|
 |
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
*
|
|
|
4c79b5 |
* @package acp
|
|
|
4c79b5 |
* @version $Id: acp_permission_roles.php 8479 2008-03-29 00:22:48Z naderman $
|
|
|
4c79b5 |
* @copyright (c) 2005 phpBB Group
|
|
|
4c79b5 |
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
|
|
4c79b5 |
*
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
* @ignore
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
if (!defined('IN_PHPBB'))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
exit;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
* @package acp
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
class acp_permission_roles
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
var $u_action;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
function main($id, $mode)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
global $db, $user, $auth, $template, $cache;
|
|
|
4c79b5 |
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
|
|
4c79b5 |
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_admin = new auth_admin();
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$user->add_lang('acp/permissions');
|
|
|
4c79b5 |
add_permission_language();
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$this->tpl_name = 'acp_permission_roles';
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$submit = (isset($_POST['submit'])) ? true : false;
|
|
|
4c79b5 |
$role_id = request_var('role_id', 0);
|
|
|
4c79b5 |
$action = request_var('action', '');
|
|
|
4c79b5 |
$action = (isset($_POST['add'])) ? 'add' : $action;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$form_name = 'acp_permissions';
|
|
|
4c79b5 |
add_form_key($form_name);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
switch ($mode)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
case 'admin_roles':
|
|
|
4c79b5 |
$permission_type = 'a_';
|
|
|
4c79b5 |
$this->page_title = 'ACP_ADMIN_ROLES';
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
case 'user_roles':
|
|
|
4c79b5 |
$permission_type = 'u_';
|
|
|
4c79b5 |
$this->page_title = 'ACP_USER_ROLES';
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
case 'mod_roles':
|
|
|
4c79b5 |
$permission_type = 'm_';
|
|
|
4c79b5 |
$this->page_title = 'ACP_MOD_ROLES';
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
case 'forum_roles':
|
|
|
4c79b5 |
$permission_type = 'f_';
|
|
|
4c79b5 |
$this->page_title = 'ACP_FORUM_ROLES';
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
default:
|
|
|
4c79b5 |
trigger_error('NO_MODE', E_USER_ERROR);
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$template->assign_vars(array(
|
|
|
4c79b5 |
'L_TITLE' => $user->lang[$this->page_title],
|
|
|
4c79b5 |
'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'])
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Take action... admin submitted something
|
|
|
4c79b5 |
if ($submit || $action == 'remove')
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
switch ($action)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
case 'remove':
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (!$role_id)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql = 'SELECT *
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_TABLE . '
|
|
|
4c79b5 |
WHERE role_id = ' . $role_id;
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
$role_row = $db->sql_fetchrow($result);
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (!$role_row)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (confirm_box(true))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$this->remove_role($role_id, $permission_type);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
|
|
|
4c79b5 |
add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name);
|
|
|
4c79b5 |
trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action));
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
else
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array(
|
|
|
4c79b5 |
'i' => $id,
|
|
|
4c79b5 |
'mode' => $mode,
|
|
|
4c79b5 |
'role_id' => $role_id,
|
|
|
4c79b5 |
'action' => $action,
|
|
|
4c79b5 |
)));
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
case 'edit':
|
|
|
4c79b5 |
if (!$role_id)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Get role we edit
|
|
|
4c79b5 |
$sql = 'SELECT *
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_TABLE . '
|
|
|
4c79b5 |
WHERE role_id = ' . $role_id;
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
$role_row = $db->sql_fetchrow($result);
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (!$role_row)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// no break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
case 'add':
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (!check_form_key($form_name))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$role_name = utf8_normalize_nfc(request_var('role_name', '', true));
|
|
|
4c79b5 |
$role_description = utf8_normalize_nfc(request_var('role_description', '', true));
|
|
|
4c79b5 |
$auth_settings = request_var('setting', array('' => 0));
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (!$role_name)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (utf8_strlen($role_description) > 4000)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// if we add/edit a role we check the name to be unique among the settings...
|
|
|
4c79b5 |
$sql = 'SELECT role_id
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_TABLE . "
|
|
|
4c79b5 |
WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
|
|
4c79b5 |
AND role_name = '" . $db->sql_escape($role_name) . "'";
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
$row = $db->sql_fetchrow($result);
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Make sure we only print out the error if we add the role or change it's name
|
|
|
4c79b5 |
if ($row && ($mode == 'add' || ($mode == 'edit' && $role_row['role_name'] != $role_name)))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql_ary = array(
|
|
|
4c79b5 |
'role_name' => (string) $role_name,
|
|
|
4c79b5 |
'role_description' => (string) $role_description,
|
|
|
4c79b5 |
'role_type' => (string) $permission_type,
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ($action == 'edit')
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$sql = 'UPDATE ' . ACL_ROLES_TABLE . '
|
|
|
4c79b5 |
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
|
|
|
4c79b5 |
WHERE role_id = ' . $role_id;
|
|
|
4c79b5 |
$db->sql_query($sql);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
else
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
// Get maximum role order for inserting a new role...
|
|
|
4c79b5 |
$sql = 'SELECT MAX(role_order) as max_order
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_TABLE . "
|
|
|
4c79b5 |
WHERE role_type = '" . $db->sql_escape($permission_type) . "'";
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
$max_order = (int) $db->sql_fetchfield('max_order');
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql_ary['role_order'] = $max_order + 1;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
|
|
|
4c79b5 |
$db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$role_id = $db->sql_nextid();
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Now add the auth settings
|
|
|
4c79b5 |
$auth_admin->acl_set_role($role_id, $auth_settings);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name;
|
|
|
4c79b5 |
add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action));
|
|
|
4c79b5 |
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Display screens
|
|
|
4c79b5 |
switch ($action)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
case 'add':
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$options_from = request_var('options_from', 0);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$role_row = array(
|
|
|
4c79b5 |
'role_name' => utf8_normalize_nfc(request_var('role_name', '', true)),
|
|
|
4c79b5 |
'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)),
|
|
|
4c79b5 |
'role_type' => $permission_type,
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ($options_from)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
|
|
|
4c79b5 |
WHERE o.auth_option_id = p.auth_option_id
|
|
|
4c79b5 |
AND p.role_id = ' . $options_from . '
|
|
|
4c79b5 |
ORDER BY p.auth_option_id';
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_options = array();
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_options[$row['auth_option']] = $row['auth_setting'];
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
else
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$sql = 'SELECT auth_option_id, auth_option
|
|
|
4c79b5 |
FROM ' . ACL_OPTIONS_TABLE . "
|
|
|
4c79b5 |
WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "
|
|
|
4c79b5 |
AND auth_option <> '{$permission_type}'
|
|
|
4c79b5 |
ORDER BY auth_option_id";
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_options = array();
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_options[$row['auth_option']] = ACL_NO;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// no break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
case 'edit':
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ($action == 'edit')
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
if (!$role_id)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql = 'SELECT *
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_TABLE . '
|
|
|
4c79b5 |
WHERE role_id = ' . $role_id;
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
$role_row = $db->sql_fetchrow($result);
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
|
|
|
4c79b5 |
WHERE o.auth_option_id = p.auth_option_id
|
|
|
4c79b5 |
AND p.role_id = ' . $role_id . '
|
|
|
4c79b5 |
ORDER BY p.auth_option_id';
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_options = array();
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_options[$row['auth_option']] = $row['auth_setting'];
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (!$role_row)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$template->assign_vars(array(
|
|
|
4c79b5 |
'S_EDIT' => true,
|
|
|
4c79b5 |
|
|
|
4c79b5 |
'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}",
|
|
|
4c79b5 |
'U_BACK' => $this->u_action,
|
|
|
4c79b5 |
|
|
|
4c79b5 |
'ROLE_NAME' => $role_row['role_name'],
|
|
|
4c79b5 |
'ROLE_DESCRIPTION' => $role_row['role_description'],
|
|
|
4c79b5 |
'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)],
|
|
|
4c79b5 |
)
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// We need to fill the auth options array with ACL_NO options ;)
|
|
|
4c79b5 |
$sql = 'SELECT auth_option_id, auth_option
|
|
|
4c79b5 |
FROM ' . ACL_OPTIONS_TABLE . "
|
|
|
4c79b5 |
WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "
|
|
|
4c79b5 |
AND auth_option <> '{$permission_type}'
|
|
|
4c79b5 |
ORDER BY auth_option_id";
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
if (!isset($auth_options[$row['auth_option']]))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_options[$row['auth_option']] = ACL_NO;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Unset global permission option
|
|
|
4c79b5 |
unset($auth_options[$permission_type]);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Display auth options
|
|
|
4c79b5 |
$this->display_auth_options($auth_options);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Get users/groups/forums using this preset...
|
|
|
4c79b5 |
if ($action == 'edit')
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$hold_ary = $auth_admin->get_role_mask($role_id);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (sizeof($hold_ary))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$template->assign_vars(array(
|
|
|
4c79b5 |
'S_DISPLAY_ROLE_MASK' => true,
|
|
|
4c79b5 |
'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_admin->display_role_mask($hold_ary);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return;
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
case 'move_up':
|
|
|
4c79b5 |
case 'move_down':
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$order = request_var('order', 0);
|
|
|
4c79b5 |
$order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql = 'UPDATE ' . ACL_ROLES_TABLE . '
|
|
|
4c79b5 |
SET role_order = ' . $order_total . " - role_order
|
|
|
4c79b5 |
WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
|
|
4c79b5 |
AND role_order IN ($order, " . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
|
|
|
4c79b5 |
$db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// By default, check that role_order is valid and fix it if necessary
|
|
|
4c79b5 |
$sql = 'SELECT role_id, role_order
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_TABLE . "
|
|
|
4c79b5 |
WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
|
|
4c79b5 |
ORDER BY role_order ASC";
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$order = 0;
|
|
|
4c79b5 |
do
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$order++;
|
|
|
4c79b5 |
if ($row['role_order'] != $order)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}");
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result));
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Display assigned items?
|
|
|
4c79b5 |
$display_item = request_var('display_item', 0);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Select existing roles
|
|
|
4c79b5 |
$sql = 'SELECT *
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_TABLE . "
|
|
|
4c79b5 |
WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
|
|
4c79b5 |
ORDER BY role_order ASC";
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$s_role_options = '';
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$role_name = (!empty($user->lang[$row['role_name']])) ? $user->lang[$row['role_name']] : $row['role_name'];
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$template->assign_block_vars('roles', array(
|
|
|
4c79b5 |
'ROLE_NAME' => $role_name,
|
|
|
4c79b5 |
'ROLE_DESCRIPTION' => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']),
|
|
|
4c79b5 |
|
|
|
4c79b5 |
'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'],
|
|
|
4c79b5 |
'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'],
|
|
|
4c79b5 |
'U_MOVE_UP' => $this->u_action . '&action=move_up&order=' . $row['role_order'],
|
|
|
4c79b5 |
'U_MOVE_DOWN' => $this->u_action . '&action=move_down&order=' . $row['role_order'],
|
|
|
4c79b5 |
'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to')
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ($display_item == $row['role_id'])
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$template->assign_vars(array(
|
|
|
4c79b5 |
'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$template->assign_vars(array(
|
|
|
4c79b5 |
'S_ROLE_OPTIONS' => $s_role_options)
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ($display_item)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$template->assign_vars(array(
|
|
|
4c79b5 |
'S_DISPLAY_ROLE_MASK' => true)
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$hold_ary = $auth_admin->get_role_mask($display_item);
|
|
|
4c79b5 |
$auth_admin->display_role_mask($hold_ary);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
* Display permission settings able to be set
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
function display_auth_options($auth_options)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
global $template, $user;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$content_array = $categories = array();
|
|
|
4c79b5 |
$key_sort_array = array(0);
|
|
|
4c79b5 |
$auth_options = array(0 => $auth_options);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Making use of auth_admin method here (we do not really want to change two similar code fragments)
|
|
|
4c79b5 |
auth_admin::build_permission_array($auth_options, $content_array, $categories, $key_sort_array);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$content_array = $content_array[0];
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$template->assign_var('S_NUM_PERM_COLS', sizeof($categories));
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Assign to template
|
|
|
4c79b5 |
foreach ($content_array as $cat => $cat_array)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$template->assign_block_vars('auth', array(
|
|
|
4c79b5 |
'CAT_NAME' => $user->lang['permission_cat'][$cat],
|
|
|
4c79b5 |
|
|
|
4c79b5 |
'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
|
|
|
4c79b5 |
'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
|
|
|
4c79b5 |
'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false)
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
foreach ($cat_array['permissions'] as $permission => $allowed)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$template->assign_block_vars('auth.mask', array(
|
|
|
4c79b5 |
'S_YES' => ($allowed == ACL_YES) ? true : false,
|
|
|
4c79b5 |
'S_NEVER' => ($allowed == ACL_NEVER) ? true : false,
|
|
|
4c79b5 |
'S_NO' => ($allowed == ACL_NO) ? true : false,
|
|
|
4c79b5 |
|
|
|
4c79b5 |
'FIELD_NAME' => $permission,
|
|
|
4c79b5 |
'PERMISSION' => $user->lang['acl_' . $permission]['lang'])
|
|
|
4c79b5 |
);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
* Remove role
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
function remove_role($role_id, $permission_type)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
global $db;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_admin = new auth_admin();
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Get complete auth array
|
|
|
4c79b5 |
$sql = 'SELECT auth_option, auth_option_id
|
|
|
4c79b5 |
FROM ' . ACL_OPTIONS_TABLE . "
|
|
|
4c79b5 |
WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char);
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_settings = array();
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_settings[$row['auth_option']] = ACL_NO;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Get the role auth settings we need to re-set...
|
|
|
4c79b5 |
$sql = 'SELECT o.auth_option, r.auth_setting
|
|
|
4c79b5 |
FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
|
|
|
4c79b5 |
WHERE o.auth_option_id = r.auth_option_id
|
|
|
4c79b5 |
AND r.role_id = ' . $role_id;
|
|
|
4c79b5 |
$result = $db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
while ($row = $db->sql_fetchrow($result))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_settings[$row['auth_option']] = $row['auth_setting'];
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$db->sql_freeresult($result);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Get role assignments
|
|
|
4c79b5 |
$hold_ary = $auth_admin->get_role_mask($role_id);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Re-assign permissions
|
|
|
4c79b5 |
foreach ($hold_ary as $forum_id => $forum_ary)
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
if (isset($forum_ary['users']))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if (isset($forum_ary['groups']))
|
|
|
4c79b5 |
{
|
|
|
4c79b5 |
$auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Remove role from users and groups just to be sure (happens through acl_set)
|
|
|
4c79b5 |
$sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
|
|
|
4c79b5 |
WHERE auth_role_id = ' . $role_id;
|
|
|
4c79b5 |
$db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
|
|
|
4c79b5 |
WHERE auth_role_id = ' . $role_id;
|
|
|
4c79b5 |
$db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
// Remove role data and role
|
|
|
4c79b5 |
$sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
|
|
|
4c79b5 |
WHERE role_id = ' . $role_id;
|
|
|
4c79b5 |
$db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$sql = 'DELETE FROM ' . ACL_ROLES_TABLE . '
|
|
|
4c79b5 |
WHERE role_id = ' . $role_id;
|
|
|
4c79b5 |
$db->sql_query($sql);
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$auth_admin->acl_clear_prefetch();
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
?>
|