From 709fda0b268ed04898e123497f64c168134124c3 Mon Sep 17 00:00:00 2001 From: "amarildo.pereira" Date: Tue, 1 Nov 2022 13:03:59 -0300 Subject: [PATCH] =?UTF-8?q?Altera=C3=A7=C3=A3o=20na=20configura=C3=A7?= =?UTF-8?q?=C3=A3o=20dos=20grupos,=20agora=20usuario=20que=20estiver=20no?= =?UTF-8?q?=20grupo=20administrador=20podera=20incluir=20e=20remover=20usu?= =?UTF-8?q?arios=20de=20grupos,=20mesmo=20que=20ele=20nao=20perten=C3=A7a?= =?UTF-8?q?=20ao=20grupo=20em=20quest=C3=A3o.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- checaSessao.php | 2 +- dashboard.php | 2 +- include/util/AbstractDashboard.php | 2 +- include/util/funcoesApl.php | 7 +++++-- projeto/base/sql/versao-1.7.11.4.sql | 5 +++++ seguranca/grupos/grupoSelect.php | 14 +++++++++++--- seguranca/grupos/gruposUsuario.php | 8 ++++++-- 7 files changed, 30 insertions(+), 10 deletions(-) create mode 100644 projeto/base/sql/versao-1.7.11.4.sql diff --git a/checaSessao.php b/checaSessao.php index 951bc69e..087d3fb5 100644 --- a/checaSessao.php +++ b/checaSessao.php @@ -47,7 +47,7 @@ if(strtoupper($_SESSION["SSaut"]) == "OK" && !$_SESSION["SSTermoUsoPrivacidade"] $_SESSION["primAcesso"] ++; } - $idProg = IsUserAdmin() || IsSuper() ? $idProg : ($idProg == PAGINA_SUPERVISOR ? PAGINA_AGENTE_INI : $idProg); + $idProg = IsAdmin() || IsSuper() ? $idProg : ($idProg == PAGINA_SUPERVISOR ? PAGINA_AGENTE_INI : $idProg); /* * libera variaveis de sessao usadas nos relatorios */ diff --git a/dashboard.php b/dashboard.php index dfbf2d8a..9b048b02 100644 --- a/dashboard.php +++ b/dashboard.php @@ -58,7 +58,7 @@ $smarty->assign('agentes', $agentes); $isAgente = $dashboard->getIsAgente(); $smarty->assign('isAgente', $isAgente); $smarty->assign('podePublicar', false); -$smarty->assign('podePublicarAjax', (!$isAgente && IsUserAdmin())); +$smarty->assign('podePublicarAjax', (!$isAgente && IsAdmin())); $smarty->assign('publicacoes', $publicacoes); $smarty->assign('styleLayout', 'width: 85%; height: 100%;'); diff --git a/include/util/AbstractDashboard.php b/include/util/AbstractDashboard.php index 23146309..eba84d59 100644 --- a/include/util/AbstractDashboard.php +++ b/include/util/AbstractDashboard.php @@ -368,7 +368,7 @@ HTML; $commit = pg_query($dbcon, "commit"); } else { $msg = "N�o foi poss�vel publicar no mural."; - if (isset($_SESSION['DEBUG']) && intval($_SESSION['DEBUG']) === 1 && IsUserAdmin()) { + if (isset($_SESSION['DEBUG']) && intval($_SESSION['DEBUG']) === 1 && IsAdmin()) { $msg .= "Erro: " . pg_last_error($dbcon); } $rollback = pg_query($dbcon, "rollback"); diff --git a/include/util/funcoesApl.php b/include/util/funcoesApl.php index bd4320bd..c999274e 100644 --- a/include/util/funcoesApl.php +++ b/include/util/funcoesApl.php @@ -556,7 +556,10 @@ function IsSuper() { } function IsUserAdmin() { - return IsAdmin(); + $query = sprintf("select count(*) from pbx_grupo_usuario where gp_id = (select gp_id from pbx_grupo where gp_nome = 'ADMINISTRADOR') and user_id = '%s'", GetIdUser()); + $result = @pg_query($query); + $row = @pg_fetch_row($result); + return $row[0] ? true : false; } function IsAdmin() { @@ -4425,7 +4428,7 @@ function PodePublicarMural($idProg, $info) { global $dbcon; $isPopup = (getRequest('window', INPUT_GET)); $naoPublicarPelasPaginas = [14, 6]; - $podePublicar = (IsLogado() && (IsUserAdmin() || IsSuper()) && VerificaPerfilAcesso($dbcon, 6, $info)); + $podePublicar = (IsLogado() && (IsAdmin() || IsSuper()) && VerificaPerfilAcesso($dbcon, 6, $info)); if (in_array($idProg, $naoPublicarPelasPaginas) || ($isPopup !== null)) { $podePublicar = false; } diff --git a/projeto/base/sql/versao-1.7.11.4.sql b/projeto/base/sql/versao-1.7.11.4.sql new file mode 100644 index 00000000..8b22c5ba --- /dev/null +++ b/projeto/base/sql/versao-1.7.11.4.sql @@ -0,0 +1,5 @@ +/* + * Inclui o administrador em todos os grupos + */ +insert into pbx_grupo_usuario(user_id, gp_id) +select (select id from pbx_usuarios where apelido = 'administrador') as user_id, gp_id from pbx_grupo a where user_id = 0 and not exists(select '' from pbx_grupo_usuario where gp_id = a.gp_id and user_id = (select id from pbx_usuarios where apelido = 'administrador')) diff --git a/seguranca/grupos/grupoSelect.php b/seguranca/grupos/grupoSelect.php index 5c562b4e..a601e7c4 100644 --- a/seguranca/grupos/grupoSelect.php +++ b/seguranca/grupos/grupoSelect.php @@ -30,7 +30,16 @@ $recontaPag = ($acao == 'inseri') || (GetFormAcao() == FORM_DELETE) || isset($_P * os grupos ao qual o mesmo pertence */ $gpCompl = ""; -if (!IsAdmin()) { +$permissoesAdmin = ''; +if (IsUserAdmin()) { + /* + * Usuario que esta no grupo administraor vai ter a mesma visibilidade do administrador, + * sem a necessidade de estar em outros grupos diretamente o que evita o bloqueio de audio. + */ + $idUser = GetIdUser(); + $gpCompl = " and gp_id in( select gp_id from pbx_grupo_usuario where user_id = (select id FROM pbx_usuarios where apelido = 'administrador'))"; + $permissoesAdmin = "\nunion\nselect gp_id, gp_nome, gp_status, user_id, 1 as gp_lgpd, case when(user_id = 0)then 0 else 1 end as ord from pbx_grupo a where user_id > '0'\n"; +} else if (!IsAdmin()) { $idUser = GetIdUser(); $gpCompl = " and gp_id in( select gp_id from pbx_grupo_usuario where user_id = $idUser)"; } @@ -48,7 +57,6 @@ if (VerificaPerfilAcesso($dbcon, GetIdProgFromNomeMenu('mnLgpdAdm'))) { $liberaLgpd = "\nunion\nselect gp_id, gp_nome, gp_status, user_id, 1 as gp_lgpd, case when(user_id = 0)then 0 else 1 end as ord from pbx_grupo a where gp_nome ilike 'LGPD_%_%_%'\n"; } - $acessoAudio = VerificaPerfilAcesso($dbcon, GetIdProgFromNomeArq('audio.php')); $colspan = $acessoAudio ? 6 : 5; @@ -59,7 +67,7 @@ if (isset($_REQUEST['paramPesquisa']) && $_REQUEST['paramPesquisa']) { } $query = "select gp_id, gp_nome, gp_status, user_id, 0 as gp_lgpd, case when(user_id = 0)then 0 else 1 end as ord from pbx_grupo a\n"; -$query .= "where a.gp_nome <> 'SincContaSenha' $compl $gpCompl $restringLgpd $liberaLgpd order by 5, gp_nome"; +$query .= "where a.gp_nome <> 'SincContaSenha' $compl $gpCompl $restringLgpd $liberaLgpd $permissoesAdmin order by 5, gp_nome"; $params = "¶mPesquisa=$filtro"; $links = PaginaDados($idProg, $query, $params, $regPagina, $offSet, $pagMostra, true); diff --git a/seguranca/grupos/gruposUsuario.php b/seguranca/grupos/gruposUsuario.php index 204982b5..bb25643a 100644 --- a/seguranca/grupos/gruposUsuario.php +++ b/seguranca/grupos/gruposUsuario.php @@ -74,9 +74,13 @@ if (isset($fieldsForm['btIncAgente'])) { $userAdmin = IsAdmin() ? 1 : 0; $cont = 0; foreach ($fieldsForm['user_inc'] as $idUser) { - $query = "delete from pbx_grupo_usuario where user_id = '%s' and gp_id = '%s' and not exists(select * from pbx_grupo where gp_id = '%s' and gp_user = case when(%s=0)then '%s' else -1 end)"; + $query = "delete from pbx_grupo_usuario" + . "\nwhere user_id = '%s'" + . "\nand gp_id = '%s'" + . "\nand user_id <> (select id from pbx_usuarios where apelido = 'administrador')" // Não permite remover o administrador. + . "and not exists(select '' from pbx_grupo where gp_id = '%s' and gp_user = case when(%s=0)then '%s' else -1 end)\n"; //Nao permite o usuario remover o pai do grupo(quem criou). $query = sprintf($query, $idUser, $fieldsForm['gp_id'], $fieldsForm['gp_id'], $userAdmin, $idUser); - + $result = @pg_query($dbcon, $query); if (!$result) break;