nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-02 18:13:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Group Manager: Member and Permission list view and button updates, bulk delete group members via class, misc other updates.

Browse Source
This commit is contained in:
Nate
2020-02-10 13:50:08 -07:00
parent 64f03fa80d
commit 9fd3074ee2
5 changed files with 405 additions and 375 deletions
Download Patch File Download Diff File Expand all files Collapse all files

537
core/groups/group_permissions.php
View File

@@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2016
Portions created by the Initial Developer are Copyright (C) 2008-2020
the Initial Developer. All Rights Reserved.
Contributor(s):
@@ -28,6 +28,7 @@
require_once "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
require_once "resources/paging.php";
//check permisions
if (permission_exists('group_permissions') || if_group("superadmin")) {
@@ -42,36 +43,31 @@
$language = new text;
$text = $language->get();
//include the header
$document['title'] = $text['title-group_permissions'];
require_once "resources/header.php";
//include paging
require_once "resources/paging.php";
//get the list of installed apps from the core and mod directories
$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
$x=0;
$config_list = glob($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/*/*/app_config.php");
$x = 0;
foreach ($config_list as &$config_path) {
include($config_path);
$x++;
}
//get the group uuid passed
$group_uuid = $_REQUEST['group_uuid'];
//if there are no permissions listed in v_group_permissions then set the default permissions
$sql = "select count(*) from v_group_permissions ";
$database = new database;
$group_permission_count = $database->select($sql, null, 'column');
unset($sql);
if ($group_permission_count == 0) {
//no permissions found add the defaults
foreach($apps as $app) {
foreach ($apps as $app) {
foreach ($app['permissions'] as $row) {
foreach ($row['groups'] as $index => $group) {
foreach ($row['groups'] as $index => $group_name) {
//add the record
$array['group_permissions'][$index]['group_permission_uuid'] = uuid();
$array['group_permissions'][$index]['permission_name'] = $row['name'];
$array['group_permissions'][$index]['group_name'] = $group;
$array['group_permissions'][$index]['group_name'] = $group_name;
$array['group_permissions'][$index]['group_uuid'] = $group_uuid;
}
if (is_array($array) && sizeof($array) != 0) {
$database = new database;
@@ -83,9 +79,9 @@
}
}
}
unset($sql, $group_name);
//get the group uuid, lookup domain uuid (if any) and name
$group_uuid = $_REQUEST['group_uuid'];
//lookup domain uuid (if any) and name
$sql = "select domain_uuid, group_name from v_groups ";
$sql .= "where group_uuid = :group_uuid ";
$parameters['group_uuid'] = $group_uuid;
@@ -97,6 +93,13 @@
}
unset($sql, $parameters, $row);
//add the search string
$search = strtolower($_GET["search"]);
if (strlen($search) > 0) {
$sql_search .= " and lower(permission_name) like :search ";
$parameters['search'] = '%'.$search.'%';
}
//get the permissions assigned to this group
$sql = "select * from v_group_permissions ";
$sql .= "where group_name = :group_name ";
@@ -107,6 +110,7 @@
else {
$sql .= "and domain_uuid is null ";
}
$sql .= $sql_search;
$parameters['group_name'] = $group_name;
$database = new database;
$result = $database->select($sql, $parameters, 'all');
@@ -117,13 +121,8 @@
}
unset($sql, $parameters, $result, $row);
//show the db checklist
//echo "<pre>";
//print_r($permissions_db);
//echo "</pre>";
//list all the permissions in the database
foreach($apps as $app) {
foreach ($apps as $app) {
if (isset($app['permissions'])) foreach ($app['permissions'] as $row) {
if ($permissions_db[$row['name']] == "true") {
$permissions_db_checklist[$row['name']] = "true";
@@ -134,187 +133,188 @@
}
}
//show the db checklist
//echo "<pre>";
//print_r($permissions_db_checklist);
//echo "</pre>";
//process the http post
if (count($_POST)>0) {
foreach($_POST['permissions_form'] as $permission) {
foreach ($_POST['permissions_form'] as $permission) {
$permissions_form[$permission] = "true";
}
//list all the permissions
foreach($apps as $app) {
foreach ($app['permissions'] as $row) {
if ($permissions_form[$row['name']] == "true") {
$permissions_form_checklist[$row['name']] = "true";
}
else {
$permissions_form_checklist[$row['name']] = "false";
foreach ($apps as $app) {
if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
foreach ($app['permissions'] as $row) {
if ($permissions_form[$row['name']] == "true") {
$permissions_form_checklist[$row['name']] = "true";
}
else {
$permissions_form_checklist[$row['name']] = "false";
}
}
}
}
//show the form db checklist
//echo "<pre>";
//print_r($permissions_form_checklist);
//echo "</pre>";
//list all the permissions
foreach($apps as $app) {
foreach ($app['permissions'] as $row) {
$permission = $row['name'];
if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") {
//matched do nothing
}
if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") {
//matched do nothing
}
if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") {
//delete the record
$array['group_permissions'][0]['group_name'] = $group_name;
$array['group_permissions'][0]['permission_name'] = $permission;
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->delete($array);
unset($array);
foreach ($apps as $app) {
if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
foreach ($app['permissions'] as $row) {
$permission = $row['name'];
if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") {
//matched do nothing
}
if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") {
//matched do nothing
}
if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") {
//delete the record
$array['group_permissions'][0]['group_name'] = $group_name;
$array['group_permissions'][0]['permission_name'] = $permission;
$array['group_permissions'][0]['group_uuid'] = $group_uuid;
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->delete($array);
unset($array);
foreach($apps as $app) {
foreach ($app['permissions'] as $row) {
if ($row['name'] == $permission) {
foreach ($apps as $app) {
if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
foreach ($app['permissions'] as $row) {
if ($row['name'] == $permission) {
$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
$array['menu_item_groups'][0]['group_name'] = $group_name;
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
$array['menu_item_groups'][0]['group_name'] = $group_name;
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
$p = new permissions;
$p->add('menu_item_group_delete', 'temp');
$p = new permissions;
$p->add('menu_item_group_delete', 'temp');
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->delete($array);
unset($array);
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->delete($array);
unset($array);
$p->delete('menu_item_group_delete', 'temp');
$p->delete('menu_item_group_delete', 'temp');
$sql = "select menu_item_parent_uuid from v_menu_items ";
$sql .= "where menu_item_uuid = :menu_item_uuid ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$parameters['menu_item_uuid'] = $row['menu']['uuid'];
$database = new database;
$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
$sql = "select menu_item_parent_uuid from v_menu_items ";
$sql .= "where menu_item_uuid = :menu_item_uuid ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$parameters['menu_item_uuid'] = $row['menu']['uuid'];
$database = new database;
$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
$sql = "select count(*) from v_menu_items as i, v_menu_item_groups as g ";
$sql .= "where i.menu_item_uuid = g.menu_item_uuid ";
$sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid ";
$sql .= "and g.group_name = :group_name ";
$parameters['menu_item_parent_uuid'] = $menu_item_parent_uuid;
$parameters['group_name'] = $group_name;
$database = new database;
$result_count = $database->select($sql, $parameters, 'column');
$sql = "select count(*) from v_menu_items as i, v_menu_item_groups as g ";
$sql .= "where i.menu_item_uuid = g.menu_item_uuid ";
$sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid ";
$sql .= "and g.group_name = :group_name ";
$parameters['menu_item_parent_uuid'] = $menu_item_parent_uuid;
$parameters['group_name'] = $group_name;
$database = new database;
$result_count = $database->select($sql, $parameters, 'column');
if ($result_count == 0) {
$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
$array['menu_item_groups'][0]['group_name'] = $group_name;
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
if ($result_count == 0) {
$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
$array['menu_item_groups'][0]['group_name'] = $group_name;
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
$p = new permissions;
$p->add('menu_item_group_delete', 'temp');
$p = new permissions;
$p->add('menu_item_group_delete', 'temp');
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->delete($array);
unset($array);
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->delete($array);
unset($array);
$p->delete('menu_item_group_delete', 'temp');
$p->delete('menu_item_group_delete', 'temp');
}
unset($sql, $parameters, $result_count);
}
}
unset($sql, $parameters, $result_count);
}
}
//set the permission to false in the permissions_db_checklist
$permissions_db_checklist[$permission] = "false";
}
//set the permission to false in the permissions_db_checklist
$permissions_db_checklist[$permission] = "false";
}
if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") {
//add the record
$array['group_permissions'][0]['group_permission_uuid'] = uuid();
if (is_uuid($domain_uuid)) {
$array['group_permissions'][0]['domain_uuid'] = $domain_uuid;
}
$array['group_permissions'][0]['permission_name'] = $permission;
$array['group_permissions'][0]['group_name'] = $group_name;
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->save($array);
unset($array);
if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") {
//add the record
$array['group_permissions'][0]['group_permission_uuid'] = uuid();
if (is_uuid($domain_uuid)) {
$array['group_permissions'][0]['domain_uuid'] = $domain_uuid;
}
$array['group_permissions'][0]['permission_name'] = $permission;
$array['group_permissions'][0]['group_name'] = $group_name;
$array['group_permissions'][0]['group_uuid'] = $group_uuid;
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->save($array);
unset($array);
foreach($apps as $app) {
foreach ($app['permissions'] as $row) {
if ($row['name'] == $permission) {
foreach ($apps as $app) {
if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
foreach ($app['permissions'] as $row) {
if ($row['name'] == $permission) {
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
$array['menu_item_groups'][0]['group_name'] = $group_name;
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
$array['menu_item_groups'][0]['group_name'] = $group_name;
$p = new permissions;
$p->add('menu_item_group_add', 'temp');
$p = new permissions;
$p->add('menu_item_group_add', 'temp');
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->save($array);
unset($array);
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->save($array);
unset($array);
$p->delete('menu_item_group_add', 'temp');
$p->delete('menu_item_group_add', 'temp');
$sql = "select menu_item_parent_uuid from v_menu_items ";
$sql .= "where menu_item_uuid = :menu_item_uuid ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$parameters['menu_item_uuid'] = $row['menu']['uuid'];
$database = new database;
$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
$sql = "select menu_item_parent_uuid from v_menu_items ";
$sql .= "where menu_item_uuid = :menu_item_uuid ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$parameters['menu_item_uuid'] = $row['menu']['uuid'];
$database = new database;
$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
$sql = "select count(*) from v_menu_item_groups ";
$sql .= "where menu_item_uuid = :menu_item_uuid ";
$sql .= "and group_name = :group_name ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$parameters['menu_item_uuid'] = $menu_item_parent_uuid;
$parameters['group_name'] = $group_name;
$database = new database;
$result_count = $database->select($sql, $parameters, 'column');
$sql = "select count(*) from v_menu_item_groups ";
$sql .= "where menu_item_uuid = :menu_item_uuid ";
$sql .= "and group_name = :group_name ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$parameters['menu_item_uuid'] = $menu_item_parent_uuid;
$parameters['group_name'] = $group_name;
$database = new database;
$result_count = $database->select($sql, $parameters, 'column');
if ($result_count == 0) {
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
$array['menu_item_groups'][0]['group_name'] = $group_name;
if ($result_count == 0) {
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
$array['menu_item_groups'][0]['group_name'] = $group_name;
$p = new permissions;
$p->add('menu_item_group_add', 'temp');
$p = new permissions;
$p->add('menu_item_group_add', 'temp');
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->save($array);
unset($array);
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->save($array);
unset($array);
$p->delete('menu_item_group_add', 'temp');
$p->delete('menu_item_group_add', 'temp');
}
unset($sql, $parameters, $result_count);
}
}
unset($sql, $parameters, $result_count);
}
}
//set the permission to true in the permissions_db_checklist
$permissions_db_checklist[$permission] = "true";
}
//set the permission to true in the permissions_db_checklist
$permissions_db_checklist[$permission] = "true";
}
}
}
@@ -324,171 +324,100 @@
return;
}
//copy group javascript
echo "<script language='javascript' type='text/javascript'>\n";
echo " function copy_group() {\n";
echo " var new_group_name;\n";
echo " var new_group_desc;\n";
echo " new_group_name = prompt('".$text['message-new_group_name']."');\n";
echo " if (new_group_name != null) {\n";
echo " new_group_desc = prompt('".$text['message-new_group_description']."');\n";
echo " if (new_group_desc != null) {\n";
echo " window.location = 'permissions_copy.php?id=".escape($group_uuid)."&new_group_name=' + new_group_name + '&new_group_desc=' + new_group_desc;\n";
echo " }\n";
echo " }\n";
echo " }\n";
echo "\n";
echo " $( document ).ready(function() {\n";
echo " $('#group_permission_search').trigger('focus');\n";
echo " });\n";
echo "</script>\n";
//prevent enter key submit on search field
echo "<script language='javascript' type='text/javascript'>\n";
echo " $(document).ready(function() {\n";
echo " $('#group_permission_search').keydown(function(event){\n";
echo " if (event.keyCode == 13) {\n";
echo " event.preventDefault();\n";
echo " return false;\n";
echo " }\n";
echo " });\n";
echo " });\n";
echo "</script>\n";
//include the header
$document['title'] = $text['title-group_permissions'];
require_once "resources/header.php";
//show the content
echo "<form method='post' name='frm' action=''>\n";
echo "<input type='hidden' name='domain_uuid' value='".escape($domain_uuid)."'>\n";
echo "<table cellpadding='0' cellspacing='0' width='100%' border='0'>\n";
echo " <tr>\n";
echo " <td width='50%' align=\"left\" nowrap=\"nowrap\" valign='top'>";
echo " <b>".$text['header-group_permissions'].escape($group_name)."</b>";
echo " <br><br>";
echo " </td>\n";
echo " <td width='50%' align=\"right\" valign='top'>\n";
echo " <input type='button' class='btn' alt='".$text['button-back']."' onclick=\"window.location='groups.php'\" value='".$text['button-back']."'> ";
echo " <input type='text' id='group_permission_search' class='formfld' style='min-width: 150px; width:150px; max-width: 150px;' placeholder=\"".$text['label-search']."\" onkeyup='permission_search();'>\n";
echo " <input type='button' class='btn' alt='".$text['button-copy']."' onclick='copy_group();' value='".$text['button-copy']."'>";
echo " <input type='submit' class='btn' name='submit' value='".$text['button-save']."'>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\" colspan='2'>\n";
echo " ".$text['description-group_permissions']."\n";
echo " </td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "<div class='action_bar' id='action_bar'>\n";
echo " <div class='heading'><b>".$text['header-group_permissions'].'<i>'.escape($group_name)."</i></b></div>\n";
echo " <div class='actions'>\n";
echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'collapse'=>'hide-sm-dn','link'=>'groups.php']);
echo "<form id='form_search' class='inline' method='get'>\n";
echo "<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
echo "<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown='list_search_reset();'>";
echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','collapse'=>'hide-sm-dn','style'=>($search != '' ? 'display: none;' : null)]);
echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','collapse'=>'hide-sm-dn','link'=>'group_permissions.php?group_uuid='.urlencode($group_uuid),'style'=>($search == '' ? 'display: none;' : null)]);
echo button::create(['type'=>'button','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'collapse'=>'hide-sm-dn','style'=>'margin-left: 15px;','onclick'=>"document.getElementById('frm').submit();"]);
echo " </form>\n";
echo " </div>\n";
echo " <div style='clear: both;'></div>\n";
echo "</div>\n";
echo $text['description-group_permissions']."\n";
echo "<br /><br />\n";
$c = 0;
$row_style["0"] = "row_style0";
$row_style["1"] = "row_style1";
echo "<form method='post' name='frm' id='frm'>\n";
//list all the permissions
foreach($apps as $app_index => $app) {
//hide apps for which there are no permissions
foreach ($apps as $app_index => $app) {
//skip apps for which there are no permissions
if (!is_array($app['permissions']) || sizeof($app['permissions']) == 0) { continue; }
$app_name = $app['name'];
$description = $app['description']['en-us'];
//skip apps for which search doesn't match at least one permission
if ($search) {
$permission_matched = false;
foreach ($app['permissions'] as $row) {
if (substr_count(strtolower($row['name']), strtolower($search)) > 0) {
$permission_matched = true;
break;
}
}
if (!$permission_matched) { continue; }
}
//used to hide apps, even if permissions don't exist
$app_name = $app['name'];
$description = $app['description']['en-us'];
//used to hide apps, even if permissions don't exist
$array_apps_unique[] = str_replace(' ','_',strtolower($app['name']));
echo "<div id='app_".str_replace(' ','_',strtolower($app['name']))."'>";
echo "<b>".$app_name."</b><br />\n";
if ($description != '') { echo $description."<br />\n"; }
echo "<br>";
echo "<b>".$app_name."</b><br />\n";
if ($description != '') { echo $description."<br />\n"; }
echo "<br>";
echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
echo " <tr>\n";
echo " <th style='text-align: center; padding: 0 7px;'><input type='checkbox' id='check_toggle_".$app_index."' onclick=\"check_toggle('".$app_index."', this.checked);\"></th>\n";
echo " <th width='30%'>".$text['label-permission_permissions']."</th>\n";
echo " <th width='70%'>".$text['label-permission_description']."</th>\n";
echo " <tr>\n";
echo "<table class='list'>\n";
echo " <tr class='list-header'>\n";
echo " <th class='checkbox'>\n";
echo " <input type='checkbox' id='checkbox_all_".$app_index."' name='checkbox_all' onclick=\"list_all_toggle('".$app_index."');\">\n";
echo " </th>\n";
echo " <th class='pct-60'>".$text['label-permission_permissions']."</th>\n";
echo " <th class='pct-40 hide-xs'>".$text['label-permission_description']."&nbsp;</th>\n";
echo " <tr>\n";
foreach ($app['permissions'] as $permission_index => $row) {
$checked = ($permissions_db_checklist[$row['name']] == "true") ? "checked='checked'" : null;
echo "<tr id='permission_".$row['name']."'>\n";
echo " <td valign='top' class='".$row_style[$c]."' style='text-align: center; padding: 3px 0px 0px 0px;'><input type='checkbox' name='permissions_form[]' id='perm_".$app_index."_".$permission_index."' ".$checked." value='".escape($row['name'])."'></td>\n";
echo " <td valign='top' nowrap='nowrap' class='".$row_style[$c]."' onclick=\"(document.getElementById('perm_".$app_index."_".$permission_index."').checked) ? document.getElementById('perm_".$app_index."_".$permission_index."').checked = false : document.getElementById('perm_".$app_index."_".$permission_index."').checked = true;\">".escape($row['name'])."</td>\n";
echo " <td valign='top' class='row_stylebg' onclick=\"(document.getElementById('perm_".$app_index."_".$permission_index."').checked) ? document.getElementById('perm_".$app_index."_".$permission_index."').checked = false : document.getElementById('perm_".$app_index."_".$permission_index."').checked = true;\">".escape($row['description'])."&nbsp;</td>\n";
echo "</tr>\n";
$c = ($c == 0) ? 1 : 0;
foreach ($app['permissions'] as $permission_index => $row) {
//skip permission if doesn't match search
if ($search && substr_count(strtolower($row['name']), strtolower($search)) == 0) { continue; }
//populate search/filter arrays
$checked = ($permissions_db_checklist[$row['name']] == "true") ? "checked='checked'" : null;
echo "<tr class='list-row'>\n";
echo " <td class='checkbox'>\n";
echo " <input type='checkbox' name='permissions_form[]' id='perm_".$app_index."_".$permission_index."' class='checkbox_".$app_index."' ".$checked." value='".escape($row['name'])."' onclick=\"if (!this.checked) { document.getElementById('checkbox_all_".$app_index."').checked = false; }\">\n";
echo " </td>\n";
echo " <td class='no-wrap' onclick=\"if (document.getElementById('perm_".$app_index."_".$permission_index."').checked) { document.getElementById('perm_".$app_index."_".$permission_index."').checked = false; document.getElementById('checkbox_all_".$app_index."').checked = false; } else { document.getElementById('perm_".$app_index."_".$permission_index."').checked = true; }\">".escape($row['name'])."</td>\n";
echo " <td class='description overflow hide-xs' onclick=\"if (document.getElementById('perm_".$app_index."_".$permission_index."').checked) { document.getElementById('perm_".$app_index."_".$permission_index."').checked = false; document.getElementById('checkbox_all_".$app_index."').checked = false; } else { document.getElementById('perm_".$app_index."_".$permission_index."').checked = true; }\">".escape($row['description'])."&nbsp;</td>\n";
echo "</tr>\n";
//populate search/filter arrays
$array_apps[] = str_replace(' ','_',strtolower($app['name']));
$array_apps_original[] = $app['name'];
$array_permissions[] = $row['name'];
$array_descriptions[] = str_replace('"','\"',$row['description']);
$app_permissions[$app_index][] = "perm_".$app_index."_".$permission_index;
}
$app_permissions[$app_index][] = "perm_".$app_index."_".$permission_index;
}
echo " <tr>\n";
echo " <td colspan='3' align='right' style='padding-top: 15px;'><input type='submit' name='submit' class='btn' value='".$text['button-save']."'></td>\n";
echo " </tr>\n";
echo "</table>";
echo "</div>\n\n";
echo "</table>\n";
echo "<br /><br />\n";
} //end foreach
echo "<br>";
}
echo "<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
echo "<input type='hidden' name='domain_uuid' value='".escape($domain_uuid)."'>\n";
echo "</form>\n";
//check or uncheck all category checkboxes
echo "<script>\n";
echo "function check_toggle(app_index, toggle_state) {\n";
echo " switch (app_index) {\n";
foreach ($app_permissions as $app_index => $app_permission_ids) {
echo " case '".$app_index."':\n";
foreach ($app_permission_ids as $app_permission_id) {
echo " document.getElementById('".$app_permission_id."').checked = toggle_state;\n";
}
echo " break;\n";
}
echo " }\n";
echo "}\n";
echo "</script>\n";
//setting search script
echo "<script>\n";
echo " var apps_unique = new Array(\"".implode('","', $array_apps_unique)."\");\n";
echo " var apps = new Array(\"".implode('","', $array_apps)."\");\n";
echo " var apps_original = new Array(\"".implode('","', $array_apps_original)."\");\n";
echo " var permissions = new Array(\"".implode('","', $array_permissions)."\");\n";
echo " var descriptions = new Array(\"".implode('","', $array_descriptions)."\");\n";
echo "\n";
echo " function permission_search() {\n";
echo " var criteria = $('#group_permission_search').val();\n";
echo " if (criteria.length >= 2) {\n";
echo " for (var x = 0; x < apps_unique.length; x++) {\n";
echo " document.getElementById('app_'+apps_unique[x]).style.display = 'none';\n";
echo " }\n";
echo " for (var x = 0; x < permissions.length; x++) {\n";
echo " if (\n";
echo " apps_original[x].toLowerCase().match(criteria.toLowerCase()) ||\n";
echo " permissions[x].toLowerCase().match(criteria.toLowerCase()) ||\n";
echo " descriptions[x].toLowerCase().match(criteria.toLowerCase())\n";
echo " ) {\n";
echo " document.getElementById('app_'+apps[x]).style.display = '';\n";
echo " document.getElementById('permission_'+permissions[x]).style.display = '';\n";
echo " }\n";
echo " else {\n";
echo " document.getElementById('permission_'+permissions[x]).style.display = 'none';\n";
echo " }\n";
echo " }\n";
echo " }\n";
echo " else {\n";
echo " for (var x = 0; x < permissions.length; x++) {\n";
echo " document.getElementById('app_'+apps[x]).style.display = '';\n";
echo " document.getElementById('permission_'+permissions[x]).style.display = '';\n";
echo " }\n";
echo " }\n";
echo " }\n";
echo "\n";
echo "</script>\n";
//show the footer
require_once "resources/footer.php";
?>
?>

4
core/groups/groupmemberadd.php
View File

@@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2012
Portions created by the Initial Developer are Copyright (C) 2008-2020
the Initial Developer. All Rights Reserved.
Contributor(s):
@@ -83,4 +83,4 @@
//redirect the user
header("Location: groupmembers.php?group_uuid=".$group_uuid."&group_name=".$group_name);
?>
?>

139
core/groups/groupmembers.php
View File

@@ -48,6 +48,29 @@
$language = new text;
$text = $language->get();
//get the http post data
if (is_array($_POST['group_members'])) {
$action = $_POST['action'];
$group_uuid = $_POST['group_uuid'];
$group_members = $_POST['group_members'];
}
//process the http post data by action
if ($action != '' && is_array($group_members) && @sizeof($group_members) != 0) {
switch ($action) {
case 'delete':
if (permission_exists('group_member_delete') && is_uuid($group_uuid)) {
$obj = new groups;
$obj->group_uuid = $group_uuid;
$obj->delete_members($group_members);
}
break;
}
header('Location: groupmembers.php?group_uuid='.urlencode($group_uuid));
exit;
}
//get the group uuid, lookup domain uuid (if any) and name
$group_uuid = $_REQUEST['group_uuid'];
$sql = "select domain_uuid, group_name from v_groups ";
@@ -107,93 +130,93 @@
$parameters['group_uuid'] = $group_uuid;
$database = new database;
$result = $database->select($sql, $parameters, 'all');
$num_rows = is_array($result) && @sizeof($result) != 0 ? sizeof($result) : 0;
unset($sql, $parameters);
//create token
$object = new token;
$token = $object->create('/core/groups/groupmembers.php');
$token = $object->create($_SERVER['PHP_SELF']);
//include the header
require_once "resources/header.php";
$document['title'] = $text['title-group_members'];
require_once "resources/header.php";
//show the content
$c = 0;
$row_style["0"] = "row_style0";
$row_style["1"] = "row_style1";
echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n";
echo " <tr>\n";
echo " <td width='100%' align='left' valign='top'>\n";
echo " <b>".$text['header-group_members'].$group_name."</b>\n";
echo " </td>\n";
echo " <td align='right' nowrap='nowrap' valign='middle'>\n";
echo " <input type='button' class='btn' style='margin-right: 15px;' alt='".$text['button-back']."' onclick=\"window.location='groups.php'\" value='".$text['button-back']."'>";
echo " </td>";
echo "<div class='action_bar' id='action_bar'>\n";
echo " <div class='heading'><b>".$text['header-group_members']." <i>".$group_name."</i> (".$num_rows.")</b></div>\n";
echo " <div class='actions'>\n";
echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'groups.php']);
if (permission_exists('group_member_delete') && $result) {
echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'collapse'=>'hide-xs','style'=>'margin-right: 15px;','onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
}
if (permission_exists('group_member_add')) {
echo " <td align='right' nowrap='nowrap' valign='top'>\n";
echo " <form method='post' action='groupmemberadd.php'>";
echo " <select name='user_uuid' style='width: 200px;' class='formfld'>\n";
echo " <option value=''></option>\n";
foreach($users as $field) {
echo "<form class='inline' method='post' action='groupmemberadd.php'>\n";
echo " <select name='user_uuid' class='formfld'>\n";
echo " <option value=''>".$text['label-select']."...</option>\n";
foreach ($users as $field) {
if (is_group_member($group_uuid, $field['user_uuid'])) {
echo " <option value='".$field['user_uuid']."'>".$field['username']."</option>\n";
echo "<option value='".escape($field['user_uuid'])."'>".escape($field['username'])."</option>\n";
}
}
unset($sql, $users);
echo " </select>";
echo " <input type='hidden' name='domain_uuid' value='".(($domain_uuid != '') ? $domain_uuid : $_SESSION['domain_uuid'])."'>";
echo " <input type='hidden' name='group_uuid' value='".$group_uuid."'>";
echo " <input type='hidden' name='group_name' value='".$group_name."'>";
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <input type='submit' class='btn' value='".$text['button-add_member']."'>";
echo " </form>";
echo " </td>\n";
echo " </select>";
echo "<input type='hidden' name='domain_uuid' value='".(is_uuid($domain_uuid) ? escape($domain_uuid) : $_SESSION['domain_uuid'])."'>";
echo "<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>";
echo "<input type='hidden' name='group_name' value='".escape($group_name)."'>";
echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>";
echo button::create(['type'=>'submit','label'=>$text['button-add_member'],'icon'=>$_SESSION['theme']['button_icon_add'],'collapse'=>'hide-xs']);
echo " </form>\n";
}
echo " </tr>\n";
echo "</table>\n";
echo "<br>";
echo " </div>\n";
echo " <div style='clear: both;'></div>\n";
echo "</div>\n";
$echo = "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
$echo .= "<tr>\n";
echo "<form id='form_list' method='post'>\n";
echo "<input type='hidden' id='action' name='action' value=''>\n";
echo "<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
echo "<table class='list'>\n";
echo "<tr class='list-header'>\n";
if (permission_exists('group_member_delete')) {
echo " <th class='checkbox'>\n";
echo " <input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle();' ".($result ?: "style='visibility: hidden;'").">\n";
echo " </th>\n";
}
if (permission_exists('user_all')) {
$echo .= "<th width='30%' align='left' nowrap>".$text['label-domain']."</th>\n";
echo "<th class='pct-30'>".$text['label-domain']."</th>\n";
}
$echo .= " <th align='left' nowrap>".$text['label-username']."</th>\n";
$echo .= " <td width='25' align='right' nowrap>&nbsp;</td>\n";
$echo .= "</tr>\n";
echo " <th>".$text['label-username']."</th>\n";
echo "</tr>\n";
$count = 0;
if (is_array($result) && sizeof($result) != 0) {
if (is_array($result) && @sizeof($result) != 0) {
$x = 0;
foreach ($result as &$row) {
$username = $row["username"];
$user_uuid = $row["user_uuid"];
$domain_uuid = $row["domain_uuid"];
$group_uuid = $row["group_uuid"];
$echo .= "<tr>";
if (permission_exists('user_all')) {
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$_SESSION['domains'][$domain_uuid]['domain_name']."</td>\n";
}
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$username."</td>\n";
$echo .= "<td class='list_control_icons' style='width: 25px;'>";
echo "<tr class='list-row' href='".$list_row_url."'>";
if (permission_exists('group_member_delete')) {
$echo .= "<a href='groupmemberdelete.php?user_uuid=".$user_uuid."&group_name=".$group_name."&group_uuid=".$group_uuid."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
echo " <td class='checkbox'>\n";
echo " <input type='checkbox' name='group_members[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
echo " <input type='hidden' name='group_members[$x][uuid]' value='".escape($row['user_uuid'])."' />\n";
echo " </td>\n";
}
$echo .= "</td>\n";
$echo .= "</tr>\n";
if (permission_exists('user_all')) {
echo "<td class='no-wrap' onclick=\"if (document.getElementById('checkbox_".$x."').checked) { document.getElementById('checkbox_".$x."').checked = false; document.getElementById('checkbox_all').checked = false; } else { document.getElementById('checkbox_".$x."').checked = true; }\">".$_SESSION['domains'][$row["domain_uuid"]]['domain_name']."</td>\n";
}
echo "<td class='no-wrap' onclick=\"if (document.getElementById('checkbox_".$x."').checked) { document.getElementById('checkbox_".$x."').checked = false; document.getElementById('checkbox_all').checked = false; } else { document.getElementById('checkbox_".$x."').checked = true; }\">".$row["username"]."</td>\n";
echo "</tr>\n";
$x++;
$c = ($c) ? 0 : 1;
// echo "<a href='groupmemberdelete.php?user_uuid=".$row["user_uuid"]."&group_name=".$group_name."&group_uuid=".$row["group_uuid"]."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
$user_groups[] = $row["user_uuid"];
$count++;
}
}
$echo .= "</table>\n";
$echo .= "<br /><br />";
echo $echo;
echo "</table>\n";
echo "<br />";
echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>";
echo "</form>";
//include the footer
require_once "resources/footer.php";
?>
?>

22
core/groups/groups.php
View File

@@ -125,6 +125,19 @@
$groups = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//get permission counts for each group
if (is_array($groups) && @sizeof($groups) != 0) {
$sql = "select group_uuid, count(group_permission_uuid) as permission_count from v_group_permissions group by group_uuid";
$database = new database;
$result = $database->select($sql, null, 'all');
if (is_array($result) && @sizeof($result) != 0) {
foreach ($result as $row) {
$group_permissions[$row['group_uuid']] = $row['permission_count'];
}
}
unset($sql);
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
@@ -189,7 +202,7 @@
echo th_order_by('domain_name', $text['label-domain'], $order_by, $order);
}
echo th_order_by('group_name', $text['label-group_name'], $order_by, $order);
echo " <th>".$text['label-tools']."</th>\n";
echo " <th class='shrink' colspan='2'>".$text['label-tools']."</th>\n";
echo th_order_by('group_level', $text['label-group_level'], $order_by, $order, null, "class='center'");
echo th_order_by('group_protected', $text['label-group_protected'], $order_by, $order, null, "class='center'");
echo " <th class='pct-30 hide-sm-dn'>".$text['label-group_description']."</th>\n";
@@ -222,11 +235,8 @@
echo " ".escape($row['group_name']);
}
echo " </td>\n";
echo " <td class='no-link no-wrap'>\n";
echo " <a href=\"/core/groups/group_permissions.php?group_uuid=".urlencode($row['group_uuid'])."\">".$text['label-group_permissions']."</a>\n";
echo " &nbsp;&nbsp;\n";
echo " <a href=\"/core/groups/groupmembers.php?group_uuid=".urlencode($row['group_uuid'])."\">".$text['label-group_members']." (".$row['group_members'].")</a>\n";
echo " </td>\n";
echo " <td class='no-link no-wrap pr-15'><a href='group_permissions.php?group_uuid=".urlencode($row['group_uuid'])."'>".$text['label-group_permissions']." (".($group_permissions[$row['group_uuid']] ?: 0).")</a></td>\n";
echo " <td class='no-link no-wrap'><a href='groupmembers.php?group_uuid=".urlencode($row['group_uuid'])."'>".$text['label-group_members']." (".$row['group_members'].")</a></td>\n";
echo " <td class='center'>".escape($row['group_level'])."</td>\n";
if (permission_exists('group_edit')) {
echo " <td class='no-link center'>\n";

78
core/groups/resources/classes/groups.php
View File

@@ -44,6 +44,7 @@ if (!class_exists('groups')) {
private $toggle_field;
private $toggle_values;
private $location;
public $group_uuid;
/**
* called when the object is created
@@ -52,11 +53,6 @@ if (!class_exists('groups')) {
//assign the variables
$this->app_name = 'groups';
$this->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$this->name = 'group';
$this->table = 'groups';
$this->toggle_field = 'group_protected';
$this->toggle_values = ['true','false'];
$this->location = 'groups.php';
}
/**
@@ -73,6 +69,11 @@ if (!class_exists('groups')) {
* delete rows from the database
*/
public function delete($records) {
//assign the variables
$this->name = 'group';
$this->table = 'groups';
$this->location = 'groups.php';
if (permission_exists($this->name.'_delete')) {
//add multi-lingual support
@@ -122,10 +123,72 @@ if (!class_exists('groups')) {
}
}
public function delete_members($records) {
//assign the variables
$this->name = 'group_member';
$this->table = 'user_groups';
$this->location = 'groupmembers.php?group_uuid='.$this->group_uuid;
if (permission_exists($this->name.'_delete')) {
//add multi-lingual support
$language = new text;
$text = $language->get();
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: '.$this->location);
exit;
}
//delete multiple records
if (is_array($records) && @sizeof($records) != 0) {
//build array of checked records
foreach ($records as $x => $record) {
if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
$array[$this->table][$x]['user_uuid'] = $record['uuid'];
$array[$this->table][$x]['group_uuid'] = $this->group_uuid;
}
}
//delete the checked rows
if (is_array($array) && @sizeof($array) != 0) {
//grant temporary permissions
$p = new permissions;
$p->add('user_group_delete', 'temp');
//execute delete
$database = new database;
$database->app_name = $this->app_name;
$database->app_uuid = $this->app_uuid;
$database->delete($array);
unset($array);
//revoke temporary permissions
$p->delete('user_group_delete', 'temp');
//set message
message::add($text['message-delete']);
}
unset($records);
}
}
}
/**
* toggle a field between two values
*/
public function toggle($records) {
//assign the variables
$this->name = 'group';
$this->table = 'groups';
$this->toggle_field = 'group_protected';
$this->toggle_values = ['true','false'];
$this->location = 'groups.php';
if (permission_exists($this->name.'_edit')) {
//add multi-lingual support
@@ -195,6 +258,11 @@ if (!class_exists('groups')) {
* copy rows from the database
*/
public function copy($records) {
//assign the variables
$this->name = 'group';
$this->table = 'groups';
$this->location = 'groups.php';
if (permission_exists($this->name.'_add')) {
//add multi-lingual support