function getById($id) { SecurityPermission::requirePermission("VIEW"); $sql = "SELECT * from security_permission WHERE id=".Database::sqlValue($id); $result = Database::query($sql); $r = NULL; if ($line = $result->next()) { $r = SecurityPermission::build($line); } return $r; }
function printContent() { $g = $this->getGroup(); $allPermissions = SecurityPermission::getAll(); $allResources = SecurityResource::getAll(); $msg = $this->getMessage(); ?> <form action="<?=$this->getAction()?>" method="post"> <input type="hidden" name="group" value="<?=$g->getId()?>"> <? if (strlen($msg) > 0) { ?> <p><b><?=$msg?></b></p> <? } ?> <p> <table border="0"> <tr> <td> <table border="0"> <tr bgcolor="<?=BGCOLOR_ALT?>"> <th><?=Text::getText("Resource")?></th> <? foreach ($allPermissions as $perm) { ?> <th><?=$perm->getName()?></th> <? } ?> </tr> <? $bg = TRUE; ?> <? foreach ($allResources as $res) { ?> <? $bg = !$bg; ?> <tr<? if ($bg) { ?> bgcolor="<?=BGCOLOR_ALT?>"<? } ?>> <td><?=$res->getName()?></td> <? foreach ($allPermissions as $perm) { ?> <? $checked = ""; if ($g->hasPermission($res, $perm)) { $checked = " checked"; } ?> <td align="center"><input type="checkbox"<?=$checked?> name="res<?=$res->getId()?>_perm<?=$perm->getId()?>"></td> <? } ?> </tr> <? } ?> </table> </td> </tr> <tr> <td align="center"> <input type="submit" value="<?=Text::getText("Save")?>"> </td> </tr> </table> </p> </form> <? }
function getPermissions($resource) { SecurityGroup::requirePermission("VIEW"); $resource_id = $resource->getId(); $sql = "SELECT security_permission.* FROM security_resource, security_permission, security_group_permission WHERE security_group_permission.group_id=".Database::sqlValue($id)." AND security_resource.id=".Database::sqlValue($resource_id)." AND security_group_permission.resource_id = security_resource.id AND security_group_permission.permission_id = security_permission.id"; $result = Database::query($sql); $perms = array(); while ($line = $result->next()) { array_push($perms, SecurityPermission::build($line)); } return $perms; }
<? require_once("classes/SecurityGroup.php"); ?> <? require_once("classes/SecurityResource.php"); ?> <? require_once("classes/SecurityPermission.php"); ?> <? $group = $_REQUEST['group']; $g = SecurityGroup::getById($group); if ($g == NULL) { $errMsg = Text::getText("GroupNotFound"); $title = Text::getText("GroupPermissions"); include("error.php"); exit; } $allPermissions = SecurityPermission::getAll(); $allResources = SecurityResource::getAll(); foreach ($allResources as $res) { foreach ($allPermissions as $perm) { $fieldName = "res".$res->getId()."_perm".$perm->getId(); $value = $_REQUEST[$fieldName]; //print $fieldName."=".$value."<br>"; if ($value == "on") { if (!$g->hasPermission($res, $perm)) { $g->addPermission($res, $perm); } } else { $g->removePermission($res, $perm); } } } header("Location: groups.php"); ?>