diff --git a/core/users/app_config.php b/core/users/app_config.php index 1abe3746c4..48c3882fb7 100644 --- a/core/users/app_config.php +++ b/core/users/app_config.php @@ -37,6 +37,12 @@ $apps[$x]['permissions'][$y]['groups'][] = "admin"; $apps[$x]['permissions'][$y]['groups'][] = "superadmin"; $y++; + $apps[$x]['permissions'][$y]['name'] = 'user_domain'; + $apps[$x]['permissions'][$y]['groups'][] = 'superadmin'; + $y++; + $apps[$x]['permissions'][$y]['name'] = 'user_all'; + $apps[$x]['permissions'][$y]['groups'][] = 'superadmin'; + $y++; $apps[$x]['permissions'][$y]['name'] = "group_view"; $apps[$x]['permissions'][$y]['menu']['uuid'] = "3b4acc6d-827b-f537-bf21-0093d94ffec7"; $apps[$x]['permissions'][$y]['groups'][] = "admin"; diff --git a/core/users/app_languages.php b/core/users/app_languages.php index 16686f35c5..f4b0c7959a 100644 --- a/core/users/app_languages.php +++ b/core/users/app_languages.php @@ -347,6 +347,16 @@ $text['button-generate']['pt-pt'] = "Geração"; $text['button-generate']['fr-fr'] = "Générer"; + $text['button-show_all']['en-us'] = "Show All"; + $text['button-show_all']['es-cl'] = "Mostrar Todos"; + $text['button-show_all']['pt-pt'] = "Mostrar Todos"; + $text['button-show_all']['fr-fr'] = "Montrer Tout"; + + $text['label-domain']['en-us'] = "Domain"; + $text['label-domain']['es-cl'] = "Dominio"; + $text['label-domain']['pt-pt'] = "Domínio"; + $text['label-domain']['fr-fr'] = "Domaine"; + $text['confirm-delete']['en-us'] = "Do you really want to delete this?"; $text['confirm-delete']['es-cl'] = "¿Realmente desea eliminar esto?"; $text['confirm-delete']['pt-pt'] = "Tem a certeza que pretende remover isto?"; diff --git a/core/users/userdelete.php b/core/users/userdelete.php index 2ae0926f76..b455e25ef2 100644 --- a/core/users/userdelete.php +++ b/core/users/userdelete.php @@ -43,17 +43,21 @@ else { //validate the uuid if (is_uuid($user_uuid)) { - //get the username from v_users - $sql = "select * from v_users "; - $sql .= "where user_uuid = '$user_uuid' "; - $sql .= "and domain_uuid = '$domain_uuid' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach ($result as &$row) { - $username = $row["username"]; + //get the user's domain from v_users + if (permission_exists('user_domain')) { + $sql = "select domain_uuid from v_users "; + $sql .= "where user_uuid = '".$user_uuid."' "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); + foreach ($result as &$row) { + $domain_uuid = $row["domain_uuid"]; + } + unset ($prep_statement); + } + else { + $domain_uuid = $_SESSION['domain_uuid']; } - unset ($prep_statement); //required to be a superadmin to delete a member of the superadmin group $superadmin_list = superadmin_list($db); @@ -65,10 +69,19 @@ else { } } + //delete the user settings + $sql = "delete from v_user_settings "; + $sql .= "where user_uuid = '".$user_uuid."' "; + $sql .= "and domain_uuid = '".$domain_uuid."' "; + if (!$db->exec($sql)) { + $info = $db->errorInfo(); + print_r($info); + } + //delete the groups the user is assigned to $sql = "delete from v_group_users "; - $sql .= "where user_uuid = '$user_uuid' "; - $sql .= "and domain_uuid = '$domain_uuid' "; + $sql .= "where user_uuid = '".$user_uuid."' "; + $sql .= "and domain_uuid = '".$domain_uuid."' "; if (!$db->exec($sql)) { $info = $db->errorInfo(); print_r($info); @@ -76,8 +89,8 @@ else { //delete the user $sql = "delete from v_users "; - $sql .= "where user_uuid = '$user_uuid' "; - $sql .= "and domain_uuid = '$domain_uuid' "; + $sql .= "where user_uuid = '".$user_uuid."' "; + $sql .= "and domain_uuid = '".$domain_uuid."' "; if (!$db->exec($sql)) { $info = $db->errorInfo(); print_r($info); diff --git a/core/users/usersupdate.php b/core/users/usersupdate.php index dd9dd17dd2..9b183ca5a4 100644 --- a/core/users/usersupdate.php +++ b/core/users/usersupdate.php @@ -61,8 +61,10 @@ else { //set the variables $group_uuid = check_str($_GET["group_uuid"]); //delete the group from the users - $sql = "delete from v_group_users "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; + $sql = "delete from v_group_users where 1 = 1 "; + if (!permission_exists('user_domain')) { + $sql .= "and domain_uuid = '".$domain_uuid."' "; + } $sql .= "and group_uuid = '".$group_uuid."' "; $sql .= "and user_uuid = '".$user_uuid."' "; $db->exec(check_sql($sql)); @@ -110,6 +112,15 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") { $user_enabled = check_str($_POST["user_enabled"]); $api_key = check_str($_POST["api_key"]); + //get the domain_uuid + if (permission_exists('user_domain')) { + $domain_uuid = check_str($_POST["domain_uuid"]); + } + else { + $_POST["domain_uuid"] = $_SESSION['domain_uuid']; + $domain_uuid = $_SESSION['domain_uuid']; + } + //check required values if ($username != $username_old) { $sql = "select count(*) as num_rows from v_users where domain_uuid = '".$domain_uuid."' and username = '".$username."'"; @@ -157,7 +168,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") { $sql .= ") "; $sql .= "values "; $sql .= "("; - $sql .= "'".$_SESSION["domain_uuid"]."', "; + $sql .= "'".$domain_uuid."', "; $sql .= "'".$user_setting_uuid."', "; $sql .= "'domain', "; $sql .= "'language', "; @@ -213,7 +224,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") { $sql .= ") "; $sql .= "values "; $sql .= "("; - $sql .= "'".$_SESSION["domain_uuid"]."', "; + $sql .= "'".$domain_uuid."', "; $sql .= "'".$user_setting_uuid."', "; $sql .= "'domain', "; $sql .= "'time_zone', "; @@ -279,10 +290,26 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") { } } + //change domain_uuid in group users and user settings tables + if (permission_exists('user_domain')) { + $sql = "update v_group_users set "; + $sql .= "domain_uuid = '".$domain_uuid."' "; + $sql .= "where user_uuid = '".$user_uuid."' "; + $db->exec(check_sql($sql)); + + $sql = "update v_user_settings set "; + $sql .= "domain_uuid = '".$domain_uuid."' "; + $sql .= "where user_uuid = '".$user_uuid."' "; + $db->exec(check_sql($sql)); + } + //sql update $sql = "update v_users set "; + if (permission_exists('user_domain')) { + $sql .= "domain_uuid = '".$domain_uuid."', "; + } if (strlen($username) > 0 && $username != $username_old) { - $sql .= "username = '$username', "; + $sql .= "username = '".$username."', "; } if (strlen($password) > 0 && $confirm_password == $password) { //salt used with the password to create a one way hash @@ -292,21 +319,24 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") { $sql .= "salt = '".$salt."', "; } if (strlen($api_key) > 0) { - $sql .= "api_key = '$api_key', "; + $sql .= "api_key = '".$api_key."', "; } else { $sql .= "api_key = null, "; } - $sql .= "user_status = '$user_status', "; - $sql .= "user_enabled = '$user_enabled', "; + $sql .= "user_status = '".$user_status."', "; + $sql .= "user_enabled = '".$user_enabled."', "; if (strlen($contact_uuid) == 0) { $sql .= "contact_uuid = null "; } else { - $sql .= "contact_uuid = '$contact_uuid' "; + $sql .= "contact_uuid = '".$contact_uuid."' "; } - $sql .= "where domain_uuid = '$domain_uuid' "; - $sql .= "and user_uuid = '$user_uuid' "; + $sql .= "where 1 = 1 "; + if (!permission_exists('user_domain')) { + $sql .= "and domain_uuid = '".$domain_uuid."' "; + } + $sql .= "and user_uuid = '".$user_uuid."' "; $db->exec(check_sql($sql)); @@ -327,11 +357,11 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") { //update the user_status $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); - $switch_cmd .= "callcenter_config agent set status ".$username."@".$_SESSION['domain_name']." '".$user_status."'"; + $switch_cmd .= "callcenter_config agent set status ".$username."@".$_SESSION['domains'][$domain_uuid]['domain_name']." '".$user_status."'"; $switch_result = event_socket_request($fp, 'api '.$switch_cmd); //update the user state - $cmd = "api callcenter_config agent set state ".$username."@".$_SESSION['domain_name']." Waiting"; + $cmd = "api callcenter_config agent set state ".$username."@".$_SESSION['domains'][$domain_uuid]['domain_name']." Waiting"; $response = event_socket_request($fp, $cmd); } @@ -349,16 +379,18 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") { } else { - $sql = "select * from v_users "; - //allow admin access - if (if_group("admin") || if_group("superadmin")) { - $sql .= "where domain_uuid = '$domain_uuid' "; - $sql .= "and user_uuid = '$user_uuid' "; + $sql = "select * from v_users where 1 = 1 "; + if (!permission_exists('user_domain')) { + $sql .= "and domain_uuid = '$domain_uuid' "; } + $sql .= "and user_uuid = '$user_uuid' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { + if (permission_exists('user_domain')) { + $domain_uuid = $row["domain_uuid"]; + } $user_uuid = $row["user_uuid"]; $username = $row["username"]; $password = $row["password"]; @@ -454,6 +486,23 @@ else { echo " "; echo " "; + if (permission_exists('user_domain')) { + echo "\n"; + echo "\n"; + echo " ".$text['label-domain']."\n"; + echo "\n"; + echo "\n"; + echo " \n"; + echo "
\n"; + echo $text['description-domain_name']."\n"; + echo "\n"; + echo "\n"; + } + echo " "; echo " ".$text['label-groups'].""; echo " "; @@ -531,7 +580,7 @@ else { echo " ".$text['label-contact'].""; echo " \n"; $sql = " select contact_uuid, contact_organization, contact_name_given, contact_name_family from v_contacts "; - $sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' "; + $sql .= " where domain_uuid = '".$domain_uuid."' "; $sql .= " order by contact_organization desc, contact_name_family asc, contact_name_given asc "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); @@ -578,39 +627,14 @@ else { echo " ".$text['label-status']."\n"; echo " \n"; echo " \n"; - $cmd = "'".PROJECT_PATH."/app/calls_active/v_calls_exec.php?cmd=callcenter_config+agent+set+status+".$_SESSION['username']."@".$_SESSION['domain_name']."+'+this.value"; + $cmd = "'".PROJECT_PATH."/app/calls_active/v_calls_exec.php?cmd=callcenter_config+agent+set+status+".$username."@".$_SESSION['domains'][$domain_uuid]['domain_name']."+'+this.value"; echo " \n"; echo "
\n"; echo " ".$text['description-status']."
\n"; @@ -694,23 +718,13 @@ else { echo "\n"; echo "\n"; - echo " ".$text['label-enabled']."\n"; + echo " ".$text['label-enabled']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo $text['description-enabled']."\n"; echo "\n";