Edit permissions for multiple forms at once

modules/formulize/admin/application.php

@@ -91,8 +91,42 @@
 
 // get list of group ids that have no default screen set
 $groupsWithDefaultScreen = $application_handler->getGroupsWithDefaultScreen();    
+
+
+// Get group lists.
+$groupListSQL = "SELECT gl_id, gl_name, gl_groups FROM ".$xoopsDB->prefix("group_lists")." ORDER BY gl_name";
+$grouplists = array();
+if(isset($_POST['grouplistname']) AND $_POST['grouplistname']) {
+	$selectedGroupList = $_POST['grouplistname'];
+} 
+elseif(isset($_POST['loadthislist']) AND $_POST['loadthislist']) {
+    $selectedGroupList = intval($_POST['loadthislist']);
+} 
+elseif(isset($_POST['useselection'])) {
+    $selectedGroupList = 0;
+} 
+elseif(isset($_POST['grouplists'])) {
+    $selectedGroupList = intval($_POST['grouplists']);
+}
+$grouplists[0]['id'] = 0;
+$grouplists[0]['name'] = "No group list selected";
+$grouplists[0]['selected'] = $selectedGroupList ? "" : " selected";
+if($result = $xoopsDB->query($groupListSQL)) {
+    while($array = $xoopsDB->fetchArray($result)) {
+      	$grouplists[$array['gl_id']]['id'] = $array['gl_id'];
+      	$grouplists[$array['gl_id']]['name'] = $array['gl_name'];
+      	if((is_numeric($selectedGroupList) AND $array['gl_id'] == $selectedGroupList) OR $array['gl_name'] === $selectedGroupList) {
+        	$glSelectedText = " selected";
+        	$selectedGroups = explode(",",$array['gl_groups']);
+      	} 
+      	else {
+        	$glSelectedText = "";
+      	}
+      	$grouplists[$array['gl_id']]['selected'] = $glSelectedText;
+    }
+}
 
-// get the list of groups
+// Get all groups.
 $member_handler = xoops_gethandler('member');
 $allGroups = $member_handler->getGroups();
 $groups = array();
@@ -184,13 +218,13 @@
 }
 
 $i++;
-$adminPage['tabs'][$i]['name'] = "Forms";
+$adminPage['tabs'][$i]['name'] = _AM_APP_FORMS;
 $adminPage['tabs'][$i]['template'] = "db:admin/application_forms.html";
 $adminPage['tabs'][$i]['content'] = $common;
 $adminPage['tabs'][$i]['content']['forms'] = $formsInApp;
 
 $i++;
-$adminPage['tabs'][$i]['name'] = "Screens";
+$adminPage['tabs'][$i]['name'] = _AM_APP_SCREENS;
 $adminPage['tabs'][$i]['template'] = "db:admin/application_screens.html";
 $adminPage['tabs'][$i]['content'] = $common;
 $adminPage['tabs'][$i]['content']['screens'] = $all_screens;
@@ -202,7 +236,18 @@
 $adminPage['tabs'][$i]['content']['relationships'] = $relationships; 
 
 $i++;
-$adminPage['tabs'][$i]['name'] = " Menu Entries";
+$adminPage['tabs'][$i]['name'] = _AM_APP_PERMISSIONS;
+$adminPage['tabs'][$i]['template'] = "db:admin/multiple_permissions.html";
+$adminPage['tabs'][$i]['content'] = $common;
+$adminPage['tabs'][$i]['content']['groups'] = $groups;
+$adminPage['tabs'][$i]['content']['order'] = $orderGroups;
+$adminPage['tabs'][$i]['content']['grouplists'] = $grouplists;
+$adminPage['tabs'][$i]['content']['forms'] = $formsInApp;
+$adminPage['tabs'][$i]['content']['samediff'] = $_POST['same_diff'] == "same" ? "same" : "different";
+$adminPage['tabs'][$i]['content']['groupperms'] = $groupperms;
+
+$i++;
+$adminPage['tabs'][$i]['name'] = _AM_APP_MENU_ENTRIES;
 $adminPage['tabs'][$i]['template'] = "db:admin/application_menu_entries.html";
 $adminPage['tabs'][$i]['content'] = $options + $common;
 $adminPage['tabs'][$i]['content']['links'] = $menulinks;

modules/formulize/admin/home.php

@@ -105,6 +105,7 @@ function readApplicationData($aid, $apps) {
   $apps[$i]['header'] .= '<a href="'.XOOPS_URL.'/modules/formulize/admin/ui.php?page=application&aid='.$aid.'&tab=forms"><i class="icon-form"></i> Forms</a>
 <a href="'.XOOPS_URL.'/modules/formulize/admin/ui.php?page=application&aid='.$aid.'&tab=screens"><i class="icon-screen"></i> Screens</a>
 <a href="'.XOOPS_URL.'/modules/formulize/admin/ui.php?page=application&aid='.$aid.'&tab=relationships"><i class="icon-connection"></i> Relationships</a>
+<a href="'.XOOPS_URL.'/modules/formulize/admin/ui.php?page=application&aid='.$aid.'&tab=permissions"><i class="icon-lock"></i> Permissions</a>
 <a href="'.XOOPS_URL.'/modules/formulize/admin/ui.php?page=application&aid='.$aid.'&tab=menu%20entries"><i class="icon-menu"></i> Menu Entries</a>
 <a href="'.XOOPS_URL.'/modules/formulize/admin/ui.php?page=export&aid='.$aid.'"><i class="icon-download"></i> Export (beta!)</a>';
   if($aid>0) {

modules/formulize/admin/save/multiple_permissions_save.php

@@ -0,0 +1,203 @@
+<?php
+###############################################################################
+##     Formulize - ad hoc form creation and reporting module for XOOPS       ##
+##                    Copyright (c) 2010 Freeform Solutions                  ##
+###############################################################################
+##  This program is free software; you can redistribute it and/or modify     ##
+##  it under the terms of the GNU General Public License as published by     ##
+##  the Free Software Foundation; either version 2 of the License, or        ##
+##  (at your option) any later version.                                      ##
+##                                                                           ##
+##  You may not change or alter any portion of this comment or credits       ##
+##  of supporting developers from this source code or any supporting         ##
+##  source code which is considered copyrighted (c) material of the          ##
+##  original comment or credit authors.                                      ##
+##                                                                           ##
+##  This program is distributed in the hope that it will be useful,          ##
+##  but WITHOUT ANY WARRANTY; without even the implied warranty of           ##
+##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            ##
+##  GNU General Public License for more details.                             ##
+##                                                                           ##
+##  You should have received a copy of the GNU General Public License        ##
+##  along with this program; if not, write to the Free Software              ##
+##  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA ##
+###############################################################################
+##  Author of this file: Freeform Solutions                                  ##
+##  URL: http://www.freeformsolutions.ca/formulize                           ##
+##  Project: Formulize                                                       ##
+###############################################################################
+
+// This file handles the saving of submissions from the multiple_permissions page.
+
+
+// If we aren't coming from what appears to be save.php, then return nothing.
+if(!isset($processedValues)) {
+  return;
+}
+
+$form_handler = xoops_getmodulehandler('forms', 'formulize');
+
+
+echo "POST: ".print_r($_POST, true); // TEMPORARY - for debugging
+
+global $xoopsDB;
+include_once XOOPS_ROOT_PATH . "/modules/formulize/class/usersGroupsPerms.php";
+
+// Loop through each of the selected forms.
+foreach($_POST['forms'] as $form_id) {
+
+	$formObject = $form_handler->get($form_id);
+	// If the form is locked, then do nothing.
+	if($formObject->getVar('lockedform')) {
+ 		return;
+	}
+
+	$formulize_module_id = getFormulizeModId();
+	// If the user doesn't have edit form permission, then do nothing.
+	if(!$gperm_handler->checkRight("edit_form", $form_id, $xoopsUser->getGroups(), $formulize_module_id)) {
+  		return;
+	}
+
+
+	$formulize_permHandler = new formulizePermHandler($form_id);
+	$groupsToClear = array();
+	$filterSettings = array();
+	$group_list = (isset($_POST['group_list']) and is_array($_POST['group_list'])) ? $_POST['group_list'] : array();
+
+	foreach($group_list as $group_id) {
+  		if(!is_numeric($group_id)) {
+    		continue;
+  		}
+
+    	// Delete existing permission records for this group to start with a blank slate.
+    	if (!$xoopsDB->query("DELETE FROM ".$xoopsDB->prefix("group_permission") . " WHERE gperm_groupid='$group_id' AND gperm_itemid='$form_id' AND gperm_modid='$formulize_module_id'")) {
+        	print "Error: could not delete the permissions for group $group_id";
+    	}
+
+    	// Get the list of enabled permissions submitted through the form.
+    	$enabled_permissions = array();
+    	foreach(formulizePermHandler::getPermissionList() as $permission_name) {
+        	if ($_POST[$form_id."_".$group_id."_".$permission_name]) {
+            	$enabled_permissions[] = "($group_id, $form_id, $formulize_module_id, '$permission_name')";
+  			}
+  		}
+
+    	// Enable only the selected permissions.
+    	if (count($enabled_permissions) > 0) {
+        	$insertSQL = "INSERT INTO ".$xoopsDB->prefix("group_permission") . " (`gperm_groupid`, `gperm_itemid`, `gperm_modid`, `gperm_name`) VALUES ".
+            implode(", ", $enabled_permissions);
+
+    		if(!$xoopsDB->query($insertSQL)) {
+      			print "Error: could not set the permissions for group $group_id";
+    		}
+  		}
+
+  		// Deal with specific groupscope settings.
+  		if(!$formulize_permHandler->setGroupScopeGroups($group_id, $_POST["groupsscope_choice_".$form_id."_".$group_id])) {
+			print "Error: could not set the groupscope groups for form $form_id.";
+  		}
+
+  		// Handle the per-group-filter-settings.
+  		$filter_key = $form_id."_".$group_id."_filter";
+
+  		if($_POST["new_".$filter_key."_term"] != "") {
+    		$_POST[$filter_key."_elements"][] = $_POST["new_".$filter_key."_element"];
+    		$_POST[$filter_key."_ops"][] = $_POST["new_".$filter_key."_op"];
+    		$_POST[$filter_key."_terms"][] = $_POST["new_".$filter_key."_term"];
+    		$_POST[$filter_key."_types"][] = "all";
+  		}
+  		if($_POST["new_".$filter_key."_oom_term"] != "") {
+    		$_POST[$filter_key."_elements"][] = $_POST["new_".$filter_key."_oom_element"];
+    		$_POST[$filter_key."_ops"][] = $_POST["new_".$filter_key."_oom_op"];
+    		$_POST[$filter_key."_terms"][] = $_POST["new_".$filter_key."_oom_term"];
+    		$_POST[$filter_key."_types"][] = "oom";
+  		}
+  		$conditionsDeleteParts = explode("_", $_POST['conditionsdelete']);
+  		if($_POST['conditionsdelete'] != "" AND $conditionsDeleteParts[1] == $group_id) { 
+    		// key 1 will be the group id where the X was clicked
+    		// go through the passed filter settings starting from the one we need to remove, and shunt the rest down one space
+    		// need to do this in a loop, because unsetting and key-sorting will maintain the key associations of the remaining high values above the one that was deleted
+    		$originalCount = count($_POST[$filter_key."_elements"]);
+    		for($i=$conditionsDeleteParts[3];$i<$originalCount;$i++) { // 3 is the X that was clicked for this group
+      			if($i>$conditionsDeleteParts[3]) {
+        			$_POST[$filter_key."_elements"][$i-1] = $_POST[$filter_key."_elements"][$i];
+        			$_POST[$filter_key."_ops"][$i-1] = $_POST[$filter_key."_ops"][$i];
+        			$_POST[$filter_key."_terms"][$i-1] = $_POST[$filter_key."_terms"][$i];
+        			$_POST[$filter_key."_types"][$i-1] = $_POST[$filter_key."_types"][$i];
+      			}
+      			if($i==$conditionsDeleteParts[3] OR $i+1 == $originalCount) {
+        			// first time through or last time through, unset the first elements
+        			unset($_POST[$filter_key."_elements"][$i]);
+        			unset($_POST[$filter_key."_ops"][$i]);
+        			unset($_POST[$filter_key."_terms"][$i]);
+        			unset($_POST[$filter_key."_types"][$i]);
+      			}
+    		}
+		}
+
+  		if(!is_array($_POST[$filter_key."_elements"]) OR count($_POST[$filter_key."_elements"]) == 0) {
+    		$groupsToClear[] = $group_id;
+  		} 
+  		else {
+    		$filterSettings[$group_id][0] = $_POST[$filter_key."_elements"];
+    		$filterSettings[$group_id][1] = $_POST[$filter_key."_ops"];
+    		$filterSettings[$group_id][2] = $_POST[$filter_key."_terms"];
+    		$filterSettings[$group_id][3] = $_POST[$filter_key."_types"];
+  		}
+	}
+
+	// Now update the per group filters.
+	if(count($groupsToClear)>0) {
+  	$form_handler->clearPerGroupFilters($groupsToClear, $form_id);
+	}
+	if(count($filterSettings)>0) {
+  	$form_handler->setPerGroupFilters($filterSettings, $form_id);
+	}
+
+	if($_POST['reload'] OR $_POST['loadthislist']) {
+  		print "/* eval */ window.document.getElementById('form-".intval($_POST['form_number'])."').submit();";
+	} 
+
+} // End foreach $fid.
+
+
+
+// Check to see if we're dealing with a grouplist save or deletion.
+if($_POST['grouplistname']) {
+
+  $groupListId = intval($_POST['grouplistid']);
+  $groupListGroups = formulize_escape(implode(",",$_POST['groups']));
+  $name = formulize_escape($_POST['grouplistname']);
+
+  // Are we inserting or updating? 
+  $newList = $groupListId == 0 ? true : false;
+  if(!$newList) {
+	  // Get exisitng name to see if we update, or create new.	
+	  $result = $xoopsDB->query("SELECT gl_name FROM ".$xoopsDB->prefix("group_lists")." WHERE gl_id='".intval($groupListId)."'");
+	  if($xoopsDB->getRowsNum($result) > 0) {
+      $entry = $xoopsDB->fetchArray($result); 
+      if($entry['gl_name'] != $name) { 
+				$newList = true;
+			}				  
+	  }
+	}
+  if($newList) {
+    $grouplist_query = "INSERT INTO ". $xoopsDB->prefix("group_lists") . " (gl_name, gl_groups) VALUES ('" . $name . "', '" . $groupListGroups . "')";
+    $groupListId = $xoopsDB->getInsertId();
+  } else {
+    $grouplist_query = "UPDATE ". $xoopsDB->prefix("group_lists") . " SET gl_groups = '" . $groupListGroups . "', gl_name = '".$name."' WHERE gl_id='" . $groupListId . "'";
+  }
+  if(!$grouplist_result = $xoopsDB->query($grouplist_query)) {
+    print "Error: could not add a group list ".$xoopsDB->error(); 
+  }
+}
+
+
+if ($_POST['removelistid']) {
+    if ($removelistid = intval($_POST['removelistid'])) {
+        if (!$delete_result = $xoopsDB->query("DELETE FROM ".$xoopsDB->prefix("group_lists") . " WHERE gl_id='" . $removelistid . "'")) {
+            print "Error: could not delete group list ".$xoopsDB->error();
+        }
+    }
+    $_SESSION['formulize_selectedGroupList'] = 0;
+}

modules/formulize/admin/ui.php

@@ -83,6 +83,9 @@
 	case "relationship":
 		include "relationship.php";
 		break;
+	case "permissions":
+		include "permissions.php";
+		break;
 	case "element":
 		include "element.php";
 		break;

modules/formulize/language/english/admin.php

@@ -12,6 +12,8 @@
 define("_AM_APP_RELATIONSHIPS","Relationships");
 define("_AM_APP_FORMWITHNOAPP","Forms that don't belong to an application");
 define("_AM_APP_SCREENS","Screens");
+define("_AM_APP_MENU_ENTRIES"," Menu Entries");
+define("_AM_APP_PERMISSIONS","Permissions");
 define("_AM_APP_NEWFORM","New form");
 define("_AM_APP_USETITLE","Use the form's title");
 define("_AM_APP_NAMEQUESTION","What is the name of this Application?");
@@ -107,6 +109,8 @@
 
 /*mod Language for permissions*/
 define("_AM_PERMISSIONS_CHOOSE_GROUPS","Which groups do you want to set permissions for?");
+define("_AM_PERMISSIONS_CHOOSE_FORMS","Which forms do you want to set permissions for?");
+define("_AM_PERMISSIONS_SHOW_PERMS_FOR_GROUPS", "Show permissions for these groups");
 define("_AM_PERMISSIONS_LIST_GROUPS","List groups alphabetically or in creation order?");
 define("_AM_PERMISSIONS_LIST_ALPHA","Alphabetical");
 define("_AM_PERMISSIONS_LIST_CREATION","Creation order");
@@ -118,6 +122,7 @@
 define("_AM_PERMISSIONS_SAME_CHECKBOX_NO","No, I will set each group individually");
 define("_AM_PERMISSIONS_SAME_CHECKBOX_EXPLAIN","You can change this setting at any time while you are adjusting the checkboxes.  Set it to <b>Yes</b>, to quickly set some checkboxes the same for all groups.  Change it to <b>No</b> when you need to set specific checkboxes for only certain groups.");
 define("_AM_PERMISSIONS_SELECT_GROUP","Select some groups to see their permissions");
+define("_AM_PERMISSIONS_SELECTS_FORMS_AND_GROUPS","Select forms and groups to view a group's current permissions");
 define("_AM_PERMISSIONS_DEFINE_BASIC","The basics:");
 define("_AM_PERMISSIONS_DEFINE_VIEWFORM","View the form");
 define("_AM_PERMISSIONS_DEFINE_CREATEOWNENTRIES","Create their own entries in the form");
@@ -149,6 +154,10 @@
 define("_AM_PERMISSIONS_ADVANCED_ALTER","Alter this form's configuration settings");
 define("_AM_PERMISSIONS_ADVANCED_DELETEFORM","Delete this form");
 define("_AM_PERMISSIONS_REVIEW_PERMISSIONS","Review permissions for a user");
+define("_AM_MULTIPLE_FORM_PERMISSIONS","Multiple Form Permissions");
+define("_AM_MULTIPLE_PERMISSIONS_HOW_TO_APPLY","How do you want these permissions to be applied?");
+define("_AM_MULTIPLE_PERMISSIONS_ADD_ONLY","Only add new permissions, but don't remove any if the checkboxes are left unchecked.");
+define("_AM_MULTIPLE_PERMISSIONS_ADD_REMOVE","Start with a blank slate and apply these exact permissions.");
 
 /*mod Language for procedures*/
 define("_AM_CALC_EXPLAIN","let you create a series of queries and logical steps, that get carried out on the data that users have submitted in the form.  You can use Procedures for advanced, multi-step calculations, or any other situation where a single query or single operation is not enough to get to the outcome you want.");