tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

remove acl check in integria ticket dashboard

Browse Source
This commit is contained in:
alejandro-campos 2019-09-26 10:38:12 +02:00
parent ca184faaa0
commit 93b176269c
1 changed files with 243 additions and 246 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

201
pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
View File

@ -96,41 +96,40 @@ $priority_text = integriaims_get_details('priority', $priority);
$resolution_text = integriaims_get_details('resolution', $resolution); $resolution_text = integriaims_get_details('resolution', $resolution);
$type_text = integriaims_get_details('type', $type); $type_text = integriaims_get_details('type', $type);
if (check_acl($config['id_user'], 0, 'IW')) { // Incident file management.
// Incident file management. $upload_file = get_parameter('upload_file');
$upload_file = get_parameter('upload_file'); $delete_file_id = get_parameter('delete_file');
$delete_file_id = get_parameter('delete_file'); $download_file_id = get_parameter('download_file');
$download_file_id = get_parameter('download_file'); $download_file_name = get_parameter('download_file_name');
$download_file_name = get_parameter('download_file_name');
// Files section table. // Files section table.
$table_files_section = new stdClass(); $table_files_section = new stdClass();
$table_files_section->width = '100%'; $table_files_section->width = '100%';
$table_files_section->id = 'files_section_table'; $table_files_section->id = 'files_section_table';
$table_files_section->class = 'databox filters'; $table_files_section->class = 'databox filters';
$table_files_section->head = []; $table_files_section->head = [];
$table_files_section->data = []; $table_files_section->data = [];
$table_files_section->size = []; $table_files_section->size = [];
$table_files_section->colspan[2][0] = 3; $table_files_section->colspan[2][0] = 3;
// Files list table. // Files list table.
$table_files = new stdClass(); $table_files = new stdClass();
$table_files->width = '100%'; $table_files->width = '100%';
$table_files->class = 'info_table'; $table_files->class = 'info_table';
$table_files->head = []; $table_files->head = [];
$table_files->head[0] = __('Filename'); $table_files->head[0] = __('Filename');
$table_files->head[1] = __('Timestamp'); $table_files->head[1] = __('Timestamp');
$table_files->head[2] = __('Description'); $table_files->head[2] = __('Description');
$table_files->head[3] = __('User'); $table_files->head[3] = __('User');
$table_files->head[4] = __('Size'); $table_files->head[4] = __('Size');
$table_files->head[5] = __('Delete'); $table_files->head[5] = __('Delete');
$table_files->data = []; $table_files->data = [];
// Upload file. // Upload file.
if ($upload_file && ($_FILES['userfile']['name'] != '')) { if ($upload_file && ($_FILES['userfile']['name'] != '')) {
$filedescription = get_parameter('file_description', __('No description available')); $filedescription = get_parameter('file_description', __('No description available'));
$filename = io_safe_input($_FILES['userfile']['name']); $filename = io_safe_input($_FILES['userfile']['name']);
@ -170,10 +169,10 @@ if (check_acl($config['id_user'], 0, 'IW')) {
} else { } else {
ui_print_error_message(__('File has an invalid extension')); ui_print_error_message(__('File has an invalid extension'));
} }
} }
// Delete file. // Delete file.
if (isset($_GET['delete_file'])) { if (isset($_GET['delete_file'])) {
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'delete_file', [$delete_file_id]); $result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'delete_file', [$delete_file_id]);
$file_deleted = false; $file_deleted = false;
@ -187,10 +186,10 @@ if (check_acl($config['id_user'], 0, 'IW')) {
__('File successfully deleted'), __('File successfully deleted'),
__('File could not be deleted') __('File could not be deleted')
); );
} }
// Download file. // Download file.
if (isset($_GET['download_file'])) { if (isset($_GET['download_file'])) {
$file_base64 = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'download_file', [$download_file_id]); $file_base64 = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'download_file', [$download_file_id]);
ob_end_clean(); ob_end_clean();
@ -214,12 +213,12 @@ if (check_acl($config['id_user'], 0, 'IW')) {
} }
header('Location: index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id); header('Location: index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id);
} }
// Retrieve files belonging to incident and create list table. // Retrieve files belonging to incident and create list table.
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_files', [$incident_id]); $result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_files', [$incident_id]);
if ($result_api_call != false && strlen($result_api_call) > 0) { if ($result_api_call != false && strlen($result_api_call) > 0) {
$files = []; $files = [];
$csv_array = explode("\n", $result_api_call); $csv_array = explode("\n", $result_api_call);
@ -228,11 +227,11 @@ if (check_acl($config['id_user'], 0, 'IW')) {
$files[] = explode(',', $csv_line); $files[] = explode(',', $csv_line);
} }
} }
} }
$i = 0; $i = 0;
foreach ($files as $key => $value) { foreach ($files as $key => $value) {
$table_files->data[$i][0] = '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&download_file='.$value[0]).'&download_file_name='.$value[11].'">'.$value[11].'</a>'; $table_files->data[$i][0] = '<a id="link_delete_file" href="'.ui_get_full_url('index.php?sec=incident&sec2=operation/incidents/dashboard_detail_integriaims_incident&incident_id='.$incident_id.'&download_file='.$value[0]).'&download_file_name='.$value[11].'">'.$value[11].'</a>';
$table_files->data[$i][1] = $value[14]; $table_files->data[$i][1] = $value[14];
$table_files->data[$i][2] = $value[12]; $table_files->data[$i][2] = $value[12];
@ -244,79 +243,79 @@ if (check_acl($config['id_user'], 0, 'IW')) {
$table_files->data[$i][5] .= '</a>'; $table_files->data[$i][5] .= '</a>';
$i++; $i++;
} }
$table_files_section->data[0][0] = '<div class="label_select"><p class="input_label">'.__('File name').':</p>'; $table_files_section->data[0][0] = '<div class="label_select"><p class="input_label">'.__('File name').':</p>';
$table_files_section->data[0][0] .= html_print_input_file('userfile', true); $table_files_section->data[0][0] .= html_print_input_file('userfile', true);
$table_files_section->data[1][0] = '<div class="label_select"><p class="input_label">'.__('Description').':</p>'; $table_files_section->data[1][0] = '<div class="label_select"><p class="input_label">'.__('Description').':</p>';
$table_files_section->data[1][0] .= html_print_textarea( $table_files_section->data[1][0] .= html_print_textarea(
'file_description', 'file_description',
3, 3,
20, 20,
'', '',
'', '',
true true
); );
$table_files_section->data[2][0] .= '<div style="width: 100%; text-align:right;">'.html_print_submit_button(__('Upload'), 'accion', false, 'class="sub wand"', true).'</div>'; $table_files_section->data[2][0] .= '<div style="width: 100%; text-align:right;">'.html_print_submit_button(__('Upload'), 'accion', false, 'class="sub wand"', true).'</div>';
$upload_file_form = '<div>'; $upload_file_form = '<div>';
if (check_acl($config['id_user'], 0, 'IW')) { if (check_acl($config['id_user'], 0, 'IW')) {
$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true); $upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
} }
$upload_file_form .= '<h4>'.__('Attached files').'</h4>'.html_print_table($table_files, true).'</form></div>'; $upload_file_form .= '<h4>'.__('Attached files').'</h4>'.html_print_table($table_files, true).'</form></div>';
// Incident comments management. // Incident comments management.
$upload_comment = get_parameter('upload_comment'); $upload_comment = get_parameter('upload_comment');
$comment_description = get_parameter('comment_description'); $comment_description = get_parameter('comment_description');
// Comments section table. // Comments section table.
$table_comments_section = new stdClass(); $table_comments_section = new stdClass();
$table_comments_section->width = '100%'; $table_comments_section->width = '100%';
$table_comments_section->id = 'files_section_table'; $table_comments_section->id = 'files_section_table';
$table_comments_section->class = 'databox filters'; $table_comments_section->class = 'databox filters';
$table_comments_section->head = []; $table_comments_section->head = [];
$table_comments_section->data = []; $table_comments_section->data = [];
$table_comments_section->size = []; $table_comments_section->size = [];
// Comments list table. // Comments list table.
$table_comments = new stdClass(); $table_comments = new stdClass();
$table_comments->width = '100%'; $table_comments->width = '100%';
$table_comments->class = 'info_table'; $table_comments->class = 'info_table';
$table_comments->head = []; $table_comments->head = [];
$table_comments->head[0] = __('Filename'); $table_comments->head[0] = __('Filename');
$table_comments->head[1] = __('Timestamp'); $table_comments->head[1] = __('Timestamp');
$table_comments->head[2] = __('Description'); $table_comments->head[2] = __('Description');
$table_comments->head[3] = __('User'); $table_comments->head[3] = __('User');
$table_comments->head[4] = __('Size'); $table_comments->head[4] = __('Size');
$table_comments->head[5] = __('Delete'); $table_comments->head[5] = __('Delete');
$table_comments->data = []; $table_comments->data = [];
$comment_disabled = ($array_get_incidents[6] == 7); $comment_disabled = ($array_get_incidents[6] == 7);
if ($comment_disabled === true) { if ($comment_disabled === true) {
$attribute = 'disabled=disabled'; $attribute = 'disabled=disabled';
} }
$table_comments_section->data[0][0] = '<div class="label_select"><p class="input_label">'.__('Description').':</p>'; $table_comments_section->data[0][0] = '<div class="label_select"><p class="input_label">'.__('Description').':</p>';
$table_comments_section->data[0][0] .= html_print_textarea( $table_comments_section->data[0][0] .= html_print_textarea(
'comment_description', 'comment_description',
3, 3,
20, 20,
'', '',
$attribute, $attribute,
true true
); );
$table_comments_section->data[1][1] .= '<div style="width: 100%; text-align:right;">'.html_print_submit_button(__('Add'), 'accion', $comment_disabled, 'class="sub wand"', true).'</div>'; $table_comments_section->data[1][1] .= '<div style="width: 100%; text-align:right;">'.html_print_submit_button(__('Add'), 'accion', $comment_disabled, 'class="sub wand"', true).'</div>';
// Upload comment. If ticket is closed, this action cannot be performed. // Upload comment. If ticket is closed, this action cannot be performed.
if ($upload_comment && $array_get_incidents[6] != 7) { if ($upload_comment && $array_get_incidents[6] != 7) {
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'create_workunit', [$incident_id, $comment_description, '0.00', 0, 1, '0']); $result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'create_workunit', [$incident_id, $comment_description, '0.00', 0, 1, '0']);
// API method returns id of new comment if success. // API method returns id of new comment if success.
@ -327,12 +326,12 @@ if (check_acl($config['id_user'], 0, 'IW')) {
__('Comment successfully added'), __('Comment successfully added'),
__('Comment could not be added') __('Comment could not be added')
); );
} }
// Retrieve comments belonging to incident and create comments table. // Retrieve comments belonging to incident and create comments table.
$result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_workunits', [$incident_id]); $result_api_call = integria_api_call($config['integria_hostname'], $config['integria_user'], $config['integria_pass'], $config['integria_api_pass'], 'get_incident_workunits', [$incident_id]);
if ($result_api_call != false && strlen($result_api_call) > 0) { if ($result_api_call != false && strlen($result_api_call) > 0) {
$comments = []; $comments = [];
$csv_array = explode("\n", $result_api_call); $csv_array = explode("\n", $result_api_call);
@ -341,28 +340,26 @@ if (check_acl($config['id_user'], 0, 'IW')) {
$comments[] = explode(',', $csv_line); $comments[] = explode(',', $csv_line);
} }
} }
} }
$comment_table = ''; $comment_table = '';
if (!empty($comments)) { if (!empty($comments)) {
foreach ($comments as $key => $value) { foreach ($comments as $key => $value) {
$comment_table .= '<div class="comment_title">'.$value[3].'<span>&nbspsaid&nbsp</span>'.$value[1].'<span style="float: right;">'.$value[2].'&nbspHours</span></div>'; $comment_table .= '<div class="comment_title">'.$value[3].'<span>&nbspsaid&nbsp</span>'.$value[1].'<span style="float: right;">'.$value[2].'&nbspHours</span></div>';
$comment_table .= '<div class="comment_body">'.$value[4].'</div>'; $comment_table .= '<div class="comment_body">'.$value[4].'</div>';
} }
} else { } else {
$comment_table = __('No comments found'); $comment_table = __('No comments found');
}
$upload_comment_form = '<div>';
if (check_acl($config['id_user'], 0, 'IW')) {
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
}
$upload_comment_form .= '<h4>'.__('Comments').'</h4>'.$comment_table.'</div>';
} }
$upload_comment_form = '<div>';
if (check_acl($config['id_user'], 0, 'IW')) {
$upload_comment_form .= '<form method="post" id="comment_form" enctype="multipart/form-data"><h4>'.__('Add comment').'</h4>'.html_print_table($table_comments_section, true).html_print_input_hidden('upload_comment', 1, true).'</form>';
}
$upload_comment_form .= '<h4>'.__('Comments').'</h4>'.$comment_table.'</div>';
// Details box. // Details box.
$details_box = '<div class="integriaims_details_box integriaims_details_box_five">'; $details_box = '<div class="integriaims_details_box integriaims_details_box_five">';