Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Annotate
Revision Log

principal-edit.php @ 3733

Revision 3733, 36.4 KB checked in by gabriel.malheiros, 13 years ago (diff)
Ticket #1541 - <Davical customizado para o Expresso.Utiliza Caldav e CardDav?>

Line
1	<?php
2
3	// Editor component for company records
4	$editor = new Editor(translate('Principal'), 'dav_principal');
5
6	$editor->SetLookup( 'date_format_type', "SELECT 'E', 'European' UNION SELECT 'U', 'US Format' UNION SELECT 'I', 'ISO Format'" );
7	$editor->SetLookup( 'type_id', 'SELECT principal_type_id, principal_type_desc FROM principal_type ORDER BY principal_type_id' );
8	$editor->SetLookup( 'locale', 'SELECT \'\', \''.translate("* Default Locale *").'\' UNION SELECT locale, locale_name_locale FROM supported_locales ORDER BY 1 ASC' );
9	$editor->AddAttribute( 'locale', 'title', translate("The preferred language for this person.") );
10	$editor->AddAttribute( 'fullname', 'title', translate("The full name for this person, group or other type of principal.") );
11	param_to_global('id', 'int', 'old_id', 'principal_id' );
12	$editor->SetWhere( 'principal_id='.$id );
13
14	$editor->AddField('is_admin', 'EXISTS( SELECT 1 FROM role_member WHERE role_no = 1 AND role_member.user_no = dav_principal.user_no )' );
15	$editor->AddAttribute('is_admin', 'title', translate('An "Administrator" user has full rights to the whole DAViCal System'));
16
17	$privilege_names = array( 'read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set',
18	'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply',
19	'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );
20
21	$delete_collection_confirmation_required = null;
22	$delete_principal_confirmation_required = null;
23
24	function handle_subaction( $subaction ) {
25	global $session, $c, $id, $editor;
26	global $delete_collection_confirmation_required;
27	global $delete_principal_confirmation_required;
28	global $delete_ticket_confirmation_required;
29	global $delete_binding_confirmation_required;
30
31	dbg_error_log('admin-principal-edit',':handle_action: Action %s', $subaction );
32
33	switch( $subaction ) {
34	case 'delete_collection':
35	dbg_error_log('admin-principal-edit',':handle_action: Deleting collection %s for principal %d', $_GET['dav_name'], $id );
36	if ( $session->AllowedTo('Admin')
37	\|\| ($id > 0 && $session->principal_id == $id) ) {
38	if ( $session->CheckConfirmationHash('GET', 'confirm') ) {
39	dbg_error_log('admin-principal-edit',':handle_action: Allowed to delete collection %s for principal %d', $_GET['dav_name'], $id );
40	$qry = new AwlQuery('DELETE FROM collection WHERE dav_name=?;', $_GET['dav_name'] );
41	if ( $qry->Exec() ) {
42	$c->messages[] = i18n('Collection deleted');
43	return true;
44	}
45	else {
46	$c->messages[] = i18n('There was an error writing to the database.');
47	return false;
48	}
49	}
50	else {
51	$c->messages[] = i18n('Please confirm deletion of collection - see below');
52	$delete_collection_confirmation_required = $session->BuildConfirmationHash('GET', 'confirm');
53	return false;
54	}
55	}
56	break;
57
58	case 'delete_principal':
59	dbg_error_log('admin-principal-edit',':handle_action: Deleting principal %d', $id );
60	if ( $session->AllowedTo('Admin') ) {
61	if ( isset($id) && $id > 1 && $session->CheckConfirmationHash('GET', 'confirm') ) {
62	dbg_error_log('admin-principal-edit',':handle_action: Allowed to delete principal %d -%s', $id, $editor->Value('username') );
63	$qry = new AwlQuery('DELETE FROM dav_principal WHERE principal_id=?', $id );
64	if ( $qry->Exec() ) {
65	$c->messages[] = i18n('Principal deleted');
66	return true;
67	}
68	else {
69	$c->messages[] = i18n('There was an error writing to the database.');
70	return false;
71	}
72	}
73	else {
74	$c->messages[] = i18n('Please confirm deletion of the principal');
75	$delete_principal_confirmation_required = $session->BuildConfirmationHash('GET', 'confirm');
76	return false;
77	}
78	}
79	break;
80
81	case 'delete_ticket':
82	dbg_error_log('admin-principal-edit',':handle_action: Deleting ticket "%s" for principal %d', $_GET['ticket_id'], $id );
83	if ( $session->AllowedTo('Admin')
84	\|\| ($id > 0 && $session->principal_id == $id) ) {
85	if ( $session->CheckConfirmationHash('GET', 'confirm') ) {
86	dbg_error_log('admin-principal-edit',':handle_action: Allowed to delete ticket "%s" for principal %d', $_GET['ticket_id'], $id );
87	$qry = new AwlQuery('DELETE FROM access_ticket WHERE ticket_id=?;', $_GET['ticket_id'] );
88	if ( $qry->Exec() ) {
89	$c->messages[] = i18n('Access ticket deleted');
90	return true;
91	}
92	else {
93	$c->messages[] = i18n('There was an error writing to the database.');
94	return false;
95	}
96	}
97	else {
98	$c->messages[] = i18n('Please confirm deletion of access ticket - see below');
99	$delete_ticket_confirmation_required = $session->BuildConfirmationHash('GET', 'confirm');
100	return false;
101	}
102	}
103	break;
104
105	case 'delete_binding':
106	dbg_error_log('admin-principal-edit',':handle_action: Deleting binding "%s" for principal %d', $_GET['bind_id'], $id );
107	if ( $session->AllowedTo('Admin')
108	\|\| ($id > 0 && $session->principal_id == $id) ) {
109	if ( $session->CheckConfirmationHash('GET', 'confirm') ) {
110	dbg_error_log('admin-principal-edit',':handle_action: Allowed to delete ticket "%s" for principal %d', $_GET['bind_id'], $id );
111	$qry = new AwlQuery('DELETE FROM dav_binding WHERE bind_id=?;', $_GET['bind_id'] );
112	if ( $qry->Exec() ) {
113	$c->messages[] = i18n('Binding deleted');
114	return true;
115	}
116	else {
117	$c->messages[] = i18n('There was an error writing to the database.');
118	return false;
119	}
120	}
121	else {
122	$c->messages[] = i18n('Please confirm deletion of binding - see below');
123	$delete_binding_confirmation_required = $session->BuildConfirmationHash('GET', 'confirm');
124	return false;
125	}
126	}
127	break;
128
129	default:
130	return false;
131	}
132	return false;
133	}
134
135	if ( isset($_GET['subaction']) ) {
136	handle_subaction($_GET['subaction']);
137	}
138
139
140	$can_write_principal = ($session->AllowedTo('Admin') \|\| $session->principal_id == $id );
141	$post_values = false;
142
143	if ( isset($_POST['xxxxusername']) ) {
144	$_POST['xxxxusername'] = trim(str_replace('/', '', $_POST['xxxxusername']));
145	if ( $_POST['xxxxusername'] == '' ) {
146	$c->messages[] = i18n("The username must not be blank, and may not contain a slash");
147	$can_write_principal = false;
148	}
149	};
150	if ( isset($_POST['fullname']) && trim($_POST['fullname']) == '' ) {
151	$c->messages[] = i18n("The full name must not be blank.");
152	$can_write_principal = false;
153	};
154	if ( isset($_POST['email']) && trim($_POST['email']) == '' ) {
155	$c->messages[] = i18n("The email address really should not be blank.");
156	}
157
158	$pwstars = '@@@@@@@@@@';
159	if ( $can_write_principal && $editor->IsSubmit() ) {
160	$editor->WhereNewRecord( "principal_id=(SELECT CURRVAL('dav_id_seq'))" );
161	if ( ! $session->AllowedTo('Admin') ) {
162	unset($_POST['admin_role']);
163	unset($_POST['user_active']);
164	}
165	unset($_POST['password']);
166	if ( $_POST['newpass1'] != '' && $_POST['newpass1'] != $pwstars ) {
167	if ( $_POST['newpass1'] == $_POST['newpass2'] ) {
168	$_POST['password'] = $_POST['newpass1'];
169	}
170	else {
171	$c->messages[] = "Password not updated. The supplied passwords do not match.";
172	}
173	}
174	if ( isset($_POST['fullname']) && !isset($_POST['displayname']) ) {
175	$_POST['displayname'] = $_POST['fullname'];
176	}
177	if ( isset($_POST['default_privileges']) ) {
178	$privilege_bitpos = array_flip($privilege_names);
179	$priv_names = array_keys($_POST['default_privileges']);
180	$privs = privilege_to_bits($priv_names);
181	$_POST['default_privileges'] = sprintf('%024s',decbin($privs));
182	$editor->Assign('default_privileges', $privs_dec);
183	}
184	if ( $editor->IsCreate() ) {
185	$c->messages[] = i18n("Creating new Principal record.");
186	}
187	else {
188	$c->messages[] = i18n("Updating Principal record.");
189	}
190	$editor->Write();
191	if ( $_POST['type_id'] != 3 && $editor->IsCreate() ) {
192	/** We only add the default calendar if it isn't a group, and this is a create action */
193	require_once('auth-functions.php');
194	CreateHomeCalendar($editor->Value('username'));
195	}
196	if ( $session->AllowedTo('Admin') ) {
197	if ( $_POST['is_admin'] == 'on' ) {
198	$sql = 'INSERT INTO role_member (role_no, user_no) SELECT 1, dav_principal.user_no FROM dav_principal WHERE user_no = :user_no AND NOT EXISTS(SELECT 1 FROM role_member rm WHERE rm.role_no = 1 AND rm.user_no = dav_principal.user_no )';
199	$editor->Assign('is_admin', 't');
200	}
201	else {
202	$sql = 'DELETE FROM role_member WHERE role_no = 1 AND user_no = :user_no';
203	$editor->Assign('is_admin', 'f');
204	}
205	$params[':user_no'] = $editor->Value('user_no');
206	$qry = new AwlQuery( $sql, $params );
207	$qry->Exec('admin-principal-edit');
208	}
209	}
210	else if ( isset($id) && $id > 0 ) {
211	$editor->GetRecord();
212	if ( $editor->IsSubmit() ) {
213	$c->messages[] = i18n('You do not have permission to modify this record.');
214	}
215	}
216	if ( $editor->Available() ) {
217	$c->page_title = $editor->Title(translate('Principal').': '.$editor->Value('fullname'));
218	}
219	else {
220	$c->page_title = $editor->Title(translate('Create New Principal'));
221	$privs = decbin(privilege_to_bits($c->default_privileges));
222	$editor->Assign('default_privileges', $privs);
223	$editor->Assign('user_active', 't');
224	foreach( $c->template_usr AS $k => $v ) {
225	$editor->Assign($k, $v);
226	}
227	}
228	if ( $post_values ) {
229	$editor->PostToValues();
230	if ( isset($_POST['default_privileges']) ) {
231	$privilege_bitpos = array_flip($privilege_names);
232	$priv_names = array_keys($_POST['default_privileges']);
233	$privs = privilege_to_bits($priv_names);
234	$_POST['default_privileges'] = sprintf('%024s',decbin($privs));
235	$editor->Assign('default_privileges', $_POST['default_privileges']);
236	}
237	}
238
239	$privilege_xlate = array(
240	'all' => translate('All privileges'),
241	'read' => translate('Read'),
242	'write-properties' => translate('Write Metadata'),
243	'write-content' => translate('Write Data'),
244	'unlock' => translate('Override a Lock'),
245	'read-acl' => translate('Read Access Controls'),
246	'read-current-user-privilege-set' => translate('Read Current User\'s Access'),
247	'bind' => translate('Create Events/Collections'),
248	'unbind' => translate('Delete Events/Collections'),
249	'write-acl' => translate('Write Access Controls'),
250	'read-free-busy' => translate('Read Free/Busy Information'),
251	'schedule-deliver-invite' => translate('Scheduling: Deliver an Invitation'),
252	'schedule-deliver-reply' => translate('Scheduling: Deliver a Reply'),
253	'schedule-query-freebusy' => translate('Scheduling: Query free/busy'),
254	'schedule-send-invite' => translate('Scheduling: Send an Invitation'),
255	'schedule-send-reply' => translate('Scheduling: Send a Reply'),
256	'schedule-send-freebusy' => translate('Scheduling: Send free/busy'),
257	'write' => translate('Write'),
258	'schedule-deliver' => translate('Scheduling: Delivery'),
259	'schedule-send' => translate('Scheduling: Sending')
260	);
261
262	/**
263	* privilege_format_function is for formatting the binary privileges from the
264	* database, including localising them. This is a hook function for a browser
265	* column object, so it takes three parameters:
266	* @param mixed $value The value of the column.
267	* @param BrowserColumn $column The BrowserColumn object we are hooked into.
268	* @param dbrow $row The row object we read from the database.
269	* @return string The formatted privileges.
270	*/
271	function privilege_format_function( $value, $column, $row ) {
272	global $privilege_xlate;
273
274	$privs = bits_to_privilege($value);
275	$formatted = '';
276	foreach( $privs AS $k => $v ) {
277	$formatted .= ($formatted == '' ? '' : ' , ');
278	$v = preg_replace( '{^.*:}', '', $v );
279	$formatted .= (isset($privilege_xlate[$v]) ? $privilege_xlate[$v] : $v );
280	}
281	return $formatted;
282	}
283
284
285
286	$default_privileges = bindec($editor->Value('default_privileges'));
287	$privileges_set = '<div id="privileges">';
288	for( $i=0; $i<count($privilege_names); $i++ ) {
289	$privilege_set = ( (1 << $i) & $default_privileges ? ' CHECKED' : '');
290	$privileges_set .= '<label class="privilege"><input name="default_privileges['.$privilege_names[$i].']" id="default_privileges_'.$privilege_names[$i].'" type="checkbox"'.$privilege_set.'>'.$privilege_xlate[$privilege_names[$i]].'</label>'."\n";
291	}
292	$privileges_set .= '</div>';
293
294	$prompt_principal_id = translate('Principal ID');
295	$value_id = ( $editor->Available() ? '##principal_id.hidden####principal_id.value##' : translate('New Principal'));
296	$prompt_username = translate('Username');
297	$prompt_password_1 = translate('Change Password');
298	$prompt_password_2 = translate('Confirm Password');
299	$prompt_fullname = translate('Fullname');
300	$prompt_displayname = translate('Display Name');
301	$prompt_email = translate('Email Address');
302	$prompt_date_format = translate('Date Format Style');
303	$prompt_admin = translate('Administrator');
304	$prompt_active = translate('Active');
305	$prompt_locale = translate('Locale');
306	$prompt_type = translate('Principal Type');
307	$prompt_privileges = translate('Privileges granted to All Users');
308
309	$btn_all = htmlspecialchars(translate('All')); $btn_all_title = htmlspecialchars(translate('Toggle all privileges'));
310	$btn_rw = htmlspecialchars(translate('Read/Write')); $btn_rw_title = htmlspecialchars(translate('Set read+write privileges'));
311	$btn_read = htmlspecialchars(translate('Read')); $btn_read_title = htmlspecialchars(translate('Set read privileges'));
312	$btn_fb = htmlspecialchars(translate('Free/Busy')); $btn_fb_title = htmlspecialchars(translate('Set free/busy privileges'));
313	$btn_sd = htmlspecialchars(translate('Schedule Deliver')); $btn_sd_title = htmlspecialchars(translate('Set schedule-deliver privileges'));
314	$btn_ss = htmlspecialchars(translate('Schedule Send')); $btn_ss_title = htmlspecialchars(translate('Set schedule-deliver privileges'));
315
316	$admin_row_entry = '';
317	$delete_principal_button = '';
318	if ( $session->AllowedTo('Admin') ) {
319	$admin_row_entry = ' <tr> <th class="right">'.$prompt_admin.':</th><td class="left">##is_admin.checkbox##</td> </tr>';
320	$admin_row_entry .= ' <tr> <th class="right">'.$prompt_active.':</th><td class="left">##user_active.checkbox##</td> </tr>';
321	if ( isset($id) )
322	$delete_principal_button = '<a href="'.$c->base_url . '/admin.php?action=edit&t=principal&subaction=delete_principal&id='.$id.'" class="submit">' . translate("Delete Principal") . '</a>';
323	}
324
325	$id = $editor->Value('principal_id');
326	$template = <<<EOTEMPLATE
327	##form##
328	<script language="javascript">
329	function toggle_privileges() {
330	var argv = toggle_privileges.arguments;
331	var argc = argv.length;
332
333	if ( argc < 2 ) {
334	return;
335	}
336	var match_me = argv[0];
337
338	var set_to = -1;
339	if ( argv[1] == 'all' ) {
340	var form = document.getElementById(argv[2]);
341	var fieldcount = form.elements.length;
342	var matching = '/^' + match_me + '/';
343	for (var i = 0; i < fieldcount; i++) {
344	var fieldname = form.elements[i].name;
345	if ( fieldname.match( match_me ) ) {
346	if ( set_to == -1 ) {
347	set_to = ( form.elements[i].checked ? 0 : 1 );
348	}
349	form.elements[i].checked = set_to;
350	}
351	}
352	}
353	else {
354	for (var i = 1; i < argc; i++) {
355	var f = document.getElementById( match_me + '_' + argv[i]);
356	if ( set_to == -1 ) {
357	set_to = ( f.checked ? 0 : 1 );
358	}
359	f.checked = set_to;
360	}
361	}
362	}
363	</script>
364	<style>
365	th.right, label.privilege {
366	white-space:nowrap;
367	}
368	label.privilege {
369	margin:0.2em 1em 0.2em 0.1em;
370	padding:0 0.2em;
371	line-height:1.6em;
372	font-size:87%;
373	}
374	</style>
375	<table>
376	<tr> <th class="right">$prompt_principal_id:</th><td class="left">
377	<table width="100%" class="form_inner"><tr>
378	<td>$value_id</td>
379	<td align="right">$delete_principal_button</td>
380	</tr></table>
381	</td></tr>
382	<tr> <th class="right">$prompt_username:</th> <td class="left">##xxxxusername.input.50##</td> </tr>
383	<tr> <th class="right">$prompt_password_1:</th> <td class="left">##newpass1.password.$pwstars##</td> </tr>
384	<tr> <th class="right">$prompt_password_2:</th> <td class="left">##newpass2.password.$pwstars##</td> </tr>
385	<tr> <th class="right">$prompt_fullname:</th> <td class="left">##fullname.input.50##</td> </tr>
386	<tr> <th class="right">$prompt_email:</th> <td class="left">##email.input.50##</td> </tr>
387	<tr> <th class="right">$prompt_locale:</th> <td class="left">##locale.select##</td> </tr>
388	<tr> <th class="right">$prompt_date_format:</th> <td class="left">##date_format_type.select##</td> </tr>
389	<tr> <th class="right">$prompt_type:</th> <td class="left">##type_id.select##</td> </tr>
390	$admin_row_entry
391	<tr> <th class="right" style="white-space:normal;">$prompt_privileges:</th><td class="left">
392	<input type="button" value="$btn_all" class="submit" title="$btn_all_title" onclick="toggle_privileges('default_privileges', 'all', 'editor_1');">
393	<input type="button" value="$btn_rw" class="submit" title="$btn_rw_title"
394	onclick="toggle_privileges('default_privileges', 'read', 'write-properties', 'write-content', 'bind', 'unbind', 'read-free-busy',
395	'read-current-user-privilege-set', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy',
396	'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );">
397	<input type="button" value="$btn_read" class="submit" title="$btn_read_title"
398	onclick="toggle_privileges('default_privileges', 'read', 'read-free-busy', 'schedule-query-freebusy', 'read-current-user-privilege-set' );">
399	<input type="button" value="$btn_fb" class="submit" title="$btn_fb_title"
400	onclick="toggle_privileges('default_privileges', 'read-free-busy', 'schedule-query-freebusy' );">
401	<input type="button" value="$btn_sd" class="submit" title="$btn_sd_title"
402	onclick="toggle_privileges('default_privileges', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy' );">
403	<input type="button" value="$btn_ss" class="submit" title="$btn_ss_title"
404	onclick="toggle_privileges('default_privileges', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );">
405	<br>$privileges_set</td> </tr>
406	<tr> <th class="right"></th> <td class="left" colspan="2">##submit##</td> </tr>
407	</table>
408	</form>
409	EOTEMPLATE;
410
411	$editor->SetTemplate( $template );
412	$page_elements[] = $editor;
413
414	if ( isset($delete_principal_confirmation_required) ) {
415	$html = '<p class="error">';
416	$html .= sprintf('<b>%s</b> \'%s\' <a class="error" href="%s&%s">%s</a> %s',
417	translate('Deleting Principal:'), $editor->Value('displayname'), $_SERVER['REQUEST_URI'],
418	$delete_principal_confirmation_required, translate('Confirm Deletion of the Principal'),
419	translate('All of the principal\'s calendars and events will be unrecoverably deleted.') );
420	$html .= "</p>\n";
421	$page_elements[] = $html;
422	}
423
424
425	if ( isset($id) && $id > 0 ) {
426	$browser = new Browser(translate('Group Memberships'));
427	$c->stylesheets[] = 'css/browse.css';
428	$c->scripts[] = 'js/browse.js';
429
430	$browser->AddColumn( 'group_id', translate('ID'), 'right', '##principal_link##' );
431	$rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id=';
432	$browser->AddHidden( 'principal_link', "'<a href=\"$rowurl' \|\| principal_id \|\| '\">' \|\| principal_id \|\| '</a>'" );
433	$browser->AddColumn( 'displayname', translate('Display Name') );
434	$browser->AddColumn( 'member_of', translate('Is Member of'), '', '', 'is_member_of_list(principal_id)' );
435	$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
436
437	$browser->SetOrdering( 'displayname', 'A' );
438
439	$browser->SetJoins( "group_member LEFT JOIN dav_principal ON (group_id = principal_id) " );
440	$browser->SetWhere( 'user_active AND member_id = '.$id );
441
442	if ( $c->enable_row_linking ) {
443	$browser->RowFormat( '<tr onMouseover="LinkHref(this,1);" title="'.translate('Click to edit principal details').'" class="r%d">', '</tr>', '#even' );
444	}
445	else {
446	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
447	}
448	$browser->DoQuery();
449	$page_elements[] = $browser;
450
451
452	if ( $editor->Value('type_id') == 3 ) {
453
454	$grouprow = new Editor("Group Members", "group_member");
455	$grouprow->SetLookup( 'member_id', 'SELECT principal_id, coalesce(displayname,fullname,username) FROM dav_principal WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = '.$id.') AND principal_id != '.$id);
456	$grouprow->SetSubmitName( 'savegrouprow' );
457
458	if ( $can_write_principal ) {
459	if ( $grouprow->IsSubmit() ) {
460	if ( $grouprow->IsUpdate() )
461	$c->messages[] = translate('Updating Member of this Group Principal');
462	else
463	$c->messages[] = translate('Adding new member to this Group Principal');
464
465	$_POST['group_id'] = $id;
466	$member_id = intval($_POST['member_id']);
467	$grouprow->SetWhere( "group_id=".qpg($id)." AND member_id=$member_id");
468	$grouprow->Write( );
469	unset($_GET['member_id']);
470	}
471	elseif ( isset($_GET['delete_member']) ) {
472	$qry = new AwlQuery("DELETE FROM group_member WHERE group_id=:group_id AND member_id = :member_id",
473	array( ':group_id' => $id, ':member_id' => intval($_GET['delete_member']) ));
474	$qry->Exec('principal-edit');
475	$c->messages[] = translate('Member deleted from this Group Principal');
476	}
477	}
478
479	function edit_group_row( $row_data ) {
480	global $grouprow, $id, $c;
481
482	$form_url = preg_replace( '#&(edit\|delete)_group=\d+#', '', $_SERVER['REQUEST_URI'] );
483
484	$template = <<<EOTEMPLATE
485	<form method="POST" enctype="multipart/form-data" id="add_group" action="$form_url">
486	<td class="left"><input type="hidden" name="id" value="$id"></td>
487	<td class="left" colspan="3">##member_id.select##   ##Add.submit##</td>
488	<td class="center"></td>
489	</form>
490
491	EOTEMPLATE;
492
493	$grouprow->SetTemplate( $template );
494	$grouprow->Title("");
495	if ( $row_data->group_id > -1 ) $grouprow->SetRecord( $row_data );
496
497	return $grouprow->Render();
498	}
499
500	$browser = new Browser(translate('Group Members'));
501
502	$browser->AddColumn( 'group_id', translate('ID'), 'right', '##principal_link##' );
503	$rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id=';
504	$browser->AddHidden( 'principal_id' );
505	$browser->AddHidden( 'principal_link', "'<a href=\"$rowurl' \|\| principal_id \|\| '\">' \|\| principal_id \|\| '</a>'" );
506	$browser->AddColumn( 'displayname', translate('Display Name') );
507	$browser->AddColumn( 'member_of', translate('Is Member of'), '', '', 'is_member_of_list(principal_id)' );
508	$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
509
510	if ( $can_write_principal ) {
511	$del_link = '<a href="'.$c->base_url.'/admin.php?action=edit&t=principal&id='.$id.'&delete_member=##principal_id##" class="submit">'.translate('Remove').'</a>';
512	$browser->AddColumn( 'action', translate('Action'), 'center', '', "'$edit_link $del_link'" );
513	}
514
515	$browser->SetOrdering( 'displayname', 'A' );
516
517	$browser->SetJoins( "group_member LEFT JOIN dav_principal ON (member_id = principal_id) " );
518	$browser->SetWhere( 'user_active AND group_id = '.$id );
519
520	if ( $c->enable_row_linking ) {
521	$browser->RowFormat( '<tr onMouseover="LinkHref(this,1);" title="'.translate('Click to edit principal details').'" class="r%d">', '</tr>', '#even' );
522	}
523	else {
524	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
525	}
526	$browser->DoQuery();
527	$page_elements[] = $browser;
528
529	if ( $can_write_principal ) {
530	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
531	$extra_row = array( 'group_id' => -1 );
532	$browser->MatchedRow('group_id', -1, 'edit_group_row');
533	$extra_row = (object) $extra_row;
534	$browser->AddRow($extra_row);
535	}
536	}
537
538
539	$grantrow = new Editor("Grants", "grants");
540	$grantrow->SetSubmitName( 'savegrantrow' );
541	$edit_grant_clause = '';
542	if ( isset($_GET['edit_grant']) ) {
543	$edit_grant_clause = ' AND to_principal != '.intval($_GET['edit_grant']);
544	}
545	$grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE principal_id NOT IN (SELECT to_principal FROM grants WHERE by_principal = '.$id.$edit_grant_clause.') ORDER BY fullname' );
546	if ( $can_write_principal ) {
547	if ( $grantrow->IsSubmit() ) {
548	if ( $grantrow->IsUpdate() )
549	$c->messages[] = translate('Updating grants by this Principal');
550	else
551	$c->messages[] = translate('Granting new privileges from this Principal');
552	$_POST['by_principal'] = $id;
553	$to_principal = intval($_POST['to_principal']);
554	$orig_to_id = intval($_POST['orig_to_id']);
555	$grantrow->SetWhere( "by_principal=".qpg($id)." AND to_principal=$orig_to_id");
556	if ( isset($_POST['grant_privileges']) ) {
557	$privilege_bitpos = array_flip($privilege_names);
558	$priv_names = array_keys($_POST['grant_privileges']);
559	$privs = privilege_to_bits($priv_names);
560	$_POST['privileges'] = sprintf('%024s',decbin($privs));
561	$grantrow->Assign('privileges', $privs_dec);
562	}
563	$grantrow->Write( );
564	unset($_GET['to_principal']);
565	}
566	elseif ( isset($_GET['delete_grant']) ) {
567	$qry = new AwlQuery("DELETE FROM grants WHERE by_principal=:grantor_id AND to_principal = :to_principal",
568	array( ':grantor_id' => $id, ':to_principal' => intval($_GET['delete_grant']) ));
569	$qry->Exec('principal-edit');
570	$c->messages[] = translate('Deleted a grant from this Principal');
571	}
572	}
573
574	function edit_grant_row( $row_data ) {
575	global $grantrow, $id, $c, $privilege_xlate, $privilege_names;
576	global $btn_all, $btn_all_title, $btn_rw, $btn_rw_title, $btn_read, $btn_read_title;
577	global $btn_fb, $btn_fb_title, $btn_sd, $btn_sd_title, $btn_ss, $btn_ss_title;
578
579	if ( $row_data->to_principal > -1 ) {
580	$grantrow->SetRecord( $row_data );
581	}
582
583	$grant_privileges = bindec($grantrow->Value('grant_privileges'));
584	$privileges_set = '<div id="privileges">';
585	for( $i=0; $i < count($privilege_names); $i++ ) {
586	$privilege_set = ( (1 << $i) & $grant_privileges ? ' CHECKED' : '');
587	$privileges_set .= '<label class="privilege"><input name="grant_privileges['.$privilege_names[$i].']" id="grant_privileges_'.$privilege_names[$i].'" type="checkbox"'.$privilege_set.'>'.$privilege_xlate[$privilege_names[$i]].'</label>'."\n";
588	}
589	$privileges_set .= '</div>';
590
591	$orig_to_id = $row_data->to_principal;
592	$form_id = $grantrow->Id();
593	$form_url = preg_replace( '#&(edit\|delete)_grant=\d+#', '', $_SERVER['REQUEST_URI'] );
594
595	$template = <<<EOTEMPLATE
596	<form method="POST" enctype="multipart/form-data" id="form_$form_id" action="$form_url">
597	<td class="left" colspan="2"><input type="hidden" name="id" value="$id"><input type="hidden" name="orig_to_id" value="$orig_to_id">##to_principal.select##</td>
598	<td class="left" colspan="2">
599	<input type="button" value="$btn_all" class="submit" title="$btn_all_title" onclick="toggle_privileges('grant_privileges', 'all', 'form_$form_id');">
600	<input type="button" value="$btn_rw" class="submit" title="$btn_rw_title"
601	onclick="toggle_privileges('grant_privileges', 'read', 'write-properties', 'write-content', 'bind', 'unbind', 'read-free-busy',
602	'read-current-user-privilege-set', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy',
603	'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );">
604	<input type="button" value="$btn_read" class="submit" title="$btn_read_title"
605	onclick="toggle_privileges('grant_privileges', 'read', 'read-free-busy', 'schedule-query-freebusy', 'read-current-user-privilege-set' );">
606	<input type="button" value="$btn_fb" class="submit" title="$btn_fb_title"
607	onclick="toggle_privileges('grant_privileges', 'read-free-busy', 'schedule-query-freebusy' );">
608	<input type="button" value="$btn_sd" class="submit" title="$btn_sd_title"
609	onclick="toggle_privileges('grant_privileges', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy' );">
610	<input type="button" value="$btn_ss" class="submit" title="$btn_ss_title"
611	onclick="toggle_privileges('grant_privileges', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );">
612	<br>$privileges_set
613	<td class="center">##submit##</td>
614	</form>
615
616	EOTEMPLATE;
617
618	$grantrow->SetTemplate( $template );
619	$grantrow->Title("");
620
621	return $grantrow->Render();
622	}
623
624	$browser = new Browser(translate('Principal Grants'));
625
626	$browser->AddColumn( 'to_principal', translate('To ID'), 'right', '##principal_link##' );
627	$rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id=';
628	$browser->AddHidden( 'principal_link', "'<a href=\"$rowurl' \|\| to_principal \|\| '\">' \|\| to_principal \|\| '</a>'" );
629	$browser->AddHidden( 'grant_privileges', 'privileges' );
630	$browser->AddColumn( 'displayname', translate('Display Name') );
631	$browser->AddColumn( 'privs', translate('Privileges'), '', '', 'privileges', '', '', 'privilege_format_function' );
632	$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
633
634	if ( $can_write_principal ) {
635	$del_link = '<a href="'.$c->base_url.'/admin.php?action=edit&t=principal&id='.$id.'&delete_grant=##to_principal##" class="submit">'.translate('Revoke').'</a>';
636	$edit_link = '<a href="'.$c->base_url.'/admin.php?action=edit&t=principal&id='.$id.'&edit_grant=##to_principal##" class="submit">'.translate('Edit').'</a>';
637	$browser->AddColumn( 'action', translate('Action'), 'center', '', "'$edit_link $del_link'" );
638	}
639
640	$browser->SetOrdering( 'displayname', 'A' );
641
642	$browser->SetJoins( "grants LEFT JOIN dav_principal ON (to_principal = principal_id) " );
643	$browser->SetWhere( 'by_principal = '.$id );
644
645	if ( $c->enable_row_linking ) {
646	$browser->RowFormat( '<tr onMouseover="LinkHref(this,1);" title="'.translate('Click to edit principal details').'" class="r%d">', '</tr>', '#even' );
647	}
648	else {
649	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
650	}
651	$browser->DoQuery();
652	$page_elements[] = $browser;
653
654
655	if ( $can_write_principal ) {
656	if ( isset($_GET['edit_grant']) ) {
657	$browser->MatchedRow('to_principal', $_GET['edit_grant'], 'edit_grant_row');
658	}
659	else if ( isset($id ) ) {
660	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
661	$extra_row = array( 'to_principal' => -1 );
662	$browser->MatchedRow('to_principal', -1, 'edit_grant_row');
663	$extra_row = (object) $extra_row;
664	$browser->AddRow($extra_row);
665	}
666	}
667
668
669	$browser = new Browser(translate('Access Tickets'));
670
671	$browser->AddColumn( 'ticket_id', translate('Ticket ID'), '', '' );
672	$browser->AddColumn( 'target', translate('Target'), '', '<td style="white-space:nowrap;">%s</td>', "'".$c->base_url.'/caldav.php'."' \|\|COALESCE(d.dav_name,c.dav_name)" );
673	$browser->AddColumn( 'expiry', translate('Expires'), '', '', 'TO_CHAR(expires,\'YYYY-MM-DD HH:MI:SS\')');
674	$browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" );
675	$delurl = $c->base_url . '/admin.php?action=edit&t=principal&id='.$id.'&ticket_id=##URL:ticket_id##&subaction=delete_ticket';
676	$browser->AddColumn( 'delete', translate('Action'), 'center', '', "'<a class=\"submit\" href=\"$delurl\">".translate('Delete')."</a>'" );
677
678	$browser->SetOrdering( 'target', 'A' );
679
680	$browser->SetJoins( 'access_ticket t LEFT JOIN collection c ON (target_collection_id=collection_id) LEFT JOIN caldav_data d ON (target_resource_id=dav_id)' );
681	$browser->SetWhere( 'dav_owner_id = '.intval($editor->Value('principal_id')) );
682
683	// $browser->AddRow( array( 'target' => '<a href="'.$rowurl.'&principal_id='.intval($editor->Value('principal_id')).'" class="submit">'.translate('Create Ticket').'</a>' ));
684
685	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
686
687	$browser->DoQuery();
688	$page_elements[] = $browser;
689
690	if ( isset($delete_ticket_confirmation_required) ) {
691	$html = '<table><tr><td class="error">';
692	$html .= sprintf('<b>%s</b> "%s" <a class="error" href="%s&%s">%s</a> %s',
693	translate('Deleting Ticket:'), $_GET['ticket_id'], $_SERVER['REQUEST_URI'],
694	$delete_ticket_confirmation_required,
695	translate('Confirm Deletion of the Ticket'),
696	translate('The access ticket will be deleted.') );
697	$html .= "</td></tr></table>\n";
698	$page_elements[] = $html;
699	}
700
701
702	$browser = new Browser(translate('Principal Collections'));
703
704	$browser->AddColumn( 'collection_id', translate('ID'), 'right', '##collection_link##' );
705	$rowurl = $c->base_url . '/admin.php?action=edit&t=collection&id=';
706	$browser->AddHidden( 'collection_link', "'<a href=\"$rowurl' \|\| collection_id \|\| '\">' \|\| collection_id \|\| '</a>'" );
707	$browser->AddColumn( 'dav_name', translate('Path') );
708	$browser->AddColumn( 'dav_displayname', translate('Display Name') );
709	$browser->AddColumn( 'publicly_readable', translate('Public'), 'centre', '', 'CASE WHEN publicly_readable THEN \''.translate('Yes').'\' ELSE \''.translate('No').'\' END' );
710	$browser->AddColumn( 'privs', translate('Privileges'), '', '',
711	"COALESCE( privileges_list(default_privileges), '[".translate('from principal')."]')" );
712	$delurl = $c->base_url . '/admin.php?action=edit&t=principal&id='.$id.'&dav_name=##URL:dav_name##&subaction=delete_collection';
713	$browser->AddColumn( 'delete', translate('Action'), 'center', '', "'<a class=\"submit\" href=\"$delurl\">".translate('Delete')."</a>'" );
714
715	$browser->SetOrdering( 'dav_name', 'A' );
716
717	$browser->SetJoins( "collection " );
718	$browser->SetWhere( 'user_no = '.intval($editor->Value('user_no')) );
719
720	$browser->AddRow( array( 'dav_name' => '<a href="'.$rowurl.'&user_no='.intval($editor->Value('user_no')).'" class="submit">'.translate('Create Collection').'</a>' ));
721
722	if ( $c->enable_row_linking ) {
723	$browser->RowFormat( '<tr onMouseover="LinkHref(this,1);" title="'.translate('Click to edit principal details').'" class="r%d">', '</tr>', '#even' );
724	}
725	else {
726	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
727	}
728	$browser->DoQuery();
729	$page_elements[] = $browser;
730	if ( isset($delete_collection_confirmation_required) ) {
731	$html = '<table><tr><td class="error">';
732	$html .= sprintf('<b>%s</b> "%s" <a class="error" href="%s&%s">%s</a> %s',
733	translate('Deleting Collection:'), $_GET['dav_name'], $_SERVER['REQUEST_URI'],
734	$delete_collection_confirmation_required,
735	translate('Confirm Deletion of the Collection'),
736	translate('All collection data will be unrecoverably deleted.') );
737	$html .= "</td></tr></table>\n";
738	$page_elements[] = $html;
739	}
740
741	$browser = new Browser(translate('Bindings to this Principal\'s Collections'));
742	$browser->AddColumn( 'bind_id', translate('ID'), '', '' );
743	$browser->AddHidden( 'b.dav_owner_id' );
744	$browser->AddHidden( 'p.principal_id' );
745	$browser->AddColumn( 'bound_as', translate('Bound As'), '', '<td style="white-space:nowrap;">%s</td>', "'".$c->base_url.'/caldav.php'."' \|\|b.dav_name" );
746	$browser->AddColumn( 'access_ticket_id', translate('Ticket ID'), '', '' );
747	$browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" );
748	$delurl = $c->base_url . '/admin.php?action=edit&t=principal&id=##principal_id##&bind_id=##bind_id##&subaction=delete_binding';
749	$browser->AddColumn( 'delete', translate('Action'), 'center', '', "'<a class=\"submit\" href=\"$delurl\">".translate('Delete')."</a>'" );
750
751	$browser->SetOrdering( 'target', 'A' );
752
753	$browser->SetJoins( 'dav_binding b LEFT JOIN collection c ON (bound_source_id=collection_id) LEFT JOIN access_ticket t ON (ticket_id=access_ticket_id) LEFT JOIN principal p USING(user_no)' );
754	$browser->SetWhere( 'p.principal_id = '.intval($editor->Value('principal_id')) );
755
756	$browser->RowFormat( '<tr class="r%d">', '</tr>', '#even' );
757
758	$browser->DoQuery();
759	$page_elements[] = $browser;
760
761	if ( isset($delete_binding_confirmation_required) ) {
762	$html = '<table><tr><td class="error">';
763	$html .= sprintf('<b>%s</b> "%s" <a class="error" href="%s&%s">%s</a> %s',
764	translate('Deleting Binding:'), $_GET['bind_id'], $_SERVER['REQUEST_URI'],
765	$delete_binding_confirmation_required,
766	translate('Confirm Deletion of the Binding'),
767	translate('The binding will be deleted.') );
768	$html .= "</td></tr></table>\n";
769	$page_elements[] = $html;
770	}
771
772	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: contrib/davical/inc/ui/principal-edit.php @ 3733

Download in other formats: