admin/permission.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 require_once('./global.php');
  23 require_once('./includes/functions_datastore.php');
  24
  25 if (!can_perform('canadmingroups'))
  26 {
  27         admin_login();
  28 }
  29
  30 // ###################################################################
  31 // define permissions as groups
  32
  33 $permissions = array(
  34         $lang->string('General Permissions') => array(
  35                 'canviewbugs' => $lang->string('Can View Bugs'),
  36                 'canviewhidden' => $lang->string('Can View Hidden Bugs and Comments'),
  37                 'cansubscribe' => $lang->string('Can Subscribe to Bugs'),
  38         ),
  39
  40         $lang->string('Posting/Submitting Permissions') => array(
  41                 'canvote' => $lang->string('Can Vote on Polls'),
  42                 'cansubmitbugs' => $lang->string('Can Submit Bugs'),
  43                 'canpostcomments' => $lang->string('Can Post Comments'),
  44                 'cangetattach' => $lang->string('Can View Attachments'),
  45                 'canputattach' => $lang->string('Can Upload/Edit Own Attachments'),
  46                 'caneditattach' => $lang->string('Can Manage All Attachments')
  47         ),
  48
  49         $lang->string('Moderation/Managment Permissions') => array(
  50                 'caneditown' => $lang->string('Can Edit Own Bugs'),
  51                 'caneditother' => $lang->string('Can Edit Others\' Bugs'),
  52                 'caneditownreply' => $lang->string('Can Edit Own Comments'),
  53                 'caneditotherreply' => $lang->string('Can Edit Others\' Comments'),
  54                 'canassign' => $lang->string('Can Assign Bugs'),
  55                 'canchangestatus' => $lang->string('Can Change Status')
  56         )
  57 );
  58
  59 // ###################################################################
  60
  61 if (empty($_REQUEST['do']))
  62 {
  63         $_REQUEST['do'] = 'modify';
  64 }
  65
  66 // ###################################################################
  67
  68 if ($_REQUEST['do'] == 'kill')
  69 {
  70         $db->query("DELETE FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . intval($bugsys->in['usergroupid']) . " AND productid = " . intval($bugsys->in['productid']));
  71
  72         build_permissions();
  73
  74         $admin->redirect('permission.php?do=modify&usergroupid=' . intval($bugsys->in['usergroupid']));
  75 }
  76
  77 // ###################################################################
  78
  79 if ($_REQUEST['do'] == 'delete')
  80 {
  81         $admin->page_confirm($lang->string('Are you sure you want to revert this permission mask?'), 'permission.php?do=kill&amp;usergroupid=' . intval($bugsys->in['usergroupid']) . '&amp;productid=' . intval($bugsys->in['productid']));
  82 }
  83
  84 // ###################################################################
  85
  86 if ($_REQUEST['do'] == 'edit')
  87 {
  88         $perm = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . intval($bugsys->in['usergroupid']) . " AND productid = " . intval($bugsys->in['productid']));
  89         $usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
  90         $product = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = " . intval($bugsys->in['productid']));
  91
  92         if (!$usergroup OR !$product)
  93         {
  94                 $admin->error($lang->getlex('error_invalid_id'));
  95         }
  96
  97         $admin->page_start($lang->string('Edit Permissions'));
  98
  99         $admin->form_start('permission.php', 'update');
 100         $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
 101         $admin->form_hidden_field('productid', $product['productid']);
 102
 103         // determine the value to work off of
 104         if ($perm)
 105         {
 106                 $mask = $perm['mask'];
 107         }
 108         else
 109         {
 110                 $mask = $usergroup['permissions'];
 111         }
 112
 113         // Permission
 114         $admin->table_start();
 115         $admin->table_head(sprintf($lang->string('Permissions: %1$s - %2$s'), $usergroup['title'], $product['title']), 2, 'usergroups_permissions_details');
 116
 117         foreach ($permissions AS $group => $settings)
 118         {
 119                 $admin->row_span($group, 'thead', 'center');
 120                 foreach ($settings AS $setting => $name)
 121                 {
 122                         $admin->row_yesno($name, "perm[$setting]", ($mask & $_PERMISSION["$setting"]));
 123                 }
 124         }
 125
 126         $admin->row_submit();
 127         $admin->table_end();
 128         $admin->form_end();
 129         $admin->page_end();
 130 }
 131
 132 // ###################################################################
 133
 134 if ($_POST['do'] == 'update')
 135 {
 136         foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
 137         {
 138                 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
 139         }
 140
 141         $db->query("
 142                 REPLACE INTO " . TABLE_PREFIX . "permission
 143                         (usergroupid, productid, mask)
 144                 VALUES
 145                         (" . intval($bugsys->in['usergroupid']) . ",
 146                         " . intval($bugsys->in['productid']) . ",
 147                         $permissionvalue
 148                 )"
 149         );
 150
 151         build_permissions();
 152
 153         $ugroupid = intval($bugsys->in['usergroupid']);
 154
 155         $admin->redirect('permission.php?do=modify&usergroupid=' . $ugroupid);
 156 }
 157
 158 // ###################################################################
 159
 160 if ($_REQUEST['do'] == 'modify')
 161 {
 162         $admin->page_start($lang->string('Permission Manager'));
 163
 164         $admin->table_start();
 165         $admin->table_head($lang->string('Permission Manager'), 2, 'usergroups_permissions');
 166
 167         $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
 168         while ($group = $db->fetch_array($groups))
 169         {
 170                 $usergroups["$group[usergroupid]"] = $group;
 171         }
 172         $db->free_result($groups);
 173
 174         foreach ($usergroups AS $group)
 175         {
 176                 $admin->row_text($group['title'], ($bugsys->in['usergroupid'] != $group['usergroupid'] ? "<a href=\"permission.php?do=modify&amp;usergroupid=$group[usergroupid]\">[" . $lang->string('Expand') . "]</a>" : ''), 'top', 2, 'alt3');
 177
 178                 if ($bugsys->in['usergroupid'] == $group['usergroupid'])
 179                 {
 180                         $permissions_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = $group[usergroupid]");
 181                         while ($permission = $db->fetch_array($permissions_fetch))
 182                         {
 183                                 $permissions["$permission[productid]"] = $permission['mask'];
 184                         }
 185
 186                         $products_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE !componentmother ORDER BY displayorder ASC");
 187                         while ($product = $db->fetch_array($products_fetch))
 188                         {
 189                                 $groupid = $group['usergroupid'];
 190                                 $prodid = $product['productid'];
 191
 192                                 if (!isset($permissions["$product[productid]"]))
 193                                 {
 194                                         $statuslink = $lang->string('Inherited From Usergroup Settings: ');
 195                                         $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Customize') . ']</a>';
 196                                 }
 197                                 else
 198                                 {
 199                                         $statuslink = $lang->string('Customized: ');
 200                                         $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Edit') . ']</a>';
 201                                         $statuslink .= " <a href=\"permission.php?do=delete&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Revert') . ']</a>';
 202                                 }
 203
 204                                 $admin->row_text($product['title'], $statuslink);
 205                         }
 206                 }
 207         }
 208
 209         $admin->table_end();
 210
 211         $admin->page_end();
 212 }
 213
 214 /*=====================================================================*\
 215 || ###################################################################
 216 || # $HeadURL$
 217 || # $Id$
 218 || ###################################################################
 219 \*=====================================================================*/
 220 ?>