https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r239: Most of the custom bug field permissions are worked out now. The only thing...
[bugdar.git] / admin / usergroup.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 require_once('./global.php');
14 require_once('./includes/functions_datastore.php');
15
16 if (!can_perform('canadmingroups'))
17 {
18 admin_login();
19 }
20
21 // ###################################################################
22
23 if (empty($_REQUEST['do']))
24 {
25 $_REQUEST['do'] = 'modify';
26 }
27
28 // ###################################################################
29
30 if ($_REQUEST['do'] == 'kill')
31 {
32 if ($bugsys->in['usergroupid'] < 7)
33 {
34 $admin->error(phrase('cant_delete_default_usergroup'));
35 }
36
37 $db->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
38 $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
39
40 build_usergroups();
41 build_assignedto();
42
43 $admin->redirect('usergroup.php?do=modify');
44 }
45
46 // ###################################################################
47
48 if ($_REQUEST['do'] == 'delete')
49 {
50 if ($bugsys->in['usergroupid'] < 7)
51 {
52 $admin->error(phrase('cant_delete_default_usergroup'));
53 }
54
55 $admin->page_confirm(phrase('confirm_delete_usergroup'), 'usergroup.php?do=kill&amp;usergroupid=' . intval($bugsys->in['usergroupid']));
56 }
57
58 // ###################################################################
59
60 if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit')
61 {
62 $add = (($_REQUEST['do'] == 'add') ? true : false);
63 $edit = (($_REQUEST['do'] == 'edit') ? true : false);
64
65 $admin->page_start((($add) ? phrase('new_usergroup') : phrase('edit_usergroup')));
66
67 $admin->form_start('usergroup.php', (($add) ? 'insert' : 'update'));
68
69 if ($edit)
70 {
71 $usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
72 if (!is_array($usergroup))
73 {
74 $admin->error(phrase('error_invalid_id'));
75 }
76
77 $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
78 }
79 else
80 {
81 $usergroup['permissions'] = 319;
82 }
83
84 // Details
85 $admin->table_start();
86 $admin->table_head(phrase('usergroup_details'));
87 $admin->row_input(phrase('usergroup_title'), 'title', $bugsys->sanitize($usergroup['title']));
88 $admin->row_input(phrase('usergroup_display_title'), 'displaytitle', $bugsys->sanitize($usergroup['displaytitle']));
89 $admin->row_input(phrase('usergroup_open_markup'), 'opentag', $bugsys->sanitize($usergroup['opentag']));
90 $admin->row_input(phrase('usergroup_close_markup'), 'closetag', $bugsys->sanitize($usergroup['closetag']));
91 $admin->table_end();
92
93 // Permission
94 $admin->table_start();
95
96 // define permissions as groups
97 $permissions = array(
98 'general' => array(
99 'canviewbugs',
100 'canviewhidden',
101 'cansearch',
102 'cansubscribe',
103 'canbeassignedto'),
104 'posting' => array(
105 'canvote',
106 'cansubmitbugs',
107 'canpostcomments',
108 'cangetattach',
109 'canputattach',
110 'caneditattach'),
111 'moderation' => array(
112 'caneditown',
113 'caneditothers',
114 'caneditinfo',
115 'canassign',
116 'canchangestatus'),
117 'admin' => array(
118 'canadminpanel',
119 'canadminbugs',
120 'canadminfields',
121 'canadminversions',
122 'canadminusers',
123 'canadmingroups',
124 'canadmintools')
125 );
126
127 $admin->table_head(phrase('usergroup_permission_settings'));
128
129 foreach ($permissions AS $group => $settings)
130 {
131 $admin->row_span(phrase("permissions_group_$group"), 'thead', 'center');
132 foreach ($settings AS $setting)
133 {
134 $admin->row_yesno(phrase("permissions_$setting"), "perm[$setting]", ($usergroup['permissions'] & $_PERMISSION["$setting"]));
135 }
136 }
137
138 $admin->table_end();
139
140 // custom field permissions
141 $admin->table_start();
142 $admin->table_head('Custom Field Permissions');
143
144 if ($edit)
145 {
146 $perms = $db->query("SELECT fieldid, mask FROM " . TABLE_PREFIX . "bugfieldpermission WHERE usergroupid = $usergroup[usergroupid]");
147 while ($perm = $db->fetch_array($perms))
148 {
149 $permissions["$perm[fieldid]"] = $perm['mask'];
150 }
151 }
152
153 $fields = $db->query("SELECT fieldid, shortname, name FROM " . TABLE_PREFIX . "bugfield ORDER BY fieldid");
154 while ($field = $db->fetch_array($fields))
155 {
156 unset($listitem);
157 $admin->list_item('No Permission', 0, $permissions["$field[fieldid]"] == 0);
158 $admin->list_item('Can View Field', 1, $permissions["$field[fieldid]"] == 1);
159 $admin->list_item('Can View, Edit Field', 2, $permissions["$field[fieldid]"] == 2);
160 $admin->row_list($field['name'], "custom[$field[fieldid]]");
161 }
162
163 $admin->table_end();
164
165 // Submit
166 $admin->table_start();
167 $admin->row_submit();
168 $admin->table_end();
169
170 $admin->form_end();
171
172 $admin->page_end();
173 }
174
175 // ###################################################################
176
177 if ($_POST['do'] == 'insert')
178 {
179 foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
180 {
181 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
182 }
183
184 $db->query("
185 INSERT INTO " . TABLE_PREFIX . "usergroup
186 (title, displaytitle, opentag, closetag, permissions)
187 VALUES
188 ('" . $bugsys->in['title'] . "', '" . $bugsys->in['displaytitle'] . "',
189 '" . $bugsys->in['opentag'] . "', '" . $bugsys->in['closetag'] . "',
190 $permissionvalue
191 )"
192 );
193
194 $ugroupid = $db->insert_id();
195
196 build_usergroups();
197
198 foreach ($_POST['custom'] AS $fieldid => $mask)
199 {
200 $values[] = "$ugroupid, " . intval($fieldid) . ", " . intval($mask);
201 }
202
203 $db->query("
204 INSERT INTO " . TABLE_PREFIX . "bugfieldpermission
205 (usergroupid, fieldid, mask)
206 VALUES
207 (" . implode("\n\t\t\t", $values) . "
208 )"
209 );
210
211 $admin->redirect('usergroup.php?do=modify');
212 }
213
214 // ###################################################################
215
216 if ($_POST['do'] == 'update')
217 {
218 foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
219 {
220 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
221 }
222
223 $db->query("
224 UPDATE " . TABLE_PREFIX . "usergroup
225 SET title = '" . $bugsys->in['title'] . "',
226 displaytitle = '" . $bugsys->in['displaytitle'] . "',
227 opentag = '" . $bugsys->unsanitize($bugsys->in['opentag']) . "',
228 closetag = '" . $bugsys->unsanitize($bugsys->in['closetag']) . "',
229 permissions = $permissionvalue
230 WHERE usergroupid = " . intval($bugsys->in['usergroupid'])
231 );
232
233 build_usergroups();
234 build_assignedto();
235
236 $ugroupid = intval($bugsys->in['usergroupid']);
237 foreach ($_POST['custom'] AS $fieldid => $mask)
238 {
239 $values[] = "$ugroupid, " . intval($fieldid) . ", " . intval($mask);
240 }
241
242 $db->query("
243 REPLACE INTO " . TABLE_PREFIX . "bugfieldpermission
244 (usergroupid, fieldid, mask)
245 VALUES
246 (" . implode("),\n\t\t\t(", $values) . ")"
247 );
248
249
250 $admin->redirect('usergroup.php?do=modify');
251 }
252
253 // ###################################################################
254
255 if ($_REQUEST['do'] == 'modify')
256 {
257 $admin->page_start(phrase('usergroup_manager'));
258
259 $admin->form_start('usergroup.php', 'null');
260 $admin->table_start();
261 $admin->table_head(phrase('usergroup_manager'), 3);
262
263 $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
264 while ($group = $db->fetch_array($groups))
265 {
266 $usergroups["$group[usergroupid]"] = $group;
267 }
268 $db->free_result($groups);
269
270 $groups = $db->query("
271 SELECT COUNT(user.userid) AS total, user.usergroupid
272 FROM " . TABLE_PREFIX . "user AS user
273 LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
274 GROUP BY usergroup.usergroupid
275 ORDER BY usergroup.usergroupid"
276 );
277 while ($group = $db->fetch_array($groups))
278 {
279 $usergroups["$group[usergroupid]"]['total'] = $group['total'];
280 }
281
282 $admin->table_column_head(array(phrase('usergroup'), phrase('number_of_users'), phrase('action')));
283 foreach ($usergroups AS $group)
284 {
285 $admin->row_multi_item(array("<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l', ((!$group['total']) ? '-' : $group['total']) => 'c', "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">" . phrase('edit_wraplink') . "</a>" . (($group['usergroupid'] > 6) ? "<a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">" . phrase('delete_wraplink') . "</a>" : '') => 'c'));
286 }
287
288 $admin->row_span('<input type="button" name="addug" value=" ' . phrase('add_new_usergroup') . ' " onclick="window.location = \'usergroup.php?do=add\';" />', 'tfoot', 'center', 3);
289 $admin->table_end();
290 $admin->form_end();
291
292 $admin->page_end();
293 }
294
295 /*=====================================================================*\
296 || ###################################################################
297 || # $HeadURL$
298 || # $Id$
299 || ###################################################################
300 \*=====================================================================*/
301 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.