Skip to content
Snippets Groups Projects
Commit e92d1d63 authored by Laurent Destailleur's avatar Laurent Destailleur
Browse files

Les fonctions ajout/suppression de "tous les droits" d'un module sont dispo en... 

Les fonctions ajout/suppression de "tous les droits" d'un module sont dispo en standard sans besoin d'un droit spécifique.
parent bf24cc31
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
htdocs/admin/perms.php
+ 15
5
View file @ e92d1d63
...@@ -82,9 +82,10 @@ while (($file = readdir($handle))!==false) ...@@ -82,9 +82,10 @@ while (($file = readdir($handle))!==false)
} }
// Affiche lignes des permissions // Affiche lignes des permissions
$sql = "SELECT r.id, r.libelle, r.module, r.bydefault FROM ".MAIN_DB_PREFIX."rights_def as r"; $sql ="SELECT r.id, r.libelle, r.module, r.bydefault";
$sql .= " WHERE type <> 'a'"; $sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql .= " ORDER BY r.id ASC"; $sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
$sql.=" ORDER BY r.id, r.module";
$result = $db->query($sql); $result = $db->query($sql);
if ($result) if ($result)
...@@ -100,9 +101,13 @@ if ($result) ...@@ -100,9 +101,13 @@ if ($result)
if ($old <> $obj->module) if ($old <> $obj->module)
{ {
// Rupture dtecte, on rcupre objMod
$objMod=$modules[$obj->module];
$picto=($objMod->picto?$objMod->picto:'generic');
print '<tr class="liste_titre">'; print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Permission").'</td>';
print '<td>'.$langs->trans("Module").'</td>'; print '<td>'.$langs->trans("Module").'</td>';
print '<td>'.$langs->trans("Permission").'</td>';
print '<td align="center">'.$langs->trans("Default").'</td>'; print '<td align="center">'.$langs->trans("Default").'</td>';
print '<td align="center">&nbsp;</td>'; print '<td align="center">&nbsp;</td>';
print "</tr>\n"; print "</tr>\n";
...@@ -110,9 +115,13 @@ if ($result) ...@@ -110,9 +115,13 @@ if ($result)
} }
print '<tr '. $bc[$var].'>'; print '<tr '. $bc[$var].'>';
print '<td>'.img_object('',$picto).' '.$objMod->getName();
$perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle); $perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle);
print '<td>'.$perm_libelle. '</td>'; print '<td>'.$perm_libelle. '</td>';
print '<td>'.$modules[$obj->module]->getName(). '</td><td align="center">';
print '<td align="center">';
if ($obj->bydefault == 1) if ($obj->bydefault == 1)
{ {
...@@ -133,6 +142,7 @@ if ($result) ...@@ -133,6 +142,7 @@ if ($result)
} }
print '</table>'; print '</table>';
print '<br>';
$db->close(); $db->close();
......
htdocs/user/group/perms.php
+ 25
16
View file @ e92d1d63
...@@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"]; ...@@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"];
if ($_GET["action"] == 'addrights' && $user->admin) if ($_GET["action"] == 'addrights' && $user->admin)
{ {
$editgroup = new Usergroup($db,$_GET["id"]); $editgroup = new Usergroup($db,$_GET["id"]);
$editgroup->addrights($_GET["rights"]); $editgroup->addrights($_GET["rights"],$module);
} }
if ($_GET["action"] == 'delrights' && $user->admin) if ($_GET["action"] == 'delrights' && $user->admin)
{ {
$editgroup = new Usergroup($db,$_GET["id"]); $editgroup = new Usergroup($db,$_GET["id"]);
$editgroup->delrights($_GET["rights"]); $editgroup->delrights($_GET["rights"],$module);
} }
...@@ -68,7 +68,7 @@ if ($_GET["id"]) ...@@ -68,7 +68,7 @@ if ($_GET["id"])
{ {
$fgroup = new Usergroup($db, $_GET["id"]); $fgroup = new Usergroup($db, $_GET["id"]);
$fgroup->fetch($_GET["id"]); $fgroup->fetch($_GET["id"]);
$fgroup->getrights($_GET["id"]); $fgroup->getrights();
/* /*
* Affichage onglets * Affichage onglets
...@@ -107,9 +107,7 @@ if ($_GET["id"]) ...@@ -107,9 +107,7 @@ if ($_GET["id"])
while ($i < $num) while ($i < $num)
{ {
$obj = $db->fetch_object($result); $obj = $db->fetch_object($result);
array_push($permsgroup,$obj->id); array_push($permsgroup,$obj->id);
$i++; $i++;
} }
$db->free($result); $db->free($result);
...@@ -148,13 +146,16 @@ if ($_GET["id"]) ...@@ -148,13 +146,16 @@ if ($_GET["id"])
print '<table width="100%" class="noborder">'; print '<table width="100%" class="noborder">';
print '<tr class="liste_titre">'; print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Module").'</td>';
if ($user->admin) print '<td width="24">&nbsp</td>'; if ($user->admin) print '<td width="24">&nbsp</td>';
print '<td align="center" width="24">&nbsp;</td>'; print '<td align="center" width="24">&nbsp;</td>';
print '<td>'.$langs->trans("Permissions").'</td>'; print '<td>'.$langs->trans("Permissions").'</td>';
print '<td>'.$langs->trans("Module").'</td>';
print '</tr>'; print '</tr>';
$sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r ORDER BY r.module, r.id ASC"; $sql ="SELECT r.id, r.libelle, r.module";
$sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
$sql.=" ORDER BY r.id, r.module";
$result=$db->query($sql); $result=$db->query($sql);
if ($result) if ($result)
...@@ -169,17 +170,28 @@ if ($_GET["id"]) ...@@ -169,17 +170,28 @@ if ($_GET["id"])
{ {
$oldmod = $obj->module; $oldmod = $obj->module;
$var = !$var; $var = !$var;
print '<tr '. $bc[$var].'>';
// Recupre objMod // Rupture dtecte, on rcupre objMod
$objMod = $modules[$obj->module]; $objMod = $modules[$obj->module];
$picto=($objMod->picto?$objMod->picto:'generic'); $picto=($objMod->picto?$objMod->picto:'generic');
}
else
{
print '<tr '. $bc[$var].'>'; print '<tr '. $bc[$var].'>';
print '<td>'.img_object('',$picto).' '.$objMod->getName();
print '<a name="'.$objMod->getName().'">&nbsp;</a></td>';
print '<td align="center" nowrap>';
print '<a title='.$langs->trans("All").' alt='.$langs->trans("All").' href="perms.php?id='.$fgroup->id.'&amp;action=addrights&amp;module='.$obj->module.'">'.$langs->trans("All")."</a>";
print '/';
print '<a title='.$langs->trans("None").' alt='.$langs->trans("None").' href="perms.php?id='.$fgroup->id.'&amp;action=delrights&amp;module='.$obj->module.'">'.$langs->trans("None")."</a>";
print '</td>';
print '<td colspan="2">&nbsp;</td>';
print '</tr>';
} }
print '<tr '. $bc[$var].'>';
print '<td>'.img_object('',$picto).' '.$objMod->getName();
print '</td>';
if (in_array($obj->id, $permsgroup)) if (in_array($obj->id, $permsgroup))
{ {
// Own permission by group // Own permission by group
...@@ -187,7 +199,7 @@ if ($_GET["id"]) ...@@ -187,7 +199,7 @@ if ($_GET["id"])
{ {
print '<td align="center"><a href="perms.php?id='.$fgroup->id.'&amp;action=delrights&amp;rights='.$obj->id.'">'.img_edit_remove($langs->trans("Remove")).'</a></td>'; print '<td align="center"><a href="perms.php?id='.$fgroup->id.'&amp;action=delrights&amp;rights='.$obj->id.'">'.img_edit_remove($langs->trans("Remove")).'</a></td>';
} }
print '<td align="left" align="center">'; print '<td align="center">';
print img_tick(); print img_tick();
print '</td>'; print '</td>';
} }
...@@ -204,9 +216,6 @@ if ($_GET["id"]) ...@@ -204,9 +216,6 @@ if ($_GET["id"])
$perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle); $perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle);
print '<td>'.$perm_libelle. '</td>'; print '<td>'.$perm_libelle. '</td>';
print '<td>'.img_object('',$picto).' '.$objMod->getName();
print '</td>';
print '</tr>'; print '</tr>';
$i++; $i++;
......
htdocs/user/perms.php
+ 25
14
View file @ e92d1d63
...@@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"]; ...@@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"];
if ($_GET["action"] == 'addrights' && $user->admin) if ($_GET["action"] == 'addrights' && $user->admin)
{ {
$edituser = new User($db,$_GET["id"]); $edituser = new User($db,$_GET["id"]);
$edituser->addrights($_GET["rights"]); $edituser->addrights($_GET["rights"],$module);
} }
if ($_GET["action"] == 'delrights' && $user->admin) if ($_GET["action"] == 'delrights' && $user->admin)
{ {
$edituser = new User($db,$_GET["id"]); $edituser = new User($db,$_GET["id"]);
$edituser->delrights($_GET["rights"]); $edituser->delrights($_GET["rights"],$module);
} }
...@@ -184,13 +184,16 @@ if ($_GET["id"]) ...@@ -184,13 +184,16 @@ if ($_GET["id"])
print '<table width="100%" class="noborder">'; print '<table width="100%" class="noborder">';
print '<tr class="liste_titre">'; print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Module").'</td>';
if ($user->admin) print '<td width="24">&nbsp</td>'; if ($user->admin) print '<td width="24">&nbsp</td>';
print '<td align="center" width="24">&nbsp;</td>'; print '<td align="center" width="24">&nbsp;</td>';
print '<td>'.$langs->trans("Permissions").'</td>'; print '<td>'.$langs->trans("Permissions").'</td>';
print '<td>'.$langs->trans("Module").'</td>';
print '</tr>'; print '</tr>';
$sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r ORDER BY r.module, r.id ASC"; $sql ="SELECT r.id, r.libelle, r.module";
$sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r";
$sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
$sql.=" ORDER BY r.id, r.module";
$result=$db->query($sql); $result=$db->query($sql);
if ($result) if ($result)
...@@ -205,17 +208,28 @@ if ($_GET["id"]) ...@@ -205,17 +208,28 @@ if ($_GET["id"])
{ {
$oldmod = $obj->module; $oldmod = $obj->module;
$var = !$var; $var = !$var;
print '<tr '. $bc[$var].'>';
// Rcupre objMod // Rupture dtecte, on rcupre objMod
$objMod=$modules[$obj->module]; $objMod=$modules[$obj->module];
$picto=($objMod->picto?$objMod->picto:'generic'); $picto=($objMod->picto?$objMod->picto:'generic');
}
else
{
print '<tr '. $bc[$var].'>'; print '<tr '. $bc[$var].'>';
print '<td>'.img_object('',$picto).' '.$objMod->getName();
print '<a name="'.$objMod->getName().'">&nbsp;</a></td>';
print '<td align="center" nowrap>';
print '<a title='.$langs->trans("All").' alt='.$langs->trans("All").' href="perms.php?id='.$fuser->id.'&amp;action=addrights&amp;module='.$obj->module.'">'.$langs->trans("All")."</a>";
print '/';
print '<a title='.$langs->trans("None").' alt='.$langs->trans("None").' href="perms.php?id='.$fuser->id.'&amp;action=delrights&amp;module='.$obj->module.'">'.$langs->trans("None")."</a>";
print '</td>';
print '<td colspan="2">&nbsp;</td>';
print '</tr>';
} }
print '<tr '. $bc[$var].'>';
print '<td>'.img_object('',$picto).' '.$objMod->getName();
print '</td>';
if (in_array($obj->id, $permsuser)) if (in_array($obj->id, $permsuser))
{ {
// Own permission by user // Own permission by user
...@@ -223,7 +237,7 @@ if ($_GET["id"]) ...@@ -223,7 +237,7 @@ if ($_GET["id"])
{ {
print '<td align="center"><a href="perms.php?id='.$fuser->id.'&amp;action=delrights&amp;rights='.$obj->id.'">'.img_edit_remove($langs->trans("Remove")).'</a></td>'; print '<td align="center"><a href="perms.php?id='.$fuser->id.'&amp;action=delrights&amp;rights='.$obj->id.'">'.img_edit_remove($langs->trans("Remove")).'</a></td>';
} }
print '<td align="left" align="center">'; print '<td align="center">';
print img_tick(); print img_tick();
print '</td>'; print '</td>';
} }
...@@ -231,7 +245,7 @@ if ($_GET["id"]) ...@@ -231,7 +245,7 @@ if ($_GET["id"])
// Own permission by group // Own permission by group
if ($user->admin) if ($user->admin)
{ {
print '<td>'.$langs->trans("Group").'</td>'; print '<td align="center">'.$langs->trans("Group").'</td>';
} }
print '<td align="left" nowrap>'; print '<td align="left" nowrap>';
print img_tick(); print img_tick();
...@@ -250,9 +264,6 @@ if ($_GET["id"]) ...@@ -250,9 +264,6 @@ if ($_GET["id"])
$perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle); $perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle);
print '<td>'.$perm_libelle. '</td>'; print '<td>'.$perm_libelle. '</td>';
print '<td>'.img_object('',$picto).' '.$objMod->getName();
print '</td>';
print '</tr>'; print '</tr>';
$i++; $i++;
......
htdocs/usergroup.class.php
+ 150
100
View file @ e92d1d63
...@@ -97,146 +97,196 @@ class UserGroup ...@@ -97,146 +97,196 @@ class UserGroup
/** /**
* \brief Ajoute un droit au groupe * \brief Ajoute un droit a l'utilisateur
* \param rid id du droit ajouter * \param rid id du droit ajouter
* \param allmodule Ajouter tous les droits du module allmodule
* \param allperms Ajouter tous les droits du module allmodule, perms allperms
* \return int > 0 si ok, < 0 si erreur * \return int > 0 si ok, < 0 si erreur
*/ */
function addrights($rid) function addrights($rid,$allmodule='',$allperms='')
{ {
if (strlen($rid) == 2) $err=0;
{ $whereforadd='';
$topid = substr($rid,0,1);
$lowid = substr($rid,1,1);
}
if (strlen($rid) == 3) $this->db->begin();
{
$topid = substr($rid,0,2);
$lowid = substr($rid,2,1);
}
if ($lowid == 1) if ($rid)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid";
$this->db->query($sql);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $rid)";
if ($this->db->query($sql))
{ {
// Si on a demand ajout d'un droit en particulier, on rcupre
// les caractristiques (module, perms et subperms) de ce droit.
$sql = "SELECT module, perms, subperms";
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql.= " WHERE ";
$sql.=" id = '".$rid."'";
$result=$this->db->query($sql);
if ($result) {
$obj = $this->db->fetch_object($result);
$module=$obj->module;
$perms=$obj->perms;
$subperms=$obj->subperms;
} }
else {
$err++;
dolibarr_print_error($this->db);
} }
if ($lowid > 1) // Where pour la liste des droits ajouter
{ $whereforadd="id=".$rid;
// Ajout des droits induits
if ($subperms) $whereforadd.=" OR (module='$module' AND perms='$perms' AND subperms='lire')";
if ($perms) $whereforadd.=" OR (module='$module' AND perms='lire' AND subperms IS NULL)";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid"; // Pour compatibilit, si lowid = 0, on est en mode ajout de tout
$this->db->query($sql); // \todo A virer quand sera gr par l'appelant
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $rid)"; if (substr($rid,-1,1) == 0) $whereforadd="module='$module'";
if ($this->db->query($sql))
{
} }
else {
$nid = $topid . "1"; // Where pour la liste des droits ajouter
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; if ($allmodule) $whereforadd="module='$allmodule'";
$this->db->query($sql); if ($allperms) $whereforadd=" AND perms='$allperms'";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)";
if ($this->db->query($sql))
{
} }
else
// Ajout des droits de la liste whereforadd
if ($whereforadd)
{ {
dolibarr_print_error($this->db); //print "$module-$perms-$subperms";
} $sql = "SELECT id";
} $sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql.= " WHERE $whereforadd";
if ($lowid == 0) $result=$this->db->query($sql);
if ($result)
{ {
for ($i = 1 ; $i < 10 ; $i++) $num = $this->db->num_rows($result);
$i = 0;
while ($i < $num)
{ {
$nid = $topid . "$i"; $obj = $this->db->fetch_object($result);
$nid = $obj->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid";
$this->db->query($sql); if (! $this->db->query($sql)) $err++;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)"; $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)";
if ($this->db->query($sql)) if (! $this->db->query($sql)) $err++;
{
$i++;
}
} }
else else
{ {
$err++;
dolibarr_print_error($this->db); dolibarr_print_error($this->db);
} }
} }
}
if ($err) {
$this->db->rollback();
return -$err;
}
else {
$this->db->commit();
return 1; return 1;
} }
}
/** /**
* \brief Retire un droit au groupe * \brief Retire un droit a l'utilisateur
* \param rid id du droit retirer * \param rid id du droit retirer
* \param allmodule Retirer tous les droits du module allmodule
* \param allperms Retirer tous les droits du module allmodule, perms allperms
* \return int > 0 si ok, < 0 si erreur * \return int > 0 si ok, < 0 si erreur
*/ */
function delrights($rid) function delrights($rid,$allmodule='',$allperms='')
{
if (strlen($rid) == 2)
{ {
$topid = substr($rid,0,1); $err=0;
$lowid = substr($rid,1,1); $wherefordel='';
}
if (strlen($rid) == 3) $this->db->begin();
{
$topid = substr($rid,0,2);
$lowid = substr($rid,2,1);
}
if ($lowid > 1) if ($rid)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid";
if ($this->db->query($sql))
{ {
// Si on a demand supression d'un droit en particulier, on rcupre
// les caractristiques module, perms et subperms de ce droit.
$sql = "SELECT module, perms, subperms";
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql.= " WHERE ";
$sql.=" id = '".$rid."'";
$result=$this->db->query($sql);
if ($result) {
$obj = $this->db->fetch_object($result);
$module=$obj->module;
$perms=$obj->perms;
$subperms=$obj->subperms;
} }
else {
$err++;
dolibarr_print_error($this->db);
} }
if ($lowid == 1) // Where pour la liste des droits supprimer
{ $wherefordel="id=".$rid;
$fid = $topid . "0"; // Suppression des droits induits
$lid = $topid . "9"; if ($subperms=='lire') $wherefordel.=" OR (module='$module' AND perms='$perms' AND subperms IS NOT NULL)";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id >= $fid AND fk_id <= $lid"; if ($perms=='lire') $wherefordel.=" OR (module='$module')";
if ($this->db->query($sql))
{
// Pour compatibilit, si lowid = 0, on est en mode suppression de tout
// \todo A virer quand sera gr par l'appelant
if (substr($rid,-1,1) == 0) $wherefordel="module='$module'";
} }
else else {
{ // Where pour la liste des droits supprimer
dolibarr_print_error($this->db); if ($allmodule) $wherefordel="module='$allmodule'";
} if ($allperms) $wherefordel=" AND perms='$allperms'";
} }
if ($lowid == 0) // Suppression des droits de la liste wherefordel
if ($wherefordel)
{ {
for ($i = 1 ; $i < 10 ; $i++) //print "$module-$perms-$subperms";
$sql = "SELECT id";
$sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
$sql.= " WHERE $wherefordel";
$result=$this->db->query($sql);
if ($result)
{ {
$nid = $topid . "$i"; $num = $this->db->num_rows($result);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; $i = 0;
if ($this->db->query($sql)) while ($i < $num)
{ {
$obj = $this->db->fetch_object($result);
$nid = $obj->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid";
if (! $this->db->query($sql)) $err++;
$i++;
}
} }
else else
{ {
$err++;
dolibarr_print_error($this->db); dolibarr_print_error($this->db);
} }
} }
}
if ($err) {
$this->db->rollback();
return -$err;
}
else {
$this->db->commit();
return 1; return 1;
} }
}
/** /**
* \brief Charge dans l'objet group, la liste des permissions auquels le groupe a droit * \brief Charge dans l'objet group, la liste des permissions auquels le groupe a droit
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment