disable options on the mailbox / domain view when user has no permission to interact with them

2017-11-01 19:22:13 +01:00 · 2017-11-01 19:22:13 +01:00 · 4d8995f14a
parent 364338408b
commit 4d8995f14a
1 changed files with 186 additions and 184 deletions
--- a/data/web/mailbox.php
+++ b/data/web/mailbox.php
@ -38,10 +38,12 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
                                <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="domain" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
                                <a class="btn btn-sm btn-default dropdown-toggle" data-toggle="dropdown" href="#"><?=$lang['mailbox']['quick_actions'];?> <span class="caret"></span></a>
                                <ul class="dropdown-menu">
+                                    <? if($_SESSION['mailcow_cc_role'] == "admin"): ?>
                                        <li><a id="edit_selected" data-id="domain" data-api-url='edit/domain' data-api-attr='{"active":"1"}' href="#"><?=$lang['mailbox']['activate'];?></a></li>
                                        <li><a id="edit_selected" data-id="domain" data-api-url='edit/domain' data-api-attr='{"active":"0"}' href="#"><?=$lang['mailbox']['deactivate'];?></a></li>
                                        <li role="separator" class="divider"></li>
                                        <li><a id="delete_selected" data-id="domain" data-api-url='delete/domain' href="#"><?=$lang['mailbox']['remove'];?></a></li>
+                                    <? endif; ?>
                                </ul>
                                <a class="btn btn-sm btn-success" href="#" data-toggle="modal" data-target="#addDomainModal"><span class="glyphicon glyphicon-plus"></span> <?=$lang['mailbox']['add_domain'];?></a>
                            </div>
@ -174,26 +176,26 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
                </div> <!-- /tab-content -->
            </div> <!-- /col-md-12 -->
        </div> <!-- /row -->
-</div> <!-- /container -->
-<?php
-require_once $_SERVER['DOCUMENT_ROOT'] . '/modals/mailbox.php';
-?>
-<script type='text/javascript'>
-<?php
-$lang_mailbox = json_encode($lang['mailbox']);
-echo "var lang = ". $lang_mailbox . ";\n";
-echo "var csrf_token = '". $_SESSION['CSRF']['TOKEN'] . "';\n";
-$role = ($_SESSION['mailcow_cc_role'] == "admin") ? 'admin' : 'domainadmin';
-echo "var role = '". $role . "';\n";
-echo "var pagination_size = '". $PAGINATION_SIZE . "';\n";
-?>
-</script>
-<script src="js/footable.min.js"></script>
-<script src="js/mailbox.js"></script>
-<?php
-require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
-} else {
+    </div> <!-- /container -->
+    <?php
+    require_once $_SERVER['DOCUMENT_ROOT'] . '/modals/mailbox.php';
+    ?>
+    <script type='text/javascript'>
+        <?php
+        $lang_mailbox = json_encode($lang['mailbox']);
+        echo "var lang = ". $lang_mailbox . ";\n";
+        echo "var csrf_token = '". $_SESSION['CSRF']['TOKEN'] . "';\n";
+        $role = ($_SESSION['mailcow_cc_role'] == "admin") ? 'admin' : 'domainadmin';
+        echo "var role = '". $role . "';\n";
+        echo "var pagination_size = '". $PAGINATION_SIZE . "';\n";
+        ?>
+    </script>
+    <script src="js/footable.min.js"></script>
+    <script src="js/mailbox.js"></script>
+    <?php
+    require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
+    } else {
        header('Location: /');
        exit();
-}
-?>
+    }
+    ?>