From b10f1f422ffeecfd461e0842ad1b9b8f730691a6 Mon Sep 17 00:00:00 2001
From: Arturo Gonzalez <arturo.gonzalez@artica.es>
Date: Thu, 20 Apr 2017 18:02:34 +0200
Subject: [PATCH] Added more restrictions to user dashboard function

---
 pandora_console/include/functions.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php
index 059e4c5e41..bb4d6696e8 100644
--- a/pandora_console/include/functions.php
+++ b/pandora_console/include/functions.php
@@ -1992,13 +1992,13 @@ function get_os_name ($id_os) {
 function get_user_dashboards ($id_user) {
 	if (users_is_admin($id_user)) {
 		$sql = "SELECT name
-			FROM tdashboard";
+			FROM tdashboard WHERE id_user = '" . $id_user ."' OR id_user = ''";
 	}
 	else {
 		$user_can_manage_all = users_can_manage_group_all('RR');
 		if ($user_can_manage_all) {
 			$sql = "SELECT name
-				FROM tdashboard";
+				FROM tdashboard WHERE id_user = '" . $id_user ."' OR id_user = ''";
 		}
 		else {
 			$user_groups = users_get_groups($id_user, "RR", false);
@@ -2013,7 +2013,7 @@ function get_user_dashboards ($id_user) {
 
 			$sql = "SELECT name
 				FROM tdashboard
-				WHERE id_group IN (" . implode(",", $u_groups) . ")";
+				WHERE id_group IN (" . implode(",", $u_groups) . ") AND (id_user = '" . $id_user ."' OR id_user = '')";
 		}
 	}