| Zeile 49 | Zeile 49 |
|---|
admin_redirect("index.php?module=user-admin_permissions");
}
|
admin_redirect("index.php?module=user-admin_permissions");
}
|
if($mybb->input['no'])
| if($mybb->get_input('no'))
|
{
admin_redirect("index.php?module=user-admin_permissions");
}
| {
admin_redirect("index.php?module=user-admin_permissions");
}
|
| Zeile 122 | Zeile 122 |
|---|
{
foreach($mybb->input['permissions'] as $module => $actions)
{
|
{
foreach($mybb->input['permissions'] as $module => $actions)
{
|
$no_access = 0;
foreach($actions as $action => $access)
| if(is_array($actions))
|
{
|
{
|
if($access == 0)
| $no_access = 0;
foreach($actions as $action => $access)
|
{
|
{
|
++$no_access;
| if($access == 0)
{
++$no_access;
}
}
// User can't access any actions in this module - just disallow it completely
if($no_access == count($actions))
{
unset($mybb->input['permissions'][$module]);
|
}
|
}
|
}
// User can't access any actions in this module - just disallow it completely
if($no_access == count($actions))
{
unset($mybb->input['permissions'][$module]);
| |
}
}
| }
}
|
| Zeile 210 | Zeile 213 |
|---|
$admin = $db->fetch_array($query);
$permission_data = get_admin_permissions($uid, $admin['gid']);
|
$admin = $db->fetch_array($query);
$permission_data = get_admin_permissions($uid, $admin['gid']);
|
$title = $admin['username'];
| $title = htmlspecialchars_uni($admin['username']);
|
$page->add_breadcrumb_item($lang->user_permissions, "index.php?module=user-admin_permissions");
}
elseif($uid < 0)
| $page->add_breadcrumb_item($lang->user_permissions, "index.php?module=user-admin_permissions");
}
elseif($uid < 0)
|
| Zeile 246 | Zeile 249 |
|---|
);
$page->output_nav_tabs($sub_tabs, 'edit_permissions');
|
);
$page->output_nav_tabs($sub_tabs, 'edit_permissions');
|
}
$form = new Form("index.php?module=user-admin_permissions&action=edit", "post", "edit");
| }
$form = new Form("index.php?module=user-admin_permissions&action=edit", "post", "edit");
|
echo $form->generate_hidden_field("uid", $uid);
// Fetch all of the modules we have
| echo $form->generate_hidden_field("uid", $uid);
// Fetch all of the modules we have
|
| Zeile 318 | Zeile 321 |
|---|
$table = new Table;
$table->construct_header($lang->group);
|
$table = new Table;
$table->construct_header($lang->group);
|
$table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
// Get usergroups with ACP access
$query = $db->query("
SELECT g.title, g.cancp, a.permissions, g.gid
FROM ".TABLE_PREFIX."usergroups g
LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid = -g.gid)
WHERE g.cancp = 1
ORDER BY g.title ASC
");
| $table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
// Get usergroups with ACP access
$query = $db->query("
SELECT g.title, g.cancp, a.permissions, g.gid
FROM ".TABLE_PREFIX."usergroups g
LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid = -g.gid)
WHERE g.cancp = 1
ORDER BY g.title ASC
");
|
while($group = $db->fetch_array($query))
{
if($group['permissions'] != "")
|
while($group = $db->fetch_array($query))
{
if($group['permissions'] != "")
|
{
| {
|
$perm_type = "group";
}
else
| $perm_type = "group";
}
else
|
| Zeile 339 | Zeile 342 |
|---|
$perm_type = "default";
}
$uid = -$group['gid'];
|
$perm_type = "default";
}
$uid = -$group['gid'];
|
| |
$group['title'] = htmlspecialchars_uni($group['title']);
|
$table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->permissions_type_group}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$uid}\" title=\"{$lang->edit_group}\">{$group['title']}</a></strong><br /></div>");
if($group['permissions'] != "")
| $table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->permissions_type_group}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$uid}\" title=\"{$lang->edit_group}\">{$group['title']}</a></strong><br /></div>");
if($group['permissions'] != "")
|
| Zeile 347 | Zeile 353 |
|---|
$popup->add_item($lang->edit_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$uid}");
// Check permissions for Revoke
|
$popup->add_item($lang->edit_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$uid}");
// Check permissions for Revoke
|
$popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$uid}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, 'Are you sure you wish to revoke this group\'s permissions?')");
| $popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$uid}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '$lang->confirm_perms_deletion3')");
|
$table->construct_cell($popup->fetch(), array("class" => "align_center"));
}
else
| $table->construct_cell($popup->fetch(), array("class" => "align_center"));
}
else
|
| Zeile 398 | Zeile 404 |
|---|
$usergroups[$usergroup['gid']] = $usergroup;
}
|
$usergroups[$usergroup['gid']] = $usergroup;
}
|
// Get users whose primary or secondary usergroup has ACP access
$comma = $primary_group_list = $secondary_group_list = '';
foreach($usergroups as $gid => $group_info)
| if(!empty($usergroups))
|
{
|
{
|
$primary_group_list .= $comma.$gid;
switch($db->type)
{
case "pgsql":
case "sqlite":
$secondary_group_list .= " OR ','|| u.additionalgroups||',' LIKE '%,{$gid},%'";
break;
default:
$secondary_group_list .= " OR CONCAT(',', u.additionalgroups,',') LIKE '%,{$gid},%'";
}
$comma = ',';
}
$group_list = implode(',', array_keys($usergroups));
$secondary_groups = ','.$group_list.',';
// Get usergroups with ACP access
$query = $db->query("
SELECT g.title, g.cancp, a.permissions, g.gid
FROM ".TABLE_PREFIX."usergroups g
LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid = -g.gid)
WHERE g.cancp = 1
ORDER BY g.title ASC
");
while($group = $db->fetch_array($query))
{
$group_permissions[$group['gid']] = $group['permissions'];
}
$query = $db->query("
SELECT u.uid, u.username, u.lastactive, u.usergroup, u.additionalgroups, a.permissions
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid=u.uid)
WHERE u.usergroup IN ({$primary_group_list}) {$secondary_group_list}
ORDER BY u.username ASC
");
while($admin = $db->fetch_array($query))
{
if($admin['permissions'] != "")
{
$perm_type = "user";
}
else
| // Get users whose primary or secondary usergroup has ACP access
$comma = $primary_group_list = $secondary_group_list = '';
foreach($usergroups as $gid => $group_info)
|
{
|
{
|
$groups = explode(",", $admin['additionalgroups'].",".$admin['usergroup']);
foreach($groups as $group)
| $primary_group_list .= $comma.$gid;
switch($db->type)
|
{
|
{
|
if($group == "") continue;
if($group_permissions[$group] != "")
{
$perm_type = "group";
| case "pgsql":
case "sqlite":
$secondary_group_list .= " OR ','|| u.additionalgroups||',' LIKE '%,{$gid},%'";
|
break;
|
break;
|
}
}
if(!$group_permissions)
{
$perm_type = "default";
}
| default:
$secondary_group_list .= " OR CONCAT(',', u.additionalgroups,',') LIKE '%,{$gid},%'";
}
$comma = ',';
}
$group_list = implode(',', array_keys($usergroups));
$secondary_groups = ','.$group_list.',';
// Get usergroups with ACP access
$query = $db->query("
SELECT g.title, g.cancp, a.permissions, g.gid
FROM ".TABLE_PREFIX."usergroups g
LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid = -g.gid)
WHERE g.cancp = 1
ORDER BY g.title ASC
");
while($group = $db->fetch_array($query))
{
$group_permissions[$group['gid']] = $group['permissions'];
|
}
|
}
|
$usergroup_list = array();
| $query = $db->query("
SELECT u.uid, u.username, u.lastactive, u.usergroup, u.additionalgroups, a.permissions
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid=u.uid)
WHERE u.usergroup IN ({$primary_group_list}) {$secondary_group_list}
ORDER BY u.username ASC
");
while($admin = $db->fetch_array($query))
{
$perm_type = "default";
if($admin['permissions'] != "")
{
$perm_type = "user";
}
else
{
$groups = explode(",", $admin['additionalgroups'].",".$admin['usergroup']);
foreach($groups as $group)
{
if($group == "") continue;
if($group_permissions[$group] != "")
{
$perm_type = "group";
break;
}
}
}
$usergroup_list = array();
// Build a list of group memberships that have access to the Admin CP
// Primary usergroup?
if($usergroups[$admin['usergroup']]['cancp'] == 1)
{
$usergroup_list[] = "<i>".htmlspecialchars_uni($usergroups[$admin['usergroup']]['title'])."</i>";
}
// Secondary usergroups?
$additional_groups = explode(',', $admin['additionalgroups']);
if(is_array($additional_groups))
{
foreach($additional_groups as $gid)
{
if(!empty($usergroups[$gid]) && $usergroups[$gid]['cancp'] == 1)
{
$usergroup_list[] = htmlspecialchars_uni($usergroups[$gid]['title']);
}
}
}
$usergroup_list = implode($lang->comma, $usergroup_list);
$username = htmlspecialchars_uni($admin['username']);
$table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->permissions_type_user}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}\" title=\"{$lang->edit_user}\">{$username}</a></strong><br /><small>{$usergroup_list}</small></div>");
$table->construct_cell(my_date('relative', $admin['lastactive']), array("class" => "align_center"));
|
|
|
// Build a list of group memberships that have access to the Admin CP
// Primary usergroup?
if($usergroups[$admin['usergroup']]['cancp'] == 1)
{
$usergroup_list[] = "<i>".$usergroups[$admin['usergroup']]['title']."</i>";
}
// Secondary usergroups?
$additional_groups = explode(',', $admin['additionalgroups']);
if(is_array($additional_groups))
{
foreach($additional_groups as $gid)
| $popup = new PopupMenu("adminperm_{$admin['uid']}", $lang->options);
if(!is_super_admin($admin['uid']))
|
{
|
{
|
if($usergroups[$gid]['cancp'] == 1)
| if($admin['permissions'] != "")
|
{
|
{
|
$usergroup_list[] = $usergroups[$gid]['title'];
| $popup->add_item($lang->edit_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}");
$popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$admin['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->confirm_perms_deletion2}')");
}
else
{
$popup->add_item($lang->set_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}");
|
}
}
|
}
}
|
| | $popup->add_item($lang->view_log, "index.php?module=tools-adminlog&uid={$admin['uid']}");
$table->construct_cell($popup->fetch(), array("class" => "align_center"));
$table->construct_row();
|
}
|
}
|
$usergroup_list = implode($lang->comma, $usergroup_list);
$table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->perms_type_user}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}\" title=\"{$lang->edit_user}\">{$admin['username']}</a></strong><br /><small>{$usergroup_list}</small></div>");
$table->construct_cell(my_date('relative', $admin['lastactive']), array("class" => "align_center"));
$popup = new PopupMenu("adminperm_{$admin['uid']}", $lang->options);
if(!is_super_admin($admin['uid']))
{
if($admin['permissions'] != "")
{
$popup->add_item($lang->edit_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}");
$popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$admin['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->confirm_perms_deletion2}')");
}
else
{
$popup->add_item($lang->set_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}");
}
}
$popup->add_item($lang->view_log, "index.php?module=tools-adminlog&uid={$admin['uid']}");
$table->construct_cell($popup->fetch(), array("class" => "align_center"));
$table->construct_row();
| |
}
|
}
|
if($table->num_rows() == 0)
| if(empty($usergroups) || $table->num_rows() == 0)
|
{
$table->construct_cell($lang->no_user_perms, array("colspan" => "3"));
$table->construct_row();
| {
$table->construct_cell($lang->no_user_perms, array("colspan" => "3"));
$table->construct_row();
|