lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #23776 from lamrani002/ModifyRight

Browse Source 
NEW functionality "Modify permission" on ModuleBuilder
This commit is contained in:
Laurent Destailleur 2023-02-04 15:01:38 +01:00 committed by GitHub
commit a1a7b1fd36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 333 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/langs/en_US/errors.lang
View File

@ -304,6 +304,7 @@ ErrorValueCantBeNull=Value for <b>%s</b> can't be null
ErrorDateOfMovementLowerThanDateOfFileTransmission=The date of the bank transaction can't be lower than the date of the file transmission
ErrorTooMuchFileInForm=Too much files in form, the maximum number is %s file(s)
ErrorSessionInvalidatedAfterPasswordChange=The session was been invalidated following a change of password, status or dates of validity. Please relogin.
ErrorExistingPermission = Permission <b>%s</b> for object <b>%s</b> already exists
# Warnings
WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup.
@ -342,6 +343,7 @@ WarningPaypalPaymentNotCompatibleWithStrict=The value 'Strict' makes the online
WarningThemeForcedTo=Warning, theme has been forced to <b>%s</b> by hidden constant MAIN_FORCETHEME
WarningPagesWillBeDeleted=Warning, this will also delete all existing pages/containers of the website. You should export your website before, so you have a backup to re-import it later.
WarningAutoValNotPossibleWhenStockIsDecreasedOnInvoiceVal=Automatic validation is disabled when option to decrease stock is set on "Invoice validation".
WarningModuleNeedRefrech = Module <b>%s</b> has been disabled. Don't forget to enable it
# Validate
RequireValidValue = Value not valid

5
htdocs/langs/en_US/modulebuilder.lang
View File

@ -165,3 +165,8 @@ BadValueForType=Bad value for type %s
DefinePropertiesFromExistingTable=Define properties from an existing table
DefinePropertiesFromExistingTableDesc=If a table in the database (for the object to create) already exists, you can use it to define the properties of the object.
DefinePropertiesFromExistingTableDesc2=Keep empty if the table does not exist yet. The code generator will use different kinds of fields to build an example of table that you can edit later.
GeneratePermissions=I want to add the rights for this object
GeneratePermissionsHelp=generate default rights for this object
PermissionDeletedSuccesfuly=Permission has been successfully removed
PermissionUpdatedSuccesfuly=Permission has been successfully updated
PermissionAddedSuccesfuly=Permission has been successfully added

3
htdocs/langs/fr_FR/errors.lang
View File

@ -303,8 +303,10 @@ ErrorValueForTooLow=La valeur pour <b>%s</b> est trop faible
ErrorValueCantBeNull=La valeur pour <b>%s</b> ne peut pas être nulle
ErrorDateOfMovementLowerThanDateOfFileTransmission=La date de l'opération bancaire ne peut être inférieure à la date de transmission du fichier
ErrorTooMuchFileInForm=Trop de fichiers dans le formulaire, le nombre maximum est de %s fichier(s)
ErrorExistingPermission = La permission <b>%s</b> pour l'objet <b>%s</b> est dejà existante
ErrorSessionInvalidatedAfterPasswordChange=La session a été invalidée suite à un changement de mot de passe, d'état ou de dates de validité. Veuillez vous reconnecter.
# Warnings
WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Votre paramètre PHP upload_max_filesize (%s) est supérieur au paramètre PHP post_max_size (%s). Ceci n'est pas une configuration cohérente.
WarningPasswordSetWithNoAccount=Un mot de passe a défini pour cet adhérent. Cependant, aucun compte d'utilisateur n'a été créé. Ce mot de passe a donc été stocké, mais ne peut être utilisé pour accéder à Dolibarr. Il peut être utilisé par un module/interface externe, mais si vous n'avez pas besoin de définir ni login ni mot de passe pour un adhérent, vous pouvez désactiver l'option «Gérer un login pour chaque adhérent" depuis la configuration du module Adhérents. Si vous avez besoin de gérer un login, mais pas de mot de passe, vous pouvez laisser ce champ vide pour éviter cet avertissement. Remarque: L'email peut également être utilisé comme login si l'adhérent est lié à un utilisateur.
@ -342,6 +344,7 @@ WarningPaypalPaymentNotCompatibleWithStrict=La valeur 'Strict' fait que les fonc
WarningThemeForcedTo=Attention, le choix du thème a été forcé à <b> %s </b> par la constante cachée MAIN_FORCETHEME
WarningPagesWillBeDeleted=Attention, cela supprimera également toutes les pages/conteneurs existants du site. Vous devriez exporter votre site Web avant, afin d'avoir une sauvegarde pour le réimporter plus tard.
WarningAutoValNotPossibleWhenStockIsDecreasedOnInvoiceVal=La validation automatique est désactivée lorsque l'option de diminution du stock est définie sur "Validation de la facture".
WarningModuleNeedRefrech = Module <b>%s</b> desactivé. N'oublier pas de le réactivé
# Validate
RequireValidValue = Valeur non valide

5
htdocs/langs/fr_FR/modulebuilder.lang
View File

@ -165,3 +165,8 @@ BadValueForType=Mauvaise valeur pour le type %s
DefinePropertiesFromExistingTable=Définir des propriétés à partir d'une table existante
DefinePropertiesFromExistingTableDesc=Si une table dans la base de données (pour l'objet à créer) existe déjà, vous pouvez l'utiliser pour définir les propriétés de l'objet.
DefinePropertiesFromExistingTableDesc2=Laisser vide si la table n'existe pas encore. Le générateur de code utilisera différents types de champs pour créer un exemple de table que vous pourrez modifier ultérieurement.
GeneratePermissions=Je souhaite ajouter les droits pour cet objet
GeneratePermissionsHelp=générer les droits par défault pour cet objet
PermissionDeletedSuccesfuly=La permission a été supprimée avec succès
PermissionUpdatedSuccesfuly=La permission a été mise à jour avec succès
PermissionAddedSuccesfuly= La permission a été ajoutée avec succès

336
htdocs/modulebuilder/index.php
View File

@ -1218,6 +1218,42 @@ if ($dirins && $action == 'initobject' && $module && $objectname) {
'core/modules/mymodule/doc/pdf_standard_myobject.modules.php'=>'core/modules/'.strtolower($module).'/doc/pdf_standard_'.strtolower($objectname).'.modules.php'
);
}
if (GETPOST('generatepermissions', 'aZ09')) {
$pathtofile = $listofmodules[strtolower($module)]['moduledescriptorrelpath'];
dol_include_once($pathtofile);
$class = 'mod'.$module;
if (class_exists($class)) {
try {
$moduleobj = new $class($db);
} catch (Exception $e) {
$error++;
dol_print_error($db, $e->getMessage());
}
}
if (empty($firstobjectname)) {
$rightToadd = preg_replace('/myobject/', $objectname, $rightToadd);
}
if ($objectname != $firstobjectname) {
$rightToadd = "
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = 'Read objects of ".$module."';
\$this->rights[\$r][4] = '".strtolower($objectname)."';
\$this->rights[\$r][5] = 'read';
\$r++;
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = 'Create/Update objects of ".$module."';
\$this->rights[\$r][4] = '".strtolower($objectname)."';
\$this->rights[\$r][5] = 'write';
\$r++;
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = 'Delete objects of ".$module."';
\$this->rights[\$r][4] = '".strtolower($objectname)."';
\$this->rights[\$r][5] = 'delete';
\$r++;
";
dolReplaceInFile($moduledescriptorfile, array('/* END MODULEBUILDER PERMISSIONS */' => '/*'.strtoupper($objectname).'*/'.$rightToadd."/*END ".strtoupper($objectname).'*/'."\n\t\t".'/* END MODULEBUILDER PERMISSIONS */'));
}
}
if (!$error) {
@ -1778,6 +1814,36 @@ if ($dirins && $action == 'confirm_deleteobject' && $objectname) {
dolReplaceInFile($moduledescriptorfile, array('/*'.strtoupper($objectname).'*/' => ''));
}
// regenerate permissions and delete them
$rights = "
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = 'Read objects of ".$module."';
\$this->rights[\$r][4] = '".strtolower($objectname)."';
\$this->rights[\$r][5] = 'read';
\$r++;
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = 'Create/Update objects of ".$module."';
\$this->rights[\$r][4] = '".strtolower($objectname)."';
\$this->rights[\$r][5] = 'write';
\$r++;
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = 'Delete objects of ".$module."';
\$this->rights[\$r][4] = '".strtolower($objectname)."';
\$this->rights[\$r][5] = 'delete';
\$r++;
";
$deleteright = dolReplaceInFile($moduledescriptorfile, array('/*'.strtoupper($objectname).'*/' => '', $rights => '', "/*END ".strtoupper($objectname).'*/'."\n\t\t" => ''."\n\t\t"));
if ($deleteright > 0) {
if (isModEnabled(strtolower($module))) {
$result = unActivateModule(strtolower($module));
if ($result) {
setEventMessages($result, null, 'errors');
}
setEventMessages($langs->trans("WarningModuleNeedRefrech", $langs->transnoentities($module)), null, 'warnings');
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?index.php?tab=description&module='.$module);
}
}
$resultko = 0;
foreach ($filetodelete as $tmpfiletodelete) {
$resulttmp = dol_delete_file($dir.'/'.$tmpfiletodelete, 0, 0, 1);
@ -1876,6 +1942,114 @@ if ($dirins && $action == 'generatepackage') {
}
// Update permission
if ($dirins && GETPOST('action') == 'update_right' && GETPOST('modifyright')&& empty($cancel)) {
$error = 0;
// load class and check if right exist
$pathtofile = $listofmodules[strtolower($module)]['moduledescriptorrelpath'];
dol_include_once($pathtofile);
$class = 'mod'.$module;
if (class_exists($class)) {
try {
$moduleobj = new $class($db);
} catch (Exception $e) {
$error++;
dol_print_error($db, $e->getMessage());
}
}
// verify informations entred
if (!GETPOST('label', 'alpha')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Label")), null, 'errors');
}
if (!GETPOST('permissionObj', 'alpha')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Rights")), null, 'errors');
}
$label = GETPOST('label', 'alpha');
$objectForPerms = strtolower(GETPOST('permissionObj', 'alpha'));
$crud = GETPOST('crud', 'alpha');
if ($label == "Read objects of $module" && $crud != "read") {
$crud = "read";
$label == "Read objects of $module";
}
if ($label == "Create/Update objects of $module" && $crud != "write") {
$crud = "write";
$label == "Create/Update objects of $module";
}
if ($label == "Delete objects of $module" && $crud != "delete") {
$crud = "delete";
$label == "Delete objects of $module";
}
$permissions = $moduleobj->rights;
$r =(int) GETPOST('counter');
//get permission want to delete from permissions array
$x1 = $permissions[$r-1][1];
$x2 = $permissions[$r-1][4];
$x3 = $permissions[$r-1][5];
//check existing object permission
$permsForObject =array();
$allObject = array();
$nbOfPermissions = count($permissions);
for ($i =0; $i<$nbOfPermissions; $i++) {
if ($permissions[$i][4] == $objectForPerms) {
if (count($permsForObject) < 3) {
$permsForObject[] = $permissions[$i];
}
}
$allObject[] = $permissions[$i][4];
}
if ($label != $x1 && $crud != $x3) {
$x = count($permsForObject);
for ($j = 0; $j<$x; $j++) {
if (in_array($label, $permsForObject[$j])) {
$error++;
setEventMessages($langs->trans("ErrorExistingPermission", $langs->transnoentities($label), $langs->transnoentities($objectForPerms)), null, 'errors');
}
}
}
//prepare right want to delete
$right = "
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = '$x1';
\$this->rights[\$r][4] = '$x2';
\$this->rights[\$r][5] = '$x3';
\$r++;
";
// right after editing
$rightUpdated = "
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = '$label';
\$this->rights[\$r][4] = '$objectForPerms';
\$this->rights[\$r][5] = '$crud';
\$r++;
";
if (!$error) {
if (isModEnabled(strtolower($module))) {
$result = unActivateModule(strtolower($module));
dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity);
if ($result) {
setEventMessages($result, null, 'errors');
}
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
setEventMessages($langs->trans('WarningModuleNeedRefrech', $langs->transnoentities($module)), null, 'warnings');
}
$moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php';
$check = dolReplaceInFile($moduledescriptorfile, array($right => $rightUpdated));
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
setEventMessages($langs->trans('PermissionUpdatedSuccesfuly'), null);
exit;
}
}
// Save file
if ($action == 'savefile' && empty($cancel)) {
$relofcustom = basename($dirins);
@ -2760,6 +2934,7 @@ if ($module == 'initmodule') {
print '<br>';
print '<input type="checkbox" name="includerefgeneration" id="includerefgeneration" value="includerefgeneration"> <label class="margintoponly" for="includerefgeneration">'.$form->textwithpicto($langs->trans("IncludeRefGeneration"), $langs->trans("IncludeRefGenerationHelp")).'</label><br>';
print '<input type="checkbox" name="includedocgeneration" id="includedocgeneration" value="includedocgeneration"> <label for="includedocgeneration">'.$form->textwithpicto($langs->trans("IncludeDocGeneration"), $langs->trans("IncludeDocGenerationHelp")).'</label><br>';
print '<input type="checkbox" name="generatepermissions" id="generatepermissions" value="generatepermissions"> <label for="generatepermissions">'.$form->textwithpicto($langs->trans("GeneratePermissions"), $langs->trans("GeneratePermissionsHelp")).'</label><br>';
print '<br>';
print '<input type="submit" class="button small" name="create" value="'.dol_escape_htmltag($langs->trans("GenerateCode")).'"'.($dirins ? '' : ' disabled="disabled"').'>';
print '<br>';
@ -3820,6 +3995,36 @@ if ($module == 'initmodule') {
$perms = $moduleobj->rights;
// Scan for object class files
$dir = $dirread.'/'.$modulelowercase.'/class';
$listofobject = dol_dir_list($dir, 'files', 0, '\.class\.php$');
$objects = array('myobject');
$reg =array();
foreach ($listofobject as $fileobj) {
$tmpcontent = file_get_contents($fileobj['fullname']);
if (preg_match('/class\s+([^\s]*)\s+extends\s+CommonObject/ims', $tmpcontent, $reg)) {
$objects[] = $reg[1];
}
}
// declared select list for actions and labels permissions
$crud = array('Read','Write','Delete');
$labels = array("Read objects of $module","Create/Update objects of $module","Delete objects of $module");
$action = GETPOST('action', 'alpha');
if ($action == 'deleteright') {
$formconfirm = $form->formconfirm(
$_SERVER["PHP_SELF"].'?permskey='.urlencode(GETPOST('permskey', 'int')).'&tab='.urlencode($tab).'&module='.urlencode($module).'&tabobj='.urlencode($tabobj),
$langs->trans('Delete'),
$langs->trans('Confirm Delete Right', GETPOST('permskey', 'alpha')),
'confirm_deleteright',
'',
0,
1
);
print $formconfirm;
}
if ($action != 'editfile' || empty($file)) {
print '<span class="opacitymedium">';
$htmlhelp = $langs->trans("PermissionsDefDescTooltip", '{s1}');
@ -3846,33 +4051,128 @@ if ($module == 'initmodule') {
print '<table class="noborder">';
print '<tr class="liste_titre">';
print_liste_field_titre("ID", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("Label", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("Permission", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("ID", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder, "center");
print_liste_field_titre("Label", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder, "center");
print_liste_field_titre("Permission", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder, "center");
print_liste_field_titre("CRUD", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder, "center");
print_liste_field_titre("", $_SERVER["PHP_SELF"], '', "", $param, '', $sortfield, $sortorder, "center");
print "</tr>\n";
//form for add new right
print '<tr>';
print '<td><input type="text" readonly name="id" value="'.dol_escape_htmltag($moduleobj->numero.sprintf('%02d', $i + count($perms))).'"></td>';
print '<td>';
print '<select name="label" >';
print '<option value=""></option>';
for ($i = 0; $i<3; $i++) {
print '<option value="'.dol_escape_htmltag($labels[$i]).'">'.$labels[$i].'</option>';
}
print '</select></td>';
print '<td ><select name="permissionObj">';
print '<option value=""></option>';
foreach ($objects as $obj) {
if ($obj != 'myobject') {
print '<option value="'.$obj.'">'.$obj.'</option>';
}
}
print '</select></td>';
print '<td><select class="maxwidth" name="crud">';
print '<option value=""></option>';
for ($i = 0;$i<3;$i++) {
print '<option value="'.$crud[$i].'">'.$langs->trans($crud[$i]).'</option>';
}
print '</td>';
print '<td class="center tdstickyright tdstickyghostwhite">';
print '<input type="submit" class="button" name="add" value="'.$langs->trans("Add").'">';
print '</td>';
print '</tr>';
if (count($perms)) {
$i = 0;
foreach ($perms as $perm) {
print '<tr class="oddeven">';
$i++;
// section for editing right
if ($action == 'edit_right' && $perm[0] == (int) GETPOST('permskey', 'int')) {
print '<tr class="oddeven">';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST" name="modifPerms">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="tab" value="permissions">';
print '<input type="hidden" name="module" value="'.dol_escape_htmltag($module).'">';
print '<input type="hidden" name="tabobj" value="'.dol_escape_htmltag($tabobj).'">';
print '<input type="hidden" name="action" value="update_right">';
print '<input type="hidden" name="counter" value="'.$i.'">';
print '<td>';
print $perm[0];
print '</td>';
print '<td>';
print $langs->trans($perm[1]);
print '</td>';
print '<input type="hidden" name="permskey" value="'.$perm[0].'">';
print '<td>';
print $perm[4];
print '</td>';
print '<td class="tdsticky tdstickygray">';
print '<input type="text" readonly value="'.dol_escape_htmltag($perm[0]).'"/>';
print '</td>';
print '<td>';
print $perm[5];
print '</td>';
print '<td>';
print '<select name="label" >';
print '<option value="'.dol_escape_htmltag($perm[1]).'">'.dol_escape_htmltag($perm[1]).'</option>';
for ($i = 0; $i<3; $i++) {
if ($perm[1] != $labels[$i]) {
print '<option value="'.GETPOST('label').'">'.$labels[$i].'</option>';
}
}
print '</select></td>';
print '</tr>';
print '<td ><select name="permissionObj">';
print '<option value="'.dol_escape_htmltag($perm[4]).'">'.$perm[4].'</option>';
print '</select></td>';
print '<td>';
print '<select name="crud">';
print '<option value="'.dol_escape_htmltag($perm[5]).'">'.$langs->trans($perm[5]).'</option>';
for ($i = 0; $i<3; $i++) {
if ($perm[5] != $crud[$i]) {
print '<option value="'.$crud[$i].'">'.$langs->trans($crud[$i]).'</option>';
}
}
print '</select>';
print '</td>';
print '<td class="center tdstickyright tdstickyghostwhite">';
print '<input class="reposition button smallpaddingimp" type="submit" name="modifyright" value="'.$langs->trans("Modify").'"/>';
print '<br>';
print '<input class="reposition button button-cancel smallpaddingimp" type="submit" name="cancel" value="'.$langs->trans("Cancel").'"/>';
print '</td>';
print '</form>';
print '</tr>';
} else {
print '<tr class="oddeven">';
print '<td>';
print $perm[0];
print '</td>';
print '<td>';
print $langs->trans($perm[1]);
print '</td>';
print '<td>';
print $perm[4];
print '</td>';
print '<td>';
print $perm[5];
print '</td>';
print '<td class="center tdstickyright tdstickyghostwhite">';
if ($perm[4] != 'myobject') {
print '<a class="editfielda reposition marginleftonly marginrighttonly paddingright paddingleft" href="'.$_SERVER["PHP_SELF"].'?action=edit_right&token='.newToken().'&permskey='.urlencode($perm[0]).'&tab='.urlencode($tab).'&module='.urlencode($module).'&tabobj='.urlencode($tabobj).'">'.img_edit().'</a>';
print '<a class="marginleftonly marginrighttonly paddingright paddingleft" href="'.$_SERVER["PHP_SELF"].'?action=deleteright&token='.newToken().'&permskey='.urlencode($i).'&tab='.urlencode($tab).'&module='.urlencode($module).'&tabobj='.urlencode($tabobj).'">'.img_delete().'</a>';
}
print '</td>';
print '</tr>';
}
}
} else {
print '<tr><td colspan="4"><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';