2014-03-13 Miguel de Dios <miguel.dedios@artica.es>
* godmode/reporting/reporting_builder.main.php, godmode/reporting/reporting_builder.php, include/functions_users.php: fixed the access to the report with the user profile "RW" and "RM". Incident: #655 git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@9575 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
c211286145
commit
a625b598a6
|
@ -1,3 +1,12 @@
|
|||
2014-03-13 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* godmode/reporting/reporting_builder.main.php,
|
||||
godmode/reporting/reporting_builder.php,
|
||||
include/functions_users.php: fixed the access to the report with the
|
||||
user profile "RW" and "RM".
|
||||
|
||||
Incident: #655
|
||||
|
||||
2014-03-13 Vanessa Gil <vanessa.gil@artica.es>
|
||||
|
||||
* godmode/menu.php
|
||||
|
|
|
@ -58,15 +58,17 @@ $table->data['name'][1] = html_print_input_text('name', $reportName,
|
|||
|
||||
$table->data['group'][0] = __('Group');
|
||||
|
||||
$write_groups = users_get_groups_for_select(false, "RW", users_can_manage_group_all(), true, false, 'id_grupo');
|
||||
|
||||
$write_groups = users_get_groups_for_select(false, "RW",
|
||||
users_can_manage_group_all(), true, false, 'id_grupo');
|
||||
|
||||
// If the report group is not among the RW groups (special permission) we add it
|
||||
if (!isset($write_groups[$idGroupReport])) {
|
||||
$write_groups[$idGroupReport] = groups_get_name($idGroupReport);
|
||||
}
|
||||
|
||||
$table->data['group'][1] = html_print_select ($write_groups, 'id_group', $idGroupReport, false, '', '', true);
|
||||
|
||||
$table->data['group'][1] = html_print_select($write_groups, 'id_group',
|
||||
$idGroupReport, false, '', '', true);
|
||||
|
||||
if ($report_id_user == $config['id_user'] ||
|
||||
is_user_admin ($config["id_user"])) {
|
||||
//S/he is the creator of report (or admin) and s/he can change the access.
|
||||
|
@ -78,7 +80,7 @@ if ($report_id_user == $config['id_user'] ||
|
|||
ui_print_help_tip(__('For example, you want a report that the people of "All" groups can see but you want to edit only for you or your group.'), true);
|
||||
$table->data['access'][1] = html_print_select ($type_access, 'type_access',
|
||||
$type_access_selected, 'change_type_access(this)', '', 0, true);
|
||||
|
||||
|
||||
$style = "display: none;";
|
||||
if ($type_access_selected == 'group_edit')
|
||||
$style = "";
|
||||
|
|
|
@ -336,17 +336,17 @@ switch ($action) {
|
|||
'order' => 'name'
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
# Fix : group filter was not working
|
||||
// Show only selected groups
|
||||
if ($id_group > 0) {
|
||||
$group = array("$id_group" => $id_group);
|
||||
$filter['id_group'] = $id_group;
|
||||
if ($id_group > 0) {
|
||||
$group = array("$id_group" => $id_group);
|
||||
$filter['id_group'] = $id_group;
|
||||
}
|
||||
else {
|
||||
$group = false;
|
||||
}
|
||||
|
||||
else {
|
||||
$group = false;
|
||||
}
|
||||
|
||||
|
||||
// Filter normal and metaconsole reports
|
||||
if ($config['metaconsole'] == 1 and defined('METACONSOLE'))
|
||||
|
@ -357,7 +357,7 @@ switch ($action) {
|
|||
$reports = reports_get_reports ($filter,
|
||||
array ('name', 'id_report', 'description', 'private',
|
||||
'id_user', 'id_group'), $return_all_group, 'RR', $group);
|
||||
|
||||
|
||||
$table->width = '0px';
|
||||
if (sizeof ($reports)) {
|
||||
$table->id = 'report_list';
|
||||
|
@ -389,7 +389,8 @@ switch ($action) {
|
|||
$table->head[$next] = __('Group');
|
||||
$table->align[$next] = 'center';
|
||||
$next++;
|
||||
$table->head[$next] = '<span title="Operations">' . __('Op.') . '</span>';
|
||||
$table->head[$next] = '<span title="Operations">' .
|
||||
__('Op.') . '</span>';
|
||||
$table->size = array ();
|
||||
$table->size[$next] = '80px';
|
||||
$table->style[$next] = 'text-align:center;';
|
||||
|
@ -398,7 +399,7 @@ switch ($action) {
|
|||
|
||||
foreach ($reports as $report) {
|
||||
|
||||
if (!is_user_admin ($config["id_user"])){
|
||||
if (!is_user_admin ($config["id_user"])) {
|
||||
if ($report["private"] && $report["id_user"] != $config['id_user'])
|
||||
if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
|
||||
continue;
|
||||
|
@ -448,40 +449,65 @@ switch ($action) {
|
|||
|
||||
$type_access_selected = reports_get_type_access($report);
|
||||
$edit = false;
|
||||
$delete = false;
|
||||
|
||||
switch ($type_access_selected) {
|
||||
case 'group_view':
|
||||
$edit = check_acl($config['id_user'], $report['id_group'], "RW") && users_can_manage_group_all($report["id_group"]);
|
||||
$edit = check_acl($config['id_user'],
|
||||
$report['id_group'], "RW")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group"], "RW");
|
||||
|
||||
$delete = check_acl($config['id_user'],
|
||||
$report['id_group'], "RM")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group"], "RM");
|
||||
break;
|
||||
case 'group_edit':
|
||||
$edit = check_acl($config['id_user'], $report['id_group_edit'], "RW") && users_can_manage_group_all($report["id_group_edit"]);
|
||||
$edit = check_acl($config['id_user'],
|
||||
$report['id_group_edit'], "RW")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group_edit"], "RW");
|
||||
|
||||
$delete = check_acl($config['id_user'],
|
||||
$report['id_group_edit'], "RM")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group_edit"], "RM");
|
||||
break;
|
||||
case 'user_edit':
|
||||
if ($config['id_user'] == $report['id_user'] ||
|
||||
is_user_admin ($config["id_user"]))
|
||||
is_user_admin ($config["id_user"])) {
|
||||
$edit = true;
|
||||
$delete = true;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
if ($edit) {
|
||||
if ($edit || $delete) {
|
||||
if (!isset($table->head[$next])) {
|
||||
$table->head[$next] = '<span title="Operations">' . __('Op.') . '</span>';
|
||||
$table->size = array ();
|
||||
$table->size[$next] = '80px';
|
||||
$table->style[$next] = 'text-align:center;';
|
||||
}
|
||||
|
||||
$data[$next] = '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&pure='.$pure.'" style="display:inline">';
|
||||
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
|
||||
$data[$next] .= html_print_input_image ('edit', 'images/config.png', 1, '', true, array ('title' => __('Edit')));
|
||||
$data[$next] .= '</form>';
|
||||
|
||||
$data[$next] .= '<form method="post" style="display:inline;" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
|
||||
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
|
||||
$data[$next] .= html_print_input_hidden ('action','delete_report', true);
|
||||
$data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '',
|
||||
true, array ('title' => __('Delete')));
|
||||
$data[$next] .= '</form>';
|
||||
if ($edit) {
|
||||
$data[$next] = '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&pure='.$pure.'" style="display:inline">';
|
||||
$data[$next] .= html_print_input_hidden('id_report',
|
||||
$report['id_report'], true);
|
||||
$data[$next] .= html_print_input_image('edit',
|
||||
'images/config.png', 1, '', true, array ('title' => __('Edit')));
|
||||
$data[$next] .= '</form>';
|
||||
}
|
||||
|
||||
if ($delete) {
|
||||
$data[$next] .= '<form method="post" style="display:inline;" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
|
||||
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
|
||||
$data[$next] .= html_print_input_hidden ('action','delete_report', true);
|
||||
$data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '',
|
||||
true, array ('title' => __('Delete')));
|
||||
$data[$next] .= '</form>';
|
||||
}
|
||||
}
|
||||
|
||||
array_push ($table->data, $data);
|
||||
|
@ -499,7 +525,7 @@ switch ($action) {
|
|||
}
|
||||
|
||||
enterprise_hook('close_meta_frame');
|
||||
|
||||
|
||||
return;
|
||||
break;
|
||||
case 'new':
|
||||
|
|
|
@ -793,7 +793,7 @@ function users_check_users() {
|
|||
// Check if a user can manage a group when group is all
|
||||
// This function dont check acls of the group, only if the
|
||||
// user is admin or pandora manager and the group is all
|
||||
function users_can_manage_group_all($id_group = 0) {
|
||||
function users_can_manage_group_all($id_group = 0, $access = "PM") {
|
||||
global $config;
|
||||
|
||||
if ($id_group != 0) {
|
||||
|
@ -802,7 +802,7 @@ function users_can_manage_group_all($id_group = 0) {
|
|||
|
||||
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
|
||||
|
||||
if (check_acl ($config['id_user'], 0, "PM") || $is_admin) {
|
||||
if (check_acl ($config['id_user'], 0, $access) || $is_admin) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue