mirror of
https://github.com/Yetangitu/ampache
synced 2025-10-05 19:41:55 +02:00
added ability to define required user level on a per permission basis
This commit is contained in:
Karl 'vollmerk' Vollmer
parent
f6c313e550
commit
0cf24d0deb
8 changed files with 130 additions and 32 deletions
|
|
@ -5,9 +5,8 @@
|
|||
All rights reserved.
|
||||
|
||||
This program is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU General Public License
|
||||
as published by the Free Software Foundation; either version 2
|
||||
of the License, or (at your option) any later version.
|
||||
modify it under the terms of the GNU General Public License v2
|
||||
as published by the Free Software Foundation
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
|
|
@ -31,19 +30,20 @@
|
|||
|
||||
require('../lib/init.php');
|
||||
|
||||
|
||||
if (!$user->has_access(100)) {
|
||||
if (!$GLOBALS['user']->has_access(100)) {
|
||||
access_denied();
|
||||
}
|
||||
|
||||
$user_id = scrub_in($_REQUEST['user_id']);
|
||||
$action = scrub_in($_REQUEST['action']);
|
||||
if (!$user_id) { $user_id ='-1'; }
|
||||
|
||||
$temp_user = new User($user_id);
|
||||
$temp_user->username = $user_id;
|
||||
|
||||
switch(scrub_in($_REQUEST['action'])) {
|
||||
show_template('header');
|
||||
|
||||
switch($action) {
|
||||
case 'user':
|
||||
$fullname = "ADMIN - " . $temp_user->fullname;
|
||||
$preferences = $temp_user->get_preferences();
|
||||
|
|
@ -66,6 +66,16 @@ switch(scrub_in($_REQUEST['action'])) {
|
|||
$temp_user->fix_preferences($user_id);
|
||||
$preferences = $temp_user->get_preferences($user_id);
|
||||
break;
|
||||
case 'set_preferences':
|
||||
/* Update the preferences */
|
||||
foreach ($_REQUEST['prefs'] as $name=>$leve) {
|
||||
update_preference_level($name,$level);
|
||||
} // end foreach preferences
|
||||
case 'show_set_preferences':
|
||||
/* Get all preferences */
|
||||
$preferences = get_preferences();
|
||||
require_once(conf('prefix') . '/templates/show_preference_admin.inc.php');
|
||||
break;
|
||||
default:
|
||||
$preferences = $temp_user->get_preferences();
|
||||
$fullname = "Site";
|
||||
|
|
@ -74,16 +84,14 @@ switch(scrub_in($_REQUEST['action'])) {
|
|||
} // End Switch Action
|
||||
|
||||
|
||||
// HEADER
|
||||
show_template('header');
|
||||
// HEADER
|
||||
|
||||
// Set Target
|
||||
$target = "/admin/preferences.php";
|
||||
|
||||
// Show the default preferences page
|
||||
require (conf('prefix') . "/templates/show_preferences.inc");
|
||||
// OMG HORRIBLE HACK Beatings for the programmer
|
||||
if ($action != 'show_set_preferences' AND $action != 'set_preferences') {
|
||||
// Set Target
|
||||
$target = "/admin/preferences.php";
|
||||
|
||||
// Show the default preferences page
|
||||
require (conf('prefix') . "/templates/show_preferences.inc");
|
||||
}
|
||||
|
||||
// FOOTER
|
||||
show_footer();
|
||||
|
|
|
|||
|
|
@ -4,7 +4,10 @@
|
|||
|
||||
--------------------------------------------------------------------------
|
||||
v.3.3.3-Alpha2
|
||||
- Foced a sane Post Size had some people with 32 byte post sizes
|
||||
- Added ability for Admins to define the required permission level
|
||||
for individual preferences
|
||||
- Added WavPack support
|
||||
- Forced a sane Post Size had some people with 32 byte post sizes
|
||||
which will not work with Ampache.
|
||||
- Fixed a logic error with the MPD controller.
|
||||
- Fixed a problem were invalid bitrates below the set downsample
|
||||
|
|
@ -41,7 +44,7 @@
|
|||
tags were found
|
||||
- Added new version of getid3() library which will hopefully
|
||||
resolve some PHP5 related issues
|
||||
- Fixed security issue that allowed users to gain gues access to
|
||||
- Fixed security issue that allowed users to gain guest access to
|
||||
ampache if register globals is enabled.
|
||||
- Added xml based query for artists,genre,albums and search see
|
||||
/server/xml.server.php
|
||||
|
|
|
|||
|
|
@ -148,6 +148,9 @@ class Song {
|
|||
case 'flac';
|
||||
$this->mime = "audio/x-flac";
|
||||
break;
|
||||
case 'wv':
|
||||
$this->mime = 'audio/x-wavpack';
|
||||
break;
|
||||
case 'aac':
|
||||
case 'mp4':
|
||||
case 'm4a':
|
||||
|
|
|
|||
|
|
@ -988,5 +988,4 @@ function get_user_from_username($username) {
|
|||
|
||||
} // get_user_from_username
|
||||
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ $results['version'] = '3.3.3-Alpha2 Build (002)';
|
|||
|
||||
$results['raw_web_path'] = $results['web_path'];
|
||||
$results['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['web_path'];
|
||||
$results['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx|ra|ape|shn';
|
||||
$results['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx|ra|ape|shn|wv';
|
||||
$results['http_port'] = $_SERVER['SERVER_PORT'];
|
||||
if (!$results['prefix']) {
|
||||
$results['prefix'] = $prefix;
|
||||
|
|
|
|||
|
|
@ -179,25 +179,21 @@ function update_preference($username,$name,$pref_id,$value) {
|
|||
*/
|
||||
function has_preference_access($name) {
|
||||
|
||||
/* If it's a demo they don't get jack */
|
||||
if (conf('demo_mode')) {
|
||||
return false;
|
||||
}
|
||||
|
||||
switch($name) {
|
||||
$name = sql_escape($name);
|
||||
|
||||
case 'download':
|
||||
case 'upload':
|
||||
case 'quarantine':
|
||||
case 'upload_dir':
|
||||
case 'sample_rate':
|
||||
case 'direct_link':
|
||||
$level = 100;
|
||||
break;
|
||||
default:
|
||||
$level = 25;
|
||||
break;
|
||||
} // end switch key
|
||||
/* Check Against the Database Row */
|
||||
$sql = "SELECT level FROM preferences " .
|
||||
"WHERE name='$name'";
|
||||
$db_results = mysql_query($sql, dbh());
|
||||
|
||||
$data = mysql_fetch_assoc($db_results);
|
||||
|
||||
$level = $data['level'];
|
||||
|
||||
if ($GLOBALS['user']->has_access($level)) {
|
||||
return true;
|
||||
|
|
@ -454,4 +450,41 @@ function show_import_playlist() {
|
|||
|
||||
} // show_import_playlist
|
||||
|
||||
/**
|
||||
* get_preferences
|
||||
* This returns an array of all current preferences in the
|
||||
* preferences table, this isn't a users preferences
|
||||
*/
|
||||
function get_preferences() {
|
||||
|
||||
$sql = "SELECT * FROM preferences";
|
||||
$db_results = mysql_query($sql, dbh());
|
||||
|
||||
$results = array();
|
||||
|
||||
while ($r = mysql_fetch_assoc($db_results)) {
|
||||
$results[] = $r;
|
||||
}
|
||||
|
||||
return $results;
|
||||
|
||||
} // get_preferences
|
||||
|
||||
/**
|
||||
* update_preference_level
|
||||
* This function updates the level field in the preferences table
|
||||
* this has nothing to do with a users actuall preferences
|
||||
*/
|
||||
function update_preference_level($name,$level) {
|
||||
|
||||
$name = sql_escape($name);
|
||||
$level = sql_escape($level);
|
||||
|
||||
$sql = "UPDATE preferences SET `level`='$level' WHERE `name`='$name'";
|
||||
$db_results = mysql_query($sql,dbh());
|
||||
|
||||
return true;
|
||||
|
||||
} // update_preference_level
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -77,6 +77,7 @@ $users = $GLOBALS['user']->get_recent(10);
|
|||
<a href="<?php echo $web_path; ?>/admin/catalog.php?action=clear_now_playing"><?php echo _('Clear Now Playing'); ?></a>
|
||||
<hr noshade="noshade" size="3" />
|
||||
<a href="<?php echo $web_path; ?>/admin/system.php?action=generate_config"><?php echo _('Generate New Config'); ?></a>
|
||||
<a href="<?php echo $web_path; ?>/admin/preferences.php?action=show_set_preferences"><?php echo _('Preferences Permissions'); ?></a>
|
||||
<!-- <a href="<?php echo $web_path; ?>/admin/system.php?action=check_version"><?php echo _('Check for New Version'); ?></a>
|
||||
-->
|
||||
</div>
|
||||
|
|
|
|||
51
templates/show_preference_admin.inc.php
Normal file
51
templates/show_preference_admin.inc.php
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
<?php
|
||||
/*
|
||||
|
||||
Copyright (c) 2001 - 2006 Ampache.org
|
||||
All rights reserved.
|
||||
|
||||
This program is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU General Public License v2
|
||||
as published by the Free Software Foundation
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
|
||||
*/
|
||||
?>
|
||||
<?php show_box_top(_('Preference Administration')); ?>
|
||||
<form method="post" action="<?php echo conf('web_path'); ?>/admin/preferences.php" enctype="multipart/form-data">
|
||||
<table cellspacing="0">
|
||||
<tr class="table-header">
|
||||
<td><?php echo _('Preference'); ?></td>
|
||||
<td><?php echo _('Level'); ?></td>
|
||||
</tr>
|
||||
<?php foreach ($preferences as $preference) {
|
||||
unset($is_25,$is_5,$is_100);
|
||||
?>
|
||||
<tr class="<?php echo flip_class(); ?>">
|
||||
<td><?php echo scrub_out($preference['description']); ?></td>
|
||||
<td>
|
||||
<?php $level_name = "is_" . $preference['level']; ${$level_name} = 'selected="selected"'; ?>
|
||||
<select name="prefs[<?php echo scrub_out($preference['name']); ?>]">
|
||||
<option value="5" <?php echo $is_5; ?>><?php echo _('Guest'); ?></option>
|
||||
<option value="25" <?php echo $is_25; ?>><?php echo _('User'); ?></option>
|
||||
<option value="100" <?php echo $is_100; ?>><?php echo _('Admin'); ?></option>
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<?php } ?>
|
||||
<tr>
|
||||
<td colspan="2">
|
||||
<input type="hidden" name="action" value="set_preferences" />
|
||||
<input type="submit" value="<?php echo _('Update'); ?>" />
|
||||
</td>
|
||||
</table>
|
||||
</form>
|
||||
<?php show_box_bottom(); ?>
|
||||
Loading…
Add table
Add a link
Reference in a new issue