admin/permission.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 require_once('./global.php');
  23 require_once('./includes/functions_datastore.php');
  24
  25 NavLinks::usersPages();
  26 $navigator->set_focus('tab', 'users', null);
  27 $navigator->set_focus('link', 'users-pages-permissions', 'users-pages');
  28
  29 if (!can_perform('canadmingroups'))
  30 {
  31         admin_login();
  32 }
  33
  34 // ###################################################################
  35 // define permissions as groups
  36
  37 $permissions = array(
  38         $lang->string('General Permissions') => array(
  39                 'canviewbugs' => $lang->string('Can View Bugs'),
  40                 'canviewhidden' => $lang->string('Can View Hidden Bugs and Comments'),
  41                 'cansubscribe' => $lang->string('Can Subscribe to Bugs'),
  42         ),
  43
  44         $lang->string('Posting/Submitting Permissions') => array(
  45                 'canvote' => $lang->string('Can Vote on Polls'),
  46                 'cansubmitbugs' => $lang->string('Can Submit Bugs'),
  47                 'canpostcomments' => $lang->string('Can Post Comments'),
  48                 'cangetattach' => $lang->string('Can View Attachments'),
  49                 'canputattach' => $lang->string('Can Upload/Edit Own Attachments'),
  50                 'caneditattach' => $lang->string('Can Manage All Attachments')
  51         ),
  52
  53         $lang->string('Moderation/Managment Permissions') => array(
  54                 'caneditown' => $lang->string('Can Edit Own Bugs'),
  55                 'caneditother' => $lang->string('Can Edit Others\' Bugs'),
  56                 'caneditownreply' => $lang->string('Can Edit Own Comments'),
  57                 'caneditotherreply' => $lang->string('Can Edit Others\' Comments'),
  58                 'canassign' => $lang->string('Can Assign Bugs'),
  59                 'canchangestatus' => $lang->string('Can Change Status')
  60         )
  61 );
  62
  63 // ###################################################################
  64
  65 if (empty($_REQUEST['do']))
  66 {
  67         $_REQUEST['do'] = 'modify';
  68 }
  69
  70 // ###################################################################
  71
  72 if ($_REQUEST['do'] == 'kill')
  73 {
  74         $bugsys->input_clean('usergroupid', TYPE_UINT);
  75         $db->query("DELETE FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $bugsys->in['usergroupid'] . " AND productid = " . $bugsys->input_clean('productid', TYPE_UINT));
  76
  77         build_permissions();
  78
  79         $admin->redirect('permission.php?do=modify&usergroupid=' . $bugsys->in['usergroupid']);
  80 }
  81
  82 // ###################################################################
  83
  84 if ($_REQUEST['do'] == 'delete')
  85 {
  86         $admin->page_confirm($lang->string('Are you sure you want to revert this permission mask?'), 'permission.php?do=kill&amp;usergroupid=' . $bugsys->input_clean('usergroupid', TYPE_UINT) . '&amp;productid=' . $bugsys->input_clean('productid', TYPE_UINT));
  87 }
  88
  89 // ###################################################################
  90
  91 if ($_REQUEST['do'] == 'edit')
  92 {
  93         $bugsys->input_clean_array(array(
  94                 'usergroupid'   => TYPE_UINT,
  95                 'productid'             => TYPE_UINT
  96         ));
  97         $perm = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $bugsys->in['usergroupid'] . " AND productid = " . $bugsys->in['productid']);
  98         $usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . $bugsys->in['usergroupid']);
  99         $product = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = " . $bugsys->in['productid']);
 100
 101         if (!$usergroup OR !$product)
 102         {
 103                 $admin->error($lang->getlex('error_invalid_id'));
 104         }
 105
 106         $admin->page_start($lang->string('Edit Permissions'));
 107
 108         $admin->form_start('permission.php', 'update');
 109         $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
 110         $admin->form_hidden_field('productid', $product['productid']);
 111
 112         // determine the value to work off of
 113         if ($perm)
 114         {
 115                 $mask = $perm['mask'];
 116         }
 117         else
 118         {
 119                 $mask = $usergroup['permissions'];
 120         }
 121
 122         // Permission
 123         $admin->table_start();
 124         $admin->table_head(sprintf($lang->string('Permissions: %1$s - %2$s'), $usergroup['title'], $product['title']));
 125
 126         foreach ($permissions AS $group => $settings)
 127         {
 128                 $admin->row_span($group, 'thead', 'center');
 129                 foreach ($settings AS $setting => $name)
 130                 {
 131                         $admin->row_yesno($name, "perm[$setting]", ($mask & $bugsys->permissions["$setting"]));
 132                 }
 133         }
 134
 135         $admin->row_submit();
 136         $admin->table_end();
 137         $admin->form_end();
 138         $admin->page_end();
 139 }
 140
 141 // ###################################################################
 142
 143 if ($_POST['do'] == 'update')
 144 {
 145         $bugsys->input_clean_array(array(
 146                 'perm'                  => TYPE_UINT,
 147                 'usergroupid'   => TYPE_UINT,
 148                 'productid'             => TYPE_UINT
 149         ));
 150         foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch)
 151         {
 152                 $permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch;
 153         }
 154
 155         $db->query("
 156                 REPLACE INTO " . TABLE_PREFIX . "permission
 157                         (usergroupid, productid, mask)
 158                 VALUES
 159                         (" . $bugsys->in['usergroupid'] . ",
 160                         " . $bugsys->in['productid'] . ",
 161                         $permissionvalue
 162                 )"
 163         );
 164
 165         build_permissions();
 166
 167         $admin->redirect('permission.php?do=modify&usergroupid=' . $bugsys->in['usergroupid']);
 168 }
 169
 170 // ###################################################################
 171
 172 if ($_REQUEST['do'] == 'modify')
 173 {
 174         $admin->page_start($lang->string('Permission Manager'));
 175
 176         $admin->table_start();
 177         $admin->table_head($lang->string('Permission Manager'));
 178
 179         $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
 180         while ($group = $db->fetch_array($groups))
 181         {
 182                 $usergroups["$group[usergroupid]"] = $group;
 183         }
 184         $db->free_result($groups);
 185
 186         foreach ($usergroups AS $group)
 187         {
 188                 $admin->row_text($group['title'], ($bugsys->in['usergroupid'] != $group['usergroupid'] ? "<a href=\"permission.php?do=modify&amp;usergroupid=$group[usergroupid]\">[" . $lang->string('Expand') . "]</a>" : ''), 'top', 2, 'alt3');
 189
 190                 if ($bugsys->in['usergroupid'] == $group['usergroupid'])
 191                 {
 192                         $permissions_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = $group[usergroupid]");
 193                         while ($permission = $db->fetch_array($permissions_fetch))
 194                         {
 195                                 $permissions["$permission[productid]"] = $permission['mask'];
 196                         }
 197
 198                         $products_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE !componentmother ORDER BY displayorder ASC");
 199                         while ($product = $db->fetch_array($products_fetch))
 200                         {
 201                                 $groupid = $group['usergroupid'];
 202                                 $prodid = $product['productid'];
 203
 204                                 if (!isset($permissions["$product[productid]"]))
 205                                 {
 206                                         $statuslink = $lang->string('Inherited From Usergroup Settings: ');
 207                                         $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Customize') . ']</a>';
 208                                 }
 209                                 else
 210                                 {
 211                                         $statuslink = $lang->string('Customized: ');
 212                                         $statuslink .= "<a href=\"permission.php?do=edit&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Edit') . ']</a>';
 213                                         $statuslink .= " <a href=\"permission.php?do=delete&amp;usergroupid=$groupid&amp;productid=$prodid\">[" . $lang->string('Revert') . ']</a>';
 214                                 }
 215
 216                                 $admin->row_text($product['title'], $statuslink);
 217                         }
 218                 }
 219         }
 220
 221         $admin->table_end();
 222
 223         $admin->page_end();
 224 }
 225
 226 /*=====================================================================*\
 227 || ###################################################################
 228 || # $HeadURL$
 229 || # $Id$
 230 || ###################################################################
 231 \*=====================================================================*/
 232 ?>