mirror of
https://github.com/Mibew/java.git
synced 2025-10-31 10:31:07 +03:00
modify profile permission
git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@517 c66351dc-e62f-0410-b875-e3a5c0b9693f
This commit is contained in:
Evgeny Gryaznov
parent
3ab00d8111
commit
4b790f7fcf
@ -15,13 +15,15 @@
|
||||
$can_administrate = 0;
|
||||
$can_takeover = 1;
|
||||
$can_viewthreads = 2;
|
||||
$can_modifyprofile = 3;
|
||||
|
||||
$can_count = 3;
|
||||
$can_count = 4;
|
||||
|
||||
$permission_ids = array(
|
||||
$can_administrate => "admin",
|
||||
$can_takeover => "takeover",
|
||||
$can_viewthreads => "viewthreads"
|
||||
$can_viewthreads => "viewthreads",
|
||||
$can_modifyprofile => "modifyprofile"
|
||||
);
|
||||
|
||||
function operator_by_login($login) {
|
||||
|
||||
@ -332,6 +332,7 @@ pending.table.head.waittime=Waiting time
|
||||
pending.table.speak=Click to chat with the visitor
|
||||
pending.table.view=Watch the chat
|
||||
permission.admin=System administration: settings, operators management, button generation
|
||||
permission.modifyprofile=Ability to modify profile
|
||||
permission.takeover=Take over chat thread
|
||||
permission.viewthreads=View another operator's chat thread
|
||||
permissions.intro=Change restrictions and available features for this operator.
|
||||
|
||||
@ -22,6 +22,9 @@ $opId = verifyparam( "op","/^\d{1,9}$/");
|
||||
$page = array('opid' => $opId, 'avatar' => '');
|
||||
$errors = array();
|
||||
|
||||
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|
||||
|| is_capable($can_administrate, $operator);
|
||||
|
||||
$op = operator_by_id($opId);
|
||||
|
||||
if( !$op ) {
|
||||
@ -30,7 +33,7 @@ if( !$op ) {
|
||||
} else if( isset($_POST['op']) ) {
|
||||
$avatar = $op['vcavatar'];
|
||||
|
||||
if($opId != $operator['operatorid'] && !is_capable($can_administrate, $operator)) {
|
||||
if(!$canmodify) {
|
||||
$errors[] = getlocal('page_agent.cannot_modify');
|
||||
|
||||
} else if( isset($_FILES['avatarFile']) && $_FILES['avatarFile']['name']) {
|
||||
@ -77,7 +80,7 @@ if( !$op ) {
|
||||
}
|
||||
|
||||
} else {
|
||||
if (isset($_GET['delete']) && $_GET['delete'] == "true") {
|
||||
if (isset($_GET['delete']) && $_GET['delete'] == "true" && $canmodify) {
|
||||
update_operator_avatar($op['operatorid'],'');
|
||||
header("Location: $webimroot/operator/avatar.php?op=$opId");
|
||||
exit;
|
||||
@ -86,6 +89,7 @@ if( !$op ) {
|
||||
}
|
||||
|
||||
$page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-";
|
||||
$page['canmodify'] = $canmodify ? "1" : "";
|
||||
|
||||
prepare_menu($operator);
|
||||
setup_operator_settings_tabs($opId,1);
|
||||
|
||||
@ -53,11 +53,12 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
|
||||
( $opId && $existing_operator && $opId != $existing_operator['operatorid']) )
|
||||
$errors[] = getlocal("page_agent.error.duplicate_login");
|
||||
|
||||
|
||||
if($opId != $operator['operatorid'] && !is_capable($can_administrate, $operator)) {
|
||||
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|
||||
|| is_capable($can_administrate, $operator);
|
||||
if(!$canmodify) {
|
||||
$errors[] = getlocal('page_agent.cannot_modify');
|
||||
}
|
||||
|
||||
|
||||
if( count($errors) == 0 ) {
|
||||
if (!$opId) {
|
||||
$newop = create_operator($login,$password,$localname,$commonname,"");
|
||||
@ -90,7 +91,16 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
|
||||
}
|
||||
}
|
||||
|
||||
if(!$opId && !is_capable($can_administrate, $operator)) {
|
||||
$errors[] = "You are not allowed to create operators";
|
||||
}
|
||||
|
||||
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|
||||
|| is_capable($can_administrate, $operator);
|
||||
|
||||
$page['stored'] = isset($_GET['stored']);
|
||||
$page['canmodify'] = $canmodify ? "1" : "";
|
||||
|
||||
prepare_menu($operator);
|
||||
setup_operator_settings_tabs($opId,0);
|
||||
start_html_output();
|
||||
|
||||
@ -32,6 +32,9 @@ $page = array('opid' => $opId);
|
||||
$page['groups'] = get_groups(false);
|
||||
$errors = array();
|
||||
|
||||
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|
||||
|| is_capable($can_administrate, $operator);
|
||||
|
||||
$op = operator_by_id($opId);
|
||||
|
||||
if( !$op ) {
|
||||
@ -39,10 +42,10 @@ if( !$op ) {
|
||||
|
||||
} else if( isset($_POST['op']) ) {
|
||||
|
||||
if($opId != $operator['operatorid'] && !is_capable($can_administrate, $operator)) {
|
||||
if(!$canmodify) {
|
||||
$errors[] = getlocal('page_agent.cannot_modify');
|
||||
}
|
||||
|
||||
|
||||
if(count($errors) == 0) {
|
||||
$new_groups = array();
|
||||
foreach($page['groups'] as $group) {
|
||||
@ -59,6 +62,7 @@ if( !$op ) {
|
||||
|
||||
$page['formgroup'] = array();
|
||||
$page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-";
|
||||
$page['canmodify'] = $canmodify ? "1" : "";
|
||||
|
||||
if($op) {
|
||||
foreach(get_operator_groupids($opId) as $rel) {
|
||||
|
||||
@ -19,7 +19,7 @@ $page['menuid'] = $page['opid'] == $page['currentopid'] ? "profile" : "operators
|
||||
function tpl_content() { global $page, $webimroot, $errors;
|
||||
?>
|
||||
|
||||
<?php if( $page['opid'] ) { ?>
|
||||
<?php if( $page['opid'] ) { ?>
|
||||
<?php echo getlocal("page_agent.intro") ?>
|
||||
<?php } ?>
|
||||
<?php if( !$page['opid'] ) { ?>
|
||||
@ -34,6 +34,7 @@ require_once('inc_errors.php');
|
||||
<div id="formmessage"><?php echo getlocal("data.saved") ?></div>
|
||||
<?php } ?>
|
||||
|
||||
<?php if( $page['opid'] || $page['canmodify'] ) { ?>
|
||||
<form name="agentForm" method="post" action="<?php echo $webimroot ?>/operator/operator.php">
|
||||
<input type="hidden" name="opid" value="<?php echo $page['opid'] ?>"/>
|
||||
<div>
|
||||
@ -52,7 +53,7 @@ require_once('inc_errors.php');
|
||||
<div class="field">
|
||||
<div class="flabel"><?php echo getlocal('form.field.login') ?><span class="required">*</span></div>
|
||||
<div class="fvalue">
|
||||
<input type="text" name="login" size="40" value="<?php echo form_value('login') ?>" class="formauth"/>
|
||||
<input type="text" name="login" size="40" value="<?php echo form_value('login') ?>" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
|
||||
</div>
|
||||
<div class="fdescr"> — <?php echo getlocal('form.field.login.description') ?></div>
|
||||
<br clear="all"/>
|
||||
@ -61,7 +62,7 @@ require_once('inc_errors.php');
|
||||
<div class="field">
|
||||
<div class="flabel"><?php echo getlocal('form.field.password') ?><?php if( !$page['opid'] ) { ?><span class="required">*</span><?php } ?></div>
|
||||
<div class="fvalue">
|
||||
<input type="password" name="password" size="40" value="" class="formauth"/>
|
||||
<input type="password" name="password" size="40" value="" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
|
||||
</div>
|
||||
<div class="fdescr"> — <?php echo getlocal('form.field.password.description') ?></div>
|
||||
<br clear="all"/>
|
||||
@ -70,7 +71,7 @@ require_once('inc_errors.php');
|
||||
<div class="field">
|
||||
<div class="flabel"><?php echo getlocal('form.field.password_confirm') ?><?php if( !$page['opid'] ) { ?><span class="required">*</span><?php } ?></div>
|
||||
<div class="fvalue">
|
||||
<input type="password" name="passwordConfirm" size="40" value="" class="formauth"/>
|
||||
<input type="password" name="passwordConfirm" size="40" value="" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
|
||||
</div>
|
||||
<div class="fdescr"> — <?php echo getlocal('form.field.password_confirm.description') ?></div>
|
||||
<br clear="all"/>
|
||||
@ -79,7 +80,7 @@ require_once('inc_errors.php');
|
||||
<div class="field">
|
||||
<div class="flabel"><?php echo getlocal('form.field.agent_name') ?><span class="required">*</span></div>
|
||||
<div class="fvalue">
|
||||
<input type="text" name="name" size="40" value="<?php echo form_value('name') ?>" class="formauth"/>
|
||||
<input type="text" name="name" size="40" value="<?php echo form_value('name') ?>" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
|
||||
</div>
|
||||
<div class="fdescr"> — <?php echo getlocal('form.field.agent_name.description') ?></div>
|
||||
<br clear="all"/>
|
||||
@ -88,16 +89,17 @@ require_once('inc_errors.php');
|
||||
<div class="field">
|
||||
<div class="flabel"><?php echo getlocal('form.field.agent_commonname') ?><span class="required">*</span></div>
|
||||
<div class="fvalue">
|
||||
<input type="text" name="commonname" size="40" value="<?php echo form_value('commonname') ?>" class="formauth"/>
|
||||
<input type="text" name="commonname" size="40" value="<?php echo form_value('commonname') ?>" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
|
||||
</div>
|
||||
<div class="fdescr"> — <?php echo getlocal('form.field.agent_commonname.description') ?></div>
|
||||
<br clear="all"/>
|
||||
</div>
|
||||
|
||||
|
||||
<?php if($page['canmodify']) { ?>
|
||||
<div class="fbutton">
|
||||
<input type="image" name="save" value="" src='<?php echo $webimroot.getlocal("image.button.save") ?>' alt='<?php echo getlocal("button.save") ?>'/>
|
||||
</div>
|
||||
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
</div><div class="formbottom"><div class="formbottomi"></div></div></div>
|
||||
@ -108,7 +110,7 @@ require_once('inc_errors.php');
|
||||
</div>
|
||||
|
||||
</form>
|
||||
|
||||
<?php } ?>
|
||||
<?php
|
||||
} /* content */
|
||||
|
||||
|
||||
@ -51,15 +51,24 @@ require_once('inc_errors.php');
|
||||
<div class="flabel"><?php echo getlocal('form.field.avatar.current') ?></div>
|
||||
<div class="fvalue">
|
||||
<img src="<?php echo $page['avatar'] ?>" alt="cannot load avatar"/><br/>
|
||||
<?php if($page['canmodify']) { ?>
|
||||
<a class="formauth" href='<?php echo $webimroot ?>/operator/avatar.php?op=<?php echo $page['opid'] ?>&delete=true'>
|
||||
<?php echo getlocal("page_agent.clear_avatar") ?>
|
||||
</a>
|
||||
<?php } ?>
|
||||
</div>
|
||||
<div class="fdescr"> — <?php echo getlocal('form.field.avatar.current.description') ?></div>
|
||||
<br clear="all"/>
|
||||
</div>
|
||||
<?php } else if(!$page['canmodify']) { ?>
|
||||
<div class="field">
|
||||
<div class="fvaluenodesc">
|
||||
No avatar
|
||||
</div>
|
||||
</div>
|
||||
<?php } ?>
|
||||
|
||||
<?php if($page['canmodify']) { ?>
|
||||
<div class="field">
|
||||
<div class="flabel"><?php echo getlocal('form.field.avatar.upload') ?><span class="required">*</span></div>
|
||||
<div class="fvalue">
|
||||
@ -72,6 +81,7 @@ require_once('inc_errors.php');
|
||||
<div class="fbutton">
|
||||
<input type="image" name="save" value="" src='<?php echo $webimroot.getlocal("image.button.save") ?>' alt='<?php echo getlocal("button.save") ?>'/>
|
||||
</div>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
</div><div class="formbottom"><div class="formbottomi"></div></div></div>
|
||||
|
||||
@ -50,17 +50,18 @@ require_once('inc_errors.php');
|
||||
<div class="field">
|
||||
<div class="flabel"><?php echo htmlspecialchars(topage($pm['vclocalname'])) ?></div>
|
||||
<div class="fvalue">
|
||||
<input type="checkbox" name="group<?php echo $pm['groupid'] ?>" value="on"<?php echo form_value_mb('group',$pm['groupid']) ? " checked=\"checked\"" : "" ?>/>
|
||||
<input type="checkbox" name="group<?php echo $pm['groupid'] ?>" value="on"<?php echo form_value_mb('group',$pm['groupid']) ? " checked=\"checked\"" : "" ?><?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
|
||||
</div>
|
||||
<div class="fdescr"> — <?php echo $pm['vclocaldescription'] ? htmlspecialchars(topage($pm['vclocaldescription'])) : getlocal("operator.group.no_description") ?></div>
|
||||
<br clear="all"/>
|
||||
</div>
|
||||
<?php } ?>
|
||||
|
||||
<?php if($page['canmodify']) { ?>
|
||||
<div class="fbutton">
|
||||
<input type="image" name="save" value="" src='<?php echo $webimroot.getlocal("image.button.save") ?>' alt='<?php echo getlocal("button.save") ?>'/>
|
||||
</div>
|
||||
|
||||
<?php } ?>
|
||||
</div><div class="formbottom"><div class="formbottomi"></div></div></div>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user