From f2d52217846554fa6dc979a8421b76c836cd7ca9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 11 Mar 2022 10:55:28 +0100 Subject: [PATCH] Debug ModuleBuilder --- htdocs/modulebuilder/index.php | 10 +++++-- .../template/class/myobject.class.php | 8 ++--- .../template/myobject_agenda.php | 17 ++++++++--- .../modulebuilder/template/myobject_card.php | 30 ++++++++++++++----- .../template/myobject_contact.php | 17 ++++++++--- .../template/myobject_document.php | 17 ++++++++--- .../modulebuilder/template/myobject_list.php | 22 ++++++++------ .../modulebuilder/template/myobject_note.php | 24 +++++++++++---- 8 files changed, 104 insertions(+), 41 deletions(-) diff --git a/htdocs/modulebuilder/index.php b/htdocs/modulebuilder/index.php index ba6e951ae55..be0d83a50a6 100644 --- a/htdocs/modulebuilder/index.php +++ b/htdocs/modulebuilder/index.php @@ -956,7 +956,10 @@ if ($dirins && $action == 'initobject' && $module && GETPOST('createtablearray', $css = ''; $cssview = ''; $csslist = ''; - if ($fieldname == 'import_key') { + if (preg_match('/^fk_/', $fieldname)) { + $css = 'maxwidth500 widthcentpercentminusxx'; + } + if ($fieldname == 'label') { $css = 'minwidth300'; $cssview = 'wordbreak'; } @@ -2557,8 +2560,9 @@ if ($module == 'initmodule') { $pathtoapi = strtolower($module).'/class/api_'.strtolower($module).'s.class.php'; $realpathtoapi = $dirread.'/'.$pathtoapi; } - $urloflist = $dirread.'/'.$pathtolist; - $urlofcard = $dirread.'/'.$pathtocard; + + $urloflist = dol_buildpath('/'.$pathtolist, 1); + $urlofcard = dol_buildpath('/'.$pathtocard, 1); print '
'; print ' '.$langs->trans("ClassFile").' : '.($realpathtoclass ? '' : '').preg_replace('/^'.strtolower($module).'\//', '', $pathtoclass).($realpathtoclass ? '' : '').''; diff --git a/htdocs/modulebuilder/template/class/myobject.class.php b/htdocs/modulebuilder/template/class/myobject.class.php index 37d1a4d08ab..0c3b3745d11 100644 --- a/htdocs/modulebuilder/template/class/myobject.class.php +++ b/htdocs/modulebuilder/template/class/myobject.class.php @@ -108,11 +108,11 @@ class MyObject extends CommonObject 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'position'=>30, 'searchall'=>1, 'css'=>'minwidth300', 'cssview'=>'wordbreak', 'help'=>'Help text', 'showoncombobox'=>2, 'validate'=>1), 'amount' => array('type'=>'price', 'label'=>'Amount', 'enabled'=>1, 'visible'=>1, 'default'=>'null', 'position'=>40, 'searchall'=>0, 'isameasure'=>1, 'help'=>'Help text for amount', 'validate'=>1), 'qty' => array('type'=>'real', 'label'=>'Qty', 'enabled'=>1, 'visible'=>1, 'default'=>'0', 'position'=>45, 'searchall'=>0, 'isameasure'=>1, 'help'=>'Help text for quantity', 'css'=>'maxwidth75imp', 'validate'=>1), - 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'picto'=>'company', 'label'=>'ThirdParty', 'visible'=> 1, 'enabled'=>1, 'position'=>50, 'notnull'=>-1, 'index'=>1, 'help'=>'LinkToThirparty', 'validate'=>1), - 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1', 'label'=>'Project', 'picto'=>'project', 'enabled'=>1, 'visible'=>-1, 'position'=>52, 'notnull'=>-1, 'index'=>1, 'validate'=>1), + 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'picto'=>'company', 'label'=>'ThirdParty', 'visible'=> 1, 'enabled'=>1, 'position'=>50, 'notnull'=>-1, 'index'=>1, 'help'=>'LinkToThirparty', 'validate'=>1, 'css'=>'maxwidth500 widthcentpercentminusxx'), + 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1', 'label'=>'Project', 'picto'=>'project', 'enabled'=>1, 'visible'=>-1, 'position'=>52, 'notnull'=>-1, 'index'=>1, 'validate'=>1, 'css'=>'maxwidth500 widthcentpercentminusxx'), 'description' => array('type'=>'text', 'label'=>'Description', 'enabled'=>1, 'visible'=>3, 'position'=>60, 'validate'=>1), - 'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>61, 'validate'=>1), - 'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>62, 'validate'=>1), + 'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>61, 'validate'=>1, 'cssview'=>'wordbreak'), + 'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>62, 'validate'=>1, 'cssview'=>'wordbreak'), 'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-2, 'notnull'=> 1, 'position'=>500), 'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>1, 'visible'=>-2, 'notnull'=> 0, 'position'=>501), //'date_validation ' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-2, 'position'=>502), diff --git a/htdocs/modulebuilder/template/myobject_agenda.php b/htdocs/modulebuilder/template/myobject_agenda.php index 5eb4f6e3028..b40092f93a7 100644 --- a/htdocs/modulebuilder/template/myobject_agenda.php +++ b/htdocs/modulebuilder/template/myobject_agenda.php @@ -132,15 +132,24 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->mymodule->multidir_output[!empty($object->entity) ? $object->entity : $conf->entity]."/".$object->id; } -$permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php +// There is several ways to check permission. +// Set $enablepermissioncheck to 1 to enable a minimum low level of checks +$enablepermissioncheck = 0; +if ($enablepermissioncheck) { + $permissiontoread = $user->rights->mymodule->myobject->read; + $permissiontoadd = $user->rights->mymodule->myobject->write; +} else { + $permissiontoread = 1; + $permissiontoadd = 1; +} // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); //restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->mymodule->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +if (empty($conf->mymodule->enabled)) accessforbidden(); +if (!$permissiontoread) accessforbidden(); /* @@ -187,7 +196,7 @@ if ($object->id > 0) { $head = myobjectPrepareHead($object); - print dol_get_fiche_head($head, 'agenda', '', -1, $object->picto); + print dol_get_fiche_head($head, 'agenda', $langs->trans("MyObject"), -1, $object->picto); // Object card // ------------------------------------------------------------ diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index bacb2f988dc..f53ce5adae3 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -122,12 +122,23 @@ if (empty($action) && empty($id) && empty($ref)) { // Load object include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. +// There is several ways to check permission. +// Set $enablepermissioncheck to 1 to enable a minimum low level of checks +$enablepermissioncheck = 0; +if ($enablepermissioncheck) { + $permissiontoread = $user->rights->mymodule->myobject->read; + $permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php + $permissiontodelete = $user->rights->mymodule->myobject->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); + $permissionnote = $user->rights->mymodule->myobject->write; // Used by the include of actions_setnotes.inc.php + $permissiondellink = $user->rights->mymodule->myobject->write; // Used by the include of actions_dellink.inc.php +} else { + $permissiontoread = 1; + $permissiontoadd = 1; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php + $permissiontodelete = 1; + $permissionnote = 1; + $permissiondellink = 1; +} -$permissiontoread = $user->rights->mymodule->myobject->read; -$permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php -$permissiontodelete = $user->rights->mymodule->myobject->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); -$permissionnote = $user->rights->mymodule->myobject->write; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->mymodule->myobject->write; // Used by the include of actions_dellink.inc.php $upload_dir = $conf->mymodule->multidir_output[isset($object->entity) ? $object->entity : 1].'/myobject'; // Security check (enable the most restrictive one) @@ -135,8 +146,8 @@ $upload_dir = $conf->mymodule->multidir_output[isset($object->entity) ? $object- //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (isset($object->status) && ($object->status == $object::STATUS_DRAFT) ? 1 : 0); //restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->mymodule->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +if (empty($conf->mymodule->enabled)) accessforbidden(); +if (!$permissiontoread) accessforbidden(); /* @@ -230,6 +241,11 @@ llxHeader('', $title, $help_url); // Part to create if ($action == 'create') { + if (empty($permissiontoadd)) { + accessforbidden($langs->trans('NotEnoughPermissions'), 0, 1); + exit; + } + print load_fiche_titre($langs->trans("NewObject", $langs->transnoentitiesnoconv("MyObject")), '', 'object_'.$object->picto); print '
'; diff --git a/htdocs/modulebuilder/template/myobject_contact.php b/htdocs/modulebuilder/template/myobject_contact.php index d2de342c861..64f5ebba976 100644 --- a/htdocs/modulebuilder/template/myobject_contact.php +++ b/htdocs/modulebuilder/template/myobject_contact.php @@ -78,15 +78,24 @@ $extrafields->fetch_name_optionals_label($object->table_element); // Load object include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals -$permission = $user->rights->mymodule->myobject->write; +// There is several ways to check permission. +// Set $enablepermissioncheck to 1 to enable a minimum low level of checks +$enablepermissioncheck = 0; +if ($enablepermissioncheck) { + $permissiontoread = $user->rights->mymodule->myobject->read; + $permission = $user->rights->mymodule->myobject->write; +} else { + $permissiontoread = 1; + $permission = 1; +} // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); //restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->mymodule->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +if (empty($conf->mymodule->enabled)) accessforbidden(); +if (!$permissiontoread) accessforbidden(); /* @@ -152,7 +161,7 @@ if ($object->id) { */ $head = myobjectPrepareHead($object); - print dol_get_fiche_head($head, 'contact', '', -1, $object->picto); + print dol_get_fiche_head($head, 'contact', $langs->trans("MyObject"), -1, $object->picto); $linkback = ''.$langs->trans("BackToList").''; diff --git a/htdocs/modulebuilder/template/myobject_document.php b/htdocs/modulebuilder/template/myobject_document.php index 3db0271dd01..d1040364182 100644 --- a/htdocs/modulebuilder/template/myobject_document.php +++ b/htdocs/modulebuilder/template/myobject_document.php @@ -124,15 +124,24 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->mymodule->multidir_output[$object->entity ? $object->entity : $conf->entity]."/myobject/".get_exdir(0, 0, 0, 1, $object); } -$permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php +// There is several ways to check permission. +// Set $enablepermissioncheck to 1 to enable a minimum low level of checks +$enablepermissioncheck = 0; +if ($enablepermissioncheck) { + $permissiontoread = $user->rights->mymodule->myobject->read; + $permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php +} else { + $permissiontoread = 1; + $permission = 1; +} // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); //restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->mymodule->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +if (empty($conf->mymodule->enabled)) accessforbidden(); +if (!$permissiontoread) accessforbidden(); /* @@ -159,7 +168,7 @@ if ($object->id) { */ $head = myobjectPrepareHead($object); - print dol_get_fiche_head($head, 'document', '', -1, $object->picto); + print dol_get_fiche_head($head, 'document', $langs->trans("MyObject"), -1, $object->picto); // Build file list diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index ced309b4eff..92b131d56ba 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -176,13 +176,17 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); -$permissiontoread = $user->rights->mymodule->myobject->read; -$permissiontoadd = $user->rights->mymodule->myobject->write; -$permissiontodelete = $user->rights->mymodule->myobject->delete; - -// Security check -if (empty($conf->mymodule->enabled)) { - accessforbidden('Module not enabled'); +// There is several ways to check permission. +// Set $enablepermissioncheck to 1 to enable a minimum low level of checks +$enablepermissioncheck = 0; +if ($enablepermissioncheck) { + $permissiontoread = $user->rights->mymodule->myobject->read; + $permissiontoadd = $user->rights->mymodule->myobject->write; + $permissiontodelete = $user->rights->mymodule->myobject->delete; +} else { + $permissiontoread = 1; + $permissiontoadd = 1; + $permissiontodelete = 1; } // Security check (enable the most restrictive one) @@ -191,8 +195,8 @@ if ($user->socid > 0) accessforbidden(); //$socid = 0; if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); //restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->mymodule->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +if (empty($conf->mymodule->enabled)) accessforbidden('Moule not enabled'); +if (!$permissiontoread) accessforbidden(); diff --git a/htdocs/modulebuilder/template/myobject_note.php b/htdocs/modulebuilder/template/myobject_note.php index 6733919289b..9c6831e5c7b 100644 --- a/htdocs/modulebuilder/template/myobject_note.php +++ b/htdocs/modulebuilder/template/myobject_note.php @@ -101,23 +101,35 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->mymodule->multidir_output[!empty($object->entity) ? $object->entity : $conf->entity]."/".$object->id; } -$permissionnote = $user->rights->mymodule->myobject->write; // Used by the include of actions_setnotes.inc.php -$permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php + +// There is several ways to check permission. +// Set $enablepermissioncheck to 1 to enable a minimum low level of checks +$enablepermissioncheck = 0; +if ($enablepermissioncheck) { + $permissiontoread = $user->rights->mymodule->myobject->read; + $permissiontoadd = $user->rights->mymodule->myobject->write; + $permissionnote = $user->rights->mymodule->myobject->write; // Used by the include of actions_setnotes.inc.php +} else { + $permissiontoread = 1; + $permissiontoadd = 1; + $permissionnote = 1; +} // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; //$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); //restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->mymodule->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +if (empty($conf->mymodule->enabled)) accessforbidden(); +if (!$permissiontoread) accessforbidden(); /* * Actions */ -$reshook = $hookmanager->executeHooks('doActions', array(), $object, $action); // Note that $action and $object may have been modified by some hooks +$parameters = array(); +$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } @@ -141,7 +153,7 @@ if ($id > 0 || !empty($ref)) { $head = myobjectPrepareHead($object); - print dol_get_fiche_head($head, 'note', '', -1, $object->picto); + print dol_get_fiche_head($head, 'note', $langs->trans("MyObject"), -1, $object->picto); // Object card // ------------------------------------------------------------