<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_config::can_i('view', 'Settings') || !module_security::can_i('view', 'Security Roles', 'Security')) {
redirect_browser(_BASE_HREF);
}
$search = isset($_REQUEST['search']) && is_array($_REQUEST['search']) ? $_REQUEST['search'] : array();
$roles = $module->get_roles($search);
$header = array('type' => 'h2', 'title' => _l('Security Roles'), 'main' => true, 'button' => array('title' => 'Add New Role', 'type' => 'add', 'url' => module_security::link_open_role('new')));
print_heading($header);
?>
<form action="" method="post">
<?php
/** START TABLE LAYOUT **/
$table_manager = module_theme::new_table_manager();
$columns = array();
$columns['name'] = array('title' => 'Name', 'callback' => function ($role) use(&$module) {
echo $module->link_open_role($role['security_role_id'], true);
* IP Address: 67.79.165.254
*/
$fieldset_data = array('title' => _l('User Security'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array());
if (module_user::can_i('edit', 'Users Permissions', 'Config')) {
if ($user_id == 1) {
$fieldset_data['elements']['role'] = array('title' => _l('User Role'), 'fields' => array(_l('All Permissions')));
} else {
$user_roles = isset($user['roles']) && is_array($user['roles']) ? $user['roles'] : array();
$roles = module_security::get_roles();
$roles_attributes = array();
foreach ($roles as $role) {
$roles_attributes[$role['security_role_id']] = $role['name'];
}
$current_role = current($user_roles);
$fieldset_data['elements']['role'] = array('title' => _l('User Role'), 'fields' => array(array('type' => 'select', 'name' => 'role_id', 'value' => isset($current_role['security_role_id']) ? $current_role['security_role_id'] : false, 'options' => $roles_attributes)));
if (module_security::can_i('view', 'Security Roles', 'Security')) {
$fieldset_data['elements']['role']['fields'][] = ' <a href="' . module_security::link_open_role($current_role['security_role_id']) . '">edit</a> ';
}
$fieldset_data['elements']['role']['fields'][] = _hr('You can setup a list of permissions to re-use over and over again under Settings > Roles. This will control what parts of the application this user can access (if any). ');
}
}
$fieldset_data['elements']['username'] = array('title' => _l('Username'), 'fields' => array(_l('(same as email address)')));
?>
<!-- fake fields are a workaround for chrome autofill getting the wrong fields -->
<input style="display:none" type="text" name="fakeusernameremembered"/>
<input style="display:none" type="password" name="fakepasswordremembered"/>
<?php
if ($user_id == module_security::get_loggedin_id() || module_user::can_i('edit', 'Users Passwords', 'Config')) {
// do we allow this user to create a password ? or do they have to enter their old password first to change it.
if (!$user['password'] || module_user::can_i('create', 'Users Passwords', 'Config') || isset($_REQUEST['reset_password']) && $_REQUEST['reset_password'] == module_security::get_auto_login_string($user['user_id'])) {
$fieldset_data['elements']['password'] = array('title' => _l('Set Password'), 'fields' => array(array('type' => 'password', 'name' => 'password_new', 'autocomplete' => 'off', 'value' => '', 'class' => 'no_permissions', 'help' => 'Giving this user a password and login permissions will let them gain access to this system. Depending on the permissions you give them will decide what parts of the system they can access.')));
public function process()
{
/*if('save_data_access_popup' == $_REQUEST['_process']){
// saving data access for specieid user id.
// get user id from post.
// todo - make this secure, check current user has permissions to access security :)
// dodgy dave.
$user_id = (int)$_REQUEST['user_id'];
if($user_id && $_REQUEST['access_level']){
$sql = "UPDATE `"._DB_PREFIX."security_access` SET `access_level` = '".(int)$_REQUEST['access_level']."' WHERE user_id = '".$user_id."' LIMIT 1";
query($sql);
}
if($user_id && is_array($_REQUEST['data_access'])){
$sql = "UPDATE `"._DB_PREFIX."security_access` SET `data_access` = '".mysql_real_escape_string(serialize($_REQUEST['data_access']))."' WHERE user_id = '".$user_id."' LIMIT 1";
query($sql);
}
}else */
if ('save_security_role' == $_REQUEST['_process']) {
if (!module_config::can_i('edit', 'Settings')) {
redirect_browser(_BASE_HREF);
}
if (!module_security::can_i('edit', 'Security Roles', 'Security')) {
redirect_browser('/');
}
if (isset($_REQUEST['butt_del']) && module_security::can_i('delete', 'Security Roles', 'Security')) {
$security_role_id = (int) $_REQUEST['security_role_id'];
$role = self::get_security_role($security_role_id);
if ($role && $security_role_id == $role['security_role_id']) {
if (module_form::confirm_delete('security_role_id', "Really delete security role: " . $role['name'], self::link_open_role($security_role_id))) {
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role_perm` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
$sql = "DELETE FROM `" . _DB_PREFIX . "user_role` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
}
}
set_message('Role deleted successfully.');
redirect_browser($this->link_open_role(false));
}
$security_role_id = update_insert('security_role_id', $_REQUEST['security_role_id'], 'security_role', $_POST);
// todo - deleting.
if ($security_role_id) {
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role_perm` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
if (isset($_REQUEST['load_defaults']) && strlen($_REQUEST['load_defaults']) > 0 && ($defaults = json_decode($_REQUEST['load_defaults'], true))) {
//$export_json[$available_permission['category'].'|'.$available_permission['module'].'|'.$available_permission['name'].'|'.$available_permission['description']][] = $permission;
foreach ($defaults as $key => $permissions) {
list($category, $module, $name, $description) = explode('|', $key);
$existing = get_single('security_permission', array('name', 'category', 'description', 'module'), array($name, $category, $description, $module));
$security_permission_id = false;
$available_perms = array();
if ($existing) {
$security_permission_id = $existing['security_permission_id'];
$available_perms = @unserialize($existing['available_perms']);
if (!is_array($available_perms)) {
$available_perms = array();
}
}
if (!$security_permission_id) {
$security_permission_id = update_insert('security_permission_id', 'new', 'security_permission', array('name' => $name, 'category' => $category, 'module' => $module, 'description' => $description));
}
$save_perms = false;
foreach (self::$available_permissions as $permission) {
if (in_array($permission, $permissions)) {
// the script is asking for this available permission.
// check if it exists in the db as an option
if (!isset($available_perms[$permission])) {
// time to add it to the db so we can configure this in the future.
$available_perms[$permission] = true;
$save_perms = true;
}
}
}
if ($save_perms && $security_permission_id) {
update_insert('security_permission_id', $security_permission_id, 'security_permission', array('available_perms' => serialize($available_perms)));
}
if ($security_permission_id) {
$actions = array();
foreach (self::$available_permissions as $permission) {
if (in_array($permission, $permissions)) {
$actions[$permission] = 1;
}
}
if (count($actions)) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "security_role_perm` SET security_role_id = '" . (int) $security_role_id . "', security_permission_id = '" . (int) $security_permission_id . "' ";
foreach ($actions as $permission => $tf) {
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
}
set_message('Defaults loaded successfully.');
} else {
if (isset($_REQUEST['permission']) && is_array($_REQUEST['permission'])) {
// update permissions for this role.
foreach ($_REQUEST['permission'] as $security_permission_id => $permissions) {
$actions = array();
foreach (self::$available_permissions as $permission) {
if (isset($permissions[$permission]) && $permissions[$permission]) {
$actions[$permission] = 1;
}
}
$sql = "REPLACE INTO `" . _DB_PREFIX . "security_role_perm` SET security_role_id = '" . (int) $security_role_id . "', security_permission_id = '" . (int) $security_permission_id . "' ";
foreach ($actions as $permission => $tf) {
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
if (isset($_REQUEST['permission_drop_down']) && is_array($_REQUEST['permission_drop_down'])) {
// update permissions for this role.
$permission = 'view';
foreach ($_REQUEST['permission_drop_down'] as $security_permission_ids => $selected_security_permission_id) {
$ids_to_clear = explode('|', $security_permission_ids);
foreach ($ids_to_clear as $id_to_clear) {
$id_to_clear = (int) $id_to_clear;
if (!$id_to_clear) {
continue;
}
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role_perm` WHERE security_role_id = '" . (int) $security_role_id . "' AND security_permission_id = '" . (int) $id_to_clear . "' ";
query($sql);
}
if ((int) $selected_security_permission_id > 0) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "security_role_perm` SET security_role_id = '" . (int) $security_role_id . "', security_permission_id = '" . (int) $selected_security_permission_id . "' ";
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
set_message('Role saved successfully.');
}
redirect_browser($this->link_open_role($security_role_id));
}
}
}
</td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
hook_handle_callback('layout_column_half', 'end');
$fieldset_data = array('heading' => array('type' => 'h3', 'title' => 'Permissions'), 'elements_before' => ob_get_clean());
echo module_form::generate_fieldset($fieldset_data);
unset($fieldset_data);
$form_actions = array('class' => 'action_bar action_bar_center', 'elements' => array(array('type' => 'save_button', 'name' => 'butt_save', 'value' => _l('Save Role')), array('ignore' => !((int) $security_role_id > 0 && module_security::can_i('delete', 'Security Roles', 'Security')), 'type' => 'delete_button', 'name' => 'butt_del', 'value' => _l('Delete')), array('type' => 'button', 'name' => 'cancel', 'value' => _l('Cancel'), 'class' => 'submit_button', 'onclick' => "window.location.href='" . $module->link_open_role(false) . "';")));
echo module_form::generate_form_actions($form_actions);
?>
</form>
<?php
if (isset($_REQUEST['export_json'])) {
echo '<pre>';
print_r($export_json);
echo "\n\n";
echo json_encode($export_json);
echo '</pre>';
}
