diff options
| author | Simon Rettberg | 2019-08-01 13:57:28 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2019-08-01 13:57:28 +0200 |
| commit | f01ffbb57a11a4665a0e0fb2cc4dca9069a6554f (patch) | |
| tree | 4d86a0ccace8414469cff4fa1aed0ccb6f6fa011 /modules-available/locations/pages | |
| parent | [locations] Sort subnets by address in subnet view (diff) | |
| download | slx-admin-f01ffbb57a11a4665a0e0fb2cc4dca9069a6554f.tar.gz slx-admin-f01ffbb57a11a4665a0e0fb2cc4dca9069a6554f.tar.xz slx-admin-f01ffbb57a11a4665a0e0fb2cc4dca9069a6554f.zip | |
[locations] Remove list filtering depending on permissions
Locations where the user isn't allowed to do anything were supposed to
be hidden while at the same time making sure that any parent locations
would still be shown. That code was buggy and could display nonsensical
ordering of locations, and even sometimes hide locations where the user
was actually allowed to e.g. edit the assigned config module. Since the
location names aren't secret anyways, just get rid of this broken code.
Diffstat (limited to 'modules-available/locations/pages')
| -rw-r--r-- | modules-available/locations/pages/locations.inc.php | 30 |
1 files changed, 6 insertions, 24 deletions
diff --git a/modules-available/locations/pages/locations.inc.php b/modules-available/locations/pages/locations.inc.php index 275aafdb..b1fd77d4 100644 --- a/modules-available/locations/pages/locations.inc.php +++ b/modules-available/locations/pages/locations.inc.php @@ -92,39 +92,21 @@ class SubPage $unassigned = false; $unassignedLoad = 0; - // Filter view: Remove locations we can't reach at all, but show parents to locations - // we have permission to, so the tree doesn't look all weird - $visibleLocationIds = $allowedLocationIds = User::getAllowedLocations("location.view"); - foreach ($allowedLocationIds as $lid) { - if (!isset($locationList[$lid])) - continue; - $visibleLocationIds = array_merge($visibleLocationIds, $locationList[$lid]['parents']); - } - $visibleLocationIds = array_unique($visibleLocationIds); + $allowedLocationIds = User::getAllowedLocations("location.view"); foreach (array_keys($locationList) as $lid) { - if (User::hasPermission('.baseconfig.view', $lid)) { - $visibleLocationIds[] = $lid; - } else { + if (!User::hasPermission('.baseconfig.view', $lid)) { $locationList[$lid]['havebaseconfig'] = false; } - if (User::hasPermission('.sysconfig.config.view-list', $lid)) { - $visibleLocationIds[] = $lid; - } else { + if (!User::hasPermission('.sysconfig.config.view-list', $lid)) { $locationList[$lid]['havesysconfig'] = false; } - if (User::hasPermission('.statistics.view.list', $lid)) { - $visibleLocationIds[] = $lid; - } else { + if (!User::hasPermission('.statistics.view.list', $lid)) { $locationList[$lid]['havestatistics'] = false; } - if (User::hasPermission('.serversetup.ipxe.menu.assign', $lid)) { - $visibleLocationIds[] = $lid; - } else { + if (!User::hasPermission('.serversetup.ipxe.menu.assign', $lid)) { $locationList[$lid]['haveipxe'] = false; } - if (!in_array($lid, $visibleLocationIds)) { - unset($locationList[$lid]); - } elseif (!in_array($lid, $allowedLocationIds)) { + if (!in_array($lid, $allowedLocationIds)) { $locationList[$lid]['show-only'] = true; } } |