From 9f2e722787a0814076b4f2ef59237991fe83fb84 Mon Sep 17 00:00:00 2001
From: Daniel Maya <daniel.maya@artica.es>
Date: Thu, 23 Jul 2020 13:26:39 +0200
Subject: [PATCH] Ent 6034 improvement of the um profile

---
 .../godmode/users/configure_user.php          | 330 +++++++++++++++---
 pandora_console/godmode/users/user_list.php   | 134 ++++---
 pandora_console/include/functions_profile.php |  30 +-
 pandora_console/include/functions_users.php   | 103 ++++++
 4 files changed, 480 insertions(+), 117 deletions(-)

diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php
index 531c7cc025..91b3ba7fcf 100644
--- a/pandora_console/godmode/users/configure_user.php
+++ b/pandora_console/godmode/users/configure_user.php
@@ -112,14 +112,88 @@ if (! check_acl($config['id_user'], 0, 'UM')) {
     return;
 }
 
-/*
- * Disabled at the moment.
-    if (!check_referer()) {
-    require ("general/noaccess.php");
+if (is_ajax()) {
+    $delete_profile = (bool) get_parameter('delete_profile');
+    if ($delete_profile) {
+        $id2 = (string) get_parameter('id_user');
+        $id_up = (int) get_parameter('id_user_profile');
 
-    return;
+        $perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up);
+        $id_perfil = $perfilUser['id_perfil'];
+        $perfil = db_get_row('tperfil', 'id_perfil', $id_perfil);
+
+        db_pandora_audit(
+            'User management',
+            'Deleted profile for user '.io_safe_input($id2),
+            false,
+            false,
+            'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo']
+        );
+
+        $return = profile_delete_user_profile($id2, $id_up);
+        ui_print_result_message(
+            $return,
+            __('Successfully deleted'),
+            __('Could not be deleted')
+        );
+
+
+        $has_profile = db_get_row('tusuario_perfil', 'id_usuario', $id2);
+        if ($has_profile == false) {
+            $result = delete_user($id2);
+
+            if ($result) {
+                db_pandora_audit(
+                    'User management',
+                    __('Deleted user %s', io_safe_input($id_user))
+                );
+            }
+
+            ui_print_result_message(
+                $result,
+                __('Successfully deleted'),
+                __('There was a problem deleting the user')
+            );
+
+            // Delete the user in all the consoles
+            if (defined('METACONSOLE')) {
+                $servers = metaconsole_get_servers();
+                foreach ($servers as $server) {
+                    // Connect to the remote console
+                    metaconsole_connect($server);
+
+                    // Delete the user
+                    $result = delete_user($id_user);
+                    if ($result) {
+                        db_pandora_audit(
+                            'User management',
+                            __('Deleted user %s from metaconsole', io_safe_input($id_user))
+                        );
+                    }
+
+                    // Restore the db connection
+                    metaconsole_restore_db();
+
+                    // Log to the metaconsole too
+                    if ($result) {
+                        db_pandora_audit(
+                            'User management',
+                            __('Deleted user %s from %s', io_safe_input($id_user), io_safe_input($server['server_name']))
+                        );
+                    }
+
+                    ui_print_result_message(
+                        $result,
+                        __('Successfully deleted from %s', io_safe_input($server['server_name'])),
+                        __('There was a problem deleting the user from %s', io_safe_input($server['server_name']))
+                    );
+                }
+            }
+        }
+
+        return;
     }
- */
+}
 
 $tab = get_parameter('tab', 'user');
 
@@ -168,9 +242,9 @@ if ($config['user_can_update_info']) {
 $new_user = (bool) get_parameter('new_user');
 $create_user = (bool) get_parameter('create_user');
 $add_profile = (bool) get_parameter('add_profile');
-$delete_profile = (bool) get_parameter('delete_profile');
 $update_user = (bool) get_parameter('update_user');
 $status = get_parameter('status', -1);
+$json_profile = get_parameter('json_profile', '');
 
 // Reset status var if current action is not update_user
 if ($new_user || $create_user || $add_profile
@@ -372,6 +446,41 @@ if ($create_user) {
 
             $user_info = get_user_info($id);
             $new_user = false;
+
+            if (!empty($json_profile)) {
+                $json_profile = json_decode(io_safe_output($json_profile), true);
+                foreach ($json_profile as $key => $profile) {
+                    if (!empty($profile)) {
+                        $group2 = $profile['group'];
+                        $profile2 = $profile['profile'];
+                        $tags = $profile['tags'];
+                        foreach ($tags as $k => $tag) {
+                            if (empty($tag)) {
+                                unset($tags[$k]);
+                            }
+                        }
+
+                        $tags = implode(',', $tags);
+                        $no_hierarchy = $profile['hierarchy'];
+
+                        db_pandora_audit(
+                            'User management',
+                            'Added profile for user '.io_safe_input($id2),
+                            false,
+                            false,
+                            'Profile: '.$profile2.' Group: '.$group2.' Tags: '.$tags
+                        );
+
+                        $result_profile = profile_create_user_profile($id, $profile2, $group2, false, $tags, $no_hierarchy);
+
+                        ui_print_result_message(
+                            $result_profile,
+                            __('Profile added successfully'),
+                            __('Profile cannot be added')
+                        );
+                    }
+                }
+            }
         } else {
             $user_info = $values;
             $new_user = true;
@@ -598,7 +707,7 @@ if ($status != -1) {
     );
 }
 
-if ($add_profile) {
+if ($add_profile && empty($json_profile)) {
     $id2 = (string) get_parameter('id');
     $group2 = (int) get_parameter('assign_group');
     $profile2 = (int) get_parameter('assign_profile');
@@ -628,34 +737,38 @@ if ($add_profile) {
     );
 }
 
-if ($delete_profile) {
-    $id2 = (string) get_parameter('id_user');
-    $id_up = (int) get_parameter('id_user_profile');
-
-    $perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up);
-    $id_perfil = $perfilUser['id_perfil'];
-    $perfil = db_get_row('tperfil', 'id_perfil', $id_perfil);
-
-    db_pandora_audit(
-        'User management',
-        'Deleted profile for user '.io_safe_input($id2),
-        false,
-        false,
-        'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo']
-    );
-
-    $return = profile_delete_user_profile($id2, $id_up);
-    ui_print_result_message(
-        $return,
-        __('Successfully deleted'),
-        __('Could not be deleted')
-    );
-}
-
 if ($values) {
     $user_info = $values;
 }
 
+if (!users_is_admin() && $config['id_user'] != $id && !$new_user) {
+    $group_um = users_get_groups_UM($config['id_user']);
+    if (isset($group_um[0])) {
+        $group_um_string = implode(',', array_keys(users_get_groups($config['id_user'], 'um', true)));
+    } else {
+        $group_um_string = implode(',', array_keys($group_um));
+    }
+
+    $sql = sprintf(
+        "SELECT tusuario_perfil.* FROM tusuario_perfil
+        INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
+        WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0",
+        $id,
+        $group_um_string
+    );
+
+    $result = db_get_all_rows_sql($sql);
+    if ($result == false || $user_info['is_admin']) {
+        db_pandora_audit(
+            'ACL Violation',
+            'Trying to access User Management'
+        );
+        include 'general/noaccess.php';
+
+        return;
+    }
+}
+
 if (defined('METACONSOLE')) {
     if ($id) {
         echo '<div class="user_form_title">'.__('Update User').'</div>';
@@ -762,19 +875,22 @@ if ($config['user_can_update_password']) {
 $own_info = get_user_info($config['id_user']);
 $global_profile = '<div class="label_select_simple user_global_profile" ><span class="input_label" style="margin:0;">'.__('Global Profile').'</span>';
 $global_profile .= '<div class="switch_radio_button">';
-$global_profile .= html_print_radio_button_extended(
-    'is_admin',
-    1,
-    [
-        'label'    => __('Administrator'),
-        'help_tip' => __('This user has permissions to manage all. An admin user should not requiere additional group permissions, except for using Enterprise ACL.'),
-    ],
-    $user_info['is_admin'],
-    false,
-    '',
-    '',
-    true
-);
+if (users_is_admin()) {
+    $global_profile .= html_print_radio_button_extended(
+        'is_admin',
+        1,
+        [
+            'label'    => __('Administrator'),
+            'help_tip' => __('This user has permissions to manage all. An admin user should not requiere additional group permissions, except for using Enterprise ACL.'),
+        ],
+        $user_info['is_admin'],
+        false,
+        '',
+        '',
+        true
+    );
+}
+
 $global_profile .= html_print_radio_button_extended(
     'is_admin',
     0,
@@ -1027,7 +1143,7 @@ if ($meta) {
     $metaconsole_access_node .= html_print_checkbox('metaconsole_access_node', 1, $user_info['metaconsole_access_node'], true).'</div>';
 }
 
-echo '<form method="post" autocomplete="off">';
+echo '<form id="user_profile_form" method="post" autocomplete="off">';
 
 
 if (!$id) {
@@ -1067,14 +1183,19 @@ if (!is_metaconsole()) {
     echo $search_custom_fields_view.$metaconsole_agents_manager.$metaconsole_assigned_server.$metaconsole_access_node;
 }
 
-    echo '</div>
-</div> 
+echo '</div>
+</div>
 
 <div class="user_edit_third_row white_box">
     <div class="edit_user_comments">'.$comments.'</div>
-</div>  
-<div class="user_edit_third_row white_box">'.$ehorus.'</div>  
 </div>';
+if (!empty($ehorus)) {
+    echo '<div class="user_edit_third_row white_box">'.$ehorus.'</div>';
+}
+
+echo '</div>';
+
+profile_print_profile_table($id);
 
 echo '<div style="width: 100%" class="action-buttons">';
 if ($config['admin_can_add_user']) {
@@ -1088,16 +1209,15 @@ if ($config['admin_can_add_user']) {
     }
 }
 
+html_print_input_hidden('json_profile', '');
+
 echo '</div>';
 echo '</form>';
 echo '<br />';
 
-// Don't show anything else if we're creating an user
-if (!empty($id) && !$new_user) {
-    profile_print_profile_table($id);
-}
-
 enterprise_hook('close_meta_frame');
+$delete_image = html_print_input_image('del', 'images/cross.png', 1, '', true, ['onclick' => 'delete_profile(event, this)']);
+
 
 if (!is_metaconsole()) {
     ?>
@@ -1132,13 +1252,14 @@ if (!is_metaconsole()) {
 ?>
 
 <script type="text/javascript">
+var json_profile = $('#hidden-json_profile');
 /* <![CDATA[ */
 $(document).ready (function () {
     $('input:radio[name="is_admin"]').change(function() {
         if($('#radiobtn0002').prop('checked')) {     
             $('#metaconsole_agents_manager_div').show();
             $('#metaconsole_access_node_div').show();
-            if($('#checkbox-metaconsole_agents_manager').prop('checked')) {       
+            if($('#checkbox-metaconsole_agents_manager').prop('checked')) {
                 $('#metaconsole_assigned_server_div').show();
             }
         }
@@ -1167,8 +1288,105 @@ $(document).ready (function () {
     });
     $('#checkbox-ehorus_user_level_enabled').trigger('change');
 
+    var img_delete = '<?php echo $delete_image; ?>';
+    var id_user = '<?php echo $id; ?>';
+    var data = [];
+
+    $('input:image[name="add"]').click(function (e) {
+        e.preventDefault();
+        var profile = $('#assign_profile').val();
+        var profile_text = $('#assign_profile option:selected').text();
+        var group = $('#assign_group').val();
+        var group_text = $('#assign_group option:selected').text();
+        var tags = $('#assign_tags').val();
+        var tags_text = $('#assign_tags option:selected').toArray().map(item => item.text).join();
+        if ( $('#checkbox-no_hierarchy').is(':checked')) {
+            var hierarchy = 1;
+            var hierarchy_text = '<?php echo __('yes'); ?>';
+        } else {
+            var hierarchy = 0;
+            var hierarchy_text = '<?php echo __('no'); ?>';
+        }
+
+        if (profile === '0' || group === '-1') {
+            alert('<?php echo __('please select profile and group'); ?>');
+            return;
+        }
+
+        if (id_user === '') {
+            let new_json = `{"profile":${profile},"group":${group},"tags":[${tags}],"hierarchy":${hierarchy}}`;
+            data.push(new_json);
+            json_profile.val('['+data+']');
+            $('#table_profiles tr:last').before(
+                `<tr>
+                    <td>${profile_text}</td>
+                    <td>${group_text}</td>
+                    <td>${tags_text}</td>
+                    <td>${hierarchy_text}</td>
+                    <td>${img_delete}</td>
+                </tr>`
+            );
+        } else {
+            this.form.submit();
+        }
+    });
+
+    $('input:image[name="del"]').click(function (e) {
+        e.preventDefault();
+        var rows = $("#table_profiles tr").length;
+        if (rows <= 3) {
+            if (!confirm('<?php echo __('Deleting last profile'); ?>' + '. ' + '<?php echo __('Are you sure?'); ?>')) {
+                return;
+            }
+        }
+
+        var id_user_profile = $(this).siblings();
+        id_user_profile = id_user_profile[1].value;
+        var row = $(this).closest('tr');
+
+        var params = [];
+        params.push("delete_profile=1");
+        params.push("id_user=" + id_user);
+        params.push("id_user_profile=" + id_user_profile);
+        params.push("page=godmode/users/configure_user");
+        jQuery.ajax ({
+            data: params.join ("&"),
+            type: 'POST',
+            url: action="<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
+            success: function (data) {
+                row.remove();
+                var rows = $("#table_profiles tr").length;
+                if (rows <= 2) {
+                    window.location.replace("<?php echo ui_get_full_url('index.php?sec=gusuarios&sec2=godmode/users/user_list&tab=user&pure=0', false, false, false); ?>");
+                }
+            }
+        });
+    });
+
+    $('#submit-crtbutton').click(function (e) {
+        e.preventDefault();
+        var rows = $("#table_profiles tr").length;
+        if (rows <= 2) {
+            alert('<?php echo __('please add a profile'); ?>');
+        } else {
+            this.form.submit();
+        }
+    });
 });
 
+function delete_profile(event, btn) {
+    event.preventDefault();
+    var row = btn.parentNode.parentNode;
+    var position = row.rowIndex;
+    row.parentNode.removeChild(row);
+
+    var json = json_profile.val();
+    var test = JSON.parse(json);
+    delete test[position-1];
+    json_profile.val(JSON.stringify(test));
+
+}
+
 function show_data_section () {
     section = $("#section").val();
     
diff --git a/pandora_console/godmode/users/user_list.php b/pandora_console/godmode/users/user_list.php
index a8776e6b04..9c9873a664 100644
--- a/pandora_console/godmode/users/user_list.php
+++ b/pandora_console/godmode/users/user_list.php
@@ -356,10 +356,23 @@ if (!defined('METACONSOLE')) {
     $table->valign[6] = 'top';
 }
 
+$group_um = users_get_groups_UM($config['id_user']);
+if (isset($group_um[0])) {
+    $group_um_string = implode(',', array_keys(users_get_groups($config['id_user'], 'um', true)));
+} else {
+    $group_um_string = implode(',', array_keys($group_um));
+}
+
 
 $info1 = [];
-
-$info1 = get_users($order);
+// Is admin or has group permissions all.
+if (users_is_admin() || isset($group_um[0])) {
+    $info1 = get_users($order);
+} else {
+    foreach ($group_um as $group => $value) {
+        $info1 = array_merge($info1, users_get_users_by_group($group, $value));
+    }
+}
 
 // Filter the users
 if ($search) {
@@ -400,33 +413,7 @@ if ($search) {
     }
 }
 
-// ~
-// ~ $filter_group
-// ~ $filter_search
-// ~
-$info = [];
-$own_info = get_user_info($config['id_user']);
-$own_groups = users_get_groups($config['id_user'], 'AR', $own_info['is_admin']);
-
-if ($own_info['is_admin']) {
-    $info = $info1;
-}
-// If user is not admin then don't display admin users and user of others groups.
-else {
-    foreach ($info1 as $key => $usr) {
-        $u = get_user_info($key);
-        $g = users_get_groups($key, false, $u['is_admin']);
-        $result = array_intersect($g, $own_groups);
-
-        // Show users without profile too.
-        if (!empty($result) || (db_get_all_rows_field_filter('tusuario_perfil', 'id_usuario', $usr['id_user']) === false)) {
-            $info[$key] = $usr;
-        }
-
-        unset($u);
-        unset($g);
-    }
-}
+$info = $info1;
 
 // Prepare pagination
 ui_pagination(count($info));
@@ -438,9 +425,41 @@ $rowPair = true;
 $iterator = 0;
 $cont = 0;
 foreach ($info as $user_id => $user_info) {
+    if (!users_is_admin() && $user_info['is_admin']) {
+        // If user is not admin then don't display admin users.
+        continue;
+    }
+
+    // User profiles.
+    if (users_is_admin() || $user_id == $config['id_user']) {
+        $user_profiles = db_get_all_rows_field_filter('tusuario_perfil', 'id_usuario', $user_id);
+    } else {
+        $user_profiles_aux = users_get_user_profile($user_id);
+        $user_profiles = [];
+        foreach ($group_um as $key => $value) {
+            if (isset($user_profiles_aux[$key])) {
+                $user_profiles[$key] = $user_profiles_aux[$key];
+                if ($user_profiles_aux[$key]['user_management'] == 1) {
+                    $user_info['edit'] = 0;
+                } else {
+                    $user_info['edit'] = 1;
+                }
+
+                unset($user_profiles_aux[$key]);
+            }
+        }
+
+        if (!empty($user_profiles_aux)) {
+            $user_info['not_delete'] = 1;
+        }
+
+        if ($user_profiles == false) {
+            continue;
+        }
+    }
+
     $cont++;
 
-    //
     // Manual pagination due the complicated process of the ACL data
     if ($cont <= $offset) {
         continue;
@@ -464,12 +483,14 @@ foreach ($info as $user_id => $user_info) {
 
     $iterator++;
 
-    $data[0] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_user&pure='.$pure.'&amp;id='.$user_id.'">'.$user_id.'</a>';
+    if (users_is_admin() || $config['id_user'] == $user_info['id_user'] || (!$user_info['is_admin'] && (!isset($user_info['edit']) || (isset($user_info['edit']) && $user_info['edit'])))) {
+        $data[0] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_user&pure='.$pure.'&amp;id='.$user_id.'">'.$user_id.'</a>';
+    } else {
+        $data[0] = $user_id;
+    }
+
     $data[1] = '<ul style="margin-top: 0 !important; margin-left: auto !important; padding-left: 10px !important; list-style-type: none !important;">';
     $data[1] .= '<li>'.$user_info['fullname'].'</li>';
-    /*
-        $data[1] .= '<li><b>' . __('First name') . ':</b> ' . $user_info["firstname"] . '</li>';
-    $data[1] .= '<li><b>' . __('Last name') . ':</b> ' . $user_info["lastname"] . '</li>';*/
     $data[1] .= '<li>'.$user_info['phone'].'</li>';
     $data[1] .= '<li>'.$user_info['email'].'</li>';
     $data[1] .= '</ul>';
@@ -485,20 +506,14 @@ foreach ($info as $user_id => $user_info) {
             ]
         ).'&nbsp;';
     } else {
-        /*
-            $data[3] = html_print_image ("images/user_green.png", true,
-            array ("alt" => __('User'),
-                "title" => __('Standard User'))) . '&nbsp;';
-        */
         $data[3] = '';
     }
 
     $data[4] = '';
-    $result = db_get_all_rows_field_filter('tusuario_perfil', 'id_usuario', $user_id);
-    if ($result !== false) {
+    if ($user_profiles !== false) {
         if (defined('METACONSOLE')) {
             $data[4] .= "<div width='100%'>";
-            foreach ($result as $row) {
+            foreach ($user_profiles as $row) {
                 $data[4] .= "<div style='float:left;'>";
                 $data[4] .= profile_get_name($row['id_perfil']);
                 $data[4] .= ' / </div>';
@@ -512,7 +527,7 @@ foreach ($info as $user_id => $user_info) {
             $data[4] .= '</div>';
         } else {
             $data[4] .= "<table width='100%'>";
-            foreach ($result as $row) {
+            foreach ($user_profiles as $row) {
                 $data[4] .= '<tr>';
                 $data[4] .= '<td>';
                 $data[4] .= profile_get_name($row['id_perfil']);
@@ -531,21 +546,26 @@ foreach ($info as $user_id => $user_info) {
     $data[5] = ui_print_string_substr($user_info['comments'], 24, true);
 
     $table->cellclass[][6] = 'action_buttons';
-    if ($user_info['disabled'] == 0) {
-        $data[6] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/user_list&amp;disable_user=1&pure='.$pure.'&amp;id='.$user_info['id_user'].'">'.html_print_image('images/lightbulb.png', true, ['title' => __('Disable')]).'</a>';
-    } else {
-        $data[6] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/user_list&amp;disable_user=0&pure='.$pure.'&amp;id='.$user_info['id_user'].'">'.html_print_image('images/lightbulb_off.png', true, ['title' => __('Enable')]).'</a>';
-    }
-
-    $data[6] .= '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_user&pure='.$pure.'&amp;id='.$user_id.'">'.html_print_image('images/config.png', true, ['title' => __('Edit')]).'</a>';
-    if ($config['admin_can_delete_user'] && $user_info['id_user'] != $config['id_user']) {
-        $data[6] .= "<a href='index.php?sec=".$sec.'&sec2=godmode/users/user_list&user_del=1&pure='.$pure.'&delete_user='.$user_info['id_user']."'>".html_print_image('images/cross.png', true, ['title' => __('Delete'), 'onclick' => "if (! confirm ('".__('Deleting User').' '.$user_info['id_user'].'. '.__('Are you sure?')."')) return false"]).'</a>';
-        if (defined('METACONSOLE')) {
-            $data[6] .= "<a href='index.php?sec=".$sec.'&sec2=godmode/users/user_list&user_del=1&pure='.$pure.'&delete_user='.$user_info['id_user']."&delete_all=1'>".html_print_image('images/cross_double.png', true, ['title' => __('Delete from all consoles'), 'onclick' => "if (! confirm ('".__('Deleting User %s from all consoles', $user_info['id_user']).'. '.__('Are you sure?')."')) return false"]).'</a>';
+    $data[6] = '';
+    if (users_is_admin() || $config['id_user'] == $user_info['id_user'] || (!$user_info['is_admin'] && (!isset($user_info['edit']) || (isset($user_info['edit']) && $user_info['edit'])))) {
+        if (!isset($user_info['not_delete'])) {
+            if ($user_info['disabled'] == 0) {
+                $data[6] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/user_list&amp;disable_user=1&pure='.$pure.'&amp;id='.$user_info['id_user'].'">'.html_print_image('images/lightbulb.png', true, ['title' => __('Disable')]).'</a>';
+            } else {
+                $data[6] = '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/user_list&amp;disable_user=0&pure='.$pure.'&amp;id='.$user_info['id_user'].'">'.html_print_image('images/lightbulb_off.png', true, ['title' => __('Enable')]).'</a>';
+            }
+        }
+
+        $data[6] .= '<a href="index.php?sec='.$sec.'&amp;sec2=godmode/users/configure_user&pure='.$pure.'&amp;id='.$user_id.'">'.html_print_image('images/config.png', true, ['title' => __('Edit')]).'</a>';
+        if ($config['admin_can_delete_user'] && $user_info['id_user'] != $config['id_user'] && !isset($user_info['not_delete'])) {
+            $data[6] .= "<a href='index.php?sec=".$sec.'&sec2=godmode/users/user_list&user_del=1&pure='.$pure.'&delete_user='.$user_info['id_user']."'>".html_print_image('images/cross.png', true, ['title' => __('Delete'), 'onclick' => "if (! confirm ('".__('Deleting User').' '.$user_info['id_user'].'. '.__('Are you sure?')."')) return false"]).'</a>';
+            if (defined('METACONSOLE')) {
+                $data[6] .= "<a href='index.php?sec=".$sec.'&sec2=godmode/users/user_list&user_del=1&pure='.$pure.'&delete_user='.$user_info['id_user']."&delete_all=1'>".html_print_image('images/cross_double.png', true, ['title' => __('Delete from all consoles'), 'onclick' => "if (! confirm ('".__('Deleting User %s from all consoles', $user_info['id_user']).'. '.__('Are you sure?')."')) return false"]).'</a>';
+            }
+        } else {
+            $data[6] .= '';
+            // Delete button not in this mode
         }
-    } else {
-        $data[6] .= '';
-        // Delete button not in this mode
     }
 
     array_push($table->data, $data);
diff --git a/pandora_console/include/functions_profile.php b/pandora_console/include/functions_profile.php
index c51cbc569a..029e54bbc2 100644
--- a/pandora_console/include/functions_profile.php
+++ b/pandora_console/include/functions_profile.php
@@ -188,6 +188,7 @@ function profile_print_profile_table($id)
     $title = __('Profiles/Groups assigned to this user');
 
     $table = new stdClass();
+    $table->id = 'table_profiles';
     $table->width = '100%';
     $table->class = 'info_table';
     if (defined('METACONSOLE')) {
@@ -216,10 +217,30 @@ function profile_print_profile_table($id)
     $table->head['actions'] = __('Action');
     $table->align['actions'] = 'center';
 
-    $result = db_get_all_rows_filter(
-        'tusuario_perfil',
-        ['id_usuario' => $id]
-    );
+    if (users_is_admin()) {
+        $result = db_get_all_rows_filter(
+            'tusuario_perfil',
+            ['id_usuario' => $id]
+        );
+    } else {
+        // Only profiles that can be viewed by the user.
+        $group_um = users_get_groups_UM($config['id_user']);
+        if (isset($group_um[0])) {
+            $group_um_string = implode(',', array_keys(users_get_groups($config['id_user'], 'um', true)));
+        } else {
+            $group_um_string = implode(',', array_keys($group_um));
+        }
+
+        $sql = sprintf(
+            "SELECT tusuario_perfil.* FROM tusuario_perfil
+            INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
+            WHERE id_usuario like '%s' AND id_grupo IN (%s) AND user_management = 0",
+            $id,
+            $group_um_string
+        );
+
+        $result = db_get_all_rows_sql($sql);
+    }
 
     if ($result === false) {
         $result = [];
@@ -285,6 +306,7 @@ function profile_print_profile_table($id)
                 [
                     'pandora_management' => '<> 1',
                     'db_management'      => '<> 1',
+                    'user_management'    => '<> 1',
                 ]
             ),
             'assign_profile',
diff --git a/pandora_console/include/functions_users.php b/pandora_console/include/functions_users.php
index af0616a610..4d3b933d56 100755
--- a/pandora_console/include/functions_users.php
+++ b/pandora_console/include/functions_users.php
@@ -668,3 +668,106 @@ function get_name_admin():string
 
     return $mail;
 }
+
+
+/**
+ * Obtiene una matriz con los grupos como clave y si tiene o no permiso UM sobre ese grupo(valor)
+ *
+ * @param  string User id
+ * @return array Return .
+ */
+function users_get_groups_UM($id_user)
+{
+    $sql = sprintf(
+        "SELECT id_grupo, user_management FROM tusuario_perfil
+        LEFT JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
+        WHERE id_usuario like '%s' AND user_management = 1  ORDER BY id_grupo",
+        $id_user
+    );
+
+    $groups = db_get_all_rows_sql($sql);
+    $return = [];
+    foreach ($groups as $key => $group) {
+        if (!isset($return[$group['id_grupo']]) || (isset($return[$group['id_grupo']]) && $group['user_management'] != 0)) {
+            $return[$group['id_grupo']] = $group['user_management'];
+        }
+    }
+
+    return $return;
+}
+
+
+/**
+ * Obtiene una matriz con los grupos como clave y si tiene o no permiso UM sobre ese grupo(valor)
+ *
+ * @param  string User id
+ * @return array Return .
+ */
+function users_get_users_by_group($id_group, $um=false)
+{
+    $sql = sprintf(
+        "SELECT tusuario.* FROM tusuario 
+        INNER JOIN tusuario_perfil ON tusuario_perfil.id_usuario = tusuario.id_user 
+        AND tusuario_perfil.id_grupo = '%s'",
+        $id_group
+    );
+
+    $users = db_get_all_rows_sql($sql);
+    $return = [];
+    foreach ($users as $key => $user) {
+        $return[$user['id_user']] = $user;
+        $return[$user['id_user']]['edit'] = $um;
+    }
+
+    return $return;
+}
+
+
+function users_has_profile_without_UM($id_user, $id_groups)
+{
+    $sql = sprintf(
+        "SELECT id_usuario, tperfil.user_management FROM tusuario_perfil
+        INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil AND tperfil.user_management = 0
+        WHERE tusuario_perfil.id_usuario like '%s' AND tusuario_perfil.id_grupo IN (%s)
+        ORDER BY tperfil.user_management DESC",
+        $id_user,
+        $id_groups
+    );
+
+    $without_um = db_get_all_rows_sql($sql);
+
+    if (isset($without_um[0])) {
+        $sql = sprintf(
+            "SELECT id_grupo, tperfil.* FROM tusuario_perfil
+            INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
+            WHERE tusuario_perfil.id_usuario like '%s'
+            ORDER BY tperfil.user_management DESC",
+            $id_user
+        );
+
+        $um = db_get_all_rows_sql($sql);
+        return 1;
+    } else {
+        return 0;
+    }
+
+}
+
+
+function users_get_user_profile($id_user)
+{
+    $sql = sprintf(
+        "SELECT * FROM tusuario_perfil
+        INNER JOIN tperfil ON tperfil.id_perfil = tusuario_perfil.id_perfil
+        WHERE tusuario_perfil.id_usuario like '%s'",
+        $id_user
+    );
+
+    $aux = db_get_all_rows_sql($sql);
+    $user_profiles = [];
+    foreach ($aux as $key => $value) {
+        $user_profiles[$value['id_grupo']] = $value;
+    }
+
+    return $user_profiles;
+}