changes in dashboard permissions
This commit is contained in:
alejandro-campos
parent
a0931d7ada
commit
05c39db0cc
|
|
@ -215,13 +215,19 @@ class AlertsFiredWidget extends Widget
|
||||||
// Retrieve global - common inputs.
|
// Retrieve global - common inputs.
|
||||||
$inputs = parent::getFormInputs();
|
$inputs = parent::getFormInputs();
|
||||||
|
|
||||||
|
$return_all_group = false;
|
||||||
|
|
||||||
|
if (users_can_manage_group_all('RM') || $values['groupId'] == 0) {
|
||||||
|
$return_all_group = true;
|
||||||
|
}
|
||||||
|
|
||||||
// Groups.
|
// Groups.
|
||||||
$inputs[] = [
|
$inputs[] = [
|
||||||
'label' => __('Group'),
|
'label' => __('Group'),
|
||||||
'arguments' => [
|
'arguments' => [
|
||||||
'type' => 'select_groups',
|
'type' => 'select_groups',
|
||||||
'name' => 'groupId',
|
'name' => 'groupId',
|
||||||
'returnAllGroup' => true,
|
'returnAllGroup' => $return_all_group,
|
||||||
'privilege' => 'AR',
|
'privilege' => 'AR',
|
||||||
'selected' => $values['groupId'],
|
'selected' => $values['groupId'],
|
||||||
'return' => true,
|
'return' => true,
|
||||||
|
|
|
||||||
|
|
@ -229,7 +229,26 @@ class MapsMadeByUser extends Widget
|
||||||
// Retrieve global - common inputs.
|
// Retrieve global - common inputs.
|
||||||
$inputs = parent::getFormInputs();
|
$inputs = parent::getFormInputs();
|
||||||
|
|
||||||
$fields = \visual_map_get_user_layouts($config['id_user'], true);
|
$return_all_group = false;
|
||||||
|
|
||||||
|
if (users_can_manage_group_all('RM')) {
|
||||||
|
$return_all_group = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
$fields = \visual_map_get_user_layouts(
|
||||||
|
$config['id_user'],
|
||||||
|
true,
|
||||||
|
['can_manage_group_all' => $return_all_group],
|
||||||
|
$return_all_group
|
||||||
|
);
|
||||||
|
|
||||||
|
// If currently selected graph is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
|
||||||
|
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
|
||||||
|
if ($values['vcId'] !== null && !array_key_exists($values['vcId'], $fields)) {
|
||||||
|
$selected_vc = db_get_value('name', 'tlayout', 'id', $values['vcId']);
|
||||||
|
|
||||||
|
$fields[$values['vcId']] = $selected_vc;
|
||||||
|
}
|
||||||
|
|
||||||
// Visual console.
|
// Visual console.
|
||||||
$inputs[] = [
|
$inputs[] = [
|
||||||
|
|
@ -308,20 +327,6 @@ class MapsMadeByUser extends Widget
|
||||||
$groupId = $visualConsoleData['groupId'];
|
$groupId = $visualConsoleData['groupId'];
|
||||||
$visualConsoleName = $visualConsoleData['name'];
|
$visualConsoleName = $visualConsoleData['name'];
|
||||||
|
|
||||||
// ACL.
|
|
||||||
$aclRead = check_acl($config['id_user'], $groupId, 'VR');
|
|
||||||
$aclWrite = check_acl($config['id_user'], $groupId, 'VW');
|
|
||||||
$aclManage = check_acl($config['id_user'], $groupId, 'VM');
|
|
||||||
|
|
||||||
if ($aclRead === 0 && $aclWrite === 0 && $aclManage === 0) {
|
|
||||||
db_pandora_audit(
|
|
||||||
'ACL Violation',
|
|
||||||
'Trying to access visual console without group access'
|
|
||||||
);
|
|
||||||
include 'general/noaccess.php';
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
$uniq = uniqid();
|
$uniq = uniqid();
|
||||||
|
|
||||||
$output = '<div class="container-center">';
|
$output = '<div class="container-center">';
|
||||||
|
|
|
||||||
|
|
@ -254,6 +254,15 @@ class ServiceMapWidget extends Widget
|
||||||
$inputs = parent::getFormInputs();
|
$inputs = parent::getFormInputs();
|
||||||
|
|
||||||
$services_res = services_get_services();
|
$services_res = services_get_services();
|
||||||
|
|
||||||
|
// If currently selected report is not included in fields array (it belongs to a group over which user has no permissions), then add it to fields array.
|
||||||
|
// This is aimed to avoid overriding this value when a user with narrower permissions edits widget configuration.
|
||||||
|
if ($values['serviceId'] !== null && !in_array($values['serviceId'], array_column($services_res, 'id'))) {
|
||||||
|
$selected_service = db_get_row('tservice', 'id', $values['serviceId']);
|
||||||
|
|
||||||
|
$services_res[] = $selected_service;
|
||||||
|
}
|
||||||
|
|
||||||
$services = [0 => __('None')];
|
$services = [0 => __('None')];
|
||||||
if ($services_res !== false) {
|
if ($services_res !== false) {
|
||||||
$fields = array_reduce(
|
$fields = array_reduce(
|
||||||
|
|
|
||||||
|
|
@ -277,10 +277,21 @@ class TopNEventByGroupWidget extends Widget
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
|
$return_all_group = false;
|
||||||
|
|
||||||
// Groups.
|
// Groups.
|
||||||
$selected_groups = [];
|
$selected_groups = [];
|
||||||
if ($values['groupId']) {
|
if ($values['groupId']) {
|
||||||
$selected_groups = explode(',', $values['groupId'][0]);
|
$selected_groups = explode(',', $values['groupId'][0]);
|
||||||
|
|
||||||
|
if (users_can_manage_group_all('RM') || in_array(0, $selected_groups) === true) {
|
||||||
|
// Return all group if user has permissions or it is a currently selected group.
|
||||||
|
$return_all_group = true;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (users_can_manage_group_all('RM')) {
|
||||||
|
$return_all_group = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$inputs[] = [
|
$inputs[] = [
|
||||||
|
|
@ -293,6 +304,7 @@ class TopNEventByGroupWidget extends Widget
|
||||||
'selected' => $selected_groups,
|
'selected' => $selected_groups,
|
||||||
'return' => true,
|
'return' => true,
|
||||||
'multiple' => true,
|
'multiple' => true,
|
||||||
|
'returnAllGroup' => $return_all_group,
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -277,9 +277,20 @@ class TopNEventByModuleWidget extends Widget
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
|
$return_all_group = false;
|
||||||
|
|
||||||
$selected_groups = [];
|
$selected_groups = [];
|
||||||
if ($values['groupId']) {
|
if ($values['groupId']) {
|
||||||
$selected_groups = explode(',', $values['groupId'][0]);
|
$selected_groups = explode(',', $values['groupId'][0]);
|
||||||
|
|
||||||
|
if (users_can_manage_group_all('RM') || in_array(0, $selected_groups) === true) {
|
||||||
|
// Return all group if user has permissions or it is a currently selected group.
|
||||||
|
$return_all_group = true;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (users_can_manage_group_all('RM')) {
|
||||||
|
$return_all_group = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Groups.
|
// Groups.
|
||||||
|
|
@ -293,6 +304,7 @@ class TopNEventByModuleWidget extends Widget
|
||||||
'selected' => $selected_groups,
|
'selected' => $selected_groups,
|
||||||
'return' => true,
|
'return' => true,
|
||||||
'multiple' => true,
|
'multiple' => true,
|
||||||
|
'returnAllGroup' => $return_all_group,
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -344,6 +344,12 @@ class TreeViewWidget extends Widget
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
|
$return_all_group = false;
|
||||||
|
|
||||||
|
if (users_can_manage_group_all('RM')) {
|
||||||
|
$return_all_group = true;
|
||||||
|
}
|
||||||
|
|
||||||
// Groups.
|
// Groups.
|
||||||
$inputs[] = [
|
$inputs[] = [
|
||||||
'label' => __('Groups'),
|
'label' => __('Groups'),
|
||||||
|
|
@ -354,6 +360,7 @@ class TreeViewWidget extends Widget
|
||||||
'privilege' => 'AR',
|
'privilege' => 'AR',
|
||||||
'selected' => $values['groupId'],
|
'selected' => $values['groupId'],
|
||||||
'return' => true,
|
'return' => true,
|
||||||
|
'returnAllGroup' => $return_all_group,
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue