diff options
author | Renato Botelho <renato@netgate.com> | 2016-12-30 09:48:38 -0200 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2016-12-30 09:48:38 -0200 |
commit | 8d379f23a5f33692eb21a36fa7e69b0e15b0f44a (patch) | |
tree | 4dd33a55e5d699e6fc6935e858bcb8a98f087d2b | |
parent | 631217f488c682ce4ffa8af5d0c54b03c016af46 (diff) | |
parent | 5280f021be09955252c42b6fe036424b69605dd4 (diff) | |
download | pfsense-8d379f23a5f33692eb21a36fa7e69b0e15b0f44a.zip pfsense-8d379f23a5f33692eb21a36fa7e69b0e15b0f44a.tar.gz |
Merge pull request #3322 from phil-davis/viewclearnotices
-rw-r--r-- | src/etc/inc/priv/user.priv.inc | 8 | ||||
-rw-r--r-- | src/usr/local/www/head.inc | 24 |
2 files changed, 28 insertions, 4 deletions
diff --git a/src/etc/inc/priv/user.priv.inc b/src/etc/inc/priv/user.priv.inc index 702754a..ff4a40c 100644 --- a/src/etc/inc/priv/user.priv.inc +++ b/src/etc/inc/priv/user.priv.inc @@ -38,6 +38,14 @@ $priv_list['user-config-readonly'] = array(); $priv_list['user-config-readonly']['name'] = gettext("User - Config: Deny Config Write"); $priv_list['user-config-readonly']['descr'] = gettext("If present, ignores requests from this user to write config.xml."); +$priv_list['user-view-notices'] = array(); +$priv_list['user-view-notices']['name'] = gettext("User - Notices: View"); +$priv_list['user-view-notices']['descr'] = gettext("This user can view system notices."); + +$priv_list['user-view-clear-notices'] = array(); +$priv_list['user-view-clear-notices']['name'] = gettext("User - Notices: View and Clear"); +$priv_list['user-view-clear-notices']['descr'] = gettext("This user can view and clear system notices."); + $priv_list['user-shell-access'] = array(); $priv_list['user-shell-access']['name'] = gettext("User - System: Shell account access"); $priv_list['user-shell-access']['descr'] = gettext("Indicates whether the user is able to login for example via SSH."); diff --git a/src/usr/local/www/head.inc b/src/usr/local/www/head.inc index 2d9365b..24bf835 100644 --- a/src/usr/local/www/head.inc +++ b/src/usr/local/www/head.inc @@ -418,6 +418,20 @@ $numColumns = $user_settings['webgui']['dashboardcolumns']; if (($pagename === "index.php") && ($numColumns > 2)) { $columnsContainer = 'style="max-width: ' . 585*$numColumns . 'px;width: 100%"'; } + +$display_notices = false; +$allow_clear_notices = false; + +if (are_notices_pending()) { + // Evaluate user privs to determine if notices should be displayed, and if the user can clear them. + $user_entry = getUserEntry($_SESSION['Username']); + if (userHasPrivilege($user_entry, "user-view-clear-notices") || userHasPrivilege($user_entry, "page-all")) { + $display_notices = true; + $allow_clear_notices = true; + } elseif (userHasPrivilege($user_entry, "user-view-notices")) { + $display_notices = true; + } +} ?> <body id="<?=$numColumns?>"> <nav id="topmenu" class="navbar navbar-<?=$menuclass?>-top navbar-inverse"> @@ -470,7 +484,7 @@ if (($pagename === "index.php") && ($numColumns > 2)) { endforeach?> </ul> <ul class="nav navbar-nav navbar-right"> - <?php if (are_notices_pending()):?> + <?php if ($display_notices):?> <?php $notices = get_notices()?> <li class="dropdown"> <a href="#" data-toggle="modal" data-target="#notices" role="button" aria-expanded="false"> @@ -631,7 +645,8 @@ if ($config['remote_managed_pages']['item']) { // Modal notices window // The notices modal needs to be outside of the page display div or things get messy -if (are_notices_pending()):?> +if ($display_notices): +?> <div id="notices" class="modal fade" role="dialog"> <div class="modal-dialog"> @@ -681,7 +696,7 @@ if (are_notices_pending()):?> <div class="modal-footer"> <button type="button" class="btn btn-info" data-dismiss="modal"><i class="fa fa-times icon-embed-btn"></i><?=gettext("Close")?></button> -<?php if (isAllowedPage("/index.php")):?> +<?php if ($allow_clear_notices && isAllowedPage("/index.php")):?> <button type="button" id="clearallnotices" class="btn btn-primary"><i class="fa fa-trash-o icon-embed-btn"></i><?=gettext("Mark All as Read")?></button> <?php endif;?> </div> @@ -709,7 +724,8 @@ if (are_notices_pending()):?> //]]> </script> -<?php endif; +<?php +endif; // ($display_notices) // Get the flash Messages get_flash_message(); |