summaryrefslogtreecommitdiffstats
path: root/frontends/php/include/users.inc.php
diff options
context:
space:
mode:
Diffstat (limited to 'frontends/php/include/users.inc.php')
-rw-r--r--frontends/php/include/users.inc.php377
1 files changed, 329 insertions, 48 deletions
diff --git a/frontends/php/include/users.inc.php b/frontends/php/include/users.inc.php
index af84528d..4c2e8ae1 100644
--- a/frontends/php/include/users.inc.php
+++ b/frontends/php/include/users.inc.php
@@ -33,7 +33,7 @@
# Add User definition
- function add_user($name,$surname,$alias,$passwd,$url,$autologout,$lang,$refresh,$user_type,$status,$user_groups,$user_medias)
+ function add_user($name,$surname,$alias,$passwd,$url,$autologout,$lang,$refresh,$user_type,$user_groups,$user_medias)
{
global $USER_DETAILS;
@@ -54,8 +54,6 @@
' values ('.$userid.','.zbx_dbstr($name).','.zbx_dbstr($surname).','.zbx_dbstr($alias).','.
zbx_dbstr(md5($passwd)).','.zbx_dbstr($url).','.$autologout.','.zbx_dbstr($lang).','.$refresh.','.$user_type.')');
- $result &= change_user_status($userid,$status);
-
if($result)
{
DBexecute('delete from users_groups where userid='.$userid);
@@ -88,7 +86,7 @@
# Update User definition
- function update_user($userid,$name,$surname,$alias,$passwd, $url,$autologout,$lang,$refresh,$user_type,$status,$user_groups,$user_medias)
+ function update_user($userid,$name,$surname,$alias,$passwd, $url,$autologout,$lang,$refresh,$user_type,$user_groups,$user_medias)
{
if(DBfetch(DBselect("select * from users where alias=".zbx_dbstr($alias).
" and userid<>$userid and ".DBin_node('userid', get_current_nodeid(false)))))
@@ -102,8 +100,6 @@
",url=".zbx_dbstr($url).","."autologout=$autologout,lang=".zbx_dbstr($lang).",refresh=$refresh,".
"type=$user_type".
" where userid=$userid");
-
- $result &= change_user_status($userid,$status);
if($result)
{
@@ -182,33 +178,86 @@
}
- function get_user_by_userid($userid){
+ function get_user_by_userid($userid){
if($row = DBfetch(DBselect('select * from users where userid='.zbx_dbstr($userid)))){
return $row;
}
/* error("No user with id [$userid]"); */
return false;
}
+
- function change_user_status($userid,$status){
- global $USER_DETAILS;
- $res = false;
- if((bccomp($USER_DETAILS['userid'],$userid) == 0) && ($status==USER_STATUS_DISABLED)){
- error(S_USER_CANNOT_DISABLE_ITSELF);
+ function get_userid_by_usrgrpid($usrgrpid){
+ $userids = array();
+ if($res=DBselect('SELECT DISTINCT u.userid '.
+ ' FROM users u,users_groups ug '.
+ ' WHERE u.userid=ug.userid '.
+ ' AND ug.usrgrpid='.$usrgrpid.
+ ' AND '.DBin_node('ug.usrgrpid', get_current_nodeid(false))))
+ {
+ while($rows = DBFetch($res)) $userids[]=$rows['userid'];
+ }
+
+ return $userids;
+ }
+
+
+ function add_user_to_group($userid,$usrgrpid){
+ $result = false;
+ if(granted2move_user($userid,$usrgrpid)){
+ DBexecute('delete from users_groups where userid='.$userid.' and usrgrpid='.$usrgrpid);
+
+ $users_groups_id = get_dbid("users_groups","id");
+ $result = DBexecute('insert into users_groups (id,usrgrpid,userid) values('.$users_groups_id.','.$usrgrpid.','.$userid.')');
}
else{
- $res = DBexecute('UPDATE users SET status='.$status.' WHERE userid='.zbx_dbstr($userid));
+ error(S_USER_CANNOT_CHANGE_STATUS);
}
- return $res;
+ return $result;
+ }
+
+ function remove_user_from_group($userid,$usrgrpid){
+ $result = false;
+ if(granted2move_user($userid,$usrgrpid)){
+ $result = DBexecute('delete from users_groups where userid='.$userid.' and usrgrpid='.$usrgrpid);
+ }
+ else{
+ error(S_USER_CANNOT_CHANGE_STATUS);
+ }
+ return $result;
+ }
+
+
+// description:
+// checks if user is adding himself to disabled group
+ function granted2update_group($usrgrpid){
+ global $USER_DETAILS;
+ $users = get_userid_by_usrgrpid($usrgrpid);
+ $result=(!uint_in_array($USER_DETAILS['userid'],$users));
+ return $result;
}
+
+
+// description:
+// checks if user is adding himself to disabled group
+ function granted2move_user($userid,$usrgrpid){
+ global $USER_DETAILS;
+
+ $result = true;
+ $group = get_group_by_usrgrpid($usrgrpid);
+ if(($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED) || ($group['users_status'] == GROUP_STATUS_DISABLED)){
+ $result=(bccomp($USER_DETAILS['userid'],$userid)!=0);
+ }
+ return $result;
+ }
/**************************
USER GROUPS
**************************/
- function add_user_group($name,$users=array(),$rights=array())
- {
+ function add_user_group($name,$users_status,$gui_access,$users=array(),$rights=array()){
+
if(DBfetch(DBselect('select * from usrgrp where name='.zbx_dbstr($name).' and '.DBin_node('usrgrpid', get_current_nodeid(false)))))
{
error("Group '$name' already exists");
@@ -219,29 +268,33 @@
$result=DBexecute("insert into usrgrp (usrgrpid,name) values ($usrgrpid,".zbx_dbstr($name).")");
if(!$result) return $result;
-
- $result=DBexecute("delete from users_groups where usrgrpid=".$usrgrpid);
- foreach($users as $userid => $name)
- {
- $id = get_dbid('users_groups','id');
- $result=DBexecute('insert into users_groups (id,usrgrpid,userid) values ('.$id.','.$usrgrpid.','.$userid.')');
+
+// must come before adding user to group
+ $result&=change_group_status($usrgrpid,$users_status);
+ $result&=change_group_gui_access($usrgrpid,$gui_access);
+ if(!$result) return $result;
+//--------
+
+ foreach($users as $userid => $name){
+ $result &= add_user_to_group($userid,$usrgrpid);
if(!$result) return $result;
}
$result=DBexecute("delete from rights where groupid=".$usrgrpid);
- foreach($rights as $right)
- {
+ foreach($rights as $right){
$id = get_dbid('rights','rightid');
$result=DBexecute('insert into rights (rightid,groupid,type,permission,id)'.
' values ('.$id.','.$usrgrpid.','.$right['type'].','.$right['permission'].','.$right['id'].')');
+
if(!$result) return $result;
}
-
+
return $result;
}
- function update_user_group($usrgrpid,$name,$users=array(),$rights=array())
- {
+ function update_user_group($usrgrpid,$name,$users_status,$gui_access,$users=array(),$rights=array()){
+ global $USER_DETAILS;
+
if(DBfetch(DBselect('select * from usrgrp where name='.zbx_dbstr($name).
' and usrgrpid<>'.$usrgrpid.' and '.DBin_node('usrgrpid', get_current_nodeid(false)))))
{
@@ -250,33 +303,43 @@
}
$result=DBexecute("update usrgrp set name=".zbx_dbstr($name)." where usrgrpid=$usrgrpid");
- if(!$result)
- {
- return $result;
- }
+ if(!$result) return $result;
+
+// must come before adding user to group
+ $result&=change_group_status($usrgrpid,$users_status);
+ $result&=change_group_gui_access($usrgrpid,$gui_access);
+ if(!$result) return $result;
+//-------
- $result=DBexecute("delete from users_groups where usrgrpid=".$usrgrpid);
- foreach($users as $userid => $name)
- {
- $id = get_dbid('users_groups','id');
- $result=DBexecute('insert into users_groups (id,usrgrpid,userid) values ('.$id.','.$usrgrpid.','.$userid.')');
- if(!$result) return $result;
+ $grant = true;
+ if(($gui_access == GROUP_GUI_ACCESS_DISABLED) || ($users_status == GROUP_STATUS_DISABLED)){
+ $grant = (!uint_in_array($USER_DETAILS['userid'],$users));
}
-
+ if($grant){
+ $result = DBexecute('delete from users_groups where usrgrpid='.zbx_dbstr($usrgrpid));
+ foreach($users as $userid => $name){
+ $result &= add_user_to_group($userid,$usrgrpid);
+ if(!$result) return $result;
+ }
+ }
+ else{
+ error(S_USER_CANNOT_DISABLE_ITSELF);
+ return false;
+ }
+
$result=DBexecute("delete from rights where groupid=".$usrgrpid);
- foreach($rights as $right)
- {
+ foreach($rights as $right){
$id = get_dbid('rights','rightid');
$result=DBexecute('insert into rights (rightid,groupid,type,permission,id)'.
' values ('.$id.','.$usrgrpid.','.$right['type'].','.$right['permission'].','.$right['id'].')');
+
if(!$result) return $result;
}
return $result;
}
- function delete_user_group($usrgrpid)
- {
+ function delete_user_group($usrgrpid){
$result = DBexecute("delete from rights where groupid=$usrgrpid");
if(!$result) return $result;
@@ -286,16 +349,234 @@
if(!$result) return $result;
$result = DBexecute("delete from usrgrp where usrgrpid=$usrgrpid");
- return $result;
+ return $result;
}
- function get_group_by_usrgrpid($usrgrpid)
- {
- if($row = DBfetch(DBselect("select * from usrgrp where usrgrpid=".$usrgrpid)))
- {
+ function get_group_by_usrgrpid($usrgrpid){
+ if($row = DBfetch(DBselect("select * from usrgrp where usrgrpid=".$usrgrpid))){
return $row;
}
/* error("No user groups with id [$usrgrpid]"); */
- return FALSE;
+ return FALSE;
+ }
+
+
+ function change_group_status($usrgrpid,$users_status){
+ $res = false;
+
+ $grant = true;
+ if($users_status == GROUP_STATUS_DISABLED) $grant = granted2update_group($usrgrpid);
+
+ if($grant){
+ $res = DBexecute('UPDATE usrgrp SET users_status='.$users_status.' WHERE usrgrpid='.$usrgrpid);
+ }
+ else{
+ error(S_USER_CANNOT_CHANGE_STATUS);
+ }
+ return $res;
+ }
+
+
+ function change_group_gui_access($usrgrpid,$gui_access){
+ $res = false;
+
+ $grant = true;
+ if($gui_access == GROUP_GUI_ACCESS_DISABLED) $grant= granted2update_group($usrgrpid);
+
+ if($grant){
+ $res = DBexecute('UPDATE usrgrp SET gui_access='.$gui_access.' WHERE usrgrpid='.$usrgrpid);
+ }
+ else{
+ error(S_USER_CANNOT_CHANGE_GUI_ACCESS);
+ }
+ return $res;
}
+
+/********************************/
+
+ function get_user_actionmenu($userid){
+ global $USER_DETAILS;
+
+ $action = new CSpan(S_SELECT);
+
+// add to group
+ $menus = "Array(Array('".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}),
+ Array('".S_ADD_TO."',null,null,{'outer' : ['pum_o_submenu'],'inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $grp_list = '(';
+ if($res = DBselect('SELECT DISTINCT ug.usrgrpid '.
+ ' FROM users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND '.DBin_node('ug.usrgrpid', get_current_nodeid(false))))
+ {
+ while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".',';
+ }
+ $grp_list=rtrim($grp_list,',').')';
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name, g.gui_access, g.users_status'.
+ ' FROM usrgrp g'.
+ ' WHERE g.usrgrpid NOT IN'.$grp_list.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ if(!granted2move_user($userid,$group['usrgrpid'])) continue;
+
+ $caption = new CSpan($group['name']);
+ if($group['users_status'] == GROUP_STATUS_DISABLED){
+ $caption->SetClass('red');
+ }
+ else if($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED){
+ $caption->SetClass('orange');
+ }
+
+ $caption = htmlspecialchars(unpack_object($caption));
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+// remove from group
+ $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name, g.gui_access, g.users_status '.
+ ' FROM usrgrp g, users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND ug.usrgrpid = g.usrgrpid '.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ if(!granted2move_user($userid,$group['usrgrpid'])) continue;
+
+ $caption = new CSpan($group['name']);
+ if($group['users_status'] == GROUP_STATUS_DISABLED){
+ $caption->SetClass('red');
+ }
+ else if($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED){
+ $caption->SetClass('orange');
+ }
+
+ $caption = htmlspecialchars(unpack_object($caption));
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+ if($USER_DETAILS['userid'] == $userid){
+ $menus=rtrim($menus,',').')';
+ }
+ else{
+// add to GUI ACCESS
+ $menus.= "Array('".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}),
+ Array('".S_ADD_TO."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $grp_list = '(';
+ if($res = DBselect('SELECT DISTINCT ug.usrgrpid '.
+ ' FROM users_groups ug, usrgrp g'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false))))
+ {
+ while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".',';
+ }
+ $grp_list=rtrim($grp_list,',').')';
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name'.
+ ' FROM usrgrp g'.
+ ' WHERE g.usrgrpid NOT IN'.$grp_list.
+ ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'orange');
+ $caption = htmlspecialchars(unpack_object($caption));
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+// remove from GUI ACCESS
+ $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $res = DBselect('SELECT g.name, g.usrgrpid'.
+ ' FROM usrgrp g, users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND ug.usrgrpid = g.usrgrpid '.
+ ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'orange');
+ $caption = htmlspecialchars(unpack_object($caption));
+
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+
+// add to DISABLED
+ $menus.= "Array('".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}),
+ Array('".S_ADD_TO."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $grp_list = '(';
+ if($res = DBselect('SELECT DISTINCT ug.usrgrpid '.
+ ' FROM users_groups ug, usrgrp g'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND g.users_status='.GROUP_STATUS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false))))
+ {
+ while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".',';
+ }
+ $grp_list=rtrim($grp_list,',').')';
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name'.
+ ' FROM usrgrp g'.
+ ' WHERE g.usrgrpid NOT IN'.$grp_list.
+ ' AND g.users_status='.GROUP_STATUS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'red');
+ $caption = htmlspecialchars(unpack_object($caption));
+
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+// remove from DISABLED
+ $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $res = DBselect('SELECT g.name, g.usrgrpid'.
+ ' FROM usrgrp g, users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND ug.usrgrpid = g.usrgrpid '.
+ ' AND g.users_status='.GROUP_STATUS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'red');
+ $caption = htmlspecialchars(unpack_object($caption));
+
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'))';
+ }
+
+ $script = new CScript("javascript: show_popup_menu(event,".$menus.",240);");
+ $action->AddAction('onclick',$script);
+ $action->AddOption('onmouseover','javascript: this.style.cursor = "pointer";');
+
+ return $action;
+ }
+
?>
generated by cgit (git 2.34.1) at 2026-01-07 20:52:27 +0000