Commit bb33dad50e340efdfaa18d3dc6cccbccbb1662b3
1 parent
1f5c058d
- role allocations now can be used to control permissions.
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4458 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
7 changed files
with
184 additions
and
87 deletions
lib/permissions/permissionutil.inc.php
| @@ -228,12 +228,23 @@ class KTPermissionUtil { | @@ -228,12 +228,23 @@ class KTPermissionUtil { | ||
| 228 | } | 228 | } |
| 229 | // roles are _not_ always assigned (can be null at root) | 229 | // roles are _not_ always assigned (can be null at root) |
| 230 | if ($_roleCache[$iRoleId] != null) { | 230 | if ($_roleCache[$iRoleId] != null) { |
| 231 | - $aAllowed['user'] = array_merge($aAllowed['user'], $_roleCache[$iRoleId]->getUsers()); | ||
| 232 | - $aAllowed['group'] = array_merge($aAllowed['group'], $_roleCache[$iRoleId]->getGroups()); | 231 | + $aMapPermAllowed[$iPermissionId]['user'] = array_merge($aAllowed['user'], $_roleCache[$iRoleId]->getUserIds()); |
| 232 | + $aMapPermAllowed[$iPermissionId]['group'] = array_merge($aAllowed['group'], $_roleCache[$iRoleId]->getGroupIds()); | ||
| 233 | } | 233 | } |
| 234 | } | 234 | } |
| 235 | + | ||
| 235 | } | 236 | } |
| 237 | + unset($aMapPermAllowed[$iPermissionId]['role']); | ||
| 236 | } | 238 | } |
| 239 | + | ||
| 240 | + /* | ||
| 241 | + print '<pre>'; | ||
| 242 | + print '=======' . $oFolderOrDocument->getName(); | ||
| 243 | + print '<br />'; | ||
| 244 | + var_dump($aMapPermAllowed); | ||
| 245 | + print '</pre>'; | ||
| 246 | + */ | ||
| 247 | + | ||
| 237 | 248 | ||
| 238 | $aMapPermDesc = array(); | 249 | $aMapPermDesc = array(); |
| 239 | foreach ($aMapPermAllowed as $iPermissionId => $aAllowed) { | 250 | foreach ($aMapPermAllowed as $iPermissionId => $aAllowed) { |
lib/roles/roleallocation.inc.php
| @@ -151,6 +151,34 @@ class RoleAllocation extends KTEntity { | @@ -151,6 +151,34 @@ class RoleAllocation extends KTEntity { | ||
| 151 | return $aFullGroups; | 151 | return $aFullGroups; |
| 152 | } | 152 | } |
| 153 | 153 | ||
| 154 | + function getUserIds() { | ||
| 155 | + $oDescriptor = $this->getPermissionDescriptor(); | ||
| 156 | + $aUsers = array(); | ||
| 157 | + if (PEAR::isError($oDescriptor) || ($oDescriptor == false)) { | ||
| 158 | + return $aUsers; | ||
| 159 | + } | ||
| 160 | + $aAllowed = $oDescriptor->getAllowed(); | ||
| 161 | + if ($aAllowed['user'] !== null) { | ||
| 162 | + $aUsers = $aAllowed['user']; | ||
| 163 | + } | ||
| 164 | + | ||
| 165 | + return $aUsers; | ||
| 166 | + } | ||
| 167 | + | ||
| 168 | + function getGroupIds() { | ||
| 169 | + $oDescriptor = $this->getPermissionDescriptor(); | ||
| 170 | + $aGroups = array(); | ||
| 171 | + if (PEAR::isError($oDescriptor) || ($oDescriptor == false)) { | ||
| 172 | + return $aGroups; | ||
| 173 | + } | ||
| 174 | + $aAllowed = $oDescriptor->getAllowed(); | ||
| 175 | + if ($aAllowed['group'] !== null) { | ||
| 176 | + $aGroups = $aAllowed['group']; | ||
| 177 | + } | ||
| 178 | + | ||
| 179 | + return $aGroups; | ||
| 180 | + } | ||
| 181 | + | ||
| 154 | // utility function to establish user membership in this allocation. | 182 | // utility function to establish user membership in this allocation. |
| 155 | // FIXME nbm: is there are more coherent way to do this ITO your PD infrastructure? | 183 | // FIXME nbm: is there are more coherent way to do this ITO your PD infrastructure? |
| 156 | function hasMember($oUser) { | 184 | function hasMember($oUser) { |
plugins/ktcore/KTFolderActions.php
| @@ -70,6 +70,7 @@ class KTFolderPermissionsAction extends KTFolderAction { | @@ -70,6 +70,7 @@ class KTFolderPermissionsAction extends KTFolderAction { | ||
| 70 | $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId()); | 70 | $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId()); |
| 71 | $aPermissions = KTPermission::getList(); | 71 | $aPermissions = KTPermission::getList(); |
| 72 | $aMapPermissionGroup = array(); | 72 | $aMapPermissionGroup = array(); |
| 73 | + $aMapPermissionRole = array(); | ||
| 73 | foreach ($aPermissions as $oPermission) { | 74 | foreach ($aPermissions as $oPermission) { |
| 74 | $oPA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oPO); | 75 | $oPA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oPO); |
| 75 | if (PEAR::isError($oPA)) { | 76 | if (PEAR::isError($oPA)) { |
| @@ -82,15 +83,10 @@ class KTFolderPermissionsAction extends KTFolderAction { | @@ -82,15 +83,10 @@ class KTFolderPermissionsAction extends KTFolderAction { | ||
| 82 | foreach ($aIds as $iId) { | 83 | foreach ($aIds as $iId) { |
| 83 | $aMapPermissionGroup[$iPermissionId][$iId] = true; | 84 | $aMapPermissionGroup[$iPermissionId][$iId] = true; |
| 84 | } | 85 | } |
| 85 | - } | ||
| 86 | - $aMapPermissionUser = array(); | ||
| 87 | - $aUsers = User::getList(); | ||
| 88 | - foreach ($aPermissions as $oPermission) { | ||
| 89 | - $iPermissionId = $oPermission->getId(); | ||
| 90 | - foreach ($aUsers as $oUser) { | ||
| 91 | - if (KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $this->oFolder)) { | ||
| 92 | - $aMapPermissionUser[$iPermissionId][$oUser->getId()] = true; | ||
| 93 | - } | 86 | + $aIds = $oDescriptor->getRoles(); |
| 87 | + $aMapPermissionRole[$iPermissionId] = array(); | ||
| 88 | + foreach ($aIds as $iId) { | ||
| 89 | + $aMapPermissionRole[$iPermissionId][$iId] = true; | ||
| 94 | } | 90 | } |
| 95 | } | 91 | } |
| 96 | 92 | ||
| @@ -108,10 +104,10 @@ class KTFolderPermissionsAction extends KTFolderAction { | @@ -108,10 +104,10 @@ class KTFolderPermissionsAction extends KTFolderAction { | ||
| 108 | $aTemplateData = array( | 104 | $aTemplateData = array( |
| 109 | "permissions" => $aPermissions, | 105 | "permissions" => $aPermissions, |
| 110 | "groups" => Group::getList(), | 106 | "groups" => Group::getList(), |
| 107 | + "roles" => Role::getList(), | ||
| 111 | "iFolderId" => $this->oFolder->getId(), | 108 | "iFolderId" => $this->oFolder->getId(), |
| 112 | "aMapPermissionGroup" => $aMapPermissionGroup, | 109 | "aMapPermissionGroup" => $aMapPermissionGroup, |
| 113 | - "users" => $aUsers, | ||
| 114 | - "aMapPermissionUser" => $aMapPermissionUser, | 110 | + "aMapPermissionRole" => $aMapPermissionRole, |
| 115 | "edit" => $bEdit, | 111 | "edit" => $bEdit, |
| 116 | "inherited" => $sInherited, | 112 | "inherited" => $sInherited, |
| 117 | "conditions" => KTSavedSearch::getConditions(), | 113 | "conditions" => KTSavedSearch::getConditions(), |
| @@ -167,6 +163,7 @@ class KTFolderPermissionsAction extends KTFolderAction { | @@ -167,6 +163,7 @@ class KTFolderPermissionsAction extends KTFolderAction { | ||
| 167 | $this->successRedirectToMain(_("Dynamic permission added"), "fFolderId=" . $this->oFolder->getId()); | 163 | $this->successRedirectToMain(_("Dynamic permission added"), "fFolderId=" . $this->oFolder->getId()); |
| 168 | } | 164 | } |
| 169 | } | 165 | } |
| 166 | + | ||
| 170 | $oPlugin->registerAction('folderaction', 'KTFolderPermissionsAction', 'ktcore.actions.folder.permissions'); | 167 | $oPlugin->registerAction('folderaction', 'KTFolderPermissionsAction', 'ktcore.actions.folder.permissions'); |
| 171 | $oPlugin->registerAction('folderaction', 'KTBulkImportFolderAction', 'ktcore.actions.folder.bulkImport', 'folder/BulkImport.php'); | 168 | $oPlugin->registerAction('folderaction', 'KTBulkImportFolderAction', 'ktcore.actions.folder.bulkImport', 'folder/BulkImport.php'); |
| 172 | $oPlugin->registerAction('folderaction', 'KTBulkUploadFolderAction', 'ktcore.actions.folder.bulkUpload', 'folder/BulkUpload.php'); | 169 | $oPlugin->registerAction('folderaction', 'KTBulkUploadFolderAction', 'ktcore.actions.folder.bulkUpload', 'folder/BulkUpload.php'); |
plugins/ktcore/KTPermissions.php
| @@ -30,6 +30,7 @@ class KTDocumentPermissionsAction extends KTDocumentAction { | @@ -30,6 +30,7 @@ class KTDocumentPermissionsAction extends KTDocumentAction { | ||
| 30 | $oPO = KTPermissionObject::get($this->oDocument->getPermissionObjectID()); | 30 | $oPO = KTPermissionObject::get($this->oDocument->getPermissionObjectID()); |
| 31 | $aPermissions = KTPermission::getList(); | 31 | $aPermissions = KTPermission::getList(); |
| 32 | $aMapPermissionGroup = array(); | 32 | $aMapPermissionGroup = array(); |
| 33 | + $aMapPermissionRole = array(); | ||
| 33 | foreach ($aPermissions as $oPermission) { | 34 | foreach ($aPermissions as $oPermission) { |
| 34 | $oPA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oPO); | 35 | $oPA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oPO); |
| 35 | if (PEAR::isError($oPA)) { | 36 | if (PEAR::isError($oPA)) { |
| @@ -42,16 +43,11 @@ class KTDocumentPermissionsAction extends KTDocumentAction { | @@ -42,16 +43,11 @@ class KTDocumentPermissionsAction extends KTDocumentAction { | ||
| 42 | foreach ($aIDs as $iID) { | 43 | foreach ($aIDs as $iID) { |
| 43 | $aMapPermissionGroup[$iPermissionID][$iID] = true; | 44 | $aMapPermissionGroup[$iPermissionID][$iID] = true; |
| 44 | } | 45 | } |
| 45 | - } | ||
| 46 | - $aMapPermissionUser = array(); | ||
| 47 | - $aUsers = User::getList(); | ||
| 48 | - foreach ($aPermissions as $oPermission) { | ||
| 49 | - $iPermissionID = $oPermission->getID(); | ||
| 50 | - foreach ($aUsers as $oUser) { | ||
| 51 | - if (KTPermissionUtil::userHasPermissionOnItem($oUser, $oPermission, $this->oDocument)) { | ||
| 52 | - $aMapPermissionUser[$iPermissionID][$oUser->getID()] = true; | ||
| 53 | - } | ||
| 54 | - } | 46 | + $aIds = $oDescriptor->getRoles(); |
| 47 | + $aMapPermissionRole[$iPermissionID] = array(); | ||
| 48 | + foreach ($aIds as $iId) { | ||
| 49 | + $aMapPermissionRole[$iPermissionID][$iId] = true; | ||
| 50 | + } | ||
| 55 | } | 51 | } |
| 56 | 52 | ||
| 57 | $oInherited = KTPermissionUtil::findRootObjectForPermissionObject($oPO); | 53 | $oInherited = KTPermissionUtil::findRootObjectForPermissionObject($oPO); |
| @@ -70,10 +66,10 @@ class KTDocumentPermissionsAction extends KTDocumentAction { | @@ -70,10 +66,10 @@ class KTDocumentPermissionsAction extends KTDocumentAction { | ||
| 70 | "context" => $this, | 66 | "context" => $this, |
| 71 | "permissions" => $aPermissions, | 67 | "permissions" => $aPermissions, |
| 72 | "groups" => Group::getList(), | 68 | "groups" => Group::getList(), |
| 69 | + "roles" => Role::getList(), | ||
| 73 | "iDocumentID" => $_REQUEST['fDocumentID'], | 70 | "iDocumentID" => $_REQUEST['fDocumentID'], |
| 74 | "aMapPermissionGroup" => $aMapPermissionGroup, | 71 | "aMapPermissionGroup" => $aMapPermissionGroup, |
| 75 | - "users" => $aUsers, | ||
| 76 | - "aMapPermissionUser" => $aMapPermissionUser, | 72 | + "aMapPermissionRole" => $aMapPermissionRole, |
| 77 | "edit" => $bEdit, | 73 | "edit" => $bEdit, |
| 78 | "inherited" => $sInherited, | 74 | "inherited" => $sInherited, |
| 79 | ); | 75 | ); |
| @@ -158,6 +154,7 @@ class KTRoleAllocationPlugin extends KTFolderAction { | @@ -158,6 +154,7 @@ class KTRoleAllocationPlugin extends KTFolderAction { | ||
| 158 | 154 | ||
| 159 | // map to users, groups. | 155 | // map to users, groups. |
| 160 | foreach ($aRoles as $key => $role) { | 156 | foreach ($aRoles as $key => $role) { |
| 157 | + /* | ||
| 161 | $_users = array(); | 158 | $_users = array(); |
| 162 | foreach ($aRoles[$key]['users'] as $iUserId) { | 159 | foreach ($aRoles[$key]['users'] as $iUserId) { |
| 163 | $oUser = User::get($iUserId); | 160 | $oUser = User::get($iUserId); |
| @@ -170,6 +167,7 @@ class KTRoleAllocationPlugin extends KTFolderAction { | @@ -170,6 +167,7 @@ class KTRoleAllocationPlugin extends KTFolderAction { | ||
| 170 | } else { | 167 | } else { |
| 171 | $aRoles[$key]['users'] = join(', ',$_users); | 168 | $aRoles[$key]['users'] = join(', ',$_users); |
| 172 | } | 169 | } |
| 170 | + */ | ||
| 173 | 171 | ||
| 174 | $_groups = array(); | 172 | $_groups = array(); |
| 175 | foreach ($aRoles[$key]['groups'] as $iGroupId) { | 173 | foreach ($aRoles[$key]['groups'] as $iGroupId) { |
templates/ktcore/document/document_permissions.smarty
| @@ -37,6 +37,7 @@ td.false { background-color: #ffaaaa; text-align: centre } | @@ -37,6 +37,7 @@ td.false { background-color: #ffaaaa; text-align: centre } | ||
| 37 | { /if } | 37 | { /if } |
| 38 | <div class="view" id="view"> | 38 | <div class="view" id="view"> |
| 39 | <table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> | 39 | <table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> |
| 40 | + | ||
| 40 | <thead> | 41 | <thead> |
| 41 | <tr> | 42 | <tr> |
| 42 | <th>Group</th> | 43 | <th>Group</th> |
| @@ -63,6 +64,34 @@ td.false { background-color: #ffaaaa; text-align: centre } | @@ -63,6 +64,34 @@ td.false { background-color: #ffaaaa; text-align: centre } | ||
| 63 | </tbody> | 64 | </tbody> |
| 64 | </table> | 65 | </table> |
| 65 | 66 | ||
| 67 | + | ||
| 68 | +<table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> | ||
| 69 | +<thead> | ||
| 70 | +<tr> | ||
| 71 | +<th>Role</th> | ||
| 72 | +{ foreach item=oPerm from=$permissions } | ||
| 73 | +<th title="{$oPerm->sName}">{$oPerm->sHumanName}</th> | ||
| 74 | +{ /foreach } | ||
| 75 | +</tr> | ||
| 76 | +</thead> | ||
| 77 | +<tbody> | ||
| 78 | +{ foreach item=oRole from=$roles } | ||
| 79 | +<td>{$oRole->getId()} / {$oRole->getName()}</td> | ||
| 80 | + { assign var=iRoleId value=$oRole->getId() } | ||
| 81 | + { foreach item=oPerm from=$permissions } | ||
| 82 | + { assign var=iPermId value=$oPerm->getId() } | ||
| 83 | + { assign var=bHasPerm value=$aMapPermissionRole[$iPermId][$iRoleId] } | ||
| 84 | +{ if $bHasPerm } | ||
| 85 | +<td class="true">True</td> | ||
| 86 | +{ else } | ||
| 87 | +<td class="false">False</td> | ||
| 88 | +{ /if } | ||
| 89 | + { /foreach } | ||
| 90 | +</tr> | ||
| 91 | +{ /foreach } | ||
| 92 | +</tbody> | ||
| 93 | +</table> | ||
| 94 | + | ||
| 66 | <div style="text-align: center; padding-top: 2px"> | 95 | <div style="text-align: center; padding-top: 2px"> |
| 67 | <span style="border: 1px solid #cccccc; background-color: #ffeeee; | 96 | <span style="border: 1px solid #cccccc; background-color: #ffeeee; |
| 68 | padding: 2px; padding-right: 1em; padding-left: 1em"> | 97 | padding: 2px; padding-right: 1em; padding-left: 1em"> |
| @@ -114,38 +143,40 @@ value="{$iGroupID}"></td> | @@ -114,38 +143,40 @@ value="{$iGroupID}"></td> | ||
| 114 | </tbody> | 143 | </tbody> |
| 115 | </table> | 144 | </table> |
| 116 | 145 | ||
| 117 | -<input type="submit" name="submit" value="{i18n}Update{/i18n}"> | ||
| 118 | -</form> | ||
| 119 | -</div> | ||
| 120 | -{ /if } | ||
| 121 | 146 | ||
| 122 | -<h2>{i18n}User permissions{/i18n}</h2> | ||
| 123 | - | ||
| 124 | -<div> | ||
| 125 | <table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> | 147 | <table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> |
| 126 | <thead> | 148 | <thead> |
| 127 | <tr> | 149 | <tr> |
| 128 | -<th>{i18n}User{/i18n}</th> | 150 | +<th>Role</th> |
| 129 | { foreach item=oPerm from=$permissions } | 151 | { foreach item=oPerm from=$permissions } |
| 130 | <th title="{$oPerm->sName}">{$oPerm->sHumanName}</th> | 152 | <th title="{$oPerm->sName}">{$oPerm->sHumanName}</th> |
| 131 | { /foreach } | 153 | { /foreach } |
| 132 | </tr> | 154 | </tr> |
| 133 | </thead> | 155 | </thead> |
| 156 | + | ||
| 134 | <tbody> | 157 | <tbody> |
| 135 | -{ foreach item=oUser from=$users } | ||
| 136 | -<td>{$oUser->getID()} / {$oUser->getName()}</td> | ||
| 137 | - { assign var=iUserID value=$oUser->getID() } | 158 | +{ foreach item=oRole from=$roles } |
| 159 | +<td>{$oRole->getId()} / {$oRole->getName()}</td> | ||
| 160 | + { assign var=iRoleId value=$oRole->getId() } | ||
| 138 | { foreach item=oPerm from=$permissions } | 161 | { foreach item=oPerm from=$permissions } |
| 139 | - { assign var=iPermID value=$oPerm->getID() } | ||
| 140 | - { assign var=bHasPerm value=$aMapPermissionUser[$iPermID][$iUserID] } | 162 | + { assign var=iPermId value=$oPerm->getId() } |
| 163 | + { assign var=bHasPerm value=$aMapPermissionRole[$iPermId][$iRoleId] } | ||
| 164 | + | ||
| 141 | { if $bHasPerm } | 165 | { if $bHasPerm } |
| 142 | -<td class="true">{i18n}True{/i18n}</td> | 166 | +<td class="true"><input type="checkbox" name="foo[{$iPermId}][role][]" |
| 167 | +value="{$iRoleId}" checked="true"></td> | ||
| 143 | { else } | 168 | { else } |
| 144 | -<td class="false">{i18n}False{/i18n}</td> | 169 | +<td class="false"><input type="checkbox" name="foo[{$iPermId}][role][]" |
| 170 | +value="{$iRoleId}"></td> | ||
| 145 | { /if } | 171 | { /if } |
| 146 | { /foreach } | 172 | { /foreach } |
| 147 | </tr> | 173 | </tr> |
| 148 | { /foreach } | 174 | { /foreach } |
| 149 | </tbody> | 175 | </tbody> |
| 150 | </table> | 176 | </table> |
| 177 | + | ||
| 178 | + | ||
| 179 | +<input type="submit" name="submit" value="{i18n}Update{/i18n}"> | ||
| 180 | +</form> | ||
| 151 | </div> | 181 | </div> |
| 182 | +{ /if } |
templates/ktcore/folder/permissions.smarty
| @@ -65,22 +65,36 @@ MochiKit.DOM.hideElement('view');">{i18n}Edit{/i18n}</a> | @@ -65,22 +65,36 @@ MochiKit.DOM.hideElement('view');">{i18n}Edit{/i18n}</a> | ||
| 65 | </tbody> | 65 | </tbody> |
| 66 | </table> | 66 | </table> |
| 67 | 67 | ||
| 68 | -<div style="text-align: center; padding-top: 2px"> | ||
| 69 | -<span style="border: 1px solid #cccccc; background-color: #ffeeee; | ||
| 70 | -padding: 2px; padding-right: 1em; padding-left: 1em"> | ||
| 71 | -{ if $inherited } | ||
| 72 | -{i18n}Inherited from:{/i18n} {$inherited} | ||
| 73 | -[<a | ||
| 74 | -href="{$smarty.server.PHP_SELF}?action=copyPermissions&fFolderId={$iFolderId}">{i18n}Copy{/i18n}</a>] | 68 | +<table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> |
| 69 | +<thead> | ||
| 70 | +<tr> | ||
| 71 | +<th>Role</th> | ||
| 72 | +{ foreach item=oPerm from=$permissions } | ||
| 73 | +<th title="{$oPerm->sName}">{$oPerm->sHumanName}</th> | ||
| 74 | +{ /foreach } | ||
| 75 | +</tr> | ||
| 76 | +</thead> | ||
| 77 | +<tbody> | ||
| 78 | +{ foreach item=oRole from=$roles } | ||
| 79 | +<td>{$oRole->getId()} / {$oRole->getName()}</td> | ||
| 80 | + { assign var=iRoleId value=$oRole->getId() } | ||
| 81 | + { foreach item=oPerm from=$permissions } | ||
| 82 | + { assign var=iPermId value=$oPerm->getId() } | ||
| 83 | + { assign var=bHasPerm value=$aMapPermissionRole[$iPermId][$iRoleId] } | ||
| 84 | +{ if $bHasPerm } | ||
| 85 | +<td class="true">True</td> | ||
| 75 | { else } | 86 | { else } |
| 76 | -[<a | ||
| 77 | -href="{$smarty.server.PHP_SELF}?action=inheritPermissions&fFolderId={$iFolderId}">{i18n}Use | ||
| 78 | -parent's permissions{/i18n}</a>] | 87 | +<td class="false">False</td> |
| 79 | { /if } | 88 | { /if } |
| 80 | -</span> | ||
| 81 | -</div> | 89 | + { /foreach } |
| 90 | +</tr> | ||
| 91 | +{ /foreach } | ||
| 92 | +</tbody> | ||
| 93 | +</table> | ||
| 94 | + | ||
| 82 | </div> | 95 | </div> |
| 83 | 96 | ||
| 97 | + | ||
| 84 | { if $edit } | 98 | { if $edit } |
| 85 | <div class="edit" id="edit"> | 99 | <div class="edit" id="edit"> |
| 86 | <form action="{$smarty.server.PHP_SELF}" method="POST"> | 100 | <form action="{$smarty.server.PHP_SELF}" method="POST"> |
| @@ -115,11 +129,60 @@ value="{$iGroupId}"></td> | @@ -115,11 +129,60 @@ value="{$iGroupId}"></td> | ||
| 115 | </tbody> | 129 | </tbody> |
| 116 | </table> | 130 | </table> |
| 117 | 131 | ||
| 132 | +<table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> | ||
| 133 | +<thead> | ||
| 134 | +<tr> | ||
| 135 | +<th>Role</th> | ||
| 136 | +{ foreach item=oPerm from=$permissions } | ||
| 137 | +<th title="{$oPerm->sName}">{$oPerm->sHumanName}</th> | ||
| 138 | +{ /foreach } | ||
| 139 | +</tr> | ||
| 140 | +</thead> | ||
| 141 | + | ||
| 142 | +<tbody> | ||
| 143 | +{ foreach item=oRole from=$roles } | ||
| 144 | +<td>{$oRole->getId()} / {$oRole->getName()}</td> | ||
| 145 | + { assign var=iRoleId value=$oRole->getId() } | ||
| 146 | + { foreach item=oPerm from=$permissions } | ||
| 147 | + { assign var=iPermId value=$oPerm->getId() } | ||
| 148 | + { assign var=bHasPerm value=$aMapPermissionRole[$iPermId][$iRoleId] } | ||
| 149 | + | ||
| 150 | +{ if $bHasPerm } | ||
| 151 | +<td class="true"><input type="checkbox" name="foo[{$iPermId}][role][]" | ||
| 152 | +value="{$iRoleId}" checked="true"></td> | ||
| 153 | +{ else } | ||
| 154 | +<td class="false"><input type="checkbox" name="foo[{$iPermId}][role][]" | ||
| 155 | +value="{$iRoleId}"></td> | ||
| 156 | +{ /if } | ||
| 157 | + { /foreach } | ||
| 158 | +</tr> | ||
| 159 | +{ /foreach } | ||
| 160 | +</tbody> | ||
| 161 | +</table> | ||
| 162 | + | ||
| 118 | <input type="submit" name="submit" value="{i18n}Update{/i18n}"> | 163 | <input type="submit" name="submit" value="{i18n}Update{/i18n}"> |
| 119 | </form> | 164 | </form> |
| 165 | + | ||
| 120 | </div> | 166 | </div> |
| 121 | { /if } | 167 | { /if } |
| 122 | 168 | ||
| 169 | + | ||
| 170 | + | ||
| 171 | +<div style="text-align: center; padding-top: 2px"> | ||
| 172 | +<span style="border: 1px solid #cccccc; background-color: #ffeeee; | ||
| 173 | +padding: 2px; padding-right: 1em; padding-left: 1em"> | ||
| 174 | +{ if $inherited } | ||
| 175 | +{i18n}Inherited from:{/i18n} {$inherited} | ||
| 176 | +[<a | ||
| 177 | +href="{$smarty.server.PHP_SELF}?action=copyPermissions&fFolderId={$iFolderId}">{i18n}Copy{/i18n}</a>] | ||
| 178 | +{ else } | ||
| 179 | +[<a | ||
| 180 | +href="{$smarty.server.PHP_SELF}?action=inheritPermissions&fFolderId={$iFolderId}">{i18n}Use | ||
| 181 | +parent's permissions{/i18n}</a>] | ||
| 182 | +{ /if } | ||
| 183 | +</span> | ||
| 184 | +</div> | ||
| 185 | + | ||
| 123 | <h2>Dynamic permissions</h2> | 186 | <h2>Dynamic permissions</h2> |
| 124 | 187 | ||
| 125 | { if $dynamic_conditions } | 188 | { if $dynamic_conditions } |
| @@ -186,34 +249,3 @@ $this->assign("aPermissions", $this->_tpl_vars['oDynamicCondition']->getAssignme | @@ -186,34 +249,3 @@ $this->assign("aPermissions", $this->_tpl_vars['oDynamicCondition']->getAssignme | ||
| 186 | <input type="submit" name="submit" value="{i18n}Add{/i18n}" /> | 249 | <input type="submit" name="submit" value="{i18n}Add{/i18n}" /> |
| 187 | </form> | 250 | </form> |
| 188 | { /if } | 251 | { /if } |
| 189 | - | ||
| 190 | -<h2>User permissions</h2> | ||
| 191 | - | ||
| 192 | -<div> | ||
| 193 | -<table class="pretty" cellspacing="0" cellpadding="0" border="0" width="100%"> | ||
| 194 | -<thead> | ||
| 195 | -<tr> | ||
| 196 | -<th>{i18n}User{/i18n}</th> | ||
| 197 | -{ foreach item=oPerm from=$permissions } | ||
| 198 | -<th title="{$oPerm->sName}">{$oPerm->sHumanName}</th> | ||
| 199 | -{ /foreach } | ||
| 200 | -</tr> | ||
| 201 | -</thead> | ||
| 202 | -<tbody> | ||
| 203 | -{ foreach item=oUser from=$users } | ||
| 204 | -<td>{$oUser->getId()} / {$oUser->getName()}</td> | ||
| 205 | - { assign var=iUserId value=$oUser->getId() } | ||
| 206 | - { foreach item=oPerm from=$permissions } | ||
| 207 | - { assign var=iPermId value=$oPerm->getId() } | ||
| 208 | - { assign var=bHasPerm value=$aMapPermissionUser[$iPermId][$iUserId] } | ||
| 209 | -{ if $bHasPerm } | ||
| 210 | -<td class="true">{i18n}True{/i18n}</td> | ||
| 211 | -{ else } | ||
| 212 | -<td class="false">{i18n}False{/i18n}</td> | ||
| 213 | -{ /if } | ||
| 214 | - { /foreach } | ||
| 215 | -</tr> | ||
| 216 | -{ /foreach } | ||
| 217 | -</tbody> | ||
| 218 | -</table> | ||
| 219 | -</div> |
templates/ktcore/folder/roles.smarty
| @@ -14,7 +14,7 @@ role allocations can take very long time, depending on the number of folders bel | @@ -14,7 +14,7 @@ role allocations can take very long time, depending on the number of folders bel | ||
| 14 | <tr> | 14 | <tr> |
| 15 | <th>{i18n}Role{/i18n}</th> | 15 | <th>{i18n}Role{/i18n}</th> |
| 16 | <th>{i18n}Allocated users{/i18n}</th> | 16 | <th>{i18n}Allocated users{/i18n}</th> |
| 17 | - <th>{i18n}Edit Users{/i18n}</th> | 17 | +<!-- <th>{i18n}Edit Users{/i18n}</th> --> |
| 18 | <th>{i18n}Edit Groups{/i18n}</th> | 18 | <th>{i18n}Edit Groups{/i18n}</th> |
| 19 | <th>{i18n}Use Parent{/i18n}</th> | 19 | <th>{i18n}Use Parent{/i18n}</th> |
| 20 | </tr> | 20 | </tr> |
| @@ -28,16 +28,16 @@ role allocations can take very long time, depending on the number of folders bel | @@ -28,16 +28,16 @@ role allocations can take very long time, depending on the number of folders bel | ||
| 28 | <strong>{i18n}inherited from parent folder.{/i18n}</strong><br /> | 28 | <strong>{i18n}inherited from parent folder.{/i18n}</strong><br /> |
| 29 | <span class="descriptiveText"> | 29 | <span class="descriptiveText"> |
| 30 | {/if} | 30 | {/if} |
| 31 | - {if ($aRole.users != null)}<strong>{i18n}Users:{/i18n}</strong> {$aRole.users}<br />{/if} | 31 | +<!-- {if ($aRole.users != null)}<strong>{i18n}Users:{/i18n}</strong> {$aRole.users}<br />{/if} --> |
| 32 | {if ($aRole.groups != null)}<strong>{i18n}Groups:{/i18n}</strong> {$aRole.groups}{/if} | 32 | {if ($aRole.groups != null)}<strong>{i18n}Groups:{/i18n}</strong> {$aRole.groups}{/if} |
| 33 | {if ($aRole.allocation_id === null)} | 33 | {if ($aRole.allocation_id === null)} |
| 34 | </span class="descriptiveText"> | 34 | </span class="descriptiveText"> |
| 35 | {/if} | 35 | {/if} |
| 36 | </td> | 36 | </td> |
| 37 | {if ($aRole.allocation_id === null)} | 37 | {if ($aRole.allocation_id === null)} |
| 38 | - <td colspan="3"><a href="{$smarty.server.PHP_SELF}?action=overrideParent&role_id={$role_id}&fFolderId={$context->oFolder->getId()}">{i18n}Override Parent Allocation{/i18n}</a></td> | 38 | + <td colspan="2"><a href="{$smarty.server.PHP_SELF}?action=overrideParent&role_id={$role_id}&fFolderId={$context->oFolder->getId()}">{i18n}Override Parent Allocation{/i18n}</a></td> |
| 39 | {else} | 39 | {else} |
| 40 | - <td><a href="{$smarty.server.PHP_SELF}?action=editRoleUsers&alloc_id={$aRole.allocation_id}&fFolderId={$context->oFolder->getId()}" class="ktAction ktEdit" title="{i18n}Edit{/i18n}">Edit</a></td> | 40 | +<!-- <td><a href="{$smarty.server.PHP_SELF}?action=editRoleUsers&alloc_id={$aRole.allocation_id}&fFolderId={$context->oFolder->getId()}" class="ktAction ktEdit" title="{i18n}Edit{/i18n}">Edit</a></td> --> |
| 41 | <td><a href="{$smarty.server.PHP_SELF}?action=editRoleGroups&alloc_id={$aRole.allocation_id}&fFolderId={$context->oFolder->getId()}" class="ktAction ktEdit" title="{i18n}Edit{/i18n}">Edit</a></td> | 41 | <td><a href="{$smarty.server.PHP_SELF}?action=editRoleGroups&alloc_id={$aRole.allocation_id}&fFolderId={$context->oFolder->getId()}" class="ktAction ktEdit" title="{i18n}Edit{/i18n}">Edit</a></td> |
| 42 | <td><a href="{$smarty.server.PHP_SELF}?action=useParent&role_id={$role_id}&fFolderId={$context->oFolder->getId()}" class="ktAction ktDelete" title="{i18n}Use parent's allocation{/i18n}">{i18n}Use parent's allocation{/i18n}</a></td> | 42 | <td><a href="{$smarty.server.PHP_SELF}?action=useParent&role_id={$role_id}&fFolderId={$context->oFolder->getId()}" class="ktAction ktDelete" title="{i18n}Use parent's allocation{/i18n}">{i18n}Use parent's allocation{/i18n}</a></td> |
| 43 | {/if} | 43 | {/if} |