pandorafms/pandora_console/operation/agentes/ehorus.php

326 lines
11 KiB
PHP

<?php
/**
* Pandora FMS- https://pandorafms.com
* ==================================================
* Copyright (c) 2005-2023 Pandora FMS
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation for version 2.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
// Load global vars
global $config;
if (!$config['ehorus_enabled']) {
return;
}
check_login();
// Get the parameters
$agent_id = (int) get_parameter('id_agente');
$client_tab = (string) get_parameter('client_tab');
if (empty($agent_id)) {
ui_print_error_message(__('Missing agent id'));
return;
}
$group_id = db_get_value('id_grupo', 'tagente', 'id_agente', $agent_id);
if ($group_id === false || (!check_acl($config['id_user'], $group_id, 'AW') && !is_user_admin($config['id_user']))) {
db_pandora_audit(
AUDIT_LOG_ACL_VIOLATION,
'Trying to access eHorus'
);
include 'general/noaccess.php';
return;
}
require_once $config['homedir'].'/include/functions_ui.php';
require_once $config['homedir'].'/include/functions_agents.php';
$ehorus_agent_id = agents_get_agent_custom_field($agent_id, $config['ehorus_custom_field']);
if (empty($ehorus_agent_id)) {
ui_print_error_message(__('Missing ehorus agent id'));
return;
}
// Directory data
$hostname = $config['ehorus_hostname'];
$port = $config['ehorus_port'];
$user = $config['ehorus_user'];
$password = io_safe_output(io_output_password($config['ehorus_pass']));
$curl_timeout = $config['ehorus_req_timeout'];
$base_url = 'https://'.$hostname.':'.$port;
// If user login is enabled, fetch user and pass from user info
if ($config['ehorus_user_level_conf']) {
$user = $user_info['ehorus_user_level_user'];
$password = io_safe_output(io_output_password($user_info['ehorus_user_level_pass']));
}
// Get the login auth token
$login_path = '/api/login';
$body = [
'user' => $user,
'pass' => $password,
'exp' => 300,
// 5 minutes
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $base_url.$login_path);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Accept: application/json']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $curl_timeout);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($body));
$result_login = curl_exec($ch);
$http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$error = false;
if ($result_login === false) {
$error = curl_error($ch);
}
curl_close($ch);
if ($error !== false || $http_status !== 200) {
if ($error !== false) {
// echo $error;
ui_print_error_message(__('There was an error retrieving an authorization token'));
} else {
ui_print_error_message($http_status.' '.$result_login);
}
return;
}
$response_auth = [];
try {
$response_auth = json_decode($result_login, true);
} catch (Exception $e) {
ui_print_error_message(__('There was an error processing the response'));
}
// Get the agent auth token
$token_path = '/api/agents/'.$ehorus_agent_id.'/token';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $base_url.$token_path);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Accept: application/json']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $curl_timeout);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: JWT '.$response_auth['token']]);
$result_token = curl_exec($ch);
$http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$error = false;
if ($result_token === false) {
$error = curl_error($ch);
}
curl_close($ch);
if ($error !== false || $http_status !== 200) {
if ($error !== false) {
// echo $error;
ui_print_error_message(__('There was an error retrieving an authorization token'));
} else {
ui_print_error_message($http_status.' '.$result_token);
}
return;
}
$response_auth = [];
try {
$response_auth = json_decode($result_token, true);
} catch (Exception $e) {
ui_print_error_message(__('There was an error processing the response'));
}
// Get agent info
$agent_path = '/api/agents/'.$ehorus_agent_id;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $base_url.$agent_path);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $curl_timeout);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: JWT '.$response_auth['token']]);
$result_agent = curl_exec($ch);
$http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$error = false;
if ($result_agent === false) {
$error = curl_error($ch);
}
curl_close($ch);
if ($error !== false || $http_status !== 200) {
if ($error !== false) {
// echo $error;
ui_print_error_message(__('There was an error retrieving the agent data'));
} else {
ui_print_error_message($http_status.' '.$result_agent);
}
return;
}
$agent_data = [];
try {
$agent_data = json_decode($result_agent, true);
} catch (Exception $e) {
ui_print_error_message(__('There was an error processing the response'));
}
echo '<table id="ehorus-client-run-info" class="databox w100p"><tr>';
echo '<td>';
echo __('Remote management of this agent with eHorus');
echo '</td><td>';
echo '<input type="button" id="run-ehorus-client" class="sub next" value="'.__('Launch').'" />';
echo '</td>';
echo '</tr></table>';
echo '<div id="expired_message" class="invisible">';
ui_print_error_message(
__('The connection was lost and the authorization token was expired').'. '.__('Reload the page to request a new authorization token').'. '
);
echo '</div>';
echo '<div id="ehorus-client-iframe"></div>';
$query_data = [
'agent_id' => $ehorus_agent_id,
'hostname' => (string) $agent_data['serverAddress'],
'port' => (int) $agent_data['serverPort'],
'token' => (string) $response_auth['token'],
'expiration' => (int) $response_auth['exp'],
'is_busy' => (bool) $agent_data['isBusy'],
'last_connection' => (int) $agent_data['lastConnection'],
'section' => $client_tab,
];
$query = http_build_query($query_data);
$client_url = $config['homeurl'].'operation/agentes/ehorus_client.php?'.$query;
?>
<script type="text/javascript">
$(document).ready(function () {
var handleTabClick = function (section, messager) {
return function (event) {
event.preventDefault();
messager({
action: 'change_section',
payload: {
section: section
}
})
}
}
var heightCorrection = 20;
var createIframe = function (node, src) {
var iframe = document.createElement('iframe');
iframe.src = src;
iframe.style.border = 'none';
iframe.style.position = 'relative';
iframe.style.top = '-' + heightCorrection + 'px';
iframe.style.border = 'none';
resizeIframe(iframe);
node.appendChild(iframe);
return iframe;
}
var getOptimalIframeSize = function () {
var $elem = $('div#ehorus-client-iframe');
return {
width: $elem.width(),
height: $(window).height() - $elem.offset().top + heightCorrection
}
}
var resizeIframe = function (iframe) {
var size = getOptimalIframeSize();
iframe.style.width = size.width + 'px';
iframe.style.height = size.height + 'px';
}
var handleResize = function (iframe) {
return function (event) {
resizeIframe(iframe);
}
}
var handleMessage = function (iframe, actionHandlers) {
return function (event) {
// The message source should be the created iframe
if (event.origin === window.location.origin &&
event.source !== iframe.contentWindow) {
return;
}
if (typeof actionHandlers === 'undefined') return;
if (event.data.action in actionHandlers) {
actionHandlers[event.data.action](event.data.payload);
}
}
}
var messageToElement = function (elem, message) {
elem.postMessage(message, window.location.origin);
}
var handleButtonClick = function (event) {
$('table#ehorus-client-run-info').remove();
// Init iframe
var clientURL = '<?php echo $client_url; ?>';
var iframe = createIframe(document.getElementById('ehorus-client-iframe'), clientURL);
var messageToIframe = function (message) {
return messageToElement(iframe.contentWindow, message)
}
var actionHandlers = {
ready: function () {
$('a.ehorus_tab').click(handleTabClick('system', messageToIframe));
$('a.tab_terminal').click(handleTabClick('terminal', messageToIframe));
$('a.tab_display').click(handleTabClick('display', messageToIframe));
$('a.tab_processes').click(handleTabClick('processes', messageToIframe));
$('a.tab_services').click(handleTabClick('services', messageToIframe));
$('a.tab_files').click(handleTabClick('files', messageToIframe));
},
expired: function () {
$(iframe).remove();
$('a.ehorus_tab').unbind('click');
$('a.tab_terminal').unbind('click');
$('a.tab_display').unbind('click');
$('a.tab_processes').unbind('click');
$('a.tab_services').unbind('click');
$('a.tab_files').unbind('click');
iframe = null;
$('div#expired_message').show();
}
}
// Listen for messages
window.addEventListener('message', handleMessage(iframe, actionHandlers));
// Listen for resize
window.addEventListener('resize', handleResize(iframe));
}
$('input#run-ehorus-client').click(handleButtonClick);
});
</script>