Location: PHPKode > projects > Homeless Mangement Information System > hmis/permissions.php
<?php
//*Client Data System, Copyright (C) 2000, 2001, 2002, 2003 Tedd Kelleher.  This is free software, subject to the 
//*GNU GENERAL PUBLIC LICENSE, Version 2, June 1991 (in file named gpl.txt), which should accompany 
//*any distribution of this file.  Tedd Kelleher can be contacted at hide@address.com

$page_access_levels = ":30:";
$page_title = "Set Permissions";
$page_id = "permissions";

////Header for every page that finds the include directory, connects to db, authenticates user access 
include("initialize_pointer.php");
if(!include($include_root."authenticate.inc")){echo "No Authentication"; exit; };

	
include($include_root."Questions_into_array_class.inc");
//include($include_root."questions_display_edit.inc");
include($include_root."questions_display.inc");
//include($include_root."Questions_answers_validation_class.inc");
include($include_root."head.inc");	
include($include_root."template_parser.inc");
include($include_root."Questions_answers_validation_class.inc");
//include($include_root."edit_questions_class.inc");
include($include_root."reports_class.inc");
include($include_root."page_elements_display.inc");
include($include_root."user_info_functions.inc");
include($include_root."permissions_class.inc");

if ( ereg ( '[0-9]', $_POST['edit_group'] ) && ereg ( '[0-9]', $org_id )  )   {
    
        //Pull a list of all the household reports; Function in reports_class.inc
        $ALL_reports_array = pull_names_of_reports ( 'ALL' );
        $client_id_reports_array = pull_names_of_reports ( 'client_identifier' );
        $client_reports_array = pull_names_of_reports ( 'client' );
        $hh_reports_array = pull_names_of_reports ( 'household' );
        
        
        $perms = new Permissions ( $org_id );       
        transaction_begin ( 'Change reports and users associated with group' );
        $perms->process_group_report_permission_changes ( $_POST['edit_group'], $ALL_reports_array, $_POST ); 
        $perms->process_group_report_permission_changes ( $_POST['edit_group'], $client_id_reports_array, $_POST );     
        $perms->process_group_report_permission_changes ( $_POST['edit_group'], $client_reports_array, $_POST );
        $perms->process_group_report_permission_changes ( $_POST['edit_group'], $hh_reports_array, $_POST );
        $perms->process_group_user_permission_changes ( $user_id, $_POST['edit_group'], $_POST['user_in_group'] );
        $perms->process_group_user_permission_changes_notification ( $user_id, $_POST['edit_group'], $_POST['user_in_group_notification'] );
        $perms->process_group_org_permission_changes ( $_POST['edit_group'], $_POST['org_in_group'] );
        transaction_commit ();
        $groups_vars = $perms->pull_group_info ( $_POST['edit_group'] );
        
        $tag_values["{EDIT_GROUP}"] .= "<table><tr><td class=\"generictabletop\">".$groups_vars["group_name"]."</td></tr></table><p/>";
        $tag_values["{EDIT_GROUP}"] .= form_start ();
        $tag_values["{EDIT_GROUP}"] .= display_permission_group_report_settings ( $org_id, $_POST['edit_group'] );        
        $tag_values["{EDIT_GROUP}"] .= display_permission_group_user_settings ( $org_id, $user_id, $_POST['edit_group'] );
        $tag_values["{EDIT_GROUP}"] .= display_permission_group_org_settings ( $org_id, $_POST['edit_group'] );        
        $tag_values["{EDIT_GROUP}"] .= display_hidden_form_values ( "edit_group", $_POST['edit_group'] );
        $tag_values["{EDIT_GROUP}"] .= form_end ( "Submit permissions changes" );
        
    
}


//If asked to open group, display group settings....
elseif ( ereg ( "[0-9]", $_GET['open_group'] ) &&  ereg ( "[0-9]", $org_id ) )    {
    
    $perms = new Permissions ( $org_id ); 
    
    $groups_vars = $perms->pull_group_info ( $_GET['open_group'] );
    
    $tag_values["{OPEN_GROUP}"] .= "<table><tr><td class=\"generictabletop\">".$groups_vars["group_name"]."</td></tr></table><p/>";
    $tag_values["{OPEN_GROUP}"] .= form_start ();
    $tag_values["{OPEN_GROUP}"] .= display_permission_group_report_settings ( $org_id, $_GET['open_group'] );
    $tag_values["{OPEN_GROUP}"] .= display_permission_group_user_settings ( $org_id, $user_id, $_GET['open_group'] );
    $tag_values["{OPEN_GROUP}"] .= display_permission_group_org_settings ( $org_id, $_GET['open_group'] );       
    $tag_values["{OPEN_GROUP}"] .= display_hidden_form_values	( 'edit_group', $_GET['open_group'] );
    $tag_values["{OPEN_GROUP}"] .= form_end ( "Submit permissions changes" );
}


//If asked to create new permissions group, process request
elseif ( ereg ( "[a-zA-Z0-9 ]", $_POST['new_per_group'] ) && ereg ( "[0-9]", $org_id ) ) {
    
    $perms = new Permissions ( $org_id );
    transaction_begin ( 'Create new permissions group' );
    $new_per_group_id = $perms->process_new_group_creation ( $org_id, $user_id, $_POST['new_per_group'] );
    //echo "Creating new group with id: ".$new_per_group_id."<p/>";
     transaction_commit ();
    
    $groups_vars = $perms->pull_group_info ( $new_per_group_id );    
    $tag_values["{CREATE_GROUP}"] .= "<table><tr><td class=\"generictabletop\">".$groups_vars['group_name']."</td></tr></table><p/>";    
    $tag_values["{CREATE_GROUP}"] .= form_start ();
    $tag_values["{CREATE_GROUP}"] .= display_permission_group_report_settings ( $org_id, $new_per_group_id );
    $tag_values["{CREATE_GROUP}"] .= display_permission_group_user_settings ( $org_id, $user_id, $new_per_group_id );
    $tag_values["{CREATE_GROUP}"] .= display_permission_group_org_settings ( $org_id, $new_per_group_id );       
    $tag_values["{CREATE_GROUP}"] .= display_hidden_form_values	( 'edit_group', $new_per_group_id );
    $tag_values["{CREATE_GROUP}"] .= form_end ();
}


//...default, so display list of groups that can be edited by user
else {

    
    if ( ereg ( "[0-9]", $org_id ) )  {
        //echo display_orgs_permission_groups_table ( $_SESSION['org_id'] );
        $tag_values["{LIST_GROUPS}"] .= display_orgs_permission_groups_table ( $org_id );
        $tag_values["{LIST_GROUPS}"] .= display_orgs_permission_add_group_table ( );
    }
    else {
        echo $org_id;
        echo "Bad cookie"; exit;
    }


}


$tag_values["{PAGE TITLE}"] = page_title_table();
$tag_values["{MENU}"] = menu();
$tag_values["{HEAD}"] = head ($page_title, $head_page_specific, $head_dynamic_style);
$tag_values["{FOOTER}"] = footer();


template_parser ("generic.html", $tag_values);



//////////////////////////////////////////

//class Display_orgs_permission_groups_table  {
function display_orgs_permission_groups_table ( $org_id )    {
    GLOBAL $this_page, $unique_seq;     

    $ht = "<table>";

    $perms = new Permissions ( $org_id ); 

    foreach ( $perms->pull_owned_groups_info () AS $cur_grp )  {
        $ht .= "<tr><td>";
        $ht .= "<a href=\"".$this_page."?open_group=".$cur_grp['per_group_id']."\">".$cur_grp['group_name']."</a>";
        $ht .= "</td></tr>";

    }

    $ht .= "</table>";    

    return $ht;
    
    
}     
    


function display_permission_group_report_settings ( $org_id, $group_id )  {
    GLOBAL $this_page;

    $perms = new Permissions ( $org_id );
    //echo "Org id is: ".$org_id."<p>";
    if ( $perms->check_permission_to_edit_group ( $group_id ) == 1 )    {
        
        //Pull the permissions for this permission group into an array
        $hh_reports_permissions_array = $perms->pull_group_report_permissions ( $group_id ); 
        
        //Pull a list of all the household reports; Function in reports_class.inc
        $ALL_reports_array = pull_names_of_reports ( 'ALL' );
        $client_id_reports_array = pull_names_of_reports ( 'client_identifier' );
        $client_reports_array = pull_names_of_reports ( 'client' );
        $hh_reports_array = pull_names_of_reports ( 'household' );
        
        
        $ht .= "<table class=\"generictable\">";
        
        $ht .= "\n<td class=\"headlinesub\" colspan=\"4\">ALL FORMS - Defines overriding permissions for all the forms below</td>";
        
        foreach ( $ALL_reports_array AS $cur_rpt_array )    {
            //$ht .= $cur_rpt_array["report_title"]."<br>";
            $ht .= "<tr>";
            //$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
            $ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
            //$ht .= "<td>";
            $ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
            
            //$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
            //$ht .= "</td>";
            $ht .= "</tr>";
        
        }
        $ht .= '</table><br/>';
        
        
        $ht .= "<table class=\"generictable\">";
        
        $ht .= "\n<td class=\"headlinesub\" colspan=\"4\">Client Identifier Form Permissions</td>";
        
        foreach ( $client_id_reports_array AS $cur_rpt_array )    {
            //$ht .= $cur_rpt_array["report_title"]."<br>";
            $ht .= "<tr>";
            //$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
            $ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
            //$ht .= "<td>";
            $ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
            
            //$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
            //$ht .= "</td>";
            $ht .= "</tr>";
        
        }
        $ht .= '</table><br/>';
        
        
        $ht .= "<table class=\"generictable\">";
        
        $ht .= "\n<td class=\"headlinesub\" colspan=\"4\">Client Form Permissions</td>";
        
        foreach ( $client_reports_array AS $cur_rpt_array )    {
            //$ht .= $cur_rpt_array["report_title"]."<br>";
            $ht .= "<tr>";
            //$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
            $ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
            //$ht .= "<td>";
            $ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
            
            //$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
            //$ht .= "</td>";
            $ht .= "</tr>";
        
        }
        $ht .= '</table><br/>';
        
        $ht .= "<table class=\"generictable\">";
        
        $ht .= "\n<td class=\"headlinesub\" colspan=\"4\">Household Form Permissions</td>";
        
        foreach ( $hh_reports_array AS $cur_rpt_array )    {
            //$ht .= $cur_rpt_array["report_title"]."<br>";
            $ht .= "<tr>";
            //$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
            $ht .= "\n<td class=\"generictd\">".$cur_rpt_array["report_title"]."</td>";
            //$ht .= "<td>";
            $ht .= display_permission_group_report_checkboxes ( $cur_rpt_array["report_type_id"], $hh_reports_permissions_array[$cur_rpt_array["report_type_id"]] );
            
            //$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
            //$ht .= "</td>";
            $ht .= "</tr>";
        
        }
        $ht .= "</table>";
    
    }
    else {
        echo "No permission to edit permissions groupPP"; exit;
    
    }

    return $ht;


}



function display_permission_group_report_checkboxes ( $report_type_id, $rpt_per_array ) {
    
    $ht .= "<td class=\"generictd\">Create<input type=\"checkbox\" name=\"".$report_type_id."[create]\" value=\"yes\" ";
    if ( $rpt_per_array['create_rpt'] == 1 )    {
        $ht .= "checked=\"checked\"";    
    }
    $ht .= "></td>";
    
    $ht .= "<td class=\"generictd\">Read<input type=\"checkbox\" name=\"".$report_type_id."[read]\" value=\"yes\" ";
    if ( $rpt_per_array['read_rpt'] == 1 )    {
        $ht .= "checked=\"checked\"";    
    }
    $ht .= "></td>";
    
    $ht .= "<td class=\"generictd\">Edit<input type=\"checkbox\" name=\"".$report_type_id."[edit]\" value=\"yes\" ";
    if ( $rpt_per_array['edit_rpt'] == 1 )    {
        $ht .= "checked=\"checked\"";    
    }
    $ht .= "></td>";
    
    return $ht;


}



function process_permission_group_report_checkboxes ( )  {


}


function display_orgs_permission_add_group_table ( )  {
    $ht .= form_start ();
    $ht .= "<table><tr>";
    $ht .= "<td>Add new permissions group ";
    $ht .= "<input type=\"text\" maxLength=100 size=60 name=\"new_per_group\" value=\"\"><p/>";
    $ht .= form_end ();
    $ht .= "</td>";
    $ht .= "</tr></table>";
    
    return $ht;
    

}



function display_permission_group_user_settings ( $org_id, $user_id, $per_group_id )  {
    GLOBAL $message, $message_type;
    
    $perms = new Permissions ( $org_id );
    $users_in_group = $perms->pull_group_user_permissions ( $per_group_id );
    $users_in_group_notification = $perms->pull_group_user_permissions_notification ( $per_group_id );
    
    if ( $perms->check_permission_to_edit_group ( $per_group_id ) == 1 )    {
    
        //From user_info_functions.inc
        $users_in_org_array = pull_associated_users_variables ( $user_id, 30 );
        //var_dump ( $users_in_org_array );


        $ht .= "<p/><table class=\"generictable\">";
        $ht .= "<tr>";
        $ht .= "\n<td class=\"headlinesub\" colspan=\"3\">Users</td>";
        $ht .= "</tr><tr>"; 
        $ht .= "\n<td class=\"headlinesub\" >Name</td>";
        $ht .= "\n<td class=\"headlinesub\" >Included in group</td>";
        $ht .= "\n<td class=\"headlinesub\" >Notified by email when reports are accessed</td>";
        $ht .= "</tr><tr>";        
        $ht .= "\n<td class=\"generictd\">ALL USERS</td>";
        
        $ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"user_in_group[1]\" value=\"yes\" ";
        if ( $users_in_group[1] )    {
            $ht .= "checked=\"checked\"";
            $permitted_user_counter++;    
        }
        $ht .= "></td><td>&nbsp;</td>";
        $ht .= "</tr>";
        if ( is_array ( $users_in_org_array ) ) {
            foreach ( $users_in_org_array AS $cur_user )    {
                //$ht .= $cur_rpt_array["report_title"]."<br>";
                $ht .= "<tr>";
                //$ht .= "<a href=\"".$this_page."\">".$cur_rpt_array["report_title"]."</a>";
                $ht .= "\n<td class=\"generictd\">".$cur_user['user_name_last'].", ".$cur_user['user_name_first']."</td>";
                //$ht .= "<td>";
                $ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"user_in_group[".$cur_user['user_id']."]\" value=\"yes\" ";
                
                if ( $users_in_group[$cur_user['user_id']] )    {
                    $ht .= "checked=\"checked\"";
                    $permitted_user_counter++;
                }
                $ht .= "></td>";
                
                $ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"user_in_group_notification[".$cur_user['user_id']."]\" value=\"yes\" ";
                
                if ( $users_in_group_notification[$cur_user['user_id']] )    {
                    $ht .= "checked=\"checked\"";
                    $permitted_user_counter++;
                }
                $ht .= "></td>";
                
                //echo $cur_user['user_name_last']."<p>";
                //$ht .= "<td>".$hh_reports_permissions_array[$cur_rpt_array["report_type_id"]]["create"]."</td>";
                //$ht .= "</td>";
                $ht .= "</tr>";

            }
        }
        
        if ( $permitted_user_counter < 1 ) {
            $message .= 'No user is associated with group, making the group useless. Add at least one user to make the group functional. ';
            $message_type = 'error';    
            
        }
        
        $ht .= '</table><br/>';

        return $ht;
    }

}


//function process_orgs_permission_added_group () {
//run_query_return_array ($sql, $error_message, $use_array_key="") 

//}

function display_permission_group_org_settings ( $org_id, $per_group_id )  {
    GLOBAL $message, $message_type, $organization_term;

    $perms = new Permissions ( $org_id );
    $orgs_in_group = $perms->pull_group_organization_permissions ( $per_group_id );
        
    if ( $perms->check_permission_to_edit_group ( $per_group_id ) == 1 )    {
    
        //From user_info_functions.inc
        //$orgs_in_org_array = pull_associated_users_variables ( $user_id, 30 );
        //var_dump ( $users_in_org_array );
        $sql = "SELECT * FROM organizations WHERE org_type = 'org' ORDER BY org_name";
        $orgs_array = run_query_return_array ($sql, 'Pulling array of orgs', 'org_id') ;


        $ht .= "<p/><table class=\"generictable\">";

        $ht .= "\n<td class=\"headlinesub\" colspan=\"2\">".$organization_term."s in Group</td>";
        $ht .= "<tr>";        
        $ht .= "\n<td class=\"generictd\">ALL ".strtoupper($organization_term)."S</td>";
        
        $ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"org_in_group[1]\" value=\"yes\" ";
        if ( $orgs_in_group[1] )    {
            $ht .= "checked=\"checked\"";
            $permitted_org_counter++;    
        }
        $ht .= "></td>";
        $ht .= "</tr>";

        foreach ( $orgs_array AS $cur_org )    {
            $ht .= "<tr>";            
            $ht .= "\n<td class=\"generictd\">".$cur_org['org_name']."</td>";            
            $ht .= "<td class=\"generictd\"><input type=\"checkbox\" name=\"org_in_group[".$cur_org['org_id']."]\" value=\"yes\" ";
            if ( $orgs_in_group[$cur_org['org_id']] )    {
                $ht .= "checked=\"checked\"";
                $permitted_org_counter++;    
            }
            $ht .= "></td>";
            
            $ht .= "</tr>";

        }
        $ht .= '</table><br/>';
        
        if ( $permitted_org_counter < 1 ) {
            $message .= 'No '.$organization_term.' is associated with group, making the group useless. Add at least one organzation (such as your
            own) to make the group functional. ';
            $message_type = 'error';    
            
        }

        return $ht;
    }
    


}


?>
Return current item: Homeless Mangement Information System