Merge branch '2609-cambios-en-la-forma-de-gestionar-grupos-secundarios-en-la-vista-de-usuario-3' into 'develop'

Added secondary groups and no hierarchy documentation See merge request artica/pandorafms!1700
2025-04-08 18:55:09 +02:00 · 2018-08-21 08:34:53 +02:00 · 2018-08-21 08:34:53 +02:00 · 69513fdc63
commit 69513fdc63
parent e518135adf 4d44fcb512
11 changed files with 197 additions and 2 deletions
--- a/pandora_console/godmode/agentes/agent_manager.php
+++ b/pandora_console/godmode/agentes/agent_manager.php
@ -333,7 +333,8 @@ $table->data = array ();

 if (enterprise_installed()) {
 	$secondary_groups_selected = enterprise_hook('agents_get_secondary_groups', array($id_agente));
-	$table->data['secondary_groups'][0] = __('Secondary groups');
+	$table->data['secondary_groups'][0] = __('Secondary groups') .
+		ui_print_help_icon("secondary_groups", true);
 	$table->data['secondary_groups'][1] = html_print_select_groups(
 		false,                    // Use the current user to select the groups
 		"AR",                     // ACL permission
--- a/pandora_console/images/help/Acl_hierarchy_1.png
+++ b/pandora_console/images/help/Acl_hierarchy_1.png
--- a/pandora_console/images/help/Acl_hierarchy_2.png
+++ b/pandora_console/images/help/Acl_hierarchy_2.png
--- a/pandora_console/images/help/Acl_hierarchy_groups.png
+++ b/pandora_console/images/help/Acl_hierarchy_groups.png
--- a/pandora_console/include/functions_profile.php
+++ b/pandora_console/include/functions_profile.php
@ -247,7 +247,8 @@ function profile_print_profile_table ($id) {
 	$tags = tags_get_all_tags();
 	$data["tags"] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true);

-	$data["hierarchy"] = html_print_checkbox ('no_hierarchy', 1, false, true);
+	$data["hierarchy"] = html_print_checkbox ('no_hierarchy', 1, false, true) .
+		ui_print_help_icon("no_hierarchy", true);

 	$data["actions"] = html_print_input_image ('add', 'images/add.png', 1, '', true);
 	$data["actions"] .= html_print_input_hidden ('id', $id, true);
--- a/pandora_console/include/help/en/help_no_hierarchy.php
+++ b/pandora_console/include/help/en/help_no_hierarchy.php
@ -0,0 +1,42 @@
+<?php
+/**
+ * @package Include/help/en
+ */
+?>
+<h1>Hierarchy</h1>
+
+<p>
+We explained that the permissions of a group can be extended to the children by means of the configuration option <b>Propagate ACL</b>. However, from the user configuration, you can limit this functionality and prevent the ACL from propagating by checking No hierarchy.
+</p>
+
+<p>
+As a reference for the examples, we propose a configuration with two parent groups "Applications" and "Databases" with two children each, "Development_Apps" and "Management_Apps" for the former and "Databases_America" and "Databases_Asia" for the latter. Both parent groups are marked for ACL to spread.
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_groups.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+In the user edit view, if the following profiles are added:
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_1.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+The user will have access to the groups named "Applications", "Development_Apps", "Management_Apps" and "Databases".
+</p>
+
+<p>
+However, if a child of "Databases" is added:
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_2.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+Now the user will have access to the groups named "Applications", "Development_Apps", "Management_Apps", "Databases" and "Databases_Asia", but not to "Databases_America".
+</p>
--- a/pandora_console/include/help/en/help_secondary_groups.php
+++ b/pandora_console/include/help/en/help_secondary_groups.php
@ -0,0 +1,22 @@
+<?php
+/**
+ * @package Include/help/en
+ */
+?>
+<h1>Secondary groups</h1>
+
+<p>
+Unlike the main group, these secondary groups are optional.
+</p>
+
+<p>
+The fact that an agent belongs to a secondary group means that, in fact, it belongs to several groups at the same time. With this functionality, two users who have very different permissions will be able to access the same agent just by adding the appropriate secondary groups to it.
+</p>
+
+<p>
+For example, if an agent named "Portal" has "Infrastructures" as its main group and "Hosting" as its secondary group, any user who has access to "Infrastructures" and/or "Hosting" can access it.
+</p>
+
+<p>
+Some views, such as the Tree View, can show repeated agents. When using secondary groups, this is the normal behavior.
+</p>
--- a/pandora_console/include/help/es/help_no_hierarchy.php
+++ b/pandora_console/include/help/es/help_no_hierarchy.php
@ -0,0 +1,42 @@
+<?php
+/**
+ * @package Include/help/en
+ */
+?>
+<h1>Jerarquía</h1>
+
+<p>
+Los permisos de un grupo se pueden extender a los hijos mediante la opción de configuración <b>Propagate ACL</b>. Sin embargo, desde la configuración de usuarios, se puede limitar esta funcionalidad y evitar que el ACL se propague marcando No hierarchy.
+</p>
+
+<p>
+Como referencia para los ejemplos, se plantea una configuración con dos grupos padre "Applications" y "Databases" con dos hijos cada uno, "Development_Apps" y "Management_Apps" para el primero y "Databases_America" y "Databases_Asia" para el segundo. Ambos grupos padre están marcados para que se propague el ACL.
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_groups.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+En la vista de edición de usuario, si se añaden los siguientes perfiles:
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_1.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+El usuario tendrá acceso a los grupos "Applications", "Development_Apps", "Management_Apps" y "Databases".
+</p>
+
+<p>
+En cambio, si se añade un hijo de "Databases":
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_2.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+Ahora el usuario podrá acceder a los grupos "Applications", "Development_Apps", "Management_Apps", "Databases" y "Databases_Asia", pero no a "Databases_America".
+</p>
--- a/pandora_console/include/help/es/help_secondary_groups.php
+++ b/pandora_console/include/help/es/help_secondary_groups.php
@ -0,0 +1,22 @@
+<?php
+/**
+ * @package Include/help/en
+ */
+?>
+<h1>Secondary groups</h1>
+
+<p>
+Al contrario que el grupo principal, estos grupos secundarios son opcionales.
+</p>
+
+<p>
+El hecho de que un agente pertenezca a un grupo secundario, significa que, en realidad, pertenece a varios grupos a la vez. Con esta funcionalidad, dos usuarios que tengan permisos muy diferentes podrán tener acceso al mismo agente con solo añadirle los grupos secundarios adecuados.
+</p>
+
+<p>
+Por ejemplo, si un agente llamado "Portal" tiene como grupo principal "Infraestructuras" y como grupo secundario "Hosting", cualquier usuario que tenga acceso a "Infraestructuras" y/o a "Hosting" podrá acceder a él.
+</p>
+
+<p>
+Algunas vistas, como es el caso del Tree View, pueden mostrar agentes repetidos. Al usar grupos secundarios es el comportamiento normal.
+</p>
--- a/pandora_console/include/help/ja/help_no_hierarchy.php
+++ b/pandora_console/include/help/ja/help_no_hierarchy.php
@ -0,0 +1,43 @@
+<?php
+/**
+ * @package Include/help/en
+ */
+?>
+<h1>Hierarchy</h1>
+
+<p>
+We explained that the permissions of a group can be extended to the children by means of the configuration option <b>Propagate ACL</b>. However, from the user configuration, you can limit this functionality and prevent the ACL from propagating by checking No hierarchy.
+</p>
+
+<p>
+As a reference for the examples, we propose a configuration with two parent groups "Applications" and "Databases" with two children each, "Development_Apps" and "Management_Apps" for the former and "Databases_America" and "Databases_Asia" for the latter. Both parent groups are marked for ACL to spread.
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_groups.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+In the user edit view, if the following profiles are added:
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_1.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+The user will have access to the groups named "Applications", "Development_Apps", "Management_Apps" and "Databases".
+</p>
+
+<p>
+However, if a child of "Databases" is added:
+</p>
+
+<?php html_print_image("images/help/Acl_hierarchy_2.png", false, array(
+    "style" => "max-width:100%"
+)); ?>
+
+<p>
+Now the user will have access to the groups named "Applications", "Development_Apps", "Management_Apps", "Databases" and "Databases_Asia", but not to "Databases_America".
+</p>
+
--- a/pandora_console/include/help/ja/help_secondary_groups.php
+++ b/pandora_console/include/help/ja/help_secondary_groups.php
@ -0,0 +1,22 @@
+<?php
+/**
+ * @package Include/help/en
+ */
+?>
+<h1>Secondary groups</h1>
+
+<p>
+Unlike the main group, these secondary groups are optional.
+</p>
+
+<p>
+The fact that an agent belongs to a secondary group means that, in fact, it belongs to several groups at the same time. With this functionality, two users who have very different permissions will be able to access the same agent just by adding the appropriate secondary groups to it.
+</p>
+
+<p>
+For example, if an agent named "Portal" has "Infrastructures" as its main group and "Hosting" as its secondary group, any user who has access to "Infrastructures" and/or "Hosting" can access it.
+</p>
+
+<p>
+Some views, such as the Tree View, can show repeated agents. When using secondary groups, this is the normal behavior.
+</p>