/** * Add or delete groups. */ public function update_groups($handler_vars, $ajax = true) { $wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']); if (isset($handler_vars['digest']) && $handler_vars['digest'] != $wsse['digest'] || isset($handler_vars['password_digest']) && $handler_vars['password_digest'] != $wsse['digest']) { Session::error(_t('WSSE authentication failed.')); return Session::messages_get(true, 'array'); } if (isset($handler_vars['password_digest']) || isset($handler_vars['digest'])) { if (isset($handler_vars['action']) && $handler_vars['action'] == 'add' || isset($handler_vars['newgroup'])) { if (isset($handler_vars['newgroup'])) { $name = trim($handler_vars['new_groupname']); } else { $name = trim($handler_vars['name']); } $settings = array('name' => $name); $this->theme->addform = $settings; if (UserGroup::exists($name)) { Session::notice(sprintf(_t('The group %s already exists'), $name)); if ($ajax) { return Session::messages_get(true, 'array'); } else { return; } } elseif (empty($name)) { Session::notice(_t('The group must have a name')); if ($ajax) { return Session::message_get(true, 'array'); } else { return; } } else { $groupdata = array('name' => $name); $group = UserGroup::create($groupdata); Session::notice(sprintf(_t('Added group %s'), $name)); // reload the groups $this->theme->groups = UserGroups::get_all(); $this->theme->addform = array(); } if ($ajax) { return Session::messages_get(true, 'array'); } else { if (!$ajax) { Utils::redirect(URL::get('admin', 'page=groups')); } } } if (isset($handler_vars['action']) && $handler_vars['action'] == 'delete' && $ajax == true) { $ids = array(); foreach ($_POST as $id => $delete) { // skip POST elements which are not group ids if (preg_match('/^p\\d+$/', $id) && $delete) { $id = (int) substr($id, 1); $ids[] = array('id' => $id); } } $count = 0; if (!isset($ids)) { Session::notice(_t('No groups deleted.')); return Session::messages_get(true, 'array'); } foreach ($ids as $id) { $id = $id['id']; $group = UserGroup::get_by_id($id); $group->delete(); $count++; } if (!isset($msg_status)) { $msg_status = sprintf(_t('Deleted %d groups.'), $count); } Session::notice($msg_status); return Session::messages_get(true, 'array'); } } }
/** * Handles POST requests to a group's page. */ public function post_group() { $group = UserGroup::get_by_id($this->handler_vars['id']); $tokens = ACL::all_tokens(); if (isset($this->handler_vars['nonce'])) { $wsse = Utils::WSSE($this->handler_vars['nonce'], $this->handler_vars['timestamp']); if (isset($this->handler_vars['digest']) && $this->handler_vars['digest'] != $wsse['digest']) { Session::error(_t('WSSE authentication failed.')); } if (isset($this->handler_vars['delete'])) { $group->delete(); Utils::redirect(URL::get('admin', 'page=groups')); } if (isset($this->handler_vars['user'])) { $users = $this->handler_vars['user']; foreach ($users as $user => $status) { if ($status == 1) { $group->add($user); } else { $group->remove($user); } } foreach ($tokens as $token) { $bitmask = new Bitmask(ACL::$access_names); if (isset($this->handler_vars['tokens'][$token->id]['deny'])) { $bitmask->value = 0; $group->deny($token->id); } else { foreach (ACL::$access_names as $name) { if (isset($this->handler_vars['tokens'][$token->id][$name])) { $bitmask->{$name} = true; } } if (isset($this->handler_vars['tokens'][$token->id]['full'])) { $bitmask->value = $bitmask->full; } if ($bitmask->value != 0) { $group->grant($token->id, $bitmask); } else { $group->revoke($token->id); } } } } } Session::notice(_t('Updated permissions.'), 'permissions'); Utils::redirect(URL::get('admin', 'page=group') . '?id=' . $group->id); }
/** * Remove a permission token from the group permissions table * @param integer $group_id The group ID * @param mixed $token_id The name or ID of the permission token * @return the result of the DB query */ public static function revoke_group_token($group_id, $token_id) { $token_id = self::token_id($token_id); $ug = UserGroup::get_by_id($group_id); $access = self::get_group_token_access($group_id, $token_id); if (empty($access)) { $result = true; } else { $result = DB::delete('{group_token_permissions}', array('group_id' => $group_id, 'token_id' => $token_id)); EventLog::log(_t('Group %1$s: Permission to %2$s revoked.', array($ug->name, ACL::token_name($token_id))), 'notice', 'user', 'habari'); } $ug->clear_permissions_cache(); ACL::clear_caches(); return $result; }