inext/urbackup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

diritti sistemati

Browse Source
This commit is contained in:
mariano
2026-05-21 12:29:33 +02:00
parent f0a5be45ee
commit f7c1ab8aa4
4 changed files with 91 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files
MEMORY.md
+7 -4
View File
@@ -312,8 +312,11 @@ Il test del pulsante "Test API" continua a restituire 403 Forbidden quando acces
- `prepareInputForUpdate()` normalizza anche valori vuoti - `prepareInputForUpdate()` normalizza anche valori vuoti
**File modificati**: **File modificati**:
- `src/Server.php`: `showFormFields()`, `showMissingClientsTab()`, `getCachedName()` fix, `getAssetGroupName()`, `getAssetIp()`, `getCachedLocationName()`, `prepareInputForAdd/Update` default fix, icona menu `ti-hard-drives` - `src/Server.php`: `showFormFields()`, `showMissingClientsTab()`, `getCachedName()` fix, `getAssetGroupName()`, `getAssetIp()`, `getCachedLocationName()`, `prepareInputForAdd/Update` default fix, icona `ti-cloud-up`
- `front/server.form.php`: Tab laterali, tab hash JS, breadcrumb admin, navigazione server - `front/server.form.php`: Tab laterali, tab hash JS, breadcrumb admin, navigazione server
- `front/server.php`: Breadcrumb admin, rimosso pulsante "Add" manuale (GLPI lo genera) - `front/server.php`: Breadcrumb admin, rimosso pulsante "Add" manuale
- `src/Profile.php`: Icona profilo `ti-hard-drives` - `src/Profile.php`: Icona `ti-cloud-up`
- `src/AssetTab.php`: Icona tab asset `ti-hard-drives` - `src/AssetTab.php`: Icona `ti-cloud-up`
- **Permessi**: `front/server.form.php` ora usa READ invece di UPDATE per accesso form; View search option + pulsanti Connect nascosti per READ; API username/password nascosti per READ
- **i18n**: aggiunte 17 stringhe mancanti con dominio `urbackup` a tutti i file e .po/.mo (it, en, de)
- **Bug fix**: ServerAsset colonne rimosse, asset.form.php usa disconnectAsset(), `declare(strict_types=1)` in 11 file
front/server.form.php
+1 -1
View File
@@ -12,7 +12,7 @@ if (!defined('GLPI_ROOT')) {
include_once GLPI_ROOT . "/inc/includes.php"; include_once GLPI_ROOT . "/inc/includes.php";
if (!Profile::canCurrentUser(UPDATE)) { if (!Profile::canCurrentUser(READ)) {
Html::displayRightError(); Html::displayRightError();
} }
src/AssetTab.php
+13 -18
View File
@@ -326,15 +326,19 @@ class AssetTab extends CommonDBTM
): void { ): void {
echo "<div class='plugin-urbackup-inner-tabs'>"; echo "<div class='plugin-urbackup-inner-tabs'>";
$canWrite = Session::haveRight(self::$rightname, UPDATE) || Session::haveRight(self::$rightname, CREATE);
echo '<ul class="nav nav-tabs" id="urbackupTabs">'; echo '<ul class="nav nav-tabs" id="urbackupTabs">';
echo '<li class="nav-item">'; echo '<li class="nav-item">';
echo '<a class="nav-link active" id="state-tab" data-bs-toggle="tab" href="#state" role="tab">'; echo '<a class="nav-link active" id="state-tab" data-bs-toggle="tab" href="#state" role="tab">';
echo htmlspecialchars(__('State', 'urbackup')); echo htmlspecialchars(__('State', 'urbackup'));
echo '</a></li>'; echo '</a></li>';
echo '<li class="nav-item">'; if ($canWrite) {
echo '<a class="nav-link" id="actions-tab" data-bs-toggle="tab" href="#actions" role="tab">'; echo '<li class="nav-item">';
echo htmlspecialchars(__('Actions', 'urbackup')); echo '<a class="nav-link" id="actions-tab" data-bs-toggle="tab" href="#actions" role="tab">';
echo '</a></li>'; echo htmlspecialchars(__('Actions', 'urbackup'));
echo '</a></li>';
}
echo '<li class="nav-item">'; echo '<li class="nav-item">';
echo '<a class="nav-link" id="logs-tab" data-bs-toggle="tab" href="#logs" role="tab">'; echo '<a class="nav-link" id="logs-tab" data-bs-toggle="tab" href="#logs" role="tab">';
echo htmlspecialchars(__('Info / Log', 'urbackup')); echo htmlspecialchars(__('Info / Log', 'urbackup'));
@@ -347,9 +351,11 @@ class AssetTab extends CommonDBTM
self::showStateSection($server, $link, $api_data); self::showStateSection($server, $link, $api_data);
echo '</div>'; echo '</div>';
echo '<div class="tab-pane fade" id="actions" role="tabpanel">'; if ($canWrite) {
self::showActionsSection($item, $server, $link, $api_data); echo '<div class="tab-pane fade" id="actions" role="tabpanel">';
echo '</div>'; self::showActionsSection($item, $server, $link, $api_data);
echo '</div>';
}
echo '<div class="tab-pane fade" id="logs" role="tabpanel">'; echo '<div class="tab-pane fade" id="logs" role="tabpanel">';
self::showInfoLogSection($api_data); self::showInfoLogSection($api_data);
@@ -450,17 +456,6 @@ class AssetTab extends CommonDBTM
echo "<table class='tab_cadre_fixe'>"; echo "<table class='tab_cadre_fixe'>";
echo "<tr><th colspan='2'>" . htmlspecialchars(__('Available actions', 'urbackup')) . "</th></tr>"; echo "<tr><th colspan='2'>" . htmlspecialchars(__('Available actions', 'urbackup')) . "</th></tr>";
if (!Profile::canCurrentUser(UPDATE) && !Profile::canCurrentUser(CREATE)) {
echo "<tr class='tab_bg_1'>";
echo "<td colspan='2'>";
echo htmlspecialchars(__('You do not have permission for UrBackup actions.', 'urbackup'));
echo "</td>";
echo "</tr>";
echo "</table>";
return;
}
if (!$api_data['client_found'] && Profile::canCurrentUser(CREATE)) { if (!$api_data['client_found'] && Profile::canCurrentUser(CREATE)) {
echo "<tr class='tab_bg_1'>"; echo "<tr class='tab_bg_1'>";
echo "<td>" . htmlspecialchars(__('Create client in UrBackup', 'urbackup')) . "</td>"; echo "<td>" . htmlspecialchars(__('Create client in UrBackup', 'urbackup')) . "</td>";
src/Server.php
+70 -46
View File
@@ -297,15 +297,17 @@ class Server extends CommonDBTM
'datatype' => 'datetime', 'datatype' => 'datetime',
]; ];
$tab[] = [ if (Session::haveRight(self::$rightname, UPDATE)) {
'id' => 13, $tab[] = [
'table' => self::getTable(), 'id' => 13,
'field' => 'id', 'table' => self::getTable(),
'name' => __('View', 'urbackup'), 'field' => 'id',
'massiveaction' => false, 'name' => __('View', 'urbackup'),
'datatype' => 'raw', 'massiveaction' => false,
'searchtype' => 'view', 'datatype' => 'raw',
]; 'searchtype' => 'view',
];
}
return $tab; return $tab;
} }
@@ -431,21 +433,31 @@ class Server extends CommonDBTM
echo "</td>"; echo "</td>";
echo "</tr>"; echo "</tr>";
$canUpdate = Session::haveRight(self::$rightname, UPDATE);
echo "<tr class='tab_bg_1'>"; echo "<tr class='tab_bg_1'>";
echo "<td>" . htmlspecialchars(__('API username', 'urbackup')) . "</td>"; echo "<td>" . htmlspecialchars(__('API username', 'urbackup')) . "</td>";
echo "<td>"; echo "<td>";
echo Html::input('api_username', [ if ($canUpdate) {
'value' => $this->fields['api_username'] ?? '', echo Html::input('api_username', [
'size' => 40, 'value' => $this->fields['api_username'] ?? '',
'autocomplete' => 'off', 'size' => 40,
]); 'autocomplete' => 'off',
]);
} else {
echo htmlspecialchars($this->fields['api_username'] ?? '');
}
echo "</td>"; echo "</td>";
echo "<td>" . htmlspecialchars(__('API password', 'urbackup')) . "</td>"; echo "<td>" . htmlspecialchars(__('API password', 'urbackup')) . "</td>";
echo "<td>"; echo "<td>";
echo "<input type='password' name='api_password' value='" . if ($canUpdate) {
htmlspecialchars((string) ($this->fields['api_password'] ?? '')) . echo "<input type='password' name='api_password' value='" .
"' autocomplete='new-password'>"; htmlspecialchars((string) ($this->fields['api_password'] ?? '')) .
"' autocomplete='new-password'>";
} else {
echo '******';
}
echo "</td>"; echo "</td>";
echo "</tr>"; echo "</tr>";
@@ -992,6 +1004,8 @@ class Server extends CommonDBTM
} }
} }
$canWrite = Session::haveRight(self::$rightname, UPDATE) || Session::haveRight(self::$rightname, CREATE);
echo '<table class="table table-striped table-hover">'; echo '<table class="table table-striped table-hover">';
echo '<thead>'; echo '<thead>';
echo '<tr>'; echo '<tr>';
@@ -1000,7 +1014,9 @@ class Server extends CommonDBTM
echo '<th>' . htmlspecialchars(__('Status', 'urbackup')) . '</th>'; echo '<th>' . htmlspecialchars(__('Status', 'urbackup')) . '</th>';
echo '<th>' . htmlspecialchars(__('Last backup', 'urbackup')) . '</th>'; echo '<th>' . htmlspecialchars(__('Last backup', 'urbackup')) . '</th>';
echo '<th>' . htmlspecialchars(__('IP address', 'urbackup')) . '</th>'; echo '<th>' . htmlspecialchars(__('IP address', 'urbackup')) . '</th>';
echo '<th>' . htmlspecialchars(__('Actions', 'urbackup')) . '</th>'; if ($canWrite) {
echo '<th>' . htmlspecialchars(__('Actions', 'urbackup')) . '</th>';
}
echo '</tr>'; echo '</tr>';
echo '</thead>'; echo '</thead>';
echo '<tbody>'; echo '<tbody>';
@@ -1025,23 +1041,25 @@ class Server extends CommonDBTM
echo '<td>' . $statusHtml . '</td>'; echo '<td>' . $statusHtml . '</td>';
echo '<td>' . htmlspecialchars($lastBackup ?: '-') . '</td>'; echo '<td>' . htmlspecialchars($lastBackup ?: '-') . '</td>';
echo '<td>' . htmlspecialchars($clientIp ?: '-') . '</td>'; echo '<td>' . htmlspecialchars($clientIp ?: '-') . '</td>';
echo '<td>'; if ($canWrite) {
if (isset($linkableAssets[$clientNameLower])) { echo '<td>';
$match = $linkableAssets[$clientNameLower]; if (isset($linkableAssets[$clientNameLower])) {
$formAction = PLUGIN_URBACKUP_WEB_DIR . '/front/server.form.php'; $match = $linkableAssets[$clientNameLower];
echo '<form method="post" action="' . htmlspecialchars($formAction) . '" class="d-inline">'; $formAction = PLUGIN_URBACKUP_WEB_DIR . '/front/server.form.php';
echo Html::hidden('_glpi_csrf_token', ['value' => Session::getNewCSRFToken()]); echo '<form method="post" action="' . htmlspecialchars($formAction) . '" class="d-inline">';
echo Html::hidden('itemtype', ['value' => $match['itemtype']]); echo Html::hidden('_glpi_csrf_token', ['value' => Session::getNewCSRFToken()]);
echo Html::hidden('items_id', ['value' => $match['items_id']]); echo Html::hidden('itemtype', ['value' => $match['itemtype']]);
echo Html::hidden('id', ['value' => (int) $server->fields['id']]); echo Html::hidden('items_id', ['value' => $match['items_id']]);
echo '<button type="submit" name="link_asset" value="1" class="btn btn-primary btn-sm">'; echo Html::hidden('id', ['value' => (int) $server->fields['id']]);
echo htmlspecialchars(__('Connect')); echo '<button type="submit" name="link_asset" value="1" class="btn btn-primary btn-sm">';
echo '</button>'; echo htmlspecialchars(__('Connect'));
Html::closeForm(); echo '</button>';
} else { Html::closeForm();
echo '<span class="text-muted">—</span>'; } else {
echo '<span class="text-muted">—</span>';
}
echo '</td>';
} }
echo '</td>';
echo '</tr>'; echo '</tr>';
} }
@@ -1053,6 +1071,8 @@ class Server extends CommonDBTM
{ {
global $DB; global $DB;
$canWrite = Session::haveRight(self::$rightname, UPDATE) || Session::haveRight(self::$rightname, CREATE);
$apiStatus = (int) ($server->fields['last_api_status'] ?? 0); $apiStatus = (int) ($server->fields['last_api_status'] ?? 0);
if ($apiStatus !== 1) { if ($apiStatus !== 1) {
echo '<div class="alert alert-warning">'; echo '<div class="alert alert-warning">';
@@ -1196,7 +1216,9 @@ class Server extends CommonDBTM
echo '<th class="sortable" data-col="5">' . htmlspecialchars(State::getTypeName(1)) . ' <span class="sort-arrow"></span></th>'; echo '<th class="sortable" data-col="5">' . htmlspecialchars(State::getTypeName(1)) . ' <span class="sort-arrow"></span></th>';
echo '<th class="sortable" data-col="6">' . htmlspecialchars(User::getTypeName(1)) . ' <span class="sort-arrow"></span></th>'; echo '<th class="sortable" data-col="6">' . htmlspecialchars(User::getTypeName(1)) . ' <span class="sort-arrow"></span></th>';
echo '<th class="sortable" data-col="7">' . htmlspecialchars(Group::getTypeName(1)) . ' <span class="sort-arrow"></span></th>'; echo '<th class="sortable" data-col="7">' . htmlspecialchars(Group::getTypeName(1)) . ' <span class="sort-arrow"></span></th>';
echo '<th data-col="8">' . htmlspecialchars(__('Actions', 'urbackup')) . '</th>'; if ($canWrite) {
echo '<th data-col="8">' . htmlspecialchars(__('Actions', 'urbackup')) . '</th>';
}
echo '</tr></thead>'; echo '</tr></thead>';
echo '<tbody>'; echo '<tbody>';
@@ -1222,17 +1244,19 @@ class Server extends CommonDBTM
echo '<td>' . htmlspecialchars($asset['state']) . '</td>'; echo '<td>' . htmlspecialchars($asset['state']) . '</td>';
echo '<td>' . htmlspecialchars($asset['user']) . '</td>'; echo '<td>' . htmlspecialchars($asset['user']) . '</td>';
echo '<td>' . htmlspecialchars($asset['group']) . '</td>'; echo '<td>' . htmlspecialchars($asset['group']) . '</td>';
echo '<td>'; if ($canWrite) {
echo '<form method="post" action="' . htmlspecialchars($formAction) . '" class="d-inline">'; echo '<td>';
echo Html::hidden('_glpi_csrf_token', ['value' => Session::getNewCSRFToken()]); echo '<form method="post" action="' . htmlspecialchars($formAction) . '" class="d-inline">';
echo Html::hidden('itemtype', ['value' => $asset['itemtype']]); echo Html::hidden('_glpi_csrf_token', ['value' => Session::getNewCSRFToken()]);
echo Html::hidden('items_id', ['value' => $asset['items_id']]); echo Html::hidden('itemtype', ['value' => $asset['itemtype']]);
echo Html::hidden('id', ['value' => (int) $server->fields['id']]); echo Html::hidden('items_id', ['value' => $asset['items_id']]);
echo '<button type="submit" name="link_asset" value="1" class="btn btn-primary btn-sm">'; echo Html::hidden('id', ['value' => (int) $server->fields['id']]);
echo htmlspecialchars(__('Connect')); echo '<button type="submit" name="link_asset" value="1" class="btn btn-primary btn-sm">';
echo '</button>'; echo htmlspecialchars(__('Connect'));
Html::closeForm(); echo '</button>';
echo '</td>'; Html::closeForm();
echo '</td>';
}
echo '</tr>'; echo '</tr>';
} }