NEW The unalterable log can be browse by any user with he permission

2025-02-20 13:46:52 +01:00 · 2017-12-16 21:36:36 +01:00 · 2017-12-16 21:36:36 +01:00 · 4abcbae79f
commit 4abcbae79f
parent e90a6b8c0f
7 changed files with 77 additions and 28 deletions
--- a/htdocs/blockedlog/admin/blockedlog.php
+++ b/htdocs/blockedlog/admin/blockedlog.php
@ -81,12 +81,20 @@ $block_static = new BlockedLog($db);

 llxHeader('',$langs->trans("BlockedLogSetup"));

-$linkback='<a href="'.($backtopage?$backtopage:DOL_URL_ROOT.'/admin/modules.php').'">'.$langs->trans("BackToModuleList").'</a>';
+$linkback='';
+if (GETPOST('withtab','alpha'))
+{
+	$linkback='<a href="'.($backtopage?$backtopage:DOL_URL_ROOT.'/admin/modules.php').'">'.$langs->trans("BackToModuleList").'</a>';
+}
+
 print load_fiche_titre($langs->trans("ModuleSetup").' '.$langs->trans('BlockedLog'),$linkback);

-$head=blockedlogadmin_prepare_head();
+if (GETPOST('withtab','alpha'))
+{
+	$head=blockedlogadmin_prepare_head();
+	dol_fiche_head($head, 'blockedlog', '', -1);
+}

-dol_fiche_head($head, 'blockedlog', '', -1);

 print $langs->trans("BlockedLogDesc")."<br>\n";

@ -148,7 +156,10 @@ print '</td></tr>';

 print '</table>';

-dol_fiche_end();
+if (GETPOST('withtab','alpha'))
+{
+	dol_fiche_end();
+}

 print '<br><br>';

--- a/htdocs/blockedlog/admin/blockedlog_list.php
+++ b/htdocs/blockedlog/admin/blockedlog_list.php
@ -38,6 +38,7 @@ $optioncss  = GETPOST('optioncss','aZ');												// Option for the css output

 $showonlyerrors = GETPOST('showonlyerrors','int');

+$search_fk_user=GETPOST('search_fk_user','intcomma');
 $search_start = -1;
 if(GETPOST('search_startyear')!='') $search_start = dol_mktime(0, 0, 0, GETPOST('search_startmonth'), GETPOST('search_startday'), GETPOST('search_startyear'));
 $search_end = -1;
@ -72,6 +73,7 @@ $result = restrictedArea($user, 'blockedlog', 0, '');
 // Purge search criteria
 if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') ||GETPOST('button_removefilter','alpha')) // All tests are required to be compatible with all browsers
 {
+	$search_fk_user = '';
 	$search_start = -1;
 	$search_end = -1;
 	$search_ref = '';
@ -156,45 +158,56 @@ $form=new Form($db);

 llxHeader('',$langs->trans("BlockedLogSetup"));

-$blocks = $block_static->getLog('all', 0, GETPOST('all','alpha') ? 0 : 50, $sortfield, $sortorder, $search_start, $search_end, $search_ref, $search_amount);
+$blocks = $block_static->getLog('all', 0, GETPOST('all','alpha') ? 0 : 50, $sortfield, $sortorder, $search_fk_user, $search_start, $search_end, $search_ref, $search_amount);
 if (! is_array($blocks))
 {
 	dol_print_error($block_static->db);
 	exit;
 }

-$linkback='<a href="'.DOL_URL_ROOT.'/admin/modules.php">'.$langs->trans("BackToModuleList").'</a>';
+$linkback='';
+if (GETPOST('withtab','alpha'))
+{
+	$linkback='<a href="'.($backtopage?$backtopage:DOL_URL_ROOT.'/admin/modules.php').'">'.$langs->trans("BackToModuleList").'</a>';
+}
+
 print load_fiche_titre($langs->trans("ModuleSetup").' '.$langs->trans('BlockedLog'),$linkback);

-$head=blockedlogadmin_prepare_head();
+if (GETPOST('withtab','alpha'))
+{
+	$head=blockedlogadmin_prepare_head();
+	dol_fiche_head($head, 'fingerprints', '', -1);
+}

-dol_fiche_head($head, 'fingerprints', '', -1);
-
-print $langs->trans("FingerprintsDesc")."<br>\n";
+print '<span class="opacitymedium">'.$langs->trans("FingerprintsDesc")."</span><br>\n";

 print '<br>';

 $param='';
 if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.urlencode($contextpage);
 if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.urlencode($limit);
-if ($search_start > 0) $param.='&search_startyear='.urlencode(GETPOST('search_startyear','int')).'&search_startmonth='.urlencode(GETPOST('search_startmonth','int')).'&search_startday='.urlencode(GETPOST('search_startday','int'));
-if ($search_end > 0)   $param.='&search_endyear='.urlencode(GETPOST('search_endyear','int')).'&search_endmonth='.urlencode(GETPOST('search_endmonth','int')).'&search_endday='.urlencode(GETPOST('search_endday','int'));
-if ($optioncss != '')     $param.='&optioncss='.urlencode($optioncss);
+if ($search_fk_user > 0) $param.='&search_fk_user='.urlencode($search_fk_user);
+if ($search_start > 0)   $param.='&search_startyear='.urlencode(GETPOST('search_startyear','int')).'&search_startmonth='.urlencode(GETPOST('search_startmonth','int')).'&search_startday='.urlencode(GETPOST('search_startday','int'));
+if ($search_end > 0)     $param.='&search_endyear='.urlencode(GETPOST('search_endyear','int')).'&search_endmonth='.urlencode(GETPOST('search_endmonth','int')).'&search_endday='.urlencode(GETPOST('search_endday','int'));
+if ($optioncss != '')    $param.='&optioncss='.urlencode($optioncss);
+if (GETPOST('withtab','alpha')) $param.='&withtab='.urlencode(GETPOST('withtab','alpha'));
+
 // Add $param from extra fields
 //include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php';


 print '<div align="right">';
-print ' <a href="?all=1">'.$langs->trans('ShowAllFingerPrintsMightBeTooLong').'</a>';
-print ' | <a href="?all=1&showonlyerrors=1">'.$langs->trans('ShowAllFingerPrintsErrorsMightBeTooLong').'</a>';
-print ' | <a href="?action=downloadblockchain">'.$langs->trans('DownloadBlockChain').'</a>';
-print ' | <a href="?action=downloadcsv">'.$langs->trans('DownloadLogCSV').'</a>';
+print ' <a href="?all=1'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('ShowAllFingerPrintsMightBeTooLong').'</a>';
+print ' | <a href="?all=1&showonlyerrors=1'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('ShowAllFingerPrintsErrorsMightBeTooLong').'</a>';
+print ' | <a href="?action=downloadcsv'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('DownloadLogCSV').'</a>';
+if (!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY)) print ' | <a href="?action=downloadblockchain'.(GETPOST('withtab','alpha')?'&withtab='.GETPOST('withtab','alpha'):'').'">'.$langs->trans('DownloadBlockChain').'</a>';
 print ' </div>';


 print '<div class="div-table-responsive">';		// You can use div-table-responsive-no-min if you dont need reserved height for your table

 print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
+print '<input type="hidden" name="withtab" value="'.GETPOST('withtab','alpha').'">';

 print '<table class="noborder" width="100%">';
 print '<tr class="liste_titre_filter">';
@ -206,7 +219,11 @@ print $form->select_date($search_start,'search_start');
 print $form->select_date($search_end,'search_end');
 print '</td>';

-print '<td class="liste_titre"></td>';
+// User
+print '<td class="liste_titre">';
+print $form->select_users($search_fk_user, 'search_fk_user', 1);
+print '</td>';
+
 print '<td class="liste_titre"></td>';

 // Ref
@ -373,7 +390,10 @@ if(!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY) && !empty($conf->globa

 }

-dol_fiche_end();
+if (GETPOST('withtab','alpha'))
+{
+	dol_fiche_end();
+}

 print '<br><br>';

--- a/htdocs/blockedlog/class/blockedlog.class.php
+++ b/htdocs/blockedlog/class/blockedlog.class.php
@ -658,13 +658,14 @@ class BlockedLog
 	 *	@param	int 	$limit      	max number of element, 0 for all
 	 *	@param	string 	$sortfield     	sort field
 	 *	@param	string 	$sortorder     	sort order
+	 *	@param	int 	$search_fk_user id of user(s)
 	 *	@param	int 	$search_start   start time limit
 	 *	@param	int 	$search_end     end time limit
 	 *  @param	string	$search_ref		search ref
 	 *  @param	string	$search_amount	search amount
 	 *	@return	array					array of object log
 	 */
-	public function getLog($element, $fk_object, $limit = 0, $sortfield = '', $sortorder = '', $search_start = -1, $search_end = -1, $search_ref='', $search_amount='')
+	public function getLog($element, $fk_object, $limit = 0, $sortfield = '', $sortorder = '', $search_fk_user = -1, $search_start = -1, $search_end = -1, $search_ref='', $search_amount='')
 	{
 		global $conf, $cachedlogs;

@ -692,6 +693,7 @@ class BlockedLog
 	         WHERE entity=".$conf->entity." AND element='".$element."' AND fk_object=".(int) $fk_object;
 		}

+		if ($search_fk_user > 0) $sql.=" AND fk_user IN (".$this->db->escape($search_fk_user).")";
 		if ($search_start > 0) $sql.=" AND date_creation >= '".$this->db->idate($search_start)."'";
 		if ($search_end > 0) $sql.=" AND date_creation <= '".$this->db->idate($search_end)."'";
 		if ($search_ref != '') $sql.=natural_search("ref_object", $search_ref);
--- a/htdocs/blockedlog/lib/blockedlog.lib.php
+++ b/htdocs/blockedlog/lib/blockedlog.lib.php
@ -33,13 +33,13 @@ function blockedlogadmin_prepare_head()
 	$h = 0;
 	$head = array();

-	$head[$h][0] = DOL_URL_ROOT."/blockedlog/admin/blockedlog.php";
+	$head[$h][0] = DOL_URL_ROOT."/blockedlog/admin/blockedlog.php?withtab=1";
 	$head[$h][1] = $langs->trans("Setup");
 	$head[$h][2] = 'blockedlog';
 	$h++;

-	$head[$h][0] = DOL_URL_ROOT."/blockedlog/admin/blockedlog_list.php";
-	$head[$h][1] = $langs->trans("Fingerprints");
+	$head[$h][0] = DOL_URL_ROOT."/blockedlog/admin/blockedlog_list.php?withtab=1";
+	$head[$h][1] = $langs->trans("BrowseBlockedLog");

 	require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';
 	$b=new BlockedLog($db);
--- a/htdocs/core/class/conf.class.php
+++ b/htdocs/core/class/conf.class.php
@ -503,7 +503,7 @@ class Conf
 		if (! isset($this->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE)) $this->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE=1;

 		// Define list of limited modules (value must be key found for "name" property of module, so for example 'supplierproposal' for Module "Supplier Proposal"
-		if (! isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) $this->global->MAIN_MODULES_FOR_EXTERNAL='user,societe,propal,commande,facture,categorie,supplierproposal,fournisseur,contact,projet,contrat,ficheinter,expedition,agenda,resource,adherent';	// '' means 'all'. Note that contact is added here as it should be a module later.
+		if (! isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) $this->global->MAIN_MODULES_FOR_EXTERNAL='user,societe,propal,commande,facture,categorie,supplierproposal,fournisseur,contact,projet,contrat,ficheinter,expedition,agenda,resource,adherent,blockedlog';	// '' means 'all'. Note that contact is added here as it should be a module later.

 		// Enable select2
 		if (empty($this->global->MAIN_USE_JQUERY_MULTISELECT) || $this->global->MAIN_USE_JQUERY_MULTISELECT == '1') $this->global->MAIN_USE_JQUERY_MULTISELECT='select2';
--- a/htdocs/core/modules/modBlockedLog.class.php
+++ b/htdocs/core/modules/modBlockedLog.class.php
@ -110,6 +110,7 @@ class modBlockedLog extends DolibarrModules
        $this->boxes = array();

        // Permissions
+        // -----------------
        $this->rights = array();		// Permission array used by this module

        $r=0;
@ -120,8 +121,22 @@ class modBlockedLog extends DolibarrModules
        $this->rights[$r][5] = '';

        // Main menu entries
-        //------------------
-        $this->menu = array();
+        // -----------------
+        $r=0;
+        $this->menu[$r]=array(
+        'fk_menu'=>'fk_mainmenu=tools',		    // Use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode
+        'mainmenu'=>'tools',
+        'leftmenu'=>'blockedlogbrowser',
+        'type'=>'left',			                // This is a Left menu entry
+        'titre'=>'BrowseBlockedLog',
+        'url'=>'/blockedlog/admin/blockedlog_list.php?mainmenu=tools&leftmenu=blockedlogbrowser',
+        'langs'=>'blockedlog',	        // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory.
+        'position'=>200,
+        'enabled'=>'$conf->blockedlog->enabled',  // Define condition to show or hide menu entry. Use '$conf->mymodule->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected.
+        'perms'=>'$user->rights->blockedlog->read',			    // Use 'perms'=>'$user->rights->mymodule->level1->level2' if you want your menu with a permission rules
+        'target'=>'',
+        'user'=>2);				                // 0=Menu for internal users, 1=external users, 2=both
+        $r++;
    }


--- a/htdocs/langs/en_US/blockedlog.lang
+++ b/htdocs/langs/en_US/blockedlog.lang
@ -2,10 +2,11 @@ BlockedLog=Unalterable Logs
 Field=Field
 BlockedLogDesc=This module tracks some events into an unalterable log (that you can't modify once recorded) into a block chain, in real time. This module provides compatibility with requirements of laws of some countries (like France with the law Fincance 2016 - Norme NF535).
 Fingerprints=Archived events and fingerprints
-FingerprintsDesc=This is the tool to browser the unalterable logs
+FingerprintsDesc=This is the tool to browse the archived unalterable logs. Note that, by definition, there is no feature to purge this log and every change tried to be done directly into this log (by a hacker for example) will be reported with a non valid fingerprint. If you really need to purge this table because you used your application for a demo/test purpose and want to clean your data to start your production, you can ask your reseller or integrator to reset your database (all your data will be removed).  
 CompanyInitialKey=Company initial key (hash of genesis block)
+BrowseBlockedLog=Browse unalterable logs
 ShowAllFingerPrintsMightBeTooLong=Show all archived logs (might be long)
-ShowAllFingerPrintsErrorsMightBeTooLong=Show all archive logs with error (might be long)
+ShowAllFingerPrintsErrorsMightBeTooLong=Show all non valid archive logs (might be long)
 DownloadBlockChain=Download fingerprints
 KoCheckFingerprintValidity=Archived log is not valid. It means someone (a hacker ?) has modified some datas of this archived log after it was recorded, or has erased the previous archived record (check that line with previous # exists).
 OkCheckFingerprintValidity=Archived log is valid. It means all data on this line were not modified and record follow the previous one.