d0/d2d/user_2group_2perms_8php_source.html

 <?php

 /* Copyright (C) 2002-2005  Rodolphe Quiedeville  <rodolphe@quiedeville.org>

  * Copyright (C) 2002-2003  Jean-Louis Bergamo    <jlb@j1b.org>

  * Copyright (C) 2004-2020  Laurent Destailleur   <eldy@users.sourceforge.net>

  * Copyright (C) 2004   Eric Seigne       <eric.seigne@ryxeo.com>

  * Copyright (C) 2005-2017  Regis Houssin     <regis.houssin@inodbox.com>

  * Copyright (C) 2020   Tobias Sekan      <tobias.sekan@startmail.com>

  *

  * This program is free software; you can redistribute it and/or modify

  * it under the terms of the GNU General Public License as published by

  * the Free Software Foundation; either version 3 of the License, or

  * (at your option) any later version.

  *

  * This program is distributed in the hope that it will be useful,

  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  * GNU General Public License for more details.

  *

  * You should have received a copy of the GNU General Public License

  * along with this program. If not, see <https://www.gnu.org/licenses/>.

  */


 require '../../main.inc.php';

 require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';

 require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';

 require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';

 require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';


 // Load translation files required by page

 $langs->loadLangs(array('users', 'admin'));


 $id = GETPOST('id', 'int');

 $action = GETPOST('action', 'aZ09');

 $confirm = GETPOST('confirm', 'alpha');

 $module = GETPOST('module', 'alpha');

 $rights = GETPOST('rights', 'int');

 $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'groupperms'; // To manage different context of search


 // Define if user can read permissions

 $canreadperms = ($user->admin || $user->rights->user->user->lire);

 // Define if user can modify group permissions

 $caneditperms = ($user->admin || $user->rights->user->user->creer);

 // Advanced permissions

 $advancedpermsactive = false;

 if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS))

 {

   $advancedpermsactive = true;

   $canreadperms = ($user->admin || ($user->rights->user->group_advance->read && $user->rights->user->group_advance->readperms));

   $caneditperms = ($user->admin || $user->rights->user->group_advance->write);

 }


 if (!$canreadperms) accessforbidden();


 $object = new Usergroup($db);

 $object->fetch($id);


 $entity = $conf->entity;


 // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context

 $hookmanager->initHooks(array('groupperms', 'globalcard'));


 $parameters = array();

 $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

 if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');


 if (empty($reshook)) {

   if ($action == 'addrights' && $caneditperms) {

     $editgroup = new Usergroup($db);

     $result = $editgroup->fetch($id);

     if ($result > 0) {

       $result = $editgroup->addrights($rights, $module, '', $entity);

       if ($result < 0) {

         setEventMessages($editgroup->error, $editgroup->errors, 'errors');

       }

     } else {

       dol_print_error($db);

     }

   }


   if ($action == 'delrights' && $caneditperms) {

     $editgroup = new Usergroup($db);

     $result = $editgroup->fetch($id);

     if ($result > 0) {

       $result = $editgroup->delrights($rights, $module, '', $entity);

       if ($result < 0) {

         setEventMessages($editgroup->error, $editgroup->errors, 'errors');

       }

     } else {

       dol_print_error($db);

     }

   }

 }


 $form = new Form($db);


 llxHeader('', $langs->trans("Permissions"));


 if ($object->id > 0)

 {

   /*

    * Affichage onglets

    */

   $object->getrights(); // Reload permission


   $head = group_prepare_head($object);

   $title = $langs->trans("Group");

   print dol_get_fiche_head($head, 'rights', $title, -1, 'group');


   // Charge les modules soumis a permissions

   $modules = array();

   $modulesdir = dolGetModulesDirs();


   $db->begin();


   foreach ($modulesdir as $dir)

   {

     $handle = @opendir(dol_osencode($dir));

     if (is_resource($handle))

     {

       while (($file = readdir($handle)) !== false)

       {

         if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php')

         {

           $modName = substr($file, 0, dol_strlen($file) - 10);


           if ($modName)

           {

             include_once $dir.$file;

             $objMod = new $modName($db);

             // Load all lang files of module

             if (isset($objMod->langfiles) && is_array($objMod->langfiles))

             {

               foreach ($objMod->langfiles as $domain)

               {

                 $langs->load($domain);

               }

             }

             // Load all permissions

             if ($objMod->rights_class)

             {

               $ret = $objMod->insert_permissions(0, $entity);

               $modules[$objMod->rights_class] = $objMod;

             }

           }

         }

       }

     }

   }


   $db->commit();


   // Read permissions of group

   $permsgroupbyentity = array();


   $sql = "SELECT DISTINCT r.id, r.libelle, r.module, gr.entity";

   $sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r,";

   $sql .= " ".MAIN_DB_PREFIX."usergroup_rights as gr";

   $sql .= " WHERE gr.fk_id = r.id";

   $sql .= " AND gr.entity = ".$entity;

   $sql .= " AND gr.fk_usergroup = ".$object->id;


   dol_syslog("get user perms", LOG_DEBUG);

   $result = $db->query($sql);

   if ($result)

   {

     $num = $db->num_rows($result);

     $i = 0;

     while ($i < $num)

     {

       $obj = $db->fetch_object($result);

       if (!isset($permsgroupbyentity[$obj->entity]))

         $permsgroupbyentity[$obj->entity] = array();

         array_push($permsgroupbyentity[$obj->entity], $obj->id);

         $i++;

     }

     $db->free($result);

   } else {

     dol_print_error($db);

   }


   $linkback = '<a href="'.DOL_URL_ROOT.'/user/group/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';


   dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin);


   print '<div class="fichecenter">';

   print '<div class="underbanner clearboth"></div>';


   /*

    * Ecran ajout/suppression permission

    */


   print '<table class="border centpercent tableforfield">';


   // Name (already in dol_banner, we keep it to have the GlobalGroup picto, but we should move it in dol_banner)

   if (!empty($conf->mutlicompany->enabled))

   {

     print '<tr><td class="titlefield">'.$langs->trans("Name").'</td>';

     print '<td colspan="2">'.$object->name.'';

     if (!$object->entity)

     {

       print img_picto($langs->trans("GlobalGroup"), 'redstar');

     }

     print "</td></tr>\n";

   }


   // Note

   print '<tr><td class="titlefield tdtop">'.$langs->trans("Description").'</td>';

   print '<td class="valeur sensiblehtmlcontent">';

   print dol_string_onlythesehtmltags(dol_htmlentitiesbr($object->note));

   print '</td>';

   print "</tr>\n";


   print '</table><br>';


   if ($user->admin) print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules"));


   $parameters = array();

   $reshook = $hookmanager->executeHooks('insertExtraHeader', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

   if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');


   print "\n";

   print '<div class="div-table-responsive-no-min">';

   print '<table class="noborder centpercent">';

   print '<tr class="liste_titre">';

   print '<td>'.$langs->trans("Module").'</td>';

   if ($caneditperms)

   {

     print '<td class="center nowrap">';

     print '<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;module=allmodules">'.$langs->trans("All")."</a>";

     print '/';

     print '<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans("None")).'" alt="'.dol_escape_htmltag($langs->trans("None")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delrights&amp;entity='.$entity.'&amp;module=allmodules">'.$langs->trans("None")."</a>";

     print '</td>';

   }

   print '<td class="center" width="24">&nbsp;</td>';

   print '<td>'.$langs->trans("Permissions").'</td>';

   if ($user->admin) print '<td class="right">'.$langs->trans("ID").'</td>';

   print '</tr>'."\n";


   $sql = "SELECT r.id, r.libelle as label, r.module";

   $sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r";

   $sql .= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous"

   $sql .= " AND r.entity = ".$entity;

   if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable

   $sql .= " ORDER BY r.module, r.id";


   $result = $db->query($sql);

   if ($result)

   {

     $num = $db->num_rows($result);

     $i = 0;

     $oldmod = '';


     while ($i < $num)

     {

       $obj = $db->fetch_object($result);


       // If line is for a module that doe snot existe anymore (absent of includes/module), we ignore it

       if (empty($modules[$obj->module]))

       {

         $i++;

         continue;

       }


       if ($oldmod <> $obj->module)

       {

         $oldmod = $obj->module;


         // Break detected, we get objMod

         $objMod = $modules[$obj->module];

         $picto = ($objMod->picto ? $objMod->picto : 'generic');


         // Show break line

         print '<tr class="oddeven trforbreak">';

         print '<td class="maxwidthonsmartphone tdoverflowonsmartphone">';

         print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName();

         print '<a name="'.$objMod->getName().'"></a>';

         print '</td>';

         if ($caneditperms)

         {

           print '<td class="center nowrap">';

           print '<a class="reposition" title='.$langs->trans("All").' alt='.$langs->trans("All").' href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;module='.$obj->module.'">'.$langs->trans("All")."</a>";

           print '/';

           print '<a class="reposition" title='.$langs->trans("None").' alt='.$langs->trans("None").' href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delrights&amp;entity='.$entity.'&amp;module='.$obj->module.'">'.$langs->trans("None")."</a>";

           print '</td>';

         } else {

           print '<td>&nbsp;</td>';

         }

         print '<td colspan="2">&nbsp;</td>';


         // Permission id

         if ($user->admin) print '<td class="right"></td>';


         print '</tr>';

       }


       print '<!-- '.$obj->module.'->'.$obj->perms.($obj->subperms ? '->'.$obj->subperms : '').' -->'."\n";

       print '<tr class="oddeven">';


       // Picto and label of module

       print '<td class="maxwidthonsmartphone tdoverflowonsmartphone">';

       //print img_object('', $picto, 'class="inline-block pictoobjectwidth"').' '.$objMod->getName();

       print '</td>';


       if (is_array($permsgroupbyentity[$entity]))

       {

         if (in_array($obj->id, $permsgroupbyentity[$entity]))

         {

           // Own permission by group

           if ($caneditperms)

           {

             print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'">';

             //print img_edit_remove($langs->trans("Remove"));

             print img_picto($langs->trans("Remove"), 'switch_on');

             print '</a></td>';

           }

           print '<td class="center nowrap">';

           print img_picto($langs->trans("Active"), 'tick');

           print '</td>';

         } else {

           // Do not own permission

           if ($caneditperms)

           {

             print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'">';

             //print img_edit_add($langs->trans("Add"));

             print img_picto($langs->trans("Add"), 'switch_off');

             print '</a></td>';

           }

           print '<td>&nbsp</td>';

         }

       } else {

         // Do not own permission

         if ($caneditperms)

         {

           print '<td class="center"><a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addrights&amp;entity='.$entity.'&amp;rights='.$obj->id.'">';

           //print img_edit_add($langs->trans("Add"));

           print img_picto($langs->trans("Add"), 'switch_off');

           print '</a></td>';

         }

         print '<td>&nbsp</td>';

       }


       $permlabel = ($conf->global->MAIN_USE_ADVANCED_PERMS && ($langs->trans("PermissionAdvanced".$obj->id) != ("PermissionAdvanced".$obj->id)) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != ("Permission".$obj->id)) ? $langs->trans("Permission".$obj->id) : $langs->trans($obj->label)));

       print '<td class="maxwidthonsmartphone">'.$permlabel.'</td>';


       // Permission id

       if ($user->admin) print '<td class="right"><span class="opacitymedium">'.$obj->id.'</span></td>';


       print '</tr>'."\n";


       $i++;

     }

   }

   print '</table>';

   print '</div>';


   print '</div>';


   $parameters = array();

   $reshook = $hookmanager->executeHooks('insertExtraFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks

   if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');


   print dol_get_fiche_end();

 }


 // End of page

 llxFooter();

 $db->close();

dol_osencode
dol_osencode($str)
Return a string encoded into OS filesystem encoding.
Definition: functions.lib.php:7257

GETPOST
GETPOST($paramname, $check= 'alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition: functions.lib.php:309

dolGetModulesDirs
dolGetModulesDirs($subdir= '')
Return list of modules directories.
Definition: functions2.lib.php:80

dol_htmlentitiesbr
dol_htmlentitiesbr($stringtoencode, $nl2brmode=0, $pagecodefrom= 'UTF-8', $removelasteolbr=1)
This function is called to encode a string into a HTML string but differs from htmlentities because a...
Definition: functions.lib.php:5984

llxHeader
llxHeader()
Empty header.
Definition: wrapper.php:45

setEventMessages
setEventMessages($mesg, $mesgs, $style= 'mesgs', $messagekey= '')
Set event messages in dol_events session object.
Definition: functions.lib.php:6927

Form
Class to manage generation of HTML components Only common components must be here.
Definition: html.form.class.php:52

dol_strlen
dol_strlen($string, $stringencoding= 'UTF-8')
Make a strlen call.
Definition: functions.lib.php:3127

img_picto
img_picto($titlealt, $picto, $moreatt= '', $pictoisfullpath=false, $srconly=0, $notitle=0, $alt= '', $morecss= '', $marginleftonlyshort=2)
Show picto whatever it&#39;s its name (generic function)
Definition: functions.lib.php:3244

dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename= '', $restricttologhandler= '', $logcontext=null)
Write log message into outputs.
Definition: functions.lib.php:1208

group_prepare_head
group_prepare_head($object)
Prepare array with list of tabs.
Definition: usergroups.lib.php:189

img_object
img_object($titlealt, $picto, $moreatt= '', $pictoisfullpath=false, $srconly=0, $notitle=0)
Show a picto called object_picto (generic function)
Definition: functions.lib.php:3503

accessforbidden
accessforbidden($message= '', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program Calling this function terminate execution ...
Definition: security.lib.php:649

$_SERVER
print $_SERVER["PHP_SELF"]
Edit parameters.
Definition: company_socialnetworks.php:101

dol_get_fiche_head
dol_get_fiche_head($links=array(), $active= '', $title= '', $notab=0, $picto= '', $pictoisfullpath=0, $morehtmlright= '', $morecss= '', $limittoshow=0, $moretabssuffix= '')
Show tabs of a record.
Definition: functions.lib.php:1371

print
print
Draft customers invoices.
Definition: index.php:89

dol_string_onlythesehtmltags
dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles=1, $removeclassattribute=1, $cleanalsojavascript=0)
Clean a string to keep only desirable HTML tags.
Definition: functions.lib.php:5827

dol_print_error
dol_print_error($db= '', $error= '', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
Definition: functions.lib.php:4080

dol_get_fiche_end
dol_get_fiche_end($notab=0)
Return tab footer of a card.
Definition: functions.lib.php:1552

dol_banner_tab
dol_banner_tab($object, $paramid, $morehtml= '', $shownav=1, $fieldid= 'rowid', $fieldref= 'ref', $morehtmlref= '', $moreparam= '', $nodbprefix=0, $morehtmlleft= '', $morehtmlstatus= '', $onlybanner=0, $morehtmlright= '')
Show tab footer of a card.
Definition: functions.lib.php:1577

llxFooter
llxFooter()
Empty footer.
Definition: wrapper.php:59

info_admin
info_admin($text, $infoonimgalt=0, $nodiv=0, $admin= '1', $morecss= '', $textfordropdown= '')
Show information for admin users or standard users.
Definition: functions.lib.php:4037

dol_escape_htmltag
dol_escape_htmltag($stringtoescape, $keepb=0, $keepn=0, $keepmoretags= '', $escapeonlyhtmltags=0)
Returns text escaped for inclusion in HTML alt or title tags, or into values of HTML input fields...
Definition: functions.lib.php:1103