From 4928f5a6d8acb7b2020b78032971b08d95e3e825 Mon Sep 17 00:00:00 2001
From: juanmanuelr <noreply@pandorafms.org>
Date: Tue, 15 Feb 2011 17:49:13 +0000
Subject: [PATCH] 2011-02-15 Juan Manuel Ramon <juanmanuel.ramon@artica.es>

	* godmode/users/user_list.php: Only display administrator users if
	current user is administrator too.
	* godmode/users/configure_user.php: Only administrator can create
	administrator users. Only administrator users can assign group "All" to
	a profile.

	Fixes: #3180761



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3860 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                       | 10 ++++++++++
 .../godmode/users/configure_user.php            | 15 +++++++++------
 pandora_console/godmode/users/user_list.php     | 17 ++++++++++++++---
 3 files changed, 33 insertions(+), 9 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 13dc164695..12a357cf33 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,13 @@
+2011-02-15 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
+
+	* godmode/users/user_list.php: Only display administrator users if
+	current user is administrator too. 
+	* godmode/users/configure_user.php: Only administrator can create
+	administrator users. Only administrator users can assign group "All" to
+	a profile.  
+
+	Fixes: #3180761
+
 2011-02-15 Miguel de Dios  <miguel.dedios@artica.es>
 
 	* pandoradb.postgreSQL.sql, pandoradb.data.postgreSQL.sql: added column
diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php
index 00cf1e43a6..f0b9f1aef2 100644
--- a/pandora_console/godmode/users/configure_user.php
+++ b/pandora_console/godmode/users/configure_user.php
@@ -258,13 +258,16 @@ if ($config['user_can_update_password']) {
 		'', 15, 255, $view_mode, '', '', true, true);
 }
 
+$own_info = get_user_info ($config['id_user']);
 if ($config['admin_can_make_admin']) {
 	$table->data[6][0] = __('Global Profile');
-	$table->data[6][1] = print_radio_button ('is_admin', 1, '', $user_info['is_admin'], true);
-	$table->data[6][1] .= __('Administrator');
-	$table->data[6][1] .= print_help_tip (__("This user has permissions to manage all. This is admin user and overwrites all permissions given in profiles/groups"), true);
-	$table->data[6][1] .= '<br />';
-	
+	$table->data[6][1] = '';
+	if ($own_info['is_admin'] || $user_info['is_admin']){
+		$table->data[6][1] = print_radio_button ('is_admin', 1, '', $user_info['is_admin'], true);
+		$table->data[6][1] .= __('Administrator');
+		$table->data[6][1] .= print_help_tip (__("This user has permissions to manage all. This is admin user and overwrites all permissions given in profiles/groups"), true);
+		$table->data[6][1] .= '<br />';
+	}
 	$table->data[6][1] .= print_radio_button ('is_admin', 0, '', $user_info['is_admin'], true);
 	$table->data[6][1] .= __('Standard User');
 	$table->data[6][1] .= print_help_tip (__("This user has separated permissions to view data in his group agents, create incidents belong to his groups, add notes in another incidents, create personal assignments or reviews and other tasks, on different profiles"), true);
@@ -363,7 +366,7 @@ $data = array ();
 $data[0] = '<form method="post">';
 $data[0] .= print_select (get_profiles (), 'assign_profile', 0, '', __('None'),
 	0, true, false, false);
-$data[1] = print_select_groups($config['id_user'], "UM", true,
+$data[1] = print_select_groups($config['id_user'], "UM", $own_info['is_admin'],
 	'assign_group', -1, '', __('None'), -1, true, false, false);
 $data[2] = print_input_image ('add', 'images/add.png', 1, '', true);
 $data[2] .= print_input_hidden ('id', $id, true);
diff --git a/pandora_console/godmode/users/user_list.php b/pandora_console/godmode/users/user_list.php
index f42c5f0275..7bd84c1316 100644
--- a/pandora_console/godmode/users/user_list.php
+++ b/pandora_console/godmode/users/user_list.php
@@ -140,11 +140,22 @@ $table->align[3] = "center";
 $table->align[5] = "center";
 $table->size[5] = 40;
 
-$info = array ();
+$info1 = array ();
 
-$info = get_users ($order, array ('offset' => (int) get_parameter ('offset'),
+$info1 = get_users ($order, array ('offset' => (int) get_parameter ('offset'),
 			'limit' => (int) $config['block_size']));
-			
+
+$info = array();
+$own_info = get_user_info ($config['id_user']);	
+
+if ($own_info['is_admin'])
+	$info = $info1;
+// If user is not admin then don't display admin users.
+else
+	foreach ($info1 as $key => $usr)
+		if (!$usr['is_admin'])
+			$info[$key] = $usr;
+
 // Prepare pagination
 pagination (count(get_users ()));