diff options
| author | Dj Padzensky <djpadz@padz.net> | 2016-07-14 13:20:56 -0700 |
|---|---|---|
| committer | Dj Padzensky <djpadz@padz.net> | 2016-07-14 13:20:56 -0700 |
| commit | 5969eb8e3030c822333872f24daa23b9eac1f4f7 (patch) | |
| tree | 3bacb341f515b214211676689d899172336cd52f | |
| parent | 6e35d8f22aa828b9dcd72d749034754e1a00a525 (diff) | |
Added tighter access controls to profile section
| -rw-r--r-- | app/Template/user_modification/show.php | 8 | ||||
| -rw-r--r-- | app/Template/user_view/sidebar.php | 68 |
2 files changed, 46 insertions, 30 deletions
diff --git a/app/Template/user_modification/show.php b/app/Template/user_modification/show.php index 396d550d..506c9161 100644 --- a/app/Template/user_modification/show.php +++ b/app/Template/user_modification/show.php @@ -11,16 +11,16 @@ <?= $this->form->text('username', $values, $errors, array('required', isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1 ? 'readonly' : '', 'maxlength="50"')) ?> <?= $this->form->label(t('Name'), 'name') ?> - <?= $this->form->text('name', $values, $errors) ?> + <?= $this->form->text('name', $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_name') ? '' : 'readonly')) ?> <?= $this->form->label(t('Email'), 'email') ?> - <?= $this->form->email('email', $values, $errors) ?> + <?= $this->form->email('email', $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_email') ? '' : 'readonly')) ?> <?= $this->form->label(t('Timezone'), 'timezone') ?> - <?= $this->form->select('timezone', $timezones, $values, $errors) ?> + <?= $this->form->select('timezone', $timezones, $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_timezone') ? '' : 'disabled')) ?> <?= $this->form->label(t('Language'), 'language') ?> - <?= $this->form->select('language', $languages, $values, $errors) ?> + <?= $this->form->select('language', $languages, $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_language') ? '' : 'disabled')) ?> <?php if ($this->user->isAdmin()): ?> <?= $this->form->label(t('Role'), 'role') ?> diff --git a/app/Template/user_view/sidebar.php b/app/Template/user_view/sidebar.php index d200a7f5..3dc6b7bc 100644 --- a/app/Template/user_view/sidebar.php +++ b/app/Template/user_view/sidebar.php @@ -12,18 +12,26 @@ </li> <?php endif ?> <?php if ($this->user->isAdmin() || $this->user->isCurrentUser($user['id'])): ?> - <li <?= $this->app->checkMenuSelection('UserViewController', 'timesheet') ?>> - <?= $this->url->link(t('Time tracking'), 'UserViewController', 'timesheet', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'lastLogin') ?>> - <?= $this->url->link(t('Last logins'), 'UserViewController', 'lastLogin', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'sessions') ?>> - <?= $this->url->link(t('Persistent connections'), 'UserViewController', 'sessions', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'passwordReset') ?>> - <?= $this->url->link(t('Password reset history'), 'UserViewController', 'passwordReset', array('user_id' => $user['id'])) ?> - </li> + <?php if ($this->user->hasAccess('UserViewController', 'timesheet')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'timesheet') ?>> + <?= $this->url->link(t('Time tracking'), 'UserViewController', 'timesheet', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'lastLogin')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'lastLogin') ?>> + <?= $this->url->link(t('Last logins'), 'UserViewController', 'lastLogin', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'sessions')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'sessions') ?>> + <?= $this->url->link(t('Persistent connections'), 'UserViewController', 'sessions', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'passwordReset')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'passwordReset') ?>> + <?= $this->url->link(t('Password reset history'), 'UserViewController', 'passwordReset', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> <?php endif ?> <?= $this->hook->render('template:user:sidebar:information', array('user' => $user)) ?> @@ -42,13 +50,13 @@ </li> <?php endif ?> - <?php if ($user['is_ldap_user'] == 0): ?> + <?php if ($user['is_ldap_user'] == 0 && $this->user->hasAccess('UserCredentialController', 'changePassword')): ?> <li <?= $this->app->checkMenuSelection('UserCredentialController', 'changePassword') ?>> <?= $this->url->link(t('Change password'), 'UserCredentialController', 'changePassword', array('user_id' => $user['id'])) ?> </li> <?php endif ?> - <?php if ($this->user->isCurrentUser($user['id'])): ?> + <?php if ($this->user->isCurrentUser($user['id']) && $this->user->hasAccess('TwoFactorController', 'index')): ?> <li <?= $this->app->checkMenuSelection('TwoFactorController', 'index') ?>> <?= $this->url->link(t('Two factor authentication'), 'TwoFactorController', 'index', array('user_id' => $user['id'])) ?> </li> @@ -58,18 +66,26 @@ </li> <?php endif ?> - <li <?= $this->app->checkMenuSelection('UserViewController', 'share') ?>> - <?= $this->url->link(t('Public access'), 'UserViewController', 'share', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'notifications') ?>> - <?= $this->url->link(t('Notifications'), 'UserViewController', 'notifications', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'external') ?>> - <?= $this->url->link(t('External accounts'), 'UserViewController', 'external', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'integrations') ?>> - <?= $this->url->link(t('Integrations'), 'UserViewController', 'integrations', array('user_id' => $user['id'])) ?> - </li> + <?php if ($this->user->hasAccess('UserViewController', 'share')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'share') ?>> + <?= $this->url->link(t('Public access'), 'UserViewController', 'share', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'notifications')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'notifications') ?>> + <?= $this->url->link(t('Notifications'), 'UserViewController', 'notifications', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'external')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'external') ?>> + <?= $this->url->link(t('External accounts'), 'UserViewController', 'external', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'integrations')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'integrations') ?>> + <?= $this->url->link(t('Integrations'), 'UserViewController', 'integrations', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> <?php endif ?> <?php if ($this->user->hasAccess('UserCredentialController', 'changeAuthentication')): ?> |