fix: filtrar servidores por usuario/equipo según rol
- Server::getAccessibleServerIds(): super_admin ve todos los servidores; admin y operator solo ven propios, asignados directos o por equipo - DashboardController: unifica lógica usando getAccessibleServerIds() - ServerController::metrics(): agrega control de acceso requireServerAccess() - ApiController::status(): filtra estadísticas por servidores accesibles - Android: bump versionCode 9, versionName 1.7.0
This commit is contained in:
@@ -12,8 +12,8 @@ android {
|
||||
applicationId = "com.devlab.app"
|
||||
minSdk = 26
|
||||
targetSdk = 37
|
||||
versionCode = 8
|
||||
versionName = "1.6.1"
|
||||
versionCode = 9
|
||||
versionName = "1.7.0"
|
||||
}
|
||||
|
||||
buildTypes {
|
||||
|
||||
@@ -48,10 +48,13 @@ class ApiController
|
||||
|
||||
public function status(): void
|
||||
{
|
||||
$this->authenticateRequest();
|
||||
$user = $this->authenticateRequest();
|
||||
|
||||
$serverModel = new Server();
|
||||
$accessibleIds = $serverModel->getAccessibleServerIds((int) $user['id']);
|
||||
|
||||
$monitoringService = new MonitoringService();
|
||||
$stats = $monitoringService->getDashboardStats();
|
||||
$stats = $monitoringService->getDashboardStats($accessibleIds);
|
||||
|
||||
$this->view->json([
|
||||
'success' => true,
|
||||
|
||||
@@ -25,20 +25,14 @@ class DashboardController
|
||||
|
||||
public function index(): void
|
||||
{
|
||||
$role = Session::get('user_role');
|
||||
$serverModel = new Server();
|
||||
$userId = (int) Session::get('user_id');
|
||||
|
||||
if ($role === 'super_admin') {
|
||||
$stats = $this->monitoringService->getDashboardStats();
|
||||
$servers = $serverModel->findAll(true);
|
||||
} else {
|
||||
$accessibleIds = $serverModel->getAccessibleServerIds($userId);
|
||||
$stats = $this->monitoringService->getDashboardStats($accessibleIds);
|
||||
$servers = !empty($accessibleIds) ? array_values(array_filter($serverModel->findAll(true), function ($s) use ($accessibleIds) {
|
||||
return in_array((int) $s['id'], $accessibleIds, true);
|
||||
})) : [];
|
||||
}
|
||||
|
||||
$recentActivity = $this->auditService->getRecentActivity(10, $userId);
|
||||
|
||||
@@ -52,15 +46,9 @@ class DashboardController
|
||||
|
||||
public function stats(): void
|
||||
{
|
||||
$role = Session::get('user_role');
|
||||
|
||||
if ($role === 'super_admin') {
|
||||
$stats = $this->monitoringService->getDashboardStats();
|
||||
} else {
|
||||
$serverModel = new Server();
|
||||
$accessibleIds = $serverModel->getAccessibleServerIds((int) Session::get('user_id'));
|
||||
$stats = $this->monitoringService->getDashboardStats($accessibleIds);
|
||||
}
|
||||
|
||||
$this->view->json([
|
||||
'success' => true,
|
||||
|
||||
@@ -1786,6 +1786,8 @@ class ServerController
|
||||
|
||||
public function metrics(int $id): void
|
||||
{
|
||||
$server = $this->requireServerAccess($id, 'viewer');
|
||||
|
||||
$monitoringService = new MonitoringService();
|
||||
$metrics = $monitoringService->getLatestMetrics($id);
|
||||
|
||||
|
||||
@@ -249,6 +249,22 @@ class Server
|
||||
|
||||
public function getAccessibleServerIds(int $userId): array
|
||||
{
|
||||
$user = $this->db->fetch(
|
||||
'SELECT role FROM users WHERE id = ? AND status = \'active\'',
|
||||
[$userId]
|
||||
);
|
||||
|
||||
if (!$user) {
|
||||
return [];
|
||||
}
|
||||
|
||||
if ($user['role'] === 'super_admin') {
|
||||
$all = $this->db->fetchAll(
|
||||
'SELECT id FROM servers WHERE status = \'active\''
|
||||
);
|
||||
return array_map(fn($r) => (int) $r['id'], $all);
|
||||
}
|
||||
|
||||
$owned = $this->db->fetchAll(
|
||||
'SELECT id FROM servers WHERE created_by = ? AND status = \'active\'',
|
||||
[$userId]
|
||||
|
||||
Reference in New Issue
Block a user