From a94ccb9d1585f0b6b241f5f1468a1c8ce16f0564 Mon Sep 17 00:00:00 2001
From: thom <thom@amsterdamtech.nl>
Date: Fri, 31 Jul 2020 13:31:16 +0200
Subject: [PATCH] Make client protection configurable (#4048)
---
install/tpl/system.ini.master | 2 +-
interface/lib/plugins/vm_openvz_plugin.inc.php | 4 ++--
interface/web/client/domain_edit.php | 8 ++++----
interface/web/mail/mail_mailinglist_edit.php | 4 ++--
interface/web/mail/xmpp_domain_edit.php | 2 +-
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master
index 05fb917875..ec6573d7b1 100644
--- a/install/tpl/system.ini.master
+++ b/install/tpl/system.ini.master
@@ -1,5 +1,4 @@
[global]
-client_protection=y
[admin]
@@ -37,6 +36,7 @@ backups_include_into_web_quota=n
reseller_can_use_options=n
web_php_options=no,fast-cgi,mod,php-fpm
show_aps_menu=n
+client_protection=y
[tools]
diff --git a/interface/lib/plugins/vm_openvz_plugin.inc.php b/interface/lib/plugins/vm_openvz_plugin.inc.php
index 3f378522bb..281fae4a1f 100644
--- a/interface/lib/plugins/vm_openvz_plugin.inc.php
+++ b/interface/lib/plugins/vm_openvz_plugin.inc.php
@@ -38,7 +38,7 @@ class vm_openvz_plugin {
$this->oldDataRecord = $page_form->oldDataRecord;
// make sure that the record belongs to the clinet group and not the admin group when admin inserts it
- // also make sure that the user can not delete domain created by a admin if client protection is enabled
+ // also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);
@@ -87,7 +87,7 @@ class vm_openvz_plugin {
$this->oldDataRecord = $page_form->oldDataRecord;
// make sure that the record belongs to the clinet group and not the admin group when a admin inserts it
- // also make sure that the user can not delete domain created by a admin if client protection is enabled
+ // also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);
diff --git a/interface/web/client/domain_edit.php b/interface/web/client/domain_edit.php
index f1614f075f..af7b900b91 100644
--- a/interface/web/client/domain_edit.php
+++ b/interface/web/client/domain_edit.php
@@ -67,7 +67,7 @@ class page_action extends tform_actions {
function onShowEnd() {
global $app, $conf, $wb;
-
+
if($_SESSION["s"]["user"]["typ"] != 'admin' && $this->id == 0) {
if(!$app->tform->checkClientLimit('limit_domainmodule')) {
$app->uses('ini_parser,getconf');
@@ -100,7 +100,7 @@ class page_action extends tform_actions {
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$client = $app->functions->htmlentities($client);
-
+
// Fill the client select field
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
//die($sql);
@@ -197,7 +197,7 @@ class page_action extends tform_actions {
global $app, $conf;
// make sure that the record belongs to the client group and not the admin group when admin inserts it
- // also make sure that the user can not delete domain created by a admin if client protection is enabled
+ // also make sure that the user can not delete domain created by a admin
if(($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) || ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid']))) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
@@ -215,7 +215,7 @@ class page_action extends tform_actions {
}
// make sure that the record belongs to the client group and not the admin group when admin inserts it
- // also make sure that the user can not delete domain created by a admin if client protection is enabled
+ // also make sure that the user can not delete domain created by a admin
if(isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
diff --git a/interface/web/mail/mail_mailinglist_edit.php b/interface/web/mail/mail_mailinglist_edit.php
index 6aba979d54..913611323d 100644
--- a/interface/web/mail/mail_mailinglist_edit.php
+++ b/interface/web/mail/mail_mailinglist_edit.php
@@ -198,7 +198,7 @@ class page_action extends tform_actions {
global $app, $conf;
// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
- // also make sure that the user can not delete domain created by a admin if client protection is enabled
+ // also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id);
@@ -235,7 +235,7 @@ class page_action extends tform_actions {
global $app, $conf;
// make sure that the record belongs to the clinet group and not the admin group when admin inserts it
- // also make sure that the user can not delete domain created by a admin if client protection is enabled
+ // also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id);
diff --git a/interface/web/mail/xmpp_domain_edit.php b/interface/web/mail/xmpp_domain_edit.php
index 508400c74c..500757c159 100644
--- a/interface/web/mail/xmpp_domain_edit.php
+++ b/interface/web/mail/xmpp_domain_edit.php
@@ -318,7 +318,7 @@ class page_action extends tform_actions {
global $app, $conf;
// make sure that the record belongs to the client group and not the admin group when admin inserts it
- // also make sure that the user can not delete domain created by a admin if client protection is enabled
+ // also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
$app->db->query("UPDATE xmpp_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
--
GitLab