1<?php declare(strict_types = 1);
2/*
3** Zabbix
4** Copyright (C) 2001-2021 Zabbix SIA
5**
6** This program is free software; you can redistribute it and/or modify
7** it under the terms of the GNU General Public License as published by
8** the Free Software Foundation; either version 2 of the License, or
9** (at your option) any later version.
10**
11** This program is distributed in the hope that it will be useful,
12** but WITHOUT ANY WARRANTY; without even the implied warranty of
13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14** GNU General Public License for more details.
15**
16** You should have received a copy of the GNU General Public License
17** along with this program; if not, write to the Free Software
18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19**/
20
21
22/**
23 * @var CView $this
24 */
25
26$this->addJsFile('multiselect.js');
27$this->includeJsFile('administration.userrole.edit.js.php');
28
29$widget = (new CWidget())->setTitle(_('User roles'));
30
31$form = (new CForm())
32	->setId('userrole-form')
33	->setName('user_role_form')
34	->setAttribute('aria-labeledby', ZBX_STYLE_PAGE_TITLE);
35
36if ($data['roleid'] != 0) {
37	$form->addVar('roleid', $data['roleid']);
38}
39
40$form_grid = (new CFormGrid())->addClass(CFormGrid::ZBX_STYLE_FORM_GRID_1_1);
41
42$form_grid->addItem([
43	(new CLabel(_('Name'), 'name'))->setAsteriskMark(),
44	(new CFormField(
45		(new CTextBox('name', $data['name'], $data['readonly'], DB::getFieldLength('role', 'name')))
46			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
47			->setAriaRequired()
48			->setAttribute('autofocus', 'autofocus')
49			->setAttribute('maxlength', DB::getFieldLength('role', 'name'))
50	))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
51]);
52
53if ($data['readonly'] || $data['is_own_role']) {
54	$form_grid->addItem([
55		(new CLabel(_('User type'), 'type')),
56		(new CFormField([
57			(new CTextBox('type', user_type2str()[$data['type']]))
58				->setId('type_readonly')
59				->setAttribute('readonly', true),
60			new CVar('type', $data['type']),
61			' ',
62			$data['is_own_role']
63				? new CSpan(_('User cannot change the user type of own role.'))
64				: null
65		]))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
66	]);
67}
68else {
69	$form_grid->addItem([
70		(new CLabel(_('User type'), 'label-type')),
71		(new CFormField(
72			(new CSelect('type'))
73				->setFocusableElementId('label-type')
74				->setValue($data['type'])
75				->addOptions(CSelect::createOptionsFromArray(user_type2str()))
76				->addClass('js-userrole-usertype')
77		))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
78	]);
79}
80
81$form_grid->addItem(
82	(new CFormField((new CTag('h4', true, _('Access to UI elements')))->addClass('input-section-header')))
83		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
84		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
85);
86
87foreach ($data['labels']['sections'] as $section_key => $section_label) {
88	$ui = [];
89	foreach ($data['labels']['rules'][$section_key] as $rule_key => $rule_label) {
90		$ui[] = new CDiv(
91			(new CCheckBox(str_replace('.', '_', $rule_key), 1))
92				->setId($rule_key)
93				->setChecked(
94					array_key_exists($rule_key, $data['rules'][CRoleHelper::SECTION_UI])
95					&& $data['rules'][CRoleHelper::SECTION_UI][$rule_key]
96				)
97				->setReadonly($data['readonly'])
98				->setLabel($rule_label)
99				->setUncheckedValue(0)
100		);
101	}
102	$form_grid->addItem([
103		new CLabel($section_label, $section_key),
104		(new CFormField(
105			(new CDiv(
106				(new CDiv($ui))
107					->addClass(ZBX_STYLE_COLUMNS)
108					->addClass(ZBX_STYLE_COLUMNS_3)
109			))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
110		))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
111	]);
112}
113
114if (!$data['readonly']) {
115	$form_grid->addItem(
116		(new CFormField((new CLabel(_('At least one UI element must be checked.')))->setAsteriskMark()))
117			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
118			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
119	);
120}
121
122$form_grid->addItem([
123	new CLabel(_('Default access to new UI elements'), $data['readonly'] ? '' : 'ui.default_access'),
124	(new CFormField(
125		(new CCheckBox('ui_default_access', 1))
126			->setId('ui.default_access')
127			->setChecked($data['rules'][CRoleHelper::UI_DEFAULT_ACCESS])
128			->setReadonly($data['readonly'])
129			->setUncheckedValue(0)
130	))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
131]);
132
133$form_grid->addItem(
134	(new CFormField((new CTag('h4', true, _('Access to modules')))->addClass('input-section-header')))
135		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
136		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
137);
138
139$modules = [];
140foreach ($data['labels']['modules'] as $moduleid => $label) {
141	$modules[] = new CDiv(
142		(new CCheckBox(CRoleHelper::SECTION_MODULES.'['.$moduleid.']', 1))
143			->setChecked(
144				array_key_exists($moduleid, $data['rules']['modules']) ? $data['rules']['modules'][$moduleid] : true
145			)
146			->setReadonly($data['readonly'])
147			->setLabel($label)
148			->setUncheckedValue(0)
149	);
150}
151
152if ($modules) {
153	$form_grid->addItem([
154		(new CFormField(
155			(new CDiv(
156				(new CDiv($modules))
157					->addClass(ZBX_STYLE_COLUMNS)
158					->addClass(ZBX_STYLE_COLUMNS_3)
159			))->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
160		))
161			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
162			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
163	]);
164}
165else {
166	$form_grid->addItem(
167		(new CFormField((new CLabel(_('No enabled modules found.')))))
168			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
169			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
170	);
171}
172
173$form_grid
174	->addItem([
175		new CLabel(_('Default access to new modules'), $data['readonly'] ? '' : 'modules.default_access'),
176		(new CFormField(
177			(new CCheckBox('modules_default_access', 1))
178				->setId('modules.default_access')
179				->setChecked($data['rules'][CRoleHelper::MODULES_DEFAULT_ACCESS])
180				->setReadonly($data['readonly'])
181				->setUncheckedValue(0)
182		))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
183	])
184	->addItem(
185		(new CFormField((new CTag('h4', true, _('Access to API')))->addClass('input-section-header')))
186			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
187			->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
188	)
189	->addItem([
190		new CLabel(_('Enabled'), $data['readonly'] ? '' : 'api.access'),
191		(new CFormField(
192			(new CCheckBox('api_access', 1))
193				->setId('api.access')
194				->setChecked($data['rules'][CRoleHelper::API_ACCESS])
195				->setReadonly($data['readonly'])
196				->setUncheckedValue(0)
197				->addClass('js-userrole-apiaccess')
198		))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
199	])
200	->addItem([
201		new CLabel(_('API methods'), 'api.mode'),
202		(new CFormField(
203			(new CRadioButtonList('api_mode', (int) $data['rules'][CRoleHelper::API_MODE]))
204				->setId('api.mode')
205				->addValue(_('Allow list'), CRoleHelper::API_MODE_ALLOW)
206				->addValue(_('Deny list'), CRoleHelper::API_MODE_DENY)
207				->setModern(true)
208				->setReadonly($data['readonly'] || !$data['rules'][CRoleHelper::API_ACCESS])
209				->addClass('js-userrole-apimode')
210		))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
211	]);
212
213$form_grid->addItem(
214	(new CFormField(
215		(new CMultiSelect([
216			'name' => 'api_methods[]',
217			'object_name' => 'api_methods',
218			'data' => $data['rules'][CRoleHelper::SECTION_API],
219			'disabled' => (bool) $data['readonly'] || !$data['rules'][CRoleHelper::API_ACCESS],
220			'popup' => [
221				'parameters' => [
222					'srctbl' => 'api_methods',
223					'srcfld1' => 'name',
224					'dstfrm' => $form->getName(),
225					'dstfld1' => zbx_formatDomId('api_methods'.'[]'),
226					'user_type' => $data['type'],
227					'disable_selected' => true
228				]
229			]
230		]))
231			->setWidth(ZBX_TEXTAREA_STANDARD_WIDTH)
232			->addClass('js-userrole-ms')
233	))
234		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
235		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
236);
237
238$form_grid->addItem(
239	(new CFormField((new CTag('h4', true, _('Access to actions')))->addClass('input-section-header')))
240		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
241		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
242);
243
244$actions = [];
245foreach ($data['labels']['actions'] as $action => $label) {
246	$actions[] = new CDiv(
247		(new CCheckBox(str_replace('.', '_', $action), 1))
248			->setId($action)
249			->setChecked(
250				array_key_exists($action, $data['rules'][CRoleHelper::SECTION_ACTIONS])
251				&& $data['rules'][CRoleHelper::SECTION_ACTIONS][$action]
252			)
253			->setReadonly($data['readonly'])
254			->setLabel($label)
255			->setUncheckedValue(0)
256	);
257}
258
259$form_grid->addItem(
260	(new CFormField($actions))
261		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
262		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
263);
264
265$form_grid->addItem([
266	new CLabel(_('Default access to new actions'), $data['readonly'] ? '' : 'actions.default_access'),
267	(new CFormField(
268		(new CCheckBox('actions_default_access', 1))
269			->setId('actions.default_access')
270			->setChecked($data['rules'][CRoleHelper::ACTIONS_DEFAULT_ACCESS])
271			->setReadonly($data['readonly'])
272			->setUncheckedValue(0)
273	))->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
274]);
275
276$cancel_button = (new CRedirectButton(_('Cancel'),
277	(new CUrl('zabbix.php'))
278		->setArgument('action', 'userrole.list')
279		->setArgument('page', CPagerHelper::loadPage('userrole.list', null))
280))->setId('cancel');
281
282$buttons = [$cancel_button];
283
284if ($data['roleid'] != 0) {
285	$buttons = [
286		(new CSimpleButton(_('Clone')))->setId('clone'),
287		(new CRedirectButton(_('Delete'),
288			(new CUrl('zabbix.php'))->setArgument('action', 'userrole.delete')
289				->setArgument('roleids', [$data['roleid']])
290				->setArgumentSID(),
291			_('Delete selected role?')
292		))
293			->setId('delete')
294			->setEnabled(!$data['readonly']),
295		$cancel_button
296	];
297}
298
299$form_grid->addItem(
300	(new CFormActions(
301		($data['roleid'] != 0)
302			? (new CSubmitButton(_('Update'), 'action', 'userrole.update'))
303				->setId('update')
304				->setEnabled(!$data['readonly'])
305			: (new CSubmitButton(_('Add'), 'action', 'userrole.create'))->setId('add'),
306		$buttons
307	))
308		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_FLUID)
309		->addClass(CFormField::ZBX_STYLE_FORM_FIELD_OFFSET_1)
310);
311
312$tabs = (new CTabView())->addTab('user_role_tab', _('User role'), $form_grid);
313
314$form->addItem((new CTabView())->addTab('user_role_tab', _('User role'), $form_grid));
315$widget->addItem($form);
316$widget->show();
317