Merge branch '2609-cambios-en-la-forma-de-gestionar-grupos-secundarios-en-la-vista-de-usuario' into 'develop'

2609 cambios en la forma de gestionar grupos secundarios en la vista de usuario

See merge request artica/pandorafms!1665
This commit is contained in:
vgilc 2018-08-13 10:28:14 +02:00
commit 9dd9ad71a8
6 changed files with 72 additions and 99 deletions

View File

@ -53,4 +53,11 @@ CREATE TABLE IF NOT EXISTS `tlayout_template_data` (
FOREIGN KEY (`id_layout_template`) REFERENCES tlayout_template(`id`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE = InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
-- Rename column is_secondary to no_hierarchy in `tusuario _perfil`
-- ---------------------------------------------------------------------
ALTER TABLE `tusuario_perfil` ADD COLUMN `no_hierarchy` tinyint(1) NOT NULL DEFAULT 0;
UPDATE `tusuario_perfil` SET `is_secondary` = `no_hierarchy`;
ALTER TABLE `tusuario_perfil` DROP COLUMN `is_secondary`;
COMMIT;

View File

@ -1668,7 +1668,7 @@ create table IF NOT EXISTS `tmetaconsole_agent_secondary_group`(
ALTER TABLE tagente ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tmetaconsole_agent ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tusuario_perfil ADD COLUMN `is_secondary` tinyint(1) NOT NULL default '0';
ALTER TABLE tusuario_perfil ADD COLUMN `no_hierarchy` tinyint(1) NOT NULL default '0';
-- ---------------------------------------------------------------------
-- Table `tautoconfig`

View File

@ -449,30 +449,22 @@ if ($add_profile) {
$group2 = (int) get_parameter ('assign_group');
$profile2 = (int) get_parameter ('assign_profile');
$tags = (array) get_parameter ('assign_tags');
$is_secondary = (bool)get_parameter ('is_secondary', 0);
$no_hierarchy = (int)get_parameter ('no_hierarchy', 0);
foreach ($tags as $k => $tag) {
if(empty($tag)) {
unset($tags[$k]);
}
}
$tags = $is_secondary ? '' : implode(',', $tags);
$tags = implode(',', $tags);
db_pandora_audit("User management",
"Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags);
if (profile_check_group_mode($id2, $group2, $is_secondary)) {
$return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $is_secondary);
ui_print_result_message ($return,
__('Profile added successfully'),
__('Profile cannot be added'));
} else {
if ($is_secondary) {
ui_print_error_message ("A group assigned like primary cannot be assigned like secondary.");
} else {
ui_print_error_message ("A group assigned like secondary cannot be assigned like primary.");
}
}
$return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $no_hierarchy);
ui_print_result_message ($return,
__('Profile added successfully'),
__('Profile cannot be added'));
}
if ($delete_profile) {
@ -669,6 +661,7 @@ $table->data[15][0] .= ui_print_help_tip(__('This is defined in minutes, If you
$table->data[15][1] = html_print_input_text ('session_time', $user_info["session_time"], '', 5, 5, true);
$event_filter_data = db_get_all_rows_sql('SELECT id_name, id_filter FROM tevent_filter');
if ($event_filter_data === false) $event_filter_data = array();
$event_filter = array();
$event_filter[0] = __('None');
foreach ($event_filter_data as $filter) {
@ -730,8 +723,7 @@ echo '<br />';
/* Don't show anything else if we're creating an user */
if (!empty ($id) && !$new_user) {
profile_print_profile_table($id, __('Profiles/Groups assigned to this user'));
enterprise_hook('profile_print_profile_secondary_table', array($id));
profile_print_profile_table($id);
}

View File

@ -68,7 +68,7 @@ function profile_get_profiles ($filter = false) {
* @param int Group ID (default 1 => All)
* @param string Assign User who assign the profile to user.
* @param string tags where the view of the user in this group will be restricted
* @param bool Profile is secondary or not
* @param bool Profile is marked to not provide hierarchy
*
* @return mixed Number id if succesful, false if not
*/
@ -77,7 +77,7 @@ function profile_create_user_profile ($id_user,
$id_group = 0,
$assignUser = false,
$tags = '',
$is_secondary = false
$no_hierarchy = false
) {
global $config;
@ -86,7 +86,7 @@ function profile_create_user_profile ($id_user,
return false;
// Secondary server is an enterprise function
if (!enterprise_installed() && $is_secondary) return false;
if (!enterprise_installed() && $no_hierarchy) return false;
// Checks if the user exists
$result_user = users_get_user_by_id($id_user);
@ -95,9 +95,6 @@ function profile_create_user_profile ($id_user,
return false;
}
// Cannot mix secondary and primary profiles
if (!profile_check_group_mode($id_user, $id_group, $is_secondary)) return false;
if (isset ($config["id_user"])) {
//Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora)
$assign = $config["id_user"];
@ -114,7 +111,7 @@ function profile_create_user_profile ($id_user,
"id_grupo" => $id_group,
"tags" => $tags,
"assigned_by" => $assign,
"is_secondary" => $is_secondary ? 1 : 0
"no_hierarchy" => $no_hierarchy ? 1 : 0
);
return db_process_sql_insert ("tusuario_perfil", $insert);
@ -147,35 +144,16 @@ function profile_delete_profile ($id_profile) {
return (bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile));
}
/**
* Check if a group can be added being secondary or normal
*
* @param int User ID you want to check
* @param int Group ID you want to check
* @param bool Mode of profile will be inserted
*
* @return bool False if there is a group with the mode already added
*/
function profile_check_group_mode($user_id, $group_id, $is_secondary) {
$inserted_type = (int)db_get_value_sql(sprintf(
'SELECT COUNT(*) FROM tusuario_perfil WHERE
id_grupo=%d AND is_secondary=%d AND id_usuario="%s"',
$group_id, !$is_secondary ? 1 : 0, $user_id)
);
return $inserted_type === 0;
}
/**
* Print the table to display, create and delete profiles
*
* @param int User id
* @param string Title of the table view
* @param bool Show the tags select or not
*/
function profile_print_profile_table ($id, $title, $is_secondary = false) {
function profile_print_profile_table ($id) {
global $config;
$is_secondary = enterprise_installed() ? $is_secondary : false;
$title = __('Profiles/Groups assigned to this user');
$table = new stdClass();
$table->width = '100%';
@ -196,17 +174,15 @@ function profile_print_profile_table ($id, $title, $is_secondary = false) {
$table->style[0] = 'font-weight: bold';
$table->style[1] = 'font-weight: bold';
}
$table->head[0] = __('Profile name');
$table->head[1] = __('Group');
if (!$is_secondary) {
$table->head[2] = __('Tags');
}
$table->head[3] = __('Action');
$table->align[3] = 'center';
$table->head["name"] = __('Profile name');
$table->head["group"] = __('Group');
$table->head["tags"] = __('Tags');
$table->head["hierarchy"] = __('No hierarchy');
$table->head["actions"] = __('Action');
$table->align["actions"] = 'center';
$result = db_get_all_rows_filter ("tusuario_perfil", array (
"id_usuario" => $id,
"is_secondary" => $is_secondary ? 1 : 0
"id_usuario" => $id
));
if ($result === false) {
@ -220,67 +196,63 @@ function profile_print_profile_table ($id, $title, $is_secondary = false) {
$data = array ();
$data[0] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.profile_get_name ($profile['id_perfil']).'</a>';
$data[1] = ui_print_group_icon($profile["id_grupo"], true);
$data["name"] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.profile_get_name ($profile['id_perfil']).'</a>';
$data["group"] = ui_print_group_icon($profile["id_grupo"], true);
if (!defined('METACONSOLE')) {
$data[1] .= '<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id='.$profile['id_grupo'].'&pure='.$pure.'">';
$data["group"] .= '<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id='.$profile['id_grupo'].'&pure='.$pure.'">';
}
$data[1] .= '&nbsp;' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT);
if (!defined('METACONSOLE'))
$data[1] .= '</a>';
$data["group"] .= '&nbsp;' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT);
if (!defined('METACONSOLE')) $data["group"] .= '</a>';
if (!$is_secondary) {
if(empty($profile["tags"])) {
$data[2] = '';
}
else {
$tags_ids = explode(',',$profile["tags"]);
$tags = tags_get_tags($tags_ids);
$data[2] = tags_get_tags_formatted($tags);
}
if(empty($profile["tags"])) {
$data["tags"] = '';
}
else {
$tags_ids = explode(',',$profile["tags"]);
$tags = tags_get_tags($tags_ids);
$data["tags"] = tags_get_tags_formatted($tags);
}
$data[3] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[3] .= html_print_input_hidden ('delete_profile', 1, true);
$data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true);
$data[3] .= html_print_input_hidden ('id_user', $id, true);
$data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true);
$data[3] .= '</form>';
$data["hierarchy"] = $profile['no_hierarchy'] ? __("Yes") : __("No");
$data["actions"] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data["actions"] .= html_print_input_hidden ('delete_profile', 1, true);
$data["actions"] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true);
$data["actions"] .= html_print_input_hidden ('id_user', $id, true);
$data["actions"] .= html_print_input_image ('del', 'images/cross.png', 1, '', true);
$data["actions"] .= '</form>';
array_push ($table->data, $data);
}
$data = array ();
$data[0] = '<form method="post">';
$data["name"] = '<form method="post">';
if (check_acl ($config['id_user'], 0, "PM")) {
$data[0] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '',
$data["name"] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '',
__('None'), 0, true, false, false);
}
else {
$data[0] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1',
$data["name"] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1',
'db_management' => '<> 1')), 'assign_profile', 0, '', __('None'), 0,
true, false, false);
}
$data[1] = html_print_select_groups($config['id_user'], "UM",
$data["group"] = html_print_select_groups($config['id_user'], "UM",
users_is_admin($config['id_user']), 'assign_group', -1, '', __('None'), -1, true,
false, false);
if (!$is_secondary) {
$tags = tags_get_all_tags();
$data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true);
}
$tags = tags_get_all_tags();
$data["tags"] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true);
$data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true);
$data[3] .= html_print_input_hidden ('id', $id, true);
$data[3] .= html_print_input_hidden ('add_profile', 1, true);
if ($is_secondary) {
$data[3] .= html_print_input_hidden('is_secondary', 1, true);
}
$data[3] .= '</form>';
$data["hierarchy"] = html_print_checkbox ('no_hierarchy', 1, false, true);
$data["actions"] = html_print_input_image ('add', 'images/add.png', 1, '', true);
$data["actions"] .= html_print_input_hidden ('id', $id, true);
$data["actions"] .= html_print_input_hidden ('add_profile', 1, true);
$data["actions"] .= '</form>';
array_push ($table->data, $data);

View File

@ -277,11 +277,12 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
$query = "SELECT * FROM tgrupo ORDER BY parent,id_grupo DESC";
$raw_groups = db_get_all_rows_sql($query);
$query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags FROM tgrupo, tusuario_perfil, tperfil
$query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags, tusuario_perfil.no_hierarchy FROM tgrupo, tusuario_perfil, tperfil
WHERE (tgrupo.id_grupo = tusuario_perfil.id_grupo OR tusuario_perfil.id_grupo = 0)
AND tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s' ORDER BY nombre", $id_user);
$raw_forest = db_get_all_rows_sql ($query);
if ($raw_forest === false) $raw_forest = array();
foreach ($raw_forest as $g) {
// XXX, following code must be remade (TAG)
@ -291,7 +292,6 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
else {
$forest_acl[$g["id_grupo"]] = groups_combine_acl($forest_acl[$g["id_grupo"]], $g);
}
}
$groups = array();
@ -303,7 +303,11 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
$parents = get_group_ancestors($group["parent"],$groups);
if (is_array($parents)) {
foreach ($parents as $parent) {
if ( (isset($forest_acl[$parent])) && ($groups[$parent]["propagate"] == 1)) {
if (
(isset($forest_acl[$parent])) &&
($groups[$parent]["propagate"] == 1) &&
($forest_acl[$parent]["no_hierarchy"] == 0)
) {
if (isset($forest_acl[$group["id_grupo"]])) {
// update ACL propagation
$tmp = groups_combine_acl($forest_acl[$parent], $forest_acl[$group["id_grupo"]]);
@ -319,10 +323,8 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
}
}
}
else {
// no parents, direct assignment already done
}
}
// No parents, direct assignment already done
}
}
// Update the group cache.
$group_cache[$id_user] = $forest_acl;

View File

@ -1136,7 +1136,7 @@ CREATE TABLE IF NOT EXISTS `tusuario_perfil` (
`id_usuario` varchar(100) NOT NULL default '',
`id_perfil` int(10) unsigned NOT NULL default '0',
`id_grupo` int(10) NOT NULL default '0',
`is_secondary` tinyint(1) NOT NULL default 0,
`no_hierarchy` tinyint(1) NOT NULL default 0,
`assigned_by` varchar(100) NOT NULL default '',
`id_policy` int(10) unsigned NOT NULL default '0',
`tags` text NOT NULL,