From 2770e752b448815e929586ef0e576818cd36134d Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 11:56:51 -0500 Subject: [PATCH 01/13] create new permission group "Groups" in php --- web/includes/actions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/includes/actions.php b/web/includes/actions.php index 6fdb33a9bf..1f9a72be63 100644 --- a/web/includes/actions.php +++ b/web/includes/actions.php @@ -624,8 +624,8 @@ function getAffectedIds( $name ) } } - // System view actions - if ( $action == "setgroup" ) { + // Group view actions + if ( canView( 'Groups' ) && $action == "setgroup" ) { if ( !empty($_REQUEST['gid']) ) { setcookie( "zmGroup", validInt($_REQUEST['gid']), time()+3600*24*30*12*10 ); } else { From 936aa00a5ef99287029ac39abfec8b65a2b56bd7 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 12:00:48 -0500 Subject: [PATCH 02/13] add sql bits --- db/zm_create.sql.in | 1 + db/zm_update-1.28.101.sql | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 db/zm_update-1.28.101.sql diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index c52c5741e5..f44fac8129 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -461,6 +461,7 @@ CREATE TABLE `Users` ( `Events` enum('None','View','Edit') NOT NULL default 'None', `Control` enum('None','View','Edit') NOT NULL default 'None', `Monitors` enum('None','View','Edit') NOT NULL default 'None', + `Groups` enum('None','View','Edit') NOT NULL default 'None', `Devices` enum('None','View','Edit') NOT NULL default 'None', `System` enum('None','View','Edit') NOT NULL default 'None', `MaxBandwidth` varchar(16) NOT NULL default '', diff --git a/db/zm_update-1.28.101.sql b/db/zm_update-1.28.101.sql new file mode 100644 index 0000000000..eb0fc51664 --- /dev/null +++ b/db/zm_update-1.28.101.sql @@ -0,0 +1,23 @@ +-- +-- This updates a 1.28.100 database to 1.28.101 +-- + +-- +-- Add Groups column to Users +-- + + +SET @s = (SELECT IF( + (SELECT COUNT(*) + FROM INFORMATION_SCHEMA.COLUMNS + WHERE table_name = 'Users' + AND table_schema = DATABASE() + AND column_name = 'Groups' + ) > 0, +"SELECT 'Column Groups exists in Users'", +"ALTER TABLE Monitors ADD COLUMN `Groups` ENUM('None','View','Edit') NOT NULL DEFAULT 'None' AFTER `Monitors`; +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; + From 85e2b165b1733bf30775b389c028209507bcd841 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 12:01:57 -0500 Subject: [PATCH 03/13] bump version to 1.28.101 --- CMakeLists.txt | 2 +- configure.ac | 2 +- version | 2 +- web/skins/classic/views/console.php | 2 +- web/skins/classic/views/groups.php | 10 +++++++--- web/skins/classic/views/user.php | 4 ++++ 6 files changed, 15 insertions(+), 7 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index aa5a3219ee..3ffaf99ce2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ # cmake_minimum_required (VERSION 2.6) project (zoneminder) -set(zoneminder_VERSION "1.28.100") +set(zoneminder_VERSION "1.28.101") # make API version a minor of ZM version set(zoneminder_API_VERSION "${zoneminder_VERSION}.1") diff --git a/configure.ac b/configure.ac index 23ca6db471..8017087e26 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ # For instructions on building with cmake, please see INSTALL # AC_PREREQ(2.59) -AC_INIT(zm,1.28.100,[http://www.zoneminder.com/forums/ - Please check FAQ first],zoneminder,http://www.zoneminder.com/downloads.html) +AC_INIT(zm,1.28.101,[http://www.zoneminder.com/forums/ - Please check FAQ first],zoneminder,http://www.zoneminder.com/downloads.html) AM_INIT_AUTOMAKE AC_CONFIG_SRCDIR(src/zm.h) AC_CONFIG_HEADERS(config.h) diff --git a/version b/version index 1bffe5fbae..d21af57614 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.28.100 +1.28.101 diff --git a/web/skins/classic/views/console.php b/web/skins/classic/views/console.php index 69c1f81c14..ded0bb6ab2 100644 --- a/web/skins/classic/views/console.php +++ b/web/skins/classic/views/console.php @@ -191,7 +191,7 @@

: / : %

ZoneMinder - - v'.ZM_VERSION.'', canEdit( 'System' ) ) ?>

-
+
- /> - /> - /> + /> + /> + />
diff --git a/web/skins/classic/views/user.php b/web/skins/classic/views/user.php index 274fd2fc5b..d6f5776040 100644 --- a/web/skins/classic/views/user.php +++ b/web/skins/classic/views/user.php @@ -117,6 +117,10 @@ + + + + From c828a3df337c74b4cd32bb475cb5acb5799e0a71 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 12:13:35 -0500 Subject: [PATCH 04/13] typo --- db/zm_update-1.28.101.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_update-1.28.101.sql b/db/zm_update-1.28.101.sql index eb0fc51664..f3eae5711d 100644 --- a/db/zm_update-1.28.101.sql +++ b/db/zm_update-1.28.101.sql @@ -15,7 +15,7 @@ SET @s = (SELECT IF( AND column_name = 'Groups' ) > 0, "SELECT 'Column Groups exists in Users'", -"ALTER TABLE Monitors ADD COLUMN `Groups` ENUM('None','View','Edit') NOT NULL DEFAULT 'None' AFTER `Monitors`; +"ALTER TABLE Monitors ADD COLUMN `Groups` ENUM('None','View','Edit') NOT NULL DEFAULT 'None' AFTER `Monitors`" )); PREPARE stmt FROM @s; From 1d97e9d1f90a62243e5b15e75e53e87a17600950 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 12:24:48 -0500 Subject: [PATCH 05/13] Add Groups column to options --- web/skins/classic/views/options.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 5e335ce438..d5f41a7791 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -159,6 +159,7 @@ + From c051f3482bcbf3e98c3eecab6413f5e02e9e827f Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 12:37:25 -0500 Subject: [PATCH 06/13] add Groups to options again --- web/skins/classic/views/options.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index d5f41a7791..7b24eafa76 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -195,6 +195,7 @@ + From 1d688be1a1e51704cc0a939a3f41f6ef1c00d6be Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 13:22:13 -0500 Subject: [PATCH 07/13] propagate canEditGroup permission --- web/includes/actions.php | 44 +++++++++++++++------------- web/skins/classic/js/skin.js.php | 2 ++ web/skins/classic/views/js/groups.js | 2 +- 3 files changed, 26 insertions(+), 22 deletions(-) diff --git a/web/includes/actions.php b/web/includes/actions.php index 1f9a72be63..e8e4b1e350 100644 --- a/web/includes/actions.php +++ b/web/includes/actions.php @@ -625,14 +625,29 @@ function getAffectedIds( $name ) } // Group view actions - if ( canView( 'Groups' ) && $action == "setgroup" ) { - if ( !empty($_REQUEST['gid']) ) { - setcookie( "zmGroup", validInt($_REQUEST['gid']), time()+3600*24*30*12*10 ); - } else { - setcookie( "zmGroup", "", time()-3600*24*2 ); - } - $refreshParent = true; - } + if ( canView( 'Groups' ) && $action == "setgroup" ) { + if ( !empty($_REQUEST['gid']) ) { + setcookie( "zmGroup", validInt($_REQUEST['gid']), time()+3600*24*30*12*10 ); + } else { + setcookie( "zmGroup", "", time()-3600*24*2 ); + } + $refreshParent = true; + } + + // Group edit actions + if ( canEdit( 'Groups' ) && $action == "group" ) + { + # Should probably verfy that each monitor id is a valid monitor, that we have access to. HOwever at the moment, you have to have System permissions to do this + $monitors = empty( $_POST['newGroup']['MonitorIds'] ) ? NULL : implode(',', $_POST['newGroup']['MonitorIds']); + if ( !empty($_POST['gid']) ) { + dbQuery( "UPDATE Groups SET Name=?, MonitorIds=? WHERE Id=?", array($_POST['newGroup']['Name'], $monitors, $_POST['gid']) ); + } else { + dbQuery( "INSERT INTO Groups SET Name=?, MonitorIds=?", array( $_POST['newGroup']['Name'], $monitors ) ); + } + + $refreshParent = true; + $view = 'none'; + } // System edit actions if ( canEdit( 'System' ) ) @@ -851,19 +866,6 @@ function getAffectedIds( $name ) dbQuery( "replace into States set Name=?, Definition=?", array( $_REQUEST['runState'],$definition) ); } } - elseif ( $action == "group" ) - { - # Should probably verfy that each monitor id is a valid monitor, that we have access to. HOwever at the moment, you have to have System permissions to do this - $monitors = empty( $_POST['newGroup']['MonitorIds'] ) ? NULL : implode(',', $_POST['newGroup']['MonitorIds']); - if ( !empty($_POST['gid']) ) { - dbQuery( "UPDATE Groups SET Name=?, MonitorIds=? WHERE Id=?", array($_POST['newGroup']['Name'], $monitors, $_POST['gid']) ); - } else { - dbQuery( "INSERT INTO Groups SET Name=?, MonitorIds=?", array( $_POST['newGroup']['Name'], $monitors ) ); - } - - $refreshParent = true; - $view = 'none'; - } elseif ( $action == "delete" ) { if ( isset($_REQUEST['runState']) ) diff --git a/web/skins/classic/js/skin.js.php b/web/skins/classic/js/skin.js.php index 5a27c6550f..d5d4141115 100644 --- a/web/skins/classic/js/skin.js.php +++ b/web/skins/classic/js/skin.js.php @@ -33,6 +33,8 @@ var canEditSystem = ; var canViewSystem = ; +var canEditGroups = ; + var refreshParent = ; var focusWindow = ; diff --git a/web/skins/classic/views/js/groups.js b/web/skins/classic/views/js/groups.js index 3756f4b83c..199ababc27 100644 --- a/web/skins/classic/views/js/groups.js +++ b/web/skins/classic/views/js/groups.js @@ -33,7 +33,7 @@ function deleteGroup( element ) function configureButtons( element ) { - if ( canEditSystem ) + if ( canEditGroups ) { var form = element.form; if ( element.checked ) From c53bb7f56f6dfb95409c60110c4c0ef941447ccd Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 13:45:43 -0500 Subject: [PATCH 08/13] change edit permission from system to groups --- web/skins/classic/views/group.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/group.php b/web/skins/classic/views/group.php index ce50cc8755..758b81f9e5 100644 --- a/web/skins/classic/views/group.php +++ b/web/skins/classic/views/group.php @@ -18,7 +18,7 @@ // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // -if ( !canEdit( 'System' ) ) +if ( !canEdit( 'Groups' ) ) { $view = "error"; return; @@ -78,7 +78,7 @@
- disabled="disabled"/> + disabled="disabled"/>
From 0dc35553ef752d83bfb64a6aa02c8646f30e9126 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 14:03:11 -0500 Subject: [PATCH 09/13] modify group delete action --- web/includes/actions.php | 45 ++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/web/includes/actions.php b/web/includes/actions.php index e8e4b1e350..7868f0adb1 100644 --- a/web/includes/actions.php +++ b/web/includes/actions.php @@ -635,18 +635,30 @@ function getAffectedIds( $name ) } // Group edit actions - if ( canEdit( 'Groups' ) && $action == "group" ) - { - # Should probably verfy that each monitor id is a valid monitor, that we have access to. HOwever at the moment, you have to have System permissions to do this - $monitors = empty( $_POST['newGroup']['MonitorIds'] ) ? NULL : implode(',', $_POST['newGroup']['MonitorIds']); - if ( !empty($_POST['gid']) ) { - dbQuery( "UPDATE Groups SET Name=?, MonitorIds=? WHERE Id=?", array($_POST['newGroup']['Name'], $monitors, $_POST['gid']) ); - } else { - dbQuery( "INSERT INTO Groups SET Name=?, MonitorIds=?", array( $_POST['newGroup']['Name'], $monitors ) ); + if ( canEdit( 'Groups' ) ) { + if ( $action == "group" ) { + # Should probably verfy that each monitor id is a valid monitor, that we have access to. HOwever at the moment, you have to have System permissions to do this + $monitors = empty( $_POST['newGroup']['MonitorIds'] ) ? NULL : implode(',', $_POST['newGroup']['MonitorIds']); + if ( !empty($_POST['gid']) ) { + dbQuery( "UPDATE Groups SET Name=?, MonitorIds=? WHERE Id=?", array($_POST['newGroup']['Name'], $monitors, $_POST['gid']) ); + } else { + dbQuery( "INSERT INTO Groups SET Name=?, MonitorIds=?", array( $_POST['newGroup']['Name'], $monitors ) ); + } + $view = 'none'; + } + if ( !empty($_REQUEST['gid']) && $action == "delete" ) { + dbQuery( "delete from Groups where Id = ?", array($_REQUEST['gid']) ); + if ( isset($_COOKIE['zmGroup']) ) + { + if ( $_REQUEST['gid'] == $_COOKIE['zmGroup'] ) + { + unset( $_COOKIE['zmGroup'] ); + setcookie( "zmGroup", "", time()-3600*24*2 ); + $refreshParent = true; + } + } } - $refreshParent = true; - $view = 'none'; } // System edit actions @@ -878,19 +890,6 @@ function getAffectedIds( $name ) if ( $markUid == $user['Id'] ) userLogout(); } - if ( !empty($_REQUEST['gid']) ) - { - dbQuery( "delete from Groups where Id = ?", array($_REQUEST['gid']) ); - if ( isset($_COOKIE['zmGroup']) ) - { - if ( $_REQUEST['gid'] == $_COOKIE['zmGroup'] ) - { - unset( $_COOKIE['zmGroup'] ); - setcookie( "zmGroup", "", time()-3600*24*2 ); - $refreshParent = true; - } - } - } } } else From 36c7d7f9c22a4a5255793ee5c33a8d4bec3ffa6b Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 14:58:41 -0500 Subject: [PATCH 10/13] Add Group Edit permission to the default admin account --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index f44fac8129..8c7a840d40 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -547,7 +547,7 @@ CREATE TABLE `Zones` ( -- -- Create a default admin user. -- -insert into Users VALUES (NULL,'admin',password('admin'),'',1,'View','Edit','Edit','Edit','Edit','Edit','',''); +insert into Users VALUES (NULL,'admin',password('admin'),'',1,'View','Edit','Edit','Edit','Edit','Edit','Edit','',''); -- -- Add a sample filter to purge the oldest 100 events when the disk is 95% full From 461f81089bfa144f1dd6f01181ab07480c9137ae Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 15:42:00 -0500 Subject: [PATCH 11/13] change table name from monitors to users --- db/zm_update-1.28.101.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_update-1.28.101.sql b/db/zm_update-1.28.101.sql index f3eae5711d..adf3f34e86 100644 --- a/db/zm_update-1.28.101.sql +++ b/db/zm_update-1.28.101.sql @@ -15,7 +15,7 @@ SET @s = (SELECT IF( AND column_name = 'Groups' ) > 0, "SELECT 'Column Groups exists in Users'", -"ALTER TABLE Monitors ADD COLUMN `Groups` ENUM('None','View','Edit') NOT NULL DEFAULT 'None' AFTER `Monitors`" +"ALTER TABLE Users ADD COLUMN `Groups` ENUM('None','View','Edit') NOT NULL DEFAULT 'None' AFTER `Monitors`" )); PREPARE stmt FROM @s; From 5b2155f551bd78e96f9a960fd09da964e4349053 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sat, 15 Aug 2015 16:47:07 -0500 Subject: [PATCH 12/13] define Groups permission for the default user --- web/includes/config.php.in | 1 + 1 file changed, 1 insertion(+) diff --git a/web/includes/config.php.in b/web/includes/config.php.in index fbcb0e7b33..4378ef1ece 100644 --- a/web/includes/config.php.in +++ b/web/includes/config.php.in @@ -131,6 +131,7 @@ $GLOBALS['defaultUser'] = array( "Events" => 'Edit', "Control" => 'Edit', "Monitors" => 'Edit', + "Groups" => 'Edit', "Devices" => 'Edit', "System" => 'Edit', "MaxBandwidth" => "", From 32f6c92b025fb75d07122ed9d4dda7d3266cc195 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sun, 16 Aug 2015 12:29:03 -0500 Subject: [PATCH 13/13] replace php short open tag --- web/skins/classic/views/console.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/console.php b/web/skins/classic/views/console.php index ded0bb6ab2..915972d100 100644 --- a/web/skins/classic/views/console.php +++ b/web/skins/classic/views/console.php @@ -191,7 +191,7 @@

: / : %

ZoneMinder - - v'.ZM_VERSION.'', canEdit( 'System' ) ) ?>

-
+