public function __construct() { //zisti, ci uzivatel ma pravo menit dane udaje $rights = new UserRights(CDatabaza::getInstance()); if (!$rights->approved("EDIT_ENUMS")) { $this->disable(); return; } $this->enable(); //inicializuje premenne $this->initialize(); //nastavi spustitelne funkcie a prislusne formulare triedy $this->setFunction("add_topic", "add_topic"); $this->setForm("add_topic", "Pridaj rubriku", "add_topic", "add_topic_form"); $this->setFunction("edit_topic", "edit_topic"); $this->setForm("edit_topic", "Uprav rubriku", "edit_topic", "edit_topic_form"); $this->setFunction("remove_topic", "remove_topic"); $this->setForm("remove_topic", "Odstráň rubriku", "remove_topic", "remove_topic_form"); $this->setFunction("add_theme", "add_theme"); $this->setForm("add_theme", "Pridaj tému", "add_theme", "add_theme_form"); $this->setFunction("edit_theme", "edit_theme"); $this->setForm("edit_theme", "Uprav tému", "edit_theme", "edit_theme_form"); $this->setFunction("remove_theme", "remove_theme"); $this->setForm("remove_theme", "Odstráň tému", "remove_theme", "remove_theme_form"); }
public function __construct() { if (!isset($_SESSION['user'])) { return; } $user = $_SESSION['user']; $hasInfo = true; //ziska informacie z databazy $data = CDatabaza::getInstance(); $data->connect(); $rights = new UserRights($data); //ziska uzivatelske prava if (mysqli_num_rows($data->query("SELECT * FROM Uzivatel_info WHERE uzivatel_id={$user}")) == 0) { $hasInfo = false; } $data->close(); //prida polia hlavneho menu na zaklade uzivatelskych prav $this->addItem("Domov", ProgramManager::getId("Intro")); if ($hasInfo) { $this->addItem("Môj profil", ProgramManager::getId("User_info")); } if ($rights->approved('EDIT_USERS')) { $this->addItem("UžÃvatelia", ProgramManager::getId("Users")); } if ($rights->approved('EDIT_ENUMS')) { $this->addItem("Rubriky", ProgramManager::getId("Topics")); } $this->addItem("ÄŒlánky", ProgramManager::getId("Article_list")); //$this->addItem("PrÃspevky", 0); //$this->addItem("Nastavenia", 0); //$this->addItem("OdhlásiÅ¥","?id=".ProgramManager::getId("Login")."&func=logout",0); $this->displayed = true; }
public function actionRights() { $Users = User::model()->findAllByAttributes(['company_id' => Yii::app()->getUser()->getProfile()->company_id]); if (isset($_POST['save'])) { foreach ($Users as $User) { UserRights::model()->deleteAllByAttributes(['user_id' => $User->id]); } if (!empty($_POST['rights'])) { foreach ($_POST['rights'] as $userId => $rights) { $User = User::model()->findByPK($userId); if ($User->company_id != Yii::app()->getUser()->getProfile()->company_id) { break; } //TODO переработать обновление foreach ($rights as $right => $status) { $UserRights = new UserRights(); $UserRights->user_id = $User->id; $UserRights->right = $right; $UserRights->save(); } } } } $this->render('rights', ['Users' => $Users]); }
public function IsUserAllowed() { $bRet = true; if (array_key_exists('profile_list', $_SESSION)) { $aProfiles = $_SESSION['profile_list']; } else { $oUser = UserRights::GetUserObject(); $oSet = $oUser->Get('profile_list'); while (($oLnkUserProfile = $oSet->Fetch()) !== null) { $aProfiles[] = $oLnkUserProfile->Get('profileid_friendlyname'); } $_SESSION['profile_list'] = $aProfiles; } foreach ($this->aData['deny'] as $sDeniedProfile) { // If one denied profile is present, it's enough => return false if (in_array($sDeniedProfile, $aProfiles)) { return false; } } // If there are some "allow" profiles, then by default the result is false // since the user must have at least one of the profiles to be allowed if (count($this->aData['allow']) > 0) { $bRet = false; } foreach ($this->aData['allow'] as $sAllowProfile) { // If one "allow" profile is present, it's enough => return true if (in_array($sAllowProfile, $aProfiles)) { return true; } } return $bRet; }
public static function OnMenuCreation() { if (UserRights::IsAdministrator()) { $oAdminMenu = new MenuGroup('AdminTools', 80); new WebPageMenuNode('ConfigEditor', utils::GetAbsoluteUrlModulesRoot() . 'itop-config/config.php', $oAdminMenu->GetIndex(), 18); } }
/** * Get the HTML fragment corresponding to the HTML editor widget * @param WebPage $oP The web page used for all the output * @param Hash $aArgs Extra context arguments * @return string The HTML fragment to be inserted into the page */ public function Display(WebPage $oPage, $aArgs = array()) { $iId = $this->m_iId; $sCode = $this->m_sAttCode . $this->m_sNameSuffix; $sValue = $this->m_sValue; $sHelpText = $this->m_sHelpText; $sValidationField = $this->m_sValidationField; $sHtmlValue = "<table><tr><td><textarea class=\"htmlEditor\" title=\"{$sHelpText}\" name=\"attr_{$this->m_sFieldPrefix}{$sCode}\" rows=\"10\" cols=\"10\" id=\"{$iId}\">{$sValue}</textarea></td><td>{$sValidationField}</td></tr></table>"; // Replace the text area with CKEditor // To change the default settings of the editor, // a) edit the file /js/ckeditor/config.js // b) or override some of the configuration settings, using the second parameter of ckeditor() $sLanguage = strtolower(trim(UserRights::GetUserLanguage())); $oPage->add_ready_script("\$('#{$iId}').ckeditor(function() { /* callback code */ }, { language : '{$sLanguage}' , contentsLanguage : '{$sLanguage}', extraPlugins: 'disabler' });"); // Transform $iId into a CKEdit // Please read... // ValidateCKEditField triggers a timer... calling itself indefinitely // This design was the quickest way to achieve the field validation (only checking if the field is blank) // because the ckeditor does not fire events like "change" or "keyup", etc. // See http://dev.ckeditor.com/ticket/900 => won't fix // The most relevant solution would be to implement a plugin to CKEdit, and handle the internal events like: setData, insertHtml, insertElement, loadSnapshot, key, afterUndo, afterRedo // Could also be bound to 'instanceReady.ckeditor' $oPage->add_ready_script("\$('#{$iId}').bind('validate', function(evt, sFormId) { return ValidateCKEditField('{$iId}', '', {$this->m_sMandatory}, sFormId, '') } );\n"); $oPage->add_ready_script("\$('#{$iId}').bind('update', function() { BlockField('cke_{$iId}', \$('#{$iId}').attr('disabled')); } );\n"); return $sHtmlValue; }
public function IsUserAllowed() { if (array_key_exists('profile_list', $_SESSION)) { $aProfiles = $_SESSION['profile_list']; } else { $oUser = UserRights::GetUserObject(); $oSet = $oUser->Get('profile_list'); while (($oLnkUserProfile = $oSet->Fetch()) !== null) { $aProfiles[] = $oLnkUserProfile->Get('profileid_friendlyname'); } $_SESSION['profile_list'] = $aProfiles; } foreach ($this->aData['deny'] as $sDeniedProfile) { // If one denied profile is present, it's enough => return false if (in_array($sDeniedProfile, $aProfiles)) { return false; } } foreach ($this->aData['allow'] as $sAllowProfile) { // if one required profile is missing, it's enough => return false if (!in_array($sAllowProfile, $aProfiles)) { return false; } } return true; }
public static function IsEnabled() { if (self::$m_bEnabled_Duration || self::$m_bEnabled_Memory) { if (self::$m_sAllowedUser == '*' || UserRights::GetUser() == trim(self::$m_sAllowedUser)) { return true; } } return false; }
public function GetHeader() { $sData = ''; $oSet = new DBObjectSet($this->oSearch); $this->aStatusInfo['status'] = 'running'; $this->aStatusInfo['position'] = 0; $this->aStatusInfo['total'] = $oSet->Count(); $aSelectedClasses = $this->oSearch->GetSelectedClasses(); foreach ($aSelectedClasses as $sAlias => $sClassName) { if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) { $aAuthorizedClasses[$sAlias] = $sClassName; } } $aAliases = array_keys($aAuthorizedClasses); $aData = array(); foreach ($this->aStatusInfo['fields'] as $sExtendedAttCode) { if (preg_match('/^([^\\.]+)\\.(.+)$/', $sExtendedAttCode, $aMatches)) { $sAlias = $aMatches[1]; $sAttCode = $aMatches[2]; } else { $sAlias = reset($aAliases); $sAttCode = $sExtendedAttCode; } if (!in_array($sAlias, $aAliases)) { throw new Exception("Invalid alias '{$sAlias}' for the column '{$sExtendedAttCode}'. Availables aliases: '" . implode("', '", $aAliases) . "'"); } $sClass = $aSelectedClasses[$sAlias]; switch ($sAttCode) { case 'id': if (count($aSelectedClasses) > 1) { $aData[] = $sAlias . '.id'; //@@@ } else { $aData[] = 'id'; //@@@ } break; default: $oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode); if (count($aSelectedClasses) > 1) { $aData[] = $sAlias . '.' . $oAttDef->GetLabel(); } else { $aData[] = $oAttDef->GetLabel(); } } } $sData .= "<table class=\"listResults\">\n"; $sData .= "<thead>\n"; $sData .= "<tr>\n"; foreach ($aData as $sLabel) { $sData .= "<th>" . $sLabel . "</th>\n"; } $sData .= "</tr>\n"; $sData .= "</thead>\n"; $sData .= "<tbody>\n"; return $sData; }
public static function GetCurrentUserName() { if (UserRights::IsImpersonated()) { $sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUserFriendlyName(), UserRights::GetUserFriendlyName()); } else { $sUserString = UserRights::GetUserFriendlyName(); } return $sUserString; }
public function __construct() { $rights = new UserRights(CDatabaza::getInstance()); if (!$rights->approved("EDIT_USERS")) { $this->disable(); return; } $this->enable(); $this->initialize(); $this->setFunction("add", "add_user"); $this->setForm("add", "Pridaj užÃvateľa", "add_user", "add_user_form"); $this->setFunction("edit", "edit_user"); $this->setForm("edit", "Uprav informácie o užÃvateľovi", "edit_user", "edit_user_form"); $this->setFunction("remove", "remove_user"); $this->setForm("remove", "Vymaž užÃvateľa", "remove_user", "remove_user_form"); $this->setFunction("set_rights", "set_user_rights"); $this->setForm("set_rights", "Nastav užÃvateľské práva", "set_rights", "set_user_rights_form"); $this->setFunction("reset", "reset_password"); $this->setForm("reset", "Resetuj heslo", "remove_user", "remove_user_form"); }
private static function checkRight($array, $user) { if (!is_array($array)) { return $array == $user; } foreach ($array as $right) { if (UserRights::checkRight($right, $user)) { return true; } } return false; }
public static function OnMenuCreation() { // Add the admin menus if (UserRights::IsAdministrator()) { $oAdminMenu = new MenuGroup('AdminTools', 80); new OQLMenuNode('UserAccountsMenu', 'SELECT User', $oAdminMenu->GetIndex(), 1, true); new OQLMenuNode('ProfilesMenu', 'SELECT URP_Profiles', $oAdminMenu->GetIndex(), 2); new WebPageMenuNode('NotificationsMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/notifications.php', $oAdminMenu->GetIndex(), 3); new OQLMenuNode('AuditCategories', 'SELECT AuditCategory', $oAdminMenu->GetIndex(), 4); new WebPageMenuNode('RunQueriesMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/run_query.php', $oAdminMenu->GetIndex(), 8); new OQLMenuNode('QueryMenu', 'SELECT Query', $oAdminMenu->GetIndex(), 8.5, true); new WebPageMenuNode('ExportMenu', utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php?interactive=1', $oAdminMenu->GetIndex(), 9); new WebPageMenuNode('DataModelMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/schema.php', $oAdminMenu->GetIndex(), 10); new WebPageMenuNode('UniversalSearchMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/UniversalSearch.php', $oAdminMenu->GetIndex(), 11); } }
public static function OnMenuCreation() { $oToolsMenu = new MenuGroup('DataAdministration', 70, 'Organization', UR_ACTION_MODIFY, UR_ALLOWED_YES | UR_ALLOWED_DEPENDS); new WebPageMenuNode('CSVImportMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/csvimport.php', $oToolsMenu->GetIndex(), 1); // Add the admin menus if (UserRights::IsAdministrator()) { $oAdminMenu = new MenuGroup('AdminTools', 80); new OQLMenuNode('UserAccountsMenu', 'SELECT User', $oAdminMenu->GetIndex(), 1); new OQLMenuNode('ProfilesMenu', 'SELECT URP_Profiles', $oAdminMenu->GetIndex(), 2); new WebPageMenuNode('NotificationsMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/notifications.php', $oAdminMenu->GetIndex(), 3); new OQLMenuNode('AuditCategories', 'SELECT AuditCategory', $oAdminMenu->GetIndex(), 4); new WebPageMenuNode('RunQueriesMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/run_query.php', $oAdminMenu->GetIndex(), 8); new OQLMenuNode('QueryMenu', 'SELECT Query', $oAdminMenu->GetIndex(), 8.5, true); new WebPageMenuNode('ExportMenu', utils::GetAbsoluteUrlAppRoot() . 'webservices/export.php', $oAdminMenu->GetIndex(), 9); new WebPageMenuNode('DataModelMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/schema.php', $oAdminMenu->GetIndex(), 10); new WebPageMenuNode('UniversalSearchMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/UniversalSearch.php', $oAdminMenu->GetIndex(), 11); } }
public function IsUserAllowed() { $bRet = true; $aProfiles = UserRights::ListProfiles(); foreach ($this->aData['deny'] as $sDeniedProfile) { // If one denied profile is present, it's enough => return false if (in_array($sDeniedProfile, $aProfiles)) { return false; } } // If there are some "allow" profiles, then by default the result is false // since the user must have at least one of the profiles to be allowed if (count($this->aData['allow']) > 0) { $bRet = false; } foreach ($this->aData['allow'] as $sAllowProfile) { // If one "allow" profile is present, it's enough => return true if (in_array($sAllowProfile, $aProfiles)) { return true; } } return $bRet; }
/** * Helper function to build a select from the list of valid classes for a given action * @param string $sName The name of the select in the HTML form * @param string $sDefaulfValue The defaut value (i.e the value selected by default) * @param integer $iWidthPx The width (in pixels) of the drop-down list * @param integer $iActionCode The ActionCode (from UserRights) to check for authorization for the classes * @return string The HTML fragment corresponding to the select tag */ function GetClassesSelect($sName, $sDefaultValue, $iWidthPx, $iActionCode = null) { $sHtml = "<select id=\"select_{$sName}\" name=\"{$sName}\">"; $sHtml .= "<option tyle=\"width: " . $iWidthPx . "px;\" title=\"Select the class you want to load\" value=\"\">" . Dict::S('UI:CSVImport:ClassesSelectOne') . "</option>\n"; $aValidClasses = array(); $aClassCategories = array('bizmodel'); if (UserRights::IsAdministrator()) { $aClassCategories = array('bizmodel', 'application', 'addon/authentication'); } foreach ($aClassCategories as $sClassCategory) { foreach (MetaModel::GetClasses($sClassCategory) as $sClassName) { if ((is_null($iActionCode) || UserRights::IsActionAllowed($sClassName, $iActionCode)) && !MetaModel::IsAbstract($sClassName)) { $sSelected = $sClassName == $sDefaultValue ? " selected" : ""; $sDescription = MetaModel::GetClassDescription($sClassName); $sDisplayName = MetaModel::GetName($sClassName); $aValidClasses[$sDisplayName] = "<option style=\"width: " . $iWidthPx . "px;\" title=\"{$sDescription}\" value=\"{$sClassName}\"{$sSelected}>{$sDisplayName}</option>"; } } } ksort($aValidClasses); $sHtml .= implode("\n", $aValidClasses); $sHtml .= "</select>"; return $sHtml; }
public function DoExecute($oTrigger, $aContextArgs) { if (MetaModel::IsLogEnabledNotification()) { $oLog = new EventNotificationShellExec(); if ($this->IsBeingTested()) { $oLog->Set('message', 'TEST - Executing script (' . $this->Get('script_path') . ')'); } else { $oLog->Set('message', 'Executing script'); } $oLog->Set('userinfo', UserRights::GetUser()); $oLog->Set('trigger_id', $oTrigger->GetKey()); $oLog->Set('action_id', $this->GetKey()); $oLog->Set('object_id', $aContextArgs['this->object()']->GetKey()); // Must be inserted now so that it gets a valid id that will make the link // between an eventual asynchronous task (queued) and the log $oLog->DBInsertNoReload(); } else { $oLog = null; } try { $sRes = $this->_DoExecute($oTrigger, $aContextArgs, $oLog); if ($this->IsBeingTested()) { $sPrefix = 'TEST (' . $this->Get('script_path') . ') - '; } else { $sPrefix = ''; } $oLog->Set('message', $sPrefix . $sRes); } catch (Exception $e) { if ($oLog) { $oLog->Set('message', 'Error: ' . $e->getMessage()); } } if ($oLog) { $oLog->DBUpdate(); } }
function DoShowGrantSumary($oPage) { if ($this->GetRawName() == "Administrator") { // Looks dirty, but ok that's THE ONE $oPage->p(Dict::S('UI:UserManagement:AdminProfile+')); return; } // Note: for sure, we assume that the instance is derived from UserRightsProjection $oUserRights = UserRights::GetModuleInstance(); $aDisplayData = array(); foreach (MetaModel::GetClasses('bizmodel') as $sClass) { // Skip non instantiable classes if (MetaModel::IsAbstract($sClass)) { continue; } $aStimuli = array(); foreach (MetaModel::EnumStimuli($sClass) as $sStimulusCode => $oStimulus) { $oGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode); if (is_object($oGrant) && $oGrant->Get('permission') == 'yes') { $aStimuli[] = '<span title="' . $sStimulusCode . ': ' . htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8') . '">' . htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8') . '</span>'; } } $sStimuli = implode(', ', $aStimuli); $aDisplayData[] = array('class' => MetaModel::GetName($sClass), 'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Read'), 'bulkread' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Bulk Read'), 'write' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Modify'), 'bulkwrite' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Bulk Modify'), 'delete' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Delete'), 'bulkdelete' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Bulk Delete'), 'stimuli' => $sStimuli); } $aDisplayConfig = array(); $aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+')); $aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+')); $aDisplayConfig['bulkread'] = array('label' => Dict::S('UI:UserManagement:Action:BulkRead'), 'description' => Dict::S('UI:UserManagement:Action:BulkRead+')); $aDisplayConfig['write'] = array('label' => Dict::S('UI:UserManagement:Action:Modify'), 'description' => Dict::S('UI:UserManagement:Action:Modify+')); $aDisplayConfig['bulkwrite'] = array('label' => Dict::S('UI:UserManagement:Action:BulkModify'), 'description' => Dict::S('UI:UserManagement:Action:BulkModify+')); $aDisplayConfig['delete'] = array('label' => Dict::S('UI:UserManagement:Action:Delete'), 'description' => Dict::S('UI:UserManagement:Action:Delete+')); $aDisplayConfig['bulkdelete'] = array('label' => Dict::S('UI:UserManagement:Action:BulkDelete'), 'description' => Dict::S('UI:UserManagement:Action:BulkDelete+')); $aDisplayConfig['stimuli'] = array('label' => Dict::S('UI:UserManagement:Action:Stimuli'), 'description' => Dict::S('UI:UserManagement:Action:Stimuli+')); $oPage->table($aDisplayConfig, $aDisplayData); }
/** * Describe (as a text string) the modifications corresponding to this change */ public function GetDescription() { $sResult = ''; $oTargetObjectClass = $this->Get('objclass'); $oTargetObjectKey = $this->Get('objkey'); $oTargetSearch = new DBObjectSearch($oTargetObjectClass); $oTargetSearch->AddCondition('id', $oTargetObjectKey, '='); $oMonoObjectSet = new DBObjectSet($oTargetSearch); if (UserRights::IsActionAllowedOnAttribute($this->Get('objclass'), $this->Get('attcode'), UR_ACTION_READ, $oMonoObjectSet) == UR_ALLOWED_YES) { if (!MetaModel::IsValidAttCode($this->Get('objclass'), $this->Get('attcode'))) { return ''; } // Protects against renamed attributes... $oAttDef = MetaModel::GetAttributeDef($this->Get('objclass'), $this->Get('attcode')); $sAttName = $oAttDef->GetLabel(); $sLinkClass = $oAttDef->GetLinkedClass(); $aLinkClasses = MetaModel::EnumChildClasses($sLinkClass, ENUM_CHILD_CLASSES_ALL); // Search for changes on the corresponding link // $oSearch = new DBObjectSearch('CMDBChangeOpSetAttribute'); $oSearch->AddCondition('change', $this->Get('change'), '='); $oSearch->AddCondition('objkey', $this->Get('link_id'), '='); if (count($aLinkClasses) == 1) { // Faster than the whole building of the expression below for just one value ?? $oSearch->AddCondition('objclass', $sLinkClass, '='); } else { $oField = new FieldExpression('objclass', $oSearch->GetClassAlias()); $sListExpr = '(' . implode(', ', CMDBSource::Quote($aLinkClasses)) . ')'; $sOQLCondition = $oField->Render() . " IN {$sListExpr}"; $oNewCondition = Expression::FromOQL($sOQLCondition); $oSearch->AddConditionExpression($oNewCondition); } $oSet = new DBObjectSet($oSearch); $aChanges = array(); while ($oChangeOp = $oSet->Fetch()) { $aChanges[] = $oChangeOp->GetDescription(); } if (count($aChanges) == 0) { return ''; } $sItemDesc = MetaModel::GetHyperLink($this->Get('item_class'), $this->Get('item_id')); $sResult = $sAttName . ' - '; $sResult .= Dict::Format('Change:LinkSet:Modified', $sItemDesc); $sResult .= ' : ' . implode(', ', $aChanges); } return $sResult; }
public function DisplaySearchForm($sClass, $aAttList, $aExtraParams, $sPrefix, $bClosed = true) { $oUserOrg = $this->GetUserOrg(); $aFilterParams = array('org_id' => $oUserOrg->GetKey(), 'contact_id' => UserRights::GetContactId()); $sCSSClass = $bClosed ? 'DrawerClosed' : ''; $this->add("<div id=\"ds_{$sPrefix}\" class=\"SearchDrawer {$sCSSClass}\">\n"); $this->add_ready_script(<<<EOF \t\t\$("#dh_{$sPrefix}").click( function() { \t\t\$("#ds_{$sPrefix}").slideToggle('normal', function() { \$("#ds_{$sPrefix}").parent().resize(); } ); \t\t\$("#dh_{$sPrefix}").toggleClass('open'); \t}); EOF ); $this->add("<form id=\"search_{$sClass}\" action=\"\" method=\"post\">\n"); // Don't use $_SERVER['SCRIPT_NAME'] since the form may be called asynchronously (from ajax.php) // $this->add("<h2>".Dict::Format('UI:SearchFor_Class_Objects', 'xxxxxx')."</h2>\n"); $this->add("<p>\n"); foreach ($aAttList as $sAttSpec) { //$oAppContext->Reset($sAttSpec); // Make sure the same parameter will not be passed twice $this->DisplaySearchField($sClass, $sAttSpec, $aExtraParams, $sPrefix, null, $aFilterParams); } $this->add("</p>\n"); $this->add("<p align=\"right\"><input type=\"submit\" value=\"" . Dict::S('UI:Button:Search') . "\"></p>\n"); foreach ($aExtraParams as $sName => $sValue) { // Note: use DumpHiddenParams() to transmit arrays as hidden params if (is_scalar($sValue)) { $this->add("<input type=\"hidden\" name=\"{$sName}\" value=\"{$sValue}\" />\n"); } } // $this->add($oAppContext->GetForForm()); $this->add("</form>\n"); $this->add("</div>\n"); $this->add("<div class=\"HRDrawer\"></div>\n"); $this->add("<div id=\"dh_{$sPrefix}\" class=\"DrawerHandle\">" . Dict::S('UI:SearchToggle') . "</div>\n"); }
} $oP = new CLIPage(Dict::S("TitleSynchroExecution")); try { utils::UseParamFile(); } catch (Exception $e) { $oP->p("Error: " . $e->GetMessage()); $oP->output(); exit - 2; } // Next steps: // specific arguments: 'csvfile' // $sAuthUser = ReadMandatoryParam($oP, 'auth_user', 'raw_data'); $sAuthPwd = ReadMandatoryParam($oP, 'auth_pwd', 'raw_data'); if (UserRights::CheckCredentials($sAuthUser, $sAuthPwd)) { UserRights::Login($sAuthUser); // Login & set the user's language } else { $oP->p("Access restricted or wrong credentials ('{$sAuthUser}')"); $oP->output(); exit - 1; } $iStepCount = ReadMandatoryParam($oP, 'step_count'); $oP->p('Executing a partial synchro - step ' . $iStepCount); $iSource = ReadMandatoryParam($oP, 'source'); $iStatLog = ReadMandatoryParam($oP, 'log'); $iChange = ReadMandatoryParam($oP, 'change'); $sLastFullLoad = ReadMandatoryParam($oP, 'last_full_load', 'raw_data'); $iChunkSize = ReadMandatoryParam($oP, 'chunk'); $oP->p('Last full load: ' . $sLastFullLoad); $oP->p('Chunk size: ' . $iChunkSize);
protected function RenderTag($oPage, $sTag, $aAttributes, $sContent) { static $iTabContainerCount = 0; switch ($sTag) { case 'itoptabs': $oPage->AddTabContainer('Tabs_' . $iTabContainerCount); $oPage->SetCurrentTabContainer('Tabs_' . $iTabContainerCount); $iTabContainerCount++; //$oPage->p('Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>'); $oTemplate = new DisplayTemplate($sContent); $oTemplate->Render($oPage, array()); // no params to apply, they have already been applied $oPage->SetCurrentTabContainer(''); break; case 'itopcheck': $sClassName = $aAttributes['class']; if (MetaModel::IsValidClass($sClassName) && UserRights::IsActionAllowed($sClassName, UR_ACTION_READ)) { $oTemplate = new DisplayTemplate($sContent); $oTemplate->Render($oPage, array()); // no params to apply, they have already been applied } else { // Leave a trace for those who'd like to understand why nothing is displayed $oPage->add("<!-- class {$sClassName} does not exist, skipping some part of the template -->\n"); } break; case 'itoptab': $oPage->SetCurrentTab(Dict::S(str_replace('_', ' ', $aAttributes['name']))); $oTemplate = new DisplayTemplate($sContent); $oTemplate->Render($oPage, array()); // no params to apply, they have already been applied //$oPage->p('iTop Tab Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>'); $oPage->SetCurrentTab(''); break; case 'itoptoggle': $sName = isset($aAttributes['name']) ? $aAttributes['name'] : 'Tagada'; $bOpen = isset($aAttributes['open']) ? $aAttributes['open'] : true; $oPage->StartCollapsibleSection(Dict::S($sName), $bOpen); $oTemplate = new DisplayTemplate($sContent); $oTemplate->Render($oPage, array()); // no params to apply, they have already been applied //$oPage->p('iTop Tab Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>'); $oPage->EndCollapsibleSection(); break; case 'itopstring': $oPage->add(Dict::S($sContent)); break; case 'sqlblock': $oBlock = SqlBlock::FromTemplate($sContent); $oBlock->RenderContent($oPage); break; case 'itopblock': // No longer used, handled by DisplayBlock::FromTemplate see above $oPage->add("<!-- Application Error: should be handled by DisplayBlock::FromTemplate -->"); break; default: // Unknown tag, just ignore it or now -- output an HTML comment $oPage->add("<!-- unsupported tag: {$sTag} -->"); } }
protected function DoCheckToDelete(&$oDeletionPlan) { parent::DoCheckToDelete($oDeletionPlan); // Plugins // foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) { $aNewIssues = $oExtensionInstance->OnCheckToDelete($this); if (count($aNewIssues) > 0) { $this->m_aDeleteIssues = array_merge($this->m_aDeleteIssues, $aNewIssues); } } // User rights // $bDeleteAllowed = UserRights::IsActionAllowed(get_class($this), UR_ACTION_DELETE, DBObjectSet::FromObject($this)); if (!$bDeleteAllowed) { // Security issue $this->m_bSecurityIssue = true; $this->m_aDeleteIssues[] = Dict::S('UI:Delete:NotAllowedToDelete'); } }
protected static function HandleOperations($operation) { $sMessage = ''; // most of the operations never return, but some can return a message to be displayed if ($operation == 'logoff') { if (isset($_SESSION['login_mode'])) { $sLoginMode = $_SESSION['login_mode']; } else { $aAllowedLoginTypes = MetaModel::GetConfig()->GetAllowedLoginTypes(); if (count($aAllowedLoginTypes) > 0) { $sLoginMode = $aAllowedLoginTypes[0]; } else { $sLoginMode = 'form'; } } self::ResetSession(); $oPage = self::NewLoginWebPage(); $oPage->DisplayLoginForm($sLoginMode, false); $oPage->output(); exit; } else { if ($operation == 'forgot_pwd') { $oPage = self::NewLoginWebPage(); $oPage->DisplayForgotPwdForm(); $oPage->output(); exit; } else { if ($operation == 'forgot_pwd_go') { $oPage = self::NewLoginWebPage(); $oPage->ForgotPwdGo(); $oPage->output(); exit; } else { if ($operation == 'reset_pwd') { $oPage = self::NewLoginWebPage(); $oPage->DisplayResetPwdForm(); $oPage->output(); exit; } else { if ($operation == 'do_reset_pwd') { $oPage = self::NewLoginWebPage(); $oPage->DoResetPassword(); $oPage->output(); exit; } else { if ($operation == 'change_pwd') { $sAuthUser = $_SESSION['auth_user']; UserRights::Login($sAuthUser); // Set the user's language $oPage = self::NewLoginWebPage(); $oPage->DisplayChangePwdForm(); $oPage->output(); exit; } } } } } } if ($operation == 'do_change_pwd') { $sAuthUser = $_SESSION['auth_user']; UserRights::Login($sAuthUser); // Set the user's language $sOldPwd = utils::ReadPostedParam('old_pwd', '', false, 'raw_data'); $sNewPwd = utils::ReadPostedParam('new_pwd', '', false, 'raw_data'); if (UserRights::CanChangePassword() && (!UserRights::CheckCredentials($sAuthUser, $sOldPwd) || !UserRights::ChangePassword($sOldPwd, $sNewPwd))) { $oPage = self::NewLoginWebPage(); $oPage->DisplayChangePwdForm(true); // old pwd was wrong $oPage->output(); exit; } $sMessage = Dict::S('UI:Login:PasswordChanged'); } return $sMessage; }
/** * Helper to log a service delivery * * @param string sVerb * @param array aArgs * @param WebServiceResult oRes * */ protected function LogUsage($sVerb, $oRes) { if (!MetaModel::IsLogEnabledWebService()) { return; } $oLog = new EventWebService(); if ($oRes->IsOk()) { $oLog->Set('message', $sVerb . ' was successfully invoked'); } else { $oLog->Set('message', $sVerb . ' returned errors'); } $oLog->Set('userinfo', UserRights::GetUser()); $oLog->Set('verb', $sVerb); $oLog->Set('result', $oRes->IsOk()); $this->TrimAndSetValue($oLog, 'log_info', (string) $oRes->GetInfoAsText()); $this->TrimAndSetValue($oLog, 'log_warning', (string) $oRes->GetWarningsAsText()); $this->TrimAndSetValue($oLog, 'log_error', (string) $oRes->GetErrorsAsText()); $this->TrimAndSetValue($oLog, 'data', (string) $oRes->GetReturnedDataAsText()); $oLog->DBInsertNoReload(); }
protected static function GetUserPrefix() { $sPrefix = substr(UserRights::GetUser(), 0, 10); $sPrefix = preg_replace('/[^a-zA-Z0-9-_]/', '_', $sPrefix); return $sPrefix . '-'; }
public function PopulateChildMenus() { // Load user shortcuts in DB // $oBMSearch = new DBObjectSearch('Shortcut'); $oBMSearch->AddCondition('user_id', UserRights::GetUserId(), '='); $oBMSet = new DBObjectSet($oBMSearch, array('friendlyname' => true)); // ascending on friendlyname $fRank = 1; while ($oShortcut = $oBMSet->Fetch()) { $sName = $this->GetMenuId() . '_' . $oShortcut->GetKey(); $oShortcutMenu = new ShortcutMenuNode($sName, $oShortcut, $this->GetIndex(), $fRank++); } // Complete the tree // parent::PopulateChildMenus(); }
public function checkRight($rightName) { $result = UserRights::model()->findByPk(['user_id' => $this->id, 'right' => $rightName]); return !empty($result); }
public function MakeClassesSelect($sName, $sDefaultValue, $iWidthPx, $iActionCode = null) { // $aTopLevelClasses = array('bizService', 'bizContact', 'logInfra', 'bizDocument'); // These are classes wich root class is cmdbAbstractObject ! $this->add("<select id=\"select_{$sName}\" name=\"{$sName}\">"); $aValidClasses = array(); foreach (MetaModel::GetClasses('bizmodel') as $sClassName) { if (is_null($iActionCode) || UserRights::IsActionAllowed($sClassName, $iActionCode)) { $sSelected = $sClassName == $sDefaultValue ? " SELECTED" : ""; $sDescription = MetaModel::GetClassDescription($sClassName); $sDisplayName = MetaModel::GetName($sClassName); $aValidClasses[$sDisplayName] = "<option style=\"width: " . $iWidthPx . " px;\" title=\"{$sDescription}\" value=\"{$sClassName}\"{$sSelected}>{$sDisplayName}</option>"; } } ksort($aValidClasses); $this->add(implode("\n", $aValidClasses)); $this->add("</select>"); }
$oShortcut = MetaModel::GetObject('Shortcut', $iShortcut); $oShortcut->StartRenameDialog($oPage); break; case 'shortcut_rename_go': $iShortcut = utils::ReadParam('id', 0); $oShortcut = MetaModel::GetObject('Shortcut', $iShortcut); $sName = utils::ReadParam('attr_name', '', false, 'raw_data'); if (strlen($sName) > 0) { $oShortcut->Set('name', $sName); $oShortcut->DBUpdate(); $oPage->add_ready_script('window.location.reload();'); } break; case 'shortcut_delete_go': $oSearch = new DBObjectSearch('Shortcut'); $oSearch->AddCondition('user_id', UserRights::GetUserId(), '='); $aShortcuts = utils::ReadMultipleSelection($oSearch); foreach ($aShortcuts as $iShortcut) { $oShortcut = MetaModel::GetObject('Shortcut', $iShortcut); $oShortcut->DBDelete(); $oPage->add_ready_script('window.location.reload();'); } break; case 'export_dashboard': $sMenuId = utils::ReadParam('id', '', false, 'raw_data'); ApplicationMenu::LoadAdditionalMenus(); $index = ApplicationMenu::GetMenuIndexById($sMenuId); $oMenu = ApplicationMenu::GetMenuNode($index); if ($oMenu instanceof DashboardMenuNode) { $oDashboard = $oMenu->GetDashboard(); $oPage->TrashUnexpectedOutput();