Caravel CMS PHP Cross Reference Content Management Systems

Source: /apps/SimpleSecurity/SimpleSecurity.php - 141 lines - 5606 bytes - Summary - Text - Print

   1  <?php
   2  
   3  class SimpleSecurity extends App {
   4      function onSave() {
   5          if(isset($this->httpVars['blockID'])) {
   6              $context = 'mnTB=' . $this->httpVars['blockID'] . ',' . $this->ldapDN;
   7              $mode = 'block';
   8          } else {
   9              $context = $this->ldapDN;
  10              $mode = 'page';
  11          }
  12          $sitegroups = Security::getSiteGroups(T_ORG_DN, $this->ldap);
  13          
  14          $pv = array();
  15          if($mode == 'block') {
  16              foreach($sitegroups as $sdn => $sname) {
  17                  $pv[$sdn] = Security::getGroupLdapPrivilege($sdn, $this->ldap);
  18                  // set it to inherit and find what it would currently have as a priv
  19                  $oldset = $pv[$sdn]['block']['rights'];
  20                  $pv[$sdn][$context]['block']['rights'] = "";
  21                  $inherited = Security::getSingleBlockPrivilege($pv[$sdn], $context);
  22                  
  23                  // find out the new rating
  24                  if(in_array($sdn, $this->httpVars['admingroups'])) {
  25                      $rating = 2;
  26                  } else if(in_array($sdn, $this->httpVars['allowgroups'])) {
  27                      $rating = 1;
  28                  } else {
  29                      $rating = 0;
  30                  }
  31  
  32                  if($inherited == $rating) {
  33                      //then we need to remove the local block priv since it would inherit it anyhow
  34                      $block_arr['rights'] = "i";
  35                      Security::setLdapPrivileges($context, $sdn , $this->ldap, $block_arr);                
  36                  } else if($inherited != $rating) {
  37                      //then we need to set the local block priv to the right level
  38                      $block_arr['rights'] = $rating;
  39                      Security::setLdapPrivileges($context, $sdn , $this->ldap, $block_arr);
  40                  }
  41                   
  42              }
  43          } else {
  44              foreach($sitegroups as $sdn => $sname) {
  45                  $pv[$sdn] = Security::getGroupLdapPrivilege($sdn, $this->ldap);
  46                  $pv[$sdn][$context]['page']['visible'] = "";
  47                  $rating = (in_array($sdn, $this->httpVars['allowgroups'])) ? 1 : 0;
  48                  $inherited = Security::getSingleTypePrivilege($pv[$sdn], $context, 'page');
  49  
  50                  $inherited['visible'] = $rating;
  51                  Security::setLdapPrivileges($context, $sdn , $this->ldap, array(), $inherited);
  52                  if($sdn == 'cn=Public,ou=cvgroups,' . T_ORG_DN) {
  53                      if($this->section->status != 'library')
  54                          $this->section->status = ($rating == 0) ? 'development' : 'publish';
  55                       else
  56                          $this->section->libraryShow = $rating;
  57  
  58                      $res = $this->section->save();    
  59                  }
  60              }
  61          }
  62      }
  63      
  64      function getHeader() {
  65      }
  66      
  67      function getContent() {
  68          if(isset($this->httpVars['blockID'])) {
  69              $context = 'mnTB=' . $this->httpVars['blockID'] . ',' . $this->ldapDN;
  70              $mode = 'block';
  71          } else {
  72              $context = $this->ldapDN;
  73              $mode = 'page';
  74          }    
  75          $sitegroups = Security::getSiteGroups(T_ORG_DN, $this->ldap);
  76          
  77          $pv = array();
  78          foreach($sitegroups as $sdn => $sname) {
  79              $pv[$sdn] = Security::getGroupLdapPrivilege($sdn, $this->ldap);
  80              
  81              if($mode == 'block') {
  82                  switch(Security::getSingleBlockPrivilege($pv[$sdn], $context)) {
  83                      case 0: $denygroups[] = $sdn;
  84                              break;
  85                      case 1: $allowgroups[] = $sdn;
  86                              break;        
  87                      case 2: $admingroups[] = $sdn;
  88                              break;        
  89                  }
  90              } else {
  91                  $visi = Security::getSingleTypePrivilege($pv[$sdn], $context, 'page');
  92                  if($visi['visible'] == 1)
  93                      $allowgroups[] = $sdn;
  94              }    
  95          }    
  96          
  97          $f = FormWidget::init();
  98          $f->name('secform');
  99                  
 100          $f->html(Widget::getWizardHelp("Here you may set various group privileges."));
 101          $f->section();        
 102          
 103          /*
 104          $f->field('Deny Access:');
 105          $f->html('Select the groups you would like to deny viewing access to this block.<br/><span style="width: 3em;">&nbsp;</span>');
 106          $f->groupList('denygroups[]', @$denygroups, 0, 1, 10);        
 107          $f->html('<br />(Hold the Ctrl key while clicking to select multiple groups.)');
 108          */
 109  
 110          $f->field('Allow Access:');
 111          $f->html('Select the groups you would like to allow viewing access to this ' . $mode . '.<br/><span style="width: 3em;">&nbsp;</span>');
 112          $f->groupList('allowgroups[]', @$allowgroups, 0, 1, 10);
 113          $f->html('<br />(Hold the Ctrl key while clicking to select multiple groups.)'); 
 114          
 115          if($mode == 'block') {
 116              $f->field('Admin Access:');
 117              $f->html('Select the groups you would like to have admin access to this ' . $mode . '.<br/><span style="width: 3em;">&nbsp;</span>');
 118              $f->groupList('admingroups[]', @$admingroups, 0, 1, 10);
 119              $f->html('<br />(Hold the Ctrl key while clicking to select multiple groups.)');
 120          }    
 121          
 122          $popupLink = Utility::link($this->pathArray, array('_single' => 'tmpCaravelSecurity', 'block__tmpCaravelSecurity__page_from_link' => $this->ldapDN, 'block__tmpCaravelSecurity__tab_from_link' => 'members'));
 123          $onClick = "popup('$popupLink', 'Caravel Security', 1024, 740); return false;";
 124          $f->html('<br />&nbsp;<br />');
 125          $f->button('editgroups', 'Edit Groups', $onClick);
 126                  
 127          $f->endSection();
 128          
 129          if($mode == 'block')
 130              $f->hidden('blockID', $this->httpVars['blockID']);
 131          else    
 132              $f->hidden('pageID', $this->httpVars['pageID']);
 133          $f->hidden('mode', $mode);
 134          $f->html('<div style="float: right;padding-top: 15px;">');
 135          $f->defaultButtons();
 136          $f->html('</div>');       
 137          return $f->get();
 138      }
 139  }
 140      
 141  ?>

title

Description

title

Description

title

Description

title

title

Body