diff options
Diffstat (limited to 'modules-available/permissionmanager')
21 files changed, 1186 insertions, 0 deletions
diff --git a/modules-available/permissionmanager/api.inc.php b/modules-available/permissionmanager/api.inc.php new file mode 100644 index 00000000..0d84ebce --- /dev/null +++ b/modules-available/permissionmanager/api.inc.php @@ -0,0 +1,7 @@ +<?php + +echo json_encode(array( + 'key' => 'value', + 'number' => 123, + 'list' => array(1,2,3,4,5,6,'foo') +)); diff --git a/modules-available/permissionmanager/clientscript.js b/modules-available/permissionmanager/clientscript.js new file mode 100644 index 00000000..700ebc11 --- /dev/null +++ b/modules-available/permissionmanager/clientscript.js @@ -0,0 +1,48 @@ +document.addEventListener("DOMContentLoaded", function() { + var selectize = $('#select-role'); + if (selectize.length) { + selectize = selectize.selectize({ + allowEmptyOption: false, + maxItems: null, + highlight: false, + hideSelected: true, + create: false, + plugins: ["remove_button"] + })[0].selectize; + + // If Site gets refreshed, all data-selectizeCounts will be reset to 0, so delete the filters from the selectize + selectize.clear(); + + selectize.on('item_add', function (value, $item) { + // When first item gets added the filter isn't empty anymore, so hide all rows + if (selectize.items.length === 1) { + $('.dataTable tbody').find('tr').hide(); + } + // Find all rows which shall be shown and increase their counter by 1 + $(".roleid-" + value).closest("tr").each(function () { + $(this).data("selectizeCount", $(this).data("selectizeCount") + 1); + $(this).show(); + }); + }); + + selectize.on('item_remove', function (value, $item) { + // When no items in the filter, show all rows again + if (selectize.items.length === 0) { + $('.dataTable tbody').find('tr').show(); + } else { + // Find all rows which have the delete role, decrease their counter by 1 + $(".roleid-" + value).closest("tr").each(function () { + $(this).data("selectizeCount", $(this).data("selectizeCount") - 1); + // If counter is 0, hide the row (no filter given to show the row anymore) + if ($(this).data("selectizeCount") === 0) { + $(this).closest("tr").hide(); + } + }); + } + }); + } + + $("form input").keydown(function(e) { + if (e.keyCode === 13) e.preventDefault(); + }); +});
\ No newline at end of file diff --git a/modules-available/permissionmanager/config.json b/modules-available/permissionmanager/config.json new file mode 100644 index 00000000..c92e917a --- /dev/null +++ b/modules-available/permissionmanager/config.json @@ -0,0 +1,4 @@ +{ + "category":"main.content", + "dependencies": [ "locations", "js_stupidtable", "bootstrap_switch", "js_selectize" ] +} diff --git a/modules-available/permissionmanager/inc/getpermissiondata.inc.php b/modules-available/permissionmanager/inc/getpermissiondata.inc.php new file mode 100644 index 00000000..9d69c722 --- /dev/null +++ b/modules-available/permissionmanager/inc/getpermissiondata.inc.php @@ -0,0 +1,91 @@ +<?php + +class GetPermissionData { + + // get UserIDs, User Login Names, User Roles + public static function getUserData() { + $res = self::queryUserData(); + $userdata= array(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $userdata[$row['userid'].' '.$row['login']][] = array( + 'roleid' => $row['roleid'], + 'rolename' => $row['rolename'] + ); + } + $data = array(); + foreach($userdata AS $user => $roles) { + $user = explode(" ", $user, 2); + $data[] = array( + 'userid' => $user[0], + 'username' => $user[1], + 'roles' => $roles + ); + } + return $data; + } + + // get LocationIDs, Location Names, Roles of each Location + public static function getLocationData() { + $res = Database::simpleQuery("SELECT role.roleid as roleid, rolename, GROUP_CONCAT(locationid) as locationids FROM role + LEFT JOIN (SELECT roleid, COALESCE(locationid, 0) AS locationid FROM role_x_location) rxl + ON role.roleid = rxl.roleid GROUP BY roleid ORDER BY rolename ASC"); + $locations = Location::getLocations(0, 0, false, true); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $locationids = explode(",", $row['locationids']); + if (in_array("0", $locationids)) { + $locationids = array_map("intval", Location::extractIds(Location::getTree())); + } else { + $locationids = PermissionUtil::getSublocations(Location::getTree(), $locationids); + } + foreach ($locationids as $locationid) { + $locations[$locationid]['roles'][] = array( + 'roleid' => $row['roleid'], + 'rolename' => $row['rolename'] + ); + } + } + return array_values($locations); + } + + // get all roles from database (id and name) + public static function getRoles() { + $res = Database::simpleQuery("SELECT roleid, rolename FROM role ORDER BY rolename ASC"); + $data = array(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $data[] = array( + 'roleid' => $row['roleid'], + 'rolename' => $row['rolename'] + ); + } + return $data; + } + + public static function getRoleData($roleid) { + $query = "SELECT roleid, rolename FROM role WHERE roleid = :roleid"; + $data = Database::queryFirst($query, array("roleid" => $roleid)); + $query = "SELECT roleid, locationid FROM role_x_location WHERE roleid = :roleid"; + $res = Database::simpleQuery($query, array("roleid" => $roleid)); + $data["locations"] = array(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $data["locations"][] = $row['locationid']; + } + $query = "SELECT roleid, permissionid FROM role_x_permission WHERE roleid = :roleid"; + $res = Database::simpleQuery($query, array("roleid" => $roleid)); + $data["permissions"] = array(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $data["permissions"][] = $row['permissionid']; + } + return $data; + } + + // UserID, User Login Name, Roles of each User + private static function queryUserData() { + $res = Database::simpleQuery("SELECT user.userid AS userid, user.login AS login, role.rolename AS rolename, role.roleid AS roleid + FROM user + LEFT JOIN user_x_role ON user.userid = user_x_role.userid + LEFT JOIN role ON user_x_role.roleid = role.roleid + "); + return $res; + } + +}
\ No newline at end of file diff --git a/modules-available/permissionmanager/inc/permissiondbupdate.inc.php b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php new file mode 100644 index 00000000..f144b35e --- /dev/null +++ b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php @@ -0,0 +1,53 @@ +<?php + +class PermissionDbUpdate { + + // insert new user_x_role to database. "ignore" to ignore duplicate entry try + public static function addRoleToUser($users, $roles) { + $query = "INSERT IGNORE INTO user_x_role (userid, roleid) VALUES (:userid, :roleid)"; + foreach($users AS $userid) { + foreach ($roles AS $roleid) { + Database::exec($query, array("userid" => $userid, "roleid" => $roleid)); + } + } + } + + // remove user_x_role entry from database + public static function removeRoleFromUser($users, $roles) { + $query = "DELETE FROM user_x_role WHERE userid IN (:users) AND roleid IN (:roles)"; + Database::exec($query, array("users" => $users, "roles" => $roles)); + } + + // delete role, delete user_x_role relationships, delete role_x_location relationships, delete role_x_permission relationships + public static function deleteRole($roleid) { + $query = "DELETE FROM role WHERE roleid = :roleid"; + Database::exec($query, array("roleid" => $roleid)); + $query = "DELETE FROM user_x_role WHERE roleid = :roleid"; + Database::exec($query, array("roleid" => $roleid)); + $query = "DELETE FROM role_x_location WHERE roleid = :roleid"; + Database::exec($query, array("roleid" => $roleid)); + $query = "DELETE FROM role_x_permission WHERE roleid = :roleid"; + Database::exec($query, array("roleid" => $roleid)); + } + + public static function saveRole($rolename, $locations, $permissions, $roleid = NULL) { + if ($roleid) { + Database::exec("UPDATE role SET rolename = :rolename WHERE roleid = :roleid", + array("rolename" => $rolename, "roleid" => $roleid)); + Database::exec("DELETE FROM role_x_location WHERE roleid = :roleid", array("roleid" => $roleid)); + Database::exec("DELETE FROM role_x_permission WHERE roleid = :roleid", array("roleid" => $roleid)); + } else { + Database::exec("INSERT INTO role (rolename) VALUES (:rolename)", array("rolename" => $rolename)); + $roleid = Database::lastInsertId(); + } + foreach ($locations as $locationid) { + Database::exec("INSERT INTO role_x_location (roleid, locationid) VALUES (:roleid, :locationid)", + array("roleid" => $roleid, "locationid" => $locationid)); + } + foreach ($permissions as $permissionid) { + Database::exec("INSERT INTO role_x_permission (roleid, permissionid) VALUES (:roleid, :permissionid)", + array("roleid" => $roleid, "permissionid" => $permissionid)); + } + } + +} diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php new file mode 100644 index 00000000..17257eec --- /dev/null +++ b/modules-available/permissionmanager/inc/permissionutil.inc.php @@ -0,0 +1,110 @@ +<?php + +class PermissionUtil +{ + public static function userHasPermission($userid, $permissionid, $locationid) { + $locations = array(); + if (!is_null($locationid)) { + $locations = Location::getLocationRootChain($locationid); + if (count($locations) == 0) return false; + else $locations[] = 0; + } + + $res = Database::simpleQuery("SELECT role_x_permission.permissionid as 'permissionid', + role_x_location.locationid as 'locationid' + FROM user_x_role + INNER JOIN role_x_permission ON user_x_role.roleid = role_x_permission.roleid + LEFT JOIN role_x_location ON role_x_permission.roleid = role_x_location.roleid + WHERE user_x_role.userid = :userid", array("userid" => $userid)); + + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $userPermission = trim($row["permissionid"], "*"); + if (substr($permissionid, 0, strlen($userPermission)) === $userPermission + && (is_null($locationid) || in_array($row["locationid"], $locations))) { + return true; + } + } + return false; + } + + public static function getAllowedLocations($userid, $permissionid) { + + $res = Database::simpleQuery("SELECT role_x_permission.permissionid, rxl.locationid + FROM user_x_role + INNER JOIN role_x_permission ON user_x_role.roleid = role_x_permission.roleid + LEFT JOIN (SELECT roleid, COALESCE(locationid, 0) AS locationid FROM role_x_location) rxl + ON role_x_permission.roleid = rxl.roleid + WHERE user_x_role.userid = :userid", array("userid" => $userid)); + + $allowedLocations = array(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $userPermission = trim($row["permissionid"], "*"); + if (!is_null($row["locationid"]) && substr($permissionid, 0, strlen($userPermission)) === $userPermission) { + $allowedLocations[$row["locationid"]] = 1; + } + } + $allowedLocations = array_keys($allowedLocations); + $locations = Location::getTree(); + if (in_array("0", $allowedLocations)) { + $allowedLocations = array_map("intval", Location::extractIds($locations)); + } else { + $allowedLocations = self::getSublocations($locations, $allowedLocations); + } + return $allowedLocations; + } + + public static function getSublocations($tree, $locations) { + $result = array_flip($locations); + foreach ($tree as $location) { + if (array_key_exists("children", $location)) { + if (in_array($location["locationid"], $locations)) { + $result += array_flip(Location::extractIds($location["children"])); + } else { + $result += array_flip(self::getSublocations($location["children"], $locations)); + } + } + } + return array_keys($result); + } + + public static function getPermissions() + { + $permissions = array(); + foreach (glob("modules/*/permissions/permissions.json", GLOB_NOSORT) as $file) { + $data = json_decode(file_get_contents($file), true); + if (!is_array($data)) + continue; + preg_match('#^modules/([^/]+)/#', $file, $out); + $newData = array(); + foreach( $data as $k => $v ) { + $newData[] = $v; + $permissions = self::putInPermissionTree($out[1].".".$k, $v, $permissions); + } + } + ksort($permissions); + global $MENU_CAT_OVERRIDE; + $sortingOrder = $MENU_CAT_OVERRIDE; + foreach ($permissions as $module => $v) $sortingOrder[Module::get($module)->getCategory()][] = $module; + $permissions = array_replace(array_flip(call_user_func_array('array_merge', $sortingOrder)), $permissions); + foreach ($permissions as $module => $v) if (is_int($v)) unset($permissions[$module]); + + + return $permissions; + } + + private static function putInPermissionTree($permission, $description, $tree) + { + $subPermissions = explode('.', $permission); + $original =& $tree; + foreach ($subPermissions as $subPermission) { + if ($subPermission) { + if (!array_key_exists($subPermission, $tree)) { + $tree[$subPermission] = array(); + } + $tree =& $tree[$subPermission]; + } + } + $tree = $description; + return $original; + } +}
\ No newline at end of file diff --git a/modules-available/permissionmanager/install.inc.php b/modules-available/permissionmanager/install.inc.php new file mode 100644 index 00000000..71ee7a1e --- /dev/null +++ b/modules-available/permissionmanager/install.inc.php @@ -0,0 +1,86 @@ +<?php + +$res = array(); + +$res[] = tableCreate('role', " + roleid int(10) unsigned NOT NULL AUTO_INCREMENT, + rolename varchar(200) NOT NULL, + PRIMARY KEY (roleid) +"); + +$res[] = tableCreate('user_x_role', " + userid int(10) unsigned NOT NULL, + roleid int(10) unsigned NOT NULL, + PRIMARY KEY (userid, roleid) +"); + +$res[] = tableCreate('role_x_location', " + id int(10) unsigned NOT NULL AUTO_INCREMENT, + roleid int(10) unsigned NOT NULL, + locationid int(11), + PRIMARY KEY (id) +"); + +$res[] = tableCreate('role_x_permission', " + roleid int(10) unsigned NOT NULL, + permissionid varchar(200) NOT NULL, + PRIMARY KEY (roleid, permissionid) +"); + +if (!tableExists('user') || !tableExists('location')) { + finalResponse(UPDATE_RETRY, 'Cannot add constraint yet. Please retry.'); +} else { + $c = tableGetContraints('user_x_role', 'userid', 'user', 'userid'); + if ($c === false) + finalResponse(UPDATE_FAILED, 'Cannot get constraints of user table: ' . Database::lastError()); + if (empty($c)) { + $alter = Database::exec('ALTER TABLE user_x_role ADD FOREIGN KEY (userid) REFERENCES user (userid) ON DELETE CASCADE ON UPDATE CASCADE'); + if ($alter === false) + finalResponse(UPDATE_FAILED, 'Cannot add userid constraint referencing user table: ' . Database::lastError()); + $res[] = UPDATE_DONE; + } + + $c = tableGetContraints('user_x_role', 'roleid', 'role', 'roleid'); + if ($c === false) + finalResponse(UPDATE_FAILED, 'Cannot get constraints of role table: ' . Database::lastError()); + if (empty($c)) { + $alter = Database::exec('ALTER TABLE user_x_role ADD FOREIGN KEY (roleid) REFERENCES role (roleid) ON DELETE CASCADE ON UPDATE CASCADE'); + if ($alter === false) + finalResponse(UPDATE_FAILED, 'Cannot add roleid constraint referencing role table: ' . Database::lastError()); + $res[] = UPDATE_DONE; + } + + $c = tableGetContraints('role_x_location', 'roleid', 'role', 'roleid'); + if ($c === false) + finalResponse(UPDATE_FAILED, 'Cannot get constraints of role table: ' . Database::lastError()); + if (empty($c)) { + $alter = Database::exec('ALTER TABLE role_x_location ADD FOREIGN KEY (roleid) REFERENCES role (roleid) ON DELETE CASCADE ON UPDATE CASCADE'); + if ($alter === false) + finalResponse(UPDATE_FAILED, 'Cannot add roleid constraint referencing role table: ' . Database::lastError()); + $res[] = UPDATE_DONE; + } + + $c = tableGetContraints('role_x_location', 'locationid', 'location', 'locationid'); + if ($c === false) + finalResponse(UPDATE_FAILED, 'Cannot get constraints of location table: ' . Database::lastError()); + if (empty($c)) { + $alter = Database::exec('ALTER TABLE role_x_location ADD FOREIGN KEY (locationid) REFERENCES location (locationid) ON DELETE CASCADE ON UPDATE CASCADE'); + if ($alter === false) + finalResponse(UPDATE_FAILED, 'Cannot add locationid constraint referencing location table: ' . Database::lastError()); + $res[] = UPDATE_DONE; + } + + $c = tableGetContraints('role_x_permission', 'roleid', 'role', 'roleid'); + if ($c === false) + finalResponse(UPDATE_FAILED, 'Cannot get constraints of role table: ' . Database::lastError()); + if (empty($c)) { + $alter = Database::exec('ALTER TABLE role_x_permission ADD FOREIGN KEY (roleid) REFERENCES role (roleid) ON DELETE CASCADE ON UPDATE CASCADE'); + if ($alter === false) + finalResponse(UPDATE_FAILED, 'Cannot add roleid constraint referencing role table: ' . Database::lastError()); + $res[] = UPDATE_DONE; + } +} +if (in_array(UPDATE_DONE, $res)) { + finalResponse(UPDATE_DONE, 'Tables created successfully'); +} +finalResponse(UPDATE_NOOP, 'Everything already up to date'); diff --git a/modules-available/permissionmanager/lang/de/module.json b/modules-available/permissionmanager/lang/de/module.json new file mode 100644 index 00000000..aa73da91 --- /dev/null +++ b/modules-available/permissionmanager/lang/de/module.json @@ -0,0 +1,4 @@ +{ + "module_name": "Rechtemanager", + "page_title": "Rechtemanager" +}
\ No newline at end of file diff --git a/modules-available/permissionmanager/lang/de/template-tags.json b/modules-available/permissionmanager/lang/de/template-tags.json new file mode 100644 index 00000000..23b2dc68 --- /dev/null +++ b/modules-available/permissionmanager/lang/de/template-tags.json @@ -0,0 +1,25 @@ +{ + "lang_Roles": "Rollen", + "lang_Users": "Nutzer", + "lang_Locations": "Räume", + "lang_addRole": "Rolle zuweisen", + "lang_removeRole": "Rolle entfernen", + "lang_newRole": "Rolle anlegen", + "lang_Selected": "Ausgewählt", + "lang_Edit": "Bearbeiten", + "lang_Remove": "Entfernen", + "lang_Delete": "Löschen", + "lang_removeCheck": "Sind Sie sich sicher, dass Sie diese Rolle entfernen wollen?", + "lang_deleteCheck": "Sind Sie sich sicher, dass Sie diese Rolle löschen wollen?", + "lang_emptyNameWarning": "Der Name der Rolle darf nicht leer sein!", + "lang_Name": "Name", + "lang_Cancel": "Abbrechen", + "lang_Save": "Speichern", + "lang_all": "alle", + "lang_selected": "ausgewählte", + "lang_Permissions": "Rechte", + "lang_selectizePlaceholder": "Nach Rollen filtern...", + "lang_searchPlaceholder": "Nach Rollen suchen...", + "lang_moduleName": "Rechtemanager", + "lang_roleEditor": "Rollen Editor" +}
\ No newline at end of file diff --git a/modules-available/permissionmanager/lang/en/module.json b/modules-available/permissionmanager/lang/en/module.json new file mode 100644 index 00000000..5a5c838b --- /dev/null +++ b/modules-available/permissionmanager/lang/en/module.json @@ -0,0 +1,4 @@ +{ + "module_name": "Permission Manager", + "page_title": "Permission Manager" +}
\ No newline at end of file diff --git a/modules-available/permissionmanager/lang/en/template-tags.json b/modules-available/permissionmanager/lang/en/template-tags.json new file mode 100644 index 00000000..01056632 --- /dev/null +++ b/modules-available/permissionmanager/lang/en/template-tags.json @@ -0,0 +1,25 @@ +{ + "lang_Roles": "Roles", + "lang_Users": "Users", + "lang_Locations": "Locations", + "lang_addRole": "Add Role", + "lang_removeRole": "Remove Role", + "lang_newRole": "New Role", + "lang_Selected": "Selected", + "lang_Edit": "Edit", + "lang_Remove": "Remove", + "lang_Delete": "Delete", + "lang_removeCheck": "Are you sure you want to remove this role?", + "lang_deleteCheck": "Are you sure you want to delete this role?", + "lang_emptyNameWarning": "Role name can not be empty!", + "lang_Name": "Name", + "lang_Cancel": "Cancel", + "lang_Save": "Save", + "lang_all": "all", + "lang_selected": "selected", + "lang_Permissions": "Permissions", + "lang_selectizePlaceholder": "Filter for roles...", + "lang_searchPlaceholder": "Search for roles...", + "lang_moduleName": "Permission Manager", + "lang_roleEditor": "Role Editor" +}
\ No newline at end of file diff --git a/modules-available/permissionmanager/page.inc.php b/modules-available/permissionmanager/page.inc.php new file mode 100644 index 00000000..20e8ad3a --- /dev/null +++ b/modules-available/permissionmanager/page.inc.php @@ -0,0 +1,134 @@ +<?php + +class Page_PermissionManager extends Page +{ + + /** + * Called before any page rendering happens - early hook to check parameters etc. + */ + protected function doPreprocess() + { + User::load(); + + if (!User::isLoggedIn()) { + Message::addError('main.no-permission'); + Util::redirect('?do=Main'); // does not return + } + + $action = Request::any('action', 'show', 'string'); + if ($action === 'addRoleToUser') { + $users = Request::post('users', ''); + $roles = Request::post('roles', ''); + PermissionDbUpdate::addRoleToUser($users, $roles); + } elseif ($action === 'removeRoleFromUser') { + $users = Request::post('users', ''); + $roles = Request::post('roles', ''); + PermissionDbUpdate::removeRoleFromUser($users, $roles); + } elseif ($action === 'deleteRole') { + $id = Request::post('deleteId', false, 'string'); + PermissionDbUpdate::deleteRole($id); + } elseif ($action === 'saveRole') { + $roleID = Request::post("roleid", false); + $rolename = Request::post("rolename"); + $locations = Request::post("allLocations", "off") == "on" ? array(NULL) : Request::post("locations"); + $permissions = Request::post("allPermissions", "off") == "on" ? array("*") : Request::post("permissions");; + PermissionDbUpdate::saveRole($rolename, $locations, $permissions, $roleID); + } + } + + /** + * Menu etc. has already been generated, now it's time to generate page content. + */ + protected function doRender() + { + $show = Request::get("show", "roles"); + + // switch between tables, but always show menu to switch tables + if ( $show === 'roles' || $show === 'users' || $show === 'locations' ) { + // get menu button colors + $buttonColors = self::setButtonColors($show); + + $data = array(); + + Render::openTag('div', array('class' => 'row')); + Render::addtemplate('_page', $buttonColors); + Render::closeTag('div'); + + if ($show === "roles") { + $data = array("roles" => GetPermissionData::getRoles()); + Render::addTemplate('rolestable', $data); + } elseif ($show === "users") { + $data = array("user" => GetPermissionData::getUserData(), "roles" => GetPermissionData::getRoles()); + Render::addTemplate('userstable', $data); + } elseif ($show === "locations") { + $data = array("location" => GetPermissionData::getLocationData(), "allroles" => GetPermissionData::getRoles()); + Render::addTemplate('locationstable', $data); + } + } elseif ($show === "roleEditor") { + $data = array(); + + $roleID = Request::get("roleid", false); + $selectedLocations = array(); + if ($roleID) { + $roleData = GetPermissionData::getRoleData($roleID); + $data["roleid"] = $roleID; + $data["rolename"] = $roleData["rolename"]; + if (count($roleData["locations"]) == 1 && $roleData["locations"][0] == 0) { + $data["allLocChecked"] = "checked"; + $data["selectizeClass"] = "faded unclickable"; + } else { + $data["allLocChecked"] = ""; + $data["selectizeClass"] = ""; + $selectedLocations = $roleData["locations"]; + } + if (count($roleData["permissions"]) == 1 && $roleData["permissions"][0] == "*") { + $data["allPermChecked"] = "checked"; + $data["permissionsClass"] = "faded unclickable"; + } else { + $data["allPermChecked"] = ""; + $data["permissionsClass"] = ""; + $data["selectedPermissions"] = implode(" ", $roleData["permissions"]); + } + } + + $permissions = PermissionUtil::getPermissions(); + + $data["locations"] = Location::getLocations($selectedLocations); + $data["moduleNames"] = array(); + foreach (array_keys($permissions) as $moduleid) { + $data["moduleNames"][] = array("id" => $moduleid, "name" => Module::get($moduleid)->getDisplayName()); + } + $data["permissionHTML"] = self::generatePermissionHTML($permissions, "*"); + Render::addTemplate('roleeditor', $data); + + } + } + + // Menu: Selected table is shown in blue (btn-primary) + private function setButtonColors($show) { + if ($show === 'roles') { + $buttonColors['rolesButtonClass'] = 'active'; + } elseif ($show === 'users') { + $buttonColors['usersButtonClass'] = 'active'; + } elseif ($show === 'locations') { + $buttonColors['locationsButtonClass'] = 'active'; + } + + return $buttonColors; + } + + private static function generatePermissionHTML($subPermissions, $permString) + { + $genModuleBox = $permString == "*"; + $res = ""; + foreach ($subPermissions as $k => $v) { + $res .= Render::parse($genModuleBox ? "modulepermissionbox" : (is_array($v) ? "permissiontreenode" : "permission"), + array("id" => $genModuleBox ? $k : $permString.".".$k, + "name" => $genModuleBox ? Module::get($k)->getDisplayName(): $k, + "HTML" => is_array($v) ? self::generatePermissionHTML($v, $genModuleBox ? $k : $permString.".".$k) : "", + "description" => $v)); + } + return $res; + } + +} diff --git a/modules-available/permissionmanager/style.css b/modules-available/permissionmanager/style.css new file mode 100644 index 00000000..abc3270a --- /dev/null +++ b/modules-available/permissionmanager/style.css @@ -0,0 +1,92 @@ +#switchForm { + text-align: center; + margin-bottom: 50px; +} + +#saveButton { + margin-left: 10px; +} + +#rolename { + width: 200px; + display: inline-block; + margin-left: 20px; +} + +.table { + margin-top: 20px; +} + +.table > tbody > tr > td { + vertical-align: middle; + height: 50px; +} + +.scrollingTable { + height: 500px; + overflow: auto; +} + +.customSpanMargin { + display: inline-block; + margin-top: 2px; + margin-bottom: 2px; +} + +.panel-primary > .panel-heading { + background-image: none; +} + +.panel{ + margin-bottom: 20px; +} + +.list-group, .checkbox { + margin: 0; +} + +.faded { + opacity: 0.6; +} + +.unclickable { + pointer-events: none; +} + +input[type='checkbox']:disabled { + cursor: inherit; +} + +.module-toggle-group { + width: 100%; + margin-top: 20px; +} + +.module-container { + -moz-column-gap: 20px; + -webkit-column-gap: 20px; + column-gap: 20px; +} + + +.module-container div { + display: inline-block; + width: 100%; +} + + +@media (max-width: 767px) { + .module-container { + -moz-column-count: 1; + -webkit-column-count: 1; + column-count: 1; + } +} + +@media (min-width: 768px) { + .module-container { + -moz-column-count: 2; + -webkit-column-count: 2; + column-count: 2; + } +} diff --git a/modules-available/permissionmanager/templates/_page.html b/modules-available/permissionmanager/templates/_page.html new file mode 100644 index 00000000..ff487c8f --- /dev/null +++ b/modules-available/permissionmanager/templates/_page.html @@ -0,0 +1,27 @@ +<div class="col-md-12" style="margin-bottom: 0px;"> + <div class='page-header'> + <div class='pull-right'> + <form id="switchForm" method="GET" action="?do=permissionmanager"> + <input type="hidden" name="do" value="permissionmanager"> + + <div class="btn-group"> + <button class="btn btn-default {{rolesButtonClass}}" type="submit" name="show" value="roles"> + <span class="glyphicon glyphicon-education"></span> + {{lang_Roles}} + </button> + + <button class="btn btn-default {{usersButtonClass}}" type="submit" name="show" value="users"> + <span class="glyphicon glyphicon-user"></span> + {{lang_Users}} + </button> + + <button class="btn btn-default {{locationsButtonClass}}" type="submit" name="show" value="locations"> + <span class="glyphicon glyphicon-home"></span> + {{lang_Locations}} + </button> + </div> + </form> + </div> + <h1>{{lang_moduleName}}</h1> + </div> +</div>
\ No newline at end of file diff --git a/modules-available/permissionmanager/templates/locationstable.html b/modules-available/permissionmanager/templates/locationstable.html new file mode 100644 index 00000000..dcfefa94 --- /dev/null +++ b/modules-available/permissionmanager/templates/locationstable.html @@ -0,0 +1,37 @@ +<div class="row"> + <div class="col-md-4"></div> + <div class="col-md-4"> + <select multiple name="roles[]" id="select-role"> + <option value>{{lang_selectizePlaceholder}}</option> + {{#allroles}} + <option value="{{roleid}}">{{rolename}}</option> + {{/allroles}} + </select> + </div> +</div> + +<div class="row"> + <div class="col-md-12"> + <table id="locationsTable" class="table table-condensed table-hover stupidtable dataTable"> + <thead> + <tr> + <th data-sort="string">{{lang_Locations}}</th> + <th>{{lang_Roles}}</th> + </tr> + </thead> + + <tbody> + {{#location}} + <tr data-selectizeCount='0'> + <td>{{locationpad}} {{locationname}}</td> + <td> + {{#roles}} + <span class="label label-default customSpanMargin roleid-{{roleid}}">{{rolename}}</span> + {{/roles}} + </td> + </tr> + {{/location}} + </tbody> + </table> + </div> +</div>
\ No newline at end of file diff --git a/modules-available/permissionmanager/templates/modulepermissionbox.html b/modules-available/permissionmanager/templates/modulepermissionbox.html new file mode 100644 index 00000000..69bde718 --- /dev/null +++ b/modules-available/permissionmanager/templates/modulepermissionbox.html @@ -0,0 +1,13 @@ +<div id='{{id}}' class='panel panel-primary module-box' style='display: none;'> + <div class='panel-heading'> + <div class='checkbox'> + <input name='permissions[]' value='{{id}}.*' type='checkbox' class='form-control'> + <label>{{name}}</label> + </div> + </div> + <div class='panel-body'> + <ul class='list-group'> + {{{HTML}}} + </ul> + </div> +</div>
\ No newline at end of file diff --git a/modules-available/permissionmanager/templates/permission.html b/modules-available/permissionmanager/templates/permission.html new file mode 100644 index 00000000..b28b9099 --- /dev/null +++ b/modules-available/permissionmanager/templates/permission.html @@ -0,0 +1,6 @@ +<li class='list-group-item' title="{{description}}" data-toggle="tooltip" data-placement="left"> + <div class='checkbox'> + <input name='permissions[]' value='{{id}}' type='checkbox' class='form-control'> + <label>{{name}}</label> + </div> +</li>
\ No newline at end of file diff --git a/modules-available/permissionmanager/templates/permissiontreenode.html b/modules-available/permissionmanager/templates/permissiontreenode.html new file mode 100644 index 00000000..47bff1f2 --- /dev/null +++ b/modules-available/permissionmanager/templates/permissiontreenode.html @@ -0,0 +1,9 @@ +<li class='list-group-item'> + <div class='checkbox'> + <input name='permissions[]' value='{{id}}.*' type='checkbox' class='form-control'> + <label>{{name}}</label> + </div> + <ul class='list-group'> + {{{HTML}}} + </ul> +</li> diff --git a/modules-available/permissionmanager/templates/roleeditor.html b/modules-available/permissionmanager/templates/roleeditor.html new file mode 100644 index 00000000..359f09a1 --- /dev/null +++ b/modules-available/permissionmanager/templates/roleeditor.html @@ -0,0 +1,150 @@ +<h1>{{lang_roleEditor}}</h1> +<form method="post" action="?do=permissionmanager"> + <input type="hidden" name="action" value="saveRole"> + <input type="hidden" name="token" value="{{token}}"> + <input type="hidden" name="roleid" value="{{roleid}}"> + <div class="row"> + <div class="col-md-12" style="margin-bottom: 20px;"> + <b>{{lang_Name}}:</b> + <input name="rolename" value="{{rolename}}" type="text" id="rolename" class="form-control"> + <button type="submit" id="saveButton" class="btn btn-primary pull-right"><span class="glyphicon glyphicon-floppy-disk"></span> {{lang_Save}}</button> + <button type="button" id="cancelButton" class="btn btn-default pull-right">{{lang_Cancel}}</button> + </div> + </div> + <div class="row" style="margin-bottom: 20px;"> + <div class="col-md-3"> + <b style="line-height: 34px">{{lang_Locations}}:</b> + <div class="pull-right"><input name="allLocations" {{allLocChecked}} type="checkbox" id="allLocations"></div> + </div> + <div id="selectize-container" class="col-md-9 text-left {{selectizeClass}}"> + <select multiple name="locations[]" id="select-location"> + <option value></option> + {{#locations}} + <option value="{{locationid}}" {{#selected}}selected{{/selected}}>{{locationpad}} {{locationname}}</option> + {{/locations}} + </select> + </div> + </div> + <div class="row"> + <div class="col-md-3"> + <b style="line-height: 34px">{{lang_Permissions}}:</b> + <div class="pull-right"><input name="allPermissions" {{allPermChecked}} type="checkbox" id="allPermissions"></div> + <div class="btn-group-vertical module-toggle-group permissions-container {{permissionsClass}}" role="group"> + {{#moduleNames}} + <button id="button-{{id}}" type="button" class="btn btn-default module-toggle" data-moduleid="{{id}}">{{name}}</button> + {{/moduleNames}} + </div> + </div> + <div class="col-md-9 module-container permissions-container {{permissionsClass}}"> + {{{permissionHTML}}} + </div> + </div> +</form> + +<script type="application/javascript"> + + selectedPermissions = "{{selectedPermissions}}"; + + document.addEventListener("DOMContentLoaded", function () { + + $('#select-location').selectize({ + allowEmptyOption: false, + maxItems: null, + highlight: false, + hideSelected: true, + create: false, + plugins: [ "remove_button" ] + }); + + var allLocations = $("#allLocations"); + allLocations.bootstrapSwitch("size", "normal"); + allLocations.bootstrapSwitch("labelWidth", 1); + allLocations.bootstrapSwitch("onText", "{{lang_all}}"); + allLocations.bootstrapSwitch("offText", "{{lang_selected}}"); + + allLocations.on('switchChange.bootstrapSwitch', function(event, state) { + if (state) { + $("#selectize-container").addClass("faded unclickable"); + } else { + $("#selectize-container").removeClass("faded unclickable"); + } + }); + + var allPermissions = $("#allPermissions"); + allPermissions.bootstrapSwitch("size", "normal"); + allPermissions.bootstrapSwitch("labelWidth", 1); + allPermissions.bootstrapSwitch("onText", "{{lang_all}}"); + allPermissions.bootstrapSwitch("offText", "{{lang_selected}}"); + + + allPermissions.on('switchChange.bootstrapSwitch', function(event, state) { + if (state) { + $(".permissions-container").addClass("faded unclickable"); + } else { + $(".permissions-container").removeClass("faded unclickable"); + } + }); + + $(".module-toggle").click(function () { + var button = $(this); + var moduleBox = $("#" + button.data("moduleid")); + if (button.hasClass("btn-default")) { + button.removeClass("btn-default"); + button.addClass("btn-primary"); + moduleBox.show(); + } else { + button.removeClass("btn-primary"); + button.addClass("btn-default"); + moduleBox.hide(); + } + }); + + $(".module-container input[type=checkbox]").change(function () { + var parent = $(this).parent().parent(); + if (parent.hasClass("panel-heading")) parent = parent.parent(); + parent = parent.find("ul:first"); + parent.find("ul").removeClass("faded"); + var checkboxes = parent.find("input[type=checkbox]"); + if (parent.hasClass("faded")) { + checkboxes.prop("disabled", false); + checkboxes.prop("checked", false); + parent.removeClass("faded"); + } else { + checkboxes.prop("disabled", true); + checkboxes.prop("checked", true); + parent.addClass("faded"); + } + }); + + $("#cancelButton").click(function () { + window.location.replace("?do=permissionmanager&show=roles"); + }); + + $('form').submit(function () { + var name = $.trim($('#rolename').val()); + if (name === '') { + alert('{{lang_emptyNameWarning}}'); + return false; + } + }); + + var permissions = selectedPermissions.split(" "); + var arrayLength = permissions.length; + for (var i = 0; i < arrayLength; i++) { + var checkbox = $("input[type=checkbox][value='"+permissions[i]+"']"); + checkbox.trigger('change').attr('checked', 'checked'); + var moduleBox = checkbox.closest(".module-box"); + moduleBox.show(); + var button = $("#button-"+moduleBox.attr('id')); + button.removeClass("btn-default"); + button.addClass("btn-primary"); + } + + + $('[data-toggle="tooltip"]').tooltip({ + container: 'body', + trigger : 'hover' + }); + }); + +</script>
\ No newline at end of file diff --git a/modules-available/permissionmanager/templates/rolestable.html b/modules-available/permissionmanager/templates/rolestable.html new file mode 100644 index 00000000..99401624 --- /dev/null +++ b/modules-available/permissionmanager/templates/rolestable.html @@ -0,0 +1,91 @@ +<form method="post" action="?do=permissionmanager"> + <input type="hidden" name="token" value="{{token}}"> + + <div class="row"> + <div class="col-md-4"> + <button class="btn btn-success" type="button" onclick="openRoleEditor()"><span class="glyphicon glyphicon-plus"></span> {{lang_newRole}}</button> + </div> + <div class="col-md-4"> + <input type="text" class="form-control" id="roleNameSearchField" onkeyup="searchFieldFunction()" placeholder="{{lang_searchPlaceholder}}"> + </div> + </div> + + <div class="row"> + <div class="col-md-12"> + <table id="rolesTable" class="table table-condensed table-hover stupidtable"> + <thead> + <tr> + <th data-sort="string">{{lang_Roles}}</th> + <th class="text-center">{{lang_Edit}}</th> + <th class="text-center">{{lang_Delete}}</th> + </tr> + </thead> + + <tbody> + {{#roles}} + <tr class="rolesRow"> + <td class="rolesData">{{rolename}}</td> + <td class="text-center"> + <a class="btn btn-xs btn-info" href="?do=permissionmanager&show=roleEditor&roleid={{roleid}}"><span class="glyphicon glyphicon-edit"></span></a> + </td> + <td class="text-center"> + <a class="btn btn-xs btn-danger" href="#deleteModal" data-toggle="modal" data-target="#deleteModal" onclick="deleteRole('{{roleid}}')"><span class="glyphicon glyphicon-trash"></span></a> + </td> + </tr> + {{/roles}} + </tbody> + </table> + </div> + </div> + + + <!-- Modals --> + <div class ="modal fade" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel"> + <div class="modal-dialog" role="document"> + <div class="modal-content"> + <div class="modal-header"> + <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button> + <h4 class="modal-title" id="myModalLabel">{{lang_Delete}}</h4> + </div> + <div class="modal-body"> + {{lang_deleteCheck}} + </div> + <div class="modal-footer"> + <input type="hidden" id="deleteId" name="deleteId" value=""/> + <button type="button" class="btn btn-default" data-dismiss="modal">{{lang_cancel}}</button> + <button type="submit" name="action" value="deleteRole" class="btn btn-danger"><span class="glyphicon glyphicon-trash"></span> {{lang_Delete}}</button> + </div> + </div> + </div> + </div> + +</form> + +<script> + function openRoleEditor() { + window.location.href = "?do=permissionmanager&show=roleEditor" + } + + function deleteRole($roleid) { + $(".modal-footer #deleteId").val($roleid); + } + + function searchFieldFunction() { + // Declare variables + var input, filter, table, trs, a, i; + input = document.getElementById('roleNameSearchField'); + filter = input.value.toUpperCase(); + table = document.getElementById("rolesTable"); + trs = table.getElementsByClassName('rolesRow'); + + // Loop through all list items, and hide those who don't match the search query + for (i = 0; i < trs.length; i++) { + a = trs[i].getElementsByClassName("rolesData")[0]; + if (a.innerHTML.toUpperCase().indexOf(filter) > -1) { + trs[i].style.display = ""; + } else { + trs[i].style.display = "none"; + } + } + } +</script>
\ No newline at end of file diff --git a/modules-available/permissionmanager/templates/userstable.html b/modules-available/permissionmanager/templates/userstable.html new file mode 100644 index 00000000..bd48d16d --- /dev/null +++ b/modules-available/permissionmanager/templates/userstable.html @@ -0,0 +1,170 @@ +<form method="post" action="?do=permissionmanager&show=users"> + <input type="hidden" name="token" value="{{token}}"> + + <div class="row"> + <div class="col-md-4"> + <button class="btn btn-success" type="button" data-toggle="modal" data-target="#addRoleToUserModal"><span class="glyphicon glyphicon-share-alt"></span> {{lang_addRole}}</button> + <button class="btn btn-danger" type="button" data-toggle="modal" data-target="#removeRoleFromUserModal"><span class="glyphicon glyphicon-trash"></span> {{lang_removeRole}}</button> + </div> + <div class="col-md-4 text-left"> + <select multiple name="roles[]" id="select-role"> + <option value>{{lang_selectizePlaceholder}}</option> + {{#roles}} + <option value="{{roleid}}">{{rolename}}</option> + {{/roles}} + </select> + </div> + </div> + + <div class="row"> + <div class="col-md-12"> + <table id="usersTable" class="table table-condensed table-hover stupidtable dataTable"> + <thead> + <tr> + <th data-sort="string">{{lang_Users}}</th> + <th>{{lang_Roles}}</th> + <th data-sort="int" data-sort-default="desc">{{lang_Selected}}</th> + </tr> + </thead> + + <tbody> + {{#user}} + <tr data-selectizeCount='0'> + <td>{{username}}</td> + <td> + {{#roles}} + <span class="label label-default customSpanMargin roleid-{{roleid}}">{{rolename}}</span> + {{/roles}} + </td> + <td data-sort-value="0"> + <div class="checkbox"> + <input id="{{userid}}" type="checkbox" name="users[]" value='{{userid}}'> + <label for="{{userid}}"></label> + </div> + </td> + </tr> + {{/user}} + </tbody> + </table> + </div> + </div> + + <!-- Modals --> + <div class ="modal fade" id="addRoleToUserModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel"> + <div class="modal-dialog" role="document"> + <div class="modal-content"> + <div class="modal-header"> + <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button> + <h4 class="modal-title" id="myModalLabel">{{lang_addRole}}</h4> + </div> + <div class="modal-body"> + <div class="row"> + <div class="col-md-12 scrollingTable"> + <table id="addRoleToUserTable" class="table table-condensed table-hover stupidtable"> + <thead> + <tr> + <th data-sort="string">{{lang_Roles}}</th> + <th data-sort="int" data-sort-default="desc">{{lang_Selected}}</th> + </tr> + </thead> + + <tbody> + {{#roles}} + <tr> + <td>{{rolename}}</td> + <td data-sort-value="0"> + <div class="checkbox"> + <input id="add{{roleid}}" type="checkbox" name="roles[]" value='{{roleid}}'> + <label for="add{{roleid}}"></label> + </div> + </td> + </tr> + {{/roles}} + </tbody> + </table> + </div> + </div> + </div> + <div class="modal-footer"> + <button type="button" class="btn btn-default" data-dismiss="modal">{{lang_cancel}}</button> + <button type="submit" name="action" value="addRoleToUser" class="btn btn-success" onclick="clearRemoveRoleModal()"><span class="glyphicon glyphicon-share-alt"></span> {{lang_addRole}}</button> + </div> + </div> + </div> + </div> + + <div class ="modal fade" id="removeRoleFromUserModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel"> + <div class="modal-dialog" role="document"> + <div class="modal-content"> + <div class="modal-header"> + <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button> + <h4 class="modal-title" id="myModalLabel2">{{lang_Remove}}</h4> + </div> + <div class="modal-body"> + <div class="row"> + <div class="col-md-12 scrollingTable"> + <table id="removeRoleFromUserTable" class="table table-condensed table-hover stupidtable"> + <thead> + <tr> + <th data-sort="string">{{lang_Roles}}</th> + <th data-sort="int" data-sort-default="desc">{{lang_Selected}}</th> + </tr> + </thead> + + <tbody> + {{#roles}} + <tr> + <td>{{rolename}}</td> + <td data-sort-value="0"> + <div class="checkbox"> + <input id="remove{{roleid}}" type="checkbox" name="roles[]" value='{{roleid}}'> + <label for="remove{{roleid}}"></label> + </div> + </td> + </tr> + {{/roles}} + </tbody> + </table> + </div> + </div> + </div> + <div class="modal-footer"> + <button type="button" class="btn btn-default" data-dismiss="modal">{{lang_cancel}}</button> + <button type="submit" name="action" value="removeRoleFromUser" class="btn btn-danger" onclick="clearAddRoleModal()"><span class="glyphicon glyphicon-trash"></span> {{lang_Remove}}</button> + </div> + </div> + </div> + </div> +</form> + +<script> + document.addEventListener("DOMContentLoaded", function() { + // if checked,: mark green, else: unmark + $('input:checkbox').change(function() { + if ($(this).is(':checked')) { + $(this).closest("td").data("sort-value", 1); + $(this).closest("tr").css("background-color", "#f2ffe6"); + } else { + $(this).closest("td").data("sort-value", 0); + $(this).closest("tr").css("background-color", ""); + } + + }); + }); + + // if remove-Role button is clicked, uncheck all checkboxes in add-role modal so they aren't submitted too + function clearAddRoleModal () { + $('#addRoleToUserModal') + .find("input[type=checkbox]") + .prop("checked", "") + .end(); + } + + // if add-Role button is clicked, uncheck all checkboxes in remove-role modal so they aren't submitted too + function clearRemoveRoleModal() { + $('#removeRoleFromUserModal') + .find("input[type=checkbox]") + .prop("checked", "") + .end(); + } +</script>
\ No newline at end of file |