if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) {
$Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true);
}
}
# we need old values for mailing
if ($_POST['action'] == "edit" || $_POST['action'] == "delete") {
$subnet_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']);
}
# get mask and subnet
$_POST['mask'] = trim(strstr($_POST['subnet'], "/"), "/");
$_POST['subnet'] = strstr($_POST['subnet'], "/", true);
$_POST['id'] = $_POST['subnetId'];
//set cidr
$_POST['cidr'] = $_POST['subnet'] . "/" . $_POST['mask'];
# get section details
$section = (array) $Sections->fetch_section(null, $_POST['sectionId']);
# fetch custom fields
$custom = $Tools->fetch_custom_fields('subnets');
# get master subnet details for folder overrides
if ($_POST['masterSubnetId'] != 0) {
$master_section = (array) $Subnets->fetch_subnet(null, $_POST['masterSubnetId']);
if ($master_section['isFolder'] == 1) {
$parent_is_folder = true;
} else {
$parent_is_folder = false;
}
} else {
$parent_is_folder = false;
}
/**
* If request came from IP address subnet edit and
$x++;
}
}
//new line
$lineCount++;
//Write IP addresses
foreach ($result_addresses as $ip) {
//cast
$ip = (array) $ip;
# check permission
$subnet_permission = $Subnets->check_permission($User->user, $ip['subnetId']);
if ($subnet_permission > 0) {
//get the Subnet details
$subnet = (array) $Subnets->fetch_subnet(null, $ip['subnetId']);
//get section
$section = (array) $Sections->fetch_section(null, $subnet['sectionId']);
//get VLAN for subnet
$vlan = (array) (array) $Tools->fetch_object("vlans", "vlanId", $subnet['vlanId']);
//format vlan
if (sizeof($vlan) > 0) {
if (strlen($vlan['number']) > 0) {
$vlanText = " (vlan: " . $vlan['number'];
if (strlen($vlan['name']) > 0) {
$vlanText .= ' - ' . $vlan['name'] . ')';
} else {
$vlanText .= ")";
}
}
} else {
$vlanText = "";
}
/**
* Checks permission for specified subnet
*
* we provide user details and subnetId
*
* @access public
* @param object $user
* @param int $subnetid
* @return void
*/
public function check_permission($user, $subnetId)
{
# get all user groups
$groups = json_decode($user->groups, true);
# if user is admin then return 3, otherwise check
if ($user->role == "Administrator") {
return 3;
}
# set subnet permissions
$subnet = $this->fetch_subnet("id", $subnetId);
if ($subnet === false) {
return 0;
}
//null?
if (is_null($subnet->permissions) || $subnet->permissions == "null") {
return 0;
}
$subnetP = json_decode(@$subnet->permissions);
# set section permissions
$Section = new Sections($this->Database);
$section = $Section->fetch_section("id", $subnet->sectionId);
$sectionP = json_decode($section->permissions);
# default permission
$out = 0;
# for each group check permissions, save highest to $out
if (sizeof($sectionP) > 0) {
foreach ($sectionP as $sk => $sp) {
# check each group if user is in it and if so check for permissions for that group
if (is_array($groups)) {
foreach ($groups as $uk => $up) {
if ($uk == $sk) {
if ($sp > $out) {
$out = $sp;
}
}
}
}
}
} else {
return 0;
}
# if section permission == 0 then return 0
if ($out == 0) {
return 0;
} else {
$out = 0;
# ok, user has section access, check also for any higher access from subnet
if (sizeof($subnetP) > 0) {
foreach ($subnetP as $sk => $sp) {
# check each group if user is in it and if so check for permissions for that group
foreach ($groups as $uk => $up) {
if ($uk == $sk) {
if ($sp > $out) {
$out = $sp;
}
}
}
}
}
}
# return result
return $out;
}
# verify that user has permissions to add subnet
if ($_POST['action'] == "add") {
if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) {
$Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true);
}
} else {
if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) {
$Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true);
}
}
# we need old values for mailing
if ($_POST['action'] == "edit" || $_POST['action'] == "delete") {
$subnet_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']);
}
# get section details
$section = (array) $Sections->fetch_section(null, @$_POST['sectionId']);
# fetch custom fields
$custom = $Tools->fetch_custom_fields('subnets');
//custom
if (sizeof($custom) > 0) {
foreach ($custom as $myField) {
# replace possible ___ back to spaces!
$myField['nameTest'] = str_replace(" ", "___", $myField['name']);
if (isset($_POST[$myField['nameTest']])) {
$_POST[$myField['name']] = $_POST[$myField['nameTest']];
}
}
}
//remove subnet-specific fields
unset($_POST['subnet'], $_POST['allowRequests'], $_POST['showName'], $_POST['pingSubnet'], $_POST['discoverSubnet']);
unset($subnet_old_details['subnet'], $subnet_old_details['allowRequests'], $subnet_old_details['showName'], $subnet_old_details['pingSubnet'], $subnet_old_details['discoverSubnet']);
print "\t<a class='btn btn-sm btn-danger editSectionSubmitDelete' id='editSectionSubmitDelete'>" . _("Confirm") . "</a>";
print "</div>";
print "</div>";
print "</div>";
} else {
// init permission parameters
$new_permissions = array();
// permissions posted
$old_permissions = array();
// existing subnet permissions
$removed_permissions = array();
// removed permissions
$changed_permissions = array();
// changed permissions
# fetch old section
$section_old = $Sections->fetch_section("id", $_POST['id']);
// parse old permissions
$old_permissions = json_decode($section_old->permissions, true);
# set variables for update
$values = array("id" => @$_POST['id'], "name" => @$_POST['name'], "description" => @$_POST['description'], "strictMode" => @$_POST['strictMode'], "subnetOrdering" => @$_POST['subnetOrdering'], "showVLAN" => @$_POST['showVLAN'], "showVRF" => @$_POST['showVRF'], "masterSection" => @$_POST['masterSection']);
# set new posted permissions
foreach ($_POST as $key => $val) {
if (substr($key, 0, 5) == "group") {
if ($val != "0") {
$new_permissions[substr($key, 5)] = $val;
}
}
}
// calculate diff
if (is_array($old_permissions)) {
foreach ($old_permissions as $k1 => $p1) {
$Subnets = new Subnets($Database);
$Sections = new Sections($Database);
$Addresses = new Addresses($Database);
$Tools = new Tools($Database);
$Result = new Result();
# verify that user is logged in
$User->check_user_session();
# strip input tags
$_POST = $Admin->strip_input_tags($_POST);
# validate csrf cookie
$User->csrf_cookie("validate", "scan_all", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
# section
$section_search = false;
foreach ($_POST as $k => $p) {
if (strpos($k, "sectionId") !== false) {
$section = $Sections->fetch_section("id", $p);
if ($section === false) {
$Result->show("danger", _("Invalid section Id"), true, false, false, true);
}
}
}
# scan disabled
if ($User->settings->enableSNMP != "1") {
$Result->show("danger", _("SNMP module disbled"), true);
}
# check section permissions
if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) {
$Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true);
}
# loop
foreach ($_POST as $k => $p) {
