Author: Lars Michelsen <[email protected]>
Date: Wed Jun 5 10:09:25 2013 +0200
Committer: Lars Michelsen <[email protected]>
Commit-Date: Wed Jun 5 10:09:25 2013 +0200
Added option to perform privilege switch to a user with less permissions
for viewing maps in the context of this user
---
ChangeLog | 2 ++
share/server/core/classes/GlobalIndexPage.php | 12 ++++++++++--
share/server/core/classes/GlobalMainCfg.php | 10 ++++++++++
3 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 0cd80f5..f684db4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
1.7.9
Core:
* Livestatus: Fixed handling of hosts/services without custom variables
+ * Added option to perform privilege switch to a user with less permissions
+ for viewing maps in the context of this user
1.7.8
Automap:
diff --git a/share/server/core/classes/GlobalIndexPage.php
b/share/server/core/classes/GlobalIndexPage.php
index b783ea2..7105845 100644
--- a/share/server/core/classes/GlobalIndexPage.php
+++ b/share/server/core/classes/GlobalIndexPage.php
@@ -50,12 +50,20 @@ class GlobalIndexPage {
// If the parameter filterUser is set, filter the maps by the username
// given in this parameter. This is a mechanism to be authed as generic
- // user but see the maps of another user.
- if(isset($_GET['filterUser']) && $_GET['filterUser'] != '') {
+ // user but see the maps of another user. This feature is disabled by
+ // default but could be enabled if you need it.
+ if(cfg('global', 'user_filtering') && isset($_GET['filterUser']) &&
$_GET['filterUser'] != '') {
$AUTHORISATION2 = new CoreAuthorisationHandler();
$AUTHORISATION2->parsePermissions($_GET['filterUser']);
if(!$AUTHORISATION2->isPermitted('Map', 'view', $mapName))
return null;
+
+ // Switch the auth cookie to this user
+ global $SHANDLER;
+ $SHANDLER->aquire();
+ $SHANDLER->set('authCredentials', array('user' =>
$_GET['filterUser'], 'password' => ''));
+ $SHANDLER->set('authTrusted', true);
+ $SHANDLER->commit();
}
$map = Array('object_id' => $objectId);
diff --git a/share/server/core/classes/GlobalMainCfg.php
b/share/server/core/classes/GlobalMainCfg.php
index eb216c5..20828c2 100644
--- a/share/server/core/classes/GlobalMainCfg.php
+++ b/share/server/core/classes/GlobalMainCfg.php
@@ -223,10 +223,19 @@ class GlobalMainCfg {
'match' => MATCH_STRING
),
+ 'user_filtering' => Array(
+ 'must' => 0,
+ 'editable' => 1,
+ 'default' => 0,
+ 'field_type' => 'boolean',
+ 'match' => MATCH_BOOLEAN
+ ),
+
'refreshtime' => Array('must' => 1,
'editable' => 1,
'default' => '60',
'match' => MATCH_INTEGER),
+
'sesscookiedomain' => Array('must' => 0,
'editable' => 1,
'default' => '',
@@ -244,6 +253,7 @@ class GlobalMainCfg {
'default' => '0',
'field_type' => 'boolean',
'match' => MATCH_BOOLEAN),
+
'startmodule' => Array('must' => 1,
'editable' => 1,
'default' => 'Overview',
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Nagvis-checkins mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nagvis-checkins
