27 require
'../main.inc.php';
28 require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
29 require_once DOL_DOCUMENT_ROOT.
'/core/lib/functions2.lib.php';
32 $langs->loadLangs(array(
'admin',
'users',
'other'));
34 $action =
GETPOST(
'action',
'aZ09');
40 $entity = $conf->entity;
47 if ($action ==
'add') {
48 $sql =
"UPDATE ".MAIN_DB_PREFIX.
"rights_def SET bydefault=1";
49 $sql .=
" WHERE id = ".GETPOST(
"pid",
'int');
50 $sql .=
" AND entity = ".$conf->entity;
54 if ($action ==
'remove') {
55 $sql =
"UPDATE ".MAIN_DB_PREFIX.
"rights_def SET bydefault=0";
56 $sql .=
" WHERE id = ".GETPOST(
'pid',
'int');
57 $sql .=
" AND entity = ".$conf->entity;
66 $wikihelp =
'EN:Setup_Security|FR:Paramétrage_Sécurité|ES:Configuración_Seguridad';
72 print
'<span class="opacitymedium">'.$langs->trans(
"DefaultRightsDesc").
" ".$langs->trans(
"OnlyActiveElementsAreShown").
"</span><br><br>\n";
80 foreach ($modulesdir as $dir) {
82 if (is_resource($handle)) {
83 while (($file = readdir($handle)) !==
false) {
84 if (is_readable($dir.$file) && substr($file, 0, 3) ==
'mod' && substr($file,
dol_strlen($file) - 10) ==
'.class.php') {
85 $modName = substr($file, 0,
dol_strlen($file) - 10);
87 include_once $dir.$file;
88 $objMod =
new $modName($db);
91 if (isset($objMod->langfiles) && is_array($objMod->langfiles)) {
92 foreach ($objMod->langfiles as $domain) {
93 $langs->load($domain);
97 if ($objMod->rights_class) {
98 $ret = $objMod->insert_permissions(0, $entity);
99 $modules[$objMod->rights_class] = $objMod;
119 print
'<div class="div-table-responsive-no-min">';
120 print
'<table class="noborder centpercent">';
122 print
'<tr class="liste_titre">';
123 print
'<td>'.$langs->trans(
"Module").
'</td>';
124 print
'<td class="center">'.$langs->trans(
"Default").
'</td>';
125 print
'<td class="center" width="24"> </td>';
126 print
'<td>'.$langs->trans(
"Permissions").
'</td>';
128 print
'<td class="right"></td>';
133 $sql =
"SELECT r.id, r.libelle as label, r.module, r.perms, r.subperms, r.module_position, r.bydefault";
134 $sql .=
" FROM ".MAIN_DB_PREFIX.
"rights_def as r";
135 $sql .=
" WHERE r.libelle NOT LIKE 'tou%'";
136 $sql .=
" AND r.entity = ".((int) $entity);
137 if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
138 $sql .=
" AND r.perms NOT LIKE '%_advance'";
140 $sql .=
" ORDER BY r.family_position, r.module_position, r.module, r.id";
142 $result = $db->query($sql);
144 $num = $db->num_rows($result);
149 $obj = $db->fetch_object($result);
152 if (empty($modules[$obj->module])) {
157 $objMod = $modules[$obj->module];
160 if (empty($obj->module_position) || (is_object($objMod) && $objMod->isCoreOrExternalModule() ==
'external' && $obj->module_position < 100000)) {
161 if (is_object($modules[$obj->module]) && ($modules[$obj->module]->module_position > 0)) {
166 $newmoduleposition = $modules[$obj->module]->module_position;
169 $objMod = $modules[$obj->module];
170 if (is_object($objMod) && $objMod->isCoreOrExternalModule() ==
'external' && $newmoduleposition < 100000) {
171 $newmoduleposition += 100000;
174 $sqlupdate =
'UPDATE '.MAIN_DB_PREFIX.
"rights_def SET module_position = ".((int) $newmoduleposition).
",";
175 $sqlupdate .=
" family_position = ".((int) $familyposition);
176 $sqlupdate .=
" WHERE module_position = ".((int) $obj->module_position).
" AND module = '".$db->escape($obj->module).
"'";
177 $db->query($sqlupdate);
183 foreach ($modules[$obj->module]->rights as $key => $val) {
184 if ($val[4] == $obj->perms && (empty($val[5]) || $val[5] == $obj->subperms)) {
195 if (isset($obj->module) && ($oldmod <> $obj->module)) {
196 $oldmod = $obj->module;
199 $objMod = $modules[$obj->module];
200 $picto = ($objMod->picto ? $objMod->picto :
'generic');
203 print
'<tr class="oddeven trforbreak">';
204 print
'<td class="maxwidthonsmartphone tdoverflowonsmartphone">';
205 print
img_object(
'', $picto,
'class="pictoobjectwidth paddingright"').
' '.$objMod->getName();
206 print
'<a name="'.$objMod->getName().
'"></a>';
208 print
'<td> </td>';
209 print
'<td> </td>';
210 print
'<td> </td>';
213 print
'<td class="right"></td>';
218 print
'<!-- '.$obj->module.
'->'.$obj->perms.($obj->subperms ?
'->'.$obj->subperms :
'').
' -->'.
"\n";
219 print
'<tr class="oddeven">';
222 print
'<td class="maxwidthonsmartphone tdoverflowonsmartphone">';
227 if ($obj->bydefault == 1) {
228 print
'<td class="center">';
229 print
'<a class="reposition" href="perms.php?pid='.$obj->id.
'&action=remove&token='.
newToken().
'">';
234 print
'<td class="center">';
238 print
'<td class="center">';
239 print
'<a class="reposition" href="perms.php?pid='.$obj->id.
'&action=add&token='.
newToken().
'">';
244 print
'<td class="center">';
250 $permlabel = (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ($langs->trans(
"PermissionAdvanced".$obj->id) != (
"PermissionAdvanced".$obj->id)) ? $langs->trans(
"PermissionAdvanced".$obj->id) : (($langs->trans(
"Permission".$obj->id) != (
"Permission".$obj->id)) ? $langs->trans(
"Permission".$obj->id) : $langs->trans($obj->label)));
253 if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
254 if (preg_match(
'/_advance$/', $obj->perms)) {
255 print
' <span class="opacitymedium">('.$langs->trans(
"AdvancedModeOnly").
')</span>';
262 print
'<td class="right">';
263 $htmltext = $langs->trans(
"ID").
': '.$obj->id;
264 $htmltext .=
'<br>'.$langs->trans(
"Permission").
': user->rights->'.$obj->module.
'->'.$obj->perms.($obj->subperms ?
'->'.$obj->subperms :
'');
265 print
$form->textwithpicto(
'', $htmltext);
281 $reshook = $hookmanager->executeHooks(
'insertExtraFooter',
$parameters, $object, $action);