From 5de63d0177bb2844cd39be9f7fdd25ecb5147c0b Mon Sep 17 00:00:00 2001
From: mdtrooper <tres.14159@gmail.com>
Date: Fri, 13 May 2011 09:01:57 +0000
Subject: [PATCH] 2011-05-13 Miguel de Dios  <miguel.dedios@artica.es>

	* operation/agentes/estado_agente.php: fixed ACL when the user have a
	"Pandora Management" in any group that show agents of all groups.

	Fixes: #3300611



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4350 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     |  7 ++
 .../operation/agentes/estado_agente.php       | 90 ++++++-------------
 2 files changed, 33 insertions(+), 64 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index cef06e7582..0d2cbce83b 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,10 @@
+2011-05-13 Miguel de Dios  <miguel.dedios@artica.es>
+
+	* operation/agentes/estado_agente.php: fixed ACL when the user have a
+	"Pandora Management" in any group that show agents of all groups.
+	
+	Fixes: #3300611
+
 2011-05-13 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
 
 	* include/functions_servers.php
diff --git a/pandora_console/operation/agentes/estado_agente.php b/pandora_console/operation/agentes/estado_agente.php
index c9c543b71c..0903f5a5ad 100644
--- a/pandora_console/operation/agentes/estado_agente.php
+++ b/pandora_console/operation/agentes/estado_agente.php
@@ -248,15 +248,13 @@ if ($group_id > 0) {
 	$agent_names = agents_get_group_agents ($group_id, $filter, "upper");
 }
 else {
-	// Not selected any specific group
-	if (check_acl ($config['id_user'], 0, "PM")){
-		$agent_names = agents_get_group_agents(0, $filter, "upper", true);
-	}
-	else{
-		$user_group = users_get_groups($config["id_user"], "AR");
-		$groups = array_keys($user_group);
-		$agent_names = agents_get_group_agents(array_keys ($user_group), $filter, "upper");
-	}
+	$groups = array();
+	
+	$user_group = users_get_groups($config["id_user"], "PM");
+	$groups = array_keys($user_group);
+	$user_group = users_get_groups($config["id_user"], "AR");
+	$groups = array_unique(array_merge($groups, array_keys($user_group)));
+	$agent_names = agents_get_group_agents($groups, $filter, "upper");
 }
 
 $total_agents = 0;
@@ -267,61 +265,25 @@ if (! empty ($agent_names)) {
 		$subquery_enterprise = subquery_acl_enterprise();
 	}
 	
-	if (check_acl ($config['id_user'], 0, "PM")) {
-		$sql = sprintf ('SELECT COUNT(*) FROM tagente WHERE 1=1 %s %s', $search_sql, $subquery_enterprise);
-		$total_agents = db_get_sql ($sql);
-		
-		switch ($config["dbtype"]) {
-			case "mysql":
-			case "postgresql":
-				$sql = sprintf ('SELECT * FROM tagente
-								WHERE 1=1 %s %s
-								ORDER BY %s %s LIMIT %d, %d', $search_sql, $subquery_enterprise,
-								$order['field'], $order['order'], $offset, $config["block_size"]);
-				break;			
-			case "oracle":
-				$set = array ();
-				$set['limit'] = $config["block_size"];
-				$set['offset'] = $offset;
-				$sql = sprintf ('SELECT * FROM tagente 
-								WHERE 1=1 %s %s 
-								ORDER BY %s %s', $search_sql, $subquery_enterprise, 
-								$order['field'], $order['order']);
-				$sql = oracle_recode_query ($sql, $set);		
-				break;
-		}
-
-
-		$agents = db_get_all_rows_sql ($sql);
-
-		// Delete rnum row generated by oracle_recode_query() function
-		if (($config['dbtype'] == 'oracle') && ($agents !== false)) {
-			for ($i=0; $i < count($agents); $i++) {
-				unset($agents[$i]['rnum']);		
-			}
-		}
-	}
-	else{
-		$total_agents = agents_get_agents(array ('id_agente' => array_keys ($agent_names),
-			'order' => 'nombre ASC',
-			'disabled' => 0,
-			'id_grupo' => $groups),
-			array ('COUNT(*) as total'));
-		$total_agents = isset ($total_agents[0]['total']) ? $total_agents[0]['total'] : 0;
-		
-		$agents = agents_get_agents(array ('id_agente' => array_keys ($agent_names),
-			'order' => 'nombre ASC',
-			'id_grupo' => $groups,
-			'offset' => (int) get_parameter ('offset'),
-			'limit' => (int) $config['block_size']),
-			array ('id_agente',
-				'id_grupo',
-				'id_os',
-				'ultimo_contacto',
-				'intervalo'),
-			'AR',
-			$order);
-	}
+	$total_agents = agents_get_agents(array ('id_agente' => array_keys ($agent_names),
+		'order' => 'nombre ASC',
+		'disabled' => 0,
+		'id_grupo' => $groups),
+		array ('COUNT(*) as total'));
+	$total_agents = isset ($total_agents[0]['total']) ? $total_agents[0]['total'] : 0;
+	
+	$agents = agents_get_agents(array ('id_agente' => array_keys ($agent_names),
+		'order' => 'nombre ASC',
+		'id_grupo' => $groups,
+		'offset' => (int) get_parameter ('offset'),
+		'limit' => (int) $config['block_size']),
+		array ('id_agente',
+			'id_grupo',
+			'id_os',
+			'ultimo_contacto',
+			'intervalo'),
+		'AR',
+		$order);
 }
 
 if (empty ($agents)) {