| [ Index ] |
PHP Cross Reference of phpBB 3.0 Beta 3 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package acp 5 * @version $Id: acp_permission_roles.php,v 1.17 2006/10/30 19:51:56 acydburn Exp $ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * @package acp 13 */ 14 class acp_permission_roles 15 { 16 var $u_action; 17 18 function main($id, $mode) 19 { 20 global $db, $user, $auth, $template, $cache; 21 global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; 22 23 include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); 24 include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); 25 26 $auth_admin = new auth_admin(); 27 28 $user->add_lang('acp/permissions'); 29 add_permission_language(); 30 31 $this->tpl_name = 'acp_permission_roles'; 32 33 $submit = (isset($_POST['submit'])) ? true : false; 34 $role_id = request_var('role_id', 0); 35 $action = request_var('action', ''); 36 $action = (isset($_POST['add'])) ? 'add' : $action; 37 38 switch ($mode) 39 { 40 case 'admin_roles': 41 $permission_type = 'a_'; 42 $this->page_title = 'ACP_ADMIN_ROLES'; 43 break; 44 45 case 'user_roles': 46 $permission_type = 'u_'; 47 $this->page_title = 'ACP_USER_ROLES'; 48 break; 49 50 case 'mod_roles': 51 $permission_type = 'm_'; 52 $this->page_title = 'ACP_MOD_ROLES'; 53 break; 54 55 case 'forum_roles': 56 $permission_type = 'f_'; 57 $this->page_title = 'ACP_FORUM_ROLES'; 58 break; 59 60 default: 61 trigger_error('NO_MODE', E_USER_ERROR); 62 break; 63 } 64 65 $template->assign_vars(array( 66 'L_TITLE' => $user->lang[$this->page_title], 67 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN']) 68 ); 69 70 // Take action... admin submitted something 71 if ($submit || $action == 'remove') 72 { 73 switch ($action) 74 { 75 case 'remove': 76 77 if (!$role_id) 78 { 79 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 80 } 81 82 $sql = 'SELECT * 83 FROM ' . ACL_ROLES_TABLE . ' 84 WHERE role_id = ' . $role_id; 85 $result = $db->sql_query($sql); 86 $role_row = $db->sql_fetchrow($result); 87 $db->sql_freeresult($result); 88 89 if (!$role_row) 90 { 91 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 92 } 93 94 if (confirm_box(true)) 95 { 96 $this->remove_role($role_id, $permission_type); 97 98 add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_row['role_name']); 99 trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action)); 100 } 101 else 102 { 103 confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array( 104 'i' => $id, 105 'mode' => $mode, 106 'role_id' => $role_id, 107 'action' => $action, 108 ))); 109 } 110 111 break; 112 113 case 'edit': 114 if (!$role_id) 115 { 116 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 117 } 118 119 // Get role we edit 120 $sql = 'SELECT * 121 FROM ' . ACL_ROLES_TABLE . ' 122 WHERE role_id = ' . $role_id; 123 $result = $db->sql_query($sql); 124 $role_row = $db->sql_fetchrow($result); 125 $db->sql_freeresult($result); 126 127 if (!$role_row) 128 { 129 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 130 } 131 132 // no break; 133 134 case 'add': 135 136 $role_name = request_var('role_name', '', true); 137 $role_description = request_var('role_description', '', true); 138 $auth_settings = request_var('setting', array('' => 0)); 139 140 if (!$role_name) 141 { 142 trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 143 } 144 145 // if we add/edit a role we check the name to be unique among the settings... 146 $sql = 'SELECT role_id 147 FROM ' . ACL_ROLES_TABLE . " 148 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 149 AND role_name = '" . $db->sql_escape($role_name) . "'"; 150 $result = $db->sql_query($sql); 151 $row = $db->sql_fetchrow($result); 152 $db->sql_freeresult($result); 153 154 // Make sure we only print out the error if we add the role or change it's name 155 if ($row && ($mode == 'add' || ($mode == 'edit' && $role_row['role_name'] != $role_name))) 156 { 157 trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING); 158 } 159 160 $sql_ary = array( 161 'role_name' => (string) $role_name, 162 'role_description' => (string) $role_description, 163 'role_type' => (string) $permission_type, 164 ); 165 166 if ($action == 'edit') 167 { 168 $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' 169 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 170 WHERE role_id = ' . $role_id; 171 $db->sql_query($sql); 172 } 173 else 174 { 175 // Get maximum role order for inserting a new role... 176 $sql = 'SELECT MAX(role_order) as max_order 177 FROM ' . ACL_ROLES_TABLE . " 178 WHERE role_type = '" . $db->sql_escape($permission_type) . "'"; 179 $result = $db->sql_query($sql); 180 $max_order = (int) $db->sql_fetchfield('max_order'); 181 $db->sql_freeresult($result); 182 183 $sql_ary['role_order'] = $max_order + 1; 184 185 $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); 186 $db->sql_query($sql); 187 188 $role_id = $db->sql_nextid(); 189 } 190 191 // Now add the auth settings 192 $auth_admin->acl_set_role($role_id, $auth_settings); 193 194 add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name); 195 196 trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action)); 197 198 break; 199 } 200 } 201 202 // Display screens 203 switch ($action) 204 { 205 case 'add': 206 207 $options_from = request_var('options_from', 0); 208 209 $role_row = array( 210 'role_name' => request_var('role_name', '', true), 211 'role_description' => request_var('role_description', '', true), 212 'role_type' => $permission_type, 213 ); 214 215 if ($options_from) 216 { 217 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option 218 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o 219 WHERE o.auth_option_id = p.auth_option_id 220 AND p.role_id = ' . $options_from . ' 221 ORDER BY p.auth_option_id'; 222 $result = $db->sql_query($sql); 223 224 $auth_options = array(); 225 while ($row = $db->sql_fetchrow($result)) 226 { 227 $auth_options[$row['auth_option']] = $row['auth_setting']; 228 } 229 $db->sql_freeresult($result); 230 } 231 else 232 { 233 $sql = 'SELECT auth_option_id, auth_option 234 FROM ' . ACL_OPTIONS_TABLE . " 235 WHERE auth_option LIKE '{$permission_type}%' 236 AND auth_option <> '{$permission_type}' 237 ORDER BY auth_option_id"; 238 $result = $db->sql_query($sql); 239 240 $auth_options = array(); 241 while ($row = $db->sql_fetchrow($result)) 242 { 243 $auth_options[$row['auth_option']] = ACL_NO; 244 } 245 $db->sql_freeresult($result); 246 } 247 248 // no break; 249 250 case 'edit': 251 252 if ($action == 'edit') 253 { 254 if (!$role_id) 255 { 256 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 257 } 258 259 $sql = 'SELECT * 260 FROM ' . ACL_ROLES_TABLE . ' 261 WHERE role_id = ' . $role_id; 262 $result = $db->sql_query($sql); 263 $role_row = $db->sql_fetchrow($result); 264 $db->sql_freeresult($result); 265 266 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option 267 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o 268 WHERE o.auth_option_id = p.auth_option_id 269 AND p.role_id = ' . $role_id . ' 270 ORDER BY p.auth_option_id'; 271 $result = $db->sql_query($sql); 272 273 $auth_options = array(); 274 while ($row = $db->sql_fetchrow($result)) 275 { 276 $auth_options[$row['auth_option']] = $row['auth_setting']; 277 } 278 $db->sql_freeresult($result); 279 } 280 281 if (!$role_row) 282 { 283 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 284 } 285 286 $template->assign_vars(array( 287 'S_EDIT' => true, 288 289 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}", 290 'U_BACK' => $this->u_action, 291 292 'ROLE_NAME' => $role_row['role_name'], 293 'ROLE_DESCRIPTION' => $role_row['role_description'], 294 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)], 295 ) 296 ); 297 298 // We need to fill the auth options array with ACL_NO options ;) 299 $sql = 'SELECT auth_option_id, auth_option 300 FROM ' . ACL_OPTIONS_TABLE . " 301 WHERE auth_option LIKE '{$permission_type}%' 302 AND auth_option <> '{$permission_type}' 303 ORDER BY auth_option_id"; 304 $result = $db->sql_query($sql); 305 306 while ($row = $db->sql_fetchrow($result)) 307 { 308 if (!isset($auth_options[$row['auth_option']])) 309 { 310 $auth_options[$row['auth_option']] = ACL_NO; 311 } 312 } 313 $db->sql_freeresult($result); 314 315 // Unset global permission option 316 unset($auth_options[$permission_type]); 317 318 // Display auth options 319 $this->display_auth_options($auth_options); 320 321 // Get users/groups/forums using this preset... 322 if ($action == 'edit') 323 { 324 $hold_ary = $auth_admin->get_role_mask($role_id); 325 326 if (sizeof($hold_ary)) 327 { 328 $template->assign_var(array( 329 'S_DISPLAY_ROLE_MASK' => true, 330 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_row['role_name'])) 331 ); 332 333 $auth_admin->display_role_mask($hold_ary); 334 } 335 } 336 337 return; 338 break; 339 340 case 'move_up': 341 case 'move_down': 342 343 $order = request_var('order', 0); 344 $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1); 345 346 $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' 347 SET role_order = ' . $order_total . " - role_order 348 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 349 AND role_order IN ($order, " . (($action == 'move_up') ? $order - 1 : $order + 1) . ')'; 350 $db->sql_query($sql); 351 352 break; 353 } 354 355 // By default, check that role_order is valid and fix it if necessary 356 $sql = 'SELECT role_id, role_order 357 FROM ' . ACL_ROLES_TABLE . " 358 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 359 ORDER BY role_order ASC"; 360 $result = $db->sql_query($sql); 361 362 if ($row = $db->sql_fetchrow($result)) 363 { 364 $order = 0; 365 do 366 { 367 $order++; 368 if ($row['role_order'] != $order) 369 { 370 $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}"); 371 } 372 } 373 while ($row = $db->sql_fetchrow($result)); 374 } 375 $db->sql_freeresult($result); 376 377 // Display assigned items? 378 $display_item = request_var('display_item', 0); 379 380 // Select existing roles 381 $sql = 'SELECT * 382 FROM ' . ACL_ROLES_TABLE . " 383 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 384 ORDER BY role_order ASC"; 385 $result = $db->sql_query($sql); 386 387 $s_role_options = ''; 388 while ($row = $db->sql_fetchrow($result)) 389 { 390 $template->assign_block_vars('roles', array( 391 'ROLE_NAME' => $row['role_name'], 392 'ROLE_DESCRIPTION' => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 393 394 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'], 395 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'], 396 'U_MOVE_UP' => $this->u_action . '&action=move_up&order=' . $row['role_order'], 397 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&order=' . $row['role_order'], 398 'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to') 399 ); 400 401 $s_role_options .= '<option value="' . $row['role_id'] . '">' . $row['role_name'] . '</option>'; 402 403 if ($display_item == $row['role_id']) 404 { 405 $template->assign_vars(array( 406 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $row['role_name'])) 407 ); 408 } 409 } 410 $db->sql_freeresult($result); 411 412 $template->assign_vars(array( 413 'S_ROLE_OPTIONS' => $s_role_options) 414 ); 415 416 if ($display_item) 417 { 418 $template->assign_vars(array( 419 'S_DISPLAY_ROLE_MASK' => true) 420 ); 421 422 $hold_ary = $auth_admin->get_role_mask($display_item); 423 $auth_admin->display_role_mask($hold_ary); 424 } 425 } 426 427 /** 428 * Display permission settings able to be set 429 */ 430 function display_auth_options($auth_options) 431 { 432 global $template, $user; 433 434 $content_array = $categories = array(); 435 $key_sort_array = array(0); 436 $auth_options = array(0 => $auth_options); 437 438 // Making use of auth_admin method here (we do not really want to change two similar code fragments) 439 auth_admin::build_permission_array($auth_options, $content_array, $categories, $key_sort_array); 440 441 $content_array = $content_array[0]; 442 443 $template->assign_var('S_NUM_PERM_COLS', sizeof($categories)); 444 445 // Assign to template 446 foreach ($content_array as $cat => $cat_array) 447 { 448 $template->assign_block_vars('auth', array( 449 'CAT_NAME' => $user->lang['permission_cat'][$cat], 450 451 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false, 452 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false, 453 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false) 454 ); 455 456 foreach ($cat_array['permissions'] as $permission => $allowed) 457 { 458 $template->assign_block_vars('auth.mask', array( 459 'S_YES' => ($allowed == ACL_YES) ? true : false, 460 'S_NEVER' => ($allowed == ACL_NEVER) ? true : false, 461 'S_NO' => ($allowed == ACL_NO) ? true : false, 462 463 'FIELD_NAME' => $permission, 464 'PERMISSION' => $user->lang['acl_' . $permission]['lang']) 465 ); 466 } 467 } 468 } 469 470 /** 471 * Remove role 472 */ 473 function remove_role($role_id, $permission_type) 474 { 475 global $db; 476 477 $auth_admin = new auth_admin(); 478 479 // Get complete auth array 480 $sql = 'SELECT auth_option, auth_option_id 481 FROM ' . ACL_OPTIONS_TABLE . " 482 WHERE auth_option LIKE '" . $db->sql_escape($permission_type) . "%'"; 483 $result = $db->sql_query($sql); 484 485 $auth_settings = array(); 486 while ($row = $db->sql_fetchrow($result)) 487 { 488 $auth_settings[$row['auth_option']] = ACL_NO; 489 } 490 $db->sql_freeresult($result); 491 492 // Get the role auth settings we need to re-set... 493 $sql = 'SELECT o.auth_option, r.auth_setting 494 FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o 495 WHERE o.auth_option_id = r.auth_option_id 496 AND r.role_id = ' . $role_id; 497 $result = $db->sql_query($sql); 498 499 while ($row = $db->sql_fetchrow($result)) 500 { 501 $auth_settings[$row['auth_option']] = $row['auth_setting']; 502 } 503 $db->sql_freeresult($result); 504 505 // Get role assignments 506 $hold_ary = $auth_admin->get_role_mask($role_id); 507 508 // Re-assign permissions 509 foreach ($hold_ary as $forum_id => $forum_ary) 510 { 511 if (isset($forum_ary['users'])) 512 { 513 $auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false); 514 } 515 516 if (isset($forum_ary['groups'])) 517 { 518 $auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false); 519 } 520 } 521 522 // Remove role from users and groups just to be sure (happens through acl_set) 523 $sql = 'DELETE FROM ' . ACL_USERS_TABLE . ' 524 WHERE auth_role_id = ' . $role_id; 525 $db->sql_query($sql); 526 527 $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . ' 528 WHERE auth_role_id = ' . $role_id; 529 $db->sql_query($sql); 530 531 // Remove role data and role 532 $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . ' 533 WHERE role_id = ' . $role_id; 534 $db->sql_query($sql); 535 536 $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . ' 537 WHERE role_id = ' . $role_id; 538 $db->sql_query($sql); 539 540 $auth_admin->acl_clear_prefetch(); 541 } 542 } 543 544 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Nov 22 00:35:05 2006 | Cross-referenced by PHPXref 0.6 |