<?php
/**
 *
 * @package MediaWiki
 * @subpackage SpecialPage
 */

/**
 * Super class.
 */
require_once ( 'includes/QueryPage.php' ) ;

/**
 *
 * @package MediaWiki
 * @subpackage SpecialPage
 */
class UserPermissionsPage extends PageQueryPage {

	
	/*
	 * Username to show permissions for.
	 */
	var $username;

	/*
	 * Groupname to show permissions for.
	 */
	var $groupname;

	/*
	 * Names of tags.
	 */
	var $tagNames;

	/*
	 * Texts for SpecialPage.
	 */
	var $pageTexts;

	/*
	 * Display articles that user can read/edit.
	 */
	var $action = "read";

	/*
	 * Users, that are allowed to do everything.
	 */
	var $allowedUsers;

	/*
	 * Groups, that are allowed to do everything.
	 */
	var $allowedGroups;
    
    
    /*
     * Constructor.
     */
    function UserPermissionsPage($tagNames, $pageTexts, $users, $groups)
    {
        $this->tagNames = $tagNames;
        $this->pageTexts = $pageTexts;
        $this->allowedUsers = $users;
        $this->allowedGroups = $groups;
    }
    
    
    function getName() 
    {
		return 'UserPermissions';
	}

	function isExpensive() 
    {
		return false;
	}
	
    function isSyndicated() 
    {
        return false; 
    }

	function getSQL() 
    {
	  // prepare database
      $dbr =& wfGetDB( DB_SLAVE );
	  $tbl_page = $dbr->tableName( 'page' );
	  $tbl_revision = $dbr->tableName( 'revision' );
	  $tbl_text = $dbr->tableName( 'text' );
	  
      // get action and check if it's an allowed one
      if (isset($_GET['action']) AND $_GET['action'] != "")
	  {
        if (in_array($_GET['action'], array("edit", "read")))
        {
            $this->action = $_GET['action'];
        }
      }
 
	  // get username or groupname. if both are set, username is used.
      if (isset($_GET['username']) AND $_GET['username'] != "")
	  {
        $this->username = $_GET['username'];
        $this->groupname = "";
      }
	  elseif (isset($_GET['groupname']) AND $_GET['groupname'] != "")
	  {
        $this->username = "";
        $this->groupname = $_GET['groupname'];
      }
      else
      {
        $this->username = "";
        $this->groupname = "";
      }
      
   	  // build query
      $return = "";
      if (($this->username != "") || ($this->groupname != ""))
      {
          $return = 
    			"SELECT DISTINCT page.page_title AS title, page.page_namespace AS namespace
    			 FROM $tbl_page AS page, $tbl_revision AS rev, $tbl_text AS text";
    	  if ($this->username != "")
    	  {
            $return .= " WHERE text.old_text LIKE '%<" . $this->tagNames[$this->action . 'User'] . ">".$this->username."</" . $this->tagNames[$this->action . 'User'] . ">%'";
          }
          elseif ($this->groupname != "")
          {
            $return .= " WHERE text.old_text LIKE '%<" . $this->tagNames[$this->action . 'Group'] . ">".$this->groupname."</" . $this->tagNames[$this->action . 'Group'] . ">%'";
          }
    	  $return .= " AND rev.rev_text_id=text.old_id
                      AND page.page_id=rev.rev_page
        	          ORDER BY page.page_title#"; // '#' prevents the ORDER-command in class QueryPage from being executed
      }
      else
      {
        $return = "SELECT '' as title, 0 as namespace#";
      }

      return $return;      
	}

    function getPageHeader() 
    {
        // get list of users
        $stringUsers = "";
        if (!empty($this->allowedUsers))
        {
            $stringUsers = implode("' ,'", $this->allowedUsers);
        }
        $stringUsers = "('" . $stringUsers . "')";

        // get list of groups
        $stringGroups = "";
        if (!empty($this->allowedGroups))
        {
            $stringGroups = implode("' ,'", $this->allowedGroups);
        }
        $stringGroups = "('" . $stringGroups . "')";

        // get users from database
        $dbr =& wfGetDB( DB_SLAVE );
        $userQuery = "SELECT DISTINCT user_name FROM user, user_groups
                      WHERE user_name NOT IN " . $stringUsers . "
                      AND user_id=ug_user AND ug_group NOT IN " . $stringGroups . "
                      ORDER BY user_name";
        $result = $dbr->query($userQuery);
        
        // create user-array
        $users = array();
        while ($user = mysql_fetch_array($result, MYSQL_ASSOC)) {
        	$users[] = $user['user_name'];
        }

        // get groups from database
        $userQuery = "SELECT DISTINCT ug_group FROM user_groups
                      WHERE ug_group NOT IN " . $stringGroups . "
                      ORDER BY ug_group";
        $result = $dbr->query($userQuery);
        
        // create group-array
        $groups = array();
        while ($group = mysql_fetch_array($result, MYSQL_ASSOC)) {
        	$groups[] = $group['ug_group'];
        }

        // OUTPUT
        $output = "<b>" . $this->pageTexts['permsUser'] . "</b><br />\n";
        foreach ($users as $user)
        {
            $output .= "<a href=\"index.php?title=Special:UserPermissions&amp;username=".$user."&amp;action=" . $this->action . "\">" . $user . "</a>\n";
        }
        $output .= "<br /><br /><b>" . $this->pageTexts['permsGroup'] . "</b><br />\n";
        foreach ($groups as $group)
        {
            $output .= "<a href=\"index.php?title=Special:UserPermissions&amp;groupname=".$group."&amp;action=" . $this->action . "\">" . $group . "</a>\n";
        }
        if ($this->username != "")
        {
            $output .= "<br/><br/><b>" . $this->pageTexts['perms'] . "</b><br>\n";
            $output .= "<a href=\"index.php?title=Special:UserPermissions&amp;username=".$this->username."&amp;action=read\">" . $this->pageTexts['actionRead'] . "</a>\n";
            $output .= "<a href=\"index.php?title=Special:UserPermissions&amp;username=".$this->username."&amp;action=edit\">" . $this->pageTexts['actionEdit'] . "</a>\n";
        }
        elseif ($this->groupname != "")
        {
            $output .= "<br/><br/><b>" . $this->pageTexts['perms'] . "</b><br>\n";
            $output .= "<a href=\"index.php?title=Special:UserPermissions&amp;groupname=".$this->groupname."&amp;action=read\">" . $this->pageTexts['actionRead'] . "</a>\n";
            $output .= "<a href=\"index.php?title=Special:UserPermissions&amp;groupname=".$this->groupname."&amp;action=edit\">" . $this->pageTexts['actionEdit'] . "</a>\n";
        }
        
        // show allowed users/groups
        $output .= "<br/><br/><b>" . $this->pageTexts['allowedUsers'] . "</b><br />\n";
        foreach ($this->allowedUsers as $user)
        {
            $output .= $user . " ";
        }
        $output .= "<br/><b>" . $this->pageTexts['allowedGroups'] . "</b><br />\n";
        foreach ($this->allowedGroups as $group)
        {
            $output .= $group . " ";
        }

        if ($this->username != "")
        {
            $output .= "<h2>" . $this->username . "/" . $this->pageTexts['action' . ucfirst($this->action)] . "</h2>\n";
        }
        elseif ($this->groupname != "")
        {
            $output .= "<h2>" . $this->groupname . "/" . $this->pageTexts['action' . ucfirst($this->action)] . "</h2>\n";
        }
        else
        {
            $output .= "<h2>" . $this->pageTexts['selectUser'] . "</h2>\n";
        }
        
        return $output;
    }

}

/**
 * constructor
 */
function wfSpecialUserPermissions() {
	global $userPermissionsTagName, $userPermissionsSpecialpageTexts, $userPermissionsAllowedUsers, $userPermissionsAllowedGroups;
	
    list( $limit, $offset ) = wfCheckLimits();

	$wpp = new UserPermissionsPage($userPermissionsTagName, $userPermissionsSpecialpageTexts, $userPermissionsAllowedUsers, $userPermissionsAllowedGroups);

	$wpp->doQuery( $offset, $limit );
}

?>