[Summary view] [Print] [Text view]

   1  <?php /* $Id: vw_role_perms.php 156 2008-04-11 15:47:40Z pedroix $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/modules/system/roles/vw_role_perms.php $ */
   2  if (!defined('W2P_BASE_DIR')) {
   3      die('You should not access this file directly.');
   4  }
   5  
   6  global $AppUI, $role_id, $canEdit, $canDelete, $tab;
   7  
   8  // Get the permissions for this module
   9  $perms = &$AppUI->acl();
  10  $canEdit = $perms->checkModule('roles', 'edit');
  11  if (!$canEdit) {
  12      $AppUI->redirect('m=public&a=access_denied');
  13  }
  14  
  15  $module_list = $perms->getModuleList();
  16  $pgos = array();
  17  $q = new DBQuery;
  18  $q->addTable('modules', 'm');
  19  $q->addQuery('mod_id, mod_name, permissions_item_table, permissions_item_field, permissions_item_label');
  20  $q->addWhere('permissions_item_table IS NOT NULL');
  21  $q->addWhere('permissions_item_table <> \'\'');
  22  $pgo_list = $q->loadHashList('mod_name');
  23  $q->clear();
  24  
  25  $count = 0;
  26  $modules = array();
  27  $offset = 0;
  28  foreach ($module_list as $module) {
  29      $modules[$module['type'] . ',' . $module['id']] = $module['name'];
  30      if ($module['type'] = 'mod' && isset($pgo_list[$module['name']])) {
  31          $pgos[$offset] = $pgo_list[$module['name']]['permissions_item_table'];
  32      }
  33      $offset++;
  34  }
  35  
  36  //Pull User perms
  37  $role_acls = $perms->getRoleACLs($role_id);
  38  if (!is_array($role_acls)) {
  39      $role_acls = array(); // Stops foreach complaining.
  40  }
  41  $perm_list = $perms->getPermissionList();
  42  
  43  ?>
  44  
  45  <script type="text/javascript" language="javascript">
  46  <!--
  47  <?php
  48  // security improvement:
  49  // some javascript functions may not appear on client side in case of user not having write permissions
  50  // else users would be able to arbitrarily run 'bad' functions
  51  if ($canEdit) {
  52  ?>
  53  
  54  function clearIt(){
  55      var f = document.frmPerms;
  56      f.sqlaction2.value = "<?php echo $AppUI->_('add'); ?>";
  57      f.permission_id.value = 0;
  58      f.permission_grant_on.selectedIndex = 0;
  59  }
  60  
  61  function delIt(id) {
  62      if (confirm( '<?php echo $AppUI->_('Are you sure you want to delete this permission?', UI_OUTPUT_JS); ?>' )) {
  63          var f = document.frmPerms;
  64          f.del.value = 1;
  65          f.permission_id.value = id;
  66          f.submit();
  67      }
  68  }
  69  
  70  var tables = new Array;
  71  <?php
  72      foreach ($pgos as $key => $value) {
  73          // Find the module id in the modules array
  74          echo "tables['$key'] = '$value';\n";
  75      }
  76  ?>
  77  
  78  function popPermItem() {
  79      var f = document.frmPerms;
  80      var pgo = f.permission_module.selectedIndex;
  81  
  82      if (!(pgo in tables)) {
  83          alert( '<?php echo $AppUI->_('No list associated with this Module.', UI_OUTPUT_JS); ?>' );
  84          return;
  85      }
  86      f.permission_table.value = tables[pgo];
  87      window.open('./index.php?m=public&a=selector&dialog=1&callback=setPermItem&table=' + tables[pgo], 'selector', 'left=50,top=50,height=250,width=400,resizable')
  88  }
  89  
  90  // Callback function for the generic selector
  91  function setPermItem( key, val ) {
  92      var f = document.frmPerms;
  93      if (val != '') {
  94          f.permission_item.value = key;
  95          f.permission_item_name.value = val;
  96          f.permission_name.value = val;
  97      } else {
  98          f.permission_item.value = '0';
  99          f.permission_item_name.value = 'all';
 100          f.permission_table.value = '';
 101      }
 102  }
 103  <?php } ?>
 104  -->
 105  </script>
 106  
 107  <table width="100%" border="0" cellpadding="2" cellspacing="0">
 108  <tr>
 109      <td width="50%" valign="top">
 110  
 111  <table width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl">
 112  <tr>
 113      <th width="100%"><?php echo $AppUI->_('Item'); ?></th>
 114      <th nowrap="nowrap"><?php echo $AppUI->_('Type'); ?></th>
 115      <th nowrap="nowrap"><?php echo $AppUI->_('Status'); ?></th>
 116      <th>&nbsp;</th>
 117  </tr>
 118  
 119  <?php
 120  foreach ($role_acls as $acl) {
 121      $buf = '';
 122      $permission = $perms->get_acl($acl);
 123  
 124      $style = '';
 125      // TODO: Do we want to make the colour depend on the allow/deny/inherit flag?
 126      // Module information.
 127      if (is_array($permission)) {
 128          $buf .= '<td ' . $style . '>';
 129          $modlist = array();
 130          $itemlist = array();
 131          if (is_array($permission['axo_groups'])) {
 132              foreach ($permission['axo_groups'] as $group_id) {
 133                  $group_data = $perms->get_group_data($group_id, 'axo');
 134                  $modlist[] = $AppUI->_($group_data[3]);
 135              }
 136          }
 137          if (is_array($permission['axo'])) {
 138              foreach ($permission['axo'] as $key => $section) {
 139                  foreach ($section as $id) {
 140                      $mod_data = $perms->get_object_full($id, $key, 1, 'axo');
 141                      if (is_numeric($mod_data['name'])) {
 142                          $module = $pgo_list[ucfirst($key)];
 143                          $q = new DBQuery();
 144                          $q->addTable($module['permissions_item_table']);
 145                          $q->addQuery($module['permissions_item_label']);
 146                          $q->addWhere($module['permissions_item_field'] . '=' . $mod_data['name']);
 147                          $data = $q->loadResult();
 148                          $q->clear();
 149                          $modlist[] = $AppUI->_(ucfirst($key)) . ': ' . w2PHTMLDecode($data);
 150                      } else {
 151                          $modlist[] = $AppUI->_(ucfirst($key)) . ': ' . w2PHTMLDecode($mod_data['name']);
 152                      }
 153                  }
 154              }
 155          }
 156          $buf .= implode('<br />', $modlist);
 157          $buf .= '</td>';
 158          // Item information TODO:  need to figure this one out.
 159          //     $buf .= '<td></td>';
 160          // Type information.
 161          $buf .= '<td>';
 162          $perm_type = array();
 163          if (is_array($permission['aco'])) {
 164              foreach ($permission['aco'] as $key => $section) {
 165                  foreach ($section as $value) {
 166                      $perm = $perms->get_object_full($value, $key, 1, 'aco');
 167                      $perm_type[] = $AppUI->_($perm['name']);
 168                  }
 169              }
 170          }
 171          $buf .= implode('<br />', $perm_type);
 172          $buf .= '</td>';
 173  
 174          // Allow or deny
 175          $buf .= '<td>' . $AppUI->_($permission['allow'] ? 'allow' : 'deny') . '</td>';
 176          $buf .= '<td nowrap="nowrap">';
 177          if ($canDelete) {
 178              $buf .= "<a href=\"javascript:delIt({$acl});\" title=\"" . $AppUI->_('delete') . "\">" . w2PshowImage('icons/stock_delete-16.png', 16, 16, '') . "</a>";
 179          }
 180          $buf .= '</td>';
 181  
 182          echo '<tr>' . $buf . '</tr>';
 183      }
 184  }
 185  ?>
 186  </table>
 187  
 188  </td><td width="50%" valign="top">
 189  
 190  <?php if ($canEdit) { ?>
 191  
 192  <form name="frmPerms" method="post" action="?m=system&amp;u=roles">
 193      <input type="hidden" name="del" value="0" />
 194      <input type="hidden" name="dosql" value="do_perms_aed" />
 195      <input type="hidden" name="role_id" value="<?php echo $role_id; ?>" />
 196      <input type="hidden" name="permission_id" value="0" />
 197      <input type="hidden" name="permission_item" value="0" />
 198      <input type="hidden" name="permission_table" value="" />
 199      <input type="hidden" name="permission_name" value="" />
 200  
 201  <table cellspacing="1" cellpadding="2" border="0" class="std" width="100%">
 202  <tr>
 203      <th colspan="2"><?php echo $AppUI->_('Add Permissions'); ?></th>
 204  </tr>
 205  <tr>
 206      <td nowrap="nowrap" align="right"><?php echo $AppUI->_('Module'); ?>:</td>
 207      <td width="100%"><?php echo arraySelect($modules, 'permission_module', 'size="1" class="text"', 'grp,all', true); ?></td>
 208  </tr>
 209  <tr>
 210      <td nowrap="nowrap" align="right"><?php echo $AppUI->_('Item'); ?>:</td>
 211      <td>
 212          <input type="text" name="permission_item_name" class="text" size="30" value="all" disabled="disabled" />
 213          <input type="button" name="popup" class="text" value="..." onclick="popPermItem();" />
 214      </td>
 215  </tr>
 216  
 217  <tr>
 218      <td nowrap="nowrap" align="right"><?php echo $AppUI->_('Access'); ?>:</td>
 219      <td>
 220          <select name="permission_access" class="text">
 221              <option value="1"><?php echo $AppUI->_('allow'); ?></option>
 222              <option value="0"><?php echo $AppUI->_('deny'); ?></option>
 223          </select>
 224      </td>
 225  </tr>
 226  <?php
 227      foreach ($perm_list as $perm_id => $perm_name) {
 228  ?>
 229  <tr>
 230      <td nowrap="nowrap" align="right"><?php echo $AppUI->_($perm_name); ?>:</td>
 231      <td>
 232        <input type="checkbox" name="permission_type[]" value="<?php echo $perm_id; ?>" />
 233      </td>
 234  </tr>
 235  <?php
 236      }
 237  ?>
 238  <tr>
 239      <td>
 240          <input type="reset" value="<?php echo $AppUI->_('clear'); ?>" class="button" name="sqlaction" onclick="clearIt();" />
 241      </td>
 242      <td align="right">
 243          <input type="submit" value="<?php echo $AppUI->_('add'); ?>" class="button" name="sqlaction2" />
 244      </td>
 245  </tr>
 246  </table>
 247  </form>
 248  <?php } ?>
 249  
 250      </td>
 251  </tr>
 252  </table>