Skip to content
Snippets Groups Projects
Commit 225b9da2 authored by Regis Houssin's avatar Regis Houssin
Browse files

(Multi-Company) 

New: a superadmin can create/update a superadmin
parent 547443c4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
htdocs/core/class/html.form.class.php
+ 1
0
View file @ 225b9da2
......@@ -233,6 +233,7 @@ class Form
if ($type == 'info') $img=img_help(0,$alt);
if ($type == 'help' || $type ==1) $img=img_help(1,$alt);
if ($type == 'superadmin') $img=img_redstar($alt);
if ($type == 'admin') $img=img_picto($alt,"star");
// Warnings
if ($type == 'warning') $img=img_warning($alt);
......
htdocs/langs/en_US/users.lang
+ 4
2
View file @ 225b9da2
......@@ -44,7 +44,8 @@ NameNotDefined=Name is not defined.
ListOfUsers=List of users
Administrator=Administrator
SuperAdministrator=Super Administrator
SuperAdministratorDesc=Administrator with all rights
SuperAdministratorDesc=Global administrator
AdministratorDesc=Administrator's entity
DefaultRights=Default permissions
DefaultRightsDesc=Define here <u>default</u> permissions that are automatically granted to a <u>new created</u> user (Go on user card to change permission of an existing user).
DolibarrUsers=Dolibarr users
......@@ -110,4 +111,5 @@ LoginToCreate=Login to create
NameToCreate=Name of third party to create
YourRole=Your roles
YourQuotaOfUsersIsReached=Your quota of active users is reached !
NbOfUsers=Nb of users
\ No newline at end of file
NbOfUsers=Nb of users
DontDowngradeSuperAdmin=Only a superadmin can downgrade a superadmin
\ No newline at end of file
htdocs/langs/fr_FR/users.lang
+ 4
2
View file @ 225b9da2
......@@ -44,7 +44,8 @@ NameNotDefined=Le nom n'est pas défini.
ListOfUsers=Liste des utilisateurs
Administrator=Administrateur
SuperAdministrator=Super Administrateur
SuperAdministratorDesc=Administrateur principal ayant tous les droits
SuperAdministratorDesc=Administrateur global
AdministratorDesc=Administrateur de l'entité
DefaultRights=Permissions par défaut
DefaultRightsDesc=Définissez ici les permissions <u>par défaut</u>, c'est-à-dire les permissions qui seront attribuées automatiquement à un <u>nouvel</u> utilisateur lors de sa création (Voir la fiche utilisateur pour changer les permissions d'un utilisateur existant).
DolibarrUsers=Utilisateurs Dolibarr
......@@ -110,4 +111,5 @@ LoginToCreate=Login à créer
NameToCreate=Nom du tiers à créer
YourRole=Vos rôles
YourQuotaOfUsersIsReached=Votre quota d'utilisateurs actifs est atteint !
NbOfUsers=Nb d'utilisateurs
\ No newline at end of file
NbOfUsers=Nb d'utilisateurs
DontDowngradeSuperAdmin=Seul un superadmin peut rétrograder un superadmin
\ No newline at end of file
htdocs/user/class/user.class.php
+ 13
6
View file @ 225b9da2
......@@ -1036,7 +1036,7 @@ class User extends CommonObject
$sql.= ", note = '".$this->db->escape($this->note)."'";
$sql.= ", photo = ".($this->photo?"'".$this->db->escape($this->photo)."'":"null");
$sql.= ", openid = ".($this->openid?"'".$this->db->escape($this->openid)."'":"null");
//$sql.= ", entity = '".$this->entity."'";
$sql.= ", entity = '".$this->entity."'";
$sql.= " WHERE rowid = ".$this->id;
dol_syslog("User::update sql=".$sql, LOG_DEBUG);
......@@ -1834,17 +1834,24 @@ class User extends CommonObject
/**
* Return number of existing users
* @param limitToActive limit to active users
* @return int Number of users
* @param limitTo limit to 'active' or 'superadmin' users
* @return int Number of users
*/
function getNbOfUsers($limitToActive=0)
function getNbOfUsers($limitTo='')
{
global $conf;
$sql = "SELECT count(rowid) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."user";
$sql.= " WHERE entity = ".$conf->entity;
if ($limitToActive) $sql.= " AND statut = 1";
if ($limitTo == 'superadmin')
{
$sql.= " WHERE entity = 0";
}
else
{
$sql.= " WHERE entity = ".$conf->entity;
if ($limitTo == 'active') $sql.= " AND statut = 1";
}
$resql=$this->db->query($sql);
if ($resql)
......
htdocs/user/fiche.php
+ 84
36
View file @ 225b9da2
......@@ -115,7 +115,7 @@ if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser)
if (!empty($conf->file->main_limit_users))
{
$nb = $edituser->getNbOfUsers(1);
$nb = $edituser->getNbOfUsers("active");
if ($nb >= $conf->file->main_limit_users)
{
$message='<div class="error">'.$langs->trans("YourQuotaOfUsersIsReached").'</div>';
......@@ -168,7 +168,7 @@ if ($_POST["action"] == 'add' && $canadduser)
if (!empty($conf->file->main_limit_users)) // If option to limit users is set
{
$nb = $edituser->getNbOfUsers(1);
$nb = $edituser->getNbOfUsers("active");
if ($nb >= $conf->file->main_limit_users)
{
$message='<div class="error">'.$langs->trans("YourQuotaOfUsersIsReached").'</div>';
......@@ -191,7 +191,8 @@ if ($_POST["action"] == 'add' && $canadduser)
$edituser->phenix_pass = $_POST["phenix_pass"];
$edituser->note = $_POST["note"];
$edituser->ldap_sid = $_POST["ldap_sid"];
$edituser->entity = ($_POST["admin"] && empty($conf->multicompany->enabled))?0:$_POST["entity"]; // If multicompany is off, admin users must all be on entity 0.
// If multicompany is off, admin users must all be on entity 0.
$edituser->entity = ( ! empty($_POST["admin"]) && (! empty($_POST["superadmin"]) || empty($conf->multicompany->enabled)) ? 0 : $_POST["entity"]);
$db->begin();
......@@ -283,11 +284,11 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"])
$edituser->office_fax = $_POST["office_fax"];
$edituser->user_mobile = $_POST["user_mobile"];
$edituser->email = $_POST["email"];
$edituser->openid = $_POST["openid"];
$edituser->openid = $_POST["openid"];
$edituser->webcal_login = $_POST["webcal_login"];
$edituser->phenix_login = $_POST["phenix_login"];
$edituser->phenix_pass = $_POST["phenix_pass"];
$edituser->entity = $_POST["entity"];
$edituser->entity = ( (! empty($_POST["superadmin"]) && ! empty($_POST["admin"])) ? 0 : $_POST["entity"]);
if (! empty($_FILES['photo']['name'])) $edituser->photo = $_FILES['photo']['name'];
$ret=$edituser->update($user);
......@@ -653,6 +654,30 @@ if (($action == 'create') || ($action == 'adduserldap'))
print '<tr><td valign="top">'.$langs->trans("Administrator").'</td>';
print '<td>';
print $form->selectyesno('admin',$_POST["admin"],1);
if (! empty($conf->multicompany->enabled) && ! $user->entity)
{
if ($conf->use_javascript_ajax)
{
print '<script type="text/javascript">
$(function() {
$("select[name=admin]").change(function() {
if ( $(this).val() == 0 ) {
$("input[name=superadmin]")
.attr("disabled", true)
.attr("checked", false);
} else {
$("input[name=superadmin]")
.attr("disabled", false);
}
});
});
</script>';
}
$checked=($_POST["superadmin"]?' checked':'');
$disabled=($_POST["superadmin"]?'':' disabled');
print '<input type="checkbox" name="superadmin" value="1"'.$checked.$disabled.' /> '.$langs->trans("SuperAdministrator");
}
print "</td></tr>\n";
}
......@@ -950,22 +975,23 @@ else
print '</tr>'."\n";
// Administrator
print '<tr><td valign="top">'.$langs->trans("Administrator").'</td>';
print '<td>'.yn($fuser->admin);
if (! empty($conf->global->MAIN_MODULE_MULTICOMPANY) && $fuser->admin && ! $fuser->entity)
print '<tr><td valign="top">'.$langs->trans("Administrator").'</td><td>';
if (! empty($conf->multicompany->enabled) && $fuser->admin && ! $fuser->entity)
{
print ' '.img_redstar($langs->trans("SuperAdministrator"));
print $html->textwithpicto(yn($fuser->admin),$langs->trans("SuperAdministratorDesc"),1,"superadmin");
}
else if ($fuser->admin)
{
print ' '.img_picto($langs->trans("Administrator"),"star");
print $html->textwithpicto(yn($fuser->admin),$langs->trans("AdministratorDesc"),1,"admin");
}
print '</td>';
print '</tr>'."\n";
else
{
print yn($fuser->admin);
}
print '</td></tr>'."\n";
// Type
print '<tr><td valign="top">'.$langs->trans("Type").'</td>';
print '<td>';
print '<tr><td valign="top">'.$langs->trans("Type").'</td><td>';
if ($fuser->societe_id)
{
print $html->textwithpicto($langs->trans("External"),$langs->trans("InternalExternalDesc"));
......@@ -974,16 +1000,11 @@ else
{
print $langs->trans("DomainUser",$ldap->domainFQDN);
}
else if (empty($conf->global->MAIN_MODULE_MULTICOMPANY) || ! empty($fuser->entity))
{
print $html->textwithpicto($langs->trans("Internal"),$langs->trans("InternalExternalDesc"));
}
else
{
print $html->textwithpicto($langs->trans("SuperAdministrator"),$langs->trans("SuperAdministratorDesc"));
print $html->textwithpicto($langs->trans("Internal"),$langs->trans("InternalExternalDesc"));
}
print '</td>';
print '</tr>'."\n";
print '</td></tr>'."\n";
// Tel pro
print '<tr><td valign="top">'.$langs->trans("PhonePro").'</td>';
......@@ -1112,7 +1133,7 @@ else
print '<div class="tabsAction">';
if ($caneditfield &&
(empty($conf->global->MAIN_MODULE_MULTICOMPANY) || (($fuser->entity == $conf->entity) || $fuser->entity == $user->entity)) )
(empty($conf->multicompany->enabled) || (($fuser->entity == $conf->entity) || $fuser->entity == $user->entity)) )
{
if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED))
{
......@@ -1124,7 +1145,7 @@ else
}
}
elseif ($caneditpassword && ! $fuser->ldap_sid &&
(empty($conf->global->MAIN_MODULE_MULTICOMPANY) || ($fuser->entity == $conf->entity)) )
(empty($conf->multicompany->enabled) || ($fuser->entity == $conf->entity)) )
{
print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=edit">'.$langs->trans("EditPassword").'</a>';
}
......@@ -1133,13 +1154,13 @@ else
if ($conf->global->USER_PASSWORD_GENERATED != 'none')
{
if (($user->id != $_GET["id"] && $caneditpassword) && $fuser->login && !$fuser->ldap_sid &&
(empty($conf->global->MAIN_MODULE_MULTICOMPANY) || ($fuser->entity == $conf->entity)))
(empty($conf->multicompany->enabled) || ($fuser->entity == $conf->entity)))
{
print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=password">'.$langs->trans("ReinitPassword").'</a>';
}
if (($user->id != $_GET["id"] && $caneditpassword) && $fuser->login && !$fuser->ldap_sid &&
(empty($conf->global->MAIN_MODULE_MULTICOMPANY) || ($fuser->entity == $conf->entity)) )
(empty($conf->multicompany->enabled) || ($fuser->entity == $conf->entity)) )
{
if ($fuser->email) print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=passwordsend">'.$langs->trans("SendNewPassword").'</a>';
else print '<a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->trans("NoEMail")).'">'.$langs->trans("SendNewPassword").'</a>';
......@@ -1148,19 +1169,19 @@ else
// Activer
if ($user->id <> $_GET["id"] && $candisableuser && $fuser->statut == 0 &&
(empty($conf->global->MAIN_MODULE_MULTICOMPANY) || ($fuser->entity == $conf->entity)) )
(empty($conf->multicompany->enabled) || ($fuser->entity == $conf->entity)) )
{
print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=enable">'.$langs->trans("Reactivate").'</a>';
}
// Desactiver
if ($user->id <> $_GET["id"] && $candisableuser && $fuser->statut == 1 &&
(empty($conf->global->MAIN_MODULE_MULTICOMPANY) || ($fuser->entity == $conf->entity)) )
(empty($conf->multicompany->enabled) || ($fuser->entity == $conf->entity)) )
{
print '<a class="butActionDelete" href="fiche.php?action=disable&amp;id='.$fuser->id.'">'.$langs->trans("DisableUser").'</a>';
}
// Delete
if ($user->id <> $_GET["id"] && $candisableuser &&
(empty($conf->global->MAIN_MODULE_MULTICOMPANY) || ($fuser->entity == $conf->entity)) )
(empty($conf->multicompany->enabled) || ($fuser->entity == $conf->entity)) )
{
print '<a class="butActionDelete" href="fiche.php?action=delete&amp;id='.$fuser->id.'">'.$langs->trans("DeleteUser").'</a>';
}
......@@ -1293,7 +1314,7 @@ else
if ($_GET["action"] == 'edit' && ($canedituser || ($user->id == $fuser->id)))
{
print '<form action="fiche.php?id='.$fuser->id.'" method="post" name="updateuser" enctype="multipart/form-data">';
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$fuser->id.'" method="POST" name="updateuser" enctype="multipart/form-data">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="update">';
print '<input type="hidden" name="entity" value="'.$conf->entity.'">';
......@@ -1400,15 +1421,47 @@ else
else
{
print '<td>';
if ($user->admin && $fuser->entity!=0) // On ne doit pas rétrograder le superadmin
// Don't downgrade a superadmin if alone
$nbSuperAdmin = $user->getNbOfUsers('superadmin');
if ($user->admin && ($fuser->entity > 0 || $nbSuperAdmin > 1) )
{
print $form->selectyesno('admin',$fuser->admin,1);
if (! empty($conf->multicompany->enabled) && ! $user->entity)
{
if ($conf->use_javascript_ajax)
{
print '<script type="text/javascript">
$(function() {
var admin = $("select[name=admin]");
if (admin.val() == 0) {
$("input[name=superadmin]")
.attr("disabled", true)
.attr("checked", false);
}
$("select[name=admin]").change(function() {
if ( $(this).val() == 0 ) {
$("input[name=superadmin]")
.attr("disabled", true)
.attr("checked", false);
} else {
$("input[name=superadmin]")
.attr("disabled", false);
}
});
});
</script>';
}
$checked=(($fuser->admin && ! $fuser->entity) ? ' checked' : '');
print '<input type="checkbox" name="superadmin" value="1"'.$checked.' /> '.$langs->trans("SuperAdministrator");
}
}
else
{
$yn = yn($fuser->admin);
print '<input type="hidden" name="admin" value="'.$fuser->admin.'">';
if (! empty($conf->global->MAIN_MODULE_MULTICOMPANY)) print $html->textwithpicto($yn,$langs->trans("DontChangeSuperAdmin"),1,'warning');
if (! empty($conf->multicompany->enabled) && ! $fuser->entity) print $html->textwithpicto($yn,$langs->trans("DontDowngradeSuperAdmin"),1,'warning');
else print $yn;
}
print '</td></tr>';
......@@ -1425,11 +1478,6 @@ else
{
print $langs->trans("DomainUser");
}
else if (! empty($conf->global->MAIN_MODULE_MULTICOMPANY) && $fuser->admin && !$fuser->entity)
{
print $langs->trans("SuperAdministrator");
print ' '.img_picto($langs->trans("SuperAdministrator"),"redstar");
}
else
{
print $langs->trans("Internal");
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment