summaryrefslogtreecommitdiffstats
path: root/modules-available/permissionmanager
diff options
context:
space:
mode:
authorUdo Walter2017-04-07 15:49:54 +0200
committerUdo Walter2017-04-07 15:49:54 +0200
commitd033483d3ed9e05f1109a3713ec6a3df883a1dae (patch)
tree13df2276d6c137901d87ea5daf23464e5c7bb869 /modules-available/permissionmanager
parent[permission-manager] added possibility to select all permissions (diff)
downloadslx-admin-d033483d3ed9e05f1109a3713ec6a3df883a1dae.tar.gz
slx-admin-d033483d3ed9e05f1109a3713ec6a3df883a1dae.tar.xz
slx-admin-d033483d3ed9e05f1109a3713ec6a3df883a1dae.zip
[permission-manager] renamed some files, moved html generation to templates,
using bind variables in mysql code, changed order of modules in role editor
Diffstat (limited to 'modules-available/permissionmanager')
-rw-r--r--modules-available/permissionmanager/inc/dbupdate.inc.php54
-rw-r--r--modules-available/permissionmanager/inc/getpermissiondata.inc.php (renamed from modules-available/permissionmanager/inc/getdata.inc.php)24
-rw-r--r--modules-available/permissionmanager/inc/permissiondbupdate.inc.php57
-rw-r--r--modules-available/permissionmanager/inc/permissionutil.inc.php10
-rw-r--r--modules-available/permissionmanager/install.inc.php6
-rw-r--r--modules-available/permissionmanager/page.inc.php67
-rw-r--r--modules-available/permissionmanager/templates/locationstable.html (renamed from modules-available/permissionmanager/templates/locationsTable.html)0
-rw-r--r--modules-available/permissionmanager/templates/modulepermissionbox.html11
-rw-r--r--modules-available/permissionmanager/templates/permission.html6
-rw-r--r--modules-available/permissionmanager/templates/permissiontreenode.html11
-rw-r--r--modules-available/permissionmanager/templates/roleeditor.html (renamed from modules-available/permissionmanager/templates/roleEditor.html)1
-rw-r--r--modules-available/permissionmanager/templates/rolestable.html (renamed from modules-available/permissionmanager/templates/rolesTable.html)0
-rw-r--r--modules-available/permissionmanager/templates/userstable.html (renamed from modules-available/permissionmanager/templates/usersTable.html)0
13 files changed, 136 insertions, 111 deletions
diff --git a/modules-available/permissionmanager/inc/dbupdate.inc.php b/modules-available/permissionmanager/inc/dbupdate.inc.php
deleted file mode 100644
index 1101e4f7..00000000
--- a/modules-available/permissionmanager/inc/dbupdate.inc.php
+++ /dev/null
@@ -1,54 +0,0 @@
-<?php
-
-class DbUpdate {
-
- // insert new userXrole to database. "ignore" to ignore duplicate entry try
- public static function addRoleToUser($users, $roles) {
- foreach($users AS $user) {
- foreach ($roles AS $role) {
- $query = "INSERT IGNORE INTO userXrole (userid, roleid) VALUES ($user, $role)";
- Database::exec($query);
- }
- }
- }
-
- // remove userXrole entry from database
- public static function removeRoleFromUser($users, $roles) {
- foreach($users AS $user) {
- foreach ($roles AS $role) {
- $query = "DELETE FROM userXrole WHERE userid = $user AND roleid = $role";
- Database::exec($query);
- }
- }
- }
-
- // delete role, delete userXrole relationships, delete roleXlocation relationships, delete roleXpermission relationships
- public static function deleteRole($id) {
- $query = "DELETE FROM role WHERE id = $id";
- Database::exec($query);
- $query = "DELETE FROM userXrole WHERE roleid = $id";
- Database::exec($query);
- $query = "DELETE FROM roleXlocation WHERE roleid = $id";
- Database::exec($query);
- $query = "DELETE FROM roleXpermission WHERE roleid = $id";
- Database::exec($query);
- }
-
- public static function saveRole($roleName, $locations, $permissions, $role = NULL) {
- if ($role) {
- Database::exec("UPDATE role SET name = '$roleName' WHERE id = $role");
- Database::exec("DELETE FROM roleXlocation WHERE roleid = $role");
- Database::exec("DELETE FROM roleXpermission WHERE roleid = $role");
- } else {
- Database::exec("INSERT INTO role (name) VALUES ('$roleName')");
- $role = Database::lastInsertId();
- }
- foreach ($locations as $locID) {
- Database::exec("INSERT INTO roleXlocation (roleid, locid) VALUES ($role, $locID)");
- }
- foreach ($permissions as $permission) {
- Database::exec("INSERT INTO roleXpermission (roleid, permissionid) VALUES ($role, '$permission')");
- }
- }
-
-}
diff --git a/modules-available/permissionmanager/inc/getdata.inc.php b/modules-available/permissionmanager/inc/getpermissiondata.inc.php
index caa50215..be7ddb1c 100644
--- a/modules-available/permissionmanager/inc/getdata.inc.php
+++ b/modules-available/permissionmanager/inc/getpermissiondata.inc.php
@@ -1,6 +1,6 @@
<?php
-class GetData {
+class GetPermissionData {
// get UserIDs, User Login Names, User Roles
public static function getUserData() {
@@ -53,17 +53,17 @@ class GetData {
return $data;
}
- public static function getRoleData($roleID) {
- $query = "SELECT id, name FROM role WHERE id = $roleID";
- $data = Database::queryFirst($query);
- $query = "SELECT roleid, locid FROM roleXlocation WHERE roleid = $roleID";
- $res = Database::simpleQuery($query);
+ public static function getRoleData($roleId) {
+ $query = "SELECT id, name FROM role WHERE id = :roleId";
+ $data = Database::queryFirst($query, array("roleId" => $roleId));
+ $query = "SELECT roleid, locid FROM role_x_location WHERE roleid = :roleId";
+ $res = Database::simpleQuery($query, array("roleId" => $roleId));
$data["locations"] = array();
while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
$data["locations"][] = $row['locid'];
}
- $query = "SELECT roleid, permissionid FROM roleXpermission WHERE roleid = $roleID";
- $res = Database::simpleQuery($query);
+ $query = "SELECT roleid, permissionid FROM role_x_permission WHERE roleid = :roleId";
+ $res = Database::simpleQuery($query, array("roleId" => $roleId));
$data["permissions"] = array();
while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
$data["permissions"][] = $row['permissionid'];
@@ -75,8 +75,8 @@ class GetData {
private static function queryUserData() {
$res = Database::simpleQuery("SELECT user.userid AS userid, user.login AS login, GROUP_CONCAT(role.name ORDER BY role.name ASC) AS role
FROM user
- LEFT JOIN userXrole ON user.userid = userXrole.userid
- LEFT JOIN role ON userXrole.roleid = role.id
+ LEFT JOIN user_x_role ON user.userid = user_x_role.userid
+ LEFT JOIN role ON user_x_role.roleid = role.id
GROUP BY user.userid
");
return $res;
@@ -86,8 +86,8 @@ class GetData {
private static function queryLocationData() {
$res = Database::simpleQuery("SELECT location.locationid AS locid, location.locationname AS locname, GROUP_CONCAT(role.name ORDER BY role.name ASC) AS role
FROM location
- LEFT JOIN roleXlocation ON location.locationid = roleXlocation.locid
- LEFT JOIN role ON roleXlocation.roleid = role.id
+ LEFT JOIN role_x_location ON location.locationid = role_x_location.locid
+ LEFT JOIN role ON role_x_location.roleid = role.id
GROUP BY location.locationid
ORDER BY location.locationname
");
diff --git a/modules-available/permissionmanager/inc/permissiondbupdate.inc.php b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php
new file mode 100644
index 00000000..87c989fa
--- /dev/null
+++ b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php
@@ -0,0 +1,57 @@
+<?php
+
+class PermissionDbUpdate {
+
+ // insert new user_x_role to database. "ignore" to ignore duplicate entry try
+ public static function addRoleToUser($users, $roles) {
+ foreach($users AS $user) {
+ foreach ($roles AS $role) {
+ $query = "INSERT IGNORE INTO user_x_role (userid, roleid) VALUES (:user, :role)";
+ Database::exec($query, array("user" => $user, "role" => $role));
+ }
+ }
+ }
+
+ // remove user_x_role entry from database
+ public static function removeRoleFromUser($users, $roles) {
+ foreach($users AS $user) {
+ foreach ($roles AS $role) {
+ $query = "DELETE FROM user_x_role WHERE userid = :user AND roleid = :role";
+ Database::exec($query, array("user" => $user, "role" => $role));
+ }
+ }
+ }
+
+ // delete role, delete user_x_role relationships, delete role_x_location relationships, delete role_x_permission relationships
+ public static function deleteRole($id) {
+ $query = "DELETE FROM role WHERE id = :id";
+ Database::exec($query, array("id" => $id));
+ $query = "DELETE FROM user_x_role WHERE roleid = :id";
+ Database::exec($query, array("id" => $id));
+ $query = "DELETE FROM role_x_location WHERE roleid = :id";
+ Database::exec($query, array("id" => $id));
+ $query = "DELETE FROM role_x_permission WHERE roleid = :id";
+ Database::exec($query, array("id" => $id));
+ }
+
+ public static function saveRole($roleName, $locations, $permissions, $role = NULL) {
+ if ($role) {
+ Database::exec("UPDATE role SET name = :roleName WHERE id = :role",
+ array("roleName" => $roleName, "role" => $role));
+ Database::exec("DELETE FROM role_x_location WHERE roleid = :role", array("role" => $role));
+ Database::exec("DELETE FROM role_x_permission WHERE roleid = :role", array("role" => $role));
+ } else {
+ Database::exec("INSERT INTO role (name) VALUES (:roleName)", array("roleName" => $roleName));
+ $role = Database::lastInsertId();
+ }
+ foreach ($locations as $locID) {
+ Database::exec("INSERT INTO role_x_location (roleid, locid) VALUES (:role, :locid)",
+ array("role" => $role, "locid" => $locID));
+ }
+ foreach ($permissions as $permission) {
+ Database::exec("INSERT INTO role_x_permission (roleid, permissionid) VALUES (:role, :permission)",
+ array("role" => $role, "permission" => $permission));
+ }
+ }
+
+}
diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php
index 10f2a61a..d6adf2bf 100644
--- a/modules-available/permissionmanager/inc/permissionutil.inc.php
+++ b/modules-available/permissionmanager/inc/permissionutil.inc.php
@@ -16,10 +16,18 @@ class PermissionUtil
$permissions = self::putInPermissionTree($out[1].".".$k, $v, $permissions);
}
}
+ ksort($permissions);
+ global $MENU_CAT_OVERRIDE;
+ $sortingOrder = $MENU_CAT_OVERRIDE;
+ foreach ($permissions as $module => $v) $sortingOrder[Module::get($module)->getCategory()][] = $module;
+ $permissions = array_replace(array_flip(call_user_func_array('array_merge', $sortingOrder)), $permissions);
+ foreach ($permissions as $module => $v) if (is_int($v)) unset($permissions[$module]);
+
+
return $permissions;
}
- private function putInPermissionTree($permission, $description, $tree)
+ private static function putInPermissionTree($permission, $description, $tree)
{
$subPermissions = explode('.', $permission);
$original =& $tree;
diff --git a/modules-available/permissionmanager/install.inc.php b/modules-available/permissionmanager/install.inc.php
index 2d408f38..8c882498 100644
--- a/modules-available/permissionmanager/install.inc.php
+++ b/modules-available/permissionmanager/install.inc.php
@@ -8,19 +8,19 @@ $res[] = tableCreate('role', "
PRIMARY KEY (`id`)
");
-$res[] = tableCreate('userXrole', "
+$res[] = tableCreate('user_x_role', "
`userid` int(10) unsigned NOT NULL,
`roleid` int(10) unsigned NOT NULL,
PRIMARY KEY (`userid`, `roleid`)
");
-$res[] = tableCreate('roleXlocation', "
+$res[] = tableCreate('role_x_location', "
`roleid` int(10) unsigned NOT NULL,
`locid` int(10) unsigned NOT NULL,
PRIMARY KEY (`roleid`, `locid`)
");
-$res[] = tableCreate('roleXpermission', "
+$res[] = tableCreate('role_x_permission', "
`roleid` int(10) unsigned NOT NULL,
`permissionid` varchar(200) NOT NULL,
PRIMARY KEY (`roleid`, `permissionid`)
diff --git a/modules-available/permissionmanager/page.inc.php b/modules-available/permissionmanager/page.inc.php
index 15d2fb73..3c72cfe4 100644
--- a/modules-available/permissionmanager/page.inc.php
+++ b/modules-available/permissionmanager/page.inc.php
@@ -19,20 +19,20 @@ class Page_PermissionManager extends Page
if ($action === 'addRoleToUser') {
$users = Request::post('users', '');
$roles = Request::post('roles', '');
- DbUpdate::addRoleToUser($users, $roles);
+ PermissionDbUpdate::addRoleToUser($users, $roles);
} elseif ($action === 'removeRoleFromUser') {
$users = Request::post('users', '');
$roles = Request::post('roles', '');
- DbUpdate::removeRoleFromUser($users, $roles);
+ PermissionDbUpdate::removeRoleFromUser($users, $roles);
} elseif ($action === 'deleteRole') {
$id = Request::post('deleteId', false, 'string');
- DbUpdate::deleteRole($id);
+ PermissionDbUpdate::deleteRole($id);
} elseif ($action === 'saveRole') {
$roleID = Request::post("roleid", false);
$roleName = Request::post("roleName");
$locations = Request::post("allLocations", "off") == "on" ? array(0) : Request::post("locations");
$permissions = Request::post("allPermissions", "off") == "on" ? array("*") : Request::post("permissions");;
- DbUpdate::saveRole($roleName, $locations, $permissions, $roleID);
+ PermissionDbUpdate::saveRole($roleName, $locations, $permissions, $roleID);
}
}
@@ -55,14 +55,14 @@ class Page_PermissionManager extends Page
Render::closeTag('div');
if ($show === "roles") {
- $data = array("roles" => GetData::getRoles());
- Render::addTemplate('rolesTable', $data);
+ $data = array("roles" => GetPermissionData::getRoles());
+ Render::addTemplate('rolestable', $data);
} elseif ($show === "users") {
- $data = array("user" => GetData::getUserData(), "roles" => GetData::getRoles());
- Render::addTemplate('usersTable', $data);
+ $data = array("user" => GetPermissionData::getUserData(), "roles" => GetPermissionData::getRoles());
+ Render::addTemplate('userstable', $data);
} elseif ($show === "locations") {
- $data = array("location" => GetData::getLocationData());
- Render::addTemplate('locationsTable', $data);
+ $data = array("location" => GetPermissionData::getLocationData());
+ Render::addTemplate('locationstable', $data);
}
} elseif ($show === "roleEditor") {
$data = array();
@@ -70,7 +70,7 @@ class Page_PermissionManager extends Page
$roleID = Request::get("roleid", false);
$selectedLocations = array();
if ($roleID) {
- $roleData = GetData::getRoleData($roleID);
+ $roleData = GetPermissionData::getRoleData($roleID);
$data["roleid"] = $roleID;
$data["roleName"] = $roleData["name"];
if (count($roleData["locations"]) == 1 && $roleData["locations"][0] == 0) {
@@ -94,7 +94,7 @@ class Page_PermissionManager extends Page
$permissions = PermissionUtil::getPermissions();
$permissionHTML = "";
foreach ($permissions as $k => $v) {
- $name = Dictionary::translateFileModule($k, "module", "module_name");
+ $name = Module::get($k)->getDisplayName();
$permissionHTML .= "
<div id='$k' class='panel panel-primary module-box' style='display: none;'>
<div class='panel-heading'>
@@ -104,19 +104,19 @@ class Page_PermissionManager extends Page
</div>
</div>
<div class='panel-body'>
- ";
- $permissionHTML .= self::generateSubPermissionHTML($v, $k);
+ ";
+ $permissionHTML .= self::generatePermissionHTML($v, $k);
$permissionHTML .= "</div></div>";
}
- $data["locations"] = GetData::getLocations($selectedLocations);
+ $data["locations"] = GetPermissionData::getLocations($selectedLocations);
$data["moduleNames"] = array();
foreach (array_keys($permissions) as $moduleid) {
- $data["moduleNames"][] = array("id" => $moduleid,
- "name" => Dictionary::translateFileModule($moduleid, "module", "module_name"));
+ $data["moduleNames"][] = array("id" => $moduleid, "name" => Module::get($moduleid)->getDisplayName());
}
$data["permissionHTML"] = $permissionHTML;
- Render::addTemplate('roleEditor', $data);
+ Render::addTemplate('roleeditor', $data);
+
}
}
@@ -143,31 +143,18 @@ class Page_PermissionManager extends Page
return $buttonColors;
}
- private static function generateSubPermissionHTML($subPermissions, $permissionString)
+ private static function generatePermissionHTML($subPermissions, $permString)
{
- $html = "<ul class='list-group'>";
+ $genModuleBox = $permString == "*";
+ $res = "";
foreach ($subPermissions as $k => $v) {
- $tmpPermString = $permissionString.".".$k;
- $checkBoxValue = $tmpPermString;
- if (is_array($v)) {
- $checkBoxValue .= ".*";
- } else {
- $k .= " - ".$v;
- }
- $html .= "
- <li class='list-group-item'>
- <div class='checkbox'>
- <input name='permissions[]' value='$checkBoxValue' type='checkbox' class='form-control'>
- <label>$k</label>
- </div>
- ";
- if (is_array($v)) {
- $html .= self::generateSubPermissionHTML($v, $tmpPermString);
- }
- $html .= "</li>";
+ $res .= Render::parse($genModuleBox ? "modulepermissionbox" : is_array($v) ? "permissiontreenode" : "permission",
+ array("id" => $genModuleBox ? $k : $permString.".".$k,
+ "name" => $genModuleBox ? Module::get($k)->getDisplayName(): $k,
+ "HTML" => self::generatePermissionHTML($v, $genModuleBox ? $k : $permString.".".$k),
+ "description" => $v));
}
- $html .= "</ul>";
- return $html;
+ return $res;
}
}
diff --git a/modules-available/permissionmanager/templates/locationsTable.html b/modules-available/permissionmanager/templates/locationstable.html
index e170cd02..e170cd02 100644
--- a/modules-available/permissionmanager/templates/locationsTable.html
+++ b/modules-available/permissionmanager/templates/locationstable.html
diff --git a/modules-available/permissionmanager/templates/modulepermissionbox.html b/modules-available/permissionmanager/templates/modulepermissionbox.html
new file mode 100644
index 00000000..d298409b
--- /dev/null
+++ b/modules-available/permissionmanager/templates/modulepermissionbox.html
@@ -0,0 +1,11 @@
+<div id='{{id}}' class='panel panel-primary module-box' style='display: none;'>
+ <div class='panel-heading'>
+ <div class='checkbox'>
+ <input name='permissions[]' value='{{id}}.*' type='checkbox' class='form-control'>
+ <label>{{name}}</label>
+ </div>
+ </div>
+ <div class='panel-body'>
+ {{{HTML}}}
+ </div>
+</div> \ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/permission.html b/modules-available/permissionmanager/templates/permission.html
new file mode 100644
index 00000000..3cc0bf97
--- /dev/null
+++ b/modules-available/permissionmanager/templates/permission.html
@@ -0,0 +1,6 @@
+<li class='list-group-item'>
+ <div class='checkbox'>
+ <input name='permissions[]' value='{{id}}' type='checkbox' class='form-control'>
+ <label>{{name}} - {{description}}</label>
+ </div>
+</li> \ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/permissiontreenode.html b/modules-available/permissionmanager/templates/permissiontreenode.html
new file mode 100644
index 00000000..e9656902
--- /dev/null
+++ b/modules-available/permissionmanager/templates/permissiontreenode.html
@@ -0,0 +1,11 @@
+<ul class='list-group'>
+ <li class='list-group-item'>
+ <div class='checkbox'>
+ <input name='permissions[]' value='{{id}}.*' type='checkbox' class='form-control'>
+ <label>{{name}}</label>
+ </div>
+ <ul class='list-group'>
+ {{{HTML}}}
+ </ul>
+ </li>
+</ul> \ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/roleEditor.html b/modules-available/permissionmanager/templates/roleeditor.html
index ee717fe6..7de8eaf3 100644
--- a/modules-available/permissionmanager/templates/roleEditor.html
+++ b/modules-available/permissionmanager/templates/roleeditor.html
@@ -24,7 +24,6 @@
</select>
</div>
</div>
- {{abc}}
<div class="row">
<div class="col-md-3">
<b style="line-height: 34px">{{lang_Permissions}}:</b>
diff --git a/modules-available/permissionmanager/templates/rolesTable.html b/modules-available/permissionmanager/templates/rolestable.html
index 40cdda96..40cdda96 100644
--- a/modules-available/permissionmanager/templates/rolesTable.html
+++ b/modules-available/permissionmanager/templates/rolestable.html
diff --git a/modules-available/permissionmanager/templates/usersTable.html b/modules-available/permissionmanager/templates/userstable.html
index 3db1ebdb..3db1ebdb 100644
--- a/modules-available/permissionmanager/templates/usersTable.html
+++ b/modules-available/permissionmanager/templates/userstable.html
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-04 11:33:35 +0200