v8.0.05 Final Commit

Permissions tweaks, role duplication, minor fixes.
GibbonEdu · Jun 17, 2014 · 4bad03a · 4bad03a
1 parent 84fed8e
commit 4bad03a
Show file tree

Hide file tree

Showing 12 changed files with 383 additions and 15 deletions.
diff --git a/CHANGEDB.php b/CHANGEDB.php
@@ -482,7 +482,10 @@
 //v8.0.05
 $count++ ;
 $sql[$count][0]="8.0.05" ;
-$sql[$count][1]="" ;
+$sql[$count][1]="
+UPDATE `gibbonAction` SET entrySidebar='N' WHERE gibbonModuleID=(SELECT gibbonModuleID FROM gibbonModule WHERE name='User Admin') AND gibbonAction.name='Manage Permissions';end
+UPDATE `gibbonAction` SET URLList='role_manage.php,role_manage_add.php,role_manage_edit.php,role_manage_delete.php,role_manage_duplicate.php' WHERE gibbonModuleID=(SELECT gibbonModuleID FROM gibbonModule WHERE name='User Admin') AND gibbonAction.name='Manage Roles';end
+" ;
 
 
 ?>
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
@@ -32,6 +32,19 @@ Attendance: added ability to remove future absence records
 	Edited files /modules/Attendance/attendance_future_byPerson
 	New file /modules/Attendance/attendance_future_byPersonDeleteProcess.php
 
+User Admin: fixed permission loss error in Manage Permissions
+	Edited file /modules/User Admin/permission_manage.php
+
+User Admin: removed sidebar in Manage Permissions
+	Edited value in table gibbonAction
+
+User Admin: added ability to duplicate a role, complete with permissions
+	Edited value in table gibbonAction
+	Edited file /modules/User Admin/role_manage.php
+	New files /modules/User Admin/role_manage_duplicate*.php
+
+
+
 v8.0.04
 -------
 Timetable Admin: fixed I18N issue with blank strings

diff --git a/gibbon.sql b/gibbon.sql
@@ -3,7 +3,7 @@
 -- http://www.phpmyadmin.net
 --
 -- Host: localhost:8889
--- Generation Time: May 21, 2014 at 02:50 PM
+-- Generation Time: Jun 17, 2014 at 02:24 PM
 -- Server version: 5.5.34
 -- PHP Version: 5.5.10
 
@@ -104,8 +104,8 @@ INSERT INTO `gibbonAction` (`gibbonActionID`, `gibbonModuleID`, `name`, `precede
 (0000015, 0001, 'Manage Terms', 0, 'Years, Days & Times', '', 'schoolYearTerm_manage.php,schoolYearTerm_manage_add.php,schoolYearTerm_manage_edit.php,schoolYearTerm_manage_delete.php', 'schoolYearTerm_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
 (0000013, 0001, 'Manage Days of the Week', 0, 'Years, Days & Times', '', 'daysOfWeek_manage.php', 'daysOfWeek_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
 (0000010, 0003, 'Manage Modules', 0, '', '', 'module_manage.php,module_manage_install.php,module_manage_edit.php,module_manage_uninstall.php,module_manage_update.php', 'module_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
-(0000012, 0002, 'Manage Permissions', 0, 'User Management', '', 'permission_manage.php,permission_manage_edit.php', 'permission_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
-(0000009, 0002, 'Manage Roles', 0, 'User Management', '', 'role_manage.php,role_manage_add.php,role_manage_edit.php,role_manage_delete.php', 'role_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
+(0000012, 0002, 'Manage Permissions', 0, 'User Management', '', 'permission_manage.php,permission_manage_edit.php', 'permission_manage.php', 'N', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
+(0000009, 0002, 'Manage Roles', 0, 'User Management', '', 'role_manage.php,role_manage_add.php,role_manage_edit.php,role_manage_delete.php,role_manage_duplicate.php', 'role_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
 (0000008, 0001, 'Manage Houses', 0, 'Groupings', '', 'house_manage.php,house_manage_edit.php,house_manage_add.php,house_manage_delete.php', 'house_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
 (0000007, 0001, 'Manage Roll Groups', 0, 'Groupings', '', 'rollGroup_manage.php,rollGroup_manage_edit.php,rollGroup_manage_add.php,rollGroup_manage_delete.php', 'rollGroup_manage.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
 (0000005, 0003, 'System Settings', 0, '', 'Main system settings', 'systemSettings.php', 'systemSettings.php', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N'),
@@ -2386,7 +2386,6 @@ CREATE TABLE `gibbonPerson` (
   KEY `username_2` (`username`,`email`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1099 ;
 
-
 -- --------------------------------------------------------
 
 --

diff --git a/modules/Activities/activities_view_registerProcess.php b/modules/Activities/activities_view_registerProcess.php
@@ -198,7 +198,7 @@
 									break ;
 								}
 
-								//Unlock the activityStudent database table
+								//Unlock locked database tables
 								try {
 									$sql="UNLOCK TABLES" ;
 									$result=$connection2->query($sql);   
@@ -293,7 +293,7 @@
 										catch(PDOException $e) { }
 									}
 								}
-								//Unlock the activityStudent database table
+								//Unlock locked database tables
 								try {
 									$sql="UNLOCK TABLES" ;
 									$result=$connection2->query($sql);   

diff --git a/modules/Planner/units_duplicateProcess.php b/modules/Planner/units_duplicateProcess.php
@@ -95,7 +95,7 @@
 			$AI=str_pad($rowAI['Auto_increment'], 8, "0", STR_PAD_LEFT) ;
 			$partialFail=FALSE ; 
 
-			//Unlock the activityStudent database table
+			//Unlock locked database tables
 			try {
 				$sql="UNLOCK TABLES" ;
 				$result=$connection2->query($sql);   

diff --git a/modules/User Admin/permission_manage.php b/modules/User Admin/permission_manage.php
@@ -185,12 +185,12 @@
 				}
 			}
 			$max_input_vars=ini_get('max_input_vars') ;
-			if ($totalCount>$max_input_vars) {
+			if (($totalCount*2)>$max_input_vars) {
 				print "<tr>" ;
 					print "<td colspan='6'>" ;	
 						print "<div class='error'>" ;
 						print "php.ini max_input_vars=" . $max_input_vars . "<br />";
-						print _("Number of inputs on this page") . "=" . $totalCount . "<br/>";
+						print _("Number of inputs on this page") . "=" . ($totalCount*2) . "<br/>";
 						print _("This form is very large and data will be truncated unless you edit php.ini. Add the line <i>max_input_vars=5000</i> to your php.ini file on your server.") ;
 						print "</div>" ;	
 					print "</td>" ;

diff --git a/modules/User Admin/role_manage.php b/modules/User Admin/role_manage.php
@@ -28,7 +28,7 @@
 else {
 	//Proceed!
 	print "<div class='trail'>" ;
-	print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > </div><div class='trailEnd'>" . _('Manage Role') . "</div>" ;
+	print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > </div><div class='trailEnd'>" . _('Manage Roles') . "</div>" ;
 	print "</div>" ;
 
 	if (isset($_GET["deleteReturn"])) { $deleteReturn=$_GET["deleteReturn"] ; } else { $deleteReturn="" ; }
@@ -43,6 +43,32 @@
 			print $deleteReturnMessage;
 		print "</div>" ;
 	} 
+
+	if (isset($_GET["duplicateReturn"])) { $duplicateReturn=$_GET["duplicateReturn"] ; } else { $duplicateReturn="" ; }
+	$duplicateReturnMessage="" ;
+	$class="error" ;
+	if (!($duplicateReturn=="")) {
+		if ($duplicateReturn=="fail0") {
+			$duplicateReturnMessage=_("Your request failed because you do not have access to this action.") ;	
+		}
+		else if ($duplicateReturn=="fail2") {
+			$duplicateReturnMessage=_("Your request failed due to a database error.") ;	
+		}
+		else if ($duplicateReturn=="fail3") {
+			$duplicateReturnMessage=_("Your request failed because your inputs were invalid.") ;	
+		}
+		else if ($duplicateReturn=="fail6") {
+			$duplicateReturnMessage="Your request was successful, but some data was not properly saved." ;	
+			$class="success" ;
+		}
+		else if ($duplicateReturn=="success0") {
+			$duplicateReturnMessage=_("Your request was successful.") ;	
+			$class="success" ;
+		}
+		print "<div class='$class'>" ;
+			print $duplicateReturnMessage;
+		print "</div>" ;
+	} 
 
 	try {
 		$data=array(); 
@@ -81,7 +107,7 @@
 				print "<th>" ;
 					print _("Type") ;
 				print "</th>" ;
-				print "<th style='width:50px'>" ;
+				print "<th style='width:80px'>" ;
 					print _("Action") ;
 				print "</th>" ;
 			print "</tr>" ;
@@ -119,6 +145,7 @@
 							print "<a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . $_SESSION[$guid]["module"] . "/role_manage_edit.php&gibbonRoleID=" . $row["gibbonRoleID"] . "'><img title='" . _('Edit Record') . "' src='./themes/" . $_SESSION[$guid]["gibbonThemeName"] . "/img/config.png'/></a> " ;
 							print "<a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . $_SESSION[$guid]["module"] . "/role_manage_delete.php&gibbonRoleID=" . $row["gibbonRoleID"] . "'><img title='" . _('Delete Record') . "' src='./themes/" . $_SESSION[$guid]["gibbonThemeName"] . "/img/garbage.png'/></a>" ;
 						}
+						print "<a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . $_SESSION[$guid]["module"] . "/role_manage_duplicate.php&gibbonRoleID=" . $row["gibbonRoleID"] . "'><img title='" . _('Duplicate') . "' src='./themes/" . $_SESSION[$guid]["gibbonThemeName"] . "/img/copy.png'/></a> " ;
 					print "</td>" ;
 				print "</tr>" ;
 			}

diff --git a/modules/User Admin/role_manage_add.php b/modules/User Admin/role_manage_add.php
@@ -28,7 +28,7 @@
 else {
 	//Proceed!
 	print "<div class='trail'>" ;
-	print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/role_manage.php'>" . _('Manage Role') . "</a> > </div><div class='trailEnd'>" . _('Add Role') . "</div>" ;
+	print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/role_manage.php'>" . _('Manage Roles') . "</a> > </div><div class='trailEnd'>" . _('Add Role') . "</div>" ;
 	print "</div>" ;
 
 	if (isset($_GET["addReturn"])) { $addReturn=$_GET["addReturn"] ; } else { $addReturn="" ; }

diff --git a/modules/User Admin/role_manage_delete.php b/modules/User Admin/role_manage_delete.php
@@ -28,7 +28,7 @@
 else {
 	//Proceed!
 	print "<div class='trail'>" ;
-	print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/role_manage.php'>" . _('Manage Role') . "</a> > </div><div class='trailEnd'>" . _('Delete Role') . "</div>" ;
+	print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/role_manage.php'>" . _('Manage Roles') . "</a> > </div><div class='trailEnd'>" . _('Delete Role') . "</div>" ;
 	print "</div>" ;
 
 	if (isset($_GET["deleteReturn"])) { $deleteReturn=$_GET["deleteReturn"] ; } else { $deleteReturn="" ; }

diff --git a/modules/User Admin/role_manage_duplicate.php b/modules/User Admin/role_manage_duplicate.php
@@ -0,0 +1,150 @@
+<?php
+/*
+Gibbon, Flexible & Open School System
+Copyright (C) 2010, Ross Parker
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+@session_start() ;
+
+//Module includes
+include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php" ;
+
+if (isActionAccessible($guid, $connection2, "/modules/User Admin/role_manage_duplicate.php")==FALSE) {
+	//Acess denied
+	print "<div class='error'>" ;
+		print _("You do not have access to this action.") ;
+	print "</div>" ;
+}
+else {
+	//Get action with highest precendence
+	print "<div class='trail'>" ;
+	print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/role_manage.php'>" . _('Manage Roles') . "</a> > </div><div class='trailEnd'>" . _('Duplicate Role') . "</div>" ;
+	print "</div>" ;
+
+	//Proceed!
+	if (isset($_GET["updateReturn"])) { $updateReturn=$_GET["updateReturn"] ; } else { $updateReturn="" ; }
+	$updateReturnMessage="" ;
+	$class="error" ;
+	if (!($updateReturn=="")) {
+		if ($updateReturn=="fail0") {
+			$updateReturnMessage=_("Your request failed because you do not have access to this action.") ;	
+		}
+		else if ($updateReturn=="fail1") {
+			$updateReturnMessage=_("Your request failed because your inputs were invalid.") ;	
+		}
+		else if ($updateReturn=="fail2") {
+			$updateReturnMessage=_("Your request failed due to a database error.") ;	
+		}
+		else if ($updateReturn=="fail3") {
+			$updateReturnMessage=_("Your request failed because your inputs were invalid.") ;	
+		}
+		else if ($updateReturn=="fail4") {
+			$updateReturnMessage=_("Your request failed because your inputs were invalid.") ;	
+		}
+		else if ($updateReturn=="fail5") {
+			$updateReturnMessage=_("Your request failed due to an attachment error.") ;	
+		}
+		else if ($updateReturn=="fail6") {
+			$updateReturnMessage=_("Your request was successful, but some data was not properly saved.") ;	
+		}
+		else if ($updateReturn=="success0") {
+			$updateReturnMessage=_("Your request was completed successfully.") ;	
+			$class="success" ;
+		}
+		print "<div class='$class'>" ;
+			print $updateReturnMessage;
+		print "</div>" ;
+	} 
+
+	//Check if courseschool year specified
+	$gibbonRoleID=$_GET["gibbonRoleID"]; 
+	if ($gibbonRoleID=="") {
+		print "<div class='error'>" ;
+			print _("You have not specified one or more required parameters.") ;
+		print "</div>" ;
+	}
+	else {
+		try {
+			$data=array("gibbonRoleID"=>$gibbonRoleID); 
+			$sql="SELECT * FROM gibbonRole WHERE gibbonRoleID=:gibbonRoleID" ;
+			$result=$connection2->prepare($sql);
+			$result->execute($data);
+		}
+		catch(PDOException $e) { 
+			print "<div class='error'>" . $e->getMessage() . "</div>" ; 
+		}
+
+		if ($result->rowCount()!=1) {
+			print "<div class='error'>" ;
+				print _("The selected record does not exist, or you do not have access to it.") ;
+			print "</div>" ;
+		}
+		else {
+			$row=$result->fetch() ;
+
+
+			?>
+			<form method="post" action="<?php print $_SESSION[$guid]["absoluteURL"] . "/modules/" . $_SESSION[$guid]["module"] . "/role_manage_duplicateProcess.php?gibbonRoleID=$gibbonRoleID" ?>">
+				<table class='smallIntBorder' cellspacing='0' style="width: 100%">	
+					<tr>
+						<td> 
+							<b><?php print _('Role') ?> *</b><br/>
+							<span style="font-size: 90%"><i><?php print _('This value cannot be changed.') ?></i></span>
+						</td>
+						<td class="right">
+							<?php print "<input readonly value='" . $row["name"] . "' type='text' style='width: 300px'>" ; ?>
+						</td>
+					</tr>
+					<tr>
+						<td> 
+							<b><?php print _('Name') ?> *</b><br/>
+						</td>
+						<td class="right">
+							<input name="name" id="name" maxlength=20 value="" type="text" style="width: 300px">
+							<script type="text/javascript">
+								var name=new LiveValidation('name');
+								name.add(Validate.Presence);
+							 </script>
+						</td>
+					</tr>
+					<tr>
+						<td> 
+							<b><?php print _('Name Short') ?> *</b><br/>
+						</td>
+						<td class="right">
+							<input name="nameShort" id="nameShort" maxlength=4 value="" type="text" style="width: 300px">
+							<script type="text/javascript">
+								var nameShort=new LiveValidation('nameShort');
+								nameShort.add(Validate.Presence);
+							 </script>
+						</td>
+					</tr>
+					<tr>
+						<td>
+							<span style="font-size: 90%"><i>* <?php print _("denotes a required field") ; ?></i></span>
+						</td>
+						<td class="right">
+							<input type="hidden" name="address" value="<?php print $_SESSION[$guid]["address"] ?>">
+							<input type="submit" value="<?php print _("Submit") ; ?>">
+						</td>
+					</tr>
+				</table>
+			</form>
+			<?php
+		}
+	}
+}
+?>