2011-02-18 Javier Lanz <javier.lanz@artica.es>

* operation/servers/view_server.php: Fixed ACL permissions * operation/servers/view_server_detail.php: Fixed ACL permissions * operation/menu.php: Let an "AR" user view 'Pandora servers' menu Fix: #3183477 git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3923 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2025-07-28 00:04:37 +02:00 · 2011-02-18 13:28:13 +00:00 · 2011-02-18 13:28:13 +00:00 · ac6b040470
commit ac6b040470
parent 87a6c20335
4 changed files with 17 additions and 9 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,11 @@
 2011-02-18 Javier Lanz <javier.lanz@artica.es>
 	* operation/servers/view_server.php: Fixed ACL permissions
 	* operation/servers/view_server_detail.php: Fixed ACL permissions
 	* operation/menu.php: Let an "AR" user view 'Pandora servers' menu
 	Fix: #3183477
 2011-02-18 Miguel de Dios  <miguel.dedios@artica.es>
 	* include/ajax/visual_console_builder.ajax.php,
--- a/pandora_console/operation/menu.php
+++ b/pandora_console/operation/menu.php
@ -132,7 +132,7 @@ if (give_acl ($config['id_user'], 0, "AR")) {
 }
 // Agent read, Server read
-if (give_acl ($config['id_user'], 0, "PM")) {
+if (give_acl ($config['id_user'], 0, "AR")) {
 	// Server view
 	$menu["estado_server"]["text"] = __('Pandora servers');
@ -146,12 +146,12 @@ if (give_acl ($config['id_user'], 0, "PM")) {
 	if ($servers === false) {
 		$servers = array ();
 	}
-
+	if (give_acl ($config['id_user'], 0, "PM")) {
 		foreach ($servers as $serverItem) {
 			$sub["operation/servers/view_server_detail&amp;server_id=".$serverItem["id_server"]]["text"] = $serverItem["name"];
 		}
 		$menu["estado_server"]["sub"] = $sub;
 	}
 	//End of server view
 	//End of server view
--- a/pandora_console/operation/servers/view_server.php
+++ b/pandora_console/operation/servers/view_server.php
@ -21,7 +21,7 @@ require_once ("include/functions_servers.php");
 check_login ();
-if (! give_acl ($config['id_user'], 0, "AR") && ! give_acl ($config['id_user'], 0, "AW")) {
+if (! give_acl ($config['id_user'], 0, "AR")) {
 	pandora_audit("ACL Violation",
 		"Trying to access Server view");
 	require ("general/noaccess.php");
--- a/pandora_console/operation/servers/view_server_detail.php
+++ b/pandora_console/operation/servers/view_server_detail.php
@ -26,10 +26,10 @@ $options = "<li><a href='index.php?sec=estado_server&sec2=operation/servers/view
 print_page_header (__('Pandora servers'), "images/server.png", false, "", false, $options);
-if (! give_acl ($config['id_user'], 0, "AR")) {
+if (! give_acl ($config['id_user'], 0, "PM")) {
 	pandora_audit("ACL Violation",
 		"Trying to access recon task viewer");
-	require ("/general/noaccess.php");
+	require ("general/noaccess.php");
 	return;
 }