7 require_once 'Pman.php';
9 class Pman_Admin_GroupRights extends Pman
12 parent::getAuth(); // load company!
13 $au = $this->getAuthUser();
15 $this->jerr("Not authenticated", array('authFailure' => true));
17 $this->authUser = $au;
21 // perms - any table that can be modified by the user should be listed here..
22 // without it, our perms manager should deny writing via the web interface...
24 // FOR PERMS - SEE THE DATAOBJECT!
28 // must recieve a group..
29 if (!isset($_GET['group_id']) || (int)$_GET['group_id'] < 0) {
30 $this->jerr("NO GROUP");
32 if (!$this->hasPerm( 'Core.Groups','S')) { // listing groups..
33 $this->jerr("PERMISSION DENIED");
35 // DB_DataObject::debugLevel(1);
36 $p = DB_DataObject::factory('Group_Rights');
37 $p->group_id = (int)$_GET['group_id'];
42 $cur[$p->rightname] = clone($p);
46 // echo "<PRE>"; print_r($p->defaultPermData() );
47 foreach($p->defaultPermData() as $k => $defdata) {
49 if (empty($defdata[0])) { // no admin data available..
52 if (!isset($cur[$k])) {
53 // then there is no current access right for it..
54 //DB_DataObject::debugLevel(1);
55 $gr = DB_DataObject::factory('Group_Rights');
56 $gr->group_id = (int)$_GET['group_id'];
58 $gr->AccessMask = $defdata[1]; // set to defaults..
60 $cur[$k] = clone($gr);
65 'id' => $cur[$k]->id * 1, //
67 'descript' => isset($defdata[2]) ? $defdata[2] : '' ,
68 'AccessMask' => $cur[$k]->AccessMask,
69 'FullMask' => $defdata[0],
70 'group_id' => (int)$_GET['group_id']
83 if (!isset($_POST['group_id']) || (int)$_POST['group_id'] < 0) {
84 $this->jerr("NO GROUP");
86 if (!$this->hasPerm( 'Core.Groups','E')) { // editing groups..
87 $this->jerr("PERMISSION DENIED");
95 if (!empty($_POST['dataUpdate'])) {
96 foreach($_POST['dataUpdate'] as $id => $ac) {
97 $p = DB_DataObject::factory('Group_Rights');
98 $p->group_id = (int)$_POST['group_id'];
100 continue; // errro cond.
103 $p->AccessMask = $ac;
104 $p->validate(); // ensure that the basic perms can not be removed
108 if (!empty($_POST['dataAdd'])) {
109 foreach($_POST['dataAdd'] as $perm => $ac) {
110 $p = DB_DataObject::factory('Group_Rights');
111 $p->group_id = (int)$_POST['group_id'];
112 $p->rightname = $perm;
113 $p->AccessMask = $ac;
114 $p->validate(); // ensure that the basic perms can not be removed