Improved change tracking: user login replaced by the full name if available

Added a tab into the CSV import: browse the CSV imports history Finalized the read-only mode (distinguish between users and everybody, admin message displayed on top of the main screen) SVN:trunk[1007]
2026-02-12 23:14:18 +01:00 · 2010-12-03 10:18:28 +00:00
parent 53d5867b93
commit d85aba8ebc
24 changed files with 503 additions and 132 deletions
--- a/application/itopwebpage.class.inc.php
+++ b/application/itopwebpage.class.inc.php
@@ -632,13 +632,32 @@ EOF
 		}
 		$sLogOffMenu .= "</ul>\n</li>\n</ul></span>\n";
-		if (MetaModel::DBIsReadOnly())
+		$sRestrictions = '';
 		if (!MetaModel::DBHasAccess(ACCESS_ADMIN_WRITE))
 		{
-			$sApplicationMode = Dict::S('UI:ApplicationReadOnly');
+			if (!MetaModel::DBHasAccess(ACCESS_ADMIN_WRITE))
 			{
 				$sRestrictions = Dict::S('UI:AccessRO-All');
 			}
 		}
 		elseif (!MetaModel::DBHasAccess(ACCESS_USER_WRITE))
 		{
 				$sRestrictions = Dict::S('UI:AccessRO-Users');
 		}
 		if (strlen($sRestrictions) > 0)
 		{
 			$sAdminMessage = trim(utils::GetConfig()->Get('access_message'));
 			$sApplicationBanner = '<img src="../images/locked.png" style="vertical-align:middle;">';
 			$sApplicationBanner .= '&nbsp;<b>'.$sRestrictions.'</b>';
 			if (strlen($sAdminMessage) > 0)
 			{
 				$sApplicationBanner .= '&nbsp;<b>'.$sAdminMessage.'</b>';
 			}
 		}
 		else
 		{
-			$sApplicationMode = '';
+			$sApplicationBanner = '';
 		}
 		//$sLogOffMenu = "<span id=\"logOffBtn\" style=\"height:55px;padding:0;margin:0;\"><img src=\"../images/onOffBtn.png\"></span>";
@@ -667,8 +686,9 @@ EOF
 		echo '<div class="ui-layout-center">';
 		echo '	<div id="top-bar" style="width:100%">';
 		echo '		<div id="admin-banner">'.$sApplicationBanner.'</div>';
 		echo '		<div id="global-search"><form action="../pages/UI.php"><table><tr><td></td><td id="g-search-input"><input type="text" name="text" value="'.$sText.'"'.$sOnClick.'/></td>';
-		echo '<td><input type="image" src="../images/searchBtn.png"/></a></td><td>'.$sApplicationMode.'</td>';
+		echo '<td><input type="image" src="../images/searchBtn.png"/></a></td>';
 		echo '<td><a style="background:transparent;" href="http://www.combodo.com/itop-help" target="_blank"><img style="border:0;padding-left:20px;padding-right:10px;" title="'.Dict::S('UI:Help').'" src="../images/help.png"/></td>';
 		echo '<td style="padding-right:20px;padding-left:10px;">'.$sLogOffMenu.'</td><td><input type="hidden" name="operation" value="full_text"/></td></tr></table></form></div>';
 		//echo '<td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="hidden" name="operation" value="full_text"/></td></tr></table></form></div>';
--- a/application/ui.extkeywidget.class.inc.php
+++ b/application/ui.extkeywidget.class.inc.php
@@ -258,14 +258,7 @@ EOF
 		$oObj->UpdateObject($this->sFormPrefix.$this->iId);
 		$oMyChange = MetaModel::NewObject("CMDBChange");
 		$oMyChange->Set("date", time());
-		if (UserRights::IsImpersonated())
+		$sUserString = CMDBChange::GetCurrentUserName();
 		{
 			$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 		}
 		else
 		{
 			$sUserString = UserRights::GetUser();
 		}
 		$oMyChange->Set("userinfo", $sUserString);
 		$iChangeId = $oMyChange->DBInsert();
 		$oObj->DBInsertTracked($oMyChange);
--- a/core/bulkchange.class.inc.php
+++ b/core/bulkchange.class.inc.php
@@ -789,6 +789,272 @@ class BulkChange
 		return $aResult;
 	}
 	/**
 	 * Display the history of bulk imports
 	 */
 	static function DisplayImportHistory(WebPage $oPage, $bFromAjax = false, $bShowAll = false)
 	{
 		$sAjaxDivId = "CSVImportHistory";
 		if (!$bFromAjax)
 		{
 			$oPage->add('<div id="'.$sAjaxDivId.'">');
 		}
 		$oPage->p(Dict::S('UI:History:BulkImports+'));
 		$oBulkChangeSearch = DBObjectSearch::FromOQL("SELECT CMDBChange WHERE userinfo LIKE '%(CSV)'");
 		$iQueryLimit = $bShowAll ? 0 : utils::GetConfig()->GetMaxDisplayLimit() + 1;
 		$oBulkChanges = new DBObjectSet($oBulkChangeSearch, array('date' => false), array(), $iQueryLimit);
 		$oAppContext = new ApplicationContext();
 		$bLimitExceeded = false;
 		if ($oBulkChanges->Count() > utils::GetConfig()->GetMaxDisplayLimit())
 		{
 			$bLimitExceeded = true;
 			if (!$bShowAll)
 			{
 				$iMaxObjects = utils::GetConfig()->GetMinDisplayLimit();
 				$oBulkChanges->SetLimit($iMaxObjects);
 			}
 		}
 		$oBulkChanges->Seek(0);
 		$aDetails = array();
 		while ($oChange = $oBulkChanges->Fetch())
 		{
 			$sDate = '<a href="?step=10&changeid='.$oChange->GetKey().'&'.$oAppContext->GetForLink().'">'.$oChange->Get('date').'</a>';
 			$sUser = $oChange->GetUserName();
 			if (preg_match('/^(.*)\\(CSV\\)$/i', $oChange->Get('userinfo'), $aMatches))
 			{
 				$sUser = $aMatches[1];
 			}
 			else
 			{
 				$sUser = $oChange->Get('userinfo');
 			}
 			$oOpSearch = DBObjectSearch::FromOQL("SELECT CMDBChangeOpCreate WHERE change = :change_id");
 			$oOpSet = new DBObjectSet($oOpSearch, array(), array('change_id' => $oChange->GetKey()));
 			$iCreated = $oOpSet->Count();
 			//while ($oCreated = $oOpSet->Fetch())
 			//{
 			//	$oPage->p("Created ".$oCreated->Get('objclass')."::".$oCreated->Get('objkey'));
 			//}
 			$oOpSearch = DBObjectSearch::FromOQL("SELECT CMDBChangeOpSetAttribute WHERE change = :change_id");
 			$oOpSet = new DBObjectSet($oOpSearch, array(), array('change_id' => $oChange->GetKey()));
 			$aModified = array();
 			$aAttList = array();
 			while ($oModified = $oOpSet->Fetch())
 			{
 				$sClass = $oModified->Get('objclass');
 				$iKey = $oModified->Get('objkey');
 				$sAttCode = $oModified->Get('attcode');
 				$aAttList[$sClass][$sAttCode] = true;
 				$aModified["$sClass::$iKey"] = true;
 			}
 			$iModified = count($aModified);
 			// Assumption: there is only one class of objects being loaded
 			// Then the last class found gives us the class for every object
 			$aDetails[] = array('date' => $sDate, 'user' => $sUser, 'class' => $sClass, 'created' => $iCreated, 'modified' => $iModified);
 		}
 		$aConfig = array( 'date' => array('label' => Dict::S('UI:History:Date'), 'description' => Dict::S('UI:History:Date+')),
 					'user' => array('label' => Dict::S('UI:History:User'), 'description' => Dict::S('UI:History:User+')),
 					'class' => array('label' => Dict::S('Core:AttributeClass'), 'description' => Dict::S('Core:AttributeClass+')),
 					'created' => array('label' => Dict::S('UI:History:StatsCreations'), 'description' => Dict::S('UI:History:StatsCreations+')),
 					'modified' => array('label' => Dict::S('UI:History:StatsModifs'), 'description' => Dict::S('UI:History:StatsModifs+')),
 		);
 		if ($bLimitExceeded)
 		{
 			if ($bShowAll)
 			{
 				// Collapsible list
 				$oPage->add('<p>'.Dict::Format('UI:CountOfResults', $oBulkChanges->Count()).'&nbsp;&nbsp;<a class="truncated" onclick="OnTruncatedHistoryToggle(false);">'.Dict::S('UI:CollapseList').'</a></p>');
 			}
 			else
 			{
 				// Truncated list
 				$iMinDisplayLimit = utils::GetConfig()->GetMinDisplayLimit();
 				$sCollapsedLabel = Dict::Format('UI:TruncatedResults', $iMinDisplayLimit, $oBulkChanges->Count());
 				$sLinkLabel = Dict::S('UI:DisplayAll');
 				$oPage->add('<p>'.$sCollapsedLabel.'&nbsp;&nbsp;<a class="truncated" onclick="OnTruncatedHistoryToggle(true);">'.$sLinkLabel.'</p>');
 				$oPage->add_ready_script(
 <<<EOF
 	$('#$sAjaxDivId table.listResults').addClass('truncated');
 	$('#$sAjaxDivId table.listResults tr:last td').addClass('truncated');
 EOF
 				);
 				$sAppContext = $oAppContext->GetForLink();
 				$oPage->add_script(
 <<<EOF
 	function OnTruncatedHistoryToggle(bShowAll)
 	{
 		$.get('../pages/ajax.render.php?{$sAppContext}', {operation: 'displayCSVHistory', showall: bShowAll}, function(data)
 			{
 				$('#$sAjaxDivId').html(data);
 				var table = $('#$sAjaxDivId .listResults');
 				table.tableHover(); // hover tables
 				table.tablesorter( { widgets: ['myZebra', 'truncatedList']} ); // sortable and zebra tables
 			}
 		);
 	}
 EOF
 				);
 			}
 		}
 		else
 		{
 			// Normal display - full list without any decoration
 		}
 		$oPage->table($aConfig, $aDetails);
 		if (!$bFromAjax)
 		{
 			$oPage->add('</div>');
 		}
 	}
 	/**
 	 * Display the details of an import
 	 */
 	static function DisplayImportHistoryDetails(iTopWebPage $oPage, $iChange)
 	{
 		if ($iChange == 0)
 		{
 			throw new Exception("Missing parameter changeid");
 		}
 		$oChange = MetaModel::GetObject('CMDBChange', $iChange, false);
 		if (is_null($oChange))
 		{
 			throw new Exception("Unknown change: $iChange");
 		}
 		$oPage->add("<div><p><h1>".Dict::Format('UI:History:BulkImportDetails', $oChange->Get('date'), $oChange->GetUserName())."</h1></p></div>\n");
 		// Assumption : change made one single class of objects
 		$aObjects = array();
 		$aAttributes = array(); // array of attcode => occurences
 		$oOpSearch = DBObjectSearch::FromOQL("SELECT CMDBChangeOp WHERE change = :change_id");
 		$oOpSet = new DBObjectSet($oOpSearch, array(), array('change_id' => $iChange));
 		while ($oOperation = $oOpSet->Fetch())
 		{
 			$sClass = $oOperation->Get('objclass');
 			$iKey = $oOperation->Get('objkey');
 			$iObjId = "$sClass::$iKey";
 			if (!isset($aObjects[$iObjId]))
 			{
 				$aObjects[$iObjId] = array();
 				$aObjects[$iObjId]['__class__'] = $sClass;
 				$aObjects[$iObjId]['__id__'] = $iKey;
 			}
 			if (get_class($oOperation) == 'CMDBChangeOpCreate')
 			{
 				$aObjects[$iObjId]['__created__'] = true;
 			}
 			elseif (is_subclass_of($oOperation, 'CMDBChangeOpSetAttribute'))
 			{
 				$sAttCode = $oOperation->Get('attcode');
 				if (get_class($oOperation) == 'CMDBChangeOpSetAttributeScalar')
 				{
 					$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
 					if ($oAttDef->IsExternalKey())
 					{
 						$oOldTarget = MetaModel::GetObject($oAttDef->GetTargetClass(), $oOperation->Get('oldvalue'));
 						$oNewTarget = MetaModel::GetObject($oAttDef->GetTargetClass(), $oOperation->Get('newvalue'));
 						$sOldValue = $oOldTarget->GetHyperlink();
 						$sNewValue = $oNewTarget->GetHyperlink();
 					}
 					else
 					{
 						$sOldValue = $oOperation->GetAsHTML('oldvalue');
 						$sNewValue = $oOperation->GetAsHTML('newvalue');
 					}
 					$aObjects[$iObjId][$sAttCode] = $sOldValue.' -&gt; '.$sNewValue;
 				}
 				else
 				{
 					$aObjects[$iObjId][$sAttCode] = 'n/a';
 				}
 				if (isset($aAttributes[$sAttCode]))
 				{
 					$aAttributes[$sAttCode]++;
 				}
 				else
 				{
 					$aAttributes[$sAttCode] = 1;				
 				}
 			}
 		}
 		$aDetails = array();
 		foreach($aObjects as $iUId => $aObjData)
 		{
 			$aRow = array();
 			$oObject = MetaModel::GetObject($aObjData['__class__'], $aObjData['__id__'], false);
 			if (is_null($oObject))
 			{
 				$aRow['object'] = $aObjData['__class__'].'::'.$aObjData['__id__'].' (deleted)';
 			}
 			else
 			{
 				$aRow['object'] = $oObject->GetHyperlink();
 			}
 			if (isset($aObjData['__created__']))
 			{
 				$aRow['operation'] = Dict::S('Change:ObjectCreated');
 			}
 			else
 			{
 				$aRow['operation'] = Dict::S('Change:ObjectModified');
 			}
 			foreach ($aAttributes as $sAttCode => $iOccurences)
 			{
 				if (isset($aObjData[$sAttCode]))
 				{
 					$aRow[$sAttCode] = $aObjData[$sAttCode];
 				}
 				elseif (!is_null($oObject))
 				{
 					// This is the current vaslue: $oObject->GetAsHtml($sAttCode)
 					// whereas we are displaying the value that was set at the time
 					// the object was created
 					// This requires addtional coding...let's do that later
 					$aRow[$sAttCode] = '';
 				}
 				else
 				{
 					$aRow[$sAttCode] = '';
 				}
 			}
 			$aDetails[] = $aRow;
 		}
 		$aConfig = array();
 		$aConfig['object'] = array('label' => MetaModel::GetName($sClass), 'description' => MetaModel::GetClassDescription($sClass));
 		$aConfig['operation'] = array('label' => Dict::S('UI:History:Changes'), 'description' => Dict::S('UI:History:Changes+'));
 		foreach ($aAttributes as $sAttCode => $iOccurences)
 		{
 			$aConfig[$sAttCode] = array('label' => MetaModel::GetLabel($sClass, $sAttCode), 'description' => MetaModel::GetDescription($sClass, $sAttCode));
 		}
 		$oPage->table($aConfig, $aDetails);
 	}	
 }
--- a/core/cmdbchange.class.inc.php
+++ b/core/cmdbchange.class.inc.php
@@ -49,6 +49,34 @@ class CMDBChange extends DBObject
 		MetaModel::Init_AddAttribute(new AttributeDateTime("date", array("allowed_values"=>null, "sql"=>"date", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
 		MetaModel::Init_AddAttribute(new AttributeString("userinfo", array("allowed_values"=>null, "sql"=>"userinfo", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
 	}
 	// Helper to keep track of the author of a given change,
 	// taking into account a variety of cases (contact attached or not, impersonation)
 	static public function GetCurrentUserName()
 	{
 		if (UserRights::IsImpersonated())
 		{
 			$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUserFriendlyName(), UserRights::GetUserFriendlyName());
 		}
 		else
 		{
 			$sUserString = UserRights::GetUserFriendlyName();
 		}
 		return $sUserString;
 	}
 	public function GetUserName()
 	{
 		if (preg_match('/^(.*)\\(CSV\\)$/i', $this->Get('userinfo'), $aMatches))
 		{
 			$sUser = $aMatches[1];
 		}
 		else
 		{
 			$sUser = $this->Get('userinfo');
 		}
 		return $sUser;
 	}
 }
 ?>
--- a/core/config.class.inc.php
+++ b/core/config.class.inc.php
@@ -18,6 +18,11 @@ define('ITOP_VERSION', '$ITOP_VERSION$');
 define('ITOP_REVISION', '$WCREV$');
 define('ITOP_BUILD_DATE', '$WCNOW$');
 define('ACCESS_USER_WRITE', 1);
 define('ACCESS_ADMIN_WRITE', 2);
 define('ACCESS_FULL', ACCESS_USER_WRITE | ACCESS_ADMIN_WRITE);
 define('ACCESS_READONLY', 0);
 /**
 * Configuration read/write
 *
@@ -143,14 +148,6 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
 		'database_read_only' => array(
 			'type' => 'bool',
 			'description' => 'Freeze the data for administration purposes - administrators can still do anything... in appearance!',
 			'default' => false,
 			'value' => '',
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
 		// Levels that trigger a confirmation in the CSV import/synchro wizard
 		'csv_import_min_object_confirmation' => array(
 			'type' => 'integer',
@@ -184,6 +181,22 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
 		'access_mode' => array(
 			'type' => 'integer',
 			'description' => 'Combination of flags (ACCESS_USER_WRITE | ACCESS_ADMIN_WRITE, or ACCESS_FULL)',
 			'default' => ACCESS_FULL,
 			'value' => ACCESS_FULL,
 			'source_of_value' => '',
 			'show_in_conf_sample' => true,
 		),
 		'access_message' => array(
 			'type' => 'string',
 			'description' => 'Message displayed to the users when there is any access restriction',
 			'default' => 'iTop is temporarily frozen, please wait... (the admin team)',
 			'value' => '',
 			'source_of_value' => '',
 			'show_in_conf_sample' => true,
 		),
 	);
 	public function IsProperty($sPropCode)
--- a/core/metamodel.class.php
+++ b/core/metamodel.class.php
@@ -2547,28 +2547,26 @@ abstract class MetaModel
 	/*
 	* Determines wether the target DB is frozen or not
 	* 1 - consider the DB property 'status'
 	* 2 - check the setting 'database_read_only'	
 	*/		
 	public static function DBIsReadOnly()
 	{
-		$sStatus = DBProperty::GetProperty('status', null);
+		// Improvement: check the mySQL variable -> Read-only
-		if (!is_null($sStatus))
+
 		if (UserRights::IsAdministrator())
 		{
-			switch (strtolower(trim($sStatus)))
+			return (!self::DBHasAccess(ACCESS_ADMIN_WRITE));
 			{
 			case 'fullaccess':
 				$ret = false;
 				break;
 			default:
 				$ret = true;
 			}
 		}
 		else
 		{
-			$ret = self::$m_oConfig->Get('database_read_only');
+			return (!self::DBHasAccess(ACCESS_USER_WRITE));
 		}
-		return $ret;
+	}
 	public static function DBHasAccess($iRequested = ACCESS_FULL)
 	{
 		$iMode = self::$m_oConfig->Get('access_mode');
 		if (($iMode & $iRequested) == 0) return false;
 		return true;
 	}
 	protected static function MakeDictEntry($sKey, $sValueFromOldSystem, $sDefaultValue, &$bNotInDico)
--- a/core/userrights.class.inc.php
+++ b/core/userrights.class.inc.php
@@ -110,6 +110,35 @@ abstract class User extends cmdbAbstractObject
 	abstract public function CanChangePassword();
 	abstract public function ChangePassword($sOldPassword, $sNewPassword);
 	/*
 	* Compute a name in best effort mode
 	*/	
 	public function GetFriendlyName()
 	{
 		if (!MetaModel::IsValidAttCode(get_class($this), 'contactid'))
 		{
 			return $this->Get('login');
 		}
 		if ($this->Get('contactid') != 0)
 		{
 			$sFirstName = $this->Get('first_name');
 			$sLastName = $this->Get('last_name');
 			$sEmail = $this->Get('email');
 			if (strlen($sFirstName) > 0)
 			{
 				return "$sFirstName $sLastName";
 			}
 			elseif (strlen($sEmail) > 0)
 			{
 				return "$sLastName <$sEmail>";
 			}
 			else
 			{
 				return $sLastName;
 			}
 		}
 	}
 	/*
 	* Overload the standard behavior
 	*/	
@@ -490,6 +519,24 @@ class UserRights
 		return $oUser->Get('contactid');
 	}
 	// Render the user name in best effort mode
 	public static function GetUserFriendlyName($sName = '')
 	{
 		if (empty($sName))
 		{
 			$oUser = self::$m_oUser;
 		}
 		else
 		{
 			$oUser = FindUser($sName);
 		}
 		if (is_null($oUser))
 		{
 			return '';
 		}
 		return $oUser->GetFriendlyName();
 	}
 	public static function IsImpersonated()
 	{
 		if (is_null(self::$m_oRealUser))
@@ -517,6 +564,15 @@ class UserRights
 		return self::$m_oRealUser->GetKey();
 	}
 	public static function GetRealUserFriendlyName()
 	{
 		if (is_null(self::$m_oRealUser))
 		{
 			return '';
 		}
 		return self::$m_oRealUser->GetFriendlyName();
 	}
 	protected static function CheckLogin()
 	{
 		if (!self::IsLoggedIn())
@@ -551,8 +607,6 @@ class UserRights
 		// When initializing, we need to let everything pass trough
 		if (!self::CheckLogin()) return true;
 		if (self::IsAdministrator($oUser)) return true;
 		if (MetaModel::DBIsReadOnly())
 		{
 			if ($iActionCode == UR_ACTION_MODIFY) return false;
@@ -561,6 +615,8 @@ class UserRights
 			if ($iActionCode == UR_ACTION_BULK_DELETE) return false;
 		}
 		if (self::IsAdministrator($oUser)) return true;
 		if (MetaModel::HasCategory($sClass, 'bizmodel'))
 		{
 			// #@# Temporary?????
@@ -589,8 +645,6 @@ class UserRights
 		// When initializing, we need to let everything pass trough
 		if (!self::CheckLogin()) return true;
 		if (self::IsAdministrator($oUser)) return true;
 		if (MetaModel::DBIsReadOnly())
 		{
 			if ($iActionCode == UR_ACTION_MODIFY) return false;
@@ -599,6 +653,8 @@ class UserRights
 			if ($iActionCode == UR_ACTION_BULK_DELETE) return false;
 		}
 		if (self::IsAdministrator($oUser)) return true;
 		if (MetaModel::HasCategory($sClass, 'bizmodel'))
 		{
 			if (is_null($oUser))
@@ -619,8 +675,6 @@ class UserRights
 		// When initializing, we need to let everything pass trough
 		if (!self::CheckLogin()) return true;
 		if (self::IsAdministrator($oUser)) return true;
 		if (MetaModel::DBIsReadOnly())
 		{
 			if ($iActionCode == UR_ACTION_MODIFY) return false;
@@ -629,6 +683,8 @@ class UserRights
 			if ($iActionCode == UR_ACTION_BULK_DELETE) return false;
 		}
 		if (self::IsAdministrator($oUser)) return true;
 		// this module is forbidden for non admins
 		if (MetaModel::HasCategory($sClass, 'addon/userrights')) return false;
--- a/css/light-grey.css
+++ b/css/light-grey.css
@@ -807,6 +807,14 @@ div#logo div {
 	background: url(../images/banner-bkg.png) repeat-x scroll 0 0 transparent;
 	text-align: right;
 }
 #admin-banner {
 	float: left;
 	margin-top: 2px;
 	padding: 8px;
 	border: 1px solid #c33;
 	background-color: #fee;
 	-moz-border-radius: 0.5em;
 }
 #global-search {
 	height: 55px;
 	float: right;
@@ -908,4 +916,4 @@ span.form_validation {
 	text-align:center;
 	width: 95%;
 	-moz-border-radius: 0.5em;
-}
+}
--- a/dictionaries/de.dictionary.itop.core.php
+++ b/dictionaries/de.dictionary.itop.core.php
@@ -203,7 +203,8 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 // Used by CMDBChangeOp... & derived classes
 Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Change:ObjectCreated' => 'Objekt erstellt',
-	'Change:ObjectDeleted' => 'Objekt erstellt',
+	'Change:ObjectDeleted' => 'Object deleted',
 	'Change:ObjectModified' => 'Object modified',
 	'Change:AttName_SetTo_NewValue_PreviousValue_OldValue' => '%1$s geändert zu %2$s (vorheriger Wert: %3$s)',
 	'Change:Text_AppendedTo_AttName' => '%1$s zugefügt an %2$s',
 	'Change:AttName_Changed_PreviousValue_OldValue' => '%1$s modifiziert, vorheriger Wert: %2$s',
--- a/dictionaries/de.dictionary.itop.ui.php
+++ b/dictionaries/de.dictionary.itop.ui.php
@@ -439,6 +439,12 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'UI:History:User+' => 'Benutzer, der die Änderung durchführte',
 	'UI:History:Changes' => 'Änderungen',
 	'UI:History:Changes+' => 'Änderungen, die am Objekt durchgeführt wurden',
 	'UI:History:StatsCreations' => 'Created',
 	'UI:History:StatsCreations+' => 'Count of objects created',
 	'UI:History:StatsModifs' => 'Modified',
 	'UI:History:StatsModifs+' => 'Count of objects modified',
 	'UI:History:StatsDeletes' => 'Deleted',
 	'UI:History:StatsDeletes+' => 'Count of objects deleted',
 	'UI:Loading' => 'Laden...',
 	'UI:Menu:Actions' => 'Aktionen',
 	'UI:Menu:New' => 'Neu...',
@@ -481,6 +487,8 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'UI:LogOff:ThankYou' => 'Vielen Dank dafür, dass Sie iTop benutzen!',
 	'UI:LogOff:ClickHereToLoginAgain' => 'Klicken Sie hier, um sich wieder anzumelden...',
 	'UI:ChangePwdMenu' => 'Passwort ändern...',
 	'UI:AccessRO-All' => 'iTop is read-only',
 	'UI:AccessRO-Users' => 'iTop is read-only for end-users',
 	'UI:Login:RetypePwdDoesNotMatch' => 'Neues Passwort und das wiederholte Passwort entsprechen nicht überein!',
 	'UI:Button:Login' => 'iTop betreten',
 	'UI:Login:Error:AccessRestricted' => 'Der iTop-Zugang ist gesperrt. Bitte kontaktieren Sie einen iTop-Administrator.',
--- a/dictionaries/dictionary.itop.core.php
+++ b/dictionaries/dictionary.itop.core.php
@@ -203,6 +203,7 @@ Dict::Add('EN US', 'English', 'English', array(
 Dict::Add('EN US', 'English', 'English', array(
 	'Change:ObjectCreated' => 'Object created',
 	'Change:ObjectDeleted' => 'Object deleted',
 	'Change:ObjectModified' => 'Object modified',
 	'Change:AttName_SetTo_NewValue_PreviousValue_OldValue' => '%1$s set to %2$s (previous value: %3$s)',
 	'Change:Text_AppendedTo_AttName' => '%1$s appended to %2$s',
 	'Change:AttName_Changed_PreviousValue_OldValue' => '%1$s modified, previous value: %2$s',
--- a/dictionaries/dictionary.itop.ui.php
+++ b/dictionaries/dictionary.itop.ui.php
@@ -399,12 +399,21 @@ Dict::Add('EN US', 'English', 'English', array(
 	'UI:History:LastModified_On_By' => 'Last modified on %1$s by %2$s.',
 	'UI:HistoryTab' => 'History',
 	'UI:NotificationsTab' => 'Notifications',
 	'UI:History:BulkImports' => 'History',
 	'UI:History:BulkImports+' => 'List of CSV imports (last first)',
 	'UI:History:BulkImportDetails' => 'Changes resulting from the CSV import performed on %1$s (by %2$s)',
 	'UI:History:Date' => 'Date',
 	'UI:History:Date+' => 'Date of the change',
 	'UI:History:User' => 'User',
 	'UI:History:User+' => 'User who made the change',
 	'UI:History:Changes' => 'Changes',
 	'UI:History:Changes+' => 'Changes made to the object',
 	'UI:History:StatsCreations' => 'Created',
 	'UI:History:StatsCreations+' => 'Count of objects created',
 	'UI:History:StatsModifs' => 'Modified',
 	'UI:History:StatsModifs+' => 'Count of objects modified',
 	'UI:History:StatsDeletes' => 'Deleted',
 	'UI:History:StatsDeletes+' => 'Count of objects deleted',
 	'UI:Loading' => 'Loading...',
 	'UI:Menu:Actions' => 'Actions',
 	'UI:Menu:New' => 'New...',
@@ -447,6 +456,8 @@ Dict::Add('EN US', 'English', 'English', array(
 	'UI:LogOff:ThankYou' => 'Thank you for using iTop',
 	'UI:LogOff:ClickHereToLoginAgain' => 'Click here to login again...',
 	'UI:ChangePwdMenu' => 'Change Password...',
 	'UI:AccessRO-All' => 'iTop is read-only',
 	'UI:AccessRO-Users' => 'iTop is read-only for end-users',
 	'UI:Login:RetypePwdDoesNotMatch' => 'New password and retyped new password do not match !',
 	'UI:Button:Login' => 'Enter iTop',
 	'UI:Login:Error:AccessRestricted' => 'iTop access is restricted. Please, contact an iTop administrator.',
--- a/dictionaries/es_cr.dictionary.itop.ui.php
+++ b/dictionaries/es_cr.dictionary.itop.ui.php
@@ -406,12 +406,21 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'UI:NoObject_Class_ToDisplay' => 'No %1$s to display',
 	'UI:History:LastModified_On_By' => 'Last modified on %1$s by %2$s.',
 	'UI:HistoryTab' => 'History',
 	'UI:History:BulkImports' => 'History',
 	'UI:History:BulkImports+' => 'List of CSV imports (last first)',
 	'UI:History:BulkImportDetails' => 'Changes resulting from the CSV import performed on %1$s (by %2$s)',
 	'UI:History:Date' => 'Date',
 	'UI:History:Date+' => 'Date of the change',
 	'UI:History:User' => 'User',
 	'UI:History:User+' => 'User who made the change',
 	'UI:History:Changes' => 'Changes',
 	'UI:History:Changes+' => 'Changes made to the object',
 	'UI:History:StatsCreations' => 'Created',
 	'UI:History:StatsCreations+' => 'Count of objects created',
 	'UI:History:StatsModifs' => 'Modified',
 	'UI:History:StatsModifs+' => 'Count of objects modified',
 	'UI:History:StatsDeletes' => 'Deleted',
 	'UI:History:StatsDeletes+' => 'Count of objects deleted',
 	'UI:Loading' => 'Loading...',
 	'UI:Menu:Actions' => 'Actions',
 	'UI:Menu:New' => 'New...',
@@ -451,6 +460,8 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'UI:Login:IncorrectOldPassword' => 'Error: the old password is incorrect',
 	'UI:LogOffMenu' => 'Log off',
 	'UI:ChangePwdMenu' => 'Change Password...',
 	'UI:AccessRO-All' => 'iTop is read-only',
 	'UI:AccessRO-Users' => 'iTop is read-only for end-users',
 	'UI:Login:RetypePwdDoesNotMatch' => 'New password and retyped new password do not match !',
 	'UI:Button:Login' => 'Enter iTop',
 	'UI:Login:Error:AccessRestricted' => 'iTop access is restricted. Please, contact an iTop administrator.',
--- a/dictionaries/fr.dictionary.itop.core.php
+++ b/dictionaries/fr.dictionary.itop.core.php
@@ -204,6 +204,7 @@ Dict::Add('FR FR', 'French', 'Français', array(
 Dict::Add('FR FR', 'French', 'Français', array(
 	'Change:ObjectCreated' => 'Elément créé',
 	'Change:ObjectDeleted' => 'Elément effacé',
 	'Change:ObjectModified' => 'Elément modifié',
 	'Change:AttName_SetTo_NewValue_PreviousValue_OldValue' => '%1$s modifié en %2$s (ancienne valeur: %3$s)',
 	'Change:Text_AppendedTo_AttName' => '%1$s ajouté à %2$s',
 	'Change:AttName_Changed_PreviousValue_OldValue' => '%1$s modifié, ancienne valeur: %2$s',
--- a/dictionaries/fr.dictionary.itop.ui.php
+++ b/dictionaries/fr.dictionary.itop.ui.php
@@ -400,12 +400,21 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'UI:History:LastModified_On_By' => 'Dernière modification par %2$s le %1$s.',
 	'UI:HistoryTab' => 'Historique',
 	'UI:NotificationsTab' => 'Notifications',
 	'UI:History:BulkImports' => 'Historique',
 	'UI:History:BulkImports+' => 'Liste des imports CSV (le dernier est en haut de la liste)',
 	'UI:History:BulkImportDetails' => 'Changements résultant de l\'import CSV du %1$s (auteur: %2$s)',
 	'UI:History:Date' => 'Date',
 	'UI:History:Date+' => 'Date de modification',
 	'UI:History:User' => 'Utilisateur',
 	'UI:History:User+' => 'Utilisateur qui a fait la modification',
 	'UI:History:Changes' => 'Changements',
 	'UI:History:Changes+' => 'Changements sur cet objet',
 	'UI:History:StatsCreations' => 'Créés',
 	'UI:History:StatsCreations+' => 'Nombre d\'objets créés',
 	'UI:History:StatsModifs' => 'Modifiés',
 	'UI:History:StatsModifs+' => 'Nombre d\'objets modifiés',
 	'UI:History:StatsDeletes' => 'Effacés',
 	'UI:History:StatsDeletes+' => 'Nombre d\'objets effacés',
 	'UI:Loading' => 'Chargement...',
 	'UI:Menu:Actions' => 'Actions',
 	'UI:Menu:New' => 'Créer...',
@@ -448,6 +457,8 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'UI:LogOff:ThankYou' => 'Merci d\'avoir utilisé iTop',
 	'UI:LogOff:ClickHereToLoginAgain' => 'Cliquez ici pour vous reconnecter...',
 	'UI:ChangePwdMenu' => 'Changer de mot de passe...',
 	'UI:AccessRO-All' => 'iTop est en lecture seule',
 	'UI:AccessRO-Users' => 'iTop est en lecture seule pour les utilisateurs finaux',
 	'UI:Login:RetypePwdDoesNotMatch' => 'Les deux saisies du nouveau mot de passe ne sont pas identiques !',
 	'UI:Button:Login' => 'Entrer dans iTop',
 	'UI:Login:Error:AccessRestricted' => 'L\'accès à iTop est soumis à autorisation. Merci de contacter votre administrateur iTop.',
--- a/dictionaries/pt_br.dictionary.itop.ui.php
+++ b/dictionaries/pt_br.dictionary.itop.ui.php
@@ -408,12 +408,19 @@ Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'UI:NoObject_Class_ToDisplay' => 'Nenhum %1$s para mostrar',
 	'UI:History:LastModified_On_By' => 'Ultima modificacao de %1$s por %2$s.',
 	'UI:HistoryTab' => 'Historico',
 	'UI:History:BulkImports' => 'History',
 	'UI:History:BulkImports+' => 'List of CSV imports (last first)',
 	'UI:History:BulkImportDetails' => 'Changes resulting from the CSV import performed on %1$s (by %2$s)',
 	'UI:History:Date' => 'Data',
 	'UI:History:Date+' => 'Data da alteração',
 	'UI:History:User' => 'Usuario',
 	'UI:History:User+' => 'Usuario que fez alteração',
 	'UI:History:Changes' => 'Alterações',
 	'UI:History:Changes+' => 'Alterações feita no objeto',
 	'UI:History:StatsModifs' => 'Modified',
 	'UI:History:StatsModifs+' => 'Count of objects modified',
 	'UI:History:StatsDeletes' => 'Deleted',
 	'UI:History:StatsDeletes+' => 'Count of objects deleted',
 	'UI:Loading' => 'Carregando...',
 	'UI:Menu:Actions' => 'Ações',
 	'UI:Menu:New' => 'Novo...',
@@ -453,6 +460,8 @@ Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'UI:Login:IncorrectOldPassword' => 'Erro: senha incorreta',
 	'UI:LogOffMenu' => 'Sair',
 	'UI:ChangePwdMenu' => 'Alterar senha...',
 	'UI:AccessRO-All' => 'iTop is read-only',
 	'UI:AccessRO-Users' => 'iTop is read-only for end-users',
 	'UI:Login:RetypePwdDoesNotMatch' => 'A nova senha nao confere!',
 	'UI:Button:Login' => 'Enter iTop',
 	'UI:Login:Error:AccessRestricted' => 'iTop accesso restrito. Por favor, contate o suporte.',
--- a/images/locked.png
+++ b/images/locked.png
--- a/images/unlocked.png
+++ b/images/unlocked.png
--- a/modules/authent-local/model.authent-local.php
+++ b/modules/authent-local/model.authent-local.php
@@ -93,14 +93,7 @@ class UserLocal extends UserInternal
 			$this->Set('password', $sNewPassword);
 			$oChange = MetaModel::NewObject("CMDBChange");
 			$oChange->Set("date", time());
-			if (UserRights::IsImpersonated())
+			$sUserString = CMDBChange::GetCurrentUserName();
 			{
 				$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 			}
 			else
 			{
 				$sUserString = UserRights::GetUser();
 			}
 			$oChange->Set("userinfo", $sUserString);
 			$oChange->DBInsert();
 			$this->DBUpdateTracked($oChange, true);
--- a/pages/UI.php
+++ b/pages/UI.php
@@ -130,14 +130,7 @@ function DeleteObjects(WebPage $oP, $sClass, $aObjects, $bDeleteConfirmed)
 		//
 		$oMyChange = MetaModel::NewObject("CMDBChange");
 		$oMyChange->Set("date", time());
-		if (UserRights::IsImpersonated())
+		$sUserString = CMDBChange::GetCurrentUserName();
 		{
 			$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 		}
 		else
 		{
 			$sUserString = UserRights::GetUser();
 		}
 		$oMyChange->Set("userinfo", $sUserString);
 		$oMyChange->DBInsert();
@@ -918,14 +911,7 @@ try
 						$oMyChange = MetaModel::NewObject("CMDBChange");
 						$oMyChange->Set("date", time());
-						if (UserRights::IsImpersonated())
+						$sUserString = CMDBChange::GetCurrentUserName();
 						{
 							$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 						}
 						else
 						{
 							$sUserString = UserRights::GetUser();
 						}
 						$oMyChange->Set("userinfo", $sUserString);
 						$iChangeId = $oMyChange->DBInsert();
 						$oObj->DBUpdateTracked($oMyChange);
@@ -1055,14 +1041,7 @@ try
 			{
 				$oMyChange = MetaModel::NewObject("CMDBChange");
 				$oMyChange->Set("date", time());
-				if (UserRights::IsImpersonated())
+				$sUserString = CMDBChange::GetCurrentUserName();
 				{
 					$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 				}
 				else
 				{
 					$sUserString = UserRights::GetUser();
 				}
 				$oMyChange->Set("userinfo", $sUserString);
 				$iChangeId = $oMyChange->DBInsert();
 				$oObj->DBInsertTracked($oMyChange);
@@ -1111,14 +1090,7 @@ try
 				$sClassLabel = MetaModel::GetName($sClass);
 				$oMyChange = MetaModel::NewObject("CMDBChange");
 				$oMyChange->Set("date", time());
-				if (UserRights::IsImpersonated())
+				$sUserString = CMDBChange::GetCurrentUserName();
 				{
 					$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 				}
 				else
 				{
 					$sUserString = UserRights::GetUser();
 				}
 				$oMyChange->Set("userinfo", $sUserString);
 				$iChangeId = $oMyChange->DBInsert();
 				$oObj->DBInsertTracked($oMyChange);
@@ -1276,14 +1248,7 @@ EOF
 				{
 					$oMyChange = MetaModel::NewObject("CMDBChange");
 					$oMyChange->Set("date", time());
-					if (UserRights::IsImpersonated())
+					$sUserString = CMDBChange::GetCurrentUserName();
 					{
 						$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 					}
 					else
 					{
 						$sUserString = UserRights::GetUser();
 					}
 					$oMyChange->Set("userinfo", $sUserString);
 					$iChangeId = $oMyChange->DBInsert();
 					$oObj->DBUpdateTracked($oMyChange);
@@ -1328,14 +1293,7 @@ EOF
 		$sLinkingAttCode = utils::ReadPostedParam('linking_attcode', '');
 		$oMyChange = MetaModel::NewObject("CMDBChange");
 		$oMyChange->Set("date", time());
-		if (UserRights::IsImpersonated())
+		$sUserString = CMDBChange::GetCurrentUserName();
 		{
 			$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 		}
 		else
 		{
 			$sUserString = UserRights::GetUser();
 		}
 		$oMyChange->Set("userinfo", $sUserString);
 		$iChangeId = $oMyChange->DBInsert();
--- a/pages/ajax.render.php
+++ b/pages/ajax.render.php
@@ -206,6 +206,11 @@ try
 		}
 		break;
 		case 'displayCSVHistory':
 		$bShowAll = (utils::ReadParam('showall', 'false') == 'true');
 		BulkChange::DisplayImportHistory($oPage, true, $bShowAll);
 		break;
 		case 'details':
 		$key = utils::ReadParam('id', 0);
 		$oFilter = new DBObjectSearch($sClass);
--- a/pages/csvimport.php
+++ b/pages/csvimport.php
@@ -35,7 +35,6 @@ try
 	require_once(APPROOT.'/application/loginwebpage.class.inc.php');
 	LoginWebPage::DoLogin(); // Check user rights and prompt if needed
 	$oAppContext = new ApplicationContext();
 	$iStep = utils::ReadParam('step', 1);
 	$oPage = new iTopWebPage(Dict::S('UI:Title:BulkImport'));
@@ -344,14 +343,7 @@ try
 			// We're doing it for real, let's create a change
 			$oMyChange = MetaModel::NewObject("CMDBChange");
 			$oMyChange->Set("date", time());
-			if (UserRights::IsImpersonated())
+			$sUserString = CMDBChange::GetCurrentUserName();
 			{
 				$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 			}
 			else
 			{
 				$sUserString = UserRights::GetUser();
 			}
 			$sUserString .= ' (CSV)';
 			$oMyChange->Set("userinfo", $sUserString);
 			$iChangeId = $oMyChange->DBInsert();		
@@ -1246,7 +1238,7 @@ EOF
 	);
 		$oPage->add_ready_script('DoPreview();');
 	}
-	
+
 	/**
 	 *  Prompt for the data to be loaded (either via a file or a copy/paste)
 	 * @param WebPage $oPage The current web page
@@ -1412,10 +1404,19 @@ $('#select_template_class').change( function() {
 });
 EOF
 	);
 		$oPage->SetCurrentTabContainer('tabs1');
 		$oPage->SetCurrentTab(Dict::S('UI:History:BulkImports'));
 		BulkChange::DisplayImportHistory($oPage);
 	}
 	switch($iStep)
 	{
 		case 10:
 			$iChange = (int)utils::ReadParam('changeid', 0);
 			BulkChange::DisplayImportHistoryDetails($oPage, $iChange);
 			break;
 		case 5:
 			LoadData($oPage);
 			break;
--- a/portal/index.php
+++ b/portal/index.php
@@ -326,14 +326,7 @@ function DoCreateRequest($oP, $oUserOrg)
 	{
 		$oMyChange = MetaModel::NewObject("CMDBChange");
 		$oMyChange->Set("date", time());
-		if (UserRights::IsImpersonated())
+		$sUserString = CMDBChange::GetCurrentUserName();
 		{
 			$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 		}
 		else
 		{
 			$sUserString = UserRights::GetUser();
 		}
 		$oMyChange->Set("userinfo", $sUserString);
 		$iChangeId = $oMyChange->DBInsert();
 		$oRequest->DBInsertTracked($oMyChange);
@@ -622,14 +615,7 @@ function DoCloseRequest($oP, UserRequest $oRequest)
 	{
 		$oMyChange = MetaModel::NewObject("CMDBChange");
 		$oMyChange->Set("date", time());
-		if (UserRights::IsImpersonated())
+		$sUserString = CMDBChange::GetCurrentUserName();
 		{
 			$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 		}
 		else
 		{
 			$sUserString = UserRights::GetUser();
 		}
 		$oMyChange->Set("userinfo", $sUserString);
 		$iChangeId = $oMyChange->DBInsert();
 		$oRequest->DBUpdateTracked($oMyChange);
--- a/webservices/import.php
+++ b/webservices/import.php
@@ -483,14 +483,7 @@ try
 	{
 		$oMyChange = MetaModel::NewObject("CMDBChange");
 		$oMyChange->Set("date", time());
-		if (UserRights::IsImpersonated())
+		$sUserString = CMDBChange::GetCurrentUserName();
 		{
 			$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUser(), UserRights::GetUser());
 		}
 		else
 		{
 			$sUserString = UserRights::GetUser();
 		}
 		if (strlen($sComment) > 0)
 		{
 			$sMoreInfo = 'Web Service (CSV) - '.$sComment;