Database class integration.
This commit is contained in:
Nate
parent
4efd7dfbf6
commit
479f1dfb08
|
|
@ -58,65 +58,64 @@
|
|||
}
|
||||
|
||||
//if there are no permissions listed in v_group_permissions then set the default permissions
|
||||
$sql = "select count(*) as count from v_group_permissions ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$group_permission_count = $row["count"];
|
||||
break; //limit to 1 row
|
||||
}
|
||||
unset ($prep_statement);
|
||||
$sql = "select count(*) from v_group_permissions ";
|
||||
$database = new database;
|
||||
$group_permission_count = $database->select($sql, null, 'column');
|
||||
unset($sql);
|
||||
|
||||
if ($group_permission_count == 0) {
|
||||
//no permissions found add the defaults
|
||||
foreach($apps as $app) {
|
||||
foreach ($app['permissions'] as $row) {
|
||||
foreach ($row['groups'] as $group) {
|
||||
foreach ($row['groups'] as $index => $group) {
|
||||
//add the record
|
||||
$sql = "insert into v_group_permissions ";
|
||||
$sql .= "(";
|
||||
$sql .= "group_permission_uuid, ";
|
||||
$sql .= "permission_name, ";
|
||||
$sql .= "group_name ";
|
||||
$sql .= ")";
|
||||
$sql .= "values ";
|
||||
$sql .= "(";
|
||||
$sql .= "'".uuid()."', ";
|
||||
$sql .= "'".$row['name']."', ";
|
||||
$sql .= "'".$group."' ";
|
||||
$sql .= ")";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$array['group_permissions'][$index]['group_permission_uuid'] = uuid();
|
||||
$array['group_permissions'][$index]['permission_name'] = $row['name'];
|
||||
$array['group_permissions'][$index]['group_name'] = $group;
|
||||
}
|
||||
if (is_array($array) && sizeof($array) != 0) {
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//get the group uuid, lookup domain uuid (if any) and name
|
||||
$group_uuid = check_str($_REQUEST['group_uuid']);
|
||||
$group_uuid = $_REQUEST['group_uuid'];
|
||||
$sql = "select domain_uuid, group_name from v_groups ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$sql .= "where group_uuid = :group_uuid ";
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if (is_array($row) && sizeof($row) != 0) {
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$group_name = $row["group_name"];
|
||||
break; //limit to 1 row
|
||||
}
|
||||
unset ($prep_statement);
|
||||
unset($sql, $parameters, $row);
|
||||
|
||||
//get the permissions assigned to this group
|
||||
$sql = " select * from v_group_permissions ";
|
||||
$sql .= "where group_name = '$group_name' ";
|
||||
$sql .= "and domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null ");
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$permission_name = $row["permission_name"];
|
||||
$permissions_db[$permission_name] = "true";
|
||||
$sql = "select * from v_group_permissions ";
|
||||
$sql .= "where group_name = :group_name ";
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
else {
|
||||
$sql .= "and domain_uuid is null ";
|
||||
}
|
||||
$parameters['group_name'] = $group_name;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
if (is_array($result) && sizeof($result) != 0) {
|
||||
foreach ($result as &$row) {
|
||||
$permissions_db[$row["permission_name"]] = "true";
|
||||
}
|
||||
}
|
||||
unset($sql, $parameters, $result, $row);
|
||||
|
||||
//show the db checklist
|
||||
//echo "<pre>";
|
||||
|
|
@ -175,52 +174,68 @@
|
|||
}
|
||||
if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") {
|
||||
//delete the record
|
||||
$sql = "delete from v_group_permissions ";
|
||||
$sql .= "where group_name = '$group_name' ";
|
||||
$sql .= "and permission_name = '$permission' ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$array['group_permissions'][0]['group_name'] = $group_name;
|
||||
$array['group_permissions'][0]['permission_name'] = $permission;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
foreach($apps as $app) {
|
||||
foreach ($app['permissions'] as $row) {
|
||||
if ($row['name'] == $permission) {
|
||||
|
||||
$sql = "delete from v_menu_item_groups ";
|
||||
$sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' ";
|
||||
$sql .= "and group_name = '$group_name' ";
|
||||
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
|
||||
$array['menu_item_groups'][0]['group_name'] = $group_name;
|
||||
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
|
||||
|
||||
$sql = " select menu_item_parent_uuid from v_menu_items ";
|
||||
$sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' ";
|
||||
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$menu_item_parent_uuid = $row["menu_item_parent_uuid"];
|
||||
}
|
||||
unset ($prep_statement);
|
||||
$p = new permissions;
|
||||
$p->add('menu_item_group_delete', 'temp');
|
||||
|
||||
$sql = " select * from v_menu_items as i, v_menu_item_groups as g ";
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('menu_item_group_delete', 'temp');
|
||||
|
||||
$sql = "select menu_item_parent_uuid from v_menu_items ";
|
||||
$sql .= "where menu_item_uuid = :menu_item_uuid ";
|
||||
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$parameters['menu_item_uuid'] = $row['menu']['uuid'];
|
||||
$database = new database;
|
||||
$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
|
||||
unset($sql, $parameters);
|
||||
|
||||
$sql = "select count(*) from v_menu_items as i, v_menu_item_groups as g ";
|
||||
$sql .= "where i.menu_item_uuid = g.menu_item_uuid ";
|
||||
$sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$sql .= "and i.menu_item_parent_uuid = '$menu_item_parent_uuid' ";
|
||||
$sql .= "and g.group_name = '$group_name' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
$result_count = count($result);
|
||||
$sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid ";
|
||||
$sql .= "and g.group_name = :group_name ";
|
||||
$parameters['menu_item_parent_uuid'] = $menu_item_parent_uuid;
|
||||
$parameters['group_name'] = $group_name;
|
||||
$database = new database;
|
||||
$result_count = $database->select($sql, $parameters, 'column');
|
||||
|
||||
if ($result_count == 0) {
|
||||
$sql = "delete from v_menu_item_groups ";
|
||||
$sql .= "where menu_item_uuid = '$menu_item_parent_uuid' ";
|
||||
$sql .= "and group_name = '$group_name' ";
|
||||
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
|
||||
$array['menu_item_groups'][0]['group_name'] = $group_name;
|
||||
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
|
||||
|
||||
$p = new permissions;
|
||||
$p->add('menu_item_group_delete', 'temp');
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('menu_item_group_delete', 'temp');
|
||||
}
|
||||
unset ($prep_statement);
|
||||
unset($sql, $parameters, $result_count);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -229,82 +244,72 @@
|
|||
}
|
||||
if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") {
|
||||
//add the record
|
||||
$sql = "insert into v_group_permissions ";
|
||||
$sql .= "(";
|
||||
$sql .= "group_permission_uuid, ";
|
||||
if ($domain_uuid != '') {
|
||||
$sql .= "domain_uuid, ";
|
||||
$array['group_permissions'][0]['group_permission_uuid'] = uuid();
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$array['group_permissions'][0]['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
$sql .= "permission_name, ";
|
||||
$sql .= "group_name ";
|
||||
$sql .= ")";
|
||||
$sql .= "values ";
|
||||
$sql .= "(";
|
||||
$sql .= "'".uuid()."', ";
|
||||
if ($domain_uuid != '') {
|
||||
$sql .= "'".$domain_uuid."', ";
|
||||
}
|
||||
$sql .= "'$permission', ";
|
||||
$sql .= "'$group_name' ";
|
||||
$sql .= ")";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$array['group_permissions'][0]['permission_name'] = $permission;
|
||||
$array['group_permissions'][0]['group_name'] = $group_name;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
foreach($apps as $app) {
|
||||
foreach ($app['permissions'] as $row) {
|
||||
if ($row['name'] == $permission) {
|
||||
|
||||
$sql = "insert into v_menu_item_groups ";
|
||||
$sql .= "(";
|
||||
$sql .= "menu_uuid, ";
|
||||
$sql .= "menu_item_uuid, ";
|
||||
$sql .= "group_name ";
|
||||
$sql .= ")";
|
||||
$sql .= "values ";
|
||||
$sql .= "(";
|
||||
$sql .= "'b4750c3f-2a86-b00d-b7d0-345c14eca286', ";
|
||||
$sql .= "'".$row['menu']['uuid']."', ";
|
||||
$sql .= "'$group_name' ";
|
||||
$sql .= ")";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
|
||||
$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
|
||||
$array['menu_item_groups'][0]['group_name'] = $group_name;
|
||||
|
||||
$sql = " select menu_item_parent_uuid from v_menu_items ";
|
||||
$sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' ";
|
||||
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$menu_item_parent_uuid = $row["menu_item_parent_uuid"];
|
||||
}
|
||||
unset ($prep_statement);
|
||||
$p = new permissions;
|
||||
$p->add('menu_item_group_add', 'temp');
|
||||
|
||||
$sql = " select * from v_menu_item_groups ";
|
||||
$sql .= "where menu_item_uuid = '$menu_item_parent_uuid' ";
|
||||
$sql .= "and group_name = '$group_name' ";
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('menu_item_group_add', 'temp');
|
||||
|
||||
$sql = "select menu_item_parent_uuid from v_menu_items ";
|
||||
$sql .= "where menu_item_uuid = :menu_item_uuid ";
|
||||
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
$result_count = count($result);
|
||||
$parameters['menu_item_uuid'] = $row['menu']['uuid'];
|
||||
$database = new database;
|
||||
$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
|
||||
unset($sql, $parameters);
|
||||
|
||||
$sql = "select count(*) from v_menu_item_groups ";
|
||||
$sql .= "where menu_item_uuid = :menu_item_uuid ";
|
||||
$sql .= "and group_name = :group_name ";
|
||||
$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
|
||||
$parameters['menu_item_uuid'] = $menu_item_parent_uuid;
|
||||
$parameters['group_name'] = $group_name;
|
||||
$database = new database;
|
||||
$result_count = $database->select($sql, $parameters, 'column');
|
||||
|
||||
if ($result_count == 0) {
|
||||
$sql = "insert into v_menu_item_groups ";
|
||||
$sql .= "(";
|
||||
$sql .= "menu_uuid, ";
|
||||
$sql .= "menu_item_uuid, ";
|
||||
$sql .= "group_name ";
|
||||
$sql .= ")";
|
||||
$sql .= "values ";
|
||||
$sql .= "(";
|
||||
$sql .= "'b4750c3f-2a86-b00d-b7d0-345c14eca286', ";
|
||||
$sql .= "'$menu_item_parent_uuid', ";
|
||||
$sql .= "'$group_name' ";
|
||||
$sql .= ")";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
|
||||
$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
|
||||
$array['menu_item_groups'][0]['group_name'] = $group_name;
|
||||
|
||||
$p = new permissions;
|
||||
$p->add('menu_item_group_add', 'temp');
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('menu_item_group_add', 'temp');
|
||||
}
|
||||
unset ($prep_statement);
|
||||
|
||||
unset($sql, $parameters, $result_count);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -328,7 +333,7 @@
|
|||
echo " if (new_group_name != null) {\n";
|
||||
echo " new_group_desc = prompt('".$text['message-new_group_description']."');\n";
|
||||
echo " if (new_group_desc != null) {\n";
|
||||
echo " window.location = 'permissions_copy.php?group_name=".escape($group_name)."&new_group_name=' + new_group_name + '&new_group_desc=' + new_group_desc;\n";
|
||||
echo " window.location = 'permissions_copy.php?id=".escape($group_uuid)."&new_group_name=' + new_group_name + '&new_group_desc=' + new_group_desc;\n";
|
||||
echo " }\n";
|
||||
echo " }\n";
|
||||
echo " }\n";
|
||||
|
|
@ -427,7 +432,6 @@
|
|||
|
||||
} //end foreach
|
||||
echo "<br>";
|
||||
unset($sql, $result, $row_count);
|
||||
|
||||
echo "</form>\n";
|
||||
|
||||
|
|
|
|||
|
|
@ -45,55 +45,42 @@
|
|||
//get the http values and set them as variables
|
||||
if (count($_POST) > 0) {
|
||||
//set the variables
|
||||
$group_name = check_str($_POST["group_name"]);
|
||||
$group_name = $_POST["group_name"];
|
||||
if (permission_exists('group_domain')) {
|
||||
$domain_uuid = check_str($_POST["domain_uuid"]);
|
||||
$domain_uuid = $_POST["domain_uuid"];
|
||||
}
|
||||
else {
|
||||
$domain_uuid = $_SESSION['domain_uuid'];
|
||||
}
|
||||
$group_description = check_str($_POST["group_description"]);
|
||||
$group_description = $_POST["group_description"];
|
||||
|
||||
//check for global/domain duplicates
|
||||
$sql = "select count(*) as num_rows from v_groups where ";
|
||||
$sql .= "group_name = '".$group_name."' ";
|
||||
$sql .= "and domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null ");
|
||||
$prep_statement = $db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
$group_exists = ($row['num_rows'] > 0) ? true : false;
|
||||
$sql = "select count(*) from v_groups where ";
|
||||
$sql .= "group_name = :group_name ";
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
else {
|
||||
$group_exists = false;
|
||||
$sql .= "and domain_uuid is null ";
|
||||
}
|
||||
unset($sql, $prep_statement, $row);
|
||||
$parameters['group_name'] = $group_name;
|
||||
$database = new database;
|
||||
$num_rows = $database->select($sql, $parameters, 'column');
|
||||
$group_exists = ($num_rows > 0) ? true : false;
|
||||
unset($sql, $parameters, $num_rows);
|
||||
|
||||
//insert group
|
||||
if (!$group_exists) {
|
||||
$sql = "insert into v_groups ";
|
||||
$sql .= "(";
|
||||
$sql .= "group_uuid, ";
|
||||
$sql .= "domain_uuid, ";
|
||||
$sql .= "group_name, ";
|
||||
$sql .= "group_description ";
|
||||
$sql .= ")";
|
||||
$sql .= "values ";
|
||||
$sql .= "(";
|
||||
$sql .= "'".uuid()."', ";
|
||||
$sql .= (($domain_uuid != '') ? "'".$domain_uuid."'" : "null").", ";
|
||||
$sql .= "'".$group_name."', ";
|
||||
$sql .= "'".$group_description."' ";
|
||||
$sql .= ")";
|
||||
if (!$db->exec($sql)) {
|
||||
//echo $db->errorCode() . "<br>";
|
||||
$info = $db->errorInfo();
|
||||
echo "<pre>".print_r($info, true)."</pre>";
|
||||
exit;
|
||||
// $info[0] == $db->errorCode() unified error code
|
||||
// $info[1] is the driver specific error code
|
||||
// $info[2] is the driver specific error string
|
||||
}
|
||||
$array['groups'][0]['group_uuid'] = uuid();
|
||||
$array['groups'][0]['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : null;
|
||||
$array['groups'][0]['group_name'] = $group_name;
|
||||
$array['groups'][0]['group_description'] = $group_description;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
message::add($text['message-add']);
|
||||
header("Location: groups.php");
|
||||
|
|
|
|||
|
|
@ -42,57 +42,97 @@
|
|||
$language = new text;
|
||||
$text = $language->get();
|
||||
|
||||
//get the http value and set as a variable
|
||||
$group_uuid = check_str($_GET["id"]);
|
||||
|
||||
//validate the uuid
|
||||
if (is_uuid($group_uuid)) {
|
||||
if (is_uuid($_GET["id"])) {
|
||||
$group_uuid = $_GET["id"];
|
||||
|
||||
//get the group from v_groups
|
||||
$sql = "select domain_uuid, group_name from v_groups ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
$sql .= "where group_uuid = :group_uuid ";
|
||||
if (!permission_exists('group_domain')) {
|
||||
$sql .= "and (domain_uuid = '".$_SESSION['domain_uuid']."' or domain_uuid is null); ";
|
||||
$sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
}
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
unset($sql, $parameters);
|
||||
|
||||
if (is_array($row) && sizeof($row) != 0) {
|
||||
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$group_name = $row["group_name"];
|
||||
}
|
||||
unset ($prep_statement);
|
||||
|
||||
//delete the user groups
|
||||
$sql = "delete from v_user_groups ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
if (!$db->exec($sql)) {
|
||||
$error = $db->errorInfo();
|
||||
print_r($error);
|
||||
}
|
||||
//delete the user groups
|
||||
$array['user_groups'][0]['group_uuid'] = $group_uuid;
|
||||
|
||||
//delete the group permissions
|
||||
if (strlen($group_name) > 0) {
|
||||
$sql = "delete from v_group_permissions ";
|
||||
$sql .= "where group_name = '".$group_name."' ";
|
||||
$sql .= "and domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null ");
|
||||
if (!$db->exec($sql)) {
|
||||
$error = $db->errorInfo();
|
||||
print_r($error);
|
||||
}
|
||||
}
|
||||
$p = new permissions;
|
||||
$p->add('user_group_delete', 'temp');
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('user_group_delete', 'temp');
|
||||
|
||||
//get the group permissions
|
||||
$sql = "select group_permission_uuid ";
|
||||
$sql .= "from v_group_permissions ";
|
||||
$sql .= "where group_name = :group_name ";
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
else {
|
||||
$sql .= "and domain_uuid is null ";
|
||||
}
|
||||
$parameters['group_name'] = $group_name;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
if (is_array($result) && sizeof($result) != 0) {
|
||||
foreach ($result as $index => $row) {
|
||||
//build array
|
||||
$array['group_permissions'][$index]['group_permission_uuid'] = $row['group_permission_uuid'];
|
||||
$array['group_permissions'][$index]['group_name'] = $group_name;
|
||||
}
|
||||
if (is_array($array) && sizeof($array) != 0) {
|
||||
//delete the group permissions
|
||||
$p = new permissions;
|
||||
$p->add('group_permission_delete', 'temp');
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('group_permission_delete', 'temp');
|
||||
}
|
||||
}
|
||||
unset($sql, $parameters, $result, $row);
|
||||
|
||||
//delete the group
|
||||
$array['groups'][0]['group_uuid'] = $group_uuid;
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$array['groups'][0]['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
//set message
|
||||
message::add($text['message-delete']);
|
||||
|
||||
//delete the group
|
||||
$sql = "delete from v_groups ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
$sql .= "and domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null ");
|
||||
if (!$db->exec($sql)) {
|
||||
$error = $db->errorInfo();
|
||||
print_r($error);
|
||||
}
|
||||
unset($sql, $parameters, $row);
|
||||
}
|
||||
|
||||
//redirect the user
|
||||
message::add($text['message-delete']);
|
||||
header("Location: groups.php");
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -45,128 +45,176 @@
|
|||
//process update
|
||||
if (count($_POST) > 0) {
|
||||
//set the variables
|
||||
$group_uuid = check_str($_POST['group_uuid']);
|
||||
$group_name = check_str($_POST['group_name']);
|
||||
$group_name_previous = check_str($_POST['group_name_previous']);
|
||||
$domain_uuid = check_str($_POST["domain_uuid"]);
|
||||
$domain_uuid_previous = check_str($_POST["domain_uuid_previous"]);
|
||||
$group_description = check_str($_POST["group_description"]);
|
||||
$group_uuid = $_POST['group_uuid'];
|
||||
$group_name = $_POST['group_name'];
|
||||
$group_name_previous = $_POST['group_name_previous'];
|
||||
$domain_uuid = $_POST["domain_uuid"];
|
||||
$domain_uuid_previous = $_POST["domain_uuid_previous"];
|
||||
$group_description = $_POST["group_description"];
|
||||
|
||||
//check for global/domain duplicates
|
||||
$sql = "select count(*) as num_rows from v_groups where ";
|
||||
$sql .= "group_name = '".$group_name."' ";
|
||||
$sql .= "and group_uuid <> '".$group_uuid."' ";
|
||||
$sql .= "and domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null ");
|
||||
$prep_statement = $db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
$group_exists = ($row['num_rows'] > 0) ? true : false;
|
||||
$sql = "select count(*) from v_groups where ";
|
||||
$sql .= "group_name = :group_name ";
|
||||
$sql .= "and group_uuid <> :group_uuid ";
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
else {
|
||||
$group_exists = false;
|
||||
$sql .= "and domain_uuid is null ";
|
||||
}
|
||||
unset($sql, $prep_statement, $row);
|
||||
$parameters['group_name'] = $group_name;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$num_rows = $database->select($sql, $parameters, 'column');
|
||||
$group_exists = ($num_rows > 0) ? true : false;
|
||||
unset($sql, $parameters, $num_rows);
|
||||
|
||||
//update group
|
||||
if (!$group_exists) {
|
||||
$sql = "update v_groups ";
|
||||
$sql .= "set ";
|
||||
$sql .= "group_name = '".$group_name."', ";
|
||||
$sql .= "domain_uuid = ".(($domain_uuid != '') ? "'".$domain_uuid."'" : "null").", ";
|
||||
$sql .= "group_description = '".$group_description."' ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
echo "<pre>".print_r($error, true)."</pre>";
|
||||
exit;
|
||||
}
|
||||
$array['groups'][0]['group_uuid'] = $group_uuid;
|
||||
$array['groups'][0]['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : null;
|
||||
$array['groups'][0]['group_name'] = $group_name;
|
||||
$array['groups'][0]['group_description'] = $group_description;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
//group changed from global to domain-specific
|
||||
if ($domain_uuid_previous == '' && $domain_uuid != '') {
|
||||
if (!is_uuid($domain_uuid_previous) && is_uuid($domain_uuid)) {
|
||||
//remove any users assigned to the group from the old domain
|
||||
$sql = "delete from v_user_groups where group_uuid = '".$group_uuid."' and domain_uuid <> '".$domain_uuid."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "delete from v_user_groups where group_uuid = :group_uuid and domain_uuid <> :domain_uuid ";
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
|
||||
//update permissions to use new domain uuid
|
||||
$sql = "update v_group_permissions set domain_uuid = '".$domain_uuid."' where group_name = '".$group_name_previous."' and domain_uuid is null ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_group_permissions set domain_uuid = :domain_uuid where group_name = :group_name and domain_uuid is null ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
$parameters['group_name'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
|
||||
//change group name
|
||||
if ($group_name != $group_name_previous && $group_name != '') {
|
||||
//change group name in group users
|
||||
$sql = "update v_user_groups set group_name = '".$group_name."' where group_uuid = '".$group_uuid."' and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
|
||||
//change group name in permissions
|
||||
$sql = "update v_group_permissions set group_name = '".$group_name."' where domain_uuid = '".$domain_uuid."' and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_group_permissions set group_name = :group_name_new where domain_uuid = :domain_uuid and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
}
|
||||
|
||||
//group changed from one domain to another
|
||||
else if ($domain_uuid_previous != '' && $domain_uuid != '' && $domain_uuid_previous != $domain_uuid) {
|
||||
else if (is_uuid($domain_uuid_previous) && is_uuid($domain_uuid) && $domain_uuid_previous != $domain_uuid) {
|
||||
//remove any users assigned to the group from the old domain
|
||||
$sql = "delete from v_user_groups where group_uuid = '".$group_uuid."' and domain_uuid = '".$domain_uuid_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$array['user_groups'][0]['group_uuid'] = $group_uuid;
|
||||
$array['user_groups'][0]['domain_uuid'] = $domain_uuid_previous;
|
||||
|
||||
$p = new permissions;
|
||||
$p->add('user_group_delete', 'temp');
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('user_group_delete', 'temp');
|
||||
//update permissions to use new domain uuid
|
||||
$sql = "update v_group_permissions set domain_uuid = '".$domain_uuid."' where group_name = '".$group_name_previous."' and domain_uuid = '".$domain_uuid_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_group_permissions set domain_uuid = :domain_uuid_new where group_name = :group_name and domain_uuid = :domain_uuid_old ";
|
||||
$parameters['domain_uuid_new'] = $domain_uuid;
|
||||
$parameters['group_name'] = $group_name_previous;
|
||||
$parameters['domain_uuid_old'] = $domain_uuid_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
//change group name
|
||||
if ($group_name != $group_name_previous && $group_name != '') {
|
||||
//change group name in group users
|
||||
$sql = "update v_user_groups set group_name = '".$group_name."' where group_uuid = '".$group_uuid."' and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
//change group name in permissions
|
||||
$sql = "update v_group_permissions set group_name = '".$group_name."' where domain_uuid = '".$domain_uuid."' and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_group_permissions set group_name = :group_name_new where domain_uuid = :domain_uuid and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
}
|
||||
|
||||
//group changed from domain-specific to global
|
||||
else if ($domain_uuid_previous != '' && $domain_uuid == '') {
|
||||
else if (is_uuid($domain_uuid_previous) && !is_uuid($domain_uuid)) {
|
||||
//change group name
|
||||
if ($group_name != $group_name_previous && $group_name != '') {
|
||||
//change group name in group users
|
||||
$sql = "update v_user_groups set group_name = '".$group_name."' where group_uuid = '".$group_uuid."' and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
//change group name in permissions
|
||||
$sql = "update v_group_permissions set group_name = '".$group_name."' where domain_uuid = '".$domain_uuid_previous."' and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_group_permissions set group_name = :group_name_new where domain_uuid = :domain_uuid and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['domain_uuid'] = $domain_uuid_previous;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
//update permissions to not use a domain uuid
|
||||
$sql = "update v_group_permissions set domain_uuid = null where group_name = '".$group_name."' and domain_uuid = '".$domain_uuid_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_group_permissions set domain_uuid = null where group_name = :group_name and domain_uuid = :domain_uuid ";
|
||||
$parameters['group_name'] = $group_name;
|
||||
$parameters['domain_uuid'] = $domain_uuid_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
|
||||
//domain didn't change, but name may still
|
||||
|
|
@ -174,17 +222,32 @@
|
|||
//change group name
|
||||
if ($group_name != $group_name_previous && $group_name != '') {
|
||||
//change group name in group users
|
||||
$sql = "update v_user_groups set group_name = '".$group_name."' where group_uuid = '".$group_uuid."' and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
}
|
||||
$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
//change group name in permissions
|
||||
$sql = "update v_group_permissions set group_name = '".$group_name."' where domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null ")." and group_name = '".$group_name_previous."' ";
|
||||
if (!$db->exec(check_sql($sql))) {
|
||||
$error = $db->errorInfo();
|
||||
//echo "<pre>".print_r($error, true)."</pre>"; exit;
|
||||
$sql = "update v_group_permissions set group_name = :group_name_new ";
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
else {
|
||||
$sql .= "where domain_uuid is null ";
|
||||
}
|
||||
$sql .= "and group_name = :group_name_old ";
|
||||
$parameters['group_name_new'] = $group_name;
|
||||
$parameters['group_name_old'] = $group_name_previous;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -201,18 +264,19 @@
|
|||
}
|
||||
|
||||
//pre-populate the form
|
||||
$group_uuid = check_str($_REQUEST['id']);
|
||||
if ($group_uuid != '') {
|
||||
$group_uuid = $_REQUEST['id'];
|
||||
if (is_uuid($group_uuid)) {
|
||||
$sql = "select * from v_groups where ";
|
||||
$sql .= "group_uuid = '".$group_uuid."' ";
|
||||
$prep_statement = $db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
$sql .= "group_uuid = :group_uuid ";
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if (is_array($row) && sizeof($row) != 0) {
|
||||
$group_name = $row['group_name'];
|
||||
$domain_uuid = $row['domain_uuid'];
|
||||
$group_description = $row['group_description'];
|
||||
}
|
||||
unset($sql, $parameters, $row);
|
||||
}
|
||||
|
||||
//include the header
|
||||
|
|
|
|||
|
|
@ -45,43 +45,34 @@
|
|||
}
|
||||
|
||||
//get the http values and set them as variables
|
||||
$domain_uuid = check_str($_POST["domain_uuid"]);
|
||||
$group_uuid = check_str($_POST["group_uuid"]);
|
||||
$group_name = check_str($_POST["group_name"]);
|
||||
$user_uuid = check_str($_POST["user_uuid"]);
|
||||
$domain_uuid = $_POST["domain_uuid"];
|
||||
$group_uuid = $_POST["group_uuid"];
|
||||
$group_name = $_POST["group_name"];
|
||||
$user_uuid = $_POST["user_uuid"];
|
||||
|
||||
//add the user to the group
|
||||
if (is_uuid($user_uuid) && is_uuid($group_uuid) && strlen($group_name) > 0) {
|
||||
$sql = "insert into v_user_groups ";
|
||||
$sql .= "(";
|
||||
$sql .= "user_group_uuid, ";
|
||||
$sql .= "domain_uuid, ";
|
||||
$sql .= "group_uuid, ";
|
||||
$sql .= "group_name, ";
|
||||
$sql .= "user_uuid ";
|
||||
$sql .= ")";
|
||||
$sql .= "values ";
|
||||
$sql .= "(";
|
||||
$sql .= "'".uuid()."', ";
|
||||
$sql .= "'".$domain_uuid."', ";
|
||||
$sql .= "'".$group_uuid."', ";
|
||||
$sql .= "'".$group_name."', ";
|
||||
$sql .= "'".$user_uuid."' ";
|
||||
$sql .= ")";
|
||||
if (!$db->exec($sql)) {
|
||||
$info = $db->errorInfo();
|
||||
echo "<pre>".print_r($info, true)."</pre>";
|
||||
exit;
|
||||
}
|
||||
else {
|
||||
//log the success
|
||||
//$log_type = 'group'; $log_status='add'; $log_add_user=$_SESSION["username"]; $log_desc= "username: ".$username." added to group: ".$group_name;
|
||||
//log_add($db, $log_type, $log_status, $log_desc, $log_add_user, $_SERVER["REMOTE_ADDR"]);
|
||||
}
|
||||
$array['user_groups'][0]['user_group_uuid'] = uuid();
|
||||
$array['user_groups'][0]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_groups'][0]['group_uuid'] = $group_uuid;
|
||||
$array['user_groups'][0]['group_name'] = $group_name;
|
||||
$array['user_groups'][0]['user_uuid'] = $user_uuid;
|
||||
|
||||
$p = new permissions;
|
||||
$p->add('user_group_add', 'temp');
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('user_group_add', 'temp');
|
||||
|
||||
message::add($text['message-update']);
|
||||
}
|
||||
|
||||
//redirect the user
|
||||
message::add($text['message-update']);
|
||||
header("Location: groupmembers.php?group_uuid=".$group_uuid."&group_name=".$group_name);
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -45,23 +45,23 @@
|
|||
}
|
||||
|
||||
//get the http values and set them as variables
|
||||
$group_name = check_str($_GET["group_name"]);
|
||||
$user_uuid = check_str($_GET["user_uuid"]);
|
||||
$group_uuid = check_str($_GET["group_uuid"]);
|
||||
$group_name = $_GET["group_name"];
|
||||
$user_uuid = $_GET["user_uuid"];
|
||||
$group_uuid = $_GET["group_uuid"];
|
||||
|
||||
//delete the group membership
|
||||
$sql_delete = "delete from v_user_groups ";
|
||||
$sql_delete .= "where user_uuid = '".$user_uuid."' ";
|
||||
$sql_delete .= "and group_uuid = '".$group_uuid."' ";
|
||||
if (!$db->exec($sql_delete)) {
|
||||
$info = $db->errorInfo();
|
||||
echo "<pre>".print_r($info, true)."</pre>";
|
||||
exit;
|
||||
}
|
||||
else {
|
||||
//$log_type = 'group'; $log_status='remove'; $log_add_user=$_SESSION["username"]; $log_desc= "username: ".$username." removed from group: ".$group_name;
|
||||
//log_add($db, $log_type, $log_status, $log_desc, $log_add_user, $_SERVER["REMOTE_ADDR"]);
|
||||
}
|
||||
$p = new permissions;
|
||||
$p->add('user_group_delete', 'temp');
|
||||
|
||||
$array['user_groups'][0]['user_uuid'] = $user_uuid;
|
||||
$array['user_groups'][0]['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->delete($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('user_group_delete', 'temp');
|
||||
|
||||
//redirect the user
|
||||
message::add($text['message-delete']);
|
||||
|
|
|
|||
|
|
@ -49,46 +49,44 @@
|
|||
$text = $language->get();
|
||||
|
||||
//get the group uuid, lookup domain uuid (if any) and name
|
||||
$group_uuid = check_str($_REQUEST['group_uuid']);
|
||||
$group_uuid = $_REQUEST['group_uuid'];
|
||||
$sql = "select domain_uuid, group_name from v_groups ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$sql .= "where group_uuid = :group_uuid ";
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if (is_array($row) && sizeof($row) != 0) {
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$group_name = $row["group_name"];
|
||||
break; //limit to 1 row
|
||||
}
|
||||
unset ($prep_statement);
|
||||
unset($sql, $parameters, $row);
|
||||
|
||||
//define the if group members function
|
||||
function is_group_member($group_uuid, $user_uuid) {
|
||||
global $db, $domain_uuid;
|
||||
$sql = "select * from v_user_groups ";
|
||||
$sql .= "where user_uuid = '".$user_uuid."' ";
|
||||
$sql .= "and group_uuid = '".$group_uuid."' ";
|
||||
$sql .= "and domain_uuid = '".(($domain_uuid != '') ? $domain_uuid : $_SESSION['domain_uuid'])."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
if (count($prep_statement->fetchAll(PDO::FETCH_NAMED)) == 0) { return true; } else { return false; }
|
||||
unset ($sql, $prep_statement);
|
||||
global $domain_uuid;
|
||||
$sql = "select count(*) from v_user_groups ";
|
||||
$sql .= "where user_uuid = :user_uuid ";
|
||||
$sql .= "and group_uuid = :group_uuid ";
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$parameters['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : $_SESSION['domain_uuid'];
|
||||
$database = new database;
|
||||
$num_rows = $database->select($sql, $parameters, 'column');
|
||||
return $num_rows == 0 ? true : false;
|
||||
unset($sql, $parameters, $num_rows);
|
||||
}
|
||||
//$exampledatareturned = example("apples", 1);
|
||||
|
||||
//get the the users array
|
||||
if (permission_exists('group_member_add')) {
|
||||
$sql = "select * from v_users where ";
|
||||
if ($domain_uuid != '') {
|
||||
$sql .= "domain_uuid = '".$domain_uuid."' ";
|
||||
}
|
||||
else {
|
||||
$sql .= "domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
||||
}
|
||||
$sql .= "domain_uuid = :domain_uuid ";
|
||||
$sql .= "order by username ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$users = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
$parameters['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : $_SESSION['domain_uuid'];
|
||||
$database = new database;
|
||||
$users = $database->select($sql, $parameters, 'all');
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
|
||||
//get the groups users
|
||||
|
|
@ -96,17 +94,20 @@
|
|||
$sql .= "from v_user_groups as ug, v_users as u, v_domains as d ";
|
||||
$sql .= "where ug.user_uuid = u.user_uuid ";
|
||||
$sql .= "and ug.domain_uuid = d.domain_uuid ";
|
||||
if ($domain_uuid != '') {
|
||||
$sql .= "and ug.domain_uuid = '".$domain_uuid."' ";
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$sql .= "and ug.domain_uuid = :domain_uuid_ug ";
|
||||
$parameters['domain_uuid_ug'] = $domain_uuid;
|
||||
}
|
||||
if (!permission_exists('user_all')) {
|
||||
$sql .= "and u.domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
||||
$sql .= "and u.domain_uuid = :domain_uuid_u ";
|
||||
$parameters['domain_uuid_u'] = $_SESSION['domain_uuid'];
|
||||
}
|
||||
$sql .= "and ug.group_uuid = '".$group_uuid."' ";
|
||||
$sql .= "and ug.group_uuid = :group_uuid ";
|
||||
$sql .= "order by d.domain_name asc, u.username asc ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
unset($sql, $parameters);
|
||||
|
||||
//include the header
|
||||
require_once "resources/header.php";
|
||||
|
|
@ -158,27 +159,29 @@
|
|||
$echo .= "</tr>\n";
|
||||
|
||||
$count = 0;
|
||||
foreach ($result as &$row) {
|
||||
$username = $row["username"];
|
||||
$user_uuid = $row["user_uuid"];
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$group_uuid = $row["group_uuid"];
|
||||
$echo .= "<tr>";
|
||||
if (permission_exists('user_all')) {
|
||||
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$_SESSION['domains'][$domain_uuid]['domain_name']."</td>\n";
|
||||
}
|
||||
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$username."</td>\n";
|
||||
$echo .= "<td class='list_control_icons' style='width: 25px;'>";
|
||||
if (permission_exists('group_member_delete')) {
|
||||
$echo .= "<a href='groupmemberdelete.php?user_uuid=".$user_uuid."&group_name=".$group_name."&group_uuid=".$group_uuid."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
|
||||
}
|
||||
$echo .= "</td>\n";
|
||||
$echo .= "</tr>\n";
|
||||
if (is_array($result) && sizeof($result) != 0) {
|
||||
foreach ($result as &$row) {
|
||||
$username = $row["username"];
|
||||
$user_uuid = $row["user_uuid"];
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$group_uuid = $row["group_uuid"];
|
||||
$echo .= "<tr>";
|
||||
if (permission_exists('user_all')) {
|
||||
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$_SESSION['domains'][$domain_uuid]['domain_name']."</td>\n";
|
||||
}
|
||||
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$username."</td>\n";
|
||||
$echo .= "<td class='list_control_icons' style='width: 25px;'>";
|
||||
if (permission_exists('group_member_delete')) {
|
||||
$echo .= "<a href='groupmemberdelete.php?user_uuid=".$user_uuid."&group_name=".$group_name."&group_uuid=".$group_uuid."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
|
||||
}
|
||||
$echo .= "</td>\n";
|
||||
$echo .= "</tr>\n";
|
||||
|
||||
$c = ($c) ? 0 : 1;
|
||||
$c = ($c) ? 0 : 1;
|
||||
|
||||
$user_groups[] = $row["user_uuid"];
|
||||
$count++;
|
||||
$user_groups[] = $row["user_uuid"];
|
||||
$count++;
|
||||
}
|
||||
}
|
||||
|
||||
$echo .= "</table>\n";
|
||||
|
|
|
|||
|
|
@ -47,20 +47,24 @@
|
|||
$document['title'] = $text['title-group_manager'];
|
||||
if (isset($_REQUEST["change"])) {
|
||||
//get the values from the HTTP POST and save them as PHP variables
|
||||
$change = check_str($_REQUEST["change"]);
|
||||
$group_uuid = check_str($_REQUEST["group_uuid"]);
|
||||
$group_name = check_str($_REQUEST["group_name"]);
|
||||
$change = $_REQUEST["change"];
|
||||
$group_uuid = $_REQUEST["group_uuid"];
|
||||
$group_name = $_REQUEST["group_name"];
|
||||
|
||||
$sql = "update v_groups set group_protected = '".$change."' ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
$sql = "update v_groups set group_protected = :group_protected ";
|
||||
$sql .= "where group_uuid = :group_uuid ";
|
||||
if (!permission_exists('group_domain')) {
|
||||
$sql .= "and (";
|
||||
$sql .= " domain_uuid = '".$domain_uuid."' ";
|
||||
$sql .= " domain_uuid = :domain_uuid ";
|
||||
$sql .= " or domain_uuid is null ";
|
||||
$sql .= ") ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$parameters['group_protected'] = $change;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
|
||||
message::add($text['message-update']);
|
||||
}
|
||||
|
|
@ -68,14 +72,14 @@
|
|||
//get the groups
|
||||
$sql = "select * from v_groups ";
|
||||
if (!(permission_exists('group_all') && $_GET['show'] == 'all')) {
|
||||
$sql .= "where domain_uuid = '".$domain_uuid."' ";
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$sql .= "or domain_uuid is null ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
$sql .= "order by domain_uuid desc, group_name asc ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$groups = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
unset($sql, $prep_statement);
|
||||
$database = new database;
|
||||
$groups = $database->select($sql, $parameters, 'all');
|
||||
unset($sql, $parameters);
|
||||
//$system_groups = array('superadmin','admin','user','public','agent');
|
||||
$system_groups = array();
|
||||
|
||||
|
|
@ -83,16 +87,18 @@
|
|||
//get group counts
|
||||
$sql = "select group_uuid, count(user_uuid) as group_count from v_user_groups ";
|
||||
if (!permission_exists('user_all')) {
|
||||
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
}
|
||||
$sql .= "group by group_uuid ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as $row) {
|
||||
$group_counts[$row['group_uuid']] = $row['group_count'];
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
if (is_array($result) && sizeof($result) != 0) {
|
||||
foreach ($result as $row) {
|
||||
$group_counts[$row['group_uuid']] = $row['group_count'];
|
||||
}
|
||||
}
|
||||
unset($sql, $prep_statement, $result, $row);
|
||||
unset($sql, $parameters, $result, $row);
|
||||
|
||||
//show the content
|
||||
echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>";
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
require_once "resources/check_auth.php";
|
||||
|
||||
//check permissions
|
||||
if (permission_exists('extension_add')) {
|
||||
if (permission_exists('group_permission_add')) {
|
||||
//access granted
|
||||
}
|
||||
else {
|
||||
|
|
@ -46,76 +46,87 @@
|
|||
require_once "resources/paging.php";
|
||||
|
||||
//set the http get/post variable(s) to a php variable
|
||||
if (isset($_REQUEST["group_name"]) && isset($_REQUEST["new_group_name"])) {
|
||||
if (is_uuid($_REQUEST["id"]) && isset($_REQUEST["new_group_name"])) {
|
||||
|
||||
//get HTTP values and set as variables
|
||||
$group_name = check_str($_REQUEST["group_name"]);
|
||||
$new_group_name = check_str($_REQUEST["new_group_name"]);
|
||||
$new_group_desc = check_str($_REQUEST["new_group_desc"]);
|
||||
$group_uuid = $_REQUEST["id"];
|
||||
$new_group_name = $_REQUEST["new_group_name"];
|
||||
$new_group_desc = $_REQUEST["new_group_desc"];
|
||||
|
||||
//get the groups data
|
||||
//get the source groups data
|
||||
$sql = "select * from v_groups ";
|
||||
$sql .= "where domain_uuid = '".$domain_uuid."' ";
|
||||
$sql .= "or domain_uuid is null ";
|
||||
$sql .= "and group_name = '".$group_name."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
||||
$sql .= "and group_uuid = :group_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if (is_array($row) && sizeof($row) != 0) {
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$group_name = $row["group_name"];
|
||||
}
|
||||
unset ($prep_statement);
|
||||
unset($sql, $parameters, $row);
|
||||
|
||||
//create new group
|
||||
$group_uuid = uuid();
|
||||
$sql = "insert into v_groups ";
|
||||
$sql .= "( ";
|
||||
$sql .= "group_uuid, ";
|
||||
$sql .= "group_name, ";
|
||||
$sql .= "group_description ";
|
||||
$sql .= ") ";
|
||||
$sql .= "values ";
|
||||
$sql .= "( ";
|
||||
$sql .= "'".$group_uuid."', ";
|
||||
$sql .= "'".$new_group_name."', ";
|
||||
$sql .= "'".$new_group_desc."' ";
|
||||
$sql .= ") ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
//create new target group
|
||||
$new_group_uuid = uuid();
|
||||
$array['groups'][0]['group_uuid'] = $new_group_uuid;
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$array['groups'][0]['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
$array['groups'][0]['group_name'] = $new_group_name;
|
||||
$array['groups'][0]['group_description'] = $new_group_desc;
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
//get the group permissions data
|
||||
//get the source group permissions data
|
||||
$sql = "select * from v_group_permissions ";
|
||||
$sql .= "where group_name = '".$group_name."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$permission_name = $row["permission_name"];
|
||||
$group_name = $row["group_name"];
|
||||
$sql .= "where group_name = :group_name ";
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
else {
|
||||
$sql .= "and domain_uuid is null ";
|
||||
}
|
||||
$parameters['group_name'] = $group_name;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
unset($sql, $parameters);
|
||||
|
||||
//copy the group permissions
|
||||
$group_permission_uuid = uuid();
|
||||
$sql = "insert into v_group_permissions ";
|
||||
$sql .= "( ";
|
||||
$sql .= "group_permission_uuid, ";
|
||||
$sql .= "permission_name, ";
|
||||
$sql .= "group_name ";
|
||||
$sql .= ") ";
|
||||
$sql .= "values ";
|
||||
$sql .= "( ";
|
||||
$sql .= "'".$group_permission_uuid."', ";
|
||||
$sql .= "'".$permission_name."', ";
|
||||
$sql .= "'".$new_group_name."' ";
|
||||
$sql .= ") ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
if (is_array($result) && sizeof($result) != 0) {
|
||||
foreach ($result as $index => &$row) {
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$permission_name = $row["permission_name"];
|
||||
$group_name = $row["group_name"];
|
||||
|
||||
//copy the group permissions
|
||||
$array['group_permissions'][$index]['group_permission_uuid'] = uuid();
|
||||
if (is_uuid($domain_uuid)) {
|
||||
$array['group_permissions'][$index]['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
$array['group_permissions'][$index]['permission_name'] = $permission_name;
|
||||
$array['group_permissions'][$index]['group_name'] = $new_group_name;
|
||||
$array['group_permissions'][$index]['group_uuid'] = $new_group_uuid;
|
||||
}
|
||||
if (is_array($array) && sizeof($array) != 0) {
|
||||
$p = new permissions;
|
||||
$p->add('group_permission_add', 'temp');
|
||||
|
||||
$database = new database;
|
||||
$database->app_name = 'groups';
|
||||
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
|
||||
$database->save($array);
|
||||
unset($array);
|
||||
|
||||
$p->delete('group_permission_add', 'temp');
|
||||
|
||||
message::add($text['message-copy']);
|
||||
}
|
||||
}
|
||||
unset ($prep_statement);
|
||||
|
||||
//redirect the user
|
||||
message::add($text['message-copy']);
|
||||
}
|
||||
|
||||
//redirect
|
||||
|
|
|
|||
Loading…
Reference in New Issue