diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index 694e032c6f..9678fddb5b 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,10 @@ +2014-06-12 Hirofumi Kosaka + + * godmode/massive/massive_delete_modules.php, + operation/agentes/ver_agente.php: Fixed bug that all + agents' module could be target of deletion, + if the user has an AW privilege for any. + 2014-06-12 Sergio Martin * godmode/massive/massive_copy_modules.php: Delete the diff --git a/pandora_console/godmode/massive/massive_delete_modules.php b/pandora_console/godmode/massive/massive_delete_modules.php index 72ee058c05..a6df445f48 100644 --- a/pandora_console/godmode/massive/massive_delete_modules.php +++ b/pandora_console/godmode/massive/massive_delete_modules.php @@ -146,7 +146,11 @@ if ($delete) { $condition = ''; if ($module_type != 0) $condition = ' AND t2.id_tipo_modulo = '.$module_type; - + + $groups = users_get_groups ($config["id_user"], "AW", false); + $group_id_list = ($groups ? join(",",array_keys($groups)):"0"); + $condition = ' AND t1.id_grupo IN (' . $group_id_list . ') '; + $agents_ = db_get_all_rows_sql('SELECT DISTINCT(t1.id_agente) FROM tagente t1, tagente_modulo t2 WHERE t1.id_agente = t2.id_agente AND t2.delete_pending = 0 ' . $condition); @@ -164,7 +168,13 @@ if ($delete) { } } else if ($force == 'group') { - $agents_ = array_keys (agents_get_group_agents ($group_select, false, "none")); + if( $group_select == 0 ) { + $agents_ = array_keys (agents_get_group_agents (array_keys (users_get_groups ($config["id_user"], "AW", false)), false, "none")); + } + else { + $agents_ = array_keys (agents_get_group_agents ($group_select, false, "none")); + } + foreach ($agents_ as $id_agent) { $module_name = db_get_all_rows_filter('tagente_modulo', array('id_agente' => $id_agent),'nombre'); if ($module_name == false) { @@ -414,7 +424,8 @@ $(document).ready (function () { "get_agent_modules_json" : 1, "filter" : filter, "fields" : "DISTINCT(nombre)", - "indexed" : 0 + "indexed" : 0, + "privilege" : "AW" }, function (data, status) { jQuery.each (data, function (id, value) { diff --git a/pandora_console/operation/agentes/ver_agente.php b/pandora_console/operation/agentes/ver_agente.php index 66ae5a5b4d..f7aa19a04b 100644 --- a/pandora_console/operation/agentes/ver_agente.php +++ b/pandora_console/operation/agentes/ver_agente.php @@ -140,9 +140,13 @@ if (is_ajax ()) { $nameModules = get_parameter('module_name'); $selection_mode = get_parameter('selection_mode','common'); + $groups = users_get_groups ($config["id_user"], "AW", false); + $group_id_list = ($groups ? join(",",array_keys($groups)):"0"); + $sql = 'SELECT DISTINCT(t1.nombre) as name FROM tagente t1, tagente_modulo t2 WHERE t1.id_agente = t2.id_agente + AND t1.id_grupo IN (' . $group_id_list .') AND t2.nombre IN (\'' . implode('\',\'', $nameModules) . '\')'; if ($selection_mode == 'common') { @@ -152,7 +156,7 @@ if (is_ajax ()) { WHERE t3.id_agente = t4.id_agente AND t1.nombre = t3.nombre AND t4.nombre IN (\'' . implode('\',\'', $nameModules) . '\')) = '.count($nameModules); } - + $sql .= ' ORDER BY t1.nombre'; $nameAgents = db_get_all_rows_sql($sql); @@ -473,9 +477,8 @@ if (is_ajax ()) { $_tags = implode(',', array_keys($_user_tags)); - if (!empty($_tags)) { - $_sql_post .= ' AND tagente_modulo.id_agente_modulo IN (SELECT a.id_agente_modulo FROM tagente_modulo a, ttag_module b WHERE a.id_agente_modulo=b.id_agente_modulo AND b.id_tag IN (' . $_tags . ')) '; - } + $_sql_post .= ' AND tagente_modulo.id_agente_modulo IN (SELECT a.id_agente_modulo FROM tagente_modulo a, ttag_module b WHERE a.id_agente_modulo=b.id_agente_modulo AND b.id_tag IN (' . $_tags . ')) '; + } $sql = sprintf ('SELECT tagente_modulo.descripcion,