| 1 | <?php |
| 2 | |
| 3 | namespace wcf\acp\form; |
| 4 | |
| 5 | use wcf\data\user\group\option\category\UserGroupOptionCategory; |
| 6 | use wcf\data\user\group\option\category\UserGroupOptionCategoryList; |
| 7 | use wcf\data\user\group\option\UserGroupOption; |
| 8 | use wcf\data\user\group\option\UserGroupOptionAction; |
| 9 | use wcf\data\user\group\UserGroup; |
| 10 | use wcf\form\AbstractForm; |
| 11 | use wcf\system\database\util\PreparedStatementConditionBuilder; |
| 12 | use wcf\system\exception\IllegalLinkException; |
| 13 | use wcf\system\exception\PermissionDeniedException; |
| 14 | use wcf\system\exception\SystemException; |
| 15 | use wcf\system\exception\UserInputException; |
| 16 | use wcf\system\option\user\group\IUserGroupGroupOptionType; |
| 17 | use wcf\system\option\user\group\IUserGroupOptionType; |
| 18 | use wcf\system\WCF; |
| 19 | |
| 20 | /** |
| 21 | * Shows the user group option form to edit a single option. |
| 22 | * |
| 23 | * @author Alexander Ebert |
| 24 | * @copyright 2001-2020 WoltLab GmbH |
| 25 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> |
| 26 | */ |
| 27 | class UserGroupOptionForm extends AbstractForm |
| 28 | { |
| 29 | /** |
| 30 | * @inheritDoc |
| 31 | */ |
| 32 | public $activeMenuItem = 'wcf.acp.menu.link.group'; |
| 33 | |
| 34 | /** |
| 35 | * list of parsed form elements per group |
| 36 | * @var string[] |
| 37 | */ |
| 38 | public $formElements = []; |
| 39 | |
| 40 | /** |
| 41 | * list of accessible groups |
| 42 | * @var UserGroup[] |
| 43 | */ |
| 44 | public $groups = []; |
| 45 | |
| 46 | /** |
| 47 | * @inheritDoc |
| 48 | */ |
| 49 | public $neededPermissions = ['admin.user.canEditGroup']; |
| 50 | |
| 51 | /** |
| 52 | * user group option type object |
| 53 | * @var IUserGroupOptionType |
| 54 | */ |
| 55 | public $optionType; |
| 56 | |
| 57 | /** |
| 58 | * list of parent categories |
| 59 | * @var UserGroupOptionCategory[] |
| 60 | */ |
| 61 | public $parentCategories = []; |
| 62 | |
| 63 | /** |
| 64 | * list of values per user group |
| 65 | * @var array |
| 66 | */ |
| 67 | public $values = []; |
| 68 | |
| 69 | /** |
| 70 | * user group option object |
| 71 | * @var UserGroupOption |
| 72 | */ |
| 73 | public $userGroupOption; |
| 74 | |
| 75 | /** |
| 76 | * user group option id |
| 77 | * @var int |
| 78 | */ |
| 79 | public $userGroupOptionID = 0; |
| 80 | |
| 81 | /** |
| 82 | * @inheritDoc |
| 83 | */ |
| 84 | public function readParameters() |
| 85 | { |
| 86 | parent::readParameters(); |
| 87 | |
| 88 | if (isset($_REQUEST['id'])) { |
| 89 | $this->userGroupOptionID = \intval($_REQUEST['id']); |
| 90 | } |
| 91 | $this->userGroupOption = new UserGroupOption($this->userGroupOptionID); |
| 92 | if (!$this->userGroupOption->optionID) { |
| 93 | throw new IllegalLinkException(); |
| 94 | } |
| 95 | |
| 96 | // verify options and permissions for current option |
| 97 | if ($this->userGroupOption->validateOptions() && $this->userGroupOption->validatePermissions()) { |
| 98 | // read all categories |
| 99 | $categoryList = new UserGroupOptionCategoryList(); |
| 100 | $categoryList->readObjects(); |
| 101 | |
| 102 | $categories = []; |
| 103 | foreach ($categoryList as $category) { |
| 104 | $categories[$category->categoryName] = $category; |
| 105 | } |
| 106 | |
| 107 | // verify categories |
| 108 | $category = $categories[$this->userGroupOption->categoryName]; |
| 109 | while ($category != null) { |
| 110 | if (!$category->validateOptions() || !$category->validatePermissions()) { |
| 111 | throw new PermissionDeniedException(); |
| 112 | } |
| 113 | |
| 114 | \array_unshift($this->parentCategories, $category); |
| 115 | $category = ($category->parentCategoryName != '') ? $categories[$category->parentCategoryName] : null; |
| 116 | } |
| 117 | } else { |
| 118 | throw new PermissionDeniedException(); |
| 119 | } |
| 120 | |
| 121 | // read accessible groups |
| 122 | $this->groups = UserGroup::getSortedAccessibleGroups(); |
| 123 | if ($this->userGroupOption->usersOnly) { |
| 124 | $guestGroup = UserGroup::getGroupByType(UserGroup::GUESTS); |
| 125 | if (isset($this->groups[$guestGroup->groupID])) { |
| 126 | unset($this->groups[$guestGroup->groupID]); |
| 127 | } |
| 128 | } |
| 129 | if (empty($this->groups)) { |
| 130 | throw new PermissionDeniedException(); |
| 131 | } |
| 132 | |
| 133 | // get option type |
| 134 | $className = 'wcf\system\option\user\group\\' . \ucfirst($this->userGroupOption->optionType) . 'UserGroupOptionType'; |
| 135 | if (!\class_exists($className)) { |
| 136 | throw new SystemException("Unable to find option type for '" . $this->userGroupOption->optionType . "'"); |
| 137 | } |
| 138 | $this->optionType = new $className(); |
| 139 | } |
| 140 | |
| 141 | /** |
| 142 | * @inheritDoc |
| 143 | */ |
| 144 | public function readFormParameters() |
| 145 | { |
| 146 | parent::readFormParameters(); |
| 147 | |
| 148 | if (isset($_POST['values']) && \is_array($_POST['values'])) { |
| 149 | $this->values = $_POST['values']; |
| 150 | } |
| 151 | } |
| 152 | |
| 153 | /** |
| 154 | * @inheritDoc |
| 155 | */ |
| 156 | public function validate() |
| 157 | { |
| 158 | parent::validate(); |
| 159 | |
| 160 | $this->errorType = []; |
| 161 | |
| 162 | // validate option values |
| 163 | foreach ($this->values as $groupID => &$optionValue) { |
| 164 | if (!isset($this->groups[$groupID])) { |
| 165 | throw new PermissionDeniedException(); |
| 166 | } |
| 167 | |
| 168 | $optionValue = $this->optionType->getData($this->userGroupOption, $optionValue); |
| 169 | |
| 170 | try { |
| 171 | $this->optionType->validate($this->userGroupOption, $optionValue); |
| 172 | } catch (UserInputException $e) { |
| 173 | $this->errorType[$groupID] = $e->getType(); |
| 174 | } |
| 175 | |
| 176 | if (WCF::getUser()->hasOwnerAccess()) { |
| 177 | continue; |
| 178 | } |
| 179 | |
| 180 | if ( |
| 181 | WCF::getUser()->hasAdministrativeAccess() && (!ENABLE_ENTERPRISE_MODE || !\in_array( |
| 182 | $this->userGroupOption->optionName, |
| 183 | UserGroupOption::ENTERPRISE_BLACKLIST |
| 184 | )) |
| 185 | ) { |
| 186 | continue; |
| 187 | } |
| 188 | |
| 189 | if ( |
| 190 | $this->optionType->compare( |
| 191 | $optionValue, |
| 192 | WCF::getSession()->getPermission($this->userGroupOption->optionName) |
| 193 | ) == 1 |
| 194 | ) { |
| 195 | $this->errorType[$groupID] = 'exceedsOwnPermission'; |
| 196 | } |
| 197 | } |
| 198 | |
| 199 | // add missing values for option type 'boolean' |
| 200 | if ($this->userGroupOption->optionType == 'boolean') { |
| 201 | foreach ($this->groups as $groupID => $group) { |
| 202 | if (!isset($this->values[$groupID])) { |
| 203 | $this->values[$groupID] = 0; |
| 204 | } |
| 205 | } |
| 206 | } elseif ($this->userGroupOption->optionType == 'BBCodeSelect') { |
| 207 | foreach ($this->groups as $groupID => $group) { |
| 208 | if (!isset($this->values[$groupID])) { |
| 209 | $this->values[$groupID] = ''; |
| 210 | } |
| 211 | } |
| 212 | } |
| 213 | |
| 214 | if (!empty($this->errorType)) { |
| 215 | throw new UserInputException('optionValues', $this->errorType); |
| 216 | } |
| 217 | } |
| 218 | |
| 219 | /** |
| 220 | * @inheritDoc |
| 221 | */ |
| 222 | public function readData() |
| 223 | { |
| 224 | parent::readData(); |
| 225 | |
| 226 | if (empty($_POST)) { |
| 227 | // read values of accessible user groups |
| 228 | $conditions = new PreparedStatementConditionBuilder(); |
| 229 | $conditions->add("groupID IN (?)", [\array_keys($this->groups)]); |
| 230 | $conditions->add("optionID = ?", [$this->userGroupOption->optionID]); |
| 231 | |
| 232 | $sql = "SELECT groupID, optionValue |
| 233 | FROM wcf" . WCF_N . "_user_group_option_value |
| 234 | " . $conditions; |
| 235 | $statement = WCF::getDB()->prepareStatement($sql); |
| 236 | $statement->execute($conditions->getParameters()); |
| 237 | $this->values = $statement->fetchMap('groupID', 'optionValue'); |
| 238 | } |
| 239 | |
| 240 | // create form elements for each group |
| 241 | foreach ($this->groups as $group) { |
| 242 | $optionValue = $this->values[$group->groupID] ?? $this->userGroupOption->defaultValue; |
| 243 | if ($this->optionType instanceof IUserGroupGroupOptionType) { |
| 244 | $this->optionType->setUserGroup($group); |
| 245 | } |
| 246 | |
| 247 | $this->formElements[$group->groupID] = $this->optionType->getFormElement( |
| 248 | $this->userGroupOption, |
| 249 | $optionValue |
| 250 | ); |
| 251 | } |
| 252 | } |
| 253 | |
| 254 | /** |
| 255 | * @inheritDoc |
| 256 | */ |
| 257 | public function save() |
| 258 | { |
| 259 | parent::save(); |
| 260 | |
| 261 | $this->objectAction = new UserGroupOptionAction( |
| 262 | [$this->userGroupOption], |
| 263 | 'updateValues', |
| 264 | ['values' => $this->values] |
| 265 | ); |
| 266 | $this->objectAction->executeAction(); |
| 267 | |
| 268 | // fire saved event |
| 269 | $this->saved(); |
| 270 | |
| 271 | WCF::getTPL()->assign('success', true); |
| 272 | } |
| 273 | |
| 274 | /** |
| 275 | * @inheritDoc |
| 276 | */ |
| 277 | public function assignVariables() |
| 278 | { |
| 279 | parent::assignVariables(); |
| 280 | |
| 281 | $everyoneGroupID = $guestGroupID = $ownerGroupID = $userGroupID = 0; |
| 282 | foreach ($this->groups as $group) { |
| 283 | if ($group->groupType == UserGroup::EVERYONE) { |
| 284 | $everyoneGroupID = $group->groupID; |
| 285 | } elseif ($group->groupType == UserGroup::GUESTS) { |
| 286 | $guestGroupID = $group->groupID; |
| 287 | } elseif ($group->groupType == UserGroup::OWNER) { |
| 288 | $ownerGroupID = $group->groupID; |
| 289 | } elseif ($group->groupType == UserGroup::USERS) { |
| 290 | $userGroupID = $group->groupID; |
| 291 | } |
| 292 | } |
| 293 | |
| 294 | $ownerGroupPermissions = []; |
| 295 | if ($ownerGroupID) { |
| 296 | $ownerGroupPermissions = UserGroup::getOwnerPermissions(); |
| 297 | $ownerGroupPermissions[] = 'admin.user.accessibleGroups'; |
| 298 | } |
| 299 | |
| 300 | WCF::getTPL()->assign([ |
| 301 | 'formElements' => $this->formElements, |
| 302 | 'groups' => $this->groups, |
| 303 | 'parentCategories' => $this->parentCategories, |
| 304 | 'userGroupOption' => $this->userGroupOption, |
| 305 | 'values' => $this->values, |
| 306 | 'everyoneGroupID' => $everyoneGroupID, |
| 307 | 'guestGroupID' => $guestGroupID, |
| 308 | 'userGroupID' => $userGroupID, |
| 309 | 'ownerGroupID' => $ownerGroupID, |
| 310 | 'ownerGroupPermissions' => $ownerGroupPermissions, |
| 311 | ]); |
| 312 | } |
| 313 | } |