th.right, label.privilege {
white-space:nowrap;
}
label.privilege {
margin:0.2em 1em 0.2em 0.1em;
padding:0 0.2em;
line-height:1.6em;
font-size:87%;
}
$prompt_principal_id:
$prompt_username: ##xxxxusername.input.50##
$passwd_row_entry
$prompt_fullname: ##fullname.input.50##
$prompt_email: ##email.input.50##$email_unique
$prompt_locale: ##locale.select##
$prompt_date_format: ##date_format_type.select##
$prompt_type: ##type_id.select##
$admin_row_entry
$prompt_privileges: $privs_html
$submit_row
$csrf_field
EOTEMPLATE;
$editor->SetTemplate( $template );
return $editor;
}
function build_privileges_html( $ed, $fname ) {
global $privilege_xlate, $privilege_names;
$btn_all = htmlspecialchars(translate('All')); $btn_all_title = htmlspecialchars(translate('Toggle all privileges'));
$btn_rw = htmlspecialchars(translate('Read/Write')); $btn_rw_title = htmlspecialchars(translate('Set read+write privileges'));
$btn_read = htmlspecialchars(translate('Read')); $btn_read_title = htmlspecialchars(translate('Set read privileges'));
$btn_fb = htmlspecialchars(translate('Free/Busy')); $btn_fb_title = htmlspecialchars(translate('Set free/busy privileges'));
$btn_sd = htmlspecialchars(translate('Schedule Deliver')); $btn_sd_title = htmlspecialchars(translate('Privileges to allow delivery of scheduling messages'));
$btn_ss = htmlspecialchars(translate('Schedule Send')); $btn_ss_title = htmlspecialchars(translate('Privileges to delegate scheduling decisions'));
$privs = $ed->Value($fname);
$privs_dec = isset($privs) ? bindec($privs) : 0;
$privileges_set = sprintf('
'."\n";
$form_id = $ed->Id();
$html = <<
';
$html .= sprintf('%s \'%s\' %s %s',
translate('Deleting Principal:'), $displayname, $_SERVER['REQUEST_URI'],
$confirmation_hash, translate('Confirm Deletion of the Principal'),
translate('All of the principal\'s calendars and events will be unrecoverably deleted.') );
$html .= "
\n";
return $html;
}
function group_memberships_browser() {
global $c, $id, $editor;
$browser = new Browser(translate('Group Memberships'));
$browser->AddColumn( 'group_id', translate('ID'), 'right', '##principal_link##' );
$rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id=';
$browser->AddHidden( 'principal_link', "'' || principal_id || ' '" );
$browser->AddColumn( 'displayname', translate('Display Name') );
$browser->AddColumn( 'member_of', translate('Is Member of'), '', '', 'is_member_of_list(principal_id)' );
$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
$browser->SetOrdering( 'displayname', 'A' );
$browser->SetJoins( "group_member LEFT JOIN dav_principal ON (group_id = principal_id) " );
$browser->SetWhere( 'user_active AND member_id = '.$id );
if ( $c->enable_row_linking ) {
$browser->RowFormat( '', ' ', '#even' );
}
else {
$browser->RowFormat( '', ' ', '#even' );
}
$browser->DoQuery();
return $browser;
}
function group_row_editor() {
global $c, $id, $editor, $can_write_principal;
$grouprow = new Editor("Group Members", "group_member");
$sql = 'SELECT principal_id, coalesce(displayname, fullname, username) FROM dav_principal ';
$sql .= 'WHERE principal_id NOT IN (SELECT member_id FROM group_member WHERE group_id = ' . $id . ') ';
$sql .= 'AND principal_id != ' . $id . ' ';
$sql .= 'ORDER BY 2';
$grouprow->SetLookup( 'member_id', $sql);
$grouprow->SetSubmitName( 'savegrouprow' );
if ( $can_write_principal ) {
if ( $grouprow->IsSubmit() ) {
if ( $grouprow->IsUpdate() )
$c->messages[] = translate('Updating Member of this Group Principal');
else
$c->messages[] = translate('Adding new member to this Group Principal');
$_POST['group_id'] = $id;
$member_id = intval($_POST['member_id']);
$grouprow->SetWhere( 'group_id='.$id.' AND member_id='.$member_id);
$grouprow->Write( );
unset($_GET['member_id']);
}
elseif ( isset($_GET['delete_member']) ) {
$qry = new AwlQuery('DELETE FROM group_member WHERE group_id=:group_id AND member_id = :member_id',
array( ':group_id' => $id, ':member_id' => intval($_GET['delete_member']) ));
$qry->Exec('principal-edit');
$c->messages[] = translate('Member deleted from this Group Principal');
}
}
return $grouprow;
}
function edit_group_row( $row_data ) {
global $id, $grouprow;
$form_url = preg_replace( '#&(edit|delete)_group=\d+#', '', $_SERVER['REQUEST_URI'] );
$csrf_field = getCsrfField();
$template = <<
$csrf_field
##member_id.select## ##Add.submit##
' || principal_id || ' '" );
$browser->AddColumn( 'displayname', translate('Display Name') );
$browser->AddColumn( 'member_of', translate('Is Member of'), '', '', 'is_member_of_list(principal_id)' );
$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
if ( $can_write_principal ) {
$del_link = ''.translate('Remove').' ';
$browser->AddColumn( 'action', translate('Action'), 'center', '', "'$edit_link $del_link'" );
}
$browser->SetOrdering( 'displayname', 'A' );
$browser->SetJoins( "group_member LEFT JOIN dav_principal ON (member_id = principal_id) " );
$browser->SetWhere( 'user_active AND group_id = '.$id );
if ( $c->enable_row_linking ) {
$browser->RowFormat( '', ' ', '#even' );
}
else {
$browser->RowFormat( '', ' ', '#even' );
}
$browser->DoQuery();
if ( $can_write_principal ) {
$browser->ExtraRowFormat( '', ' ', '#even' );
$extra_row = array( 'group_id' => -1 );
$browser->MatchedRow('group_id', -1, 'edit_group_row');
$extra_row = (object) $extra_row;
$browser->AddRow($extra_row);
}
return $browser;
}
function grant_row_editor() {
global $c, $id, $editor, $can_write_principal, $privilege_names, $session;
$grantrow = new Editor("Grants", "grants");
$grantrow->SetSubmitName( 'savegrantrow' );
$edit_grant_clause = '';
if ( isset($_GET['edit_grant']) ) {
$edit_grant_clause = ' AND to_principal != '.intval($_GET['edit_grant']);
}
$limit_grantrow = '';
if ( ! $c->list_everyone ) {
if ( ! $session->AllowedTo( "Admin" ) ) {
$limit_grantrow = 'AND (principal_id = \''.$session->principal_id.'\' or principal_id in (select member_id from group_member where group_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\')) or principal_id in (select group_id from group_member where member_id = \''.$session->principal_id.'\'))';
}
}
$grantrow->SetLookup( 'to_principal', 'SELECT principal_id, displayname FROM dav_principal WHERE user_active AND principal_id NOT IN (SELECT to_principal FROM grants WHERE by_principal = '.$id.$edit_grant_clause.') '.$limit_grantrow.' ORDER BY fullname' );
if ( $can_write_principal ) {
if ( $grantrow->IsSubmit() ) {
if ( $grantrow->IsUpdate() )
$c->messages[] = translate('Updating grants by this Principal');
else
$c->messages[] = translate('Granting new privileges from this Principal');
$_POST['by_principal'] = $id;
$to_principal = intval($_POST['to_principal']);
$orig_to_id = intval($_POST['orig_to_id']);
$grantrow->SetWhere( 'by_principal='.$id.' AND to_principal='.$orig_to_id);
if ( isset($_POST['grant_privileges']) ) {
$privilege_bitpos = array_flip($privilege_names);
$priv_names = array_keys($_POST['grant_privileges']);
$privs_dec = privilege_to_bits($priv_names);
$_POST['privileges'] = sprintf('%024s',decbin($privs_dec));
$grantrow->Assign('privileges', $privs_dec);
}
$grantrow->Write( );
unset($_GET['to_principal']);
}
elseif ( isset($_GET['delete_grant']) ) {
$qry = new AwlQuery("DELETE FROM grants WHERE by_principal=:grantor_id AND to_principal = :to_principal",
array( ':grantor_id' => $id, ':to_principal' => intval($_GET['delete_grant']) ));
$qry->Exec('principal-edit');
$c->messages[] = translate('Deleted a grant from this Principal');
}
}
return $grantrow;
}
function edit_grant_row_principal( $row_data ) {
global $id, $grantrow;
$orig_to_id = intval($row_data->to_principal);
if ( $orig_to_id > -1 ) {
$grantrow->SetRecord( $row_data );
}
else {
$grantrow->Initialise( $row_data );
}
$privs_html = build_privileges_html( $grantrow, 'grant_privileges' );
$form_id = $grantrow->Id();
$form_url = preg_replace( '#&(edit|delete)_grant=\d+#', '', $_SERVER['REQUEST_URI'] );
$csrf_field = getCsrfField();
$template = <<
$csrf_field
$privs_html
##submit##
EOTEMPLATE;
$grantrow->SetTemplate( $template );
$grantrow->Title("");
return $grantrow->Render();
}
function principal_grants_browser() {
global $c, $id, $editor, $can_write_principal;
$browser = new Browser(translate('Principal Grants'));
$browser->AddColumn( 'to_principal', translate('To ID'), 'right', '##principal_link##' );
$rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id=';
$browser->AddHidden( 'principal_link', "'' || to_principal || ' '" );
$browser->AddHidden( 'grant_privileges', 'privileges' );
$browser->AddColumn( 'displayname', translate('Display Name') );
$browser->AddColumn( 'privs', translate('Privileges'), '', '', 'privileges', '', '', 'principal_privilege_format_function' );
$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
if ( $can_write_principal ) {
$del_link = ''.translate('Revoke').' ';
$edit_link = ''.translate('Edit').' ';
$browser->AddColumn( 'action', translate('Action'), 'center', '', "'$edit_link $del_link'" );
}
$browser->SetOrdering( 'displayname', 'A' );
$browser->SetJoins( "grants LEFT JOIN dav_principal ON (to_principal = principal_id) " );
$browser->SetWhere( 'by_principal = '.$id );
if ( $c->enable_row_linking ) {
$browser->RowFormat( '', ' ', '#even' );
}
else {
$browser->RowFormat( '', ' ', '#even' );
}
$browser->DoQuery();
if ( $can_write_principal ) {
if ( isset($_GET['edit_grant']) ) {
$browser->MatchedRow('to_principal', $_GET['edit_grant'], 'edit_grant_row_principal');
}
else if ( isset($id ) ) {
$browser->ExtraRowFormat( '', ' ', '#even' );
$extra_row = array( 'to_principal' => -1 );
$browser->MatchedRow('to_principal', -1, 'edit_grant_row_principal');
$extra_row = (object) $extra_row;
$browser->AddRow($extra_row);
}
}
return $browser;
}
function ticket_row_editor() {
global $c, $id, $editor, $can_write_principal, $privilege_names;
$ticketrow = new Editor("Tickets", "access_ticket");
$ticketrow->SetSubmitName( 'ticketrow' );
if ( $can_write_principal && $ticketrow->IsSubmit() ) {
$username = $editor->Value('username');
$ugly_path = $_POST['target'];
if ( $ugly_path == '/'.$username || $ugly_path == '/'.$username.'/' ) {
$target_collection = $id;
}
else {
$username_len = strlen($username) + 2;
$sql = "SELECT collection_id FROM collection WHERE dav_name = :exact_name";
$sql .= " AND substring(dav_name FROM 1 FOR $username_len) = '/$username/'";
$params = array( ':exact_name' => $ugly_path );
if ( !preg_match( '#/$#', $ugly_path ) ) {
$sql .= " OR dav_name = :truncated_name OR dav_name = :trailing_slash_name";
$params[':truncated_name'] = preg_replace( '#[^/]*$#', '', $ugly_path);
$params[':trailing_slash_name'] = $ugly_path."/";
}
$sql .= " ORDER BY LENGTH(dav_name) DESC LIMIT 1";
$qry = new AwlQuery( $sql, $params );
if ( $qry->Exec() && $qry->rows() > 0 ) {
$row = $qry->Fetch();
$target_collection = $row->collection_id;
}
else {
$c->messages[] = translate('Can only add tickets for existing collection paths which you own');
return $ticketrow;
}
}
$_POST['dav_owner_id'] = $id;
$_POST['target_collection_id'] = $target_collection;
$ticket_id = check_by_regex($_POST['ticket_id'], '/[A-Za-z0-9]+/');
$ticketrow->SetWhere( 'dav_owner_id='.$id.' AND ticket_id='.AwlQuery::quote($ticket_id));
if ( isset($_POST['ticket_privileges']) ) {
$privilege_bitpos = array_flip($privilege_names);
$priv_names = array_keys($_POST['ticket_privileges']);
$privs_dec = privilege_to_bits($priv_names);
$_POST['privileges'] = sprintf('%024s',decbin($privs_dec));
$ticketrow->Assign('privileges', $privs_dec);
}
$c->messages[] = translate('Creating new ticket granting privileges to this Principal');
$ticketrow->Write( );
}
return $ticketrow;
}
function edit_ticket_row( $row_data ) {
global $id, $ticketrow;
if ( isset($row_data->ticket_id) ) {
$ticketrow->Initialise( $row_data );
}
$privs_html = build_privileges_html( $ticketrow, 'ticket_privileges' );
$form_id = $ticketrow->Id();
$ticket_id = $row_data->ticket_id;
$form_url = preg_replace( '#&(edit|delete)_[a-z]+=\d+#', '', $_SERVER['REQUEST_URI'] );
$csrf_field = getCsrfField();
$template = <<
$csrf_field
$ticket_id
$privs_html
##submit##
EOTEMPLATE;
$ticketrow->SetTemplate( $template );
$ticketrow->Title("");
return $ticketrow->Render();
}
function access_ticket_browser() {
global $c, $id, $editor, $can_write_principal;
$browser = new Browser(translate('Access Tickets'));
if ( $can_write_principal ) {
$browser->AddColumn( 'ticket_id', translate('Ticket ID'), '', '' );
}
$browser->AddColumn( 'target', translate('Target'), '', '%s ', "COALESCE(d.dav_name,c.dav_name)" );
$browser->AddColumn( 'expires', translate('Expires'), '', '', 'TO_CHAR(expires,\'YYYY-MM-DD HH:MI:SS\')');
$browser->AddColumn( 'privs', translate('Privileges'), '', '', 'privileges', '', '', 'principal_privilege_format_function' );
if ($can_write_principal) {
$delurl = $c->base_url . '/admin.php?action=edit&t=principal&id='.$id.'&ticket_id=##URL:ticket_id##&subaction=delete_ticket';
$browser->AddColumn( 'delete', translate('Action'), 'center', '', "'".translate('Delete')." '" );
}
$browser->SetOrdering( 'target', 'A' );
$browser->SetJoins( 'access_ticket t LEFT JOIN collection c ON (target_collection_id=collection_id) LEFT JOIN caldav_data d ON (target_resource_id=dav_id)' );
$browser->SetWhere( 'dav_owner_id = '.intval($editor->Value('principal_id')) );
$browser->RowFormat( '', ' ', '#even' );
$browser->DoQuery();
if ( $can_write_principal ) {
$ticket_id = substr( str_replace('/', '', str_replace('+', '',base64_encode(sha1(date('r') .rand(0,2100000000) . microtime(true),true)))), 7, 8);
$extra_row = array( 'ticket_id' => $ticket_id,
'expires' => date( 'Y-m-d', time() + (86400 * 31) ),
'target' => '/'.$editor->Value('username').'/'.$c->home_calendar_name.'/'
);
$browser->MatchedRow('ticket_id', $ticket_id, 'edit_ticket_row');
$browser->AddRow($extra_row);
}
return $browser;
}
function confirm_delete_ticket($confirmation_hash) {
$html = '';
$html .= sprintf('%s "%s" %s %s',
translate('Deleting Ticket:'), $_GET['ticket_id'], $_SERVER['REQUEST_URI'],
$confirmation_hash,
translate('Confirm Deletion of the Ticket'),
translate('The access ticket will be deleted.') );
$html .= "
\n";
return $html;
}
function principal_collection_browser() {
global $c, $page_elements, $id, $editor, $can_write_principal;
$browser = new Browser(translate('Principal Collections'));
$browser->AddColumn( 'collection_id', translate('ID'), 'right', '##collection_link##' );
$rowurl = $c->base_url . '/admin.php?action=edit&t=collection&id=';
$browser->AddHidden( 'collection_link', "'' || collection_id || ' '" );
$browser->AddColumn( 'dav_name', translate('Path') );
$browser->AddColumn( 'dav_displayname', translate('Display Name') );
$browser->AddColumn( 'publicly_readable', translate('Public'), 'centre', '', 'CASE WHEN publicly_readable THEN \''.translate('Yes').'\' ELSE \''.translate('No').'\' END' );
$browser->AddColumn( 'privs', translate('Privileges'), '', '',
"COALESCE( privileges_list(default_privileges), '[".translate('from principal')."]')" );
if ($can_write_principal) {
$delurl = $c->base_url . '/admin.php?action=edit&t=principal&id='.$id.'&collection_id=##URL:collection_id##&subaction=delete_collection';
$browser->AddColumn( 'delete', translate('Action'), 'center', '', "'".translate('Delete')." '" );
}
$browser->SetOrdering( 'dav_name', 'A' );
$browser->SetJoins( "collection " );
$browser->SetWhere( 'user_no = '.intval($editor->Value('user_no')) );
if ($can_write_principal) {
$browser->ExtraRowFormat( '', ' ', '#even' );
$browser->AddRow( array( 'dav_name' => ''.translate('Create Collection').' ' ));
}
if ( $c->enable_row_linking ) {
$browser->RowFormat( '', ' ', '#even' );
}
else {
$browser->RowFormat( '', ' ', '#even' );
}
$browser->DoQuery();
return $browser;
}
function confirm_delete_collection($confirmation_hash) {
$html = '';
$html .= sprintf('%s "%s" %s %s',
translate('Deleting Collection:'), $_GET['collection_id'], $_SERVER['REQUEST_URI'],
$confirmation_hash,
translate('Confirm Deletion of the Collection'),
translate('All collection data will be unrecoverably deleted.') );
$html .= "
\n";
return $html;
}
function binding_row_editor() {
global $c, $id, $editor, $can_write_principal;
$bindingrow = new Editor("Bindings", "dav_binding");
$bindingrow->SetSubmitName( 'bindingrow' );
if ( $can_write_principal && $bindingrow->IsSubmit() ) {
if ( substr($_POST['dav_name'], -1) != '/' ) {
$_POST['dav_name'] .= '/';
}
$dav_name = $_POST['dav_name'];
$parent = '/'.$editor->Value('username').'/';
if ( strpos($dav_name, $parent) !== 0 ) {
$c->messages[] = translate("Can only bind collections into the current principal's namespace");
return $bindingrow;
}
if ( substr_count($dav_name, '/') != 3 || substr_count($dav_name, '\\') > 0 ) {
$c->messages[] = translate("Bound As is invalid");
return $bindingrow;
}
$qry = new AwlQuery('SELECT dav_name FROM collection where dav_name = :dav_name UNION SELECT dav_name FROM dav_binding WHERE dav_name = :dav_name', array( ':dav_name' => $dav_name) );
if ( $qry->Exec('dav_name') && $qry->rows() > 0 ) {
$c->messages[] = translate('A resource already exists at the destination.');
return $bindingrow;
}
if ( empty($_POST['access_ticket_id']) )
$_POST['access_ticket_id'] = null;
$_POST['dav_owner_id'] = $id;
$_POST['parent_container'] = $parent;
// external binds shouldn't ever point back to ourselves but they should be a valid http[s] url
$href = htmlspecialchars_decode($_POST['source']);
if ( preg_match ( '{^(?:https?://|file:///)([^/]+)(:[0-9]\+)?/.+$}', $href, $matches )
&& strcasecmp( $matches[0], 'localhost' ) !== 0 && strcasecmp( $matches[0], '127.0.0.1' ) !== 0
&& strcasecmp( $matches[0], $_SERVER['SERVER_NAME'] ) !== 0 && strcasecmp( $matches[0], $_SERVER['SERVER_ADDR'] ) !== 0
) {
$path = '/.external/' . md5($href);
$qry->QDo('SELECT collection_id FROM collection WHERE dav_name = :dav_name ', array( ':dav_name' => $path ));
if ( $qry->rows() == 1 && ($row = $qry->Fetch()) ) {
$dav_id = $row->collection_id;
}
else {
$qry->QDo( 'INSERT INTO collection ( user_no, parent_container, dav_name, dav_etag, dav_displayname,
is_calendar, is_addressbook, resourcetypes, created )
VALUES( :user_no, :parent_container, :dav_name, :dav_etag, :dav_displayname,
:is_calendar, :is_addressbook, :resourcetypes, current_timestamp )',
array(
':user_no' => $editor->Value('user_no'),
':parent_container' => '/.external/',
':dav_name' => $path,
':dav_etag' => md5( $editor->Value('user_no') . $path ),
':dav_displayname' => $_POST['dav_displayname'],
':is_calendar' => 't',
':is_addressbook' => 'f',
':resourcetypes' => '
$csrf_field
##submit##
EOTEMPLATE;
$bindingrow->SetTemplate( $template );
$bindingrow->Title("");
return $bindingrow->Render();
}
function bindings_to_other_browser() {
global $c, $editor, $can_write_principal;
$browser = new Browser(translate('Bindings to other collections'));
$browser->AddColumn( 'bind_id', translate('ID'), '', '' );
$browser->AddHidden( 'b.dav_owner_id' );
$browser->AddHidden( 'p.principal_id' );
$browser->AddColumn( 'bound_as', translate('Bound As'), '', '%s ', 'b.dav_name' );
$browser->AddColumn( 'dav_displayname', translate('Display Name'), '', '', 'b.dav_displayname' );
$browser->AddColumn( 'dav_name', translate('To Collection'), '', '%s ', 'c.dav_name' );
$browser->AddColumn( 'access_ticket_id', translate('Ticket ID'), '', '' );
$browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" );
if ($can_write_principal) {
$delurl = $c->base_url . sprintf('/admin.php?action=edit&t=principal&id=%s&bind_id=##bind_id##&subaction=delete_bind_in', $editor->Value('principal_id'));
$browser->AddColumn( 'delete', translate('Action'), 'center', '', "'".translate('Delete')." '" );
}
$browser->SetOrdering( 'bound_as', 'A' );
$browser->SetJoins( 'dav_binding b LEFT JOIN collection c ON (bound_source_id=collection_id) LEFT JOIN access_ticket t ON (ticket_id=access_ticket_id) LEFT JOIN principal p USING(user_no)' );
$browser->SetWhere( 'b.dav_name ~ '.sprintf("'^/%s/'", $editor->Value('username')) );
$browser->RowFormat( '', ' ', '#even' );
$browser->DoQuery();
if ( $can_write_principal ) {
$extra_row = (object) array( 'bind_id' => -1,
'dav_name' => '/'.$editor->Value('username').'/boundcalendar/'
);
$browser->MatchedRow('bind_id', -1, 'edit_binding_row');
$browser->AddRow($extra_row);
}
return $browser;
}
function confirm_delete_bind_in($confirmation_hash) {
$html = '';
$html .= sprintf('%s "%s" %s %s',
translate('Deleting Binding:'), $_GET['bind_id'], $_SERVER['REQUEST_URI'],
$confirmation_hash,
translate('Confirm Deletion of the Binding'),
translate('The binding will be deleted.') );
$html .= "
\n";
return $html;
}
function bindings_to_us_browser() {
global $c, $editor, $session;
$browser = new Browser(translate('Bindings to this Principal\'s Collections'));
$browser->AddColumn( 'bind_id', translate('ID'), '', '' );
$browser->AddHidden( 'b.dav_owner_id' );
$browser->AddHidden( 'p.principal_id' );
$browser->AddColumn( 'dav_name', translate('Collection'), '', '%s ', 'c.dav_name' );
$browser->AddColumn( 'bound_as', translate('Bound As'), '', '%s ', 'b.dav_name' );
$browser->AddColumn( 'access_ticket_id', translate('Ticket ID'), '', '' );
$browser->AddColumn( 'privs', translate('Privileges'), '', '', "privileges_list(privileges)" );
if ( $session->AllowedTo('Admin') ) {
$delurl = $c->base_url . '/admin.php?action=edit&t=principal&id=##principal_id##&bind_id=##bind_id##&subaction=delete_binding';
$browser->AddColumn( 'delete', translate('Action'), 'center', '', "'".translate('Delete')." '" );
}
$browser->SetOrdering( 'dav_name', 'A' );
$browser->SetJoins( 'dav_binding b LEFT JOIN collection c ON (bound_source_id=collection_id) LEFT JOIN access_ticket t ON (ticket_id=access_ticket_id) LEFT JOIN principal p USING(user_no)' );
$browser->SetWhere( 'p.principal_id = '.intval($editor->Value('principal_id')) );
$browser->RowFormat( '', ' ', '#even' );
$browser->DoQuery();
return $browser;
}
function confirm_delete_binding( $confirmation_hash ) {
$html = '';
$html .= sprintf('%s "%s" %s %s',
translate('Deleting Binding:'), $_GET['bind_id'], $_SERVER['REQUEST_URI'],
$confirmation_hash,
translate('Confirm Deletion of the Binding'),
translate('The binding will be deleted.') );
$html .= "
\n";
return $html;
}
if ( isset($_GET['subaction']) ) {
if ( handle_subaction($_GET['subaction']) && 'delete_principal' == $_GET['subaction'] ) {
return true;
}
}
$editor = principal_editor();
$page_elements[] = $editor;
if ( isset($id) && $id > 0 ) {
$c->stylesheets[] = 'css/browse.css';
$c->scripts[] = 'js/browse.js';
$c->scripts[] = 'js/common.js';
$c->scripts[] = 'js/edit.js';
if ( isset($delete_principal_confirmation_required) )
$page_elements[] = confirm_delete_principal($delete_principal_confirmation_required, $editor->Value('displayname'));
if ($can_write_principal) {
$page_elements[] = group_memberships_browser();
if ( $editor->Value('type_id') == 3 ) {
$grouprow = group_row_editor();
$page_elements[] = group_members_browser();
}
$grantrow = grant_row_editor();
$page_elements[] = principal_grants_browser();
if ( isset($delete_grant_confirmation_required) ) $page_elements[] = confirm_delete_grant($delete_grant_confirmation_required);
$ticketrow = ticket_row_editor();
$page_elements[] = access_ticket_browser();
if ( isset($delete_ticket_confirmation_required) ) $page_elements[] = confirm_delete_ticket($delete_ticket_confirmation_required);
$page_elements[] = principal_collection_browser();
if ( isset($delete_collection_confirmation_required) ) $page_elements[] = confirm_delete_collection($delete_collection_confirmation_required);
$bindingrow = binding_row_editor();
$page_elements[] = bindings_to_other_browser();
if ( isset($delete_bind_in_confirmation_required) ) $page_elements[] = confirm_delete_bind_in($delete_bind_in_confirmation_required);
$page_elements[] = bindings_to_us_browser();
if ( isset($delete_binding_confirmation_required) ) $page_elements[] = confirm_delete_binding($delete_binding_confirmation_required);
}
}