inc/modules/admin/what-list_admins_acls.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 06/30/2011 *
   4  * ===================                          Last change: 06/30/2011 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-list_admins_acls.php                        *
   8  * -------------------------------------------------------------------- *
   9  * Short description : List admin access control lines (ACLs)           *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Auflisten von Zugriffskontrollzeilen (ACLs)      *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * -------------------------------------------------------------------- *
  18  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  19  * Copyright (c) 2009 - 2011 by Mailer Developer Team                   *
  20  * For more information visit: http://www.mxchange.org                  *
  21  *                                                                      *
  22  * This program is free software; you can redistribute it and/or modify *
  23  * it under the terms of the GNU General Public License as published by *
  24  * the Free Software Foundation; either version 2 of the License, or    *
  25  * (at your option) any later version.                                  *
  26  *                                                                      *
  27  * This program is distributed in the hope that it will be useful,      *
  28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  30  * GNU General Public License for more details.                         *
  31  *                                                                      *
  32  * You should have received a copy of the GNU General Public License    *
  33  * along with this program; if not, write to the Free Software          *
  34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  35  * MA  02110-1301  USA                                                  *
  36  ************************************************************************/
  37
  38 // Some security stuff...
  39 if ((!defined('__SECURITY')) || (!isAdmin())) {
  40         die();
  41 } // END - if
  42
  43 // Add description as navigation point
  44 addYouAreHereLink('admin', __FILE__);
  45
  46 if ((isFormSent('edit')) && (ifPostContainsSelections())) {
  47         // Edit ACLs
  48         $OUT = '';
  49         foreach (postRequestParameter('sel') as $id => $selected) {
  50                 // Load data for the id
  51                 $result = SQL_QUERY_ESC("SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
  52                         array(bigintval($id)), __FILE__, __LINE__);
  53                 $content = SQL_FETCHARRAY($result);
  54
  55                 // Free result
  56                 SQL_FREERESULT($result);
  57
  58                 // Prepare data for the row template
  59                 $content = array(
  60                         'id'               => $content['id'],
  61                         'admins_selection' => generateOptionList('admins', 'id', 'login', $content['admin_id'], 'default_acl'),
  62                         'action_selection' => adminMenuSelectionBox_DEPRECATED('action', $content['action_menu'], $content['id']),
  63                         'what_selection'   => adminMenuSelectionBox_DEPRECATED('what', $content['what_menu'], $content['id']),
  64                         'mode_options'     => generateOptionList(
  65                                 '/ARRAY/',
  66                                 array('allow', 'deny'),
  67                                 array(
  68                                         '{--ADMIN_ADMINS_ACCESS_MODE_ALLOW--}',
  69                                         '{--ADMIN_ADMINS_ACCESS_MODE_DENY--}'
  70                                 ),
  71                                 $content['access_mode']
  72                         ),
  73                 );
  74
  75                 // Load row template
  76                 $OUT .= loadTemplate('admin_edit_admins_acls_row', true, $content);
  77         } // END - foreach
  78
  79         // Load main template
  80         loadTemplate('admin_edit_admins_acls', false, $OUT);
  81 } elseif ((isFormSent('change')) && (ifPostContainsSelections())) {
  82         // Change entries
  83         foreach (postRequestParameter('sel') as $id => $selected) {
  84                 // Secure id
  85                 $id = bigintval($id);
  86
  87                 // Update entries
  88                 SQL_QUERY_ESC("UPDATE
  89         `{?_MYSQL_PREFIX?}_admins_acls`
  90 SET
  91         `admin_id`=%s,
  92         `action_menu`='%s',
  93         `what_menu`='%s',
  94         `access_mode`='%s'
  95 WHERE
  96         `id`=%s
  97 LIMIT 1",
  98                         array(
  99                                 postRequestParameter('admin', $id),
 100                                 postRequestParameter('action_menu', $id),
 101                                 postRequestParameter('what_menu', $id),
 102                                 postRequestParameter('mode', $id),
 103                                 $id
 104                         ),__FILE__, __LINE__);
 105         } // END - foreach
 106
 107         // Update cache when installed
 108         // @TODO Rewrite this to a filter
 109         if (isExtensionActive('cache')) {
 110                 if ($GLOBALS['cache_instance']->loadCacheFile('admin_acls')) $GLOBALS['cache_instance']->removeCacheFile();
 111         } // END - if
 112
 113         // Entries changed
 114         displayMessage('{--ADMIN_ADMINS_ENTRIES_CHANGED--}');
 115 } elseif ((isFormSent('delete')) && (ifPostContainsSelections())) {
 116         // Delete ACLs
 117         $OUT = '';
 118         foreach (postRequestParameter('sel') as $id => $selected) {
 119                 // Load data for the id
 120                 $result = SQL_QUERY_ESC("SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
 121                         array(bigintval($id)), __FILE__, __LINE__);
 122                 $content = SQL_FETCHARRAY($result);
 123                 SQL_FREERESULT($result);
 124
 125                 // Get admin mode
 126                 $content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
 127
 128                 // Load row template and switch colors
 129                 $OUT .= loadTemplate('admin_delete_admins_acls_row', true, $content);
 130         } // END - foreach
 131
 132         // Load main template
 133         loadTemplate('admin_delete_admins_acls', false, $OUT);
 134 } elseif ((isFormSent('remove')) && (ifPostContainsSelections())) {
 135         // Remove entries
 136         // @TODO Rewrite this to filter 'run_sqls'
 137         foreach (postRequestParameter('sel') as $id => $selected) {
 138                 SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
 139                         array(bigintval($id)),__FILE__, __LINE__);
 140         } // END - foreach
 141
 142         // Update cache when installed
 143         if (isExtensionActive('cache')) {
 144                 if ($GLOBALS['cache_instance']->loadCacheFile('admin_acls')) $GLOBALS['cache_instance']->removeCacheFile();
 145         } // END - if
 146
 147         // Entries deleted
 148         displayMessage('{--ADMIN_ADMINS_ENTRIES_DELETED--}');
 149 } elseif (isFormSent('add')) {
 150         // Check if everything is fine...
 151         $mode = getAdminDefaultAcl(bigintval(postRequestParameter('admin_id')));
 152
 153         // Default ACL is false
 154         $ACL = false;
 155         if (isPostRequestParameterSet('what_menu')) {
 156                 // Check parent ACL
 157                 $ACL = adminsCheckAdminAcl(getActionFromModuleWhat('admin', postRequestParameter('what_menu')), '');
 158         } // END - if
 159
 160         if (($mode != postRequestParameter('mode')) || (($ACL === true) && (postRequestParameter('mode') == 'deny'))) {
 161                 // Mode is fine
 162                 $BOTH = ((isPostRequestParameterSet('action_menu')) && (isPostRequestParameterSet('what_menu')) && (postRequestParameter('action_menu') != '') && (postRequestParameter('what_menu') != ''));
 163
 164                 // Check if one has been selected
 165                 if ((((isPostRequestParameterSet('action_menu')) && (postRequestParameter('action_menu') != '')) || ((isPostRequestParameterSet('what_menu')) && (postRequestParameter('what_menu') != ''))) && ($BOTH === false)) {
 166                         // Main or sub menu selected
 167                         $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `admin_id`=%s AND `action_menu`='%s' AND `what_menu`='%s' LIMIT 1",
 168                                 array(
 169                                         bigintval(postRequestParameter('admin_id')),
 170                                         postRequestParameter('action_menu'),
 171                                         postRequestParameter('what_menu')
 172                                 ), __FILE__, __LINE__);
 173                         if (SQL_HASZERONUMS($result)) {
 174                                 // Finally add the new ACL
 175                                 SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins_acls` (`admin_id`, `action_menu`, `what_menu`, `access_mode`)
 176 VALUES ('%s','%s','%s','%s')",
 177                                 array(
 178                                         bigintval(postRequestParameter('admin_id')),
 179                                         postRequestParameter('action_menu'),
 180                                         postRequestParameter('what_menu'),
 181                                         postRequestParameter('mode')
 182                                 ), __FILE__, __LINE__);
 183                                 $content = '{--ADMIN_ADMINS_ACL_SAVED--}';
 184
 185                                 // Update cache when installed
 186                                 if (isExtensionActive('cache')) {
 187                                         if ($GLOBALS['cache_instance']->loadCacheFile('admin_acls')) $GLOBALS['cache_instance']->removeCacheFile();
 188                                 } // END - if
 189                         } else {
 190                                 // ACL does already exist!
 191                                 $content = '{--ADMIN_ADMINS_ACL_ALREADY_ADDED--}';
 192                         }
 193
 194                         // Free memory
 195                         SQL_FREERESULT($result);
 196                 } else {
 197                         // No menu selected makes also no sence...
 198                         $content = '{--ADMIN_ADMINS_SELECT_ACTION_WHAT--}';
 199                 }
 200         } else {
 201                 // Same mode makes no sence...
 202                 $content = '{--ADMIN_ADMINS_SAME_MODE_SELECTED--}';
 203         }
 204
 205         // Display message
 206         displayMessage($content);
 207 } else {
 208         // List all ACLs
 209         $result = SQL_QUERY('SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` ORDER BY `admin_id` ASC, `id` ASC', __FILE__, __LINE__);
 210
 211         // Entries found?
 212         if (!SQL_HASZERONUMS($result)) {
 213                 // List ACLs
 214                 $OUT = '';
 215                 while ($content = SQL_FETCHARRAY($result)) {
 216                         // Generate mode string
 217                         $content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
 218
 219                         // Load row template and switch colors
 220                         $OUT .= loadTemplate('admin_list_admins_acls_row', true, $content);
 221                 } // END - while
 222
 223                 // Free memory
 224                 SQL_FREERESULT($result);
 225
 226                 // Load main template
 227                 loadTemplate('admin_list_admins_acls', false, $OUT);
 228         } // END - if
 229
 230         // Prepare some constants for the template
 231         $content['admins_selection'] = generateOptionList('admins', 'id', 'login', '', 'default_acl');
 232         $content['action_selection'] = adminMenuSelectionBox_DEPRECATED('action');
 233         $content['what_selection']   = adminMenuSelectionBox_DEPRECATED('what');
 234         $content['mode_options']     = generateOptionList(
 235                 '/ARRAY/',
 236                 array('allow', 'deny'),
 237                 array(
 238                         '{--ADMIN_ADMINS_ACCESS_MODE_ALLOW--}',
 239                         '{--ADMIN_ADMINS_ACCESS_MODE_DENY--}'
 240                 )
 241         );
 242
 243         // Load template for adding new ACL
 244         loadTemplate('admin_add_admins_acl', false, $content);
 245 }
 246
 247 // [EOF]
 248 ?>