tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-13853-error-en-el-public-link-al-estar-logueado-con-usuario-sin-permisos-dashboards' into 'develop'

Browse Source 
Ent 13853 error en el public link al estar logueado con usuario sin permisos dashboards

See merge request artica/pandorafms!7438
This commit is contained in:
Diego Muñoz-Reja 2024-06-04 13:39:02 +00:00
commit 0756f6dc09
8 changed files with 10 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/godmode/reporting/visual_console_builder.php
View File

@ -940,7 +940,7 @@ $buttons['consoles_list'] = [
$buttons['public_link'] = [
'active' => false,
'text' => '<a href="'.ui_get_full_url(
'operation/visual_console/public_console.php?hash='.$hash.'&refr='.$refr.'&id_layout='.$idVisualConsole.'&id_user='.$config['id_user'],
'operation/visual_console/public_console.php?hash='.$hash.'&refr='.$refr.'&id_layout='.$idVisualConsole.'&creator_user='.$config['id_user'],
false,
false,
false

7
pandora_console/include/lib/Dashboard/Manager.php
View File

@ -356,7 +356,7 @@ class Manager implements PublicLogin
{
global $config;
$str = $config['dbpass'];
$str = $config['server_unique_identifier'];
$str .= $config['id_user'];
$str .= $other_secret;
return hash('sha256', $str);
@ -399,11 +399,6 @@ class Manager implements PublicLogin
):bool {
global $config;
if (isset($config['id_user']) === true) {
// Already logged in.
return true;
}
$userFromParams = false;
// Try to get id_user from parameters if it is missing.
if (isset($config['id_user']) === false) {

2
pandora_console/include/lib/User.php
View File

@ -229,7 +229,7 @@ class User extends Entity implements PublicLogin
{
global $config;
$str = $config['dbpass'];
$str = $config['server_unique_identifier'];
$str .= ($config['id_user'] ?? get_parameter('id_user'));
$str .= $other_secret;
return hash('sha256', $str);

2
pandora_console/operation/dashboard/public_dashboard.php
View File

@ -44,7 +44,7 @@ if ($dashboardId !== null) {
return;
}
$config['id_user'] = get_parameter('creator_user');
require_once 'dashboard.php';
// Clean session to avoid direct access.

2
pandora_console/operation/gis_maps/public_console.php
View File

@ -38,7 +38,7 @@ $config['remote_addr'] = $_SERVER['REMOTE_ADDR'];
$hash = get_parameter('hash');
$idMap = (int) get_parameter('map_id');
$config['id_user'] = get_parameter('id_user');
$config['id_user'] = get_parameter('creator_user');
$myhash = md5($config['dbpass'].$idMap.$config['id_user']);

2
pandora_console/operation/gis_maps/render_view.php
View File

@ -142,7 +142,7 @@ if ($config['pure'] == 0) {
if ($has_management_acl === true) {
$hash = md5($config['dbpass'].$idMap.$config['id_user']);
$buttons['public_link']['text'] = '<a href="'.ui_get_full_url(
'operation/gis_maps/public_console.php?hash='.$hash.'&map_id='.$idMap.'&id_user='.$config['id_user']
'operation/gis_maps/public_console.php?hash='.$hash.'&map_id='.$idMap.'&creator_user='.$config['id_user']
).'" target="_blank">'.html_print_image('images/item-icon.svg', true, ['title' => __('Show link to public GIS map'), 'class' => 'main_menu_icon invert_filter']).'</a>';
}

2
pandora_console/operation/visual_console/view.php
View File

@ -157,7 +157,7 @@ if ($aclWrite === true || $aclManage === true) {
$hash = User::generatePublicHash($visualConsoleId);
$options['public_link']['text'] = '<a href="'.ui_get_full_url(
'operation/visual_console/public_console.php?hash='.$hash.'&refr='.$refr.'&id_user='.$config['id_user'],
'operation/visual_console/public_console.php?hash='.$hash.'&refr='.$refr.'&creator_user='.$config['id_user'],
false,
false,
false

6
pandora_console/views/dashboard/header.php
View File

@ -135,9 +135,9 @@ $slides['text'] .= '</a>';
// Public Url.
$queryPublic = [
'hash' => $hash,
'id_user' => $config['id_user'],
'pure' => 1,
'hash' => $hash,
'creator_user' => $config['id_user'],
'pure' => 1,
];
$publicUrl = ui_get_full_url(
'operation/dashboard/public_dashboard.php?'.http_build_query($queryPublic)