use permissions for settings for admin login #614

RELEASENOTES.md

@@ -1,5 +1,8 @@
 # Release Notes
 
+### 4.1.1 (UNRELEASED)
+* Use the current logged-in users' settings for the Admin Portal.  This suppresses the Twilio error for Zonal Yap Servers for service bodies. [#614]
+
 ### 4.1.0 (August 6, 2022)
 * Added date picker for reports. [#574]
 * Added support for downloading the list of volunteers for a given service body. [#595]

legacy/_includes/functions.php

@@ -18,7 +18,7 @@
 require_once 'migrations.php';
 require_once 'queries.php';
 require_once 'logging.php';
-$GLOBALS['version']  = "4.1.0";
+$GLOBALS['version']  = "4.1.1";
 $GLOBALS['settings_allowlist'] = [
     'announce_servicebody_volunteer_routing' => [ 'description' => '' , 'default' => false, 'overridable' => true, 'hidden' => false],
     'blocklist' => [ 'description' => 'Allows for blocking a specific list of phone numbers https://github.com/bmlt-enabled/yap/wiki/Blocklist' , 'default' => '', 'overridable' => true, 'hidden' => false],

legacy/_includes/session.php

@@ -1,39 +1,44 @@
-<?php
-if (!isset($_SESSION['override_service_body_id'])) {
-    $service_body_id = 0;
-    if (isset($_REQUEST["service_body_id"]) || isset($_REQUEST["override_service_body_id"])) {
-        $service_body_id = isset($_REQUEST["service_body_id"]) ? $_REQUEST["service_body_id"] : $_REQUEST["override_service_body_id"];
-    } else if (isset($_REQUEST["override_service_body_config_id"])) {
-        $service_body_id = $_REQUEST["override_service_body_config_id"];
-    }
+ <?php
+ function setConfigForService($service_body_id)
+ {
+     if (intval($service_body_id) > 0) {
+         $service_body_config = getServiceBodyConfig($service_body_id);
 
-    if ($service_body_id > 0) {
-        $service_body_config = getServiceBodyConfig($service_body_id);
+         if (isset($service_body_config)) {
+             foreach ($service_body_config as $item => $value) {
+                 if (($item == "twilio_account_sid" || $item == "twilio_auth_token") && isset($_SESSION['call_state'])) {
+                     continue;
+                 }
+                 $_SESSION["override_" . $item] = $value;
+             }
+         }
+     }
+ }
 
-        if (isset($service_body_config)) {
-            foreach ($service_body_config as $item => $value) {
-                if (($item == "twilio_account_sid" || $item == "twilio_auth_token") && isset($_SESSION['call_state'])) {
-                    continue;
-                }
-                $_SESSION["override_" . $item] = $value;
-            }
-        }
-    }
-}
+ if (!isset($_SESSION['override_service_body_id'])) {
+     $service_body_id = 0;
+     if (isset($_REQUEST["service_body_id"]) || isset($_REQUEST["override_service_body_id"])) {
+         $service_body_id = isset($_REQUEST["service_body_id"]) ? $_REQUEST["service_body_id"] : $_REQUEST["override_service_body_id"];
+     } elseif (isset($_REQUEST["override_service_body_config_id"])) {
+         $service_body_id = $_REQUEST["override_service_body_config_id"];
+     }
 
-if (!isset($_SESSION['call_state'])) {
-    $_SESSION['call_state'] = "STARTED";
-}
+     setConfigForService($service_body_id);
+ }
 
-if (!isset($_SESSION['initial_webhook'])) {
-    $webhook_array = explode("/", $_SERVER['REQUEST_URI']);
-    $_SESSION['initial_webhook'] = str_replace("&", "&amp;", $webhook_array[count($webhook_array) - 1]);
-}
+ if (!isset($_SESSION['call_state'])) {
+     $_SESSION['call_state'] = "STARTED";
+ }
 
-if (isset($_REQUEST)) {
-    foreach ($_REQUEST as $key => $value) {
-        if (str_exists($key, "override_")) {
-            $_SESSION[$key] = $value;
-        }
-    }
-}
+ if (!isset($_SESSION['initial_webhook'])) {
+     $webhook_array = explode("/", $_SERVER['REQUEST_URI']);
+     $_SESSION['initial_webhook'] = str_replace("&", "&amp;", $webhook_array[count($webhook_array) - 1]);
+ }
+
+ if (isset($_REQUEST)) {
+     foreach ($_REQUEST as $key => $value) {
+         if (str_exists($key, "override_")) {
+             $_SESSION[$key] = $value;
+         }
+     }
+ }

legacy/admin/auth_login.php

@@ -1,6 +1,6 @@
 <?php
 require_once __DIR__ . '/../_includes/functions.php';
-
+unset($_SESSION['call_state']);
 $auth_v2_result = auth_v2($_POST['username'], $_POST['password']);
 if (count($auth_v2_result) == 1) {
     $_SESSION['username'] = $_POST['username'];
@@ -13,6 +13,7 @@
 
     // TODO: this provides backward compatability until the models are migrated to Laravel.
     $_SESSION['auth_service_bodies_rights'] = getServiceBodiesRightsIds();
+    setConfigForService($_SESSION['auth_service_bodies_rights'][0]);
 
     header('Location: home.php');
 } elseif (setting("bmlt_auth") && auth_v1($_POST['username'], $_POST['password'])) {
@@ -21,6 +22,7 @@
 
     // TODO: this provides backward compatability until the models are migrated to Laravel.
     $_SESSION['auth_service_bodies_rights'] = getServiceBodiesRightsIds();
+    setConfigForService($_SESSION['auth_service_bodies_rights'][0]);
 
     header('Location: home.php');
 } else {