gacl/admin/assign_group.php

   1 <?php
   2 //First make sure user has access
   3 require_once("../../interface/globals.php");
   4
   5 use OpenEMR\Common\Acl\AclMain;
   6
   7 //ensure user has proper access
   8 if (!AclMain::aclCheckCore('admin', 'acl')) {
   9             echo xlt('ACL Administration Not Authorized');
  10             exit;
  11 }
  12
  13 require_once('gacl_admin.inc.php');
  14
  15 //GET takes precedence.
  16 if ($_GET['group_type'] != '') {
  17         $group_type = $_GET['group_type'];
  18 } else {
  19         $group_type = $_POST['group_type'];
  20 }
  21
  22 switch(strtolower(trim($group_type))) {
  23         case 'axo':
  24                 $group_type = 'axo';
  25                 $table = $gacl_api->_db_table_prefix . 'axo';
  26                 $group_table = $gacl_api->_db_table_prefix . 'axo_groups';
  27                 $group_sections_table = $gacl_api->_db_table_prefix . 'axo_sections';
  28                 $group_map_table = $gacl_api->_db_table_prefix . 'groups_axo_map';
  29                 $object_type = 'Access eXtension Object';
  30                 break;
  31         default:
  32                 $group_type = 'aro';
  33                 $table = $gacl_api->_db_table_prefix . 'aro';
  34                 $group_table = $gacl_api->_db_table_prefix . 'aro_groups';
  35                 $group_sections_table = $gacl_api->_db_table_prefix . 'aro_sections';
  36                 $group_map_table = $gacl_api->_db_table_prefix . 'groups_aro_map';
  37                 $object_type = 'Access Request Object';
  38                 break;
  39 }
  40
  41 switch ($_POST['action']) {
  42         case 'Remove':
  43                 $gacl_api->debug_text('Delete!!');
  44
  45                 //Parse the form values
  46                 //foreach ($_POST['delete_assigned_aro'] as $aro_value) {
  47                 while (list(,$object_value) = @each($_POST['delete_assigned_object'])) {
  48                         $split_object_value = explode('^', $object_value);
  49                         $selected_object_array[$split_object_value[0]][] = $split_object_value[1];
  50                 }
  51
  52                 //Insert Object -> GROUP mappings
  53                 while (list($object_section_value,$object_array) = @each($selected_object_array)) {
  54                         $gacl_api->debug_text('Assign: Object ID: '. $object_section_value .' to Group: '. $_POST['group_id']);
  55
  56                         foreach ($object_array as $object_value) {
  57                                 $gacl_api->del_group_object($_POST['group_id'], $object_section_value, $object_value, $group_type);
  58                         }
  59                 }
  60
  61                 //Return page.
  62                 $gacl_api->return_page($_SERVER['PHP_SELF'] .'?group_type='. $_POST['group_type'] .'&group_id='. $_POST['group_id']);
  63
  64                 break;
  65         case 'Submit':
  66                 $gacl_api->debug_text('Submit!!');
  67
  68                 //showarray($_POST['selected_'.$_POST['group_type']]);
  69                 //Parse the form values
  70                 //foreach ($_POST['selected_aro'] as $aro_value) {
  71                 while (list(,$object_value) = @each($_POST['selected_'.$_POST['group_type']])) {
  72                         $split_object_value = explode('^', $object_value);
  73                         $selected_object_array[$split_object_value[0]][] = $split_object_value[1];
  74                 }
  75
  76                 //Insert ARO -> GROUP mappings
  77                 while (list($object_section_value,$object_array) = @each($selected_object_array)) {
  78                         $gacl_api->debug_text('Assign: Object ID: '. $object_section_value .' to Group: '. $_POST['group_id']);
  79
  80                         foreach ($object_array as $object_value) {
  81                                 $gacl_api->add_group_object($_POST['group_id'], $object_section_value, $object_value, $group_type);
  82                         }
  83                 }
  84
  85                 $gacl_api->return_page($_SERVER['PHP_SELF'] .'?group_type='. $_POST['group_type'] .'&group_id='. $_POST['group_id']);
  86
  87                 break;
  88         default:
  89         //
  90         //Grab all sections for select box
  91         //
  92         $query = 'SELECT value,name FROM '. $group_sections_table .' ORDER BY order_value,name';
  93         $rs = $db->Execute($query);
  94
  95         $options_sections = array();
  96
  97         if (is_object($rs)) {
  98                 while ($row = $rs->FetchRow()) {
  99                         $options_sections[$row[0]] = $row[1];
 100                 }
 101         }
 102
 103         //showarray($options_sections);
 104         $smarty->assign('options_sections', $options_sections);
 105         $smarty->assign('section_value', reset($options_sections));
 106
 107         //
 108         //Grab all objects for select box
 109         //
 110         $query = 'SELECT section_value,value,name FROM '. $table .' ORDER BY section_value,order_value,name';
 111         $rs = $db->SelectLimit($query, $gacl_api->_max_select_box_items);
 112
 113         $js_array_name = 'options[\''. $group_type .'\']';
 114         //Init the main aro js array.
 115         $js_array = 'var options = new Array();' . "\n";
 116         $js_array .= $js_array_name .' = new Array();' . "\n";
 117
 118         unset($tmp_section_value);
 119
 120         if (is_object($rs)) {
 121                 while ($row = $rs->FetchRow()) {
 122                         //list($section_value, $value, $name) = $row;
 123
 124                         $section_value = addslashes($row[0]);
 125                         $value = addslashes($row[1]);
 126                         $name = addslashes($row[2]);
 127
 128                         //Prepare javascript code for dynamic select box.
 129                         //Init the javascript sub-array.
 130                         if (!isset($tmp_section_value) OR $section_value != $tmp_section_value) {
 131                                 $i = 0;
 132                                 $js_array .= $js_array_name .'[\''. $section_value .'\'] = new Array();' . "\n";
 133                         }
 134
 135                         //Add each select option for the section
 136                         $js_array .= $js_array_name .'[\''. $section_value .'\']['. $i .'] = new Array(\''. $value .'\', \''. $name ."');\n";
 137
 138                         $tmp_section_value = $section_value;
 139                         $i++;
 140                 }
 141         }
 142
 143         $smarty->assign('js_array', $js_array);
 144         $smarty->assign('js_array_name', $group_type);
 145
 146         //Grab list of assigned Objects
 147         $query = '
 148                 SELECT  b.section_value,b.value,b.name AS b_name,c.name AS c_name
 149                 FROM    '. $group_map_table .' a
 150                 INNER JOIN      '. $table .' b ON b.id=a.'. $group_type .'_id
 151                 INNER JOIN      '. $group_sections_table .' c ON c.value=b.section_value
 152                 WHERE   a.group_id='. $db->qstr($_GET['group_id']) .'
 153                 ORDER BY c.name, b.name';
 154         //$rs = $db->Execute($query);
 155         $rs = $db->PageExecute($query, $gacl_api->_items_per_page, $_GET['page']);
 156
 157         $object_rows = array();
 158
 159         if (is_object($rs)) {
 160                 while ($row = $rs->FetchRow()) {
 161                         list($section_value, $value, $name, $section) = $row;
 162
 163                         $object_rows[] = array(
 164                                 'section_value' => $row[0],
 165                                 'value' => $row[1],
 166                                 'name' => $row[2],
 167                                 'section' => $row[3]
 168                         );
 169                 }
 170
 171                 $smarty->assign('total_objects', $rs->_maxRecordCount);
 172
 173                 $smarty->assign('paging_data', $gacl_api->get_paging_data($rs));
 174         }
 175         //showarray($aros);
 176
 177         $smarty->assign('rows', $object_rows);
 178
 179         //Get group name.
 180         $group_data = $gacl_api->get_group_data($_GET['group_id'], $group_type);
 181         $smarty->assign('group_name', $group_data[2]);
 182
 183         $smarty->assign('group_id', $_GET['group_id']);
 184
 185         break;
 186 }
 187
 188 $smarty->assign('group_type', $group_type);
 189 $smarty->assign('object_type', $object_type);
 190 $smarty->assign('return_page', $_SERVER['REQUEST_URI'] );
 191
 192 $smarty->assign('current','assign_group_'. $group_type);
 193 $smarty->assign('page_title', 'Assign Group - '. strtoupper($group_type));
 194
 195 $smarty->assign('phpgacl_version', $gacl_api->get_version() );
 196 $smarty->assign('phpgacl_schema_version', $gacl_api->get_schema_version() );
 197
 198 $smarty->display('phpgacl/assign_group.tpl');
 199 ?>