Esempi in PHP per is_entity_permitted

Esempio n. 1

File: auth.inc.php Progetto: Natolumin/observium

<?php

/**
 * Observium
 *
 *   This file is part of Observium.
 *
 * @package    observium
 * @subpackage graphs
 * @copyright  (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited
 *
 */
if (is_numeric($vars['id'])) {
    $sensor = dbFetchRow("SELECT * FROM `sensors` WHERE `sensor_id` = ?", array($vars['id']));
    if (is_numeric($sensor['device_id']) && ($auth || is_entity_permitted($sensor['sensor_id'], 'sensor') || device_permitted($sensor['device_id']))) {
        $device = device_by_id_cache($sensor['device_id']);
        $rrd_filename = get_rrd_path($device, get_sensor_rrd($device, $sensor));
        $title = generate_device_link($device);
        $title .= " :: Sensors :: ";
        $auth = TRUE;
    }
}
// EOF

Esempio n. 2

File: sensor.inc.php Progetto: Natolumin/observium

<?php

/**
 * Observium
 *
 *   This file is part of Observium.
 *
 * @package    observium
 * @subpackage graphs
 * @copyright  (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited
 *
 */
//include_once($config['html_dir']."/includes/graphs/common.inc.php");
foreach (dbFetchRows("SELECT * FROM `sensors` WHERE `sensor_class` = ? AND `device_id` = ? ORDER BY `sensor_index`", array($class, $device['device_id'])) as $sensor) {
    $rrd_filename = get_rrd_path($device, get_sensor_rrd($device, $sensor));
    if (($config['allow_unauth_graphs'] == TRUE || is_entity_permitted($sensor['sensor_id'], 'sensor')) && is_file($rrd_filename)) {
        $descr = rewrite_hrDevice($sensor['sensor_descr']);
        $rrd_list[$i]['filename'] = $rrd_filename;
        $rrd_list[$i]['descr'] = $descr;
        $rrd_list[$i]['ds'] = "sensor";
        $i++;
    }
}
$unit_text = $unit_long;
$units = '%';
$total_units = '%';
$colours = 'mixed-10c';
$nototal = 1;
$scale_rigid = FALSE;
include $config['html_dir'] . "/includes/graphs/generic_multi_line.inc.php";
// EOF

Esempio n. 3

File: functions.inc.php Progetto: Natolumin/observium

function entity_permitted_array(&$entities, $entity_type)
{
    $entity_type_data = entity_type_translate_array($entity_type);
    // Strip out the entities the user isn't allowed to see, if they don't have global view rights
    if (!isset($_SESSION['user_limited']) || $_SESSION['user_limited']) {
        foreach ($entities as $key => $entity) {
            if (!is_entity_permitted($entity[$entity_type_data['id_field']], $entity_type, $entity['device_id'])) {
                unset($entities[$key]);
            }
        }
    }
}

Esempio n. 4

File: entity_popup.php Progetto: Natolumin/observium

                        $response .= implode(PHP_EOL, $whois_parts);
                        //print_vars($request['data']['records']);
                    }
                }
            }
            if ($response) {
                $_SESSION['cache']['response_' . $vars['entity_type'] . '_' . $ip] = '<pre class="small">' . $response . '</pre>';
                echo $_SESSION['cache']['response_' . $vars['entity_type'] . '_' . $ip];
            } else {
                echo 'Not Found';
            }
        } else {
            echo 'Not correct IP address';
        }
        exit;
        break;
    default:
        if (is_array($config['entities'][$vars['entity_type']])) {
            if (is_numeric($vars['entity_id']) && is_entity_permitted($vars['entity_id'], $vars['entity_type'])) {
                $entity = get_entity_by_id_cache($vars['entity_type'], $vars['entity_id']);
                echo generate_entity_popup($entity, $vars);
            } else {
                print_warning("You are not permitted to view this entity.");
            }
        } else {
            print_error("Unknown entity type.");
        }
        exit;
        break;
}
// EOF

Esempio n. 5

File: functions.inc.php Progetto: rhizalpatrax64bit/StacksNetwork

function port_permitted($port_id, $device_id = NULL)
{
    return is_entity_permitted($port_id, 'port', $device_id);
}

Esempio n. 6

File: auth.inc.php Progetto: Natolumin/observium

<?php

/**
 * Observium
 *
 *   This file is part of Observium.
 *
 * @package    observium
 * @subpackage graphs
 * @copyright  (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited
 *
 */
if (!is_array($vars['id'])) {
    $vars['id'] = array($vars['id']);
}
$auth = TRUE;
foreach ($vars['id'] as $storage_id) {
    if (!$auth && !is_entity_permitted('storage', $storage_id)) {
        $auth = FALSE;
    }
}
$title = "Multi Storage :: ";
// EOF

Esempio n. 7

File: cache-data.inc.php Progetto: Natolumin/observium

$ports['up'] = dbFetchCell("SELECT COUNT(*) FROM `ports` WHERE 1 " . $where_permitted . $where_hide . " AND `ifAdminStatus` = 'up' AND (`ifOperStatus` = 'up' OR `ifOperStatus` = 'testing')");
//r($where_hide);
//r($cache['devices']);
//r($cache['ports']);
//r($ports);
//r($ports_db);
//r($permissions);
// Sensors
$sensors = array('count' => 0, 'ok' => 0, 'alert' => 0, 'warning' => 0, 'ignored' => 0, 'disabled' => 0);
$cache['sensor_types'] = array();
$sensors_array = dbFetchRows('SELECT `device_id`, `sensor_id`, `sensor_class`, `sensor_type`, `sensor_ignore`, `sensor_disable`,
                                     `sensor_value`, `sensor_event` FROM `sensors`
                             LEFT JOIN `sensors-state` USING(`sensor_id`);');
// FIXME. sensor_deleted not used..
foreach ($sensors_array as $sensor) {
    if (!is_entity_permitted($sensor['sensor_id'], 'sensor', $sensor['device_id'])) {
        continue;
    }
    // Check device permitted
    if (!$config['web_show_disabled']) {
        if ($cache['devices']['id'][$sensor['device_id']]['disabled']) {
            continue;
        }
    }
    if ($sensor['sensor_deleted']) {
        continue;
    }
    // humanize_sensor($sensor);
    $sensors['count']++;
    $cache['sensor_types'][$sensor['sensor_class']]['count']++;
    if ($sensor['sensor_disable']) {

Esempio n. 8

File: auth.inc.php Progetto: Natolumin/observium

<?php

/**
 * Observium
 *
 *   This file is part of Observium.
 *
 * @package    observium
 * @subpackage graphs
 * @copyright  (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited
 *
 */
if (!is_array($vars['id'])) {
    $vars['id'] = array($vars['id']);
}
$auth = TRUE;
foreach ($vars['id'] as $mempool_id) {
    if (!$auth && !is_entity_permitted('mempool', $mempool_id)) {
        $auth = FALSE;
    }
}
$title = "Multi Memory Pool :: ";
// EOF

Esempio n. 9

File: device_entities.php Progetto: Natolumin/observium

 * @copyright  (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited
 *
 */
$config['install_dir'] = "../..";
include_once "../../includes/sql-config.inc.php";
include $config['html_dir'] . "/includes/functions.inc.php";
include $config['html_dir'] . "/includes/authenticate.inc.php";
if (!$_SESSION['authenticated']) {
    echo "unauthenticated";
    exit;
}
if ($_SESSION['userlevel'] >= '5') {
    switch ($_GET['entity_type']) {
        case "sensor":
            foreach (dbFetch("SELECT * FROM `sensors` WHERE device_id = ?", array($_GET['device_id'])) as $sensor) {
                if (is_entity_permitted($sensor, 'sensor')) {
                    $string = addslashes($sensor['sensor_descr']);
                    echo "obj.options[obj.options.length] = new Option('" . $string . "','" . $sensor['sensor_id'] . "');\n";
                }
            }
            break;
        case "netscalervsvr":
            foreach (dbFetch("SELECT * FROM `netscaler_vservers` WHERE `device_id` = ?", array($_GET['device_id'])) as $entity) {
                $string = addslashes($entity['vsvr_label']);
                echo "obj.options[obj.options.length] = new Option('" . $string . "','" . $entity['vsvr_id'] . "');\n";
            }
            break;
        case "port":
            foreach (dbFetch("SELECT * FROM `ports` WHERE `device_id` = ? AND `deleted` = '0'", array($_GET['device_id'])) as $port) {
                $string = addslashes($port['port_label_short'] . " - " . $port['ifAlias']);
                echo "obj.options[obj.options.length] = new Option('" . $string . "','" . $port['port_id'] . "');\n";

Esempio n. 10

File: ajax_entitypopup.php Progetto: rhizalpatrax64bit/StacksNetwork

         $device = device_by_id_cache($vars['entity_id']);
         echo generate_device_popup($device, $vars, $start, $end);
     } else {
         print_warning("您未被授权查看该端口.");
     }
     exit;
     break;
 case "netscaler_svc":
 case "netscaler_vsvr":
 case "bgp_peer":
 case "storage":
 case "sensor":
 case "status":
 case "mempool":
 case "processor":
     if (is_numeric($vars['entity_id']) && is_entity_permitted($vars['entity_id'], 'processor')) {
         $entity = get_entity_by_id_cache($vars['entity_type'], $vars['entity_id']);
         echo generate_entity_popup($entity, $vars['entity_type']);
     } else {
         print_warning("You are not permitted to view this entity.");
     }
     exit;
     break;
 case "mac":
     if (Net_MAC::check($vars['entity_id'])) {
         // Other way by using Pear::Net_MAC, see here: http://pear.php.net/manual/en/package.networking.net-mac.importvendors.php
         $url = 'http://api.macvendors.com/' . urlencode($vars['entity_id']);
         $response = get_http_request($url);
         if ($response) {
             echo 'MAC vendor: ' . $response;
         } else {

Esempio n. 11

File: device.inc.php Progetto: Natolumin/observium

$permit_tabs = array();
if ($vars['tab'] == "port" && is_numeric($vars['device']) && (isset($vars['port']) || isset($vars['ifdescr']))) {
    // If we've been given a 'ifdescr' variable, try to work out the port_id from this
    if (!is_numeric($vars['port']) && !empty($vars['ifdescr'])) {
        $ifdescr = base64_decode($vars['ifdescr']);
        if (!$ifdescr) {
            $ifdescr = $vars['ifdescr'];
        }
        $vars['port'] = get_port_id_by_ifDescr($vars['device'], $ifdescr);
    }
    if (port_permitted($vars['port']) && $vars['device'] == get_device_id_by_port_id($vars['port'])) {
        $permit_tabs['ports'] = TRUE;
    }
}
if ($vars['tab'] == "health" && is_numeric($vars['id']) && isset($vars['id'])) {
    if (is_entity_permitted($vars['id'], 'sensor')) {
        $permit_tabs['health'] = TRUE;
    }
}
// print_vars($permit_tabs);
// If there is no valid device specified in the URL, generate an error.
if (!isset($cache['devices']['id'][$vars['device']]) && !count($permit_tabs)) {
    print_error('<h4>No valid device specified</h4>
                  A valid device was not specified in the URL. Please retype and try again.');
    return;
}
// Only show if the user has access to the whole device or a single port.
if (isset($cache['devices']['id'][$vars['device']]) || count($permit_tabs)) {
    $selected['iface'] = "active";
    $tab = str_replace(".", "", $vars['tab']);
    if (!$tab) {

Esempio n. 12

File: auth.inc.php Progetto: Natolumin/observium

<?php

/**
 * Observium
 *
 *   This file is part of Observium.
 *
 * @package    observium
 * @subpackage graphs
 * @copyright  (C) 2006-2013 Adam Armstrong, (C) 2013-2016 Observium Limited
 *
 */
if (!is_array($vars['id'])) {
    $vars['id'] = array($vars['id']);
}
$auth = TRUE;
foreach ($vars['id'] as $processor_id) {
    if (!$auth && !is_entity_permitted('processor', $processor_id)) {
        $auth = FALSE;
    }
}
$title = "Multi Processor :: ";
// EOF