Add ACL for item vc

Former-commit-id: 7356f08a79378ada1df07ead930fcc01b84ba79c

pandora_console/include/rest-api/index.php

@@ -14,6 +14,12 @@ $visualConsoleId = (int) get_parameter('visualConsoleId');
 $getVisualConsole = (bool) get_parameter('getVisualConsole');
 $getVisualConsoleItems = (bool) get_parameter('getVisualConsoleItems');
 
+// Check groups can access user.
+$aclUserGroups = [];
+if (!users_can_manage_group_all('AR')) {
+    $aclUserGroups = array_keys(users_get_groups(false, 'AR'));
+}
+
 ob_clean();
 
 if ($getVisualConsole === true) {
@@ -36,7 +42,7 @@ if ($getVisualConsole === true) {
 
     echo $visualConsole;
 } else if ($getVisualConsoleItems === true) {
-    echo '['.implode(VisualConsole::getItemsFromDB($visualConsoleId), ',').']';
+    echo '['.implode(VisualConsole::getItemsFromDB($visualConsoleId, $aclUserGroups), ',').']';
 }
 
 exit;

pandora_console/include/rest-api/models/VisualConsole/Container.php

@@ -314,18 +314,27 @@ final class Container extends Model
     /**
      * Obtain a list of items which belong to the Visual Console.
      *
-     * @param integer $layoutId Identifier of the Visual Console.
+     * @param integer $layoutId      Identifier of the Visual Console.
+     * @param array   $aclUserGroups Groups can access user.
      *
      * @return array A list of items.
      * @throws \Exception When the data cannot be retrieved from the DB.
      */
-    public static function getItemsFromDB(int $layoutId): array
-    {
+    public static function getItemsFromDB(
+        int $layoutId,
+        array $aclUserGroups=[]
+    ): array {
         $filter = ['id_layout' => $layoutId];
+        // If is empty array user view all groups.
+        if (count($aclUserGroups) > 0) {
+            $filter['element_group'] = $aclUserGroups;
+        }
+
         $fields = [
             'id',
             'type',
         ];
+
         $rows = \db_get_all_rows_filter('tlayout_data', $filter, $fields);
 
         if ($rows === false) {

pandora_console/operation/visual_console/public_view.php

@@ -107,8 +107,17 @@ echo '<div style="display: none;" id="qrcode_container" title="'.__('QR code of
 echo '<div id="qrcode_container_image"></div>';
 echo '</div>';
 
+// Check groups can access user.
+$aclUserGroups = [];
+if (!users_can_manage_group_all('AR')) {
+    $aclUserGroups = array_keys(users_get_groups(false, 'AR'));
+}
+
 // Load Visual Console Items.
-$visualConsoleItems = VisualConsole::getItemsFromDB($visualConsoleId);
+$visualConsoleItems = VisualConsole::getItemsFromDB(
+    $visualConsoleId,
+    $aclUserGroups
+);
 
 ui_require_javascript_file('pandora_visual_console');
 visual_map_load_client_resources();

pandora_console/operation/visual_console/view.php

@@ -193,8 +193,17 @@ if ($pure === true) {
     <?php
 }
 
+// Check groups can access user.
+$aclUserGroups = [];
+if (!users_can_manage_group_all('AR')) {
+    $aclUserGroups = array_keys(users_get_groups(false, 'AR'));
+}
+
 // Load Visual Console Items.
-$visualConsoleItems = VisualConsole::getItemsFromDB($visualConsoleId);
+$visualConsoleItems = VisualConsole::getItemsFromDB(
+    $visualConsoleId,
+    $aclUserGroups
+);
 
 ui_require_javascript_file('pandora_visual_console');
 visual_map_load_client_resources();