1<?php 2 3if (IN_serendipity !== true) { 4 die ('Don\'t hack!'); 5} 6 7if (!serendipity_checkPermission('adminUsersGroups')) { 8 return; 9} 10 11$data = array(); 12/* Delete a group */ 13if (isset($_POST['DELETE_YES']) && serendipity_checkFormToken()) { 14 $group = serendipity_fetchGroup($serendipity['POST']['group']); 15 serendipity_deleteGroup($serendipity['POST']['group']); 16 $data['delete_yes'] = true; 17 $data['group_id'] = $serendipity['POST']['group']; 18 $data['group'] = $group; 19} 20 21/* Save new group */ 22if (isset($_POST['SAVE_NEW']) && serendipity_checkFormToken()) { 23 $serendipity['POST']['group'] = serendipity_addGroup($serendipity['POST']['name']); 24 $perms = serendipity_getAllPermissionNames(); 25 serendipity_updateGroupConfig($serendipity['POST']['group'], $perms, $serendipity['POST'], false, $serendipity['POST']['forbidden_plugins'], $serendipity['POST']['forbidden_hooks']); 26 $data['save_new'] = true; 27 $data['group_id'] = $serendipity['POST']['group']; 28 $data['group'] = $group; 29} 30 31/* Edit a group */ 32if (isset($_POST['SAVE_EDIT']) && serendipity_checkFormToken()) { 33 $perms = serendipity_getAllPermissionNames(); 34 serendipity_updateGroupConfig($serendipity['POST']['group'], $perms, $serendipity['POST'], false, $serendipity['POST']['forbidden_plugins'], $serendipity['POST']['forbidden_hooks']); 35 $data['save_edit'] = true; 36 $data['name'] = $serendipity['POST']['name']; 37} 38 39if ( $serendipity['GET']['adminAction'] != 'delete' ) { 40 $data['delete'] = false; 41 42 if (serendipity_checkPermission('adminUsersMaintainOthers')) { 43 $groups = serendipity_getAllGroups(); 44 } elseif (serendipity_checkPermission('adminUsersMaintainSame')) { 45 $groups = serendipity_getAllGroups($serendipity['authorid']); 46 } else { 47 $groups = array(); 48 } 49 $data['groups'] = $groups; 50 if ( ! (isset($_POST['NEW']) || $serendipity['GET']['adminAction'] == 'new') ) { 51 $data['start'] = true; 52 } 53 $data['deleteFormToken'] = serendipity_setFormToken('url'); 54} 55 56if ($serendipity['GET']['adminAction'] == 'edit' || isset($_POST['NEW']) || $serendipity['GET']['adminAction'] == 'new') { 57 if (isset($_POST['NEW']) || $serendipity['GET']['adminAction'] == 'new') { 58 $data['new'] = true; 59 } else { 60 $data['edit'] = true; 61 } 62 $data['formToken'] = serendipity_setFormToken(); 63 64 if ($serendipity['GET']['adminAction'] == 'edit') { 65 $group = serendipity_fetchGroup($serendipity['GET']['group']); 66 $from = &$group; 67 } else { 68 $from = array(); 69 } 70 $data['from'] = $from; 71 72 $allusers = serendipity_fetchUsers(); 73 $users = serendipity_getGroupUsers($from['id']); 74 75 $selected = array(); 76 foreach((array)$users AS $user) { 77 $selected[$user['id']] = true; 78 } 79 $data['selected'] = $selected; 80 $data['allusers'] = $allusers; 81 82 $perms = serendipity_getAllPermissionNames(); 83 ksort($perms); 84 $data['perms'] = $perms; 85 foreach($perms AS $perm => $userlevels) { 86 if (defined('PERMISSION_' . strtoupper($perm))) { 87 list($name, $note) = explode(":", constant('PERMISSION_' . strtoupper($perm))); 88 $data['perms'][$perm]['permission_name'] = $name; 89 $data['perms'][$perm]['permission_note'] = $note; 90 } else { 91 $data['perms'][$perm]['permission_name'] = $perm; 92 } 93 if (!serendipity_checkPermission($perm) && $perm != 'hiddenGroup') { 94 $data['perms'][$perm]['permission'] = false; 95 } else { 96 $data['perms'][$perm]['permission'] = true; 97 } 98 } 99 100 if ($serendipity['enablePluginACL']) { 101 $data['enablePluginACL'] = true; 102 $allplugins =& serendipity_plugin_api::get_event_plugins(); 103 $allhooks = array(); 104 $data['allplugins'] = $allplugins; 105 foreach($allplugins AS $plugid => $currentplugin) { 106 foreach($currentplugin['b']->properties['event_hooks'] AS $hook => $set) { 107 $allhooks[$hook] = array(); 108 } 109 $data['allplugins'][$plugid]['has_permission'] = serendipity_hasPluginPermissions($plugid, $from['id']); 110 } 111 ksort($allhooks); 112 113 $data['allhooks'] = $allhooks; 114 foreach($allhooks AS $hook => $set) { 115 $data['allhooks'][$hook]['has_permission'] = serendipity_hasPluginPermissions($hook, $from['id']); 116 } 117 } 118 119} elseif ($serendipity['GET']['adminAction'] == 'delete') { 120 $data['delete'] = true; 121 $group = serendipity_fetchGroup($serendipity['GET']['group']); 122 $data['group_id'] = $serendipity['GET']['group']; 123 $data['group'] = $group; 124 $data['formToken'] = serendipity_setFormToken(); 125} 126 127echo serendipity_smarty_show('admin/groups.inc.tpl', $data); 128 129/* vim: set sts=4 ts=4 expandtab : */ 130?> 131