Skip to content

Commit a94ccb9

Browse files
author
thom
committed
Make client protection configurable (#4048)
1 parent 6f11f6d commit a94ccb9

File tree

5 files changed

+10
-10
lines changed

5 files changed

+10
-10
lines changed

install/tpl/system.ini.master

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,4 @@
11
[global]
2-
client_protection=y
32

43
[admin]
54

@@ -37,6 +36,7 @@ backups_include_into_web_quota=n
3736
reseller_can_use_options=n
3837
web_php_options=no,fast-cgi,mod,php-fpm
3938
show_aps_menu=n
39+
client_protection=y
4040

4141

4242
[tools]

interface/lib/plugins/vm_openvz_plugin.inc.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ function openvz_vm_insert($event_name, $page_form) {
3838
$this->oldDataRecord = $page_form->oldDataRecord;
3939

4040
// make sure that the record belongs to the clinet group and not the admin group when admin inserts it
41-
// also make sure that the user can not delete domain created by a admin if client protection is enabled
41+
// also make sure that the user can not delete domain created by a admin
4242
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
4343
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
4444
$app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);
@@ -87,7 +87,7 @@ function openvz_vm_update($event_name, $page_form) {
8787
$this->oldDataRecord = $page_form->oldDataRecord;
8888

8989
// make sure that the record belongs to the clinet group and not the admin group when a admin inserts it
90-
// also make sure that the user can not delete domain created by a admin if client protection is enabled
90+
// also make sure that the user can not delete domain created by a admin
9191
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
9292
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
9393
$app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);

interface/web/client/domain_edit.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ function onShowNew() {
6767

6868
function onShowEnd() {
6969
global $app, $conf, $wb;
70-
70+
7171
if($_SESSION["s"]["user"]["typ"] != 'admin' && $this->id == 0) {
7272
if(!$app->tform->checkClientLimit('limit_domainmodule')) {
7373
$app->uses('ini_parser,getconf');
@@ -100,7 +100,7 @@ function onShowEnd() {
100100
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
101101
$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
102102
$client = $app->functions->htmlentities($client);
103-
103+
104104
// Fill the client select field
105105
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
106106
//die($sql);
@@ -197,7 +197,7 @@ function onAfterInsert() {
197197
global $app, $conf;
198198

199199
// make sure that the record belongs to the client group and not the admin group when admin inserts it
200-
// also make sure that the user can not delete domain created by a admin if client protection is enabled
200+
// also make sure that the user can not delete domain created by a admin
201201
if(($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) || ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid']))) {
202202
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
203203
$app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
@@ -215,7 +215,7 @@ function onAfterUpdate() {
215215
}
216216

217217
// make sure that the record belongs to the client group and not the admin group when admin inserts it
218-
// also make sure that the user can not delete domain created by a admin if client protection is enabled
218+
// also make sure that the user can not delete domain created by a admin
219219
if(isset($this->dataRecord["client_group_id"])) {
220220
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
221221
$app->db->query("UPDATE domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);

interface/web/mail/mail_mailinglist_edit.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -198,7 +198,7 @@ function onAfterInsert() {
198198
global $app, $conf;
199199

200200
// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
201-
// also make sure that the user can not delete domain created by a admin if client protection is enabled
201+
// also make sure that the user can not delete domain created by a admin
202202
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
203203
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
204204
$app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id);
@@ -235,7 +235,7 @@ function onAfterUpdate() {
235235
global $app, $conf;
236236

237237
// make sure that the record belongs to the clinet group and not the admin group when admin inserts it
238-
// also make sure that the user can not delete domain created by a admin if client protection is enabled
238+
// also make sure that the user can not delete domain created by a admin
239239
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
240240
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
241241
$app->db->query("UPDATE mail_mailinglist SET sys_groupid = ?, sys_perm_group = 'ru' WHERE mailinglist_id = ?", $client_group_id, $this->id);

interface/web/mail/xmpp_domain_edit.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -318,7 +318,7 @@ function onAfterInsert() {
318318
global $app, $conf;
319319

320320
// make sure that the record belongs to the client group and not the admin group when admin inserts it
321-
// also make sure that the user can not delete domain created by a admin if client protection is enabled
321+
// also make sure that the user can not delete domain created by a admin
322322
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
323323
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
324324
$app->db->query("UPDATE xmpp_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);

0 commit comments

Comments
 (0)