dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve Ring group context handling 

If the user doesn't have the correct permission then keep the ring_group_context  value from the database
This commit is contained in:
FusionPBX 2024-03-30 08:41:39 -06:00 committed by markjcrane
parent 911888e949
commit 088abe4f4c
1 changed files with 68 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
app/ring_groups/ring_group_edit.php
View File

@ -98,50 +98,52 @@
} }
//delete the user from the ring group //delete the user from the ring group
if ( if ((!empty($_GET["a"])) == "delete"
(!empty($_GET["a"])) == "delete"
&& is_uuid($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["user_uuid"])
&& permission_exists("ring_group_edit") && permission_exists("ring_group_edit")) {
) { //set the variables
//set the variables
$user_uuid = $_REQUEST["user_uuid"]; $user_uuid = $_REQUEST["user_uuid"];
//build array
//build array
$array['ring_group_users'][0]['domain_uuid'] = $domain_uuid; $array['ring_group_users'][0]['domain_uuid'] = $domain_uuid;
$array['ring_group_users'][0]['ring_group_uuid'] = $ring_group_uuid; $array['ring_group_users'][0]['ring_group_uuid'] = $ring_group_uuid;
$array['ring_group_users'][0]['user_uuid'] = $user_uuid; $array['ring_group_users'][0]['user_uuid'] = $user_uuid;
//grant temporary permissions
//grant temporary permissions
$p = new permissions; $p = new permissions;
$p->add('ring_group_user_delete', 'temp'); $p->add('ring_group_user_delete', 'temp');
//execute delete
//execute delete
$database = new database; $database = new database;
$database->app_name = 'ring_groups'; $database->app_name = 'ring_groups';
$database->app_uuid = '1d61fb65-1eec-bc73-a6ee-a6203b4fe6f2'; $database->app_uuid = '1d61fb65-1eec-bc73-a6ee-a6203b4fe6f2';
$database->delete($array); $database->delete($array);
unset($array); unset($array);
//revoke temporary permissions
//revoke temporary permissions
$p->delete('ring_group_user_delete', 'temp'); $p->delete('ring_group_user_delete', 'temp');
//save the message to a session variable
//save the message to a session variable
message::add($text['message-delete']); message::add($text['message-delete']);
//redirect the browser
//redirect the browser
header("Location: ring_group_edit.php?id=$ring_group_uuid"); header("Location: ring_group_edit.php?id=$ring_group_uuid");
exit; exit;
} }
//get total ring group count from the database, check limit, if defined //get total ring group count from the database, check limit, if defined
if ($action == 'add') { if ($action == 'add' && $_SESSION['limit']['ring_groups']['numeric'] ?? '') {
if ($_SESSION['limit']['ring_groups']['numeric'] ?? '') { $sql = "select count(*) from v_ring_groups ";
$sql = "select count(*) from v_ring_groups "; $sql .= "where domain_uuid = :domain_uuid ";
$sql .= "where domain_uuid = :domain_uuid "; $parameters['domain_uuid'] = $domain_uuid;
$parameters['domain_uuid'] = $domain_uuid; $database = new database;
$database = new database; $total_ring_groups = $database->select($sql, $parameters, 'column');
$total_ring_groups = $database->select($sql, $parameters, 'column'); unset($sql, $parameters);
unset($sql, $parameters);
if (is_numeric($_SESSION['limit']['ring_groups']['numeric']) && $total_ring_groups >= $_SESSION['limit']['ring_groups']['numeric']) { if (is_numeric($_SESSION['limit']['ring_groups']['numeric']) && $total_ring_groups >= $_SESSION['limit']['ring_groups']['numeric']) {
message::add($text['message-maximum_ring_groups'].' '.$_SESSION['limit']['ring_groups']['numeric'], 'negative'); message::add($text['message-maximum_ring_groups'].' '.$_SESSION['limit']['ring_groups']['numeric'], 'negative');
header('Location: ring_groups.php'); header('Location: ring_groups.php');
exit; exit;
}
} }
} }
@ -215,33 +217,58 @@
$ring_group_context = $_SESSION['domain_name']; $ring_group_context = $_SESSION['domain_name'];
} }
//if the user doesn't have the correct permission then
//override domain_uuid and ring_group_context values
if ($action == 'update' && is_uuid($ring_group_uuid)) {
$sql = "select * from v_ring_groups ";
$sql .= "where ring_group_uuid = :ring_group_uuid ";
$parameters['ring_group_uuid'] = $ring_group_uuid;
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (!empty($row)) {
//if (!permission_exists(ring_group_domain')) {
// $domain_uuid = $row["domain_uuid"];
//}
if (!permission_exists('ring_group_context')) {
$ring_group_context = $row["ring_group_context"];
}
}
unset($sql, $parameters, $row);
}
} }
//assign the user to the ring group //assign the user to the ring group
if (!empty($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["id"]) && $_GET["a"] != "delete" && permission_exists("ring_group_edit")) { if (!empty($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["id"]) && $_GET["a"] != "delete" && permission_exists("ring_group_edit")) {
//set the variables //set the variables
$user_uuid = $_REQUEST["user_uuid"]; $user_uuid = $_REQUEST["user_uuid"];
//build array //build array
$array['ring_group_users'][0]['ring_group_user_uuid'] = uuid(); $array['ring_group_users'][0]['ring_group_user_uuid'] = uuid();
$array['ring_group_users'][0]['domain_uuid'] = $domain_uuid; $array['ring_group_users'][0]['domain_uuid'] = $domain_uuid;
$array['ring_group_users'][0]['ring_group_uuid'] = $ring_group_uuid; $array['ring_group_users'][0]['ring_group_uuid'] = $ring_group_uuid;
$array['ring_group_users'][0]['user_uuid'] = $user_uuid; $array['ring_group_users'][0]['user_uuid'] = $user_uuid;
//grant temporary permissions //grant temporary permissions
$p = new permissions; $p = new permissions;
$p->add('ring_group_user_add', 'temp'); $p->add('ring_group_user_add', 'temp');
//execute delete //execute delete
$database = new database; $database = new database;
$database->app_name = 'ring_groups'; $database->app_name = 'ring_groups';
$database->app_uuid = '1d61fb65-1eec-bc73-a6ee-a6203b4fe6f2'; $database->app_uuid = '1d61fb65-1eec-bc73-a6ee-a6203b4fe6f2';
$database->save($array); $database->save($array);
unset($array); unset($array);
//revoke temporary permissions //revoke temporary permissions
$p->delete('ring_group_user_add', 'temp'); $p->delete('ring_group_user_add', 'temp');
//set message //set message
message::add($text['message-add']); message::add($text['message-add']);
//redirect the browser //redirect the browser
header("Location: ring_group_edit.php?id=".urlencode($ring_group_uuid)); header("Location: ring_group_edit.php?id=".urlencode($ring_group_uuid));
exit; exit;
} }
//process the HTTP POST //process the HTTP POST
@ -876,7 +903,7 @@
echo " <table border='0' cellpadding='0' cellspacing='0'>\n"; echo " <table border='0' cellpadding='0' cellspacing='0'>\n";
echo " <tr>\n"; echo " <tr>\n";
echo " <td class='vtable'>".$text['label-destination_number']."</td>\n"; echo " <td class='vtable'>".$text['label-destination_number']."</td>\n";
echo " <td class='vtable' id='destination_delayorder'>"; echo " <td class='vtable' id='destination_delayorder'>";
echo ($ring_group_strategy == 'sequence' || $ring_group_strategy == 'rollover') ? $text['label-destination_order'] : $text['label-destination_delay']; echo ($ring_group_strategy == 'sequence' || $ring_group_strategy == 'rollover') ? $text['label-destination_order'] : $text['label-destination_delay'];
echo " </td>\n"; echo " </td>\n";