mirror of https://github.com/itflow-org/itflow
Client Access: Allow to select Client Access Restrictions for existing users
This commit is contained in:
johnnyq
parent
85bf412f53
commit
9876c33d2e
|
|
@ -66,7 +66,7 @@
|
|||
<label>Restrict Client Access</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="clients[]" data-placeholder="Restrict Client Access" multiple>
|
||||
<?php
|
||||
|
|
|
|||
|
|
@ -84,6 +84,29 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Restrict Client Access</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="clients[]" data-placeholder="Restrict Client Access" multiple>
|
||||
<?php
|
||||
|
||||
$sql_client_select = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_client_select)) {
|
||||
$client_id_select = intval($row['client_id']);
|
||||
$client_name_select = nullable_htmlentities($row['client_name']);
|
||||
|
||||
?>
|
||||
<option <?php if (in_array($client_id_select, $client_access_array)) { echo "selected"; } ?> value="<?php echo $client_id_select; ?>"><?php echo $client_name_select; ?></option>
|
||||
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
<small class="text-muted">Leave Blank for Full access to all clients, no affect on users with the admin role.</small>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Avatar</label>
|
||||
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
|
||||
|
|
|
|||
|
|
@ -125,9 +125,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
$last_login = "$log_created_at<small class='text-secondary'><div class='mt-1'>$log_user_os</div><div class='mt-1'>$log_user_browser</div><div class='mt-1'><i class='fa fa-fw fa-globe'></i> $log_ip</div></small>";
|
||||
}
|
||||
|
||||
// Get User Client Access Permissions
|
||||
$user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_permissions WHERE user_id = $user_id");
|
||||
$client_access_array = [];
|
||||
while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
|
||||
$client_access_array[] = intval($row['client_id']);
|
||||
}
|
||||
|
||||
$sql_remember_tokens = mysqli_query($mysqli, "SELECT * FROM remember_tokens WHERE remember_token_user_id = $user_id");
|
||||
$remember_token_count = mysqli_num_rows($sql_remember_tokens);
|
||||
|
||||
|
||||
|
||||
?>
|
||||
<tr>
|
||||
<td class="text-center">
|
||||
|
|
|
|||
|
|
@ -113,6 +113,15 @@ if (isset($_POST['edit_user'])) {
|
|||
$user_id = intval($_POST['user_id']);
|
||||
$new_password = trim($_POST['new_password']);
|
||||
|
||||
// Update Client Access
|
||||
mysqli_query($mysqli,"DELETE FROM user_permissions WHERE user_id = $user_id");
|
||||
if (!empty($_POST['clients'])) {
|
||||
foreach($_POST['clients'] as $client_id) {
|
||||
$client_id = intval($client_id);
|
||||
mysqli_query($mysqli,"INSERT INTO user_permissions SET user_id = $user_id, client_id = $client_id");
|
||||
}
|
||||
}
|
||||
|
||||
// Get current Avatar
|
||||
$sql = mysqli_query($mysqli, "SELECT user_avatar FROM users WHERE user_id = $user_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
|
|
|||
Loading…
Reference in New Issue