From 3607852e5652cfcbdde5cb7758367ad9fe149255 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 22 Oct 2005 13:48:19 +0000 Subject: [PATCH] =?UTF-8?q?New:=20Ajout=20des=20droits=20sur=20le=20module?= =?UTF-8?q?=20user.=20Les=20modules=20"base"=20(requis)=20sont=20actifs=20?= =?UTF-8?q?par=20d=E9faut=20(a=20l'install)=20et=20non=20d=E9sactivables.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/admin/modules.php | 45 +++++++++++-------- htdocs/install/etape5.php | 11 ++++- htdocs/install/upgrade.php | 2 + htdocs/langs/en_US/admin.lang | 10 +++++ htdocs/langs/en_US/users.lang | 3 +- htdocs/langs/fr_FR/admin.lang | 10 +++++ htdocs/langs/fr_FR/users.lang | 1 + htdocs/user/fiche.php | 81 ++++++++++++++++++++++------------- htdocs/user/group/index.php | 4 +- htdocs/user/index.php | 5 ++- htdocs/user/perms.php | 59 ++++++++++++++++--------- 11 files changed, 159 insertions(+), 72 deletions(-) diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 63b4210ba72..6b1058592d4 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -55,9 +55,10 @@ if ($_GET["action"] == 'reset' && $user->admin) /** \brief Active un module - \param value Nom du module a activer + \param value Nom du module a activer + \param withdeps Active/désactive aussi les dépendances */ -function Activate($value) +function Activate($value,$withdeps=1) { global $db, $modules, $langs; @@ -67,7 +68,7 @@ function Activate($value) if ($modName) { $file = $modName . ".class.php"; - include_once("../includes/modules/$file"); + include_once(DOL_DOCUMENT_ROOT."/includes/modules/$file"); $objMod = new $modName($db); // Test si version PHP ok @@ -81,18 +82,21 @@ function Activate($value) $objMod->init(); } - // Activation des modules dont le module dépend - for ($i = 0; $i < sizeof($objMod->depends); $i++) + if ($withdeps) { - Activate($objMod->depends[$i]); + // Activation des modules dont le module dépend + for ($i = 0; $i < sizeof($objMod->depends); $i++) + { + Activate($objMod->depends[$i]); + } + + // Desactivation des modules qui entrent en conflit + for ($i = 0; $i < sizeof($objMod->conflictwith); $i++) + { + UnActivate($objMod->conflictwith[$i],0); + } } - - // Desactivation des modules qui entrent en conflit - for ($i = 0; $i < sizeof($objMod->conflictwith); $i++) - { - UnActivate($objMod->conflictwith[$i],0); - } - + return 0; } @@ -111,7 +115,7 @@ function UnActivate($value,$requiredby=1) if ($modName) { $file = $modName . ".class.php"; - include_once("../includes/modules/$file"); + include_once(DOL_DOCUMENT_ROOT."/includes/modules/$file"); $objMod = new $modName($db); $objMod->remove(); } @@ -181,6 +185,7 @@ print "\n"; $dir = DOL_DOCUMENT_ROOT . "/includes/modules/"; +// Charge tableaux modules, nom, numero, orders depuis répertoire dir $handle=opendir($dir); $modules = array(); $orders = array(); @@ -209,7 +214,6 @@ while (($file = readdir($handle))!==false) $modules[$i] = $objMod; $nom[$i] = $modName; - $numero[$i] = $j; $orders[$i] = "$objMod->family"."_".$j; // Tri par famille puis numero module $j++; $i++; @@ -221,7 +225,7 @@ asort($orders); $var=True; $familylib=array( -'base'=>$langs->trans("ModuleBase"), +'base'=>$langs->trans("ModuleFamilyBase"), 'crm'=>$langs->trans("ModuleFamilyCrm"), 'products'=>$langs->trans("ModuleFamilyProducts"), 'hr'=>$langs->trans("ModuleFamilyHr"), @@ -295,8 +299,8 @@ foreach ($orders as $key => $value) if ($conf->global->$const_name == 1) { // Module actif - print "numero."&action=reset&value=" . $modName . "&spe=" . $_GET["spe"] . "\">" . $langs->trans("Disable") . "\n"; - + if ($family == 'base') print $langs->trans("Required"); + else print "numero."&action=reset&value=" . $modName . "&spe=" . $_GET["spe"] . "\">" . $langs->trans("Disable") . "\n"; if ($objMod->config_page_url) { @@ -331,6 +335,11 @@ foreach ($orders as $key => $value) } else { + if ($family == 'base') + { + // Ne devrait pas arriver. + } + // Module non actif print "numero."&action=set&value=" . $modName . "&spe=" . $_GET["spe"] . "\">" . $langs->trans("Activate") . "\n  \n"; } diff --git a/htdocs/install/etape5.php b/htdocs/install/etape5.php index f5c168ba548..29431ad4989 100644 --- a/htdocs/install/etape5.php +++ b/htdocs/install/etape5.php @@ -24,7 +24,7 @@ /** \file htdocs/install/etape5.php - \brief Page de fin d'installation + \brief Page de fin d'installation ou de migration \version $Revision$ */ @@ -40,6 +40,8 @@ $success=0; if (file_exists($conffile)) { include($conffile); + if (! isset($dolibarr_main_db_prefix) || ! $dolibarr_main_db_prefix) $dolibarr_main_db_prefix='llx_'; + define('MAIN_DB_PREFIX',$dolibarr_main_db_prefix); } @@ -96,6 +98,13 @@ if ($_POST["action"] == "set" || $_POST["action"] == "upgrade") $db = new DoliDb($conf->db->type,$conf->db->host,$conf->db->user,$conf->db->pass,$conf->db->name); $ok = 0; + // Active module user + $modName='modUser'; + $file = $modName . ".class.php"; + include_once("../includes/modules/$file"); + $objMod = new $modName($db); + $objMod->init(); + // If first install if ($_POST["action"] == "set") { diff --git a/htdocs/install/upgrade.php b/htdocs/install/upgrade.php index cde66a09aa3..46a5fb23f2b 100644 --- a/htdocs/install/upgrade.php +++ b/htdocs/install/upgrade.php @@ -52,6 +52,8 @@ pHeader($langs->trans("MigrateScript"),"etape5","upgrade"); if (file_exists($conffile)) { include_once($conffile); + if (! isset($dolibarr_main_db_prefix) || ! $dolibarr_main_db_prefix) $dolibarr_main_db_prefix='llx_'; + define('MAIN_DB_PREFIX',$dolibarr_main_db_prefix); } if($dolibarr_main_db_type == "mysql") diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 7894b64f191..8b9a06e431d 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -42,6 +42,8 @@ ActiveOn=Activated on SourceFile=Source file TriggersAvailable=Triggers available TriggersDesc=Triggers are components that modify, once activated, the behaviour of Dolibarr workflow. They add new actions, activated on Dolibarr events (new company creation, invoice validation, ...). +Required=Required +ModuleFamilyBase=System ModuleFamilyCrm=Customer Ressource Management (CRM) ModuleFamilyProducts=Products Management ModuleFamilyHr=Human Ressource Management @@ -50,6 +52,8 @@ ModuleFamilyOther=Other ModuleFamilyTechnic=Technical Modules ModuleFamilyExperimental=Experimental modules ModuleFamilyFinancial=Financial Modules (Accountancy/Treasury) +Module0Name=Users & groups +Module0Desc=Users and groups management Module1Name=Companies Module1Desc=Companies and contacts' management Module2Name=Commercial @@ -187,6 +191,12 @@ Permission229=Delete emailings Permission231=Read supplier invoices Permission232=Create/modify supplier invoices Permission233=Delete supplier invoices +Permission251=Read other users and groups +Permission252=Create/modify other users, their groups and permisssions +Permission253=Modify other users password +Permission254=Delete or disable other users +Permission255=Create/modify his own user informations +Permission256=Modify his own password Permission300=Read bar codes Permission301=Create/modify bar codes Permission302=Delete bar codes diff --git a/htdocs/langs/en_US/users.lang b/htdocs/langs/en_US/users.lang index 203e9e79209..bb044cb4f1d 100755 --- a/htdocs/langs/en_US/users.lang +++ b/htdocs/langs/en_US/users.lang @@ -68,4 +68,5 @@ CreateDolibarrLogin=Create Dolibarr account LoginAccountDisable=Account disabled, put a new login to activate it. UsePersonalValue=Use personal value ErrorFailedToSaveFile=Error - Failed to save file -GuiLanguage=Interface language \ No newline at end of file +GuiLanguage=Interface language +InternalUser=Internal user \ No newline at end of file diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index c14d78294ed..0430b63167c 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -42,6 +42,8 @@ ActiveOn=Active sur SourceFile=Fichier source TriggersAvailable=Triggers disponibles TriggersDesc=Les triggers sont des composants qui, une fois activés, modifient le comportement du workflow de Dolibarr. Ils réalisent des actions suplémentaires, déclenchées par les événements Dolibarr (création société, validation facture, clôture contrat...). +Required=Requis +ModuleFamilyBase=Système ModuleFamilyCrm=Gestion client (CRM) ModuleFamilyProducts=Gestion produits ModuleFamilyHr=Ressources humaines @@ -50,6 +52,8 @@ ModuleFamilyOther=Autre ModuleFamilyTechnic=Modules techniques, interfaces ModuleFamilyExperimental=Modules expérimentaux (ne pas utiliser en production) ModuleFamilyFinancial=Modules financiers (Compta/trésorerie) +Module0Name=Utilisateurs & groupes +Module0Desc=Gestion des utilisateurs et groupes Module1Name=Sociétés Module1Desc=Gestion des sociétés et contacts Module2Name=Commercial @@ -187,6 +191,12 @@ Permission229=Supprimer les mailings Permission231=Consulter les factures fournisseurs Permission232=Créer/modifier les facture fournisseurs Permission233=Supprimer les factures fournisseurs +Permission251=Consulter les autres utilisateurs, leurs groupes et permissions +Permission252=Créer/modifier les autres utilisateurs, leurs groupes et permissions +Permission253=Modifier mot de passe des autres utilisateurs +Permission254=Supprimer ou désactiver les autres utilisateurs +Permission255=Créer/modifier ses propres infos utilisateur +Permission256=Modifier son propre mot de passe Permission300=Consulter les codes barres Permission301=Créer/modifier les codes barres Permission302=Supprimer les codes barres diff --git a/htdocs/langs/fr_FR/users.lang b/htdocs/langs/fr_FR/users.lang index 19e45877217..3a394fd8c1f 100755 --- a/htdocs/langs/fr_FR/users.lang +++ b/htdocs/langs/fr_FR/users.lang @@ -69,3 +69,4 @@ LoginAccountDisable=Le compte est d UsePersonalValue=Utiliser valeur personalisée ErrorFailedToSaveFile=Erreur - l'enregistrement du fichier a échoué GuiLanguage=Langage de l'interface +InternalUser=Utilisateur interne \ No newline at end of file diff --git a/htdocs/user/fiche.php b/htdocs/user/fiche.php index 506d1d88cb3..ca936bd31a1 100644 --- a/htdocs/user/fiche.php +++ b/htdocs/user/fiche.php @@ -34,11 +34,16 @@ require("./pre.inc.php"); require_once(DOL_DOCUMENT_ROOT."/contact.class.php"); +// Defini si peux lire/modifier utilisateurs et permisssions +$canreadperms=($user->admin || $user->rights->user->user->lire); +$caneditperms=($user->admin || $user->rights->user->user->creer); +$candisableperms=($user->admin || $user->rights->user->user->supprimer); + if ($user->id <> $_GET["id"]) { - if (! $user->rights->user->user->lire && ! $user->admin) + if (! $canreadperms) { - accessforbidden(); + accessforbidden(); } } @@ -54,13 +59,13 @@ $action=isset($_GET["action"])?$_GET["action"]:$_POST["action"]; /** * Actions */ -if ($_GET["subaction"] == 'addrights' && $user->admin) +if ($_GET["subaction"] == 'addrights' && $caneditperms) { $edituser = new User($db,$_GET["id"]); $edituser->addrights($_GET["rights"]); } -if ($_GET["subaction"] == 'delrights' && $user->admin) +if ($_GET["subaction"] == 'delrights' && $caneditperms) { $edituser = new User($db,$_GET["id"]); $edituser->delrights($_GET["rights"]); @@ -74,6 +79,7 @@ if ($_POST["action"] == 'confirm_disable' && $_POST["confirm"] == "yes") $edituser->fetch($_GET["id"]); $edituser->disable(); Header("Location: ".DOL_URL_ROOT.'/user/fiche.php?id='.$_GET["id"]); + exit; } } @@ -85,11 +91,12 @@ if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == "yes") $edituser->fetch($_GET["id"]); $edituser->delete(); Header("Location: index.php"); + exit; } } // Action ajout user -if ($_POST["action"] == 'add' && $user->admin) +if ($_POST["action"] == 'add' && $caneditperms) { $message=""; if (! $_POST["nom"]) { @@ -130,6 +137,7 @@ if ($_POST["action"] == 'add' && $user->admin) $db->commit(); Header("Location: fiche.php?id=$id"); + exit; } else { @@ -143,7 +151,7 @@ if ($_POST["action"] == 'add' && $user->admin) } // Action ajout groupe utilisateur -if ($_POST["action"] == 'addgroup' && $user->admin) +if ($_POST["action"] == 'addgroup' && $caneditperms) { if ($_POST["group"]) { @@ -151,10 +159,11 @@ if ($_POST["action"] == 'addgroup' && $user->admin) $edituser->SetInGroup($_POST["group"]); Header("Location: fiche.php?id=".$_GET["id"]); + exit; } } -if ($_GET["action"] == 'removegroup' && $user->admin) +if ($_GET["action"] == 'removegroup' && $caneditperms) { if ($_GET["group"]) { @@ -162,10 +171,11 @@ if ($_GET["action"] == 'removegroup' && $user->admin) $edituser->RemoveFromGroup($_GET["group"]); Header("Location: fiche.php?id=".$_GET["id"]); + exit; } } -if ($_POST["action"] == 'update' && $user->admin) +if ($_POST["action"] == 'update' && $caneditperms) { $message=""; @@ -201,18 +211,21 @@ if ($_POST["action"] == 'update' && $user->admin) if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='' ) { $ret=$edituser->password($user,$password,$conf->password_encrypted); - if ($ret < 0) { + if ($ret < 0) + { $message.='
'.$edituser->error.'
'; } } - if ($_FILES['photo']['tmp_name']) { + if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) + { // Si une photo est fournie avec le formulaire if (! is_dir($conf->users->dir_output)) { create_exdir($conf->users->dir_output); } - if (is_dir($conf->users->dir_output)) { + if (is_dir($conf->users->dir_output)) + { $newfile=$conf->users->dir_output . "/" . $edituser->id . ".jpg"; if (! doliMoveFileUpload($_FILES['photo']['tmp_name'],$newfile)) { @@ -221,10 +234,12 @@ if ($_POST["action"] == 'update' && $user->admin) } } - if ($ret >= 0) { + if ($ret >= 0) + { $message.='
'.$langs->trans("UserModified").'
'; $db->commit(); - } else { + } else + { $db->rollback; } @@ -232,7 +247,7 @@ if ($_POST["action"] == 'update' && $user->admin) // Action modif mot de passe if ((($_POST["action"] == 'confirm_password' && $_POST["confirm"] == 'yes') - || $_GET["action"] == 'confirm_passwordsend') && $user->admin) + || $_GET["action"] == 'confirm_passwordsend') && $caneditperms) { $edituser = new User($db, $_GET["id"]); $edituser->fetch(); @@ -346,6 +361,9 @@ else $fuser->fetch(); $fuser->getrights(); + $caneditpassword=( (($user->id == $fuser->id) && $user->rights->user->self->password) + || (($user->id != $fuser->id) && $user->rights->user->user->password) ); + /* * Affichage onglets */ @@ -432,7 +450,7 @@ else print ''.$langs->trans("Lastname").''; print ''.$fuser->nom.''; - print ''; + print ''; if (file_exists($conf->users->dir_output."/".$fuser->id.".jpg")) { print ''; @@ -525,7 +543,7 @@ else print "\n"; print "".''.$langs->trans("Note").''; - print ''.nl2br($fuser->note).' '; + print ''.nl2br($fuser->note).' '; print "\n"; // Autres caractéristiques issus des autres modules @@ -548,27 +566,27 @@ else */ print '
'; - if ($user->admin || ($user->id == $fuser->id)) + if ($caneditperms || ($user->id == $fuser->id)) { print ''.$langs->trans("Edit").''; } - if (($user->id != $_GET["id"] && $user->admin) && $fuser->login) + if (($user->id != $_GET["id"] && $caneditpassword) && $fuser->login) { print ''.$langs->trans("ReinitPassword").''; } - if (($user->id != $_GET["id"] && $user->admin) && $fuser->email && $fuser->login) + if (($user->id != $_GET["id"] && $caneditpassword) && $fuser->email && $fuser->login) { print ''.$langs->trans("SendNewPassword").''; } - if ($user->id <> $_GET["id"] && $user->admin && $fuser->login) + if ($user->id <> $_GET["id"] && $candisableperms && $fuser->login) { print ''.$langs->trans("DisableUser").''; } - if ($user->id <> $_GET["id"] && $user->admin) + if ($user->id <> $_GET["id"] && $candisableperms) { print ''.$langs->trans("DeleteUser").''; } @@ -611,7 +629,7 @@ else dolibarr_print_error($db); } - if ($user->admin) + if ($caneditperms) { $form = new Form($db); print '
'."\n"; @@ -663,7 +681,7 @@ else print ''; print ''; - if ($user->admin) + if ($caneditperms) { print 'rowid.'">'; @@ -694,15 +712,14 @@ else /* * Fiche en mode edition */ - if ($_GET["action"] == 'edit' && ($user->admin || ($user->id == $fuser->id))) + if ($_GET["action"] == 'edit' && ($caneditperms || ($user->id == $fuser->id))) { print ''; print ''; print ''; - - $rowspan=11; - if ($conf->global->USER_ALLOW_PASSWORD_CHANGE) $rowspan++; + + $rowspan=12; print ''; print ''; @@ -729,11 +746,17 @@ else print ''; // Pass - if ($conf->global->USER_ALLOW_PASSWORD_CHANGE) + if ($caneditpassword) { print "".''; print ''; } + else + { + print ''; + print ''; + print "\n"; + } // Administrateur print "".''; @@ -799,7 +822,7 @@ else print ''; print "".'"; diff --git a/htdocs/user/group/index.php b/htdocs/user/group/index.php index c233d361a05..0ccfd9fd8d6 100644 --- a/htdocs/user/group/index.php +++ b/htdocs/user/group/index.php @@ -28,7 +28,9 @@ require("./pre.inc.php"); -if (! $user->rights->user->group->lire && !$user->admin) accessforbidden(); +$user->getrights(); + +if (! $user->rights->user->user->lire && ! $user->admin) accessforbidden(); $langs->load("users"); diff --git a/htdocs/user/index.php b/htdocs/user/index.php index 8c3080074fa..75fdc1d4bf9 100644 --- a/htdocs/user/index.php +++ b/htdocs/user/index.php @@ -28,7 +28,9 @@ require("./pre.inc.php"); -if (! $user->rights->user->user->lire && !$user->admin) accessforbidden(); +$user->getrights(); + +if (! $user->rights->user->user->lire && ! $user->admin) accessforbidden(); $langs->load("users"); @@ -37,7 +39,6 @@ $sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"]; $sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"]; $sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"]; $page=isset($_GET["page"])?$_GET["page"]:$_POST["page"]; -$page = $_GET["page"]; if ($page < 0) $page = 0; $limit = $conf->liste_limit; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 1e34391d034..69e366aa1c5 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -38,17 +38,21 @@ $form = new Form($db); $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"]; +// Defini si peux modifier utilisateurs et permisssions +$caneditperms=($user->admin || $user->rights->user->user->creer); + + /** * Actions */ -if ($_GET["action"] == 'addrights' && $user->admin) +if ($_GET["action"] == 'addrights' && $caneditperms) { $edituser = new User($db,$_GET["id"]); $edituser->addrights($_GET["rights"],$module); } -if ($_GET["action"] == 'delrights' && $user->admin) +if ($_GET["action"] == 'delrights' && $caneditperms) { $edituser = new User($db,$_GET["id"]); $edituser->delrights($_GET["rights"],$module); @@ -196,7 +200,7 @@ if ($_GET["id"]) print '
'.$langs->trans("Lastname").'
'.$langs->trans("Password").'
'.$langs->trans("Password").''.eregi_replace('.','*',$fuser->pass).'
'.$langs->trans("Administrator").'
'.$langs->trans("Note").''; - print '
'; print ''; print ''; - if ($user->admin) print ''; + if ($caneditperms) print ''; print ''; print ''; print ''; @@ -232,16 +236,20 @@ if ($_GET["id"]) $objMod=$modules[$obj->module]; $picto=($objMod->picto?$objMod->picto:'generic'); - print ''; - print ''; - print ''; - print ''; - print ''; + if ($caneditperms && ($obj->module != 'user' || ! $user->admin)) + { + // On affiche ligne pour modifier droits + print ''; + print ''; + print ''; + print ''; + print ''; + } } print ''; @@ -249,10 +257,21 @@ if ($_GET["id"]) print ''; - if (in_array($obj->id, $permsuser)) + if ($fuser->admin && $obj->module == 'user') { - // Own permission by user - if ($user->admin) + // Permission own because admin + if ($caneditperms) + { + print ''; + } + print ''; + } + else if (in_array($obj->id, $permsuser)) + { + // Permission own by user + if ($caneditperms) { print ''; } @@ -261,19 +280,19 @@ if ($_GET["id"]) print ''; } else if (in_array($obj->id, $permsgroup)) { - // Own permission by group - if ($user->admin) + // Permission own by group + if ($caneditperms) { print ''; } - print ''; } else { // Do not own permission - if ($user->admin) + if ($caneditperms) { print ''; }
'.$langs->trans("Module").'   '.$langs->trans("Permissions").'
'.img_object('',$picto).' '.$objMod->getName(); - print ' '; - print ''.$langs->trans("All").""; - print '/'; - print ''.$langs->trans("None").""; - print ' 
'.img_object('',$picto).' '.$objMod->getName(); + print ' '; + print ''.$langs->trans("All").""; + print '/'; + print ''.$langs->trans("None").""; + print ' 
'.img_object('',$picto).' '.$objMod->getName(); print ''.img_picto($langs->trans("Administrator"),'star').''; + print img_tick(); + print ''.img_edit_remove($langs->trans("Remove")).''.$langs->trans("Group").''; + print ''; print img_tick(); print ''.img_edit_add($langs->trans("Add")).'