Portions created by the Initial Developer are Copyright (C) 2008-2014 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ require_once "root.php"; require_once "resources/require.php"; //check permisions require_once "resources/check_auth.php"; if (permission_exists('group_permissions') || if_group("superadmin")) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //include the header $document['title'] = $text['title-group_permissions']; require_once "resources/header.php"; //include paging require_once "resources/paging.php"; //get the list of installed apps from the core and mod directories $config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php"); $x=0; foreach ($config_list as &$config_path) { include($config_path); $x++; } //if there are no permissions listed in v_group_permissions then set the default permissions $sql = "select count(*) as count from v_group_permissions "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $group_permission_count = $row["count"]; break; //limit to 1 row } unset ($prep_statement); if ($group_permission_count == 0) { //no permissions found add the defaults foreach($apps as $app) { foreach ($app['permissions'] as $row) { foreach ($row['groups'] as $group) { //add the record $sql = "insert into v_group_permissions "; $sql .= "("; $sql .= "group_permission_uuid, "; $sql .= "permission_name, "; $sql .= "group_name "; $sql .= ")"; $sql .= "values "; $sql .= "("; $sql .= "'".uuid()."', "; $sql .= "'".$row['name']."', "; $sql .= "'".$group."' "; $sql .= ")"; $db->exec(check_sql($sql)); unset($sql); } } } } //get the group uuid, lookup domain uuid (if any) and name $group_uuid = check_str($_REQUEST['group_uuid']); $sql = "select domain_uuid, group_name from v_groups "; $sql .= "where group_uuid = '".$group_uuid."' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $domain_uuid = $row["domain_uuid"]; $group_name = $row["group_name"]; break; //limit to 1 row } unset ($prep_statement); //get the permissions assigned to this group $sql = " select * from v_group_permissions "; $sql .= "where group_name = '$group_name' "; $sql .= "and domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null "); $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $permission_name = $row["permission_name"]; $permissions_db[$permission_name] = "true"; } //show the db checklist //echo "

";
	//print_r($permissions_db);
	//echo "

"; //list all the permissions in the database foreach($apps as $app) { foreach ($app['permissions'] as $row) { if ($permissions_db[$row['name']] == "true") { $permissions_db_checklist[$row['name']] = "true"; } else { $permissions_db_checklist[$row['name']] = "false"; } } } //show the db checklist //echo "

";
	//print_r($permissions_db_checklist);
	//echo "

"; //process the http post if (count($_POST)>0) { foreach($_POST['permissions_form'] as $permission) { $permissions_form[$permission] = "true"; } //list all the permissions foreach($apps as $app) { foreach ($app['permissions'] as $row) { if ($permissions_form[$row['name']] == "true") { $permissions_form_checklist[$row['name']] = "true"; } else { $permissions_form_checklist[$row['name']] = "false"; } } } //show the form db checklist //echo "

";
			//print_r($permissions_form_checklist);
			//echo "

"; //list all the permissions foreach($apps as $app) { foreach ($app['permissions'] as $row) { $permission = $row['name']; if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") { //matched do nothing } if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") { //matched do nothing } if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") { //delete the record $sql = "delete from v_group_permissions "; $sql .= "where group_name = '$group_name' "; $sql .= "and permission_name = '$permission' "; $db->exec(check_sql($sql)); unset($sql); foreach($apps as $app) { foreach ($app['permissions'] as $row) { if ($row['name'] == $permission) { $sql = "delete from v_menu_item_groups "; $sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' "; $sql .= "and group_name = '$group_name' "; $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; $db->exec(check_sql($sql)); unset($sql); $sql = " select menu_item_parent_uuid from v_menu_items "; $sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' "; $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $menu_item_parent_uuid = $row["menu_item_parent_uuid"]; } unset ($prep_statement); $sql = " select * from v_menu_items as i, v_menu_item_groups as g "; $sql .= "where i.menu_item_uuid = g.menu_item_uuid "; $sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; $sql .= "and i.menu_item_parent_uuid = '$menu_item_parent_uuid' "; $sql .= "and g.group_name = '$group_name' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $result_count = count($result); if ($result_count == 0) { $sql = "delete from v_menu_item_groups "; $sql .= "where menu_item_uuid = '$menu_item_parent_uuid' "; $sql .= "and group_name = '$group_name' "; $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; $db->exec(check_sql($sql)); unset($sql); } unset ($prep_statement); } } } //set the permission to false in the permissions_db_checklist $permissions_db_checklist[$permission] = "false"; } if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") { //add the record $sql = "insert into v_group_permissions "; $sql .= "("; $sql .= "group_permission_uuid, "; if ($domain_uuid != '') { $sql .= "domain_uuid, "; } $sql .= "permission_name, "; $sql .= "group_name "; $sql .= ")"; $sql .= "values "; $sql .= "("; $sql .= "'".uuid()."', "; if ($domain_uuid != '') { $sql .= "'".$domain_uuid."', "; } $sql .= "'$permission', "; $sql .= "'$group_name' "; $sql .= ")"; $db->exec(check_sql($sql)); unset($sql); foreach($apps as $app) { foreach ($app['permissions'] as $row) { if ($row['name'] == $permission) { $sql = "insert into v_menu_item_groups "; $sql .= "("; $sql .= "menu_uuid, "; $sql .= "menu_item_uuid, "; $sql .= "group_name "; $sql .= ")"; $sql .= "values "; $sql .= "("; $sql .= "'b4750c3f-2a86-b00d-b7d0-345c14eca286', "; $sql .= "'".$row['menu']['uuid']."', "; $sql .= "'$group_name' "; $sql .= ")"; $db->exec(check_sql($sql)); unset($sql); $sql = " select menu_item_parent_uuid from v_menu_items "; $sql .= "where menu_item_uuid = '".$row['menu']['uuid']."' "; $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $menu_item_parent_uuid = $row["menu_item_parent_uuid"]; } unset ($prep_statement); $sql = " select * from v_menu_item_groups "; $sql .= "where menu_item_uuid = '$menu_item_parent_uuid' "; $sql .= "and group_name = '$group_name' "; $sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $result_count = count($result); if ($result_count == 0) { $sql = "insert into v_menu_item_groups "; $sql .= "("; $sql .= "menu_uuid, "; $sql .= "menu_item_uuid, "; $sql .= "group_name "; $sql .= ")"; $sql .= "values "; $sql .= "("; $sql .= "'b4750c3f-2a86-b00d-b7d0-345c14eca286', "; $sql .= "'$menu_item_parent_uuid', "; $sql .= "'$group_name' "; $sql .= ")"; $db->exec(check_sql($sql)); unset($sql); } unset ($prep_statement); } } } //set the permission to true in the permissions_db_checklist $permissions_db_checklist[$permission] = "true"; } } } $_SESSION["message"] = $text['message-update']; header("Location: groups.php"); return; } //copy group javascript echo "\n"; //show the content echo "

\n"; echo "\n"; echo "\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "

"; echo " ".$text['header-group_permissions'].$group_name.""; echo " "; echo "	\n"; echo " "; echo " "; echo " \n"; echo "
\n"; echo " ".$text['description-group_permissions']."\n"; echo "

\n"; echo "

\n"; $c = 0; $row_style["0"] = "row_style0"; $row_style["1"] = "row_style1"; //list all the permissions foreach($apps as $app_index => $app) { $app_name = $app['name']; $description = $app['description']['en-us']; echo "".$app_name."
\n"; if ($description != '') { echo $description."
\n"; } echo "
"; echo "\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; foreach ($app['permissions'] as $permission_index => $row) { $checked = ($permissions_db_checklist[$row['name']] == "true") ? "checked='checked'" : null; echo "\n"; echo " \n"; echo " \n"; echo " \n"; echo "\n"; $c = ($c == 0) ? 1 : 0; $app_permissions[$app_index][] = "perm_".$app_index."_".$permission_index; } echo " \n"; echo " \n"; echo " \n"; echo "

	".$text['label-permission_permissions']."	".$text['label-permission_description']."
	".$row['name']."	".$row['description']."

"; echo "
\n"; } //end foreach echo "
"; unset($sql, $result, $row_count); echo "\n"; echo "

\n"; //show the footer require_once "resources/footer.php"; ?>