function update_user_group($usrgrpid, $name, $users_status, $gui_access, $api_access, $debug_mode, $users = array(), $rights = array()) { global $USER_DETAILS; $sql = 'SELECT * ' . ' FROM usrgrp ' . ' WHERE name=' . zbx_dbstr($name) . ' AND usrgrpid<>' . $usrgrpid . ' AND ' . DBin_node('usrgrpid', get_current_nodeid(false)); if (DBfetch(DBselect($sql))) { error("Group '{$name}' already exists"); return 0; } $result = DBexecute('UPDATE usrgrp SET name=' . zbx_dbstr($name) . ' WHERE usrgrpid=' . $usrgrpid); if (!$result) { return $result; } // must come before adding user to group $result &= change_group_status($usrgrpid, $users_status); $result &= change_group_gui_access($usrgrpid, $gui_access); $result &= change_group_api_access($usrgrpid, $api_access); $result &= change_group_debug_mode($usrgrpid, $debug_mode); if (!$result) { return $result; } //------- $grant = true; if ($gui_access == GROUP_GUI_ACCESS_DISABLED || $users_status == GROUP_STATUS_DISABLED) { $grant = !uint_in_array($USER_DETAILS['userid'], $users); } if ($grant) { $result = DBexecute('DELETE FROM users_groups WHERE usrgrpid=' . $usrgrpid); foreach ($users as $userid => $name) { $result = add_user_to_group($userid, $usrgrpid); if (!$result) { return $result; } } } else { error(S_USER_CANNOT_DISABLE_ITSELF); return false; } $result = DBexecute('DELETE FROM rights WHERE groupid=' . $usrgrpid); foreach ($rights as $right) { $id = get_dbid('rights', 'rightid'); $result = DBexecute('INSERT INTO rights (rightid,groupid,permission,id)' . ' VALUES (' . $id . ',' . $usrgrpid . ',' . $right['permission'] . ',' . $right['id'] . ')'); if (!$result) { return $result; } } return $result; }
show_messages($go_result, S_GUI_ACCESS_UPDATED, S_CANNOT_UPDATE_GUI_ACCESS); } } else { if (str_in_array($_REQUEST['go'], array('enable_api', 'disable_api'))) { $groupids = get_request('group_groupid', get_request('usrgrpid')); zbx_value2array($groupids); $set_api_access = $_REQUEST['go'] == 'enable_api' ? GROUP_API_ACCESS_ENABLED : GROUP_API_ACCESS_DISABLED; $groups = array(); $sql = 'SELECT ug.usrgrpid, ug.name ' . ' FROM usrgrp ug ' . ' WHERE ' . DBin_node('ug.usrgrpid') . ' AND ' . DBcondition('ug.usrgrpid', $groupids); $res = DBselect($sql); while ($group = DBfetch($res)) { $groups[$group['usrgrpid']] = $group; } if (!empty($groups)) { DBstart(); $go_result = change_group_api_access($groupids, $set_api_access); $go_result = DBend($go_result); if ($go_result) { $audit_action = $set_api_access == GROUP_API_ACCESS_DISABLED ? AUDIT_ACTION_DISABLE : AUDIT_ACTION_ENABLE; foreach ($groups as $groupid => $group) { add_audit($audit_action, AUDIT_RESOURCE_USER_GROUP, 'API access for group name [' . $group['name'] . ']'); } } show_messages($go_result, S_API_ACCESS_UPDATED, S_CANNOT_UPDATE_API_ACCESS); } } else { if (str_in_array($_REQUEST['go'], array('enable_debug', 'disable_debug'))) { $groupids = get_request('group_groupid', get_request('usrgrpid')); zbx_value2array($groupids); $set_debug_mode = $_REQUEST['go'] == 'enable_debug' ? GROUP_DEBUG_MODE_ENABLED : GROUP_DEBUG_MODE_DISABLED; $groups = array();