source: extensions/NBC_News/trunk/admin/news_user_perm.php @ 5179

Last change on this file since 5179 was 5179, checked in by Eric, 14 years ago

[NBC_News]

  • Initial commit for Piwigo 2.0.x : Not fully functionnal and a lot work to do...
  • Property svn:eol-style set to LF
File size: 8.9 KB
Line 
1<?php
2
3global $user, $template, $lang, $conf, $page;
4
5if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
6
7include_once(NBC_NEWS_PATH.'include/constants.php');
8include_once(NBC_NEWS_PATH.'include/functions_news.inc.php');
9include(get_language_filepath('plugin.lang.php', NBC_NEWS_PATH));
10 
11
12
13// Gestion des onglets
14include_once(PHPWG_ROOT_PATH . 'admin/include/functions_tabsheet.inc.php');
15
16$page['tab'] = 'Users';
17
18$page_news_admin = get_admin_plugin_menu_link(dirname(__FILE__).'/news_admin.php');
19
20$page['tabsheet'] = array(
21    'NewsAdmin' => array('caption' => l10n('title_admin_news'), 'url' => add_url_params($page_news_admin, array('tab' => 'NewsAdmin'))),
22    'Users' => array('caption' => l10n('title_users'), 'url' => add_url_params($page_news_admin, array('tab' => 'Users'))),
23    'Groups' => array('caption' => l10n('title_groups'), 'url' => add_url_params($page_news_admin, array('tab' => 'Groups'))),
24    'Config' => array('caption' => l10n('config'), 'url' => add_url_params($page_news_admin, array('tab' => 'Config'))),
25    );
26
27$page['tabsheet'][$page['tab']]['selected'] = true;
28template_assign_tabsheet();
29
30
31 
32include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
33
34// +-----------------------------------------------------------------------+
35// | Check Access and exit when user status is not ok                      |
36// +-----------------------------------------------------------------------+
37check_status(ACCESS_ADMINISTRATOR);
38
39// +-----------------------------------------------------------------------+
40// |                            variables init                             |
41// +-----------------------------------------------------------------------+
42
43if (isset($_GET['user_id']) and is_numeric($_GET['user_id']))
44{
45  $page['user'] = $_GET['user_id'];
46}
47else
48{
49  echo l10n('user_id URL parameter is missing');
50  exit();
51}
52
53// +-----------------------------------------------------------------------+
54// |                                updates                                |
55// +-----------------------------------------------------------------------+
56
57if ( isset($_POST['falsify']) and isset($_POST['news_true']) and count($_POST['news_true']) > 0 and !is_adviser() )
58{
59  // if you forbid access to a news for group authorized
60  $query = '
61    DELETE FROM '.NEWS_USER_ACCESS_TABLE.'
62    WHERE user_id = '.$page['user'].'
63    AND new_id IN ('.implode(',', $_POST['news_true']).')
64    ;';
65  pwg_query($query);
66}
67else if (isset($_POST['falsify']) and isset($_POST['news_refuse']) and count($_POST['news_refuse']) > 0 and !is_adviser() )
68{
69  // if you refuse access to a news for group refused
70  $query = '
71    DELETE FROM '.NEWS_USER_REFUSED_TABLE.'
72    WHERE user_id = '.$page['user'].'
73    AND new_id IN ('.implode(',', $_POST['news_refuse']).')
74    ;';
75  pwg_query($query);
76}
77else if (isset($_POST['trueify']) and isset($_POST['news_false']) and count($_POST['news_false']) > 0 and !is_adviser() )
78{
79  $inserts = array();
80
81  foreach ($_POST['news_false'] as $to_autorize_id)
82  {
83    array_push($inserts, array('user_id' => $page['user'],
84                               'new_id' => $to_autorize_id));
85  }
86
87  mass_inserts(NEWS_USER_ACCESS_TABLE, array('user_id','new_id'), $inserts);
88}
89else if (isset($_POST['refusify']) and isset($_POST['news_false']) and count($_POST['news_false']) > 0 and !is_adviser() )
90{
91  $inserts = array();
92
93  foreach ($_POST['news_false'] as $to_refuse_id)
94  {
95    array_push($inserts, array('user_id' => $page['user'],
96                               'new_id' => $to_refuse_id));
97  }
98
99  mass_inserts(NEWS_USER_REFUSED_TABLE, array('user_id','new_id'), $inserts);
100}
101
102
103// +-----------------------------------------------------------------------+
104// |                             template init                             |
105// +-----------------------------------------------------------------------+
106
107$template->set_filenames(
108  array(
109    'news_admin_perm' => NBC_NEWS_PATH . 'template/admin/news_admin_perm.tpl',
110    'news_double_select' => NBC_NEWS_PATH . 'template/admin/news_double_select.tpl'
111    )
112  );
113
114$template->assign_vars(
115  array(
116    'TITLE' => sprintf(l10n('Manage permissions for user "%s"'), get_username($page['user'])),
117    'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=news_user_perm',
118    'F_ACTION' => add_url_params(get_admin_plugin_menu_link(dirname(__FILE__).'/news_user_perm.php'), array('user_id' => $page['user'])), 
119    )
120  );
121
122// retrieve news ids refused to the groups the user belongs to
123$group_refused = array();
124
125$query = '
126  SELECT DISTINCT nt.id, nt.title , nt.new_id
127  FROM '.NEWS_TRANSLATION_TABLE.' AS nt
128  INNER JOIN '.NEWS_GROUP_REFUSED_TABLE.' AS ngr ON nt.new_id = ngr.new_id
129  INNER JOIN '.USER_GROUP_TABLE.' AS ug ON ug.group_id = ngr.group_id
130  WHERE ug.user_id = '.$page['user'].'
131  ORDER BY nt.new_id
132  ;';
133$result = pwg_query($query);
134
135if (mysql_num_rows($result) > 0)
136{
137  $template->assign_block_vars('groups_refused', array());
138
139  $news = array();
140
141  while ($row = mysql_fetch_array($result))
142  {
143    array_push($news, $row);
144    array_push($group_refused, $row['new_id']);
145  }
146
147  foreach ($news as $new)
148  {
149    $template->assign_block_vars(
150      'groups_refused.news',
151      array(
152        'NAME' => '['.$new['new_id'].'] - '.$new['title']
153        )
154      );
155  }
156}
157
158// only private news are listed
159$query_refuse = '
160  SELECT nt.id, nt.title, nt.new_id
161  FROM '.NEWS_TRANSLATION_TABLE.' as nt
162  INNER JOIN '.NEWS_USER_REFUSED_TABLE.' as nur ON nt.new_id = nur.new_id
163  INNER JOIN '.NEWS_TABLE.' as n ON n.id = nt.new_id
164  WHERE n.status = \'private\'
165  AND nur.user_id = '.$page['user'];
166$query_refuse .= (count($group_refused) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $group_refused).')' : '';
167$query_refuse .= ' ORDER BY nt.new_id;';
168
169display_select_news_wrapper($query_refuse,array(),'news_option_refuse');
170
171$result = pwg_query($query_refuse);
172
173$refused_ids = array();
174
175while ($row = mysql_fetch_array($result))
176{
177  array_push($refused_ids, $row['new_id']);
178}
179
180// retrieve news ids authorized to the groups the user belongs to
181$group_authorized = array();
182
183$query = '
184  SELECT DISTINCT nt.id, nt.title, nt.new_id
185  FROM '.USER_GROUP_TABLE.' AS ug
186  INNER JOIN '.NEWS_GROUP_ACCESS_TABLE.' AS nga ON ug.group_id = nga.group_id
187  INNER JOIN '.NEWS_TRANSLATION_TABLE.' AS nt ON nt.new_id = nga.new_id
188  WHERE ug.user_id = '.$page['user'];
189$query .= (count($group_refused) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $group_refused).')' : '';
190$query .= (count($refused_ids) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $refused_ids).')' : '';
191$query .= ' ORDER BY nt.new_id;';
192
193$result = pwg_query($query);
194
195if (mysql_num_rows($result) > 0)
196{
197  $template->assign_block_vars('groups_authorized', array());
198
199  $news = array();
200
201  while ($row = mysql_fetch_array($result))
202  {
203    array_push($news, $row);
204    array_push($group_authorized, $row['new_id']);
205  }
206 
207  foreach ($news as $new)
208  {
209    $template->assign_block_vars(
210      'groups_authorized.news',
211      array(
212        'NAME' => '['.$new['new_id'].'] - '.$new['title']
213        )
214      );
215  }
216}
217
218$query_true = '
219  SELECT nt.id, nt.title, nt.new_id
220  FROM '.NEWS_TRANSLATION_TABLE.' as nt
221  INNER JOIN '.NEWS_USER_ACCESS_TABLE.' as nua ON nt.new_id = nua.new_id
222  INNER JOIN '.NEWS_TABLE.' as n ON n.id = nt.new_id
223  WHERE n.status = \'private\'
224  AND nua.user_id = '.$page['user'];
225$query_true .= (count($group_refused) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $group_refused).')' : '';
226$query_true .= (count($refused_ids) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $refused_ids).')' : '';
227$query_true .= (count($group_authorized) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $group_authorized).')' : '';
228$query_true .= ' ORDER BY nt.new_id;';
229
230display_select_news_wrapper($query_true,array(),'news_option_true');
231
232$result = pwg_query($query_true);
233
234$authorized_ids = array();
235
236while ($row = mysql_fetch_array($result))
237{
238  array_push($authorized_ids, $row['new_id']);
239}
240
241$query_false = '
242  SELECT nt.id, nt.title, nt.new_id
243  FROM '.NEWS_TRANSLATION_TABLE.' as nt
244  INNER JOIN '.NEWS_TABLE.' as n ON n.id = nt.new_id
245  WHERE n.status = \'private\'';
246$query_false .= (count($group_refused) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $group_refused).')': '';
247$query_false .= (count($refused_ids) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $refused_ids).')' : '';
248$query_false .= (count($group_authorized) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $group_authorized).')' : '';
249$query_false .= (count($authorized_ids) > 0) ? ' AND nt.new_id NOT IN ('.implode(',', $authorized_ids).')' : '';
250$query_false .= ' ORDER BY nt.new_id;';
251
252display_select_news_wrapper($query_false,array(),'news_option_false');
253
254
255// +-----------------------------------------------------------------------+
256// |                           sending html code                           |
257// +-----------------------------------------------------------------------+
258
259$template->assign_var_from_handle('NEWS_DOUBLE_SELECT', 'news_double_select');
260$template->assign_var_from_handle('ADMIN_CONTENT', 'news_admin_perm');
261?>
Note: See TracBrowser for help on using the repository browser.