[GitHub/WoltLab/WCF.git] / wcfsetup / install / files / lib / acp / form / UserGroupOptionForm.class.php

<?php

namespace wcf\acp\form;

use wcf\data\user\group\option\category\UserGroupOptionCategory;
use wcf\data\user\group\option\category\UserGroupOptionCategoryList;
use wcf\data\user\group\option\UserGroupOption;
use wcf\data\user\group\option\UserGroupOptionAction;
use wcf\data\user\group\UserGroup;
use wcf\form\AbstractForm;
use wcf\system\database\util\PreparedStatementConditionBuilder;
use wcf\system\exception\IllegalLinkException;
use wcf\system\exception\PermissionDeniedException;
use wcf\system\exception\SystemException;
use wcf\system\exception\UserInputException;
use wcf\system\option\user\group\IUserGroupGroupOptionType;
use wcf\system\option\user\group\IUserGroupOptionType;
use wcf\system\WCF;

/**
 * Shows the user group option form to edit a single option.
 *
 * @author  Alexander Ebert
 * @copyright   2001-2020 WoltLab GmbH
 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 */
class UserGroupOptionForm extends AbstractForm
{
    /**
     * @inheritDoc
     */
    public $activeMenuItem = 'wcf.acp.menu.link.group';

    /**
     * list of parsed form elements per group
     * @var string[]
     */
    public $formElements = [];

    /**
     * list of accessible groups
     * @var UserGroup[]
     */
    public $groups = [];

    /**
     * @inheritDoc
     */
    public $neededPermissions = ['admin.user.canEditGroup'];

    /**
     * user group option type object
     * @var IUserGroupOptionType
     */
    public $optionType;

    /**
     * list of parent categories
     * @var UserGroupOptionCategory[]
     */
    public $parentCategories = [];

    /**
     * list of values per user group
     * @var array
     */
    public $values = [];

    /**
     * user group option object
     * @var UserGroupOption
     */
    public $userGroupOption;

    /**
     * user group option id
     * @var int
     */
    public $userGroupOptionID = 0;

    /**
     * @inheritDoc
     */
    public function readParameters()
    {
        parent::readParameters();

        if (isset($_REQUEST['id'])) {
            $this->userGroupOptionID = \intval($_REQUEST['id']);
        }
        $this->userGroupOption = new UserGroupOption($this->userGroupOptionID);
        if (!$this->userGroupOption->optionID) {
            throw new IllegalLinkException();
        }

        // verify options and permissions for current option
        if ($this->userGroupOption->validateOptions() && $this->userGroupOption->validatePermissions()) {
            // read all categories
            $categoryList = new UserGroupOptionCategoryList();
            $categoryList->readObjects();

            $categories = [];
            foreach ($categoryList as $category) {
                $categories[$category->categoryName] = $category;
            }

            // verify categories
            $category = $categories[$this->userGroupOption->categoryName];
            while ($category != null) {
                if (!$category->validateOptions() || !$category->validatePermissions()) {
                    throw new PermissionDeniedException();
                }

                \array_unshift($this->parentCategories, $category);
                $category = ($category->parentCategoryName != '') ? $categories[$category->parentCategoryName] : null;
            }
        } else {
            throw new PermissionDeniedException();
        }

        // read accessible groups
        $this->groups = UserGroup::getSortedAccessibleGroups();
        if ($this->userGroupOption->usersOnly) {
            $guestGroup = UserGroup::getGroupByType(UserGroup::GUESTS);
            if (isset($this->groups[$guestGroup->groupID])) {
                unset($this->groups[$guestGroup->groupID]);
            }
        }
        if (empty($this->groups)) {
            throw new PermissionDeniedException();
        }

        // get option type
        $className = 'wcf\system\option\user\group\\' . \ucfirst($this->userGroupOption->optionType) . 'UserGroupOptionType';
        if (!\class_exists($className)) {
            throw new SystemException("Unable to find option type for '" . $this->userGroupOption->optionType . "'");
        }
        $this->optionType = new $className();
    }

    /**
     * @inheritDoc
     */
    public function readFormParameters()
    {
        parent::readFormParameters();

        if (isset($_POST['values']) && \is_array($_POST['values'])) {
            $this->values = $_POST['values'];
        }
    }

    /**
     * @inheritDoc
     */
    public function validate()
    {
        parent::validate();

        $this->errorType = [];

        // validate option values
        foreach ($this->values as $groupID => &$optionValue) {
            if (!isset($this->groups[$groupID])) {
                throw new PermissionDeniedException();
            }

            $optionValue = $this->optionType->getData($this->userGroupOption, $optionValue);

            try {
                $this->optionType->validate($this->userGroupOption, $optionValue);
            } catch (UserInputException $e) {
                $this->errorType[$groupID] = $e->getType();
            }

            if (WCF::getUser()->hasOwnerAccess()) {
                continue;
            }

            if (
                WCF::getUser()->hasAdministrativeAccess() && (!ENABLE_ENTERPRISE_MODE || !\in_array(
                    $this->userGroupOption->optionName,
                    UserGroupOption::ENTERPRISE_BLACKLIST
                ))
            ) {
                continue;
            }

            if (
                $this->optionType->compare(
                    $optionValue,
                    WCF::getSession()->getPermission($this->userGroupOption->optionName)
                ) == 1
            ) {
                $this->errorType[$groupID] = 'exceedsOwnPermission';
            }
        }

        // add missing values for option type 'boolean'
        if ($this->userGroupOption->optionType == 'boolean') {
            foreach ($this->groups as $groupID => $group) {
                if (!isset($this->values[$groupID])) {
                    $this->values[$groupID] = 0;
                }
            }
        } elseif ($this->userGroupOption->optionType == 'BBCodeSelect') {
            foreach ($this->groups as $groupID => $group) {
                if (!isset($this->values[$groupID])) {
                    $this->values[$groupID] = '';
                }
            }
        }

        if (!empty($this->errorType)) {
            throw new UserInputException('optionValues', $this->errorType);
        }
    }

    /**
     * @inheritDoc
     */
    public function readData()
    {
        parent::readData();

        if (empty($_POST)) {
            // read values of accessible user groups
            $conditions = new PreparedStatementConditionBuilder();
            $conditions->add("groupID IN (?)", [\array_keys($this->groups)]);
            $conditions->add("optionID = ?", [$this->userGroupOption->optionID]);

            $sql = "SELECT  groupID, optionValue
                    FROM    wcf" . WCF_N . "_user_group_option_value
                    " . $conditions;
            $statement = WCF::getDB()->prepareStatement($sql);
            $statement->execute($conditions->getParameters());
            $this->values = $statement->fetchMap('groupID', 'optionValue');
        }

        // create form elements for each group
        foreach ($this->groups as $group) {
            $optionValue = $this->values[$group->groupID] ?? $this->userGroupOption->defaultValue;
            if ($this->optionType instanceof IUserGroupGroupOptionType) {
                $this->optionType->setUserGroup($group);
            }

            $this->formElements[$group->groupID] = $this->optionType->getFormElement(
                $this->userGroupOption,
                $optionValue
            );
        }
    }

    /**
     * @inheritDoc
     */
    public function save()
    {
        parent::save();

        $this->objectAction = new UserGroupOptionAction(
            [$this->userGroupOption],
            'updateValues',
            ['values' => $this->values]
        );
        $this->objectAction->executeAction();

        // fire saved event
        $this->saved();

        WCF::getTPL()->assign('success', true);
    }

    /**
     * @inheritDoc
     */
    public function assignVariables()
    {
        parent::assignVariables();

        $everyoneGroupID = $guestGroupID = $ownerGroupID = $userGroupID = 0;
        foreach ($this->groups as $group) {
            if ($group->groupType == UserGroup::EVERYONE) {
                $everyoneGroupID = $group->groupID;
            } elseif ($group->groupType == UserGroup::GUESTS) {
                $guestGroupID = $group->groupID;
            } elseif ($group->groupType == UserGroup::OWNER) {
                $ownerGroupID = $group->groupID;
            } elseif ($group->groupType == UserGroup::USERS) {
                $userGroupID = $group->groupID;
            }
        }

        $ownerGroupPermissions = [];
        if ($ownerGroupID) {
            $ownerGroupPermissions = UserGroup::getOwnerPermissions();
            $ownerGroupPermissions[] = 'admin.user.accessibleGroups';
        }

        WCF::getTPL()->assign([
            'formElements' => $this->formElements,
            'groups' => $this->groups,
            'parentCategories' => $this->parentCategories,
            'userGroupOption' => $this->userGroupOption,
            'values' => $this->values,
            'everyoneGroupID' => $everyoneGroupID,
            'guestGroupID' => $guestGroupID,
            'userGroupID' => $userGroupID,
            'ownerGroupID' => $ownerGroupID,
            'ownerGroupPermissions' => $ownerGroupPermissions,
        ]);
    }
}
Commit	Line	Data
c9fba0a2	1	<?php
a9229942	2
c9fba0a2	3	namespace wcf\acp\form;
a9229942	4
7a23a706	5	use wcf\data\user\group\option\category\UserGroupOptionCategory;
c9fba0a2 AE	6	use wcf\data\user\group\option\category\UserGroupOptionCategoryList;
c9fba0a2 AE	7	use wcf\data\user\group\option\UserGroupOption;
f1c1fc65	8	use wcf\data\user\group\option\UserGroupOptionAction;
c9fba0a2	9	use wcf\data\user\group\UserGroup;
264c6eea	10	use wcf\form\AbstractForm;
c9fba0a2 AE	11	use wcf\system\database\util\PreparedStatementConditionBuilder;
	12	use wcf\system\exception\IllegalLinkException;
	13	use wcf\system\exception\PermissionDeniedException;
	14	use wcf\system\exception\SystemException;
	15	use wcf\system\exception\UserInputException;
ace09b19	16	use wcf\system\option\user\group\IUserGroupGroupOptionType;
eec1d83c	17	use wcf\system\option\user\group\IUserGroupOptionType;
c9fba0a2 AE	18	use wcf\system\WCF;
	19
	20	/**
	21	* Shows the user group option form to edit a single option.
a9229942 TD	22	*
	23	* @author Alexander Ebert
	24	* @copyright 2001-2020 WoltLab GmbH
	25	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
c9fba0a2	26	*/
a9229942 TD	27	class UserGroupOptionForm extends AbstractForm
	28	{
	29	/**
	30	* @inheritDoc
	31	*/
	32	public $activeMenuItem = 'wcf.acp.menu.link.group';
	33
	34	/**
	35	* list of parsed form elements per group
	36	* @var string[]
	37	*/
	38	public $formElements = [];
	39
	40	/**
	41	* list of accessible groups
	42	* @var UserGroup[]
	43	*/
	44	public $groups = [];
	45
	46	/**
	47	* @inheritDoc
	48	*/
	49	public $neededPermissions = ['admin.user.canEditGroup'];
	50
	51	/**
	52	* user group option type object
	53	* @var IUserGroupOptionType
	54	*/
	55	public $optionType;
	56
	57	/**
	58	* list of parent categories
	59	* @var UserGroupOptionCategory[]
	60	*/
	61	public $parentCategories = [];
	62
	63	/**
	64	* list of values per user group
	65	* @var array
	66	*/
	67	public $values = [];
	68
	69	/**
	70	* user group option object
	71	* @var UserGroupOption
	72	*/
	73	public $userGroupOption;
	74
	75	/**
	76	* user group option id
	77	* @var int
	78	*/
	79	public $userGroupOptionID = 0;
	80
	81	/**
	82	* @inheritDoc
	83	*/
	84	public function readParameters()
	85	{
	86	parent::readParameters();
	87
	88	if (isset($_REQUEST['id'])) {
	89	$this->userGroupOptionID = \intval($_REQUEST['id']);
	90	}
91	$this->userGroupOption = new UserGroupOption($this->userGroupOptionID);
92	if (!$this->userGroupOption->optionID) {
93	throw new IllegalLinkException();
94	}
95
96	// verify options and permissions for current option
97	if ($this->userGroupOption->validateOptions() && $this->userGroupOption->validatePermissions()) {
98	// read all categories
99	$categoryList = new UserGroupOptionCategoryList();
100	$categoryList->readObjects();
101
102	$categories = [];
103	foreach ($categoryList as $category) {
104	$categories[$category->categoryName] = $category;
105	}
106
107	// verify categories
108	$category = $categories[$this->userGroupOption->categoryName];
109	while ($category != null) {
110	if (!$category->validateOptions() \|\| !$category->validatePermissions()) {
111	throw new PermissionDeniedException();
112	}
113
114	\array_unshift($this->parentCategories, $category);
115	$category = ($category->parentCategoryName != '') ? $categories[$category->parentCategoryName] : null;
116	}
117	} else {
118	throw new PermissionDeniedException();
119	}
120
121	// read accessible groups
122	$this->groups = UserGroup::getSortedAccessibleGroups();
123	if ($this->userGroupOption->usersOnly) {
124	$guestGroup = UserGroup::getGroupByType(UserGroup::GUESTS);
125	if (isset($this->groups[$guestGroup->groupID])) {
126	unset($this->groups[$guestGroup->groupID]);
127	}
128	}
129	if (empty($this->groups)) {
130	throw new PermissionDeniedException();
131	}
132
133	// get option type
134	$className = 'wcf\system\option\user\group\\' . \ucfirst($this->userGroupOption->optionType) . 'UserGroupOptionType';
135	if (!\class_exists($className)) {
136	throw new SystemException("Unable to find option type for '" . $this->userGroupOption->optionType . "'");
137	}
138	$this->optionType = new $className();
139	}
140
141	/**
142	* @inheritDoc
143	*/
144	public function readFormParameters()
145	{
146	parent::readFormParameters();
147
148	if (isset($_POST['values']) && \is_array($_POST['values'])) {
149	$this->values = $_POST['values'];
150	}
151	}
152
153	/**
154	* @inheritDoc
155	*/
156	public function validate()
157	{
158	parent::validate();
159
160	$this->errorType = [];
161
162	// validate option values
163	foreach ($this->values as $groupID => &$optionValue) {
164	if (!isset($this->groups[$groupID])) {
165	throw new PermissionDeniedException();
166	}
167
168	$optionValue = $this->optionType->getData($this->userGroupOption, $optionValue);
169
170	try {
171	$this->optionType->validate($this->userGroupOption, $optionValue);
172	} catch (UserInputException $e) {
173	$this->errorType[$groupID] = $e->getType();
174	}
175
176	if (WCF::getUser()->hasOwnerAccess()) {
177	continue;
178	}
179
180	if (
181	WCF::getUser()->hasAdministrativeAccess() && (!ENABLE_ENTERPRISE_MODE \|\| !\in_array(
182	$this->userGroupOption->optionName,
183	UserGroupOption::ENTERPRISE_BLACKLIST
184	))
185	) {
186	continue;
187	}
188
189	if (
190	$this->optionType->compare(
191	$optionValue,
192	WCF::getSession()->getPermission($this->userGroupOption->optionName)
193	) == 1
194	) {
195	$this->errorType[$groupID] = 'exceedsOwnPermission';
196	}
197	}
198
199	// add missing values for option type 'boolean'
200	if ($this->userGroupOption->optionType == 'boolean') {
201	foreach ($this->groups as $groupID => $group) {
202	if (!isset($this->values[$groupID])) {
203	$this->values[$groupID] = 0;
204	}
205	}
206	} elseif ($this->userGroupOption->optionType == 'BBCodeSelect') {
207	foreach ($this->groups as $groupID => $group) {
208	if (!isset($this->values[$groupID])) {
209	$this->values[$groupID] = '';
210	}
211	}
212	}
213
214	if (!empty($this->errorType)) {
215	throw new UserInputException('optionValues', $this->errorType);
216	}
217	}
218
219	/**
220	* @inheritDoc
221	*/
222	public function readData()
223	{
224	parent::readData();
225
226	if (empty($_POST)) {
227	// read values of accessible user groups
228	$conditions = new PreparedStatementConditionBuilder();
229	$conditions->add("groupID IN (?)", [\array_keys($this->groups)]);
230	$conditions->add("optionID = ?", [$this->userGroupOption->optionID]);
231
232	$sql = "SELECT groupID, optionValue
233	FROM wcf" . WCF_N . "_user_group_option_value
234	" . $conditions;
235	$statement = WCF::getDB()->prepareStatement($sql);
236	$statement->execute($conditions->getParameters());
237	$this->values = $statement->fetchMap('groupID', 'optionValue');
238	}
239
240	// create form elements for each group
241	foreach ($this->groups as $group) {
3e793b48	242	$optionValue = $this->values[$group->groupID] ?? $this->userGroupOption->defaultValue;
a9229942 TD	243	if ($this->optionType instanceof IUserGroupGroupOptionType) {
	244	$this->optionType->setUserGroup($group);
	245	}
	246
	247	$this->formElements[$group->groupID] = $this->optionType->getFormElement(
	248	$this->userGroupOption,
	249	$optionValue
	250	);
	251	}
	252	}
	253
	254	/**
	255	* @inheritDoc
	256	*/
	257	public function save()
	258	{
	259	parent::save();
	260
	261	$this->objectAction = new UserGroupOptionAction(
	262	[$this->userGroupOption],
	263	'updateValues',
	264	['values' => $this->values]
	265	);
	266	$this->objectAction->executeAction();
	267
	268	// fire saved event
	269	$this->saved();
	270
	271	WCF::getTPL()->assign('success', true);
	272	}
	273
	274	/**
	275	* @inheritDoc
	276	*/
	277	public function assignVariables()
	278	{
	279	parent::assignVariables();
	280
	281	$everyoneGroupID = $guestGroupID = $ownerGroupID = $userGroupID = 0;
	282	foreach ($this->groups as $group) {
	283	if ($group->groupType == UserGroup::EVERYONE) {
	284	$everyoneGroupID = $group->groupID;
	285	} elseif ($group->groupType == UserGroup::GUESTS) {
	286	$guestGroupID = $group->groupID;
	287	} elseif ($group->groupType == UserGroup::OWNER) {
	288	$ownerGroupID = $group->groupID;
	289	} elseif ($group->groupType == UserGroup::USERS) {
	290	$userGroupID = $group->groupID;
	291	}
	292	}
	293
	294	$ownerGroupPermissions = [];
	295	if ($ownerGroupID) {
	296	$ownerGroupPermissions = UserGroup::getOwnerPermissions();
	297	$ownerGroupPermissions[] = 'admin.user.accessibleGroups';
	298	}
	299
	300	WCF::getTPL()->assign([
	301	'formElements' => $this->formElements,
	302	'groups' => $this->groups,
	303	'parentCategories' => $this->parentCategories,
	304	'userGroupOption' => $this->userGroupOption,
	305	'values' => $this->values,
	306	'everyoneGroupID' => $everyoneGroupID,
307	'guestGroupID' => $guestGroupID,
308	'userGroupID' => $userGroupID,
309	'ownerGroupID' => $ownerGroupID,
310	'ownerGroupPermissions' => $ownerGroupPermissions,
311	]);
312	}
c9fba0a2	313	}