/**
  * Add or delete groups.
  */
 public function update_groups($handler_vars, $ajax = true)
 {
     $wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']);
     if (isset($handler_vars['digest']) && $handler_vars['digest'] != $wsse['digest'] || isset($handler_vars['password_digest']) && $handler_vars['password_digest'] != $wsse['digest']) {
         Session::error(_t('WSSE authentication failed.'));
         return Session::messages_get(true, 'array');
     }
     if (isset($handler_vars['password_digest']) || isset($handler_vars['digest'])) {
         if (isset($handler_vars['action']) && $handler_vars['action'] == 'add' || isset($handler_vars['newgroup'])) {
             if (isset($handler_vars['newgroup'])) {
                 $name = trim($handler_vars['new_groupname']);
             } else {
                 $name = trim($handler_vars['name']);
             }
             $settings = array('name' => $name);
             $this->theme->addform = $settings;
             if (UserGroup::exists($name)) {
                 Session::notice(sprintf(_t('The group %s already exists'), $name));
                 if ($ajax) {
                     return Session::messages_get(true, 'array');
                 } else {
                     return;
                 }
             } elseif (empty($name)) {
                 Session::notice(_t('The group must have a name'));
                 if ($ajax) {
                     return Session::message_get(true, 'array');
                 } else {
                     return;
                 }
             } else {
                 $groupdata = array('name' => $name);
                 $group = UserGroup::create($groupdata);
                 Session::notice(sprintf(_t('Added group %s'), $name));
                 // reload the groups
                 $this->theme->groups = UserGroups::get_all();
                 $this->theme->addform = array();
             }
             if ($ajax) {
                 return Session::messages_get(true, 'array');
             } else {
                 if (!$ajax) {
                     Utils::redirect(URL::get('admin', 'page=groups'));
                 }
             }
         }
         if (isset($handler_vars['action']) && $handler_vars['action'] == 'delete' && $ajax == true) {
             $ids = array();
             foreach ($_POST as $id => $delete) {
                 // skip POST elements which are not group ids
                 if (preg_match('/^p\\d+$/', $id) && $delete) {
                     $id = (int) substr($id, 1);
                     $ids[] = array('id' => $id);
                 }
             }
             $count = 0;
             if (!isset($ids)) {
                 Session::notice(_t('No groups deleted.'));
                 return Session::messages_get(true, 'array');
             }
             foreach ($ids as $id) {
                 $id = $id['id'];
                 $group = UserGroup::get_by_id($id);
                 $group->delete();
                 $count++;
             }
             if (!isset($msg_status)) {
                 $msg_status = sprintf(_t('Deleted %d groups.'), $count);
             }
             Session::notice($msg_status);
             return Session::messages_get(true, 'array');
         }
     }
 }
 /**
  * Handles POST requests to a group's page.
  */
 public function post_group()
 {
     $group = UserGroup::get_by_id($this->handler_vars['id']);
     $tokens = ACL::all_tokens();
     if (isset($this->handler_vars['nonce'])) {
         $wsse = Utils::WSSE($this->handler_vars['nonce'], $this->handler_vars['timestamp']);
         if (isset($this->handler_vars['digest']) && $this->handler_vars['digest'] != $wsse['digest']) {
             Session::error(_t('WSSE authentication failed.'));
         }
         if (isset($this->handler_vars['delete'])) {
             $group->delete();
             Utils::redirect(URL::get('admin', 'page=groups'));
         }
         if (isset($this->handler_vars['user'])) {
             $users = $this->handler_vars['user'];
             foreach ($users as $user => $status) {
                 if ($status == 1) {
                     $group->add($user);
                 } else {
                     $group->remove($user);
                 }
             }
             foreach ($tokens as $token) {
                 $bitmask = new Bitmask(ACL::$access_names);
                 if (isset($this->handler_vars['tokens'][$token->id]['deny'])) {
                     $bitmask->value = 0;
                     $group->deny($token->id);
                 } else {
                     foreach (ACL::$access_names as $name) {
                         if (isset($this->handler_vars['tokens'][$token->id][$name])) {
                             $bitmask->{$name} = true;
                         }
                     }
                     if (isset($this->handler_vars['tokens'][$token->id]['full'])) {
                         $bitmask->value = $bitmask->full;
                     }
                     if ($bitmask->value != 0) {
                         $group->grant($token->id, $bitmask);
                     } else {
                         $group->revoke($token->id);
                     }
                 }
             }
         }
     }
     Session::notice(_t('Updated permissions.'), 'permissions');
     Utils::redirect(URL::get('admin', 'page=group') . '?id=' . $group->id);
 }
Exemple #3
0
 /**
  * Remove a permission token from the group permissions table
  * @param integer $group_id The group ID
  * @param mixed $token_id The name or ID of the permission token
  * @return the result of the DB query
  */
 public static function revoke_group_token($group_id, $token_id)
 {
     $token_id = self::token_id($token_id);
     $ug = UserGroup::get_by_id($group_id);
     $access = self::get_group_token_access($group_id, $token_id);
     if (empty($access)) {
         $result = true;
     } else {
         $result = DB::delete('{group_token_permissions}', array('group_id' => $group_id, 'token_id' => $token_id));
         EventLog::log(_t('Group %1$s: Permission to %2$s revoked.', array($ug->name, ACL::token_name($token_id))), 'notice', 'user', 'habari');
     }
     $ug->clear_permissions_cache();
     ACL::clear_caches();
     return $result;
 }