tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-6176-10390-Problema-de-permisos-en-los-dashboard' into 'develop' 

added acl checks on dashboard update

See merge request artica/pandorafms!3461
This commit is contained in:
Daniel Rodriguez 2020-09-17 16:33:15 +02:00
parent 48fff2ff4f 05a0a3a366
commit 02d364b66c
2 changed files with 44 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pandora_console/include/lib/Dashboard/Manager.php
View File

@ -219,7 +219,7 @@ class Manager
$this->stringGroups = \io_safe_output( $this->stringGroups = \io_safe_output(
implode( implode(
', ', ', ',
array_keys($this->groups) array_values($this->groups)
) )
); );
@ -907,6 +907,11 @@ class Manager
{ {
global $config; global $config;
if (check_acl($config['id_user'], 0, 'RW') === 0) {
include 'general/noaccess.php';
return;
}
$name = \get_parameter('name', ''); $name = \get_parameter('name', '');
$private = \get_parameter_switch('private'); $private = \get_parameter_switch('private');
$id_group = \get_parameter('id_group'); $id_group = \get_parameter('id_group');

56
pandora_console/views/dashboard/header.php
View File

@ -194,25 +194,45 @@ if ($config['public_dashboard'] === true) {
// 'slides' => $slides, // 'slides' => $slides,
]; ];
} else if ($config['pure']) { } else if ($config['pure']) {
$buttons = [ if (check_acl($config['id_user'], 0, 'RW') === 0) {
'back_to_dashboard_list' => $back_to_dashboard_list, $buttons = [
'save_layout' => $save_layout_dashboard, 'back_to_dashboard_list' => $back_to_dashboard_list,
'normalscreen' => $normalscreen, 'normalscreen' => $normalscreen,
'combo_refresh_one_dashboard' => $comboRefresh, 'combo_refresh_one_dashboard' => $comboRefresh,
'slides' => $slides, 'slides' => $slides,
'options' => $options, ];
]; } else {
$buttons = [
'back_to_dashboard_list' => $back_to_dashboard_list,
'save_layout' => $save_layout_dashboard,
'normalscreen' => $normalscreen,
'combo_refresh_one_dashboard' => $comboRefresh,
'slides' => $slides,
'options' => $options,
];
}
} else { } else {
$buttons = [ if (check_acl($config['id_user'], 0, 'RW') === 0) {
'enable_disable' => $enable_disable, $buttons = [
'back_to_dashboard_list' => $back_to_dashboard_list, 'back_to_dashboard_list' => $back_to_dashboard_list,
'fullscreen' => $fullscreen, 'fullscreen' => $fullscreen,
'slides' => $slides, 'slides' => $slides,
'public_link' => $publiclink, 'public_link' => $publiclink,
'combo_dashboard' => $combo_dashboard, 'combo_dashboard' => $combo_dashboard,
'options' => $options, 'newWidget' => $newWidget,
'newWidget' => $newWidget, ];
]; } else {
$buttons = [
'enable_disable' => $enable_disable,
'back_to_dashboard_list' => $back_to_dashboard_list,
'fullscreen' => $fullscreen,
'slides' => $slides,
'public_link' => $publiclink,
'combo_dashboard' => $combo_dashboard,
'options' => $options,
'newWidget' => $newWidget,
];
}
} }
ui_print_page_header( ui_print_page_header(