Commit e74f0c2a authored by Ad Schellevis's avatar Ad Schellevis

(auth) refactor user/group privilege management

parent 48b9b3ff
...@@ -1111,7 +1111,7 @@ ...@@ -1111,7 +1111,7 @@
"name": "WebCfg - System: Group Manager: Add Privileges page", "name": "WebCfg - System: Group Manager: Add Privileges page",
"descr": "Allow access to the 'System: Group Manager: Add Privileges' page.", "descr": "Allow access to the 'System: Group Manager: Add Privileges' page.",
"match": [ "match": [
"system_groupmanager_addprivs.php*" "system_usermanager_addprivs.php?group*"
] ]
}, },
"page-system-hasync": { "page-system-hasync": {
...@@ -1153,7 +1153,7 @@ ...@@ -1153,7 +1153,7 @@
"name": "WebCfg - System: User Manager: Add Privileges page", "name": "WebCfg - System: User Manager: Add Privileges page",
"descr": "Allow access to the 'System: User Manager: Add Privileges' page.", "descr": "Allow access to the 'System: User Manager: Add Privileges' page.",
"match": [ "match": [
"system_usermanager_addprivs.php*" "system_usermanager_addprivs.php?user*"
] ]
}, },
"page-system-usermanager-settings": { "page-system-usermanager-settings": {
......
<?php <?php
/* /*
Copyright (C) 2014-2015 Deciso B.V. Copyright (C) 2014-2016 Deciso B.V.
Copyright (C) 2008 Shrew Soft Inc. Copyright (C) 2008 Shrew Soft Inc.
Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>. Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
...@@ -78,25 +78,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -78,25 +78,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// reload page // reload page
header("Location: system_groupmanager.php"); header("Location: system_groupmanager.php");
exit; exit;
} elseif (isset($id) && $act == "delpriv" && isset($a_group[$id]['priv']) && is_array($a_group[$id]['priv'])) {
// remove by privid
foreach ($a_group[$id]['priv'] as $key => $value) {
if ($value == $pconfig['privid']) {
unset($a_group[$id]['priv'][$key]);
}
}
if (isset($a_group[$id]['member']) && is_array($a_group[$id]['member'])) {
foreach ($a_group[$id]['member'] as $uid) {
$user = getUserEntryByUID($uid);
if ($user) {
local_user_set($user);
}
}
}
write_config();
// reload page
header("Location: system_groupmanager.php?act=edit&groupid={$id}");
exit;
} elseif (isset($pconfig['save'])) { } elseif (isset($pconfig['save'])) {
$input_errors = array(); $input_errors = array();
...@@ -245,30 +226,6 @@ function presubmit() { ...@@ -245,30 +226,6 @@ function presubmit() {
$( document ).ready(function() { $( document ).ready(function() {
// delete privilege
$(".act-del-priv").click(function(event){
event.preventDefault();
var priv_name = $(this).data('privname');
var privid = $(this).data('privid');
BootstrapDialog.show({
type:BootstrapDialog.TYPE_DANGER,
title: "<?= gettext("Group");?>",
message: "<?=gettext("Do you really want to delete this privilege?");?> " + "<br/>("+priv_name+")",
buttons: [{
label: "<?= gettext("No");?>",
action: function(dialogRef) {
dialogRef.close();
}}, {
label: "<?= gettext("Yes");?>",
action: function(dialogRef) {
$("#privid").val(privid);
$("#act").val("delpriv");
$("#iform").submit();
}
}]
});
});
// remove group // remove group
$(".act-del-group").click(function(event){ $(".act-del-group").click(function(event){
var groupid = $(this).data('groupid'); var groupid = $(this).data('groupid');
...@@ -402,15 +359,12 @@ $( document ).ready(function() { ...@@ -402,15 +359,12 @@ $( document ).ready(function() {
<?php <?php
if ($act != "new") :?> if ($act != "new") :?>
<tr> <tr>
<td colspan="2"><b><?=gettext("Assigned Privileges");?></b></td> <td><b><?=gettext("Assigned Privileges");?></b></td>
</tr> <td>
<tr> <table class="table table-hover table-condensed">
<td colspan="2">
<table class="table table-striped table-condensed">
<tr> <tr>
<td><b><?=gettext("Name");?></b></td> <td><b><?=gettext("Name");?></b></td>
<td><b><?=gettext("Description");?></b></td> <td><b><?=gettext("Description");?></b></td>
<td></td>
</tr> </tr>
<?php <?php
if (isset($pconfig['priv']) && is_array($pconfig['priv'])) : if (isset($pconfig['priv']) && is_array($pconfig['priv'])) :
...@@ -419,20 +373,14 @@ $( document ).ready(function() { ...@@ -419,20 +373,14 @@ $( document ).ready(function() {
<tr> <tr>
<td><?=$priv_list[$priv]['name'];?></td> <td><?=$priv_list[$priv]['name'];?></td>
<td><?=$priv_list[$priv]['descr'];?></td> <td><?=$priv_list[$priv]['descr'];?></td>
<td>
<button type="button" data-privid="<?=$priv;?>" data-privname="<?=$priv_list[$priv]['name']?>" class="btn btn-default btn-xs act-del-priv" title="<?=gettext("delete privilege");?>" data-toggle="tooltip">
<span class="fa fa-trash text-muted"></span>
</button>
</td>
</tr> </tr>
<?php <?php
endforeach; endforeach;
endif;?> endif;?>
<tr> <tr>
<td colspan="2"></td> <td colspan="2">
<td> <a href="system_usermanager_addprivs.php?groupid=<?=htmlspecialchars($id)?>" class="btn btn-default btn-xs">
<a href="system_groupmanager_addprivs.php?groupid=<?=htmlspecialchars($id)?>" class="btn btn-default btn-xs"> <span class="fa fa-pencil"></span>
<span class="glyphicon glyphicon-plus"></span>
</a> </a>
</td> </td>
</tr> </tr>
......
<?php
/*
Copyright (C) 2014-2015 Deciso B.V.
Copyright (C) 2006 Daniel S. Haischt.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
function cpusercmp($a, $b)
{
return strcasecmp($a['name'], $b['name']);
}
require_once("guiconfig.inc");
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (isset($config['system']['group'][$_GET['groupid']])) {
$groupid = $_GET['groupid'];
$a_group = & $config['system']['group'][$groupid];
} else {
header("Location: system_groupmanager.php");
exit;
}
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($config['system']['group'][$_POST['groupid']])) {
$groupid = $_POST['groupid'];
$a_group = & $config['system']['group'][$groupid];
$input_errors = array();
$pconfig = $_POST;
/* input validation */
$reqdfields = explode(" ", "sysprivs");
$reqdfieldsn = array(gettext("Selected priveleges"));
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if (count($input_errors) == 0) {
if (!is_array($pconfig['sysprivs'])) {
$pconfig['sysprivs'] = array();
}
if (!isset($a_group['priv']) || !count($a_group['priv'])) {
$a_group['priv'] = $pconfig['sysprivs'];
} else {
$a_group['priv'] = array_merge($a_group['priv'], $pconfig['sysprivs']);
}
if (is_array($a_group['member'])) {
foreach ($a_group['member'] as $uid) {
$user = getUserEntryByUID($uid);
if ($user) {
local_user_set($user);
}
}
}
if (isset($config['system']['group']) && is_array($config['system']['group'])) {
usort($config['system']['group'], "cpusercmp");
}
write_config();
header("Location: system_groupmanager.php?act=edit&groupid={$groupid}");
exit;
}
} else {
header("Location: system_groupmanager.php");
exit;
}
}
if (!isset($a_group['priv']) || !is_array($a_group['priv'])) {
$a_group['priv'] = array();
}
include("head.inc");
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC" >
<?php include("fbegin.inc"); ?>
<script type="text/javascript">
$( document ).ready(function() {
$("#sysprivs").change(function(){
$("#pdesc").html($(this).find(':selected').data('descr'));
});
});
</script>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php
if (isset($input_errors) && count($input_errors) > 0) {
print_input_errors($input_errors);
}
?>
<section class="col-xs-12">
<div class="tab-content content-box col-xs-12">
<form method="post" name="iform">
<table class="table table-striped">
<tr>
<td width="22%"><?=gettext("System Privileges");?></td>
<td width="78%">
<select name="sysprivs[]" id="sysprivs" class="formselect" multiple="multiple" size="35">
<?php
foreach ($priv_list as $pname => $pdata) :
if (in_array($pname, $a_group['priv'])) {
continue;
}
?>
<option data-descr="<?=!empty($pdata['descr']) ? $pdata['descr'] : "";?>" value="<?=$pname;?>">
<?=$pdata['name'];?>
</option>
<?php
endforeach; ?>
</select>
<br />
<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
</td>
</tr>
<tr>
<td><?=gettext("Description");?></td>
<td id="pdesc">
<em><?=gettext("Select a privilege from the list above for a description"); ?></em>
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td>
<input type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
<input class="btn btn-default" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" />
<input name="groupid" type="hidden" value="<?=$groupid;?>" />
</td>
</tr>
</table>
</form>
</div>
</section>
</div>
</div>
</section>
<?php include("foot.inc"); ?>
<?php <?php
/* /*
Copyright (C) 2014-2015 Deciso B.V. Copyright (C) 2014-2016 Deciso B.V.
Copyright (C) 2008 Shrew Soft Inc. Copyright (C) 2008 Shrew Soft Inc.
Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com> Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>
Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net> Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>
...@@ -172,30 +172,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -172,30 +172,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$savemsg = gettext("User")." {$userdeleted} ". gettext("successfully deleted"); $savemsg = gettext("User")." {$userdeleted} ". gettext("successfully deleted");
header("Location: system_usermanager.php?savemsg=".$savemsg); header("Location: system_usermanager.php?savemsg=".$savemsg);
exit; exit;
} elseif ($act == "delpriv" && !empty($pconfig['priv_delete']) && isset($id)) {
// drop privilege from user
// search for priv id to delete
$privid = null;
if (!empty($a_user[$id]['priv'])) {
foreach ($a_user[$id]['priv'] as $key => $value) {
if ($value == $pconfig['priv_delete']) {
$privid = $key;
$privdeleted = $value;
}
}
}
if ($privid !== null) {
unset($a_user[$id]['priv'][$privid]);
local_user_set($a_user[$id]);
write_config();
$savemsg = gettext("Privilege")." {$privdeleted} ".
gettext("successfully deleted");
header("Location: system_usermanager.php?savemsg=".$savemsg."&act=edit&userid=".$id);
} else {
header("Location: system_usermanager.php?act=edit&userid=".$id);
}
exit;
} elseif ($act == "delcert" && isset($id)) { } elseif ($act == "delcert" && isset($id)) {
// remove certificate association // remove certificate association
$certdeleted = lookup_cert($a_user[$id]['cert'][$pconfig['certid']]); $certdeleted = lookup_cert($a_user[$id]['cert'][$pconfig['certid']]);
...@@ -456,29 +432,6 @@ function presubmit() { ...@@ -456,29 +432,6 @@ function presubmit() {
<script type="text/javascript"> <script type="text/javascript">
$( document ).ready(function() { $( document ).ready(function() {
// delete privilege
$(".act-del-priv").click(function(event){
event.preventDefault();
var priv_name = $(this).data('priv');
BootstrapDialog.show({
type:BootstrapDialog.TYPE_DANGER,
title: "<?= gettext("User");?>",
message: "<?=gettext("Do you really want to delete this privilege?");?> " + "<br/>("+priv_name+")",
buttons: [{
label: "<?= gettext("No");?>",
action: function(dialogRef) {
dialogRef.close();
}}, {
label: "<?= gettext("Yes");?>",
action: function(dialogRef) {
$("#priv_delete").val(priv_name);
$("#act").val("delpriv");
$("#iform").submit();
}
}]
});
});
// remove certificate association // remove certificate association
$(".act-del-cert").click(function(event){ $(".act-del-cert").click(function(event){
var certid = $(this).data('certid'); var certid = $(this).data('certid');
...@@ -745,16 +698,13 @@ $( document ).ready(function() { ...@@ -745,16 +698,13 @@ $( document ).ready(function() {
<?php <?php
if ($pconfig['uid'] != "") :?> if ($pconfig['uid'] != "") :?>
<tr> <tr>
<td colspan="2"><i class="fa fa-info-circle text-muted"></i> <?=gettext("Effective Privileges");?></td> <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Effective Privileges");?></td>
</tr> <td>
<tr> <table class="table table-hover table-condensed">
<td colspan="2">
<table class="table table-striped table-condensed">
<tr> <tr>
<td width="20%"><b><?=gettext("Inherited From");?></b></td> <td><b><?=gettext("Inherited From");?></b></td>
<td width="30%"><b><?=gettext("Name");?></b></td> <td><b><?=gettext("Name");?></b></td>
<td width="40%"><b><?=gettext("Description");?></b></td> <td><b><?=gettext("Description");?></b></td>
<td></td>
</tr> </tr>
<?php <?php
foreach (get_user_privdesc($a_user[$id]) as $priv) :?> foreach (get_user_privdesc($a_user[$id]) as $priv) :?>
...@@ -762,25 +712,14 @@ $( document ).ready(function() { ...@@ -762,25 +712,14 @@ $( document ).ready(function() {
<td><?=!empty($priv['group']) ? $priv['group'] : ""?></td> <td><?=!empty($priv['group']) ? $priv['group'] : ""?></td>
<td><?=$priv['name']?></td> <td><?=$priv['name']?></td>
<td><?=!empty($priv['descr']) ? $priv['descr'] : ""?></td> <td><?=!empty($priv['descr']) ? $priv['descr'] : ""?></td>
<td class="text-center">
<?php
if (empty($priv['group'])) :?>
<button type="button" data-priv="<?=$priv['id']?>" class="btn btn-default btn-xs act-del-priv"
title="<?=gettext("revoke privilege");?>" data-toggle="tooltip">
<span class="fa fa-trash text-muted"></span>
</button>
<?php
endif;?>
</td>
</tr> </tr>
<?php <?php
endforeach;?> endforeach;?>
<tr> <tr>
<td colspan="3"></td> <td colspan="3">
<td>
<a href="system_usermanager_addprivs.php?userid=<?=$id?>" class="btn btn-xs btn-default" <a href="system_usermanager_addprivs.php?userid=<?=$id?>" class="btn btn-xs btn-default"
title="<?=gettext("assign privileges");?>" data-toggle="tooltip"> title="<?=gettext("edit privileges");?>" data-toggle="tooltip">
<span class="glyphicon glyphicon-plus"></span> <span class="fa fa-pencil"></span>
</a> </a>
</td> </td>
</tr> </tr>
......
<?php <?php
/* /*
Copyright (C) 2014-2015 Deciso B.V. Copyright (C) 2014-2016 Deciso B.V.
Copyright (C) 2006 Daniel S. Haischt Copyright (C) 2006 Daniel S. Haischt
All rights reserved. All rights reserved.
...@@ -29,7 +29,7 @@ ...@@ -29,7 +29,7 @@
require_once("guiconfig.inc"); require_once("guiconfig.inc");
function admusercmp($a, $b) function cpusercmp($a, $b)
{ {
return strcasecmp($a['name'], $b['name']); return strcasecmp($a['name'], $b['name']);
} }
...@@ -46,39 +46,35 @@ function sort_user_privs($privs) { ...@@ -46,39 +46,35 @@ function sort_user_privs($privs) {
if ($_SERVER['REQUEST_METHOD'] === 'GET') { if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (isset($_GET['userid']) && isset($config['system']['user'][$_GET['userid']]['name'])) { if (isset($_GET['userid']) && isset($config['system']['user'][$_GET['userid']]['name'])) {
$userid = $_GET['userid']; $input_type = "user";
$id = $_GET['userid'];
} elseif (isset($_GET['groupid']) && isset($config['system']['group'][$_GET['groupid']])) {
$input_type = "group";
$id = $_GET['groupid'];
} else { } else {
header("Location: system_usermanager.php"); header("Location: system_usermanager.php");
exit; exit;
} }
$a_user = & $config['system']['user'][$userid]; if ($input_type == "group") {
if (!isset($a_user['priv']) || !is_array($a_user['priv'])) { if (!isset($config['system']['group'][$id]['priv']) || !is_array($config['system']['group'][$id]['priv'])) {
$a_user['priv'] = array(); $a_privs = array();
} else {
$a_privs = & $config['system']['group'][$id]['priv'];
}
} else {
if (!isset($config['system']['user'][$id]['priv']) || !is_array($config['system']['user'][$id]['priv'])) {
$a_privs = array();
} else {
$a_privs = $config['system']['user'][$id]['priv'];
}
} }
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { } elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['userid']) && isset($config['system']['user'][$_POST['userid']]['name'])) {
$userid = $_POST['userid'];
$input_errors = array();
$pconfig = $_POST; $pconfig = $_POST;
if (isset($pconfig['input_type']) && isset($pconfig['id'])) {
/* input validation */ if ($pconfig['input_type'] == 'user' && isset($config['system']['user'][$pconfig['id']]['name'])) {
$reqdfields = explode(" ", "sysprivs"); $userid = $_POST['id'];
$reqdfieldsn = array(gettext("Selected priveleges"));
do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
if (count($input_errors) == 0) {
$a_user = & $config['system']['user'][$userid]; $a_user = & $config['system']['user'][$userid];
if (!is_array($pconfig['sysprivs'])) { $a_user['priv'] = is_array($pconfig['sysprivs']) ? $pconfig['sysprivs'] : array();
$pconfig['sysprivs'] = array();
}
if (!isset($a_user['priv']) || !count($a_user['priv'])) {
$a_user['priv'] = $pconfig['sysprivs'];
} else {
$a_user['priv'] = array_merge($a_user['priv'], $pconfig['sysprivs']);
}
$a_user['priv'] = sort_user_privs($a_user['priv']); $a_user['priv'] = sort_user_privs($a_user['priv']);
local_user_set($a_user); local_user_set($a_user);
$retval = write_config(); $retval = write_config();
...@@ -86,23 +82,81 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -86,23 +82,81 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
header("Location: system_usermanager.php?act=edit&userid=".$userid."&savemsg=".$savemsg); header("Location: system_usermanager.php?act=edit&userid=".$userid."&savemsg=".$savemsg);
exit; exit;
} elseif ($_POST['input_type'] == 'group' && isset($config['system']['group'][$pconfig['id']]['name'])) {
$groupid = $_POST['id'];
$a_group = & $config['system']['group'][$groupid];
$a_group['priv'] = is_array($pconfig['sysprivs']) ? $pconfig['sysprivs'] : array();
$a_group['priv'] = sort_user_privs($a_group['priv']);
if (is_array($a_group['member'])) {
foreach ($a_group['member'] as $uid) {
$user = getUserEntryByUID($uid);
if ($user) {
local_user_set($user);
} }
} else { }
header("Location: system_usermanager.php"); }
if (isset($config['system']['group']) && is_array($config['system']['group'])) {
usort($config['system']['group'], "cpusercmp");
}
write_config();
header("Location: system_groupmanager.php?act=edit&groupid={$groupid}");
exit; exit;
} }
}
header("Location: system_usermanager.php");
exit;
} }
include("head.inc"); include("head.inc");
?> ?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC" > <body>
<?php include("fbegin.inc"); ?> <?php include("fbegin.inc"); ?>
<script type="text/javascript"> <script type="text/javascript">
$( document ).ready(function() { $( document ).ready(function() {
$("#sysprivs").change(function(){ $("#search").keyup(function(event){
$("#pdesc").html($(this).find(':selected').data('descr')); event.preventDefault();
$(".acl_item").each(function(){
if ($(this).data('search-phrase').toLowerCase().indexOf($("#search").val().toLowerCase()) > -1) {
if ($("#search_selected:checked").val() != undefined) {
if ($(this).find('td > input:checked').val() != undefined) {
$(this).show();
} else {
$(this).hide();
}
} else {
$(this).show();
}
} else {
$(this).hide();
}
$("#priv_container").scrollTop(0);
})
});
$("#selectall").click(function(event){
event.preventDefault();
$(".acl_item").each(function(){
if ($(this).is(':visible')) {
$(this).find('td > input').prop('checked', true);
}
});
});
$("#deselectall").click(function(event){
event.preventDefault();
$(".acl_item").each(function(){
if ($(this).is(':visible')) {
$(this).find('td > input').prop('checked', false);
}
});
});
$("#search_selected").click(function(){
$("#search").keyup();
}); });
}); });
</script> </script>
...@@ -118,31 +172,62 @@ include("head.inc"); ...@@ -118,31 +172,62 @@ include("head.inc");
<section class="col-xs-12"> <section class="col-xs-12">
<div class="tab-content content-box col-xs-12"> <div class="tab-content content-box col-xs-12">
<form method="post" name="iform"> <form method="post" name="iform">
<input name="id" type="hidden" value="<?=$id;?>" />
<input name="input_type" type="hidden" value="<?=$input_type;?>" />
<table class="table table-striped"> <table class="table table-striped">
<tr> <tr>
<td width="22%"><?=gettext("System Privileges");?></td> <td width="22%"><?=gettext("System Privileges");?></td>
<td width="78%"> <td width="78%">
<select name="sysprivs[]" id="sysprivs" class="formselect" multiple="multiple" size="35"> <table class="table table-condensed table-hoover">
<thead>
<tr>
<th style="width:70px;"><?=gettext("Allowed");?></th>
<th><?=gettext("Description");?></th>
</tr>
<tr>
<th>
<input type="checkbox" id="search_selected"> <small><?=gettext("(filter)");?></small>
</th>
<th>
<input type="text" placeholder="<?=gettext("search");?>" id="search">
</th>
</tr>
</thead>
</table>
<div style="max-height: 400px; width: 100%; margin: 0; overflow-y: auto;" id="priv_container">
<table class="table table-condensed table-hoover">
<thead>
<tr>
<th style="width:70px;"></th>
<th></th>
</tr>
</thead>
<tbody>
<?php <?php
foreach ($priv_list as $pname => $pdata) : foreach ($priv_list as $pname => $pdata) :?>
if (in_array($pname, $a_user['priv'])) { <tr class="acl_item" data-search-phrase="<?=$pdata['name'];?> <?=!empty($pdata['descr']) ? $pdata['descr'] : "";?>">
continue; <td>
} <input name="sysprivs[]" type="checkbox" value="<?=$pname;?>" <?=in_array($pname, $a_privs) ? "checked=\"checked\"" : "";?>>
?> </td>
<option data-descr="<?=!empty($pdata['descr']) ? $pdata['descr'] : "";?>" value="<?=$pname;?>"> <td><small data-toggle="tooltip" title="<?=!empty($pdata['descr']) ? $pdata['descr'] : "";?>"><?=!empty($pdata['name']) ? $pdata['name'] : $pname;?></small></td>
<?=$pdata['name'];?> </tr>
</option>
<?php <?php
endforeach; ?> endforeach; ?>
</select> </tbody>
<br /> </table>
<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?> </div>
</td> <table class="table table-condensed table-hoover">
<thead>
<tr>
<th style="width:50px;"><input type="checkbox" id="selectall"></th>
<th><?=gettext("Select all (visible)");?></th>
</tr> </tr>
<tr> <tr>
<td><?=gettext("Description");?></td> <th style="width:50px;"><input type="checkbox" id="deselectall"></th>
<td id="pdesc"> <th><?=gettext("Deselect all (visible)");?></th>
<em><?=gettext("Select a privilege from the list above for a description"); ?></em> </tr>
</thead>
</table>
</td> </td>
</tr> </tr>
<tr> <tr>
...@@ -150,7 +235,6 @@ include("head.inc"); ...@@ -150,7 +235,6 @@ include("head.inc");
<td> <td>
<input type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" /> <input type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
<input class="btn btn-default" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" /> <input class="btn btn-default" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" />
<input name="userid" type="hidden" value="<?=$userid;?>" />
</td> </td>
</tr> </tr>
</table> </table>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment