commit version 22.12.12447
This commit is contained in:
@ -1,25 +1,28 @@
|
||||
<?php
|
||||
/**
|
||||
* Observium
|
||||
*
|
||||
* This file is part of Observium.
|
||||
*
|
||||
* @package observium
|
||||
* @subpackage web
|
||||
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
|
||||
*
|
||||
*/
|
||||
|
||||
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) // Only valid forms from level 10 users
|
||||
{
|
||||
if (strlen($vars['role_name']) &&
|
||||
strlen($vars['role_descr']))
|
||||
{
|
||||
$oid_id = dbInsert('roles', array('role_descr' => $vars['role_descr'],
|
||||
'role_name' => $vars['role_name'])
|
||||
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) { // Only valid forms from level 10 users
|
||||
if (!safe_empty($vars['role_name']) &&
|
||||
!safe_empty($vars['role_descr'])) {
|
||||
$oid_id = dbInsert('roles', [ 'role_descr' => $vars['role_descr'],
|
||||
'role_name' => $vars['role_name'] ]
|
||||
);
|
||||
|
||||
if ($oid_id)
|
||||
{
|
||||
if ($oid_id) {
|
||||
print_success("<strong>SUCCESS:</strong> Added role");
|
||||
}
|
||||
else
|
||||
{
|
||||
} else {
|
||||
print_warning("<strong>WARNING:</strong> Role not added");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
} else {
|
||||
print_error("<strong>ERROR:</strong> All fields must be completed to add a new role.");
|
||||
}
|
||||
}
|
||||
@ -6,42 +6,45 @@
|
||||
*
|
||||
* @package observium
|
||||
* @subpackage web
|
||||
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2020 Observium Limited
|
||||
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
|
||||
*
|
||||
*/
|
||||
|
||||
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) // Only valid forms from level 10 users
|
||||
{
|
||||
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) { // Only valid forms from level 10 users
|
||||
|
||||
if (isset($vars['entity_id']))
|
||||
{
|
||||
} // use entity_id
|
||||
elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) // use type_entity_id
|
||||
{
|
||||
if (isset($vars['entity_id'])) {
|
||||
// use entity_id
|
||||
} elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) {
|
||||
// use type_entity_id
|
||||
$vars['entity_id'] = $vars[$vars['entity_type'] . '_entity_id'];
|
||||
}
|
||||
if (!is_array($vars['entity_id']))
|
||||
{
|
||||
$vars['entity_id'] = array($vars['entity_id']);
|
||||
|
||||
if (!is_array($vars['entity_id'])) {
|
||||
$vars['entity_id'] = [ $vars['entity_id'] ];
|
||||
}
|
||||
|
||||
foreach ($vars['entity_id'] as $entity_id)
|
||||
{
|
||||
if (get_entity_by_id_cache($vars['entity_type'], $entity_id)) // Skip not exist entities
|
||||
{
|
||||
$changed = 0;
|
||||
foreach ($vars['entity_id'] as $entity_id) {
|
||||
if (get_entity_by_id_cache($vars['entity_type'], $entity_id)) { // Skip not exist entities
|
||||
if (!dbExist('roles_entity_permissions', '`role_id` = ? AND `entity_type` = ? AND `entity_id` = ?',
|
||||
array($vars['role_id'], $vars['entity_type'], $entity_id)
|
||||
))
|
||||
{
|
||||
[ $vars['role_id'], $vars['entity_type'], $entity_id ])) {
|
||||
|
||||
if(!in_array($vars['access'], array('ro', 'rw'))) { $vars['access'] = 'ro'; }
|
||||
if (!in_array($vars['access'], [ 'ro', 'rw' ])) {
|
||||
$vars['access'] = 'ro';
|
||||
}
|
||||
|
||||
dbInsert(array('entity_id' => $entity_id, 'entity_type' => $vars['entity_type'], 'role_id' => $vars['role_id'], 'access' => $vars['access']),
|
||||
'roles_entity_permissions'
|
||||
);
|
||||
dbInsert([ 'entity_id' => $entity_id, 'entity_type' => $vars['entity_type'], 'role_id' => $vars['role_id'], 'access' => $vars['access'] ],
|
||||
'roles_entity_permissions');
|
||||
$changed++;
|
||||
}
|
||||
} else { print_error('Error: Invalid Entity.'); }
|
||||
} else {
|
||||
print_error('Error: Invalid Entity.');
|
||||
}
|
||||
}
|
||||
|
||||
// Reset permissions cache
|
||||
if ($changed) { set_cache_clear('wui'); }
|
||||
unset($changed);
|
||||
}
|
||||
|
||||
// EOF
|
||||
|
||||
@ -6,32 +6,31 @@
|
||||
*
|
||||
* @package observium
|
||||
* @subpackage web
|
||||
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2020 Observium Limited
|
||||
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
|
||||
*
|
||||
*/
|
||||
|
||||
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) // Only valid forms from level 10 users
|
||||
{
|
||||
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) { // Only valid forms from level 10 users
|
||||
|
||||
if (isset($vars['entity_id']))
|
||||
{
|
||||
} // use entity_id
|
||||
elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) // use type_entity_id
|
||||
{
|
||||
if (isset($vars['entity_id'])) {
|
||||
// use entity_id
|
||||
} elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) {
|
||||
// use type_entity_id
|
||||
$vars['entity_id'] = $vars[$vars['entity_type'] . '_entity_id'];
|
||||
}
|
||||
|
||||
$where = '`role_id` = ? AND `entity_type` = ?' . generate_query_values($vars['entity_id'], 'entity_id');
|
||||
$where = '`role_id` = ? AND `entity_type` = ?' . generate_query_values_and($vars['entity_id'], 'entity_id');
|
||||
//if (@dbFetchCell("SELECT COUNT(*) FROM `entity_permissions` WHERE " . $where, array($vars['user_id'], $vars['entity_type'])))
|
||||
if (dbExist('roles_entity_permissions', $where, array($vars['role_id'], $vars['entity_type'])))
|
||||
{
|
||||
if (dbExist('roles_entity_permissions', $where, [ $vars['role_id'], $vars['entity_type'] ])) {
|
||||
dbDelete('roles_entity_permissions', $where, array($vars['role_id'], $vars['entity_type']));
|
||||
|
||||
//print_vars(dbError());
|
||||
|
||||
} else { }
|
||||
// Reset permissions cache
|
||||
set_cache_clear('wui');
|
||||
}
|
||||
}
|
||||
|
||||
echo ("nope"); // Hrm?
|
||||
//echo ("nope"); // Hrm?
|
||||
|
||||
// EOF
|
||||
|
||||
Reference in New Issue
Block a user