public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException('Access denied.'); } $collection = new contactsCollection('users/all'); $group = null; $memberIds = array(); if ($id = waRequest::get('id')) { $group_model = new waGroupModel(); $group = $group_model->getById($id); } if ($group) { $user_groups_model = new waUserGroupsModel(); $memberIds = $user_groups_model->getContactIds($id); } $users = $collection->getContacts('id,name'); // array(id => array(id=>...,name=>...)) $members = array(); foreach ($memberIds as $mid) { if (isset($users[$mid])) { $members[$mid] = $users[$mid]; unset($users[$mid]); } } usort($members, array($this, '_cmp')); usort($users, array($this, '_cmp')); $this->view->assign('group', $group); $this->view->assign('notIncluded', $users); $this->view->assign('members', $members); }
public function execute() { $ids = waRequest::request('id', array(), 'array_int'); if (!$ids) { throw new waException('Contact id not specified.'); } // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } $groups = waRequest::post('groups', array(), 'array_int'); $counters = array(); $ugm = new waUserGroupsModel(); if ($this->getRequest()->request('set')) { foreach ($ids as $id) { $ugm->delete($id, array()); } } foreach ($ids as $id) { if ($groups) { $ugm->add(array_map(wa_lambda('$gid', 'return array(' . $id . ', $gid);'), $groups)); } } $gm = new waGroupModel(); foreach ($groups as $gid) { $cnt = $ugm->countByField(array('group_id' => $gid)); $gm->updateCount($gid, $cnt); $counters[$gid] = $cnt; } $this->response['counters'] = $counters; $this->response['message'] = _w("%d user has been added", "%d users have been added", count($ids)); $this->response['message'] .= ' '; $this->response['message'] .= _w("to %d group", "to %d groups", count($groups)); }
public function execute() { $photo_id = waRequest::get('photo_id', array(), waRequest::TYPE_ARRAY_INT); if (!$photo_id) { throw new waException(_w('Empty photo list')); } $photo_model = new photosPhotoModel(); // dialog for one photo if (count($photo_id) == 1) { $photo_id = current($photo_id); $photo = $photo_model->getById($photo_id); $photo_right_model = new photosPhotoRightsModel(); if (!$photo_right_model->checkRights($photo, true)) { $rights = array(0 => array('group_id' => 0, 'photo_id' => null)); } else { $rights = $photo_right_model->getByField('photo_id', $photo_id, 'group_id'); } } else { // dialog for several selected photos // dummies for correct template randering $photo = array('status' => 1); $rights = array(0 => array('group_id' => 0, 'photo_id' => null)); $allowed_photo_id = (array) $photo_model->filterByField($photo_id, 'status', 1); $this->view->assign('photo_count', count($photo_id)); $this->view->assign('disable_submit', count($allowed_photo_id) != count($photo_id)); } $groups_model = new waGroupModel(); $groups = $groups_model->getAll('id', true); $this->view->assign('groups', $groups); $this->view->assign('photo', $photo); $this->view->assign('rights', $rights); }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException('Access denied'); } if (!($group_id = (int) waRequest::get('id'))) { throw new waException('Group id not specified.'); } $gm = new waGroupModel(); $group = $gm->getById($group_id); $right_model = new waContactRightsModel(); $fullAccess = $right_model->get(-$group_id, 'webasyst', 'backend'); $apps = wa()->getApps(); if (!$fullAccess) { $appAccess = $right_model->getApps($group_id, 'backend'); } $noAccess = true; foreach ($apps as $app_id => &$app) { $app['id'] = $app_id; $app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false; $app['access'] = $fullAccess ? 2 : 0; if (!$app['access'] && isset($appAccess[$app_id])) { $app['access'] = $appAccess[$app_id]; } $noAccess = $noAccess && !$app['access']; } unset($app); $this->view->assign('apps', $apps); $this->view->assign('group', $group); $this->view->assign('noAccess', $noAccess); $this->view->assign('fullAccess', $fullAccess); }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } $contacts = $this->getRequest()->post('contacts', array(), 'array_int'); $groups = $this->getRequest()->post('groups', array(), 'array_int'); if (!$contacts || !$groups) { return; } $ugm = new waUserGroupsModel(); $gm = new waGroupModel(); foreach ($contacts as $id) { if ($groups) { $ugm->delete($id, $groups); } } $counters = array(); foreach ($groups as $gid) { $cnt = $ugm->countByField(array('group_id' => $gid)); $gm->updateCount($gid, $cnt); $counters[$gid] = $cnt; } $contacts_count = count($contacts); $groups_count = count($groups); $this->response['message'] = sprintf(_w("%d user excluded", "%d users excluded", $contacts_count), $contacts_count); $this->response['message'] .= ' '; $this->response['message'] .= sprintf(_w("from %d group", "from %d groups", $groups_count), $groups_count); $this->response['counters'] = $counters; }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException('Access denied.'); } $group_model = new waGroupModel(); // Create a group or retreive by id $id = waRequest::post('id'); $name = waRequest::post('name'); if (!$id) { if (!$name && $name !== '0') { throw new waException('No group id and no name given.'); } $id = $group_model->add($name); $this->log('group_add', 1); } else { if ($name || $name === '0') { $group_model->updateById($id, array('name' => $name)); } } if (!$id) { throw new waException('Still no id here...'); // should not happen } $group = $group_model->getById($id); if (!$group) { throw new waException('No group with such id: ' . $id); } $this->response['id'] = $id; $users = waRequest::post('users', array(), 'array_int'); $type = waRequest::post('user_operation'); $user_groups_model = new waUserGroupsModel(); switch ($type) { case 'del': if ($users) { $user_groups_model->delete($users, $id); } break; case 'set': $user_groups_model->emptyGroup($id); // breakthrough // breakthrough case 'add': default: if (!$users) { break; } $data = array(); foreach ($users as $contact_id) { $data[] = array($contact_id, $id); } $user_groups_model->add($data); if ($type == 'set') { $group_model->updateCount($id, count($users)); } break; } }
public function execute() { $album_model = new photosAlbumModel(); $albums = $album_model->getAlbums(false, photosAlbumModel::TYPE_STATIC, $this->getRights('edit') ? false : true, false); $this->view->assign('albums', $albums); $group_model = new waGroupModel(); $groups = $group_model->getNames(); $this->view->assign('groups', $groups); }
public function getGroups() { $m = new waGroupModel(); $groups = $m->getAll(); foreach ($groups as &$g) { $g['name'] = htmlspecialchars($g['name']); } unset($g); return $groups; }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } $group_model = new waGroupModel(); $groups = $group_model->getAll(); $this->view->assign(array('groups' => $groups)); }
public function execute() { if (!$this->getRights('upload')) { throw new waRightsException(_w("You don't have sufficient access rights")); } $groups_model = new waGroupModel(); $this->view->assign('groups', $groups_model->getNames()); $photo_tag_model = new photosTagModel(); $cloud = $photo_tag_model->getCloud('name'); $this->view->assign('cloud', $cloud); }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } $contact_id = waRequest::get('id'); $group_ids = null; if ($contact_id > 0) { $user_groups_model = new waUserGroupsModel(); $group_ids = $user_groups_model->getGroupIds($contact_id); $group_ids[] = 0; } $app_id = waRequest::get('app'); $right_model = new waContactRightsModel(); $rights = $right_model->get($contact_id, $app_id, null, false); $group_rights = null; if ($group_ids) { $group_rights = $right_model->get(array_map(wa_lambda('$a', 'return -$a;'), $group_ids), $app_id, null, false); } // Check custom rights items $app_config = SystemConfig::getAppConfig($app_id); $class_name = $app_config->getPrefix() . "RightConfig"; $file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php"); if (file_exists($file_path)) { // Init app waSystem::getInstance($app_id, $app_config, true); include $file_path; /** * @var waRightConfig $right_config */ $right_config = new $class_name(); $rights += $right_config->getRights($contact_id); if ($group_ids) { $group_rights += $right_config->getRights(array_map(wa_lambda('$a', 'return -$a;'), $group_ids)); } $this->view->assign('html', $right_config->getHTML($rights, $group_rights)); waSystem::setActive('contacts'); } else { $this->view->assign('html', ''); } if ($contact_id > 0) { $this->view->assign('user', new waContact($contact_id)); } else { $gm = new waGroupModel(); $this->view->assign('group', $gm->getById(-$contact_id)); } $app = wa()->getAppInfo($app_id); $app['id'] = $app_id; $this->view->assign('app', $app); $this->view->assign('rights', $rights); $this->view->assign('group_rights', $group_rights); }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } if (!($id = waRequest::post('id'))) { throw new waException('no id'); } $group_model = new waGroupModel(); $group_model->delete($id); $this->response['message'] = _w('Group has been deleted'); }
public static function getIcons() { if (self::$icons === null) { $path = waConfig::get('wa_path_root') . '/wa-content/img/users/'; if (!file_exists($path) || !is_dir($path)) { $list = array(); } if (!($dh = opendir($path))) { $list = array(); } $list = array(); while (false !== ($file = readdir($dh))) { if ($file == '.' || $file == '..') { continue; } if (is_dir($path . '/' . $file)) { continue; } else { $list[] = $file; } } closedir($dh); foreach ($list as &$l) { $p = strpos($l, '.png'); if ($p !== false) { $l = substr($l, 0, $p); } } unset($l); natsort($list); self::$icons = array_values($list); } return self::$icons; }
public function execute() { $id = waRequest::get('id', null, waRequest::TYPE_INT); $album_model = new photosAlbumModel(); $album = $album_model->getById($id); if (!$album) { throw new waException(_w("Unknown album"), 404); } $album_right_model = new photosAlbumRightsModel(); if (!$album_right_model->checkRights($album, true)) { throw new waException(_w("You don't have sufficient access rights"), 403); } if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC && $album['conditions']) { $album['conditions'] = photosCollection::parseConditions($album['conditions']); } if (!$album['conditions']) { $album['conditions'] = array(); } $absolute_full_url = photosFrontendAlbum::getLink($album); if ($absolute_full_url) { $pos = strrpos($absolute_full_url, $album['url']); $full_base_url = $pos !== false ? rtrim(substr($absolute_full_url, 0, $pos), '/') . '/' : ''; $album['full_base_url'] = $full_base_url; } $this->view->assign('album', $album); if ($album['parent_id']) { $this->view->assign('parent', $album_model->getById($album['parent_id'])); } $collection = new photosCollection('album/' . $id); $photos_count = $collection->count(); $this->view->assign('photos_count', $photos_count); $album_params_model = new photosAlbumParamsModel(); $this->view->assign('params', $album_params_model->get($id)); $groups_model = new waGroupModel(); $groups = $groups_model->getAll('id', true); $rights = $album_right_model->getByField('album_id', $id, 'group_id'); $photo_tag_model = new photosTagModel(); $cloud = $photo_tag_model->getCloud('name'); if (!empty($album['conditions']['tag'][1])) { foreach ($album['conditions']['tag'][1] as $tag_name) { $cloud[$tag_name]['checked'] = true; } } $this->view->assign('rights', $rights); $this->view->assign('groups', $groups); $this->view->assign('cloud', $cloud); }
public function execute() { $this->view->assign('views', null); $this->view->assign('settings', $this->getUser()->getSettings('contacts')); $historyModel = new contactsHistoryModel(); $this->view->assign('history', $historyModel->get()); $cc = new contactsCollection(); $this->view->assign('totalContacts', $cc->count()); // only show categories available to current user $crm = new contactsRightsModel(); $wcrm = new waContactRightsModel(); $ccm = new waContactCategoryModel(); $allowed = $crm->getAllowedCategories(); $categories = array(); if ($allowed === true) { $categories = $ccm->getAll(); } else { if ($allowed) { foreach ($ccm->getAll() as $cat) { if (isset($allowed[$cat['id']])) { $categories[] = $cat; } } } } $this->view->assign('categories', $categories); // User views are only available to global admin $r = new waContactRightsModel(); $this->view->assign('superadmin', FALSE); $this->view->assign('admin', FALSE); if (wa()->getUser()->getRights('webasyst', 'backend')) { $this->view->assign('superadmin', TRUE); $this->view->assign('admin', TRUE); $group_model = new waGroupModel(); $this->view->assign('groups', $group_model->getAll()); $cc = new contactsCollection('/users/all/'); $this->view->assign('totalUsers', $cc->count()); } else { if (wa()->getUser()->getRights('contacts', 'backend') >= 2) { $this->view->assign('admin', TRUE); } } // is user allowed to add contacts? $this->view->assign('show_create', $wcrm->get(null, null, 'create')); }
public function execute() { if (!$this->getRights('upload')) { throw new waRightsException(_w("You don't have sufficient access rights")); } $parent_id = waRequest::get('parent_id', 0, waRequest::TYPE_INT); $parent = null; if ($parent_id) { $album_model = new photosAlbumModel(); $parent = $album_model->getById($parent_id); } $this->view->assign('parent', $parent); $groups_model = new waGroupModel(); $this->view->assign('groups', $groups_model->getNames()); $photo_tag_model = new photosTagModel(); $cloud = $photo_tag_model->getCloud('name'); $this->view->assign('cloud', $cloud); }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } $group = null; $group_id = waRequest::get('id'); if ($group_id) { $group_model = new waGroupModel(); $group = $group_model->getById($group_id); } // only allowed to global admin $is_global_admin = wa()->getUser()->getRights('webasyst', 'backend'); $right_model = new waContactRightsModel(); $fullAccess = $right_model->get(-$group_id, 'webasyst', 'backend'); $apps = wa()->getApps(); if (!$fullAccess) { $appAccess = $right_model->getApps($group_id, 'backend'); } $noAccess = true; foreach ($apps as $app_id => &$app) { $app['id'] = $app_id; $app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false; $app['access'] = $fullAccess ? 2 : 0; if (!$app['access'] && isset($appAccess[$app_id])) { $app['access'] = $appAccess[$app_id]; } $noAccess = $noAccess && !$app['access']; } unset($app); $user_groups = new waUserGroupsModel(); $users_count = $user_groups->countByField(array('group_id' => $group_id)); $this->view->assign('users_count', $users_count); $this->view->assign('apps', $apps); $this->view->assign('noAccess', $noAccess); $this->view->assign('fullAccess', $fullAccess); $this->view->assign('is_global_admin', $is_global_admin); $this->view->assign('group', $group); $this->view->assign('icons', waGroupModel::getIcons()); }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException(_w('Access denied')); } $group_model = new waGroupModel(); // Create a group or retreive by id $id = waRequest::post('id'); $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM); $icon = waRequest::post('icon', null, waRequest::TYPE_STRING_TRIM); $data = array(); if ($name || $name === '0') { $data['name'] = $name; } if ($icon) { $data['icon'] = $icon; } if (!$id) { if (!isset($data['name'])) { throw new waException('No group id and no name given.'); } $id = $group_model->insert($data); $this->logAction('group_add', $id); } else { $group_model->updateById($id, $data); } $group = $group_model->getById($id); if (!$group) { throw new waException('No group with such id: ' . $id); } $group = $group_model->getById($id); $group['name'] = htmlspecialchars($group['name']); $this->response['id'] = $id; $this->response['group'] = $group; }
/** * Add joins and conditions for hash /group/$group_id * @param int $id */ protected function groupPrepare($id) { $group_model = new waGroupModel(); $group = $group_model->getById($id); if ($group) { $this->title = $group['name']; $this->update_count = array('model' => $group_model, 'id' => $id, 'count' => isset($group['cnt']) ? $group['cnt'] : 0); } $this->joins[] = array('table' => 'wa_user_groups', 'alias' => 'cg'); $this->where[] = "cg.group_id = " . (int) $id; }
/** * Returns list of all user groups * * @example returns array( * 1 => 'Group 1', * 2 => 'Group 2', * ... * ) * * @return array - associative array with key group id and value group name */ public static function getAllGroups() { $group_model = new waGroupModel(); return $group_model->getNames(); }
/** Using $this->id and $this->contact, if contact is a user, * collect and load vars into $this->view specific to waUser. */ protected function getUserInfo() { $system = waSystem::getInstance(); $rm = new waContactRightsModel(); $ugm = new waUserGroupsModel(); $gm = new waGroupModel(); // Personal and group access rights $groups = $ugm->getGroups($this->id); $ownAccess = $rm->getApps(-$this->id, 'backend', FALSE, FALSE); $groupAccess = $rm->getApps(array_keys($groups), 'backend', FALSE, FALSE); if (!isset($ownAccess['webasyst'])) { $ownAccess['webasyst'] = 0; } if (!isset($groupAccess['webasyst'])) { $groupAccess['webasyst'] = 0; } // Build application list with personal and group access rights for each app $apps = $system->getApps(); $noAccess = true; $gNoAccess = true; foreach ($apps as $app_id => &$app) { $app['id'] = $app_id; $app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false; $app['access'] = $ownAccess['webasyst'] ? 2 : 0; if (!$app['access'] && isset($ownAccess[$app_id])) { $app['access'] = $ownAccess[$app_id]; } $app['gaccess'] = $groupAccess['webasyst'] ? 2 : 0; if (!$app['gaccess'] && isset($groupAccess[$app_id])) { $app['gaccess'] = $groupAccess[$app_id]; } $noAccess = $noAccess && !$app['gaccess'] && !$app['access']; $gNoAccess = $gNoAccess && !$app['gaccess']; } unset($app); $this->view->assign('apps', $apps); $this->view->assign('groups', $groups); $this->view->assign('noAccess', $noAccess ? 1 : 0); $this->view->assign('gNoAccess', $gNoAccess ? 1 : 0); $this->view->assign('all_groups', $gm->getNames()); $this->view->assign('fullAccess', $ownAccess['webasyst']); $this->view->assign('gFullAccess', $groupAccess['webasyst']); $this->view->assign('access_to_contacts', $this->getUser()->getRights('contacts', 'backend')); }
<?php $m = new waGroupModel(); try { $m->query("SELECT icon FROM `wa_group` WHERE 0"); } catch (waDbException $e) { $m->exec("ALTER TABLE `wa_group` ADD COLUMN `icon` VARCHAR(255) NULL DEFAULT NULL"); } try { $m->query("SELECT sort FROM `wa_group` WHERE 0"); } catch (waDbException $e) { $m->exec("ALTER TABLE `wa_group` ADD COLUMN `sort` INT(11) NULL DEFAULT NULL"); } $sort = 0; $res = $m->query("SELECT * FROM `wa_group` ORDER BY name"); foreach ($res as $item) { $m->updateById($item['id'], array('sort' => $sort++)); }