diff --git a/action.php b/action.php
index e1577f5..3f67937 100644
--- a/action.php
+++ b/action.php
@@ -115,7 +115,7 @@ switch ($VARS['action']) {
}
$manager = getUserByUsername($VARS['manager'])['uid'];
$already_assigned = $database->select('managers', 'employeeid', ['managerid' => $manager]);
-
+
foreach ($VARS['employees'] as $u) {
if (!user_exists($u)) {
returnToSender("user_not_exists", htmlentities($u));
@@ -149,12 +149,35 @@ switch ($VARS['action']) {
}
$database->delete('managers', ['AND' => ['managerid' => $VARS['mid'], 'employeeid' => $VARS['eid']]]);
returnToSender("relationship_deleted");
+ case "editperms":
+ if (!$database->has('accounts', ['username' => $VARS['user']])) {
+ returnToSender("invalid_userid");
+ }
+ $uid = $database->select('accounts', 'uid', ['username' => $VARS['user']])[0];
+ $already_assigned = $database->select('assigned_permissions', 'permid', ['uid' => $uid]);
+ $permids = [];
+ foreach ($VARS['permissions'] as $perm) {
+ if (!$database->has('permissions', ['permcode' => $perm])) {
+ returnToSender("permission_not_exists", htmlentities($perm));
+ }
+
+ $permid = $database->get('permissions', 'permid', ['permcode' => $perm]);
+ $permids[] = $permid;
+ $already_assigned = array_diff($already_assigned, [$permid]); // Remove permission from old list
+ }
+ foreach ($already_assigned as $permid) {
+ $database->delete('assigned_permissions', ["AND" => ['uid' => $uid, 'permid' => $permid]]);
+ }
+ foreach ($permids as $permid) {
+ $database->insert('assigned_permissions', ['uid' => $uid, 'permid' => $permid]);
+ }
+ returnToSender("permissions_assigned", "", ["user" => $VARS['user']]);
case "addpermission":
if (!$database->has('accounts', ['username' => $VARS['user']])) {
returnToSender("invalid_userid");
}
if (!$database->has('permissions', ['permcode' => $VARS['perm']])) {
- returnToSender("permission_not_exists");
+ returnToSender("permission_not_exists", htmlentities($VARS['perm']));
}
$uid = $database->select('accounts', 'uid', ['username' => $VARS['user']])[0];
$pid = $database->select('permissions', 'permid', ['permcode' => $VARS['perm']])[0];
@@ -165,7 +188,7 @@ switch ($VARS['action']) {
returnToSender("invalid_userid");
}
if (!$database->has('permissions', ['permid' => $VARS['pid']])) {
- returnToSender("permission_not_exists");
+ returnToSender("permission_not_exists", htmlentities($VARS['pid']));
}
$database->delete('assigned_permissions', ['AND' => ['uid' => $VARS['uid'], 'permid' => $VARS['pid']]]);
returnToSender("permission_deleted");
diff --git a/lang/en_us.php b/lang/en_us.php
index f9c1c41..c073014 100644
--- a/lang/en_us.php
+++ b/lang/en_us.php
@@ -78,7 +78,7 @@ define("STRINGS", [
"delete permission" => "Delete Permission",
"adding permission" => "Adding Permission",
"user" => "User",
- "permission does not exist" => "Permission does not exist.",
+ "permission does not exist" => "Permission does not exist: {arg}",
"really delete permission" => "Are you sure you want to revoke this permission?",
"permission added" => "Permission assigned.",
"permission deleted" => "Permission deleted.",
@@ -107,5 +107,9 @@ define("STRINGS", [
"manager username" => "Mgr. Username",
"employee name" => "Employee",
"employee username" => "Emp. Username",
- "permission id" => "Perm. ID"
+ "permission id" => "Perm. ID",
+ "permissions assigned" => "Permissions assigned.",
+ "type to select a user" => "Type to select a user",
+ "type to add a permission" => "Type to add a permission",
+ "select a user to view or edit permissions" => "Select a user to view or edit the assigned permissions."
]);
\ No newline at end of file
diff --git a/lang/messages.php b/lang/messages.php
index 98c933a..b4cfa18 100644
--- a/lang/messages.php
+++ b/lang/messages.php
@@ -45,6 +45,10 @@ define("MESSAGES", [
"string" => "permission does not exist",
"type" => "danger"
],
+ "permissions_assigned" => [
+ "string" => "permissions assigned",
+ "type" => "success"
+ ],
"permission_added" => [
"string" => "permission added",
"type" => "success"
diff --git a/pages.php b/pages.php
index 532de8e..0294dc6 100644
--- a/pages.php
+++ b/pages.php
@@ -64,29 +64,13 @@ define("PAGES", [
"title" => "permissions",
"navbar" => true,
"icon" => "key",
- "styles" => [
- "static/css/datatables.min.css",
- "static/css/tables.css"
- ],
- "scripts" => [
- "static/js/datatables.min.js",
- "static/js/permissions.js"
- ],
- ],
- "addpermission" => [
- "title" => "new permission",
- "navbar" => false,
"styles" => [
"static/css/easy-autocomplete.min.css"
],
"scripts" => [
"static/js/jquery.easy-autocomplete.min.js",
- "static/js/addpermission.js"
- ]
- ],
- "delpermission" => [
- "title" => "delete permission",
- "navbar" => false
+ "static/js/permissions.js"
+ ],
],
"export" => [
"title" => "report export",
diff --git a/pages/addpermission.php b/pages/addpermission.php
deleted file mode 100644
index c3b2fe3..0000000
--- a/pages/addpermission.php
+++ /dev/null
@@ -1,38 +0,0 @@
-
-
-
\ No newline at end of file
diff --git a/pages/delpermission.php b/pages/delpermission.php
deleted file mode 100644
index 5a53b5b..0000000
--- a/pages/delpermission.php
+++ /dev/null
@@ -1,54 +0,0 @@
-has('permissions', ['permid' => $VARS['pid']])) {
- header('Location: app.php?page=permissions&msg=permission_not_exists');
- die();
-}
-?>
-
-
-
-
-
-
-
-
-
-
-
-
- select('assigned_permissions', [
- "[>]accounts" => ['uid' => 'uid'],
- "[>]permissions" => ['permid' => 'permid']
- ], [
- 'username',
- 'realname',
- 'permcode',
- 'perminfo'
- ], ["AND" => ['assigned_permissions.permid' => $VARS['pid'], 'assigned_permissions.uid' => $VARS['uid']]])[0];
- ?>
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/pages/permissions.php b/pages/permissions.php
index 5a6b602..ea76dfb 100644
--- a/pages/permissions.php
+++ b/pages/permissions.php
@@ -2,26 +2,78 @@
require_once __DIR__ . '/../required.php';
redirectifnotloggedin();
+
+
+$perms = [];
+$permissions = false;
+$user = "";
+if ($VARS['user'] && $database->has('accounts', ['username' => $VARS['user']])) {
+ $user = $VARS['user'];
+ require_once __DIR__ . "/../lib/userinfo.php";
+ $uid = getUserByUsername($user)['uid'];
+ $perms = $database->select('assigned_permissions', ["[>]permissions" => ["permid" => "permid"]], ['permissions.permid', 'permcode', 'perminfo'], ['uid' => $uid]);
+ $permissions = true;
+}
?>
-
-
-
-
- |
- |
- |
- |
-
-
-
-
-
-
- |
- |
- |
- |
-
-
\ No newline at end of file
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/static/js/addpermission.js b/static/js/addpermission.js
deleted file mode 100644
index f99266a..0000000
--- a/static/js/addpermission.js
+++ /dev/null
@@ -1,47 +0,0 @@
-$("#user").easyAutocomplete({
- url: "action.php",
- ajaxSettings: {
- dataType: "json",
- method: "GET",
- data: {
- action: "autocomplete_user"
- }
- },
- preparePostData: function (data) {
- data.q = $("#user").val();
- return data;
- },
- getValue: function (element) {
- return element.username;
- },
- template: {
- type: "custom",
- method: function (value, item) {
- return item.name + " " + item.username + "";
- }
- }
-});
-
-$("#perm").easyAutocomplete({
- url: "action.php",
- ajaxSettings: {
- dataType: "json",
- method: "GET",
- data: {
- action: "autocomplete_permission"
- }
- },
- preparePostData: function (data) {
- data.q = $("#perm").val();
- return data;
- },
- getValue: function (element) {
- return element.name;
- },
- template: {
- type: "custom",
- method: function (value, item) {
- return item.name + " " + item.info + "";
- }
- }
-});
\ No newline at end of file
diff --git a/static/js/managers.js b/static/js/managers.js
index 99db6a3..1da49d5 100644
--- a/static/js/managers.js
+++ b/static/js/managers.js
@@ -1,3 +1,26 @@
+function addPerson(p) {
+ p = p.trim();
+ if (p == "") {
+ return false;
+ }
+ if ($("#peoplelist div[data-user=" + p + "]").length) {
+ $("#peoplelist .list-group-item[data-user=" + p + "]").animate({
+ backgroundColor: "#ff0000",
+ }, 500, "linear", function () {
+ $("#peoplelist .list-group-item[data-user=" + p + "]").animate({
+ backgroundColor: "#ffffff",
+ }, 500);
+ });
+ return false;
+ }
+ $('#peoplelist').append("");
+ $("#people-box").val("");
+}
+
+function removePerson(p) {
+ $("#peoplelist div[data-user=" + p + "]").remove();
+}
+
var empoptions = {
url: "action.php",
ajaxSettings: {
@@ -25,7 +48,8 @@ var empoptions = {
var value = $("#people-box").getSelectedItemData().username;
addPerson(value);
}
- }
+ },
+ requestDelay: 500
};
$("#people-box").easyAutocomplete(empoptions);
@@ -57,7 +81,8 @@ var manoptions = {
var value = $("#manager-box").getSelectedItemData().username;
document.location.href = "app.php?page=managers&man=" + value;
}
- }
+ },
+ requestDelay: 500
};
$("#manager-box").easyAutocomplete(manoptions);
@@ -90,29 +115,6 @@ $("#addpersonbtn").click(function () {
addPerson($("#people-box").val());
});
-function addPerson(p) {
- p = String.trim(p);
- if (p == "") {
- return false;
- }
- if ($("#peoplelist div[data-user=" + p + "]").length) {
- $("#peoplelist .list-group-item[data-user=" + p + "]").animate({
- backgroundColor: "#ff0000",
- }, 500, "linear", function () {
- $("#peoplelist .list-group-item[data-user=" + p + "]").animate({
- backgroundColor: "#ffffff",
- }, 500);
- });
- return false;
- }
- $('#peoplelist').append("");
- $("#people-box").val("");
-}
-
-function removePerson(p) {
- $("#peoplelist div[data-user=" + p + "]").remove();
-}
-
$('#peoplelist').on("click", ".rmperson", function () {
removePerson($(this).parent().data("user"));
});
\ No newline at end of file
diff --git a/static/js/permissions.js b/static/js/permissions.js
index bcc8a26..3a425bf 100644
--- a/static/js/permissions.js
+++ b/static/js/permissions.js
@@ -1,47 +1,145 @@
-$('#permtable').DataTable({
- responsive: {
- details: {
- display: $.fn.dataTable.Responsive.display.modal({
- header: function (row) {
- var data = row.data();
- return " " + data[2] + " | " + data[3];
- }
- }),
- renderer: $.fn.dataTable.Responsive.renderer.tableAll({
- tableClass: 'table'
- }),
- type: "column"
- }
- },
- columnDefs: [
- {
- targets: 0,
- className: 'control',
- orderable: false
- },
- {
- targets: 1,
- orderable: false
- }
- ],
- order: [
- [2, 'asc']
- ],
- serverSide: true,
- ajax: {
- url: "lib/getpermtable.php",
- dataFilter: function (data) {
- var json = jQuery.parseJSON(data);
- json.data = [];
- json.perms.forEach(function (row) {
- json.data.push([
- "",
- row.delbtn,
- row.realname + " (" + row.username + ")",
- row.permcode
- ]);
- });
- return JSON.stringify(json);
- }
+function addPermission(permcode, permdesc) {
+ permcode = permcode.trim().toUpperCase();
+ if (permcode == "") {
+ return false;
}
+ if ($("#permslist div[data-permcode=" + permcode + "]").length) {
+ $("#permslist .list-group-item[data-permcode=" + permcode + "]").animate({
+ backgroundColor: "#ff0000",
+ }, 500, "linear", function () {
+ $("#permslist .list-group-item[data-permcode=" + permcode + "]").animate({
+ backgroundColor: "#ffffff",
+ }, 500);
+ });
+ return false;
+ }
+ if (typeof permdesc == "undefined") {
+ $.post("action.php", {
+ action: 'autocomplete_permission',
+ q: $("#perms-box").val()
+ }, function (resp) {
+ if (resp.length === 0) {
+ return;
+ }
+ if (resp.length === 1) {
+ permdesc = resp[0].info;
+ } else {
+ for (var i = 0; i < resp.length; i++) {
+ if (resp[i].name == permcode) {
+ permdesc = resp[i].info;
+ break;
+ }
+ }
+ if (typeof permdesc == "undefined") {
+ return;
+ }
+ }
+ $('#permslist').append("" + permcode + "
" + permdesc + "
");
+ $("#perms-box").val("");
+ }, "json");
+ } else {
+ $('#permslist').append("" + permcode + "
" + permdesc + "
");
+ $("#perms-box").val("");
+ }
+}
+
+function removePermission(permcode) {
+ $("#permslist div[data-permcode=" + permcode + "]").remove();
+}
+
+var options = {
+ url: "action.php",
+ ajaxSettings: {
+ dataType: "json",
+ method: "GET",
+ data: {
+ action: "autocomplete_user"
+ }
+ },
+ preparePostData: function (data) {
+ data.q = $("#user-box").val();
+ return data;
+ },
+ getValue: function (element) {
+ return element.username;
+ },
+ template: {
+ type: "custom",
+ method: function (value, item) {
+ return item.name + " " + item.username + "";
+ }
+ },
+ list: {
+ onClickEvent: function () {
+ var value = $("#user-box").getSelectedItemData().username;
+ document.location.href = "app.php?page=permissions&user=" + value;
+ }
+ },
+ requestDelay: 500
+};
+
+$("#perms-box").easyAutocomplete({
+ url: "action.php",
+ ajaxSettings: {
+ dataType: "json",
+ method: "GET",
+ data: {
+ action: "autocomplete_permission"
+ }
+ },
+ preparePostData: function (data) {
+ data.q = $("#perms-box").val();
+ return data;
+ },
+ getValue: function (element) {
+ return element.name;
+ },
+ template: {
+ type: "custom",
+ method: function (value, item) {
+ return item.name + " " + item.info + "";
+ }
+ },
+ list: {
+ onClickEvent: function () {
+ var permcode = $("#perms-box").getSelectedItemData().name;
+ var permdesc = $("#perms-box").getSelectedItemData().info;
+ addPermission(permcode, permdesc);
+ }
+ },
+ requestDelay: 500
+});
+
+$("#user-box").easyAutocomplete(options);
+
+$("#user-box").keyup(function (e) {
+ if (e.keyCode == 13) {
+ $("#selectuserbtn").click();
+ }
+});
+
+$("#selectuserbtn").click(function () {
+ document.location.href = "app.php?page=permissions&user=" + $("#user-box").val();
+});
+
+$("#perms-box").keyup(function (event) {
+ if (event.keyCode == 13) {
+ $("#addpermbtn").click();
+ event.preventDefault();
+ return false;
+ }
+});
+$("#perms-box").keydown(function (event) {
+ if (event.keyCode == 13) {
+ event.preventDefault();
+ return false;
+ }
+});
+
+$("#addpermbtn").click(function () {
+ addPermission($("#perms-box").val());
+});
+
+$('#permslist').on("click", ".rmperm", function () {
+ removePermission($(this).parent().data("permcode"));
});
\ No newline at end of file