mirror of
https://github.com/tuxis-ie/nsedit.git
synced 2025-04-20 20:13:40 +03:00
Uncomitted changes prior to merge. Permissions ...
This commit is contained in:
Richard Underwood
parent
c1598fc99a
commit
2b5e7ea5f6
3 changed files with 158 additions and 0 deletions
|
|
@ -10,6 +10,12 @@ $logging = TRUE;
|
|||
$allowclearlogs = TRUE; # Allow clearing of log entries
|
||||
$allowrotatelogs = FALSE;# Allow rotation to text file on server
|
||||
|
||||
$restrictediting = TRUE; # Restrict editing of record types
|
||||
$restrictedtypes = array(
|
||||
'SOA' => 1,
|
||||
'NS' => 1
|
||||
);
|
||||
|
||||
# Log directory - if allowrotatelogs is set, this is where the logs will
|
||||
# be written. It must be writeable by the web server user.
|
||||
$logsdirectory = "../etc";
|
||||
|
|
|
|||
69
index.php
69
index.php
|
|
@ -796,6 +796,75 @@ $(document).ready(function () {
|
|||
inputClass: 'serial',
|
||||
listClass: 'serial'
|
||||
},
|
||||
permissions: {
|
||||
title: 'Permissions',
|
||||
width: '10%',
|
||||
create: false,
|
||||
edit: false,
|
||||
display: function(data) {
|
||||
var $img = $('<img class="list" src="img/list.png" title="Permissions" />');
|
||||
$img.click(function () {
|
||||
$('#SlaveZones').jtable('openChildTable',
|
||||
$img.closest('tr'), {
|
||||
title: 'Permissions for ' + data.record.name,
|
||||
openChildAsAccordion: true,
|
||||
actions: {
|
||||
listAction: 'permissions.php?action=list&zoneid=' + data.record.id,
|
||||
createAction: 'permissions.php?action=add&zoneid=' + data.record.id,
|
||||
deleteAction: 'permissions.php?action=remove&zoneid=' + data.record.id
|
||||
},
|
||||
fields: {
|
||||
id: {
|
||||
key: true,
|
||||
type: 'hidden'
|
||||
},
|
||||
type: {
|
||||
title: 'Type',
|
||||
inputClass: "permissionstype",
|
||||
options: {
|
||||
'user': 'User',
|
||||
'group': 'Group'
|
||||
},
|
||||
create: true,
|
||||
edit: false
|
||||
},
|
||||
value: {
|
||||
title: 'Name',
|
||||
inputClass: "usergrouplist",
|
||||
display: displayContent('value')
|
||||
},
|
||||
permissions: {
|
||||
title: 'Permissions',
|
||||
options: {
|
||||
'1' : 'View Only',
|
||||
<?php if($restrictediting) { ?>
|
||||
'3' : 'Update normal records',
|
||||
'7' : 'Update all records',
|
||||
<?php } else { ?>
|
||||
'7' : 'Update',
|
||||
<?php } ?>
|
||||
'15' : 'Admin'
|
||||
}
|
||||
}
|
||||
},
|
||||
formCreated: function(event, dat) {
|
||||
$( ".usergrouplist" ).autocomplete({
|
||||
source: "users.php?action=autocomplete&zoneid=" + data.record.id + "&type=" + $( ".permissionstype" ).val()
|
||||
});
|
||||
$( ".permissionstype" ).change(function() {
|
||||
$( ".usergrouplist" ).val("");
|
||||
$( ".usergrouplist" ).autocomplete({
|
||||
source: "users.php?action=autocomplete&type=" + $( ".permissionstype" ).val()
|
||||
});
|
||||
});
|
||||
}
|
||||
}, function (data) {
|
||||
data.childTable.jtable('load');
|
||||
})
|
||||
});
|
||||
return $img;
|
||||
}
|
||||
},
|
||||
exportzone: {
|
||||
title: '',
|
||||
width: '1%',
|
||||
|
|
|
|||
83
permissions.php
Normal file
83
permissions.php
Normal file
|
|
@ -0,0 +1,83 @@
|
|||
<?php
|
||||
|
||||
include_once('includes/config.inc.php');
|
||||
include_once('includes/session.inc.php');
|
||||
include_once('includes/misc.inc.php');
|
||||
|
||||
if (!is_csrf_safe()) {
|
||||
header('Status: 403');
|
||||
header('Location: ./index.php');
|
||||
jtable_respond(null, 'error', "Authentication required");
|
||||
}
|
||||
|
||||
$zoneid = isset($_GET['zoneid']) ? intval($_GET['zoneid']) : '';
|
||||
|
||||
if (!is_adminuser()) {
|
||||
header('Status: 403');
|
||||
jtable_respond(null, 'error', "You need adminprivileges to get here");
|
||||
}
|
||||
|
||||
if (!isset($_GET['action'])) {
|
||||
header('Status: 400');
|
||||
jtable_respond(null, 'error', 'No action given');
|
||||
}
|
||||
|
||||
switch ($_GET['action']) {
|
||||
|
||||
case "list":
|
||||
|
||||
if ($zoneid != '') {
|
||||
$permissions = get_zone_permissions($zoneid);
|
||||
jtable_respond($permissions);
|
||||
} else {
|
||||
jtable_respond(null, 'error', 'Could not list zone permissions');
|
||||
}
|
||||
break;
|
||||
|
||||
case "add":
|
||||
$type = isset($_POST['type']) ? $_POST['type'] : '';
|
||||
$value = isset($_POST['value']) ? $_POST['value'] : '';
|
||||
$permissons = isset($_POST['permissions']) ? $_POST['permissions'] : '';
|
||||
|
||||
if ($zoneid != '') {
|
||||
if (user_exists($user)) {
|
||||
if(is_group_member($groupid,$user)) {
|
||||
jtable_respond(null, 'error', "User already a member of the group");
|
||||
} elseif(!is_null($id=add_group_member($groupid,$user))) {
|
||||
$entry = array('id' => $id,'user' => $user);
|
||||
jtable_respond($entry, 'single');
|
||||
} else {
|
||||
jtable_respond(null, 'error', "Failed to add user to group");
|
||||
}
|
||||
} else {
|
||||
jtable_respond(null, 'error', "User doesn't exist");
|
||||
}
|
||||
} else {
|
||||
jtable_respond(null, 'error', 'Zone not specified');
|
||||
}
|
||||
break;
|
||||
|
||||
case "remove":
|
||||
|
||||
if ($id != '') {
|
||||
if(remove_group_member($id)) {
|
||||
jtable_respond(null, 'delete');
|
||||
} else {
|
||||
jtable_respond(null, 'error', "Failed to delete user from group");
|
||||
}
|
||||
} else {
|
||||
jtable_respond(null, 'error', 'ID not specified');
|
||||
}
|
||||
break;
|
||||
|
||||
case "autocomplete":
|
||||
$term = isset($_GET['type']) ? $_GET['type'] : '';
|
||||
$term = isset($_GET['term']) ? $_GET['term'] : '';
|
||||
$users=get_usernames_filtered($term);
|
||||
print json_encode($users);
|
||||
break;
|
||||
|
||||
default:
|
||||
jtable_respond(null, 'error', 'Invalid action');
|
||||
break;
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue