[irc/unrealircd/unrealircd-webpanel.git] / settings / user-role-edit.php

<?php

require_once "../inc/common.php";
require_once "../inc/header.php";
do_log($_POST);
if (!current_user_can(PERMISSION_MANAGE_USERS))
{
    echo "<h4>Access denied</h4>";
    die();
}
$permissions = get_panel_user_permission_list();
$list = get_panel_user_roles_list();

/**
 * Add a new role
 */
$errors = [];
$success = [];


if (isset($_POST['add_role_name']) && $role_name = $_POST['add_role_name'])
{
    foreach ($list as $name => $u) // don't add it if it already exists
    {
        if (!strcmp(to_slug($name),to_slug($role_name)))
        {
            $errors[] = "Cannot create role \"$role_name\": A role with that name already exists.";
            break;
        }
    }
    if (empty($errors)) // so far so good
    {
        $msg = "Added user role \"$role_name\"";
        $permissions = [];
        if (isset($_POST['use_dup_role']) && $dup = $_POST['dup_role']) // if they're duplicating a role
        {
            $permissions = $list[$dup];
            $msg .= ", a duplicate of \"$dup\"";
        }
        $clean_perms = [];
            foreach($permissions as $k => $v)
                $clean_perms[] = $v;

        $config['user_roles'][$role_name] = $clean_perms;
        write_config('user_roles');
        $success[] = $msg;
        $list = get_panel_user_roles_list(); // refresh
        
    }
}


elseif (isset($_POST['del_role_name']) && $role_name = $_POST['del_role_name'])
{
    $found = 0;
    foreach ($list as $name => $u) // don't add it if it already exists
    {
        if (!strcmp(to_slug($name),to_slug($role_name)))
        {
            $found = 1;
            break;
        }
    }
    if ($found) // so far so good
    {
        unset($config['user_roles'][$role_name]);
        write_config('user_roles');
        $success[] = "Successfully deleted role \"$role_name\"";
        $list = get_panel_user_roles_list(); // refresh
    }
    else
        $errors[] = "Could not delete role \"$role_name\": Role does not exist.";
}
?>


<div class="container-xxl row justify-content-between">

<div class="col">
    <h4>User Role Editor</h4>
    <?php if (!empty($errors)) Message::Fail($errors); if (!empty($success)) Message::Success($success); ?>
    Roles are user categories where each has it's own set of permissions.<br>
    Here, you can easily add and edit User Roles to ensure that your team has the appropriate access and permissions they need.<br>
    Once you've created a role, you can assign it to a user on your panel, and they will have the permissions assigned to their role.<br><br>
    <div class="font-italic">Some roles are built-in and cannot be deleted or modified, specifically "<code>Super Admin</code>" and "<code>Read Only</code>"</div><br><br>
    Click a role name to view role permissions.
</div>
<div class="col" id="addnew_collapse">
<form method="post">
    <div class="card card-body" style="max-width:550px">
        <h5>Create New Role</h5>
        <div class="font-italic mb-3">You must create a new role before you can add permissions to it.</div>
        <div class="row input-group ml-0 mb-2">
            <div class="input-group-prepend">
                <span class="input-group-text" style="width:150px">New Role Name</span>
            </div>
            <input id="add_role_name" name="add_role_name" class="form-control" style="min-width:100px;max-width:450px" type="text">
            

        </div>
        <div class="input-group">
            <div class="input-group-prepend">
                <div style="width:150px" class="input-group-text">
                    <input id="use_dup_role" name="use_dup_role" type="checkbox" class="mr-2">Duplicate Role
                </div>
            </div>
            <select name="dup_role" disabled class="custom-select" id="dup_role" style="min-width:100px;max-width:450px">
                <option value="0" selected>None</option>
                <?php
                    foreach($list as $s => $l)
                        echo "<option value=\"$s\">$s</option>";
                ?>
            </select>
        </div>
        <div class="mt-2 text-right">
            <button type="submit" disabled id="role_submit" style="background-color:darkslateblue;color:white" class="btn btn-primary">Create Role</button>
        </div>
        
</form>
    </div>
</div>
</div>
<style>

#permlist #roles_accord .card .card-header .btn-header-link:after {
  content: "\f106";
  font-family: 'Font Awesome 5 Free';
  font-weight: 900;
  float: right;
}

#permlist #roles_accord .card .card-header .btn-header-link.collapsed:after {
  content: "\f107";
}

</style>


<script>
    const add_role_name = document.getElementById("add_role_name");
    const use_dup = document.getElementById("use_dup_role");
    const dup_role = document.getElementById("dup_role");
    const role_submit = document.getElementById("role_submit");

    use_dup.addEventListener('click', e => {
        if (use_dup.checked) {
            dup_role.disabled = false;
        } else {
            dup_role.value = "0";
            dup_role.disabled = true;
        }
    });

    add_role_name.addEventListener('input', e => {
        if (!add_role_name.value.trim().length) // disallow names consisting of just spaces... it doesn't break anything, but it's stupid
            role_submit.disabled = true;
        else
            role_submit.disabled = false;
    });
</script>
<?php

generate_role_list($list);


require_once "../inc/footer.php";
Commit	Line	Data
4b48b46f VP	1	<?php
4b48b46f VP	2
c06c1713 BM	3	require_once "../inc/common.php";
c06c1713 BM	4	require_once "../inc/header.php";
1634b6ac	5	do_log($_POST);
088733d4 VP	6	if (!current_user_can(PERMISSION_MANAGE_USERS))
	7	{
	8	echo "<h4>Access denied</h4>";
	9	die();
	10	}
4b48b46f VP	11	$permissions = get_panel_user_permission_list();
4b48b46f VP	12	$list = get_panel_user_roles_list();
088733d4 VP	13
	14	/**
	15	* Add a new role
	16	*/
	17	$errors = [];
	18	$success = [];
	19
	20
	21
	22	if (isset($_POST['add_role_name']) && $role_name = $_POST['add_role_name'])
	23	{
	24	foreach ($list as $name => $u) // don't add it if it already exists
	25	{
	26	if (!strcmp(to_slug($name),to_slug($role_name)))
	27	{
	28	$errors[] = "Cannot create role \"$role_name\": A role with that name already exists.";
	29	break;
	30	}
	31	}
	32	if (empty($errors)) // so far so good
	33	{
	34	$msg = "Added user role \"$role_name\"";
	35	$permissions = [];
	36	if (isset($_POST['use_dup_role']) && $dup = $_POST['dup_role']) // if they're duplicating a role
	37	{
	38	$permissions = $list[$dup];
	39	$msg .= ", a duplicate of \"$dup\"";
	40	}
088733d4 VP	41	$clean_perms = [];
	42	foreach($permissions as $k => $v)
	43	$clean_perms[] = $v;
	44
1634b6ac VP	45	$config['user_roles'][$role_name] = $clean_perms;
1634b6ac VP	46	write_config('user_roles');
088733d4 VP	47	$success[] = $msg;
	48	$list = get_panel_user_roles_list(); // refresh
	49
	50	}
	51	}
	52
1634b6ac	53
088733d4 VP	54	elseif (isset($_POST['del_role_name']) && $role_name = $_POST['del_role_name'])
	55	{
	56	$found = 0;
	57	foreach ($list as $name => $u) // don't add it if it already exists
	58	{
	59	if (!strcmp(to_slug($name),to_slug($role_name)))
	60	{
	61	$found = 1;
	62	break;
	63	}
	64	}
	65	if ($found) // so far so good
	66	{
1634b6ac VP	67	unset($config['user_roles'][$role_name]);
1634b6ac VP	68	write_config('user_roles');
088733d4 VP	69	$success[] = "Successfully deleted role \"$role_name\"";
	70	$list = get_panel_user_roles_list(); // refresh
	71	}
	72	else
	73	$errors[] = "Could not delete role \"$role_name\": Role does not exist.";
	74	}
4b48b46f VP	75	?>
4b48b46f VP	76
4b48b46f	77
088733d4	78	<div class="container-xxl row justify-content-between">
4b48b46f	79
088733d4 VP	80	<div class="col">
	81	<h4>User Role Editor</h4>
	82	<?php if (!empty($errors)) Message::Fail($errors); if (!empty($success)) Message::Success($success); ?>
	83	Roles are user categories where each has it's own set of permissions.<br>
	84	Here, you can easily add and edit User Roles to ensure that your team has the appropriate access and permissions they need.<br>
	85	Once you've created a role, you can assign it to a user on your panel, and they will have the permissions assigned to their role.<br><br>
	86	<div class="font-italic">Some roles are built-in and cannot be deleted or modified, specifically "<code>Super Admin</code>" and "<code>Read Only</code>"</div><br><br>
	87	Click a role name to view role permissions.
	88	</div>
	89	<div class="col" id="addnew_collapse">
	90	<form method="post">
	91	<div class="card card-body" style="max-width:550px">
	92	<h5>Create New Role</h5>
	93	<div class="font-italic mb-3">You must create a new role before you can add permissions to it.</div>
	94	<div class="row input-group ml-0 mb-2">
	95	<div class="input-group-prepend">
	96	<span class="input-group-text" style="width:150px">New Role Name</span>
	97	</div>
	98	<input id="add_role_name" name="add_role_name" class="form-control" style="min-width:100px;max-width:450px" type="text">
	99
	100
	101	</div>
	102	<div class="input-group">
	103	<div class="input-group-prepend">
	104	<div style="width:150px" class="input-group-text">
	105	<input id="use_dup_role" name="use_dup_role" type="checkbox" class="mr-2">Duplicate Role
	106	</div>
	107	</div>
	108	<select name="dup_role" disabled class="custom-select" id="dup_role" style="min-width:100px;max-width:450px">
	109	<option value="0" selected>None</option>
	110	<?php
	111	foreach($list as $s => $l)
	112	echo "<option value=\"$s\">$s</option>";
	113	?>
	114	</select>
	115	</div>
	116	<div class="mt-2 text-right">
	117	<button type="submit" disabled id="role_submit" style="background-color:darkslateblue;color:white" class="btn btn-primary">Create Role</button>
	118	</div>
	119
	120	</form>
	121	</div>
	122	</div>
	123	</div>
4b48b46f VP	124	<style>
	125
	126	#permlist #roles_accord .card .card-header .btn-header-link:after {
	127	content: "\f106";
	128	font-family: 'Font Awesome 5 Free';
	129	font-weight: 900;
	130	float: right;
	131	}
	132
	133	#permlist #roles_accord .card .card-header .btn-header-link.collapsed:after {
	134	content: "\f107";
	135	}
	136
	137	</style>
088733d4 VP	138
	139
	140	<script>
	141	const add_role_name = document.getElementById("add_role_name");
	142	const use_dup = document.getElementById("use_dup_role");
	143	const dup_role = document.getElementById("dup_role");
	144	const role_submit = document.getElementById("role_submit");
	145
	146	use_dup.addEventListener('click', e => {
	147	if (use_dup.checked) {
	148	dup_role.disabled = false;
	149	} else {
	150	dup_role.value = "0";
	151	dup_role.disabled = true;
	152	}
	153	});
	154
	155	add_role_name.addEventListener('input', e => {
1634b6ac	156	if (!add_role_name.value.trim().length) // disallow names consisting of just spaces... it doesn't break anything, but it's stupid
088733d4 VP	157	role_submit.disabled = true;
	158	else
	159	role_submit.disabled = false;
	160	});
	161	</script>
4b48b46f VP	162	<?php
	163
	164	generate_role_list($list);
	165
088733d4	166
c06c1713	167	require_once "../inc/footer.php";