Changed ACL's permission in Networkmaps

visualization: RR (Report Read) Edition: RW (Report Write) Deletion: RW (only yours networkmaps), RM(any of its group, although he did not create it.)
2025-07-28 08:14:38 +02:00 · 2015-01-15 15:43:08 +01:00 · 2015-01-15 15:43:08 +01:00 · 34c5ece58e
commit 34c5ece58e
parent c6b15f440f
3 changed files with 60 additions and 20 deletions
--- a/pandora_console/include/functions_networkmap.php
+++ b/pandora_console/include/functions_networkmap.php
@ -1557,6 +1557,27 @@ function networkmap_delete_networkmap ($id_networkmap) {
 	return @db_process_sql_delete ('tnetwork_map', array ('id_networkmap' => $id_networkmap));
 }
 /**
 * Deletes a network map if the property is that user.
 * 
 * @param string User id that call this funtion. 
 * @param int Map id to be deleted.
 *
 * @return bool True if the map was deleted, false the map is not yours.
 */
 function networkmap_delete_user_networkmap ($id_user = '', $id_networkmap) {
 	if ($id_user == '') {
 		$id_user = $config['id_user'];
 	}
 	$id_networkmap = safe_int ($id_networkmap);
 	if (empty ($id_networkmap))
 		return false;
 	$networkmap = networkmap_get_networkmap ($id_networkmap);
 	if ($networkmap === false)
 		return false;
 	return @db_process_sql_delete ('tnetwork_map', array ('id_networkmap' => $id_networkmap, 'id_user' => $id_user));
 }
 /**
 * Updates a network map.
 *
--- a/pandora_console/operation/agentes/networkmap.php
+++ b/pandora_console/operation/agentes/networkmap.php
@ -229,7 +229,7 @@ $combolist .= '</form>';
 $buttons['combolist'] = $combolist;
-if (check_acl ($config['id_user'], 0, "AW")) {
+if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 	$buttons['addmap'] = array('active' => $activeTab == false,
 	'text' => '<a href="index.php?sec=network&amp;sec2=operation/agentes/networkmap&amp;add_networkmap=1&amp;tab='.$activeTab.'&amp;pure='.$pure.'">' . 
 		html_print_image("images/add_mc.png", true, array ("title" => __('Add map'))) .'</a>');
--- a/pandora_console/operation/agentes/networkmap_list.php
+++ b/pandora_console/operation/agentes/networkmap_list.php
@ -38,23 +38,36 @@ if (is_ajax()) {
 	$delete_networkmaps = (bool) get_parameter('delete_networkmaps');
 	if ($delete_networkmaps) {
-		if (! check_acl ($config['id_user'], 0, "AW")) {
+		if ( check_acl ($config['id_user'], 0, "RW") ||  check_acl ($config['id_user'], 0, "RM") ) {
-			db_pandora_audit("ACL Violation",
+			if (check_acl ($config['id_user'], 0, "RW")) {
 				$result = false;
 				$results = array();
 				$ids_networkmap = (array) get_parameter ('ids_networkmap');
 				foreach ($ids_networkmap as $id) {
 					$results[$id] = (bool) networkmap_delete_user_networkmap($config['id_user'], $id);
 				}
 				echo json_encode($results);
 				return;
 			}else{
 				if (check_acl ($config['id_user'], 0, "RM")) {
 					$result = false;
 					$results = array();
 					$ids_networkmap = (array) get_parameter ('ids_networkmap');
 					foreach ($ids_networkmap as $id) {
 						$results[$id] = (bool) networkmap_delete_networkmap($id);
 					}
 					echo json_encode($results);
 					return;
 				}
 		}
 		}else{
 		db_pandora_audit("ACL Violation",
 				"Trying to access Networkmap deletion");
 			echo json_encode(-1);
 			return;
 		}
 		$result = false;
 		$results = array();
 		$ids_networkmap = (array) get_parameter ('ids_networkmap');
 		foreach ($ids_networkmap as $id) {
 			$results[$id] = (bool) networkmap_delete_networkmap($id);
 		}
 		echo json_encode($results);
 		return;
 	}
 	return;
@ -67,7 +80,13 @@ $id_networkmap = get_parameter ('id_networkmap', 0);
 $delete_networkmap = get_parameter ('delete_networkmap', 0);
 if ($delete_networkmap) {
-	$result = networkmap_delete_networkmap($id_networkmap);
+	if (check_acl ($config['id_user'], 0, "RW")) {
 		$result = networkmap_delete_user_networkmap($id_networkmap);
 	}else{
 		if (check_acl ($config['id_user'], 0, "RM")) {
 			$result = networkmap_delete_networkmap($id_networkmap);
 		}
 	}
 	$message = ui_print_result_message ($result,
 		__('Network map deleted successfully'),
 		__('Could not delete network map'), '', true);
@ -132,7 +151,7 @@ $table->size[0] = '80%';
 $table->size[1] = '60px';
 $table->size[2] = '30px';
-if (check_acl ($config["id_user"], 0, "AW")) {
+if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 	$table->size[3] = '30px';
 	$table->size[4] = '30px';
 }
@ -141,7 +160,7 @@ $table->head = array();
 $table->head[0] = __('Name');
 $table->head[1] = __('Type');
 $table->head[2] = __('Group');
-if (check_acl ($config["id_user"], 0, "AW")) {
+if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 	$table->head[3] = __('Edit');
 	$table->head[4] = __('Delete');
 	// Checkbox to select all the another checkboxes
@ -187,7 +206,7 @@ else {
 		$data[1] = $network_map['type'];
 		$data[2] = ui_print_group_icon ($network_map['id_group'], true);
-		if (check_acl ($config["id_user"], 0, "AW")) {
+		if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 			$data[3] = '<a href="index.php?sec=network&sec2=operation/agentes/networkmap&tab=edit&edit_networkmap=1&id_networkmap=' . $network_map['id_networkmap'] . '" alt="' . __('Config') . '">' . html_print_image("images/config.png", true) . '</a>';
 			$data[4] = '<a href="index.php?sec=network&sec2=operation/agentes/networkmap_list&delete_networkmap=1&id_networkmap=' . $network_map['id_networkmap'] . '" alt="' . __('Delete') . '" onclick="javascript: if (!confirm(\'' . __('Are you sure?') . '\')) return false;">' . html_print_image('images/cross.png', true) . '</a>';
 			// The value of the checkbox will be the networkmap id to recover it in js to perform the massive deletion
@ -201,7 +220,7 @@ else {
 }
 // Create networkmap form
-if (check_acl ($config['id_user'], 0, "AW")) {
+if (check_acl ($config['id_user'], 0, "RW") || check_acl ($config['id_user'], 0, "RM")) {
 	$table_manage = new StdClass();
 	$table_manage->width = "100%";
 	$table_manage->style = array();