composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°7997 - Sharing Base incompatible with iTop >= 3.1

Browse Source
This commit is contained in:
Eric Espie
2024-12-11 13:28:37 +01:00
parent 9d3b46b919
commit aa55c2b30f
2 changed files with 17 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
addons/userrights/userrightsprofile.class.inc.php
View File

@@ -799,7 +799,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
return $aRes; return $aRes;
} }
public function IsActionAllowed($oUser, $sClass, $iActionCode, $oInstanceSet = null) public function IsActionAllowed($oUser, $sClass, $iActionCode, DBObjectSet $oInstanceSet = null)
{ {
$this->LoadCache(); $this->LoadCache();
@@ -825,46 +825,33 @@ class UserRightsProfile extends UserRightsAddOnAPI
{ {
// We are protected by GetSelectFilter: the object set contains objects allowed or shared for reading // We are protected by GetSelectFilter: the object set contains objects allowed or shared for reading
// We have to answer NO for objects shared for reading purposes // We have to answer NO for objects shared for reading purposes
if (self::HasSharing()) if (self::HasSharing() && SharedObject::GetSharedClassProperties($sClass)) {
{ // This class is shared, GetSelectFilter may allow some objects for read only
$aClassProps = SharedObject::GetSharedClassProperties($sClass); // But currently we are checking whether the objects might be written...
if ($aClassProps) // Let's exclude the objects based on the relevant criteria
{
// This class is shared, GetSelectFilter may allow some objects for read only
// But currently we are checking wether the objects might be written...
// Let's exclude the objects based on the relevant criteria
// Use $oInstanceSet only if sClass is the main class
if ($sClass === $oInstanceSet->GetClass()) {
$sOrgAttCode = self::GetOwnerOrganizationAttCode($sClass); $sOrgAttCode = self::GetOwnerOrganizationAttCode($sClass);
if (!is_null($sOrgAttCode)) if (!is_null($sOrgAttCode)) {
{
$aUserOrgs = $this->GetUserOrgs($oUser, $sClass); $aUserOrgs = $this->GetUserOrgs($oUser, $sClass);
if (!is_null($aUserOrgs) && count($aUserOrgs) > 0) if (!is_null($aUserOrgs) && count($aUserOrgs) > 0) {
{
$iCountNO = 0; $iCountNO = 0;
$iCountYES = 0; $iCountYES = 0;
$oInstanceSet->Rewind(); $oInstanceSet->Rewind();
while($oObject = $oInstanceSet->Fetch()) while ($oObject = $oInstanceSet->Fetch()) {
{
$iOrg = $oObject->Get($sOrgAttCode); $iOrg = $oObject->Get($sOrgAttCode);
if (in_array($iOrg, $aUserOrgs)) if (in_array($iOrg, $aUserOrgs)) {
{
$iCountYES++; $iCountYES++;
} } else {
else
{
$iCountNO++; $iCountNO++;
} }
} }
if ($iCountNO == 0) if ($iCountNO == 0) {
{
$iPermission = UR_ALLOWED_YES; $iPermission = UR_ALLOWED_YES;
} } elseif ($iCountYES == 0) {
elseif ($iCountYES == 0)
{
$iPermission = UR_ALLOWED_NO; $iPermission = UR_ALLOWED_NO;
} } else {
else
{
$iPermission = UR_ALLOWED_DEPENDS; $iPermission = UR_ALLOWED_DEPENDS;
} }
} }

4
application/displayblock.class.inc.php
View File

@@ -2024,8 +2024,8 @@ class MenuBlock extends DisplayBlock
$sSelectedClassName = MetaModel::GetName($sSelectedClass); $sSelectedClassName = MetaModel::GetName($sSelectedClass);
// Check rights on class // Check rights on class
$bIsBulkModifyAllowed = (!MetaModel::IsAbstract($sSelectedClass)) && UserRights::IsActionAllowed($sSelectedClass, UR_ACTION_BULK_MODIFY, $oSet) && ($oReflectionClass->IsSubclassOf('cmdbAbstractObject')); $bIsBulkModifyAllowed = (!MetaModel::IsAbstract($sSelectedClass)) && UserRights::IsActionAllowed($sSelectedClass, UR_ACTION_BULK_MODIFY) && ($oReflectionClass->IsSubclassOf('cmdbAbstractObject'));
$bIsBulkDeleteAllowed = (bool) UserRights::IsActionAllowed($sSelectedClass, UR_ACTION_BULK_DELETE, $sSelectedClass); $bIsBulkDeleteAllowed = (bool) UserRights::IsActionAllowed($sSelectedClass, UR_ACTION_BULK_DELETE);
// Refine filter on selected class so bullk actions occur on the right class // Refine filter on selected class so bullk actions occur on the right class
$oSelectedClassFilter = $this->GetFilter()->DeepClone(); $oSelectedClassFilter = $this->GetFilter()->DeepClone();