Add ability to create custom user/permissions groups
This commit is contained in:
parent
9a846d5ad5
commit
eea4e42609
@ -1162,18 +1162,28 @@
|
||||
* ====================
|
||||
*/
|
||||
|
||||
// Probably best not to change these:
|
||||
if (!defined('JANITOR')) {
|
||||
define('JANITOR', 0, true);
|
||||
define('MOD', 1, true);
|
||||
define('ADMIN', 2, true);
|
||||
define('DISABLED', 3, true);
|
||||
}
|
||||
// Probably best not to change this unless you are smart enough to figure out what you're doing. If you
|
||||
// decide to change it, remember that it is impossible to redefinite/overwrite groups; you may only add
|
||||
// new ones.
|
||||
$config['mod']['groups'] = array(
|
||||
10 => 'Janitor',
|
||||
20 => 'Mod',
|
||||
30 => 'Admin',
|
||||
// 98 => 'God',
|
||||
99 => 'Disabled'
|
||||
);
|
||||
|
||||
// If you add stuff to the above, you'll need to call this function immediately after.
|
||||
define_groups();
|
||||
|
||||
// Example: Adding a new permissions group.
|
||||
// $config['mod']['groups'][0] = 'NearlyPowerless';
|
||||
// define_groups();
|
||||
|
||||
// Capcode permissions.
|
||||
$config['mod']['capcode'] = array(
|
||||
// JANITOR => array('Janitor'),
|
||||
MOD => array('Mod'),
|
||||
MOD => array('Mod'),
|
||||
ADMIN => true
|
||||
);
|
||||
|
||||
@ -1312,18 +1322,14 @@
|
||||
$config['mod']['edit_config'] = ADMIN;
|
||||
|
||||
// Config editor permissions
|
||||
$config['mod']['config'] = array(
|
||||
JANITOR => false,
|
||||
MOD => false,
|
||||
ADMIN => false,
|
||||
DISABLED => false,
|
||||
);
|
||||
$config['mod']['config'] = array();
|
||||
|
||||
// Disable the following configuration variables from being changed via ?/config. The following default
|
||||
// banned variables are considered somewhat dangerous.
|
||||
$config['mod']['config'][DISABLED] = array(
|
||||
'mod>config',
|
||||
'mod>config_editor_php',
|
||||
'mod>groups',
|
||||
'convert_args',
|
||||
'db>password',
|
||||
);
|
||||
|
@ -265,6 +265,15 @@ function verbose_error_handler($errno, $errstr, $errfile, $errline) {
|
||||
));
|
||||
}
|
||||
|
||||
function define_groups() {
|
||||
global $config;
|
||||
|
||||
foreach ($config['mod']['groups'] as $group_value => $group_name)
|
||||
defined($group_name) or define($group_name, $group_value, true);
|
||||
|
||||
ksort($config['mod']['groups']);
|
||||
}
|
||||
|
||||
function create_antibot($board, $thread = null) {
|
||||
require_once dirname(__FILE__) . '/anti-bot.php';
|
||||
|
||||
|
@ -3,7 +3,7 @@
|
||||
function permission_to_edit_config_var($varname) {
|
||||
global $config, $mod;
|
||||
|
||||
if (is_array($config['mod']['config'][DISABLED])) {
|
||||
if (isset($config['mod']['config'][DISABLED])) {
|
||||
foreach ($config['mod']['config'][DISABLED] as $disabled_var_name) {
|
||||
$disabled_var_name = explode('>', $disabled_var_name);
|
||||
if (count($disabled_var_name) == 1)
|
||||
@ -14,10 +14,11 @@ function permission_to_edit_config_var($varname) {
|
||||
}
|
||||
|
||||
$allow_only = false;
|
||||
// for ($perm = (int)$mod['type']; $perm >= JANITOR; $perm --) {
|
||||
for ($perm = JANITOR; $perm <= (int)$mod['type']; $perm ++) {
|
||||
foreach ($config['mod']['groups'] as $perm => $perm_name) {
|
||||
if ($perm > $mod['type'])
|
||||
break;
|
||||
$allow_only = false;
|
||||
if (is_array($config['mod']['config'][$perm])) {
|
||||
if (isset($config['mod']['config'][$perm]) && is_array($config['mod']['config'][$perm])) {
|
||||
foreach ($config['mod']['config'][$perm] as $perm_var_name) {
|
||||
if ($perm_var_name == '!') {
|
||||
$allow_only = true;
|
||||
@ -92,7 +93,7 @@ function config_vars() {
|
||||
continue; // This is just an alias.
|
||||
if (!preg_match('/^array|\[\]|function/', $var['default']) && !preg_match('/^Example: /', trim(implode(' ', $var['comment'])))) {
|
||||
$syntax_error = true;
|
||||
$temp = eval('$syntax_error = false;return ' . $var['default'] . ';');
|
||||
$temp = eval('$syntax_error = false;return @' . $var['default'] . ';');
|
||||
if ($syntax_error && $temp === false) {
|
||||
error('Error parsing config.php (line ' . $line_no . ')!', null, $var);
|
||||
} elseif (!isset($temp)) {
|
||||
|
@ -1674,11 +1674,39 @@ function mod_user_promote($uid, $action) {
|
||||
if (!hasPermission($config['mod']['promoteusers']))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
$query = prepare("UPDATE ``mods`` SET `type` = `type` " . ($action == 'promote' ? "+1 WHERE `type` < " . (int)ADMIN : "-1 WHERE `type` > " . (int)JANITOR) . " AND `id` = :id");
|
||||
$query = prepare("SELECT `type`, `username` FROM ``mods`` WHERE `id` = :id");
|
||||
$query->bindValue(':id', $uid);
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
modLog(($action == 'promote' ? 'Promoted' : 'Demoted') . " user #{$uid}");
|
||||
if (!$mod = $query->fetch(PDO::FETCH_ASSOC))
|
||||
error($config['error']['404']);
|
||||
|
||||
$new_group = false;
|
||||
|
||||
$groups = $config['mod']['groups'];
|
||||
if ($action == 'demote')
|
||||
$groups = array_reverse($groups, true);
|
||||
|
||||
foreach ($groups as $group_value => $group_name) {
|
||||
if ($action == 'promote' && $group_value > $mod['type']) {
|
||||
$new_group = $group_value;
|
||||
break;
|
||||
} elseif ($action == 'demote' && $group_value < $mod['type']) {
|
||||
$new_group = $group_value;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if ($new_group === false || $new_group == DISABLED)
|
||||
error(_('Impossible to promote/demote user.'));
|
||||
|
||||
$query = prepare("UPDATE ``mods`` SET `type` = :group_value WHERE `id` = :id");
|
||||
$query->bindValue(':id', $uid);
|
||||
$query->bindValue(':group_value', $new_group);
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
modLog(($action == 'promote' ? 'Promoted' : 'Demoted') . ' user "' .
|
||||
utf8tohtml($mod['username']) . '" to ' . $config['mod']['groups'][$new_group]);
|
||||
|
||||
header('Location: ?/users', true, $config['redirect_http']);
|
||||
}
|
||||
@ -2069,14 +2097,8 @@ function mod_config($board_config = false) {
|
||||
|
||||
|
||||
$config_append .= ' = ';
|
||||
if (@$var['permissions'] && in_array($value, array(JANITOR, MOD, ADMIN, DISABLED))) {
|
||||
$perm_array = array(
|
||||
JANITOR => 'JANITOR',
|
||||
MOD => 'MOD',
|
||||
ADMIN => 'ADMIN',
|
||||
DISABLED => 'DISABLED'
|
||||
);
|
||||
$config_append .= $perm_array[$value];
|
||||
if (@$var['permissions'] && isset($config['mod']['groups'][$value])) {
|
||||
$config_append .= $config['mod']['groups'][$value];
|
||||
} else {
|
||||
$config_append .= var_export($value, true);
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
<?php
|
||||
|
||||
// Installation/upgrade file
|
||||
define('VERSION', 'v0.9.6-dev-19');
|
||||
define('VERSION', 'v0.9.6-dev-20');
|
||||
|
||||
require 'inc/functions.php';
|
||||
|
||||
@ -407,6 +407,11 @@ if (file_exists($config['has_installed'])) {
|
||||
KEY `filehash` (`filehash`),
|
||||
KEY `time` (`time`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=ascii COLLATE=ascii_bin AUTO_INCREMENT=1 ;") or error(db_error());
|
||||
case 'v0.9.6-dev-19':
|
||||
query("UPDATE ``mods`` SET `type` = 10 WHERE `type` = 0") or error(db_error());
|
||||
query("UPDATE ``mods`` SET `type` = 20 WHERE `type` = 1") or error(db_error());
|
||||
query("UPDATE ``mods`` SET `type` = 30 WHERE `type` = 2") or error(db_error());
|
||||
query("ALTER TABLE ``mods`` CHANGE `type` `type` smallint(1) NOT NULL") or error(db_error());
|
||||
case false:
|
||||
// Update version number
|
||||
file_write($config['has_installed'], VERSION);
|
||||
|
@ -131,7 +131,7 @@ CREATE TABLE IF NOT EXISTS `mods` (
|
||||
`username` varchar(30) NOT NULL,
|
||||
`password` char(64) CHARACTER SET ascii NOT NULL COMMENT 'SHA256',
|
||||
`salt` char(32) CHARACTER SET ascii NOT NULL,
|
||||
`type` smallint(1) NOT NULL COMMENT '0: janitor, 1: mod, 2: admin',
|
||||
`type` smallint(2) NOT NULL,
|
||||
`boards` text CHARACTER SET utf8 NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE KEY `id` (`id`,`username`)
|
||||
@ -142,7 +142,7 @@ CREATE TABLE IF NOT EXISTS `mods` (
|
||||
--
|
||||
|
||||
INSERT INTO `mods` VALUES
|
||||
(1, 'admin', 'cedad442efeef7112fed0f50b011b2b9bf83f6898082f995f69dd7865ca19fb7', '4a44c6c55df862ae901b413feecb0d49', 2, '*');
|
||||
(1, 'admin', 'cedad442efeef7112fed0f50b011b2b9bf83f6898082f995f69dd7865ca19fb7', '4a44c6c55df862ae901b413feecb0d49', 20, '*');
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
|
@ -42,10 +42,11 @@
|
||||
<input name="{{ name }}" type="text" value="{{ var.value|e }}">
|
||||
{% elseif var.permissions %}
|
||||
<select name="{{ name }}">
|
||||
<option value="{{ constant('JANITOR') }}"{% if var.value == constant('JANITOR')%} selected{% endif %}>JANITOR</option>
|
||||
<option value="{{ constant('MOD') }}"{% if var.value == constant('MOD')%} selected{% endif %}>MOD</option>
|
||||
<option value="{{ constant('ADMIN') }}"{% if var.value == constant('ADMIN')%} selected{% endif %}>ADMIN</option>
|
||||
<option value="{{ constant('DISABLED') }}"{% if var.value == constant('DISABLED')%} selected{% endif %}>DISABLED</option>
|
||||
{% for group_value, group_name in config.mod.groups %}
|
||||
<option value="{{ group_value }}"{% if var.value == group_value %} selected{% endif %}>
|
||||
{{ group_name }}
|
||||
</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
{% elseif var.type == 'integer' %}
|
||||
<input name="{{ name }}" type="number" value="{{ var.value|e }}">
|
||||
|
@ -28,21 +28,15 @@
|
||||
</tr>
|
||||
{% if new %}
|
||||
<tr>
|
||||
<th>{% trans 'Class' %}</th>
|
||||
<th>{% trans 'Group' %}</th>
|
||||
<td>
|
||||
<ul style="padding:5px 8px;list-style:none">
|
||||
<li>
|
||||
<input type="radio" name="type" id="janitor" value="{{ constant('JANITOR') }}">
|
||||
<label for="janitor">{% trans 'Janitor' %}</label>
|
||||
</li>
|
||||
<li>
|
||||
<input type="radio" name="type" id="mod" value="{{ constant('MOD') }}" checked>
|
||||
<label for="mod">{% trans 'Mod' %}</label>
|
||||
</li>
|
||||
<li>
|
||||
<input type="radio" name="type" id="admin" value="{{ constant('Admin') }}">
|
||||
<label for="admin">{% trans 'Admin' %}</label>
|
||||
</li>
|
||||
{% for group_value, group_name in config.mod.groups if group_name != 'Disabled' %}
|
||||
<li>
|
||||
<input type="radio" name="type" id="group_{{ group_name }}" value="{{ group_value }}">
|
||||
<label for="group_{{ group_name }}">{% trans group_name %}</label>
|
||||
</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</td>
|
||||
</tr>
|
||||
|
@ -15,9 +15,10 @@
|
||||
<td><small>{{ user.id }}</small></td>
|
||||
<td>{{ user.username|e }}</td>
|
||||
<td>
|
||||
{% if user.type == constant('JANITOR') %}{% trans 'Janitor' %}
|
||||
{% elseif user.type == constant('MOD') %}{% trans 'Mod' %}
|
||||
{% elseif user.type == constant('ADMIN') %}{% trans 'Admin' %}
|
||||
{% if config.mod.groups[user.type] %}
|
||||
{{ config.mod.groups[user.type] }}
|
||||
{% else %}
|
||||
<em>{% trans 'Unknown' %}</em> ({{ user.type }})
|
||||
{% endif %}
|
||||
</td>
|
||||
<td>
|
||||
@ -46,10 +47,10 @@
|
||||
</td>
|
||||
{% endif %}
|
||||
<td>
|
||||
{% if mod|hasPermission(config.mod.promoteusers) and user.type < constant('ADMIN') %}
|
||||
{% if mod|hasPermission(config.mod.promoteusers) and user.type < constant(config.mod.groups[0:-1]|last) %}
|
||||
<a style="float:left;text-decoration:none" href="?/users/{{ user.id }}/promote" title="{% trans 'Promote' %}">▲</a>
|
||||
{% endif %}
|
||||
{% if mod|hasPermission(config.mod.promoteusers) and user.type > constant('JANITOR') %}
|
||||
{% if mod|hasPermission(config.mod.promoteusers) and user.type > constant(config.mod.groups|first) %}
|
||||
<a style="float:left;text-decoration:none" href="?/users/{{ user.id }}/demote" title="{% trans 'Demote' %}">▼</a>
|
||||
{% endif %}
|
||||
{% if mod|hasPermission(config.mod.modlog) %}
|
||||
|
Loading…
Reference in New Issue
Block a user