minor fixes and event ACL - groups
This commit is contained in:
fbsanchez
parent
ebfdce1073
commit
132076198d
|
|
@ -418,9 +418,11 @@ if (is_array($config['extensions'])) {
|
||||||
$sub['godmode/extensions']['type'] = 'direct';
|
$sub['godmode/extensions']['type'] = 'direct';
|
||||||
$sub['godmode/extensions']['subtype'] = 'nolink';
|
$sub['godmode/extensions']['subtype'] = 'nolink';
|
||||||
|
|
||||||
$submenu = array_merge($menu_godmode['gextensions']['sub'], $sub);
|
if (is_array($menu_godmode['gextensions']['sub'])) {
|
||||||
if ($menu_godmode['gextensions']['sub'] != null) {
|
$submenu = array_merge($menu_godmode['gextensions']['sub'], $sub);
|
||||||
$menu_godmode['gextensions']['sub'] = $submenu;
|
if ($menu_godmode['gextensions']['sub'] != null) {
|
||||||
|
$menu_godmode['gextensions']['sub'] = $submenu;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -454,10 +454,10 @@ function events_get_all(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($filter['id_group']) && $filter['id_group'] > 0) {
|
if (isset($filter['id_group_filter']) && $filter['id_group_filter'] > 0) {
|
||||||
$sql_filters[] = sprintf(
|
$sql_filters[] = sprintf(
|
||||||
' AND id_group = %d ',
|
' AND id_group = %d ',
|
||||||
$filter['id_group']
|
$filter['id_group_filter']
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -487,6 +487,15 @@ function events_get_all(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!users_is_admin()) {
|
||||||
|
// Get groups where user have ER grants.
|
||||||
|
$ER_groups = users_get_groups($config['id_user'], 'ER', false);
|
||||||
|
$sql_filters[] = sprintf(
|
||||||
|
' AND id_grupo IN ( %s )',
|
||||||
|
join(', ', array_keys($ER_groups))
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
$table = events_get_events_table(is_metaconsole(), $history);
|
$table = events_get_events_table(is_metaconsole(), $history);
|
||||||
$tevento = sprintf(
|
$tevento = sprintf(
|
||||||
'(SELECT *
|
'(SELECT *
|
||||||
|
|
@ -627,6 +636,26 @@ function events_get_all(
|
||||||
$order_by,
|
$order_by,
|
||||||
$pagination
|
$pagination
|
||||||
);
|
);
|
||||||
|
|
||||||
|
if (!users_is_admin()) {
|
||||||
|
$EM_groups = users_get_groups($config['id_user'], 'EM', false, true);
|
||||||
|
$EW_groups = users_get_groups($config['id_user'], 'EW', false, true);
|
||||||
|
|
||||||
|
hd($EM_groups);
|
||||||
|
|
||||||
|
// Apply ACL layer.
|
||||||
|
$sql = sprintf(
|
||||||
|
'SELECT
|
||||||
|
tbase.*,
|
||||||
|
(tbase.id_grupo IN (%s)) as user_can_manage,
|
||||||
|
(tbase.id_grupo IN (%s)) as user_can_write
|
||||||
|
FROM
|
||||||
|
('.$sql.') tbase',
|
||||||
|
join(', ', array_keys($EM_groups)),
|
||||||
|
join(', ', array_keys($EW_groups))
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
if ($count) {
|
if ($count) {
|
||||||
$sql = 'SELECT count(*) as nitems FROM ('.$sql.') tt';
|
$sql = 'SELECT count(*) as nitems FROM ('.$sql.') tt';
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1097,6 +1097,12 @@ function tags_get_user_tags($id_user=false, $access='AR', $return_tag_any=false)
|
||||||
if (empty($user_tags_id)) {
|
if (empty($user_tags_id)) {
|
||||||
$user_tags_id = $t;
|
$user_tags_id = $t;
|
||||||
} else {
|
} else {
|
||||||
|
if (empty($t)) {
|
||||||
|
// Empty is 'all of them'.
|
||||||
|
// TODO: Review this...
|
||||||
|
$t = [];
|
||||||
|
}
|
||||||
|
|
||||||
$user_tags_id = array_unique(array_merge($t, $user_tags_id));
|
$user_tags_id = array_unique(array_merge($t, $user_tags_id));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -249,13 +249,13 @@ function groups_combine_acl($acl_group_a, $acl_group_b)
|
||||||
/**
|
/**
|
||||||
* Get all the groups a user has reading privileges.
|
* Get all the groups a user has reading privileges.
|
||||||
*
|
*
|
||||||
* @param string User id
|
* @param string $id_user User id
|
||||||
* @param string The privilege to evaluate, and it is false then no check ACL.
|
* @param string $privilege The privilege to evaluate, and it is false then no check ACL.
|
||||||
* @param boolean $returnAllGroup Flag the return group, by default true.
|
* @param boolean $returnAllGroup Flag the return group, by default true.
|
||||||
* @param boolean $returnAllColumns Flag to return all columns of groups.
|
* @param boolean $returnAllColumns Flag to return all columns of groups.
|
||||||
* @param array $id_groups The list of group to scan to bottom child. By default null.
|
* @param array $id_groups The list of group to scan to bottom child. By default null.
|
||||||
* @param string $keys_field The field of the group used in the array keys. By default ID
|
* @param string $keys_field The field of the group used in the array keys. By default ID
|
||||||
* @param boolean $cache Set it to false to not use cache
|
* @param boolean $cache Set it to false to not use cache
|
||||||
*
|
*
|
||||||
* @return array A list of the groups the user has certain privileges.
|
* @return array A list of the groups the user has certain privileges.
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
|
|
@ -692,7 +692,7 @@ function update_event(table, id_evento, type, row) {
|
||||||
id_evento: id_evento,
|
id_evento: id_evento,
|
||||||
filter: values
|
filter: values
|
||||||
},
|
},
|
||||||
success: function(data) {
|
success: function() {
|
||||||
var t2 = new Date();
|
var t2 = new Date();
|
||||||
var diff_g = t2.getTime() - t1.getTime();
|
var diff_g = t2.getTime() - t1.getTime();
|
||||||
var diff_s = diff_g / 1000;
|
var diff_s = diff_g / 1000;
|
||||||
|
|
|
||||||
|
|
@ -1468,42 +1468,44 @@ function process_datatables_item(item) {
|
||||||
item.options += ')" ><?php echo html_print_image('images/eye.png', true, ['title' => __('Show more')]); ?></a>';
|
item.options += ')" ><?php echo html_print_image('images/eye.png', true, ['title' => __('Show more')]); ?></a>';
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
// XXX Here is not a global grant, use specific grants:
|
if (!$readonly) {
|
||||||
// Update query to include user_can_manage and user_can_write flags.
|
|
||||||
if (check_acl($config['id_user'], 0, 'EW') == 1 && !$readonly) {
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
if (item.estado != '1') {
|
if (item.user_can_write == '1') {
|
||||||
// Validate.
|
if (item.estado != '1') {
|
||||||
item.options += '<a href="javascript:" onclick="validate_event(dt_<?php echo $table_id; ?>,';
|
// Validate.
|
||||||
if (item.max_id_evento) {
|
item.options += '<a href="javascript:" onclick="validate_event(dt_<?php echo $table_id; ?>,';
|
||||||
item.options += item.max_id_evento+', this)" >';
|
if (item.max_id_evento) {
|
||||||
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate events')]); ?></a>';
|
item.options += item.max_id_evento+', this)" >';
|
||||||
} else {
|
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate events')]); ?></a>';
|
||||||
item.options += item.id_evento+', this)" >';
|
} else {
|
||||||
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate event')]); ?></a>';
|
item.options += item.id_evento+', this)" >';
|
||||||
|
item.options += '<?php echo html_print_image('images/tick.png', true, ['title' => __('Validate event')]); ?></a>';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (item.estado != '2') {
|
||||||
|
// In process.
|
||||||
|
item.options += '<a href="javascript:" onclick="in_process_event(dt_<?php echo $table_id; ?>,';
|
||||||
|
if (item.max_id_evento) {
|
||||||
|
item.options += item.max_id_evento+', this)" >';
|
||||||
|
} else {
|
||||||
|
item.options += item.id_evento+', this)" >';
|
||||||
|
}
|
||||||
|
item.options += '<?php echo html_print_image('images/hourglass.png', true, ['title' => __('Change to in progress status')]); ?></a>';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (item.estado != '2') {
|
if (item.user_can_manage == '1') {
|
||||||
// In process.
|
// Delete.
|
||||||
item.options += '<a href="javascript:" onclick="in_process_event(dt_<?php echo $table_id; ?>,';
|
item.options += '<a href="javascript:" onclick="delete_event(dt_<?php echo $table_id; ?>,';
|
||||||
if (item.max_id_evento) {
|
if (item.max_id_evento) {
|
||||||
item.options += item.max_id_evento+', this)" >';
|
item.options += item.max_id_evento+', this)" >';
|
||||||
|
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete events')]); ?></a>';
|
||||||
} else {
|
} else {
|
||||||
item.options += item.id_evento+', this)" >';
|
item.options += item.id_evento+', this)" >';
|
||||||
|
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete event')]); ?></a>';
|
||||||
}
|
}
|
||||||
item.options += '<?php echo html_print_image('images/hourglass.png', true, ['title' => __('Change to in progress status')]); ?></a>';
|
|
||||||
}
|
|
||||||
|
|
||||||
// Delete.
|
|
||||||
item.options += '<a href="javascript:" onclick="delete_event(dt_<?php echo $table_id; ?>,';
|
|
||||||
if (item.max_id_evento) {
|
|
||||||
item.options += item.max_id_evento+', this)" >';
|
|
||||||
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete events')]); ?></a>';
|
|
||||||
} else {
|
|
||||||
item.options += item.id_evento+', this)" >';
|
|
||||||
item.options += '<?php echo html_print_image('images/cross.png', true, ['title' => __('Delete event')]); ?></a>';
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Multi select.
|
// Multi select.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue