From c7a624000e09b9fa0bb5cc2ea6dc41d1bea0e433 Mon Sep 17 00:00:00 2001
From: fermin831 <fermin.hernandez@artica.es>
Date: Mon, 29 Oct 2018 13:34:30 +0100
Subject: [PATCH] Added API function set delete_user_profile_info

---
 .../godmode/users/profile_list.php            | 41 +++++--------------
 pandora_console/include/functions_api.php     | 39 ++++++++++++++++--
 pandora_console/include/functions_profile.php | 14 +++++++
 3 files changed, 60 insertions(+), 34 deletions(-)

diff --git a/pandora_console/godmode/users/profile_list.php b/pandora_console/godmode/users/profile_list.php
index c009da746f..38c18f4303 100644
--- a/pandora_console/godmode/users/profile_list.php
+++ b/pandora_console/godmode/users/profile_list.php
@@ -66,40 +66,19 @@ $id_profile = (int) get_parameter ('id');
 
 // Profile deletion
 if ($delete_profile) {
-	
-	$count_users_admin_in_profile = db_get_value_sql("
-		SELECT COUNT(*)
-		FROM tusuario
-		WHERE is_admin = 1 AND id_user IN (
-			SELECT id_usuario
-			FROM tusuario_perfil
-			WHERE id_perfil = " . $id_profile . ")");
-	
-	if ($count_users_admin_in_profile >= 1) {
-		ui_print_error_message(
-			__('Unsucessful delete profile. Because the profile is used by some admin users.'));
+	// Delete profile
+	$profile = db_get_row('tperfil', 'id_perfil', $id_profile);
+	$ret = profile_delete_profile_and_clean_users ($id_profile);
+	if ($ret === false) {
+		ui_print_error_message(__('There was a problem deleting the profile'));
 	}
 	else {
-		// Delete profile
-		$profile = db_get_row('tperfil', 'id_perfil', $id_profile);
-		$sql = sprintf ('DELETE FROM tperfil WHERE id_perfil = %d', $id_profile);
-		$ret = db_process_sql ($sql);
-		if ($ret === false) {
-			ui_print_error_message(__('There was a problem deleting the profile'));
-		}
-		else {
-			db_pandora_audit("Profile management",
-				"Delete profile ". $profile['name']);
-			
-			ui_print_success_message(__('Successfully deleted'));
-		}
-		
-		//Delete profile from user data
-		$sql = sprintf ('DELETE FROM tusuario_perfil WHERE id_perfil = %d', $id_profile);
-		db_process_sql ($sql);
-		
-		$id_profile = 0;
+		db_pandora_audit("Profile management",
+			"Delete profile ". $profile['name']);
+		ui_print_success_message(__('Successfully deleted'));
 	}
+
+	$id_profile = 0;
 }
 
 // Store the variables when create or update
diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php
index 834f25c199..e34148bd42 100644
--- a/pandora_console/include/functions_api.php
+++ b/pandora_console/include/functions_api.php
@@ -8835,13 +8835,13 @@ function api_set_create_user_profile_info ($thrash1, $thrash2, $other, $returnTy
  * Update an user profile.
  *
  * @param int Profile id
- * @param Reserved $thrash2
+ * @param Reserved $thrash1
  * @param array parameters in array: name|IR|IW|IM|AR|AW|AD|LW|LM|UM|DM|ER|EW|EM|RR|RW|RM|MR|MW|MM|VR|VW|VM|PM
  * @param string Return type (csv, json, string...)
  *
- *  api.php?op=set&op2=create_user_profile_info&return_type=json&other=API_profile%7C1%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C0%7C0%7C1%7C0%7C0%7C1%7C0%7C0%7C0&other_mode=url_encode_separator_%7C&apipass=1234&user=admin&pass=pandora
+ *  api.php?op=set&op2=update_user_profile_info&return_type=json&id=6&other=API_profile_updated%7C%7C%7C%7C1%7C1%7C1%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C&other_mode=url_encode_separator_%7C&apipass=1234&user=admin&pass=pandora
  */
-function api_set_update_user_profile_info ($id_profile, $thrash2, $other, $returnType) {
+function api_set_update_user_profile_info ($id_profile, $thrash1, $other, $returnType) {
 	global $config;
 
 	if (!check_acl($config['id_user'], 0, "PM")){
@@ -8891,6 +8891,39 @@ function api_set_update_user_profile_info ($id_profile, $thrash2, $other, $retur
 	}
 }
 
+/**
+ * Delete an user profile.
+ *
+ * @param int Profile id
+ * @param Reserved $thrash1
+ * @param Reserved $thrash2
+ * @param string Return type (csv, json, string...)
+ *
+ *  api.php?op=set&op2=delete_user_profile_info&return_type=json&id=7&other_mode=url_encode_separator_%7C&apipass=1234&user=admin&pass=pandora
+ */
+function api_set_delete_user_profile_info ($id_profile, $thrash1, $thrash2, $returnType) {
+	global $config;
+
+	if (!check_acl($config['id_user'], 0, "PM")){
+		returnError('forbidden', 'string');
+		return;
+	}
+
+	$profile = db_get_value ('id_perfil', 'tperfil', 'id_perfil', $id_profile);
+	if ($profile === false) {
+		returnError('id_not_found', 'string');
+		return;
+	}
+
+	$return = profile_delete_profile_and_clean_users($id_profile);
+
+	if ($return === false) {
+		returnError('error_delete_user_profile_info', __('Error deleting user profile'));
+	} else {
+		returnData($returnType, array('type' => 'array', 'data' => 1));
+	}
+}
+
 /**
  * Create new incident in Pandora.
  *
diff --git a/pandora_console/include/functions_profile.php b/pandora_console/include/functions_profile.php
index 62306ec060..e449b6cd75 100644
--- a/pandora_console/include/functions_profile.php
+++ b/pandora_console/include/functions_profile.php
@@ -144,6 +144,20 @@ function profile_delete_profile ($id_profile) {
 	return (bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile));
 }
 
+/**
+ * Delete profile from database and remove from the assigned users (tusuario_perfil)
+ *
+ * @param int Profile ID
+ *
+ * @return bool Whether or not it's deleted in both tables
+ */
+function profile_delete_profile_and_clean_users ($id_profile) {
+	return
+		(bool)db_process_sql_delete('tperfil', array('id_perfil' => $id_profile)) &&
+		(bool)db_process_sql_delete('tusuario_perfil', array('id_perfil' => $id_profile))
+	;
+}
+
 /**
  * Print the table to display, create and delete profiles
  *