/** * Constuctor * * @param int UserID * @param int PermissionGroupID * @param array $user_result массив с результатми выборки * @return */ function __construct($UserID, $PermissionGroupID = 0, $user_result = null) { global $db; $this->db = $db; $this->_UserID = intval($UserID); $this->_fckeditor = false; $this->_ckeditor = false; // Если есть user_result - то данные можно взять оттуда if ($UserID && $user_result) { $this->_InsideAdminAccess = $user_result[0]['InsideAdminAccess']; foreach ($user_result as $row) { $this->_PermissionGroupID[] = $row['PermissionGroups_ID']; } } elseif ($UserID && !$user_result) { // инчае запросом $this->_InsideAdminAccess = $this->db->get_var("SELECT `InsideAdminAccess` FROM `User` WHERE User_ID='" . $this->_UserID . "'"); $this->_PermissionGroupID = nc_usergroup_get_group_by_user($this->_UserID); } else { // идет работа только с группой $this->_PermissionGroupID = array(intval($PermissionGroupID)); } $this->_countPerm = 0; $SelectPerm = "SELECT `AdminType`, `Catalogue_ID`, `PermissionSet`\n FROM `Permission`\n WHERE ( (" . ($this->_UserID > 0 ? " `User_ID`='" . $UserID . "' OR " : " ") . "\n `PermissionGroup_ID` IN (" . join(',', $this->_PermissionGroupID) . ")\n ) AND (\n ( `PermissionBegin` IS NULL OR UNIX_TIMESTAMP(`PermissionBegin`) <= UNIX_TIMESTAMP() ) AND\n ( `PermissionEnd` IS NULL OR UNIX_TIMESTAMP(`PermissionEnd`) >= UNIX_TIMESTAMP() ) ) )"; $PermResult = $this->db->get_results($SelectPerm, ARRAY_A); if (!empty($PermResult)) { foreach ($PermResult as $PermArray) { switch ($PermArray['AdminType']) { case DIRECTOR: $this->_director = 1; $this->_fckeditor = true; $this->_ckeditor = true; break; case SUPERVISOR: $this->_supervisor = 1; $this->_fckeditor = true; $this->_ckeditor = true; break; case GUEST: $this->_guest = 1; $this->_fckeditor = false; $this->_ckeditor = false; break; case CATALOGUE_ADMIN: $this->_catalogue[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet']; if ($PermArray['PermissionSet'] & (MASK_ADD | MASK_EDIT | MASK_MODERATE)) { $this->_fckeditor = true; $this->_ckeditor = true; } break; case SUBDIVISION_ADMIN: $this->_sub[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet']; if ($PermArray['PermissionSet'] & (MASK_ADD | MASK_EDIT | MASK_MODERATE)) { $this->_fckeditor = true; $this->_ckeditor = true; } break; case SUB_CLASS_ADMIN: $this->_cc[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet']; if ($PermArray['PermissionSet'] & (MASK_ADD | MASK_EDIT | MASK_MODERATE)) { $this->_fckeditor = true; $this->_ckeditor = true; } break; case MODERATOR: //управляет пользователями $this->_user |= $PermArray['PermissionSet']; break; case CLASSIFICATOR_ADMIN: $this->_classificator[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet']; break; case SUBSCRIBER: $this->_subscriber[$PermArray['Catalogue_ID']] |= 1; break; case BAN_SITE: // ограничение в правах $this->_banCat[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet']; break; case BAN_SUB: $this->_banSub[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet']; break; case BAN_CC: $this->_banCC[$PermArray['Catalogue_ID']] |= $PermArray['PermissionSet']; break; } $this->_countPerm++; } } // нулевое значенеи Catalogue_ID означает все сайты if ($this->_catalogue[0] >= 0) { $this->_allSite = $this->_catalogue[0]; } // привязка системных событий $nc_core = nc_Core::get_object(); $nc_core->event->bind($this, array("dropCatalogue" => "dropCataloguePerm")); $nc_core->event->bind($this, array("dropSubdivision" => "dropSubdivisionPerm")); $nc_core->event->bind($this, array("dropSubClass" => "dropSubClassPerm")); $nc_core->event->bind($this, array("dropUser" => "dropUserPerm")); }
/** * Функция исключает пользователя из группы * * @param int $UserID * @param int $PermissionGroupID * @return bool */ function nc_usergroup_remove_from_group($UserID, $PermissionGroupID) { global $nc_core, $db; $UserID = intval($UserID); $PermissionGroupID = intval($PermissionGroupID); if (!$UserID || !$PermissionGroupID) { return false; } $groups = nc_usergroup_get_group_by_user($UserID); // пользователь состоит в группе? + пользователь должен состоять как минимум в одной группе if (empty($groups) || !in_array($PermissionGroupID, $groups) || count($groups) <= 1) { return false; } // execute core action $nc_core->event->execute("updateUserPrep", $UserID); $db->query("DELETE FROM `User_Group` WHERE `User_ID` = '" . $UserID . "' AND `PermissionGroup_ID` = '" . $PermissionGroupID . "'"); // нужно обновить значение в таблице user foreach ($groups as $k => $v) { if ($v == $PermissionGroupID) { unset($groups[$k]); } } $mainGroup = intval(min((array) $groups)); $db->query("UPDATE `User` SET `PermissionGroup_ID` = '" . $mainGroup . "' WHERE `User_ID` = '" . $UserID . "'"); // execute core action $nc_core->event->execute("updateUser", $UserID); return true; }
/** * Форма для добавления \ изменения пользователя * * @param int UserID * @param str action file * @param int next phase * @param int type: 1 - insert; 2 - update */ function UserForm($UserID, $action_file, $phase, $type) { global $nc_core, $db, $ROOT_FOLDER, $admin_mode, $perm, $DOMAIN_NAME; global $HTTP_FILES_PATH, $FILES_FOLDER; global $systemTableID, $systemMessageID, $systemTableName; global $Checked, $PermissionGroupID, $InsideAdminAccess; global $INCLUDE_FOLDER, $ADMIN_PATH; require_once $INCLUDE_FOLDER . "s_files.inc.php"; $UserID = intval($UserID); //есть ли файлы $is_there_any_files = getFileCount(0, $systemTableID); $params = array('Checked', 'InsideAdminAccess', 'PermissionGroupID', 'Catalogue_ID', 'Password1', 'Password2', 'UserID', 'posting'); foreach ($params as $v) { global ${$v}; } $st = new nc_Component(0, 3); foreach ($st->get_fields() as $v) { $name = 'f_' . $v['name']; global ${$name}; if ($v['type'] == 6) { global ${$name . "_old"}; global ${"f_KILL" . $v['id']}; } } if ($type == 1) { $User['Checked'] = $Checked; $User['PermissionGroup_ID'] = $PermissionGroupID; $User['InsideAdminAccess'] = $InsideAdminAccess; } elseif ($type == 2) { $User = $db->get_row("SELECT `Checked`, `InsideAdminAccess`, `Catalogue_ID`\n FROM `User`\n WHERE `User_ID`='" . $UserID . "'", ARRAY_A); if (!$User) { nc_print_status(CONTROL_CONTENT_CATALOUGE_FUNCS_SHOWCATALOGUELIST_DBERROR, 'error'); exit; } // узнаем группы, где он состоит $User['PermissionGroup_ID'] = nc_usergroup_get_group_by_user($UserID); } echo "<br /><form name='adminForm' class='nc-form' id='adminForm' " . ($is_there_any_files ? "enctype='multipart/form-data'" : "") . " method='post' action='" . $action_file . "'>"; if ($type == 2) { echo "ID: {$UserID} "; } // включен / выключен echo nc_admin_checkbox_simple('Checked', 1, CONTROL_CONTENT_SUBDIVISION_FUNCS_MAINDATA_TURNON, $User['Checked'], 'chk') . " "; // доступ в админку echo nc_admin_checkbox_simple('InsideAdminAccess', 1, NETCAT_MODULE_AUTH_INSIDE_ADMIN_ACCESS, $User['InsideAdminAccess']) . " <br /><br />"; // PermissionGroupID //$UserPermGroupID = ($PermissionGroupID ? (int)$PermissionGroupID : $Array['PermissionGroup_ID']); // Группы пользователей $Result = $db->get_results("SELECT `PermissionGroup_ID`, `PermissionGroup_Name` FROM `PermissionGroup` ORDER BY `PermissionGroup_ID`", ARRAY_A); $groups_with_more_rights = $perm->GetGroupWithMoreRights(); if ($db->num_rows < 8) { // Если групп мало, то выводим через checkbox echo (count($Result) == 1 ? CONTROL_USER_GROUP : CONTROL_USER_GROUPS) . ":<br>"; foreach ($Result as $Group) { $id = $Group['PermissionGroup_ID']; $name = $Group['PermissionGroup_Name']; //выключить группы с большими правами $disabled = in_array($id, $groups_with_more_rights) ? 'disabled' : ''; echo nc_admin_checkbox_simple("PermissionGroupID[" . $id . "]", $id, $id . ":" . $name, in_array($id, (array) $User['PermissionGroup_ID']), "grp_" . $id, $disabled) . "<br>"; } echo "<br>"; } else { echo CONTROL_USER_GROUP . ":<br><select name='PermissionGroupID[]' multiple>"; foreach ($Result as $Group) { $id = $Group['PermissionGroup_ID']; $name = $Group['PermissionGroup_Name']; //выключить группы с большими правами $disabled = in_array($id, $groups_with_more_rights) ? 'disabled' : ''; echo "<option" . (in_array($id, (array) $User['PermissionGroup_ID']) ? " selected" : "") . " value='" . $id . "' " . $disabled . ">" . $id . ":" . $name . "</option>"; } echo "</select><br><br>"; } // если есть модуль авторизации, то можно выбрать сайт, где user сможет авторизоваться if (nc_module_check_by_keyword('auth')) { // Catalogue_ID $UserCatID = isset($_POST['Catalogue_ID']) ? (int) $_POST['Catalogue_ID'] : $User['Catalogue_ID']; $Result = $db->get_results("SELECT Catalogue_ID, Catalogue_Name FROM Catalogue", ARRAY_N); echo CONTROL_AUTH_ON_ONE_SITE . ":<br><select name='Catalogue_ID'><option value='0'" . (!$UserCatID ? " selected" : "") . ">" . CONTROL_AUTH_ON_ALL_SITES . "</option>"; foreach ($Result as $row) { echo "<option value='" . $row[0] . "'" . ($User['Catalogue_ID'] == $row[0] ? " selected" : "") . ">" . $row[0] . '. ' . $row[1] . "</option>"; } echo "</select><br><br>"; } if ($type == 1) { echo CONTROL_AUTH_HTML_PASSWORD . ":<br><input type='password' name='Password1' size='30' maxlength='50' value='" . $Password1 . "'><br><br>"; echo CONTROL_AUTH_HTML_PASSWORDCONFIRM . ":<br><input type='password' name='Password2' size='30' maxlength='50' value='" . $Password2 . "'>"; $action = "add"; } elseif ($type == 2) { $action = "change"; $message = $systemMessageID; } require $ROOT_FOLDER . "message_fields.php"; if ($fldCount) { if ($type == 2) { $fieldQuery = join($fld, ","); $fldValue = $db->get_row("select {$fieldQuery} from User where User_ID='" . $systemMessageID . "'", ARRAY_N); } ?> <br /> <style>.nc_admin_form_body span {display: block;}</style> <fieldset> <legend><?php echo CONTROL_USER_TITLE_USERINFOEDIT; ?> </legend> <div class='nc_admin_form_body nc-admin'> <?php $nc_notmodal = 1; require $ROOT_FOLDER . "message_edit.php"; ?> </div> </fieldset> <?php } else { ?> <hr size="1" color="CCCCCC"><?php } print "<input type='hidden' name='UserID' value='" . $UserID . "' />"; print "<input type='hidden' name='posting' value='1' />"; ?> <div align="right"> <?php global $UI_CONFIG; $UI_CONFIG->actionButtons[] = array("id" => "submit", "caption" => $type == 1 ? CONTROL_USER_FUNCS_ADDUSER : CONTROL_CONTENT_CATALOUGE_FUNCS_CATALOGUEFORM_SAVE, "action" => "mainView.submitIframeForm()"); ?> </div> <?php if (nc_module_check_by_keyword('auth')) { $nc_auth_token = new nc_auth_token(); $logins = $nc_auth_token->get_logins($UserID); echo "\n\t\t\t\t<fieldset>\n\t\t\t\t<legend>" . NETCAT_SETTINGS_USETOKEN . "</legend>"; if (!empty($logins)) { echo "<input type='hidden' id='nc_token_destroy' name='nc_token_destroy' value='' />"; echo "<div style='margin-bottom: 5px; font-weight: bold;'>" . CONTROL_AUTH_TOKEN_CURRENT_TOKENS . ": </div>"; foreach ($logins as $id => $v) { echo "<div style='margin: 0px 0px 3px 5px;'>" . $v . " (<a onclick='t_del(" . $id . ", \"" . $v . "\"); return false;' href='#'>" . NETCAT_MODERATION_DELETE . "</a>)</div>"; } } echo "<div style='margin: 10px 0px; font-weight: bold;'>" . CONTROL_AUTH_TOKEN_NEW . "</div>"; echo "<div id='t_plugin_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_TOKEN_PLUGIN_ERROR . "</div>\n\t\t\t\t<div id='t_usbtoken_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_TOKEN_MISS . "</div>\n\t\t\t\t<div id='t_pin_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_PIN_INCORRECT . "</div>\n\t\t\t\t<div id='t_login_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_LOGIN_NOT_EMPTY . "</div>\n\t\t\t\t<div id='t_key_error' class='token_error' style='display:none;'>" . CONTROL_AUTH_KEYPAIR_INCORRECT . "</div>\n\t\t\t\t<div>\n\t\t\t\t" . CONTROL_AUTH_HTML_LOGIN . ": <br/><input name='nc_token_login' id='nc_token_login' /><br/><br/>\n\t\t\t\t<input type='hidden' name='nc_token_key' id='nc_token_key' value='' />\n\t\t\t\t<input type='button' onclick='t_reg()' value='" . CONTROL_AUTH_TOKEN_NEW_BUTTON . "' title='" . CONTROL_AUTH_TOKEN_NEW_BUTTON . "' />\n\t\t\t\t</div>\n\t\t\t\t</fieldset>\n\t\t\t\t<div id='nc_token_plugin_wrapper'></div>\n\t\t\t\t<script>\n\n\t\t\t\t</script>\n\t\t\t\t<script src='" . $nc_core->SUB_FOLDER . $nc_core->HTTP_ROOT_PATH . "modules/auth/auth.js'></script>\n\t\t\t\t<script>\n\t\t\t\tvar nc_token_obj = null;\n\t\t\t\tfunction create_nc_token_object() {\n\t\t\t\t if (!nc_token_obj) {\n\t\t\t \$nc(\"#nc_token_plugin_wrapper\").append(\"<object id='nc_token_plugin' type='application/x-rutoken' width='0' height='0'></object>\");\n\t\t\t nc_token_obj = new nc_auth_token ( {'token_id' : 'nc_token_key'});\n\t\t\t\t }\n\t\t\t\t}\n\t\t\t\tfunction t_reg () {\n\t\t\t\tcreate_nc_token_object();\n\t\t\t\tvar r;\n\t\t\t\t\$nc('.token_error').hide();\n\t\t\t\tswitch ( r = nc_token_obj.reg() ) {\n\t\t\t\t case 1: \$nc('#t_plugin_error').show(); break; // нет плагина\n\t\t\t\t case 2: \$nc('#t_usbtoken_error').show(); break; // нет токена\n\t\t\t\t case 3: \$nc('#t_pin_error').show(); break; // пин неверный\n\t\t\t\t case 4: \$nc('#t_login_error').show(); break; // логин неверный\n\t\t\t\t case 5: \$nc('#t_key_error').show(); break; // ошибка создания ключа\n\t\t\t\t case 0 : document.getElementById('adminForm').submit(); break;// все хорошо\n\t\t\t\t default: alert('error: ' + r); // непредвиденная ошибка\n\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tfunction t_del ( id, name ) {\n\t\t\t\tcreate_nc_token_object();\n\t\t\t\tif ( confirm('" . NETCAT_MODERATION_DELETE . "') ) {\n\t\t\t\t nc_token_obj.attempt_delete(name);\n\t\t\t\t \$nc('#nc_token_destroy').val(id);\n\t\t\t\t document.getElementById('adminForm').submit();\n\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t</script>"; } ?> <?php echo $nc_core->token->get_input(); ?> <input type='hidden' name=phase value=<?php echo $phase; ?> > <input type='submit' class='hidden'> </form> <?php }