if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) { $Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true); } } # we need old values for mailing if ($_POST['action'] == "edit" || $_POST['action'] == "delete") { $subnet_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); } # get mask and subnet $_POST['mask'] = trim(strstr($_POST['subnet'], "/"), "/"); $_POST['subnet'] = strstr($_POST['subnet'], "/", true); $_POST['id'] = $_POST['subnetId']; //set cidr $_POST['cidr'] = $_POST['subnet'] . "/" . $_POST['mask']; # get section details $section = (array) $Sections->fetch_section(null, $_POST['sectionId']); # fetch custom fields $custom = $Tools->fetch_custom_fields('subnets'); # get master subnet details for folder overrides if ($_POST['masterSubnetId'] != 0) { $master_section = (array) $Subnets->fetch_subnet(null, $_POST['masterSubnetId']); if ($master_section['isFolder'] == 1) { $parent_is_folder = true; } else { $parent_is_folder = false; } } else { $parent_is_folder = false; } /** * If request came from IP address subnet edit and
$x++; } } //new line $lineCount++; //Write IP addresses foreach ($result_addresses as $ip) { //cast $ip = (array) $ip; # check permission $subnet_permission = $Subnets->check_permission($User->user, $ip['subnetId']); if ($subnet_permission > 0) { //get the Subnet details $subnet = (array) $Subnets->fetch_subnet(null, $ip['subnetId']); //get section $section = (array) $Sections->fetch_section(null, $subnet['sectionId']); //get VLAN for subnet $vlan = (array) (array) $Tools->fetch_object("vlans", "vlanId", $subnet['vlanId']); //format vlan if (sizeof($vlan) > 0) { if (strlen($vlan['number']) > 0) { $vlanText = " (vlan: " . $vlan['number']; if (strlen($vlan['name']) > 0) { $vlanText .= ' - ' . $vlan['name'] . ')'; } else { $vlanText .= ")"; } } } else { $vlanText = ""; }
/** * Checks permission for specified subnet * * we provide user details and subnetId * * @access public * @param object $user * @param int $subnetid * @return void */ public function check_permission($user, $subnetId) { # get all user groups $groups = json_decode($user->groups, true); # if user is admin then return 3, otherwise check if ($user->role == "Administrator") { return 3; } # set subnet permissions $subnet = $this->fetch_subnet("id", $subnetId); if ($subnet === false) { return 0; } //null? if (is_null($subnet->permissions) || $subnet->permissions == "null") { return 0; } $subnetP = json_decode(@$subnet->permissions); # set section permissions $Section = new Sections($this->Database); $section = $Section->fetch_section("id", $subnet->sectionId); $sectionP = json_decode($section->permissions); # default permission $out = 0; # for each group check permissions, save highest to $out if (sizeof($sectionP) > 0) { foreach ($sectionP as $sk => $sp) { # check each group if user is in it and if so check for permissions for that group if (is_array($groups)) { foreach ($groups as $uk => $up) { if ($uk == $sk) { if ($sp > $out) { $out = $sp; } } } } } } else { return 0; } # if section permission == 0 then return 0 if ($out == 0) { return 0; } else { $out = 0; # ok, user has section access, check also for any higher access from subnet if (sizeof($subnetP) > 0) { foreach ($subnetP as $sk => $sp) { # check each group if user is in it and if so check for permissions for that group foreach ($groups as $uk => $up) { if ($uk == $sk) { if ($sp > $out) { $out = $sp; } } } } } } # return result return $out; }
# verify that user has permissions to add subnet if ($_POST['action'] == "add") { if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) { $Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true, true); } } else { if ($Subnets->check_permission($User->user, $_POST['subnetId']) != 3) { $Result->show("danger", _('You do not have permissions to add edit/delete this subnet') . "!", true, true); } } # we need old values for mailing if ($_POST['action'] == "edit" || $_POST['action'] == "delete") { $subnet_old_details = (array) $Subnets->fetch_subnet(null, $_POST['subnetId']); } # get section details $section = (array) $Sections->fetch_section(null, @$_POST['sectionId']); # fetch custom fields $custom = $Tools->fetch_custom_fields('subnets'); //custom if (sizeof($custom) > 0) { foreach ($custom as $myField) { # replace possible ___ back to spaces! $myField['nameTest'] = str_replace(" ", "___", $myField['name']); if (isset($_POST[$myField['nameTest']])) { $_POST[$myField['name']] = $_POST[$myField['nameTest']]; } } } //remove subnet-specific fields unset($_POST['subnet'], $_POST['allowRequests'], $_POST['showName'], $_POST['pingSubnet'], $_POST['discoverSubnet']); unset($subnet_old_details['subnet'], $subnet_old_details['allowRequests'], $subnet_old_details['showName'], $subnet_old_details['pingSubnet'], $subnet_old_details['discoverSubnet']);
print "\t<a class='btn btn-sm btn-danger editSectionSubmitDelete' id='editSectionSubmitDelete'>" . _("Confirm") . "</a>"; print "</div>"; print "</div>"; print "</div>"; } else { // init permission parameters $new_permissions = array(); // permissions posted $old_permissions = array(); // existing subnet permissions $removed_permissions = array(); // removed permissions $changed_permissions = array(); // changed permissions # fetch old section $section_old = $Sections->fetch_section("id", $_POST['id']); // parse old permissions $old_permissions = json_decode($section_old->permissions, true); # set variables for update $values = array("id" => @$_POST['id'], "name" => @$_POST['name'], "description" => @$_POST['description'], "strictMode" => @$_POST['strictMode'], "subnetOrdering" => @$_POST['subnetOrdering'], "showVLAN" => @$_POST['showVLAN'], "showVRF" => @$_POST['showVRF'], "masterSection" => @$_POST['masterSection']); # set new posted permissions foreach ($_POST as $key => $val) { if (substr($key, 0, 5) == "group") { if ($val != "0") { $new_permissions[substr($key, 5)] = $val; } } } // calculate diff if (is_array($old_permissions)) { foreach ($old_permissions as $k1 => $p1) {
$Subnets = new Subnets($Database); $Sections = new Sections($Database); $Addresses = new Addresses($Database); $Tools = new Tools($Database); $Result = new Result(); # verify that user is logged in $User->check_user_session(); # strip input tags $_POST = $Admin->strip_input_tags($_POST); # validate csrf cookie $User->csrf_cookie("validate", "scan_all", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; # section $section_search = false; foreach ($_POST as $k => $p) { if (strpos($k, "sectionId") !== false) { $section = $Sections->fetch_section("id", $p); if ($section === false) { $Result->show("danger", _("Invalid section Id"), true, false, false, true); } } } # scan disabled if ($User->settings->enableSNMP != "1") { $Result->show("danger", _("SNMP module disbled"), true); } # check section permissions if ($Sections->check_permission($User->user, $_POST['sectionId']) != 3) { $Result->show("danger", _('You do not have permissions to add new subnet in this section') . "!", true); } # loop foreach ($_POST as $k => $p) {