From c5f7e61c82632bcfc60256f28065a58d046f9354 Mon Sep 17 00:00:00 2001 From: markjcrane Date: Mon, 15 May 2023 22:38:46 -0600 Subject: [PATCH] Update group files prevent null errors. --- core/groups/app_defaults.php | 1 + core/groups/group_edit.php | 60 +- ...roupmemberadd.php => group_member_add.php} | 0 core/groups/group_members.php | 38 +- core/groups/group_permissions.php | 800 +++++++++--------- core/groups/groupmemberdelete.php | 73 -- core/groups/groups.php | 542 ++++++------ 7 files changed, 725 insertions(+), 789 deletions(-) rename core/groups/{groupmemberadd.php => group_member_add.php} (100%) delete mode 100644 core/groups/groupmemberdelete.php diff --git a/core/groups/app_defaults.php b/core/groups/app_defaults.php index ac6da67793..aa4b737e7a 100644 --- a/core/groups/app_defaults.php +++ b/core/groups/app_defaults.php @@ -116,6 +116,7 @@ if ($domains_processed == 1) { //add or update the view $sql = "CREATE VIEW view_groups AS ("; $sql .= " select domain_uuid, group_uuid, group_name, "; + $sql .= " (select domain_name from v_domains where domain_uuid = g.domain_uuid) as domain_name, "; $sql .= " (select count(*) from v_group_permissions where group_uuid = g.group_uuid) as group_permissions, "; $sql .= " (select count(*) from v_user_groups where group_uuid = g.group_uuid) as group_members, "; $sql .= " group_level, group_protected, group_description "; diff --git a/core/groups/group_edit.php b/core/groups/group_edit.php index 9070b17caa..2bc5fa4b7a 100644 --- a/core/groups/group_edit.php +++ b/core/groups/group_edit.php @@ -46,31 +46,36 @@ $text = $language->get(); //action add or update - if (is_uuid($_REQUEST["id"])) { + if (!empty($_REQUEST["id"]) && is_uuid($_REQUEST["id"])) { $action = "update"; $group_uuid = $_REQUEST["id"]; - $id = $_REQUEST["id"]; } else { $action = "add"; + $group_uuid = ''; } +//set default values + $group_name = ''; + $group_level = '10'; + $group_description = ''; + //get http post variables and set them to php variables - if (is_array($_POST)) { - $group_uuid = $_POST["group_uuid"]; - $group_name = $_POST["group_name"]; + if (!empty($_POST)) { + $group_uuid = $_POST["group_uuid"] ?? ''; + $group_name = $_POST["group_name"] ?? ''; $group_name_previous = $_POST["group_name_previous"]; $domain_uuid = $_POST["domain_uuid"]; - $group_level = $_POST["group_level"]; - $group_protected = $_POST["group_protected"]; - $group_description = $_POST["group_description"]; + $group_level = $_POST["group_level"] ?? '10'; + $group_protected = $_POST["group_protected"] ?? ''; + $group_description = $_POST["group_description"] ?? ''; } //process the user data and save it to the database - if (count($_POST) > 0 && empty($_POST["persistformvar"])) { + if (!empty($_POST) && empty($_POST["persistformvar"])) { //process the http post data by submitted action - if ($_POST['action'] != '' && is_uuid($group_uuid)) { + if (!empty($_POST['action']) && is_uuid($group_uuid)) { $array[0]['checked'] = 'true'; $array[0]['uuid'] = $group_uuid; @@ -122,7 +127,7 @@ } //add the group_uuid - if (!is_uuid($_POST["group_uuid"])) { + if (empty($_POST["group_uuid"])) { $group_uuid = uuid(); } @@ -170,8 +175,7 @@ } //pre-populate the form - if (is_array($_GET) && $_POST["persistformvar"] != "true") { - $group_uuid = $_GET["id"]; + if (!empty($group_uuid) && empty($_POST["persistformvar"])) { $sql = "select * from v_groups "; $sql .= "where group_uuid = :group_uuid "; //$sql .= "and domain_uuid = :domain_uuid "; @@ -179,11 +183,11 @@ $parameters['group_uuid'] = $group_uuid; $database = new database; $row = $database->select($sql, $parameters, 'row'); - if (is_array($row) && @sizeof($row) != 0) { + if (!empty($row)) { $group_name = $row["group_name"]; $domain_uuid = $row["domain_uuid"]; - $group_permissions = $row["group_permissions"]; - $group_members = $row["group_members"]; + $group_permissions = $row["group_permissions"] ?? ''; + $group_members = $row["group_members"] ?? ''; $group_level = $row["group_level"]; $group_protected = $row["group_protected"]; $group_description = $row["group_description"]; @@ -206,23 +210,21 @@ echo "
".$text['title-group']."
\n"; echo "
\n"; echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','link'=>'groups.php']); - $button_margin = 'margin-left: 15px;'; if (permission_exists('group_permission_view')) { - echo button::create(['type'=>'button','label'=>$text['button-permissions'],'icon'=>'key','style'=>$button_margin,'link'=>'group_permissions.php?group_uuid='.urlencode($group_uuid)]); - unset($button_margin); + $button_margin = 'margin-left: 15px;'; + echo button::create(['type'=>'button','label'=>$text['button-permissions'],'icon'=>'key','style'=>$button_margin,'link'=>'group_permissions.php?group_uuid='.urlencode($group_uuid ?? '')]); } if (permission_exists('group_member_view')) { - echo button::create(['type'=>'button','label'=>$text['button-members'],'icon'=>'users','style'=>$button_margin,'link'=>'group_members.php?group_uuid='.urlencode($group_uuid)]); - unset($button_margin); + $button_margin = 'margin-left: 0px;'; + echo button::create(['type'=>'button','label'=>$text['button-members'],'icon'=>'users','style'=>$button_margin,'link'=>'group_members.php?group_uuid='.urlencode($group_uuid ?? '')]); } - $button_margin = 'margin-left: 15px;'; if ($action == 'update' && permission_exists('group_add')) { + $button_margin = 'margin-left: 15px;'; echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'name'=>'btn_copy','style'=>$button_margin,'onclick'=>"modal_open('modal-copy','btn_copy');"]); - unset($button_margin); } if ($action == 'update' && permission_exists('group_delete')) { + $button_margin = 'margin-left: 0px;'; echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'btn_delete','style'=>$button_margin,'onclick'=>"modal_open('modal-delete','btn_delete');"]); - unset($button_margin); } echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'id'=>'btn_save','style'=>'margin-left: 15px;']); echo "
\n"; @@ -249,7 +251,7 @@ echo " \n"; echo " \n"; echo "
\n"; - echo $text['description-group_name']."\n"; + //echo $text['description-group_name']."\n"; echo "\n"; echo "\n"; @@ -275,7 +277,7 @@ } echo " \n"; echo "
\n"; - echo $text['description-domain_uuid']."\n"; + //echo $text['description-domain_uuid']."\n"; echo "\n"; echo "\n"; @@ -292,7 +294,7 @@ } echo " \n"; echo "
\n"; - echo $text['description-group_level']."\n"; + //echo $text['description-group_level']."\n"; echo "\n"; echo "\n"; @@ -306,7 +308,7 @@ echo " \n"; echo " \n"; echo "
\n"; - echo $text['description-group_protected']."\n"; + //echo $text['description-group_protected']."\n"; echo "\n"; echo "\n"; @@ -317,7 +319,7 @@ echo "\n"; echo " \n"; echo "
\n"; - echo $text['description-group_description']."\n"; + //echo $text['description-group_description']."\n"; echo "\n"; echo "\n"; diff --git a/core/groups/groupmemberadd.php b/core/groups/group_member_add.php similarity index 100% rename from core/groups/groupmemberadd.php rename to core/groups/group_member_add.php diff --git a/core/groups/group_members.php b/core/groups/group_members.php index e7ac7b5a54..8df988db23 100644 --- a/core/groups/group_members.php +++ b/core/groups/group_members.php @@ -51,15 +51,18 @@ $language = new text; $text = $language->get(); -//get the http post data - if (is_array($_POST['group_members'])) { - $action = $_POST['action']; - $group_uuid = $_POST['group_uuid']; - $group_members = $_POST['group_members']; - } +//get the http data + $action = $_REQUEST['action'] ?? ''; + $group_uuid = $_REQUEST['group_uuid'] ?? ''; + $group_members = $_REQUEST['group_members'] ?? ''; + +//set default values + $group_name = ''; + $domain_uuid = ''; + $list_row_url = ''; //process the http post data by action - if ($action != '' && is_array($group_members) && @sizeof($group_members) != 0) { + if (!empty($action) && !empty($group_members)) { switch ($action) { case 'delete': if (permission_exists('group_member_delete') && is_uuid($group_uuid)) { @@ -75,7 +78,6 @@ } //get the group uuid, lookup domain uuid (if any) and name - $group_uuid = $_REQUEST['group_uuid']; $sql = "select domain_uuid, group_name from v_groups "; $sql .= "where group_uuid = :group_uuid "; $parameters['group_uuid'] = $group_uuid; @@ -120,12 +122,16 @@ unset($sql, $parameters); //add group_member to the users array - foreach ($users as &$field) { - $field['group_member'] = 'false'; - foreach($user_groups as $row) { - if ($row['user_uuid'] == $field['user_uuid']) { - $field['group_member'] = 'true'; - break; + if (!empty($users)) { + foreach ($users as &$field) { + $field['group_member'] = 'false'; + if (!empty($user_groups)) { + foreach($user_groups as $row) { + if ($row['user_uuid'] == $field['user_uuid']) { + $field['group_member'] = 'true'; + break; + } + } } } } @@ -148,7 +154,7 @@ } if (permission_exists('group_member_add')) { - echo "
\n"; + echo "\n"; echo " \n"; + echo " \n"; echo " \n"; } if (permission_exists('user_all')) { diff --git a/core/groups/group_permissions.php b/core/groups/group_permissions.php index 25bd9d40fa..b6fe893615 100644 --- a/core/groups/group_permissions.php +++ b/core/groups/group_permissions.php @@ -1,400 +1,400 @@ - - Portions created by the Initial Developer are Copyright (C) 2018-2020 - the Initial Developer. All Rights Reserved. - - Contributor(s): - Mark J Crane -*/ - -//set the include path - $conf = glob("{/usr/local/etc,/etc}/fusionpbx/config.conf", GLOB_BRACE); - set_include_path(parse_ini_file($conf[0])['document.root']); - -//includes files - require_once "resources/require.php"; - require_once "resources/check_auth.php"; - -//check permissions - if (permission_exists('group_permission_view')) { - //access granted - } - else { - echo "access denied"; - exit; - } - -//action add or update - if (is_uuid($_REQUEST["group_uuid"])) { - $group_uuid = $_REQUEST["group_uuid"]; - } - -//get the group_name - if (is_uuid($group_uuid)) { - $sql = "select group_name from v_groups "; - $sql .= "where group_uuid = :group_uuid "; - $parameters['group_uuid'] = $group_uuid; - $database = new database; - $group_name = $database->select($sql, $parameters, 'column'); - unset($sql, $parameters); - } - -//add multi-lingual support - $language = new text; - $text = $language->get(); - -//process permission reload - if ($_GET['action'] == 'reload' && is_uuid($_GET['group_uuid'])) { - if (is_array($_SESSION["groups"]) && @sizeof($_SESSION["groups"]) != 0) { - //clear current permissions - unset($_SESSION['permissions'], $_SESSION['user']['permissions']); - //get the permissions assigned to the groups that the current user is a member of, set the permissions in session variables - $x = 0; - $sql = "select distinct(permission_name) from v_group_permissions "; - $sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) "; - $sql .= "and permission_assigned = 'true' "; - foreach ($_SESSION["groups"] as $field) { - if (!empty($field['group_name'])) { - $sql_where_or[] = "group_name = :group_name_".$x; - $parameters['group_name_'.$x] = $field['group_name']; - $x++; - } - } - if (is_array($sql_where_or) && @sizeof($sql_where_or) != 0) { - $sql .= "and (".implode(' or ', $sql_where_or).") "; - } - $parameters['domain_uuid'] = $_SESSION["domain_uuid"]; - $database = new database; - $result = $database->select($sql, $parameters, 'all'); - if (is_array($result) && @sizeof($result) != 0) { - foreach ($result as $row) { - $_SESSION['permissions'][$row["permission_name"]] = true; - $_SESSION["user"]["permissions"][$row["permission_name"]] = true; - } - } - unset($sql, $parameters, $result, $row); - //set message and redirect - message::add($text['message-permissions_reloaded'],'positive'); - header('Location: group_permissions.php?group_uuid='.urlencode($_GET['group_uuid'])); - exit; - } - } - -//get the view preference - $view = $_REQUEST['view']; - -//get the http post data - if (is_array($_POST['group_permissions'])) { - $action = $_POST['action']; - $search = $_POST['search']; - $group_permissions = $_POST['group_permissions']; - } - -//add the search string - if (isset($_REQUEST["search"])) { - $search = strtolower($_REQUEST["search"]); - $sql_search = " ("; - $sql_search .= " lower(p.permission_name) like :search \n"; - $sql_search .= ") "; - $parameters['search'] = '%'.$search.'%'; - } - -//get the list - $sql = "select "; - $sql .= " distinct p.permission_name, \n"; - $sql .= " p.application_name, \n"; - $sql .= " g.permission_protected, \n"; - $sql .= " g.group_permission_uuid, \n"; - $sql .= " g.permission_assigned \n"; - $sql .= "from v_permissions as p \n"; - $sql .= "left join \n"; - $sql .= " v_group_permissions as g \n"; - $sql .= " on p.permission_name = g.permission_name \n"; - $sql .= " and group_name = :group_name \n"; - $sql .= " and g.group_uuid = :group_uuid \n"; - if (isset($sql_search)) { - $sql .= "where ".$sql_search; - } - $sql .= " order by p.application_name, p.permission_name asc "; - $parameters['group_name'] = $group_name; - $parameters['group_uuid'] = $group_uuid; - $database = new database; - $group_permissions = $database->select($sql, $parameters, 'all'); - -//process the user data and save it to the database - if (count($_POST) > 0 && empty($_POST["persistformvar"])) { - $x = 0; - if (is_array($_POST['group_permissions'])) { - foreach($_POST['group_permissions'] as $row) { - //reset values - $action = ""; - $save_permission = false; - $delete_permission = false; - $save_protected = false; - $delete_protected = false; - $persist = false; - - //get the action save or delete - foreach($group_permissions as $field) { - if ($field['permission_name'] === $row['permission_name']) { - if ($field['permission_assigned'] == 'true') { - if ($row['checked'] == "true") { - $persist = true; - } - else { - $delete_permission = true; - } - } - else { - - if ($row['checked'] == "true") { - $save_permission = true; - } - else { - //do nothing - } - } - - if ($field['permission_protected'] == 'true') { - if ($row['permission_protected'] == "true") { - $persist = true; - } - else { - $delete_protected = true; - } - } - else { - if ($row['permission_protected'] == "true") { - $save_protected = true; - } - else { - //do nothing - } - } - - if ($save_permission || $save_protected) { - $action = "save"; - } - elseif ($delete_permission || $delete_protected){ - if ($persist) { - $action = "save"; - } - else { - $action = "delete"; - } - } - else { - $action = ""; - } - $group_permission_uuid = $field['group_permission_uuid']; - break; - } - } - - //build the array; - if ($action == "save") { - if (empty($group_permission_uuid)) { - $group_permission_uuid = uuid(); - } - if (isset($row['permission_name']) && !empty($row['permission_name'])) { - $array['save']['group_permissions'][$x]['group_permission_uuid'] = $group_permission_uuid; - $array['save']['group_permissions'][$x]['permission_name'] = $row['permission_name']; - $array['save']['group_permissions'][$x]['permission_protected'] = $row['permission_protected'] == 'true' ? "true" : 'false'; - $array['save']['group_permissions'][$x]['permission_assigned'] = $row['checked'] != "true" ? "false" : "true"; - $array['save']['group_permissions'][$x]['group_uuid'] = $group_uuid; - $array['save']['group_permissions'][$x]['group_name'] = $group_name; - $x++; - } - } - - if ($action == "delete") { - if (isset($row['permission_name']) && !empty($row['permission_name'])) { - $array['delete']['group_permissions'][$x]['permission_name'] = $row['permission_name']; - $array['delete']['group_permissions'][$x]['group_uuid'] = $group_uuid; - $array['delete']['group_permissions'][$x]['group_name'] = $group_name; - } - $x++; - } - } - } - - //validate the token - $token = new token; - if (!$token->validate($_SERVER['PHP_SELF'])) { - message::add($text['message-invalid_token'],'negative'); - header('Location: group_permissions.php?group_uuid='.urlencode($group_uuid).($view ? '&view='.urlencode($view) : null).($search ? '&search='.urlencode($search) : null)); - exit; - } - - //save the save array - if (is_array($array['save']) && @sizeof($array['save']) != 0) { - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->save($array['save']); - $message = $database->message; - } - - //delete the delete array - if (is_array($array['delete']) && @sizeof($array['delete']) != 0) { - if (permission_exists('group_permission_delete')) { - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->delete($array['delete']); - } - } - - //set the message - message::add($text['message-update']); - - //redirect - header('Location: group_permissions.php?group_uuid='.urlencode($group_uuid)); - exit; - } - -//create token - $object = new token; - $token = $object->create($_SERVER['PHP_SELF']); - -//include the header - $document['title'] = $text['title-group_permissions']; - require_once "resources/header.php"; - -//show the content - echo "
\n"; - echo "
".$text['title-group_permissions']." (".escape($group_name).")
\n"; - echo "
\n"; - echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','style'=>'margin-right: 15px;','collapse'=>'hide-sm-dn','link'=>'groups.php']); - echo button::create(['type'=>'button','label'=>$text['button-reload'],'icon'=>$_SESSION['theme']['button_icon_reload'],'link'=>'?group_uuid='.urlencode($group_uuid).'&action=reload']); - if (permission_exists('group_member_view')) { - echo button::create(['type'=>'button','label'=>$text['button-members'],'icon'=>'users','link'=>'group_members.php?group_uuid='.urlencode($group_uuid)]); - } - echo "\n"; - echo "\n"; - echo "\n"; - echo ""; - echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','collapse'=>'hide-sm-dn','style'=>($search != '' ? 'display: none;' : null)]); - echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','collapse'=>'hide-sm-dn','link'=>'group_permissions.php?group_uuid='.urlencode($group_uuid),'style'=>($search == '' ? 'display: none;' : null)]); - if (permission_exists('group_permission_edit')) { - echo button::create(['type'=>'button','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'id'=>'btn_save','collapse'=>'hide-sm-dn','style'=>'margin-left: 15px;','onclick'=>"document.getElementById('form_list').submit();"]); - } - echo " \n"; - echo "
\n"; - echo "
\n"; - echo "
\n"; - - echo $text['description-group_permissions']."\n"; - echo "

\n"; - - echo "
\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - if (is_array($group_permissions) && @sizeof($group_permissions) != 0) { - $x = 0; - foreach ($group_permissions as $row) { - $checked = ($row['permission_assigned'] === 'true') ? " checked=\"checked\"" : $checked = ''; - $protected = ($row['permission_protected'] === 'true') ? " checked=\"checked\"" : ''; - $application_name = strtolower(str_replace([' ','-'], '_', $row['application_name'])); - $application_name_label = ucwords(str_replace(['_','-'], " ", $row['application_name'])); - - //application heading - if ($previous_application_name !== $row['application_name']) { - echo " "; - echo " \n"; - echo " "; - echo " "; - echo " \n"; - echo " "; - echo " \n"; - if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { - echo " \n"; - } - echo th_order_by('group_name', $text['label-group_name'], $order_by, $order); - if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { - echo th_order_by('group_permission_protected', $text['label-group_protected'], $order_by, $order, null, "style='text-align: right;'"); - echo " \n"; - } - echo " \n"; - $displayed_permissions[$application_name] = 0; - } - - //application permission - if (!$view || ($view == 'assigned' && $checked) || ($view == 'unassigned' && !$checked) || ($view == 'protected' && $protected)) { - echo "\n"; - if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { - echo " \n"; - } - echo " \n"; - if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { - echo " \n"; - echo " \n"; - } - echo "\n"; - $displayed_permissions[$application_name]++; - } - - //set the previous application name - $previous_application_name = $row['application_name']; - $x++; - - } - unset($group_permissions); - - //hide application heading if no permissions displayed - if (is_array($displayed_permissions) && @sizeof($displayed_permissions) != 0) { - echo "\n"; - } - - } - - echo "
 
".escape($application_name_label)."
\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " "; - echo " ".escape($row['permission_name']); - echo "  \n"; - echo " \n"; - echo "
\n"; - echo "
\n"; - -//include the footer - require_once "resources/footer.php"; - -?> + + Portions created by the Initial Developer are Copyright (C) 2018-2023 + the Initial Developer. All Rights Reserved. + + Contributor(s): + Mark J Crane +*/ + +//set the include path + $conf = glob("{/usr/local/etc,/etc}/fusionpbx/config.conf", GLOB_BRACE); + set_include_path(parse_ini_file($conf[0])['document.root']); + +//includes files + require_once "resources/require.php"; + require_once "resources/check_auth.php"; + +//check permissions + if (permission_exists('group_permission_view')) { + //access granted + } + else { + echo "access denied"; + exit; + } + +//get the group_uuid + if (!empty($_REQUEST["group_uuid"])) { + $group_uuid = $_GET['group_uuid']; + } + +//get the group_name + if (isset($group_uuid) && is_uuid($group_uuid)) { + $sql = "select group_name from v_groups "; + $sql .= "where group_uuid = :group_uuid "; + $parameters['group_uuid'] = $group_uuid; + $database = new database; + $group_name = $database->select($sql, $parameters, 'column'); + unset($sql, $parameters); + } + +//add multi-lingual support + $language = new text; + $text = $language->get(); + +//process permission reload + if (!empty($_GET['action']) && $_GET['action'] == 'reload' && !empty($group_uuid)) { + if (is_array($_SESSION["groups"]) && @sizeof($_SESSION["groups"]) != 0) { + //clear current permissions + unset($_SESSION['permissions'], $_SESSION['user']['permissions']); + + //get the permissions assigned to the groups that the current user is a member of, set the permissions in session variables + $x = 0; + $sql = "select distinct(permission_name) from v_group_permissions "; + $sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) "; + $sql .= "and permission_assigned = 'true' "; + foreach ($_SESSION["groups"] as $field) { + if (!empty($field['group_name'])) { + $sql_where_or[] = "group_name = :group_name_".$x; + $parameters['group_name_'.$x] = $field['group_name']; + $x++; + } + } + if (is_array($sql_where_or) && @sizeof($sql_where_or) != 0) { + $sql .= "and (".implode(' or ', $sql_where_or).") "; + } + $parameters['domain_uuid'] = $_SESSION["domain_uuid"]; + $database = new database; + $result = $database->select($sql, $parameters, 'all'); + if (is_array($result) && @sizeof($result) != 0) { + foreach ($result as $row) { + $_SESSION['permissions'][$row["permission_name"]] = true; + $_SESSION["user"]["permissions"][$row["permission_name"]] = true; + } + } + unset($sql, $parameters, $result, $row); + + //set message and redirect + message::add($text['message-permissions_reloaded'],'positive'); + header('Location: group_permissions.php?group_uuid='.urlencode($_GET['group_uuid'])); + exit; + } + } + +//get the http post data + $view = $_REQUEST['view'] ?? ''; + $action = $_POST['action'] ?? ''; + $search = $_POST['search'] ?? ''; + $group_permissions = $_POST['group_permissions'] ?? ''; + +//get the list + $sql = "select "; + $sql .= " distinct p.permission_name, \n"; + $sql .= " p.application_name, \n"; + $sql .= " g.permission_protected, \n"; + $sql .= " g.group_permission_uuid, \n"; + $sql .= " g.permission_assigned \n"; + $sql .= "from v_permissions as p \n"; + $sql .= "left join \n"; + $sql .= " v_group_permissions as g \n"; + $sql .= " on p.permission_name = g.permission_name \n"; + $sql .= " and group_name = :group_name \n"; + $sql .= " and g.group_uuid = :group_uuid \n"; + $sql .= "where true \n"; + if (!empty($search)) { + $sql .= "and ("; + $sql .= " lower(p.permission_name) like :search \n"; + $sql .= ") "; + $parameters['search'] = '%'.$search.'%'; + } + $sql .= " order by p.application_name, p.permission_name asc "; + $parameters['group_name'] = $group_name; + $parameters['group_uuid'] = $group_uuid; + $database = new database; + $group_permissions = $database->select($sql, $parameters, 'all'); + +//process the user data and save it to the database + if (!empty($_POST) > 0 && empty($_POST["persistformvar"])) { + $x = 0; + if (is_array($_POST['group_permissions'])) { + foreach($_POST['group_permissions'] as $row) { + //reset values + $action = ""; + $save_permission = false; + $delete_permission = false; + $save_protected = false; + $delete_protected = false; + $persist = false; + + //set row defaults + $row['checked'] = $row['checked'] ?? ''; + $row['permission_assigned'] = $row['permission_assigned'] ?? ''; + $row['permission_protected'] = $row['permission_protected'] ?? ''; + + //get the action save or delete + foreach($group_permissions as $field) { + if ($field['permission_name'] === $row['permission_name']) { + $row['checked'] = $row['checked'] ?? ''; + $row['permission_assigned'] = $row['permission_assigned'] ?? ''; + if ($field['permission_assigned'] == 'true') { + if ($row['checked'] == "true") { + $persist = true; + } + else { + $delete_permission = true; + } + } + else { + if ($row['checked'] == "true") { + $save_permission = true; + } + else { + //do nothing + } + } + + if ($field['permission_protected'] == 'true') { + if ($row['permission_protected'] == "true") { + $persist = true; + } + else { + $delete_protected = true; + } + } + else { + if ($row['permission_protected'] == "true") { + $save_protected = true; + } + else { + //do nothing + } + } + + if ($save_permission || $save_protected) { + $action = "save"; + } + elseif ($delete_permission || $delete_protected){ + if ($persist) { + $action = "save"; + } + else { + $action = "delete"; + } + } + else { + $action = ""; + } + $group_permission_uuid = $field['group_permission_uuid']; + break; + } + } + + //build the array; + if ($action == "save") { + if (empty($group_permission_uuid)) { + $group_permission_uuid = uuid(); + } + if (isset($row['permission_name']) && !empty($row['permission_name'])) { + $array['save']['group_permissions'][$x]['group_permission_uuid'] = $group_permission_uuid; + $array['save']['group_permissions'][$x]['permission_name'] = $row['permission_name']; + $array['save']['group_permissions'][$x]['permission_protected'] = $row['permission_protected'] == 'true' ? "true" : 'false'; + $array['save']['group_permissions'][$x]['permission_assigned'] = $row['checked'] != "true" ? "false" : "true"; + $array['save']['group_permissions'][$x]['group_uuid'] = $group_uuid; + $array['save']['group_permissions'][$x]['group_name'] = $group_name; + $x++; + } + } + + if ($action == "delete") { + if (isset($row['permission_name']) && !empty($row['permission_name'])) { + $array['delete']['group_permissions'][$x]['permission_name'] = $row['permission_name']; + $array['delete']['group_permissions'][$x]['group_uuid'] = $group_uuid; + $array['delete']['group_permissions'][$x]['group_name'] = $group_name; + } + $x++; + } + } + } + + //validate the token + $token = new token; + if (!$token->validate($_SERVER['PHP_SELF'])) { + message::add($text['message-invalid_token'],'negative'); + header('Location: group_permissions.php?group_uuid='.urlencode($group_uuid).($view ? '&view='.urlencode($view) : null).($search ? '&search='.urlencode($search) : null)); + exit; + } + + //save the save array + if (is_array($array['save']) && @sizeof($array['save']) != 0) { + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->save($array['save']); + $message = $database->message; + } + + //delete the delete array + if (is_array($array['delete']) && @sizeof($array['delete']) != 0) { + if (permission_exists('group_permission_delete')) { + $database = new database; + $database->app_name = 'groups'; + $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; + $database->delete($array['delete']); + } + } + + //set the message + message::add($text['message-update']); + + //redirect + header('Location: group_permissions.php?group_uuid='.urlencode($group_uuid)); + exit; + } + +//create token + $object = new token; + $token = $object->create($_SERVER['PHP_SELF']); + +//include the header + $document['title'] = $text['title-group_permissions']; + require_once "resources/header.php"; + +//show the content + echo "
\n"; + echo "
".$text['title-group_permissions']." (".escape($group_name).")
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','style'=>'margin-right: 15px;','collapse'=>'hide-sm-dn','link'=>'groups.php']); + echo button::create(['type'=>'button','label'=>$text['button-reload'],'icon'=>$_SESSION['theme']['button_icon_reload'],'link'=>'?group_uuid='.urlencode($group_uuid).'&action=reload']); + if (permission_exists('group_member_view')) { + echo button::create(['type'=>'button','label'=>$text['button-members'],'icon'=>'users','link'=>'group_members.php?group_uuid='.urlencode($group_uuid)]); + } + echo "\n"; + echo "
\n"; + echo "
\n"; + echo "
\n"; + + echo $text['description-group_permissions']."\n"; + echo "

\n"; + + echo "
\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + if (is_array($group_permissions) && @sizeof($group_permissions) != 0) { + $x = 0; + foreach ($group_permissions as $row) { + $previous_application_name = $previous_application_name ?? ''; + $checked = ($row['permission_assigned'] === 'true') ? " checked=\"checked\"" : $checked = ''; + $protected = ($row['permission_protected'] === 'true') ? " checked=\"checked\"" : ''; + $application_name = strtolower(str_replace([' ','-'], '_', $row['application_name'])); + $application_name_label = ucwords(str_replace(['_','-'], " ", $row['application_name'])); + + //application heading + if ($previous_application_name !== $row['application_name']) { + echo " "; + echo " \n"; + echo " "; + echo " "; + echo " \n"; + echo " "; + echo " \n"; + if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { + echo " \n"; + } + echo " \n"; + if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { + echo " \n"; + echo " \n"; + } + echo " \n"; + $displayed_permissions[$application_name] = 0; + } + + //application permission + if (!$view || ($view == 'assigned' && $checked) || ($view == 'unassigned' && !$checked) || ($view == 'protected' && $protected)) { + echo "\n"; + if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { + echo " \n"; + } + echo " \n"; + if (permission_exists('group_permission_add') || permission_exists('group_permission_edit') || permission_exists('group_permission_delete')) { + echo " \n"; + echo " \n"; + } + echo "\n"; + $displayed_permissions[$application_name]++; + } + + //set the previous application name + $previous_application_name = $row['application_name']; + $x++; + + } + unset($group_permissions); + + //hide application heading if no permissions displayed + if (is_array($displayed_permissions) && @sizeof($displayed_permissions) != 0) { + echo "\n"; + } + + } + + echo "
 
".escape($application_name_label)."
\n"; + echo " \n"; + echo " ".$text['label-group_name']."".$text['label-group_protected']."\n"; + echo " \n"; + echo "
\n"; + echo " \n"; + //echo " \n"; + echo " \n"; + echo " "; + echo " ".escape($row['permission_name']); + echo "  \n"; + echo " \n"; + echo "
\n"; + echo "
\n"; + +//include the footer + require_once "resources/footer.php"; + +?> diff --git a/core/groups/groupmemberdelete.php b/core/groups/groupmemberdelete.php deleted file mode 100644 index 6df7512804..0000000000 --- a/core/groups/groupmemberdelete.php +++ /dev/null @@ -1,73 +0,0 @@ - - Portions created by the Initial Developer are Copyright (C) 2008-2012 - the Initial Developer. All Rights Reserved. - - Contributor(s): - Mark J Crane -*/ - -//set the include path - $conf = glob("{/usr/local/etc,/etc}/fusionpbx/config.conf", GLOB_BRACE); - set_include_path(parse_ini_file($conf[0])['document.root']); - -//includes files - require_once "resources/require.php"; - require_once "resources/check_auth.php"; - -//check permissions - if (permission_exists('group_member_delete') || if_group("superadmin")) { - //access allowed - } - else { - echo "access denied"; - return; - } - -//requires a superadmin to delete superadmin group - if (!if_group("superadmin") && $_GET["group_name"] == "superadmin") { - echo "access denied"; - return; - } - -//get the http values and set them as variables - $group_name = $_GET["group_name"]; - $user_uuid = $_GET["user_uuid"]; - $group_uuid = $_GET["group_uuid"]; - -//delete the group membership - $p = new permissions; - $p->add('user_group_delete', 'temp'); - - $array['user_groups'][0]['user_uuid'] = $user_uuid; - $array['user_groups'][0]['group_uuid'] = $group_uuid; - $database = new database; - $database->app_name = 'groups'; - $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84'; - $database->delete($array); - unset($array); - - $p->delete('user_group_delete', 'temp'); - -//redirect the user - message::add($text['message-delete']); - header("Location: group_members.php?group_uuid=".$group_uuid."&group_name=".$group_name); - -?> diff --git a/core/groups/groups.php b/core/groups/groups.php index 62d54359e9..7912fdceea 100644 --- a/core/groups/groups.php +++ b/core/groups/groups.php @@ -1,271 +1,271 @@ - - Portions created by the Initial Developer are Copyright (C) 2018-2020 - the Initial Developer. All Rights Reserved. - - Contributor(s): - Mark J Crane -*/ - -//set the include path - $conf = glob("{/usr/local/etc,/etc}/fusionpbx/config.conf", GLOB_BRACE); - set_include_path(parse_ini_file($conf[0])['document.root']); - -//includes files - require_once "resources/require.php"; - require_once "resources/check_auth.php"; - require_once "resources/paging.php"; - -//check permissions - if (permission_exists('group_view')) { - //access granted - } - else { - echo "access denied"; - exit; - } - -//add multi-lingual support - $language = new text; - $text = $language->get(); - -//get the http post data - if (is_array($_POST['groups'])) { - $action = $_POST['action']; - $search = $_POST['search']; - $groups = $_POST['groups']; - } - -//process the http post data by action - if ($action != '' && is_array($groups) && @sizeof($groups) != 0) { - switch ($action) { - case 'copy': - if (permission_exists('group_add')) { - $obj = new groups; - $obj->copy($groups); - } - break; - case 'toggle': - if (permission_exists('group_edit')) { - $obj = new groups; - $obj->toggle($groups); - } - break; - case 'delete': - if (permission_exists('group_delete')) { - $obj = new groups; - $obj->delete($groups); - } - break; - } - - header('Location: groups.php'.($search != '' ? '?search='.urlencode($search) : null)); - exit; - } - -//get order and order by - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; - -//add the search string - if (isset($_GET["search"])) { - $search = strtolower($_GET["search"]); - $sql_search = " ("; - $sql_search .= " lower(group_name) like :search "; - $sql_search .= " or lower(group_description) like :search "; - $sql_search .= ") "; - $parameters['search'] = '%'.$search.'%'; - } - -//get the count - $sql = "select count(*) from view_groups "; - if ($_GET['show'] == "all" && permission_exists('group_all')) { - if (isset($sql_search)) { - $sql .= "where ".$sql_search; - } - } - else { - $sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) "; - if (isset($sql_search)) { - $sql .= "and ".$sql_search; - } - $parameters['domain_uuid'] = $domain_uuid; - } - $database = new database; - $num_rows = $database->select($sql, $parameters, 'column'); - -//prepare to page the results - $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; - $param = $search ? "&search=".$search : null; - $param = ($_GET['show'] == 'all' && permission_exists('group_all')) ? "&show=all" : null; - $page = is_numeric($_GET['page']) ? $_GET['page'] : 0; - list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); - list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); - $offset = $rows_per_page * $page; - -//get the list - $sql = str_replace('count(*)', '*', $sql); - $sql .= order_by($order_by, $order, 'group_name', 'asc'); - $sql .= limit_offset($rows_per_page, $offset); - $database = new database; - $groups = $database->select($sql, $parameters, 'all'); - unset($sql, $parameters); - -//create token - $object = new token; - $token = $object->create($_SERVER['PHP_SELF']); - -//include the header - $document['title'] = $text['title-groups']; - require_once "resources/header.php"; - -//show the content - echo "
\n"; - echo "
".$text['title-groups']." (".$num_rows.")
\n"; - echo "
\n"; - echo button::create(['type'=>'button','label'=>$text['button-users'],'icon'=>$_SESSION['theme']['button_icon_users'],'onclick'=>"window.location='../users/users.php'"]); - echo button::create(['type'=>'button','label'=>$text['button-restore_default'],'icon'=>$_SESSION['theme']['button_icon_sync'],'style'=>'margin-right: 15px;','link'=>'permissions_default.php']); - if (permission_exists('group_add')) { - echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','link'=>'group_edit.php']); - } - if (permission_exists('group_add') && $groups) { - echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'id'=>'btn_copy','name'=>'btn_copy','style'=>'display: none;','onclick'=>"modal_open('modal-copy','btn_copy');"]); - } - if (permission_exists('group_edit') && $groups) { - echo button::create(['type'=>'button','label'=>$text['button-toggle'],'icon'=>$_SESSION['theme']['button_icon_toggle'],'id'=>'btn_toggle','name'=>'btn_toggle','style'=>'display: none;','onclick'=>"modal_open('modal-toggle','btn_toggle');"]); - } - if (permission_exists('group_delete') && $groups) { - echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'id'=>'btn_delete','name'=>'btn_delete','style'=>'display: none;','onclick'=>"modal_open('modal-delete','btn_delete');"]); - } - echo "\n"; - echo "
\n"; - echo "
\n"; - echo "
\n"; - - if (permission_exists('group_add') && $groups) { - echo modal::create(['id'=>'modal-copy','type'=>'copy','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_copy','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('copy'); list_form_submit('form_list');"])]); - } - if (permission_exists('group_edit') && $groups) { - echo modal::create(['id'=>'modal-toggle','type'=>'toggle','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_toggle','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('toggle'); list_form_submit('form_list');"])]); - } - if (permission_exists('group_delete') && $groups) { - echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('delete'); list_form_submit('form_list');"])]); - } - - echo $text['description-groups']."\n"; - echo "

\n"; - - echo "
\n"; - echo "\n"; - echo "\n"; - - echo "\n"; - echo "\n"; - if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) { - echo " \n"; - } - if ($_GET['show'] == 'all' && permission_exists('group_all')) { - echo th_order_by('domain_name', $text['label-domain'], $order_by, $order); - } - echo th_order_by('group_name', $text['label-group_name'], $order_by, $order); - echo " \n"; - echo th_order_by('group_level', $text['label-group_level'], $order_by, $order, null, "class='center'"); - echo th_order_by('group_protected', $text['label-group_protected'], $order_by, $order, null, "class='center'"); - echo " \n"; - if (permission_exists('group_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { - echo " \n"; - } - echo "\n"; - - if (is_array($groups) && @sizeof($groups) != 0) { - $x = 0; - foreach ($groups as $row) { - if (permission_exists('group_edit')) { - $list_row_url = "group_edit.php?id=".urlencode($row['group_uuid']); - } - echo "\n"; - if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) { - echo " \n"; - } - if ($_GET['show'] == 'all' && permission_exists('group_all')) { - echo " \n"; - } - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - if (permission_exists('group_edit')) { - echo " \n"; - echo " \n"; - if (permission_exists('group_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { - echo " \n"; - } - echo "\n"; - $x++; - } - unset($groups); - } - - echo "
\n"; - echo " \n"; - echo " ".$text['label-tools']."".$text['label-group_description']." 
\n"; - echo " \n"; - echo " \n"; - echo " ".escape($_SESSION['domains'][$row['domain_uuid']]['domain_name'])."\n"; - if (permission_exists('group_edit')) { - echo " ".escape($row['group_name'])."\n"; - } - else { - echo " ".escape($row['group_name']); - } - echo " ".$text['label-group_permissions']." (".$row['group_permissions'].")".$text['label-group_members']." (".$row['group_members'].")".escape($row['group_level'])."\n"; - echo button::create(['type'=>'submit','class'=>'link','label'=>$text['label-'.$row['group_protected']],'title'=>$text['button-toggle'],'onclick'=>"list_self_check('checkbox_".$x."'); list_action_set('toggle'); list_form_submit('form_list')"]); - } - else { - echo " \n"; - echo $text['label-'.$row['group_protected']]; - } - echo " ".escape($row['group_description'])."\n"; - echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); - echo "
\n"; - echo "
\n"; - echo "
".$paging_controls."
\n"; - echo "\n"; - echo "
\n"; - -//include the footer - require_once "resources/footer.php"; - -?> + + Portions created by the Initial Developer are Copyright (C) 2018-2020 + the Initial Developer. All Rights Reserved. + + Contributor(s): + Mark J Crane +*/ + +//set the include path + $conf = glob("{/usr/local/etc,/etc}/fusionpbx/config.conf", GLOB_BRACE); + set_include_path(parse_ini_file($conf[0])['document.root']); + +//includes files + require_once "resources/require.php"; + require_once "resources/check_auth.php"; + require_once "resources/paging.php"; + +//check permissions + if (permission_exists('group_view')) { + //access granted + } + else { + echo "access denied"; + exit; + } + +//add multi-lingual support + $language = new text; + $text = $language->get(); + +//get the http post data + $groups = $_POST['groups'] ?? ''; + $action = $_POST['action'] ?? ''; + $search = $_REQUEST["search"] ?? ''; + $show = $_GET["show"] ?? ''; + +//process the http post data by action + if ($action != '' && is_array($groups) && @sizeof($groups) != 0) { + switch ($action) { + case 'copy': + if (permission_exists('group_add')) { + $obj = new groups; + $obj->copy($groups); + } + break; + case 'toggle': + if (permission_exists('group_edit')) { + $obj = new groups; + $obj->toggle($groups); + } + break; + case 'delete': + if (permission_exists('group_delete')) { + $obj = new groups; + $obj->delete($groups); + } + break; + } + + header('Location: groups.php'.($search != '' ? '?search='.urlencode($search) : null)); + exit; + } + +//get order and order by + $order_by = $_GET["order_by"] ?? ''; + $order = $_GET["order"] ?? ''; + +//add the search string + if (isset($search)) { + $search = strtolower($search); + } + +//set from session variables + $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + +//get the count + $sql = "select count(*) from view_groups \n"; + $sql .= "where true \n"; + if ($show == 'all' && permission_exists('group_all')) { + $sql .= "and (domain_uuid is not null or domain_uuid is null) "; + } + else { + $sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) "; + $parameters['domain_uuid'] = $domain_uuid; + } + if (!empty($search)) { + $sql .= "and ( \n"; + $sql .= " lower(group_name) like :search \n"; + $sql .= " or lower(group_description) like :search \n"; + $sql .= ") \n"; + $parameters['search'] = '%'.$search.'%'; + } + $database = new database; + $num_rows = $database->select($sql, $parameters ?? '', 'column'); + +//prepare to page the results + $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; + $param = $search ? "&search=".$search : null; + $param = ($show == 'all' && permission_exists('group_all')) ? "&show=all" : null; + $page = !empty($_GET['page']) ? $_GET['page'] : 0; + list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); + list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); + $offset = $rows_per_page * $page; + +//get the list + $sql = str_replace('count(*)', '*', $sql); + $sql .= order_by($order_by, $order, 'group_name', 'asc'); + $sql .= limit_offset($rows_per_page, $offset); + $database = new database; + $groups = $database->select($sql, $parameters ?? '', 'all'); + unset($sql, $parameters); + +//create token + $object = new token; + $token = $object->create($_SERVER['PHP_SELF']); + +//include the header + $document['title'] = $text['title-groups']; + require_once "resources/header.php"; + +//show the content + echo "
\n"; + echo "
".$text['title-groups']." (".$num_rows.")
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-users'],'icon'=>$_SESSION['theme']['button_icon_users'],'onclick'=>"window.location='../users/users.php'"]); + echo button::create(['type'=>'button','label'=>$text['button-restore_default'],'icon'=>$_SESSION['theme']['button_icon_sync'],'style'=>'margin-right: 15px;','link'=>'permissions_default.php']); + if (permission_exists('group_add')) { + echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','link'=>'group_edit.php']); + } + if (permission_exists('group_add') && $groups) { + echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'id'=>'btn_copy','name'=>'btn_copy','style'=>'display: none;','onclick'=>"modal_open('modal-copy','btn_copy');"]); + } + if (permission_exists('group_edit') && $groups) { + echo button::create(['type'=>'button','label'=>$text['button-toggle'],'icon'=>$_SESSION['theme']['button_icon_toggle'],'id'=>'btn_toggle','name'=>'btn_toggle','style'=>'display: none;','onclick'=>"modal_open('modal-toggle','btn_toggle');"]); + } + if (permission_exists('group_delete') && $groups) { + echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'id'=>'btn_delete','name'=>'btn_delete','style'=>'display: none;','onclick'=>"modal_open('modal-delete','btn_delete');"]); + } + echo "\n"; + echo "
\n"; + echo "
\n"; + echo "
\n"; + + if (permission_exists('group_add') && $groups) { + echo modal::create(['id'=>'modal-copy','type'=>'copy','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_copy','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('copy'); list_form_submit('form_list');"])]); + } + if (permission_exists('group_edit') && $groups) { + echo modal::create(['id'=>'modal-toggle','type'=>'toggle','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_toggle','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('toggle'); list_form_submit('form_list');"])]); + } + if (permission_exists('group_delete') && $groups) { + echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('delete'); list_form_submit('form_list');"])]); + } + + echo $text['description-groups']."\n"; + echo "

\n"; + + echo "
\n"; + echo "\n"; + echo "\n"; + + echo "\n"; + echo "\n"; + if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) { + echo " \n"; + } + if ($show == 'all' && permission_exists('group_all')) { + echo th_order_by('domain_name', $text['label-domain'], $order_by, $order); + } + echo th_order_by('group_name', $text['label-group_name'], $order_by, $order); + echo " \n"; + echo th_order_by('group_level', $text['label-group_level'], $order_by, $order, null, "class='center'"); + echo th_order_by('group_protected', $text['label-group_protected'], $order_by, $order, null, "class='center'"); + echo " \n"; + if (permission_exists('group_edit') && $list_row_edit_button == 'true') { + echo " \n"; + } + echo "\n"; + + if (is_array($groups) && @sizeof($groups) != 0) { + $x = 0; + foreach ($groups as $row) { + if (permission_exists('group_edit')) { + $list_row_url = "group_edit.php?id=".urlencode($row['group_uuid']); + } + echo "\n"; + if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) { + echo " \n"; + } + if ($show == 'all' && permission_exists('group_all')) { +echo " \n"; + } + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + if (permission_exists('group_edit')) { + echo " \n"; + echo " \n"; + if (permission_exists('group_edit') && $list_row_edit_button == 'true') { + echo " \n"; + } + echo "\n"; + $x++; + } + unset($groups); + } + + echo "
\n"; + echo " \n"; + echo " ".$text['label-tools']."".$text['label-group_description']." 
\n"; + echo " \n"; + echo " \n"; + echo " ".escape($row['domain_name'])."\n"; + if (permission_exists('group_edit')) { + echo " ".escape($row['group_name'])."\n"; + } + else { + echo " ".escape($row['group_name']); + } + echo " ".$text['label-group_permissions']." (".$row['group_permissions'].")".$text['label-group_members']." (".$row['group_members'].")".escape($row['group_level'])."\n"; + echo button::create(['type'=>'submit','class'=>'link','label'=>$text['label-'.$row['group_protected']],'title'=>$text['button-toggle'],'onclick'=>"list_self_check('checkbox_".$x."'); list_action_set('toggle'); list_form_submit('form_list')"]); + } + else { + echo " \n"; + echo $text['label-'.$row['group_protected']]; + } + echo " ".escape($row['group_description'])."\n"; + echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); + echo "
\n"; + echo "
\n"; + echo "
".$paging_controls."
\n"; + echo "\n"; + echo "
\n"; + +//include the footer + require_once "resources/footer.php"; + +?>