$result = DBselect('SELECT ug.usrgrpid, ug.name, ug.users_status, ug.gui_access ' . ' FROM usrgrp ug' . ' WHERE ' . DBin_node('ug.usrgrpid') . order_by('ug.name')); while ($row = DBfetch($result)) { $users = array(); $users_id = array(); $db_users = DBselect('SELECT DISTINCT u.alias,u.userid ' . ' FROM users u,users_groups ug ' . ' WHERE u.userid=ug.userid ' . ' AND ug.usrgrpid=' . $row['usrgrpid'] . ' ORDER BY u.alias'); while ($db_user = DBfetch($db_users)) { if (!empty($users)) { $users[$db_user['userid']][] = ', '; } else { $users[$db_user['userid']] = array(); } $users[$db_user['userid']][] = new Clink($db_user['alias'], 'users.php?form=update&config=0&userid=' . $db_user['userid'] . '#form'); } $gui_access = user_auth_type2str($row['gui_access']); $users_status = $row['users_status'] == GROUP_STATUS_ENABLED ? S_ENABLED : S_DISABLED; if (granted2update_group($row['usrgrpid'])) { $next_gui_auth = $row['gui_access'] + 1 > GROUP_GUI_ACCESS_DISABLED ? GROUP_GUI_ACCESS_SYSTEM : $row['gui_access'] + 1; $gui_access = new CLink($gui_access, 'users.php?form=update' . '&set_gui_access=' . $next_gui_auth . '&usrgrpid=' . $row['usrgrpid'] . url_param('config'), $row['gui_access'] == GROUP_GUI_ACCESS_DISABLED ? 'orange' : 'enabled'); $users_status = new CLink($users_status, 'users.php?form=update' . '&set_users_status=' . ($row['users_status'] == GROUP_STATUS_ENABLED ? GROUP_STATUS_DISABLED : GROUP_STATUS_ENABLED) . '&usrgrpid=' . $row['usrgrpid'] . url_param('config'), $row['users_status'] == GROUP_STATUS_ENABLED ? 'enabled' : 'disabled'); } else { $gui_access = new CSpan($gui_access, $row['gui_access'] == GROUP_GUI_ACCESS_DISABLED ? 'orange' : 'green'); $users_status = new CSpan($users_status, $row['users_status'] == GROUP_STATUS_ENABLED ? 'green' : 'red'); } $table->addRow(array($users_status, $gui_access, array(new CCheckBox('group_groupid[' . $row['usrgrpid'] . ']', NULL, NULL, $row['usrgrpid']), $alias = new CLink($row['name'], 'users.php?form=update' . url_param('config') . '&usrgrpid=' . $row['usrgrpid'] . '#form', 'action')), new CCol($users, 'wraptext'))); $row_count++; } $table->SetFooter(new CCol(new CButtonQMessage('delete_selected', S_DELETE_SELECTED, S_DELETE_SELECTED_GROUPS_Q))); $form->AddItem($table); $form->Show(); } }
function change_group_gui_access($usrgrpids, $gui_access) { zbx_value2array($usrgrpids); $res = false; $grant = true; if ($gui_access == GROUP_GUI_ACCESS_DISABLED) { $grant = granted2update_group($usrgrpids); } if ($grant) { $res = DBexecute('UPDATE usrgrp SET gui_access=' . $gui_access . ' WHERE ' . DBcondition('usrgrpid', $usrgrpids)); } else { error(S_USER_CANNOT_CHANGE_GUI_ACCESS); } return $res; }
$nameTextBox->attr('autofocus', 'autofocus'); $userGroupFormList->addRow(_('Group name'), $nameTextBox); // append groups to form list $groupsComboBox = new CComboBox('selusrgrp', $this->data['selected_usrgrp'], 'submit()'); $groupsComboBox->addItem(0, _('All')); foreach ($this->data['usergroups'] as $group) { $groupsComboBox->addItem($group['usrgrpid'], $group['name']); } // append user tweenbox to form list $usersTweenBox = new CTweenBox($userGroupForm, 'group_users', $this->data['group_users'], 10); foreach ($this->data['users'] as $user) { $usersTweenBox->addItem($user['userid'], getUserFullname($user)); } $userGroupFormList->addRow(_('Users'), $usersTweenBox->get(_('In group'), array(_('Other groups'), SPACE, $groupsComboBox))); // append frontend and user status to from list $isGranted = isset($data['usrgrpid']) ? granted2update_group($data['usrgrpid']) : true; if ($isGranted) { $frontendComboBox = new CComboBox('gui_access', $this->data['gui_access']); $frontendComboBox->addItem(GROUP_GUI_ACCESS_SYSTEM, user_auth_type2str(GROUP_GUI_ACCESS_SYSTEM)); $frontendComboBox->addItem(GROUP_GUI_ACCESS_INTERNAL, user_auth_type2str(GROUP_GUI_ACCESS_INTERNAL)); $frontendComboBox->addItem(GROUP_GUI_ACCESS_DISABLED, user_auth_type2str(GROUP_GUI_ACCESS_DISABLED)); $userGroupFormList->addRow(_('Frontend access'), $frontendComboBox); $userGroupFormList->addRow(_('Enabled'), new CCheckBox('users_status', $this->data['users_status'] ? isset($data['usrgrpid']) ? 0 : 1 : 1, null, 1)); // invert user status 0 - enable, 1 - disable } else { $userGroupForm->addVar('gui_access', $this->data['gui_access']); $userGroupForm->addVar('users_status', GROUP_STATUS_ENABLED); $userGroupFormList->addRow(_('Frontend access'), new CSpan(user_auth_type2str($this->data['gui_access']), 'text-field green')); $userGroupFormList->addRow(_('Enabled'), new CSpan(_('Enabled'), 'text-field green')); } $userGroupFormList->addRow(_('Debug mode'), new CCheckBox('debug_mode', $this->data['debug_mode'], null, 1));
function change_group_gui_access($usrgrpid, $gui_access) { $res = false; if ($gui_access == GROUP_GUI_ACCESS_DISABLED && !granted2update_group($usrgrpid)) { error(S_USER_CANNOT_CHANGE_GUI_ACCESS); return false; } $res = DBexecute('UPDATE usrgrp SET gui_access=' . $gui_access . ' WHERE usrgrpid=' . $usrgrpid); return $res; }
/** * Change gui access for group. * * @param array $userGroupIds * @param int $guiAccess * * @return bool */ function change_group_gui_access($userGroupIds, $guiAccess) { zbx_value2array($userGroupIds); $grant = $guiAccess == GROUP_GUI_ACCESS_DISABLED ? granted2update_group($userGroupIds) : true; if ($grant) { return DBexecute('UPDATE usrgrp SET gui_access=' . zbx_dbstr($guiAccess) . ' WHERE ' . dbConditionInt('usrgrpid', $userGroupIds)); } else { error(_('User cannot change GUI access for himself.')); } return false; }
// create user group table $userGroupTable = new CTableInfo(_('No user groups found.')); $userGroupTable->setHeader(array(new CCheckBox('all_groups', null, "checkAll('" . $userGroupsForm->getName() . "','all_groups','group_groupid');"), $this->data['displayNodes'] ? _('Node') : null, make_sorting_header(_('Name'), 'name'), '#', _('Members'), _('Status'), _('Frontend access'), _('Debug mode'))); foreach ($this->data['usergroups'] as $usrgrp) { $userGroupId = $usrgrp['usrgrpid']; $debugMode = $usrgrp['debug_mode'] == GROUP_DEBUG_MODE_ENABLED ? new CLink(_('Enabled'), 'usergrps.php?go=disable_debug&usrgrpid=' . $userGroupId, 'orange') : new CLink(_('Disabled'), 'usergrps.php?go=enable_debug&usrgrpid=' . $userGroupId, 'enabled'); // gui access $guiAccess = user_auth_type2str($usrgrp['gui_access']); $guiAccessStyle = 'enabled'; if ($usrgrp['gui_access'] == GROUP_GUI_ACCESS_INTERNAL) { $guiAccessStyle = 'orange'; } if ($usrgrp['gui_access'] == GROUP_GUI_ACCESS_DISABLED) { $guiAccessStyle = 'disabled'; } if (granted2update_group($userGroupId)) { $nextGuiAuth = $usrgrp['gui_access'] + 1 > GROUP_GUI_ACCESS_DISABLED ? GROUP_GUI_ACCESS_SYSTEM : $usrgrp['gui_access'] + 1; $guiAccess = new CLink($guiAccess, 'usergrps.php?go=set_gui_access&set_gui_access=' . $nextGuiAuth . '&usrgrpid=' . $userGroupId, $guiAccessStyle); $usersStatus = $usrgrp['users_status'] == GROUP_STATUS_ENABLED ? new CLink(_('Enabled'), 'usergrps.php?go=disable_status&usrgrpid=' . $userGroupId, 'enabled') : new CLink(_('Disabled'), 'usergrps.php?go=enable_status&usrgrpid=' . $userGroupId, 'disabled'); } else { $guiAccess = new CSpan($guiAccess, $guiAccessStyle); $usersStatus = $usrgrp['users_status'] == GROUP_STATUS_ENABLED ? new CSpan(_('Enabled'), 'enabled') : new CSpan(_('Disabled'), 'disabled'); } if (isset($usrgrp['users'])) { $userGroupUsers = $usrgrp['users']; order_result($userGroupUsers, 'alias'); $users = array(); foreach ($userGroupUsers as $user) { $userTypeStyle = 'enabled'; if ($user['type'] == USER_TYPE_ZABBIX_ADMIN) { $userTypeStyle = 'orange';
function insert_usergroups_form() { global $USER_DETAILS; $config = select_config(); $frm_title = S_USER_GROUP; if (isset($_REQUEST["usrgrpid"])) { $usrgrp = get_group_by_usrgrpid($_REQUEST["usrgrpid"]); $frm_title = S_USER_GROUP . ' "' . $usrgrp['name'] . '"'; } if (isset($_REQUEST["usrgrpid"]) && !isset($_REQUEST["form_refresh"])) { $name = $usrgrp['name']; $users_status = $usrgrp['users_status']; $gui_access = $usrgrp['gui_access']; $group_users = array(); $sql = 'SELECT DISTINCT u.userid ' . ' FROM users u,users_groups ug ' . ' WHERE u.userid=ug.userid ' . ' AND ug.usrgrpid=' . $_REQUEST['usrgrpid']; $db_users = DBselect($sql); while ($db_user = DBfetch($db_users)) { $group_users[$db_user["userid"]] = $db_user["userid"]; } $group_rights = array(); $sql = 'SELECT r.*, n.name as node_name, g.name as name ' . ' FROM groups g ' . ' LEFT JOIN rights r on r.id=g.groupid ' . ' LEFT JOIN nodes n on n.nodeid=' . DBid2nodeid('g.groupid') . ' WHERE r.groupid=' . $_REQUEST["usrgrpid"]; $db_rights = DBselect($sql); while ($db_right = DBfetch($db_rights)) { if (isset($db_right['node_name'])) { $db_right['name'] = $db_right['node_name'] . ':' . $db_right['name']; } $group_rights[$db_right['name']] = array('permission' => $db_right['permission'], 'id' => $db_right['id']); } } else { $name = get_request('gname', ''); $users_status = get_request('users_status', GROUP_STATUS_ENABLED); $gui_access = get_request('gui_access', GROUP_GUI_ACCESS_SYSTEM); $group_users = get_request("group_users", array()); $group_rights = get_request("group_rights", array()); } $perm_details = get_request('perm_details', 0); ksort($group_rights); $frmUserG = new CFormTable($frm_title, 'users.php'); $frmUserG->SetHelp('web.users.groups.php'); $frmUserG->addVar('config', get_request('config', 1)); if (isset($_REQUEST['usrgrpid'])) { $frmUserG->addVar('usrgrpid', $_REQUEST['usrgrpid']); } $grName = new CTextBox('gname', $name, 49); $grName->options['style'] = 'width: 280px'; $frmUserG->addRow(S_GROUP_NAME, $grName); $frmUserG->addVar('group_rights', $group_rights); ///////////////// // create table header + $selusrgrp = get_request('selusrgrp', 0); $cmbGroups = new CComboBox('selusrgrp', $selusrgrp, 'submit()'); $cmbGroups->addItem(0, S_ALL_S); $sql = 'SELECT usrgrpid, name FROM usrgrp WHERE ' . DBin_node('usrgrpid') . ' ORDER BY name'; $result = DBselect($sql); while ($row = DBfetch($result)) { $cmbGroups->addItem($row['usrgrpid'], $row['name']); } // - // create user twinbox + $user_tb = new CTweenBox($frmUserG, 'group_users', $group_users, 10); $sql_from = ''; $sql_where = ''; if ($selusrgrp > 0) { $sql_from = ', users_groups g '; $sql_where = ' AND u.userid=g.userid AND g.usrgrpid=' . $selusrgrp; } $sql = 'SELECT DISTINCT u.userid, u.alias ' . ' FROM users u ' . $sql_from . ' WHERE ' . DBcondition('u.userid', $group_users) . ' OR (' . DBin_node('u.userid') . $sql_where . ' ) ORDER BY u.alias'; $result = DBselect($sql); while ($row = DBfetch($result)) { $user_tb->addItem($row['userid'], $row['alias']); } $frmUserG->addRow(S_USERS, $user_tb->get(S_IN . SPACE . S_GROUP, array(S_OTHER . SPACE . S_GROUPS . SPACE . '|' . SPACE, $cmbGroups))); // - ///////////////// /* $lstUsers = new CListBox('group_users_to_del[]'); $lstUsers->options['style'] = 'width: 280px'; foreach($group_users as $userid => $alias){ $lstUsers->addItem($userid, $alias); } $frmUserG->addRow(S_USERS, array( $lstUsers, BR(), new CButton('add_user',S_ADD, "return PopUp('popup_users.php?dstfrm=".$frmUserG->GetName(). "&list_name=group_users_to_del[]&var_name=group_users',600,300);"), (count($group_users) > 0) ? new CButton('del_group_user',S_DELETE_SELECTED) : null )); */ ///////////////// $granted = true; if (isset($_REQUEST['usrgrpid'])) { $granted = granted2update_group($_REQUEST['usrgrpid']); } if ($granted) { $cmbGUI = new CComboBox('gui_access', $gui_access); $cmbGUI->addItem(GROUP_GUI_ACCESS_SYSTEM, user_auth_type2str(GROUP_GUI_ACCESS_SYSTEM)); $cmbGUI->addItem(GROUP_GUI_ACCESS_INTERNAL, user_auth_type2str(GROUP_GUI_ACCESS_INTERNAL)); $cmbGUI->addItem(GROUP_GUI_ACCESS_DISABLED, user_auth_type2str(GROUP_GUI_ACCESS_DISABLED)); $frmUserG->addRow(S_GUI_ACCESS, $cmbGUI); $cmbStat = new CComboBox('users_status', $users_status); $cmbStat->addItem(GROUP_STATUS_ENABLED, S_ENABLED); $cmbStat->addItem(GROUP_STATUS_DISABLED, S_DISABLED); $frmUserG->addRow(S_USERS_STATUS, $cmbStat); } else { $frmUserG->addVar('gui_access', $gui_access); $frmUserG->addRow(S_GUI_ACCESS, new CSpan(user_auth_type2str($gui_access), 'green')); $frmUserG->addVar('users_status', GROUP_STATUS_ENABLED); $frmUserG->addRow(S_USERS_STATUS, new CSpan(S_ENABLED, 'green')); } $table_Rights = new CTable(S_NO_RIGHTS_DEFINED, 'right_table'); $lstWrite = new CListBox('right_to_del[read_write][]', null, 20); $lstRead = new CListBox('right_to_del[read_only][]', null, 20); $lstDeny = new CListBox('right_to_del[deny][]', null, 20); foreach ($group_rights as $name => $element_data) { if ($element_data['permission'] == PERM_DENY) { $lstDeny->addItem($name, $name); } else { if ($element_data['permission'] == PERM_READ_ONLY) { $lstRead->addItem($name, $name); } else { if ($element_data['permission'] == PERM_READ_WRITE) { $lstWrite->addItem($name, $name); } } } } $table_Rights->SetHeader(array(S_READ_WRITE, S_READ_ONLY, S_DENY), 'header'); $table_Rights->addRow(array(new CCol($lstWrite, 'read_write'), new CCol($lstRead, 'read_only'), new CCol($lstDeny, 'deny'))); $table_Rights->addRow(array(array(new CButton('add_read_write', S_ADD, "return PopUp('popup_right.php?dstfrm=" . $frmUserG->GetName() . "&permission=" . PERM_READ_WRITE . "',450,450);"), new CButton('del_read_write', S_DELETE_SELECTED)), array(new CButton('add_read_only', S_ADD, "return PopUp('popup_right.php?dstfrm=" . $frmUserG->GetName() . "&permission=" . PERM_READ_ONLY . "',450,450);"), new CButton('del_read_only', S_DELETE_SELECTED)), array(new CButton('add_deny', S_ADD, "return PopUp('popup_right.php?dstfrm=" . $frmUserG->GetName() . "&permission=" . PERM_DENY . "',450,450);"), new CButton('del_deny', S_DELETE_SELECTED)))); $frmUserG->addRow(S_RIGHTS, $table_Rights); $frmUserG->addVar('perm_details', $perm_details); $link = new CLink($perm_details ? S_HIDE : S_SHOW, '#', 'action'); $link->OnClick("return create_var('" . $frmUserG->GetName() . "','perm_details'," . ($perm_details ? 0 : 1) . ", true);"); $resources_list = array(S_RIGHTS_OF_RESOURCES, SPACE . '(', $link, ')'); $frmUserG->addSpanRow($resources_list, 'right_header'); if ($perm_details) { $frmUserG->addSpanRow(get_rights_of_elements_table($group_rights)); } $frmUserG->addItemToBottomRow(new CButton("save", S_SAVE)); if (isset($_REQUEST["usrgrpid"])) { $frmUserG->addItemToBottomRow(SPACE); $frmUserG->addItemToBottomRow(new CButtonDelete("Delete selected group?", url_param("form") . url_param("config") . url_param("usrgrpid"))); } $frmUserG->addItemToBottomRow(SPACE); $frmUserG->addItemToBottomRow(new CButtonCancel(url_param("config"))); $frmUserG->Show(); }
// create user group table $userGroupTable = new CTableInfo(_('No user groups defined.')); $userGroupTable->setHeader(array(new CCheckBox('all_groups', null, "checkAll('" . $userGroupsForm->getName() . "','all_groups','group_groupid');"), make_sorting_header(_('Name'), 'name'), '#', _('Members'), _('Status'), _('Frontend access'), _('Debug mode'))); foreach ($this->data['usergroups'] as $usrgrp) { $usrgrpid = $usrgrp['usrgrpid']; $debug_mode = $usrgrp['debug_mode'] == GROUP_DEBUG_MODE_ENABLED ? new CLink(_('Enabled'), 'usergrps.php?go=disable_debug&usrgrpid=' . $usrgrpid, 'orange') : new CLink(_('Disabled'), 'usergrps.php?go=enable_debug&usrgrpid=' . $usrgrpid, 'enabled'); // gui access $gui_access = user_auth_type2str($usrgrp['gui_access']); $gui_access_style = 'enabled'; if ($usrgrp['gui_access'] == GROUP_GUI_ACCESS_INTERNAL) { $gui_access_style = 'orange'; } if ($usrgrp['gui_access'] == GROUP_GUI_ACCESS_DISABLED) { $gui_access_style = 'disabled'; } if (granted2update_group($usrgrpid)) { $next_gui_auth = $usrgrp['gui_access'] + 1 > GROUP_GUI_ACCESS_DISABLED ? GROUP_GUI_ACCESS_SYSTEM : $usrgrp['gui_access'] + 1; $gui_access = new CLink($gui_access, 'usergrps.php?go=set_gui_access&set_gui_access=' . $next_gui_auth . '&usrgrpid=' . $usrgrpid, $gui_access_style); $users_status = $usrgrp['users_status'] == GROUP_STATUS_ENABLED ? new CLink(_('Enabled'), 'usergrps.php?go=disable_status&usrgrpid=' . $usrgrpid, 'enabled') : new CLink(_('Disabled'), 'usergrps.php?go=enable_status&usrgrpid=' . $usrgrpid, 'disabled'); } else { $gui_access = new CSpan($gui_access, $gui_access_style); $users_status = $usrgrp['users_status'] == GROUP_STATUS_ENABLED ? new CSpan(_('Enabled'), 'enabled') : new CSpan(_('Disabled'), 'disabled'); } if (isset($usrgrp['users'])) { $usrgrpusers = $usrgrp['users']; order_result($usrgrpusers, 'alias'); $users = array(); foreach ($usrgrpusers as $user) { $user_type_style = 'enabled'; if ($user['type'] == USER_TYPE_ZABBIX_ADMIN) { $user_type_style = 'orange';
$nameTextBox->attr('autofocus', 'autofocus'); $userGroupFormList->addRow(_('Group name'), $nameTextBox); // append groups to form list $groupsComboBox = new CComboBox('selusrgrp', $this->data['selected_usrgrp'], 'submit()'); $groupsComboBox->addItem(0, _('All')); foreach ($this->data['usergroups'] as $group) { $groupsComboBox->addItem($group['usrgrpid'], $group['name']); } // append user tweenbox to form list $usersTweenBox = new CTweenBox($userGroupForm, 'group_users', $this->data['group_users'], 10); foreach ($this->data['users'] as $user) { $usersTweenBox->addItem($user['userid'], getUserFullname($user)); } $userGroupFormList->addRow(_('Users'), $usersTweenBox->get(_('In group'), array(_('Other groups'), SPACE, $groupsComboBox))); // append frontend and user status to from list $isGranted = isset($_REQUEST['usrgrpid']) ? granted2update_group($_REQUEST['usrgrpid']) : true; if ($isGranted) { $frontendComboBox = new CComboBox('gui_access', $this->data['gui_access']); $frontendComboBox->addItem(GROUP_GUI_ACCESS_SYSTEM, user_auth_type2str(GROUP_GUI_ACCESS_SYSTEM)); $frontendComboBox->addItem(GROUP_GUI_ACCESS_INTERNAL, user_auth_type2str(GROUP_GUI_ACCESS_INTERNAL)); $frontendComboBox->addItem(GROUP_GUI_ACCESS_DISABLED, user_auth_type2str(GROUP_GUI_ACCESS_DISABLED)); $userGroupFormList->addRow(_('Frontend access'), $frontendComboBox); $userGroupFormList->addRow(_('Enabled'), new CCheckBox('users_status', $this->data['users_status'] ? !isset($_REQUEST['usrgrpid']) ? 1 : 0 : 1, null, 1)); // invert user status 0 - enable, 1 - disable } else { $userGroupForm->addVar('gui_access', $this->data['gui_access']); $userGroupForm->addVar('users_status', GROUP_STATUS_ENABLED); $userGroupFormList->addRow(_('Frontend access'), new CSpan(user_auth_type2str($this->data['gui_access']), 'text-field green')); $userGroupFormList->addRow(_('Enabled'), new CSpan(_('Enabled'), 'text-field green')); } $userGroupFormList->addRow(_('Debug mode'), new CCheckBox('debug_mode', $this->data['debug_mode'], null, 1));