dolibarr 24.0.0-beta
perms.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3 * Copyright (C) 2002-2003 Jean-Louis Bergamo <jlb@j1b.org>
4 * Copyright (C) 2004-2020 Laurent Destailleur <eldy@users.sourceforge.net>
5 * Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
6 * Copyright (C) 2005-2017 Regis Houssin <regis.houssin@inodbox.com>
7 * Copyright (C) 2020 Tobias Sekan <tobias.sekan@startmail.com>
8 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
9 * Copyright (C) 2024-2026 Frédéric France <frederic.france@free.fr>
10 * Copyright (C) 2026 Alexandre Spangaro <alexandre@inovea-conseil.com>
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 3 of the License, or
15 * (at your option) any later version.
16 *
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program. If not, see <https://www.gnu.org/licenses/>.
24 */
25
31if (!defined('CSRFCHECK_WITH_TOKEN')) {
32 define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
33}
34
35// Load Dolibarr environment
36require '../../main.inc.php';
45require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';
46require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';
47require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
48require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
49require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
50
51// Load translation files required by page
52$langs->loadLangs(array('users', 'admin'));
53
54$id = GETPOSTINT('id');
55$action = GETPOST('action', 'aZ09');
56$confirm = GETPOST('confirm', 'alpha');
57$module = GETPOST('module', 'alpha');
58$rights = GETPOSTINT('rights');
59$updatedmodulename = GETPOST('updatedmodulename', 'alpha');
60$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'groupperms'; // To manage different context of search
61
62if (!isset($id) || empty($id)) {
63 accessforbidden();
64}
65
66// Define if user can read permissions
67$permissiontoread = ($user->admin || $user->hasRight("user", "user", "read"));
68// Define if user can modify group permissions
69$permissiontoedit = ($user->admin || $user->hasRight("user", "user", "write"));
70// Advanced permissions
71$advancedpermsactive = false;
72if (getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
73 $advancedpermsactive = true;
74 $permissiontoread = ($user->admin || ($user->hasRight("user", "group_advance", "read") && $user->hasRight("user", "group_advance", "readperms")));
75 $permissiontoedit = ($user->admin || $user->hasRight("user", "group_advance", "write"));
76}
77
78// Security check
79$socid = 0;
80if (!empty($user->socid) && $user->socid > 0) {
81 $socid = $user->socid;
82}
83//restrictedArea($user, 'user', $id, 'usergroup', '');
84if (!$permissiontoread) {
85 accessforbidden();
86}
87
88$object = new UserGroup($db);
89$object->fetch($id);
90$object->loadRights();
91
92$entity = $conf->entity;
93
94// Initialize a technical object to manage hooks of page. Note that conf->hooks_modules contains an array of hook context
95$hookmanager->initHooks(array('groupperms', 'globalcard'));
96
97
98/*
99 * Actions
100 */
101
102$parameters = array('socid' => $socid);
103$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
104if ($reshook < 0) {
105 setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
106}
107
108if (empty($reshook)) {
109 if ($action == 'addrights' && $permissiontoedit) {
110 $editgroup = new UserGroup($db);
111 $result = $editgroup->fetch($object->id);
112 if ($result > 0) {
113 $result = $editgroup->addrights($rights, $module, '', $entity);
114 if ($result < 0) {
115 setEventMessages($editgroup->error, $editgroup->errors, 'errors');
116 }
117 } else {
118 dol_print_error($db);
119 }
120
121 $user->clearrights();
122 $user->loadRights();
123
124 // We redirect to avoid to get an URL with token inside
125 $qs = $_SERVER["QUERY_STRING"];
126 $qs = preg_replace('/&action=addrights/', '', $qs);
127 $qs = preg_replace('/&token=[0-9a-f]+/i', '', $qs);
128 $qs = preg_replace('/&confirm=yes/', '', $qs);
129 //var_dump($qs);exit;
130 header("Location: ".$_SERVER["PHP_SELF"].($qs ? "?".$qs : ""));
131 exit;
132 }
133
134 if ($action == 'delrights' && $permissiontoedit) {
135 $editgroup = new UserGroup($db);
136 $result = $editgroup->fetch($id);
137 if ($result > 0) {
138 $result = $editgroup->delrights($rights, $module, '', $entity);
139 if ($result < 0) {
140 setEventMessages($editgroup->error, $editgroup->errors, 'errors');
141 }
142 } else {
143 dol_print_error($db);
144 }
145
146 $user->clearrights();
147 $user->loadRights();
148
149 // We redirect to avoid to get an URL with token inside
150 $qs = $_SERVER["QUERY_STRING"];
151 $qs = preg_replace('/&action=delrights/', '', $qs);
152 $qs = preg_replace('/&token=[0-9a-f]+/i', '', $qs);
153 $qs = preg_replace('/&confirm=yes/', '', $qs);
154 //var_dump($qs);exit;
155 header("Location: ".$_SERVER["PHP_SELF"].($qs ? "?".$qs : ""));
156 exit;
157 }
158}
159
160
161/*
162 * View
163 */
164
165$form = new Form($db);
166$formother = new FormOther($db);
167
168$title = $object->name." - ".$langs->trans('Permissions');
169$help_url = '';
170llxHeader('', $title, $help_url, '', 0, 0, '', '', '', 'mod-user page-group_perms');
171
172if ($object->id <= 0) {
173 accessforbidden('Group not found');
174}
175
176$head = group_prepare_head($object);
177$title = $langs->trans("Group");
178print dol_get_fiche_head($head, 'rights', $title, -1, 'group');
179
180// Charge les modules soumis a permissions
181$modules = array();
182$modulesdir = dolGetModulesDirs();
183
184// Modules to ignore depending on supplier module mode
185$excludedModules = getDolGlobalInt('MAIN_USE_NEW_SUPPLIERMOD') ? array('modFournisseur') : array('modSupplierOrder', 'modSupplierInvoice');
186
187$db->begin();
188
189foreach ($modulesdir as $dir) {
190 $handle = @opendir(dol_osencode($dir));
191 if (is_resource($handle)) {
192 while (($file = readdir($handle)) !== false) {
193 if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php') {
194 $modName = substr($file, 0, dol_strlen($file) - 10);
195
196 if ($modName) {
197 // Exclude old/new supplier descriptors depending on MAIN_USE_NEW_SUPPLIERMOD
198 if (in_array($modName, $excludedModules, true)) {
199 continue;
200 }
201
202 include_once $dir.$file;
203 $objMod = new $modName($db);
204 '@phan-var-force DolibarrModules $objMod';
207 // Load all lang files of module
208 if (isset($objMod->langfiles) && is_array($objMod->langfiles)) {
209 foreach ($objMod->langfiles as $domain) {
210 $langs->load($domain);
211 }
212 }
213 // Load all permissions
214 if ($objMod->rights_class) {
215 $objMod->insert_permissions(0, $entity);
216 $modules[$objMod->rights_class] = $objMod;
217 }
218 }
219 }
220 }
221 }
222}
223
224$db->commit();
225
226// Read permissions of group
227$permsgroupbyentity = array();
228
229$sql = "SELECT DISTINCT r.id, r.libelle, r.module, r.perms, r.subperms, r.module_position, r.family, r.family_position, gr.entity";
230$sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r,";
231$sql .= " ".MAIN_DB_PREFIX."usergroup_rights as gr";
232$sql .= " WHERE gr.fk_id = r.id";
233$sql .= " AND gr.entity = ".((int) $entity);
234$sql .= " AND gr.fk_usergroup = ".((int) $object->id);
235
236dol_syslog("get user perms", LOG_DEBUG);
237$result = $db->query($sql);
238if ($result) {
239 $num = $db->num_rows($result);
240 $i = 0;
241 while ($i < $num) {
242 $obj = $db->fetch_object($result);
243 if (!isset($permsgroupbyentity[(int) $obj->entity])) {
244 $permsgroupbyentity[(int) $obj->entity] = array();
245 }
246 array_push($permsgroupbyentity[(int) $obj->entity], (int) $obj->id);
247 $i++;
248 }
249 $db->free($result);
250} else {
251 dol_print_error($db);
252}
253
254/*
255 * Part to add/remove permissions
256 */
257
258$linkback = '<a href="'.DOL_URL_ROOT.'/user/group/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
259
260dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin);
261
262
263print '<div class="fichecenter">';
264print '<div class="fichehalfleft">';
265
266print '<div class="underbanner clearboth"></div>';
267print '<table class="border centpercent tableforfield">';
268
269// Name (already in dol_banner, we keep it to have the GlobalGroup picto, but we should move it in dol_banner)
270if (isModEnabled('multicompany')) {
271 print '<tr><td class="titlefield">'.$langs->trans("Name").'</td>';
272 print '<td class="valeur">'.dol_escape_htmltag($object->name);
273 if (empty($object->entity)) {
274 print img_picto($langs->trans("GlobalGroup"), 'superadmin');
275 }
276 print "</td></tr>\n";
277}
278
279// Multicompany
280if (isModEnabled('multicompany') && isset($mc) && is_object($mc) && !getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE') && $conf->entity == 1 && $user->admin && !$user->entity) {
281 $mc->getInfo($object->entity);
282 print "<tr>".'<td class="titlefield">'.$langs->trans("Entity").'</td>';
283 print '<td class="valeur">'.dol_escape_htmltag($mc->label);
284 print "</td></tr>\n";
285}
286
287unset($object->fields['nom']); // Name already displayed in banner
288unset($object->fields['color']);
289
290// Common attributes
291$keyforbreak = '';
292include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_view.tpl.php';
293
294print '<tr><td>'.$langs->trans("ColorGroup").'</td>';
295print '<td>';
296print $formother->showColor($object->color, '');
297print '</td></tr>';
298
299// Other attributes
300include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php';
301
302print '</table>';
303
304print '</div>';
305print '</div>';
306
307print '<div class="clearboth"></div>';
308
309print '<br>';
310
311
312if ($user->admin) {
313 $s = $langs->trans("WarningOnlyPermissionOfActivatedModules")." ".$langs->trans("YouCanEnableModulesFrom");
314 if (getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
315 $s .= '<br>';
316 $s .= img_picto($langs->trans('InfoAdmin'), 'info-circle').' ';
317 $s .= $langs->trans("YouAreUsingTheAdvancedPermissionsMode");
318 } else {
319 $s .= '<br>';
320 $s .= img_picto($langs->trans('InfoAdmin'), 'info-circle').' ';
321 $s .= $langs->trans("YouAreUsingTheSimplePermissionsMode");
322 }
323 print info_admin($s);
324
325 print '<br>';
326}
327
328$parameters = array();
329$reshook = $hookmanager->executeHooks('insertExtraHeader', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
330if ($reshook < 0) {
331 setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
332}
333
334print "\n";
335print '<div class="div-table-responsive-no-min">';
336print '<table class="noborder centpercent">';
337print '<tr class="liste_titre">';
338print '<td>'.$langs->trans("Module").'</td>';
339if ($permissiontoedit) {
340 print '<td class="center nowrap">';
341 print '<a class="reposition commonlink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addrights&token='.newToken().'&entity='.$entity.'&module=allmodules&confirm=yes">'.$langs->trans("All")."</a>";
342 print '/';
343 print '<a class="reposition commonlink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("None")).'" alt="'.dol_escape_htmltag($langs->trans("None")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delrights&&token='.newToken().'&entity='.$entity.'&module=allmodules&confirm=yes">'.$langs->trans("None")."</a>";
344 print '</td>';
345} else {
346 print '<td></td>';
347}
348print '<td></td>';
349print '<td class="right nowrap" colspan="2">';
350print '<a class="showallperms" title="'.dol_escape_htmltag($langs->trans("ShowAllPerms")).'" alt="'.dol_escape_htmltag($langs->trans("ShowAllPerms")).'" href="#">'.img_picto('', 'folder-open', 'class="paddingright"').'<span class="hideonsmartphone">'.$langs->trans("ExpandAll").'</span></a>';
351print ' | ';
352print '<a class="hideallperms" title="'.dol_escape_htmltag($langs->trans("HideAllPerms")).'" alt="'.dol_escape_htmltag($langs->trans("HideAllPerms")).'" href="#">'.img_picto('', 'folder', 'class="paddingright"').'<span class="hideonsmartphone">'.$langs->trans("UndoExpandAll").'</span></a>';
353print '</td>';
354print '</tr>'."\n";
355
356// Get list of all permissions
357$sql = "SELECT r.id, r.libelle as label, r.module, r.perms, r.subperms, r.module_position, r.bydefault, r.family, r.family_position";
358$sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r";
359$sql .= " WHERE r.libelle NOT LIKE 'tou%'"; // We ignore permission "tous les tiers". Why ?
360$sql .= " AND r.entity = ".((int) $entity);
361if (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
362 $sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is not enabled
363}
364$sql .= " ORDER BY r.family_position, r.module_position, r.module, r.id";
365
366$familyinfo = array(
367 'hr' => array('position' => '001', 'label' => $langs->trans("ModuleFamilyHr")),
368 'crm' => array('position' => '006', 'label' => $langs->trans("ModuleFamilyCrm")),
369 'srm' => array('position' => '007', 'label' => $langs->trans("ModuleFamilySrm")),
370 'financial' => array('position' => '009', 'label' => $langs->trans("ModuleFamilyFinancial")),
371 'products' => array('position' => '012', 'label' => $langs->trans("ModuleFamilyProducts")),
372 'projects' => array('position' => '015', 'label' => $langs->trans("ModuleFamilyProjects")),
373 'ecm' => array('position' => '018', 'label' => $langs->trans("ModuleFamilyECM")),
374 'technic' => array('position' => '021', 'label' => $langs->trans("ModuleFamilyTechnic")),
375 'portal' => array('position' => '040', 'label' => $langs->trans("ModuleFamilyPortal")),
376 'interface' => array('position' => '050', 'label' => $langs->trans("ModuleFamilyInterface")),
377 'base' => array('position' => '060', 'label' => $langs->trans("ModuleFamilyBase")),
378 'other' => array('position' => '100', 'label' => $langs->trans("ModuleFamilyOther")),
379);
380
381$arrayofpermission = array();
382$cookietohidegroup = (empty($_COOKIE["DOLUSER_PERMS_HIDE_GRP"]) ? '' : preg_replace('/^,/', '', $_COOKIE["DOLUSER_PERMS_HIDE_GRP"]));
383$cookietohidegrouparray = explode(',', $cookietohidegroup);
384
385$result = $db->query($sql);
386if ($result) {
387 $num = $db->num_rows($result);
388 $i = 0;
389
390 //var_dump($cookietohidegrouparray);
391
392 while ($i < $num) {
393 $obj = $db->fetch_object($result);
394
395 if (empty($obj->family)) {
396 $obj->family = 'other';
397 }
398
399 if (empty($obj->family_position)) {
400 $obj->family_position = $familyinfo[$obj->family]['position'];
401 if ($obj->module_position < 100000) {
402 $obj->module_position = intval($obj->module_position) + 100000;
403 } else {
404 $obj->module_position = intval($obj->module_position);
405 }
406 }
407
408 $obj->position = $obj->family_position.'_'.$obj->module_position.'_'.$obj->id;
409
410 $arrayofpermission[$i] = $obj;
411 $i++;
412 }
413} else {
414 dol_print_error($db);
415}
416
417$arrayofpermission = dol_sort_array($arrayofpermission, 'position');
418
419$j = 0;
420$oldmod = '';
421
422foreach ($arrayofpermission as $i => $obj) {
423 // If line is for a module that does not exist anymore (absent of includes/module), we ignore it
424 if (empty($modules[$obj->module])) {
425 $i++;
426 continue;
427 }
428
429 // Special cases
430 if (isModEnabled("reception")) {
431 // The 2 permission in fournisseur modules has been replaced by permissions into reception module
432 if ($obj->module == 'fournisseur' && $obj->perms == 'commande' && $obj->subperms == 'receptionner') {
433 $i++;
434 continue;
435 }
436 if ($obj->module == 'fournisseur' && $obj->perms == 'commande_advance' && $obj->subperms == 'check') {
437 $i++;
438 continue;
439 }
440 }
441
442 $objMod = $modules[$obj->module];
443
444 if (GETPOSTISSET('forbreakperms_'.$obj->module)) {
445 $ishidden = GETPOSTINT('forbreakperms_'.$obj->module);
446 } elseif (in_array($j, $cookietohidegrouparray)) { // If j is among list of hidden group
447 $ishidden = 1;
448 } else {
449 $ishidden = 0;
450 }
451 $isexpanded = ! $ishidden;
452 //var_dump("isexpanded=".$isexpanded);
453
454 $permsgroupbyentitypluszero = array();
455 if (!empty($permsgroupbyentity[0])) {
456 $permsgroupbyentitypluszero = array_merge($permsgroupbyentitypluszero, $permsgroupbyentity[0]);
457 }
458 if (!empty($permsgroupbyentity[$entity])) {
459 $permsgroupbyentitypluszero = array_merge($permsgroupbyentitypluszero, $permsgroupbyentity[$entity]);
460 }
461 //var_dump($permsgroupbyentitypluszero);
462
463 // Break found, it's a new module to catch
464 if (isset($obj->module) && ($oldmod != $obj->module)) {
465 $oldmod = $obj->module;
466
467 $j++;
468 if (GETPOSTISSET('forbreakperms_'.$obj->module)) {
469 $ishidden = GETPOSTINT('forbreakperms_'.$obj->module);
470 } elseif (in_array($j, $cookietohidegrouparray)) { // If j is among list of hidden group
471 $ishidden = 1;
472 } else {
473 $ishidden = 0;
474 }
475 $isexpanded = ! $ishidden;
476 //var_dump('$obj->module='.$obj->module.' isexpanded='.$isexpanded);
477
478 // Break detected, we get objMod
479 $objMod = $modules[$obj->module];
480 $picto = ($objMod->picto ? $objMod->picto : 'generic');
481
482 // Show break line
483 print '<tr class="oddeven trforbreakperms trforbreaknobg" data-hide-perms="'.$obj->module.'" data-j="'.$j.'">';
484 // Picto and label of module
485 print '<td class="maxwidthonsmartphone tdoverflowmax200 tdforbreakperms" data-hide-perms="'.dol_escape_htmltag($obj->module).'" title="'.dol_escape_htmltag($objMod->getName()).'">';
486 print '<input type="hidden" name="forbreakperms_'.$obj->module.'" id="idforbreakperms_'.$obj->module.'" css="cssforfieldishiden" data-j="'.$j.'" value="'.($isexpanded ? '0' : "1").'">';
487 print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName();
488 print '<a name="'.$objMod->getName().'"></a>';
489 print '</td>';
490
491 // Permission and tick (2 columns)
492 if ($permissiontoedit) {
493 print '<td class="tdforbreakperms tdforbreakpermsifnotempty center width50 nowraponall" data-hide-perms="'.dol_escape_htmltag($obj->module).'">';
494 print '<span class="permtohide_'.dol_escape_htmltag($obj->module).'" '.(!$isexpanded ? ' style="display:none"' : '').'>';
495 print '<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("All")).'" alt="'.dol_escape_htmltag($langs->trans("All")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addrights&token='.newToken().'&entity='.$entity.'&module='.$obj->module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("All")."</a>";
496 print ' / ';
497 print '<a class="reposition alink addexpandedmodulesinparamlist" title="'.dol_escape_htmltag($langs->trans("None")).'" alt="'.dol_escape_htmltag($langs->trans("None")).'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delrights&token='.newToken().'&entity='.$entity.'&module='.$obj->module.'&confirm=yes&updatedmodulename='.$obj->module.'">'.$langs->trans("None")."</a>";
498 print '</span>';
499 print '</td>';
500 print '<td class="tdforbreakperms" data-hide-perms="'.dol_escape_htmltag($obj->module).'">';
501 print '</td>';
502 } else {
503 print '<td class="tdforbreakperms" data-hide-perms="'.dol_escape_htmltag($obj->module).'"></td>';
504 print '<td class="tdforbreakperms" data-hide-perms="'.dol_escape_htmltag($obj->module).'"></td>';
505 }
506 // Description of permission (2 columns)
507 print '<td class="tdforbreakperms" data-hide-perms="'.dol_escape_htmltag($obj->module).'"></td>';
508 print '<td class="maxwidthonsmartphone right tdforbreakperms" data-hide-perms="'.dol_escape_htmltag($obj->module).'">';
509 print '<div class="switchfolderperms inline-block marginrightonly folderperms_'.dol_escape_htmltag($obj->module).'"'.($isexpanded ? ' style="display:none;"' : '').'>';
510 print img_picto('', 'folder', 'class="marginright"');
511 print '</div>';
512 print '<div class="switchfolderperms inline-block marginrightonly folderopenperms_'.dol_escape_htmltag($obj->module).'"'.(!$isexpanded ? ' style="display:none;"' : '').'>';
513 print img_picto('', 'folder-open', 'class="marginright"');
514 print '</div>';
515 print '</td>'; //Add picto + / - when open en closed
516 print '</tr>'."\n";
517 }
518
519 $permlabel = (getDolGlobalString('MAIN_USE_ADVANCED_PERMS') && ($langs->trans("PermissionAdvanced".$obj->id) != "PermissionAdvanced".$obj->id) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != "Permission".$obj->id) ? $langs->trans("Permission".$obj->id) : $langs->trans($obj->label)));
520
521 print '<!-- '.$obj->module.'->'.$obj->perms.($obj->subperms ? '->'.$obj->subperms : '').' -->'."\n";
522 print '<tr class="oddeven trtohide_'.$obj->module.'"'.(!$isexpanded ? ' style="display:none"' : '').'>';
523
524
525 // Picto and label of module
526 print '<td class="maxwidthonsmartphone">';
527 print '</td>';
528
529 // Permission and tick (2 columns)
530 print '<!-- permsgroupbyentitypluszero -->';
531 // @phan-suppress-next-line PhanTypeMismatchArgumentNullableInternal
532 if (in_array($obj->id, $permsgroupbyentitypluszero)) {
533 // Own permission by group
534 if ($permissiontoedit) {
535 print '<td class="center nowrap">';
536 print '<a class="reposition" id="'.$obj->id.'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delrights&token='.newToken().'&entity='.$entity.'&rights='.$obj->id.'&confirm=yes&updatedmodulename='.$obj->module.'">';
537 //print img_edit_remove($langs->trans("Remove"));
538 print img_picto($langs->trans("Remove"), 'switch_on');
539 print '</a>';
540 print '</td>';
541 } else {
542 print '<td></td>';
543 }
544 print '<td class="center nowrap">';
545 print img_picto($langs->trans("Active"), 'tick');
546 print '</td>';
547 } else {
548 // Do not own permission
549 if ($permissiontoedit) {
550 print '<td class="center nowrap">';
551 print '<a class="reposition addexpandedmodulesinparamlist" id="'.$obj->id.'" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addrights&token='.newToken().'&entity='.$entity.'&rights='.$obj->id.'&confirm=yes&updatedmodulename='.$obj->module.'">';
552 //print img_edit_add($langs->trans("Add"));
553 print img_picto($langs->trans("Add"), 'switch_off');
554 print '</a>';
555 print '</td>';
556 } else {
557 print '<td></td>';
558 }
559 print '<td>';
560 print '</td>';
561 }
562
563 // Description of permission (1 or 2 columns)
564 print '<td>';
565 print $permlabel;
566 $idtouse = $obj->id;
567 if (in_array($idtouse, array(121, 122, 125, 126))) { // Force message for the 3 permission on third parties
568 $idtouse = 122;
569 }
570 if ($langs->trans("Permission".$idtouse.'b') != "Permission".$idtouse.'b') {
571 print '<br><span class="opacitymedium">'.$langs->trans("Permission".$idtouse.'b').'</span>';
572 }
573 if ($langs->trans("Permission".$obj->id.'c') != "Permission".$obj->id.'c') {
574 print '<br><span class="opacitymedium">'.$langs->trans("Permission".$obj->id.'c').'</span>';
575 }
576 if (getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
577 if (preg_match('/_advance$/', $obj->perms)) {
578 print ' <span class="opacitymedium">('.$langs->trans("AdvancedModeOnly").')</span>';
579 }
580 }
581 print '</td>';
582
583 // Permission id
584 if ($user->admin) {
585 print '<td class="right">';
586 $htmltext = $langs->trans("ID").': '.$obj->id;
587 $htmltext .= '<br>'.$langs->trans("Permission").': user->hasRight(\''.dol_escape_htmltag($obj->module).'\', \''.dol_escape_htmltag($obj->perms).'\''.($obj->subperms ? ', \''.dol_escape_htmltag($obj->subperms).'\'' : '').')';
588 print $form->textwithpicto('', $htmltext, 1, 'help', 'inline-block marginrightonly');
589 //print '<span class="opacitymedium">'.$obj->id.'</span>';
590 print '</td>';
591 } else {
592 print '<td></td>';
593 }
594
595 print '</tr>'."\n";
596
597 $i++;
598}
599
600print '</table>';
601print '</div>';
602
603print '<script>';
604print '$(".tdforbreakperms:not(.alink)").on("click", function(){
605 console.log("Click on tdforbreakperms");
606 moduletohide = $(this).data("hide-perms");
607 j = $(this).data("j");
608 if ($("#idforbreakperms_"+moduletohide).val() == 1) {
609 console.log("idforbreakperms_"+moduletohide+" has value hidden=1, so we show all lines");
610 $(".trtohide_"+moduletohide).show();
611 $(".permtoshow_"+moduletohide).hide();
612 $(".permtohide_"+moduletohide).show();
613 $(".folderperms_"+moduletohide).hide();
614 $(".folderopenperms_"+moduletohide).show();
615 $("#idforbreakperms_"+moduletohide).val("0");
616 } else if (! $(this).hasClass("tdforbreakpermsifnotempty")) {
617 console.log("idforbreakperms_"+moduletohide+" has value hidden=0, so we hide all lines");
618 $(".trtohide_"+moduletohide).hide();
619 $(".folderopenperms_"+moduletohide).hide();
620 $(".folderperms_"+moduletohide).show();
621 $(".permtoshow_"+moduletohide).show();
622 $(".permtohide_"+moduletohide).hide();
623 $("#idforbreakperms_"+moduletohide).val("1");
624 }
625
626 // Now rebuild the value for cookie
627 var hideuserperm="";
628 $(".trforbreakperms").each(function(index) {
629 //console.log( index + ": " + $( this ).data("j") + " " + $( this ).data("hide-perms") + " " + $("input[data-j="+(index+1)+"]").val());
630 if ($("input[data-j="+(index+1)+"]").val() == 1) {
631 hideuserperm=hideuserperm+","+(index+1);
632 }
633 });
634 // set cookie by js
635 date = new Date(); date.setTime(date.getTime()+(30*86400000));
636 if (hideuserperm) {
637 console.log("set cookie DOLUSER_PERMS_HIDE_GRP="+hideuserperm);
638 document.cookie = "DOLUSER_PERMS_HIDE_GRP=" + hideuserperm + "; expires=" + date.toGMTString() + "; path=/ ";
639 } else {
640 console.log("delete cookie DOLUSER_PERMS_HIDE_GRP");
641 document.cookie = "DOLUSER_PERMS_HIDE_GRP=; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/ ";
642 }
643});';
644print "\n";
645
646// Button expand / collapse all
647print '$(".showallperms").on("click", function(){
648 console.log("Click on showallperms");
649
650 console.log("delete cookie DOLUSER_PERMS_HIDE_GRP from showallperms click");
651 document.cookie = "DOLUSER_PERMS_HIDE_GRP=; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/ ";
652 $(".tdforbreakperms").each( function(){
653 moduletohide = $(this).data("hide-perms");
654 //console.log(moduletohide);
655 if ($("#idforbreakperms_"+moduletohide).val() != 0) {
656 $(this).trigger("click"); // emulate the click, so the cooki will be resaved
657 }
658 })
659});
660
661$(".hideallperms").on("click", function(){
662 console.log("Click on hideallperms");
663
664 $(".tdforbreakperms").each( function(){
665 moduletohide = $(this).data("hide-perms");
666 //console.log(moduletohide);
667 if ($("#idforbreakperms_"+moduletohide).val() != 1) {
668 $(this).trigger("click"); // emulate the click, so the cooki will be resaved
669 }
670 })
671});';
672print "\n";
673print '</script>';
674
675print '<style>';
676print '.switchfolderperms{
677 cursor: pointer;
678}';
679print '</style>';
680
681$parameters = array();
682$reshook = $hookmanager->executeHooks('insertExtraFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
683if ($reshook < 0) {
684 setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
685}
686
687print dol_get_fiche_end();
688
689
690// End of page
691llxFooter();
692$db->close();
$id
$id
Support class for third parties, contacts, members, users or resources.
Definition account.php:47
$object
if(! $sortfield) if(! $sortorder) $object
Definition account.php:100
llxFooter
llxFooter($comment='', $zone='private', $disabledoutputofmessages=0)
Empty footer.
Definition wrapper.php:91
llxHeader
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader($head='', $title='', $help_url='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='', $morecssonbody='', $replacemainareaby='', $disablenofollow=0, $disablenoindex=0)
Empty header.
Definition wrapper.php:73
Form
Class to manage generation of HTML components Only common components must be here.
Definition html.form.class.php:59
FormOther
Class to help generate other html components Only common components are here.
Definition html.formother.class.php:42
UserGroup
Class to manage user groups.
Definition usergroup.class.php:43
$conf
if(!isModEnabled('ai')||!getDolGlobalString('AI_ASSISTANT_ENABLED')) global $conf
The main.inc.php has been included so the following variable are now defined:
Definition execute_tool.php:50
$db
if(!isModEnabled('ai')||!getDolGlobalString('AI_ASSISTANT_ENABLED')) global $db
API class for accounts.
Definition execute_tool.php:46
dolGetModulesDirs
dolGetModulesDirs($subdir='')
Return list of directories that contain modules.
Definition functions2.lib.php:84
setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
Definition functions.lib.php:11394
img_picto
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2, $allowothertags=array())
Show picto whatever it's its name (generic function)
Definition functions.lib.php:5657
info_admin
info_admin($text, $infoonimgalt=0, $nodiv=0, $admin='1', $morecss='hideonsmartphone', $textfordropdown='', $picto='', $textonpictotooltip='')
Show information in HTML for admin users or standard users.
Definition functions.lib.php:6865
GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:951
dol_osencode
dol_osencode($str)
Return a string encoded into OS filesystem encoding.
Definition functions.lib.php:11791
dol_get_fiche_head
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0, $morecssdiv='')
Show tabs of a record.
Definition functions.lib.php:3125
dol_get_fiche_end
dol_get_fiche_end($notab=0)
Return tab footer of a card.
Definition functions.lib.php:3323
img_object
img_object($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $allowothertags=array())
Show a picto called object_picto (generic function)
Definition functions.lib.php:6291
dol_strlen
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
Definition functions.lib.php:5467
getDolGlobalInt
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
Definition functions.lib.php:321
dol_sort_array
dol_sort_array(&$array, $index, $order='asc', $natsort=0, $case_sensitive=0, $keepindex=0)
Advanced sort array by the value of a given key, which produces ascending (default) or descending out...
Definition functions.lib.php:11642
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:1082
dol_print_error
dol_print_error($db=null, $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
Definition functions.lib.php:6917
getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:286
isModEnabled
isModEnabled($module)
Is Dolibarr module enabled.
Definition functions.lib.php:489
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2754
dol_escape_htmltag
dol_escape_htmltag($stringtoescape, $keepb=0, $keepn=0, $noescapetags='', $escapeonlyhtmltags=0, $cleanalsojavascript=0)
Returns text escaped for inclusion in HTML alt or title or value tags, or into values of HTML input f...
Definition functions.lib.php:2510
accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
Definition security.lib.php:1097
group_prepare_head
group_prepare_head($object)
Prepare array with list of tabs.
Definition usergroups.lib.php:246
Generated on Mon Jun 22 2026 21:04:33 for dolibarr by Doxygen 1.11.0