inc/modules/admin/what-list_admins_acls.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 06/30/2011 *
   4  * ===================                          Last change: 06/30/2011 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-list_admins_acls.php                        *
   8  * -------------------------------------------------------------------- *
   9  * Short description : List admin access control lines (ACLs)           *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Auflisten von Zugriffskontrollzeilen (ACLs)      *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * -------------------------------------------------------------------- *
  18  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  19  * Copyright (c) 2009 - 2016 by Mailer Developer Team                   *
  20  * For more information visit: http://mxchange.org                      *
  21  *                                                                      *
  22  * This program is free software; you can redistribute it and/or modify *
  23  * it under the terms of the GNU General Public License as published by *
  24  * the Free Software Foundation; either version 2 of the License, or    *
  25  * (at your option) any later version.                                  *
  26  *                                                                      *
  27  * This program is distributed in the hope that it will be useful,      *
  28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  30  * GNU General Public License for more details.                         *
  31  *                                                                      *
  32  * You should have received a copy of the GNU General Public License    *
  33  * along with this program; if not, write to the Free Software          *
  34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  35  * MA  02110-1301  USA                                                  *
  36  ************************************************************************/
  37
  38 // Some security stuff...
  39 if ((!defined('__SECURITY')) || (!isAdmin())) {
  40         die();
  41 } // END - if
  42
  43 // Add description as navigation point
  44 addYouAreHereLink('admin', __FILE__);
  45
  46 if ((isFormSent('edit')) && (ifPostContainsSelections())) {
  47         // Edit ACLs
  48         $OUT = '';
  49         foreach (postRequestElement('sel') as $id => $selected) {
  50                 // Load data for the id
  51                 $result = sqlQueryEscaped("SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
  52                         array(bigintval($id)), __FILE__, __LINE__);
  53
  54                 // Load all data
  55                 $content = sqlFetchArray($result);
  56
  57                 // Free result
  58                 sqlFreeResult($result);
  59
  60                 // Prepare data for the row template
  61                 $content = array(
  62                         'id'               => $content['id'],
  63                         'admins_selection' => generateOptions('admins', 'id', 'login', $content['admin_id'], 'default_acl'),
  64                         'action_selection' => adminMenuSelectionBox_DEPRECATED('action', $content['action_menu'], $content['id']),
  65                         'what_selection'   => adminMenuSelectionBox_DEPRECATED('what', $content['what_menu'], $content['id']),
  66                 );
  67
  68                 // Load row template
  69                 $OUT .= loadTemplate('admin_edit_admins_acls_row', TRUE, $content);
  70         } // END - foreach
  71
  72         // Load main template
  73         loadTemplate('admin_edit_admins_acls', FALSE, $OUT);
  74 } elseif ((isFormSent('do_edit')) && (ifPostContainsSelections())) {
  75         // Change entries
  76         foreach (postRequestElement('sel') as $id => $selected) {
  77                 // Secure id
  78                 $id = bigintval($id);
  79
  80                 // Update entries
  81                 sqlQueryEscaped("UPDATE
  82         `{?_MYSQL_PREFIX?}_admins_acls`
  83 SET
  84         `admin_id`=%s,
  85         `action_menu`='%s',
  86         `what_menu`='%s',
  87         `access_mode`='%s'
  88 WHERE
  89         `id`=%s
  90 LIMIT 1",
  91                         array(
  92                                 postRequestElement('admin', $id),
  93                                 postRequestElement('action_menu', $id),
  94                                 postRequestElement('what_menu', $id),
  95                                 postRequestElement('access_mode', $id),
  96                                 $id
  97                         ),__FILE__, __LINE__);
  98         } // END - foreach
  99
 100         // Update cache when installed
 101         rebuildCache('admin_acls', 'admin_acls');
 102
 103         // Entries changed
 104         displayMessage('{--ADMIN_ADMINS_ENTRIES_CHANGED--}');
 105 } elseif ((isFormSent('delete')) && (ifPostContainsSelections())) {
 106         // Delete ACLs
 107         $OUT = '';
 108         foreach (postRequestElement('sel') as $id => $selected) {
 109                 // Load data for the id
 110                 $result = sqlQueryEscaped("SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
 111                         array(bigintval($id)), __FILE__, __LINE__);
 112                 $content = sqlFetchArray($result);
 113                 sqlFreeResult($result);
 114
 115                 // Get admin mode
 116                 $content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
 117
 118                 // Load row template and switch colors
 119                 $OUT .= loadTemplate('admin_delete_admins_acls_row', TRUE, $content);
 120         } // END - foreach
 121
 122         // Load main template
 123         loadTemplate('admin_delete_admins_acls', FALSE, $OUT);
 124 } elseif ((isFormSent('do_delete')) && (ifPostContainsSelections())) {
 125         // Remove entries
 126         // @TODO Rewrite this to filter 'run_sqls'
 127         foreach (postRequestElement('sel') as $id => $selected) {
 128                 sqlQueryEscaped("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
 129                         array(bigintval($id)),__FILE__, __LINE__);
 130         } // END - foreach
 131
 132         // Update cache when installed
 133         rebuildCache('admin_acls', 'admin_acls');
 134
 135         // Entries deleted
 136         displayMessage('{--ADMIN_ADMINS_ENTRIES_DELETED--}');
 137 } elseif (isFormSent('add')) {
 138         // Check if everything is fine...
 139         $mode = getAdminDefaultAcl(bigintval(postRequestElement('admin_id')));
 140
 141         // Default ACL is false
 142         $ACL = FALSE;
 143         if (isPostRequestElementSet('what_menu')) {
 144                 // Check parent ACL
 145                 $ACL = isAdminsAllowedByAcl(getActionFromModuleWhat('admin', postRequestElement('what_menu')), '');
 146         } // END - if
 147
 148         if (($mode != postRequestElement('do')) || (($ACL === TRUE) && (postRequestElement('do') == 'deny'))) {
 149                 // Mode is fine
 150                 $BOTH = ((isPostRequestElementSet('action_menu')) && (isPostRequestElementSet('what_menu')) && (postRequestElement('action_menu') != '') && (postRequestElement('what_menu') != ''));
 151
 152                 // Check if one has been selected
 153                 if ((((isPostRequestElementSet('action_menu')) && (postRequestElement('action_menu') != '')) || ((isPostRequestElementSet('what_menu')) && (postRequestElement('what_menu') != ''))) && ($BOTH === FALSE)) {
 154                         // Main or sub menu selected
 155                         $result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `admin_id`=%s AND `action_menu`='%s' AND `what_menu`='%s' LIMIT 1",
 156                                 array(
 157                                         bigintval(postRequestElement('admin_id')),
 158                                         postRequestElement('action_menu'),
 159                                         postRequestElement('what_menu')
 160                                 ), __FILE__, __LINE__);
 161                         if (ifSqlHasZeroNumRows($result)) {
 162                                 // Finally add the new ACL
 163                                 sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_admins_acls` (
 164         `admin_id`,
 165         `action_menu`,
 166         `what_menu`,
 167         `access_mode`
 168 ) VALUES (
 169         %s,
 170         '%s',
 171         '%s',
 172         '%s'
 173 )",
 174                                 array(
 175                                         bigintval(postRequestElement('admin_id')),
 176                                         postRequestElement('action_menu'),
 177                                         postRequestElement('what_menu'),
 178                                         postRequestElement('do')
 179                                 ), __FILE__, __LINE__);
 180                                 $content = '{--ADMIN_ADMINS_ACL_SAVED--}';
 181
 182                                 // Update cache when installed
 183                                 rebuildCache('admin_acls', 'admin_acls');
 184                         } else {
 185                                 // ACL does already exist!
 186                                 $content = '{--ADMIN_ADMINS_ACL_ALREADY_ADDED--}';
 187                         }
 188
 189                         // Free memory
 190                         sqlFreeResult($result);
 191                 } else {
 192                         // No menu selected makes also no sence...
 193                         $content = '{--ADMIN_ADMINS_SELECT_ACTION_WHAT--}';
 194                 }
 195         } else {
 196                 // Same mode makes no sence...
 197                 $content = '{--ADMIN_ADMINS_SAME_MODE_SELECTED--}';
 198         }
 199
 200         // Display message
 201         displayMessage($content);
 202 } else {
 203         // List all ACLs
 204         $result = sqlQuery('SELECT
 205         `id`,
 206         `admin_id`,
 207         `action_menu`,
 208         `what_menu`,
 209         `access_mode`
 210 FROM
 211         `{?_MYSQL_PREFIX?}_admins_acls`
 212 ORDER BY
 213         `admin_id` ASC,
 214         `id` ASC', __FILE__, __LINE__);
 215
 216         // Entries found?
 217         if (!ifSqlHasZeroNumRows($result)) {
 218                 // List ACLs
 219                 $OUT = '';
 220                 while ($content = sqlFetchArray($result)) {
 221                         // Generate mode string
 222                         $content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
 223
 224                         // Load row template and switch colors
 225                         $OUT .= loadTemplate('admin_list_admins_acls_row', TRUE, $content);
 226                 } // END - while
 227
 228                 // Free memory
 229                 sqlFreeResult($result);
 230
 231                 // Load main template
 232                 loadTemplate('admin_list_admins_acls', FALSE, $OUT);
 233         } // END - if
 234
 235         // Prepare some constants for the template
 236         $content['admins_selection'] = generateOptions('admins', 'id', 'login', '', 'default_acl');
 237         $content['action_selection'] = adminMenuSelectionBox_DEPRECATED('action');
 238         $content['what_selection']   = adminMenuSelectionBox_DEPRECATED('what');
 239
 240         // Load template for adding new ACL
 241         loadTemplate('admin_add_admins_acl', FALSE, $content);
 242 }
 243
 244 // [EOF]
 245 ?>