1<?php 2 3use App\Models\DeviceGroup; 4use App\Models\User; 5 6$no_refresh = true; 7 8require 'includes/html/javascript-interfacepicker.inc.php'; 9 10echo "<div style='margin: 10px;'>"; 11 12$pagetitle[] = 'Edit user'; 13 14if (! Auth::user()->hasGlobalAdmin()) { 15 include 'includes/html/error-no-perm.inc.php'; 16} else { 17 if ($vars['user_id'] && ! $vars['edit']) { 18 /** @var User $user */ 19 $user = User::find($vars['user_id']); 20 $user_data = $user->toArray(); // for compatibility with current code 21 22 echo '<p><h2>' . $user_data['realname'] . '</h2></p>'; 23 // Perform actions if requested 24 if ($vars['action'] == 'deldevperm') { 25 if (dbFetchCell('SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?', [$vars['device_id'], $user_data['user_id']])) { 26 dbDelete('devices_perms', '`device_id` = ? AND `user_id` = ?', [$vars['device_id'], $user_data['user_id']]); 27 } 28 } 29 30 if ($vars['action'] == 'adddevperm') { 31 if (! dbFetchCell('SELECT COUNT(*) FROM devices_perms WHERE `device_id` = ? AND `user_id` = ?', [$vars['device_id'], $user_data['user_id']])) { 32 dbInsert(['device_id' => $vars['device_id'], 'user_id' => $user_data['user_id']], 'devices_perms'); 33 } 34 } 35 36 if ($vars['action'] == 'deldevgroupperm') { 37 $user->deviceGroups()->detach($vars['device_group_id']); 38 } 39 40 if ($vars['action'] == 'adddevgroupperm') { 41 $user->deviceGroups()->syncWithoutDetaching($vars['device_group_id']); 42 } 43 44 if ($vars['action'] == 'delifperm') { 45 if (dbFetchCell('SELECT COUNT(*) FROM ports_perms WHERE `port_id` = ? AND `user_id` = ?', [$vars['port_id'], $user_data['user_id']])) { 46 dbDelete('ports_perms', '`port_id` = ? AND `user_id` = ?', [$vars['port_id'], $user_data['user_id']]); 47 } 48 } 49 50 if ($vars['action'] == 'addifperm') { 51 if (! dbFetchCell('SELECT COUNT(*) FROM ports_perms WHERE `port_id` = ? AND `user_id` = ?', [$vars['port_id'], $user_data['user_id']])) { 52 dbInsert(['port_id' => $vars['port_id'], 'user_id' => $user_data['user_id']], 'ports_perms'); 53 } 54 } 55 56 if ($vars['action'] == 'delbillperm') { 57 if (dbFetchCell('SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?', [$vars['bill_id'], $user_data['user_id']])) { 58 dbDelete('bill_perms', '`bill_id` = ? AND `user_id` = ?', [$vars['bill_id'], $user_data['user_id']]); 59 } 60 } 61 62 if ($vars['action'] == 'addbillperm') { 63 if (! dbFetchCell('SELECT COUNT(*) FROM bill_perms WHERE `bill_id` = ? AND `user_id` = ?', [$vars['bill_id'], $user_data['user_id']])) { 64 dbInsert(['bill_id' => $vars['bill_id'], 'user_id' => $user_data['user_id']], 'bill_perms'); 65 } 66 } 67 68 echo '<div class="row"> 69 <div class="col-md-4">'; 70 71 // Display devices this users has access to 72 echo '<h3>Device Access</h3>'; 73 74 echo "<div class='panel panel-default panel-condensed'> 75 <table class='table table-hover table-condensed table-striped'> 76 <tr> 77 <th>Device</th> 78 <th>Action</th> 79 </tr>"; 80 81 $device_perms = dbFetchRows('SELECT * from devices_perms as P, devices as D WHERE `user_id` = ? AND D.device_id = P.device_id', [$user_data['user_id']]); 82 foreach ($device_perms as $device_perm) { 83 echo '<tr><td><strong>' . format_hostname($device_perm) . "</td><td> <a href='edituser/action=deldevperm/user_id=" . $vars['user_id'] . '/device_id=' . $device_perm['device_id'] . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a></strong></td></tr>"; 84 $access_list[] = $device_perm['device_id']; 85 $permdone = 'yes'; 86 } 87 88 echo '</table> 89 </div>'; 90 91 if (! $permdone) { 92 echo 'None Configured'; 93 } 94 95 // Display devices this user doesn't have access to 96 echo '<h4>Grant access to new device</h4>'; 97 echo "<form class='form-inline' role='form' method='post' action=''> 98 " . csrf_field() . " 99 <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> 100 <input type='hidden' value='edituser' name='page'> 101 <input type='hidden' value='adddevperm' name='action'> 102 <div class='form-group'> 103 <label class='sr-only' for='device_id'>Device</label> 104 <select name='device_id' id='device_id' class='form-control'>"; 105 106 $devices = dbFetchRows('SELECT * FROM `devices` ORDER BY hostname'); 107 foreach ($devices as $device) { 108 unset($done); 109 foreach ($access_list as $ac) { 110 if ($ac == $device['device_id']) { 111 $done = 1; 112 } 113 } 114 115 if (! $done) { 116 echo "<option value='" . $device['device_id'] . "'>" . format_hostname($device, $device['hostname']) . '</option>'; 117 } 118 } 119 120 echo "</select> 121 </div> 122 <button type='submit' class='btn btn-default' name='Submit'>Add</button></form>"; 123 124 echo '</div> 125 <div class="col-md-4">'; 126 127 // Display devices this users has access to 128 echo '<h3>Device access via Device Group (beta)</h3>'; 129 130 echo "<div class='panel panel-default panel-condensed'> 131 <table class='table table-hover table-condensed table-striped'> 132 <tr> 133 <th>Device Group</th> 134 <th>Action</th> 135 </tr>"; 136 137 foreach ($user->deviceGroups as $device_group_perm) { 138 echo '<tr><td><strong>' . $device_group_perm->name . "</td><td> <a href='edituser/action=deldevgroupperm/user_id=" . $user->user_id . '/device_group_id=' . $device_group_perm->id . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a></strong></td></tr>"; 139 } 140 141 echo '</table> 142 </div>'; 143 144 if ($user->deviceGroups->isEmpty()) { 145 echo 'None Configured'; 146 } 147 148 // Display device groups this user doesn't have access to 149 echo '<h4>Grant access to new Device Group</h4>'; 150 $allow_dynamic = \LibreNMS\Config::get('permission.device_group.allow_dynamic'); 151 if (! $allow_dynamic) { 152 echo '<i>Dynamic groups are disabled, set permission.device_group.allow_dynamic to enable.</i>'; 153 } 154 155 echo "<form class='form-inline' role='form' method='post' action=''> 156 " . csrf_field() . " 157 <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> 158 <input type='hidden' value='edituser' name='page'> 159 <input type='hidden' value='adddevgroupperm' name='action'> 160 <div class='form-group'> 161 <label class='sr-only' for='device_group_id'>Device</label> 162 <select name='device_group_id' id='device_group_id' class='form-control'>"; 163 164 $device_groups = DeviceGroup::query() 165 ->whereNotIn('id', $user->deviceGroups->pluck('id')) 166 ->when(! $allow_dynamic, function ($query) { 167 return $query->where('type', 'static'); 168 }) 169 ->orderBy('name') 170 ->get(['id', 'name']); 171 172 foreach ($device_groups as $group) { 173 echo '<option value="' . $group->id . '">' . $group->name . '</option>'; 174 } 175 176 echo "</select> 177 </div> 178 <button type='submit' class='btn btn-default' name='Submit'>Add</button></form>"; 179 180 echo "</div></div> 181 182 <div class='row'> 183 <div class='col-md-4'>"; 184 echo '<h3>Interface Access</h3>'; 185 186 $interface_perms = dbFetchRows('SELECT * from ports_perms as P, ports as I, devices as D WHERE `user_id` = ? AND I.port_id = P.port_id AND D.device_id = I.device_id', [$user_data['user_id']]); 187 188 echo "<div class='panel panel-default panel-condensed'> 189 <table class='table table-hover table-condensed table-striped'> 190 <tr> 191 <th>Interface name</th> 192 <th>Action</th> 193 </tr>"; 194 foreach ($interface_perms as $interface_perm) { 195 echo '<tr> 196 <td> 197 <strong>' . $interface_perm['hostname'] . ' - ' . $interface_perm['ifDescr'] . '</strong>' . '' . \LibreNMS\Util\Clean::html($interface_perm['ifAlias'], []) . " 198 </td> 199 <td> 200 <a href='edituser/action=delifperm/user_id=" . $user_data['user_id'] . '/port_id=' . $interface_perm['port_id'] . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a> 201 </td> 202 </tr>"; 203 $ipermdone = 'yes'; 204 } 205 206 echo '</table> 207 </div>'; 208 209 if (! $ipermdone) { 210 echo 'None Configured'; 211 } 212 213 // Display interfaces this user doesn't have access to 214 echo '<h4>Grant access to new interface</h4>'; 215 216 echo "<form action='' method='post' class='form-horizontal' role='form'> 217 " . csrf_field() . " 218 <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> 219 <input type='hidden' value='edituser' name='page'> 220 <input type='hidden' value='addifperm' name='action'> 221 <div class='form-group'> 222 <label for='device' class='col-sm-2 control-label'>Device: </label> 223 <div class='col-sm-10'> 224 <select id='device' class='form-control' name='device' onchange='getInterfaceList(this)'> 225 <option value=''>Select a device</option>"; 226 227 foreach ($devices as $device) { 228 unset($done); 229 foreach ($access_list as $ac) { 230 if ($ac == $device['device_id']) { 231 $done = 1; 232 } 233 } 234 235 if (! $done) { 236 echo "<option value='" . $device['device_id'] . "'>" . format_hostname($device, $device['hostname']) . '</option>'; 237 } 238 } 239 240 echo "</select> 241 </div> 242 </div> 243 <div class='form-group'> 244 <label for='port_id' class='col-sm-2 control-label'>Interface: </label> 245 <div class='col-sm-10'> 246 <select class='form-control' id='port_id' name='port_id'> 247 </select> 248 </div> 249 </div> 250 <div class='form-group'> 251 <div class='col-sm-12'> 252 <button type='submit' class='btn btn-default' name='Submit' value='Add'>Add</button> 253 </div> 254 </div> 255 </form>"; 256 257 echo "</div> 258 <div class='col-md-4'>"; 259 echo '<h3>Bill Access</h3>'; 260 261 $bill_perms = dbFetchRows('SELECT * from bills AS B, bill_perms AS P WHERE P.user_id = ? AND P.bill_id = B.bill_id', [$user_data['user_id']]); 262 263 echo "<div class='panel panel-default panel-condensed'> 264 <table class='table table-hover table-condensed table-striped'> 265 <tr> 266 <th>Bill name</th> 267 <th>Action</th> 268 </tr>"; 269 270 foreach ($bill_perms as $bill_perm) { 271 echo '<tr> 272 <td> 273 <strong>' . $bill_perm['bill_name'] . "</strong></td><td width=50> <a href='edituser/action=delbillperm/user_id=" . $vars['user_id'] . '/bill_id=' . $bill_perm['bill_id'] . "'><i class='fa fa-trash fa-lg icon-theme' aria-hidden='true'></i></a> 274 </td> 275 </tr>"; 276 $bill_access_list[] = $bill_perm['bill_id']; 277 278 $bpermdone = 'yes'; 279 } 280 281 echo '</table> 282 </div>'; 283 284 if (! $bpermdone) { 285 echo 'None Configured'; 286 } 287 288 // Display devices this user doesn't have access to 289 echo '<h4>Grant access to new bill</h4>'; 290 echo "<form method='post' action='' class='form-inline' role='form'> 291 " . csrf_field() . " 292 <input type='hidden' value='" . $user_data['user_id'] . "' name='user_id'> 293 <input type='hidden' value='edituser' name='page'> 294 <input type='hidden' value='addbillperm' name='action'> 295 <div class='form-group'> 296 <label class='sr-only' for='bill_id'>Bill</label> 297 <select name='bill_id' class='form-control' id='bill_id'>"; 298 299 $bills = dbFetchRows('SELECT * FROM `bills` ORDER BY `bill_name`'); 300 foreach ($bills as $bill) { 301 unset($done); 302 foreach ($bill_access_list as $ac) { 303 if ($ac == $bill['bill_id']) { 304 $done = 1; 305 } 306 } 307 308 if (! $done) { 309 echo "<option value='" . $bill['bill_id'] . "'>" . $bill['bill_name'] . '</option>'; 310 } 311 } 312 313 echo "</select> 314 </div> 315 <button type='submit' class='btn btn-default' name='Submit' value='Add'>Add</button> 316 </form> 317 </div>"; 318 } else { 319 echo '<script>window.location.replace("' . url('users') . '");</script>'; 320 }//end if 321}//end if 322 323echo '</div>'; 324