397 lines
11 KiB
PHP
Executable File
397 lines
11 KiB
PHP
Executable File
<?php
|
|
/**
|
|
* Pandora FMS API Checker Extension.
|
|
*
|
|
* @category API
|
|
* @package Pandora FMS
|
|
* @subpackage Extensions
|
|
* @version 1.0.0
|
|
* @license See below
|
|
*
|
|
* ______ ___ _______ _______ ________
|
|
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
|
|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
|
|
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
|
|
*
|
|
* ============================================================================
|
|
* Copyright (c) 2005-2022 Artica Soluciones Tecnologicas
|
|
* Please see http://pandorafms.org for full contribution list
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation for version 2.
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
* ============================================================================
|
|
*/
|
|
|
|
// Begin.
|
|
|
|
|
|
/**
|
|
* Api Execution.
|
|
*
|
|
* @param string $url Url.
|
|
* @param string $ip Ip.
|
|
* @param string $pandora_url Pandora_url.
|
|
* @param string $apipass Apipass.
|
|
* @param string $user User.
|
|
* @param string $password Password.
|
|
* @param string $op Op.
|
|
* @param string $op2 Op2.
|
|
* @param string $id Id.
|
|
* @param string $id2 Id2.
|
|
* @param string $return_type Return_type.
|
|
* @param string $other Other.
|
|
* @param string $other_mode Other_mode.
|
|
* @param string $token Token.
|
|
*
|
|
* @return array.
|
|
*/
|
|
function api_execute(
|
|
string $url,
|
|
string $ip,
|
|
string $pandora_url,
|
|
string $apipass,
|
|
string $user,
|
|
string $password,
|
|
string $op,
|
|
string $op2,
|
|
string $id='',
|
|
string $id2='',
|
|
string $return_type='',
|
|
string $other='',
|
|
string $other_mode='',
|
|
string $token=''
|
|
) {
|
|
$data = [];
|
|
|
|
if (empty($url) === true) {
|
|
$url = 'http://'.$ip.$pandora_url.'/include/api.php?';
|
|
|
|
if (empty($op) === false) {
|
|
$data['op'] = $op;
|
|
}
|
|
|
|
if (empty($op2) === false) {
|
|
$data['op2'] = $op2;
|
|
}
|
|
|
|
if (empty($id) === false) {
|
|
$data['id'] = $id;
|
|
}
|
|
|
|
if (empty($id2) === false) {
|
|
$data['id2'] = $id2;
|
|
}
|
|
|
|
if (empty($return_type) === false) {
|
|
$data['return_type'] = $return_type;
|
|
}
|
|
|
|
if (empty($other) === false) {
|
|
$data['other_mode'] = $other_mode;
|
|
$data['other'] = $other;
|
|
}
|
|
|
|
// If token is not reported,use old method.
|
|
if (empty($token) === true) {
|
|
$data['apipass'] = $apipass;
|
|
$data['user'] = $user;
|
|
$data['password'] = $password;
|
|
}
|
|
}
|
|
|
|
$url_protocol = parse_url($url)['scheme'];
|
|
|
|
if ($url_protocol !== 'http' && $url_protocol !== 'https') {
|
|
return [
|
|
'url' => $url,
|
|
'result' => '',
|
|
];
|
|
}
|
|
|
|
$curlObj = curl_init($url);
|
|
if (empty($data) === false) {
|
|
$url .= http_build_query($data);
|
|
}
|
|
|
|
// set the content type json
|
|
$headers = [
|
|
'Content-Type: application/json',
|
|
'Authorization: Bearer '.$token,
|
|
];
|
|
|
|
curl_setopt($curlObj, CURLOPT_URL, $url);
|
|
curl_setopt($curlObj, CURLOPT_HTTPHEADER, $headers);
|
|
curl_setopt($curlObj, CURLOPT_RETURNTRANSFER, true);
|
|
$result = curl_exec($curlObj);
|
|
curl_close($curlObj);
|
|
|
|
return [
|
|
'url' => $url,
|
|
'result' => $result,
|
|
];
|
|
}
|
|
|
|
|
|
/**
|
|
* Perform API Checker
|
|
*
|
|
* @return void.
|
|
*/
|
|
function extension_api_checker()
|
|
{
|
|
global $config;
|
|
|
|
check_login();
|
|
|
|
if ((bool) check_acl($config['id_user'], 0, 'PM') === false) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_ACL_VIOLATION,
|
|
'Trying to access Profile Management'
|
|
);
|
|
include 'general/noaccess.php';
|
|
return;
|
|
}
|
|
|
|
$url = io_safe_output(get_parameter('url', ''));
|
|
|
|
$ip = io_safe_output(get_parameter('ip', '127.0.0.1'));
|
|
$pandora_url = io_safe_output(get_parameter('pandora_url', $config['homeurl_static']));
|
|
$apipass = io_safe_output(get_parameter('apipass', ''));
|
|
$user = io_safe_output(get_parameter('user', $config['id_user']));
|
|
$password = io_safe_output(get_parameter('password', ''));
|
|
|
|
$op = io_safe_output(get_parameter('op', 'get'));
|
|
$op2 = io_safe_output(get_parameter('op2', 'test'));
|
|
$id = io_safe_output(get_parameter('id', ''));
|
|
$id2 = io_safe_output(get_parameter('id2', ''));
|
|
$return_type = io_safe_output(get_parameter('return_type', ''));
|
|
$other = io_safe_output(get_parameter('other', ''));
|
|
$other_mode = io_safe_output(get_parameter('other_mode', 'url_encode_separator_|'));
|
|
$token = get_parameter('token');
|
|
|
|
$api_execute = (bool) get_parameter('api_execute', false);
|
|
|
|
$return_call_api = '';
|
|
if ($api_execute === true) {
|
|
$return_call_api = api_execute(
|
|
$url,
|
|
$ip,
|
|
$pandora_url,
|
|
$apipass,
|
|
$user,
|
|
$password,
|
|
$op,
|
|
$op2,
|
|
urlencode($id),
|
|
urlencode($id2),
|
|
$return_type,
|
|
urlencode($other),
|
|
$other_mode,
|
|
$token
|
|
);
|
|
}
|
|
|
|
// Header.
|
|
ui_print_standard_header(
|
|
__('Extensions'),
|
|
'images/extensions.png',
|
|
false,
|
|
'',
|
|
true,
|
|
[],
|
|
[
|
|
[
|
|
'link' => '',
|
|
'label' => __('Admin tools'),
|
|
],
|
|
[
|
|
'link' => '',
|
|
'label' => __('Extension manager'),
|
|
],
|
|
[
|
|
'link' => '',
|
|
'label' => __('API checker'),
|
|
],
|
|
]
|
|
);
|
|
|
|
$table = new stdClass();
|
|
$table->width = '100%';
|
|
$table->class = 'databox filters filter-table-adv';
|
|
$table->size[0] = '50%';
|
|
$table->size[1] = '50%';
|
|
$table->data = [];
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('IP'),
|
|
html_print_input_text('ip', $ip, '', 50, 255, true)
|
|
);
|
|
|
|
$row[] = html_print_label_input_block(
|
|
__('%s Console URL', get_product_name()),
|
|
html_print_input_text('pandora_url', $pandora_url, '', 50, 255, true)
|
|
);
|
|
$table->data[] = $row;
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('API Token').ui_print_help_tip(__('Use API Token instead API Pass, User and Password.'), true),
|
|
html_print_input_text('token', $token, '', 50, 255, true)
|
|
);
|
|
|
|
$row[] = html_print_label_input_block(
|
|
__('API Pass'),
|
|
html_print_input_password('apipass', $apipass, '', 50, 255, true)
|
|
);
|
|
$table->data[] = $row;
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('User'),
|
|
html_print_input_text('user', $user, '', 50, 255, true)
|
|
);
|
|
|
|
$row[] = html_print_label_input_block(
|
|
__('Password'),
|
|
html_print_input_password('password', $password, '', 50, 255, true)
|
|
);
|
|
$table->data[] = $row;
|
|
|
|
$table2 = new stdClass();
|
|
$table2->width = '100%';
|
|
$table2->class = 'databox filters filter-table-adv';
|
|
$table2->size[0] = '50%';
|
|
$table2->size[1] = '50%';
|
|
$table2->data = [];
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('Action (get or set)'),
|
|
html_print_input_text('op', $op, '', 50, 255, true)
|
|
);
|
|
|
|
$row[] = html_print_label_input_block(
|
|
__('Operation'),
|
|
html_print_input_text('op2', $op2, '', 50, 255, true)
|
|
);
|
|
$table2->data[] = $row;
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('ID'),
|
|
html_print_input_text('id', $id, '', 50, 255, true)
|
|
);
|
|
|
|
$row[] = html_print_label_input_block(
|
|
__('ID 2'),
|
|
html_print_input_text('id2', $id2, '', 50, 255, true)
|
|
);
|
|
$table2->data[] = $row;
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('Return Type'),
|
|
html_print_input_text('return_type', $return_type, '', 50, 255, true)
|
|
);
|
|
|
|
$row[] = html_print_label_input_block(
|
|
__('Other'),
|
|
html_print_input_text('other', $other, '', 50, 255, true)
|
|
);
|
|
$table2->data[] = $row;
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('Other Mode'),
|
|
html_print_input_text('other_mode', $other_mode, '', 50, 255, true)
|
|
);
|
|
$table2->data[] = $row;
|
|
|
|
$table3 = new stdClass();
|
|
$table3->width = '100%';
|
|
$table3->class = 'databox filters filter-table-adv';
|
|
$table3->size[0] = '50%';
|
|
$table3->size[1] = '50%';
|
|
$table3->data = [];
|
|
|
|
$row = [];
|
|
$row[] = html_print_label_input_block(
|
|
__('Raw URL'),
|
|
html_print_input_text('url', $url, '', 50, 2048, true)
|
|
);
|
|
$table3->data[] = $row;
|
|
|
|
echo "<form method='post' class='max_floating_element_size'>";
|
|
echo '<fieldset class="mrgn_btn_10px">';
|
|
echo '<legend>'.__('Credentials').'</legend>';
|
|
html_print_table($table);
|
|
echo '</fieldset>';
|
|
|
|
echo '<fieldset class="mrgn_btn_10px">';
|
|
echo '<legend>'.__('Call parameters').' '.ui_print_help_tip(__('Action: get Operation: module_last_value id: 63'), true).'</legend>';
|
|
html_print_table($table2);
|
|
echo '</fieldset>';
|
|
echo "<div class='right'>";
|
|
echo '</div>';
|
|
|
|
echo '<fieldset class="mrgn_btn_10px">';
|
|
echo '<legend>'.__('Custom URL').'</legend>';
|
|
html_print_table($table3);
|
|
echo '</fieldset>';
|
|
|
|
html_print_input_hidden('api_execute', 1);
|
|
|
|
html_print_action_buttons(
|
|
html_print_submit_button(
|
|
__('Call'),
|
|
'submit',
|
|
false,
|
|
[ 'icon' => 'next' ],
|
|
true
|
|
)
|
|
);
|
|
|
|
echo '</form>';
|
|
|
|
if ($api_execute === true) {
|
|
echo '<fieldset class="mrgn_0px mrgn_btn_10px pdd_15px" style="max-width: 1122px;">';
|
|
echo '<legend>'.__('Result').'</legend>';
|
|
echo html_print_label_input_block(
|
|
__('URL'),
|
|
html_print_input_password('url', $return_call_api['url'], '', 150, 255, true, true, false, 'mrgn_top_10px'),
|
|
['label_class' => 'font-title-font']
|
|
);
|
|
echo '<br />';
|
|
echo html_print_label_input_block(
|
|
__('Result'),
|
|
html_print_textarea('result', 30, 20, $return_call_api['result'], 'readonly="readonly"', true, 'w100p mrgn_top_10px'),
|
|
['label_class' => 'font-title-font']
|
|
);
|
|
echo '</fieldset>';
|
|
}
|
|
?>
|
|
<script>
|
|
function show_url() {
|
|
if ($("#password-url").attr('type') == 'password') {
|
|
$("#password-url").attr('type', 'text');
|
|
$("#show_icon").attr('title', '<?php echo __('Hide URL'); ?>');
|
|
}
|
|
else {
|
|
$("#password-url").attr('type', 'password');
|
|
$("#show_icon").attr('title', '<?php echo __('Show URL'); ?>');
|
|
}
|
|
}
|
|
</script>
|
|
<?php
|
|
}
|
|
|
|
|
|
extensions_add_godmode_function('extension_api_checker');
|
|
extensions_add_godmode_menu_option(__('API checker'), 'PM', 'gextensions', null, 'v1r1');
|
|
|