224
218
$template = $row[1];
225
219
$issystem = $row[2];
227
$permission = $row[4];
228
$permissionid = $row[5];
231
223
//get the username from the userID using the user module
232
224
$username = $user->getNameFromID($userid);
233
$group = $user->getGroupFromID($userid);
235
//get the permissions
236
list($see_permissions, $edit_permissions) = $user->eval_permission($userid, $permissionid);
238
$buttons = "No available Actions";
240
if ($edit_permissions && $issystem == 'No')
242
$buttons = '<button class="XiboFormButton" href="index.php?p=template&q=DeleteTemplateForm&templateId=' . $templateId . '"><span>' . __('Delete') . '</span></button>';
245
if ($see_permissions)
225
$group = $this->GroupsForTemplate($templateId);
228
$auth = $this->user->TemplateAuth($templateId, true);
230
$buttons = "No available Actions";
232
if ($auth->del && $issystem == 'No')
233
$buttons = '<button class="XiboFormButton" href="index.php?p=template&q=DeleteTemplateForm&templateid=' . $templateId . '"><span>' . __('Delete') . '</span></button>';
235
if ($auth->modifyPermissions && $issystem == 'No')
236
$buttons .= '<button class="XiboFormButton" href="index.php?p=template&q=PermissionsForm&templateid=' . $templateId . '"><span>' . __('Permissions') . '</span></button>';
249
242
<td>$template</td>
250
243
<td>$issystem</td>
253
246
<td>$username</td>
254
247
<td>$buttons</td>
423
410
//Insert the template
424
$SQL = "INSERT INTO template (template, tags, issystem, retired, description, createdDT, modifiedDT, userID, xml, permissionID) ";
425
$SQL.= " VALUES ('$template', '$tags', 0, 0, '$description', '$currentdate', '$currentdate', $userid, '$xml', $permissionid) ";
411
$SQL = "INSERT INTO template (template, tags, issystem, retired, description, createdDT, modifiedDT, userID, xml) ";
412
$SQL.= " VALUES ('$template', '$tags', 0, 0, '$description', '$currentdate', '$currentdate', $userid, '$xml') ";
427
414
if (!$db->query($SQL))
547
540
return $xml->saveXML();
544
* Get a list of group names for a layout
545
* @param <type> $layoutId
548
private function GroupsForTemplate($templateId)
553
$SQL .= 'SELECT `group`.Group ';
554
$SQL .= ' FROM `group` ';
555
$SQL .= ' INNER JOIN lktemplategroup ';
556
$SQL .= ' ON `group`.GroupID = lktemplategroup.GroupID ';
557
$SQL .= ' WHERE lktemplategroup.TemplateID = %d ';
559
$SQL = sprintf($SQL, $templateId);
561
if (!$results = $db->query($SQL))
563
trigger_error($db->error());
564
trigger_error(__('Unable to get group information for template'), E_USER_ERROR);
569
while ($row = $db->get_assoc_row($results))
571
$groups .= $row['Group'] . ', ';
574
$groups = trim($groups);
575
$groups = trim($groups, ',');
580
public function PermissionsForm()
583
$user =& $this->user;
584
$response = new ResponseManager();
585
$helpManager = new HelpManager($db, $user);
587
$templateId = Kit::GetParam('templateid', _GET, _INT);
589
if (!$this->auth->modifyPermissions)
590
trigger_error(__('You do not have permissions to edit this template'), E_USER_ERROR);
593
$form = '<form id="TemplatePermissionsForm" class="XiboForm" method="post" action="index.php?p=template&q=Permissions">';
594
$form .= '<input type="hidden" name="templateid" value="' . $templateId . '" />';
595
$form .= '<div class="dialog_table">';
596
$form .= ' <table style="width:100%">';
598
$form .= ' <th>' . __('Group') . '</th>';
599
$form .= ' <th>' . __('View') . '</th>';
600
$form .= ' <th>' . __('Edit') . '</th>';
601
$form .= ' <th>' . __('Delete') . '</th>';
604
// List of all Groups with a view/edit/delete checkbox
606
$SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific ';
607
$SQL .= ' FROM `group` ';
608
$SQL .= ' LEFT OUTER JOIN lktemplategroup ';
609
$SQL .= ' ON lktemplategroup.GroupID = group.GroupID ';
610
$SQL .= ' AND lktemplategroup.TemplateID = %d ';
611
$SQL .= ' WHERE `group`.GroupID <> %d ';
612
$SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` ';
614
$SQL = sprintf($SQL, $templateId, $user->getGroupFromId($user->userid, true));
616
if (!$results = $db->query($SQL))
618
trigger_error($db->error());
619
trigger_error(__('Unable to get permissions for this template'), E_USER_ERROR);
622
while($row = $db->get_assoc_row($results))
624
$groupId = $row['GroupID'];
625
$group = ($row['IsUserSpecific'] == 0) ? '<strong>' . $row['Group'] . '</strong>' : $row['Group'];
628
$form .= ' <td>' . $group . '</td>';
629
$form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_view" ' . (($row['View'] == 1) ? 'checked' : '') . '></td>';
630
$form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_edit" ' . (($row['Edit'] == 1) ? 'checked' : '') . '></td>';
631
$form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_del" ' . (($row['Del'] == 1) ? 'checked' : '') . '></td>';
639
$response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px');
640
$response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Template', 'Permissions') . '")');
641
$response->AddButton(__('Cancel'), 'XiboDialogClose()');
642
$response->AddButton(__('Save'), '$("#TemplatePermissionsForm").submit()');
643
$response->Respond();
646
public function Permissions()
649
$user =& $this->user;
650
$response = new ResponseManager();
651
Kit::ClassLoader('templategroupsecurity');
653
$templateId = Kit::GetParam('templateid', _POST, _INT);
654
$groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
656
if (!$this->auth->modifyPermissions)
657
trigger_error(__('You do not have permissions to edit this template'), E_USER_ERROR);
660
$security = new TemplateGroupSecurity($db);
661
if (!$security->UnlinkAll($templateId))
662
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
664
// Some assignments for the loop
671
// List of groupIds with view, edit and del assignments
672
foreach($groupIds as $groupPermission)
674
$groupPermission = explode('_', $groupPermission);
675
$groupId = $groupPermission[0];
679
// First time through
681
$lastGroupId = $groupId;
684
if ($groupId != $lastGroupId)
686
// The groupId has changed, so we need to write the current settings to the db.
687
// Link new permissions
688
if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del))
689
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
692
$lastGroupId = $groupId;
698
switch ($groupPermission[1])
714
// Need to do the last one
717
if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del))
718
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
721
$response->SetFormSubmitResponse(__('Permissions Changed'));
722
$response->Respond();
b'\\ No newline at end of file'