From 9199fc761629d6ab0f117415f1052ba160ec0297 Mon Sep 17 00:00:00 2001 From: "Ramón M. Gómez" Date: Wed, 23 May 2018 14:48:04 +0200 Subject: #708: Corregir error en verificación de administrdor de UO. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 1 + admin/WebConsole/rest/remotepc.php | 24 +++++------ admin/WebConsole/rest/server.php | 82 +++++++++++++++++++------------------- 3 files changed, 54 insertions(+), 53 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..485dee64 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.idea diff --git a/admin/WebConsole/rest/remotepc.php b/admin/WebConsole/rest/remotepc.php index 39224636..4bf7b6b5 100644 --- a/admin/WebConsole/rest/remotepc.php +++ b/admin/WebConsole/rest/remotepc.php @@ -81,7 +81,7 @@ $app->post('/ous/:ouid/images/:imageid/reserve(/)', 'validateApiKey', writeRemotepcLog($app->request()->getResourceUri(). ": Parameters: labid=$labid, maxtime=$maxtime"); // Choose older not-reserved client with image installed and get ogAdmServer data. $cmd->texto = <<Abrir()) return(false); // Error opening recordset. // Check if user is admin and client exists. $rs->Primero(); - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idordenador"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idordenador"])) { // Read query data. $serverip = $rs->campos["ipserveradm"]; $serverport = $rs->campos["portserveradm"]; @@ -290,13 +290,13 @@ $app->post('/ous/:ouid/labs/:labid/clients/:clntid/events', 'validateApiKey', writeRemotepcLog($app->request()->getResourceUri(). ": Parameters: urlLogin=$urlLogin, urlLogout=$urlLogout"); // Select client data for UDS compatibility. $cmd->texto = <<Abrir()) return(false); // Error opening recordset. // Check if user is admin and client exists. $rs->Primero(); - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idordenador"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idordenador"])) { // Check if client is reserved. if (! is_null($rs->campos["reserved"])) { // Updating DB if client is reserved. @@ -381,12 +381,12 @@ $app->post('/ous/:ouid/labs/:labid/clients/:clntid/session', 'validateApiKey', writeRemotepcLog($app->request()->getResourceUri(). ": Parameters: deadLine=$deadLine"); // Get client's data. $cmd->texto = <<Abrir()) return(false); // Error opening recordset. // Check if user is admin and client exists. $rs->Primero(); - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idordenador"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idordenador"])) { // Check if client is reserved. if (! is_null($rs->campos["urllogin"])) { // Read query data. @@ -479,13 +479,13 @@ $app->delete('/ous/:ouid/labs/:labid/clients/:clntid/unreserve', 'validateApiKey // Select client data for UDS compatibility. $cmd->texto = <<Abrir()) return(false); // Error opening recordset. // Check if user is admin and client exists. $rs->Primero(); - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idordenador"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idordenador"])) { // Check if client is reserved. if (! is_null($rs->campos["reserved"])) { // Read query data. diff --git a/admin/WebConsole/rest/server.php b/admin/WebConsole/rest/server.php index 258b0160..1721411d 100644 --- a/admin/WebConsole/rest/server.php +++ b/admin/WebConsole/rest/server.php @@ -90,12 +90,12 @@ function getStatus($ouid, $labid, $clntid=0) { // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and asset exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and (($single and checkParameter($rs->campos["idordenador"])) or (! $single and checkParameter($rs->campos["idaula"])))) { + if (checkAdmin($rs->campos["idusuario"]) and (($single and checkParameter($rs->campos["idordenador"])) or (! $single and checkParameter($rs->campos["idaula"])))) { // First, try to connect to ogAdmCleint service. $serverip = $rs->campos["ipserveradm"]; $serverport = $rs->campos["portserveradm"]; @@ -321,7 +321,7 @@ $app->get('/ous/:ouid(/)', 'validateApiKey', SELECT * FROM centros RIGHT JOIN administradores_centros USING(idcentro) - WHERE administradores_centros.idadministradorcentro = '$userid' + WHERE administradores_centros.idusuario = '$userid' AND centros.idcentro = '$ouid' LIMIT 1; EOD; @@ -329,7 +329,7 @@ EOD; $rs->Comando=&$cmd; if (!$rs->Abrir()) return(false); // Error oppening recordset. $rs->Primero(); - if (checkAdmin($rs->campos["idadministradorcentro"]) and + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idcentro"])) { $response['id'] = (int)$ouid; $response['name'] = $rs->campos["nombrecentro"]; @@ -353,10 +353,10 @@ $app->get('/ous/:ouid/groups(/)', 'validateApiKey', function($ouid) { $ouid = htmlspecialchars($ouid); // List group of labs if user is OU's admin. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin. - if (checkAdmin($rs->campos["idadministradorcentro"])) { + if (checkAdmin($rs->campos["idusuario"])) { $response = Array(); // Read data. if (! is_null($rs->campos["idcentro"])) { @@ -401,12 +401,12 @@ $app->get('/ous/:ouid/labs(/)', 'validateApiKey', $ouid = htmlspecialchars($ouid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error opening recordset. // Check if user is an UO admin. $rs->Primero(); - if (checkAdmin($rs->campos["idadministradorcentro"])) { + if (checkAdmin($rs->campos["idusuario"])) { $response = Array(); if (! is_null($rs->campos["idcentro"])) { while (!$rs->EOF) { @@ -478,11 +478,11 @@ $app->get('/ous/:ouid/labs/:labid(/)', 'validateApiKey', $labid = htmlspecialchars($labid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and lab exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idaula"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idaula"])) { $response['id'] = (int)$rs->campos["idaula"]; $response['name'] = $rs->campos["nombreaula"]; $response['location'] = $rs->campos["ubicacion"]; @@ -543,11 +543,11 @@ $app->get('/ous/:ouid/labs/:labid/clients(/)', 'validateApiKey', $labid = htmlspecialchars($labid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and lab exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["labid"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["labid"])) { $response = Array(); while (!$rs->EOF) { if (!is_null($rs->campos["idordenador"])) { @@ -604,12 +604,12 @@ $app->get('/ous/:ouid/labs/:labid/clients/:clntid(/)', 'validateApiKey', $clntid = htmlspecialchars($clntid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin, lab exists and client exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idaula"]) and checkParameter($rs->campos["idordenador"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idaula"]) and checkParameter($rs->campos["idordenador"])) { // Read data. $response['id'] = (int)$rs->campos["idordenador"]; $response['name'] = $rs->campos["nombreordenador"]; @@ -661,7 +661,7 @@ $app->get('/ous/:ouid/labs/:labid/clients/:clntid/hardware(/)', 'validateApiKey' $clntid = htmlspecialchars($clntid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and client exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idordenador"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idordenador"])) { // Read data. $response['id'] = (int)$rs->campos["idordenador"]; $response['name'] = $rs->campos["nombreordenador"]; @@ -717,7 +717,7 @@ $app->get('/ous/:ouid/labs/:labid/clients/:clntid/diskcfg(/)', 'validateApiKey', $clntid = htmlspecialchars($clntid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and client exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["clientid"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["clientid"])) { // Read data. $response['id'] = (int)$rs->campos["clientid"]; $response['name'] = $rs->campos["nombreordenador"]; @@ -815,10 +815,10 @@ $app->get('/ous/:ouid/repos(/)', 'validateApiKey', $ouid = htmlspecialchars($ouid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["ouid"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["ouid"])) { $response = Array(); while (!$rs->EOF) { if (! is_null($rs->campos["idcentro"])) { @@ -860,10 +860,10 @@ $app->get('/ous/:ouid/repos/:repoid(/)', 'validateApiKey', $repoid = htmlspecialchars($repoid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and repo exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idrepositorio"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idrepositorio"])) { // Read data. $response['id'] = (int)$rs->campos["idrepositorio"]; $response['name'] = $rs->campos["nombrerepositorio"]; @@ -899,10 +899,10 @@ $app->get('/ous/:ouid/images(/)', 'validateApiKey', $ouid = htmlspecialchars($ouid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["ouid"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["ouid"])) { $response = Array(); while (!$rs->EOF) { if (! is_null($rs->campos["idcentro"])) { @@ -944,12 +944,12 @@ $app->get('/ous/:ouid/images/:imgid(/)', 'validateApiKey', $imgid = htmlspecialchars($imgid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and repo exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idimagen"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idimagen"])) { // Read data. $response['id'] = (int)$rs->campos["idimagen"]; $response['name'] = $rs->campos["nombreca"]; @@ -1007,7 +1007,7 @@ EOD; $imgid = htmlspecialchars($imgid); // Database query. $cmd->texto = <<Abrir()) return(false); // Error oppening recordset. $rs->Primero(); // Check if user is an UO admin and repo exists. - if (checkAdmin($rs->campos["idadministradorcentro"]) and checkParameter($rs->campos["idimagen"])) { + if (checkAdmin($rs->campos["idusuario"]) and checkParameter($rs->campos["idimagen"])) { $response['id'] = (int)$rs->campos["idimagen"]; $response['name'] = $rs->campos["nombreca"]; if (is_null($rs->campos["nombreso"])) { -- cgit v1.2.3-18-g5258