<?php
/**
* auth_admin.inc
* Administrate users and authorization scheme.
* @copyright Copyright(c) 2002-2010 Bjorn Winberg
* @author Bjorn Winberg <cms@anomalye.net>
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License version 2
* @package AnomalyWiki
*/
system_loadSettings('authadmin');
system_loadSettings('admin');
$GLOBALS['_T']['system']['modules']['authadmin'] = array(
'name' => system_loadStr('AUTHADMIN_MODULE'),
'version' => '0.6.0',
);
system_loadModule('auth');
/**
* Standard display function.
*/
function authadmin_controller(){
if(!system_requireAuthorization('AUTH/ADMIN_')){
trigger_error(system_loadStr('SYSTEM_PERMISSIONDENIED'), E_USER_WARNING);
return;
}
$GLOBALS['sysEnv']['dynamicHeaders'][] = $GLOBALS['_C']['SYSTEM_NO_BOTS'];
$logStr = false;
$timeStamp = time();
if($GLOBALS['_IN']['a']['enc'] == 'addgroup'){
if(system_readParamStr('name', 1, $GLOBALS['_S']['system']['LENGTH_S'])){
system_readParamStr('description', 0, $GLOBALS['_S']['system']['LENGTH_S']);
$dbKey = system_dbKey('AUTH_GROUPLIST');
$groups = system_dbRead($dbKey);
$logId = 'AUTHADMIN_LOG_EDITGROUP';
if(!isset($groups[$GLOBALS['_IN']['name']['enc']]['actions'])){
$logId = 'AUTHADMIN_LOG_ADDGROUP';
$groups[$GLOBALS['_IN']['name']['enc']]['actions'] = array();
}
$groups[$GLOBALS['_IN']['name']['enc']]['description'] = $GLOBALS['_IN']['description']['enc'];
ksort($groups);
system_dbWrite($dbKey, $groups);
$logStr = system_loadStr($logId, array(system_getSafeStr($GLOBALS['_IN']['name']['enc'])));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
}
else{
trigger_error(system_loadStr('SYSTEM_DATA_INPUT_FAIL'), E_USER_WARNING);
}
return authadmin_generateGroupList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'addaction'){
if(system_readParamStr('name', 1, $GLOBALS['_S']['system']['LENGTH_S'])){
$dbKey = system_dbKey('AUTH_ACTIONLIST');
$actions = system_dbRead($dbKey);
$actions[$GLOBALS['_IN']['name']['enc']] = 0;
ksort($actions);
system_dbWrite($dbKey, $actions);
$logStr = system_loadStr('AUTHADMIN_LOG_ADDACTION', array(system_getSafeStr($GLOBALS['_IN']['name']['enc'])));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
}
else{
trigger_error(system_loadStr('SYSTEM_DATA_INPUT_FAIL'), E_USER_WARNING);
}
return authadmin_generateActionList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'deletegroup'){
system_readParamStr('name', 1, $GLOBALS['_S']['system']['LENGTH_S']);
$dbKey = system_dbKey('AUTH_GROUPLIST');
$groups = system_dbRead($dbKey);
if(isset($groups[$GLOBALS['_IN']['name']['enc']])){
unset($groups[$GLOBALS['_IN']['name']['enc']]);
system_dbWrite($dbKey, $groups);
$logStr = system_loadStr('AUTHADMIN_LOG_DELETEGROUP', array(system_getSafeStr($GLOBALS['_IN']['name']['enc'])));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
}
else{
trigger_error(system_loadStr('AUTHADMIN_DELETEGROUP_FAIL', array(system_getSafeStr($GLOBALS['_IN']['name']['enc']))), E_USER_WARNING);
}
return authadmin_generateGroupList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'deleteaction'){
system_readParamStr('name', 1, $GLOBALS['_S']['system']['LENGTH_S']);
$dbKey = system_dbKey('AUTH_ACTIONLIST');
$actions = system_dbRead($dbKey);
if(isset($actions[$GLOBALS['_IN']['name']['enc']])){
unset($actions[$GLOBALS['_IN']['name']['enc']]);
system_dbWrite($dbKey, $actions);
$logStr = system_loadStr('AUTHADMIN_LOG_DELETEACTION', array(system_getSafeStr($GLOBALS['_IN']['name']['enc'])));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
}
else{
trigger_error(system_loadStr('AUTHADMIN_DELETEACTION_FAIL', array(system_getSafeStr($GLOBALS['_IN']['name']['enc']))), E_USER_WARNING);
}
return authadmin_generateActionList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'users'){
return authadmin_generateUserList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'actions'){
return authadmin_generateActionList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'groups'){
return authadmin_generateGroupList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'edituser'){
system_loadModule('auth');
system_readParamStr('name', 0, $GLOBALS['_S']['system']['LENGTH_XS']);
system_parseAsUId('name');
return authadmin_generateGrantList($GLOBALS['_IN']['name']['UId']);
}
elseif($GLOBALS['_IN']['a']['enc'] == 'editgroup'){
system_readParamStr('name', 0, $GLOBALS['_S']['system']['LENGTH_S']);
return authadmin_generateGroupActionList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'grantgroup'){
system_readParamStr('name', 0, $GLOBALS['_S']['system']['LENGTH_XS']);
system_parseAsUId('name');
system_readParamStr('group', 0, $GLOBALS['_S']['system']['LENGTH_S']);
$userName = $GLOBALS['_IN']['name']['UId'];
$userDbKey = system_dbKey('AUTH_USER', array($userName));
$userItem = system_dbRead($userDbKey);
$group = $GLOBALS['_IN']['group']['enc'];
if($userItem !== false && $group !== ''){
$userItem['authGroups'][$group] = 0;
system_dbWrite($userDbKey, $userItem);
$logStr = system_loadStr('AUTHADMIN_LOG_GRANTGROUP', array(system_getSafeStr($userItem['nameDisplay']), system_getSafeStr($group)));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
}
return authadmin_generateGrantList($userName);
}
elseif($GLOBALS['_IN']['a']['enc'] == 'ungrantgroup'){
system_readParamStr('name', 0, $GLOBALS['_S']['system']['LENGTH_XS']);
system_parseAsUId('name');
system_readParamStr('group', 0, $GLOBALS['_S']['system']['LENGTH_S']);
$userName = $GLOBALS['_IN']['name']['UId'];
$userDbKey = system_dbKey('AUTH_USER', array($userName));
$userItem = system_dbRead($userDbKey);
$group = $GLOBALS['_IN']['group']['enc'];
if($userItem !== false){
unset($userItem['authGroups'][$group]);
system_dbWrite($userDbKey, $userItem);
$logStr = system_loadStr('AUTHADMIN_LOG_UNGRANTGROUP', array(system_getSafeStr($userItem['nameDisplay']), system_getSafeStr($group)));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
}
return authadmin_generateGrantList($userName);
}
elseif($GLOBALS['_IN']['a']['enc'] == 'grantaction'){
system_readParamStr('name', 0, $GLOBALS['_S']['system']['LENGTH_S']);
system_readParamStr('action', 0, $GLOBALS['_S']['system']['LENGTH_S']);
$dbKey = system_dbKey('AUTH_GROUPLIST');
$groupVec = system_dbRead($dbKey);
$action = $GLOBALS['_IN']['action']['enc'];
$name = $GLOBALS['_IN']['name']['enc'];
if(isset($groupVec[$name]) && $action !== ""){
$groupVec[$name]['actions'][$action] = 0;
system_dbWrite($dbKey, $groupVec);
$logStr = system_loadStr('AUTHADMIN_LOG_GRANTACTION', array(system_getSafeStr($action), system_getSafeStr($name)));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
}
return authadmin_generateGroupActionList();
}
elseif($GLOBALS['_IN']['a']['enc'] == 'ungrantaction'){
system_readParamStr('name', 0, $GLOBALS['_S']['system']['LENGTH_S']);
system_readParamStr('action', 0, $GLOBALS['_S']['system']['LENGTH_S']);
$dbKey = system_dbKey('AUTH_GROUPLIST');
$groupVec = system_dbRead($dbKey);
$action = $GLOBALS['_IN']['action']['enc'];
$name = $GLOBALS['_IN']['name']['enc'];
if(isset($groupVec[$name]['actions']) && $action !== ''){
unset($groupVec[$name]['actions'][$action]);
system_dbWrite($dbKey, $groupVec);
$logStr = system_loadStr('AUTHADMIN_LOG_UNGRANTACTION', array(system_getSafeStr($action), system_getSafeStr($name)));
system_logEntry($timeStamp, 'auth', $logStr);
trigger_error($logStr, E_USER_NOTICE);
return authadmin_generateGroupActionList();
}
}
elseif($GLOBALS['_IN']['a']['enc'] == 'deleteuser'){
system_readParamStr('name', 0, $GLOBALS['_S']['system']['LENGTH_S'], false, true);
system_loadModule('auth');
if(authadmin_deleteUser($GLOBALS['_IN']['name']['UId']) === false){
trigger_error(system_loadStr('AUTHADMIN_LU_DELETE_FAIL'), E_USER_WARNING);
}
return authadmin_generateUserList();
}
return false;
}
/**
* Generate the group list.
* @access private
*/
function authadmin_generateGroupList(){
$GLOBALS['_T']['authadmin']['groupList'] = system_dbRead(system_dbKey('AUTH_GROUPLIST'));
if($GLOBALS['_T']['authadmin']['groupList'] === false){
$GLOBALS['_T']['authadmin']['groupList'] = array();
}
ksort($GLOBALS['_T']['authadmin']['groupList']);
return system_applyTemplate('authadmin_listGroups.inc');
}
/**
* Generate the action list.
* @access private
*/
function authadmin_generateActionList(){
$GLOBALS['_T']['authadmin']['actionList'] = system_dbRead(system_dbKey('AUTH_ACTIONLIST'));
if($GLOBALS['_T']['authadmin']['actionList'] === false){
$GLOBALS['_T']['authadmin']['actionList'] = array();
}
ksort($GLOBALS['_T']['authadmin']['actionList']);
return system_applyTemplate('authadmin_listActions.inc');
}
/**
* Generate list of actions in a group.
* @access private
*/
function authadmin_generateGroupActionList(){
$GLOBALS['_T']['authadmin']['groupList'] = system_dbRead(system_dbKey('AUTH_GROUPLIST'));
$GLOBALS['_T']['authadmin']['actionList'] = system_dbRead(system_dbKey('AUTH_ACTIONLIST'));
$groupList = &$GLOBALS['_T']['authadmin']['groupList'];
$name = $GLOBALS['_T']['authadmin']['groupName'] = $GLOBALS['_IN']['name']['enc'];
if(isset($groupList[$name]['actions'])){
if($groupList[$name]['actions'] !== array()){
ksort($groupList[$name]['actions']);
}
return system_applyTemplate('authadmin_editGroup.inc');
}
else{
trigger_error(system_loadStr('AUTHADMIN_GROUP_NOT_FOUND', array(system_getSafeStr($name))), E_USER_WARNING);
return system_applyTemplate('authadmin_listGroups.inc');
}
}
/**
* Generate the user list.
* @access private
*/
function authadmin_generateUserList(){
$GLOBALS['_T']['authadmin']['userList'] = system_dbRead(system_dbKey('AUTH_USERLIST'));
if($GLOBALS['_T']['authadmin']['userList'] !== false){
ksort($GLOBALS['_T']['authadmin']['userList']);
}
return system_applyTemplate('authadmin_listUsers.inc');
}
/**
* Generate a list of groups granted to a user.
* @param string $aUserName Encoded name.
* @access private
*/
function authadmin_generateGrantList($aUserName){
$userDbKey = system_dbKey('AUTH_USER', array($aUserName));
$userItem = system_dbRead($userDbKey);
$GLOBALS['_T']['authadmin']['user'] = &$userItem;
$GLOBALS['_T']['authadmin']['groupList'] = system_dbRead(system_dbKey('AUTH_GROUPLIST'));
if($userItem !== false){
if($userItem['authGroups'] !== array()){
ksort($userItem['authGroups']);
}
return system_applyTemplate('authadmin_editUser.inc');
}
else{
trigger_error(system_loadStr('AUTHADMIN_USER_NOT_FOUND', array(system_getSafeStr($GLOBALS['_IN']['name']['enc']))), E_USER_WARNING);
return authadmin_generateUserList();
}
}
/**
* Delete an user account.
* @param string $aUserName Encoded user name.
* @return bool True on success.
*/
function authadmin_deleteUser($aUserName){
$userDbKey = system_dbKey('AUTH_USER', array($aUserName));
$userItem = system_dbRead($userDbKey);
if($userItem !== false){
$userList = system_dbRead(system_dbKey('AUTH_USERLIST'));
unset($userList[$userItem['nameDisplay']]);
system_dbWrite(system_dbKey('AUTH_USERLIST'), $userList);
system_dbWrite($userDbKey, false);
system_logEntry(time(), 'auth', system_loadStr('AUTHADMIN_LU_LOG_DELETEUSER', array(system_getSafeStr($userItem['nameDisplay']))));
trigger_error(system_loadStr('AUTHADMIN_LU_DELETE_OK', array(system_getSafeStr($userItem['nameDisplay']))), E_USER_NOTICE);
return true;
}
return false;
}
?>
