From 3c17f81e1d2fb68f69cfa620ca00ad63e83cc17c Mon Sep 17 00:00:00 2001 From: dj3c1t Date: Wed, 13 Feb 2013 23:19:55 +0100 Subject: [PATCH] roles multiples possible par user, administrables --- content/data/mysql/mtweb.sql | 237 ++++++----- content/data/xml/mw/action_status/.index | 2 +- content/data/xml/mw/action_status/171.xml | 4 - .../data/xml/mw/action_status/{173.xml => 182.xml} | 2 +- .../data/xml/mw/action_status/{170.xml => 187.xml} | 2 +- .../data/xml/mw/action_status/{172.xml => 188.xml} | 3 +- content/data/xml/mw/config/.index | 2 +- content/data/xml/mw/config/59.xml | 3 + content/data/xml/mw/roles/.index | 1 + content/data/xml/mw/roles/1.xml | 4 + content/data/xml/mw/roles/2.xml | 4 + content/data/xml/mw/user_status/.index | 1 - content/data/xml/mw/user_status/1.xml | 4 - content/data/xml/mw/user_status/2.xml | 4 - content/data/xml/mw/users/.index | 2 +- content/data/xml/mw/users/{14.xml => 18.xml} | 1 - content/data/xml/mw/users_roles/.index | 1 + content/data/xml/mw/users_roles/25.xml | 4 + content/data/xml/mw/users_roles/26.xml | 4 + mw/app/config.xml | 73 ++++ mw/app/data/modules/sql/mw_data_users.php | 285 +++++++++++-- mw/app/data/modules/xml/mw_data_users.php | 468 ++++++++++++++------- mw/app/init/0700_links.php | 2 + mw/app/mods/admin/users.php | 291 ++++++++++--- mw/app/out/default/admin.php | 2 +- mw/app/out/default/css/style.css | 30 +- mw/app/out/default/layouts/admin.xml | 3 + mw/app/out/default/views/admin/colonne.php | 8 +- mw/app/out/default/views/admin/users/add.php | 19 +- mw/app/out/default/views/admin/users/add_role.php | 29 ++ mw/app/out/default/views/admin/users/edit.php | 25 +- mw/app/out/default/views/admin/users/edit_role.php | 33 ++ mw/app/out/default/views/admin/users/list.php | 16 +- mw/app/out/default/views/admin/users/roles.php | 79 ++++ mw/app/out/default/views/footer.php | 8 +- mw/app/out/default/views/users/infos/edit.php | 10 +- mw/env/modules/mw_env_config.php | 45 ++ mw/env/modules/mw_env_run.php | 84 ++-- readme.txt | 2 +- 39 files changed, 1339 insertions(+), 458 deletions(-) delete mode 100644 content/data/xml/mw/action_status/171.xml rename content/data/xml/mw/action_status/{173.xml => 182.xml} (100%) rename content/data/xml/mw/action_status/{170.xml => 187.xml} (100%) rename content/data/xml/mw/action_status/{172.xml => 188.xml} (98%) create mode 100644 content/data/xml/mw/config/59.xml create mode 100644 content/data/xml/mw/roles/.index create mode 100644 content/data/xml/mw/roles/1.xml create mode 100644 content/data/xml/mw/roles/2.xml delete mode 100644 content/data/xml/mw/user_status/.index delete mode 100644 content/data/xml/mw/user_status/1.xml delete mode 100644 content/data/xml/mw/user_status/2.xml rename content/data/xml/mw/users/{14.xml => 18.xml} (83%) create mode 100644 content/data/xml/mw/users_roles/.index create mode 100644 content/data/xml/mw/users_roles/25.xml create mode 100644 content/data/xml/mw/users_roles/26.xml create mode 100644 mw/app/out/default/views/admin/users/add_role.php create mode 100644 mw/app/out/default/views/admin/users/edit_role.php create mode 100644 mw/app/out/default/views/admin/users/roles.php diff --git a/content/data/mysql/mtweb.sql b/content/data/mysql/mtweb.sql index 79d3c80..dfc9068 100644 --- a/content/data/mysql/mtweb.sql +++ b/content/data/mysql/mtweb.sql @@ -1,108 +1,129 @@ --- phpMyAdmin SQL Dump --- version 3.3.2deb1 --- http://www.phpmyadmin.net --- --- Serveur: localhost --- Généré le : Dim 25 Décembre 2011 à 15:01 --- Version du serveur: 5.1.41 --- Version de PHP: 5.3.2-1ubuntu4.11 - -SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; - --- --- Base de données: `mtweb` --- - --- -------------------------------------------------------- - --- --- Structure de la table `mw_action_status` --- - -CREATE TABLE IF NOT EXISTS `mw_action_status` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `action` varchar(255) NOT NULL, - `id_status` int(11) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ; - --- --- Contenu de la table `mw_action_status` --- - -INSERT INTO `mw_action_status` (`id`, `action`, `id_status`) VALUES -(1, 'admin', 1), -(2, 'users', 1), -(3, 'users', 2), -(4, 'users/identification', 0); - --- -------------------------------------------------------- - --- --- Structure de la table `mw_config` --- - -CREATE TABLE IF NOT EXISTS `mw_config` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `key` varchar(255) NOT NULL, - `value` text NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=20 ; - --- --- Contenu de la table `mw_config` --- - -INSERT INTO `mw_config` (`id`, `key`, `value`) VALUES -(1, 'site_name', 'mtweb'), -(2, 'max_list', '10'), -(3, 'description', ''), -(4, 'out', 'dist'), -(5, 'start_action', ''), -(6, 'contact_form', '0'), -(8, 'email', ''), -(9, 'captcha', '0'), -(16, 'start_action_params', ''); - --- -------------------------------------------------------- - --- --- Structure de la table `mw_users` --- - -CREATE TABLE IF NOT EXISTS `mw_users` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `login` varchar(255) NOT NULL, - `password` varchar(255) NOT NULL, - `email` varchar(255) NOT NULL, - `status` int(11) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; - --- --- Contenu de la table `mw_users` --- - -INSERT INTO `mw_users` (`id`, `login`, `password`, `email`, `status`) VALUES -(1, 'admin', '25e4ee4e9229397b6b17776bfceaf8e7', 'admin@domain.tld', 1); - --- -------------------------------------------------------- - --- --- Structure de la table `mw_user_status` --- - -CREATE TABLE IF NOT EXISTS `mw_user_status` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `nom` varchar(255) NOT NULL, - `creation_default` tinyint(4) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ; - --- --- Contenu de la table `mw_user_status` --- - -INSERT INTO `mw_user_status` (`id`, `nom`, `creation_default`) VALUES -(1, 'admin', 0), -(2, 'membre', 1); +-- phpMyAdmin SQL Dump +-- version 3.3.2deb1ubuntu1 +-- http://www.phpmyadmin.net +-- +-- Serveur: localhost +-- Généré le : Mer 13 Février 2013 à 23:03 +-- Version du serveur: 5.1.67 +-- Version de PHP: 5.3.2-1ubuntu4.18 + +SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; + +-- +-- Base de données: `mtweb` +-- + +-- -------------------------------------------------------- + +-- +-- Structure de la table `mw_action_status` +-- + +CREATE TABLE IF NOT EXISTS `mw_action_status` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `action` varchar(255) NOT NULL, + `id_status` int(11) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=116 ; + +-- +-- Contenu de la table `mw_action_status` +-- + +INSERT INTO `mw_action_status` (`id`, `action`, `id_status`) VALUES +(115, 'users/identification', 0), +(111, 'users', 2), +(113, 'admin', 1); + +-- -------------------------------------------------------- + +-- +-- Structure de la table `mw_config` +-- + +CREATE TABLE IF NOT EXISTS `mw_config` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `key` varchar(255) NOT NULL, + `value` text NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=30 ; + +-- +-- Contenu de la table `mw_config` +-- + +INSERT INTO `mw_config` (`id`, `key`, `value`) VALUES +(1, 'site_name', 'mtweb'), +(2, 'max_list', '10'), +(3, 'description', ''), +(4, 'out', 'default'), +(5, 'start_action', ''), +(6, 'contact_form', '0'), +(8, 'email', ''), +(9, 'captcha', '0'), +(29, 'default_allow', '1'), +(22, 'out_colonne', 'on'), +(16, 'start_action_params', ''), +(20, 'out_navig_menu_top', 'on'); + +-- -------------------------------------------------------- + +-- +-- Structure de la table `mw_roles` +-- + +CREATE TABLE IF NOT EXISTS `mw_roles` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `nom` varchar(255) NOT NULL, + `intitule` varchar(255) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; + +-- +-- Contenu de la table `mw_roles` +-- + +INSERT INTO `mw_roles` (`id`, `nom`, `intitule`) VALUES +(1, 'admin', 'administrateur'), +(2, 'membre', 'membre'); + +-- -------------------------------------------------------- + +-- +-- Structure de la table `mw_users` +-- + +CREATE TABLE IF NOT EXISTS `mw_users` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `login` varchar(255) NOT NULL, + `password` varchar(255) NOT NULL, + `email` varchar(255) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=18 ; + +-- +-- Contenu de la table `mw_users` +-- + +INSERT INTO `mw_users` (`id`, `login`, `password`, `email`) VALUES +(17, 'admin', '25e4ee4e9229397b6b17776bfceaf8e7', 'admin@domain.tld'); + +-- -------------------------------------------------------- + +-- +-- Structure de la table `mw_users_roles` +-- + +CREATE TABLE IF NOT EXISTS `mw_users_roles` ( + `id_user` int(11) NOT NULL, + `id_role` int(11) NOT NULL, + PRIMARY KEY (`id_user`,`id_role`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + +-- +-- Contenu de la table `mw_users_roles` +-- + +INSERT INTO `mw_users_roles` (`id_user`, `id_role`) VALUES +(17, 1), +(17, 2); diff --git a/content/data/xml/mw/action_status/.index b/content/data/xml/mw/action_status/.index index a6b4ce8..0947c33 100644 --- a/content/data/xml/mw/action_status/.index +++ b/content/data/xml/mw/action_status/.index @@ -1 +1 @@ -176 \ No newline at end of file +188 \ No newline at end of file diff --git a/content/data/xml/mw/action_status/171.xml b/content/data/xml/mw/action_status/171.xml deleted file mode 100644 index c662bfd..0000000 --- a/content/data/xml/mw/action_status/171.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - - diff --git a/content/data/xml/mw/action_status/173.xml b/content/data/xml/mw/action_status/182.xml similarity index 100% rename from content/data/xml/mw/action_status/173.xml rename to content/data/xml/mw/action_status/182.xml index d037f86..5e172e6 100644 --- a/content/data/xml/mw/action_status/173.xml +++ b/content/data/xml/mw/action_status/182.xml @@ -1,4 +1,4 @@ - + diff --git a/content/data/xml/mw/action_status/170.xml b/content/data/xml/mw/action_status/187.xml similarity index 100% rename from content/data/xml/mw/action_status/170.xml rename to content/data/xml/mw/action_status/187.xml index 8e3fd22..1f4af7e 100644 --- a/content/data/xml/mw/action_status/170.xml +++ b/content/data/xml/mw/action_status/187.xml @@ -1,4 +1,4 @@ - + diff --git a/content/data/xml/mw/action_status/172.xml b/content/data/xml/mw/action_status/188.xml similarity index 98% rename from content/data/xml/mw/action_status/172.xml rename to content/data/xml/mw/action_status/188.xml index c8de13d..d36ab48 100644 --- a/content/data/xml/mw/action_status/172.xml +++ b/content/data/xml/mw/action_status/188.xml @@ -1,5 +1,4 @@ - + - diff --git a/content/data/xml/mw/config/.index b/content/data/xml/mw/config/.index index 4800c7d..fc9afb4 100644 --- a/content/data/xml/mw/config/.index +++ b/content/data/xml/mw/config/.index @@ -1 +1 @@ -58 \ No newline at end of file +59 \ No newline at end of file diff --git a/content/data/xml/mw/config/59.xml b/content/data/xml/mw/config/59.xml new file mode 100644 index 0000000..fca1fcf --- /dev/null +++ b/content/data/xml/mw/config/59.xml @@ -0,0 +1,3 @@ + + + diff --git a/content/data/xml/mw/roles/.index b/content/data/xml/mw/roles/.index new file mode 100644 index 0000000..7813681 --- /dev/null +++ b/content/data/xml/mw/roles/.index @@ -0,0 +1 @@ +5 \ No newline at end of file diff --git a/content/data/xml/mw/roles/1.xml b/content/data/xml/mw/roles/1.xml new file mode 100644 index 0000000..59fc94b --- /dev/null +++ b/content/data/xml/mw/roles/1.xml @@ -0,0 +1,4 @@ + + + + diff --git a/content/data/xml/mw/roles/2.xml b/content/data/xml/mw/roles/2.xml new file mode 100644 index 0000000..391bb4c --- /dev/null +++ b/content/data/xml/mw/roles/2.xml @@ -0,0 +1,4 @@ + + + + diff --git a/content/data/xml/mw/user_status/.index b/content/data/xml/mw/user_status/.index deleted file mode 100644 index bf0d87a..0000000 --- a/content/data/xml/mw/user_status/.index +++ /dev/null @@ -1 +0,0 @@ -4 \ No newline at end of file diff --git a/content/data/xml/mw/user_status/1.xml b/content/data/xml/mw/user_status/1.xml deleted file mode 100644 index fa722e0..0000000 --- a/content/data/xml/mw/user_status/1.xml +++ /dev/null @@ -1,4 +0,0 @@ - - admin - 0 - \ No newline at end of file diff --git a/content/data/xml/mw/user_status/2.xml b/content/data/xml/mw/user_status/2.xml deleted file mode 100644 index 93bb41f..0000000 --- a/content/data/xml/mw/user_status/2.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - - diff --git a/content/data/xml/mw/users/.index b/content/data/xml/mw/users/.index index da2d398..25bf17f 100644 --- a/content/data/xml/mw/users/.index +++ b/content/data/xml/mw/users/.index @@ -1 +1 @@ -14 \ No newline at end of file +18 \ No newline at end of file diff --git a/content/data/xml/mw/users/14.xml b/content/data/xml/mw/users/18.xml similarity index 83% rename from content/data/xml/mw/users/14.xml rename to content/data/xml/mw/users/18.xml index c69b833..91293cc 100644 --- a/content/data/xml/mw/users/14.xml +++ b/content/data/xml/mw/users/18.xml @@ -2,5 +2,4 @@ - diff --git a/content/data/xml/mw/users_roles/.index b/content/data/xml/mw/users_roles/.index new file mode 100644 index 0000000..978b4e8 --- /dev/null +++ b/content/data/xml/mw/users_roles/.index @@ -0,0 +1 @@ +26 \ No newline at end of file diff --git a/content/data/xml/mw/users_roles/25.xml b/content/data/xml/mw/users_roles/25.xml new file mode 100644 index 0000000..cb9fe04 --- /dev/null +++ b/content/data/xml/mw/users_roles/25.xml @@ -0,0 +1,4 @@ + + + + diff --git a/content/data/xml/mw/users_roles/26.xml b/content/data/xml/mw/users_roles/26.xml new file mode 100644 index 0000000..b2b7d04 --- /dev/null +++ b/content/data/xml/mw/users_roles/26.xml @@ -0,0 +1,4 @@ + + + + diff --git a/mw/app/config.xml b/mw/app/config.xml index 968bc45..e73c769 100644 --- a/mw/app/config.xml +++ b/mw/app/config.xml @@ -21,4 +21,77 @@
form
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/mw/app/data/modules/sql/mw_data_users.php b/mw/app/data/modules/sql/mw_data_users.php index 4288db7..0a1cf54 100644 --- a/mw/app/data/modules/sql/mw_data_users.php +++ b/mw/app/data/modules/sql/mw_data_users.php @@ -16,11 +16,19 @@ $env = $this->env(); $users = array("list" => array(), "total" => 0); try{ - $SELECT = "SELECT *"; + $SELECT = "SELECT #--users.*"; $FROM = " FROM #--users"; $WHERE = ""; $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : ""); - $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : ""); + if(isset($status)){ + $SELECT .= ", #--users_roles.id_role as status"; + $FROM .= + " LEFT JOIN #--users_roles ON (" + ." #--users_roles.id_user=#--users.id" + ." AND #--users_roles.id_role=".$this->eq($status) + .")"; + $WHERE .= ($WHERE ? " AND" : " WHERE")." mw_users_roles.id_role IS NOT NULL"; + } $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : ""); $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res"; $rst = $sgbd->query($sql); @@ -31,12 +39,33 @@ $rst = $sgbd->query($sql); while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst; $sgbd->free_result($rst); + foreach($users["list"] as $id_user => $user){ + if(($status = $this->list_user_status($id_user)) !== false){ + $users["list"][$id_user]["status"] = $status; + } + else{ + $users = false; + break; + } + } } } catch(Exception $e) { $users = false; } return $users; } + function list_user_status($id_user){ + $sgbd = $this->sgbd(); + $status = array(); + try{ + $rst = $sgbd->query("SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($id_user)); + while($v_rst = $sgbd->fetch_assoc($rst)) $status[] = $v_rst["id_role"]; + $sgbd->free_result($rst); + } + catch(Exception $e) { $status = false; } + return $status; + } + function user_by_id($id){ $sgbd = $this->sgbd(); $user = array(); @@ -45,6 +74,8 @@ $rst = $sgbd->query($sql); if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst; $sgbd->free_result($rst); + if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status; + else $user = false; } catch(Exception $e) { $user = false; } return $user; @@ -58,6 +89,10 @@ $rst = $sgbd->query($sql); if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst; $sgbd->free_result($rst); + if($user){ + if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status; + else $user = false; + } } catch(Exception $e) { $user = false; } return $user; @@ -81,14 +116,21 @@ $user_id = false; try{ $sql = - "INSERT INTO #--users(login, password, email, status) VALUES" + "INSERT INTO #--users(login, password, email) VALUES" ."( ".$this->eq($login) .", ".$this->eq($password) .", ".$this->eq($email) - .", ".$status .")"; $sgbd->query($sql); $user_id = $sgbd->insert_id(); + foreach($status as $id_role){ + $sql = + "INSERT INTO #--users_roles(id_user, id_role) VALUES" + ."( ".$user_id + .", ".$this->eq($id_role) + .")"; + $sgbd->query($sql); + } } catch(Exception $e) { $user_id = false; } return $user_id; @@ -102,21 +144,35 @@ ." login=".$this->eq($login) .", password=".$this->eq($password) .", email=".$this->eq($email) - .", status=".$status - ." WHERE id=".$id; + ." WHERE id=".$this->eq($id); + $sgbd->query($sql); + $sql = "DELETE FROM #--users_roles WHERE id_user=".$this->eq($id); $sgbd->query($sql); + foreach($status as $id_role){ + $sql = + "INSERT INTO #--users_roles(id_user, id_role) VALUES" + ."( ".$this->eq($id) + .", ".$this->eq($id_role) + .")"; + $sgbd->query($sql); + } } catch(Exception $e) { return false; } return true; } function del_user($login){ - $sgbd = $this->sgbd(); - try{ - $sql = "DELETE FROM #--users WHERE login=".$this->eq($login); - $sgbd->query($sql); + if(($user = $this->user($login)) !== false){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--users WHERE login=".$this->eq($login)." AND id=".$user["id"]; + $sgbd->query($sql); + $sql = "DELETE FROM #--users_roles WHERE id_user=".$user["id"]; + $sgbd->query($sql); + } + catch(Exception $e) { return false; } } - catch(Exception $e) { return false; } + else return false; return true; } @@ -124,16 +180,11 @@ # status # - function status(){ - if(!isset($this->user_status)) return false; - return $this->user_status; - } - function init_user_status($status = array()){ $sgbd = $this->sgbd(); $this->user_status = array(); try{ - $sql = "SELECT * FROM #--user_status"; + $sql = "SELECT * FROM #--roles"; $rst = $sgbd->query($sql); while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst; $sgbd->free_result($rst); @@ -142,24 +193,141 @@ return $this->user_status; } - function init_action_status($status = array()){ - if(!isset($this->user_status)) return false; + function add_role($nom, $intitule){ $sgbd = $this->sgbd(); - $this->action_status = array(); try{ - $sql = "SELECT * FROM #--action_status"; + $sql = + "INSERT INTO #--roles(nom, intitule) VALUES(" + ." ".$this->eq($nom) + .", ".$this->eq($intitule) + .")"; $rst = $sgbd->query($sql); - while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst; + $id_role = $sgbd->insert_id(); + } + catch(Exception $e) { $id_role = false; } + return $id_role; + } + + function get_role($id){ + if($id === "0") return array( + "id" => 0, + "nom" => "", + "intitule" => "" + ); + $sgbd = $this->sgbd(); + $role = array(); + try{ + $sql = "SELECT * FROM #--roles WHERE id=".$this->eq($id); + $rst = $sgbd->query($sql); + if($v_rst = $sgbd->fetch_assoc($rst)) $role = $v_rst; $sgbd->free_result($rst); } - catch(Exception $e) { $this->action_status = false; } - return $this->action_status; + catch(Exception $e) { $role = false; } + return $role; + } + + function set_role($id, $nom, $intitule){ + $sgbd = $this->sgbd(); + try{ + $sql = + "UPDATE #--roles SET" + ." nom=".$this->eq($nom) + .", intitule=".$this->eq($intitule) + ." WHERE id=".$this->eq($id); + $rst = $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function clear_role_actions($id_role){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--action_status WHERE id_status=".$this->eq($id_role); + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function clear_role_users($id_role){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--users_roles WHERE id_role=".$this->eq($id_role); + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function add_role_action($id_role, $action){ + $sgbd = $this->sgbd(); + try{ + $sql = "INSERT INTO #--action_status(action, id_status) VALUES(".$this->eq($action).", ".$this->eq($id_role).")"; + $sgbd->query($sql); + $id_action_status = $sgbd->insert_id(); + } + catch(Exception $e) { $id_action_status = false; } + return $id_action_status; + } + + function del_role($id_role){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--roles WHERE id=".$this->eq($id_role); + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function status(){ + if(!isset($this->user_status)) return false; + return $this->user_status; } function get_user_status(){ + $user_status = array(); $user = $this->get_session_user(); - if($user && isset($user["status"])) return $user["status"]; - return 0; + if($user && isset($user["id"])){ + $sgbd = $this->sgbd(); + try{ + $sql = "SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($user["id"]); + $rst = $sgbd->query($sql); + while($v_rst = $sgbd->fetch_assoc($rst)) $user_status[] = $v_rst["id_role"]; + $sgbd->free_result($rst); + } + catch(Exception $_e){ return false; } + } + else $user_status[] = 0; + if(!$user_status) $user_status[] = 0; + return $user_status; + } + + function init_action_status($status = array()){ + if(!isset($this->user_status)) return false; + $this->action_status = $this->read_action_status(); + return $this->action_status; + } + + function read_action_status($params = array()){ + $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false; + $sgbd = $this->sgbd(); + $action_status = array(); + try{ + $sql = "SELECT * FROM #--action_status"; + $rst = $sgbd->query($sql); + while($v_rst = $sgbd->fetch_assoc($rst)){ + if($group_by_action){ + if(!isset($action_status[$v_rst["action"]])) $action_status[$v_rst["action"]] = array(); + $action_status[$v_rst["action"]][] = $v_rst["id_status"]; + } + else $action_status[$v_rst["id"]] = $v_rst; + } + $sgbd->free_result($rst); + } + catch(Exception $e) { $action_status = false; } + return $action_status; } function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){ @@ -183,17 +351,62 @@ return $status; } - function creation_default_status(){ - $sgbd = $this->sgbd(); - $default_status = 0; - try{ - $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1"; - $rst = $sgbd->query($sql); - if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"]; - $sgbd->free_result($rst); + function get_actions($id_role = null){ + $env = $this->env(); + if($actions = $env->get_actions()){ + if(($action_status = $this->read_action_status(array("group_by_action" => true))) !== false){ + foreach($actions as $module_name => $module){ + if(isset($id_role)) $actions[$module_name]["module_allowed"] = + isset($action_status[$module_name]) + && in_array($id_role, $action_status[$module_name]); + $actions[$module_name]["is_public"] = + isset($action_status[$module_name]) + && in_array(0, $action_status[$module_name]); + foreach($module["controleurs"] as $controleur_name => $controleur){ + if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] = + isset($action_status[$module_name."/".$controleur_name]) + && in_array($id_role, $action_status[$module_name."/".$controleur_name]); + $actions[$module_name]["controleurs"][$controleur_name]["is_public"] = + isset($action_status[$module_name."/".$controleur_name]) + && in_array(0, $action_status[$module_name."/".$controleur_name]); + foreach($controleur["als"] as $index_als => $al){ + if($al["actions"]){ + if(isset($id_role)){ + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($action_status[$module_name."/".$controleur_name."/".$action_name]) + || !in_array($id_role, $action_status[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true; + } + } + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($action_status[$module_name."/".$controleur_name."/".$action_name]) + || !in_array(0, $action_status[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true; + } + } + } + } + } + return $actions; + } } - catch(Exception $e) { $default_status = false; } - return $default_status; + return array(); } # ---------------------------------------------------------------------------------------- diff --git a/mw/app/data/modules/xml/mw_data_users.php b/mw/app/data/modules/xml/mw_data_users.php index 70287a3..2f70095 100644 --- a/mw/app/data/modules/xml/mw_data_users.php +++ b/mw/app/data/modules/xml/mw_data_users.php @@ -42,6 +42,15 @@ $this->users[$user["id"]] = $user; } } + foreach($users["list"] as $id_user => $user){ + if(($status = $this->list_user_status($id_user)) !== false){ + $users["list"][$id_user]["status"] = $status; + } + else{ + $users = false; + break; + } + } } else $users = false; } @@ -49,12 +58,35 @@ return $users; } + function list_user_status($id_user){ + $sgbd = $this->sgbd(); + $status = array(); + if($rst = $sgbd->open_data("users_roles")){ + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id_user){ + $status[] = $v_rst["id_role"]; + } + } + else{ + $status = false; + break; + } + } + $sgbd->close_data($rst); + } + else $status = false; + return $status; + } + function user_by_id($id){ if(!isset($this->users)) $this->users = array(); if(isset($this->users[$id])) return $this->users[$id]; $sgbd = $this->sgbd(); if(($user = $sgbd->get_data("users", $id)) !== false){ $this->users[$id] = $user; + if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status; + else $user = false; } return $user; } @@ -73,6 +105,10 @@ else $user = false; } $sgbd->close_data($rst); + if($user){ + if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status; + else $user = false; + } } else $user = false; if($user !== false){ @@ -105,35 +141,97 @@ function add_user($login, $password, $email, $status){ $sgbd = $this->sgbd(); - return $sgbd->add_data( - "users", - array( - "login" => $login, - "password" => $password, - "email" => $email, - "status" => $status - ) - ); + if( + ( + $id_user = $sgbd->add_data( + "users", + array( + "login" => $login, + "password" => $password, + "email" => $email + ) + ) + ) === false + ) return false; + $OK = true; + foreach($status as $id_role){ + $OK = $sgbd->add_data( + "users_roles", + array( + "id_user" => $id_user, + "id_role" => $id_role + ) + ); + if(!$OK) break; + } + if(!$OK) return false; + return $id_user; } function set_user($id, $login, $password, $email, $status){ $sgbd = $this->sgbd(); - return $sgbd->set_data( - "users", - $id, - array( - "login" => $login, - "password" => $password, - "email" => $email, - "status" => $status + if( + !$sgbd->set_data( + "users", + $id, + array( + "login" => $login, + "password" => $password, + "email" => $email + ) ) - ); + ) return false; + if($rst = $sgbd->open_data("users_roles")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id){ + if(!$sgbd->del_data("users_roles", $v_rst["id"])){ + $OK = false; + break; + } + } + } + else $OK = false; + } + $sgbd->close_data($rst); + if(!$OK) return false; + } + else return false; + foreach($status as $id_role){ + $OK = $sgbd->add_data( + "users_roles", + array( + "id_user" => $id, + "id_role" => $id_role + ) + ); + if(!$OK) break; + } + if(!$OK) return false; + return true; } function del_user($login){ if(($user = $this->user($login)) !== false){ $sgbd = $this->sgbd(); - return $sgbd->del_data("users", $user["id"]); + if(!$sgbd->del_data("users", $user["id"])) return false; + if($rst = $sgbd->open_data("users_roles")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){ + if(!$sgbd->del_data("users_roles", $v_rst["id"])){ + $OK = false; + break; + } + } + } + else $OK = false; + } + $sgbd->close_data($rst); + return $OK; + } } return false; } @@ -142,15 +240,10 @@ # status # - function status(){ - if(!isset($this->user_status)) return false; - return $this->user_status; - } - function init_user_status($status = array()){ $sgbd = $this->sgbd(); $this->user_status = array(); - if($rst = $sgbd->open_data("user_status")){ + if($rst = $sgbd->open_data("roles")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ $this->user_status[$v_rst["id"]] = $v_rst; @@ -163,119 +256,172 @@ $sgbd->close_data($rst); } else $this->user_status = false; - if($status && $this->user_status !== false){ - foreach($status as $new_user_status){ - $id_status = false; - foreach($this->user_status as $user_status) if($new_user_status["nom"] == $user_status["nom"]){ - $id_status = $user_status["id"]; - break; - } - if($id_status){ - $SAME = true; - foreach($new_user_status as $status_key => $status_value){ - if(!isset($this->user_status[$id_status][$status_key]) || $this->user_status[$id_status][$status_key] != $status_value){ - $SAME = false; + return $this->user_status; + } + + function add_role($nom, $intitule){ + $sgbd = $this->sgbd(); + $id_role = $sgbd->add_data( + "roles", + array( + "nom" => $nom, + "intitule" => $intitule + ) + ); + if(!isset($id_role)) return false; + return $id_role; + } + + function get_role($id){ + if($id === "0") return array( + "id" => 0, + "nom" => "", + "intitule" => "" + ); + $sgbd = $this->sgbd(); + $role = $sgbd->get_data("roles", $id); + if(!isset($role)) return false; + return $role ? $role : array(); + } + + function set_role($id, $nom, $intitule){ + $sgbd = $this->sgbd(); + if( + !$sgbd->set_data( + "roles", + $id, + array( + "nom" => $nom, + "intitule" => $intitule + ) + ) + ) return false; + return true; + } + + function clear_role_actions($id_role){ + $sgbd = $this->sgbd(); + if($rst = $sgbd->open_data("action_status")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_status"]) && $v_rst["id_status"] == $id_role){ + if(!$sgbd->del_data("action_status", $v_rst["id"])){ + $OK = false; break; } } - if(!$SAME){ - if($sgbd->set_data("user_status", $id_status, $new_user_status)) $this->user_status[$id_status] = $new_user_status; - else{ - $this->user_status = false; + } + else $OK = false; + } + $sgbd->close_data($rst); + return $OK; + } + return false; + } + + function clear_role_users($id_role){ + $sgbd = $this->sgbd(); + if($rst = $sgbd->open_data("users_roles")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){ + if(!$sgbd->del_data("users_roles", $v_rst["id"])){ + $OK = false; break; } } } - else{ - if($id_status = $sgbd->add_data("user_status", $new_user_status)) $this->user_status[$id_status] = $new_user_status; + else $OK = false; + } + $sgbd->close_data($rst); + return $OK; + } + return false; + } + + function add_role_action($id_role, $action){ + $sgbd = $this->sgbd(); + $id_action_status = $sgbd->add_data( + "action_status", + array( + "action" => $action, + "id_status" => $id_role + ) + ); + if(!isset($id_action_status)) return false; + return $id_action_status; + } + + function del_role($id_role){ + $sgbd = $this->sgbd(); + return $sgbd->del_data("roles", $id_role) ? true : false; + } + + function status(){ + if(!isset($this->user_status)) return false; + return $this->user_status; + } + + function get_user_status(){ + $user_status = array(); + $user = $this->get_session_user(); + if($user && isset($user["id"])){ + $sgbd = $this->sgbd(); + if($rst = $sgbd->open_data("users_roles")){ + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){ + $user_status[] = $v_rst["id_role"]; + } + } else{ - $this->user_status = false; + $user_status = false; break; } } + $sgbd->close_data($rst); } + else $user_status = false; + if($user_status === false) return false; } - return $this->user_status; + else $user_status[] = 0; + if(!$user_status) $user_status[] = 0; + return $user_status; } function init_action_status($status = array()){ if(!isset($this->user_status)) return false; + $this->action_status = $this->read_action_status(); + return $this->action_status; + } + + function read_action_status($params = array()){ + if(!isset($this->user_status)) return false; + $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false; $sgbd = $this->sgbd(); - $this->action_status = array(); + $action_status = array(); if($rst = $sgbd->open_data("action_status")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ - $this->action_status[$v_rst["id"]] = $v_rst; + if(isset($v_rst["action"]) && isset($v_rst["id_status"])){ + if($group_by_action){ + if(!isset($action_status[$v_rst["action"]])) $action_status[$v_rst["action"]] = array(); + $action_status[$v_rst["action"]][] = $v_rst["id_status"]; + } + else $action_status[$v_rst["id"]] = $v_rst; + } } else{ - $this->action_status = false; + $action_status = false; break; } } $sgbd->close_data($rst); } - else $this->action_status = false; - if($status && $this->action_status !== false){ - $STATUS_OK = true; - foreach($status as $id_new_action_status => $new_action_status){ - $FOUND = $new_action_status["id_status"] == "0"; - if(!$FOUND) foreach($this->user_status as $user_status){ - if($new_action_status["id_status"] == $user_status["nom"]){ - $FOUND = true; - $status[$id_new_action_status]["id_status"] = $user_status["id"]; - } - } - if(!$FOUND){ - $STATUS_OK = false; - break; - } - } - if($STATUS_OK){ - foreach($status as $new_action_status){ - $id_status = false; - foreach($this->action_status as $action_status){ - if( - $new_action_status["action"] == $action_status["action"] - && $new_action_status["id_status"] == $action_status["id_status"] - ){ - $id_status = $action_status["id"]; - break; - } - } - if($id_status){ - $SAME = true; - foreach($new_action_status as $status_key => $status_value){ - if(!isset($this->action_status[$id_status][$status_key]) || $this->action_status[$id_status][$status_key] != $status_value){ - $SAME = false; - break; - } - } - if(!$SAME){ - if($id_status = $sgbd->add_data("action_status", $new_action_status)) $this->action_status[$id_status] = $new_action_status; - else{ - $this->action_status = false; - break; - } - } - } - else{ - if($id_status = $sgbd->add_data("action_status", $new_action_status)) $this->action_status[$id_status] = $new_action_status; - else{ - $this->action_status = false; - break; - } - } - } - } - else $this->action_status = false; - } - return $this->action_status; - } - - function get_user_status(){ - $user = $this->get_session_user(); - if($user && isset($user["status"])) return $user["status"]; - return 0; + else $action_status = false; + return $action_status; } function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){ @@ -298,63 +444,65 @@ $sgbd->close_data($rst); } else $status = false; - if($status !== false){ - if($set_status){ - foreach($set_status as $new_action_status){ - $id_status = false; - foreach($status as $user_status) if($new_user_status["nom"] == $user_status["nom"]){ - $id_status = $user_status["id"]; - break; - } - if($id_status){ - $SAME = true; - foreach($new_user_status as $status_key => $status_value){ - if(!isset($status[$id_status][$status_key]) || $status[$id_status][$status_key] != $status_value){ - $SAME = false; - break; - } - } - if(!$SAME){ - if($sgbd->set_data("user_status", $id_status, $new_user_status)) $status[$id_status] = $new_user_status; - else{ - $status = false; - break; - } - } - } - else{ - if($id_status = $sgbd->add_data("user_status", $new_user_status)) $status[$id_status] = $new_user_status; - else{ - $status = false; - break; - } - } - } - } - } return $status; } - function creation_default_status(){ - $sgbd = $this->sgbd(); - $default_status = 0; - if($rst = $sgbd->open_data("user_status")){ - while($v_rst = $sgbd->fetch_data($rst)){ - if(isset($v_rst)){ - if(isset($v_rst["creation_default"]) && $v_rst["creation_default"] == 1){ - $default_status = $v_rst["id"]; - break; + function get_actions($id_role = null){ + $env = $this->env(); + if($actions = $env->get_actions()){ + if(($action_status = $this->read_action_status(array("group_by_action" => true))) !== false){ + foreach($actions as $module_name => $module){ + if(isset($id_role)) $actions[$module_name]["module_allowed"] = + isset($action_status[$module_name]) + && in_array($id_role, $action_status[$module_name]); + $actions[$module_name]["is_public"] = + isset($action_status[$module_name]) + && in_array(0, $action_status[$module_name]); + foreach($module["controleurs"] as $controleur_name => $controleur){ + if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] = + isset($action_status[$module_name."/".$controleur_name]) + && in_array($id_role, $action_status[$module_name."/".$controleur_name]); + $actions[$module_name]["controleurs"][$controleur_name]["is_public"] = + isset($action_status[$module_name."/".$controleur_name]) + && in_array(0, $action_status[$module_name."/".$controleur_name]); + foreach($controleur["als"] as $index_als => $al){ + if($al["actions"]){ + if(isset($id_role)){ + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($action_status[$module_name."/".$controleur_name."/".$action_name]) + || !in_array($id_role, $action_status[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true; + } + } + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($action_status[$module_name."/".$controleur_name."/".$action_name]) + || !in_array(0, $action_status[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true; + } + } + } } } - else{ - $default_status = false; - break; - } + return $actions; } - $sgbd->close_data($rst); } - else $default_status = false; - return $default_status; + return array(); } # ---------------------------------------------------------------------------------------- diff --git a/mw/app/init/0700_links.php b/mw/app/init/0700_links.php index ffc029b..2057a4a 100644 --- a/mw/app/init/0700_links.php +++ b/mw/app/init/0700_links.php @@ -3,6 +3,8 @@ if($this->init_links()){ $this->set_link("admin/config", $this->url("admin/config"), "Configuration", 10); $this->set_link("admin/users", $this->url("admin/users"), "Utilisateurs", 20); + $this->set_link("admin/users/list", $this->url("admin/users/index"), "Liste des utilisateurs", 10); + $this->set_link("admin/users/roles", $this->url("admin/users/roles"), "Rôles", 20); $this->set_link("admin/plugins", $this->url("admin/plugins"), "Plugins", 30); } else $this->erreur("impossible de charger les liens", true); diff --git a/mw/app/mods/admin/users.php b/mw/app/mods/admin/users.php index 12f3e56..95dfed0 100644 --- a/mw/app/mods/admin/users.php +++ b/mw/app/mods/admin/users.php @@ -10,22 +10,26 @@ return true; } + // ------------------------------------------------------------------------------------ + // utilisateurs + // + function index(&$env){ $data = $env->data(); + if($this->status) $env->set_out("status", $this->status); + else{ + $env->erreur("impossible de lire la liste des status"); + return; + } if( - $env->set_out( - "users", - $data->users( + ( $users = $data->users( isset($_GET[$env->param("start")]) ? $_GET[$env->param("start")] : 0, isset($_GET[$env->param("alpha")]) ? $_GET[$env->param("alpha")] : null, isset($_GET[$env->param("status")]) ? $_GET[$env->param("status")] : null ) ) !== false ){ - if($this->status){ - $env->set_out("status", $this->status); - } - else $env->erreur("impossible de lire la liste des status"); + $env->set_out("users", $users); } else $env->erreur("impossible de lire la liste des utilisateurs"); } @@ -34,48 +38,73 @@ $data = $env->data(); if($this->status){ $env->set_out("status", $this->status); - $env->set_out("user", array("status" => $data->creation_default_status())); + $user = array( + "login" => "", + "email" => "", + "status" => array() + ); if($_POST){ - $env->set_out("user", $_POST); + $VALID = true; if($_POST["login"]){ - if(($exists = $data->user($_POST["login"])) !== false){ - if(!$exists){ - $VALID = true; - if(!$_POST["email"]){ - $env->message("merci de preciser un email"); - $VALID = false; - } - if(!$_POST["password"]){ - $env->message("merci de preciser un mot de passe"); - $VALID = false; - } - if($_POST["password"] != $_POST["password_confirm"]){ - $env->message("la confirmation du mot de passe est incorrecte"); - $VALID = false; - } - if($VALID){ - if( - $data->add_user( - $_POST["login"], - md5($_POST["password"]), - $_POST["email"], - $_POST["status"] - ) - ){ - $env->redirect( - $env->url("admin/users"), - "l'utilisateur ".$_POST["login"]." a été ajouté" - ); - } - else $env->erreur("Impossible d'ajouter l'utilisateur"); - } + $user["login"] = $_POST["login"]; + } + else{ + $env->message("merci de préciser un login"); + $VALID = false; + } + if(($exists = $data->user($_POST["login"])) !== false){ + if($exists){ + $env->message("ce login existe déjà"); + $VALID = false; + } + } + else{ + $env->erreur("impossible de savoir si cet login existe déjà"); + return; + } + if($_POST["email"]) $user["email"] = $_POST["email"]; + else{ + $env->message("merci de preciser un email"); + $VALID = false; + } + if($_POST["password"]){ + if($_POST["password"] == $_POST["password_confirm"]) $user["password"] = md5($_POST["password"]); + else{ + $env->message("la confirmation du mot de passe est incorrecte"); + $VALID = false; + } + } + else{ + $env->message("merci de preciser un mot de passe"); + $VALID = false; + } + $user["status"] = array(); + foreach($_POST as $key => $value){ + if(substr($key, 0, 7) == "status_"){ + $id_role = substr($key, 7); + if(preg_match("/^[0-9]+$/", $id_role)){ + $user["status"][] = $id_role; } - else $env->message("ce login existe déjà"); } - else $env->erreur("impossible de savoir si cet login existe déjà"); } - else $env->message("merci de préciser un login"); + if($VALID){ + if( + $data->add_user( + $user["login"], + $user["password"], + $user["email"], + $user["status"] + ) + ){ + $env->redirect( + $env->url("admin/users/edit", array("id" => $user["login"])), + "l'utilisateur ".$_POST["login"]." a été ajouté" + ); + } + else $env->erreur("Impossible d'ajouter l'utilisateur"); + } } + $env->set_out("user", $user); } else $env->erreur("impossible de lire la liste des status"); } @@ -84,16 +113,11 @@ $data = $env->data(); if($this->status){ $env->set_out("status", $this->status); - if($env->set_out("user", $data->user($_GET[$env->param("id")]))){ + if($user = $data->user($_GET[$env->param("id")])){ if($_POST){ - $user = $env->out("user"); - $id = $user["id"]; - $login = $user["login"]; - $password = $user["password"]; - $_POST["login"] = $login; - $env->set_out("user", $_POST); $VALID = true; - if(!$_POST["email"]){ + if($_POST["email"]) $user["email"] = $_POST["email"]; + else{ $env->message("merci de preciser un email"); $VALID = false; } @@ -106,24 +130,35 @@ $env->message("la confirmation du mot de passe est incorrecte"); $VALID = false; } + if($VALID) $user["password"] = md5($_POST["password"]); + } + $user["status"] = array(); + foreach($_POST as $key => $value){ + if(substr($key, 0, 7) == "status_"){ + $id_role = substr($key, 7); + if(preg_match("/^[0-9]+$/", $id_role) && isset($this->status[$id_role])){ + $user["status"][] = $id_role; + } + } } if($VALID){ if( $data->set_user( - $id, - $login, - isset($_POST["change_password"]) && $_POST["change_password"] ? md5($_POST["password"]) : $password, - $_POST["email"], - $_POST["status"] + $user["id"], + $user["login"], + $user["password"], + $user["email"], + $user["status"] ) ) $env->redirect( - $env->url("admin/users"), - "l'utilisateur ".$login." a été modifié" + $env->url("admin/users/edit", array("id" => $user["login"])), + "l'utilisateur a été modifié" ); else $env->erreur("Impossible de mettre à jour l'utilisateur"); } } + $env->set_out("user", $user); } else $env->erreur("Impossible de lire les informations de cet utilisateur"); } @@ -143,6 +178,146 @@ else $env->erreur("Impossible de lire les informations de cet utilisateur"); } + // ------------------------------------------------------------------------------------ + // roles + // + + function set_default_allow(&$env){ + $default_allow = $_GET[$env->param("id")]; + if(!isset($default_allow) || ($default_allow !== "0" && $default_allow !== "1")){ + $env->erreur("parametre default_allow invalide"); + return; + } + $data = $env->data(); + if(!$data->set_config("default_allow", $default_allow)){ + $env->erreur("impossible de mettre a jour la configuration default_allow"); + return; + } + $env->redirect( + $env->url("admin/users/roles"), + "la configuration default_allow a été enregistrée" + ); + } + + function roles(&$env){ + $data = $env->data(); + $roles = $data->status(); + $id_role = isset($_GET[$env->param("id")]) && $_GET[$env->param("id")] ? $_GET[$env->param("id")] : 0; + $env->set_out("id_role", $id_role); + if(!isset($roles) || $roles === false){ + $env->erreur("impossible de lire la liste des roles"); + return; + } + $env->set_out("roles", $roles); + if(($actions = $data->get_actions($id_role)) === false){ + $env->erreur("impossible de lire la liste des droits d'acces"); + return; + } + $env->set_out("actions", $actions); + + } + + function add_role(&$env){ + $data = $env->data(); + $role = array( + "nom" => "", + "intitule" => "" + ); + if($_POST){ + if(!($role["nom"] = $_POST["nom"])) $env->message("merci de preciser un nom"); + if(!($role["intitule"] = $_POST["intitule"])) $env->message("merci de preciser un intitule"); + if(!$env->messages()){ + if(($id_role = $data->add_role($role["nom"], $role["intitule"])) !== false){ + $env->redirect( + $env->url("admin/users/roles", array("id" => $id_role)), + "le rôle a été enregistré" + ); + } + else $env->erreur("impossible d'enregistrer les informations du role"); + } + } + $env->set_out("role", $role); + } + + function edit_role(&$env){ + $data = $env->data(); + if(!isset($_GET[$env->param("id")]) || !($role = $data->get_role($_GET[$env->param("id")]))){ + $env->erreur("impossible de lire les informations du role"); + return; + } + if($_POST){ + if(!($role["nom"] = $_POST["nom"])) $env->message("merci de preciser un nom"); + if(!($role["intitule"] = $_POST["intitule"])) $env->message("merci de preciser un intitule"); + if(!$env->messages()){ + if($data->set_role($role["id"], $role["nom"], $role["intitule"])){ + $env->redirect( + $env->url("admin/users/roles", array("id" => $role["id"])), + "le rôle a été enregistré" + ); + } + else $env->erreur("impossible d'enregistrer les informations du role"); + } + } + $env->set_out("role", $role); + } + + function save_role(&$env){ + $data = $env->data(); + if(!($role = $data->get_role($_POST["id_role"]))){ + $env->erreur("impossible de lire les informations du role"); + return; + } + if(!$data->clear_role_actions($role["id"])){ + $env->erreur("impossible de supprimer les actions du role"); + return; + } + $action_status = array(); + $als = array(); + foreach($_POST as $key => $value){ + if(substr($key, 0, 7) == "module_" && ($action = substr($key, 7))) $action_status[$action] = $role["id"]; + elseif(substr($key, 0, 11) == "controleur_" && ($action = substr($key, 11))) $action_status[$action] = $role["id"]; + elseif(substr($key, 0, 3) == "al_" && ($al_index = substr($key, 3))) $als[] = $al_index; + } + foreach($als as $al_index){ + $al_prefix = "action_".$al_index."_"; + $al_prefix_length = strlen($al_prefix); + foreach($_POST as $key => $value){ + if(substr($key, 0, $al_prefix_length) == $al_prefix) $action_status[$value] = $role["id"]; + } + } + foreach($action_status as $action => $id_role){ + if(!$data->add_role_action($id_role, $action)){ + $env->erreur("impossible d'enregistrer les actions du role"); + return; + } + } + $env->redirect( + $env->url("admin/users/roles", array("id" => $role["id"])), + "les actions du rôle ont été enregistrées" + ); + } + + function del_role(&$env){ + $data = $env->data(); + if(!isset($_GET[$env->param("id")]) || !($role = $data->get_role($_GET[$env->param("id")]))){ + $env->erreur("impossible de lire les informations du role"); + return; + } + if($data->clear_role_actions($role["id"])){ + if($data->clear_role_users($role["id"])){ + if($data->del_role($role["id"])){ + $env->redirect( + $env->url("admin/users/roles"), + "le rôle a été effacé" + ); + } + else $env->erreur("impossible de supprimer le role"); + } + else $env->erreur("impossible de supprimer le role aux utilisateurs"); + } + else $env->erreur("impossible de supprimer les actions du role"); + } + } ?> \ No newline at end of file diff --git a/mw/app/out/default/admin.php b/mw/app/out/default/admin.php index 7f56398..bbdc722 100644 --- a/mw/app/out/default/admin.php +++ b/mw/app/out/default/admin.php @@ -14,7 +14,7 @@
-
+
out_file("views/admin/colonne.php"); ?>
diff --git a/mw/app/out/default/css/style.css b/mw/app/out/default/css/style.css index ef6fbcd..c44c85e 100644 --- a/mw/app/out/default/css/style.css +++ b/mw/app/out/default/css/style.css @@ -168,32 +168,32 @@ strong{ /* ------------------------------------------------- MENU COLONNE */ -#colonne ul.menu{ +#colonne .menu ul{ list-style-type: none; margin: 5px 20px 5px 10px; padding: 0; } -#colonne ul.menu ul{ +#colonne .menu ul ul{ list-style-type: none; margin: 0 0 0 20px; padding: 0; } -#colonne ul.menu li{ +#colonne .menu ul li{ margin: 1px 0; padding: 0; border-bottom: solid 1px #e5e5e5; } -#colonne ul.menu li a{ +#colonne .menu ul li a{ display: block; line-height: 2em; padding: 0 1em; background-color: #f5f5f5; } -#colonne ul.menu li a:hover{ +#colonne .menu ul li a:hover{ color: #000066; background-color: #f1f1f1; } @@ -339,6 +339,26 @@ table.admin td.action{ width: 50px; } +ul.actions li{ + margin-left: 15px; +} + +ul.actions li.public{ + background-color: #f5fff2; +} + +form ul.actions li{ + padding: 0; +} + +form ul.actions li label{ + display: inline; + float: none; + width: auto; + text-align: left; + padding-right: 0px; +} + .navig{ text-align: right; border: solid 1px #d5d5d5; diff --git a/mw/app/out/default/layouts/admin.xml b/mw/app/out/default/layouts/admin.xml index 5faea5a..a7a9ee9 100644 --- a/mw/app/out/default/layouts/admin.xml +++ b/mw/app/out/default/layouts/admin.xml @@ -7,6 +7,9 @@ + + + diff --git a/mw/app/out/default/views/admin/colonne.php b/mw/app/out/default/views/admin/colonne.php index 561c2d8..b680bce 100644 --- a/mw/app/out/default/views/admin/colonne.php +++ b/mw/app/out/default/views/admin/colonne.php @@ -1,7 +1,5 @@ data(); if(($admin_menu = $data->get_link("admin")) && $admin_menu["subs"]) : ?> - + + + \ No newline at end of file diff --git a/mw/app/out/default/views/admin/users/add.php b/mw/app/out/default/views/admin/users/add.php index 6132b7f..7e840df 100644 --- a/mw/app/out/default/views/admin/users/add.php +++ b/mw/app/out/default/views/admin/users/add.php @@ -14,15 +14,18 @@
  • - +
    - +
      + out["status"] as $id_status => $status) : ?> +
    • + out["user"]["status"]) ? " checked" : ""; + ?> /> + +
    • + +
  • diff --git a/mw/app/out/default/views/admin/users/add_role.php b/mw/app/out/default/views/admin/users/add_role.php new file mode 100644 index 0000000..2122b9e --- /dev/null +++ b/mw/app/out/default/views/admin/users/add_role.php @@ -0,0 +1,29 @@ +

    Ajouter un rôle

    + + + +
    " method="post"> +
    +
      +
    • + +
      + " /> +
      +
    • +
    • + +
      + " /> +
      +
    • +
    • +
      + +
      +
    • +
    +
    +
    diff --git a/mw/app/out/default/views/admin/users/edit.php b/mw/app/out/default/views/admin/users/edit.php index 9b2ba0f..f00600b 100644 --- a/mw/app/out/default/views/admin/users/edit.php +++ b/mw/app/out/default/views/admin/users/edit.php @@ -2,9 +2,13 @@ -
    $_GET[$this->param("id")])); ?>" method="post"> + $this->out["user"]["login"])); ?>" method="post">
    • @@ -14,15 +18,18 @@
  • - +
    - +
      + out["status"] as $id_status => $status) : ?> +
    • + out["user"]["status"]) ? " checked" : ""; + ?> /> + +
    • + +
  • diff --git a/mw/app/out/default/views/admin/users/edit_role.php b/mw/app/out/default/views/admin/users/edit_role.php new file mode 100644 index 0000000..055ef1e --- /dev/null +++ b/mw/app/out/default/views/admin/users/edit_role.php @@ -0,0 +1,33 @@ +

    Editer un rôle

    + + + + $this->out["role"]["id"])); ?>" method="post"> +
    +
      +
    • + +
      + " /> +
      +
    • +
    • + +
      + " /> +
      +
    • +
    • +
      + +
      +
    • +
    +
    + diff --git a/mw/app/out/default/views/admin/users/list.php b/mw/app/out/default/views/admin/users/list.php index dd5e21c..2640b96 100644 --- a/mw/app/out/default/views/admin/users/list.php +++ b/mw/app/out/default/views/admin/users/list.php @@ -47,14 +47,22 @@ login email - statut + rôle actions out["users"]["list"] as $id_user => $user) : ?> "> - out["status"][$user["status"]]["nom"]; ?> + + out["status"][$id_role]["intitule"]; + + ?> + + $user["login"])); ?>" class="admin_link" @@ -63,8 +71,8 @@ $user["login"])); ?>" class="admin_link" - title="supprimer cet utilisateur">" - onclick="return confirm('Supprimer cet utilisateur ?')"/> + title="supprimer cet utilisateur" + onclick="return confirm('Supprimer cet utilisateur ?')">"/> diff --git a/mw/app/out/default/views/admin/users/roles.php b/mw/app/out/default/views/admin/users/roles.php new file mode 100644 index 0000000..a65184c --- /dev/null +++ b/mw/app/out/default/views/admin/users/roles.php @@ -0,0 +1,79 @@ +

    Les rôles

    + +

    Politique d'accès

    +

    + + +

    +
    + +

    + Autorisations d'accès pour + + out["id_role"]) : ?> + $this->out["id_role"])); ?>" + class="admin_link" + title="modifier ce role">" /> + $this->out["id_role"])); ?>" + class="admin_link" + title="supprimer ce role">" + onclick="return confirm('Supprimer ce role ?')"/> + + " + class="admin_link" + title="ajouter un role">" /> +

    + + +out["actions"]) : ?> +
    " method="post"> + " /> +
      + out["actions"] as $module_name => $module) : ?> + > + /> + + +
        + $controleur) : ?> + > + " /> + + +
          + + > + /> + $action_name) : ?> + " /> + + + + +
        + + + +
      + + + +
    • +
      + +
      +
    • +
    +
    + +

    Aucune action déclarée

    + + diff --git a/mw/app/out/default/views/footer.php b/mw/app/out/default/views/footer.php index 4c1750f..12f5305 100644 --- a/mw/app/out/default/views/footer.php +++ b/mw/app/out/default/views/footer.php @@ -1,12 +1,14 @@
      -config("contact_form")) : ?> +config("contact_form") && $this->status_ok("forms/contact")) : ?>
    • ">contact
    • user())) : ?> -
    • ">s'identifier
    • +
    • ">s'identifier
    • Bienvenue
    • -
    • ">compte
    • + status_ok("users/infos")) : ?> +
    • ">compte
    • + status_ok("admin")) : ?>
    • ">admin
    • diff --git a/mw/app/out/default/views/users/infos/edit.php b/mw/app/out/default/views/users/infos/edit.php index ee99a89..80c2717 100644 --- a/mw/app/out/default/views/users/infos/edit.php +++ b/mw/app/out/default/views/users/infos/edit.php @@ -10,9 +10,15 @@
  • - +
    - out["user"]["status"]]["nom"]; ?>" disabled="disabled" /> + out["user"]["status"] as $id_role){ + $role .= ($role ? ", " : "").$this->out["status"][$id_role]["intitule"]; + } + echo $role; + ?>
  • diff --git a/mw/env/modules/mw_env_config.php b/mw/env/modules/mw_env_config.php index 64da6d3..a708431 100644 --- a/mw/env/modules/mw_env_config.php +++ b/mw/env/modules/mw_env_config.php @@ -8,6 +8,7 @@ var $PARAMS; var $CONFIG; var $bdd; + var $actions; function load_config($bdd, $CONFIG){ if(true){ @@ -54,6 +55,46 @@ ) ); } + if(isset($app_config["subs"]["actions"][0]["subs"]["module"])){ + foreach($app_config["subs"]["actions"][0]["subs"]["module"] as $module_elt){ + $module_name = $module_elt["attrs"]["name"]; + if(!isset($this->actions[$module_name])) $this->actions[$module_name] = array( + "controleurs" => array(), + "module_allowed" => false, + "is_public" => false + ); + if(isset($module_elt["subs"]["controleur"])){ + foreach($module_elt["subs"]["controleur"] as $controleur_elt){ + $controleur_name = $controleur_elt["attrs"]["name"]; + if(!isset($this->actions[$module_name]["controleurs"][$controleur_name])) $this->actions[$module_name]["controleurs"][$controleur_name] = array( + "als" => array(), + "controleur_allowed" => false, + "is_public" => false + ); + if(isset($controleur_elt["subs"]["al"])){ + $al_index = 0; + foreach($controleur_elt["subs"]["al"] as $al_elt){ + $action_title = $al_elt["attrs"]["title"]; + if(isset($al_elt["subs"]["action"])){ + foreach($al_elt["subs"]["action"] as $action_elt){ + if(!isset($this->actions[$module_name]["controleurs"][$controleur_name]["als"][$al_index])){ + $this->actions[$module_name]["controleurs"][$controleur_name]["als"][$al_index] = array( + "title" => $action_title, + "action_allowed" => false, + "is_public" => false, + "actions" => array() + ); + } + $this->actions[$module_name]["controleurs"][$controleur_name]["als"][$al_index]["actions"][] = $action_elt["attrs"]["name"]; + } + } + $al_index++; + } + } + } + } + } + } } function get_config_file(){ @@ -123,6 +164,10 @@ return false; } + function get_actions(){ + return isset($this->actions) ? $this->actions : array(); + } + } ?> \ No newline at end of file diff --git a/mw/env/modules/mw_env_run.php b/mw/env/modules/mw_env_run.php index 51b6330..31242f5 100644 --- a/mw/env/modules/mw_env_run.php +++ b/mw/env/modules/mw_env_run.php @@ -76,48 +76,58 @@ } function status_ok($etat, $CHECK_FORMAT = true){ - $OK = $this->config("default_allow"); $data = $this->data(); if($CHECK_FORMAT) $etat = $this->valid_etat($etat); - if($etat !== false){ - if(($user_status = $data->get_user_status()) !== false){ - if( - ( - $action_status = $data->get_action_status( - $etat["mod"], - $etat["controller"], - $etat["action"] - ) - ) !== false - ){ - $action = $etat["mod"]."/".$etat["controller"]."/".$etat["action"]; - if(isset($action_status[$action])){ - $OK = - (isset($action_status[$action][0]) && $action_status[$action][0]) - || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]); - } - else{ - $action = $etat["mod"]."/".$etat["controller"]; - if(isset($action_status[$action])){ - $OK = - (isset($action_status[$action][0]) && $action_status[$action][0]) - || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]); - } - else{ - $action = $etat["mod"]; - if(isset($action_status[$action])){ - $OK = - (isset($action_status[$action][0]) && $action_status[$action][0]) - || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]); - } - } - } + if($etat === false){ + $this->erreur("etat invalide"); + return false; + } + if(($user_status = $data->get_user_status()) === false){ + $this->erreur("Impossible de lire les roles de l'utilisateur courant"); + return false; + } + if(!$user_status){ + $this->erreur("L'utilisateur courant n'a aucun role"); + return false; + } + if( + ( + $action_status = $data->get_action_status( + $etat["mod"], + $etat["controller"], + $etat["action"] + ) + ) === false + ){ + $this->erreur("Impossible de lire les status des actions en base"); + return false; + } + foreach($user_status as $id_role){ + $OK = $this->config("default_allow"); + $action = $etat["mod"]; + if(isset($action_status[$action])){ + $OK = + (isset($action_status[$action][0]) && $action_status[$action][0]) + || (isset($action_status[$action][$id_role]) && $action_status[$action][$id_role]); + } + if(!$OK){ + $action = $etat["mod"]."/".$etat["controller"]; + if(isset($action_status[$action])){ + $OK = + (isset($action_status[$action][0]) && $action_status[$action][0]) + || (isset($action_status[$action][$id_role]) && $action_status[$action][$id_role]); + } + } + if(!$OK){ + $action = $etat["mod"]."/".$etat["controller"]."/".$etat["action"]; + if(isset($action_status[$action])){ + $OK = + (isset($action_status[$action][0]) && $action_status[$action][0]) + || (isset($action_status[$action][$id_role]) && $action_status[$action][$id_role]); } - else $this->erreur("Impossible de lire les status des actions en base"); } - else $this->erreur("Impossible de lire le statut de l'utilisateur courant"); + if($OK) break; } - else $this->erreur("etat invalide"); return $OK; } diff --git a/readme.txt b/readme.txt index cb7a226..a167fce 100644 --- a/readme.txt +++ b/readme.txt @@ -50,7 +50,7 @@ installation : Par defaut, mtweb stocke ses donnees dans des fichiers XML. pour utilisez le stockage des donnees avec MySql : - - importez les tables fournies dans le fichier "content/data/sql/mysql/mtweb.sql" + - importez les tables fournies dans le fichier "content/data/mysql/mtweb.sql" - puis dans le fichier "config.php" : - commentez la partie relative aux donnees XML - decommentez la partie relative aux donnees MySql -- 2.1.4