diff --git a/src/controllers/AdminController.php b/src/controllers/AdminController.php index 3fc14228c..1cb342b16 100755 --- a/src/controllers/AdminController.php +++ b/src/controllers/AdminController.php @@ -347,21 +347,37 @@ class AdminController extends Controller implements CrawlConstants $data['INACTIVE'] = true; return $data; } + $allowed_argument = false; foreach ($allowed_activities as $allowed_activity) { if ($activity == $allowed_activity['METHOD_NAME']) { $allowed = true; + $arguments = preg_split("/\s*\,\s*/", + trim($allowed_activity['ALLOWED_ARGUMENTS'])); + $arg = $_REQUEST['arg'] ?? ""; + if ((in_array('all', $arguments) && + !in_array("-$arg", $arguments)) || + in_array($arg, $arguments) ) { + $allowed_argument = true; + break; + } } if ($allowed_activity['METHOD_NAME'] == "manageCrawls" && $activity == "crawlStatus") { $allowed = true; + $allowed_argument = true; + break; } if ($allowed_activity['METHOD_NAME'] == "manageMachines" && $activity == "machineStatus") { $allowed = true; + $allowed_argument = true; + break; } if ($allowed_activity['METHOD_NAME'] == "groupFeeds" && $activity == "wiki") { $allowed = true; + $allowed_argument = true; + break; } } // always allow managing account @@ -370,6 +386,9 @@ class AdminController extends Controller implements CrawlConstants $_REQUEST["a"] = $activity; $allowed = true; } + if (!$allowed_argument) { + unset($_REQUEST['arg']); + } //for now we allow anyone to get crawlStatus if ($allowed) { $data = $this->call($activity); diff --git a/src/controllers/GroupController.php b/src/controllers/GroupController.php index 5bbb87b4c..be4e0f3a9 100644 --- a/src/controllers/GroupController.php +++ b/src/controllers/GroupController.php @@ -157,13 +157,13 @@ class GroupController extends Controller implements CrawlConstants { $data["QUERY"] = "groups:feed"; if (isset($data["JUST_GROUP_ID"])) { - $data["QUERY"] = "groups:just_group_id:".$data["JUST_GROUP_ID"]; + $data["QUERY"] = "groups:just_group_id:" . $data["JUST_GROUP_ID"]; } if (isset($data["JUST_USER_ID"])) { - $data["QUERY"] = "groups:just_user_id:".$data["JUST_USER_ID"]; + $data["QUERY"] = "groups:just_user_id:" . $data["JUST_USER_ID"]; } if (isset($data["JUST_THREAD"])) { - $data["QUERY"] = "groups:just_thread:".$data["JUST_THREAD"]; + $data["QUERY"] = "groups:just_thread:" . $data["JUST_THREAD"]; } $data["its"] = 0; $num_pages = count($data["PAGES"]); diff --git a/src/controllers/components/AccountaccessComponent.php b/src/controllers/components/AccountaccessComponent.php index 446565877..78ea5c969 100644 --- a/src/controllers/components/AccountaccessComponent.php +++ b/src/controllers/components/AccountaccessComponent.php @@ -1102,26 +1102,28 @@ class AccountaccessComponent extends Component if (!empty($_REQUEST['context'])) { $data['context'] = 'search'; } + $num_activities = count($data['ROLE_ACTIVITIES']); + $data['SCRIPT'] .= "elt('focus-button').focus();"; + $update_activities = $_REQUEST['activities'] ?? []; + if (!$update_activities) { + break; + } $update = false; - foreach ($data['CURRENT_ROLE'] as $field => $value) { - $upper_field = strtoupper($field); - if (isset($_REQUEST[$field]) && $field != 'name') { - $role[$upper_field] = $parent->clean( - $_REQUEST[$field], "string"); - $data['CURRENT_ROLE'][$field] = - $role[$upper_field]; + for ($i = 0; $i < $num_activities; $i++) { + $role_activity = $data['ROLE_ACTIVITIES'][$i]; + $activity_id = $role_activity['ACTIVITY_ID']; + if (isset($update_activities[$activity_id]) && + $update_activities[$activity_id] != + $role_activity['ALLOWED_ARGUMENTS']) { + $role_model->updateActivityRoleArguments($role_id, + $activity_id, $update_activities[$activity_id]); $update = true; - } else if (isset($role[$upper_field])){ - $data['CURRENT_ROLE'][$field] = - $role[$upper_field]; } } - $data['SCRIPT'] .= "elt('focus-button').focus();"; if ($update) { - $role_model->updateRole($role); return $parent->redirectWithMessage( tl('accountaccess_component_role_updated'), - ["arg", "start_row", "end_row", "num_show", + ["arg", "name", "start_row", "end_row", "num_show", "context"]); } break; diff --git a/src/css/search.css b/src/css/search.css index 7172c2ddd..1edd3005e 100755 --- a/src/css/search.css +++ b/src/css/search.css @@ -2505,6 +2505,19 @@ td.admin-edit-form border-collapse: collapse; padding: 5px; } +.role-activity-table +{ + border:0; + border-collapse: collapse; + margin:3px; +} +.role-activity-table td, +.role-activity-table th +{ + border: 1px ridge black; + padding: 3px; + word-wrap: break-word; +} th.no-border, td.no-border { diff --git a/src/locale/ar/configure.ini b/src/locale/ar/configure.ini index 5fa97ef77..bb0bec899 100755 --- a/src/locale/ar/configure.ini +++ b/src/locale/ar/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "إضافة دور" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/ar/statistics.txt b/src/locale/ar/statistics.txt index 604edd026..763247d34 100755 --- a/src/locale/ar/statistics.txt +++ b/src/locale/ar/statistics.txt @@ -1 +1 @@ -d:18; \ No newline at end of file +d:17; \ No newline at end of file diff --git a/src/locale/bn/configure.ini b/src/locale/bn/configure.ini index 4d2f3c0f1..f0e4d09b9 100755 --- a/src/locale/bn/configure.ini +++ b/src/locale/bn/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/de/configure.ini b/src/locale/de/configure.ini index 679462cd1..e828a61a7 100755 --- a/src/locale/de/configure.ini +++ b/src/locale/de/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/en_US/configure.ini b/src/locale/en_US/configure.ini index 0037d1eb8..d0a4a5dd4 100644 --- a/src/locale/en_US/configure.ini +++ b/src/locale/en_US/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "No Matching Strings Left To Translate!" editlocales_element_save = "Save" ; ; GroupbarElement.php -groupbar_element_groups = "Groups" groupbar_element_page_list = "Page List" groupbar_element_page_thread = " %s Page at %s Group Discussion" groupbar_element_groupfeed = "%s Feed" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "Are you sure you want to delete?" manageroles_element_role_info = "Role Information" manageroles_element_add_role = "Add Role" manageroles_element_role_activities = "Activities" +manageroles_element_activity_name = "Name" +manageroles_element_allowed_arguments = "Allowed Arguments" +manageroles_element_activity_actions = "Actions" manageroles_element_save = "Save" manageroles_element_search_role = "Search" ; diff --git a/src/locale/es/configure.ini b/src/locale/es/configure.ini index 2bae318d1..1319a8d0f 100755 --- a/src/locale/es/configure.ini +++ b/src/locale/es/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/fa/configure.ini b/src/locale/fa/configure.ini index 8ed05bd46..3d404ca7f 100755 --- a/src/locale/fa/configure.ini +++ b/src/locale/fa/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "نقشی اضافه کن" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/fr_FR/configure.ini b/src/locale/fr_FR/configure.ini index 704bf49b1..4aea36a46 100755 --- a/src/locale/fr_FR/configure.ini +++ b/src/locale/fr_FR/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/he/configure.ini b/src/locale/he/configure.ini index 2ad67e00d..a96de60e3 100755 --- a/src/locale/he/configure.ini +++ b/src/locale/he/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/hi/configure.ini b/src/locale/hi/configure.ini index 0ae64d3c4..a04b25daf 100755 --- a/src/locale/hi/configure.ini +++ b/src/locale/hi/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/in_ID/configure.ini b/src/locale/in_ID/configure.ini index d232dcae9..80cee686d 100755 --- a/src/locale/in_ID/configure.ini +++ b/src/locale/in_ID/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "Tambah role" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/it/configure.ini b/src/locale/it/configure.ini index 4dbbe39d4..bc58f102e 100755 --- a/src/locale/it/configure.ini +++ b/src/locale/it/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "Aggiungi Ruolo" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/ja/configure.ini b/src/locale/ja/configure.ini index 8ea9920a8..cf0b0ce37 100755 --- a/src/locale/ja/configure.ini +++ b/src/locale/ja/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "役割の追加" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/kn/configure.ini b/src/locale/kn/configure.ini index ff309b3b4..278eb5121 100755 --- a/src/locale/kn/configure.ini +++ b/src/locale/kn/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/ko/configure.ini b/src/locale/ko/configure.ini index a7c02ddd5..45105c7cd 100755 --- a/src/locale/ko/configure.ini +++ b/src/locale/ko/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "롤 추가" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/nl/configure.ini b/src/locale/nl/configure.ini index ffc323578..53b7146e8 100644 --- a/src/locale/nl/configure.ini +++ b/src/locale/nl/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "Geen Matching Strings Left To Translate!" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "rol Informatie" manageroles_element_add_role = "Rol toevoegen" manageroles_element_role_activities = "activiteiten" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "Opslaan" manageroles_element_search_role = "zoeken" ; diff --git a/src/locale/pl/configure.ini b/src/locale/pl/configure.ini index ff01ae25c..f59364fbb 100755 --- a/src/locale/pl/configure.ini +++ b/src/locale/pl/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/pt/configure.ini b/src/locale/pt/configure.ini index 0f8766f58..eaf93a394 100755 --- a/src/locale/pt/configure.ini +++ b/src/locale/pt/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/ru/configure.ini b/src/locale/ru/configure.ini index 5811889b9..e6306a324 100755 --- a/src/locale/ru/configure.ini +++ b/src/locale/ru/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/te/configure.ini b/src/locale/te/configure.ini index 26ef2b469..fb32832d9 100644 --- a/src/locale/te/configure.ini +++ b/src/locale/te/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "అనువదించడానికి editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "రోల్ సమాచారం" manageroles_element_add_role = "ఆడ్ రోల్" manageroles_element_role_activities = "కార్యకలాపాలు" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "సేవ్" manageroles_element_search_role = "శోధన" ; diff --git a/src/locale/th/configure.ini b/src/locale/th/configure.ini index 3a98c6dcf..2bb9935f9 100755 --- a/src/locale/th/configure.ini +++ b/src/locale/th/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/tr/configure.ini b/src/locale/tr/configure.ini index 6178ec740..8c95ebd85 100755 --- a/src/locale/tr/configure.ini +++ b/src/locale/tr/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/vi_VN/configure.ini b/src/locale/vi_VN/configure.ini index 799318162..1eb5db270 100755 --- a/src/locale/vi_VN/configure.ini +++ b/src/locale/vi_VN/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "Thêm chức vụ" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/locale/zh_CN/configure.ini b/src/locale/zh_CN/configure.ini index b87310d63..631f5d3a3 100755 --- a/src/locale/zh_CN/configure.ini +++ b/src/locale/zh_CN/configure.ini @@ -1153,7 +1153,6 @@ editlocales_element_no_matching = "" editlocales_element_save = "" ; ; GroupbarElement.php -groupbar_element_groups = "" groupbar_element_page_list = "" groupbar_element_page_thread = "" groupbar_element_groupfeed = "" @@ -1689,6 +1688,9 @@ manageroles_element_confirm_delete = "" manageroles_element_role_info = "" manageroles_element_add_role = "新增使用者" manageroles_element_role_activities = "" +manageroles_element_activity_name = "" +manageroles_element_allowed_arguments = "" +manageroles_element_activity_actions = "" manageroles_element_save = "" manageroles_element_search_role = "" ; diff --git a/src/models/RoleModel.php b/src/models/RoleModel.php index bdd436b31..336716e94 100644 --- a/src/models/RoleModel.php +++ b/src/models/RoleModel.php @@ -77,6 +77,7 @@ class RoleModel extends Model $sql = "SELECT DISTINCT R.ROLE_ID AS ROLE_ID, ". "RA.ACTIVITY_ID AS ACTIVITY_ID, ". "A.METHOD_NAME AS METHOD_NAME, ". + "RA.ALLOWED_ARGUMENTS AS ALLOWED_ARGUMENTS, ". "T.IDENTIFIER_STRING AS IDENTIFIER_STRING, ". "T.TRANSLATION_ID AS TRANSLATION_ID FROM ". "ROLE R, ROLE_ACTIVITY RA, ACTIVITY A, TRANSLATION T ". @@ -93,7 +94,6 @@ class RoleModel extends Model $id = $activities[$i]['TRANSLATION_ID']; $result_sub = $db->execute($sub_sql, [$id, $locale_id]); $translate = $db->fetchArray($result_sub); - if ($translate) { $activities[$i]['ACTIVITY_NAME'] = $translate['ACTIVITY_NAME']; } else { @@ -262,11 +262,41 @@ class RoleModel extends Model * * @param string $role_id the role id of the role to add the activity to * @param string $activity_id the id of the acitivity to add + * @param string $allowed_arguments $_REQUEST['arg'] values this + * role is allowed to use. 'all' means any allowed argumment. + * Otherwise whould be commma separated list of allowed arguments: + * For example: + * edit, search, ... + * Can also use + * all, -arg_name1, -arg_name2 ... + * to say all arguments except arg_name1, arg_name2... */ - public function addActivityRole($role_id, $activity_id) + public function addActivityRole($role_id, $activity_id, + $allowed_arguments = "all") { $sql = "INSERT INTO ROLE_ACTIVITY VALUES (?, ?, ?)"; - $this->db->execute($sql, [$role_id, $activity_id, "all"]); + $this->db->execute($sql, [$role_id, $activity_id, $allowed_arguments]); + } + /** + * Updates the allowed arguments of an Activity within a Role + * + * @param string $role_id the role id of the role to add the activity to + * @param string $activity_id the id of the acitivity to add + * @param string $allowed_arguments $_REQUEST['arg'] values this + * role is allowed to use. 'all' means any allowed argumment. + * Otherwise whould be commma separated list of allowed arguments: + * For example: + * edit, search, ... + * Can also use + * all, -arg_name1, -arg_name2 ... + * to say all arguments except arg_name1, arg_name2... + */ + public function updateActivityRoleArguments($role_id, $activity_id, + $allowed_arguments) + { + $sql = "UPDATE ROLE_ACTIVITY SET ALLOWED_ARGUMENTS=? WHERE ROLE_ID = ?". + " AND ACTIVITY_ID = ?"; + $this->db->execute($sql, [$allowed_arguments, $role_id, $activity_id]); } /** * Delete a role by its roleid diff --git a/src/models/UserModel.php b/src/models/UserModel.php index a0f3496b0..a1c562c75 100755 --- a/src/models/UserModel.php +++ b/src/models/UserModel.php @@ -116,11 +116,12 @@ class UserModel extends Model $locale_id = $row['LOCALE_ID']; $sql = "SELECT DISTINCT A.ACTIVITY_ID AS ACTIVITY_ID, ". "T.TRANSLATION_ID AS TRANSLATION_ID, A.METHOD_NAME AS METHOD_NAME,". + " RA.ALLOWED_ARGUMENTS AS ALLOWED_ARGUMENTS," . " T.IDENTIFIER_STRING AS IDENTIFIER_STRING FROM ACTIVITY A, ". " USER_ROLE UR, ROLE_ACTIVITY RA, TRANSLATION T ". - "WHERE UR.USER_ID = ? ". - "AND UR.ROLE_ID=RA.ROLE_ID AND T.TRANSLATION_ID=A.TRANSLATION_ID ". - "AND RA.ACTIVITY_ID = A.ACTIVITY_ID ORDER BY A.ACTIVITY_ID ASC"; + " WHERE UR.USER_ID = ? ". + " AND UR.ROLE_ID=RA.ROLE_ID AND T.TRANSLATION_ID=A.TRANSLATION_ID ". + " AND RA.ACTIVITY_ID = A.ACTIVITY_ID ORDER BY A.ACTIVITY_ID ASC"; $result = $db->execute($sql, [$user_id]); $i = 0; $sub_sql = "SELECT TRANSLATION AS ACTIVITY_NAME ". diff --git a/src/views/elements/ManagerolesElement.php b/src/views/elements/ManagerolesElement.php index 691d437af..ea99d3e21 100644 --- a/src/views/elements/ManagerolesElement.php +++ b/src/views/elements/ManagerolesElement.php @@ -207,53 +207,60 @@ class ManagerolesElement extends Element ?> <tr><th class="table-label" style="vertical-align:top"><?= tl('manageroles_element_role_activities') ?>:</th> - <td><div class='light-gray-box'><table><?php - foreach ($data['ROLE_ACTIVITIES'] as $activity_array) { - e("<tr><td><b>". - $activity_array['ACTIVITY_NAME']. - "</b></td>"); + <td><div class='light-gray-box'><table class='role-activity-table'> + <tr><th><?=tl('manageroles_element_activity_name')?></th> + <th><?=tl('manageroles_element_allowed_arguments')?></th> + <th><?=tl('manageroles_element_activity_actions')?></th> + <?php + foreach ($data['ROLE_ACTIVITIES'] as $activity_array) {?> + <tr><td><b><?=$activity_array['ACTIVITY_NAME'] + ?></b></td><?php if ($data['CURRENT_ROLE']['name'] == 'Admin' && in_array($activity_array['ACTIVITY_NAME'], ["Manage Account", "Manage Users", "Manage Roles", "Manage Groups", - "Server Settings", "Security", "Configure"])) { - e("<td><span class='gray'>". - tl('manageroles_element_delete')."</span></td>"); - } else { - e("<td><a href='{$admin_url}a=manageRoles". + "Server Settings", "Security", "Configure"])) {?> + <td><input type="text" disabled="disabled" + name="activities[<?=$activity_array['ACTIVITY_ID'] + ?>]" maxlength="<?= C\NAME_LEN ?>" + value="<?=$activity_array['ALLOWED_ARGUMENTS'] ?>" + class="narrow-field" /></td> + <td><span class='gray'><?= + tl('manageroles_element_delete')?></span></td><?php + } else { ?> + <td><input type="text" + name="activities[<?=$activity_array['ACTIVITY_ID'] + ?>]" maxlength="<?= C\NAME_LEN ?>" + value="<?=$activity_array['ALLOWED_ARGUMENTS'] ?>" + class="narrow-field" /></td> + <td><a href='<?=$admin_url. "a=manageRoles". "&arg=deleteactivity&$context". - "selectactivity=". $activity_array['ACTIVITY_ID']); - e("&name=".$data['CURRENT_ROLE']['name']. + "selectactivity=". $activity_array['ACTIVITY_ID'] . + "&name=".$data['CURRENT_ROLE']['name']. "&".C\CSRF_TOKEN."=".$data[C\CSRF_TOKEN]. - $paging. - "'>".tl('manageroles_element_delete')."</a></td>"); - } - e("</tr>"); - } - ?> - </table> - <?php - if (count($data['AVAILABLE_ACTIVITIES']) > 1) { - $this->view->helper("options")->render( - "add-roleactivity", - "selectactivity", $data['AVAILABLE_ACTIVITIES'], - $data['SELECT_ACTIVITY']); - } - ?> + $paging?>'><?=tl('manageroles_element_delete') + ?></a></td><?php + }?> + </tr><?php + } ?> + </table><?php + if (count($data['AVAILABLE_ACTIVITIES']) > 1) { + $this->view->helper("options")->render( + "add-roleactivity", + "selectactivity", $data['AVAILABLE_ACTIVITIES'], + $data['SELECT_ACTIVITY']); + } ?> </div> - </td></tr> - <?php - } - ?> + </td></tr><?php + } ?> <tr><td></td><td class="center"><button class="button-box" <?php - if ($data['FORM_TYPE'] == 'editrole') { - e("id='focus-button'"); - }?> + if ($data['FORM_TYPE'] == 'editrole') {?> + id='focus-button' <?php + } ?> type="submit"><?= tl('manageroles_element_save') ?></button></td> </tr> </table> - </form> - <?php + </form><?php } /** * Draws the search for roles forms