crt
/
fusionpbx-ldap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Fork of FusionPBX but with LDAP kinda working
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
28 MiB
Tree: 5da3596a48
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5da3596a48'
${ noResults }
fusionpbx-ldap/app/access_controls/access_controls.php

249 lines
9.8 KiB
Raw Normal View History

initial clone
2 years ago
  1. <?php
  2. /*
  3. FusionPBX
  4. Version: MPL 1.1
  6. The contents of this file are subject to the Mozilla Public License Version
  7. 1.1 (the "License"); you may not use this file except in compliance with
  8. the License. You may obtain a copy of the License at
  9. http://www.mozilla.org/MPL/
  11. Software distributed under the License is distributed on an "AS IS" basis,
  12. WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  13. for the specific language governing rights and limitations under the
  14. License.
  16. The Original Code is FusionPBX
  18. The Initial Developer of the Original Code is
  19. Mark J Crane <markjcrane@fusionpbx.com>
  20. Portions created by the Initial Developer are Copyright (C) 2018 - 2020
  21. the Initial Developer. All Rights Reserved.
  23. Contributor(s):
  24. Mark J Crane <markjcrane@fusionpbx.com>
  25. */
  27. //includes
  28. require_once "root.php";
  29. require_once "resources/require.php";
  30. require_once "resources/check_auth.php";
  32. //check permissions
  33. if (permission_exists('access_control_view')) {
  34. //access granted
  35. }
  36. else {
  37. echo "access denied";
  38. exit;
  39. }
  41. //add multi-lingual support
  42. $language = new text;
  43. $text = $language->get();
  45. //get the http post data
  46. if (is_array($_POST['access_controls'])) {
  47. $action = $_POST['action'];
  48. $search = $_POST['search'];
  49. $access_controls = $_POST['access_controls'];
  50. }
  52. //process the http post data by action
  53. if ($action != '' && is_array($access_controls) && @sizeof($access_controls) != 0) {
  55. //validate the token
  56. $token = new token;
  57. if (!$token->validate($_SERVER['PHP_SELF'])) {
  58. message::add($text['message-invalid_token'],'negative');
  59. header('Location: access_controls.php');
  60. exit;
  61. }
  63. //prepare the array
  64. foreach($access_controls as $row) {
  65. $array['access_controls'][$x]['checked'] = $row['checked'];
  66. $array['access_controls'][$x]['access_control_uuid'] = $row['access_control_uuid'];
  67. $x++;
  68. }
  70. //prepare the database object
  71. $database = new database;
  72. $database->app_name = 'access_controls';
  73. $database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
  75. //send the array to the database class
  76. switch ($action) {
  77. case 'copy':
  78. if (permission_exists('access_control_add')) {
  79. $database->copy($array);
  80. }
  81. break;
  82. case 'toggle':
  83. if (permission_exists('access_control_edit')) {
  84. $database->toggle($array);
  85. }
  86. break;
  87. case 'delete':
  88. if (permission_exists('access_control_delete')) {
  89. $database->delete($array);
  90. }
  91. break;
  92. }
  94. //redirect the user
  95. header('Location: access_controls.php'.($search != '' ? '?search='.urlencode($search) : null));
  96. exit;
  97. }
  99. //get order and order by
  100. $order_by = $_GET["order_by"];
  101. $order = $_GET["order"];
  103. //add the search
  104. if (isset($_GET["search"])) {
  105. $search = strtolower($_GET["search"]);
  106. $parameters['search'] = '%'.$search.'%';
  107. }
  109. //get the count
  110. $sql = "select count(access_control_uuid) ";
  111. $sql .= "from v_access_controls ";
  112. if (isset($_GET["search"])) {
  113. $sql .= "where (";
  114. $sql .= " lower(access_control_name) like :search ";
  115. $sql .= " or lower(access_control_default) like :search ";
  116. $sql .= " or lower(access_control_description) like :search ";
  117. $sql .= ") ";
  118. }
  119. $database = new database;
  120. $num_rows = $database->select($sql, $parameters, 'column');
  122. //get the list
  123. $sql = "select ";
  124. $sql .= "access_control_uuid, ";
  125. $sql .= "access_control_name, ";
  126. $sql .= "access_control_default, ";
  127. $sql .= "access_control_description ";
  128. $sql .= "from v_access_controls ";
  129. if (isset($_GET["search"])) {
  130. $sql .= "where (";
  131. $sql .= " lower(access_control_name) like :search ";
  132. $sql .= " or lower(access_control_default) like :search ";
  133. $sql .= " or lower(access_control_description) like :search ";
  134. $sql .= ") ";
  135. }
  136. $sql .= order_by($order_by, $order, 'access_control_name', 'asc');
  137. $sql .= limit_offset($rows_per_page, $offset);
  138. $database = new database;
  139. $access_controls = $database->select($sql, $parameters, 'all');
  140. unset($sql, $parameters);
  142. //create token
  143. $object = new token;
  144. $token = $object->create($_SERVER['PHP_SELF']);
  146. //additional includes
  147. $document['title'] = $text['title-access_controls'];
  148. require_once "resources/header.php";
  150. //show the content
  151. echo "<div class='action_bar' id='action_bar'>\n";
  152. echo " <div class='heading'><b>".$text['title-access_controls']." (".$num_rows.")</b></div>\n";
  153. echo " <div class='actions'>\n";
  154. if (permission_exists('access_control_add')) {
  155. echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','name'=>'btn_add','link'=>'access_control_edit.php']);
  156. }
  157. if (permission_exists('access_control_add') && $access_controls) {
  158. echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'id'=>'btn_copy','name'=>'btn_copy','style'=>'display:none;','onclick'=>"modal_open('modal-copy','btn_copy');"]);
  159. }
  160. if (permission_exists('access_control_delete') && $access_controls) {
  161. echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'id'=>'btn_delete','name'=>'btn_delete','style'=>'display:none;','onclick'=>"modal_open('modal-delete','btn_delete');"]);
  162. }
  163. echo "<form id='form_search' class='inline' method='get'>\n";
  164. echo "<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown=''>";
  165. echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search']);
  166. //echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'access_controls.php','style'=>($search == '' ? 'display: none;' : null)]);
  167. if ($paging_controls_mini != '') {
  168. echo "<span style='margin-left: 15px;'>".$paging_controls_mini."</span>\n";
  169. }
  170. echo " </form>\n";
  171. echo " </div>\n";
  172. echo " <div style='clear: both;'></div>\n";
  173. echo "</div>\n";
  175. if (permission_exists('access_control_add') && $access_controls) {
  176. echo modal::create(['id'=>'modal-copy','type'=>'copy','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_copy','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('copy'); list_form_submit('form_list');"])]);
  177. }
  178. if (permission_exists('access_control_delete') && $access_controls) {
  179. echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('delete'); list_form_submit('form_list');"])]);
  180. }
  182. echo $text['title_description-access_controls']."\n";
  183. echo "<br /><br />\n";
  185. echo "<form id='form_list' method='post'>\n";
  186. echo "<input type='hidden' id='action' name='action' value=''>\n";
  187. echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
  189. echo "<table class='list'>\n";
  190. echo "<tr class='list-header'>\n";
  191. if (permission_exists('access_control_add') || permission_exists('access_control_edit') || permission_exists('access_control_delete')) {
  192. echo " <th class='checkbox'>\n";
  193. echo " <input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle(); checkbox_on_change(this);' ".($access_controls ?: "style='visibility: hidden;'").">\n";
  194. echo " </th>\n";
  195. }
  196. echo th_order_by('access_control_name', $text['label-access_control_name'], $order_by, $order);
  197. echo th_order_by('access_control_default', $text['label-access_control_default'], $order_by, $order);
  198. echo " <th class='hide-sm-dn'>".$text['label-access_control_description']."</th>\n";
  199. if (permission_exists('access_control_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
  200. echo " <td class='action-button'>&nbsp;</td>\n";
  201. }
  202. echo "</tr>\n";
  204. if (is_array($access_controls) && @sizeof($access_controls) != 0) {
  205. $x = 0;
  206. foreach ($access_controls as $row) {
  207. if (permission_exists('access_control_edit')) {
  208. $list_row_url = "access_control_edit.php?id=".urlencode($row['access_control_uuid']);
  209. }
  210. echo "<tr class='list-row' href='".$list_row_url."'>\n";
  211. if (permission_exists('access_control_add') || permission_exists('access_control_edit') || permission_exists('access_control_delete')) {
  212. echo " <td class='checkbox'>\n";
  213. echo " <input type='checkbox' name='access_controls[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"checkbox_on_change(this); if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
  214. echo " <input type='hidden' name='access_controls[$x][access_control_uuid]' value='".escape($row['access_control_uuid'])."' />\n";
  215. echo " </td>\n";
  216. }
  217. echo " <td>\n";
  218. if (permission_exists('access_control_edit')) {
  219. echo " <a href='".$list_row_url."' title=\"".$text['button-edit']."\">".escape($row['access_control_name'])."</a>\n";
  220. }
  221. else {
  222. echo " ".escape($row['access_control_name']);
  223. }
  224. echo " </td>\n";
  225. echo " <td>".escape($row['access_control_default'])."</td>\n";
  226. echo " <td class='description overflow hide-sm-dn'>".escape($row['access_control_description'])."</td>\n";
  227. if (permission_exists('access_control_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
  228. echo " <td class='action-button'>\n";
  229. echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]);
  230. echo " </td>\n";
  231. }
  232. echo "</tr>\n";
  233. $x++;
  234. }
  235. unset($access_controls);
  236. }
  238. echo "</table>\n";
  239. echo "<br />\n";
  240. echo "<div align='center'>".$paging_controls."</div>\n";
  242. echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
  244. echo "</form>\n";
  246. //include the footer
  247. require_once "resources/footer.php";
  249. ?>