Changeset 1161 in ExiteCMS for modules/common/wiki/php-files/modules/wiki/handlers/page/acls.php
- Timestamp:
- 12/08/07 00:11:27 (4 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
modules/common/wiki/php-files/modules/wiki/handlers/page/acls.php
r806 r1161 13 13 * @todo - move main <div> to templating class 14 14 */ 15 global $db_prefix, $locale, $settings, $userdata; 15 16 16 17 //i18n … … 20 21 if (!defined('PAGE_OWNERSHIP_CHANGED')) define('PAGE_OWNERSHIP_CHANGED', 'Ownership changed to %s'); // %s - name of new owner 21 22 if (!defined('ACL_HEADING')) define('ACL_HEADING', '====Access Control Lists for %s===='); // %s - name of current page 22 if (!defined('READ_ACL_LABEL')) define('READ_ACL_LABEL', 'Read ACL :');23 if (!defined('WRITE_ACL_LABEL')) define('WRITE_ACL_LABEL', 'Write ACL :');24 if (!defined('COMMENT_ACL_LABEL')) define('COMMENT_ACL_LABEL', 'Comment ACL :');23 if (!defined('READ_ACL_LABEL')) define('READ_ACL_LABEL', 'Read ACL for this page'); 24 if (!defined('WRITE_ACL_LABEL')) define('WRITE_ACL_LABEL', 'Write ACL for this page'); 25 if (!defined('COMMENT_ACL_LABEL')) define('COMMENT_ACL_LABEL', 'Comment ACL for this page'); 25 26 if (!defined('SET_OWNER_LABEL')) define('SET_OWNER_LABEL', 'Set Page Owner:'); 26 27 if (!defined('SET_OWNER_CURRENT_LABEL')) define('SET_OWNER_CURRENT_LABEL', '(Current Owner)'); 27 28 if (!defined('SET_OWNER_PUBLIC_LABEL')) define('SET_OWNER_PUBLIC_LABEL','(Public)'); 28 29 if (!defined('SET_NO_OWNER_LABEL')) define('SET_NO_OWNER_LABEL', '(Nobody - Set free)'); 29 if (!defined('ACL_SYNTAX_HELP')) define('ACL_SYNTAX_HELP', '===Syntax:=== ---##*## = Everyone ---##+## = Registered users ---##""JohnDoe""## = the user called ""JohnDoe"", enter as many users as you want, one per line --- --- Any of these items can be negated with a ##!##: ---##!*## = No one (except admins) ---##!+## = Anonymous users only ---##""!JohnDoe""## = ""JohnDoe"" will be denied access --- --- //ACLs are tested in the order they are specified:// --- So be sure to specify ##*## on a separate line //after// negating any users, not before.'); 30 if (!defined('USERS_LABEL')) define('USERS_LABEL', 'Users:'); 31 if (!defined('SELECTED_LABEL')) define('SELECTED_LABEL', 'Selected:'); 32 if (!defined('GROUPS_LABEL')) define('GROUPS_LABEL', 'Usergroups:'); 33 if (!defined('INSTRUCTION_LABEL')) define('INSTRUCTION_LABEL', 'Click on the user or groupname to move it in or out of the selected box'); 30 34 31 35 echo '<div class="page">'."\n"; //TODO: move to templating class … … 38 42 $default_write_acl = $this->GetConfigValue('default_write_acl'); 39 43 $default_comment_acl = $this->GetConfigValue('default_comment_acl'); 40 $posted_read_acl = $_POST['read_acl']; 41 $posted_write_acl = $_POST['write_acl']; 42 $posted_comment_acl = $_POST['comment_acl']; 44 $posted_read_acl = ""; 45 if (is_array($_POST['read_acl_selected'])) { 46 foreach($_POST['read_acl_selected'] as $value) { 47 $posted_read_acl .= $value."\n"; 48 } 49 } 50 $posted_write_acl = ""; 51 if (is_array($_POST['write_acl_selected'])) { 52 foreach($_POST['write_acl_selected'] as $value) { 53 $posted_write_acl .= $value."\n"; 54 } 55 } 56 $posted_comment_acl = ""; 57 if (is_array($_POST['comment_acl_selected'])) { 58 foreach($_POST['comment_acl_selected'] as $value) { 59 $posted_comment_acl .= $value."\n"; 60 } 61 } 43 62 $message = ''; 44 63 … … 81 100 else // show form 82 101 { 83 echo $this->Format(sprintf(ACL_HEADING, '[['.$this->tag.']]').' --- '); 102 echo $this->Format(sprintf(ACL_HEADING, '[['.$this->tag.']]').' --- '); 103 // get the list of groups 104 $user_groups = getusergroups(); 105 // get the list of users 106 $user_list = array(); 107 $result = dbquery("SELECT u.user_id, u.user_name FROM ".$db_prefix."users u WHERE user_status = 0 ORDER BY user_level DESC, user_name ASC"); 108 while ($data = dbarray($result)) { 109 // no need to give yourself access. owners always have full access 110 if (!iMEMBER || $data['user_id'] != $userdata['user_id']) { 111 $user_list[] = $data; 112 } 113 } 114 // populate the selected fields 115 if ($this->ACLs['read_acl'] == "") { 116 $selected_read_acl = array(); 117 } else { 118 $selected_read_acl = explode("\n", $this->ACLs['read_acl']); 119 foreach ($selected_read_acl as $key => $acl) { 120 if ($acl{0} == "G") { 121 $group = substr($acl,1); 122 foreach ($user_groups as $user_group) { 123 if ($user_group[0] == $group) { 124 $selected_read_acl[$key] = array($acl, $user_group[1]); 125 break; 126 } 127 } 128 if (!is_array($selected_read_acl[$key])) $selected_read_acl[$key] = array($key, "?"); 129 } else { 130 $result = dbquery("SELECT u.user_id, u.user_name FROM ".$db_prefix."users u WHERE user_status = 0 AND user_id = '$acl' LIMIT 1"); 131 if (dbrows($result)) { 132 $data = dbarray($result); 133 $selected_read_acl[$key] = array($acl, $data['user_name']); 134 } 135 } 136 } 137 } 138 if ($this->ACLs['write_acl'] == "") { 139 $selected_write_acl = array(); 140 } else { 141 $selected_write_acl = explode("\n", $this->ACLs['write_acl']); 142 foreach ($selected_write_acl as $key => $acl) { 143 if ($acl{0} == "G") { 144 $group = substr($acl,1); 145 foreach ($user_groups as $user_group) { 146 if ($user_group[0] == $group) { 147 $selected_write_acl[$key] = array($acl, $user_group[1]); 148 break; 149 } 150 } 151 if (!is_array($selected_write_acl[$key])) $selected_write_acl[$key] = array($key, "?"); 152 } else { 153 $result = dbquery("SELECT u.user_id, u.user_name FROM ".$db_prefix."users u WHERE user_status = 0 AND user_id = '$acl' LIMIT 1"); 154 if (dbrows($result)) { 155 $data = dbarray($result); 156 $selected_write_acl[$key] = array($acl, $data['user_name']); 157 } 158 } 159 } 160 } 161 if ($this->ACLs['comment_acl'] == "") { 162 $selected_comment_acl = array(); 163 } else { 164 $selected_comment_acl = explode("\n", $this->ACLs['comment_acl']); 165 foreach ($selected_comment_acl as $key => $acl) { 166 if ($acl{0} == "G") { 167 $group = substr($acl,1); 168 foreach ($user_groups as $user_group) { 169 if ($user_group[0] == $group) { 170 $selected_comment_acl[$key] = array($acl, $user_group[1]); 171 break; 172 } 173 } 174 if (!is_array($selected_comment_acl[$key])) $selected_comment_acl[$key] = array($key, "?"); 175 } else { 176 $result = dbquery("SELECT u.user_id, u.user_name FROM ".$db_prefix."users u WHERE user_status = 0 AND user_id = '$acl' LIMIT 1"); 177 if (dbrows($result)) { 178 $data = dbarray($result); 179 $selected_comment_acl[$key] = array($acl, $data['user_name']); 180 } 181 } 182 } 183 } 84 184 ?> 85 185 <?php echo $this->FormOpen('acls') ?> 86 <table class="acls"> 186 <table class="acls" width="100%"> 187 <tr> 188 <td colspan='3' class='tbl2' align='center'> 189 <strong><?php echo READ_ACL_LABEL; ?></strong> 190 </td> 191 </tr> 192 <tr> 193 <td width='33%' align='center'> 194 <strong><?php echo USERS_LABEL; ?></strong> 195 </td> 196 <td width='33%' align='center'> 197 <strong><?php echo SELECTED_LABEL; ?></strong> 198 </td> 199 <td width='33%' align='center'> 200 <strong><?php echo GROUPS_LABEL; ?></strong> 201 </td> 202 </tr> 203 <tr> 204 <td width='33%' align='left'> 205 <select multiple="multiple" size='5' id='read_acl_users' name='read_acl_users' class='textbox' style='width:175px;' onclick='return AddUser(this, "r");'> 206 <?php 207 foreach($user_list as $entry) { 208 echo "<option value='".$entry['user_id']."'>".$entry['user_name']."</option>\n"; 209 } 210 ?> 211 </select> 212 </td> 213 <td width='33%'> 214 <select multiple="multiple" size='5' name='read_acl_selected[]' id='read_acl_selected' class='textbox' style='width:175px' onclick='return RemoveSelected(this);'> 215 <?php 216 foreach($selected_read_acl as $entry) { 217 echo "<option value='".$entry[0]."'>".($entry[0]{0}=="G"?"@":"").$entry[1]."</option>\n"; 218 } 219 ?> 220 </select> 221 </td> 222 <td width='33%' align='right'> 223 <select multiple="multiple" size='5' id='read_acl_groups' name='read_acl_groups' class='textbox' style='width:175px;' onclick='return AddGroup(this, "r");'> 224 <?php 225 foreach($user_groups as $entry) { 226 echo "<option value='G".$entry[0]."'>".$entry[1]."</option>\n"; 227 } 228 ?> 229 </select> 230 </td> 231 </tr> 232 <tr> 233 <td colspan='3' align='center'> 234 <br /> 235 </td> 236 </tr> 237 <tr> 238 <td colspan='3' class='tbl2' align='center'> 239 <strong><?php echo WRITE_ACL_LABEL; ?></strong> 240 </td> 241 </tr> 242 <tr> 243 <td width='33%' align='center'> 244 <strong><?php echo USERS_LABEL; ?></strong> 245 </td> 246 <td width='33%' align='center'> 247 <strong><?php echo SELECTED_LABEL; ?></strong> 248 </td> 249 <td width='33%' align='center'> 250 <strong><?php echo GROUPS_LABEL; ?></strong> 251 </td> 252 </tr> 253 <tr> 254 <td width='33%' align='left'> 255 <select multiple="multiple" size='5' id='write_acl_users' name='write_acl_users' class='textbox' style='width:175px;' onclick='return AddUser(this, "w");'> 256 <?php 257 foreach($user_list as $entry) { 258 echo "<option value='".$entry['user_id']."'>".$entry['user_name']."</option>\n"; 259 } 260 ?> 261 </select> 262 </td> 263 <td width='33%'> 264 <select multiple="multiple" size='5' name='write_acl_selected[]' id='write_acl_selected' class='textbox' style='width:175px' onclick='return RemoveSelected(this);'> 265 <?php 266 foreach($selected_write_acl as $entry) { 267 echo "<option value='".$entry[0]."'>".($entry[0]{0}=="G"?"@":"").$entry[1]."</option>\n"; 268 } 269 ?> 270 </select> 271 </td> 272 <td width='33%' align='right'> 273 <select multiple="multiple" size='5' id='write_acl_groups' name='write_acl_groups' class='textbox' style='width:175px;' onclick='return AddGroup(this, "w");'> 274 <?php 275 foreach($user_groups as $entry) { 276 echo "<option value='G".$entry[0]."'>".$entry[1]."</option>\n"; 277 } 278 ?> 279 </select> 280 </td> 281 </tr> 282 <tr> 283 <td colspan='3' align='center'> 284 <br /> 285 </td> 286 </tr> 287 <tr> 288 <td colspan='3' class='tbl2' align='center'> 289 <strong><?php echo COMMENT_ACL_LABEL; ?></strong> 290 </td> 291 </tr> 292 <tr> 293 <td width='33%' align='center'> 294 <strong><?php echo USERS_LABEL; ?></strong> 295 </td> 296 <td width='33%' align='center'> 297 <strong><?php echo SELECTED_LABEL; ?></strong> 298 </td> 299 <td width='33%' align='center'> 300 <strong><?php echo GROUPS_LABEL; ?></strong> 301 </td> 302 </tr> 303 <tr> 304 <td width='33%' align='left'> 305 <select multiple="multiple" size='5' id='comment_acl_users' name='comment_acl_users' class='textbox' style='width:175px;' onclick='return AddUser(this, "c");'> 306 <?php 307 foreach($user_list as $entry) { 308 echo "<option value='".$entry['user_id']."'>".$entry['user_name']."</option>\n"; 309 } 310 ?> 311 </select> 312 </td> 313 <td width='33%'> 314 <select multiple="multiple" size='5' name='comment_acl_selected[]' id='comment_acl_selected' class='textbox' style='width:175px' onclick='return RemoveSelected(this);'> 315 <?php 316 foreach($selected_comment_acl as $entry) { 317 echo "<option value='".$entry[0]."'>".($entry[0]{0}=="G"?"@":"").$entry[1]."</option>\n"; 318 } 319 ?> 320 </select> 321 </td> 322 <td width='33%' align='right'> 323 <select multiple="multiple" size='5' id='comment_acl_groups' name='comment_acl_groups' class='textbox' style='width:175px;' onclick='return AddGroup(this, "c");'> 324 <?php 325 foreach($user_groups as $entry) { 326 echo "<option value='G".$entry[0]."'>".$entry[1]."</option>\n"; 327 } 328 ?> 329 </select> 330 </td> 331 </tr> 332 <tr> 333 <td colspan='3' align='center'> 334 <br /> 335 <strong><?php echo INSTRUCTION_LABEL; ?></strong> 336 </td> 337 </tr> 87 338 <tr> 88 339 <td> 89 <strong><?php echo READ_ACL_LABEL; ?></strong><br />90 <textarea name="read_acl" rows="4" cols="20"><?php echo $this->ACLs['read_acl'] ?></textarea>91 </td>92 93 <td>94 <strong><?php echo WRITE_ACL_LABEL; ?></strong><br />95 <textarea name="write_acl" rows="4" cols="20"><?php echo $this->ACLs['write_acl'] ?></textarea>96 </td>97 98 <td>99 <strong><?php echo COMMENT_ACL_LABEL; ?></strong><br />100 <textarea name="comment_acl" rows="4" cols="20"><?php echo $this->ACLs['comment_acl'] ?></textarea>101 </td>102 </tr>103 104 <tr>105 <td colspan="2">106 340 <br /> 107 <input type="submit" class="button" value="Store ACLs" />341 <input type="submit" class="button" value="Store ACLs" onclick="PrepareSave();" /> 108 342 <input type="button" class="button" value="Cancel" onclick="history.back();" /> 109 343 </td> 110 344 111 <td> 112 <strong><?php echo SET_OWNER_LABEL; ?></strong><br /> 345 <td colspan='2' align="right"> 346 <br /> 347 <strong><?php echo SET_OWNER_LABEL; ?></strong> 113 348 <select name="newowner"> 114 349 <option value="same"><?php echo $this->GetPageOwner().' '.SET_OWNER_CURRENT_LABEL ?></option> … … 128 363 </tr> 129 364 </table> 130 131 <br /> 132 <?php echo $this->Format(ACL_SYNTAX_HELP); ?> 365 <script type='text/javascript'> 366 function AddUser(fld, fldtype) { 367 var i = 0; 368 switch (fldtype) { 369 case "c": 370 var listLength = document.getElementById("comment_acl_selected").length; 371 for (i=0; i < listLength; i++) { 372 if (document.getElementById("comment_acl_selected").options[i].value == fld.options[fld.selectedIndex].value) return false; 373 } 374 document.getElementById("comment_acl_selected").options[listLength] = new Option(fld.options[fld.selectedIndex].text, fld.options[fld.selectedIndex].value); 375 break; 376 case "r": 377 var listLength = document.getElementById("read_acl_selected").length; 378 for (i=0; i < listLength; i++) { 379 if (document.getElementById("read_acl_selected").options[i].value == fld.options[fld.selectedIndex].value) return false; 380 } 381 document.getElementById("read_acl_selected").options[listLength] = new Option(fld.options[fld.selectedIndex].text, fld.options[fld.selectedIndex].value); 382 break; 383 case "w": 384 var listLength = document.getElementById("write_acl_selected").length; 385 for (i=0; i < listLength; i++) { 386 if (document.getElementById("write_acl_selected").options[i].value == fld.options[fld.selectedIndex].value) return false; 387 } 388 document.getElementById("write_acl_selected").options[listLength] = new Option(fld.options[fld.selectedIndex].text, fld.options[fld.selectedIndex].value); 389 break; 390 } 391 return false; 392 } 393 394 function AddGroup(fld, fldtype) { 395 var i = 0; 396 switch (fldtype) { 397 case "c": 398 var listLength = document.getElementById("comment_acl_selected").length; 399 document.getElementById("comment_acl_selected").options[listLength] = new Option("@"+fld.options[fld.selectedIndex].text, fld.options[fld.selectedIndex].value); 400 for (i=0; i < listLength; i++) { 401 if (document.getElementById("comment_acl_selected").options[i].value == fld.options[fld.selectedIndex].value) return false; 402 } 403 break; 404 case "r": 405 var listLength = document.getElementById("read_acl_selected").length; 406 for (i=0; i < listLength; i++) { 407 if (document.getElementById("read_acl_selected").options[i].value == fld.options[fld.selectedIndex].value) return false; 408 } 409 document.getElementById("read_acl_selected").options[listLength] = new Option("@"+fld.options[fld.selectedIndex].text, fld.options[fld.selectedIndex].value); 410 break; 411 case "w": 412 var listLength = document.getElementById("write_acl_selected").length; 413 for (i=0; i < listLength; i++) { 414 if (document.getElementById("write_acl_selected").options[i].value == fld.options[fld.selectedIndex].value) return false; 415 } 416 document.getElementById("write_acl_selected").options[listLength] = new Option("@"+fld.options[fld.selectedIndex].text, fld.options[fld.selectedIndex].value); 417 break; 418 } 419 return false; 420 } 421 422 function RemoveSelected(fld) { 423 fld.options[fld.selectedIndex] = null; 424 return false; 425 } 426 427 function PrepareSave() { 428 var i = 0; 429 var listlength = 0; 430 listlength = document.getElementById("comment_acl_selected").options.length; 431 for (var i = 0; i < listlength; i++) { 432 document.getElementById("comment_acl_selected").options[i].selected = true; 433 } 434 listlength = document.getElementById("read_acl_selected").options.length; 435 for (var i = 0; i < listlength; i++) { 436 document.getElementById("read_acl_selected").options[i].selected = true; 437 } 438 listlength = document.getElementById("write_acl_selected").options.length; 439 for (var i = 0; i < listlength; i++) { 440 document.getElementById("write_acl_selected").options[i].selected = true; 441 } 442 } 443 444 </script> 445 133 446 <?php 134 447 print($this->FormClose());
Note: See TracChangeset
for help on using the changeset viewer.
