Added permission managment
This commit is contained in:
Lukas Metzger
parent
386480890b
commit
8df9c384c3
|
|
@ -77,6 +77,60 @@ if(isset($input->action) && $input->action == "saveUserChanges") {
|
|||
}
|
||||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "getPermissions") {
|
||||
|
||||
$stmt = $db->prepare("
|
||||
SELECT D.id,D.name
|
||||
FROM permissions P
|
||||
JOIN domains D ON P.domain=D.id
|
||||
WHERE P.user=?
|
||||
");
|
||||
|
||||
$stmt->bind_param("i", $input->id);
|
||||
$stmt->execute();
|
||||
|
||||
$result = $stmt->get_result();
|
||||
|
||||
$retval = Array();
|
||||
|
||||
while($obj = $result->fetch_object()) {
|
||||
$retval[] = $obj;
|
||||
}
|
||||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "removePermission") {
|
||||
|
||||
$stmt = $db->prepare("DELETE FROM permissions WHERE user=? AND domain=?");
|
||||
|
||||
$stmt->bind_param("ii", $input->userId, $input->domainId);
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "searchDomains" && isset($input->term)) {
|
||||
$stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE ? AND id NOT IN(SELECT domain FROM permissions WHERE user=?)");
|
||||
|
||||
$searchTerm = "%" . $input->term . "%";
|
||||
|
||||
$stmt->bind_param("si", $searchTerm, $input->userId);
|
||||
$stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
|
||||
$retval = Array();
|
||||
|
||||
while($obj = $result->fetch_object()) {
|
||||
$retval[] = $obj;
|
||||
}
|
||||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "addPermissions") {
|
||||
$stmt = $db->prepare("INSERT INTO permissions(user,domain) VALUES (?,?)");
|
||||
|
||||
foreach($input->domains as $domain) {
|
||||
$stmt->bind_param("ii", $input->userId, $domain);
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
if(isset($retval)) {
|
||||
echo json_encode($retval);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -82,6 +82,19 @@ limitations under the License.
|
|||
</form>
|
||||
</div>
|
||||
|
||||
<div class="col-md-3 col-md-offset-1 defaulthidden" id="permissions">
|
||||
<h3>Permissions</h3>
|
||||
|
||||
<table class="table table-hover">
|
||||
<tbody>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<label for="selectAdd" class="control-label">Add</label>
|
||||
<select multiple class="form-control" id="selectAdd"></select>
|
||||
<div class="vspacer-15"></div>
|
||||
<button class="btn btn-primary" id="btnAddPermissions">Add</button>
|
||||
</div>
|
||||
</row>
|
||||
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -52,7 +52,35 @@ $(document).ready(function() {
|
|||
$('#user-password2').attr("placeholder", "Password repeated");
|
||||
} else {
|
||||
getUserData();
|
||||
requestPermissions();
|
||||
$('#permissions').removeClass("defaulthidden");
|
||||
}
|
||||
|
||||
$('#permissions select#selectAdd').select2({
|
||||
ajax: {
|
||||
url: "api/edit-user.php",
|
||||
dataType: "json",
|
||||
delay: 200,
|
||||
method: "post",
|
||||
data: function(params) {
|
||||
return JSON.stringify({
|
||||
action: "searchDomains",
|
||||
term: params.term,
|
||||
userId: location.hash.substring(1)
|
||||
});
|
||||
},
|
||||
processResults: function (data) {
|
||||
return {
|
||||
results: data
|
||||
};
|
||||
},
|
||||
minimumInputLength: 1
|
||||
},
|
||||
placeholder: "Search...",
|
||||
minimumInputLength: 1
|
||||
});
|
||||
|
||||
$('#btnAddPermissions').click(addPermissions);
|
||||
});
|
||||
|
||||
function regexValidate() {
|
||||
|
|
@ -132,4 +160,70 @@ function saveUserChanges() {
|
|||
null,
|
||||
"json"
|
||||
);
|
||||
}
|
||||
|
||||
function requestPermissions() {
|
||||
var data = {
|
||||
id: location.hash.substring(1),
|
||||
action: "getPermissions"
|
||||
};
|
||||
|
||||
$.post(
|
||||
"api/edit-user.php",
|
||||
JSON.stringify(data),
|
||||
function(data) {
|
||||
createTable(data);
|
||||
},
|
||||
"json"
|
||||
);
|
||||
}
|
||||
|
||||
function createTable(data) {
|
||||
$('#permissions table>tbody').empty();
|
||||
|
||||
$.each(data, function(index,item) {
|
||||
$('<tr></tr>').appendTo('#permissions table>tbody')
|
||||
.append('<td>' + item.name + '</td>')
|
||||
.append('<td><span class="glyphicon glyphicon-remove cursor-pointer"></span></td>')
|
||||
.data("id", item.id);
|
||||
});
|
||||
|
||||
$('#permissions table>tbody>tr>td>span.glyphicon-remove').click(removePermission);
|
||||
}
|
||||
|
||||
function removePermission() {
|
||||
var data = {
|
||||
domainId: $(this).parent().parent().data("id"),
|
||||
userId: location.hash.substring(1),
|
||||
action: "removePermission"
|
||||
};
|
||||
|
||||
var lineToRemove = $(this).parent().parent();
|
||||
|
||||
$.post(
|
||||
"api/edit-user.php",
|
||||
JSON.stringify(data),
|
||||
function(data) {
|
||||
$(lineToRemove).remove();
|
||||
},
|
||||
"json"
|
||||
);
|
||||
}
|
||||
|
||||
function addPermissions() {
|
||||
var data = {
|
||||
action: "addPermissions",
|
||||
userId: location.hash.substring(1),
|
||||
domains: $('#permissions select#selectAdd').val()
|
||||
}
|
||||
|
||||
$.post(
|
||||
"api/edit-user.php",
|
||||
JSON.stringify(data),
|
||||
function(data) {
|
||||
$('#permissions select#selectAdd').val(null).change();
|
||||
requestPermissions();
|
||||
},
|
||||
"json"
|
||||
);
|
||||
}
|
||||
Loading…
Reference in a new issue