<?php
/*=====================================================================*\
|| ###################################################################
|| # Bugdar [#]version[#]
|| # Copyright Š2002-[#]year[#] Blue Static
|| #
|| # This program is free software; you can redistribute it and/or modify
|| # it under the terms of the GNU General Public License as published by
|| # the Free Software Foundation; version [#]gpl[#] of the License.
|| #
|| # This program is distributed in the hope that it will be useful, but
|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|| # more details.
|| #
|| # You should have received a copy of the GNU General Public License along
|| # with this program; if not, write to the Free Software Foundation, Inc.,
|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|| ###################################################################
\*=====================================================================*/

require_once('./global.php');
require_once('./includes/api_usergroup.php');

require_once('./includes/class_api_error.php');
APIError(array(new API_Error_Handler($admin), 'admin_error'));

NavLinks::usersPages();
$navigator->set_focus('tab', 'users', null);

if (!can_perform('canadmingroups'))
{
	admin_login();
}

// ###################################################################
// define permissions as groups

$permissions = array(
	_('General Permissions') => array(
		'canviewbugs' => _('Can View Bugs'),
		'canviewhidden' => _('Can View Hidden Bugs and Comments'),
		'canviewownhidden' => _('Can View Own Hidden Bugs'),
		'cansearch' => _('Can Search Bugs'),
		'cansubscribe' => _('Can Subscribe to Bugs'),
		'canbeassignedto' => _('Can Be Assigned Bugs')
	),
	
	_('Posting/Submitting Permissions') => array(
		'canvote' => _('Can Vote on Polls'),
		'cansubmitbugs' => _('Can Submit Bugs'),
		'canpostcomments' => _('Can Post Comments'),
		'cangetattach' => _('Can View Attachments'),
		'canputattach' => _('Can Upload/Edit Own Attachments'),
		'caneditattach' => _('Can Manage All Attachments')
	),
	
	_('Moderation/Managment Permissions') => array(
		'caneditown' => _('Can Edit Own Bugs'),
		'caneditother' => _('Can Edit Others\' Bugs'),
		'caneditownreply' => _('Can Edit Own Comments'),
		'caneditotherreply' => _('Can Edit Others\' Comments'),
		'canassign' => _('Can Assign Bugs'),
		'canchangestatus' => _('Can Change Status'),
		'candeletedata' => _('Can Delete Bugs and Comments')
	),
	
	_('Administrator Permissions') => array(
		'canadminpanel' => _('Can Access Control Panel'),
		'canadminbugs' => _('Can Administer Bug Reports'),
		'canadminfields' => _('Can Administer Additional Bug Fields'),
		'canadminversions' => _('Can Administer Products / Components / Versions'),
		'canadminusers' => _('Can Administer Users'),
		'canadmingroups' => _('Can Administer Usergroups'),
		'canadmintools' => _('Can Administer Settings / Maintenance Tools')
	)
);

// ###################################################################

if (empty($_REQUEST['do']))
{
	$_REQUEST['do'] = 'modify';
}

// ###################################################################

if ($_REQUEST['do'] == 'kill')
{
	$usergroup = new UsergroupAPI($bugsys);
	$usergroup->set('usergroupid',	$bugsys->in['usergroupid']);
	$usergroup->set_condition();
	$usergroup->delete();
	
	$admin->redirect('usergroup.php?do=modify');
}

// ###################################################################

if ($_REQUEST['do'] == 'delete')
{
	if ($bugsys->in['usergroupid'] < 7)
	{
		$admin->error(_('You can\'t delete a default usergroup.'));
	}
	
	$admin->page_confirm(_('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).'), 'usergroup.php', 'kill', array('usergroupid' => $bugsys->in['usergroupid']));
}

// ###################################################################

if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit')
{
	$add = (($_REQUEST['do'] == 'add') ? true : false);
	$edit = (($_REQUEST['do'] == 'edit') ? true : false);
	
	if ($edit)
	{
		NavLinks::usergroupsEdit($bugsys->in['usergroupid']);
		$navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
	}
	else
	{
		NavLinks::usergroupsAdd();
		$navigator->set_focus('link', 'usergroups-add', 'usergroups');
	}
	
	$admin->page_start(($add ? _('New Usergroup') : _('Edit Usergroup')));
	
	$admin->form_start('usergroup.php', ($add ? 'insert' : 'update'));
	
	if ($edit)
	{
		$usergroup = new UsergroupAPI($bugsys);
		$usergroup->set('usergroupid',	$bugsys->in['usergroupid']);
		$usergroup->set_condition();
		$usergroup->fetch();
		
		$admin->form_hidden_field('usergroupid', $usergroup->objdata['usergroupid']);
	}
	else
	{
		$usergroup['permissions'] = 319;
	}
	
	// Details
	$admin->table_start();
	$admin->table_head(_('Usergroup Details'));
	$admin->row_input(_('Usergroup Title'), 'title', $bugsys->sanitize($usergroup->objdata['title']));
	$admin->row_input(_('Display Title<div><dfn>This is the title that others will be able to see when comments are posted.</dfn></div>'), 'displaytitle', $bugsys->sanitize($usergroup->objdata['displaytitle']));
	$admin->table_end();
	
	// Permission
	$admin->table_start();
		
	$admin->table_head(_('Permission Settings'));
	
	foreach ($permissions AS $group => $settings)
	{
		$admin->row_span($group, 'thead', 'center');
		foreach ($settings AS $setting => $name)
		{
			$admin->row_yesno($name, "perm[$setting]", ($usergroup->objdata['permissions'] & $bugsys->permissions["$setting"]));
		}
	}
	
	$admin->table_end();
		
	// custom field permissions
	$admin->table_start();
	$admin->table_head(_('Custom Field Permissions'));
	
	if ($edit)
	{
		$perms = $db->query("SELECT fieldid, mask FROM " . TABLE_PREFIX . "bugfieldpermission WHERE usergroupid = " . $usergroup->objdata['usergroupid']);
		while ($perm = $db->fetch_array($perms))
		{
			$permissions["$perm[fieldid]"] = $perm['mask'];
		}
	}
	
	$fields = $db->query("SELECT fieldid, name FROM " . TABLE_PREFIX . "bugfield ORDER BY fieldid");
	while ($field = $db->fetch_array($fields))
	{
		unset($listitem);
		$admin->list_item(_('No Permission'), 0, $permissions["$field[fieldid]"] == 0);
		$admin->list_item(_('Can View Field'), 1, $permissions["$field[fieldid]"] == 1);
		$admin->list_item(_('Can View, Edit Field'), 2, $permissions["$field[fieldid]"] == 2);
		$admin->row_list($field['name'], "custom[$field[fieldid]]");
	}
	
	$admin->table_end();
	
	// Submit
	$admin->table_start();
	$admin->row_submit();
	$admin->table_end();
	
	$admin->form_end();
	
	$admin->page_end();
}

// ###################################################################

if ($_POST['do'] == 'insert')
{
	$bugsys->input_clean('perm', TYPE_UINT);
	foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch)
	{
		$permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch;
	}
	
	$usergroup = new UsergroupAPI($bugsys);
	$usergroup->set('title',		$bugsys->in['title']);
	$usergroup->set('displaytitle',	$bugsys->in['displaytitle']);
	$usergroup->set('permissions',	$permissionvalue);
	$usergroup->insert();
	
	$bugsys->input_clean('custom', TYPE_UINT);
	foreach ($bugsys->in['custom'] AS $fieldid => $mask)
	{
		$values[] = $usergroup->insertid . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
	}
	
	if (is_array($values))
	{
		$db->query("
			INSERT INTO " . TABLE_PREFIX . "bugfieldpermission
				(usergroupid, fieldid, mask)
			VALUES
				(" . implode("\n\t\t\t", $values) . "
			)"
		);
	}
	
	$admin->redirect('usergroup.php?do=modify');
}

// ###################################################################

if ($_POST['do'] == 'update')
{
	$bugsys->input_clean_array(array(
		'perm'			=> TYPE_UINT,
		'usergroupid'	=> TYPE_UINT,
		'custom'		=> TYPE_UINT
	));
	$bugsys->input_clean('perm', TYPE_UINT);
	foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch)
	{
		$permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch;
	}
	
	$usergroup = new UsergroupAPI($bugsys);
	$usergroup->set('usergroupid',	$bugsys->in['usergroupid']);
	$usergroup->set_condition();
	$usergroup->set('title',		$bugsys->in['title']);
	$usergroup->set('displaytitle',	$bugsys->in['displaytitle']);
	$usergroup->set('permissions',	$permissionvalue);
	$usergroup->update();
	
	$bugsys->input_clean('custom', TYPE_UINT);
	foreach ($bugsys->in['custom'] AS $fieldid => $mask)
	{
		$values[] = $usergroup->values['usergroupid'] . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
	}
	
	if (is_array($values))
	{
		$db->query("
			REPLACE INTO " . TABLE_PREFIX . "bugfieldpermission
				(usergroupid, fieldid, mask)
			VALUES
				(" . implode("),\n\t\t\t(", $values) . ")"
		);
	}

	
	$admin->redirect('usergroup.php?do=modify');
}

// ###################################################################

if ($_REQUEST['do'] == 'modify')
{
	NavLinks::usergroupsAdd();
	$navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
	
	$admin->page_start(_('Usergroup Manager'));
	
	$admin->form_start('usergroup.php', 'null');
	$admin->table_start();
	$admin->table_head(_('Usergroup Manager'), 3, 'usergroups');
	
	$groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
	while ($group = $db->fetch_array($groups))
	{
		$usergroups["$group[usergroupid]"] = $group;
	}
	$db->free_result($groups);
	
	$groups = $db->query("
		SELECT COUNT(user.userid) AS total, user.usergroupid
		FROM " . TABLE_PREFIX . "user AS user
		LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
		GROUP BY usergroup.usergroupid
		ORDER BY usergroup.usergroupid"
	);
	while ($group = $db->fetch_array($groups))
	{
		$usergroups["$group[usergroupid]"]['total'] = $group['total'];
	}
	
	$admin->table_column_head(array(_('Usergroup'), _('Number of Users'), _('Action')));
	foreach ($usergroups AS $group)
	{
		$admin->row_multi_item(array("<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l', ((!$group['total']) ? '-' : $group['total']) => 'c', "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">[" . _('Edit') . "]</a>" . (($group['usergroupid'] > 6) ? "<a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">[" . _('Delete') . "]</a>" : '') => 'c'));
	}
	
	$admin->table_end();
	$admin->form_end();
	
	$admin->page_end();
}

/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>