https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r525: Got base of new per-product permissions
[bugdar.git] / admin / permission.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 require_once('./global.php');
14 require_once('./includes/functions_datastore.php');
15
16 if (!can_perform('canadmingroups'))
17 {
18 admin_login();
19 }
20
21 // ###################################################################
22 // define permissions as groups
23
24 $permissions = array(
25 $lang->string('General Permissions') => array(
26 'canviewbugs' => $lang->string('Can View Bugs'),
27 'canviewhidden' => $lang->string('Can View Hidden Bugs and Comments'),
28 'cansubscribe' => $lang->string('Can Subscribe to Bugs'),
29 ),
30
31 $lang->string('Posting/Submitting Permissions') => array(
32 'canvote' => $lang->string('Can Vote on Polls'),
33 'cansubmitbugs' => $lang->string('Can Submit Bugs'),
34 'canpostcomments' => $lang->string('Can Post Comments'),
35 'cangetattach' => $lang->string('Can View Attachments'),
36 'canputattach' => $lang->string('Can Upload/Edit Own Attachments'),
37 'caneditattach' => $lang->string('Can Manage All Attachments')
38 ),
39
40 $lang->string('Moderation/Managment Permissions') => array(
41 'caneditown' => $lang->string('Can Edit Own Bugs'),
42 'caneditothers' => $lang->string('Can Edit Others\' Bugs'),
43 'caneditinfo' => $lang->string('Can Edit Bug Information'),
44 'canassign' => $lang->string('Can Assign Bugs'),
45 'canchangestatus' => $lang->string('Can Change Status')
46 )
47 );
48
49 // ###################################################################
50
51 if (empty($_REQUEST['do']))
52 {
53 $_REQUEST['do'] = 'modify';
54 }
55
56 // ###################################################################
57
58 if ($_REQUEST['do'] == 'kill')
59 {
60 $db->query("DELETE FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . intval($bugsys->in['usergroupid']) . " AND productid = " . intval($bugsys->in['productid']));
61
62 build_permissions();
63
64 $admin->redirect('permission.php?do=modify&usergroupid=' . intval($bugsys->in['usergroupid']));
65 }
66
67 // ###################################################################
68
69 if ($_REQUEST['do'] == 'delete')
70 {
71 $admin->page_confirm($lang->string('Are you sure you want to revert this permission mask?'), 'permission.php?do=kill&amp;usergroupid=' . intval($bugsys->in['usergroupid']) . '&amp;productid=' . intval($bugsys->in['productid']));
72 }
73
74 // ###################################################################
75
76 if ($_REQUEST['do'] == 'edit')
77 {
78 $perm = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . intval($bugsys->in['usergroupid']) . " AND productid = " . intval($bugsys->in['productid']));
79 $usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
80 $product = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = " . intval($bugsys->in['productid']));
81
82 if (!$usergroup OR !$product)
83 {
84 $admin->error($lang->getlex('error_invalid_id'));
85 }
86
87 $admin->page_start($lang->string('Edit Permissions'));
88
89 $admin->form_start('permission.php', 'update');
90 $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
91 $admin->form_hidden_field('productid', $product['productid']);
92
93 // determine the value to work off of
94 if ($perm)
95 {
96 $mask = $perm['mask'];
97 }
98 else
99 {
100 $mask = $usergroup['permissions'];
101 }
102
103 // Permission
104 $admin->table_start();
105 $admin->table_head(sprintf($lang->string('Permissions: %1$s - %2$s'), $usergroup['title'], $product['title']));
106
107 foreach ($permissions AS $group => $settings)
108 {
109 $admin->row_span($group, 'thead', 'center');
110 foreach ($settings AS $setting => $name)
111 {
112 $admin->row_yesno($name, "perm[$setting]", ($mask & $_PERMISSION["$setting"]));
113 }
114 }
115
116 $admin->row_submit();
117 $admin->table_end();
118 $admin->form_end();
119 $admin->page_end();
120 }
121
122 // ###################################################################
123
124 if ($_POST['do'] == 'update')
125 {
126 foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
127 {
128 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
129 }
130
131 $db->query("
132 REPLACE INTO " . TABLE_PREFIX . "permission
133 (usergroupid, productid, mask)
134 VALUES
135 (" . intval($bugsys->in['usergroupid']) . ",
136 " . intval($bugsys->in['productid']) . ",
137 $permissionvalue
138 )"
139 );
140
141 build_permissions();
142
143 $ugroupid = intval($bugsys->in['usergroupid']);
144
145 $admin->redirect('permission.php?do=modify&usergroupid=' . $ugroupid);
146 }
147
148 // ###################################################################
149
150 if ($_REQUEST['do'] == 'modify')
151 {
152 $admin->page_start($lang->string('Permission Manager'));
153
154 $admin->table_start();
155 $admin->table_head($lang->string('Permission Manager'));
156
157 $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
158 while ($group = $db->fetch_array($groups))
159 {
160 $usergroups["$group[usergroupid]"] = $group;
161 }
162 $db->free_result($groups);
163
164 foreach ($usergroups AS $group)
165 {
166 $admin->row_text($group['title'], ($bugsys->in['usergroupid'] != $group['usergroupid'] ? "<a href=\"permission.php?do=modify&amp;usergroupid=$group[usergroupid]\">[" . $lang->string('Expand') . "]</a>" : ''), 'top', 2, 'alt3');
167
168 if ($bugsys->in['usergroupid'] == $group['usergroupid'])
169 {
170 $permissions_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = $group[usergroupid]");
171 while ($permission = $db->fetch_array($permissions_fetch))
172 {
173 $permissions["$permission[productid]"] = $permission['mask'];
174 }
175
176 $products_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE !componentmother ORDER BY displayorder ASC");
177 while ($product = $db->fetch_array($products_fetch))
178 {
179 $groupid = $group['usergroupid'];
180 $prodid = $product['productid'];
181
182 if (!isset($permissions["$product[productid]"]))
183 {
184 $statuslink = $lang->string('Inherited From Usergroup Settings: ');
185 $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Customize') . ']</a>';
186 }
187 else
188 {
189 $statuslink = $lang->string('Customized: ');
190 $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Edit') . ']</a>';
191 $statuslink .= " <a href=\"permission.php?do=delete&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Revert') . ']</a>';
192 }
193
194 $admin->row_text($product['title'], $statuslink);
195 }
196 }
197 }
198
199 $admin->table_end();
200
201 $admin->page_end();
202 }
203
204 /*=====================================================================*\
205 || ###################################################################
206 || # $HeadURL$
207 || # $Id$
208 || ###################################################################
209 \*=====================================================================*/
210 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.