Enforce Credential Permissions on contact, asset details both full page and modals

2026-05-06 03:07:48 +00:00 · 2026-05-04 15:30:33 -04:00
parent 67f9f9ec76
commit a7c4136d60
5 changed files with 17 additions and 9 deletions
--- a/agent/asset_details.php
+++ b/agent/asset_details.php
@@ -615,6 +615,8 @@ if (isset($_GET['asset_id'])) {
                    </form>
                </div>

+                <?php if (lookupUserPermission('module_credential')) { // Begin Credential Enforcement ?>
+
                <div class="card card-dark <?php if ($credential_count == 0) { echo "d-none"; } ?>">
                    <div class="card-header">
                        <h3 class="card-title"><i class="fa fa-fw fa-key mr-2"></i>Credentials</h3>
@@ -744,6 +746,8 @@ if (isset($_GET['asset_id'])) {
                    </div>
                </div>

+                <?php } // End Credential Enforcement ?>
+
                <div class="card card-dark <?php if ($software_count == 0) { echo "d-none"; } ?>">
                    <div class="card-header py-2">
                        <h3 class="card-title mt-2"><i class="fa fa-fw fa-cube mr-2"></i>Licenses</h3>
--- a/agent/client_overview.php
+++ b/agent/client_overview.php
@@ -349,10 +349,7 @@ $sql_asset_retired = mysqli_query(

    <?php } ?>

-    <?php
-    // Credential Permission check
-    if (lookupUserPermission('module_credential')) {
-    if (mysqli_num_rows($sql_favorite_credentials) > 0) { ?>
+    <?php if ((mysqli_num_rows($sql_favorite_credentials) > 0) && (lookupUserPermission('module_credential'))) { ?>

    <div class="col-md-4">

@@ -414,7 +411,7 @@ $sql_asset_retired = mysqli_query(

    </div>

-    <?php }  } ?>
+    <?php } ?>

    <?php if (mysqli_num_rows($sql_shared_items) > 0) { ?>

--- a/agent/contact_details.php
+++ b/agent/contact_details.php
@@ -507,6 +507,8 @@ if (isset($_GET['contact_id'])) {
                </div>
            </div>

+            <?php if (lookupUserPermission('module_credential')) { // Begin Credential Enforcement ?>
+
            <div class="card card-dark <?php if ($credential_count == 0) { echo "d-none"; } ?>">
                <div class="card-header py-2">
                    <h3 class="card-title mt-2"><i class="fa fa-fw fa-key mr-2"></i>Credentials</h3>
@@ -644,6 +646,8 @@ if (isset($_GET['contact_id'])) {
                </div>
            </div>

+            <?php } // End Credential Enforcement ?>
+
            <div class="card card-dark <?php if ($software_count == 0) { echo "d-none"; } ?>">
                <div class="card-header py-2">
                    <h3 class="card-title mt-2"><i class="fa fa-fw fa-cube mr-2"></i>Related Licenses</h3>
--- a/agent/modals/asset/asset_details.php
+++ b/agent/modals/asset/asset_details.php
@@ -495,7 +495,7 @@ ob_start();
        </div>
        <?php } ?>

-        <?php if ($credential_count) { ?>
+        <?php if (lookupUserPermission('module_credential') && ($credential_count)) { ?>
        <div class="tab-pane fade" id="pills-asset-credentials">
            <div class="table-responsive-sm-sm">
                <table class="table table-sm table-striped table-borderless table-hover">
--- a/agent/modals/contact/contact_details.php
+++ b/agent/modals/contact/contact_details.php
@@ -334,7 +334,8 @@ ob_start();
                        </a>
                    <?php } ?>

-                    <?php if ($credential_count) { ?>
+                    <?php
+                    if (lookupUserPermission('module_credential') && ($credential_count)) { ?>
                        <a class="nav-link <?= ($first_tab === "credentials") ? "active" : "" ?>"
                           data-toggle="pill"
                           href="#pills-contact-credentials<?= $contact_id ?>"
@@ -519,7 +520,7 @@ ob_start();
                </div>
                <?php } ?>

-                <?php if ($credential_count) { ?>
+                <?php if (lookupUserPermission('module_credential') && ($credential_count)) { ?>
                <div class="tab-pane fade <?= ($first_tab === "credentials") ? "show active" : "" ?>" id="pills-contact-credentials<?= $contact_id ?>">
                    <div class="table-responsive-sm">
                        <table class="table table-striped table-borderless table-hover table-sm dataTables" style="width:100%">
@@ -664,7 +665,9 @@ ob_start();
                        </table>
                    </div>
                </div>
-                <?php } ?>
+                <?php }
+                    } // End Cred Enforcement
+                ?>

                <?php if ($recurring_ticket_count) { ?>
                <div class="tab-pane fade <?= ($first_tab === "recurring") ? "show active" : "" ?>" id="pills-contact-recurring-tickets<?= $contact_id ?>">