uptbutton').click(function(e) {
|
|
checkProfiles(e);
|
|
});
|
|
});
|
|
|
|
function delete_profile(event, btn) {
|
|
event.preventDefault();
|
|
var row = btn.parentNode.parentNode;
|
|
var position = row.rowIndex;
|
|
row.parentNode.removeChild(row);
|
|
|
|
var json = json_profile.val();
|
|
var test = JSON.parse(json);
|
|
|
|
var position_offset = <?php echo (is_metaconsole() === true) ? 2 : 1; ?>;
|
|
|
|
test.splice(position - position_offset, 1);
|
|
json_profile.val(JSON.stringify(test));
|
|
}
|
|
|
|
function show_data_section() {
|
|
var section = $("#section").val();
|
|
if(section === 'other'){
|
|
section = 'external_link';
|
|
}
|
|
var allElements = $('div[id^="custom_home_screen_"]');
|
|
var elementSelected = $('div[id="custom_home_screen_' + section + '"]');
|
|
// Hide all elements.
|
|
allElements.each(function() {
|
|
$(this).addClass('invisible');
|
|
$(this).children().addClass('invisible');
|
|
})
|
|
// Show only the selected.
|
|
elementSelected.removeClass('invisible');
|
|
elementSelected.children().removeClass('invisible');
|
|
}
|
|
|
|
function switch_ehorus_conf() {
|
|
if (!$('#checkbox-ehorus_user_level_enabled').prop('checked')) {
|
|
$(".user_edit_ehorus_outer").hide();
|
|
|
|
} else {
|
|
$(".user_edit_ehorus_outer").show();
|
|
}
|
|
|
|
|
|
}
|
|
|
|
function show_double_auth_info() {
|
|
var userID = '<?php echo io_safe_output($id); ?>';
|
|
|
|
var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
|
|
var $dialogContainer = $("div#dialog-double_auth-container");
|
|
|
|
$dialogContainer.html($loadingSpinner);
|
|
// Load the info page
|
|
var request = $.ajax({
|
|
url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
|
|
type: 'POST',
|
|
dataType: 'html',
|
|
data: {
|
|
page: 'include/ajax/double_auth.ajax',
|
|
id_user: userID,
|
|
id_user_auth: userID,
|
|
get_double_auth_data_page: 1,
|
|
FA_forced: 1,
|
|
containerID: $dialogContainer.prop('id')
|
|
},
|
|
complete: function(xhr, textStatus) {
|
|
|
|
},
|
|
success: function(data, textStatus, xhr) {
|
|
// isNaN = is not a number
|
|
if (isNaN(data)) {
|
|
$dialogContainer.html(data);
|
|
}
|
|
// data is a number, convert it to integer to do the compare
|
|
else if (Number(data) === -1) {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
|
|
} else {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Error').'</div></b>'; ?>");
|
|
}
|
|
},
|
|
error: function(xhr, textStatus, errorThrown) {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error loading the data').'</div></b>'; ?>");
|
|
}
|
|
});
|
|
|
|
$("div#dialog-double_auth")
|
|
.css('display', 'block')
|
|
.append($dialogContainer)
|
|
.dialog({
|
|
resizable: true,
|
|
draggable: true,
|
|
modal: true,
|
|
title: "<?php echo __('Double autentication information'); ?>",
|
|
overlay: {
|
|
opacity: 0.5,
|
|
background: "black"
|
|
},
|
|
width: 400,
|
|
height: 375,
|
|
close: function(event, ui) {
|
|
// Abort the ajax request
|
|
if (typeof request != 'undefined')
|
|
request.abort();
|
|
// Remove the contained html
|
|
$dialogContainer.empty();
|
|
}
|
|
})
|
|
.show();
|
|
|
|
}
|
|
|
|
function show_double_auth_activation() {
|
|
var userID = '<?php echo io_safe_output($id); ?>';
|
|
|
|
var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
|
|
var $dialogContainer = $("div#dialog-double_auth-container");
|
|
// Uncheck until completed successfully.
|
|
$("input#checkbox-double_auth").prop("checked", false);
|
|
|
|
$dialogContainer.html($loadingSpinner);
|
|
|
|
// Load the info page
|
|
var request = $.ajax({
|
|
url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
|
|
type: 'POST',
|
|
dataType: 'html',
|
|
data: {
|
|
page: 'include/ajax/double_auth.ajax',
|
|
id_user: userID,
|
|
id_user_auth: userID,
|
|
FA_forced: 1,
|
|
get_double_auth_info_page: 1,
|
|
containerID: $dialogContainer.prop('id')
|
|
},
|
|
complete: function(xhr, textStatus) {
|
|
|
|
},
|
|
success: function(data, textStatus, xhr) {
|
|
// isNaN = is not a number
|
|
if (isNaN(data)) {
|
|
$dialogContainer.html(data);
|
|
}
|
|
// data is a number, convert it to integer to do the compare
|
|
else if (Number(data) === -1) {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
|
|
} else {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Error').'</div></b>'; ?>");
|
|
}
|
|
},
|
|
error: function(xhr, textStatus, errorThrown) {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error loading the data').'</div></b>'; ?>");
|
|
}
|
|
});
|
|
|
|
$("div#dialog-double_auth").dialog({
|
|
resizable: true,
|
|
draggable: true,
|
|
modal: true,
|
|
title: "<?php echo __('Double authentication activation'); ?>",
|
|
overlay: {
|
|
opacity: 0.5,
|
|
background: "black"
|
|
},
|
|
width: 500,
|
|
height: 400,
|
|
close: function(event, ui) {
|
|
// Abort the ajax request
|
|
if (typeof request != 'undefined')
|
|
request.abort();
|
|
// Remove the contained html
|
|
$dialogContainer.empty();
|
|
}
|
|
})
|
|
.show();
|
|
}
|
|
|
|
function show_double_auth_deactivation() {
|
|
var userID = '<?php echo io_safe_output($id); ?>';
|
|
var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
|
|
var $dialogContainer = $("div#dialog-double_auth-container");
|
|
|
|
var message = "<p><?php echo __('Are you sure?').'<br>'.__('The double authentication will be deactivated'); ?></p>";
|
|
var $button = $("<input type=\"button\" value=\"<?php echo __('Deactivate'); ?>\" />");
|
|
// Prevent switch deactivaction until proceess is done
|
|
$("input#checkbox-double_auth").prop("checked", true);
|
|
|
|
|
|
$dialogContainer
|
|
.empty()
|
|
.append(message)
|
|
.append($button);
|
|
|
|
var request;
|
|
|
|
$button.click(function(e) {
|
|
e.preventDefault();
|
|
|
|
$dialogContainer.html($loadingSpinner);
|
|
|
|
// Deactivate the double auth
|
|
request = $.ajax({
|
|
url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
|
|
type: 'POST',
|
|
dataType: 'json',
|
|
data: {
|
|
page: 'include/ajax/double_auth.ajax',
|
|
id_user: userID,
|
|
FA_forced: 1,
|
|
deactivate_double_auth: 1
|
|
},
|
|
complete: function(xhr, textStatus) {
|
|
|
|
},
|
|
success: function(data, textStatus, xhr) {
|
|
if (data === -1) {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
|
|
} else if (data) {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"green\">'.__('The double autentication was deactivated successfully').'</div></b>'; ?>");
|
|
$("input#checkbox-double_auth").prop("checked", false);
|
|
} else {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error deactivating the double autentication').'</div></b>'; ?>");
|
|
}
|
|
},
|
|
error: function(xhr, textStatus, errorThrown) {
|
|
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error deactivating the double autentication').'</div></b>'; ?>");
|
|
}
|
|
});
|
|
});
|
|
|
|
|
|
$("div#dialog-double_auth").dialog({
|
|
resizable: true,
|
|
draggable: true,
|
|
modal: true,
|
|
title: "<?php echo __('Double authentication activation'); ?>",
|
|
overlay: {
|
|
opacity: 0.5,
|
|
background: "black"
|
|
},
|
|
width: 300,
|
|
height: 150,
|
|
close: function(event, ui) {
|
|
// Abort the ajax request
|
|
if (typeof request != 'undefined')
|
|
request.abort();
|
|
// Remove the contained html
|
|
$dialogContainer.empty();
|
|
|
|
}
|
|
})
|
|
.show();
|
|
}
|
|
|
|
|
|
/* ]]> */
|
|
</script>
|