mirror of
https://github.com/fusionpbx/fusionpbx.git
synced 2025-12-30 00:53:50 +00:00
dda18481ec
* Use settings-get method - get default, domain and user settings - Replace _SESSION * Simplify get domain paging * Change isset using empty * Fix token name and hash * Add new default settings category: contact, name: default_sort_column, and default_sort_order * Update app_config.php * Update footer.php * Fix require.php and core/dashboard/index.php (#7563) * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Update destinations.php * Update permission.php * Update require.php --------- Co-authored-by: FusionPBX <markjcrane@gmail.com> Co-authored-by: FusionPBX <mark@fusionpbx.com> * Update header.php * Use settings get classes (#7567) * access_control * azure * azure * basic_operator_panel * bridges * call_block * call_broadcast * call_center * call_flows * call_forward * call_recordings * do_not_disturb * feature_event_notify * follow_me * remove unused object properties * fix esl command * fix esl command * conference_centers * conference_centers - remove whitespace * conference_controls * conference_profiles * conference_profiles * Delete core/websockets/resources/classes/socket_exception.php.original~ * Delete core/websockets/resources/classes/websocket_server.php.original~ * conferences * destinations * device * dialplan * email_queue * event_guard * extension_settings * extension * fax * fax_queue * fifo * gateways * ivr_menu * modules * switch_music_on_hold * number_translations * phrases * pin_numbers * provision * switch_recordings * registrations * ring_groups * sip_profiles * sofia_global_settings * streams * presence * switch_files * time_conditions * vars * voicemail_greetings * voicemail * ringbacks * contacts * xml_cdr * authentication * dashboard * default_settings * domain_settings * email_templates * permission * user_logs * user_settings * users * button * cache * captcha * remove cli_option * remove directory.php for switch_directory class * email * file * groups * event_socket use config object * Use intval to give an integer port * switch_settings * tones * fix object used before initialization * menu * fix copy paste error for switch_files.php * always include require.php for framework files * Fix missing properties * set the action * Use the $database object * Add missing class properties * Fix the domain_name * Use public scope for domain_uuid and domain_name * Add missing parameters * Correct the user_uuid parameter * Add json_validate and use it in the dashboard update indentation on functions.php * Intialize the active_registrations variable * Define the $parameters * Set a default value for user_setting_enabled * Add condition domain_uuid not empty * Add not empty condition for domain_uuid * Declare the global variables * Update how the defaults are set use ?? * Use ?? to set the default values * Update call_center_queue_edit.php * Prevent an error * Add domain_name property * Fix the null coalescing operator * Removed domain_uuid from the URL * Change condition to check sip_profile_domain_name * Refactor domain_uuid declaration and comments Removed redundant domain_uuid declaration and updated comments. * Account for an empty value * Refactor constructor to use settings array Updated constructor to accept settings array for domain UUID and database initialization. * Refactor xml_cdr.php to improve variable organization Removed duplicate domain_uuid declaration and reorganized private variables for better structure. * Enhance transcription button logic and icon display Updated transcription button visibility conditions and improved application icon handling in the call flow summary. * Refactor settings initialization in domains.php Updated settings initialization to include domain_uuid and user_uuid. * Modify domain change condition in require.php Updated condition to check if 'domain_change' is not empty before proceeding. * Set default_setting_enabled to true by default * Enhance domain UUID check in access controls * Enhance domain UUID check in settings list * Refactor category display logic in vars.php * Simplify list row URL generation Removed domain UUID check from list row URL construction. * Refactor module category display logic * Fix SQL query by removing parameters variable * Initialize result_count variable for call recordings * Refactor leg variable usage in xml_cdr_details.php * Update conference_room_edit.php * Change GET to REQUEST for order and search variables * Set timezone and SQL time format in recordings.php Added timezone and SQL time format settings. * Set default for ring group greeting * Improve domain UUID check in stream listing * Handle null voicemail_option_param safely * Add file existence check for greeting files Check if greeting file exists before getting size and date. * Improve domain UUID check in email templates * Update FIFO strategy dropdown and description text * Add multilingual agent descriptions Added multilingual descriptions for agents in the app_languages.php file. * Add music on hold descriptions * Add the chime list description Updated copyright year from 2024 to 2025. * Fix domain UUID check and handle email subject decoding * Add null coalescing for $value in email_test.php Ensure $value is not null by providing a default empty string. * Handle undefined dialplan_uuid in input field * Add translations for 'Status' label in multiple languages * Fix typo in config instance check --------- Co-authored-by: frytimo <tim@fusionpbx.com>
285 lines
7.7 KiB
PHP
285 lines
7.7 KiB
PHP
<?php
|
|
|
|
/**
|
|
* access controls class
|
|
*/
|
|
class access_controls {
|
|
|
|
/**
|
|
* declare constant variables
|
|
*/
|
|
const app_name = 'access_controls';
|
|
const app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
|
|
|
|
/**
|
|
* Set in the constructor. Must be a database object and cannot be null.
|
|
* @var database Database Object
|
|
*/
|
|
private $database;
|
|
|
|
/**
|
|
* Settings object set in the constructor. Must be a settings object and cannot be null.
|
|
* @var settings Settings Object
|
|
*/
|
|
private $settings;
|
|
|
|
/**
|
|
* User UUID set in the constructor. This can be passed in through the $settings_array associative array or set in the session global array
|
|
* @var string
|
|
*/
|
|
private $user_uuid;
|
|
|
|
/**
|
|
* Domain UUID set in the constructor. This can be passed in through the $settings_array associative array or set in the session global array
|
|
* @var string
|
|
*/
|
|
private $domain_uuid;
|
|
|
|
/**
|
|
* declare private variables
|
|
*/
|
|
private $permission_prefix;
|
|
private $list_page;
|
|
private $table;
|
|
private $uuid_prefix;
|
|
|
|
/**
|
|
* called when the object is created
|
|
*/
|
|
public function __construct(array $setting_array = []) {
|
|
//set domain and user UUIDs
|
|
$this->domain_uuid = $setting_array['domain_uuid'] ?? $_SESSION['domain_uuid'] ?? '';
|
|
$this->user_uuid = $setting_array['user_uuid'] ?? $_SESSION['user_uuid'] ?? '';
|
|
|
|
//set objects
|
|
$config = $setting_array['config'] ?? config::load();
|
|
$this->database = $setting_array['database'] ?? database::new(['config' => $config]);
|
|
|
|
//assign private variables
|
|
$this->list_page = 'access_controls.php';
|
|
}
|
|
|
|
/**
|
|
* delete records
|
|
*/
|
|
public function delete($records) {
|
|
|
|
//assign private variables
|
|
$this->permission_prefix = 'access_control_';
|
|
$this->table = 'access_controls';
|
|
$this->uuid_prefix = 'access_control_';
|
|
|
|
if (permission_exists($this->permission_prefix . 'delete')) {
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
message::add($text['message-invalid_token'], 'negative');
|
|
header('Location: ' . $this->list_page);
|
|
exit;
|
|
}
|
|
|
|
//delete multiple records
|
|
if (is_array($records) && @sizeof($records) != 0) {
|
|
|
|
//build the delete array
|
|
foreach ($records as $x => $record) {
|
|
if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
|
|
$array[$this->table][$x][$this->uuid_prefix . 'uuid'] = $record['uuid'];
|
|
$array['access_control_nodes'][$x][$this->uuid_prefix . 'uuid'] = $record['uuid'];
|
|
}
|
|
}
|
|
|
|
//delete the checked rows
|
|
if (is_array($array) && @sizeof($array) != 0) {
|
|
|
|
//grant temporary permissions
|
|
$p = permissions::new();
|
|
$p->add('access_control_node_delete', 'temp');
|
|
|
|
//execute delete
|
|
$this->database->delete($array);
|
|
unset($array);
|
|
|
|
//revoke temporary permissions
|
|
$p->delete('access_control_node_delete', 'temp');
|
|
|
|
//clear the cache
|
|
$cache = new cache;
|
|
$cache->delete("configuration:acl.conf");
|
|
|
|
//create the event socket connection
|
|
event_socket::async("reloadacl");
|
|
|
|
//set message
|
|
message::add($text['message-delete']);
|
|
}
|
|
unset($records);
|
|
}
|
|
}
|
|
}
|
|
|
|
public function delete_nodes($records) {
|
|
|
|
//assign private variables
|
|
$this->permission_prefix = 'access_control_node_';
|
|
$this->table = 'access_control_nodes';
|
|
$this->uuid_prefix = 'access_control_node_';
|
|
|
|
if (permission_exists($this->permission_prefix . 'delete')) {
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate('/app/access_controls/access_control_nodes.php')) {
|
|
message::add($text['message-invalid_token'], 'negative');
|
|
header('Location: ' . $this->list_page);
|
|
exit;
|
|
}
|
|
|
|
//delete multiple records
|
|
if (is_array($records) && @sizeof($records) != 0) {
|
|
|
|
//build the delete array
|
|
foreach ($records as $x => $record) {
|
|
if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
|
|
$array[$this->table][$x][$this->uuid_prefix . 'uuid'] = $record['uuid'];
|
|
}
|
|
}
|
|
|
|
//delete the checked rows
|
|
if (is_array($array) && @sizeof($array) != 0) {
|
|
|
|
//execute delete
|
|
$this->database->delete($array);
|
|
unset($array);
|
|
|
|
//clear the cache
|
|
$cache = new cache;
|
|
$cache->delete("configuration:acl.conf");
|
|
|
|
//create the event socket connection
|
|
event_socket::async("reloadacl");
|
|
|
|
//set message
|
|
message::add($text['message-delete']);
|
|
}
|
|
unset($records);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* copy records
|
|
*/
|
|
public function copy($records) {
|
|
|
|
//assign private variables
|
|
$this->permission_prefix = 'access_control_';
|
|
$this->table = 'access_controls';
|
|
$this->uuid_prefix = 'access_control_';
|
|
|
|
if (permission_exists($this->permission_prefix . 'add')) {
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
message::add($text['message-invalid_token'], 'negative');
|
|
header('Location: ' . $this->list_page);
|
|
exit;
|
|
}
|
|
|
|
//copy the checked records
|
|
if (is_array($records) && @sizeof($records) != 0) {
|
|
|
|
//get checked records
|
|
foreach ($records as $x => $record) {
|
|
if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
|
|
$uuids[] = "'" . $record['uuid'] . "'";
|
|
}
|
|
}
|
|
|
|
//create insert array from existing data
|
|
if (is_array($uuids) && @sizeof($uuids) != 0) {
|
|
|
|
//primary table
|
|
$sql = "select * from v_" . $this->table . " ";
|
|
$sql .= "where " . $this->uuid_prefix . "uuid in (" . implode(', ', $uuids) . ") ";
|
|
$rows = $this->database->select($sql, $parameters, 'all');
|
|
if (is_array($rows) && @sizeof($rows) != 0) {
|
|
$y = 0;
|
|
foreach ($rows as $x => $row) {
|
|
$primary_uuid = uuid();
|
|
|
|
//copy data
|
|
$array[$this->table][$x] = $row;
|
|
|
|
//overwrite
|
|
$array[$this->table][$x][$this->uuid_prefix . 'uuid'] = $primary_uuid;
|
|
$array[$this->table][$x]['access_control_description'] = trim($row['access_control_description'] . ' (' . $text['label-copy'] . ')');
|
|
|
|
//nodes sub table
|
|
$sql_2 = "select * from v_access_control_nodes where access_control_uuid = :access_control_uuid";
|
|
$parameters_2['access_control_uuid'] = $row['access_control_uuid'];
|
|
$rows_2 = $this->database->select($sql_2, $parameters_2, 'all');
|
|
if (is_array($rows_2) && @sizeof($rows_2) != 0) {
|
|
foreach ($rows_2 as $row_2) {
|
|
|
|
//copy data
|
|
$array['access_control_nodes'][$y] = $row_2;
|
|
|
|
//overwrite
|
|
$array['access_control_nodes'][$y]['access_control_node_uuid'] = uuid();
|
|
$array['access_control_nodes'][$y]['access_control_uuid'] = $primary_uuid;
|
|
|
|
//increment
|
|
$y++;
|
|
}
|
|
}
|
|
unset($sql_2, $parameters_2, $rows_2, $row_2);
|
|
}
|
|
}
|
|
unset($sql, $parameters, $rows, $row);
|
|
}
|
|
|
|
//save the changes and set the message
|
|
if (is_array($array) && @sizeof($array) != 0) {
|
|
|
|
//grant temporary permissions
|
|
$p = permissions::new();
|
|
$p->add('access_control_node_add', 'temp');
|
|
|
|
//save the array
|
|
$this->database->save($array);
|
|
unset($array);
|
|
|
|
//revoke temporary permissions
|
|
$p->delete('access_control_node_add', 'temp');
|
|
|
|
//clear the cache
|
|
$cache = new cache;
|
|
$cache->delete("configuration:acl.conf");
|
|
|
|
//create the event socket connection
|
|
event_socket::async("reloadacl");
|
|
|
|
//set message
|
|
message::add($text['message-copy']);
|
|
}
|
|
unset($records);
|
|
}
|
|
}
|
|
}
|
|
}
|