<?php
// $Id$

/**
 * @file
 * Navigate Permissions Framework
 */

function _navigate_permissions() {
  $defaults = array(
    'settings',
    'view',
    'widget add',
    'widget title',
  );
  $permissions = array(
    'navigate' => array_merge($defaults, array(
      '#title' => 'Navigate',
      'administer',
      'widget remove',
      'widget sort',
    ))
  );
  $hook = 'navigate_permissions';
  foreach (module_implements($hook) as $module) {
    $function = $module . '_' . $hook;
    $plugin_permission = (array) $function();
    foreach ($plugin_permission as $plugin => $perms) {
      $plugin_permission[$plugin] = array_merge($defaults, $perms);
      $function = $module .'_navigate_plugin';
      if (function_exists($function)) {
        $settings = $function('settings');
        if (empty($settings)) unset($plugin_permission[$plugin][array_search('settings', $plugin_permission[$plugin])]);
      }
    }
    $permissions = array_merge_recursive_distinct($permissions, $plugin_permission);
  }
  return $permissions;
}

/**
 * Defines user permission settings form
 */
function navigate_permission_settings($form_state) {
  drupal_set_title(t('Navigate Permissions'));
  navigate_add_js('navigate.admin.js');
  navigate_add_css('navigate.admin.css');
  $form = array();
  $form['permission'] = array(
    '#type'         => 'fieldset',
    '#title'        => t('Role and user permission rules'),
    '#collapsible'  => TRUE,
    '#description'  => t('Navigate takes permissions a step further by allowing weighted permission rules for roles and users. You may sort your rules by dragging them up and down in the table. Access is determined from top to bottom. To add a new rule, click: <a href="@rule">Add Permission Rule</a>.', array( '@rule' => url('admin/user/permissions/navigate/rule'))),
  );
  $form['permission']['rules'] = array(
    '#tree'         => TRUE,
  );  
  // Load permission rules
  $rule_count = db_result(db_query('SELECT COUNT(*) FROM {navigate_permissions}'));
  $query = db_query('SELECT * FROM {navigate_permissions} ORDER BY weight ASC');
  while ($rule = db_fetch_object($query)) {
    $form['permission']['rules'][$rule->rid]['status'] = array(
      '#type'     => 'checkbox',
      '#title'    => $rule->name,
      '#default_value'    => $rule->status,
    );
    $form['permission']['rules'][$rule->rid]['ids'] = array(
      '#value'    => $rule->ids,
    );
    $form['permission']['rules'][$rule->rid]['type'] = array(
      '#value'    => $rule->type,
    );
    $form['permission']['rules'][$rule->rid]['weight'] = array(
      '#type'               => 'weight',
      '#delta'              => $rule_count,
      '#default_value'      => $rule->weight,
      '#attributes'         => array('class' => 'weight'),
    );
  }  
  $form['buttons']['submit'] = array('#type' => 'submit', '#value' => t('Save configuration') );
  $form['buttons']['reset'] = array('#type' => 'submit', '#value' => t('Reset to defaults') );
  return $form;
}

function navigate_permission_settings_submit($form, &$form_state) {
  $values = $form_state['values'];
  $rule = new StdClass;
  switch ($form_state['clicked_button']['#value']) {
    case 'Save configuration':
      foreach ($values['rules'] as $rid => $value) {
        $rule->rid = $rid;
        $rule->status = $value['status'];
        $rule->weight = $value['weight'];
        drupal_write_record('navigate_permissions', $rule, 'rid');
      }
      drupal_set_message(t('Navigate settings have been saved.'));
      break;
    case 'Reset to defaults':
      drupal_set_message(t('Navigate settings have been reset.'));
      $values['visibility'] = 0;
      $values['pages'] = '*imce*';
      break;
  }
  navigate_settings_set('visibility', $values['visibility'], FALSE);
  navigate_settings_set('pages', $values['pages']);
}


function navigate_permission_rule($form_state, $op = 'add', $rule = FALSE) {
  navigate_add_js('jquery.tokeninput.js');
  navigate_add_js('navigate.admin.js');
  navigate_add_css('navigate.admin.css');
  $form = array();
  $form['#op'] = $op;
  if ($rule) {
    $rid = arg(5);
    $form['#rid'] = $rid;
    $rule->permissions = unserialize($rule->permissions);
  }
  switch ($op) {    
    // Delete
    case 'delete':
      if (!$rule) {
        drupal_set_title(t('Invalid Navigate Permission Rule'));
        return array('#op' => 'error', 'error' => array('#value' => t('Sorry, the permission rule you are trying to delete does not exist.')));
      }
      drupal_set_title(t('Delete Navigate Permission Rule'));
      $form['#rule'] = $rule;
      $form = confirm_form($form,
                      t('Are you sure you want to delete the permission rule "@name"?', array('@name' => $rule->name)),
                      'admin/user/permissions/navigate',
                      t('This action cannot be undone.'),
                      t('Delete'),
                      t('Cancel'));
      break;
    // View
    case 'view':
      $form['ids'] = array(
        '#value' => $rule['match'],
      );
      $form['permissions'] = array(
        '#value' => $rule['type'],
      );
      break;
    // Add / Edit
    default:
      if (!$rule && $op == 'edit') {
        drupal_set_title(t('Invalid Navigate Permission Rule'));
        return array('#op' => 'error', 'error' => array('#value' => t('Sorry, the permission rule you are trying to edit does not exist.')));
      }
      if ($op == 'add') {
        drupal_set_title(t('Add Navigate Permission Rule'));
      }
      else {
        drupal_set_title(t('Edit Navigate Permission Rule'));
      }
      $form['name'] = array(
       '#type' => 'textfield',
       '#title' => t('Rule name'),
       '#required' => TRUE,
       '#description' => t('A descriptive name to identify this rule.'),
       '#default_value' => $rule->name ? $rule->name : '',
      );
      $form['type'] = array(
        '#title' => t('Type'),
        '#type'   => 'radios',
        '#description' => t('<br /><strong>REMEMBER:</strong> Permissions are weighted. If a user or role permission is previously set by another rule, this rule<br />will override those permissions already in place. This is prevalent when setting "custom" permissions. Keep in<br />mind that any unchecked permissions will deny privileges to any users or roles defined below.'),
        '#default_value' => $rule->type ? $rule->type : 'all',
        '#options' => array('all' => t('All Permissions'), 'none' => t('No Permissions'), 'custom' => t('Custom Permissions')),
      );
      $form['permissions'] = array(
        '#type'   => 'navigate_fieldset',
        '#title'  => t('Permissions'),
        '#collapsible' => TRUE,
        '#collapsed' => isset($rule->type) && $rule->type == 'custom' ? FALSE : TRUE,
        '#tree' => TRUE,
        '#value' => _navigate_permissions(),
      );
      foreach($form['permissions']['#value'] as $plugin => $permissions) {
        foreach($permissions as $key => $permission) {
          // Ignore form theming entries
          if ($key[0] == '#') {
            continue;
          }
          $form['permissions'][$plugin . ':' . str_replace(' ', '_', $permission)] = array(
            '#type' => 'checkbox',
            '#default_value' => isset($rule->permissions[$plugin . ':' . str_replace(' ', '_', $permission)]) ? $rule->permissions[$plugin . ':' . str_replace(' ', '_', $permission)] : 0,
          );
        }
      }
      // AJAX part of form needs to be after radios for Firefox to refresh properly.
      // see:   http://www.ryancramer.com/journal/entries/radio_buttons_firefox/
      $form['ids'] = array(
       '#type' => 'textarea',
       '#title' => t('Roles and users'),
       '#description' => t('Roles are always processed before users.'),
       '#default_value' => $rule->ids ? $rule->ids : '',
      );
      $form['save'] = array(
        '#type' => 'submit',
        '#value' => 'Save Rule',
        '#suffix' => ' ' . t('<a href="@cancel">Cancel</a>', array('@cancel' => url('admin/user/permissions/navigate'))),
      );
      break;
  }
  return $form;
}

function navigate_permission_rule_validate($form, &$form_state) {
  $op = $form['#op'];
  if ($op == 'edit' || $op == 'add') {
    if (empty($form_state['values']['ids'])) {
      form_set_error('ids', t('You must specify at least one user or role.'));
    }
    if ($form_state['values']['type'] == 'custom') {
      $checked = FALSE;
      foreach($form_state['values']['permissions'] as $value) {
        if ($value) {
          $checked = TRUE;
          break;
        }
      }
      if (!$checked) {
        form_set_error('permissions', t('Custom permissions selected. You must specify at least one permission.'));
      }
    }
  }
}

function navigate_permission_rule_submit($form, &$form_state) {
  $op = $form['#op'];
  $rid = $form['#rid'];
  $values = $form_state['values'];
  switch ($op) {
    case 'delete':
      db_query('DELETE FROM {navigate_permissions} WHERE rid = %d', $rid);
      drupal_set_message(t('Navigate permission rule "@name" has been deleted.', array('@name' => $form['#rule']->name)));
      break;
    // Add/Edit
    default:
      $rule = new StdClass;
      $rule->rid = $rid;
      $rule->name = $values['name'];
      $rule->ids = $values['ids'];
      $rule->type = $values['type'];
      if ($values['type'] == 'custom') {
        $rule->permissions = $values['permissions'];
      }
      $result = drupal_write_record('navigate_permissions', $rule, $op == 'add' ? array() : 'rid');
      if ($result) {
        $action = $op == 'add' ? 'added' : 'updated';
        drupal_set_message(t('Navigate permission rule "@name" has been @action.', array('@name' => $rule->name, '@action' => $action)));
      }
      else {
        $action = $op == 'add' ? 'adding' : 'updating';
        drupal_set_message(t('There was an unknown problem @action Navigate permission rule "@name".', array('@name' => $rule->name, '@action' => $action)), 'error');
      }
      break;
  }
  $form_state['redirect'] = 'admin/user/permissions/navigate';
}