mirror of
https://github.com/pandorafms/pandorafms.git
synced 2025-07-28 00:04:37 +02:00
Reformuled users_can_manage_group_all Tickets #3680
This commit is contained in:
fermin831
parent
1c53126a4c
commit
417b3faba5
@ -277,7 +277,7 @@ if ($strict_user) {
|
|||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$users = users_get_user_users($config['id_user'], "ER",
|
$users = users_get_user_users($config['id_user'], "ER",
|
||||||
users_can_manage_group_all(0));
|
users_can_manage_group_all());
|
||||||
}
|
}
|
||||||
|
|
||||||
$table->data[10][1] = html_print_select($users, "id_user_ack",
|
$table->data[10][1] = html_print_select($users, "id_user_ack",
|
||||||
|
|||||||
@ -69,7 +69,7 @@ $table->data['name'][1] = html_print_input_text('name', $reportName,
|
|||||||
$table->data['group'][0] = __('Group');
|
$table->data['group'][0] = __('Group');
|
||||||
|
|
||||||
$write_groups = users_get_groups_for_select(false, "RW",
|
$write_groups = users_get_groups_for_select(false, "RW",
|
||||||
users_can_manage_group_all(0, "RW"), true, false, 'id_grupo');
|
users_can_manage_group_all("RW"), true, false, 'id_grupo');
|
||||||
|
|
||||||
// If the report group is not among the RW groups (special permission) we add it
|
// If the report group is not among the RW groups (special permission) we add it
|
||||||
if (!isset($write_groups[$idGroupReport]) && $idGroupReport) {
|
if (!isset($write_groups[$idGroupReport]) && $idGroupReport) {
|
||||||
|
|||||||
@ -373,9 +373,7 @@ switch ($action) {
|
|||||||
$delete = true; //owner can delete
|
$delete = true; //owner can delete
|
||||||
} else {
|
} else {
|
||||||
$delete = check_acl($config['id_user'],
|
$delete = check_acl($config['id_user'],
|
||||||
$report['id_group'], "RM")
|
$report['id_group'], "RM");
|
||||||
&&
|
|
||||||
users_can_manage_group_all($report["id_group"], "RM");
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'group_edit':
|
case 'group_edit':
|
||||||
@ -383,9 +381,7 @@ switch ($action) {
|
|||||||
$delete = true; //owner can delete
|
$delete = true; //owner can delete
|
||||||
} else {
|
} else {
|
||||||
$delete = check_acl($config['id_user'],
|
$delete = check_acl($config['id_user'],
|
||||||
$report['id_group'], "RM")
|
$report['id_group'], "RM");
|
||||||
&&
|
|
||||||
users_can_manage_group_all($report["id_group"], "RM");
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'user_edit':
|
case 'user_edit':
|
||||||
@ -591,7 +587,7 @@ switch ($action) {
|
|||||||
|
|
||||||
$data = array ();
|
$data = array ();
|
||||||
|
|
||||||
if (check_acl ($config["id_user"], $report["id_group"], "RW") && users_can_manage_group_all($report["id_group"])) {
|
if (check_acl ($config["id_user"], $report["id_group"], "RW")) {
|
||||||
$data[0] = '<a href="' . $config['homeurl'] . 'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&id_report='.
|
$data[0] = '<a href="' . $config['homeurl'] . 'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&id_report='.
|
||||||
$report['id_report'].'&pure='.$pure.'">'.$report['name'].'</a>';
|
$report['id_report'].'&pure='.$pure.'">'.$report['name'].'</a>';
|
||||||
}
|
}
|
||||||
@ -652,9 +648,7 @@ switch ($action) {
|
|||||||
switch ($type_access_selected) {
|
switch ($type_access_selected) {
|
||||||
case 'group_view':
|
case 'group_view':
|
||||||
$edit = check_acl($config['id_user'],
|
$edit = check_acl($config['id_user'],
|
||||||
$report['id_group'], "RW")
|
$report['id_group'], "RW");
|
||||||
&&
|
|
||||||
users_can_manage_group_all($report["id_group"], "RW");
|
|
||||||
|
|
||||||
if ($config['id_user'] == $report['id_user'] || is_user_admin ($config["id_user"])) {
|
if ($config['id_user'] == $report['id_user'] || is_user_admin ($config["id_user"])) {
|
||||||
$delete = true; //owner can delete
|
$delete = true; //owner can delete
|
||||||
@ -664,17 +658,13 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
case 'group_edit':
|
case 'group_edit':
|
||||||
$edit = check_acl($config['id_user'],
|
$edit = check_acl($config['id_user'],
|
||||||
$report['id_group_edit'], "RW")
|
$report['id_group_edit'], "RW");
|
||||||
&&
|
|
||||||
users_can_manage_group_all($report["id_group_edit"], "RW");
|
|
||||||
|
|
||||||
if ($config['id_user'] == $report['id_user'] || is_user_admin ($config["id_user"])) {
|
if ($config['id_user'] == $report['id_user'] || is_user_admin ($config["id_user"])) {
|
||||||
$delete = true; //owner can delete
|
$delete = true; //owner can delete
|
||||||
} else {
|
} else {
|
||||||
$delete = check_acl($config['id_user'],
|
$delete = check_acl($config['id_user'],
|
||||||
$report['id_group'], "RM")
|
$report['id_group'], "RM");
|
||||||
&&
|
|
||||||
users_can_manage_group_all($report["id_group"], "RM");
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'user_edit':
|
case 'user_edit':
|
||||||
|
|||||||
@ -821,13 +821,9 @@ function users_check_users() {
|
|||||||
// Check if a user can manage a group when group is all
|
// Check if a user can manage a group when group is all
|
||||||
// This function dont check acls of the group, only if the
|
// This function dont check acls of the group, only if the
|
||||||
// user is admin or pandora manager and the group is all
|
// user is admin or pandora manager and the group is all
|
||||||
function users_can_manage_group_all($id_group = 0, $access = "PM") {
|
function users_can_manage_group_all($access = "PM") {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if ($id_group != 0) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
|
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
|
||||||
|
|
||||||
if (check_acl ($config['id_user'], 0, $access) || $is_admin) {
|
if (check_acl ($config['id_user'], 0, $access) || $is_admin) {
|
||||||
|
|||||||
@ -427,7 +427,7 @@ $data[0] = __('User ack.') . $jump;
|
|||||||
if ($strict_user) {
|
if ($strict_user) {
|
||||||
$user_users = array($config['id_user']=>$config['id_user']);
|
$user_users = array($config['id_user']=>$config['id_user']);
|
||||||
} else {
|
} else {
|
||||||
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all(0));
|
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
|
||||||
}
|
}
|
||||||
|
|
||||||
$data[0] .= html_print_select($user_users, "id_user_ack", $id_user_ack, '',
|
$data[0] .= html_print_select($user_users, "id_user_ack", $id_user_ack, '',
|
||||||
@ -467,7 +467,7 @@ $table_advanced->rowclass[] = '';
|
|||||||
$data = array();
|
$data = array();
|
||||||
$data[0] = __('Date from') . $jump;
|
$data[0] = __('Date from') . $jump;
|
||||||
|
|
||||||
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all(0));
|
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
|
||||||
|
|
||||||
$data[0] .= html_print_input_text ('date_from', $date_from, '', 15, 10, true);
|
$data[0] .= html_print_input_text ('date_from', $date_from, '', 15, 10, true);
|
||||||
|
|
||||||
@ -494,13 +494,13 @@ if (defined('METACONSOLE'))
|
|||||||
'</fieldset>';
|
'</fieldset>';
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$data[0] = '<fieldset class="databox" style="padding:0px; width: 30%; ">' .
|
$data[0] = '<fieldset class="databox" style="padding:0px; width: 510px; ">' .
|
||||||
'<legend>' .
|
'<legend>' .
|
||||||
__('Events with following tags') .
|
__('Events with following tags') .
|
||||||
'</legend>' .
|
'</legend>' .
|
||||||
html_print_table($tabletags_with, true) .
|
html_print_table($tabletags_with, true) .
|
||||||
'</fieldset>';
|
'</fieldset>';
|
||||||
$data[1] = '<fieldset class="databox" style="padding:0px; width: 30%;">' .
|
$data[1] = '<fieldset class="databox" style="padding:0px; width: 310px;">' .
|
||||||
'<legend>' .
|
'<legend>' .
|
||||||
__('Events without following tags') .
|
__('Events without following tags') .
|
||||||
'</legend>' .
|
'</legend>' .
|
||||||
@ -560,7 +560,6 @@ $data[1] .= html_print_input_text ('event_view_hr', $event_view_hr, '', 5, 255,
|
|||||||
$data[2] = __("Repeated") . $jump;
|
$data[2] = __("Repeated") . $jump;
|
||||||
$repeated_sel[0] = __("All events");
|
$repeated_sel[0] = __("All events");
|
||||||
$repeated_sel[1] = __("Group events");
|
$repeated_sel[1] = __("Group events");
|
||||||
$repeated_sel[2] = __("Group agents");
|
|
||||||
$data[2] .= html_print_select ($repeated_sel, "group_rep", $group_rep, '', '', 0, true);
|
$data[2] .= html_print_select ($repeated_sel, "group_rep", $group_rep, '', '', 0, true);
|
||||||
$table->data[] = $data;
|
$table->data[] = $data;
|
||||||
$table->rowclass[] = '';
|
$table->rowclass[] = '';
|
||||||
@ -681,7 +680,7 @@ if ($group_rep == 0) {
|
|||||||
//Extract the events by filter (or not) from db
|
//Extract the events by filter (or not) from db
|
||||||
$result = db_get_all_rows_sql ($sql);
|
$result = db_get_all_rows_sql ($sql);
|
||||||
}
|
}
|
||||||
elseif ($group_rep == 1) {
|
else {
|
||||||
$result = events_get_events_grouped(
|
$result = events_get_events_grouped(
|
||||||
$sql_post,
|
$sql_post,
|
||||||
$offset,
|
$offset,
|
||||||
@ -689,14 +688,6 @@ elseif ($group_rep == 1) {
|
|||||||
$meta,
|
$meta,
|
||||||
$history);
|
$history);
|
||||||
}
|
}
|
||||||
elseif ($group_rep == 2) {
|
|
||||||
$result = events_get_events_grouped_by_agent(
|
|
||||||
$sql_post,
|
|
||||||
$offset,
|
|
||||||
$pagination,
|
|
||||||
$meta,
|
|
||||||
$history);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!empty($result)) {
|
if (!empty($result)) {
|
||||||
if ($group_rep == 0) {
|
if ($group_rep == 0) {
|
||||||
@ -704,7 +695,7 @@ if (!empty($result)) {
|
|||||||
FROM $event_table
|
FROM $event_table
|
||||||
WHERE 1=1 " . $sql_post;
|
WHERE 1=1 " . $sql_post;
|
||||||
}
|
}
|
||||||
elseif ($group_rep == 1) {
|
else {
|
||||||
switch ($config["dbtype"]) {
|
switch ($config["dbtype"]) {
|
||||||
case "mysql":
|
case "mysql":
|
||||||
case "postgresql":
|
case "postgresql":
|
||||||
@ -722,10 +713,6 @@ if (!empty($result)) {
|
|||||||
GROUP BY to_char(evento), id_agentmodule) t";
|
GROUP BY to_char(evento), id_agentmodule) t";
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
elseif ($group_rep == 2) {
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
$limit = (int) db_get_sql ($sql);
|
$limit = (int) db_get_sql ($sql);
|
||||||
|
|
||||||
@ -758,26 +745,20 @@ if (!empty($result)) {
|
|||||||
//Extract the events by filter (or not) from db
|
//Extract the events by filter (or not) from db
|
||||||
$results_graph = db_get_all_rows_sql ($sql);
|
$results_graph = db_get_all_rows_sql ($sql);
|
||||||
}
|
}
|
||||||
elseif ($group_rep == 1) {
|
else {
|
||||||
$results_graph = events_get_events_grouped($sql_post,
|
$results_graph = events_get_events_grouped($sql_post,
|
||||||
0,
|
0,
|
||||||
$limit,
|
$limit,
|
||||||
$meta,
|
$meta,
|
||||||
$history);
|
$history);
|
||||||
}
|
}
|
||||||
elseif ($group_rep == 2) {
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
if (($group_rep == 1) OR ($group_rep == 0)) {
|
|
||||||
$graph = '<div style="width: 350px; margin: 0 auto;">' .
|
$graph = '<div style="width: 350px; margin: 0 auto;">' .
|
||||||
grafico_eventos_agente(350, 185,
|
grafico_eventos_agente(350, 185,
|
||||||
$results_graph, $meta, $history, $tags_acls_condition,$limit) .
|
$results_graph, $meta, $history, $tags_acls_condition,$limit) .
|
||||||
'</div>';
|
'</div>';
|
||||||
html_print_div(array('id' => 'events_graph',
|
html_print_div(array('id' => 'events_graph',
|
||||||
'hidden' => true, 'content' => $graph));
|
'hidden' => true, 'content' => $graph));
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -808,7 +789,7 @@ if ($group_rep == 0) {
|
|||||||
FROM $event_table
|
FROM $event_table
|
||||||
WHERE 1=1 $sql_post";
|
WHERE 1=1 $sql_post";
|
||||||
}
|
}
|
||||||
elseif ($group_rep == 1) {
|
else {
|
||||||
switch ($config["dbtype"]) {
|
switch ($config["dbtype"]) {
|
||||||
case "mysql":
|
case "mysql":
|
||||||
case "postgresql":
|
case "postgresql":
|
||||||
@ -827,13 +808,9 @@ elseif ($group_rep == 1) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
elseif ($group_rep == 2) {
|
|
||||||
$sql = "SELECT COUNT(*) FROM (select id_agente as total from $event_table WHERE id_agente > 0
|
|
||||||
$sql_post GROUP BY id_agente ORDER BY id_agente ) AS t";
|
|
||||||
}
|
|
||||||
|
|
||||||
$total_events = (int) db_get_sql ($sql);
|
$total_events = (int) db_get_sql ($sql);
|
||||||
|
|
||||||
if (empty ($result)) {
|
if (empty ($result)) {
|
||||||
$result = array ();
|
$result = array ();
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user