From 2cc1f04ced1e2c0eb2c1eff97fab830b10d8646a Mon Sep 17 00:00:00 2001 From: fermin831 Date: Tue, 20 Mar 2018 16:51:41 +0100 Subject: [PATCH] [Secondary groups] Modified configure user to manage secondary groups --- .../godmode/users/configure_user.php | 127 ++----------- pandora_console/include/functions_profile.php | 176 ++++++++++++++++-- 2 files changed, 181 insertions(+), 122 deletions(-) diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index 37291e2ce3..b2cb189449 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -24,6 +24,7 @@ include_once($config['homedir'] . "/include/functions_profile.php"); include_once($config['homedir'] . '/include/functions_users.php'); include_once ($config['homedir'] . '/include/functions_groups.php'); include_once ($config['homedir'] . '/include/functions_visual_map.php'); +enterprise_include_once('include/functions_profile.php'); $meta = false; if(enterprise_installed() && defined("METACONSOLE")) { @@ -444,6 +445,7 @@ if ($add_profile) { $group2 = (int) get_parameter ('assign_group'); $profile2 = (int) get_parameter ('assign_profile'); $tags = (array) get_parameter ('assign_tags'); + $is_secondary = (bool)get_parameter ('is_secondary', 0); foreach ($tags as $k => $tag) { if(empty($tag)) { @@ -451,15 +453,22 @@ if ($add_profile) { } } - $tags = implode(',', $tags); + $tags = $is_secondary ? '' : implode(',', $tags); db_pandora_audit("User management", "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags); - $return = profile_create_user_profile($id2, $profile2, $group2, false, $tags); - - ui_print_result_message ($return, - __('Profile added successfully'), - __('Profile cannot be added')); + if (profile_check_group_mode($id2, $group2, $is_secondary)) { + $return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $is_secondary); + ui_print_result_message ($return, + __('Profile added successfully'), + __('Profile cannot be added')); + } else { + if ($is_secondary) { + ui_print_error_message ("A group assigned like primary cannot be assigned like secondary."); + } else { + ui_print_error_message ("A group assigned like secondary cannot be assigned like primary."); + } + } } if ($delete_profile) { @@ -714,110 +723,8 @@ echo '
'; /* Don't show anything else if we're creating an user */ if (!empty ($id) && !$new_user) { - if (!defined("METACONSOLE")) - echo '

'. __('Profiles/Groups assigned to this user') . '

'; - - $table = new stdClass(); - $table->width = '100%'; - $table->class = 'databox data'; - if (defined("METACONSOLE")) { - $table->head_colspan[0] = 0; - $table->width = '100%'; - $table->class = 'databox_tactical data'; - $table->title = __('Profiles/Groups assigned to this user'); - } - $table->data = array (); - $table->head = array (); - $table->align = array (); - $table->style = array (); - if (!defined("METACONSOLE")) { - $table->style[0] = 'font-weight: bold'; - $table->style[1] = 'font-weight: bold'; - } - $table->head[0] = __('Profile name'); - $table->head[1] = __('Group'); - $table->head[2] = __('Tags'); - $table->head[3] = __('Action'); - $table->align[3] = 'center'; - - /* - if ($enterprise_include) { - add_enterprise_column_user_profile_form($table); - } - */ - - $result = db_get_all_rows_field_filter ("tusuario_perfil", "id_usuario", $id); - - if ($result === false) { - $result = array (); - } - - foreach ($result as $profile) { - if($profile["id_grupo"] == -1) { - continue; - } - - $data = array (); - - $data[0] = ''.profile_get_name ($profile['id_perfil']).''; - $data[1] = ui_print_group_icon($profile["id_grupo"], true); - if (!defined('METACONSOLE')) - $data[1] .= ''; - - $data[1] .= ' ' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT); - if (!defined('METACONSOLE')) - $data[1] .= ''; - - if(empty($profile["tags"])) { - $data[2] = ''; - } - else { - $tags_ids = explode(',',$profile["tags"]); - $tags = tags_get_tags($tags_ids); - - $data[2] = tags_get_tags_formatted($tags); - } - - $data[3] = '
'; - $data[3] .= html_print_input_hidden ('delete_profile', 1, true); - $data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true); - $data[3] .= html_print_input_hidden ('id_user', $id, true); - $data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true); - $data[3] .= '
'; - - array_push ($table->data, $data); - } - - $data = array (); - - $data[0] = '
'; - if (check_acl ($config['id_user'], 0, "PM")) { - $data[0] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '', - __('None'), 0, true, false, false); - } - else { - $data[0] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1', - 'db_management' => '<> 1')), 'assign_profile', 0, '', __('None'), 0, - true, false, false); - } - - $data[1] = html_print_select_groups($config['id_user'], "UM", - $own_info['is_admin'], 'assign_group', -1, '', __('None'), -1, true, - false, false); - - $tags = tags_get_all_tags(); - - $data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true); - - $data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true); - $data[3] .= html_print_input_hidden ('id', $id, true); - $data[3] .= html_print_input_hidden ('add_profile', 1, true); - $data[3] .= '
'; - - array_push ($table->data, $data); - - html_print_table ($table); - unset ($table); + profile_print_profile_table($id, __('Profiles/Groups assigned to this user')); + enterprise_hook('profile_print_profile_secondary_table', array($id)); } diff --git a/pandora_console/include/functions_profile.php b/pandora_console/include/functions_profile.php index 3de2fb28ad..7fc71843de 100644 --- a/pandora_console/include/functions_profile.php +++ b/pandora_console/include/functions_profile.php @@ -68,24 +68,36 @@ function profile_get_profiles ($filter = false) { * @param int Group ID (default 1 => All) * @param string Assign User who assign the profile to user. * @param string tags where the view of the user in this group will be restricted + * @param bool Profile is secondary or not * * @return mixed Number id if succesful, false if not */ function profile_create_user_profile ($id_user, - $id_profile = 1, $id_group = 0, $assignUser = false, $tags = '') { - + $id_profile = 1, + $id_group = 0, + $assignUser = false, + $tags = '', + $is_secondary = false +) { + global $config; - + if (empty ($id_profile) || $id_group < 0) return false; - + + // Secondary server is an enterprise function + if (!enterprise_installed() && $is_secondary) return false; + // Checks if the user exists $result_user = users_get_user_by_id($id_user); - + if (!$result_user) { return false; } - + + // Cannot mix secondary and primary profiles + if (!profile_check_group_mode($id_user, $id_group, $is_secondary)) return false; + if (isset ($config["id_user"])) { //Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora) $assign = $config["id_user"]; @@ -93,18 +105,18 @@ function profile_create_user_profile ($id_user, else { $assign = $id_user; } - - if ($assignUser !== false) - $assign = $assignUser; - + + if ($assignUser !== false) $assign = $assignUser; + $insert = array ( "id_usuario" => $id_user, "id_perfil" => $id_profile, "id_grupo" => $id_group, "tags" => $tags, - "assigned_by" => $assign + "assigned_by" => $assign, + "is_secondary" => $is_secondary ? 1 : 0 ); - + return db_process_sql_insert ("tusuario_perfil", $insert); } @@ -135,4 +147,144 @@ function profile_delete_profile ($id_profile) { return (bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile)); } +/** + * Check if a group can be added being secondary or normal + * + * @param int User ID you want to check + * @param int Group ID you want to check + * @param bool Mode of profile will be inserted + * + * @return bool False if there is a group with the mode already added + */ +function profile_check_group_mode($user_id, $group_id, $is_secondary) { + $inserted_type = (int)db_get_value_sql(sprintf( + 'SELECT COUNT(*) FROM tusuario_perfil WHERE + id_grupo=%d AND is_secondary=%d AND id_usuario="%s"', + $group_id, !$is_secondary ? 1 : 0, $user_id) + ); + return $inserted_type === 0; +} + +/** + * Print the table to display, create and delete profiles + * + * @param int User id + * @param string Title of the table view + * @param bool Show the tags select or not + */ +function profile_print_profile_table ($id, $title, $is_secondary = false) { + + $is_secondary = enterprise_installed() ? $is_secondary : false; + + $table = new stdClass(); + $table->width = '100%'; + $table->class = 'databox data'; + if (defined("METACONSOLE")) { + $table->head_colspan[0] = 0; + $table->width = '100%'; + $table->class = 'databox_tactical data'; + $table->title = $title; + } else { + echo '

'. $title . '

'; + } + $table->data = array (); + $table->head = array (); + $table->align = array (); + $table->style = array (); + if (!defined("METACONSOLE")) { + $table->style[0] = 'font-weight: bold'; + $table->style[1] = 'font-weight: bold'; + } + $table->head[0] = __('Profile name'); + $table->head[1] = __('Group'); + if (!$is_secondary) { + $table->head[2] = __('Tags'); + } + $table->head[3] = __('Action'); + $table->align[3] = 'center'; + + $result = db_get_all_rows_filter ("tusuario_perfil", array ( + "id_usuario" => $id, + "is_secondary" => $is_secondary ? 1 : 0 + )); + + if ($result === false) { + $result = array (); + } + + foreach ($result as $profile) { + if($profile["id_grupo"] == -1) { + continue; + } + + $data = array (); + + $data[0] = ''.profile_get_name ($profile['id_perfil']).''; + $data[1] = ui_print_group_icon($profile["id_grupo"], true); + + if (!defined('METACONSOLE')) { + $data[1] .= ''; + } + + $data[1] .= ' ' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT); + if (!defined('METACONSOLE')) + $data[1] .= ''; + + if (!$is_secondary) { + if(empty($profile["tags"])) { + $data[2] = ''; + } + else { + $tags_ids = explode(',',$profile["tags"]); + $tags = tags_get_tags($tags_ids); + $data[2] = tags_get_tags_formatted($tags); + } + } + + $data[3] = '
'; + $data[3] .= html_print_input_hidden ('delete_profile', 1, true); + $data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true); + $data[3] .= html_print_input_hidden ('id_user', $id, true); + $data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true); + $data[3] .= '
'; + + array_push ($table->data, $data); + } + + $data = array (); + + $data[0] = '
'; + if (check_acl ($config['id_user'], 0, "PM")) { + $data[0] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '', + __('None'), 0, true, false, false); + } + else { + $data[0] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1', + 'db_management' => '<> 1')), 'assign_profile', 0, '', __('None'), 0, + true, false, false); + } + + $data[1] = html_print_select_groups($config['id_user'], "UM", + $own_info['is_admin'], 'assign_group', -1, '', __('None'), -1, true, + false, false); + + if (!$is_secondary) { + $tags = tags_get_all_tags(); + $data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true); + } + + $data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true); + $data[3] .= html_print_input_hidden ('id', $id, true); + $data[3] .= html_print_input_hidden ('add_profile', 1, true); + if ($is_secondary) { + $data[3] .= html_print_input_hidden('is_secondary', 1, true); + } + $data[3] .= '
'; + + array_push ($table->data, $data); + + html_print_table ($table); + unset ($table); +} + ?>