define('PERMISSION_SPAMFILTER_ADD', 'sf_add');
/** Can delete spamfilter entries */
define('PERMISSION_SPAMFILTER_DEL', 'sf_del');
+/** Can rehash servers */
+define('PERMISSION_REHASH', 'rhs');
/**
* PanelUser
* This is the User class for the SQL_Auth plugin
$user["name"] = $name;
$user["id"] = $id;
$user["object"] = NULL;
-
Hook::run(HOOKTYPE_USER_LOOKUP, $user);
+ if ($user['object'] === null)
+ return; /* no auth module loaded? */
foreach ($user['object'] as $key => $value)
$this->$key = $value;
}
$this->user_meta['permissions'] = serialize($meta);
}
+ /** Updates core user info.
+ * CAUTION: Updating a non-existent column will crash
+ * your shit
+ */
+ function update_core_info($array)
+ {
+ $arr = ['info' => $array, 'user' => $this];
+ Hook::run(HOOKTYPE_EDIT_USER, $arr);
+ }
}
$arr["id"] = $id;
$arr['meta'] = &$array;
Hook::run(HOOKTYPE_USERMETA_GET, $arr);
- do_log($array);
$this->list = $arr['meta'];
}
*/
function unreal_get_current_user() : PanelUser|bool
{
- if (!isset($_SESSION))
- {
- session_set_cookie_params(3600);
- session_start();
- }
- if (isset($_SESSION['id']))
+ if (isset($_SESSION) && isset($_SESSION['id']))
{
$user = new PanelUser(NULL, $_SESSION['id']);
if ($user->id)
*/
function current_user_can($permission) : bool
{
+ if (!is_auth_provided()) // if there is no auth plugin, assume the user handles logins themselves
+ return true;
$user = unreal_get_current_user();
+ if (!$user)
+ return false;
return user_can($user, $permission);
}
$list = [
"Can add/delete/edit Admin Panel users" => PERMISSION_MANAGE_USERS,
"Can ban/kill IRC users" => PERMISSION_BAN_USERS,
- "Can hange properties of a user, i.e. vhost, modes and more" => PERMISSION_EDIT_USER,
+ "Can change properties of a user, i.e. vhost, modes and more" => PERMISSION_EDIT_USER,
"Can change properties of a channel, i.e. topic, modes and more" => PERMISSION_EDIT_CHANNEL,
- "Change properties of a user on a channel i.e give/remove voice or ops and more" => PERMISSION_EDIT_CHANNEL_USER,
+ "Can change properties of a user on a channel i.e give/remove voice or ops and more" => PERMISSION_EDIT_CHANNEL_USER,
"Can add manual bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_ADD,
"Can remove set bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_DEL,
"Can forbid usernames and channels" => PERMISSION_NAME_BAN_ADD,
<?php
}
-}
\ No newline at end of file
+}
+
+function get_panel_user_roles_list()
+{
+ /* Defaults */
+ $list = [
+ "Super Admin" => get_panel_user_permission_list(), // SuperAdmin can do everything
+ "Read Only" => [], // Read Only can do nothing
+ ];
+
+ Hook::run(HOOKTYPE_USER_ROLE_LIST, $list);
+ return $list;
+}
+
+function generate_role_list($list)
+{
+ $list2 = get_panel_user_permission_list();
+ ?>
+ <h5>Roles List:</h5>
+ <div id="permlist">
+ <div class="container-xxl">
+ <div class="accordion" id="roles_accord">
+
+<?php foreach($list as $role => $slug) {?>
+ <div class="card">
+ <div class="card-header" id="<?php echo to_slug($role); ?>_heading">
+ <div class="btn-header-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#collapse_<?php echo to_slug($role); ?>" aria-expanded="true" aria-controls="collapse_<?php echo to_slug($role); ?>">
+ <?php echo $role ?>
+ </div>
+ </div>
+
+ <div id="collapse_<?php echo to_slug($role); ?>" class="collapse" aria-labelledby="<?php echo to_slug($role); ?>_heading" data-parent="#roles_accord">
+ <div id="results_rpc" class="card-body">
+ <?php
+ foreach($list2 as $desc => $slug)
+ {
+ $attributes = "";
+ $attributes .= ($role == "Super Admin" || $role == "Read Only") ? "disabled " : "";
+
+ ?>
+ <div class="input-group">
+ <div class="input-group-prepend">
+ <div class="input-group-text">
+ <input <?php
+ $attributes .= (in_array($slug, $list[$role])) ? "checked" : "";
+ echo $attributes;
+ ?> name="<?php echo to_slug($role); ?>_permissions[]" value="<?php echo $slug; ?>" type="checkbox">
+ </div>
+ </div>
+ <input type="text" readonly class="form-control" value="<?php echo "$desc ($slug)"; ?>">
+ </div>
+
+ <?php
+ }
+ ?>
+ </div>
+ </div>
+ </div>
+<?php }?>
+
+ </div></div><br>
+ <button type="submit" class="btn btn-primary">Save changes</div>
+</div><?php
+
+}