search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
update donate link (#4390)
[openemr.git] / gacl / admin / edit_group.php
blob24d265b825ebe8d3b4fdbd323b21941cc41587ff
1 <?php
2 //First make sure user has access
3 require_once("../../interface/globals.php");
4
5 use OpenEMR\Common\Acl\AclMain;
6 use OpenEMR\Common\Csrf\CsrfUtils;
7
8 if (!empty($_POST)) {
9 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
10 CsrfUtils::csrfNotVerified();
11 }
12 }
13
14 //ensure user has proper access
15 if (!AclMain::aclCheckCore('admin', 'acl')) {
16 echo xlt('ACL Administration Not Authorized');
17 exit;
18 }
19
20 require_once('gacl_admin.inc.php');
21
22 // GET takes precedence.
23 if (empty($_GET['group_type'])) {
24 $group_type = $_POST['group_type'];
25 } else {
26 $group_type = $_GET['group_type'];
27 }
28
29 if (empty($_GET['return_page'])) {
30 $return_page = $_POST['return_page'];
31 } else {
32 $return_page = $_GET['return_page'];
33 }
34
35 switch(strtolower(trim($group_type))) {
36 case 'axo':
37 $group_type = 'axo';
38 $group_table = $gacl_api->_db_table_prefix . 'axo_groups';
39 break;
40 default:
41 $group_type = 'aro';
42 $group_table = $gacl_api->_db_table_prefix . 'aro_groups';
43 break;
44 }
45
46 $postAction = $_POST['action'] ?? null;
47 switch ($postAction) {
48 case 'Delete':
49 $gacl_api->debug_text('Delete');
50
51 if (count($_POST['delete_group']) > 0) {
52 //Always reparent children when deleting a group.
53 foreach ($_POST['delete_group'] as $group_id) {
54 $gacl_api->debug_text('Deleting group_id: '. $group_id);
55
56 $result = $gacl_api->del_group($group_id, TRUE, $group_type);
57 if ($result == FALSE) {
58 $retry[] = $group_id;
59 }
60 }
61
62 if (count($retry) > 0) {
63 foreach($retry as $group_id) {
64 $gacl_api->del_group($group_id, TRUE, $group_type);
65 }
66 }
67
68 }
69
70 //Return page.
71 $gacl_api->return_page($return_page);
72 break;
73 case 'Submit':
74 $gacl_api->debug_text('Submit');
75
76 if (empty($_POST['parent_id'])) {
77 $parent_id = 0;
78 } else {
79 $parent_id = $_POST['parent_id'];
80 }
81
82 //Make sure we're not reparenting to ourself.
83 if (!empty($_POST['group_id']) AND $parent_id == $_POST['group_id']) {
84 echo "Sorry, can't reparent to self!<br />\n";
85 exit;
86 }
87
88 //No parent, assume a "root" group, generate a new parent id.
89 if (empty($_POST['group_id'])) {
90 $gacl_api->debug_text('Insert');
91
92 $insert_id = $gacl_api->add_group($_POST['value'], $_POST['name'], $parent_id, $group_type);
93 } else {
94 $gacl_api->debug_text('Update');
95
96 $gacl_api->edit_group($_POST['group_id'], $_POST['value'], $_POST['name'], $parent_id, $group_type);
97 }
98
99 $gacl_api->return_page($return_page);
100 break;
101 default:
102 //Grab specific group data
103 if (!empty($_GET['group_id'])) {
104 $query = '
105 SELECT id,parent_id,value,name
106 FROM '. $group_table .'
107 WHERE id='. (int)$_GET['group_id'];
108
109 list($id, $parent_id, $value, $name) = $db->GetRow($query);
110 //showarray($row);
111 } else {
112 $parent_id = $_GET['parent_id'] ?? null;
113 $value = '';
114 $name = '';
115 }
116
117 $smarty->assign('id', ($id ?? null));
118 $smarty->assign('parent_id', $parent_id);
119 $smarty->assign('value', $value);
120 $smarty->assign('name', $name);
121
122 $smarty->assign('options_groups', $gacl_api->format_groups($gacl_api->sort_groups($group_type)));
123 break;
124 }
125
126 $smarty->assign('group_type', $group_type);
127 $smarty->assign('return_page', $return_page);
128
129 $smarty->assign('current','edit_'. $group_type .'_group');
130 $smarty->assign('page_title', 'Edit '. strtoupper($group_type) .' Group');
131
132 $smarty->assign('phpgacl_version', $gacl_api->get_version());
133 $smarty->assign('phpgacl_schema_version', $gacl_api->get_schema_version());
134
135 $smarty->assign("CSRF_TOKEN_FORM", CsrfUtils::collectCsrfToken());
136
137 $smarty->display('phpgacl/edit_group.tpl');
138 ?>
Mirror of official OpenEMR Sourceforge repository