groups.php 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268
  1. <?php
  2. /*
  3. FusionPBX
  4. Version: MPL 1.1
  5. The contents of this file are subject to the Mozilla Public License Version
  6. 1.1 (the "License"); you may not use this file except in compliance with
  7. the License. You may obtain a copy of the License at
  8. http://www.mozilla.org/MPL/
  9. Software distributed under the License is distributed on an "AS IS" basis,
  10. WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  11. for the specific language governing rights and limitations under the
  12. License.
  13. The Original Code is FusionPBX
  14. The Initial Developer of the Original Code is
  15. Mark J Crane <[email protected]>
  16. Portions created by the Initial Developer are Copyright (C) 2018-2020
  17. the Initial Developer. All Rights Reserved.
  18. Contributor(s):
  19. Mark J Crane <[email protected]>
  20. */
  21. //includes files
  22. require_once dirname(__DIR__, 2) . "/resources/require.php";
  23. require_once "resources/check_auth.php";
  24. require_once "resources/paging.php";
  25. //check permissions
  26. if (permission_exists('group_view')) {
  27. //access granted
  28. }
  29. else {
  30. echo "access denied";
  31. exit;
  32. }
  33. //connect to the database
  34. $database = new database;
  35. //add multi-lingual support
  36. $language = new text;
  37. $text = $language->get();
  38. //get the http post data
  39. $groups = $_POST['groups'] ?? '';
  40. $action = $_POST['action'] ?? '';
  41. $search = $_REQUEST["search"] ?? '';
  42. $show = $_GET["show"] ?? '';
  43. //process the http post data by action
  44. if ($action != '' && is_array($groups) && @sizeof($groups) != 0) {
  45. switch ($action) {
  46. case 'copy':
  47. if (permission_exists('group_add')) {
  48. $obj = new groups;
  49. $obj->copy($groups);
  50. }
  51. break;
  52. case 'toggle':
  53. if (permission_exists('group_edit')) {
  54. $obj = new groups;
  55. $obj->toggle($groups);
  56. }
  57. break;
  58. case 'delete':
  59. if (permission_exists('group_delete')) {
  60. $obj = new groups;
  61. $obj->delete($groups);
  62. }
  63. break;
  64. }
  65. header('Location: groups.php'.($search != '' ? '?search='.urlencode($search) : null));
  66. exit;
  67. }
  68. //get order and order by
  69. $order_by = $_GET["order_by"] ?? '';
  70. $order = $_GET["order"] ?? '';
  71. //add the search string
  72. if (isset($search)) {
  73. $search = strtolower($search);
  74. }
  75. //set from session variables
  76. $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false';
  77. //get the count
  78. $sql = "select count(*) from view_groups \n";
  79. $sql .= "where true \n";
  80. if ($show == 'all' && permission_exists('group_all')) {
  81. $sql .= "and (domain_uuid is not null or domain_uuid is null) ";
  82. }
  83. else {
  84. $sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
  85. $parameters['domain_uuid'] = $domain_uuid;
  86. }
  87. if (!empty($search)) {
  88. $sql .= "and ( \n";
  89. $sql .= " lower(group_name) like :search \n";
  90. $sql .= " or lower(group_description) like :search \n";
  91. $sql .= ") \n";
  92. $parameters['search'] = '%'.$search.'%';
  93. }
  94. $num_rows = $database->select($sql, $parameters ?? '', 'column');
  95. //prepare to page the results
  96. $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
  97. $param = $search ? "&search=".$search : null;
  98. $param = ($show == 'all' && permission_exists('group_all')) ? "&show=all" : null;
  99. $page = !empty($_GET['page']) ? $_GET['page'] : 0;
  100. list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page);
  101. list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true);
  102. $offset = $rows_per_page * $page;
  103. //get the list
  104. $sql = str_replace('count(*)', '*', $sql);
  105. $sql .= order_by($order_by, $order, 'group_name', 'asc');
  106. $sql .= limit_offset($rows_per_page, $offset);
  107. $groups = $database->select($sql, $parameters ?? '', 'all');
  108. unset($sql, $parameters);
  109. //create token
  110. $object = new token;
  111. $token = $object->create($_SERVER['PHP_SELF']);
  112. //include the header
  113. $document['title'] = $text['title-groups'];
  114. require_once "resources/header.php";
  115. //show the content
  116. echo "<div class='action_bar' id='action_bar'>\n";
  117. echo " <div class='heading'><b>".$text['title-groups']." (".$num_rows.")</b></div>\n";
  118. echo " <div class='actions'>\n";
  119. echo button::create(['type'=>'button','label'=>$text['button-users'],'icon'=>$_SESSION['theme']['button_icon_users'],'onclick'=>"window.location='../users/users.php'"]);
  120. echo button::create(['type'=>'button','label'=>$text['button-restore_default'],'icon'=>$_SESSION['theme']['button_icon_sync'],'style'=>'margin-right: 15px;','link'=>'permissions_default.php']);
  121. if (permission_exists('group_add')) {
  122. echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','link'=>'group_edit.php']);
  123. }
  124. if (permission_exists('group_add') && $groups) {
  125. echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'id'=>'btn_copy','name'=>'btn_copy','style'=>'display: none;','onclick'=>"modal_open('modal-copy','btn_copy');"]);
  126. }
  127. if (permission_exists('group_edit') && $groups) {
  128. echo button::create(['type'=>'button','label'=>$text['button-toggle'],'icon'=>$_SESSION['theme']['button_icon_toggle'],'id'=>'btn_toggle','name'=>'btn_toggle','style'=>'display: none;','onclick'=>"modal_open('modal-toggle','btn_toggle');"]);
  129. }
  130. if (permission_exists('group_delete') && $groups) {
  131. echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'id'=>'btn_delete','name'=>'btn_delete','style'=>'display: none;','onclick'=>"modal_open('modal-delete','btn_delete');"]);
  132. }
  133. echo "<form id='form_search' class='inline' method='get'>\n";
  134. if (permission_exists('group_all')) {
  135. if ($show == 'all') {
  136. echo " <input type='hidden' name='show' value='all'>\n";
  137. }
  138. else {
  139. echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?show=all']);
  140. }
  141. }
  142. echo "<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown=''>";
  143. echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search']);
  144. //echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'groups.php','style'=>($search == '' ? 'display: none;' : null)]);
  145. if ($paging_controls_mini != '') {
  146. echo "<span style='margin-left: 15px;'>".$paging_controls_mini."</span>\n";
  147. }
  148. echo " </form>\n";
  149. echo " </div>\n";
  150. echo " <div style='clear: both;'></div>\n";
  151. echo "</div>\n";
  152. if (permission_exists('group_add') && $groups) {
  153. echo modal::create(['id'=>'modal-copy','type'=>'copy','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_copy','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('copy'); list_form_submit('form_list');"])]);
  154. }
  155. if (permission_exists('group_edit') && $groups) {
  156. echo modal::create(['id'=>'modal-toggle','type'=>'toggle','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_toggle','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('toggle'); list_form_submit('form_list');"])]);
  157. }
  158. if (permission_exists('group_delete') && $groups) {
  159. echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('delete'); list_form_submit('form_list');"])]);
  160. }
  161. echo $text['description-groups']."\n";
  162. echo "<br /><br />\n";
  163. echo "<form id='form_list' method='post'>\n";
  164. echo "<input type='hidden' id='action' name='action' value=''>\n";
  165. echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
  166. echo "<table class='list'>\n";
  167. echo "<tr class='list-header'>\n";
  168. if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) {
  169. echo " <th class='checkbox'>\n";
  170. echo " <input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle(); checkbox_on_change(this);' ".(!empty($groups) ?: "style='visibility: hidden;'").">\n";
  171. echo " </th>\n";
  172. }
  173. if ($show == 'all' && permission_exists('group_all')) {
  174. echo th_order_by('domain_name', $text['label-domain'], $order_by, $order);
  175. }
  176. echo th_order_by('group_name', $text['label-group_name'], $order_by, $order);
  177. echo " <th class='shrink' colspan='2'>".$text['label-tools']."</th>\n";
  178. echo th_order_by('group_level', $text['label-group_level'], $order_by, $order, null, "class='center'");
  179. echo th_order_by('group_protected', $text['label-group_protected'], $order_by, $order, null, "class='center'");
  180. echo " <th class='pct-30 hide-sm-dn'>".$text['label-group_description']."</th>\n";
  181. if (permission_exists('group_edit') && $list_row_edit_button == 'true') {
  182. echo " <td class='action-button'>&nbsp;</td>\n";
  183. }
  184. echo "</tr>\n";
  185. if (is_array($groups) && @sizeof($groups) != 0) {
  186. $x = 0;
  187. foreach ($groups as $row) {
  188. if (permission_exists('group_edit')) {
  189. $list_row_url = "group_edit.php?id=".urlencode($row['group_uuid']);
  190. }
  191. echo "<tr class='list-row' href='".$list_row_url."'>\n";
  192. if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) {
  193. echo " <td class='checkbox'>\n";
  194. echo " <input type='checkbox' name='groups[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"checkbox_on_change(this); if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
  195. echo " <input type='hidden' name='groups[$x][uuid]' value='".escape($row['group_uuid'])."' />\n";
  196. echo " </td>\n";
  197. }
  198. if ($show == 'all' && permission_exists('group_all')) {
  199. echo " <td>".escape($row['domain_name'])."</td>\n";
  200. }
  201. echo " <td>\n";
  202. if (permission_exists('group_edit')) {
  203. echo " <a href='".$list_row_url."' title=\"".$text['button-edit']."\">".escape($row['group_name'])."</a>\n";
  204. }
  205. else {
  206. echo " ".escape($row['group_name']);
  207. }
  208. echo " </td>\n";
  209. echo " <td class='no-link no-wrap pr-15'><a href='group_permissions.php?group_uuid=".urlencode($row['group_uuid'])."'>".$text['label-group_permissions']." (".$row['group_permissions'].")</a></td>\n";
  210. echo " <td class='no-link no-wrap'><a href='group_members.php?group_uuid=".urlencode($row['group_uuid'])."'>".$text['label-group_members']." (".$row['group_members'].")</a></td>\n";
  211. echo " <td class='center'>".escape($row['group_level'])."</td>\n";
  212. if (permission_exists('group_edit')) {
  213. echo " <td class='no-link center'>\n";
  214. echo button::create(['type'=>'submit','class'=>'link','label'=>$text['label-'.$row['group_protected']],'title'=>$text['button-toggle'],'onclick'=>"list_self_check('checkbox_".$x."'); list_action_set('toggle'); list_form_submit('form_list')"]);
  215. }
  216. else {
  217. echo " <td class='center'>\n";
  218. echo $text['label-'.$row['group_protected']];
  219. }
  220. echo " </td>\n";
  221. echo " <td class='description overflow hide-sm-dn'>".escape($row['group_description'])."</td>\n";
  222. if (permission_exists('group_edit') && $list_row_edit_button == 'true') {
  223. echo " <td class='action-button'>\n";
  224. echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]);
  225. echo " </td>\n";
  226. }
  227. echo "</tr>\n";
  228. $x++;
  229. }
  230. unset($groups);
  231. }
  232. echo "</table>\n";
  233. echo "<br />\n";
  234. echo "<div align='center'>".$paging_controls."</div>\n";
  235. echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
  236. echo "</form>\n";
  237. //include the footer
  238. require_once "resources/footer.php";
  239. ?>