/**
* Constuctor
*
* @param int UserID
* @param int PermissionGroupID
* @param array $user_result массив с результатми выборки
* @return
*/
function __construct($UserID, $PermissionGroupID = 0, $user_result = null)
{
global $db;
$this->db = $db;
$this->_UserID = intval($UserID);
$this->_fckeditor = false;
$this->_ckeditor = false;
// Если есть user_result - то данные можно взять оттуда
if ($UserID && $user_result) {
$this->_InsideAdminAccess = $user_result[0]['InsideAdminAccess'];
foreach ($user_result as $row) {
$this->_PermissionGroupID[] = $row['PermissionGroups_ID'];
}
} elseif ($UserID && !$user_result) {
// инчае запросом
$this->_InsideAdminAccess = $this->db->get_var("SELECT `InsideAdminAccess` FROM `User` WHERE User_ID='" . $this->_UserID . "'");
$this->_PermissionGroupID = nc_usergroup_get_group_by_user($this->_UserID);
} else {
// идет работа только с группой
$this->_PermissionGroupID = array(intval($PermissionGroupID));
}
$this->_countPerm = 0;
$SelectPerm = "SELECT `AdminType`, `Catalogue_ID`, `PermissionSet`\n FROM `Permission`\n WHERE ( (" . ($this->_UserID > 0 ? " `User_ID`='" . $UserID . "' OR " : " ") . "\n `PermissionGroup_ID` IN (" . join(',', $this->_PermissionGroupID) . ")\n ) AND (\n ( `PermissionBegin` IS NULL OR UNIX_TIMESTAMP(`PermissionBegin`) <= UNIX_TIMESTAMP() ) AND\n ( `PermissionEnd` IS NULL OR UNIX_TIMESTAMP(`PermissionEnd`) >= UNIX_TIMESTAMP() ) ) )";
$PermResult = $this->db->get_results($SelectPerm, ARRAY_A);
if (!empty($PermResult)) {
foreach ($PermResult as $PermArray) {
switch ($PermArray['AdminType']) {
case DIRECTOR:
$this->_director = 1;
$this->_fckeditor = true;
$this->_ckeditor = true;
break;
case SUPERVISOR:
$this->_supervisor = 1;
$this->_fckeditor = true;
$this->_ckeditor = true;
break;
case GUEST:
$this->_guest = 1;
$this->_fckeditor = false;
$this->_ckeditor = false;
break;
case CATALOGUE_ADMIN:
$this->_catalogue[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet'];
if ($PermArray['PermissionSet'] & (MASK_ADD | MASK_EDIT | MASK_MODERATE)) {
$this->_fckeditor = true;
$this->_ckeditor = true;
}
break;
case SUBDIVISION_ADMIN:
$this->_sub[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet'];
if ($PermArray['PermissionSet'] & (MASK_ADD | MASK_EDIT | MASK_MODERATE)) {
$this->_fckeditor = true;
$this->_ckeditor = true;
}
break;
case SUB_CLASS_ADMIN:
$this->_cc[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet'];
if ($PermArray['PermissionSet'] & (MASK_ADD | MASK_EDIT | MASK_MODERATE)) {
$this->_fckeditor = true;
$this->_ckeditor = true;
}
break;
case MODERATOR:
//управляет пользователями
$this->_user |= $PermArray['PermissionSet'];
break;
case CLASSIFICATOR_ADMIN:
$this->_classificator[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet'];
break;
case SUBSCRIBER:
$this->_subscriber[$PermArray['Catalogue_ID']] |= 1;
break;
case BAN_SITE:
// ограничение в правах
$this->_banCat[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet'];
break;
case BAN_SUB:
$this->_banSub[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet'];
break;
case BAN_CC:
$this->_banCC[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet'];
break;
}
$this->_countPerm++;
}
}
// нулевое значенеи Catalogue_ID означает все сайты
if ($this->_catalogue[0] >= 0) {
$this->_allSite = $this->_catalogue[0];
}
// привязка системных событий
$nc_core = nc_Core::get_object();
$nc_core->event->bind($this, array("dropCatalogue" => "dropCataloguePerm"));
$nc_core->event->bind($this, array("dropSubdivision" => "dropSubdivisionPerm"));
$nc_core->event->bind($this, array("dropSubClass" => "dropSubClassPerm"));
$nc_core->event->bind($this, array("dropUser" => "dropUserPerm"));
}
/**
* Функция исключает пользователя из группы
*
* @param int $UserID
* @param int $PermissionGroupID
* @return bool
*/
function nc_usergroup_remove_from_group($UserID, $PermissionGroupID)
{
global $nc_core, $db;
$UserID = intval($UserID);
$PermissionGroupID = intval($PermissionGroupID);
if (!$UserID || !$PermissionGroupID) {
return false;
}
$groups = nc_usergroup_get_group_by_user($UserID);
// пользователь состоит в группе? + пользователь должен состоять как минимум в одной группе
if (empty($groups) || !in_array($PermissionGroupID, $groups) || count($groups) <= 1) {
return false;
}
// execute core action
$nc_core->event->execute("updateUserPrep", $UserID);
$db->query("DELETE FROM `User_Group` WHERE `User_ID` = '" . $UserID . "' AND `PermissionGroup_ID` = '" . $PermissionGroupID . "'");
// нужно обновить значение в таблице user
foreach ($groups as $k => $v) {
if ($v == $PermissionGroupID) {
unset($groups[$k]);
}
}
$mainGroup = intval(min((array) $groups));
$db->query("UPDATE `User` SET `PermissionGroup_ID` = '" . $mainGroup . "' WHERE `User_ID` = '" . $UserID . "'");
// execute core action
$nc_core->event->execute("updateUser", $UserID);
return true;
}
/**
* Форма для добавления \ изменения пользователя
*
* @param int UserID
* @param str action file
* @param int next phase
* @param int type: 1 - insert; 2 - update
*/
function UserForm($UserID, $action_file, $phase, $type)
{
global $nc_core, $db, $ROOT_FOLDER, $admin_mode, $perm, $DOMAIN_NAME;
global $HTTP_FILES_PATH, $FILES_FOLDER;
global $systemTableID, $systemMessageID, $systemTableName;
global $Checked, $PermissionGroupID, $InsideAdminAccess;
global $INCLUDE_FOLDER, $ADMIN_PATH;
require_once $INCLUDE_FOLDER . "s_files.inc.php";
$UserID = intval($UserID);
//есть ли файлы
$is_there_any_files = getFileCount(0, $systemTableID);
$params = array('Checked', 'InsideAdminAccess', 'PermissionGroupID', 'Catalogue_ID', 'Password1', 'Password2', 'UserID', 'posting');
foreach ($params as $v) {
global ${$v};
}
$st = new nc_Component(0, 3);
foreach ($st->get_fields() as $v) {
$name = 'f_' . $v['name'];
global ${$name};
if ($v['type'] == 6) {
global ${$name . "_old"};
global ${"f_KILL" . $v['id']};
}
}
if ($type == 1) {
$User['Checked'] = $Checked;
$User['PermissionGroup_ID'] = $PermissionGroupID;
$User['InsideAdminAccess'] = $InsideAdminAccess;
} elseif ($type == 2) {
$User = $db->get_row("SELECT `Checked`, `InsideAdminAccess`, `Catalogue_ID`\n FROM `User`\n WHERE `User_ID`='" . $UserID . "'", ARRAY_A);
if (!$User) {
nc_print_status(CONTROL_CONTENT_CATALOUGE_FUNCS_SHOWCATALOGUELIST_DBERROR, 'error');
exit;
}
// узнаем группы, где он состоит
$User['PermissionGroup_ID'] = nc_usergroup_get_group_by_user($UserID);
}
echo "<br /><form name='adminForm' class='nc-form' id='adminForm' " . ($is_there_any_files ? "enctype='multipart/form-data'" : "") . " method='post' action='" . $action_file . "'>";
if ($type == 2) {
echo "ID: {$UserID} ";
}
// включен / выключен
echo nc_admin_checkbox_simple('Checked', 1, CONTROL_CONTENT_SUBDIVISION_FUNCS_MAINDATA_TURNON, $User['Checked'], 'chk') . " ";
// доступ в админку
echo nc_admin_checkbox_simple('InsideAdminAccess', 1, NETCAT_MODULE_AUTH_INSIDE_ADMIN_ACCESS, $User['InsideAdminAccess']) . " <br /><br />";
// PermissionGroupID
//$UserPermGroupID = ($PermissionGroupID ? (int)$PermissionGroupID : $Array['PermissionGroup_ID']);
// Группы пользователей
$Result = $db->get_results("SELECT `PermissionGroup_ID`, `PermissionGroup_Name` FROM `PermissionGroup` ORDER BY `PermissionGroup_ID`", ARRAY_A);
$groups_with_more_rights = $perm->GetGroupWithMoreRights();
if ($db->num_rows < 8) {
// Если групп мало, то выводим через checkbox
echo (count($Result) == 1 ? CONTROL_USER_GROUP : CONTROL_USER_GROUPS) . ":<br>";
foreach ($Result as $Group) {
$id = $Group['PermissionGroup_ID'];
$name = $Group['PermissionGroup_Name'];
//выключить группы с большими правами
$disabled = in_array($id, $groups_with_more_rights) ? 'disabled' : '';
echo nc_admin_checkbox_simple("PermissionGroupID[" . $id . "]", $id, $id . ":" . $name, in_array($id, (array) $User['PermissionGroup_ID']), "grp_" . $id, $disabled) . "<br>";
}
echo "<br>";
} else {
echo CONTROL_USER_GROUP . ":<br><select name='PermissionGroupID[]' multiple>";
foreach ($Result as $Group) {
$id = $Group['PermissionGroup_ID'];
$name = $Group['PermissionGroup_Name'];
//выключить группы с большими правами
$disabled = in_array($id, $groups_with_more_rights) ? 'disabled' : '';
echo "<option" . (in_array($id, (array) $User['PermissionGroup_ID']) ? " selected" : "") . " value='" . $id . "' " . $disabled . ">" . $id . ":" . $name . "</option>";
}
echo "</select><br><br>";
}
// если есть модуль авторизации, то можно выбрать сайт, где user сможет авторизоваться
if (nc_module_check_by_keyword('auth')) {
// Catalogue_ID
$UserCatID = isset($_POST['Catalogue_ID']) ? (int) $_POST['Catalogue_ID'] : $User['Catalogue_ID'];
$Result = $db->get_results("SELECT Catalogue_ID, Catalogue_Name FROM Catalogue", ARRAY_N);
echo CONTROL_AUTH_ON_ONE_SITE . ":<br><select name='Catalogue_ID'><option value='0'" . (!$UserCatID ? " selected" : "") . ">" . CONTROL_AUTH_ON_ALL_SITES . "</option>";
foreach ($Result as $row) {
echo "<option value='" . $row[0] . "'" . ($User['Catalogue_ID'] == $row[0] ? " selected" : "") . ">" . $row[0] . '. ' . $row[1] . "</option>";
}
echo "</select><br><br>";
}
if ($type == 1) {
echo CONTROL_AUTH_HTML_PASSWORD . ":<br><input type='password' name='Password1' size='30' maxlength='50' value='" . $Password1 . "'><br><br>";
echo CONTROL_AUTH_HTML_PASSWORDCONFIRM . ":<br><input type='password' name='Password2' size='30' maxlength='50' value='" . $Password2 . "'>";
$action = "add";
} elseif ($type == 2) {
$action = "change";
$message = $systemMessageID;
}
require $ROOT_FOLDER . "message_fields.php";
if ($fldCount) {
if ($type == 2) {
$fieldQuery = join($fld, ",");
$fldValue = $db->get_row("select {$fieldQuery} from User where User_ID='" . $systemMessageID . "'", ARRAY_N);
}
?>
<br />
<style>.nc_admin_form_body span {display: block;}</style>
<fieldset>
<legend><?php
echo CONTROL_USER_TITLE_USERINFOEDIT;
?>
</legend>
<div class='nc_admin_form_body nc-admin'>
<?php
$nc_notmodal = 1;
require $ROOT_FOLDER . "message_edit.php";
?>
</div>
</fieldset>
<?php
} else {
?>
<hr size="1" color="CCCCCC"><?php
}
print "<input type='hidden' name='UserID' value='" . $UserID . "' />";
print "<input type='hidden' name='posting' value='1' />";
?>
<div align="right">
<?php
global $UI_CONFIG;
$UI_CONFIG->actionButtons[] = array("id" => "submit", "caption" => $type == 1 ? CONTROL_USER_FUNCS_ADDUSER : CONTROL_CONTENT_CATALOUGE_FUNCS_CATALOGUEFORM_SAVE, "action" => "mainView.submitIframeForm()");
?>
</div>
<?php
if (nc_module_check_by_keyword('auth')) {
$nc_auth_token = new nc_auth_token();
$logins = $nc_auth_token->get_logins($UserID);
echo "\n\t\t\t\t<fieldset>\n\t\t\t\t<legend>" . NETCAT_SETTINGS_USETOKEN . "</legend>";
if (!empty($logins)) {
echo "<input type='hidden' id='nc_token_destroy' name='nc_token_destroy' value='' />";
echo "<div style='margin-bottom: 5px; font-weight: bold;'>" . CONTROL_AUTH_TOKEN_CURRENT_TOKENS . ": </div>";
foreach ($logins as $id => $v) {
echo "<div style='margin: 0px 0px 3px 5px;'>" . $v . " (<a onclick='t_del(" . $id . ", \"" . $v . "\"); return false;' href='#'>" . NETCAT_MODERATION_DELETE . "</a>)</div>";
}
}
echo "<div style='margin: 10px 0px; font-weight: bold;'>" . CONTROL_AUTH_TOKEN_NEW . "</div>";
echo "<div id='t_plugin_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_TOKEN_PLUGIN_ERROR . "</div>\n\t\t\t\t<div id='t_usbtoken_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_TOKEN_MISS . "</div>\n\t\t\t\t<div id='t_pin_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_PIN_INCORRECT . "</div>\n\t\t\t\t<div id='t_login_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_LOGIN_NOT_EMPTY . "</div>\n\t\t\t\t<div id='t_key_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_KEYPAIR_INCORRECT . "</div>\n\t\t\t\t<div>\n\t\t\t\t" . CONTROL_AUTH_HTML_LOGIN . ": <br/><input name='nc_token_login' id='nc_token_login' /><br/><br/>\n\t\t\t\t<input type='hidden' name='nc_token_key' id='nc_token_key' value='' />\n\t\t\t\t<input type='button' onclick='t_reg()' value='" . CONTROL_AUTH_TOKEN_NEW_BUTTON . "' title='" . CONTROL_AUTH_TOKEN_NEW_BUTTON . "' />\n\t\t\t\t</div>\n\t\t\t\t</fieldset>\n\t\t\t\t<div id='nc_token_plugin_wrapper'></div>\n\t\t\t\t<script>\n\n\t\t\t\t</script>\n\t\t\t\t<script src='" . $nc_core->SUB_FOLDER . $nc_core->HTTP_ROOT_PATH . "modules/auth/auth.js'></script>\n\t\t\t\t<script>\n\t\t\t\tvar nc_token_obj = null;\n\t\t\t\tfunction create_nc_token_object() {\n\t\t\t\t if (!nc_token_obj) {\n\t\t\t \$nc(\"#nc_token_plugin_wrapper\").append(\"<object id='nc_token_plugin' type='application/x-rutoken' width='0' height='0'></object>\");\n\t\t\t nc_token_obj = new nc_auth_token ( {'token_id' : 'nc_token_key'});\n\t\t\t\t }\n\t\t\t\t}\n\t\t\t\tfunction t_reg () {\n\t\t\t\tcreate_nc_token_object();\n\t\t\t\tvar r;\n\t\t\t\t\$nc('.token_error').hide();\n\t\t\t\tswitch ( r = nc_token_obj.reg() ) {\n\t\t\t\t case 1: \$nc('#t_plugin_error').show(); break; // нет плагина\n\t\t\t\t case 2: \$nc('#t_usbtoken_error').show(); break; // нет токена\n\t\t\t\t case 3: \$nc('#t_pin_error').show(); break; // пин неверный\n\t\t\t\t case 4: \$nc('#t_login_error').show(); break; // логин неверный\n\t\t\t\t case 5: \$nc('#t_key_error').show(); break; // ошибка создания ключа\n\t\t\t\t case 0 : document.getElementById('adminForm').submit(); break;// все хорошо\n\t\t\t\t default: alert('error: ' + r); // непредвиденная ошибка\n\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tfunction t_del ( id, name ) {\n\t\t\t\tcreate_nc_token_object();\n\t\t\t\tif ( confirm('" . NETCAT_MODERATION_DELETE . "') ) {\n\t\t\t\t nc_token_obj.attempt_delete(name);\n\t\t\t\t \$nc('#nc_token_destroy').val(id);\n\t\t\t\t document.getElementById('adminForm').submit();\n\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t</script>";
}
?>
<?php
echo $nc_core->token->get_input();
?>
<input type='hidden' name=phase value=<?php
echo $phase;
?>
>
<input type='submit' class='hidden'>
</form>
<?php
}
