summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorUdo Walter2018-01-18 17:54:13 +0100
committerUdo Walter2018-01-18 17:54:13 +0100
commit734c493dc1e416ee188ad121033b7856e8259816 (patch)
tree6b28d6606a9bd960bf5f9d2b44ec60c46a7c4696
parent[minilinux] implemented permission-system. you can't see the side without any... (diff)
downloadslx-admin-734c493dc1e416ee188ad121033b7856e8259816.tar.gz
slx-admin-734c493dc1e416ee188ad121033b7856e8259816.tar.xz
slx-admin-734c493dc1e416ee188ad121033b7856e8259816.zip
[statistics] added permissions to view client logs;
removed unused query arguments from Paginate::exec (caused an error if query arguments that are actually used in the query are passed to Paginate::exec)
-rw-r--r--inc/paginate.inc.php2
-rw-r--r--modules-available/syslog/lang/de/permissions.json3
-rw-r--r--modules-available/syslog/lang/en/permissions.json3
-rw-r--r--modules-available/syslog/page.inc.php26
-rw-r--r--modules-available/syslog/permissions/permissions.json3
-rw-r--r--modules-available/syslog/templates/heading.html1
-rw-r--r--modules-available/syslog/templates/page-syslog.html1
7 files changed, 33 insertions, 6 deletions
diff --git a/inc/paginate.inc.php b/inc/paginate.inc.php
index cdb4adf1..b212e252 100644
--- a/inc/paginate.inc.php
+++ b/inc/paginate.inc.php
@@ -65,8 +65,6 @@ class Paginate
$countQuery = preg_replace('/ORDER\s+BY\s.*?(\sASC|\sDESC|$)/is', '', $this->query);
$countQuery = preg_replace('/SELECT\s.*?\sFROM\s/is', 'SELECT Count(*) AS rowcount FROM ', $countQuery);
$countRes = Database::queryFirst($countQuery, $args);
- $args['limit_start'] = $this->currentPage;
- $args['limit_count'] = $this->perPage;
$query = $this->query . ' LIMIT ' . ($this->currentPage * $this->perPage) . ', ' . $this->perPage;
$retval = Database::simpleQuery($query, $args);
$this->totalRows = (int)$countRes['rowcount'];
diff --git a/modules-available/syslog/lang/de/permissions.json b/modules-available/syslog/lang/de/permissions.json
new file mode 100644
index 00000000..0cd05451
--- /dev/null
+++ b/modules-available/syslog/lang/de/permissions.json
@@ -0,0 +1,3 @@
+{
+ "view": "Client Log anschauen."
+} \ No newline at end of file
diff --git a/modules-available/syslog/lang/en/permissions.json b/modules-available/syslog/lang/en/permissions.json
new file mode 100644
index 00000000..497e199e
--- /dev/null
+++ b/modules-available/syslog/lang/en/permissions.json
@@ -0,0 +1,3 @@
+{
+ "view": "View client log."
+} \ No newline at end of file
diff --git a/modules-available/syslog/page.inc.php b/modules-available/syslog/page.inc.php
index c679877a..a34ceb53 100644
--- a/modules-available/syslog/page.inc.php
+++ b/modules-available/syslog/page.inc.php
@@ -15,6 +15,13 @@ class Page_SysLog extends Page
protected function doRender()
{
+ Render::addTemplate("heading");
+
+ if (!User::hasPermission("view")) {
+ Message::addError('main.no-permission');
+ return;
+ }
+
$cutoff = strtotime('-1 month');
$res = Database::simpleQuery("SELECT logtypeid, Count(*) AS counter FROM clientlog WHERE dateline > $cutoff GROUP BY logtypeid ORDER BY counter ASC");
$types = array();
@@ -55,11 +62,24 @@ class Page_SysLog extends Page
else
$whereClause .= ' AND ';
- $whereClause .= "machineuuid='" . preg_replace('/[^0-9a-zA-Z\-]/', '', Request::get('machineuuid', '', 'string')) . "'";
+ $whereClause .= "machineuuid='" . preg_replace('/[^0-9a-zA-Z\-]/', '', Request::get('machineuuid', '', 'string')) . "'";
+ }
+
+ $allowedLocations = User::getAllowedLocations("view");
+ $joinClause = "";
+ if (!in_array(0, $allowedLocations)) {
+ $joinClause = "INNER JOIN machine ON machine.machineuuid = clientlog.machineuuid";
+ if (empty($whereClause))
+ $whereClause .= ' WHERE ';
+ else
+ $whereClause .= ' AND ';
+
+ $whereClause .= 'locationid IN (:allowedLocations)';
}
+
$lines = array();
- $paginate = new Paginate("SELECT logid, dateline, logtypeid, clientip, description, extra FROM clientlog $whereClause ORDER BY logid DESC", 50);
- $res = $paginate->exec();
+ $paginate = new Paginate("SELECT logid, dateline, logtypeid, clientlog.clientip as clientip, description, extra FROM clientlog $joinClause $whereClause ORDER BY logid DESC", 50);
+ $res = $paginate->exec(array("allowedLocations" => $allowedLocations));
while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
$row['date'] = Util::prettyTime($row['dateline']);
$row['icon'] = $this->eventToIconName($row['logtypeid']);
diff --git a/modules-available/syslog/permissions/permissions.json b/modules-available/syslog/permissions/permissions.json
new file mode 100644
index 00000000..f04ea714
--- /dev/null
+++ b/modules-available/syslog/permissions/permissions.json
@@ -0,0 +1,3 @@
+[
+ "view"
+] \ No newline at end of file
diff --git a/modules-available/syslog/templates/heading.html b/modules-available/syslog/templates/heading.html
new file mode 100644
index 00000000..d6790a21
--- /dev/null
+++ b/modules-available/syslog/templates/heading.html
@@ -0,0 +1 @@
+<h1>{{lang_clientLog}}</h1> \ No newline at end of file
diff --git a/modules-available/syslog/templates/page-syslog.html b/modules-available/syslog/templates/page-syslog.html
index 8b590038..9062dbaa 100644
--- a/modules-available/syslog/templates/page-syslog.html
+++ b/modules-available/syslog/templates/page-syslog.html
@@ -1,4 +1,3 @@
-<h1>{{lang_clientLog}}</h1>
<style type="text/css">
.selectize-dropdown {
max-width: 500px;