From 81553d488552bed491fa5a96ad9a9b7ecf5bf44c Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Tue, 16 Jun 2015 00:14:28 -0400 Subject: [PATCH] #196 Patch up some permission stuff --- admin/manage_users.php | 11 +---------- inc/common.inc.php | 1 + inc/profile_functions.inc.php | 7 +++---- 3 files changed, 5 insertions(+), 14 deletions(-) diff --git a/admin/manage_users.php b/admin/manage_users.php index f1a22b8b..11f407d5 100644 --- a/admin/manage_users.php +++ b/admin/manage_users.php @@ -432,7 +432,7 @@ function edit_user() if ( ! isset($_SESSION['save_userdata'])) { - $res = hesk_dbQuery("SELECT *,`heskprivileges` AS `features`, `can_manage_settings`, `active`, `can_change_notification_settings` + $res = hesk_dbQuery("SELECT *,`heskprivileges` AS `features`, `active` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='".intval($id)."' LIMIT 1"); $_SESSION['userdata'] = hesk_dbFetchAssoc($res); @@ -535,8 +535,6 @@ function new_user() `categories`, `autoassign`, `heskprivileges`, - `can_manage_settings`, - `can_change_notification_settings`, `afterreply`, `autostart`, `notify_customer_new`, @@ -561,8 +559,6 @@ function new_user() '".hesk_dbEscape($myuser['categories'])."', '".intval($myuser['autoassign'])."', '".hesk_dbEscape($myuser['features'])."', - '".hesk_dbEscape($myuser['can_manage_settings'])."', - '".hesk_dbEscape($myuser['can_change_notification_settings'])."', '".($myuser['afterreply'])."' , '".($myuser['autostart'])."' , '".($myuser['notify_customer_new'])."' , @@ -693,7 +689,6 @@ function update_user() `active`='".intval($myuser['active'])."', `autoassign`='".intval($myuser['autoassign'])."', `heskprivileges`='".hesk_dbEscape($myuser['features'])."', - `can_change_notification_settings`='".hesk_dbEscape($myuser['can_change_notification_settings'])."', `afterreply`='".($myuser['afterreply'])."' , `autostart`='".($myuser['autostart'])."' , `notify_customer_new`='".($myuser['notify_customer_new'])."' , @@ -740,10 +735,6 @@ function hesk_validateUserInfo($pass_required = 1, $redirect_to = './manage_user $myuser['autoassign'] = hesk_POST('autoassign') == 'Y' ? 1 : 0; $myuser['active'] = empty($_POST['active']) ? 0 : 1; $myuser['can_change_notification_settings'] = empty($_POST['can_change_notification_settings']) ? 0 : 1; - if ($myuser['isadmin']) - { - $myuser['can_change_notification_settings'] = 1; - } /* If it's not admin at least one category and fature is required */ $myuser['categories'] = array(); diff --git a/inc/common.inc.php b/inc/common.inc.php index 265ef680..0ecbccd5 100644 --- a/inc/common.inc.php +++ b/inc/common.inc.php @@ -1945,5 +1945,6 @@ function hesk_getFeatureArray() { 'can_set_manager', /* User can set category managers */ 'can_man_permission_tpl', /* User can manage permission templates */ 'can_man_settings', /* User can manage helpdesk settings */ + 'can_change_notification_settings', /* User can change notification settings */ ); } \ No newline at end of file diff --git a/inc/profile_functions.inc.php b/inc/profile_functions.inc.php index b7681fc8..8f5e6062 100644 --- a/inc/profile_functions.inc.php +++ b/inc/profile_functions.inc.php @@ -190,9 +190,6 @@ function hesk_profile_tab($session_array='new',$is_profile_page=true,$action='pr echo ' />' . $hesklang[$k] . ' '; } ?> -
- -
@@ -263,7 +260,9 @@ function hesk_profile_tab($session_array='new',$is_profile_page=true,$action='pr
-