Zeile 37 | Zeile 37 |
---|
); }
|
); }
|
$uid = $mybb->get_input('uid', 1);
| $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
|
$plugins->run_hooks("admin_user_admin_permissions_begin");
| $plugins->run_hooks("admin_user_admin_permissions_begin");
|
Zeile 74 | Zeile 74 |
---|
$newperms = array( "permissions" => '' );
|
$newperms = array( "permissions" => '' );
|
$db->update_query("adminoptions", $newperms, "uid = '{$uid}'");
|
|
$plugins->run_hooks("admin_user_admin_permissions_delete_commit");
|
$plugins->run_hooks("admin_user_admin_permissions_delete_commit");
|
| $db->update_query("adminoptions", $newperms, "uid = '{$uid}'");
|
// Log admin action if($uid < 0)
| // Log admin action if($uid < 0)
|
Zeile 88 | Zeile 89 |
---|
} elseif($uid == 0)
|
} elseif($uid == 0)
|
{
| {
|
// Default log_admin_action(0, $lang->default); }
| // Default log_admin_action(0, $lang->default); }
|
Zeile 97 | Zeile 98 |
---|
$user = get_user($uid); log_admin_action($uid, $user['username']); }
|
$user = get_user($uid); log_admin_action($uid, $user['username']); }
|
|
|
flash_message($lang->success_perms_deleted, 'success'); admin_redirect("index.php?module=user-admin_permissions"); } else
|
flash_message($lang->success_perms_deleted, 'success'); admin_redirect("index.php?module=user-admin_permissions"); } else
|
{
| {
|
$page->output_confirm_action("index.php?module=user-admin_permissions&action=delete&uid={$mybb->input['uid']}", $lang->confirm_perms_deletion); } }
| $page->output_confirm_action("index.php?module=user-admin_permissions&action=delete&uid={$mybb->input['uid']}", $lang->confirm_perms_deletion); } }
|
Zeile 112 | Zeile 113 |
---|
if(is_super_admin($uid)) { flash_message($lang->error_super_admin, 'error');
|
if(is_super_admin($uid)) { flash_message($lang->error_super_admin, 'error');
|
admin_redirect("index.php?module=user-admin_permissions"); }
$plugins->run_hooks("admin_user_admin_permissions_edit");
if($mybb->request_method == "post") {
| admin_redirect("index.php?module=user-admin_permissions"); }
$plugins->run_hooks("admin_user_admin_permissions_edit");
if($mybb->request_method == "post") {
|
foreach($mybb->input['permissions'] as $module => $actions) { $no_access = 0;
| foreach($mybb->input['permissions'] as $module => $actions) { $no_access = 0;
|
Zeile 137 | Zeile 138 |
---|
}
// Does an options row exist for this admin already?
|
}
// Does an options row exist for this admin already?
|
$query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".$mybb->get_input('uid', 1)."'");
| $query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'");
|
$existing_options = $db->fetch_field($query, "existing_options"); if($existing_options > 0) {
|
$existing_options = $db->fetch_field($query, "existing_options"); if($existing_options > 0) {
|
$db->update_query("adminoptions", array('permissions' => $db->escape_string(serialize($mybb->input['permissions']))), "uid = '".$mybb->get_input('uid', 1)."'");
| $db->update_query("adminoptions", array('permissions' => $db->escape_string(my_serialize($mybb->input['permissions']))), "uid = '".$mybb->get_input('uid', MyBB::INPUT_INT)."'");
|
} else { $insert_array = array(
|
} else { $insert_array = array(
|
"uid" => $mybb->get_input('uid', 1), "permissions" => $db->escape_string(serialize($mybb->input['permissions'])),
| "uid" => $mybb->get_input('uid', MyBB::INPUT_INT), "permissions" => $db->escape_string(my_serialize($mybb->input['permissions'])),
|
"notes" => '', "defaultviews" => '' );
| "notes" => '', "defaultviews" => '' );
|
Zeile 209 | Zeile 210 |
---|
$admin = $db->fetch_array($query); $permission_data = get_admin_permissions($uid, $admin['gid']);
|
$admin = $db->fetch_array($query); $permission_data = get_admin_permissions($uid, $admin['gid']);
|
$title = $admin['username'];
| $title = htmlspecialchars_uni($admin['username']);
|
$page->add_breadcrumb_item($lang->user_permissions, "index.php?module=user-admin_permissions"); } elseif($uid < 0)
| $page->add_breadcrumb_item($lang->user_permissions, "index.php?module=user-admin_permissions"); } elseif($uid < 0)
|
Zeile 261 | Zeile 262 |
---|
{ require_once $modules_dir."/".$module."/module_meta.php"; $meta_function = $module."_admin_permissions";
|
{ require_once $modules_dir."/".$module."/module_meta.php"; $meta_function = $module."_admin_permissions";
|
|
|
// Module has no permissions, skip it if(function_exists($meta_function) && is_array($meta_function())) {
| // Module has no permissions, skip it if(function_exists($meta_function) && is_array($meta_function())) {
|
Zeile 278 | Zeile 279 |
---|
if(!is_array($mod)) { continue;
|
if(!is_array($mod)) { continue;
|
}
| }
|
foreach($mod as $module) { $module_tabs[$module] = $permission_modules[$module]['name'];
|
foreach($mod as $module) { $module_tabs[$module] = $permission_modules[$module]['name'];
|
}
| }
|
} $page->output_tab_control($module_tabs);
| } $page->output_tab_control($module_tabs);
|
Zeile 307 | Zeile 308 |
---|
}
if($mybb->input['action'] == "group")
|
}
if($mybb->input['action'] == "group")
|
{
| {
|
$plugins->run_hooks("admin_user_admin_permissions_group");
|
$plugins->run_hooks("admin_user_admin_permissions_group");
|
|
|
$page->add_breadcrumb_item($lang->group_permissions); $page->output_header($lang->group_permissions);
|
$page->add_breadcrumb_item($lang->group_permissions); $page->output_header($lang->group_permissions);
|
|
|
$page->output_nav_tabs($sub_tabs, 'group_permissions');
$table = new Table;
| $page->output_nav_tabs($sub_tabs, 'group_permissions');
$table = new Table;
|
Zeile 332 | Zeile 333 |
---|
if($group['permissions'] != "") { $perm_type = "group";
|
if($group['permissions'] != "") { $perm_type = "group";
|
}
| }
|
else { $perm_type = "default"; } $uid = -$group['gid'];
|
else { $perm_type = "default"; } $uid = -$group['gid'];
|
| $group['title'] = htmlspecialchars_uni($group['title']);
|
$table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->permissions_type_group}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$uid}\" title=\"{$lang->edit_group}\">{$group['title']}</a></strong><br /></div>");
if($group['permissions'] != "")
| $table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->permissions_type_group}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$uid}\" title=\"{$lang->edit_group}\">{$group['title']}</a></strong><br /></div>");
if($group['permissions'] != "")
|
Zeile 348 | Zeile 352 |
---|
// Check permissions for Revoke $popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$uid}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, 'Are you sure you wish to revoke this group\'s permissions?')"); $table->construct_cell($popup->fetch(), array("class" => "align_center"));
|
// Check permissions for Revoke $popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$uid}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, 'Are you sure you wish to revoke this group\'s permissions?')"); $table->construct_cell($popup->fetch(), array("class" => "align_center"));
|
} else { $table->construct_cell("<a href=\"index.php?module=user-admin_permissions&action=edit&uid={$uid}\">{$lang->set_permissions}</a>", array("class" => "align_center"));
| } else { $table->construct_cell("<a href=\"index.php?module=user-admin_permissions&action=edit&uid={$uid}\">{$lang->set_permissions}</a>", array("class" => "align_center"));
|
} $table->construct_row(); }
| } $table->construct_row(); }
|
Zeile 360 | Zeile 364 |
---|
{ $table->construct_cell($lang->no_group_perms, array("colspan" => "3")); $table->construct_row();
|
{ $table->construct_cell($lang->no_group_perms, array("colspan" => "3")); $table->construct_row();
|
}
$table->output($lang->group_permissions);
| }
$table->output($lang->group_permissions);
|
echo <<<LEGEND <br /> <fieldset>
| echo <<<LEGEND <br /> <fieldset>
|
Zeile 374 | Zeile 378 |
---|
$page->output_footer(); }
|
$page->output_footer(); }
|
|
|
if(!$mybb->input['action']) { $plugins->run_hooks("admin_user_admin_permissions_start");
| if(!$mybb->input['action']) { $plugins->run_hooks("admin_user_admin_permissions_start");
|
Zeile 397 | Zeile 401 |
---|
$usergroups[$usergroup['gid']] = $usergroup; }
|
$usergroups[$usergroup['gid']] = $usergroup; }
|
// Get users whose primary or secondary usergroup has ACP access $comma = $primary_group_list = $secondary_group_list = ''; foreach($usergroups as $gid => $group_info) { $primary_group_list .= $comma.$gid; switch($db->type) { case "pgsql": case "sqlite": $secondary_group_list .= " OR ','|| u.additionalgroups||',' LIKE '%,{$gid},%'"; break; default: $secondary_group_list .= " OR CONCAT(',', u.additionalgroups,',') LIKE '%,{$gid},%'"; }
$comma = ','; }
$group_list = implode(',', array_keys($usergroups)); $secondary_groups = ','.$group_list.',';
// Get usergroups with ACP access $query = $db->query(" SELECT g.title, g.cancp, a.permissions, g.gid FROM ".TABLE_PREFIX."usergroups g LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid = -g.gid) WHERE g.cancp = 1 ORDER BY g.title ASC "); while($group = $db->fetch_array($query)) { $group_permissions[$group['gid']] = $group['permissions']; }
$query = $db->query(" SELECT u.uid, u.username, u.lastactive, u.usergroup, u.additionalgroups, a.permissions FROM ".TABLE_PREFIX."users u LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid=u.uid) WHERE u.usergroup IN ({$primary_group_list}) {$secondary_group_list} ORDER BY u.username ASC "); while($admin = $db->fetch_array($query))
| if(!empty($usergroups))
|
{
|
{
|
if($admin['permissions'] != "")
| // Get users whose primary or secondary usergroup has ACP access $comma = $primary_group_list = $secondary_group_list = ''; foreach($usergroups as $gid => $group_info)
|
{
|
{
|
$perm_type = "user"; } else { $groups = explode(",", $admin['additionalgroups'].",".$admin['usergroup']); foreach($groups as $group) { if($group == "") continue; if($group_permissions[$group] != "") { $perm_type = "group";
| $primary_group_list .= $comma.$gid; switch($db->type) { case "pgsql": case "sqlite": $secondary_group_list .= " OR ','|| u.additionalgroups||',' LIKE '%,{$gid},%'";
|
break;
|
break;
|
} }
if(!$group_permissions) { $perm_type = "default";
| default: $secondary_group_list .= " OR CONCAT(',', u.additionalgroups,',') LIKE '%,{$gid},%'";
|
}
|
}
|
| $comma = ','; }
$group_list = implode(',', array_keys($usergroups)); $secondary_groups = ','.$group_list.',';
// Get usergroups with ACP access $query = $db->query(" SELECT g.title, g.cancp, a.permissions, g.gid FROM ".TABLE_PREFIX."usergroups g LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid = -g.gid) WHERE g.cancp = 1 ORDER BY g.title ASC "); while($group = $db->fetch_array($query)) { $group_permissions[$group['gid']] = $group['permissions'];
|
}
|
}
|
$usergroup_list = array();
// Build a list of group memberships that have access to the Admin CP // Primary usergroup? if($usergroups[$admin['usergroup']]['cancp'] == 1)
| $query = $db->query(" SELECT u.uid, u.username, u.lastactive, u.usergroup, u.additionalgroups, a.permissions FROM ".TABLE_PREFIX."users u LEFT JOIN ".TABLE_PREFIX."adminoptions a ON (a.uid=u.uid) WHERE u.usergroup IN ({$primary_group_list}) {$secondary_group_list} ORDER BY u.username ASC "); while($admin = $db->fetch_array($query))
|
{
|
{
|
$usergroup_list[] = "<i>".$usergroups[$admin['usergroup']]['title']."</i>"; }
// Secondary usergroups? $additional_groups = explode(',', $admin['additionalgroups']); if(is_array($additional_groups)) { foreach($additional_groups as $gid)
| if($admin['permissions'] != "") { $perm_type = "user"; } else { $groups = explode(",", $admin['additionalgroups'].",".$admin['usergroup']); foreach($groups as $group) { if($group == "") continue; if($group_permissions[$group] != "") { $perm_type = "group"; break; } }
if(!$group_permissions) { $perm_type = "default"; } }
$usergroup_list = array();
// Build a list of group memberships that have access to the Admin CP // Primary usergroup? if($usergroups[$admin['usergroup']]['cancp'] == 1) { $usergroup_list[] = "<i>".htmlspecialchars_uni($usergroups[$admin['usergroup']]['title'])."</i>"; }
// Secondary usergroups? $additional_groups = explode(',', $admin['additionalgroups']); if(is_array($additional_groups)) { foreach($additional_groups as $gid) { if($usergroups[$gid]['cancp'] == 1) { $usergroup_list[] = htmlspecialchars_uni($usergroups[$gid]['title']); } } } $usergroup_list = implode($lang->comma, $usergroup_list);
$username = htmlspecialchars_uni($admin['username']); $table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->perms_type_user}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}\" title=\"{$lang->edit_user}\">{$username}</a></strong><br /><small>{$usergroup_list}</small></div>");
$table->construct_cell(my_date('relative', $admin['lastactive']), array("class" => "align_center"));
$popup = new PopupMenu("adminperm_{$admin['uid']}", $lang->options); if(!is_super_admin($admin['uid']))
|
{
|
{
|
if($usergroups[$gid]['cancp'] == 1)
| if($admin['permissions'] != "")
|
{
|
{
|
$usergroup_list[] = $usergroups[$gid]['title'];
| $popup->add_item($lang->edit_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}"); $popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$admin['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->confirm_perms_deletion2}')"); } else { $popup->add_item($lang->set_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}");
|
} }
|
} }
|
| $popup->add_item($lang->view_log, "index.php?module=tools-adminlog&uid={$admin['uid']}"); $table->construct_cell($popup->fetch(), array("class" => "align_center")); $table->construct_row();
|
}
|
}
|
$usergroup_list = implode(", ", $usergroup_list);
$table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$perm_type}.png\" title=\"{$lang->perms_type_user}\" alt=\"{$perm_type}\" /></div><div><strong><a href=\"index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}\" title=\"{$lang->edit_user}\">{$admin['username']}</a></strong><br /><small>{$usergroup_list}</small></div>");
$table->construct_cell(my_date('relative', $admin['lastactive']), array("class" => "align_center"));
$popup = new PopupMenu("adminperm_{$admin['uid']}", $lang->options); if(!is_super_admin($admin['uid'])) { if($admin['permissions'] != "") { $popup->add_item($lang->edit_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}"); $popup->add_item($lang->revoke_permissions, "index.php?module=user-admin_permissions&action=delete&uid={$admin['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->confirm_perms_deletion2}')"); } else { $popup->add_item($lang->set_permissions, "index.php?module=user-admin_permissions&action=edit&uid={$admin['uid']}"); } } $popup->add_item($lang->view_log, "index.php?module=tools-adminlog&uid={$admin['uid']}"); $table->construct_cell($popup->fetch(), array("class" => "align_center")); $table->construct_row();
| |
}
|
}
|
if($table->num_rows() == 0)
| if(empty($usergroups) || $table->num_rows() == 0)
|
{ $table->construct_cell($lang->no_user_perms, array("colspan" => "3")); $table->construct_row();
| { $table->construct_cell($lang->no_user_perms, array("colspan" => "3")); $table->construct_row();
|