13293-Fix ACL in Discovery view
This commit is contained in:
Pablo Aragon
parent
3ce9156e12
commit
1695886014
|
|
@ -160,6 +160,16 @@ class ManageExtensions extends HTML
|
|||
public function run()
|
||||
{
|
||||
global $config;
|
||||
|
||||
if (! check_acl($config['id_user'], 0, 'AR')) {
|
||||
db_pandora_audit(
|
||||
AUDIT_LOG_ACL_VIOLATION,
|
||||
'Trying to access Manage disco packages'
|
||||
);
|
||||
include 'general/noaccess.php';
|
||||
return;
|
||||
}
|
||||
|
||||
// Load styles.
|
||||
parent::run();
|
||||
|
||||
|
|
@ -278,6 +288,7 @@ class ManageExtensions extends HTML
|
|||
$this->printHeader(true)
|
||||
);
|
||||
|
||||
if ((bool) check_acl($config['id_user'], 0, 'AW') === true) {
|
||||
$table = new stdClass();
|
||||
$table->width = '100%';
|
||||
$table->class = 'databox filters';
|
||||
|
|
@ -324,6 +335,7 @@ class ManageExtensions extends HTML
|
|||
|
||||
echo '</div>';
|
||||
echo '</form>';
|
||||
}
|
||||
|
||||
echo '<script type="text/javascript">
|
||||
var page = "'.$this->ajaxController.'";
|
||||
|
|
@ -366,7 +378,7 @@ class ManageExtensions extends HTML
|
|||
ui_print_datatable(
|
||||
[
|
||||
'id' => 'list_extensions',
|
||||
'class' => 'info_table',
|
||||
'class' => 'info_table discovery-list-extensions',
|
||||
'style' => 'width: 99%',
|
||||
'dom_elements' => 'plfti',
|
||||
'filter_main_class' => 'box-flat white_table_graph fixed_filter_bar',
|
||||
|
|
@ -723,7 +735,10 @@ class ManageExtensions extends HTML
|
|||
$data[$key]['short_name'] = $row['short_name'];
|
||||
$data[$key]['description'] = io_safe_output($row['description']);
|
||||
$data[$key]['version'] = $row['version'];
|
||||
$data[$key]['actions'] = '<form name="grupo" method="post" class="rowPair table_action_buttons" action="'.$this->url.'&action=delete">';
|
||||
|
||||
$data[$key]['actions'] = '';
|
||||
if ((bool) check_acl($config['id_user'], 0, 'AW') === true) {
|
||||
$data[$key]['actions'] .= '<form name="grupo" method="post" class="rowPair table_action_buttons" action="'.$this->url.'&action=delete">';
|
||||
$data[$key]['actions'] .= html_print_input_image(
|
||||
'button_delete',
|
||||
'images/delete.svg',
|
||||
|
|
@ -738,8 +753,10 @@ class ManageExtensions extends HTML
|
|||
);
|
||||
$data[$key]['actions'] .= html_print_input_hidden('short_name', $row['short_name'], true);
|
||||
$data[$key]['actions'] .= '</form>';
|
||||
}
|
||||
|
||||
if ($this->checkFolderConsole($row['short_name']) === true) {
|
||||
if ((bool) check_acl($config['id_user'], 0, 'AW') === true) {
|
||||
$data[$key]['actions'] .= '<form name="grupo" method="post" class="rowPair table_action_buttons" action="'.$this->url.'&action=sync_server">';
|
||||
$data[$key]['actions'] .= html_print_input_image(
|
||||
'button_refresh',
|
||||
|
|
@ -756,6 +773,7 @@ class ManageExtensions extends HTML
|
|||
$data[$key]['actions'] .= html_print_input_hidden('sync_action', 'refresh', true);
|
||||
$data[$key]['actions'] .= html_print_input_hidden('short_name', $row['short_name'], true);
|
||||
$data[$key]['actions'] .= '</form>';
|
||||
}
|
||||
} else {
|
||||
$data[$key]['actions'] .= html_print_image(
|
||||
'images/error_red.png',
|
||||
|
|
|
|||
|
|
@ -14315,3 +14315,7 @@ div.fixed-bottom-box.tree-view-bottom-modal {
|
|||
.bg-image-none {
|
||||
background-image: none !important;
|
||||
}
|
||||
|
||||
.discovery-list-extensions tbody tr td {
|
||||
height: 30px;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue