Fixing bug 20500
This commit is contained in:
NASDAMI Quatadah
parent
8280447f3e
commit
1dcc701251
@ -682,7 +682,7 @@ class User extends CommonObject
|
||||
'member' => 'adherent', // We must check $user->rights->adherent...
|
||||
'mo' => 'mrp',
|
||||
'order' => 'commande',
|
||||
'product' => 'produit', // We must check $user->rights->produit...
|
||||
//'product' => 'produit', // We must check $user->rights->produit...
|
||||
'project' => 'projet',
|
||||
'shipping' => 'expedition',
|
||||
'task' => 'task@projet',
|
||||
@ -695,14 +695,24 @@ class User extends CommonObject
|
||||
'job@hrm' => 'all@hrm', // skill / job / position objects rights are for the moment grouped into right level "all"
|
||||
'position@hrm' => 'all@hrm' // skill / job / position objects rights are for the moment grouped into right level "all"
|
||||
);
|
||||
|
||||
if (!empty($moduletomoduletouse[$module])) {
|
||||
$module = $moduletomoduletouse[$module];
|
||||
}
|
||||
|
||||
$moduleRightsMapping = array(
|
||||
'product' => 'produit', // We must check $user->rights->produit...
|
||||
);
|
||||
|
||||
$rightsPath = $module;
|
||||
if (!empty($moduleRightsMapping[$rightsPath])) {
|
||||
$rightsPath = $moduleRightsMapping[$rightsPath];
|
||||
}
|
||||
|
||||
// If module is abc@module, we check permission user->rights->module->abc->permlevel1
|
||||
$tmp = explode('@', $module, 2);
|
||||
$tmp = explode('@', $rightsPath, 2);
|
||||
if (! empty($tmp[1])) {
|
||||
$module = $tmp[1];
|
||||
$rightsPath = $tmp[1];
|
||||
$permlevel2 = $permlevel1;
|
||||
$permlevel1 = $tmp[0];
|
||||
}
|
||||
@ -722,50 +732,50 @@ class User extends CommonObject
|
||||
}
|
||||
if ($permlevel1 == 'recruitmentcandidature') {
|
||||
$permlevel1 = 'recruitmentjobposition';
|
||||
}
|
||||
|
||||
//var_dump($module.' '.$permlevel1.' '.$permlevel2);
|
||||
if (empty($module) || empty($this->rights) || empty($this->rights->$module) || empty($permlevel1)) {
|
||||
}
|
||||
//var_dump($module.' '.$permlevel1.' '.$permlevel2. ' '. $rightsPath);
|
||||
//var_dump($this->rights);
|
||||
if (empty($rightsPath) || empty($this->rights) || empty($this->rights->$rightsPath) || empty($permlevel1)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
if ($permlevel2) {
|
||||
if (!empty($this->rights->$module->$permlevel1)) {
|
||||
if (!empty($this->rights->$module->$permlevel1->$permlevel2)) {
|
||||
return $this->rights->$module->$permlevel1->$permlevel2;
|
||||
if (!empty($this->rights->$rightsPath->$permlevel1)) {
|
||||
if (!empty($this->rights->$rightsPath->$permlevel1->$permlevel2)) {
|
||||
return $this->rights->$rightsPath->$permlevel1->$permlevel2;
|
||||
}
|
||||
// For backward compatibility with old permissions called "lire", "creer", "create", "supprimer"
|
||||
// instead of "read", "write", "delete"
|
||||
if ($permlevel2 == 'read' && !empty($this->rights->$module->$permlevel1->lire)) {
|
||||
return $this->rights->$module->lire;
|
||||
if ($permlevel2 == 'read' && !empty($this->rights->$rightsPath->$permlevel1->lire)) {
|
||||
return $this->rights->$rightsPath->lire;
|
||||
}
|
||||
if ($permlevel2 == 'write' && !empty($this->rights->$module->$permlevel1->creer)) {
|
||||
return $this->rights->$module->create;
|
||||
if ($permlevel2 == 'write' && !empty($this->rights->$rightsPath->$permlevel1->creer)) {
|
||||
return $this->rights->$rightsPath->create;
|
||||
}
|
||||
if ($permlevel2 == 'write' && !empty($this->rights->$module->$permlevel1->create)) {
|
||||
return $this->rights->$module->create;
|
||||
if ($permlevel2 == 'write' && !empty($this->rights->$rightsPath->$permlevel1->create)) {
|
||||
return $this->rights->$rightsPath->create;
|
||||
}
|
||||
if ($permlevel2 == 'delete' && !empty($this->rights->$module->$permlevel1->supprimer)) {
|
||||
return $this->rights->$module->supprimer;
|
||||
if ($permlevel2 == 'delete' && !empty($this->rights->$rightsPath->$permlevel1->supprimer)) {
|
||||
return $this->rights->$rightsPath->supprimer;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (!empty($this->rights->$module->$permlevel1)) {
|
||||
return $this->rights->$module->$permlevel1;
|
||||
if (!empty($this->rights->$rightsPath->$permlevel1)) {
|
||||
return $this->rights->$rightsPath->$permlevel1;
|
||||
}
|
||||
// For backward compatibility with old permissions called "lire", "creer", "create", "supprimer"
|
||||
// instead of "read", "write", "delete"
|
||||
if ($permlevel1 == 'read' && !empty($this->rights->$module->lire)) {
|
||||
return $this->rights->$module->lire;
|
||||
if ($permlevel1 == 'read' && !empty($this->rights->$rightsPath->lire)) {
|
||||
return $this->rights->$rightsPath->lire;
|
||||
}
|
||||
if ($permlevel1 == 'write' && !empty($this->rights->$module->creer)) {
|
||||
return $this->rights->$module->create;
|
||||
if ($permlevel1 == 'write' && !empty($this->rights->$rightsPath->creer)) {
|
||||
return $this->rights->$rightsPath->create;
|
||||
}
|
||||
if ($permlevel1 == 'write' && !empty($this->rights->$module->create)) {
|
||||
return $this->rights->$module->create;
|
||||
if ($permlevel1 == 'write' && !empty($this->rights->$rightsPath->create)) {
|
||||
return $this->rights->$rightsPath->create;
|
||||
}
|
||||
if ($permlevel1 == 'delete' && !empty($this->rights->$module->supprimer)) {
|
||||
return $this->rights->$module->supprimer;
|
||||
if ($permlevel1 == 'delete' && !empty($this->rights->$rightsPath->supprimer)) {
|
||||
return $this->rights->$rightsPath->supprimer;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -78,7 +78,7 @@ class UserTest extends PHPUnit\Framework\TestCase
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public static function setUpBeforeClass()
|
||||
public static function setUpBeforeClass() : void
|
||||
{
|
||||
global $conf,$user,$langs,$db;
|
||||
|
||||
@ -96,7 +96,7 @@ class UserTest extends PHPUnit\Framework\TestCase
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public static function tearDownAfterClass()
|
||||
public static function tearDownAfterClass() : void
|
||||
{
|
||||
global $conf,$user,$langs,$db;
|
||||
$db->rollback();
|
||||
@ -109,7 +109,7 @@ class UserTest extends PHPUnit\Framework\TestCase
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
protected function setUp()
|
||||
protected function setUp() : void
|
||||
{
|
||||
global $conf,$user,$langs,$db;
|
||||
$conf=$this->savconf;
|
||||
@ -125,7 +125,7 @@ class UserTest extends PHPUnit\Framework\TestCase
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
protected function tearDown()
|
||||
protected function tearDown() : void
|
||||
{
|
||||
print __METHOD__."\n";
|
||||
}
|
||||
@ -261,6 +261,38 @@ class UserTest extends PHPUnit\Framework\TestCase
|
||||
return $localobject;
|
||||
}
|
||||
|
||||
/**
|
||||
* testUserHasRight
|
||||
*
|
||||
* @param User $localobject User
|
||||
* @return void
|
||||
*/
|
||||
|
||||
public function testUserHasRight()
|
||||
{
|
||||
global $conf,$user,$langs,$db;
|
||||
$conf=$this->savconf;
|
||||
$user=$this->savuser;
|
||||
$langs=$this->savlangs;
|
||||
$db=$this->savdb;
|
||||
|
||||
/*$result=$localobject->setstatus(0);
|
||||
print __METHOD__." id=".$localobject->id." result=".$result."\n";
|
||||
$this->assertLessThan($result, 0);
|
||||
*/
|
||||
|
||||
print __METHOD__." id=". $user->id ."\n";
|
||||
//$this->assertNotEquals($user->date_creation, '');
|
||||
$user->addrights(0, 'supplier_proposal');
|
||||
|
||||
$this->assertEquals($user->hasRight('member', ''), 0);
|
||||
$this->assertEquals($user->hasRight('member', 'member'), 0);$this->assertEquals($user->hasRight('product', 'member', 'read'), 0);
|
||||
$this->assertEquals($user->hasRight('member', 'member'), 0);$this->assertEquals($user->hasRight('produit', 'member', 'read'), 0);
|
||||
$user->clearrights();
|
||||
//print __METHOD__. $user->hasRight('module', 'level11');
|
||||
return $user;
|
||||
}
|
||||
|
||||
/**
|
||||
* testUserSetPassword
|
||||
*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user