search

meeting-room-booking-system / mrbs-code

MRBS application code
Other
127 stars 62 forks source link

super user #2855

Open jberanek opened 4 years ago

jberanek commented 4 years ago

hi , how to add a superuser who can delete or alter bookings. However the superusershouldn't be able to configure the rooms and users. shivakumar

Reported by: *anonymous

Original Ticket: mrbs/support-requests/2162

jberanek commented 4 years ago

Modify is_book_admin() in mrbs_auth.inc.

Original comment by: campbell-m

jberanek commented 4 years ago

Can you help me please, what string text i should add oder delete at mrbs_auth.inc to get a "superuser" which only can delete, accept etc. bookings but have no access to user or room configuration?

THX in Advance

Original comment by: *anonymous

jberanek commented 4 years ago

Which version of MRBS are you using?

Original comment by: campbell-m

jberanek commented 4 years ago

1.9.1

Original comment by: *anonymous

jberanek commented 4 years ago

upgraded to 1.9.2

Original comment by: *anonymous

jberanek commented 4 years ago

If you're using 1.9.2 then you need to edit mrbs_auth.inc and change the last line (line 407) of is_book_admin() from

  return (isset($mrbs_user) && ($mrbs_user->level >= 2));

to

  return (isset($mrbs_user) && (($mrbs_user->level >= 2) || (strcasecmp('fred', $mrbs_user->username) === 0)));

where 'fred' is the username of the user that you want to give booking admin rights to.

Original comment by: campbell-m

jberanek commented 4 years ago

thx it worked, i tried to add a second user and copy and paste your line twice while changing the user name of course. it worked also

thx

Original comment by: *anonymous

jberanek commented 4 years ago

I'm not sure that copying and pasting the line twice will work. Can you post your code here?

Original comment by: campbell-m

jberanek commented 4 years ago

i tried it also twice and it seems to work for me? Here is the code:

$mrbs_user = session()->getCurrentUser();

return (isset($mrbs_user) && ($mrbs_user->level >= 2) || (strcasecmp('XXXX', $mrbs_user->username) === 0)); return (isset($mrbs_user) && ($mrbs_user->level >= 2) || (strcasecmp('XXX', $mrbs_user->username) === 0));

Original comment by: haymaker6

jberanek commented 4 years ago

The second return statement will never be reached. I see now that there's a bracket missing from the end of my earlier post - I'll edit it in a moment. In your code you have presumably met a syntax error in my code which you have corrected by removing a bracket from the middle of the statement rather than adding it at the end. Perhaps that is why it appeared to work.

Anyway the code you want is:

  return (isset($mrbs_user) && (($mrbs_user->level >= 2) ||
          in_array(utf8_strtolower($mrbs_user->username), array('xxx', 'xxxx'))));

Make sure that 'xxx' and 'xxxx' are in lower case. You can add as many usernames as you like to that array.

Original comment by: campbell-m

jberanek commented 4 years ago

Every dog has his day :-)

Original comment by: haymaker6

jberanek commented 4 years ago

But anyways it works either, i still have the problem that the "Area-Superuser" (from Area 2) still can approve bookings from Area 1, but i will post my code in the other post ticket #2206

Original comment by: haymaker6