permissions

git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@218 c66351dc-e62f-0410-b875-e3a5c0b9693f
2025-01-22 21:40:28 +03:00 · 2008-12-08 00:34:28 +00:00 · 2008-12-08 00:34:28 +00:00 · c6c3fe05d7
commit c6c3fe05d7
parent 2b1138dfdc
10 changed files with 238 additions and 3 deletions
--- a/src/messenger/webim/install/dbinfo.php
+++ b/src/messenger/webim/install/dbinfo.php
@ -56,6 +56,7 @@ $dbtables = array(
 		"dtmlastvisited" => "datetime DEFAULT 0",
 		"vcavatar" => "varchar(255)",
 		"vcjabbername" => "varchar(255)",
+		"iperm" => "int DEFAULT 65535",
 	),

 	"chatrevision" => array(
@ -83,7 +84,7 @@ $memtables = array();
 $dbtables_can_update = array(
 	"chatthread" => array("agentId", "userTyping", "agentTyping", "messageCount", "nextagent", "shownmessageid", "userid", "userAgent"),
 	"chatmessage" => array("agentId"),
-	"chatoperator" => array("vcavatar", "vcjabbername"),
+	"chatoperator" => array("vcavatar", "vcjabbername", "iperm"),
 	"chatban" => array(),
 );

--- a/src/messenger/webim/install/dbperform.php
+++ b/src/messenger/webim/install/dbperform.php
@ -106,6 +106,10 @@ if ($act == "silentcreateall") {
 			runsql("ALTER TABLE chatthread ADD userid varchar(255) DEFAULT \"\"", $link);
 		}

+		if( in_array("chatoperator.iperm", $absent) ) {
+			runsql("ALTER TABLE chatoperator ADD iperm int DEFAULT 65535", $link);
+		}
+
 		if( in_array("chatoperator.vcavatar", $absent) ) {
 			runsql("ALTER TABLE chatoperator ADD vcavatar varchar(255)", $link);
 		}
--- a/src/messenger/webim/libs/common.php
+++ b/src/messenger/webim/libs/common.php
@ -297,6 +297,14 @@ function form_value_cb($key) {
 	return false;
 }

+function form_value_mb($key,$id) {
+	global $page;
+	if( isset($page) && isset($page["form$key"]) && is_array($page["form$key"]) ) {
+		return in_array($id, $page["form$key"]);
+	}
+	return false;
+}
+
 function no_field($key) {
 	return getlocal2("errors.required",array(getlocal($key)));
 }
--- a/src/messenger/webim/libs/operator.php
+++ b/src/messenger/webim/libs/operator.php
@ -12,6 +12,18 @@
 *    Evgeny Gryaznov - initial API and implementation
 */

+$can_administrate = 0;
+$can_takeover = 1;
+$can_viewthreads = 2;
+
+$can_count = 3;
+
+$permission_ids = array(
+	$can_administrate => "admin",
+	$can_takeover => "takeover",
+	$can_viewthreads => "viewthreads"
+);
+
 function operator_by_login($login) {
 	$link = connect();
 	$operator = select_one_row(
@ -176,4 +188,24 @@ function get_redirect_links($threadid,$token) {
 	return $agent_list;
 }

+$permission_list = array();
+
+function get_permission_list() {
+	global $permission_list, $permission_ids;
+	if(count($permission_list) == 0) {
+		foreach($permission_ids as $permid) {
+			$permission_list[] = array(
+				'id' => $permid,
+				'descr' => getlocal("permission.$permid")
+			);
+		}
+	}
+	return $permission_list;
+}
+
+function is_capable($perm,$operator) {
+	$permissions = $operator && isset($operator['iperm']) ? $operator['iperm'] : 0;
+	return $perm >= 0 && $perm < 32 && ($permissions & (1 << $perm)) != 0;
+}
+
 ?>
--- a/src/messenger/webim/locales/en/properties
+++ b/src/messenger/webim/locales/en/properties
@ -258,12 +258,18 @@ page.translate.title=Translate Open WebIM
 page_agent.create_new=Here you can create new operator
 page_agent.tab.avatar=Photo
 page_agent.tab.main=General
+page_agent.tab.permissions=Permissions
 page_agents.agent_commonname=International name
 page_analysis.full.text.search=User name or message text search:
 page_avatar.intro=You can upload your photo only in JPG, GIF, PNG or TIF image file.
 page_avatar.title=Upload photo
 page_search.intro=Search for chat history of a specified user or a specified phrase in a message.
 page_settings.intro=Specify options affecting chat window and common system behavior
+permission.admin=System administration: settings, operators management
+permission.takeover=Take over chat thread
+permission.viewthreads=View another operator's chat thread
+permissions.intro=Here you can control operator's permissions 
+permissions.title=Permissions
 settings.chat.title=Title in the chat window
 settings.chat.title.description=Department of your company for example.
 settings.chatstyle=Select style for your chat windows
--- a/src/messenger/webim/locales/ru/properties
+++ b/src/messenger/webim/locales/ru/properties
@ -258,12 +258,18 @@ page.translate.title=
 page_agent.create_new=Создание нового оператора
 page_agent.tab.avatar=Фотография
 page_agent.tab.main=Общее
+page_agent.tab.permissions=Возможности
 page_agents.agent_commonname=Интернациональное имя
 page_analysis.full.text.search=Поиск по имени посетителя или по тексту сообщения:
 page_avatar.intro=Вы можете загрузить фотографию расширения JPG, GIF, PNG или TIF.
 page_avatar.title=Загрузка фотографии
 page_search.intro=На данной странице можно осуществить поиск диалогов по имени пользователя или фразе, встречающейся в сообщении.
 page_settings.intro=Здесь вы можете задать опции влияющие на отображение чат окна и общее поведение системы 
+permission.admin=Администрирование системы: настройка, управление операторами
+permission.takeover=Перехватывать диалоги у других операторов
+permission.viewthreads=Просматривать диалоги других операторов в режиме реального времени
+permissions.intro=Здесь вы можете ограничить возможности оператора
+permissions.title=Возможности оператора
 settings.chat.title=Заголовок в чат окне
 settings.chat.title.description=Например, название отдела вашей компании
 settings.chatstyle=Выберите вид вашего чат окна
--- a/src/messenger/webim/operator/avatar.php
+++ b/src/messenger/webim/operator/avatar.php
@ -82,7 +82,8 @@ if( !$op ) {

 $page['tabs'] = array(
 	getlocal("page_agent.tab.main") => "$webimroot/operator/operator.php?op=$opId",
-	getlocal("page_agent.tab.avatar") => ""
+	getlocal("page_agent.tab.avatar") => "",
+	getlocal("page_agent.tab.permissions") => "$webimroot/operator/permissions.php?op=$opId"
 );

 start_html_output();
--- a/src/messenger/webim/operator/operator.php
+++ b/src/messenger/webim/operator/operator.php
@ -86,7 +86,8 @@ $page['operator'] = topage(get_operator_name($operator));

 $page['tabs'] = $opId ? array(
 	getlocal("page_agent.tab.main") => "",
-	getlocal("page_agent.tab.avatar") => "$webimroot/operator/avatar.php?op=$opId"
+	getlocal("page_agent.tab.avatar") => "$webimroot/operator/avatar.php?op=$opId",
+	getlocal("page_agent.tab.permissions") => "$webimroot/operator/permissions.php?op=$opId"
 ) : array();

 start_html_output();
--- a/src/messenger/webim/operator/permissions.php
+++ b/src/messenger/webim/operator/permissions.php
@ -0,0 +1,76 @@
+<?php
+/*
+ * This file is part of Web Instant Messenger project.
+ *
+ * Copyright (c) 2005-2008 Web Messenger Community
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *    Evgeny Gryaznov - initial API and implementation
+ */
+
+require_once('../libs/common.php');
+require_once('../libs/operator.php');
+
+$operator = check_login();
+
+function update_operator_permissions($operatorid,$newvalue) {
+	$link = connect();
+	$query = "update chatoperator set iperm = $newvalue where operatorid = $operatorid";
+
+	perform_query($query,$link);
+	mysql_close($link);
+}
+
+$opId = verifyparam( "op","/^\d{1,9}$/");
+$page = array('op' => $opId);
+$page['operator'] = topage(get_operator_name($operator));
+$errors = array();
+
+$op = operator_by_id($opId);
+
+if( !$op ) {
+	$errors[] = getlocal("no_such_operator");
+
+} else if( isset($_POST['op']) ) {
+
+	$new_permissions = isset($op['iperm']) ? $op['iperm'] : 0;
+
+	foreach($permission_ids as $perm => $id) {
+		if( verifyparam("permissions$id","/^on$/", "") == "on") {
+			$new_permissions |= (1 << $perm);
+		} else {
+			$new_permissions &= ~ (1 << $perm);
+		}
+	}
+
+	if(count($errors) == 0) {
+		update_operator_permissions($op['operatorid'],$new_permissions);
+
+		header("Location: $webimroot/operator/operator.php?op=$opId");
+		exit;
+	}
+
+}
+
+$page['tabs'] = array(
+	getlocal("page_agent.tab.main") => "$webimroot/operator/operator.php?op=$opId",
+	getlocal("page_agent.tab.avatar") => "$webimroot/operator/avatar.php?op=$opId",
+	getlocal("page_agent.tab.permissions") => ""
+);
+
+$page['permissionsList'] = get_permission_list();
+$page['formpermissions'] = array("");
+
+foreach($permission_ids as $perm => $id) {
+	if(is_capable($perm,$op)) {
+		$page['formpermissions'][] = $id;
+	}
+}
+
+start_html_output();
+require('../view/permissions.php');
+?>
--- a/src/messenger/webim/view/permissions.php
+++ b/src/messenger/webim/view/permissions.php
@ -0,0 +1,100 @@
+<?php
+/*
+ * This file is part of Web Instant Messenger project.
+ *
+ * Copyright (c) 2005-2008 Web Messenger Community
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *    Evgeny Gryaznov - initial API and implementation
+ */
+?>
+<html>
+<head>
+
+
+
+<link rel="stylesheet" type="text/css" media="all" href="<?php echo $webimroot ?>/styles.css" />
+
+
+<link rel="shortcut icon" href="<?php echo $webimroot ?>/images/favicon.ico" type="image/x-icon"/>
+<title>
+	<?php echo getlocal("app.title") ?>	- <?php echo getlocal("permissions.title") ?>
+</title>
+
+<meta http-equiv="keywords" content="<?php echo getlocal("page.main_layout.meta_keyword") ?>">
+<meta http-equiv="description" content="<?php echo getlocal("page.main_layout.meta_description") ?>">
+</head>
+
+<body bgcolor="#FFFFFF" text="#000000" link="#2971C1" vlink="#2971C1" alink="#2971C1">
+
+<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<tr>
+<td valign="top" class="text">
+
+ <table width="100%" cellpadding="0" cellspacing="0" border="0"><tr><td align="left" valign="top">
+		<h1><?php echo getlocal("permissions.title") ?></h1>
+ </td><td align="right" class="text" valign="top"><table cellspacing="0" cellpadding="0" border="0"><tr><td class="textform"><?php echo getlocal2("menu.operator",array($page['operator'])) ?></td><td class="textform"><img src='<?php echo $webimroot ?>/images/topdiv.gif' width="25" height="15" border="0" alt="|" /></td><td class="textform"><a href="<?php echo $webimroot ?>/operator/operators.php" title="<?php echo getlocal("menu.agents") ?>"><?php echo getlocal("menu.agents") ?></a></td><td class="textform"><img src='<?php echo $webimroot ?>/images/topdiv.gif' width="25" height="15" border="0" alt="|" /></td><td class="textform"><a href="<?php echo $webimroot ?>/operator/index.php" title="<?php echo getlocal("menu.main") ?>"><?php echo getlocal("menu.main") ?></a></td></tr></table></td></tr></table>
+
+
+	<?php echo getlocal("permissions.intro") ?>
+<br />
+<br />
+
+<?php if( isset($errors) && count($errors) > 0 ) { ?>
+		<table cellspacing="0" cellpadding="0" border="0">
+		<tr>
+	    <td valign="top"><img src='<?php echo $webimroot ?>/images/icon_err.gif' width="40" height="40" border="0" alt="" /></td>
+	    <td width="10"></td>
+	    <td class="text">
+		    <?php	if( isset($errors) && count($errors) > 0 ) {
+		print getlocal("errors.header");
+		foreach( $errors as $e ) {
+			print getlocal("errors.prefix");
+			print $e;
+			print getlocal("errors.suffix");
+		}
+		print getlocal("errors.footer");
+	} ?>
+
+		</td>
+		</tr>
+		</table>
+	<?php } ?>
+
+<form name="permissionsForm" method="post" action="<?php echo $webimroot ?>/operator/permissions.php">
+	<table cellspacing='0' cellpadding='0' border='0'>
+<?php if($page['tabs']) { ?>
+<tr><td align="right" style="padding-right:16px;"><table cellspacing="0" cellpadding="0" border="0"><tr><?php foreach($page['tabs'] as $k => $v) { if($v) { ?><td class="textform" style="padding: 2px 9px 3px 9px;"><a href="<?php echo $v ?>"><?php echo $k ?></a></td><?php } else { ?><td class="textform" background="<?php echo $webimroot ?>/images/loginbg.gif" style="border-left:1px solid #bbbbbb;border-top:1px solid #bbbbbb;border-right:1px solid #bbbbbb;padding: 2px 9px 3px 9px;"><?php echo $k ?></td><?php }} ?></tr></table></td></tr>
+<?php } ?>
+<tr><td background='<?php echo $webimroot ?>/images/loginbg.gif'><table cellspacing='0' cellpadding='0' border='0'><tr><td><img src='<?php echo $webimroot ?>/images/logincrnlt.gif' width='16' height='16' border='0' alt=''></td><td></td><td><img src='<?php echo $webimroot ?>/images/logincrnrt.gif' width='16' height='16' border='0' alt=''></td></tr><tr><td></td><td align='center'><table border='0' cellspacing='0' cellpadding='0'>
+
+<?php foreach( $page['permissionsList'] as $pm ) { ?>
+		<tr class="formauth" colspan="3">
+			<td class="formauth" colspan="3">
+				<label><input type="checkbox" name="permissions<?php echo $pm['id'] ?>" value="on"<?php echo form_value_mb('permissions',$pm['id']) ? " checked=\"checked\"" : "" ?>/> <?php echo $pm['descr'] ?></label>
+			</td>
+		</tr>
+<?php } ?>
+
+		<tr><td colspan='3' height='20'></td></tr><tr><td colspan='3' background='<?php echo $webimroot ?>/images/formline.gif'><img src='<?php echo $webimroot ?>/images/formline.gif' width='1' height='2' border='0' alt=''></td></tr><tr><td colspan='3' height='10'></td></tr>
+		<tr>
+			<td class="formauth" colspan="3">
+                    <input type="hidden" name="op" value="<?php echo $page['op'] ?>"/>
+			        <input type="image" name="" src='<?php echo $webimroot.getlocal("image.button.save") ?>' border="0" alt='<?php echo getlocal("button.save") ?>'/>
+			</td>
+		</tr>
+
+	</table></td><td></td></tr><tr><td><img src='<?php echo $webimroot ?>/images/logincrnlb.gif' width='16' height='16' border='0' alt=''></td><td></td><td><img src='<?php echo $webimroot ?>/images/logincrnrb.gif' width='16' height='16' border='0' alt=''></td></tr></table></td></tr></table>
+</form>
+
+</td>
+</tr>
+</table>
+
+</body>
+</html>
+