From 6c6a8660479f79e5769b7a97216ffb9776f5dff7 Mon Sep 17 00:00:00 2001 From: mdtrooper Date: Tue, 10 Mar 2015 11:13:46 +0100 Subject: [PATCH] Fixed the user with strict acl tags does show any tag when the groups has not any tag. TICKET: #1921 --- pandora_console/include/functions_tags.php | 48 ++++++++++++++------- pandora_console/include/functions_users.php | 16 +++++++ 2 files changed, 48 insertions(+), 16 deletions(-) diff --git a/pandora_console/include/functions_tags.php b/pandora_console/include/functions_tags.php index 010a465248..da2b31cfb5 100644 --- a/pandora_console/include/functions_tags.php +++ b/pandora_console/include/functions_tags.php @@ -888,47 +888,63 @@ function tags_has_user_acl_tags($id_user = false) { */ function tags_get_user_tags($id_user = false, $access = 'AR') { global $config; - + + //users_is_strict_acl + if ($id_user === false) { $id_user = $config['id_user']; } // Get all tags to have the name of all of them $all_tags = tags_get_all_tags(); - + // If at least one of the profiles of this access flag hasent // tags restrictions, the user can see all tags $acl_column = get_acl_column($access); - if(empty($acl_column)) { + if (empty($acl_column)) { return array(); } - - $query = sprintf("SELECT count(*) - FROM tusuario_perfil, tperfil - WHERE tperfil.id_perfil = tusuario_perfil.id_perfil AND - tusuario_perfil.id_usuario = '%s' AND - tperfil.%s = 1 AND tags <> ''", - $id_user, $acl_column); - + + $query = sprintf(" + SELECT count(*) + FROM tusuario_perfil, tperfil + WHERE tperfil.id_perfil = tusuario_perfil.id_perfil + AND tusuario_perfil.id_usuario = '%s' + AND tperfil.%s = 1 + AND tags <> ''", + $id_user, $acl_column); + $profiles_without_tags = db_get_value_sql($query); if ($profiles_without_tags == 0) { - return $all_tags; + //-------------------------------------------------------------- + // FIXED FOR TICKET #1921 + // + // If the user is setted with strict ACL, the pandora does not + // show any tags. Thanks Mr. C from T. + // + //-------------------------------------------------------------- + if (users_is_strict_acl($id_user)) { + return array(); + } + else { + return $all_tags; + } } - + // Get the tags of the required access flag for each group - $tags = tags_get_acl_tags($id_user, 0, $access, 'data'); + $tags = tags_get_acl_tags($id_user, 0, $access, 'data'); // If there are wrong parameters or fail ACL check, return false if ($tags_user === ERR_WRONG_PARAMETERS || $tags_user === ERR_ACL) { return array(); } - + // Merge the tags to get an array with all of them $user_tags_id = array(); foreach ($tags as $t) { - if(empty($user_tags_id)) { + if (empty($user_tags_id)) { $user_tags_id = $t; } else { diff --git a/pandora_console/include/functions_users.php b/pandora_console/include/functions_users.php index 3808debb93..2743e08806 100644 --- a/pandora_console/include/functions_users.php +++ b/pandora_console/include/functions_users.php @@ -21,6 +21,22 @@ require_once($config['homedir'] . "/include/functions_groups.php"); +function users_is_strict_acl($id_user = null) { + global $config; + + if (empty($id_user)) { + $id_user = $config['id_user']; + } + + $strict_acl = (bool)db_get_value('strict_acl', 'tusuario', + 'id_user', $id_user); + + html_debug_print($strict_acl, true); + html_debug_print($id_user, true); + + return $strict_acl; +} + /** * Get a list of all users in an array [username] => (info) *