Merge branch 'patch-skip-irrelevant-dashlets' into 'stable-3.1'

Show harddisk and database quota dashlet only when user has access See merge request ispconfig/ispconfig3!964

Merge branch 'patch-skip-irrelevant-dashlets' into 'stable-3.1'
0113a3f3 · Marius Burkard · 53c84aa8 · cf593c7d · 0113a3f3 · 0113a3f3
Commit 0113a3f3 authored 5 years ago by Marius Burkard
--- a/interface/lib/classes/auth.inc.php
+++ b/interface/lib/classes/auth.inc.php
@@ -141,12 +141,18 @@ class auth {
 		}
 	}
-	public function check_module_permissions($module) {
+       /**
+        * Check that the user has access to the given module.
+        *
+        * @return boolean
+        */
+       public function verify_module_permissions($module)  {
 		// Check if the current user has the permissions to access this module
 		$module = trim(preg_replace('@\s+@', '', $module));
 		$user_modules = explode(',',$_SESSION["s"]["user"]["modules"]);
+               $can_use_module = false;
 		if(strpos($module, ',') !== false){
-			$can_use_module = false;
 			$tmp_modules = explode(',', $module);
 			if(is_array($tmp_modules) && !empty($tmp_modules)){
 				foreach($tmp_modules as $tmp_module){
@@ -158,17 +164,21 @@ class auth {
 					}
 				}
 			}
-			if(!$can_use_module){
+               }
-				// echo "LOGIN_REDIRECT:/index.php";
+               elseif(in_array($module,$user_modules)) {
-				header("Location: /index.php");
+                       $can_use_module = true;
-				exit;
+               }
-			}
+               return $can_use_module;
-		} else {
+       }
-			if(!in_array($module,$user_modules)) {
-				// echo "LOGIN_REDIRECT:/index.php";
+       /**
-				header("Location: /index.php");
+        * Check that the user has access to the given module, redirect and exit on failure.
-				exit;
+        */
-			}
+       public function check_module_permissions($module)  {
+               if(!$this->verify_module_permissions($module)) {
+                       // echo "LOGIN_REDIRECT:/index.php";
+                       header("Location: /index.php");
+                       exit;
 		}
 	}

--- a/interface/web/dashboard/dashlets/databasequota.php
+++ b/interface/web/dashboard/dashlets/databasequota.php
@@ -7,6 +7,9 @@ class dashlet_databasequota {
 		//* Loading Template
 		$app->uses('tpl,quota_lib');
+               if (!$app->auth->verify_module_permissions('sites')) {
+                       return;
+               }
 		$tpl = new tpl;
 		$tpl->newTemplate("dashlets/templates/databasequota.htm");

--- a/interface/web/dashboard/dashlets/quota.php
+++ b/interface/web/dashboard/dashlets/quota.php
@@ -7,6 +7,9 @@ class dashlet_quota {
 		//* Loading Template
 		$app->uses('tpl,quota_lib');
+               if (!$app->auth->verify_module_permissions('sites')) {
+                       return;
+               }
 		$tpl = new tpl;
 		$tpl->newTemplate("dashlets/templates/quota.htm");