summaryrefslogtreecommitdiff
path: root/db/update.d/07_Groups_and_Permissions.php
diff options
context:
space:
mode:
Diffstat (limited to 'db/update.d/07_Groups_and_Permissions.php')
-rw-r--r--db/update.d/07_Groups_and_Permissions.php170
1 files changed, 170 insertions, 0 deletions
diff --git a/db/update.d/07_Groups_and_Permissions.php b/db/update.d/07_Groups_and_Permissions.php
new file mode 100644
index 00000000..7609d756
--- /dev/null
+++ b/db/update.d/07_Groups_and_Permissions.php
@@ -0,0 +1,170 @@
+<?php
+// Most complex update yet. Let's go...
+
+_rename_table("UserGroups", "Groups");
+
+if(sql_num_query("SHOW TABLES LIKE 'UserCVS'") === 1 && sql_num_query("SHOW TABLES LIKE 'UserGroups'") === 0) {
+ // First of all, create a separate table for group assignments of users
+ sql_query("CREATE TABLE `UserGroups` (
+ `id` int(11) NOT NULL AUTO_INCREMENT,
+ `uid` int(11) NOT NULL,
+ `group_id` int(11) NOT NULL,
+ PRIMARY KEY (`id`),
+ KEY `uid` (`uid`,`group_id`),
+ KEY `group_id` (`group_id`)
+ )");
+ // ...and fill it with the old data
+ sql_query("INSERT INTO UserGroups (`uid`, `group_id`) SELECT `UID`, `GroupID` FROM `UserCVS` WHERE `UID` > 0");
+
+ if(sql_num_query("SHOW TABLES LIKE 'Privileges'") == 0) {
+ // Then create a separate table that stores the available privileges...
+ sql_query("CREATE TABLE IF NOT EXISTS `Privileges` (
+ `id` int(11) NOT NULL AUTO_INCREMENT,
+ `name` varchar(128) NOT NULL,
+ `desc` varchar(1024) NOT NULL,
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `name` (`name`)
+ )");
+ // ...and fill it with genuine data. We cannot determine these from the old data!
+ sql_query("INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES
+ (1, 'start', 'Startseite für Gäste/Nicht eingeloggte User'),
+ (2, 'login', 'Logindialog'),
+ (3, 'news', 'Anzeigen der News-Seite'),
+ (4, 'logout', 'User darf sich ausloggen'),
+ (5, 'register', 'Einen neuen Engel registerieren'),
+ (6, 'admin_rooms', 'Räume administrieren'),
+ (7, 'admin_angel_types', 'Engel Typen administrieren'),
+ (8, 'user_settings', 'User profile settings'),
+ (9, 'user_messages', 'Writing and reading messages from user to user'),
+ (10, 'admin_groups', 'Manage usergroups and their rights'),
+ (11, 'user_questions', 'Let users ask questions'),
+ (12, 'admin_questions', 'Answer user''s questions'),
+ (13, 'admin_faq', 'Edit FAQs'),
+ (14, 'admin_news', 'Administrate the news section'),
+ (15, 'news_comments', 'User can comment news'),
+ (16, 'admin_user', 'Administrate the angels'),
+ (17, 'user_meetings', 'Lists meetings (news)'),
+ (18, 'admin_language', 'Translate the system'),
+ (19, 'admin_log', 'Display recent changes'),
+ (20, 'user_wakeup', 'User wakeup-service organization'),
+ (21, 'admin_import', 'Import rooms and shifts from pentabarf'),
+ (22, 'credits', 'View credits'),
+ (23, 'faq', 'View FAQ'),
+ (24, 'user_shifts', 'Signup for shifts'),
+ (25, 'user_shifts_admin', 'Signup other angels for shifts.'),
+ (26, 'user_myshifts', 'Allow angels to view their own shifts and cancel them.'),
+ (27, 'admin_arrive', 'Mark angels when they arrive.'),
+ (28, 'admin_shifts', 'Create shifts'),
+ (30, 'ical', 'iCal shift export'),
+ (31, 'admin_active', 'Mark angels as active and if they got a t-shirt.'),
+ (32, 'admin_free', 'Show a list of free/unemployed angels.')
+ ");
+ }
+
+ if(sql_num_query("SHOW TABLES LIKE 'GroupPrivileges'") == 0) {
+ // Last, we create the table for the privileges a group can have
+ sql_query("CREATE TABLE `GroupPrivileges` (
+ `id` int(11) NOT NULL AUTO_INCREMENT,
+ `group_id` int(11) NOT NULL,
+ `privilege_id` int(11) NOT NULL,
+ PRIMARY KEY (`id`),
+ KEY `group_id` (`group_id`,`privilege_id`)
+ )");
+
+ // ...and fill it with data.
+ /// XXX: We could determine this from the old UserCVS table, at lease partially!
+ sqL_query("INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES
+ (107, -2, 24),
+ (24, -1, 5),
+ (106, -2, 8),
+ (105, -2, 11),
+ (23, -1, 2),
+ (142, -5, 16),
+ (141, -5, 28),
+ (104, -2, 26),
+ (103, -2, 9),
+ (86, -6, 21),
+ (140, -5, 6),
+ (139, -5, 12),
+ (102, -2, 17),
+ (138, -5, 14),
+ (137, -5, 13),
+ (136, -5, 7),
+ (101, -2, 15),
+ (87, -6, 18),
+ (100, -2, 3),
+ (85, -6, 10),
+ (99, -2, 4),
+ (88, -1, 1),
+ (133, -3, 32),
+ (108, -2, 20),
+ (109, -4, 27),
+ (135, -5, 31),
+ (134, -3, 25),
+ (143, -5, 5);");
+ }
+
+
+ /* Hardest things last: We need to transform the old column-based system
+ * with filename-based permissions to the new privileges system.
+ *
+ * For that to work, we need a manual mapping filename -> privilege, so we
+ * can use the old data. So here we go:
+ */
+
+ #$files_to_privileges = array(
+ # "index.php" => "start",
+ # "logout.php" => "logout",
+ # "faq.php" => "faq",
+ # "makeuser.php" => "register",
+ # "nonpublic/index.php" => "login",
+ # "nonpublic/news.php" => "news",
+ # "nonpublic/news_comments.php" => "news_comments",
+ # "nonpublic/myschichtplan.php" => "",
+ # "nonpublic/myschichtplan_ical.php" => "",
+ # "nonpublic/schichtplan_beamer.php" => "",
+ # "nonpublic/engelbesprechung.php" => "",
+ # "nonpublic/schichtplan.php" => "",
+ # "nonpublic/schichtplan_add.php" => "",
+ # "nonpublic/wecken.php" => "",
+ # "nonpublic/waeckliste.php" => "",
+ # "nonpublic/messages.php" => "",
+ # "nonpublic/faq.php" => "",
+ # "nonpublic/einstellungen.php" => "",
+ # "Change T_Shirt Size" => "",
+ # "admin/index.php" => "",
+ # "admin/room.php" => "",
+ # "admin/EngelType.php" => "",
+ # "admin/schichtplan.php" => "",
+ # "admin/shiftadd.php" => "",
+ # "admin/schichtplan_druck.php" => "",
+ # "admin/user.php" => "",
+ # "admin/userChangeNormal.php" => "",
+ # "admin/userSaveNormal.php" => "",
+ # "admin/userChangeSecure.php" => "",
+ # "admin/userSaveSecure.php" => "",
+ # "admin/group.php" => "",
+ # "admin/userDefaultSetting.php" => "",
+ # "admin/UserPicture.php" => "",
+ # "admin/userArrived.php" => "",
+ # "admin/aktiv.php" => "",
+ # "admin/tshirt.php" => "",
+ # "admin/news.php" => "",
+ # "admin/faq.php" => "",
+ # "admin/free.php" => "",
+ # "admin/sprache.php" => "",
+ # "admin/dect.php" => "",
+ # "admin/dect_call.php" => "",
+ # "admin/dbUpdateFromXLS.php" => "",
+ # "admin/Recentchanges.php" => "",
+ # "admin/debug.php" => "",
+ # "Herald" => "",
+ # "Info" => "",
+ # "Conference" => "",
+ # "Kasse" => "",
+ # "Audio-Video" => "",
+ #);
+
+ $applied = true;
+}
+?>