[2] | 1 | <?php |
---|
| 2 | /**************************************************************************\ |
---|
| 3 | * phpGroupWare - Preferences * |
---|
| 4 | * http://www.phpgroupware.org * |
---|
| 5 | * -------------------------------------------- * |
---|
| 6 | * This program is free software; you can redistribute it and/or modify it * |
---|
| 7 | * under the terms of the GNU General Public License as published by the * |
---|
| 8 | * Free Software Foundation; either version 2 of the License, or (at your * |
---|
| 9 | * option) any later version. * |
---|
| 10 | \**************************************************************************/ |
---|
| 11 | |
---|
| 12 | |
---|
| 13 | class uiaclprefs |
---|
| 14 | { |
---|
| 15 | var $acl; |
---|
| 16 | var $template; |
---|
| 17 | |
---|
| 18 | var $public_functions = array('index' => True); |
---|
| 19 | |
---|
| 20 | function uiaclprefs() |
---|
| 21 | { |
---|
| 22 | $GLOBALS['phpgw']->nextmatchs = CreateObject('phpgwapi.nextmatchs'); |
---|
| 23 | } |
---|
| 24 | |
---|
| 25 | function index() |
---|
| 26 | { |
---|
| 27 | $acl_app = get_var('acl_app',array('POST','GET')); |
---|
| 28 | $start = get_var('start',array('POST','GET')); |
---|
| 29 | $query = get_var('query',array('POST','GET')); |
---|
| 30 | $s_groups = get_var('s_groups',array('POST','GET')); |
---|
| 31 | $s_users = get_var('s_users',array('POST','GET')); |
---|
| 32 | $owner = get_var('owner',array('POST','GET')); |
---|
| 33 | |
---|
| 34 | if (! $acl_app) |
---|
| 35 | { |
---|
| 36 | $acl_app = 'preferences'; |
---|
| 37 | $acl_app_not_passed = True; |
---|
| 38 | } |
---|
| 39 | else |
---|
| 40 | { |
---|
| 41 | $GLOBALS['phpgw']->translation->add_app($acl_app); |
---|
| 42 | } |
---|
| 43 | |
---|
| 44 | $GLOBALS['phpgw_info']['flags']['currentapp'] = $acl_app; |
---|
| 45 | |
---|
| 46 | if ($acl_app_not_passed) |
---|
| 47 | { |
---|
| 48 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 49 | { |
---|
| 50 | $GLOBALS['phpgw']->log->message(array( |
---|
| 51 | 'text' => 'F-BadmenuactionVariable, failed to pass acl_app.', |
---|
| 52 | 'line' => __LINE__, |
---|
| 53 | 'file' => __FILE__ |
---|
| 54 | )); |
---|
| 55 | $GLOBALS['phpgw']->log->commit(); |
---|
| 56 | } |
---|
| 57 | } |
---|
| 58 | |
---|
| 59 | if ($GLOBALS['phpgw_info']['server']['deny_user_grants_access'] && !isset($GLOBALS['phpgw_info']['user']['apps']['admin'])) |
---|
| 60 | { |
---|
| 61 | echo '<center><b>' . lang('Access not permitted') . '</b></center>'; |
---|
| 62 | $GLOBALS['phpgw']->common->phpgw_exit(True); |
---|
| 63 | } |
---|
| 64 | |
---|
| 65 | |
---|
| 66 | $this->template = CreateObject('phpgwapi.Template',$GLOBALS['phpgw']->common->get_tpl_dir($acl_app)); |
---|
| 67 | |
---|
| 68 | // Verifica se é o template da Celepar, então carrega outro .tpl |
---|
| 69 | //echo $this->template->root; |
---|
| 70 | if(strstr($this->template->root,'celepar')) { |
---|
| 71 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/index.php','menuaction=preferences.uiaclprefs2.index&acl_app='.$acl_app)); |
---|
| 72 | } |
---|
| 73 | |
---|
| 74 | |
---|
| 75 | /* |
---|
| 76 | if(isset($save_my_owner) && $GLOBALS['phpgw_info']['user']['apps']['admin']) |
---|
| 77 | { |
---|
| 78 | $owner = $save_my_owner; |
---|
| 79 | unset($save_my_owner); |
---|
| 80 | } |
---|
| 81 | elseif(@isset($save_my_owner)) |
---|
| 82 | { |
---|
| 83 | echo '<center>'.lang('You do not have permission to set ACL\'s in this mode!').'</center>'; |
---|
| 84 | $GLOBALS['phpgw']->common->phpgw_footer(); |
---|
| 85 | } |
---|
| 86 | */ |
---|
| 87 | |
---|
| 88 | if((!isset($owner) || empty($owner)) || !$GLOBALS['phpgw_info']['user']['apps']['admin']) |
---|
| 89 | { |
---|
| 90 | $owner = $GLOBALS['phpgw_info']['user']['account_id']; |
---|
| 91 | } |
---|
| 92 | |
---|
| 93 | $acct = CreateObject('phpgwapi.accounts',$owner); |
---|
| 94 | $groups = $acct->get_list('groups','','ASC','account_lid'); |
---|
| 95 | $users = $acct->get_list('accounts','','ASC','account_firstname'); |
---|
| 96 | $owner_name = $acct->id2name($owner); // get owner name for title |
---|
| 97 | if($is_group = $acct->get_type($owner) == 'g') |
---|
| 98 | { |
---|
| 99 | $owner_name = lang('Group').' ('.$owner_name.')'; |
---|
| 100 | } |
---|
| 101 | unset($acct); |
---|
| 102 | $this->acl = CreateObject('phpgwapi.acl',(int)$owner); |
---|
| 103 | $this->acl->read_repository(); |
---|
| 104 | |
---|
| 105 | if ($_POST['submit']) |
---|
| 106 | { |
---|
| 107 | $processed = $_POST['processed']; |
---|
| 108 | $to_remove = unserialize(urldecode($processed)); |
---|
| 109 | |
---|
| 110 | for($i=0;$i<count($to_remove);$i++) |
---|
| 111 | { |
---|
| 112 | $this->acl->delete($GLOBALS['phpgw_info']['flags']['currentapp'],$to_remove[$i]); |
---|
| 113 | } |
---|
| 114 | |
---|
| 115 | /* Group records */ |
---|
| 116 | $group_variable = $_POST['g_'.$GLOBALS['phpgw_info']['flags']['currentapp']]; |
---|
| 117 | |
---|
| 118 | if (!$group_variable) |
---|
| 119 | { |
---|
| 120 | $group_variable = array(); |
---|
| 121 | } |
---|
| 122 | @reset($group_variable); |
---|
| 123 | $totalacl = array(); |
---|
| 124 | while(list($rowinfo,$perm) = each($group_variable)) |
---|
| 125 | { |
---|
| 126 | list($group_id,$rights) = split('_',$rowinfo); |
---|
| 127 | $totalacl[$group_id] += $rights; |
---|
| 128 | } |
---|
| 129 | @reset($totalacl); |
---|
| 130 | while(list($group_id,$rights) = @each($totalacl)) |
---|
| 131 | { |
---|
| 132 | if($is_group) |
---|
| 133 | { |
---|
| 134 | /* Don't allow group-grants to grant private */ |
---|
| 135 | $rights &= ~PHPGW_ACL_PRIVATE; |
---|
| 136 | } |
---|
| 137 | |
---|
| 138 | $this->acl->add($GLOBALS['phpgw_info']['flags']['currentapp'],$group_id,$rights); |
---|
| 139 | } |
---|
| 140 | |
---|
| 141 | /* User records */ |
---|
| 142 | $user_variable = $_POST['u_'.$GLOBALS['phpgw_info']['flags']['currentapp']]; |
---|
| 143 | |
---|
| 144 | if (!$user_variable) |
---|
| 145 | { |
---|
| 146 | $user_variable = array(); |
---|
| 147 | } |
---|
| 148 | @reset($user_variable); |
---|
| 149 | $totalacl = array(); |
---|
| 150 | while(list($rowinfo,$perm) = each($user_variable)) |
---|
| 151 | { |
---|
| 152 | list($user_id,$rights) = split('_',$rowinfo); |
---|
| 153 | $totalacl[$user_id] += $rights; |
---|
| 154 | } |
---|
| 155 | @reset($totalacl); |
---|
| 156 | while(list($user_id,$rights) = @each($totalacl)) |
---|
| 157 | { |
---|
| 158 | if($is_group) |
---|
| 159 | { |
---|
| 160 | /* Don't allow group-grants to grant private */ |
---|
| 161 | $rights &= ~ PHPGW_ACL_PRIVATE; |
---|
| 162 | } |
---|
| 163 | |
---|
| 164 | $this->acl->add($GLOBALS['phpgw_info']['flags']['currentapp'],$user_id,$rights); |
---|
| 165 | } |
---|
| 166 | $this->acl->save_repository(); |
---|
| 167 | } |
---|
| 168 | |
---|
| 169 | $processed = Array(); |
---|
| 170 | |
---|
| 171 | $total = 0; |
---|
| 172 | |
---|
| 173 | if(!isset($start)) |
---|
| 174 | { |
---|
| 175 | $start = 0; |
---|
| 176 | } |
---|
| 177 | |
---|
| 178 | if(!$start) |
---|
| 179 | { |
---|
| 180 | $s_groups = 0; |
---|
| 181 | $s_users = 0; |
---|
| 182 | } |
---|
| 183 | |
---|
| 184 | if(!isset($s_groups)) |
---|
| 185 | { |
---|
| 186 | $s_groups = 0; |
---|
| 187 | } |
---|
| 188 | |
---|
| 189 | if(!isset($s_users)) |
---|
| 190 | { |
---|
| 191 | $s_users = 0; |
---|
| 192 | } |
---|
| 193 | |
---|
| 194 | if(!isset($query)) |
---|
| 195 | { |
---|
| 196 | $query = ""; |
---|
| 197 | } |
---|
| 198 | |
---|
| 199 | if(!isset($maxm)) |
---|
| 200 | { |
---|
| 201 | $maxm = $GLOBALS['phpgw_info']['user']['preferences']['common']['maxmatchs']; |
---|
| 202 | } |
---|
| 203 | |
---|
| 204 | if(!isset($totalentries)) |
---|
| 205 | { |
---|
| 206 | $totalentries = count($groups) + count($users); |
---|
| 207 | if($totalentries < $maxm) |
---|
| 208 | { |
---|
| 209 | $maxm = $totalentries; |
---|
| 210 | } |
---|
| 211 | } |
---|
| 212 | |
---|
| 213 | $GLOBALS['phpgw_info']['flags']['app_header'] = lang('%1 - Preferences',$GLOBALS['phpgw_info']['apps'][$acl_app]['title']).' - '.lang('acl').': '.$owner_name; |
---|
| 214 | $GLOBALS['phpgw']->common->phpgw_header(); |
---|
| 215 | echo parse_navbar(); |
---|
| 216 | |
---|
| 217 | $this->template = CreateObject('phpgwapi.Template',$GLOBALS['phpgw']->common->get_tpl_dir($acl_app)); |
---|
| 218 | $templates = Array ( |
---|
| 219 | 'preferences' => 'preference_acl.tpl', |
---|
| 220 | 'row_colspan' => 'preference_colspan.tpl', |
---|
| 221 | 'acl_row' => 'preference_acl_row.tpl' |
---|
| 222 | ); |
---|
| 223 | |
---|
| 224 | $this->template->set_file($templates); |
---|
| 225 | |
---|
| 226 | if ($submit) |
---|
| 227 | { |
---|
| 228 | $this->template->set_var('errors',lang('ACL grants have been updated')); |
---|
| 229 | } |
---|
| 230 | |
---|
| 231 | $common_hidden_vars = |
---|
| 232 | ' <input type="hidden" name="s_groups" value="'.$s_groups.'">'."\n" |
---|
| 233 | . ' <input type="hidden" name="s_users" value="'.$s_users.'">'."\n" |
---|
| 234 | . ' <input type="hidden" name="maxm" value="'.$maxm.'">'."\n" |
---|
| 235 | . ' <input type="hidden" name="totalentries" value="'.$totalentries.'">'."\n" |
---|
| 236 | . ' <input type="hidden" name="start" value="'.$start.'">'."\n" |
---|
| 237 | . ' <input type="hidden" name="query" value="'.$query.'">'."\n" |
---|
| 238 | . ' <input type="hidden" name="owner" value="'.$owner.'">'."\n" |
---|
| 239 | . ' <input type="hidden" name="acl_app" value="'.$acl_app.'">'."\n"; |
---|
| 240 | |
---|
| 241 | $var = Array( |
---|
| 242 | 'errors' => '', |
---|
| 243 | 'title' => '<br>', |
---|
| 244 | 'action_url' => $GLOBALS['phpgw']->link('/index.php','menuaction=preferences.uiaclprefs.index&acl_app=' . $acl_app), |
---|
| 245 | 'bg_color' => $GLOBALS['phpgw_info']['theme']['th_bg'], |
---|
| 246 | 'submit_lang' => lang('Save'), |
---|
| 247 | 'common_hidden_vars_form' => $common_hidden_vars |
---|
| 248 | ); |
---|
| 249 | |
---|
| 250 | $this->template->set_var($var); |
---|
| 251 | |
---|
| 252 | if(isset($query_result) && $query_result) |
---|
| 253 | { |
---|
| 254 | $common_hidden_vars .= '<input type="hidden" name="query_result" value="'.$query_result.'">'."\n"; |
---|
| 255 | } |
---|
| 256 | |
---|
| 257 | $this->template->set_var('common_hidden_vars',$common_hidden_vars); |
---|
| 258 | |
---|
| 259 | $vars = $this->template->get_undefined('row_colspan'); |
---|
| 260 | while (list(,$var) = each($vars)) |
---|
| 261 | { |
---|
| 262 | if(strstr($var,'lang_')) |
---|
| 263 | { |
---|
| 264 | $value = str_replace('lang_','',$var); |
---|
| 265 | $value = str_replace('_',' ',$value); |
---|
| 266 | |
---|
| 267 | $this->template->set_var($var,lang($value)); |
---|
| 268 | } |
---|
| 269 | } |
---|
| 270 | |
---|
| 271 | if ((int)$s_groups <> count($groups)) |
---|
| 272 | { |
---|
| 273 | $this->template->set_var('string',lang('Groups')); |
---|
| 274 | $this->template->parse('row','row_colspan',True); |
---|
| 275 | |
---|
| 276 | reset($groups); |
---|
| 277 | for($k=0;$k<count($groups);$k++) |
---|
| 278 | { |
---|
| 279 | $group = $groups[$k]; |
---|
| 280 | $go = True; |
---|
| 281 | |
---|
| 282 | if($query) |
---|
| 283 | { |
---|
| 284 | if(!strpos(' '.$group['account_lid'].' ',$query)) |
---|
| 285 | { |
---|
| 286 | $go = False; |
---|
| 287 | } |
---|
| 288 | } |
---|
| 289 | |
---|
| 290 | if($go) |
---|
| 291 | { |
---|
| 292 | $tr_color = $GLOBALS['phpgw']->nextmatchs->alternate_row_color($tr_color); |
---|
| 293 | $this->display_row($tr_color,'g_',$group['account_id'],$group['account_lid'],$is_group); |
---|
| 294 | $s_groups++; |
---|
| 295 | $processed[] = $group['account_id']; |
---|
| 296 | $total++; |
---|
| 297 | if($total == $maxm) |
---|
| 298 | { |
---|
| 299 | break; |
---|
| 300 | } |
---|
| 301 | } |
---|
| 302 | } |
---|
| 303 | } |
---|
| 304 | |
---|
| 305 | if($total <> $maxm) |
---|
| 306 | { |
---|
| 307 | if($users) |
---|
| 308 | { |
---|
| 309 | $this->template->set_var('string',ucfirst(lang('Users'))); |
---|
| 310 | $this->template->parse('row','row_colspan',True); |
---|
| 311 | $tr_color = $GLOBALS['phpgw']->nextmatchs->alternate_row_color($tr_color); |
---|
| 312 | for($k=$s_users;$k<$totalentries || $k==count($users);$k++) |
---|
| 313 | { |
---|
| 314 | $user = $users[$k]; |
---|
| 315 | //echo '<br>acctid: '.$user['account_id']; |
---|
| 316 | if ($user['account_id']) |
---|
| 317 | { |
---|
| 318 | $go = True; |
---|
| 319 | } |
---|
| 320 | else |
---|
| 321 | { |
---|
| 322 | $go = False; |
---|
| 323 | } |
---|
| 324 | if($query) |
---|
| 325 | { |
---|
| 326 | $name = ' '.$user['account_firstname'].' '.$user['account_lastname'].' '.$user['account_lid'].' '; |
---|
| 327 | if(!strpos($name,$query)) |
---|
| 328 | { |
---|
| 329 | $go = False; |
---|
| 330 | } |
---|
| 331 | } |
---|
| 332 | |
---|
| 333 | if($go && $user['account_id'] != $owner) // Need to be $owner not $GLOBALS['phpgw_info']['user']['account_id'] |
---|
| 334 | { |
---|
| 335 | // or the admin can't get special grants from a group |
---|
| 336 | $tr_color = $GLOBALS['phpgw']->nextmatchs->alternate_row_color($tr_color); |
---|
| 337 | $this->display_row($tr_color,'u_',$user['account_id'],$GLOBALS['phpgw']->common->display_fullname($user['account_lid'],$user['account_firstname'],$user['account_lastname']),$is_group); |
---|
| 338 | $s_users++; |
---|
| 339 | $processed[] = $user['account_id']; |
---|
| 340 | $total++; |
---|
| 341 | if($total == $maxm) |
---|
| 342 | { |
---|
| 343 | break; |
---|
| 344 | } |
---|
| 345 | } |
---|
| 346 | } |
---|
| 347 | } |
---|
| 348 | } |
---|
| 349 | |
---|
| 350 | $extra_parms = 'menuaction=preferences.uiaclprefs.index' |
---|
| 351 | . '&acl_app=' . $acl_app |
---|
| 352 | . '&s_users='.$s_users.'&s_groups='.$s_groups |
---|
| 353 | . '&maxm=' . $maxm . '&totalentries=' . $totalentries |
---|
| 354 | . '&total=' . ($start + $total) . '&owner='.$owner; |
---|
| 355 | |
---|
| 356 | $var = Array( |
---|
| 357 | 'nml' => $GLOBALS['phpgw']->nextmatchs->left('/index.php',$start,$totalentries,$extra_parms), |
---|
| 358 | 'nmr' => $GLOBALS['phpgw']->nextmatchs->right('/index.php',$start,$totalentries,$extra_parms), |
---|
| 359 | 'search_value' => (isset($query) && $query?$query:''), |
---|
| 360 | 'search' => lang('search'), |
---|
| 361 | 'processed' => urlencode(serialize($processed)) |
---|
| 362 | ); |
---|
| 363 | |
---|
| 364 | $this->template->set_var($var); |
---|
| 365 | |
---|
| 366 | $this->template->pfp('out','preferences'); |
---|
| 367 | } |
---|
| 368 | |
---|
| 369 | function check_acl($label,$id,$acl,$rights,$right,$is_group=False) |
---|
| 370 | { |
---|
| 371 | $this->template->set_var($acl,$label.$GLOBALS['phpgw_info']['flags']['currentapp'].'['.$id.'_'.$right.']'); |
---|
| 372 | $rights_set = (($rights & $right)?' checked':''); |
---|
| 373 | if ($is_group) |
---|
| 374 | { |
---|
| 375 | // This is so you can't select it in the GUI |
---|
| 376 | $rights_set .= ' disabled'; |
---|
| 377 | } |
---|
| 378 | $this->template->set_var($acl.'_selected',$rights_set); |
---|
| 379 | } |
---|
| 380 | |
---|
| 381 | function display_row($bg_color,$label,$id,$name,$is_group) |
---|
| 382 | { |
---|
| 383 | $this->template->set_var('row_color',$bg_color); |
---|
| 384 | $this->template->set_var('user',$name); |
---|
| 385 | $rights = $this->acl->get_rights($id,$GLOBALS['phpgw_info']['flags']['currentapp']); |
---|
| 386 | // vv This is new |
---|
| 387 | $grantors = $this->acl->get_ids_for_location($id,$rights,$GLOBALS['phpgw_info']['flags']['currentapp']); |
---|
| 388 | $is_group_set = False; |
---|
| 389 | while(@$grantors && list($key,$grantor) = each($grantors)) |
---|
| 390 | { |
---|
| 391 | if($GLOBALS['phpgw']->accounts->get_type($grantor) == 'g') |
---|
| 392 | { |
---|
| 393 | $is_group_set = True; |
---|
| 394 | } |
---|
| 395 | } |
---|
| 396 | // ^^ This is new |
---|
| 397 | |
---|
| 398 | $this->check_acl($label,$id,'read',$rights,PHPGW_ACL_READ,($is_group_set && ($rights & PHPGW_ACL_READ) && !$is_group?$is_group_set:False)); |
---|
| 399 | $this->check_acl($label,$id,'add',$rights,PHPGW_ACL_ADD,($is_group_set && ($rights & PHPGW_ACL_ADD && !$is_group)?$is_group_set:False)); |
---|
| 400 | $this->check_acl($label,$id,'edit',$rights,PHPGW_ACL_EDIT,($is_group_set && ($rights & PHPGW_ACL_EDIT && !$is_group)?$is_group_set:False)); |
---|
| 401 | $this->check_acl($label,$id,'delete',$rights,PHPGW_ACL_DELETE,($is_group_set && ($rights & PHPGW_ACL_DELETE && !$is_group)?$is_group_set:False)); |
---|
| 402 | $this->check_acl($label,$id,'private',$rights,PHPGW_ACL_PRIVATE,$is_group); |
---|
| 403 | |
---|
| 404 | $this->check_acl($label,$id,'custom_1',$rights,PHPGW_ACL_CUSTOM_1,($is_group_set && ($rights & PHPGW_ACL_CUSTOM_1) && !$is_group?$is_group_set:False)); |
---|
| 405 | $this->check_acl($label,$id,'custom_2',$rights,PHPGW_ACL_CUSTOM_2,($is_group_set && ($rights & PHPGW_ACL_CUSTOM_2) && !$is_group?$is_group_set:False)); |
---|
| 406 | $this->check_acl($label,$id,'custom_3',$rights,PHPGW_ACL_CUSTOM_3,($is_group_set && ($rights & PHPGW_ACL_CUSTOM_3) && !$is_group?$is_group_set:False)); |
---|
| 407 | $this->template->parse('row','acl_row',True); |
---|
| 408 | } |
---|
| 409 | } |
---|
| 410 | ?> |
---|