From b2d0bc504a98c1faa01885bfb5670b6aae1bbeef Mon Sep 17 00:00:00 2001
From: Nate <github@najo.com>
Date: Tue, 29 Sep 2020 16:33:44 -0600
Subject: [PATCH] Group - Copy: Fix duplicate permissions issue.

---
 core/groups/group_edit.php        | 20 +++++++++++++++++++-
 core/groups/group_permissions.php | 31 ++++++++++++++++---------------
 2 files changed, 35 insertions(+), 16 deletions(-)

diff --git a/core/groups/group_edit.php b/core/groups/group_edit.php
index 20c46742ed..a47fb1e3cd 100644
--- a/core/groups/group_edit.php
+++ b/core/groups/group_edit.php
@@ -56,6 +56,7 @@
 	if (is_array($_POST)) {
 		$group_uuid = $_POST["group_uuid"];
 		$group_name = $_POST["group_name"];
+		$group_name_previous = $_POST["group_name_previous"];
 		$domain_uuid = $_POST["domain_uuid"];
 		$group_level = $_POST["group_level"];
 		$group_protected = $_POST["group_protected"];
@@ -136,6 +137,22 @@
 			$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
 			$database->save($array);
 
+		//update group name in group permissions if group name changed
+			if ($group_name != $group_name_previous) {
+				$sql = "update v_group_permissions ";
+				$sql .= "set group_name = :group_name ";
+				$sql .= "where group_name = :group_name_previous ";
+				$sql .= "and group_uuid = :group_uuid ";
+				$parameters['group_name'] = $group_name;
+				$parameters['group_name_previous'] = $group_name_previous;
+				$parameters['group_uuid'] = $group_uuid;
+				$database = new database;
+				$database->app_name = 'Group Manager';
+				$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+				$database->execute($sql, $parameters);
+				unset($sql, $parameters, $database);
+			}
+
 		//redirect the user
 			if (isset($action)) {
 				if ($action == "add") {
@@ -147,7 +164,7 @@
 				header('Location: group_edit.php?id='.urlencode($group_uuid));
 				return;
 			}
-	} //(is_array($_POST) && strlen($_POST["persistformvar"]) == 0)
+	}
 
 //pre-populate the form
 	if (is_array($_GET) && $_POST["persistformvar"] != "true") {
@@ -227,6 +244,7 @@
 	echo "</td>\n";
 	echo "<td width='70%' class='vtable' style='position: relative;' align='left'>\n";
 	echo "	<input class='formfld' type='text' name='group_name' maxlength='255' value='".escape($group_name)."'>\n";
+	echo "	<input type='hidden' name='group_name_previous' value='".escape($group_name)."'>\n";
 	echo "<br />\n";
 	echo $text['description-group_name']."\n";
 	echo "</td>\n";
diff --git a/core/groups/group_permissions.php b/core/groups/group_permissions.php
index 8fb203056f..b8c92f8729 100644
--- a/core/groups/group_permissions.php
+++ b/core/groups/group_permissions.php
@@ -122,11 +122,13 @@
 	$sql .= "	v_group_permissions as g \n"; 
 	$sql .= "	on p.permission_name = g.permission_name \n"; 
 	$sql .= "	and group_name = :group_name \n"; 
+	$sql .= " 	and g.group_uuid = :group_uuid \n";
 	if (isset($sql_search)) {
 		$sql .= "where ".$sql_search;
 	}
 	$sql .= "	order by p.application_name, p.permission_name asc "; 
 	$parameters['group_name'] = $group_name;
+	$parameters['group_uuid'] = $group_uuid;
 	$database = new database;
 	$group_permissions = $database->select($sql, $parameters, 'all');
 
@@ -321,21 +323,20 @@
 				echo "		<tr>";
 				echo "			<td align='left' colspan='999' nowrap='nowrap'><b>".escape($label_application_name)."</b></td>\n";
 				echo "		</tr>";
-				echo "<tr class='list-header'>\n";
+				echo "		<tr class='list-header'>\n";
 				if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) {
-					echo "	<th class='checkbox'>\n";
-					echo "		<input type='checkbox' id='checkbox_all_".$application_name."' name='checkbox_all' onclick=\"list_all_toggle('".$application_name."');\">\n";
-					echo "	</th>\n";
+					echo "		<th class='checkbox'>\n";
+					echo "			<input type='checkbox' id='checkbox_all_".$application_name."' name='checkbox_all' onclick=\"list_all_toggle('".$application_name."');\">\n";
+					echo "		</th>\n";
 				}
 				echo th_order_by('group_name', $text['label-group_name'], $order_by, $order);
-				if (permission_exists('group_permission_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
-					echo "	<td class='action-button'>&nbsp;</td>\n";
+				if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) {
+					echo th_order_by('group_permission_protected', $text['label-group_protected'], $order_by, $order, null, "style='text-align: right;'");
+					echo "		<th class='checkbox'>\n";
+					echo "			<input type='checkbox' id='checkbox_all_".$application_name."_protected' name='checkbox_protected_all' onclick=\"list_all_toggle('".$application_name."_protected');\">\n";
+					echo "		</th>\n";
 				}
-				echo "	<th class='checkbox'>\n";
-				echo "		<input type='checkbox' id='checkbox_all_".$application_name."_protected' name='checkbox_protected_all' onclick=\"list_all_toggle('".$application_name."_protected');\">\n";
-				echo "	</th>\n";
-				echo th_order_by('group_permission_protected', $text['label-group_protected'], $order_by, $order, null, "class=''");
-				echo "</tr>\n";
+				echo "		</tr>\n";
 
 			}
 			echo "<tr class='list-row'>\n";
@@ -346,15 +347,15 @@
 				echo "		<input type='hidden' name='group_permissions[$x][permission_name]' value='".escape($row['permission_name'])."' />\n";
 				echo "	</td>\n";
 			}
-			echo "	<td  class='no-wrap' onclick=\"if (document.getElementById('checkbox_".$x."').checked) { document.getElementById('checkbox_".$x."').checked = false; document.getElementById('checkbox_all_".$application_name."').checked = false; } else { document.getElementById('checkbox_".$x."').checked = true; }\">".escape($row['permission_name'])."</td>\n";
+			echo "	<td class='no-wrap' onclick=\"if (document.getElementById('checkbox_".$x."').checked) { document.getElementById('checkbox_".$x."').checked = false; document.getElementById('checkbox_all_".$application_name."').checked = false; } else { document.getElementById('checkbox_".$x."').checked = true; }\">";
+			echo "		".escape($row['permission_name']);
+			echo "	</td>\n";
 			if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) {
+				echo "	<td>&nbsp;</td>\n";
 				echo "	<td class='checkbox'>\n";
 				echo "		<input type='checkbox' name='group_permissions[$x][permission_protected]' id='checkbox_protected_".$x."' class='checkbox_".$application_name."_protected' value='true' ".$protected." onclick=\"if (!this.checked) { document.getElementById('checkbox_all_".$application_name."_protected').checked = false; }\">\n";
 				echo "	</td>\n";
 			}
-			echo "	</td>\n";
-			echo "	<td>";
-			echo "	</td>\n";
 			echo "</tr>\n";
 
 			//set the previous category