| '.$langs->trans("Module").' | '; if ($caneditperms) { print ''; - print ''.$langs->trans("All").""; + print ''.$langs->trans("All").""; print '/'; - print ''.$langs->trans("None").""; + print ''.$langs->trans("None").""; print ' | '; } print ''; print ' | '.$langs->trans("Permissions").' | '; if ($user->admin) { - print ''.$langs->trans("ID").' | '; + print ''; } print ''."\n"; - $sql = "SELECT r.id, r.libelle as label, r.module"; + $sql = "SELECT r.id, r.libelle as label, r.module, r.perms, r.subperms, r.module_position, r.bydefault"; $sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r"; $sql .= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" - $sql .= " AND r.entity = ".$entity; + $sql .= " AND r.entity = ".((int) $entity); if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { $sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable } - $sql .= " ORDER BY r.module, r.id"; + $sql .= " ORDER BY r.family_position, r.module_position, r.module, r.id"; $result = $db->query($sql); if ($result) { @@ -265,13 +278,16 @@ if ($object->id > 0) { while ($i < $num) { $obj = $db->fetch_object($result); - // If line is for a module that doe snot existe anymore (absent of includes/module), we ignore it + // If line is for a module that does not exist anymore (absent of includes/module), we ignore it if (empty($modules[$obj->module])) { $i++; continue; } - if ($oldmod <> $obj->module) { + $objMod = $modules[$obj->module]; + + // Break found, it's a new module to catch + if (isset($obj->module) && ($oldmod <> $obj->module)) { $oldmod = $obj->module; // Break detected, we get objMod @@ -286,21 +302,22 @@ if ($object->id > 0) { print ''; if ($caneditperms) { print ' | '; - print 'module.'&token='.newToken().'">'.$langs->trans("All").""; + print 'module.'&token='.newToken().'">'.$langs->trans("All").""; print '/'; - print 'module.'&token='.newToken().'">'.$langs->trans("None").""; + print 'module.'&token='.newToken().'">'.$langs->trans("None").""; print ' | '; } else { print ''; } - print ' | '; - + print ' | '; + print ' | '; + // Permission id if ($user->admin) { print ' | '; } - print ''; + print ''."\n"; } print ''."\n"; @@ -315,7 +332,7 @@ if ($object->id > 0) { if (in_array($obj->id, $permsgroupbyentity[$entity])) { // Own permission by group if ($caneditperms) { - print ' | id.'&token='.newToken().'">'; + print ' | id.'&confirm=yes&token='.newToken().'">'; //print img_edit_remove($langs->trans("Remove")); print img_picto($langs->trans("Remove"), 'switch_on'); print ' | '; @@ -326,7 +343,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print 'id.'&token='.newToken().'">'; + print ' | id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print ' | '; @@ -336,7 +353,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print 'id.'&token='.newToken().'">'; + print ' | id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print ' | '; @@ -344,12 +361,25 @@ if ($object->id > 0) { print ''; } - $permlabel = ($conf->global->MAIN_USE_ADVANCED_PERMS && ($langs->trans("PermissionAdvanced".$obj->id) != ("PermissionAdvanced".$obj->id)) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != ("Permission".$obj->id)) ? $langs->trans("Permission".$obj->id) : $langs->trans($obj->label))); - print ' | '.$permlabel.' | '; + // Description of permission + $permlabel = (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ($langs->trans("PermissionAdvanced".$obj->id) != ("PermissionAdvanced".$obj->id)) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != ("Permission".$obj->id)) ? $langs->trans("Permission".$obj->id) : $langs->trans($obj->label))); + print ''; + print $permlabel; + if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { + if (preg_match('/_advance$/', $obj->perms)) { + print ' ('.$langs->trans("AdvancedModeOnly").')'; + } + } + print ' | '; // Permission id if ($user->admin) { - print ''.$obj->id.' | '; + print '';
+ $htmltext = $langs->trans("ID").': '.$obj->id;
+ $htmltext .= ' '.$langs->trans("Permission").': user->rights->'.$obj->module.'->'.$obj->perms.($obj->subperms ? '->'.$obj->subperms : ''); + print $form->textwithpicto('', $htmltext); + //print ''.$obj->id.''; + print ' | ';
}
print ''."\n";
diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 957c7a3a819..5e96a76119c 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -90,7 +90,7 @@ $hookmanager->initHooks(array('usercard', 'userperms', 'globalcard'));
* Actions
*/
-$parameters = array('id'=>$socid);
+$parameters = array('socid'=>$socid);
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
@@ -193,7 +193,7 @@ $permsuser = array();
$sql = "SELECT DISTINCT ur.fk_id";
$sql .= " FROM ".MAIN_DB_PREFIX."user_rights as ur";
-$sql .= " WHERE ur.entity = ".$entity;
+$sql .= " WHERE ur.entity = ".((int) $entity);
$sql .= " AND ur.fk_user = ".((int) $object->id);
dol_syslog("get user perms", LOG_DEBUG);
@@ -386,7 +386,7 @@ if ($result) {
// Picto and label of module
print ''; - //print img_object('', $picto, 'class="pictoobjectwidth"').' '.$objMod->getName(); + //print img_object('', $picto, 'class="inline-block pictoobjectwidth"').' '.$objMod->getName(); print ' | '; // Permission and tick