2011-02-17 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
* godmode/alerts/configure_alert_template.php
godmode/alerts/alert_templates.php
godmode/alerts/configure_alert_action.php
godmode/alerts/alert_actions.php
godmode/alerts/alert_list.builder.php: If user is not admin then can't
edit/delete/copy alerts/templates of other groups.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3895 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
juanmanuelr
parent
f4e2888590
commit
fe7738e007
|
|
@ -1,3 +1,12 @@
|
|||
2011-02-17 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
|
||||
|
||||
* godmode/alerts/configure_alert_template.php
|
||||
godmode/alerts/alert_templates.php
|
||||
godmode/alerts/configure_alert_action.php
|
||||
godmode/alerts/alert_actions.php
|
||||
godmode/alerts/alert_list.builder.php: If user is not admin then can't
|
||||
edit/delete/copy alerts/templates of other groups.
|
||||
|
||||
2011-02-17 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* godmode/reporting/visual_console_builder.editor.js: fixed the type of icon
|
||||
|
|
|
|||
|
|
@ -54,7 +54,9 @@ if ($copy_action) {
|
|||
$al_action = get_alert_action ($id);
|
||||
|
||||
if ($al_action !== false){
|
||||
// If user tries to copy an action with group=ALL
|
||||
if ($al_action['id_group'] == 0){
|
||||
// then must have "PM" access privileges
|
||||
if (! give_acl ($config['id_user'], 0, "PM")) {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
|
|
@ -63,9 +65,25 @@ if ($copy_action) {
|
|||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
// If user tries to copy an action of others groups
|
||||
}else{
|
||||
$own_info = get_user_info ($config['id_user']);
|
||||
if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM"));
|
||||
else
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM", false));
|
||||
$is_in_group = in_array($al_action['id_group'], $own_groups);
|
||||
// Then action group have to be in his own groups
|
||||
if ($is_in_group)
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
else{
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
require ("general/noaccess.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
|
|
@ -179,7 +197,9 @@ if ($delete_action) {
|
|||
$al_action = get_alert_action ($id);
|
||||
|
||||
if ($al_action !== false){
|
||||
// If user tries to delete an action with group=ALL
|
||||
if ($al_action['id_group'] == 0){
|
||||
// then must have "PM" access privileges
|
||||
if (! give_acl ($config['id_user'], 0, "PM")) {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
|
|
@ -188,9 +208,25 @@ if ($delete_action) {
|
|||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
}else
|
||||
// If user tries to delete an action of others groups
|
||||
}else{
|
||||
$own_info = get_user_info ($config['id_user']);
|
||||
if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM"));
|
||||
else
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM", false));
|
||||
$is_in_group = in_array($al_action['id_group'], $own_groups);
|
||||
// Then action group have to be in his own groups
|
||||
if ($is_in_group)
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
else{
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
require ("general/noaccess.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Alert actions'), "images/god2.png", false, "", true);
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ $table->data[1][0] = __('Template');
|
|||
|
||||
$table->data[1][0] = __('Template');
|
||||
$own_info = get_user_info ($config['id_user']);
|
||||
if ($own_info['is_admin'])
|
||||
if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
|
||||
$templates = get_alert_templates (false, array ('id', 'name'));
|
||||
else{
|
||||
$usr_groups = get_user_groups($config['id_user'], 'LW', false);
|
||||
|
|
|
|||
|
|
@ -137,6 +137,7 @@ if ($delete_template) {
|
|||
$al_template = get_alert_template($id);
|
||||
|
||||
if ($al_template !== false){
|
||||
// If user tries to delete a template with group=ALL then must have "PM" access privileges
|
||||
if ($al_template['id_group'] == 0){
|
||||
if (! give_acl ($config['id_user'], 0, "PM")) {
|
||||
pandora_audit("ACL Violation",
|
||||
|
|
@ -146,9 +147,25 @@ if ($delete_template) {
|
|||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
|
||||
// If user tries to delete a template of others groups
|
||||
}else{
|
||||
$own_info = get_user_info ($config['id_user']);
|
||||
if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM"));
|
||||
else
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM", false));
|
||||
$is_in_group = in_array($al_template['id_group'], $own_groups);
|
||||
// Then template group have to be is his own groups
|
||||
if ($is_in_group)
|
||||
// Header
|
||||
print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
|
||||
else{
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
require ("general/noaccess.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts')." » ". __('Alert templates'), "images/god2.png", false, "", true);
|
||||
|
|
|
|||
|
|
@ -32,7 +32,9 @@ $id = (int) get_parameter ('id');
|
|||
$al_action = get_alert_action ($id);
|
||||
|
||||
if ($al_action !== false){
|
||||
// If user tries to edit an action with group=ALL
|
||||
if ($al_action['id_group'] == 0){
|
||||
// then must have "PM" access privileges
|
||||
if (! give_acl ($config['id_user'], 0, "PM")) {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
|
|
@ -41,10 +43,25 @@ if ($al_action !== false){
|
|||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
|
||||
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
|
||||
// If user tries to edit an action of others groups
|
||||
}else{
|
||||
$own_info = get_user_info ($config['id_user']);
|
||||
if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM"));
|
||||
else
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM", false));
|
||||
$is_in_group = in_array($al_action['id_group'], $own_groups);
|
||||
// Then action group have to be in his own groups
|
||||
if ($is_in_group)
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
|
||||
else{
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
require ("general/noaccess.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Configure alert action'), "images/god2.png", false, "", true);
|
||||
|
|
|
|||
|
|
@ -39,7 +39,9 @@ if ($duplicate_template) {
|
|||
}
|
||||
|
||||
if ($a_template !== false){
|
||||
// If user tries to duplicate/edit a template with group=ALL
|
||||
if ($a_template['id_group'] == 0){
|
||||
// then must have "PM" access privileges
|
||||
if (! give_acl ($config['id_user'], 0, "PM")) {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
|
|
@ -48,9 +50,25 @@ if ($a_template !== false){
|
|||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true);
|
||||
}else
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true);
|
||||
// If user tries to duplicate/edit a template of others groups
|
||||
}else{
|
||||
$own_info = get_user_info ($config['id_user']);
|
||||
if ($own_info['is_admin'] || give_acl ($config['id_user'], 0, "PM"))
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM"));
|
||||
else
|
||||
$own_groups = array_keys(get_user_groups($config['id_user'], "LM", false));
|
||||
$is_in_group = in_array($a_template['id_group'], $own_groups);
|
||||
// Then template group have to be in his own groups
|
||||
if ($is_in_group)
|
||||
// Header
|
||||
print_page_header (__('Alerts').' » '.__('Configure alert template'), "", false, "", true);
|
||||
else{
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to access Alert Management");
|
||||
require ("general/noaccess.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
// This prevents to duplicate the header in case duplicate/edit_template action is performed
|
||||
}else
|
||||
// Header
|
||||
|
|
|
|||
Loading…
Reference in New Issue