4 * Copyright (c) 2003, The Burgiss Group, LLC
5 * This source code is part of eWiki LiveUser Plugin.
7 * eWiki LiveUser Plugin is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version.
12 * eWiki LiveUser Plugin is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with Wiki LiveUser Plugin; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 require_once(dirname(__FILE__).'/liveuser_aux.php');
24 // ewiki callback for perms administration page
25 $ewiki_plugins['page']['AdminPerms'] = 'ewiki_page_liveuser_admin_perms';
26 $ewiki_plugins['page']['AdminPermsReport'] = 'ewiki_page_liveuser_admin_perms';
29 * admin gui for modifying LiveUser perms
33 * @param string action
34 * @return string page output response
36 function ewiki_page_liveuser_admin_perms($id, $data, $action)
38 global $liveuserDB, $liveuserPermAdmin, $liveuserBaseRings;
42 // flip livewebRings keys to values, vice versa
43 $ringdefs = array_flip($liveuserBaseRings);
45 // check if viewing read only
46 $readonly = ($id == 'AdminPermsReport');
48 // preserve filters across forms
49 $preservePageFilter = (isset($_REQUEST['pagefilter']) ? $_REQUEST['pagefilter'] : '');
50 $preserveClassFilter = (isset($_POST['classfilter']) ? $_POST['classfilter'] : '');
51 $preserveLetterFilter = (isset($_REQUEST['letterfilter']) ? $_REQUEST['letterfilter'] : '');
53 echo ewiki_make_title($id, $id, 2);
55 $rights = $liveuserPermAdmin->getRights();
58 // Handle POSTed deletes or updates
59 foreach ($_POST as $key => $value) {
60 list($prefix, $id) = explode('_',$key,2);
62 if ($prefix == 'chk' && is_numeric($id) && $value == 'on' && isset($_POST['submit_changeperm'])) {
63 if (liveuser_removePerm($id)) {
64 echo '<p>Permission '.$id.' was successfully deleted.</p>';
66 echo '<p>Deletion of permission '.$id.' failed.</p>';
70 if ($prefix == 'ring' && is_numeric($id) && $value != '-1' && isset($_POST['submit_changeperm'])) {
71 if (liveuser_addPerm($id, $value)) {
72 echo '<p>Permission '.$id.' was successfully updated.</p>';
74 echo '<p>Update of permission '.$id.' failed.</p>';
79 // Handle POSTed new rows
80 if (!empty($_POST['pagename_text']) && !empty($_POST['right_list']) && isset($_POST['submit_addperm'])) {
81 $livewebperm = liveuser_checkPerm($_POST['pagename_text'], $_POST['right_list']);
83 if ($livewebperm === false) {
84 $livewebperm = liveuser_addPerm($_POST['pagename_text'], $_POST['ring_list'], $_POST['right_list']);
86 if ($livewebperm !== false ) {
87 echo '<p>Permission for '.$_POST['pagename_text'].' was successfully created.</p>';
89 echo '<p>Creation of permission for '.$_POST['pagename_text'].' failed.</p>';
92 echo '<p>Permission for '.$_POST['pagename_text'].' with class '.$_POST['right_list'].' already exists.</p>';
96 // Show Add a new row section
98 <form method="post" action="">
99 <h3>Add a Page Permission</h3>
100 <?=(empty($preservePageFilter) ? '' : '<input type="hidden" name="pagefilter" value="'.$preservePageFilter.'" />')?>
101 <?=(empty($preserveClassFilter) ? '' : '<input type="hidden" name="classfilter" value="'.$preserveClassFilter.'" />')?>
102 <?=(empty($preserveLetterFilter) ? '' : '<input type="hidden" name="letterfilter" value="'.$preserveLetterFilter.'" />')?>
103 <label for="pagename_text">Page Name</label>
104 <input id="pagename_text" name="pagename_text" type="text" /><br />
105 <label for="ring_list">Permission Level</label>
106 <select id="ring_list" name="ring_list">
109 foreach ($ringdefs as $key => $value) {
110 echo '<option value="'.$key.'">'.$value.'</option>';
115 <label for="right_list">Classes</label>
116 <select id="right_list" name="right_list">
119 foreach ($rights as $right) {
120 echo '<option value="'.$right['right_id'].'">'.$right['define_name'].'</option>';
125 <input type="submit" name="submit_addperm" value="Create Permission" />
130 // Show filtering form
132 <form method="post" action="<?=ewiki_script('', $data['id'])?>">
133 <h3>Filter Permissions</h3>
137 <label for="pagefilter">Page Name</label>
138 <input id="pagefilter" name="pagefilter" type="text" /><br />
141 <label for="classfilter">Class</label>
142 <select id="classfilter" name="classfilter">
143 <option value=""></option>
146 foreach ($rights as $right) {
147 echo '<option value="'.$right['right_id'].'">'.$right['define_name'].'</option>';
153 <td><input type="submit" name="submit_filterperm" value="Filter" /></td>
154 </tr><tr><td colspan="3"><label>First Letter</label>
157 foreach(range('A', 'Z') as $letter) {
158 echo '<a href="'.ewiki_script('', $data['id'], array('letterfilter' => $letter)).'">'.$letter.'</a> ';
162 <a href="<?=ewiki_script('', $data['id'], array('letterfilter' => '0-9'))?>">0-9</a>
163 <a href="<?=ewiki_script('', $data['id'], array('letterfilter' => 'other'))?>">Other</a>
164 <a href="<?=ewiki_script('', $data['id'], array('letterfilter' => 'all'))?>">All</a>
169 // Show current table listing of pages and permissions
171 SELECT '.LW_PREFIX.'_perms.id, '.LW_PREFIX.'_perms.pagename, '.LW_PREFIX.'_perms.ring, liveuser_rights.right_define_name
172 FROM '.LW_PREFIX.'_perms, liveuser_rights
173 WHERE '.LW_PREFIX.'_perms.right_id = liveuser_rights.right_id';
177 if (!empty($_REQUEST['pagefilter'])) {
178 $filter .= ' AND UPPER('.LW_PREFIX.'_perms.pagename) LIKE "%'.strtoupper($_REQUEST['pagefilter']).'%"';
181 if (!empty($_POST['classfilter'])) {
182 $filter .= ' AND '.LW_PREFIX.'_perms.right_id = '.$_POST['classfilter'];
185 if (!empty($_REQUEST['letterfilter'])) {
186 if (strlen($_REQUEST['letterfilter']) == 1 && $_REQUEST['letterfilter'] >= 'A' && $_REQUEST['letterfilter'] <= 'Z') {
187 $filter = ' AND UPPER('.LW_PREFIX.'_perms.pagename) LIKE "'.$_REQUEST['letterfilter'].'%"';
190 if ($_REQUEST['letterfilter'] == '0-9') {
191 $filter = ' AND '.LW_PREFIX.'_perms.pagename REGEXP "^[0-9]"';
194 if ($_REQUEST['letterfilter'] == 'other') {
195 $filter = ' AND '.LW_PREFIX.'_perms.pagename REGEXP "^[^0-9A-Za-z]"';
200 $query .= ' ORDER BY '.LW_PREFIX.'_perms.pagename ASC';
202 if (isset($_REQUEST['pagefilter']) || isset($_POST['classfilter']) || isset($_REQUEST['letterfilter'])) {
203 $perms = $liveuserDB->getAll($query);
205 if (is_array($perms) && !empty($perms)) {
207 // Display regular AdminPerms page
209 <form method="post" action="">
210 <?=(empty($preservePageFilter) ? '' : '<input type="hidden" name="pagefilter" value="'.$preservePageFilter.'" />')?>
211 <?=(empty($preserveClassFilter) ? '' : '<input type="hidden" name="classfilter" value="'.$preserveClassFilter.'" />')?>
212 <?=(empty($preserveLetterFilter) ? '' : '<input type="hidden" name="letterfilter" value="'.$preserveLetterFilter.'" />')?>
213 <h3>Edit Permissions</h3>
215 <tr><th>Delete</th><th>Page Name</th><th>Permission Level</th><th>Class</th></tr>
218 foreach ($perms as $perm) {
221 <td><input name="chk_<?=$perm['id']?>" type="checkbox" /></td>
222 <td><a href="<?=ewiki_script($perm['pagename'])?>"><?=$perm['pagename']?></a></td>
223 <td><select name="ring_<?=$perm['id']?>">
226 foreach ($ringdefs as $key=>$value) {
227 if ($key == $perm['ring']) {
228 echo '<option value="-1" selected>'.$value.'</option>';
230 echo '<option value="'.$key.'">'.$value.'</option>';
236 <td><?=$perm['right_define_name']?></td>
243 <input type="reset" value="Reset" />
244 <input name="submit_changeperm" type="submit" value="Submit Changes" />
248 // Display readonly AdminPermsReport page
250 <h3>View Permissions</h3>
252 <tr><th>Pagename</th><th>Perm Level</th><th>Class</th></tr>
255 foreach ($perms as $perm) {
258 <td><a href ="<?=ewiki_script($perm['pagename'])?>"><?=$perm['pagename']?></a></td>
259 <td><?=$ringdefs[$perm['ring']]?></td>
260 <td><?=$perm['right_define_name']?></td>
269 <h3><?=($readonly ? 'View' : 'Edit')?> Permissions</h3>
270 <p>No permissions were found in the database.</p>
275 $o = ob_get_contents();