- [DEV-175] improvements to showed users last login time (Artem)

 - [DEV-178] more fixes to permission scheme (Artem)

git-svn-id: svn://svn.zabbix.com/trunk@5776 97f52cf1-0a1b-0410-bd0e-c28be96e8082

9 files changed, 25 insertions, 15 deletions

diff --git a/create/schema/schema.sql b/create/schema/schema.sql
index 20ae76d0..8b9c4fef 100644
--- a/create/schema/schema.sql
+++ b/create/schema/schema.sql
@@ -651,6 +651,7 @@ TABLE|sessions|sessionid|0
 FIELD		|sessionid	|t_varchar(32)	|''	|NOT NULL	|0
 FIELD		|userid		|t_id		|'0'	|NOT NULL	|0
 FIELD		|lastaccess	|t_integer	|'0'	|NOT NULL	|0
+FIELD		|status		|t_integer	|'0'	|NOT NULL	|0
 
 TABLE|sysmaps_links|linkid|ZBX_SYNC
 FIELD		|linkid		|t_id		|'0'	|NOT NULL	|0
diff --git a/frontends/php/include/blocks.inc.php b/frontends/php/include/blocks.inc.php
index b0c45a24..e8ce905c 100644
--- a/frontends/php/include/blocks.inc.php
+++ b/frontends/php/include/blocks.inc.php
@@ -374,11 +374,14 @@ function make_status_of_zbx(){
 	$table->AddRow(array(S_NUMBER_OF_ALERTS,$status['alerts_count'],' - '));*/
 
 //Log Out 10min	
-	$sql = 'SELECT DISTINCT u.userid, s.lastaccess, u.autologout '.
+	$sql = 'SELECT DISTINCT u.userid, MAX(s.lastaccess) as lastaccess, u.autologout '.
 			' FROM users u '.
-				' LEFT JOIN sessions s ON s.userid=u.userid';
+				' LEFT JOIN sessions s ON s.userid=u.userid'.
+			' WHERE '.DBin_node('u.userid').
+			' GROUP BY u.userid,u.autologout';
 
 	$db_users = DBSelect($sql);
+	
 	$usr_cnt = 0;
 	$online_cnt = 0;
 	while($user=DBFetch($db_users)){
diff --git a/frontends/php/include/config.inc.php b/frontends/php/include/config.inc.php
index a6caf779..6ce15123 100644
--- a/frontends/php/include/config.inc.php
+++ b/frontends/php/include/config.inc.php
@@ -273,6 +273,8 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; }  // DEBUG INFO!!!
 
 		if ( count($ZBX_CURRENT_SUBNODES) < 2 && !defined('ZBX_DISABLE_SUBNODES') )
 			define('ZBX_DISABLE_SUBNODES', 1);
+
+		$ZBX_CURRENT_SUBNODES = get_accessible_nodes_by_user($USER_DETAILS, PERM_READ_LIST, PERM_RES_IDS_ARRAY);
 	}
 
 	function get_current_nodeid($forse_with_subnodes = null, $perm = null){
diff --git a/frontends/php/include/defines.inc.php b/frontends/php/include/defines.inc.php
index 7b3986ec..e90f817a 100644
--- a/frontends/php/include/defines.inc.php
+++ b/frontends/php/include/defines.inc.php
@@ -33,6 +33,9 @@
 	
 	define('ZBX_LOGIN_ATTEMPTS', 5);
 	define('ZBX_LOGIN_BLOCK', 30);
+	
+	define('ZBX_SESSION_ACTIVE', 0);
+	define('ZBX_SESSION_PASSIVE', 1);
 
 	define('T_ZBX_STR',			0);
 	define('T_ZBX_INT',			1);
diff --git a/frontends/php/include/perm.inc.php b/frontends/php/include/perm.inc.php
index b4288da1..0a8538dd 100644
--- a/frontends/php/include/perm.inc.php
+++ b/frontends/php/include/perm.inc.php
@@ -50,6 +50,7 @@ function check_authorisation(){
 		$login = $USER_DETAILS = DBfetch(DBselect('SELECT u.*,s.* '.
 					' FROM sessions s,users u'.
 					' WHERE s.sessionid='.zbx_dbstr($sessionid).
+						' AND s.status='.ZBX_SESSION_ACTIVE.
 						' AND s.userid=u.userid'.
 						' AND ((s.lastaccess+u.autologout>'.time().') OR (u.autologout=0))'.
 						' AND '.DBin_node('u.userid', $ZBX_LOCALNODEID)));
@@ -86,20 +87,20 @@ function check_authorisation(){
 
 	if($login){
 		zbx_setcookie("zbx_sessionid",$sessionid,$USER_DETAILS['autologin']?(time()+86400*31):0);	//1 month
-		DBexecute("update sessions set lastaccess=".time()." where sessionid=".zbx_dbstr($sessionid));
+		DBexecute('UPDATE sessions SET lastaccess='.time().' WHERE sessionid='.zbx_dbstr($sessionid));
 	}
 	else{
 		$USER_DETAILS = NULL;
 		
 		zbx_unsetcookie('zbx_sessionid');
-		DBexecute("delete from sessions where sessionid=".zbx_dbstr($sessionid));
+		DBexecute('UPDATE sessions SET status='.ZBX_SESSION_PASSIVE.' WHERE sessionid='.zbx_dbstr($sessionid));
 		unset($sessionid);
 	}
 
 	if($USER_DETAILS){
 		$USER_DETAILS['node'] = DBfetch(DBselect('select * from nodes where nodeid='.id2nodeid($USER_DETAILS['userid'])));
-		if(empty($USER_DETAILS['node']))
-		{
+		
+		if(empty($USER_DETAILS['node'])){
 			$USER_DETAILS['node']['name'] = '- unknown -';
 			$USER_DETAILS['node']['nodeid'] = $ZBX_LOCALNODEID;
 		}
diff --git a/frontends/php/include/profiles.inc.php b/frontends/php/include/profiles.inc.php
index 6436916b..668e7ce6 100644
--- a/frontends/php/include/profiles.inc.php
+++ b/frontends/php/include/profiles.inc.php
@@ -335,7 +335,7 @@ function get_favorites($favobj,$nodeid=null){
 	
 	if(is_null($nodeid))
 		$nodeid = get_current_nodeid();
-		
+
 	if(!is_array($nodeid))
 		$nodeid = array($nodeid);
 
diff --git a/frontends/php/index.php b/frontends/php/index.php
index 1dc8bdd1..cdb49450 100644
--- a/frontends/php/index.php
+++ b/frontends/php/index.php
@@ -47,7 +47,7 @@
 		add_audit(AUDIT_ACTION_LOGOUT,AUDIT_RESOURCE_USER,'Manual Logout');
 		
 		zbx_unsetcookie('zbx_sessionid');
-		DBexecute("delete from sessions where sessionid=".zbx_dbstr($sessionid));
+		DBexecute('UPDATE sessions SET status='.ZBX_SESSION_PASSIVE.' WHERE sessionid='.zbx_dbstr($sessionid));
 		unset($sessionid);
 
 		Redirect("index.php");
@@ -125,7 +125,7 @@
 			$sessionid = md5(time().$password.$name.rand(0,10000000));
 			zbx_setcookie('zbx_sessionid',$sessionid);
 			
-			DBexecute('INSERT INTO sessions (sessionid,userid,lastaccess) VALUES ('.zbx_dbstr($sessionid).','.$row['userid'].','.time().')');
+			DBexecute('INSERT INTO sessions (sessionid,userid,lastaccess,status) VALUES ('.zbx_dbstr($sessionid).','.$row['userid'].','.time().','.ZBX_SESSION_ACTIVE.')');
 
 			add_audit(AUDIT_ACTION_LOGIN,AUDIT_RESOURCE_USER,"Correct login [".$name."]");
 			
diff --git a/frontends/php/users.php b/frontends/php/users.php
index 99f10ec1..3eccdae2 100644
--- a/frontends/php/users.php
+++ b/frontends/php/users.php
@@ -471,19 +471,19 @@ include_once "include/page_header.php";
 				$online_time = (($db_user['autologout'] == 0) || (ZBX_USER_ONLINE_TIME<$db_user['autologout']))?ZBX_USER_ONLINE_TIME:$db_user['autologout'];
 				$online=new CCol(S_NO,"disabled");
 				
-				$sql = 'SELECT s.lastaccess'.
+				$sql = 'SELECT s.lastaccess, s.status'.
 						' FROM sessions s, users u'.
 						' WHERE s.userid='.$db_user['userid'].
 							' AND s.userid=u.userid '.
 						' ORDER BY lastaccess DESC';
 
 				$db_sessions = DBselect($sql,1);
-				if($db_ses_cnt=DBfetch($db_sessions)){
-					if(($db_ses_cnt['lastaccess']+$online_time) >= time()){
-						$online=new CCol(S_YES.' ('.date('r',$db_ses_cnt['lastaccess']).')',"enabled");
+				if($db_ses=DBfetch($db_sessions)){
+					if((ZBX_SESSION_ACTIVE == $db_ses['status']) && (($db_ses['lastaccess']+$online_time) >= time())){
+						$online=new CCol(S_YES.' ('.date('r',$db_ses['lastaccess']).')',"enabled");
 					}
 					else{
-						$online=new CCol(S_NO.' ('.date('r',$db_ses_cnt['lastaccess']).')',"disabled");
+						$online=new CCol(S_NO.' ('.date('r',$db_ses['lastaccess']).')',"disabled");
 					}
 				}	
 				
diff --git a/src/zabbix_server/housekeeper/housekeeper.c b/src/zabbix_server/housekeeper/housekeeper.c
index 8dc643e9..4dde4e05 100644
--- a/src/zabbix_server/housekeeper/housekeeper.c
+++ b/src/zabbix_server/housekeeper/housekeeper.c
@@ -105,7 +105,7 @@ static int housekeeping_sessions(int now)
 		now);
 
 	deleted = DBexecute("delete from sessions where lastaccess<%d",
-		now-31*86400);
+		now-365*86400);
 
 	zabbix_log( LOG_LEVEL_DEBUG, "Deleted [%ld] records from table [sessions]",
 		deleted);