/pnadmin.php

https://github.com/intraweb-modules12/iw_myrole · PHP · 263 lines · 163 code · 43 blank · 57 comment · 20 complexity · c285d3b533b3169261da5bedf5d893b4 MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * Main admin function. Create admin interface
    5. 

  5.  * @author: 	Josep Ferràndiz (jferran6@xtec.cat)
    6. 

  6.  * @author:     Albert Pérez Monfort (aperezm@xtec.cat)
    7. 

  7.  * @param:	Array with the id of the group that can change roles
    8. 

  8.  * @return:	Admin main page
    9. 

  9. */
    10. 

  10. function iw_myrole_admin_main($args)
    11. 

  11. {
    12. 

  12. 	$dom = ZLanguage::getModuleDomain('iw_myrole');
    13. 

  13. 	$gid = FormUtil::getPassedValue('gid', isset($args['gid']) ? $args['gid'] : null, 'POST');	
    14. 

  14. 

  15. 	// Security check
    16. 

  16. 	if (!SecurityUtil::checkPermission('iw_myrole::', "::", ACCESS_ADMIN)) {
    17. 

  17. 		return LogUtil::registerError(__('Sorry! No authorization to access this module.', $dom), 403);
    18. 

  18. 	}
    19. 

  19. 

  20. 	$groupsNotChangeable = pnModGetVar('iw_myrole','groupsNotChangeable');
    21. 

  21. 

  22. 	$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    23. 

  23. 	$groups = pnModFunc('iw_main', 'user', 'getAllGroups', array('sv' => $sv,
    24. 

  24. 																	'less' => pnModGetVar('iw_myrole', 'rolegroup')));
    25. 

  25. 																	
    26. 

  26. 	foreach($groups as $group){
    27. 

  27. 		$checked = false;
    28. 

  28. 		
    29. 

  29. 		if(strpos($groupsNotChangeable,'$'.$group['id'].'$') != false){
    30. 

  30. 			$checked = true;	
    31. 

  31. 		}
    32. 

  32. 		
    33. 

  33. 		$groupsArray[] = array('id' => $group['id'],
    34. 

  34. 								'name' => $group['name'],
    35. 

  35. 								'checked' => $checked);
    36. 

  36. 	}
    37. 

  37. 

  38. 	$pnRender = pnRender::getInstance('iw_myrole',false);
    39. 

  39. 	
    40. 

  40. 	// Gets the groups
    41. 

  41. 	$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    42. 

  42. 	$groups = pnModFunc('iw_main', 'user', 'getAllGroups', array('sv' => $sv));
    43. 

  43. 

  44. 	$pnRender -> assign('roleGroup', pnModGetVar('iw_myrole', 'rolegroup'));
    45. 

  45. 	$pnRender -> assign('groups', $groups);
    46. 

  46. 	$pnRender -> assign('groupsArray', $groupsArray);
    47. 

  47. 	
    48. 

  48. 	return $pnRender -> fetch('iw_myrole_admin_main.htm');
    49. 

  49. }
    50. 

  50. 

  51. /**
    52. 

  52.  * Show module information
    53. 

  53.  * @author: 	Josep Ferràndiz (jferran6@xtec.cat)
    54. 

  54.  * @author:     Albert Pérez Monfort (aperezm@xtec.cat)
    55. 

  55.  * @param:	none
    56. 

  56.  * @return:	Module information
    57. 

  57. */
    58. 

  58. // Informació del mòdul
    59. 

  59. function iw_myrole_admin_module()
    60. 

  60. {
    61. 

  61. 	$dom = ZLanguage::getModuleDomain('iw_myrole');
    62. 

  62. 	// Security check
    63. 

  63. 	if (!SecurityUtil::checkPermission('iw_myrole::', "::", ACCESS_ADMIN)) {
    64. 

  64. 		return LogUtil::registerError(__('Sorry! No authorization to access this module.', $dom), 403);
    65. 

  65. 	}
    66. 

  66. 

  67. 	$module = pnModFunc('iw_main', 'user', 'module_info', array('module_name' => 'iw_myrole',
    68. 

  68. 										'type' => 'admin'));
    69. 

  69. 

  70. 	$pnRender = pnRender::getInstance('iw_myrole',false);
    71. 

  71. 	$pnRender -> assign('module', $module);
    72. 

  72. 	return $pnRender -> fetch('iw_myrole_admin_module.htm');
    73. 

  73. } 
    74. 

  74. 

  75. /**
    76. 

  76.  * Change the group that can change roles
    77. 

  77.  * @author: 	Josep Ferràndiz (jferran6@xtec.cat)
    78. 

  78.  * @author:     Albert Pérez Monfort (aperezm@xtec.cat)
    79. 

  79.  * @param:	Array with the id of the group that can change roles
    80. 

  80.  * @return:	
    81. 

  81. */
    82. 

  82. // Canvia a la taula de permisos els relatius al iw_myrole
    83. 

  83. function iw_myrole_admin_changeGroup($args){
    84. 

  84. 	$dom = ZLanguage::getModuleDomain('iw_myrole');
    85. 

  85. 	$gid = FormUtil::getPassedValue('gid', isset($args['gid']) ? $args['gid'] : null, 'POST');
    86. 

  86. 	$groups = FormUtil::getPassedValue('groups', isset($args['groups']) ? $args['groups'] : null, 'POST');
    87. 

  87. 	
    88. 

  88. 	// Security check
    89. 

  89. 	if (!SecurityUtil::checkPermission('iw_myrole::', "::", ACCESS_ADMIN)) {
    90. 

  90. 		return LogUtil::registerError(__('Sorry! No authorization to access this module.', $dom), 403);
    91. 

  91. 	}
    92. 

  92. 

  93. 	// Confirm authorisation code
    94. 

  94. 	if (!SecurityUtil::confirmAuthKey()) {
    95. 

  95. 		return LogUtil::registerAuthidError (pnModURL('iw_myrole', 'admin', 'main'));
    96. 

  96. 	}
    97. 

  97. 	
    98. 

  98. 	$groupsString = '$';
    99. 

  99. 	foreach($groups as $group){
    100. 

  100. 		$groupsString .= '$'.$group.'$';
    101. 

  101. 	}
    102. 

  102. 

  103. 	if ($gid) {
    104. 

  104. 	// Modify the permissions in group_perms
    105. 

  105. 		$changePerms = pnModApiFunc ('iw_myrole', 'admin', 'changePermissions', array('gid'=> $gid));
    106. 

  106. 		if ($changePerms) {
    107. 

  107. 			//Update module var with new value
    108. 

  108. 			pnModSetVar('iw_myrole', 'rolegroup', $gid);
    109. 

  109. 			Logutil::registerStatus(__('The group change has been made.', $dom));
    110. 

  110. 		} else {
    111. 

  111. 			Logutil::registerError(__('The group change has not been made.', $dom));
    112. 

  112. 		}
    113. 

  113. 	}
    114. 

  114. 	
    115. 

  115. 	pnModSetVar('iw_myrole','groupsNotChangeable', $groupsString);
    116. 

  116. 	
    117. 

  117. 	return pnRedirect(pnModURL('iw_myrole', 'admin', 'main'));
    118. 

  118. 

  119. }
    120. 

  120. 

  121. /**
    122. 

  122.  * Change user groups
    123. 

  123.  * @author: 	Josep Ferràndiz (jferran6@xtec.cat)
    124. 

  124.  * @author:     Albert Pérez Monfort (aperezm@xtec.cat)
    125. 

  125.  * @param:	args   Array with the groups id's
    126. 

  126.  * @return:	True if success or false otherwise
    127. 

  127. */
    128. 

  128. function iw_myrole_admin_changeRole($args)
    129. 

  129. {
    130. 

  130. 	$dom = ZLanguage::getModuleDomain('iw_myrole');
    131. 

  131. 	// Get the parameters
    132. 

  132. 	$roles = FormUtil::getPassedValue('roles', isset($args['roles']) ? $args['roles'] : null, 'POST');
    133. 

  133. 	$setDefault = FormUtil::getPassedValue('setDefault', isset($args['setDefault']) ? $args['setDefault'] : null, 'POST');
    134. 

  134. 

  135. 	// Security check
    136. 

  136. 	if (!SecurityUtil::checkPermission('iw_myrole::', "::", ACCESS_ADMIN)) {
    137. 

  137. 		return LogUtil::registerError(__('Sorry! No authorization to access this module.', $dom), 403);
    138. 

  138. 	}
    139. 

  139. 

  140. 	//Check if the group that can change roles have admin permisions. If not the block is not showed
    141. 

  141. 	$correctGroupPermissions = pnModAPIFunc('iw_myrole', 'admin', 'correctGroupPermissions');
    142. 

  142. 

  143. 	if(!$correctGroupPermissions){
    144. 

  144. 		$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    145. 

  145. 		pnModFunc('iw_main', 'user', 'userSetVar', array('uid' => pnUserGetVar('uid'),
    146. 

  146. 									'name' => 'invalidChange',
    147. 

  147. 									'module' => 'iw_myrole',
    148. 

  148. 									'lifetime' => 10,
    149. 

  149. 									'nult' => true,
    150. 

  150. 									'value' => 1,
    151. 

  151. 									'sv' => $sv));
    152. 

  152. 		return pnRedirect($_SERVER['HTTP_REFERER']);
    153. 

  153. 	}
    154. 

  154. 

  155. 	$uid = pnUserGetVar('uid');
    156. 

  156. 

  157. 	//get the headlines saved in the user vars. It is renovate every 10 minutes
    158. 

  158. 	$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    159. 

  159. 	$exists = pnModApiFunc('iw_main', 'user', 'userVarExists', array('name' => 'defaultRoles',
    160. 

  160. 											'module' => 'iw_myrole',
    161. 

  161. 											'uid' => $uid,
    162. 

  162. 											'sv' => $sv));
    163. 

  163. 

  164. 	if(!$exists){
    165. 

  165. 		//get user groups
    166. 

  166. 		$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    167. 

  167. 		$userGroups = pnModFunc('iw_main', 'user', 'getAllUserGroups', array('sv'=> $sv,
    168. 

  168. 												'uid'=> $uid));
    169. 

  169. 		$i = 0;
    170. 

  170. 		foreach($userGroups as $group){
    171. 

  171. 			$groups .= $group['id'].'$$';
    172. 

  172. 			$i++;
    173. 

  173. 		}
    174. 

  174. 

  175. 		//set default roles
    176. 

  176. 		$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    177. 

  177. 		pnModFunc('iw_main', 'user', 'userSetVar', array('uid' => $uid,
    178. 

  178. 									'name' => 'defaultRoles',
    179. 

  179. 									'module' => 'iw_myrole',
    180. 

  180. 									'sv' => $sv,
    181. 

  181. 									'value' => $groups));
    182. 

  182. 	}
    183. 

  183. 

  184. 	if($setDefault == 1){
    185. 

  185. 		$i = 0;
    186. 

  186. 		foreach($roles as $group){
    187. 

  187. 			$groups .= $group['id'].'$$';
    188. 

  188. 			$i++;
    189. 

  189. 		}
    190. 

  190. 		//set default roles
    191. 

  191. 		$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    192. 

  192. 		pnModFunc('iw_main', 'user', 'userSetVar', array('uid' => $uid,
    193. 

  193. 									'name' => 'defaultRoles',
    194. 

  194. 									'module' => 'iw_myrole',
    195. 

  195. 									'sv' => $sv,
    196. 

  196. 									'value' => $groups));
    197. 

  197. 	}
    198. 

  198. 

  199. 	//Check if the group that can change roles have admin permisions. If not the block is not showed
    200. 

  200. 	$correctGroupPermissions = pnModAPIFunc('iw_myrole', 'admin', 'correctGroupPermissions');
    201. 

  201. 

  202. 	if(!$correctGroupPermissions){
    203. 

  203. 		return pnRedirect(pnModURL());
    204. 

  204. 	}
    205. 

  205. 

  206. 	// Esborrem la pertinença a tots els grups excepte el de canvia de rol
    207. 

  207. 	$delGroups = pnModApiFunc('iw_myrole', 'admin', 'delUserGroups');
    208. 

  208. 

  209. 	if ($delGroups) {
    210. 

  210. 		$addToGroup = pnModApiFunc('iw_myrole', 'admin', 'addUserToGroup', array('roles' => $roles));
    211. 

  211. 	}
    212. 

  212. 

  213. 	if(!$delGroups || !$addToGroup){
    214. 

  214. 		LogUtil::registerError (__('Error in the role change', $dom));
    215. 

  215. 	}
    216. 

  216. 

  217. 	pnModFunc('iw_main', 'user', 'regenBlockNews', array('sv' => $sv));
    218. 

  218. 	return true;
    219. 

  219. }
    220. 

  220. 

  221. /**
    222. 

  222.  * Reset user groups membership
    223. 

  223.  * @author: 	Josep Ferràndiz (jferran6@xtec.cat)
    224. 

  224.  * @author:     Albert Pérez Monfort (aperezm@xtec.cat)
    225. 

  225.  * @param:	none
    226. 

  226.  * @return:	True if success or false otherwise
    227. 

  227. */
    228. 

  228. function iw_myrole_admin_resetRoles($args)
    229. 

  229. {
    230. 

  230. 	$dom = ZLanguage::getModuleDomain('iw_myrole');
    231. 

  231. 	// Security check
    232. 

  232. 	if (!SecurityUtil::checkPermission('iw_myrole::', "::", ACCESS_ADMIN)) {
    233. 

  233. 		return LogUtil::registerError(__('Sorry! No authorization to access this module.', $dom), 403);
    234. 

  234. 	}
    235. 

  235. 

  236. 	//get the headlines saved in the user vars. It is renovate every 10 minutes
    237. 

  237. 	$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    238. 

  238. 	$exists = pnModApiFunc('iw_main', 'user', 'userVarExists', array('name' => 'defaultRoles',
    239. 

  239. 											'module' => 'iw_myrole',
    240. 

  240. 											'uid' => pnUserGetVar('uid'),
    241. 

  241. 											'sv' => $sv));
    242. 

  242. 	if(!$exists){
    243. 

  243. 		$sv = pnModFunc('iw_main', 'user', 'genSecurityValue');
    244. 

  244. 		pnModFunc('iw_main', 'user', 'userSetVar', array('uid' => pnUserGetVar('uid'),
    245. 

  245. 									'name' => 'invalidChange',
    246. 

  246. 									'module' => 'iw_myrole',
    247. 

  247. 									'lifetime' => 10,
    248. 

  248. 									'nult' => true,
    249. 

  249. 									'value' => 1,
    250. 

  250. 									'sv' => $sv));
    251. 

  251. 		return pnRedirect($_SERVER['HTTP_REFERER']);
    252. 

  252. 

  253. 	}
    254. 

  254. 

  255. 	// Esborrem la pertinença a tots els grups excepte el de canvia de rol
    256. 

  256. 	$delGroups = pnModApiFunc('iw_myrole', 'admin', 'delUserGroups');
    257. 

  257. 

  258. 	// Esborrem la pertinença a tots els grups excepte el de canvia de rol
    259. 

  259. 	pnModAPIFunc('iw_myrole', 'admin', 'addUserToGroup', array('defaultRoles' => 1));
    260. 

  260. 

  261. 	pnModFunc('iw_main', 'user', 'regenBlockNews', array('sv' => $sv));
    262. 

  262. 	return true;
    263. 

  263. }
    264.