Netsyms
/
Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'bring-back-managers' into '3-2-0'

Browse Source 
Bring back managers

See merge request mike-koch/Mods-for-HESK!70
master
Mike Koch 7 years ago
parent a3709c187b 6d632be7b8
commit fedb26fd43
20 changed files with 299 additions and 180 deletions
Show Stats Download Patch File Download Diff File

1
README.md
Unescape Escape View File

@ -33,6 +33,7 @@ Mods for HESK is a set of modifications for [HESK](https://www.hesk.com) v2.7.x,
<li>Custom service message icons</li>
<li>Permission templates</li>
<li>Request users location in tickets</li>
<li>Category managers</li>
<li>Show number of merged tickets in ticket search view</li>
<li>Enable / disable staff members</li>
<li>More-restricted settings page access</li>

6
admin/admin_reply_ticket.php
Unescape Escape View File

@ -39,7 +39,9 @@ hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_reply_tickets');
if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_checkPermission('can_reply_tickets');
}
/* A security check */
# hesk_token_check('POST');
@ -279,7 +281,7 @@ if ($time_worked == '00:00:00') {
$sql .= ",`time_worked` = ADDTIME(`time_worked`,'" . hesk_dbEscape($time_worked) . "') ";
}
if (!empty($_POST['assign_self']) && (hesk_checkPermission('can_assign_self', 0))) {
if (!empty($_POST['assign_self']) && (hesk_checkPermission('can_assign_self', 0) || (isset($_REQUEST['isManager']) && $_REQUEST['isManager']))) {
$revision = sprintf($hesklang['thist2'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')', $_SESSION['name'] . ' (' . $_SESSION['user'] . ')');
$sql .= " , `owner`=" . intval($_SESSION['id']) . ", `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') ";
}

51
admin/admin_ticket.php
Unescape Escape View File

@ -107,14 +107,33 @@ if ($ticket['lastreplier']) {
}
/* Get category name and ID */
$result = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='" . intval($ticket['category']) . "' LIMIT 1");
$result = hesk_dbQuery("SELECT `id`, `name`, `manager` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='" . intval($ticket['category']) . "' LIMIT 1");
/* If this category has been deleted use the default category with ID 1 */
if (hesk_dbNumRows($result) != 1) {
$result = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='1' LIMIT 1");
$result = hesk_dbQuery("SELECT `id`, `name`, `manager` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='1' LIMIT 1");
}
$category = hesk_dbFetchAssoc($result);
$managerRS = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` WHERE `id` = ' . intval($_SESSION['id']));
$managerRow = hesk_dbFetchAssoc($managerRS);
$isManager = $managerRow['id'] == $category['manager'];
if ($isManager) {
$can_del_notes =
$can_reply =
$can_delete =
$can_edit =
$can_archive =
$can_assign_self =
$can_view_unassigned =
$can_change_own_cat =
$can_change_cat =
$can_ban_emails =
$can_unban_emails =
$can_ban_ips =
$can_unban_ips =
$can_resolve = true;
}
/* Is this user allowed to view tickets inside this category? */
hesk_okCategory($category['id']);
@ -971,6 +990,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<input type="submit" style="display: none" value="' . $hesklang['go'] . '" /><input type="hidden" name="track" value="' . $trackingID . '" />
<input type="hidden" name="token" value="' . hesk_token_echo(0) . '" />';
if ($isManager) {
echo '<input type="hidden" name="isManager" value="1">';
}
echo '</span>
</form>
@ -994,12 +1016,15 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
<input type="submit" style="display:none;" value="' . $hesklang['go'] . '" class="btn btn-default" /><input type="hidden" name="track" value="' . $trackingID . '" />
<input type="hidden" name="token" value="' . hesk_token_echo(0) . '" />';
if ($isManager) {
echo '<input type="hidden" name="isManager" value="1">';
}
echo '</span>
</form>
</div>';
echo '<div class="col-md-3 col-sm-12 ticket-cell-admin"><p class="ticket-property-title">' . $hesklang['owner'] . '</p>';
if (hesk_checkPermission('can_assign_others', 0)) {
if (hesk_checkPermission('can_assign_others', 0) || $isManager) {
echo '
<form style="margin-bottom:0;" id="changeOwnerForm" action="assign_owner.php" method="post">
<span style="white-space:nowrap;">
@ -1242,14 +1267,15 @@ require_once(HESK_PATH . 'inc/footer.inc.php');
function hesk_getAdminButtons($category_id)
{
global $hesk_settings, $hesklang, $modsForHesk_settings, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $can_resolve;
global $hesk_settings, $hesklang, $modsForHesk_settings, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $can_resolve, $isManager;
$options = '';
/* Edit post */
if ($can_edit) {
$tmp = $reply ? '&amp;reply=' . $reply['id'] : '';
$options .= '<a class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['edit'] . '</a> ';
$mgr = $isManager ? '&amp;isManager=true' : '';
$options .= '<a class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . $mgr . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['edit'] . '</a> ';
}
@ -1295,12 +1321,13 @@ function hesk_getAdminButtons($category_id)
$isTicketClosed = $isTicketClosedRow['IsClosed'];
$isClosable = $isTicketClosedRow['Closable'] == 'yes' || $isTicketClosedRow['Closable'] == 'sonly';
$mgr = $isManager ? '&amp;isManager=1' : '';
if ($isTicketClosed == 0 && $isClosable && $can_resolve) // Ticket is still open
{
$options .= '<a class="btn btn-default" href="change_status.php?track=' . $trackingID . '&amp;s=' . $staffClosedOptionStatus['ID'] . '&amp;Refresh=' . $random . '&amp;token=' . hesk_token_echo(0) . '">
$options .= '<a class="btn btn-default" href="change_status.php?track=' . $trackingID . $mgr . '&amp;s=' . $staffClosedOptionStatus['ID'] . '&amp;Refresh=' . $random . '&amp;token=' . hesk_token_echo(0) . '">
<i class="fa fa-check-circle green"></i> ' . $hesklang['close_action'] . '</a> ';
} elseif ($isTicketClosed == 1) {
$options .= '<a class="btn btn-default" href="change_status.php?track=' . $trackingID . '&amp;s=' . $staffReopenedStatus['ID'] . '&amp;Refresh=' . $random . '&amp;token=' . hesk_token_echo(0) . '">
$options .= '<a class="btn btn-default" href="change_status.php?track=' . $trackingID . $mgr . '&amp;s=' . $staffReopenedStatus['ID'] . '&amp;Refresh=' . $random . '&amp;token=' . hesk_token_echo(0) . '">
<i class="fa fa-folder-open-o green"></i> ' . $hesklang['open_action'] . '</a> ';
}
@ -1486,7 +1513,7 @@ function hesk_getAdminButtons($category_id)
function hesk_getAdminButtonsInTicket($reply = 0, $white = 1)
{
global $hesk_settings, $hesklang, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete;
global $hesk_settings, $hesklang, $ticket, $reply, $trackingID, $can_edit, $can_archive, $can_delete, $isManager;
$options = $reply ? '' : '<div class="pull-right">';
@ -1509,7 +1536,8 @@ function hesk_getAdminButtonsInTicket($reply = 0, $white = 1)
/* Edit post */
if ($can_edit) {
$tmp = $reply ? '&amp;reply=' . $reply['id'] : '';
$options .= '<a class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['edtt'] . '</a> ';
$mgr = $isManager ? '&amp;isManager=true' : '';
$options .= '<a class="btn btn-default" href="edit_post.php?track=' . $trackingID . $tmp . $mgr . '"><i class="fa fa-pencil orange"></i> ' . $hesklang['edtt'] . '</a> ';
}
@ -1823,7 +1851,7 @@ function hesk_printTicketReplies()
function hesk_printReplyForm()
{
global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $can_resolve, $options, $can_assign_self, $modsForHesk_settings;
global $hesklang, $hesk_settings, $ticket, $admins, $can_options, $can_resolve, $options, $can_assign_self, $modsForHesk_settings, $isManager;
// Force assigning a ticket before allowing to reply?
if ($hesk_settings['require_owner'] && ! $ticket['owner'])
@ -2045,6 +2073,9 @@ function hesk_printReplyForm()
</ul>
</div>
<input class="btn btn-default" type="submit" name="save_reply" value="<?php echo $hesklang['sacl']; ?>">
<?php if ($isManager): ?>
<input type="hidden" name="isManager" value="1">
<?php endif; ?>
</div>
</div>
</form>

6
admin/change_status.php
Unescape Escape View File

@ -26,8 +26,10 @@ hesk_isLoggedIn();
$modsForHesk_settings = mfh_getSettings();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_reply_tickets');
}
/* A security check */
hesk_token_check();

15
admin/edit_post.php
Unescape Escape View File

@ -32,8 +32,11 @@ hesk_dbConnect();
hesk_isLoggedIn();
/* Check permissions for this feature */
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_edit_tickets');
if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_checkPermission('can_view_tickets');
hesk_checkPermission('can_edit_tickets');
}
$modsForHesk_settings = mfh_getSettings();
/* Ticket ID */
@ -59,7 +62,10 @@ if (defined('HESK_DEMO')) {
}
/* Is this user allowed to view tickets inside this category? */
hesk_okCategory($ticket['category']);
if (!isset($_REQUEST['isManager']) || !$_REQUEST['isManager']) {
hesk_okCategory($ticket['category']);
}
if (hesk_isREQUEST('reply')) {
$tmpvar['id'] = intval(hesk_REQUEST('reply')) or die($hesklang['id_not_valid']);
@ -626,6 +632,9 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
<input type="hidden" name="html" value="<?php echo $html; ?>">
<input type="submit" value="<?php echo $hesklang['save_changes']; ?>" class="btn btn-default">
<?php if (isset($_REQUEST['isManager']) && $_REQUEST['isManager']): ?>
<input type="hidden" name="isManager" value="1">
<?php endif; ?>
<a class="btn btn-default" href="javascript:history.go(-1)"><?php echo $hesklang['back']; ?></a>
</div>
</form>

31
admin/manage_categories.php
Unescape Escape View File

@ -128,6 +128,7 @@ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix'])
<th><?php echo $hesklang['priority']; ?></th>
<th><?php echo $hesklang['not']; ?></th>
<th><?php echo $hesklang['graph']; ?></th>
<th><?php echo $hesklang['manager']; ?></th>
<th><?php echo $hesklang['usage']; ?></th>
<th><?php echo $hesklang['opt']; ?></th>
</tr>
@ -144,6 +145,19 @@ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix'])
</div>
</section>
</div>
<?php
$usersRs = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1' AND `isadmin` = '0'");
echo '<script>var users = [];';
$users = array();
while ($row = hesk_dbFetchAssoc($usersRs)) {
$users[] = $row;
echo "users[" . $row['id'] . "] = {
id: ".$row['id'].",
name: '".$row['name']."'
}\n";
}
echo '</script>';
?>
<!-- Category modal -->
<div class="modal fade" id="category-modal" tabindex="-1" role="dialog" style="overflow: hidden">
<div class="modal-dialog modal-lg" role="document">
@ -268,6 +282,19 @@ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix'])
</select>
</div>
</div>
<div class="form-group">
<label for="manager" class="col-sm-5 control-label">
<?php echo $hesklang['manager']; ?>
</label>
<div class="col-sm-7">
<select name="manager" class="form-control">
<option value="0"><?php echo $hesklang['no_manager']; ?></option>
<?php foreach ($users as $user): ?>
<option value="<?php echo $user['id']; ?>"><?php echo $user['name']; ?></option>
<?php endforeach; ?>
</select>
</div>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
@ -391,6 +418,9 @@ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix'])
</div>
</div>
</td>
<td>
<span data-property="manager"></span>
</td>
<td>
<i class="fa fa-fw fa-ticket icon-link" data-toggle="tooltip" title="<?php echo $hesklang['tickets']; ?>"></i>
<i class="fa fa-fw fa-calendar icon-link" data-toggle="tooltip" title="<?php echo $hesklang['events']; ?>"></i>
@ -446,6 +476,7 @@ echo mfh_get_hidden_fields_for_language(array(
'disabled_title_case',
'geco',
'cpric',
'no_manager',
));
require_once(HESK_PATH . 'inc/footer.inc.php');

179
admin/manage_permission_templates.php → admin/manage_permission_groups.php
Unescape Escape View File

@ -39,10 +39,6 @@ if ($action = hesk_REQUEST('a')) {
create();
} elseif ($action == 'delete') {
deleteTemplate();
} elseif ($action == 'addadmin') {
toggleAdmin(true);
} elseif ($action == 'deladmin') {
toggleAdmin(false);
}
}
@ -51,34 +47,20 @@ require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
/* Print main manage users page */
require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
<script language="Javascript" type="text/javascript"><!--
function confirm_delete() {
if (confirm('<?php echo hesk_makeJsString($hesklang['confirm_del_cat']); ?>')) {
return true;
}
else {
return false;
}
}
//-->
</script>
<?php
$modsForHesk_settings = mfh_getSettings();
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` ORDER BY `name` ASC");
$templates = array();
while ($row = hesk_dbFetchAssoc($res)) {
array_push($templates, $row);
$templates[] = $row;
}
$featureArray = hesk_getFeatureArray();
$orderBy = $modsForHesk_settings['category_order_column'];
$res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` ORDER BY `" . $orderBy . "` ASC");
$categories = array();
while ($row = hesk_dbFetchAssoc($res)) {
array_push($categories, $row);
$categories[] = $row;
}
?>
<div class="content-wrapper">
@ -87,9 +69,9 @@ while ($row = hesk_dbFetchAssoc($res)) {
<div class="box">
<div class="box-header with-border">
<h1 class="box-title">
<?php echo $hesklang['manage_permission_templates']; ?>
<?php echo $hesklang['manage_permission_groups']; ?>
<i class="fa fa-question-circle settingsquestionmark" data-toggle="tooltip" data-placement="right"
title="<?php echo $hesklang['manage_permission_templates_help']; ?>"></i>
title="<?php echo $hesklang['manage_permission_groups_help']; ?>"></i>
</h1>
<div class="box-tools pull-right">
<button type="button" class="btn btn-box-tool" data-widget="collapse">
@ -99,7 +81,7 @@ while ($row = hesk_dbFetchAssoc($res)) {
</div>
<div class="box-body">
<a href="#" data-toggle="modal" data-target="#modal-template-new" class="btn btn-success nu-floatRight">
<i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new_template']; ?>
<i class="fa fa-plus-circle"></i> <?php echo $hesklang['create_new_group']; ?>
</a>
<table class="table table-striped">
<thead>
@ -115,28 +97,11 @@ while ($row = hesk_dbFetchAssoc($res)) {
<td>
<a href="#" data-toggle="modal" data-target="#modal-template-<?php echo $row['id'] ?>">
<i class="fa fa-pencil icon-link" data-toggle="tooltip"
title="<?php echo $hesklang['view_permissions_for_this_template'] ?>"></i></a>
<?php if ($row['id'] == 1) { ?>
<i class="fa fa-star icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['admin_cannot_be_staff']; ?>"></i></a>
<?php } elseif ($row['heskprivileges'] == 'ALL' && $row['categories'] == 'ALL'){ ?>
<a href="manage_permission_templates.php?a=deladmin&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-star icon-link orange" data-toggle="tooltip"
title="<?php echo $hesklang['template_has_admin_privileges']; ?>"></i></a>
<?php } elseif ($row['id'] != 2) { ?>
<a href="manage_permission_templates.php?a=addadmin&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-star-o icon-link gray" data-toggle="tooltip"
title="<?php echo $hesklang['template_has_no_admin_privileges']; ?>"></i></a>
<?php
} else {
?>
<i class="fa fa-star-o icon-link gray" data-toggle="tooltip"
title="<?php echo $hesklang['staff_cannot_be_admin']; ?>"></i>
<?php
}
title="<?php echo $hesklang['view_permissions_for_this_group'] ?>"></i></a>
<?php
if ($row['id'] != 1 && $row['id'] != 2):
?>
<a href="manage_permission_templates.php?a=delete&amp;id=<?php echo $row['id']; ?>">
<a href="manage_permission_groups.php?a=delete&amp;id=<?php echo $row['id']; ?>">
<i class="fa fa-times icon-link red" data-toggle="tooltip"
title="<?php echo $hesklang['delete']; ?>"></i></a>
<?php endif; ?>
@ -172,12 +137,10 @@ function createEditModal($template, $features, $categories)
{
global $hesklang;
$showNotice = true;
$disabled = 'checked="checked" disabled';
$enabledFeatures = array();
$enabledCategories = array();
if ($template['heskprivileges'] != 'ALL') {
$showNotice = false;
$disabled = '';
$enabledFeatures = explode(',', $template['heskprivileges']);
$enabledCategories = explode(',', $template['categories']);
@ -187,30 +150,23 @@ function createEditModal($template, $features, $categories)
aria-labelledby="myLargeModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<form action="manage_permission_templates.php" role="form" method="post" id="form<?php echo $template['id']; ?>">
<form action="manage_permission_groups.php" role="form" method="post" id="form<?php echo $template['id']; ?>">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
aria-hidden="true">&times;</span></button>
<h4 class="modal-title"><?php echo sprintf($hesklang['permissions_for_template'], $template['name']); ?></h4>
<h4 class="modal-title"><?php echo sprintf($hesklang['permissions_for_group'], $template['name']); ?></h4>
</div>
<div class="modal-body">
<div class="row">
<?php if ($showNotice): ?>
<div class="col-sm-12">
<div class="alert alert-info">
<i class="fa fa-info-circle"></i> <?php echo $hesklang['template_is_admin_cannot_change']; ?>
</div>
</div>
<?php endif; ?>
<div class="form-group">
<div class="col-sm-2">
<label for="name"
class="control-label"><?php echo $hesklang['template_name']; ?></label>
class="control-label"><?php echo $hesklang['group_name']; ?></label>
</div>
<div class="col-sm-10">
<input type="text" class="form-control" name="name"
value="<?php echo htmlspecialchars($template['name']); ?>"
placeholder="<?php echo htmlspecialchars($hesklang['template_name']); ?>"
placeholder="<?php echo htmlspecialchars($hesklang['group_name']); ?>"
data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
required>
<div class="help-block with-errors"></div>
@ -228,7 +184,7 @@ function createEditModal($template, $features, $categories)
<label>
<?php
$checked = '';
if (in_array($category['id'], $enabledCategories) && !$showNotice) {
if (in_array($category['id'], $enabledCategories)) {
$checked = 'checked';
} ?>
<input type="checkbox" name="categories[]"
@ -249,7 +205,7 @@ function createEditModal($template, $features, $categories)
<div class="checkbox">
<label><?php
$checked = '';
if (in_array($feature, $enabledFeatures) && !$showNotice) {
if (in_array($feature, $enabledFeatures)) {
$checked = 'checked';
} ?>
<input type="checkbox" name="features[]"
@ -266,9 +222,6 @@ function createEditModal($template, $features, $categories)
<div class="modal-footer">
<input type="hidden" name="a" value="save">
<input type="hidden" name="template_id" value="<?php echo $template['id']; ?>">
<?php if ($showNotice): ?>
<input type="hidden" name="name_only" value="1">
<?php endif; ?>
<div class="btn-group">
<input type="submit" class="btn btn-success"
value="<?php echo $hesklang['save_changes']; ?>">
@ -291,22 +244,22 @@ function buildCreateModal($features, $categories)
aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<form action="manage_permission_templates.php" role="form" method="post" id="createForm">
<form action="manage_permission_groups.php" role="form" method="post" id="createForm">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
aria-hidden="true">&times;</span></button>
<h4 class="modal-title"><?php echo $hesklang['create_new_template_title']; ?></h4>
<h4 class="modal-title"><?php echo $hesklang['create_new_group_title']; ?></h4>
</div>
<div class="modal-body">
<div class="row">
<div class="form-group">
<div class="col-sm-2">
<label for="name"
class="control-label"><?php echo $hesklang['template_name']; ?></label>
class="control-label"><?php echo $hesklang['group_name']; ?></label>
</div>
<div class="col-sm-10">
<input type="text" class="form-control" name="name"
placeholder="<?php echo $hesklang['template_name']; ?>" required>
placeholder="<?php echo $hesklang['group_name']; ?>" required>
<div class="help-block with-errors"></div>
</div>
</div>
@ -381,40 +334,34 @@ function save()
WHERE `id` = " . intval($templateId));
$row = hesk_dbFetchAssoc($res);
if (hesk_POST('name_only', 0)) {
// We are only able to update the name
$name = hesk_POST('name');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `name` = '" . hesk_dbEscape($name) . "' WHERE `id` = " . intval($templateId));
} else {
// Add 'can ban emails' if 'can unban emails' is set (but not added). Same with 'can ban ips'
$catArray = hesk_POST_array('categories');
$featArray = hesk_POST_array('features');
validate($featArray, $catArray);
if (in_array('can_unban_emails', $featArray) && !in_array('can_ban_emails', $featArray)) {
array_push($catArray, 'can_ban_emails');
}
if (in_array('can_unban_ips', $featArray) && !in_array('can_ban_ips', $featArray)) {
array_push($featArray, 'can_ban_ips');
}
$categories = implode(',', $catArray);
$features = implode(',', $featArray);
$name = hesk_POST('name');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `categories` = '" . hesk_dbEscape($categories) . "', `heskprivileges` = '" . hesk_dbEscape($features) . "',
`name` = '" . hesk_dbEscape($name) . "'
WHERE `id` = " . intval($templateId));
if ($row['categories'] != $categories || $row['heskprivileges'] != $features) {
// Any users with this template should be switched to "custom"
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `permission_template` = NULL
WHERE `permission_template` = " . intval($templateId));
}
// Add 'can ban emails' if 'can unban emails' is set (but not added). Same with 'can ban ips'
$catArray = hesk_POST_array('categories');
$featArray = hesk_POST_array('features');
validate($featArray, $catArray);
if (in_array('can_unban_emails', $featArray) && !in_array('can_ban_emails', $featArray)) {
array_push($catArray, 'can_ban_emails');
}
if (in_array('can_unban_ips', $featArray) && !in_array('can_ban_ips', $featArray)) {
array_push($featArray, 'can_ban_ips');
}
$categories = implode(',', $catArray);
$features = implode(',', $featArray);
$name = hesk_POST('name');
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `categories` = '" . hesk_dbEscape($categories) . "', `heskprivileges` = '" . hesk_dbEscape($features) . "',
`name` = '" . hesk_dbEscape($name) . "'
WHERE `id` = " . intval($templateId));
if ($row['categories'] != $categories || $row['heskprivileges'] != $features) {
// Any users with this template should have their permissions updated
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `heskprivileges` = '" . hesk_dbEscape($features) . "',
`categories` = '" . hesk_dbEscape($categories) . "'
WHERE `permission_template` = " . intval($templateId));
}
hesk_process_messages($hesklang['permission_template_updated'], $_SERVER['PHP_SELF'], 'SUCCESS');
hesk_process_messages($hesklang['permission_group_updated'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function create()
@ -439,7 +386,7 @@ function create()
hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` (`name`, `heskprivileges`, `categories`)
VALUES ('" . hesk_dbEscape($name) . "', '" . hesk_dbEscape($features) . "', '" . hesk_dbEscape($categories) . "')");
hesk_process_messages($hesklang['template_created'], $_SERVER['PHP_SELF'], 'SUCCESS');
hesk_process_messages($hesklang['group_created'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function validate($features, $categories, $create = false, $name = '')
@ -449,7 +396,7 @@ function validate($features, $categories, $create = false, $name = '')
$errorMarkup = '<ul>';
$isValid = true;
if ($create && $name == '') {
$errorMarkup .= '<li>' . $hesklang['template_name_required'] . '</li>';
$errorMarkup .= '<li>' . $hesklang['group_name_required'] . '</li>';
$isValid = false;
}
if (count($features) == 0) {
@ -463,7 +410,7 @@ function validate($features, $categories, $create = false, $name = '')
$errorMarkup .= '</ul>';
if (!$isValid) {
$error = sprintf($hesklang['permission_template_error'], $errorMarkup);
$error = sprintf($hesklang['permission_group_error'], $errorMarkup);
hesk_process_messages($error, $_SERVER['PHP_SELF']);
}
return true;
@ -483,36 +430,14 @@ function deleteTemplate()
// Otherwise delete the template
hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` WHERE `id` = " . intval($id));
if (hesk_dbAffectedRows() != 1) {
hesk_process_messages($hesklang['no_templates_were_deleted'], $_SERVER['PHP_SELF']);
hesk_process_messages($hesklang['no_group_were_deleted'], $_SERVER['PHP_SELF']);
}
hesk_process_messages($hesklang['permission_template_deleted'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
function toggleAdmin($admin)
{
global $hesk_settings, $hesklang;
$id = hesk_GET('id');
// Move all users who used to be in this group to "custom"
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `permission_template` = NULL
WHERE `permission_template` = " . intval($id));
if ($id == 1 || $id == 2) {
hesk_process_messages($hesklang['cannot_change_admin_staff'], $_SERVER['PHP_SELF']);
}
if ($admin) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates` SET `heskprivileges` = 'ALL',
`categories` = 'ALL' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_now_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
} else {
// Get default privileges
$res = hesk_dbQuery("SELECT `heskprivileges`, `categories` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
WHERE `id` = 2");
$row = hesk_dbFetchAssoc($res);
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`
SET `heskprivileges` = '" . hesk_dbEscape($row['heskprivileges']) . "',
`categories` = '" . hesk_dbEscape($row['categories']) . "' WHERE `id` = " . intval($id));
hesk_process_messages($hesklang['permission_template_no_longer_admin'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
hesk_process_messages($hesklang['permission_group_deleted'], $_SERVER['PHP_SELF'], 'SUCCESS');
}
?>

40
admin/manage_users.php
Unescape Escape View File

@ -214,7 +214,7 @@ if ($action = hesk_REQUEST('a')) {
<th><b><i><?php echo $hesklang['name']; ?></i></b></th>
<th><b><i><?php echo $hesklang['email']; ?></i></b></th>
<th><b><i><?php echo $hesklang['username']; ?></i></b></th>
<th><b><i><?php echo $hesklang['permission_template']; ?></i></b></th>
<th><b><i><?php echo $hesklang['permission_group']; ?></i></b></th>
<?php
/* Is user rating enabled? */
if ($hesk_settings['rating']) {
@ -591,6 +591,7 @@ function update_user()
$myuser['notify_overdue_unassigned'] = 0;
}
/* Check for duplicate usernames */
$res = hesk_dbQuery("SELECT `id`,`isadmin`,`categories`,`heskprivileges` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `user` = '" . hesk_dbEscape($myuser['user']) . "' LIMIT 1");
if (hesk_dbNumRows($res) == 1) {
@ -621,6 +622,31 @@ function update_user()
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 WHERE `owner`='" . intval($myuser['id']) . "' AND `category` NOT IN (" . $myuser['categories'] . ")");
}
// Find the list of categories they are manager of. If they no longer have access to the category, revoke their manager permission.
if ($myuser['isadmin']) {
// Admins can't be managers
hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'categories` SET `manager` = 0 WHERE `manager` = ' . intval($myuser['id']));
} else {
$currentCatRs = hesk_dbQuery("SELECT `categories` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id` = '" . intval($myuser['id']) . "' LIMIT 1");
$rowOfCategories = hesk_dbFetchAssoc($currentCatRs);
$cats = $rowOfCategories['categories'];
$currentCategories = explode(',', $cats);
$newCategories = explode(',', $myuser['categories']);
// If any any elements are in current but not in new, add them to the revoke array
$revokeCats = array();
foreach ($currentCategories as $currentCategory) {
if (!in_array($currentCategory, $newCategories) && $currentCategory != '') {
array_push($revokeCats, $currentCategory);
}
}
if (count($revokeCats) > 0) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `id` IN (" . implode(',', $revokeCats) . ")");
}
}
hesk_dbQuery(
"UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET
`user`='" . hesk_dbEscape($myuser['user']) . "',
@ -651,6 +677,11 @@ function update_user()
`default_calendar_view`=" . intval($myuser['default_calendar_view']) . "
WHERE `id`='" . intval($myuser['id']) . "'");
// If they are now inactive, remove any manager rights
if (!$myuser['active']) {
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser['id']));
}
unset($_SESSION['save_userdata']);
unset($_SESSION['userdata']);
@ -814,6 +845,10 @@ function remove()
hesk_process_messages($hesklang['cant_del_own'], './manage_users.php');
}
// Revoke manager rights
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser));
/* Un-assign all tickets for this user */
$res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `owner`=0 WHERE `owner`='" . intval($myuser) . "'");
@ -877,6 +912,9 @@ function toggle_active()
$active = 0;
$tmp = $hesklang['user_deactivated'];
// Revoke any manager rights
hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `manager` = " . intval($myuser));
$notificationSql = ", `autoassign` = '0', `notify_new_unassigned` = '0', `notify_new_my` = '0', `notify_reply_unassigned` = '0',
`notify_reply_my` = '0', `notify_assigned` = '0', `notify_pm` = '0', `notify_note` = '0', `notify_note_unassigned` = '0', `notify_overdue_unassigned` = '0'";
}

5
api/BusinessLogic/Categories/Category.php
Unescape Escape View File

@ -51,6 +51,11 @@ class Category extends \BaseClass {
*/
public $priority;
/**
* @var int|null The manager for the Categories, if applicable
*/
public $manager;
/**
* @var bool Indication if the user has access to the Categories
*/

6
api/BusinessLogic/Security/UserToTicketChecker.php
Unescape Escape View File

@ -31,6 +31,12 @@ class UserToTicketChecker extends \BaseClass {
return false;
}
$categoryManagerId = $this->userGateway->getManagerForCategory($ticket->categoryId, $heskSettings);
if ($user->id === $categoryManagerId) {
return true;
}
$extraPermissions[] = UserPrivilege::CAN_VIEW_TICKETS;
foreach ($extraPermissions as $permission) {

1
api/Controllers/Categories/CategoryController.php
Unescape Escape View File

@ -63,6 +63,7 @@ class CategoryController extends \BaseClass {
$category->description = Helpers::safeArrayGet($json, 'description');
$category->displayBorder = Helpers::safeArrayGet($json, 'displayBorder');
$category->foregroundColor = Helpers::safeArrayGet($json, 'foregroundColor');
$category->manager = Helpers::safeArrayGet($json, 'manager');
$category->name = Helpers::safeArrayGet($json, 'name');
$category->priority = Helpers::safeArrayGet($json, 'priority');
$category->type = Helpers::safeArrayGet($json, 'type');

6
api/DataAccess/Categories/CategoryGateway.php
Unescape Escape View File

@ -41,6 +41,7 @@ class CategoryGateway extends CommonDao {
$category->foregroundColor = $row['foreground_color'];
$category->displayBorder = $row['display_border_outline'] === '1';
$category->priority = intval($row['priority']);
$category->manager = intval($row['manager']) == 0 ? NULL : intval($row['manager']);
$category->description = $row['mfh_description'];
$category->numberOfTickets = intval($row['number_of_tickets']);
$results[] = $category;
@ -63,11 +64,11 @@ class CategoryGateway extends CommonDao {
$newOrder = hesk_dbFetchAssoc($newOrderRs);
$sql = "INSERT INTO `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories`
(`name`, `cat_order`, `autoassign`, `type`, `priority`, `background_color`, `usage`,
(`name`, `cat_order`, `autoassign`, `type`, `priority`, `manager`, `background_color`, `usage`,
`foreground_color`, `display_border_outline`, `mfh_description`)
VALUES ('" . hesk_dbEscape($category->name) . "', " . intval($newOrder['cat_order']) . ",
'" . ($category->autoAssign ? 1 : 0) . "', '" . intval($category->type) . "',
'" . intval($category->priority) . "',
'" . intval($category->priority) . "', " . ($category->manager === null ? 0 : intval($category->manager)) . ",
'" . hesk_dbEscape($category->backgroundColor) . "', " . intval($category->usage) . ",
'" . hesk_dbEscape($category->foregroundColor) . "', '" . ($category->displayBorder ? 1 : 0) . "',
'" . hesk_dbEscape($category->description) . "')";
@ -94,6 +95,7 @@ class CategoryGateway extends CommonDao {
`autoassign` = '" . ($category->autoAssign ? 1 : 0) . "',
`type` = '" . intval($category->type) . "',
`priority` = '" . intval($category->priority) . "',
`manager` = " . ($category->manager === null ? 0 : intval($category->manager)) . ",
`background_color` = '" . hesk_dbEscape($category->backgroundColor) . "',
`usage` = " . intval($category->usage) . ",
`foreground_color` = '" . hesk_dbEscape($category->foregroundColor) . "',

21
api/DataAccess/Security/UserGateway.php
Unescape Escape View File

@ -99,4 +99,25 @@ class UserGateway extends CommonDao {
return $users;
}
function getManagerForCategory($categoryId, $heskSettings) {
$this->init();
$rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "users`
WHERE `id` = (
SELECT `manager`
FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories`
WHERE `id` = " . intval($categoryId) . ")");
if (hesk_dbNumRows($rs) === 0) {
$this->close();
return null;
}
$user = UserContext::fromDataRow(hesk_dbFetchAssoc($rs));
$this->close();
return $user;
}
}

19
api/Tests/BusinessLogic/Security/UserToTicketCheckerTest.php
Unescape Escape View File

@ -92,4 +92,23 @@ class UserToTicketCheckerTest extends TestCase {
//-- Assert
self::assertThat($result, self::isFalse());
}
function testItReturnsTrueWhenTheUserDoesNotHaveEditPermissionsButIsTheCategoryManager() {
//-- Arrange
$user = new UserContext();
$user->admin = false;
$user->categories = array(1);
$user->permissions = array(UserPrivilege::CAN_VIEW_TICKETS, 'something else');
$user->id = 1;
$this->userGateway->method('getManagerForCategory')->willReturn(1);
$ticket = new Ticket();
$ticket->categoryId = 1;
//-- Act
$result = $this->userToTicketChecker->isTicketAccessibleToUser($user, $ticket, $this->heskSettings, array(UserPrivilege::CAN_EDIT_TICKETS));
//-- Assert
self::assertThat($result, self::isTrue());
}
}

1
inc/common.inc.php
Unescape Escape View File

@ -2026,6 +2026,7 @@ function hesk_getFeatureArray()
'can_service_msg', /* User can manage service messages shown in customer interface */
'can_email_tpl', /* User can manage email templates */
'can_man_ticket_statuses', /* User can manage ticket statuses */
'can_set_manager', /* User can set category managers */
'can_man_permission_tpl', /* User can manage permission templates */
'can_man_settings', /* User can manage helpdesk settings */
'can_change_notification_settings', /* User can change notification settings */

20
inc/profile_functions.inc.php
Unescape Escape View File

@ -162,9 +162,10 @@ function hesk_profile_tab($session_array = 'new', $is_profile_page = true, $acti
if (!$is_profile_page) {
?>
<div role="tabpanel" class="tab-pane fade" id="permissions">
<?php if ($_SESSION['isadmin']): ?>
<div class="form-group">
<label for="administrator"
class="col-md-3 control-label"><?php echo $hesklang['permission_template_colon']; ?></label>
class="col-md-3 control-label"><?php echo $hesklang['permission_group']; ?></label>
<div class="col-md-9">
<?php
@ -181,10 +182,19 @@ function hesk_profile_tab($session_array = 'new', $is_profile_page = true, $acti
$selected = $_SESSION[$session_array]['permission_template'] == '-1' ? 'selected' : '';
echo '<option value="-1" ' . $selected . '>' . htmlspecialchars($hesklang['custom']) . '</option>';
echo '</select>';
outputCheckboxJavascript();
?>
</div>
</div>
<?php elseif ($action == 'edit_user'): ?>
<input type="hidden" name="template"
value="<?php echo $_SESSION[$session_array]['permission_template']; ?>" />
<div id="changed-group-warning" class="alert alert-warning" style="display: none">
<i class="fa fa-exclamation-triangle"></i> <?php echo $hesklang['changing_permissions_will_reset_permission_group']; ?>
</div>
<?php
endif;
outputCheckboxJavascript($action);
?>
<div id="options">
<div class="form-group">
<label for="categories[]"
@ -535,7 +545,7 @@ function hesk_profile_tab($session_array = 'new', $is_profile_page = true, $acti
<?php
} // END hesk_profile_tab()
function outputCheckboxJavascript()
function outputCheckboxJavascript($action)
{
global $hesk_settings, $hesklang;
@ -594,7 +604,9 @@ function outputCheckboxJavascript()
});
}
function setTemplateToCustom() {
$('#permission-tpl').val('-1');
$('input[name=\"template\"]').val('-1');
" . ($action == 'edit_user' ? ($_SESSION['isadmin'] ? '' : "$('#changed-group-warning').show();") : '') . "
}
</script>";
}

4
inc/show_admin_nav.inc.php
Unescape Escape View File

@ -297,9 +297,9 @@ $mails = mfh_get_mail_headers_for_dropdown($_SESSION['id'], $hesk_settings, $hes
$markup .= '
<li class="' . $active . '">
<a href="manage_permission_templates.php">
<a href="manage_permission_groups.php">
<i class="fa fa-fw fa-users" ' . $iconDisplay . '></i>
<span>' . $hesklang['permission_templates'] . '</span>
<span>' . $hesklang['manange_permission_groups_menu'] . '</span>
</a>
</li>';
}

1
install/mods-for-hesk/database-validation.php
Unescape Escape View File

@ -93,6 +93,7 @@ hesk_dbConnect();
$all_good = $all_good & run_column_check('tickets', 'longitude');
$all_good = $all_good & run_column_check('stage_tickets', 'latitude');
$all_good = $all_good & run_column_check('stage_tickets', 'longitude');
$all_good = $all_good & run_column_check('categories', 'manager');
$all_good = $all_good & run_column_check('users', 'permission_template');
$all_good = $all_good & run_table_check('permission_templates');
$all_good = $all_good & run_column_check('permission_templates', 'id');

12
internal-api/js/manage-categories.js
Unescape Escape View File

@ -119,6 +119,12 @@ function loadTable() {
.attr('title', mfhLang.text('geco'));
}
if (this.manager === null) {
$template.find('[data-property="manager"]').text(mfhLang.text('no_manager'));
} else {
$template.find('[data-property="manager"]').text(users[this.manager].name);
}
if (this.id === 1) {
$template.find('[data-action="delete"]').hide();
}
@ -166,6 +172,7 @@ function bindEditModal() {
$modal.find('input[name="name"]').val(element.name).end()
.find('select[name="priority"]').val(element.priority).end()
.find('select[name="manager"]').val(element.manager === null ? 0 : element.manager).end()
.find('input[name="id"]').val(element.id).end()
.find('select[name="usage"]').val(element.usage).end()
.find('input[name="display-border"][value="' + (element.displayBorder ? 1 : 0) + '"]')
@ -258,14 +265,17 @@ function bindFormSubmit() {
var $modal = $('#category-modal');
var foregroundColor = $modal.find('input[name="foreground-color"]').val();
var manager = parseInt($modal.find('select[name="manager"]').val());
var data = {
autoassign: $modal.find('input[name="autoassign"]').val() === 'true',
backgroundColor: $modal.find('input[name="background-color"]').val(),
description: $modal.find('textarea[name="description"]').val(),
displayBorder: $modal.find('input[name="display-border"]:checked').val() === '1',
foregroundColor: $modal.find('input[name="foreground-color"]').val() === '' ? 'AUTO' : $modal.find('input[name="foreground-color"]').val(),
foregroundColor: foregroundColor === '' ? 'AUTO' : foregroundColor,
name: $modal.find('input[name="name"]').val(),
priority: parseInt($modal.find('select[name="priority"]').val()),
manager: manager === 0 ? null : manager,
type: parseInt($modal.find('input[name="type"]:checked').val()),
usage: parseInt($modal.find('select[name="usage"]').val()),
catOrder: parseInt($modal.find('input[name="cat-order"]').val())

54
language/en/text.php
Unescape Escape View File

@ -1831,39 +1831,17 @@ $hesklang['your_current_location'] = 'Your location';
$hesklang['requesting_location_ellipsis'] = 'Requesting location...';
$hesklang['unable_to_determine_location'] = 'Unable to determine your location, or you declined to share it.';
$hesklang['save_to_see_updated_address'] = 'Save the new location to see the updated address';
$hesklang['manage_permission_templates'] = 'Manage Permission Templates';
$hesklang['manage_permission_templates_help'] = 'Here you can create and edit permission templates. These templates will appear when creating/editing a user.
Please note that if you change the permission template\'s settings, it will NOT change the permissions of any users that are set to this permission template.';
$hesklang['manager'] = 'Manager';
$hesklang['manager_updated'] = 'Category manager has been updated.';
$hesklang['can_set_manager'] = 'Can set category managers';
$hesklang['no_manager'] = 'No manager';
$hesklang['number_of_users'] = 'Number of Users';
$hesklang['actions'] = 'Actions';
$hesklang['view_permissions_for_this_template'] = 'View/edit permissions for this template';
$hesklang['permission'] = 'Permission';
$hesklang['permissions_for_template'] = 'Permissions for template <code>%s</code>'; // %s template name
$hesklang['template_has_admin_privileges'] = 'Permission template has admin privileges. Click to set as non-admin';
$hesklang['template_has_no_admin_privileges'] = 'Permission template does not have admin privileges. Click to set as admin';
$hesklang['staff_cannot_be_admin'] = 'Staff permission group does not have admin access, and cannot be set as an admin';
$hesklang['admin_cannot_be_staff'] = 'Administrator permission group has admin access, and cannot be set as non-admin';
$hesklang['template_is_admin_cannot_change'] = 'The permission group currently has admin privileges, so you cannot set specific permissions here.';
$hesklang['permission_template_updated'] = 'Permission template has been updated!';
$hesklang['create_new_template'] = 'Create new permission template';
$hesklang['create_new_template_title'] = 'Create New Permission Template'; // same as create_new_template, but in Title Case
$hesklang['template_name'] = 'Template name';
$hesklang['template_name_required'] = 'Template name required.';
$hesklang['you_must_select_a_category'] = 'You must select at least one category.';
$hesklang['you_must_select_a_feature'] = 'You must select at least one feature.';
$hesklang['permission_template_error'] = 'The permission template could not be completed due to the following error(s): %s'; // %s: error list
$hesklang['template_created'] = 'Permission template successfully created!';
$hesklang['cannot_delete_admin_or_staff'] = 'The <b>Administrator</b> and <b>Staff</b> permission groups cannot be deleted!';
$hesklang['no_templates_were_deleted'] = 'No templates were deleted!';
$hesklang['permission_template_deleted'] = 'Permission template deleted!';
$hesklang['permission_template_now_admin'] = 'Permission template is now designed as an admin template';
$hesklang['permission_template_no_longer_admin'] = 'Permission template is no longer designated as an admin template';
$hesklang['cannot_change_admin_staff'] = 'You cannot change admin/non-admin status for the <b>Administrator</b> and <b>Staff</b> templates!';
$hesklang['permission_tpl_man'] = 'Manage permission templates'; // Menu link
$hesklang['permission_templates'] = 'Permission Templates';
$hesklang['can_man_permission_tpl'] = 'Can manage permission templates';
$hesklang['permission_template_colon'] = 'Permission Template';
$hesklang['permission_template'] = 'Permission Template';
$hesklang['custom'] = 'Custom';
// ADDED OR MODIFIED IN Mods for HESK 2.4.0
@ -2186,5 +2164,29 @@ $hesklang['copied_to_clipboard'] = 'Copied to clipboard';
// If your language is NOT in the supported langauges, leave 'en'
$hesklang['CALENDAR_LANGUAGE']='en';
$hesklang['manage_permission_groups'] = 'Manage Permission Groups';
$hesklang['manage_permission_groups_help'] = 'Here you can create and edit permission groups. These groups will appear when creating/editing a user.
When editing a permission group, all users assigned to this group will also have their permissions updated accordingly.';
$hesklang['view_permissions_for_this_group'] = 'View/edit permissions for this group';
$hesklang['permission'] = 'Permission';
$hesklang['permissions_for_group'] = 'Permissions for group <code>%s</code>'; // %s template name
$hesklang['permission_group_updated'] = 'Permission group has been updated!';
$hesklang['create_new_group'] = 'Create new permission group';
$hesklang['create_new_group_title'] = 'Create New Permission Group'; // same as create_new_template, but in Title Case
$hesklang['group_name'] = 'Group name';
$hesklang['group_name_required'] = 'Group name required.';
$hesklang['permission_group_error'] = 'The permission group could not be saved due to the following error(s): %s'; // %s: error list
$hesklang['group_created'] = 'Permission group successfully created!';
$hesklang['cannot_delete_admin_or_staff'] = 'The <b>Administrator</b> and <b>Staff</b> permission groups cannot be deleted!';
$hesklang['no_groups_were_deleted'] = 'No groups were deleted!';
$hesklang['permission_group_deleted'] = 'Permission group deleted!';
$hesklang['manange_permission_groups_menu'] = 'Permission groups'; // Menu link
$hesklang['permission_groups'] = 'Permission Groups';
$hesklang['can_man_permission_tpl'] = 'Can manage permission groups';
$hesklang['permission_group_colon'] = 'Permission Group:';
$hesklang['permission_group'] = 'Permission Group';
$hesklang['changing_permissions_will_reset_permission_group'] = 'Changing a user\'s categories / features will reset their permission group! Click "Discard Changes" to reset the user\'s categories / features.';
// DO NOT CHANGE BELOW
if (!defined('IN_SCRIPT')) die('PHP syntax OK!');

Write Preview
Loading…
Cancel
Save