mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-23 21:55:52 -05:00
Added device group permissions.
This commit is contained in:
parent
1f3d95ebc7
commit
1202d90507
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "meshcentral",
|
||||
"version": "0.2.9-e",
|
||||
"version": "0.2.9-h",
|
||||
"keywords": [
|
||||
"Remote Management",
|
||||
"Intel AMT",
|
||||
|
@ -2730,9 +2730,14 @@
|
||||
var meshlinks = mesh.links['user/' + domain + '/' + userinfo.name.toLowerCase()];
|
||||
var meshrights = meshlinks.rights;
|
||||
var consoleRights = ((meshrights & 16) != 0);
|
||||
|
||||
// Check if we have terminal and file access
|
||||
var terminalAccess = ((meshrights == 0xFFFFFFFF) || ((meshrights & 512) == 0));
|
||||
var fileAccess = ((meshrights == 0xFFFFFFFF) || ((meshrights & 1024) == 0));
|
||||
|
||||
QV('cxdesktop', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 1) != 0) || (node.intelamt && (node.intelamt.state == 2))) && ((meshrights & 8) || (meshrights & 256)));
|
||||
QV('cxterminal', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 2) != 0) || (node.intelamt && (node.intelamt.state == 2))) && (meshrights & 8));
|
||||
QV('cxfiles', ((mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 4) != 0))) && (meshrights & 8));
|
||||
QV('cxterminal', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 2) != 0) || (node.intelamt && (node.intelamt.state == 2))) && (meshrights & 8) && terminalAccess);
|
||||
QV('cxfiles', ((mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 4) != 0))) && (meshrights & 8) && fileAccess);
|
||||
QV('cxevents', (node.intelamt != null) && ((node.intelamt.state == 2) || (node.conn & 2)) && (meshrights & 8));
|
||||
QV('cxconsole', (consoleRights && (mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 8) != 0))) && (meshrights & 8));
|
||||
|
||||
@ -3575,9 +3580,14 @@
|
||||
Q('MainComputerImage').setAttribute("src", "images/icons200-" + node.icon + "-1.jpg");
|
||||
Q('MainComputerImage').className = ((!node.conn) || (node.conn == 0)?'gray':'');
|
||||
|
||||
// Check if we have terminal and file access
|
||||
var terminalAccess = ((meshrights == 0xFFFFFFFF) || ((meshrights & 512) == 0));
|
||||
var fileAccess = ((meshrights == 0xFFFFFFFF) || ((meshrights & 1024) == 0));
|
||||
var amtAccess = ((meshrights == 0xFFFFFFFF) || ((meshrights & 2048) == 0));
|
||||
|
||||
// Setup/Refresh the desktop tab
|
||||
setupTerminal();
|
||||
setupFiles();
|
||||
if (terminalAccess) { setupTerminal(); }
|
||||
if (fileAccess) { setupFiles(); }
|
||||
var consoleRights = ((meshrights & 16) != 0);
|
||||
if (consoleRights) { setupConsole(); } else { if (panel == 15) { panel = 10; } }
|
||||
|
||||
@ -3585,9 +3595,9 @@
|
||||
// mesh.mtype: 1 = Intel AMT only, 2 = Mesh Agent
|
||||
// node.agent.caps (bitmask): 1 = Desktop, 2 = Terminal, 4 = Files, 8 = Console
|
||||
QV('MainDevDesktop', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 1) != 0) || (node.intelamt && (node.intelamt.state == 2))) && ((meshrights & 8) || (meshrights & 256)));
|
||||
QV('MainDevTerminal', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 2) != 0) || (node.intelamt && (node.intelamt.state == 2))) && (meshrights & 8));
|
||||
QV('MainDevFiles', ((mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 4) != 0))) && (meshrights & 8));
|
||||
QV('MainDevAmt', (node.intelamt != null) && ((node.intelamt.state == 2) || (node.conn & 2)) && (meshrights & 8));
|
||||
QV('MainDevTerminal', ((mesh.mtype == 1) || (node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 2) != 0) || (node.intelamt && (node.intelamt.state == 2))) && (meshrights & 8) && terminalAccess);
|
||||
QV('MainDevFiles', ((mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 4) != 0))) && (meshrights & 8) && fileAccess);
|
||||
QV('MainDevAmt', (node.intelamt != null) && ((node.intelamt.state == 2) || (node.conn & 2)) && (meshrights & 8) && amtAccess);
|
||||
QV('MainDevConsole', (consoleRights && (mesh.mtype == 2) && ((node.agent == null) || (node.agent.caps == null) || ((node.agent.caps & 8) != 0))) && (meshrights & 8));
|
||||
QV('p15uploadCore', (node.agent != null) && (node.agent.caps != null) && ((node.agent.caps & 16) != 0));
|
||||
QH('p15coreName', ((node.agent != null) && (node.agent.core != null))?node.agent.core:'');
|
||||
@ -5813,7 +5823,7 @@
|
||||
var trash = '', rights = 'Partial Rights', r = sortedusers[i].rights;
|
||||
if (r == 0xFFFFFFFF) rights = 'Full Administrator'; else if (r == 0) rights = 'No Rights';
|
||||
if ((i != userinfo._id) && (meshrights == 0xFFFFFFFF || (((meshrights & 2) != 0)))) { trash = '<a onclick=p20deleteUser(event,"' + encodeURIComponent(sortedusers[i].id) + '") title="Remote user rights to this mesh" style=cursor:pointer><img src=images/trash.png border=0 height=10 width=10></a>'; }
|
||||
x += '<tr onclick=p20viewuser("' + encodeURIComponent(sortedusers[i].id) + '") style=cursor:pointer' + (((count % 2) == 0)?';background-color:#DDD':'') + '><td><div title="User" class=m2></div><div> ' + sortedusers[i].name + '<div></div></div></td><td><div style=float:right>' + trash + '</div><div>' + rights + '</div></td></tr>';
|
||||
x += '<tr onclick=p20viewuser("' + encodeURIComponent(sortedusers[i].id) + '") style=cursor:pointer' + (((count % 2) == 0) ? ';background-color:#DDD' : '') + '><td><div title="User" class=m2></div><div> ' + EscapeHtml(decodeURIComponent(sortedusers[i].name)) + '<div></div></div></td><td><div style=float:right>' + trash + '</div><div>' + rights + '</div></td></tr>';
|
||||
++count;
|
||||
}
|
||||
|
||||
@ -5921,17 +5931,20 @@
|
||||
if (xxdialogMode) return;
|
||||
var x = "Allow a user to manage this device group and devices in this group<br /><br />";
|
||||
x += addHtmlValue('User Name', '<input id=dp20username style=width:230px maxlength=32 onchange=p20validateAddMeshUserDialog() onkeyup=p20validateAddMeshUserDialog() />');
|
||||
x += '<br><div>';
|
||||
x += '<br><div style="height:120px;overflow-y:scroll;border:1px solid gray">';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20fulladmin>Full Administrator<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20editmesh>Edit Device Group<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20manageusers>Manage Device Group Users<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20managecomputers>Manage Device Group Computers<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20remotecontrol>Remote Control<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20remoteview style=margin-left:12px>Remote View Only<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20noterminal style=margin-left:12px>No Terminal Access<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20nofiles style=margin-left:12px>No File Access<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20noamt style=margin-left:12px>No Intel® AMT<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20meshagentconsole>Mesh Agent Console<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20meshserverfiles>Server Files<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20wakedevices>Wake Devices<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20editnotes>Edit Device Notes<br>';
|
||||
x += '<input type=checkbox onchange=p20validateAddMeshUserDialog() id=p20remoteview>Remote View Only<br>';
|
||||
x += '</div>';
|
||||
setDialogMode(2, "Add User to Device Group", 3, p20showAddMeshUserDialogEx, x);
|
||||
p20validateAddMeshUserDialog();
|
||||
@ -5950,7 +5963,10 @@
|
||||
QE('p20meshserverfiles', !Q('p20fulladmin').checked);
|
||||
QE('p20wakedevices', !Q('p20fulladmin').checked);
|
||||
QE('p20editnotes', !Q('p20fulladmin').checked);
|
||||
QE('p20remoteview', !Q('p20fulladmin').checked);
|
||||
QE('p20remoteview', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked);
|
||||
QE('p20noterminal', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked);
|
||||
QE('p20nofiles', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked);
|
||||
QE('p20noamt', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked);
|
||||
}
|
||||
|
||||
function p20showAddMeshUserDialogEx() {
|
||||
@ -5965,6 +5981,9 @@
|
||||
if (Q('p20wakedevices').checked == true) meshadmin += 64;
|
||||
if (Q('p20editnotes').checked == true) meshadmin += 128;
|
||||
if (Q('p20remoteview').checked == true) meshadmin += 256;
|
||||
if (Q('p20noterminal').checked == true) meshadmin += 512;
|
||||
if (Q('p20nofiles').checked == true) meshadmin += 1024;
|
||||
if (Q('p20noamt').checked == true) meshadmin += 2048;
|
||||
}
|
||||
meshserver.send({ action: 'addmeshuser', meshid: currentMesh._id, meshname: currentMesh.name, username: Q('dp20username').value , meshadmin: meshadmin});
|
||||
}
|
||||
@ -5974,19 +5993,22 @@
|
||||
userid = decodeURIComponent(userid);
|
||||
var r = '', cmeshrights = currentMesh.links['user/' + domain + '/' + userinfo.name.toLowerCase()].rights, meshrights = currentMesh.links[userid].rights;
|
||||
if (meshrights == 0xFFFFFFFF) r = ', Full Administrator (all rights)'; else {
|
||||
if ((meshrights & 1) != 0) r += ', Edit Device Group';
|
||||
if ((meshrights & 2) != 0) r += ', Manage Device Group Users';
|
||||
if ((meshrights & 4) != 0) r += ', Manage Device Group Computers';
|
||||
if ((meshrights & 8) != 0) r += ', Remote Control';
|
||||
if ((meshrights & 16) != 0) r += ', Agent Console';
|
||||
if ((meshrights & 32) != 0) r += ', Server Files';
|
||||
if ((meshrights & 64) != 0) r += ', Wake Devices';
|
||||
if ((meshrights & 128) != 0) r += ', Edit Notes';
|
||||
if ((meshrights & 256) != 0) r += ', Remote View Only';
|
||||
if ((meshrights & 1) != 0) r += ', Edit Device Group';
|
||||
if ((meshrights & 2) != 0) r += ', Manage Device Group Users';
|
||||
if ((meshrights & 4) != 0) r += ', Manage Device Group Computers';
|
||||
if ((meshrights & 8) != 0) r += ', Remote Control';
|
||||
if ((meshrights & 16) != 0) r += ', Agent Console';
|
||||
if ((meshrights & 32) != 0) r += ', Server Files';
|
||||
if ((meshrights & 64) != 0) r += ', Wake Devices';
|
||||
if ((meshrights & 128) != 0) r += ', Edit Notes';
|
||||
if ((meshrights & 256) != 0) r += ', Remote View Only';
|
||||
if ((meshrights & 512) != 0) r += ', No Terminal';
|
||||
if ((meshrights & 1024) != 0) r += ', No Files';
|
||||
if ((meshrights & 2048) != 0) r += ', No Intel® AMT';
|
||||
}
|
||||
r = r.substring(2);
|
||||
if (r == '') { r = 'No Rights'; }
|
||||
var buttons = 1, x = addHtmlValue('User Name', userid.split('/')[2]);
|
||||
var buttons = 1, x = addHtmlValue('User Name', EscapeHtml(decodeURIComponent(userid.split('/')[2])));
|
||||
x += addHtmlValue('Permissions', r);
|
||||
if ((('user/' + domain + '/' + userinfo.name.toLowerCase()) != userid) && (cmeshrights == 0xFFFFFFFF || (((cmeshrights & 2) != 0) && (meshrights != 0xFFFFFFFF)))) buttons += 4;
|
||||
setDialogMode(2, "Device Group User", buttons, p20viewuserEx, x, userid);
|
||||
|
Loading…
Reference in New Issue
Block a user