1 | <?php |
||
2 | |||
3 | use App\Models\DeviceGroup; |
||
4 | use App\Models\User; |
||
5 | |||
6 | $no_refresh = true; |
||
7 | |||
8 | require 'includes/html/javascript-interfacepicker.inc.php'; |
||
9 | |||
10 | echo "<div style='margin: 10px;'>"; |
||
11 | |||
12 | $pagetitle[] = 'Edit user'; |
||
13 | |||
14 | if (! Auth::user()->hasGlobalAdmin()) { |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
15 | include 'includes/html/error-no-perm.inc.php'; |
||
16 | } else { |
||
17 | if ($vars['user_id'] && ! $vars['edit']) { |
||
18 | /** @var User $user */ |
||
19 | $user = User::find($vars['user_id']); |
||
20 | $user_data = $user->toArray(); // for compatibility with current code |
||
21 | |||
22 | echo '<p><h2>' . $user_data['realname'] . '</h2></p>'; |
||
23 | // Perform actions if requested |
||
24 | if ($vars['action'] == 'deldevperm') { |
||
25 | if (dbFetchCell('SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?', [$vars['device_id'], $user_data['user_id']])) { |
||
26 | dbDelete('devices_perms', '`device_id` = ? AND `user_id` = ?', [$vars['device_id'], $user_data['user_id']]); |
||
27 | } |
||
28 | } |
||
29 | |||
30 | if ($vars['action'] == 'adddevperm') { |
||
31 | if (! dbFetchCell('SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?', [$vars['device_id'], $user_data['user_id']])) { |
||
32 | dbInsert(['device_id' => $vars['device_id'], 'user_id' => $user_data['user_id']], 'devices_perms'); |
||
33 | } |
||
34 | } |
||
35 | |||
36 | if ($vars['action'] == 'deldevgroupperm') { |
||
37 | $user->deviceGroups()->detach($vars['device_group_id']); |
||
38 | } |
||
39 | |||
40 | if ($vars['action'] == 'adddevgroupperm') { |
||
41 | $user->deviceGroups()->syncWithoutDetaching($vars['device_group_id']); |
||
42 | } |
||
43 | |||
44 | if ($vars['action'] == 'delifperm') { |
||
45 | if (dbFetchCell('SELECT COUNT(*) FROM ports_perms WHERE `port_id` = ? AND `user_id` = ?', [$vars['port_id'], $user_data['user_id']])) { |
||
46 | dbDelete('ports_perms', '`port_id` = ? AND `user_id` = ?', [$vars['port_id'], $user_data['user_id']]); |
||
47 | } |
||
48 | } |
||
49 | |||
50 | if ($vars['action'] == 'addifperm') { |
||
51 | if (! dbFetchCell('SELECT COUNT(*) FROM ports_perms WHERE `port_id` = ? AND `user_id` = ?', [$vars['port_id'], $user_data['user_id']])) { |
||
52 | dbInsert(['port_id' => $vars['port_id'], 'user_id' => $user_data['user_id']], 'ports_perms'); |
||
53 | } |
||
54 | } |
||
55 | |||
56 | if ($vars['action'] == 'delbillperm') { |
||
57 | if (dbFetchCell('SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?', [$vars['bill_id'], $user_data['user_id']])) { |
||
58 | dbDelete('bill_perms', '`bill_id` = ? AND `user_id` = ?', [$vars['bill_id'], $user_data['user_id']]); |
||
59 | } |
||
60 | } |
||
61 | |||
62 | if ($vars['action'] == 'addbillperm') { |
||
63 | if (! dbFetchCell('SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?', [$vars['bill_id'], $user_data['user_id']])) { |
||
64 | dbInsert(['bill_id' => $vars['bill_id'], 'user_id' => $user_data['user_id']], 'bill_perms'); |
||
65 | } |
||
66 | } |
||
67 | |||
68 | echo '<div class="row"> |
||
69 | <div class="col-md-4">'; |
||
70 | |||
71 | // Display devices this users has access to |
||
72 | echo '<h3>Device Access</h3>'; |
||
73 | |||
74 | echo "<div class='panel panel-default panel-condensed'> |
||
75 | <table class='table table-hover table-condensed table-striped'> |
||
76 | <tr> |
||
77 | <th>Device</th> |
||
78 | <th>Action</th> |
||
79 | </tr>"; |
||
80 | |||
81 | $device_perms = dbFetchRows('SELECT * from devices_perms as P, devices as D WHERE `user_id` = ? AND D.device_id = P.device_id', [$user_data['user_id']]); |
||
82 | foreach ($device_perms as $device_perm) { |
||
83 | echo '<tr><td><strong>' . format_hostname($device_perm) . "</td><td> <a href='edituser/action=deldevperm/user_id=" . $vars['user_id'] . '/device_id=' . $device_perm['device_id'] . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a></strong></td></tr>"; |
||
84 | $access_list[] = $device_perm['device_id']; |
||
85 | $permdone = 'yes'; |
||
86 | } |
||
87 | |||
88 | echo '</table> |
||
89 | </div>'; |
||
90 | |||
91 | if (! $permdone) { |
||
92 | echo 'None Configured'; |
||
93 | } |
||
94 | |||
95 | // Display devices this user doesn't have access to |
||
96 | echo '<h4>Grant access to new device</h4>'; |
||
97 | echo "<form class='form-inline' role='form' method='post' action=''> |
||
98 | " . csrf_field() . " |
||
99 | <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> |
||
100 | <input type='hidden' value='edituser' name='page'> |
||
101 | <input type='hidden' value='adddevperm' name='action'> |
||
102 | <div class='form-group'> |
||
103 | <label class='sr-only' for='device_id'>Device</label> |
||
104 | <select name='device_id' id='device_id' class='form-control'>"; |
||
105 | |||
106 | $devices = dbFetchRows('SELECT * FROM `devices` ORDER BY hostname'); |
||
107 | foreach ($devices as $device) { |
||
108 | unset($done); |
||
109 | foreach ($access_list as $ac) { |
||
110 | if ($ac == $device['device_id']) { |
||
111 | $done = 1; |
||
112 | } |
||
113 | } |
||
114 | |||
115 | if (! $done) { |
||
116 | echo "<option value='" . $device['device_id'] . "'>" . format_hostname($device, $device['hostname']) . '</option>'; |
||
117 | } |
||
118 | } |
||
119 | |||
120 | echo "</select> |
||
121 | </div> |
||
122 | <button type='submit' class='btn btn-default' name='Submit'>Add</button></form>"; |
||
123 | |||
124 | echo '</div> |
||
125 | <div class="col-md-4">'; |
||
126 | |||
127 | // Display devices this users has access to |
||
128 | echo '<h3>Device access via Device Group (beta)</h3>'; |
||
129 | |||
130 | echo "<div class='panel panel-default panel-condensed'> |
||
131 | <table class='table table-hover table-condensed table-striped'> |
||
132 | <tr> |
||
133 | <th>Device Group</th> |
||
134 | <th>Action</th> |
||
135 | </tr>"; |
||
136 | |||
137 | foreach ($user->deviceGroups as $device_group_perm) { |
||
138 | echo '<tr><td><strong>' . $device_group_perm->name . "</td><td> <a href='edituser/action=deldevgroupperm/user_id=" . $user->user_id . '/device_group_id=' . $device_group_perm->id . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a></strong></td></tr>"; |
||
139 | } |
||
140 | |||
141 | echo '</table> |
||
142 | </div>'; |
||
143 | |||
144 | if ($user->deviceGroups->isEmpty()) { |
||
145 | echo 'None Configured'; |
||
146 | } |
||
147 | |||
148 | // Display device groups this user doesn't have access to |
||
149 | echo '<h4>Grant access to new Device Group</h4>'; |
||
150 | $allow_dynamic = \LibreNMS\Config::get('permission.device_group.allow_dynamic'); |
||
151 | if (! $allow_dynamic) { |
||
152 | echo '<i>Dynamic groups are disabled, set permission.device_group.allow_dynamic to enable.</i>'; |
||
153 | } |
||
154 | |||
155 | echo "<form class='form-inline' role='form' method='post' action=''> |
||
156 | " . csrf_field() . " |
||
157 | <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> |
||
158 | <input type='hidden' value='edituser' name='page'> |
||
159 | <input type='hidden' value='adddevgroupperm' name='action'> |
||
160 | <div class='form-group'> |
||
161 | <label class='sr-only' for='device_group_id'>Device</label> |
||
162 | <select name='device_group_id' id='device_group_id' class='form-control'>"; |
||
163 | |||
164 | $device_groups = DeviceGroup::query() |
||
165 | ->whereNotIn('id', $user->deviceGroups->pluck('id')) |
||
166 | ->when(! $allow_dynamic, function ($query) { |
||
167 | return $query->where('type', 'static'); |
||
168 | }) |
||
169 | ->orderBy('name') |
||
170 | ->get(['id', 'name']); |
||
171 | |||
172 | foreach ($device_groups as $group) { |
||
173 | echo '<option value="' . $group->id . '">' . $group->name . '</option>'; |
||
174 | } |
||
175 | |||
176 | echo "</select> |
||
177 | </div> |
||
178 | <button type='submit' class='btn btn-default' name='Submit'>Add</button></form>"; |
||
179 | |||
180 | echo "</div></div> |
||
181 | |||
182 | <div class='row'> |
||
183 | <div class='col-md-4'>"; |
||
184 | echo '<h3>Interface Access</h3>'; |
||
185 | |||
186 | $interface_perms = dbFetchRows('SELECT * from ports_perms as P, ports as I, devices as D WHERE `user_id` = ? AND I.port_id = P.port_id AND D.device_id = I.device_id', [$user_data['user_id']]); |
||
187 | |||
188 | echo "<div class='panel panel-default panel-condensed'> |
||
189 | <table class='table table-hover table-condensed table-striped'> |
||
190 | <tr> |
||
191 | <th>Interface name</th> |
||
192 | <th>Action</th> |
||
193 | </tr>"; |
||
194 | foreach ($interface_perms as $interface_perm) { |
||
195 | echo '<tr> |
||
196 | <td> |
||
197 | <strong>' . $interface_perm['hostname'] . ' - ' . $interface_perm['ifDescr'] . '</strong>' . '' . \LibreNMS\Util\Clean::html($interface_perm['ifAlias'], []) . " |
||
198 | </td> |
||
199 | <td> |
||
200 | <a href='edituser/action=delifperm/user_id=" . $user_data['user_id'] . '/port_id=' . $interface_perm['port_id'] . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a> |
||
201 | </td> |
||
202 | </tr>"; |
||
203 | $ipermdone = 'yes'; |
||
204 | } |
||
205 | |||
206 | echo '</table> |
||
207 | </div>'; |
||
208 | |||
209 | if (! $ipermdone) { |
||
210 | echo 'None Configured'; |
||
211 | } |
||
212 | |||
213 | // Display interfaces this user doesn't have access to |
||
214 | echo '<h4>Grant access to new interface</h4>'; |
||
215 | |||
216 | echo "<form action='' method='post' class='form-horizontal' role='form'> |
||
217 | " . csrf_field() . " |
||
218 | <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> |
||
219 | <input type='hidden' value='edituser' name='page'> |
||
220 | <input type='hidden' value='addifperm' name='action'> |
||
221 | <div class='form-group'> |
||
222 | <label for='device' class='col-sm-2 control-label'>Device: </label> |
||
223 | <div class='col-sm-10'> |
||
224 | <select id='device' class='form-control' name='device' onchange='getInterfaceList(this)'> |
||
225 | <option value=''>Select a device</option>"; |
||
226 | |||
227 | foreach ($devices as $device) { |
||
228 | unset($done); |
||
229 | foreach ($access_list as $ac) { |
||
230 | if ($ac == $device['device_id']) { |
||
231 | $done = 1; |
||
232 | } |
||
233 | } |
||
234 | |||
235 | if (! $done) { |
||
236 | echo "<option value='" . $device['device_id'] . "'>" . format_hostname($device, $device['hostname']) . '</option>'; |
||
237 | } |
||
238 | } |
||
239 | |||
240 | echo "</select> |
||
241 | </div> |
||
242 | </div> |
||
243 | <div class='form-group'> |
||
244 | <label for='port_id' class='col-sm-2 control-label'>Interface: </label> |
||
245 | <div class='col-sm-10'> |
||
246 | <select class='form-control' id='port_id' name='port_id'> |
||
247 | </select> |
||
248 | </div> |
||
249 | </div> |
||
250 | <div class='form-group'> |
||
251 | <div class='col-sm-12'> |
||
252 | <button type='submit' class='btn btn-default' name='Submit' value='Add'>Add</button> |
||
253 | </div> |
||
254 | </div> |
||
255 | </form>"; |
||
256 | |||
257 | echo "</div> |
||
258 | <div class='col-md-4'>"; |
||
259 | echo '<h3>Bill Access</h3>'; |
||
260 | |||
261 | $bill_perms = dbFetchRows('SELECT * from bills AS B, bill_perms AS P WHERE P.user_id = ? AND P.bill_id = B.bill_id', [$user_data['user_id']]); |
||
262 | |||
263 | echo "<div class='panel panel-default panel-condensed'> |
||
264 | <table class='table table-hover table-condensed table-striped'> |
||
265 | <tr> |
||
266 | <th>Bill name</th> |
||
267 | <th>Action</th> |
||
268 | </tr>"; |
||
269 | |||
270 | foreach ($bill_perms as $bill_perm) { |
||
271 | echo '<tr> |
||
272 | <td> |
||
273 | <strong>' . $bill_perm['bill_name'] . "</strong></td><td width=50> <a href='edituser/action=delbillperm/user_id=" . $vars['user_id'] . '/bill_id=' . $bill_perm['bill_id'] . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a> |
||
274 | </td> |
||
275 | </tr>"; |
||
276 | $bill_access_list[] = $bill_perm['bill_id']; |
||
277 | |||
278 | $bpermdone = 'yes'; |
||
279 | } |
||
280 | |||
281 | echo '</table> |
||
282 | </div>'; |
||
283 | |||
284 | if (! $bpermdone) { |
||
285 | echo 'None Configured'; |
||
286 | } |
||
287 | |||
288 | // Display devices this user doesn't have access to |
||
289 | echo '<h4>Grant access to new bill</h4>'; |
||
290 | echo "<form method='post' action='' class='form-inline' role='form'> |
||
291 | " . csrf_field() . " |
||
292 | <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> |
||
293 | <input type='hidden' value='edituser' name='page'> |
||
294 | <input type='hidden' value='addbillperm' name='action'> |
||
295 | <div class='form-group'> |
||
296 | <label class='sr-only' for='bill_id'>Bill</label> |
||
297 | <select name='bill_id' class='form-control' id='bill_id'>"; |
||
298 | |||
299 | $bills = dbFetchRows('SELECT * FROM `bills` ORDER BY `bill_name`'); |
||
300 | foreach ($bills as $bill) { |
||
301 | unset($done); |
||
302 | foreach ($bill_access_list as $ac) { |
||
303 | if ($ac == $bill['bill_id']) { |
||
304 | $done = 1; |
||
305 | } |
||
306 | } |
||
307 | |||
308 | if (! $done) { |
||
309 | echo "<option value='" . $bill['bill_id'] . "'>" . $bill['bill_name'] . '</option>'; |
||
310 | } |
||
311 | } |
||
312 | |||
313 | echo "</select> |
||
314 | </div> |
||
315 | <button type='submit' class='btn btn-default' name='Submit' value='Add'>Add</button> |
||
316 | </form> |
||
317 | </div>"; |
||
318 | } else { |
||
319 | echo '<script>window.location.replace("' . url('users') . '");</script>'; |
||
320 | }//end if |
||
321 | }//end if |
||
322 | |||
323 | echo '</div>'; |
||
324 |