View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 707 | RackTables | default | public | 2013-01-02 13:24 | 2013-03-02 23:13 |
| Reporter | blaza-pl | Assigned To | adoom42 | ||
| Priority | low | Severity | tweak | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 0.20.3 | ||||
| Target Version | 0.20.4 | Fixed in Version | 0.20.4 | ||
| Summary | 707: Hide conrols in Cacti tab when user has no permissions | ||||
| Description | When user has no permissions to add/delete Cacti graphs but has permissions to the Cacti tab he should not see the control buttons and forms. | ||||
| Steps To Reproduce | Create a user that cat access the Cacti tab but cannot add or delete graphs: deny {cacti_user} and ({$op_del} or {$op_add}) allow {cacti_user} and {$tab_cacti} Login as Cacti user and go to cacti tab. | ||||
| Additional Information | I have created a patch to hide the controls when user doesn/t have permissions. | ||||
| Tags | No tags attached. | ||||
| Attached Files | cacti-perms.patch (2,138 bytes)
--- ../RackTables-0.20.3/wwwroot/inc/interface.php 2012-12-19 17:30:47.000000000 +0100
+++ /var/www/racktables/inc/interface.php 2013-01-02 13:13:47.421506476 +0100
@@ -8564,7 +8564,7 @@
foreach ($servers as $server)
$options[$server['id']] = "${server['id']}: ${server['base_url']}";
startPortlet ('Cacti Graphs');
- if (getConfigVar ('ADDNEW_AT_TOP') == 'yes')
+ if (getConfigVar ('ADDNEW_AT_TOP') == 'yes' && permitted('object','cacti','add'))
printNewItemTR ($options);
echo "<table cellspacing=\"0\" cellpadding=\"10\" align=\"center\" width=\"50%\">";
foreach (getCactiGraphsForObject ($object_id) as $graph_id => $graph)
@@ -8573,14 +8573,19 @@
$text = "(graph ${graph_id} on server ${graph['server_id']})";
echo "<tr><td>";
echo "<a href='${cacti_url}/graph.php?action=view&local_graph_id=${graph_id}&rra_id=all' target='_blank'>";
- echo "<img src='index.php?module=image&img=cactigraph&object_id=${object_id}&server_id=${graph['server_id']}&graph_id=${graph_id}' alt='${text}' title='${text}'></a></td>";
- echo "<td><a href='" . makeHrefProcess (array ('op' => 'del', 'server_id' => $graph['server_id'], 'graph_id' => $graph_id));
- echo "' onclick=\"javascript:return confirm('Are you sure you want to delete the graph?')\">";
- echo getImageHREF ('Cut', 'Unlink graph') . "</a> ${graph['caption']}";
+ echo "<img src='index.php?module=image&img=cactigraph&object_id=${object_id}&server_id=${graph['server_id']}&graph_id=${graph_id}' alt='${text}' title='${text}'></a></td><td>";
+ if(permitted('object','cacti','del'))
+ {
+ echo "<a href='" . makeHrefProcess (array ('op' => 'del', 'server_id' => $graph['server_id'], 'graph_id' => $graph_id));
+ echo "' onclick=\"javascript:return confirm('Are you sure you want to delete the graph?')\">";
+ echo getImageHREF ('Cut', 'Unlink graph') . "</a>";
+ }
+ echo " ${graph['caption']}";
+
echo "</td></tr>";
}
echo '</table>';
- if (getConfigVar ('ADDNEW_AT_TOP') != 'yes')
+ if (getConfigVar ('ADDNEW_AT_TOP') != 'yes' && permitted('object','cacti','add'))
printNewItemTR ($options);
finishPortlet ();
}
| ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2013-01-02 13:24 | blaza-pl | New Issue | |
| 2013-01-02 13:24 | blaza-pl | File Added: cacti-perms.patch | |
| 2013-03-02 23:13 | adoom42 | Note Added: 0001185 | |
| 2013-03-02 23:13 | adoom42 | Assigned To | => adoom42 |
| 2013-03-02 23:13 | adoom42 | Status | new => closed |
| 2013-03-02 23:13 | adoom42 | Resolution | open => fixed |
| 2013-03-02 23:13 | adoom42 | Fixed in Version | => 0.20.4 |
| 2013-03-02 23:13 | adoom42 | Target Version | => 0.20.4 |
