Trang chủ Khám phá Trợ giúp
Đăng nhập
fusionpbx
/
fusionpbx-framework
mirror of https://github.com/fusionpbx/fusionpbx-framework.git
2
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Tree: c18fb262a2
Branches Tags
fusionpbx-frame...
/
core
/
users
/
group_permissions.php

group_permissions.php 8.1 KB
Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275 
  1. <?php
    2. 

  2. /*
    3. 

  3. 	FusionPBX
    4. 

  4. 	Version: MPL 1.1
    5. 

  5. 

  6. 	The contents of this file are subject to the Mozilla Public License Version
    7. 

  7. 	1.1 (the "License"); you may not use this file except in compliance with
    8. 

  8. 	the License. You may obtain a copy of the License at
    9. 

  9. 	http://www.mozilla.org/MPL/
    10. 

  10. 

  11. 	Software distributed under the License is distributed on an "AS IS" basis,
    12. 

  12. 	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    13. 

  13. 	for the specific language governing rights and limitations under the
    14. 

  14. 	License.
    15. 

  15. 

  16. 	The Original Code is FusionPBX
    17. 

  17. 

  18. 	The Initial Developer of the Original Code is
    19. 

  19. 	Mark J Crane <[email protected]>
    20. 

  20. 	Portions created by the Initial Developer are Copyright (C) 2008-2012
    21. 

  21. 	the Initial Developer. All Rights Reserved.
    22. 

  22. 

  23. 	Contributor(s):
    24. 

  24. 	Mark J Crane <[email protected]>
    25. 

  25. */
    26. 

  26. require_once "root.php";
    27. 

  27. require_once "includes/require.php";
    28. 

  28. require_once "includes/checkauth.php";
    29. 

  29. if (permission_exists('group_permissions') || if_group("superadmin")) {
    30. 

  30. 	//access granted
    31. 

  31. }
    32. 

  32. else {
    33. 

  33. 	echo "access denied";
    34. 

  34. 	exit;
    35. 

  35. }
    36. 

  36. require_once "includes/header.php";
    37. 

  37. require_once "includes/paging.php";
    38. 

  38. 

  39. //get the list of installed apps from the core and mod directories
    40. 

  40. 	$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
    41. 

  41. 	$x=0;
    42. 

  42. 	foreach ($config_list as &$config_path) {
    43. 

  43. 		include($config_path);
    44. 

  44. 		$x++;
    45. 

  45. 	}
    46. 

  46. 

  47. //if there are no permissions listed in v_group_permissions then set the default permissions
    48. 

  48. 	$sql = "";
    49. 

  49. 	$sql .= "select count(*) as count from v_group_permissions ";
    50. 

  50. 	$prep_statement = $db->prepare(check_sql($sql));
    51. 

  51. 	$prep_statement->execute();
    52. 

  52. 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    53. 

  53. 	foreach ($result as &$row) {
    54. 

  54. 		$group_permission_count = $row["count"];
    55. 

  55. 		break; //limit to 1 row
    56. 

  56. 	}
    57. 

  57. 	unset ($prep_statement);
    58. 

  58. 	if ($group_permission_count == 0) {
    59. 

  59. 		//no permissions found add the defaults
    60. 

  60. 		foreach($apps as $app) {
    61. 

  61. 			foreach ($app['permissions'] as $row) {
    62. 

  62. 				foreach ($row['groups'] as $group) {
    63. 

  63. 					//add the record
    64. 

  64. 					$sql = "insert into v_group_permissions ";
    65. 

  65. 					$sql .= "(";
    66. 

  66. 					$sql .= "group_permission_uuid, ";
    67. 

  67. 					$sql .= "domain_uuid, ";
    68. 

  68. 					$sql .= "permission_name, ";
    69. 

  69. 					$sql .= "group_name ";
    70. 

  70. 					$sql .= ")";
    71. 

  71. 					$sql .= "values ";
    72. 

  72. 					$sql .= "(";
    73. 

  73. 					$sql .= "'".uuid()."', ";
    74. 

  74. 					$sql .= "'$domain_uuid', ";
    75. 

  75. 					$sql .= "'".$row['name']."', ";
    76. 

  76. 					$sql .= "'".$group."' ";
    77. 

  77. 					$sql .= ")";
    78. 

  78. 					$db->exec(check_sql($sql));
    79. 

  79. 					unset($sql);
    80. 

  80. 				}
    81. 

  81. 			}
    82. 

  82. 		}
    83. 

  83. 	}
    84. 

  84. 

  85. //get the http values and set them as php variables
    86. 

  86. 	$group_name = $_REQUEST['group_name'];
    87. 

  87. 	
    88. 

  88. //get the permissions assigned to this group
    89. 

  89. 	$sql = "";
    90. 

  90. 	$sql .= " select * from v_group_permissions ";
    91. 

  91. 	$sql .= "where domain_uuid = '$domain_uuid' ";
    92. 

  92. 	$sql .= "and group_name = '$group_name' ";
    93. 

  93. 	$prep_statement = $db->prepare(check_sql($sql));
    94. 

  94. 	$prep_statement->execute();
    95. 

  95. 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
    96. 

  96. 	foreach ($result as &$row) {
    97. 

  97. 		$permission_name = $row["permission_name"];
    98. 

  98. 		$permissions_db[$permission_name] = "true";
    99. 

  99. 	}
    100. 

  100. //show the db checklist
    101. 

  101. 	//echo "<pre>";
    102. 

  102. 	//print_r($permissions_db);
    103. 

  103. 	//echo "</pre>";
    104. 

  104. 

  105. //list all the permissions in the database
    106. 

  106. 	foreach($apps as $app) {
    107. 

  107. 		foreach ($app['permissions'] as $row) {
    108. 

  108. 			if ($permissions_db[$row['name']] == "true") {
    109. 

  109. 				$permissions_db_checklist[$row['name']] = "true";
    110. 

  110. 			}
    111. 

  111. 			else {
    112. 

  112. 				$permissions_db_checklist[$row['name']] = "false";
    113. 

  113. 			}
    114. 

  114. 		}
    115. 

  115. 	}
    116. 

  116. //show the db checklist
    117. 

  117. 	//echo "<pre>";
    118. 

  118. 	//print_r($permissions_db_checklist);
    119. 

  119. 	//echo "</pre>";
    120. 

  120. 

  121. //process the http post
    122. 

  122. 	if (count($_POST)>0) {
    123. 

  123. 		foreach($_POST['permissions_form'] as $permission) {
    124. 

  124. 			$permissions_form[$permission] = "true";
    125. 

  125. 		}
    126. 

  126. 

  127. 		//list all the permissions
    128. 

  128. 			foreach($apps as $app) {
    129. 

  129. 				foreach ($app['permissions'] as $row) {
    130. 

  130. 					if ($permissions_form[$row['name']] == "true") {
    131. 

  131. 						$permissions_form_checklist[$row['name']] = "true";
    132. 

  132. 					}
    133. 

  133. 					else {
    134. 

  134. 						$permissions_form_checklist[$row['name']] = "false";
    135. 

  135. 					}
    136. 

  136. 				}
    137. 

  137. 			}
    138. 

  138. 		//show the form db checklist
    139. 

  139. 			//echo "<pre>";
    140. 

  140. 			//print_r($permissions_form_checklist);
    141. 

  141. 			//echo "</pre>";
    142. 

  142. 		
    143. 

  143. 		//list all the permissions
    144. 

  144. 			foreach($apps as $app) {
    145. 

  145. 				foreach ($app['permissions'] as $row) {
    146. 

  146. 					$permission = $row['name'];
    147. 

  147. 					if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") {
    148. 

  148. 						//matched do nothing
    149. 

  149. 					}
    150. 

  150. 					if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") {
    151. 

  151. 						//matched do nothing
    152. 

  152. 					}
    153. 

  153. 					if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") {
    154. 

  154. 						//delete the record
    155. 

  155. 							$sql = "delete from v_group_permissions ";
    156. 

  156. 							$sql .= "where domain_uuid = '$domain_uuid' ";
    157. 

  157. 							$sql .= "and group_name = '$group_name' ";
    158. 

  158. 							$sql .= "and permission_name = '$permission' ";
    159. 

  159. 							$db->exec(check_sql($sql));
    160. 

  160. 							unset($sql);
    161. 

  161. 						//set the permission to false in the permissions_db_checklist
    162. 

  162. 							$permissions_db_checklist[$permission] = "false";
    163. 

  163. 					}
    164. 

  164. 					if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") {
    165. 

  165. 						//add the record
    166. 

  166. 							$sql = "insert into v_group_permissions ";
    167. 

  167. 							$sql .= "(";
    168. 

  168. 							$sql .= "group_permission_uuid, ";
    169. 

  169. 							$sql .= "domain_uuid, ";
    170. 

  170. 							$sql .= "permission_name, ";
    171. 

  171. 							$sql .= "group_name ";
    172. 

  172. 							$sql .= ")";
    173. 

  173. 							$sql .= "values ";
    174. 

  174. 							$sql .= "(";
    175. 

  175. 							$sql .= "'".uuid()."', ";
    176. 

  176. 							$sql .= "'$domain_uuid', ";
    177. 

  177. 							$sql .= "'$permission', ";
    178. 

  178. 							$sql .= "'$group_name' ";
    179. 

  179. 							$sql .= ")";
    180. 

  180. 							$db->exec(check_sql($sql));
    181. 

  181. 							unset($sql);
    182. 

  182. 						//set the permission to true in the permissions_db_checklist
    183. 

  183. 							$permissions_db_checklist[$permission] = "true";
    184. 

  184. 					}
    185. 

  185. 				}
    186. 

  186. 			}
    187. 

  187. 	}
    188. 

  188. 

  189. //show the content
    190. 

  190. 	echo "<form method='post' name='frm' action=''>\n";
    191. 

  191. 	echo "<div align='center'>";
    192. 

  192. 	echo "<table width='100%' border='0' cellpadding='0' cellspacing='2'>\n";
    193. 

  193. 	echo "<tr class='border'>\n";
    194. 

  194. 	echo "	<td align=\"center\">\n";
    195. 

  195. 	echo "		<br>";
    196. 

  196. 

  197. 	echo "<table width='100%' border='0'>\n";
    198. 

  198. 	echo "<tr>\n";
    199. 

  199. 	echo "<td width='50%' align=\"left\" nowrap=\"nowrap\"><b>Group Permission List for $group_name</b></td>\n";
    200. 

  200. 	echo "<td width='50%' align=\"right\">\n";
    201. 

  201. 	echo "	<input type='button' class='btn' name='' alt='back' onclick=\"window.location='grouplist.php'\" value='Back'> ";
    202. 

  202. 	echo "</td>\n";
    203. 

  203. 	echo "</tr>\n";
    204. 

  204. 	echo "<tr>\n";
    205. 

  205. 	echo "<td align=\"left\" colspan='2'>\n";
    206. 

  206. 	echo "	Assign permissions to groups.<br /><br />\n";
    207. 

  207. 	echo "</td>\n";
    208. 

  208. 	echo "</tr>\n";
    209. 

  209. 	echo "</tr></table>\n";
    210. 

  210. 

  211. 	echo "<br />\n";
    212. 

  212. 

  213. 	$c = 0;
    214. 

  214. 	$row_style["0"] = "row_style0";
    215. 

  215. 	$row_style["1"] = "row_style1";
    216. 

  216. 

  217. 	echo "<div align='left'>\n";
    218. 

  218. 

  219. 	//list all the permissions
    220. 

  220. 		foreach($apps as $app) {
    221. 

  221. 			$app_name = $app['name'];
    222. 

  222. 			$description = $app['description']['en'];
    223. 

  223. 

  224. 			echo "<strong>".$app_name."</strong><br />\n";
    225. 

  225. 			echo "".$description."<br /><br />";
    226. 

  226. 			echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
    227. 

  227. 			echo "<tr>\n";
    228. 

  228. 			echo "<th>Permissions</th>\n";
    229. 

  229. 			echo "<th>Description</th>\n";
    230. 

  230. 			echo "<tr>\n";
    231. 

  231. 

  232. 			foreach ($app['permissions'] as $row) {
    233. 

  233. 				echo "<tr >\n";
    234. 

  234. 				echo "	<td valign='top' style='width:250px' nowrap='nowrap' class='".$row_style[$c]."'>\n";
    235. 

  235. 				if ($permissions_db_checklist[$row['name']] == "true") {
    236. 

  236. 					echo "		<input type='checkbox' name='permissions_form[]' checked='checked' value='".$row['name']."'>\n";
    237. 

  237. 				}
    238. 

  238. 				else {
    239. 

  239. 					echo "		<input type='checkbox' name='permissions_form[]' value='".$row['name']."'>\n";
    240. 

  240. 				}
    241. 

  241. 				echo "		&nbsp; ".$row['name']."\n";
    242. 

  242. 				echo "	</td>\n";
    243. 

  243. 				echo "	<td valign='top' class='".$row_style[$c]."'>\n";
    244. 

  244. 				echo "		&nbsp; ".$row['description']."\n";
    245. 

  245. 				echo "	</td>\n";
    246. 

  246. 				echo "</tr>\n";
    247. 

  247. 				if ($c==0) { $c=1; } else { $c=0; }
    248. 

  248. 			}
    249. 

  249. 			
    250. 

  250. 			echo "<tr>\n";
    251. 

  251. 			echo "	<td colspan='3' align='right'>\n";
    252. 

  252. 			echo "		<input type='submit' name='submit' class='btn' value='Save'>\n";
    253. 

  253. 			echo "	</td>\n";
    254. 

  254. 			echo "</tr>\n";
    255. 

  255. 			echo "</table>";
    256. 

  256. 			echo "<br />\n";
    257. 

  257. 		} //end foreach
    258. 

  258. 		unset($sql, $result, $row_count);
    259. 

  259. 

  260. 	echo "</div>";
    261. 

  261. 	echo "<br><br>";
    262. 

  262. 	echo "<br><br>";
    263. 

  263. 

  264. 	echo "</td>";
    265. 

  265. 	echo "</tr>";
    266. 

  266. 	echo "</table>";
    267. 

  267. 	echo "</div>";
    268. 

  268. 	echo "<form>\n";
    269. 

  269. 

  270. 	echo "<br><br>";
    271. 

  271. 

  272. //show the footer
    273. 

  273. 	require_once "includes/footer.php";
    274. 

  274. 

  275. ?>
    276.