Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

#61 Admins can now designate who can view the settings page

Browse Source
This commit is contained in:
Mike Koch 2014-10-15 22:09:52 -04:00
parent a2c058ea16
commit 3d6c11dd57
3 changed files with 31 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
admin/manage_users.php
View File

@ -266,19 +266,22 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
</div> </div>
</div> </div>
</div> </div>
<div class="form-group">
<label for="auto-assign" class="col-sm-5 control-label"><?php echo $hesklang['opt']; ?>:</label>
<div class="col-sm-7">
<?php <?php
if ($hesk_settings['autoassign']) if ($hesk_settings['autoassign'])
{ {
?> ?>
<div class="form-group">
<label for="auto-assign" class="col-sm-5 control-label"><?php echo $hesklang['opt']; ?>:</label>
<div class="col-sm-7">
<div class="checkbox"> <div class="checkbox">
<label><input type="checkbox" name="autoassign" value="Y" <?php if ( ! isset($_SESSION['userdata']['autoassign']) || $_SESSION['userdata']['autoassign'] == 1 ) {echo 'checked="checked"';} ?> /> <?php echo $hesklang['user_aa']; ?></label> <label><input type="checkbox" name="autoassign" value="Y" <?php if ( ! isset($_SESSION['userdata']['autoassign']) || $_SESSION['userdata']['autoassign'] == 1 ) {echo 'checked="checked"';} ?> /> <?php echo $hesklang['user_aa']; ?></label>
</div> </div>
</div>
</div>
<?php } ?> <?php } ?>
<div class="checkbox">
<label><input type="checkbox" name="manage_settings"> Can Manage Settings (!)</label>
</div>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label for="signature" class="col-sm-5 control-label"><?php echo $hesklang['signature_max']; ?>:</label> <label for="signature" class="col-sm-5 control-label"><?php echo $hesklang['signature_max']; ?>:</label>
@ -530,7 +533,7 @@ function edit_user()
if ( ! isset($_SESSION['save_userdata'])) if ( ! isset($_SESSION['save_userdata']))
{ {
$res = hesk_dbQuery("SELECT `user`,`pass`,`isadmin`,`name`,`email`,`signature`,`categories`,`autoassign`,`heskprivileges` AS `features` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='".intval($id)."' LIMIT 1"); $res = hesk_dbQuery("SELECT `user`,`pass`,`isadmin`,`name`,`email`,`signature`,`categories`,`autoassign`,`heskprivileges` AS `features`, `can_manage_settings` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='".intval($id)."' LIMIT 1");
$_SESSION['userdata'] = hesk_dbFetchAssoc($res); $_SESSION['userdata'] = hesk_dbFetchAssoc($res);
/* Store original username for display until changes are saved successfully */ /* Store original username for display until changes are saved successfully */
@ -674,17 +677,25 @@ function edit_user()
</div> </div>
</div> </div>
</div> </div>
<?php if ($hesk_settings['autoassign'])
{ ?>
<div class="form-group"> <div class="form-group">
<label for="autoassign" class="col-sm-3 control-label"><?php echo $hesklang['opt']; ?>:</label> <label for="autoassign" class="col-sm-3 control-label"><?php echo $hesklang['opt']; ?>:</label>
<div class="col-sm-9"> <div class="col-sm-9">
<?php if ($hesk_settings['autoassign'])
{ ?>
<div class="checkbox"> <div class="checkbox">
<label><input type="checkbox" name="autoassign" value="Y" <?php if ( isset($_SESSION['userdata']['autoassign']) && $_SESSION['userdata']['autoassign'] == 1 ) {echo 'checked="checked"';} ?> /> <?php echo $hesklang['user_aa']; ?></label> <label><input type="checkbox" name="autoassign" value="Y" <?php if ( isset($_SESSION['userdata']['autoassign']) && $_SESSION['userdata']['autoassign'] == 1 ) {echo 'checked="checked"';} ?> /> <?php echo $hesklang['user_aa']; ?></label>
</div> </div>
</div> <?php } if ($_GET['id'] != 1) { ?>
</div> <div class="checkbox">
<?php if (isset($_SESSION['userdata']['can_manage_settings'])) { ?>
<label><input type="checkbox" name="manage_settings" <?php if ($_SESSION['userdata']['can_manage_settings']) { echo 'checked';} ?>> Can Manage Settings (!)</label>
<?php } ?> <?php } ?>
</div>
<?php } else { ?>
<input type="hidden" name="manage_settings" value="1">
<?php } ?>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label for="signature" class="col-sm-3 control-label"><?php echo $hesklang['signature_max']; ?>:</label> <label for="signature" class="col-sm-3 control-label"><?php echo $hesklang['signature_max']; ?>:</label>
<div class="col-sm-9"> <div class="col-sm-9">
@ -754,7 +765,7 @@ function new_user()
$myuser['features'] = ''; $myuser['features'] = '';
} }
hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."users` (`user`,`pass`,`isadmin`,`name`,`email`,`signature`,`categories`,`autoassign`,`heskprivileges` $sql_where) VALUES ( hesk_dbQuery("INSERT INTO `".hesk_dbEscape($hesk_settings['db_pfix'])."users` (`user`,`pass`,`isadmin`,`name`,`email`,`signature`,`categories`,`autoassign`,`heskprivileges`, `can_manage_settings` $sql_where) VALUES (
'".hesk_dbEscape($myuser['user'])."', '".hesk_dbEscape($myuser['user'])."',
'".hesk_dbEscape($myuser['pass'])."', '".hesk_dbEscape($myuser['pass'])."',
'".intval($myuser['isadmin'])."', '".intval($myuser['isadmin'])."',
@ -763,7 +774,8 @@ function new_user()
'".hesk_dbEscape($myuser['signature'])."', '".hesk_dbEscape($myuser['signature'])."',
'".hesk_dbEscape($myuser['categories'])."', '".hesk_dbEscape($myuser['categories'])."',
'".intval($myuser['autoassign'])."', '".intval($myuser['autoassign'])."',
'".hesk_dbEscape($myuser['features'])."' '".hesk_dbEscape($myuser['features'])."',
'".hesk_dbEscape($myuser['can_manage_settings'])."'
$sql_what )" ); $sql_what )" );
$_SESSION['seluser'] = hesk_dbInsertID(); $_SESSION['seluser'] = hesk_dbInsertID();
@ -850,7 +862,8 @@ function update_user()
`categories`='".hesk_dbEscape($myuser['categories'])."', `categories`='".hesk_dbEscape($myuser['categories'])."',
`isadmin`='".intval($myuser['isadmin'])."', `isadmin`='".intval($myuser['isadmin'])."',
`autoassign`='".intval($myuser['autoassign'])."', `autoassign`='".intval($myuser['autoassign'])."',
`heskprivileges`='".hesk_dbEscape($myuser['features'])."' `heskprivileges`='".hesk_dbEscape($myuser['features'])."',
`can_manage_settings`='".hesk_dbEscape($myuser['can_manage_settings'])."'
$sql_where $sql_where
WHERE `id`='".intval($myuser['id'])."' LIMIT 1"); WHERE `id`='".intval($myuser['id'])."' LIMIT 1");
@ -871,6 +884,7 @@ function hesk_validateUserInfo($pass_required = 1, $redirect_to = './manage_user
$myuser['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer .= '<li>' . $hesklang['enter_valid_email'] . '</li>'; $myuser['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer .= '<li>' . $hesklang['enter_valid_email'] . '</li>';
$myuser['user'] = hesk_input( hesk_POST('user') ) or $hesk_error_buffer .= '<li>' . $hesklang['enter_username'] . '</li>'; $myuser['user'] = hesk_input( hesk_POST('user') ) or $hesk_error_buffer .= '<li>' . $hesklang['enter_username'] . '</li>';
$myuser['isadmin'] = empty($_POST['isadmin']) ? 0 : 1; $myuser['isadmin'] = empty($_POST['isadmin']) ? 0 : 1;
$myuser['can_manage_settings'] = isset($_POST['manage_settings']) ? 1 : 0;
$myuser['signature'] = hesk_input( hesk_POST('signature') ); $myuser['signature'] = hesk_input( hesk_POST('signature') );
$myuser['autoassign'] = hesk_POST('autoassign') == 'Y' ? 1 : 0; $myuser['autoassign'] = hesk_POST('autoassign') == 'Y' ? 1 : 0;

1
install/updateNuMods.php
View File

@ -62,6 +62,7 @@ if ($_GET['update'] == 1)
hesk_dbQuery("CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."denied_emails` (ID INT NOT NULL PRIMARY KEY AUTO_INCREMENT, Email VARCHAR(100) NOT NULL);"); hesk_dbQuery("CREATE TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."denied_emails` (ID INT NOT NULL PRIMARY KEY AUTO_INCREMENT, Email VARCHAR(100) NOT NULL);");
hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` ADD COLUMN `parent` MEDIUMINT(8) NULL AFTER `custom20`;"); hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` ADD COLUMN `parent` MEDIUMINT(8) NULL AFTER `custom20`;");
hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ADD COLUMN `active` BIT NOT NULL DEFAULT 1 AFTER `autorefresh`"); hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ADD COLUMN `active` BIT NOT NULL DEFAULT 1 AFTER `autorefresh`");
hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ADD COLUMN `can_manage_settings` INT NOT NULL DEFAULT 1");
} }
} }

1
install/updateTo1-5-0.php
View File

@ -5,6 +5,7 @@ require(HESK_PATH . 'install/install_functions.inc.php');
require(HESK_PATH . 'hesk_settings.inc.php'); require(HESK_PATH . 'hesk_settings.inc.php');
hesk_dbConnect(); hesk_dbConnect();
hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ADD COLUMN `active` BIT NOT NULL DEFAULT 1 AFTER `autorefresh`"); hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ADD COLUMN `active` BIT NOT NULL DEFAULT 1 AFTER `autorefresh`");
hesk_dbQuery("ALTER TABLE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` ADD COLUMN `can_manage_settings` INT NOT NULL DEFAULT 1");
?> ?>
<h1>Update complete!</h1> <h1>Update complete!</h1>