}
break;
case 'templates':
$tpls = CMS_pageTemplatesCatalog::getAll(true, '', array(), '', array_keys($results));
foreach ($tpls as $tpl) {
$items[] = $tpl->getJSonDescription($cms_user, $cms_language, false);
}
break;
case 'users':
$users = CMS_profile_usersCatalog::getAll(false, false, true, array('id_pru' => array_keys($results)));
foreach ($users as $user) {
$items[] = $user->getJSonDescription($cms_user, $cms_language, false);
}
break;
case 'groups':
$groups = CMS_profile_usersGroupsCatalog::search('', '', false, array_keys($results));
foreach ($groups as $group) {
$items[] = $group->getJSonDescription($cms_user, $cms_language, false);
}
break;
default:
$module = CMS_modulesCatalog::getByCodename($type);
$items = $module->getSearchResults(array_keys($results), $cms_user);
break;
}
//set each results items as right position
foreach ($items as $item) {
if ($item['id']) {
$resultsDatas['results'][$results[$item['id']]] = $item;
//rewrite id to avoid overwrite
$resultsDatas['results'][$results[$item['id']]]['id'] = md5($type . $item['id']);
/**
* Get all selected recipients for the field
* @return array of usersIds which are recipients of the notification
* @access public
*/
private function _getRecipients($objectID)
{
$params = $this->getParamsValues();
$recipients = array();
if (isset($params['usersGroupsField']) && $params['usersGroupsField']) {
//instanciate related item
$item = CMS_poly_object_catalog::getObjectByID($objectID, false, true);
if (!is_object($item) || $item->hasError()) {
return $recipients;
}
//does selected field represent users or groups ?
$field = new CMS_poly_object_field($params['usersGroupsField']);
$isGroup = $field->getParameter('isGroup');
//get item field value
$ids = $item->objectValues($params['usersGroupsField'])->getValue('ids');
if (!$ids) {
return array();
}
//get users ids
if ($isGroup) {
foreach ($ids as $groupId) {
$usersIds = CMS_profile_usersGroupsCatalog::getGroupUsers($groupId, false);
foreach ($usersIds as $userId) {
$recipients[$userId] = $userId;
}
}
} else {
$recipients = $ids;
}
} else {
//get all active users ids
$allUsers = CMS_profile_usersCatalog::getAll(true, false, false);
//check if user is in included or excluded parameters lists
$selectedGroups = $params['disableGroups'] ? explode(';', $params['disableGroups']) : array();
$selectedUsers = $params['disableUsers'] ? explode(';', $params['disableUsers']) : array();
//check all users to see if it match selection parameters
foreach ($allUsers as $userId) {
if ($params['includeExclude']) {
//user must be in selected groups or users to get email
$userSelected = false;
if (is_array($selectedGroups) && $selectedGroups) {
foreach ($selectedGroups as $groupId) {
if (CMS_profile_usersGroupsCatalog::userBelongsToGroup($userId, $groupId)) {
$userSelected = true;
}
}
}
if (is_array($selectedUsers) && $selectedUsers && in_array($userId, $selectedUsers)) {
$userSelected = true;
}
} else {
//user must NOT be in selected groups or users to get email
$userSelected = true;
if (is_array($selectedGroups) && $selectedGroups) {
foreach ($selectedGroups as $groupId) {
if (CMS_profile_usersGroupsCatalog::userBelongsToGroup($userId, $groupId)) {
$userSelected = false;
}
}
}
if (is_array($selectedUsers) && $selectedUsers && in_array($userId, $selectedUsers)) {
$userSelected = false;
}
}
if ($userSelected) {
$recipients[] = $userId;
}
}
}
return $recipients;
}
if ($userId) {
$userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
} else {
$userGroups = array();
}
if ($userId && $filter) {
//search users
$groups = CMS_profile_usersGroupsCatalog::search($search, $letter, $userId, array(), $sort, $dir, $start, $limit);
} else {
//search users
$groups = CMS_profile_usersGroupsCatalog::search($search, $letter, false, array(), $sort, $dir, $start, $limit);
}
//loop over groups to get all required infos
foreach ($groups as $group) {
$datas = array('id' => $group->getGroupId(), 'label' => $group->getLabel(), 'description' => $group->getDescription());
if ($userId) {
$datas['belong'] = isset($userGroups[$group->getGroupId()]);
} else {
$datas['users'] = sizeof($group->getUsersRef());
}
$groupsDatas['groups'][] = $datas;
}
if ($userId && $filter) {
//total users count for search
$groupsDatas['totalCount'] = sizeof(CMS_profile_usersGroupsCatalog::search($search, $letter, $userId, array(), $sort, $dir, 0, 0, false));
} else {
//total users count for search
$groupsDatas['totalCount'] = sizeof(CMS_profile_usersGroupsCatalog::search($search, $letter, false, array(), $sort, $dir, 0, 0, false));
}
$view->setContent($groupsDatas);
$view->show();
/**
* Deprecated, Returns the first userGroup, to which a user belongs to
* Returns empty group if no group found
* Static function.
*
* @param CMS_profile_user|integer $user
* @return CMS_profile_usersGroup
* @access public
*/
static function getGroupOfUser($user)
{
CMS_grandFather::raiseError('This function is deprecated since Automne 3.3.0, You must use getGroupsOfUser instead !');
$groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user);
if (is_array($groups) && $groups) {
return array_shift($groups);
} else {
return new CMS_profile_usersGroup();
}
}
/**
* get HTML admin subfields parameters (used to enter object categories parameters values in admin)
*
* @return string : the html admin
* @access public
*/
function getHTMLSubFieldsParametersDisableGroups($language, $prefixName)
{
$params = $this->getParamsValues();
$values = $this->_parameterValues;
$input = '';
$parameters = $this->getSubFieldParameters();
foreach ($parameters as $parameterID => $parameter) {
$paramValue = $values[$parameterID];
if ($parameter["type"] == "disableGroups") {
// Search all users/groups
$usersGroups = CMS_profile_usersGroupsCatalog::getGroupsLabels();
//sort and index table
$userGroupSorted = array();
foreach ($usersGroups as $groupId => $aGroupLabel) {
$userGroupSorted[$groupId] = $aGroupLabel;
}
//sort objects by name case insensitive
natcasesort($userGroupSorted);
// Search all selected users/groups
$associated_items = array();
if ($params[$parameter["internalName"]]) {
$associated_items = explode(";", $params[$parameter["internalName"]]);
}
//remove deleted groups from selected list
foreach ($associated_items as $key => $groupId) {
if (!isset($userGroupSorted[$groupId])) {
unset($associated_items[$key]);
}
}
// Create usersListboxes
$s_items_listboxes = CMS_dialog_listboxes::getListBoxes(array('field_name' => $prefixName . $parameter['internalName'], 'items_possible' => $userGroupSorted, 'items_selected' => $associated_items, 'select_width' => '250px', 'select_height' => '200px', 'form_name' => 'frm', 'leftTitle' => $language->getMessage(self::MESSAGE_OBJECT_USERGROUP_PARAMETER_GROUPS_LEFT_TITLE, false, MOD_POLYMOD_CODENAME), 'rightTitle' => $language->getMessage(self::MESSAGE_OBJECT_USERGROUP_PARAMETER_GROUPS_RIGHT_TITLE, false, MOD_POLYMOD_CODENAME)));
$input .= $s_items_listboxes;
}
}
return $input;
}
if ($userId) {
$user = CMS_profile_usersCatalog::getByID($userId);
if (!$user || $user->hasError()) {
$user = false;
}
}
if (is_a($group, "CMS_profile_usersGroup") && is_a($user, "CMS_profile_user")) {
//Get current user groups ids
$userGroupIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user, true, true);
//first reset profile clearances
$user->resetClearances();
//then loop through user groups
foreach ($userGroupIds as $userGroupId) {
if ($userGroupId == $groupId) {
//remove user to group
$oldGroup = CMS_profile_usersGroupsCatalog::getByID($groupId);
if ($oldGroup->removeUser($user)) {
$oldGroup->writeToPersistence();
}
} else {
//add group to user
$user->addGroup($userGroupId);
}
}
//then write user profile into persistence
$user->writeToPersistence();
$log = new CMS_log();
$log->logMiscAction(CMS_log::LOG_ACTION_PROFILE_USER_EDIT, $cms_user, "User : "******" (remove group to user)");
} else {
$cms_message = $cms_language->getMessage(MESSAGE_PAGE_USER_OR_GROUP_UNKNOWN);
}
/**
* Add a given group to user
*
* @param mixed $group : the group to add or the group id to add
* @return boolean
* @access public
*/
function addGroup($group)
{
if (sensitiveIO::isPositiveInteger($group)) {
//instanciate group to add
$group = CMS_profile_usersGroupsCatalog::getByID($group);
}
if (!is_a($group, 'CMS_profile_usersGroup')) {
$this->raiseError('Invalid group value to add : ' . $group);
return false;
}
return $group->addToUserAndWriteToPersistence($this);
}
/**
* Search users
* Static function.
*
* @param string search : search user by lastname, firstname or login
* @param string letter : search user by first lastname letter
* @param integer group : search user by group ID
* @param string order : order by fieldname (without suffix). default : lastname, firstname
* @param integer start : search start offset
* @param integer limit : search limit (default : 0 : unlimited)
* @param boolean activeOnly : return only active users (default : false)
* @param boolean returnObjects : return CMS_profile_user objects (default) or array of userId
* @return array(CMS_profile_user)
* @access public
*/
static function search($search = '', $letter = '', $group = '', $order = '', $direction = 'asc', $start = 0, $limit = 0, $activeOnly = false, $returnObjects = true, &$score = array())
{
$start = (int) $start;
$limit = (int) $limit;
$group = (int) $group;
$direction = in_array(io::strtolower($direction), array('asc', 'desc')) ? io::strtolower($direction) : 'asc';
$keywordsWhere = $letterWhere = $groupWhere = $orderBy = $orderClause = $idWhere = '';
$select = 'id_pru';
if (io::strpos($search, ':noroot:') !== false) {
$idWhere = " and id_pru != '" . ROOT_PROFILEUSER_ID . "'";
$search = trim(str_replace(':noroot:', '', $search));
}
if (io::substr($search, 0, 5) == 'user:'******'" . sensitiveIO::sanitizeSQLString(io::substr($search, 5)) . "'";
$search = '';
}
if (io::substr($search, 0, 6) == 'group:' && sensitiveIO::isPositiveInteger(io::substr($search, 6))) {
$group = io::substr($search, 6);
$search = '';
}
if ($search) {
//clean user keywords (never trust user input, user is evil)
$keyword = strtr($search, ",;", " ");
$words = array();
$words = array_map("trim", array_unique(explode(" ", io::strtolower($keyword))));
$cleanedWords = array();
foreach ($words as $aWord) {
if ($aWord && $aWord != '' && io::strlen($aWord) >= 3) {
$aWord = str_replace(array('%', '_'), array('\\%', '\\_'), $aWord);
if (htmlentities($aWord) != $aWord) {
$cleanedWords[] = htmlentities($aWord);
}
$cleanedWords[] = $aWord;
}
}
if (!$cleanedWords) {
//if no words after cleaning, return
return array();
}
foreach ($cleanedWords as $cleanedWord) {
$keywordsWhere .= $keywordsWhere ? " and " : '';
$keywordsWhere .= " (\n\t\t\t\t\tlastName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor firstName_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t\tor login_pru like '%" . sensitiveIO::sanitizeSQLString($cleanedWord) . "%'\n\t\t\t\t)";
}
$keywordsWhere = ' and ((' . $keywordsWhere . ')';
$select .= " , MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') as m ";
$keywordsWhere .= " or MATCH (lastName_pru, firstName_pru, login_pru) AGAINST ('" . sensitiveIO::sanitizeSQLString($search) . "') )";
}
if ($letter && io::strlen($letter) === 1) {
$letterWhere = " and lastName_pru like '" . sensitiveIO::sanitizeSQLString($letter) . "%'";
}
if ($group) {
$groupUsers = CMS_profile_usersGroupsCatalog::getGroupUsers($group, false);
if (!$groupUsers) {
return array();
}
$groupWhere = " and id_pru in (" . implode(',', $groupUsers) . ")";
}
if ($order != 'score') {
if ($order) {
$found = false;
$sql = "DESCRIBE profilesUsers";
$q = new CMS_query($sql);
while ($field = $q->getValue('Field')) {
if ($field == $order . '_pru') {
$found = true;
}
}
if ($found) {
$orderBy = $order . '_pru';
} else {
$orderBy = 'lastName_pru,firstName_pru';
}
} else {
$orderBy = 'lastName_pru,firstName_pru';
}
if ($orderBy) {
$orderClause = "order by\n\t\t\t\t\t" . $orderBy . "\n\t\t\t\t\t" . $direction;
}
} elseif ($search) {
$orderClause = " order by m " . $direction;
}
$sql = "\n\t\t\tselect\n\t\t\t\t" . $select . "\n\t\t\tfrom\n\t\t\t\tprofilesUsers\n\t\t\twhere \n\t\t\t deleted_pru='0'\n\t\t\t" . ($activeOnly ? " and active_pru='1' " : '') . "\n\t\t\t" . $keywordsWhere . "\n\t\t\t" . $letterWhere . "\n\t\t\t" . $groupWhere . "\n\t\t\t" . $idWhere . "\n\t\t\t" . $orderClause . "\n\t\t";
if ($limit) {
$sql .= "limit \n\t\t\t\t" . $start . ", " . $limit;
}
$q = new CMS_query($sql);
//pr($sql);
//pr($q->getNumRows());
$users = array();
while ($r = $q->getArray()) {
$id = $r['id_pru'];
//set match score if exists
if (isset($r['m'])) {
$score[$id] = $r['m'];
}
if ($returnObjects) {
$usr = CMS_profile_usersCatalog::getByID($id);
if (is_a($usr, "CMS_profile_user") && !$usr->hasError()) {
if ($activeOnly && $usr->isActive() || !$activeOnly) {
$users[] = $usr;
}
}
} else {
$users[] = $id;
}
}
//pr($score);
return $users;
}
/**
* Apply group profile to all users belonging in this group
* This method must be as fast as possible
*
* @return void
* @access public
*/
function applyToUsers()
{
if (!$this->_users) {
return true;
}
// class users by groups they belong to
$usersByGroups = array();
foreach ($this->_users as $userId) {
$userGroupsIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
ksort($userGroupsIds);
$usersByGroups[implode(',', $userGroupsIds)][] = $userId;
}
ksort($usersByGroups);
$profiles = array();
//then loop through usersByGroups to compute rights of each combination of groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
$groupIds = explode(',', $groupsIds);
$groupStack = $oldGroupStack = '';
$profile = null;
foreach ($groupIds as $groupId) {
$oldGroupStack = $groupStack;
$groupStack .= $groupStack ? ',' . $groupId : $groupId;
if ($groupStack && isset($profiles[$groupStack])) {
//already computed : do nothing
} elseif ($oldGroupStack && isset($profiles[$oldGroupStack])) {
$profile = clone $profiles[$oldGroupStack];
//get last computation
} else {
$profile = new CMS_profile();
}
if ($profile) {
//add group clearances
$group = CMS_profile_usersGroupsCatalog::getById($groupId);
if ($group && !$group->hasError()) {
$profile->addPageClearances($group->getPageClearances());
$profile->addModuleClearances($group->getModuleClearances());
$profile->addModuleCategoriesClearancesStack($group->getModuleCategoriesClearancesStack());
$profile->addValidationClearances($group->getValidationClearances());
$profile->addAdminClearance($group->getAdminClearance());
$profile->addTemplateGroupsDenied($group->getTemplateGroupsDenied());
$profile->addRowGroupsDenied($group->getRowGroupsDenied());
//store profile
$profiles[$groupStack] = $profile;
}
}
}
}
// Delete old categories clearances first (to speedup further inserts)
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $this->_users) . ")");
while (($id = $q->getValue('profile_pru')) !== false) {
$qdel = new CMS_query("delete from modulesCategories_clearances where profile_mcc ='" . SensitiveIO::sanitizeSQLString($id) . "'");
}
//then loop through usersByGroups to apply rights of users by groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
//get profile for groups
if (isset($profiles[$groupsIds])) {
$profile = $profiles[$groupsIds];
//get profilesIds for users
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $usersIds) . ")");
$usersProfilesIds = array();
while (($id = $q->getValue('profile_pru')) !== false) {
$usersProfilesIds[] = $id;
}
if ($usersProfilesIds) {
//Update profiles
$pagesClearancesStack = $profile->getPageClearances();
$validationClearancesStack = $profile->getValidationClearances();
$moduleClearancesStack = $profile->getModuleClearances();
$templateGroupsDenied = $profile->getTemplateGroupsDenied();
$rowGroupsDenied = $profile->getRowGroupsDenied();
$q = new CMS_query("\n\t\t\t\t\t\tupdate\n\t\t\t\t\t\t\tprofiles\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tadministrationClearance_pr='" . SensitiveIO::sanitizeSQLString($profile->getAdminClearance()) . "',\n\t\t\t\t\t\t\tpageClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($pagesClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tvalidationClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($validationClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tmoduleClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($moduleClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\ttemplateGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($templateGroupsDenied->getTextDefinition()) . "',\n\t\t\t\t\t\t\trowGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($rowGroupsDenied->getTextDefinition()) . "'\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\tid_pr in (" . implode(',', $usersProfilesIds) . ")\n\t\t\t\t\t");
//Update categories clearances
$moduleCategoriesClearanceStack = $profile->getModuleCategoriesClearancesStack();
// Insert new ones
$elements = $moduleCategoriesClearanceStack->getElements();
if (is_array($elements) && $elements) {
$values = '';
foreach ($usersProfilesIds as $userProfileId) {
foreach ($elements as $v) {
$values .= $values ? ',' : '';
$values .= "('" . $userProfileId . "', '" . $v[0] . "', '" . $v[1] . "')";
}
}
$sql = "\n\t\t\t\t\t\t\tinsert into modulesCategories_clearances\n\t\t\t\t\t\t\t\t(profile_mcc, category_mcc, clearance_mcc)\n\t\t\t\t\t\t\tvalues " . $values . "\n\t\t\t\t\t\t";
$q = new CMS_query($sql);
}
}
}
}
//Clear polymod cache
CMS_cache::clearTypeCache('polymod');
return true;
}
function getJSonDescription($user, $cms_language)
{
//groups of user
$userGroups = array();
$groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($this);
$userGroups = '';
if ($groups) {
foreach ($groups as $group) {
$userGroups .= $userGroups ? ', ' : '';
$userGroups .= '<a href="#" onclick="Automne.view.search(\'group:' . $group->getGroupId() . '\');return false;" ext:qtip="' . io::htmlspecialchars($group->getDescription()) . ' (' . $cms_language->getMessage(self::MESSAGE_PAGE_CLICK_TO_VIEW_USER) . ')" class="atm-help">' . $group->getLabel() . '</a>';
}
} else {
$userGroups = $cms_language->getMessage(self::MESSAGE_PAGE_NONE);
}
if ($user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
$edit = array('url' => 'user.php', 'params' => array('userId' => $this->getUserId()));
} else {
$edit = false;
}
return array('id' => $this->getUserId(), 'label' => $this->getFullName(), 'type' => $cms_language->getMessage(self::MESSAGE_PAGE_USER), 'description' => '
' . $cms_language->getMessage(self::MESSAGE_PAGE_NAME) . ' : <strong>' . $this->getLastname() . '</strong><br />
' . $cms_language->getMessage(self::MESSAGE_PAGE_FIRSTNAME) . ' : <strong>' . $this->getFirstname() . '</strong><br />
' . $cms_language->getMessage(self::MESSAGE_PAGE_EMAIL) . ' : <a href="mailto:' . $this->getEmail() . '" ext:qtip="' . $cms_language->getMessage(self::MESSAGE_PAGE_WRITE_TO, array(io::htmlspecialchars($this->getFullName()))) . '">' . $this->getEmail() . '</a><br />
' . $cms_language->getMessage(self::MESSAGE_PAGE_GROUPS) . ' : ' . $userGroups, 'edit' => $edit);
}
$groupId = $profile->getGroupId();
}
$profileId = $profile->getId();
if (!isset($profile) || $profile->hasError()) {
CMS_grandFather::raiseError('Unknown profile for given Id : ' . $profileId);
$view->show();
}
//if user is admin, then it has all rights on module
$disableFields = $disableFieldsDesc = '';
if ($isUser) {
if ($profile->getUserId() == ROOT_PROFILEUSER_ID) {
$disableFields = 'disabled:true,';
$disableFieldsDesc = "<br /><br />" . $cms_language->getJSMessage(MESSAGE_PAGE_USER_ADMINISTRATOR);
} else {
//if user belongs to groups, all fields are disabled
$disableFields = sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? 'disabled:true,' : '';
$disableFieldsDesc = '';
if ($disableFields) {
$disableFieldsDesc = "<br /><br />" . $cms_language->getJSMessage(MESSAGE_PAGE_USER_RIGHT);
}
}
}
$adminTab = '';
// Admin clearance rows
$admins = CMS_profile::getAllAdminClearances();
foreach ($admins as $level => $messages) {
if ($cms_user->hasAdminClearance($level)) {
$checked = $profile->hasAdminClearance($level) ? 'checked:true,' : '';
$adminTab .= "{\n\t\t\t" . $disableFields . "\n\t\t\t" . $checked . "\n\t\t\tboxLabel: \t'<span ext:qtip=\"" . $cms_language->getJSMessage($messages['description']) . "\" class=\"atm-help\">" . $cms_language->getJSMessage($messages['label']) . "</span>',\n\t\t\tname: \t\t'admin[]',\n\t\t\tinputValue:\t'" . $level . "',\n\t\t\tlisteners:\t{'check':function(checkbox, checked){\n\t\t\t\t//enable or disable others checkboxes if admin check if touched\n\t\t\t\tif (checkbox.getRawValue() == 1) {\n\t\t\t\t\tvar form = Ext.getCmp('userAdminPanel-{$profileId}');\n\t\t\t\t\tvar checkboxes = form.findByType('checkbox');\n\t\t\t\t\tfor(var i = 0, checklen = checkboxes.length; i < checklen; i++) {\n\t\t\t\t\t\tif (checkboxes[i].getRawValue() != 1) {\n\t\t\t\t\t\t\tif (checked) {\n\t\t\t\t\t\t\t\tcheckboxes[i].disable();\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tcheckboxes[i].enable();\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}}\n\t\t},";
}
}
$fatherId = sensitiveIO::request('fatherId', '', 'usersGroupsWindow');
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
//check user rights
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
CMS_grandFather::raiseError('User has no users management rights ...');
$view->show();
}
//get records / pages
$recordsPerPage = CMS_session::getRecordsPerPage();
//groups letters
$letters = CMS_profile_usersGroupsCatalog::getLettersForTitle();
//$letters = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z');
$lettersButtons = '';
foreach ($letters as $letter) {
$lettersButtons .= '{
text: \'' . io::strtoupper($letter) . '\',
enableToggle: true,
handler: clickLetter
},';
}
//remove last comma
$lettersButtons = io::substr($lettersButtons, 0, -1);
$jscontent = <<<END
\tvar groupsWindow = Ext.getCmp('{$winId}');
\tvar fatherWindow = Ext.getCmp('{$fatherId}');
\t
//search users
$users = CMS_profile_usersCatalog::search($search, $letter, $groupId, $sort, $dir, $start, $limit);
} else {
//search users
$users = CMS_profile_usersCatalog::search($search, $letter, false, $sort, $dir, $start, $limit);
}
//loop over users to get all required infos
foreach ($users as $user) {
$datas = array('id' => $user->getUserId(), 'firstName' => $user->getFirstName(), 'lastName' => $user->getLastName(), 'login' => $user->getLogin(), 'email' => $user->getEmail(), 'active' => $user->isActive());
if ($groupId) {
$datas['belong'] = isset($groupUsers[$user->getUserId()]);
}
if ($withGroups) {
//groups of user
$userGroups = array();
$groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user);
foreach ($groups as $group) {
$userGroups[] = array('id' => $group->getGroupId(), 'label' => $group->getLabel(), 'description' => $group->getDescription());
}
$datas['groups'] = $userGroups;
}
$usersDatas['users'][] = $datas;
}
//total users count for search
if ($groupId && $filter) {
$usersDatas['totalCount'] = sizeof(CMS_profile_usersCatalog::search($search, $letter, $groupId, $sort, $dir, 0, 0, false, false));
} else {
$usersDatas['totalCount'] = sizeof(CMS_profile_usersCatalog::search($search, $letter, false, $sort, $dir, 0, 0, false, false));
}
$view->setContent($usersDatas);
$view->show();
//This file is an admin file. Interface must be secure
$view->setSecure();
//check user rights
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
CMS_grandFather::raiseError('User has no users management rights ...');
$view->show();
}
//get records / pages
$recordsPerPage = CMS_session::getRecordsPerPage();
//special users Id
$rootProfileUserId = ROOT_PROFILEUSER_ID;
$anonymousProfileUserId = ANONYMOUS_PROFILEUSER_ID;
//user groups
$userGroups = array();
$userGroups['groups'] = array(array('id' => 0, 'label' => '-', 'description' => '{$cms_language->getJsMessage(MESSAGE_PAGE_NO_GROUP)}'));
$groups = CMS_profile_usersGroupsCatalog::getAll();
foreach ($groups as $group) {
$userGroups['groups'][] = array('id' => $group->getGroupId(), 'label' => $group->getLabel(), 'description' => $group->getDescription());
}
//json encode groups datas
$userGroups = sensitiveIO::jsonEncode($userGroups);
//users letters
$letters = CMS_profile_usersCatalog::getLettersForLastName();
//$letters = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z');
$lettersButtons = '';
foreach ($letters as $letter) {
$lettersButtons .= '{
text: \'' . io::strtoupper($letter) . '\',
enableToggle: true,
handler: clickLetter
},';
// +----------------------------------------------------------------------+
// | Session management |
// +----------------------------------------------------------------------+
//Set max depth (iterations count)
if ($maxDepth) {
CMS_session::setSessionVar("modules_clearances_max_depth", $maxDepth);
}
if (!sensitiveIO::isPositiveInteger(CMS_session::getSessionVar("modules_clearances_max_depth"))) {
CMS_session::setSessionVar("modules_clearances_max_depth", 3);
}
$maxDepth = CMS_session::getSessionVar("modules_clearances_max_depth");
// Colors used to visualize access level
$clearance_colors = array(CLEARANCE_MODULE_NONE => '#FF7E71', CLEARANCE_MODULE_VIEW => '#e2faaa', CLEARANCE_MODULE_EDIT => '#CFE779', CLEARANCE_MODULE_MANAGE => '#85A122');
$bg_color_selected = "#fdf5a2";
//if user belongs to groups, all fields are disabled
$disableFields = $profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL) || $isUser && sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? true : false;
//unique hash relative to user module
$hash = md5($moduleCodename . '-' . $profileId);
/**
* Module Elements rights
* (This is recycled code from the V3)
*/
if (!function_exists("build_items_tree")) {
/**
* Recursive function to build items tree.
*
* @param mixed $items : current category or page
* @param integer $count, to determine item in-tree depth
* @param integer $parent_clearance, immediate parent item clearance
* @return string HTML formated
*/
if (!$moduleClearance) {
$moduleClearance = CLEARANCE_MODULE_NONE;
}
if ($moduleCodename == MOD_STANDARD_CODENAME && $moduleClearance == CLEARANCE_MODULE_NONE) {
$moduleClearance = CLEARANCE_PAGE_VIEW;
//users has always this right on standard module
}
//if user is admin, then it has all rights on module
if ($isUser) {
if ($profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
$disableFields = true;
$moduleClearance = CLEARANCE_MODULE_EDIT;
$disableFieldsDesc = "{\n\t\t\tcls:\t'atm-text-alert',\n\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_USER_ADMINISTRATOR_MODULE)}'\n\t\t},";
} else {
//if user belongs to groups, all fields are disabled
$disableFields = sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? true : false;
$disableFieldsDesc = '';
if ($disableFields) {
$disableFieldsDesc = "{\n\t\t\t\tcls:\t'atm-text-alert',\n\t\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_NO_RIGHTS_MODIFY)}'\n\t\t\t},";
}
}
} else {
$disableFields = false;
$disableFieldsDesc = '';
if ($profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
$disableFields = true;
$moduleClearance = CLEARANCE_MODULE_EDIT;
$disableFieldsDesc = "{\n\t\t\tcls:\t'atm-text-alert',\n\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_GROUP_ADMINISTRATOR_MODULE)}'\n\t\t},";
}
}
//Module clearances
