https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Changing $bugsys->permissions[] to bugdar::$permissions[]
[bugdar.git] / admin / usergroup.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar
5 || # Copyright ©2002-2007 Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version 2 of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once('./global.php');
23 require_once('./includes/api_usergroup.php');
24
25 require_once('./includes/class_api_error.php');
26 APIError(array(new API_Error_Handler($admin), 'admin_error'));
27
28 NavLinks::usersPages();
29 $navigator->set_focus('tab', 'users', null);
30
31 if (!can_perform('canadmingroups'))
32 {
33 admin_login();
34 }
35
36 // ###################################################################
37 // define permissions as groups
38
39 $permissions = array(
40 T('General Permissions') => array(
41 'canviewbugs' => T('Can View Bugs'),
42 'canviewhidden' => T('Can View Hidden Bugs and Comments'),
43 'canviewownhidden' => T('Can View Own Hidden Bugs'),
44 'cansearch' => T('Can Search Bugs'),
45 'cansubscribe' => T('Can Subscribe to Bugs'),
46 'canbeassignedto' => T('Can Be Assigned Bugs')
47 ),
48
49 T('Posting/Submitting Permissions') => array(
50 'canvote' => T('Can Vote on Polls'),
51 'cansubmitbugs' => T('Can Submit Bugs'),
52 'canpostcomments' => T('Can Post Comments'),
53 'cangetattach' => T('Can View Attachments'),
54 'canputattach' => T('Can Upload/Edit Own Attachments'),
55 'caneditattach' => T('Can Manage All Attachments')
56 ),
57
58 T('Moderation/Managment Permissions') => array(
59 'caneditown' => T('Can Edit Own Bugs'),
60 'caneditother' => T('Can Edit Others\' Bugs'),
61 'caneditownreply' => T('Can Edit Own Comments'),
62 'caneditotherreply' => T('Can Edit Others\' Comments'),
63 'canassign' => T('Can Assign Bugs'),
64 'canchangestatus' => T('Can Change Status'),
65 'candeletedata' => T('Can Delete Bugs and Comments')
66 ),
67
68 T('Administrator Permissions') => array(
69 'canadminpanel' => T('Can Access Control Panel'),
70 'canadminbugs' => T('Can Administer Bug Reports'),
71 'canadminfields' => T('Can Administer Additional Bug Fields'),
72 'canadminversions' => T('Can Administer Products / Components / Versions'),
73 'canadminusers' => T('Can Administer Users'),
74 'canadmingroups' => T('Can Administer Usergroups'),
75 'canadmintools' => T('Can Administer Settings / Maintenance Tools')
76 )
77 );
78
79 // ###################################################################
80
81 if (empty($_REQUEST['do']))
82 {
83 $_REQUEST['do'] = 'modify';
84 }
85
86 // ###################################################################
87
88 if ($_REQUEST['do'] == 'kill')
89 {
90 $usergroup = new UsergroupAPI();
91 $usergroup->set('usergroupid', $input->in['usergroupid']);
92 $usergroup->set_condition();
93 $usergroup->delete();
94
95 $admin->redirect('usergroup.php?do=modify');
96 }
97
98 // ###################################################################
99
100 if ($_REQUEST['do'] == 'delete')
101 {
102 if ($input->in['usergroupid'] < 7)
103 {
104 $admin->error(T('You can\'t delete a default usergroup.'));
105 }
106
107 $admin->page_confirm(T('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).'), 'usergroup.php', 'kill', array('usergroupid' => $input->in['usergroupid']));
108 }
109
110 // ###################################################################
111
112 if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == 'clone')
113 {
114 $clone = ($_REQUEST['do'] == 'clone');
115 $add = ($_REQUEST['do'] == 'add' OR $clone);
116 $edit = !$add;
117
118 if ($edit)
119 {
120 NavLinks::usergroupsEdit($input->in['usergroupid']);
121 $navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
122 }
123 else
124 {
125 NavLinks::usergroupsAdd();
126 $navigator->set_focus('link', 'usergroups-add', 'usergroups');
127 }
128
129 $admin->page_start(($add ? T('New Usergroup') : T('Edit Usergroup')));
130
131 $admin->form_start('usergroup.php', ($add ? 'insert' : 'update'));
132
133 if ($edit OR $clone)
134 {
135 $usergroup = new UsergroupAPI();
136 $usergroup->set('usergroupid', $input->in['usergroupid']);
137 $usergroup->set_condition();
138 $usergroup->fetch();
139
140 if ($clone)
141 {
142 $admin->form_hidden_field('cloneid', $usergroup->record['usergroupid']);
143 }
144 else
145 {
146 $admin->form_hidden_field('usergroupid', $usergroup->record['usergroupid']);
147 }
148 }
149 else
150 {
151 $usergroup['permissions'] = 319;
152 }
153
154 // Details
155 $admin->table_start();
156 $admin->table_head(T('Usergroup Details'));
157 $admin->row_input(T('Usergroup Title'), 'title', (($add AND $clone) ? '' : $bugsys->sanitize($usergroup->record['title'])));
158 $admin->row_input(T('Display Title<div><dfn>This is the title that others will be able to see when comments are posted.</dfn></div>'), 'displaytitle', (($add AND $clone) ? '' : $bugsys->sanitize($usergroup->record['displaytitle'])));
159 $admin->table_end();
160
161 // Permission
162 $admin->table_start();
163
164 $admin->table_head(T('Permission Settings'));
165
166 foreach ($permissions AS $group => $settings)
167 {
168 $admin->row_span($group, 'thead', 'center');
169 foreach ($settings AS $setting => $name)
170 {
171 $admin->row_yesno($name, "perm[$setting]", ($usergroup->record['permissions'] & bugdar::$permissions["$setting"]));
172 }
173 }
174
175 $admin->table_end();
176
177 // custom field permissions
178 $admin->table_start();
179 $admin->table_head(T('Custom Field Permissions'));
180
181 if ($edit OR $clone)
182 {
183 $perms = $db->query("SELECT fieldid, mask FROM " . TABLE_PREFIX . "bugfieldpermission WHERE usergroupid = " . $usergroup->record['usergroupid']);
184 foreach ($perms as $perm)
185 {
186 $permissions["$perm[fieldid]"] = $perm['mask'];
187 }
188 }
189
190 $fields = $db->query("SELECT fieldid, name FROM " . TABLE_PREFIX . "bugfield ORDER BY fieldid");
191 foreach ($fields as $field)
192 {
193 unset($listitem);
194 $admin->list_item(T('No Permission'), 0, $permissions["$field[fieldid]"] == 0);
195 $admin->list_item(T('Can View Field'), 1, $permissions["$field[fieldid]"] == 1);
196 $admin->list_item(T('Can View, Edit Field'), 2, $permissions["$field[fieldid]"] == 2);
197 $admin->row_list($field['name'], "custom[$field[fieldid]]");
198 }
199
200 $admin->table_end();
201
202 // Submit
203 $admin->table_start();
204 $admin->row_submit();
205 $admin->table_end();
206
207 $admin->form_end();
208
209 $admin->page_end();
210 }
211
212 // ###################################################################
213
214 if ($_POST['do'] == 'insert')
215 {
216 $input->inputClean('perm', TYPE_UINT);
217 foreach ($input->in['perm'] AS $permtitle => $binaryswitch)
218 {
219 $permissionvalue += bugdar::$permissions["$permtitle"] * $binaryswitch;
220 }
221
222 $usergroup = new UsergroupAPI();
223 $usergroup->set('title', $input->in['title']);
224 $usergroup->set('displaytitle', $input->in['displaytitle']);
225 $usergroup->set('permissions', $permissionvalue);
226 $usergroup->insert();
227
228 $input->inputClean('custom', TYPE_UINT);
229 if (is_array($input->in['custom']))
230 {
231 foreach ($input->in['custom'] AS $fieldid => $mask)
232 {
233 $values[] = $usergroup->insertid . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
234 }
235 }
236
237 if (is_array($values))
238 {
239 $db->query("
240 INSERT INTO " . TABLE_PREFIX . "bugfieldpermission
241 (usergroupid, fieldid, mask)
242 VALUES
243 (" . implode("),\n\t\t\t(", $values) . "
244 )"
245 );
246 }
247
248 // copy product permissions from cloning
249 if ($input->inputClean('cloneid', TYPE_UINT))
250 {
251 $prodperms = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $input->in['cloneid']);
252 foreach ($prodperms as $prod)
253 {
254 $db->query("INSERT INTO " . TABLE_PREFIX . "permission (usergroupid, productid, mask) VALUES (" . $usergroup->insertid . ", $prod[productid], $prod[mask])");
255 }
256 build_permissions();
257 }
258
259 $admin->redirect('usergroup.php?do=modify');
260 }
261
262 // ###################################################################
263
264 if ($_POST['do'] == 'update')
265 {
266 $input->inputClean_array(array(
267 'perm' => TYPE_UINT,
268 'usergroupid' => TYPE_UINT,
269 'custom' => TYPE_UINT
270 ));
271 $input->inputClean('perm', TYPE_UINT);
272 foreach ($input->in['perm'] AS $permtitle => $binaryswitch)
273 {
274 $permissionvalue += bugdar::$permissions["$permtitle"] * $binaryswitch;
275 }
276
277 $usergroup = new UsergroupAPI();
278 $usergroup->set('usergroupid', $input->in['usergroupid']);
279 $usergroup->set_condition();
280 $usergroup->set('title', $input->in['title']);
281 $usergroup->set('displaytitle', $input->in['displaytitle']);
282 $usergroup->set('permissions', $permissionvalue);
283 $usergroup->update();
284
285 $input->inputClean('custom', TYPE_UINT);
286 if (is_array($input->in['custom']))
287 {
288 foreach ($input->in['custom'] AS $fieldid => $mask)
289 {
290 $values[] = $usergroup->values['usergroupid'] . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
291 }
292 }
293
294 if (is_array($values))
295 {
296 $db->query("
297 REPLACE INTO " . TABLE_PREFIX . "bugfieldpermission
298 (usergroupid, fieldid, mask)
299 VALUES
300 (" . implode("),\n\t\t\t(", $values) . ")"
301 );
302 }
303
304
305 $admin->redirect('usergroup.php?do=modify');
306 }
307
308 // ###################################################################
309
310 if ($_POST['do'] == 'doapprove')
311 {
312 $input->inputClean('approve', TYPE_UINT);
313
314 $idlist = array();
315 if (is_array($input->in['approve']))
316 {
317 foreach ($input->in['approve'] AS $id => $yesno)
318 {
319 if ($yesno > 0)
320 {
321 $idlist[] = $bugsys->clean($id, TYPE_UINT);
322 }
323 }
324 }
325
326 // load the template system...
327 $bugsys->load('template_fs', 'template', true);
328 $template->setExtension('tpl');
329 $template->setTemplateDir('templates/');
330 $template->setDatabaseCache(TABLE_PREFIX . 'template');
331
332 if (sizeof($idlist) > 0)
333 {
334 $users = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid IN (" . implode(',', $idlist) . ")");
335 foreach ($users as $user)
336 {
337 $tpl = $template->fetch(FetchEmailPath('accountapproved.xml', bugdar::$datastore['language'][bugdar::$options['defaultlanguage']]['langcode']));
338 eval('$email = "' . $tpl . '";');
339 $email = $bugsys->xml->parse($email);
340 $mail->setSubject($email['email']['subject']['value']);
341 $mail->setBodyText($email['email']['bodyText']['value']);
342 $mail->send($user['email'], $user['displayname']);
343 }
344
345 $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE userid IN (" . implode(',', $idlist) . ")");
346 }
347
348 $admin->redirect('usergroup.php', T('The selected users have been promoted to the "Registered" usergroup.'));
349 }
350
351 // ###################################################################
352
353 if ($_REQUEST['do'] == 'approve')
354 {
355 NavLinks::usergroupsAdd();
356 $navigator->set_focus('link', 'usergroups-approve', 'usergroups');
357
358 $admin->page_start(T('Moderate Awaiting Users'), 3);
359
360 $admin->form_start('usergroup.php', 'doapprove');
361 $admin->table_start();
362 $admin->table_head(T('Moderate Un-Approved Users'), 3);
363
364 $admin->table_column_head(array(T('Display Name'), T('Usergroup'), T('Approve')));
365
366 $users = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE usergroupid IN (3, 4)");
367 foreach ($users as $user)
368 {
369 $admin->row_multi_item(array(
370 '<a href="user.php?do=edit&amp;userid=' . $user['userid'] . '">' . $user['email'] . '</a>' => 'l',
371 bugdar::$datastore['usergroup']["$user[usergroupid]"]['title'] => 'c',
372 '<input name="approve[' . $user['userid'] . ']" type="checkbox" value="1" />' => 'c'
373 ));
374 }
375
376 $admin->row_submit(false, ':save:', ':reset:', 3);
377 $admin->table_end();
378 $admin->form_end();
379
380 $admin->page_end();
381 }
382
383 // ###################################################################
384
385 if ($_REQUEST['do'] == 'modify')
386 {
387 NavLinks::usergroupsAdd();
388 $navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
389
390 $admin->page_start(T('Usergroup Manager'));
391
392 $admin->form_start('usergroup.php', 'null');
393 $admin->table_start();
394 $admin->table_head(T('Usergroup Manager'), 3, 'usergroups');
395
396 $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
397 foreach ($groups as $group)
398 {
399 $usergroups["$group[usergroupid]"] = $group;
400 }
401 $db->free_result($groups);
402
403 $groups = $db->query("
404 SELECT COUNT(user.userid) AS total, user.usergroupid
405 FROM " . TABLE_PREFIX . "user AS user
406 LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
407 GROUP BY usergroup.usergroupid
408 ORDER BY usergroup.usergroupid"
409 );
410 foreach ($groups as $group)
411 {
412 $usergroups["$group[usergroupid]"]['total'] = $group['total'];
413 }
414
415 $admin->table_column_head(array(T('Usergroup'), T('Number of Users'), T('Action')));
416 foreach ($usergroups AS $group)
417 {
418 $admin->row_multi_item(array(
419 "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l',
420 (!$group['total'] ? '-' : $group['total']) => 'c',
421
422 "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">[" . T('Edit') . "]</a> " .
423 "<a href=\"usergroup.php?do=clone&amp;usergroupid=$group[usergroupid]\">[" . T('Clone') . "]</a>" .
424 ($group['usergroupid'] > 6 ? " <a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">[" . T('Delete') . "]</a>" : '') => 'c'
425 ));
426 }
427
428 $admin->table_end();
429 $admin->form_end();
430
431 $admin->page_end();
432 }
433
434 /*=====================================================================*\
435 || ###################################################################
436 || # $HeadURL$
437 || # $Id$
438 || ###################################################################
439 \*=====================================================================*/
440 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.