lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP Add start/end date of validity for user/logins

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-21 18:44:20 +02:00
parent 718497915c
commit aee6bc173f
4 changed files with 88 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/langs/en_US/users.lang
View File

@ -111,8 +111,10 @@ UserAccountancyCode=User accounting code
UserLogoff=User logout
UserLogged=User logged
DateOfEmployment=Employment date
DateEmployment=Employment Start Date
DateEmployment=Employment
DateEmploymentstart=Employment Start Date
DateEmploymentEnd=Employment End Date
RangeOfLoginValidity=Date range of login validity
CantDisableYourself=You can't disable your own user record
ForceUserExpenseValidator=Force expense report validator
ForceUserHolidayValidator=Force leave request validator

10
htdocs/main.inc.php
View File

@ -357,7 +357,7 @@ if (!defined('NOTOKENRENEWAL'))
$_SESSION['newtoken'] = $token;
}
//dol_syslog("aaaa - ".defined('NOCSRFCHECK')." - ".$dolibarr_nocsrfcheck." - ".$conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN." - ".$_SERVER['REQUEST_METHOD']." - ".GETPOST('token', 'alpha').' '.$_SESSION['token']);
dol_syslog("aaaa - ".defined('NOCSRFCHECK')." - ".$dolibarr_nocsrfcheck." - ".$conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN." - ".$_SERVER['REQUEST_METHOD']." - ".GETPOST('token', 'alpha').' '.$_SESSION['token']);
//$dolibarr_nocsrfcheck=1;
// Check token
if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN))
@ -381,10 +381,14 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl
setEventMessages('SecurityTokenHasExpiredSoActionHasBeenCanceledPleaseRetry', null, 'warnings');
//if ($conf->global->MAIN_FEATURES_LEVEL >= 1) setEventMessages('Unset POST and GET params by CSRF protection in main.inc.php (Token provided was not generated by the previous page).'."<br>\n".'$_SERVER[REQUEST_URI] = '.$_SERVER['REQUEST_URI'].' $_SERVER[REQUEST_METHOD] = '.$_SERVER['REQUEST_METHOD'].' GETPOST(token) = '.GETPOST('token', 'alpha').' $_SESSION[token] = '.$_SESSION['token'], null, 'warnings');
$savid = ((int) $_POST['id']);
unset($_POST);
$_POST['id'] = ((int) $savid);
//$savaction = preg_replace('/[^a-zA-Z0-9]/', '', $_POST['action']);
unset ($_POST);
//unset($_POST['action']);
unset($_POST['confirm']);
unset($_GET['confirm']);
unset($_GET['action']);
$_POST['id'] = ((int) $savid);
$_POST['action'] = '';
}
}

106
htdocs/user/card.php
View File

@ -61,6 +61,12 @@ $group = GETPOST("group", "int", 3);
$cancel = GETPOST('cancel', 'alpha');
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'useracard'; // To manage different context of search
$dateemployment = dol_mktime(0, 0, 0, GETPOST('dateemploymentmonth', 'int'), GETPOST('dateemploymentday', 'int'), GETPOST('dateemploymentyear', 'int'));
$dateemploymentend = dol_mktime(0, 0, 0, GETPOST('dateemploymentendmonth', 'int'), GETPOST('dateemploymentendday', 'int'), GETPOST('dateemploymentendyear', 'int'));
$datestartvalidity = dol_mktime(0, 0, 0, GETPOST('datestartvaliditymonth', 'int'), GETPOST('datestartvalidityday', 'int'), GETPOST('datestartvalidityyear', 'int'));
$dateendvalidity = dol_mktime(0, 0, 0, GETPOST('dateendvaliditymonth', 'int'), GETPOST('dateendvalidityday', 'int'), GETPOST('dateendvalidityyear', 'int'));
$dateofbirth = dol_mktime(0, 0, 0, GETPOST('dateofbirthmonth', 'int'), GETPOST('dateofbirthday', 'int'), GETPOST('dateofbirthyear', 'int'));
// Define value to know what current user can do on users
$canadduser = (!empty($user->admin) || $user->rights->user->user->creer);
$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire);
@ -202,8 +208,6 @@ if (empty($reshook)) {
$object->login = GETPOST("login", 'alphanohtml');
$object->api_key = GETPOST("api_key", 'alphanohtml');
$object->gender = GETPOST("gender", 'aZ09');
$birth = dol_mktime(0, 0, 0, GETPOST('birthmonth', 'int'), GETPOST('birthday', 'int'), GETPOST('birthyear', 'int'));
$object->birth = $birth;
$object->admin = GETPOST("admin", 'int');
$object->address = GETPOST('address', 'alphanohtml');
$object->zip = GETPOST('zipcode', 'alphanohtml');
@ -247,11 +251,12 @@ if (empty($reshook)) {
$object->weeklyhours = GETPOST("weeklyhours", 'alphanohtml') != '' ? GETPOST("weeklyhours", 'alphanohtml') : '';
$object->color = GETPOST("color", 'alphanohtml') != '' ? GETPOST("color", 'alphanohtml') : '';
$dateemployment = dol_mktime(0, 0, 0, GETPOST('dateemploymentmonth', 'int'), GETPOST('dateemploymentday', 'int'), GETPOST('dateemploymentyear', 'int'));
$object->dateemployment = $dateemployment;
$dateemploymentend = dol_mktime(0, 0, 0, GETPOST('dateemploymentendmonth', 'int'), GETPOST('dateemploymentendday', 'int'), GETPOST('dateemploymentendyear', 'int'));
$object->dateemployment = $dateemployment;
$object->dateemploymentend = $dateemploymentend;
$object->datestartvalidity = $datestartvalidity;
$object->dateendvalidity = $dateendvalidity;
$object->birth = $dateofbirth;
$object->fk_warehouse = GETPOST('fk_warehouse', 'int');
@ -364,8 +369,6 @@ if (empty($reshook)) {
$object->firstname = GETPOST("firstname", 'alphanohtml');
$object->login = GETPOST("login", 'alphanohtml');
$object->gender = GETPOST("gender", 'aZ09');
$birth = dol_mktime(0, 0, 0, GETPOST('birthmonth', 'int'), GETPOST('birthday', 'int'), GETPOST('birthyear', 'int'));
$object->birth = $birth;
$object->pass = GETPOST("password", 'none');
$object->api_key = (GETPOST("api_key", 'alphanohtml')) ? GETPOST("api_key", 'alphanohtml') : $object->api_key;
if (!empty($user->admin)) $object->admin = GETPOST("admin", "int"); // admin flag can only be set/unset by an admin user. A test is also done later when forging sql request
@ -409,10 +412,11 @@ if (empty($reshook)) {
$object->weeklyhours = price2num($object->weeklyhours);
$object->color = GETPOST("color", 'alphanohtml') != '' ? GETPOST("color", 'alphanohtml') : '';
$dateemployment = dol_mktime(0, 0, 0, GETPOST('dateemploymentmonth', 'int'), GETPOST('dateemploymentday', 'int'), GETPOST('dateemploymentyear', 'int'));
$object->dateemployment = $dateemployment;
$dateemploymentend = dol_mktime(0, 0, 0, GETPOST('dateemploymentendmonth', 'int'), GETPOST('dateemploymentendday', 'int'), GETPOST('dateemploymentendyear', 'int'));
$object->dateemploymentend = $dateemploymentend;
$object->datestartvalidity = $datestartvalidity;
$object->dateendvalidity = $dateendvalidity;
$object->birth = $dateofbirth;
if (!empty($conf->stock->enabled))
{
@ -1229,21 +1233,29 @@ if ($action == 'create' || $action == 'adduserldap')
// Date employment
print '<tr><td>'.$langs->trans("DateEmployment").'</td>';
print '<td>';
print $form->selectDate(GETPOST('dateemployment'), 'dateemployment', 0, 0, 1, 'formdateemployment', 1, 0);
print $form->selectDate($dateemployment, 'dateemployment', 0, 0, 1, 'formdateemployment', 1, 1);
print ' - ';
print $form->selectDate($dateemploymentend, 'dateemploymentend', 0, 0, 1, 'formdateemploymentend', 1, 0);
print '</td>';
print "</tr>\n";
// Date employment END
print '<tr><td>'.$langs->trans("DateEmploymentEnd").'</td>';
// Date validity
print '<tr><td>'.$langs->trans("RangeOfLoginValidity").'</td>';
print '<td>';
print $form->selectDate(GETPOST('dateemploymentend'), 'dateemploymentend', 0, 0, 1, 'formdateemploymentend', 1, 0);
print $form->selectDate($datestartvalidity, 'datestartvalidity', 0, 0, 1, 'formdatestartvalidity', 1, 1);
print ' - ';
print $form->selectDate($dateendvalidity, 'dateendvalidity', 0, 0, 1, 'formdateendvalidity', 1, 0);
print '</td>';
print "</tr>\n";
// Date birth
print '<tr><td>'.$langs->trans("DateToBirth").'</td>';
print '<tr><td>'.$langs->trans("DateOfBirth").'</td>';
print '<td>';
print $form->selectDate(GETPOST('birth'), 'birth', 0, 0, 1, 'createuser', 1, 0);
print $form->selectDate($dateofbirth, 'dateofbirth', 0, 0, 1, 'createuser', 1, 0);
print '</td>';
print "</tr>\n";
@ -1621,24 +1633,32 @@ if ($action == 'create' || $action == 'adduserldap')
print '<tr><td>'.$langs->trans("DateOfEmployment").'</td>';
print '<td>';
if ($object->dateemployment) {
print '<span class="opacitymedium">'.$langs->trans("FromDate ").'</span>';
print '<span class="opacitymedium">'.$langs->trans("FromDate").'</span> ';
print dol_print_date($object->dateemployment, 'day');
}
//print '</td>';
//print "</tr>\n";
// Date employment
//print '<tr><td>'.$langs->trans("DateEmploymentEnd").'</td>';
//print '<td>';
if ($object->dateemploymentend) {
print '<span class="opacitymedium"> - '.$langs->trans("To ").'</span>';
print '<span class="opacitymedium"> - '.$langs->trans("To").'</span> ';
print dol_print_date($object->dateemploymentend, 'day');
}
print '</td>';
print "</tr>\n";
// Date login validity
print '<tr><td>'.$langs->trans("RangeOfLoginValidity").'</td>';
print '<td>';
if ($object->datestartvalidity) {
print '<span class="opacitymedium">'.$langs->trans("FromDate").'</span> ';
print dol_print_date($object->datestartvalidity, 'day');
}
if ($object->dateendvalidity) {
print '<span class="opacitymedium"> - '.$langs->trans("To").'</span> ';
print dol_print_date($object->dateendvalidity, 'day');
}
print '</td>';
print "</tr>\n";
// Date of birth
print '<tr><td>'.$langs->trans("DateToBirth").'</td>';
print '<tr><td>'.$langs->trans("DateOfBirth").'</td>';
print '<td>';
print dol_print_date($object->birth, 'day');
print '</td>';
@ -2672,19 +2692,16 @@ if ($action == 'create' || $action == 'adduserldap')
print '<td>';
if ($caneditfield)
{
print $form->selectDate(GETPOST('dateemployment') ?GETPOST('dateemployment') : $object->dateemployment, 'dateemployment', 0, 0, 1, 'formdateemployment', 1, 0);
print $form->selectDate($dateemployment ? $dateemployment : $object->dateemployment, 'dateemployment', 0, 0, 1, 'formdateemployment', 1, 1);
} else {
print dol_print_date($object->dateemployment, 'day');
}
print '</td>';
print "</tr>\n";
// Date employmentEnd
print '<tr><td>'.$langs->trans("DateEmploymentEnd").'</td>';
print '<td>';
if ($dateemployment && $dateemploymentend) print ' - ';
if ($caneditfield)
{
print $form->selectDate(GETPOST('dateemploymentend') ?GETPOST('dateemploymentend') : $object->dateemploymentend, 'dateemploymentend', 0, 0, 1, 'formdateemploymentend', 1, 0);
print $form->selectDate($dateemploymentend ? $dateemploymentend : $object->dateemploymentend, 'dateemploymentend', 0, 0, 1, 'formdateemploymentend', 1, 0);
} else {
print dol_print_date($object->dateemploymentend, 'day');
}
@ -2692,12 +2709,33 @@ if ($action == 'create' || $action == 'adduserldap')
print "</tr>\n";
// Date birth
print '<tr><td>'.$langs->trans("DateToBirth").'</td>';
// Date login validity
print '<tr><td>'.$langs->trans("RangeOfLoginValidity").'</td>';
print '<td>';
if ($caneditfield)
{
echo $form->selectDate(GETPOST('birth') ?GETPOST('birth') : $object->birth, 'birth', 0, 0, 1, 'updateuser', 1, 0);
print $form->selectDate($datestartvalidity ? $datestartvalidity : $object->datestartvalidity, 'datestartvalidity', 0, 0, 1, 'formdatestartvalidity', 1, 1);
} else {
print dol_print_date($object->datestartvalidity, 'day');
}
if ($datestartvalidity && $dateendvalidity) print ' - ';
if ($caneditfield)
{
print $form->selectDate($dateendvalidity ? $datendevalidity : $object->dateendvalidity, 'dateendvalidity', 0, 0, 1, 'formdateendvalidity', 1, 0);
} else {
print dol_print_date($object->dateendvalidity, 'day');
}
print '</td>';
print "</tr>\n";
// Date birth
print '<tr><td>'.$langs->trans("DateOfBirth").'</td>';
print '<td>';
if ($caneditfield) {
echo $form->selectDate($dateofbirth ? $dateofbirth : $object->birth, 'dateofbirth', 0, 0, 1, 'updateuser', 1, 0);
} else {
print dol_print_date($object->birth, 'day');
}

8
htdocs/user/class/user.class.php
View File

@ -154,7 +154,7 @@ class User extends CommonObject
public $datelastlogin;
public $datepreviouslogin;
public $datestartvalidity;
public $dateedvalidity;
public $dateendvalidity;
public $photo;
public $lang;
@ -1467,7 +1467,6 @@ class User extends CommonObject
$this->employee = $this->employee ? $this->employee : 0;
$this->login = trim($this->login);
$this->gender = trim($this->gender);
$this->birth = trim($this->birth);
$this->pass = trim($this->pass);
$this->api_key = trim($this->api_key);
$this->address = $this->address ?trim($this->address) : trim($this->address);
@ -1495,6 +1494,9 @@ class User extends CommonObject
$this->color = empty($this->color) ? '' : $this->color;
$this->dateemployment = empty($this->dateemployment) ? '' : $this->dateemployment;
$this->dateemploymentend = empty($this->dateemploymentend) ? '' : $this->dateemploymentend;
$this->datestartvalidity = empty($this->datestartvalidity) ? '' : $this->datestartvalidity;
$this->dateendvalidity = empty($this->dateendvalidity) ? '' : $this->dateendvalidity;
$this->birth = trim($this->birth);
$this->fk_warehouse = trim(empty($this->fk_warehouse) ? '' : $this->fk_warehouse);
// Check parameters
@ -1541,6 +1543,8 @@ class User extends CommonObject
$sql .= ", color = '".$this->db->escape($this->color)."'";
$sql .= ", dateemployment=".(strval($this->dateemployment) != '' ? "'".$this->db->idate($this->dateemployment)."'" : 'null');
$sql .= ", dateemploymentend=".(strval($this->dateemploymentend) != '' ? "'".$this->db->idate($this->dateemploymentend)."'" : 'null');
$sql .= ", datestartvalidity=".(strval($this->datestartvalidity) != '' ? "'".$this->db->idate($this->datestartvalidity)."'" : 'null');
$sql .= ", dateendvalidity=".(strval($this->dateendvalidity) != '' ? "'".$this->db->idate($this->dateendvalidity)."'" : 'null');
$sql .= ", note = '".$this->db->escape($this->note_private)."'";
$sql .= ", note_public = '".$this->db->escape($this->note_public)."'";
$sql .= ", photo = ".($this->photo ? "'".$this->db->escape($this->photo)."'" : "null");