Overview Package Class Source Class tree Glossary
previous class      next class frames      no frames

TribesWebAdmin.TribesWebQueryAdmins


00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053
00054
00055
00056
00057
00058
00059
00060
00061
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071
00072
00073
00074
00075
00076
00077
00078
00079
00080
00081
00082
00083
00084
00085
00086
00087
00088
00089
00090
00091
00092
00093
00094
00095
00096
00097
00098
00099
00100
00101
00102
00103
00104
00105
00106
00107
00108
00109
00110
00111
00112
00113
00114
00115
00116
00117
00118
00119
00120
00121
00122
00123
00124
00125
00126
00127
00128
00129
00130
00131
00132
00133
00134
00135
00136
00137
00138
00139
00140
00141
00142
00143
00144
00145
00146
00147
00148
00149
00150
00151
00152
00153
00154
00155
00156
00157
00158
00159
00160
00161
00162
00163
00164
00165
00166
00167
00168
00169
00170
00171
00172
00173
00174
00175
00176
00177
00178
00179
00180
00181
00182
00183
00184
00185
00186
00187
00188
00189
00190
00191
00192
00193
00194
00195
00196
00197
00198
00199
00200
00201
00202
00203
00204
00205
00206
00207
00208
00209
00210
00211
00212
00213
00214
00215
00216
00217
00218
00219
00220
00221
00222
00223
00224
00225
00226
00227
00228
00229
00230
00231
00232
00233
00234
00235
00236
00237
00238
00239
00240
00241
00242
00243
00244
00245
00246
00247
00248
00249
00250
00251
00252
00253
00254
00255
00256
00257
00258
00259
00260
00261
00262
00263
00264
00265
00266
00267
00268
00269
00270
00271
00272
00273
00274
00275
00276
00277
00278
00279
00280
00281
00282
00283
00284
00285
00286
00287
00288
00289
00290
00291
00292
00293
00294
00295
00296
00297
00298
00299
00300
00301
00302
00303
00304
00305
00306
00307
00308
00309
00310
00311
00312
00313
00314
00315
00316
00317
00318
00319
00320
00321
00322
00323
00324
00325
00326
00327
00328
00329
00330
00331
00332
00333
00334
00335
00336
00337
00338
00339
00340
00341
00342
00343
00344
00345
00346
00347
00348
00349
00350
00351
00352
00353
00354
00355
00356
00357
00358
00359
00360
00361
00362
00363
00364
00365
00366
00367
00368
00369
00370
00371
00372
00373
00374
00375
00376
00377
00378
00379
00380
00381
00382
00383
00384
00385
00386
00387
00388
00389
00390
00391
00392
00393
00394
00395
00396
00397
00398
00399
00400
00401
00402
00403
00404
00405
00406
00407
00408
00409
00410
00411
00412
00413
00414
00415
00416
00417
00418
00419
00420
00421
00422
00423
00424
00425
00426
00427
00428
00429
00430
00431
00432
00433
00434
00435
00436
00437
00438
00439
00440
00441
00442
00443
00444
00445
00446
00447
00448
00449
00450
00451
00452
00453
00454
00455
00456
00457
00458
00459
00460
00461
00462
00463
00464
00465
00466
00467
00468
00469
00470
00471
00472
00473
00474
00475
00476
00477
00478
00479
00480
00481
00482
00483
00484
00485
00486
00487
00488
00489
00490
00491
00492
00493
00494
00495
00496
00497
00498
00499
00500
00501
00502
00503
00504
00505
00506
00507
00508
00509
00510
00511
00512
00513
00514
00515
00516
00517
00518
00519
00520
00521
00522
00523
00524
00525
00526
00527
00528
00529
00530
00531
00532
00533
00534
00535
00536
00537
00538
00539
00540
00541
00542
00543
00544
00545
00546
00547
00548
00549
00550
00551
00552
00553
00554
00555
00556
00557
00558
00559
00560
00561
00562
00563
00564
00565
00566
00567
00568
00569
00570
00571
00572
00573
00574
00575
00576
00577
00578
00579
00580
00581
00582
00583
00584
00585
00586
00587
00588
00589
00590
00591
00592
00593
00594
00595
00596
00597
00598
00599
00600
00601
00602
00603
00604
00605
00606
00607
00608
00609
00610
00611
00612
00613
00614
00615
00616
00617
00618
00619
00620
00621
00622
00623
00624
00625
00626
00627
00628
00629
00630
00631
00632
00633
00634
00635
00636
00637
00638
00639
00640
00641
00642
00643
00644
00645
00646
00647
00648
00649
00650
00651
00652
00653
00654
00655
00656
00657
00658
00659
00660
00661
00662
00663
00664
00665
00666
00667
00668
00669
00670
00671
00672
00673
00674
00675
00676
00677
00678
00679
00680
00681
00682
00683
00684
00685
00686
00687
00688
00689
00690
00691
00692
00693
00694
00695
00696
00697
00698
00699
00700
00701
00702
00703
00704
00705
00706
00707
00708
00709
00710
00711
00712
00713
00714
00715
00716
00717
00718
00719
00720
00721
00722
00723
00724
00725
00726
00727
00728
00729
00730
00731
00732
00733
00734
00735
00736
00737
00738
00739
00740
00741
00742
00743
00744
00745
00746
00747
00748
00749
00750
00751
00752
00753
00754
00755
00756
00757
00758
00759
00760
00761
00762
00763
00764
00765
00766
00767
00768
00769
00770
00771
00772
00773
00774
00775
00776
00777
00778
00779
00780
00781
00782
00783
00784
00785
00786
00787
00788
00789
00790
00791
00792
00793
00794
00795
00796
00797
00798
00799
00800
00801
00802
00803
00804
00805
00806
00807
00808
00809
00810
00811
00812
00813
00814
00815
00816
00817
00818
00819
00820
00821
00822
00823
00824
00825
00826
00827
00828
00829
00830
00831
00832
00833
00834
00835
00836
00837
00838
00839
00840
00841
00842
00843
00844
00845
00846
00847
00848
00849
00850
00851
00852
00853
00854
00855
00856
00857
00858
00859
00860
00861
00862
00863
00864
00865
00866
00867
00868
00869
00870
00871
00872
00873
00874
00875
00876
00877
00878
00879
00880
00881
00882
00883
00884
00885
00886
00887
00888
00889
00890
00891
00892
00893
00894
00895
00896
00897
00898
00899
00900
00901
00902
00903
00904
00905
00906
00907
00908
00909
00910
00911
00912
00913
00914
00915
00916
00917
00918
00919
00920
00921
00922
00923
00924
00925
00926
00927
00928
00929
00930
00931
00932
00933
00934
00935
00936
00937
00938
00939
00940
00941
00942
00943
00944
00945
00946
00947
00948
00949
00950
00951
00952
00953
00954
00955
00956
00957
00958
00959
00960
00961
class TribesWebQueryAdmins extends TribesWebQueryHandler;

struct RowGroup { var array<string>	rows; };

var config string AdminsIndexPage;
var config string UsersHomePage;
var config string UsersAccountPage;
var config string UsersAddPage;
var config string UsersBrowsePage;
var config string UsersEditPage;
var config string UsersGroupsPage;
var config string UsersMGroupsPage;
var config string GroupsAddPage;
var config string GroupsBrowsePage;
var config string GroupsEditPage;

var localized string NoteUserHomePage;
var localized string NoteAccountPage;
var localized string NoteUserAddPage;
var localized string NoteUserEditPage;
var localized string NoteUsersBrowsePage;
var localized string NoteGroupAddPage;
var localized string NoteGroupEditPage;
var localized string NoteGroupsBrowsePage;
var localized string NoteGroupAccessPage;
var localized string NoteMGroupAccessPage;

function bool Query(WebRequest Request, WebResponse Response)
{
	switch (Mid(Request.URI, 1))
	{
	case DefaultPage:		QueryAdminsFrame(Request, Response); return true;
	case AdminsIndexPage:	QueryAdminsMenu(Request, Response); return true;
		
	case UsersHomePage:		if (!owner.MapIsChanging()) QueryUsersHomePage(Request, Response); return true;
	case UsersAccountPage:	if (!owner.MapIsChanging()) QueryUserAccountPage(Request, Response); return true;
	case UsersBrowsePage:	if (!owner.MapIsChanging()) QueryUsersBrowsePage(Request, Response); return true;
	case UsersAddPage:		if (!owner.MapIsChanging()) QueryUsersAddPage(Request, Response); return true;
	case UsersEditPage:		if (!owner.MapIsChanging()) QueryUsersEditPage(Request, Response); return true;
	case UsersGroupsPage:	if (!owner.MapIsChanging()) QueryUsersGroupsPage(Request, Response); return true;
	case UsersMGroupsPage:	if (!owner.MapIsChanging()) QueryUsersMGroupsPage(Request, Response); return true;
	case GroupsBrowsePage:	if (!owner.MapIsChanging()) QueryGroupsBrowsePage(Request, Response); return true;
	case GroupsAddPage:		if (!owner.MapIsChanging()) QueryGroupsAddPage(Request, Response); return true;
	case GroupsEditPage:	if (!owner.MapIsChanging()) QueryGroupsEditPage(Request, Response); return true;
	}	
	return false;
}

function QueryAdminsFrame(WebRequest Request, WebResponse Response)
{
local String Page;
	
	// if no page specified, use the default
	Page = Request.GetVariable("Page", UsersHomePage);

	Response.Subst("IndexURI", 	AdminsIndexPage$"?Page="$Page);
	Response.Subst("MainURI", 	Page);

	owner.ShowPage(Response, DefaultPage);
}

function QueryAdminsMenu(WebRequest Request, WebResponse Response)
{
	Response.Subst("Title", "Users & Groups Management");
	
	Response.Subst("UsersHomeURI", UsersHomePage);
	Response.Subst("UserAccountURI", UsersAccountPage);
	Response.Subst("UsersAddURI", UsersAddPage);
	Response.Subst("GroupsAddURI", GroupsAddPage);
	Response.Subst("UsersBrowseURI", UsersBrowsePage);
	Response.Subst("GroupsBrowseURI", GroupsBrowsePage);
	
	owner.ShowPage(Response, AdminsIndexPage);
}

function QueryUsersHomePage(WebRequest Request, WebResponse Response)
{
	Response.Subst("Section", "Admin Home Page");
	Response.Subst("PageHelp", NoteUserHomePage);
	owner.ShowPage(Response, UsersHomePage);
}

function QueryUserAccountPage(WebRequest Request, WebResponse Response)
{
local string upass;

	Response.Subst("NameValue", owner.HtmlEncode(owner.CurAdmin.UserName));
	if (Request.GetVariable("edit", "") != "")
	{
		// Can only change his password
		upass = Request.GetVariable("Password", owner.CurAdmin.Password);
		if (!owner.CurAdmin.ValidPass(upass))
			owner.StatusError(Response, "New password is too short!");
		else if (upass != owner.CurAdmin.Password)
		{
			owner.CurAdmin.Password = upass;
			owner.Level.Game.AccessControl.SaveAdmins();
		}
	}

	Response.Subst("PassValue", owner.CurAdmin.Password);
	Response.Subst("PrivTable", GetPrivsTable(owner.CurAdmin.Privileges, true));
	Response.Subst("GroupLinks", "");
	Response.Subst("SubmitValue", "Accept");
	Response.Subst("PostAction", UsersAccountPage);
	Response.Subst("PageHelp", NoteAccountPage);
	owner.ShowPage(Response, UsersAccountPage);
}

function QueryUsersBrowsePage(WebRequest Request, WebResponse Response)
{
local TribesAdminUser User;

	if (owner.CanPerform("Al|Aa|Ae|Ag|Am"))
	{
		// Delete an Admin
		if (Request.GetVariable("delete") != "")
		{
			// Delete specified Admin Group	
			User = owner.Level.Game.AccessControl.Users.FindByName(Request.GetVariable("delete"));
			if (User != None)
			{
				if (owner.CurAdmin.CanManageUser(User))
				{
					owner.StatusOk(Response, "User '"$owner.HtmlEncode(User.UserName)$"' was removed!");
					// Remove User
					User.UnlinkGroups();
					owner.Level.Game.AccessControl.Users.Remove(User);
					owner.Level.Game.AccessControl.SaveAdmins();
				}
				else
					owner.StatusError(Response, "Your privileges prevent you from delete this group");
			}
			else
				owner.StatusError(Response, "Invalid group name specified");
		}
		// Show the list
		Response.Subst("BrowseList", GetUsersForBrowse(Response));

		Response.Subst("Section", "Browse Available Users");
		Response.Subst("PageHelp", NoteUsersBrowsePage);
		owner.ShowPage(Response, UsersBrowsePage);
	}
	else
		owner.AccessDenied(Response);
}

function QueryUsersAddPage(WebRequest Request, WebResponse Response)
{
local TribesAdminUser User;
local TribesAdminGroup Group;
local TribesAdminGroupList Groups;
local string uname, upass, uprivs, ugrp, ErrMsg;

	if (owner.CanPerform("Aa"))
	{
		if (owner.CurAdmin.bMasterAdmin)
			Groups = owner.Level.Game.AccessControl.Groups;
		else
			Groups = owner.CurAdmin.ManagedGroups;
			 
		if (Request.GetVariable("addnew") != "")
		{
			// Humm .. AddNew
			uname = Request.GetVariable("Username");
			upass = Request.GetVariable("Password");
			uprivs = FixPrivs(Request, "");
			ugrp = Request.GetVariable("Usergroup");
			Group = Groups.FindByName(ugrp);
			
			if (!owner.CurAdmin.ValidName(uname))
				ErrMsg = "User name contains invalid characters!";
			else if (owner.Level.Game.AccessControl.Users.FindByName(uname) != None)
				ErrMsg = "User name already used!";
			else if (!owner.CurAdmin.ValidPass(upass))
				ErrMsg = "Password contains invalid characters!";
			else if (ugrp == "")
				ErrMsg = "You must select a group!";
			else if (Group == None)
				ErrMsg = "The Group you selected does not exist!";
		
			Response.Subst("NameValue", owner.HtmlEncode(uname));
			Response.Subst("PassValue", upass);
			Response.Subst("PrivTable", GetPrivsTable(uprivs));

			if (ErrMsg == "")
			{
				// All settings are fine, create the new Group.
				User = owner.Level.Game.AccessControl.Users.Create(uname, upass, uprivs);
				if (User != None)
				{
					User.AddGroup(Group);
					owner.Level.Game.AccessControl.Users.Add(User);
					owner.Level.Game.AccessControl.SaveAdmins();
				}
				else
				{
					// Only re-add the DDL if there was a problem.
					ErrMsg = "Exceptional error creating the new group";
				}
			}
			
			if (ErrMsg != "")
				owner.StatusError(Response, ErrMsg);
		}
		else
			Response.Subst("PrivTable", GetPrivsTable(""));
		
		if (User != None)
		{
			Response.Subst("PostAction", UsersEditPage);
			Response.Subst("SubmitName", "addnew");
			Response.Subst("SubmitValue", "Modify Admin");
			Response.Subst("Section", "Modify an Administrator");
			Response.Subst("PageHelp", NoteUserEditPage);
			owner.ShowPage(Response, UsersEditPage);
		}
		else
		{
			Response.Subst("Groups", GetGroupOptions(Groups, ugrp));
			Response.Subst("PostAction", UsersAddPage);
			Response.Subst("SubmitName", "addnew");
			Response.Subst("SubmitValue", "Add Admin");
			Response.Subst("Section", "Add a New Administrator");
			Response.Subst("PageHelp", NoteUserAddPage);
			owner.ShowPage(Response, UsersAddPage);
		}
	}
	else
		owner.AccessDenied(Response);
}

function QueryUsersEditPage(WebRequest Request, WebResponse Response)
{
local TribesAdminUser User;
local string uname, upass, privs, ErrMsg;

	if (owner.CanPerform("Aa|Ae"))
	{
		ErrMsg = "";
		
		Response.Subst("Section", "Modify an Administrator");

		User = owner.Level.Game.AccessControl.GetUser(Request.GetVariable("edit"));
		if (User != None)
		{
			if (owner.CurAdmin.CanManageUser(User))
			{
				// Operations
				if (Request.GetVariable("mod") != "")
				{
					// Validate the changes and modify the user information
					uname = Request.GetVariable("Username");
					upass = Request.GetVariable("Password");
					privs = FixPrivs(Request, User.Privileges);
					if (uname != User.UserName)
					{
						if (User.ValidName(uname))
						{
							if (owner.Level.Game.AccessControl.GetUser(uname) == None)
								User.UserName = uname;
							else
								ErrMsg = "New name already exists";
						}
						else
							ErrMsg = "New name is invalid";
					}
					
					if (ErrMsg == "" && !(upass == User.Password))
					{
						if (User.ValidPass(upass))
							User.Password = upass;
						else
							ErrMsg = "New password is invalid";
					}
					
					if (ErrMsg == "" && privs != User.Privileges)
					{
						User.Privileges = privs;
						User.RedoMergedPrivs();
					}
					if (ErrMsg == "")
						owner.Level.Game.AccessControl.SaveAdmins();
				}
				
				if (ErrMsg != "")
					owner.StatusError(Response, ErrMsg);
			
				Response.Subst("NameValue", owner.HtmlEncode(User.UserName));
				Response.Subst("PassValue", owner.HtmlEncode(User.Password));
				Response.Subst("PrivTable", GetPrivsTable(User.Privileges));
				Response.Subst("PostAction", UsersEditPage);
				Response.Subst("SubmitName", "mod");
				Response.Subst("SubmitValue", "Modify Admin");
				Response.Subst("PageHelp", NoteUserEditPage);
				owner.ShowPage(Response, UsersEditPage);
			}
			else
				owner.ShowMessage(Response, "No Privileges", "You do not have the privileges to modify this admin");
		}
		else
			owner.ShowMessage(Response, "Unknown Admin", "The admin you have selected does not exist!");
	}
	else
		owner.AccessDenied(Response);
}

function QueryUsersGroupsPage(WebRequest Request, WebResponse Response)
{
local TribesAdminUser		User;
local TribesAdminGroupList	Groups;
local TribesAdminGroup		Group;
local StringArray	  GrpNames;
local string GroupRows, GrpName, Str;
local int i;
local bool bModify, bChecked;

	if (owner.CanPerform("Ag"))
	{
		User = owner.Level.Game.AccessControl.Users.FindByName(Request.GetVariable("edit"));
		if (User != None)
		{
			if (owner.CurAdmin.CanManageUser(User))
			{
				if (owner.CurAdmin.bMasterAdmin)
					Groups = owner.Level.Game.AccessControl.Groups;
				else
					Groups = owner.CurAdmin.ManagedGroups;
				
				// Work with a table of checkboxes now
				GroupRows = "";
				bModify = (Request.GetVariable("submit") != "");

				// Make a sorted list of Groups
				GrpNames = new(None)class'SortedStringArray';
				for (i=0; i<Groups.Count(); i++)
					GrpNames.Add(Groups.Get(i).GroupName, Groups.Get(i).GroupName);

				for (i=0; i<GrpNames.Count(); i++)
				{
					GrpName = GrpNames.GetItem(i);
					Group = Groups.FindByName(GrpName);
					bChecked = Request.GetVariable(GrpName) != "";

					if (bModify)
					{
						if (User.Groups.Contains(Group))
						{
							if (!bChecked)	// Remove the user from the group
								User.RemoveGroup(Group);
						}
						else
						{
							if (bChecked)
								User.AddGroup(Group);
						}
					}
					Response.Subst("GroupName", GrpName);

					Str = "";
					if (User.Groups.Contains(Group))
						Str = " checked";
					Response.Subst("Checked", Str);
					GroupRows = GroupRows$owner.WebInclude("users_groups_row");
				}

				if (bModify)
					owner.Level.Game.AccessControl.SaveAdmins();

				// Now just build up the page as a table with checkboxes
				Response.Subst("NameValue", owner.HtmlEncode(User.UserName));
				Response.Subst("GroupRows", GroupRows);
				Response.Subst("PostAction", UsersGroupsPage);
				Response.Subst("Section", "Manage Groups For "$owner.HtmlEncode(User.UserName));
				Response.Subst("PageHelp", NoteGroupAccessPage);
				owner.ShowPage(Response, UsersGroupsPage);
			}
			else
				owner.ShowMessage(Response, "No Privileges", "You do not have the privileges to modify this admin");
		}
		else
			owner.ShowMessage(Response, "Unknown Admin", "The admin you have selected does not exist!");
	}
	else
		owner.AccessDenied(Response);
}

function QueryUsersMGroupsPage(WebRequest Request, WebResponse Response)
{
local TribesAdminUser		User;
local TribesAdminGroupList	Groups;
local TribesAdminGroup		Group;
local StringArray	  GrpNames;
local string GroupRows, GrpName, Str;
local int i;
local bool bModify, bChecked;

	if (owner.CanPerform("Am"))
	{

		User = owner.Level.Game.AccessControl.Users.FindByName(Request.GetVariable("edit"));
		if (User != None)
		{
			if (owner.CurAdmin.CanManageUser(User))
			{
				if (owner.CurAdmin.bMasterAdmin)
					Groups = owner.Level.Game.AccessControl.Groups;
				else
					Groups = owner.CurAdmin.ManagedGroups;
				
				// Work with a table of checkboxes now
				GroupRows = "";
				bModify = (Request.GetVariable("submit") != "");

				// Make a sorted list of Groups
				GrpNames = new(None)class'SortedStringArray';
				for (i=0; i<Groups.Count(); i++)
					GrpNames.Add(Groups.Get(i).GroupName, Groups.Get(i).GroupName);

				for (i=0; i<GrpNames.Count(); i++)
				{
					GrpName = GrpNames.GetItem(i);
					Group = Groups.FindByName(GrpName);
					bChecked = Request.GetVariable(GrpName) != "";

					if (bModify)
					{
						if (User.Groups.Contains(Group))
						{
							if (!bChecked)	// Remove the user from the group
								User.RemoveGroup(Group);
						}
						else
						{
							if (bChecked)
								User.AddGroup(Group);
						}
					}
					Response.Subst("GroupName", GrpName);

					Str = "";
					if (User.Groups.Contains(Group))
						Str = " checked";
					Response.Subst("Checked", Str);
					GroupRows = GroupRows$owner.WebInclude("users_groups_row");
				}

				if (bModify)
					owner.Level.Game.AccessControl.SaveAdmins();

				// Now just build up the page as a table with checkboxes
				Response.Subst("Managed", "Managed ");
				Response.Subst("NameValue", owner.HtmlEncode(User.UserName));
				Response.Subst("GroupRows", GroupRows);
				Response.Subst("PostAction", UsersMGroupsPage);
				Response.Subst("Section", "Manage Groups For "$owner.HtmlEncode(User.UserName));
				Response.Subst("PageHelp", NoteMGroupAccessPage);
				owner.ShowPage(Response, UsersGroupsPage);
			}
			else
				owner.ShowMessage(Response, "No Privileges", "You do not have the privileges to modify this admin");
		}
		else
			owner.ShowMessage(Response, "Unknown Admin", "The admin you have selected does not exist!");
	}
	else
		owner.AccessDenied(Response);
}

function QueryGroupsBrowsePage(WebRequest Request, WebResponse Response)
{
local TribesAdminGroup Group;

	if (owner.CanPerform("Gl|Ge"))
	{
		Response.Subst("Section", "Browse Available Groups");
		if (Request.GetVariable("delete") != "")
		{
			// Delete specified Admin Group	
			Group = owner.Level.Game.AccessControl.Groups.FindByName(Request.GetVariable("delete"));
			if (Group != None)
			{
				if (owner.CurAdmin.CanManageGroup(Group))
				{
					owner.StatusOk(Response, "Group '"$owner.HtmlEncode(Group.GroupName)$"' was removed!");
					Group.UnlinkUsers();
					owner.Level.Game.AccessControl.Groups.Remove(Group);
					owner.Level.Game.AccessControl.SaveAdmins();
				}
				else
					owner.StatusError(Response, "Your privileges prevent you from delete this group");
			}
			else
				owner.StatusError(Response, "Invalid group name specified");
		}
		Response.Subst("BrowseList", GetGroupsForBrowse(Response));
		Response.Subst("PageHelp", NoteGroupsBrowsePage);
		owner.ShowPage(Response, GroupsBrowsePage);
	}
	else
		owner.AccessDenied(Response);
}

function QueryGroupsAddPage(WebRequest Request, WebResponse Response)
{
local TribesAdminGroup Group;
local string gname, gprivs, ErrMsg;
local int gsec;

	if (owner.CanPerform("Ga"))
	{
		if (Request.GetVariable("addnew") != "")
		{
			// Humm .. AddNew
			gname = Request.GetVariable("GroupName");
			gprivs = FixPrivs(Request, "");
			gsec = int(Request.GetVariable("GameSec"));
			
			if (!class'TribesAdminGroup'.static.ValidName(gname))
				ErrMsg = "Group name contains invalid characters";
			else if (owner.Level.Game.AccessControl.Groups.FindByName(gname) != None)
				ErrMsg = "Group name already used!";
			else if (gsec < 0)
				ErrMsg = "Negative security level is invalid";
			else if (gsec > owner.CurAdmin.MaxSecLevel())
				ErrMsg = "You cannot assign a security level higher than yours";
		
			Response.Subst("NameValue", owner.HtmlEncode(gname));
			Response.Subst("PrivTable", GetPrivsTable(gprivs));
			Response.Subst("GameSecValue", string(gsec));

			if (ErrMsg == "")
			{
				// All settings are fine, create the new Group.
				Group = owner.Level.Game.AccessControl.Groups.CreateGroup(gname, gprivs, byte(gsec));
				if (Group != None)
				{
					owner.CurAdmin.AddManagedGroup(Group);
					owner.Level.Game.AccessControl.Groups.Add(Group);
					owner.Level.Game.AccessControl.SaveAdmins();
				}
				else
					ErrMsg = "Exceptional error creating the new group";
			}
			
			if (ErrMsg != "")
				owner.StatusError(Response, ErrMsg);
		}
		else
			Response.Subst("PrivTable", GetPrivsTable(""));
		
		if (Group != None)
		{
			Response.Subst("PostAction", GroupsEditPage);
			Response.Subst("SubmitName", "mod");
			Response.Subst("SubmitValue", "Modify Group");
			Response.Subst("PageHelp", NoteGroupEditPage);
			Response.Subst("Section", "Modify an Administration Group");
		}
		else
		{
			Response.Subst("PostAction", GroupsAddPage);
			Response.Subst("SubmitName", "addnew");
			Response.Subst("SubmitValue", "Add Group");
			Response.Subst("Section", "Add New Administration Group");
			Response.Subst("PageHelp", NoteGroupAddPage);
		}
		owner.ShowPage(Response, GroupsEditPage);
	}
	else
		owner.AccessDenied(Response);
}

function QueryGroupsEditPage(WebRequest Request, WebResponse Response)
{
local TribesAdminGroup Group;
local string ErrMsg, gname, gprivs;
local int gsec;

	if (owner.CanPerform("Gm"))
	{
		Response.Subst("Section", "Modify an Administration Group");

		Group = owner.Level.Game.AccessControl.Groups.FindByName(Request.GetVariable("edit"));
		if (Group != None)		// Do not let admins fake the system.
		{
			if (owner.CurAdmin.CanManageGroup(Group))
			{
				if (Request.GetVariable("mod") != "")
				{
					// Save the changes
					gname = Request.GetVariable("GroupName");
					gprivs = FixPrivs(Request, Group.Privileges);
					gsec = Clamp(int(Request.GetVariable("GameSec")), 0, 255);
					if (gname != Group.GroupName)
					{
						if (Group.ValidName(gname))
						{
							if (owner.Level.Game.AccessControl.Groups.FindByName(gname) == None)
								Group.GroupName = gname;
							else
								ErrMsg = "Group name already used!";
						}
						else
							ErrMsg = "Invalid characters in new group name";
					}

					if (ErrMsg == "")
					{
						if (gprivs != Group.Privileges)
							Group.SetPrivs(gprivs);

						Group.GameSecLevel = gsec;
						owner.Level.Game.AccessControl.SaveAdmins();
					}
				}
			
				if (ErrMsg != "")
					owner.StatusError(Response, ErrMsg);
			
				Response.Subst("NameValue", owner.HtmlEncode(Group.GroupName));
				Response.Subst("PrivTable", GetPrivsTable(Group.Privileges));
				Response.Subst("GameSecValue", string(Group.GameSecLevel));
				Response.Subst("PostAction", GroupsEditPage);
				Response.Subst("SubmitName", "mod");
				Response.Subst("SubmitValue", "Modify Group");
				Response.Subst("PageHelp", NoteGroupEditPage);
				owner.ShowPage(Response, GroupsEditPage);
			}
			else
				owner.ShowMessage(Response, "No Privileges", "You do not have the privileges to modify this group");
		}
		else
			owner.ShowMessage(Response, "Unknown Group", "The group you selected does not exist!");
	}
	else
		owner.AccessDenied(Response);
}

// Must not forget to show only the Users from groups that the admin can manage
function string GetUsersForBrowse(WebResponse Response)
{
local ObjectArray	Users;
local TribesAdminUser	User;
local string OutStr;
local int i;
local bool CanDelete;

	CanDelete = owner.CanPerform("Aa");
	Users = ManagedUsers();

	// Now, just make the users list a bunch of Rows
	if (Users.Count() == 0)
		return "<tr><td>** There are no admins to list **</td></tr>";


	OutStr = "<tr><td>Name</td><td>Privileges</td>";
	if (CanDelete)
		OutStr = OutStr$"<td> </td>";
	OutStr = OutStr$"</tr>";

	for (i = 0; i<Users.Count(); i++)
	{
		User = TribesAdminUser(Users.GetItem(i));
		
		Response.Subst("Username", owner.Hyperlink(UsersEditPage$"?edit="$owner.HtmlEncode(User.UserName), owner.HtmlEncode(User.UserName), owner.CanPerform("Ae|Aa")));
		Response.Subst("Privileges", User.Privileges);
		Response.Subst("Groups", "");
		Response.Subst("Managed", "");
		Response.Subst("Delete", "");
		// Build 1 Group Row
		if (owner.CanPerform("Ag"))
			Response.Subst("Groups", owner.Hyperlink(UsersGroupsPage$"?edit="$owner.HtmlEncode(User.UserName),"Groups", true));
		if (owner.CanPerform("Am"))
			Response.Subst("Managed", owner.Hyperlink(UsersMGroupsPage$"?edit="$owner.HtmlEncode(User.UserName),"Managed Groups", true));
		if (CanDelete)
			Response.Subst("Delete", owner.Hyperlink(UsersBrowsePage$"?delete="$owner.HtmlEncode(User.UserName), "Delete", true));

		OutStr = OutStr$Response.LoadParsedUHTM(owner.Path$"/users_row.inc");
	}
	return OutStr;
}

// Must not forget to show only the Groups that the admin can add users to
function string GetGroupsForBrowse(WebResponse Response)
{
local TribesAdminGroup	Group;
local TribesAdminGroupList Groups;
local string OutStr;
local int i;
local bool CanDelete, CanEdit;

	CanDelete = owner.CanPerform("Gd");
	CanEdit = owner.CanPerform("Ge");

	if (owner.CurAdmin.bMasterAdmin)
		Groups = owner.Level.Game.AccessControl.Groups;
	else
		Groups = owner.CurAdmin.ManagedGroups;

	if (Groups.Count() == 0)
		return "<tr><td>** There are no groups to list **</td></tr>";

	OutStr = "<tr><td>Name</td><td>Privileges</td><td>Game Sec Lvl</td>"$owner.StringIf(CanDelete,"<td> </td>","")$"</tr>";
	for (i=0; i<Groups.Count(); i++)
	{
		Group = Groups.Get(i);
		// Build 1 Group Row
		Response.Subst("Groupname", owner.Hyperlink(GroupsEditPage$"?edit="$owner.HtmlEncode(Group.GroupName),owner.HtmlEncode(Group.GroupName),true));
		Response.Subst("Privileges", Group.Privileges);
		Response.Subst("Gamesec", string(Group.GameSecLevel));
		Response.Subst("Delete", "");
		if (CanDelete)
		  Response.Subst("Delete", owner.Hyperlink(GroupsBrowsePage$"?delete="$owner.HtmlEncode(Group.GroupName), "Delete", true));

        OutStr = OutStr$Response.LoadParsedUHTM(owner.Path$"/groups_row.inc");
	}
	return OutStr;
}

function string GetPrivsHeader(string privs, string text, bool cond, string tag)
{
local string headfile;

	headfile="/privs_header.inc";
	if (cond)
		headfile="/privs_header_chk.inc";

	owner.Resp.Subst("Tag", tag);
	owner.Resp.Subst("Checked", owner.StringIf(Instr("|"$privs$"|", "|"$tag$"|") != -1, " checked", ""));
	owner.Resp.Subst("Text", text);

	return owner.Resp.LoadParsedUHTM(owner.Path$headfile);
}

function string GetPrivsItem(string privs, string text, bool cond, string tag, optional bool bReadOnly)
{
	if (!cond)
		return "";
	
	owner.Resp.Subst("Tag", tag);
	owner.Resp.Subst("Text", text);
	owner.Resp.Subst("Checked", owner.StringIf(Instr("|"$privs$"|", "|"$tag$"|") != -1, " checked", ""));

	if (bReadOnly)
		return owner.Resp.LoadParsedUHTM(owner.Path$"/privs_element_ro.inc");

	return owner.Resp.LoadParsedUHTM(owner.Path$"/privs_element.inc");
}

function ObjectArray ManagedUsers()
{
local ObjectArray Users;
local int i, j;
local TribesAdminGroup Group;
local TribesAdminUser User;
local TribesAdminGroupList Groups;

	Users = New(None) class'SortedObjectArray';	
	
	if (owner.CurAdmin.bMasterAdmin)
		Groups = owner.Level.Game.AccessControl.Groups;
	else
		Groups = owner.CurAdmin.ManagedGroups;
	
	for (i=0; i<Groups.Count(); i++)
	{
		Group = Groups.Get(i);
		for (j=0; j<Group.Users.Count(); j++)
		{
			User = Group.Users.Get(j);
			if (Users.FindTagId(User.UserName) < 0)
				Users.Add(User, User.UserName);
		}
	}
	return Users;
}

function string MakePrivsTable(TribesPrivilegeBase PM, string privs, bool bNoEdit)
{
local int pi, colcnt, maxcols;
local string mprivs, sprivs, mpriv, priv, OutStr;
local bool   bCan, bCanPriv, bCanEdit;

	mprivs=PM.MainPrivs;
	OutStr = "";
	pi = 0;
	maxcols=3;
	while (mprivs != "")
	{
		// Step 1: Check for a main priv type if the Manager can process anything
		mpriv = owner.NextPriv(mprivs);
		bCan = owner.CanPerform(mpriv);
		// If cant manage the whole group, check individually
		if (!bCan)
		{
			sprivs=PM.SubPrivs;
			while (!bCan && sprivs != "")
			{
				priv = owner.NextPriv(sprivs);
				if (Left(priv,1) == mpriv)
					bCan = owner.CanPerform(priv);
			}
		}

		// If we could manage anything, lets make checkboxes for them
		bCanEdit = false;
		if (!bNoEdit)
			bCanEdit = owner.CanPerform(mpriv);

		if (bCan)
			OutStr = OutStr$GetPrivsHeader(privs, PM.Tags[pi], bCanEdit, mpriv)$"<table><tr>";
			
		pi++;
		
		sprivs = PM.SubPrivs;
		colcnt = 0;

		while (sprivs != "")
		{
			priv = owner.NextPriv(sprivs);
			bCanPriv = owner.CanPerform(priv);

			if (bNoEdit)
				bCanEdit = false;
			else
				bCanEdit = bCanPriv;

			if (Left(priv,1) == mpriv)
			{
				if (bCan && bCanPriv)
				{
					colcnt++;
					if (colcnt > maxcols)
					{
						colcnt -= maxcols;
						OutStr = OutStr$"</tr><tr>";
					}

					OutStr = OutStr$GetPrivsItem(privs, PM.Tags[pi], true, priv, !bCanEdit);
				}

				pi++;
			}
		}
		if (bCan)
			OutStr = OutStr$"</tr></table>";
	}
	return OutStr;
}

function string GetPrivsTable(string privs, optional bool bNoEdit)
{
local string str;
local int i;

	// Start by getting all rows for known privilege groups
	str = "";
	for (i=0; i<owner.Level.Game.AccessControl.PrivManagers.Length; i++)
		str = str$MakePrivsTable(owner.Level.Game.AccessControl.PrivManagers[i], privs, bNoEdit);

	if (str == "")
		str = "You cannot assign privileges";
	return str;
}

function string FixPrivs(WebRequest Request, string oldprivs)
{
local string privs, myprivs, priv;

	if (owner.CurAdmin.bMasterAdmin)
		myprivs = owner.Level.Game.AccessControl.AllPrivs;
	else
		myprivs = owner.CurAdmin.MergedPrivs;

	// Before starting, remove privs i can manage
	privs = "";
	while (oldprivs != "")
	{
		priv = owner.NextPriv(oldprivs);
		if (Instr("|"$myprivs$"|", "|"$priv$"|") == -1)
		{
			if (privs == "")
				privs = priv;
			else
				privs = privs$"|"$priv;
		}
	}		
	
	while (myprivs != "")
	{
		priv = owner.NextPriv(myprivs);
		if (Request.GetVariable(priv) != "")
		{
			if (privs == "")
				privs = priv;
			else
				privs = privs$"|"$priv;
		}
	}
	return privs;
}

function string GetGroupOptions(TribesAdminGroupList Groups, string grpsel)
{
local int i;
local string OutStr, GrpName;
local StringArray	  GrpNames;

	if (Groups.Count() == 0)
		return "<option value=\"\">*** None ***</option>";

	// Step 1: Sort the groups
	GrpNames = new(None) class'SortedStringArray';
	for (i=0; i<Groups.Count(); i++)
		GrpNames.Add(Groups.Get(i).GroupName, Groups.Get(i).GroupName);

	if (GrpNames.Count() == 0)
		return "<option value=\"\">*** None ***</option>";
		
	// Step 2: Build the group list
	OutStr = "";
	for (i=0; i<GrpNames.Count(); i++)
	{
		GrpName = GrpNames.GetItem(i);
		OutStr = OutStr$"<option value='"$GrpName$"'";
		if (GrpName == grpsel)
			OutStr = OutStr$" selected";
		OutStr = OutStr$">"$owner.HtmlEncode(GrpName)$"</option>";
	}
	return OutStr;
}

defaultproperties
{
	Title="Admins & Groups"
	DefaultPage="adminsframe"
	AdminsIndexPage="admins_menu"
	UsersHomePage="admins_home"
	UsersAccountPage="admins_account"
	UsersAddPage="users_add"
	UsersBrowsePage="users_browse"
	UsersEditPage="users_edit"
	UsersGroupsPage="users_groups"
	UsersMGroupsPage="users_mgroups"
	GroupsAddPage="groups_add"
	GroupsBrowsePage="groups_browse"
	GroupsEditPage="groups_edit"

	NoteUserHomePage="Welcome to Admins & Groups Management"
	NoteAccountPage="Here you can change your password if required. You can also see which privileges were assigned to you by your manager."
	NoteUserAddPage="As an Admin of this server you can add new Admins and give them privileges. Make sure that the password assigned to the new Admin is not easy to hack."
	NoteUserEditPage="As an Admin of this server you can modify informations and privileges for another Admin that you can Manage."
	NoteUsersBrowsePage="Here you can see other Admins that you can manage and modify their privilege and groups assignment."
	NoteGroupAddPage="You can create new groups which will have a common set of privileges. Groups are used to give the same privileges to multiple Admins."
	NoteGroupEditPage="You can modify which privileges were assigned to this group. Note that you can only change privileges that you have yourself."
	NoteGroupsBrowsePage="Here you can see all the groups that you can manage, click on a group name to modify it."
	NoteGroupAccessPage="Here you can decide in which groups the selected admin will be part of. This will decide which base privileges this admin will have."
	NoteMGroupAccessPage="Here you can decide which groups this admin will be able to manage. He will be able to assign other admins to this group."
}

Overview Package Class Source Class tree Glossary
previous class      next class frames      no frames
Class file time: ne 5.9.2004 15:53:58.000 - Creation time: st 23.5.2018 00:10:49.116 - Created with UnCodeX