function getById($id) {
SecurityPermission::requirePermission("VIEW");
$sql = "SELECT * from security_permission WHERE id=".Database::sqlValue($id);
$result = Database::query($sql);
$r = NULL;
if ($line = $result->next()) {
$r = SecurityPermission::build($line);
}
return $r;
}
function printContent() {
$g = $this->getGroup();
$allPermissions = SecurityPermission::getAll();
$allResources = SecurityResource::getAll();
$msg = $this->getMessage();
?>
<form action="<?=$this->getAction()?>" method="post">
<input type="hidden" name="group" value="<?=$g->getId()?>">
<? if (strlen($msg) > 0) { ?>
<p><b><?=$msg?></b></p>
<? } ?>
<p>
<table border="0">
<tr>
<td>
<table border="0">
<tr bgcolor="<?=BGCOLOR_ALT?>">
<th><?=Text::getText("Resource")?></th>
<? foreach ($allPermissions as $perm) { ?>
<th><?=$perm->getName()?></th>
<? } ?>
</tr>
<? $bg = TRUE; ?>
<? foreach ($allResources as $res) { ?>
<? $bg = !$bg; ?>
<tr<? if ($bg) { ?> bgcolor="<?=BGCOLOR_ALT?>"<? } ?>>
<td><?=$res->getName()?></td>
<? foreach ($allPermissions as $perm) { ?>
<?
$checked = "";
if ($g->hasPermission($res, $perm)) {
$checked = " checked";
}
?>
<td align="center"><input type="checkbox"<?=$checked?> name="res<?=$res->getId()?>_perm<?=$perm->getId()?>"></td>
<? } ?>
</tr>
<? } ?>
</table>
</td>
</tr>
<tr>
<td align="center">
<input type="submit" value="<?=Text::getText("Save")?>">
</td>
</tr>
</table>
</p>
</form>
<?
}
function getPermissions($resource) {
SecurityGroup::requirePermission("VIEW");
$resource_id = $resource->getId();
$sql = "SELECT security_permission.*
FROM security_resource, security_permission, security_group_permission
WHERE security_group_permission.group_id=".Database::sqlValue($id)."
AND security_resource.id=".Database::sqlValue($resource_id)."
AND security_group_permission.resource_id = security_resource.id
AND security_group_permission.permission_id = security_permission.id";
$result = Database::query($sql);
$perms = array();
while ($line = $result->next()) {
array_push($perms, SecurityPermission::build($line));
}
return $perms;
}
<? require_once("classes/SecurityGroup.php"); ?>
<? require_once("classes/SecurityResource.php"); ?>
<? require_once("classes/SecurityPermission.php"); ?>
<?
$group = $_REQUEST['group'];
$g = SecurityGroup::getById($group);
if ($g == NULL) {
$errMsg = Text::getText("GroupNotFound");
$title = Text::getText("GroupPermissions");
include("error.php");
exit;
}
$allPermissions = SecurityPermission::getAll();
$allResources = SecurityResource::getAll();
foreach ($allResources as $res) {
foreach ($allPermissions as $perm) {
$fieldName = "res".$res->getId()."_perm".$perm->getId();
$value = $_REQUEST[$fieldName];
//print $fieldName."=".$value."<br>";
if ($value == "on") {
if (!$g->hasPermission($res, $perm)) {
$g->addPermission($res, $perm);
}
} else {
$g->removePermission($res, $perm);
}
}
}
header("Location: groups.php");
?>
