]> src.bluestatic.org Git - bugdar.git/blob - admin/usergroup.php
https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r1398: Removing the print_r() from BugAPI
[bugdar.git] / admin / usergroup.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once('./global.php');
23 require_once('./includes/api_usergroup.php');
24
25 require_once('./includes/class_api_error.php');
26 APIError(array(new API_Error_Handler($admin), 'admin_error'));
27
28 NavLinks::usersPages();
29 $navigator->set_focus('tab', 'users', null);
30
31 if (!can_perform('canadmingroups'))
32 {
33 admin_login();
34 }
35
36 // ###################################################################
37 // define permissions as groups
38
39 $permissions = array(
40 _('General Permissions') => array(
41 'canviewbugs' => _('Can View Bugs'),
42 'canviewhidden' => _('Can View Hidden Bugs and Comments'),
43 'canviewownhidden' => _('Can View Own Hidden Bugs'),
44 'cansearch' => _('Can Search Bugs'),
45 'cansubscribe' => _('Can Subscribe to Bugs'),
46 'canbeassignedto' => _('Can Be Assigned Bugs')
47 ),
48
49 _('Posting/Submitting Permissions') => array(
50 'canvote' => _('Can Vote on Polls'),
51 'cansubmitbugs' => _('Can Submit Bugs'),
52 'canpostcomments' => _('Can Post Comments'),
53 'cangetattach' => _('Can View Attachments'),
54 'canputattach' => _('Can Upload/Edit Own Attachments'),
55 'caneditattach' => _('Can Manage All Attachments')
56 ),
57
58 _('Moderation/Managment Permissions') => array(
59 'caneditown' => _('Can Edit Own Bugs'),
60 'caneditother' => _('Can Edit Others\' Bugs'),
61 'caneditownreply' => _('Can Edit Own Comments'),
62 'caneditotherreply' => _('Can Edit Others\' Comments'),
63 'canassign' => _('Can Assign Bugs'),
64 'canchangestatus' => _('Can Change Status'),
65 'candeletedata' => _('Can Delete Bugs and Comments')
66 ),
67
68 _('Administrator Permissions') => array(
69 'canadminpanel' => _('Can Access Control Panel'),
70 'canadminbugs' => _('Can Administer Bug Reports'),
71 'canadminfields' => _('Can Administer Additional Bug Fields'),
72 'canadminversions' => _('Can Administer Products / Components / Versions'),
73 'canadminusers' => _('Can Administer Users'),
74 'canadmingroups' => _('Can Administer Usergroups'),
75 'canadmintools' => _('Can Administer Settings / Maintenance Tools')
76 )
77 );
78
79 // ###################################################################
80
81 if (empty($_REQUEST['do']))
82 {
83 $_REQUEST['do'] = 'modify';
84 }
85
86 // ###################################################################
87
88 if ($_REQUEST['do'] == 'kill')
89 {
90 $usergroup = new UsergroupAPI($bugsys);
91 $usergroup->set('usergroupid', $bugsys->in['usergroupid']);
92 $usergroup->set_condition();
93 $usergroup->delete();
94
95 $admin->redirect('usergroup.php?do=modify');
96 }
97
98 // ###################################################################
99
100 if ($_REQUEST['do'] == 'delete')
101 {
102 if ($bugsys->in['usergroupid'] < 7)
103 {
104 $admin->error(_('You can\'t delete a default usergroup.'));
105 }
106
107 $admin->page_confirm(_('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).'), 'usergroup.php', 'kill', array('usergroupid' => $bugsys->in['usergroupid']));
108 }
109
110 // ###################################################################
111
112 if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit')
113 {
114 $add = (($_REQUEST['do'] == 'add') ? true : false);
115 $edit = (($_REQUEST['do'] == 'edit') ? true : false);
116
117 if ($edit)
118 {
119 NavLinks::usergroupsEdit($bugsys->in['usergroupid']);
120 $navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
121 }
122 else
123 {
124 NavLinks::usergroupsAdd();
125 $navigator->set_focus('link', 'usergroups-add', 'usergroups');
126 }
127
128 $admin->page_start(($add ? _('New Usergroup') : _('Edit Usergroup')));
129
130 $admin->form_start('usergroup.php', ($add ? 'insert' : 'update'));
131
132 if ($edit)
133 {
134 $usergroup = new UsergroupAPI($bugsys);
135 $usergroup->set('usergroupid', $bugsys->in['usergroupid']);
136 $usergroup->set_condition();
137 $usergroup->fetch();
138
139 $admin->form_hidden_field('usergroupid', $usergroup->objdata['usergroupid']);
140 }
141 else
142 {
143 $usergroup['permissions'] = 319;
144 }
145
146 // Details
147 $admin->table_start();
148 $admin->table_head(_('Usergroup Details'));
149 $admin->row_input(_('Usergroup Title'), 'title', $bugsys->sanitize($usergroup->objdata['title']));
150 $admin->row_input(_('Display Title<div><dfn>This is the title that others will be able to see when comments are posted.</dfn></div>'), 'displaytitle', $bugsys->sanitize($usergroup->objdata['displaytitle']));
151 $admin->table_end();
152
153 // Permission
154 $admin->table_start();
155
156 $admin->table_head(_('Permission Settings'));
157
158 foreach ($permissions AS $group => $settings)
159 {
160 $admin->row_span($group, 'thead', 'center');
161 foreach ($settings AS $setting => $name)
162 {
163 $admin->row_yesno($name, "perm[$setting]", ($usergroup->objdata['permissions'] & $bugsys->permissions["$setting"]));
164 }
165 }
166
167 $admin->table_end();
168
169 // custom field permissions
170 $admin->table_start();
171 $admin->table_head(_('Custom Field Permissions'));
172
173 if ($edit)
174 {
175 $perms = $db->query("SELECT fieldid, mask FROM " . TABLE_PREFIX . "bugfieldpermission WHERE usergroupid = " . $usergroup->objdata['usergroupid']);
176 while ($perm = $db->fetch_array($perms))
177 {
178 $permissions["$perm[fieldid]"] = $perm['mask'];
179 }
180 }
181
182 $fields = $db->query("SELECT fieldid, name FROM " . TABLE_PREFIX . "bugfield ORDER BY fieldid");
183 while ($field = $db->fetch_array($fields))
184 {
185 unset($listitem);
186 $admin->list_item(_('No Permission'), 0, $permissions["$field[fieldid]"] == 0);
187 $admin->list_item(_('Can View Field'), 1, $permissions["$field[fieldid]"] == 1);
188 $admin->list_item(_('Can View, Edit Field'), 2, $permissions["$field[fieldid]"] == 2);
189 $admin->row_list($field['name'], "custom[$field[fieldid]]");
190 }
191
192 $admin->table_end();
193
194 // Submit
195 $admin->table_start();
196 $admin->row_submit();
197 $admin->table_end();
198
199 $admin->form_end();
200
201 $admin->page_end();
202 }
203
204 // ###################################################################
205
206 if ($_POST['do'] == 'insert')
207 {
208 $bugsys->input_clean('perm', TYPE_UINT);
209 foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch)
210 {
211 $permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch;
212 }
213
214 $usergroup = new UsergroupAPI($bugsys);
215 $usergroup->set('title', $bugsys->in['title']);
216 $usergroup->set('displaytitle', $bugsys->in['displaytitle']);
217 $usergroup->set('permissions', $permissionvalue);
218 $usergroup->insert();
219
220 $bugsys->input_clean('custom', TYPE_UINT);
221 if (is_array($bugsys->in['custom']))
222 {
223 foreach ($bugsys->in['custom'] AS $fieldid => $mask)
224 {
225 $values[] = $usergroup->insertid . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
226 }
227 }
228
229 if (is_array($values))
230 {
231 $db->query("
232 INSERT INTO " . TABLE_PREFIX . "bugfieldpermission
233 (usergroupid, fieldid, mask)
234 VALUES
235 (" . implode("\n\t\t\t", $values) . "
236 )"
237 );
238 }
239
240 $admin->redirect('usergroup.php?do=modify');
241 }
242
243 // ###################################################################
244
245 if ($_POST['do'] == 'update')
246 {
247 $bugsys->input_clean_array(array(
248 'perm' => TYPE_UINT,
249 'usergroupid' => TYPE_UINT,
250 'custom' => TYPE_UINT
251 ));
252 $bugsys->input_clean('perm', TYPE_UINT);
253 foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch)
254 {
255 $permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch;
256 }
257
258 $usergroup = new UsergroupAPI($bugsys);
259 $usergroup->set('usergroupid', $bugsys->in['usergroupid']);
260 $usergroup->set_condition();
261 $usergroup->set('title', $bugsys->in['title']);
262 $usergroup->set('displaytitle', $bugsys->in['displaytitle']);
263 $usergroup->set('permissions', $permissionvalue);
264 $usergroup->update();
265
266 $bugsys->input_clean('custom', TYPE_UINT);
267 if (is_array($bugsys->in['custom']))
268 {
269 foreach ($bugsys->in['custom'] AS $fieldid => $mask)
270 {
271 $values[] = $usergroup->values['usergroupid'] . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
272 }
273 }
274
275 if (is_array($values))
276 {
277 $db->query("
278 REPLACE INTO " . TABLE_PREFIX . "bugfieldpermission
279 (usergroupid, fieldid, mask)
280 VALUES
281 (" . implode("),\n\t\t\t(", $values) . ")"
282 );
283 }
284
285
286 $admin->redirect('usergroup.php?do=modify');
287 }
288
289 // ###################################################################
290
291 if ($_POST['do'] == 'doapprove')
292 {
293 $bugsys->input_clean('approve', TYPE_UINT);
294
295 $idlist = array();
296 if (is_array($bugsys->in['approve']))
297 {
298 foreach ($bugsys->in['approve'] AS $id => $yesno)
299 {
300 if ($yesno > 0)
301 {
302 $idlist[] = $bugsys->clean($id, TYPE_UINT);
303 }
304 }
305 }
306
307 if (sizeof($idlist) > 0)
308 {
309 $users = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid IN (" . implode(',', $idlist) . ")");
310
311 $mail->set('subject', sprintf(_('Account Approved at %1$s'), $bugsys->options['trackertitle']));
312 while ($user = $db->fetch_array($users))
313 {
314 $mail->to = array();
315 $mail->to_add($user['displayname'], $user['email']);
316 $mail->set('bodytext', sprintf(_('Hi %1$s,
317
318 Your account was awaiting moderation at %2$s. Today, an administrator approved your registration and you are now able to use the bug tracker fully.
319
320 If you have any questions, please don\'t hesitate to contact the webmaster.'),
321 $user['displayname'],
322 $bugsys->options['trackertitle']
323 ));
324
325 $mail->send();
326 }
327
328 $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE userid IN (" . implode(',', $idlist) . ")");
329 }
330
331 $admin->redirect('usergroup.php', _('The selected users have been promoted to the "Registered" usergroup.'));
332 }
333
334 // ###################################################################
335
336 if ($_REQUEST['do'] == 'approve')
337 {
338 NavLinks::usergroupsAdd();
339 $navigator->set_focus('link', 'usergroups-approve', 'usergroups');
340
341 $admin->page_start(_('Moderate Awaiting Users'), 3);
342
343 $admin->form_start('usergroup.php', 'doapprove');
344 $admin->table_start();
345 $admin->table_head(_('Moderate Un-Approved Users'), 3);
346
347 $admin->table_column_head(array(_('Display Name'), _('Usergroup'), _('Approve')));
348
349 $users = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE usergroupid IN (3, 4)");
350 while ($user = $db->fetch_array($users))
351 {
352 $admin->row_multi_item(array(
353 '<a href="user.php?do=edit&amp;userid=' . $user['userid'] . '">' . $user['email'] . '</a>' => 'l',
354 $bugsys->datastore['usergroup']["$user[usergroupid]"]['title'] => 'c',
355 '<input name="approve[' . $user['userid'] . ']" type="checkbox" value="1" />' => 'c'
356 ));
357 }
358
359 $admin->row_submit(false, ':save:', ':reset:', 3);
360 $admin->table_end();
361 $admin->form_end();
362
363 $admin->page_end();
364 }
365
366 // ###################################################################
367
368 if ($_REQUEST['do'] == 'modify')
369 {
370 NavLinks::usergroupsAdd();
371 $navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
372
373 $admin->page_start(_('Usergroup Manager'));
374
375 $admin->form_start('usergroup.php', 'null');
376 $admin->table_start();
377 $admin->table_head(_('Usergroup Manager'), 3, 'usergroups');
378
379 $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
380 while ($group = $db->fetch_array($groups))
381 {
382 $usergroups["$group[usergroupid]"] = $group;
383 }
384 $db->free_result($groups);
385
386 $groups = $db->query("
387 SELECT COUNT(user.userid) AS total, user.usergroupid
388 FROM " . TABLE_PREFIX . "user AS user
389 LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
390 GROUP BY usergroup.usergroupid
391 ORDER BY usergroup.usergroupid"
392 );
393 while ($group = $db->fetch_array($groups))
394 {
395 $usergroups["$group[usergroupid]"]['total'] = $group['total'];
396 }
397
398 $admin->table_column_head(array(_('Usergroup'), _('Number of Users'), _('Action')));
399 foreach ($usergroups AS $group)
400 {
401 $admin->row_multi_item(array("<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l', ((!$group['total']) ? '-' : $group['total']) => 'c', "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">[" . _('Edit') . "]</a>" . (($group['usergroupid'] > 6) ? "<a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">[" . _('Delete') . "]</a>" : '') => 'c'));
402 }
403
404 $admin->table_end();
405 $admin->form_end();
406
407 $admin->page_end();
408 }
409
410 /*=====================================================================*\
411 || ###################################################################
412 || # $HeadURL$
413 || # $Id$
414 || ###################################################################
415 \*=====================================================================*/
416 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.