Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
FlockLab 1 - deprecated
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Operations
Operations
Incidents
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
TEC
P
Public
FlockLab
FlockLab 1 - deprecated
Commits
ba80497e
Commit
ba80497e
authored
Sep 03, 2019
by
Reto Da Forno
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
API updated: list of observers now depends on the user role
parent
25a2648c
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
34 additions
and
3 deletions
+34
-3
server/webserver/user/api.php
server/webserver/user/api.php
+13
-2
server/webserver/user/include/libflocklab.php
server/webserver/user/include/libflocklab.php
+20
-0
server/webserver/user/xml/flocklab.xsd
server/webserver/user/xml/flocklab.xsd
+1
-1
No files found.
server/webserver/user/api.php
View file @
ba80497e
<?php
include_once
(
'include/presets.php'
);
?>
<?php
if
(
isset
(
$_POST
[
'q'
]))
{
$status
=
array
(
'online'
);
$userrole
=
get_user_role
(
$_POST
[
'username'
]);
if
(
$userrole
==
'internal'
)
{
$status
[]
=
'internal'
;
}
if
(
$userrole
==
'admin'
)
{
$status
[]
=
'develop'
;
$status
[]
=
'internal'
;
}
$status
=
"('"
.
join
(
"', '"
,
$status
)
.
"')"
;
if
(
$_POST
[
'q'
]
==
'obs'
)
{
// return a list of the currently available observers
$db
=
db_connect
();
...
...
@@ -17,7 +28,7 @@
LEFT JOIN `flocklab`.`tbl_serv_tg_adapt_types` AS slot3 ON c.tg_adapt_types_fk = slot3.serv_tg_adapt_types_key
LEFT JOIN `flocklab`.`tbl_serv_tg_adapt_list` AS d ON obs.slot_4_tg_adapt_list_fk = d.serv_tg_adapt_list_key
LEFT JOIN `flocklab`.`tbl_serv_tg_adapt_types` AS slot4 ON d.tg_adapt_types_fk = slot4.serv_tg_adapt_types_key
WHERE obs.status
='online'
WHERE obs.status
IN
$status
ORDER BY obs.observer_id;"
;
$res
=
mysqli_query
(
$db
,
$sql
);
if
(
!
$res
)
{
...
...
@@ -51,7 +62,7 @@
LEFT JOIN `flocklab`.`tbl_serv_tg_adapt_types` AS slot3 ON c.tg_adapt_types_fk = slot3.serv_tg_adapt_types_key
LEFT JOIN `flocklab`.`tbl_serv_tg_adapt_list` AS d ON obs.slot_4_tg_adapt_list_fk = d.serv_tg_adapt_list_key
LEFT JOIN `flocklab`.`tbl_serv_tg_adapt_types` AS slot4 ON d.tg_adapt_types_fk = slot4.serv_tg_adapt_types_key
WHERE obs.status
='online'
WHERE obs.status
IN
$status
ORDER BY obs.observer_id;"
;
$res
=
mysqli_query
(
$db
,
$sql
);
if
(
!
$res
)
{
...
...
server/webserver/user/include/libflocklab.php
View file @
ba80497e
...
...
@@ -223,6 +223,26 @@ function get_admin_emails() {
return
$admins
;
}
/*
##############################################################################
#
# get_user_role
#
# Get the role (access rights) of a user
#
##############################################################################
*/
function
get_user_role
(
$username
)
{
$db
=
db_connect
();
$sql
=
"SELECT role FROM tbl_serv_users WHERE username = '"
.
mysqli_real_escape_string
(
$db
,
$username
)
.
"'"
;
$rs
=
mysqli_query
(
$db
,
$sql
)
or
flocklab_die
(
'Cannot authenticate because: '
.
mysqli_error
(
$db
));
$rows
=
mysqli_fetch_array
(
$rs
);
if
(
$rows
)
{
return
$rows
[
'role'
];
}
return
'user'
;
/* default */
}
/*
##############################################################################
#
...
...
server/webserver/user/xml/flocklab.xsd
View file @
ba80497e
...
...
@@ -333,7 +333,7 @@
<xs:simpleType
name=
"obsIdType"
>
<xs:restriction
base=
"xs:integer"
>
<xs:pattern
value=
"001|002|003|004|006|007|008|010|011|013|014|015|016|017|018|019|020|022|023|024|025|026|027|028|029|031|032|033|300|301|302|303"
/>
<xs:pattern
value=
"
1|2|3|4|6|7|8|10|11|13|14|15|16|17|18|19|20|22|23|24|25|26|27|28|29|31|32|33|
001|002|003|004|006|007|008|010|011|013|014|015|016|017|018|019|020|022|023|024|025|026|027|028|029|031|032|033|300|301|302|303"
/>
</xs:restriction>
</xs:simpleType>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment