5 * Copyright 2004 (c) GForge LLC
6 * Copyright 2010, Roland Mas
7 * Copyright (C) 2011 Alain Peyrat - Alcatel-Lucent
9 * This file is part of FusionForge. FusionForge is free software;
10 * you can redistribute it and/or modify it under the terms of the
11 * GNU General Public License as published by the Free Software
12 * Foundation; either version 2 of the Licence, or (at your option)
15 * FusionForge is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License along
21 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 require_once('../../env.inc.php');
26 require_once $gfcommon.'include/pre.php';
27 require_once $gfwww.'project/admin/project_admin_utils.php';
28 require_once $gfcommon.'include/Role.class.php';
29 require_once $gfcommon.'include/RoleObserver.class.php';
30 require_once $gfcommon.'include/rbac_texts.php';
32 $group_id = getIntFromRequest('group_id');
33 session_require_perm ('project_admin', $group_id) ;
35 $role_id = getStringFromRequest('role_id');
36 $data = getStringFromRequest('data');
38 $group = group_get_object($group_id);
40 if (getStringFromRequest('delete')) {
41 session_redirect('/project/admin/roledelete.php?group_id='.$group_id.'&role_id='.$role_id);
45 // The observer is a special role, which is actually
46 // just controlling the is_public/allow anon flags
48 // Get observer role instead of regular role
50 if ($role_id=='observer') {
51 $role = new RoleObserver($group);
52 if (!$role || !is_object($role)) {
53 exit_error(_('Could Not Get RoleObserver'),'admin');
54 } elseif ($role->isError()) {
55 exit_error($role->getErrorMessage(),'admin');
58 if (getStringFromRequest('submit')) {
59 if (!$role->update($data)) {
60 $error_msg = $role->getErrorMessage();
62 $feedback = _('Successfully Updated Role');
67 if (getStringFromRequest('add')) {
68 $role_name = trim(getStringFromRequest('role_name')) ;
69 $role = new Role ($group) ;
70 $role_id=$role->createDefault($role_name) ;
72 $role = RBACEngine::getInstance()->getRoleById($role_id) ;
75 $role = new Role($group,$role_id);
77 if (!$role || !is_object($role)) {
78 exit_error(_('Could Not Get Role'),'admin');
79 } elseif ($role->isError()) {
80 exit_error($role->getErrorMessage(),'admin');
83 $old_data = $role->getSettingsForProject ($group) ;
84 $new_data = array () ;
86 if (!is_array ($data)) {
89 foreach ($old_data as $section => $values) {
90 if (!array_key_exists ($section, $data)) {
93 foreach ($values as $ref_id => $val) {
94 if (!array_key_exists ($ref_id, $data[$section])) {
97 $new_data[$section][$ref_id] = $data[$section][$ref_id] ;
101 if (getStringFromRequest('submit')) {
102 if (($role->getHomeProject() != NULL)
103 && ($role->getHomeProject()->getID() == $group_id)) {
104 $role_name = trim(getStringFromRequest('role_name'));
105 $public = getIntFromRequest('public') ? true : false ;
107 $role_name = $role->getName() ;
108 $public = $role->isPublic() ;
111 $error_msg .= ' Missing Role Name ';
114 $role_id=$role->create($role_name,$data);
116 $error_msg .= $role->getErrorMessage();
118 $feedback = _('Successfully Created New Role');
121 if ($role instanceof RoleExplicit) {
122 $role->setPublic($public) ;
124 if (!$role->update($role_name,$data,false)) {
125 $error_msg .= $role->getErrorMessage();
127 $feedback = _('Successfully Updated Role');
131 //change assistant for webcal
132 $params = getIntFromRequest('group_id');
133 plugin_hook('change_cal_permission_auto',$params);
138 if ($role_id=='observer') {
139 $title= _('Edit Observer');
140 $msg = _('Use this page to edit the permissions and access levels of non-members of your project. Non-members includes users who are not logged in.');
143 $title= _('New Role');
145 $title= _('Edit Role');
148 $msg = _('Use this page to edit the permissions attached to each role. Note that each role has at least as much access as the Anonymous and LoggedIn roles. For example, if the the Anonymous role has read access to a forum, all other roles will have it too.');
150 $msg = _('Use this page to edit your project\'s Roles. Note that each member has at least as much access as the Observer. For example, if the Observer can read CVS, so can any other role in the project.');
154 project_admin_header(array('title'=> $title,'group'=>$group_id));
156 echo '<p>'.$msg.'</p>';
158 <form action="'.getStringFromServer('PHP_SELF').'?group_id='.$group_id.'&role_id='. $role_id .'" method="post">';
161 if ($role->getHomeProject() == NULL
162 || $role->getHomeProject()->getID() != $group_id) {
163 echo '<p><strong>'._('Role Name').'</strong></p>' ;
164 echo $role->getDisplayableName ($group) ;
166 echo '<p><strong>'._('Role Name').'</strong><br /><input type="text" name="role_name" value="'.$role->getName().'"><br />' ;
167 echo '<input type="checkbox" name="public" value="1"' ;
168 if ($role->isPublic()) {
171 echo '> '._('Shared role (can be referenced by other projects)').'</p>' ;
174 if ($role_id != 'observer') {
175 echo '<p><strong>'._('Role Name').'</strong><br />
176 <input type="text" name="role_name" value="'.$role->getName().'" />
181 $titles[]=_('Section');
182 $titles[]=_('Subsection');
183 $titles[]=_('Setting');
185 setup_rbac_strings () ;
187 echo $HTML->listTableTop($titles);
190 // Get the keys for this role and interate to build page
192 // Everything is built on the multi-dimensial arrays in the Role object
196 $keys = array_keys($role->getSettingsForProject ($group)) ;
198 foreach ($keys as $key) {
199 if (!in_array ($key, $role->global_settings)) {
205 $keys = array_keys($role->role_values);
207 for ($i=0; $i<count($keys); $i++) {
208 if ((!$group->usesForum() && preg_match("/forum/", $keys[$i])) ||
209 (!$group->usesTracker() && preg_match("/tracker/", $keys[$i])) ||
210 (!$group->usesPM() && preg_match("/pm/", $keys[$i])) ||
211 (!$group->usesFRS() && preg_match("/frs/", $keys[$i])) ||
212 (!$group->usesSCM() && preg_match("/scm/", $keys[$i])) ||
213 (!$group->usesDocman() && preg_match("/docman/", $keys[$i]))) {
215 //We don't display modules not used
219 // Handle forum settings for all roles
221 } elseif ($keys[$i] == 'forum' || $keys[$i] == 'forumpublic' || $keys[$i] == 'forumanon') {
223 if ($keys[$i] == 'forumanon') {
224 //skip as we have special case below
226 $res=db_query_params ('SELECT group_forum_id,forum_name,is_public,allow_anonymous
227 FROM forum_group_list WHERE group_id=$1',
229 for ($q=0; $q<db_numrows($res); $q++) {
231 // Special cases - when going through the keys, we want to show trackeranon
232 // on the same line as tracker public
234 if ($keys[$i] == 'forumpublic') {
235 $txt=' '.html_build_select_box_from_assoc(
236 $role->getRoleVals('forumanon'),
237 "data[forumanon][".db_result($res,$q,'group_forum_id')."]",
238 $role->getVal('forumanon',db_result($res,$q,'group_forum_id')),
243 echo '<tr ' . $HTML->boxGetAltRowStyle($j++) . '>
244 <td style="padding-left: 4em;">'.$rbac_edit_section_names[$keys[$i]].'</td>
245 <td>'.db_result($res,$q,'forum_name').'</td>
246 <td>'.html_build_select_box_from_assoc(
247 $role->getRoleVals($keys[$i]),
248 "data[".$keys[$i]."][".db_result($res,$q,'group_forum_id')."]",
249 $role->getVal($keys[$i],db_result($res,$q,'group_forum_id')),
250 false, false ). $txt .'</td></tr>';
254 // Handle task mgr settings for all roles
256 } elseif ($keys[$i] == 'pm' || $keys[$i] == 'pmpublic') {
258 $res=db_query_params ('SELECT group_project_id,project_name,is_public
259 FROM project_group_list WHERE group_id=$1',
261 for ($q=0; $q<db_numrows($res); $q++) {
262 echo '<tr '. $HTML->boxGetAltRowStyle($j++) . '>
263 <td style="padding-left: 4em;">'.$rbac_edit_section_names[$keys[$i]].'</td>
264 <td>'.db_result($res,$q,'project_name').'</td>
265 <td>'.html_build_select_box_from_assoc(
266 $role->getRoleVals($keys[$i]),
267 "data[".$keys[$i]."][".db_result($res,$q,'group_project_id')."]",
268 $role->getVal($keys[$i],db_result($res,$q,'group_project_id')),
269 false, false ).'</td></tr>';
273 // Handle tracker settings for all roles
275 } elseif ($keys[$i] == 'tracker' || $keys[$i] == 'trackerpublic' || $keys[$i] == 'trackeranon') {
277 if ($keys[$i] == 'trackeranon') {
278 //skip as we have special case below
280 $res=db_query_params ('SELECT group_artifact_id,name,is_public,allow_anon
281 FROM artifact_group_list WHERE group_id=$1',
283 for ($q=0; $q<db_numrows($res); $q++) {
285 // Special cases - when going through the keys, we want to show trackeranon
286 // on the same line as tracker public
288 if ($keys[$i] == 'trackerpublic') {
289 $txt = ' '.html_build_select_box_from_assoc(
290 $role->getRoleVals('trackeranon'),
291 "data[trackeranon][".db_result($res,$q,'group_artifact_id')."]",
292 $role->getVal('trackeranon',db_result($res,$q,'group_artifact_id')),
297 echo '<tr '. $HTML->boxGetAltRowStyle($j++) . '>
298 <td style="padding-left: 4em;">'.$rbac_edit_section_names[$keys[$i]].'</td>
299 <td>'.db_result($res,$q,'name').'</td>
300 <td>'.html_build_select_box_from_assoc(
301 $role->getRoleVals($keys[$i]),
302 "data[".$keys[$i]."][".db_result($res,$q,'group_artifact_id')."]",
303 $role->getVal($keys[$i],db_result($res,$q,'group_artifact_id')),
304 false, false ). $txt .'</td></tr>';
309 // File release system - each package can be public/private
311 } elseif ($keys[$i] == 'frspackage') {
313 $res=db_query_params ('SELECT package_id,name,is_public
314 FROM frs_package WHERE group_id=$1',
316 for ($q=0; $q<db_numrows($res); $q++) {
317 echo '<tr '. $HTML->boxGetAltRowStyle($j++) . '>
318 <td>'.$rbac_edit_section_names[$keys[$i]].'</td>
319 <td>'.db_result($res,$q,'name').'</td>
320 <td>'.html_build_select_box_from_assoc(
321 $role->getRoleVals($keys[$i]),
322 "data[".$keys[$i]."][".db_result($res,$q,'package_id')."]",
323 $role->getVal($keys[$i],db_result($res,$q,'package_id')),
324 false, false ).'</td></tr>';
328 // Handle all other settings for all roles
332 echo '<tr '. $HTML->boxGetAltRowStyle($j++) . '>
333 <td colspan="2"><strong>'.$rbac_edit_section_names[$keys[$i]].'</strong></td>
336 echo html_build_select_box_from_assoc($role->getRoleVals($keys[$i]), "data[".$keys[$i]."][$group_id]", $role->getVal($keys[$i],$group_id), false, false ) ;
338 echo html_build_select_box_from_assoc($role->getRoleVals($keys[$i]), "data[".$keys[$i]."][0]", $role->getVal($keys[$i],0), false, false ) ;
347 echo $HTML->listTableBottom();
349 echo '<p><input type="submit" name="submit" value="'._('Submit').'" /></p>
352 project_admin_footer(array());
356 // c-file-style: "bsd"