Beispiel #1
0
function graph_perms_edit($tab, $header_label)
{
    /* ================= input validation ================= */
    input_validate_input_number(get_request_var_request('id'));
    /* ==================================================== */
    $sql_where = '';
    $sql_join = '';
    $limit = '';
    $sql_having = '';
    $policy_array = array(1 => 'Allow', 2 => 'Deny');
    if (!empty($_REQUEST['id'])) {
        $policy = db_fetch_row_prepared('SELECT policy_graphs, policy_trees, policy_hosts, policy_graph_templates 
			FROM user_auth 
			WHERE id = ?', array(get_request_var_request('id')));
    } else {
        $policy = array('policy_graphs' => '1', 'policy_trees' => '1', 'policy_hosts' => '1', 'policy_graph_templates' => '1');
    }
    switch ($tab) {
        case 'permsg':
            process_graph_request_vars();
            graph_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Graph Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='even'>
			<td><table cellspacing="0" cellpadding="2"><tr>
			<td style="white-space:nowrap;" width="120">Default Graph Policy for this User</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_graphs', $policy_array, '', '', $policy['policy_graphs'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_admin.php?action=user_edit&tab=permsg&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $user = $_SESSION['sess_user_id'];
            if (read_config_option('graph_auth_method') == 1) {
                $sql_operator = 'OR';
            } else {
                $sql_operator = 'AND';
            }
            $limit = 'LIMIT ' . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            /* get policies for all groups and user */
            $policies = db_fetch_assoc_prepared("SELECT uag.id, 'group' AS type, uag.name, \n\t\t\tpolicy_graphs, policy_hosts, policy_graph_templates \n\t\t\tFROM user_auth_group AS uag\n\t\t\tINNER JOIN user_auth_group_members AS uagm\n\t\t\tON uag.id = uagm.group_id\n\t\t\tWHERE uag.enabled = 'on' AND uagm.user_id = ?", array($user));
            $policies[] = db_fetch_row_prepared("SELECT id, 'user' AS type, 'user' AS name, \n\t\t\tpolicy_graphs, policy_hosts, policy_graph_templates \n\t\t\tFROM user_auth WHERE id = ?", array($user));
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (gtg.title_cache LIKE '%%" . get_request_var_request('filter') . "%%' AND gtg.local_graph_id > 0)";
            } else {
                $sql_where = 'WHERE (gtg.local_graph_id > 0)';
            }
            if (get_request_var_request('graph_template_id') == '-1') {
                /* Show all items */
            } elseif (get_request_var_request('graph_template_id') == '0') {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' gtg.graph_template_id=0';
            } elseif (!empty($_REQUEST['graph_template_id'])) {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' gtg.graph_template_id=' . get_request_var_request('graph_template_id');
            }
            $i = 1;
            $user_perm = '';
            $sql_select = '';
            foreach ($policies as $policy) {
                if ($policy['type'] == 'user' && $user_perm == '') {
                    $user_perm = $i;
                }
                if (get_request_var_request('associated') == 'false') {
                    if ($policy['policy_graphs'] == 1) {
                        $sql_having .= (strlen($sql_having) ? ' OR' : '') . " (user{$i} IS NULL";
                    } else {
                        $sql_having .= (strlen($sql_having) ? ' OR' : '') . " (user{$i}=" . $policy['id'];
                    }
                }
                $sql_join .= 'LEFT JOIN user_auth_' . ($policy['type'] == 'user' ? '' : 'group_') . "perms AS uap{$i} ON (gl.id=uap{$i}.item_id AND uap{$i}.type=1) ";
                $sql_select .= (strlen($sql_select) ? ', ' : '') . "uap{$i}." . $policy['type'] . "_id AS user{$i}";
                $i++;
                if (get_request_var_request('associated') == 'false') {
                    if ($policy['policy_hosts'] == 1) {
                        $sql_having .= " OR (user{$i} IS NULL";
                    } else {
                        $sql_having .= " OR (user{$i}=" . $policy['id'];
                    }
                }
                $sql_join .= 'LEFT JOIN user_auth_' . ($policy['type'] == 'user' ? '' : 'group_') . "perms AS uap{$i} ON (gl.host_id=uap{$i}.item_id AND uap{$i}.type=3) ";
                $sql_select .= (strlen($sql_select) ? ', ' : '') . "uap{$i}." . $policy['type'] . "_id AS user{$i}";
                $i++;
                if (get_request_var_request('associated') == 'false') {
                    if ($policy['policy_graph_templates'] == 1) {
                        $sql_having .= " {$sql_operator} user{$i} IS NULL))";
                    } else {
                        $sql_having .= " {$sql_operator} user{$i}=" . $policy['id'] . '))';
                    }
                }
                $sql_join .= 'LEFT JOIN user_auth_' . ($policy['type'] == 'user' ? '' : 'group_') . "perms AS uap{$i} ON (gl.graph_template_id=uap{$i}.item_id AND uap{$i}.type=4) ";
                $sql_select .= (strlen($sql_select) ? ', ' : '') . "uap{$i}." . $policy['type'] . "_id AS user{$i}";
                $i++;
            }
            if (strlen($sql_having)) {
                $sql_having = 'HAVING ' . $sql_having;
            }
            $graphs = db_fetch_assoc("SELECT gtg.local_graph_id, h.description, gt.name AS template_name, \n\t\t\tgtg.title_cache, gtg.width, gtg.height, gl.snmp_index, gl.snmp_query_id,\n\t\t\t{$sql_select}\n\t\t\tFROM graph_templates_graph AS gtg \n\t\t\tINNER JOIN graph_local AS gl \n\t\t\tON gl.id = gtg.local_graph_id \n\t\t\tLEFT JOIN graph_templates AS gt \n\t\t\tON gt.id = gl.graph_template_id \n\t\t\tLEFT JOIN host AS h \n\t\t\tON h.id = gl.host_id \n\t\t\t{$sql_join}\n\t\t\t{$sql_where}\n\t\t\t{$sql_having}\n\t\t\tORDER BY gtg.title_cache\n\t\t\t{$limit}");
            $total_rows = db_fetch_cell("SELECT COUNT(*)\n\t\t\tFROM (\n\t\t\t\tSELECT {$sql_select}\n\t\t\t\tFROM graph_templates_graph AS gtg \n\t\t\t\tINNER JOIN graph_local AS gl \n\t\t\t\tON gl.id = gtg.local_graph_id \n\t\t\t\tLEFT JOIN graph_templates AS gt \n\t\t\t\tON gt.id = gl.graph_template_id \n\t\t\t\tLEFT JOIN host AS h \n\t\t\t\tON h.id = gl.host_id \n\t\t\t\t{$sql_join}\n\t\t\t\t{$sql_where}\n\t\t\t\t{$sql_having}\n\t\t\t) AS rows");
            //print '<pre>';print_r($graphs);print '</pre>';
            $nav = html_nav_bar('user_admin.php?action=user_edit&tab=permsg&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Graphs', 'page', 'main');
            print $nav;
            $display_text = array('Graph Title', 'ID', 'Effective Policy');
            html_header_checkbox($display_text, false);
            if (sizeof($graphs)) {
                foreach ($graphs as $g) {
                    form_alternate_row('line' . $g['local_graph_id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($g['title_cache'])) : htmlspecialchars($g['title_cache']), $g['local_graph_id']);
                    form_selectable_cell($g['local_graph_id'], $g['local_graph_id']);
                    form_selectable_cell(get_permission_string($g, $policies), $g['local_graph_id']);
                    form_checkbox_cell($g['title_cache'], $g['local_graph_id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Graphs Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'user_edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_graph', '1', '');
            if ($policy['policy_graphs'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
        case 'permsgr':
            process_group_request_vars();
            group_filter($header_label);
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE ((uag.name LIKE '%" . get_request_var_request('filter') . "%') OR (uag.description LIKE '%" . get_request_var_request('filter') . "%'))";
            } else {
                $sql_where = '';
            }
            if (get_request_var_request('associated') != 'false') {
                /* Show all items */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' uagm.user_id=' . get_request_var_request('id', 0);
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_admin.php?action=user_edit&tab=permsd&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("SELECT\n\t\t\tCOUNT(uag.id)\n\t\t\tFROM user_auth_group AS uag\n\t\t\tLEFT JOIN user_auth_group_members AS uagm\n\t\t\tON uag.id = uagm.group_id\n\t\t\t{$sql_where}");
            $sql_query = "SELECT uag.*, uagm.user_id\n\t\t\tFROM user_auth_group AS uag\n\t\t\tLEFT JOIN user_auth_group_members AS uagm\n\t\t\tON uag.id = uagm.group_id\n\t\t\t{$sql_where} \n\t\t\tORDER BY name\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $groups = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_admin.php?action=user_edit&tab=permsgr&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Devices', 'page', 'main');
            print $nav;
            $display_text = array('Name', 'Description', 'Member', 'ID', 'Policies (Graph/Device/Template)', 'Enabled');
            html_header_checkbox($display_text, false);
            if (sizeof($groups)) {
                foreach ($groups as $g) {
                    form_alternate_row('line' . $g['id'], true);
                    form_selectable_cell("<a class='linkEditMain' href='user_group_admin.php?action=edit&id=" . $g['id'] . "'>" . (strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($g['name'])) : htmlspecialchars($g['name'])) . '</a>', $g['id']);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($g['description'])) : htmlspecialchars($g['description']), $g['id']);
                    form_selectable_cell($g['user_id'] > 0 ? 'Member' : 'Non Member', $g['id']);
                    form_selectable_cell($g['id'], $g['id']);
                    form_selectable_cell(($g['policy_graphs'] == 1 ? 'ALLOW' : 'DENY') . '/' . ($g['policy_hosts'] == 1 ? 'ALLOW' : 'DENY') . '/' . ($g['policy_graph_templates'] == 1 ? 'ALLOW' : 'DENY'), $g['id']);
                    form_selectable_cell($g['enabled'] == 'on' ? 'Enabled' : 'Disabled', $g['id']);
                    form_checkbox_cell($g['name'], $g['id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching User Groups Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'user_edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_groups', '1', '');
            $assoc_actions = array(1 => 'Assign Membership', 2 => 'Remove Membership');
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
        case 'permsd':
            process_device_request_vars();
            device_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Device Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='even'>
			<td><table cellspacing="0" cellpadding="2"><tr>
			<td style="white-space:nowrap;" width="120">Default Device Policy for this User</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_hosts', $policy_array, '', '', $policy['policy_hosts'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (host.hostname LIKE '%%" . get_request_var_request('filter') . "%%' OR host.description LIKE '%%" . get_request_var_request('filter') . "%%')";
            } else {
                $sql_where = '';
            }
            if (get_request_var_request('host_template_id') == '-1') {
                /* Show all items */
            } elseif (get_request_var_request('host_template_id') == '0') {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' host.host_template_id=0';
            } elseif (!empty($_REQUEST['host_template_id'])) {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' host.host_template_id=' . get_request_var_request('host_template_id');
            }
            if (get_request_var_request('associated') == 'false') {
                /* Show all items */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' user_auth_perms.user_id=' . get_request_var_request('id', 0);
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_admin.php?action=user_edit&tab=permsd&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("SELECT\n\t\t\tCOUNT(host.id)\n\t\t\tFROM host\n\t\t\tLEFT JOIN user_auth_perms \n\t\t\tON (host.id = user_auth_perms.item_id AND user_auth_perms.type = 3)\n\t\t\t{$sql_where}");
            $host_graphs = array_rekey(db_fetch_assoc('SELECT host_id, count(*) as graphs FROM graph_local GROUP BY host_id'), 'host_id', 'graphs');
            $host_data_sources = array_rekey(db_fetch_assoc('SELECT host_id, count(*) as data_sources FROM data_local GROUP BY host_id'), 'host_id', 'data_sources');
            $sql_query = "SELECT host.*, user_auth_perms.user_id\n\t\t\tFROM host \n\t\t\tLEFT JOIN user_auth_perms \n\t\t\tON (host.id = user_auth_perms.item_id AND user_auth_perms.type = 3)\n\t\t\t{$sql_where} \n\t\t\tORDER BY description\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $hosts = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_admin.php?action=user_edit&tab=permsd&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Devices', 'page', 'main');
            print $nav;
            $display_text = array('Description', 'ID', 'Effective Policy', 'Graphs', 'Data Sources', 'Status', 'Hostname');
            html_header_checkbox($display_text, false);
            if (sizeof($hosts)) {
                foreach ($hosts as $host) {
                    form_alternate_row('line' . $host['id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($host['description'])) : htmlspecialchars($host['description']), $host['id']);
                    form_selectable_cell(round($host['id'], 2), $host['id']);
                    if (empty($host['user_id']) || $host['user_id'] == NULL) {
                        if ($policy['policy_hosts'] == 1) {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $host['id']);
                        } else {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $host['id']);
                        }
                    } else {
                        if ($policy['policy_hosts'] == 1) {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $host['id']);
                        } else {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $host['id']);
                        }
                    }
                    form_selectable_cell(isset($host_graphs[$host['id']]) ? $host_graphs[$host['id']] : 0, $host['id']);
                    form_selectable_cell(isset($host_data_sources[$host['id']]) ? $host_data_sources[$host['id']] : 0, $host['id']);
                    form_selectable_cell(get_colored_device_status($host['disabled'] == 'on' ? true : false, $host['status']), $host['id']);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($host['hostname'])) : htmlspecialchars($host['hostname']), $host['id']);
                    form_checkbox_cell($host['description'], $host['id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Devices Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'user_edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_host', '1', '');
            if ($policy['policy_hosts'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
        case 'permste':
            process_template_request_vars();
            template_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Graph Template Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='even'>
			<td><table cellspacing="0" cellpadding="2"><tr>
			<td style="white-space:nowrap;" width="120">Default Graph Template Policy for this User</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_graph_templates', $policy_array, '', '', $policy['policy_graph_templates'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (gt.name LIKE '%%" . get_request_var_request('filter') . "%%')";
            } else {
                $sql_where = '';
            }
            if (get_request_var_request('associated') == 'false') {
                /* Show all items */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' (user_auth_perms.type=4 AND user_auth_perms.user_id=' . get_request_var_request('id', 0) . ')';
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_admin.php?action=user_edit&tab=permste&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("SELECT\n\t\t\tCOUNT(gt.id)\n\t\t\tFROM graph_templates AS gt\n\t\t\tINNER JOIN graph_local AS gl\n\t\t\tON gt.id = gl.graph_template_id\n\t\t\tLEFT JOIN user_auth_perms \n\t\t\tON (gt.id = user_auth_perms.item_id AND user_auth_perms.type = 4)\n\t\t\t{$sql_where}\n\t\t\tGROUP BY gl.graph_template_id");
            $sql_query = "SELECT gt.id, gt.name, count(*) AS totals, user_auth_perms.user_id\n\t\t\tFROM graph_templates AS gt\n\t\t\tINNER JOIN graph_local AS gl\n\t\t\tON gt.id = gl.graph_template_id\n\t\t\tLEFT JOIN user_auth_perms \n\t\t\tON (gt.id = user_auth_perms.item_id AND user_auth_perms.type = 4)\n\t\t\t{$sql_where} \n\t\t\tGROUP BY gl.graph_template_id\n\t\t\tORDER BY name\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $graphs = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_admin.php?action=user_edit&tab=permste&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Graph Templates', 'page', 'main');
            print $nav;
            $display_text = array('Template Name', 'ID', 'Effective Policy', 'Total Graphs');
            html_header_checkbox($display_text, false);
            if (sizeof($graphs)) {
                foreach ($graphs as $g) {
                    form_alternate_row('line' . $g['id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($g['name'])) : htmlspecialchars($g['name']), $g['id']);
                    form_selectable_cell($g['id'], $g['id']);
                    if (empty($g['user_id']) || $g['user_id'] == NULL) {
                        if ($policy['policy_graph_templates'] == 1) {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $g['id']);
                        } else {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $g['id']);
                        }
                    } else {
                        if ($policy['policy_graph_templates'] == 1) {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $g['id']);
                        } else {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $g['id']);
                        }
                    }
                    form_selectable_cell($g['totals'], $g['id']);
                    form_checkbox_cell($g['name'], $g['id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Graph Templates Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'user_edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_template', '1', '');
            if ($policy['policy_graph_templates'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
        case 'permstr':
            process_tree_request_vars();
            tree_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Tree Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='even'>
			<td><table cellspacing="0" cellpadding="2"><tr>
			<td style="white-space:nowrap;" width="120">Default Tree Policy for this User</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_trees', $policy_array, '', '', $policy['policy_trees'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (gt.name LIKE '%%" . get_request_var_request('filter') . "%%')";
            } else {
                $sql_where = '';
            }
            if (get_request_var_request('associated') == 'false') {
                /* showing all rows */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' (user_auth_perms.type=2 AND user_auth_perms.user_id=' . get_request_var_request('id', 0) . ')';
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_admin.php?action=user_edit&tab=permstr&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("SELECT\n\t\t\tCOUNT(gt.id)\n\t\t\tFROM graph_tree AS gt\n\t\t\tLEFT JOIN user_auth_perms \n\t\t\tON (gt.id = user_auth_perms.item_id AND user_auth_perms.type = 2)\n\t\t\t{$sql_where}");
            $sql_query = "SELECT gt.id, gt.name, user_auth_perms.user_id\n\t\t\tFROM graph_tree AS gt\n\t\t\tLEFT JOIN user_auth_perms \n\t\t\tON (gt.id = user_auth_perms.item_id AND user_auth_perms.type = 2)\n\t\t\t{$sql_where} \n\t\t\tORDER BY name\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $trees = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_admin.php?action=user_edit&tab=permstr&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Trees', 'page', 'main');
            print $nav;
            $display_text = array('Tree Name', 'ID', 'Effective Policy');
            html_header_checkbox($display_text, false);
            if (sizeof($trees)) {
                foreach ($trees as $t) {
                    form_alternate_row('line' . $t['id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($t['name'])) : htmlspecialchars($t['name']), $t['id']);
                    form_selectable_cell($t['id'], $t['id']);
                    if (empty($t['user_id']) || $t['user_id'] == NULL) {
                        if ($policy['policy_graphs'] == 1) {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $t['id']);
                        } else {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $t['id']);
                        }
                    } else {
                        if ($policy['policy_graphs'] == 1) {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $t['id']);
                        } else {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $t['id']);
                        }
                    }
                    form_checkbox_cell($t['name'], $t['id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Trees Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'user_edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_tree', '1', '');
            if ($policy['policy_graph_templates'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
    }
}
Beispiel #2
0
function user_group_graph_perms_edit($tab, $header_label)
{
    global $config, $assoc_actions;
    /* ================= input validation ================= */
    input_validate_input_number(get_request_var_request('id'));
    /* ==================================================== */
    $policy_array = array(1 => 'Allow', 2 => 'Deny');
    if (!empty($_REQUEST['id'])) {
        $policy = db_fetch_row_prepared('SELECT policy_graphs, policy_trees, policy_hosts, policy_graph_templates FROM user_auth_group WHERE id = ?', array(get_request_var_request('id')));
    }
    switch ($tab) {
        case 'permsg':
            process_graph_request_vars();
            graph_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_group_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Graph Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='odd'>
			<td><table cellpadding="2" cellspacing="0"><tr>
			<td style="white-space:nowrap;" width="120">Default Graph policy for this User Group</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_graphs', $policy_array, '', '', $policy['policy_graphs'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (gtg.title_cache LIKE '%%" . get_request_var_request('filter') . "%%' AND gtg.local_graph_id>0)";
            } else {
                $sql_where = 'WHERE (gtg.local_graph_id>0)';
            }
            if (get_request_var_request('graph_template_id') == '-1') {
                /* Show all items */
            } elseif (get_request_var_request('graph_template_id') == '0') {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' gtg.graph_template_id=0';
            } elseif (!empty($_REQUEST['graph_template_id'])) {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' gtg.graph_template_id=' . get_request_var_request('graph_template_id');
            }
            if (get_request_var_request('associated') == 'false') {
                /* Show all items */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' (user_auth_group_perms.type=1 AND user_auth_group_perms.group_id=' . get_request_var_request('id', 0) . ')';
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_group_admin.php?action=edit&tab=permsg&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("select\n\t\t\tCOUNT(gtg.id)\n\t\t\tFROM graph_templates_graph AS gtg\n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (gtg.local_graph_id = user_auth_group_perms.item_id AND user_auth_group_perms.type = 1)\n\t\t\t{$sql_where}");
            $sql_query = "SELECT gtg.local_graph_id, gtg.title_cache, user_auth_group_perms.group_id\n\t\t\tFROM graph_templates_graph AS gtg\n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (gtg.local_graph_id=user_auth_group_perms.item_id AND user_auth_group_perms.type=1)\n\t\t\t{$sql_where} \n\t\t\tORDER BY title_cache\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $graphs = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_group_admin.php?action=edit&tab=permsg&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 7, 'Graphs', 'page', 'main');
            print $nav;
            $display_text = array('Graph Title', 'ID', 'Effective Policy');
            html_header_checkbox($display_text, false);
            if (sizeof($graphs)) {
                foreach ($graphs as $g) {
                    form_alternate_row('line' . $g['local_graph_id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($g['title_cache'])) : htmlspecialchars($g['title_cache']), $g['local_graph_id'], 250);
                    form_selectable_cell($g['local_graph_id'], $g['local_graph_id']);
                    if (empty($g['group_id']) || $g['group_id'] == NULL) {
                        if ($policy['policy_graphs'] == 1) {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $g['local_graph_id']);
                        } else {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $g['local_graph_id']);
                        }
                    } else {
                        if ($policy['policy_graphs'] == 1) {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $g['local_graph_id']);
                        } else {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $g['local_graph_id']);
                        }
                    }
                    form_checkbox_cell($g['title_cache'], $g['local_graph_id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Graphs Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_graph', '1', '');
            if ($policy['policy_graphs'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
        case 'permsd':
            process_device_request_vars();
            device_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_group_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Device Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='even'>
			<td><table cellspacing="0" cellpadding="2"><tr>
			<td style="white-space:nowrap;" width="120">Default Graph policy for this User Group</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_hosts', $policy_array, '', '', $policy['policy_hosts'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (host.hostname LIKE '%%" . get_request_var_request('filter') . "%%' OR host.description LIKE '%%" . get_request_var_request('filter') . "%%')";
            } else {
                $sql_where = '';
            }
            if (get_request_var_request('host_template_id') == '-1') {
                /* Show all items */
            } elseif (get_request_var_request('host_template_id') == '0') {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' host.host_template_id=0';
            } elseif (!empty($_REQUEST['host_template_id'])) {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' host.host_template_id=' . get_request_var_request('host_template_id');
            }
            if (get_request_var_request('associated') == 'false') {
                /* Show all items */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' user_auth_group_perms.group_id=' . get_request_var_request('id', 0);
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_group_admin.php?action=edit&tab=permsd&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("SELECT\n\t\t\tCOUNT(host.id)\n\t\t\tFROM host\n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (host.id = user_auth_group_perms.item_id AND user_auth_group_perms.type = 3)\n\t\t\t{$sql_where}");
            $host_graphs = array_rekey(db_fetch_assoc('SELECT host_id, count(*) AS graphs FROM graph_local GROUP BY host_id'), 'host_id', 'graphs');
            $host_data_sources = array_rekey(db_fetch_assoc('SELECT host_id, count(*) AS data_sources FROM data_local GROUP BY host_id'), 'host_id', 'data_sources');
            $sql_query = "SELECT host.*, user_auth_group_perms.group_id\n\t\t\tFROM host \n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (host.id=user_auth_group_perms.item_id AND user_auth_group_perms.type=3)\n\t\t\t{$sql_where} \n\t\t\tORDER BY description\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $hosts = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_group_admin.php?action=edit&tab=permsd&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Devices', 'page', 'main');
            print $nav;
            $display_text = array('Description', 'ID', 'Effective Policy', 'Graphs', 'Data Sources', 'Status', 'Hostname');
            html_header_checkbox($display_text, false);
            if (sizeof($hosts)) {
                foreach ($hosts as $host) {
                    form_alternate_row('line' . $host['id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($host['description'])) : htmlspecialchars($host['description']), $host['id'], 250);
                    form_selectable_cell(round($host['id'], 2), $host['id']);
                    if (empty($host['group_id']) || $host['group_id'] == NULL) {
                        if ($policy['policy_hosts'] == 1) {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $host['id']);
                        } else {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $host['id']);
                        }
                    } else {
                        if ($policy['policy_hosts'] == 1) {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $host['id']);
                        } else {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $host['id']);
                        }
                    }
                    form_selectable_cell(isset($host_graphs[$host['id']]) ? $host_graphs[$host['id']] : 0, $host['id']);
                    form_selectable_cell(isset($host_data_sources[$host['id']]) ? $host_data_sources[$host['id']] : 0, $host['id']);
                    form_selectable_cell(get_colored_device_status($host['disabled'] == 'on' ? true : false, $host['status']), $host['id']);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($host['hostname'])) : htmlspecialchars($host['hostname']), $host['id']);
                    form_checkbox_cell($host['description'], $host['id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Devices Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_host', '1', '');
            if ($policy['policy_hosts'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print "</form>\n";
            break;
        case 'permste':
            process_template_request_vars();
            template_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_group_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Graph Template Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='even'>
			<td><table cellspacing="0" cellpadding="2"><tr>
			<td style="white-space:nowrap;" width="120">Default Graph Template Template policy for this User Group</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_graph_templates', $policy_array, '', '', $policy['policy_graph_templates'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (gt.name LIKE '%%" . get_request_var_request('filter') . "%%')";
            } else {
                $sql_where = '';
            }
            if (get_request_var_request('associated') == 'false') {
                /* Show all items */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' (user_auth_group_perms.type=4 AND user_auth_group_perms.group_id=' . get_request_var_request('id', 0) . ')';
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_group_admin.php?action=edit&tab=permste&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("SELECT\n\t\t\tCOUNT(gt.id)\n\t\t\tFROM graph_templates AS gt\n\t\t\tINNER JOIN graph_local AS gl\n\t\t\tON gt.id = gl.graph_template_id\n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (gt.id = user_auth_group_perms.item_id AND user_auth_group_perms.type = 4)\n\t\t\t{$sql_where}\n\t\t\tGROUP BY gl.graph_template_id");
            $sql_query = "SELECT gt.id, gt.name, count(*) AS totals, user_auth_group_perms.group_id\n\t\t\tFROM graph_templates AS gt\n\t\t\tINNER JOIN graph_local AS gl\n\t\t\tON gt.id = gl.graph_template_id\n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (gt.id = user_auth_group_perms.item_id AND user_auth_group_perms.type = 4)\n\t\t\t{$sql_where} \n\t\t\tGROUP BY gl.graph_template_id\n\t\t\tORDER BY name\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $graphs = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_group_admin.php?action=edit&tab=permste&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Graph Templates', 'page', 'main');
            print $nav;
            $display_text = array('Template Name', 'ID', 'Effective Policy', 'Total Graphs');
            html_header_checkbox($display_text, false);
            if (sizeof($graphs)) {
                foreach ($graphs as $g) {
                    form_alternate_row('line' . $g['id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($g['name'])) : htmlspecialchars($g['name']), $g['id'], 250);
                    form_selectable_cell($g['id'], $g['id']);
                    if (empty($g['group_id']) || $g['group_id'] == NULL) {
                        if ($policy['policy_graph_templates'] == 1) {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $g['id']);
                        } else {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $g['id']);
                        }
                    } else {
                        if ($policy['policy_graph_templates'] == 1) {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $g['id']);
                        } else {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $g['id']);
                        }
                    }
                    form_selectable_cell($g['totals'], $g['id']);
                    form_checkbox_cell($g['name'], $g['id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Graph Templates Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_template', '1', '');
            if ($policy['policy_graph_templates'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
        case 'permstr':
            process_tree_request_vars();
            tree_filter($header_label);
            /* print checkbox form for validation */
            print "<form name='policy' method='post' action='user_group_admin.php'>\n";
            /* box: device permissions */
            html_start_box('<strong>Default Tree Policy</strong>', '100%', '', '3', 'center', '');
            ?>
		<tr class='even'>
			<td><table cellspacing="0" cellpadding="2"><tr>
			<td style="white-space:nowrap;" width="120">Default Tree policy for this User Group</td>
			<td width="10"> 
				<?php 
            form_dropdown('policy_trees', $policy_array, '', '', $policy['policy_trees'], '', '');
            ?>
			</td>
			<td>
				<input type="submit" name="update_policy" value="Update">
				<input type="hidden" name="tab" value="<?php 
            print $tab;
            ?>
">
				<input type="hidden" name="id" value="<?php 
            print get_request_var_request('id');
            ?>
">
			</td>
			</tr></table></td>
		</tr>
		<?php 
            html_end_box();
            print "</form>\n";
            /* if the number of rows is -1, set it to the default */
            if ($_REQUEST['rows'] == -1) {
                $rows = read_config_option('num_rows_table');
            } else {
                $rows = $_REQUEST['rows'];
            }
            /* form the 'where' clause for our main sql query */
            if (strlen(get_request_var_request('filter'))) {
                $sql_where = "WHERE (gt.name LIKE '%%" . get_request_var_request('filter') . "%%')";
            } else {
                $sql_where = '';
            }
            if (get_request_var_request('associated') == 'false') {
                /* Show all items */
            } else {
                $sql_where .= (strlen($sql_where) ? ' AND ' : 'WHERE ') . ' (user_auth_group_perms.type=2 AND user_auth_group_perms.group_id=' . get_request_var_request('id', 0) . ')';
            }
            /* print checkbox form for validation */
            print "<form name='chk' method='post' action='" . htmlspecialchars('user_group_admin.php?action=edit&tab=permstr&id=' . get_request_var_request('id')) . "'>\n";
            html_start_box('', '100%', '', '3', 'center', '');
            $total_rows = db_fetch_cell("SELECT\n\t\t\tCOUNT(gt.id)\n\t\t\tFROM graph_tree AS gt\n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (gt.id = user_auth_group_perms.item_id AND user_auth_group_perms.type = 2)\n\t\t\t{$sql_where}");
            $sql_query = "SELECT gt.id, gt.name, user_auth_group_perms.group_id\n\t\t\tFROM graph_tree AS gt\n\t\t\tLEFT JOIN user_auth_group_perms \n\t\t\tON (gt.id = user_auth_group_perms.item_id AND user_auth_group_perms.type = 2)\n\t\t\t{$sql_where} \n\t\t\tORDER BY name\n\t\t\tLIMIT " . $rows * (get_request_var_request('page') - 1) . ',' . $rows;
            $trees = db_fetch_assoc($sql_query);
            $nav = html_nav_bar('user_group_admin.php?action=edit&tab=permstr&id=' . get_request_var_request('id'), MAX_DISPLAY_PAGES, get_request_var_request('page'), $rows, $total_rows, 11, 'Trees', 'page', 'main');
            print $nav;
            $display_text = array('Tree Name', 'ID', 'Effective Policy');
            html_header_checkbox($display_text, false);
            if (sizeof($trees)) {
                foreach ($trees as $t) {
                    form_alternate_row('line' . $t['id'], true);
                    form_selectable_cell(strlen(get_request_var_request('filter')) ? preg_replace('/(' . preg_quote(get_request_var_request('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", htmlspecialchars($t['name'])) : htmlspecialchars($t['name']), $t['id'], 250);
                    form_selectable_cell($t['id'], $t['id']);
                    if (empty($t['group_id']) || $t['group_id'] == NULL) {
                        if ($policy['policy_trees'] == 1) {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $t['id']);
                        } else {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $t['id']);
                        }
                    } else {
                        if ($policy['policy_trees'] == 1) {
                            form_selectable_cell('<span style="color:red;font-weight:bold;">Access Restricted</span>', $t['id']);
                        } else {
                            form_selectable_cell('<span style="color:green;font-weight:bold;">Access Granted</span>', $t['id']);
                        }
                    }
                    form_checkbox_cell($t['name'], $t['id']);
                    form_end_row();
                }
                /* put the nav bar on the bottom as well */
                print $nav;
            } else {
                print '<tr><td><em>No Matching Trees Found</em></td></tr>';
            }
            html_end_box(false);
            form_hidden_box('action', 'edit', '');
            form_hidden_box('tab', $tab, '');
            form_hidden_box('id', get_request_var_request('id'), '');
            form_hidden_box('associate_tree', '1', '');
            if ($policy['policy_graph_templates'] == 1) {
                $assoc_actions = array(1 => 'Revoke Access', 2 => 'Grant Access');
            } else {
                $assoc_actions = array(1 => 'Grant Access', 2 => 'Revoke Access');
            }
            /* draw the dropdown containing a list of available actions for this form */
            draw_actions_dropdown($assoc_actions);
            print '</form>';
            break;
    }
}