<?php
/*=====================================================================*\
|| ###################################################################
|| # Bugdar
|| # Copyright ©2002-2007 Blue Static
|| #
|| # This program is free software; you can redistribute it and/or modify
|| # it under the terms of the GNU General Public License as published by
|| # the Free Software Foundation; version 2 of the License.
|| #
|| # This program is distributed in the hope that it will be useful, but
|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|| # more details.
|| #
|| # You should have received a copy of the GNU General Public License along
|| # with this program; if not, write to the Free Software Foundation, Inc.,
|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|| ###################################################################
\*=====================================================================*/
// TODO - look at an API for permission.php
require_once('./global.php');
require_once('./includes/functions_datastore.php');
NavLinks::usersPages();
$navigator->set_focus('tab', 'users', null);
$navigator->set_focus('link', 'users-pages-permissions', 'users-pages');
if (!can_perform('canadmingroups'))
{
admin_login();
}
// ###################################################################
// define permissions as groups
$permissions = array(
T('General Permissions') => array(
'canviewbugs' => T('Can View Bugs'),
'canviewhidden' => T('Can View All Hidden Bugs and Comments'),
'canviewownhidden' => T('Can View Own Hidden Bugs'),
'cansubscribe' => T('Can Subscribe to Bugs'),
),
T('Posting/Submitting Permissions') => array(
'canvote' => T('Can Vote on Polls'),
'cansubmitbugs' => T('Can Submit Bugs'),
'canpostcomments' => T('Can Post Comments'),
'cangetattach' => T('Can View Attachments'),
'canputattach' => T('Can Upload/Edit Own Attachments'),
'caneditattach' => T('Can Manage All Attachments')
),
T('Moderation/Managment Permissions') => array(
'caneditown' => T('Can Edit Own Bugs'),
'caneditother' => T('Can Edit Others\' Bugs'),
'caneditownreply' => T('Can Edit Own Comments'),
'caneditotherreply' => T('Can Edit Others\' Comments'),
'canassign' => T('Can Assign Bugs'),
'canchangestatus' => T('Can Change Status'),
'candeletedata' => T('Can Delete Bugs and Comments')
)
);
// ###################################################################
if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'modify';
}
// ###################################################################
if ($_REQUEST['do'] == 'kill')
{
$bugsys->input_clean('usergroupid', TYPE_UINT);
$db->query("DELETE FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $bugsys->in['usergroupid'] . " AND productid = " . $bugsys->input_clean('productid', TYPE_UINT));
build_permissions();
$admin->redirect('permission.php?do=modify&usergroupid=' . $bugsys->in['usergroupid']);
}
// ###################################################################
if ($_REQUEST['do'] == 'delete')
{
$admin->page_confirm(T('Are you sure you want to revert this permission mask?'), 'permission.php', 'kill', array('usergroupid' => $bugsys->input_clean('usergroupid', TYPE_UINT), 'productid' => $bugsys->input_clean('productid', TYPE_UINT)));
}
// ###################################################################
if ($_REQUEST['do'] == 'edit')
{
$bugsys->input_clean_array(array(
'usergroupid' => TYPE_UINT,
'productid' => TYPE_UINT
));
$perm = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $bugsys->in['usergroupid'] . " AND productid = " . $bugsys->in['productid']);
$usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . $bugsys->in['usergroupid']);
$product = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = " . $bugsys->in['productid']);
if (!$usergroup OR !$product)
{
$admin->error(L_INVALID_ID);
}
$admin->page_start(T('Edit Permissions'));
$admin->form_start('permission.php', 'update');
$admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
$admin->form_hidden_field('productid', $product['productid']);
// determine the value to work off of
if ($perm)
{
$mask = $perm['mask'];
}
else
{
$mask = $usergroup['permissions'];
}
// Permission
$admin->table_start();
$admin->table_head(sprintf(T('Permissions: %1$s - %2$s'), $usergroup['title'], $product['title']));
foreach ($permissions AS $group => $settings)
{
$admin->row_span($group, 'thead', 'center');
foreach ($settings AS $setting => $name)
{
$admin->row_yesno($name, "perm[$setting]", ($mask & $bugsys->permissions["$setting"]));
}
}
$admin->row_submit();
$admin->table_end();
$admin->form_end();
$admin->page_end();
}
// ###################################################################
if ($_POST['do'] == 'update')
{
$bugsys->input_clean_array(array(
'perm' => TYPE_UINT,
'usergroupid' => TYPE_UINT,
'productid' => TYPE_UINT
));
foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch)
{
$permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch;
}
$db->query("
REPLACE INTO " . TABLE_PREFIX . "permission
(usergroupid, productid, mask)
VALUES
(" . $bugsys->in['usergroupid'] . ",
" . $bugsys->in['productid'] . ",
$permissionvalue
)"
);
build_permissions();
$admin->redirect('permission.php?do=modify&usergroupid=' . $bugsys->in['usergroupid']);
}
// ###################################################################
if ($_REQUEST['do'] == 'modify')
{
$admin->page_start(T('Permission Manager'));
$admin->table_start();
$admin->table_head(T('Permission Manager'));
$groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
while ($group = $db->fetch_array($groups))
{
$usergroups["$group[usergroupid]"] = $group;
}
$db->free_result($groups);
foreach ($usergroups AS $group)
{
$admin->row_text($group['title'], ($bugsys->in['usergroupid'] != $group['usergroupid'] ? "<a href=\"permission.php?do=modify&usergroupid=$group[usergroupid]\">[" . T('Expand') . "]</a>" : ''), 'top', 2, 'alt3');
if ($bugsys->in['usergroupid'] == $group['usergroupid'])
{
$permissions_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = $group[usergroupid]");
while ($permission = $db->fetch_array($permissions_fetch))
{
$permissions["$permission[productid]"] = $permission['mask'];
}
$products_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE !parentid OR parentid IS NULL ORDER BY displayorder ASC");
while ($product = $db->fetch_array($products_fetch))
{
$groupid = $group['usergroupid'];
$prodid = $product['productid'];
if (!isset($permissions["$product[productid]"]))
{
$statuslink = T('Inherited From Usergroup Settings: ');
$statuslink .= "<a href=\"permission.php?do=edit&usergroupid=$groupid&productid=$prodid\">[" . T('Customize') . ']</a>';
}
else
{
$statuslink = T('Customized: ');
$statuslink .= "<a href=\"permission.php?do=edit&usergroupid=$groupid&productid=$prodid\">[" . T('Edit') . ']</a>';
$statuslink .= " <a href=\"permission.php?do=delete&usergroupid=$groupid&productid=$prodid\">[" . T('Revert') . ']</a>';
}
$admin->row_text($product['title'], $statuslink);
}
}
}
$admin->table_end();
$admin->page_end();
}
/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>