--- phpMyAdmin SQL Dump
--- version 3.3.2deb1
--- http://www.phpmyadmin.net
---
--- Serveur: localhost
--- Généré le : Dim 25 Décembre 2011 à 15:01
--- Version du serveur: 5.1.41
--- Version de PHP: 5.3.2-1ubuntu4.11
-
-SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
-
---
--- Base de données: `mtweb`
---
-
--- --------------------------------------------------------
-
---
--- Structure de la table `mw_action_status`
---
-
-CREATE TABLE IF NOT EXISTS `mw_action_status` (
- `id` int(11) NOT NULL AUTO_INCREMENT,
- `action` varchar(255) NOT NULL,
- `id_status` int(11) NOT NULL,
- PRIMARY KEY (`id`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ;
-
---
--- Contenu de la table `mw_action_status`
---
-
-INSERT INTO `mw_action_status` (`id`, `action`, `id_status`) VALUES
-(1, 'admin', 1),
-(2, 'users', 1),
-(3, 'users', 2),
-(4, 'users/identification', 0);
-
--- --------------------------------------------------------
-
---
--- Structure de la table `mw_config`
---
-
-CREATE TABLE IF NOT EXISTS `mw_config` (
- `id` int(11) NOT NULL AUTO_INCREMENT,
- `key` varchar(255) NOT NULL,
- `value` text NOT NULL,
- PRIMARY KEY (`id`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=20 ;
-
---
--- Contenu de la table `mw_config`
---
-
-INSERT INTO `mw_config` (`id`, `key`, `value`) VALUES
-(1, 'site_name', 'mtweb'),
-(2, 'max_list', '10'),
-(3, 'description', ''),
-(4, 'out', 'dist'),
-(5, 'start_action', ''),
-(6, 'contact_form', '0'),
-(8, 'email', ''),
-(9, 'captcha', '0'),
-(16, 'start_action_params', '');
-
--- --------------------------------------------------------
-
---
--- Structure de la table `mw_users`
---
-
-CREATE TABLE IF NOT EXISTS `mw_users` (
- `id` int(11) NOT NULL AUTO_INCREMENT,
- `login` varchar(255) NOT NULL,
- `password` varchar(255) NOT NULL,
- `email` varchar(255) NOT NULL,
- `status` int(11) NOT NULL,
- PRIMARY KEY (`id`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ;
-
---
--- Contenu de la table `mw_users`
---
-
-INSERT INTO `mw_users` (`id`, `login`, `password`, `email`, `status`) VALUES
-(1, 'admin', '25e4ee4e9229397b6b17776bfceaf8e7', 'admin@domain.tld', 1);
-
--- --------------------------------------------------------
-
---
--- Structure de la table `mw_user_status`
---
-
-CREATE TABLE IF NOT EXISTS `mw_user_status` (
- `id` int(11) NOT NULL AUTO_INCREMENT,
- `nom` varchar(255) NOT NULL,
- `creation_default` tinyint(4) NOT NULL,
- PRIMARY KEY (`id`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
-
---
--- Contenu de la table `mw_user_status`
---
-
-INSERT INTO `mw_user_status` (`id`, `nom`, `creation_default`) VALUES
-(1, 'admin', 0),
-(2, 'membre', 1);
+-- phpMyAdmin SQL Dump\r
+-- version 3.3.2deb1ubuntu1\r
+-- http://www.phpmyadmin.net\r
+--\r
+-- Serveur: localhost\r
+-- Généré le : Mer 13 Février 2013 à 23:03\r
+-- Version du serveur: 5.1.67\r
+-- Version de PHP: 5.3.2-1ubuntu4.18\r
+\r
+SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";\r
+\r
+--\r
+-- Base de données: `mtweb`\r
+--\r
+\r
+-- --------------------------------------------------------\r
+\r
+--\r
+-- Structure de la table `mw_action_status`\r
+--\r
+\r
+CREATE TABLE IF NOT EXISTS `mw_action_status` (\r
+ `id` int(11) NOT NULL AUTO_INCREMENT,\r
+ `action` varchar(255) NOT NULL,\r
+ `id_status` int(11) NOT NULL,\r
+ PRIMARY KEY (`id`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=116 ;\r
+\r
+--\r
+-- Contenu de la table `mw_action_status`\r
+--\r
+\r
+INSERT INTO `mw_action_status` (`id`, `action`, `id_status`) VALUES\r
+(115, 'users/identification', 0),\r
+(111, 'users', 2),\r
+(113, 'admin', 1);\r
+\r
+-- --------------------------------------------------------\r
+\r
+--\r
+-- Structure de la table `mw_config`\r
+--\r
+\r
+CREATE TABLE IF NOT EXISTS `mw_config` (\r
+ `id` int(11) NOT NULL AUTO_INCREMENT,\r
+ `key` varchar(255) NOT NULL,\r
+ `value` text NOT NULL,\r
+ PRIMARY KEY (`id`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=30 ;\r
+\r
+--\r
+-- Contenu de la table `mw_config`\r
+--\r
+\r
+INSERT INTO `mw_config` (`id`, `key`, `value`) VALUES\r
+(1, 'site_name', 'mtweb'),\r
+(2, 'max_list', '10'),\r
+(3, 'description', ''),\r
+(4, 'out', 'default'),\r
+(5, 'start_action', ''),\r
+(6, 'contact_form', '0'),\r
+(8, 'email', ''),\r
+(9, 'captcha', '0'),\r
+(29, 'default_allow', '1'),\r
+(22, 'out_colonne', 'on'),\r
+(16, 'start_action_params', ''),\r
+(20, 'out_navig_menu_top', 'on');\r
+\r
+-- --------------------------------------------------------\r
+\r
+--\r
+-- Structure de la table `mw_roles`\r
+--\r
+\r
+CREATE TABLE IF NOT EXISTS `mw_roles` (\r
+ `id` int(11) NOT NULL AUTO_INCREMENT,\r
+ `nom` varchar(255) NOT NULL,\r
+ `intitule` varchar(255) NOT NULL,\r
+ PRIMARY KEY (`id`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ;\r
+\r
+--\r
+-- Contenu de la table `mw_roles`\r
+--\r
+\r
+INSERT INTO `mw_roles` (`id`, `nom`, `intitule`) VALUES\r
+(1, 'admin', 'administrateur'),\r
+(2, 'membre', 'membre');\r
+\r
+-- --------------------------------------------------------\r
+\r
+--\r
+-- Structure de la table `mw_users`\r
+--\r
+\r
+CREATE TABLE IF NOT EXISTS `mw_users` (\r
+ `id` int(11) NOT NULL AUTO_INCREMENT,\r
+ `login` varchar(255) NOT NULL,\r
+ `password` varchar(255) NOT NULL,\r
+ `email` varchar(255) NOT NULL,\r
+ PRIMARY KEY (`id`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=18 ;\r
+\r
+--\r
+-- Contenu de la table `mw_users`\r
+--\r
+\r
+INSERT INTO `mw_users` (`id`, `login`, `password`, `email`) VALUES\r
+(17, 'admin', '25e4ee4e9229397b6b17776bfceaf8e7', 'admin@domain.tld');\r
+\r
+-- --------------------------------------------------------\r
+\r
+--\r
+-- Structure de la table `mw_users_roles`\r
+--\r
+\r
+CREATE TABLE IF NOT EXISTS `mw_users_roles` (\r
+ `id_user` int(11) NOT NULL,\r
+ `id_role` int(11) NOT NULL,\r
+ PRIMARY KEY (`id_user`,`id_role`)\r
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;\r
+\r
+--\r
+-- Contenu de la table `mw_users_roles`\r
+--\r
+\r
+INSERT INTO `mw_users_roles` (`id_user`, `id_role`) VALUES\r
+(17, 1),\r
+(17, 2);\r
-176
\ No newline at end of file
+188
\ No newline at end of file
+++ /dev/null
-<tuple>
- <id_status><![CDATA[1]]></id_status>
- <action><![CDATA[users]]></action>
-</tuple>
<tuple>
- <id_status><![CDATA[0]]></id_status>
<action><![CDATA[users/identification]]></action>
+ <id_status><![CDATA[0]]></id_status>
</tuple>
<tuple>
- <id_status><![CDATA[1]]></id_status>
<action><![CDATA[admin]]></action>
+ <id_status><![CDATA[1]]></id_status>
</tuple>
<tuple>
- <id_status><![CDATA[2]]></id_status>
<action><![CDATA[users]]></action>
+ <id_status><![CDATA[2]]></id_status>
</tuple>
-
-58
\ No newline at end of file
+59
\ No newline at end of file
--- /dev/null
+<tuple>
+ <default_allow><![CDATA[1]]></default_allow>
+</tuple>
--- /dev/null
+5
\ No newline at end of file
--- /dev/null
+<tuple>
+ <nom><![CDATA[admin]]></nom>
+ <intitule><![CDATA[administrateur]]></intitule>
+</tuple>
--- /dev/null
+<tuple>
+ <nom><![CDATA[membre]]></nom>
+ <intitule><![CDATA[membre]]></intitule>
+</tuple>
+++ /dev/null
-4
\ No newline at end of file
+++ /dev/null
-<tuple>
- <nom>admin</nom>
- <creation_default>0</creation_default>
-</tuple>
\ No newline at end of file
+++ /dev/null
-<tuple>
- <nom><![CDATA[membre]]></nom>
- <creation_default><![CDATA[1]]></creation_default>
-</tuple>
-14
\ No newline at end of file
+18
\ No newline at end of file
<login><![CDATA[admin]]></login>
<password><![CDATA[25e4ee4e9229397b6b17776bfceaf8e7]]></password>
<email><![CDATA[admin@domain.tld]]></email>
- <status><![CDATA[1]]></status>
</tuple>
--- /dev/null
+26
\ No newline at end of file
--- /dev/null
+<tuple>
+ <id_user><![CDATA[18]]></id_user>
+ <id_role><![CDATA[1]]></id_role>
+</tuple>
--- /dev/null
+<tuple>
+ <id_user><![CDATA[18]]></id_user>
+ <id_role><![CDATA[2]]></id_role>
+</tuple>
<form>form</form>
</params>
+ <actions>
+ <module name="index" title="Site">
+ <controleur name="index" title="Accueil">
+ <al title="Accueil du site">
+ <action name="index" />
+ </al>
+ </controleur>
+ </module>
+ <module name="reponses" title="Reponses">
+ <controleur name="html" title="HTML">
+ <al title="Acceder aux pages de redirection">
+ <action name="redirect_javascript" />
+ </al>
+ <al title="Acceder aux pages d'erreur">
+ <action name="erreur" />
+ </al>
+ </controleur>
+ </module>
+ <module name="forms" title="Formulaires">
+ <controleur name="contact" title="Contact">
+ <al title="Utiliser le formulaire de contact">
+ <action name="index" />
+ </al>
+ </controleur>
+ </module>
+ <module name="admin" title="Administration">
+ <controleur name="index" title="Accueil">
+ <al title="Accueil de l'administration">
+ <action name="index" />
+ </al>
+ </controleur>
+ <controleur name="config" title="Configuration">
+ <al title="Editer la configuration du site">
+ <action name="index" />
+ </al>
+ </controleur>
+ <controleur name="users" title="Utilisateurs">
+ <al title="Lister les utilisateurs">
+ <action name="index" />
+ </al>
+ <al title="Editer les utilisateurs">
+ <action name="add" />
+ <action name="edit" />
+ <action name="del" />
+ </al>
+ </controleur>
+ <controleur name="plugins" title="Plugins">
+ <al title="Gerer les plugins">
+ <action name="index" />
+ <action name="install" />
+ <action name="uninstall" />
+ <action name="enable" />
+ <action name="disable" />
+ </al>
+ </controleur>
+ </module>
+ <module name="users" title="Utilisateurs">
+ <controleur name="infos" title="Compte">
+ <al title="Editer ses informations d'utilisateur">
+ <action name="index" />
+ <action name="edit" />
+ </al>
+ </controleur>
+ <controleur name="identification" title="Login">
+ <al title="Acceder a l'identification">
+ <action name="index" />
+ <action name="login" />
+ <action name="logout" />
+ </al>
+ </controleur>
+ </module>
+ </actions>
+
</config>
\ No newline at end of file
$env = $this->env();
$users = array("list" => array(), "total" => 0);
try{
- $SELECT = "SELECT *";
+ $SELECT = "SELECT #--users.*";
$FROM = " FROM #--users";
$WHERE = "";
$WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
- $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : "");
+ if(isset($status)){
+ $SELECT .= ", #--users_roles.id_role as status";
+ $FROM .=
+ " LEFT JOIN #--users_roles ON ("
+ ." #--users_roles.id_user=#--users.id"
+ ." AND #--users_roles.id_role=".$this->eq($status)
+ .")";
+ $WHERE .= ($WHERE ? " AND" : " WHERE")." mw_users_roles.id_role IS NOT NULL";
+ }
$LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
$sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
$rst = $sgbd->query($sql);
$rst = $sgbd->query($sql);
while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
$sgbd->free_result($rst);
+ foreach($users["list"] as $id_user => $user){
+ if(($status = $this->list_user_status($id_user)) !== false){
+ $users["list"][$id_user]["status"] = $status;
+ }
+ else{
+ $users = false;
+ break;
+ }
+ }
}
}
catch(Exception $e) { $users = false; }
return $users;
}
+ function list_user_status($id_user){
+ $sgbd = $this->sgbd();
+ $status = array();
+ try{
+ $rst = $sgbd->query("SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($id_user));
+ while($v_rst = $sgbd->fetch_assoc($rst)) $status[] = $v_rst["id_role"];
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $status = false; }
+ return $status;
+ }
+
function user_by_id($id){
$sgbd = $this->sgbd();
$user = array();
$rst = $sgbd->query($sql);
if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
$sgbd->free_result($rst);
+ if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status;
+ else $user = false;
}
catch(Exception $e) { $user = false; }
return $user;
$rst = $sgbd->query($sql);
if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
$sgbd->free_result($rst);
+ if($user){
+ if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status;
+ else $user = false;
+ }
}
catch(Exception $e) { $user = false; }
return $user;
$user_id = false;
try{
$sql =
- "INSERT INTO #--users(login, password, email, status) VALUES"
+ "INSERT INTO #--users(login, password, email) VALUES"
."( ".$this->eq($login)
.", ".$this->eq($password)
.", ".$this->eq($email)
- .", ".$status
.")";
$sgbd->query($sql);
$user_id = $sgbd->insert_id();
+ foreach($status as $id_role){
+ $sql =
+ "INSERT INTO #--users_roles(id_user, id_role) VALUES"
+ ."( ".$user_id
+ .", ".$this->eq($id_role)
+ .")";
+ $sgbd->query($sql);
+ }
}
catch(Exception $e) { $user_id = false; }
return $user_id;
." login=".$this->eq($login)
.", password=".$this->eq($password)
.", email=".$this->eq($email)
- .", status=".$status
- ." WHERE id=".$id;
+ ." WHERE id=".$this->eq($id);
+ $sgbd->query($sql);
+ $sql = "DELETE FROM #--users_roles WHERE id_user=".$this->eq($id);
$sgbd->query($sql);
+ foreach($status as $id_role){
+ $sql =
+ "INSERT INTO #--users_roles(id_user, id_role) VALUES"
+ ."( ".$this->eq($id)
+ .", ".$this->eq($id_role)
+ .")";
+ $sgbd->query($sql);
+ }
}
catch(Exception $e) { return false; }
return true;
}
function del_user($login){
- $sgbd = $this->sgbd();
- try{
- $sql = "DELETE FROM #--users WHERE login=".$this->eq($login);
- $sgbd->query($sql);
+ if(($user = $this->user($login)) !== false){
+ $sgbd = $this->sgbd();
+ try{
+ $sql = "DELETE FROM #--users WHERE login=".$this->eq($login)." AND id=".$user["id"];
+ $sgbd->query($sql);
+ $sql = "DELETE FROM #--users_roles WHERE id_user=".$user["id"];
+ $sgbd->query($sql);
+ }
+ catch(Exception $e) { return false; }
}
- catch(Exception $e) { return false; }
+ else return false;
return true;
}
# status
#
- function status(){
- if(!isset($this->user_status)) return false;
- return $this->user_status;
- }
-
function init_user_status($status = array()){
$sgbd = $this->sgbd();
$this->user_status = array();
try{
- $sql = "SELECT * FROM #--user_status";
+ $sql = "SELECT * FROM #--roles";
$rst = $sgbd->query($sql);
while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst;
$sgbd->free_result($rst);
return $this->user_status;
}
- function init_action_status($status = array()){
- if(!isset($this->user_status)) return false;
+ function add_role($nom, $intitule){
$sgbd = $this->sgbd();
- $this->action_status = array();
try{
- $sql = "SELECT * FROM #--action_status";
+ $sql =
+ "INSERT INTO #--roles(nom, intitule) VALUES("
+ ." ".$this->eq($nom)
+ .", ".$this->eq($intitule)
+ .")";
$rst = $sgbd->query($sql);
- while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst;
+ $id_role = $sgbd->insert_id();
+ }
+ catch(Exception $e) { $id_role = false; }
+ return $id_role;
+ }
+
+ function get_role($id){
+ if($id === "0") return array(
+ "id" => 0,
+ "nom" => "",
+ "intitule" => ""
+ );
+ $sgbd = $this->sgbd();
+ $role = array();
+ try{
+ $sql = "SELECT * FROM #--roles WHERE id=".$this->eq($id);
+ $rst = $sgbd->query($sql);
+ if($v_rst = $sgbd->fetch_assoc($rst)) $role = $v_rst;
$sgbd->free_result($rst);
}
- catch(Exception $e) { $this->action_status = false; }
- return $this->action_status;
+ catch(Exception $e) { $role = false; }
+ return $role;
+ }
+
+ function set_role($id, $nom, $intitule){
+ $sgbd = $this->sgbd();
+ try{
+ $sql =
+ "UPDATE #--roles SET"
+ ." nom=".$this->eq($nom)
+ .", intitule=".$this->eq($intitule)
+ ." WHERE id=".$this->eq($id);
+ $rst = $sgbd->query($sql);
+ }
+ catch(Exception $e) { return false; }
+ return true;
+ }
+
+ function clear_role_actions($id_role){
+ $sgbd = $this->sgbd();
+ try{
+ $sql = "DELETE FROM #--action_status WHERE id_status=".$this->eq($id_role);
+ $sgbd->query($sql);
+ }
+ catch(Exception $e) { return false; }
+ return true;
+ }
+
+ function clear_role_users($id_role){
+ $sgbd = $this->sgbd();
+ try{
+ $sql = "DELETE FROM #--users_roles WHERE id_role=".$this->eq($id_role);
+ $sgbd->query($sql);
+ }
+ catch(Exception $e) { return false; }
+ return true;
+ }
+
+ function add_role_action($id_role, $action){
+ $sgbd = $this->sgbd();
+ try{
+ $sql = "INSERT INTO #--action_status(action, id_status) VALUES(".$this->eq($action).", ".$this->eq($id_role).")";
+ $sgbd->query($sql);
+ $id_action_status = $sgbd->insert_id();
+ }
+ catch(Exception $e) { $id_action_status = false; }
+ return $id_action_status;
+ }
+
+ function del_role($id_role){
+ $sgbd = $this->sgbd();
+ try{
+ $sql = "DELETE FROM #--roles WHERE id=".$this->eq($id_role);
+ $sgbd->query($sql);
+ }
+ catch(Exception $e) { return false; }
+ return true;
+ }
+
+ function status(){
+ if(!isset($this->user_status)) return false;
+ return $this->user_status;
}
function get_user_status(){
+ $user_status = array();
$user = $this->get_session_user();
- if($user && isset($user["status"])) return $user["status"];
- return 0;
+ if($user && isset($user["id"])){
+ $sgbd = $this->sgbd();
+ try{
+ $sql = "SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($user["id"]);
+ $rst = $sgbd->query($sql);
+ while($v_rst = $sgbd->fetch_assoc($rst)) $user_status[] = $v_rst["id_role"];
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $_e){ return false; }
+ }
+ else $user_status[] = 0;
+ if(!$user_status) $user_status[] = 0;
+ return $user_status;
+ }
+
+ function init_action_status($status = array()){
+ if(!isset($this->user_status)) return false;
+ $this->action_status = $this->read_action_status();
+ return $this->action_status;
+ }
+
+ function read_action_status($params = array()){
+ $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false;
+ $sgbd = $this->sgbd();
+ $action_status = array();
+ try{
+ $sql = "SELECT * FROM #--action_status";
+ $rst = $sgbd->query($sql);
+ while($v_rst = $sgbd->fetch_assoc($rst)){
+ if($group_by_action){
+ if(!isset($action_status[$v_rst["action"]])) $action_status[$v_rst["action"]] = array();
+ $action_status[$v_rst["action"]][] = $v_rst["id_status"];
+ }
+ else $action_status[$v_rst["id"]] = $v_rst;
+ }
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $action_status = false; }
+ return $action_status;
}
function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){
return $status;
}
- function creation_default_status(){
- $sgbd = $this->sgbd();
- $default_status = 0;
- try{
- $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1";
- $rst = $sgbd->query($sql);
- if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"];
- $sgbd->free_result($rst);
+ function get_actions($id_role = null){
+ $env = $this->env();
+ if($actions = $env->get_actions()){
+ if(($action_status = $this->read_action_status(array("group_by_action" => true))) !== false){
+ foreach($actions as $module_name => $module){
+ if(isset($id_role)) $actions[$module_name]["module_allowed"] =
+ isset($action_status[$module_name])
+ && in_array($id_role, $action_status[$module_name]);
+ $actions[$module_name]["is_public"] =
+ isset($action_status[$module_name])
+ && in_array(0, $action_status[$module_name]);
+ foreach($module["controleurs"] as $controleur_name => $controleur){
+ if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] =
+ isset($action_status[$module_name."/".$controleur_name])
+ && in_array($id_role, $action_status[$module_name."/".$controleur_name]);
+ $actions[$module_name]["controleurs"][$controleur_name]["is_public"] =
+ isset($action_status[$module_name."/".$controleur_name])
+ && in_array(0, $action_status[$module_name."/".$controleur_name]);
+ foreach($controleur["als"] as $index_als => $al){
+ if($al["actions"]){
+ if(isset($id_role)){
+ $HAS_ACTION_NOT_ALLOWED = false;
+ foreach($al["actions"] as $action_name){
+ if(
+ !isset($action_status[$module_name."/".$controleur_name."/".$action_name])
+ || !in_array($id_role, $action_status[$module_name."/".$controleur_name."/".$action_name])
+ ){
+ $HAS_ACTION_NOT_ALLOWED = true;
+ break;
+ }
+ }
+ if(!$HAS_ACTION_NOT_ALLOWED){
+ $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true;
+ }
+ }
+ $HAS_ACTION_NOT_ALLOWED = false;
+ foreach($al["actions"] as $action_name){
+ if(
+ !isset($action_status[$module_name."/".$controleur_name."/".$action_name])
+ || !in_array(0, $action_status[$module_name."/".$controleur_name."/".$action_name])
+ ){
+ $HAS_ACTION_NOT_ALLOWED = true;
+ break;
+ }
+ }
+ if(!$HAS_ACTION_NOT_ALLOWED){
+ $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true;
+ }
+ }
+ }
+ }
+ }
+ return $actions;
+ }
}
- catch(Exception $e) { $default_status = false; }
- return $default_status;
+ return array();
}
# ----------------------------------------------------------------------------------------
$this->users[$user["id"]] = $user;
}
}
+ foreach($users["list"] as $id_user => $user){
+ if(($status = $this->list_user_status($id_user)) !== false){
+ $users["list"][$id_user]["status"] = $status;
+ }
+ else{
+ $users = false;
+ break;
+ }
+ }
}
else $users = false;
}
return $users;
}
+ function list_user_status($id_user){
+ $sgbd = $this->sgbd();
+ $status = array();
+ if($rst = $sgbd->open_data("users_roles")){
+ while($v_rst = $sgbd->fetch_data($rst)){
+ if(isset($v_rst)){
+ if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id_user){
+ $status[] = $v_rst["id_role"];
+ }
+ }
+ else{
+ $status = false;
+ break;
+ }
+ }
+ $sgbd->close_data($rst);
+ }
+ else $status = false;
+ return $status;
+ }
+
function user_by_id($id){
if(!isset($this->users)) $this->users = array();
if(isset($this->users[$id])) return $this->users[$id];
$sgbd = $this->sgbd();
if(($user = $sgbd->get_data("users", $id)) !== false){
$this->users[$id] = $user;
+ if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status;
+ else $user = false;
}
return $user;
}
else $user = false;
}
$sgbd->close_data($rst);
+ if($user){
+ if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status;
+ else $user = false;
+ }
}
else $user = false;
if($user !== false){
function add_user($login, $password, $email, $status){
$sgbd = $this->sgbd();
- return $sgbd->add_data(
- "users",
- array(
- "login" => $login,
- "password" => $password,
- "email" => $email,
- "status" => $status
- )
- );
+ if(
+ (
+ $id_user = $sgbd->add_data(
+ "users",
+ array(
+ "login" => $login,
+ "password" => $password,
+ "email" => $email
+ )
+ )
+ ) === false
+ ) return false;
+ $OK = true;
+ foreach($status as $id_role){
+ $OK = $sgbd->add_data(
+ "users_roles",
+ array(
+ "id_user" => $id_user,
+ "id_role" => $id_role
+ )
+ );
+ if(!$OK) break;
+ }
+ if(!$OK) return false;
+ return $id_user;
}
function set_user($id, $login, $password, $email, $status){
$sgbd = $this->sgbd();
- return $sgbd->set_data(
- "users",
- $id,
- array(
- "login" => $login,
- "password" => $password,
- "email" => $email,
- "status" => $status
+ if(
+ !$sgbd->set_data(
+ "users",
+ $id,
+ array(
+ "login" => $login,
+ "password" => $password,
+ "email" => $email
+ )
)
- );
+ ) return false;
+ if($rst = $sgbd->open_data("users_roles")){
+ $OK = true;
+ while($v_rst = $sgbd->fetch_data($rst)){
+ if(isset($v_rst)){
+ if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id){
+ if(!$sgbd->del_data("users_roles", $v_rst["id"])){
+ $OK = false;
+ break;
+ }
+ }
+ }
+ else $OK = false;
+ }
+ $sgbd->close_data($rst);
+ if(!$OK) return false;
+ }
+ else return false;
+ foreach($status as $id_role){
+ $OK = $sgbd->add_data(
+ "users_roles",
+ array(
+ "id_user" => $id,
+ "id_role" => $id_role
+ )
+ );
+ if(!$OK) break;
+ }
+ if(!$OK) return false;
+ return true;
}
function del_user($login){
if(($user = $this->user($login)) !== false){
$sgbd = $this->sgbd();
- return $sgbd->del_data("users", $user["id"]);
+ if(!$sgbd->del_data("users", $user["id"])) return false;
+ if($rst = $sgbd->open_data("users_roles")){
+ $OK = true;
+ while($v_rst = $sgbd->fetch_data($rst)){
+ if(isset($v_rst)){
+ if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){
+ if(!$sgbd->del_data("users_roles", $v_rst["id"])){
+ $OK = false;
+ break;
+ }
+ }
+ }
+ else $OK = false;
+ }
+ $sgbd->close_data($rst);
+ return $OK;
+ }
}
return false;
}
# status
#
- function status(){
- if(!isset($this->user_status)) return false;
- return $this->user_status;
- }
-
function init_user_status($status = array()){
$sgbd = $this->sgbd();
$this->user_status = array();
- if($rst = $sgbd->open_data("user_status")){
+ if($rst = $sgbd->open_data("roles")){
while($v_rst = $sgbd->fetch_data($rst)){
if(isset($v_rst)){
$this->user_status[$v_rst["id"]] = $v_rst;
$sgbd->close_data($rst);
}
else $this->user_status = false;
- if($status && $this->user_status !== false){
- foreach($status as $new_user_status){
- $id_status = false;
- foreach($this->user_status as $user_status) if($new_user_status["nom"] == $user_status["nom"]){
- $id_status = $user_status["id"];
- break;
- }
- if($id_status){
- $SAME = true;
- foreach($new_user_status as $status_key => $status_value){
- if(!isset($this->user_status[$id_status][$status_key]) || $this->user_status[$id_status][$status_key] != $status_value){
- $SAME = false;
+ return $this->user_status;
+ }
+
+ function add_role($nom, $intitule){
+ $sgbd = $this->sgbd();
+ $id_role = $sgbd->add_data(
+ "roles",
+ array(
+ "nom" => $nom,
+ "intitule" => $intitule
+ )
+ );
+ if(!isset($id_role)) return false;
+ return $id_role;
+ }
+
+ function get_role($id){
+ if($id === "0") return array(
+ "id" => 0,
+ "nom" => "",
+ "intitule" => ""
+ );
+ $sgbd = $this->sgbd();
+ $role = $sgbd->get_data("roles", $id);
+ if(!isset($role)) return false;
+ return $role ? $role : array();
+ }
+
+ function set_role($id, $nom, $intitule){
+ $sgbd = $this->sgbd();
+ if(
+ !$sgbd->set_data(
+ "roles",
+ $id,
+ array(
+ "nom" => $nom,
+ "intitule" => $intitule
+ )
+ )
+ ) return false;
+ return true;
+ }
+
+ function clear_role_actions($id_role){
+ $sgbd = $this->sgbd();
+ if($rst = $sgbd->open_data("action_status")){
+ $OK = true;
+ while($v_rst = $sgbd->fetch_data($rst)){
+ if(isset($v_rst)){
+ if(isset($v_rst["id"]) && isset($v_rst["id_status"]) && $v_rst["id_status"] == $id_role){
+ if(!$sgbd->del_data("action_status", $v_rst["id"])){
+ $OK = false;
break;
}
}
- if(!$SAME){
- if($sgbd->set_data("user_status", $id_status, $new_user_status)) $this->user_status[$id_status] = $new_user_status;
- else{
- $this->user_status = false;
+ }
+ else $OK = false;
+ }
+ $sgbd->close_data($rst);
+ return $OK;
+ }
+ return false;
+ }
+
+ function clear_role_users($id_role){
+ $sgbd = $this->sgbd();
+ if($rst = $sgbd->open_data("users_roles")){
+ $OK = true;
+ while($v_rst = $sgbd->fetch_data($rst)){
+ if(isset($v_rst)){
+ if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){
+ if(!$sgbd->del_data("users_roles", $v_rst["id"])){
+ $OK = false;
break;
}
}
}
- else{
- if($id_status = $sgbd->add_data("user_status", $new_user_status)) $this->user_status[$id_status] = $new_user_status;
+ else $OK = false;
+ }
+ $sgbd->close_data($rst);
+ return $OK;
+ }
+ return false;
+ }
+
+ function add_role_action($id_role, $action){
+ $sgbd = $this->sgbd();
+ $id_action_status = $sgbd->add_data(
+ "action_status",
+ array(
+ "action" => $action,
+ "id_status" => $id_role
+ )
+ );
+ if(!isset($id_action_status)) return false;
+ return $id_action_status;
+ }
+
+ function del_role($id_role){
+ $sgbd = $this->sgbd();
+ return $sgbd->del_data("roles", $id_role) ? true : false;
+ }
+
+ function status(){
+ if(!isset($this->user_status)) return false;
+ return $this->user_status;
+ }
+
+ function get_user_status(){
+ $user_status = array();
+ $user = $this->get_session_user();
+ if($user && isset($user["id"])){
+ $sgbd = $this->sgbd();
+ if($rst = $sgbd->open_data("users_roles")){
+ while($v_rst = $sgbd->fetch_data($rst)){
+ if(isset($v_rst)){
+ if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){
+ $user_status[] = $v_rst["id_role"];
+ }
+ }
else{
- $this->user_status = false;
+ $user_status = false;
break;
}
}
+ $sgbd->close_data($rst);
}
+ else $user_status = false;
+ if($user_status === false) return false;
}
- return $this->user_status;
+ else $user_status[] = 0;
+ if(!$user_status) $user_status[] = 0;
+ return $user_status;
}
function init_action_status($status = array()){
if(!isset($this->user_status)) return false;
+ $this->action_status = $this->read_action_status();
+ return $this->action_status;
+ }
+
+ function read_action_status($params = array()){
+ if(!isset($this->user_status)) return false;
+ $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false;
$sgbd = $this->sgbd();
- $this->action_status = array();
+ $action_status = array();
if($rst = $sgbd->open_data("action_status")){
while($v_rst = $sgbd->fetch_data($rst)){
if(isset($v_rst)){
- $this->action_status[$v_rst["id"]] = $v_rst;
+ if(isset($v_rst["action"]) && isset($v_rst["id_status"])){
+ if($group_by_action){
+ if(!isset($action_status[$v_rst["action"]])) $action_status[$v_rst["action"]] = array();
+ $action_status[$v_rst["action"]][] = $v_rst["id_status"];
+ }
+ else $action_status[$v_rst["id"]] = $v_rst;
+ }
}
else{
- $this->action_status = false;
+ $action_status = false;
break;
}
}
$sgbd->close_data($rst);
}
- else $this->action_status = false;
- if($status && $this->action_status !== false){
- $STATUS_OK = true;
- foreach($status as $id_new_action_status => $new_action_status){
- $FOUND = $new_action_status["id_status"] == "0";
- if(!$FOUND) foreach($this->user_status as $user_status){
- if($new_action_status["id_status"] == $user_status["nom"]){
- $FOUND = true;
- $status[$id_new_action_status]["id_status"] = $user_status["id"];
- }
- }
- if(!$FOUND){
- $STATUS_OK = false;
- break;
- }
- }
- if($STATUS_OK){
- foreach($status as $new_action_status){
- $id_status = false;
- foreach($this->action_status as $action_status){
- if(
- $new_action_status["action"] == $action_status["action"]
- && $new_action_status["id_status"] == $action_status["id_status"]
- ){
- $id_status = $action_status["id"];
- break;
- }
- }
- if($id_status){
- $SAME = true;
- foreach($new_action_status as $status_key => $status_value){
- if(!isset($this->action_status[$id_status][$status_key]) || $this->action_status[$id_status][$status_key] != $status_value){
- $SAME = false;
- break;
- }
- }
- if(!$SAME){
- if($id_status = $sgbd->add_data("action_status", $new_action_status)) $this->action_status[$id_status] = $new_action_status;
- else{
- $this->action_status = false;
- break;
- }
- }
- }
- else{
- if($id_status = $sgbd->add_data("action_status", $new_action_status)) $this->action_status[$id_status] = $new_action_status;
- else{
- $this->action_status = false;
- break;
- }
- }
- }
- }
- else $this->action_status = false;
- }
- return $this->action_status;
- }
-
- function get_user_status(){
- $user = $this->get_session_user();
- if($user && isset($user["status"])) return $user["status"];
- return 0;
+ else $action_status = false;
+ return $action_status;
}
function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){
$sgbd->close_data($rst);
}
else $status = false;
- if($status !== false){
- if($set_status){
- foreach($set_status as $new_action_status){
- $id_status = false;
- foreach($status as $user_status) if($new_user_status["nom"] == $user_status["nom"]){
- $id_status = $user_status["id"];
- break;
- }
- if($id_status){
- $SAME = true;
- foreach($new_user_status as $status_key => $status_value){
- if(!isset($status[$id_status][$status_key]) || $status[$id_status][$status_key] != $status_value){
- $SAME = false;
- break;
- }
- }
- if(!$SAME){
- if($sgbd->set_data("user_status", $id_status, $new_user_status)) $status[$id_status] = $new_user_status;
- else{
- $status = false;
- break;
- }
- }
- }
- else{
- if($id_status = $sgbd->add_data("user_status", $new_user_status)) $status[$id_status] = $new_user_status;
- else{
- $status = false;
- break;
- }
- }
- }
- }
- }
return $status;
}
- function creation_default_status(){
- $sgbd = $this->sgbd();
- $default_status = 0;
- if($rst = $sgbd->open_data("user_status")){
- while($v_rst = $sgbd->fetch_data($rst)){
- if(isset($v_rst)){
- if(isset($v_rst["creation_default"]) && $v_rst["creation_default"] == 1){
- $default_status = $v_rst["id"];
- break;
+ function get_actions($id_role = null){
+ $env = $this->env();
+ if($actions = $env->get_actions()){
+ if(($action_status = $this->read_action_status(array("group_by_action" => true))) !== false){
+ foreach($actions as $module_name => $module){
+ if(isset($id_role)) $actions[$module_name]["module_allowed"] =
+ isset($action_status[$module_name])
+ && in_array($id_role, $action_status[$module_name]);
+ $actions[$module_name]["is_public"] =
+ isset($action_status[$module_name])
+ && in_array(0, $action_status[$module_name]);
+ foreach($module["controleurs"] as $controleur_name => $controleur){
+ if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] =
+ isset($action_status[$module_name."/".$controleur_name])
+ && in_array($id_role, $action_status[$module_name."/".$controleur_name]);
+ $actions[$module_name]["controleurs"][$controleur_name]["is_public"] =
+ isset($action_status[$module_name."/".$controleur_name])
+ && in_array(0, $action_status[$module_name."/".$controleur_name]);
+ foreach($controleur["als"] as $index_als => $al){
+ if($al["actions"]){
+ if(isset($id_role)){
+ $HAS_ACTION_NOT_ALLOWED = false;
+ foreach($al["actions"] as $action_name){
+ if(
+ !isset($action_status[$module_name."/".$controleur_name."/".$action_name])
+ || !in_array($id_role, $action_status[$module_name."/".$controleur_name."/".$action_name])
+ ){
+ $HAS_ACTION_NOT_ALLOWED = true;
+ break;
+ }
+ }
+ if(!$HAS_ACTION_NOT_ALLOWED){
+ $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true;
+ }
+ }
+ $HAS_ACTION_NOT_ALLOWED = false;
+ foreach($al["actions"] as $action_name){
+ if(
+ !isset($action_status[$module_name."/".$controleur_name."/".$action_name])
+ || !in_array(0, $action_status[$module_name."/".$controleur_name."/".$action_name])
+ ){
+ $HAS_ACTION_NOT_ALLOWED = true;
+ break;
+ }
+ }
+ if(!$HAS_ACTION_NOT_ALLOWED){
+ $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true;
+ }
+ }
+ }
}
}
- else{
- $default_status = false;
- break;
- }
+ return $actions;
}
- $sgbd->close_data($rst);
}
- else $default_status = false;
- return $default_status;
+ return array();
}
# ----------------------------------------------------------------------------------------
if($this->init_links()){
$this->set_link("admin/config", $this->url("admin/config"), "Configuration", 10);
$this->set_link("admin/users", $this->url("admin/users"), "Utilisateurs", 20);
+ $this->set_link("admin/users/list", $this->url("admin/users/index"), "Liste des utilisateurs", 10);
+ $this->set_link("admin/users/roles", $this->url("admin/users/roles"), "Rôles", 20);
$this->set_link("admin/plugins", $this->url("admin/plugins"), "Plugins", 30);
}
else $this->erreur("impossible de charger les liens", true);
return true;
}
+ // ------------------------------------------------------------------------------------
+ // utilisateurs
+ //
+
function index(&$env){
$data = $env->data();
+ if($this->status) $env->set_out("status", $this->status);
+ else{
+ $env->erreur("impossible de lire la liste des status");
+ return;
+ }
if(
- $env->set_out(
- "users",
- $data->users(
+ ( $users = $data->users(
isset($_GET[$env->param("start")]) ? $_GET[$env->param("start")] : 0,
isset($_GET[$env->param("alpha")]) ? $_GET[$env->param("alpha")] : null,
isset($_GET[$env->param("status")]) ? $_GET[$env->param("status")] : null
)
) !== false
){
- if($this->status){
- $env->set_out("status", $this->status);
- }
- else $env->erreur("impossible de lire la liste des status");
+ $env->set_out("users", $users);
}
else $env->erreur("impossible de lire la liste des utilisateurs");
}
$data = $env->data();
if($this->status){
$env->set_out("status", $this->status);
- $env->set_out("user", array("status" => $data->creation_default_status()));
+ $user = array(
+ "login" => "",
+ "email" => "",
+ "status" => array()
+ );
if($_POST){
- $env->set_out("user", $_POST);
+ $VALID = true;
if($_POST["login"]){
- if(($exists = $data->user($_POST["login"])) !== false){
- if(!$exists){
- $VALID = true;
- if(!$_POST["email"]){
- $env->message("merci de preciser un email");
- $VALID = false;
- }
- if(!$_POST["password"]){
- $env->message("merci de preciser un mot de passe");
- $VALID = false;
- }
- if($_POST["password"] != $_POST["password_confirm"]){
- $env->message("la confirmation du mot de passe est incorrecte");
- $VALID = false;
- }
- if($VALID){
- if(
- $data->add_user(
- $_POST["login"],
- md5($_POST["password"]),
- $_POST["email"],
- $_POST["status"]
- )
- ){
- $env->redirect(
- $env->url("admin/users"),
- "l'utilisateur <strong>".$_POST["login"]."</strong> a été ajouté"
- );
- }
- else $env->erreur("Impossible d'ajouter l'utilisateur");
- }
+ $user["login"] = $_POST["login"];
+ }
+ else{
+ $env->message("merci de préciser un login");
+ $VALID = false;
+ }
+ if(($exists = $data->user($_POST["login"])) !== false){
+ if($exists){
+ $env->message("ce login existe déjà");
+ $VALID = false;
+ }
+ }
+ else{
+ $env->erreur("impossible de savoir si cet login existe déjà");
+ return;
+ }
+ if($_POST["email"]) $user["email"] = $_POST["email"];
+ else{
+ $env->message("merci de preciser un email");
+ $VALID = false;
+ }
+ if($_POST["password"]){
+ if($_POST["password"] == $_POST["password_confirm"]) $user["password"] = md5($_POST["password"]);
+ else{
+ $env->message("la confirmation du mot de passe est incorrecte");
+ $VALID = false;
+ }
+ }
+ else{
+ $env->message("merci de preciser un mot de passe");
+ $VALID = false;
+ }
+ $user["status"] = array();
+ foreach($_POST as $key => $value){
+ if(substr($key, 0, 7) == "status_"){
+ $id_role = substr($key, 7);
+ if(preg_match("/^[0-9]+$/", $id_role)){
+ $user["status"][] = $id_role;
}
- else $env->message("ce login existe déjà");
}
- else $env->erreur("impossible de savoir si cet login existe déjà");
}
- else $env->message("merci de préciser un login");
+ if($VALID){
+ if(
+ $data->add_user(
+ $user["login"],
+ $user["password"],
+ $user["email"],
+ $user["status"]
+ )
+ ){
+ $env->redirect(
+ $env->url("admin/users/edit", array("id" => $user["login"])),
+ "l'utilisateur <strong>".$_POST["login"]."</strong> a été ajouté"
+ );
+ }
+ else $env->erreur("Impossible d'ajouter l'utilisateur");
+ }
}
+ $env->set_out("user", $user);
}
else $env->erreur("impossible de lire la liste des status");
}
$data = $env->data();
if($this->status){
$env->set_out("status", $this->status);
- if($env->set_out("user", $data->user($_GET[$env->param("id")]))){
+ if($user = $data->user($_GET[$env->param("id")])){
if($_POST){
- $user = $env->out("user");
- $id = $user["id"];
- $login = $user["login"];
- $password = $user["password"];
- $_POST["login"] = $login;
- $env->set_out("user", $_POST);
$VALID = true;
- if(!$_POST["email"]){
+ if($_POST["email"]) $user["email"] = $_POST["email"];
+ else{
$env->message("merci de preciser un email");
$VALID = false;
}
$env->message("la confirmation du mot de passe est incorrecte");
$VALID = false;
}
+ if($VALID) $user["password"] = md5($_POST["password"]);
+ }
+ $user["status"] = array();
+ foreach($_POST as $key => $value){
+ if(substr($key, 0, 7) == "status_"){
+ $id_role = substr($key, 7);
+ if(preg_match("/^[0-9]+$/", $id_role) && isset($this->status[$id_role])){
+ $user["status"][] = $id_role;
+ }
+ }
}
if($VALID){
if(
$data->set_user(
- $id,
- $login,
- isset($_POST["change_password"]) && $_POST["change_password"] ? md5($_POST["password"]) : $password,
- $_POST["email"],
- $_POST["status"]
+ $user["id"],
+ $user["login"],
+ $user["password"],
+ $user["email"],
+ $user["status"]
)
)
$env->redirect(
- $env->url("admin/users"),
- "l'utilisateur <strong>".$login."</strong> a été modifié"
+ $env->url("admin/users/edit", array("id" => $user["login"])),
+ "l'utilisateur a été modifié"
);
else $env->erreur("Impossible de mettre à jour l'utilisateur");
}
}
+ $env->set_out("user", $user);
}
else $env->erreur("Impossible de lire les informations de cet utilisateur");
}
else $env->erreur("Impossible de lire les informations de cet utilisateur");
}
+ // ------------------------------------------------------------------------------------
+ // roles
+ //
+
+ function set_default_allow(&$env){
+ $default_allow = $_GET[$env->param("id")];
+ if(!isset($default_allow) || ($default_allow !== "0" && $default_allow !== "1")){
+ $env->erreur("parametre default_allow invalide");
+ return;
+ }
+ $data = $env->data();
+ if(!$data->set_config("default_allow", $default_allow)){
+ $env->erreur("impossible de mettre a jour la configuration default_allow");
+ return;
+ }
+ $env->redirect(
+ $env->url("admin/users/roles"),
+ "la configuration default_allow a été enregistrée"
+ );
+ }
+
+ function roles(&$env){
+ $data = $env->data();
+ $roles = $data->status();
+ $id_role = isset($_GET[$env->param("id")]) && $_GET[$env->param("id")] ? $_GET[$env->param("id")] : 0;
+ $env->set_out("id_role", $id_role);
+ if(!isset($roles) || $roles === false){
+ $env->erreur("impossible de lire la liste des roles");
+ return;
+ }
+ $env->set_out("roles", $roles);
+ if(($actions = $data->get_actions($id_role)) === false){
+ $env->erreur("impossible de lire la liste des droits d'acces");
+ return;
+ }
+ $env->set_out("actions", $actions);
+
+ }
+
+ function add_role(&$env){
+ $data = $env->data();
+ $role = array(
+ "nom" => "",
+ "intitule" => ""
+ );
+ if($_POST){
+ if(!($role["nom"] = $_POST["nom"])) $env->message("merci de preciser un nom");
+ if(!($role["intitule"] = $_POST["intitule"])) $env->message("merci de preciser un intitule");
+ if(!$env->messages()){
+ if(($id_role = $data->add_role($role["nom"], $role["intitule"])) !== false){
+ $env->redirect(
+ $env->url("admin/users/roles", array("id" => $id_role)),
+ "le rôle a été enregistré"
+ );
+ }
+ else $env->erreur("impossible d'enregistrer les informations du role");
+ }
+ }
+ $env->set_out("role", $role);
+ }
+
+ function edit_role(&$env){
+ $data = $env->data();
+ if(!isset($_GET[$env->param("id")]) || !($role = $data->get_role($_GET[$env->param("id")]))){
+ $env->erreur("impossible de lire les informations du role");
+ return;
+ }
+ if($_POST){
+ if(!($role["nom"] = $_POST["nom"])) $env->message("merci de preciser un nom");
+ if(!($role["intitule"] = $_POST["intitule"])) $env->message("merci de preciser un intitule");
+ if(!$env->messages()){
+ if($data->set_role($role["id"], $role["nom"], $role["intitule"])){
+ $env->redirect(
+ $env->url("admin/users/roles", array("id" => $role["id"])),
+ "le rôle a été enregistré"
+ );
+ }
+ else $env->erreur("impossible d'enregistrer les informations du role");
+ }
+ }
+ $env->set_out("role", $role);
+ }
+
+ function save_role(&$env){
+ $data = $env->data();
+ if(!($role = $data->get_role($_POST["id_role"]))){
+ $env->erreur("impossible de lire les informations du role");
+ return;
+ }
+ if(!$data->clear_role_actions($role["id"])){
+ $env->erreur("impossible de supprimer les actions du role");
+ return;
+ }
+ $action_status = array();
+ $als = array();
+ foreach($_POST as $key => $value){
+ if(substr($key, 0, 7) == "module_" && ($action = substr($key, 7))) $action_status[$action] = $role["id"];
+ elseif(substr($key, 0, 11) == "controleur_" && ($action = substr($key, 11))) $action_status[$action] = $role["id"];
+ elseif(substr($key, 0, 3) == "al_" && ($al_index = substr($key, 3))) $als[] = $al_index;
+ }
+ foreach($als as $al_index){
+ $al_prefix = "action_".$al_index."_";
+ $al_prefix_length = strlen($al_prefix);
+ foreach($_POST as $key => $value){
+ if(substr($key, 0, $al_prefix_length) == $al_prefix) $action_status[$value] = $role["id"];
+ }
+ }
+ foreach($action_status as $action => $id_role){
+ if(!$data->add_role_action($id_role, $action)){
+ $env->erreur("impossible d'enregistrer les actions du role");
+ return;
+ }
+ }
+ $env->redirect(
+ $env->url("admin/users/roles", array("id" => $role["id"])),
+ "les actions du rôle ont été enregistrées"
+ );
+ }
+
+ function del_role(&$env){
+ $data = $env->data();
+ if(!isset($_GET[$env->param("id")]) || !($role = $data->get_role($_GET[$env->param("id")]))){
+ $env->erreur("impossible de lire les informations du role");
+ return;
+ }
+ if($data->clear_role_actions($role["id"])){
+ if($data->clear_role_users($role["id"])){
+ if($data->del_role($role["id"])){
+ $env->redirect(
+ $env->url("admin/users/roles"),
+ "le rôle a été effacé"
+ );
+ }
+ else $env->erreur("impossible de supprimer le role");
+ }
+ else $env->erreur("impossible de supprimer le role aux utilisateurs");
+ }
+ else $env->erreur("impossible de supprimer les actions du role");
+ }
+
}
?>
\ No newline at end of file
<div id="main">
<div class="content">
- <div id="colonne">
+ <div id="colonne" class="admin">
<?php require $this->out_file("views/admin/colonne.php"); ?>
</div>
/* ------------------------------------------------- MENU COLONNE */
-#colonne ul.menu{
+#colonne .menu ul{
list-style-type: none;
margin: 5px 20px 5px 10px;
padding: 0;
}
-#colonne ul.menu ul{
+#colonne .menu ul ul{
list-style-type: none;
margin: 0 0 0 20px;
padding: 0;
}
-#colonne ul.menu li{
+#colonne .menu ul li{
margin: 1px 0;
padding: 0;
border-bottom: solid 1px #e5e5e5;
}
-#colonne ul.menu li a{
+#colonne .menu ul li a{
display: block;
line-height: 2em;
padding: 0 1em;
background-color: #f5f5f5;
}
-#colonne ul.menu li a:hover{
+#colonne .menu ul li a:hover{
color: #000066;
background-color: #f1f1f1;
}
width: 50px;
}
+ul.actions li{
+ margin-left: 15px;
+}
+
+ul.actions li.public{
+ background-color: #f5fff2;
+}
+
+form ul.actions li{
+ padding: 0;
+}
+
+form ul.actions li label{
+ display: inline;
+ float: none;
+ width: auto;
+ text-align: left;
+ padding-right: 0px;
+}
+
.navig{
text-align: right;
border: solid 1px #d5d5d5;
<index content="views/admin/users/list.php" />
<add content="views/admin/users/add.php" />
<edit content="views/admin/users/edit.php" />
+ <roles content="views/admin/users/roles.php" />
+ <add_role content="views/admin/users/add_role.php" />
+ <edit_role content="views/admin/users/edit_role.php" />
</users>
<config content="views/admin/config.php" />
<plugins>
<?php $data = $this->data(); if(($admin_menu = $data->get_link("admin")) && $admin_menu["subs"]) : ?>
-<ul class="menu">
- <?php foreach($admin_menu["subs"] as $link) : ?>
- <li><a href="<?php echo $link["url"]; ?>"><?php echo $link["intitule"]; ?></a></li>
- <?php endforeach; ?>
-</ul>
+
+<?php echo get_menu_ul($admin_menu); ?>
+
<?php endif; ?>
\ No newline at end of file
</div>
</li>
<li>
- <label for="status">statut</label>
+ <label for="status">rôle</label>
<div class="form_input">
- <select name="status" id="status">
- <?php foreach($this->out["status"] as $id_status => $status) : ?>
- <option value="<?php echo $id_status; ?>"<?php echo $this->out["user"]["status"] == $id_status ? " selected" : ""; ?>>
- <?php echo $status["nom"]; ?>
- </option>
- <?php endforeach; ?>
- </select>
+ <ul>
+ <?php foreach($this->out["status"] as $id_status => $status) : ?>
+ <li>
+ <input type="checkbox" name="status_<?php echo $id_status; ?>"<?php
+ echo in_array($id_status, $this->out["user"]["status"]) ? " checked" : "";
+ ?> />
+ <?php echo $status["intitule"]; ?>
+ </li>
+ <?php endforeach; ?>
+ </ul>
</div>
</li>
<li>
--- /dev/null
+<h2>Ajouter un rôle</h2>
+
+<ul class="buttons">
+ <li><a href="<?php echo $this->url("admin/users/roles"); ?>">Retour à la liste des actions</a></li>
+</ul>
+
+<form name="role_form" action="<?php echo $this->url("admin/users/add_role"); ?>" method="post">
+ <fieldset>
+ <ul>
+ <li>
+ <label for="nom">Nom</label>
+ <div class="form_input">
+ <input type="text" name="nom" id="nom" value="<?php echo $this->out["role"]["nom"]; ?>" />
+ </div>
+ </li>
+ <li>
+ <label for="nom">Intitulé</label>
+ <div class="form_input">
+ <input type="text" name="intitule" id="nom" value="<?php echo $this->out["role"]["intitule"]; ?>" />
+ </div>
+ </li>
+ <li>
+ <div class="form_buttons">
+ <input type="submit" value="Enregistrer" />
+ </div>
+ </li>
+ </ul>
+ </fieldset>
+</form>
<ul class="buttons">
<li><a href="<?php echo $this->url("admin/users"); ?>">Retour à la liste des utilisateurs</a></li>
+ <li><a href="<?php echo $this->url("admin/users/del", array("id" => $this->out["user"]["login"])); ?>"
+ class="admin_link"
+ title="supprimer cet utilisateur"
+ onclick="return confirm('Supprimer cet utilisateur ?')"><img src="<?php echo $this->out_url("icons/del.gif"); ?>"/></a></li>
</ul>
-<form name="user_form" action="<?php echo $this->url("admin/users/edit", array("id" => $_GET[$this->param("id")])); ?>" method="post">
+<form name="user_form" action="<?php echo $this->url("admin/users/edit", array("id" => $this->out["user"]["login"])); ?>" method="post">
<fieldset>
<ul>
<li>
</div>
</li>
<li>
- <label for="status">statut</label>
+ <label for="status">rôle</label>
<div class="form_input">
- <select name="status" id="status">
- <?php foreach($this->out["status"] as $id_status => $status) : ?>
- <option value="<?php echo $id_status; ?>"<?php echo $this->out["user"]["status"] == $id_status ? " selected" : ""; ?>>
- <?php echo $status["nom"]; ?>
- </option>
- <?php endforeach; ?>
- </select>
+ <ul>
+ <?php foreach($this->out["status"] as $id_status => $status) : ?>
+ <li>
+ <input type="checkbox" name="status_<?php echo $id_status; ?>"<?php
+ echo in_array($id_status, $this->out["user"]["status"]) ? " checked" : "";
+ ?> />
+ <?php echo $status["intitule"]; ?>
+ </li>
+ <?php endforeach; ?>
+ </ul>
</div>
</li>
<li>
--- /dev/null
+<h2>Editer un rôle</h2>
+
+<ul class="buttons">
+ <li><a href="<?php echo $this->url("admin/users/roles", array("id" => $this->out["role"]["id"])); ?>">Retour à la liste des actions</a></li>
+ <li><a href="<?php echo $this->url("admin/users/del_role", array("id" => $this->out["role"]["id"])); ?>"
+ class="admin_link"
+ title="supprimer ce role"
+ onclick="return confirm('Supprimer ce role ?')"><img src="<?php echo $this->out_url("icons/del.gif"); ?>" /></a></li>
+</ul>
+
+<form name="role_form" action="<?php echo $this->url("admin/users/edit_role", array("id" => $this->out["role"]["id"])); ?>" method="post">
+ <fieldset>
+ <ul>
+ <li>
+ <label for="nom">Nom</label>
+ <div class="form_input">
+ <input type="text" name="nom" id="nom" value="<?php echo $this->out["role"]["nom"]; ?>" />
+ </div>
+ </li>
+ <li>
+ <label for="nom">Intitulé</label>
+ <div class="form_input">
+ <input type="text" name="intitule" id="nom" value="<?php echo $this->out["role"]["intitule"]; ?>" />
+ </div>
+ </li>
+ <li>
+ <div class="form_buttons">
+ <input type="submit" value="Enregistrer" />
+ </div>
+ </li>
+ </ul>
+ </fieldset>
+</form>
<tr>
<th>login</th>
<th>email</th>
- <th>statut</th>
+ <th>rôle</th>
<th align="center" colspan="2">actions</th>
</tr>
<?php foreach($this->out["users"]["list"] as $id_user => $user) : ?>
<tr class="hl">
<td><?php echo $user["login"]; ?></td>
<td><a href="mailto:<?php echo $user["email"]; ?>"><?php echo $user["email"]; ?></a></td>
- <td><?php echo $this->out["status"][$user["status"]]["nom"]; ?></td>
+ <td>
+ <?php
+
+ $role = "";
+ foreach($user["status"] as $id_role) $role .= ($role ? ", " : "").$this->out["status"][$id_role]["intitule"];
+
+ ?>
+ <?php echo $role; ?>
+ </td>
<td class="action">
<a href="<?php echo $this->url("admin/users/edit", array("id" => $user["login"])); ?>"
class="admin_link"
<td class="action">
<a href="<?php echo $this->url("admin/users/del", array("id" => $user["login"])); ?>"
class="admin_link"
- title="supprimer cet utilisateur"><img src="<?php echo $this->out_url("icons/del.gif"); ?>"
- onclick="return confirm('Supprimer cet utilisateur ?')"/></a>
+ title="supprimer cet utilisateur"
+ onclick="return confirm('Supprimer cet utilisateur ?')"><img src="<?php echo $this->out_url("icons/del.gif"); ?>"/></a>
</td>
</tr>
<?php endforeach; ?>
--- /dev/null
+<h2>Les rôles</h2>
+
+<h3>Politique d'accès</h3>
+<p>
+ <label for="default_allow">Autoriser l'accès par défaut</label>
+ <select id="default_allow" onchange="document.location=this.options[this.selectedIndex].value;">
+ <option value="<?php echo $this->url("admin/users/set_default_allow", array("id" => "1")); ?>"<?php echo $this->config("default_allow") ? " selected" : ""; ?>>oui</option>
+ <option value="<?php echo $this->url("admin/users/set_default_allow", array("id" => "0")); ?>"<?php echo $this->config("default_allow") ? "" : " selected"; ?> />non</option>
+ </select>
+</p>
+<br />
+
+<h3>
+ Autorisations d'accès pour
+ <select onchange="document.location=this.options[this.selectedIndex].value;">
+ <option value="<?php echo $this->url("admin/users/roles", array("id" => 0)); ?>">Visiteurs non identifiés</option>
+ <?php foreach($this->out["roles"] as $id_role => $role) : ?>
+ <option value="<?php echo $this->url("admin/users/roles", array("id" => $id_role)); ?>"<?php echo $this->out["id_role"] == $id_role ? " selected" : ""; ?>><?php echo $role["intitule"]; ?></option>
+ <?php endforeach; ?>
+ </select>
+ <?php if($this->out["id_role"]) : ?>
+ <a href="<?php echo $this->url("admin/users/edit_role", array("id" => $this->out["id_role"])); ?>"
+ class="admin_link"
+ title="modifier ce role"><img src="<?php echo $this->out_url("icons/edit.gif"); ?>" /></a>
+ <a href="<?php echo $this->url("admin/users/del_role", array("id" => $this->out["id_role"])); ?>"
+ class="admin_link"
+ title="supprimer ce role"><img src="<?php echo $this->out_url("icons/del.gif"); ?>"
+ onclick="return confirm('Supprimer ce role ?')"/></a>
+ <?php endif; ?>
+ <a href="<?php echo $this->url("admin/users/add_role"); ?>"
+ class="admin_link"
+ title="ajouter un role"><img src="<?php echo $this->out_url("icons/add.gif"); ?>" /></a>
+</h3>
+
+
+<?php if($this->out["actions"]) : ?>
+<form action="<?php echo $this->url("admin/users/save_role"); ?>" method="post">
+ <input type="hidden" name="id_role" value="<?php echo $this->out["id_role"]; ?>" />
+ <ul class="actions">
+ <?php $index_al = 0; foreach($this->out["actions"] as $module_name => $module) : ?>
+ <li<?php echo $module["is_public"] ? " class=\"public\"" : "" ?>>
+ <input type="checkbox" name="module_<?php echo $module_name; ?>"<?php echo $module["module_allowed"] ? " checked" : "" ?> />
+ <label><?php echo $module_name; ?></label>
+ <?php if($module["controleurs"]) : ?>
+ <ul>
+ <?php foreach($module["controleurs"] as $controleur_name => $controleur) : ?>
+ <li<?php echo $controleur["is_public"] ? " class=\"public\"" : "" ?>>
+ <input type="checkbox" name="controleur_<?php echo $module_name."/".$controleur_name; ?>"<?php echo $controleur["controleur_allowed"] ? " checked" : "" ?> />
+ <label><?php echo $controleur_name; ?></label>
+ <?php if($controleur["als"]) : ?>
+ <ul>
+ <?php foreach($controleur["als"] as $al) : $index_al++; ?>
+ <li<?php echo $al["is_public"] ? " class=\"public\"" : "" ?>>
+ <input type="checkbox" name="al_<?php echo $index_al; ?>"<?php echo $al["action_allowed"] ? " checked" : "" ?> />
+ <?php foreach($al["actions"] as $index_action=> $action_name) : ?>
+ <input type="hidden" name="action_<?php echo $index_al; ?>_<?php echo $index_action; ?>" value="<?php echo $module_name."/".$controleur_name."/".$action_name; ?>" />
+ <?php endforeach; ?>
+ <label><?php echo $al["title"]; ?></label>
+ </li>
+ <?php endforeach; ?>
+ </ul>
+ <?php endif; ?>
+ </li>
+ <?php endforeach; ?>
+ </ul>
+ <?php endif; ?>
+ </li>
+ <?php endforeach; ?>
+ <li>
+ <div class="form_buttons">
+ <input type="submit" value="Enregistrer" />
+ </div>
+ </li>
+ </ul>
+</form>
+<?php else : ?>
+<p>Aucune action déclarée</p>
+<?php endif; ?>
+
<ul>
-<?php if($this->config("contact_form")) : ?>
+<?php if($this->config("contact_form") && $this->status_ok("forms/contact")) : ?>
<li><a href="<?php echo $this->url("forms/contact"); ?>">contact</a></li>
<?php endif; ?>
<?php if(!($user = $this->user())) : ?>
-
<li><a href="<?php echo $this->url("users/identification"); ?>">s'identifier</a></li>
+ <li><a href="<?php echo $this->url("users/identification"); ?>">s'identifier</a></li>
<?php else : ?>
<li>Bienvenue <strong><?php echo $user["login"]; ?></strong></li>
- <li><a href="<?php echo $this->url("users"); ?>">compte</a></li>
+ <?php if($this->status_ok("users/infos")) : ?>
+ <li><a href="<?php echo $this->url("users/infos"); ?>">compte</a></li>
+ <?php endif; ?>
<?php if($this->status_ok("admin")) : ?>
<li><a href="<?php echo $this->url("admin"); ?>">admin</a></li>
<?php endif; ?>
</div>
</li>
<li>
- <label for="status_name">statut</label>
+ <label for="status_name">rôle</label>
<div class="form_input">
- <input type="text" name="status_name" id="status_name" value="<?php echo $this->out["status"][$this->out["user"]["status"]]["nom"]; ?>" disabled="disabled" />
+ <?php
+ $role = "";
+ foreach($this->out["user"]["status"] as $id_role){
+ $role .= ($role ? ", " : "").$this->out["status"][$id_role]["intitule"];
+ }
+ echo $role;
+ ?>
</div>
</li>
<li>
var $PARAMS;
var $CONFIG;
var $bdd;
+ var $actions;
function load_config($bdd, $CONFIG){
if(true){
)
);
}
+ if(isset($app_config["subs"]["actions"][0]["subs"]["module"])){
+ foreach($app_config["subs"]["actions"][0]["subs"]["module"] as $module_elt){
+ $module_name = $module_elt["attrs"]["name"];
+ if(!isset($this->actions[$module_name])) $this->actions[$module_name] = array(
+ "controleurs" => array(),
+ "module_allowed" => false,
+ "is_public" => false
+ );
+ if(isset($module_elt["subs"]["controleur"])){
+ foreach($module_elt["subs"]["controleur"] as $controleur_elt){
+ $controleur_name = $controleur_elt["attrs"]["name"];
+ if(!isset($this->actions[$module_name]["controleurs"][$controleur_name])) $this->actions[$module_name]["controleurs"][$controleur_name] = array(
+ "als" => array(),
+ "controleur_allowed" => false,
+ "is_public" => false
+ );
+ if(isset($controleur_elt["subs"]["al"])){
+ $al_index = 0;
+ foreach($controleur_elt["subs"]["al"] as $al_elt){
+ $action_title = $al_elt["attrs"]["title"];
+ if(isset($al_elt["subs"]["action"])){
+ foreach($al_elt["subs"]["action"] as $action_elt){
+ if(!isset($this->actions[$module_name]["controleurs"][$controleur_name]["als"][$al_index])){
+ $this->actions[$module_name]["controleurs"][$controleur_name]["als"][$al_index] = array(
+ "title" => $action_title,
+ "action_allowed" => false,
+ "is_public" => false,
+ "actions" => array()
+ );
+ }
+ $this->actions[$module_name]["controleurs"][$controleur_name]["als"][$al_index]["actions"][] = $action_elt["attrs"]["name"];
+ }
+ }
+ $al_index++;
+ }
+ }
+ }
+ }
+ }
+ }
}
function get_config_file(){
return false;
}
+ function get_actions(){
+ return isset($this->actions) ? $this->actions : array();
+ }
+
}
?>
\ No newline at end of file
}
function status_ok($etat, $CHECK_FORMAT = true){
- $OK = $this->config("default_allow");
$data = $this->data();
if($CHECK_FORMAT) $etat = $this->valid_etat($etat);
- if($etat !== false){
- if(($user_status = $data->get_user_status()) !== false){
- if(
- (
- $action_status = $data->get_action_status(
- $etat["mod"],
- $etat["controller"],
- $etat["action"]
- )
- ) !== false
- ){
- $action = $etat["mod"]."/".$etat["controller"]."/".$etat["action"];
- if(isset($action_status[$action])){
- $OK =
- (isset($action_status[$action][0]) && $action_status[$action][0])
- || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]);
- }
- else{
- $action = $etat["mod"]."/".$etat["controller"];
- if(isset($action_status[$action])){
- $OK =
- (isset($action_status[$action][0]) && $action_status[$action][0])
- || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]);
- }
- else{
- $action = $etat["mod"];
- if(isset($action_status[$action])){
- $OK =
- (isset($action_status[$action][0]) && $action_status[$action][0])
- || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]);
- }
- }
- }
+ if($etat === false){
+ $this->erreur("etat invalide");
+ return false;
+ }
+ if(($user_status = $data->get_user_status()) === false){
+ $this->erreur("Impossible de lire les roles de l'utilisateur courant");
+ return false;
+ }
+ if(!$user_status){
+ $this->erreur("L'utilisateur courant n'a aucun role");
+ return false;
+ }
+ if(
+ (
+ $action_status = $data->get_action_status(
+ $etat["mod"],
+ $etat["controller"],
+ $etat["action"]
+ )
+ ) === false
+ ){
+ $this->erreur("Impossible de lire les status des actions en base");
+ return false;
+ }
+ foreach($user_status as $id_role){
+ $OK = $this->config("default_allow");
+ $action = $etat["mod"];
+ if(isset($action_status[$action])){
+ $OK =
+ (isset($action_status[$action][0]) && $action_status[$action][0])
+ || (isset($action_status[$action][$id_role]) && $action_status[$action][$id_role]);
+ }
+ if(!$OK){
+ $action = $etat["mod"]."/".$etat["controller"];
+ if(isset($action_status[$action])){
+ $OK =
+ (isset($action_status[$action][0]) && $action_status[$action][0])
+ || (isset($action_status[$action][$id_role]) && $action_status[$action][$id_role]);
+ }
+ }
+ if(!$OK){
+ $action = $etat["mod"]."/".$etat["controller"]."/".$etat["action"];
+ if(isset($action_status[$action])){
+ $OK =
+ (isset($action_status[$action][0]) && $action_status[$action][0])
+ || (isset($action_status[$action][$id_role]) && $action_status[$action][$id_role]);
}
- else $this->erreur("Impossible de lire les status des actions en base");
}
- else $this->erreur("Impossible de lire le statut de l'utilisateur courant");
+ if($OK) break;
}
- else $this->erreur("etat invalide");
return $OK;
}
Par defaut, mtweb stocke ses donnees dans des fichiers XML.
pour utilisez le stockage des donnees avec MySql :
- - importez les tables fournies dans le fichier "content/data/sql/mysql/mtweb.sql"
+ - importez les tables fournies dans le fichier "content/data/mysql/mtweb.sql"
- puis dans le fichier "config.php" :
- commentez la partie relative aux donnees XML
- decommentez la partie relative aux donnees MySql
projects / mtweb / commitdiff