Added data officer role

Signed-off-by: Janos SUTO <sj@acts.hu>

config.php.in

@@ -160,7 +160,7 @@ $config['PASSWORD_CHANGE_ENABLED'] = 0;
 $config['ENABLE_STATISTICS'] = 1;
 $config['ENABLE_HISTORY'] = 1;
 $config['ENABLE_DELETE'] = 0;
-$config['AUTHORIZE_DELETE'] = 0;
+$config['NEED_TO_APPROVE_DELETE'] = 0;
 $config['ENABLE_REMOTE_IMAGES'] = '0';
 $config['ENABLE_ON_THE_FLY_VERIFICATION'] = 0;
 $config['ENABLE_LDAP_IMPORT_FEATURE'] = 0;

util/db-mysql.sql

@@ -472,11 +472,12 @@ create table if not exists `timestamp` (
 
 
 create table if not exists `deleted` (
-  `id` bigint unsigned not null auto_increment,
+  `id` bigint unsigned not null unique,
   `email` varchar(128) not null,
   `reason` varchar(128) not null,
-  `date1` int unsigned not null,
-  `date2` int unsigned not null,
+  `date1` int unsigned default 0,
+  `date2` int unsigned default 0,
   `deleted` tinyint(1) default 0,
-  primary key (`id`)
+  key (`id`),
+  key (deleted)
 ) Engine=InnoDB;

webui/controller/audit/removal.php

@@ -0,0 +1,26 @@
+<?php
+
+
+class ControllerAuditRemoval extends Controller {
+
+   public function index(){
+
+      $this->id = "content";
+      $this->template = "audit/removal.tpl";
+      $this->layout = "common/layout-audit";
+
+      $request = Registry::get('request');
+      $db = Registry::get('db');
+
+      $this->load->model('audit/removal');
+
+      if(Registry::get('admin_user') == 0 && Registry::get('auditor_user') == 0) {
+         die("go away");
+      }
+
+      $this->data['data'] = $this->model_audit_removal->get_pending_removals();
+
+      $this->render();
+   }
+
+}

webui/controller/message/bulkremove.php

@@ -33,10 +33,16 @@ class ControllerMessageBulkremove extends Controller {
          die("go away");
       }
 
-      foreach($idlist as $id) {
-         $db->query("INSERT INTO " . TABLE_DELETED . " (id, email, reason, date1) VALUES(?,?,?,?)", [$id, $this->data['username'], $this->request->post['reason'], NOW]);
+      if(NEED_TO_APPROVE_DELETE) {
+         $deleted = 0;
+      } else {
+         $deleted = 1;
+      }
 
-         if(AUTHORIZE_DELETE) {
+      foreach($idlist as $id) {
+         $db->query("INSERT INTO " . TABLE_DELETED . " (id, email, reason, date1, deleted) VALUES(?,?,?,?,?)", [$id, $this->data['username'], $this->request->post['reason'], NOW, $deleted]);
+
+         if(NEED_TO_APPROVE_DELETE) {
             AUDIT(ACTION_MARK_MESSAGE_FOR_REMOVAL, '', '', $id, '');
             syslog(LOG_INFO, $this->data['username'] . " marked message for removal: $id");
          } else {

webui/index.php

@@ -31,6 +31,7 @@ Registry::set('username', getAuthenticatedUsername());
 Registry::set('admin_user', isAdminUser());
 Registry::set('auditor_user', isAuditorUser());
 Registry::set('readonly_admin', isReadonlyAdmin());
+Registry::set('data_officer', isDataOfficer());
 
 
 $db = new DB(DB_DRIVER, DB_HOSTNAME, DB_USERNAME, DB_PASSWORD, DB_DATABASE, DB_PREFIX);

webui/language/cz/messages.php

@@ -481,4 +481,7 @@ $_['text_with_selected'] = 'S označenými';
 
 $_['text_compliance_warning'] = 'The delete feature is enabled, therefore the archive is NOT compliant!';
 $_['text_private'] = "Private";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/language/de/messages.php

@@ -488,4 +488,7 @@ $_['text_compliance_warning'] = 'Die Löschfunktion ist aktiviert, aus diesem Gr
 $_['text_folder_rules'] = "Verzeichnisregeln";
 $_['text_private'] = "Privat";
 
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/language/en/messages.php

@@ -79,7 +79,8 @@ $_['text_deferred_queue'] = "deferred queue";
 $_['text_deferred_queue_sender'] = "deferred queue vs. sender";
 $_['text_delay'] = "Delay";
 $_['text_delete_confirm_message'] = "Do you wish to delete";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_deleted'] = "Deleted";
 $_['text_deleted_users'] = "deleted";
 $_['text_deliver'] = "Deliver";
 $_['text_delivered'] = "Delivered";
@@ -228,6 +229,7 @@ $_['text_monitor'] = "Monitor";
 $_['text_months'] = "months";
 $_['text_monthly_report'] = "Monthly report";
 
+$_['text_need_to_approve_removal'] = "Need to approve removal";
 $_['text_new'] = "new";
 $_['text_new_users'] = "new";
 $_['text_next'] = "Next";
@@ -384,6 +386,7 @@ $_['text_user'] = "User";
 $_['text_users'] = "Users";
 $_['text_user_id'] = "User id";
 $_['text_user_auditor'] = "Auditor";
+$_['text_user_data_officer'] = "Data officer";
 $_['text_user_domainadmin'] = "Domain admin";
 $_['text_user_management'] = "User management";
 $_['text_user_masteradmin'] = "Master admin";

webui/language/es/messages.php

@@ -486,4 +486,7 @@ $_['text_legal_hold'] = "Legal hold";
 $_['text_compliance_warning'] = 'The delete feature is enabled, therefore the archive is NOT compliant!';
 $_['text_folder_rules'] = "Folder rules";
 $_['text_private'] = "Private";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/language/fr/messages.php

@@ -483,4 +483,7 @@ $_['text_legal_hold'] = "Legal hold";
 $_['text_compliance_warning'] = 'The delete feature is enabled, therefore the archive is NOT compliant!';
 $_['text_folder_rules'] = "Folder rules";
 $_['text_private'] = "Private";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/language/hu/messages.php

@@ -80,6 +80,7 @@ $_['text_deferred_queue_sender'] = "későbbi kiküldésre váró üzenetsor (fe
 $_['text_delay'] = "Késleltetés";
 $_['text_delete_confirm_message'] = "Törölni akarja";
 $_['text_delete_reason'] = "Törlés oka";
+$_['text_deleted'] = "Törölt";
 $_['text_deleted_users'] = "törölt";
 $_['text_deliver'] = "Kézbesítés";
 $_['text_delivered'] = "Kézbesített";
@@ -229,6 +230,7 @@ $_['text_monitor'] = "Monitor";
 $_['text_months'] = "hónap";
 $_['text_monthly_report'] = "Havi jelentés";
 
+$_['text_need_to_approve_removal'] = "Jóvá kell hagyatni a törlést";
 $_['text_new'] = "új";
 $_['text_new_users'] = "új";
 $_['text_next'] = "Következő";
@@ -386,6 +388,7 @@ $_['text_user'] = "Felhasználó";
 $_['text_users'] = "Felhasználók";
 $_['text_user_id'] = "Felhasználó azonosító";
 $_['text_user_auditor'] = "Auditor";
+$_['text_user_data_officer'] = "Adatvédelmi biztos";
 $_['text_user_domainadmin'] = "Domain admin";
 $_['text_user_management'] = "Felhasználók";
 $_['text_user_masteradmin'] = "Mester admin";

webui/language/pl/messages.php

@@ -483,4 +483,7 @@ $_['text_with_selected'] = 'wraz z zaznaczonymi';
 $_['text_compliance_warning'] = 'The delete feature is enabled, therefore the archive is NOT compliant!';
 $_['text_folder_rules'] = "Folder rules";
 $_['text_private'] = "Private";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/language/pt/messages.php

@@ -476,4 +476,7 @@ $_['text_legal_hold'] = "Legal hold";
 $_['text_compliance_warning'] = 'The delete feature is enabled, therefore the archive is NOT compliant!';
 $_['text_folder_rules'] = "Folder rules";
 $_['text_private'] = "Private";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/language/ru/messages.php

@@ -484,4 +484,7 @@ $_['text_legal_hold'] = "Legal hold";
 $_['text_compliance_warning'] = 'The delete feature is enabled, therefore the archive is NOT compliant!';
 $_['text_folder_rules'] = "Folder rules";
 $_['text_private'] = "Private";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/language/tr/messages.php

@@ -484,4 +484,7 @@ $_['text_legal_hold'] = "Legal hold";
 $_['text_compliance_warning'] = 'The delete feature is enabled, therefore the archive is NOT compliant!';
 $_['text_folder_rules'] = "Folder rules";
 $_['text_private'] = "Private";
-$_['text_delete_reason'] = "Delete reason";
+$_['text_delete_reason'] = "Reason of removal";
+$_['text_need_to_approve_removal'] = "Need to approve removal";
+$_['text_deleted'] = "Deleted";
+$_['text_user_data_officer'] = "Data officer";

webui/model/audit/removal.php

@@ -0,0 +1,16 @@
+<?php
+
+class ModelAuditRemoval extends Model {
+
+   public function get_pending_removals($page_len = 0) {
+      $limit = '';
+      $from = (int)$page * (int)$page_len;
+
+      if($page_len > 0) { $limit = " LIMIT " . (int)$from . ", " . (int)$page_len; }
+
+      $query = $this->db->query("SELECT * FROM " . TABLE_DELETED . " WHERE deleted=0 ORDER BY date1 DESC $limit");
+      
+      return $query->rows;
+   }
+
+}

webui/system/misc.php

@@ -77,6 +77,14 @@ function isReadonlyAdmin() {
    return 0;
 }
 
+function isDataOfficer() {
+   $session = Registry::get('session');
+
+   if($session->get("admin_user") == 4){ return 1; }
+
+   return 0;
+}
+
 
 function logout() {
    $session = Registry::get('session');

webui/view/theme/default/templates/audit/removal.tpl

@@ -0,0 +1,51 @@
+<div id="sspinner" class="alert alert-info lead"><i class="icon-spinner icon-spin icon-2x pull-left"></i><?php print $text_working; ?></div>
+<div id="resultscontainer"  class="boxlistcontent<?php if($n <= 0) { ?> empty<?php } ?>" >
+
+   <table id="resultstable" class="table table-striped table-condensed">
+    <thead id="resultstop">
+       <tr class="resultrow">
+          <th class="auditcell date header">
+             <?php print $text_date; ?>
+             <a xid="date" xorder="1" onclick="Piler.changeOrder(this);"><i class="icon-chevron-up"></i></a>
+             <a xid="date" xorder="0" onclick="Piler.changeOrder(this);"><i class="icon-chevron-down"></i></a>
+          </th>
+          <th class="auditcell user header">
+             <?php print $text_user; ?>
+             <a xid="user" xorder="1" onclick="Piler.changeOrder(this);"><i class="icon-chevron-up"></i></a>
+             <a xid="user" xorder="0" onclick="Piler.changeOrder(this);"><i class="icon-chevron-down"></i></a>
+          </th>
+          <th class="auditcell action header">
+             <?php print $text_delete; ?>
+             <a xid="action" xorder="1" onclick="Piler.changeOrder(this);"><i class="icon-chevron-up"></i></a>
+             <a xid="action" xorder="0" onclick="Piler.changeOrder(this);"><i class="icon-chevron-down"></i></a>
+          </th>
+          <th class="auditcell description header">
+             <?php print $text_description; ?>
+          </th>
+          <th class="auditcell ref header">
+             <?php print $text_ref; ?>
+          </th>
+
+       </tr>
+    </thead>
+   
+    <tbody>
+
+<?php $i=0; foreach ($data as $d) { $i++; ?>
+         <tr class="resultrow<?php if($i % 2) { ?> odd<?php } ?>">
+            <td class="auditcell date"><?php print date(DATE_TEMPLATE . " H:i", $d['date1']); ?></td>
+            <td class="auditcell user"><?php print $d['email']; ?></td>
+            <td class="auditcell date"><?php print $d['deleted']; ?></td>
+            <td class="auditcell ip"><?php print $d['reason']; ?></td>
+            <td class="auditcell ref"><?php if($d['deleted'] == 0) { ?><a href="#" onclick="Piler.view_message(<?php print $d['id']; ?>);"><?php } print $d['id']; if($d['deleted'] == 0) { ?></a><?php } ?></td>
+         </tr>
+<?php } ?>
+
+    </tbody>
+   </table>
+
+</div>
+
+
+<!--div id="messagelistfooter" class="boxfooter">
+</div-->

webui/view/theme/default/templates/common/layout-search.tpl

@@ -62,7 +62,7 @@
   </div>
   <div class="modal-footer">
     <a href="#" class="btn" data-dismiss="modal" aria-hidden="true"><?php print $text_close; ?></a>
-    <a href="#" onclick="var reason = $('#reason').val(); if(reason) { Piler.bulk_remove_messages(reason, '<?php print $text_successfully_removed; ?>'); }" class="btn btn-primary" data-dismiss="modal" aria-hidden="true">OK</a>
+    <a href="#" onclick="var reason = $('#reason').val(); if(reason) { Piler.bulk_remove_messages(reason, '<?php if(NEED_TO_APPROVE_DELETE) { print $text_need_to_approve_removal; } else { print $text_successfully_removed; } ?>'); }" class="btn btn-primary" data-dismiss="modal" aria-hidden="true">OK</a>
   </div>
 </div>
 <?php } ?>

webui/view/theme/default/templates/common/menu.tpl

@@ -27,6 +27,9 @@
                             <li><a href="index.php?route=health/health"><i class="icon-medkit"></i>&nbsp;<?php print $text_health; ?></a></li>
         <?php if(ENABLE_AUDIT == 1) { ?>
                             <li><a href="index.php?route=audit/audit"><i class="icon-book"></i>&nbsp;<?php print $text_audit; ?></a></li>
+        <?php } ?>
+        <?php if(ENABLE_DELETE == 1) { ?>
+                            <li><a href="index.php?route=audit/removal"><i class="icon-eraser"></i>&nbsp;<?php print $text_remove; ?></a></li>
         <?php } ?>
                         </ul>
                     </li>

webui/view/theme/default/templates/user/add.tpl

@@ -128,6 +128,7 @@
                <option value="0"<?php if(isset($post['isadmin']) && $post['isadmin'] == 0){ ?> selected="selected"<?php } ?>><?php print $text_user_regular; ?></option>
                <?php if(Registry::get('admin_user') == 1) { ?><option value="1"<?php if(isset($post['isadmin']) && $post['isadmin'] == 1){ ?> selected="selected"<?php } ?>><?php print $text_user_masteradmin; ?></option><?php } ?>
                <option value="2"<?php if(isset($post['isadmin']) && $post['isadmin'] == 2){ ?> selected="selected"<?php } ?>><?php print $text_user_auditor; ?></option>
+               <option value="4"<?php if(isset($post['isadmin']) && $post['isadmin'] == 4){ ?> selected="selected"<?php } ?>><?php print $text_user_data_officer; ?></option>
           </select>
 		</div>
 	</div>	

webui/view/theme/default/templates/user/edit.tpl

@@ -139,6 +139,7 @@
                    <option value="0"<?php if(isset($user['isadmin']) && $user['isadmin'] == 0){ ?> selected="selected"<?php } ?>><?php print $text_user_regular; ?></option>
                    <?php if(Registry::get('admin_user') == 1) { ?><option value="1"<?php if(isset($user['isadmin']) && $user['isadmin'] == 1){ ?> selected="selected"<?php } ?>><?php print $text_user_masteradmin; ?></option><?php } ?>
                    <option value="2"<?php if(isset($user['isadmin']) && $user['isadmin'] == 2){ ?> selected="selected"<?php } ?>><?php print $text_user_auditor; ?></option>
+                   <option value="4"<?php if(isset($user['isadmin']) && $user['isadmin'] == 2){ ?> selected="selected"<?php } ?>><?php print $text_user_data_officer; ?></option>
               </select>
             </div>
         </div>	

webui/view/theme/default/templates/user/list.tpl

@@ -57,6 +57,7 @@
                if($user['isadmin'] == 0){ print $text_user_regular; }
                if($user['isadmin'] == 1){ print $text_user_masteradmin; }
                if($user['isadmin'] == 2){ print $text_user_auditor; }
+               if($user['isadmin'] == 4){ print $text_user_data_officer; }
             ?>
          </td>
          <td><a href="index.php?route=user/edit&amp;uid=<?php print $user['uid']; ?>"><i class="icon-edit"></i>&nbsp;<?php print $text_edit_or_view; ?></a></td>