diff options
| author | Simon Rettberg | 2019-08-01 15:09:32 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2019-08-01 15:09:32 +0200 |
| commit | 2dbe5a86b26f118e8ce717fcaedfc3ae52b1b06c (patch) | |
| tree | 373b51f3e05d44f3b7e08733eb6e1eeb7ea501d6 | |
| parent | [permissionmanager] Implement caching for permission checks (diff) | |
| download | slx-admin-2dbe5a86b26f118e8ce717fcaedfc3ae52b1b06c.tar.gz slx-admin-2dbe5a86b26f118e8ce717fcaedfc3ae52b1b06c.tar.xz slx-admin-2dbe5a86b26f118e8ce717fcaedfc3ae52b1b06c.zip | |
[roomplanner] Search only returns clients allowed in that room
Don't return clients that wouldn't be allowed to be assigned to that
location according to the rules in the Location class.
| -rw-r--r-- | modules-available/roomplanner/clientscript.js | 2 | ||||
| -rw-r--r-- | modules-available/roomplanner/page.inc.php | 10 |
2 files changed, 9 insertions, 3 deletions
diff --git a/modules-available/roomplanner/clientscript.js b/modules-available/roomplanner/clientscript.js index 823c212a..48311a09 100644 --- a/modules-available/roomplanner/clientscript.js +++ b/modules-available/roomplanner/clientscript.js @@ -83,7 +83,7 @@ function loadMachines(query, callback) { } } $.ajax({ - url: '?do=roomplanner&action=getmachines&query=' + encodeURIComponent(query), + url: '?do=roomplanner&action=getmachines&query=' + encodeURIComponent(query) + '&locationid=' + locationId, type: 'GET', dataType: 'json', error: function() { diff --git a/modules-available/roomplanner/page.inc.php b/modules-available/roomplanner/page.inc.php index d22c0054..52ad34f3 100644 --- a/modules-available/roomplanner/page.inc.php +++ b/modules-available/roomplanner/page.inc.php @@ -168,6 +168,7 @@ class Page_Roomplanner extends Page die('{"machines":[]}'); } + $roomLocationId = Request::any('locationid', 0, 'int'); $query = Request::get('query', false, 'string'); $aquery = preg_replace('/[^\x01-\x7f]+/', '%', $query); if (strlen(str_replace('%', '', $aquery)) < 2) { @@ -179,21 +180,26 @@ class Page_Roomplanner extends Page $condition .= ' OR locationid IS NULL'; } - $result = Database::simpleQuery("SELECT machineuuid, macaddr, clientip, hostname, fixedlocationid + $result = Database::simpleQuery("SELECT machineuuid, macaddr, clientip, hostname, fixedlocationid, subnetlocationid FROM machine WHERE ($condition) AND machineuuid LIKE :aquery OR macaddr LIKE :aquery OR clientip LIKE :aquery OR hostname LIKE :query - LIMIT 100", ['query' => "%$query%", 'aquery' => "%$aquery%", 'locations' => $locations]); + LIMIT 500", ['query' => "%$query%", 'aquery' => "%$aquery%", 'locations' => $locations]); $returnObject = ['machines' => []]; while ($row = $result->fetch(PDO::FETCH_ASSOC)) { + error_log("$roomLocationId, {$row['subnetlocationid']}"); + if (!Location::isFixedLocationValid($roomLocationId, $row['subnetlocationid'])) + continue; if (empty($row['hostname'])) { $row['hostname'] = $row['clientip']; } $returnObject['machines'][] = $row; + if (count($returnObject['machines']) > 100) + break; } echo json_encode($returnObject); } elseif ($this->action === 'save') { |