You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@vcl.apache.org by jf...@apache.org on 2014/12/12 19:08:36 UTC

svn commit: r1645010 - in /vcl/trunk/web/.ht-inc: computer.php config.php image.php managementnode.php resource.php schedule.php

Author: jfthomps
Date: Fri Dec 12 18:08:35 2014
New Revision: 1645010

URL: http://svn.apache.org/r1645010
Log:
VCL-759 - check user group access to image when creating block allocations

commit r1634677 to utils.php added an extra, optional parameter to getUserResources which affected the key that gets generated and saved in $_SESSION['userresources']; all the places where those keys are generated to clear them from $_SESSION['userresources'] needed to be updated to include the additional argument; these are the places where the key needed to be updated:

computer.php: AJsaveResource, AJsubmitDeleteComputers, AJsubmitCompStateChange, and AJsubmitCompScheduleChange
config.php: addResource
image.php: changeOwnerPermissions
managementnode.php: toggleDeleteResource and AJsaveResource
resource.php: toggleDeleteResource
schedule.php: AJsaveResource


Modified:
    vcl/trunk/web/.ht-inc/computer.php
    vcl/trunk/web/.ht-inc/config.php
    vcl/trunk/web/.ht-inc/image.php
    vcl/trunk/web/.ht-inc/managementnode.php
    vcl/trunk/web/.ht-inc/resource.php
    vcl/trunk/web/.ht-inc/schedule.php

Modified: vcl/trunk/web/.ht-inc/computer.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/computer.php?rev=1645010&r1=1645009&r2=1645010&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/computer.php (original)
+++ vcl/trunk/web/.ht-inc/computer.php Fri Dec 12 18:08:35 2014
@@ -1489,13 +1489,13 @@ class Computer extends Resource {
 		}
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		$args = $this->defaultGetDataArgs;
@@ -3128,9 +3128,9 @@ class Computer extends Resource {
 		}
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		$ret = array('status' => 'success',
@@ -4058,9 +4058,9 @@ class Computer extends Resource {
 		}
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		$ret['msg'] = $msg;
@@ -4484,9 +4484,9 @@ class Computer extends Resource {
 		$msg .= "$schname:<br>$complist\n";
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		$ret = array('status' => 'success',

Modified: vcl/trunk/web/.ht-inc/config.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/config.php?rev=1645010&r1=1645009&r2=1645010&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/config.php (original)
+++ vcl/trunk/web/.ht-inc/config.php Fri Dec 12 18:08:35 2014
@@ -461,9 +461,9 @@ class Config extends Resource {
 		       .        "((SELECT id FROM resourcetype WHERE name = 'config'), "
 		       .        "$id)";
 		doQuery($query);
-		$key = getKey(array(array("{$this->restype}Admin"), array("administer"), 0, 1, 0));
+		$key = getKey(array(array("{$this->restype}Admin"), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array("{$this->restype}Admin"), array("administer"), 0, 0, 0));
+		$key = getKey(array(array("{$this->restype}Admin"), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 		$ret = array('status' => 'success', 'action' => 'add');
 		$ret['item'] = array('id' => $id,

Modified: vcl/trunk/web/.ht-inc/image.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/image.php?rev=1645010&r1=1645009&r2=1645010&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/image.php (original)
+++ vcl/trunk/web/.ht-inc/image.php Fri Dec 12 18:08:35 2014
@@ -943,7 +943,10 @@ class Image extends Resource {
 		       .        "'$agree')";
 		doQuery($query, 101);
 	
-		sendJSON(array('status' => 'success', 'action' => 'update'));
+		$return = array('status' => 'success',
+		                'action' => 'update',
+		                'imageid' => $imageid);
+		sendJSON($return);
 	}
 
 	/////////////////////////////////////////////////////////////////////////////
@@ -1727,9 +1730,9 @@ class Image extends Resource {
 		doQuery($query);
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . 'Admin'), array('manageGroup'), 1, 0, 0));
+		$key = getKey(array(array($this->restype . 'Admin'), array('manageGroup'), 1, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . 'Admin'), array('manageGroup'), 1, 1, 0));
+		$key = getKey(array(array($this->restype . 'Admin'), array('manageGroup'), 1, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 	}
 

Modified: vcl/trunk/web/.ht-inc/managementnode.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/managementnode.php?rev=1645010&r1=1645009&r2=1645010&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/managementnode.php (original)
+++ vcl/trunk/web/.ht-inc/managementnode.php Fri Dec 12 18:08:35 2014
@@ -196,9 +196,9 @@ class ManagementNode extends Resource {
 			return 0;
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		return 1;
@@ -547,13 +547,13 @@ class ManagementNode extends Resource {
 		}
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("manageGroup"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("manageGroup"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("manageGroup"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin", 'mgmtnodeAdmin'), array("manageGroup"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		$tmp = $this->getData(array('includedeleted' => 1, 'rscid' => $data['rscid'], 'alive' => 'neither'));

Modified: vcl/trunk/web/.ht-inc/resource.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/resource.php?rev=1645010&r1=1645009&r2=1645010&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/resource.php (original)
+++ vcl/trunk/web/.ht-inc/resource.php Fri Dec 12 18:08:35 2014
@@ -595,9 +595,9 @@ class Resource {
 		}
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		return 1;

Modified: vcl/trunk/web/.ht-inc/schedule.php
URL: http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/schedule.php?rev=1645010&r1=1645009&r2=1645010&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/schedule.php (original)
+++ vcl/trunk/web/.ht-inc/schedule.php Fri Dec 12 18:08:35 2014
@@ -210,13 +210,13 @@ class Schedule extends Resource {
 		doQuery($query, 101);
 
 		# clear user resource cache for this type
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("administer"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 1, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 1, 0, 0));
 		unset($_SESSION['userresources'][$key]);
-		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 0, 0));
+		$key = getKey(array(array($this->restype . "Admin"), array("manageGroup"), 0, 0, 0, 0));
 		unset($_SESSION['userresources'][$key]);
 
 		$tmp = $this->getData(array('includedeleted' => 0, 'rscid' => $data['rscid']));