lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Works on multicompany

Browse Source 
Fix: uniformize code, more simple
This commit is contained in:
Regis Houssin 2011-06-07 15:45:01 +00:00
parent a9fa553802
commit 32f77f9ba1
8 changed files with 322 additions and 329 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/includes/triggers/interface_all_Demo.class.php-NORUN
View File

@ -140,6 +140,14 @@ class InterfaceDemo
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
}
elseif ($action == 'USER_LOGOUT')
{
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
}
elseif ($action == 'USER_SETINGROUP')
{
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
}
elseif ($action == 'USER_REMOVEFROMGROUP')
{
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
}

3
htdocs/install/mysql/migration/3.0.0-3.1.0.sql
View File

@ -117,8 +117,9 @@ ALTER TABLE llx_mailing_cibles ADD COLUMN tag varchar(128) NULL AFTER other;
ALTER TABLE llx_mailing ADD COLUMN tag varchar(128) NULL AFTER email_errorsto;
ALTER TABLE llx_usergroup_user DROP INDEX fk_user;
ALTER TABLE llx_usergroup_user DROP INDEX uk_user_group_entity;
ALTER TABLE llx_usergroup_user ADD COLUMN entity integer DEFAULT 1 NOT NULL AFTER rowid;
ALTER TABLE llx_usergroup_user ADD UNIQUE INDEX uk_usergroup_entity (entity,fk_user,fk_usergroup);
ALTER TABLE llx_usergroup_user ADD UNIQUE INDEX uk_usergroup_user (entity,fk_user,fk_usergroup);
ALTER TABLE llx_usergroup_user ADD CONSTRAINT fk_usergroup_user_fk_user FOREIGN KEY (fk_user) REFERENCES llx_user (rowid);
ALTER TABLE llx_usergroup_user ADD CONSTRAINT fk_usergroup_user_fk_usergroup FOREIGN KEY (fk_usergroup) REFERENCES llx_usergroup (rowid);

2
htdocs/install/mysql/tables/llx_usergroup_user.key.sql
View File

@ -18,7 +18,7 @@
-- $Id$
-- ===========================================================================
ALTER TABLE llx_usergroup_user ADD UNIQUE INDEX uk_user_group_entity (entity,fk_user,fk_usergroup);
ALTER TABLE llx_usergroup_user ADD UNIQUE INDEX uk_usergroup_user (entity,fk_user,fk_usergroup);
ALTER TABLE llx_usergroup_user ADD CONSTRAINT fk_usergroup_user_fk_user FOREIGN KEY (fk_user) REFERENCES llx_user (rowid);
ALTER TABLE llx_usergroup_user ADD CONSTRAINT fk_usergroup_user_fk_usergroup FOREIGN KEY (fk_usergroup) REFERENCES llx_usergroup (rowid);

96
htdocs/user/class/user.class.php
View File

@ -47,8 +47,8 @@ class User extends CommonObject
var $id=0;
var $ldap_sid;
var $search_sid;
var $nom;
var $prenom;
var $nom; // TODO deprecated
var $prenom; // TODO deprecated
var $lastname;
var $firstname;
var $note;
@ -530,9 +530,15 @@ class User extends CommonObject
// Maintenant les droits groupes
$sql = "SELECT r.module, r.perms, r.subperms";
$sql.= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr, ".MAIN_DB_PREFIX."usergroup_user as gu, ".MAIN_DB_PREFIX."rights_def as r";
$sql.= " WHERE r.id = gr.fk_id AND gr.fk_usergroup = gu.fk_usergroup AND gu.fk_user = ".$this->id." AND r.perms IS NOT NULL";
$sql.= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,";
$sql.= " ".MAIN_DB_PREFIX."usergroup_user as gu,";
$sql.= " ".MAIN_DB_PREFIX."rights_def as r";
$sql.= " WHERE r.id = gr.fk_id";
$sql.= " AND gr.fk_usergroup = gu.fk_usergroup";
$sql.= " AND gu.fk_user = ".$this->id;
$sql.= " AND r.perms IS NOT NULL";
$sql.= " AND r.entity = ".$conf->entity;
$sql.= " AND gu.entity IN (0,".$conf->entity.")";
if ($moduletag) $sql.= " AND r.module = '".$this->db->escape($moduletag)."'";
dol_syslog('User::getRights sql='.$sql, LOG_DEBUG);
@ -1474,9 +1480,10 @@ class User extends CommonObject
* Add user into a group
* @param group id du groupe
*/
function SetInGroup($group, $notrigger=0)
function SetInGroup($group, $entity, $notrigger=0)
{
global $conf;
global $conf, $langs, $user;
$error=0;
$this->db->begin();
@ -1484,25 +1491,56 @@ class User extends CommonObject
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user";
$sql.= " WHERE fk_user = ".$this->id;
$sql.= " AND fk_usergroup = ".$group;
$sql.= " AND entity = ".$conf->entity;
$sql.= " AND entity = ".$entity;
$result = $this->db->query($sql);
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_user (entity, fk_user, fk_usergroup)";
$sql.= " VALUES (".$conf->entity.",".$this->id.",".$group.")";
$sql.= " VALUES (".$entity.",".$this->id.",".$group.")";
$result = $this->db->query($sql);
$this->db->commit();
if ($result)
{
if (! $error && ! $notrigger)
{
// Appel des triggers
include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('USER_SETINGROUP',$this,$user,$langs,$conf);
if ($result < 0) { $error++; $this->errors=$interface->errors; }
// Fin appel triggers
}
if (! $error)
{
$this->db->commit();
return 1;
}
else
{
$this->error=$interface->error;
dol_syslog("User::SetInGroup ".$this->error, LOG_ERR);
$this->db->rollback();
return -2;
}
}
else
{
$this->error=$this->db->lasterror();
dol_syslog("User::SetInGroup ".$this->error, LOG_ERR);
$this->db->rollback();
return -1;
}
}
/**
* Remove a user from a group
* @param group id du groupe
*/
function RemoveFromGroup($group, $notrigger=0)
function RemoveFromGroup($group, $entity, $notrigger=0)
{
global $conf;
global $conf,$langs,$user;
$error=0;
$this->db->begin();
@ -1510,11 +1548,41 @@ class User extends CommonObject
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user";
$sql.= " WHERE fk_user = ".$this->id;
$sql.= " AND fk_usergroup = ".$group;
$sql.= " AND entity = ".$conf->entity;
$sql.= " AND entity = ".$entity;
$result = $this->db->query($sql);
if ($result)
{
if (! $error && ! $notrigger)
{
// Appel des triggers
include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('USER_REMOVEFROMGROUP',$this,$user,$langs,$conf);
if ($result < 0) { $error++; $this->errors=$interface->errors; }
// Fin appel triggers
}
$this->db->commit();
if (! $error)
{
$this->db->commit();
return 1;
}
else
{
$this->error=$interface->error;
dol_syslog("User::RemoveFromGroup ".$this->error, LOG_ERR);
$this->db->rollback();
return -2;
}
}
else
{
$this->error=$this->db->lasterror();
dol_syslog("User::RemoveFromGroup ".$this->error, LOG_ERR);
$this->db->rollback();
return -1;
}
}
/**

96
htdocs/user/class/usergroup.class.php
View File

@ -45,6 +45,7 @@ class UserGroup extends CommonObject
var $id; // Group id
var $entity; // Entity of group
var $nom; // Name of group
var $globalgroup; // Global group
var $note; // Note on group
var $datec; // Creation date of group
var $datem; // Modification date of group
@ -58,10 +59,9 @@ class UserGroup extends CommonObject
* \param DB Handler acces base de donnees
* \param id Id du groupe (0 par defaut)
*/
function UserGroup($DB, $id=0)
function UserGroup($DB)
{
$this->db = $DB;
$this->id = $id;
return 0;
}
@ -116,19 +116,22 @@ class UserGroup extends CommonObject
/**
* \brief Return array of groups objects for a particular user
* \param usertosearch
* \return array of groups objects
* Return array of groups objects for a particular user
* @param usertosearch
* @return array of groups objects
*/
function listGroupsForUser($usertosearch)
function listGroupsForUser($userid)
{
global $conf;
$ret=array();
$sql = "SELECT g.rowid, g.nom, g.note, g.datec, g.tms as datem";
$sql = "SELECT g.rowid, ug.entity as usergroup_entity";
$sql.= " FROM ".MAIN_DB_PREFIX."usergroup as g,";
$sql.= " ".MAIN_DB_PREFIX."usergroup_user as ug";
$sql.= " WHERE ug.fk_usergroup = g.rowid";
$sql.= " AND ug.fk_user = ".$usertosearch->id;
$sql.= " AND ug.fk_user = ".$userid;
$sql.= " AND ug.entity IN (0,".$conf->entity.")";
$sql.= " ORDER BY g.nom";
dol_syslog("UserGroup::listGroupsForUser sql=".$sql,LOG_DEBUG);
@ -138,15 +141,15 @@ class UserGroup extends CommonObject
while ($obj = $this->db->fetch_object($result))
{
$group=new UserGroup($this->db);
$group->id=$obj->rowid;
$group->nom=$obj->nom;
$group->note=$obj->note;
$group->datec = $obj->datec;
$group->datem = $obj->datem;
$group->fetch($obj->rowid);
$group->usergroup_entity = $obj->usergroup_entity;
$ret[]=$group;
}
$this->db->free($result);
return $ret;
}
else
{
@ -154,22 +157,24 @@ class UserGroup extends CommonObject
dol_syslog("UserGroup::listGroupsForUser ".$this->error, LOG_ERR);
return -1;
}
return $ret;
}
/**
* \brief Return array of users id for group
* \return array of users id
* Return array of users id for group
* @return array of users
*/
function listUsersForGroup()
{
global $conf;
$ret=array();
$sql = "SELECT u.rowid, u.login, u.name, u.firstname";
$sql = "SELECT u.rowid, ug.entity as usergroup_entity";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u,";
$sql.= " ".MAIN_DB_PREFIX."usergroup_user as ug";
$sql.= " WHERE ug.fk_user = u.rowid";
$sql.= " AND ug.fk_usergroup = ".$this->id;
$sql.= " AND u.entity IN (0,".$conf->entity.")";
dol_syslog("UserGroup::listUsersForGroup sql=".$sql,LOG_DEBUG);
$result = $this->db->query($sql);
@ -177,9 +182,16 @@ class UserGroup extends CommonObject
{
while ($obj = $this->db->fetch_object($result))
{
$ret[]=$obj->rowid;
$user=new User($this->db);
$user->fetch($obj->rowid);
$user->usergroup_entity = $obj->usergroup_entity;
$ret[]=$user;
}
$this->db->free($result);
return $ret;
}
else
{
@ -187,7 +199,6 @@ class UserGroup extends CommonObject
dol_syslog("UserGroup::listUsersForGroup ".$this->error, LOG_ERR);
return -1;
}
return $ret;
}
/**
@ -486,17 +497,25 @@ class UserGroup extends CommonObject
}
/**
* \brief Cree un groupe en base
* \return si erreur <0, si ok renvoie id groupe cr
* Create group into database
* @param notrigger 0=triggers enabled, 1=triggers disabled
* @return int <0 if KO, >=0 if OK
*/
function create()
function create($notrigger=0)
{
global $user, $conf, $langs;
$now=dol_now();
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup (datec, nom, entity)";
$sql.= " VALUES('".$this->db->idate($now)."','".$this->db->escape($this->nom)."',".$conf->entity.")";
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup (";
$sql.= "datec";
$sql.= ", nom";
$sql.= ", entity";
$sql.= ") VALUES (";
$sql.= "'".$this->db->idate($now)."'";
$sql.= ",'".$this->db->escape($this->nom)."'";
$sql.= ",".($this->globalgroup ? 0 : $conf->entity);
$sql.= ")";
dol_syslog("UserGroup::Create sql=".$sql, LOG_DEBUG);
$result=$this->db->query($sql);
@ -505,13 +524,16 @@ class UserGroup extends CommonObject
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."usergroup");
if ($this->update(1) < 0) return -2;
// Appel des triggers
include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('GROUP_CREATE',$this,$user,$langs,$conf);
if ($result < 0) { $error++; $this->errors=$interface->errors; }
// Fin appel triggers
if (! $notrigger)
{
// Appel des triggers
include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('GROUP_CREATE',$this,$user,$langs,$conf);
if ($result < 0) { $error++; $this->errors=$interface->errors; }
// Fin appel triggers
}
return $this->id;
}
@ -523,7 +545,6 @@ class UserGroup extends CommonObject
}
}
/**
* Update group into database
* @param notrigger 0=triggers enabled, 1=triggers disabled
@ -536,15 +557,16 @@ class UserGroup extends CommonObject
$error=0;
$sql = "UPDATE ".MAIN_DB_PREFIX."usergroup SET ";
$sql .= " nom = '".$this->db->escape($this->nom)."',";
$sql .= " note = '".$this->db->escape($this->note)."'";
$sql .= " WHERE rowid = ".$this->id;
$sql.= " nom = '".$this->db->escape($this->nom)."'";
$sql.= ", entity = ".(empty($this->globalgroup) ? $conf->entity : 0);
$sql.= ", note = '".$this->db->escape($this->note)."'";
$sql.= " WHERE rowid = ".$this->id;
dol_syslog("Usergroup::update sql=".$sql);
$resql = $this->db->query($sql);
if ($resql)
{
if (!$error && ! $notrigger)
if (! $notrigger)
{
// Appel des triggers
include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");

93
htdocs/user/fiche.php
View File

@ -233,37 +233,22 @@ if (($action == 'addgroup' || $action == 'removegroup') && $caneditfield)
$edituser = new User($db);
$edituser->fetch($_GET["id"]);
if ($action == 'addgroup') $edituser->SetInGroup($group);
if ($action == 'removegroup') $edituser->RemoveFromGroup($group);
// We reload members (list has changed)
$editgroup->members=$editgroup->listUsersForGroup();
// We update group to force triggers that update groups content
$result=$editgroup->update();
if ($action == 'addgroup') $edituser->SetInGroup($group,GETPOST('entity'));
if ($action == 'removegroup') $edituser->RemoveFromGroup($group,GETPOST('entity'));
if ($result > 0)
{
header("Location: fiche.php?id=".$_GET["id"]);
exit;
}
else
{
$message.=$edituser->error;
}
}
}
if ($_GET["action"] == 'removegroup' && $caneditfield)
{
if ($_GET["group"])
{
$edituser = new User($db);
$edituser->fetch($_GET["id"]);
$edituser->RemoveFromGroup($_GET["group"]);
Header("Location: fiche.php?id=".$_GET["id"]);
exit;
}
}
if ($_POST["action"] == 'update' && ! $_POST["cancel"])
if ($action == 'update' && ! $_POST["cancel"])
{
require_once(DOL_DOCUMENT_ROOT."/lib/files.lib.php");
@ -549,7 +534,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
}
}
if ($message) { print $message.'<br>'; }
dol_htmloutput_errors($message);
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr')
{
@ -909,7 +894,8 @@ else
$ret=$html->form_confirm("fiche.php?id=$fuser->id",$langs->trans("DeleteAUser"),$langs->trans("ConfirmDeleteUser",$fuser->login),"confirm_delete", '', 0, 1);
if ($ret == 'html') print '<br>';
}
dol_htmloutput_errors($message);
/*
* Fiche en mode visu
@ -1217,35 +1203,18 @@ else
print_fiche_titre($langs->trans("ListOfGroupsForUser"),'','');
// On selectionne les groupes auquel fait parti le user
// TODO move sql query to dao class
$grouplistid = array();
$sql = "SELECT ug.fk_usergroup";
$sql.= " FROM ".MAIN_DB_PREFIX."usergroup_user as ug";
$sql.= ", ".MAIN_DB_PREFIX."usergroup as u";
$sql.= " WHERE ug.fk_user = ".$fuser->id;
$sql.= " AND ug.fk_usergroup = u.rowid";
$sql.= " AND u.entity IN (0,".$conf->entity.")";
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
$i = 0;
while ($i < $num)
{
$obj = $db->fetch_object($result);
$grouplistid[]=$obj->fk_usergroup;
$i++;
}
}
else {
dol_print_error($db);
}
$db->free($resql);
$exclude = array();
$usergroup=new UserGroup($db);
$groupslist = $usergroup->listGroupsForUser($fuser->id);
if (! empty($groupslist))
{
foreach($groupslist as $groupforuser)
{
$exclude[]=$groupforuser->id;
}
}
if ($caneditgroup)
{
@ -1253,10 +1222,11 @@ else
print '<form action="fiche.php?id='.$_GET["id"].'" method="post">'."\n";
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="addgroup">';
print '<input type="hidden" name="entity" value="'.$conf->entity.'">';
print '<table class="noborder" width="100%">'."\n";
print '<tr class="liste_titre"><td class="liste_titre" width="25%">'.$langs->trans("GroupsToAdd").'</td>'."\n";
print '<td>';
print $form->select_dolgroups('','group',0,$grouplistid);
print $form->select_dolgroups('','group',1,$exclude);
print ' &nbsp; ';
print '<input type="submit" class="button" value="'.$langs->trans("Add").'">';
print '</td></tr>'."\n";
@ -1268,23 +1238,17 @@ else
/*
* Groupes affectes
*/
$usergroup=new UserGroup($db);
$listofgroups=$usergroup->listGroupsForUser($fuser);
$num=sizeof($listofgroups);
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td class="liste_titre" width="25%">'.$langs->trans("Groups").'</td>';
print "<td>&nbsp;</td></tr>\n";
if ($num > 0)
if (! empty($groupslist))
{
$i = 0;
$var=true;
while ($i < $num)
foreach($groupslist as $group)
{
$group = $listofgroups[$i];
$var=!$var;
print "<tr ".$bc[$var].">";
@ -1302,7 +1266,7 @@ else
if ($caneditgroup)
{
print '<a href="fiche.php?id='.$_GET["id"].'&amp;action=removegroup&amp;group='.$group->id.'">';
print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$fuser->id.'&amp;action=removegroup&amp;group='.$group->id.'&amp;entity='.$group->usergroup_entity.'">';
print img_delete($langs->trans("RemoveFromGroup"));
}
else
@ -1310,7 +1274,6 @@ else
print "&nbsp;";
}
print "</td></tr>\n";
$i++;
}
}
else

352
htdocs/user/group/fiche.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2005-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2009 Regis Houssin <regis@dolibarr.fr>
* Copyright (C) 2005-2011 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -50,6 +50,8 @@ $action=GETPOST("action");
$confirm=GETPOST("confirm");
$userid=GETPOST("user","int");
$object = new Usergroup($db);
/**
* Action remove group
@ -58,9 +60,8 @@ if ($action == 'confirm_delete' && $confirm == "yes")
{
if ($caneditperms)
{
$editgroup = new Usergroup($db, $_GET["id"]);
$editgroup->fetch($_GET["id"]);
$editgroup->delete();
$object->fetch($_GET["id"]);
$object->delete();
Header("Location: index.php");
exit;
}
@ -86,20 +87,19 @@ if ($_POST["action"] == 'add')
if (! $message)
{
$editgroup = new UserGroup($db,0);
$editgroup->nom = trim($_POST["nom"]);
$editgroup->note = trim($_POST["note"]);
$object->nom = trim($_POST["nom"]);
$object->globalgroup = $_POST["globalgroup"];
$object->note = trim($_POST["note"]);
$db->begin();
$id = $editgroup->create();
$id = $object->create();
if ($id > 0)
{
$db->commit();
Header("Location: fiche.php?id=".$editgroup->id);
Header("Location: fiche.php?id=".$object->id);
exit;
}
else
@ -107,11 +107,13 @@ if ($_POST["action"] == 'add')
$db->rollback();
$langs->load("errors");
$message='<div class="error">'.$langs->trans("ErrorGroupAlreadyExists",$editgroup->nom).'</div>';
$message='<div class="error">'.$langs->trans("ErrorGroupAlreadyExists",$object->nom).'</div>';
$action="create"; // Go back to create page
}
}
}else{
}
else
{
$message = '<div class="error">'.$langs->trans('ErrorForbidden').'</div>';
}
}
@ -123,28 +125,27 @@ if ($action == 'adduser' || $action =='removeuser')
{
if ($userid)
{
$editgroup = new UserGroup($db);
$editgroup->fetch($_GET["id"]);
$editgroup->oldcopy=dol_clone($editgroup);
$object->fetch($_GET["id"]);
$object->oldcopy=dol_clone($object);
$edituser = new User($db);
$edituser->fetch($userid);
if ($action == 'adduser') $result=$edituser->SetInGroup($_GET["id"]);
if ($action == 'removeuser') $result=$edituser->RemoveFromGroup($_GET["id"]);
// We reload members (list has changed)
$editgroup->members=$editgroup->listUsersForGroup();
// We update group to force triggers that update groups content
$result=$editgroup->update();
if ($action == 'adduser') $result=$edituser->SetInGroup($object->id,GETPOST('entity'));
if ($action == 'removeuser') $result=$edituser->RemoveFromGroup($object->id,GETPOST('entity'));
if ($result > 0)
{
header("Location: fiche.php?id=".$_GET["id"]);
header("Location: fiche.php?id=".$object->id);
exit;
}
else
{
$message.=$edituser->error;
}
}
}else{
}
else
{
$message = '<div class="error">'.$langs->trans('ErrorForbidden').'</div>';
}
}
@ -158,24 +159,24 @@ if ($_POST["action"] == 'update')
$db->begin();
$editgroup = new Usergroup($db, $_GET["id"]);
$editgroup->fetch($_GET["id"]);
$object->fetch($_GET["id"]);
$editgroup->oldcopy=dol_clone($editgroup);
$object->oldcopy=dol_clone($object);
$editgroup->nom = trim($_POST["group"]);
$editgroup->note = dol_htmlcleanlastbr($_POST["note"]);
$object->nom = trim($_POST["group"]);
$object->globalgroup = $_POST["globalgroup"];
$object->note = dol_htmlcleanlastbr($_POST["note"]);
$ret=$editgroup->update();
$ret=$object->update();
if ($ret >= 0 && ! sizeof($editgroup->errors))
if ($ret >= 0 && ! sizeof($object->errors))
{
$message.='<div class="ok">'.$langs->trans("GroupModified").'</div>';
$db->commit();
}
else
{
$message.='<div class="error">'.$editgroup->error.'</div>';
$message.='<div class="error">'.$object->error.'</div>';
$db->rollback();
}
}
@ -193,7 +194,7 @@ if ($_POST["action"] == 'update')
llxHeader('',$langs->trans("GroupCard"));
$html = new Form($db);
$form = new Form($db);
$fuserstatic = new User($db);
if ($action == 'create')
@ -210,6 +211,21 @@ if ($action == 'create')
print "<tr>".'<td valign="top" class="fieldrequired">'.$langs->trans("Name").'</td>';
print '<td class="valeur"><input size="30" type="text" name="nom" value=""></td></tr>';
// Global group
if ($conf->multicompany->enabled)
{
if ($conf->entity == 1)
{
print "<tr>".'<td valign="top">'.$langs->trans("GlobalGroup").'</td>';
$checked=(empty($_POST['globalgroup']) ? '' : ' checked');
print '<td><input type="checkbox" name="globalgroup" value="1"'.$checked.' /></td>';
}
else
{
print '<input type="hidden" name="globalgroup" value="0" />';
}
}
print "<tr>".'<td valign="top">'.$langs->trans("Note").'</td><td>';
if ($conf->fckeditor->enabled && $conf->global->FCKEDITOR_ENABLE_USER)
@ -240,13 +256,12 @@ else
{
if ($_GET["id"] )
{
$group = new UserGroup($db);
$group->fetch($_GET["id"]);
$object->fetch($_GET["id"]);
/*
* Affichage onglets
*/
$head = group_prepare_head($group);
$head = group_prepare_head($object);
$title = $langs->trans("Group");
dol_fiche_head($head, 'group', $title, 0, 'group');
@ -255,7 +270,7 @@ else
*/
if ($action == 'delete')
{
$ret=$html->form_confirm("fiche.php?id=".$group->id,$langs->trans("DeleteAGroup"),$langs->trans("ConfirmDeleteGroup",$group->name),"confirm_delete", '',0,1);
$ret=$form->form_confirm($_SERVER['PHP_SELF']."?id=".$object->id,$langs->trans("DeleteAGroup"),$langs->trans("ConfirmDeleteGroup",$object->name),"confirm_delete", '',0,1);
if ($ret == 'html') print '<br>';
}
@ -270,14 +285,14 @@ else
// Ref
print '<tr><td width="25%" valign="top">'.$langs->trans("Ref").'</td>';
print '<td colspan="2">';
print $html->showrefnav($group,'id','',$user->rights->user->user->lire || $user->admin);
print $form->showrefnav($object,'id','',$user->rights->user->user->lire || $user->admin);
print '</td>';
print '</tr>';
// Name
print '<tr><td width="25%" valign="top">'.$langs->trans("Name").'</td>';
print '<td width="75%" class="valeur">'.$group->nom;
if (!$group->entity)
print '<td width="75%" class="valeur">'.$object->nom;
if (empty($object->entity))
{
print img_redstar($langs->trans("GlobalGroup"));
}
@ -285,7 +300,7 @@ else
// Note
print '<tr><td width="25%" valign="top">'.$langs->trans("Note").'</td>';
print '<td class="valeur">'.dol_htmlentitiesbr($group->note).'&nbsp;</td>';
print '<td class="valeur">'.dol_htmlentitiesbr($object->note).'&nbsp;</td>';
print "</tr>\n";
print "</table>\n";
@ -298,19 +313,19 @@ else
if ($caneditperms)
{
print '<a class="butAction" href="fiche.php?id='.$group->id.'&amp;action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=edit">'.$langs->trans("Modify").'</a>';
}
if ($candisableperms)
{
print '<a class="butActionDelete" href="fiche.php?action=delete&amp;id='.$group->id.'">'.$langs->trans("DeleteGroup").'</a>';
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=delete&amp;id='.$object->id.'">'.$langs->trans("DeleteGroup").'</a>';
}
print "</div>\n";
print "<br>\n";
if ($message) { print $message."<br>"; }
dol_htmloutput_errors($message);
/*
* Liste des utilisateurs dans le groupe
@ -318,216 +333,131 @@ else
print_fiche_titre($langs->trans("ListOfUsersInGroup"),'','');
// On salectionne les users qui ne sont pas deja dans le groupe
$userlistid = array();
$uss = array();
$sql = "SELECT ug.fk_user";
$sql.= " FROM ".MAIN_DB_PREFIX."usergroup_user as ug";
$sql.= ", ".MAIN_DB_PREFIX."user as u";
$sql.= " WHERE ug.fk_usergroup = ".$group->id;
$sql.= " AND ug.fk_user = u.rowid";
$sql.= " AND u.entity IN (0,".$conf->entity.")";
$result = $db->query($sql);
if ($result)
// On selectionne les users qui ne sont pas deja dans le groupe
$exclude = array();
$userslist = $object->listUsersForGroup();
if (! empty($userslist))
{
$num = $db->num_rows($result);
$i = 0;
while ($i < $num)
{
$obj = $db->fetch_object($result);
$userlistid[]=$obj->fk_user;
$i++;
}
}
else {
dol_print_error($db);
}
$idList = implode(",",$userlistid);
if (!empty($idList))
{
$sql = "SELECT u.rowid, u.login, u.name, u.firstname, u.admin, u.statut";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
$sql.= " WHERE u.entity IN (0,".$conf->entity.")";
$sql.= " AND u.rowid NOT IN (".$idList.")";
$sql.= " ORDER BY u.name";
$result = $db->query($sql);
if ($result)
foreach($userslist as $useringroup)
{
$num = $db->num_rows($result);
$i = 0;
while ($i < $num)
{
$obj = $db->fetch_object($result);
$uss[$obj->rowid] = ucfirst(stripslashes($obj->name)).' '.ucfirst(stripslashes($obj->firstname));
if ($obj->login) $uss[$obj->rowid].=' ('.$obj->login.')';
$i++;
}
}
else {
dol_print_error($db);
}
$exclude[]=$useringroup->id;
}
}
else
{
$sql = "SELECT u.rowid, u.login, u.name, u.firstname, u.admin, u.statut";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
$sql.= " WHERE u.entity IN (0,".$conf->entity.")";
$sql.= " ORDER BY u.name";
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
$i = 0;
while ($i < $num)
{
$obj = $db->fetch_object($result);
$uss[$obj->rowid] = ucfirst(stripslashes($obj->name)).' '.ucfirst(stripslashes($obj->firstname));
if ($obj->login) $uss[$obj->rowid].=' ('.$obj->login.')';
$i++;
}
}
else {
dol_print_error($db);
}
}
if ($caneditperms)
{
$form = new Form($db);
print '<form action="fiche.php?id='.$group->id.'" method="post">'."\n";
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'" method="POST">'."\n";
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="adduser">';
print '<input type="hidden" name="entity" value="'.$conf->entity.'">';
print '<table class="noborder" width="100%">'."\n";
print '<tr class="liste_titre"><td class="liste_titre" width="25%">'.$langs->trans("NonAffectedUsers").'</td>'."\n";
//print '<tr class="liste_titre"><td class="liste_titre" width="25%">'.$langs->trans("UsersToAdd").'</td>'."\n";
print '<td>';
print $form->selectarray("user",$uss,'',1);
print $form->select_users('','user',1,$exclude);
print ' &nbsp; ';
print '<input type="submit" class=button value="'.$langs->trans("Add").'">';
print '<input type="submit" class="button" value="'.$langs->trans("Add").'">';
print '</td></tr>'."\n";
print '</table></form>'."\n";
print '<br>';
}
/*
* Membres du groupe
* Group members
*/
$sql = "SELECT u.rowid, u.login, u.name, u.firstname, u.admin, u.entity, u.statut";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
$sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug";
$sql.= " WHERE ug.fk_user = u.rowid";
$sql.= " AND ug.fk_usergroup = ".$group->id;
$sql.= " ORDER BY u.name";
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td class="liste_titre" width="25%">'.$langs->trans("Login").'</td>';
print '<td class="liste_titre" width="25%">'.$langs->trans("Lastname").'</td>';
print '<td class="liste_titre" width="25%">'.$langs->trans("Firstname").'</td>';
print '<td class="liste_titre" align="right">'.$langs->trans("Status").'</td>';
print '<td>&nbsp;</td>';
print "<td>&nbsp;</td>";
print "</tr>\n";
$result = $db->query($sql);
if ($result)
if (! empty($userslist))
{
$num = $db->num_rows($result);
$i = 0;
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td class="liste_titre" width="25%">'.$langs->trans("Login").'</td>';
print '<td class="liste_titre" width="25%">'.$langs->trans("Lastname").'</td>';
print '<td class="liste_titre" width="25%">'.$langs->trans("Firstname").'</td>';
print '<td class="liste_titre" align="right">'.$langs->trans("Status").'</td>';
print '<td>&nbsp;</td>';
print "<td>&nbsp;</td>";
print "</tr>\n";
if ($num) {
$var=True;
while ($i < $num)
{
$obj = $db->fetch_object($result);
$var=!$var;
print "<tr $bc[$var]>";
print '<td>';
print '<a href="'.DOL_URL_ROOT.'/user/fiche.php?id='.$obj->rowid.'">'.img_object($langs->trans("ShowUser"),"user").' '.$obj->login.'</a>';
if ($obj->admin && !$obj->entity)
{
print img_redstar($langs->trans("SuperAdministrator"));
}
else if ($obj->admin)
{
print img_picto($langs->trans("Administrator"),'star');
}
print '</td>';
print '<td>'.ucfirst(stripslashes($obj->name)).'</td>';
print '<td>'.ucfirst(stripslashes($obj->firstname)).'</td>';
$fuserstatic->id=$obj->id;
$fuserstatic->statut=$obj->statut;
print '<td align="right">'.$fuserstatic->getLibStatut(5).'</td>';
print '<td>&nbsp;</td>';
print '<td align="right">';
if ($user->admin)
{
print '<a href="fiche.php?id='.$group->id.'&amp;action=removeuser&amp;user='.$obj->rowid.'">';
print img_delete($langs->trans("RemoveFromGroup"));
}
else
{
print "-";
}
print "</td></tr>\n";
$i++;
}
}
else
{
print '<tr><td colspan=2>'.$langs->trans("None").'</td></tr>';
}
print "</table>";
print "<br>";
$db->free($result);
$var=True;
foreach($userslist as $useringroup)
{
$var=!$var;
print "<tr $bc[$var]>";
print '<td>';
print '<a href="'.DOL_URL_ROOT.'/user/fiche.php?id='.$useringroup->id.'">'.img_object($langs->trans("ShowUser"),"user").' '.$useringroup->login.'</a>';
if ($useringroup->admin && ! $useringroup->entity) print img_redstar($langs->trans("SuperAdministrator"));
else if ($useringroup->admin) print img_picto($langs->trans("Administrator"),'star');
print '</td>';
print '<td>'.ucfirst(stripslashes($useringroup->lastname)).'</td>';
print '<td>'.ucfirst(stripslashes($useringroup->firstname)).'</td>';
print '<td align="right">'.$useringroup->getLibStatut(5).'</td>';
print '<td>&nbsp;</td>';
print '<td align="right">';
if ($user->admin)
{
print '<a href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=removeuser&amp;user='.$useringroup->id.'&amp;entity='.$useringroup->usergroup_entity.'">';
print img_delete($langs->trans("RemoveFromGroup"));
}
else
{
print "-";
}
print "</td></tr>\n";
}
}
else {
dol_print_error($db);
else
{
print '<tr><td colspan=2>'.$langs->trans("None").'</td></tr>';
}
print "</table>";
print "<br>";
}
/*
* Fiche en mode edition
*/
if ($_GET["action"] == 'edit' && $caneditperms)
if ($action == 'edit' && $caneditperms)
{
print '<form action="fiche.php?id='.$group->id.'" method="post" name="updategroup" enctype="multipart/form-data">';
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'" method="post" name="updategroup" enctype="multipart/form-data">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="update">';
print '<table class="border" width="100%">';
print '<tr><td width="25%" valign="top" class="fieldrequired">'.$langs->trans("Name").'</td>';
print '<td width="75%" class="valeur"><input size="15" type="text" name="group" value="'.$group->nom.'">';
if (!$group->entity)
{
print img_redstar($langs->trans("GlobalGroup"));
}
print '<td width="75%" class="valeur"><input size="15" type="text" name="group" value="'.$object->nom.'">';
print "</td></tr>\n";
print '<tr><td width="25%" valign="top">'.$langs->trans("Note").'</td>';
// Global group
if ($conf->multicompany->enabled)
{
if ($conf->entity == 1)
{
print "<tr>".'<td valign="top">'.$langs->trans("GlobalGroup").'</td>';
$checked=(empty($object->entity) ? ' checked' : '');
print '<td><input type="checkbox" name="globalgroup" value="1"'.$checked.' /></td>';
}
else
{
$value=(empty($object->entity) ? 1 : 0);
print '<input type="hidden" name="globalgroup" value="'.$value.'" />';
}
}
print '<tr><td width="25%" valign="top">'.$langs->trans("Note").'</td>';
print '<td class="valeur">';
if ($conf->fckeditor->enabled && $conf->global->FCKEDITOR_ENABLE_USER)
{
require_once(DOL_DOCUMENT_ROOT."/lib/doleditor.class.php");
$doleditor=new DolEditor('note',$group->note,'',240,'dolibarr_notes','',true);
$doleditor=new DolEditor('note',$object->note,'',240,'dolibarr_notes','',true);
$doleditor->Create();
}
else
{
print '<textarea class="flat" name="note" rows="'.ROWS_8.'" cols="90">';
print dol_htmlentitiesbr_decode($group->note);
print dol_htmlentitiesbr_decode($object->note);
print '</textarea>';
}
print '</td>';

1
htdocs/user/perms.php
View File

@ -201,6 +201,7 @@ $sql.= " ".MAIN_DB_PREFIX."usergroup_rights as gr,";
$sql.= " ".MAIN_DB_PREFIX."usergroup_user as gu";
$sql.= " WHERE gr.fk_id = r.id";
$sql.= " AND r.entity = ".$conf->entity;
$sql.= " AND gu.entity IN (0,".$conf->entity.")";
$sql.= " AND gr.fk_usergroup = gu.fk_usergroup";
$sql.= " AND gu.fk_user = ".$fuser->id;