28 if (!defined(
'CSRFCHECK_WITH_TOKEN')) {
29 define(
'CSRFCHECK_WITH_TOKEN',
'1');
33 require
'../../main.inc.php';
34 require_once DOL_DOCUMENT_ROOT.
'/user/class/usergroup.class.php';
35 require_once DOL_DOCUMENT_ROOT.
'/core/lib/usergroups.lib.php';
36 require_once DOL_DOCUMENT_ROOT.
'/core/lib/functions2.lib.php';
37 require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
40 $langs->loadLangs(array(
'users',
'admin'));
43 $action =
GETPOST(
'action',
'aZ09');
44 $confirm =
GETPOST(
'confirm',
'alpha');
45 $module =
GETPOST(
'module',
'alpha');
46 $rights =
GETPOST(
'rights',
'int');
47 $contextpage =
GETPOST(
'contextpage',
'aZ') ?
GETPOST(
'contextpage',
'aZ') :
'groupperms';
49 if (!isset($id) || empty($id)) {
54 $canreadperms = ($user->admin || $user->hasRight(
"user",
"user",
"read"));
56 $caneditperms = ($user->admin || $user->hasRight(
"user",
"user",
"write"));
58 $advancedpermsactive =
false;
59 if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
60 $advancedpermsactive =
true;
61 $canreadperms = ($user->admin || ($user->hasRight(
"user",
"group_advance",
"read") && $user->hasRight(
"user",
"group_advance",
"readperms")));
62 $caneditperms = ($user->admin || $user->hasRight(
"user",
"group_advance",
"write"));
71 $object =
new Usergroup($db);
75 $entity = $conf->entity;
78 $hookmanager->initHooks(array(
'groupperms',
'globalcard'));
86 $reshook = $hookmanager->executeHooks(
'doActions',
$parameters, $object, $action);
91 if (empty($reshook)) {
92 if ($action ==
'addrights' && $caneditperms) {
93 $editgroup =
new Usergroup($db);
94 $result = $editgroup->fetch($object->id);
96 $result = $editgroup->addrights($rights, $module,
'', $entity);
104 $user->clearrights();
108 if ($action ==
'delrights' && $caneditperms) {
109 $editgroup =
new Usergroup($db);
110 $result = $editgroup->fetch($id);
112 $result = $editgroup->delrights($rights, $module,
'', $entity);
120 $user->clearrights();
132 $title = $object->name.
" - ".$langs->trans(
'Permissions');
136 if ($object->id > 0) {
138 $title = $langs->trans(
"Group");
147 foreach ($modulesdir as $dir) {
149 if (is_resource($handle)) {
150 while (($file = readdir($handle)) !==
false) {
151 if (is_readable($dir.$file) && substr($file, 0, 3) ==
'mod' && substr($file,
dol_strlen($file) - 10) ==
'.class.php') {
152 $modName = substr($file, 0,
dol_strlen($file) - 10);
155 include_once $dir.$file;
156 $objMod =
new $modName($db);
158 if (isset($objMod->langfiles) && is_array($objMod->langfiles)) {
159 foreach ($objMod->langfiles as $domain) {
160 $langs->load($domain);
164 if ($objMod->rights_class) {
165 $ret = $objMod->insert_permissions(0, $entity);
166 $modules[$objMod->rights_class] = $objMod;
177 $permsgroupbyentity = array();
179 $sql =
"SELECT DISTINCT r.id, r.libelle, r.module, gr.entity";
180 $sql .=
" FROM ".MAIN_DB_PREFIX.
"rights_def as r,";
181 $sql .=
" ".MAIN_DB_PREFIX.
"usergroup_rights as gr";
182 $sql .=
" WHERE gr.fk_id = r.id";
183 $sql .=
" AND gr.entity = ".((int) $entity);
184 $sql .=
" AND gr.fk_usergroup = ".((int) $object->id);
187 $result = $db->query(
$sql);
189 $num = $db->num_rows($result);
192 $obj = $db->fetch_object($result);
193 if (!isset($permsgroupbyentity[$obj->entity])) {
194 $permsgroupbyentity[$obj->entity] = array();
196 array_push($permsgroupbyentity[$obj->entity], $obj->id);
208 $linkback =
'<a href="'.DOL_URL_ROOT.
'/user/group/list.php?restore_lastsearch_values=1">'.$langs->trans(
"BackToList").
'</a>';
210 dol_banner_tab($object,
'id', $linkback, $user->hasRight(
"user",
"user",
"read") || $user->admin);
212 print
'<div class="fichecenter">';
213 print
'<div class="underbanner clearboth"></div>';
216 print
'<table class="border centpercent tableforfield">';
219 if (!empty($conf->mutlicompany->enabled)) {
220 print
'<tr><td class="titlefield">'.$langs->trans(
"Name").
'</td>';
221 print
'<td colspan="2">'.$object->name;
222 if (!$object->entity) {
223 print
img_picto($langs->trans(
"GlobalGroup"),
'redstar');
225 print
"</td></tr>\n";
229 print
'<tr><td class="titlefield tdtop">'.$langs->trans(
"Description").
'</td>';
230 print
'<td class="valeur sensiblehtmlcontent">';
235 print
'</table><br>';
238 print
info_admin($langs->trans(
"WarningOnlyPermissionOfActivatedModules"));
242 $reshook = $hookmanager->executeHooks(
'insertExtraHeader',
$parameters, $object, $action);
248 print
'<div class="div-table-responsive-no-min">';
249 print
'<table class="noborder centpercent">';
250 print
'<tr class="liste_titre">';
251 print
'<td>'.$langs->trans(
"Module").
'</td>';
253 print
'<td class="center nowrap">';
254 print
'<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans(
"All")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"All")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.$object->id.
'&action=addrights&token='.
newToken().
'&entity='.$entity.
'&module=allmodules&confirm=yes">'.$langs->trans(
"All").
"</a>";
256 print
'<a class="reposition commonlink" title="'.dol_escape_htmltag($langs->trans(
"None")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"None")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.$object->id.
'&action=delrights&&token='.
newToken().
'&entity='.$entity.
'&module=allmodules&confirm=yes">'.$langs->trans(
"None").
"</a>";
261 print
'<td class="center" width="24"></td>';
263 print
'<td class="center"></td>';
265 print
'<td class="right nowrap">';
266 print
'<a class="showallperms" title="'.dol_escape_htmltag($langs->trans(
"ShowAllPerms")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"ShowAllPerms")).
'" href="#">'.
img_picto(
'',
'folder-open',
'class="paddingright"').
'<span class="hideonsmartphone">'.$langs->trans(
"ExpandAll").
'</span></a>';
268 print
'<a class="hideallperms" title="'.dol_escape_htmltag($langs->trans(
"HideAllPerms")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"HideAllPerms")).
'" href="#">'.
img_picto(
'',
'folder',
'class="paddingright"').
'<span class="hideonsmartphone">'.$langs->trans(
"UndoExpandAll").
'</span></a>';
272 $sql =
"SELECT r.id, r.libelle as label, r.module, r.perms, r.subperms, r.module_position, r.bydefault";
273 $sql .=
" FROM ".MAIN_DB_PREFIX.
"rights_def as r";
274 $sql .=
" WHERE r.libelle NOT LIKE 'tou%'";
275 $sql .=
" AND r.entity = ".((int) $entity);
276 if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
277 $sql .=
" AND r.perms NOT LIKE '%_advance'";
279 $sql .=
" ORDER BY r.family_position, r.module_position, r.module, r.id";
281 $result = $db->query(
$sql);
283 $num = $db->num_rows($result);
287 $cookietohidegroup = (empty($_COOKIE[
"DOLUSER_PERMS_HIDE_GRP"]) ?
'' : preg_replace(
'/^,/',
'', $_COOKIE[
"DOLUSER_PERMS_HIDE_GRP"]));
288 $cookietohidegrouparray = explode(
',', $cookietohidegroup);
291 $obj = $db->fetch_object($result);
294 if (empty($modules[$obj->module])) {
299 $objMod = $modules[$obj->module];
302 $ishidden =
GETPOST(
'forbreakperms_'.$obj->module,
'int');
303 } elseif (in_array($j, $cookietohidegrouparray)) {
308 $isexpanded = ! $ishidden;
311 if (isset($obj->module) && ($oldmod <> $obj->module)) {
312 $oldmod = $obj->module;
316 $ishidden =
GETPOST(
'forbreakperms_'.$obj->module,
'int');
317 } elseif (in_array($j, $cookietohidegrouparray)) {
322 $isexpanded = ! $ishidden;
324 $objMod = $modules[$obj->module];
325 $picto = ($objMod->picto ? $objMod->picto :
'generic');
328 print
'<tr class="oddeven trforbreakperms" data-hide-perms="'.$obj->module.
'" data-j="'.$j.
'">';
330 print
'<td class="maxwidthonsmartphone tdoverflowonsmartphone tdforbreakperms" data-hide-perms="'.$obj->module.
'">';
331 print
img_object(
'', $picto,
'class="pictoobjectwidth paddingright"').
' '.$objMod->getName();
332 print
'<a name="'.$objMod->getName().
'"></a>';
336 print
'<td class="center wraponsmartphone">';
337 print
'<span class="permtohide_'.$obj->module.
'" '.(!$isexpanded ?
' style="display:none"' :
'').
'>';
338 print
'<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans(
"All")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"All")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.$object->id.
'&action=addrights&token='.
newToken().
'&entity='.$entity.
'&module='.$obj->module.
'&confirm=yes&updatedmodulename='.$obj->module.
'">'.$langs->trans(
"All").
"</a>";
340 print
'<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans(
"None")).
'" alt="'.
dol_escape_htmltag($langs->trans(
"None")).
'" href="'.$_SERVER[
"PHP_SELF"].
'?id='.$object->id.
'&action=delrights&token='.
newToken().
'&entity='.$entity.
'&module='.$obj->module.
'&confirm=yes&updatedmodulename='.$obj->module.
'">'.$langs->trans(
"None").
"</a>";
343 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'">';
346 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'"></td>';
347 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'"></td>';
350 print
'<td class="tdforbreakperms" data-hide-perms="'.$obj->module.
'"></td>';
351 print
'<td class="maxwidthonsmartphone right tdforbreakperms" data-hide-perms="'.$obj->module.
'">';
352 print
'<div class="switchfolderperms folderperms_'.$obj->module.
'"'.($isexpanded ?
' style="display:none;"' :
'').
'>';
353 print
img_picto(
'',
'folder',
'class="marginright"');
355 print
'<div class="switchfolderperms folderopenperms_'.$obj->module.
'"'.(!$isexpanded ?
' style="display:none;"' :
'').
'>';
356 print
img_picto(
'',
'folder-open',
'class="marginright"');
362 print
'<!-- '.$obj->module.
'->'.$obj->perms.($obj->subperms ?
'->'.$obj->subperms :
'').
' -->'.
"\n";
363 print
'<tr class="oddeven trtohide_'.$obj->module.
'"'.(!$isexpanded ?
' style="display:none"' :
'').
'>';
367 print
'<td class="maxwidthonsmartphone tdoverflowonsmartphone">';
368 print
'<input type="hidden" name="forbreakperms_'.$obj->module.
'" id="idforbreakperms_'.$obj->module.
'" css="cssforfieldishiden" data-j="'.$j.
'" value="'.($isexpanded ?
'0' :
"1").
'">';
373 if (!empty($permsgroupbyentity[$entity]) && is_array($permsgroupbyentity[$entity])) {
374 if (in_array($obj->id, $permsgroupbyentity[$entity])) {
377 print
'<td class="center"><a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?id='.$object->id.
'&action=delrights&token='.
newToken().
'&entity='.$entity.
'&rights='.$obj->id.
'&confirm=yes">';
379 print
img_picto($langs->trans(
"Remove"),
'switch_on');
382 print
'<td class="center nowrap">';
383 print
img_picto($langs->trans(
"Active"),
'tick');
388 print
'<td class="center"><a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?id='.$object->id.
'&action=addrights&token='.
newToken().
'&entity='.$entity.
'&rights='.$obj->id.
'&confirm=yes">';
390 print
img_picto($langs->trans(
"Add"),
'switch_off');
393 print
'<td> </td>';
398 print
'<td class="center"><a class="reposition" href="'.$_SERVER[
"PHP_SELF"].
'?id='.$object->id.
'&action=addrights&entity='.$entity.
'&rights='.$obj->id.
'&confirm=yes&token='.
newToken().
'">';
400 print
img_picto($langs->trans(
"Add"),
'switch_off');
403 print
'<td> </td>';
405 print
'<td> </td>';
409 $permlabel = (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ($langs->trans(
"PermissionAdvanced".$obj->id) != (
"PermissionAdvanced".$obj->id)) ? $langs->trans(
"PermissionAdvanced".$obj->id) : (($langs->trans(
"Permission".$obj->id) != (
"Permission".$obj->id)) ? $langs->trans(
"Permission".$obj->id) : $langs->trans($obj->label)));
412 if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
413 if (preg_match(
'/_advance$/', $obj->perms)) {
414 print
' <span class="opacitymedium">('.$langs->trans(
"AdvancedModeOnly").
')</span>';
421 print
'<td class="right">';
422 $htmltext = $langs->trans(
"ID").
': '.$obj->id;
423 $htmltext .=
'<br>'.$langs->trans(
"Permission").
': user->rights->'.$obj->module.
'->'.$obj->perms.($obj->subperms ?
'->'.$obj->subperms :
'');
424 print
$form->textwithpicto(
'', $htmltext);
428 print
'<td> </td>';
440 print
'$(".tdforbreakperms:not(.alink)").on("click", function(){
441 console.log("Click on tdforbreakperms");
442 moduletohide = $(this).data("hide-perms");
443 j = $(this).data("j");
444 if ($("#idforbreakperms_"+moduletohide).val() == 1) {
445 console.log("idforbreakperms_"+moduletohide+" has value hidden=1");
446 $(".trtohide_"+moduletohide).show();
447 $(".permtoshow_"+moduletohide).hide();
448 $(".permtohide_"+moduletohide).show();
449 $(".folderperms_"+moduletohide).hide();
450 $(".folderopenperms_"+moduletohide).show();
451 $("#idforbreakperms_"+moduletohide).val("0");
453 console.log("idforbreakperms_"+moduletohide+" has value hidden=0");
454 $(".trtohide_"+moduletohide).hide();
455 $(".folderopenperms_"+moduletohide).hide();
456 $(".folderperms_"+moduletohide).show();
457 $(".permtoshow_"+moduletohide).show();
458 $(".permtohide_"+moduletohide).hide();
459 $("#idforbreakperms_"+moduletohide).val("1");
462 // Now rebuild the value for cookie
464 $(".trforbreakperms").each(function(index) {
465 //console.log( index + ": " + $( this ).data("j") + " " + $( this ).data("hide-perms") + " " + $("input[data-j="+(index+1)+"]").val());
466 if ($("input[data-j="+(index+1)+"]").val() == 1) {
467 hideuserperm=hideuserperm+","+(index+1);
471 date = new Date(); date.setTime(date.getTime()+(30*86400000));
473 console.log("set cookie DOLUSER_PERMS_HIDE_GRP="+hideuserperm);
474 document.cookie = "DOLUSER_PERMS_HIDE_GRP=" + hideuserperm + "; expires=" + date.toGMTString() + "; path=/ ";
476 console.log("delete cookie DOLUSER_PERMS_HIDE_GRP");
477 document.cookie = "DOLUSER_PERMS_HIDE_GRP=; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/ ";
482 print
'$(".showallperms").on("click", function(){
483 console.log("Click on showallperms");
485 console.log("delete cookie DOLUSER_PERMS_HIDE_GRP from showallperms click");
486 document.cookie = "DOLUSER_PERMS_HIDE_GRP=; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/ ";
487 $(".tdforbreakperms").each( function(){
488 moduletohide = $(this).data("hide-perms");
489 //console.log(moduletohide);
490 if ($("#idforbreakperms_"+moduletohide).val() != 0) {
491 $(this).trigger("click"); // emulate the click, so the cooki will be resaved
496 $(".hideallperms").on("click", function(){
497 console.log("Click on hideallperms");
499 $(".tdforbreakperms").each( function(){
500 moduletohide = $(this).data("hide-perms");
501 //console.log(moduletohide);
502 if ($("#idforbreakperms_"+moduletohide).val() != 1) {
503 $(this).trigger("click"); // emulate the click, so the cooki will be resaved
511 print
'.switchfolderperms{
518 $reshook = $hookmanager->executeHooks(
'insertExtraFooter',
$parameters, $object, $action);