https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Changing $bugsys->permissions[] to bugdar::$permissions[]
[bugdar.git] / admin / permission.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar
5 || # Copyright ©2002-2007 Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version 2 of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 // TODO - look at an API for permission.php
23
24 require_once('./global.php');
25 require_once('./includes/functions_datastore.php');
26
27 NavLinks::usersPages();
28 $navigator->set_focus('tab', 'users', null);
29 $navigator->set_focus('link', 'users-pages-permissions', 'users-pages');
30
31 if (!can_perform('canadmingroups'))
32 {
33 admin_login();
34 }
35
36 // ###################################################################
37 // define permissions as groups
38
39 $permissions = array(
40 T('General Permissions') => array(
41 'canviewbugs' => T('Can View Bugs'),
42 'canviewhidden' => T('Can View All Hidden Bugs and Comments'),
43 'canviewownhidden' => T('Can View Own Hidden Bugs'),
44 'cansubscribe' => T('Can Subscribe to Bugs'),
45 ),
46
47 T('Posting/Submitting Permissions') => array(
48 'canvote' => T('Can Vote on Polls'),
49 'cansubmitbugs' => T('Can Submit Bugs'),
50 'canpostcomments' => T('Can Post Comments'),
51 'cangetattach' => T('Can View Attachments'),
52 'canputattach' => T('Can Upload/Edit Own Attachments'),
53 'caneditattach' => T('Can Manage All Attachments')
54 ),
55
56 T('Moderation/Managment Permissions') => array(
57 'caneditown' => T('Can Edit Own Bugs'),
58 'caneditother' => T('Can Edit Others\' Bugs'),
59 'caneditownreply' => T('Can Edit Own Comments'),
60 'caneditotherreply' => T('Can Edit Others\' Comments'),
61 'canassign' => T('Can Assign Bugs'),
62 'canchangestatus' => T('Can Change Status'),
63 'candeletedata' => T('Can Delete Bugs and Comments')
64 )
65 );
66
67 // ###################################################################
68
69 if (empty($_REQUEST['do']))
70 {
71 $_REQUEST['do'] = 'modify';
72 }
73
74 // ###################################################################
75
76 if ($_REQUEST['do'] == 'kill')
77 {
78 $input->inputClean('usergroupid', TYPE_UINT);
79 $db->query("DELETE FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $input->in['usergroupid'] . " AND productid = " . $input->inputClean('productid', TYPE_UINT));
80
81 build_permissions();
82
83 $admin->redirect('permission.php?do=modify&usergroupid=' . $input->in['usergroupid']);
84 }
85
86 // ###################################################################
87
88 if ($_REQUEST['do'] == 'delete')
89 {
90 $admin->page_confirm(T('Are you sure you want to revert this permission mask?'), 'permission.php', 'kill', array('usergroupid' => $input->inputClean('usergroupid', TYPE_UINT), 'productid' => $input->inputClean('productid', TYPE_UINT)));
91 }
92
93 // ###################################################################
94
95 if ($_REQUEST['do'] == 'edit')
96 {
97 $input->inputClean_array(array(
98 'usergroupid' => TYPE_UINT,
99 'productid' => TYPE_UINT
100 ));
101 $perm = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $input->in['usergroupid'] . " AND productid = " . $input->in['productid']);
102 $usergroup = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . $input->in['usergroupid']);
103 $product = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = " . $input->in['productid']);
104
105 if (!$usergroup OR !$product)
106 {
107 $admin->error(L_INVALID_ID);
108 }
109
110 $admin->page_start(T('Edit Permissions'));
111
112 $admin->form_start('permission.php', 'update');
113 $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
114 $admin->form_hidden_field('productid', $product['productid']);
115
116 // determine the value to work off of
117 if ($perm)
118 {
119 $mask = $perm['mask'];
120 }
121 else
122 {
123 $mask = $usergroup['permissions'];
124 }
125
126 // Permission
127 $admin->table_start();
128 $admin->table_head(sprintf(T('Permissions: %1$s - %2$s'), $usergroup['title'], $product['title']));
129
130 foreach ($permissions AS $group => $settings)
131 {
132 $admin->row_span($group, 'thead', 'center');
133 foreach ($settings AS $setting => $name)
134 {
135 $admin->row_yesno($name, "perm[$setting]", ($mask & bugdar::$permissions["$setting"]));
136 }
137 }
138
139 $admin->row_submit();
140 $admin->table_end();
141 $admin->form_end();
142 $admin->page_end();
143 }
144
145 // ###################################################################
146
147 if ($_POST['do'] == 'update')
148 {
149 $input->inputClean_array(array(
150 'perm' => TYPE_UINT,
151 'usergroupid' => TYPE_UINT,
152 'productid' => TYPE_UINT
153 ));
154 foreach ($input->in['perm'] AS $permtitle => $binaryswitch)
155 {
156 $permissionvalue += bugdar::$permissions["$permtitle"] * $binaryswitch;
157 }
158
159 $db->query("
160 REPLACE INTO " . TABLE_PREFIX . "permission
161 (usergroupid, productid, mask)
162 VALUES
163 (" . $input->in['usergroupid'] . ",
164 " . $input->in['productid'] . ",
165 $permissionvalue
166 )"
167 );
168
169 build_permissions();
170
171 $admin->redirect('permission.php?do=modify&usergroupid=' . $input->in['usergroupid']);
172 }
173
174 // ###################################################################
175
176 if ($_REQUEST['do'] == 'modify')
177 {
178 $admin->page_start(T('Permission Manager'));
179
180 $admin->table_start();
181 $admin->table_head(T('Permission Manager'));
182
183 $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
184 foreach ($groups as $group)
185 {
186 $usergroups["$group[usergroupid]"] = $group;
187 }
188 $db->free_result($groups);
189
190 foreach ($usergroups AS $group)
191 {
192 $admin->row_text($group['title'], ($input->in['usergroupid'] != $group['usergroupid'] ? "<a href=\"permission.php?do=modify&amp;usergroupid=$group[usergroupid]\">[" . T('Expand') . "]</a>" : ''), 'top', 2, 'alt3');
193
194 if ($input->in['usergroupid'] == $group['usergroupid'])
195 {
196 $permissions_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = $group[usergroupid]");
197 foreach ($permissions_fetch as $permission)
198 {
199 $permissions["$permission[productid]"] = $permission['mask'];
200 }
201
202 $products_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE !parentid OR parentid IS NULL ORDER BY displayorder ASC");
203 foreach ($products_fetch as $product)
204 {
205 $groupid = $group['usergroupid'];
206 $prodid = $product['productid'];
207
208 if (!isset($permissions["$product[productid]"]))
209 {
210 $statuslink = T('Inherited From Usergroup Settings: ');
211 $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . T('Customize') . ']</a>';
212 }
213 else
214 {
215 $statuslink = T('Customized: ');
216 $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . T('Edit') . ']</a>';
217 $statuslink .= " <a href=\"permission.php?do=delete&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . T('Revert') . ']</a>';
218 }
219
220 $admin->row_text($product['title'], $statuslink);
221 }
222 }
223 }
224
225 $admin->table_end();
226
227 $admin->page_end();
228 }
229
230 /*=====================================================================*\
231 || ###################################################################
232 || # $HeadURL$
233 || # $Id$
234 || ###################################################################
235 \*=====================================================================*/
236 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.