2005-02-26 15:23:54 +01:00
< ? php
/* Copyright ( C ) 2002 - 2005 Rodolphe Quiedeville < rodolphe @ quiedeville . org >
* Copyright ( C ) 2002 - 2003 Jean - Louis Bergamo < jlb @ j1b . org >
2010-02-27 17:14:52 +01:00
* Copyright ( C ) 2004 - 2010 Laurent Destailleur < eldy @ users . sourceforge . net >
2005-02-26 15:23:54 +01:00
* Copyright ( C ) 2004 Eric Seigne < eric . seigne @ ryxeo . com >
2017-06-06 07:57:03 +02:00
* Copyright ( C ) 2005 - 2017 Regis Houssin < regis . houssin @ capnetworks . com >
2005-02-26 15:23:54 +01:00
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
2013-01-16 15:36:08 +01:00
* the Free Software Foundation ; either version 3 of the License , or
2005-02-26 15:23:54 +01:00
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2011-08-01 01:19:04 +02:00
* along with this program . If not , see < http :// www . gnu . org / licenses />.
2005-02-26 15:23:54 +01:00
*/
2005-03-06 16:39:32 +01:00
/**
2009-05-04 19:52:15 +02:00
* \file htdocs / user / group / perms . php
* \brief Onglet user et permissions de la fiche utilisateur
*/
2005-02-26 15:23:54 +01:00
2012-08-22 23:24:21 +02:00
require '../../main.inc.php' ;
2012-08-22 23:11:24 +02:00
require_once DOL_DOCUMENT_ROOT . '/user/class/usergroup.class.php' ;
require_once DOL_DOCUMENT_ROOT . '/core/lib/usergroups.lib.php' ;
require_once DOL_DOCUMENT_ROOT . '/core/lib/functions2.lib.php' ;
2005-02-26 15:23:54 +01:00
2018-05-26 16:24:54 +02:00
// Load translation files required by page
$langs -> loadLangs ( array ( 'users' , 'admin' ));
2005-02-26 15:23:54 +01:00
2012-02-27 22:26:22 +01:00
$id = GETPOST ( 'id' , 'int' );
2012-10-20 09:33:39 +02:00
$action = GETPOST ( 'action' , 'alpha' );
$confirm = GETPOST ( 'confirm' , 'alpha' );
$module = GETPOST ( 'module' , 'alpha' );
$rights = GETPOST ( 'rights' , 'int' );
2018-03-31 18:48:27 +02:00
$contextpage = GETPOST ( 'contextpage' , 'aZ' ) ? GETPOST ( 'contextpage' , 'aZ' ) : 'groupperms' ; // To manage different context of search
2017-06-06 07:57:03 +02:00
2010-10-29 08:05:09 +02:00
// Defini si peux lire les permissions
2010-11-08 12:40:52 +01:00
$canreadperms = ( $user -> admin || $user -> rights -> user -> user -> lire );
// Defini si peux modifier les permissions
$caneditperms = ( $user -> admin || $user -> rights -> user -> user -> creer );
// Advanced permissions
$advancedpermsactive = false ;
if ( ! empty ( $conf -> global -> MAIN_USE_ADVANCED_PERMS ))
{
2011-07-08 17:50:28 +02:00
$advancedpermsactive = true ;
$canreadperms = ( $user -> admin || ( $user -> rights -> user -> group_advance -> read && $user -> rights -> user -> group_advance -> readperms ));
$caneditperms = ( $user -> admin || $user -> rights -> user -> group_advance -> write );
2010-11-08 12:40:52 +01:00
}
2010-10-29 08:05:09 +02:00
if ( ! $canreadperms ) accessforbidden ();
2017-06-06 07:57:03 +02:00
$object = new Usergroup ( $db );
$object -> fetch ( $id );
2005-02-26 15:23:54 +01:00
2017-06-06 07:57:03 +02:00
$entity = $conf -> entity ;
2005-02-26 15:23:54 +01:00
2017-06-10 12:56:28 +02:00
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
2018-04-02 16:30:19 +02:00
$hookmanager -> initHooks ( array ( 'groupperms' , 'globalcard' ));
2017-06-06 07:57:03 +02:00
/**
* Actions
*/
2017-12-02 14:57:27 +01:00
2017-06-06 07:57:03 +02:00
$parameters = array ();
$reshook = $hookmanager -> executeHooks ( 'doActions' , $parameters , $object , $action ); // Note that $action and $object may have been modified by some hooks
if ( $reshook < 0 ) setEventMessages ( $hookmanager -> error , $hookmanager -> errors , 'errors' );
2017-12-15 15:15:14 +01:00
if ( empty ( $reshook ))
{
2017-06-06 07:57:03 +02:00
if ( $action == 'addrights' && $caneditperms )
{
$editgroup = new Usergroup ( $db );
$result = $editgroup -> fetch ( $id );
2017-12-15 15:15:14 +01:00
if ( $result > 0 )
{
$editgroup -> addrights ( $rights , $module , '' , $entity );
}
2017-06-06 07:57:03 +02:00
}
if ( $action == 'delrights' && $caneditperms )
{
$editgroup = new Usergroup ( $db );
$result = $editgroup -> fetch ( $id );
2017-12-15 15:15:14 +01:00
if ( $result > 0 )
{
$editgroup -> delrights ( $rights , $module , '' , $entity );
}
2017-06-06 07:57:03 +02:00
}
2005-02-26 15:23:54 +01:00
}
2011-07-08 17:50:28 +02:00
/**
* View
*/
2005-02-26 15:23:54 +01:00
2009-05-04 19:52:15 +02:00
$form = new Form ( $db );
2008-11-11 20:55:16 +01:00
llxHeader ( '' , $langs -> trans ( " Permissions " ));
2017-12-15 15:15:14 +01:00
if ( $object -> id > 0 )
2005-02-26 15:23:54 +01:00
{
2017-12-15 15:15:14 +01:00
/*
2011-07-08 17:50:28 +02:00
* Affichage onglets
*/
2017-12-15 15:15:14 +01:00
$object -> getrights (); // Reload permission
2017-05-09 10:19:39 +02:00
$head = group_prepare_head ( $object );
2011-07-08 17:50:28 +02:00
$title = $langs -> trans ( " Group " );
2017-05-09 10:19:39 +02:00
dol_fiche_head ( $head , 'rights' , $title , - 1 , 'group' );
2005-03-06 16:39:32 +01:00
2005-04-09 19:52:38 +02:00
// Charge les modules soumis a permissions
$modules = array ();
2012-05-08 22:49:03 +02:00
$modulesdir = dolGetModulesDirs ();
$db -> begin ();
2011-08-17 17:56:22 +02:00
2011-08-01 15:15:53 +02:00
foreach ( $modulesdir as $dir )
2011-07-08 17:50:28 +02:00
{
// Load modules attributes in arrays (name, numero, orders) from dir directory
//print $dir."\n<br>";
2012-05-08 22:49:03 +02:00
$handle =@ opendir ( dol_osencode ( $dir ));
2011-07-08 17:50:28 +02:00
if ( is_resource ( $handle ))
{
while (( $file = readdir ( $handle )) !== false )
{
if ( is_readable ( $dir . $file ) && substr ( $file , 0 , 3 ) == 'mod' && substr ( $file , dol_strlen ( $file ) - 10 ) == '.class.php' )
{
$modName = substr ( $file , 0 , dol_strlen ( $file ) - 10 );
2012-05-08 22:49:03 +02:00
2011-07-08 17:50:28 +02:00
if ( $modName )
{
2012-08-23 02:04:35 +02:00
include_once $dir . " / " . $file ;
2011-07-08 17:50:28 +02:00
$objMod = new $modName ( $db );
// Load all lang files of module
if ( isset ( $objMod -> langfiles ) && is_array ( $objMod -> langfiles ))
{
foreach ( $objMod -> langfiles as $domain )
{
$langs -> load ( $domain );
}
}
// Load all permissions
2011-10-27 10:41:29 +02:00
if ( $objMod -> rights_class )
{
2012-07-06 20:25:00 +02:00
$ret = $objMod -> insert_permissions ( 0 , $entity );
2011-07-08 17:50:28 +02:00
$modules [ $objMod -> rights_class ] = $objMod ;
}
}
}
}
}
}
2005-04-09 19:52:38 +02:00
$db -> commit ();
2009-05-04 19:52:15 +02:00
2005-03-06 16:39:32 +01:00
// Lecture des droits groupes
2017-06-06 07:57:03 +02:00
$permsgroupbyentity = array ();
2012-05-08 22:49:03 +02:00
2017-06-06 07:57:03 +02:00
$sql = " SELECT DISTINCT r.id, r.libelle, r.module, gr.entity " ;
$sql .= " FROM " . MAIN_DB_PREFIX . " rights_def as r, " ;
$sql .= " " . MAIN_DB_PREFIX . " usergroup_rights as gr " ;
$sql .= " WHERE gr.fk_id = r.id " ;
$sql .= " AND gr.entity = " . $entity ;
$sql .= " AND gr.fk_usergroup = " . $object -> id ;
2005-03-06 16:39:32 +01:00
2017-06-06 07:57:03 +02:00
dol_syslog ( " get user perms " , LOG_DEBUG );
2005-03-06 16:39:32 +01:00
$result = $db -> query ( $sql );
if ( $result )
2005-02-26 15:23:54 +01:00
{
2017-06-06 07:57:03 +02:00
$num = $db -> num_rows ( $result );
$i = 0 ;
while ( $i < $num )
{
$obj = $db -> fetch_object ( $result );
if ( ! isset ( $permsgroupbyentity [ $obj -> entity ]))
$permsgroupbyentity [ $obj -> entity ] = array ();
array_push ( $permsgroupbyentity [ $obj -> entity ], $obj -> id );
$i ++ ;
}
$db -> free ( $result );
2005-02-26 15:23:54 +01:00
}
2005-03-06 16:39:32 +01:00
else
2005-02-26 15:23:54 +01:00
{
2017-06-06 07:57:03 +02:00
dol_print_error ( $db );
2005-02-26 15:23:54 +01:00
}
2018-04-06 00:36:52 +02:00
$linkback = '<a href="' . DOL_URL_ROOT . '/user/group/list.php?restore_lastsearch_values=1">' . $langs -> trans ( " BackToList " ) . '</a>' ;
2017-06-06 07:57:03 +02:00
2018-02-07 12:08:25 +01:00
dol_banner_tab ( $object , 'id' , $linkback , $user -> rights -> user -> user -> lire || $user -> admin );
2017-06-06 07:57:03 +02:00
2017-05-09 10:19:39 +02:00
print '<div class="fichecenter">' ;
print '<div class="underbanner clearboth"></div>' ;
2017-06-06 07:57:03 +02:00
2005-03-06 16:39:32 +01:00
/*
* Ecran ajout / suppression permission
*/
2005-02-26 15:23:54 +01:00
2009-04-27 22:37:50 +02:00
print '<table class="border" width="100%">' ;
2009-05-04 19:52:15 +02:00
2017-07-13 14:43:41 +02:00
// Name (already in dol_banner, we keep it to have the GlobalGroup picto, but we should move it in dol_banner)
if ( ! empty ( $conf -> mutlicompany -> enabled ))
2009-05-04 17:42:04 +02:00
{
2017-07-13 14:43:41 +02:00
print '<tr><td class="titlefield">' . $langs -> trans ( " Name " ) . '</td>' ;
print '<td colspan="2">' . $object -> name . '' ;
if ( ! $object -> entity )
{
print img_picto ( $langs -> trans ( " GlobalGroup " ), 'redstar' );
}
print " </td></tr> \n " ;
2009-05-04 17:42:04 +02:00
}
2009-05-04 19:52:15 +02:00
2009-04-27 22:37:50 +02:00
// Note
2017-12-02 14:57:27 +01:00
print '<tr><td class="titlefield tdtop">' . $langs -> trans ( " Description " ) . '</td>' ;
2017-05-09 10:19:39 +02:00
print '<td class="valeur">' . dol_htmlentitiesbr ( $object -> note ) . '</td>' ;
2009-04-27 22:37:50 +02:00
print " </tr> \n " ;
2009-05-04 19:52:15 +02:00
2009-04-27 22:37:50 +02:00
print '</table><br>' ;
2009-05-04 19:52:15 +02:00
2009-04-27 22:37:50 +02:00
if ( $user -> admin ) print info_admin ( $langs -> trans ( " WarningOnlyPermissionOfActivatedModules " ));
2009-05-04 19:52:15 +02:00
2017-06-06 07:57:03 +02:00
$parameters = array ();
$reshook = $hookmanager -> executeHooks ( 'insertExtraHeader' , $parameters , $object , $action ); // Note that $action and $object may have been modified by some hooks
if ( $reshook < 0 ) setEventMessages ( $hookmanager -> error , $hookmanager -> errors , 'errors' );
2005-03-06 16:39:32 +01:00
print '<table width="100%" class="noborder">' ;
print '<tr class="liste_titre">' ;
2005-04-02 00:30:25 +02:00
print '<td>' . $langs -> trans ( " Module " ) . '</td>' ;
2006-03-20 11:50:40 +01:00
if ( $caneditperms ) print '<td width="24"> </td>' ;
2005-03-06 16:39:32 +01:00
print '<td align="center" width="24"> </td>' ;
print '<td>' . $langs -> trans ( " Permissions " ) . '</td>' ;
print '</tr>' ;
2009-04-27 22:37:50 +02:00
$sql = " SELECT r.id, r.libelle, r.module " ;
$sql .= " FROM " . MAIN_DB_PREFIX . " rights_def as r " ;
$sql .= " WHERE r.libelle NOT LIKE 'tou%' " ; // On ignore droits "tous"
2017-06-06 07:57:03 +02:00
$sql .= " AND r.entity = " . $entity ;
2010-11-08 12:40:52 +01:00
if ( empty ( $conf -> global -> MAIN_USE_ADVANCED_PERMS )) $sql .= " AND r.perms NOT LIKE '%_advance' " ; // Hide advanced perms if option is disable
2009-04-27 22:37:50 +02:00
$sql .= " ORDER BY r.module, r.id " ;
2005-03-06 16:39:32 +01:00
$result = $db -> query ( $sql );
if ( $result )
2005-02-26 15:23:54 +01:00
{
2005-03-06 16:39:32 +01:00
$i = 0 ;
2011-10-27 10:41:29 +02:00
$oldmod = '' ;
2012-05-08 22:49:03 +02:00
2011-10-27 10:41:29 +02:00
$num = $db -> num_rows ( $result );
2005-03-06 16:39:32 +01:00
while ( $i < $num )
{
$obj = $db -> fetch_object ( $result );
2005-04-17 17:06:18 +02:00
// Si la ligne correspond a un module qui n'existe plus (absent de includes/module), on l'ignore
2012-07-10 13:20:53 +02:00
if ( empty ( $modules [ $obj -> module ]))
2005-04-17 17:06:18 +02:00
{
$i ++ ;
continue ;
}
2005-03-06 16:39:32 +01:00
if ( $oldmod <> $obj -> module )
{
$oldmod = $obj -> module ;
2010-10-28 21:31:11 +02:00
// Rupture detectee, on recupere objMod
2005-04-01 00:47:18 +02:00
$objMod = $modules [ $obj -> module ];
2005-03-06 16:39:32 +01:00
$picto = ( $objMod -> picto ? $objMod -> picto : 'generic' );
2009-05-04 19:52:15 +02:00
2017-12-15 15:15:14 +01:00
print '<tr class="oddeven trforbreak">' ;
print '<td class="nowrap">' . img_object ( '' , $picto , 'class="inline-block pictoobjectwidth"' ) . ' ' . $objMod -> getName ();
print '<a name="' . $objMod -> getName () . '"> </a></td>' ;
print '<td align="center" class="nowrap">' ;
2006-03-20 13:06:31 +01:00
if ( $caneditperms )
2006-03-20 12:05:12 +01:00
{
2017-12-15 15:15:14 +01:00
print '<a title=' . $langs -> trans ( " All " ) . ' alt=' . $langs -> trans ( " All " ) . ' href="' . $_SERVER [ " PHP_SELF " ] . '?id=' . $object -> id . '&action=addrights&entity=' . $entity . '&module=' . $obj -> module . '#' . $objMod -> getName () . '">' . $langs -> trans ( " All " ) . " </a> " ;
2011-07-08 17:50:28 +02:00
print '/' ;
2017-06-06 07:57:03 +02:00
print '<a title=' . $langs -> trans ( " None " ) . ' alt=' . $langs -> trans ( " None " ) . ' href="' . $_SERVER [ " PHP_SELF " ] . '?id=' . $object -> id . '&action=delrights&entity=' . $entity . '&module=' . $obj -> module . '#' . $objMod -> getName () . '">' . $langs -> trans ( " None " ) . " </a> " ;
2006-03-20 12:05:12 +01:00
}
2017-12-15 15:15:14 +01:00
print '</td>' ;
print '<td colspan="2"> </td>' ;
print '</tr>' ;
2005-03-06 16:39:32 +01:00
}
2017-12-15 15:15:14 +01:00
print '<tr class="oddeven">' ;
2005-04-02 00:30:25 +02:00
2011-07-08 17:50:28 +02:00
// Module
2017-12-15 15:15:14 +01:00
print '<td class="nowrap">' . img_object ( '' , $picto , 'class="inline-block pictoobjectwidth"' ) . ' ' . $objMod -> getName () . '</td>' ;
2005-04-02 00:30:25 +02:00
2017-06-06 07:57:03 +02:00
if ( is_array ( $permsgroupbyentity [ $entity ]))
2005-03-06 16:39:32 +01:00
{
2017-06-06 07:57:03 +02:00
if ( in_array ( $obj -> id , $permsgroupbyentity [ $entity ]))
{
// Own permission by group
if ( $caneditperms )
{
print '<td align="center"><a class="reposition" href="' . $_SERVER [ " PHP_SELF " ] . '?id=' . $object -> id . '&action=delrights&entity=' . $entity . '&rights=' . $obj -> id . '">' . img_edit_remove ( $langs -> trans ( " Remove " )) . '</a></td>' ;
}
print '<td align="center">' ;
print img_picto ( $langs -> trans ( " Active " ), 'tick' );
print '</td>' ;
}
else
{
// Do not own permission
if ( $caneditperms )
{
print '<td align="center"><a class="reposition" href="' . $_SERVER [ " PHP_SELF " ] . '?id=' . $object -> id . '&action=addrights&entity=' . $entity . '&rights=' . $obj -> id . '">' . img_edit_add ( $langs -> trans ( " Add " )) . '</a></td>' ;
}
print '<td> </td>' ;
}
2005-03-06 16:39:32 +01:00
}
else
{
2017-06-06 07:57:03 +02:00
// Do not own permission
if ( $caneditperms )
{
print '<td align="center"><a class="reposition" href="' . $_SERVER [ " PHP_SELF " ] . '?id=' . $object -> id . '&action=addrights&entity=' . $entity . '&rights=' . $obj -> id . '">' . img_edit_add ( $langs -> trans ( " Add " )) . '</a></td>' ;
}
print '<td> </td>' ;
2005-03-06 16:39:32 +01:00
}
2016-06-23 16:29:06 +02:00
$perm_libelle = ( $conf -> global -> MAIN_USE_ADVANCED_PERMS && ( $langs -> trans ( " PermissionAdvanced " . $obj -> id ) != ( " PermissionAdvanced " . $obj -> id )) ? $langs -> trans ( " PermissionAdvanced " . $obj -> id ) : (( $langs -> trans ( " Permission " . $obj -> id ) != ( " Permission " . $obj -> id )) ? $langs -> trans ( " Permission " . $obj -> id ) : $langs -> trans ( $obj -> libelle )));
2005-04-01 00:47:18 +02:00
print '<td>' . $perm_libelle . '</td>' ;
2005-03-06 16:39:32 +01:00
print '</tr>' ;
$i ++ ;
}
2005-02-26 15:23:54 +01:00
}
2005-03-06 16:39:32 +01:00
print '</table>' ;
2017-06-06 07:57:03 +02:00
2017-05-09 10:19:39 +02:00
print '</div>' ;
2017-06-06 07:57:03 +02:00
$parameters = array ();
$reshook = $hookmanager -> executeHooks ( 'insertExtraFooter' , $parameters , $object , $action ); // Note that $action and $object may have been modified by some hooks
if ( $reshook < 0 ) setEventMessages ( $hookmanager -> error , $hookmanager -> errors , 'errors' );
2017-05-09 10:19:39 +02:00
dol_fiche_end ();
2005-02-26 15:23:54 +01:00
}
2005-03-06 16:39:32 +01:00
2011-08-27 16:24:16 +02:00
llxFooter ();
2015-12-11 19:37:12 +01:00
$db -> close ();
