mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-12-25 06:00:28 +01:00
Implemented: user rights cannot be removed as soon as user template grants this right.
This commit is contained in:
parent
af3efdc0c4
commit
06143f98b1
@ -524,7 +524,7 @@ class Benutzer
|
||||
if($data[0]['type']=="admin"){
|
||||
$this->app->Tpl->Set('HINWEISADMIN',"<div class=\"info\">Dieser Benutzer ist vom Typ Administrator. Administratoren haben immer Vollzugriff - daher können diesem keine Rechte genommen werden.</div>");
|
||||
} else {
|
||||
$this->app->Tpl->Add("HINWEISADMIN","<br><i>Hinweis: Blau = erlaubt, Grau = gesperrt</i>");
|
||||
$this->app->Tpl->Add("HINWEISADMIN","<br><i>Hinweis: Blau = erlaubt, Grau = gesperrt, Sobald eine Vorlage eingetragen ist können Rechte der Vorlage dem Benutzer nicht mehr entzogen werden.</i>");
|
||||
}
|
||||
$this->SetInput($data[0]);
|
||||
$this->UserRights();
|
||||
@ -945,18 +945,40 @@ class Benutzer
|
||||
$this->app->DB->Update("UPDATE userrights SET permission='$value' WHERE id='$id' LIMIT 1");
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
|
||||
$sql = "
|
||||
SELECT
|
||||
permission
|
||||
FROM
|
||||
`uservorlagerights`
|
||||
INNER JOIN `uservorlage` INNER JOIN `user` ON `uservorlagerights`.`vorlage` = `uservorlage`.`id` AND `user`.`vorlage` = `uservorlage`.`bezeichnung`
|
||||
WHERE
|
||||
`user`.`id` = '$user' AND `uservorlagerights`.`module` = '$module' AND `uservorlagerights`.`action` = '$action' LIMIT 1";
|
||||
|
||||
$uservorlageright = $this->app->DB->Select($sql);
|
||||
|
||||
$fromtemplate = false;
|
||||
if (!empty($uservorlageright)) {
|
||||
if ($uservorlageright[0] == '1') {
|
||||
$fromtemplate = true;
|
||||
}
|
||||
}
|
||||
|
||||
if (!$fromtemplate) {
|
||||
$this->app->DB->Delete("DELETE FROM userrights WHERE user='$user' AND module='$module' AND action='$action'");
|
||||
}
|
||||
//$this->app->DB->Update("UPDATE userrights SET permission='$value' WHERE id='$id' LIMIT 1");
|
||||
else
|
||||
}
|
||||
}
|
||||
else {
|
||||
$this->app->DB->Insert("INSERT INTO userrights (user, module, action, permission) VALUES ('$user', '$module', '$action', '$value')");
|
||||
|
||||
}
|
||||
$this->permissionLog($this->app->User->GetID(),$user,$module,$action,$value);
|
||||
}
|
||||
|
||||
echo $this->app->DB->Select("SELECT permission FROM userrights WHERE user='$user' AND module='$module' AND action='$action' LIMIT 1");
|
||||
|
||||
|
||||
exit;
|
||||
}
|
||||
|
||||
|
@ -219,8 +219,6 @@ class Uservorlage
|
||||
);
|
||||
|
||||
$this->app->Tpl->Set('MESSAGE', "<div class=\"success\">Die Einstellungen wurden erfolgreich übernommen.</div>");
|
||||
|
||||
$this->app->erp->AbgleichBenutzerVorlagen($id);
|
||||
}
|
||||
} // END Input Get
|
||||
|
||||
@ -338,6 +336,8 @@ class Uservorlage
|
||||
}
|
||||
|
||||
echo $this->app->DB->Select("SELECT permission FROM uservorlagerights WHERE vorlage='$vorlage' AND module='$module' AND action='$action' LIMIT 1");
|
||||
$this->app->erp->AbgleichBenutzerVorlagen(null, $id, $module, $action); // Update permissions for all users
|
||||
|
||||
exit;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user