1 | <?php
|
---|
2 | /**
|
---|
3 | *
|
---|
4 | * @package acp
|
---|
5 | * @version $Id: acp_permission_roles.php 8479 2008-03-29 00:22:48Z naderman $
|
---|
6 | * @copyright (c) 2005 phpBB Group
|
---|
7 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
---|
8 | *
|
---|
9 | */
|
---|
10 |
|
---|
11 | /**
|
---|
12 | * @ignore
|
---|
13 | */
|
---|
14 | if (!defined('IN_PHPBB'))
|
---|
15 | {
|
---|
16 | exit;
|
---|
17 | }
|
---|
18 |
|
---|
19 | /**
|
---|
20 | * @package acp
|
---|
21 | */
|
---|
22 | class acp_permission_roles
|
---|
23 | {
|
---|
24 | var $u_action;
|
---|
25 |
|
---|
26 | function main($id, $mode)
|
---|
27 | {
|
---|
28 | global $db, $user, $auth, $template, $cache;
|
---|
29 | global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
|
---|
30 |
|
---|
31 | include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
---|
32 | include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
|
---|
33 |
|
---|
34 | $auth_admin = new auth_admin();
|
---|
35 |
|
---|
36 | $user->add_lang('acp/permissions');
|
---|
37 | add_permission_language();
|
---|
38 |
|
---|
39 | $this->tpl_name = 'acp_permission_roles';
|
---|
40 |
|
---|
41 | $submit = (isset($_POST['submit'])) ? true : false;
|
---|
42 | $role_id = request_var('role_id', 0);
|
---|
43 | $action = request_var('action', '');
|
---|
44 | $action = (isset($_POST['add'])) ? 'add' : $action;
|
---|
45 |
|
---|
46 | $form_name = 'acp_permissions';
|
---|
47 | add_form_key($form_name);
|
---|
48 |
|
---|
49 | switch ($mode)
|
---|
50 | {
|
---|
51 | case 'admin_roles':
|
---|
52 | $permission_type = 'a_';
|
---|
53 | $this->page_title = 'ACP_ADMIN_ROLES';
|
---|
54 | break;
|
---|
55 |
|
---|
56 | case 'user_roles':
|
---|
57 | $permission_type = 'u_';
|
---|
58 | $this->page_title = 'ACP_USER_ROLES';
|
---|
59 | break;
|
---|
60 |
|
---|
61 | case 'mod_roles':
|
---|
62 | $permission_type = 'm_';
|
---|
63 | $this->page_title = 'ACP_MOD_ROLES';
|
---|
64 | break;
|
---|
65 |
|
---|
66 | case 'forum_roles':
|
---|
67 | $permission_type = 'f_';
|
---|
68 | $this->page_title = 'ACP_FORUM_ROLES';
|
---|
69 | break;
|
---|
70 |
|
---|
71 | default:
|
---|
72 | trigger_error('NO_MODE', E_USER_ERROR);
|
---|
73 | break;
|
---|
74 | }
|
---|
75 |
|
---|
76 | $template->assign_vars(array(
|
---|
77 | 'L_TITLE' => $user->lang[$this->page_title],
|
---|
78 | 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'])
|
---|
79 | );
|
---|
80 |
|
---|
81 | // Take action... admin submitted something
|
---|
82 | if ($submit || $action == 'remove')
|
---|
83 | {
|
---|
84 | switch ($action)
|
---|
85 | {
|
---|
86 | case 'remove':
|
---|
87 |
|
---|
88 | if (!$role_id)
|
---|
89 | {
|
---|
90 | trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
91 | }
|
---|
92 |
|
---|
93 | $sql = 'SELECT *
|
---|
94 | FROM ' . ACL_ROLES_TABLE . '
|
---|
95 | WHERE role_id = ' . $role_id;
|
---|
96 | $result = $db->sql_query($sql);
|
---|
97 | $role_row = $db->sql_fetchrow($result);
|
---|
98 | $db->sql_freeresult($result);
|
---|
99 |
|
---|
100 | if (!$role_row)
|
---|
101 | {
|
---|
102 | trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
103 | }
|
---|
104 |
|
---|
105 | if (confirm_box(true))
|
---|
106 | {
|
---|
107 | $this->remove_role($role_id, $permission_type);
|
---|
108 |
|
---|
109 | $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
|
---|
110 | add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name);
|
---|
111 | trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action));
|
---|
112 | }
|
---|
113 | else
|
---|
114 | {
|
---|
115 | confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array(
|
---|
116 | 'i' => $id,
|
---|
117 | 'mode' => $mode,
|
---|
118 | 'role_id' => $role_id,
|
---|
119 | 'action' => $action,
|
---|
120 | )));
|
---|
121 | }
|
---|
122 |
|
---|
123 | break;
|
---|
124 |
|
---|
125 | case 'edit':
|
---|
126 | if (!$role_id)
|
---|
127 | {
|
---|
128 | trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
129 | }
|
---|
130 |
|
---|
131 | // Get role we edit
|
---|
132 | $sql = 'SELECT *
|
---|
133 | FROM ' . ACL_ROLES_TABLE . '
|
---|
134 | WHERE role_id = ' . $role_id;
|
---|
135 | $result = $db->sql_query($sql);
|
---|
136 | $role_row = $db->sql_fetchrow($result);
|
---|
137 | $db->sql_freeresult($result);
|
---|
138 |
|
---|
139 | if (!$role_row)
|
---|
140 | {
|
---|
141 | trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
142 | }
|
---|
143 |
|
---|
144 | // no break;
|
---|
145 |
|
---|
146 | case 'add':
|
---|
147 |
|
---|
148 | if (!check_form_key($form_name))
|
---|
149 | {
|
---|
150 | trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
|
---|
151 | }
|
---|
152 |
|
---|
153 | $role_name = utf8_normalize_nfc(request_var('role_name', '', true));
|
---|
154 | $role_description = utf8_normalize_nfc(request_var('role_description', '', true));
|
---|
155 | $auth_settings = request_var('setting', array('' => 0));
|
---|
156 |
|
---|
157 | if (!$role_name)
|
---|
158 | {
|
---|
159 | trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
160 | }
|
---|
161 |
|
---|
162 | if (utf8_strlen($role_description) > 4000)
|
---|
163 | {
|
---|
164 | trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
165 | }
|
---|
166 |
|
---|
167 | // if we add/edit a role we check the name to be unique among the settings...
|
---|
168 | $sql = 'SELECT role_id
|
---|
169 | FROM ' . ACL_ROLES_TABLE . "
|
---|
170 | WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
---|
171 | AND role_name = '" . $db->sql_escape($role_name) . "'";
|
---|
172 | $result = $db->sql_query($sql);
|
---|
173 | $row = $db->sql_fetchrow($result);
|
---|
174 | $db->sql_freeresult($result);
|
---|
175 |
|
---|
176 | // Make sure we only print out the error if we add the role or change it's name
|
---|
177 | if ($row && ($mode == 'add' || ($mode == 'edit' && $role_row['role_name'] != $role_name)))
|
---|
178 | {
|
---|
179 | trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
180 | }
|
---|
181 |
|
---|
182 | $sql_ary = array(
|
---|
183 | 'role_name' => (string) $role_name,
|
---|
184 | 'role_description' => (string) $role_description,
|
---|
185 | 'role_type' => (string) $permission_type,
|
---|
186 | );
|
---|
187 |
|
---|
188 | if ($action == 'edit')
|
---|
189 | {
|
---|
190 | $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
|
---|
191 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
|
---|
192 | WHERE role_id = ' . $role_id;
|
---|
193 | $db->sql_query($sql);
|
---|
194 | }
|
---|
195 | else
|
---|
196 | {
|
---|
197 | // Get maximum role order for inserting a new role...
|
---|
198 | $sql = 'SELECT MAX(role_order) as max_order
|
---|
199 | FROM ' . ACL_ROLES_TABLE . "
|
---|
200 | WHERE role_type = '" . $db->sql_escape($permission_type) . "'";
|
---|
201 | $result = $db->sql_query($sql);
|
---|
202 | $max_order = (int) $db->sql_fetchfield('max_order');
|
---|
203 | $db->sql_freeresult($result);
|
---|
204 |
|
---|
205 | $sql_ary['role_order'] = $max_order + 1;
|
---|
206 |
|
---|
207 | $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
|
---|
208 | $db->sql_query($sql);
|
---|
209 |
|
---|
210 | $role_id = $db->sql_nextid();
|
---|
211 | }
|
---|
212 |
|
---|
213 | // Now add the auth settings
|
---|
214 | $auth_admin->acl_set_role($role_id, $auth_settings);
|
---|
215 |
|
---|
216 | $role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name;
|
---|
217 | add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name);
|
---|
218 |
|
---|
219 | trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action));
|
---|
220 |
|
---|
221 | break;
|
---|
222 | }
|
---|
223 | }
|
---|
224 |
|
---|
225 | // Display screens
|
---|
226 | switch ($action)
|
---|
227 | {
|
---|
228 | case 'add':
|
---|
229 |
|
---|
230 | $options_from = request_var('options_from', 0);
|
---|
231 |
|
---|
232 | $role_row = array(
|
---|
233 | 'role_name' => utf8_normalize_nfc(request_var('role_name', '', true)),
|
---|
234 | 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)),
|
---|
235 | 'role_type' => $permission_type,
|
---|
236 | );
|
---|
237 |
|
---|
238 | if ($options_from)
|
---|
239 | {
|
---|
240 | $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
|
---|
241 | FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
|
---|
242 | WHERE o.auth_option_id = p.auth_option_id
|
---|
243 | AND p.role_id = ' . $options_from . '
|
---|
244 | ORDER BY p.auth_option_id';
|
---|
245 | $result = $db->sql_query($sql);
|
---|
246 |
|
---|
247 | $auth_options = array();
|
---|
248 | while ($row = $db->sql_fetchrow($result))
|
---|
249 | {
|
---|
250 | $auth_options[$row['auth_option']] = $row['auth_setting'];
|
---|
251 | }
|
---|
252 | $db->sql_freeresult($result);
|
---|
253 | }
|
---|
254 | else
|
---|
255 | {
|
---|
256 | $sql = 'SELECT auth_option_id, auth_option
|
---|
257 | FROM ' . ACL_OPTIONS_TABLE . "
|
---|
258 | WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "
|
---|
259 | AND auth_option <> '{$permission_type}'
|
---|
260 | ORDER BY auth_option_id";
|
---|
261 | $result = $db->sql_query($sql);
|
---|
262 |
|
---|
263 | $auth_options = array();
|
---|
264 | while ($row = $db->sql_fetchrow($result))
|
---|
265 | {
|
---|
266 | $auth_options[$row['auth_option']] = ACL_NO;
|
---|
267 | }
|
---|
268 | $db->sql_freeresult($result);
|
---|
269 | }
|
---|
270 |
|
---|
271 | // no break;
|
---|
272 |
|
---|
273 | case 'edit':
|
---|
274 |
|
---|
275 | if ($action == 'edit')
|
---|
276 | {
|
---|
277 | if (!$role_id)
|
---|
278 | {
|
---|
279 | trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
280 | }
|
---|
281 |
|
---|
282 | $sql = 'SELECT *
|
---|
283 | FROM ' . ACL_ROLES_TABLE . '
|
---|
284 | WHERE role_id = ' . $role_id;
|
---|
285 | $result = $db->sql_query($sql);
|
---|
286 | $role_row = $db->sql_fetchrow($result);
|
---|
287 | $db->sql_freeresult($result);
|
---|
288 |
|
---|
289 | $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
|
---|
290 | FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
|
---|
291 | WHERE o.auth_option_id = p.auth_option_id
|
---|
292 | AND p.role_id = ' . $role_id . '
|
---|
293 | ORDER BY p.auth_option_id';
|
---|
294 | $result = $db->sql_query($sql);
|
---|
295 |
|
---|
296 | $auth_options = array();
|
---|
297 | while ($row = $db->sql_fetchrow($result))
|
---|
298 | {
|
---|
299 | $auth_options[$row['auth_option']] = $row['auth_setting'];
|
---|
300 | }
|
---|
301 | $db->sql_freeresult($result);
|
---|
302 | }
|
---|
303 |
|
---|
304 | if (!$role_row)
|
---|
305 | {
|
---|
306 | trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
307 | }
|
---|
308 |
|
---|
309 | $template->assign_vars(array(
|
---|
310 | 'S_EDIT' => true,
|
---|
311 |
|
---|
312 | 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}",
|
---|
313 | 'U_BACK' => $this->u_action,
|
---|
314 |
|
---|
315 | 'ROLE_NAME' => $role_row['role_name'],
|
---|
316 | 'ROLE_DESCRIPTION' => $role_row['role_description'],
|
---|
317 | 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)],
|
---|
318 | )
|
---|
319 | );
|
---|
320 |
|
---|
321 | // We need to fill the auth options array with ACL_NO options ;)
|
---|
322 | $sql = 'SELECT auth_option_id, auth_option
|
---|
323 | FROM ' . ACL_OPTIONS_TABLE . "
|
---|
324 | WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "
|
---|
325 | AND auth_option <> '{$permission_type}'
|
---|
326 | ORDER BY auth_option_id";
|
---|
327 | $result = $db->sql_query($sql);
|
---|
328 |
|
---|
329 | while ($row = $db->sql_fetchrow($result))
|
---|
330 | {
|
---|
331 | if (!isset($auth_options[$row['auth_option']]))
|
---|
332 | {
|
---|
333 | $auth_options[$row['auth_option']] = ACL_NO;
|
---|
334 | }
|
---|
335 | }
|
---|
336 | $db->sql_freeresult($result);
|
---|
337 |
|
---|
338 | // Unset global permission option
|
---|
339 | unset($auth_options[$permission_type]);
|
---|
340 |
|
---|
341 | // Display auth options
|
---|
342 | $this->display_auth_options($auth_options);
|
---|
343 |
|
---|
344 | // Get users/groups/forums using this preset...
|
---|
345 | if ($action == 'edit')
|
---|
346 | {
|
---|
347 | $hold_ary = $auth_admin->get_role_mask($role_id);
|
---|
348 |
|
---|
349 | if (sizeof($hold_ary))
|
---|
350 | {
|
---|
351 | $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
|
---|
352 |
|
---|
353 | $template->assign_vars(array(
|
---|
354 | 'S_DISPLAY_ROLE_MASK' => true,
|
---|
355 | 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
|
---|
356 | );
|
---|
357 |
|
---|
358 | $auth_admin->display_role_mask($hold_ary);
|
---|
359 | }
|
---|
360 | }
|
---|
361 |
|
---|
362 | return;
|
---|
363 | break;
|
---|
364 |
|
---|
365 | case 'move_up':
|
---|
366 | case 'move_down':
|
---|
367 |
|
---|
368 | $order = request_var('order', 0);
|
---|
369 | $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
|
---|
370 |
|
---|
371 | $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
|
---|
372 | SET role_order = ' . $order_total . " - role_order
|
---|
373 | WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
---|
374 | AND role_order IN ($order, " . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
|
---|
375 | $db->sql_query($sql);
|
---|
376 |
|
---|
377 | break;
|
---|
378 | }
|
---|
379 |
|
---|
380 | // By default, check that role_order is valid and fix it if necessary
|
---|
381 | $sql = 'SELECT role_id, role_order
|
---|
382 | FROM ' . ACL_ROLES_TABLE . "
|
---|
383 | WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
---|
384 | ORDER BY role_order ASC";
|
---|
385 | $result = $db->sql_query($sql);
|
---|
386 |
|
---|
387 | if ($row = $db->sql_fetchrow($result))
|
---|
388 | {
|
---|
389 | $order = 0;
|
---|
390 | do
|
---|
391 | {
|
---|
392 | $order++;
|
---|
393 | if ($row['role_order'] != $order)
|
---|
394 | {
|
---|
395 | $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}");
|
---|
396 | }
|
---|
397 | }
|
---|
398 | while ($row = $db->sql_fetchrow($result));
|
---|
399 | }
|
---|
400 | $db->sql_freeresult($result);
|
---|
401 |
|
---|
402 | // Display assigned items?
|
---|
403 | $display_item = request_var('display_item', 0);
|
---|
404 |
|
---|
405 | // Select existing roles
|
---|
406 | $sql = 'SELECT *
|
---|
407 | FROM ' . ACL_ROLES_TABLE . "
|
---|
408 | WHERE role_type = '" . $db->sql_escape($permission_type) . "'
|
---|
409 | ORDER BY role_order ASC";
|
---|
410 | $result = $db->sql_query($sql);
|
---|
411 |
|
---|
412 | $s_role_options = '';
|
---|
413 | while ($row = $db->sql_fetchrow($result))
|
---|
414 | {
|
---|
415 | $role_name = (!empty($user->lang[$row['role_name']])) ? $user->lang[$row['role_name']] : $row['role_name'];
|
---|
416 |
|
---|
417 | $template->assign_block_vars('roles', array(
|
---|
418 | 'ROLE_NAME' => $role_name,
|
---|
419 | 'ROLE_DESCRIPTION' => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']),
|
---|
420 |
|
---|
421 | 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'],
|
---|
422 | 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'],
|
---|
423 | 'U_MOVE_UP' => $this->u_action . '&action=move_up&order=' . $row['role_order'],
|
---|
424 | 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&order=' . $row['role_order'],
|
---|
425 | 'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to')
|
---|
426 | );
|
---|
427 |
|
---|
428 | $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
|
---|
429 |
|
---|
430 | if ($display_item == $row['role_id'])
|
---|
431 | {
|
---|
432 | $template->assign_vars(array(
|
---|
433 | 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
|
---|
434 | );
|
---|
435 | }
|
---|
436 | }
|
---|
437 | $db->sql_freeresult($result);
|
---|
438 |
|
---|
439 | $template->assign_vars(array(
|
---|
440 | 'S_ROLE_OPTIONS' => $s_role_options)
|
---|
441 | );
|
---|
442 |
|
---|
443 | if ($display_item)
|
---|
444 | {
|
---|
445 | $template->assign_vars(array(
|
---|
446 | 'S_DISPLAY_ROLE_MASK' => true)
|
---|
447 | );
|
---|
448 |
|
---|
449 | $hold_ary = $auth_admin->get_role_mask($display_item);
|
---|
450 | $auth_admin->display_role_mask($hold_ary);
|
---|
451 | }
|
---|
452 | }
|
---|
453 |
|
---|
454 | /**
|
---|
455 | * Display permission settings able to be set
|
---|
456 | */
|
---|
457 | function display_auth_options($auth_options)
|
---|
458 | {
|
---|
459 | global $template, $user;
|
---|
460 |
|
---|
461 | $content_array = $categories = array();
|
---|
462 | $key_sort_array = array(0);
|
---|
463 | $auth_options = array(0 => $auth_options);
|
---|
464 |
|
---|
465 | // Making use of auth_admin method here (we do not really want to change two similar code fragments)
|
---|
466 | auth_admin::build_permission_array($auth_options, $content_array, $categories, $key_sort_array);
|
---|
467 |
|
---|
468 | $content_array = $content_array[0];
|
---|
469 |
|
---|
470 | $template->assign_var('S_NUM_PERM_COLS', sizeof($categories));
|
---|
471 |
|
---|
472 | // Assign to template
|
---|
473 | foreach ($content_array as $cat => $cat_array)
|
---|
474 | {
|
---|
475 | $template->assign_block_vars('auth', array(
|
---|
476 | 'CAT_NAME' => $user->lang['permission_cat'][$cat],
|
---|
477 |
|
---|
478 | 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
|
---|
479 | 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
|
---|
480 | 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false)
|
---|
481 | );
|
---|
482 |
|
---|
483 | foreach ($cat_array['permissions'] as $permission => $allowed)
|
---|
484 | {
|
---|
485 | $template->assign_block_vars('auth.mask', array(
|
---|
486 | 'S_YES' => ($allowed == ACL_YES) ? true : false,
|
---|
487 | 'S_NEVER' => ($allowed == ACL_NEVER) ? true : false,
|
---|
488 | 'S_NO' => ($allowed == ACL_NO) ? true : false,
|
---|
489 |
|
---|
490 | 'FIELD_NAME' => $permission,
|
---|
491 | 'PERMISSION' => $user->lang['acl_' . $permission]['lang'])
|
---|
492 | );
|
---|
493 | }
|
---|
494 | }
|
---|
495 | }
|
---|
496 |
|
---|
497 | /**
|
---|
498 | * Remove role
|
---|
499 | */
|
---|
500 | function remove_role($role_id, $permission_type)
|
---|
501 | {
|
---|
502 | global $db;
|
---|
503 |
|
---|
504 | $auth_admin = new auth_admin();
|
---|
505 |
|
---|
506 | // Get complete auth array
|
---|
507 | $sql = 'SELECT auth_option, auth_option_id
|
---|
508 | FROM ' . ACL_OPTIONS_TABLE . "
|
---|
509 | WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char);
|
---|
510 | $result = $db->sql_query($sql);
|
---|
511 |
|
---|
512 | $auth_settings = array();
|
---|
513 | while ($row = $db->sql_fetchrow($result))
|
---|
514 | {
|
---|
515 | $auth_settings[$row['auth_option']] = ACL_NO;
|
---|
516 | }
|
---|
517 | $db->sql_freeresult($result);
|
---|
518 |
|
---|
519 | // Get the role auth settings we need to re-set...
|
---|
520 | $sql = 'SELECT o.auth_option, r.auth_setting
|
---|
521 | FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
|
---|
522 | WHERE o.auth_option_id = r.auth_option_id
|
---|
523 | AND r.role_id = ' . $role_id;
|
---|
524 | $result = $db->sql_query($sql);
|
---|
525 |
|
---|
526 | while ($row = $db->sql_fetchrow($result))
|
---|
527 | {
|
---|
528 | $auth_settings[$row['auth_option']] = $row['auth_setting'];
|
---|
529 | }
|
---|
530 | $db->sql_freeresult($result);
|
---|
531 |
|
---|
532 | // Get role assignments
|
---|
533 | $hold_ary = $auth_admin->get_role_mask($role_id);
|
---|
534 |
|
---|
535 | // Re-assign permissions
|
---|
536 | foreach ($hold_ary as $forum_id => $forum_ary)
|
---|
537 | {
|
---|
538 | if (isset($forum_ary['users']))
|
---|
539 | {
|
---|
540 | $auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
|
---|
541 | }
|
---|
542 |
|
---|
543 | if (isset($forum_ary['groups']))
|
---|
544 | {
|
---|
545 | $auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
|
---|
546 | }
|
---|
547 | }
|
---|
548 |
|
---|
549 | // Remove role from users and groups just to be sure (happens through acl_set)
|
---|
550 | $sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
|
---|
551 | WHERE auth_role_id = ' . $role_id;
|
---|
552 | $db->sql_query($sql);
|
---|
553 |
|
---|
554 | $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
|
---|
555 | WHERE auth_role_id = ' . $role_id;
|
---|
556 | $db->sql_query($sql);
|
---|
557 |
|
---|
558 | // Remove role data and role
|
---|
559 | $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
|
---|
560 | WHERE role_id = ' . $role_id;
|
---|
561 | $db->sql_query($sql);
|
---|
562 |
|
---|
563 | $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . '
|
---|
564 | WHERE role_id = ' . $role_id;
|
---|
565 | $db->sql_query($sql);
|
---|
566 |
|
---|
567 | $auth_admin->acl_clear_prefetch();
|
---|
568 | }
|
---|
569 | }
|
---|
570 |
|
---|
571 | ?>
|
---|