For information:
I have found an anomaly with the conference center rooms listing (FusionPBX 4.4.1). I’m not going to say it’s a bug, it just doesn’t fit with the way we want our users to manage their conference rooms.
In the group permissions, if I allow “conference_room_edit” but don’t allow any of the other permissions like “conference_room_record”, when the user edits their conference room all they are allowed to do is change the PIN numbers.
BUT. In the room listing there are links to toggle true and false on items like record and these still edit the relevant item irrespective of the permissions the user has. This appears to be because these links call /app/conference_centers/conference_rooms.php not /app/conference_centers/conference_room_edit.php where these permissions are enforced.
To fix this for me I have changed the code in /app/conference_centers/conference_rooms.php to test for the permissions, below is just a before and after example for the record permission:
Before.
After.
I hope this is helpful.
Kind regards,
Adrian.
I have found an anomaly with the conference center rooms listing (FusionPBX 4.4.1). I’m not going to say it’s a bug, it just doesn’t fit with the way we want our users to manage their conference rooms.
In the group permissions, if I allow “conference_room_edit” but don’t allow any of the other permissions like “conference_room_record”, when the user edits their conference room all they are allowed to do is change the PIN numbers.
BUT. In the room listing there are links to toggle true and false on items like record and these still edit the relevant item irrespective of the permissions the user has. This appears to be because these links call /app/conference_centers/conference_rooms.php not /app/conference_centers/conference_room_edit.php where these permissions are enforced.
To fix this for me I have changed the code in /app/conference_centers/conference_rooms.php to test for the permissions, below is just a before and after example for the record permission:
Before.
Code:
echo " <td valign='middle' class='".$row_style[$c]."'>";
if ($row['record'] == "true") {
echo " <a href=\"?conference_room_uuid=".escape($row['conference_room_uuid'])."&record=false&meeting_uuid=".escape($meeting_uuid)."\">".$text['label-true']."</a>";
}
else {
echo " <a href=\"?conference_room_uuid=".escape($row['conference_room_uuid'])."&record=true&meeting_uuid=".escape($meeting_uuid)."\">".$text['label-false']."</a>";
}
echo " \n";
echo " </td>\n";After.
Code:
echo " <td valign='middle' class='".$row_style[$c]."'>";
if ($row['record'] == "true") {
if (permission_exists('conference_room_record')) {
echo " <a href=\"?conference_room_uuid=".escape($row['conference_room_uuid'])."&record=false&meeting_uuid=".escape($meeting_uuid)."\">".$text['label-true']."</a>";
} else {
echo " ".$text['label-true'];
}
}
else {
if (permission_exists('conference_room_record')) {
echo " <a href=\"?conference_room_uuid=".escape($row['conference_room_uuid'])."&record=true&meeting_uuid=".escape($meeting_uuid)."\">".$text['label-false']."</a>";
} else {
echo " ".$text['label-false'];
}
}
echo " \n";
echo " </td>\n";I hope this is helpful.
Kind regards,
Adrian.