| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package acp 5 * @version $Id$ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * @ignore 13 */ 14 if (!defined('IN_PHPBB')) 15 { 16 exit; 17 } 18 19 /** 20 * @package acp 21 */ 22 class acp_permission_roles 23 { 24 var $u_action; 25 26 function main($id, $mode) 27 { 28 global $db, $user, $auth, $template, $cache; 29 global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; 30 31 include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); 32 include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); 33 34 $auth_admin = new auth_admin(); 35 36 $user->add_lang('acp/permissions'); 37 add_permission_language(); 38 39 $this->tpl_name = 'acp_permission_roles'; 40 41 $submit = (isset($_POST['submit'])) ? true : false; 42 $role_id = request_var('role_id', 0); 43 $action = request_var('action', ''); 44 $action = (isset($_POST['add'])) ? 'add' : $action; 45 46 $form_name = 'acp_permissions'; 47 add_form_key($form_name); 48 49 switch ($mode) 50 { 51 case 'admin_roles': 52 $permission_type = 'a_'; 53 $this->page_title = 'ACP_ADMIN_ROLES'; 54 break; 55 56 case 'user_roles': 57 $permission_type = 'u_'; 58 $this->page_title = 'ACP_USER_ROLES'; 59 break; 60 61 case 'mod_roles': 62 $permission_type = 'm_'; 63 $this->page_title = 'ACP_MOD_ROLES'; 64 break; 65 66 case 'forum_roles': 67 $permission_type = 'f_'; 68 $this->page_title = 'ACP_FORUM_ROLES'; 69 break; 70 71 default: 72 trigger_error('NO_MODE', E_USER_ERROR); 73 break; 74 } 75 76 $template->assign_vars(array( 77 'L_TITLE' => $user->lang[$this->page_title], 78 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN']) 79 ); 80 81 // Take action... admin submitted something 82 if ($submit || $action == 'remove') 83 { 84 switch ($action) 85 { 86 case 'remove': 87 88 if (!$role_id) 89 { 90 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 91 } 92 93 $sql = 'SELECT * 94 FROM ' . ACL_ROLES_TABLE . ' 95 WHERE role_id = ' . $role_id; 96 $result = $db->sql_query($sql); 97 $role_row = $db->sql_fetchrow($result); 98 $db->sql_freeresult($result); 99 100 if (!$role_row) 101 { 102 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 103 } 104 105 if (confirm_box(true)) 106 { 107 $this->remove_role($role_id, $permission_type); 108 109 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; 110 add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name); 111 trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action)); 112 } 113 else 114 { 115 confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array( 116 'i' => $id, 117 'mode' => $mode, 118 'role_id' => $role_id, 119 'action' => $action, 120 ))); 121 } 122 123 break; 124 125 case 'edit': 126 if (!$role_id) 127 { 128 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 129 } 130 131 // Get role we edit 132 $sql = 'SELECT * 133 FROM ' . ACL_ROLES_TABLE . ' 134 WHERE role_id = ' . $role_id; 135 $result = $db->sql_query($sql); 136 $role_row = $db->sql_fetchrow($result); 137 $db->sql_freeresult($result); 138 139 if (!$role_row) 140 { 141 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 142 } 143 144 // no break; 145 146 case 'add': 147 148 if (!check_form_key($form_name)) 149 { 150 trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING); 151 } 152 153 $role_name = utf8_normalize_nfc(request_var('role_name', '', true)); 154 $role_description = utf8_normalize_nfc(request_var('role_description', '', true)); 155 $auth_settings = request_var('setting', array('' => 0)); 156 157 if (!$role_name) 158 { 159 trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 160 } 161 162 if (utf8_strlen($role_description) > 4000) 163 { 164 trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 165 } 166 167 // if we add/edit a role we check the name to be unique among the settings... 168 $sql = 'SELECT role_id 169 FROM ' . ACL_ROLES_TABLE . " 170 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 171 AND role_name = '" . $db->sql_escape($role_name) . "'"; 172 $result = $db->sql_query($sql); 173 $row = $db->sql_fetchrow($result); 174 $db->sql_freeresult($result); 175 176 // Make sure we only print out the error if we add the role or change it's name 177 if ($row && ($mode == 'add' || ($mode == 'edit' && $role_row['role_name'] != $role_name))) 178 { 179 trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING); 180 } 181 182 $sql_ary = array( 183 'role_name' => (string) $role_name, 184 'role_description' => (string) $role_description, 185 'role_type' => (string) $permission_type, 186 ); 187 188 if ($action == 'edit') 189 { 190 $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' 191 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 192 WHERE role_id = ' . $role_id; 193 $db->sql_query($sql); 194 } 195 else 196 { 197 // Get maximum role order for inserting a new role... 198 $sql = 'SELECT MAX(role_order) as max_order 199 FROM ' . ACL_ROLES_TABLE . " 200 WHERE role_type = '" . $db->sql_escape($permission_type) . "'"; 201 $result = $db->sql_query($sql); 202 $max_order = (int) $db->sql_fetchfield('max_order'); 203 $db->sql_freeresult($result); 204 205 $sql_ary['role_order'] = $max_order + 1; 206 207 $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); 208 $db->sql_query($sql); 209 210 $role_id = $db->sql_nextid(); 211 } 212 213 // Now add the auth settings 214 $auth_admin->acl_set_role($role_id, $auth_settings); 215 216 $role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name; 217 add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name); 218 219 trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action)); 220 221 break; 222 } 223 } 224 225 // Display screens 226 switch ($action) 227 { 228 case 'add': 229 230 $options_from = request_var('options_from', 0); 231 232 $role_row = array( 233 'role_name' => utf8_normalize_nfc(request_var('role_name', '', true)), 234 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)), 235 'role_type' => $permission_type, 236 ); 237 238 if ($options_from) 239 { 240 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option 241 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o 242 WHERE o.auth_option_id = p.auth_option_id 243 AND p.role_id = ' . $options_from . ' 244 ORDER BY p.auth_option_id'; 245 $result = $db->sql_query($sql); 246 247 $auth_options = array(); 248 while ($row = $db->sql_fetchrow($result)) 249 { 250 $auth_options[$row['auth_option']] = $row['auth_setting']; 251 } 252 $db->sql_freeresult($result); 253 } 254 else 255 { 256 $sql = 'SELECT auth_option_id, auth_option 257 FROM ' . ACL_OPTIONS_TABLE . " 258 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . " 259 AND auth_option <> '{$permission_type}' 260 ORDER BY auth_option_id"; 261 $result = $db->sql_query($sql); 262 263 $auth_options = array(); 264 while ($row = $db->sql_fetchrow($result)) 265 { 266 $auth_options[$row['auth_option']] = ACL_NO; 267 } 268 $db->sql_freeresult($result); 269 } 270 271 // no break; 272 273 case 'edit': 274 275 if ($action == 'edit') 276 { 277 if (!$role_id) 278 { 279 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 280 } 281 282 $sql = 'SELECT * 283 FROM ' . ACL_ROLES_TABLE . ' 284 WHERE role_id = ' . $role_id; 285 $result = $db->sql_query($sql); 286 $role_row = $db->sql_fetchrow($result); 287 $db->sql_freeresult($result); 288 289 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option 290 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o 291 WHERE o.auth_option_id = p.auth_option_id 292 AND p.role_id = ' . $role_id . ' 293 ORDER BY p.auth_option_id'; 294 $result = $db->sql_query($sql); 295 296 $auth_options = array(); 297 while ($row = $db->sql_fetchrow($result)) 298 { 299 $auth_options[$row['auth_option']] = $row['auth_setting']; 300 } 301 $db->sql_freeresult($result); 302 } 303 304 if (!$role_row) 305 { 306 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 307 } 308 309 $template->assign_vars(array( 310 'S_EDIT' => true, 311 312 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}", 313 'U_BACK' => $this->u_action, 314 315 'ROLE_NAME' => $role_row['role_name'], 316 'ROLE_DESCRIPTION' => $role_row['role_description'], 317 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)], 318 ) 319 ); 320 321 // We need to fill the auth options array with ACL_NO options ;) 322 $sql = 'SELECT auth_option_id, auth_option 323 FROM ' . ACL_OPTIONS_TABLE . " 324 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . " 325 AND auth_option <> '{$permission_type}' 326 ORDER BY auth_option_id"; 327 $result = $db->sql_query($sql); 328 329 while ($row = $db->sql_fetchrow($result)) 330 { 331 if (!isset($auth_options[$row['auth_option']])) 332 { 333 $auth_options[$row['auth_option']] = ACL_NO; 334 } 335 } 336 $db->sql_freeresult($result); 337 338 // Unset global permission option 339 unset($auth_options[$permission_type]); 340 341 // Display auth options 342 $this->display_auth_options($auth_options); 343 344 // Get users/groups/forums using this preset... 345 if ($action == 'edit') 346 { 347 $hold_ary = $auth_admin->get_role_mask($role_id); 348 349 if (sizeof($hold_ary)) 350 { 351 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; 352 353 $template->assign_vars(array( 354 'S_DISPLAY_ROLE_MASK' => true, 355 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)) 356 ); 357 358 $auth_admin->display_role_mask($hold_ary); 359 } 360 } 361 362 return; 363 break; 364 365 case 'move_up': 366 case 'move_down': 367 368 $order = request_var('order', 0); 369 $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1); 370 371 $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' 372 SET role_order = ' . $order_total . " - role_order 373 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 374 AND role_order IN ($order, " . (($action == 'move_up') ? $order - 1 : $order + 1) . ')'; 375 $db->sql_query($sql); 376 377 break; 378 } 379 380 // By default, check that role_order is valid and fix it if necessary 381 $sql = 'SELECT role_id, role_order 382 FROM ' . ACL_ROLES_TABLE . " 383 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 384 ORDER BY role_order ASC"; 385 $result = $db->sql_query($sql); 386 387 if ($row = $db->sql_fetchrow($result)) 388 { 389 $order = 0; 390 do 391 { 392 $order++; 393 if ($row['role_order'] != $order) 394 { 395 $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}"); 396 } 397 } 398 while ($row = $db->sql_fetchrow($result)); 399 } 400 $db->sql_freeresult($result); 401 402 // Display assigned items? 403 $display_item = request_var('display_item', 0); 404 405 // Select existing roles 406 $sql = 'SELECT * 407 FROM ' . ACL_ROLES_TABLE . " 408 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 409 ORDER BY role_order ASC"; 410 $result = $db->sql_query($sql); 411 412 $s_role_options = ''; 413 while ($row = $db->sql_fetchrow($result)) 414 { 415 $role_name = (!empty($user->lang[$row['role_name']])) ? $user->lang[$row['role_name']] : $row['role_name']; 416 417 $template->assign_block_vars('roles', array( 418 'ROLE_NAME' => $role_name, 419 'ROLE_DESCRIPTION' => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 420 421 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'], 422 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'], 423 'U_MOVE_UP' => $this->u_action . '&action=move_up&order=' . $row['role_order'], 424 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&order=' . $row['role_order'], 425 'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to') 426 ); 427 428 $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>'; 429 430 if ($display_item == $row['role_id']) 431 { 432 $template->assign_vars(array( 433 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)) 434 ); 435 } 436 } 437 $db->sql_freeresult($result); 438 439 $template->assign_vars(array( 440 'S_ROLE_OPTIONS' => $s_role_options) 441 ); 442 443 if ($display_item) 444 { 445 $template->assign_vars(array( 446 'S_DISPLAY_ROLE_MASK' => true) 447 ); 448 449 $hold_ary = $auth_admin->get_role_mask($display_item); 450 $auth_admin->display_role_mask($hold_ary); 451 } 452 } 453 454 /** 455 * Display permission settings able to be set 456 */ 457 function display_auth_options($auth_options) 458 { 459 global $template, $user; 460 461 $content_array = $categories = array(); 462 $key_sort_array = array(0); 463 $auth_options = array(0 => $auth_options); 464 465 // Making use of auth_admin method here (we do not really want to change two similar code fragments) 466 auth_admin::build_permission_array($auth_options, $content_array, $categories, $key_sort_array); 467 468 $content_array = $content_array[0]; 469 470 $template->assign_var('S_NUM_PERM_COLS', sizeof($categories)); 471 472 // Assign to template 473 foreach ($content_array as $cat => $cat_array) 474 { 475 $template->assign_block_vars('auth', array( 476 'CAT_NAME' => $user->lang['permission_cat'][$cat], 477 478 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false, 479 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false, 480 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false) 481 ); 482 483 foreach ($cat_array['permissions'] as $permission => $allowed) 484 { 485 $template->assign_block_vars('auth.mask', array( 486 'S_YES' => ($allowed == ACL_YES) ? true : false, 487 'S_NEVER' => ($allowed == ACL_NEVER) ? true : false, 488 'S_NO' => ($allowed == ACL_NO) ? true : false, 489 490 'FIELD_NAME' => $permission, 491 'PERMISSION' => $user->lang['acl_' . $permission]['lang']) 492 ); 493 } 494 } 495 } 496 497 /** 498 * Remove role 499 */ 500 function remove_role($role_id, $permission_type) 501 { 502 global $db; 503 504 $auth_admin = new auth_admin(); 505 506 // Get complete auth array 507 $sql = 'SELECT auth_option, auth_option_id 508 FROM ' . ACL_OPTIONS_TABLE . " 509 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char); 510 $result = $db->sql_query($sql); 511 512 $auth_settings = array(); 513 while ($row = $db->sql_fetchrow($result)) 514 { 515 $auth_settings[$row['auth_option']] = ACL_NO; 516 } 517 $db->sql_freeresult($result); 518 519 // Get the role auth settings we need to re-set... 520 $sql = 'SELECT o.auth_option, r.auth_setting 521 FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o 522 WHERE o.auth_option_id = r.auth_option_id 523 AND r.role_id = ' . $role_id; 524 $result = $db->sql_query($sql); 525 526 while ($row = $db->sql_fetchrow($result)) 527 { 528 $auth_settings[$row['auth_option']] = $row['auth_setting']; 529 } 530 $db->sql_freeresult($result); 531 532 // Get role assignments 533 $hold_ary = $auth_admin->get_role_mask($role_id); 534 535 // Re-assign permissions 536 foreach ($hold_ary as $forum_id => $forum_ary) 537 { 538 if (isset($forum_ary['users'])) 539 { 540 $auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false); 541 } 542 543 if (isset($forum_ary['groups'])) 544 { 545 $auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false); 546 } 547 } 548 549 // Remove role from users and groups just to be sure (happens through acl_set) 550 $sql = 'DELETE FROM ' . ACL_USERS_TABLE . ' 551 WHERE auth_role_id = ' . $role_id; 552 $db->sql_query($sql); 553 554 $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . ' 555 WHERE auth_role_id = ' . $role_id; 556 $db->sql_query($sql); 557 558 // Remove role data and role 559 $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . ' 560 WHERE role_id = ' . $role_id; 561 $db->sql_query($sql); 562 563 $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . ' 564 WHERE role_id = ' . $role_id; 565 $db->sql_query($sql); 566 567 $auth_admin->acl_clear_prefetch(); 568 } 569 } 570 571 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Oct 2 15:03:47 2013 | Cross-referenced by PHPXref 0.7.1 |