DiegoNakaniwa
/
pabx-app
forked from SimplesIP/pabx-app
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
PABX da Simples IP
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
426 Commits
4 Branches
6 Tags
217 MiB
 
 
 
 
 
 
Tree: b65734f8c7
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b65734f8c7'
${ noResults }
pabx-app/seguranca/userGrupo.php

240 lines
10 KiB
Raw Blame History

<?php
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
$codGp = 0;
$codUser = 0;
$sizeUser = 12;
$sizeGpUser = 10;
$grupouser = "";
if (IsAjax()) {
$ret = "";
if (isset($_GET["addGrup"])) {
$codGp = $_GET["codGrup"];
$codUser = $_GET["codUser"];
$query = "insert into pbx_grupo_usuario(user_id, gp_id)
select $codUser, $codGp
where not exists(select '' from pbx_grupo_usuario where user_id = $codUser and gp_id = $codGp)";
$result = pg_query($dbcon, $query);
if ($result) {
if (@pg_affected_rows($result) > 0)
$ret = "OK;";
else
$ret = "ER; O usuário já pertence as este grupo!";
}
else {
$ret = "ER;Não foi possível realizar a operação!" . (IsAdmin() ? SubsPVirgula(pg_last_error($dbcon)) : "");
}
if (substr($ret, 0, 2) == "ER") {
echo $ret;
}//verifica se deve retornar a lista de usuarios relacionados ao grupo
else {
$grupouser = $_GET["addGrup"] ? SubsPVirgula(GetGrupoUser($dbcon, $codGp, $sizeGpUser)) : "";
echo $ret . $grupouser . ";" . "Usuário inserido com sucesso!"; //empty($grupouser) ? "nulo" : $grupouser;
}
}//remove usuario do grupo
else if (isset($_GET["remGrup"])) {
$codGp = $_GET["codGrup"];
$codUser = $_GET["codUser"];
$query = "delete from pbx_grupo_usuario where user_id = $codUser and gp_id = $codGp";
$result = pg_query($dbcon, $query);
if ($result) {
$ret = "OK;";
} else {
$ret = "ER;Não foi possível realizar a operação!" . (IsAdmin() ? SubsPVirgula(pg_last_error($dbcon)) : "");
}
if (substr($ret, 0, 2) == "ER") {
echo $ret;
}//verifica se deve retornar a lista de usuarios relacionados ao grupo
else {
$grupouser = $_GET["remGrup"] ? SubsPVirgula(GetGrupoUser($dbcon, $codGp, $sizeGpUser)) : "";
echo $ret . $grupouser . ";" . "O usuário foi removido com sucesso!"; //empty($grupouser) ? "nulo" : $grupouser;
}
} else if (isset($_GET["addFunc"])) {
$codGp = $_GET["codGp"];
$codFunc = $_GET["codFunc"];
pg_query($dbcon, 'begin');
foreach ($codFunc as $idFunc) {
$query = "insert into pbx_grupo_funcoes(gp_id, fun_id )
select '$codGp', '$idFunc'
where not exists(select '' from pbx_grupo_funcoes where fun_id = '$idFunc' and gp_id = '$codGp')";
$result = pg_query($dbcon, $query);
if (!$result)
break;
}
if ($result) {
if (@pg_affected_rows($result) > 0) {
pg_query($dbcon, 'commit');
$ret = "OK;";
} else {
pg_query($dbcon, 'rollback');
$ret = "ER; A função já pertence as este grupo!";
}
} else {
pg_query($dbcon, 'rollback');
$ret = "ER;Não foi possível realizar a operação!" . (IsAdmin() ? SubsPVirgula(pg_last_error($dbcon)) : "");
}
if (substr($ret, 0, 2) == "ER") {
echo $ret;
}//verifica se deve retornar a lista de usuarios relacionados ao grupo
else {
$grupouser = $_GET["addFunc"] ? SubsPVirgula(GetGrupoFunc($dbcon, $codGp, $sizeUser)) : "";
echo $ret . $grupouser . ";" . "Função inserida com sucesso!"; //empty($grupouser) ? "nulo" : $grupouser;
}
} else if (isset($_GET["remFunc"])) {
$codGp = $_GET["codGrup"];
$codFunc = $_GET["codFunc"];
pg_query($dbcon, 'begin');
foreach ($codFunc as $idFunc) {
$query = "delete from pbx_grupo_funcoes where fun_id = $idFunc and gp_id = $codGp";
$result = pg_query($dbcon, $query);
if (!$result)
break;
}
if ($result) {
pg_query($dbcon, 'commit');
$ret = "OK;";
} else { //" . IsAdmin() ? ("Erro: " . pg_last_error ($dbcon)) : "";
pg_query($dbcon, 'rollback');
$ret = "ER;Não foi possível realizar a operação!" . (IsAdmin() ? SubsPVirgula(pg_last_error($dbcon)) : "");
}
if (substr($ret, 0, 2) == "ER") {
echo $ret;
}//verifica se deve retornar a lista de usuarios relacionados ao grupo
else {
$grupouser = $_GET["remFunc"] ? SubsPVirgula(GetGrupoFunc($dbcon, $codGp, $sizeUser)) : "";
echo $ret . $grupouser . ";" . "A função foi removida com sucesso!"; //empty($grupouser) ? "nulo" : $grupouser;
}
} else if (isset($_GET["getGpFunc"])) {
$codGp = $_GET["codGrup"];
//$grupouser = GetGrupoUser($dbcon, $codGp, $sizeGpUser);
$grupoFunc = GetGrupoFunc($dbcon, $codGp, $sizeUser);
//echo SubsPVirgula($grupouser) . ";" . SubsPVirgula($grupoFunc);
echo SubsPVirgula($grupoFunc) . ";" . 'ok';
}
//var url="index.php?idProg=36&ajax=1&codUser="+codUser+ "&codGrup=" + codGp + "&addGrup=1" + GetIdRand();
} else {
//$jsJQuery[] = "\$('#btAdd').click(function(){AddUserGp();})";
//$jsJQuery[] = "\$('#btRemove').click(function(){RemUserGp();})";
$jsJQuery[] = "\$('#btAddFunc').click(function(){AddFuncGp();})";
$jsJQuery[] = "\$('#btRemoveFunc').click(function(){RemFuncGp();})";
$jsJQuery[] = "\$('#lstGrupo').change(function(){CarregaGrupo();})";
$users = GetUser($dbcon, $sizeUser);
$grupos = GetGrupo($dbcon, $codGp, 1);
$grupouser = GetGrupoUser($dbcon, $codGp, $sizeGpUser);
$funcs = GetFunc($dbcon, $sizeUser);
$grupoFunc = GetGrupoFunc($dbcon, $codGp, $sizeUser);
$smarty->assign("users", $users);
$smarty->assign("grupos", $grupos);
$smarty->assign("grupoUser", $grupouser);
$smarty->assign("funcs", $funcs);
$smarty->assign("grupoFunc", $grupoFunc);
GetTemplate($smarty, 'seguranca/perfilUser.tpl');
}
function GetUser($dbcon, $size = 1) {
$query = "select id, nome, apelido, matricula from pbx_usuarios where status = true and delete_ = 0 and upper(apelido) <> 'ADMIN' order by 2";
$result = pg_query($dbcon, $query);
$cont = 0;
$sel = "";
$lista = "<select name=\"lstUser\" id=\"lstUser\" size=\"$size\" style=\"width:200px\">\n";
while (($row = @pg_fetch_array($result))) {
$sel = $cont ? "" : "selected";
$cod = $row["id"];
$desc = $row["apelido"] . "-" . $row["matricula"];
$lista .= "<option value=\"$cod\" $sel>$desc</option>\n";
$cont++;
}
$lista .= $cont ? "</select>" : "<option value=\"0\" selected>-</option>\n</select>\n";
return $lista;
}
function GetGrupo($dbcon, &$codGp, $size = 1) {
$idUser = GetIdUser();
$query = "select gp_id, gp_nome from pbx_grupo g where gp_status = 1 {REST} and gp_user = 0 order by 2";
//restricao se o usuario nao for admin
$query = strtoupper(GetLogin()) == "ADMIN" ? str_replace("{REST}", "", $query) : str_replace("{REST}", " and exists(select '' from pbx_grupo_usuario where gp_id = g.gp_id and user_id = $idUser)", $query);
$result = pg_query($dbcon, $query);
$cont = 0;
$sel = "";
$lista = "<select name=\"lstGrupo\" id=\"lstGrupo\" size=\"$size\" style=\"width:410px\">\n";
while (($row = @pg_fetch_array($result))) {
$cod = $row["gp_id"];
if ($cont) {
$sel = "";
} else {
$sel = "selected";
$codGp = $cod;
}
$desc = $row["gp_nome"];
$lista .= "<option value=\"$cod\" $sel>$desc</option>\n";
$cont++;
}
$lista .= $cont ? "</select>" : "<option value=\"0\" selected>-</option>\n</select>\n";
return $lista;
}
function GetGrupoUser($dbcon, $codGp, $size = 1) {
$query = "select b.id, b.apelido, b.matricula, a.gp_id from pbx_grupo_usuario a, pbx_usuarios b where b.id = a.user_id and a.gp_id = $codGp order by 2";
$result = pg_query($dbcon, $query);
$cont = 0;
$sel = "";
$lista = "<select name=\"lstGrupoUser\" id=\"lstGrupoUser\" size=\"$size\" style=\"width:380px;\">\n";
while (($row = @pg_fetch_array($result))) {
$sel = $cont ? "" : "selected";
$cod = $row["id"];
$desc = $row["apelido"] . "-" . $row["matricula"];
$lista .= "<option value=\"$cod\" $sel>$desc</option>\n";
$cont++;
}
$lista .= $cont ? "</select>" : "<option value=\"0\" selected>-</option>\n</select>\n";
return $lista;
}
function GetFunc($dbcon, $size = 1) {
$idUser = GetIdUser();
$query = "select fun_id, fun_nome, fun_menu_text from pbx_funcoes f where fun_id_pai is not null and fun_public = 0 and fun_status = 1 {REST} order by 3";
$query = $query = strtoupper(GetLogin()) == "ADMIN" ? str_replace("{REST}", "", $query) : str_replace("{REST}", " and exists(select '' from pbx_grupo_funcoes gf, pbx_grupo_usuario gu where gf.gp_id = gu.gp_id and gf.fun_id = f.fun_id and gu.user_id = $idUser)", $query);
$result = pg_query($dbcon, $query);
$cont = 0;
$sel = "";
$lista = "<select name=\"lstFunc[]\" id=\"lstFunc\" size=\"$size\" style=\"width:200px;\" multiple=\"multiple\">\n";
while (($row = @pg_fetch_array($result))) {
$sel = $cont ? "" : "selected";
$cod = $row["fun_id"];
$desc = $row["fun_menu_text"];
$lista .= "<option value=\"$cod\" $sel>$desc</option>\n";
$cont++;
}
$lista .= $cont ? "</select>" : "<option value=\"0\" selected>-</option>\n</select>\n";
return $lista;
}
function GetGrupoFunc($dbcon, $codGp, $size = 1) {
$query = "select a.gp_id, b.fun_id, b.fun_nome, b.fun_menu_text from pbx_grupo_funcoes a, pbx_funcoes b where b.fun_id = a.fun_id and gp_id = $codGp order by 4";
$result = pg_query($dbcon, $query);
$cont = 0;
$sel = "";
$lista = "<select name=\"lstGrupoFunc[]\" id=\"lstGrupoFunc\" size=\"$size\" style=\"width:200px\" multiple=\"multiple\">\n";
while (($row = @pg_fetch_array($result))) {
$sel = $cont ? "" : "selected";
$cod = $row["fun_id"];
$desc = $row["fun_menu_text"];
$lista .= "<option value=\"$cod\" $sel>$desc</option>\n";
$cont++;
}
$lista .= $cont ? "</select>" : "<option value=\"0\" selected>-</option>\n</select>\n";
return $lista;
}
?>