mirror of
				https://github.com/Mibew/mibew.git
				synced 2025-10-25 15:56:52 +03:00 
			
		
		
		
	modify profile permission
git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@517 c66351dc-e62f-0410-b875-e3a5c0b9693f
This commit is contained in:
		
							parent
							
								
									3ab00d8111
								
							
						
					
					
						commit
						4b790f7fcf
					
				| @ -15,13 +15,15 @@ | ||||
| $can_administrate = 0; | ||||
| $can_takeover = 1; | ||||
| $can_viewthreads = 2; | ||||
| $can_modifyprofile = 3; | ||||
| 
 | ||||
| $can_count = 3; | ||||
| $can_count = 4; | ||||
| 
 | ||||
| $permission_ids = array( | ||||
| 	$can_administrate => "admin", | ||||
| 	$can_takeover => "takeover", | ||||
| 	$can_viewthreads => "viewthreads" | ||||
| 	$can_viewthreads => "viewthreads", | ||||
| 	$can_modifyprofile => "modifyprofile" | ||||
| ); | ||||
| 
 | ||||
| function operator_by_login($login) { | ||||
|  | ||||
| @ -332,6 +332,7 @@ pending.table.head.waittime=Waiting time | ||||
| pending.table.speak=Click to chat with the visitor | ||||
| pending.table.view=Watch the chat | ||||
| permission.admin=System administration: settings, operators management, button generation | ||||
| permission.modifyprofile=Ability to modify profile | ||||
| permission.takeover=Take over chat thread | ||||
| permission.viewthreads=View another operator's chat thread | ||||
| permissions.intro=Change restrictions and available features for this operator. | ||||
|  | ||||
| @ -22,6 +22,9 @@ $opId = verifyparam( "op","/^\d{1,9}$/"); | ||||
| $page = array('opid' => $opId, 'avatar' => ''); | ||||
| $errors = array(); | ||||
| 
 | ||||
| $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))  | ||||
| 				|| is_capable($can_administrate, $operator); | ||||
| 
 | ||||
| $op = operator_by_id($opId); | ||||
| 
 | ||||
| if( !$op ) { | ||||
| @ -30,7 +33,7 @@ if( !$op ) { | ||||
| } else if( isset($_POST['op']) ) { | ||||
| 	$avatar = $op['vcavatar']; | ||||
| 
 | ||||
| 	if($opId != $operator['operatorid'] && !is_capable($can_administrate, $operator)) { | ||||
| 	if(!$canmodify) { | ||||
| 		$errors[] = getlocal('page_agent.cannot_modify'); | ||||
| 
 | ||||
| 	} else if( isset($_FILES['avatarFile']) && $_FILES['avatarFile']['name']) { | ||||
| @ -77,7 +80,7 @@ if( !$op ) { | ||||
| 	} | ||||
| 
 | ||||
| } else { | ||||
| 	if (isset($_GET['delete']) && $_GET['delete'] == "true") { | ||||
| 	if (isset($_GET['delete']) && $_GET['delete'] == "true" && $canmodify) { | ||||
| 		update_operator_avatar($op['operatorid'],''); | ||||
| 		header("Location: $webimroot/operator/avatar.php?op=$opId"); | ||||
| 		exit; | ||||
| @ -86,6 +89,7 @@ if( !$op ) { | ||||
| } | ||||
| 
 | ||||
| $page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-"; | ||||
| $page['canmodify'] = $canmodify ? "1" : ""; | ||||
| 
 | ||||
| prepare_menu($operator); | ||||
| setup_operator_settings_tabs($opId,1); | ||||
|  | ||||
| @ -53,11 +53,12 @@ if( isset($_POST['login']) && isset($_POST['password']) ) { | ||||
| 		( $opId && $existing_operator && $opId != $existing_operator['operatorid']) ) | ||||
| 		$errors[] = getlocal("page_agent.error.duplicate_login"); | ||||
| 		 | ||||
| 		 | ||||
| 	if($opId != $operator['operatorid'] && !is_capable($can_administrate, $operator)) { | ||||
| 	$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))  | ||||
| 				|| is_capable($can_administrate, $operator); | ||||
| 	if(!$canmodify) { | ||||
| 		$errors[] = getlocal('page_agent.cannot_modify'); | ||||
| 	} | ||||
| 		 | ||||
| 	 | ||||
| 	if( count($errors) == 0 ) { | ||||
| 		if (!$opId) { | ||||
| 			$newop = create_operator($login,$password,$localname,$commonname,""); | ||||
| @ -90,7 +91,16 @@ if( isset($_POST['login']) && isset($_POST['password']) ) { | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| if(!$opId && !is_capable($can_administrate, $operator)) { | ||||
| 	$errors[] = "You are not allowed to create operators"; | ||||
| } | ||||
| 
 | ||||
| $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))  | ||||
| 				|| is_capable($can_administrate, $operator); | ||||
| 
 | ||||
| $page['stored'] = isset($_GET['stored']); | ||||
| $page['canmodify'] = $canmodify ? "1" : ""; | ||||
| 
 | ||||
| prepare_menu($operator); | ||||
| setup_operator_settings_tabs($opId,0); | ||||
| start_html_output(); | ||||
|  | ||||
| @ -32,6 +32,9 @@ $page = array('opid' => $opId); | ||||
| $page['groups'] = get_groups(false); | ||||
| $errors = array(); | ||||
| 
 | ||||
| $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))  | ||||
| 				|| is_capable($can_administrate, $operator); | ||||
| 
 | ||||
| $op = operator_by_id($opId); | ||||
| 
 | ||||
| if( !$op ) { | ||||
| @ -39,10 +42,10 @@ if( !$op ) { | ||||
| 
 | ||||
| } else if( isset($_POST['op']) ) { | ||||
| 
 | ||||
| 	if($opId != $operator['operatorid'] && !is_capable($can_administrate, $operator)) { | ||||
| 	if(!$canmodify) { | ||||
| 		$errors[] = getlocal('page_agent.cannot_modify'); | ||||
| 	} | ||||
| 	 | ||||
| 
 | ||||
| 	if(count($errors) == 0) { | ||||
| 		$new_groups = array(); | ||||
| 		foreach($page['groups'] as $group) { | ||||
| @ -59,6 +62,7 @@ if( !$op ) { | ||||
| 
 | ||||
| $page['formgroup'] = array(); | ||||
| $page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-"; | ||||
| $page['canmodify'] = $canmodify ? "1" : ""; | ||||
| 
 | ||||
| if($op) { | ||||
| 	foreach(get_operator_groupids($opId) as $rel) { | ||||
|  | ||||
| @ -19,7 +19,7 @@ $page['menuid'] = $page['opid'] == $page['currentopid'] ? "profile" : "operators | ||||
| function tpl_content() { global $page, $webimroot, $errors; | ||||
| ?>
 | ||||
| 
 | ||||
| 	<?php if( $page['opid'] ) { ?>
 | ||||
| <?php if( $page['opid'] ) { ?>
 | ||||
| <?php echo getlocal("page_agent.intro") ?>
 | ||||
| <?php } ?>
 | ||||
| <?php if( !$page['opid'] ) { ?>
 | ||||
| @ -34,6 +34,7 @@ require_once('inc_errors.php'); | ||||
| <div id="formmessage"><?php echo getlocal("data.saved") ?></div>
 | ||||
| <?php } ?>
 | ||||
| 
 | ||||
| <?php if( $page['opid'] || $page['canmodify'] ) { ?>
 | ||||
| <form name="agentForm" method="post" action="<?php echo $webimroot ?>/operator/operator.php"> | ||||
| <input type="hidden" name="opid" value="<?php echo $page['opid'] ?>"/> | ||||
| 	<div> | ||||
| @ -52,7 +53,7 @@ require_once('inc_errors.php'); | ||||
| 		<div class="field"> | ||||
| 			<div class="flabel"><?php echo getlocal('form.field.login') ?><span class="required">*</span></div>
 | ||||
| 			<div class="fvalue"> | ||||
| 				<input type="text" name="login" size="40" value="<?php echo form_value('login') ?>" class="formauth"/> | ||||
| 				<input type="text" name="login" size="40" value="<?php echo form_value('login') ?>" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
 | ||||
| 			</div> | ||||
| 			<div class="fdescr"> — <?php echo getlocal('form.field.login.description') ?></div>
 | ||||
| 			<br clear="all"/> | ||||
| @ -61,7 +62,7 @@ require_once('inc_errors.php'); | ||||
| 		<div class="field"> | ||||
| 			<div class="flabel"><?php echo getlocal('form.field.password') ?><?php if( !$page['opid'] ) { ?><span class="required">*</span><?php } ?></div>
 | ||||
| 			<div class="fvalue"> | ||||
| 				<input type="password" name="password" size="40" value="" class="formauth"/> | ||||
| 				<input type="password" name="password" size="40" value="" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
 | ||||
| 			</div> | ||||
| 			<div class="fdescr"> — <?php echo getlocal('form.field.password.description') ?></div>
 | ||||
| 			<br clear="all"/> | ||||
| @ -70,7 +71,7 @@ require_once('inc_errors.php'); | ||||
| 		<div class="field"> | ||||
| 			<div class="flabel"><?php echo getlocal('form.field.password_confirm') ?><?php if( !$page['opid'] ) { ?><span class="required">*</span><?php } ?></div>
 | ||||
| 			<div class="fvalue"> | ||||
| 				<input type="password" name="passwordConfirm" size="40" value="" class="formauth"/> | ||||
| 				<input type="password" name="passwordConfirm" size="40" value="" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
 | ||||
| 			</div> | ||||
| 			<div class="fdescr"> — <?php echo getlocal('form.field.password_confirm.description') ?></div>
 | ||||
| 			<br clear="all"/> | ||||
| @ -79,7 +80,7 @@ require_once('inc_errors.php'); | ||||
| 		<div class="field"> | ||||
| 			<div class="flabel"><?php echo getlocal('form.field.agent_name') ?><span class="required">*</span></div>
 | ||||
| 			<div class="fvalue"> | ||||
| 				<input type="text" name="name" size="40" value="<?php echo form_value('name') ?>" class="formauth"/> | ||||
| 				<input type="text" name="name" size="40" value="<?php echo form_value('name') ?>" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
 | ||||
| 			</div> | ||||
| 			<div class="fdescr"> — <?php echo getlocal('form.field.agent_name.description') ?></div>
 | ||||
| 			<br clear="all"/> | ||||
| @ -88,16 +89,17 @@ require_once('inc_errors.php'); | ||||
| 		<div class="field"> | ||||
| 			<div class="flabel"><?php echo getlocal('form.field.agent_commonname') ?><span class="required">*</span></div>
 | ||||
| 			<div class="fvalue"> | ||||
| 				<input type="text" name="commonname" size="40" value="<?php echo form_value('commonname') ?>" class="formauth"/> | ||||
| 				<input type="text" name="commonname" size="40" value="<?php echo form_value('commonname') ?>" class="formauth"<?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
 | ||||
| 			</div> | ||||
| 			<div class="fdescr"> — <?php echo getlocal('form.field.agent_commonname.description') ?></div>
 | ||||
| 			<br clear="all"/> | ||||
| 		</div> | ||||
| 	 | ||||
| 
 | ||||
| <?php if($page['canmodify']) { ?>
 | ||||
| 		<div class="fbutton"> | ||||
| 			<input type="image" name="save" value="" src='<?php echo $webimroot.getlocal("image.button.save") ?>' alt='<?php echo getlocal("button.save") ?>'/> | ||||
| 		</div> | ||||
| 
 | ||||
| <?php } ?>
 | ||||
| 	</div> | ||||
| 	 | ||||
| 	</div><div class="formbottom"><div class="formbottomi"></div></div></div> | ||||
| @ -108,7 +110,7 @@ require_once('inc_errors.php'); | ||||
| 	</div> | ||||
| 
 | ||||
| </form> | ||||
| 
 | ||||
| <?php } ?>
 | ||||
| <?php  | ||||
| } /* content */ | ||||
| 
 | ||||
|  | ||||
| @ -51,15 +51,24 @@ require_once('inc_errors.php'); | ||||
| 			<div class="flabel"><?php echo getlocal('form.field.avatar.current') ?></div>
 | ||||
| 			<div class="fvalue"> | ||||
| 				<img src="<?php echo $page['avatar'] ?>" alt="cannot load avatar"/><br/> | ||||
| <?php if($page['canmodify']) { ?>
 | ||||
|                 <a class="formauth" href='<?php echo $webimroot ?>/operator/avatar.php?op=<?php echo $page['opid'] ?>&delete=true'> | ||||
|                     <?php echo getlocal("page_agent.clear_avatar") ?>
 | ||||
|                 </a> | ||||
| <?php } ?>
 | ||||
| 			</div> | ||||
| 			<div class="fdescr"> — <?php echo getlocal('form.field.avatar.current.description') ?></div>
 | ||||
| 			<br clear="all"/> | ||||
| 		</div> | ||||
| <?php } else if(!$page['canmodify']) { ?>
 | ||||
| 		<div class="field"> | ||||
| 			<div class="fvaluenodesc"> | ||||
| 				No avatar | ||||
| 			</div> | ||||
| 		</div> | ||||
| <?php } ?>
 | ||||
| 
 | ||||
| <?php if($page['canmodify']) { ?>
 | ||||
| 		<div class="field"> | ||||
| 			<div class="flabel"><?php echo getlocal('form.field.avatar.upload') ?><span class="required">*</span></div>
 | ||||
| 			<div class="fvalue"> | ||||
| @ -72,6 +81,7 @@ require_once('inc_errors.php'); | ||||
| 		<div class="fbutton"> | ||||
| 			<input type="image" name="save" value="" src='<?php echo $webimroot.getlocal("image.button.save") ?>' alt='<?php echo getlocal("button.save") ?>'/> | ||||
| 		</div> | ||||
| <?php } ?>
 | ||||
| 	</div> | ||||
| 
 | ||||
| 	</div><div class="formbottom"><div class="formbottomi"></div></div></div> | ||||
|  | ||||
| @ -50,17 +50,18 @@ require_once('inc_errors.php'); | ||||
| 	<div class="field"> | ||||
| 		<div class="flabel"><?php echo htmlspecialchars(topage($pm['vclocalname'])) ?></div>
 | ||||
| 		<div class="fvalue"> | ||||
| 			<input type="checkbox" name="group<?php echo $pm['groupid'] ?>" value="on"<?php echo form_value_mb('group',$pm['groupid']) ? " checked=\"checked\"" : "" ?>/>
 | ||||
| 			<input type="checkbox" name="group<?php echo $pm['groupid'] ?>" value="on"<?php echo form_value_mb('group',$pm['groupid']) ? " checked=\"checked\"" : "" ?><?php echo $page['canmodify'] ? "" : " disabled=\"disabled\"" ?>/>
 | ||||
| 		</div> | ||||
| 		<div class="fdescr"> — <?php echo $pm['vclocaldescription'] ? htmlspecialchars(topage($pm['vclocaldescription'])) : getlocal("operator.group.no_description") ?></div>
 | ||||
| 		<br clear="all"/> | ||||
| 	</div> | ||||
| <?php } ?>
 | ||||
| 
 | ||||
| <?php if($page['canmodify']) { ?>
 | ||||
| 	<div class="fbutton"> | ||||
| 		<input type="image" name="save" value="" src='<?php echo $webimroot.getlocal("image.button.save") ?>' alt='<?php echo getlocal("button.save") ?>'/> | ||||
| 	</div> | ||||
| 
 | ||||
| <?php } ?>
 | ||||
| 	</div><div class="formbottom"><div class="formbottomi"></div></div></div> | ||||
| 	</div>		 | ||||
| </form> | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user