From 9fd3074ee2bac06cb13d8bc7155d09a982a39fb8 Mon Sep 17 00:00:00 2001 From: Nate Date: Mon, 10 Feb 2020 13:50:08 -0700 Subject: [PATCH] Group Manager: Member and Permission list view and button updates, bulk delete group members via class, misc other updates. --- core/groups/group_permissions.php | 537 ++++++++++------------- core/groups/groupmemberadd.php | 4 +- core/groups/groupmembers.php | 139 +++--- core/groups/groups.php | 22 +- core/groups/resources/classes/groups.php | 78 +++- 5 files changed, 405 insertions(+), 375 deletions(-) diff --git a/core/groups/group_permissions.php b/core/groups/group_permissions.php index 0326737ba7..c5288d8ff2 100644 --- a/core/groups/group_permissions.php +++ b/core/groups/group_permissions.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2016 + Portions created by the Initial Developer are Copyright (C) 2008-2020 the Initial Developer. All Rights Reserved. Contributor(s): @@ -28,6 +28,7 @@ require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; + require_once "resources/paging.php"; //check permisions if (permission_exists('group_permissions') || if_group("superadmin")) { @@ -42,36 +43,31 @@ $language = new text; $text = $language->get(); -//include the header - $document['title'] = $text['title-group_permissions']; - require_once "resources/header.php"; - -//include paging - require_once "resources/paging.php"; - //get the list of installed apps from the core and mod directories - $config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php"); - $x=0; + $config_list = glob($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/*/*/app_config.php"); + $x = 0; foreach ($config_list as &$config_path) { include($config_path); $x++; } +//get the group uuid passed + $group_uuid = $_REQUEST['group_uuid']; + //if there are no permissions listed in v_group_permissions then set the default permissions $sql = "select count(*) from v_group_permissions "; $database = new database; $group_permission_count = $database->select($sql, null, 'column'); - unset($sql); - if ($group_permission_count == 0) { //no permissions found add the defaults - foreach($apps as $app) { + foreach ($apps as $app) { foreach ($app['permissions'] as $row) { - foreach ($row['groups'] as $index => $group) { + foreach ($row['groups'] as $index => $group_name) { //add the record $array['group_permissions'][$index]['group_permission_uuid'] = uuid(); $array['group_permissions'][$index]['permission_name'] = $row['name']; - $array['group_permissions'][$index]['group_name'] = $group; + $array['group_permissions'][$index]['group_name'] = $group_name; + $array['group_permissions'][$index]['group_uuid'] = $group_uuid; } if (is_array($array) && sizeof($array) != 0) { $database = new database; @@ -83,9 +79,9 @@ } } } + unset($sql, $group_name); -//get the group uuid, lookup domain uuid (if any) and name - $group_uuid = $_REQUEST['group_uuid']; +//lookup domain uuid (if any) and name $sql = "select domain_uuid, group_name from v_groups "; $sql .= "where group_uuid = :group_uuid "; $parameters['group_uuid'] = $group_uuid; @@ -97,6 +93,13 @@ } unset($sql, $parameters, $row); +//add the search string + $search = strtolower($_GET["search"]); + if (strlen($search) > 0) { + $sql_search .= " and lower(permission_name) like :search "; + $parameters['search'] = '%'.$search.'%'; + } + //get the permissions assigned to this group $sql = "select * from v_group_permissions "; $sql .= "where group_name = :group_name "; @@ -107,6 +110,7 @@ else { $sql .= "and domain_uuid is null "; } + $sql .= $sql_search; $parameters['group_name'] = $group_name; $database = new database; $result = $database->select($sql, $parameters, 'all'); @@ -117,13 +121,8 @@ } unset($sql, $parameters, $result, $row); -//show the db checklist - //echo "
";
-	//print_r($permissions_db);
-	//echo "
"; - //list all the permissions in the database - foreach($apps as $app) { + foreach ($apps as $app) { if (isset($app['permissions'])) foreach ($app['permissions'] as $row) { if ($permissions_db[$row['name']] == "true") { $permissions_db_checklist[$row['name']] = "true"; @@ -134,187 +133,188 @@ } } -//show the db checklist - //echo "
";
-	//print_r($permissions_db_checklist);
-	//echo "
"; - //process the http post if (count($_POST)>0) { - foreach($_POST['permissions_form'] as $permission) { + foreach ($_POST['permissions_form'] as $permission) { $permissions_form[$permission] = "true"; } //list all the permissions - foreach($apps as $app) { - foreach ($app['permissions'] as $row) { - if ($permissions_form[$row['name']] == "true") { - $permissions_form_checklist[$row['name']] = "true"; - } - else { - $permissions_form_checklist[$row['name']] = "false"; + foreach ($apps as $app) { + if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) { + foreach ($app['permissions'] as $row) { + if ($permissions_form[$row['name']] == "true") { + $permissions_form_checklist[$row['name']] = "true"; + } + else { + $permissions_form_checklist[$row['name']] = "false"; + } } } } - //show the form db checklist - //echo "
";
-			//print_r($permissions_form_checklist);
-			//echo "
"; //list all the permissions - foreach($apps as $app) { - foreach ($app['permissions'] as $row) { - $permission = $row['name']; - if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") { - //matched do nothing - } - if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") { - //matched do nothing - } - if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") { - //delete the record - $array['group_permissions'][0]['group_name'] = $group_name; - $array['group_permissions'][0]['permission_name'] = $permission; - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->delete($array); - unset($array); + foreach ($apps as $app) { + if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) { + foreach ($app['permissions'] as $row) { + $permission = $row['name']; + if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") { + //matched do nothing + } + if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") { + //matched do nothing + } + if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") { + //delete the record + $array['group_permissions'][0]['group_name'] = $group_name; + $array['group_permissions'][0]['permission_name'] = $permission; + $array['group_permissions'][0]['group_uuid'] = $group_uuid; + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->delete($array); + unset($array); - foreach($apps as $app) { - foreach ($app['permissions'] as $row) { - if ($row['name'] == $permission) { + foreach ($apps as $app) { + if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) { + foreach ($app['permissions'] as $row) { + if ($row['name'] == $permission) { - $array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid']; - $array['menu_item_groups'][0]['group_name'] = $group_name; - $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; + $array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid']; + $array['menu_item_groups'][0]['group_name'] = $group_name; + $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; - $p = new permissions; - $p->add('menu_item_group_delete', 'temp'); + $p = new permissions; + $p->add('menu_item_group_delete', 'temp'); - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->delete($array); - unset($array); + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->delete($array); + unset($array); - $p->delete('menu_item_group_delete', 'temp'); + $p->delete('menu_item_group_delete', 'temp'); - $sql = "select menu_item_parent_uuid from v_menu_items "; - $sql .= "where menu_item_uuid = :menu_item_uuid "; - $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; - $parameters['menu_item_uuid'] = $row['menu']['uuid']; - $database = new database; - $menu_item_parent_uuid = $database->select($sql, $parameters, 'column'); - unset($sql, $parameters); + $sql = "select menu_item_parent_uuid from v_menu_items "; + $sql .= "where menu_item_uuid = :menu_item_uuid "; + $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; + $parameters['menu_item_uuid'] = $row['menu']['uuid']; + $database = new database; + $menu_item_parent_uuid = $database->select($sql, $parameters, 'column'); + unset($sql, $parameters); - $sql = "select count(*) from v_menu_items as i, v_menu_item_groups as g "; - $sql .= "where i.menu_item_uuid = g.menu_item_uuid "; - $sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; - $sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid "; - $sql .= "and g.group_name = :group_name "; - $parameters['menu_item_parent_uuid'] = $menu_item_parent_uuid; - $parameters['group_name'] = $group_name; - $database = new database; - $result_count = $database->select($sql, $parameters, 'column'); + $sql = "select count(*) from v_menu_items as i, v_menu_item_groups as g "; + $sql .= "where i.menu_item_uuid = g.menu_item_uuid "; + $sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; + $sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid "; + $sql .= "and g.group_name = :group_name "; + $parameters['menu_item_parent_uuid'] = $menu_item_parent_uuid; + $parameters['group_name'] = $group_name; + $database = new database; + $result_count = $database->select($sql, $parameters, 'column'); - if ($result_count == 0) { - $array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid; - $array['menu_item_groups'][0]['group_name'] = $group_name; - $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; + if ($result_count == 0) { + $array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid; + $array['menu_item_groups'][0]['group_name'] = $group_name; + $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; - $p = new permissions; - $p->add('menu_item_group_delete', 'temp'); + $p = new permissions; + $p->add('menu_item_group_delete', 'temp'); - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->delete($array); - unset($array); + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->delete($array); + unset($array); - $p->delete('menu_item_group_delete', 'temp'); + $p->delete('menu_item_group_delete', 'temp'); + } + unset($sql, $parameters, $result_count); + } } - unset($sql, $parameters, $result_count); } } + //set the permission to false in the permissions_db_checklist + $permissions_db_checklist[$permission] = "false"; } - //set the permission to false in the permissions_db_checklist - $permissions_db_checklist[$permission] = "false"; - } - if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") { - //add the record - $array['group_permissions'][0]['group_permission_uuid'] = uuid(); - if (is_uuid($domain_uuid)) { - $array['group_permissions'][0]['domain_uuid'] = $domain_uuid; - } - $array['group_permissions'][0]['permission_name'] = $permission; - $array['group_permissions'][0]['group_name'] = $group_name; - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->save($array); - unset($array); + if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") { + //add the record + $array['group_permissions'][0]['group_permission_uuid'] = uuid(); + if (is_uuid($domain_uuid)) { + $array['group_permissions'][0]['domain_uuid'] = $domain_uuid; + } + $array['group_permissions'][0]['permission_name'] = $permission; + $array['group_permissions'][0]['group_name'] = $group_name; + $array['group_permissions'][0]['group_uuid'] = $group_uuid; + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->save($array); + unset($array); - foreach($apps as $app) { - foreach ($app['permissions'] as $row) { - if ($row['name'] == $permission) { + foreach ($apps as $app) { + if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) { + foreach ($app['permissions'] as $row) { + if ($row['name'] == $permission) { - $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; - $array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid']; - $array['menu_item_groups'][0]['group_name'] = $group_name; + $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; + $array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid']; + $array['menu_item_groups'][0]['group_name'] = $group_name; - $p = new permissions; - $p->add('menu_item_group_add', 'temp'); + $p = new permissions; + $p->add('menu_item_group_add', 'temp'); - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->save($array); - unset($array); + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->save($array); + unset($array); - $p->delete('menu_item_group_add', 'temp'); + $p->delete('menu_item_group_add', 'temp'); - $sql = "select menu_item_parent_uuid from v_menu_items "; - $sql .= "where menu_item_uuid = :menu_item_uuid "; - $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; - $parameters['menu_item_uuid'] = $row['menu']['uuid']; - $database = new database; - $menu_item_parent_uuid = $database->select($sql, $parameters, 'column'); - unset($sql, $parameters); + $sql = "select menu_item_parent_uuid from v_menu_items "; + $sql .= "where menu_item_uuid = :menu_item_uuid "; + $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; + $parameters['menu_item_uuid'] = $row['menu']['uuid']; + $database = new database; + $menu_item_parent_uuid = $database->select($sql, $parameters, 'column'); + unset($sql, $parameters); - $sql = "select count(*) from v_menu_item_groups "; - $sql .= "where menu_item_uuid = :menu_item_uuid "; - $sql .= "and group_name = :group_name "; - $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; - $parameters['menu_item_uuid'] = $menu_item_parent_uuid; - $parameters['group_name'] = $group_name; - $database = new database; - $result_count = $database->select($sql, $parameters, 'column'); + $sql = "select count(*) from v_menu_item_groups "; + $sql .= "where menu_item_uuid = :menu_item_uuid "; + $sql .= "and group_name = :group_name "; + $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; + $parameters['menu_item_uuid'] = $menu_item_parent_uuid; + $parameters['group_name'] = $group_name; + $database = new database; + $result_count = $database->select($sql, $parameters, 'column'); - if ($result_count == 0) { - $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; - $array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid; - $array['menu_item_groups'][0]['group_name'] = $group_name; + if ($result_count == 0) { + $array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286'; + $array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid; + $array['menu_item_groups'][0]['group_name'] = $group_name; - $p = new permissions; - $p->add('menu_item_group_add', 'temp'); + $p = new permissions; + $p->add('menu_item_group_add', 'temp'); - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->save($array); - unset($array); + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->save($array); + unset($array); - $p->delete('menu_item_group_add', 'temp'); + $p->delete('menu_item_group_add', 'temp'); + } + + unset($sql, $parameters, $result_count); + } } - - unset($sql, $parameters, $result_count); } } + //set the permission to true in the permissions_db_checklist + $permissions_db_checklist[$permission] = "true"; } - //set the permission to true in the permissions_db_checklist - $permissions_db_checklist[$permission] = "true"; } } } @@ -324,171 +324,100 @@ return; } -//copy group javascript - echo "\n"; - -//prevent enter key submit on search field - echo "\n"; +//include the header + $document['title'] = $text['title-group_permissions']; + require_once "resources/header.php"; //show the content - echo "
\n"; - echo "\n"; - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
"; - echo " ".$text['header-group_permissions'].escape($group_name).""; - echo "

"; - echo " 		\n"; - echo " "; - echo " \n"; - echo " "; - echo " \n"; - echo "
\n"; - echo " ".$text['description-group_permissions']."\n"; - echo "
\n"; + echo "
\n"; + echo "
".$text['header-group_permissions'].''.escape($group_name)."
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'collapse'=>'hide-sm-dn','link'=>'groups.php']); + echo "\n"; + echo "\n"; + echo ""; + echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','collapse'=>'hide-sm-dn','style'=>($search != '' ? 'display: none;' : null)]); + echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','collapse'=>'hide-sm-dn','link'=>'group_permissions.php?group_uuid='.urlencode($group_uuid),'style'=>($search == '' ? 'display: none;' : null)]); + echo button::create(['type'=>'button','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'collapse'=>'hide-sm-dn','style'=>'margin-left: 15px;','onclick'=>"document.getElementById('frm').submit();"]); + echo " \n"; + echo "
\n"; + echo "
\n"; + echo "
\n"; + + echo $text['description-group_permissions']."\n"; echo "

\n"; - $c = 0; - $row_style["0"] = "row_style0"; - $row_style["1"] = "row_style1"; + echo "
\n"; - //list all the permissions - foreach($apps as $app_index => $app) { - //hide apps for which there are no permissions + foreach ($apps as $app_index => $app) { + + //skip apps for which there are no permissions if (!is_array($app['permissions']) || sizeof($app['permissions']) == 0) { continue; } - $app_name = $app['name']; - $description = $app['description']['en-us']; + //skip apps for which search doesn't match at least one permission + if ($search) { + $permission_matched = false; + foreach ($app['permissions'] as $row) { + if (substr_count(strtolower($row['name']), strtolower($search)) > 0) { + $permission_matched = true; + break; + } + } + if (!$permission_matched) { continue; } + } - //used to hide apps, even if permissions don't exist + $app_name = $app['name']; + $description = $app['description']['en-us']; + + //used to hide apps, even if permissions don't exist $array_apps_unique[] = str_replace(' ','_',strtolower($app['name'])); - echo "
"; - echo "".$app_name."
\n"; - if ($description != '') { echo $description."
\n"; } - echo "
"; + echo "".$app_name."
\n"; + if ($description != '') { echo $description."
\n"; } + echo "
"; - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo "
".$text['label-permission_permissions']."".$text['label-permission_description']."
\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; - foreach ($app['permissions'] as $permission_index => $row) { - $checked = ($permissions_db_checklist[$row['name']] == "true") ? "checked='checked'" : null; - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "\n"; - $c = ($c == 0) ? 1 : 0; + foreach ($app['permissions'] as $permission_index => $row) { + //skip permission if doesn't match search + if ($search && substr_count(strtolower($row['name']), strtolower($search)) == 0) { continue; } - //populate search/filter arrays + $checked = ($permissions_db_checklist[$row['name']] == "true") ? "checked='checked'" : null; + echo "\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo "\n"; + + //populate search/filter arrays $array_apps[] = str_replace(' ','_',strtolower($app['name'])); $array_apps_original[] = $app['name']; $array_permissions[] = $row['name']; $array_descriptions[] = str_replace('"','\"',$row['description']); - $app_permissions[$app_index][] = "perm_".$app_index."_".$permission_index; - } + $app_permissions[$app_index][] = "perm_".$app_index."_".$permission_index; + } - echo " \n"; - echo " \n"; - echo " \n"; - echo "
\n"; + echo " \n"; + echo " ".$text['label-permission_permissions']."".$text['label-permission_description']." 
".escape($row['name'])."".escape($row['description'])." 
\n"; + echo " \n"; + echo " ".escape($row['name'])."".escape($row['description'])." 
"; - echo "
\n\n"; + echo "\n"; + echo "

\n"; - } //end foreach - echo "
"; + } + + echo "\n"; + echo "\n"; echo "
\n"; -//check or uncheck all category checkboxes - echo "\n"; - -//setting search script - echo "\n"; - //show the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/core/groups/groupmemberadd.php b/core/groups/groupmemberadd.php index 6da2c01620..b04ec1a3ef 100644 --- a/core/groups/groupmemberadd.php +++ b/core/groups/groupmemberadd.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2012 + Portions created by the Initial Developer are Copyright (C) 2008-2020 the Initial Developer. All Rights Reserved. Contributor(s): @@ -83,4 +83,4 @@ //redirect the user header("Location: groupmembers.php?group_uuid=".$group_uuid."&group_name=".$group_name); -?> +?> \ No newline at end of file diff --git a/core/groups/groupmembers.php b/core/groups/groupmembers.php index 3e37511b7d..f45f0f4ead 100644 --- a/core/groups/groupmembers.php +++ b/core/groups/groupmembers.php @@ -48,6 +48,29 @@ $language = new text; $text = $language->get(); +//get the http post data + if (is_array($_POST['group_members'])) { + $action = $_POST['action']; + $group_uuid = $_POST['group_uuid']; + $group_members = $_POST['group_members']; + } + +//process the http post data by action + if ($action != '' && is_array($group_members) && @sizeof($group_members) != 0) { + switch ($action) { + case 'delete': + if (permission_exists('group_member_delete') && is_uuid($group_uuid)) { + $obj = new groups; + $obj->group_uuid = $group_uuid; + $obj->delete_members($group_members); + } + break; + } + + header('Location: groupmembers.php?group_uuid='.urlencode($group_uuid)); + exit; + } + //get the group uuid, lookup domain uuid (if any) and name $group_uuid = $_REQUEST['group_uuid']; $sql = "select domain_uuid, group_name from v_groups "; @@ -107,93 +130,93 @@ $parameters['group_uuid'] = $group_uuid; $database = new database; $result = $database->select($sql, $parameters, 'all'); + $num_rows = is_array($result) && @sizeof($result) != 0 ? sizeof($result) : 0; unset($sql, $parameters); //create token $object = new token; - $token = $object->create('/core/groups/groupmembers.php'); + $token = $object->create($_SERVER['PHP_SELF']); //include the header - require_once "resources/header.php"; $document['title'] = $text['title-group_members']; + require_once "resources/header.php"; //show the content - $c = 0; - $row_style["0"] = "row_style0"; - $row_style["1"] = "row_style1"; - - echo "\n"; - echo " \n"; - echo " \n"; - echo " "; + echo "
\n"; + echo "
".$text['header-group_members']." ".$group_name." (".$num_rows.")
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'groups.php']); + if (permission_exists('group_member_delete') && $result) { + echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'collapse'=>'hide-xs','style'=>'margin-right: 15px;','onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]); + } if (permission_exists('group_member_add')) { - echo "
\n"; + echo " "; + echo ""; + echo ""; + echo ""; + echo ""; + echo button::create(['type'=>'submit','label'=>$text['button-add_member'],'icon'=>$_SESSION['theme']['button_icon_add'],'collapse'=>'hide-xs']); + echo " \n"; } - echo " \n"; - echo "
\n"; - echo " ".$text['header-group_members'].$group_name."\n"; - echo " \n"; - echo " "; - echo " \n"; - echo "
"; - echo " \n"; + echo " \n"; + foreach ($users as $field) { if (is_group_member($group_uuid, $field['user_uuid'])) { - echo " \n"; + echo "\n"; } } unset($sql, $users); - echo " "; - echo " "; - echo " "; - echo " "; - echo " \n"; - echo " "; - echo "
"; - echo "
\n"; - echo "
"; + echo " \n"; + echo "
\n"; + echo "\n"; - $echo = "\n"; - $echo .= "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + echo "
\n"; + echo "\n"; + if (permission_exists('group_member_delete')) { + echo " \n"; + } if (permission_exists('user_all')) { - $echo .= "\n"; + echo "\n"; } - $echo .= " \n"; - $echo .= " \n"; - $echo .= "\n"; + echo " \n"; + echo "\n"; - $count = 0; - if (is_array($result) && sizeof($result) != 0) { + if (is_array($result) && @sizeof($result) != 0) { + $x = 0; foreach ($result as &$row) { - $username = $row["username"]; - $user_uuid = $row["user_uuid"]; - $domain_uuid = $row["domain_uuid"]; - $group_uuid = $row["group_uuid"]; - $echo .= ""; - if (permission_exists('user_all')) { - $echo .= "\n"; - } - $echo .= "\n"; - $echo .= ""; if (permission_exists('group_member_delete')) { - $echo .= "".$v_link_label_delete.""; + echo " \n"; } - $echo .= "\n"; - $echo .= "\n"; + if (permission_exists('user_all')) { + echo "\n"; + } + echo "\n"; + echo "\n"; + $x++; - $c = ($c) ? 0 : 1; +// echo "".$v_link_label_delete.""; $user_groups[] = $row["user_uuid"]; - $count++; } } - $echo .= "
\n"; + echo " \n"; + echo " ".$text['label-domain']."".$text['label-domain']."".$text['label-username']." 
".$text['label-username']."
".$_SESSION['domains'][$domain_uuid]['domain_name']."".$username.""; + echo "
\n"; + echo " \n"; + echo " \n"; + echo "
".$_SESSION['domains'][$row["domain_uuid"]]['domain_name']."".$row["username"]."
\n"; - $echo .= "

"; - echo $echo; + echo "\n"; + echo "
"; + echo ""; + echo ""; //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/core/groups/groups.php b/core/groups/groups.php index 19f35ae25e..dea19c7b48 100644 --- a/core/groups/groups.php +++ b/core/groups/groups.php @@ -125,6 +125,19 @@ $groups = $database->select($sql, $parameters, 'all'); unset($sql, $parameters); +//get permission counts for each group + if (is_array($groups) && @sizeof($groups) != 0) { + $sql = "select group_uuid, count(group_permission_uuid) as permission_count from v_group_permissions group by group_uuid"; + $database = new database; + $result = $database->select($sql, null, 'all'); + if (is_array($result) && @sizeof($result) != 0) { + foreach ($result as $row) { + $group_permissions[$row['group_uuid']] = $row['permission_count']; + } + } + unset($sql); + } + //create token $object = new token; $token = $object->create($_SERVER['PHP_SELF']); @@ -189,7 +202,7 @@ echo th_order_by('domain_name', $text['label-domain'], $order_by, $order); } echo th_order_by('group_name', $text['label-group_name'], $order_by, $order); - echo " ".$text['label-tools']."\n"; + echo " ".$text['label-tools']."\n"; echo th_order_by('group_level', $text['label-group_level'], $order_by, $order, null, "class='center'"); echo th_order_by('group_protected', $text['label-group_protected'], $order_by, $order, null, "class='center'"); echo " ".$text['label-group_description']."\n"; @@ -222,11 +235,8 @@ echo " ".escape($row['group_name']); } echo " \n"; - echo " \n"; - echo " ".$text['label-group_permissions']."\n"; - echo "   \n"; - echo " ".$text['label-group_members']." (".$row['group_members'].")\n"; - echo " \n"; + echo " ".$text['label-group_permissions']." (".($group_permissions[$row['group_uuid']] ?: 0).")\n"; + echo " ".$text['label-group_members']." (".$row['group_members'].")\n"; echo " ".escape($row['group_level'])."\n"; if (permission_exists('group_edit')) { echo " \n"; diff --git a/core/groups/resources/classes/groups.php b/core/groups/resources/classes/groups.php index 74cc1b015b..4405afd5e0 100644 --- a/core/groups/resources/classes/groups.php +++ b/core/groups/resources/classes/groups.php @@ -44,6 +44,7 @@ if (!class_exists('groups')) { private $toggle_field; private $toggle_values; private $location; + public $group_uuid; /** * called when the object is created @@ -52,11 +53,6 @@ if (!class_exists('groups')) { //assign the variables $this->app_name = 'groups'; $this->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $this->name = 'group'; - $this->table = 'groups'; - $this->toggle_field = 'group_protected'; - $this->toggle_values = ['true','false']; - $this->location = 'groups.php'; } /** @@ -73,6 +69,11 @@ if (!class_exists('groups')) { * delete rows from the database */ public function delete($records) { + //assign the variables + $this->name = 'group'; + $this->table = 'groups'; + $this->location = 'groups.php'; + if (permission_exists($this->name.'_delete')) { //add multi-lingual support @@ -122,10 +123,72 @@ if (!class_exists('groups')) { } } + public function delete_members($records) { + //assign the variables + $this->name = 'group_member'; + $this->table = 'user_groups'; + $this->location = 'groupmembers.php?group_uuid='.$this->group_uuid; + + if (permission_exists($this->name.'_delete')) { + + //add multi-lingual support + $language = new text; + $text = $language->get(); + + //validate the token + $token = new token; + if (!$token->validate($_SERVER['PHP_SELF'])) { + message::add($text['message-invalid_token'],'negative'); + header('Location: '.$this->location); + exit; + } + + //delete multiple records + if (is_array($records) && @sizeof($records) != 0) { + //build array of checked records + foreach ($records as $x => $record) { + if ($record['checked'] == 'true' && is_uuid($record['uuid'])) { + $array[$this->table][$x]['user_uuid'] = $record['uuid']; + $array[$this->table][$x]['group_uuid'] = $this->group_uuid; + } + } + + //delete the checked rows + if (is_array($array) && @sizeof($array) != 0) { + + //grant temporary permissions + $p = new permissions; + $p->add('user_group_delete', 'temp'); + + //execute delete + $database = new database; + $database->app_name = $this->app_name; + $database->app_uuid = $this->app_uuid; + $database->delete($array); + unset($array); + + //revoke temporary permissions + $p->delete('user_group_delete', 'temp'); + + //set message + message::add($text['message-delete']); + } + unset($records); + } + } + } + /** * toggle a field between two values */ public function toggle($records) { + //assign the variables + $this->name = 'group'; + $this->table = 'groups'; + $this->toggle_field = 'group_protected'; + $this->toggle_values = ['true','false']; + $this->location = 'groups.php'; + if (permission_exists($this->name.'_edit')) { //add multi-lingual support @@ -195,6 +258,11 @@ if (!class_exists('groups')) { * copy rows from the database */ public function copy($records) { + //assign the variables + $this->name = 'group'; + $this->table = 'groups'; + $this->location = 'groups.php'; + if (permission_exists($this->name.'_add')) { //add multi-lingual support