diff --git a/app/access_controls/access_control_edit.php b/app/access_controls/access_control_edit.php index e481bfb78c..6458122c90 100644 --- a/app/access_controls/access_control_edit.php +++ b/app/access_controls/access_control_edit.php @@ -171,24 +171,27 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; //show the content - echo "
\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; + echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'collapse'=>'hide-xs']); + echo " \n"; + echo "
\n"; + echo "\n"; + + echo "
".$text['title-access_control']."

\n"; - echo " "; - if ($action == 'update' && permission_exists('access_control_delete')) { - echo button::create(['type'=>'submit','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'action','value'=>'delete','onclick'=>"if (confirm('".$text['confirm-delete']."')) { document.getElementById('frm').submit(); } else { this.blur(); return false; }",'style'=>'margin-right: 15px;']); + echo "\n"; + + echo "
\n"; + echo "
".$text['title-access_control']."
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'style'=>'margin-right: 15px;','collapse'=>'hide-xs','link'=>'access_controls.php']); + if ($action == 'update' && permission_exists('access_control_delete')) { + echo button::create(['type'=>'submit','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'action','value'=>'delete','collapse'=>'hide-xs','onclick'=>"if (confirm('".$text['confirm-delete']."')) { document.getElementById('frm').submit(); } else { this.blur(); return false; }",'style'=>'margin-right: 15px;']); } - echo " "; - echo "
\n"; echo "\n"; - echo "\n"; - echo "\n"; echo "\n"; - echo " \n"; - echo " \n"; - echo " "; + echo "
\n"; + echo "\n"; echo " ".$text['label-access_control_name']."\n"; echo "\n"; + echo "\n"; echo " \n"; echo "
\n"; echo $text['description-access_control_name']."\n"; @@ -229,18 +232,17 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { echo $text['description-access_control_description']."\n"; echo "
\n"; - if ($action == "update") { - echo " \n"; - } - echo " \n"; - echo "
"; - echo "
"; echo "

"; + if ($action == "update") { + echo "\n"; + } + echo "\n"; + + echo ""; + if ($action == "update") { require "access_control_nodes.php"; echo "

"; diff --git a/app/access_controls/access_control_node_edit.php b/app/access_controls/access_control_node_edit.php index a40910cc4c..5b3f9eea5b 100644 --- a/app/access_controls/access_control_node_edit.php +++ b/app/access_controls/access_control_node_edit.php @@ -192,21 +192,24 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; //show the content - echo "
\n"; + echo "\n"; + + echo "
\n"; + echo "
".$text['title-access_control_node']."
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'style'=>'margin-right: 15px;','link'=>'access_control_edit.php?id='.urlencode($access_control_uuid)]); + echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save']]); + echo "
\n"; + echo "
\n"; + echo "
\n"; + echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; echo "\n"; - echo "\n"; - echo "\n"; echo "\n"; - echo " \n"; - echo " \n"; - echo " "; + echo "
".$text['title-access_control_node']."

\n"; - echo " "; - echo " "; - echo "
\n"; + echo "\n"; echo " ".$text['label-node_type']."\n"; echo "\n"; + echo "\n"; echo "
\n"; - echo " \n"; - if ($action == "update") { - echo " \n"; - } - echo " \n"; - echo "
\n"; - echo "
"; - echo "
"; echo "

"; + echo "\n"; + if ($action == "update") { + echo "\n"; + } + echo "\n"; + + echo ""; + //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/app/access_controls/access_control_nodes.php b/app/access_controls/access_control_nodes.php index cfe827253a..149367b3ad 100644 --- a/app/access_controls/access_control_nodes.php +++ b/app/access_controls/access_control_nodes.php @@ -23,6 +23,7 @@ require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; + require_once "resources/paging.php"; //check permissions if (!permission_exists('access_control_node_view')) { @@ -30,6 +31,29 @@ exit; } +//get the http post data + if ($_POST['action'] != '') { + $action = $_POST['action']; + $access_control_uuid = $_POST['access_control_uuid']; + $access_control_nodes = $_POST['access_control_nodes']; + + //process the http post data by action + if (is_array($access_control_nodes) && @sizeof($access_control_nodes) != 0) { + switch ($action) { + case 'delete': + if (permission_exists('access_control_node_delete')) { + $obj = new access_controls; + $obj->delete_nodes($access_control_nodes); + } + break; + } + } + + //redirect + header('Location: access_control_edit.php?id='.urlencode($access_control_uuid)); + exit; + } + //add multi-lingual support $language = new text; $text = $language->get(); @@ -38,18 +62,6 @@ $order_by = $_GET["order_by"]; $order = $_GET["order"]; -//additional includes - require_once "resources/header.php"; - require_once "resources/paging.php"; - -//show the content - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
".$text['title-access_control_nodes']." 
\n"; - //prepare to page the results $sql = "select count(*) from v_access_control_nodes "; $sql .= "where access_control_uuid = :access_control_uuid "; @@ -63,7 +75,7 @@ if (isset($_GET['page'])) { $page = $_GET['page']; if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } - list($paging_controls, $rows_per_page, $var3) = paging($num_rows, $param, $rows_per_page); + list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); $offset = $rows_per_page * $page; } @@ -76,62 +88,107 @@ $database = new database; $access_control_nodes = $database->select($sql, $parameters); -//set the row styles - $c = 0; - $row_style["0"] = "row_style0"; - $row_style["1"] = "row_style1"; +//create token + $object = new token; + $token = $object->create('/app/access_controls/access_control_nodes.php'); -//show the nodes - echo "\n"; - echo "\n"; +//show the content + echo "\n"; + echo "\n"; + echo "\n"; + + echo "
\n"; + echo "
".$text['title-access_control_nodes']." (".$num_rows.")
\n"; + echo "
\n"; + echo button::create(['type'=>'button','id'=>'action_bar_sub_button_back','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'collapse'=>'hide-xs','style'=>'margin-right: 15px; display: none;','link'=>'access_controls.php']); + if (permission_exists('access_control_node_add')) { + echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'collapse'=>'hide-xs','link'=>'access_control_node_edit.php?access_control_uuid='.urlencode($_GET['id'])]); + } + if (permission_exists('access_control_node_delete') && $access_control_nodes) { + echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'collapse'=>'hide-xs','onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]); + } + echo "
\n"; + echo "
\n"; + echo "
\n"; + + echo "
\n"; + echo "\n"; + if (permission_exists('access_control_node_delete')) { + echo " \n"; + } echo th_order_by('node_type', $text['label-node_type'], $order_by, $order); echo th_order_by('node_cidr', $text['label-node_cidr'], $order_by, $order); echo th_order_by('node_domain', $text['label-node_domain'], $order_by, $order); - echo th_order_by('node_description', $text['label-node_description'], $order_by, $order); - echo "\n"; } - else { - echo " \n"; - } - echo "\n"; - echo "\n"; + echo "\n"; - if (is_array($access_control_nodes)) { - foreach($access_control_nodes as $row) { + if (is_array($access_control_nodes) && @sizeof($access_control_nodes) != 0) { + $x = 0; + foreach ($access_control_nodes as $row) { if (permission_exists('access_control_node_edit')) { - $tr_link = "href='access_control_node_edit.php?access_control_uuid=".urlencode($row['access_control_uuid'])."&id=".urlencode($row['access_control_node_uuid'])."'"; - } - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; if (permission_exists('access_control_node_delete')) { - echo "$v_link_label_delete"; + echo " \n"; + } + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + if (permission_exists('access_control_node_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + echo " \n"; + } echo "\n"; - $c = $c == 1 ? 0 : 1; - } //end foreach - unset($sql, $result, $row_count); - } //end if results + $x++; +// echo "$v_link_label_delete"; + } + unset($access_control_nodes); + } echo "
\n"; + echo " \n"; + echo " "; - if (permission_exists('access_control_node_add')) { - echo "$v_link_label_add"; + echo th_order_by('node_description', $text['label-node_description'], $order_by, $order, null, "class='hide-sm-dn'"); + if (permission_exists('access_control_node_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + echo "  
".escape($row['node_type'])." ".escape($row['node_cidr'])."".escape($row['node_domain'])." ".escape($row['node_description'])." "; - if (permission_exists('access_control_node_edit')) { - echo "$v_link_label_edit"; + $list_row_url = 'access_control_node_edit.php?access_control_uuid='.urlencode($row['access_control_uuid'])."&id=".urlencode($row['access_control_node_uuid']); } + echo "
\n"; + echo " \n"; + echo " \n"; + echo " ".escape($row['node_type'])." \n"; + if (permission_exists('access_control_node_edit')) { + echo " ".escape($row['node_cidr'])."\n"; + } + else { + echo " ".escape($row['node_cidr']); } echo " ".escape($row['node_domain'])." ".escape($row['node_description'])." \n"; + echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); + echo "
\n"; - if (permission_exists('access_control_node_add')) { - echo "
\n"; - echo " $v_link_label_add"; - echo "
\n"; - } echo "
\n"; - echo "
".$paging_controls."
\n"; + + echo "\n"; + echo "\n"; + +//make sub action bar sticky + echo "\n"; //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/app/access_controls/resources/classes/access_controls.php b/app/access_controls/resources/classes/access_controls.php index 1b6e7f4567..bf94c6aae8 100644 --- a/app/access_controls/resources/classes/access_controls.php +++ b/app/access_controls/resources/classes/access_controls.php @@ -26,10 +26,7 @@ if (!class_exists('access_controls')) { //assign private variables $this->app_name = 'access_controls'; $this->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd'; - $this->permission_prefix = 'access_control_'; $this->list_page = 'access_controls.php'; - $this->table = 'access_controls'; - $this->uuid_prefix = 'access_control_'; } @@ -47,6 +44,12 @@ if (!class_exists('access_controls')) { * delete records */ public function delete($records) { + + //assign private variables + $this->permission_prefix = 'access_control_'; + $this->table = 'access_controls'; + $this->uuid_prefix = 'access_control_'; + if (permission_exists($this->permission_prefix.'delete')) { //add multi-lingual support @@ -107,10 +110,75 @@ if (!class_exists('access_controls')) { } } + public function delete_nodes($records) { + + //assign private variables + $this->permission_prefix = 'access_control_node_'; + $this->table = 'access_control_nodes'; + $this->uuid_prefix = 'access_control_node_'; + + if (permission_exists($this->permission_prefix.'delete')) { + + //add multi-lingual support + $language = new text; + $text = $language->get(); + + //validate the token + $token = new token; + if (!$token->validate('/app/access_controls/access_control_nodes.php')) { + message::add($text['message-invalid_token'],'negative'); + header('Location: '.$this->list_page); + exit; + } + + //delete multiple records + if (is_array($records) && @sizeof($records) != 0) { + + //build the delete array + foreach($records as $x => $record) { + if ($record['checked'] == 'true' && is_uuid($record['uuid'])) { + $array[$this->table][$x][$this->uuid_prefix.'uuid'] = $record['uuid']; + } + } + + //delete the checked rows + if (is_array($array) && @sizeof($array) != 0) { + + //execute delete + $database = new database; + $database->app_name = $this->app_name; + $database->app_uuid = $this->app_uuid; + $database->delete($array); + unset($array); + + //clear the cache + $cache = new cache; + $cache->delete("configuration:acl.conf"); + + //create the event socket connection + $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); + if ($fp) { + event_socket_request($fp, "api reloadacl"); + } + + //set message + message::add($text['message-delete']); + } + unset($records); + } + } + } + /** * copy records */ public function copy($records) { + + //assign private variables + $this->permission_prefix = 'access_control_'; + $this->table = 'access_controls'; + $this->uuid_prefix = 'access_control_'; + if (permission_exists($this->permission_prefix.'add')) { //add multi-lingual support