PSTN permissions

Author: phpipam

app/admin/users/edit-result.php

@@ -101,6 +101,7 @@
 				"mailNotify"=>$_POST['mailNotify'],
 				"mailChangelog"=>$_POST['mailChangelog'],
 				"editVlan"=>$_POST['editVlan'],
+				"pstn"=>$_POST['pstn'],
 				"pdns"=>$_POST['pdns']
 				);
 # update pass ?

app/admin/users/edit.php

@@ -11,6 +11,7 @@
 $Database 	= new Database_PDO;
 $User 		= new User ($Database);
 $Admin	 	= new Admin ($Database);
+$Subnets	= new Subnets ($Database);
 $Tools	 	= new Tools ($Database);
 $Result 	= new Result ();
 
@@ -274,7 +275,7 @@
 	<tr>
     	<td><?php print _("VLANs"); ?></td>
     	<td>
-            <input type="checkbox" class="input-switch" value="Yes" name="editVlan" <?php if(@$user->editVlan == "Yes") print 'checked'; ?>>
+            <input type="checkbox" class="input-switch" value="Yes" name="editVlan" <?php if($user['editVlan'] == "Yes") print 'checked'; ?>>
     	</td>
 		<td class="info2"><?php print _('Select to allow user to manage VLANs'); ?></td>
 	</tr>
@@ -284,12 +285,30 @@
 	<tr>
     	<td><?php print _("PowerDNS"); ?></td>
     	<td>
-            <input type="checkbox" class="input-switch" value="Yes" name="pdns" <?php if(@$user->pdns == "Yes") print 'checked'; ?>>
+            <input type="checkbox" class="input-switch" value="Yes" name="pdns" <?php if($user['pdns'] == "Yes") print 'checked'; ?>>
     	</td>
 		<td class="info2"><?php print _('Select to allow user to create DNS records'); ?></td>
 	</tr>
     <?php } ?>
 
+	<!-- pstn -->
+    <?php if ($User->settings->enablePSTN==1) { ?>
+	<tr>
+    	<td><?php print _("PSTN");?></td>
+    	<td>
+        	<select class="form-control input-sm input-w-auto" name="pstn">
+            <?php
+            foreach (array(0,1,2,3) as $p) {
+                $selected = $p==$user['pstn'] ? "selected" : "";
+                print "<option value='$p' $selected>".$Subnets->parse_permissions ($p)."</option>";
+            }
+            ?>
+        	</select>
+    	</td>
+		<td class="info2"><?php print _('Select to allow user to manage PSTN numbers'); ?></td>
+	</tr>
+    <?php } ?>
+
 	<!-- Custom -->
 	<?php
 	if(sizeof($custom) > 0) {

app/admin/users/print-all.php

@@ -41,6 +41,9 @@
     <th><?php print _('PowerDNS'); ?></th>
     <?php } ?>
     <th><?php print _('Manage VLANs'); ?></th>
+    <?php if ($User->settings->enablePSTN==1) { ?>
+    <th><?php print _('PSTN'); ?></th>
+    <?php } ?>
     <th><?php print _('Groups'); ?></th>
     <th><?php print _('Last login'); ?></th>
 	<?php
@@ -97,6 +100,9 @@
      	print "<td><span class='badge badge1 badge5 alert-success'>"._("Yes")."</span></td>";
      	}
      	print "<td><span class='badge badge1 badge5 alert-success'>"._("Yes")."</span></td>";
+    	if ($User->settings->enablePSTN==1) {
+     	print "<td><span class='badge badge1 badge5 alert-success'>"._($Subnets->parse_permissions (3))."</span></td>";
+     	}
 	}
 	else {
     	if ($User->settings->enablePowerDNS==1) {
@@ -118,6 +124,16 @@
     	print "<td>";
     	print $user['editVlan'];
     	print "</td>";
+
+        // pstn
+    	if ($User->settings->enablePSTN==1) {
+         // append badge
+    	$user['pstn'] = $user['pstn']=="No" ? "<span class='badge badge1 badge5 alert-danger'>"._($user['pstn'])."</span>" : "<span class='badge badge1 badge5 alert-success'>"._($Subnets->parse_permissions ($user['pstn']))."</span>";
+
+    	print "<td>";
+    	print $user['pstn'];
+    	print "</td>";
+    	}
 	}
 
 	# groups

app/admin/users/print-user.php

@@ -47,6 +47,28 @@
 	<td><?php print _('Language'); ?></td>
 	<td><?php print $language->l_name; ?></td>
 </tr>
+<?php if ($User->settings->enablePowerDNS==1) { ?>
+<tr>
+    <?php
+    $user->pdns = $user->pdns=="Yes"||$user->role=="Administrator" ? "Yes" : "No";
+    ?>
+	<td><?php print _('PowerDNS'); ?></td>
+	<td><?php print $user->pdns; ?></td>
+</tr>
+<?php } ?>
+<tr>
+    <?php
+    $user->editVlan = $user->editVlan=="Yes"||$user->role=="Administrator" ? "Yes" : "No";
+    ?>
+	<td><?php print _('Manage VLANs'); ?></td>
+	<td><?php print $user->editVlan; ?></td>
+</tr>
+<?php if ($User->settings->enablePSTN==1) { ?>
+<tr>
+	<td><?php print _('PSTN'); ?></td>
+	<td><?php print $Subnets->parse_permissions ($user->pstn); ?></td>
+</tr>
+<?php } ?>
 <tr>
 	<td></td>
 	<td>

app/tools/devices/device-details/device-pstn.php

@@ -114,7 +114,7 @@
     	    }
 
     		# set permission
-    		$permission = $Tools->check_prefix_permission ($User->user, $sp->id);
+    		$permission = $Tools->check_prefix_permission ($User->user);
 
     		print "	<td class='actions' style='padding:0px;'>";
     		print "	<div class='btn-group'>";

app/tools/pstn-prefixes/all-prefixes.php

@@ -25,7 +25,7 @@
     # fetch all locations
     $all_prefixes = $Tools->fetch_all_prefixes();
 
-    $colspan = $admin ? 8 : 7;
+    $colspan = $admin||$User->user->pstn==3 ? 9 : 8;
 
     // table
     print "<table id='manageSubnets' class='table sorted table-striped table-top table-td-top'>";
@@ -47,7 +47,6 @@
 			}
 		}
 	}
-    if($admin)
     print " <th style='width:80px'></th>";
     print "</tr>";
     print "</thead>";
@@ -63,7 +62,14 @@
     else {
 
         $html = $Tools->print_menu_prefixes ( $User->user, $all_prefixes, $custom );
+        if($html!==false)
         print implode("\n", $html);
+
+        else {
+            print "<tr>";
+            print " <td colspan='$colspan'>".$Result->show("info","No PSTN prefixes available", false, false, true)."</td>";
+            print "</tr>";
+        }
     }
     print "</tbody>";
     print "</table>";

app/tools/pstn-prefixes/edit-number-result.php

@@ -6,7 +6,7 @@
 # initialize user object
 $Database 	= new Database_PDO;
 $User 		= new User ($Database);
-$Admin	 	= new Admin ($Database);
+$Admin	 	= new Admin ($Database, false);
 $Tools	 	= new Tools ($Database);
 $Result 	= new Result ();
 
@@ -16,6 +16,9 @@
 # strip input tags
 $_POST = $Admin->strip_input_tags($_POST);
 
+# check permissions
+if($Tools->check_prefix_permission ($User->user) <2)   { $Result->show("danger", _('You do not have permission to manage PSTN numbers'), true, true); }
+
 # validate csrf cookie
 $User->csrf_cookie ("validate", "pstn_number", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
 
@@ -37,6 +40,7 @@
     if($prefix===false)                                                 { $Result->show("danger",  _("Invalid prefix"), true); }
 
     // duplicate check
+    if($_POST['action']=="add")
     if ($Tools->check_number_duplicates ($prefix->id, $_POST['number'])){ $Result->show("danger",  _("Duplicate number"), true); }
 
     // ranges

app/tools/pstn-prefixes/edit-number.php

@@ -10,7 +10,7 @@
 # initialize user object
 $Database 	= new Database_PDO;
 $User 		= new User ($Database);
-$Admin	 	= new Admin ($Database);
+$Admin	 	= new Admin ($Database, false);
 $Tools	 	= new Tools ($Database);
 $Addresses	= new Addresses ($Database);
 $Result 	= new Result ();
@@ -21,6 +21,9 @@
 # create csrf token
 $csrf = $User->csrf_cookie ("create", "pstn_number");
 
+# check permissions
+if($Tools->check_prefix_permission ($User->user) < 2)   { $Result->show("danger", _('You do not have permission to manage PSTN numbers'), true, true); }
+
 # get Location object
 if($_POST['action']!="add") {
 	$number = $Admin->fetch_object ("pstnNumbers", "id", $_POST['id']);

app/tools/pstn-prefixes/edit-result.php

@@ -6,7 +6,7 @@
 # initialize user object
 $Database 	= new Database_PDO;
 $User 		= new User ($Database);
-$Admin	 	= new Admin ($Database);
+$Admin	 	= new Admin ($Database, false);
 $Tools	 	= new Tools ($Database);
 $Result 	= new Result ();
 
@@ -16,6 +16,9 @@
 # strip input tags
 $_POST = $Admin->strip_input_tags($_POST);
 
+# check permissions
+if($Tools->check_prefix_permission ($User->user) <3)   { $Result->show("danger", _('You do not have permission to manage PSTN prefixes'), true); }
+
 # validate csrf cookie
 $User->csrf_cookie ("validate", "pstn", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : "";
 

app/tools/pstn-prefixes/edit.php

@@ -10,7 +10,7 @@
 # initialize user object
 $Database 	= new Database_PDO;
 $User 		= new User ($Database);
-$Admin	 	= new Admin ($Database);
+$Admin	 	= new Admin ($Database, false);
 $Tools	 	= new Tools ($Database);
 $Result 	= new Result ();
 
@@ -20,6 +20,9 @@
 # create csrf token
 $csrf = $User->csrf_cookie ("create", "pstn");
 
+# check permissions
+if($Tools->check_prefix_permission ($User->user) < 3)   { $Result->show("danger", _('You do not have permission to manage PSTN prefixes'), true, true); }
+
 # get Location object
 if($_POST['action']!="add") {
 	$prefix = $Admin->fetch_object ("pstnPrefixes", "id", $_POST['id']);

app/tools/pstn-prefixes/single-prefix-slaves-list.php

@@ -125,7 +125,7 @@
     	    }
 
     		# set permission
-    		$permission = $Tools->check_prefix_permission ($User->user, $sp->id);
+    		$permission = $Tools->check_prefix_permission ($User->user);
 
     		print "	<td class='actions' style='padding:0px;'>";
     		print "	<div class='btn-group'>";

app/tools/pstn-prefixes/single-prefix-slaves.php

@@ -35,7 +35,7 @@
         }
         else {
             # set permission
-            $permission = $Tools->check_prefix_permission ($User->user, $prefix->id);
+            $permission = $Tools->check_prefix_permission ($User->user);
 
             # raw prefix number
             $prefix->prefix_raw = $Tools->prefix_normalize ($prefix->prefix);

app/tools/pstn-prefixes/single-prefix.php

@@ -31,7 +31,7 @@
         else {
 
             # set permission
-            $permission = $Tools->check_prefix_permission ($User->user, $prefix->id);
+            $permission = $Tools->check_prefix_permission ($User->user);
 
             # raw prefix number
             $prefix->prefix_raw = $Tools->prefix_normalize ($prefix->prefix);

functions/classes/class.Tools.php

@@ -2089,47 +2089,8 @@ public function check_number_duplicates ($prefix = false, $number = false) {
 	 * @param int $subnetId
 	 * @return void
 	 */
-	public function check_prefix_permission ($user, $prefix_id) {
-
-		# get all user groups
-		$groups = json_decode($user->groups, true);
-
-		# if user is admin then return 3, otherwise check
-		if($user->role == "Administrator")	{ return 3; }
-
-		# set subnet permissions
-		$prefix  = $this->fetch_object ("pstnPrefixes", "id", $prefix_id);
-		if($prefix===false)	return 0;
-		//null?
-		if(is_null($prefix->permissions) || $prefix->permissions=="null")	return 0;
-		$subnetP = json_decode(@$prefix->permissions);
-
-		# set section permissions
-		$Section = new Sections ($this->Database);
-		$section = $Section->fetch_section ("id", $subnet->sectionId);
-		$sectionP = json_decode($section->permissions);
-
-		# if section permission == 0 then return 0
-		if($out == 0) {
-			return 0;
-		}
-		else {
-			$out = 0;
-			# ok, user has section access, check also for any higher access from subnet
-			if(sizeof($subnetP) > 0) {
-				foreach($subnetP as $sk=>$sp) {
-					# check each group if user is in it and if so check for permissions for that group
-					foreach($groups as $uk=>$up) {
-						if($uk == $sk) {
-							if($sp > $out) { $out = $sp; }
-						}
-					}
-				}
-			}
-		}
-
-		# return result
-		return $out;
+	public function check_prefix_permission ($user) {
+        return $user->role=="Administrator" ? 3 : $user->pstn;
 	}
 
 	/**
@@ -2156,7 +2117,7 @@ public function print_menu_prefixes ( $user, $prefixes, $custom_fields ) {
 		# remove all not permitted!
 		if(sizeof($prefixes)>0) {
 		foreach($prefixes as $k=>$s) {
-			$permission = $this->check_prefix_permission ($user, $s->id);
+			$permission = $this->check_prefix_permission ($user);
 			if($permission == 0) { unset($prefixes[$k]); }
 		}
 		}
@@ -2296,12 +2257,12 @@ public function print_menu_prefixes ( $user, $prefixes, $custom_fields ) {
 			    }
 
 				# set permission
-				$permission = $this->check_prefix_permission ($user, $option['value']['id']);
+				$permission = $this->check_prefix_permission ($user);
 
 				$html[] = "	<td class='actions' style='padding:0px;'>";
 				$html[] = "	<div class='btn-group'>";
 
-				if($permission>1) {
+				if($permission>2) {
 					$html[] = "		<button class='btn btn-xs btn-default editPSTN' data-action='edit'   data-id='".$option['value']['id']."'><i class='fa fa-pencil'></i></button>";
 					$html[] = "		<button class='btn btn-xs btn-default editPSTN' data-action='delete' data-id='".$option['value']['id']."'><i class='fa fa-times'></i></button>";
 				}

functions/version.php

@@ -2,7 +2,7 @@
 /* set latest version */
 define("VERSION", "1.24");									//version changes if database structure changes
 /* set latest revision */
-define("REVISION", "10");									//revision always changes, verision only if database structure changes
+define("REVISION", "11");									//revision always changes, verision only if database structure changes
 /* set last possible upgrade */
 define("LAST_POSSIBLE", "1.1");								//minimum required version to be able to upgrade
 ?>

misc/CHANGELOG

@@ -1,4 +1,4 @@
-== 1.24.00
+== 1.24.11
 
     New features:
     ------------
@@ -68,6 +68,7 @@
     ----------------------------
     + PowerDNS regenerate PTR records now only updates current subnet (before whole zone);
     + Fixed visual bug on 32-bit systems;
+    + Normal users with RWA permissions can scan subnets;
     + Changed default timestamp from 0000-00-00 00:00:00 to 1970-01-01 00:00:01 to avoid SQL install errors if strict mode;
 
 == 1.20.1