tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 16:55:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

[ACL] Now only RM can delete custom graphs

Browse Source
This commit is contained in:
fermin831 2018-03-02 13:13:55 +01:00
parent 6932939458
commit af6f251995
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pandora_console/godmode/reporting/graphs.php
View File

@ -23,7 +23,7 @@ check_login ();
$report_r = check_acl ($config['id_user'], 0, "RR");
$report_w = check_acl ($config['id_user'], 0, "RW");
$report_m = check_acl ($config['id_user'], 0, "RM");
$access = ($report_r == true) ? 'RR' : (($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RR'));
if (!$report_r && !$report_w && !$report_m) {
db_pandora_audit("ACL Violation",
"Trying to access Inventory Module Management");
@ -31,6 +31,9 @@ if (!$report_r && !$report_w && !$report_m) {
return;
}
$access = ($report_r == true) ? 'RR' : (($report_w == true) ? 'RW' : (($report_m == true) ? 'RM' : 'RR'));
$manage_group_all = users_can_manage_group_all($access);
$activeTab = get_parameter('tab', 'main');
$enterpriseEnable = false;
@ -185,20 +188,21 @@ if (!empty ($graphs)) {
$data[2] = $graph["graphs_count"];
$data[3] = ui_print_group_icon($graph['id_group'],true);
if (($report_w || $report_m) && users_can_manage_group_all($access)) {
$data[4] = '';
if (($report_w || $report_m) && $manage_group_all) {
$data[4] = '<a href="index.php?sec=reporting&sec2=godmode/reporting/graph_builder&edit_graph=1&id='.
$graph['id_graph'].'">'.html_print_image("images/config.png", true).'</a>';
$data[4] .= '&nbsp;';
}
$data[4] .= '&nbsp;';
if ($report_m && $manage_group_all) {
$data[4] .= '<a href="index.php?sec=reporting&sec2=godmode/reporting/graphs&delete_graph=1&id='
.$graph['id_graph'].'" onClick="if (!confirm(\''.__('Are you sure?').'\'))
return false;">' . html_print_image("images/cross.png", true, array('alt' => __('Delete'), 'title' => __('Delete'))) . '</a>' .
html_print_checkbox_extended ('delete_multiple[]', $graph['id_graph'], false, false, '', 'class="check_delete" style="margin-left:2px;"', true);
} else {
if($op_column) $data[4] = '';
}
array_push ($table->data, $data);
}