function update_user_group($usrgrpid, $name, $users_status, $gui_access, $api_access, $debug_mode, $users = array(), $rights = array())
{
global $USER_DETAILS;
$sql = 'SELECT * ' . ' FROM usrgrp ' . ' WHERE name=' . zbx_dbstr($name) . ' AND usrgrpid<>' . $usrgrpid . ' AND ' . DBin_node('usrgrpid', get_current_nodeid(false));
if (DBfetch(DBselect($sql))) {
error("Group '{$name}' already exists");
return 0;
}
$result = DBexecute('UPDATE usrgrp SET name=' . zbx_dbstr($name) . ' WHERE usrgrpid=' . $usrgrpid);
if (!$result) {
return $result;
}
// must come before adding user to group
$result &= change_group_status($usrgrpid, $users_status);
$result &= change_group_gui_access($usrgrpid, $gui_access);
$result &= change_group_api_access($usrgrpid, $api_access);
$result &= change_group_debug_mode($usrgrpid, $debug_mode);
if (!$result) {
return $result;
}
//-------
$grant = true;
if ($gui_access == GROUP_GUI_ACCESS_DISABLED || $users_status == GROUP_STATUS_DISABLED) {
$grant = !uint_in_array($USER_DETAILS['userid'], $users);
}
if ($grant) {
$result = DBexecute('DELETE FROM users_groups WHERE usrgrpid=' . $usrgrpid);
foreach ($users as $userid => $name) {
$result = add_user_to_group($userid, $usrgrpid);
if (!$result) {
return $result;
}
}
} else {
error(S_USER_CANNOT_DISABLE_ITSELF);
return false;
}
$result = DBexecute('DELETE FROM rights WHERE groupid=' . $usrgrpid);
foreach ($rights as $right) {
$id = get_dbid('rights', 'rightid');
$result = DBexecute('INSERT INTO rights (rightid,groupid,permission,id)' . ' VALUES (' . $id . ',' . $usrgrpid . ',' . $right['permission'] . ',' . $right['id'] . ')');
if (!$result) {
return $result;
}
}
return $result;
}
}
$goResult = DBend($goResult);
show_messages($goResult, _('Group deleted'), _('Cannot delete group'));
clearCookies($goResult);
}
} elseif ($_REQUEST['go'] == 'set_gui_access') {
$groupIds = get_request('group_groupid', get_request('usrgrpid'));
zbx_value2array($groupIds);
$groups = array();
$dbGroups = DBselect('SELECT ug.usrgrpid,ug.name' . ' FROM usrgrp ug' . ' WHERE ' . dbConditionInt('ug.usrgrpid', $groupIds) . andDbNode('ug.usrgrpid'));
while ($group = DBfetch($dbGroups)) {
$groups[$group['usrgrpid']] = $group;
}
if ($groups) {
DBstart();
$goResult = change_group_gui_access($groupIds, $_REQUEST['set_gui_access']);
if ($goResult) {
$auditAction = $_REQUEST['set_gui_access'] == GROUP_GUI_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_ENABLE;
foreach ($groups as $groupId => $group) {
add_audit($auditAction, AUDIT_RESOURCE_USER_GROUP, 'GUI access for group name [' . $group['name'] . ']');
}
}
$goResult = DBend($goResult);
show_messages($goResult, _('Frontend access updated'), _('Cannot update frontend access'));
clearCookies($goResult);
}
} elseif (str_in_array($_REQUEST['go'], array('enable_debug', 'disable_debug'))) {
$groupIds = get_request('group_groupid', get_request('usrgrpid'));
zbx_value2array($groupIds);
$setDebugMode = $_REQUEST['go'] == 'enable_debug' ? GROUP_DEBUG_MODE_ENABLED : GROUP_DEBUG_MODE_DISABLED;
$groups = array();
} else {
if (isset($_REQUEST['delete'])) {
$group = get_group_by_usrgrpid($_REQUEST['usrgrpid']);
DBstart();
$result = delete_user_group($_REQUEST['usrgrpid']);
$result = DBend($result);
show_messages($result, S_GROUP_DELETED, S_CANNOT_DELETE_GROUP);
if ($result) {
add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER_GROUP, 'Group name [' . $group['name'] . ']');
unset($_REQUEST['usrgrpid']);
unset($_REQUEST['form']);
}
} else {
if (isset($_REQUEST['set_gui_access']) && isset($_REQUEST['usrgrpid'])) {
$group = get_group_by_usrgrpid($_REQUEST['usrgrpid']);
$result = change_group_gui_access($_REQUEST['usrgrpid'], $_REQUEST['set_gui_access']);
show_messages($result, S_GROUP . ' "' . $group['name'] . '" ' . S_GUI_ACCESS_UPDATED, S_CANNOT_UPDATE_GUI_ACCESS);
if ($result) {
$audit_action = $_REQUEST['set_gui_access'] == GROUP_GUI_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_UPDATE;
add_audit($audit_action, AUDIT_RESOURCE_USER_GROUP, 'GUI access for group name [' . $group['name'] . ']');
unset($_REQUEST['usrgrpid']);
}
unset($_REQUEST['form']);
} else {
if (isset($_REQUEST['set_users_status']) && isset($_REQUEST['usrgrpid'])) {
$group = get_group_by_usrgrpid($_REQUEST['usrgrpid']);
$result = change_group_status($_REQUEST['usrgrpid'], $_REQUEST['set_users_status']);
$status_msg1 = $_REQUEST['set_users_status'] == GROUP_STATUS_ENABLED ? S_ENABLED : S_DISABLED;
$status_msg2 = $_REQUEST['set_users_status'] == GROUP_STATUS_ENABLED ? S_ENABLE : S_DISABLE;
show_messages($result, S_GROUP . SPACE . '"' . $group['name'] . '"' . SPACE . $status_msg1, S_CANNOT . SPACE . $status_msg2 . SPACE . S_GROUP);
if ($result) {
if ($result) {
uncheckTableRows();
}
show_messages($result, _('Group deleted'), _('Cannot delete group'));
}
} elseif (hasRequest('action') && getRequest('action') == 'usergroup.set_gui_access') {
$groupIds = getRequest('group_groupid', getRequest('usrgrpid'));
zbx_value2array($groupIds);
$groups = [];
$dbGroups = DBselect('SELECT ug.usrgrpid,ug.name' . ' FROM usrgrp ug' . ' WHERE ' . dbConditionInt('ug.usrgrpid', $groupIds));
while ($group = DBfetch($dbGroups)) {
$groups[$group['usrgrpid']] = $group;
}
if ($groups) {
DBstart();
$result = change_group_gui_access($groupIds, getRequest('set_gui_access'));
if ($result) {
$auditAction = getRequest('set_gui_access') == GROUP_GUI_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_ENABLE;
foreach ($groups as $groupId => $group) {
add_audit($auditAction, AUDIT_RESOURCE_USER_GROUP, 'GUI access for group name [' . $group['name'] . ']');
}
}
$result = DBend($result);
if ($result) {
uncheckTableRows();
}
show_messages($result, _('Frontend access updated'), _('Cannot update frontend access'));
}
} elseif (hasRequest('action') && str_in_array(getRequest('action'), ['usergroup.massenabledebug', 'usergroup.massdisabledebug'])) {
$groupIds = getRequest('group_groupid', getRequest('usrgrpid'));
zbx_value2array($groupIds);
