Reformuled users_can_manage_group_all Tickets #3680
This commit is contained in:
fermin831
parent
4473b42657
commit
ea313336ab
|
|
@ -277,7 +277,7 @@ if ($strict_user) {
|
|||
}
|
||||
else {
|
||||
$users = users_get_user_users($config['id_user'], "ER",
|
||||
users_can_manage_group_all(0));
|
||||
users_can_manage_group_all());
|
||||
}
|
||||
|
||||
$table->data[10][1] = html_print_select($users, "id_user_ack",
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ $table->data['name'][1] = html_print_input_text('name', $reportName,
|
|||
$table->data['group'][0] = __('Group');
|
||||
|
||||
$write_groups = users_get_groups_for_select(false, "RW",
|
||||
users_can_manage_group_all(0, "RW"), true, false, 'id_grupo');
|
||||
users_can_manage_group_all("RW"), true, false, 'id_grupo');
|
||||
|
||||
// If the report group is not among the RW groups (special permission) we add it
|
||||
if (!isset($write_groups[$idGroupReport]) && $idGroupReport) {
|
||||
|
|
|
|||
|
|
@ -373,9 +373,7 @@ switch ($action) {
|
|||
$delete = true; //owner can delete
|
||||
} else {
|
||||
$delete = check_acl($config['id_user'],
|
||||
$report['id_group'], "RM")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group"], "RM");
|
||||
$report['id_group'], "RM");
|
||||
}
|
||||
break;
|
||||
case 'group_edit':
|
||||
|
|
@ -383,9 +381,7 @@ switch ($action) {
|
|||
$delete = true; //owner can delete
|
||||
} else {
|
||||
$delete = check_acl($config['id_user'],
|
||||
$report['id_group'], "RM")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group"], "RM");
|
||||
$report['id_group'], "RM");
|
||||
}
|
||||
break;
|
||||
case 'user_edit':
|
||||
|
|
@ -591,7 +587,7 @@ switch ($action) {
|
|||
|
||||
$data = array ();
|
||||
|
||||
if (check_acl ($config["id_user"], $report["id_group"], "RW") && users_can_manage_group_all($report["id_group"])) {
|
||||
if (check_acl ($config["id_user"], $report["id_group"], "RW")) {
|
||||
$data[0] = '<a href="' . $config['homeurl'] . 'index.php?sec=reporting&sec2=godmode/reporting/reporting_builder&action=edit&id_report='.
|
||||
$report['id_report'].'&pure='.$pure.'">'.$report['name'].'</a>';
|
||||
}
|
||||
|
|
@ -652,9 +648,7 @@ switch ($action) {
|
|||
switch ($type_access_selected) {
|
||||
case 'group_view':
|
||||
$edit = check_acl($config['id_user'],
|
||||
$report['id_group'], "RW")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group"], "RW");
|
||||
$report['id_group'], "RW");
|
||||
|
||||
if ($config['id_user'] == $report['id_user'] || is_user_admin ($config["id_user"])) {
|
||||
$delete = true; //owner can delete
|
||||
|
|
@ -664,17 +658,13 @@ switch ($action) {
|
|||
break;
|
||||
case 'group_edit':
|
||||
$edit = check_acl($config['id_user'],
|
||||
$report['id_group_edit'], "RW")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group_edit"], "RW");
|
||||
$report['id_group_edit'], "RW");
|
||||
|
||||
if ($config['id_user'] == $report['id_user'] || is_user_admin ($config["id_user"])) {
|
||||
$delete = true; //owner can delete
|
||||
} else {
|
||||
$delete = check_acl($config['id_user'],
|
||||
$report['id_group'], "RM")
|
||||
&&
|
||||
users_can_manage_group_all($report["id_group"], "RM");
|
||||
$report['id_group'], "RM");
|
||||
}
|
||||
break;
|
||||
case 'user_edit':
|
||||
|
|
|
|||
|
|
@ -821,13 +821,9 @@ function users_check_users() {
|
|||
// Check if a user can manage a group when group is all
|
||||
// This function dont check acls of the group, only if the
|
||||
// user is admin or pandora manager and the group is all
|
||||
function users_can_manage_group_all($id_group = 0, $access = "PM") {
|
||||
function users_can_manage_group_all($access = "PM") {
|
||||
global $config;
|
||||
|
||||
if ($id_group != 0) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$is_admin = db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']);
|
||||
|
||||
if (check_acl ($config['id_user'], 0, $access) || $is_admin) {
|
||||
|
|
|
|||
|
|
@ -427,7 +427,7 @@ $data[0] = __('User ack.') . $jump;
|
|||
if ($strict_user) {
|
||||
$user_users = array($config['id_user']=>$config['id_user']);
|
||||
} else {
|
||||
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all(0));
|
||||
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
|
||||
}
|
||||
|
||||
$data[0] .= html_print_select($user_users, "id_user_ack", $id_user_ack, '',
|
||||
|
|
@ -467,7 +467,7 @@ $table_advanced->rowclass[] = '';
|
|||
$data = array();
|
||||
$data[0] = __('Date from') . $jump;
|
||||
|
||||
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all(0));
|
||||
$user_users = users_get_user_users($config['id_user'], "ER", users_can_manage_group_all());
|
||||
|
||||
$data[0] .= html_print_input_text ('date_from', $date_from, '', 15, 10, true);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue