add management of roles

2024-11-26 15:32:13 +00:00 · 2016-02-24 14:36:59 +01:00 · 2016-02-24 14:36:59 +01:00 · 3d76792239
commit 3d76792239
parent 49be0485c5
3 changed files with 371 additions and 0 deletions
--- a/op/op.RoleMgr.php
+++ b/op/op.RoleMgr.php
@ -0,0 +1,132 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//    Copyright (C) 2010-2012 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.LogInit.php");
+include("../inc/inc.Utils.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.Authentication.php");
+include("../inc/inc.ClassPasswordStrength.php");
+
+if (!$user->isAdmin()) {
+	UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
+}
+
+if (isset($_POST["action"])) $action=$_POST["action"];
+else $action=NULL;
+
+// add new role ---------------------------------------------------------
+if ($action == "addrole") {
+	
+	/* Check if the form data comes for a trusted request */
+	if(!checkFormKey('addrole')) {
+		UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
+	}
+
+	$name    = $_POST["name"];
+	$role    = preg_replace('/[^0-2]+/', '', $_POST["role"]);
+
+	if (is_object($dms->getRoleByName($name))) {
+		UI::exitError(getMLText("admin_tools"),getMLText("role_exists"));
+	}
+
+	$newRole = $dms->addRole($name, $role);
+	if ($newRole) {
+	}
+	else UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
+	
+	$roleid=$newRole->getID();
+	
+	$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_add_role')));
+
+	add_log_line(".php&action=addrole&name=".$name);
+}
+
+// delete role ------------------------------------------------------------
+else if ($action == "removerole") {
+
+	/* Check if the form data comes for a trusted request */
+	if(!checkFormKey('removerole')) {
+		UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
+	}
+
+	if (isset($_POST["roleid"])) {
+		$roleid = $_POST["roleid"];
+	}
+
+	if (!isset($roleid) || !is_numeric($roleid) || intval($roleid)<1) {
+		UI::exitError(getMLText("admin_tools"),getMLText("invalid_role_id"));
+	}
+
+	$roleToRemove = $dms->getRole($roleid);
+	if (!is_object($roleToRemove)) {
+		UI::exitError(getMLText("admin_tools"),getMLText("invalid_role_id"));
+	}
+
+	if (!$roleToRemove->remove()) {
+		UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
+	}
+		
+	add_log_line(".php&action=removerole&roleid=".$roleid);
+	
+	$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_rm_role')));
+	$roleid=-1;
+}
+
+// modify role ------------------------------------------------------------
+else if ($action == "editrole") {
+
+	/* Check if the form data comes for a trusted request */
+	if(!checkFormKey('editrole')) {
+		UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
+	}
+
+	if (!isset($_POST["roleid"]) || !is_numeric($_POST["roleid"]) || intval($_POST["roleid"])<1) {
+		UI::exitError(getMLText("admin_tools"),getMLText("invalid_role_id"));
+	}
+	
+	$roleid=$_POST["roleid"];
+	$editedRole = $dms->getRole($roleid);
+	
+	if (!is_object($editedRole)) {
+		UI::exitError(getMLText("admin_tools"),getMLText("invalid_role_id"));
+	}
+
+	$name    = $_POST["name"];
+	$role    = preg_replace('/[^0-2]+/', '', $_POST["role"]);
+	
+	if ($editedRole->getName() != $name)
+		$editedRole->setName($name);
+	if ($editedRole->getRole() != $role)
+		$editedRole->setRole($role);
+
+	$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_edit_role')));
+	add_log_line(".php&action=editrole&roleid=".$roleid);
+}
+else UI::exitError(getMLText("admin_tools"),getMLText("unknown_command"));
+
+header("Location:../out/out.RoleMgr.php?roleid=".$roleid);
+
+?>
--- a/out/out.RoleMgr.php
+++ b/out/out.RoleMgr.php
@ -0,0 +1,55 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.Authentication.php");
+
+if (!$user->isAdmin()) {
+	UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
+}
+
+$users = $dms->getAllUsers($settings->_sortUsersInList);
+if (is_bool($users)) {
+	UI::exitError(getMLText("admin_tools"),getMLText("internal_error"));
+}
+
+$roles = $dms->getAllRoles();
+if (is_bool($roles)) {
+	UI::exitError(getMLText("admin_tools"),getMLText("internal_error"));
+}
+
+if(isset($_GET['roleid']) && $_GET['roleid']) {
+	$selrole = $dms->getRole($_GET['roleid']);
+} else {
+	$selrole = null;
+}
+
+$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
+$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'selrole'=>$selrole, 'allusers'=>$users, 'allroles'=>$roles));
+if($view) {
+	$view($_GET);
+}
+
+?>
--- a/views/bootstrap/class.RoleMgr.php
+++ b/views/bootstrap/class.RoleMgr.php
@ -0,0 +1,184 @@
+<?php
+/**
+ * Implementation of RoleMgr view
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2002-2005 Markus Westphal,
+ *             2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli,
+ *             2010-2012 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Include parent class
+ */
+require_once("class.Bootstrap.php");
+
+/**
+ * Class which outputs the html page for RoleMgr view
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2002-2005 Markus Westphal,
+ *             2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli,
+ *             2010-2012 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_View_RoleMgr extends SeedDMS_Bootstrap_Style {
+
+	function js() { /* {{{ */
+		$selrole = $this->params['selrole'];
+
+		header('Content-Type: application/javascript');
+?>
+function checkForm()
+{
+	msg = new Array();
+
+	if($("#name").val() == "") msg.push("<?php printMLText("js_no_name");?>");
+	if (msg != "") {
+  	noty({
+  		text: msg.join('<br />'),
+  		type: 'error',
+      dismissQueue: true,
+  		layout: 'topRight',
+  		theme: 'defaultTheme',
+			_timeout: 1500,
+  	});
+		return false;
+	}
+	else
+		return true;
+}
+
+$(document).ready( function() {
+	$('body').on('submit', '#form', function(ev){
+		if(checkForm()) return;
+		event.preventDefault();
+	});
+	$( "#selector" ).change(function() {
+		$('div.ajax').trigger('update', {roleid: $(this).val()});
+	});
+});
+<?php
+	} /* }}} */
+
+	function info() { /* {{{ */
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$selrole = $this->params['selrole'];
+		$settings = $this->params['settings'];
+
+		if($selrole) {
+			$this->contentHeading(getMLText("role_info"));
+			$users = $selrole->getUsers();
+			echo "<table class=\"table table-condensed\">\n";
+			foreach($users as $cuser) {
+				echo "<tr><td>".htmlspecialchars($cuser->getFullName())."</td><td></td></tr>\n";
+			}
+			echo "</table>";
+		}
+	} /* }}} */
+
+	function form() { /* {{{ */
+		$selrole = $this->params['selrole'];
+
+		$this->showRoleForm($selrole);
+	} /* }}} */
+
+	function showRoleForm($currRole) { /* {{{ */
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$roles = $this->params['allroles'];
+
+		if($currRole && !$currRole->isUsed()) {
+?>
+			<form style="display: inline-block;" method="post" action="../op/op.RoleMgr.php" >
+				<?php echo createHiddenFieldWithKey('removerole'); ?>
+				<input type="hidden" name="roleid" value="<?php echo $currRole->getID()?>">
+				<input type="hidden" name="action" value="removerole">
+				<button type="submit" class="btn"><i class="icon-remove"></i> <?php echo getMLText("rm_role")?></button>
+			</form>
+<?php
+		}
+?>
+	<form action="../op/op.RoleMgr.php" method="post" enctype="multipart/form-data" name="form" id="form">
+<?php
+		if($currRole) {
+			echo createHiddenFieldWithKey('editrole');
+?>
+	<input type="hidden" name="roleid" id="roleid" value="<?php print $currRole->getID();?>">
+	<input type="hidden" name="action" value="editrole">
+<?php
+		} else {
+			echo createHiddenFieldWithKey('addrole');
+?>
+	<input type="hidden" id="roleid" value="0">
+	<input type="hidden" name="action" value="addrole">
+<?php
+		}
+?>
+	<table class="table-condensed">
+		<tr>
+			<td><?php printMLText("role_name");?>:</td>
+			<td><input type="text" name="name" id="name" value="<?php print $currRole ? htmlspecialchars($currRole->getName()) : "";?>"></td>
+		</tr>
+		<tr>
+			<td><?php printMLText("role");?>:</td>
+			<td><select name="role"><option value="<?php echo SeedDMS_Core_Role::role_user ?>"><?php printMLText("role_user"); ?></option><option value="<?php echo SeedDMS_Core_Role::role_admin ?>" <?php if($currRole && $currRole->getRole() == SeedDMS_Core_Role::role_admin) echo "selected"; ?>><?php printMLText("role_admin"); ?></option><option value="<?php echo SeedDMS_Core_Role::role_guest ?>" <?php if($currRole && $currRole->getRole() == SeedDMS_Core_Role::role_guest) echo "selected"; ?>><?php printMLText("role_guest"); ?></option></select></td>
+		</tr>
+		<tr>
+			<td></td>
+			<td><button type="submit" class="btn"><i class="icon-save"></i> <?php printMLText($currRole ? "save" : "add_role")?></button></td>
+		</tr>
+	</table>
+	</form>
+<?php
+	} /* }}} */
+
+	function show() { /* {{{ */
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$selrole = $this->params['selrole'];
+		$roles = $this->params['allroles'];
+
+		$this->htmlStartPage(getMLText("admin_tools"));
+		$this->globalNavigation();
+		$this->contentStart();
+		$this->pageNavigation(getMLText("admin_tools"), "admin_tools");
+
+		$this->contentHeading(getMLText("role_management"));
+?>
+<div class="row-fluid">
+<div class="span4">
+<div class="well">
+<?php echo getMLText("selection")?>:
+<select class="chzn-select" id="selector">
+<option value="-1"><?php echo getMLText("choose_role")?>
+<option value="0"><?php echo getMLText("add_role")?>
+<?php
+		foreach ($roles as $currRole) {
+			print "<option value=\"".$currRole->getID()."\" ".($selrole && $currRole->getID()==$selrole->getID() ? 'selected' : '').">" . htmlspecialchars($currRole->getName());
+		}
+?>
+</select>
+</div>
+<div class="ajax" data-view="RoleMgr" data-action="info" <?php echo ($selrole ? "data-query=\"roleid=".$selrole->getID()."\"" : "") ?>></div>
+</div>
+
+<div class="span8">
+	<div class="well">
+		<div class="ajax" data-view="RoleMgr" data-action="form" <?php echo ($selrole ? "data-query=\"roleid=".$selrole->getID()."\"" : "") ?>></div>
+	</div>
+</div>
+
+<?php
+		$this->htmlEndPage();
+	} /* }}} */
+}
+?>