search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
add return to core/header (#2995)
[openemr.git] / gacl / admin / acl_admin.php
blob22b79697f29ff3db40e09a5f12104709f590c0f3
1 <?php
2 //First make sure user has access
3 require_once("../../interface/globals.php");
4
5 use OpenEMR\Common\Acl\AclMain;
6
7 //ensure user has proper access
8 if (!AclMain::aclCheckCore('admin', 'acl')) {
9 echo xlt('ACL Administration Not Authorized');
10 exit;
11 }
12
13 require_once('gacl_admin.inc.php');
14
15
16 if (!isset($_POST['action']) ) {
17 $_POST['action'] = FALSE;
18 }
19
20 if (!isset($_GET['action']) ) {
21 $_GET['action'] = FALSE;
22 }
23
24 switch ($_POST['action']) {
25 case 'Delete':
26 break;
27 case 'Submit':
28 $gacl_api->debug_text('Submit!!');
29 //showarray($_POST['selected_aco']);
30 //showarray($_POST['selected_aro']);
31
32 //Parse the form values
33 foreach (array('aco','aro','axo') as $type) {
34 $type_array = 'selected_'. $type .'_array';
35 $$type_array = array();
36 if (is_array($_POST['selected_'. $type])) {
37 foreach ($_POST['selected_'. $type] as $value) {
38 $split_value = explode('^', $value);
39 ${$type_array}[$split_value[0]][] = $split_value[1];
40 }
41 }
42 //showarray($$type_array);
43 }
44
45 //Some sanity checks.
46 if (empty($selected_aco_array)) {
47 echo 'Must select at least one Access Control Object<br />' . "\n";
48 exit;
49 }
50
51 if (empty($selected_aro_array) AND empty($_POST['aro_groups'])) {
52 echo 'Must select at least one Access Request Object or Group<br />' . "\n";
53 exit;
54 }
55
56 $enabled = $_POST['enabled'];
57 if (empty($enabled)) {
58 $enabled = 0;
59 }
60
61 //function add_acl($aco_array, $aro_array, $aro_group_ids=NULL, $axo_array=NULL, $axo_group_ids=NULL, $allow=1, $enabled=1, $acl_id=FALSE ) {
62 if (!empty($_POST['acl_id'])) {
63 //Update existing ACL
64 $acl_id = $_POST['acl_id'];
65 if ($gacl_api->edit_acl($acl_id, $selected_aco_array, $selected_aro_array, $_POST['aro_groups'], $selected_axo_array, $_POST['axo_groups'], $_POST['allow'], $enabled, $_POST['return_value'], $_POST['note'], $_POST['acl_section']) == FALSE) {
66 echo 'ERROR editing ACL, possible conflict or error found...<br />' . "\n";
67 exit;
68 }
69 } else {
70 //Insert new ACL.
71 if ($gacl_api->add_acl($selected_aco_array, $selected_aro_array, $_POST['aro_groups'], $selected_axo_array, $_POST['axo_groups'], $_POST['allow'], $enabled, $_POST['return_value'], $_POST['note'], $_POST['acl_section']) == FALSE) {
72 echo 'ERROR adding ACL, possible conflict or error found...<br />' . "\n";
73 exit;
74 }
75 }
76
77 $gacl_api->return_page($_POST['return_page']);
78 break;
79 default:
80 //showarray($_GET);
81 if ($_GET['action'] == 'edit' AND !empty($_GET['acl_id'])) {
82 $gacl_api->debug_text('EDITING ACL');
83
84 //Grab ACL information
85 $query = '
86 SELECT id,section_value,allow,enabled,return_value,note
87 FROM '. $gacl_api->_db_table_prefix .'acl
88 WHERE id='. $db->qstr($_GET['acl_id']);
89 $acl_row = $db->GetRow($query);
90 list($acl_id, $acl_section_value, $allow, $enabled, $return_value, $note) = $acl_row;
91
92 //Grab selected objects
93 foreach (array('aco','aro','axo') as $type) {
94 $type_array = 'options_selected_'. $type;
95 $$type_array = array();
96
97 $query = '
98 SELECT a.section_value,a.value,c.name,b.name
99 FROM '. $gacl_api->_db_table_prefix . $type .'_map a
100 INNER JOIN '. $gacl_api->_db_table_prefix . $type .' b ON b.section_value=a.section_value AND b.value=a.value
101 INNER JOIN '. $gacl_api->_db_table_prefix . $type .'_sections c ON c.value=a.section_value
102 WHERE a.acl_id='. $db->qstr($acl_id);
103 $rs = $db->Execute($query);
104
105 if (is_object($rs)) {
106 while ($row = $rs->FetchRow()) {
107 list($section_value, $value, $section, $obj) = $row;
108 $gacl_api->debug_text("Section Value: $section_value Value: $value Section: $section ACO: $aco");
109 ${$type_array}[$section_value.'^'.$value] = $section.' > '.$obj;
110 }
111 }
112 //showarray($$type_array);
113 }
114
115 //Grab selected groups.
116 foreach (array('aro','axo') as $type) {
117 $type_array = 'selected_'. $type .'_groups';
118
119 $query = '
120 SELECT group_id
121 FROM '. $gacl_api->_db_table_prefix . $type .'_groups_map
122 WHERE acl_id='. $db->qstr($acl_id);
123 $$type_array = $db->GetCol($query);
124 //showarray($$type_array);
125 }
126
127 $show_axo = (!empty($selected_axo_groups) OR !empty($options_selected_axo));
128 } else {
129 $gacl_api->debug_text('NOT EDITING ACL');
130 $allow=1;
131 $enabled=1;
132 $acl_section_value='user';
133
134 $show_axo = isset($_COOKIE['show_axo']) && $_COOKIE['show_axo'] == '1';
135 }
136
137 //Grab sections for select boxes
138 foreach (array('acl','aco','aro','axo') as $type) {
139 $type_array = 'options_'. $type .'_sections';
140 $$type_array = array();
141
142 $query = '
143 SELECT value,name
144 FROM '. $gacl_api->_db_table_prefix . $type .'_sections
145 WHERE hidden=0
146 ORDER BY order_value,name';
147 $rs = $db->Execute($query);
148
149 if (is_object($rs)) {
150 while ($row = $rs->FetchRow()) {
151 ${$type_array}[$row[0]] = $row[1];
152 }
153 }
154
155 ${$type .'_section_id'} = reset($$type_array);
156 }
157
158 //Init the main js array
159 $js_array = 'var options = new Array();' . "\n";
160
161 //Grab objects for select boxes
162 foreach (array('aco','aro','axo') as $type) {
163 //Init the main object js array.
164 $js_array .= 'options[\''. $type .'\'] = new Array();' . "\n";
165
166 unset($tmp_section_value);
167
168 $query = '
169 SELECT section_value,value,name
170 FROM '. $gacl_api->_db_table_prefix . $type .'
171 WHERE hidden=0
172 ORDER BY section_value,order_value,name';
173 $rs = $db->SelectLimit($query,$gacl_api->_max_select_box_items);
174
175 if (is_object($rs)) {
176 while ($row = $rs->FetchRow()) {
177 $section_value = addslashes($row[0]);
178 $value = addslashes($row[1]);
179 $name = addslashes($row[2]);
180
181 //Prepare javascript code for dynamic select box.
182 //Init the javascript sub-array.
183 if (!isset($tmp_section_value) OR $section_value != $tmp_section_value) {
184 $i = 0;
185 $js_array .= 'options[\''. $type .'\'][\''. $section_value . '\'] = new Array();' . "\n";
186 $tmp_section_value = $section_value;
187 }
188
189 //Add each select option for the section
190 $js_array .= 'options[\''. $type .'\'][\''. $section_value .'\']['. $i .'] = new Array(\''. $value . '\', \''. $name . "');\n";
191 $i++;
192 }
193 }
194 }
195
196 //echo "Section ID: $section_id<br />\n";
197 //echo "Section Value: ". $acl_section_value ."<br />\n";
198
199 $smarty->assign('options_acl_sections', $options_acl_sections);
200 $smarty->assign('acl_section_value', $acl_section_value);
201
202 $smarty->assign('options_axo_sections', $options_axo_sections);
203 $smarty->assign('axo_section_value', $axo_section_value);
204
205 $smarty->assign('options_aro_sections', $options_aro_sections);
206 $smarty->assign('aro_section_value', $aro_section_value);
207
208 $smarty->assign('options_aco_sections', $options_aco_sections);
209 $smarty->assign('aco_section_value', $aco_section_value);
210
211 $smarty->assign('js_array', $js_array);
212
213 $smarty->assign('js_aco_array_name', 'aco');
214 $smarty->assign('js_aro_array_name', 'aro');
215 $smarty->assign('js_axo_array_name', 'axo');
216
217 //Grab formatted ARO Groups for select box
218 $smarty->assign('options_aro_groups', $gacl_api->format_groups($gacl_api->sort_groups('ARO')) );
219 $smarty->assign('selected_aro_groups', $selected_aro_groups);
220
221 //Grab formatted AXO Groups for select box
222 $smarty->assign('options_axo_groups', $gacl_api->format_groups($gacl_api->sort_groups('AXO')) );
223 $smarty->assign('selected_axo_groups', $selected_axo_groups);
224
225 $smarty->assign('allow', $allow);
226 $smarty->assign('enabled', $enabled);
227 $smarty->assign('return_value', $return_value);
228 $smarty->assign('note', $note);
229
230 if (isset($options_selected_aco)) {
231 $smarty->assign('options_selected_aco', $options_selected_aco);
232 }
233 $smarty->assign('selected_aco', @array_keys($options_selected_aco));
234
235 if (isset($options_selected_aro)) {
236 $smarty->assign('options_selected_aro', $options_selected_aro);
237 }
238 $smarty->assign('selected_aro', @array_keys($options_selected_aro));
239
240 if (isset($options_selected_axo)) {
241 $smarty->assign('options_selected_axo', $options_selected_axo);
242 }
243 $selected_axo = @array_keys($options_selected_axo);
244
245 $smarty->assign('selected_axo', $selected_axo);
246
247 //Show AXO layer if AXO's are selected.
248 $smarty->assign('show_axo', $show_axo);
249
250 if (isset($_GET['acl_id'])) {
251 $smarty->assign('acl_id', $_GET['acl_id'] );
252 }
253
254 break;
255 }
256
257 //$smarty->assign('return_page', urlencode($_SERVER[REQUEST_URI]) );
258 if (isset($_GET['return_page'])) {
259 $smarty->assign('return_page', $_GET['return_page']);
260 }
261 if (isset($_GET['action'])) {
262 $smarty->assign('action', $_GET['action']);
263 }
264
265 $smarty->assign('current','acl_admin');
266 $smarty->assign('page_title', 'ACL Admin');
267
268 $smarty->assign('phpgacl_version', $gacl_api->get_version() );
269 $smarty->assign('phpgacl_schema_version', $gacl_api->get_schema_version() );
270 $smarty->display('phpgacl/acl_admin.tpl');
271 ?>
Mirror of official OpenEMR Sourceforge repository