From cca740195f76ef89563ab5c00a76c492a462d752 Mon Sep 17 00:00:00 2001
From: Udo Walter
Date: Tue, 28 Mar 2017 15:11:57 +0200
Subject: [permission-manager] added role editor (new role and edit role)

---
 modules-available/permissionmanager/config.json    |   2 +-
 .../permissionmanager/inc/dbupdate.inc.php         |  17 +++
 .../permissionmanager/inc/getdata.inc.php          |  28 +++++
 .../permissionmanager/inc/permissionutil.inc.php   |  37 ++++++
 .../permissionmanager/install.inc.php              |   3 +-
 .../permissionmanager/lang/de/module.json          |   4 +-
 .../permissionmanager/lang/de/template-tags.json   |   3 +-
 .../permissionmanager/lang/en/module.json          |   4 +-
 .../permissionmanager/lang/en/template-tags.json   |   3 +-
 modules-available/permissionmanager/page.inc.php   |  96 ++++++++++++++--
 modules-available/permissionmanager/style.css      |  66 ++++++++++-
 .../permissionmanager/templates/roleEditor.html    | 127 +++++++++++++++++++++
 12 files changed, 365 insertions(+), 25 deletions(-)
 create mode 100644 modules-available/permissionmanager/inc/permissionutil.inc.php
 create mode 100644 modules-available/permissionmanager/templates/roleEditor.html

diff --git a/modules-available/permissionmanager/config.json b/modules-available/permissionmanager/config.json
index 3aeab3e5..5089bdc9 100644
--- a/modules-available/permissionmanager/config.json
+++ b/modules-available/permissionmanager/config.json
@@ -1,4 +1,4 @@
 {
 	"category":"main.content",
-	"dependencies": [ "js_stupidtable"]
+	"dependencies": [ "js_stupidtable", "bootstrap_switch", "js_selectize" ]
 }
diff --git a/modules-available/permissionmanager/inc/dbupdate.inc.php b/modules-available/permissionmanager/inc/dbupdate.inc.php
index 20ff746a..417fd812 100644
--- a/modules-available/permissionmanager/inc/dbupdate.inc.php
+++ b/modules-available/permissionmanager/inc/dbupdate.inc.php
@@ -34,4 +34,21 @@ class DbUpdate {
 		Database::exec($query);
 	}
 
+	public static function saveRole($roleName, $locType, $locations, $permissions, $role = NULL) {
+		if ($role) {
+			Database::exec("UPDATE role SET name = '$roleName', locType = '$locType' WHERE id = $role");
+			Database::exec("DELETE FROM roleXlocation WHERE roleid = $role");
+			Database::exec("DELETE FROM roleXpermission WHERE roleid = $role");
+		} else {
+			Database::exec("INSERT INTO role (name, locType) VALUES ('$roleName', '$locType')");
+			$role = Database::lastInsertId();
+		}
+		foreach ($locations as $locID) {
+			Database::exec("INSERT INTO roleXlocation (roleid, locid) VALUES ($role, $locID)");
+		}
+		foreach ($permissions as $permission) {
+			Database::exec("INSERT INTO roleXpermission (roleid, permissionid) VALUES ($role, '$permission')");
+		}
+	}
+
 }
diff --git a/modules-available/permissionmanager/inc/getdata.inc.php b/modules-available/permissionmanager/inc/getdata.inc.php
index 481ac398..67210246 100644
--- a/modules-available/permissionmanager/inc/getdata.inc.php
+++ b/modules-available/permissionmanager/inc/getdata.inc.php
@@ -29,6 +29,34 @@ class GetData {
 		return $data;
 	}
 
+	public static function getLocations($selected) {
+		$res = Database::simplequery("SELECT locationid, locationname FROM location");
+		$data = array();
+		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+			$data[] = array('locid' => $row['locationid'], 'locName' => $row['locationname'],
+				'selected' => in_array($row['locationid'], $selected) ? "selected" : "");
+		}
+		return $data;
+	}
+
+	public static function getRoleData($roleID) {
+		$query = "SELECT id, name, locType FROM role WHERE id = $roleID";
+		$data = Database::queryFirst($query);
+		$query = "SELECT roleid, locid FROM roleXlocation WHERE roleid = $roleID";
+		$res = Database::simpleQuery($query);
+		$data["locations"] = array();
+		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+			$data["locations"][] = $row['locid'];
+		}
+		$query = "SELECT roleid, permissionid FROM roleXpermission WHERE roleid = $roleID";
+		$res = Database::simpleQuery($query);
+		$data["permissions"] = array();
+		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+			$data["permissions"][] = $row['permissionid'];
+		}
+		return $data;
+	}
+
 	// UserID, User Login Name, Roles of each User
 	private static function queryUserData() {
 		$res = Database::simpleQuery("SELECT user.userid AS userid, user.login AS login, GROUP_CONCAT(role.name ORDER BY role.name ASC) AS role
diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php
new file mode 100644
index 00000000..10f2a61a
--- /dev/null
+++ b/modules-available/permissionmanager/inc/permissionutil.inc.php
@@ -0,0 +1,37 @@
+<?php
+
+class PermissionUtil
+{
+	public static function getPermissions()
+	{
+		$permissions = array();
+		foreach (glob("modules/*/permissions/permissions.json", GLOB_NOSORT) as $file) {
+			$data = json_decode(file_get_contents($file), true);
+			if (!is_array($data))
+				continue;
+			preg_match('#^modules/([^/]+)/#', $file, $out);
+			$newData = array();
+			foreach( $data as $k => $v ) {
+				$newData[] = $v;
+				$permissions = self::putInPermissionTree($out[1].".".$k, $v, $permissions);
+			}
+		}
+		return $permissions;
+	}
+
+	private function putInPermissionTree($permission, $description, $tree)
+	{
+		$subPermissions = explode('.', $permission);
+		$original =& $tree;
+		foreach ($subPermissions as $subPermission) {
+			if ($subPermission) {
+				if (!array_key_exists($subPermission, $tree)) {
+					$tree[$subPermission] = array();
+				}
+				$tree =& $tree[$subPermission];
+			}
+		}
+		$tree = $description;
+		return $original;
+	}
+}
\ No newline at end of file
diff --git a/modules-available/permissionmanager/install.inc.php b/modules-available/permissionmanager/install.inc.php
index a873f2c0..e025299a 100644
--- a/modules-available/permissionmanager/install.inc.php
+++ b/modules-available/permissionmanager/install.inc.php
@@ -5,6 +5,7 @@ $res = array();
 $res[] = tableCreate('role', "
 	`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
 	`name` varchar(200) NOT NULL,
+	`locType` varchar(200) NOT NULL DEFAULT 'include',
 	PRIMARY KEY (`id`)
 ");
 
@@ -22,6 +23,6 @@ $res[] = tableCreate('roleXlocation', "
 
 $res[] = tableCreate('roleXpermission', "
 	`roleid` int(10) unsigned NOT NULL,
-	`permissionid`int(10) unsigned NOT NULL,
+	`permissionid` varchar(200) NOT NULL,
 	PRIMARY KEY (`roleid`, `permissionid`)
 ");
diff --git a/modules-available/permissionmanager/lang/de/module.json b/modules-available/permissionmanager/lang/de/module.json
index 166909c3..aa73da91 100644
--- a/modules-available/permissionmanager/lang/de/module.json
+++ b/modules-available/permissionmanager/lang/de/module.json
@@ -1,4 +1,4 @@
 {
-    "module_name": "Mein erstes Modul",
-    "page_title": "Mein erster Seitentitel"
+    "module_name": "Rechtemanager",
+    "page_title": "Rechtemanager"
 }
\ No newline at end of file
diff --git a/modules-available/permissionmanager/lang/de/template-tags.json b/modules-available/permissionmanager/lang/de/template-tags.json
index bec71103..93a44f27 100644
--- a/modules-available/permissionmanager/lang/de/template-tags.json
+++ b/modules-available/permissionmanager/lang/de/template-tags.json
@@ -10,5 +10,6 @@
     "lang_Remove": "Entfernen",
     "lang_Delete": "Löschen",
     "lang_removeCheck": "Sind Sie sich sicher, dass Sie diese Rolle entfernen wollen?",
-    "lang_deleteCheck": "Sind Sie sich sicher, dass Sie diese Rolle löschen wollen?"
+    "lang_deleteCheck": "Sind Sie sich sicher, dass Sie diese Rolle löschen wollen?",
+    "lang_emptyNameWarning": "Der Name der Rolle darf nicht leer sein!"
 }
\ No newline at end of file
diff --git a/modules-available/permissionmanager/lang/en/module.json b/modules-available/permissionmanager/lang/en/module.json
index b2bcbb0c..5a5c838b 100644
--- a/modules-available/permissionmanager/lang/en/module.json
+++ b/modules-available/permissionmanager/lang/en/module.json
@@ -1,4 +1,4 @@
 {
-    "module_name": "My first module",
-    "page_title": "My first page title"
+    "module_name": "Permission Manager",
+    "page_title": "Permission Manager"
 }
\ No newline at end of file
diff --git a/modules-available/permissionmanager/lang/en/template-tags.json b/modules-available/permissionmanager/lang/en/template-tags.json
index e699e102..f8dab103 100644
--- a/modules-available/permissionmanager/lang/en/template-tags.json
+++ b/modules-available/permissionmanager/lang/en/template-tags.json
@@ -10,5 +10,6 @@
     "lang_Remove": "Remove",
     "lang_Delete": "Delete",
     "lang_removeCheck": "Are you sure you want to remove this role?",
-    "lang_deleteCheck": "Are you sure you want to delete this role?"
+    "lang_deleteCheck": "Are you sure you want to delete this role?",
+    "lang_emptyNameWarning": "Role name can not be empty!"
 }
\ No newline at end of file
diff --git a/modules-available/permissionmanager/page.inc.php b/modules-available/permissionmanager/page.inc.php
index e68af462..053c099d 100644
--- a/modules-available/permissionmanager/page.inc.php
+++ b/modules-available/permissionmanager/page.inc.php
@@ -20,13 +20,20 @@ class Page_PermissionManager extends Page
 			$users = Request::post('users', '');
 			$roles = Request::post('roles', '');
 			DbUpdate::addRoleToUser($users, $roles);
-		} else if ($action === 'removeRoleFromUser') {
+		} elseif ($action === 'removeRoleFromUser') {
 			$users = Request::post('users', '');
 			$roles = Request::post('roles', '');
 			DbUpdate::removeRoleFromUser($users, $roles);
-		} else if ($action === 'deleteRole') {
+		} elseif ($action === 'deleteRole') {
 			$id = Request::post('deleteId', false, 'string');
 			DbUpdate::deleteRole($id);
+		} elseif ($action === 'saveRole') {
+			$roleID = Request::post("roleid", false);
+			$roleName = Request::post("roleName");
+			$locType = Request::post("include", "off") == "on" ? "include" : "exclude";
+			$locations = Request::post("locations");
+			$permissions = Request::post("permissions");
+			DbUpdate::saveRole($roleName, $locType, $locations, $permissions, $roleID);
 		}
 	}
 
@@ -35,14 +42,15 @@ class Page_PermissionManager extends Page
 	 */
 	protected function doRender()
 	{
-		$show = Request::get("show", false);
-		// get menu button colors
-		$buttonColors = self::setButtonColors($show);
-
-		$data = array();
+		$show = Request::get("show", "roles");
 
 		// switch between tables, but always show menu to switch tables
-		if (!$show || $show === 'roles' || $show === 'users' || $show === 'locations') {
+		if ( $show === 'roles' || $show === 'users' || $show === 'locations' ) {
+			// get menu button colors
+			$buttonColors = self::setButtonColors($show);
+
+			$data = array();
+
 			Render::openTag('div', array('class' => 'row'));
 			Render::addtemplate('_page', $buttonColors);
 			Render::closeTag('div');
@@ -50,12 +58,49 @@ class Page_PermissionManager extends Page
 			if ($show === "roles") {
 				$data = array("roles" => GetData::getRoles());
 				Render::addTemplate('rolesTable', $data);
-			} else if ($show === "users") {
+			} elseif ($show === "users") {
 				$data = array("user" => GetData::getUserData(), "roles" => GetData::getRoles());
 				Render::addTemplate('usersTable', $data);
-			} else if ($show === "locations") {
+			} elseif ($show === "locations") {
 				Render::addTemplate('locationsTable', $data);
 			}
+		} elseif ($show === "roleEditor") {
+			$data = array();
+
+			$roleID = Request::get("roleid", false);
+			$selectedLocations = array();
+			if ($roleID) {
+				$roleData = GetData::getRoleData($roleID);
+				$selectedLocations = $roleData["locations"];
+				$data["roleid"] = $roleID;
+				$data["roleName"] = $roleData["name"];
+				$data["includeChecked"] = $roleData["locType"] == "include" ? "checked" : "";
+				$data["selectedPermissions"] = implode(" ", $roleData["permissions"]);
+			} else {
+				$data["includeChecked"] = "checked";
+			}
+
+			$permissions = PermissionUtil::getPermissions();
+			$permissionHTML = "";
+			foreach ($permissions as $k => $v) {
+				$permissionHTML .= "
+				<div id='$k' class='panel panel-primary module-box' style='display: none;'>
+					<div class='panel-heading'>
+						<div class='checkbox'>
+							<input name='permissions[]' value='$k.*' type='checkbox' class='form-control'>
+							<label>$k</label>
+						</div>
+					</div>
+					<div class='panel-body'>
+			";
+				$permissionHTML .= self::generateSubPermissionHTML($v, $k);
+				$permissionHTML .= "</div></div>";
+			}
+
+			$data["locations"] = GetData::getLocations($selectedLocations);
+			$data["moduleNames"] = array_keys($permissions);
+			$data["permissionHTML"] = $permissionHTML;
+			Render::addTemplate('roleEditor', $data);
 		}
 	}
 
@@ -65,11 +110,11 @@ class Page_PermissionManager extends Page
 			$buttonColors['rolesButtonClass'] = 'btn-primary';
 			$buttonColors['usersButtonClass'] = 'btn-default';
 			$buttonColors['locationsButtonClass'] = 'btn-default';
-		} else if ($show === 'users') {
+		} elseif ($show === 'users') {
 			$buttonColors['rolesButtonClass'] = 'btn-default';
 			$buttonColors['usersButtonClass'] = 'btn-primary';
 			$buttonColors['locationsButtonClass'] = 'btn-default';
-		} else if ($show === 'locations') {
+		} elseif ($show === 'locations') {
 			$buttonColors['rolesButtonClass'] = 'btn-default';
 			$buttonColors['usersButtonClass'] = 'btn-default';
 			$buttonColors['locationsButtonClass'] = 'btn-primary';
@@ -82,4 +127,31 @@ class Page_PermissionManager extends Page
 		return $buttonColors;
 	}
 
+	private static function generateSubPermissionHTML($subPermissions, $permissionString)
+	{
+		$html = "<ul class='list-group'>";
+		foreach ($subPermissions as $k => $v) {
+			$tmpPermString = $permissionString.".".$k;
+			$checkBoxValue  = $tmpPermString;
+			if (is_array($v)) {
+				$checkBoxValue .= ".*";
+			} else {
+				$k .= " - ".$v;
+			}
+			$html .= "
+				<li class='list-group-item'>
+					<div class='checkbox'>
+						<input name='permissions[]' value='$checkBoxValue' type='checkbox' class='form-control'>
+						<label>$k</label>
+					</div>
+			";
+			if (is_array($v)) {
+				$html .= self::generateSubPermissionHTML($v, $tmpPermString);
+			}
+			$html .= "</li>";
+		}
+		$html .= "</ul>";
+		return $html;
+	}
+
 }
diff --git a/modules-available/permissionmanager/style.css b/modules-available/permissionmanager/style.css
index ee81bf47..fc7ad6e7 100644
--- a/modules-available/permissionmanager/style.css
+++ b/modules-available/permissionmanager/style.css
@@ -3,6 +3,17 @@
     margin-bottom: 50px;
 }
 
+#saveButton {
+    margin-right: 10px;
+}
+
+
+#roleName {
+    width: 200px;
+    display: inline-block;
+    margin-left: 20px;
+}
+
 .table {
     margin-top: 20px;
 }
@@ -12,11 +23,6 @@
     height: 50px;
 }
 
-.checkbox {
-    margin-top: 0;
-    margin-bottom: 0;
-}
-
 .scrollingTable {
     height: 500px;
     overflow: auto;
@@ -26,4 +32,54 @@
     display: inline-block;
     margin-top: 2px;
     margin-bottom: 2px;
+}
+
+.panel-primary > .panel-heading {
+    background-image: none;
+}
+
+.panel, .row {
+    margin-bottom: 20px;
+}
+
+.list-group, .checkbox {
+    margin: 0;
+}
+
+.disabled {
+    pointer-events: none;
+    opacity: 0.6;
+}
+
+.module-toggle-group {
+    width: 100%;
+}
+
+.module-container {
+    -moz-column-gap: 20px;
+    -webkit-column-gap: 20px;
+    column-gap: 20px;
+}
+
+
+.module-container div {
+    display: inline-block;
+    width: 100%;
+}
+
+
+@media (max-width: 767px) {
+    .module-container {
+        -moz-column-count: 1;
+        -webkit-column-count: 1;
+        column-count: 1;
+    }
+}
+
+@media (min-width: 768px) {
+    .module-container {
+        -moz-column-count: 2;
+        -webkit-column-count: 2;
+        column-count: 2;
+    }
 }
\ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/roleEditor.html b/modules-available/permissionmanager/templates/roleEditor.html
new file mode 100644
index 00000000..68569caa
--- /dev/null
+++ b/modules-available/permissionmanager/templates/roleEditor.html
@@ -0,0 +1,127 @@
+<form method="post" action="?do=permissionmanager">
+	<input type="hidden" name="action" value="saveRole">
+	<input type="hidden" name="token" value="{{token}}">
+	<input type="hidden" name="roleid" value="{{roleid}}">
+	<div class="row">
+		<div class="col-md-12">
+			<b>Name:</b>
+			<input name="roleName" value="{{roleName}}" type="text" id="roleName" class="form-control">
+			<button type="button" id="cancelButton" class="btn btn-default pull-right"><span class="glyphicon glyphicon-remove"></span> Cancel</button>
+			<button type="submit" id="saveButton" class="btn btn-primary pull-right"><span class="glyphicon glyphicon-floppy-disk"></span> Save</button>
+		</div>
+	</div>
+	<div class="row">
+		<div class="col-md-3">
+			<b style="line-height: 34px">Locations:</b>
+			<div class="pull-right"><input name="include" {{includeChecked}} type="checkbox" id="locSwitch"></div>
+		</div>
+		<div class="col-md-9 text-left">
+			<select multiple name="locations[]" id="select-location">
+				<option value></option>
+				{{#locations}}
+				<option value="{{locid}}" {{selected}}>{{locName}}</option>
+				{{/locations}}
+			</select>
+		</div>
+	</div>
+	{{abc}}
+	<div class="row">
+		<div class="col-md-3">
+			<div class="btn-group-vertical module-toggle-group" role="group">
+				{{#moduleNames}}
+				<button id="button-{{.}}" type="button" class="btn btn-default module-toggle">{{.}}</button>
+				{{/moduleNames}}
+			</div>
+		</div>
+		<div class="col-md-9 module-container">
+
+			{{{permissionHTML}}}
+
+		</div>
+	</div>
+</form>
+
+<script type="application/javascript">
+
+	selectedPermissions = "{{selectedPermissions}}";
+
+	document.addEventListener("DOMContentLoaded", function () {
+		$('#select-location').selectize({
+			allowEmptyOption: false,
+			maxItems: null,
+			highlight: false,
+			hideSelected: true,
+			create: false,
+			plugins: [ "remove_button" ]
+		});
+
+		var locSwitch = $("#locSwitch");
+		locSwitch.bootstrapSwitch("size", "normal");
+		locSwitch.bootstrapSwitch("labelWidth", 1);
+		locSwitch.bootstrapSwitch("onText", "include");
+		locSwitch.bootstrapSwitch("offText", "exclude");
+		locSwitch.bootstrapSwitch("onColor", "success");
+		locSwitch.bootstrapSwitch("offColor", "danger");
+
+		$("form input").keydown(function(e) {
+			if (e.keyCode === 13) e.preventDefault();
+		});
+
+		$(".module-toggle").click(function () {
+			var button = $(this);
+			var moduleBox = $("#" + button.text());
+			if (button.hasClass("btn-default")) {
+				button.removeClass("btn-default");
+				button.addClass("btn-primary");
+				moduleBox.show();
+			} else {
+				button.removeClass("btn-primary");
+				button.addClass("btn-default");
+				moduleBox.hide();
+			}
+		});
+
+		$(".module-container input[type=checkbox]").change(function () {
+			var parent = $(this).parent().parent();
+			if (parent.hasClass("panel-heading")) parent = parent.parent();
+			parent = parent.find("ul:first");
+			parent.find("ul").removeClass("disabled");
+			var checkboxes = parent.find("input[type=checkbox]");
+			if (parent.hasClass("disabled")) {
+				checkboxes.prop("disabled", false);
+				checkboxes.prop("checked", false);
+				parent.removeClass("disabled");
+			} else {
+				checkboxes.prop("disabled", true);
+				checkboxes.prop("checked", true);
+				parent.addClass("disabled");
+			}
+		});
+		
+		$("#cancelButton").click(function () {
+			window.location.replace("?do=permissionmanager&show=roles");
+		});
+
+		$('form').submit(function () {
+			var name = $.trim($('#roleName').val());
+			if (name  === '') {
+				alert('{{lang_emptyNameWarning}}');
+				return false;
+			}
+		});
+
+		var permissions = selectedPermissions.split(" ");
+		var arrayLength = permissions.length;
+		for (var i = 0; i < arrayLength; i++) {
+			var checkbox = $("input[type=checkbox][value='"+permissions[i]+"']");
+			checkbox.trigger('change').attr('checked', 'checked');
+			var moduleBox = checkbox.closest(".module-box");
+			moduleBox.show();
+			var button = $("#button-"+moduleBox.attr('id'));
+			button.removeClass("btn-default");
+			button.addClass("btn-primary");
+		}
+
+	});
+
+</script>
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522