Fixed UM permission problems.

pandora_console/godmode/users/configure_user.php

@@ -759,13 +759,13 @@ if (!users_is_admin() && $config['id_user'] != $id && !$new_user) {
     $sql = sprintf(
         "SELECT tusuario_perfil.* FROM tusuario_perfil
         INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
-        WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0",
-        $id,
+        WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 1",
+        $config['id_user'],
         $group_um_string
     );
 
     $result = db_get_all_rows_sql($sql);
-    if ($result == false || $user_info['is_admin']) {
+    if ($result == false && $user_info['is_admin'] == false) {
         db_pandora_audit(
             'ACL Violation',
             'Trying to access User Management'

pandora_console/godmode/users/user_list.php

@@ -491,12 +491,6 @@ foreach ($info as $user_id => $user_info) {
         foreach ($group_um as $key => $value) {
             if (isset($user_profiles_aux[$key])) {
                 $user_profiles[$key] = $user_profiles_aux[$key];
-                if ($user_profiles_aux[$key]['user_management'] == 1) {
-                    $user_info['edit'] = 0;
-                } else {
-                    $user_info['edit'] = 1;
-                }
-
                 unset($user_profiles_aux[$key]);
             }
         }
@@ -593,8 +587,10 @@ foreach ($info as $user_id => $user_info) {
 
             $total_profile++;
         }
-
-            $data[4] .= '</div>';
+        if (isset($user_info['not_delete'])) {
+            $data[4] .= __('Other profiles are also assigned.') . ui_print_help_tip(__('Other profiles you cannot manage are also assigned. These profiles are not shown. You cannot enable/disable or delete this user.'), true);
+        }
+        $data[4] .= '</div>';
     } else {
         $data[4] .= __('The user doesn\'t have any assigned profile/group');
     }

pandora_console/include/functions_profile.php

@@ -234,7 +234,7 @@ function profile_print_profile_table($id)
         $sql = sprintf(
             "SELECT tusuario_perfil.* FROM tusuario_perfil
             INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
-            WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0",
+            WHERE id_usuario like '%s' AND id_grupo IN (%s)",
             $id,
             $group_um_string
         );

pandora_console/include/functions_users.php

@@ -752,6 +752,10 @@ function users_get_groups_UM($id_user)
     foreach ($groups as $key => $group) {
         if (!isset($return[$group['id_grupo']]) || (isset($return[$group['id_grupo']]) && $group['user_management'] != 0)) {
             $return[$group['id_grupo']] = $group['user_management'];
+            $children = groups_get_children($group['id_grupo'], false, 'UM', false);
+            foreach ($children as $key => $child_group) {
+                $return[$child_group['id_grupo']] = $group['user_management'];
+            }
             if ($group['id_grupo'] == '0') {
                 $return['group_all'] = $group['id_grupo'];
             }