tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2014-06-12 Hirofumi Kosaka <kosaka@rworks.jp> 

* godmode/massive/massive_delete_modules.php,
	operation/agentes/ver_agente.php: Fixed bug that all
	agents' module could be target of deletion,
	if the user has an AW privilege for any.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@10172 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
hkosaka 2014-06-12 10:43:25 +00:00
parent ac61a3a226
commit a8bcd7cd10
3 changed files with 28 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pandora_console/ChangeLog
View File

@ -1,3 +1,10 @@
2014-06-12 Hirofumi Kosaka <kosaka@rworks.jp>
* godmode/massive/massive_delete_modules.php,
operation/agentes/ver_agente.php: Fixed bug that all
agents' module could be target of deletion,
if the user has an AW privilege for any.
2014-06-12 Sergio Martin <sergio.martin@artica.es>
* godmode/massive/massive_copy_modules.php: Delete the

17
pandora_console/godmode/massive/massive_delete_modules.php
View File

@ -146,7 +146,11 @@ if ($delete) {
$condition = '';
if ($module_type != 0)
$condition = ' AND t2.id_tipo_modulo = '.$module_type;
$groups = users_get_groups ($config["id_user"], "AW", false);
$group_id_list = ($groups ? join(",",array_keys($groups)):"0");
$condition = ' AND t1.id_grupo IN (' . $group_id_list . ') ';
$agents_ = db_get_all_rows_sql('SELECT DISTINCT(t1.id_agente)
FROM tagente t1, tagente_modulo t2
WHERE t1.id_agente = t2.id_agente AND t2.delete_pending = 0 ' . $condition);
@ -164,7 +168,13 @@ if ($delete) {
}
}
else if ($force == 'group') {
$agents_ = array_keys (agents_get_group_agents ($group_select, false, "none"));
if( $group_select == 0 ) {
$agents_ = array_keys (agents_get_group_agents (array_keys (users_get_groups ($config["id_user"], "AW", false)), false, "none"));
}
else {
$agents_ = array_keys (agents_get_group_agents ($group_select, false, "none"));
}
foreach ($agents_ as $id_agent) {
$module_name = db_get_all_rows_filter('tagente_modulo', array('id_agente' => $id_agent),'nombre');
if ($module_name == false) {
@ -414,7 +424,8 @@ $(document).ready (function () {
"get_agent_modules_json" : 1,
"filter" : filter,
"fields" : "DISTINCT(nombre)",
"indexed" : 0
"indexed" : 0,
"privilege" : "AW"
},
function (data, status) {
jQuery.each (data, function (id, value) {

11
pandora_console/operation/agentes/ver_agente.php
View File

@ -140,9 +140,13 @@ if (is_ajax ()) {
$nameModules = get_parameter('module_name');
$selection_mode = get_parameter('selection_mode','common');
$groups = users_get_groups ($config["id_user"], "AW", false);
$group_id_list = ($groups ? join(",",array_keys($groups)):"0");
$sql = 'SELECT DISTINCT(t1.nombre) as name
FROM tagente t1, tagente_modulo t2
WHERE t1.id_agente = t2.id_agente
AND t1.id_grupo IN (' . $group_id_list .')
AND t2.nombre IN (\'' . implode('\',\'', $nameModules) . '\')';
if ($selection_mode == 'common') {
@ -152,7 +156,7 @@ if (is_ajax ()) {
WHERE t3.id_agente = t4.id_agente AND t1.nombre = t3.nombre
AND t4.nombre IN (\'' . implode('\',\'', $nameModules) . '\')) = '.count($nameModules);
}
$sql .= ' ORDER BY t1.nombre';
$nameAgents = db_get_all_rows_sql($sql);
@ -473,9 +477,8 @@ if (is_ajax ()) {
$_tags = implode(',', array_keys($_user_tags));
if (!empty($_tags)) {
$_sql_post .= ' AND tagente_modulo.id_agente_modulo IN (SELECT a.id_agente_modulo FROM tagente_modulo a, ttag_module b WHERE a.id_agente_modulo=b.id_agente_modulo AND b.id_tag IN (' . $_tags . ')) ';
}
$_sql_post .= ' AND tagente_modulo.id_agente_modulo IN (SELECT a.id_agente_modulo FROM tagente_modulo a, ttag_module b WHERE a.id_agente_modulo=b.id_agente_modulo AND b.id_tag IN (' . $_tags . ')) ';
}
$sql = sprintf ('SELECT tagente_modulo.descripcion,