function move_contact_to_group($contact_id, $group_id, $uid) { if (!is_numeric($contact_id) || !is_numeric($group_id)) { return false; } $contact = get_contact_by_id($contact_id); if ($contact == null || $contact['uid'] != $uid) { return false; } if ($group_id != $contact['group_id'] && $group_id != 0) { $group = get_group_by_id($group_id); if ($group == null || $group['uid'] != $uid) { return false; } } $sql = 'UPDATE `contact` SET `group_id` = ? WHERE `contact_id` = ?'; $params = array($group_id, $contact_id); $affected_rows = (new MysqlPDO())->execute($sql, $params); return $affected_rows == 1; }
function permissions_cache($user_id) { $permissions = array(); foreach (dbFetchRows("SELECT * FROM `entity_permissions` WHERE `user_id` = ?", array($user_id)) as $entity) { switch ($entity['entity_type']) { case "group": // this is a group, so expand it's members into an array $group = get_group_by_id($entity['entity_id']); foreach (get_group_entities($entity['entity_id']) as $group_entity_id) { $permissions[$group['entity_type']][$group_entity_id] = TRUE; } //break; // And also store self group permission in cache //break; // And also store self group permission in cache default: $permissions[$entity['entity_type']][$entity['entity_id']] = TRUE; break; } } // For limited users expand device permission into entity permission if ((!isset($_SESSION['user_limited']) || $_SESSION['user_limited']) && count($permissions['device'])) { foreach ($GLOBALS['config']['entities'] as $entity_type => $entity_def) { if ($entity_type == 'device' || $entity_def['hide'] || empty($entity_def['table_fields']['device_id'])) { continue; } $devices = array_keys($permissions['device']); $query = 'SELECT `' . $entity_def['table_fields']['id'] . '` FROM `' . $entity_def['table'] . '`'; $query .= ' WHERE 1 ' . generate_query_values($devices, $entity_def['table_fields']['device_id']); foreach (dbFetchColumn($query) as $entity_id) { $permissions[$entity_type][$entity_id] = TRUE; } } } // Alerts $alert = array(); foreach (dbFetchRows('SELECT `alert_table_id`, `device_id`, `entity_id`, `entity_type` FROM `alert_table`') as $alert_table_entry) { //r($alert_table_entry); if (is_entity_permitted($alert_table_entry['entity_id'], $alert_table_entry['entity_type'], $alert_table_entry['device_id'], $permissions)) { $alert[$alert_table_entry['alert_table_id']] = TRUE; } } if (count($alert)) { $permissions['alert'] = $alert; } return $permissions; }
} echo '</table>' . PHP_EOL; //} else { // echo('<p class="text-center text-warning bg-warning" style="padding: 10px; margin: 0px;"><strong>This user currently has no permitted bills</strong></p>'); // //print_warning("This user currently has no permitted bills"); //} echo generate_box_close(); } // End bill permissions // Start group permissions if (OBSERVIUM_EDITION != 'community') { echo generate_box_open(array('header-border' => TRUE, 'title' => 'Group Permissions')); if (count($user_permissions['group'])) { echo '<table class="' . OBS_CLASS_TABLE . '">' . PHP_EOL; foreach ($user_permissions['group'] as $group_id => $status) { $group = get_group_by_id($group_id); echo '<tr><td style="width: 1px;"></td> <td style="overflow: hidden;"><i class="' . $config['entities'][$group['entity_type']]['icon'] . '"></i> ' . generate_entity_link('group', $group) . ' <small>' . $group['group_descr'] . '</small></td> </tr>' . PHP_EOL; } echo '</table>' . PHP_EOL; } else { echo '<p class="text-center text-warning bg-warning" style="padding: 10px; margin: 0px;"><strong>This user currently has no permitted groups</strong></p>'; //print_warning("This user currently has no permitted groups"); } echo generate_box_close(); } // End group permissions // Start device permissions echo generate_box_open(array('header-border' => TRUE, 'title' => 'Device Permissions'));
print_warning("You are not permitted to view this port."); } exit; break; case "device": if (is_numeric($vars['entity_id']) && device_permitted($vars['entity_id'])) { $device = device_by_id_cache($vars['entity_id']); echo generate_device_popup($device, $vars, $start, $end); } else { print_warning("You are not permitted to view this device."); } exit; break; case "group": if (is_numeric($vars['entity_id']) && $_SESSION['userlevel'] >= 5) { $group = get_group_by_id($vars['entity_id']); generate_group_popup_header($group, array()); } else { print_warning("You are not permitted to view this device."); } exit; break; // FIXME : mac is not an observium entity. This should go elsewhere! // FIXME : mac is not an observium entity. This should go elsewhere! case "mac": if (Net_MAC::check($vars['entity_id'])) { // Other way by using Pear::Net_MAC, see here: http://pear.php.net/manual/en/package.networking.net-mac.importvendors.php $url = 'http://api.macvendors.com/' . urlencode($vars['entity_id']); $response = get_http_request($url); if ($response) { echo 'MAC vendor: ' . $response;
function cache_alert_maintenance() { $return = array(); $now = time(); $maints = dbFetchRows("SELECT * FROM `alerts_maint` WHERE `maint_start` < ? AND `maint_end` > ?", array($now, $now)); if (is_array($maints) && count($maints)) { $return['count'] = count($maints); foreach ($maints as $maint) { if ($maint['maint_global'] == 1) { $return['global'][$maint['maint_id']] = $maint; } else { $assocs = dbFetchRows("SELECT * FROM `alerts_maint_assoc` WHERE `maint_id` = ?", array($maint['maint_id'])); foreach ($assocs as $assoc) { switch ($assoc['entity_type']) { case "group": // this is a group, so expand it's members into an array $group = get_group_by_id($assoc['entity_id']); $entities = get_group_entities($assoc['entity_id']); foreach ($entities as $entity) { $return[$group['entity_type']][$entity] = TRUE; } break; default: $return[$assoc['entity_type']][$assoc['entity_id']] = TRUE; break; } } } } } //print_r($return); return $return; }