Esempio n. 1
0
function addRemovePortsUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf)
{
    // Listar los usuarios y preparar el combo de usuarios disponibles
    $pACL = new paloACL($arrConf['elastix_dsn']['acl']);
    $id_user = getParameter('id_user');
    $userlist = $pACL->getUsers();
    $cbo_users = array();
    foreach ($userlist as $userinfo) {
        $cbo_users[$userinfo[0]] = $userinfo[1] . ' - ' . $userinfo[2];
    }
    // Verificar si el usuario existe
    if (!is_null($id_user)) {
        if (!isset($cbo_users[$id_user])) {
            Header("Location: ?menu={$module_name}");
            return NULL;
        }
    } else {
        $id_user = $userlist[0][0];
    }
    $ps = new paloSantoPortService($pDB);
    $pk = new paloSantoPortKnockUsers($pDB);
    // Construir lista de puertos autorizados
    $userauth = $pk->listAuthorizationsForUser($id_user);
    $portauths = array();
    if (is_array($userauth)) {
        foreach ($userauth as $auth) {
            $portauths[$auth['id_port']] = $auth['id'];
        }
    }
    $portlist = $ps->ObtainPuertos($ps->ObtainNumPuertos('', ''), 0, '', '');
    $listaIdPuertos = array();
    foreach ($portlist as $portinfo) {
        $listaIdPuertos[] = $portinfo['id'];
    }
    if (isset($_POST['apply']) && is_array($_POST['auth_port'])) {
        // Se requiere aplicar lista de cambios
        $listaNuevosPuertos = array_keys($_POST['auth_port']);
        $bReglasBorradas = FALSE;
        // Borrar la autorización de todos los puertos que ya no aparecen
        $bExito = TRUE;
        foreach ($portauths as $id_port => $id_auth) {
            if (!in_array($id_port, $listaNuevosPuertos)) {
                if (!$pk->deleteAuthorization($id_auth)) {
                    $smarty->assign("mb_title", _tr("ERROR"));
                    $smarty->assign("mb_message", $pk->errMsg);
                    $bExito = FALSE;
                    break;
                } else {
                    unset($portauths[$id_port]);
                    $bReglasBorradas = TRUE;
                }
            }
        }
        if (!$bExito) {
            break;
        }
        // Ingresar la autorización de los puertos nuevos
        foreach ($listaNuevosPuertos as $id_port) {
            if (in_array($id_port, $listaIdPuertos) && !isset($portauths[$id_port])) {
                $id_nueva_auth = $pk->insertAuthorization($id_user, $id_port);
                if (is_null($id_nueva_auth)) {
                    $smarty->assign("mb_title", _tr("ERROR"));
                    $smarty->assign("mb_message", $pk->errMsg);
                    $bExito = FALSE;
                    break;
                } else {
                    $portauths[$id_port] = $id_nueva_auth;
                }
            }
        }
        if ($bExito) {
            if ($bReglasBorradas) {
                // Ejecutar iptables para revocar las reglas del usuario
                require_once "modules/sec_rules/libs/paloSantoRules.class.php";
                $pr = new paloSantoRules($pDB);
                $pr->activateRules();
            }
            Header("Location: ?menu={$module_name}");
            return NULL;
        }
    }
    $data = array();
    if (is_array($portlist)) {
        foreach ($portlist as $portinfo) {
            $id_port = $portinfo['id'];
            $protocol_details = '';
            switch ($portinfo['protocol']) {
                case 'TCP':
                case 'UDP':
                    $protocol_details = (stripos($portinfo['details'], ':') === false ? _tr('Port') : _tr('Ports')) . ' ' . $portinfo['details'];
                    break;
                case 'ICMP':
                    $arr = explode(':', $portinfo['details']);
                    if (isset($arr[1])) {
                        $protocol_details = _tr('Type') . ": " . $arr[0] . " " . _tr('Code') . ": " . $arr[1];
                    }
                    break;
                default:
                    $protocol_details = _tr('Protocol Number') . ': ' . $portinfo['details'];
                    break;
            }
            $data[] = array("<input type=\"checkbox\" name=\"auth_port[{$id_port}]\" " . (isset($portauths[$id_port]) ? 'checked="checked"' : '') . ' />', htmlentities($portinfo['name'], ENT_COMPAT, 'UTF-8'), htmlentities($portinfo['protocol'], ENT_COMPAT, 'UTF-8'), $protocol_details);
        }
    }
    $oGrid = new paloSantoGrid($smarty);
    $oGrid->setTitle(_tr('Add/remove ports for user'));
    $oGrid->setColumns(array('', _tr('Port'), _tr('Protocol'), _tr('Details')));
    $oGrid->addSubmitAction('apply', _tr('Apply changes'), "modules/{$module_name}/images/Check.png");
    $oGrid->addComboAction('id_user', _tr('User'), $cbo_users, $id_user, 'refresh', 'submit();');
    // Construcción de la vista de puertos autorizados
    $oGrid->pagingShow(false);
    $url = array("menu" => $module_name);
    $oGrid->setURL($url);
    $oGrid->setData($data);
    return $oGrid->fetchGrid();
}
Esempio n. 2
0
function reportPuertos($smarty, $module_name, $local_templates_dir, &$pDB, $arrConf)
{
    $pPuertos = new paloSantoPortService($pDB);
    $field_type = getParameter("filter_type");
    $field_pattern = getParameter("filter_txt");
    //begin grid parameters
    $oGrid = new paloSantoGrid($smarty);
    $oGrid->addNew("new", _tr("Define Port"));
    $oGrid->deleteList("Are you sure you wish to delete the port(s).?", "delete", _tr("Delete"));
    $totalPuertos = $pPuertos->ObtainNumPuertos($field_type, $field_pattern);
    $limit = 20;
    $total = $totalPuertos;
    $oGrid->setLimit($limit);
    $oGrid->setTotal($total);
    $oGrid->setTitle(_tr("Define Ports"));
    $oGrid->setIcon("modules/{$module_name}/images/security_define_ports.png");
    $oGrid->pagingShow(true);
    $offset = $oGrid->calculateOffset();
    $url = array("menu" => $module_name, "filter_type" => $field_type, "filter_txt" => $field_pattern);
    $oGrid->setURL($url);
    $arrData = null;
    $arrResult = $pPuertos->ObtainPuertos($limit, $offset, $field_type, $field_pattern);
    $button_eliminar = "";
    $arrColumns = array($button_eliminar, _tr("Name"), _tr("Protocol"), _tr("Details"), _tr("Option"));
    $oGrid->setColumns($arrColumns);
    if (is_array($arrResult) && $total > 0) {
        foreach ($arrResult as $key => $value) {
            $arrTmp[0] = "<input type='checkbox' name='" . $value['id'] . "' id='" . $value['id'] . "'>";
            $arrTmp[1] = $value['name'];
            $arrTmp[2] = $value['protocol'];
            if ($value['protocol'] == "TCP" || $value['protocol'] == "UDP") {
                $port = $value['details'];
                $arrTmp[3] = stripos($port, ":") === false ? _tr('Port') . "  " . $value['details'] : _tr('Ports') . "  " . $value['details'];
            } elseif ($value['protocol'] == "ICMP") {
                $arr = explode(":", $value['details']);
                if (isset($arr[1])) {
                    $arrTmp[3] = "Type: " . $arr[0] . " Code: " . $arr[1];
                }
            } else {
                $arrTmp[3] = "Protocol Number: " . $value['details'];
            }
            $arrTmp[4] = "&nbsp;<a href='?menu={$module_name}&action=view&id=" . $value['id'] . "'>" . _tr('View') . "</a>";
            $arrData[] = $arrTmp;
        }
    }
    $oGrid->setData($arrData);
    //begin section filter
    $arrFormFilterPuertos = createFieldForm();
    $oFilterForm = new paloForm($smarty, $arrFormFilterPuertos);
    $smarty->assign("SHOW", _tr("Show"));
    $_POST["filter_type"] = $field_type;
    $_POST["filter_txt"] = $field_pattern;
    if (is_null($field_type) || $field_type == "") {
        $nameFieldType = "";
    } else {
        $nameFieldType = $arrFormFilterPuertos["filter_type"]["INPUT_EXTRA_PARAM"][$field_type];
    }
    $oGrid->addFilterControl(_tr("Filter applied: ") . $nameFieldType . " = " . $field_pattern, $_POST, array("filter_type" => "name", "filter_txt" => "x"));
    $htmlFilter = $oFilterForm->fetchForm("{$local_templates_dir}/filter.tpl", "", $_POST);
    //end section filter
    $oGrid->showFilter(trim($htmlFilter));
    $contenidoModulo = $oGrid->fetchGrid();
    if (strpos($contenidoModulo, '<form') === FALSE) {
        $contenidoModulo = "<form  method='POST' style='margin-bottom:0;' action={$url}>{$contenidoModulo}</form>";
    }
    //end grid parameters
    return $contenidoModulo;
}