https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove includes/class_api_error.php and all of the places we require() it
[bugdar.git] / admin / usergroup.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar
5 || # Copyright ©2002-2007 Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version 2 of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once('./global.php');
23 require_once('./includes/api_usergroup.php');
24
25 APIError(array(new API_Error_Handler($admin), 'admin_error'));
26
27 NavLinks::usersPages();
28 $navigator->set_focus('tab', 'users', null);
29
30 if (!can_perform('canadmingroups'))
31 {
32 admin_login();
33 }
34
35 // ###################################################################
36 // define permissions as groups
37
38 $permissions = array(
39 T('General Permissions') => array(
40 'canviewbugs' => T('Can View Bugs'),
41 'canviewhidden' => T('Can View Hidden Bugs and Comments'),
42 'canviewownhidden' => T('Can View Own Hidden Bugs'),
43 'cansearch' => T('Can Search Bugs'),
44 'cansubscribe' => T('Can Subscribe to Bugs'),
45 'canbeassignedto' => T('Can Be Assigned Bugs')
46 ),
47
48 T('Posting/Submitting Permissions') => array(
49 'canvote' => T('Can Vote on Polls'),
50 'cansubmitbugs' => T('Can Submit Bugs'),
51 'canpostcomments' => T('Can Post Comments'),
52 'cangetattach' => T('Can View Attachments'),
53 'canputattach' => T('Can Upload/Edit Own Attachments'),
54 'caneditattach' => T('Can Manage All Attachments')
55 ),
56
57 T('Moderation/Managment Permissions') => array(
58 'caneditown' => T('Can Edit Own Bugs'),
59 'caneditother' => T('Can Edit Others\' Bugs'),
60 'caneditownreply' => T('Can Edit Own Comments'),
61 'caneditotherreply' => T('Can Edit Others\' Comments'),
62 'canassign' => T('Can Assign Bugs'),
63 'canchangestatus' => T('Can Change Status'),
64 'candeletedata' => T('Can Delete Bugs and Comments')
65 ),
66
67 T('Administrator Permissions') => array(
68 'canadminpanel' => T('Can Access Control Panel'),
69 'canadminbugs' => T('Can Administer Bug Reports'),
70 'canadminfields' => T('Can Administer Additional Bug Fields'),
71 'canadminversions' => T('Can Administer Products / Components / Versions'),
72 'canadminusers' => T('Can Administer Users'),
73 'canadmingroups' => T('Can Administer Usergroups'),
74 'canadmintools' => T('Can Administer Settings / Maintenance Tools')
75 )
76 );
77
78 // ###################################################################
79
80 if (empty($_REQUEST['do']))
81 {
82 $_REQUEST['do'] = 'modify';
83 }
84
85 // ###################################################################
86
87 if ($_REQUEST['do'] == 'kill')
88 {
89 $usergroup = new UsergroupAPI();
90 $usergroup->set('usergroupid', $input->in['usergroupid']);
91 $usergroup->set_condition();
92 $usergroup->delete();
93
94 $admin->redirect('usergroup.php?do=modify');
95 }
96
97 // ###################################################################
98
99 if ($_REQUEST['do'] == 'delete')
100 {
101 if ($input->in['usergroupid'] < 7)
102 {
103 $admin->error(T('You can\'t delete a default usergroup.'));
104 }
105
106 $admin->page_confirm(T('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).'), 'usergroup.php', 'kill', array('usergroupid' => $input->in['usergroupid']));
107 }
108
109 // ###################################################################
110
111 if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == 'clone')
112 {
113 $clone = ($_REQUEST['do'] == 'clone');
114 $add = ($_REQUEST['do'] == 'add' OR $clone);
115 $edit = !$add;
116
117 if ($edit)
118 {
119 NavLinks::usergroupsEdit($input->in['usergroupid']);
120 $navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
121 }
122 else
123 {
124 NavLinks::usergroupsAdd();
125 $navigator->set_focus('link', 'usergroups-add', 'usergroups');
126 }
127
128 $admin->page_start(($add ? T('New Usergroup') : T('Edit Usergroup')));
129
130 $admin->form_start('usergroup.php', ($add ? 'insert' : 'update'));
131
132 if ($edit OR $clone)
133 {
134 $usergroup = new UsergroupAPI();
135 $usergroup->set('usergroupid', $input->in['usergroupid']);
136 $usergroup->set_condition();
137 $usergroup->fetch();
138
139 if ($clone)
140 {
141 $admin->form_hidden_field('cloneid', $usergroup->record['usergroupid']);
142 }
143 else
144 {
145 $admin->form_hidden_field('usergroupid', $usergroup->record['usergroupid']);
146 }
147 }
148 else
149 {
150 $usergroup['permissions'] = 319;
151 }
152
153 // Details
154 $admin->table_start();
155 $admin->table_head(T('Usergroup Details'));
156 $admin->row_input(T('Usergroup Title'), 'title', (($add AND $clone) ? '' : $bugsys->sanitize($usergroup->record['title'])));
157 $admin->row_input(T('Display Title<div><dfn>This is the title that others will be able to see when comments are posted.</dfn></div>'), 'displaytitle', (($add AND $clone) ? '' : $bugsys->sanitize($usergroup->record['displaytitle'])));
158 $admin->table_end();
159
160 // Permission
161 $admin->table_start();
162
163 $admin->table_head(T('Permission Settings'));
164
165 foreach ($permissions AS $group => $settings)
166 {
167 $admin->row_span($group, 'thead', 'center');
168 foreach ($settings AS $setting => $name)
169 {
170 $admin->row_yesno($name, "perm[$setting]", ($usergroup->record['permissions'] & bugdar::$permissions["$setting"]));
171 }
172 }
173
174 $admin->table_end();
175
176 // custom field permissions
177 $admin->table_start();
178 $admin->table_head(T('Custom Field Permissions'));
179
180 if ($edit OR $clone)
181 {
182 $perms = $db->query("SELECT fieldid, mask FROM " . TABLE_PREFIX . "bugfieldpermission WHERE usergroupid = " . $usergroup->record['usergroupid']);
183 foreach ($perms as $perm)
184 {
185 $permissions["$perm[fieldid]"] = $perm['mask'];
186 }
187 }
188
189 $fields = $db->query("SELECT fieldid, name FROM " . TABLE_PREFIX . "bugfield ORDER BY fieldid");
190 foreach ($fields as $field)
191 {
192 unset($listitem);
193 $admin->list_item(T('No Permission'), 0, $permissions["$field[fieldid]"] == 0);
194 $admin->list_item(T('Can View Field'), 1, $permissions["$field[fieldid]"] == 1);
195 $admin->list_item(T('Can View, Edit Field'), 2, $permissions["$field[fieldid]"] == 2);
196 $admin->row_list($field['name'], "custom[$field[fieldid]]");
197 }
198
199 $admin->table_end();
200
201 // Submit
202 $admin->table_start();
203 $admin->row_submit();
204 $admin->table_end();
205
206 $admin->form_end();
207
208 $admin->page_end();
209 }
210
211 // ###################################################################
212
213 if ($_POST['do'] == 'insert')
214 {
215 $input->inputClean('perm', TYPE_UINT);
216 foreach ($input->in['perm'] AS $permtitle => $binaryswitch)
217 {
218 $permissionvalue += bugdar::$permissions["$permtitle"] * $binaryswitch;
219 }
220
221 $usergroup = new UsergroupAPI();
222 $usergroup->set('title', $input->in['title']);
223 $usergroup->set('displaytitle', $input->in['displaytitle']);
224 $usergroup->set('permissions', $permissionvalue);
225 $usergroup->insert();
226
227 $input->inputClean('custom', TYPE_UINT);
228 if (is_array($input->in['custom']))
229 {
230 foreach ($input->in['custom'] AS $fieldid => $mask)
231 {
232 $values[] = $usergroup->insertid . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
233 }
234 }
235
236 if (is_array($values))
237 {
238 $db->query("
239 INSERT INTO " . TABLE_PREFIX . "bugfieldpermission
240 (usergroupid, fieldid, mask)
241 VALUES
242 (" . implode("),\n\t\t\t(", $values) . "
243 )"
244 );
245 }
246
247 // copy product permissions from cloning
248 if ($input->inputClean('cloneid', TYPE_UINT))
249 {
250 $prodperms = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $input->in['cloneid']);
251 foreach ($prodperms as $prod)
252 {
253 $db->query("INSERT INTO " . TABLE_PREFIX . "permission (usergroupid, productid, mask) VALUES (" . $usergroup->insertid . ", $prod[productid], $prod[mask])");
254 }
255 build_permissions();
256 }
257
258 $admin->redirect('usergroup.php?do=modify');
259 }
260
261 // ###################################################################
262
263 if ($_POST['do'] == 'update')
264 {
265 $input->inputClean_array(array(
266 'perm' => TYPE_UINT,
267 'usergroupid' => TYPE_UINT,
268 'custom' => TYPE_UINT
269 ));
270 $input->inputClean('perm', TYPE_UINT);
271 foreach ($input->in['perm'] AS $permtitle => $binaryswitch)
272 {
273 $permissionvalue += bugdar::$permissions["$permtitle"] * $binaryswitch;
274 }
275
276 $usergroup = new UsergroupAPI();
277 $usergroup->set('usergroupid', $input->in['usergroupid']);
278 $usergroup->set_condition();
279 $usergroup->set('title', $input->in['title']);
280 $usergroup->set('displaytitle', $input->in['displaytitle']);
281 $usergroup->set('permissions', $permissionvalue);
282 $usergroup->update();
283
284 $input->inputClean('custom', TYPE_UINT);
285 if (is_array($input->in['custom']))
286 {
287 foreach ($input->in['custom'] AS $fieldid => $mask)
288 {
289 $values[] = $usergroup->values['usergroupid'] . ", " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
290 }
291 }
292
293 if (is_array($values))
294 {
295 $db->query("
296 REPLACE INTO " . TABLE_PREFIX . "bugfieldpermission
297 (usergroupid, fieldid, mask)
298 VALUES
299 (" . implode("),\n\t\t\t(", $values) . ")"
300 );
301 }
302
303
304 $admin->redirect('usergroup.php?do=modify');
305 }
306
307 // ###################################################################
308
309 if ($_POST['do'] == 'doapprove')
310 {
311 $input->inputClean('approve', TYPE_UINT);
312
313 $idlist = array();
314 if (is_array($input->in['approve']))
315 {
316 foreach ($input->in['approve'] AS $id => $yesno)
317 {
318 if ($yesno > 0)
319 {
320 $idlist[] = $bugsys->clean($id, TYPE_UINT);
321 }
322 }
323 }
324
325 // load the template system...
326 $bugsys->load('template_fs', 'template', true);
327 $template->setExtension('tpl');
328 $template->setTemplateDir('templates/');
329 $template->setDatabaseCache(TABLE_PREFIX . 'template');
330
331 if (sizeof($idlist) > 0)
332 {
333 $users = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid IN (" . implode(',', $idlist) . ")");
334 foreach ($users as $user)
335 {
336 $tpl = $template->fetch(FetchEmailPath('accountapproved.xml', bugdar::$datastore['language'][bugdar::$options['defaultlanguage']]['langcode']));
337 eval('$email = "' . $tpl . '";');
338 $email = $bugsys->xml->parse($email);
339 $mail->setSubject($email['email']['subject']['value']);
340 $mail->setBodyText($email['email']['bodyText']['value']);
341 $mail->send($user['email'], $user['displayname']);
342 }
343
344 $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE userid IN (" . implode(',', $idlist) . ")");
345 }
346
347 $admin->redirect('usergroup.php', T('The selected users have been promoted to the "Registered" usergroup.'));
348 }
349
350 // ###################################################################
351
352 if ($_REQUEST['do'] == 'approve')
353 {
354 NavLinks::usergroupsAdd();
355 $navigator->set_focus('link', 'usergroups-approve', 'usergroups');
356
357 $admin->page_start(T('Moderate Awaiting Users'), 3);
358
359 $admin->form_start('usergroup.php', 'doapprove');
360 $admin->table_start();
361 $admin->table_head(T('Moderate Un-Approved Users'), 3);
362
363 $admin->table_column_head(array(T('Display Name'), T('Usergroup'), T('Approve')));
364
365 $users = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE usergroupid IN (3, 4)");
366 foreach ($users as $user)
367 {
368 $admin->row_multi_item(array(
369 '<a href="user.php?do=edit&amp;userid=' . $user['userid'] . '">' . $user['email'] . '</a>' => 'l',
370 bugdar::$datastore['usergroup']["$user[usergroupid]"]['title'] => 'c',
371 '<input name="approve[' . $user['userid'] . ']" type="checkbox" value="1" />' => 'c'
372 ));
373 }
374
375 $admin->row_submit(false, ':save:', ':reset:', 3);
376 $admin->table_end();
377 $admin->form_end();
378
379 $admin->page_end();
380 }
381
382 // ###################################################################
383
384 if ($_REQUEST['do'] == 'modify')
385 {
386 NavLinks::usergroupsAdd();
387 $navigator->set_focus('link', 'users-pages-usergroups', 'users-pages');
388
389 $admin->page_start(T('Usergroup Manager'));
390
391 $admin->form_start('usergroup.php', 'null');
392 $admin->table_start();
393 $admin->table_head(T('Usergroup Manager'), 3, 'usergroups');
394
395 $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
396 foreach ($groups as $group)
397 {
398 $usergroups["$group[usergroupid]"] = $group;
399 }
400 $db->free_result($groups);
401
402 $groups = $db->query("
403 SELECT COUNT(user.userid) AS total, user.usergroupid
404 FROM " . TABLE_PREFIX . "user AS user
405 LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
406 GROUP BY usergroup.usergroupid
407 ORDER BY usergroup.usergroupid"
408 );
409 foreach ($groups as $group)
410 {
411 $usergroups["$group[usergroupid]"]['total'] = $group['total'];
412 }
413
414 $admin->table_column_head(array(T('Usergroup'), T('Number of Users'), T('Action')));
415 foreach ($usergroups AS $group)
416 {
417 $admin->row_multi_item(array(
418 "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l',
419 (!$group['total'] ? '-' : $group['total']) => 'c',
420
421 "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">[" . T('Edit') . "]</a> " .
422 "<a href=\"usergroup.php?do=clone&amp;usergroupid=$group[usergroupid]\">[" . T('Clone') . "]</a>" .
423 ($group['usergroupid'] > 6 ? " <a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">[" . T('Delete') . "]</a>" : '') => 'c'
424 ));
425 }
426
427 $admin->table_end();
428 $admin->form_end();
429
430 $admin->page_end();
431 }
432
433 /*=====================================================================*\
434 || ###################################################################
435 || # $HeadURL$
436 || # $Id$
437 || ###################################################################
438 \*=====================================================================*/
439 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.