From 3d94b6056c00f3654fe4db7e32a0c8fb0ecebfbc Mon Sep 17 00:00:00 2001 From: Adam Amstrong Date: Thu, 31 Dec 2009 19:06:05 +0000 Subject: [PATCH] more fixes and updates from sid3windr git-svn-id: http://www.observium.org/svn/observer/trunk@579 61d68cd4-352d-0410-923a-c4978735b2b8 --- config.php.default | 9 +++++ html/includes/authenticate.inc | 42 ++++++++++++++++---- html/includes/print-menubar.php | 11 ++--- html/pages/front/default.php | 24 ++++++++--- includes/discovery/bgp-peers.php | 39 ++++++++++++++++-- includes/discovery/cisco-processors.php | 2 +- includes/discovery/temperatures.php | 2 +- includes/polling/bgpPeer.inc.php | 53 +++++++++++++++++++++++++ 8 files changed, 157 insertions(+), 25 deletions(-) diff --git a/config.php.default b/config.php.default index 4f9f2b94c..ca47e97b7 100755 --- a/config.php.default +++ b/config.php.default @@ -18,6 +18,15 @@ $config['community'] = "public"; $config['base_url'] = "http://observer2.as8681.net"; +### Authentication model +$config['auth_mechanism'] = "mysql"; # default, other options: ldap + +# LDAP module configuration +$config['auth_ldap_server'] = "ldap.yourserver.com"; +$config['auth_ldap_port'] = 389; +$config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=com"; +$config['auth_ldap_prefix'] = "uid="; + ### Location of executables $config['rrdtool'] = "/usr/bin/rrdtool"; diff --git a/html/includes/authenticate.inc b/html/includes/authenticate.inc index 8bc4e0615..d1fc4354d 100644 --- a/html/includes/authenticate.inc +++ b/html/includes/authenticate.inc @@ -26,12 +26,39 @@ if($_COOKIE['username'] && $_COOKIE['password']){ $_SESSION['password'] = mres($_COOKIE['password']); } +$auth_success = 0; -$encrypted = md5($_SESSION['password']); -$sql = "SELECT * FROM `users` WHERE `username`='".$_SESSION['username']."' AND `password`='".$encrypted."'"; -$query = mysql_query($sql); -$row = @mysql_fetch_array($query); -if($row['username'] && $row['username'] == $_SESSION['username']) { +if ($config['auth_mechanism'] == "mysql") +{ + $encrypted = md5($_SESSION['password']); + $sql = "SELECT username FROM `users` WHERE `username`='".$_SESSION['username']."' AND `password`='".$encrypted."'"; + $query = mysql_query($sql); + $row = @mysql_fetch_array($query); + if($row['username'] && $row['username'] == $_SESSION['username']) { + $auth_success = 1; + } +} +else if ($config['auth_mechanism'] == "ldap") +{ + $ds=@ldap_connect($config['auth_ldap_server'],$config['auth_ldap_port']); + if ($ds) + { + if (ldap_bind($ds, $config['auth_ldap_prefix'] . $_SESSION['username'] . $config['auth_ldap_suffix'], $_SESSION['password'])) + { + $auth_success = 1; + } + } +} +else +{ + echo "ERROR: no valid auth_mechanism defined."; + exit(); +} + +if ($auth_success) { + $sql = "SELECT * FROM `users` WHERE `username`='".$_SESSION['username']."'"; + $query = mysql_query($sql); + $row = @mysql_fetch_array($query); $_SESSION['userlevel'] = $row['level']; $_SESSION['user_id'] = $row['user_id']; if(!$_SESSION['authenticated']) { @@ -39,11 +66,12 @@ if($row['username'] && $row['username'] == $_SESSION['username']) { mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('".$_SESSION['username']."', '".$_SERVER["REMOTE_ADDR"]."', 'logged in')"); header("Location: ".$_SERVER['REQUEST_URI']); } - if(isset($_POST['remember'])){ + if(isset($_POST['remember'])) { setcookie("username", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("password", $_SESSION['password'], time()+60*60*24*100, "/"); } -} elseif ($_SESSION['username']) { +} +elseif ($_SESSION['username']) { $auth_message = "Authentication Failed"; unset ($_SESSION['authenticated']); mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('".$_SESSION['username']."', '".$_SERVER["REMOTE_ADDR"]."', 'authentication failure')"); diff --git a/html/includes/print-menubar.php b/html/includes/print-menubar.php index cf1e866f4..912f92f41 100644 --- a/html/includes/print-menubar.php +++ b/html/includes/print-menubar.php @@ -36,13 +36,6 @@ } ?>
  • Inventory
  • -= '10') { - echo(" - -
  • Authlog
  • "); -} -?> @@ -204,7 +197,9 @@ echo("


  • Add User
  • Remove User
  • -
  • Edit User
  • "); +
  • Edit User
  • +

  • +
  • Authlog
  • "); } ?> diff --git a/html/pages/front/default.php b/html/pages/front/default.php index bce44fdb2..f3471ebae 100644 --- a/html/pages/front/default.php +++ b/html/pages/front/default.php @@ -22,7 +22,11 @@ function generate_front_box ($type, $content) { echo("
    "); +if($_SESSION['userlevel'] == '10') { $sql = mysql_query("SELECT * FROM `devices` WHERE `status` = '0' AND `ignore` = '0'"); +} else { +$sql = mysql_query("SELECT * FROM `devices` AS D, devices_perms AS P WHERE D.device_id = P.device_id AND P.user_id = '" . $_SESSION['user_id'] . "' AND D.status = '0' AND D.ignore = '0'"); +} while($device = mysql_fetch_array($sql)){ generate_front_box("alert", "
    ".generatedevicelink($device, shorthost($device['hostname']))."
    @@ -33,9 +37,12 @@ while($device = mysql_fetch_array($sql)){ } +if($_SESSION['userlevel'] == '10') { $sql = mysql_query("SELECT * FROM `interfaces` AS I, `devices` AS D WHERE I.device_id = D.device_id AND ifOperStatus = 'down' AND ifAdminStatus = 'up' AND D.ignore = '0' AND I.ignore = '0'"); +} else { +$sql = mysql_query("SELECT * FROM `interfaces` AS I, `devices` AS D, devices_perms AS P WHERE D.device_id = P.device_id AND P.user_id = '" . $_SESSION['user_id'] . "' AND I.device_id = D.device_id AND ifOperStatus = 'down' AND ifAdminStatus = 'up' AND D.ignore = '0' AND I.ignore = '0'"); +} while($interface = mysql_fetch_array($sql)){ - generate_front_box("warn", "
    ".generatedevicelink($interface, shorthost($interface['hostname']))."
    Port Down
    @@ -45,10 +52,9 @@ while($interface = mysql_fetch_array($sql)){ } +/* FIXME service permissions? seem nonexisting now.. */ $sql = mysql_query("SELECT * FROM `services` AS S, `devices` AS D WHERE S.service_host = D.device_id AND service_status = 'down' AND D.ignore = '0' AND S.service_ignore = '0'"); while($service = mysql_fetch_array($sql)){ - - generate_front_box("alert", "
    ".generatedevicelink($service, shorthost($service['hostname']))."
    Service Down ".$service['service_type']."
    @@ -57,7 +63,11 @@ while($service = mysql_fetch_array($sql)){ } -$sql = mysql_query("SELECT * FROM `devices` AS D, bgpPeers AS B WHERE bgpPeerState != 'established' AND B.device_id = D.device_id"); +if($_SESSION['userlevel'] == '10') { +$sql = mysql_query("SELECT * FROM `devices` AS D, bgpPeers AS B WHERE bgpPeerState != 'established' AND B.device_id = D.device_id AND D.ignore = 0"); +} else { +$sql = mysql_query("SELECT * FROM `devices` AS D, bgpPeers AS B, devices_perms AS P WHERE D.device_id = P.device_id AND P.user_id = '" . $_SESSION['user_id'] . "' AND bgpPeerState != 'established' AND B.device_id = D.device_id AND D.ignore = 0"); +} while($peer = mysql_fetch_array($sql)){ generate_front_box("alert", "
    ".generatedevicelink($peer, shorthost($peer['hostname']))."
    @@ -68,7 +78,11 @@ while($peer = mysql_fetch_array($sql)){ } -$sql = mysql_query("SELECT * FROM `devices` WHERE status = '1' AND `uptime` < '84600'"); +if($_SESSION['userlevel'] == '10') { +$sql = mysql_query("SELECT * FROM `devices` AS D WHERE D.status = '1' AND D.uptime < '84600' AND D.ignore = 0"); +} else { +$sql = mysql_query("SELECT * FROM `devices` AS D, devices_perms AS P WHERE D.device_id = P.device_id AND P.user_id = '" . $_SESSION['user_id'] . "' AND D.status = '1' AND D.uptime < '84600' AND D.ignore = 0"); +} while($device = mysql_fetch_array($sql)){ generate_front_box("info", "
    ".generatedevicelink($device, shorthost($device['hostname']))."
    Device
    Rebooted

    diff --git a/includes/discovery/bgp-peers.php b/includes/discovery/bgp-peers.php index c8daa67b4..d959f4565 100755 --- a/includes/discovery/bgp-peers.php +++ b/includes/discovery/bgp-peers.php @@ -1,6 +1,6 @@