Merge branch '2609-cambios-en-la-forma-de-gestionar-grupos-secundarios-en-la-vista-de-usuario' into 'develop'

2609 cambios en la forma de gestionar grupos secundarios en la vista de usuario

See merge request artica/pandorafms!1665
This commit is contained in:
vgilc 2018-08-13 10:28:14 +02:00
commit 9dd9ad71a8
6 changed files with 72 additions and 99 deletions

View File

@ -53,4 +53,11 @@ CREATE TABLE IF NOT EXISTS `tlayout_template_data` (
FOREIGN KEY (`id_layout_template`) REFERENCES tlayout_template(`id`) ON DELETE CASCADE ON UPDATE CASCADE FOREIGN KEY (`id_layout_template`) REFERENCES tlayout_template(`id`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE = InnoDB DEFAULT CHARSET=utf8; ) ENGINE = InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
-- Rename column is_secondary to no_hierarchy in `tusuario _perfil`
-- ---------------------------------------------------------------------
ALTER TABLE `tusuario_perfil` ADD COLUMN `no_hierarchy` tinyint(1) NOT NULL DEFAULT 0;
UPDATE `tusuario_perfil` SET `is_secondary` = `no_hierarchy`;
ALTER TABLE `tusuario_perfil` DROP COLUMN `is_secondary`;
COMMIT; COMMIT;

View File

@ -1668,7 +1668,7 @@ create table IF NOT EXISTS `tmetaconsole_agent_secondary_group`(
ALTER TABLE tagente ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0'; ALTER TABLE tagente ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tmetaconsole_agent ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0'; ALTER TABLE tmetaconsole_agent ADD COLUMN `update_secondary_groups` tinyint(1) NOT NULL default '0';
ALTER TABLE tusuario_perfil ADD COLUMN `is_secondary` tinyint(1) NOT NULL default '0'; ALTER TABLE tusuario_perfil ADD COLUMN `no_hierarchy` tinyint(1) NOT NULL default '0';
-- --------------------------------------------------------------------- -- ---------------------------------------------------------------------
-- Table `tautoconfig` -- Table `tautoconfig`

View File

@ -449,7 +449,7 @@ if ($add_profile) {
$group2 = (int) get_parameter ('assign_group'); $group2 = (int) get_parameter ('assign_group');
$profile2 = (int) get_parameter ('assign_profile'); $profile2 = (int) get_parameter ('assign_profile');
$tags = (array) get_parameter ('assign_tags'); $tags = (array) get_parameter ('assign_tags');
$is_secondary = (bool)get_parameter ('is_secondary', 0); $no_hierarchy = (int)get_parameter ('no_hierarchy', 0);
foreach ($tags as $k => $tag) { foreach ($tags as $k => $tag) {
if(empty($tag)) { if(empty($tag)) {
@ -457,22 +457,14 @@ if ($add_profile) {
} }
} }
$tags = $is_secondary ? '' : implode(',', $tags); $tags = implode(',', $tags);
db_pandora_audit("User management", db_pandora_audit("User management",
"Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags); "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags);
if (profile_check_group_mode($id2, $group2, $is_secondary)) { $return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $no_hierarchy);
$return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $is_secondary);
ui_print_result_message ($return, ui_print_result_message ($return,
__('Profile added successfully'), __('Profile added successfully'),
__('Profile cannot be added')); __('Profile cannot be added'));
} else {
if ($is_secondary) {
ui_print_error_message ("A group assigned like primary cannot be assigned like secondary.");
} else {
ui_print_error_message ("A group assigned like secondary cannot be assigned like primary.");
}
}
} }
if ($delete_profile) { if ($delete_profile) {
@ -669,6 +661,7 @@ $table->data[15][0] .= ui_print_help_tip(__('This is defined in minutes, If you
$table->data[15][1] = html_print_input_text ('session_time', $user_info["session_time"], '', 5, 5, true); $table->data[15][1] = html_print_input_text ('session_time', $user_info["session_time"], '', 5, 5, true);
$event_filter_data = db_get_all_rows_sql('SELECT id_name, id_filter FROM tevent_filter'); $event_filter_data = db_get_all_rows_sql('SELECT id_name, id_filter FROM tevent_filter');
if ($event_filter_data === false) $event_filter_data = array();
$event_filter = array(); $event_filter = array();
$event_filter[0] = __('None'); $event_filter[0] = __('None');
foreach ($event_filter_data as $filter) { foreach ($event_filter_data as $filter) {
@ -730,8 +723,7 @@ echo '<br />';
/* Don't show anything else if we're creating an user */ /* Don't show anything else if we're creating an user */
if (!empty ($id) && !$new_user) { if (!empty ($id) && !$new_user) {
profile_print_profile_table($id, __('Profiles/Groups assigned to this user')); profile_print_profile_table($id);
enterprise_hook('profile_print_profile_secondary_table', array($id));
} }

View File

@ -68,7 +68,7 @@ function profile_get_profiles ($filter = false) {
* @param int Group ID (default 1 => All) * @param int Group ID (default 1 => All)
* @param string Assign User who assign the profile to user. * @param string Assign User who assign the profile to user.
* @param string tags where the view of the user in this group will be restricted * @param string tags where the view of the user in this group will be restricted
* @param bool Profile is secondary or not * @param bool Profile is marked to not provide hierarchy
* *
* @return mixed Number id if succesful, false if not * @return mixed Number id if succesful, false if not
*/ */
@ -77,7 +77,7 @@ function profile_create_user_profile ($id_user,
$id_group = 0, $id_group = 0,
$assignUser = false, $assignUser = false,
$tags = '', $tags = '',
$is_secondary = false $no_hierarchy = false
) { ) {
global $config; global $config;
@ -86,7 +86,7 @@ function profile_create_user_profile ($id_user,
return false; return false;
// Secondary server is an enterprise function // Secondary server is an enterprise function
if (!enterprise_installed() && $is_secondary) return false; if (!enterprise_installed() && $no_hierarchy) return false;
// Checks if the user exists // Checks if the user exists
$result_user = users_get_user_by_id($id_user); $result_user = users_get_user_by_id($id_user);
@ -95,9 +95,6 @@ function profile_create_user_profile ($id_user,
return false; return false;
} }
// Cannot mix secondary and primary profiles
if (!profile_check_group_mode($id_user, $id_group, $is_secondary)) return false;
if (isset ($config["id_user"])) { if (isset ($config["id_user"])) {
//Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora) //Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora)
$assign = $config["id_user"]; $assign = $config["id_user"];
@ -114,7 +111,7 @@ function profile_create_user_profile ($id_user,
"id_grupo" => $id_group, "id_grupo" => $id_group,
"tags" => $tags, "tags" => $tags,
"assigned_by" => $assign, "assigned_by" => $assign,
"is_secondary" => $is_secondary ? 1 : 0 "no_hierarchy" => $no_hierarchy ? 1 : 0
); );
return db_process_sql_insert ("tusuario_perfil", $insert); return db_process_sql_insert ("tusuario_perfil", $insert);
@ -147,35 +144,16 @@ function profile_delete_profile ($id_profile) {
return (bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile)); return (bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile));
} }
/**
* Check if a group can be added being secondary or normal
*
* @param int User ID you want to check
* @param int Group ID you want to check
* @param bool Mode of profile will be inserted
*
* @return bool False if there is a group with the mode already added
*/
function profile_check_group_mode($user_id, $group_id, $is_secondary) {
$inserted_type = (int)db_get_value_sql(sprintf(
'SELECT COUNT(*) FROM tusuario_perfil WHERE
id_grupo=%d AND is_secondary=%d AND id_usuario="%s"',
$group_id, !$is_secondary ? 1 : 0, $user_id)
);
return $inserted_type === 0;
}
/** /**
* Print the table to display, create and delete profiles * Print the table to display, create and delete profiles
* *
* @param int User id * @param int User id
* @param string Title of the table view
* @param bool Show the tags select or not * @param bool Show the tags select or not
*/ */
function profile_print_profile_table ($id, $title, $is_secondary = false) { function profile_print_profile_table ($id) {
global $config; global $config;
$is_secondary = enterprise_installed() ? $is_secondary : false; $title = __('Profiles/Groups assigned to this user');
$table = new stdClass(); $table = new stdClass();
$table->width = '100%'; $table->width = '100%';
@ -196,17 +174,15 @@ function profile_print_profile_table ($id, $title, $is_secondary = false) {
$table->style[0] = 'font-weight: bold'; $table->style[0] = 'font-weight: bold';
$table->style[1] = 'font-weight: bold'; $table->style[1] = 'font-weight: bold';
} }
$table->head[0] = __('Profile name'); $table->head["name"] = __('Profile name');
$table->head[1] = __('Group'); $table->head["group"] = __('Group');
if (!$is_secondary) { $table->head["tags"] = __('Tags');
$table->head[2] = __('Tags'); $table->head["hierarchy"] = __('No hierarchy');
} $table->head["actions"] = __('Action');
$table->head[3] = __('Action'); $table->align["actions"] = 'center';
$table->align[3] = 'center';
$result = db_get_all_rows_filter ("tusuario_perfil", array ( $result = db_get_all_rows_filter ("tusuario_perfil", array (
"id_usuario" => $id, "id_usuario" => $id
"is_secondary" => $is_secondary ? 1 : 0
)); ));
if ($result === false) { if ($result === false) {
@ -220,67 +196,63 @@ function profile_print_profile_table ($id, $title, $is_secondary = false) {
$data = array (); $data = array ();
$data[0] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.profile_get_name ($profile['id_perfil']).'</a>'; $data["name"] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_profile&id='.$profile['id_perfil'].'&pure='.$pure.'">'.profile_get_name ($profile['id_perfil']).'</a>';
$data[1] = ui_print_group_icon($profile["id_grupo"], true); $data["group"] = ui_print_group_icon($profile["id_grupo"], true);
if (!defined('METACONSOLE')) { if (!defined('METACONSOLE')) {
$data[1] .= '<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id='.$profile['id_grupo'].'&pure='.$pure.'">'; $data["group"] .= '<a href="index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id='.$profile['id_grupo'].'&pure='.$pure.'">';
} }
$data[1] .= '&nbsp;' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT); $data["group"] .= '&nbsp;' . ui_print_truncate_text(groups_get_name ($profile['id_grupo'], True), GENERIC_SIZE_TEXT);
if (!defined('METACONSOLE')) if (!defined('METACONSOLE')) $data["group"] .= '</a>';
$data[1] .= '</a>';
if (!$is_secondary) {
if(empty($profile["tags"])) { if(empty($profile["tags"])) {
$data[2] = ''; $data["tags"] = '';
} }
else { else {
$tags_ids = explode(',',$profile["tags"]); $tags_ids = explode(',',$profile["tags"]);
$tags = tags_get_tags($tags_ids); $tags = tags_get_tags($tags_ids);
$data[2] = tags_get_tags_formatted($tags); $data["tags"] = tags_get_tags_formatted($tags);
}
} }
$data[3] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">'; $data["hierarchy"] = $profile['no_hierarchy'] ? __("Yes") : __("No");
$data[3] .= html_print_input_hidden ('delete_profile', 1, true);
$data[3] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true); $data["actions"] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[3] .= html_print_input_hidden ('id_user', $id, true); $data["actions"] .= html_print_input_hidden ('delete_profile', 1, true);
$data[3] .= html_print_input_image ('del', 'images/cross.png', 1, '', true); $data["actions"] .= html_print_input_hidden ('id_user_profile', $profile['id_up'], true);
$data[3] .= '</form>'; $data["actions"] .= html_print_input_hidden ('id_user', $id, true);
$data["actions"] .= html_print_input_image ('del', 'images/cross.png', 1, '', true);
$data["actions"] .= '</form>';
array_push ($table->data, $data); array_push ($table->data, $data);
} }
$data = array (); $data = array ();
$data[0] = '<form method="post">'; $data["name"] = '<form method="post">';
if (check_acl ($config['id_user'], 0, "PM")) { if (check_acl ($config['id_user'], 0, "PM")) {
$data[0] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '', $data["name"] .= html_print_select (profile_get_profiles (), 'assign_profile', 0, '',
__('None'), 0, true, false, false); __('None'), 0, true, false, false);
} }
else { else {
$data[0] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1', $data["name"] .= html_print_select (profile_get_profiles (array ('pandora_management' => '<> 1',
'db_management' => '<> 1')), 'assign_profile', 0, '', __('None'), 0, 'db_management' => '<> 1')), 'assign_profile', 0, '', __('None'), 0,
true, false, false); true, false, false);
} }
$data[1] = html_print_select_groups($config['id_user'], "UM", $data["group"] = html_print_select_groups($config['id_user'], "UM",
users_is_admin($config['id_user']), 'assign_group', -1, '', __('None'), -1, true, users_is_admin($config['id_user']), 'assign_group', -1, '', __('None'), -1, true,
false, false); false, false);
if (!$is_secondary) {
$tags = tags_get_all_tags(); $tags = tags_get_all_tags();
$data[2] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true); $data["tags"] = html_print_select($tags, 'assign_tags[]', '', '', __('Any'), '', true, true);
}
$data[3] = html_print_input_image ('add', 'images/add.png', 1, '', true); $data["hierarchy"] = html_print_checkbox ('no_hierarchy', 1, false, true);
$data[3] .= html_print_input_hidden ('id', $id, true);
$data[3] .= html_print_input_hidden ('add_profile', 1, true); $data["actions"] = html_print_input_image ('add', 'images/add.png', 1, '', true);
if ($is_secondary) { $data["actions"] .= html_print_input_hidden ('id', $id, true);
$data[3] .= html_print_input_hidden('is_secondary', 1, true); $data["actions"] .= html_print_input_hidden ('add_profile', 1, true);
} $data["actions"] .= '</form>';
$data[3] .= '</form>';
array_push ($table->data, $data); array_push ($table->data, $data);

View File

@ -277,11 +277,12 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
$query = "SELECT * FROM tgrupo ORDER BY parent,id_grupo DESC"; $query = "SELECT * FROM tgrupo ORDER BY parent,id_grupo DESC";
$raw_groups = db_get_all_rows_sql($query); $raw_groups = db_get_all_rows_sql($query);
$query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags FROM tgrupo, tusuario_perfil, tperfil $query = sprintf("SELECT tgrupo.*, tperfil.*, tusuario_perfil.tags, tusuario_perfil.no_hierarchy FROM tgrupo, tusuario_perfil, tperfil
WHERE (tgrupo.id_grupo = tusuario_perfil.id_grupo OR tusuario_perfil.id_grupo = 0) WHERE (tgrupo.id_grupo = tusuario_perfil.id_grupo OR tusuario_perfil.id_grupo = 0)
AND tusuario_perfil.id_perfil = tperfil.id_perfil AND tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s' ORDER BY nombre", $id_user); AND tusuario_perfil.id_usuario = '%s' ORDER BY nombre", $id_user);
$raw_forest = db_get_all_rows_sql ($query); $raw_forest = db_get_all_rows_sql ($query);
if ($raw_forest === false) $raw_forest = array();
foreach ($raw_forest as $g) { foreach ($raw_forest as $g) {
// XXX, following code must be remade (TAG) // XXX, following code must be remade (TAG)
@ -291,7 +292,6 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
else { else {
$forest_acl[$g["id_grupo"]] = groups_combine_acl($forest_acl[$g["id_grupo"]], $g); $forest_acl[$g["id_grupo"]] = groups_combine_acl($forest_acl[$g["id_grupo"]], $g);
} }
} }
$groups = array(); $groups = array();
@ -303,7 +303,11 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
$parents = get_group_ancestors($group["parent"],$groups); $parents = get_group_ancestors($group["parent"],$groups);
if (is_array($parents)) { if (is_array($parents)) {
foreach ($parents as $parent) { foreach ($parents as $parent) {
if ( (isset($forest_acl[$parent])) && ($groups[$parent]["propagate"] == 1)) { if (
(isset($forest_acl[$parent])) &&
($groups[$parent]["propagate"] == 1) &&
($forest_acl[$parent]["no_hierarchy"] == 0)
) {
if (isset($forest_acl[$group["id_grupo"]])) { if (isset($forest_acl[$group["id_grupo"]])) {
// update ACL propagation // update ACL propagation
$tmp = groups_combine_acl($forest_acl[$parent], $forest_acl[$group["id_grupo"]]); $tmp = groups_combine_acl($forest_acl[$parent], $forest_acl[$group["id_grupo"]]);
@ -319,9 +323,7 @@ function users_get_groups ($id_user = false, $privilege = "AR", $returnAllGroup
} }
} }
} }
else { // No parents, direct assignment already done
// no parents, direct assignment already done
}
} }
} }
// Update the group cache. // Update the group cache.

View File

@ -1136,7 +1136,7 @@ CREATE TABLE IF NOT EXISTS `tusuario_perfil` (
`id_usuario` varchar(100) NOT NULL default '', `id_usuario` varchar(100) NOT NULL default '',
`id_perfil` int(10) unsigned NOT NULL default '0', `id_perfil` int(10) unsigned NOT NULL default '0',
`id_grupo` int(10) NOT NULL default '0', `id_grupo` int(10) NOT NULL default '0',
`is_secondary` tinyint(1) NOT NULL default 0, `no_hierarchy` tinyint(1) NOT NULL default 0,
`assigned_by` varchar(100) NOT NULL default '', `assigned_by` varchar(100) NOT NULL default '',
`id_policy` int(10) unsigned NOT NULL default '0', `id_policy` int(10) unsigned NOT NULL default '0',
`tags` text NOT NULL, `tags` text NOT NULL,