1<?php
2/*
3 +-------------------------------------------------------------------------+
4 | Copyright (C) 2004-2021 The Cacti Group                                 |
5 |                                                                         |
6 | This program is free software; you can redistribute it and/or           |
7 | modify it under the terms of the GNU General Public License             |
8 | as published by the Free Software Foundation; either version 2          |
9 | of the License, or (at your option) any later version.                  |
10 |                                                                         |
11 | This program is distributed in the hope that it will be useful,         |
12 | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
14 | GNU General Public License for more details.                            |
15 +-------------------------------------------------------------------------+
16 | Cacti: The Complete RRDtool-based Graphing Solution                     |
17 +-------------------------------------------------------------------------+
18 | This code is designed, written, and maintained by the Cacti Group. See  |
19 | about.php and/or the AUTHORS file for specific developer information.   |
20 +-------------------------------------------------------------------------+
21 | http://www.cacti.net/                                                   |
22 +-------------------------------------------------------------------------+
23*/
24
25include('./include/auth.php');
26include_once('./lib/poller.php');
27include_once('./lib/utility.php');
28
29$at_actions = array(
30	1 => __('Delete')
31);
32
33/* set default action */
34set_default_action();
35
36switch (get_request_var('action')) {
37	case 'save':
38		form_save();
39
40		break;
41	case 'ajax_dnd':
42		automation_template_dnd();
43
44		break;
45	case 'actions':
46		form_actions();
47
48		break;
49    case 'movedown':
50        automation_movedown();
51
52        header('Location: automation_templates.php?header=false');
53		break;
54    case 'moveup':
55        automation_moveup();
56
57        header('Location: automation_templates.php?header=false');
58		break;
59    case 'remove':
60        automation_remove();
61
62        header('Location: automation_templates.php?header=false');
63		break;
64	case 'edit':
65		top_header();
66		template_edit();
67		bottom_footer();
68		break;
69	default:
70		top_header();
71		template();
72		bottom_footer();
73		break;
74}
75
76function automation_template_dnd() {
77	/* ================= Input validation ================= */
78	get_filter_request_var('id');
79	/* ================= Input validation ================= */
80
81	if (isset_request_var('template_ids') && is_array(get_nfilter_request_var('template_ids'))) {
82		$aids     = get_nfilter_request_var('template_ids');
83		$sequence = 1;
84
85		foreach($aids as $id) {
86			$id = str_replace('line', '', $id);
87			input_validate_input_number($id);
88
89			db_execute_prepared('UPDATE automation_templates
90				SET sequence = ?
91				WHERE id = ?',
92				array($sequence, $id));
93
94			$sequence++;
95		}
96	}
97
98	header('Location: automation_templates.php?header=false');
99	exit;
100}
101
102function automation_movedown() {
103	move_item_down('automation_templates', get_filter_request_var('id'));
104}
105
106function automation_moveup() {
107	move_item_up('automation_templates', get_filter_request_var('id'));
108}
109
110function automation_remove() {
111	db_execute_prepared('DELETE FROM automation_templates WHERE id = ?', array(get_filter_request_var('id')));
112}
113
114
115function form_actions() {
116	global $at_actions;
117
118	/* ================= input validation ================= */
119	get_filter_request_var('drp_action', FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => '/^([a-zA-Z0-9_]+)$/')));
120	/* ==================================================== */
121
122	/* if we are to save this form, instead of display it */
123	if (isset_request_var('selected_items')) {
124		$selected_items = sanitize_unserialize_selected_items(get_nfilter_request_var('selected_items'));
125
126		if ($selected_items != false) {
127			if (get_nfilter_request_var('drp_action') == '1') { /* delete */
128				db_execute('DELETE FROM automation_templates WHERE ' . array_to_sql_or($selected_items, 'id'));
129			}
130		}
131
132		header('Location: automation_templates.php?header=false');
133		exit;
134	}
135
136	/* setup some variables */
137	$at_list = ''; $i = 0;
138
139	foreach ($_POST as $var => $val) {
140		if (preg_match('/^chk_([0-9]+)$/', $var, $matches)) {
141			/* ================= input validation ================= */
142			input_validate_input_number($matches[1]);
143			/* ==================================================== */
144
145			$at_list .= '<li>' . html_escape(db_fetch_cell_prepared('SELECT ht.name FROM automation_templates AS at INNER JOIN host_template AS ht ON ht.id=at.host_template WHERE at.id = ?', array($matches[1]))) . '</li>';
146			$at_array[$i] = $matches[1];
147
148			$i++;
149		}
150	}
151
152	top_header();
153
154	form_start('automation_templates.php');
155
156	html_start_box($at_actions[get_nfilter_request_var('drp_action')], '60%', '', '3', 'center', '');
157
158	if (isset($at_array) && cacti_sizeof($at_array)) {
159		if (get_nfilter_request_var('drp_action') == '1') { /* delete */
160			print "<tr>
161				<td class='textArea' class='odd'>
162					<p>" . __('Click \'Continue\' to delete the folling Automation Template(s).') . "</p>
163					<div class='itemlist'><ul>$at_list</ul></div>
164				</td>
165			</tr>\n";
166
167			$save_html = "<input type='button' class='ui-button ui-corner-all ui-widget' value='" . __esc('Cancel') . "' onClick='cactiReturnTo()'>&nbsp;<input type='submit' class='ui-button ui-corner-all ui-widget' value='" . __esc('Continue') . "' title='" . __esc('Delete Automation Template(s)') . "'>";
168		}
169	} else {
170		raise_message(40);
171		header('Location: automation_templates.php?header=false');
172		exit;
173	}
174
175	print "<tr>
176		<td class='saveRow'>
177			<input type='hidden' name='action' value='actions'>
178			<input type='hidden' name='selected_items' value='" . (isset($at_array) ? serialize($at_array) : '') . "'>
179			<input type='hidden' name='drp_action' value='" . html_escape(get_nfilter_request_var('drp_action')) . "'>
180			$save_html
181		</td>
182	</tr>\n";
183
184	html_end_box();
185
186	form_end();
187
188	bottom_footer();
189}
190
191function form_save() {
192	if (isset_request_var('save_component_template')) {
193		$redirect_back = false;
194
195		$save['id'] = get_nfilter_request_var('id');
196		$save['host_template'] = form_input_validate(get_nfilter_request_var('host_template'), 'host_template', '', false, 3);
197		$save['availability_method']  = form_input_validate(get_nfilter_request_var('availability_method'), 'availability_method', '', false, 3);
198		$save['sysDescr']      = get_nfilter_request_var('sysDescr');
199		$save['sysName']       = get_nfilter_request_var('sysName');
200		$save['sysOid']        = get_nfilter_request_var('sysOid');
201		if (function_exists('filter_var')) {
202			$save['sysDescr'] = filter_var($save['sysDescr'], FILTER_SANITIZE_STRING);
203		} else {
204			$save['sysDescr'] = strip_tags($save['sysDescr']);
205		}
206
207		if (!is_error_message()) {
208			$template_id = sql_save($save, 'automation_templates');
209
210			if ($template_id) {
211				raise_message(1);
212			} else {
213				raise_message(2);
214			}
215		}
216
217		if (is_error_message() || isempty_request_var('id')) {
218			header('Location: automation_templates.php?header=false&id=' . (empty($template_id) ? get_nfilter_request_var('id') : $template_id));
219		} else {
220			header('Location: automation_templates.php?header=false');
221		}
222	}
223}
224
225function automation_get_child_branches($tree_id, $id, $spaces, $headers) {
226	$items = db_fetch_assoc_prepared('SELECT id, title
227		FROM graph_tree_items
228		WHERE graph_tree_id = ?
229		AND host_id=0
230		AND local_graph_id=0
231		AND parent = ?
232		ORDER BY position', array($tree_id, $id));
233
234	$spaces .= '--';
235
236	if (cacti_sizeof($items)) {
237	foreach($items as $i) {
238		$headers['tr_' . $tree_id . '_bi_' . $i['id']] = $spaces . ' ' . $i['title'];
239		$headers = automation_get_child_branches($tree_id, $i['id'], $spaces, $headers);
240	}
241	}
242
243	return $headers;
244}
245
246function automation_get_tree_headers() {
247	$headers = array();
248	$trees   = db_fetch_assoc('SELECT id, name FROM graph_tree ORDER BY name');
249	foreach ($trees as $tree) {
250		$headers['tr_' . $tree['id'] . '_br_0'] = $tree['name'];
251		$spaces = '';
252		$headers = automation_get_child_branches($tree['id'], 0, $spaces, $headers);
253	}
254
255	return $headers;
256}
257
258function template_edit() {
259	global $availability_options;
260
261	$host_template_names = db_fetch_assoc('SELECT id, name FROM host_template');
262
263	$template_names = array();
264
265	if (cacti_sizeof($host_template_names)) {
266		foreach ($host_template_names as $ht) {
267			$template_names[$ht['id']] = $ht['name'];
268		}
269	}
270
271	$fields_automation_template_edit = array(
272		'host_template' => array(
273			'method' => 'drop_array',
274			'friendly_name' => __('Device Template'),
275			'description' => __('Select a Device Template that Devices will be matched to.'),
276			'value' => '|arg1:host_template|',
277			'array' => $template_names,
278			),
279		'availability_method' => array(
280			'method' => 'drop_array',
281			'friendly_name' => __('Availability Method'),
282			'description' => __('Choose the Availability Method to use for Discovered Devices.'),
283			'value' => '|arg1:availability_method|',
284			'default' => read_config_option('availability_method'),
285			'array' => $availability_options,
286			),
287		'sysDescr' => array(
288			'method' => 'textbox',
289			'friendly_name' => __('System Description Match'),
290			'description' => __('This is a unique string that will be matched to a devices sysDescr string to pair it to this Automation Template.  Any Perl regular expression can be used in addition to any SQL Where expression.'),
291			'value' => '|arg1:sysDescr|',
292			'max_length' => '255',
293			),
294		'sysName' => array(
295			'method' => 'textbox',
296			'friendly_name' => __('System Name Match'),
297			'description' => __('This is a unique string that will be matched to a devices sysName string to pair it to this Automation Template.  Any Perl regular expression can be used in addition to any SQL Where expression.'),
298			'value' => '|arg1:sysName|',
299			'max_length' => '128',
300			),
301		'sysOid' => array(
302			'method' => 'textbox',
303			'friendly_name' => __('System OID Match'),
304			'description' => __('This is a unique string that will be matched to a devices sysOid string to pair it to this Automation Template.  Any Perl regular expression can be used in addition to any SQL Where expression.'),
305			'value' => '|arg1:sysOid|',
306			'max_length' => '128',
307			),
308		'id' => array(
309			'method' => 'hidden_zero',
310			'value' => '|arg1:id|'
311			),
312		'save_component_template' => array(
313			'method' => 'hidden',
314			'value' => '1'
315			)
316		);
317
318	/* ================= input validation ================= */
319	get_filter_request_var('id');
320	/* ==================================================== */
321
322	if (!isempty_request_var('id')) {
323		$host_template = db_fetch_row_prepared('SELECT *
324			FROM automation_templates
325			WHERE id = ?',
326			array(get_request_var('id')));
327
328		if (isset($template_names[$host_template['host_template']])) {
329			$header_label = __esc('Automation Templates [edit: %s]', $template_names[$host_template['host_template']]);
330		} else {
331			$header_label = __('Automation Templates for [Deleted Template]');
332		}
333	} else {
334		$header_label = __('Automation Templates [new]');
335		set_request_var('id', 0);
336	}
337
338	form_start('automation_templates.php', 'form_network');
339
340	html_start_box($header_label, '100%', true, '3', 'center', '');
341
342	draw_edit_form(
343		array(
344			'config' => array('no_form_tag' => 'true'),
345			'fields' => inject_form_variables($fields_automation_template_edit, (isset($host_template) ? $host_template : array()))
346		)
347	);
348
349	html_end_box(true, true);
350
351	form_save_button('automation_templates.php');
352}
353
354function template() {
355	global $at_actions, $item_rows, $availability_options;
356
357	/* ================= input validation and session storage ================= */
358	$filters = array(
359		'rows' => array(
360			'filter' => FILTER_VALIDATE_INT,
361			'pageset' => true,
362			'default' => '-1'
363			),
364		'page' => array(
365			'filter' => FILTER_VALIDATE_INT,
366			'default' => '1'
367			),
368		'filter' => array(
369			'filter' => FILTER_DEFAULT,
370			'pageset' => true,
371			'default' => ''
372			)
373	);
374
375	validate_store_request_vars($filters, 'sess_autot');
376	/* ================= input validation ================= */
377
378	if (get_request_var('rows') == '-1') {
379		$rows = read_config_option('num_rows_table');
380	} else {
381		$rows = get_request_var('rows');
382	}
383
384	html_start_box(__('Device Automation Templates'), '100%', '', '3', 'center', 'automation_templates.php?action=edit');
385
386	?>
387	<tr class='even'>
388		<td>
389			<form id='form_at' action='automation_templates.php'>
390			<table class='filterTable'>
391				<tr>
392					<td>
393						<?php print __('Search');?>
394					</td>
395					<td>
396						<input type='text' class='ui-state-default ui-corner-all' id='filter' size='25' value='<?php print html_escape_request_var('filter');?>'>
397					</td>
398					<td>
399						<?php print __('Templates');?>
400					</td>
401					<td>
402						<select id='rows' onChange='applyFilter()'>
403							<option value='-1'<?php print (get_request_var('rows') == '-1' ? ' selected>':'>') . __('Default');?></option>
404							<?php
405							if (cacti_sizeof($item_rows) > 0) {
406								foreach ($item_rows as $key => $value) {
407									print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . html_escape($value) . "</option>\n";
408								}
409							}
410							?>
411						</select>
412					</td>
413					<td>
414						<span>
415							<input type='button' class='ui-button ui-corner-all ui-widget' id='refresh' value='<?php print __esc('Go');?>' title='<?php print __esc('Set/Refresh Filters');?>'>
416							<input type='button' class='ui-button ui-corner-all ui-widget' id='clear' value='<?php print __esc('Clear');?>' title='<?php print __esc('Clear Filters');?>'>
417						</span>
418					</td>
419				</tr>
420			</table>
421			</form>
422			<script type='text/javascript'>
423			function applyFilter() {
424				strURL = 'automation_templates.php' +
425					'?filter='     + $('#filter').val() +
426					'&rows='       + $('#rows').val() +
427					'&has_graphs=' + $('#has_graphs').is(':checked') +
428					'&header=false';
429				loadPageNoHeader(strURL);
430			}
431
432			function clearFilter() {
433				strURL = 'automation_templates.php?clear=1&header=false';
434				loadPageNoHeader(strURL);
435			}
436
437			$(function() {
438				$('#refresh').click(function() {
439					applyFilter();
440				});
441
442				$('#clear').click(function() {
443					clearFilter();
444				});
445
446				$('#form_at').submit(function(event) {
447					event.preventDefault();
448					applyFilter();
449				});
450			});
451			</script>
452		</td>
453	</tr>
454	<?php
455
456	html_end_box();
457
458	/* form the 'where' clause for our main sql query */
459	if (get_request_var('filter') != '') {
460		$sql_where = 'WHERE (name LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ' OR ' .
461			'sysName LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ' OR ' .
462			'sysDescr LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ' OR ' .
463			'sysOID LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ')';
464	} else {
465		$sql_where = '';
466	}
467
468	$total_rows = db_fetch_cell("SELECT COUNT(*)
469		FROM automation_templates AS at
470		LEFT JOIN host_template AS ht
471		ON ht.id=at.host_template
472		$sql_where");
473
474	$dts = db_fetch_assoc("SELECT at.*, ht.name
475		FROM automation_templates AS at
476		LEFT JOIN host_template AS ht
477		ON ht.id=at.host_template
478		$sql_where
479		ORDER BY sequence " .
480		' LIMIT ' . ($rows*(get_request_var('page')-1)) . ',' . $rows);
481
482	$nav = html_nav_bar('automation_templates.php', MAX_DISPLAY_PAGES, get_request_var('page'), $rows, $total_rows, 7, __('Templates'), 'page', 'main');
483
484	form_start('automation_templates.php', 'chk');
485
486	print $nav;
487
488	html_start_box('', '100%', '', '3', 'center', '');
489
490	$display_text = array(
491		array('display' => __('Template Name'), 'align' => 'left'),
492		array('display' => __('Availability Method'), 'align' => 'left'),
493		array('display' => __('System Description Match'), 'align' => 'left'),
494		array('display' => __('System Name Match'), 'align' => 'left'),
495		array('display' => __('System ObjectId Match'), 'align' => 'left')
496	);
497
498	if (read_config_option('drag_and_drop') == '') {
499		$display_text[] = array('display' => __('Order'), 'align' => 'center');
500	}
501
502	html_header_checkbox($display_text, false);
503
504	$i = 1;
505	$total_items = cacti_sizeof($dts);
506	if (cacti_sizeof($dts)) {
507		foreach ($dts as $dt) {
508			if ($dt['name'] == '') {
509				$name = __('Unknown Template');
510			} else {
511				$name = $dt['name'];
512			}
513
514			form_alternate_row('line' . $dt['id'], true);
515			form_selectable_cell(filter_value($name, get_request_var('filter'), 'automation_templates.php?action=edit&id=' . $dt['id']), $dt['id']);
516			form_selectable_cell($availability_options[$dt['availability_method']], $dt['id']);
517			form_selectable_cell(filter_value($dt['sysDescr'], get_request_var('filter')), $dt['id']);
518			form_selectable_cell(filter_value($dt['sysName'], get_request_var('filter')), $dt['id']);
519			form_selectable_cell(filter_value($dt['sysOid'], get_request_var('filter')), $dt['id']);
520
521			if (read_config_option('drag_and_drop') == '') {
522				$add_text = '';
523				if ($i < $total_items && $total_items > 1) {
524					$add_text .= '<a class="pic fa fa-caret-down moveArrow" href="' . html_escape('automation_templates.php?action=movedown&id=' . $dt['id']) . '" title="' . __esc('Move Down') . '"></a>';
525				} else {
526					$add_text .= '<span class="moveArrowNone"></span>';
527				}
528
529				if ($i > 1 && $i <= $total_items) {
530					$add_text .= '<a class="pic fa fa-caret-up moveArrow" href="' . html_escape('automation_templates.php?action=moveup&id=' . $dt['id']) . '" title="' . __esc('Move Up') . '"></a>';
531				} else {
532					$add_text .= '<span class="moveArrowNone"></span>';
533				}
534
535				form_selectable_cell($add_text, $dt['id'], '', 'center');
536			}
537
538			form_checkbox_cell($name, $dt['id']);
539			form_end_row();
540
541			$i++;
542		}
543	} else {
544		print "<tr class='tableRow'><td colspan='" . (cacti_sizeof($display_text)+1) . "'><em>" . __('No Automation Device Templates Found') . "</em></td></tr>\n";
545	}
546
547	html_end_box(false);
548
549	if (cacti_sizeof($dts)) {
550		print $nav;
551	}
552
553	/* draw the dropdown containing a list of available actions for this form */
554	draw_actions_dropdown($at_actions);
555
556	form_end();
557
558	?>
559	<script type='text/javascript'>
560	$(function() {
561        $('#automation_templates2_child').attr('id', 'template_ids');
562
563		$('img.action').click(function() {
564			strURL = $(this).attr('href');
565			loadPageNoHeader(strURL);
566		});
567
568		<?php if (read_config_option('drag_and_drop') == 'on') { ?>
569		$('#template_ids').find('tr:first').addClass('nodrag').addClass('nodrop');
570
571        $('#template_ids').tableDnD({
572            onDrop: function(table, row) {
573                loadPageNoHeader('automation_templates.php?action=ajax_dnd&'+$.tableDnD.serialize());
574            }
575        });
576		<?php } ?>
577
578	});
579	</script>
580	<?php
581}
582
583