Page 1 of 1
Disabled Category still showing for limited access user
Posted: Tue Nov 15, 2011 12:19 am
by kilimats
I've disabled a category for a non admin user, He do not see those category tickets in his profile (which is good) but can select that hidden category when making a new ticket, is this a bug or am i missing something ?
Re: Disabled Category still showing for limited access user
Posted: Tue Nov 15, 2011 4:19 pm
by Klemen
Like Microsoft would say - it's not a bug, it's a feature
Actually this is normal because usually even if a staff member doesn't have access to a category, he/she should be able to for example enter or move tickets to more appropriate category.
But I see your point, will consider adding a permission to disallow this.
Re: Disabled Category still showing for limited access user
Posted: Wed Apr 25, 2012 7:48 pm
by steve
Does anybody have any idea how to make a quick hack to only show categories the logged in user has permission to view?
Re: Disabled Category still showing for limited access user
Posted: Thu Apr 26, 2012 5:25 am
by Klemen
Find the SQL code that gets category list in the file you are editing and check each category with the hesk_okCategory() function.
For example in admin_ticket.php this would probably work (didn't test it): change
Code: Select all
$categories_options='';
while ($row=hesk_dbFetchAssoc($result))
to
Code: Select all
$categories_options='';
while ($row=hesk_dbFetchAssoc($result) && hesk_okCategory($row['id'], 0) )
Re: Disabled Category still showing for limited access user
Posted: Thu Apr 26, 2012 3:35 pm
by steve
That did seam to work, when this code is used the category drop down box does not have any data.
Here was my mod (admin/new_ticket.php)
Code: Select all
<?php
if (!empty($_GET['catid']))
{
$_SESSION['as_category'] = intval($_GET['catid']);
}
$sql = 'SELECT * FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'categories` ORDER BY `cat_order` ASC';
$result = hesk_dbQuery($sql);
while ($row=hesk_dbFetchAssoc($result) && hesk_okCategory($row['id'], 0) )
{
if (isset($_SESSION['as_category']) && $_SESSION['as_category'] == $row['id']) {$selected = ' selected="selected"';}
else {$selected = '';}
echo '<option value="'.$row['id'].'"'.$selected.'>'.$row['name'].'</option>';
}
?>
Re: Disabled Category still showing for limited access user
Posted: Thu Apr 26, 2012 6:07 pm
by Klemen
No, sorry, after thinking about it it's wrong code, obviously
Instead of that rather add this to inside the while loop, after {
Code: Select all
if ( ! hesk_okCategory($row['id'], 0) ) {continue;}
Re: Disabled Category still showing for limited access user
Posted: Thu Apr 26, 2012 9:51 pm
by steve
Perfect! Thanks Klemen
Re: Disabled Category still showing for limited access user
Posted: Thu May 24, 2012 10:10 am
by Goue1
Where do you add your mod in /admin/new_ticket.php ?
I'm noob in php coding..
EDIT: sorry for my mistake I find where put it!
Thanks for your job!