Skip to content

Commit

Permalink
Added some rights checking to the image management stuff. opendcim#326
Browse files Browse the repository at this point in the history
  • Loading branch information
@wilpig
wilpig committed Feb 2, 2014
1 parent d547c87 commit c279ae1
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 7 deletions.
34 changes: 30 additions & 4 deletions image_management.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@
<script type="text/javascript" src="scripts/jquery.uploadifive.min.js"></script>
<script type="text/javascript">
function makeThumb(path,file){
return $('<div>').append($('<div>').css('background-image', 'url('+path+'/'+file+')')).append($('<div>').addClass('filename').text(file))
return $('<div>').append($('<div>').css('background-image', 'url("'+path+'/'+file+'")')).append($('<div>').addClass('filename').text(file))
}
function reload(target){
$('#'+target).children().remove();
Expand All @@ -94,6 +94,12 @@ function reload(target){
<div class="main">
<h2><?php echo $config->ParameterArray['OrgName']; ?></h2>
<h2>OpenDCIM Image File Management</h2>

<?php
// Only show the device pictures if they have global write access or site admin.
if($user->SiteAdmin || $user->WriteAccess){
?>

<div class="center"><div>
<div class="heading">Device Type Pictures</div>
<input type="file" name="dev_file_upload" data-dir="pictures" id="dev_file_upload" />
Expand Down Expand Up @@ -121,13 +127,27 @@ function reload(target){
});
</script>
</div><div>
<?php echo $devimageselect; ?>

<div class="preview" id="pictures">
</div>

</div></div><!-- END div.center -->

<?php
}

// Only show the site drawings if they have site admin rights.
if($user->SiteAdmin){
?>

<div class="center"><div>
<div class="heading">Datacenter / Room Drawings</div>
<input type="file" name="drawing_file_upload" data-dir="drawings" id="drawing_file_upload" />

</div><div>

<div class="preview" id="drawings">
</div>
<script type="text/javascript">
<?php $timestamp = time();?>
$(function() {
Expand All @@ -150,11 +170,17 @@ function reload(target){
});
});
</script>
</div><div>
<?php echo $facimageselect; ?>
</div></div><!-- END div.center -->

<?php } ?>


</div><!-- END div.main -->
</div><!-- END div.page -->
<script type="text/javascript">
$('.center input').each(function(){
reload($(this).data('dir'));
});
</script>
</body>
</html>
4 changes: 3 additions & 1 deletion misc.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -558,6 +558,7 @@ function locale_number( $number, $decimals=2 ) {
if ( $user->WriteAccess ) {
$wamenu[__("Template Management")][]='<a href="device_templates.php"><span>'.__("Edit Device Templates").'</span></a>';
$wamenu[__("Infrastructure Management")][]='<a href="cabinets.php"><span>'.__("Edit Cabinets").'</span></a>';
$wamenu[__("Template Management")][]='<a href="image_management.php#pictures"><span>'.__("Device Image Management").'</span></a>';
}
if ( $user->SiteAdmin ) {
$samenu[__("User Administration")][]='<a href="usermgr.php"><span>'.__("Manage Users").'</span></a>';
Expand All @@ -570,11 +571,12 @@ function locale_number( $number, $decimals=2 ) {
$samenu[__("Infrastructure Management")][]='<a href="container.php"><span>'.__("Edit Containers").'</span></a>';
$samenu[__("Infrastructure Management")][]='<a href="zone.php"><span>'.__("Edit Zones").'</span></a>';
$samenu[__("Infrastructure Management")][]='<a href="cabrow.php"><span>'.__("Edit Rows of Cabinets").'</span></a>';
$samenu[__("Infrastructure Management")][]='<a href="image_management.php#drawings"><span>'.__("Facilities Image Management").'</span></a>';
$samenu[__("Power Management")][]='<a href="power_source.php"><span>'.__("Edit Power Sources").'</span></a>';
$samenu[__("Power Management")][]='<a href="power_panel.php"><span>'.__("Edit Power Panels").'</span></a>';
$samenu[__("Power Management")][]='<a href="cdu_templates.php"><span>'.__("Edit CDU Templates").'</span></a>';
$samenu[]='<a href="configuration.php"><span>'.__("Edit Configuration").'</span></a>';
$samenu[__("Path Connections")][]='<a href="paths.php"><span>'.__("View Path Connection").'</span></a>';
$samenu[__("Path Connections")][]='<a href="pathmaker.php"><span>'.__("Make Path Connection").'</span></a>';
$samenu[]='<a href="configuration.php"><span>'.__("Edit Configuration").'</span></a>';
}
?>
2 changes: 1 addition & 1 deletion scripts/uploadifive.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@

$verifyToken = md5('unique_salt' . $_POST['timestamp']);

if (!empty($_FILES) && $_POST['token'] == $verifyToken) {
if (!empty($_FILES) && $_POST['token'] == $verifyToken && ($user->WriteAccess || $user->SiteAdmin)) {
$tempFile = $_FILES['Filedata']['tmp_name'];
$uploadDir = $_SERVER['DOCUMENT_ROOT'] . $uploadDir;
$targetFile = $uploadDir.DIRECTORY_SEPARATOR.str_replace(' ','_',$_FILES['Filedata']['name']);
Expand Down
3 changes: 2 additions & 1 deletion sidebar.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,8 @@ function buildmenu($menu){
}

$("#sidebar .nav a").each(function(){
if($(this).attr("href")=="<?php echo basename($_SERVER['PHP_SELF']);?>"){
var loc=window.location;
if($(this).attr("href")=="<?php echo basename($_SERVER['PHP_SELF']);?>" || $(this).attr("href")==loc.href.substr(loc.href.indexOf(loc.host)+loc.host.length+1)){
$(this).addClass("active");
$(this).parentsUntil("#ui-id-1","li").children('a:first-child').addClass("active");
}
Expand Down

0 comments on commit c279ae1

Please sign in to comment.