blog_permissions.inc.php 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198
  1. <?php
  2. /**
  3. * smartBlogs add-on: it must be possible to change rights for every single blog
  4. * in a course.
  5. *
  6. * @author Toon Keppens
  7. * @package chamilo.permissions
  8. */
  9. /**
  10. * Init
  11. */
  12. $rights_full = array(
  13. "article_add",
  14. "article_delete",
  15. "article_edit",
  16. "article_rate",
  17. "article_comments_add",
  18. "article_comments_delete",
  19. "article_comments_rate",
  20. "task_management",
  21. "member_management",
  22. "role_management",
  23. );
  24. $rights_limited = array("Add", "Edit", "Delete");
  25. $rights_blog = array(
  26. "article_add",
  27. "article_delete",
  28. "article_edit",
  29. "article_rate",
  30. "article_comments_add",
  31. "article_comments_delete",
  32. "article_comments_rate",
  33. "task_management",
  34. "member_management",
  35. "role_management",
  36. );
  37. $course_tool_table = Database::get_course_table(TABLE_TOOL_LIST);
  38. // Get all user
  39. $blog_users = Blog::get_blog_users($_GET['blog_id']);
  40. $course_id = api_get_course_int_id();
  41. // Remove the blog creater because he has all the rights automatically
  42. // and we want to keep it that way.
  43. $tbl_course_rel_user = $table=Database::get_main_table(TABLE_MAIN_COURSE_USER);
  44. $sql = "SELECT user_id
  45. FROM $tbl_course_rel_user
  46. WHERE status = '1' AND c_id = '".api_get_course_int_id()."'";
  47. $result = Database::query($sql);
  48. while ($user = Database::fetch_assoc($result)) {
  49. unset($blog_users[$user['user_id']]);
  50. }
  51. //$user_id=$userIdViewed;
  52. if (isset($mainUserInfo) && isset($mainUserInfo['status']) && $mainUserInfo['status'] == 1) {
  53. $course_admin = 1;
  54. }
  55. include_once('permissions_functions.inc.php');
  56. // ACTIONS
  57. if (isset($_GET['do'])) {
  58. if (isset($_GET['permission']) AND isset($_GET['tool']) AND ($_GET['do'] == 'grant' OR $_GET['do'] == 'revoke')) {
  59. $result_message = store_one_permission(
  60. 'user',
  61. $_GET['do'],
  62. $_GET['user_id'],
  63. $_GET['tool'],
  64. $_GET['permission']
  65. );
  66. }
  67. if (isset($_GET['role']) AND ($_GET['do'] == 'grant' OR $_GET['do'] == 'revoke')) {
  68. $result_message = assign_role(
  69. 'user',
  70. $_GET['do'],
  71. $user_id,
  72. $_GET['role'],
  73. $_GET['scope']
  74. );
  75. }
  76. }
  77. // ------------------------------------------------------------------
  78. // RETRIEVING THE PERMISSIONS OF THE ROLES OF THE USER
  79. // ------------------------------------------------------------------
  80. if (api_get_setting('user_roles')=='true') {
  81. // course roles that are assigned to the user
  82. $current_user_role_permissions_of_user=get_roles_permissions('user',$user_id);
  83. $inherited_permissions=permission_array_merge($inherited_permissions,$current_user_role_permissions_of_user);
  84. // NOTE: deze array moet nog gemerged worden met de $inherited_permissions array
  85. // (heet momenteel nog $current_group_permissions_of_user omdat voorlopig enkel de
  86. // groepsge�rfde permissions in beschouwing worden genomen
  87. // dit moet ook de rol permissies van rollen die toegekend worden aan een gebruiker
  88. // en de rol permissies van rollen die toegekend worden aan de groepen van een gebruiker
  89. // omvatten.
  90. // NOTE: checken als de rollen brol wel degelijk geactiveerd is voordat we dit allemaal
  91. // ophalen.
  92. // platform roles that are assigned to the user
  93. $current_user_role_permissions_of_user=get_roles_permissions('user',$user_id, 'platform');
  94. $inherited_permissions=permission_array_merge($inherited_permissions,$current_user_role_permissions_of_user);
  95. }
  96. // ------------------------------------------------------------------
  97. // RETRIEVING THE PERMISSIONS OF THE ROLES OF THE GROUPS OF THE USER
  98. // ------------------------------------------------------------------
  99. if (api_get_setting('group_roles')=='true') {
  100. // NOTE: DIT MOET NOG VERDER UITGEWERKT WORDEN
  101. foreach ($groups_of_user as $group) {
  102. $this_current_group_role_permissions_of_user=get_roles_permissions('user',$user_id);
  103. //$inherited_permissions[$tool][]=$permission;
  104. }
  105. }
  106. echo "<form method=\"post\" action=\"".str_replace('&', '&amp;', $_SERVER['REQUEST_URI'])."\">";
  107. // ---------------------------------------------------
  108. // DISPLAYING THE ROLES LIST
  109. // ---------------------------------------------------
  110. if (api_get_setting('user_roles')=='true')
  111. {
  112. // the list of the roles for the user
  113. echo '<strong>'.get_lang('UserRoles').'</strong><br />';
  114. $current_user_course_roles=get_roles('user',$user_id);
  115. $current_user_platform_roles=get_roles('user',$user_id, 'platform');
  116. display_role_list($current_user_course_roles, $current_user_platform_roles);
  117. echo '<br />';
  118. }
  119. // ---------------------------------------------------
  120. // DISPLAYING THE MATRIX (user permissions)
  121. // ---------------------------------------------------
  122. echo "<table class=\"data_table\">\n";
  123. // the header
  124. echo "\t<tr>\n";
  125. echo "\t\t<th rowspan=\"2\">".get_lang('Module')."</th>\n";
  126. echo "\t\t<th colspan=\"4\">".get_lang('ArticleManager')."</th>\n";
  127. echo "\t\t<th colspan=\"3\">".get_lang('CommentManager')."</th>\n";
  128. echo "\t\t<th colspan=\"3\">".get_lang('BlogManager')."</th>\n";
  129. echo "\t</tr>\n";
  130. // Subheader
  131. echo "\t<tr>\n";
  132. echo "\t\t<th align='center'>".get_lang('Add')."</th>\n";
  133. echo "\t\t<th align='center'>".get_lang('Delete')."</th>\n";
  134. echo "\t\t<th align='center'>".get_lang('Edit')."</th>\n";
  135. echo "\t\t<th align='center'>".get_lang('Rate')."</th>\n";
  136. echo "\t\t<th align='center'>".get_lang('Add')."</th>\n";
  137. echo "\t\t<th align='center'>".get_lang('Delete')."</th>\n";
  138. echo "\t\t<th align='center'>".get_lang('Rate')."</th>\n";
  139. echo "\t\t<th align='center'>".get_lang('Tasks')."</th>\n";
  140. echo "\t\t<th align='center'>".get_lang('Members')."</th>\n";
  141. echo "\t\t<th align='center'>".get_lang('Roles')."</th>\n";
  142. echo "\t</tr>\n";
  143. // the main area with the checkboxes or images
  144. foreach ($blog_users as $user_id => $user_name) { // $blog_users contains all the users in this blog
  145. // ---------------------------------------------------
  146. // RETRIEVING THE PERMISSIONS OF THE USER
  147. // ---------------------------------------------------
  148. $current_user_permissions = array();
  149. $current_user_permissions = get_permissions('user', $user_id);
  150. echo "\t<tr>\n";
  151. echo "\t\t<td>\n";
  152. echo $user_name;
  153. echo "\t\t</td>\n";
  154. foreach ($rights_full as $key => $value) {
  155. echo "\t\t<td align='center'>\n";
  156. if (in_array($value,$rights_blog)) {
  157. display_image_matrix_for_blogs(
  158. $current_user_permissions,
  159. $user_id,
  160. 'BLOG_'.$blog_id,
  161. $value,
  162. (isset($inherited_permissions) ? $inherited_permissions : null),
  163. (isset($course_admin) ? $course_admin : null)
  164. );
  165. }
  166. // note: in a later stage this part will be replaced by a function
  167. // so that we can easily switch between a checkbox approach or an image approach
  168. // where every click is in fact a change of status. In the checkbox approach you first have to
  169. // do the changes and then store them by clicking the submit button.
  170. echo "\t\t</td>\n";
  171. }
  172. echo "\t</tr>\n";
  173. }
  174. echo "</table>\n";
  175. echo "</form><br />";
  176. // LEGEND
  177. echo '<strong>'.get_lang('Legend').'</strong><br />';
  178. echo '<img src="../img/wrong.gif" /> '.get_lang('UserHasPermissionNot').'<br />';
  179. echo '<img src="../img/checkbox_on2.gif" /> '.get_lang('UserHasPermission').'<br />';
  180. echo '<img src="../img/checkbox_on3.gif" /> '.get_lang('UserHasPermissionByRoleGroup').'<br />';