diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/AbstractController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/AbstractController.php
new file mode 100644
index 00000000..1f3555a1
--- /dev/null
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/AbstractController.php
@@ -0,0 +1,62 @@
+attributes->get('_route');
+ $operator_id = $request->attributes->get('operator_id', false);
+ $args = array('operator_id' => $operator_id);
+
+ if ($operator_id) {
+ $tabs[getlocal('page_agent.tab.main')] = ($route != 'operator_edit')
+ ? $this->generateUrl('operator_edit', $args)
+ : '';
+
+ $tabs[getlocal('page_agent.tab.avatar')] = ($route != 'operator_avatar')
+ ? $this->generateUrl('operator_avatar', $args)
+ : '';
+
+ $tabs[getlocal('page_agent.tab.groups')] = ($route != 'operator_groups')
+ ? $this->generateUrl('operator_groups', $args)
+ : '';
+
+ $tabs[getlocal('page_agent.tab.permissions')] = ($route != 'operator_permissions')
+ ? $this->generateUrl('operator_permissions', $args)
+ : '';
+ }
+
+ return $tabs;
+ }
+}
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php
index 19f6be19..e31000d9 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php
@@ -17,7 +17,6 @@
namespace Mibew\Controller\Operator;
-use Mibew\Controller\AbstractController;
use Mibew\Settings;
use Mibew\Http\Exception\AccessDeniedException;
use Mibew\Http\Exception\NotFoundException;
@@ -67,7 +66,7 @@ class AvatarController extends AbstractController
$page['menuid'] = ($operator['operatorid'] == $op_id) ? 'profile' : 'operators';
$page = array_merge($page, prepare_menu($operator));
- $page['tabs'] = setup_operator_settings_tabs($op_id, 1);
+ $page['tabs'] = $this->buildTabs($request);
return $this->render('operator_avatar', $page);
}
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php
index 7cb77701..b7962548 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php
@@ -17,7 +17,6 @@
namespace Mibew\Controller\Operator;
-use Mibew\Controller\AbstractController;
use Mibew\Http\Exception\AccessDeniedException;
use Mibew\Http\Exception\BadRequestException;
use Mibew\Http\Exception\NotFoundException;
@@ -95,7 +94,7 @@ class GroupsController extends AbstractController
$page['title'] = getlocal('operator.groups.title');
$page['menuid'] = ($operator['operatorid'] == $op_id) ? 'profile' : 'operators';
$page = array_merge($page, prepare_menu($operator));
- $page['tabs'] = setup_operator_settings_tabs($op_id, 2);
+ $page['tabs'] = $this->buildTabs($request);
return $this->render('operator_groups', $page);
}
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php
index 66053b86..3ff1c47b 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php
@@ -17,7 +17,6 @@
namespace Mibew\Controller\Operator;
-use Mibew\Controller\AbstractController;
use Mibew\Database;
use Mibew\Http\Exception\NotFoundException;
use Symfony\Component\HttpFoundation\Request;
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/PermissionsController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/PermissionsController.php
new file mode 100644
index 00000000..02f6db9e
--- /dev/null
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/PermissionsController.php
@@ -0,0 +1,154 @@
+attributes->get('_operator');
+ $op_id = $request->attributes->get('operator_id');
+
+ $page = array(
+ 'opid' => $op_id,
+ 'canmodify' => is_capable(CAN_ADMINISTRATE, $operator) ? '1' : '',
+ 'errors' => array(),
+ );
+
+ // Check if the curent operator has enough rights to access the page
+ if ($op_id != $operator['operatorid'] && !is_capable(CAN_ADMINISTRATE, $operator)) {
+ throw new AccessDeniedException();
+ }
+
+ $op = operator_by_id($op_id);
+ if (!$op) {
+ throw new NotFoundException('The operator is not found.');
+ }
+
+ // Check if the target operator exists
+ $page['currentop'] = $op
+ ? get_operator_name($op) . ' (' . $op['vclogin'] . ')'
+ : getlocal('not_found');
+
+ // Build list of permissions which belongs to the target operator.
+ $checked_permissions = array();
+ foreach (permission_ids() as $perm => $id) {
+ if (is_capable($perm, $op)) {
+ $checked_permissions[] = $id;
+ }
+ }
+
+ // Build list of all available permissions
+ $page['permissionsList'] = array();
+ foreach (get_permission_list() as $perm) {
+ $perm['checked'] = in_array($perm['id'], $checked_permissions);
+ $page['permissionsList'][] = $perm;
+ }
+
+ $page['stored'] = $request->query->has('stored');
+ $page['title'] = getlocal('permissions.title');
+ $page['menuid'] = ($operator['operatorid'] == $op_id) ? 'profile' : 'operators';
+ $page = array_merge($page, prepare_menu($operator));
+ $page['tabs'] = $this->buildTabs($request);
+
+ return $this->render('operator_permissions', $page);
+ }
+
+ /**
+ * Processes submitting of the form which is generated in
+ * {@link \Mibew\Controller\Operator\PermissionsController::showFormAction()}
+ * method.
+ *
+ * @param Request $request Incoming request.
+ * @return string Rendered page content.
+ * @throws NotFoundException If the operator with specified ID is not found
+ * in the system.
+ * @throws BadRequestException If the "op" field of the form is in wrong
+ * format.
+ */
+ public function submitFormAction(Request $request)
+ {
+ csrf_check_token($request);
+
+ $operator = $request->attributes->get('_operator');
+
+ // Use value from the form and not from the path to make sure it is
+ // correct. If not, throw an exception.
+ $op_id = $request->request->get('op');
+ if (!preg_match("/^\d{1,10}$/", $op_id)) {
+ throw new BadRequestException('Wrong value of "op" form field.');
+ }
+
+ // Check if the target operator exists
+ $op = operator_by_id($op_id);
+ if (!$op) {
+ throw new NotFoundException('The operator is not found.');
+ }
+
+ $new_permissions = isset($op['iperm']) ? $op['iperm'] : 0;
+
+ foreach (permission_ids() as $perm => $id) {
+ if ($request->request->get('permissions' . $id) == 'on') {
+ $new_permissions |= (1 << $perm);
+ } else {
+ $new_permissions &= ~(1 << $perm);
+ }
+ }
+
+ // Update operator's permissions in the database and in cached session
+ // data if it is needed.
+ update_operator_permissions($op['operatorid'], $new_permissions);
+
+ if ($operator['operatorid'] == $op_id) {
+ $operator['iperm'] = $new_permissions;
+ $_SESSION[SESSION_PREFIX . 'operator'] = $operator;
+ $request->attributes->set('_operator', $operator);
+ }
+
+ // Redirect the current operator to the same page using GET method.
+ $redirect_to = $this->generateUrl(
+ 'operator_permissions',
+ array(
+ 'operator_id' => $op_id,
+ 'stored' => true,
+ )
+ );
+
+ return $this->redirect($redirect_to);
+ }
+}
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php
index bcd63b93..67520859 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php
@@ -17,7 +17,6 @@
namespace Mibew\Controller\Operator;
-use Mibew\Controller\AbstractController;
use Mibew\Http\Exception\AccessDeniedException;
use Mibew\Http\Exception\NotFoundException;
use Symfony\Component\HttpFoundation\Request;
@@ -109,7 +108,7 @@ class ProfileController extends AbstractController
$page['requirePassword'] = (!$op_id || $page['needChangePassword']);
$page['formaction'] = $request->getBaseUrl() . $request->getPathInfo();
$page = array_merge($page, prepare_menu($operator));
- $page['tabs'] = setup_operator_settings_tabs($op_id, 0);
+ $page['tabs'] = $this->buildTabs($request);
return $this->render('operator_edit', $page);
}
diff --git a/src/mibew/libs/init.php b/src/mibew/libs/init.php
index cb836ff1..568e1f90 100644
--- a/src/mibew/libs/init.php
+++ b/src/mibew/libs/init.php
@@ -105,7 +105,6 @@ require_once(MIBEW_FS_ROOT . '/libs/groups.php');
require_once(MIBEW_FS_ROOT . '/libs/invitation.php');
require_once(MIBEW_FS_ROOT . '/libs/notify.php');
require_once(MIBEW_FS_ROOT . '/libs/operator.php');
-require_once(MIBEW_FS_ROOT . '/libs/operator_settings.php');
require_once(MIBEW_FS_ROOT . '/libs/pagination.php');
require_once(MIBEW_FS_ROOT . '/libs/statistics.php');
require_once(MIBEW_FS_ROOT . '/libs/settings.php');
diff --git a/src/mibew/libs/operator_settings.php b/src/mibew/libs/operator_settings.php
deleted file mode 100644
index b2759c8f..00000000
--- a/src/mibew/libs/operator_settings.php
+++ /dev/null
@@ -1,49 +0,0 @@
- ($active != 0
- ? (MIBEW_WEB_ROOT . "/operator/operator/" . $operator_id . "/edit")
- : ""),
- getlocal("page_agent.tab.avatar") => ($active != 1
- ? (MIBEW_WEB_ROOT . "/operator/operator/" . $operator_id . "/avatar")
- : ""),
- getlocal("page_agent.tab.groups") => ($active != 2
- ? (MIBEW_WEB_ROOT . "/operator/operator/" . $operator_id . "/groups")
- : ""),
- getlocal("page_agent.tab.permissions") => ($active != 3
- ? (MIBEW_WEB_ROOT . "/operator/permissions.php?op=" . $operator_id)
- : ""),
- );
- }
-
- return $tabs;
-}
diff --git a/src/mibew/libs/routing.yml b/src/mibew/libs/routing.yml
index c4717b02..afd985f3 100644
--- a/src/mibew/libs/routing.yml
+++ b/src/mibew/libs/routing.yml
@@ -274,6 +274,25 @@ operator_groups_save:
operator_id: \d{1,10}
methods: [POST]
+operator_permissions:
+ path: /operator/operator/{operator_id}/permissions
+ defaults:
+ _controller: Mibew\Controller\Operator\PermissionsController::showFormAction
+ _access_check: Mibew\AccessControl\Check\LoggedInCheck
+ requirements:
+ operator_id: \d{1,10}
+ methods: [GET]
+
+operator_permissions_save:
+ path: /operator/operator/{operator_id}/permissions
+ defaults:
+ _controller: Mibew\Controller\Operator\PermissionsController::submitFormAction
+ _access_check: Mibew\AccessControl\Check\PermissionsCheck
+ _access_permissions: [CAN_ADMINISTRATE]
+ requirements:
+ operator_id: \d{1,10}
+ methods: [POST]
+
operators:
path: /operator/operator
defaults:
diff --git a/src/mibew/operator/permissions.php b/src/mibew/operator/permissions.php
deleted file mode 100644
index 955c3ff9..00000000
--- a/src/mibew/operator/permissions.php
+++ /dev/null
@@ -1,93 +0,0 @@
- $op_id,
- 'canmodify' => is_capable(CAN_ADMINISTRATE, $operator) ? "1" : "",
- 'errors' => array(),
-);
-
-$op = operator_by_id($op_id);
-
-if (!$op) {
- $page['errors'][] = getlocal("no_such_operator");
-} elseif (isset($_POST['op'])) {
-
- if (!is_capable(CAN_ADMINISTRATE, $operator)) {
- $page['errors'][] = getlocal('page_agent.cannot_modify');
- }
-
- $new_permissions = isset($op['iperm']) ? $op['iperm'] : 0;
-
- foreach (permission_ids() as $perm => $id) {
- if (verify_param("permissions$id", "/^on$/", "") == "on") {
- $new_permissions |= (1 << $perm);
- } else {
- $new_permissions &= ~(1 << $perm);
- }
- }
-
- if (count($page['errors']) == 0) {
- update_operator_permissions($op['operatorid'], $new_permissions);
-
- if ($op_id && $_SESSION[SESSION_PREFIX . "operator"] && $operator['operatorid'] == $op_id) {
- $_SESSION[SESSION_PREFIX . "operator"]['iperm'] = $new_permissions;
- }
- header("Location: " . MIBEW_WEB_ROOT . "/operator/permissions.php?op=" . intval($op_id) . "&stored");
- exit;
- }
-}
-
-$page['currentop'] = $op
- ? get_operator_name($op) . " (" . $op['vclogin'] . ")"
- : getlocal("not_found");
-
-$checked_permissions = array();
-if ($op) {
- foreach (permission_ids() as $perm => $id) {
- if (is_capable($perm, $op)) {
- $checked_permissions[] = $id;
- }
- }
-}
-
-$page['permissionsList'] = array();
-foreach (get_permission_list() as $perm) {
- $perm['checked'] = in_array($perm['id'], $checked_permissions);
- $page['permissionsList'][] = $perm;
-}
-
-$page['stored'] = isset($_GET['stored']);
-$page['title'] = getlocal("permissions.title");
-$page['menuid'] = ($operator['operatorid'] == $op_id) ? "profile" : "operators";
-
-$page = array_merge($page, prepare_menu($operator));
-
-$page['tabs'] = setup_operator_settings_tabs($op_id, 3);
-
-$page_style = new PageStyle(PageStyle::getCurrentStyle());
-$page_style->render('permissions', $page);
diff --git a/src/mibew/styles/pages/default/templates_src/server_side/permissions.handlebars b/src/mibew/styles/pages/default/templates_src/server_side/operator_permissions.handlebars
similarity index 96%
rename from src/mibew/styles/pages/default/templates_src/server_side/permissions.handlebars
rename to src/mibew/styles/pages/default/templates_src/server_side/operator_permissions.handlebars
index 04a0289c..94b7b7f0 100644
--- a/src/mibew/styles/pages/default/templates_src/server_side/permissions.handlebars
+++ b/src/mibew/styles/pages/default/templates_src/server_side/operator_permissions.handlebars
@@ -13,7 +13,7 @@
{{l10n "data.saved"}}
{{/if}}
-