function update_user_group($usrgrpid, $name, $users_status, $gui_access, $api_access, $debug_mode, $users = array(), $rights = array()) { global $USER_DETAILS; $sql = 'SELECT * ' . ' FROM usrgrp ' . ' WHERE name=' . zbx_dbstr($name) . ' AND usrgrpid<>' . $usrgrpid . ' AND ' . DBin_node('usrgrpid', get_current_nodeid(false)); if (DBfetch(DBselect($sql))) { error("Group '{$name}' already exists"); return 0; } $result = DBexecute('UPDATE usrgrp SET name=' . zbx_dbstr($name) . ' WHERE usrgrpid=' . $usrgrpid); if (!$result) { return $result; } // must come before adding user to group $result &= change_group_status($usrgrpid, $users_status); $result &= change_group_gui_access($usrgrpid, $gui_access); $result &= change_group_api_access($usrgrpid, $api_access); $result &= change_group_debug_mode($usrgrpid, $debug_mode); if (!$result) { return $result; } //------- $grant = true; if ($gui_access == GROUP_GUI_ACCESS_DISABLED || $users_status == GROUP_STATUS_DISABLED) { $grant = !uint_in_array($USER_DETAILS['userid'], $users); } if ($grant) { $result = DBexecute('DELETE FROM users_groups WHERE usrgrpid=' . $usrgrpid); foreach ($users as $userid => $name) { $result = add_user_to_group($userid, $usrgrpid); if (!$result) { return $result; } } } else { error(S_USER_CANNOT_DISABLE_ITSELF); return false; } $result = DBexecute('DELETE FROM rights WHERE groupid=' . $usrgrpid); foreach ($rights as $right) { $id = get_dbid('rights', 'rightid'); $result = DBexecute('INSERT INTO rights (rightid,groupid,permission,id)' . ' VALUES (' . $id . ',' . $usrgrpid . ',' . $right['permission'] . ',' . $right['id'] . ')'); if (!$result) { return $result; } } return $result; }
} $goResult = DBend($goResult); show_messages($goResult, _('Group deleted'), _('Cannot delete group')); clearCookies($goResult); } } elseif ($_REQUEST['go'] == 'set_gui_access') { $groupIds = get_request('group_groupid', get_request('usrgrpid')); zbx_value2array($groupIds); $groups = array(); $dbGroups = DBselect('SELECT ug.usrgrpid,ug.name' . ' FROM usrgrp ug' . ' WHERE ' . dbConditionInt('ug.usrgrpid', $groupIds) . andDbNode('ug.usrgrpid')); while ($group = DBfetch($dbGroups)) { $groups[$group['usrgrpid']] = $group; } if ($groups) { DBstart(); $goResult = change_group_gui_access($groupIds, $_REQUEST['set_gui_access']); if ($goResult) { $auditAction = $_REQUEST['set_gui_access'] == GROUP_GUI_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_ENABLE; foreach ($groups as $groupId => $group) { add_audit($auditAction, AUDIT_RESOURCE_USER_GROUP, 'GUI access for group name [' . $group['name'] . ']'); } } $goResult = DBend($goResult); show_messages($goResult, _('Frontend access updated'), _('Cannot update frontend access')); clearCookies($goResult); } } elseif (str_in_array($_REQUEST['go'], array('enable_debug', 'disable_debug'))) { $groupIds = get_request('group_groupid', get_request('usrgrpid')); zbx_value2array($groupIds); $setDebugMode = $_REQUEST['go'] == 'enable_debug' ? GROUP_DEBUG_MODE_ENABLED : GROUP_DEBUG_MODE_DISABLED; $groups = array();
} else { if (isset($_REQUEST['delete'])) { $group = get_group_by_usrgrpid($_REQUEST['usrgrpid']); DBstart(); $result = delete_user_group($_REQUEST['usrgrpid']); $result = DBend($result); show_messages($result, S_GROUP_DELETED, S_CANNOT_DELETE_GROUP); if ($result) { add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER_GROUP, 'Group name [' . $group['name'] . ']'); unset($_REQUEST['usrgrpid']); unset($_REQUEST['form']); } } else { if (isset($_REQUEST['set_gui_access']) && isset($_REQUEST['usrgrpid'])) { $group = get_group_by_usrgrpid($_REQUEST['usrgrpid']); $result = change_group_gui_access($_REQUEST['usrgrpid'], $_REQUEST['set_gui_access']); show_messages($result, S_GROUP . ' "' . $group['name'] . '" ' . S_GUI_ACCESS_UPDATED, S_CANNOT_UPDATE_GUI_ACCESS); if ($result) { $audit_action = $_REQUEST['set_gui_access'] == GROUP_GUI_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_UPDATE; add_audit($audit_action, AUDIT_RESOURCE_USER_GROUP, 'GUI access for group name [' . $group['name'] . ']'); unset($_REQUEST['usrgrpid']); } unset($_REQUEST['form']); } else { if (isset($_REQUEST['set_users_status']) && isset($_REQUEST['usrgrpid'])) { $group = get_group_by_usrgrpid($_REQUEST['usrgrpid']); $result = change_group_status($_REQUEST['usrgrpid'], $_REQUEST['set_users_status']); $status_msg1 = $_REQUEST['set_users_status'] == GROUP_STATUS_ENABLED ? S_ENABLED : S_DISABLED; $status_msg2 = $_REQUEST['set_users_status'] == GROUP_STATUS_ENABLED ? S_ENABLE : S_DISABLE; show_messages($result, S_GROUP . SPACE . '"' . $group['name'] . '"' . SPACE . $status_msg1, S_CANNOT . SPACE . $status_msg2 . SPACE . S_GROUP); if ($result) {
if ($result) { uncheckTableRows(); } show_messages($result, _('Group deleted'), _('Cannot delete group')); } } elseif (hasRequest('action') && getRequest('action') == 'usergroup.set_gui_access') { $groupIds = getRequest('group_groupid', getRequest('usrgrpid')); zbx_value2array($groupIds); $groups = []; $dbGroups = DBselect('SELECT ug.usrgrpid,ug.name' . ' FROM usrgrp ug' . ' WHERE ' . dbConditionInt('ug.usrgrpid', $groupIds)); while ($group = DBfetch($dbGroups)) { $groups[$group['usrgrpid']] = $group; } if ($groups) { DBstart(); $result = change_group_gui_access($groupIds, getRequest('set_gui_access')); if ($result) { $auditAction = getRequest('set_gui_access') == GROUP_GUI_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_ENABLE; foreach ($groups as $groupId => $group) { add_audit($auditAction, AUDIT_RESOURCE_USER_GROUP, 'GUI access for group name [' . $group['name'] . ']'); } } $result = DBend($result); if ($result) { uncheckTableRows(); } show_messages($result, _('Frontend access updated'), _('Cannot update frontend access')); } } elseif (hasRequest('action') && str_in_array(getRequest('action'), ['usergroup.massenabledebug', 'usergroup.massdisabledebug'])) { $groupIds = getRequest('group_groupid', getRequest('usrgrpid')); zbx_value2array($groupIds);