Access Controls: List view updates.
This commit is contained in:
Nate
parent
f372e478bd
commit
34e1bf9ffa
|
|
@ -175,12 +175,11 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
|
|||
echo "</tr>\n";
|
||||
|
||||
echo "<tr>\n";
|
||||
echo "<td class='vncellreq' valign='top' align='left' nowrap='nowrap'>\n";
|
||||
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
|
||||
echo " ".$text['label-access_control_default']."\n";
|
||||
echo "</td>\n";
|
||||
echo "<td class='vtable' align='left'>\n";
|
||||
echo " <select class='formfld' name='access_control_default'>\n";
|
||||
echo " <option value=''></option>\n";
|
||||
if ($access_control_default == "allow") {
|
||||
echo " <option value='allow' selected='selected'>".$text['label-allow']."</option>\n";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -202,12 +202,11 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
|
|||
echo "</tr>\n";
|
||||
|
||||
echo "<tr>\n";
|
||||
echo "<td class='vncellreq' valign='top' align='left' nowrap='nowrap'>\n";
|
||||
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
|
||||
echo " ".$text['label-node_type']."\n";
|
||||
echo "</td>\n";
|
||||
echo "<td class='vtable' align='left'>\n";
|
||||
echo " <select class='formfld' name='node_type'>\n";
|
||||
echo " <option value=''></option>\n";
|
||||
if ($node_type == "allow") {
|
||||
echo " <option value='allow' selected='selected'>".$text['label-allow']."</option>\n";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@
|
|||
require_once "root.php";
|
||||
require_once "resources/require.php";
|
||||
require_once "resources/check_auth.php";
|
||||
require_once "resources/paging.php";
|
||||
|
||||
//check permissions
|
||||
if (!permission_exists('access_control_view')) {
|
||||
|
|
@ -38,18 +39,60 @@
|
|||
$language = new text;
|
||||
$text = $language->get();
|
||||
|
||||
//get posted data
|
||||
if (is_array($_POST['access_controls'])) {
|
||||
$action = $_POST['action'];
|
||||
$search = $_POST['search'];
|
||||
$access_controls = $_POST['access_controls'];
|
||||
}
|
||||
|
||||
//copy the access controls
|
||||
if (permission_exists('access_control_add')) {
|
||||
if ($action == 'copy' && is_array($access_controls) && @sizeof($access_controls) != 0) {
|
||||
//copy
|
||||
$obj = new access_controls;
|
||||
$obj->copy($access_controls);
|
||||
//redirect
|
||||
header('Location: access_controls.php'.($search != '' ? '?search='.urlencode($search) : null));
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
//delete the access controls
|
||||
if (permission_exists('access_control_delete')) {
|
||||
if ($action == 'delete' && is_array($access_controls) && @sizeof($access_controls) != 0) {
|
||||
//delete
|
||||
$obj = new access_controls;
|
||||
$obj->delete($access_controls);
|
||||
//redirect
|
||||
header('Location: access_controls.php'.($search != '' ? '?search='.urlencode($search) : null));
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
//get variables used to control the order
|
||||
$order_by = $_GET["order_by"];
|
||||
$order = $_GET["order"];
|
||||
|
||||
//additional includes
|
||||
require_once "resources/header.php";
|
||||
require_once "resources/paging.php";
|
||||
//add the search term
|
||||
$search = strtolower($_GET["search"]);
|
||||
if (strlen($search) > 0) {
|
||||
$sql_search = " (";
|
||||
$sql_search .= " lower(access_control_name) like :search ";
|
||||
$sql_search .= " or lower(access_control_default) like :search ";
|
||||
$sql_search .= " or lower(access_control_description) like :search ";
|
||||
$sql_search .= ") ";
|
||||
|
||||
$parameters['search'] = '%'.$search.'%';
|
||||
}
|
||||
|
||||
//prepare to page the results
|
||||
$sql = "select count(*) from v_access_controls ";
|
||||
if (isset($sql_search)) {
|
||||
$sql .= "where ".$sql_search;
|
||||
}
|
||||
$database = new database;
|
||||
$num_rows = $database->select($sql, null, 'column');
|
||||
$num_rows = $database->select($sql, $parameters, 'column');
|
||||
|
||||
//prepare to page the results
|
||||
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
|
||||
|
|
@ -57,74 +100,99 @@
|
|||
$page = $_GET['page'];
|
||||
if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
|
||||
list($paging_controls, $rows_per_page, $var3) = paging($num_rows, $param, $rows_per_page);
|
||||
list($paging_controls_mini, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page, true);
|
||||
$offset = $rows_per_page * $page;
|
||||
|
||||
//get the list
|
||||
$sql = "select * from v_access_controls ";
|
||||
$sql = str_replace('count(*)', '*', $sql);
|
||||
$sql .= order_by($order_by, $order);
|
||||
$sql .= limit_offset($rows_per_page, $offset);
|
||||
$database = new database;
|
||||
$access_controls = $database->select($sql, null, 'all');
|
||||
$access_controls = $database->select($sql, $parameters, 'all');
|
||||
unset($sql, $parameters);
|
||||
|
||||
//alternate the row style
|
||||
$c = 0;
|
||||
$row_style["0"] = "row_style0";
|
||||
$row_style["1"] = "row_style1";
|
||||
//create token
|
||||
$object = new token;
|
||||
$token = $object->create($_SERVER['PHP_SELF']);
|
||||
|
||||
//include the header
|
||||
require_once "resources/header.php";
|
||||
|
||||
//show the content
|
||||
echo "<b>".$text['title-access_controls']."</b>\n";
|
||||
echo "<br /><br />\n";
|
||||
echo "<div class='action_bar' id='action_bar'>\n";
|
||||
echo " <b style='float: left;'>".$text['title-access_controls']." (".$num_rows.")</b>\n";
|
||||
if (permission_exists('access_control_add')) {
|
||||
echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'link'=>'access_control_edit.php']);
|
||||
}
|
||||
if (permission_exists('access_control_add')) {
|
||||
echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'onclick'=>"if (confirm('".$text['confirm-copy']."')) { list_action_set('copy'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
|
||||
}
|
||||
if (permission_exists('access_control_delete')) {
|
||||
echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
|
||||
}
|
||||
echo "<form id='form_search' class='inline' method='get'>\n";
|
||||
echo "<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown='list_search_reset();'>";
|
||||
echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','style'=>($search != '' ? 'display: none;' : null)]);
|
||||
echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'access_controls.php','style'=>($search == '' ? 'display: none;' : null)]);
|
||||
if ($paging_controls_mini != '') {
|
||||
echo "<span style='margin-left: 15px;'>".$paging_controls_mini."</span>";
|
||||
}
|
||||
echo "</form>\n";
|
||||
echo "</div>\n";
|
||||
|
||||
echo $text['description-access_control']."\n";
|
||||
echo "<br /><br />\n";
|
||||
|
||||
echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
|
||||
echo "<tr>\n";
|
||||
echo "<form id='form_list' method='post'>\n";
|
||||
echo "<input type='hidden' id='action' name='action' value=''>\n";
|
||||
echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
|
||||
|
||||
echo "<table class='list'>\n";
|
||||
echo "<tr class='list-header'>\n";
|
||||
echo " <th class='checkbox'>\n";
|
||||
echo " <input type='checkbox' id='checkbox_all' name='checkbox_all' value='' onclick='list_all_toggle();'>\n";
|
||||
echo " </th>\n";
|
||||
echo th_order_by('access_control_name', $text['label-access_control_name'], $order_by, $order);
|
||||
echo th_order_by('access_control_default', $text['label-access_control_default'], $order_by, $order);
|
||||
echo th_order_by('access_control_description', $text['label-access_control_description'], $order_by, $order);
|
||||
echo "<td class='list_control_icons'>";
|
||||
if (permission_exists('access_control_add')) {
|
||||
echo "<a href='access_control_edit.php' alt='".$text['button-add']."'>$v_link_label_add</a>";
|
||||
if (permission_exists('access_control_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
|
||||
echo " <td class='action-button'> </td>\n";
|
||||
}
|
||||
else {
|
||||
echo " \n";
|
||||
}
|
||||
echo "</td>\n";
|
||||
echo "<tr>\n";
|
||||
echo "</tr>\n";
|
||||
|
||||
if (is_array($access_controls)) {
|
||||
foreach($access_controls as $row) {
|
||||
if (permission_exists('access_control_edit')) {
|
||||
$tr_link = "href='access_control_edit.php?id=".escape($row['access_control_uuid'])."'";
|
||||
}
|
||||
echo "<tr ".$tr_link.">\n";
|
||||
echo " <td valign='top' class='".$row_style[$c]."'><a ".$tr_link.">".escape($row['access_control_name'])."</a></td>\n";
|
||||
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_default'])." </td>\n";
|
||||
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_description'])." </td>\n";
|
||||
echo " <td class='list_control_icons'>";
|
||||
if (permission_exists('access_control_edit')) {
|
||||
echo "<a href='access_control_edit.php?id=".escape($row['access_control_uuid'])."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
|
||||
}
|
||||
if (permission_exists('access_control_delete')) {
|
||||
echo "<a href='access_control_delete.php?id=".escape($row['access_control_uuid'])."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
|
||||
$list_row_url = "access_control_edit.php?id=".escape($row['access_control_uuid']);
|
||||
}
|
||||
echo "<tr class='list-row' href='".$list_row_url."'>\n";
|
||||
echo " <td class='checkbox'>\n";
|
||||
echo " <input type='checkbox' name='access_controls[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
|
||||
echo " <input type='hidden' name='access_controls[$x][access_control_uuid]' value='".escape($row['access_control_uuid'])."' />\n";
|
||||
echo " </td>\n";
|
||||
echo " <td><a href='".$list_row_url."'>".escape($row['access_control_name'])."</a></td>\n";
|
||||
echo " <td>".escape($row['access_control_default'])."</td>\n";
|
||||
echo " <td class='description overflow'>".escape($row['access_control_description'])."</td>\n";
|
||||
if (permission_exists('access_control_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
|
||||
echo " <td class='action-button'>";
|
||||
echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]);
|
||||
echo " </td>\n";
|
||||
}
|
||||
echo "</tr>\n";
|
||||
$c = $c == 1 ? 0 : 1;
|
||||
} //end foreach
|
||||
unset($sql, $access_controls);
|
||||
} //end if results
|
||||
$x++;
|
||||
}
|
||||
unset($access_controls);
|
||||
}
|
||||
|
||||
echo "</table>\n";
|
||||
if (permission_exists('access_control_add')) {
|
||||
echo "<div style='float: right;'>\n";
|
||||
echo " <a href='access_control_edit.php' alt=\"".$text['button-add']."\">".$v_link_label_add."</a>";
|
||||
echo "</div>\n";
|
||||
}
|
||||
echo "<br />\n";
|
||||
echo "<div align='center'>".$paging_controls."</div>\n";
|
||||
|
||||
echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
|
||||
|
||||
echo "</form>\n";
|
||||
|
||||
//include the footer
|
||||
require_once "resources/footer.php";
|
||||
|
||||
?>
|
||||
?>
|
||||
|
|
@ -0,0 +1,161 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* access controls class
|
||||
*
|
||||
* @method null download
|
||||
*/
|
||||
if (!class_exists('access_controls')) {
|
||||
class access_controls {
|
||||
|
||||
/**
|
||||
* Called when the object is created
|
||||
*/
|
||||
public function __construct() {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Called when there are no references to a particular object
|
||||
* unset the variables used in the class
|
||||
*/
|
||||
public function __destruct() {
|
||||
foreach ($this as $key => $value) {
|
||||
unset($this->$key);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* delete access controls
|
||||
*/
|
||||
public function delete($access_controls) {
|
||||
if (permission_exists('access_control_delete') && permission_exists('access_control_node_delete')) {
|
||||
|
||||
//add multi-lingual support
|
||||
$language = new text;
|
||||
$text = $language->get();
|
||||
|
||||
//validate the token
|
||||
$token = new token;
|
||||
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
||||
message::add($text['message-invalid_token'],'negative');
|
||||
header('Location: access_controls.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
//delete multiple access controls
|
||||
if (is_array($access_controls) && @sizeof($access_controls) != 0) {
|
||||
//build the delete array
|
||||
foreach($access_controls as $x => $row) {
|
||||
if ($row['checked'] == 'true' && is_uuid($row['access_control_uuid'])) {
|
||||
$array['access_controls'][$x]['access_control_uuid'] = $row['access_control_uuid'];
|
||||
$array['access_control_nodes'][$x]['access_control_uuid'] = $row['access_control_uuid'];
|
||||
}
|
||||
}
|
||||
//delete the checked rows
|
||||
if (is_array($array) && @sizeof($array) != 0) {
|
||||
//execute delete
|
||||
$database = new database;
|
||||
$database->app_name = 'access_controls';
|
||||
$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
//set message
|
||||
message::add($text['message-delete']);
|
||||
}
|
||||
unset($access_controls);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* copy access controls
|
||||
*/
|
||||
public function copy($access_controls) {
|
||||
if (permission_exists('access_control_add') && permission_exists('access_control_node_add')) {
|
||||
|
||||
//add multi-lingual support
|
||||
$language = new text;
|
||||
$text = $language->get();
|
||||
|
||||
//validate the token
|
||||
$token = new token;
|
||||
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
||||
message::add($text['message-invalid_token'],'negative');
|
||||
header('Location: access_controls.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
//copy the checked access controls
|
||||
if (is_array($access_controls) && @sizeof($access_controls) != 0) {
|
||||
|
||||
//get checked access controls
|
||||
foreach($access_controls as $x => $row) {
|
||||
if ($row['checked'] == 'true' && is_uuid($row['access_control_uuid'])) {
|
||||
$access_control_uuids[] = "access_control_uuid = '".$row['access_control_uuid']."'";
|
||||
}
|
||||
}
|
||||
//create insert array from existing data
|
||||
if (is_array($access_control_uuids) && @sizeof($access_control_uuids) != 0) {
|
||||
$sql = "select * from v_access_controls ";
|
||||
$sql .= "where ".implode(' or ', $access_control_uuids)." ";
|
||||
$database = new database;
|
||||
$rows = $database->select($sql, $parameters, 'all');
|
||||
if (is_array($rows) && @sizeof($rows) != 0) {
|
||||
$y = 0;
|
||||
foreach ($rows as $x => $row) {
|
||||
//access control
|
||||
$access_control_uuid = uuid();
|
||||
$array['access_controls'][$x]['access_control_uuid'] = $access_control_uuid;
|
||||
$array['access_controls'][$x]['access_control_name'] = $row['access_control_name'];
|
||||
$array['access_controls'][$x]['access_control_default'] = $row['access_control_default'];
|
||||
$array['access_controls'][$x]['access_control_description'] = trim($row['access_control_description'].' ('.$text['label-copy'].')');
|
||||
//access control nodes
|
||||
$sql_2 = "select * from v_access_control_nodes where access_control_uuid = :access_control_uuid";
|
||||
$parameters_2['access_control_uuid'] = $row['access_control_uuid'];
|
||||
$database = new database;
|
||||
$rows_2 = $database->select($sql_2, $parameters_2, 'all');
|
||||
if (is_array($rows_2) && @sizeof($rows_2) != 0) {
|
||||
foreach ($rows_2 as $row_2) {
|
||||
$access_control_node_uuid = uuid();
|
||||
$array['access_control_nodes'][$y]['access_control_node_uuid'] = $access_control_node_uuid;
|
||||
$array['access_control_nodes'][$y]['access_control_uuid'] = $access_control_uuid;
|
||||
$array['access_control_nodes'][$y]['node_type'] = $row_2['node_type'];
|
||||
$array['access_control_nodes'][$y]['node_cidr'] = $row_2['node_cidr'];
|
||||
$array['access_control_nodes'][$y]['node_domain'] = $row_2['node_domain'];
|
||||
$array['access_control_nodes'][$y]['node_description'] = $row_2['node_description'];
|
||||
$y++;
|
||||
}
|
||||
}
|
||||
unset($sql_2, $parameters_2, $rows_2, $row_2);
|
||||
}
|
||||
}
|
||||
unset($sql, $parameters, $rows, $row);
|
||||
}
|
||||
//save the changes and set the message
|
||||
if (is_array($array) && @sizeof($array) != 0) {
|
||||
//save the array
|
||||
$database = new database;
|
||||
$database->app_name = 'access_controls';
|
||||
$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
//set message
|
||||
message::add($text['message-copy']);
|
||||
}
|
||||
unset($access_controls);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
$obj = new access_controls;
|
||||
$obj->delete();
|
||||
*/
|
||||
|
||||
?>
|
||||
Loading…
Reference in New Issue