function get_group_info($conn, $group_id) { $group = Asset_group::get_object($conn, $group_id); $data = array('id' => $group_id, 'name' => $group->get_name(), 'owner' => $group->get_owner(), 'descr' => html_entity_decode($group->get_descr(), ENT_QUOTES, 'UTF-8')); return $data; }
function draw_html_content($conn, $ri_data, $edit_mode = FALSE) { $ri_html = ''; if ($ri_data['type'] == 'indicator') { //Allowed host types $host_types = array('host', 'server', 'sensor'); //Getting indicator values if (preg_match("/view\\.php\\?map\\=([a-fA-F0-9]*)/", $ri_data['url'], $found)) { // Linked to another map: loop by this map indicators list($r_value, $v_value, $a_value, $ri_data['asset_id'], $related_sensor, , $ips, $in_assets) = get_map_values($conn, $found[1], $ri_data['asset_id'], $ri_data['asset_type'], $host_types); } else { // Asset Values list(, $related_sensor, , $ips, $in_assets) = get_assets($conn, $ri_data['asset_id'], $ri_data['asset_type'], $host_types); list($r_value, $v_value, $a_value) = get_values($conn, $host_types, $ri_data['asset_type'], $ri_data['asset_id'], FALSE); } // Getting indacator links if ($edit_mode == TRUE) { $linked_url = "javascript:void(0);"; $r_url = "javascript:void(0);"; $v_url = "javascript:void(0);"; $a_url = "javascript:void(0);"; } else { // Risk link $alarm_query = ''; if ($ri_data['asset_type'] == 'host') { $alarm_query .= "&host_id=" . $ri_data['asset_id']; } elseif ($ri_data['asset_type'] == 'net') { $alarm_query .= "&net_id=" . $ri_data['asset_id']; } elseif ($ri_data['asset_type'] == 'sensor') { $alarm_query .= "&sensor_query=" . $ri_data['asset_id']; } elseif ($ri_data['asset_type'] == 'host_group' || $ri_data['asset_type'] == 'hostgroup') { $alarm_query .= "&asset_group=" . $ri_data['asset_id']; } $r_url = Menu::get_menu_url("/ossim/alarm/alarm_console.php?hide_closed=1" . $alarm_query, 'analysis', 'alarms', 'alarms'); // Vulnerability link if ($ri_data['asset_type'] == 'host_group' || $ri_data['asset_type'] == 'hostgroup') { $v_data = ''; if (valid_hex32($ri_data['asset_id'])) { $_group_object = Asset_group::get_object($conn, $ri_data['asset_id']); if ($_group_object != NULL) { $_assets_aux = $_group_object->get_hosts($conn, '', array(), TRUE); foreach ($_assets_aux[0] as $_host_data) { if ($v_data != '') { $v_data .= ','; } $v_data .= $_host_data[2]; // IP } } } } else { $v_data = $ips; } $v_url = Menu::get_menu_url("/ossim/vulnmeter/index.php?value={$v_data}&type=hn", 'environment', 'vulnerabilities', 'overview'); // Availability link if (!empty($related_sensor)) { $conf = $GLOBALS['CONF']; $conf = !$conf ? new Ossim_conf() : $conf; $nagios_link = $conf->get_conf('nagios_link'); $scheme = empty($_SERVER['HTTPS']) ? 'http://' : 'https://'; $path = !empty($nagios_link) ? $nagios_link : '/nagios3/'; $port = !empty($_SERVER['SERVER_PORT']) ? ':' . $_SERVER['SERVER_PORT'] : ""; $nagios_url = $scheme . $related_sensor . $port . $path; if ($ri_data['asset_type'] == 'host') { $hostname = Asset_host::get_name_by_id($conn, $ri_data['asset_id']); if (preg_match('/\\,/', $ips)) { $hostname .= '_' . preg_replace('/\\,.*/', '', $ips); } $a_url = Menu::get_menu_url("/ossim/nagios/index.php?sensor={$related_sensor}&nagios_link=" . urlencode($nagios_url . "cgi-bin/status.cgi?host=" . $hostname), 'environment', 'availability'); } else { $a_url = Menu::get_menu_url("/ossim/nagios/index.php?sensor={$related_sensor}&nagios_link=" . urlencode($nagios_url . "cgi-bin/status.cgi?hostgroup=all"), 'environment', 'availability'); } } else { $a_url = 'javascript:void(0);'; } //Report link or map link if ($ri_data['url'] == 'REPORT') { $linked_url = "javascript:void(0);"; if ($ri_data['asset_type'] == 'sensor') { try { //Special case 1: Sensors don't have detail view $sensor_ip = Av_sensor::get_ip_by_id($conn, $ri_data['asset_id']); if (Asset_host_ips::valid_ip($sensor_ip)) { $filters = array('where' => "host.id = hi.host_id AND hi.ip = INET6_ATON('{$sensor_ip}')\n AND hi.host_id = hs.host_id AND hs.sensor_id = UNHEX('" . $ri_data['asset_id'] . "')"); list($hosts, $total) = Asset_host::get_list($conn, ', host_sensor_reference hs, host_ip hi', $filters); if ($total == 1) { $ri_data['asset_id'] = key($hosts); $linked_url = Menu::get_menu_url("/ossim/av_asset/common/views/detail.php?asset_id=" . $ri_data['asset_id'], 'environment', 'assets', 'assets'); } elseif ($total > 1) { $linked_url = Menu::get_menu_url("/ossim/av_asset/asset/index.php?filter_id=11&filter_value={$sensor_ip}", 'environment', 'assets', 'assets'); } } } catch (Exception $e) { } } elseif ($ri_data['asset_type'] == 'net_group' || $ri_data['asset_type'] == 'netgroup') { //Special case 2: Net groups don't have detail view $_sm_option = 'assets'; $_h_option = 'network_groups'; $linked_url = Menu::get_menu_url("/ossim/netgroup/netgroup_form.php?id=" . $ri_data['asset_id'], 'environment', $_sm_option, $_h_option); } else { if ($ri_data['asset_type'] == 'host') { $_sm_option = 'assets'; $_h_option = 'assets'; } elseif ($ri_data['asset_type'] == 'host_group' || $ri_data['asset_type'] == 'hostgroup') { $_sm_option = 'assets'; $_h_option = 'asset_groups'; } else { $_sm_option = 'assets'; $_h_option = 'networks'; } $linked_url = Menu::get_menu_url("/ossim/av_asset/common/views/detail.php?asset_id=" . $ri_data['asset_id'], 'environment', $_sm_option, $_h_option); } } else { $linked_url = $ri_data['url'] != '' ? Menu::get_menu_url($ri_data['url'], 'dashboard', 'riskmaps', 'overview') : "javascript:void(0);"; } } //Special image when linked asset has been removed if ($ri_data['asset_type'] != '' && !$in_assets) { $ri_data['icon'] = "/ossim/pixmaps/marker--exclamation.png"; $ri_data['icon_size'] = "16"; $ri_data['icon_bg'] = 'transparent'; } $ri_data['icon_size'] = $ri_data['icon_size'] >= 0 || $ri_data['icon_size'] == -1 ? $ri_data['icon_size'] : ''; $ri_html .= "<input type='hidden' name='dataname" . $ri_data['id'] . "' id='dataname" . $ri_data['id'] . "' value='" . $ri_data['name'] . "'/>\n <input type='hidden' name='datatype" . $ri_data['id'] . "' id='datatype" . $ri_data['id'] . "' value='" . $ri_data['asset_type'] . "'/>\n <input type='hidden' name='type_name" . $ri_data['id'] . "' id='type_name" . $ri_data['id'] . "' value='" . $ri_data['asset_id'] . "'/>\n <input type='hidden' name='type_name_show" . $ri_data['id'] . "' id='type_name_show" . $ri_data['id'] . "' value='" . $ri_data['asset_name'] . "'/>\n <input type='hidden' name='dataurl" . $ri_data['id'] . "' id='dataurl" . $ri_data['id'] . "' value='" . $ri_data['url'] . "'/>\n <input type='hidden' name='dataicon" . $ri_data['id'] . "' id='dataicon" . $ri_data['id'] . "' value='" . $ri_data['icon'] . "'/>\n <input type='hidden' name='dataiconsize" . $ri_data['id'] . "' id='dataiconsize" . $ri_data['id'] . "' value='" . $ri_data['icon_size'] . "'/>\n <input type='hidden' name='dataiconbg" . $ri_data['id'] . "' id='dataiconbg" . $ri_data['id'] . "' value='" . $ri_data['icon_bg'] . "'/>"; $ri_html .= '<table width="100%" border="0" cellspacing="0" cellpadding="1" style="padding:2px; background-color:' . $ri_data['icon_bg'] . '; text-align:center; margin-left:2px; margin-right:2px">'; if (!preg_match("/#NONAME/", $ri_data['name'])) { $ri_html .= '<tr> <td align="center" nowrap="nowrap"> <a href="' . $linked_url . '" class="ne"><i>' . $ri_data['name'] . '</i></a> </td> </tr>'; } if ($ri_data['icon_size'] != -1) { $ri_data['icon_size'] = $ri_data['icon_size'] > 0 ? 'width="' . $ri_data['icon_size'] . '"' : ''; $ri_html .= '<tr> <td align="center" style="white-space: nowrap;"> <a href="' . $linked_url . '" class="ne"> <img src="' . $ri_data['icon'] . '" ' . $ri_data['icon_size'] . ' border="0"/> </a> </td> </tr>'; } $ri_html .= '<tr align="center"> <td style="margin-left:2px; margin-right:2px">'; if ($ri_data['icon_size'] == -1 && preg_match("/#NONAME/", $ri_data['name'])) { $ri_html .= '<table border="0" cellspacing="0" cellpadding="2" style="text-align:center; margin:auto;"> <tr> <td><a class="ne11" href="' . $r_url . '"><img src="images/' . $r_value . '.gif" border="0"/></a></td> <td><a class="ne11" href="' . $v_url . '"><img src="images/' . $v_value . '.gif" border="0"/></a></td> <td><a class="ne11" href="' . $a_url . '"><img src="images/' . $a_value . '.gif" border="0"/></a></td> </tr> </table>'; } else { $ri_html .= ' <table border="0" cellspacing="0" cellpadding="2" style="text-align:center; margin:auto;"> <tr> <td><a class="ne11" href="' . $r_url . '">R</a></td> <td><a class="ne11" href="' . $v_url . '">V</a></td> <td><a class="ne11" href="' . $a_url . '">A</a></td> </tr> <tr> <td><img src="images/' . $r_value . '.gif" border="0"/></td> <td><img src="images/' . $v_value . '.gif" border="0"/></td> <td><img src="images/' . $a_value . '.gif" border="0"/></td> </tr> </table>'; } $ri_html .= ' </td> </tr>'; if ($edit_mode == TRUE) { $ri_html .= ' <tr align="center"> <td class="noborder"> <div id="indicator_edit" style="float:left;" onclick="load_indicator_info(this);"> <img src="images/edit.png" title="' . _("Edit Indicator") . '" class="ind_help" height="15px" border="0"/> </div> <div id="indicator_trash" style="float:right;" onclick="delete_indicator(this);"> <img src="../pixmaps/trash.png" title="' . _("Delete Indicator") . '" class="ind_help" height="15px" border="0"/> </div> </td> </tr>'; } $ri_html .= '</table>'; } elseif ($ri_data['type'] == 'rectangle') { $ri_html = "<input type='hidden' name='dataname" . $ri_data['id'] . "' id='dataname" . $ri_data['id'] . "' value='" . $ri_data['name'] . "'/>\n\n <input type='hidden' name='dataurl" . $ri_data['id'] . "' id='dataurl" . $ri_data['id'] . "' value='" . $ri_data['url'] . "'/>\n"; if ($edit_mode == TRUE) { $ri_html .= '<div class="itcanberesized" style="position:absolute; bottom:0px; right:0px; cursor:nw-resize;"> <img src="../pixmaps/resize.gif" border="0"/> </div>'; } $ri_html .= '<table border="0" cellspacing="0" cellpadding="0" width="100%" height="100%" style="border:0px;"> <tr> <td style="border:1px dotted black" valign="bottom">'; if ($edit_mode == TRUE) { $ri_html .= '<div id="indicator_edit" style="float:left;padding:2px;" onclick="load_indicator_info(this);"> <img src="images/edit.png" title="' . _("Edit Rectangle") . '" class="ind_help" height="15px" border="0"/> </div> <div id="indicator_trash" style="float:right;padding:2px;" onclick="delete_indicator(this);"> <img src="../pixmaps/trash.png" title="' . _("Delete Rectangle") . '" class="ind_help" height="15px" border="0"/> </div>'; } $ri_html .= ' </td> </tr> </table>'; } return $ri_html; }
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; $group_id = POST('group_id') != '' ? POST('group_id') : GET('group_id'); $num_assets = POST('num_assets'); $error_msg = ''; ossim_valid($group_id, OSS_HEX, 'illegal: Group ID'); ossim_valid($num_assets, OSS_DIGIT, OSS_NULLABLE, 'illegal: Num of assets'); if (ossim_error()) { die(ossim_error()); } // Database Object $db = new ossim_db(); $conn = $db->connect(); $group = Asset_group::get_object($conn, $group_id); $group->can_i_edit($conn); // Form is submited: Add to group if ($num_assets > 0) { for ($i = 0; $i < $num_assets; $i++) { if (valid_hex32(POST('host' . $i))) { $assets[] = POST('host' . $i); } } try { $group->add_host($conn, $assets); } catch (Exception $e) { $error_msg = $e->getMessage(); } if ($error_msg == '') { $msg = 'saved';
if (ossim_error() && $scan_server != 'Null') { $error_message .= _('Sensor id') . ': ' . Util::htmlentities($scan_server) . '<br>'; } if (!empty($error_message)) { $config_nt = array('content' => $error_message, 'options' => array('type' => 'nf_error', 'cancel_button' => false), 'style' => 'width: 80%; margin: 20px auto; text-align: left;'); $nt = new Notification('nt_1', $config_nt); $nt->show(); exit(1); } } $db = new ossim_db(); $conn = $db->connect(); // get the groups members foreach ($assets_groups as $asset_id => $asset_type) { if ($asset_type == 'hostgroup' && Asset_group::is_in_db($conn, $asset_id)) { $host_group = Asset_group::get_object($conn, $asset_id); list($host_list, $total) = $host_group->get_hosts($conn); foreach ($host_list as $host_id => $host_data) { $host_ips = explode(',', $host_data['ips']); foreach ($host_ips as $host_ip) { $targets[$host_id . '#' . $host_ip] = array('hostgroup_id' => $asset_id); } } } else { if ($asset_type == 'netgroup' && Net_group::is_in_db($conn, $asset_id)) { $net_list = Net_group::get_networks($conn, $asset_id); foreach ($net_list as $net) { $net_id = $net->get_net_id(); $net_cidrs = Asset_net::get_ips_by_id($conn, $net_id); $cidrs = explode(',', $net_cidrs); foreach ($cidrs as $cidr) {
$img_disabled = 'img_disabled'; } } elseif (Asset_net::is_in_db($conn, $id)) { if (Asset_net::is_allowed($conn, $id)) { $asset_object = Asset_net::get_object($conn, $id); $asset_type = 'net'; $breadcrumb = array('section' => _('Networks'), 'current' => _('Network Details')); } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Net not allowed')); } $can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $id); if ($can_i_modify_ips == FALSE) { $img_disabled = 'img_disabled'; } } elseif (Asset_group::is_in_db($conn, $id)) { $asset_object = Asset_group::get_object($conn, $id); $asset_type = 'group'; $breadcrumb = array('section' => _('Groups'), 'current' => _('Group Details')); try { $asset_object->can_i_edit($conn); } catch (Exception $e) { $img_disabled = 'img_disabled'; $button_disabled = 'disabled'; $flag_restricted_group = TRUE; } } else { Av_exception::throw_error(Av_exception::USER_ERROR, _('Asset not found in the system')); } // Save session object $_SESSION['asset_detail'][$id] = serialize($asset_object); // Get default system ip