Verzeichnisstruktur phpBB-3.3.15
- Veröffentlicht
- 28.08.2024
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
acp_permission_roles.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 /**
015 * @ignore
016 */
017 if (!defined('IN_PHPBB'))
018 {
019 exit;
020 }
021
022 class acp_permission_roles
023 {
024 var $u_action;
025 protected $auth_admin;
026
027 function main($id, $mode)
028 {
029 global $db, $user, $template, $phpbb_container;
030 global $phpbb_root_path, $phpEx;
031 global $request, $phpbb_log;
032
033 if (!function_exists('user_get_id_name'))
034 {
035 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
036 }
037
038 if (!class_exists('auth_admin'))
039 {
040 include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
041 }
042
043 $this->auth_admin = new auth_admin();
044
045 $user->add_lang('acp/permissions');
046 add_permission_language();
047
048 $this->tpl_name = 'acp_permission_roles';
049
050 $submit = (isset($_POST['submit'])) ? true : false;
051 $role_id = $request->variable('role_id', 0);
052 $action = $request->variable('action', '');
053 $action = (isset($_POST['add'])) ? 'add' : $action;
054
055 $form_name = 'acp_permissions';
056 add_form_key($form_name);
057
058 if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down')))
059 {
060 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
061 }
062
063 switch ($mode)
064 {
065 case 'admin_roles':
066 $permission_type = 'a_';
067 $this->page_title = 'ACP_ADMIN_ROLES';
068 break;
069
070 case 'user_roles':
071 $permission_type = 'u_';
072 $this->page_title = 'ACP_USER_ROLES';
073 break;
074
075 case 'mod_roles':
076 $permission_type = 'm_';
077 $this->page_title = 'ACP_MOD_ROLES';
078 break;
079
080 case 'forum_roles':
081 $permission_type = 'f_';
082 $this->page_title = 'ACP_FORUM_ROLES';
083 break;
084
085 default:
086 trigger_error('NO_MODE', E_USER_ERROR);
087 break;
088 }
089
090 $template->assign_vars(array(
091 'L_TITLE' => $user->lang[$this->page_title],
092 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'])
093 );
094
095 // Take action... admin submitted something
096 if ($submit || $action == 'remove')
097 {
098 switch ($action)
099 {
100 case 'remove':
101
102 $sql = 'SELECT *
103 FROM ' . ACL_ROLES_TABLE . '
104 WHERE role_id = ' . $role_id;
105 $result = $db->sql_query($sql);
106 $role_row = $db->sql_fetchrow($result);
107 $db->sql_freeresult($result);
108
109 if (!$role_row)
110 {
111 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
112 }
113
114 if (confirm_box(true))
115 {
116 $this->remove_role($role_id, $permission_type);
117
118 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
119 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', false, array($role_name));
120 trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action));
121 }
122 else
123 {
124 confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array(
125 'i' => $id,
126 'mode' => $mode,
127 'role_id' => $role_id,
128 'action' => $action,
129 )));
130 }
131
132 break;
133
134 case 'edit':
135
136 // Get role we edit
137 $sql = 'SELECT *
138 FROM ' . ACL_ROLES_TABLE . '
139 WHERE role_id = ' . $role_id;
140 $result = $db->sql_query($sql);
141 $role_row = $db->sql_fetchrow($result);
142 $db->sql_freeresult($result);
143
144 if (!$role_row)
145 {
146 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
147 }
148
149 // no break;
150
151 case 'add':
152
153 if (!check_form_key($form_name))
154 {
155 trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
156 }
157
158 $role_name = $request->variable('role_name', '', true);
159 $role_description = $request->variable('role_description', '', true);
160 $auth_settings = $request->variable('setting', array('' => 0));
161
162 if (!$role_name)
163 {
164 trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
165 }
166
167 if (utf8_strlen($role_description) > 4000)
168 {
169 trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
170 }
171
172 // if we add/edit a role we check the name to be unique among the settings...
173 $sql = 'SELECT role_id
174 FROM ' . ACL_ROLES_TABLE . "
175 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
176 AND role_name = '" . $db->sql_escape($role_name) . "'";
177 $result = $db->sql_query($sql);
178 $row = $db->sql_fetchrow($result);
179 $db->sql_freeresult($result);
180
181 // Make sure we only print out the error if we add the role or change it's name
182 if ($row && ($action == 'add' || ($action == 'edit' && $role_row['role_name'] != $role_name)))
183 {
184 trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING);
185 }
186
187 $sql_ary = array(
188 'role_name' => (string) $role_name,
189 'role_description' => (string) $role_description,
190 'role_type' => (string) $permission_type,
191 );
192
193 if ($action == 'edit')
194 {
195 $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
196 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
197 WHERE role_id = ' . $role_id;
198 $db->sql_query($sql);
199 }
200 else
201 {
202 // Get maximum role order for inserting a new role...
203 $sql = 'SELECT MAX(role_order) as max_order
204 FROM ' . ACL_ROLES_TABLE . "
205 WHERE role_type = '" . $db->sql_escape($permission_type) . "'";
206 $result = $db->sql_query($sql);
207 $max_order = (int) $db->sql_fetchfield('max_order');
208 $db->sql_freeresult($result);
209
210 $sql_ary['role_order'] = $max_order + 1;
211
212 $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
213 $db->sql_query($sql);
214
215 $role_id = $db->sql_nextid();
216 }
217
218 // Now add the auth settings
219 $this->auth_admin->acl_set_role($role_id, $auth_settings);
220
221 $role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name;
222 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), false, array($role_name));
223
224 trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action));
225
226 break;
227 }
228 }
229
230 // Display screens
231 switch ($action)
232 {
233 case 'add':
234
235 $options_from = $request->variable('options_from', 0);
236
237 $role_row = array(
238 'role_name' => $request->variable('role_name', '', true),
239 'role_description' => $request->variable('role_description', '', true),
240 'role_type' => $permission_type,
241 );
242
243 if ($options_from)
244 {
245 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
246 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
247 WHERE o.auth_option_id = p.auth_option_id
248 AND p.role_id = ' . $options_from . '
249 ORDER BY p.auth_option_id';
250 $result = $db->sql_query($sql);
251
252 $auth_options = array();
253 while ($row = $db->sql_fetchrow($result))
254 {
255 $auth_options[$row['auth_option']] = $row['auth_setting'];
256 }
257 $db->sql_freeresult($result);
258 }
259 else
260 {
261 $sql = 'SELECT auth_option_id, auth_option
262 FROM ' . ACL_OPTIONS_TABLE . "
263 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "
264 AND auth_option <> '{$permission_type}'
265 ORDER BY auth_option_id";
266 $result = $db->sql_query($sql);
267
268 $auth_options = array();
269 while ($row = $db->sql_fetchrow($result))
270 {
271 $auth_options[$row['auth_option']] = ACL_NO;
272 }
273 $db->sql_freeresult($result);
274 }
275
276 // no break;
277
278 case 'edit':
279
280 if ($action == 'edit')
281 {
282 $sql = 'SELECT *
283 FROM ' . ACL_ROLES_TABLE . '
284 WHERE role_id = ' . $role_id;
285 $result = $db->sql_query($sql);
286 $role_row = $db->sql_fetchrow($result);
287 $db->sql_freeresult($result);
288
289 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
290 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
291 WHERE o.auth_option_id = p.auth_option_id
292 AND p.role_id = ' . $role_id . '
293 ORDER BY p.auth_option_id';
294 $result = $db->sql_query($sql);
295
296 $auth_options = array();
297 while ($row = $db->sql_fetchrow($result))
298 {
299 $auth_options[$row['auth_option']] = $row['auth_setting'];
300 }
301 $db->sql_freeresult($result);
302 }
303
304 if (!$role_row)
305 {
306 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
307 }
308
309 /* @var $phpbb_permissions \phpbb\permissions */
310 $phpbb_permissions = $phpbb_container->get('acl.permissions');
311
312 $template->assign_vars(array(
313 'S_EDIT' => true,
314
315 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}",
316 'U_BACK' => $this->u_action,
317
318 'ROLE_NAME' => $role_row['role_name'],
319 'ROLE_DESCRIPTION' => $role_row['role_description'],
320 'L_ACL_TYPE' => $phpbb_permissions->get_type_lang($permission_type),
321 ));
322
323 // We need to fill the auth options array with ACL_NO options ;)
324 $sql = 'SELECT auth_option_id, auth_option
325 FROM ' . ACL_OPTIONS_TABLE . "
326 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "
327 AND auth_option <> '{$permission_type}'
328 ORDER BY auth_option_id";
329 $result = $db->sql_query($sql);
330
331 while ($row = $db->sql_fetchrow($result))
332 {
333 if (!isset($auth_options[$row['auth_option']]))
334 {
335 $auth_options[$row['auth_option']] = ACL_NO;
336 }
337 }
338 $db->sql_freeresult($result);
339
340 // Unset global permission option
341 unset($auth_options[$permission_type]);
342
343 // Display auth options
344 $this->display_auth_options($auth_options);
345
346 // Get users/groups/forums using this preset...
347 if ($action == 'edit')
348 {
349 $hold_ary = $this->auth_admin->get_role_mask($role_id);
350
351 if (count($hold_ary))
352 {
353 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
354
355 $template->assign_vars(array(
356 'S_DISPLAY_ROLE_MASK' => true,
357 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
358 );
359
360 $this->auth_admin->display_role_mask($hold_ary);
361 }
362 }
363
364 return;
365 break;
366
367 case 'move_up':
368 case 'move_down':
369
370 if (!check_link_hash($request->variable('hash', ''), 'acp_permission_roles'))
371 {
372 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
373 }
374
375 $sql = 'SELECT role_order
376 FROM ' . ACL_ROLES_TABLE . "
377 WHERE role_id = $role_id";
378 $result = $db->sql_query($sql);
379 $order = $db->sql_fetchfield('role_order');
380 $db->sql_freeresult($result);
381
382 if ($order === false || ($order == 0 && $action == 'move_up'))
383 {
384 break;
385 }
386 $order = (int) $order;
387 $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
388
389 $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
390 SET role_order = ' . $order_total . " - role_order
391 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
392 AND role_order IN ($order, " . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
393 $db->sql_query($sql);
394
395 if ($request->is_ajax())
396 {
397 $json_response = new \phpbb\json_response;
398 $json_response->send(array(
399 'success' => (bool) $db->sql_affectedrows(),
400 ));
401 }
402
403 break;
404 }
405
406 // By default, check that role_order is valid and fix it if necessary
407 $sql = 'SELECT role_id, role_order
408 FROM ' . ACL_ROLES_TABLE . "
409 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
410 ORDER BY role_order ASC";
411 $result = $db->sql_query($sql);
412
413 if ($row = $db->sql_fetchrow($result))
414 {
415 $order = 0;
416 do
417 {
418 $order++;
419 if ($row['role_order'] != $order)
420 {
421 $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}");
422 }
423 }
424 while ($row = $db->sql_fetchrow($result));
425 }
426 $db->sql_freeresult($result);
427
428 // Display assigned items?
429 $display_item = $request->variable('display_item', 0);
430
431 // Select existing roles
432 $sql = 'SELECT *
433 FROM ' . ACL_ROLES_TABLE . "
434 WHERE role_type = '" . $db->sql_escape($permission_type) . "'
435 ORDER BY role_order ASC";
436 $result = $db->sql_query($sql);
437
438 $s_role_options = '';
439 while ($row = $db->sql_fetchrow($result))
440 {
441 $role_name = (!empty($user->lang[$row['role_name']])) ? $user->lang[$row['role_name']] : $row['role_name'];
442
443 $template->assign_block_vars('roles', array(
444 'ROLE_NAME' => $role_name,
445 'ROLE_DESCRIPTION' => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']),
446
447 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'],
448 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'],
449 'U_MOVE_UP' => $this->u_action . '&action=move_up&role_id=' . $row['role_id'] . '&hash=' . generate_link_hash('acp_permission_roles'),
450 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&role_id=' . $row['role_id'] . '&hash=' . generate_link_hash('acp_permission_roles'),
451 'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to')
452 );
453
454 $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
455
456 if ($display_item == $row['role_id'])
457 {
458 $template->assign_vars(array(
459 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
460 );
461 }
462 }
463 $db->sql_freeresult($result);
464
465 $template->assign_vars(array(
466 'S_ROLE_OPTIONS' => $s_role_options)
467 );
468
469 if ($display_item)
470 {
471 $template->assign_vars(array(
472 'S_DISPLAY_ROLE_MASK' => true)
473 );
474
475 $hold_ary = $this->auth_admin->get_role_mask($display_item);
476 $this->auth_admin->display_role_mask($hold_ary);
477 }
478 }
479
480 /**
481 * Display permission settings able to be set
482 */
483 function display_auth_options($auth_options)
484 {
485 global $template, $phpbb_container;
486
487 /* @var $phpbb_permissions \phpbb\permissions */
488 $phpbb_permissions = $phpbb_container->get('acl.permissions');
489
490 $content_array = $categories = array();
491 $key_sort_array = array(0);
492 $auth_options = array(0 => $auth_options);
493
494 // Making use of auth_admin method here (we do not really want to change two similar code fragments)
495 $this->auth_admin->build_permission_array($auth_options, $content_array, $categories, $key_sort_array);
496
497 $content_array = $content_array[0];
498
499 $template->assign_var('S_NUM_PERM_COLS', count($categories));
500
501 // Assign to template
502 foreach ($content_array as $cat => $cat_array)
503 {
504 $template->assign_block_vars('auth', array(
505 'CAT_NAME' => $phpbb_permissions->get_category_lang($cat),
506
507 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
508 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
509 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false)
510 );
511
512 foreach ($cat_array['permissions'] as $permission => $allowed)
513 {
514 $template->assign_block_vars('auth.mask', array(
515 'S_YES' => ($allowed == ACL_YES) ? true : false,
516 'S_NEVER' => ($allowed == ACL_NEVER) ? true : false,
517 'S_NO' => ($allowed == ACL_NO) ? true : false,
518
519 'FIELD_NAME' => $permission,
520 'PERMISSION' => $phpbb_permissions->get_permission_lang($permission),
521 ));
522 }
523 }
524 }
525
526 /**
527 * Remove role
528 */
529 function remove_role($role_id, $permission_type)
530 {
531 global $db;
532
533 // Get complete auth array
534 $sql = 'SELECT auth_option, auth_option_id
535 FROM ' . ACL_OPTIONS_TABLE . "
536 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char());
537 $result = $db->sql_query($sql);
538
539 $auth_settings = array();
540 while ($row = $db->sql_fetchrow($result))
541 {
542 $auth_settings[$row['auth_option']] = ACL_NO;
543 }
544 $db->sql_freeresult($result);
545
546 // Get the role auth settings we need to re-set...
547 $sql = 'SELECT o.auth_option, r.auth_setting
548 FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
549 WHERE o.auth_option_id = r.auth_option_id
550 AND r.role_id = ' . $role_id;
551 $result = $db->sql_query($sql);
552
553 while ($row = $db->sql_fetchrow($result))
554 {
555 $auth_settings[$row['auth_option']] = $row['auth_setting'];
556 }
557 $db->sql_freeresult($result);
558
559 // Get role assignments
560 $hold_ary = $this->auth_admin->get_role_mask($role_id);
561
562 // Re-assign permissions
563 foreach ($hold_ary as $forum_id => $forum_ary)
564 {
565 if (isset($forum_ary['users']))
566 {
567 $this->auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
568 }
569
570 if (isset($forum_ary['groups']))
571 {
572 $this->auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
573 }
574 }
575
576 // Remove role from users and groups just to be sure (happens through acl_set)
577 $sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
578 WHERE auth_role_id = ' . $role_id;
579 $db->sql_query($sql);
580
581 $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
582 WHERE auth_role_id = ' . $role_id;
583 $db->sql_query($sql);
584
585 // Remove role data and role
586 $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
587 WHERE role_id = ' . $role_id;
588 $db->sql_query($sql);
589
590 $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . '
591 WHERE role_id = ' . $role_id;
592 $db->sql_query($sql);
593
594 $this->auth_admin->acl_clear_prefetch();
595 }
596 }
597