Merge branch 'feature/ticket#2047-New-acl-bits' into develop

pandora_console/godmode/reporting/map_builder.php

@@ -260,7 +260,7 @@ if ($vconsoles_write || $vconsoles_manage) {
 	if (!defined('METACONSOLE'))
 		echo '<form action="index.php?sec=reporting&amp;sec2=godmode/reporting/visual_console_builder" method="post">';
 	else {		
-		echo '<form action="index.php?operation=edit_visualmap&sec=screen&sec2=screens/screens&action=visualmap&pure=' . $pure . '" method="post">';
+		echo '<form action="index.php?sec=screen&sec2=screens/screens&action=visualmap&action2=new&operation=new_visualmap&tab=data&pure=' . $pure . '" method="post">';
 	}
 	html_print_input_hidden ('edit_layout', 1);
 	html_print_submit_button (__('Create'), '', false, 'class="sub next"');

pandora_console/godmode/reporting/visual_console_builder.data.php

@@ -17,21 +17,24 @@ global $config;
 
 check_login ();
 
-// Visual console required
-if (empty($visualConsole)) {
-	db_pandora_audit("ACL Violation",
-		"Trying to access report builder");
-	require ("general/noaccess.php");
-	exit;
+if (empty($idVisualConsole)) {
+	// ACL for the a new visual console
+	// if (!isset($vconsole_read))
+	// 	$vconsole_read = check_acl ($config['id_user'], 0, "VR");
+	if (!isset($vconsole_write))
+		$vconsole_write = check_acl ($config['id_user'], 0, "VW");
+	if (!isset($vconsole_manage))
+		$vconsole_manage = check_acl ($config['id_user'], 0, "VM");
+}
+else {
+	// ACL for the existing visual console
+	// if (!isset($vconsole_read))
+	// 	$vconsole_read = check_acl ($config['id_user'], $idGroup, "VR");
+	if (!isset($vconsole_write))
+		$vconsole_write = check_acl ($config['id_user'], $idGroup, "VW");
+	if (!isset($vconsole_manage))
+		$vconsole_manage = check_acl ($config['id_user'], $idGroup, "VM");
 }
-
-// ACL for the existing visual console
-// if (!isset($vconsole_read))
-// 	$vconsole_read = check_acl ($config['id_user'], $visualConsole['id_group'], "VR");
-if (!isset($vconsole_write))
-	$vconsole_write = check_acl ($config['id_user'], $visualConsole['id_group'], "VW");
-if (!isset($vconsole_manage))
-	$vconsole_manage = check_acl ($config['id_user'], $visualConsole['id_group'], "VM");
 
 if (!$vconsole_write && !$vconsole_manage) {
 	db_pandora_audit("ACL Violation",

pandora_console/godmode/reporting/visual_console_builder.php

@@ -26,8 +26,21 @@ enterprise_include_once('include/functions_visual_map.php');
 set_unless_defined ($idVisualConsole, 0); // Set default
 $idVisualConsole = get_parameter('id_visual_console', $idVisualConsole);
 
+if (!defined('METACONSOLE')) {
+	$action_name_parameter = 'action';
+}
+else {
+	$action_name_parameter = 'action2';
+}
+
+$action = get_parameterBetweenListValues($action_name_parameter,
+	array('new', 'save', 'edit', 'update', 'delete', 'multiple_delete'),
+	'new');
+
+$activeTab = get_parameterBetweenListValues('tab', array('data', 'list_elements', 'wizard', 'wizard_services', 'editor'), 'data');
+
 // Visual console creation tab and actions
-if ($activeTab == "data" && ($action == "new" || $action == "save")) {
+if (empty($idVisualConsole)) {
 	$visualConsole = null;
 	
 	// General ACL
@@ -35,8 +48,8 @@ if ($activeTab == "data" && ($action == "new" || $action == "save")) {
 	$vconsole_write = check_acl ($config['id_user'], 0, "VW");
 	$vconsole_manage = check_acl ($config['id_user'], 0, "VM");
 }
-// Retrieving the visual console data
-else if (!empty($idVisualConsole)) {
+// The visual console exists
+else if ($activeTab != 'data' || ($activeTab == 'data' && $action != 'new')) {
 	
 	// Load the visual console data
 	$visualConsole = db_get_row_filter('tlayout', array('id' => $idVisualConsole));
@@ -57,8 +70,6 @@ else if (!empty($idVisualConsole)) {
 	$vconsole_write = check_acl ($config['id_user'], $visualConsole['id_group'], "VW");
 	$vconsole_manage = check_acl ($config['id_user'], $visualConsole['id_group'], "VM");
 }
-// The visual console should exist.
-// The only exception is the visual console creation.
 else {
 	db_pandora_audit("ACL Violation",
 		"Trying to access report builder");
@@ -74,25 +85,11 @@ if (!$vconsole_write && !$vconsole_manage) {
 	exit;
 }
 
-
 $pure = (int) get_parameter ('pure', 0);
 $refr = (int) get_parameter ('refr', $config['vc_refr']);
 
 $id_layout = 0;
 
-if (!defined('METACONSOLE')) {
-	$action_name_parameter = 'action';
-}
-else {
-	$action_name_parameter = 'action2';
-}
-
-$action = get_parameterBetweenListValues($action_name_parameter,
-	array('new', 'save', 'edit', 'update', 'delete', 'multiple_delete'),
-	'new');
-
-$activeTab = get_parameterBetweenListValues('tab', array('data', 'list_elements', 'wizard', 'wizard_services', 'editor'), 'data');
-
 
 //Save/Update data in DB
 global $statusProcessInDB;

pandora_console/include/functions.php

@@ -1770,7 +1770,9 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) {
 				tperfil.report_view, tperfil.report_edit,
 				tperfil.report_management, tperfil.event_view,
 				tperfil.event_edit, tperfil.event_management, 
-				tperfil.agent_disable
+				tperfil.agent_disable,
+				tperfil.map_view, tperfil.map_edit, tperfil.map_management,
+				tperfil.vconsole_view, tperfil.vconsole_edit, tperfil.vconsole_management
 			FROM tusuario_perfil, tperfil
 			WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
 				AND tusuario_perfil.id_usuario = '%s'", $id_user);
@@ -1785,7 +1787,9 @@ function check_acl($id_user, $id_group, $access, $id_agent = 0) {
 				tperfil.report_view, tperfil.report_edit,
 				tperfil.report_management, tperfil.event_view,
 				tperfil.event_edit, tperfil.event_management,
-				tperfil.agent_disable
+				tperfil.agent_disable,
+				tperfil.map_view, tperfil.map_edit, tperfil.map_management,
+				tperfil.vconsole_view, tperfil.vconsole_edit, tperfil.vconsole_management
 			FROM tusuario_perfil, tperfil
 			WHERE tusuario_perfil.id_perfil = tperfil.id_perfil 
 				AND tusuario_perfil.id_usuario = '%s'