| [ Index ] |
|
Code source de b2evolution 2.1.0-beta |
1 <?php 2 /** 3 * This file implements the UI view (+more :/) for the blogs permission management. 4 * 5 * b2evolution - {@link http://b2evolution.net/} 6 * Released under GNU GPL License - {@link http://b2evolution.net/about/license.html} 7 * @copyright (c)2003-2007 by Francois PLANQUE - {@link http://fplanque.net/} 8 * 9 * @package admin 10 * 11 * @todo move user rights queries to object (fplanque) 12 * 13 * @version $Id: _coll_user_perm.form.php,v 1.1 2007/06/25 10:59:38 fplanque Exp $ 14 */ 15 if( !defined('EVO_MAIN_INIT') ) die( 'Please, do not access this page directly.' ); 16 17 /** 18 * @var Blog 19 */ 20 global $edited_Blog; 21 /** 22 * @var User 23 */ 24 global $current_User; 25 26 global $debug; 27 global $UserSettings; 28 global $rsc_url, $htsrv_url; 29 30 global $Blog, $permission_to_change_admin; 31 32 $permission_to_change_admin = $current_User->check_perm( 'blog_admin', 'edit', false, $Blog->ID ); 33 34 $layout = $UserSettings->param_Request( 'layout', 'blogperms_layout', 'string', 'default' ); // table layout mode 35 36 $layout = $UserSettings->param_Request( 'layout', 'blogperms_layout', 'string', $debug ? 'all' : 'default' ); // table layout mode 37 38 39 // Javascript: 40 echo ' 41 <script type="text/javascript">var htsrv_url = "'.$htsrv_url.'";</script> 42 <script type="text/javascript" src="'.$rsc_url.'js/collectionperms.js"></script>'; 43 44 $Form = & new Form( NULL, 'blogperm_checkchanges', 'post', 'fieldset' ); 45 46 $Form->begin_form( 'fform' ); 47 48 $Form->hidden_ctrl(); 49 $Form->hidden( 'tab', 'perm' ); 50 $Form->hidden( 'blog', $edited_Blog->ID ); 51 $Form->hidden( 'layout', $layout ); 52 53 $Form->begin_fieldset( T_('User permissions') ); 54 55 56 /* 57 * Query user list: 58 */ 59 if( get_param('action') == 'filter2' ) 60 { 61 $keywords = param( 'keywords2', 'string', '', true ); 62 set_param( 'keywords1', $keywords ); 63 } 64 else 65 { 66 $keywords = param( 'keywords1', 'string', '', true ); 67 set_param( 'keywords2', $keywords ); 68 } 69 70 $where_clause = ''; 71 72 if( !empty( $keywords ) ) 73 { 74 $kw_array = split( ' ', $keywords ); 75 foreach( $kw_array as $kw ) 76 { 77 $where_clause .= 'CONCAT( user_login, \' \', user_firstname, \' \', user_lastname, \' \', user_nickname, \' \', user_email) LIKE "%'.$DB->escape($kw).'%" AND '; 78 } 79 } 80 81 $sql = 'SELECT user_ID, user_login, user_level, bloguser_perm_poststatuses, bloguser_perm_edit, bloguser_ismember, 82 bloguser_perm_comments, bloguser_perm_delpost, bloguser_perm_cats, 83 bloguser_perm_properties, bloguser_perm_admin, bloguser_perm_media_upload, 84 bloguser_perm_media_browse, bloguser_perm_media_change 85 FROM T_users LEFT JOIN T_coll_user_perms ON ( 86 user_ID = bloguser_user_ID 87 AND bloguser_blog_ID = '.$edited_Blog->ID.' ) 88 WHERE '.$where_clause.' 1 89 ORDER BY bloguser_ismember DESC, *, user_login, user_ID'; 90 91 92 93 // Display layout selector: 94 // TODO: cancel event in switch layout (or it will trigger bozo validator) 95 echo '<div style="float:right">'; 96 echo T_('Layout').': '; 97 echo '[<a href="?ctrl=coll_settings&action=edit&tab=perm&blog='.$edited_Blog->ID.'&layout=default" 98 onclick="blogperms_switch_layout(\'default\'); return false;">'.T_('Simple').'</a>] '; 99 100 echo '[<a href="?ctrl=coll_settings&action=edit&tab=perm&blog='.$edited_Blog->ID.'&layout=wide" 101 onclick="blogperms_switch_layout(\'wide\'); return false;">'.T_('Advanced').'</a>] '; 102 103 if( $debug ) 104 { // Debug mode = both modes are displayed: 105 echo '[<a href="?ctrl=coll_settings&action=edit&tab=perm&blog='.$edited_Blog->ID.'&layout=all" 106 onclick="blogperms_switch_layout(\'all\'); return false;">Debug</a>] '; 107 } 108 echo '</div>'; 109 // Display wide layout: 110 ?> 111 112 <div id="userlist_wide" class="clear" style="<?php 113 echo 'display:'.( ($layout == 'wide' || $layout == 'all' ) ? 'block' : 'none' ) ?>"> 114 115 <?php 116 117 118 $Results = & new Results( $sql, 'colluser_' ); 119 120 // Tell the Results class that we already have a form for this page: 121 $Results->Form = & $Form; 122 123 124 $Results->title = T_('User permissions'); 125 126 127 128 /** 129 * Callback to add filters on top of the result set 130 * 131 * @param Form 132 */ 133 function filter_colluserlist( & $Form ) 134 { 135 static $count = 0; 136 137 $count++; 138 $Form->switch_layout( 'blockspan' ); 139 // TODO: javascript update other input fields (for other layouts): 140 $Form->text( 'keywords'.$count, get_param('keywords'.$count), 20, T_('Keywords'), T_('Separate with space'), 50 ); 141 $Form->switch_layout( NULL ); // Restor previously saved 142 } 143 $Results->filter_area = array( 144 'submit' => 'actionArray[filter1]', 145 'callback' => 'filter_colluserlist', 146 'url_ignore' => 'results_colluser_page,keywords1,keywords2', 147 'presets' => array( 148 'all' => array( T_('All users'), regenerate_url( 'action,results_colluser_page,keywords1,keywords2', 'action=edit' ) ), 149 ) 150 ); 151 152 153 154 /* 155 * Grouping params: 156 */ 157 $Results->group_by = 'bloguser_ismember'; 158 $Results->ID_col = 'user_ID'; 159 160 161 /* 162 * Group columns: 163 */ 164 $Results->grp_cols[] = array( 165 'td_colspan' => 0, // nb_cols 166 'td' => '¤conditional( #bloguser_ismember#, \''.TS_('Members').'\', \''.TS_('Non members').'\' )¤', 167 ); 168 169 170 /* 171 * Colmun definitions: 172 */ 173 $Results->cols[] = array( 174 'th' => T_('Login'), 175 'order' => 'user_login', 176 'td' => '<a href="?ctrl=users&user_ID=$user_ID$">$user_login$</a>', 177 ); 178 179 $Results->cols[] = array( 180 'th' => /* TRANS: User Level */ T_('L'), 181 'order' => 'user_level', 182 'td' => '$user_level$', 183 'td_class' => 'center', 184 ); 185 186 187 function coll_perm_checkbox( $row, $perm, $title, $id = NULL ) 188 { 189 global $permission_to_change_admin; 190 191 $r = '<input type="checkbox"'; 192 if( !empty($id) ) 193 { 194 $r .= ' id="'.$id.'"'; 195 } 196 $r .= ' name="blog_'.$perm.'_'.$row->user_ID.'"'; 197 if( !empty( $row->{'bloguser_'.$perm} ) ) 198 { 199 $r .= ' checked="checked"'; 200 } 201 if( ! $permission_to_change_admin 202 && ($row->bloguser_perm_admin || $perm == 'perm_admin' ) ) 203 { // No permission to touch nOR create admins 204 $r .= ' disabled="disabled"'; 205 } 206 $r .= ' onclick="merge_from_wide( this, '.$row->user_ID.' );" class="checkbox" 207 value="1" title="'.$title.'" />'; 208 return $r; 209 } 210 211 function coll_perm_status_checkbox( $row, $perm_status, $title ) 212 { 213 global $permission_to_change_admin; 214 215 if( ! isset( $row->statuses_array ) ) 216 { // NOTE: we are writing directly into the DB result array here, it's a little harsh :/ 217 // TODO: make all these perms booleans in the DB: 218 $row->statuses_array = isset($row->bloguser_perm_poststatuses) 219 ? explode( ',', $row->bloguser_perm_poststatuses ) 220 : array(); 221 } 222 223 // pre_dump($row->statuses_array); 224 225 $r = '<input type="checkbox"'; 226 if( !empty($id) ) 227 { 228 $r .= ' id="'.$id.'"'; 229 } 230 $r .= ' name="blog_perm_'.$perm_status.'_'.$row->user_ID.'"'; 231 if( in_array($perm_status, $row->statuses_array) ) 232 { 233 $r .= ' checked="checked"'; 234 } 235 if( ! $permission_to_change_admin && $row->bloguser_perm_admin ) 236 { 237 $r .= ' disabled="disabled"'; 238 } 239 $r .= ' onclick="merge_from_wide( this, '.$row->user_ID.' );" class="checkbox" 240 value="1" title="'.$title.'" />'; 241 return $r; 242 } 243 244 $Results->cols[] = array( 245 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Is<br />member'), 246 'th_class' => 'checkright', 247 'td' => '%coll_perm_checkbox( {row}, \'ismember\', \''.TS_('Permission to read protected posts').'\', \'checkallspan_state_$user_ID$\' )%', 248 'td_class' => 'center', 249 ); 250 251 $Results->cols[] = array( 252 'th_group' => /* TRANS: SHORT table header on TWO lines */ T_('Can post/edit with following statuses:'), 253 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Publ'), 254 'th_class' => 'checkright', 255 'td' => '%coll_perm_status_checkbox( {row}, \'published\', \''.TS_('Permission to read protected posts').'\' )%', 256 'td_class' => 'center', 257 ); 258 $Results->cols[] = array( 259 'th_group' => /* TRANS: SHORT table header on TWO lines */ T_('Can post/edit with following statuses:'), 260 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Prot'), 261 'th_class' => 'checkright', 262 'td' => '%coll_perm_status_checkbox( {row}, \'protected\', \''.TS_('Permission to post into this blog with protected status').'\' )%', 263 'td_class' => 'center', 264 ); 265 $Results->cols[] = array( 266 'th_group' => /* TRANS: SHORT table header on TWO lines */ T_('Can post/edit with following statuses:'), 267 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Priv'), 268 'th_class' => 'checkright', 269 'td' => '%coll_perm_status_checkbox( {row}, \'private\', \''.TS_('Permission to post into this blog with private status').'\' )%', 270 'td_class' => 'center', 271 ); 272 $Results->cols[] = array( 273 'th_group' => /* TRANS: SHORT table header on TWO lines */ T_('Can post/edit with following statuses:'), 274 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Drft'), 275 'th_class' => 'checkright', 276 'td' => '%coll_perm_status_checkbox( {row}, \'draft\', \''.TS_('Permission to post into this blog with draft status').'\' )%', 277 'td_class' => 'center', 278 ); 279 $Results->cols[] = array( 280 'th_group' => /* TRANS: SHORT table header on TWO lines */ T_('Can post/edit with following statuses:'), 281 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Depr'), 282 'th_class' => 'checkright', 283 'td' => '%coll_perm_status_checkbox( {row}, \'deprecated\', \''.TS_('Permission to post into this blog with deprecated status').'\' )%', 284 'td_class' => 'center', 285 ); 286 287 $Results->cols[] = array( 288 'th_group' => /* TRANS: SHORT table header on TWO lines */ T_('Can post/edit with following statuses:'), 289 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Redr'), 290 'th_class' => 'checkright', 291 'td' => '%coll_perm_status_checkbox( {row}, \'redirected\', \''.TS_('Permission to post into this blog with redirected status').'\' )%', 292 'td_class' => 'center', 293 ); 294 295 function coll_perm_edit( $row ) 296 { 297 global $permission_to_change_admin; 298 299 $r = '<select id="blog_perm_edit_'.$row->user_ID.'" name="blog_perm_edit_'.$row->user_ID.'" 300 onclick="merge_from_wide( this, '.$row->user_ID.' );"'; 301 if( ! $permission_to_change_admin && $row->bloguser_perm_admin ) 302 { 303 $r .= ' disabled="disabled"'; 304 } 305 $r .= ' >'; 306 $r .= '<option value="no" '.( $row->bloguser_perm_edit == 'no' ? 'selected="selected"' : '' ).'>No editing</option>'; 307 $r .= '<option value="own" '.( $row->bloguser_perm_edit == 'own' ? 'selected="selected"' : '' ).'>Own posts</option>'; 308 $r .= '<option value="lt" '.( $row->bloguser_perm_edit == 'lt' ? 'selected="selected"' : '' ).'>< own level</option>'; 309 $r .= '<option value="le" '.( $row->bloguser_perm_edit == 'le' ? 'selected="selected"' : '' ).'>≤ own level</option>'; 310 $r .= '<option value="all" '.( $row->bloguser_perm_edit == 'all' ? 'selected="selected"' : '' ).'>All posts</option>'; 311 $r .= '</select>'; 312 return $r; 313 } 314 $Results->cols[] = array( 315 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Edit posts<br />/user level'), 316 'th_class' => 'checkright', 317 'default_dir' => 'D', 318 'td' => '%coll_perm_edit( {row} )%', 319 'td_class' => 'center', 320 ); 321 322 $Results->cols[] = array( 323 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Delete<br />posts'), 324 'th_class' => 'checkright', 325 'order' => 'bloguser_perm_delpost', 326 'default_dir' => 'D', 327 'td' => '%coll_perm_checkbox( {row}, \'perm_delpost\', \''.TS_('Permission to delete posts in this blog').'\' )%', 328 'td_class' => 'center', 329 ); 330 331 $Results->cols[] = array( 332 'th' => /* TRANS: SHORT table header on TWO lines */ T_('Edit<br />comts'), 333 'th_class' => 'checkright', 334 'order' => 'bloguser_perm_comments', 335 'default_dir' => 'D', 336 'td' => '%coll_perm_checkbox( {row}, \'perm_comments\', \''.TS_('Permission to edit comments in this blog').'\' )%', 337 'td_class' => 'center', 338 ); 339 340 $Results->cols[] = array( 341 'th_group' => T_('Edit blog settings'), 342 'th' => T_('Cats'), 343 'th_class' => 'checkright', 344 'order' => 'bloguser_perm_cats', 345 'default_dir' => 'D', 346 'td' => '%coll_perm_checkbox( {row}, \'perm_cats\', \''.TS_('Permission to edit categories for this blog').'\' )%', 347 'td_class' => 'center', 348 ); 349 350 $Results->cols[] = array( 351 'th_group' => T_('Edit blog settings'), 352 'th' => /* TRANS: Short for blog features */ T_('Feat.'), 353 'th_class' => 'checkright', 354 'order' => 'bloguser_perm_properties', 355 'default_dir' => 'D', 356 'td' => '%coll_perm_checkbox( {row}, \'perm_properties\', \''.TS_('Permission to edit blog features').'\' )%', 357 'td_class' => 'center', 358 ); 359 360 $Results->cols[] = array( 361 'th_group' => T_('Edit blog settings'), 362 'th' => /* TRANS: Short for advanced */ T_('Adv.'), 363 'th_class' => 'checkright', 364 'order' => 'bloguser_perm_admin', 365 'default_dir' => 'D', 366 'td' => '%coll_perm_checkbox( {row}, \'perm_admin\', \''.TS_('Permission to edit advanced/administrative blog properties').'\' )%', 367 'td_class' => 'center', 368 ); 369 370 // Media Directory: 371 $Results->cols[] = array( 372 'th_group' => T_('Media directory'), 373 'th' => T_('Upload'), 374 'th_class' => 'checkright', 375 'order' => 'bloguser_perm_media_upload', 376 'default_dir' => 'D', 377 'td' => '%coll_perm_checkbox( {row}, \'perm_media_upload\', \''.TS_('Permission to upload into blog\'s media folder').'\' )%', 378 'td_class' => 'center', 379 ); 380 $Results->cols[] = array( 381 'th_group' => T_('Media directory'), 382 'th' => T_('Read'), 383 'th_class' => 'checkright', 384 'order' => 'bloguser_perm_media_browse', 385 'default_dir' => 'D', 386 'td' => '%coll_perm_checkbox( {row}, \'perm_media_browse\', \''.TS_('Permission to browse blog\'s media folder').'\' )%', 387 'td_class' => 'center', 388 ); 389 $Results->cols[] = array( 390 'th_group' => /* TRANS: SHORT table header on TWO lines */ T_('Media directory'), 391 'th' => T_('Write'), 392 'th_class' => 'checkright', 393 'order' => 'bloguser_perm_media_change', 394 'default_dir' => 'D', 395 'td' => '%coll_perm_checkbox( {row}, \'perm_media_change\', \''.TS_('Permission to change the blog\'s media folder content').'\' )%', 396 'td_class' => 'center', 397 ); 398 399 function perm_check_all( $row ) 400 { 401 global $permission_to_change_admin; 402 403 if( ! $permission_to_change_admin && $row->bloguser_perm_admin ) 404 { 405 return ' '; 406 } 407 408 return '<a href="javascript:toggleall_wide(document.getElementById(\'blogperm_checkchanges\'), '.$row->user_ID.' );merge_from_wide( document.getElementById(\'blogperm_checkchanges\'), '.$row->user_ID.' ); setcheckallspan('.$row->user_ID.');" title="'.TS_('(un)selects all checkboxes using Javascript').'"> 409 <span id="checkallspan_'.$row->user_ID.'">'.TS_('(un)check all').'</span> 410 </a>'; 411 } 412 $Results->cols[] = array( 413 'th' => ' ', 414 'td' => '%perm_check_all( {row} )%', 415 'td_class' => 'center', 416 ); 417 418 419 420 // Display WIDE: 421 $Results->display(); 422 423 echo '</div>'; 424 425 426 // Display simple layout: 427 ?> 428 <div id="userlist_default" class="clear" style="<?php 429 echo 'display:'.( ($layout == 'default' || $layout == 'all' ) ? 'block' : 'none' ) ?>"> 430 431 <?php 432 433 434 // Change filter definitions for simple layout: 435 436 $Results->filter_area = array( 437 'submit' => 'actionArray[filter2]', 438 'callback' => 'filter_colluserlist', 439 'url_ignore' => 'action,results_colluser_page,keywords1,keywords2', 440 'presets' => array( 441 'all' => array( T_('All users'), regenerate_url( 'action,results_colluser_page,keywords1,keywords2', 'action=edit' ) ), 442 ) 443 ); 444 445 446 // Change column definitions for simple layout: 447 448 $Results->cols = array(); // RESET! 449 450 $Results->cols[] = array( 451 'th' => T_('Login'), 452 'order' => 'user_login', 453 'td' => '<a href="?ctrl=users&user_ID=$user_ID$">$user_login$</a>', 454 ); 455 456 457 function simple_coll_perm_radios( $row ) 458 { 459 global $permission_to_change_admin; 460 461 $r = ''; 462 $user_easy_group = blogperms_get_easy2( $row ); 463 foreach( array( 464 array( 'nomember', T_('Not Member') ), 465 array( 'member', T_('Member') ), 466 array( 'contrib', T_('Contributor') ), 467 array( 'editor', T_('Publisher') ), 468 array( 'moderator', T_('Moderator') ), 469 array( 'owner', T_('Owner') ), 470 array( 'admin', T_('Admin') ), 471 array( 'custom', T_('Custom') ) 472 ) as $lkey => $easy_group ) 473 { 474 $r .= '<input type="radio" id="blog_perm_easy_'.$row->user_ID.'_'.$lkey.'" name="blog_perm_easy_'.$row->user_ID.'" value="'.$easy_group[0].'"'; 475 if( $easy_group[0] == $user_easy_group ) 476 { 477 $r .= ' checked="checked"'; 478 } 479 if( ! $permission_to_change_admin 480 && ( $row->bloguser_perm_admin || $easy_group[0] == 'admin' ) ) 481 { // No permission to touch nOR create admins 482 $r .= ' disabled="disabled"'; 483 } 484 $r .= ' onclick="merge_from_easy( this, '.$row->user_ID.' )" class="radio" /> 485 <label for="blog_perm_easy_'.$row->user_ID.'_'.$lkey.'">'.$easy_group[1].'</label> '; 486 } 487 488 return $r; 489 } 490 $Results->cols[] = array( 491 'th' => T_('Role'), 492 'td' => '%simple_coll_perm_radios( {row} )%', 493 ); 494 495 496 // Display SIMPLE: 497 $Results->display(); 498 499 500 echo '</div>'; 501 502 // Permission note: 503 // fp> TODO: link 504 echo '<p class="note center">'.T_('Note: General group permissions may further restrict any media folder permissions defined here.').'</p>'; 505 506 $Form->end_fieldset(); 507 508 509 // Make a hidden list of all displayed users: 510 $user_IDs = array(); 511 foreach( $Results->rows as $row ) 512 { 513 $user_IDs[] = $row->user_ID; 514 } 515 $Form->hidden( 'user_IDs', implode( ',', $user_IDs) ); 516 517 $Form->end_form( array( array( 'submit', 'actionArray[update]', T_('Update'), 'SaveButton' ), 518 array( 'reset', '', T_('Reset'), 'ResetButton' ) ) ); 519 520 521 /* 522 * $Log: _coll_user_perm.form.php,v $ 523 * Revision 1.1 2007/06/25 10:59:38 fplanque 524 * MODULES (refactored MVC) 525 * 526 * Revision 1.25 2007/06/12 23:51:16 fplanque 527 * non admins can no longer create blog admins 528 * 529 * Revision 1.24 2007/06/12 23:16:04 fplanque 530 * non admins can no longer change admin blog perms 531 * 532 * Revision 1.23 2007/06/03 02:54:18 fplanque 533 * Stuff for permission maniacs (admin part only, actual perms checks to be implemented) 534 * Newbies will not see this complexity since advanced perms are now disabled by default. 535 * 536 * Revision 1.22 2007/05/31 03:49:24 fplanque 537 * editing perm concept demo 538 * 539 * Revision 1.21 2007/05/29 01:17:20 fplanque 540 * advanced admin blog settings are now restricted by a special permission 541 * 542 * Revision 1.20 2007/04/26 00:11:05 fplanque 543 * (c) 2007 544 * 545 * Revision 1.19 2007/03/11 22:48:19 fplanque 546 * handling of permission to redirect posts 547 * 548 * Revision 1.18 2007/01/23 04:20:30 fplanque 549 * wording 550 * 551 * Revision 1.17 2006/12/03 19:00:30 blueyed 552 * Moved collection perm JavaScript to the views, as per todo 553 * 554 * Revision 1.16 2006/11/18 17:57:17 blueyed 555 * blogperms_switch_layout() moved/renamed 556 * 557 * Revision 1.15 2006/11/04 17:38:24 blueyed 558 * Blog perm layout views: fixed non-JS links (ctrl param) and store selected one in UserSettings (TODO for switching by JS) 559 * 560 * Revision 1.14 2006/11/04 17:19:39 blueyed 561 * Blog perms view links: Changed "Wide" to "Advanced" and localized it together with "Simple". See http://forums.b2evolution.net/viewtopic.php?t=9654 562 * 563 * Revision 1.13 2006/11/03 18:22:26 fplanque 564 * no message 565 * 566 * Revision 1.12 2006/10/14 04:34:26 blueyed 567 * Proper escaping; fixes E_FATAL in Results eval() 568 * 569 * Revision 1.11 2006/10/11 17:21:09 blueyed 570 * Fixes 571 */ 572 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Thu Nov 29 23:58:50 2007 | par Balluche grâce à PHPXref 0.7 |
|
|