include_once '../../config/symbini.php';
include_once $serverRoot . '/classes/PermissionsManager.php';
header("Content-Type: text/html; charset=" . $charset);
$action = array_key_exists("action", $_REQUEST) ? $_REQUEST["action"] : "";
$collId = array_key_exists("collid", $_REQUEST) ? $_REQUEST["collid"] : 0;
$permManager = new PermissionsManager();
$isEditor = 0;
if ($SYMB_UID) {
    if ($IS_ADMIN || array_key_exists("CollAdmin", $USER_RIGHTS) && in_array($collId, $USER_RIGHTS["CollAdmin"])) {
        $isEditor = 1;
    }
}
if ($isEditor) {
    if (array_key_exists('deladmin', $_GET)) {
        $permManager->deletePermission($_GET['deladmin'], 'CollAdmin', $collId);
    } elseif (array_key_exists('deleditor', $_GET)) {
        $permManager->deletePermission($_GET['deleditor'], 'CollEditor', $collId);
    } elseif (array_key_exists('delrare', $_GET)) {
        $permManager->deletePermission($_GET['delrare'], 'RareSppReader', $collId);
    } elseif (array_key_exists('delidenteditor', $_GET)) {
        $permManager->deletePermission($_GET['delidenteditor'], 'CollTaxon', $collId, $_GET['utid']);
        if (is_numeric($_GET['utid'])) {
            $permManager->deletePermission($_GET['delidenteditor'], 'CollTaxon', $collId, 'all');
        }
    } elseif ($action == 'Add Permissions for User') {
        $rightType = $_POST['righttype'];
        if ($rightType == 'admin') {
            $permManager->addPermission($_POST['uid'], "CollAdmin", $collId);
        } elseif ($rightType == 'editor') {
            $permManager->addPermission($_POST['uid'], "CollEditor", $collId);
示例#2
0
include_once $serverRoot . '/classes/ProfileManager.php';
header("Content-Type: text/html; charset=" . $charset);
$loginAs = array_key_exists("loginas", $_REQUEST) ? trim($_REQUEST["loginas"]) : "";
$searchTerm = array_key_exists("searchterm", $_REQUEST) ? trim($_REQUEST["searchterm"]) : "";
$userId = array_key_exists("userid", $_REQUEST) ? $_REQUEST["userid"] : "";
$delRole = array_key_exists("delrole", $_REQUEST) ? $_REQUEST["delrole"] : "";
$tablePk = array_key_exists("tablepk", $_REQUEST) ? $_REQUEST["tablepk"] : "";
$userManager = new PermissionsManager();
if ($isAdmin) {
    if ($loginAs) {
        $pHandler = new ProfileManager();
        $pHandler->setUserName($loginAs);
        $pHandler->authenticate();
        header("Location: ../index.php");
    } elseif ($delRole) {
        $userManager->deletePermission($userId, $delRole, $tablePk);
    } elseif (array_key_exists("apsubmit", $_POST)) {
        foreach ($_POST["p"] as $pname) {
            $role = $pname;
            $tablePk = '';
            if (strpos($pname, '-')) {
                $tok = explode('-', $pname);
                $role = $tok[0];
                $tablePk = $tok[1];
            }
            $userManager->addPermission($userId, $role, $tablePk);
        }
    }
}
?>
<html>