Portions created by the Initial Developer are Copyright (C) 2018 - 2022
the Initial Developer. All Rights Reserved.
*/
//includes
require_once "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
//check permissions
if (permission_exists('access_control_add') || permission_exists('access_control_edit')) {
//access granted
}
else {
echo "access denied";
exit;
}
//add multi-lingual support
$language = new text;
$text = $language->get();
//action add or update
if (is_uuid($_REQUEST["id"])) {
$action = "update";
$access_control_uuid = $_REQUEST["id"];
$id = $_REQUEST["id"];
}
else {
$action = "add";
}
//get http post variables and set them to php variables
if (is_array($_POST) && @sizeof($_POST) != 0) {
$access_control_name = $_POST["access_control_name"];
$access_control_default = $_POST["access_control_default"];
$access_control_nodes = $_POST["access_control_nodes"];
$access_control_description = $_POST["access_control_description"];
}
//process the user data and save it to the database
if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
//enforce valid data
if ($access_control_name == 'providers' || $access_control_name == 'domains') {
$access_control_default = 'deny';
}
if ($access_control_default != 'allow' && $access_control_default != 'deny') {
$access_control_default = 'deny';
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: access_controls.php');
exit;
}
//process the http post data by submitted action
if ($_POST['action'] != '' && strlen($_POST['action']) > 0) {
//prepare the array(s)
$x = 0;
foreach ($_POST['access_control_nodes'] as $row) {
if (is_uuid($row['access_control_uuid']) && $row['checked'] === 'true') {
$array['access_controls'][$x]['checked'] = $row['checked'];
$array['access_controls'][$x]['access_control_nodes'][]['access_control_node_uuid'] = $row['access_control_node_uuid'];
$x++;
}
}
//send the array to the database class
switch ($_POST['action']) {
case 'copy':
if (permission_exists('access_control_add')) {
$obj = new database;
$obj->copy($array);
}
break;
case 'delete':
if (permission_exists('access_control_delete')) {
$obj = new database;
$obj->delete($array);
}
break;
case 'toggle':
if (permission_exists('access_control_update')) {
$obj = new database;
$obj->toggle($array);
}
break;
}
//clear the cache, reloadacl and redirect the user
if (in_array($_POST['action'], array('copy', 'delete', 'toggle'))) {
//clear the cache
$cache = new cache;
$cache->delete("configuration:acl.conf");
//create the event socket connection
$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
if ($fp) {
event_socket_request($fp, "api reloadacl");
}
//redirect the user
header('Location: access_control_edit.php?id='.$id);
exit;
}
}
//check for all required data
$msg = '';
if (strlen($access_control_name) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_name']."
\n"; }
if (strlen($access_control_default) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_default']."
\n"; }
//if (strlen($access_control_nodes) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_nodes']."
\n"; }
//if (strlen($access_control_description) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_description']."
\n"; }
if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) {
require_once "resources/header.php";
require_once "resources/persist_form_var.php";
echo "
\n";
echo $msg." "; echo " |