dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make groups and group permissions global. Managing these per domain is too much work to manage per domain.

This commit is contained in:
Mark Crane 2014-12-26 06:37:07 +00:00
parent 630177eb55
commit 1b1738ed3f
9 changed files with 203 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
core/users/app_config.php
View File

@ -43,15 +43,12 @@
$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
$y++;
$apps[$x]['permissions'][$y]['name'] = "group_add";
$apps[$x]['permissions'][$y]['groups'][] = "admin";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
$y++;
$apps[$x]['permissions'][$y]['name'] = "group_edit";
$apps[$x]['permissions'][$y]['groups'][] = "admin";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
$y++;
$apps[$x]['permissions'][$y]['name'] = "group_delete";
$apps[$x]['permissions'][$y]['groups'][] = "admin";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
$y++;
$apps[$x]['permissions'][$y]['name'] = "group_member_view";
@ -234,6 +231,7 @@
$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['table'] = "v_domains";
$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['field'] = "domain_uuid";
$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "";
$apps[$x]['db'][$y]['fields'][$z]['deprecated'] = "true";
$z++;
$apps[$x]['db'][$y]['fields'][$z]['name'] = "v_id";
$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
@ -337,6 +335,7 @@
$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['table'] = "v_domains";
$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['field'] = "domain_uuid";
$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "";
$apps[$x]['db'][$y]['fields'][$z]['deprecated'] = "true";
$z++;
$apps[$x]['db'][$y]['fields'][$z]['name'] = "v_id";
$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";

57
core/users/group_permissions.php
View File

@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2012
Portions created by the Initial Developer are Copyright (C) 2008-2014
the Initial Developer. All Rights Reserved.
Contributor(s):
@ -25,15 +25,16 @@
*/
require_once "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
if (permission_exists('group_permissions') || if_group("superadmin")) {
//access granted
}
else {
echo "access denied";
exit;
}
//check permisions
require_once "resources/check_auth.php";
if (permission_exists('group_permissions') || if_group("superadmin")) {
//access granted
}
else {
echo "access denied";
exit;
}
//add multi-lingual support
require_once "app_languages.php";
@ -41,10 +42,12 @@ else {
$text[$key] = $value[$_SESSION['domain']['language']['code']];
}
require_once "resources/header.php";
$document['title'] = $text['title-group_permissions'];
//include the header
$document['title'] = $text['title-group_permissions'];
require_once "resources/header.php";
require_once "resources/paging.php";
//include paging
require_once "resources/paging.php";
//get the list of installed apps from the core and mod directories
$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
@ -73,14 +76,12 @@ require_once "resources/paging.php";
$sql = "insert into v_group_permissions ";
$sql .= "(";
$sql .= "group_permission_uuid, ";
$sql .= "domain_uuid, ";
$sql .= "permission_name, ";
$sql .= "group_name ";
$sql .= ")";
$sql .= "values ";
$sql .= "(";
$sql .= "'".uuid()."', ";
$sql .= "'$domain_uuid', ";
$sql .= "'".$row['name']."', ";
$sql .= "'".$group."' ";
$sql .= ")";
@ -96,8 +97,7 @@ require_once "resources/paging.php";
//get the permissions assigned to this group
$sql = " select * from v_group_permissions ";
$sql .= "where domain_uuid = '$domain_uuid' ";
$sql .= "and group_name = '$group_name' ";
$sql .= "where group_name = '$group_name' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@ -163,8 +163,7 @@ require_once "resources/paging.php";
if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") {
//delete the record
$sql = "delete from v_group_permissions ";
$sql .= "where domain_uuid = '$domain_uuid' ";
$sql .= "and group_name = '$group_name' ";
$sql .= "where group_name = '$group_name' ";
$sql .= "and permission_name = '$permission' ";
$db->exec(check_sql($sql));
unset($sql);
@ -180,8 +179,7 @@ require_once "resources/paging.php";
$db->exec(check_sql($sql));
unset($sql);
$sql = "";
$sql .= " select menu_item_parent_uuid from v_menu_items ";
$sql = " select menu_item_parent_uuid from v_menu_items ";
$sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$prep_statement = $db->prepare(check_sql($sql));
@ -192,8 +190,7 @@ require_once "resources/paging.php";
}
unset ($prep_statement);
$sql = "";
$sql .= " select * from v_menu_items as i, v_menu_item_groups as g ";
$sql = " select * from v_menu_items as i, v_menu_item_groups as g ";
$sql .= "where i.menu_item_uuid = g.menu_item_uuid ";
$sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$sql .= "and i.menu_item_parent_uuid = '$menu_item_parent_uuid' ";
@ -211,9 +208,6 @@ require_once "resources/paging.php";
unset($sql);
}
unset ($prep_statement);
}
}
}
@ -225,14 +219,12 @@ require_once "resources/paging.php";
$sql = "insert into v_group_permissions ";
$sql .= "(";
$sql .= "group_permission_uuid, ";
$sql .= "domain_uuid, ";
$sql .= "permission_name, ";
$sql .= "group_name ";
$sql .= ")";
$sql .= "values ";
$sql .= "(";
$sql .= "'".uuid()."', ";
$sql .= "'$domain_uuid', ";
$sql .= "'$permission', ";
$sql .= "'$group_name' ";
$sql .= ")";
@ -258,8 +250,7 @@ require_once "resources/paging.php";
$db->exec(check_sql($sql));
unset($sql);
$sql = "";
$sql .= " select menu_item_parent_uuid from v_menu_items ";
$sql = " select menu_item_parent_uuid from v_menu_items ";
$sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
$prep_statement = $db->prepare(check_sql($sql));
@ -270,8 +261,7 @@ require_once "resources/paging.php";
}
unset ($prep_statement);
$sql = "";
$sql .= " select * from v_menu_item_groups ";
$sql = " select * from v_menu_item_groups ";
$sql .= "where menu_item_uuid = '$menu_item_parent_uuid' ";
$sql .= "and group_name = '$group_name' ";
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
@ -310,8 +300,7 @@ require_once "resources/paging.php";
return;
}
// copy group javascript
//copy group javascript
echo "<script language='javascript' type='text/javascript'>\n";
echo " function copy_group() {\n";
echo " var new_group_name;\n";
@ -402,4 +391,4 @@ require_once "resources/paging.php";
//show the footer
require_once "resources/footer.php";
?>
?>

77
core/users/groupadd.php
View File

@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2012
Portions created by the Initial Developer are Copyright (C) 2008-2014
the Initial Developer. All Rights Reserved.
Contributor(s):
@ -25,14 +25,16 @@
*/
include "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
if (permission_exists('group_add')) {
//access allowed
}
else {
echo "access denied";
return;
}
//check permissions
require_once "resources/check_auth.php";
if (permission_exists('group_add')) {
//access allowed
}
else {
echo "access denied";
return;
}
//add multi-lingual support
require_once "app_languages.php";
@ -46,35 +48,34 @@ else {
$group_name = check_str($_POST["group_name"]);
$group_description = check_str($_POST["group_description"]);
if (strlen($group_name) > 0) {
$sql_insert = "insert into v_groups ";
$sql_insert .= "(";
$sql_insert .= "domain_uuid, ";
$sql_insert .= "group_uuid, ";
$sql_insert .= "group_name, ";
$sql_insert .= "group_description ";
$sql_insert .= ")";
$sql_insert .= "values ";
$sql_insert .= "(";
$sql_insert .= "'$domain_uuid', ";
$sql_insert .= "'".uuid()."', ";
$sql_insert .= "'$group_name', ";
$sql_insert .= "'$group_description' ";
$sql_insert .= ")";
if (!$db->exec($sql_insert)) {
//echo $db->errorCode() . "<br>";
$info = $db->errorInfo();
print_r($info);
// $info[0] == $db->errorCode() unified error code
// $info[1] is the driver specific error code
// $info[2] is the driver specific error string
}
//insert into groups
if (strlen($group_name) > 0) {
$sql_insert = "insert into v_groups ";
$sql_insert .= "(";
$sql_insert .= "group_uuid, ";
$sql_insert .= "group_name, ";
$sql_insert .= "group_description ";
$sql_insert .= ")";
$sql_insert .= "values ";
$sql_insert .= "(";
$sql_insert .= "'".uuid()."', ";
$sql_insert .= "'$group_name', ";
$sql_insert .= "'$group_description' ";
$sql_insert .= ")";
if (!$db->exec($sql_insert)) {
//echo $db->errorCode() . "<br>";
$info = $db->errorInfo();
print_r($info);
// $info[0] == $db->errorCode() unified error code
// $info[1] is the driver specific error code
// $info[2] is the driver specific error string
}
//redirect the user
$_SESSION["message"] = $text['message-add'];
header("Location: groups.php");
return;
}
//redirect the user
$_SESSION["message"] = $text['message-add'];
header("Location: groups.php");
return;
}
//include the header
include "resources/header.php";
@ -136,4 +137,4 @@ if (strlen($group_name) > 0) {
//include the footer
include "resources/footer.php";
?>
?>

25
core/users/groupdelete.php
View File

@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2012
Portions created by the Initial Developer are Copyright (C) 2008-2014
the Initial Developer. All Rights Reserved.
Contributor(s):
@ -25,22 +25,23 @@
*/
include "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
if (permission_exists('group_delete') || if_group("superadmin")) {
//access allowed
}
else {
echo "access denied";
return;
}
//check permissions
require_once "resources/check_auth.php";
if (permission_exists('group_delete') || if_group("superadmin")) {
//access allowed
}
else {
echo "access denied";
return;
}
//get the http value and set as a variable
$id = check_str($_GET["id"]);
//delete the group
$sqldelete = "delete from v_groups ";
$sqldelete .= "where domain_uuid = '$domain_uuid' ";
$sqldelete .= "and group_uuid = '$id' ";
$sqldelete .= "where group_uuid = '$id' ";
if (!$db->exec($sqldelete)) {
//echo $db->errorCode() . "<br>";
$info = $db->errorInfo();
@ -53,4 +54,4 @@ else {
//redirect the user
header("Location: groups.php");
?>
?>

18
core/users/groups.php
View File

@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2013
Portions created by the Initial Developer are Copyright (C) 2008-2014
the Initial Developer. All Rights Reserved.
Contributor(s):
@ -27,14 +27,14 @@ include "root.php";
require_once "resources/require.php";
//check the permissions
require_once "resources/check_auth.php";
if (if_group("admin") || if_group("superadmin")) {
//access allowed
}
else {
echo "access denied";
return;
}
require_once "resources/check_auth.php";
if (if_group("admin") || if_group("superadmin")) {
//access allowed
}
else {
echo "access denied";
return;
}
//add multi-lingual support
require_once "app_languages.php";

147
core/users/permissions_copy.php
View File

@ -25,15 +25,16 @@
*/
include "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
require_once "resources/paging.php";
if (permission_exists('extension_add')) {
//access granted
}
else {
echo "access denied";
exit;
}
//check permissions
require_once "resources/check_auth.php";
if (permission_exists('extension_add')) {
//access granted
}
else {
echo "access denied";
exit;
}
//add multi-lingual support
require_once "app_languages.php";
@ -41,84 +42,82 @@ else {
$text[$key] = $value[$_SESSION['domain']['language']['code']];
}
//include paging
require_once "resources/paging.php";
//set the http get/post variable(s) to a php variable
if (isset($_REQUEST["group_name"]) && isset($_REQUEST["new_group_name"])) {
if (isset($_REQUEST["group_name"]) && isset($_REQUEST["new_group_name"])) {
$group_name = check_str($_REQUEST["group_name"]);
$new_group_name = check_str($_REQUEST["new_group_name"]);
$new_group_desc = check_str($_REQUEST["new_group_desc"]);
//get HTTP values and set as variables
$group_name = check_str($_REQUEST["group_name"]);
$new_group_name = check_str($_REQUEST["new_group_name"]);
$new_group_desc = check_str($_REQUEST["new_group_desc"]);
//get the groups data
$sql = "select * from v_groups ";
$sql .= "where domain_uuid = '".$domain_uuid."' ";
$sql .= "and group_name = '".$group_name."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$domain_uuid = $row["domain_uuid"];
$group_name = $row["group_name"];
}
unset ($prep_statement);
//get the groups data
$sql = "select * from v_groups ";
$sql .= "where domain_uuid = '".$domain_uuid."' ";
$sql .= "and group_name = '".$group_name."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$domain_uuid = $row["domain_uuid"];
$group_name = $row["group_name"];
}
unset ($prep_statement);
//create new group
$group_uuid = uuid();
$sql = "insert into v_groups ";
$sql .= "( ";
$sql .= "group_uuid, ";
$sql .= "domain_uuid, ";
$sql .= "group_name, ";
$sql .= "group_description ";
$sql .= ") ";
$sql .= "values ";
$sql .= "( ";
$sql .= "'".$group_uuid."', ";
$sql .= "'".$domain_uuid."', ";
$sql .= "'".$new_group_name."', ";
$sql .= "'".$new_group_desc."' ";
$sql .= ") ";
$db->exec(check_sql($sql));
unset($sql);
//get the group permissions data
$sql = "select * from v_group_permissions ";
$sql .= "where domain_uuid = '".$domain_uuid."' ";
$sql .= "and group_name = '".$group_name."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$domain_uuid = $row["domain_uuid"];
$permission_name = $row["permission_name"];
$group_name = $row["group_name"];
//copy the group permissions
$group_permission_uuid = uuid();
$sql = "insert into v_group_permissions ";
//create new group
$group_uuid = uuid();
$sql = "insert into v_groups ";
$sql .= "( ";
$sql .= "group_permission_uuid, ";
$sql .= "domain_uuid, ";
$sql .= "permission_name, ";
$sql .= "group_name ";
$sql .= "group_uuid, ";
$sql .= "group_name, ";
$sql .= "group_description ";
$sql .= ") ";
$sql .= "values ";
$sql .= "( ";
$sql .= "'".$group_permission_uuid."', ";
$sql .= "'".$domain_uuid."', ";
$sql .= "'".$permission_name."', ";
$sql .= "'".$new_group_name."' ";
$sql .= "'".$group_uuid."', ";
$sql .= "'".$new_group_name."', ";
$sql .= "'".$new_group_desc."' ";
$sql .= ") ";
$db->exec(check_sql($sql));
unset($sql);
}
unset ($prep_statement);
//redirect the user
$_SESSION["message"] = $text['message-copy'];
//get the group permissions data
$sql = "select * from v_group_permissions ";
$sql .= "where group_name = '".$group_name."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$domain_uuid = $row["domain_uuid"];
$permission_name = $row["permission_name"];
$group_name = $row["group_name"];
}
//copy the group permissions
$group_permission_uuid = uuid();
$sql = "insert into v_group_permissions ";
$sql .= "( ";
$sql .= "group_permission_uuid, ";
$sql .= "permission_name, ";
$sql .= "group_name ";
$sql .= ") ";
$sql .= "values ";
$sql .= "( ";
$sql .= "'".$group_permission_uuid."', ";
$sql .= "'".$permission_name."', ";
$sql .= "'".$new_group_name."' ";
$sql .= ") ";
$db->exec(check_sql($sql));
unset($sql);
}
unset ($prep_statement);
header("Location: groups.php");
return;
//redirect the user
$_SESSION["message"] = $text['message-copy'];
}
//redirect
header("Location: groups.php");
?>

41
core/users/permissions_default.php
View File

@ -17,30 +17,32 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2012
Portions created by the Initial Developer are Copyright (C) 2008-2014
the Initial Developer. All Rights Reserved.
Contributor(s):
Mark J Crane <markjcrane@fusionpbx.com>
*/
if (!$included) {
include "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
if (permission_exists('group_edit')) {
//access granted
}
else {
echo "access denied";
return;
//check permisions
if (!$included) {
include "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
if (permission_exists('group_edit')) {
//access granted
}
else {
echo "access denied";
return;
}
}
//add multi-lingual support
//add multi-lingual support
require_once "app_languages.php";
foreach($text as $key => $value) {
$text[$key] = $value[$_SESSION['domain']['language']['code']];
}
}
//permission restore default
require_once "core/users/resources/classes/permission.php";
@ -48,11 +50,12 @@ if (!$included) {
$permission->db = $db;
$permission->restore();
if (!$included) {
//show a message to the user
$_SESSION["message"] = $text['message-restore'];
header("Location: groups.php");
return;
}
//redirect the users
if (!$included) {
//show a message to the user
$_SESSION["message"] = $text['message-restore'];
header("Location: groups.php");
return;
}
?>

34
core/users/resources/classes/permission.php
View File

@ -43,24 +43,22 @@
//restore default permissions
foreach($apps as $row) {
foreach ($row['permissions'] as $permission) {
//set the variables
if ($permission['groups']) {
foreach ($permission['groups'] as $group) {
//check group protection
$sql = "select * from v_groups where group_name = '".$group."' and group_protected = 'true'";
$sql = "select * from v_groups ";
$sql .= "where group_name = '".$group."' ";
$sql .= "and group_protected = 'true'";
$prep_statement = $db->prepare(check_sql($sql));
if ($prep_statement) {
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
unset ($prep_statement);
if (count($result) == 0) {
//if the item uuid is not currently in the db then add it
$sql = "select * from v_group_permissions ";
$sql .= "where permission_name = '".$permission['name']."' ";
$sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "and group_name = '$group' ";
$prep_statement = $db->prepare(check_sql($sql));
if ($prep_statement) {
@ -68,37 +66,31 @@
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
unset ($prep_statement);
if (count($result) == 0) {
//insert the default permissions into the database
$sql = "insert into v_group_permissions ";
$sql .= "(";
$sql .= "group_permission_uuid, ";
$sql .= "domain_uuid, ";
$sql .= "permission_name, ";
$sql .= "group_name ";
$sql .= ") ";
$sql .= "values ";
$sql .= "(";
$sql .= "'".uuid()."', ";
$sql .= "'".$_SESSION["domain_uuid"]."', ";
$sql .= "'".$permission['name']."', ";
$sql .= "'".$group."' ";
$sql .= ");";
$db->exec(check_sql($sql));
unset($sql);
} // if
} // if
} // if
} // if
} // foreach
} // if
} // foreach
} // foreach
} // if count
} // if prepared statement
} // if count
} // if prepared statement
} // foreach group permission
} // if permission
} // foreach permission
} // foreach app
} // function
} // class
} // class
?>

17
core/users/signup.php
View File

@ -25,15 +25,16 @@
*/
include "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
if (if_group("admin") || if_group("superadmin")) {
//access allowed
}
else {
echo "access denied";
return;
}
//check permissions
require_once "resources/check_auth.php";
if (if_group("admin") || if_group("superadmin")) {
//access allowed
}
else {
echo "access denied";
return;
}
//add multi-lingual support
require_once "app_languages.php";