Verzeichnisstruktur phpBB-3.1.0
- Veröffentlicht
- 27.10.2014
So funktioniert es
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
acp_permission_roles.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 /**
015 * @ignore
016 */
017 if (!defined('IN_PHPBB'))
018 {
019 exit;
020 }
021
022 class acp_permission_roles
023 {
024 var $u_action;
025 protected $auth_admin;
026
027 function main($id, $mode)
028 {
029 global $db, $user, $auth, $template, $cache, $phpbb_container;
030 global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
031 global $request;
032
033 include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
034 include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
035
036 $this->auth_admin = new auth_admin();
037
038 $user->add_lang('acp/permissions');
039 add_permission_language();
040
041 $this->tpl_name = 'acp_permission_roles';
042
043 $submit = (isset($_POST['submit'])) ? true : false;
044 $role_id = request_var('role_id', 0);
045 $action = request_var('action', '');
046 $action = (isset($_POST['add'])) ? 'add' : $action;
047
048 $form_name = 'acp_permissions';
049 add_form_key($form_name);
050
051 if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down')))
052 {
053 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
054 }
055
056 switch ($mode)
057 {
058 case 'admin_roles':
059 $permission_type = 'a_';
060 $this->page_title = 'ACP_ADMIN_ROLES';
061 break;
062
063 case 'user_roles':
064 $permission_type = 'u_';
065 $this->page_title = 'ACP_USER_ROLES';
066 break;
067
068 case 'mod_roles':
069 $permission_type = 'm_';
070 $this->page_title = 'ACP_MOD_ROLES';
071 break;
072
073 case 'forum_roles':
074 $permission_type = 'f_';
075 $this->page_title = 'ACP_FORUM_ROLES';
076 break;
077
078 default:
079 trigger_error('NO_MODE', E_USER_ERROR);
080 break;
081 }
082
083 $template->assign_vars(array(
084 'L_TITLE' => $user->lang[$this->page_title],
085 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'])
086 );
087
088 // Take action... admin submitted something
089 if ($submit || $action == 'remove')
090 {
091 switch ($action)
092 {
093 case 'remove':
094
095 $sql = 'SELECT *
096 FROM ' . ACL_ROLES_TABLE . '
097 WHERE role_id = ' . $role_id;
098 $result = $db->sql_query($sql);
099 $role_row = $db->sql_fetchrow($result);
100 $db->sql_freeresult($result);
101
102 if (!$role_row)
103 {
104 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
105 }
106
107 if (confirm_box(true))
108 {
109 $this->remove_role($role_id, $permission_type);
110
111 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
112 add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name);
113 trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action));
114 }
115 else
116 {
117 confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array(
118 'i' => $id,
119 'mode' => $mode,
120 'role_id' => $role_id,
121 'action' => $action,
122 )));
123 }
124
125 break;
126
127 case 'edit':
128
129 // Get role we edit
130 $sql = 'SELECT *
131 FROM ' . ACL_ROLES_TABLE . '
132 WHERE role_id = ' . $role_id;
133 $result = $db->sql_query($sql);
134 $role_row = $db->sql_fetchrow($result);
135 $db->sql_freeresult($result);
136
137 if (!$role_row)
138 {
139 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
140 }
141
142 // no break;
143
144 case 'add':
145
146 if (!check_form_key($form_name))
147 {
148 trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
149 }
150
151 $role_name = utf8_normalize_nfc(request_var('role_name', '', true));
152 $role_description = utf8_normalize_nfc(request_var('role_description', '', true));
153 $auth_settings = request_var('setting', array('' => 0));
154
155 if (!$role_name)
156 {
157 trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
158 }
159
160 if (utf8_strlen($role_description) > 4000)
161 {
162 trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
163 }
164
165 // if we add/edit a role we check the name to be unique among the settings...
166 $sql = 'SELECT role_id
167 FROM ' . ACL_ROLES_TABLE . "
168 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
169 AND role_name = '" . $db->sql_escape($role_name) . "'";
170 $result = $db->sql_query($sql);
171 $row = $db->sql_fetchrow($result);
172 $db->sql_freeresult($result);
173
174 // Make sure we only print out the error if we add the role or change it's name
175 if ($row && ($mode == 'add' || ($mode == 'edit' && $role_row['role_name'] != $role_name)))
176 {
177 trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING);
178 }
179
180 $sql_ary = array(
181 'role_name' => (string) $role_name,
182 'role_description' => (string) $role_description,
183 'role_type' => (string) $permission_type,
184 );
185
186 if ($action == 'edit')
187 {
188 $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
189 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
190 WHERE role_id = ' . $role_id;
191 $db->sql_query($sql);
192 }
193 else
194 {
195 // Get maximum role order for inserting a new role...
196 $sql = 'SELECT MAX(role_order) as max_order
197 FROM ' . ACL_ROLES_TABLE . "
198 WHERE role_type = '" . $db->sql_escape($permission_type) . "'";
199 $result = $db->sql_query($sql);
200 $max_order = (int) $db->sql_fetchfield('max_order');
201 $db->sql_freeresult($result);
202
203 $sql_ary['role_order'] = $max_order + 1;
204
205 $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
206 $db->sql_query($sql);
207
208 $role_id = $db->sql_nextid();
209 }
210
211 // Now add the auth settings
212 $this->auth_admin->acl_set_role($role_id, $auth_settings);
213
214 $role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name;
215 add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name);
216
217 trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action));
218
219 break;
220 }
221 }
222
223 // Display screens
224 switch ($action)
225 {
226 case 'add':
227
228 $options_from = request_var('options_from', 0);
229
230 $role_row = array(
231 'role_name' => utf8_normalize_nfc(request_var('role_name', '', true)),
232 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)),
233 'role_type' => $permission_type,
234 );
235
236 if ($options_from)
237 {
238 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
239 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
240 WHERE o.auth_option_id = p.auth_option_id
241 AND p.role_id = ' . $options_from . '
242 ORDER BY p.auth_option_id';
243 $result = $db->sql_query($sql);
244
245 $auth_options = array();
246 while ($row = $db->sql_fetchrow($result))
247 {
248 $auth_options[$row['auth_option']] = $row['auth_setting'];
249 }
250 $db->sql_freeresult($result);
251 }
252 else
253 {
254 $sql = 'SELECT auth_option_id, auth_option
255 FROM ' . ACL_OPTIONS_TABLE . "
256 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "
257 AND auth_option <> '{$permission_type}'
258 ORDER BY auth_option_id";
259 $result = $db->sql_query($sql);
260
261 $auth_options = array();
262 while ($row = $db->sql_fetchrow($result))
263 {
264 $auth_options[$row['auth_option']] = ACL_NO;
265 }
266 $db->sql_freeresult($result);
267 }
268
269 // no break;
270
271 case 'edit':
272
273 if ($action == 'edit')
274 {
275 $sql = 'SELECT *
276 FROM ' . ACL_ROLES_TABLE . '
277 WHERE role_id = ' . $role_id;
278 $result = $db->sql_query($sql);
279 $role_row = $db->sql_fetchrow($result);
280 $db->sql_freeresult($result);
281
282 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
283 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
284 WHERE o.auth_option_id = p.auth_option_id
285 AND p.role_id = ' . $role_id . '
286 ORDER BY p.auth_option_id';
287 $result = $db->sql_query($sql);
288
289 $auth_options = array();
290 while ($row = $db->sql_fetchrow($result))
291 {
292 $auth_options[$row['auth_option']] = $row['auth_setting'];
293 }
294 $db->sql_freeresult($result);
295 }
296
297 if (!$role_row)
298 {
299 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
300 }
301
302 $phpbb_permissions = $phpbb_container->get('acl.permissions');
303
304 $template->assign_vars(array(
305 'S_EDIT' => true,
306
307 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}",
308 'U_BACK' => $this->u_action,
309
310 'ROLE_NAME' => $role_row['role_name'],
311 'ROLE_DESCRIPTION' => $role_row['role_description'],
312 'L_ACL_TYPE' => $phpbb_permissions->get_type_lang($permission_type),
313 ));
314
315 // We need to fill the auth options array with ACL_NO options ;)
316 $sql = 'SELECT auth_option_id, auth_option
317 FROM ' . ACL_OPTIONS_TABLE . "
318 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "
319 AND auth_option <> '{$permission_type}'
320 ORDER BY auth_option_id";
321 $result = $db->sql_query($sql);
322
323 while ($row = $db->sql_fetchrow($result))
324 {
325 if (!isset($auth_options[$row['auth_option']]))
326 {
327 $auth_options[$row['auth_option']] = ACL_NO;
328 }
329 }
330 $db->sql_freeresult($result);
331
332 // Unset global permission option
333 unset($auth_options[$permission_type]);
334
335 // Display auth options
336 $this->display_auth_options($auth_options);
337
338 // Get users/groups/forums using this preset...
339 if ($action == 'edit')
340 {
341 $hold_ary = $this->auth_admin->get_role_mask($role_id);
342
343 if (sizeof($hold_ary))
344 {
345 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
346
347 $template->assign_vars(array(
348 'S_DISPLAY_ROLE_MASK' => true,
349 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
350 );
351
352 $this->auth_admin->display_role_mask($hold_ary);
353 }
354 }
355
356 return;
357 break;
358
359 case 'move_up':
360 case 'move_down':
361
362 $sql = 'SELECT role_order
363 FROM ' . ACL_ROLES_TABLE . "
364 WHERE role_id = $role_id";
365 $result = $db->sql_query($sql);
366 $order = $db->sql_fetchfield('role_order');
367 $db->sql_freeresult($result);
368
369 if ($order === false || ($order == 0 && $action == 'move_up'))
370 {
371 break;
372 }
373 $order = (int) $order;
374 $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
375
376 $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
377 SET role_order = ' . $order_total . " - role_order
378 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
379 AND role_order IN ($order, " . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
380 $db->sql_query($sql);
381
382 if ($request->is_ajax())
383 {
384 $json_response = new \phpbb\json_response;
385 $json_response->send(array(
386 'success' => (bool) $db->sql_affectedrows(),
387 ));
388 }
389
390 break;
391 }
392
393 // By default, check that role_order is valid and fix it if necessary
394 $sql = 'SELECT role_id, role_order
395 FROM ' . ACL_ROLES_TABLE . "
396 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
397 ORDER BY role_order ASC";
398 $result = $db->sql_query($sql);
399
400 if ($row = $db->sql_fetchrow($result))
401 {
402 $order = 0;
403 do
404 {
405 $order++;
406 if ($row['role_order'] != $order)
407 {
408 $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}");
409 }
410 }
411 while ($row = $db->sql_fetchrow($result));
412 }
413 $db->sql_freeresult($result);
414
415 // Display assigned items?
416 $display_item = request_var('display_item', 0);
417
418 // Select existing roles
419 $sql = 'SELECT *
420 FROM ' . ACL_ROLES_TABLE . "
421 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
422 ORDER BY role_order ASC";
423 $result = $db->sql_query($sql);
424
425 $s_role_options = '';
426 while ($row = $db->sql_fetchrow($result))
427 {
428 $role_name = (!empty($user->lang[$row['role_name']])) ? $user->lang[$row['role_name']] : $row['role_name'];
429
430 $template->assign_block_vars('roles', array(
431 'ROLE_NAME' => $role_name,
432 'ROLE_DESCRIPTION' => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']),
433
434 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'],
435 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'],
436 'U_MOVE_UP' => $this->u_action . '&action=move_up&role_id=' . $row['role_id'],
437 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&role_id=' . $row['role_id'],
438 'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to')
439 );
440
441 $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
442
443 if ($display_item == $row['role_id'])
444 {
445 $template->assign_vars(array(
446 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
447 );
448 }
449 }
450 $db->sql_freeresult($result);
451
452 $template->assign_vars(array(
453 'S_ROLE_OPTIONS' => $s_role_options)
454 );
455
456 if ($display_item)
457 {
458 $template->assign_vars(array(
459 'S_DISPLAY_ROLE_MASK' => true)
460 );
461
462 $hold_ary = $this->auth_admin->get_role_mask($display_item);
463 $this->auth_admin->display_role_mask($hold_ary);
464 }
465 }
466
467 /**
468 * Display permission settings able to be set
469 */
470 function display_auth_options($auth_options)
471 {
472 global $template, $user, $phpbb_container;
473
474 $phpbb_permissions = $phpbb_container->get('acl.permissions');
475
476 $content_array = $categories = array();
477 $key_sort_array = array(0);
478 $auth_options = array(0 => $auth_options);
479
480 // Making use of auth_admin method here (we do not really want to change two similar code fragments)
481 $this->auth_admin->build_permission_array($auth_options, $content_array, $categories, $key_sort_array);
482
483 $content_array = $content_array[0];
484
485 $template->assign_var('S_NUM_PERM_COLS', sizeof($categories));
486
487 // Assign to template
488 foreach ($content_array as $cat => $cat_array)
489 {
490 $template->assign_block_vars('auth', array(
491 'CAT_NAME' => $phpbb_permissions->get_category_lang($cat),
492
493 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
494 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
495 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false)
496 );
497
498 foreach ($cat_array['permissions'] as $permission => $allowed)
499 {
500 $template->assign_block_vars('auth.mask', array(
501 'S_YES' => ($allowed == ACL_YES) ? true : false,
502 'S_NEVER' => ($allowed == ACL_NEVER) ? true : false,
503 'S_NO' => ($allowed == ACL_NO) ? true : false,
504
505 'FIELD_NAME' => $permission,
506 'PERMISSION' => $phpbb_permissions->get_permission_lang($permission),
507 ));
508 }
509 }
510 }
511
512 /**
513 * Remove role
514 */
515 function remove_role($role_id, $permission_type)
516 {
517 global $db;
518
519 // Get complete auth array
520 $sql = 'SELECT auth_option, auth_option_id
521 FROM ' . ACL_OPTIONS_TABLE . "
522 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char());
523 $result = $db->sql_query($sql);
524
525 $auth_settings = array();
526 while ($row = $db->sql_fetchrow($result))
527 {
528 $auth_settings[$row['auth_option']] = ACL_NO;
529 }
530 $db->sql_freeresult($result);
531
532 // Get the role auth settings we need to re-set...
533 $sql = 'SELECT o.auth_option, r.auth_setting
534 FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
535 WHERE o.auth_option_id = r.auth_option_id
536 AND r.role_id = ' . $role_id;
537 $result = $db->sql_query($sql);
538
539 while ($row = $db->sql_fetchrow($result))
540 {
541 $auth_settings[$row['auth_option']] = $row['auth_setting'];
542 }
543 $db->sql_freeresult($result);
544
545 // Get role assignments
546 $hold_ary = $this->auth_admin->get_role_mask($role_id);
547
548 // Re-assign permissions
549 foreach ($hold_ary as $forum_id => $forum_ary)
550 {
551 if (isset($forum_ary['users']))
552 {
553 $this->auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
554 }
555
556 if (isset($forum_ary['groups']))
557 {
558 $this->auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
559 }
560 }
561
562 // Remove role from users and groups just to be sure (happens through acl_set)
563 $sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
564 WHERE auth_role_id = ' . $role_id;
565 $db->sql_query($sql);
566
567 $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
568 WHERE auth_role_id = ' . $role_id;
569 $db->sql_query($sql);
570
571 // Remove role data and role
572 $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
573 WHERE role_id = ' . $role_id;
574 $db->sql_query($sql);
575
576 $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . '
577 WHERE role_id = ' . $role_id;
578 $db->sql_query($sql);
579
580 $this->auth_admin->acl_clear_prefetch();
581 }
582 }
583