示例#1
0
function principal_editor()
{
    global $c, $id, $can_write_principal, $session;
    $editor = new Editor(translate('Principal'), 'dav_principal');
    $editor->SetLookup('date_format_type', "SELECT 'E', 'European' UNION SELECT 'U', 'US Format' UNION SELECT 'I', 'ISO Format'");
    $editor->SetLookup('type_id', 'SELECT principal_type_id, principal_type_desc FROM principal_type ORDER BY principal_type_id');
    $editor->SetLookup('locale', 'SELECT \'\', \'' . translate("*** Default Locale ***") . '\' UNION SELECT locale, locale_name_locale FROM supported_locales ORDER BY 1 ASC');
    $editor->AddAttribute('locale', 'title', translate("The preferred language for this person."));
    $editor->AddAttribute('fullname', 'title', translate("The full name for this person, group or other type of principal."));
    $editor->SetWhere('principal_id=' . $id);
    $editor->AddField('is_admin', 'EXISTS( SELECT 1 FROM role_member WHERE role_no = 1 AND role_member.user_no = dav_principal.user_no )');
    $editor->AddAttribute('is_admin', 'title', translate('An "Administrator" user has full rights to the whole DAViCal System'));
    $post_values = false;
    if (isset($_POST['xxxxusername'])) {
        $_POST['xxxxusername'] = trim(str_replace('/', '', $_POST['xxxxusername']));
        if ($_POST['xxxxusername'] == '') {
            $c->messages[] = i18n("The username must not be blank, and may not contain a slash");
            $can_write_principal = false;
        }
    }
    if (isset($_POST['fullname']) && trim($_POST['fullname']) == '') {
        $c->messages[] = i18n("The full name must not be blank.");
        $can_write_principal = false;
    }
    if (isset($_POST['email']) && trim($_POST['email']) == '') {
        $c->messages[] = i18n("The email address really should not be blank.");
    }
    $pwstars = '@@@@@@@@@@';
    if ($can_write_principal && $editor->IsSubmit()) {
        $editor->WhereNewRecord("principal_id=(SELECT CURRVAL('dav_id_seq'))");
        if (!$session->AllowedTo('Admin')) {
            unset($_POST['admin_role']);
            unset($_POST['user_active']);
        }
        unset($_POST['password']);
        if ($_POST['newpass1'] != '' && $_POST['newpass1'] != $pwstars) {
            if ($_POST['newpass1'] == $_POST['newpass2']) {
                $_POST['password'] = $_POST['newpass1'];
            } else {
                $c->messages[] = "Password not updated. The supplied passwords do not match.";
            }
        }
        if (isset($_POST['fullname']) && !isset($_POST['displayname'])) {
            $_POST['displayname'] = $_POST['fullname'];
        }
        if (isset($_POST['default_privileges'])) {
            $privilege_bitpos = array_flip($privilege_names);
            $priv_names = array_keys($_POST['default_privileges']);
            $privs = privilege_to_bits($priv_names);
            $_POST['default_privileges'] = sprintf('%024s', decbin($privs));
            $editor->Assign('default_privileges', $privs_dec);
        }
        if ($editor->IsCreate()) {
            $c->messages[] = i18n("Creating new Principal record.");
        } else {
            $c->messages[] = i18n("Updating Principal record.");
        }
        $editor->Write();
        if ($_POST['type_id'] != 3 && $editor->IsCreate()) {
            /** We only add the default calendar if it isn't a group, and this is a create action */
            require_once 'auth-functions.php';
            CreateHomeCollections($editor->Value('username'));
        }
        if ($session->AllowedTo('Admin')) {
            if ($_POST['is_admin'] == 'on') {
                $sql = 'INSERT INTO role_member (role_no, user_no) SELECT 1, dav_principal.user_no FROM dav_principal WHERE user_no = :user_no AND NOT EXISTS(SELECT 1 FROM role_member rm WHERE rm.role_no = 1 AND rm.user_no = dav_principal.user_no )';
                $editor->Assign('is_admin', 't');
            } else {
                $sql = 'DELETE FROM role_member WHERE role_no = 1 AND user_no = :user_no';
                $editor->Assign('is_admin', 'f');
            }
            $params[':user_no'] = $editor->Value('user_no');
            $qry = new AwlQuery($sql, $params);
            $qry->Exec('admin-principal-edit');
        }
    } else {
        if (isset($id) && $id > 0) {
            $editor->GetRecord();
            if ($editor->IsSubmit()) {
                $c->messages[] = i18n('You do not have permission to modify this record.');
            }
        }
    }
    if ($editor->Available()) {
        $c->page_title = $editor->Title(translate('Principal') . ': ' . $editor->Value('fullname'));
    } else {
        $c->page_title = $editor->Title(translate('Create New Principal'));
        $privs = decbin(privilege_to_bits($c->default_privileges));
        $editor->Assign('default_privileges', $privs);
        $editor->Assign('user_active', 't');
        foreach ($c->template_usr as $k => $v) {
            $editor->Assign($k, $v);
        }
    }
    if ($post_values) {
        $editor->PostToValues();
        if (isset($_POST['default_privileges'])) {
            $privilege_bitpos = array_flip($privilege_names);
            $priv_names = array_keys($_POST['default_privileges']);
            $privs = privilege_to_bits($priv_names);
            $_POST['default_privileges'] = sprintf('%024s', decbin($privs));
            $editor->Assign('default_privileges', $_POST['default_privileges']);
        }
    }
    $prompt_principal_id = translate('Principal ID');
    $value_id = $editor->Available() ? '##principal_id.hidden####principal_id.value##' : translate('New Principal');
    $prompt_username = translate('Username');
    $prompt_password_1 = translate('Change Password');
    $prompt_password_2 = translate('Confirm Password');
    $prompt_fullname = translate('Fullname');
    $prompt_displayname = translate('Display Name');
    $prompt_email = translate('Email Address');
    $prompt_date_format = translate('Date Format Style');
    $prompt_admin = translate('Administrator');
    $prompt_active = translate('Active');
    $prompt_locale = translate('Locale');
    $prompt_type = translate('Principal Type');
    $prompt_privileges = translate('Privileges granted to All Users');
    $privs_html = build_privileges_html($editor, 'default_privileges');
    $admin_row_entry = '';
    $delete_principal_button = '';
    if ($session->AllowedTo('Admin')) {
        $admin_row_entry = ' <tr> <th class="right">' . $prompt_admin . ':</th><td class="left">##is_admin.checkbox##</td> </tr>';
        $admin_row_entry .= ' <tr> <th class="right">' . $prompt_active . ':</th><td class="left">##user_active.checkbox##</td> </tr>';
        if (isset($id)) {
            $delete_principal_button = '<a href="' . $c->base_url . '/admin.php?action=edit&t=principal&subaction=delete_principal&id=' . $id . '" class="submit">' . translate("Delete Principal") . '</a>';
        }
    }
    $id = $editor->Value('principal_id');
    $template = <<<EOTEMPLATE
##form##
<script language="javascript">
function toggle_privileges() {
  var argv = toggle_privileges.arguments;
  var argc = argv.length;

  if ( argc < 2 ) {
    return;
  }
  var match_me = argv[0];

  var set_to = -1;
  if ( argv[1] == 'all' ) {
    var form = document.getElementById(argv[2]);
    var fieldcount = form.elements.length;
    var matching = '/^' + match_me + '/';
    for (var i = 0; i < fieldcount; i++) {
      var fieldname = form.elements[i].name;
      if ( fieldname.match( match_me ) ) {
        if ( set_to == -1 ) {
          set_to = ( form.elements[i].checked ? 0 : 1 );
        }
        form.elements[i].checked = set_to;
      }
    }
  }
  else {
    for (var i = 1; i < argc; i++) {
      var f = document.getElementById( match_me + '_' + argv[i]);
      if ( set_to == -1 ) {
        set_to = ( f.checked ? 0 : 1 );
      }
      f.checked = set_to;
    }
  }
}
</script>
<style>
th.right, label.privilege {
  white-space:nowrap;
}
label.privilege {
  margin:0.2em 1em 0.2em 0.1em;
  padding:0 0.2em;
  line-height:1.6em;
  font-size:87%;
}
</style>
<table>
 <tr> <th class="right">{$prompt_principal_id}:</th><td class="left">
  <table width="100%" class="form_inner"><tr>
   <td>{$value_id}</td>
   <td align="right">{$delete_principal_button}</td>
  </tr></table>
 </td></tr>
 <tr> <th class="right">{$prompt_username}:</th>    <td class="left">##xxxxusername.input.50##</td> </tr>
 <tr> <th class="right">{$prompt_password_1}:</th>  <td class="left">##newpass1.password.{$pwstars}##</td> </tr>
 <tr> <th class="right">{$prompt_password_2}:</th>  <td class="left">##newpass2.password.{$pwstars}##</td> </tr>
 <tr> <th class="right">{$prompt_fullname}:</th>    <td class="left">##fullname.input.50##</td> </tr>
 <tr> <th class="right">{$prompt_email}:</th>       <td class="left">##email.input.50##</td> </tr>
 <tr> <th class="right">{$prompt_locale}:</th>      <td class="left">##locale.select##</td> </tr>
 <tr> <th class="right">{$prompt_date_format}:</th> <td class="left">##date_format_type.select##</td> </tr>
 <tr> <th class="right">{$prompt_type}:</th>        <td class="left">##type_id.select##</td> </tr>
 {$admin_row_entry}
 <tr> <th class="right" style="white-space:normal;">{$prompt_privileges}:</th><td class="left">{$privs_html}</td> </tr>
 <tr> <th class="right"></th>                   <td class="left" colspan="2">##submit##</td> </tr>
</table>
</form>
EOTEMPLATE;
    $editor->SetTemplate($template);
    return $editor;
}
示例#2
0
         $editor->Assign('default_privileges', $privs_dec);
     }
 }
 $is_update = $_POST['_editor_action'][$editor->Id] == 'update';
 if ($_POST['timezone'] == '') {
     unset($_POST['timezone']);
 }
 $resourcetypes = '<DAV::collection/>';
 if (isset($_POST['is_calendar']) && $_POST['is_calendar'] == 'on') {
     $resourcetypes .= '<urn:ietf:params:xml:ns:caldav:calendar/>';
 }
 if (isset($_POST['is_addressbook']) && $_POST['is_addressbook'] == 'on') {
     $resourcetypes .= '<urn:ietf:params:xml:ns:carddav:addressbook/>';
 }
 $_POST['resourcetypes'] = $resourcetypes;
 if ($editor->IsCreate()) {
     $c->messages[] = i18n("Creating new Collection.");
 } else {
     $c->messages[] = i18n("Updating Collection record.");
 }
 if (!$editor->Write()) {
     $c->messages[] = i18n("Failed to write collection.");
     if ($id > 0) {
         $editor->GetRecord();
     }
 } else {
     if (isset($_FILES['ics_file']['tmp_name']) && $_FILES['ics_file']['tmp_name'] != '') {
         /**
          * If the user has uploaded a .ics file as a calendar, we fake this out
          * as if it were a "PUT" request against a collection.  This is something
          * of a hack.  It works though :-)