search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Changed version to 3.0 to match new OpenEMR release.
[openemr.git] / interface / usergroup / adminacl.php
blobbfcbb9d958d2dd233e5b4299d7b94d973c6cffc7
1 <?php
2 // Copyright (C) 2007 Brady Miller <brady@sparmy.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
8 //
9 //
10 // Allows acl(php-gacl) administration. Heavily ajax and
11 // javascript/jquery dependent. All ajax functions are called
12 // from adminacl_ajax.php
13 //
14 include_once("../globals.php");
15 include_once("$srcdir/acl.inc");
16
17 //ensure user has proper access
18 if (!acl_check('admin', 'acl')) {
19 echo "(" . xl('ACL Administration Not Authorized') . ")";
20 exit;
21 }
22 //ensure phpgacl is installed
23 if (!isset($phpgacl_location)) {
24 echo "(" . xl('PHP-gacl is not installed') . ")";
25 exit;
26 }
27 ?>
28
29 <html>
30 <head>
31 <script type="text/JavaScript" src="../../library/js/jquery121.js"></script>
32 <script type="text/JavaScript" src="../../library/js/jquery.livequery101.js"></script>
33 <script type="text/JavaScript">
34
35 $(document).ready(function(){
36
37 //Show membership section by default
38 $("#membership_show").click();
39 membership_show();
40 //Show membership section by default
41
42 $("a.link_submit").livequery("click", function(){
43 generic_click(this);
44 return false;
45 });
46
47 $("input.button_submit").livequery("click", function(){
48 generic_click(this);
49 return false;
50 });
51
52 $("#membership_show").livequery("click", function(){
53 membership_show();
54 return;
55 });
56
57 $("#acl_show").livequery("click", function(){
58 acl_show();
59 return;
60 });
61
62 $("input.button_acl_add").livequery("click", function(){
63 //if Clear, then reset form
64 if (this.value == "Clear") {
65 $("#acl_error").empty();
66 $("#div_acl_add_form span.alert").empty();
67 return;
68 }
69 //if Cancel, then reset/hide form and show create/remove acl links
70 if (this.value == "Cancel") {
71 $("#div_acl_add_form").hide("slow");
72 $("#acl_error").empty();
73 $("#div_acl_add_form span.alert").empty();
74 $("#none_acl_returns").show();
75 $("#none_acl_list").show();
76 return;
77 }
78 //Submit selected, so send ajax request
79 title = $("#title_field").val();
80 identifier = $("#id_field").val();
81 return_value = $("#return_field").val();
82 description = $("#desc_field").val();
83 $.ajax({
84 type: "POST",
85 url: "../../library/ajax/adminacl_ajax.php",
86 dataType: "xml",
87 data: {
88 control: "acl",
89 action: "add",
90 title: title,
91 identifier: identifier,
92 return_value: return_value,
93 description: description
94 },
95 success: function(xml){
96 //if successful, then show new group
97 if ($(xml).find("success").text() == "SUCCESS") {
98 $("#button_acl_add_cancel").click();
99 acl_show();
100 }
101 //Remove Loading indicator and old errors, then display new errors
102 $("#div_acl_add_form span.loading").hide();
103 $("#acl_error").empty();
104 $("#div_acl_add_form span.alert").empty();
105 $(xml).find("error").each(function(){
106 temparray = $(this).text().split("_");
107 $("#" + temparray[0] + "_error").append(temparray[1]);
108 });
109 $("#acl_error").show();
110 $("#div_acl_add_form span.alert").show();
111 },
112 beforeSend: function(){
113 //Show Loading indicator
114 $("#div_acl_add_form span.loading").show();
115 },
116 error: function(){
117 //Remove Loading indicator and show errors
118 $("#div_acl_add_form span.loading").hide();
119 $("#acl_error").empty();
120 $("#acl_error").append("<span class='alert'>ERROR, unable to collect data from server<br></span>");
121 $("#acl_error").show();
122 }
123 });
124 return false;
125 });
126
127 $("input.button_acl_remove").livequery("click", function(){
128 //if Clear, then reset form
129 if (this.value == "Clear") {
130 $("#acl_error").empty();
131 $("#div_acl_remove_form span.alert").empty();
132 return;
133 }
134 //if Cancel, then reset/hide form and show create/remove acl links
135 if (this.value == "Cancel") {
136 $("#div_acl_remove_form").hide("slow");
137 $("#acl_error").empty();
138 $("#div_acl_remove_form span.alert").empty();
139 $("#none_acl_returns").show();
140 $("#none_acl_list").show();
141 return;
142 }
143 //Ensure confirmed before deleting group
144 confirmDelete = $("input[@name=acl_remove_confirm]:checked").val();
145 if (confirmDelete == "no") { //send confirm alert and exit
146 $("#remove_confirm_error").empty();
147 $("#remove_confirm_error").append("Select Yes to confirm group deletion");
148 return false;
149 }
150 //Delete and confirmed, so send ajax request
151 temparray = $("#acl_field").val().split("-");
152 title = temparray[0];
153 return_value = temparray[1];
154 $.ajax({
155 type: "POST",
156 url: "../../library/ajax/adminacl_ajax.php",
157 dataType: "xml",
158 data: {
159 control: "acl",
160 action: "remove",
161 title: title,
162 return_value: return_value
163 },
164 success: function(xml){
165 //if successful, then show new group
166 if ($(xml).find("success").text() == "SUCCESS") {
167 $("#button_acl_remove_cancel").click();
168 acl_show();
169 }
170 //Remove Loading indicator and old errors, then display new errors
171 $("#div_acl_remove_form span.loading").hide();
172 $("#acl_error").empty();
173 $("#div_acl_remove_form span.alert").empty();
174 $(xml).find("error").each(function(){
175 temparray = $(this).text().split("_");
176 $("#" + temparray[0] + "_error").append(temparray[1]);
177 });
178 $("#acl_error").show();
179 $("#div_acl_remove_form span.alert").show();
180 },
181 beforeSend: function(){
182 //Show Loading indicator
183 $("#div_acl_remove_form span.loading").show();
184 },
185 error: function(){
186 //Remove Loading indicator and show errors
187 $("#div_acl_remove_form span.loading").hide();
188 $("#acl_error").empty();
189 $("#acl_error").append("<span class='alert'>ERROR, unable to collect data from server<br></span>");
190 $("#acl_error").show();
191 }
192 });
193 return false;
194 });
195
196 function membership_show() {
197 if (!$("#membership_show").attr("checked")) {
198 $("#membership_error").empty();
199 $("#membership").hide("slow");
200 return;
201 }
202 //Send ajax request
203 $.ajax({
204 type: "POST",
205 url: "../../library/ajax/adminacl_ajax.php",
206 dataType: "xml",
207 data: {
208 control: "username",
209 action: "list"
210 },
211 success: function(xml){
212 $("#membership_error").empty();
213 $("#membership").empty();
214 $(xml).find("user").each(function(){
215 username = $(this).find("username").text();
216 $("#membership").append("<div id='link_" + username + "'><span class='text'>" + username + "</span><a class='link_submit' href='no_javascript' id='" + username + "_membership_list' title='Edit " + username + "'>(Edit)</a></span><a class='link_submit' href='no_javascript' id='" + username + "_membership_hide' style='display: none' title='Hide " + username + "'>(Hide)</a><span class='alert' style='display: none;'>&nbsp;&nbsp;This user is not a member of any group!!!</span><span class='loading' style='display: none;'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LOADING...</span></div><div id='error_" + username + "'></div><div id='" + username + "' style='display: none'><table class='lists' border='1' bgcolor='white' cellpadding='3' cellspacing='2'><tr><td align='center'><span class='bold'>Active</span></td><td align='center'><span class='bold'>Inactive</span></td></tr><tr><td align='center'><select name='active[]' multiple></select><br /><p align='center'><input class='button_submit' type='button' title='Remove' id='" + username + "_membership_remove' value=' >> '></p></td><td align='center'><select name='inactive[]' multiple></select><br /><p align='center'><input class='button_submit' type='button' title='Add' id='" + username + "_membership_add' value=' << ' ></p></td></tr></table></div>");
217 if ($(this).find("alert").text() == "no membership") {
218 $("#link_" + username + " span.alert").show();
219 }
220 });
221 //Show the username list and remove loading indicator
222 $("#membership").show("slow");
223 $("#membership_edit span.loading:first").hide();
224 },
225 beforeSend: function(){
226 //Show Loading indicator
227 $("#membership_edit span.loading:first").show();
228 },
229 error: function(){
230 //Remove Loading indicator and previous error, if any, then show error
231 $("#membership_edit span.loading:first").hide();
232 $("#membership_error").empty();
233 $("#membership_error").append("<span class='alert'>ERROR, unable to collect data from server<br><br></span>");
234 $("#membership_error").show();
235 }
236 });
237 return;
238 }
239
240 function acl_show() {
241 if (!$("#acl_show").attr("checked")) {
242 $("#acl_error").empty();
243 $("#none_acl_returns").hide();
244 $("#none_acl_list").hide();
245 $("#acl").hide("slow");
246 $("#div_acl_add_form").hide("slow");
247 $("#div_acl_remove_form").hide("slow");
248 return;
249 }
250 //Send ajax request
251 $.ajax({
252 type: "POST",
253 url: "../../library/ajax/adminacl_ajax.php",
254 dataType: "xml",
255 data: {
256 control: "acl",
257 action: "list"
258 },
259 success: function(xml){
260 $("#acl_error").empty();
261 $("#acl").empty();
262 $(xml).find("acl").each(function(){
263 title = $(this).find("title").text();
264 titleDash = title.replace(" ","-");
265 return_value = $(this).find("return").text();
266 note = $(this).find("note").text();
267 $("#acl").append("<div id='acl_link_" + titleDash + "_" + return_value + "'><span class='text' title='" + note + "'>" + title + "-" + return_value + "</span><a class='link_submit' href='no_javascript' id='" + titleDash + "_aco_list_" + return_value + "' title='Edit " + title + "-" + return_value + "'>(Edit)</a></span><a class='link_submit' href='no_javascript' id='" + titleDash + "_acl_hide_" + return_value + "' style='display: none' title='" + title + "'>(Hide)</a><span class='loading' style='display: none;'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LOADING...</span></div><div id='acl_error_" + titleDash + "_" + return_value + "'></div><div id='acl_" + titleDash + "_" + return_value + "' style='display: none'><table border='1' bgcolor='white' cellpadding='3' cellspacing='2'><tr><td align='center'><span class='bold'>Active</span></td><td align='center'><span class='bold'>Inactive</span></td></tr><tr><td align='center'><select name='active[]' size='6' multiple></select><br /><p align='center'><input class='button_submit' type='button' title='Remove' id='" + titleDash +"_aco_remove_" + return_value + "' value=' >> '></p></td><td align='center'><select name='inactive[]' size='6' multiple></select><br /><p align='center'><input class='button_submit' type='button' title='Add' id='" + titleDash + "_aco_add_" + return_value + "' value=' << ' ></p></td></tr></table></div>");
268 });
269 //Show the acl list and add link. Remove loading indicator.
270 $("#acl").show("slow");
271 $("#acl_edit span.loading:first").hide();
272 $("#none_acl_returns").show();
273 $("#none_acl_list").show();
274 },
275 beforeSend: function(){
276 //Show Loading indicator
277 $("#acl_edit span.loading:first").show();
278 },
279 error:function(){
280 //Remove Loading indicator and previous error, if any, then show error
281 $("#acl_edit span.loading:first").hide();
282 $("#acl_error").empty();
283 $("#acl_error").append("<span class='alert'>ERROR, unable to collect data from server<br><br></span>");
284 $("#acl_error").show();
285 }
286 });
287 return;
288 }
289
290 function generic_click(cthis) {
291 //set up variables and html page pointers
292 temparray = cthis.id.split("_");
293 identity = temparray[0];
294 identityFormatted = identity.replace("-"," ");
295 control = temparray[1];
296 action = temparray[2];
297 return_value = temparray[3];
298 if (control == "membership") {
299 contentPointer = "#" + identity;
300 linkPointer = "#link_" + identity;
301 linkPointerPost ="";
302 errorPointer = "#error_" + identity;
303 }
304 if (control == "acl" || control == "aco") {
305 contentPointer = "#acl_" + identity + "_" + return_value;
306 linkPointer = "#acl_link_" + identity + "_" + return_value;
307 linkPointerPost ="";
308 errorPointer = "#acl_error_" + identity + "_" + return_value;
309 }
310 //special cases, show add/remove acl forms
311 if (identity == "none" && control == "acl") { //action == "returns"
312 if (action == "returns") {
313 contentPointer = "#div_acl_add_form";
314 }
315 else if (action == "list") {
316 contentPointer = "#div_acl_remove_form";
317 }
318 linkPointer = "#acl_edit";
319 linkPointerPost =":first";
320 errorPointer = "#acl_error";
321 }
322
323 //If clicked Hide link
324 if (action == "hide") {
325 //Remove stuff and show Edit link
326 $(contentPointer).hide("slow");
327 $(errorPointer).hide();
328 $(linkPointer + " a.link_submit:last").hide();
329 $(linkPointer + " a.link_submit:first").show();
330 return;
331 }
332
333 //If clicked Add with ACO or membership, then collect selections
334 if (action == "add" && !(control == "acl")) {
335 var selected = [];
336 selected = $(contentPointer + " select:last").val();
337 }
338
339 //If clicked Remove with ACO or membership, then collect selections
340 if (action == "remove" && !(control == "acl")) {
341 var selected = [];
342 selected = $(contentPointer + " select:first").val();
343 }
344
345 //Send ajax request
346 $.ajax({
347 type: "POST",
348 url: "../../library/ajax/adminacl_ajax.php",
349 dataType: "xml",
350 data: {
351 name: identityFormatted,
352 control: control,
353 action: action,
354 'selection[]': selected,
355 return_value: return_value
356 },
357 success: function(xml){
358
359 //SPECIAL CASES to show the add/remove acl form, then exit
360 if (identity == "none" && control == "acl") {
361 $(contentPointer + " select").empty();
362 if (action == "returns") {
363 $(xml).find("return").each(function(){
364 $(contentPointer + " select").append("<option>" + $(this).text() + "</option>");
365 });
366 }
367 else if (action == "list") {
368 $(xml).find("acl").each(function(){
369 $(contentPointer + " select").append("<option>" + $(this).find("title").text() + "-" + $(this).find("return").text() + "</option>");
370 });
371 }
372 $(contentPointer + " option").removeAttr('selected');
373 $(contentPointer).show("slow");
374 $("#none_acl_returns").hide();
375 $("#none_acl_list").hide();
376 $(linkPointer + " span.loading" + linkPointerPost).hide();
377 return;
378 }
379
380 if (control == "membership") {
381 //Remove, then re-populate, then set size of selection boxes
382 $(contentPointer + " select").empty();
383 counterActive = 0;
384 counterInactive = 0;
385 $(xml).find("active").find("group").each(function(){
386 $(contentPointer + " select:first").append("<option>" + $(this).text() + "</option>");
387 counterActive = counterActive + 1;
388 });
389 $(xml).find("inactive").find("group").each(function(){
390 $(contentPointer + " select:last").append("<option>" + $(this).text() + "</option>");
391 counterInactive = counterInactive + 1;
392 });
393 $(contentPointer + " option").removeAttr('selected');
394 if (counterActive > counterInactive) {
395 size = counterActive;
396 }
397 else {
398 size = counterInactive;
399 }
400 if (size > 10) {
401 size = 10;
402 }
403 if (counterActive > 0) {
404 //ensure remove the no active group alert
405 $(linkPointer + " span.alert").hide();
406 }
407 }
408
409 if (control == "acl" || control == "aco") {
410 //Remove, then re-populate, then set size of selection boxes
411 $(contentPointer + " select").empty();
412 counterActive = 0;
413 counterInactive = 0;
414 $(xml).find("active").find("section").each(function(){
415 $(contentPointer + " select:first").append("<optgroup label='" + $(this).find("name").text() + "'>");
416 counterActive = counterActive + 1;
417 $(this).find("aco").each(function(){
418 $(contentPointer + " select:first").append("<option value='" + $(this).find("id").text() + "'>" + $(this).find("title").text() + "</option>");
419 counterActive = counterActive + 1;
420 });
421 $(contentPointer + " select:first").append("</optgroup>");
422 });
423 $(xml).find("inactive").find("section").each(function(){
424 $(contentPointer + " select:last").append("<optgroup label='" + $(this).find("name").text() + "'>");
425 counterInactive = counterInactive + 1;
426 $(this).find("aco").each(function(){
427 $(contentPointer + " select:last").append("<option value='" + $(this).find("id").text() + "'>" + $(this).find("title").text() + "</option>");
428 counterInactive = counterInactive + 1;
429 });
430 $(contentPointer + " select:last").append("</optgroup>");
431 });
432 $(contentPointer + " option").removeAttr('selected');
433 if (counterActive > counterInactive) {
434 size = counterActive;
435 }
436 else {
437 size = counterInactive;
438 }
439 if (size > 15) {
440 size = 15;
441 }
442 }
443
444 //display the selection boxes
445 $(contentPointer + " select").attr('size', size);
446 $(contentPointer).show("slow");
447
448 if (action == "list") {
449 //Remove Edit link and show Hide link
450 $(linkPointer + " a.link_submit:first").hide();
451 $(linkPointer + " a.link_submit:last").show();
452 }
453
454 //Remove Loading indicator
455 $(linkPointer + " span.loading" + linkPointerPost).hide();
456
457 //Remove old errors, then display any new errors to user
458 $(errorPointer).empty();
459 $(xml).find("error").each(function(){
460 $(errorPointer).append("<span class='alert'>" + $(this).text() + "<br></span>");
461 $(errorPointer).show();
462 });
463 },
464 beforeSend: function(){
465 //Show Loading indicator
466 $(linkPointer + " span.loading" + linkPointerPost).show();
467 },
468 error: function(){
469 //Remove Loading indicator and show errors
470 $(linkPointer + " span.loading" + linkPointerPost).hide();
471 $(errorPointer).empty();
472 $(errorPointer).append("<span class='alert'>ERROR, unable to collect data from server<br></span>");
473 $(errorPointer).show();
474 }
475 });
476 return;
477 }
478 });
479 </script>
480
481 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
482 <style type="text/css">
483 body {
484 padding: 5pt 15pt 5pt 5pt;
485 margin: 0pt;
486 }
487 .loading {
488 font-family: sans-serif;
489 text-decoration: blink;
490 font-size: 10pt;
491 color: red;
492 font-weight: bold;
493 }
494 .alert {
495 font-family: sans-serif;
496 font-size: 10pt;
497 color: red;
498 font-weight: bold;
499 }
500 .section {
501 border: solid;
502 border-width: 1px;
503 border-color: #0000ff;
504 margin: 0 0 10pt 10pt;
505 padding: 5pt;
506 }
507 </style>
508 </head>
509
510 <body class="body_top">
511 <span class='title'><?php xl('Access Control List Administration','e'); ?></span>&nbsp;
512 <?php if ($phpgacl_location == ($GLOBALS['fileroot']."/gacl")) {
513 echo "<a href='../../gacl/admin/acl_admin.php' onclick='top.restoreSession()'><span class='back'>(Advanced)</span></a>";
514 } ?>
515 <br><br>
516 <div id='membership_edit'>
517 <span class=bold><input type='checkbox' id='membership_show'><?php xl('User Memberships','e'); ?></span>
518 <span class='loading' style='display: none;'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<?php xl('LOADING','e'); ?>...</span>
519 <div id='membership_error'>
520 </div>
521 <div class=section id='membership' style='display: none;'>
522 </div>
523 </div>
524 <div id='acl_edit'>
525 <span class=bold><input type='checkbox' id='acl_show'><?php xl('Groups and Access Controls','e'); ?></span>
526 <a class='link_submit' href='no_javascript' id='none_acl_returns' title='Add New Group' style='display: none;'>(<?php xl('Add New Group','e'); ?>)</a>
527 <a class='link_submit' href='no_javascript' id='none_acl_list' title='Remove Group' style='display: none;'>(<?php xl('Remove Group','e'); ?>)</a>
528 <span class='loading' style='display: none;'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<?php xl('LOADING','e'); ?>...</span>
529 <div id='acl_error'>
530 </div>
531 <div id='div_acl_add_form' style='display: none;'>
532 <form class="section" id="acl_add_form" action="no_javascript" method="post">
533 <span class='bold'>New Group Information</span><span class='loading' style='display: none;'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<?php xl('LOADING','e'); ?>...</span>
534 <table>
535 <tr>
536 <td>
537 <span class='text'><?php xl('Title','e'); ?>:</span>
538 </td>
539 <td>
540 <input type="text" id="title_field"><td><span class="alert" id="title_error"></span></td>
541 </td>
542 </tr>
543 <tr>
544 <td>
545 <span class='text'><?php xl('Identifier(one word)','e'); ?>:</span>
546 </td>
547 <td>
548 <input type="text" id="id_field"><td><span class="alert" id="identifier_error"></span></td>
549 </td>
550 </tr>
551 <tr>
552 <td>
553 <span class='text'><?php xl('Return Value','e'); ?>:</span>
554 </td>
555 <td>
556 <select id="return_field"></select><td><span class="alert" id="return_error"></span></td>
557 </td>
558 </tr>
559 <tr>
560 <td>
561 <span class='text'><?php xl('Description','e'); ?>:</span>
562 </td>
563 <td>
564 <input type="text" id="desc_field"><td><span class="alert" id="description_error"></span></td>
565 </td>
566 </tr>
567 </table>
568 <input type="submit" class="button_acl_add" title="Submit" value="Submit">
569 <input type="reset" class="button_acl_add" title="Clear" value="Clear">
570 <input type="reset" class="button_acl_add" id="button_acl_add_cancel" title="Cancel" value="Cancel">
571 </form>
572 </div>
573 <div id='div_acl_remove_form' style='display: none;'>
574 <form class="section" id="acl_remove_form" action="no_javascript" method="post">
575 <span class='bold'>Remove Group Form</span><span class='loading' style='display: none;'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<?php xl('LOADING','e'); ?>...</span>
576 <table>
577 <tr>
578 <td align="right">
579 <span class='text'><?php xl('Group','e'); ?>:</span>
580 </td>
581 <td>
582 <select id="acl_field"></select><td><span class="alert" id="aclTitle_error"></span></td>
583 </td>
584 </tr>
585 <tr>
586 <td>
587 <span class='text'><?php xl('Do you really want to delete this group','e'); ?>?</span>
588 </td>
589 <td>
590 <input type="radio" name="acl_remove_confirm" value = "yes"><span class='text'><?php xl('Yes','e'); ?></span>
591 <input type="radio" name="acl_remove_confirm" value = "no" checked><span class='text'><?php xl('No','e'); ?></span>
592 <td><span class="alert" id="remove_confirm_error"></span></td>
593 </td>
594 </tr>
595 </table>
596 <input type="submit" class="button_acl_remove" title="Delete" value="Delete">
597 <input type="reset" class="button_acl_remove" id="button_acl_remove_cancel" title="Cancel" value="Cancel">
598 </form>
599 </div>
600 <div class=section id='acl' style='display: none;'>
601 </div>
602 </div>
603 </body>
604 </html>
Mirror of official OpenEMR Sourceforge repository