123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227 |
- <?php
- /**
- * @package chamilo.permissions
- */
- require '../inc/global.inc.php';
- require_once 'permissions_functions.inc.php';
- require_once 'all_permissions.inc.php';
- $tool_name = get_lang('Roles'); // title of the page (should come from the language file)
- Display::display_header($tool_name);
- // ACTIONS
- // storing all the permission for a given role when the checkbox approach is used
- if ($_POST['StoreRolePermissions']) {
- if (!empty($_POST['role_name'])) {
- $table_role = Database::get_course_table(TABLE_ROLE);
- $sql = "INSERT INTO $table_role (role_name, role_comment, default_role)
- VALUES ('".Database::escape_string($_POST['role_name'])."','".Database::escape_string($_POST['role_comment'])."','".Database::escape_string($_POST['default_role'])."')";
- $result = Database::query($sql);
- $role_id = Database::insert_id();
- $result_message = store_permissions('role', $role_id);
- } else {
- $result_message = get_lang('ErrorPleaseGiveRole name');
- }
- }
- // storing a permission for a given role when the image approach is used
- if (isset($_GET['action']) and isset($_GET['permission']) and isset($_GET['tool'])) {
- if ($_GET['action'] == 'grant' or $_GET['action'] == 'revoke') {
- $result_message = store_one_permission('role', $_GET['action'], $role_id, $_GET['tool'], $_GET['permission']);
- }
- }
- // deleting a role
- if (isset($_GET['action']) and isset($_GET['role_id']) and $_GET['action'] == 'delete') {
- //deleting the assignments fo this role: users
- $table = Database::get_course_table(TABLE_ROLE_USER);
- $sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
- $result = Database::query($sql);
- // deleting the assignments of this role: groups
- $table = Database::get_course_table(TABLE_ROLE_GROUP);
- $sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
- $result = Database::query($sql);
- // deleting the permissions of this role
- $table = Database::get_course_table(TABLE_ROLE_PERMISSION);
- $sql = "DELETE FROM $table WHERE role_id='".intval($_GET['role_id'])."'";
- $result = Database::query($sql);
- // deleting the role
- $table_role = Database::get_course_table(TABLE_ROLE);
- $sql = "DELETE FROM $table_role WHERE role_id='".intval($_GET['role_id'])."'";
- $result = Database::query($sql);
- $result_message = get_lang('RoleDeleted');
- }
- // displaying the return message of the actions
- if (isset($result_message)) {
- echo Display::return_message($result_message);
- }
- // ADDING A NEW ROLE (FORM AND LINK)
- echo '<img src="../img/add.png" /> <a href="roles.php?action=add">'.get_lang('AddRole').'</a>';
- if ($_GET['action'] == 'add') {
- echo "<form method=\"post\" action=\"".api_get_self()."\">";
- echo "\n<table>";
- echo "\n\t<tr>";
- echo "\n\t\t<td>";
- echo get_lang('Role name');
- echo "\n\t\t</td>";
- echo "\n\t\t<td>";
- echo "\n\t\t\t<input type='text' name='role_name'>";
- echo "\n\t\t</td>";
- echo "\n\t</tr>";
- echo "\n\t<tr>";
- echo "\n\t\t<td>";
- echo get_lang('RoleComment');
- echo "\n\t\t</td>";
- echo "\n\t\t<td>";
- echo "\n\t\t\t<textarea name='role_comment'></textarea>";
- echo "\n\t\t</td>";
- echo "\n\t</tr>";
- echo "\n\t<tr>";
- echo "\n\t\t<td>";
- echo get_lang('DefaultRole');
- echo "\n\t\t</td>";
- echo "\n\t\t<td>";
- echo "\n\t\t\t<input type=\"checkbox\" name=\"default_role\" value=\"1\">";
- echo "\n\t\t</td>";
- echo "\n\t</tr>";
- echo "\n</table>";
- echo "<table class=\"data_table\">\n";
- // the header
- if (api_get_setting('permissions') == 'limited') {
- $header_array = $rights_limited;
- }
- if (api_get_setting('permissions') == 'full') {
- $header_array = $rights_full;
- }
- echo "\t<tr>\n";
- echo "\t\t<th>".get_lang('Module')."</th>\n";
- foreach ($header_array as $header_key => $header_value) {
- echo "\t\t<th>".get_lang($header_value)."</th>\n";
- }
- echo "\t</tr>\n";
- // the main area with the checkboxes or images
- foreach ($tool_rights as $tool => $rights) { // $tool_rights contains all the possible tools and their rights
- echo "\t<tr>\n";
- echo "\t\t<td>\n";
- echo get_lang($tool);
- echo "\t\t</td>\n";
- foreach ($header_array as $key => $value) {
- echo "\t\t<td align='center'>\n";
- display_checkbox_matrix([], $tool, $value);
- echo "\t\t</td>\n";
- }
- echo "\t</tr>\n";
- }
- echo "</table>\n";
- echo "<input type=\"Submit\" name=\"StoreRolePermissions\" value=\"".get_lang('Store permissions')."\">";
- echo "</form>";
- }
- // DISPLAYING THE EXISTING ROLES
- // platform roles
- $all_roles = get_all_roles('platform');
- foreach ($all_roles as $role) {
- echo '<div><a href="roles.php?action=view&role_id='.$role['role_id'].'&scope=platform">'.$role['role_name'].'</a></div>';
- echo '<div>'.$role['role_comment'].'</div><br />';
- if ($role['role_id'] == $_GET['role_id']) {
- $current_role_info = $role;
- }
- }
- // course roles
- $all_roles = get_all_roles();
- foreach ($all_roles as $role) {
- echo '<div><a href="roles.php?action=view&role_id='.$role['role_id'].'">'.$role['role_name'].'</a><a href="roles.php?action=delete&role_id='.$role['role_id'].'"><img src="../img/delete.gif" /></a></div>';
- echo '<div>'.$role['role_comment'].'</div><br />';
- if ($role['role_id'] == $_GET['role_id']) {
- $current_role_info = $role;
- }
- }
- // DISPLAYING THE PERMISSIONS OF A GIVEN ROLE
- if ($_GET['role_id']) {
- $current_role_permissions = get_permissions('role', $_GET['role_id']);
- // LIMITED OR FULL
- $current_role_permissions = limited_or_full($current_role_permissions);
- if (api_get_setting('permissions') == 'limited') {
- $header_array = $rights_limited;
- }
- if (api_get_setting('permissions') == 'full') {
- $header_array = $rights_full;
- }
- // ---------------------------------------------------
- // DISPLAYING THE MATRIX
- // ---------------------------------------------------
- echo "<form method=\"post\" action=\"".str_replace('&', '&', $_SERVER['REQUEST_URI'])."\">";
- // the list of the roles for the user
- echo get_lang('PermissionsOfRole').':'.$current_role_info['role_name'].'<br />';
- if ($_GET['scope'] == 'platform') {
- echo get_lang('IsPlatformRoleNotEditable').'<br />';
- }
- echo "<table class=\"data_table\">\n";
- // the header
- echo "\t<tr>\n";
- echo "\t\t<th>".get_lang('Module')."</th>\n";
- foreach ($header_array as $header_key => $header_value) {
- echo "\t\t<th>".get_lang($header_value)."</th>\n";
- }
- echo "\t</tr>\n";
- // the main area with the checkboxes or images
- foreach ($tool_rights as $tool => $rights) { // $tool_rights contains all the possible tools and their rights
- echo "\t<tr>\n";
- echo "\t\t<td>\n";
- echo get_lang($tool);
- echo "\t\t</td>\n";
- foreach ($header_array as $key => $value) {
- echo "\t\t<td align='center'>\n";
- if (in_array($value, $rights)) {
- if ($setting_visualisation == 'checkbox') {
- display_checkbox_matrix(
- $current_role_permissions,
- $tool,
- $value
- );
- }
- if ($setting_visualisation == 'image') {
- if ($_GET['scope'] == 'platform') {
- $roles_editable = false;
- } else {
- $roles_editable = true;
- }
- display_image_matrix(
- $current_role_permissions,
- $tool,
- $value,
- '',
- '',
- $roles_editable
- );
- }
- }
- echo "\t\t</td>\n";
- }
- echo "\t</tr>\n";
- }
- echo "</table>\n";
- if ($setting_visualisation == 'checkbox') {
- echo "<input type=\"Submit\" name=\"StoreRolePermissions\" value=\"".get_lang('Store permissions')."\">";
- }
- echo "</form>";
- }
- Display::display_footer();
|