/** * Show rights of a user * * @param $user User object **/ static function showForUser(User $user) { global $DB, $CFG_GLPI, $LANG; $ID = $user->getField('id'); if (!$user->can($ID, 'r')) { return false; } $canedit = $user->can($ID, 'w'); $strict_entities = self::getUserEntities($ID, false); if (!haveAccessToOneOfEntities($strict_entities) && !isViewAllEntities()) { $canedit = false; } $canshowentity = haveRight("entity", "r"); $rand = mt_rand(); echo "<form name='entityuser_form{$rand}' id='entityuser_form{$rand}' method='post' action='"; echo getItemTypeFormURL(__CLASS__) . "'>"; if ($canedit) { echo "<div class='firstbloc'>"; echo "<table class='tab_cadre_fixe'>"; echo "<tr class='tab_bg_1'><th colspan='4'>" . $LANG['setup'][605] . "</tr>"; echo "<tr class='tab_bg_2'><td class='center'>"; echo "<input type='hidden' name='users_id' value='{$ID}'>"; Dropdown::show('Entity', array('entity' => $_SESSION['glpiactiveentities'])); echo "</td><td class='center'>" . $LANG['profiles'][22] . " : "; Profile::dropdownUnder(array('value' => Profile::getDefault())); echo "</td><td class='center'>" . $LANG['profiles'][28] . " : "; Dropdown::showYesNo("is_recursive", 0); echo "</td><td class='center'>"; echo "<input type='submit' name='add' value=\"" . $LANG['buttons'][8] . "\" class='submit'>"; echo "</td></tr>"; echo "</table></div>"; } echo "<div class='spaced'><table class='tab_cadre_fixehov'>"; echo "<tr><th colspan='2'>" . $LANG['Menu'][37] . "</th>"; echo "<th>" . $LANG['profiles'][22] . " (D=" . $LANG['profiles'][29] . ", R=" . $LANG['profiles'][28] . ")"; echo "</th></tr>"; $query = "SELECT DISTINCT `glpi_profiles_users`.`id` AS linkID,\n `glpi_profiles`.`id`,\n `glpi_profiles`.`name`,\n `glpi_profiles_users`.`is_recursive`,\n `glpi_profiles_users`.`is_dynamic`,\n `glpi_entities`.`completename`,\n `glpi_profiles_users`.`entities_id`\n FROM `glpi_profiles_users`\n LEFT JOIN `glpi_profiles`\n ON (`glpi_profiles_users`.`profiles_id` = `glpi_profiles`.`id`)\n LEFT JOIN `glpi_entities`\n ON (`glpi_profiles_users`.`entities_id` = `glpi_entities`.`id`)\n WHERE `glpi_profiles_users`.`users_id` = '{$ID}'\n ORDER BY `glpi_profiles`.`name`, `glpi_entities`.`completename`"; $result = $DB->query($query); if ($DB->numrows($result) > 0) { while ($data = $DB->fetch_array($result)) { echo "<tr class='tab_bg_1'>"; echo "<td width='10'>"; if ($canedit && in_array($data["entities_id"], $_SESSION['glpiactiveentities'])) { echo "<input type='checkbox' name='item[" . $data["linkID"] . "]' value='1'>"; } else { echo " "; } echo "</td>"; if ($data["entities_id"] == 0) { $data["completename"] = $LANG['entity'][2]; } echo "<td>"; if ($canshowentity) { echo "<a href='" . getItemTypeFormURL('Entity') . "?id=" . $data["entities_id"] . "'>"; } echo $data["completename"] . ($_SESSION["glpiis_ids_visible"] ? " (" . $data["entities_id"] . ")" : ""); if ($canshowentity) { echo "</a>"; } echo "</td>"; echo "<td>" . $data["name"]; if ($data["is_dynamic"] || $data["is_recursive"]) { echo "<strong> ("; if ($data["is_dynamic"]) { echo "D"; } if ($data["is_dynamic"] && $data["is_recursive"]) { echo ", "; } if ($data["is_recursive"]) { echo "R"; } echo ")</strong>"; } echo "</td>"; } echo "</tr>"; } echo "</table>"; if ($canedit) { openArrowMassive("entityuser_form{$rand}", true); closeArrowMassive('delete', $LANG['buttons'][6]); } echo "</form></div>"; }
/** * Show projet associated to an item * * @since version 0.84 * * @param $item CommonDBTM object for which associated projet must be displayed * @param $withtemplate (default '') **/ static function showForItem(CommonDBTM $item, $withtemplate = '') { global $DB, $CFG_GLPI; $ID = $item->getField('id'); if ($item->isNewID($ID)) { return false; } if (!plugin_projet_haveRight('projet', 'r')) { return false; } if (!$item->can($item->fields['id'], 'r')) { return false; } if (empty($withtemplate)) { $withtemplate = 0; } $canedit = $item->canadditem('PluginProjetProjet'); $rand = mt_rand(); $is_recursive = $item->isRecursive(); $query = "SELECT `glpi_plugin_projet_projets_items`.`id` AS assocID,\n `glpi_entities`.`id` AS entity,\n `glpi_plugin_projet_projets`.`name` AS assocName,\n `glpi_plugin_projet_projets`.*\n FROM `glpi_plugin_projet_projets_items`\n LEFT JOIN `glpi_plugin_projet_projets`\n ON (`glpi_plugin_projet_projets_items`.`plugin_projet_projets_id`=`glpi_plugin_projet_projets`.`id`)\n LEFT JOIN `glpi_entities` ON (`glpi_plugin_projet_projets`.`entities_id`=`glpi_entities`.`id`)\n WHERE `glpi_plugin_projet_projets_items`.`items_id` = '{$ID}'\n AND `glpi_plugin_projet_projets_items`.`itemtype` = '" . $item->getType() . "' "; $query .= getEntitiesRestrictRequest(" AND", "glpi_plugin_projet_projets", '', '', true); $query .= " ORDER BY `assocName`"; $result = $DB->query($query); $number = $DB->numrows($result); $i = 0; $projets = array(); $used = array(); if ($numrows = $DB->numrows($result)) { while ($data = $DB->fetch_assoc($result)) { $projets[$data['assocID']] = $data; $used[$data['id']] = $data['id']; } } $projet = new PluginProjetProjet(); if ($canedit && $withtemplate < 2) { // Restrict entity for knowbase $entities = ""; $entity = $_SESSION["glpiactive_entity"]; if ($item->isEntityAssign()) { /// Case of personal items : entity = -1 : create on active entity (Reminder case)) if ($item->getEntityID() >= 0) { $entity = $item->getEntityID(); } if ($item->isRecursive()) { $entities = getSonsOf('glpi_entities', $entity); } else { $entities = $entity; } } $limit = getEntitiesRestrictRequest(" AND ", "glpi_plugin_projet_projets", '', $entities, true); $q = "SELECT COUNT(*)\n FROM `glpi_plugin_projet_projets`\n WHERE `is_deleted` = '0'\n AND `is_template` = '0' "; if ($item->getType() != 'User') { $q .= " {$limit}"; } $result = $DB->query($q); $nb = $DB->result($result, 0, 0); echo "<div class='firstbloc'>"; if (plugin_projet_haveRight('projet', 'r') && $nb > count($used)) { echo "<form name='projet_form{$rand}' id='projet_form{$rand}' method='post'\n action='" . Toolbox::getItemTypeFormURL('PluginProjetProjet') . "'>"; echo "<table class='tab_cadre_fixe'>"; echo "<tr class='tab_bg_1'>"; echo "<td colspan='4' class='center'>"; echo "<input type='hidden' name='entities_id' value='{$entity}'>"; echo "<input type='hidden' name='is_recursive' value='{$is_recursive}'>"; echo "<input type='hidden' name='itemtype' value='" . $item->getType() . "'>"; echo "<input type='hidden' name='items_id' value='{$ID}'>"; if ($item->getType() == 'Ticket') { echo "<input type='hidden' name='tickets_id' value='{$ID}'>"; } if ($item->getType() != 'User') { $projet->dropdownProjet("plugin_projet_projets_id", $entities, $used); } else { $strict_entities = Profile_User::getUserEntities($ID, true); if (!Session::haveAccessToOneOfEntities($strict_entities) && !isViewAllEntities()) { $canedit = false; } if (countElementsInTableForEntity("glpi_plugin_projet_projets", $strict_entities) > count($used)) { Dropdown::show('PluginProjetProjet', array('name' => "plugin_projet_projets_id", 'used' => $used, 'entity' => $strict_entities)); } } echo "</td><td class='center' width='20%'>"; echo "<input type='submit' name='additem' value=\"" . _sx('button', 'Associate a project', 'projet') . "\" class='submit'>"; echo "</td>"; echo "</tr>"; echo "</table>"; Html::closeForm(); } echo "</div>"; } echo "<div class='spaced'>"; if ($canedit && $number && $withtemplate < 2) { Html::openMassiveActionsForm('mass' . __CLASS__ . $rand); $massiveactionparams = array('num_displayed' => $number); Html::showMassiveActions(__CLASS__, $massiveactionparams); } echo "<table class='tab_cadre_fixe'>"; if (Session::isMultiEntitiesMode()) { $colsup = 1; } else { $colsup = 0; } if ($item->getType() == "Group" || $item->getType() == "User") { echo "<tr><th colspan='" . (7 + $colsup) . "'>" . _n('Associated project', 'Associated projects', 2, 'projet') . ":</th></tr>"; } echo "<tr>"; if ($canedit && $number && $withtemplate < 2) { echo "<th width='10'>" . Html::getCheckAllAsCheckbox('mass' . __CLASS__ . $rand) . "</th>"; } echo "<th>" . __('Name') . "</th>"; if (Session::isMultiEntitiesMode()) { echo "<th>" . __('Entity') . "</th>"; } echo "<th>" . __('Description') . "</th>"; echo "<th>" . __('Progress') . "</th>"; echo "<th>" . __('Start date') . "</th>"; echo "<th>" . __('End date') . "</th>"; echo "</tr>"; $used = array(); if ($number) { Session::initNavigateListItems('PluginProjetProjet', sprintf(__('%1$s = %2$s'), $item->getTypeName(1), $item->getName())); foreach ($projets as $data) { $projetID = $data["id"]; $link = NOT_AVAILABLE; if ($projet->getFromDB($projetID)) { $link = $projet->getLink(); } Session::addToNavigateListItems('PluginProjetProjet', $projetID); $used[$projetID] = $projetID; $assocID = $data["assocID"]; echo "<tr class='tab_bg_1" . ($data["is_deleted"] ? "_2" : "") . "'>"; if ($canedit && $withtemplate < 2) { echo "<td width='10'>"; Html::showMassiveActionCheckBox(__CLASS__, $data["assocID"]); echo "</td>"; } echo "<td class='center'>{$link}</td>"; if (Session::isMultiEntitiesMode()) { echo "<td class='center'>" . Dropdown::getDropdownName("glpi_entities", $data['entities_id']) . "</td>"; } echo "<td align='center'>" . Html::resume_text($data["description"], 250) . "</td>"; echo "<td align='center'>" . PluginProjetProjet::displayProgressBar('100', $data["advance"]) . "</td>"; echo "<td class='center'>" . Html::convdate($data["date_begin"]) . "</td>"; if ($data["date_end"] <= date('Y-m-d') && !empty($data["date_end"])) { echo "<td class='center'><span class='red'>" . Html::convdate($data["date_end"]) . "</span></td>"; } else { echo "<td class='center'><span class='green'>" . Html::convdate($data["date_end"]) . "</span></td>"; } echo "</tr>"; $i++; } } echo "</table>"; if ($canedit && $number && $withtemplate < 2) { $massiveactionparams['ontop'] = false; Html::showMassiveActions(__CLASS__, $massiveactionparams); Html::closeForm(); } echo "</div>"; }
/** * Generic Function to add default where to a request * * @param $itemtype device type * * @return select string **/ static function addDefaultWhere($itemtype) { global $CFG_GLPI; switch ($itemtype) { case 'Notification': if (!haveRight('config', 'w')) { return " `glpi_notifications`.`itemtype` NOT IN ('Crontask', 'DBConnection') "; } break; // No link // No link case 'User': // View all entities if (isViewAllEntities()) { return ""; } return getEntitiesRestrictRequest("", "glpi_profiles_users"); case 'Ticket': // Same structure in addDefaultJoin $condition = ''; if (!haveRight("show_all_ticket", "1")) { $searchopt =& self::getOptions($itemtype); $requester_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[4]['joinparams']['beforejoin']['joinparams']) . '`'; $requestergroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[71]['joinparams']['beforejoin']['joinparams']) . '`'; $assign_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[5]['joinparams']['beforejoin']['joinparams']) . '`'; $assigngroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[8]['joinparams']['beforejoin']['joinparams']) . '`'; $observer_table = '`glpi_tickets_users_' . self::computeComplexJoinID($searchopt[66]['joinparams']['beforejoin']['joinparams']) . '`'; $observergroup_table = '`glpi_groups_tickets_' . self::computeComplexJoinID($searchopt[65]['joinparams']['beforejoin']['joinparams']) . '`'; $condition = "("; $condition .= " {$requester_table}.users_id = '" . getLoginUserID() . "'\n OR {$observer_table}.users_id = '" . getLoginUserID() . "'"; if (count($_SESSION['glpigroups'])) { $condition .= " OR {$observergroup_table}.`groups_id`\n IN ('" . implode("','", $_SESSION['glpigroups']) . "')"; } if (haveRight("show_group_ticket", 1)) { if (count($_SESSION['glpigroups'])) { $condition .= " OR {$requestergroup_table}.`groups_id`\n IN ('" . implode("','", $_SESSION['glpigroups']) . "')"; } } if (haveRight("own_ticket", "1")) { // Can own ticket : show assign to me $condition .= " OR {$assign_table}.users_id = '" . getLoginUserID() . "' "; } if (haveRight("show_assign_ticket", "1")) { // show mine + assign to me $condition .= " OR {$assign_table}.`users_id` = '" . getLoginUserID() . "'"; if (count($_SESSION['glpigroups'])) { $condition .= " OR {$assigngroup_table}.`groups_id`\n IN ('" . implode("','", $_SESSION['glpigroups']) . "')"; } if (haveRight('assign_ticket', 1)) { $condition .= " OR `glpi_tickets`.`status`='new'"; } } if (haveRight("validate_ticket", 1)) { $condition .= " OR `glpi_ticketvalidations`.`users_id_validate` = '" . getLoginUserID() . "'"; } $condition .= ") "; } return $condition; default: // Plugin can override core definition for its type if ($plug = isPluginItemType($itemtype)) { $function = 'plugin_' . $plug['plugin'] . '_addDefaultWhere'; if (function_exists($function)) { $out = $function($itemtype); if (!empty($out)) { return $out; } } } return ""; } }
function pre_deleteItem() { global $DB; $entities = Profile_User::getUserEntities($this->fields["id"]); $view_all = isViewAllEntities(); // Have right on all entities ? $all = true; if (!$view_all) { foreach ($entities as $ent) { if (!haveAccessToEntity($ent)) { $all = false; } } } if ($all) { // Mark as deleted return true; } // only delete profile foreach ($entities as $ent) { if (haveAccessToEntity($ent)) { $all = false; $query = "DELETE\n FROM `glpi_profiles_users`\n WHERE `users_id` = '" . $this->fields["id"] . "'\n AND `entities_id` = '{$ent}'"; $DB->query($query); } return false; } }