2014-03-13 Miguel de Dios <miguel.dedios@artica.es>

* godmode/reporting/reporting_builder.main.php,
	godmode/reporting/reporting_builder.php,
	include/functions_users.php: fixed the access to the report with the
	user profile "RW" and "RM".
	
	Incident: #655




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@9575 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
mdtrooper 2014-03-13 10:22:34 +00:00
parent c211286145
commit a625b598a6
4 changed files with 72 additions and 35 deletions

View File

@ -1,3 +1,12 @@
2014-03-13 Miguel de Dios <miguel.dedios@artica.es>
* godmode/reporting/reporting_builder.main.php,
godmode/reporting/reporting_builder.php,
include/functions_users.php: fixed the access to the report with the
user profile "RW" and "RM".
Incident: #655
2014-03-13 Vanessa Gil <vanessa.gil@artica.es>
* godmode/menu.php

View File

@ -58,15 +58,17 @@ $table->data['name'][1] = html_print_input_text('name', $reportName,
$table->data['group'][0] = __('Group');
$write_groups = users_get_groups_for_select(false, "RW", users_can_manage_group_all(), true, false, 'id_grupo');
$write_groups = users_get_groups_for_select(false, "RW",
users_can_manage_group_all(), true, false, 'id_grupo');
// If the report group is not among the RW groups (special permission) we add it
if (!isset($write_groups[$idGroupReport])) {
$write_groups[$idGroupReport] = groups_get_name($idGroupReport);
}
$table->data['group'][1] = html_print_select ($write_groups, 'id_group', $idGroupReport, false, '', '', true);
$table->data['group'][1] = html_print_select($write_groups, 'id_group',
$idGroupReport, false, '', '', true);
if ($report_id_user == $config['id_user'] ||
is_user_admin ($config["id_user"])) {
//S/he is the creator of report (or admin) and s/he can change the access.
@ -78,7 +80,7 @@ if ($report_id_user == $config['id_user'] ||
ui_print_help_tip(__('For example, you want a report that the people of "All" groups can see but you want to edit only for you or your group.'), true);
$table->data['access'][1] = html_print_select ($type_access, 'type_access',
$type_access_selected, 'change_type_access(this)', '', 0, true);
$style = "display: none;";
if ($type_access_selected == 'group_edit')
$style = "";

View File

@ -336,17 +336,17 @@ switch ($action) {
'order' => 'name'
);
}
# Fix : group filter was not working
// Show only selected groups
if ($id_group > 0) {
$group = array("$id_group" => $id_group);
$filter['id_group'] = $id_group;
if ($id_group > 0) {
$group = array("$id_group" => $id_group);
$filter['id_group'] = $id_group;
}
else {
$group = false;
}
else {
$group = false;
}
// Filter normal and metaconsole reports
if ($config['metaconsole'] == 1 and defined('METACONSOLE'))
@ -357,7 +357,7 @@ switch ($action) {
$reports = reports_get_reports ($filter,
array ('name', 'id_report', 'description', 'private',
'id_user', 'id_group'), $return_all_group, 'RR', $group);
$table->width = '0px';
if (sizeof ($reports)) {
$table->id = 'report_list';
@ -389,7 +389,8 @@ switch ($action) {
$table->head[$next] = __('Group');
$table->align[$next] = 'center';
$next++;
$table->head[$next] = '<span title="Operations">' . __('Op.') . '</span>';
$table->head[$next] = '<span title="Operations">' .
__('Op.') . '</span>';
$table->size = array ();
$table->size[$next] = '80px';
$table->style[$next] = 'text-align:center;';
@ -398,7 +399,7 @@ switch ($action) {
foreach ($reports as $report) {
if (!is_user_admin ($config["id_user"])){
if (!is_user_admin ($config["id_user"])) {
if ($report["private"] && $report["id_user"] != $config['id_user'])
if (!check_acl ($config["id_user"], $report["id_group"], "RR"))
continue;
@ -448,40 +449,65 @@ switch ($action) {
$type_access_selected = reports_get_type_access($report);
$edit = false;
$delete = false;
switch ($type_access_selected) {
case 'group_view':
$edit = check_acl($config['id_user'], $report['id_group'], "RW") && users_can_manage_group_all($report["id_group"]);
$edit = check_acl($config['id_user'],
$report['id_group'], "RW")
&&
users_can_manage_group_all($report["id_group"], "RW");
$delete = check_acl($config['id_user'],
$report['id_group'], "RM")
&&
users_can_manage_group_all($report["id_group"], "RM");
break;
case 'group_edit':
$edit = check_acl($config['id_user'], $report['id_group_edit'], "RW") && users_can_manage_group_all($report["id_group_edit"]);
$edit = check_acl($config['id_user'],
$report['id_group_edit'], "RW")
&&
users_can_manage_group_all($report["id_group_edit"], "RW");
$delete = check_acl($config['id_user'],
$report['id_group_edit'], "RM")
&&
users_can_manage_group_all($report["id_group_edit"], "RM");
break;
case 'user_edit':
if ($config['id_user'] == $report['id_user'] ||
is_user_admin ($config["id_user"]))
is_user_admin ($config["id_user"])) {
$edit = true;
$delete = true;
}
break;
}
if ($edit) {
if ($edit || $delete) {
if (!isset($table->head[$next])) {
$table->head[$next] = '<span title="Operations">' . __('Op.') . '</span>';
$table->size = array ();
$table->size[$next] = '80px';
$table->style[$next] = 'text-align:center;';
}
$data[$next] = '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&pure='.$pure.'" style="display:inline">';
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
$data[$next] .= html_print_input_image ('edit', 'images/config.png', 1, '', true, array ('title' => __('Edit')));
$data[$next] .= '</form>';
$data[$next] .= '<form method="post" style="display:inline;" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
$data[$next] .= html_print_input_hidden ('action','delete_report', true);
$data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '',
true, array ('title' => __('Delete')));
$data[$next] .= '</form>';
if ($edit) {
$data[$next] = '<form method="post" action="index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&pure='.$pure.'" style="display:inline">';
$data[$next] .= html_print_input_hidden('id_report',
$report['id_report'], true);
$data[$next] .= html_print_input_image('edit',
'images/config.png', 1, '', true, array ('title' => __('Edit')));
$data[$next] .= '</form>';
}
if ($delete) {
$data[$next] .= '<form method="post" style="display:inline;" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data[$next] .= html_print_input_hidden ('id_report', $report['id_report'], true);
$data[$next] .= html_print_input_hidden ('action','delete_report', true);
$data[$next] .= html_print_input_image ('delete', 'images/cross.png', 1, '',
true, array ('title' => __('Delete')));
$data[$next] .= '</form>';
}
}
array_push ($table->data, $data);
@ -499,7 +525,7 @@ switch ($action) {
}
enterprise_hook('close_meta_frame');
return;
break;
case 'new':

View File

@ -793,7 +793,7 @@ function users_check_users() {
// Check if a user can manage a group when group is all
// This function dont check acls of the group, only if the
// user is admin or pandora manager and the group is all
function users_can_manage_group_all($id_group = 0) {
function users_can_manage_group_all($id_group = 0, $access = "PM") {
global $config;
if ($id_group != 0) {
@ -802,7 +802,7 @@ function users_can_manage_group_all($id_group = 0) {
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
if (check_acl ($config['id_user'], 0, "PM") || $is_admin) {
if (check_acl ($config['id_user'], 0, $access) || $is_admin) {
return true;
}