<?php /** * Observium * * This file is part of Observium. * * @package observium * @subpackage graphs * @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited * */ if (is_numeric($vars['id'])) { $sensor = dbFetchRow("SELECT * FROM `sensors` WHERE `sensor_id` = ?", array($vars['id'])); if (is_numeric($sensor['device_id']) && ($auth || is_entity_permitted($sensor['sensor_id'], 'sensor') || device_permitted($sensor['device_id']))) { $device = device_by_id_cache($sensor['device_id']); $rrd_filename = get_rrd_path($device, get_sensor_rrd($device, $sensor)); $title = generate_device_link($device); $title .= " :: Sensors :: "; $auth = TRUE; } } // EOF
<?php /** * Observium * * This file is part of Observium. * * @package observium * @subpackage graphs * @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited * */ //include_once($config['html_dir']."/includes/graphs/common.inc.php"); foreach (dbFetchRows("SELECT * FROM `sensors` WHERE `sensor_class` = ? AND `device_id` = ? ORDER BY `sensor_index`", array($class, $device['device_id'])) as $sensor) { $rrd_filename = get_rrd_path($device, get_sensor_rrd($device, $sensor)); if (($config['allow_unauth_graphs'] == TRUE || is_entity_permitted($sensor['sensor_id'], 'sensor')) && is_file($rrd_filename)) { $descr = rewrite_hrDevice($sensor['sensor_descr']); $rrd_list[$i]['filename'] = $rrd_filename; $rrd_list[$i]['descr'] = $descr; $rrd_list[$i]['ds'] = "sensor"; $i++; } } $unit_text = $unit_long; $units = '%'; $total_units = '%'; $colours = 'mixed-10c'; $nototal = 1; $scale_rigid = FALSE; include $config['html_dir'] . "/includes/graphs/generic_multi_line.inc.php"; // EOF
function entity_permitted_array(&$entities, $entity_type) { $entity_type_data = entity_type_translate_array($entity_type); // Strip out the entities the user isn't allowed to see, if they don't have global view rights if (!isset($_SESSION['user_limited']) || $_SESSION['user_limited']) { foreach ($entities as $key => $entity) { if (!is_entity_permitted($entity[$entity_type_data['id_field']], $entity_type, $entity['device_id'])) { unset($entities[$key]); } } } }
$response .= implode(PHP_EOL, $whois_parts); //print_vars($request['data']['records']); } } } if ($response) { $_SESSION['cache']['response_' . $vars['entity_type'] . '_' . $ip] = '<pre class="small">' . $response . '</pre>'; echo $_SESSION['cache']['response_' . $vars['entity_type'] . '_' . $ip]; } else { echo 'Not Found'; } } else { echo 'Not correct IP address'; } exit; break; default: if (is_array($config['entities'][$vars['entity_type']])) { if (is_numeric($vars['entity_id']) && is_entity_permitted($vars['entity_id'], $vars['entity_type'])) { $entity = get_entity_by_id_cache($vars['entity_type'], $vars['entity_id']); echo generate_entity_popup($entity, $vars); } else { print_warning("You are not permitted to view this entity."); } } else { print_error("Unknown entity type."); } exit; break; } // EOF
function port_permitted($port_id, $device_id = NULL) { return is_entity_permitted($port_id, 'port', $device_id); }
<?php /** * Observium * * This file is part of Observium. * * @package observium * @subpackage graphs * @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited * */ if (!is_array($vars['id'])) { $vars['id'] = array($vars['id']); } $auth = TRUE; foreach ($vars['id'] as $storage_id) { if (!$auth && !is_entity_permitted('storage', $storage_id)) { $auth = FALSE; } } $title = "Multi Storage :: "; // EOF
$ports['up'] = dbFetchCell("SELECT COUNT(*) FROM `ports` WHERE 1 " . $where_permitted . $where_hide . " AND `ifAdminStatus` = 'up' AND (`ifOperStatus` = 'up' OR `ifOperStatus` = 'testing')"); //r($where_hide); //r($cache['devices']); //r($cache['ports']); //r($ports); //r($ports_db); //r($permissions); // Sensors $sensors = array('count' => 0, 'ok' => 0, 'alert' => 0, 'warning' => 0, 'ignored' => 0, 'disabled' => 0); $cache['sensor_types'] = array(); $sensors_array = dbFetchRows('SELECT `device_id`, `sensor_id`, `sensor_class`, `sensor_type`, `sensor_ignore`, `sensor_disable`, `sensor_value`, `sensor_event` FROM `sensors` LEFT JOIN `sensors-state` USING(`sensor_id`);'); // FIXME. sensor_deleted not used.. foreach ($sensors_array as $sensor) { if (!is_entity_permitted($sensor['sensor_id'], 'sensor', $sensor['device_id'])) { continue; } // Check device permitted if (!$config['web_show_disabled']) { if ($cache['devices']['id'][$sensor['device_id']]['disabled']) { continue; } } if ($sensor['sensor_deleted']) { continue; } // humanize_sensor($sensor); $sensors['count']++; $cache['sensor_types'][$sensor['sensor_class']]['count']++; if ($sensor['sensor_disable']) {
<?php /** * Observium * * This file is part of Observium. * * @package observium * @subpackage graphs * @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited * */ if (!is_array($vars['id'])) { $vars['id'] = array($vars['id']); } $auth = TRUE; foreach ($vars['id'] as $mempool_id) { if (!$auth && !is_entity_permitted('mempool', $mempool_id)) { $auth = FALSE; } } $title = "Multi Memory Pool :: "; // EOF
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited * */ $config['install_dir'] = "../.."; include_once "../../includes/sql-config.inc.php"; include $config['html_dir'] . "/includes/functions.inc.php"; include $config['html_dir'] . "/includes/authenticate.inc.php"; if (!$_SESSION['authenticated']) { echo "unauthenticated"; exit; } if ($_SESSION['userlevel'] >= '5') { switch ($_GET['entity_type']) { case "sensor": foreach (dbFetch("SELECT * FROM `sensors` WHERE device_id = ?", array($_GET['device_id'])) as $sensor) { if (is_entity_permitted($sensor, 'sensor')) { $string = addslashes($sensor['sensor_descr']); echo "obj.options[obj.options.length] = new Option('" . $string . "','" . $sensor['sensor_id'] . "');\n"; } } break; case "netscalervsvr": foreach (dbFetch("SELECT * FROM `netscaler_vservers` WHERE `device_id` = ?", array($_GET['device_id'])) as $entity) { $string = addslashes($entity['vsvr_label']); echo "obj.options[obj.options.length] = new Option('" . $string . "','" . $entity['vsvr_id'] . "');\n"; } break; case "port": foreach (dbFetch("SELECT * FROM `ports` WHERE `device_id` = ? AND `deleted` = '0'", array($_GET['device_id'])) as $port) { $string = addslashes($port['port_label_short'] . " - " . $port['ifAlias']); echo "obj.options[obj.options.length] = new Option('" . $string . "','" . $port['port_id'] . "');\n";
$device = device_by_id_cache($vars['entity_id']); echo generate_device_popup($device, $vars, $start, $end); } else { print_warning("您未被授权查看该端口."); } exit; break; case "netscaler_svc": case "netscaler_vsvr": case "bgp_peer": case "storage": case "sensor": case "status": case "mempool": case "processor": if (is_numeric($vars['entity_id']) && is_entity_permitted($vars['entity_id'], 'processor')) { $entity = get_entity_by_id_cache($vars['entity_type'], $vars['entity_id']); echo generate_entity_popup($entity, $vars['entity_type']); } else { print_warning("You are not permitted to view this entity."); } exit; break; case "mac": if (Net_MAC::check($vars['entity_id'])) { // Other way by using Pear::Net_MAC, see here: http://pear.php.net/manual/en/package.networking.net-mac.importvendors.php $url = 'http://api.macvendors.com/' . urlencode($vars['entity_id']); $response = get_http_request($url); if ($response) { echo 'MAC vendor: ' . $response; } else {
$permit_tabs = array(); if ($vars['tab'] == "port" && is_numeric($vars['device']) && (isset($vars['port']) || isset($vars['ifdescr']))) { // If we've been given a 'ifdescr' variable, try to work out the port_id from this if (!is_numeric($vars['port']) && !empty($vars['ifdescr'])) { $ifdescr = base64_decode($vars['ifdescr']); if (!$ifdescr) { $ifdescr = $vars['ifdescr']; } $vars['port'] = get_port_id_by_ifDescr($vars['device'], $ifdescr); } if (port_permitted($vars['port']) && $vars['device'] == get_device_id_by_port_id($vars['port'])) { $permit_tabs['ports'] = TRUE; } } if ($vars['tab'] == "health" && is_numeric($vars['id']) && isset($vars['id'])) { if (is_entity_permitted($vars['id'], 'sensor')) { $permit_tabs['health'] = TRUE; } } // print_vars($permit_tabs); // If there is no valid device specified in the URL, generate an error. if (!isset($cache['devices']['id'][$vars['device']]) && !count($permit_tabs)) { print_error('<h4>No valid device specified</h4> A valid device was not specified in the URL. Please retype and try again.'); return; } // Only show if the user has access to the whole device or a single port. if (isset($cache['devices']['id'][$vars['device']]) || count($permit_tabs)) { $selected['iface'] = "active"; $tab = str_replace(".", "", $vars['tab']); if (!$tab) {
<?php /** * Observium * * This file is part of Observium. * * @package observium * @subpackage graphs * @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited * */ if (!is_array($vars['id'])) { $vars['id'] = array($vars['id']); } $auth = TRUE; foreach ($vars['id'] as $processor_id) { if (!$auth && !is_entity_permitted('processor', $processor_id)) { $auth = FALSE; } } $title = "Multi Processor :: "; // EOF