mirror of https://github.com/itflow-org/itflow
Client Access: Allow to select Client Access Restrictions for existing users
This commit is contained in:
johnnyq
parent
85bf412f53
commit
9876c33d2e
|
|
@ -66,7 +66,7 @@
|
||||||
<label>Restrict Client Access</label>
|
<label>Restrict Client Access</label>
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<div class="input-group-prepend">
|
<div class="input-group-prepend">
|
||||||
<span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
|
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
|
||||||
</div>
|
</div>
|
||||||
<select class="form-control select2" name="clients[]" data-placeholder="Restrict Client Access" multiple>
|
<select class="form-control select2" name="clients[]" data-placeholder="Restrict Client Access" multiple>
|
||||||
<?php
|
<?php
|
||||||
|
|
|
||||||
|
|
@ -84,6 +84,29 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label>Restrict Client Access</label>
|
||||||
|
<div class="input-group">
|
||||||
|
<div class="input-group-prepend">
|
||||||
|
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
|
||||||
|
</div>
|
||||||
|
<select class="form-control select2" name="clients[]" data-placeholder="Restrict Client Access" multiple>
|
||||||
|
<?php
|
||||||
|
|
||||||
|
$sql_client_select = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
|
||||||
|
while ($row = mysqli_fetch_array($sql_client_select)) {
|
||||||
|
$client_id_select = intval($row['client_id']);
|
||||||
|
$client_name_select = nullable_htmlentities($row['client_name']);
|
||||||
|
|
||||||
|
?>
|
||||||
|
<option <?php if (in_array($client_id_select, $client_access_array)) { echo "selected"; } ?> value="<?php echo $client_id_select; ?>"><?php echo $client_name_select; ?></option>
|
||||||
|
|
||||||
|
<?php } ?>
|
||||||
|
</select>
|
||||||
|
</div>
|
||||||
|
<small class="text-muted">Leave Blank for Full access to all clients, no affect on users with the admin role.</small>
|
||||||
|
</div>
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label>Avatar</label>
|
<label>Avatar</label>
|
||||||
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
|
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
|
||||||
|
|
|
||||||
|
|
@ -125,9 +125,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||||
$last_login = "$log_created_at<small class='text-secondary'><div class='mt-1'>$log_user_os</div><div class='mt-1'>$log_user_browser</div><div class='mt-1'><i class='fa fa-fw fa-globe'></i> $log_ip</div></small>";
|
$last_login = "$log_created_at<small class='text-secondary'><div class='mt-1'>$log_user_os</div><div class='mt-1'>$log_user_browser</div><div class='mt-1'><i class='fa fa-fw fa-globe'></i> $log_ip</div></small>";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get User Client Access Permissions
|
||||||
|
$user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_permissions WHERE user_id = $user_id");
|
||||||
|
$client_access_array = [];
|
||||||
|
while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
|
||||||
|
$client_access_array[] = intval($row['client_id']);
|
||||||
|
}
|
||||||
|
|
||||||
$sql_remember_tokens = mysqli_query($mysqli, "SELECT * FROM remember_tokens WHERE remember_token_user_id = $user_id");
|
$sql_remember_tokens = mysqli_query($mysqli, "SELECT * FROM remember_tokens WHERE remember_token_user_id = $user_id");
|
||||||
$remember_token_count = mysqli_num_rows($sql_remember_tokens);
|
$remember_token_count = mysqli_num_rows($sql_remember_tokens);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="text-center">
|
<td class="text-center">
|
||||||
|
|
|
||||||
|
|
@ -113,6 +113,15 @@ if (isset($_POST['edit_user'])) {
|
||||||
$user_id = intval($_POST['user_id']);
|
$user_id = intval($_POST['user_id']);
|
||||||
$new_password = trim($_POST['new_password']);
|
$new_password = trim($_POST['new_password']);
|
||||||
|
|
||||||
|
// Update Client Access
|
||||||
|
mysqli_query($mysqli,"DELETE FROM user_permissions WHERE user_id = $user_id");
|
||||||
|
if (!empty($_POST['clients'])) {
|
||||||
|
foreach($_POST['clients'] as $client_id) {
|
||||||
|
$client_id = intval($client_id);
|
||||||
|
mysqli_query($mysqli,"INSERT INTO user_permissions SET user_id = $user_id, client_id = $client_id");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Get current Avatar
|
// Get current Avatar
|
||||||
$sql = mysqli_query($mysqli, "SELECT user_avatar FROM users WHERE user_id = $user_id");
|
$sql = mysqli_query($mysqli, "SELECT user_avatar FROM users WHERE user_id = $user_id");
|
||||||
$row = mysqli_fetch_array($sql);
|
$row = mysqli_fetch_array($sql);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue