diff options
| -rw-r--r-- | admin.php | 4 | ||||
| -rw-r--r-- | admin/cat_perm.php | 469 | ||||
| -rw-r--r-- | doc/ChangeLog | 7 | ||||
| -rw-r--r-- | template/default/admin/cat_list.tpl | 3 | ||||
| -rw-r--r-- | template/default/admin/cat_perm.tpl | 56 | ||||
| -rw-r--r-- | template/default/admin/cat_perm.vtp | 48 | ||||
| -rw-r--r-- | template/default/default.css | 5 | ||||
| -rw-r--r-- | template/default/theme/category_permissions.png | bin | 0 -> 1838 bytes |
8 files changed, 376 insertions, 216 deletions
@@ -96,9 +96,9 @@ switch ( $_GET['page'] ) $title = $lang['title_instructions']; $page_valide = true; break; case 'cat_perm': $title = $lang['title_cat_perm']; - if ( isset( $_GET['cat_id'] ) ) + if ( isset( $_GET['cat'] ) ) { - check_cat_id( $_GET['cat_id'] ); + check_cat_id( $_GET['cat'] ); if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) { $result = get_cat_info( $page['cat'] ); diff --git a/admin/cat_perm.php b/admin/cat_perm.php index 30d5941f8..73bd0d866 100644 --- a/admin/cat_perm.php +++ b/admin/cat_perm.php @@ -24,205 +24,342 @@ // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | // | USA. | // +-----------------------------------------------------------------------+ -include_once( './admin/include/isadmin.inc.php' ); -//----------------------------------------------------- template initialization -$sub = $vtp->Open( './template/'.$user['template'].'/admin/cat_perm.vtp' ); -$error = array(); -$tpl = array( 'permuser_authorized','permuser_forbidden','menu_groups', - 'submit','menu_users','permuser_parent_forbidden' ); -templatize_array( $tpl, 'lang', $sub ); -$vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); -//-------------------------------------------------------------- category infos -if ( isset( $_GET['cat_id'] ) ) + +if (!defined('PHPWG_ROOT_PATH')) { - check_cat_id( $_GET['cat_id'] ); - if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) ) - { - $result = get_cat_info( $page['cat'] ); - $page['cat_name'] = $result['name']; - $page['id_uppercat'] = $result['id_uppercat']; - } + die ("Hacking attempt!"); } -//---------------------------------------------------------- permission updates -if ( isset( $_POST['submit'] ) ) +include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php'); + +// +-----------------------------------------------------------------------+ +// | variable initialization | +// +-----------------------------------------------------------------------+ + +// if the category is not correct (not numeric, not private) +if (isset($_GET['cat']) and is_numeric($_GET['cat'])) { - // groups access update - $query = 'DELETE'; - $query.= ' FROM '.PREFIX_TABLE.'group_access'; - $query.= ' WHERE cat_id = '.$page['cat']; - $query.= ';'; - pwg_query( $query ); - $query = 'SELECT id'; - $query.= ' FROM '.PREFIX_TABLE.'groups'; - $query.= ';'; - $result = pwg_query( $query ); - while ( $row = mysql_fetch_array( $result ) ) - { - $radioname = 'groupaccess-'.$row['id']; - if ( $_POST[$radioname] == 0 ) - { - $query = 'INSERT INTO '.PREFIX_TABLE.'group_access'; - $query.= ' (cat_id,group_id) VALUES'; - $query.= ' ('.$page['cat'].','.$row['id'].')'; - $query.= ';'; - pwg_query( $query ); - } - } - // users access update - $query = 'DELETE'; - $query.= ' FROM '.PREFIX_TABLE.'user_access'; - $query.= ' WHERE cat_id = '.$page['cat']; - $query.= ';'; - pwg_query( $query ); - $query = 'SELECT id'; - $query.= ' FROM '.USERS_TABLE; - $query.= ';'; - $result = pwg_query( $query ); - while ( $row = mysql_fetch_array( $result ) ) + $query = ' +SELECT status + FROM '.CATEGORIES_TABLE.' + WHERE id = '.$_GET['cat'].' +;'; + list($status) = mysql_fetch_array(pwg_query($query)); + + if ('private' == $status) { - $radioname = 'useraccess-'.$row['id']; - if ( $_POST[$radioname] == 0 ) - { - $query = 'INSERT INTO '.PREFIX_TABLE.'user_access'; - $query.= ' (cat_id,user_id) VALUES'; - $query.= ' ('.$page['cat'].','.$row['id'].')'; - $query.= ';'; - pwg_query( $query ); - } - check_favorites( $row['id'] ); + $page['cat'] = $_GET['cat']; } - // resynchronize all users - synchronize_all_users(); } -//---------------------------------------------------------------------- groups -$query = 'SELECT id,name'; -$query.= ' FROM '.PREFIX_TABLE.'groups'; -$query. ';'; -$result = pwg_query( $query ); -if ( mysql_num_rows( $result ) > 0 ) + +if (!isset($page['cat'])) +{ + $query = ' +SELECT id + FROM '.CATEGORIES_TABLE.' + WHERE status = \'private\' + LIMIT 0,1 +;'; + + list($page['cat']) = mysql_fetch_array(pwg_query($query)); +} + +// +-----------------------------------------------------------------------+ +// | form submission | +// +-----------------------------------------------------------------------+ + +if (isset($_POST) and false) +{ + echo '<pre>'; + print_r($_POST); + echo '</pre>'; +} + +if (isset($_POST['deny_groups_submit']) + and isset($_POST['deny_groups']) + and count($_POST['deny_groups']) > 0) +{ + // if you forbid access to a category, all sub-categories become + // automatically forbidden + $query = ' +DELETE + FROM '.GROUP_ACCESS_TABLE.' + WHERE group_id IN ('.implode(',', $_POST['deny_groups']).') + AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).') +;'; + pwg_query($query); +} +else if (isset($_POST['grant_groups_submit']) + and isset($_POST['grant_groups']) + and count($_POST['grant_groups']) > 0) { - $vtp->addSession( $sub, 'groups' ); - // creating an array with all authorized groups for this category - $query = 'SELECT group_id'; - $query.= ' FROM '.PREFIX_TABLE.'group_access'; - $query.= ' WHERE cat_id = '.$_GET['cat_id']; - $query.= ';'; - $subresult = pwg_query( $query ); - $authorized_groups = array(); - while ( $subrow = mysql_fetch_array( $subresult ) ) + $query = ' +SELECT id + FROM '.CATEGORIES_TABLE.' + WHERE id IN ('.implode(',', get_uppercat_ids(array($page['cat']))).') + AND status = \'private\' +;'; + $private_uppercats = array_from_query($query, 'id'); + + // We must not reinsert already existing lines in group_access table + $granteds = array(); + foreach ($private_uppercats as $cat_id) { - array_push( $authorized_groups, $subrow['group_id'] ); + $granteds[$cat_id] = array(); } - // displaying each group - while( $row = mysql_fetch_array( $result ) ) + + $query = ' +SELECT group_id, cat_id + FROM '.GROUP_ACCESS_TABLE.' + WHERE cat_id IN ('.implode(',', $private_uppercats).') + AND group_id IN ('.implode(',', $_POST['grant_groups']).') +;'; + $result = pwg_query($query); + while ($row = mysql_fetch_array($result)) { - $vtp->addSession( $sub, 'group' ); - if ( in_array( $row['id'], $authorized_groups ) ) - { - $vtp->setVar( $sub, 'group.color', 'green' ); - $vtp->setVar( $sub, 'group.authorized_checked', ' checked="checked"' ); - } - else + array_push($granteds[$row['cat_id']], $row['group_id']); + } + + $inserts = array(); + + foreach ($private_uppercats as $cat_id) + { + $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]); + foreach ($group_ids as $group_id) { - $vtp->setVar( $sub, 'group.color', 'red' ); - $vtp->setVar( $sub, 'group.forbidden_checked', ' checked="checked"' ); + array_push($inserts, array('group_id' => $group_id, + 'cat_id' => $cat_id)); } - $vtp->setVar( $sub, 'group.groupname', $row['name'] ); - $vtp->setVar( $sub, 'group.id', $row['id'] ); - $url = './admin.php?page=group_perm&group_id='.$row['id']; - $vtp->setVar( $sub, 'group.group_perm_link', add_session_id( $url ) ); - $vtp->closeSession( $sub, 'group' ); } - $vtp->closeSession( $sub, 'groups' ); + + mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts); } -//----------------------------------------------------------------------- users -$query = 'SELECT id,username,status'; -$query.= ' FROM '.USERS_TABLE; -// only the webmaster can modify webmaster's permissions -if ( $user['username'] != $conf['webmaster'] ) +else if (isset($_POST['deny_users_submit']) + and isset($_POST['deny_users']) + and count($_POST['deny_users']) > 0) { - $query.= " WHERE username != '".$conf['webmaster']."'"; + // if you forbid access to a category, all sub-categories become + // automatically forbidden + $query = ' +DELETE + FROM '.USER_ACCESS_TABLE.' + WHERE user_id IN ('.implode(',', $_POST['deny_users']).') + AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).') +;'; + pwg_query($query); } -$query.= ';'; -$result = pwg_query( $query ); -while ( $row = mysql_fetch_array( $result ) ) +else if (isset($_POST['grant_users_submit']) + and isset($_POST['grant_users']) + and count($_POST['grant_users']) > 0) { - $vtp->addSession( $sub, 'user' ); - $vtp->setVar( $sub, 'user.id', $row['id'] ); - $url = add_session_id( './admin.php?page=user_perm&user_id='.$row['id']); - $vtp->setVar( $sub, 'user.user_perm_link', $url); - if ( $row['username'] == 'guest' ) - { - $row['username'] = $lang['guest']; - } - $vtp->setVar( $sub, 'user.username', $row['username'] ); + $query = ' +SELECT id + FROM '.CATEGORIES_TABLE.' + WHERE id IN ('.implode(',', get_uppercat_ids(array($page['cat']))).') + AND status = \'private\' +;'; + $private_uppercats = array_from_query($query, 'id'); - // for color of user : (red means access forbidden, green authorized) we - // ask all forbidden categories, including the groups rights - $restrictions = get_user_restrictions( $row['id'], $row['status'], false ); - $is_user_allowed = is_user_allowed( $page['cat'], $restrictions ); - if ( $is_user_allowed == 0 ) + // We must not reinsert already existing lines in user_access table + $granteds = array(); + foreach ($private_uppercats as $cat_id) { - $vtp->setVar( $sub, 'user.color', 'green' ); + $granteds[$cat_id] = array(); } - else + + $query = ' +SELECT user_id, cat_id + FROM '.USER_ACCESS_TABLE.' + WHERE cat_id IN ('.implode(',', $private_uppercats).') + AND user_id IN ('.implode(',', $_POST['grant_users']).') +;'; + $result = pwg_query($query); + while ($row = mysql_fetch_array($result)) { - $vtp->setVar( $sub, 'user.color', 'red' ); + array_push($granteds[$row['cat_id']], $row['user_id']); } - // for permission update button, we only ask forbidden categories for the - // user, not taking into account the groups the user belongs to - $restrictions = get_user_restrictions($row['id'],$row['status'],false,false); - $is_user_allowed = is_user_allowed( $page['cat'], $restrictions ); - if ( $is_user_allowed == 2 ) + + $inserts = array(); + + foreach ($private_uppercats as $cat_id) { - $vtp->addSession( $sub, 'parent_forbidden' ); - $url = './admin.php?page=cat_perm&cat_id='.$page['id_uppercat']; - $vtp->setVar( $sub, 'parent_forbidden.url', add_session_id( $url ) ); - $vtp->closeSession( $sub, 'parent_forbidden' ); + $user_ids = array_diff($_POST['grant_users'], $granteds[$cat_id]); + foreach ($user_ids as $user_id) + { + array_push($inserts, array('user_id' => $user_id, + 'cat_id' => $cat_id)); + } } - if ( $is_user_allowed == 0 ) + + mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $inserts); +} + +// +-----------------------------------------------------------------------+ +// | template initialization | +// +-----------------------------------------------------------------------+ +$template->set_filenames(array('cat_perm'=>'admin/cat_perm.tpl')); + +$form_action = PHPWG_ROOT_PATH.'admin.php'; +$form_action.= '?page=cat_perm&cat='.$page['cat']; + +$template->assign_vars(array('F_ACTION' => $form_action)); + +// +-----------------------------------------------------------------------+ +// | form construction | +// +-----------------------------------------------------------------------+ + +// groups denied are the groups not granted. So we need to find all groups +// minus groups granted to find groups denied. + +$groups = array(); + +$query = ' +SELECT id, name + FROM '.GROUPS_TABLE.' +;'; +$result = pwg_query($query); + +while ($row = mysql_fetch_array($result)) +{ + $groups[$row['id']] = $row['name']; +} + +$query = ' +SELECT group_id + FROM '.GROUP_ACCESS_TABLE.' + WHERE cat_id = '.$page['cat'].' +;'; +$group_granted_ids = array_from_query($query, 'group_id'); + +// groups granted to access the category +foreach ($group_granted_ids as $group_id) +{ + $template->assign_block_vars( + 'group_granted', + array( + 'NAME'=>$groups[$group_id], + 'ID'=>$group_id + ) + ); +} + +// groups denied +foreach (array_diff(array_keys($groups), $group_granted_ids) as $group_id) +{ + $template->assign_block_vars( + 'group_denied', + array( + 'NAME'=>$groups[$group_id], + 'ID'=>$group_id + ) + ); +} + +// users... +$users = array(); + +$query = ' +SELECT id, username + FROM '.USERS_TABLE.' + WHERE id != 2 +;'; +$result = pwg_query($query); +while($row = mysql_fetch_array($result)) +{ + $users[$row['id']] = $row['username']; +} + +$query = ' +SELECT user_id + FROM '.USER_ACCESS_TABLE.' + WHERE cat_id = '.$page['cat'].' +;'; +$user_granted_direct_ids = array_from_query($query, 'user_id'); + +foreach ($user_granted_direct_ids as $user_id) +{ + $template->assign_block_vars( + 'user_granted', + array( + 'NAME'=>$users[$user_id], + 'ID'=>$user_id + ) + ); +} + +$user_granted_indirect_ids = array(); +if (count($group_granted_ids) > 0) +{ + $granted_groups = array(); + + $query = ' +SELECT user_id, group_id + FROM '.USER_GROUP_TABLE.' + WHERE group_id IN ('.implode(',', $group_granted_ids).') +'; + $result = pwg_query($query); + while ($row = mysql_fetch_array($result)) { - $vtp->setVar( $sub, 'user.authorized_checked', ' checked="checked"' ); + if (!isset($granted_groups[$row['group_id']])) + { + $granted_groups[$row['group_id']] = array(); + } + array_push($granted_groups[$row['group_id']], $row['user_id']); } - else + + $user_granted_by_group_ids = array(); + + foreach ($granted_groups as $group_users) { - $vtp->setVar( $sub, 'user.forbidden_checked', ' checked="checked"' ); + $user_granted_by_group_ids = array_merge($user_granted_by_group_ids, + $group_users); } - // user's group(s) - $query = 'SELECT g.name as groupname, g.id as groupid'; - $query.= ' FROM '.PREFIX_TABLE.'groups as g'; - $query.= ', '.PREFIX_TABLE.'user_group as ug'; - $query.= ' WHERE ug.group_id = g.id'; - $query.= ' AND ug.user_id = '.$row['id']; - $query.= ';'; - $subresult = pwg_query( $query ); - if ( mysql_num_rows( $subresult ) > 0 ) + $user_granted_by_group_ids = array_unique($user_granted_by_group_ids); + + + $user_granted_indirect_ids = array_diff($user_granted_by_group_ids, + $user_granted_direct_ids); + + foreach ($user_granted_indirect_ids as $user_id) { - $vtp->addSession( $sub, 'usergroups' ); - $i = 0; - while( $subrow = mysql_fetch_array( $subresult ) ) + $group = ''; + + foreach ($granted_groups as $group_id => $group_users) { - $vtp->addSession( $sub, 'usergroup' ); - if ( in_array( $subrow['groupid'], $authorized_groups ) ) - { - $vtp->setVar( $sub, 'usergroup.color', 'green' ); - } - else - { - $vtp->setVar( $sub, 'usergroup.color', 'red' ); - } - $vtp->setVar( $sub, 'usergroup.name', $subrow['groupname'] ); - if ( $i < mysql_num_rows( $subresult ) - 1 ) + if (in_array($user_id, $group_users)) { - $vtp->setVar( $sub, 'usergroup.separation', ',' ); + $group = $groups[$group_id]; + break; } - $vtp->closeSession( $sub, 'usergroup' ); - $i++; } - $vtp->closeSession( $sub, 'usergroups' ); + + $template->assign_block_vars( + 'user_granted_indirect', + array( + 'NAME'=>$users[$user_id], + 'GROUP'=>$group + ) + ); } - $vtp->closeSession( $sub, 'user' ); } -//----------------------------------------------------------- sending html code -$vtp->Parse( $handle , 'sub', $sub ); + +$user_denied_ids = array_diff(array_keys($users), + $user_granted_indirect_ids, + $user_granted_direct_ids); + +foreach ($user_denied_ids as $user_id) +{ + $template->assign_block_vars( + 'user_denied', + array( + 'NAME'=>$users[$user_id], + 'ID'=>$user_id + ) + ); +} + + +// +-----------------------------------------------------------------------+ +// | sending html code | +// +-----------------------------------------------------------------------+ +$template->assign_var_from_handle('ADMIN_CONTENT', 'cat_perm'); ?> diff --git a/doc/ChangeLog b/doc/ChangeLog index 3a09b34e1..1242d166d 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,4 +1,11 @@ 2005-06-30 Pierrick LE GALL + + * category permissions management comes back! (it disappeared in + branch 1.4) This time, it is designed to support better long users + list. On this screen, for a particular category, admin can say + which groups and users are permitted. + +2005-06-30 Pierrick LE GALL * users managment : change display of filter (according to filter on user comments) diff --git a/template/default/admin/cat_list.tpl b/template/default/admin/cat_list.tpl index 7463845ce..c3973b003 100644 --- a/template/default/admin/cat_list.tpl +++ b/template/default/admin/cat_list.tpl @@ -14,6 +14,9 @@ <li><a href="{category.elements.URL}" title="{lang:manage category elements}"><img src="./template/default/theme/category_elements.png" alt="{lang:elements}" /></a></li> <!-- END elements --> <li><a href="{category.U_CHILDREN}" title="{lang:manage sub-categories}"><img src="./template/default/theme/category_children.png" alt="{lang:sub-categories}" /></a></li> + <!-- BEGIN permissions --> + <li><a href="{category.permissions.URL}" title="{lang:edit category permissions}" ><img src="./template/default/theme/category_permissions.png" alt="{lang:permissions}" /></a></li> + <!-- END permissions --> <!-- BEGIN delete --> <li><a href="{category.delete.URL}" title="{lang:delete category}"><img src="./template/default/theme/category_delete.png" alt="{lang:delete}" /></a></li> <!-- END delete --> diff --git a/template/default/admin/cat_perm.tpl b/template/default/admin/cat_perm.tpl new file mode 100644 index 000000000..6b7061c65 --- /dev/null +++ b/template/default/admin/cat_perm.tpl @@ -0,0 +1,56 @@ +<form action="{F_ACTION}" method="post" id="categoryPermissions"> + + <h2>{lang:Groups}</h2> + + <fieldset> + <legend>{lang:Permission granted}</legend> + <ul> + <!-- BEGIN group_granted --> + <li><label><input type="checkbox" name="deny_groups[]" value="{group_granted.ID}" /> {group_granted.NAME}</label></li> + <!-- END group_granted --> + </ul> + <input type="submit" name="deny_groups_submit" value="{lang:Deny selected groups}" /> + </fieldset> + + <fieldset> + <legend>{lang:Permission denied}</legend> + <ul> + <!-- BEGIN group_denied --> + <li><label><input type="checkbox" name="grant_groups[]" value="{group_denied.ID}"> {group_denied.NAME}</label></li> + <!-- END group_denied --> + </ul> + <input type="submit" name="grant_groups_submit" value="{lang:Grant selected groups}" /> + </fieldset> + + <h2>{lang:Users}</h2> + + <fieldset> + <legend>{lang:Permission granted}</legend> + <ul> + <!-- BEGIN user_granted --> + <li><label><input type="checkbox" name="deny_users[]" value="{user_granted.ID}" /> {user_granted.NAME}</label></li> + <!-- END user_granted --> + </ul> + <input type="submit" name="deny_users_submit" value="{lang:Deny selected users}" /> + </fieldset> + + <fieldset> + <legend>{lang:Permission granted thanks to a group}</legend> + <ul> + <!-- BEGIN user_granted_indirect --> + <li>{user_granted_indirect.NAME} ({user_granted_indirect.GROUP})</li> + <!-- END user_granted_indirect --> + </ul> + </fieldset> + + <fieldset> + <legend>{lang:Permission denied}</legend> + <ul> + <!-- BEGIN user_denied --> + <li><label><input type="checkbox" name="grant_users[]" value="{user_denied.ID}"> {user_denied.NAME}</label></li> + <!-- END user_denied --> + </ul> + <input type="submit" name="grant_users_submit" value="{lang:Grant selected users}" /> + </fieldset> + +</form> diff --git a/template/default/admin/cat_perm.vtp b/template/default/admin/cat_perm.vtp deleted file mode 100644 index 77987fac4..000000000 --- a/template/default/admin/cat_perm.vtp +++ /dev/null @@ -1,48 +0,0 @@ -<form action="{#action}" method="post"> - <!--VTP_groups--> - <table style="width:100%;"> - <tr> - <th colspan="2">{#menu_groups}</th> - </tr> - <!--VTP_group--> - <tr> - <td><img src="./template/{#user_template}/admin/images/puce.gif" alt=">" /><a href="{#group_perm_link}"><span style="color:{#color}">{#groupname}</span></a></td> - <td style="text-align:right;"> - <input type="radio" name="groupaccess-{#id}" value="0"{#authorized_checked}/>{#permuser_authorized} - <input type="radio" name="groupaccess-{#id}" value="1"{#forbidden_checked}/>{#permuser_forbidden} - </td> - </tr> - <!--/VTP_group--> - </table> - <!--/VTP_groups--> - <table style="width:100%;"> - <tr> - <th colspan="2">{#menu_users}</th> - </tr> - <!--VTP_user--> - <tr> - <td> - <img src="./template/{#user_template}/admin/images/puce.gif" alt=">" /> - <a href="{#user_perm_link}"><span style="color:{#color}">{#username}</span></a> - <!--VTP_usergroups--> - [ - <!--VTP_usergroup--> - <span style="color:{#color};">{#name}</span>{#separation} - <!--/VTP_usergroup--> - ] - <!--/VTP_usergroups--> - </td> - <td style="text-align:right;"> - <!--VTP_parent_forbidden--> - <a href="{#url}">{#permuser_parent_forbidden}</a> - <!--/VTP_parent_forbidden--> - <input type="radio" name="useraccess-{#id}" value="0"{#authorized_checked}/>{#permuser_authorized} - <input type="radio" name="useraccess-{#id}" value="1"{#forbidden_checked}/>{#permuser_forbidden} - </td> - </tr> - <!--/VTP_user--> - <tr> - <td colspan="2" align="center"><input type="submit" name="submit" value="{#submit}"/></td> - </tr> - </table> -</form>
\ No newline at end of file diff --git a/template/default/default.css b/template/default/default.css index fa9286407..5ec9a6921 100644 --- a/template/default/default.css +++ b/template/default/default.css @@ -475,3 +475,8 @@ form.filter FIELDSET { form.filter FIELDSET + INPUT { margin-top: 10px; } + +FORM#categoryPermissions LI { + display:inline; + white-space: nowrap; +} diff --git a/template/default/theme/category_permissions.png b/template/default/theme/category_permissions.png Binary files differnew file mode 100644 index 000000000..df0459893 --- /dev/null +++ b/template/default/theme/category_permissions.png |
