chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Minor - format code

Browse Source
pull/2487/head
jmontoyaa 8 years ago
parent 9f5a91ca74
commit 5d14ff7d33
6 changed files with 766 additions and 827 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 38
      main/permissions/all_permissions.inc.php
  2. 1
      main/permissions/blog_permissions.inc.php
  3. 39
      main/permissions/group_permissions.inc.php
  4. 885
      main/permissions/permissions_functions.inc.php
  5. 402
      main/permissions/roles.php
  6. 228
      main/permissions/user_permissions.inc.php

38
main/permissions/all_permissions.inc.php
Unescape View File

@ -6,19 +6,37 @@
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @package chamilo.permissions
*/
/**
* Code
*/
// possible permissions
$rights_full=array("View","Add","Edit","Delete","Visibility","Move");
$rights_limited=array("Add","Edit","Delete");
$rights_full = array("View", "Add", "Edit", "Delete", "Visibility", "Move");
$rights_limited = array("Add", "Edit", "Delete");
// first we determine what can be done in each tool. We do this for each tool.
$tool_rights[TOOL_LINK]=array("View","Add","Edit","Delete","Visibility", "Move");
$tool_rights[TOOL_DOCUMENT]=array("View","Add","Edit","Delete","Visibility","Move");
$tool_rights[TOOL_LINK] = array(
"View",
"Add",
"Edit",
"Delete",
"Visibility",
"Move",
);
$tool_rights[TOOL_DOCUMENT] = array(
"View",
"Add",
"Edit",
"Delete",
"Visibility",
"Move",
);
//$tool_rights[TOOL_CALENDAR_EVENT]=array("View","Add","Edit","Delete","Visibility");
$tool_rights[TOOL_ANNOUNCEMENT]=array("View","Add","Edit","Delete","Visibility", "Move");
$tool_rights[TOOL_ANNOUNCEMENT] = array(
"View",
"Add",
"Edit",
"Delete",
"Visibility",
"Move",
);
//$tool_rights[TOOL_STUDENTPUBLICATION]=array("View","Edit","Delete","Visibility");
//$tool_rights[TOOL_COURSE_DESCRIPTION]=array("View","Add","Edit","Delete","Visibility");
//$tool_rights[TOOL_LEARNPATH]=array("View","Add","Edit","Delete","Visibility");
@ -26,10 +44,10 @@ $tool_rights[TOOL_ANNOUNCEMENT]=array("View","Add","Edit","Delete","Visibility",
//$tool_rights[TOOL_BB_POST]=array("View","Add","Edit","Delete");
//$tool_rights[TOOL_DROPBOX]=array("View","Add","Delete");
//$tool_rights[TOOL_QUIZ]=array("View","Add","Edit","Delete","Visibility");
$tool_rights[TOOL_USER]=array("View","Add","Edit","Delete");
$tool_rights[TOOL_USER] = array("View", "Add", "Edit", "Delete");
//$tool_rights[TOOL_GROUP]=array("View","Add","Edit","Delete");
//$tool_rights[TOOL_CHAT]=array("View","Delete");
//$tool_rights[TOOL_STUDENTPUBLICATION]=array("View","Add","Edit","Delete");
// this value can be checkbox or image
$setting_visualisation='image';
$setting_visualisation = 'image';

1
main/permissions/blog_permissions.inc.php
Unescape View File

@ -166,7 +166,6 @@ foreach ($blog_users as $user_id => $user_name) { // $blog_users contains all th
echo "\t\t</td>\n";
foreach ($rights_full as $key => $value) {
echo "\t\t<td align='center'>\n";
if (in_array($value, $rights_blog)) {
display_image_matrix_for_blogs(

39
main/permissions/group_permissions.inc.php
Unescape View File

@ -2,17 +2,13 @@
/**
* @package chamilo.permissions
*/
/**
* Code
*/
include_once('permissions_functions.inc.php');
include_once('all_permissions.inc.php');
$group_id = api_get_group_id();
echo $group_id;
// ---------------------------------------------------
// ACTIONS
// ---------------------------------------------------
if ($_POST['StoreGroupPermissions'] and $setting_visualisation == 'checkbox') {
$result_message = store_permissions('group', $group_id);
if ($result_message) {
@ -32,23 +28,17 @@ if (isset($result_message)) {
Display::display_normal_message($result_message);
}
// ---------------------------------------------------
// RETRIEVING THE PERMISSIONS
// ---------------------------------------------------
$current_group_permissions = array();
$current_group_permissions = get_permissions('group', $group_id);
// @todo current group permissions and current role permissions
// ---------------------------------------------------
// INHERITED PERMISSIONS (group roles)
// ---------------------------------------------------
$group_course_roles_permissions = get_roles_permissions('group', $group_id, 'course');
$group_platform_roles_permissions = get_roles_permissions('group', $group_id, 'platform');
$inherited_permissions = permission_array_merge($group_course_roles_permissions, $group_platform_roles_permissions);
// ---------------------------------------------------
// LIMITED OR FULL
// ---------------------------------------------------
$current_group_permissions = limited_or_full($current_group_permissions);
$inherited_permissions = limited_or_full($inherited_permissions);
if (api_get_setting('permissions') == 'limited') {
@ -59,9 +49,7 @@ if (api_get_setting('permissions') == 'full') {
}
echo "<form method=\"post\" action=\"" . str_replace('&', '&amp;', $_SERVER['REQUEST_URI']) . "\">";
// ---------------------------------------------------
// DISPLAYING THE ROLES LIST
// ---------------------------------------------------
if (api_get_setting('group_roles') == 'true') {
// the list of the roles for the user
echo '<strong>' . get_lang('GroupRoles') . '</strong><br />';
@ -71,11 +59,7 @@ if (api_get_setting('group_roles') == 'true') {
echo '<br />';
}
// ---------------------------------------------------
// DISPLAYING THE MATRIX (group permissions)
// ---------------------------------------------------
echo "<table class=\"data_table\">\n";
// the header
@ -99,12 +83,23 @@ foreach ($tool_rights as $tool => $rights) // $tool_rights contains all the poss
if (in_array($value, $rights)) {
if ($setting_visualisation == 'checkbox') {
//display_checkbox_matrix($current_group_permissions, $tool, $value);
display_checkbox_matrix($current_group_permissions, $tool, $value, $inherited_permissions,
$course_admin);
display_checkbox_matrix(
$current_group_permissions,
$tool,
$value,
$inherited_permissions,
$course_admin
);
}
if ($setting_visualisation == 'image') {
//display_image_matrix($current_group_permissions, $tool, $value);
display_image_matrix($current_group_permissions, $tool, $value, $inherited_permissions, $course_admin);
display_image_matrix(
$current_group_permissions,
$tool,
$value,
$inherited_permissions,
$course_admin
);
}
}
// note: in a later stage this part will be replaced by a function
@ -122,12 +117,8 @@ if ($setting_visualisation == 'checkbox') {
}
echo "</form>";
// ---------------------------------------------------
// LEGEND
// ---------------------------------------------------
echo '<strong>' . get_lang('Legend') . '</strong><br />';
echo '<img src="../img/wrong.gif" /> ' . get_lang('UserHasPermissionNot') . '<br />';
echo '<img src="../img/checkbox_on2.gif" /> ' . get_lang('UserHasPermission') . '<br />';
echo '<img src="../img/checkbox_on3.gif" /> ' . get_lang('UserHasPermissionByRoleGroup') . '<br />';
?>

885
main/permissions/permissions_functions.inc.php
Unescape View File

@ -1,62 +1,58 @@
<?php
/**
* This files contains the common functions for the permissions
*
* A list of all the functions (in no particular order)
* ----------------------------------------------------
* store_permissions($content,$id)
* get_permissions($content,$id)
* limited_or_full($current_permissions)
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* This files contains the common functions for the permissions
*
* A list of all the functions (in no particular order)
* ----------------------------------------------------
* store_permissions($content,$id)
* get_permissions($content,$id)
* limited_or_full($current_permissions)
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @package chamilo.permissions
*/
*/
/**
* This function stores the permissions in the correct table.
* Since Checkboxes are used we do not know which ones are unchecked.
* That's why we first delete them all (for the given user/group/role
* and afterwards we store the checked ones only.
* @param $content are we storing rights for a user, a group or a role (the database depends on it)
* @param $id the id of the user, group or role
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @version 1.0
*/
function store_permissions($content, $id) {
* This function stores the permissions in the correct table.
* Since Checkboxes are used we do not know which ones are unchecked.
* That's why we first delete them all (for the given user/group/role
* and afterwards we store the checked ones only.
* @param $content are we storing rights for a user, a group or a role (the database depends on it)
* @param $id the id of the user, group or role
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @version 1.0
*/
function store_permissions($content, $id)
{
$course_id = api_get_course_int_id();
// Which database are we using (depending on the $content parameter)
if ($content == 'user')
{
$table = Database::get_course_table(TABLE_PERMISSION_USER);
$id_field = user_id;
}
if ($content == 'group')
{
$table = Database::get_course_table(TABLE_PERMISSION_GROUP);
$id_field = group_id;
}
if ($content == 'role')
{
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$id_field = role_id;
}
// We first delete all the existing permissions for that user/group/role
$sql = "DELETE FROM $table WHERE c_id = $course_id AND $id_field = '".Database::escape_string($id)."'";
$result = Database::query($sql);
// looping through the post values to find the permission (containing the string permission* )
foreach ($_POST as $key => $value)
{
if (strstr($key, "permission*"))
{
list($brol, $tool, $action) = explode("*", $key);
$sql = "INSERT INTO $table (c_id, $id_field,tool,action) VALUES ($course_id, '".Database::escape_string($id)."','".Database::escape_string($tool)."','".Database::escape_string($action)."')";
$result = Database::query($sql);
}
}
return get_lang('PermissionsStored');
// Which database are we using (depending on the $content parameter)
if ($content == 'user') {
$table = Database::get_course_table(TABLE_PERMISSION_USER);
$id_field = user_id;
}
if ($content == 'group') {
$table = Database::get_course_table(TABLE_PERMISSION_GROUP);
$id_field = group_id;
}
if ($content == 'role') {
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$id_field = role_id;
}
// We first delete all the existing permissions for that user/group/role
$sql = "DELETE FROM $table WHERE c_id = $course_id AND $id_field = '".Database::escape_string($id)."'";
$result = Database::query($sql);
// looping through the post values to find the permission (containing the string permission* )
foreach ($_POST as $key => $value) {
if (strstr($key, "permission*")) {
list($brol, $tool, $action) = explode("*", $key);
$sql = "INSERT INTO $table (c_id, $id_field,tool,action) VALUES ($course_id, '".Database::escape_string($id)."','".Database::escape_string($tool)."','".Database::escape_string($action)."')";
$result = Database::query($sql);
}
}
return get_lang('PermissionsStored');
}
/**
@ -69,51 +65,50 @@ function store_permissions($content, $id) {
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @version 1.0
*/
function store_one_permission($content, $action, $id, $tool, $permission) {
global $rights_full;
function store_one_permission($content, $action, $id, $tool, $permission)
{
global $rights_full;
$course_id = api_get_course_int_id();
// for some reason I don't know, he can't get to the $rights_full array, so commented the following lines out.
// check
//if(!in_array($permission, $rights_full))
//{
// return get_lang('Error');
//}
// Which database are we using (depending on the $content parameter)
if ($content == 'user') {
$table = Database::get_course_table(TABLE_PERMISSION_USER);
$id_field = user_id;
}
if ($content == 'group')
{
$table = Database::get_course_table(TABLE_PERMISSION_GROUP);
$id_field = group_id;
}
if ($content == 'role')
{
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$id_field = role_id;
}
// grating a right
if ($action == 'grant') {
$sql = "INSERT INTO $table (c_id, $id_field,tool,action) VALUES ($course_id, '".Database::escape_string($id)."','".Database::escape_string($tool)."','".Database::escape_string($permission)."')";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('PermissionGranted');
}
}
if ($action == 'revoke')
{
$sql = "DELETE FROM $table WHERE c_id = $course_id AND $id_field = '".Database::escape_string($id)."' AND tool='".Database::escape_string($tool)."' AND action='".Database::escape_string($permission)."'";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('PermissionRevoked');
}
}
return $result_message;
// for some reason I don't know, he can't get to the $rights_full array, so commented the following lines out.
// check
//if(!in_array($permission, $rights_full))
//{
// return get_lang('Error');
//}
// Which database are we using (depending on the $content parameter)
if ($content == 'user') {
$table = Database::get_course_table(TABLE_PERMISSION_USER);
$id_field = user_id;
}
if ($content == 'group') {
$table = Database::get_course_table(TABLE_PERMISSION_GROUP);
$id_field = group_id;
}
if ($content == 'role') {
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$id_field = role_id;
}
// grating a right
if ($action == 'grant') {
$sql = "INSERT INTO $table (c_id, $id_field,tool,action) VALUES ($course_id, '".Database::escape_string($id)."','".Database::escape_string($tool)."','".Database::escape_string($permission)."')";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('PermissionGranted');
}
}
if ($action == 'revoke') {
$sql = "DELETE FROM $table WHERE c_id = $course_id AND $id_field = '".Database::escape_string($id)."' AND tool='".Database::escape_string($tool)."' AND action='".Database::escape_string($permission)."'";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('PermissionRevoked');
}
}
return $result_message;
}
/**
@ -123,49 +118,42 @@ function store_one_permission($content, $action, $id, $tool, $permission) {
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @version 1.0
*/
function get_permissions($content, $id) {
function get_permissions($content, $id)
{
$course_id = api_get_course_int_id();
$currentpermissions = array();
// Which database are we using (depending on the $content parameter)
$currentpermissions = array();
// Which database are we using (depending on the $content parameter)
$course_id_condition = " c_id = $course_id AND ";
if ($content == 'user')
{
$table = Database::get_course_table(TABLE_PERMISSION_USER);
$id_field = 'user_id';
}
elseif ($content == 'group')
{
$table = Database::get_course_table(TABLE_PERMISSION_GROUP);
$id_field = 'group_id';
}
elseif ($content == 'role')
{
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$id_field = 'role_id';
}
elseif ($content == 'platform_role')
{
$table = Database::get_main_table(TABLE_ROLE_PERMISSION);
$id_field = 'role_id';
if ($content == 'user') {
$table = Database::get_course_table(TABLE_PERMISSION_USER);
$id_field = 'user_id';
} elseif ($content == 'group') {
$table = Database::get_course_table(TABLE_PERMISSION_GROUP);
$id_field = 'group_id';
} elseif ($content == 'role') {
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$id_field = 'role_id';
} elseif ($content == 'platform_role') {
$table = Database::get_main_table(TABLE_ROLE_PERMISSION);
$id_field = 'role_id';
$course_id_condition = '';
}
elseif ($content == 'task')
{
$table = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS);
$id_field = 'task_id';
}
// finding all the permissions. We store this in a multidimensional array
// where the first dimension is the tool.
$sql = "
SELECT * FROM " . $table."
WHERE $course_id_condition ".$id_field."='".Database::escape_string($id)."'";
$result = Database::query($sql);
while ($row = Database::fetch_array($result))
$currentpermissions[$row['tool']][] = $row['action'];
return $currentpermissions;
} elseif ($content == 'task') {
$table = Database::get_course_table(TABLE_BLOGS_TASKS_PERMISSIONS);
$id_field = 'task_id';
}
// finding all the permissions. We store this in a multidimensional array
// where the first dimension is the tool.
$sql = "
SELECT * FROM " . $table."
WHERE $course_id_condition ".$id_field."='".Database::escape_string($id)."'";
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
$currentpermissions[$row['tool']][] = $row['action'];
}
return $currentpermissions;
}
/**
@ -179,38 +167,31 @@ function get_permissions($content, $id) {
*/
function limited_or_full($current_permissions)
{
if (api_get_setting('permissions') == 'limited')
{
foreach ($current_permissions as $tool=>$tool_rights)
{
// we loop through the possible permissions of a tool and unset the entry if it is view
// if it is visibility or move we have to grant the edit right
foreach ($tool_rights as $key=>$value)
{
if ($value == 'View')
{
unset($current_permissions[$tool][$key]);
}
if ($value == 'Visibility' OR $value == 'Move')
{
if (!in_array('Edit', $current_permissions[$tool]))
{
$current_permissions[$tool][] = 'Edit';
}
unset($current_permissions[$tool][$key]);
}
//else
//{
// $current_permissions[$tool][]=$value;
//}
}
}
return $current_permissions;
}
if (api_get_setting('permissions') == 'full')
{
return $current_permissions;
}
if (api_get_setting('permissions') == 'limited') {
foreach ($current_permissions as $tool => $tool_rights) {
// we loop through the possible permissions of a tool and unset the entry if it is view
// if it is visibility or move we have to grant the edit right
foreach ($tool_rights as $key => $value) {
if ($value == 'View') {
unset($current_permissions[$tool][$key]);
}
if ($value == 'Visibility' OR $value == 'Move') {
if (!in_array('Edit', $current_permissions[$tool])) {
$current_permissions[$tool][] = 'Edit';
}
unset($current_permissions[$tool][$key]);
}
//else
//{
// $current_permissions[$tool][]=$value;
//}
}
}
return $current_permissions;
}
if (api_get_setting('permissions') == 'full') {
return $current_permissions;
}
}
/**
* This function displays a checked or unchecked checkbox. The checkbox will be checked if the
@ -224,12 +205,12 @@ function limited_or_full($current_permissions)
*/
function display_checkbox_matrix($permission_array, $tool, $permission, $inherited_permissions = array())
{
$checked = "";
if (is_array($permission_array[$tool]) AND in_array($permission, $permission_array[$tool]))
{
$checked = "checked";
}
echo "\t\t\t<input type=\"checkbox\" name=\"permission*$tool*$permission\" $checked>\n";
$checked = "";
if (is_array($permission_array[$tool]) AND in_array($permission, $permission_array[$tool]))
{
$checked = "checked";
}
echo "\t\t\t<input type=\"checkbox\" name=\"permission*$tool*$permission\" $checked>\n";
}
@ -245,62 +226,60 @@ function display_checkbox_matrix($permission_array, $tool, $permission, $inherit
*/
function display_image_matrix($permission_array, $tool, $permission, $inherited_permissions = array(), $course_admin = false, $editable = true)
{
if ($course_admin) {
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
} else {
if (in_array($permission, $inherited_permissions[$tool])) {
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
} else {
if (is_array($permission_array[$tool]) AND in_array($permission, $permission_array[$tool])) {
if ($editable) {
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key=>$value) {
$parameter[$key] = $value;
}
$parameter['action'] = 'revoke';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
foreach ($parameter as $key=>$value) {
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/checkbox_on2.gif\" border=\"0\"/>";
if ($editable) {
echo "</a>";
}
} else {
if ($editable)
{
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key=>$value)
{
$parameter[$key] = $value;
}
$parameter['action'] = 'grant';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
foreach ($parameter as $key=>$value)
{
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
//echo "\t\t\t <a href=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."&amp;action=grant&amp;permission=$permission&amp;tool=$tool\">";
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/wrong.gif\" border=\"0\"/>";
if ($editable)
{
echo "</a>";
}
}
}
}
if ($course_admin) {
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
} else {
if (in_array($permission, $inherited_permissions[$tool])) {
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
} else {
if (is_array($permission_array[$tool]) AND in_array($permission, $permission_array[$tool])) {
if ($editable) {
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key=>$value) {
$parameter[$key] = $value;
}
$parameter['action'] = 'revoke';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
foreach ($parameter as $key=>$value) {
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/checkbox_on2.gif\" border=\"0\"/>";
if ($editable) {
echo "</a>";
}
} else {
if ($editable)
{
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key => $value) {
$parameter[$key] = $value;
}
$parameter['action'] = 'grant';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
foreach ($parameter as $key => $value) {
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
//echo "\t\t\t <a href=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."&amp;action=grant&amp;permission=$permission&amp;tool=$tool\">";
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/wrong.gif\" border=\"0\"/>";
if ($editable)
{
echo "</a>";
}
}
}
}
}
@ -317,73 +296,64 @@ function display_image_matrix($permission_array, $tool, $permission, $inherited_
*/
function display_image_matrix_for_blogs($permission_array, $user_id, $tool, $permission, $inherited_permissions = array(), $course_admin = false, $editable = true)
{
if ($course_admin)
{
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
}
else
{
if (!empty($inherited_permissions) and in_array($permission, $inherited_permissions[$tool]))
{
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
}
else
{
if (is_array($permission_array[$tool]) AND in_array($permission, $permission_array[$tool]))
{
if ($editable)
{
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key => $value)
{
$parameter[$key] = $value;
}
$parameter['action'] = 'manage_rights';
$parameter['do'] = 'revoke';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
$parameter['user_id'] = $user_id;
foreach ($parameter as $key=>$value)
{
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/checkbox_on2.gif\" border=\"0\"/ title=\"".get_lang('UserHasPermission')."\">";
if ($editable) {
echo "</a>";
}
} else {
if ($editable) {
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key=>$value) {
$parameter[$key] = $value;
}
$parameter['action'] = 'manage_rights';
$parameter['do'] = 'grant';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
$parameter['user_id'] = $user_id;
foreach ($parameter as $key=>$value) {
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
//echo "\t\t\t <a href=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."&amp;action=grant&amp;permission=$permission&amp;tool=$tool\">";
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/wrong.gif\" border=\"0\"/ title=\"".get_lang('UserHasPermissionNot')."\">";
if ($editable) {
echo "</a>";
}
}
}
}
if ($course_admin) {
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
} else {
if (!empty($inherited_permissions) and in_array($permission, $inherited_permissions[$tool])) {
echo "\t\t\t<img src=\"../img/checkbox_on3.gif\" border=\"0\"/ title=\"".get_lang('PermissionGrantedByGroupOrRole')."\">";
} else {
if (is_array($permission_array[$tool]) AND in_array($permission, $permission_array[$tool])) {
if ($editable) {
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key => $value)
{
$parameter[$key] = $value;
}
$parameter['action'] = 'manage_rights';
$parameter['do'] = 'revoke';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
$parameter['user_id'] = $user_id;
foreach ($parameter as $key=>$value)
{
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/checkbox_on2.gif\" border=\"0\"/ title=\"".get_lang('UserHasPermission')."\">";
if ($editable) {
echo "</a>";
}
} else {
if ($editable) {
$url = api_get_self();
$urlparameters = '';
foreach ($_GET as $key => $value) {
$parameter[$key] = $value;
}
$parameter['action'] = 'manage_rights';
$parameter['do'] = 'grant';
$parameter['permission'] = $permission;
$parameter['tool'] = $tool;
$parameter['user_id'] = $user_id;
foreach ($parameter as $key=>$value) {
$urlparameters .= $key.'='.$value.'&amp;';
}
$url = $url.'?'.$urlparameters;
//echo "\t\t\t <a href=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."&amp;action=grant&amp;permission=$permission&amp;tool=$tool\">";
echo "\t\t\t <a href=\"".$url."\">";
}
echo "<img src=\"../img/wrong.gif\" border=\"0\"/ title=\"".get_lang('UserHasPermissionNot')."\">";
if ($editable) {
echo "</a>";
}
}
}
}
}
@ -394,41 +364,35 @@ function display_image_matrix_for_blogs($permission_array, $user_id, $tool, $per
*/
function display_role_list($current_course_roles, $current_platform_roles)
{
global $setting_visualisation;
global $setting_visualisation;
$course_id = api_get_course_int_id();
$coures_roles_table = Database::get_course_table(TABLE_ROLE);
// course roles
$sql = "SELECT * FROM $coures_roles_table WHERE c_id = $course_id ";
$result = Database::query($sql);
while ($row = Database::fetch_array($result))
{
if (in_array($row['role_id'], $current_course_roles))
{
$checked = 'checked';
$image = 'checkbox_on2.gif';
$action = 'revoke';
}
else
{
$checked = '';
$image = 'wrong.gif';
$action = 'grant';
}
if ($setting_visualisation == 'checkbox')
{
echo "<input type=\"checkbox\" name=\"role*course*".$row['role_id']."\" $checked>";
}
if ($setting_visualisation == 'image')
{
echo "<a href=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."&amp;action=$action&amp;role=".$row['role_id']."&amp;scope=course\"><img src=\"../img/".$image."\" border=\"0\"/></a>";
}
echo $row['role_name']." <a href=\"../permissions/roles.php?role_id=".$row['role_id']."&amp;scope=course\"><img src=\"../img/edit.gif\" /></a><br />\n";
echo $row['role_comment']."<br />\n";
}
$coures_roles_table = Database::get_course_table(TABLE_ROLE);
// course roles
$sql = "SELECT * FROM $coures_roles_table WHERE c_id = $course_id ";
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
if (in_array($row['role_id'], $current_course_roles)) {
$checked = 'checked';
$image = 'checkbox_on2.gif';
$action = 'revoke';
} else {
$checked = '';
$image = 'wrong.gif';
$action = 'grant';
}
if ($setting_visualisation == 'checkbox') {
echo "<input type=\"checkbox\" name=\"role*course*".$row['role_id']."\" $checked>";
}
if ($setting_visualisation == 'image') {
echo "<a href=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."&amp;action=$action&amp;role=".$row['role_id']."&amp;scope=course\"><img src=\"../img/".$image."\" border=\"0\"/></a>";
}
echo $row['role_name']." <a href=\"../permissions/roles.php?role_id=".$row['role_id']."&amp;scope=course\"><img src=\"../img/edit.gif\" /></a><br />\n";
echo $row['role_comment']."<br />\n";
}
}
/**
@ -440,26 +404,27 @@ function display_role_list($current_course_roles, $current_platform_roles)
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @version 1.0
*/
function get_roles($content, $id, $scope = 'course') {
$course_id = api_get_course_int_id();
if ($content == 'user') {
$table = Database::get_course_table(TABLE_ROLE_USER);
$id_field = user_id;
}
if ($content == 'group') {
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$id_field = 'group_id';
}
$table_role = Database::get_course_table(TABLE_ROLE);
$current_roles = array();
//$sql="SELECT role.role_id FROM $table role_group_user, $table_role role WHERE role_group_user.$id_field = '$id' AND role_group_user.role_id=role.role_id AND role_group_user.scope='".$scope."'";$sql="SELECT role.role_id FROM $table role_group_user, $table_role role WHERE role_group_user.$id_field = '$id' AND role_group_user.role_id=role.role_id AND role_group_user.scope='".$scope."'";
$sql = "SELECT role_id FROM $table WHERE c_id = $course_id AND $id_field = '$id' AND scope='".$scope."'";
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
$current_roles[] = $row['role_id'];
}
return $current_roles;
function get_roles($content, $id, $scope = 'course')
{
$course_id = api_get_course_int_id();
if ($content == 'user') {
$table = Database::get_course_table(TABLE_ROLE_USER);
$id_field = user_id;
}
if ($content == 'group') {
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$id_field = 'group_id';
}
$table_role = Database::get_course_table(TABLE_ROLE);
$current_roles = array();
//$sql="SELECT role.role_id FROM $table role_group_user, $table_role role WHERE role_group_user.$id_field = '$id' AND role_group_user.role_id=role.role_id AND role_group_user.scope='".$scope."'";$sql="SELECT role.role_id FROM $table role_group_user, $table_role role WHERE role_group_user.$id_field = '$id' AND role_group_user.role_id=role.role_id AND role_group_user.scope='".$scope."'";
$sql = "SELECT role_id FROM $table WHERE c_id = $course_id AND $id_field = '$id' AND scope='".$scope."'";
$result = Database::query($sql);
while ($row = Database::fetch_array($result)) {
$current_roles[] = $row['role_id'];
}
return $current_roles;
}
/**
@ -471,28 +436,27 @@ function get_roles($content, $id, $scope = 'course') {
function get_all_roles($content = 'course') {
$course_id = api_get_course_int_id();
$course_id_condition = " WHERE c_id = $course_id ";
if ($content == 'course')
{
$table_role = Database::get_course_table(TABLE_ROLE);
}
if ($content == 'platform')
{
$table_role = Database::get_main_table(TABLE_ROLE);
$course_id_condition = '';
}
$current_roles = array();
$sql = "SELECT * FROM $table_role $course_id_condition ";
$result = Database::query($sql);
while ($row = Database::fetch_array($result))
{
$roles[] = $row;
}
return $roles;
}
if ($content == 'course')
{
$table_role = Database::get_course_table(TABLE_ROLE);
}
if ($content == 'platform')
{
$table_role = Database::get_main_table(TABLE_ROLE);
$course_id_condition = '';
}
$current_roles = array();
$sql = "SELECT * FROM $table_role $course_id_condition ";
$result = Database::query($sql);
while ($row = Database::fetch_array($result))
{
$roles[] = $row;
}
return $roles;
}
/**
* This function gets all the roles that are defined
@ -504,55 +468,54 @@ function get_all_roles($content = 'course') {
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
* @version 1.0
*/
function get_roles_permissions($content, $id, $scope = 'course') {
function get_roles_permissions($content, $id, $scope = 'course')
{
$course_id = api_get_course_int_id();
if ($content == 'user') {
$table = Database::get_course_table(TABLE_ROLE_USER);
$id_field = 'user_id';
}
if ($content == 'group') {
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$id_field = 'group_id';
}
// course roles or platform roles
$scope = 'course';
if ($scope == 'course') {
$table_role = Database::get_course_table(TABLE_ROLE);
$table_role_permissions = Database::get_course_table(TABLE_ROLE_PERMISSION);
if ($content == 'user') {
$table = Database::get_course_table(TABLE_ROLE_USER);
$id_field = 'user_id';
}
if ($content == 'group') {
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$id_field = 'group_id';
}
// course roles or platform roles
$scope = 'course';
if ($scope == 'course') {
$table_role = Database::get_course_table(TABLE_ROLE);
$table_role_permissions = Database::get_course_table(TABLE_ROLE_PERMISSION);
$role_condition = " role.c_id = $course_id AND role_permissions.c_id = $course_id AND ";
}
}
if ($scope == 'platform') {
$table_role = Database::get_main_table(TABLE_ROLE);
$table_role_permissions = Database::get_main_table(TABLE_ROLE_PERMISSION);
if ($scope == 'platform') {
$table_role = Database::get_main_table(TABLE_ROLE);
$table_role_permissions = Database::get_main_table(TABLE_ROLE_PERMISSION);
$role_condition = '';
}
$current_roles = array();
$sql = "
SELECT *
FROM
" . $table." role_group_user,
" . $table_role." role,
" . $table_role_permissions." role_permissions
WHERE
role_group_user.c_id = $course_id AND
$role_condition
role_group_user.scope = '".$scope."' AND
role_group_user." . $id_field." = '".$id."' AND
role_group_user.role_id = role.role_id AND
role.role_id = role_permissions.role_id";
$result = Database::query($sql);
}
$sql = "
SELECT *
FROM
" . $table." role_group_user,
" . $table_role." role,
" . $table_role_permissions." role_permissions
WHERE
role_group_user.c_id = $course_id AND
$role_condition
role_group_user.scope = '".$scope."' AND
role_group_user." . $id_field." = '".$id."' AND
role_group_user.role_id = role.role_id AND
role.role_id = role_permissions.role_id";
$result = Database::query($sql);
$current_role_permissions = array();
while ($row = Database::fetch_array($result)) {
$current_role_permissions[$row['tool']][] = $row['action'];
while ($row = Database::fetch_array($result)) {
$current_role_permissions[$row['tool']][] = $row['action'];
}
return $current_role_permissions;
return $current_role_permissions;
}
/**
@ -563,61 +526,59 @@ function get_roles_permissions($content, $id, $scope = 'course') {
* @param $role_id the id of the role we are giving to a user or a group.
* @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
*/
function assign_role($content, $action, $id, $role_id, $scope = 'course') {
function assign_role($content, $action, $id, $role_id, $scope = 'course')
{
$course_id = api_get_course_int_id();
// Which database are we using (depending on the $content parameter)
if ($content == 'user') {
$table = Database::get_course_table(TABLE_ROLE_USER);
$id_field = 'user_id';
} elseif ($content == 'group') {
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$id_field = 'group_id';
} else {
return get_lang('Error');
}
// grating a right
if ($action == 'grant') {
$sql = "INSERT INTO $table (c_id, role_id, scope, $id_field) VALUES ($course_id, '".Database::escape_string($role_id)."','".Database::escape_string($scope)."','".Database::escape_string($id)."')";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('RoleGranted');
}
}
if ($action == 'revoke') {
$sql = "DELETE FROM $table WHERE c_id = $course_id AND $id_field = '".Database::escape_string($id)."' AND role_id='".Database::escape_string($role_id)."'";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('RoleRevoked');
}
}
return $result_message;
// Which database are we using (depending on the $content parameter)
if ($content == 'user') {
$table = Database::get_course_table(TABLE_ROLE_USER);
$id_field = 'user_id';
} elseif ($content == 'group') {
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$id_field = 'group_id';
} else {
return get_lang('Error');
}
// grating a right
if ($action == 'grant') {
$sql = "INSERT INTO $table (c_id, role_id, scope, $id_field) VALUES ($course_id, '".Database::escape_string($role_id)."','".Database::escape_string($scope)."','".Database::escape_string($id)."')";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('RoleGranted');
}
}
if ($action == 'revoke') {
$sql = "DELETE FROM $table WHERE c_id = $course_id AND $id_field = '".Database::escape_string($id)."' AND role_id='".Database::escape_string($role_id)."'";
$result = Database::query($sql);
if ($result) {
$result_message = get_lang('RoleRevoked');
}
}
return $result_message;
}
/**
* This function merges permission arrays. Each permission array has the following structure
* a permission array has a tool contanst as a key and an array as a value. This value array consists of all the permissions that are granted in that tool.
*/
* This function merges permission arrays. Each permission array has the
* following structure
* a permission array has a tool contanst as a key and an array as a value.
* This value array consists of all the permissions that are granted in that tool.
*/
function permission_array_merge($array1, $array2)
{
foreach ($array2 as $tool=>$permissions)
{
foreach ($permissions as $permissionkey=>$permissionvalue)
{
$array1[$tool][] = $permissionvalue;
}
}
return $array1;
foreach ($array2 as $tool => $permissions) {
foreach ($permissions as $permissionkey => $permissionvalue) {
$array1[$tool][] = $permissionvalue;
}
}
return $array1;
}
function my_print_r($array)
{
echo '<pre>';
print_r($array);
echo '</pre>';
}
?>
echo '<pre>';
print_r($array);
echo '</pre>';
}

402
main/permissions/roles.php
Unescape View File

@ -2,9 +2,7 @@
/**
* @package chamilo.permissions
*/
/**
* Code
*/
require '../inc/global.inc.php';
require_once 'permissions_functions.inc.php';
require_once 'all_permissions.inc.php';
@ -18,56 +16,56 @@ Display::display_header($tool_name);
// storing all the permission for a given role when the checkbox approach is used
if ($_POST['StoreRolePermissions'])
{
if (!empty($_POST['role_name']))
{
$table_role = Database::get_course_table(TABLE_ROLE);
$sql = "INSERT INTO $table_role (role_name, role_comment, default_role)
VALUES ('".Database::escape_string($_POST['role_name'])."','".Database::escape_string($_POST['role_comment'])."','".Database::escape_string($_POST['default_role'])."')";
$result = Database::query($sql);
$role_id = Database::insert_id();
$result_message = store_permissions('role', $role_id);
}
else
{
$result_message = get_lang('ErrorPleaseGiveRoleName');
}
if (!empty($_POST['role_name']))
{
$table_role = Database::get_course_table(TABLE_ROLE);
$sql = "INSERT INTO $table_role (role_name, role_comment, default_role)
VALUES ('".Database::escape_string($_POST['role_name'])."','".Database::escape_string($_POST['role_comment'])."','".Database::escape_string($_POST['default_role'])."')";
$result = Database::query($sql);
$role_id = Database::insert_id();
$result_message = store_permissions('role', $role_id);
}
else
{
$result_message = get_lang('ErrorPleaseGiveRoleName');
}
}
// storing a permission for a given role when the image approach is used
if (isset($_GET['action']) AND isset($_GET['permission']) AND isset($_GET['tool']))
{
if ($_GET['action'] == 'grant' OR $_GET['action'] == 'revoke')
{
$result_message = store_one_permission('role', $_GET['action'], $role_id, $_GET['tool'], $_GET['permission']);
}
if ($_GET['action'] == 'grant' OR $_GET['action'] == 'revoke')
{
$result_message = store_one_permission('role', $_GET['action'], $role_id, $_GET['tool'], $_GET['permission']);
}
}
// deleting a role
if (isset($_GET['action']) AND isset($_GET['role_id']) AND $_GET['action'] == 'delete') {
//deleting the assignments fo this role: users
$table = Database::get_course_table(TABLE_ROLE_USER);
$sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
// deleting the assignments of this role: groups
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
// deleting the permissions of this role
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
// deleting the role
$table_role = Database::get_course_table(TABLE_ROLE);
$sql = "DELETE FROM $table_role WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
$result_message = get_lang('RoleDeleted');
//deleting the assignments fo this role: users
$table = Database::get_course_table(TABLE_ROLE_USER);
$sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
// deleting the assignments of this role: groups
$table = Database::get_course_table(TABLE_ROLE_GROUP);
$sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
// deleting the permissions of this role
$table = Database::get_course_table(TABLE_ROLE_PERMISSION);
$sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
// deleting the role
$table_role = Database::get_course_table(TABLE_ROLE);
$sql = "DELETE FROM $table_role WHERE role_id='".intval($_GET['role_id'])."'";
$result = Database::query($sql);
$result_message = get_lang('RoleDeleted');
}
// displaying the return message of the actions
if (isset($result_message)) {
Display::display_normal_message($result_message);
Display::display_normal_message($result_message);
}
// ADDING A NEW ROLE (FORM AND LINK)
@ -75,186 +73,172 @@ echo '<img src="../img/add.png" /> <a href="roles.php?action=add">'.get_lang('Ad
if ($_GET['action'] == 'add')
{
echo "<form method=\"post\" action=\"".api_get_self()."\">";
echo "\n<table>";
echo "\n\t<tr>";
echo "\n\t\t<td>";
echo get_lang('RoleName');
echo "\n\t\t</td>";
echo "\n\t\t<td>";
echo "\n\t\t\t<input type='text' name='role_name'>";
echo "\n\t\t</td>";
echo "\n\t</tr>";
echo "\n\t<tr>";
echo "\n\t\t<td>";
echo get_lang('RoleComment');
echo "\n\t\t</td>";
echo "\n\t\t<td>";
echo "\n\t\t\t<textarea name='role_comment'></textarea>";
echo "\n\t\t</td>";
echo "\n\t</tr>";
echo "\n\t<tr>";
echo "\n\t\t<td>";
echo get_lang('DefaultRole');
echo "\n\t\t</td>";
echo "\n\t\t<td>";
echo "\n\t\t\t<input type=\"checkbox\" name=\"default_role\" value=\"1\">";
echo "\n\t\t</td>";
echo "\n\t</tr>";
echo "\n</table>";
echo "<table class=\"data_table\">\n";
// the header
if (api_get_setting('permissions') == 'limited')
{
$header_array = $rights_limited;
}
if (api_get_setting('permissions') == 'full')
{
$header_array = $rights_full;
}
echo "\t<tr>\n";
echo "\t\t<th>".get_lang('Module')."</th>\n";
foreach ($header_array as $header_key=>$header_value)
{
echo "\t\t<th>".get_lang($header_value)."</th>\n";
}
echo "\t</tr>\n";
// the main area with the checkboxes or images
foreach ($tool_rights as $tool=>$rights) // $tool_rights contains all the possible tools and their rights
{
echo "\t<tr>\n";
echo "\t\t<td>\n";
echo get_lang($tool);
echo "\t\t</td>\n";
foreach ($header_array as $key=>$value)
{
echo "\t\t<td align='center'>\n";
display_checkbox_matrix(array(), $tool, $value);
echo "\t\t</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";
echo "<input type=\"Submit\" name=\"StoreRolePermissions\" value=\"".get_lang('StorePermissions')."\">";
echo "</form>";
echo "<form method=\"post\" action=\"".api_get_self()."\">";
echo "\n<table>";
echo "\n\t<tr>";
echo "\n\t\t<td>";
echo get_lang('RoleName');
echo "\n\t\t</td>";
echo "\n\t\t<td>";
echo "\n\t\t\t<input type='text' name='role_name'>";
echo "\n\t\t</td>";
echo "\n\t</tr>";
echo "\n\t<tr>";
echo "\n\t\t<td>";
echo get_lang('RoleComment');
echo "\n\t\t</td>";
echo "\n\t\t<td>";
echo "\n\t\t\t<textarea name='role_comment'></textarea>";
echo "\n\t\t</td>";
echo "\n\t</tr>";
echo "\n\t<tr>";
echo "\n\t\t<td>";
echo get_lang('DefaultRole');
echo "\n\t\t</td>";
echo "\n\t\t<td>";
echo "\n\t\t\t<input type=\"checkbox\" name=\"default_role\" value=\"1\">";
echo "\n\t\t</td>";
echo "\n\t</tr>";
echo "\n</table>";
echo "<table class=\"data_table\">\n";
// the header
if (api_get_setting('permissions') == 'limited') {
$header_array = $rights_limited;
}
if (api_get_setting('permissions') == 'full') {
$header_array = $rights_full;
}
echo "\t<tr>\n";
echo "\t\t<th>".get_lang('Module')."</th>\n";
foreach ($header_array as $header_key => $header_value) {
echo "\t\t<th>".get_lang($header_value)."</th>\n";
}
echo "\t</tr>\n";
// the main area with the checkboxes or images
foreach ($tool_rights as $tool=>$rights) // $tool_rights contains all the possible tools and their rights
{
echo "\t<tr>\n";
echo "\t\t<td>\n";
echo get_lang($tool);
echo "\t\t</td>\n";
foreach ($header_array as $key => $value) {
echo "\t\t<td align='center'>\n";
display_checkbox_matrix(array(), $tool, $value);
echo "\t\t</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";
echo "<input type=\"Submit\" name=\"StoreRolePermissions\" value=\"".get_lang('StorePermissions')."\">";
echo "</form>";
}
// ===================================================
// DISPLAYING THE EXISTING ROLES
// ===================================================
// platform roles
$all_roles = get_all_roles('platform');
foreach ($all_roles as $role)
{
echo '<div><a href="roles.php?action=view&amp;role_id='.$role['role_id'].'&amp;scope=platform">'.$role['role_name'].'</a></div>';
echo '<div>'.$role['role_comment'].'</div><br />';
if ($role['role_id'] == $_GET['role_id'])
{
$current_role_info = $role;
}
echo '<div><a href="roles.php?action=view&amp;role_id='.$role['role_id'].'&amp;scope=platform">'.$role['role_name'].'</a></div>';
echo '<div>'.$role['role_comment'].'</div><br />';
if ($role['role_id'] == $_GET['role_id'])
{
$current_role_info = $role;
}
}
// course roles
$all_roles = get_all_roles();
foreach ($all_roles as $role)
{
echo '<div><a href="roles.php?action=view&amp;role_id='.$role['role_id'].'">'.$role['role_name'].'</a><a href="roles.php?action=delete&amp;role_id='.$role['role_id'].'"><img src="../img/delete.gif" /></a></div>';
echo '<div>'.$role['role_comment'].'</div><br />';
if ($role['role_id'] == $_GET['role_id'])
{
$current_role_info = $role;
}
foreach ($all_roles as $role) {
echo '<div><a href="roles.php?action=view&amp;role_id='.$role['role_id'].'">'.$role['role_name'].'</a><a href="roles.php?action=delete&amp;role_id='.$role['role_id'].'"><img src="../img/delete.gif" /></a></div>';
echo '<div>'.$role['role_comment'].'</div><br />';
if ($role['role_id'] == $_GET['role_id'])
{
$current_role_info = $role;
}
}
// ===================================================
// DISPLAYING THE PERMISSIONS OF A GIVEN ROLE
// ===================================================
if ($_GET['role_id'])
{
$current_role_permissions = get_permissions('role', $_GET['role_id']);
// ---------------------------------------------------
// LIMITED OR FULL
// ---------------------------------------------------
$current_role_permissions = limited_or_full($current_role_permissions);
if (api_get_setting('permissions') == 'limited')
{
$header_array = $rights_limited;
}
if (api_get_setting('permissions') == 'full')
{
$header_array = $rights_full;
}
// ---------------------------------------------------
// DISPLAYING THE MATRIX
// ---------------------------------------------------
echo "<form method=\"post\" action=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."\">";
// the list of the roles for the user
echo get_lang('PermissionsOfRole').':'.$current_role_info['role_name'].'<br />';
if ($_GET['scope'] == 'platform')
{
echo get_lang('IsPlatformRoleNotEditable').'<br />';
}
echo "<table class=\"data_table\">\n";
// the header
echo "\t<tr>\n";
echo "\t\t<th>".get_lang('Module')."</th>\n";
foreach ($header_array as $header_key=>$header_value)
{
echo "\t\t<th>".get_lang($header_value)."</th>\n";
}
echo "\t</tr>\n";
// the main area with the checkboxes or images
foreach ($tool_rights as $tool=>$rights) // $tool_rights contains all the possible tools and their rights
{
echo "\t<tr>\n";
echo "\t\t<td>\n";
echo get_lang($tool);
echo "\t\t</td>\n";
foreach ($header_array as $key=>$value)
{
echo "\t\t<td align='center'>\n";
if (in_array($value, $rights))
{
if ($setting_visualisation == 'checkbox')
{
display_checkbox_matrix($current_role_permissions, $tool, $value);
}
if ($setting_visualisation == 'image')
{
if ($_GET['scope'] == 'platform')
{
$roles_editable = false;
}
else
{
$roles_editable = true;
}
display_image_matrix($current_role_permissions, $tool, $value, '', '', $roles_editable);
}
}
echo "\t\t</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";
if ($setting_visualisation == 'checkbox')
{
echo "<input type=\"Submit\" name=\"StoreRolePermissions\" value=\"".get_lang('StorePermissions')."\">";
}
echo "</form>";
if ($_GET['role_id']) {
$current_role_permissions = get_permissions('role', $_GET['role_id']);
// LIMITED OR FULL
$current_role_permissions = limited_or_full($current_role_permissions);
if (api_get_setting('permissions') == 'limited')
{
$header_array = $rights_limited;
}
if (api_get_setting('permissions') == 'full')
{
$header_array = $rights_full;
}
// ---------------------------------------------------
// DISPLAYING THE MATRIX
// ---------------------------------------------------
echo "<form method=\"post\" action=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."\">";
// the list of the roles for the user
echo get_lang('PermissionsOfRole').':'.$current_role_info['role_name'].'<br />';
if ($_GET['scope'] == 'platform')
{
echo get_lang('IsPlatformRoleNotEditable').'<br />';
}
echo "<table class=\"data_table\">\n";
// the header
echo "\t<tr>\n";
echo "\t\t<th>".get_lang('Module')."</th>\n";
foreach ($header_array as $header_key => $header_value) {
echo "\t\t<th>".get_lang($header_value)."</th>\n";
}
echo "\t</tr>\n";
// the main area with the checkboxes or images
foreach ($tool_rights as $tool=>$rights) // $tool_rights contains all the possible tools and their rights
{
echo "\t<tr>\n";
echo "\t\t<td>\n";
echo get_lang($tool);
echo "\t\t</td>\n";
foreach ($header_array as $key => $value) {
echo "\t\t<td align='center'>\n";
if (in_array($value, $rights)) {
if ($setting_visualisation == 'checkbox') {
display_checkbox_matrix(
$current_role_permissions,
$tool,
$value
);
}
if ($setting_visualisation == 'image') {
if ($_GET['scope'] == 'platform') {
$roles_editable = false;
} else {
$roles_editable = true;
}
display_image_matrix(
$current_role_permissions,
$tool,
$value,
'',
'',
$roles_editable
);
}
}
echo "\t\t</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";
if ($setting_visualisation == 'checkbox') {
echo "<input type=\"Submit\" name=\"StoreRolePermissions\" value=\"".get_lang('StorePermissions')."\">";
}
echo "</form>";
}
Display::display_footer();

228
main/permissions/user_permissions.inc.php
Unescape View File

@ -2,43 +2,35 @@
/**
* @package chamilo.permissions
*/
/**
* Code
*/
$user_id=$userIdViewed;
if ($mainUserInfo['status']==1)
{
$course_admin=1;
$user_id = $userIdViewed;
if ($mainUserInfo['status'] == 1) {
$course_admin = 1;
}
include_once('permissions_functions.inc.php');
include_once('all_permissions.inc.php');
include_once (api_get_library_path()."/groupmanager.lib.php");
include_once (api_get_library_path()."/blog.lib.php");
// ---------------------------------------------------
// ACTIONS
// ---------------------------------------------------
if ($_POST['StoreUserPermissions'] and $setting_visualisation=='checkbox')
{
$result_message=store_permissions('user', $user_id);
if ($result_message)
{
Display::display_normal_message($result_message);
}
if ($_POST['StoreUserPermissions'] and $setting_visualisation == 'checkbox') {
$result_message = store_permissions('user', $user_id);
if ($result_message) {
Display::display_normal_message($result_message);
}
}
if (isset($_GET['action']))
{
if ( isset($_GET['permission']) AND isset($_GET['tool']) AND ($_GET['action']=='grant' OR $_GET['action']=='revoke'))
{
$result_message=store_one_permission('user', $_GET['action'], $user_id, $_GET['tool'], $_GET['permission']);
}
if (isset($_GET['role']) AND ($_GET['action']=='grant' OR $_GET['action']=='revoke'))
{
$result_message=assign_role('user', $_GET['action'], $user_id, $_GET['role'], $_GET['scope']);
}
if (isset($_GET['action'])) {
if ( isset($_GET['permission']) AND isset($_GET['tool']) AND ($_GET['action']=='grant' OR $_GET['action']=='revoke'))
{
$result_message=store_one_permission('user', $_GET['action'], $user_id, $_GET['tool'], $_GET['permission']);
}
if (isset($_GET['role']) AND ($_GET['action']=='grant' OR $_GET['action']=='revoke'))
{
$result_message=assign_role('user', $_GET['action'], $user_id, $_GET['role'], $_GET['scope']);
}
}
if (isset($result_message))
{
Display::display_normal_message($result_message);
if (isset($result_message)) {
Display::display_normal_message($result_message);
}
// ---------------------------------------------------
@ -55,73 +47,68 @@ $groups_of_user=array();
$groups_of_user=GroupManager::get_group_ids($_course['real_id'],$user_id);
foreach ($groups_of_user as $group)
{
$this_group_permissions=get_permissions('group',$group);
foreach ($this_group_permissions as $tool=>$permissions)
{
foreach ($permissions as $permission)
{
$inherited_group_permissions[$tool][]=$permission;
}
}
$this_group_permissions=get_permissions('group',$group);
foreach ($this_group_permissions as $tool=>$permissions)
{
foreach ($permissions as $permission)
{
$inherited_group_permissions[$tool][]=$permission;
}
}
}
$inherited_permissions=$inherited_group_permissions;
// RETRIEVING THE PERMISSIONS OF THE ROLES OF THE USER
if (api_get_setting('user_roles')=='true') {
// course roles that are assigned to the user
$current_user_role_permissions_of_user=get_roles_permissions('user',$user_id);
$inherited_permissions=permission_array_merge($inherited_permissions,$current_user_role_permissions_of_user);
// NOTE: deze array moet nog gemerged worden met de $inherited_permissions array
// (heet momenteel nog $current_group_permissions_of_user omdat voorlopig enkel de
// groepsge<EFBFBD>rfde permissions in beschouwing worden genomen
// dit moet ook de rol permissies van rollen die toegekend worden aan een gebruiker
// en de rol permissies van rollen die toegekend worden aan de groepen van een gebruiker
// omvatten.
// NOTE: checken als de rollen brol wel degelijk geactiveerd is voordat we dit allemaal
// ophalen.
// platform roles that are assigned to the user
$current_user_role_permissions_of_user=get_roles_permissions('user',$user_id, 'platform');
$inherited_permissions=permission_array_merge($inherited_permissions,$current_user_role_permissions_of_user);
// course roles that are assigned to the user
$current_user_role_permissions_of_user=get_roles_permissions('user',$user_id);
$inherited_permissions=permission_array_merge($inherited_permissions,$current_user_role_permissions_of_user);
// NOTE: deze array moet nog gemerged worden met de $inherited_permissions array
// (heet momenteel nog $current_group_permissions_of_user omdat voorlopig enkel de
// groepsge<EFBFBD>rfde permissions in beschouwing worden genomen
// dit moet ook de rol permissies van rollen die toegekend worden aan een gebruiker
// en de rol permissies van rollen die toegekend worden aan de groepen van een gebruiker
// omvatten.
// NOTE: checken als de rollen brol wel degelijk geactiveerd is voordat we dit allemaal
// ophalen.
// platform roles that are assigned to the user
$current_user_role_permissions_of_user=get_roles_permissions('user',$user_id, 'platform');
$inherited_permissions=permission_array_merge($inherited_permissions,$current_user_role_permissions_of_user);
}
// RETRIEVING THE PERMISSIONS OF THE ROLES OF THE GROUPS OF THE USER
if (api_get_setting('group_roles')=='true')
{
// NOTE: DIT MOET NOG VERDER UITGEWERKT WORDEN
foreach ($groups_of_user as $group)
{
$this_current_group_role_permissions_of_user=get_roles_permissions('user',$user_id);
//$inherited_permissions[$tool][]=$permission;
}
// NOTE: DIT MOET NOG VERDER UITGEWERKT WORDEN
foreach ($groups_of_user as $group)
{
$this_current_group_role_permissions_of_user=get_roles_permissions('user',$user_id);
//$inherited_permissions[$tool][]=$permission;
}
}
// ---------------------------------------------------
// LIMITED OR FULL
// ---------------------------------------------------
$current_user_permissions=limited_or_full($current_user_permissions);
$inherited_permissions=limited_or_full($inherited_permissions);
if (api_get_setting('permissions')=='limited')
{
$header_array=$rights_limited;
$header_array=$rights_limited;
}
if (api_get_setting('permissions')=='full')
{
$header_array=$rights_full;
$header_array=$rights_full;
}
echo "<form method=\"post\" action=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."\">";
// ---------------------------------------------------
// DISPLAYING THE ROLES LIST
// ---------------------------------------------------
if (api_get_setting('user_roles')=='true')
{
// the list of the roles for the user
echo '<strong>'.get_lang('UserRoles').'</strong><br />';
$current_user_course_roles=get_roles('user',$user_id);
$current_user_platform_roles=get_roles('user',$user_id, 'platform');
display_role_list($current_user_course_roles, $current_user_platform_roles);
echo '<br />';
// the list of the roles for the user
echo '<strong>'.get_lang('UserRoles').'</strong><br />';
$current_user_course_roles=get_roles('user',$user_id);
$current_user_platform_roles=get_roles('user',$user_id, 'platform');
display_role_list($current_user_course_roles, $current_user_platform_roles);
echo '<br />';
}
// ---------------------------------------------------
@ -135,68 +122,67 @@ echo "\t<tr>\n";
echo "\t\t<th>".get_lang('Module')."</th>\n";
foreach ($header_array as $header_key=>$header_value)
{
echo "\t\t<th>".get_lang($header_value)."</th>\n";
echo "\t\t<th>".get_lang($header_value)."</th>\n";
}
echo "\t</tr>\n";
// the main area with the checkboxes or images
foreach ($tool_rights as $tool=>$rights) // $tool_rights contains all the possible tools and their rights
{
echo "\t<tr>\n";
echo "\t\t<td>\n";
if (strstr($tool,'BLOG'))
{
// Not dealing with a real tool here, get name of this blog
// Strip blog id
$tmp = strpos($tool,'_')+1;
$blog_id = substr($tool,$tmp,strlen($tool));
// Get title
echo get_lang('Blog').": ".Blog::getBlogTitle($blog_id);
}
else
{
echo get_lang($tool);
}
echo "\t\t</td>\n";
foreach ($header_array as $key=>$value)
{
echo "\t\t<td align='center'>\n";
if (in_array($value,$rights))
{
if ($setting_visualisation=='checkbox')
{
display_checkbox_matrix($current_user_permissions, $tool, $value, $inherited_permissions,$course_admin);
}
if ($setting_visualisation=='image')
{
display_image_matrix($current_user_permissions, $tool, $value,$inherited_permissions, $course_admin);
}
}
// note: in a later stage this part will be replaced by a function
// so that we can easily switch between a checkbox approach or an image approach
// where every click is in fact a change of status. In the checkbox approach you first have to
// do the changes and then store them by clicking the submit button.
echo "\t\t</td>\n";
}
echo "\t</tr>\n";
// $tool_rights contains all the possible tools and their rights
foreach ($tool_rights as $tool => $rights) {
echo "\t<tr>\n";
echo "\t\t<td>\n";
if (strstr($tool, 'BLOG')) {
// Not dealing with a real tool here, get name of this blog
// Strip blog id
$tmp = strpos($tool,'_')+1;
$blog_id = substr($tool,$tmp,strlen($tool));
// Get title
echo get_lang('Blog').": ".Blog::getBlogTitle($blog_id);
} else {
echo get_lang($tool);
}
echo "\t\t</td>\n";
foreach ($header_array as $key => $value) {
echo "\t\t<td align='center'>\n";
if (in_array($value, $rights)) {
if ($setting_visualisation == 'checkbox') {
display_checkbox_matrix(
$current_user_permissions,
$tool,
$value,
$inherited_permissions,
$course_admin
);
}
if ($setting_visualisation == 'image') {
display_image_matrix(
$current_user_permissions,
$tool,
$value,
$inherited_permissions,
$course_admin
);
}
}
// note: in a later stage this part will be replaced by a function
// so that we can easily switch between a checkbox approach or an image approach
// where every click is in fact a change of status. In the checkbox approach you first have to
// do the changes and then store them by clicking the submit button.
echo "\t\t</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";
if ($setting_visualisation=='checkbox')
{
echo "<input type=\"Submit\" name=\"StoreUserPermissions\" value=\"".get_lang('StorePermissions')."\">";
if ($setting_visualisation=='checkbox') {
echo "<input type=\"Submit\" name=\"StoreUserPermissions\" value=\"".get_lang('StorePermissions')."\">";
}
echo "</form><br />";
// ---------------------------------------------------
// LEGEND
// ---------------------------------------------------
echo '<strong>'.get_lang('Legend').'</strong><br />';
echo '<img src="../img/wrong.gif" /> '.get_lang('UserHasPermissionNot').'<br />';
echo '<img src="../img/checkbox_on2.gif" /> '.get_lang('UserHasPermission').'<br />';
echo '<img src="../img/checkbox_on3.gif" /> '.get_lang('UserHasPermissionByRoleGroup').'<br />';
?>

Write Preview
Loading…
Cancel
Save