Update Output\Form to allow ACL controlled edit/view entries
Fixed phpunit test runs with encoding test run and not resetting the subsitute character back to default Note: There are mime encoding failures for php 7.4 and 8.0 and one ACL login failure test for php 7.4
This commit is contained in:
Clemens Schwaighofer
@@ -552,6 +552,7 @@ if (is_dir(BASE . CACHE)) {
|
||||
}
|
||||
$smarty->display($EDIT_TEMPLATE, 'editAdmin_' . $smarty->lang, 'editAdmin_' . $smarty->lang);
|
||||
|
||||
$form->log->debug('DEBUGEND', '==================================== [Form END]');
|
||||
// debug output
|
||||
echo $login->log->printErrorMsg();
|
||||
echo $form->log->printErrorMsg();
|
||||
|
||||
@@ -66,8 +66,8 @@ $edit_pages = [
|
||||
'int' => 1,
|
||||
'type' => 'binary',
|
||||
'element_list' => [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
],
|
||||
'popup' => [
|
||||
@@ -76,8 +76,8 @@ $edit_pages = [
|
||||
'int' => 1,
|
||||
'type' => 'binary',
|
||||
'element_list' => [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
],
|
||||
'popup_x' => [
|
||||
@@ -128,12 +128,12 @@ $edit_pages = [
|
||||
'name' => 'filename',
|
||||
'before_value' => 'Filename: '
|
||||
],
|
||||
[
|
||||
'name' => 'online',
|
||||
'binary' => ['Yes', 'No'],
|
||||
'before_value' => 'Online: '
|
||||
],
|
||||
[
|
||||
[
|
||||
'name' => 'online',
|
||||
'binary' => ['Yes', 'No'],
|
||||
'before_value' => 'Online: '
|
||||
],
|
||||
[
|
||||
'name' => 'menu',
|
||||
'binary' => ['Yes', 'No'],
|
||||
'before_value' => 'Menu: '
|
||||
|
||||
@@ -15,7 +15,11 @@ $edit_users = [
|
||||
'output_name' => 'Username',
|
||||
'mandatory' => 1,
|
||||
'error_check' => 'unique|alphanumericextended',
|
||||
'type' => 'text'
|
||||
'type' => 'text',
|
||||
// if not min_edit_acl only read
|
||||
// if not min_show_acl not visible
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '-1',
|
||||
],
|
||||
'password' => [
|
||||
'value' => $GLOBALS['password'] ?? '',
|
||||
@@ -30,6 +34,8 @@ $edit_users = [
|
||||
'value' => 'NOW()' // value [todo: complex reference
|
||||
],
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
// password date when first insert and password is set, needs special field with connection to password
|
||||
// password reset force interval, if set, user needs to reset password after X time period
|
||||
@@ -41,7 +47,9 @@ $edit_users = [
|
||||
'type' => 'text',
|
||||
'interval' => 1, // interval needs NULL write for empty
|
||||
'size' => 5, // make it 5 chars long
|
||||
'length' => 5
|
||||
'length' => 5,
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'enabled' => [
|
||||
'value' => $GLOBALS['enabled'] ?? '',
|
||||
@@ -52,6 +60,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '-1',
|
||||
],
|
||||
'deleted' => [
|
||||
'value' => $GLOBALS['deleted'] ?? '',
|
||||
@@ -62,6 +72,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'strict' => [
|
||||
'value' => $GLOBALS['strict'] ?? '',
|
||||
@@ -72,6 +84,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'locked' => [
|
||||
'value' => $GLOBALS['locked'] ?? '',
|
||||
@@ -82,6 +96,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'admin' => [
|
||||
'value' => $GLOBALS['admin'] ?? '',
|
||||
@@ -92,6 +108,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'debug' => [
|
||||
'value' => $GLOBALS['debug'] ?? '',
|
||||
@@ -102,6 +120,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'db_debug' => [
|
||||
'value' => $GLOBALS['db_debug'] ?? '',
|
||||
@@ -112,22 +132,30 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'email' => [
|
||||
'value' => $GLOBALS['email'] ?? '',
|
||||
'output_name' => 'E-Mail',
|
||||
'type' => 'text',
|
||||
'error_check' => 'email'
|
||||
'error_check' => 'email',
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'last_name' => [
|
||||
'value' => $GLOBALS['last_name'] ?? '',
|
||||
'output_name' => 'Last Name',
|
||||
'type' => 'text'
|
||||
'type' => 'text',
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'first_name' => [
|
||||
'value' => $GLOBALS['first_name'] ?? '',
|
||||
'output_name' => 'First Name',
|
||||
'type' => 'text'
|
||||
'type' => 'text',
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'lock_until' => [
|
||||
'value' => $GLOBALS['lock_until'] ?? '',
|
||||
@@ -136,6 +164,8 @@ $edit_users = [
|
||||
'error_check' => 'datetime',
|
||||
'sql_read' => 'YYYY-MM-DD HH24:MI',
|
||||
'datetime' => 1,
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'lock_after' => [
|
||||
'value' => $GLOBALS['lock_after'] ?? '',
|
||||
@@ -143,7 +173,8 @@ $edit_users = [
|
||||
'type' => 'datetime',
|
||||
'error_check' => 'datetime',
|
||||
'sql_read' => 'YYYY-MM-DD HH24:MI',
|
||||
'datetime' => 1,
|
||||
'datetime' => 1,'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_user_id' => [
|
||||
'value' => $GLOBALS['login_user_id'] ?? '',
|
||||
@@ -151,19 +182,22 @@ $edit_users = [
|
||||
'type' => 'text',
|
||||
'error_check' => 'unique|custom',
|
||||
'error_regex' => "/^[A-Za-z0-9]+$/",
|
||||
'emptynull' => 1,
|
||||
'emptynull' => 1,'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_user_id_set_date' => [
|
||||
'output_name' => 'loginUserId set date',
|
||||
'value' => $GLOBALS['login_user_id_set_date'] ?? '',
|
||||
'type' => 'view',
|
||||
'empty' => '-'
|
||||
'empty' => '-',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_user_id_last_revalidate' => [
|
||||
'output_name' => 'loginUserId last revalidate date',
|
||||
'value' => $GLOBALS['login_user_id_last_revalidate'] ?? '',
|
||||
'type' => 'view',
|
||||
'empty' => '-'
|
||||
'empty' => '-',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_user_id_locked' => [
|
||||
'value' => $GLOBALS['login_user_id_locked'] ?? '',
|
||||
@@ -174,6 +208,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_user_id_revalidate_after' => [
|
||||
'value' => $GLOBALS['login_user_id_revalidate_after'] ?? '',
|
||||
@@ -182,7 +218,9 @@ $edit_users = [
|
||||
'error_check' => 'intervalshort',
|
||||
'interval' => 1, // interval needs NULL write for empty
|
||||
'size' => 5, // make it 5 chars long
|
||||
'length' => 5
|
||||
'length' => 5,
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_user_id_valid_from' => [
|
||||
'value' => $GLOBALS['login_user_id_valid_from'] ?? '',
|
||||
@@ -191,6 +229,8 @@ $edit_users = [
|
||||
'error_check' => 'datetime',
|
||||
'sql_read' => 'YYYY-MM-DD HH24:MI',
|
||||
'datetime' => 1,
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_user_id_valid_until' => [
|
||||
'value' => $GLOBALS['login_user_id_valid_until'] ?? '',
|
||||
@@ -199,6 +239,8 @@ $edit_users = [
|
||||
'error_check' => 'datetime',
|
||||
'sql_read' => 'YYYY-MM-DD HH24:MI',
|
||||
'datetime' => 1,
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'edit_language_id' => [
|
||||
'value' => $GLOBALS['edit_language_id'] ?? '',
|
||||
@@ -206,14 +248,18 @@ $edit_users = [
|
||||
'mandatory' => 1,
|
||||
'int' => 1,
|
||||
'type' => 'drop_down_db',
|
||||
'query' => "SELECT edit_language_id, long_name FROM edit_language WHERE enabled = 1 ORDER BY order_number"
|
||||
'query' => "SELECT edit_language_id, long_name FROM edit_language WHERE enabled = 1 ORDER BY order_number",
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'edit_scheme_id' => [
|
||||
'value' => $GLOBALS['edit_scheme_id'] ?? '',
|
||||
'output_name' => 'Scheme',
|
||||
'int_null' => 1,
|
||||
'type' => 'drop_down_db',
|
||||
'query' => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name"
|
||||
'query' => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name",
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'edit_group_id' => [
|
||||
'value' => $GLOBALS['edit_group_id'] ?? '',
|
||||
@@ -221,7 +267,9 @@ $edit_users = [
|
||||
'int' => 1,
|
||||
'type' => 'drop_down_db',
|
||||
'query' => "SELECT edit_group_id, name FROM edit_group WHERE enabled = 1 ORDER BY name",
|
||||
'mandatory' => 1
|
||||
'mandatory' => 1,
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'edit_access_right_id' => [
|
||||
'value' => $GLOBALS['edit_access_right_id'] ?? '',
|
||||
@@ -229,25 +277,30 @@ $edit_users = [
|
||||
'mandatory' => 1,
|
||||
'int' => 1,
|
||||
'type' => 'drop_down_db',
|
||||
'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
|
||||
'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level",
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_error_count' => [
|
||||
'output_name' => 'Login error count',
|
||||
'value' => $GLOBALS['login_error_count'] ?? '',
|
||||
'type' => 'view',
|
||||
'empty' => '0'
|
||||
'empty' => '0',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_error_date_last' => [
|
||||
'output_name' => 'Last login error',
|
||||
'value' => $GLOBALS['login_error_date_liast'] ?? '',
|
||||
'type' => 'view',
|
||||
'empty' => '-'
|
||||
'empty' => '-',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'login_error_date_first' => [
|
||||
'output_name' => 'First login error',
|
||||
'value' => $GLOBALS['login_error_date_first'] ?? '',
|
||||
'type' => 'view',
|
||||
'empty' => '-'
|
||||
'empty' => '-',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'protected' => [
|
||||
'value' => $GLOBALS['protected'] ?? '',
|
||||
@@ -258,6 +311,8 @@ $edit_users = [
|
||||
'1' => 'Yes',
|
||||
'0' => 'No'
|
||||
],
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
'additional_acl' => [
|
||||
'value' => $GLOBALS['additional_acl'] ?? '',
|
||||
@@ -265,12 +320,27 @@ $edit_users = [
|
||||
'type' => 'textarea',
|
||||
'error_check' => 'json',
|
||||
'rows' => 10,
|
||||
'cols' => 60
|
||||
'cols' => 60,
|
||||
'min_edit_acl' => '100',
|
||||
'min_show_acl' => '100',
|
||||
],
|
||||
],
|
||||
'load_query' => "SELECT edit_user_id, username, enabled, deleted, "
|
||||
. "strict, locked, login_error_count "
|
||||
. "FROM edit_user ORDER BY username",
|
||||
. "FROM edit_user "
|
||||
// if base acl is not 90 only list enabled
|
||||
// if not admin flag, do not list admin flagged
|
||||
. (
|
||||
!$GLOBALS['acl_admin'] ?
|
||||
"WHERE admin = 0 "
|
||||
. (
|
||||
$GLOBALS['base_acl_level'] < 90 ?
|
||||
"AND enabled = 1 " :
|
||||
""
|
||||
)
|
||||
: ''
|
||||
)
|
||||
. "ORDER BY username",
|
||||
'table_name' => 'edit_user',
|
||||
'show_fields' => [
|
||||
[
|
||||
@@ -305,7 +375,12 @@ $edit_users = [
|
||||
'edit_access_user' => [
|
||||
'output_name' => 'Accounts',
|
||||
'mandatory' => 1,
|
||||
'delete' => 0, // set then reference entries are deleted, else the 'enable' flag is only set
|
||||
// set then reference entries are deleted, else the 'enable' flag is only set
|
||||
'delete' => 0,
|
||||
// acl
|
||||
'min_edit_acl' => '40',
|
||||
'min_show_acl' => '20',
|
||||
// table read prefix
|
||||
'prefix' => 'ecu',
|
||||
'read_data' => [
|
||||
'table_name' => 'edit_access',
|
||||
|
||||
@@ -83,13 +83,8 @@ function pop(theURL, winName, features) {
|
||||
<td width="{$table_width}" class="edit_bgcolor">
|
||||
<form method="post" name="edit_form" style="margin-block-end: 0em;">
|
||||
<table width="100%" border="0" cellpadding="2" cellspacing="1">
|
||||
<!-- LOAD START //-->
|
||||
{include file="edit_load.tpl"}
|
||||
<!-- LOAD END //-->
|
||||
<!-- NEW START //-->
|
||||
{include file="edit_new.tpl"}
|
||||
{* $form_create_new*}
|
||||
<!-- NEW END //-->
|
||||
{if $form_yes}
|
||||
{include file="edit_save_delete.tpl"}
|
||||
{if $form_my_page_name == "edit_pages" && $filename_exist}
|
||||
|
||||
@@ -8,6 +8,7 @@
|
||||
********************************************************************
|
||||
*}
|
||||
{foreach from=$elements item=element key=key name=loop}
|
||||
{if $element.allow_edit}
|
||||
<tr>
|
||||
<td class="edit_fgcolor" class="normal" valign="top">
|
||||
{$element.output_name}
|
||||
@@ -129,4 +130,21 @@
|
||||
{/if}
|
||||
</td>
|
||||
</tr>
|
||||
{elseif $element.allow_show}
|
||||
<tr>
|
||||
<td class="edit_fgcolor" class="normal" valign="top">
|
||||
{$element.output_name}
|
||||
</td>
|
||||
<td class="{$element.color}" class="normal">
|
||||
{if $element.type != 'view'}
|
||||
{$element.show_value}
|
||||
<input type="hidden" name="{$element.data.name}" value="{$element.show_value}">
|
||||
{else}
|
||||
{$element.data.value}
|
||||
{/if}
|
||||
</td>
|
||||
</tr>
|
||||
{* {else}
|
||||
<!-- No {$key} --> *}
|
||||
{/if}
|
||||
{/foreach}
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
* HISTORY:
|
||||
********************************************************************
|
||||
*}
|
||||
|
||||
<!-- LOAD START //-->
|
||||
<tr>
|
||||
<td class="edit_fgcolor_alt" class="normal">
|
||||
Load:
|
||||
@@ -20,3 +20,4 @@
|
||||
<input type="submit" name="archive" value="{t}Load{/t}">
|
||||
</td>
|
||||
</tr>
|
||||
<!-- LOAD END //-->
|
||||
|
||||
@@ -7,7 +7,8 @@
|
||||
* HISTORY:
|
||||
********************************************************************
|
||||
*}
|
||||
|
||||
{if $new.seclevel_okay}
|
||||
<!-- NEW START //-->
|
||||
<tr>
|
||||
<td class="edit_fgcolor_alt" class="normal">
|
||||
{t}Create new media:{/t}
|
||||
@@ -21,3 +22,5 @@
|
||||
<input type="submit" name="new" value="{$new.new_name}">
|
||||
</td>
|
||||
</tr>
|
||||
<!-- NEW END //-->
|
||||
{/if}
|
||||
|
||||
@@ -7,16 +7,18 @@
|
||||
* HISTORY:
|
||||
********************************************************************
|
||||
*}
|
||||
<tr>
|
||||
{if $save_delete.seclevel_okay}
|
||||
<tr>
|
||||
<!-- SAVE START //-->
|
||||
<td class="edit_fgcolor_alt" class="normal">
|
||||
<input type="submit" name="save" value="{$save_delete.save}">
|
||||
{if $save_delete.old_school_hidden}
|
||||
<input type="hidden" name="{$save_delete.pk_name}" value="{$save_delete.pk_value}">
|
||||
{/if}
|
||||
</td>
|
||||
{/if}
|
||||
<!-- SAVE END //-->
|
||||
{if $save_delete.show_delete}
|
||||
<!-- DELETE START //-->
|
||||
<td class="edit_fgcolor_delete">
|
||||
{if !$save_delete.hide_delete_checkbox}
|
||||
<input type="checkbox" name="really_delete" value="yes"> {t}really{/t}
|
||||
@@ -24,9 +26,11 @@
|
||||
<input type="hidden" name="really_delete" value="yes">
|
||||
{/if}
|
||||
<input type="submit" name="delete" value="{t}Delete{/t}">
|
||||
<!-- DELETE END //-->
|
||||
{else}
|
||||
<td class="edit_fgcolor_alt" class="normal">
|
||||
|
||||
{/if}
|
||||
</td>
|
||||
</tr>
|
||||
{/if}
|
||||
|
||||
Reference in New Issue
Block a user