Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

#208 Revoke manager rights if they are deactivated / deleted

Browse Source 
Or if category access is removed
This commit is contained in:
Mike Koch 2015-06-07 18:09:25 -04:00
parent 09b53031db
commit b6c0d20215
1 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
admin/manage_users.php
View File

@ -685,6 +685,31 @@ function update_user()
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser['id'])."' AND `category` NOT IN (".$myuser['categories'].")"); hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser['id'])."' AND `category` NOT IN (".$myuser['categories'].")");
} }
// Find the list of categories they are manager of. If they no longer have access to the category, revoke their manager permission.
if ($myuser['isadmin']) {
// Admins can't be managers
hesk_dbQuery('UPDATE `'.hesk_dbEscape($hesk_settings['db_pfix']).'categories` SET `manager` = 0 WHERE `manager` = '.intval($myuser['id']));
} else {
$currentCatRs = hesk_dbQuery("SELECT `categories` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id` = '".intval($myuser['id'])."' LIMIT 1");
$rowOfCategories = hesk_dbFetchAssoc($currentCatRs);
$cats = $rowOfCategories['categories'];
$currentCategories = explode(',', $cats);
$newCategories = explode(',', $myuser['categories']);
// If any any elements are in current but not in new, add them to the revoke array
$revokeCats = array();
foreach ($currentCategories as $currentCategory) {
if (!in_array($currentCategory, $newCategories) && $currentCategory != '') {
array_push($revokeCats, $currentCategory);
}
}
if (count($revokeCats) > 0) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `id` IN (" . implode(',', $revokeCats) . ")");
}
}
hesk_dbQuery( hesk_dbQuery(
"UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET "UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET
`user`='".hesk_dbEscape($myuser['user'])."', `user`='".hesk_dbEscape($myuser['user'])."',
@ -714,6 +739,13 @@ function update_user()
`autorefresh`=".intval($myuser['autorefresh'])." `autorefresh`=".intval($myuser['autorefresh'])."
WHERE `id`='".intval($myuser['id'])."' LIMIT 1"); WHERE `id`='".intval($myuser['id'])."' LIMIT 1");
// If they are now inactive, remove any manager rights
if (!$myuser['active']) {
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` SET `manager` = 0 WHERE `manager` = ".intval($myuser['id']));
}
unset($_SESSION['save_userdata']); unset($_SESSION['save_userdata']);
unset($_SESSION['userdata']); unset($_SESSION['userdata']);
@ -892,6 +924,9 @@ function remove()
hesk_process_messages($hesklang['cant_del_own'],'./manage_users.php'); hesk_process_messages($hesklang['cant_del_own'],'./manage_users.php');
} }
// Revoke manager rights
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` SET `manager` = 0 WHERE `manager` = ".intval($myuser));
/* Un-assign all tickets for this user */ /* Un-assign all tickets for this user */
$res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser)."'"); $res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser)."'");
@ -962,9 +997,14 @@ function toggle_active()
{ {
$active = 0; $active = 0;
$tmp = $hesklang['user_deactivated']; $tmp = $hesklang['user_deactivated'];
// Revoke any manager rights
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` SET `manager` = 0 WHERE `manager` = ".intval($myuser));
$notificationSql = ", `autoassign` = 0, `notify_new_unassigned` = 0, `notify_new_my` = 0, `notify_reply_unassigned` = 0, $notificationSql = ", `autoassign` = 0, `notify_new_unassigned` = 0, `notify_new_my` = 0, `notify_reply_unassigned` = 0,
`notify_reply_my` = 0, `notify_assigned` = 0, `notify_pm` = 0, `notify_note` = 0, `notify_note_unassigned` = 0"; `notify_reply_my` = 0, `notify_assigned` = 0, `notify_pm` = 0, `notify_note` = 0, `notify_note_unassigned` = 0";
} }
hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET `active` = '".$active."'".$notificationSql." WHERE `id` = '".intval($myuser)."'"); hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET `active` = '".$active."'".$notificationSql." WHERE `id` = '".intval($myuser)."'");
if (hesk_dbAffectedRows() != 1) { if (hesk_dbAffectedRows() != 1) {