From c6783f9a104723319e0efb3a3cb827a03fe2ee86 Mon Sep 17 00:00:00 2001 From: Daniel Barbero Date: Mon, 17 Oct 2022 16:04:45 +0200 Subject: [PATCH 1/3] synch cli with nodes pandora_enterprise#9500 --- pandora_server/lib/PandoraFMS/DB.pm | 35 +++++++++++++++++++++++++++ pandora_server/util/pandora_manage.pl | 22 ++++++++++++++--- 2 files changed, 54 insertions(+), 3 deletions(-) diff --git a/pandora_server/lib/PandoraFMS/DB.pm b/pandora_server/lib/PandoraFMS/DB.pm index 9aae4804333..bd2d1b8c3a5 100644 --- a/pandora_server/lib/PandoraFMS/DB.pm +++ b/pandora_server/lib/PandoraFMS/DB.pm @@ -113,6 +113,7 @@ our @EXPORT = qw( get_agentmodule_status_str get_agentmodule_data set_ssl_opts + db_synch_insert $RDBMS $RDBMS_QUOTE $RDBMS_QUOTE_STRING @@ -1672,6 +1673,40 @@ sub set_ssl_opts($) { } } +######################################################################## +## Synch insert query with nodes. +######################################################################## +sub db_synch_insert ($$$$$@) { + my ($dbh, $pa_config, $table, $query, $result, @values) = @_; + + my $substr = "\"\%s\""; + $query =~ s/\?/$substr/g; + my $query_string = sprintf($query, @values); + + my @nodes = get_db_rows($dbh, 'SELECT * FROM tmetaconsole_setup'); + foreach my $node (@nodes) { + eval { + local $SIG{__DIE__}; + my @values_queue = ( + safe_input($query_string), + $node->{'id'}, + time(), + 'INSERT INTO', + $table, + '', + $result + ); + + my $query_queue = 'INSERT INTO tsync_queue (`sql`, `target`, `utimestamp`, `operation`, `table`, `error`, `result`) VALUES (?, ?, ?, ?, ?, ?, ?)'; + db_insert ($dbh, 'id', $query_queue, @values_queue); + }; + if ($@) { + logger($pa_config, "Error add sync_queue: $@", 10); + return; + } + } +} + # End of function declaration # End of defined Code diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index ba59b8b2c1d..dcc05abf7f9 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -562,13 +562,29 @@ ($$) sub pandora_create_user ($$$$$) { my ($dbh, $name, $password, $is_admin, $comments) = @_; - if(is_metaconsole($conf) != 1 && pandora_get_tconfig_token ($dbh, 'centralized_management', '')) { + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { print_log "[ERROR] This node is configured with centralized mode. To create a user go to metaconsole. \n\n"; exit; } + + my $query = 'INSERT INTO tusuario (id_user, fullname, password, comments, is_admin) VALUES (?, ?, ?, ?, ?)'; + my @values = ( + safe_input($name), + safe_input($name), + $password, + safe_input($comments), + $is_admin + ); - return db_insert ($dbh, 'id_user', 'INSERT INTO tusuario (id_user, fullname, password, comments, is_admin) - VALUES (?, ?, ?, ?, ?)', safe_input($name), safe_input($name), $password, safe_input($comments), $is_admin); + my $res = db_insert($dbh, 'id_user', $query, @values); + + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_insert($dbh, $conf, 'tusuario', $query, $res, @values); + } else { + return $res; + } } ########################################################################## From 697abced4e5a9207e48dfdf947a7d4306a4046ce Mon Sep 17 00:00:00 2001 From: Daniel Barbero Date: Tue, 18 Oct 2022 12:49:51 +0200 Subject: [PATCH 2/3] synch cli with nodes pandora_enterprise#9500 --- pandora_server/lib/PandoraFMS/DB.pm | 45 ++++++- pandora_server/util/pandora_manage.pl | 185 ++++++++++++++++++++++---- 2 files changed, 202 insertions(+), 28 deletions(-) diff --git a/pandora_server/lib/PandoraFMS/DB.pm b/pandora_server/lib/PandoraFMS/DB.pm index bd2d1b8c3a5..7c0716776da 100644 --- a/pandora_server/lib/PandoraFMS/DB.pm +++ b/pandora_server/lib/PandoraFMS/DB.pm @@ -114,6 +114,9 @@ our @EXPORT = qw( get_agentmodule_data set_ssl_opts db_synch_insert + db_synch_update + db_synch_delete + db_synch $RDBMS $RDBMS_QUOTE $RDBMS_QUOTE_STRING @@ -1683,15 +1686,53 @@ sub db_synch_insert ($$$$$@) { $query =~ s/\?/$substr/g; my $query_string = sprintf($query, @values); + db_synch($dbh, $pa_config, 'INSERT INTO', $table, $query_string, $result); +} + +######################################################################## +## Synch update query with nodes. +######################################################################## +sub db_synch_update ($$$$$@) { + my ($dbh, $pa_config, $table, $query, $result, @values) = @_; + + my $substr = "\"\%s\""; + $query =~ s/\?/$substr/g; + my $query_string = sprintf($query, @values); + + db_synch($dbh, $pa_config, 'UPDATE', $table, $query_string, $result); +} + +######################################################################## +## Synch delete query with nodes. +######################################################################## +sub db_synch_delete ($$$$@) { + my ($dbh, $pa_config, $table, $result, @parameters) = @_; + + #Build query string. + my $query = $dbh->{Statement}; + + my $substr = "\"\%s\""; + $query =~ s/\?/$substr/g; + + my $query_string = sprintf($query, @parameters); + + db_synch($dbh, $pa_config, 'DELETE FROM', $table, $query_string, $result); +} + +######################################################################## +## Synch queries with nodes. +######################################################################## +sub db_synch ($$$$$$) { + my ($dbh, $pa_config, $type, $table, $query, $result) = @_; my @nodes = get_db_rows($dbh, 'SELECT * FROM tmetaconsole_setup'); foreach my $node (@nodes) { eval { local $SIG{__DIE__}; my @values_queue = ( - safe_input($query_string), + safe_input($query), $node->{'id'}, time(), - 'INSERT INTO', + $type, $table, '', $result diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index d55f5255bbb..26da4b232e4 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -533,8 +533,27 @@ ($$$;$) $group_id = 0 unless defined($group_id); - db_do ($dbh, 'INSERT INTO tusuario_perfil (id_usuario, id_perfil, id_grupo) - VALUES (?, ?, ?)', safe_input($user_id), $profile_id, $group_id); + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { + print_log "[ERROR] This node is configured with centralized mode. To create a user go to metaconsole. \n\n"; + exit; + } + + my $query = 'INSERT INTO tusuario_perfil (id_usuario, id_perfil, id_grupo) VALUES (?, ?, ?)'; + my @values = ( + safe_input($user_id), + $profile_id, + $group_id + ); + + my $res = db_do ($dbh, $query, @values); + + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_insert($dbh, $conf, 'tusuario_perfil', $query, $res, @values); + } + + return $res; } @@ -582,9 +601,9 @@ ($$$$$) if(is_metaconsole($conf) == 1 && $centralized) { db_synch_insert($dbh, $conf, 'tusuario', $query, $res, @values); - } else { - return $res; } + + return $res; } ########################################################################## @@ -593,17 +612,27 @@ ($$$$$) sub pandora_delete_user ($$) { my ($dbh, $name) = @_; - if(is_metaconsole($conf) != 1 && pandora_get_tconfig_token ($dbh, 'centralized_management', '')) { + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { print_log "[ERROR] This node is configured with centralized mode. To delete a user go to metaconsole. \n\n"; exit; } # Delete user profiles - db_do ($dbh, 'DELETE FROM tusuario_perfil WHERE id_usuario = ?', $name); + my $result_profile = db_do ($dbh, 'DELETE FROM tusuario_perfil WHERE id_usuario = ?', $name); + + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_delete($dbh, $conf, 'tusuario_perfil', $result_profile, $name); + } # Delete the user my $return = db_do ($dbh, 'DELETE FROM tusuario WHERE id_user = ?', $name); + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_delete($dbh, $conf, 'tusuario', $return, $name); + } + if($return eq '0E0') { return -1; } @@ -633,25 +662,79 @@ ($$) ## Assign a profile to the given user/group. ########################################################################## sub pandora_create_user_profile ($$$$) { - my ($dbh, $user_id, $profile_id, $group_id) = @_; - - return db_insert ($dbh, 'id_up', 'INSERT INTO tusuario_perfil (id_usuario, id_perfil, id_grupo) VALUES (?, ?, ?)', $user_id, $profile_id, $group_id); + my ($dbh, $user_id, $profile_id, $group_id) = @_; + + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { + print_log "[ERROR] This node is configured with centralized mode. To create a user go to metaconsole. \n\n"; + exit; + } + + my $query = 'INSERT INTO tusuario_perfil (id_usuario, id_perfil, id_grupo) VALUES (?, ?, ?)'; + my @values = ( + safe_input($user_id), + $profile_id, + $group_id + ); + + my $res = db_insert ($dbh, 'id_up', $query, @values); + + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_insert($dbh, $conf, 'tusuario_perfil', $query, $res, @values); + } + + return $res; } ########################################################################## ## Create profile. ########################################################################## sub pandora_create_profile ($$$$$$$$$$$$$$$$$$$$$$) { - my ($dbh, $profile_name, $agent_view, + my ($dbh, $profile_name, $agent_view, $agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management, $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_; + + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); - return db_insert ($dbh, 'id_up', 'INSERT INTO tperfil (name,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);', - safe_input($profile_name), $agent_view, - $agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management, - $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, - $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management); + if(is_metaconsole($conf) != 1 && $centralized) { + print_log "[ERROR] This node is configured with centralized mode. To create a user go to metaconsole. \n\n"; + exit; + } + + my $query = 'INSERT INTO tperfil (name,agent_view,agent_edit,agent_disable,alert_edit,alert_management,user_management,db_management,event_view,event_edit,event_management,report_view,report_edit,report_management,map_view,map_edit,map_management,vconsole_view,vconsole_edit,vconsole_management,pandora_management) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);'; + my @values = ( + safe_input($profile_name), + $agent_view, + $agent_edit, + $agent_disable, + $alert_edit, + $alert_management, + $user_management, + $db_management, + $event_view, + $event_edit, + $event_management, + $report_view, + $report_edit, + $report_management, + $map_view, + $map_edit, + $map_management, + $vconsole_view, + $vconsole_edit, + $vconsole_management, + $pandora_management + ); + + my $res = db_insert ($dbh, 'id_perfil', $query, @values); + + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_insert($dbh, $conf, 'tperfil', $query, $res, @values); + } + + return $res; } ########################################################################## @@ -663,11 +746,33 @@ ($$$$$$$$$$$$$$$$$$$$$$) $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management) = @_; - return db_update ($dbh, 'UPDATE tperfil SET agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;', - $agent_view, - $agent_edit, $agent_disable, $alert_edit, $alert_management, $user_management, $db_management, - $event_view, $event_edit, $event_management, $report_view, $report_edit, $report_management, - $map_view, $map_edit, $map_management, $vconsole_view, $vconsole_edit, $vconsole_management, $pandora_management, safe_input($profile_name)); + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { + print_log "[ERROR] This node is configured with centralized mode. To create a user go to metaconsole. \n\n"; + exit; + } + + my @parameters = ( + $agent_view, $agent_edit, $agent_disable, + $alert_edit, $alert_management, + $user_management, $db_management, + $event_view, $event_edit, $event_management, + $report_view, $report_edit, $report_management, + $map_view, $map_edit, $map_management, + $vconsole_view, $vconsole_edit, $vconsole_management, + $pandora_management, safe_input($profile_name) + ); + + my $query = 'UPDATE tperfil SET agent_view = ?, agent_edit = ?, agent_disable = ?, alert_edit = ?, alert_management = ?, user_management = ?, db_management = ?, event_view = ?, event_edit = ?, event_management = ?, report_view = ?, report_edit = ?, report_management = ?, map_view = ?, map_edit = ?, map_management = ?, vconsole_view = ?, vconsole_edit = ?, vconsole_management = ?, pandora_management = ? WHERE name=?;'; + + my $result = db_update ($dbh, $query, @parameters); + + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_update($dbh, $conf, 'tperfil', $query, $result, @parameters); + } + + return $result; } ########################################################################## @@ -675,8 +780,28 @@ ($$$$$$$$$$$$$$$$$$$$$$) ########################################################################## sub pandora_delete_user_profile ($$$$) { my ($dbh, $user_id, $profile_id, $group_id) = @_; + + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { + print_log "[ERROR] This node is configured with centralized mode. To delete a user go to metaconsole. \n\n"; + exit; + } + + my @parameters = ( + $user_id, + $profile_id, + $group_id + ); + + # Delete the user + my $return = db_do ($dbh, 'DELETE FROM tusuario_perfil WHERE id_usuario=? AND id_perfil=? AND id_grupo=?', @parameters); + + if(is_metaconsole($conf) == 1 && $centralized) { + db_synch_delete($dbh, $conf, 'tusuario_perfil', $return, @parameters); + } - return db_do ($dbh, 'DELETE FROM tusuario_perfil WHERE id_usuario=? AND id_perfil=? AND id_grupo=?', $user_id, $profile_id, $group_id); + return $return; } ########################################################################## @@ -826,9 +951,18 @@ ($$$) ########################################################################## sub pandora_update_user_from_hash ($$$$) { my ($parameters, $where_column, $where_value, $dbh) = @_; + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + my $result = db_process_update($dbh, 'tusuario', $parameters, {$where_column => $where_value}); + if(is_metaconsole($conf) == 1 && $centralized) { + my @values = ( + values %$parameters, + $where_value + ); - my $user_id = db_process_update($dbh, 'tusuario', $parameters, {$where_column => $where_value}); - return $user_id; + db_synch_update($dbh, $conf, 'tusuario', $dbh->{Statement}, $result, @values); + } + + return $result; } ########################################################################## @@ -6263,9 +6397,8 @@ () $user_id = safe_input($user_id); - db_do ($dbh, "UPDATE tusuario SET disabled = '0' WHERE id_user = '$user_id'"); - - exit; + db_do ($dbh, "UPDATE tusuario SET disabled = '0' WHERE id_user = '$user_id'"); + exit; } ############################################################################### From e79394c2354a94566f1e524a7cd2ccd07a62b860 Mon Sep 17 00:00:00 2001 From: Daniel Barbero Date: Tue, 18 Oct 2022 16:14:35 +0200 Subject: [PATCH 3/3] synch cli with nodes pandora_enterprise#9500 --- pandora_server/util/pandora_manage.pl | 29 ++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index 11beac6d338..c5147faa784 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -6385,8 +6385,10 @@ () sub cli_user_enable () { my $user_id = @ARGV[2]; - if(is_metaconsole($conf) != 1 && pandora_get_tconfig_token ($dbh, 'centralized_management', '')) { - print_log "[ERROR] This node is configured with centralized mode. To enable a user go to metaconsole. \n\n"; + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { + print_log "[ERROR] This node is configured with centralized mode. To create a user go to metaconsole. \n\n"; exit; } @@ -6403,7 +6405,13 @@ () $user_id = safe_input($user_id); - db_do ($dbh, "UPDATE tusuario SET disabled = '0' WHERE id_user = '$user_id'"); + my $result = db_do ($dbh, "UPDATE tusuario SET disabled = '0' WHERE id_user = '$user_id'"); + + if(is_metaconsole($conf) == 1 && $centralized) { + my @values; + db_synch_update($dbh, $conf, 'tusuario', $dbh->{Statement}, $result, @values); + } + exit; } @@ -6414,8 +6422,10 @@ () sub cli_user_disable () { my $user_id = @ARGV[2]; - if(is_metaconsole($conf) != 1 && pandora_get_tconfig_token ($dbh, 'centralized_management', '')) { - print_log "[ERROR] This node is configured with centralized mode. To disable a user go to metaconsole. \n\n"; + my $centralized = pandora_get_tconfig_token ($dbh, 'centralized_management', ''); + + if(is_metaconsole($conf) != 1 && $centralized) { + print_log "[ERROR] This node is configured with centralized mode. To create a user go to metaconsole. \n\n"; exit; } @@ -6432,9 +6442,14 @@ () $user_id = safe_input($user_id); - db_do ($dbh, "UPDATE tusuario SET disabled = '1' WHERE id_user = '$user_id'"); + my $result = db_do ($dbh, "UPDATE tusuario SET disabled = '1' WHERE id_user = '$user_id'"); + + if(is_metaconsole($conf) == 1 && $centralized) { + my @values; + db_synch_update($dbh, $conf, 'tusuario', $dbh->{Statement}, $result, @values); + } - exit; + exit; } ###############################################################################