';
+
+ print '| '.img_object('',$picto).' '.$objMod->getName();
+
$perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle);
print ' | '.$perm_libelle. ' | ';
- print ''.$modules[$obj->module]->getName(). ' | ';
+
+ print ' | ';
if ($obj->bydefault == 1)
{
@@ -133,6 +142,7 @@ if ($result)
}
print '';
+print '
';
$db->close();
diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php
index b215de1509e..6436b908411 100644
--- a/htdocs/user/group/perms.php
+++ b/htdocs/user/group/perms.php
@@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"];
if ($_GET["action"] == 'addrights' && $user->admin)
{
$editgroup = new Usergroup($db,$_GET["id"]);
- $editgroup->addrights($_GET["rights"]);
+ $editgroup->addrights($_GET["rights"],$module);
}
if ($_GET["action"] == 'delrights' && $user->admin)
{
$editgroup = new Usergroup($db,$_GET["id"]);
- $editgroup->delrights($_GET["rights"]);
+ $editgroup->delrights($_GET["rights"],$module);
}
@@ -68,7 +68,7 @@ if ($_GET["id"])
{
$fgroup = new Usergroup($db, $_GET["id"]);
$fgroup->fetch($_GET["id"]);
- $fgroup->getrights($_GET["id"]);
+ $fgroup->getrights();
/*
* Affichage onglets
@@ -107,9 +107,7 @@ if ($_GET["id"])
while ($i < $num)
{
$obj = $db->fetch_object($result);
-
array_push($permsgroup,$obj->id);
-
$i++;
}
$db->free($result);
@@ -148,13 +146,16 @@ if ($_GET["id"])
print '';
print '';
+ print '| '.$langs->trans("Module").' | ';
if ($user->admin) print ' | ';
print ' | ';
print ''.$langs->trans("Permissions").' | ';
- print ''.$langs->trans("Module").' | ';
print ' ';
- $sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r ORDER BY r.module, r.id ASC";
+ $sql ="SELECT r.id, r.libelle, r.module";
+ $sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r";
+ $sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
+ $sql.=" ORDER BY r.id, r.module";
$result=$db->query($sql);
if ($result)
@@ -169,17 +170,28 @@ if ($_GET["id"])
{
$oldmod = $obj->module;
$var = !$var;
- print '';
- // Recupère objMod
+ // Rupture détectée, on récupère objMod
$objMod = $modules[$obj->module];
$picto=($objMod->picto?$objMod->picto:'generic');
- }
- else
- {
+
print ' ';
+ print '| '.img_object('',$picto).' '.$objMod->getName();
+ print ' | ';
+ print '';
+ print ''.$langs->trans("All")."";
+ print '/';
+ print ''.$langs->trans("None")."";
+ print ' | ';
+ print ' | ';
+ print ' ';
}
+ print '';
+
+ print '| '.img_object('',$picto).' '.$objMod->getName();
+ print ' | ';
+
if (in_array($obj->id, $permsgroup))
{
// Own permission by group
@@ -187,7 +199,7 @@ if ($_GET["id"])
{
print ''.img_edit_remove($langs->trans("Remove")).' | ';
}
- print '';
+ print ' | ';
print img_tick();
print ' | ';
}
@@ -204,9 +216,6 @@ if ($_GET["id"])
$perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle);
print ''.$perm_libelle. ' | ';
- print ''.img_object('',$picto).' '.$objMod->getName();
- print ' | ';
-
print ' ';
$i++;
diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index d89a483a056..b5a0b26143c 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"];
if ($_GET["action"] == 'addrights' && $user->admin)
{
$edituser = new User($db,$_GET["id"]);
- $edituser->addrights($_GET["rights"]);
+ $edituser->addrights($_GET["rights"],$module);
}
if ($_GET["action"] == 'delrights' && $user->admin)
{
$edituser = new User($db,$_GET["id"]);
- $edituser->delrights($_GET["rights"]);
+ $edituser->delrights($_GET["rights"],$module);
}
@@ -184,13 +184,16 @@ if ($_GET["id"])
print '';
print '';
+ print '| '.$langs->trans("Module").' | ';
if ($user->admin) print ' | ';
print ' | ';
print ''.$langs->trans("Permissions").' | ';
- print ''.$langs->trans("Module").' | ';
print ' ';
- $sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r ORDER BY r.module, r.id ASC";
+ $sql ="SELECT r.id, r.libelle, r.module";
+ $sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r";
+ $sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"
+ $sql.=" ORDER BY r.id, r.module";
$result=$db->query($sql);
if ($result)
@@ -205,17 +208,28 @@ if ($_GET["id"])
{
$oldmod = $obj->module;
$var = !$var;
- print '';
- // Récupère objMod
+ // Rupture détectée, on récupère objMod
$objMod=$modules[$obj->module];
$picto=($objMod->picto?$objMod->picto:'generic');
- }
- else
- {
+
print ' ';
+ print '| '.img_object('',$picto).' '.$objMod->getName();
+ print ' | ';
+ print '';
+ print ''.$langs->trans("All")."";
+ print '/';
+ print ''.$langs->trans("None")."";
+ print ' | ';
+ print ' | ';
+ print ' ';
}
+ print '';
+
+ print '| '.img_object('',$picto).' '.$objMod->getName();
+ print ' | ';
+
if (in_array($obj->id, $permsuser))
{
// Own permission by user
@@ -223,7 +237,7 @@ if ($_GET["id"])
{
print ''.img_edit_remove($langs->trans("Remove")).' | ';
}
- print '';
+ print ' | ';
print img_tick();
print ' | ';
}
@@ -231,7 +245,7 @@ if ($_GET["id"])
// Own permission by group
if ($user->admin)
{
- print ''.$langs->trans("Group").' | ';
+ print ''.$langs->trans("Group").' | ';
}
print '';
print img_tick();
@@ -250,9 +264,6 @@ if ($_GET["id"])
$perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle);
print ' | '.$perm_libelle. ' | ';
- print ''.img_object('',$picto).' '.$objMod->getName();
- print ' | ';
-
print ' ';
$i++;
diff --git a/htdocs/usergroup.class.php b/htdocs/usergroup.class.php
index adc87ec9b4e..a0ca3d285fc 100644
--- a/htdocs/usergroup.class.php
+++ b/htdocs/usergroup.class.php
@@ -97,146 +97,196 @@ class UserGroup
/**
- * \brief Ajoute un droit au groupe
+ * \brief Ajoute un droit a l'utilisateur
* \param rid id du droit à ajouter
+ * \param allmodule Ajouter tous les droits du module allmodule
+ * \param allperms Ajouter tous les droits du module allmodule, perms allperms
* \return int > 0 si ok, < 0 si erreur
*/
- function addrights($rid)
+ function addrights($rid,$allmodule='',$allperms='')
{
- if (strlen($rid) == 2)
+ $err=0;
+ $whereforadd='';
+
+ $this->db->begin();
+
+ if ($rid)
{
- $topid = substr($rid,0,1);
- $lowid = substr($rid,1,1);
- }
-
- if (strlen($rid) == 3)
- {
- $topid = substr($rid,0,2);
- $lowid = substr($rid,2,1);
- }
-
- if ($lowid == 1)
- {
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid";
- $this->db->query($sql);
- $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $rid)";
- if ($this->db->query($sql))
- {
+ // Si on a demandé ajout d'un droit en particulier, on récupère
+ // les caractéristiques (module, perms et subperms) de ce droit.
+ $sql = "SELECT module, perms, subperms";
+ $sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
+ $sql.= " WHERE ";
+ $sql.=" id = '".$rid."'";
+
+ $result=$this->db->query($sql);
+ if ($result) {
+ $obj = $this->db->fetch_object($result);
+ $module=$obj->module;
+ $perms=$obj->perms;
+ $subperms=$obj->subperms;
}
+ else {
+ $err++;
+ dolibarr_print_error($this->db);
+ }
+
+ // Where pour la liste des droits à ajouter
+ $whereforadd="id=".$rid;
+ // Ajout des droits induits
+ if ($subperms) $whereforadd.=" OR (module='$module' AND perms='$perms' AND subperms='lire')";
+ if ($perms) $whereforadd.=" OR (module='$module' AND perms='lire' AND subperms IS NULL)";
+
+ // Pour compatibilité, si lowid = 0, on est en mode ajout de tout
+ // \todo A virer quand sera géré par l'appelant
+ if (substr($rid,-1,1) == 0) $whereforadd="module='$module'";
}
-
- if ($lowid > 1)
+ else {
+ // Where pour la liste des droits à ajouter
+ if ($allmodule) $whereforadd="module='$allmodule'";
+ if ($allperms) $whereforadd=" AND perms='$allperms'";
+ }
+
+ // Ajout des droits de la liste whereforadd
+ if ($whereforadd)
{
-
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid";
- $this->db->query($sql);
- $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $rid)";
- if ($this->db->query($sql))
+ //print "$module-$perms-$subperms";
+ $sql = "SELECT id";
+ $sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
+ $sql.= " WHERE $whereforadd";
+
+ $result=$this->db->query($sql);
+ if ($result)
{
+ $num = $this->db->num_rows($result);
+ $i = 0;
+ while ($i < $num)
+ {
+ $obj = $this->db->fetch_object($result);
+ $nid = $obj->id;
+
+ $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid";
+ if (! $this->db->query($sql)) $err++;
+ $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)";
+ if (! $this->db->query($sql)) $err++;
+
+ $i++;
+ }
}
-
- $nid = $topid . "1";
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid";
- $this->db->query($sql);
- $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)";
- if ($this->db->query($sql))
- {
-
- }
- else
+ else
{
+ $err++;
dolibarr_print_error($this->db);
}
}
- if ($lowid == 0)
- {
- for ($i = 1 ; $i < 10 ; $i++)
- {
- $nid = $topid . "$i";
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid";
- $this->db->query($sql);
- $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)";
- if ($this->db->query($sql))
- {
-
- }
- else
- {
- dolibarr_print_error($this->db);
- }
- }
+ if ($err) {
+ $this->db->rollback();
+ return -$err;
}
-
-
- return 1;
+ else {
+ $this->db->commit();
+ return 1;
+ }
+
}
/**
- * \brief Retire un droit au groupe
- * \param rid id du droit à retirer
+ * \brief Retire un droit a l'utilisateur
+ * \param rid id du droit à retirer
+ * \param allmodule Retirer tous les droits du module allmodule
+ * \param allperms Retirer tous les droits du module allmodule, perms allperms
* \return int > 0 si ok, < 0 si erreur
*/
- function delrights($rid)
+ function delrights($rid,$allmodule='',$allperms='')
{
- if (strlen($rid) == 2)
+ $err=0;
+ $wherefordel='';
+
+ $this->db->begin();
+
+ if ($rid)
{
- $topid = substr($rid,0,1);
- $lowid = substr($rid,1,1);
- }
-
- if (strlen($rid) == 3)
- {
- $topid = substr($rid,0,2);
- $lowid = substr($rid,2,1);
- }
-
- if ($lowid > 1)
- {
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid";
- if ($this->db->query($sql))
- {
+ // Si on a demandé supression d'un droit en particulier, on récupère
+ // les caractéristiques module, perms et subperms de ce droit.
+ $sql = "SELECT module, perms, subperms";
+ $sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
+ $sql.= " WHERE ";
+ $sql.=" id = '".$rid."'";
+
+ $result=$this->db->query($sql);
+ if ($result) {
+ $obj = $this->db->fetch_object($result);
+ $module=$obj->module;
+ $perms=$obj->perms;
+ $subperms=$obj->subperms;
}
- }
-
- if ($lowid == 1)
- {
- $fid = $topid . "0";
- $lid = $topid . "9";
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id >= $fid AND fk_id <= $lid";
- if ($this->db->query($sql))
- {
-
+ else {
+ $err++;
+ dolibarr_print_error($this->db);
}
- else
+
+ // Where pour la liste des droits à supprimer
+ $wherefordel="id=".$rid;
+ // Suppression des droits induits
+ if ($subperms=='lire') $wherefordel.=" OR (module='$module' AND perms='$perms' AND subperms IS NOT NULL)";
+ if ($perms=='lire') $wherefordel.=" OR (module='$module')";
+
+ // Pour compatibilité, si lowid = 0, on est en mode suppression de tout
+ // \todo A virer quand sera géré par l'appelant
+ if (substr($rid,-1,1) == 0) $wherefordel="module='$module'";
+ }
+ else {
+ // Where pour la liste des droits à supprimer
+ if ($allmodule) $wherefordel="module='$allmodule'";
+ if ($allperms) $wherefordel=" AND perms='$allperms'";
+ }
+
+ // Suppression des droits de la liste wherefordel
+ if ($wherefordel)
+ {
+ //print "$module-$perms-$subperms";
+ $sql = "SELECT id";
+ $sql.= " FROM ".MAIN_DB_PREFIX."rights_def";
+ $sql.= " WHERE $wherefordel";
+
+ $result=$this->db->query($sql);
+ if ($result)
{
+ $num = $this->db->num_rows($result);
+ $i = 0;
+ while ($i < $num)
+ {
+ $obj = $this->db->fetch_object($result);
+ $nid = $obj->id;
+
+ $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid";
+ if (! $this->db->query($sql)) $err++;
+
+ $i++;
+ }
+ }
+ else
+ {
+ $err++;
dolibarr_print_error($this->db);
}
}
- if ($lowid == 0)
- {
- for ($i = 1 ; $i < 10 ; $i++)
- {
- $nid = $topid . "$i";
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid";
- if ($this->db->query($sql))
- {
-
- }
- else
- {
- dolibarr_print_error($this->db);
- }
- }
+ if ($err) {
+ $this->db->rollback();
+ return -$err;
+ }
+ else {
+ $this->db->commit();
+ return 1;
}
-
- return 1;
- }
+ }
+
/**
* \brief Charge dans l'objet group, la liste des permissions auquels le groupe a droit
|