Пример #1
0
 /**
  * @see CommonDBTM::doSpecificMassiveActions()
  **/
 function doSpecificMassiveActions($input = array())
 {
     $res = array('ok' => 0, 'ko' => 0, 'noright' => 0);
     switch ($input['action']) {
         case "add_user_group":
             $gu = new Group_User();
             return $gu->doSpecificMassiveActions($input);
         case "force_user_ldap_update":
             if (Session::haveRight("user", "w")) {
                 $ids = array();
                 foreach ($input["item"] as $key => $val) {
                     if ($val == 1) {
                         if ($this->getFromDB($key)) {
                             if ($this->fields["authtype"] == Auth::LDAP || $this->fields["authtype"] == Auth::EXTERNAL) {
                                 if (AuthLdap::ldapImportUserByServerId(array('method' => AuthLDAP::IDENTIFIER_LOGIN, 'value' => $this->fields["name"]), 1, $this->fields["auths_id"])) {
                                     $res['ok']++;
                                 } else {
                                     $res['ko']++;
                                 }
                             }
                         } else {
                             $res['ko']++;
                         }
                     }
                 }
             } else {
                 $res['noright']++;
             }
             break;
         case "change_authtype":
             if (!isset($input["authtype"]) || !isset($input["auths_id"])) {
                 return false;
             }
             if (Session::haveRight("user_authtype", "w")) {
                 $ids = array();
                 foreach ($input["item"] as $key => $val) {
                     if ($val == 1) {
                         $ids[] = $key;
                     }
                 }
                 if (User::changeAuthMethod($ids, $input["authtype"], $input["auths_id"])) {
                     $res['ok']++;
                 } else {
                     $res['ko']++;
                 }
             } else {
                 $res['noright']++;
             }
             break;
         case "add_userprofile":
             $right = new Profile_User();
             if (isset($input['profiles_id']) && $input['profiles_id'] > 0 && isset($input['entities_id']) && $input['entities_id'] >= 0) {
                 $input2 = array();
                 $input2['entities_id'] = $input['entities_id'];
                 $input2['profiles_id'] = $input['profiles_id'];
                 $input2['is_recursive'] = $input['is_recursive'];
                 foreach ($input["item"] as $key => $val) {
                     if ($val == 1) {
                         $input2['users_id'] = $key;
                         if ($right->can(-1, 'w', $input2)) {
                             if ($right->add($input2)) {
                                 $res['ok']++;
                             } else {
                                 $res['ko']++;
                             }
                         } else {
                             $res['noright']++;
                         }
                     }
                 }
             }
             break;
         default:
             return parent::doSpecificMassiveActions($input);
     }
     return $res;
 }
Пример #2
0
GLPI is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

GLPI is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with GLPI. If not, see <http://www.gnu.org/licenses/>.
--------------------------------------------------------------------------
*/
/** @file
* @brief
*/
include '../inc/includes.php';
Session::checkCentralAccess();
$profile = new Profile();
$right = new Profile_User();
$user = new User();
if (isset($_POST["add"])) {
    $right->check(-1, CREATE, $_POST);
    if ($right->add($_POST)) {
        Event::log($_POST["users_id"], "users", 4, "setup", sprintf(__('%s adds a user to an entity'), $_SESSION["glpiname"]));
    }
    Html::back();
}
Html::displayErrorAndDie("lost");
Пример #3
0
 /**
  * Apply rules to determine dynamic rights of the user
  *
  * @return boolean : true if we play the Rule Engine
  **/
 function applyRightRules()
 {
     global $DB;
     $return = false;
     if ((isset($this->fields['_ruleright_process']) || isset($this->input['_ruleright_process'])) && isset($this->fields["authtype"]) && ($this->fields["authtype"] == Auth::LDAP || $this->fields["authtype"] == Auth::MAIL || Auth::isAlternateAuth($this->fields["authtype"]))) {
         $dynamic_profiles = Profile_User::getForUser($this->fields["id"], true);
         if (isset($this->fields["id"]) && $this->fields["id"] > 0 && isset($this->input["_ldap_rules"]) && count($this->input["_ldap_rules"])) {
             //and add/update/delete only if it's necessary !
             if (isset($this->input["_ldap_rules"]["rules_entities_rights"])) {
                 $entities_rules = $this->input["_ldap_rules"]["rules_entities_rights"];
             } else {
                 $entities_rules = array();
             }
             if (isset($this->input["_ldap_rules"]["rules_entities"])) {
                 $entities = $this->input["_ldap_rules"]["rules_entities"];
             } else {
                 $entities = array();
             }
             if (isset($this->input["_ldap_rules"]["rules_rights"])) {
                 $rights = $this->input["_ldap_rules"]["rules_rights"];
             } else {
                 $rights = array();
             }
             $retrieved_dynamic_profiles = array();
             //For each affectation -> write it in DB
             foreach ($entities_rules as $entity) {
                 //Multiple entities assignation
                 if (is_array($entity[0])) {
                     foreach ($entity[0] as $tmp => $ent) {
                         $affectation['entities_id'] = $ent;
                         $affectation['profiles_id'] = $entity[1];
                         $affectation['is_recursive'] = $entity[2];
                         $affectation['users_id'] = $this->fields['id'];
                         $affectation['is_dynamic'] = 1;
                         $retrieved_dynamic_profiles[] = $affectation;
                     }
                 } else {
                     $affectation['entities_id'] = $entity[0];
                     $affectation['profiles_id'] = $entity[1];
                     $affectation['is_recursive'] = $entity[2];
                     $affectation['users_id'] = $this->fields['id'];
                     $affectation['is_dynamic'] = 1;
                     $retrieved_dynamic_profiles[] = $affectation;
                 }
             }
             if (count($entities) > 0 && count($rights) == 0) {
                 if ($def_prof = Profile::getDefault()) {
                     $rights[] = $def_prof;
                 }
             }
             if (count($rights) > 0 && count($entities) > 0) {
                 foreach ($rights as $right) {
                     foreach ($entities as $entity) {
                         $affectation['entities_id'] = $entity[0];
                         $affectation['profiles_id'] = $right;
                         $affectation['users_id'] = $this->fields['id'];
                         $affectation['is_recursive'] = $entity[1];
                         $affectation['is_dynamic'] = 1;
                         $retrieved_dynamic_profiles[] = $affectation;
                     }
                 }
             }
             // Compare retrived profiles to existing ones : clean arrays to do purge and add
             if (count($retrieved_dynamic_profiles)) {
                 foreach ($retrieved_dynamic_profiles as $keyretr => $retr_profile) {
                     $found = false;
                     foreach ($dynamic_profiles as $keydb => $db_profile) {
                         // Found existing profile : unset values in array
                         if (!$found && $db_profile['entities_id'] == $retr_profile['entities_id'] && $db_profile['profiles_id'] == $retr_profile['profiles_id'] && $db_profile['is_recursive'] == $retr_profile['is_recursive']) {
                             unset($retrieved_dynamic_profiles[$keyretr]);
                             unset($dynamic_profiles[$keydb]);
                         }
                     }
                 }
             }
             // Add new dynamic profiles
             if (count($retrieved_dynamic_profiles)) {
                 $right = new Profile_User();
                 foreach ($retrieved_dynamic_profiles as $keyretr => $retr_profile) {
                     $right->add($retr_profile);
                 }
             }
             //Unset all the temporary tables
             unset($this->input["_ldap_rules"]);
             $return = true;
         }
         // Delete old dynamic profiles
         if (count($dynamic_profiles)) {
             $right = new Profile_User();
             foreach ($dynamic_profiles as $keydb => $db_profile) {
                 $right->delete($db_profile);
             }
         }
     }
     return $return;
 }
Пример #4
0
             if ($groupuser->can(-1, 'w', $input)) {
                 $groupuser->add($input);
             }
         }
     }
     break;
 case "add_userprofile":
     $right = new Profile_User();
     if (isset($_POST['profiles_id']) && $_POST['profiles_id'] > 0 && isset($_POST['entities_id']) && $_POST['entities_id'] >= 0) {
         $input['entities_id'] = $_POST['entities_id'];
         $input['profiles_id'] = $_POST['profiles_id'];
         $input['is_recursive'] = $_POST['is_recursive'];
         foreach ($_POST["item"] as $key => $val) {
             if ($val == 1) {
                 $input['users_id'] = $key;
                 $right->add($input);
             }
         }
     }
     break;
 case "add_document":
     $documentitem = new Document_Item();
     foreach ($_POST["item"] as $key => $val) {
         $input = array('itemtype' => $_POST["itemtype"], 'items_id' => $key, 'documents_id' => $_POST['docID']);
         if ($documentitem->can(-1, 'w', $input)) {
             $documentitem->add($input);
         }
     }
     break;
 case "add_contact":
     if ($_POST["itemtype"] == 'Supplier') {