From f79e4a81af6387db9e3163e36a41bda1901712dd Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Tue, 26 Feb 2019 17:15:52 -0800 Subject: [PATCH] Fixed user permissions on mobile site. --- views/default-min.handlebars | 2 +- views/default-mobile-min.handlebars | 2 +- views/default-mobile.handlebars | 22 +++++++++++++++++----- 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/views/default-min.handlebars b/views/default-min.handlebars index 94c01f96..0bd27d60 100644 --- a/views/default-min.handlebars +++ b/views/default-min.handlebars @@ -1 +1 @@ - MeshCentral
{{{title}}}
{{{title2}}}

{{{logoutControl}}}

 

\ No newline at end of file + MeshCentral
{{{title}}}
{{{title2}}}

{{{logoutControl}}}

 

\ No newline at end of file diff --git a/views/default-mobile-min.handlebars b/views/default-mobile-min.handlebars index 1477de47..1e36546c 100644 --- a/views/default-mobile-min.handlebars +++ b/views/default-mobile-min.handlebars @@ -1 +1 @@ - MeshCentral
{{{title}}}
{{{title2}}}
\ No newline at end of file + MeshCentral
{{{title}}}
{{{title2}}}
\ No newline at end of file diff --git a/views/default-mobile.handlebars b/views/default-mobile.handlebars index b5f2295e..077d9ca0 100644 --- a/views/default-mobile.handlebars +++ b/views/default-mobile.handlebars @@ -2885,7 +2885,7 @@ if (r == 0xFFFFFFFF) rights = 'Full Administrator'; else if (r == 0) rights = 'No Rights'; if ((i != userinfo._id) && (meshrights == 0xFFFFFFFF || (((meshrights & 2) != 0)))) { trash = ''; } x += ''; - x += '
' + trash + '
' + rights + '
 ' + sortedusers[i].name + '
'; + x += '
' + trash + '
' + rights + '
 ' + EscapeHtml(decodeURIComponent(sortedusers[i].name)) + '
'; x += ''; ++count; } @@ -2937,17 +2937,20 @@ function p20showAddMeshUserDialog() { if (xxdialogMode) return; var x = addHtmlValue('User', ''); - x += '
'; + x += '
'; x += 'Full Administrator
'; x += 'Edit Device Group
'; x += 'Manage Device Group Users
'; x += 'Manage Device Group Computers
'; x += 'Remote Control
'; + x += 'Remote View Only
'; + x += 'No Terminal Access
'; + x += 'No File Access
'; + x += 'No Intel® AMT
'; x += 'Mesh Agent Console
'; x += 'Server Files
'; x += 'Wake Devices
'; x += 'Edit Device Notes
'; - x += 'Remote View Only
'; x += '
'; setDialogMode(2, "Add User to Mesh", 3, p20showAddMeshUserDialogEx, x); p20validateAddMeshUserDialog(); @@ -2966,7 +2969,10 @@ QE('p20meshserverfiles', !Q('p20fulladmin').checked); QE('p20wakedevices', !Q('p20fulladmin').checked); QE('p20editnotes', !Q('p20fulladmin').checked); - QE('p20remoteview', !Q('p20fulladmin').checked); + QE('p20remoteview', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked); + QE('p20noterminal', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked); + QE('p20nofiles', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked); + QE('p20noamt', !Q('p20fulladmin').checked && Q('p20remotecontrol').checked); } function p20showAddMeshUserDialogEx() { @@ -2981,6 +2987,9 @@ if (Q('p20wakedevices').checked == true) meshadmin += 64; if (Q('p20editnotes').checked == true) meshadmin += 128; if (Q('p20remoteview').checked == true) meshadmin += 256; + if (Q('p20noterminal').checked == true) meshadmin += 512; + if (Q('p20nofiles').checked == true) meshadmin += 1024; + if (Q('p20noamt').checked == true) meshadmin += 2048; } meshserver.send({ action: 'addmeshuser', meshid: currentMesh._id, meshname: currentMesh.name, username: Q('dp20username').value, meshadmin: meshadmin }); } @@ -2999,10 +3008,13 @@ if ((meshrights & 64) != 0) r += ', Wake Devices'; if ((meshrights & 128) != 0) r += ', Edit Notes'; if ((meshrights & 256) != 0) r += ', Remote View Only'; + if ((meshrights & 512) != 0) r += ', No Terminal'; + if ((meshrights & 1024) != 0) r += ', No Files'; + if ((meshrights & 2048) != 0) r += ', No Intel® AMT'; } r = r.substring(2); if (r == '') { r = 'No Rights'; } - var buttons = 1, x = addHtmlValue('User', userid.split('/')[2]); + var buttons = 1, x = addHtmlValue('User', EscapeHtml(decodeURIComponent(userid.split('/')[2]))); x += addHtmlValue('Permissions', r); if ((('user/' + domain + '/' + userinfo.name.toLowerCase()) != userid) && (cmeshrights == 0xFFFFFFFF || (((cmeshrights & 2) != 0) && (meshrights != 0xFFFFFFFF)))) buttons += 4; setDialogMode(2, "Mesh User", buttons, p20viewuserEx, x, userid);