30if (!defined(
'CSRFCHECK_WITH_TOKEN')) {
31 define(
'CSRFCHECK_WITH_TOKEN',
'1');
35require
'../../main.inc.php';
36require_once DOL_DOCUMENT_ROOT.
'/user/class/usergroup.class.php';
37require_once DOL_DOCUMENT_ROOT.
'/core/lib/usergroups.lib.php';
38require_once DOL_DOCUMENT_ROOT.
'/core/lib/functions2.lib.php';
39require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
50$langs->loadLangs(array(
'users',
'admin'));
53$action =
GETPOST(
'action',
'aZ09');
54$confirm =
GETPOST(
'confirm',
'alpha');
55$module =
GETPOST(
'module',
'alpha');
57$contextpage =
GETPOST(
'contextpage',
'aZ') ?
GETPOST(
'contextpage',
'aZ') :
'groupperms';
59if (!isset($id) || empty($id)) {
64$permissiontoread = ($user->admin || $user->hasRight(
"user",
"user",
"read"));
66$permissiontoedit = ($user->admin || $user->hasRight(
"user",
"user",
"write"));
68$advancedpermsactive =
false;
70 $advancedpermsactive =
true;
71 $permissiontoread = ($user->admin || ($user->hasRight(
"user",
"group_advance",
"read") && $user->hasRight(
"user",
"group_advance",
"readperms")));
72 $permissiontoedit = ($user->admin || $user->hasRight(
"user",
"group_advance",
"write"));
77if (!empty($user->socid) && $user->socid > 0) {
78 $socid = $user->socid;
81if (!$permissiontoread) {
89$entity =
$conf->entity;
92$hookmanager->initHooks(array(
'groupperms',
'globalcard'));
99$parameters = array(
'socid' => $socid);
100$reshook = $hookmanager->executeHooks(
'doActions', $parameters,
$object, $action);
105if (empty($reshook)) {
106 if ($action ==
'addrights' && $permissiontoedit) {
108 $result = $editgroup->fetch(
$object->id);
110 $result = $editgroup->addrights($rights, $module,
'', $entity);
118 $user->clearrights();
122 if ($action ==
'delrights' && $permissiontoedit) {
124 $result = $editgroup->fetch($id);
126 $result = $editgroup->delrights($rights, $module,
'', $entity);
134 $user->clearrights();
144$form =
new Form($db);
146$title =
$object->name.
" - ".$langs->trans(
'Permissions');
148llxHeader(
'', $title, $help_url,
'', 0, 0,
'',
'',
'',
'mod-user page-group_perms');
152 $title = $langs->trans(
"Group");
161 foreach ($modulesdir as $dir) {
163 if (is_resource($handle)) {
164 while (($file = readdir($handle)) !==
false) {
165 if (is_readable($dir.$file) && substr($file, 0, 3) ==
'mod' && substr($file,
dol_strlen($file) - 10) ==
'.class.php') {
166 $modName = substr($file, 0,
dol_strlen($file) - 10);
169 include_once $dir.$file;
170 $objMod =
new $modName($db);
171 '@phan-var-force DolibarrModules $objMod';
173 if (isset($objMod->langfiles) && is_array($objMod->langfiles)) {
174 foreach ($objMod->langfiles as $domain) {
175 $langs->load($domain);
179 if ($objMod->rights_class) {
180 $ret = $objMod->insert_permissions(0, $entity);
181 $modules[$objMod->rights_class] = $objMod;
192 $permsgroupbyentity = array();
194 $sql =
"SELECT DISTINCT r.id, r.libelle, r.module, gr.entity";
195 $sql .=
" FROM ".MAIN_DB_PREFIX.
"rights_def as r,";
196 $sql .=
" ".MAIN_DB_PREFIX.
"usergroup_rights as gr";
197 $sql .=
" WHERE gr.fk_id = r.id";
198 $sql .=
" AND gr.entity = ".((int) $entity);
199 $sql .=
" AND gr.fk_usergroup = ".((int)
$object->id);
202 $result = $db->query($sql);
204 $num = $db->num_rows($result);
207 $obj = $db->fetch_object($result);
208 if (!isset($permsgroupbyentity[$obj->entity])) {
209 $permsgroupbyentity[$obj->entity] = array();
211 array_push($permsgroupbyentity[$obj->entity], $obj->id);
223 $linkback =
'<a href="'.DOL_URL_ROOT.
'/user/group/list.php?restore_lastsearch_values=1">'.$langs->trans(
"BackToList").
'</a>';
225 dol_banner_tab(
$object,
'id', $linkback, $user->hasRight(
"user",
"user",
"read") || $user->admin);
227 print
'<div class="fichecenter">';
229 print
'<div class="underbanner clearboth"></div>';
230 print
'<table class="border centpercent tableforfield">';
233 if (isModEnabled(
'multicompany')) {
234 print
'<tr><td class="titlefield">'.$langs->trans(
"Name").
'</td>';
235 print
'<td class="valeur">'.dol_escape_htmltag(
$object->name);
237 print
img_picto($langs->trans(
"GlobalGroup"),
'redstar');
239 print
"</td></tr>\n";
243 if (isModEnabled(
'multicompany') && is_object($mc) && !
getDolGlobalString(
'MULTICOMPANY_TRANSVERSE_MODE') &&
$conf->entity == 1 && $user->admin && !$user->entity) {
245 print
"<tr>".
'<td class="titlefield">'.$langs->trans(
"Entity").
'</td>';
246 print
'<td class="valeur">'.dol_escape_htmltag($mc->label);
247 print
"</td></tr>\n";
254 include DOL_DOCUMENT_ROOT.
'/core/tpl/commonfields_view.tpl.php';
257 include DOL_DOCUMENT_ROOT.
'/core/tpl/extrafields_view.tpl.php';
263 print
'<div class="clearboth"></div>';
268 print
info_admin($langs->trans(
"WarningOnlyPermissionOfActivatedModules"));
271 $parameters = array();
272 $reshook = $hookmanager->executeHooks(
'insertExtraHeader', $parameters,
$object, $action);
278 print
'<div class="div-table-responsive-no-min">';
279 print
'<table class="noborder centpercent">';
280 print
'<tr class="liste_titre">';
281 print
'<td>'.$langs->trans(
"Module").
'</td>';
282 if ($permissiontoedit) {
283 print
'<td class="center nowrap">';
284 print
'<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans(
"All")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"All")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.
$object->id.
'&action=addrights&token='.
newToken().
'&entity='.$entity.
'&module=allmodules&confirm=yes">'.$langs->trans(
"All").
"</a>";
286 print
'<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans(
"None")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"None")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.
$object->id.
'&action=delrights&&token='.
newToken().
'&entity='.$entity.
'&module=allmodules&confirm=yes">'.$langs->trans(
"None").
"</a>";
291 print
'<td class="center" width="24"></td>';
293 print
'<td class="center"></td>';
295 print
'<td class="right nowrap">';
296 print
'<a class="showallperms" title="'.dol_escape_htmltag($langs->trans(
"ShowAllPerms")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"ShowAllPerms")).
'" href="#">'.
img_picto(
'',
'folder-open',
'class="paddingright"').
'<span class="hideonsmartphone">'.$langs->trans(
"ExpandAll").
'</span></a>';
298 print
'<a class="hideallperms" title="'.dol_escape_htmltag($langs->trans(
"HideAllPerms")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"HideAllPerms")).
'" href="#">'.
img_picto(
'',
'folder',
'class="paddingright"').
'<span class="hideonsmartphone">'.$langs->trans(
"UndoExpandAll").
'</span></a>';
302 $sql =
"SELECT r.id, r.libelle as label, r.module, r.perms, r.subperms, r.module_position, r.bydefault";
303 $sql .=
" FROM ".MAIN_DB_PREFIX.
"rights_def as r";
304 $sql .=
" WHERE r.libelle NOT LIKE 'tou%'";
305 $sql .=
" AND r.entity = ".((int) $entity);
307 $sql .=
" AND r.perms NOT LIKE '%_advance'";
309 $sql .=
" ORDER BY r.family_position, r.module_position, r.module, r.id";
311 $result = $db->query($sql);
313 $num = $db->num_rows($result);
318 $cookietohidegroup = (empty($_COOKIE[
"DOLUSER_PERMS_HIDE_GRP"]) ?
'' : preg_replace(
'/^,/',
'', $_COOKIE[
"DOLUSER_PERMS_HIDE_GRP"]));
319 $cookietohidegrouparray = explode(
',', $cookietohidegroup);
322 $obj = $db->fetch_object($result);
325 if (empty($modules[$obj->module])) {
330 $objMod = $modules[$obj->module];
332 if (GETPOSTISSET(
'forbreakperms_'.$obj->module)) {
333 $ishidden =
GETPOSTINT(
'forbreakperms_'.$obj->module);
334 } elseif (in_array($j, $cookietohidegrouparray)) {
339 $isexpanded = ! $ishidden;
342 if (isset($obj->module) && ($oldmod != $obj->module)) {
343 $oldmod = $obj->module;
346 if (GETPOSTISSET(
'forbreakperms_'.$obj->module)) {
347 $ishidden =
GETPOSTINT(
'forbreakperms_'.$obj->module);
348 } elseif (in_array($j, $cookietohidegrouparray)) {
353 $isexpanded = ! $ishidden;
355 $objMod = $modules[$obj->module];
356 $picto = ($objMod->picto ? $objMod->picto :
'generic');
359 print
'<tr class="oddeven trforbreakperms" data-hide-perms="'.$obj->module.
'" data-j="'.$j.
'">';
361 print
'<td class="maxwidthonsmartphone tdoverflowmax200 tdforbreakperms" data-hide-perms="'.$obj->module.
'" title="'.
dol_escape_htmltag($objMod->getName()).
'">';
362 print
img_object(
'', $picto,
'class="pictoobjectwidth paddingright"').
' '.$objMod->getName();
363 print
'<a name="'.$objMod->getName().
'"></a>';
366 if ($permissiontoedit) {
367 print
'<td class="center wraponsmartphone">';
368 print
'<span class="permtohide_'.$obj->module.
'" '.(!$isexpanded ?
' style="display:none"' :
'').
'>';
369 print
'<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans(
"All")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"All")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.
$object->id.
'&action=addrights&token='.
newToken().
'&entity='.$entity.
'&module='.$obj->module.
'&confirm=yes&updatedmodulename='.$obj->module.
'">'.$langs->trans(
"All").
"</a>";
371 print
'<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans(
"None")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"None")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.
$object->id.
'&action=delrights&token='.
newToken().
'&entity='.$entity.
'&module='.$obj->module.
'&confirm=yes&updatedmodulename='.$obj->module.
'">'.$langs->trans(
"None").
"</a>";
374 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'">';
377 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'"></td>';
378 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'"></td>';
381 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'"></td>';
382 print
'<td class="maxwidthonsmartphone right tdforbreakperms" data-hide-perms="'.$obj->module.
'">';
383 print
'<div class="switchfolderperms folderperms_'.$obj->module.
'"'.($isexpanded ?
' style="display:none;"' :
'').
'>';
384 print
img_picto(
'',
'folder',
'class="marginright"');
386 print
'<div class="switchfolderperms folderopenperms_'.$obj->module.
'"'.(!$isexpanded ?
' style="display:none;"' :
'').
'>';
387 print
img_picto(
'',
'folder-open',
'class="marginright"');
393 print
'<!-- '.$obj->module.
'->'.$obj->perms.($obj->subperms ?
'->'.$obj->subperms :
'').
' -->'.
"\n";
394 print
'<tr class="oddeven trtohide_'.$obj->module.
'"'.(!$isexpanded ?
' style="display:none"' :
'').
'>';
398 print
'<td class="maxwidthonsmartphone tdoverflowmax200">';
399 print
'<input type="hidden" name="forbreakperms_'.$obj->module.
'" id="idforbreakperms_'.$obj->module.
'" css="cssforfieldishiden" data-j="'.$j.
'" value="'.($isexpanded ?
'0' :
"1").
'">';
404 if (!empty($permsgroupbyentity[$entity]) && is_array($permsgroupbyentity[$entity])) {
405 if (in_array($obj->id, $permsgroupbyentity[$entity])) {
407 if ($permissiontoedit) {
408 print
'<td class="center"><a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?id='.
$object->id.
'&action=delrights&token='.
newToken().
'&entity='.$entity.
'&rights='.$obj->id.
'&confirm=yes">';
410 print
img_picto($langs->trans(
"Remove"),
'switch_on');
413 print
'<td class="center nowrap">';
414 print
img_picto($langs->trans(
"Active"),
'tick');
418 if ($permissiontoedit) {
419 print
'<td class="center"><a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?id='.
$object->id.
'&action=addrights&token='.
newToken().
'&entity='.$entity.
'&rights='.$obj->id.
'&confirm=yes">';
421 print
img_picto($langs->trans(
"Add"),
'switch_off');
424 print
'<td> </td>';
428 if ($permissiontoedit) {
429 print
'<td class="center"><a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?id='.
$object->id.
'&action=addrights&entity='.$entity.
'&rights='.$obj->id.
'&confirm=yes&token='.
newToken().
'">';
431 print
img_picto($langs->trans(
"Add"),
'switch_off');
434 print
'<td> </td>';
436 print
'<td> </td>';
440 $permlabel = (
getDolGlobalString(
'MAIN_USE_ADVANCED_PERMS') && ($langs->trans(
"PermissionAdvanced".$obj->id) !=
"PermissionAdvanced".$obj->id) ? $langs->trans(
"PermissionAdvanced".$obj->id) : (($langs->trans(
"Permission".$obj->id) !=
"Permission".$obj->id) ? $langs->trans(
"Permission".$obj->id) : $langs->trans($obj->label)));
444 if (in_array($idtouse, array(121, 122, 125, 126))) {
447 if ($langs->trans(
"Permission".$idtouse.
'b') !=
"Permission".$idtouse.
'b') {
448 print
'<br><span class="opacitymedium">'.$langs->trans(
"Permission".$idtouse.
'b').
'</span>';
450 if ($langs->trans(
"Permission".$obj->id.
'c') !=
"Permission".$obj->id.
'c') {
451 print
'<br><span class="opacitymedium">'.$langs->trans(
"Permission".$obj->id.
'c').
'</span>';
454 if (preg_match(
'/_advance$/', $obj->perms)) {
455 print
' <span class="opacitymedium">('.$langs->trans(
"AdvancedModeOnly").
')</span>';
462 print
'<td class="right">';
463 $htmltext = $langs->trans(
"ID").
': '.$obj->id;
464 $htmltext .=
'<br>'.$langs->trans(
"Permission").
': user->hasRight(\''.$obj->module.
'\', \
''.$obj->perms.
'\''.($obj->subperms ?
', \''.$obj->subperms.
'\'' :
'').
')';
465 print $form->textwithpicto(
'', $htmltext);
469 print
'<td> </td>';
481 print
'$(".tdforbreakperms:not(.alink)").on("click", function(){
482 console.log("Click on tdforbreakperms");
483 moduletohide = $(this).data("hide-perms");
484 j = $(this).data("j");
485 if ($("#idforbreakperms_"+moduletohide).val() == 1) {
486 console.log("idforbreakperms_"+moduletohide+" has value hidden=1");
487 $(".trtohide_"+moduletohide).show();
488 $(".permtoshow_"+moduletohide).hide();
489 $(".permtohide_"+moduletohide).show();
490 $(".folderperms_"+moduletohide).hide();
491 $(".folderopenperms_"+moduletohide).show();
492 $("#idforbreakperms_"+moduletohide).val("0");
494 console.log("idforbreakperms_"+moduletohide+" has value hidden=0");
495 $(".trtohide_"+moduletohide).hide();
496 $(".folderopenperms_"+moduletohide).hide();
497 $(".folderperms_"+moduletohide).show();
498 $(".permtoshow_"+moduletohide).show();
499 $(".permtohide_"+moduletohide).hide();
500 $("#idforbreakperms_"+moduletohide).val("1");
503 // Now rebuild the value for cookie
505 $(".trforbreakperms").each(function(index) {
506 //console.log( index + ": " + $( this ).data("j") + " " + $( this ).data("hide-perms") + " " + $("input[data-j="+(index+1)+"]").val());
507 if ($("input[data-j="+(index+1)+"]").val() == 1) {
508 hideuserperm=hideuserperm+","+(index+1);
512 date = new Date(); date.setTime(date.getTime()+(30*86400000));
514 console.log("set cookie DOLUSER_PERMS_HIDE_GRP="+hideuserperm);
515 document.cookie = "DOLUSER_PERMS_HIDE_GRP=" + hideuserperm + "; expires=" + date.toGMTString() + "; path=/ ";
517 console.log("delete cookie DOLUSER_PERMS_HIDE_GRP");
518 document.cookie = "DOLUSER_PERMS_HIDE_GRP=; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/ ";
523 print
'$(".showallperms").on("click", function(){
524 console.log("Click on showallperms");
526 console.log("delete cookie DOLUSER_PERMS_HIDE_GRP from showallperms click");
527 document.cookie = "DOLUSER_PERMS_HIDE_GRP=; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/ ";
528 $(".tdforbreakperms").each( function(){
529 moduletohide = $(this).data("hide-perms");
530 //console.log(moduletohide);
531 if ($("#idforbreakperms_"+moduletohide).val() != 0) {
532 $(this).trigger("click"); // emulate the click, so the cooki will be resaved
537 $(".hideallperms").on("click", function(){
538 console.log("Click on hideallperms");
540 $(".tdforbreakperms").each( function(){
541 moduletohide = $(this).data("hide-perms");
542 //console.log(moduletohide);
543 if ($("#idforbreakperms_"+moduletohide).val() != 1) {
544 $(this).trigger("click"); // emulate the click, so the cooki will be resaved
552 print
'.switchfolderperms{
558 $parameters = array();
559 $reshook = $hookmanager->executeHooks(
'insertExtraFooter', $parameters,
$object, $action);
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader($head='', $title='', $help_url='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='', $morecssonbody='', $replacemainareaby='', $disablenofollow=0, $disablenoindex=0)
Empty header.
Class to manage user groups.
dolGetModulesDirs($subdir='')
Return list of directories that contain modules.
img_object($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0)
Show a picto called object_picto (generic function)
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0)
Show tabs of a record.
dol_osencode($str)
Return a string encoded into OS filesystem encoding.
dol_get_fiche_end($notab=0)
Return tab footer of a card.
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
newToken()
Return the value of token currently saved into session with name 'newtoken'.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_print_error($db=null, $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
info_admin($text, $infoonimgalt=0, $nodiv=0, $admin='1', $morecss='hideonsmartphone', $textfordropdown='', $picto='')
Show information in HTML for admin users or standard users.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
dol_escape_htmltag($stringtoescape, $keepb=0, $keepn=0, $noescapetags='', $escapeonlyhtmltags=0, $cleanalsojavascript=0)
Returns text escaped for inclusion in HTML alt or title or value tags, or into values of HTML input f...
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
group_prepare_head($object)
Prepare array with list of tabs.