<?php
//*Client Data System, Copyright (C) 2000, 2001, 2002, 2003 Tedd Kelleher. This is free software, subject to the
//*GNU GENERAL PUBLIC LICENSE, Version 2, June 1991 (in file named gpl.txt), which should accompany
//*any distribution of this file. Tedd Kelleher can be contacted at hide@address.com
$page_access_levels = ":30:";
$page_title = "Set Permissions";
$page_id = "permissions";
////Header for every page that finds the include directory, connects to db, authenticates user access
include("initialize_pointer.php");
if(!include($include_root."authenticate.inc")){echo "No Authentication"; exit; };
include($include_root."Questions_into_array_class.inc");
//include($include_root."questions_display_edit.inc");
include($include_root."questions_display.inc");
//include($include_root."Questions_answers_validation_class.inc");
include($include_root."head.inc");
include($include_root."template_parser.inc");
include($include_root."Questions_answers_validation_class.inc");
//include($include_root."edit_questions_class.inc");
include($include_root."reports_class.inc");
include($include_root."page_elements_display.inc");
include($include_root."user_info_functions.inc");
include($include_root."permissions_class.inc");
if ( ereg ( '[0-9]', $_POST['edit_group'] ) && ereg ( '[0-9]', $org_id ) ) {
//Pull a list of all the household reports; Function in reports_class.inc
$ALL_reports_array = pull_names_of_reports ( 'ALL' );
$client_id_reports_array = pull_names_of_reports ( 'client_identifier' );
$client_reports_array = pull_names_of_reports ( 'client' );
$hh_reports_array = pull_names_of_reports ( 'household' );
$perms = new Permissions ( $org_id );
transaction_begin ( 'Change reports and users associated with group' );
$perms->process_group_report_permission_changes ( $_POST['edit_group'], $ALL_reports_array, $_POST );
$perms->process_group_report_permission_changes ( $_POST['edit_group'], $client_id_reports_array, $_POST );
$perms->process_group_report_permission_changes ( $_POST['edit_group'], $client_reports_array, $_POST );
$perms->process_group_report_permission_changes ( $_POST['edit_group'], $hh_reports_array, $_POST );
$perms->process_group_user_permission_changes ( $user_id, $_POST['edit_group'], $_POST['user_in_group'] );
$perms->process_group_user_permission_changes_notification ( $user_id, $_POST['edit_group'], $_POST['user_in_group_notification'] );
$perms->process_group_org_permission_changes ( $_POST['edit_group'], $_POST['org_in_group'] );
transaction_commit ();
$groups_vars = $perms->pull_group_info ( $_POST['edit_group'] );
$tag_values["{EDIT_GROUP}"] .= "<table><tr><td class=\"generictabletop\">".$groups_vars["group_name"]."</td></tr></table><p/>";
$tag_values["{EDIT_GROUP}"] .= form_start ();
$tag_values["{EDIT_GROUP}"] .= display_permission_group_report_settings ( $org_id, $_POST['edit_group'] );
$tag_values["{EDIT_GROUP}"] .= display_permission_group_user_settings ( $org_id, $user_id, $_POST['edit_group'] );
$tag_values["{EDIT_GROUP}"] .= display_permission_group_org_settings ( $org_id, $_POST['edit_group'] );
$tag_values["{EDIT_GROUP}"] .= display_hidden_form_values ( "edit_group", $_POST['edit_group'] );
$tag_values["{EDIT_GROUP}"] .= form_end ( "Submit permissions changes" );
}
//If asked to open group, display group settings....
elseif ( ereg ( "[0-9]", $_GET['open_group'] ) && ereg ( "[0-9]", $org_id ) ) {
$perms = new Permissions ( $org_id );
$groups_vars = $perms->pull_group_info ( $_GET['open_group'] );
$tag_values["{OPEN_GROUP}"] .= "<table><tr><td class=\"generictabletop\">".$groups_vars["group_name"]."</td></tr></table><p/>";
$tag_values["{OPEN_GROUP}"] .= form_start ();
$tag_values["{OPEN_GROUP}"] .= display_permission_group_report_settings ( $org_id, $_GET['open_group'] );
$tag_values["{OPEN_GROUP}"] .= display_permission_group_user_settings ( $org_id, $user_id, $_GET['open_group'] );
$tag_values["{OPEN_GROUP}"] .= display_permission_group_org_settings ( $org_id, $_GET['open_group'] );
$tag_values["{OPEN_GROUP}"] .= display_hidden_form_values ( 'edit_group', $_GET['open_group'] );
$tag_values["{OPEN_GROUP}"] .= form_end ( "Submit permissions changes" );
}
//If asked to create new permissions group, process request
elseif ( ereg ( "[a-zA-Z0-9 ]", $_POST['new_per_group'] ) && ereg ( "[0-9]", $org_id ) ) {
$perms = new Permissions ( $org_id );
transaction_begin ( 'Create new permissions group' );
$new_per_group_id = $perms->process_new_group_creation ( $org_id, $user_id, $_POST['new_per_group'] );
//echo "Creating new group with id: ".$new_per_group_id."<p/>";
transaction_commit ();
$groups_vars = $perms->pull_group_info ( $new_per_group_id );
$tag_values["{CREATE_GROUP}"] .= "<table><tr><td class=\"generictabletop\">".$groups_vars['group_name']."</td></tr></table><p/>";
$tag_values["{CREATE_GROUP}"] .= form_start ();
$tag_values["{CREATE_GROUP}"] .= display_permission_group_report_settings ( $org_id, $new_per_group_id );
$tag_values["{CREATE_GROUP}"] .= display_permission_group_user_settings ( $org_id, $user_id, $new_per_group_id );
$tag_values["{CREATE_GROUP}"] .= display_permission_group_org_settings ( $org_id, $new_per_group_id );
$tag_values["{CREATE_GROUP}"] .= display_hidden_form_values ( 'edit_group', $new_per_group_id );
$tag_values["{CREATE_GROUP}"] .= form_end ();
}
//...default, so display list of groups that can be edited by user
else {
if ( ereg ( "[0-9]", $org_id ) ) {
//echo display_orgs_permission_groups_table ( $_SESSION['org_id'] );
$tag_values["{LIST_GROUPS}"] .= display_orgs_permission_groups_table ( $org_id );
$tag_values["{LIST_GROUPS}"] .= display_orgs_permission_add_group_table ( );
}
else {
echo $org_id;
echo "Bad cookie"; exit;
}
}
$tag_values["{PAGE TITLE}"] = page_title_table();
$tag_values["{MENU}"] = menu();
$tag_values["{HEAD}"] = head ($page_title, $head_page_specific, $head_dynamic_style);
$tag_values["{FOOTER}"] = footer();
template_parser ("generic.html", $tag_values);
//////////////////////////////////////////
//class Display_orgs_permission_groups_table {
function display_orgs_permission_groups_table ( $org_id ) {
GLOBAL $this_page, $unique_seq;
$ht = "<table>";
$perms = new Permissions ( $org_id );
foreach ( $perms->pull_owned_groups_info () AS $cur_grp ) {
$ht .= "<tr><td>";
$ht .= "<a href=\"".$this_page."?open_group=".$cur_grp['per_group_id']."\">".$cur_grp['group_name']."</a>";
$ht .= "</td></tr>";
}
$ht .= "</table>";
return $ht;
}
function display_permission_group_report_settings ( $org_id, $group_id ) {
GLOBAL $this_page;
$perms = new Permissions ( $org_id );
//echo "Org id is: ".$org_id."<p>";
if ( $perms->check_permission_to_edit_group ( $group_id ) == 1 ) {
//Pull the permissions for this permission group into an array
$hh_reports_permissions_array = $perms->pull_group_report_permissions ( $group_id );
//Pull a list of all the household reports; Function in reports_class.inc
$ALL_reports_array = pull_names_of_reports ( 'ALL' );
$client_id_reports_array = pull_names_of_reports ( 'client_identifier' );
$client_reports_array = pull_names_of_reports ( 'client' );
$hh_reports_array = pull_names_of_reports ( 'household' );
$ht .= "<table class=\"generictable\">";
$ht .= "\n<td class=\"headlinesub\" colspan=\"4\">ALL FORMS - Defines overriding permissions for all the forms below</td>";
foreach ( $ALL_reports_array AS $cur_rpt_array ) {
//$ht .= $cur_rpt_array["report_title"]."<br>";
$ht .= "<tr>";
//$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
$ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
//$ht .= "<td>";
$ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
//$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
//$ht .= "</td>";
$ht .= "</tr>";
}
$ht .= '</table><br/>';
$ht .= "<table class=\"generictable\">";
$ht .= "\n<td class=\"headlinesub\" colspan=\"4\">Client Identifier Form Permissions</td>";
foreach ( $client_id_reports_array AS $cur_rpt_array ) {
//$ht .= $cur_rpt_array["report_title"]."<br>";
$ht .= "<tr>";
//$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
$ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
//$ht .= "<td>";
$ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
//$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
//$ht .= "</td>";
$ht .= "</tr>";
}
$ht .= '</table><br/>';
$ht .= "<table class=\"generictable\">";
$ht .= "\n<td class=\"headlinesub\" colspan=\"4\">Client Form Permissions</td>";
foreach ( $client_reports_array AS $cur_rpt_array ) {
//$ht .= $cur_rpt_array["report_title"]."<br>";
$ht .= "<tr>";
//$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
$ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
//$ht .= "<td>";
$ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
//$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
//$ht .= "</td>";
$ht .= "</tr>";
}
$ht .= '</table><br/>';
$ht .= "<table class=\"generictable\">";
$ht .= "\n<td class=\"headlinesub\" colspan=\"4\">Household Form Permissions</td>";
foreach ( $hh_reports_array AS $cur_rpt_array ) {
//$ht .= $cur_rpt_array["report_title"]."<br>";
$ht .= "<tr>";
//$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
$ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
//$ht .= "<td>";
$ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
//$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
//$ht .= "</td>";
$ht .= "</tr>";
}
$ht .= "</table>";
}
else {
echo "No permission to edit permissions groupPP"; exit;
}
return $ht;
}
function display_permission_group_report_checkboxes ( $report_type_id, $rpt_per_array ) {
$ht .= "<td class=\"generictd\">Create<input type=\"checkbox\" name=\"".$report_type_id."[create]\" value=\"yes\" ";
if ( $rpt_per_array['create_rpt'] == 1 ) {
$ht .= "checked=\"checked\"";
}
$ht .= "></td>";
$ht .= "<td class=\"generictd\">Read<input type=\"checkbox\" name=\"".$report_type_id."[read]\" value=\"yes\" ";
if ( $rpt_per_array['read_rpt'] == 1 ) {
$ht .= "checked=\"checked\"";
}
$ht .= "></td>";
$ht .= "<td class=\"generictd\">Edit<input type=\"checkbox\" name=\"".$report_type_id."[edit]\" value=\"yes\" ";
if ( $rpt_per_array['edit_rpt'] == 1 ) {
$ht .= "checked=\"checked\"";
}
$ht .= "></td>";
return $ht;
}
function process_permission_group_report_checkboxes ( ) {
}
function display_orgs_permission_add_group_table ( ) {
$ht .= form_start ();
$ht .= "<table><tr>";
$ht .= "<td>Add new permissions group ";
$ht .= "<input type=\"text\" maxLength=100 size=60 name=\"new_per_group\" value=\"\"><p/>";
$ht .= form_end ();
$ht .= "</td>";
$ht .= "</tr></table>";
return $ht;
}
function display_permission_group_user_settings ( $org_id, $user_id, $per_group_id ) {
GLOBAL $message, $message_type;
$perms = new Permissions ( $org_id );
$users_in_group = $perms->pull_group_user_permissions ( $per_group_id );
$users_in_group_notification = $perms->pull_group_user_permissions_notification ( $per_group_id );
if ( $perms->check_permission_to_edit_group ( $per_group_id ) == 1 ) {
//From user_info_functions.inc
$users_in_org_array = pull_associated_users_variables ( $user_id, 30 );
//var_dump ( $users_in_org_array );
$ht .= "<p/><table class=\"generictable\">";
$ht .= "<tr>";
$ht .= "\n<td class=\"headlinesub\" colspan=\"3\">Users</td>";
$ht .= "</tr><tr>";
$ht .= "\n<td class=\"headlinesub\" >Name</td>";
$ht .= "\n<td class=\"headlinesub\" >Included in group</td>";
$ht .= "\n<td class=\"headlinesub\" >Notified by email when reports are accessed</td>";
$ht .= "</tr><tr>";
$ht .= "\n<td class=\"generictd\">ALL USERS</td>";
$ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"user_in_group[1]\" value=\"yes\" ";
if ( $users_in_group[1] ) {
$ht .= "checked=\"checked\"";
$permitted_user_counter++;
}
$ht .= "></td><td> </td>";
$ht .= "</tr>";
if ( is_array ( $users_in_org_array ) ) {
foreach ( $users_in_org_array AS $cur_user ) {
//$ht .= $cur_rpt_array["report_title"]."<br>";
$ht .= "<tr>";
//$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
$ht .= "\n<td class=\"generictd\">".$cur_user['user_name_last'].", ".$cur_user['user_name_first']."</td>";
//$ht .= "<td>";
$ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"user_in_group[".$cur_user['user_id']."]\" value=\"yes\" ";
if ( $users_in_group[$cur_user['user_id']] ) {
$ht .= "checked=\"checked\"";
$permitted_user_counter++;
}
$ht .= "></td>";
$ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"user_in_group_notification[".$cur_user['user_id']."]\" value=\"yes\" ";
if ( $users_in_group_notification[$cur_user['user_id']] ) {
$ht .= "checked=\"checked\"";
$permitted_user_counter++;
}
$ht .= "></td>";
//echo $cur_user['user_name_last']."<p>";
//$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
//$ht .= "</td>";
$ht .= "</tr>";
}
}
if ( $permitted_user_counter < 1 ) {
$message .= 'No user is associated with group, making the group useless. Add at least one user to make the group functional. ';
$message_type = 'error';
}
$ht .= '</table><br/>';
return $ht;
}
}
//function process_orgs_permission_added_group () {
//run_query_return_array ($sql, $error_message, $use_array_key="")
//}
function display_permission_group_org_settings ( $org_id, $per_group_id ) {
GLOBAL $message, $message_type, $organization_term;
$perms = new Permissions ( $org_id );
$orgs_in_group = $perms->pull_group_organization_permissions ( $per_group_id );
if ( $perms->check_permission_to_edit_group ( $per_group_id ) == 1 ) {
//From user_info_functions.inc
//$orgs_in_org_array = pull_associated_users_variables ( $user_id, 30 );
//var_dump ( $users_in_org_array );
$sql = "SELECT * FROM organizations WHERE org_type = 'org' ORDER BY org_name";
$orgs_array = run_query_return_array ($sql, 'Pulling array of orgs', 'org_id') ;
$ht .= "<p/><table class=\"generictable\">";
$ht .= "\n<td class=\"headlinesub\" colspan=\"2\">".$organization_term."s in Group</td>";
$ht .= "<tr>";
$ht .= "\n<td class=\"generictd\">ALL ".strtoupper($organization_term)."S</td>";
$ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"org_in_group[1]\" value=\"yes\" ";
if ( $orgs_in_group[1] ) {
$ht .= "checked=\"checked\"";
$permitted_org_counter++;
}
$ht .= "></td>";
$ht .= "</tr>";
foreach ( $orgs_array AS $cur_org ) {
$ht .= "<tr>";
$ht .= "\n<td class=\"generictd\">".$cur_org['org_name']."</td>";
$ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"org_in_group[".$cur_org['org_id']."]\" value=\"yes\" ";
if ( $orgs_in_group[$cur_org['org_id']] ) {
$ht .= "checked=\"checked\"";
$permitted_org_counter++;
}
$ht .= "></td>";
$ht .= "</tr>";
}
$ht .= '</table><br/>';
if ( $permitted_org_counter < 1 ) {
$message .= 'No '.$organization_term.' is associated with group, making the group useless. Add at least one organzation (such as your
own) to make the group functional. ';
$message_type = 'error';
}
return $ht;
}
}
?>