From: Valerie Pond <redacted>
Date: Sat, 22 Apr 2023 11:06:28 +0000 (+0100)
Subject: More towards the Role Editor
X-Git-Tag: 0.9~122
X-Git-Url: https://jfr.im/git/irc/unrealircd/unrealircd-webpanel.git/commitdiff_plain/088733d43b32b1876edc75c03e51f94c0e4f63bd?hp=9f303b7c3d4a9859030e7b0d62d035975886cdb2

More towards the Role Editor
---

diff --git a/Classes/class-hook.php b/Classes/class-hook.php
index ecb31c8..8b108bd 100644
--- a/Classes/class-hook.php
+++ b/Classes/class-hook.php
@@ -137,6 +137,10 @@ define('HOOKTYPE_USER_ROLE_LIST', 118);
 
 define('HOOKTYPE_EDIT_ROLE', 119);
 
+define('HOOKTYPE_ADD_ROLE', 120);
+
+define('HOOKTYPE_DEL_ROLE', 121);
+
 define('HOOKTYPE_AUTH_MOD', 200);
 
 /** An upgrade has been detected.
diff --git a/Classes/class-paneluser.php b/Classes/class-paneluser.php
index ff41910..9471946 100644
--- a/Classes/class-paneluser.php
+++ b/Classes/class-paneluser.php
@@ -342,7 +342,7 @@ function generate_role_list($list)
 	?>
 		<h5>Roles List:</h5>
 		<div id="permlist">
-		<div class="container-xxl">
+		<div class="container-xxl" style="max-width: 1430px;">
 		<div class="accordion" id="roles_accord">
 
 <?php foreach($list as $role => $slug) {?>
@@ -350,6 +350,7 @@ function generate_role_list($list)
 		<div class="card-header" id="<?php echo to_slug($role); ?>_heading">
 			<div class="btn-header-link btn-block text-left collapsed" type="button" data-toggle="collapse" data-target="#collapse_<?php echo to_slug($role); ?>" aria-expanded="true" aria-controls="collapse_<?php echo to_slug($role); ?>">
 				<?php echo $role ?>
+				<i style="padding-top:-30px;padding-bottom: -30px;"class="fa fa-trash fa-1" aria-hidden="true"></i>
 			</div>
 		</div>
 
diff --git a/plugins/sql_auth/sql_auth.php b/plugins/sql_auth/sql_auth.php
index c12ad18..d71db17 100644
--- a/plugins/sql_auth/sql_auth.php
+++ b/plugins/sql_auth/sql_auth.php
@@ -23,9 +23,18 @@ class sql_auth
 		Hook::func(HOOKTYPE_EDIT_USER, 'sql_auth::edit_core');
 		Hook::func(HOOKTYPE_PRE_OVERVIEW_CARD, 'sql_auth::add_pre_overview_card');
 		Hook::func(HOOKTYPE_UPGRADE, 'sql_auth::create_tables'); // handles upgrades too ;)
+		Hook::func(HOOKTYPE_USER_ROLE_LIST, 'sql_auth::roles_list');
 		AuthModLoaded::$status = 1;
 	}
 
+	public static function roles_list(&$list)
+	{
+		$settings = DbSettings::get();
+		if (isset($settings['user_roles']))
+			foreach($settings['user_roles'] as $r => $role)
+				$list[$r] = $role;
+	}
+
 	public static function add_pre_overview_card($empty)
 	{
 		if (defined('SQL_DEFAULT_USER'))
@@ -85,7 +94,7 @@ class sql_auth
 		$conn->query("CREATE TABLE IF NOT EXISTS " . get_config("mysql::table_prefix") . "settings (
 			id int AUTO_INCREMENT NOT NULL,
 			setting_key VARCHAR(255) NOT NULL,
-			setting_value VARCHAR(255),
+			setting_value VARCHAR(5000),
 			PRIMARY KEY (id),
 			UNIQUE(setting_key)
 		)");
@@ -99,21 +108,25 @@ class sql_auth
 		/* Upgrades: */
 		/* - user_meta: set charset and size */
 		$c = [];
-		if (($columns = $conn->query("SHOW COLUMNS FROM ".get_config("mysql::table_prefix")."user_meta")));
+		if (($columns = $conn->query("SHOW COLUMNS FROM ".get_config("mysql::table_prefix")."user_meta")))
 			$c = $columns->fetchAll();
 		if (!empty($c))
-			$conn->query("ALTER TABLE `".get_config("mysql::table_prefix")."user_meta` CHANGE `meta_value` `meta_value` VARCHAR(5000) CHARACTER SET utf8mb3 COLLATE utf8mb3_bin NULL DEFAULT NULL");
+			$conn->query("ALTER TABLE ".get_config("mysql::table_prefix")."user_meta CHANGE `meta_value` `meta_value` VARCHAR(5000) CHARACTER SET utf8mb3 COLLATE utf8mb3_bin NULL DEFAULT NULL");
 
 		/* - settings: add UNIQUE(setting_key) */
 		$c = [];
-		if (($columns = $conn->query("SHOW INDEXES FROM ".get_config("mysql::table_prefix")."settings WHERE Key_name='setting_key'")));
+		if (($columns = $conn->query("SHOW INDEXES FROM ".get_config("mysql::table_prefix")."settings WHERE Key_name='setting_key'")))
 			$c = $columns->fetchAll();
 		if (empty($c))
+		{
 			$conn->query("ALTER TABLE " . get_config("mysql::table_prefix") . "settings ADD CONSTRAINT setting_key UNIQUE(setting_key)");
-
+		}
+		else
+			$conn->query("ALTER TABLE ".get_config("mysql::table_prefix")."settings CHANGE setting_value setting_value VARCHAR(5000) CHARACTER SET utf8mb3 COLLATE utf8mb3_bin NULL DEFAULT NULL");
+		
 		/* - user_meta: add UNIQUE(meta_key,user_id) */
 		$c = [];
-		if (($columns = $conn->query("SHOW INDEXES FROM ".get_config("mysql::table_prefix")."user_meta WHERE Key_name='meta_key_user_id'")));
+		if (($columns = $conn->query("SHOW INDEXES FROM ".get_config("mysql::table_prefix")."user_meta WHERE Key_name='meta_key_user_id'")))
 			$c = $columns->fetchAll();
 		if (empty($c))
 			$conn->query("ALTER TABLE " . get_config("mysql::table_prefix") . "user_meta ADD CONSTRAINT meta_key_user_id UNIQUE(meta_key,user_id)");
diff --git a/settings/user-role-edit.php b/settings/user-role-edit.php
index 0f39a25..e32eb2d 100644
--- a/settings/user-role-edit.php
+++ b/settings/user-role-edit.php
@@ -2,18 +2,126 @@
 
 require_once "../common.php";
 require_once "../header.php";
-do_log($_POST);
 
+if (!current_user_can(PERMISSION_MANAGE_USERS))
+{
+    echo "<h4>Access denied</h4>";
+    die();
+}
 $permissions = get_panel_user_permission_list();
 $list = get_panel_user_roles_list();
+
+/**
+ * Add a new role
+ */
+$errors = [];
+$success = [];
+
+
+
+if (isset($_POST['add_role_name']) && $role_name = $_POST['add_role_name'])
+{
+    foreach ($list as $name => $u) // don't add it if it already exists
+    {
+        if (!strcmp(to_slug($name),to_slug($role_name)))
+        {
+            $errors[] = "Cannot create role \"$role_name\": A role with that name already exists.";
+            break;
+        }
+    }
+    if (empty($errors)) // so far so good
+    {
+        $msg = "Added user role \"$role_name\"";
+        $permissions = [];
+        if (isset($_POST['use_dup_role']) && $dup = $_POST['dup_role']) // if they're duplicating a role
+        {
+            $permissions = $list[$dup];
+            $msg .= ", a duplicate of \"$dup\"";
+        }
+        $settings = DbSettings::get();
+        $clean_perms = [];
+            foreach($permissions as $k => $v)
+                $clean_perms[] = $v;
+
+        $settings['user_roles'][$role_name] = $clean_perms;
+        DbSettings::set('user_roles', $settings['user_roles']);
+        $success[] = $msg;
+        $list = get_panel_user_roles_list(); // refresh
+        
+    }
+}
+
+elseif (isset($_POST['del_role_name']) && $role_name = $_POST['del_role_name'])
+{
+    $found = 0;
+    foreach ($list as $name => $u) // don't add it if it already exists
+    {
+        if (!strcmp(to_slug($name),to_slug($role_name)))
+        {
+            $found = 1;
+            break;
+        }
+    }
+    if ($found) // so far so good
+    {
+        $settings = DbSettings::get();
+        unset($settings['user_roles'][$role_name]);
+        DbSettings::set('user_roles', $settings['user_roles']);
+        $success[] = "Successfully deleted role \"$role_name\"";
+        $list = get_panel_user_roles_list(); // refresh
+    }
+    else
+        $errors[] = "Could not delete role \"$role_name\": Role does not exist.";
+}
 ?>
 
-<h4>User Role Editor</h4>
 
-Here, you can easily edit user roles to ensure that your team has the appropriate access and permissions they need.<br>
-Some roles are built-in and cannot be deleted or modified.<br><br>
-Click a role name to view role permissions.<br><br>
+<div class="container-xxl row justify-content-between">
 
+<div class="col">
+    <h4>User Role Editor</h4>
+    <?php if (!empty($errors)) Message::Fail($errors); if (!empty($success)) Message::Success($success); ?>
+    Roles are user categories where each has it's own set of permissions.<br>
+    Here, you can easily add and edit User Roles to ensure that your team has the appropriate access and permissions they need.<br>
+    Once you've created a role, you can assign it to a user on your panel, and they will have the permissions assigned to their role.<br><br>
+    <div class="font-italic">Some roles are built-in and cannot be deleted or modified, specifically "<code>Super Admin</code>" and "<code>Read Only</code>"</div><br><br>
+    Click a role name to view role permissions.
+</div>
+<div class="col" id="addnew_collapse">
+<form method="post">
+    <div class="card card-body" style="max-width:550px">
+        <h5>Create New Role</h5>
+        <div class="font-italic mb-3">You must create a new role before you can add permissions to it.</div>
+        <div class="row input-group ml-0 mb-2">
+            <div class="input-group-prepend">
+                <span class="input-group-text" style="width:150px">New Role Name</span>
+            </div>
+            <input id="add_role_name" name="add_role_name" class="form-control" style="min-width:100px;max-width:450px" type="text">
+            
+
+        </div>
+        <div class="input-group">
+            <div class="input-group-prepend">
+                <div style="width:150px" class="input-group-text">
+                    <input id="use_dup_role" name="use_dup_role" type="checkbox" class="mr-2">Duplicate Role
+                </div>
+            </div>
+            <select name="dup_role" disabled class="custom-select" id="dup_role" style="min-width:100px;max-width:450px">
+                <option value="0" selected>None</option>
+                <?php
+                    foreach($list as $s => $l)
+                        echo "<option value=\"$s\">$s</option>";
+                ?>
+            </select>
+        </div>
+        <div class="mt-2 text-right">
+            <button type="submit" disabled id="role_submit" style="background-color:darkslateblue;color:white" class="btn btn-primary">Create Role</button>
+        </div>
+        
+</form>
+    </div>
+</div>
+</div>
 <style>
 
 #permlist #roles_accord .card .card-header .btn-header-link:after {
@@ -28,29 +136,33 @@ Click a role name to view role permissions.<br><br>
 }
 
 </style>
-<div class="row container">
-<p>
-  <button style="background-color:darkslateblue;color:white" class="btn mr-4" type="button" data-toggle="collapse" data-target="#addnew_collapse" aria-expanded="false" aria-controls="addnew_collapse">
-    Create new User Role
-  </button>
-</p>
-<div class="collapse" id="addnew_collapse">
-    <div class="card card-body" style="max-width:550px">
-        <div class="mb-3">Creating a new role:</div>
-        <div class="row input-group ml-0">
-            <div class="input-group-prepend">
-                <span class="input-group-text">Role name</span>
-            </div>
-            <input class="form-control" style="max-width:450px" type="text">
-            <div class="input-group-append">
-                <button style="background-color:darkslateblue;color:white" class="btn btn-primary">Create role</button>
-            </div>
-        </div>
-        <div class="mt-3 font-italic">Note: You must create a new role before you can add permissions to it.</div>
-    </div>
-</div></div>
+
+
+<script>
+    const add_role_name = document.getElementById("add_role_name");
+    const use_dup = document.getElementById("use_dup_role");
+    const dup_role = document.getElementById("dup_role");
+    const role_submit = document.getElementById("role_submit");
+
+    use_dup.addEventListener('click', e => {
+        if (use_dup.checked) {
+            dup_role.disabled = false;
+        } else {
+            dup_role.value = "0";
+            dup_role.disabled = true;
+        }
+    });
+
+    add_role_name.addEventListener('input', e => {
+        if (!add_role_name.value.length)
+            role_submit.disabled = true;
+        else
+            role_submit.disabled = false;
+    });
+</script>
 <?php
 
 generate_role_list($list);
 
+
 require_once "../footer.php";
\ No newline at end of file