mirror of
https://github.com/fusionpbx/fusionpbx.git
synced 2025-12-30 00:53:50 +00:00
585 lines
18 KiB
PHP
585 lines
18 KiB
PHP
<?php
|
|
/*
|
|
FusionPBX
|
|
Version: MPL 1.1
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
the License. You may obtain a copy of the License at
|
|
http://www.mozilla.org/MPL/
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
for the specific language governing rights and limitations under the
|
|
License.
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
The Initial Developer of the Original Code is
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
Portions created by the Initial Developer are Copyright (C) 2016-2025
|
|
the Initial Developer. All Rights Reserved.
|
|
|
|
Contributor(s):
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
*/
|
|
|
|
/**
|
|
* groups class provides methods for add, delete groups, and add default groups
|
|
*
|
|
*/
|
|
class groups {
|
|
|
|
/**
|
|
* declare constant variables
|
|
*/
|
|
const app_name = 'groups';
|
|
const app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
|
|
|
/**
|
|
* declare public variables
|
|
*/
|
|
public $group_uuid;
|
|
public $group_level;
|
|
|
|
/**
|
|
* declare private variables
|
|
*/
|
|
private $database;
|
|
private $groups;
|
|
private $name;
|
|
private $table;
|
|
private $toggle_field;
|
|
private $toggle_values;
|
|
private $location;
|
|
private $user_uuid;
|
|
private $domain_uuid;
|
|
|
|
/**
|
|
* Initializes the object with database connection, domain UUID and user UUID.
|
|
*
|
|
* @param database|null $database Database instance or null to use default
|
|
* @param string|null $domain_uuid Domain UUID or null to set later
|
|
* @param string|null $user_uuid User UUID or null to set later
|
|
*/
|
|
public function __construct(?database $database = null, $domain_uuid = null, $user_uuid = null) {
|
|
|
|
//handle the database object
|
|
$this->database = $database ?? database::new();
|
|
|
|
//set the domain_uuid
|
|
if (is_uuid($domain_uuid)) {
|
|
$this->domain_uuid = $domain_uuid;
|
|
}
|
|
|
|
//set the user_uuid
|
|
if (is_uuid($user_uuid)) {
|
|
$this->user_uuid = $user_uuid;
|
|
}
|
|
|
|
//get the list of groups the user is a member of
|
|
if (!empty($this->domain_uuid) && !empty($this->user_uuid)) {
|
|
//get the groups and save them to the groups variable
|
|
$this->groups = $this->assigned();
|
|
|
|
//get the users group level
|
|
$group_level = 0;
|
|
foreach ($this->groups as $row) {
|
|
if ($this->group_level < $row['group_level']) {
|
|
$this->group_level = $row['group_level'];
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Retrieves assigned user groups for a given user.
|
|
*
|
|
* This method executes a SQL query to retrieve the assigned user groups
|
|
* for the specified domain and user. The results are returned as an array.
|
|
*
|
|
* @return array|null An array of assigned user groups, or null if no groups are assigned.
|
|
*/
|
|
public function assigned() {
|
|
$sql = "select ";
|
|
$sql .= "u.user_group_uuid, ";
|
|
$sql .= "u.domain_uuid, ";
|
|
$sql .= "u.user_uuid, ";
|
|
$sql .= "u.group_uuid, ";
|
|
$sql .= "g.group_name, ";
|
|
$sql .= "g.group_level ";
|
|
$sql .= "from ";
|
|
$sql .= "v_user_groups as u, ";
|
|
$sql .= "v_groups as g ";
|
|
$sql .= "where u.domain_uuid = :domain_uuid ";
|
|
$sql .= "and u.user_uuid = :user_uuid ";
|
|
$sql .= "and u.group_uuid = g.group_uuid ";
|
|
$parameters['domain_uuid'] = $this->domain_uuid;
|
|
$parameters['user_uuid'] = $this->user_uuid;
|
|
$groups = $this->database->select($sql, $parameters, 'all');
|
|
unset($sql, $parameters);
|
|
if (!empty($groups)) {
|
|
return $groups;
|
|
} else {
|
|
return [];
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the groups for the current context.
|
|
*
|
|
* @return array An array of group information.
|
|
*/
|
|
public function get_groups() {
|
|
//return the groups
|
|
return $this->groups;
|
|
}
|
|
|
|
/**
|
|
* Delete multiple group member records.
|
|
*
|
|
* @param array $records Array of checked records to delete.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function delete_members($records) {
|
|
//assign the variables
|
|
$this->name = 'group_member';
|
|
$this->table = 'user_groups';
|
|
$this->location = 'group_members.php?group_uuid=' . $this->group_uuid;
|
|
|
|
if (permission_exists($this->name . '_delete')) {
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
message::add($text['message-invalid_token'], 'negative');
|
|
header('Location: ' . $this->location);
|
|
exit;
|
|
}
|
|
|
|
//delete multiple records
|
|
if (is_array($records) && @sizeof($records) != 0) {
|
|
//build array of checked records
|
|
foreach ($records as $x => $record) {
|
|
if (!empty($record['checked']) && $record['checked'] == 'true' && is_uuid($record['uuid'])) {
|
|
$array[$this->table][$x]['user_uuid'] = $record['uuid'];
|
|
$array[$this->table][$x]['group_uuid'] = $this->group_uuid;
|
|
}
|
|
}
|
|
|
|
//delete the checked rows
|
|
if (is_array($array) && @sizeof($array) != 0) {
|
|
|
|
//grant temporary permissions
|
|
$p = permissions::new();
|
|
$p->add('user_group_delete', 'temp');
|
|
|
|
//execute delete
|
|
$this->database->delete($array);
|
|
unset($array);
|
|
|
|
//revoke temporary permissions
|
|
$p->delete('user_group_delete', 'temp');
|
|
|
|
//set message
|
|
message::add($text['message-delete']);
|
|
}
|
|
unset($records);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Deletes one or multiple records.
|
|
*
|
|
* @param array $records An array of record IDs to delete, where each ID is an associative array
|
|
* containing 'uuid' and 'checked' keys. The 'checked' value indicates
|
|
* whether the corresponding checkbox was checked for deletion.
|
|
*
|
|
* @return void No return value; this method modifies the database state and sets a message.
|
|
*/
|
|
public function delete($records) {
|
|
//assign the variables
|
|
$this->name = 'group';
|
|
$this->table = 'groups';
|
|
$this->location = 'groups.php';
|
|
|
|
if (permission_exists($this->name . '_delete')) {
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
message::add($text['message-invalid_token'], 'negative');
|
|
header('Location: ' . $this->location);
|
|
exit;
|
|
}
|
|
|
|
//delete multiple records
|
|
if (is_array($records) && @sizeof($records) != 0) {
|
|
//build array of checked records
|
|
foreach ($records as $x => $record) {
|
|
if (!empty($record['checked']) && $record['checked'] == 'true' && is_uuid($record['uuid'])) {
|
|
$array[$this->table][$x][$this->name . '_uuid'] = $record['uuid'];
|
|
$array['group_permissions'][$x][$this->name . '_uuid'] = $record['uuid'];
|
|
}
|
|
}
|
|
|
|
//delete the checked rows
|
|
if (is_array($array) && @sizeof($array) != 0) {
|
|
|
|
//grant temporary permissions
|
|
$p = permissions::new();
|
|
$p->add('group_permission_delete', 'temp');
|
|
|
|
//execute delete
|
|
$this->database->delete($array);
|
|
unset($array);
|
|
|
|
//revoke temporary permissions
|
|
$p->delete('group_permission_delete', 'temp');
|
|
|
|
//set message
|
|
message::add($text['message-delete']);
|
|
}
|
|
unset($records);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Toggles the state of one or more records.
|
|
*
|
|
* @param array $records An array of record IDs to delete, where each ID is an associative array
|
|
* containing 'uuid' and 'checked' keys. The 'checked' value indicates
|
|
* whether the corresponding checkbox was checked for deletion.
|
|
*
|
|
* @return void No return value; this method modifies the database state and sets a message.
|
|
*/
|
|
public function toggle($records) {
|
|
//assign the variables
|
|
$this->name = 'group';
|
|
$this->table = 'groups';
|
|
$this->toggle_field = 'group_protected';
|
|
$this->toggle_values = ['true', 'false'];
|
|
$this->location = 'groups.php';
|
|
|
|
if (permission_exists($this->name . '_edit')) {
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
message::add($text['message-invalid_token'], 'negative');
|
|
header('Location: ' . $this->location);
|
|
exit;
|
|
}
|
|
|
|
//toggle the checked records
|
|
if (is_array($records) && @sizeof($records) != 0) {
|
|
//get current toggle state
|
|
foreach ($records as $record) {
|
|
if (!empty($record['checked']) && $record['checked'] == 'true' && is_uuid($record['uuid'])) {
|
|
$uuids[] = "'" . $record['uuid'] . "'";
|
|
}
|
|
}
|
|
if (is_array($uuids) && @sizeof($uuids) != 0) {
|
|
$sql = "select " . $this->name . "_uuid as uuid, " . $this->toggle_field . " as toggle from v_" . $this->table . " ";
|
|
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
|
$sql .= "and " . $this->name . "_uuid in (" . implode(', ', $uuids) . ") ";
|
|
$parameters['domain_uuid'] = $this->domain_uuid;
|
|
$rows = $this->database->select($sql, $parameters, 'all');
|
|
if (is_array($rows) && @sizeof($rows) != 0) {
|
|
foreach ($rows as $row) {
|
|
$states[$row['uuid']] = $row['toggle'];
|
|
}
|
|
}
|
|
unset($sql, $parameters, $rows, $row);
|
|
}
|
|
|
|
//build update array
|
|
$x = 0;
|
|
foreach ($states as $uuid => $state) {
|
|
//create the array
|
|
$array[$this->table][$x][$this->name . '_uuid'] = $uuid;
|
|
$array[$this->table][$x][$this->toggle_field] = $state == $this->toggle_values[0] ? $this->toggle_values[1] : $this->toggle_values[0];
|
|
|
|
//increment the id
|
|
$x++;
|
|
}
|
|
|
|
//save the changes
|
|
if (is_array($array) && @sizeof($array) != 0) {
|
|
//save the array
|
|
$this->database->save($array);
|
|
unset($array);
|
|
|
|
//set message
|
|
message::add($text['message-toggle']);
|
|
}
|
|
unset($records, $states);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Copies one or more records
|
|
*
|
|
* @param array $records An array of record IDs to delete, where each ID is an associative array
|
|
* containing 'uuid' and 'checked' keys. The 'checked' value indicates
|
|
* whether the corresponding checkbox was checked for deletion.
|
|
*
|
|
* @return void No return value; this method modifies the database state and sets a message.
|
|
*/
|
|
public function copy($records) {
|
|
//assign the variables
|
|
$this->name = 'group';
|
|
$this->table = 'groups';
|
|
$this->location = 'groups.php';
|
|
|
|
if (permission_exists($this->name . '_add')) {
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
message::add($text['message-invalid_token'], 'negative');
|
|
header('Location: ' . $this->location);
|
|
exit;
|
|
}
|
|
|
|
//copy the checked records
|
|
if (is_array($records) && @sizeof($records) != 0) {
|
|
|
|
//get checked records
|
|
foreach ($records as $record) {
|
|
if (!empty($record['checked']) && $record['checked'] == 'true' && is_uuid($record['uuid'])) {
|
|
$uuids[] = "'" . $record['uuid'] . "'";
|
|
}
|
|
}
|
|
|
|
//create the array from existing data
|
|
if (is_array($uuids) && @sizeof($uuids) != 0) {
|
|
|
|
//primary table
|
|
$sql = "select * from v_" . $this->table . " ";
|
|
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
|
$sql .= "and " . $this->name . "_uuid in (" . implode(', ', $uuids) . ") ";
|
|
$parameters['domain_uuid'] = $this->domain_uuid;
|
|
$rows = $this->database->select($sql, $parameters, 'all');
|
|
if (is_array($rows) && @sizeof($rows) != 0) {
|
|
$y = 0;
|
|
foreach ($rows as $x => $row) {
|
|
$primary_uuid = uuid();
|
|
|
|
//convert boolean values to a string
|
|
foreach ($row as $key => $value) {
|
|
if (gettype($value) == 'boolean') {
|
|
$value = $value ? 'true' : 'false';
|
|
$row[$key] = $value;
|
|
}
|
|
}
|
|
|
|
//copy data
|
|
$array[$this->table][$x] = $row;
|
|
|
|
//overwrite
|
|
$array[$this->table][$x][$this->name . '_uuid'] = $primary_uuid;
|
|
$array[$this->table][$x][$this->name . '_description'] = trim($row[$this->name . '_description']) . ' (' . $text['label-copy'] . ')';
|
|
|
|
//permissions sub table
|
|
$sql_2 = "select * from v_group_permissions where group_uuid = :group_uuid";
|
|
$parameters_2['group_uuid'] = $row['group_uuid'];
|
|
$rows_2 = $this->database->select($sql_2, $parameters_2, 'all');
|
|
if (is_array($rows_2) && @sizeof($rows_2) != 0) {
|
|
foreach ($rows_2 as $row_2) {
|
|
//convert boolean values to a string
|
|
foreach ($row_2 as $key => $value) {
|
|
if (gettype($value) == 'boolean') {
|
|
$value = $value ? 'true' : 'false';
|
|
$row_2[$key] = $value;
|
|
}
|
|
}
|
|
|
|
//copy data
|
|
$array['group_permissions'][$y] = $row_2;
|
|
|
|
//overwrite
|
|
$array['group_permissions'][$y]['group_permission_uuid'] = uuid();
|
|
$array['group_permissions'][$y]['group_uuid'] = $primary_uuid;
|
|
|
|
//increment
|
|
$y++;
|
|
|
|
}
|
|
}
|
|
unset($sql_2, $parameters_2, $rows_2, $row_2);
|
|
}
|
|
}
|
|
unset($sql, $parameters, $rows, $row);
|
|
}
|
|
|
|
//save the changes and set the message
|
|
if (is_array($array) && @sizeof($array) != 0) {
|
|
//save the array
|
|
$this->database->save($array);
|
|
unset($array);
|
|
|
|
//set message
|
|
message::add($text['message-copy']);
|
|
}
|
|
unset($records);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Set default groups and permissions if none are set.
|
|
*
|
|
* This method checks for the presence of groups and group permissions in the database.
|
|
* If no groups or group permissions exist, it sets default values.
|
|
*/
|
|
public function defaults() {
|
|
|
|
//if the are no groups add the default groups
|
|
$sql = "select * from v_groups ";
|
|
$sql .= "where domain_uuid is null ";
|
|
$result = $this->database->select($sql, null, 'all');
|
|
if (count($result) == 0) {
|
|
$x = 0;
|
|
$array['groups'][$x]['group_uuid'] = uuid();
|
|
$array['groups'][$x]['domain_uuid'] = null;
|
|
$array['groups'][$x]['group_name'] = 'superadmin';
|
|
$array['groups'][$x]['group_level'] = '80';
|
|
$array['groups'][$x]['group_description'] = 'Super Administrator Group';
|
|
$array['groups'][$x]['group_protected'] = 'false';
|
|
$group_uuids[$array['groups'][$x]['group_name']] = $array['groups'][$x]['group_uuid'];
|
|
$x++;
|
|
$array['groups'][$x]['group_uuid'] = uuid();
|
|
$array['groups'][$x]['domain_uuid'] = null;
|
|
$array['groups'][$x]['group_name'] = 'admin';
|
|
$array['groups'][$x]['group_level'] = '50';
|
|
$array['groups'][$x]['group_description'] = 'Administrator Group';
|
|
$array['groups'][$x]['group_protected'] = 'false';
|
|
$group_uuids[$array['groups'][$x]['group_name']] = $array['groups'][$x]['group_uuid'];
|
|
$x++;
|
|
$array['groups'][$x]['group_uuid'] = uuid();
|
|
$array['groups'][$x]['domain_uuid'] = null;
|
|
$array['groups'][$x]['group_name'] = 'user';
|
|
$array['groups'][$x]['group_level'] = '30';
|
|
$array['groups'][$x]['group_description'] = 'User Group';
|
|
$array['groups'][$x]['group_protected'] = 'false';
|
|
$group_uuids[$array['groups'][$x]['group_name']] = $array['groups'][$x]['group_uuid'];
|
|
$x++;
|
|
$array['groups'][$x]['group_uuid'] = uuid();
|
|
$array['groups'][$x]['domain_uuid'] = null;
|
|
$array['groups'][$x]['group_name'] = 'agent';
|
|
$array['groups'][$x]['group_level'] = '20';
|
|
$array['groups'][$x]['group_description'] = 'Call Center Agent Group';
|
|
$array['groups'][$x]['group_protected'] = 'false';
|
|
$group_uuids[$array['groups'][$x]['group_name']] = $array['groups'][$x]['group_uuid'];
|
|
$x++;
|
|
$array['groups'][$x]['group_uuid'] = uuid();
|
|
$array['groups'][$x]['domain_uuid'] = null;
|
|
$array['groups'][$x]['group_name'] = 'fax';
|
|
$array['groups'][$x]['group_level'] = '20';
|
|
$array['groups'][$x]['group_description'] = 'Fax User Group';
|
|
$array['groups'][$x]['group_protected'] = 'false';
|
|
$group_uuids[$array['groups'][$x]['group_name']] = $array['groups'][$x]['group_uuid'];
|
|
$x++;
|
|
$array['groups'][$x]['group_uuid'] = uuid();
|
|
$array['groups'][$x]['domain_uuid'] = null;
|
|
$array['groups'][$x]['group_name'] = 'public';
|
|
$array['groups'][$x]['group_level'] = '10';
|
|
$array['groups'][$x]['group_description'] = 'Public Group';
|
|
$array['groups'][$x]['group_protected'] = 'false';
|
|
$group_uuids[$array['groups'][$x]['group_name']] = $array['groups'][$x]['group_uuid'];
|
|
|
|
//add the temporary permissions
|
|
$p = permissions::new();
|
|
$p->add("group_add", "temp");
|
|
$p->add("group_edit", "temp");
|
|
|
|
//save the data to the database
|
|
$this->database->save($array);
|
|
unset($array);
|
|
|
|
//remove the temporary permission
|
|
$p->delete("group_add", "temp");
|
|
$p->delete("group_edit", "temp");
|
|
}
|
|
unset($result);
|
|
|
|
//if there are no permissions listed in v_group_permissions then set the default permissions
|
|
$sql = "select count(*) from v_group_permissions ";
|
|
$sql .= "where domain_uuid is null ";
|
|
$num_rows = $this->database->select($sql, null, 'column');
|
|
if ($num_rows == 0) {
|
|
//build the apps array
|
|
$config_list = glob(dirname(__DIR__, 2) . "/*/*/app_config.php");
|
|
$x = 0;
|
|
foreach ($config_list as $config_path) {
|
|
include($config_path);
|
|
$x++;
|
|
}
|
|
|
|
//no permissions found add the defaults
|
|
foreach ($apps as $app) {
|
|
if (is_array($app['permissions'])) foreach ($app['permissions'] as $row) {
|
|
if (is_array($row['groups'])) foreach ($row['groups'] as $group) {
|
|
$x++;
|
|
$array['group_permissions'][$x]['group_permission_uuid'] = uuid();
|
|
$array['group_permissions'][$x]['domain_uuid'] = null;
|
|
$array['group_permissions'][$x]['permission_name'] = $row['name'];
|
|
$array['group_permissions'][$x]['permission_protected'] = 'false';
|
|
$array['group_permissions'][$x]['permission_assigned'] = 'true';
|
|
$array['group_permissions'][$x]['group_name'] = $group;
|
|
$array['group_permissions'][$x]['group_uuid'] = $group_uuids[$group];
|
|
}
|
|
}
|
|
}
|
|
unset($group_uuids);
|
|
|
|
//add the temporary permissions
|
|
$p = permissions::new();
|
|
$p->add("group_permission_add", "temp");
|
|
$p->add("group_permission_edit", "temp");
|
|
|
|
//save the data to the database
|
|
$this->database->save($array);
|
|
unset($array);
|
|
|
|
//remove the temporary permission
|
|
$p->delete("group_permission_add", "temp");
|
|
$p->delete("group_permission_edit", "temp");
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Stores user data and groups in the session.
|
|
*
|
|
* This method populates several session variables with relevant user and group information.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function session() {
|
|
$_SESSION["groups"] = $this->groups;
|
|
$_SESSION["user"]["groups"] = $this->groups;
|
|
$_SESSION["user"]["group_level"] = $this->group_level;
|
|
}
|
|
}
|