<?php
/*=====================================================================*\
|| ################################################################### ||
|| # BugStrike [#]version[#]
|| # --------------------------------------------------------------- # ||
|| # Copyright Š2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
|| # This file may not be reproduced in any way without permission.  # ||
|| # --------------------------------------------------------------- # ||
|| # User License Agreement at http://www.iris-studios.com/license/  # ||
|| ################################################################### ||
\*=====================================================================*/

require_once('./global.php');
require_once('./includes/functions_datastore.php');

if (!can_perform('canadmingroups'))
{
	admin_login();
}

// ###################################################################

if (empty($_REQUEST['do']))
{
	$_REQUEST['do'] = 'modify';
}

// ###################################################################

if ($_REQUEST['do'] == 'kill')
{
	if ($bugsys->in['usergroupid'] < 7)
	{
		$admin->error(lang::p('cant_delete_default_usergroup'));
	}
	
	$db->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
	$db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
	
	build_usergroups();
	build_assignedto();
	
	$admin->redirect('usergroup.php?do=modify');
}

// ###################################################################

if ($_REQUEST['do'] == 'delete')
{
	if ($bugsys->in['usergroupid'] < 7)
	{
		$admin->error(lang::p('cant_delete_default_usergroup'));
	}
	
	$admin->page_confirm(lang::p('confirm_delete_usergroup'), 'usergroup.php?do=kill&amp;usergroupid=' . intval($bugsys->in['usergroupid']));
}

// ###################################################################

if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit')
{
	$add = (($_REQUEST['do'] == 'add') ? true : false);
	$edit = (($_REQUEST['do'] == 'edit') ? true : false);
	
	$admin->page_start((($add) ? lang::p('new_usergroup') : lang::p('edit_usergroup')));
	
	$admin->form_start('usergroup.php', (($add) ? 'insert' : 'update'));
	
	if ($edit)
	{
		$usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . intval($bugsys->in['usergroupid']));
		if (!is_array($usergroup))
		{
			$admin->error(lang::p('error_invalid_id'));
		}
		
		$admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
	}
	else
	{
		$usergroup['permissions'] = 319;
	}	
	
	// Details
	$admin->table_start();
	$admin->table_head(lang::p('usergroup_details'));
	$admin->row_input(lang::p('usergroup_title'), 'title', $bugsys->sanitize($usergroup['title']));
	$admin->row_input(lang::p('usergroup_display_title'), 'displaytitle', $bugsys->sanitize($usergroup['displaytitle']));
	$admin->row_input(lang::p('usergroup_open_markup'), 'opentag', $bugsys->sanitize($usergroup['opentag']));
	$admin->row_input(lang::p('usergroup_close_markup'), 'closetag', $bugsys->sanitize($usergroup['closetag']));
	$admin->table_end();
	
	// Permission
	$admin->table_start();
	
	// define permissions as groups
	$permissions = array(
		'general' => array(
			'canviewbugs',
			'canviewhidden',
			'cansearch',
			'cansubscribe',
			'canbeassignedto'),
		'posting' => array(
			'canvote',
			'cansubmitbugs',
			'canpostcomments',
			'cangetattach',
			'canputattach',
			'caneditattach'),
		'moderation' => array(
			'caneditown',
			'caneditothers',
			'caneditinfo',
			'canassign',
			'canchangestatus'),
		'admin' => array(
			'canadminpanel',
			'canadminbugs',
			'canadminfields',
			'canadminversions',
			'canadminusers',
			'canadmingroups',
			'canadmintools')
	);
	
	$admin->table_head(lang::p('usergroup_permission_settings'));
	
	foreach ($permissions AS $group => $settings)
	{
		$admin->row_span(lang::p("permissions_group_$group"), 'thead', 'center');
		foreach ($settings AS $setting)
		{
			$admin->row_yesno(lang::p("permissions_$setting"), "perm[$setting]", ($usergroup['permissions'] & $_PERMISSION["$setting"]));
		}
	}
	
	$admin->table_end();
		
	// custom field permissions
	$admin->table_start();
	$admin->table_head(lang::r('Custom Field Permissions'));
	
	if ($edit)
	{
		$perms = $db->query("SELECT fieldid, mask FROM " . TABLE_PREFIX . "bugfieldpermission WHERE usergroupid = $usergroup[usergroupid]");
		while ($perm = $db->fetch_array($perms))
		{
			$permissions["$perm[fieldid]"] = $perm['mask'];
		}
	}
	
	$fields = $db->query("SELECT fieldid, name FROM " . TABLE_PREFIX . "bugfield ORDER BY fieldid");
	while ($field = $db->fetch_array($fields))
	{
		unset($listitem);
		$admin->list_item(lang::r('No Permission'), 0, $permissions["$field[fieldid]"] == 0);
		$admin->list_item(lang::r('Can View Field'), 1, $permissions["$field[fieldid]"] == 1);
		$admin->list_item(lang::r('Can View, Edit Field'), 2, $permissions["$field[fieldid]"] == 2);
		$admin->row_list($field['name'], "custom[$field[fieldid]]");
	}
	
	$admin->table_end();
	
	// Submit
	$admin->table_start();
	$admin->row_submit();
	$admin->table_end();
	
	$admin->form_end();
	
	$admin->page_end();
}

// ###################################################################

if ($_POST['do'] == 'insert')
{
	foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
	{
		$permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
	}
	
	$db->query("
		INSERT INTO " . TABLE_PREFIX . "usergroup
			(title, displaytitle, opentag, closetag, permissions)
		VALUES
			('" . $bugsys->in['title'] . "', '" . $bugsys->in['displaytitle'] . "',
			'" . $bugsys->in['opentag'] . "', '" . $bugsys->in['closetag'] . "',
			$permissionvalue
		)"
	);
	
	$ugroupid = $db->insert_id();
	
	build_usergroups();
	
	foreach ($_POST['custom'] AS $fieldid => $mask)
	{
		$values[] = "$ugroupid, " . intval($fieldid) . ", " . intval($mask);
	}
	
	$db->query("
		INSERT INTO " . TABLE_PREFIX . "bugfieldpermission
			(usergroupid, fieldid, mask)
		VALUES
			(" . implode("\n\t\t\t", $values) . "
		)"
	);
	
	$admin->redirect('usergroup.php?do=modify');
}

// ###################################################################

if ($_POST['do'] == 'update')
{
	foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
	{
		$permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
	}
	
	$db->query("
		UPDATE " . TABLE_PREFIX . "usergroup
		SET title = '" . $bugsys->in['title'] . "',
			displaytitle = '" . $bugsys->in['displaytitle'] . "',
			opentag = '" . $bugsys->unsanitize($bugsys->in['opentag']) . "',
			closetag = '" . $bugsys->unsanitize($bugsys->in['closetag']) . "',
			permissions = $permissionvalue
		WHERE usergroupid = " . intval($bugsys->in['usergroupid'])
	);
	
	build_usergroups();
	build_assignedto();
	
	$ugroupid = intval($bugsys->in['usergroupid']);
	foreach ($_POST['custom'] AS $fieldid => $mask)
	{
		$values[] = "$ugroupid, " . intval($fieldid) . ", " . intval($mask);
	}
	
	$db->query("
		REPLACE INTO " . TABLE_PREFIX . "bugfieldpermission
			(usergroupid, fieldid, mask)
		VALUES
			(" . implode("),\n\t\t\t(", $values) . ")"
	);

	
	$admin->redirect('usergroup.php?do=modify');
}

// ###################################################################

if ($_REQUEST['do'] == 'modify')
{
	$admin->page_start(lang::p('usergroup_manager'));
	
	$admin->form_start('usergroup.php', 'null');
	$admin->table_start();
	$admin->table_head(lang::p('usergroup_manager'), 3);
	
	$groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
	while ($group = $db->fetch_array($groups))
	{
		$usergroups["$group[usergroupid]"] = $group;
	}
	$db->free_result($groups);
	
	$groups = $db->query("
		SELECT COUNT(user.userid) AS total, user.usergroupid
		FROM " . TABLE_PREFIX . "user AS user
		LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
		GROUP BY usergroup.usergroupid
		ORDER BY usergroup.usergroupid"
	);
	while ($group = $db->fetch_array($groups))
	{
		$usergroups["$group[usergroupid]"]['total'] = $group['total'];
	}
	
	$admin->table_column_head(array(lang::p('usergroup'), lang::p('number_of_users'), lang::p('action')));
	foreach ($usergroups AS $group)
	{
		$admin->row_multi_item(array("<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l', ((!$group['total']) ? '-' : $group['total']) => 'c', "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">" . lang::p('edit_wraplink') . "</a>" . (($group['usergroupid'] > 6) ? "<a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">" . lang::p('delete_wraplink') . "</a>" : '') => 'c'));
	}
	
	$admin->row_span('<input type="button" name="addug" value="  ' . lang::p('add_new_usergroup') . '   " onclick="window.location = \'usergroup.php?do=add\';" />', 'tfoot', 'center', 3);
	$admin->table_end();
	$admin->form_end();
	
	$admin->page_end();
}

/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>