Merge branch 'ent-13321-un-dashboard-con-enlace-publico-permite-ver-el-resto-de-los-dashboards-registrados' into 'develop'

Ent 13321 un dashboard con enlace publico permite ver el resto de los dashboards registrados

See merge request artica/pandorafms!7179

pandora_console/include/lib/Dashboard/Manager.php

@@ -994,6 +994,27 @@ class Manager implements PublicLogin
         ui_require_css_file('modal');
         ui_require_css_file('form');
 
+        $hash_aux = get_parameter('hash');
+        if (empty($dashboardId)) {
+            $dashboards = $this->getDashboards();
+            $dashboards = array_reduce(
+                $dashboards,
+                function ($carry, $item) {
+                    $carry[$item['id']] = $item['name'];
+                    return $carry;
+                },
+                []
+            );
+
+            foreach ($dashboards as $key => $layout) {
+                $hash_compare = self::generatePublicHash($key);
+                if (hash_equals($hash_aux, $hash_compare)) {
+                    $this->dashboardId = $key;
+                    break;
+                }
+            }
+        }
+
         if ($this->dashboardId === 0
             || $this->deleteDashboard === true
             || $this->copyDashboard === true
@@ -1164,11 +1185,10 @@ class Manager implements PublicLogin
                 [
                     'dashboards'     => $dashboards,
                     'ajaxController' => $this->ajaxController,
-                    'dashboardId'    => $this->dashboardId,
                     'refr'           => $this->refr,
                     'url'            => $this->url,
                     'dashboardName'  => $this->dashboardFields['name'],
-                    'hash'           => self::generatePublicHash(),
+                    'hash'           => self::generatePublicHash($this->dashboardId),
                     'publicLink'     => $this->publicLink,
                     'dashboardGroup' => $this->dashboardFields['id_group'],
                     'dashboardUser'  => $this->dashboardFields['id_user'],
@@ -1210,7 +1230,7 @@ class Manager implements PublicLogin
                     'updateDashboard' => $this->updateDashboard,
                     'cellIdCreate'    => \get_parameter('cellIdCreate', 0),
                     'class'           => (($config['public_dashboard'] === true) ? quotemeta(__CLASS__) : ''),
-                    'hash'            => (($config['public_dashboard'] === true) ? self::generatePublicHash() : ''),
+                    'hash'            => (($config['public_dashboard'] === true) ? self::generatePublicHash($this->dashboardId) : ''),
                 ]
             );
         } else {

pandora_console/operation/visual_console/public_view.php

@@ -64,7 +64,16 @@ $hash = (string) get_parameter('hash');
 
 // Check input hash.
 // DO NOT move it after of get parameter user id.
-if (User::validatePublicHash($hash) !== true) {
+$vcs = visual_map_get_user_layouts();
+foreach ($vcs as $key => $data) {
+    $hash_compare = User::generatePublicHash($key);
+    if (hash_equals($hash_compare, $hash)) {
+        $visualConsoleId = (int) $key;
+        break;
+    }
+}
+
+if (empty($visualConsoleId) === true) {
     db_pandora_audit(
         AUDIT_LOG_VISUAL_CONSOLE_MANAGEMENT,
         'Trying to access public visual console'
@@ -73,7 +82,6 @@ if (User::validatePublicHash($hash) !== true) {
     exit;
 }
 
-$visualConsoleId = (int) get_parameter('id_layout');
 $userAccessMaintenance = null;
 if (empty($config['id_user']) === true) {
     $config['id_user'] = (string) get_parameter('id_user');

pandora_console/operation/visual_console/view.php

@@ -154,10 +154,10 @@ if ($aclWrite === true || $aclManage === true) {
         $baseUrl = 'index.php?operation=edit_visualmap&sec=screen&sec2=screens/screens&action=visualmap&pure='.$pure.'&action2='.$action;
     }
 
-    $hash = User::generatePublicHash();
+    $hash = User::generatePublicHash($visualConsoleId);
 
     $options['public_link']['text'] = '<a href="'.ui_get_full_url(
-        'operation/visual_console/public_console.php?hash='.$hash.'&id_layout='.$visualConsoleId.'&refr='.$refr.'&id_user='.$config['id_user'],
+        'operation/visual_console/public_console.php?hash='.$hash.'&refr='.$refr.'&id_user='.$config['id_user'],
         false,
         false,
         false
@@ -774,17 +774,6 @@ ui_require_css_file('form');
 
             var regex_hash = /(hash=)[^&]+(&?)/gi;
             var replacement_hash = '$1' + newProps.hash + '$2';
-            // Tab links.
-            var menuLinks = document.querySelectorAll("div#menu_tab a");
-            if (menuLinks !== null) {
-                menuLinks.forEach(function (menuLink) {
-                    menuLink.href = menuLink.href.replace(regex, replacement);
-                    menuLink.href = menuLink.href.replace(
-                        regex_hash,
-                        replacement_hash
-                    );
-                });
-            }
 
             // Go back from fullscreen button.
             var btnNoFull = document.querySelector("a.vc-btn-no-fullscreen");

pandora_console/views/dashboard/header.php

@@ -27,12 +27,23 @@
  */
 
 // Button for display full screen mode.
+use PandoraFMS\Dashboard\Manager;
 global $config;
 
+if (empty($dashboardId)) {
+    foreach ($dashboards as $key => $layout) {
+        $hash_compare = Manager::generatePublicHash($key);
+        if (hash_equals($hash, $hash_compare)) {
+            $dashboardId = $key;
+            break;
+        }
+    }
+}
+
 $queryFull = [
-    'dashboardId' => $dashboardId,
+    'refr' => $refr,
-    'refr'        => $refr,
+    'pure' => 1,
-    'pure'        => 1,
+    'hash' => $hash,
 ];
 $urlFull = $url.'&'.http_build_query($queryFull);
 $fullscreen['text'] = '<a id="full_screen_link" href="'.$urlFull.'">';
@@ -124,10 +135,9 @@ $slides['text'] .= '</a>';
 
 // Public Url.
 $queryPublic = [
-    'dashboardId' => $dashboardId,
+    'hash'    => $hash,
-    'hash'        => $hash,
+    'id_user' => $config['id_user'],
-    'id_user'     => $config['id_user'],
+    'pure'    => 1,
-    'pure'        => 1,
 ];
 $publicUrl = ui_get_full_url(
     'operation/dashboard/public_dashboard.php?'.http_build_query($queryPublic)