From e92d1d635e378142b1897a75406c1b990237b05e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 1 Apr 2005 22:30:25 +0000 Subject: [PATCH] =?UTF-8?q?Les=20fonctions=20ajout/suppression=20de=20"tou?= =?UTF-8?q?s=20les=20droits"=20d'un=20module=20sont=20dispo=20en=20standar?= =?UTF-8?q?d=20sans=20besoin=20d'un=20droit=20sp=E9cifique.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/admin/perms.php | 20 ++- htdocs/user/group/perms.php | 41 +++--- htdocs/user/perms.php | 39 ++++-- htdocs/usergroup.class.php | 260 +++++++++++++++++++++--------------- 4 files changed, 220 insertions(+), 140 deletions(-) diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php index 88c4adcfca7..3fc25bef079 100644 --- a/htdocs/admin/perms.php +++ b/htdocs/admin/perms.php @@ -82,9 +82,10 @@ while (($file = readdir($handle))!==false) } // Affiche lignes des permissions -$sql = "SELECT r.id, r.libelle, r.module, r.bydefault FROM ".MAIN_DB_PREFIX."rights_def as r"; -$sql .= " WHERE type <> 'a'"; -$sql .= " ORDER BY r.id ASC"; +$sql ="SELECT r.id, r.libelle, r.module, r.bydefault"; +$sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r"; +$sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" +$sql.=" ORDER BY r.id, r.module"; $result = $db->query($sql); if ($result) @@ -100,9 +101,13 @@ if ($result) if ($old <> $obj->module) { + // Rupture détectée, on récupère objMod + $objMod=$modules[$obj->module]; + $picto=($objMod->picto?$objMod->picto:'generic'); + print ''; - print ''.$langs->trans("Permission").''; print ''.$langs->trans("Module").''; + print ''.$langs->trans("Permission").''; print ''.$langs->trans("Default").''; print ' '; print "\n"; @@ -110,9 +115,13 @@ if ($result) } print ''; + + print ''.img_object('',$picto).' '.$objMod->getName(); + $perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle); print ''.$perm_libelle. ''; - print ''.$modules[$obj->module]->getName(). ''; + + print ''; if ($obj->bydefault == 1) { @@ -133,6 +142,7 @@ if ($result) } print ''; +print '
'; $db->close(); diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index b215de1509e..6436b908411 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"]; if ($_GET["action"] == 'addrights' && $user->admin) { $editgroup = new Usergroup($db,$_GET["id"]); - $editgroup->addrights($_GET["rights"]); + $editgroup->addrights($_GET["rights"],$module); } if ($_GET["action"] == 'delrights' && $user->admin) { $editgroup = new Usergroup($db,$_GET["id"]); - $editgroup->delrights($_GET["rights"]); + $editgroup->delrights($_GET["rights"],$module); } @@ -68,7 +68,7 @@ if ($_GET["id"]) { $fgroup = new Usergroup($db, $_GET["id"]); $fgroup->fetch($_GET["id"]); - $fgroup->getrights($_GET["id"]); + $fgroup->getrights(); /* * Affichage onglets @@ -107,9 +107,7 @@ if ($_GET["id"]) while ($i < $num) { $obj = $db->fetch_object($result); - array_push($permsgroup,$obj->id); - $i++; } $db->free($result); @@ -148,13 +146,16 @@ if ($_GET["id"]) print ''; print ''; + print ''; if ($user->admin) print ''; print ''; print ''; - print ''; print ''; - $sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r ORDER BY r.module, r.id ASC"; + $sql ="SELECT r.id, r.libelle, r.module"; + $sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r"; + $sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" + $sql.=" ORDER BY r.id, r.module"; $result=$db->query($sql); if ($result) @@ -169,17 +170,28 @@ if ($_GET["id"]) { $oldmod = $obj->module; $var = !$var; - print ''; - // Recupère objMod + // Rupture détectée, on récupère objMod $objMod = $modules[$obj->module]; $picto=($objMod->picto?$objMod->picto:'generic'); - } - else - { + print ''; + print ''; + print ''; + print ''; + print ''; } + print ''; + + print ''; + if (in_array($obj->id, $permsgroup)) { // Own permission by group @@ -187,7 +199,7 @@ if ($_GET["id"]) { print ''; } - print ''; } @@ -204,9 +216,6 @@ if ($_GET["id"]) $perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle); print ''; - print ''; - print ''; $i++; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index d89a483a056..b5a0b26143c 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -45,13 +45,13 @@ $module=isset($_GET["module"])?$_GET["module"]:$_POST["module"]; if ($_GET["action"] == 'addrights' && $user->admin) { $edituser = new User($db,$_GET["id"]); - $edituser->addrights($_GET["rights"]); + $edituser->addrights($_GET["rights"],$module); } if ($_GET["action"] == 'delrights' && $user->admin) { $edituser = new User($db,$_GET["id"]); - $edituser->delrights($_GET["rights"]); + $edituser->delrights($_GET["rights"],$module); } @@ -184,13 +184,16 @@ if ($_GET["id"]) print '
'.$langs->trans("Module").'  '.$langs->trans("Permissions").''.$langs->trans("Module").'
'.img_object('',$picto).' '.$objMod->getName(); + print ' '; + print ''.$langs->trans("All").""; + print '/'; + print ''.$langs->trans("None").""; + print ' 
'.img_object('',$picto).' '.$objMod->getName(); + print ''.img_edit_remove($langs->trans("Remove")).''; + print ''; print img_tick(); print ''.$perm_libelle. ''.img_object('',$picto).' '.$objMod->getName(); - print '
'; print ''; + print ''; if ($user->admin) print ''; print ''; print ''; - print ''; print ''; - $sql = "SELECT r.id, r.libelle, r.module FROM ".MAIN_DB_PREFIX."rights_def as r ORDER BY r.module, r.id ASC"; + $sql ="SELECT r.id, r.libelle, r.module"; + $sql.=" FROM ".MAIN_DB_PREFIX."rights_def as r"; + $sql.=" WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" + $sql.=" ORDER BY r.id, r.module"; $result=$db->query($sql); if ($result) @@ -205,17 +208,28 @@ if ($_GET["id"]) { $oldmod = $obj->module; $var = !$var; - print ''; - // Récupère objMod + // Rupture détectée, on récupère objMod $objMod=$modules[$obj->module]; $picto=($objMod->picto?$objMod->picto:'generic'); - } - else - { + print ''; + print ''; + print ''; + print ''; + print ''; } + print ''; + + print ''; + if (in_array($obj->id, $permsuser)) { // Own permission by user @@ -223,7 +237,7 @@ if ($_GET["id"]) { print ''; } - print ''; } @@ -231,7 +245,7 @@ if ($_GET["id"]) // Own permission by group if ($user->admin) { - print ''; + print ''; } print ''; - print ''; - print ''; $i++; diff --git a/htdocs/usergroup.class.php b/htdocs/usergroup.class.php index adc87ec9b4e..a0ca3d285fc 100644 --- a/htdocs/usergroup.class.php +++ b/htdocs/usergroup.class.php @@ -97,146 +97,196 @@ class UserGroup /** - * \brief Ajoute un droit au groupe + * \brief Ajoute un droit a l'utilisateur * \param rid id du droit à ajouter + * \param allmodule Ajouter tous les droits du module allmodule + * \param allperms Ajouter tous les droits du module allmodule, perms allperms * \return int > 0 si ok, < 0 si erreur */ - function addrights($rid) + function addrights($rid,$allmodule='',$allperms='') { - if (strlen($rid) == 2) + $err=0; + $whereforadd=''; + + $this->db->begin(); + + if ($rid) { - $topid = substr($rid,0,1); - $lowid = substr($rid,1,1); - } - - if (strlen($rid) == 3) - { - $topid = substr($rid,0,2); - $lowid = substr($rid,2,1); - } - - if ($lowid == 1) - { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid"; - $this->db->query($sql); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $rid)"; - if ($this->db->query($sql)) - { + // Si on a demandé ajout d'un droit en particulier, on récupère + // les caractéristiques (module, perms et subperms) de ce droit. + $sql = "SELECT module, perms, subperms"; + $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; + $sql.= " WHERE "; + $sql.=" id = '".$rid."'"; + + $result=$this->db->query($sql); + if ($result) { + $obj = $this->db->fetch_object($result); + $module=$obj->module; + $perms=$obj->perms; + $subperms=$obj->subperms; } + else { + $err++; + dolibarr_print_error($this->db); + } + + // Where pour la liste des droits à ajouter + $whereforadd="id=".$rid; + // Ajout des droits induits + if ($subperms) $whereforadd.=" OR (module='$module' AND perms='$perms' AND subperms='lire')"; + if ($perms) $whereforadd.=" OR (module='$module' AND perms='lire' AND subperms IS NULL)"; + + // Pour compatibilité, si lowid = 0, on est en mode ajout de tout + // \todo A virer quand sera géré par l'appelant + if (substr($rid,-1,1) == 0) $whereforadd="module='$module'"; } - - if ($lowid > 1) + else { + // Where pour la liste des droits à ajouter + if ($allmodule) $whereforadd="module='$allmodule'"; + if ($allperms) $whereforadd=" AND perms='$allperms'"; + } + + // Ajout des droits de la liste whereforadd + if ($whereforadd) { - - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid"; - $this->db->query($sql); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $rid)"; - if ($this->db->query($sql)) + //print "$module-$perms-$subperms"; + $sql = "SELECT id"; + $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; + $sql.= " WHERE $whereforadd"; + + $result=$this->db->query($sql); + if ($result) { + $num = $this->db->num_rows($result); + $i = 0; + while ($i < $num) + { + $obj = $this->db->fetch_object($result); + $nid = $obj->id; + + $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; + if (! $this->db->query($sql)) $err++; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)"; + if (! $this->db->query($sql)) $err++; + + $i++; + } } - - $nid = $topid . "1"; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; - $this->db->query($sql); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)"; - if ($this->db->query($sql)) - { - - } - else + else { + $err++; dolibarr_print_error($this->db); } } - if ($lowid == 0) - { - for ($i = 1 ; $i < 10 ; $i++) - { - $nid = $topid . "$i"; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; - $this->db->query($sql); - $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)"; - if ($this->db->query($sql)) - { - - } - else - { - dolibarr_print_error($this->db); - } - } + if ($err) { + $this->db->rollback(); + return -$err; } - - - return 1; + else { + $this->db->commit(); + return 1; + } + } /** - * \brief Retire un droit au groupe - * \param rid id du droit à retirer + * \brief Retire un droit a l'utilisateur + * \param rid id du droit à retirer + * \param allmodule Retirer tous les droits du module allmodule + * \param allperms Retirer tous les droits du module allmodule, perms allperms * \return int > 0 si ok, < 0 si erreur */ - function delrights($rid) + function delrights($rid,$allmodule='',$allperms='') { - if (strlen($rid) == 2) + $err=0; + $wherefordel=''; + + $this->db->begin(); + + if ($rid) { - $topid = substr($rid,0,1); - $lowid = substr($rid,1,1); - } - - if (strlen($rid) == 3) - { - $topid = substr($rid,0,2); - $lowid = substr($rid,2,1); - } - - if ($lowid > 1) - { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$rid"; - if ($this->db->query($sql)) - { + // Si on a demandé supression d'un droit en particulier, on récupère + // les caractéristiques module, perms et subperms de ce droit. + $sql = "SELECT module, perms, subperms"; + $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; + $sql.= " WHERE "; + $sql.=" id = '".$rid."'"; + + $result=$this->db->query($sql); + if ($result) { + $obj = $this->db->fetch_object($result); + $module=$obj->module; + $perms=$obj->perms; + $subperms=$obj->subperms; } - } - - if ($lowid == 1) - { - $fid = $topid . "0"; - $lid = $topid . "9"; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id >= $fid AND fk_id <= $lid"; - if ($this->db->query($sql)) - { - + else { + $err++; + dolibarr_print_error($this->db); } - else + + // Where pour la liste des droits à supprimer + $wherefordel="id=".$rid; + // Suppression des droits induits + if ($subperms=='lire') $wherefordel.=" OR (module='$module' AND perms='$perms' AND subperms IS NOT NULL)"; + if ($perms=='lire') $wherefordel.=" OR (module='$module')"; + + // Pour compatibilité, si lowid = 0, on est en mode suppression de tout + // \todo A virer quand sera géré par l'appelant + if (substr($rid,-1,1) == 0) $wherefordel="module='$module'"; + } + else { + // Where pour la liste des droits à supprimer + if ($allmodule) $wherefordel="module='$allmodule'"; + if ($allperms) $wherefordel=" AND perms='$allperms'"; + } + + // Suppression des droits de la liste wherefordel + if ($wherefordel) + { + //print "$module-$perms-$subperms"; + $sql = "SELECT id"; + $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; + $sql.= " WHERE $wherefordel"; + + $result=$this->db->query($sql); + if ($result) { + $num = $this->db->num_rows($result); + $i = 0; + while ($i < $num) + { + $obj = $this->db->fetch_object($result); + $nid = $obj->id; + + $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; + if (! $this->db->query($sql)) $err++; + + $i++; + } + } + else + { + $err++; dolibarr_print_error($this->db); } } - if ($lowid == 0) - { - for ($i = 1 ; $i < 10 ; $i++) - { - $nid = $topid . "$i"; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=$nid"; - if ($this->db->query($sql)) - { - - } - else - { - dolibarr_print_error($this->db); - } - } + if ($err) { + $this->db->rollback(); + return -$err; + } + else { + $this->db->commit(); + return 1; } - - return 1; - } + } + /** * \brief Charge dans l'objet group, la liste des permissions auquels le groupe a droit
'.$langs->trans("Module").'  '.$langs->trans("Permissions").''.$langs->trans("Module").'
'.img_object('',$picto).' '.$objMod->getName(); + print ' '; + print ''.$langs->trans("All").""; + print '/'; + print ''.$langs->trans("None").""; + print ' 
'.img_object('',$picto).' '.$objMod->getName(); + print ''.img_edit_remove($langs->trans("Remove")).''; + print ''; print img_tick(); print ''.$langs->trans("Group").''.$langs->trans("Group").''; print img_tick(); @@ -250,9 +264,6 @@ if ($_GET["id"]) $perm_libelle=(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle); print ''.$perm_libelle. ''.img_object('',$picto).' '.$objMod->getName(); - print '