/**
* Show update permissions page
*
* @param void
* @return null
*/
function update_permissions()
{
$user = Contacts::findById(get_id());
if (!($user instanceof Contact && $user->isUser()) || $user->getDisabled()) {
flash_error(lang('user dnx'));
ajx_current("empty");
return;
}
// if
if (!$user->canUpdatePermissions(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
// if
$redirect_to = array_var($_GET, 'redirect_to');
if (trim($redirect_to) == '' || !is_valid_url($redirect_to)) {
$redirect_to = $user->getCardUserUrl();
}
// if
$sys_permissions_data = array_var($_POST, 'sys_perm');
if (!is_array($sys_permissions_data)) {
$pg_id = $user->getPermissionGroupId();
$parameters = permission_form_parameters($pg_id);
// Module Permissions
$module_permissions = TabPanelPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}"));
$module_permissions_info = array();
foreach ($module_permissions as $mp) {
$module_permissions_info[$mp->getTabPanelId()] = 1;
}
$all_modules = TabPanels::findAll(array("conditions" => "`enabled` = 1", "order" => "ordering"));
$all_modules_info = array();
foreach ($all_modules as $module) {
$all_modules_info[] = array('id' => $module->getId(), 'name' => lang($module->getTitle()), 'ot' => $module->getObjectTypeId());
}
// System Permissions
$system_permissions = SystemPermissions::findById($pg_id);
tpl_assign('module_permissions_info', $module_permissions_info);
tpl_assign('all_modules_info', $all_modules_info);
tpl_assign('system_permissions', $system_permissions);
tpl_assign('permission_parameters', $parameters);
$more_permissions = array();
Hook::fire('add_user_permissions', $pg_id, $more_permissions);
tpl_assign('more_permissions', $more_permissions);
// Permission Groups
$groups = PermissionGroups::getNonPersonalSameLevelPermissionsGroups('`parent_id`,`id` ASC');
tpl_assign('groups', $groups);
$roles = SystemPermissions::getAllRolesPermissions();
tpl_assign('roles', $roles);
$tabs = TabPanelPermissions::getAllRolesModules();
tpl_assign('tabs_allowed', $tabs);
tpl_assign('guest_groups', PermissionGroups::instance()->getGuestPermissionGroups());
}
tpl_assign('user', $user);
tpl_assign('redirect_to', $redirect_to);
if (array_var($_POST, 'submitted') == 'submitted') {
$user_data = array_var($_POST, 'user');
if (!is_array($user_data)) {
$user_data = array();
}
try {
DB::beginWork();
$pg_id = $user->getPermissionGroupId();
$user->setUserType(array_var($user_data, 'type'));
$user->save();
save_permissions($pg_id, $user->isGuest());
DB::commit();
flash_success(lang('success user permissions updated'));
ajx_current("back");
} catch (Exception $e) {
DB::rollback();
flash_error($e->getMessage());
ajx_current("empty");
}
}
// if
}
/**
* Add user
*
* @access public
* @param void
* @return null
*/
function add_user() {
$max_users = config_option('max_users');
if ($max_users && (Contacts::count() >= $max_users)) {
flash_error(lang('maximum number of users reached error'));
ajx_current("empty");
return;
}
$company = Contacts::findById(get_id('company_id'));
if (!($company instanceof Contact)) {
$company = owner_company();
}
if (!can_manage_security(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
} // if
$user = new Contact();
$user_data = array_var($_POST, 'user');
// Populate form fields
if (!is_array($user_data)) {
//if it is a new user
$contact_id = get_id('contact_id');
$contact = Contacts::findById($contact_id);
if ($contact instanceof Contact) {
if (!is_valid_email($contact->getEmailAddress())){
ajx_current("empty");
flash_error(lang("contact email is required to create user"));
return false;
}
//if it will be created from a contact
$user_data = array(
'username' => $this->generateUserNameFromContact($contact),
'display_name' => $contact->getFirstname() . $contact->getSurname(),
'email' => $contact->getEmailAddress('personal'),
'contact_id' => $contact->getId(),
'password_generator' => 'random',
'type' => 'Executive',
'can_manage_time' => true,
); // array
tpl_assign('ask_email', false);
} else {
// if it is new, and created from admin interface
$user_data = array(
'password_generator' => 'random',
'company_id' => $company->getId(),
'timezone' => $company->getTimezone(),
'create_contact' => true,
'send_email_notification' => false,
'type' => 'Executive',
'can_manage_time' => true,
);
tpl_assign('ask_email', true);
}
// System permissions
tpl_assign('system_permissions', new SystemPermission());
// Module permissions
$module_permissions_info = array();
$all_modules = TabPanels::findAll(array("conditions" => "`enabled` = 1", "order" => "ordering"));
$all_modules_info = array();
foreach ($all_modules as $module) {
$all_modules_info[] = array('id' => $module->getId(), 'name' => lang($module->getTitle()), 'ot' => $module->getObjectTypeId());
}
tpl_assign('module_permissions_info', $module_permissions_info);
tpl_assign('all_modules_info', $all_modules_info);
// Member permissions
$parameters = permission_form_parameters(0);
tpl_assign('permission_parameters', $parameters);
// Permission Groups
$groups = PermissionGroups::getNonPersonalSameLevelPermissionsGroups('`parent_id`,`id` ASC');
tpl_assign('groups', $groups);
$roles= SystemPermissions::getAllRolesPermissions();
tpl_assign('roles', $roles);
$tabs= TabPanelPermissions::getAllRolesModules();
tpl_assign('tabs_allowed', $tabs);
} // if
tpl_assign('user', $user);
tpl_assign('company', $company);
tpl_assign('user_data', $user_data);
//Submit User
if (is_array(array_var($_POST, 'user'))) {
if (!array_var($user_data, 'createPersonalProject')) {
$user_data['personal_project'] = 0;
}
try {
Contacts::validateUser($user_data);
DB::beginWork();
$user = $this->createUser($user_data, array_var($_POST,'permissions'));
DB::commit();
flash_success(lang('success add user', $user->getObjectName()));
ajx_current("back");
} catch(Exception $e) {
DB::rollback();
ajx_current("empty");
flash_error($e->getMessage());
} // try
} // if
} // add_user
$default_roles_by_type = PermissionGroups::instance()->getDefaultRolesByType();
foreach ($default_roles_by_type as $type => $role) {
?>
og.defaultRoleByType[<?php
echo $type;
?>
] = <?php
echo $role;
?>
;
<?php
}
?>
<?php
$rolePermissions = SystemPermissions::getAllRolesPermissions();
echo "og.userRolesPermissions =" . json_encode($rolePermissions) . ";";
$maxRolePermissions = MaxSystemPermissions::getAllMaxRolesPermissions();
echo "og.userMaxRolesPermissions =" . json_encode($maxRolePermissions) . ";";
echo "og.defaultRoleObjectTypePermissions = " . json_encode(RoleObjectTypePermissions::getAllRoleObjectTypePermissionsInfo()) . ";";
echo "og.maxRoleObjectTypePermissions = " . json_encode(MaxRoleObjectTypePermissions::getAllMaxRoleObjectTypePermissionsInfo()) . ";";
?>
<?php
$tabs_allowed = TabPanelPermissions::getAllRolesModules();
echo "og.tabs_allowed=" . json_encode($tabs_allowed) . ";";
$guest_groups = PermissionGroups::instance()->getGuestPermissionGroups();
echo "og.guest_permission_group_ids = [];";
foreach ($guest_groups as $gg) {
echo "og.guest_permission_group_ids.push(" . $gg->getId() . ");";
}
