377 lines
10 KiB
PHP
377 lines
10 KiB
PHP
<?php
|
|
|
|
// Pandora FMS - http://pandorafms.com
|
|
// ==================================================
|
|
// Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
|
|
// Please see http://pandorafms.org for full contribution list
|
|
// This program is free software; you can redistribute it and/or
|
|
// modify it under the terms of the GNU Lesser General Public License
|
|
// as published by the Free Software Foundation; version 2
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
|
|
/**
|
|
* @package Include
|
|
* @subpackage Profile_Functions
|
|
*/
|
|
|
|
|
|
function profile_exist($name)
|
|
{
|
|
return (bool) db_get_value('id_perfil', 'tperfil', 'name', $name);
|
|
}
|
|
|
|
|
|
/**
|
|
* Get profile name from id.
|
|
*
|
|
* @param integer $id_profile Id profile in tperfil
|
|
*
|
|
* @return string Profile name of the given id
|
|
*/
|
|
function profile_get_name($id_profile)
|
|
{
|
|
return (string) db_get_value('name', 'tperfil', 'id_perfil', (int) $id_profile);
|
|
}
|
|
|
|
|
|
/**
|
|
* Selects all profiles (array (id => name)) or profiles filtered
|
|
*
|
|
* @param mixed Array with filter conditions to retrieve profiles or false.
|
|
*
|
|
* @return array List of all profiles
|
|
*/
|
|
function profile_get_profiles($filter=false)
|
|
{
|
|
if ($filter === false) {
|
|
$profiles = db_get_all_rows_in_table('tperfil', 'name');
|
|
} else {
|
|
$profiles = db_get_all_rows_filter('tperfil', $filter);
|
|
}
|
|
|
|
$return = [];
|
|
if ($profiles === false) {
|
|
return $return;
|
|
}
|
|
|
|
foreach ($profiles as $profile) {
|
|
$return[$profile['id_perfil']] = $profile['name'];
|
|
}
|
|
|
|
return $return;
|
|
}
|
|
|
|
|
|
/**
|
|
* Create Profile for User
|
|
*
|
|
* @param string User ID
|
|
* @param int Profile ID (default 1 => AR)
|
|
* @param int Group ID (default 1 => All)
|
|
* @param string Assign User who assign the profile to user.
|
|
* @param string tags where the view of the user in this group will be restricted
|
|
* @param bool Profile is marked to not provide hierarchy
|
|
*
|
|
* @return mixed Number id if succesful, false if not
|
|
*/
|
|
function profile_create_user_profile(
|
|
$id_user,
|
|
$id_profile=1,
|
|
$id_group=0,
|
|
$assignUser=false,
|
|
$tags='',
|
|
$no_hierarchy=false
|
|
) {
|
|
global $config;
|
|
|
|
if (empty($id_profile) || $id_group < 0) {
|
|
return false;
|
|
}
|
|
|
|
// Checks if the user exists
|
|
$result_user = users_get_user_by_id($id_user);
|
|
|
|
if (!$result_user) {
|
|
return false;
|
|
}
|
|
|
|
if (isset($config['id_user'])) {
|
|
// Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora)
|
|
$assign = $config['id_user'];
|
|
} else {
|
|
$assign = $id_user;
|
|
}
|
|
|
|
if ($assignUser !== false) {
|
|
$assign = $assignUser;
|
|
}
|
|
|
|
$insert = [
|
|
'id_usuario' => $id_user,
|
|
'id_perfil' => $id_profile,
|
|
'id_grupo' => $id_group,
|
|
'tags' => $tags,
|
|
'assigned_by' => $assign,
|
|
'no_hierarchy' => $no_hierarchy ? 1 : 0,
|
|
];
|
|
|
|
return db_process_sql_insert('tusuario_perfil', $insert);
|
|
}
|
|
|
|
|
|
/**
|
|
* Delete user profile from database
|
|
*
|
|
* @param string User ID
|
|
* @param int Profile ID
|
|
*
|
|
* @return boolean Whether or not it's deleted
|
|
*/
|
|
function profile_delete_user_profile($id_user, $id_profile)
|
|
{
|
|
$where = [
|
|
'id_usuario' => $id_user,
|
|
'id_up' => $id_profile,
|
|
];
|
|
|
|
return (bool) db_process_sql_delete('tusuario_perfil', $where);
|
|
}
|
|
|
|
|
|
/**
|
|
* Delete profile from database (not user-profile link (tusuario_perfil), but the actual profile (tperfil))
|
|
*
|
|
* @param int Profile ID
|
|
*
|
|
* @return boolean Whether or not it's deleted
|
|
*/
|
|
function profile_delete_profile($id_profile)
|
|
{
|
|
return (bool) db_process_sql_delete('tperfil', ['id_perfil' => $id_profile]);
|
|
}
|
|
|
|
|
|
/**
|
|
* Delete profile from database and remove from the assigned users (tusuario_perfil)
|
|
*
|
|
* @param int Profile ID
|
|
*
|
|
* @return boolean Whether or not it's deleted in both tables
|
|
*/
|
|
function profile_delete_profile_and_clean_users($id_profile)
|
|
{
|
|
$profile_deletion = (bool) db_process_sql_delete('tperfil', ['id_perfil' => $id_profile]);
|
|
|
|
// Delete in tusuario_perfil only if is needed
|
|
if (!(bool) db_get_value('id_perfil', 'tusuario_perfil', 'id_perfil', $id_profile)) {
|
|
return $profile_deletion;
|
|
}
|
|
|
|
return $profile_deletion &&
|
|
(bool) db_process_sql_delete('tusuario_perfil', ['id_perfil' => $id_profile]);
|
|
}
|
|
|
|
|
|
/**
|
|
* Print the table to display, create and delete profiles
|
|
*
|
|
* @param int User id
|
|
* @param bool Show the tags select or not
|
|
*/
|
|
function profile_print_profile_table($id)
|
|
{
|
|
global $config;
|
|
|
|
$title = __('Profiles/Groups assigned to this user');
|
|
|
|
$table = new stdClass();
|
|
$table->id = 'table_profiles';
|
|
$table->width = '100%';
|
|
$table->class = 'info_table';
|
|
if (defined('METACONSOLE')) {
|
|
$table->head_colspan[0] = 0;
|
|
$table->width = '100%';
|
|
$table->class = 'databox_tactical data';
|
|
$table->title = $title;
|
|
} else {
|
|
echo '<div id="edit_user_profiles" class="white_box">';
|
|
echo '<h4><p class="edit_user_labels">'.$title.'</p></h4>';
|
|
}
|
|
|
|
$table->data = [];
|
|
$table->head = [];
|
|
$table->align = [];
|
|
$table->style = [];
|
|
if (!defined('METACONSOLE')) {
|
|
$table->style['name'] = 'font-weight: bold';
|
|
$table->style['group'] = 'font-weight: bold';
|
|
}
|
|
|
|
$table->head['name'] = __('Profile name');
|
|
$table->head['group'] = __('Group');
|
|
$table->head['tags'] = __('Tags');
|
|
$table->head['hierarchy'] = __('No hierarchy');
|
|
$table->head['actions'] = __('Action');
|
|
$table->align['actions'] = 'center';
|
|
|
|
if (users_is_admin()) {
|
|
$result = db_get_all_rows_filter(
|
|
'tusuario_perfil',
|
|
['id_usuario' => $id]
|
|
);
|
|
} else {
|
|
// Only profiles that can be viewed by the user.
|
|
$group_um = users_get_groups_UM($config['id_user']);
|
|
if (isset($group_um[0])) {
|
|
$group_um_string = implode(',', array_keys(users_get_groups($config['id_user'], 'um', true)));
|
|
} else {
|
|
$group_um_string = implode(',', array_keys($group_um));
|
|
}
|
|
|
|
$sql = sprintf(
|
|
"SELECT tusuario_perfil.* FROM tusuario_perfil
|
|
INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
|
|
WHERE id_usuario like '%s' AND id_grupo IN (%s)",
|
|
$id,
|
|
$group_um_string
|
|
);
|
|
|
|
$result = db_get_all_rows_sql($sql);
|
|
}
|
|
|
|
if ($result === false) {
|
|
$result = [];
|
|
}
|
|
|
|
foreach ($result as $profile) {
|
|
if ($profile['id_grupo'] == -1) {
|
|
continue;
|
|
}
|
|
|
|
$data = [];
|
|
|
|
$data['name'] = '<a href="index.php?sec='.$sec.'&sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.profile_get_name($profile['id_perfil']).'</a>';
|
|
$data['group'] = ui_print_group_icon($profile['id_grupo'], true);
|
|
|
|
if (!defined('METACONSOLE')) {
|
|
$data['group'] .= '<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id='.$profile['id_grupo'].'&pure='.$pure.'">';
|
|
}
|
|
|
|
$data['group'] .= ' '.ui_print_truncate_text(groups_get_name($profile['id_grupo'], true), GENERIC_SIZE_TEXT);
|
|
if (!defined('METACONSOLE')) {
|
|
$data['group'] .= '</a>';
|
|
}
|
|
|
|
if (empty($profile['tags'])) {
|
|
$data['tags'] = '';
|
|
} else {
|
|
$tags_ids = explode(',', $profile['tags']);
|
|
$tags = tags_get_tags($tags_ids);
|
|
$data['tags'] = tags_get_tags_formatted($tags);
|
|
}
|
|
|
|
$data['hierarchy'] = $profile['no_hierarchy'] ? __('Yes') : __('No');
|
|
|
|
$data['actions'] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
|
|
$data['actions'] .= html_print_input_hidden('delete_profile', 1, true);
|
|
$data['actions'] .= html_print_input_hidden('id_user_profile', $profile['id_up'], true);
|
|
$data['actions'] .= html_print_input_hidden('id_user', $id, true);
|
|
$data['actions'] .= html_print_input_image('del', 'images/cross.png', 1, '', true);
|
|
$data['actions'] .= '</form>';
|
|
|
|
array_push($table->data, $data);
|
|
}
|
|
|
|
$data = [];
|
|
|
|
$data['name'] = '<form method="post">';
|
|
if (check_acl($config['id_user'], 0, 'PM')) {
|
|
$data['name'] .= html_print_select(
|
|
profile_get_profiles(),
|
|
'assign_profile',
|
|
0,
|
|
'',
|
|
__('None'),
|
|
0,
|
|
true,
|
|
false,
|
|
false
|
|
);
|
|
} else {
|
|
$data['name'] .= html_print_select(
|
|
profile_get_profiles(
|
|
[
|
|
'pandora_management' => '<> 1',
|
|
'db_management' => '<> 1',
|
|
'user_management' => '<> 1',
|
|
]
|
|
),
|
|
'assign_profile',
|
|
0,
|
|
'',
|
|
__('None'),
|
|
0,
|
|
true,
|
|
false,
|
|
false
|
|
);
|
|
}
|
|
|
|
$data['group'] = html_print_select_groups(
|
|
$config['id_user'],
|
|
'UM',
|
|
users_can_manage_group_all('UM'),
|
|
'assign_group',
|
|
-1,
|
|
'',
|
|
__('None'),
|
|
-1,
|
|
true,
|
|
false,
|
|
false
|
|
);
|
|
|
|
$tags = tags_get_all_tags();
|
|
$data['tags'] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true);
|
|
|
|
$data['hierarchy'] = html_print_checkbox('no_hierarchy', 1, false, true);
|
|
|
|
$data['actions'] = html_print_input_image('add', 'images/add.png', 1, '', true);
|
|
$data['actions'] .= html_print_input_hidden('id', $id, true);
|
|
$data['actions'] .= html_print_input_hidden('add_profile', 1, true);
|
|
$data['actions'] .= '</form>';
|
|
|
|
array_push($table->data, $data);
|
|
|
|
html_print_table($table);
|
|
if (!is_metaconsole()) {
|
|
echo '</div>';
|
|
}
|
|
|
|
unset($table);
|
|
}
|
|
|
|
|
|
/**
|
|
* Delete user profile from database
|
|
*
|
|
* @param string User ID
|
|
* @param int Profile ID
|
|
* @param int Group ID
|
|
*
|
|
* @return boolean Whether or not it's deleted
|
|
*/
|
|
function profile_delete_user_profile_group($id_user, $id_profile, $id_group)
|
|
{
|
|
$where = [
|
|
'id_usuario' => $id_user,
|
|
'id_perfil' => $id_profile,
|
|
'id_grupo' => $id_group,
|
|
];
|
|
|
|
return (bool) db_process_sql_delete('tusuario_perfil', $where);
|
|
}
|