/**
* Sets up the permissions by membergroup index page.
*
* - Called by ?action=managepermissions
* - Creates an array of all the groups with the number of members and permissions.
*
* @uses ManagePermissions language file.
* @uses ManagePermissions template file.
* @uses ManageBoards template, permission_index sub-template.
*/
public function action_list()
{
global $txt, $scripturl, $context, $user_info, $modSettings;
require_once SUBSDIR . '/Membergroups.subs.php';
require_once SUBSDIR . '/Members.subs.php';
require_once SUBSDIR . '/ManagePermissions.subs.php';
$context['page_title'] = $txt['permissions_title'];
// pid = profile id
if (!empty($_REQUEST['pid'])) {
$_REQUEST['pid'] = (int) $_REQUEST['pid'];
}
// We can modify any permission set apart from the read only, reply only and no polls ones as they are redefined.
$context['can_modify'] = empty($_REQUEST['pid']) || $_REQUEST['pid'] == 1 || $_REQUEST['pid'] > 4;
// Load all the permissions. We'll need them in the template.
loadAllPermissions();
// Also load profiles, we may want to reset.
loadPermissionProfiles();
$listOptions = array('id' => 'regular_membergroups_list', 'title' => $txt['membergroups_regular'], 'base_href' => $scripturl . '?action=admin;area=permissions;sa=index' . (isset($_REQUEST['sort2']) ? ';sort2=' . urlencode($_REQUEST['sort2']) : '') . (isset($_REQUEST['pid']) ? ';pid=' . $_REQUEST['pid'] : ''), 'default_sort_col' => 'name', 'get_items' => array('file' => SUBSDIR . '/Membergroups.subs.php', 'function' => 'list_getMembergroups', 'params' => array('all', $user_info['id'], allowedTo('manage_membergroups'), allowedTo('admin_forum'), true, true, isset($_REQUEST['pid']) ? $_REQUEST['pid'] : null)), 'columns' => array('name' => array('header' => array('value' => $txt['membergroups_name'], 'class' => 'grid50'), 'data' => array('function' => create_function('$rowData', '
global $scripturl, $txt;
// Since the moderator group has no explicit members, no link is needed.
// Since guests and regular members are not groups, no link is needed.
if (in_array($rowData[\'id_group\'], array(-1, 0, 3)))
$group_name = $rowData[\'group_name\'];
else
{
$group_name = sprintf(\'<a href="%1$s?action=admin;area=membergroups;sa=members;group=%2$d">%3$s</a>\', $scripturl, $rowData[\'id_group\'], $rowData[\'group_name_color\']);
}
// Add a help option for guests, regular members, moderator and administrator.
if (!empty($rowData[\'help\']))
$group_name .= sprintf(\' (<a href="%1$s?action=quickhelp;help=\' . $rowData[\'help\'] . \'" onclick="return reqOverlayDiv(this.href);">?</a>)\', $scripturl);
if (!empty($rowData[\'children\']))
$group_name .= \'
<br />
<span class="smalltext">\' . $txt[\'permissions_includes_inherited\'] . \': "\' . implode(\'", "\', $rowData[\'children\']) . \'"</span>\';
return $group_name;
')), 'sort' => array('default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name', 'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name DESC')), 'members' => array('header' => array('value' => $txt['membergroups_members_top'], 'class' => 'grid10'), 'data' => array('function' => create_function('$rowData', '
global $txt, $scripturl;
// No explicit members for guests and the moderator group.
if (in_array($rowData[\'id_group\'], array(-1, 3)))
return $txt[\'membergroups_guests_na\'];
elseif ($rowData[\'can_search\'])
return \'<a href="\' . $scripturl . \'?action=moderate;area=viewgroups;sa=members;group=\' . $rowData[\'id_group\'] . \'">\' . comma_format($rowData[\'num_members\']) . \'</a>\';
else
return comma_format($rowData[\'num_members\']);
')), 'sort' => array('default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1', 'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1 DESC')), 'permissions_allowed' => array('header' => array('value' => empty($modSettings['permission_enable_deny']) ? $txt['membergroups_permissions'] : $txt['permissions_allowed'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', '
return $rowData[\'num_permissions\'][\'allowed\'];
'))), 'permissions_denied' => array('evaluate' => !empty($modSettings['permission_enable_deny']), 'header' => array('value' => $txt['permissions_denied'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', '
return $rowData[\'num_permissions\'][\'denied\'];
'))), 'modify' => array('header' => array('value' => $context['can_modify'] ? $txt['permissions_modify'] : $txt['permissions_view'], 'class' => 'grid17'), 'data' => array('function' => create_function('$rowData', '
global $scripturl;
if ($rowData[\'id_group\'] != 1)
return \'<a href="\' . $scripturl . \'?action=admin;area=permissions;sa=modify;group=\' . $rowData[\'id_group\'] . \'' . (isset($_REQUEST['pid']) ? ';pid=' . $_REQUEST['pid'] : '') . '">' . $txt['membergroups_modify'] . '</a>\';
'))), 'check' => array('header' => array('value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />', 'class' => 'centertext', 'style' => 'width:4%;'), 'data' => array('function' => create_function('$rowData', '
if ($rowData[\'id_group\'] != 1)
return \'<input type="checkbox" name="group[]" value="\' . $rowData[\'id_group\'] . \'" class="input_check" />\';
'), 'class' => 'centertext'))));
require_once SUBSDIR . '/GenericList.class.php';
createList($listOptions);
// The second list shows the post count based groups...if enabled
if (!empty($modSettings['permission_enable_postgroups'])) {
$listOptions = array('id' => 'post_count_membergroups_list', 'title' => $txt['membergroups_post'], 'base_href' => $scripturl . '?action=admin;area=permissions;sa=index' . (isset($_REQUEST['sort2']) ? ';sort2=' . urlencode($_REQUEST['sort2']) : '') . (isset($_REQUEST['pid']) ? ';pid=' . $_REQUEST['pid'] : ''), 'default_sort_col' => 'required_posts', 'request_vars' => array('sort' => 'sort2', 'desc' => 'desc2'), 'get_items' => array('file' => SUBSDIR . '/Membergroups.subs.php', 'function' => 'list_getMembergroups', 'params' => array('post_count', $user_info['id'], allowedTo('manage_membergroups'), allowedTo('admin_forum'), false, true, isset($_REQUEST['pid']) ? $_REQUEST['pid'] : null)), 'columns' => array('name' => array('header' => array('value' => $txt['membergroups_name'], 'class' => 'grid25'), 'data' => array('function' => create_function('$rowData', '
global $scripturl;
return sprintf(\'<a href="%1$s?action=admin;area=permissions;sa=members;group=%2$d">%3$s</a>\', $scripturl, $rowData[\'id_group\'], $rowData[\'group_name_color\']);
')), 'sort' => array('default' => 'mg.group_name', 'reverse' => 'mg.group_name DESC')), 'required_posts' => array('header' => array('value' => $txt['membergroups_min_posts'], 'class' => 'grid25'), 'data' => array('db' => 'min_posts'), 'sort' => array('default' => 'mg.min_posts', 'reverse' => 'mg.min_posts DESC')), 'members' => array('header' => array('value' => $txt['membergroups_members_top'], 'class' => 'grid10'), 'data' => array('function' => create_function('$rowData', '
global $scripturl;
if ($rowData[\'can_search\'])
return \'<a href="\' . $scripturl . \'?action=moderate;area=viewgroups;sa=members;group=\' . $rowData[\'id_group\'] . \'">\' . comma_format($rowData[\'num_members\']) . \'</a>\';
else
return comma_format($rowData[\'num_members\']);
')), 'sort' => array('default' => '1 DESC', 'reverse' => '1')), 'permissions_allowed' => array('header' => array('value' => empty($modSettings['permission_enable_deny']) ? $txt['membergroups_permissions'] : $txt['permissions_allowed'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', '
return $rowData[\'num_permissions\'][\'allowed\'];
'))), 'permissions_denied' => array('evaluate' => !empty($modSettings['permission_enable_deny']), 'header' => array('value' => $txt['permissions_denied'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', '
return $rowData[\'num_permissions\'][\'denied\'];
'))), 'modify' => array('header' => array('value' => $txt['modify'], 'class' => 'grid17'), 'data' => array('function' => create_function('$rowData', '
global $scripturl, $txt;
if ($rowData[\'id_parent\'] == -2)
return \'<a href="\' . $scripturl . \'?action=admin;area=permissions;sa=modify;group=\' . $rowData[\'id_group\'] . (isset($_REQUEST[\'pid\']) ? \';pid=\' . $_REQUEST[\'pid\'] : \'\') . \'">\' . $txt[\'membergroups_modify\'] . \'</a>\';
else
return \'<span class="smalltext">\' . $txt[\'permissions_includes_inherited_from\'] . \'"\' . $rowData[\'parent_name\'] . \'"\' . \'</span><br /><a href="\' . $scripturl . \'?action=admin;area=permissions;sa=modify;group=\' . $rowData[\'id_parent\'] . (isset($_REQUEST[\'pid\']) ? \';pid=\' . $_REQUEST[\'pid\'] : \'\') . \'">\' . $txt[\'membergroups_modify_parent\'] . \'</a>\';
'))), 'check' => array('header' => array('value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />', 'class' => 'centertext', 'style' => 'width:4%;'), 'data' => array('sprintf' => array('format' => '<input type="checkbox" name="group[]" value="%1$d" class="input_check" />', 'params' => array('id_group' => false)), 'class' => 'centertext'))));
createList($listOptions);
}
// pid = profile id
if (!empty($_REQUEST['pid'])) {
if (!isset($context['profiles'][$_REQUEST['pid']])) {
fatal_lang_error('no_access', false);
}
// Change the selected tab to better reflect that this really is a board profile.
$context[$context['admin_menu_name']]['current_subsection'] = 'profiles';
$context['profile'] = array('id' => $_REQUEST['pid'], 'name' => $context['profiles'][$_REQUEST['pid']]['name']);
}
$context['groups'] = array_merge(array(0 => $txt['membergroups_members']), getInheritableGroups());
// Load the proper template.
$context['sub_template'] = 'permission_index';
createToken('admin-mpq');
}
/**
* Editing a membergroup.
*
* What it does:
* - Screen to edit a specific membergroup.
* - Called by ?action=admin;area=membergroups;sa=edit;group=x.
* - It requires the manage_membergroups permission.
* - Also handles the delete button of the edit form.
* - Redirects to ?action=admin;area=membergroups.
*
* @uses the edit_group sub template of ManageMembergroups.
*/
public function action_edit()
{
global $context, $txt, $modSettings;
$current_group_id = isset($_REQUEST['group']) ? (int) $_REQUEST['group'] : 0;
if (!empty($modSettings['deny_boards_access'])) {
loadLanguage('ManagePermissions');
}
require_once SUBSDIR . '/Membergroups.subs.php';
// Make sure this group is editable.
if (!empty($current_group_id)) {
$current_group = membergroupById($current_group_id);
}
// Now, do we have a valid id?
if (!allowedTo('admin_forum') && !empty($current_group_id) && $current_group['group_type'] == 1) {
fatal_lang_error('membergroup_does_not_exist', false);
}
// The delete this membergroup button was pressed.
if (isset($_POST['delete'])) {
checkSession();
validateToken('admin-mmg');
if (empty($current_group_id)) {
fatal_lang_error('membergroup_does_not_exist', false);
}
// Let's delete the group
deleteMembergroups($current_group['id_group']);
redirectexit('action=admin;area=membergroups;');
} elseif (isset($_POST['save'])) {
// Validate the session.
checkSession();
validateToken('admin-mmg');
if (empty($current_group_id)) {
fatal_lang_error('membergroup_does_not_exist', false);
}
require_once SUBSDIR . '/DataValidator.class.php';
$validator = new Data_Validator();
// Cleanup the inputs! :D
$validator->sanitation_rules(array('max_messages' => 'intval', 'min_posts' => 'intval|abs', 'group_type' => 'intval', 'group_desc' => 'trim|Util::htmlspecialchars', 'group_name' => 'trim|Util::htmlspecialchars', 'group_hidden' => 'intval', 'group_inherit' => 'intval', 'icon_count' => 'intval', 'icon_image' => 'trim|Util::htmlspecialchars', 'online_color' => 'trim|valid_color'));
$validator->input_processing(array('boardaccess' => 'array'));
$validator->validation_rules(array('boardaccess' => 'contains[allow,ignore,deny]'));
$validator->validate($_POST);
// Can they really inherit from this group?
if ($validator->group_inherit != -2 && !allowedTo('admin_forum')) {
$inherit_type = membergroupById($validator->group_inherit);
}
$min_posts = $validator->group_type == -1 && $validator->min_posts >= 0 && $current_group['id_group'] > 3 ? $validator->min_posts : ($current_group['id_group'] == 4 ? 0 : -1);
$group_inherit = $current_group['id_group'] > 1 && $current_group['id_group'] != 3 && (empty($inherit_type['group_type']) || $inherit_type['group_type'] != 1) ? $validator->group_inherit : -2;
//@todo Don't set online_color for the Moderators group?
// Do the update of the membergroup settings.
$properties = array('max_messages' => $validator->max_messages, 'min_posts' => $min_posts, 'group_type' => $validator->group_type < 0 || $validator->group_type > 3 || $validator->group_type == 1 && !allowedTo('admin_forum') ? 0 : $validator->group_type, 'hidden' => !$validator->group_hidden || $min_posts != -1 || $current_group['id_group'] == 3 ? 0 : $validator->group_hidden, 'id_parent' => $group_inherit, 'current_group' => $current_group['id_group'], 'group_name' => $validator->group_name, 'online_color' => $validator->online_color, 'icons' => $validator->icon_count <= 0 ? '' : min($validator->icon_count, 10) . '#' . $validator->icon_image, 'description' => $current_group['id_group'] == 1 || $validator->group_type != -1 ? $validator->group_desc : '');
updateMembergroupProperties($properties);
call_integration_hook('integrate_save_membergroup', array($current_group['id_group']));
// Time to update the boards this membergroup has access to.
if ($current_group['id_group'] == 2 || $current_group['id_group'] > 3) {
$changed_boards = array();
$changed_boards['allow'] = array();
$changed_boards['deny'] = array();
$changed_boards['ignore'] = array();
if ($validator->boardaccess) {
foreach ($validator->boardaccess as $group_id => $action) {
$changed_boards[$action][] = (int) $group_id;
}
}
foreach (array('allow', 'deny') as $board_action) {
// Find all board this group is in, but shouldn't be in.
detachGroupFromBoards($current_group['id_group'], $changed_boards, $board_action);
// Add the membergroup to all boards that hadn't been set yet.
if (!empty($changed_boards[$board_action])) {
assignGroupToBoards($current_group['id_group'], $changed_boards, $board_action);
}
}
}
// Remove everyone from this group!
if ($min_posts != -1) {
detachDeletedGroupFromMembers($current_group['id_group']);
} elseif ($current_group['id_group'] != 3) {
// Making it a hidden group? If so remove everyone with it as primary group (Actually, just make them additional).
if ($validator->group_hidden == 2) {
setGroupToHidden($current_group['id_group']);
}
// Either way, let's check our "show group membership" setting is correct.
validateShowGroupMembership();
}
// Do we need to set inherited permissions?
if ($group_inherit != -2 && $group_inherit != $_POST['old_inherit']) {
require_once SUBSDIR . '/Permission.subs.php';
updateChildPermissions($group_inherit);
}
// Finally, moderators!
$moderator_string = isset($_POST['group_moderators']) ? trim($_POST['group_moderators']) : '';
detachGroupModerators($current_group['id_group']);
if ((!empty($moderator_string) || !empty($_POST['moderator_list'])) && $min_posts == -1 && $current_group['id_group'] != 3) {
// Get all the usernames from the string
if (!empty($moderator_string)) {
$moderator_string = strtr(preg_replace('~&#(\\d{4,5}|[2-9]\\d{2,4}|1[2-9]\\d);~', '&#$1;', htmlspecialchars($moderator_string, ENT_QUOTES, 'UTF-8')), array('"' => '"'));
preg_match_all('~"([^"]+)"~', $moderator_string, $matches);
$moderators = array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $moderator_string)));
for ($k = 0, $n = count($moderators); $k < $n; $k++) {
$moderators[$k] = trim($moderators[$k]);
if (strlen($moderators[$k]) == 0) {
unset($moderators[$k]);
}
}
// Find all the id_member's for the member_name's in the list.
if (!empty($moderators)) {
$group_moderators = getIDMemberFromGroupModerators($moderators);
}
} else {
$moderators = array();
foreach ($_POST['moderator_list'] as $moderator) {
$moderators[] = (int) $moderator;
}
$group_moderators = array();
if (!empty($moderators)) {
require_once SUBSDIR . '/Members.subs.php';
$members = getBasicMemberData($moderators);
foreach ($members as $member) {
$group_moderators[] = $member['id_member'];
}
}
}
// Found some?
if (!empty($group_moderators)) {
assignGroupModerators($current_group['id_group'], $group_moderators);
}
}
// There might have been some post group changes.
updateStats('postgroups');
// We've definitely changed some group stuff.
updateSettings(array('settings_updated' => time()));
// Log the edit.
logAction('edited_group', array('group' => $validator->group_name), 'admin');
redirectexit('action=admin;area=membergroups');
}
// Fetch the current group information.
$row = membergroupById($current_group['id_group'], true);
if (empty($row) || !allowedTo('admin_forum') && $row['group_type'] == 1) {
fatal_lang_error('membergroup_does_not_exist', false);
}
$row['icons'] = explode('#', $row['icons']);
$context['group'] = array('id' => $row['id_group'], 'name' => $row['group_name'], 'description' => htmlspecialchars($row['description'], ENT_COMPAT, 'UTF-8'), 'editable_name' => $row['group_name'], 'color' => $row['online_color'], 'min_posts' => $row['min_posts'], 'max_messages' => $row['max_messages'], 'icon_count' => (int) $row['icons'][0], 'icon_image' => isset($row['icons'][1]) ? $row['icons'][1] : '', 'is_post_group' => $row['min_posts'] != -1, 'type' => $row['min_posts'] != -1 ? 0 : $row['group_type'], 'hidden' => $row['min_posts'] == -1 ? $row['hidden'] : 0, 'inherited_from' => $row['id_parent'], 'allow_post_group' => $row['id_group'] == 2 || $row['id_group'] > 4, 'allow_delete' => $row['id_group'] == 2 || $row['id_group'] > 4, 'allow_protected' => allowedTo('admin_forum'));
// Get any moderators for this group
$context['group']['moderators'] = getGroupModerators($row['id_group']);
$context['group']['moderator_list'] = empty($context['group']['moderators']) ? '' : '"' . implode('", "', $context['group']['moderators']) . '"';
if (!empty($context['group']['moderators'])) {
list($context['group']['last_moderator_id']) = array_slice(array_keys($context['group']['moderators']), -1);
}
// Get a list of boards this membergroup is allowed to see.
$context['boards'] = array();
if ($row['id_group'] == 2 || $row['id_group'] > 3) {
require_once SUBSDIR . '/Boards.subs.php';
$context += getBoardList(array('override_permissions' => true, 'access' => $row['id_group'], 'not_redirection' => true));
// Include a list of boards per category for easy toggling.
foreach ($context['categories'] as $category) {
$context['categories'][$category['id']]['child_ids'] = array_keys($category['boards']);
}
}
// Finally, get all the groups this could be inherited off.
$context['inheritable_groups'] = getInheritableGroups($row['id_group']);
call_integration_hook('integrate_view_membergroup');
$context['sub_template'] = 'edit_group';
$context['page_title'] = $txt['membergroups_edit_group'];
// Use the autosuggest script when needed
if ($context['group']['id'] != 3 && $context['group']['id'] != 4) {
loadJavascriptFile('suggest.js', array('defer' => true));
}
createToken('admin-mmg');
}
