engelsystem/includes/pages/admin_groups.php

145 lines
5.7 KiB
PHP
Raw Normal View History

2011-06-02 22:40:08 +02:00
<?php
use Engelsystem\Database\DB;
2017-01-03 03:22:48 +01:00
/**
* @return string
*/
2017-01-02 03:57:23 +01:00
function admin_groups_title()
{
2017-01-03 14:12:17 +01:00
return _('Grouprights');
2013-11-25 21:04:58 +01:00
}
2017-01-03 03:22:48 +01:00
/**
* @return string
*/
2017-01-02 03:57:23 +01:00
function admin_groups()
{
2017-01-03 14:12:17 +01:00
$html = '';
$groups = DB::select('SELECT * FROM `Groups` ORDER BY `Name`');
2017-01-03 14:12:17 +01:00
if (!isset($_REQUEST['action'])) {
2017-01-02 03:57:23 +01:00
$groups_table = [];
foreach ($groups as $group) {
$privileges = DB::select('
SELECT `name`
2017-01-02 15:43:36 +01:00
FROM `GroupPrivileges`
JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`)
WHERE `group_id`=?
', [$group['UID']]);
2017-01-02 03:57:23 +01:00
$privileges_html = [];
2017-01-02 15:43:36 +01:00
foreach ($privileges as $privilege) {
$privileges_html[] = $privilege['name'];
2017-01-02 03:57:23 +01:00
}
2017-01-02 15:43:36 +01:00
2017-01-02 03:57:23 +01:00
$groups_table[] = [
2017-01-02 15:43:36 +01:00
'name' => $group['Name'],
'privileges' => join(', ', $privileges_html),
'actions' => button(
page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'],
2017-01-03 14:12:17 +01:00
_('edit'),
2017-01-02 15:43:36 +01:00
'btn-xs'
)
];
2017-01-02 03:57:23 +01:00
}
2017-01-02 15:43:36 +01:00
2017-01-02 03:57:23 +01:00
return page_with_title(admin_groups_title(), [
2017-01-02 15:43:36 +01:00
table([
2017-01-03 14:12:17 +01:00
'name' => _('Name'),
'privileges' => _('Privileges'),
2017-01-02 15:43:36 +01:00
'actions' => ''
], $groups_table)
]);
2017-01-02 03:57:23 +01:00
} else {
2017-01-03 14:12:17 +01:00
switch ($_REQUEST['action']) {
2017-01-02 15:43:36 +01:00
case 'edit':
2017-01-03 14:12:17 +01:00
if (isset($_REQUEST['id']) && preg_match('/^-[0-9]{1,11}$/', $_REQUEST['id'])) {
2017-01-02 15:43:36 +01:00
$group_id = $_REQUEST['id'];
} else {
2017-01-03 14:12:17 +01:00
return error('Incomplete call, missing Groups ID.', true);
2017-01-02 15:43:36 +01:00
}
$group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
if (!empty($group)) {
$privileges = DB::select('
2017-01-02 15:43:36 +01:00
SELECT `Privileges`.*, `GroupPrivileges`.`group_id`
FROM `Privileges`
LEFT OUTER JOIN `GroupPrivileges`
ON (
`Privileges`.`id` = `GroupPrivileges`.`privilege_id`
AND `GroupPrivileges`.`group_id`=?
2017-01-02 15:43:36 +01:00
)
ORDER BY `Privileges`.`name`
', [$group_id]);
2017-01-03 14:12:17 +01:00
$privileges_html = '';
2017-01-02 15:43:36 +01:00
$privileges_form = [];
foreach ($privileges as $privilege) {
2017-01-02 15:43:36 +01:00
$privileges_form[] = form_checkbox(
'privileges[]',
$privilege['desc'] . ' (' . $privilege['name'] . ')',
$privilege['group_id'] != '',
$privilege['id']
2017-01-02 15:43:36 +01:00
);
$privileges_html .= sprintf(
'<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>',
$privilege['id'],
($privilege['group_id'] != '' ? 'checked="checked"' : ''),
$privilege['name'],
$privilege['desc']
2017-01-02 15:43:36 +01:00
);
2017-01-02 03:57:23 +01:00
}
2017-01-02 15:43:36 +01:00
2017-01-03 14:12:17 +01:00
$privileges_form[] = form_submit('submit', _('Save'));
$html .= page_with_title(_('Edit group'), [
2017-01-02 15:43:36 +01:00
form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id)
]);
} else {
2017-01-03 14:12:17 +01:00
return error('No Group found.', true);
2017-01-02 03:57:23 +01:00
}
2017-01-02 15:43:36 +01:00
break;
case 'save':
2017-01-03 14:12:17 +01:00
if (isset($_REQUEST['id']) && preg_match('/^-[0-9]{1,11}$/', $_REQUEST['id'])) {
2017-01-02 15:43:36 +01:00
$group_id = $_REQUEST['id'];
} else {
2017-01-03 14:12:17 +01:00
return error('Incomplete call, missing Groups ID.', true);
2017-01-02 15:43:36 +01:00
}
$group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
2017-01-02 15:43:36 +01:00
if (!is_array($_REQUEST['privileges'])) {
$_REQUEST['privileges'] = [];
}
if (!empty($group)) {
$group = array_shift($group);
DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
2017-01-02 15:43:36 +01:00
$privilege_names = [];
foreach ($_REQUEST['privileges'] as $privilege) {
if (preg_match("/^[0-9]{1,}$/", $privilege)) {
$group_privileges_source = DB::select(
'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
[$privilege]
);
if (!empty($group_privileges_source)) {
$group_privileges_source = array_shift($group_privileges_source);
DB::insert(
'INSERT INTO `GroupPrivileges` (`group_id`, `privilege_id`) VALUES (?, ?)',
[$group_id, $privilege]
);
$privilege_names[] = $group_privileges_source['name'];
2017-01-02 15:43:36 +01:00
}
}
}
engelsystem_log(
2017-01-03 14:12:17 +01:00
'Group privileges of group ' . $group['Name']
. ' edited: ' . join(', ', $privilege_names)
2017-01-02 15:43:36 +01:00
);
2017-01-03 14:12:17 +01:00
redirect(page_link_to('admin_groups'));
2017-01-02 15:43:36 +01:00
} else {
2017-01-03 14:12:17 +01:00
return error('No Group found.', true);
2017-01-02 15:43:36 +01:00
}
break;
}
2017-01-02 03:57:23 +01:00
}
return $html;
2011-06-02 22:40:08 +02:00
}