<?php
require '../../vendor/autoload.php';
require '../tools.php';
use PermissionsManager\PermissionsManager;
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$groups = turnResources2ATree_V2($pm->getGroups()->getAllGroups());
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="index.css" type="text/css">
<script src="../jquery-1.11.3.min.js"></script>
<script src="index.js"></script>
<title>Groups</title>
</head>
<body>
<p><a href="<?php
echo BASE_URL;
?>
/">Home</a></p>
<div id="messages"></div>
<div id="groups">
<h2>Groups</h2>
<div id="menubar">
<a href="add.php" id="add">Add</a>
<a href="edit.php" id="edit">Edit</a>
<a href="#" id="delete">Delete</a>
</div><br>
<div id="tree">
<?php
use PermissionsManager\PermissionsManager;
$toReturn = [];
if (isset($_GET['id'])) {
require '../../vendor/autoload.php';
require '../tools.php';
$group_id = $_GET['id'];
if (!hasOnlyDigits($group_id)) {
die('Wrong group id format, only digits are allowed.');
}
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$group = $pm->getGroups()->getGroupById($group_id);
if (count($group) < 1) {
$toReturn = ['error' => 'There was an error, the requested group id was not found.'];
} else {
$toReturn = ['groupDetails' => $group];
}
} else {
$toReturn = ['error' => 'No group id was provided. Please check the request URL.'];
}
header('Content-Type: application/json');
echo json_encode($toReturn);
<?php
$method = isset($_SERVER['REQUEST_METHOD']) ? mb_strtolower($_SERVER['REQUEST_METHOD']) : '';
if ($method !== 'post') {
header('Content-Type: application/json');
echo json_encode(['messages' => ['Error: Request method is not supported.']]);
die;
}
if (!isset($_POST['groupsToDelete'])) {
header('Content-Type: application/json');
echo json_encode(['messages' => ['Error: No groups to delete.']]);
die;
}
if (!is_array($_POST['groupsToDelete'])) {
header('Content-Type: application/json');
echo json_encode(['messages' => ['Error: No groups to delete.']]);
die;
}
require '../../vendor/autoload.php';
require '../tools.php';
use PermissionsManager\PermissionsManager;
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$g = $pm->getGroups();
foreach ($_POST['groupsToDelete'] as $group_id) {
if (is_scalar($group_id) && hasOnlyDigits($group_id)) {
$g->deleteGroupById($group_id);
}
}
header('Content-Type: application/json');
echo json_encode(['redirect' => BASE_URL . '/groups/']);
<?php
use PermissionsManager\PermissionsManager;
use PermissionsManager\Models\Groups;
require '../../vendor/autoload.php';
require '../tools.php';
if (!isset($_GET['id'])) {
die('Group id to edit is missing from request URL.');
}
$group_id_to_edit = $_GET['id'];
if (!hasOnlyDigits($group_id_to_edit)) {
die('Wrong group id format, only digits are allowed.');
}
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$group_to_edit = $pm->getGroups()->getGroupById($group_id_to_edit);
if (count($group_to_edit) < 1) {
die('No group exists having the requested group id.');
}
if ($group_to_edit['id'] == $pm->getGroups()->getRootGroupId()) {
die('Cannot edit root group (public)');
}
$method = isset($_SERVER['REQUEST_METHOD']) ? mb_strtolower($_SERVER['REQUEST_METHOD']) : '';
$errors = [];
$is_post = false;
if ($method == 'post') {
$is_post = true;
$name = isset($_POST['group_name']) ? $_POST['group_name'] : '';
$description = isset($_POST['group_description']) ? $_POST['group_description'] : '';
$details = isset($_POST['group_details']) ? $_POST['group_details'] : NULL;
$status = isset($_POST['group_status']) ? $_POST['group_status'] : '';
$group_parent = isset($_POST['group_parent']) ? $_POST['group_parent'] : '';
