summaryrefslogtreecommitdiffstats
path: root/frontends/php/include
diff options
context:
space:
mode:
Diffstat (limited to 'frontends/php/include')
-rw-r--r--frontends/php/include/classes/ctag.inc.php13
-rw-r--r--frontends/php/include/db.inc.php4
-rw-r--r--frontends/php/include/defines.inc.php7
-rw-r--r--frontends/php/include/forms.inc.php52
-rw-r--r--frontends/php/include/locales/en_gb.inc.php7
-rw-r--r--frontends/php/include/perm.inc.php71
-rw-r--r--frontends/php/include/users.inc.php377
7 files changed, 448 insertions, 83 deletions
diff --git a/frontends/php/include/classes/ctag.inc.php b/frontends/php/include/classes/ctag.inc.php
index 97cc2325..44cc5050 100644
--- a/frontends/php/include/classes/ctag.inc.php
+++ b/frontends/php/include/classes/ctag.inc.php
@@ -221,7 +221,7 @@
{
unset($this->options[$name]);
}
- function &GetOption($name)
+ function GetOption($name)
{
$ret = NULL;
if(isset($this->options[$name]))
@@ -256,13 +256,20 @@
function AddAction($name, $value)
{
- if(!empty($value))
+ if(is_object($value)){
+ $this->options[$name] = unpack_object($value);
+ }
+ else if(!empty($value)){
$this->options[$name] = htmlentities(str_replace(array("\r", "\n"), '', strval($value)),ENT_COMPAT,S_HTML_CHARSET);
+ }
}
function AddOption($name, $value)
{
- if(isset($value))
+ if(is_object($value)){
+ $this->options[$name] = unpack_object($value);
+ }
+ else if(isset($value))
$this->options[$name] = htmlspecialchars(strval($value));
else
unset($this->options[$name]);
diff --git a/frontends/php/include/db.inc.php b/frontends/php/include/db.inc.php
index 46d56c7f..e60bc250 100644
--- a/frontends/php/include/db.inc.php
+++ b/frontends/php/include/db.inc.php
@@ -408,10 +408,10 @@
switch($DB_TYPE)
{
case "MYSQL":
- $result = mysql_fetch_array($cursor);
+ $result = mysql_fetch_assoc($cursor);
break;
case "POSTGRESQL":
- $result = pg_fetch_array($cursor);
+ $result = pg_fetch_assoc($cursor);
break;
case "ORACLE":
if(ocifetchinto($cursor, $row, OCI_ASSOC+OCI_NUM+OCI_RETURN_NULLS))
diff --git a/frontends/php/include/defines.inc.php b/frontends/php/include/defines.inc.php
index 7328c677..8bbceb64 100644
--- a/frontends/php/include/defines.inc.php
+++ b/frontends/php/include/defines.inc.php
@@ -338,8 +338,11 @@
define('USER_TYPE_ZABBIX_ADMIN', 2);
define('USER_TYPE_SUPER_ADMIN', 3);
- define('USER_STATUS_DISABLED', 1);
- define('USER_STATUS_ENABLED', 0);
+ define('GROUP_STATUS_DISABLED', 1);
+ define('GROUP_STATUS_ENABLED', 0);
+
+ define('GROUP_GUI_ACCESS_DISABLED', 1);
+ define('GROUP_GUI_ACCESS_ENABLED', 0);
define('PERM_MAX', 3);
define('PERM_READ_WRITE', 3);
diff --git a/frontends/php/include/forms.inc.php b/frontends/php/include/forms.inc.php
index 21c2170c..6a895cef 100644
--- a/frontends/php/include/forms.inc.php
+++ b/frontends/php/include/forms.inc.php
@@ -702,7 +702,6 @@
$autologout = $user["autologout"];
$lang = $user["lang"];
$refresh = $user["refresh"];
- $status = $user["status"];
$user_type = $user["type"];
$user_groups = array();
@@ -743,7 +742,6 @@
$autologout = get_request("autologout",900);
$lang = get_request("lang","en_gb");
$refresh = get_request("refresh",30);
- $status = get_request('status',0);
$user_type = get_request("user_type",USER_TYPE_ZABBIX_USER);;
$user_groups = get_request("user_groups",array());
$change_password = get_request("change_password", null);
@@ -883,18 +881,6 @@
$frmUser->AddRow(S_URL_AFTER_LOGIN, new CTextBox("url",$url,50));
$frmUser->AddRow(S_SCREEN_REFRESH, new CNumericBox("refresh",$refresh,4));
- if((bccomp($USER_DETAILS['userid'],$userid) == 0)){
- $frmUser->AddVar('status',USER_STATUS_ENABLED);
- $frmUser->AddRow(S_STATUS, new CSpan(S_ENABLED,'green'));
- }
- else{
- $cmbStat = new CComboBox('status',$status);
- $cmbStat->AddItem(USER_STATUS_ENABLED,S_ENABLED);
- $cmbStat->AddItem(USER_STATUS_DISABLED,S_DISABLED);
-
- $frmUser->AddRow(S_STATUS, $cmbStat);
- }
-
if($profile==0)
{
$frmUser->AddVar('perm_details', $perm_details);
@@ -964,7 +950,7 @@
# Insert form for User Groups
function insert_usergroups_form()
{
- global $_REQUEST;
+ global $USER_DETAILS;
$frm_title = S_USER_GROUP;
if(isset($_REQUEST["usrgrpid"]))
@@ -975,8 +961,11 @@
if(isset($_REQUEST["usrgrpid"]) && !isset($_REQUEST["form_refresh"]))
{
- $name = $usrgrp["name"];
+ $name = $usrgrp['name'];
+ $users_status = $usrgrp['users_status'];
+ $gui_access = $usrgrp['gui_access'];
+
$group_users = array();
$db_users=DBselect("SELECT distinct u.userid,u.alias FROM users u,users_groups ug ".
"where u.userid=ug.userid AND ug.usrgrpid=".$_REQUEST["usrgrpid"].
@@ -1012,7 +1001,9 @@
}
else
{
- $name = get_request("gname","");
+ $name = get_request("gname","");
+ $users_status = get_request('users_status',0);
+ $gui_access = get_request('gui_access',0);
$group_users = get_request("group_users",array());
$group_rights = get_request("group_rights",array());
}
@@ -1054,6 +1045,33 @@
(count($group_users) > 0) ? new CButton('del_group_user',S_DELETE_SELECTED) : null
));
+ $granted = true;
+ if(isset($_REQUEST['usrgrpid'])){
+ $granted = granted2update_group($_REQUEST['usrgrpid']);
+ }
+
+ if($granted){
+ $cmbGUI = new CComboBox('gui_access',$gui_access);
+ $cmbGUI->AddItem(GROUP_GUI_ACCESS_ENABLED,S_ENABLED);
+ $cmbGUI->AddItem(GROUP_GUI_ACCESS_DISABLED,S_DISABLED);
+
+ $frmUserG->AddRow(S_GUI_ACCESS, $cmbGUI);
+
+ $cmbStat = new CComboBox('users_status',$users_status);
+ $cmbStat->AddItem(GROUP_STATUS_ENABLED,S_ENABLED);
+ $cmbStat->AddItem(GROUP_STATUS_DISABLED,S_DISABLED);
+
+ $frmUserG->AddRow(S_USERS_STATUS, $cmbStat);
+
+ }
+ else{
+ $frmUserG->AddVar('gui_access',GROUP_GUI_ACCESS_ENABLED);
+ $frmUserG->AddRow(S_GUI_ACCESS, new CSpan(S_ENABLED,'green'));
+
+ $frmUserG->AddVar('users_status',GROUP_STATUS_ENABLED);
+ $frmUserG->AddRow(S_USERS_STATUS, new CSpan(S_ENABLED,'green'));
+ }
+
$table_Rights = new CTable(S_NO_RIGHTS_DEFINED,'right_table');
$lstWrite = new CListBox('right_to_del[read_write][]' ,null ,20);
diff --git a/frontends/php/include/locales/en_gb.inc.php b/frontends/php/include/locales/en_gb.inc.php
index d24778a8..3422f27c 100644
--- a/frontends/php/include/locales/en_gb.inc.php
+++ b/frontends/php/include/locales/en_gb.inc.php
@@ -1297,6 +1297,8 @@
'S_GROUP_DELETED'=> 'Group deleted',
'S_CANNOT_DELETE_GROUP'=> 'Cannot delete group',
'S_USER_CANNOT_DISABLE_ITSELF'=> 'User cannot disable itself',
+ 'S_USER_CANNOT_CHANGE_STATUS'=> 'User cannot change status to itself',
+ 'S_USER_CANNOT_CHANGE_GUI_ACCESS'=> 'User cannot change GUI access to itself',
'S_USER_CANNOT_DELETE_ITSELF'=> 'User cannot delete itself',
'S_CONFIGURATION_OF_USERS_AND_USER_GROUPS'=>'CONFIGURATION OF USERS AND USER GROUPS',
'S_USER_GROUPS_BIG'=> 'USER GROUPS',
@@ -1316,6 +1318,8 @@
'S_PERMISSION'=> 'Permission',
'S_RIGHT'=> 'Right',
'S_RIGHTS'=> 'Rights',
+ 'S_GUI_ACCESS'=> 'GUI access',
+ 'S_USERS_STATUS'=> 'Users status',
'S_NO_RIGHTS_DEFINED'=> 'No rights defined',
'S_RESOURCE_NAME'=> 'Resource name',
'S_READ_ONLY'=> 'Read only',
@@ -1332,6 +1336,9 @@
'S_CREATE_GROUP'=> 'Create Group',
'S_DELETE_SELECTED_USERS_Q'=> 'Delete selected users?',
'S_NO_ACCESSIBLE_RESOURCES'=> 'No accessibles resources',
+ 'S_ADD_TO'=> 'Add to',
+ 'S_REMOVE_FROM'=> 'Remove from',
+ 'S_STATUS_DISABLED'=> 'Status disabled',
//scripts.php
'S_SCRIPTS'=> 'Scripts',
diff --git a/frontends/php/include/perm.inc.php b/frontends/php/include/perm.inc.php
index 750ffe1b..10522455 100644
--- a/frontends/php/include/perm.inc.php
+++ b/frontends/php/include/perm.inc.php
@@ -48,21 +48,25 @@
if( !is_null($sessionid))
{
- if(!($USER_DETAILS = DBfetch(DBselect('SELECT u.*,s.* FROM sessions s,users u'.
- ' WHERE s.sessionid='.zbx_dbstr($sessionid).
- ' AND s.userid=u.userid'.
- ' AND ((s.lastaccess+u.autologout>'.time().') OR (u.autologout=0))'.
- ' AND '.DBin_node('u.userid', $ZBX_LOCALNODEID).
- ' AND u.status='.USER_STATUS_ENABLED))))
- {
+ $login = $USER_DETAILS = DBfetch(DBselect('SELECT u.*,s.* FROM sessions s,users u'.
+ ' WHERE s.sessionid='.zbx_dbstr($sessionid).
+ ' AND s.userid=u.userid'.
+ ' AND ((s.lastaccess+u.autologout>'.time().') OR (u.autologout=0))'.
+ ' AND '.DBin_node('u.userid', $ZBX_LOCALNODEID)));
+ if($login){
+ $login = (check_perm2login($USER_DETAILS['userid']) && check_perm2system($USER_DETAILS['userid']));
+ }
+
+ if(!$login){
+ $USER_DETAILS = NULL;
+
zbx_unsetcookie('zbx_sessionid');
DBexecute("delete from sessions where sessionid=".zbx_dbstr($sessionid));
unset($sessionid);
$incorrect_session = true;
}
- else
- {
+ else{
zbx_setcookie("zbx_sessionid",$sessionid);
DBexecute("update sessions set lastaccess=".time()." where sessionid=".zbx_dbstr($sessionid));
}
@@ -71,8 +75,7 @@
if(!$USER_DETAILS){
if(!($USER_DETAILS = DBfetch(DBselect('SELECT u.* FROM users u '.
' WHERE u.alias='.zbx_dbstr(ZBX_GUEST_USER).
- ' AND '.DBin_node('u.userid', $ZBX_LOCALNODEID).
- ' AND u.status='.USER_STATUS_ENABLED))))
+ ' AND '.DBin_node('u.userid', $ZBX_LOCALNODEID)))))
{
$missed_user_guest = true;
}
@@ -115,6 +118,52 @@
}
/***********************************************
+ CHECK USER ACCESS TO SYSTEM STATUS
+************************************************/
+/* Function: check_perm2system()
+ *
+ * Description:
+ * Checking user permissions to access system (affects server side: no notification will be sent)
+ *
+ * Comments:
+ * return true if permission is positive
+ *
+ * Author: Aly
+ */
+ function check_perm2system($userid){
+ $sql = 'SELECT COUNT(g.usrgrpid) as grp_count '.
+ ' FROM usrgrp g, users_groups ug '.
+ ' WHERE ug.userid = '.zbx_dbstr($userid).
+ ' AND g.usrgrpid = ug.usrgrpid '.
+ ' AND g.users_status = '.GROUP_STATUS_DISABLED;
+ $res = DBFetch(DBSelect($sql));
+
+ return ($res['grp_count'] == 0)?true:false;
+ }
+
+/* Function: check_perm2login()
+ *
+ * Description:
+ * Checking user permissions to Login in frontend
+ *
+ * Comments:
+ * return true if permission is positive
+ *
+ * Author: Aly
+ */
+
+ function check_perm2login($userid){
+ $sql = 'SELECT COUNT(g.usrgrpid) as grp_count '.
+ ' FROM usrgrp g, users_groups ug '.
+ ' WHERE ug.userid = '.zbx_dbstr($userid).
+ ' AND g.usrgrpid = ug.usrgrpid '.
+ ' AND g.gui_access = '.GROUP_GUI_ACCESS_DISABLED;
+ $res = DBFetch(DBSelect($sql));
+
+ return ($res['grp_count'] == 0)?true:false;
+ }
+
+/***********************************************
GET ACCESSIBLE RESOURCES BY USERID
************************************************/
function perm_mode2comparator($perm_mode)
diff --git a/frontends/php/include/users.inc.php b/frontends/php/include/users.inc.php
index af84528d..4c2e8ae1 100644
--- a/frontends/php/include/users.inc.php
+++ b/frontends/php/include/users.inc.php
@@ -33,7 +33,7 @@
# Add User definition
- function add_user($name,$surname,$alias,$passwd,$url,$autologout,$lang,$refresh,$user_type,$status,$user_groups,$user_medias)
+ function add_user($name,$surname,$alias,$passwd,$url,$autologout,$lang,$refresh,$user_type,$user_groups,$user_medias)
{
global $USER_DETAILS;
@@ -54,8 +54,6 @@
' values ('.$userid.','.zbx_dbstr($name).','.zbx_dbstr($surname).','.zbx_dbstr($alias).','.
zbx_dbstr(md5($passwd)).','.zbx_dbstr($url).','.$autologout.','.zbx_dbstr($lang).','.$refresh.','.$user_type.')');
- $result &= change_user_status($userid,$status);
-
if($result)
{
DBexecute('delete from users_groups where userid='.$userid);
@@ -88,7 +86,7 @@
# Update User definition
- function update_user($userid,$name,$surname,$alias,$passwd, $url,$autologout,$lang,$refresh,$user_type,$status,$user_groups,$user_medias)
+ function update_user($userid,$name,$surname,$alias,$passwd, $url,$autologout,$lang,$refresh,$user_type,$user_groups,$user_medias)
{
if(DBfetch(DBselect("select * from users where alias=".zbx_dbstr($alias).
" and userid<>$userid and ".DBin_node('userid', get_current_nodeid(false)))))
@@ -102,8 +100,6 @@
",url=".zbx_dbstr($url).","."autologout=$autologout,lang=".zbx_dbstr($lang).",refresh=$refresh,".
"type=$user_type".
" where userid=$userid");
-
- $result &= change_user_status($userid,$status);
if($result)
{
@@ -182,33 +178,86 @@
}
- function get_user_by_userid($userid){
+ function get_user_by_userid($userid){
if($row = DBfetch(DBselect('select * from users where userid='.zbx_dbstr($userid)))){
return $row;
}
/* error("No user with id [$userid]"); */
return false;
}
+
- function change_user_status($userid,$status){
- global $USER_DETAILS;
- $res = false;
- if((bccomp($USER_DETAILS['userid'],$userid) == 0) && ($status==USER_STATUS_DISABLED)){
- error(S_USER_CANNOT_DISABLE_ITSELF);
+ function get_userid_by_usrgrpid($usrgrpid){
+ $userids = array();
+ if($res=DBselect('SELECT DISTINCT u.userid '.
+ ' FROM users u,users_groups ug '.
+ ' WHERE u.userid=ug.userid '.
+ ' AND ug.usrgrpid='.$usrgrpid.
+ ' AND '.DBin_node('ug.usrgrpid', get_current_nodeid(false))))
+ {
+ while($rows = DBFetch($res)) $userids[]=$rows['userid'];
+ }
+
+ return $userids;
+ }
+
+
+ function add_user_to_group($userid,$usrgrpid){
+ $result = false;
+ if(granted2move_user($userid,$usrgrpid)){
+ DBexecute('delete from users_groups where userid='.$userid.' and usrgrpid='.$usrgrpid);
+
+ $users_groups_id = get_dbid("users_groups","id");
+ $result = DBexecute('insert into users_groups (id,usrgrpid,userid) values('.$users_groups_id.','.$usrgrpid.','.$userid.')');
}
else{
- $res = DBexecute('UPDATE users SET status='.$status.' WHERE userid='.zbx_dbstr($userid));
+ error(S_USER_CANNOT_CHANGE_STATUS);
}
- return $res;
+ return $result;
+ }
+
+ function remove_user_from_group($userid,$usrgrpid){
+ $result = false;
+ if(granted2move_user($userid,$usrgrpid)){
+ $result = DBexecute('delete from users_groups where userid='.$userid.' and usrgrpid='.$usrgrpid);
+ }
+ else{
+ error(S_USER_CANNOT_CHANGE_STATUS);
+ }
+ return $result;
+ }
+
+
+// description:
+// checks if user is adding himself to disabled group
+ function granted2update_group($usrgrpid){
+ global $USER_DETAILS;
+ $users = get_userid_by_usrgrpid($usrgrpid);
+ $result=(!uint_in_array($USER_DETAILS['userid'],$users));
+ return $result;
}
+
+
+// description:
+// checks if user is adding himself to disabled group
+ function granted2move_user($userid,$usrgrpid){
+ global $USER_DETAILS;
+
+ $result = true;
+ $group = get_group_by_usrgrpid($usrgrpid);
+ if(($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED) || ($group['users_status'] == GROUP_STATUS_DISABLED)){
+ $result=(bccomp($USER_DETAILS['userid'],$userid)!=0);
+ }
+ return $result;
+ }
/**************************
USER GROUPS
**************************/
- function add_user_group($name,$users=array(),$rights=array())
- {
+ function add_user_group($name,$users_status,$gui_access,$users=array(),$rights=array()){
+
if(DBfetch(DBselect('select * from usrgrp where name='.zbx_dbstr($name).' and '.DBin_node('usrgrpid', get_current_nodeid(false)))))
{
error("Group '$name' already exists");
@@ -219,29 +268,33 @@
$result=DBexecute("insert into usrgrp (usrgrpid,name) values ($usrgrpid,".zbx_dbstr($name).")");
if(!$result) return $result;
-
- $result=DBexecute("delete from users_groups where usrgrpid=".$usrgrpid);
- foreach($users as $userid => $name)
- {
- $id = get_dbid('users_groups','id');
- $result=DBexecute('insert into users_groups (id,usrgrpid,userid) values ('.$id.','.$usrgrpid.','.$userid.')');
+
+// must come before adding user to group
+ $result&=change_group_status($usrgrpid,$users_status);
+ $result&=change_group_gui_access($usrgrpid,$gui_access);
+ if(!$result) return $result;
+//--------
+
+ foreach($users as $userid => $name){
+ $result &= add_user_to_group($userid,$usrgrpid);
if(!$result) return $result;
}
$result=DBexecute("delete from rights where groupid=".$usrgrpid);
- foreach($rights as $right)
- {
+ foreach($rights as $right){
$id = get_dbid('rights','rightid');
$result=DBexecute('insert into rights (rightid,groupid,type,permission,id)'.
' values ('.$id.','.$usrgrpid.','.$right['type'].','.$right['permission'].','.$right['id'].')');
+
if(!$result) return $result;
}
-
+
return $result;
}
- function update_user_group($usrgrpid,$name,$users=array(),$rights=array())
- {
+ function update_user_group($usrgrpid,$name,$users_status,$gui_access,$users=array(),$rights=array()){
+ global $USER_DETAILS;
+
if(DBfetch(DBselect('select * from usrgrp where name='.zbx_dbstr($name).
' and usrgrpid<>'.$usrgrpid.' and '.DBin_node('usrgrpid', get_current_nodeid(false)))))
{
@@ -250,33 +303,43 @@
}
$result=DBexecute("update usrgrp set name=".zbx_dbstr($name)." where usrgrpid=$usrgrpid");
- if(!$result)
- {
- return $result;
- }
+ if(!$result) return $result;
+
+// must come before adding user to group
+ $result&=change_group_status($usrgrpid,$users_status);
+ $result&=change_group_gui_access($usrgrpid,$gui_access);
+ if(!$result) return $result;
+//-------
- $result=DBexecute("delete from users_groups where usrgrpid=".$usrgrpid);
- foreach($users as $userid => $name)
- {
- $id = get_dbid('users_groups','id');
- $result=DBexecute('insert into users_groups (id,usrgrpid,userid) values ('.$id.','.$usrgrpid.','.$userid.')');
- if(!$result) return $result;
+ $grant = true;
+ if(($gui_access == GROUP_GUI_ACCESS_DISABLED) || ($users_status == GROUP_STATUS_DISABLED)){
+ $grant = (!uint_in_array($USER_DETAILS['userid'],$users));
}
-
+ if($grant){
+ $result = DBexecute('delete from users_groups where usrgrpid='.zbx_dbstr($usrgrpid));
+ foreach($users as $userid => $name){
+ $result &= add_user_to_group($userid,$usrgrpid);
+ if(!$result) return $result;
+ }
+ }
+ else{
+ error(S_USER_CANNOT_DISABLE_ITSELF);
+ return false;
+ }
+
$result=DBexecute("delete from rights where groupid=".$usrgrpid);
- foreach($rights as $right)
- {
+ foreach($rights as $right){
$id = get_dbid('rights','rightid');
$result=DBexecute('insert into rights (rightid,groupid,type,permission,id)'.
' values ('.$id.','.$usrgrpid.','.$right['type'].','.$right['permission'].','.$right['id'].')');
+
if(!$result) return $result;
}
return $result;
}
- function delete_user_group($usrgrpid)
- {
+ function delete_user_group($usrgrpid){
$result = DBexecute("delete from rights where groupid=$usrgrpid");
if(!$result) return $result;
@@ -286,16 +349,234 @@
if(!$result) return $result;
$result = DBexecute("delete from usrgrp where usrgrpid=$usrgrpid");
- return $result;
+ return $result;
}
- function get_group_by_usrgrpid($usrgrpid)
- {
- if($row = DBfetch(DBselect("select * from usrgrp where usrgrpid=".$usrgrpid)))
- {
+ function get_group_by_usrgrpid($usrgrpid){
+ if($row = DBfetch(DBselect("select * from usrgrp where usrgrpid=".$usrgrpid))){
return $row;
}
/* error("No user groups with id [$usrgrpid]"); */
- return FALSE;
+ return FALSE;
+ }
+
+
+ function change_group_status($usrgrpid,$users_status){
+ $res = false;
+
+ $grant = true;
+ if($users_status == GROUP_STATUS_DISABLED) $grant = granted2update_group($usrgrpid);
+
+ if($grant){
+ $res = DBexecute('UPDATE usrgrp SET users_status='.$users_status.' WHERE usrgrpid='.$usrgrpid);
+ }
+ else{
+ error(S_USER_CANNOT_CHANGE_STATUS);
+ }
+ return $res;
+ }
+
+
+ function change_group_gui_access($usrgrpid,$gui_access){
+ $res = false;
+
+ $grant = true;
+ if($gui_access == GROUP_GUI_ACCESS_DISABLED) $grant= granted2update_group($usrgrpid);
+
+ if($grant){
+ $res = DBexecute('UPDATE usrgrp SET gui_access='.$gui_access.' WHERE usrgrpid='.$usrgrpid);
+ }
+ else{
+ error(S_USER_CANNOT_CHANGE_GUI_ACCESS);
+ }
+ return $res;
}
+
+/********************************/
+
+ function get_user_actionmenu($userid){
+ global $USER_DETAILS;
+
+ $action = new CSpan(S_SELECT);
+
+// add to group
+ $menus = "Array(Array('".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}),
+ Array('".S_ADD_TO."',null,null,{'outer' : ['pum_o_submenu'],'inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $grp_list = '(';
+ if($res = DBselect('SELECT DISTINCT ug.usrgrpid '.
+ ' FROM users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND '.DBin_node('ug.usrgrpid', get_current_nodeid(false))))
+ {
+ while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".',';
+ }
+ $grp_list=rtrim($grp_list,',').')';
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name, g.gui_access, g.users_status'.
+ ' FROM usrgrp g'.
+ ' WHERE g.usrgrpid NOT IN'.$grp_list.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ if(!granted2move_user($userid,$group['usrgrpid'])) continue;
+
+ $caption = new CSpan($group['name']);
+ if($group['users_status'] == GROUP_STATUS_DISABLED){
+ $caption->SetClass('red');
+ }
+ else if($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED){
+ $caption->SetClass('orange');
+ }
+
+ $caption = htmlspecialchars(unpack_object($caption));
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+// remove from group
+ $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name, g.gui_access, g.users_status '.
+ ' FROM usrgrp g, users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND ug.usrgrpid = g.usrgrpid '.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ if(!granted2move_user($userid,$group['usrgrpid'])) continue;
+
+ $caption = new CSpan($group['name']);
+ if($group['users_status'] == GROUP_STATUS_DISABLED){
+ $caption->SetClass('red');
+ }
+ else if($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED){
+ $caption->SetClass('orange');
+ }
+
+ $caption = htmlspecialchars(unpack_object($caption));
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+ if($USER_DETAILS['userid'] == $userid){
+ $menus=rtrim($menus,',').')';
+ }
+ else{
+// add to GUI ACCESS
+ $menus.= "Array('".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}),
+ Array('".S_ADD_TO."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $grp_list = '(';
+ if($res = DBselect('SELECT DISTINCT ug.usrgrpid '.
+ ' FROM users_groups ug, usrgrp g'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false))))
+ {
+ while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".',';
+ }
+ $grp_list=rtrim($grp_list,',').')';
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name'.
+ ' FROM usrgrp g'.
+ ' WHERE g.usrgrpid NOT IN'.$grp_list.
+ ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'orange');
+ $caption = htmlspecialchars(unpack_object($caption));
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+// remove from GUI ACCESS
+ $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $res = DBselect('SELECT g.name, g.usrgrpid'.
+ ' FROM usrgrp g, users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND ug.usrgrpid = g.usrgrpid '.
+ ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'orange');
+ $caption = htmlspecialchars(unpack_object($caption));
+
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+
+// add to DISABLED
+ $menus.= "Array('".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}),
+ Array('".S_ADD_TO."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $grp_list = '(';
+ if($res = DBselect('SELECT DISTINCT ug.usrgrpid '.
+ ' FROM users_groups ug, usrgrp g'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND g.users_status='.GROUP_STATUS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false))))
+ {
+ while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".',';
+ }
+ $grp_list=rtrim($grp_list,',').')';
+
+ $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name'.
+ ' FROM usrgrp g'.
+ ' WHERE g.usrgrpid NOT IN'.$grp_list.
+ ' AND g.users_status='.GROUP_STATUS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'red');
+ $caption = htmlspecialchars(unpack_object($caption));
+
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'),';
+// remove from DISABLED
+ $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},";
+ $menus.= "['".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],";
+
+ $res = DBselect('SELECT g.name, g.usrgrpid'.
+ ' FROM usrgrp g, users_groups ug'.
+ ' WHERE ug.userid='.zbx_dbstr($userid).
+ ' AND ug.usrgrpid = g.usrgrpid '.
+ ' AND g.users_status='.GROUP_STATUS_DISABLED.
+ ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)).
+ ' ORDER BY g.name');
+
+
+ while($group=DBfetch($res)){
+ $caption = new CSpan($group['name'],'red');
+ $caption = htmlspecialchars(unpack_object($caption));
+
+ $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,";
+ }
+
+ $menus=rtrim($menus,',').'))';
+ }
+
+ $script = new CScript("javascript: show_popup_menu(event,".$menus.",240);");
+ $action->AddAction('onclick',$script);
+ $action->AddOption('onmouseover','javascript: this.style.cursor = "pointer";');
+
+ return $action;
+ }
+
?>
generated by cgit (git 2.34.1) at 2026-01-08 01:11:39 +0000