minor fixes and event ACL - groups
This commit is contained in:
fbsanchez
parent
ebfdce1073
commit
132076198d
|
|
@ -418,9 +418,11 @@ if (is_array($config['extensions'])) {
|
|||
$sub['godmode/extensions']['type'] = 'direct';
|
||||
$sub['godmode/extensions']['subtype'] = 'nolink';
|
||||
|
||||
$submenu = array_merge($menu_godmode['gextensions']['sub'], $sub);
|
||||
if ($menu_godmode['gextensions']['sub'] != null) {
|
||||
$menu_godmode['gextensions']['sub'] = $submenu;
|
||||
if (is_array($menu_godmode['gextensions']['sub'])) {
|
||||
$submenu = array_merge($menu_godmode['gextensions']['sub'], $sub);
|
||||
if ($menu_godmode['gextensions']['sub'] != null) {
|
||||
$menu_godmode['gextensions']['sub'] = $submenu;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -454,10 +454,10 @@ function events_get_all(
|
|||
}
|
||||
}
|
||||
|
||||
if (isset($filter['id_group']) && $filter['id_group'] > 0) {
|
||||
if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) {
|
||||
$sql_filters[] = sprintf(
|
||||
' AND id_group = %d ',
|
||||
$filter['id_group']
|
||||
$filter['id_group_filter']
|
||||
);
|
||||
}
|
||||
|
||||
|
|
@ -487,6 +487,15 @@ function events_get_all(
|
|||
}
|
||||
}
|
||||
|
||||
if (!users_is_admin()) {
|
||||
// Get groups where user have ER grants.
|
||||
$ER_groups = users_get_groups($config['id_user'], 'ER', false);
|
||||
$sql_filters[] = sprintf(
|
||||
' AND id_grupo IN ( %s )',
|
||||
join(', ', array_keys($ER_groups))
|
||||
);
|
||||
}
|
||||
|
||||
$table = events_get_events_table(is_metaconsole(), $history);
|
||||
$tevento = sprintf(
|
||||
'(SELECT *
|
||||
|
|
@ -627,6 +636,26 @@ function events_get_all(
|
|||
$order_by,
|
||||
$pagination
|
||||
);
|
||||
|
||||
if (!users_is_admin()) {
|
||||
$EM_groups = users_get_groups($config['id_user'], 'EM', false, true);
|
||||
$EW_groups = users_get_groups($config['id_user'], 'EW', false, true);
|
||||
|
||||
hd($EM_groups);
|
||||
|
||||
// Apply ACL layer.
|
||||
$sql = sprintf(
|
||||
'SELECT
|
||||
tbase.*,
|
||||
(tbase.id_grupo IN (%s)) as user_can_manage,
|
||||
(tbase.id_grupo IN (%s)) as user_can_write
|
||||
FROM
|
||||
('.$sql.') tbase',
|
||||
join(', ', array_keys($EM_groups)),
|
||||
join(', ', array_keys($EW_groups))
|
||||
);
|
||||
}
|
||||
|
||||
if ($count) {
|
||||
$sql = 'SELECT count(*) as nitems FROM ('.$sql.') tt';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1097,6 +1097,12 @@ function tags_get_user_tags($id_user=false, $access='AR', $return_tag_any=false)
|
|||
if (empty($user_tags_id)) {
|
||||
$user_tags_id = $t;
|
||||
} else {
|
||||
if (empty($t)) {
|
||||
// Empty is 'all of them'.
|
||||
// TODO: Review this...
|
||||
$t = [];
|
||||
}
|
||||
|
||||
$user_tags_id = array_unique(array_merge($t, $user_tags_id));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -249,13 +249,13 @@ function groups_combine_acl($acl_group_a, $acl_group_b)
|
|||
/**
|
||||
* Get all the groups a user has reading privileges.
|
||||
*
|
||||
* @param string User id
|
||||
* @param string The privilege to evaluate, and it is false then no check ACL.
|
||||
* @param boolean $returnAllGroup Flag the return group, by default true.
|
||||
* @param boolean $returnAllColumns Flag to return all columns of groups.
|
||||
* @param array $id_groups The list of group to scan to bottom child. By default null.
|
||||
* @param string $keys_field The field of the group used in the array keys. By default ID
|
||||
* @param boolean $cache Set it to false to not use cache
|
||||
* @param string $id_user User id
|
||||
* @param string $privilege The privilege to evaluate, and it is false then no check ACL.
|
||||
* @param boolean $returnAllGroup Flag the return group, by default true.
|
||||
* @param boolean $returnAllColumns Flag to return all columns of groups.
|
||||
* @param array $id_groups The list of group to scan to bottom child. By default null.
|
||||
* @param string $keys_field The field of the group used in the array keys. By default ID
|
||||
* @param boolean $cache Set it to false to not use cache
|
||||
*
|
||||
* @return array A list of the groups the user has certain privileges.
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -692,7 +692,7 @@ function update_event(table, id_evento, type, row) {
|
|||
id_evento: id_evento,
|
||||
filter: values
|
||||
},
|
||||
success: function(data) {
|
||||
success: function() {
|
||||
var t2 = new Date();
|
||||
var diff_g = t2.getTime() - t1.getTime();
|
||||
var diff_s = diff_g / 1000;
|
||||
|
|
|
|||
|
|
@ -1468,42 +1468,44 @@ function process_datatables_item(item) {
|
|||
item.options += ')" ><?php echo html_print_image('images/eye.png', true, ['title' => __('Show more')]); ?></a>';
|
||||
|
||||
<?php
|
||||
// XXX Here is not a global grant, use specific grants:
|
||||
// Update query to include user_can_manage and user_can_write flags.
|
||||
if (check_acl($config['id_user'], 0, 'EW') == 1 && !$readonly) {
|
||||
if (!$readonly) {
|
||||
?>
|
||||
|
||||
if (item.estado != '1') {
|
||||
// Validate.
|
||||
item.options += '<a href="javascript:" onclick="validate_event(dt_<?php echo $table_id; ?>,';
|
||||
if (item.max_id_evento) {
|
||||
item.options += item.max_id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate events')]); ?></a>';
|
||||
} else {
|
||||
item.options += item.id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate event')]); ?></a>';
|
||||
if (item.user_can_write == '1') {
|
||||
if (item.estado != '1') {
|
||||
// Validate.
|
||||
item.options += '<a href="javascript:" onclick="validate_event(dt_<?php echo $table_id; ?>,';
|
||||
if (item.max_id_evento) {
|
||||
item.options += item.max_id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate events')]); ?></a>';
|
||||
} else {
|
||||
item.options += item.id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate event')]); ?></a>';
|
||||
}
|
||||
}
|
||||
|
||||
if (item.estado != '2') {
|
||||
// In process.
|
||||
item.options += '<a href="javascript:" onclick="in_process_event(dt_<?php echo $table_id; ?>,';
|
||||
if (item.max_id_evento) {
|
||||
item.options += item.max_id_evento+', this)" >';
|
||||
} else {
|
||||
item.options += item.id_evento+', this)" >';
|
||||
}
|
||||
item.options += '<?php echo html_print_image('images/hourglass.png', true, ['title' => __('Change to in progress status')]); ?></a>';
|
||||
}
|
||||
}
|
||||
|
||||
if (item.estado != '2') {
|
||||
// In process.
|
||||
item.options += '<a href="javascript:" onclick="in_process_event(dt_<?php echo $table_id; ?>,';
|
||||
if (item.user_can_manage == '1') {
|
||||
// Delete.
|
||||
item.options += '<a href="javascript:" onclick="delete_event(dt_<?php echo $table_id; ?>,';
|
||||
if (item.max_id_evento) {
|
||||
item.options += item.max_id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete events')]); ?></a>';
|
||||
} else {
|
||||
item.options += item.id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete event')]); ?></a>';
|
||||
}
|
||||
item.options += '<?php echo html_print_image('images/hourglass.png', true, ['title' => __('Change to in progress status')]); ?></a>';
|
||||
}
|
||||
|
||||
// Delete.
|
||||
item.options += '<a href="javascript:" onclick="delete_event(dt_<?php echo $table_id; ?>,';
|
||||
if (item.max_id_evento) {
|
||||
item.options += item.max_id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete events')]); ?></a>';
|
||||
} else {
|
||||
item.options += item.id_evento+', this)" >';
|
||||
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete event')]); ?></a>';
|
||||
}
|
||||
|
||||
// Multi select.
|
||||
|
|
|
|||
Loading…
Reference in New Issue