/** * Show profile form * * @param $items_id integer id of the profile * @param $target value url of target * * @return nothing **/ function showForm($profiles_id = 0, $openform = TRUE, $closeform = TRUE) { echo "<div class='firstbloc'>"; if (($canedit = Session::haveRightsOr(self::$rightname, array(CREATE, UPDATE, PURGE))) && $openform) { $profile = new Profile(); echo "<form method='post' action='" . $profile->getFormURL() . "'>"; } $profile = new Profile(); $profile->getFromDB($profiles_id); $rights = array(array('itemtype' => 'PluginAddressingAddressing', 'label' => __('Generate reports', 'addressing'), 'field' => 'plugin_addressing')); $profile->displayRightsChoiceMatrix($rights, array('canedit' => $canedit, 'default_class' => 'tab_bg_2', 'title' => __('General'))); echo "<table class='tab_cadre_fixehov'>"; $effective_rights = ProfileRight::getProfileRights($profiles_id, array('plugin_addressing_use_ping_in_equipment')); echo "<tr class='tab_bg_2'>"; echo "<td width='20%'>" . __('Use ping on equipment form', 'addressing') . "</td>"; echo "<td colspan='5'>"; Html::showCheckbox(array('name' => '_plugin_addressing_use_ping_in_equipment[1_0]', 'checked' => $effective_rights['plugin_addressing_use_ping_in_equipment'])); echo "</td></tr>\n"; echo "</table>"; if ($canedit && $closeform) { echo "<div class='center'>"; echo Html::hidden('id', array('value' => $profiles_id)); echo Html::submit(_sx('button', 'Save'), array('name' => 'update')); echo "</div>\n"; Html::closeForm(); } echo "</div>"; }
static function createFirstAccess($ID) { $profileRight = new ProfileRight(); $currentRights = ProfileRight::getProfileRights($ID, array(self::RIGHT_SIMCARD_SIMCARD)); $firstAccessRights = array_merge($currentRights, array(self::RIGHT_SIMCARD_SIMCARD => ALLSTANDARDRIGHT + self::SIMCARD_ASSOCIATE_TICKET + READNOTE + UPDATENOTE)); $profileRight->updateProfileRights($ID, $firstAccessRights); //Add right to the current session $_SESSION['glpiactiveprofile'][self::RIGHT_SIMCARD_SIMCARD] = $firstAccessRights[self::RIGHT_SIMCARD_SIMCARD]; $_SESSION['glpiactiveprofile']['helpdesk_item_type'][] = 'PluginSimcardSimcard'; }
/** * @since 0.85 * Migration rights from old system to the new one for one profile * @param $profiles_id the profile ID */ static function migrateOneProfile($profiles_id) { global $DB; foreach ($DB->request('glpi_plugin_talk_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) { $matching = array('is_active' => 'plugin_talk_is_active'); $current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching)); foreach ($matching as $old => $new) { if (!isset($current_rights[$old])) { $query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'"; $DB->query($query); } } } }
public static function changeProfile() { $general_rights = self::getGeneralRights(); $type_rights = self::getTypesRights(); $db_rights = ProfileRight::getProfileRights($_SESSION['glpiactiveprofile']['id']); $rights = array_merge($general_rights, $type_rights); foreach ($rights as $right) { $str_right = $right['field']; if (preg_match("/plugin_genericobject_/", $str_right)) { unset($_SESSION['glpiactiveprofile'][$str_right]); if (!empty($db_rights) && isset($db_rights[$str_right])) { $_SESSION['glpiactiveprofile'][$str_right] = $db_rights[$str_right]; } } } }
function post_getFromDB() { $this->fields = array_merge($this->fields, ProfileRight::getProfileRights($this->getID())); }
/** * @param $report **/ static function showForReport($report) { global $DB; /* call from front/config.form.php * $report = "bar" (from reports) or "foo_bar" (other plugins) */ if (empty($report) || !Session::haveRight('profile', READ)) { return false; } $current = self::getAllProfilesRights(array("name = 'plugin_reports_{$report}'")); $canedit = Session::haveRight('profile', UPDATE); if ($canedit) { echo "<form action='" . $_SERVER['PHP_SELF'] . "' method='post'>\n"; } echo "<table class='tab_cadre'>\n"; echo "<tr><th colspan='2'>" . __('Profils rights', 'reports') . "</th></tr>\n"; $query = "SELECT `id`, `name`\n FROM `glpi_profiles`\n ORDER BY `name`"; foreach ($DB->request($query) as $data) { echo "<tr class='tab_bg_1'><td>" . $data['name'] . " : </td><td>"; $profrights = ProfileRight::getProfileRights($data['id'], array('statistic', 'reports')); $canstat = isset($profrights['statistic']) && $profrights['statistic']; $canreport = isset($profrights['reports']) && $profrights['reports']; if (isStat($report) && $canstat || !isStat($report) && $canreport) { Profile::dropdownNoneReadWrite($data['id'], isset($current[$data['id']]) ? $current[$data['id']] : 0, 1, 1, 0); } else { // Can't access because missing right from GLPI core // Profile::dropdownNoneReadWrite($mod,'',1,0,0); echo "<input type='hidden' name='" . $data['id'] . "' value='NULL'>" . __('No access') . " *"; } echo "</td></tr>\n"; } echo "<tr class='tab_bg_4'><td colspan='2'>* "; if (isStat($report)) { _e('No right on Assistance / Statistics', 'reports'); } else { _e('No right on Tools / Reports', 'reports'); } echo "</tr>"; if ($canedit) { echo "<tr class='tab_bg_1'><td colspan='2' class='center'>"; echo "<input type='hidden' name='report' value='{$report}'>"; echo "<input type='submit' name='update' value='" . _sx('button', 'Update') . "' " . "class='submit'>"; echo "</td></tr>\n"; echo "</table>\n"; Html::closeForm(); } else { echo "</table>\n"; } }
/** * @since 0.85 * Migration rights from old system to the new one for one profile * @param $profiles_id the profile ID */ static function migrateOneProfile($profiles_id) { global $DB; //Cannot launch migration if there's nothing to migrate... if (!TableExists('glpi_plugin_accounts_profiles')) { return true; } foreach ($DB->request('glpi_plugin_accounts_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) { $matching = array('accounts' => 'plugin_accounts', 'all_users' => 'plugin_accounts_see_all_users', 'my_groups' => 'plugin_accounts_my_groups', 'open_ticket' => 'plugin_accounts_open_ticket'); $current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching)); foreach ($matching as $old => $new) { if (!isset($current_rights[$old])) { $query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'"; $DB->query($query); } } } }
static function migrateOneProfile($profiles_id) { global $DB; //Cannot launch migration if there's nothing to migrate... if (!TableExists('glpi_plugin_order_profiles')) { return true; } foreach ($DB->request('glpi_plugin_order_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) { $matching = array('order' => 'plugin_order_order', 'bill' => 'plugin_order_bill', 'reference' => 'plugin_order_reference', 'validation' => 'plugin_order_validation', 'cancel' => 'plugin_order_cancel', 'undo_validation' => 'plugin_order_undo_validation', 'delivery' => 'plugin_order_delivery', 'generate_order_odt' => 'plugin_order_generate_order_odt', 'open_ticket' => 'plugin_order_open_ticket'); $current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching)); foreach ($matching as $old => $new) { if (!isset($current_rights[$old])) { $right = self::translateARight($profile_data[$old]); switch ($new) { case 'plugin_order_delivery': case 'plugin_order_validation': case 'plugin_order_cancel': case 'plugin_order_undo_validation': case 'plugin_order_generate_order_without_validation': case 'plugin_order_generate_order_odt': case 'plugin_order_open_ticket': $right = 0; if ($profile_data[$old] == 'w') { $right = 1; } break; } $query = "UPDATE `glpi_profilerights`\n SET `rights`='" . $right . "'\n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'"; $DB->query($query); } } } }
/** * @since 0.85 * Migration rights from old system to the new one for one profile * @param $profiles_id the profile ID */ static function migrateOneProfile($profiles_id) { global $DB; //Cannot launch migration if there's nothing to migrate... if (!TableExists('glpi_plugin_environment_profiles')) { return true; } foreach ($DB->request('glpi_plugin_environment_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) { $matching = array('environment' => 'plugin_environment', 'appliances' => 'plugin_environment_appliances', 'webapplications' => 'plugin_environment_webapplications', 'certificates' => 'plugin_environment_certificates', 'accounts' => 'plugin_environment_accounts', 'domains' => 'plugin_environment_domains', 'databases' => 'plugin_environment_databases', 'badges' => 'plugin_environment_badges'); $current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching)); foreach ($matching as $old => $new) { if (!isset($current_rights[$old])) { $query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'"; $DB->query($query); } } } }
/** * * * @since 1.3 **/ static function upgrade(Migration $migration) { global $DB; $table = getTableForItemType(__CLASS__); switch (plugin_simcard_currentVersion()) { case '1.3': $query = "SELECT * FROM `glpi_plugin_simcard_profiles`"; $result = $DB->query($query); while ($data = $DB->fetch_assoc($result)) { // Lire les droits dans le nouveau système d'ACLs GLPI 0.85 $current_rights = ProfileRight::getProfileRights($data['profiles_id'], array_values($matching)); $query = "INSERT INTO `glpi_profilerights`\n SET `rights`='" . self::translateARight($data[$old]) . "',\n\t\t\t `profiles_id`='" . $data['profiles_id'] . "',\n\t\t\t `name`='" . self::RIGHT_SIMCARD_SIMCARD . "'"; $DB->query($query) or die($DB->error()); } $query = "DROP TABLE `glpi_plugin_simcard_profiles`"; $DB->query($query) or die($DB->error()); } }
/** * @since 0.85 * Migration rights from old system to the new one for one profile * @param $profiles_id the profile ID */ static function migrateOneProfile($profiles_id) { global $DB; //Cannot launch migration if there's nothing to migrate... if (!TableExists('glpi_plugin_ocsinventoryng_profiles')) { return true; } foreach ($DB->request('glpi_plugin_ocsinventoryng_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) { $matching = array('ocsng' => 'plugin_ocsinventoryng', 'sync_ocsng' => 'plugin_ocsinventoryng_sync', 'view_ocsng' => 'plugin_ocsinventoryng_view', 'clean_ocsng' => 'plugin_ocsinventoryng_clean', 'rule_ocs' => 'plugin_ocsinventoryng_rule'); $current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching)); foreach ($matching as $old => $new) { if (!isset($current_rights[$old])) { $query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'"; $DB->query($query); } } } }
/** * @since 0.85 * Migration rights from old system to the new one for one profile * @param $profiles_id the profile ID */ static function migrateOneProfile($profiles_id) { global $DB; //Cannot launch migration if there's nothing to migrate... if (!TableExists('glpi_plugin_additionalalerts_profiles')) { return true; } foreach ($DB->request('glpi_plugin_additionalalerts_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) { $matching = array('manufacturersimports' => 'plugin_additionalalerts'); $current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching)); if (!isset($current_rights['plugin_additionalalerts'])) { $query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='plugin_additionalalerts' \n AND `profiles_id`='{$profiles_id}'"; $DB->query($query); } } }
/** * Check if rights for a profile still exists * @param profiles_id the profile ID * @param itemtype name of the type * @return true if exists, no if not */ public static function profileExists($profiles_id, $itemtype = false) { $profile = new Profile(); $profile->getFromDB($profiles_id); $rights = ProfileRight::getProfileRights($profiles_id); $itemtype_rightname = self::getProfileNameForItemtype($itemtype); if($itemtype) { _log( "get rights on itemtype ".$itemtype." for profile ".$profile->fields['name'], ':', isset($rights[$itemtype_rightname]) ? $rights[$itemtype_rightname] : "NONE" ); return (isset($rights[self::getProfileNameForItemtype($itemtype)])); } return true; ///return (countElementsInTable(getTableForItemType(__CLASS__),$condition) >0?true:false); }
/** * Check if rights for a profile still exists * @param profiles_id the profile ID * @param itemtype name of the type * @return true if exists, no if not */ public static function profileExists($profiles_id, $itemtype = false) { $profile = new Profile(); $profile->getFromDB($profiles_id); $rights = ProfileRight::getProfileRights($profiles_id); $itemtype_rightname = self::getProfileNameForItemtype($itemtype); if ($itemtype) { _log("get rights on itemtype " . $itemtype . " for profile " . $profile->fields['name'], ':', isset($rights[$itemtype_rightname]) ? $rights[$itemtype_rightname] : "NONE"); return isset($rights[self::getProfileNameForItemtype($itemtype)]); } return true; }