From 3601ceb43aaa9f85c8036ee465a99c9aedaff1c3 Mon Sep 17 00:00:00 2001
From: Udo Walter
Date: Wed, 10 Jan 2018 16:46:13 +0100
Subject: [locations] fixed root location not getting disabled in the dropdown
 if the user does not have permisson for location 0

---
 modules-available/locations/page.inc.php | 1 -
 1 file changed, 1 deletion(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 0cfa5b90..9112e810 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -446,7 +446,6 @@ class Page_Locations extends Page
 		}
 
 		$addAllowedLocs = User::getAllowedLocations("location.add");
-		$addAllowedLocs[] = 0;
 		$addAllowedList = Location::getLocations(0, 0, true);
 		foreach ($addAllowedList as &$loc) {
 			if (!in_array($loc["locationid"], $addAllowedLocs)) {
-- 
cgit v1.2.3-55-g7522


From a8b0095b335780ae0bb950bc44021215d43a6b2d Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 12 Feb 2018 14:17:07 +0100
Subject: [permissionmanager] Introduce "location-aware" flag for permissions

This flag tells wether the permission can be restricted to certain
locations in a meaningful way. This flag has to be set in the
permissions.json of the according module.
For example, the permission to reboot the server cannot be limited
to certain locations in a meaningful way, while the view of the
client log can be filtered to only show log entries for clients
in specific locations.
---
 .../backup/permissions/permissions.json            | 12 +++--
 .../permissions/permissions.json                   | 24 +++++++---
 .../dozmod/permissions/permissions.json            | 52 ++++++++++++++++------
 .../eventlog/permissions/permissions.json          |  8 ++--
 .../exams/permissions/permissions.json             | 13 +++---
 .../internetaccess/permissions/permissions.json    |  8 ++--
 .../locations/permissions/permissions.json         | 32 +++++++++----
 .../minilinux/permissions/permissions.json         | 12 +++--
 .../news/permissions/permissions.json              | 20 ++++++---
 .../permissionmanager/inc/permissionutil.inc.php   |  9 ++--
 modules-available/permissionmanager/page.inc.php   | 21 +++++----
 modules-available/permissionmanager/style.css      | 28 ++++++------
 .../permissionmanager/templates/roleeditor.html    | 42 +++++++----------
 .../permissionmanager/templates/treenode.html      | 23 +++++-----
 .../permissionmanager/templates/treepanel.html     |  2 +-
 .../rebootcontrol/permissions/permissions.json     | 16 ++++---
 .../serversetup-bwlp/permissions/permissions.json  | 16 ++++---
 .../statistics/permissions/permissions.json        | 16 ++++---
 .../permissions/permissions.json                   | 36 ++++++++++-----
 .../syslog/permissions/permissions.json            |  8 ++--
 .../systemstatus/permissions/permissions.json      | 48 ++++++++++++++------
 .../vmstore/permissions/permissions.json           | 16 ++++---
 .../webinterface/permissions/permissions.json      | 16 ++++---
 23 files changed, 309 insertions(+), 169 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/backup/permissions/permissions.json b/modules-available/backup/permissions/permissions.json
index feeffe33..1f778ab6 100644
--- a/modules-available/backup/permissions/permissions.json
+++ b/modules-available/backup/permissions/permissions.json
@@ -1,4 +1,8 @@
-[
-	"create",
-	"restore"
-]
\ No newline at end of file
+{
+    "create": {
+        "location-aware": false
+    },
+    "restore": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/baseconfig_partitions_cdn/permissions/permissions.json b/modules-available/baseconfig_partitions_cdn/permissions/permissions.json
index 286a975b..3acd5230 100644
--- a/modules-available/baseconfig_partitions_cdn/permissions/permissions.json
+++ b/modules-available/baseconfig_partitions_cdn/permissions/permissions.json
@@ -1,7 +1,17 @@
-[
-	"show",
-	"partitions.add",
-	"partitions.delete",
-	"partitions.edit",
-	"partitions.reset"
-]
\ No newline at end of file
+{
+    "partitions.add": {
+        "location-aware": false
+    },
+    "partitions.delete": {
+        "location-aware": false
+    },
+    "partitions.edit": {
+        "location-aware": false
+    },
+    "partitions.reset": {
+        "location-aware": false
+    },
+    "show": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/dozmod/permissions/permissions.json b/modules-available/dozmod/permissions/permissions.json
index e8dfb558..b4ff034b 100644
--- a/modules-available/dozmod/permissions/permissions.json
+++ b/modules-available/dozmod/permissions/permissions.json
@@ -1,14 +1,38 @@
-[
-	"images.delete",
-	"mail.save",
-	"mail.testmail",
-	"runtimeconfig.save",
-	"templates.save",
-	"templates.reset",
-	"users.setmail",
-	"users.setlogin",
-	"users.setsu",
-	"users.orglogin",
-	"log.showuser",
-	"log.showtarget"
-]
\ No newline at end of file
+{
+    "images.delete": {
+        "location-aware": false
+    },
+    "log.showtarget": {
+        "location-aware": false
+    },
+    "log.showuser": {
+        "location-aware": false
+    },
+    "mail.save": {
+        "location-aware": false
+    },
+    "mail.testmail": {
+        "location-aware": false
+    },
+    "runtimeconfig.save": {
+        "location-aware": false
+    },
+    "templates.reset": {
+        "location-aware": false
+    },
+    "templates.save": {
+        "location-aware": false
+    },
+    "users.orglogin": {
+        "location-aware": false
+    },
+    "users.setlogin": {
+        "location-aware": false
+    },
+    "users.setmail": {
+        "location-aware": false
+    },
+    "users.setsu": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/eventlog/permissions/permissions.json b/modules-available/eventlog/permissions/permissions.json
index f04ea714..a1748957 100644
--- a/modules-available/eventlog/permissions/permissions.json
+++ b/modules-available/eventlog/permissions/permissions.json
@@ -1,3 +1,5 @@
-[
-	"view"
-]
\ No newline at end of file
+{
+    "view": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/exams/permissions/permissions.json b/modules-available/exams/permissions/permissions.json
index 215b3399..e44974b6 100644
--- a/modules-available/exams/permissions/permissions.json
+++ b/modules-available/exams/permissions/permissions.json
@@ -1,5 +1,8 @@
-[
-	"exams.add",
-	"exams.delete",
-	"exams.edit"
-]
\ No newline at end of file
+{
+    "exams.edit": {
+        "location-aware": true
+    },
+    "exams.view": {
+        "location-aware": true
+    }
+}
\ No newline at end of file
diff --git a/modules-available/internetaccess/permissions/permissions.json b/modules-available/internetaccess/permissions/permissions.json
index 67998da7..09652e51 100644
--- a/modules-available/internetaccess/permissions/permissions.json
+++ b/modules-available/internetaccess/permissions/permissions.json
@@ -1,3 +1,5 @@
-[
-	"configuration.safe"
-]
\ No newline at end of file
+{
+    "configuration.safe": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/locations/permissions/permissions.json b/modules-available/locations/permissions/permissions.json
index 609a673a..06b01d2c 100644
--- a/modules-available/locations/permissions/permissions.json
+++ b/modules-available/locations/permissions/permissions.json
@@ -1,9 +1,23 @@
-[
-	"location.view",
-	"location.edit",
-	"location.add",
-	"location.delete",
-	"subnet.edit",
-	"subnet.add",
-	"subnet.delete"
-]
\ No newline at end of file
+{
+    "location.add": {
+        "location-aware": false
+    },
+    "location.delete": {
+        "location-aware": false
+    },
+    "location.edit": {
+        "location-aware": false
+    },
+    "location.view": {
+        "location-aware": false
+    },
+    "subnet.add": {
+        "location-aware": false
+    },
+    "subnet.delete": {
+        "location-aware": false
+    },
+    "subnet.edit": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/minilinux/permissions/permissions.json b/modules-available/minilinux/permissions/permissions.json
index 457d9810..650f7e71 100644
--- a/modules-available/minilinux/permissions/permissions.json
+++ b/modules-available/minilinux/permissions/permissions.json
@@ -1,4 +1,8 @@
-[
-	"show",
-	"update"
-]
\ No newline at end of file
+{
+    "show": {
+        "location-aware": false
+    },
+    "update": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/news/permissions/permissions.json b/modules-available/news/permissions/permissions.json
index 321e73ea..0d9435d7 100644
--- a/modules-available/news/permissions/permissions.json
+++ b/modules-available/news/permissions/permissions.json
@@ -1,6 +1,14 @@
-[
-	"news.save",
-	"news.delete",
-	"help.save",
-	"help.delete"
-]
\ No newline at end of file
+{
+    "help.delete": {
+        "location-aware": false
+    },
+    "help.save": {
+        "location-aware": false
+    },
+    "news.delete": {
+        "location-aware": false
+    },
+    "news.save": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php
index 5ff41046..3daf422e 100644
--- a/modules-available/permissionmanager/inc/permissionutil.inc.php
+++ b/modules-available/permissionmanager/inc/permissionutil.inc.php
@@ -100,9 +100,9 @@ class PermissionUtil
 			if (!is_array($data))
 				continue;
 			preg_match('#^modules/([^/]+)/#', $file, $out);
-			foreach( $data as $p ) {
+			foreach( $data as $p => $data) {
 				$description = Dictionary::translateFileModule($out[1], "permissions", $p);
-				self::putInPermissionTree($out[1].".".$p, $description, $permissions);
+				self::putInPermissionTree($out[1].".".$p, $data['location-aware'], $description, $permissions);
 			}
 		}
 		ksort($permissions);
@@ -120,10 +120,11 @@ class PermissionUtil
 	 * Place a permission into the given permission tree.
 	 *
 	 * @param string $permission the permission to place in the tree
+	 * @param bool $locationAware whether this permissions can be restricted to specific locations only
 	 * @param string $description the description of the permission
 	 * @param array $tree the permission tree to modify
 	 */
-	private static function putInPermissionTree($permission, $description, &$tree)
+	private static function putInPermissionTree($permission, $locationAware, $description, &$tree)
 	{
 		$subPermissions = explode('.', $permission);
 		foreach ($subPermissions as $subPermission) {
@@ -134,6 +135,6 @@ class PermissionUtil
 				$tree =& $tree[$subPermission];
 			}
 		}
-		$tree = $description;
+		$tree = array('description' => $description, 'location-aware' => $locationAware, 'isLeaf' => true);
 	}
 }
\ No newline at end of file
diff --git a/modules-available/permissionmanager/page.inc.php b/modules-available/permissionmanager/page.inc.php
index 13d81c6a..bb8482af 100644
--- a/modules-available/permissionmanager/page.inc.php
+++ b/modules-available/permissionmanager/page.inc.php
@@ -100,18 +100,21 @@ class Page_PermissionManager extends Page
 		$toplevel = $permString == "";
 		if ($toplevel && in_array("*", $selectedPermissions)) $selectAll = true;
 		foreach ($permissions as $k => $v) {
-			$leaf = !is_array($v);
+			$leaf = isset($v['isLeaf']) && $v['isLeaf'];
 			$nextPermString = $permString ? $permString.".".$k : $k;
 			$id = $leaf ? $nextPermString : $nextPermString.".*";
 			$selected = $selectAll || in_array($id, $selectedPermissions);
-			$res .= Render::parse("treenode",
-				array("id" =>  $id,
-						"name" => $toplevel ? Module::get($k)->getDisplayName() : $k,
-						"toplevel" => $toplevel,
-						"checkboxname" => "permissions",
-						"selected" => $selected,
-						"HTML" => $leaf ? "" : self::generatePermissionHTML($v, $selectedPermissions, $selected, $nextPermString),
-						"description" => $leaf ? $v : ""));
+			$data = array("id" =>  $id,
+				"name" => $toplevel ? Module::get($k)->getDisplayName() : $k,
+				"toplevel" => $toplevel,
+				"checkboxname" => "permissions",
+				"selected" => $selected,
+				"HTML" => $leaf ? "" : self::generatePermissionHTML($v, $selectedPermissions, $selected, $nextPermString),
+			);
+			if ($leaf) {
+				$data += $v;
+			}
+			$res .= Render::parse("treenode", $data);
 		}
 		if ($toplevel) {
 			$res = Render::parse("treepanel",
diff --git a/modules-available/permissionmanager/style.css b/modules-available/permissionmanager/style.css
index 49d631a8..9c39af64 100644
--- a/modules-available/permissionmanager/style.css
+++ b/modules-available/permissionmanager/style.css
@@ -55,28 +55,28 @@
     background-color: rgba(0, 182, 41, 0.23);
 }
 
-.tree-container {
-    -moz-column-gap: 20px;
-    -webkit-column-gap: 20px;
-    column-gap: 20px;
-}
-
-
 .tree-container > ul {
     display: inline-block;
     width: 100%;
     padding: 0;
 }
 
-@media (max-width: 767px) {
-    .tree-container {
-        -moz-column-count: 1;
-        -webkit-column-count: 1;
-        column-count: 1;
-    }
+.tree-container > ul > li > div > label {
+    font-weight: bold;
+}
+
+.tree-container {
+    -moz-column-gap: 20px;
+    -webkit-column-gap: 20px;
+    column-gap: 20px;
+    -moz-column-count: 1;
+    -webkit-column-count: 1;
+    column-count: 1;
+    padding-left: 20px;
+    padding-right: 20px;
 }
 
-@media (min-width: 768px) and (max-width: 991px) {
+@media (min-width: 768px) {
     .tree-container {
         -moz-column-count: 2;
         -webkit-column-count: 2;
diff --git a/modules-available/permissionmanager/templates/roleeditor.html b/modules-available/permissionmanager/templates/roleeditor.html
index 871fd0cc..eadce027 100644
--- a/modules-available/permissionmanager/templates/roleeditor.html
+++ b/modules-available/permissionmanager/templates/roleeditor.html
@@ -4,32 +4,24 @@
 	<input type="hidden" name="token" value="{{token}}">
 	<input type="hidden" name="roleid" value="{{roleid}}">
 
-	<div class="row">
-		<div class="col-md-12" style="margin-bottom: 20px;">
-			<ul class="nav nav-tabs text-center" role="tablist">
-				<li role="presentation" class="active"><a href="#permissions" role="tab" data-toggle="tab">{{lang_permissions}}</a></li>
-				<li role="presentation"><a href="#locations" role="tab" data-toggle="tab">{{lang_locations}}</a></li>
-				<li style="float: none; display: inline-block">
-					<label for="rolename">{{lang_name}}:</label>
-					<input id="rolename" name="rolename" value="{{rolename}}" type="text" class="form-control">
-				</li>
-				<li style="float: right;">
-					<span><a href="?do=permissionmanager&show={{cancelShow}}" id="cancelButton" class="btn btn-default">{{lang_cancel}}</a></span>
-					<button type="submit" id="saveButton" class="btn btn-primary"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
-				</li>
-			</ul>
+	<ul class="nav nav-tabs text-center" role="tablist">
+		<li role="presentation" class="active"><a href="#permissions" role="tab" data-toggle="tab">{{lang_permissions}}</a></li>
+		<li role="presentation"><a href="#locations" role="tab" data-toggle="tab">{{lang_locations}}</a></li>
+		<li style="float: none; display: inline-block">
+			<label for="rolename">{{lang_name}}:</label>
+			<input id="rolename" name="rolename" value="{{rolename}}" type="text" class="form-control">
+		</li>
+		<li style="float: right;">
+			<span><a href="?do=permissionmanager&show={{cancelShow}}" id="cancelButton" class="btn btn-default">{{lang_cancel}}</a></span>
+			<button type="submit" id="saveButton" class="btn btn-primary"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
+		</li>
+	</ul>
+	<div class="tab-content">
+		<div role="tabpanel" class="tab-pane active" id="permissions">
+			{{{permissionHTML}}}
 		</div>
-	</div>
-	<div class="row" style="margin-bottom: 20px;">
-		<div class="col-md-12">
-			<div class="tab-content">
-				<div role="tabpanel" class="tab-pane active" id="permissions">
-					{{{permissionHTML}}}
-				</div>
-				<div role="tabpanel" class="tab-pane" id="locations">
-					{{{locationHTML}}}
-				</div>
-			</div>
+		<div role="tabpanel" class="tab-pane" id="locations">
+			{{{locationHTML}}}
 		</div>
 	</div>
 
diff --git a/modules-available/permissionmanager/templates/treenode.html b/modules-available/permissionmanager/templates/treenode.html
index ced973ca..43509237 100644
--- a/modules-available/permissionmanager/templates/treenode.html
+++ b/modules-available/permissionmanager/templates/treenode.html
@@ -1,11 +1,14 @@
 {{#toplevel}}<ul>{{/toplevel}}
-	<li title="{{description}}" data-toggle="tooltip" data-placement="left">
-		<div class='checkbox'>
-			<input id="{{id}}" name="{{checkboxname}}[]" value="{{id}}" type="checkbox" class="form-control" {{#selected}}checked{{/selected}}>
-			<label for="{{id}}">{{#toplevel}}<b>{{/toplevel}}{{name}}{{#toplevel}}</b>{{/toplevel}}</label>
-		</div>
-		<ul>
-			{{{HTML}}}
-		</ul>
-	</li>
-{{#toplevel}}</ul>{{/toplevel}}
+<li title="{{description}}" data-toggle="tooltip" data-placement="left">
+	<div class='checkbox'>
+		<input id="{{id}}" name="{{checkboxname}}[]" value="{{id}}" type="checkbox" class="form-control" {{#selected}}checked{{/selected}}>
+		<label for="{{id}}">
+			{{name}}
+			{{#location-aware}}<span class="glyphicon glyphicon-home text-muted"></span>{{/location-aware}}
+		</label>
+	</div>
+	<ul>
+		{{{HTML}}}
+	</ul>
+</li>
+{{#toplevel}}</ul>{{/toplevel}}
\ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/treepanel.html b/modules-available/permissionmanager/templates/treepanel.html
index 6f358825..8b510407 100644
--- a/modules-available/permissionmanager/templates/treepanel.html
+++ b/modules-available/permissionmanager/templates/treepanel.html
@@ -6,7 +6,7 @@
 		</div>
 	</div>
 	<div class="panel-body">
-		<div class="tree-container" style="padding-left: 20px; padding-right: 20px;">
+		<div class="tree-container">
 			{{{HTML}}}
 		</div>
 	</div>
diff --git a/modules-available/rebootcontrol/permissions/permissions.json b/modules-available/rebootcontrol/permissions/permissions.json
index 5230c9bd..5de9b633 100644
--- a/modules-available/rebootcontrol/permissions/permissions.json
+++ b/modules-available/rebootcontrol/permissions/permissions.json
@@ -1,5 +1,11 @@
-[
-	"shutdown",
-	"reboot",
-	"newkeypair"
-]
\ No newline at end of file
+{
+    "newkeypair": {
+        "location-aware": false
+    },
+    "reboot": {
+        "location-aware": true
+    },
+    "shutdown": {
+        "location-aware": true
+    }
+}
\ No newline at end of file
diff --git a/modules-available/serversetup-bwlp/permissions/permissions.json b/modules-available/serversetup-bwlp/permissions/permissions.json
index 2166cf8e..6bae5422 100644
--- a/modules-available/serversetup-bwlp/permissions/permissions.json
+++ b/modules-available/serversetup-bwlp/permissions/permissions.json
@@ -1,5 +1,11 @@
-[
-	"edit.address",
-	"edit.menu",
-	"download"
-]
\ No newline at end of file
+{
+    "download": {
+        "location-aware": false
+    },
+    "edit.address": {
+        "location-aware": false
+    },
+    "edit.menu": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/statistics/permissions/permissions.json b/modules-available/statistics/permissions/permissions.json
index 97a49036..c9dca9f3 100644
--- a/modules-available/statistics/permissions/permissions.json
+++ b/modules-available/statistics/permissions/permissions.json
@@ -1,5 +1,11 @@
-[
-	"view",
-	"note",
-	"delete"
-]
\ No newline at end of file
+{
+    "machine.delete": {
+        "location-aware": true
+    },
+    "machine.note": {
+        "location-aware": true
+    },
+    "machine.view": {
+        "location-aware": true
+    }
+}
\ No newline at end of file
diff --git a/modules-available/statistics_reporting/permissions/permissions.json b/modules-available/statistics_reporting/permissions/permissions.json
index d967b75d..1244027e 100644
--- a/modules-available/statistics_reporting/permissions/permissions.json
+++ b/modules-available/statistics_reporting/permissions/permissions.json
@@ -1,10 +1,26 @@
-[
-	"table.view.total",
-	"table.view.location",
-	"table.view.client",
-	"table.view.user",
-	"table.view.vm",
-	"table.export",
-	"reporting.download",
-	"reporting.change"
-]
\ No newline at end of file
+{
+    "reporting.change": {
+        "location-aware": false
+    },
+    "reporting.download": {
+        "location-aware": false
+    },
+    "table.export": {
+        "location-aware": false
+    },
+    "table.view.client": {
+        "location-aware": true
+    },
+    "table.view.location": {
+        "location-aware": true
+    },
+    "table.view.total": {
+        "location-aware": false
+    },
+    "table.view.user": {
+        "location-aware": false
+    },
+    "table.view.vm": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/syslog/permissions/permissions.json b/modules-available/syslog/permissions/permissions.json
index f04ea714..fcf530c5 100644
--- a/modules-available/syslog/permissions/permissions.json
+++ b/modules-available/syslog/permissions/permissions.json
@@ -1,3 +1,5 @@
-[
-	"view"
-]
\ No newline at end of file
+{
+    "view": {
+        "location-aware": true
+    }
+}
\ No newline at end of file
diff --git a/modules-available/systemstatus/permissions/permissions.json b/modules-available/systemstatus/permissions/permissions.json
index 0333564b..8324f708 100644
--- a/modules-available/systemstatus/permissions/permissions.json
+++ b/modules-available/systemstatus/permissions/permissions.json
@@ -1,13 +1,35 @@
-[
-	"show.overview.diskstat",
-	"show.overview.services",
-	"show.overview.adresses",
-	"show.overview.systeminfo",
-	"show.overview.dmsdusers",
-	"show.logs.bwlpserver",
-	"show.logs.netstat",
-	"show.logs.pslist",
-	"show.logs.ldapad",
-	"show.logs.lighttpd",
-	"serverreboot"
-]
\ No newline at end of file
+{
+    "serverreboot": {
+        "location-aware": false
+    },
+    "show.logs.bwlpserver": {
+        "location-aware": false
+    },
+    "show.logs.ldapad": {
+        "location-aware": false
+    },
+    "show.logs.lighttpd": {
+        "location-aware": false
+    },
+    "show.logs.netstat": {
+        "location-aware": false
+    },
+    "show.logs.pslist": {
+        "location-aware": false
+    },
+    "show.overview.adresses": {
+        "location-aware": false
+    },
+    "show.overview.diskstat": {
+        "location-aware": false
+    },
+    "show.overview.dmsdusers": {
+        "location-aware": false
+    },
+    "show.overview.services": {
+        "location-aware": false
+    },
+    "show.overview.systeminfo": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/vmstore/permissions/permissions.json b/modules-available/vmstore/permissions/permissions.json
index f2c22c72..29ee6a51 100644
--- a/modules-available/vmstore/permissions/permissions.json
+++ b/modules-available/vmstore/permissions/permissions.json
@@ -1,5 +1,11 @@
-[
-	"choose.internal",
-	"choose.nfs",
-	"choose.cifs"
-]
\ No newline at end of file
+{
+    "choose.cifs": {
+        "location-aware": false
+    },
+    "choose.internal": {
+        "location-aware": false
+    },
+    "choose.nfs": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/permissions/permissions.json b/modules-available/webinterface/permissions/permissions.json
index 45b5395d..fa6f493f 100644
--- a/modules-available/webinterface/permissions/permissions.json
+++ b/modules-available/webinterface/permissions/permissions.json
@@ -1,5 +1,11 @@
-[
-	"edit.https",
-	"edit.password",
-	"edit.design"
-]
\ No newline at end of file
+{
+    "edit.design": {
+        "location-aware": false
+    },
+    "edit.https": {
+        "location-aware": false
+    },
+    "edit.password": {
+        "location-aware": false
+    }
+}
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522


From 8aebf6191f0942b6e0fbdc5b07f8069a68d3ee70 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 14 Feb 2018 13:18:47 +0100
Subject: [locations] One permission for direct subnet editing; restructure
 handling a bit

---
 modules-available/locations/inc/location.inc.php   |   2 +-
 modules-available/locations/page.inc.php           | 217 ++++++++++-----------
 .../locations/permissions/permissions.json         |  22 +--
 .../locations/templates/location-subnets.html      |  33 ++--
 .../locations/templates/locations.html             |  30 +--
 5 files changed, 150 insertions(+), 154 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/inc/location.inc.php b/modules-available/locations/inc/location.inc.php
index 0576e660..d43c36a7 100644
--- a/modules-available/locations/inc/location.inc.php
+++ b/modules-available/locations/inc/location.inc.php
@@ -251,7 +251,7 @@ class Location
 	{
 		$ids = array();
 		foreach ($tree as $node) {
-			$ids[] = $node['locationid'];
+			$ids[] = (int)$node['locationid'];
 			if (!empty($node['children'])) {
 				$ids = array_merge($ids, self::extractIds($node['children']));
 			}
diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 9112e810..ed541876 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -28,6 +28,7 @@ class Page_Locations extends Page
 
 	private function updateSubnets()
 	{
+		User::assertPermission('subnets.edit', NULL, '?do=locations');
 		$count = 0;
 		$starts = Request::post('startaddr', false);
 		$ends = Request::post('endaddr', false);
@@ -47,12 +48,6 @@ class Page_Locations extends Page
 				Message::addError('main.value-invalid', 'locationid', $loc);
 				continue;
 			}
-
-			$oldLoc = Database::queryFirst("SELECT locationid FROM subnet WHERE subnetid = :subnetid", array("subnetid" => $subnetid))["locationid"];
-			if (($loc == $oldLoc && !User::hasPermission("subnet.edit", $loc)) ||
-				 ($loc != $oldLoc && (!User::hasPermission("subnet.delete", $oldLoc) || !User::hasPermission("subnet.add", $loc))))
-				continue;
-
 			$range = $this->rangeToLongVerbose($start, $end);
 			if ($range === false)
 				continue;
@@ -63,7 +58,7 @@ class Page_Locations extends Page
 		}
 		AutoLocation::rebuildAll();
 		Message::addSuccess('subnets-updated', $count);
-		Util::redirect('?do=Locations&action=showsubnets');
+		Util::redirect('?do=Locations');
 	}
 
 	private function addLocations()
@@ -81,8 +76,10 @@ class Page_Locations extends Page
 			if (empty($name))
 				continue;
 			$parent = isset($parents[$idx]) ? (int)$parents[$idx] : 0;
-			if (!User::hasPermission("location.add", $parent))
+			if (!User::hasPermission("location.add", $parent)) {
+				Message::addError('no-permission-location', isset($locs[$parent]) ? $locs[$parent]['locationname'] : $parent);
 				continue;
+			}
 			if ($parent !== 0) {
 				$ok = false;
 				foreach ($locs as $loc) {
@@ -123,24 +120,16 @@ class Page_Locations extends Page
 		$change = false;
 		// Delete location?
 		if ($locationId === $del) {
-			if (!User::hasPermission("location.delete", $locationId)) {
-				Message::addError('main.no-permission', 'locationid', $locationId);
-				Util::redirect('?do=Locations');
-			}
+			User::assertPermission("location.delete", $locationId, '?do=locations');
 			$this->deleteLocation($location);
 			$change = true;
 		}
 		// Update subnets
 		$change |= $this->updateLocationSubnets();
-
-		if (User::hasPermission("subnet.add", $locationId)) {
-			// Insert subnets
-			$change |= $this->addNewLocationSubnets($location);
-		}
-		if (User::hasPermission("location.edit", $locationId)) {
-			// Update location!
-			$change |= $this->updateLocationData($location);
-		}
+		// Insert subnets
+		$change |= $this->addNewLocationSubnets($location);
+		// Update location!
+		$change |= $this->updateLocationData($location);
 
 		if ($change) {
 			// In case subnets or tree layout changed, recalc this
@@ -176,13 +165,17 @@ class Page_Locations extends Page
 		$locationId = (int)$location['locationid'];
 		$newParent = Request::post('parentlocationid', false, 'integer');
 		$newName = Request::post('locationname', false, 'string');
-		if ($newName === false || preg_match('/^\s*$/', $newName)) {
+		if (!User::hasPermission('location.edit.name', $locationId)) {
+			$newName = $location['locationname'];
+		} elseif ($newName === false || preg_match('/^\s*$/', $newName)) {
 			if ($newName !== false) {
 				Message::addWarning('main.value-invalid', 'location name', $newName);
 			}
 			$newName = $location['locationname'];
 		}
-		if ($newParent === false) {
+		if ($newParent === false || !User::hasPermission('location.edit.parent', $locationId)
+				|| !User::hasPermission('location.edit.parent', $newParent)
+				|| !User::hasPermission('location.edit.*', $location['parentlocationid'])) {
 			$newParent = $location['parentlocationid'];
 		} else if ($newParent !== 0) {
 			$rows = Location::queryLocations();
@@ -213,13 +206,15 @@ class Page_Locations extends Page
 
 	private function updateLocationSubnets()
 	{
-		$change = false;
-
 		$locationId = Request::post('locationid', false, 'integer');
+		if (!User::hasPermission('location.edit.subnets', $locationId))
+			return false;
+
+		$change = false;
 
 		// Deletion first
 		$dels = Request::post('deletesubnet', false);
-		if (is_array($dels) && User::hasPermission("subnet.delete", $locationId)) {
+		if (is_array($dels)) {
 			$count = 0;
 			$stmt = Database::prepare('DELETE FROM subnet WHERE subnetid = :id');
 			foreach ($dels as $key => $value) {
@@ -234,8 +229,6 @@ class Page_Locations extends Page
 				$change = true;
 			}
 		}
-		if (!User::hasPermission("subnet.edit", $locationId))
-			return $change;
 
 		// Now actual updates
 		$starts = Request::post('startaddr', false);
@@ -267,8 +260,11 @@ class Page_Locations extends Page
 
 	private function addNewLocationSubnets($location)
 	{
-		$change = false;
 		$locationId = (int)$location['locationid'];
+		if (!User::hasPermission('location.edit.subnets', $locationId))
+			return false;
+
+		$change = false;
 		$starts = Request::post('newstartaddr', false);
 		$ends = Request::post('newendaddr', false);
 		if (!is_array($starts) || !is_array($ends)) {
@@ -316,28 +312,16 @@ class Page_Locations extends Page
 			Util::redirect('?do=Locations&action=showlocations');
 		}
 		if ($getAction === 'showsubnets') {
-			$res = Database::simpleQuery("SELECT subnetid, startaddr, endaddr, locationid FROM subnet
-													WHERE locationid IN (:locations) ORDER BY startaddr ASC",
-													array("locations" => User::getAllowedLocations("location.view")));
-			$allowedLocs = User::getAllowedLocations("subnet.add");
+			User::assertPermission('subnets.edit', NULL, '?do=locations');
+			$res = Database::simpleQuery("SELECT subnetid, startaddr, endaddr, locationid FROM subnet");
 			$rows = array();
 			while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
 				$row['startaddr'] = long2ip($row['startaddr']);
 				$row['endaddr'] = long2ip($row['endaddr']);
 				$row['locations'] = Location::getLocations($row['locationid']);
-
-				foreach ($row['locations'] as &$loc) {
-					if (!(in_array($loc["locationid"], $allowedLocs) || $loc["locationid"] == $row['locationid'])) {
-						$loc["disabled"] = "disabled";
-					}
-				}
-
-				$row['editThisSubnetAllowed'] = User::hasPermission("subnet.edit", $row['locationid']);
-				$row['deleteThisSubnetAllowed'] = User::hasPermission("subnet.delete", $row['locationid']);
 				$rows[] = $row;
 			}
-
-			Render::addTemplate('subnets', array('list' => $rows, 'editSubnetAllowed' => User::hasPermission("subnet.edit")));
+			Render::addTemplate('subnets', array('list' => $rows));
 		} elseif ($getAction === 'showlocations') {
 			$this->showLocationList();
 		}
@@ -349,38 +333,59 @@ class Page_Locations extends Page
 		$overlapSelf = $overlapOther = true;
 		Location::getOverlappingSubnets($overlapSelf, $overlapOther);
 		//$locs = Location::getLocations(0, 0, false, true);
-		$locs = Location::getLocationsAssoc();
+		$locationList = Location::getLocationsAssoc();
 		// Statistics: Count machines for each subnet
 		$unassigned = false;
+
+		// Filter view: Remove locations we can't reach at all, but show parents to locations
+		// we have permission to, so the tree doesn't look all weird
+		$visibleLocationIds = $allowedLocationIds = User::getAllowedLocations("location.view");
+		foreach ($allowedLocationIds as $lid) {
+			$visibleLocationIds = array_merge($visibleLocationIds, $locationList[$lid]['parents']);
+		}
+		$visibleLocationIds = array_unique($visibleLocationIds);
+		foreach (array_keys($locationList) as $lid) {
+			if (!in_array($lid, $visibleLocationIds)) {
+				unset($locationList[$lid]);
+			} elseif (!in_array($lid, $allowedLocationIds)) {
+				$locationList[$lid]['show-only'] = true;
+			}
+		}
+
+		// Client statistics
 		if (Module::get('statistics') !== false) {
-			$DL = time() - 605;
 			$unassigned = 0;
-			$res = Database::simpleQuery("SELECT locationid, Count(*) AS cnt, Sum(If(lastseen > $DL AND logintime <> 0, 1, 0)) AS used
- 				 FROM machine GROUP BY locationid");
+			$res = Database::simpleQuery("SELECT locationid, Count(*) AS cnt, Sum(If(state = 'OCCUPIED', 1, 0)) AS used
+ 				 FROM machine WHERE locationid IN (:allowedLocationIds) GROUP BY locationid", compact('allowedLocationIds'));
 			while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
-				$loc = (int)$row['locationid'];
-				if (isset($locs[$loc])) {
-					$locs[$loc]['clientCount'] = $row['cnt'];
-					$locs[$loc]['clientLoad'] = round(100 * $row['used'] / $row['cnt']) . '%';
+				$locId = (int)$row['locationid'];
+				if (isset($locationList[$locId])) {
+					$locationList[$locId]['clientCount'] = $row['cnt'];
+					$locationList[$locId]['clientLoad'] = round(100 * $row['used'] / $row['cnt']) . '%';
 				} else {
 					$unassigned += $row['cnt'];
 				}
 			}
 			unset($loc);
-			foreach ($locs as &$loc) {
+			foreach ($locationList as &$loc) {
+				if (!in_array($loc['locationid'], $allowedLocationIds))
+					continue;
+				if (!isset($loc['clientCountSum'])) {
+					$loc['clientCountSum'] = 0;
+				}
 				if (!isset($loc['clientCount'])) {
 					$loc['clientCount'] = 0;
 					$loc['clientLoad'] = '0%';
+					$loc['clientCountSum'] += $loc['clientCount'];
 				}
-				$loc['clientCountSum'] = $loc['clientCount'];
-			}
-			unset($loc);
-			foreach ($locs as $loc) {
 				foreach ($loc['parents'] as $pid) {
-					$locs[(int)$pid]['hasChild'] = true;
-					$locs[(int)$pid]['clientCountSum'] += $loc['clientCount'];
+					if (!in_array($pid, $allowedLocationIds))
+						continue;
+					$locationList[(int)$pid]['hasChild'] = true;
+					$locationList[(int)$pid]['clientCountSum'] += $loc['clientCount'];
 				}
 			}
+			unset($loc);
 		}
 		// Show currently active sysconfig for each location
 		$defaultConfig = false;
@@ -390,18 +395,18 @@ class Page_Locations extends Page
 				if (strlen($conf['locs']) === 0)
 					continue;
 				$confLocs = explode(',', $conf['locs']);
-				foreach ($confLocs as $loc) {
-					settype($loc, 'int');
-					if ($loc === 0) {
+				foreach ($confLocs as $locId) {
+					settype($locId, 'int');
+					if ($locId === 0) {
 						$defaultConfig = $conf['title'];
 					}
-					if (!isset($locs[$loc]))
+					if (!isset($locationList[$locId]))
 						continue;
-					$locs[$loc] += array('configName' => $conf['title'], 'configClass' => 'slx-bold');
+					$locationList[$locId] += array('configName' => $conf['title'], 'configClass' => 'slx-bold');
 				}
 			}
 			$depth = array();
-			foreach ($locs as &$loc) {
+			foreach ($locationList as &$loc) {
 				$d = $loc['depth'];
 				if (!isset($loc['configName'])) {
 					// Has no explicit config assignment
@@ -419,32 +424,16 @@ class Page_Locations extends Page
 		}
 		// Count overridden config vars
 		if (Module::get('baseconfig') !== false) {
-			$res = Database::simpleQuery("SELECT locationid, Count(*) AS cnt FROM `setting_location` GROUP BY locationid");
+			$res = Database::simpleQuery("SELECT locationid, Count(*) AS cnt FROM `setting_location`
+ 					WHERE locationid IN (:allowedLocationIds) GROUP BY locationid", compact('allowedLocationIds'));
 			while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
 				$lid = (int)$row['locationid'];
-				if (isset($locs[$lid])) {
-					$locs[$lid]['overriddenVars'] = $row['cnt'];
+				if (isset($locationList[$lid])) {
+					$locationList[$lid]['overriddenVars'] = $row['cnt'];
 				}
 			}
 		}
 
-		$allowedLocs = User::getAllowedLocations("location.view");
-		$withParents = array();
-		foreach ($allowedLocs as $loc) {
-			$withParents = array_merge($withParents, Location::getLocationRootChain($loc));
-		}
-
-		foreach ($locs as $key => $loc) {
-			if (!in_array($loc["locationid"], $withParents)) {
-				unset($locs[$key]);
-			} elseif (!in_array($loc["locationid"], $allowedLocs)) {
-				$id = $locs[$key]["locationid"];
-				$name = $locs[$key]["locationname"];
-				$depth = $locs[$key]["depth"];
-				$locs[$key] = array("locationid" => $id, "locationname" => $name, "depth" => $depth, "linkClass" => "not-allowed");
-			}
-		}
-
 		$addAllowedLocs = User::getAllowedLocations("location.add");
 		$addAllowedList = Location::getLocations(0, 0, true);
 		foreach ($addAllowedList as &$loc) {
@@ -452,10 +441,11 @@ class Page_Locations extends Page
 				$loc["disabled"] = "disabled";
 			}
 		}
+		unset($loc);
 
 		// Output
-		Render::addTemplate('locations', array(
-			'list' => array_values($locs),
+		$data = array(
+			'list' => array_values($locationList),
 			'havestatistics' => Module::get('statistics') !== false,
 			'havebaseconfig' => Module::get('baseconfig') !== false,
 			'havesysconfig' => Module::get('sysconfig') !== false,
@@ -465,9 +455,12 @@ class Page_Locations extends Page
 			'haveOverlapOther' => !empty($overlapOther),
 			'unassignedCount' => $unassigned,
 			'defaultConfig' => $defaultConfig,
-			'addAllowed' => User::hasPermission("location.add"),
-			'addAllowedList' => array_values($addAllowedList)
-		));
+			'addAllowedList' => array_values($addAllowedList),
+		);
+		// TODO: Buttons for config vars and sysconfig are currently always shown, as their availability
+		// depends on permissions in the according modules, not this one
+		Permission::addGlobalTags($data['perms'], NULL, ['subnets.edit', 'location.add']);
+		Render::addTemplate('locations', $data);
 	}
 
 	/*
@@ -515,11 +508,16 @@ class Page_Locations extends Page
 			'parents' => Location::getLocations($loc['parentlocationid'], $locationId, true)
 		);
 
-		$allowedLocs = User::getAllowedLocations("location.edit");
-		$allowedLocs[] = 0;
-		foreach ($data['parents'] as &$parent) {
-			if (!(in_array($parent["locationid"], $allowedLocs) || $parent["locationid"] == $loc['parentlocationid'])) {
-				$parent["disabled"] = "disabled";
+		// Disable locations in the parent selector where the user cannot change to
+		if (!User::hasPermission('location.edit.*', $loc['parentlocationid'])
+				|| !User::hasPermission('location.edit.parent', $locationId)) {
+			$allowedLocs = [];
+		} else {
+			$allowedLocs = User::getAllowedLocations("location.edit.*");
+			foreach ($data['parents'] as &$parent) {
+				if (!(in_array($parent["locationid"], $allowedLocs) || $parent["locationid"] == $loc['parentlocationid'])) {
+					$parent["disabled"] = "disabled";
+				}
 			}
 		}
 
@@ -533,16 +531,16 @@ class Page_Locations extends Page
 		// Get clients matching this location's subnet(s)
 		$count = $online = $used = 0;
 		if (Module::get('statistics') !== false) {
-			$mres = Database::simpleQuery("SELECT lastseen, logintime FROM machine"
+			$mres = Database::simpleQuery("SELECT state FROM machine"
 				. " WHERE machine.locationid = :lid", array('lid' => $locationId));
-			$DL = time() - 605;
 			while ($row = $mres->fetch(PDO::FETCH_ASSOC)) {
 				$count++;
-				if ($row['lastseen'] > $DL) {
+				if ($row['state'] === 'IDLE') {
 					$online++;
-					if ($row['logintime'] != 0) {
-						$used++;
-					}
+				}
+				if ($row['state'] === 'OCCUPIED') {
+					$online++;
+					$used++;
 				}
 			}
 			$data['haveStatistics'] = true;
@@ -553,18 +551,13 @@ class Page_Locations extends Page
 		$data['used_percent'] = $count === 0 ? 0 : round(($used / $count) * 100);
 
 
-		$data['havebaseconfig'] = Module::get('baseconfig') !== false;
-		$data['havesysconfig'] = Module::get('sysconfig') !== false;
-		$data['editAllowed'] = User::hasPermission("location.edit", $locationId);
-		$data['deleteAllowed'] = User::hasPermission("location.delete", $locationId);
-		$data['editSubnetAllowed'] = User::hasPermission("subnet.edit", $locationId);
-		$data['deleteSubnetAllowed'] = User::hasPermission("subnet.delete", $locationId);
-		$data['addSubnetAllowed'] = User::hasPermission("subnet.add", $locationId);
-		$data['saveButton'] = $data['editAllowed'] || $data['editSubnetAllowed'] || $data['deleteSubnetAllowed'] || $data['addSubnetAllowed'];
+		Permission::addGlobalTags($data['perms'], $locationId, ['location.edit.name', 'location.edit.subnets', 'location.delete', '.roomplanner.edit'], 'save_button');
+		if (empty($allowedLocs)) {
+			$data['perms']['location']['edit']['parent']['disabled'] = 'disabled';
+		} else {
+			unset($data['perms']['save_button']);
+		}
 
-		// echo '<pre>';
-		// var_dump($data);
-		// echo '</pre>';
 		echo Render::parse('location-subnets', $data);
 	}
 
diff --git a/modules-available/locations/permissions/permissions.json b/modules-available/locations/permissions/permissions.json
index 06b01d2c..18b24a73 100644
--- a/modules-available/locations/permissions/permissions.json
+++ b/modules-available/locations/permissions/permissions.json
@@ -1,23 +1,23 @@
 {
     "location.add": {
-        "location-aware": false
+        "location-aware": true
     },
     "location.delete": {
-        "location-aware": false
+        "location-aware": true
     },
-    "location.edit": {
-        "location-aware": false
+    "location.edit.name": {
+        "location-aware": true
     },
-    "location.view": {
-        "location-aware": false
+    "location.edit.subnets": {
+        "location-aware": true
     },
-    "subnet.add": {
-        "location-aware": false
+    "location.edit.parent": {
+        "location-aware": true
     },
-    "subnet.delete": {
-        "location-aware": false
+    "location.view": {
+        "location-aware": true
     },
-    "subnet.edit": {
+    "subnets.edit": {
         "location-aware": false
     }
 }
\ No newline at end of file
diff --git a/modules-available/locations/templates/location-subnets.html b/modules-available/locations/templates/location-subnets.html
index 2cc8e98b..9db75f0b 100644
--- a/modules-available/locations/templates/location-subnets.html
+++ b/modules-available/locations/templates/location-subnets.html
@@ -8,17 +8,17 @@
 			<button type="submit" class="btn btn-primary">Save</button>
 		</div>
 		<div class="row">
-			<div class="{{^editAllowed}}disabled{{/editAllowed}}">
+			<div>
 				<div class="col-sm-6">
 					<div class="input-group">
 						<span class="input-group-addon slx-ga">{{lang_name}}</span>
-						<input class="form-control" type="text" name="locationname" value="{{locationname}}" pattern=".*\S.*">
+						<input {{perms.location.edit.name.disabled}} class="form-control" type="text" name="locationname" value="{{locationname}}" pattern=".*\S.*">
 					</div>
 				</div>
 				<div class="col-sm-6">
 					<div class="input-group">
 						<span class="input-group-addon slx-ga2">{{lang_parentLocation}}</span>
-						<select class="form-control" name="parentlocationid">
+						<select class="form-control" name="parentlocationid" {{perms.location.edit.parent.disabled}}>
 							{{#parents}}
 							<option {{disabled}} value="{{locationid}}" {{#selected}}selected="selected"{{/selected}}>{{locationpad}} {{locationname}}</option>
 							{{/parents}}
@@ -40,11 +40,11 @@
 			{{#list}}
 				<tr class="cidrmagic">
 					<td>{{subnetid}}</td>
-					<td class="{{^editSubnetAllowed}}disabled{{/editSubnetAllowed}}"><input class="form-control cidrstart" type="text" name="startaddr[{{subnetid}}]" value="{{startaddr}}" pattern="\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"></td>
-					<td class="{{^editSubnetAllowed}}disabled{{/editSubnetAllowed}}"><input class="form-control cidrend" type="text" name="endaddr[{{subnetid}}]" value="{{endaddr}}" pattern="\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"></td>
+					<td><input {{perms.location.edit.subnets.disabled}} class="form-control cidrstart" type="text" name="startaddr[{{subnetid}}]" value="{{startaddr}}" pattern="\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"></td>
+					<td><input {{perms.location.edit.subnets.disabled}} class="form-control cidrend" type="text" name="endaddr[{{subnetid}}]" value="{{endaddr}}" pattern="\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"></td>
 					<td class="danger">
 						<div class="checkbox text-center" style="margin-left: 9px">
-							<input {{^deleteSubnetAllowed}}disabled{{/deleteSubnetAllowed}} type="checkbox" name="deletesubnet[{{subnetid}}]" value="on">
+							<input {{perms.location.edit.subnets.disabled}} type="checkbox" name="deletesubnet[{{subnetid}}]" value="on">
 							<label class="text-left"></label>
 						</div>
 					</td>
@@ -52,7 +52,7 @@
 			{{/list}}
 			<tr id="loc-sub-{{locationid}}">
 				<td colspan="4">
-					<button {{^addSubnetAllowed}}disabled{{/addSubnetAllowed}} class="btn btn-success btn-sm pull-right" type="button" onclick="slxAddSubnetRow(this, {{locationid}})" title="{{lang_addNewSubnet}}">
+					<button {{perms.location.edit.subnets.disabled}} class="btn btn-success btn-sm pull-right" type="button" onclick="slxAddSubnetRow(this, {{locationid}})" title="{{lang_addNewSubnet}}">
 						<span class="glyphicon glyphicon-plus"></span> {{lang_subnet}}
 					</button>
 				</td>
@@ -74,19 +74,16 @@
 				{{/haveStatistics}}
 			</div>
 			<div class="col-md-4 text-center">
-				<div class="btn-group">
-					{{#roomplanner}}
-					<a class="btn btn-default" href="?do=roomplanner&amp;locationid={{locationid}}" target="_blank"
-						onclick="window.open(this.href, '_blank', 'toolbar=0,scrollbars,resizable');return false">
-						<span class="glyphicon glyphicon-move"></span> {{lang_editRoomplan}}
-					</a>
-					{{/roomplanner}}
-				</div>
-
+				{{#roomplanner}}
+				<a class="btn btn-default {{perms.roomplanner.edit.disabled}}" href="?do=roomplanner&amp;locationid={{locationid}}" target="_blank"
+					onclick="window.open(this.href, '_blank', 'toolbar=0,scrollbars,resizable');return false">
+					<span class="glyphicon glyphicon-move"></span> {{lang_editRoomplan}}
+				</a>
+				{{/roomplanner}}
 			</div>
 			<div class="col-md-4 text-right">
-				<button style="margin-right: 10px" {{^deleteAllowed}}disabled{{/deleteAllowed}} type="button" class="btn btn-danger"  data-toggle="modal" data-target="#deleteLocationModal{{locationid}}"><span class="glyphicon glyphicon-trash"></span> {{lang_deleteLocation}}</button>
-				<button onclick="deleteSubnetWarning('{{locationid}}')" {{^saveButton}}disabled{{/saveButton}} type="button" class="btn btn-primary"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
+				<button {{perms.location.delete.disabled}} type="button" class="btn btn-danger"  data-toggle="modal" data-target="#deleteLocationModal{{locationid}}"><span class="glyphicon glyphicon-trash"></span> {{lang_deleteLocation}}</button>
+				<button onclick="deleteSubnetWarning('{{locationid}}')" {{perms.save_button.disabled}} type="button" class="btn btn-primary"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
 			</div>
 		</div>
 
diff --git a/modules-available/locations/templates/locations.html b/modules-available/locations/templates/locations.html
index be3d5115..cd04b1c8 100644
--- a/modules-available/locations/templates/locations.html
+++ b/modules-available/locations/templates/locations.html
@@ -1,7 +1,13 @@
 <div>
 	<div class="btn-group pull-right">
-		<a href="?do=Locations&amp;action=showlocations" class="btn btn-default active"><span class="glyphicon glyphicon-home"></span> {{lang_thisListByLocation}}</a>
-		<a href="?do=Locations&amp;action=showsubnets" class="btn btn-default"><span class="glyphicon glyphicon-list-alt"></span> {{lang_thisListBySubnet}}</a>
+		<a href="?do=Locations&amp;action=showlocations" class="btn btn-default active">
+			<span class="glyphicon glyphicon-home"></span>
+			{{lang_thisListByLocation}}
+		</a>
+		<a href="?do=Locations&amp;action=showsubnets" class="btn btn-default {{perms.subnets.edit.disabled}}">
+			<span class="glyphicon glyphicon-list-alt"></span>
+			{{lang_thisListBySubnet}}
+		</a>
 	</div>
 	<h1>{{lang_locationsMainHeading}}</h1>
 
@@ -36,10 +42,17 @@
 			<tr>
 				<td>
 					<div style="display:inline-block;width:{{depth}}em"></div>
-					<a href="#" class="{{linkClass}}" onclick="slxOpenLocation(this, {{locationid}}); return false">{{locationname}}{{^linkClass}} <b class="caret"></b>{{/linkClass}}</a>
+					{{#show-only}}
+						<span>{{locationname}}</span>
+					{{/show-only}}
+					{{^show-only}}
+						<a href="#" onclick="slxOpenLocation(this, {{locationid}}); return false">
+							{{locationname}}
+							<b class="caret"></b>
+						</a>
+					{{/show-only}}
 				</td>
 				<td class="text-nowrap" align="right">
-					{{^linkClass}}
 					{{#havestatistics}}
 						<a href="?do=Statistics&amp;show=list&amp;filters=location={{locationid}}">&nbsp;{{clientCount}}&nbsp;</a>
 					<span style="display:inline-block;width:5ex">
@@ -48,17 +61,13 @@
 					{{/hasChild}}
 					</span>
 					{{/havestatistics}}
-					{{/linkClass}}
 				</td>
 				<td class="text-nowrap" align="right">
-					{{^linkClass}}
 					{{#havestatistics}}
 					{{clientLoad}}
 					{{/havestatistics}}
-					{{/linkClass}}
 				</td>
 				<td class="text-nowrap">
-					{{^linkClass}}
 					{{#havebaseconfig}}
 					<div class="pull-right" style="z-index:-1">
 						<a class="btn btn-default btn-xs" href="?do=baseconfig&amp;module=locations&amp;locationid={{locationid}}"><span class="glyphicon glyphicon-edit"></span></a>
@@ -67,10 +76,8 @@
 					{{lang_overrideCount}}: {{overriddenVars}}&emsp;&emsp;
 					{{/overriddenVars}}
 					{{/havebaseconfig}}
-					{{/linkClass}}
 				</td>
 				<td class="text-nowrap">
-					{{^linkClass}}
 					{{#havesysconfig}}
 					<div class="pull-right">
 						<a class="btn btn-default btn-xs" href="?do=sysconfig&amp;locationid={{locationid}}"><span class="glyphicon glyphicon-edit"></span></a>
@@ -79,7 +86,6 @@
 					{{configName}}&emsp;&emsp;
 					</span>
 					{{/havesysconfig}}
-					{{/linkClass}}
 				</td>
 			</tr>
 		{{/list}}
@@ -106,7 +112,7 @@
 			<tr id="lasttr">
 				<td width="60%">&emsp;</td>
 				<td class="text-right" colspan="2">
-					<button {{^addAllowed}}disabled{{/addAllowed}} class="btn btn-success" type="button" onclick="slxAddLocationRow()">
+					<button {{perms.location.add.disabled}} class="btn btn-success" type="button" onclick="slxAddLocationRow()">
 						<span class="glyphicon glyphicon-plus"></span> {{lang_location}}
 					</button>
 					<button id="saveLocationRows" type="submit" class="btn btn-primary collapse">
-- 
cgit v1.2.3-55-g7522


From 973d58b8724ea907448f6a2667f1b7a8b9a91c5d Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 15 Feb 2018 13:27:18 +0100
Subject: [locations] Update translations

---
 modules-available/locations/lang/de/messages.json    |  1 +
 modules-available/locations/lang/de/permissions.json | 14 +++++++-------
 modules-available/locations/lang/en/messages.json    |  1 +
 modules-available/locations/lang/en/permissions.json | 14 +++++++-------
 4 files changed, 16 insertions(+), 14 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/lang/de/messages.json b/modules-available/locations/lang/de/messages.json
index 95002ee7..6b682c7e 100644
--- a/modules-available/locations/lang/de/messages.json
+++ b/modules-available/locations/lang/de/messages.json
@@ -3,6 +3,7 @@
     "invalid-location-id": "Ung\u00fcltige Orts-id: {{0}}",
     "location-deleted": "Location wurde gel\u00f6scht (Locations: {{0}}, Subnets: {{1}})",
     "location-updated": "Location {{0}} wurde aktualisiert",
+    "no-permission-location": "Keine Rechte f\u00fcr Ort {{0}}",
     "parameter-missing": "Fehlender Parameter: {{0}}",
     "subnets-created": "Subnetze angelegt: {{0}}",
     "subnets-deleted": "Subnetze gel\u00f6scht: {{0}}",
diff --git a/modules-available/locations/lang/de/permissions.json b/modules-available/locations/lang/de/permissions.json
index 46dea864..8a9336b3 100644
--- a/modules-available/locations/lang/de/permissions.json
+++ b/modules-available/locations/lang/de/permissions.json
@@ -1,9 +1,9 @@
 {
-	"location.view": "Räume anschauen.",
-	"location.edit": "Räume bearbeiten.",
-	"location.add": "Räume hinzufügen.",
-	"location.delete": "Räume löschen.",
-	"subnet.edit": "Subnetze bearbeiten.",
-	"subnet.add": "Subnetze hinzufügen.",
-	"subnet.delete": "Subnetze löschen."
+    "location.add": "R\u00e4ume\/Orte hinzuf\u00fcgen.",
+    "location.delete": "R\u00e4ume\/Orte l\u00f6schen.",
+    "location.edit.name": "Orte umbenennen.",
+    "location.edit.parent": "Den \u00fcbergeordneten Ort eines Ortes \u00e4ndern.",
+    "location.edit.subnets": "Die IP-Ranges eines Ortes \u00e4ndern.",
+    "location.view": "R\u00e4ume anschauen.",
+    "subnets.edit": "Subnetze mittels der Subnetz\u00fcbersicht \u00e4ndern."
 }
\ No newline at end of file
diff --git a/modules-available/locations/lang/en/messages.json b/modules-available/locations/lang/en/messages.json
index fca00c7c..95788c47 100644
--- a/modules-available/locations/lang/en/messages.json
+++ b/modules-available/locations/lang/en/messages.json
@@ -3,6 +3,7 @@
     "invalid-location-id": "Invalid location id: {{0}}",
     "location-deleted": "Location has been deleted (locations: {{0}}, subnets: {{1}})",
     "location-updated": "Location {{0}} has been updated",
+    "no-permission-location": "No permissions for location {{0}}",
     "parameter-missing": "Missing parameter: {{0}}",
     "subnets-created": "{{0}} subnet(s) created",
     "subnets-deleted": "{{0}} subnet(s) deleted",
diff --git a/modules-available/locations/lang/en/permissions.json b/modules-available/locations/lang/en/permissions.json
index db0ac5f6..1d01a9d1 100644
--- a/modules-available/locations/lang/en/permissions.json
+++ b/modules-available/locations/lang/en/permissions.json
@@ -1,9 +1,9 @@
 {
-	"location.view": "View locations.",
-	"location.edit": "Edit locations.",
-	"location.add": "Add locations.",
-	"location.delete": "Delete locations.",
-	"subnet.edit": "Edit subnets.",
-	"subnet.add": "Add subnets.",
-	"subnet.delete": "Delete subnets."
+    "location.add": "Add locations.",
+    "location.delete": "Delete locations.",
+    "location.edit.name": "Rename locations.",
+    "location.edit.parent": "Change the parent location of a location.",
+    "location.edit.subnets": "Edit the IP ranges of a location.",
+    "location.view": "View locations.",
+    "subnets.edit": "Edit subnets via the subnet overview."
 }
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522


From 302f7b1b0f3e46049324f4e3890eb37a193c917b Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 22 Feb 2018 10:56:56 +0100
Subject: [locations] Fix location list: Filter invalid location ids

---
 modules-available/locations/page.inc.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index ed541876..c4328b1b 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -341,6 +341,8 @@ class Page_Locations extends Page
 		// we have permission to, so the tree doesn't look all weird
 		$visibleLocationIds = $allowedLocationIds = User::getAllowedLocations("location.view");
 		foreach ($allowedLocationIds as $lid) {
+			if (!isset($locationList[$lid]))
+				continue;
 			$visibleLocationIds = array_merge($visibleLocationIds, $locationList[$lid]['parents']);
 		}
 		$visibleLocationIds = array_unique($visibleLocationIds);
-- 
cgit v1.2.3-55-g7522


From e04a2b0614666b4937c72a5c69ebf7a6c05cf24a Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Sat, 24 Feb 2018 13:48:24 +0100
Subject: [baseconfig] Add permissions

---
 modules-available/baseconfig/page.inc.php          | 42 ++++++++++++++--------
 .../baseconfig/permissions/permissions.json        |  8 +++++
 modules-available/baseconfig/templates/_page.html  | 11 +++---
 modules-available/locations/page.inc.php           | 10 ++++++
 4 files changed, 53 insertions(+), 18 deletions(-)
 create mode 100644 modules-available/baseconfig/permissions/permissions.json

(limited to 'modules-available/locations')

diff --git a/modules-available/baseconfig/page.inc.php b/modules-available/baseconfig/page.inc.php
index 426d3fdd..97fb6072 100644
--- a/modules-available/baseconfig/page.inc.php
+++ b/modules-available/baseconfig/page.inc.php
@@ -13,19 +13,25 @@ class Page_BaseConfig extends Page
 	protected function doPreprocess()
 	{
 		User::load();
+		if (!User::isLoggedIn()) {
+			Message::addError('main.no-permission');
+			Util::redirect('?do=Main');
+		}
 
 		// Determine if we're setting global or module specific
 		$this->getModuleSpecific();
 
 		$newValues = Request::post('setting');
 		if (is_array($newValues)) {
-			if (!User::hasPermission('superadmin')) {
-				Message::addError('main.no-permission');
-				Util::redirect('?do=baseconfig');
+			if ($this->targetModule === 'locations') {
+				User::assertPermission('edit', $this->qry_extra['field_value']);
+			} else {
+				User::assertPermission('edit', 0);
 			}
 			// Build variables for specific sub-settings
 			if ($this->targetModule === false) {
-				// We're editing global settings - use the 'enabled' field
+				// We're editing global settings
+				// use the 'enabled' field
 				$qry_insert = ', enabled';
 				$qry_values = ', :enabled';
 				$qry_update = ', enabled = :enabled';
@@ -115,10 +121,6 @@ class Page_BaseConfig extends Page
 
 	protected function doRender()
 	{
-		if (!User::hasPermission('superadmin')) {
-			Message::addError('main.no-permission');
-			Util::redirect('?do=Main');
-		}
 		// Check if valid submodule mode, store name if any
 		if ($this->targetModule !== false) {
 			$this->qry_extra['subheading'] = $this->getCurrentModuleName();
@@ -127,6 +129,13 @@ class Page_BaseConfig extends Page
 				Util::redirect('?do=BaseConfig');
 			}
 		}
+		if ($this->targetModule === 'locations') {
+			User::assertPermission('view', $this->qry_extra['field_value']);
+			$editForbidden = !User::hasPermission('edit', $this->qry_extra['field_value']);
+		} else {
+			User::assertPermission('view', 0);
+			$editForbidden = !User::hasPermission('edit', 0);
+		}
 		// Get stuff that's set in DB already
 		if ($this->targetModule === false) {
 			$fields = ', enabled';
@@ -183,15 +192,13 @@ class Page_BaseConfig extends Page
 			if (!isset($settings[$var['catid']]['settings'][$key]['shadows'])) {
 				$settings[$var['catid']]['settings'][$key]['shadows'] = isset($var['shadows']) ? $var['shadows'] : null;
 			}
-			//echo "<pre>";
-			//var_dump($settings[$var['catid']]['settings'][$key]);
-			//echo "</pre>";
 			$settings[$var['catid']]['settings'][$key] += array(
 				'item' => $this->makeInput(
 					$var['validator'],
 					$key,
 					$settings[$var['catid']]['settings'][$key]['displayvalue'],
-					$settings[$var['catid']]['settings'][$key]['shadows']
+					$settings[$var['catid']]['settings'][$key]['shadows'],
+					$editForbidden
 				),
 				'description' => Util::markup(Dictionary::translateFileModule($var['module'], 'config-variables', $key)),
 				'setting' => $key,
@@ -218,6 +225,7 @@ class Page_BaseConfig extends Page
 			'override' => $this->targetModule !== false,
 			'categories'  => array_values($settings),
 			'target_module' => $this->targetModule,
+			'edit_disabled' => $editForbidden ? 'disabled' : '',
 		) + $this->qry_extra);
 		Module::isAvailable('bootstrap_switch');
 	}
@@ -296,13 +304,16 @@ class Page_BaseConfig extends Page
 	 * @param string $validator
 	 * @return boolean
 	 */
-	private function makeInput($validator, $setting, $current, $shadows)
+	private function makeInput($validator, $setting, $current, $shadows, $disabled)
 	{
 		/* for the html snippet we need: */
 		$args = array('class' => 'form-control', 'name' => "setting[$setting]", 'id' => $setting);
 		if (!empty($shadows)) {
 			$args['data-shadows'] = json_encode($shadows);
 		}
+		if ($disabled) {
+			$args['disabled'] = true;
+		}
 		$inner = "";
 		/* -- */
 
@@ -360,10 +371,13 @@ class Page_BaseConfig extends Page
 
 		$output = "<$tag ";
 		foreach ($args as $key => $val) {
+			if ($val === true) {
+				$output .= $key . ' ';
+			}
 			$output .= "$key=\"" . htmlspecialchars($val) . '" ';
 		}
 		if (empty($inner)) {
-			$output .= '/>';
+			$output .= '>';
 		} else {
 			$output .= '>' . $inner . "</$tag>";
 		}
diff --git a/modules-available/baseconfig/permissions/permissions.json b/modules-available/baseconfig/permissions/permissions.json
new file mode 100644
index 00000000..9edefdfb
--- /dev/null
+++ b/modules-available/baseconfig/permissions/permissions.json
@@ -0,0 +1,8 @@
+{
+	"view": {
+		"location-aware": true
+	},
+	"edit": {
+		"location-aware": true
+	}
+}
\ No newline at end of file
diff --git a/modules-available/baseconfig/templates/_page.html b/modules-available/baseconfig/templates/_page.html
index 89caf9f2..110ee5ec 100644
--- a/modules-available/baseconfig/templates/_page.html
+++ b/modules-available/baseconfig/templates/_page.html
@@ -29,7 +29,7 @@
 								{{#defaultvalue}}{{lang_defaultValue}}:{{/defaultvalue}}
 								{{defaultvalue}}
 							</div>
-							<input class="bs-switch" name="override[{{setting}}]" id="CB_{{setting}}" type="checkbox" {{checked}}>
+							<input class="bs-switch" name="override[{{setting}}]" id="CB_{{setting}}" type="checkbox" {{checked}} {{edit_disabled}}>
 							<label for="CB_{{setting}}">
 								{{#override}}{{lang_enableOverride}}{{/override}}
 								{{^override}}{{lang_settingActive}}{{/override}}
@@ -73,7 +73,7 @@
 		{{#override}}
 		<a class="btn btn-default" href="api.php?do=baseconfig&amp;user={{userid}}&amp;module={{target_module}}&amp;value={{field_value}}&amp;force=1">Download</a>
 		{{/override}}
-		<button class="btn btn-primary" type="submit"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
+		<button class="btn btn-primary" type="submit" {{edit_disabled}}><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
 	</div>
 	<br/>
 
@@ -86,6 +86,8 @@ function updateShadows(e) {
 	if (!rules) return;
 	var currentValue = $(e).val();
 	for (var triggerVal in rules) {
+		if (!rules.hasOwnProperty(triggerVal))
+			continue;
 		var targets = rules[triggerVal];
 		for (var i = 0; i < targets.length; ++i) {
 			var target = targets[i];
@@ -95,11 +97,11 @@ function updateShadows(e) {
 			if (currentValue === triggerVal) {
 				inp.prop('disabled', true);
 				if (selitem) selitem.disable();
-				$('#' + target + '.multilist').multiselect('disable');
+				inp.filter('.multiselect').multiselect('disable');
 			} else {
 				inp.prop('disabled', false);
 				if (selitem) selitem.enable();
-				$('#' + target + '.multilist').multiselect('enable');
+				inp.filter('.multiselect').multiselect('enable');
 			}
 		}
 	}
@@ -125,6 +127,7 @@ document.addEventListener("DOMContentLoaded", function () {
 		buttonWidth: '100%',
 		buttonClass: 'form-control'
 	});
+	$('select.multiselect').filter(':disabled').multiselect('disable');
 
 	/* data-shadowing bindings */
 	var $allShadowingFields = $('[data-shadows]');
diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index c4328b1b..08f9b518 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -347,6 +347,16 @@ class Page_Locations extends Page
 		}
 		$visibleLocationIds = array_unique($visibleLocationIds);
 		foreach (array_keys($locationList) as $lid) {
+			if (User::hasPermission('.baseconfig.view', $lid)) {
+				$visibleLocationIds[] = $lid;
+			} else {
+				$locationList[$lid]['havebaseconfig'] = false;
+			}
+			if (User::hasPermission('.sysconfig.config.view-list', $lid)) {
+				$visibleLocationIds[] = $lid;
+			} else {
+				$locationList[$lid]['havesysconfig'] = false;
+			}
 			if (!in_array($lid, $visibleLocationIds)) {
 				unset($locationList[$lid]);
 			} elseif (!in_array($lid, $allowedLocationIds)) {
-- 
cgit v1.2.3-55-g7522


From 873d6af8bc843c6eea6049ace2f5218a371f01d4 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 27 Feb 2018 17:02:40 +0100
Subject: [roomplanner] Add permissions

---
 modules-available/locations/page.inc.php           |   4 +-
 .../locations/templates/location-subnets.html      |   6 +-
 .../roomplanner/hooks/runmode/config.json          |   3 +-
 modules-available/roomplanner/js/grid.js           |  85 ++---
 modules-available/roomplanner/page.inc.php         |  45 ++-
 .../roomplanner/permissions/permissions.json       |  11 +-
 modules-available/roomplanner/style.css            |   3 +
 .../roomplanner/templates/footer.html              |  59 ++++
 .../roomplanner/templates/header.html              |  49 +++
 .../roomplanner/templates/item-selector.html       | 314 ++++++++++++++++++
 .../roomplanner/templates/main-roomplan.html       |  18 +
 modules-available/roomplanner/templates/page.html  | 369 ---------------------
 12 files changed, 534 insertions(+), 432 deletions(-)
 create mode 100644 modules-available/roomplanner/templates/footer.html
 create mode 100644 modules-available/roomplanner/templates/header.html
 create mode 100644 modules-available/roomplanner/templates/item-selector.html
 create mode 100644 modules-available/roomplanner/templates/main-roomplan.html
 delete mode 100644 modules-available/roomplanner/templates/page.html

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 08f9b518..0a6fdb10 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -495,9 +495,7 @@ class Page_Locations extends Page
 	{
 		$locationId = Request::any('locationid', 0, 'integer');
 
-		if (!User::hasPermission("location.view", $locationId)) {
-			die('Permission denied');
-		}
+		User::assertPermission("location.view", $locationId);
 
 		$loc = Database::queryFirst('SELECT locationid, parentlocationid, locationname FROM location WHERE locationid = :lid',
 			array('lid' => $locationId));
diff --git a/modules-available/locations/templates/location-subnets.html b/modules-available/locations/templates/location-subnets.html
index 9db75f0b..db94be0a 100644
--- a/modules-available/locations/templates/location-subnets.html
+++ b/modules-available/locations/templates/location-subnets.html
@@ -75,9 +75,11 @@
 			</div>
 			<div class="col-md-4 text-center">
 				{{#roomplanner}}
-				<a class="btn btn-default {{perms.roomplanner.edit.disabled}}" href="?do=roomplanner&amp;locationid={{locationid}}" target="_blank"
+				<a class="btn btn-default" href="?do=roomplanner&amp;locationid={{locationid}}" target="_blank"
 					onclick="window.open(this.href, '_blank', 'toolbar=0,scrollbars,resizable');return false">
-					<span class="glyphicon glyphicon-move"></span> {{lang_editRoomplan}}
+					<span class="glyphicon glyphicon-move"></span>
+					{{^perms.roomplanner.edit.disabled}}{{lang_editRoomplan}}{{/perms.roomplanner.edit.disabled}}
+					{{#perms.roomplanner.edit.disabled}}{{lang_showRoomplan}}{{/perms.roomplanner.edit.disabled}}
 				</a>
 				{{/roomplanner}}
 			</div>
diff --git a/modules-available/roomplanner/hooks/runmode/config.json b/modules-available/roomplanner/hooks/runmode/config.json
index 27c601fd..3cbf4a6c 100644
--- a/modules-available/roomplanner/hooks/runmode/config.json
+++ b/modules-available/roomplanner/hooks/runmode/config.json
@@ -3,5 +3,6 @@
 	"isClient": false,
 	"configHook": "PvsGenerator::runmodeConfigHook",
 	"allowGenericEditor": false,
-	"deleteUrlSnippet": "locationid="
+	"deleteUrlSnippet": "locationid=",
+	"permission": ".roomplanner.edit"
 }
\ No newline at end of file
diff --git a/modules-available/roomplanner/js/grid.js b/modules-available/roomplanner/js/grid.js
index 466e42aa..ced76678 100644
--- a/modules-available/roomplanner/js/grid.js
+++ b/modules-available/roomplanner/js/grid.js
@@ -1,5 +1,9 @@
+var $gridInner = $('#draw-element-area');
+var $gridFrame = $('#drawpanel');
+var $grid = $('#drawarea');
+
 if (!roomplanner) var roomplanner = {
-		
+
 		getScaleFactor: function() {
 			return this.settings.scale/100;
 		},
@@ -280,7 +284,7 @@ if (!roomplanner) var roomplanner = {
 					"computers": []
 			};
 			
-			var furniture = $('#draw-element-area div[itemtype="furniture"]');
+			var furniture = $gridInner.find('div[itemtype="furniture"]');
 			furniture.each(function(idx,el) {
 				objects.furniture.push({
 					"gridRow" : $(el).attr('gridRow'),
@@ -291,7 +295,7 @@ if (!roomplanner) var roomplanner = {
 				});
 			});
 			
-			var computers = $('#draw-element-area div[itemtype="pc"]');
+			var computers = $gridInner.find('div[itemtype="pc"]');
 			computers.each(function(idx,el) {
 				
 				var object = {					
@@ -326,7 +330,7 @@ if (!roomplanner) var roomplanner = {
 				var objects = object;
 			}
 			
-			$('#draw-element-area').html('');
+			$gridInner.html('');
 			
 			function itemToHtml(item, itemtype, obstacle) {
 				var html = '<div itemtype="'+itemtype+'" style="position:absolute;"  ';
@@ -335,15 +339,18 @@ if (!roomplanner) var roomplanner = {
 					html += prop+'="'+item[prop]+'" ';
 				}
 				html += 'class="draggable ui-draggable';
-				html+= '"></div>';
-				return html; 
+				if (PLANNER_READ_ONLY) {
+					html += ' disabled';
+				}
+				html += '"></div>';
+				return html;
 			}
 			
 			if (objects.furniture) {
 				var furniture = objects.furniture;
 				for (var piece in furniture) {
 					var item = itemToHtml(furniture[piece], "furniture", true);
-					$('#draw-element-area').append(item);
+					$gridInner.append(item);
 					
 				}
 			}
@@ -353,51 +360,53 @@ if (!roomplanner) var roomplanner = {
 				var computers = objects.computers;
 				for (var piece in computers) {
 					var item = itemToHtml(computers[piece], "pc", false);
-					$('#draw-element-area').append(item);
+					$gridInner.append(item);
 				}
 			}
 			
-			$('#draw-element-area .draggable').each(function(idx,el) {
+			$gridInner.find('.draggable').each(function(idx,el) {
 				roomplanner.initDraggable(el);
 				roomplanner.initResizable(el);
-				roomplanner.initTooltip(el);
-				roomplanner.initRotation(el);
-				roomplanner.initDelete(el);
-				roomplanner.initTutor(el);
+				if (!PLANNER_READ_ONLY) {
+					roomplanner.initTooltip(el);
+					roomplanner.initRotation(el);
+					roomplanner.initDelete(el);
+					roomplanner.initTutor(el);
+				}
 			});
 			
 			roomplanner.grid.scale(roomplanner.settings.scale);
 			roomplanner.fitContent();
 		},
 		clear: function() {
-			$('#draw-element-area').html('');
+			$gridInner.html('');
 		}
 };
 
 roomplanner.grid = (function() {
 		var grid = {
 			resize: function() {
-				var w = Math.max($('#drawpanel .panel-body').width(),roomplanner.settings.room.width*roomplanner.settings.scale)
-				var h = Math.max($('#drawpanel .panel-body').height(),roomplanner.settings.room.height*roomplanner.settings.scale)
-				$('#drawarea').width(w);
-				$('#drawarea').height(h);
+				var w = Math.max($gridFrame.find('.panel-body').width(),roomplanner.settings.room.width*roomplanner.settings.scale)
+				var h = Math.max($gridFrame.find('.panel-body').height(),roomplanner.settings.room.height*roomplanner.settings.scale)
+				$grid.width(w);
+				$grid.height(h);
 			},
 			scale: function(num) {
 				
-				var area_left = parseInt($('#drawarea').css('left')) - $('#drawpanel .panel-body').width()/2 ;
-				var area_top = parseInt($('#drawarea').css('top')) - $('#drawpanel .panel-body').height()/2;
+				var area_left = parseInt($grid.css('left')) - $gridFrame.find('.panel-body').width()/2 ;
+				var area_top = parseInt($grid.css('top')) - $gridFrame.find('.panel-body').height()/2;
 				
 				var opts = {
-						left: ((parseInt(area_left) * num / roomplanner.settings.scale ) + $('#drawpanel .panel-body').width()/2)+ "px" ,
-						top: ((parseInt(area_top)  * num / roomplanner.settings.scale ) + $('#drawpanel .panel-body').height()/2)+ "px" 
+						left: ((parseInt(area_left) * num / roomplanner.settings.scale ) + $gridFrame.find('.panel-body').width()/2)+ "px" ,
+						top: ((parseInt(area_top)  * num / roomplanner.settings.scale ) + $gridFrame.find('.panel-body').height()/2)+ "px"
 					};
 				
-				$('#drawarea').css(opts);
+				$grid.css(opts);
 				
 				
-				$('#drawarea').css('background-size',num);
+				$grid.css('background-size',num);
 				roomplanner.settings.scale = num;
-				$('#draw-element-area .ui-draggable').each(function(idx,item) {
+				$gridInner.find('.ui-draggable').each(function(idx,item) {
 					var $item = $(item);
 					var h = $item.attr('data-height') * roomplanner.getScaleFactor();
 					var w = $item.attr('data-width') * roomplanner.getScaleFactor();
@@ -431,7 +440,7 @@ roomplanner.fitContent = function() {
 	var minY = 99999;
 	var maxX = -99999;
 	var maxY = -99999;
-	$('#draw-element-area .ui-draggable').each(function(idx,item) {
+	$gridInner.find('.ui-draggable').each(function(idx,item) {
 		var $item = $(item);
 
 		var l = parseInt($item.attr('gridcol')) * roomplanner.settings.cellsize;
@@ -446,8 +455,8 @@ roomplanner.fitContent = function() {
 	});
 	if (minX > maxX)
 		return;
-	var width = (maxX - minX) / $('#drawpanel .panel-body').width();
-	var height = (maxY - minY) / $('#drawpanel .panel-body').height();
+	var width = (maxX - minX) / $gridFrame.find('.panel-body').width();
+	var height = (maxY - minY) / $gridFrame.find('.panel-body').height();
 	var scale;
 	if (width > height) {
 		scale = Math.floor(100 / width);
@@ -461,7 +470,7 @@ roomplanner.fitContent = function() {
 		top: -(minY * (scale / 100)) + "px"
 	};
 
-	$('#drawarea').css(opts);
+	$grid.css(opts);
 };
 
 $(document).ready(function(){
@@ -480,12 +489,12 @@ $(document).ready(function(){
 		change: update,
 		slide: update,
 		stop: function(e, ui) {
-			$('#drawarea').trigger('checkposition');
+			$grid.trigger('checkposition');
 		}
 	
 	});
 	
-	$('#drawarea').bind('checkposition', function() {
+	$grid.bind('checkposition', function() {
 		if ($(this).offset().left > 0) {
 			$(this).css('left',0);
 		}
@@ -502,7 +511,7 @@ $(document).ready(function(){
 		}
 	});
 	
-	$('#drawarea').draggable({
+	$grid.draggable({
 		stop: function() {
 			$(this).trigger('checkposition');
 		}
@@ -512,7 +521,7 @@ $(document).ready(function(){
 	 * adds droppable functionality to the draw area for the elements.
 	 * drop event is only fired for elements added to the board from the toolbar.
 	 */
-	$('#draw-element-area').droppable({
+	$gridInner.droppable({
 		accept: ".draggable",
 		drop: function(event, ui) {
 			
@@ -528,8 +537,8 @@ $(document).ready(function(){
 				
 				
 				if (ui.helper != ui.draggable) {
-					var leftPos = parseInt($(el).css('left'))-parseInt($('#drawarea').css('left'))-$('#drawpanel').offset().left;
-					var topPos = parseInt($(el).css('top'))-parseInt($('#drawarea').css('top'))-($('#drawpanel').offset().top + $('#drawpanel .panel-heading').height());
+					var leftPos = parseInt($(el).css('left'))-parseInt($grid.css('left'))-$gridFrame.offset().left;
+					var topPos = parseInt($(el).css('top'))-parseInt($grid.css('top'))-($gridFrame.offset().top + $gridFrame.find('.panel-heading').height());
 					var cp = roomplanner.getCellPositionFromPixels(leftPos,topPos);
 					leftPos = cp[0];
 					topPos = cp[1];
@@ -575,8 +584,8 @@ $(document).ready(function(){
 			$(el).css('opacity',1);
 			
 			if (ui.helper != ui.draggable) {
-				var l = parseInt($(el).css('left'))-parseInt($('#drawarea').css('left'))-$('#drawpanel').offset().left;
-				var t = parseInt($(el).css('top'))-parseInt($('#drawarea').css('top'))-($('#drawpanel').offset().top + $('#drawpanel .panel-heading').height());
+				var l = parseInt($(el).css('left'))-parseInt($grid.css('left'))-$gridFrame.offset().left;
+				var t = parseInt($(el).css('top'))-parseInt($grid.css('top'))-($gridFrame.offset().top + $gridFrame.find('.panel-heading').height());
 				var cp = roomplanner.getCellPositionFromPixels(l,t);
 				$(el).css('left',cp[0]);
 				$(el).css('top',cp[1]);
@@ -596,7 +605,7 @@ $(document).ready(function(){
 				if ($(el).attr('itemtype') == "pc") {
 					
 					var uuids = [];
-					var computers = $('#draw-element-area div[itemtype="pc"]');
+					var computers = $gridInner.find('div[itemtype="pc"]');
 					computers.each(function(idx,el) {
 						if ($(el).attr('muuid')) {
 							uuids.push($(el).attr('muuid'));
diff --git a/modules-available/roomplanner/page.inc.php b/modules-available/roomplanner/page.inc.php
index 764d5cdb..2712560a 100644
--- a/modules-available/roomplanner/page.inc.php
+++ b/modules-available/roomplanner/page.inc.php
@@ -30,7 +30,7 @@ class Page_Roomplanner extends Page
 	{
 		User::load();
 
-		if (!User::hasPermission('superadmin')) {
+		if (!User::isLoggedIn()) {
 			Message::addError('main.no-permission');
 			Util::redirect('?do=Main');
 		}
@@ -79,13 +79,22 @@ class Page_Roomplanner extends Page
 			$subnetMachines = $this->getPotentialMachines();
 			$machinesOnPlan = $this->getMachinesOnPlan($config['tutoruuid']);
 			$roomConfig = array_merge($furniture, $machinesOnPlan);
-			Render::addTemplate('page', [
+			$canEdit = User::hasPermission('edit', $this->locationid);
+			$params = [
 				'location' => $this->location,
 				'managerip' => $managerIp,
 				'dediMgrChecked' => $dediMgr,
 				'subnetMachines' => json_encode($subnetMachines),
 				'locationid' => $this->locationid,
-				'roomConfiguration' => json_encode($roomConfig)]);
+				'roomConfiguration' => json_encode($roomConfig),
+				'edit_disabled' => $canEdit ? '' : 'disabled'
+			];
+			Render::addTemplate('header', $params);
+			if ($canEdit) {
+				Render::addTemplate('item-selector', $params);
+			}
+			Render::addTemplate('main-roomplan', $params);
+			Render::addTemplate('footer', $params);
 		} else {
 			Message::addError('main.invalid-action', $this->action);
 		}
@@ -97,16 +106,30 @@ class Page_Roomplanner extends Page
 		$this->action = Request::any('action', false, 'string');
 
 		if ($this->action === 'getmachines') {
+
+			$locations = User::getAllowedLocations('edit');
+			if (empty($locations)) {
+				die('{"machines":[]}');
+			}
+
 			$query = Request::get('query', false, 'string');
 			$aquery = preg_replace('/[^\x01-\x7f]+/', '%', $query);
+			if (strlen(str_replace('%', '', $aquery)) < 2) {
+				$aquery = $query;
+			}
+
+			$condition = 'locationid IN (:locations)';
+			if (in_array(0, $locations)) {
+				$condition .= ' OR locationid IS NULL';
+			}
 
-			$result = Database::simpleQuery('SELECT machineuuid, macaddr, clientip, hostname, fixedlocationid '
-				. 'FROM machine '
-				. 'WHERE machineuuid LIKE :aquery '
-				. ' OR macaddr  	 LIKE :aquery '
-				. ' OR clientip    LIKE :aquery '
-				. ' OR hostname	 LIKE :query '
-				. ' LIMIT 100', ['query' => "%$query%", 'aquery' => "%$aquery%"]);
+			$result = Database::simpleQuery("SELECT machineuuid, macaddr, clientip, hostname, fixedlocationid
+				FROM machine
+				WHERE ($condition) AND machineuuid LIKE :aquery
+				 OR macaddr  	 LIKE :aquery
+				 OR clientip    LIKE :aquery
+				 OR hostname	 LIKE :query
+				 LIMIT 100", ['query' => "%$query%", 'aquery' => "%$aquery%", 'locations' => $locations]);
 
 			$returnObject = ['machines' => []];
 
@@ -134,7 +157,7 @@ class Page_Roomplanner extends Page
 
 	private function handleSaveRequest($isAjax)
 	{
-		/* save */
+		User::assertPermission('edit', $this->locationid);
 		$machinesOnPlan = $this->getMachinesOnPlan('invalid');
 		$config = Request::post('serializedRoom', null, 'string');
 		$config = json_decode($config, true);
diff --git a/modules-available/roomplanner/permissions/permissions.json b/modules-available/roomplanner/permissions/permissions.json
index f7bc3479..6a520a89 100644
--- a/modules-available/roomplanner/permissions/permissions.json
+++ b/modules-available/roomplanner/permissions/permissions.json
@@ -1,10 +1,5 @@
 {
-	"compilerOptions": {
-		"module": "commonjs",
-		"target": "es5",
-		"sourceMap": true
-	},
-	"exclude": [
-		"node_modules"
-	]
+	"edit": {
+		"location-aware": true
+	}
 }
\ No newline at end of file
diff --git a/modules-available/roomplanner/style.css b/modules-available/roomplanner/style.css
index 6a68a444..9359f82b 100644
--- a/modules-available/roomplanner/style.css
+++ b/modules-available/roomplanner/style.css
@@ -715,6 +715,9 @@ div.draggable:hover .deleteHandle {
 	display:inline;
 	cursor: pointer;}
 
+.draggable.disabled {
+	pointer-events: none;
+}
 
 [itemtype="furniture"], [itemtype="furniture_drag"] {
 	z-index: 99;
diff --git a/modules-available/roomplanner/templates/footer.html b/modules-available/roomplanner/templates/footer.html
new file mode 100644
index 00000000..6e4e0783
--- /dev/null
+++ b/modules-available/roomplanner/templates/footer.html
@@ -0,0 +1,59 @@
+<div class="pull-left">
+	<div class="input-group" style="width:1px">
+		<div class="input-group-addon">{{lang_managerIp}}</div>
+		<input class="form-control" type="text" id="manager-ip" value="{{managerip}}" placeholder="1.2.3.4"
+				 style="width:120px" {{edit_disabled}}>
+		<div class="input-group-addon checkbox">
+			<input id="dedi-mgr" type="checkbox" {{dediMgrChecked}} {{edit_disabled}}>
+			<label for="dedi-mgr">{{lang_dedicatedManager}}</label>
+		</div>
+	</div>
+</div>
+<div class="pull-right">
+	<button class="btn btn-default" onclick="triggerCancel()">{{lang_cancel}}</button>
+	<button id="saveBtn" class="btn btn-primary" {{edit_disabled}}>{{lang_save}}</button>
+</div>
+<div class="clearfix"></div>
+
+
+<script type="application/javascript"><!--
+var locationId = '{{locationid}}';
+var subnetMachines, roomConfiguration;
+var plannerLoadState = 'invalid';
+const PLANNER_READ_ONLY = '{{edit_disabled}}'.length !== 0;
+document.addEventListener("DOMContentLoaded", function () {
+
+	subnetMachines = makeCombinedField({{{subnetMachines}}});
+	roomConfiguration = {{{roomConfiguration}}};
+
+	$.when(
+		$.getScript("modules/roomplanner/js/lib/jquery-collision.js"),
+		$.getScript("modules/roomplanner/js/lib/jquery-ui-draggable-collision.js"),
+		$.getScript("modules/roomplanner/js/grid.js"),
+		$.Deferred(function( deferred ){
+			$( deferred.resolve );
+		})
+	).done(function() {
+		$.getScript("modules/roomplanner/js/init.js", function() {
+			initRoomplanner();
+			loadRoom();
+		});
+	});
+});
+
+function loadRoom() {
+	roomplanner.load(roomConfiguration); // TODO: Filter invalid PCs, they're currently invisible and cannot be removed
+	plannerLoadState = roomplanner.serialize();
+}
+
+function triggerCancel() {
+	if (roomplanner.serialize() !== plannerLoadState) {
+		if (!confirm('{{lang_confirmDiscardChanges}}'))
+			return;
+	}
+	window.close();
+	// In case this page wasn't opened via JS, it will not close on modern browsers, so let's reset
+	loadRoom();
+}
+
+// --></script>
diff --git a/modules-available/roomplanner/templates/header.html b/modules-available/roomplanner/templates/header.html
new file mode 100644
index 00000000..5706c970
--- /dev/null
+++ b/modules-available/roomplanner/templates/header.html
@@ -0,0 +1,49 @@
+<!-- Modal -->
+<div class="modal fade" id="selectMachineModal" role="dialog">
+	<div class="modal-dialog">
+
+		<!-- Modal content-->
+		<div class="modal-content">
+			<div class="modal-header">
+				<button type="button" class="close" data-dismiss="modal">&times;</button>
+				<h4>{{lang_titleAddMachine}}</h4>
+			</div>
+			<div class="modal-body">
+				<ul class="nav nav-tabs">
+					<li class="active"><a data-toggle="tab" href="#subnet">{{lang_titleBySubnet}}</a></li>
+					<li><a data-toggle="tab" href="#search">{{lang_titleBySearch}}</a></li>
+				</ul>
+				<div class="tab-content">
+					<div id="subnet" class="tab-pane fade in active">
+						<br/>
+						<p>
+							{{lang_descriptionBySubnet}}
+						</p>
+						<label for="subnetBox">{{lang_labelBySubnet}}</label>
+						<input id="subnetBox" class="form-control"/>
+					</div>
+					<div id="search" class="tab-pane fade">
+						<br/>
+						<p> {{lang_descriptionBySearch}}</p>
+						<label for="machineSearchBox">{{lang_labelBySearch}}</label>
+						<input id="machineSearchBox" class="form-control"/>
+					</div>
+
+				</div>
+
+
+			</div>
+			<div class="modal-footer">
+				<button class="btn btn-default pull-left" data-dismiss="modal">{{lang_cancel}}</button>
+				<button class="btn btn-primary" id="selectMachineButton" {{edit_disabled}}>{{lang_select}}</button>
+			</div>
+		</div>
+	</div>
+</div>
+
+<!--  berryous raumplaner -->
+<h1>{{lang_roomplanner}} – {{location.locationname}}</h1>
+
+<div class="alert alert-danger" style="display:none" id="error-msg"></div>
+<div class="alert alert-success" style="display:none" id="success-msg">{{lang_planSuccessfullySaved}}</div>
+<div class="alert alert-info" style="display:none" id="saving-msg">{{lang_planBeingSaved}}</div>
\ No newline at end of file
diff --git a/modules-available/roomplanner/templates/item-selector.html b/modules-available/roomplanner/templates/item-selector.html
new file mode 100644
index 00000000..72607e7c
--- /dev/null
+++ b/modules-available/roomplanner/templates/item-selector.html
@@ -0,0 +1,314 @@
+<div id="toolpanel" class="panel panel-default" style="z-index:200;">
+	<div class="panel-body">
+		<ul role="tablist" class="nav nav-tabs">
+			<li role="presentation" class="active"><a href="#computers"
+																	aria-controls="computers" role="tab"
+																	data-toggle="tab">{{lang_catComputers}}</a></li>
+			<li role="presentation"><a href="#walls"
+												aria-controls="walls" role="tab" data-toggle="tab">{{lang_catWalls}}</a></li>
+			<li role="presentation"><a href="#electricaldevices"
+												aria-controls="electricaldevices" role="tab"
+												data-toggle="tab">{{lang_catElectricalDevices}}</a></li>
+			<li role="presentation"><a href="#tables"
+												aria-controls="tables" role="tab" data-toggle="tab">{{lang_catTables}}</a></li>
+			<li role="presentation"><a href="#chairs"
+												aria-controls="chairs" role="tab" data-toggle="tab">{{lang_catChairs}}</a></li>
+			<li role="presentation"><a href="#furniture"
+												aria-controls="furniture" role="tab" data-toggle="tab">{{lang_catFurniture}}</a>
+			</li>
+			<li role="presentation"><a href="#officesupply"
+												aria-controls="officesupply" role="tab"
+												data-toggle="tab">{{lang_catOfficeSupply}}</a></li>
+			<li role="presentation"><a href="#plants"
+												aria-controls="plants" role="tab" data-toggle="tab">{{lang_catPlants}}</a></li>
+			<li role="presentation"><a href="#misc"
+												aria-controls="misc" role="tab" data-toggle="tab">{{lang_catMisc}}</a></li>
+		</ul>
+		<div class="tab-content">
+			<div role="tabpanel" class="tab-pane" id="walls">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" scalable="h" itemlook="wall-horizontal" class="draggable"
+							  style="width:100px; height:25px;" data-height="25" data-width="100"
+							  title="Wand (horizontal)"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" scalable="v" itemlook="wall-vertical" class="draggable"
+							  style="width:25px; height:100px;" data-height="100" data-width="25" title="Wand (vertial)"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" scalable="h" itemlook="window-horizontal" class="draggable"
+							  style="width:50px; height:25px;" data-height="25" data-width="50" title="Fenster"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" scalable="v" itemlook="window-vertical" class="draggable"
+							  style="width:25px; height:50px;" data-height="50" data-width="25" title="Fenster"></div>
+					</li>
+
+
+					<li>
+						<div itemtype="furniture" itemlook="door-nw" class="draggable" style="width:50px; height:100px;"
+							  data-height="100" data-width="50" title="{{lang_door}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="door-ne" class="draggable" style="width:50px; height:100px;"
+							  data-height="100" data-width="50" title="{{lang_door}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="door-sw" class="draggable" style="width:50px; height:100px;"
+							  data-height="100" data-width="50" title="{{lang_door}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="door-se" class="draggable" style="width:50px; height:100px;"
+							  data-height="100" data-width="50" title="{{lang_door}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="door-wn" class="draggable" style="width:100px; height:50px;"
+							  data-height="50" data-width="100" title="{{lang_door}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="door-ws" class="draggable" style="width:100px; height:50px;"
+							  data-height="50" data-width="100" title="{{lang_door}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="door-en" class="draggable" style="width:100px; height:50px;"
+							  data-height="50" data-width="100" title="{{lang_door}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="door-es" class="draggable" style="width:100px; height:50px;"
+							  data-height="50" data-width="100" title="{{lang_door}}"></div>
+					</li>
+
+				</ul>
+			</div>
+
+
+			<div role="tabpanel" class="tab-pane active" id="computers">
+				<ul class="toollist">
+					<li>
+						<div itemtype="pc" itemlook="pc-south" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="PC" noresize=1></div>
+					</li>
+					<li>
+						<div itemtype="pc" itemlook="copier" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="{{lang_photocopier}}" noresize=1></div>
+					</li>
+					<li>
+						<div itemtype="pc" itemlook="printer" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="{{lang_printer}}" noresize=1></div>
+					</li>
+					<li>
+						<div itemtype="pc" itemlook="telephone" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="{{lang_telephone}}" noresize=1></div>
+					</li>
+				</ul>
+			</div>
+
+			<div role="tabpanel" class="tab-pane" id="electricaldevices">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" itemlook="flatscreen" class="draggable" style="width:75px; height:100px;"
+							  data-height="100" data-width="75" title="{{lang_flatscreen}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="lamp" class="draggable" style="width:125px; height:50px;"
+							  data-height="50" data-width="125" title="{{lang_deskLamp}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="tvcamera" class="draggable" style="width:125px; height:50px;"
+							  data-height="50" data-width="125" title="{{lang_projector}}"></div>
+					</li>
+				</ul>
+			</div>
+
+			<div role="tabpanel" class="tab-pane" id="tables">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" itemlook="4chairs1squaretable" class="draggable"
+							  style="width:100px; height:100px;" data-height="100" data-width="100"
+							  title="{{lang_4chairs1squaretable}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="6chairs1table-horizontal" class="draggable"
+							  style="width:100px; height:75px;" data-height="75" data-width="100"
+							  title="{{lang_6chairs1table}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="8chairs1conferencetable-horizontal" class="draggable"
+							  style="width:175px; height:100px;" data-height="100" data-width="175"
+							  title="{{lang_8chairs1conferencetable}}"></div>
+					</li>
+
+					<li>
+						<div itemtype="furniture" itemlook="classroomdesk-north" class="draggable"
+							  style="width:275px; height:100px;" data-height="100" data-width="275"
+							  title="{{lang_classroomdesk}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="classroomdeskchair-north" class="draggable"
+							  style="width:175px; height:100px;" data-height="100" data-width="175"
+							  title="{{lang_classroomdeskchair}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="classroomtable-east" class="draggable"
+							  style="width:75px; height:100px;" data-height="100" data-width="75"
+							  title="{{lang_classroomtable}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="classroomtablechair-north" class="draggable"
+							  style="width:75px; height:100px;" data-height="100" data-width="75"
+							  title="{{lang_classroomdeskchair}}"></div>
+					</li>
+
+					<li>
+						<div itemtype="furniture" itemlook="conferencetable-horizontal" class="draggable"
+							  style="width:200px; height:100px;" data-height="100" data-width="200"
+							  title="{{lang_conferencetable}}"></div>
+					</li>
+
+
+					<li>
+						<div itemtype="furniture" itemlook="podium-north" class="draggable" style="width:200px; height:100px;"
+							  data-height="100" data-width="200" title="{{lang_podium}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="roundeddesk-east" class="draggable"
+							  style="width:75px; height:100px;" data-height="100" data-width="75"
+							  title="{{lang_roundeddesk}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="roundtable" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="{{lang_roundtable}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="semicirculartable-north" class="draggable"
+							  style="width:200px; height:100px;" data-height="100" data-width="200"
+							  title="{{lang_semicirculartable}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="squaretable" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="{{lang_squaretable}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="studentdesk-north" class="draggable"
+							  style="width:150px; height:100px;" data-height="100" data-width="150"
+							  title="{{lang_studentdesk}}"></div>
+					</li>
+
+
+				</ul>
+
+			</div>
+
+			<div role="tabpanel" class="tab-pane" id="chairs">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" itemlook="armchair-south" class="draggable"
+							  style="width:100px; height:100px;" data-height="100" data-width="100"
+							  title="{{lang_armchair}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="chair-south" class="draggable" style="width:125px; height:100px;"
+							  data-height="100" data-width="125" title="{{lang_chair}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="chair2-south" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="{{lang_chair}}"></div>
+					</li>
+
+
+					<li>
+						<div itemtype="furniture" itemlook="couch-south" class="draggable" style="width:100px; height:100px;"
+							  data-height="100" data-width="100" title="{{lang_couch}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="greenchair-south" class="draggable"
+							  style="width:125px; height:100px;" data-height="100" data-width="125"
+							  title="{{lang_greenchair}}"></div>
+					</li>
+
+					<li>
+						<div itemtype="furniture" itemlook="studentdeskchair-north" class="draggable"
+							  style="width:100px; height:100px;" data-height="100" data-width="100"
+							  title="{{lang_studentdeskchair}}"></div>
+					</li>
+				</ul>
+			</div>
+
+			<div role="tabpanel" class="tab-pane" id="furniture">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" itemlook="locker-east" class="draggable" style="width:100px; height:75px;"
+							  data-height="75" data-width="100" title="{{lang_locker}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="locker-north" class="draggable" style="width:75px; height:100px;"
+							  data-height="100" data-width="75" title="{{lang_locker}}"></div>
+					</li>
+
+					<li>
+						<div itemtype="furniture" itemlook="coatrack-east" class="draggable" style="width:25px; height:150px;"
+							  data-height="150" data-width="25" title="{{lang_coatrack}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="coatrack-north" class="draggable"
+							  style="width:150px; height:25px;" data-height="25" data-width="150"
+							  title="{{lang_coatrack}}"></div>
+					</li>
+
+
+					<li>
+						<div itemtype="furniture" itemlook="lecturetheaterrow" class="draggable"
+							  style="width:725px; height:100px;" data-height="100" data-width="725"
+							  title="{{lang_lecturetheaterrow}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="lecturetheaterrowseats" class="draggable"
+							  style="width:725px; height:50px;" data-height="50" data-width="725"
+							  title="{{lang_lecturetheaterrow}}"></div>
+					</li>
+
+				</ul>
+			</div>
+
+			<div role="tabpanel" class="tab-pane" id="officesupply">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" itemlook="papertray" class="draggable" style="width:25px; height:50px;"
+							  data-height="50" data-width="25" title="{{lang_papertray}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="wastecan" class="draggable" style="width:50px; height:50px;"
+							  data-height="50" data-width="50" title="{{lang_wastecan}}"></div>
+					</li>
+
+				</ul>
+			</div>
+			<div role="tabpanel" class="tab-pane" id="plants">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" itemlook="plant" class="draggable" style="width:75px; height:75px;"
+							  data-height="75" data-width="75" title="{{lang_plant}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="plant2" class="draggable" style="width:75px; height:75px;"
+							  data-height="75" data-width="75" title="{{lang_plant}}"></div>
+					</li>
+					<li>
+						<div itemtype="furniture" itemlook="plant3" class="draggable" style="width:75px; height:75px;"
+							  data-height="75" data-width="75" title="{{lang_plant}}"></div>
+					</li>
+				</ul>
+			</div>
+			<div role="tabpanel" class="tab-pane" id="misc">
+				<ul class="toollist">
+					<li>
+						<div itemtype="furniture" itemlook="projectionscreen" class="draggable"
+							  style="width:525px; height:25px;" data-height="25" data-width="525" title="{{lang_plant}}"></div>
+					</li>
+				</ul>
+			</div>
+
+		</div>
+	</div>
+</div>
\ No newline at end of file
diff --git a/modules-available/roomplanner/templates/main-roomplan.html b/modules-available/roomplanner/templates/main-roomplan.html
new file mode 100644
index 00000000..1fc49bea
--- /dev/null
+++ b/modules-available/roomplanner/templates/main-roomplan.html
@@ -0,0 +1,18 @@
+<div class="panel panel-default" id="drawpanel">
+	<div class="panel-heading">
+		<h3 class="panel-title">{{lang_roomplan}}</h3>
+	</div>
+	<div class="panel-body">
+		<div id="drawarea" style="top:0px; left:0px;">
+			<div id="draw-element-area" style="width:100%; height:100%;"></div>
+		</div>
+		<div id="scaleContainer">
+			<span id="zoom-fit" class="glyphicon glyphicon-move" aria-hidden="true"></span>
+			<div>
+				<div id="scaleslider"></div>
+				<span id="zoom-out" class="glyphicon glyphicon-zoom-out" aria-hidden="true"></span>
+				<span id="zoom-in" class="glyphicon glyphicon-zoom-in" aria-hidden="true"></span>
+			</div>
+		</div>
+	</div>
+</div>
\ No newline at end of file
diff --git a/modules-available/roomplanner/templates/page.html b/modules-available/roomplanner/templates/page.html
deleted file mode 100644
index e8544ce8..00000000
--- a/modules-available/roomplanner/templates/page.html
+++ /dev/null
@@ -1,369 +0,0 @@
-<!-- Modal -->
-<div class="modal fade" id="selectMachineModal" role="dialog">
-	<div class="modal-dialog">
-
-		<!-- Modal content-->
-		<div class="modal-content">
-			<div class="modal-header">
-				<button type="button" class="close" data-dismiss="modal">&times;</button>
-				<h4>{{lang_titleAddMachine}}</h4>
-			</div>
-			<div class="modal-body">
-				<ul class="nav nav-tabs">
-					<li class="active"><a data-toggle="tab" href="#subnet">{{lang_titleBySubnet}}</a></li>
-					<li><a data-toggle="tab" href="#search">{{lang_titleBySearch}}</a></li>
-				</ul>
-				<div class="tab-content">
-					<div id="subnet" class="tab-pane fade in active">
-						<br/>
-						<p>
-							{{lang_descriptionBySubnet}}
-						</p>
-						<label for="subnetBox">{{lang_labelBySubnet}}</label>
-						<input id="subnetBox" class="form-control"/>
-					</div>
-					<div id="search" class="tab-pane fade">
-						<br/>
-						<p> {{lang_descriptionBySearch}}</p>
-							<label for="machineSearchBox">{{lang_labelBySearch}}</label>
-							<input id="machineSearchBox" class="form-control" />
-					</div>
-
-				</div>
-
-
-			</div>
-			<div class="modal-footer">
-				<button class="btn btn-default pull-left" data-dismiss="modal" >{{lang_cancel}}</button>
-				<button class="btn btn-primary" id="selectMachineButton">{{lang_select}}</button>
-			</div>
-		</div>
-	</div>
-</div> 
-
-<!--  berryous raumplaner -->
-<h1>{{lang_roomplanner}} – {{location.locationname}}</h1>
-
-<div class="alert alert-danger" style="display:none" id="error-msg"></div>
-<div class="alert alert-success" style="display:none" id="success-msg">{{lang_planSuccessfullySaved}}</div>
-<div class="alert alert-info" style="display:none" id="saving-msg">{{lang_planBeingSaved}}</div>
-
-	<div id="toolpanel" class="panel panel-default" style="z-index:200;">
-		<div class="panel-body">
-			<ul role="tablist" class="nav nav-tabs">
-				<li role="presentation" class="active"><a href="#computers"
-											  aria-controls="computers" role="tab" data-toggle="tab">{{lang_catComputers}}</a></li>	
-				<li role="presentation"><a href="#walls"
-							   aria-controls="walls" role="tab" data-toggle="tab">{{lang_catWalls}}</a></li>
-				<li role="presentation"><a href="#electricaldevices"
-							   aria-controls="electricaldevices" role="tab" data-toggle="tab">{{lang_catElectricalDevices}}</a></li>
-				<li role="presentation"><a href="#tables"
-							   aria-controls="tables" role="tab" data-toggle="tab">{{lang_catTables}}</a></li>
-				<li role="presentation"><a href="#chairs"
-							   aria-controls="chairs" role="tab" data-toggle="tab">{{lang_catChairs}}</a></li>
-				<li role="presentation"><a href="#furniture"
-							   aria-controls="furniture" role="tab" data-toggle="tab">{{lang_catFurniture}}</a></li>
-				<li role="presentation"><a href="#officesupply"
-							   aria-controls="officesupply" role="tab" data-toggle="tab">{{lang_catOfficeSupply}}</a></li>
-				<li role="presentation"><a href="#plants"
-							   aria-controls="plants" role="tab" data-toggle="tab">{{lang_catPlants}}</a></li>
-				<li role="presentation"><a href="#misc"
-							   aria-controls="misc" role="tab" data-toggle="tab">{{lang_catMisc}}</a></li>
-			</ul>
-			<div class="tab-content">
-				<div role="tabpanel" class="tab-pane" id="walls">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" scalable="h" itemlook="wall-horizontal" class="draggable"  style="width:100px; height:25px;" data-height="25" data-width="100" title="Wand (horizontal)"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" scalable="v" itemlook="wall-vertical" class="draggable"  style="width:25px; height:100px;" data-height="100" data-width="25" title="Wand (vertial)"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" scalable="h" itemlook="window-horizontal" class="draggable"  style="width:50px; height:25px;" data-height="25" data-width="50" title="Fenster"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" scalable="v" itemlook="window-vertical" class="draggable"  style="width:25px; height:50px;" data-height="50" data-width="25" title="Fenster"></div>
-						</li>
-						
-						 
-						<li>
-							<div itemtype="furniture" itemlook="door-nw" class="draggable"  style="width:50px; height:100px;" data-height="100" data-width="50" title="{{lang_door}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="door-ne" class="draggable"  style="width:50px; height:100px;" data-height="100" data-width="50" title="{{lang_door}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="door-sw" class="draggable"  style="width:50px; height:100px;" data-height="100" data-width="50" title="{{lang_door}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="door-se" class="draggable"  style="width:50px; height:100px;" data-height="100" data-width="50" title="{{lang_door}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="door-wn" class="draggable"  style="width:100px; height:50px;" data-height="50" data-width="100" title="{{lang_door}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="door-ws" class="draggable"  style="width:100px; height:50px;" data-height="50" data-width="100" title="{{lang_door}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="door-en" class="draggable"  style="width:100px; height:50px;" data-height="50" data-width="100" title="{{lang_door}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="door-es" class="draggable"  style="width:100px; height:50px;" data-height="50" data-width="100" title="{{lang_door}}"></div>
-						</li>
-						 
-					</ul>
-				</div>
-				
-				
-				<div role="tabpanel" class="tab-pane active" id="computers">
-					<ul class="toollist">
-						<li>
-							<div itemtype="pc" itemlook="pc-south" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="PC" noresize=1></div>
-						</li>
-						<li>
-							<div itemtype="pc" itemlook="copier" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_photocopier}}" noresize=1></div>
-						</li>
-						<li>
-							<div itemtype="pc" itemlook="printer" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_printer}}" noresize=1></div>
-						</li>
-						<li>
-							<div itemtype="pc" itemlook="telephone" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_telephone}}" noresize=1></div>
-						</li>
-					</ul>
-				</div>
-				
-				<div role="tabpanel" class="tab-pane" id="electricaldevices">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" itemlook="flatscreen" class="draggable"  style="width:75px; height:100px;" data-height="100" data-width="75" title="{{lang_flatscreen}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="lamp" class="draggable"  style="width:125px; height:50px;" data-height="50" data-width="125" title="{{lang_deskLamp}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="tvcamera" class="draggable"  style="width:125px; height:50px;" data-height="50" data-width="125" title="{{lang_projector}}"></div>
-						</li>
-					</ul>
-				</div>
-				
-				<div role="tabpanel" class="tab-pane" id="tables">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" itemlook="4chairs1squaretable" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_4chairs1squaretable}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="6chairs1table-horizontal" class="draggable"  style="width:100px; height:75px;" data-height="75" data-width="100" title="{{lang_6chairs1table}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="8chairs1conferencetable-horizontal" class="draggable"  style="width:175px; height:100px;" data-height="100" data-width="175" title="{{lang_8chairs1conferencetable}}"></div>
-						</li>
-						
-						<li>
-							<div itemtype="furniture" itemlook="classroomdesk-north" class="draggable"  style="width:275px; height:100px;" data-height="100" data-width="275" title="{{lang_classroomdesk}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="classroomdeskchair-north" class="draggable"  style="width:175px; height:100px;" data-height="100" data-width="175" title="{{lang_classroomdeskchair}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="classroomtable-east" class="draggable"  style="width:75px; height:100px;" data-height="100" data-width="75" title="{{lang_classroomtable}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="classroomtablechair-north" class="draggable"  style="width:75px; height:100px;" data-height="100" data-width="75" title="{{lang_classroomdeskchair}}"></div>
-						</li>
-						
-						<li>
-							<div itemtype="furniture" itemlook="conferencetable-horizontal" class="draggable"  style="width:200px; height:100px;" data-height="100" data-width="200" title="{{lang_conferencetable}}"></div>
-						</li>
-												
-
-						<li>
-							<div itemtype="furniture" itemlook="podium-north" class="draggable"  style="width:200px; height:100px;" data-height="100" data-width="200" title="{{lang_podium}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="roundeddesk-east" class="draggable"  style="width:75px; height:100px;" data-height="100" data-width="75" title="{{lang_roundeddesk}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="roundtable" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_roundtable}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="semicirculartable-north" class="draggable"  style="width:200px; height:100px;" data-height="100" data-width="200" title="{{lang_semicirculartable}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="squaretable" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_squaretable}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="studentdesk-north" class="draggable"  style="width:150px; height:100px;" data-height="100" data-width="150" title="{{lang_studentdesk}}"></div>
-						</li>
-																
-						
-					</ul>
-				
-				</div>
-				
-				<div role="tabpanel" class="tab-pane" id="chairs">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" itemlook="armchair-south" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_armchair}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="chair-south" class="draggable"  style="width:125px; height:100px;" data-height="100" data-width="125" title="{{lang_chair}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="chair2-south" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_chair}}"></div>
-						</li>
-					
-					
-						<li>
-							<div itemtype="furniture" itemlook="couch-south" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_couch}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="greenchair-south" class="draggable"  style="width:125px; height:100px;" data-height="100" data-width="125" title="{{lang_greenchair}}"></div>
-						</li>
-					
-						<li>
-							<div itemtype="furniture" itemlook="studentdeskchair-north" class="draggable"  style="width:100px; height:100px;" data-height="100" data-width="100" title="{{lang_studentdeskchair}}"></div>
-						</li>
-					</ul>
-				</div>
-				
-				<div role="tabpanel" class="tab-pane" id="furniture">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" itemlook="locker-east" class="draggable"  style="width:100px; height:75px;" data-height="75" data-width="100" title="{{lang_locker}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="locker-north" class="draggable"  style="width:75px; height:100px;" data-height="100" data-width="75" title="{{lang_locker}}"></div>
-						</li>
-						
-						<li>
-							<div itemtype="furniture" itemlook="coatrack-east" class="draggable"  style="width:25px; height:150px;" data-height="150" data-width="25" title="{{lang_coatrack}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="coatrack-north" class="draggable"  style="width:150px; height:25px;" data-height="25" data-width="150" title="{{lang_coatrack}}"></div>
-						</li>
-						
-						
-						<li>
-							<div itemtype="furniture" itemlook="lecturetheaterrow" class="draggable"  style="width:725px; height:100px;" data-height="100" data-width="725" title="{{lang_lecturetheaterrow}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="lecturetheaterrowseats" class="draggable"  style="width:725px; height:50px;" data-height="50" data-width="725" title="{{lang_lecturetheaterrow}}"></div>
-						</li>
-						
-					</ul>
-				</div>
-				
-				<div role="tabpanel" class="tab-pane" id="officesupply">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" itemlook="papertray" class="draggable"  style="width:25px; height:50px;" data-height="50" data-width="25" title="{{lang_papertray}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="wastecan" class="draggable"  style="width:50px; height:50px;" data-height="50" data-width="50" title="{{lang_wastecan}}"></div>
-						</li>
-						
-					</ul>
-				</div>
-				<div role="tabpanel" class="tab-pane" id="plants">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" itemlook="plant" class="draggable"  style="width:75px; height:75px;" data-height="75" data-width="75" title="{{lang_plant}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="plant2" class="draggable"  style="width:75px; height:75px;" data-height="75" data-width="75" title="{{lang_plant}}"></div>
-						</li>
-						<li>
-							<div itemtype="furniture" itemlook="plant3" class="draggable"  style="width:75px; height:75px;" data-height="75" data-width="75" title="{{lang_plant}}"></div>
-						</li>
-					</ul>
-				</div>				
-				<div role="tabpanel" class="tab-pane" id="misc">
-					<ul class="toollist">
-						<li>
-							<div itemtype="furniture" itemlook="projectionscreen" class="draggable"  style="width:525px; height:25px;" data-height="25" data-width="525" title="{{lang_plant}}"></div>
-						</li>
-					</ul>
-				</div>
-				
-			</div>
-		</div>
-	</div>
-
-
-
-	<div class="panel panel-default" id="drawpanel">
-		<div class="panel-heading">
-			<h3 class="panel-title">{{lang_roomplan}}</h3>
-		</div>
-		<div class="panel-body">
-			<div id="drawarea" style="top:0px; left:0px;">
-				<div id="draw-element-area" style="width:100%; height:100%;"></div>
-			</div>
-			<div id="scaleContainer">
-				<span id="zoom-fit" class="glyphicon glyphicon-move" aria-hidden="true"></span>
-				<div>
-				<div id="scaleslider"></div>
-				<span id="zoom-out" class="glyphicon glyphicon-zoom-out" aria-hidden="true"></span>
-				<span id="zoom-in" class="glyphicon glyphicon-zoom-in" aria-hidden="true"></span>
-				</div>
-			</div>
-		</div>
-
-
-	</div>
-
-<div class="pull-left">
-	<div class="input-group" style="width:1px">
-		<div class="input-group-addon">{{lang_managerIp}}</div>
-		<input class="form-control" type="text" id="manager-ip" value="{{managerip}}" placeholder="1.2.3.4" style="width:120px">
-		<div class="input-group-addon checkbox"><input id="dedi-mgr" type="checkbox" {{dediMgrChecked}}> <label for="dedi-mgr">{{lang_dedicatedManager}}</label></div>
-	</div>
-</div>
-<div class="pull-right">
-	<button class="btn btn-default" onclick="triggerCancel()">{{lang_cancel}}</button>
-	<button id="saveBtn" class="btn btn-primary">{{lang_save}}</button>
-</div>
-<div class="clearfix"></div>
-
-
-<script type="application/javascript"><!--
-var locationId = '{{locationid}}';
-var subnetMachines, roomConfiguration;
-var plannerLoadState = 'invalid';
-document.addEventListener("DOMContentLoaded", function () {
-
-	subnetMachines = makeCombinedField({{{subnetMachines}}});
-	roomConfiguration = {{{roomConfiguration}}};
-
-	$.when(
-		$.getScript("modules/roomplanner/js/lib/jquery-collision.js"),
-		$.getScript("modules/roomplanner/js/lib/jquery-ui-draggable-collision.js"),
-		$.getScript("modules/roomplanner/js/grid.js"),
-		$.Deferred(function( deferred ){
-			$( deferred.resolve );
-		})
-	).done(function() {
-		$.getScript("modules/roomplanner/js/init.js", function() {
-			initRoomplanner();
-			loadRoom();
-		});
-	});
-});
-
-function loadRoom() {
-	roomplanner.load(roomConfiguration); // TODO: Filter invalid PCs, they're currently invisible and cannot be removed
-	plannerLoadState = roomplanner.serialize();
-}
-
-function triggerCancel() {
-	if (roomplanner.serialize() !== plannerLoadState) {
-		if (!confirm('{{lang_confirmDiscardChanges}}'))
-			return;
-	}
-	window.close();
-	// In case this page wasn't opened via JS, it will not close on modern browsers, so let's reset
-	loadRoom();
-}
-
-// --></script>
-- 
cgit v1.2.3-55-g7522


From d5166e77fbb1dc034a421da868f9539fc455e490 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 21 Mar 2018 11:30:29 +0100
Subject: Update translations

---
 modules-available/locations/lang/de/template-tags.json | 4 ++--
 modules-available/locations/lang/en/template-tags.json | 4 ++--
 modules-available/rebootcontrol/page.inc.php           | 2 +-
 modules-available/runmode/lang/de/messages.json        | 1 +
 modules-available/runmode/lang/de/template-tags.json   | 1 +
 modules-available/runmode/lang/en/messages.json        | 1 +
 modules-available/runmode/lang/en/template-tags.json   | 1 +
 modules-available/statistics/page.inc.php              | 2 +-
 8 files changed, 10 insertions(+), 6 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/lang/de/template-tags.json b/modules-available/locations/lang/de/template-tags.json
index 04d10d06..43142555 100644
--- a/modules-available/locations/lang/de/template-tags.json
+++ b/modules-available/locations/lang/de/template-tags.json
@@ -6,7 +6,7 @@
     "lang_deleteChildLocations": "Untergeordnete Orte ebenfalls l\u00f6schen",
     "lang_deleteLocation": "Ort l\u00f6schen",
     "lang_deleteSubnet": "Bereich l\u00f6schen",
-    "lang_deleteSubnetWarning": "Alle zum L\u00f6schen markierten Subnetze werden gelöscht. Diese Aktion kann nicht r\u00fcckg\u00e4ngig gemacht werden.",
+    "lang_deleteSubnetWarning": "Alle zum L\u00f6schen markierten Subnetze werden gel\u00f6scht. Diese Aktion kann nicht r\u00fcckg\u00e4ngig gemacht werden.",
     "lang_editConfigVariables": "Konfig.-Variablen",
     "lang_editRoomplan": "Raumplan bearbeiten",
     "lang_endAddress": "Endadresse",
@@ -22,10 +22,10 @@
     "lang_machineLoad": "Besetzt",
     "lang_matchingMachines": "Enthaltene Rechner",
     "lang_name": "Name",
-    "lang_noParent": "Kein \u00fcbergeordneter Ort",
     "lang_overrideCount": "Angepasst",
     "lang_parentLocation": "\u00dcbergeordneter Ort",
     "lang_referencingLectures": "Veranstaltungen",
+    "lang_showRoomplan": "Raumplan anzeigen",
     "lang_startAddress": "Startadresse",
     "lang_subnet": "IP-Bereich",
     "lang_sysConfig": "Lokalisierung",
diff --git a/modules-available/locations/lang/en/template-tags.json b/modules-available/locations/lang/en/template-tags.json
index ddb90f83..41261726 100644
--- a/modules-available/locations/lang/en/template-tags.json
+++ b/modules-available/locations/lang/en/template-tags.json
@@ -22,14 +22,14 @@
     "lang_machineLoad": "In use",
     "lang_matchingMachines": "Matching clients",
     "lang_name": "Name",
-    "lang_noParent": "No parent",
     "lang_overrideCount": "Overridden",
     "lang_parentLocation": "Parent location",
     "lang_referencingLectures": "Assigned Lectures",
+    "lang_showRoomplan": "Show room plan",
     "lang_startAddress": "Start address",
     "lang_subnet": "IP range",
     "lang_sysConfig": "Localization\/Integration",
     "lang_thisListByLocation": "Locations",
     "lang_thisListBySubnet": "Subnets",
     "lang_unassignedMachines": "Machines not matching any location"
-}
+}
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/page.inc.php b/modules-available/rebootcontrol/page.inc.php
index fa7688d8..abbdb2c3 100644
--- a/modules-available/rebootcontrol/page.inc.php
+++ b/modules-available/rebootcontrol/page.inc.php
@@ -38,7 +38,7 @@ class Page_RebootControl extends Page
 			// Filter ones with no permission
 			foreach (array_keys($actualClients) as $idx) {
 				if (!User::hasPermission('action.' . $this->action, $actualClients[$idx]['locationid'])) {
-					Message::addWarning('main.location-no-permission', $actualClients[$idx]['locationid']);
+					Message::addWarning('locations.no-permission-location', $actualClients[$idx]['locationid']);
 					unset($actualClients[$idx]);
 				} else {
 					$locationId = $actualClients[$idx]['locationid'];
diff --git a/modules-available/runmode/lang/de/messages.json b/modules-available/runmode/lang/de/messages.json
index 911d48d4..bca70019 100644
--- a/modules-available/runmode/lang/de/messages.json
+++ b/modules-available/runmode/lang/de/messages.json
@@ -2,6 +2,7 @@
     "cannot-edit-module": "Modul {{0}} kann nicht direkt editiert werden",
     "enabled-removed-save": "{{0}} Rechner gespeichert, {{1}} entfernt",
     "invalid-modeid": "{{1}} ist kein g\u00fcltiger Betriebsmodus f\u00fcr Modul {{0}}",
+    "machine-no-permission": "Keine Berechtigung f\u00fcr client {{0}}",
     "machine-not-found": "Rechner {{0}} nicht gefunden",
     "machine-not-runmode": "Rechner {{0}} hatte keinen speziellen Betriebsmodus aktiviert",
     "machine-removed": "Rechner {{0}} entfernt",
diff --git a/modules-available/runmode/lang/de/template-tags.json b/modules-available/runmode/lang/de/template-tags.json
index 6b45b82c..989e5b1d 100644
--- a/modules-available/runmode/lang/de/template-tags.json
+++ b/modules-available/runmode/lang/de/template-tags.json
@@ -3,6 +3,7 @@
     "lang_assignMachineIntroText": "Definieren Sie hier Clients, die in einem speziellen Betriebsmodus gestartet werden sollen. Sie k\u00f6nnen Rechner anhand der UUID, IP, Hostname oder MAC-Adresse suchen.",
     "lang_assignRunmodeToMachine": "Betriebsmodus",
     "lang_confirmDelete": "Wollen Sie den Betriebsmodus f\u00fcr diesen Client entfernen?",
+    "lang_existingClients": "Vorhandene Clients mit diesem Betriebsmodus",
     "lang_isclient": "Pool-Client",
     "lang_machine": "Client",
     "lang_mode": "Modus",
diff --git a/modules-available/runmode/lang/en/messages.json b/modules-available/runmode/lang/en/messages.json
index 6d890428..1ca1567a 100644
--- a/modules-available/runmode/lang/en/messages.json
+++ b/modules-available/runmode/lang/en/messages.json
@@ -2,6 +2,7 @@
     "cannot-edit-module": "Module {{0}} cannot be edited directly",
     "enabled-removed-save": "Saved {{0}} clients, deleted {{1}}",
     "invalid-modeid": "Module {{0}} doesn't provide mode {{1}}",
+    "machine-no-permission": "No permission for client {{0}}",
     "machine-not-found": "Client {{0}} not found",
     "machine-not-runmode": "No special mode of operation configured for client {{0}}",
     "machine-removed": "Removed client {{0}}",
diff --git a/modules-available/runmode/lang/en/template-tags.json b/modules-available/runmode/lang/en/template-tags.json
index 43fd3da5..89cf6b15 100644
--- a/modules-available/runmode/lang/en/template-tags.json
+++ b/modules-available/runmode/lang/en/template-tags.json
@@ -3,6 +3,7 @@
     "lang_assignMachineIntroText": "Define the clients which should start a special runmode configuration. You can search for clients by UUID, IP address, host name or MAC address.",
     "lang_assignRunmodeToMachine": "Runmode",
     "lang_confirmDelete": "Do you want to delete the runmode for this client?",
+    "lang_existingClients": "Existing clients with this run mode",
     "lang_isclient": "Pool-Client",
     "lang_machine": "Client",
     "lang_mode": "Mode",
diff --git a/modules-available/statistics/page.inc.php b/modules-available/statistics/page.inc.php
index 3baac190..60743fb6 100644
--- a/modules-available/statistics/page.inc.php
+++ b/modules-available/statistics/page.inc.php
@@ -227,7 +227,7 @@ class Page_Statistics extends Page
 			if (in_array($row['locationid'], $allowedLocations)) {
 				$delete[] = $row['machineuuid'];
 			} else {
-				Message::addError('no-permission-location', $row['locationid']);
+				Message::addError('locations.no-permission-location', $row['locationid']);
 			}
 		}
 		if (!empty($delete)) {
-- 
cgit v1.2.3-55-g7522


From 7a31ef5d902489cc508bbce4f7193392fecf1fd2 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 28 Mar 2018 14:35:24 +0200
Subject: [locations] Make subnet list editable again :)

Closes #3331
---
 modules-available/locations/templates/subnets.html | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/templates/subnets.html b/modules-available/locations/templates/subnets.html
index cb7fb758..d027d800 100644
--- a/modules-available/locations/templates/subnets.html
+++ b/modules-available/locations/templates/subnets.html
@@ -17,9 +17,9 @@
 			{{#list}}
 				<tr class="cidrmagic">
 					<td>{{subnetid}}</td>
-					<td class="{{^editThisSubnetAllowed}}disabled{{/editThisSubnetAllowed}}"><input class="form-control cidrstart" type="text" name="startaddr[{{subnetid}}]" value="{{startaddr}}"></td>
-					<td class="{{^editThisSubnetAllowed}}disabled{{/editThisSubnetAllowed}}"><input class="form-control cidrend" type="text" name="endaddr[{{subnetid}}]" value="{{endaddr}}"></td>
-					<td class="{{^deleteThisSubnetAllowed}}disabled{{/deleteThisSubnetAllowed}}">
+					<td><input class="form-control cidrstart" type="text" name="startaddr[{{subnetid}}]" value="{{startaddr}}"></td>
+					<td><input class="form-control cidrend" type="text" name="endaddr[{{subnetid}}]" value="{{endaddr}}"></td>
+					<td>
 						<select class="form-control" name="location[{{subnetid}}]">
 							{{#locations}}
 							<option {{disabled}} value="{{locationid}}" {{#selected}}selected="selected"{{/selected}}>{{locationpad}} {{locationname}}</option>
@@ -30,7 +30,7 @@
 			{{/list}}
 		</table>
 		<div class="text-right" style="margin-bottom: 20px">
-			<button {{^editSubnetAllowed}}disabled{{/editSubnetAllowed}} type="submit" class="btn btn-primary"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
+			<button type="submit" class="btn btn-primary"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_save}}</button>
 		</div>
 	</form>
 </div>
-- 
cgit v1.2.3-55-g7522


From afee61496e9fa59d9e024339530b38c6652bba59 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 28 Mar 2018 14:55:54 +0200
Subject: [locations] Handle statistics permissions when showing/linking
 machine stats

---
 modules-available/locations/page.inc.php                    | 11 +++++++++++
 modules-available/locations/templates/location-subnets.html |  9 ++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 0a6fdb10..80a8076b 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -357,6 +357,11 @@ class Page_Locations extends Page
 			} else {
 				$locationList[$lid]['havesysconfig'] = false;
 			}
+			if (User::hasPermission('.statistics.view.list', $lid)) {
+				$visibleLocationIds[] = $lid;
+			} else {
+				$locationList[$lid]['havestatistics'] = false;
+			}
 			if (!in_array($lid, $visibleLocationIds)) {
 				unset($locationList[$lid]);
 			} elseif (!in_array($lid, $allowedLocationIds)) {
@@ -554,6 +559,12 @@ class Page_Locations extends Page
 				}
 			}
 			$data['haveStatistics'] = true;
+			// Link
+			if (User::hasPermission('.statistics.view.list')) {
+				$data['statsLink'] = 'list';
+			} elseif (User::hasPermission('.statistics.view.summary')) {
+				$data['statsLink'] = 'summary';
+			}
 		}
 		$data['machines'] = $count;
 		$data['machines_online'] = $online;
diff --git a/modules-available/locations/templates/location-subnets.html b/modules-available/locations/templates/location-subnets.html
index db94be0a..69e369c2 100644
--- a/modules-available/locations/templates/location-subnets.html
+++ b/modules-available/locations/templates/location-subnets.html
@@ -69,7 +69,14 @@
 				{{/haveDozmod}}
 				{{#haveStatistics}}
 				<div>
-					<span class="slx-ga2">{{lang_matchingMachines}}:</span> <a href="?do=Statistics&amp;show=list&amp;filters=location={{locationid}}">{{machines}} / {{machines_online}} / {{machines_used}} ({{used_percent}}%)</a>
+					<span class="slx-ga2">{{lang_matchingMachines}}:</span>
+					{{#statsLink}}
+					<a href="?do=Statistics&amp;show={{statsLink}}&amp;filters=location={{locationid}}">
+					{{/statsLink}}
+						{{machines}} / {{machines_online}} / {{machines_used}} ({{used_percent}}%)
+					{{#statsLink}}
+					</a>
+					{{/statsLink}}
 				</div>
 				{{/haveStatistics}}
 			</div>
-- 
cgit v1.2.3-55-g7522


From 24815e16087b4b1b64e9f380d45d411af32daf42 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 9 Apr 2018 16:56:04 +0200
Subject: Permissions: Consistency: Make all pages require at least one
 permission to be accessible

Closes #3340
---
 modules-available/backup/page.inc.php                 |  1 +
 modules-available/exams/page.inc.php                  |  9 +--------
 modules-available/locations/page.inc.php              | 19 +++++++++++++++----
 modules-available/news/page.inc.php                   | 10 ++--------
 modules-available/news/permissions/permissions.json   |  3 +++
 modules-available/rebootcontrol/page.inc.php          |  9 ++++++---
 modules-available/serversetup-bwlp/page.inc.php       |  6 ++++++
 .../serversetup-bwlp/permissions/permissions.json     |  3 +++
 modules-available/statistics_reporting/page.inc.php   |  1 +
 modules-available/sysconfig/page.inc.php              |  2 +-
 modules-available/syslog/page.inc.php                 |  1 +
 modules-available/systemstatus/page.inc.php           |  1 +
 modules-available/webinterface/page.inc.php           |  4 ++++
 .../webinterface/permissions/permissions.json         |  3 +++
 14 files changed, 48 insertions(+), 24 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/backup/page.inc.php b/modules-available/backup/page.inc.php
index 14522734..985f39ee 100644
--- a/modules-available/backup/page.inc.php
+++ b/modules-available/backup/page.inc.php
@@ -23,6 +23,7 @@ class Page_Backup extends Page
 			User::assertPermission("restore");
 			$this->restore();
 		}
+		User::assertPermission('*');
 	}
 
 	protected function doRender()
diff --git a/modules-available/exams/page.inc.php b/modules-available/exams/page.inc.php
index 51975052..15640a73 100644
--- a/modules-available/exams/page.inc.php
+++ b/modules-available/exams/page.inc.php
@@ -441,16 +441,9 @@ class Page_Exams extends Page
 
 	protected function doRender()
 	{
-		if (Request::isPost()) {
-			$examid = Request::post('examid', 0, 'int');
-		} else if (Request::isGet()) {
-			$examid = Request::get('examid', 0, 'int');
-		} else {
-			die('Neither Post nor Get Request send.');
-		}
-
 		if ($this->action === "show") {
 
+			User::assertPermission('exams.view');
 			// General title and description
 			Render::addTemplate('page-main-heading');
 			// List of defined exam periods
diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 80a8076b..4d5c6628 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -24,6 +24,9 @@ class Page_Locations extends Page
 		} elseif ($this->action === 'updatesubnets') {
 			$this->updateSubnets();
 		}
+		if (Request::isPost()) {
+			Util::redirect('?do=locations');
+		}
 	}
 
 	private function updateSubnets()
@@ -306,10 +309,16 @@ class Page_Locations extends Page
 
 	protected function doRender()
 	{
-		$getAction = Request::get('action');
-		if (empty($getAction)) {
-			// Until we have a main landing page?
-			Util::redirect('?do=Locations&action=showlocations');
+		$getAction = Request::get('action', false, 'string');
+		if ($getAction === false) {
+			if (User::hasPermission('location.view')) {
+				Util::redirect('?do=locations&action=showlocations');
+			} elseif (User::hasPermission('subnets.edit')) {
+				Util::redirect('?do=locations&action=showsubnets');
+			} else {
+				// Trigger permission denied by asserting non-existent permission
+				User::assertPermission('location.view');
+			}
 		}
 		if ($getAction === 'showsubnets') {
 			User::assertPermission('subnets.edit', NULL, '?do=locations');
@@ -324,6 +333,8 @@ class Page_Locations extends Page
 			Render::addTemplate('subnets', array('list' => $rows));
 		} elseif ($getAction === 'showlocations') {
 			$this->showLocationList();
+		} else {
+			Util::redirect('?do=locations');
 		}
 	}
 
diff --git a/modules-available/news/page.inc.php b/modules-available/news/page.inc.php
index e7b70c0f..1e2e3eef 100644
--- a/modules-available/news/page.inc.php
+++ b/modules-available/news/page.inc.php
@@ -46,14 +46,8 @@ class Page_News extends Page
 
 		// check which action we need to do
 		$action = Request::any('action', 'show');
-		if ($action === 'clear') {
-			// clear news input fields
-			// TODO: is this the right way?
-			$this->newsId = false;
-			$this->newsTitle = false;
-			$this->newsContent = false;
-			$this->newsDate = false;
-		} elseif ($action === 'show') {
+		if ($action === 'show') {
+			User::assertPermission('access-page');
 			/* load latest things */
 			$this->loadLatest('help');
 			$this->loadLatest('news');
diff --git a/modules-available/news/permissions/permissions.json b/modules-available/news/permissions/permissions.json
index 0d9435d7..953599df 100644
--- a/modules-available/news/permissions/permissions.json
+++ b/modules-available/news/permissions/permissions.json
@@ -1,4 +1,7 @@
 {
+    "access-page": {
+        "location-aware": false
+    },
     "help.delete": {
         "location-aware": false
     },
diff --git a/modules-available/rebootcontrol/page.inc.php b/modules-available/rebootcontrol/page.inc.php
index abbdb2c3..041ae74f 100644
--- a/modules-available/rebootcontrol/page.inc.php
+++ b/modules-available/rebootcontrol/page.inc.php
@@ -79,11 +79,14 @@ class Page_RebootControl extends Page
 				//location you want to see, default are "not  assigned" clients
 				$requestedLocation = Request::get('location', false, 'int');
 				$allowedLocs = User::getAllowedLocations("action.*");
+				if (empty($allowedLocs)) {
+					User::assertPermission('action.*');
+				}
 
 				if ($requestedLocation === false) {
 					if (in_array(0, $allowedLocs)) {
 						$requestedLocation = 0;
-					} elseif (!empty($allowedLocs)) {
+					} else {
 						$requestedLocation = reset($allowedLocs);
 					}
 				}
@@ -105,8 +108,8 @@ class Page_RebootControl extends Page
 				Render::addTemplate('header', $data);
 
 				// only fill table if user has at least one permission for the location
-				if ($requestedLocation === false) {
-					Message::addError('main.no-permission');
+				if (!in_array($requestedLocation, $allowedLocs)) {
+					Message::addError('locations.no-permission-location', $requestedLocation);
 				} else {
 					$data['data'] = RebootQueries::getMachineTable($requestedLocation);
 					Render::addTemplate('_page', $data);
diff --git a/modules-available/serversetup-bwlp/page.inc.php b/modules-available/serversetup-bwlp/page.inc.php
index ae709da7..78096d7b 100644
--- a/modules-available/serversetup-bwlp/page.inc.php
+++ b/modules-available/serversetup-bwlp/page.inc.php
@@ -43,6 +43,12 @@ class Page_ServerSetup extends Page
 			// iPXE stuff changes
 			$this->updatePxeMenu();
 		}
+
+		if (Request::isPost()) {
+			Util::redirect('?do=serversetup');
+		}
+
+		User::assertPermission('access-page');
 	}
 
 	protected function doRender()
diff --git a/modules-available/serversetup-bwlp/permissions/permissions.json b/modules-available/serversetup-bwlp/permissions/permissions.json
index 6bae5422..44927506 100644
--- a/modules-available/serversetup-bwlp/permissions/permissions.json
+++ b/modules-available/serversetup-bwlp/permissions/permissions.json
@@ -1,4 +1,7 @@
 {
+    "access-page": {
+        "location-aware": false
+    },
     "download": {
         "location-aware": false
     },
diff --git a/modules-available/statistics_reporting/page.inc.php b/modules-available/statistics_reporting/page.inc.php
index af4b2b12..cc03e4d8 100644
--- a/modules-available/statistics_reporting/page.inc.php
+++ b/modules-available/statistics_reporting/page.inc.php
@@ -84,6 +84,7 @@ class Page_Statistics_Reporting extends Page
 				die(json_encode($report));
 			}
 		}
+		User::assertPermission('*');
 	}
 
 	/**
diff --git a/modules-available/sysconfig/page.inc.php b/modules-available/sysconfig/page.inc.php
index 7bb3e599..8d1799af 100644
--- a/modules-available/sysconfig/page.inc.php
+++ b/modules-available/sysconfig/page.inc.php
@@ -160,7 +160,7 @@ class Page_SysConfig extends Page
 			$pMods = User::hasPermission('module.view-list');
 			$pConfs = User::hasPermission('config.view-list');
 			if (!($pMods || $pConfs)) {
-				Message::addError('main.no-permission');
+				User::assertPermission('config.view-list');
 			}
 			Render::openTag('div', array('class' => 'row'));
 			if ($pConfs) {
diff --git a/modules-available/syslog/page.inc.php b/modules-available/syslog/page.inc.php
index 3a7513b5..00c55a3f 100644
--- a/modules-available/syslog/page.inc.php
+++ b/modules-available/syslog/page.inc.php
@@ -25,6 +25,7 @@ class Page_SysLog extends Page
 			}
 			Util::redirect('?do=syslog');
 		}
+		User::assertPermission('*');
 	}
 
 	protected function doRender()
diff --git a/modules-available/systemstatus/page.inc.php b/modules-available/systemstatus/page.inc.php
index 816caa05..66b30bcf 100644
--- a/modules-available/systemstatus/page.inc.php
+++ b/modules-available/systemstatus/page.inc.php
@@ -18,6 +18,7 @@ class Page_SystemStatus extends Page
 			User::assertPermission("serverreboot");
 			$this->rebootTask = Taskmanager::submit('Reboot');
 		}
+		User::assertPermission('*');
 	}
 
 	protected function doRender()
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index 806ffd59..ca52c2ab 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -28,6 +28,10 @@ class Page_WebInterface extends Page
 				$this->actionCustomization();
 				break;
 		}
+		if (Request::isPost()) {
+			Util::redirect('?do=webinterface');
+		}
+		User::assertPermission('access-page');
 	}
 
 	private function actionConfigureHttps()
diff --git a/modules-available/webinterface/permissions/permissions.json b/modules-available/webinterface/permissions/permissions.json
index fa6f493f..ed81602a 100644
--- a/modules-available/webinterface/permissions/permissions.json
+++ b/modules-available/webinterface/permissions/permissions.json
@@ -1,4 +1,7 @@
 {
+    "access-page": {
+        "location-aware": false
+    },
     "edit.design": {
         "location-aware": false
     },
-- 
cgit v1.2.3-55-g7522


From 5370b98936418b2b548c023813039b8bf2074a55 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 13 Apr 2018 17:31:56 +0200
Subject: [inc/Module] Overhaul dependency loading and handling of js/css

This is supposed to prevent unneeded js/css from being pulled in
---
 inc/module.inc.php                                 | 63 ++++++++++++++--------
 inc/render.inc.php                                 |  4 +-
 index.php                                          |  2 +-
 modules-available/adduser/config.json              |  4 +-
 modules-available/backup/config.json               |  4 +-
 modules-available/baseconfig/config.json           |  7 ++-
 modules-available/baseconfig_bwidm/config.json     |  6 ++-
 modules-available/baseconfig_bwlp/config.json      |  6 ++-
 .../baseconfig_partitions_cdn/config.json          |  8 +--
 modules-available/bootstrap_datepicker/config.json | 17 +++---
 modules-available/bootstrap_dialog/config.json     | 17 +++---
 .../bootstrap_multiselect/config.json              | 17 +++---
 modules-available/bootstrap_switch/config.json     | 13 ++---
 modules-available/bootstrap_timepicker/config.json | 17 +++---
 modules-available/citymanagement/config.json       |  6 +--
 modules-available/dnbd3/config.json                |  9 ++--
 modules-available/dozmod/config.json               |  4 +-
 modules-available/eventlog/config.json             |  4 +-
 modules-available/exams/config.json                | 13 +++--
 modules-available/imgmanagement/config.json        |  6 +--
 modules-available/internetaccess/config.json       |  4 +-
 modules-available/js_chart/config.json             | 13 ++---
 modules-available/js_circles/config.json           | 13 ++---
 modules-available/js_jqueryui/config.json          | 17 +++---
 modules-available/js_moment/config.json            | 17 +++---
 modules-available/js_selectize/config.json         | 17 +++---
 modules-available/js_stupidtable/config.json       | 13 ++---
 modules-available/js_vis/config.json               | 19 ++++---
 modules-available/locationinfo/config.json         | 11 ++--
 modules-available/locations/config.json            |  4 +-
 modules-available/main/config.json                 |  3 +-
 modules-available/minilinux/config.json            |  4 +-
 modules-available/news/config.json                 |  8 +--
 modules-available/permissionmanager/config.json    | 10 ++--
 modules-available/rebootcontrol/config.json        |  9 ++--
 modules-available/roomplanner/config.json          | 11 +++-
 modules-available/runmode/config.json              |  9 ++--
 modules-available/serversetup-bwlp/config.json     |  4 +-
 modules-available/session/config.json              |  3 +-
 modules-available/statistics/config.json           | 12 +++--
 modules-available/statistics_reporting/config.json |  9 +++-
 modules-available/summernote/config.json           | 17 +++---
 modules-available/support/config.json              |  4 +-
 modules-available/sysconfig/config.json            |  4 +-
 modules-available/sysconfignew/config.json         |  4 +-
 modules-available/syslog/config.json               |  8 +--
 modules-available/systemstatus/config.json         |  8 +--
 modules-available/translation/config.json          |  4 +-
 modules-available/usermanagement/config.json       |  6 +--
 modules-available/vmstore/config.json              |  4 +-
 modules-available/webinterface/config.json         |  4 +-
 51 files changed, 293 insertions(+), 207 deletions(-)

(limited to 'modules-available/locations')

diff --git a/inc/module.inc.php b/inc/module.inc.php
index 7610c720..fa2c4b98 100644
--- a/inc/module.inc.php
+++ b/inc/module.inc.php
@@ -35,7 +35,7 @@ class Module
 		if ($module === false)
 			return false;
 		if ($activate) {
-			$module->activate();
+			$module->activate(1, true);
 		}
 		return !$module->hasMissingDependencies();
 	}
@@ -139,9 +139,11 @@ class Module
 	 */
 
 	private $category = false;
+	private $clientPlugin = false;
 	private $depsMissing = false;
 	private $depsChecked = false;
 	private $activated = false;
+	private $directActivation = false;
 	private $dependencies = array();
 	private $name;
 	/**
@@ -165,6 +167,9 @@ class Module
 		if (isset($json['category']) && is_string($json['category'])) {
 			$this->category = $json['category'];
 		}
+		if (isset($json['client-plugin'])) {
+			$this->clientPlugin = (bool)$json['client-plugin'];
+		}
 		$this->name = $name;
 	}
 	
@@ -184,21 +189,33 @@ class Module
 		return new $class();
 	}
 
-	public function activate($depth = 1)
+	public function activate($depth, $direct)
 	{
-		if ($this->activated !== false || $this->depsMissing)
-			return $this->activated !== false;
+		if ($this->depsMissing)
+			return false;
+		if ($this->activated !== false && ($this->directActivation || !$direct))
+			return true;
+		if ($depth === null && $direct === null) {
+			// This is the current page, always load its scripts
+			$this->clientPlugin = true;
+			$direct = true;
+		}
+		if ($this->activated === false) {
+			spl_autoload_register(function ($class) {
+				$file = 'modules/' . $this->name . '/inc/' . preg_replace('/[^a-z0-9]/', '', strtolower($class)) . '.inc.php';
+				if (!file_exists($file))
+					return;
+				require_once $file;
+			});
+		}
 		$this->activated = $depth;
-		spl_autoload_register(function($class) {
-			$file = 'modules/' . $this->name . '/inc/' . preg_replace('/[^a-z0-9]/', '', strtolower($class)) . '.inc.php';
-			if (!file_exists($file))
-				return;
-			require_once $file;
-		});
+		if ($direct) {
+			$this->directActivation = true;
+		}
 		foreach ($this->dependencies as $dep) {
 			$get = self::get($dep);
 			if ($get !== false) {
-				$get->activate($depth + 1);
+				$get->activate($depth + 1, $direct && $this->clientPlugin);
 			}
 		}
 		return true;
@@ -263,26 +280,26 @@ class Module
 		return 'modules/' . $this->name;
 	}
 
-	public function getScripts($externalOnly)
+	public function getScripts()
 	{
-		if (!$externalOnly) {
-			if (!isset($this->scripts['clientscript.js']) && file_exists($this->getDir() . '/clientscript.js')) {
-				$this->scripts['clientscript.js'] = false;
+		if ($this->directActivation && $this->clientPlugin) {
+			if (!in_array('clientscript.js', $this->scripts)) {
+				$this->scripts[] = 'clientscript.js';
 			}
-			return array_keys($this->scripts);
+			return $this->scripts;
 		}
-		return array_keys(array_filter($this->scripts));
+		return [];
 	}
 
-	public function getCss($externalOnly)
+	public function getCss()
 	{
-		if (!$externalOnly) {
-			if (!isset($this->css['style.css']) && file_exists($this->getDir() . '/style.css')) {
-				$this->css['style.css'] = false;
+		if ($this->directActivation && $this->clientPlugin) {
+			if (!in_array('style.css', $this->css)) {
+				$this->css[] = 'style.css';
 			}
-			return array_keys($this->css);
+			return $this->css;
 		}
-		return array_keys(array_filter($this->css));
+		return [];
 	}
 
 }
diff --git a/inc/render.inc.php b/inc/render.inc.php
index 0ce39dbe..4b1d3643 100644
--- a/inc/render.inc.php
+++ b/inc/render.inc.php
@@ -84,7 +84,7 @@ class Render
 	';
 		// Include any module specific styles
 		foreach ($modules as $module) {
-			$files = $module->getCss($module !== $pageModule);
+			$files = $module->getCss();
 			foreach ($files as $file) {
 				echo '<link href="', $module->getDir(), '/', $file, '" rel="stylesheet" media="screen">';
 			}
@@ -113,7 +113,7 @@ class Render
 		<script src="script/slx-fixes.js"></script>
 	';
 		foreach ($modules as $module) {
-			$files = $module->getScripts($module !== $pageModule);
+			$files = $module->getScripts();
 			foreach ($files as $file) {
 				echo '<script src="', $module->getDir(), '/', $file, '"></script>';
 			}
diff --git a/index.php b/index.php
index 4816ef42..1ecd2109 100644
--- a/index.php
+++ b/index.php
@@ -79,7 +79,7 @@ abstract class Page
 		if (self::$module === false) {
 			Util::traceError('Invalid Module: ' . $name);
 		}
-		self::$module->activate();
+		self::$module->activate(null, null);
 		self::$instance = self::$module->newPage();
 	}
 
diff --git a/modules-available/adduser/config.json b/modules-available/adduser/config.json
index 706412d0..110f8b67 100644
--- a/modules-available/adduser/config.json
+++ b/modules-available/adduser/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.content"
-}
+	"category": "main.content"
+}
\ No newline at end of file
diff --git a/modules-available/backup/config.json b/modules-available/backup/config.json
index 706412d0..110f8b67 100644
--- a/modules-available/backup/config.json
+++ b/modules-available/backup/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.content"
-}
+	"category": "main.content"
+}
\ No newline at end of file
diff --git a/modules-available/baseconfig/config.json b/modules-available/baseconfig/config.json
index e4d906e1..357a117e 100644
--- a/modules-available/baseconfig/config.json
+++ b/modules-available/baseconfig/config.json
@@ -1,4 +1,7 @@
 {
 	"category": "main.settings-client",
-	"dependencies" : ["js_selectize", "bootstrap_multiselect"]
-}
+	"dependencies": [
+	    "js_selectize",
+	    "bootstrap_multiselect"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/baseconfig_bwidm/config.json b/modules-available/baseconfig_bwidm/config.json
index af67a188..7e6cf06a 100644
--- a/modules-available/baseconfig_bwidm/config.json
+++ b/modules-available/baseconfig_bwidm/config.json
@@ -1,3 +1,5 @@
 {
-	"dependencies": ["baseconfig"]
-}
+	"dependencies": [
+	    "baseconfig"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/baseconfig_bwlp/config.json b/modules-available/baseconfig_bwlp/config.json
index af67a188..7e6cf06a 100644
--- a/modules-available/baseconfig_bwlp/config.json
+++ b/modules-available/baseconfig_bwlp/config.json
@@ -1,3 +1,5 @@
 {
-	"dependencies": ["baseconfig"]
-}
+	"dependencies": [
+	    "baseconfig"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/baseconfig_partitions_cdn/config.json b/modules-available/baseconfig_partitions_cdn/config.json
index a355eef3..fd4c6f4b 100644
--- a/modules-available/baseconfig_partitions_cdn/config.json
+++ b/modules-available/baseconfig_partitions_cdn/config.json
@@ -1,4 +1,6 @@
 {
-    "category": "main.settings-client",
-    "dependencies": [ "baseconfig" ]
-}
+	"category": "main.settings-client",
+	"dependencies": [
+	    "baseconfig"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/bootstrap_datepicker/config.json b/modules-available/bootstrap_datepicker/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/bootstrap_datepicker/config.json
+++ b/modules-available/bootstrap_datepicker/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/bootstrap_dialog/config.json b/modules-available/bootstrap_dialog/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/bootstrap_dialog/config.json
+++ b/modules-available/bootstrap_dialog/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/bootstrap_multiselect/config.json b/modules-available/bootstrap_multiselect/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/bootstrap_multiselect/config.json
+++ b/modules-available/bootstrap_multiselect/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/bootstrap_switch/config.json b/modules-available/bootstrap_switch/config.json
index de4d37b4..3cf0d162 100644
--- a/modules-available/bootstrap_switch/config.json
+++ b/modules-available/bootstrap_switch/config.json
@@ -1,8 +1,9 @@
 {
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
 }
\ No newline at end of file
diff --git a/modules-available/bootstrap_timepicker/config.json b/modules-available/bootstrap_timepicker/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/bootstrap_timepicker/config.json
+++ b/modules-available/bootstrap_timepicker/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/citymanagement/config.json b/modules-available/citymanagement/config.json
index e87cbf7d..b356dfc6 100644
--- a/modules-available/citymanagement/config.json
+++ b/modules-available/citymanagement/config.json
@@ -1,4 +1,4 @@
 {
-	"category":"citymanagement.cities",
-	"permission":"0"
-}
+	"category": "citymanagement.cities",
+	"permission": "0"
+}
\ No newline at end of file
diff --git a/modules-available/dnbd3/config.json b/modules-available/dnbd3/config.json
index f84a4170..9670ded9 100644
--- a/modules-available/dnbd3/config.json
+++ b/modules-available/dnbd3/config.json
@@ -1,4 +1,7 @@
 {
-	"category":"main.settings-server",
-	"dependencies":["locations","runmode"]
-}
+	"category": "main.settings-server",
+	"dependencies": [
+	    "locations",
+	    "runmode"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/dozmod/config.json b/modules-available/dozmod/config.json
index 706412d0..110f8b67 100644
--- a/modules-available/dozmod/config.json
+++ b/modules-available/dozmod/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.content"
-}
+	"category": "main.content"
+}
\ No newline at end of file
diff --git a/modules-available/eventlog/config.json b/modules-available/eventlog/config.json
index 6778348d..aa23adb5 100644
--- a/modules-available/eventlog/config.json
+++ b/modules-available/eventlog/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.status"
-}
+	"category": "main.status"
+}
\ No newline at end of file
diff --git a/modules-available/exams/config.json b/modules-available/exams/config.json
index 0780ebef..a99d1c1a 100644
--- a/modules-available/exams/config.json
+++ b/modules-available/exams/config.json
@@ -1,5 +1,12 @@
 {
-	"category":"main.content",
-	"dependencies": [ "locations", "js_vis", "js_stupidtable", "bootstrap_datepicker", "bootstrap_timepicker", "bootstrap_multiselect"],
+	"category": "main.content",
+	"dependencies": [
+	    "locations",
+	    "js_vis",
+	    "js_stupidtable",
+	    "bootstrap_datepicker",
+	    "bootstrap_timepicker",
+	    "bootstrap_multiselect"
+	],
 	"permission": "0"
-}
+}
\ No newline at end of file
diff --git a/modules-available/imgmanagement/config.json b/modules-available/imgmanagement/config.json
index 6454d96f..2fbb822f 100644
--- a/modules-available/imgmanagement/config.json
+++ b/modules-available/imgmanagement/config.json
@@ -1,4 +1,4 @@
 {
-	"category":"main.content",
-	"permission":"1"
-}
+	"category": "main.content",
+	"permission": "1"
+}
\ No newline at end of file
diff --git a/modules-available/internetaccess/config.json b/modules-available/internetaccess/config.json
index 706412d0..110f8b67 100644
--- a/modules-available/internetaccess/config.json
+++ b/modules-available/internetaccess/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.content"
-}
+	"category": "main.content"
+}
\ No newline at end of file
diff --git a/modules-available/js_chart/config.json b/modules-available/js_chart/config.json
index de4d37b4..3cf0d162 100644
--- a/modules-available/js_chart/config.json
+++ b/modules-available/js_chart/config.json
@@ -1,8 +1,9 @@
 {
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
 }
\ No newline at end of file
diff --git a/modules-available/js_circles/config.json b/modules-available/js_circles/config.json
index de4d37b4..3cf0d162 100644
--- a/modules-available/js_circles/config.json
+++ b/modules-available/js_circles/config.json
@@ -1,8 +1,9 @@
 {
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
 }
\ No newline at end of file
diff --git a/modules-available/js_jqueryui/config.json b/modules-available/js_jqueryui/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/js_jqueryui/config.json
+++ b/modules-available/js_jqueryui/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/js_moment/config.json b/modules-available/js_moment/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/js_moment/config.json
+++ b/modules-available/js_moment/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/js_selectize/config.json b/modules-available/js_selectize/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/js_selectize/config.json
+++ b/modules-available/js_selectize/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/js_stupidtable/config.json b/modules-available/js_stupidtable/config.json
index cf932d7e..3cf0d162 100644
--- a/modules-available/js_stupidtable/config.json
+++ b/modules-available/js_stupidtable/config.json
@@ -1,8 +1,9 @@
 {
-	"css": {
-	"style.css": true
-	},
-	"scripts": {
-	"clientscript.js": true
-	}
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
 }
\ No newline at end of file
diff --git a/modules-available/js_vis/config.json b/modules-available/js_vis/config.json
index 3b027d31..4c870a22 100644
--- a/modules-available/js_vis/config.json
+++ b/modules-available/js_vis/config.json
@@ -1,9 +1,12 @@
 {
-	"dependencies" : ["js_moment"],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [
+	    "js_moment"
+	],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/locationinfo/config.json b/modules-available/locationinfo/config.json
index 87825809..837acfcf 100644
--- a/modules-available/locationinfo/config.json
+++ b/modules-available/locationinfo/config.json
@@ -1,4 +1,9 @@
 {
-	"category":"main.beta",
-	"dependencies": ["js_jqueryui", "bootstrap_timepicker", "locations", "bootstrap_switch"]
-}
+	"category": "main.beta",
+	"dependencies": [
+	    "js_jqueryui",
+	    "bootstrap_timepicker",
+	    "locations",
+	    "bootstrap_switch"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/locations/config.json b/modules-available/locations/config.json
index 706412d0..110f8b67 100644
--- a/modules-available/locations/config.json
+++ b/modules-available/locations/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.content"
-}
+	"category": "main.content"
+}
\ No newline at end of file
diff --git a/modules-available/main/config.json b/modules-available/main/config.json
index 2c63c085..0637a088 100644
--- a/modules-available/main/config.json
+++ b/modules-available/main/config.json
@@ -1,2 +1 @@
-{
-}
+[]
\ No newline at end of file
diff --git a/modules-available/minilinux/config.json b/modules-available/minilinux/config.json
index 28d71577..6c7b7146 100644
--- a/modules-available/minilinux/config.json
+++ b/modules-available/minilinux/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.settings-client"
-}
+	"category": "main.settings-client"
+}
\ No newline at end of file
diff --git a/modules-available/news/config.json b/modules-available/news/config.json
index e076ea5c..23cd1443 100644
--- a/modules-available/news/config.json
+++ b/modules-available/news/config.json
@@ -1,4 +1,6 @@
 {
-	"category":"main.content",
-	"dependencies": [ "js_stupidtable" ]
-}
+	"category": "main.content",
+	"dependencies": [
+	    "js_stupidtable"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/permissionmanager/config.json b/modules-available/permissionmanager/config.json
index d2071984..25b61de3 100644
--- a/modules-available/permissionmanager/config.json
+++ b/modules-available/permissionmanager/config.json
@@ -1,4 +1,8 @@
 {
-	"category":"main.content",
-	"dependencies": [ "locations", "js_stupidtable", "js_selectize" ]
-}
+	"category": "main.content",
+	"dependencies": [
+	    "locations",
+	    "js_stupidtable",
+	    "js_selectize"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/config.json b/modules-available/rebootcontrol/config.json
index d8ab5868..43d2c28f 100644
--- a/modules-available/rebootcontrol/config.json
+++ b/modules-available/rebootcontrol/config.json
@@ -1,4 +1,7 @@
 {
-	"category":"main.beta",
-	"dependencies": [ "locations", "js_stupidtable" ]
-}
+	"category": "main.beta",
+	"dependencies": [
+	    "locations",
+	    "js_stupidtable"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/roomplanner/config.json b/modules-available/roomplanner/config.json
index 537714c3..62f38773 100644
--- a/modules-available/roomplanner/config.json
+++ b/modules-available/roomplanner/config.json
@@ -1,3 +1,10 @@
 {
-	"dependencies": ["js_jqueryui", "js_selectize", "bootstrap_dialog", "statistics", "locations", "runmode"]
-}
+	"dependencies": [
+	    "js_jqueryui",
+	    "js_selectize",
+	    "bootstrap_dialog",
+	    "statistics",
+	    "locations",
+	    "runmode"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/runmode/config.json b/modules-available/runmode/config.json
index e3c07d48..84e044ce 100644
--- a/modules-available/runmode/config.json
+++ b/modules-available/runmode/config.json
@@ -1,4 +1,7 @@
 {
-	"dependencies": [ "statistics", "js_selectize" ],
-	"permission":"0"
-}
+	"dependencies": [
+	    "statistics",
+	    "js_selectize"
+	],
+	"permission": "0"
+}
\ No newline at end of file
diff --git a/modules-available/serversetup-bwlp/config.json b/modules-available/serversetup-bwlp/config.json
index 7205d70a..36268c6a 100644
--- a/modules-available/serversetup-bwlp/config.json
+++ b/modules-available/serversetup-bwlp/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.settings-server"
-}
+	"category": "main.settings-server"
+}
\ No newline at end of file
diff --git a/modules-available/session/config.json b/modules-available/session/config.json
index 2c63c085..0637a088 100644
--- a/modules-available/session/config.json
+++ b/modules-available/session/config.json
@@ -1,2 +1 @@
-{
-}
+[]
\ No newline at end of file
diff --git a/modules-available/statistics/config.json b/modules-available/statistics/config.json
index 333f881a..412dc3cb 100644
--- a/modules-available/statistics/config.json
+++ b/modules-available/statistics/config.json
@@ -1,5 +1,9 @@
 {
-	"category":"main.status",
-	"dependencies": [ "js_chart", "js_selectize", "bootstrap_datepicker"],
-	"permission":"0"
-}
+	"category": "main.status",
+	"dependencies": [
+	    "js_chart",
+	    "js_selectize",
+	    "bootstrap_datepicker"
+	],
+	"permission": "0"
+}
\ No newline at end of file
diff --git a/modules-available/statistics_reporting/config.json b/modules-available/statistics_reporting/config.json
index 78ca35ba..c439efa8 100644
--- a/modules-available/statistics_reporting/config.json
+++ b/modules-available/statistics_reporting/config.json
@@ -1,4 +1,9 @@
 {
 	"category": "main.status",
-	"dependencies": [ "statistics", "locations", "js_stupidtable", "js_jqueryui" ]
-}
+	"dependencies": [
+	    "statistics",
+	    "locations",
+	    "js_stupidtable",
+	    "js_jqueryui"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/summernote/config.json b/modules-available/summernote/config.json
index 5a0c7960..69bb0aa9 100644
--- a/modules-available/summernote/config.json
+++ b/modules-available/summernote/config.json
@@ -1,9 +1,10 @@
 {
-	"dependencies" : [],
-	"css": {
-		"style.css": true
-	},
-	"scripts": {
-		"clientscript.js": true
-	}
-}
+	"dependencies": [],
+	"css": [
+	    "style.css"
+	],
+	"scripts": [
+	    "clientscript.js"
+	],
+	"client-plugin": true
+}
\ No newline at end of file
diff --git a/modules-available/support/config.json b/modules-available/support/config.json
index 706412d0..110f8b67 100644
--- a/modules-available/support/config.json
+++ b/modules-available/support/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.content"
-}
+	"category": "main.content"
+}
\ No newline at end of file
diff --git a/modules-available/sysconfig/config.json b/modules-available/sysconfig/config.json
index 28d71577..6c7b7146 100644
--- a/modules-available/sysconfig/config.json
+++ b/modules-available/sysconfig/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.settings-client"
-}
+	"category": "main.settings-client"
+}
\ No newline at end of file
diff --git a/modules-available/sysconfignew/config.json b/modules-available/sysconfignew/config.json
index 28d71577..6c7b7146 100644
--- a/modules-available/sysconfignew/config.json
+++ b/modules-available/sysconfignew/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.settings-client"
-}
+	"category": "main.settings-client"
+}
\ No newline at end of file
diff --git a/modules-available/syslog/config.json b/modules-available/syslog/config.json
index 2b718a8e..691bd4df 100644
--- a/modules-available/syslog/config.json
+++ b/modules-available/syslog/config.json
@@ -1,4 +1,6 @@
 {
-	"category":"main.status",
-	"dependencies":["js_selectize"]
-}
+	"category": "main.status",
+	"dependencies": [
+	    "js_selectize"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/systemstatus/config.json b/modules-available/systemstatus/config.json
index 3c2efce7..cf774d1b 100644
--- a/modules-available/systemstatus/config.json
+++ b/modules-available/systemstatus/config.json
@@ -1,4 +1,6 @@
 {
-	"category":"main.status",
-	"dependencies": [ "js_circles" ]
-}
+	"category": "main.status",
+	"dependencies": [
+	    "js_circles"
+	]
+}
\ No newline at end of file
diff --git a/modules-available/translation/config.json b/modules-available/translation/config.json
index 706412d0..110f8b67 100644
--- a/modules-available/translation/config.json
+++ b/modules-available/translation/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.content"
-}
+	"category": "main.content"
+}
\ No newline at end of file
diff --git a/modules-available/usermanagement/config.json b/modules-available/usermanagement/config.json
index 9c66d6bf..428315ba 100644
--- a/modules-available/usermanagement/config.json
+++ b/modules-available/usermanagement/config.json
@@ -1,4 +1,4 @@
 {
-	"category":"main.users",
-	"permission":"0"
-}
+	"category": "main.users",
+	"permission": "0"
+}
\ No newline at end of file
diff --git a/modules-available/vmstore/config.json b/modules-available/vmstore/config.json
index 7205d70a..36268c6a 100644
--- a/modules-available/vmstore/config.json
+++ b/modules-available/vmstore/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.settings-server"
-}
+	"category": "main.settings-server"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/config.json b/modules-available/webinterface/config.json
index 7205d70a..36268c6a 100644
--- a/modules-available/webinterface/config.json
+++ b/modules-available/webinterface/config.json
@@ -1,3 +1,3 @@
 {
-	"category":"main.settings-server"
-}
+	"category": "main.settings-server"
+}
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522


From 3d3c4c8d62f8074935b69b7b002254fd0daf5945 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 25 Apr 2018 16:45:29 +0200
Subject: [locations] Fix machine counting

---
 modules-available/locations/page.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 4d5c6628..5010c9ab 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -404,8 +404,8 @@ class Page_Locations extends Page
 				if (!isset($loc['clientCount'])) {
 					$loc['clientCount'] = 0;
 					$loc['clientLoad'] = '0%';
-					$loc['clientCountSum'] += $loc['clientCount'];
 				}
+				$loc['clientCountSum'] += $loc['clientCount'];
 				foreach ($loc['parents'] as $pid) {
 					if (!in_array($pid, $allowedLocationIds))
 						continue;
-- 
cgit v1.2.3-55-g7522


From 24a04871603b8307eb0af0f772dfe64af16c4ada Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 25 Apr 2018 17:20:57 +0200
Subject: [locations] Restore row with unassigned machines

---
 modules-available/locations/page.inc.php             | 12 ++++++++++--
 modules-available/locations/templates/locations.html |  3 ++-
 2 files changed, 12 insertions(+), 3 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 5010c9ab..9beae163 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -345,8 +345,10 @@ class Page_Locations extends Page
 		Location::getOverlappingSubnets($overlapSelf, $overlapOther);
 		//$locs = Location::getLocations(0, 0, false, true);
 		$locationList = Location::getLocationsAssoc();
+		unset($locationList[0]);
 		// Statistics: Count machines for each subnet
 		$unassigned = false;
+		$unassignedLoad = 0;
 
 		// Filter view: Remove locations we can't reach at all, but show parents to locations
 		// we have permission to, so the tree doesn't look all weird
@@ -383,15 +385,20 @@ class Page_Locations extends Page
 		// Client statistics
 		if (Module::get('statistics') !== false) {
 			$unassigned = 0;
+			$extra = '';
+			if (in_array(0, $allowedLocationIds)) {
+				$extra = ' OR locationid IS NULL';
+			}
 			$res = Database::simpleQuery("SELECT locationid, Count(*) AS cnt, Sum(If(state = 'OCCUPIED', 1, 0)) AS used
- 				 FROM machine WHERE locationid IN (:allowedLocationIds) GROUP BY locationid", compact('allowedLocationIds'));
+ 				 FROM machine WHERE (locationid IN (:allowedLocationIds) $extra) GROUP BY locationid", compact('allowedLocationIds'));
 			while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
 				$locId = (int)$row['locationid'];
 				if (isset($locationList[$locId])) {
 					$locationList[$locId]['clientCount'] = $row['cnt'];
-					$locationList[$locId]['clientLoad'] = round(100 * $row['used'] / $row['cnt']) . '%';
+					$locationList[$locId]['clientLoad'] = round(100 * $row['used'] / $row['cnt']) . ' %';
 				} else {
 					$unassigned += $row['cnt'];
+					$unassignedLoad += $row['used'];
 				}
 			}
 			unset($loc);
@@ -482,6 +489,7 @@ class Page_Locations extends Page
 			'haveOverlapSelf' => !empty($overlapSelf),
 			'haveOverlapOther' => !empty($overlapOther),
 			'unassignedCount' => $unassigned,
+			'unassignedLoad' => round(($unassignedLoad / $unassigned) * 100) . ' %',
 			'defaultConfig' => $defaultConfig,
 			'addAllowedList' => array_values($addAllowedList),
 		);
diff --git a/modules-available/locations/templates/locations.html b/modules-available/locations/templates/locations.html
index cd04b1c8..67f22744 100644
--- a/modules-available/locations/templates/locations.html
+++ b/modules-available/locations/templates/locations.html
@@ -96,9 +96,10 @@
 				<a href="?do=Statistics&amp;show=list&amp;filters=location=0">
 					&nbsp;{{unassignedCount}}&nbsp;
 				</a>
+				<span style="display:inline-block;width:5ex"></span>
 			</td>
 			<td class="text-nowrap" align="right">
-				{{clientLoad}}
+				{{unassignedLoad}}
 			</td>
 			<td></td>
 			<td>{{defaultConfig}}</td>
-- 
cgit v1.2.3-55-g7522


From 4c8a7363bf24072bebfa5e80b0257dd6011a8db0 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 2 Jan 2019 14:26:34 +0100
Subject: [locations] Fix invalid array access

---
 modules-available/locations/inc/location.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/inc/location.inc.php b/modules-available/locations/inc/location.inc.php
index d43c36a7..8db0c5f3 100644
--- a/modules-available/locations/inc/location.inc.php
+++ b/modules-available/locations/inc/location.inc.php
@@ -429,7 +429,7 @@ class Location
 			foreach ($self as $entry) {
 				if (!isset($locs[$entry]))
 					continue;
-				$overlapSelf[]['locationname'] = $locs[$entry['locationid']]['locationname'];
+				$overlapSelf[]['locationname'] = $locs[$entry]['locationname'];
 			}
 		}
 		if ($overlapOther) {
-- 
cgit v1.2.3-55-g7522


From 59f6f89a2b7950e7b5fb4bdb0e2cdaf4998f1e9e Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 11 Jan 2019 16:49:58 +0100
Subject: [locations] Show current boot menu per location, add edit button

---
 .../locations/lang/de/template-tags.json           |  1 +
 .../locations/lang/en/template-tags.json           |  1 +
 modules-available/locations/page.inc.php           | 60 ++++++++++++++++------
 .../locations/templates/locations.html             | 17 +++++-
 4 files changed, 61 insertions(+), 18 deletions(-)

(limited to 'modules-available/locations')

diff --git a/modules-available/locations/lang/de/template-tags.json b/modules-available/locations/lang/de/template-tags.json
index 43142555..96273ce4 100644
--- a/modules-available/locations/lang/de/template-tags.json
+++ b/modules-available/locations/lang/de/template-tags.json
@@ -3,6 +3,7 @@
     "lang_areYouSureNoUndo": "Sind Sie sicher? Diese Aktion kann nicht r\u00fcckg\u00e4ngig gemacht werden.",
     "lang_assignSubnetExplanation": "Rechner, die in einen der hier aufgef\u00fchrten Adressbereiche fallen, werden diesem Ort zugeschrieben und erhalten damit z.B. f\u00fcr diesen Raum angepasste Veranstaltungslisten.",
     "lang_assignedSubnets": "Zugeordnete Subnetze bzw. IP-Bereiche",
+    "lang_bootMenu": "Bootmen\u00fc",
     "lang_deleteChildLocations": "Untergeordnete Orte ebenfalls l\u00f6schen",
     "lang_deleteLocation": "Ort l\u00f6schen",
     "lang_deleteSubnet": "Bereich l\u00f6schen",
diff --git a/modules-available/locations/lang/en/template-tags.json b/modules-available/locations/lang/en/template-tags.json
index 41261726..64211e27 100644
--- a/modules-available/locations/lang/en/template-tags.json
+++ b/modules-available/locations/lang/en/template-tags.json
@@ -3,6 +3,7 @@
     "lang_areYouSureNoUndo": "Are you sure? This cannot be undone!",
     "lang_assignSubnetExplanation": "Client machines which fall into an IP range listed below will be assigned to this location and will see an according lecture list (e.g. they will see lectures that are exclusively assigned to this location).",
     "lang_assignedSubnets": "Assigned subnets \/ IP ranges",
+    "lang_bootMenu": "Boot menu",
     "lang_deleteChildLocations": "Delete child locations aswell",
     "lang_deleteLocation": "Delete location",
     "lang_deleteSubnet": "Delete range",
diff --git a/modules-available/locations/page.inc.php b/modules-available/locations/page.inc.php
index 9beae163..2d8f5ff9 100644
--- a/modules-available/locations/page.inc.php
+++ b/modules-available/locations/page.inc.php
@@ -375,6 +375,11 @@ class Page_Locations extends Page
 			} else {
 				$locationList[$lid]['havestatistics'] = false;
 			}
+			if (User::hasPermission('.serversetup.ipxe.menu.assign', $lid)) {
+				$visibleLocationIds[] = $lid;
+			} else {
+				$locationList[$lid]['haveipxe'] = false;
+			}
 			if (!in_array($lid, $visibleLocationIds)) {
 				unset($locationList[$lid]);
 			} elseif (!in_array($lid, $allowedLocationIds)) {
@@ -440,22 +445,7 @@ class Page_Locations extends Page
 					$locationList[$locId] += array('configName' => $conf['title'], 'configClass' => 'slx-bold');
 				}
 			}
-			$depth = array();
-			foreach ($locationList as &$loc) {
-				$d = $loc['depth'];
-				if (!isset($loc['configName'])) {
-					// Has no explicit config assignment
-					if ($d === 0) {
-						$loc['configName'] = $defaultConfig;
-					} else {
-						$loc['configName'] = $depth[$d - 1];
-					}
-					$loc['configClass'] = 'gray';
-				}
-				$depth[$d] = $loc['configName'];
-				unset($depth[$d + 1]);
-			}
-			unset($loc);
+			$this->propagateFields($locationList, $defaultConfig, 'configName', 'configClass');
 		}
 		// Count overridden config vars
 		if (Module::get('baseconfig') !== false) {
@@ -467,6 +457,24 @@ class Page_Locations extends Page
 					$locationList[$lid]['overriddenVars'] = $row['cnt'];
 				}
 			}
+			// Confusing because the count might be inaccurate within a branch
+			//$this->propagateFields($locationList, '', 'overriddenVars', 'overriddenClass');
+		}
+		// Show ipxe menu
+		if (Module::get('serversetup') !== false) {
+			$res = Database::simpleQuery("SELECT ml.locationid, m.title, ml.defaultentryid FROM serversetup_menu m
+				INNER JOIN serversetup_menu_location ml USING (menuid)
+				WHERE locationid IN (:allowedLocationIds) GROUP BY locationid", compact('allowedLocationIds'));
+			while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+				$lid = (int)$row['locationid'];
+				if (isset($locationList[$lid])) {
+					if ($row['defaultentryid'] !== null) {
+						$row['title'] .= '(*)';
+					}
+					$locationList[$lid]['customMenu'] = $row['title'];
+				}
+			}
+			$this->propagateFields($locationList, '', 'customMenu', 'customMenuClass');
 		}
 
 		$addAllowedLocs = User::getAllowedLocations("location.add");
@@ -484,6 +492,7 @@ class Page_Locations extends Page
 			'havestatistics' => Module::get('statistics') !== false,
 			'havebaseconfig' => Module::get('baseconfig') !== false,
 			'havesysconfig' => Module::get('sysconfig') !== false,
+			'haveipxe' => Module::get('serversetup') !== false,
 			'overlapSelf' => $overlapSelf,
 			'overlapOther' => $overlapOther,
 			'haveOverlapSelf' => !empty($overlapSelf),
@@ -637,4 +646,23 @@ class Page_Locations extends Page
 		return $result;
 	}
 
+	private function propagateFields(&$locationList, $defaultValue, $name, $class)
+	{
+		$depth = array();
+		foreach ($locationList as &$loc) {
+			$d = $loc['depth'];
+			if (!isset($loc[$name])) {
+				// Has no explicit config assignment
+				if ($d === 0) {
+					$loc[$name] = $defaultValue;
+				} else {
+					$loc[$name] = $depth[$d - 1];
+				}
+				$loc[$class] = 'gray';
+			}
+			$depth[$d] = $loc[$name];
+			unset($depth[$d + 1]);
+		}
+	}
+
 }
diff --git a/modules-available/locations/templates/locations.html b/modules-available/locations/templates/locations.html
index 67f22744..06d32020 100644
--- a/modules-available/locations/templates/locations.html
+++ b/modules-available/locations/templates/locations.html
@@ -37,6 +37,9 @@
 			<th class="text-nowrap">
 				{{#havesysconfig}}{{lang_sysConfig}}{{/havesysconfig}}
 			</th>
+			<th class="text-nowrap">
+				{{#haveipxe}}{{lang_bootMenu}}{{/haveipxe}}
+			</th>
 		</tr>
 		{{#list}}
 			<tr>
@@ -67,7 +70,7 @@
 					{{clientLoad}}
 					{{/havestatistics}}
 				</td>
-				<td class="text-nowrap">
+				<td class="text-nowrap {{overriddenClass}}">
 					{{#havebaseconfig}}
 					<div class="pull-right" style="z-index:-1">
 						<a class="btn btn-default btn-xs" href="?do=baseconfig&amp;module=locations&amp;locationid={{locationid}}"><span class="glyphicon glyphicon-edit"></span></a>
@@ -87,6 +90,16 @@
 					</span>
 					{{/havesysconfig}}
 				</td>
+				<td class="text-nowrap">
+					{{#haveipxe}}
+						<div class="pull-right">
+							<a class="btn btn-default btn-xs" href="?do=serversetup&amp;show=assignlocation&amp;locationid={{locationid}}"><span class="glyphicon glyphicon-edit"></span></a>
+						</div>
+						<span class="{{customMenuClass}}">
+					{{customMenu}}&emsp;&emsp;
+					</span>
+					{{/haveipxe}}
+				</td>
 			</tr>
 		{{/list}}
 		{{#unassignedCount}}
@@ -170,7 +183,7 @@ function slxOpenLocation(e, lid) {
 		}
 		return;
 	}
-	var td = $('<td>').attr('colspan', '5').css('padding', '0px 0px 12px');
+	var td = $('<td>').attr('colspan', '6').css('padding', '0px 0px 12px');
 	var tr = $('<tr>').attr('id', 'location-details-' + lid);
 	tr.append(td);
 	$(e).closest('tr').addClass('active slx-bold').after(tr);
-- 
cgit v1.2.3-55-g7522