Users with admin-access-control-permissions RW are no longer able to change superuser permissions.
This commit is contained in:
@@ -46,6 +46,15 @@ $stmt = $GLOBALS['pdo']->prepare($query);
|
||||
$stmt->execute([$user_group_uuid]);
|
||||
$group_permissions = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
$toggleDisabled = false;
|
||||
if ($user_group['user_group_weight'] < $_SESSION['user']['user_group_weight']) {
|
||||
$toggleDisabled = true;
|
||||
}
|
||||
|
||||
if (!$API->checkPermissions('admin-access-control-permissions', 'RW', true)) {
|
||||
$toggleDisabled = true;
|
||||
}
|
||||
|
||||
# Set breadcrumb data
|
||||
array_push($GLOBALS['breadCrumbArray'], array('display' => __('user_groups'), 'href' => '/accesscontrol/#user-groups'));
|
||||
array_push($GLOBALS['breadCrumbArray'], array('display' => $user_group['user_group_name'], 'href' => ''));
|
||||
@@ -121,28 +130,35 @@ $pageNavbar->outPutNavbar();
|
||||
</tr>
|
||||
</tfoot>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
|
||||
<?php if ($toggleDisabled) { ?>
|
||||
<div class="alert alert-warning" role="alert">
|
||||
<?php echo __('not_allowed_to_change_due_to_group_weight') ?>
|
||||
</div>
|
||||
<?php }
|
||||
|
||||
foreach ($group_permissions as $group_permissions_data) { ?>
|
||||
<tr>
|
||||
<td><?php echo $group_permissions_data['permission_name'] ?> </td>
|
||||
<td>
|
||||
<label class="switch">
|
||||
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="NA" data-api-url="/api/v1/access-rights/" <?php echo(($group_permissions_data['permission_value'] == 'NA') ? 'checked' : '') ?>
|
||||
<?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>>
|
||||
<?php echo ($toggleDisabled) ? 'disabled' : '' ?>>
|
||||
<div class="slider"></div>
|
||||
</label>
|
||||
</td>
|
||||
<td>
|
||||
<label class="switch">
|
||||
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="RO" data-api-url="/api/v1/access-rights/" <?php echo(($group_permissions_data['permission_value'] == 'RO') ? 'checked' : '') ?>
|
||||
<?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>>
|
||||
<?php echo ($toggleDisabled) ? 'disabled' : '' ?>>
|
||||
<div class="slider"></div>
|
||||
</label>
|
||||
</td>
|
||||
<td>
|
||||
<label class="switch">
|
||||
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="RW" data-api-url="/api/v1/access-rights/" <?php echo(($group_permissions_data['permission_value'] == 'RW') ? 'checked' : '') ?>
|
||||
<?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>>
|
||||
<?php echo ($toggleDisabled) ? 'disabled' : '' ?>>
|
||||
<div class="slider"></div>
|
||||
</label>
|
||||
</td>
|
||||
|
||||
Reference in New Issue
Block a user