1<?php 2/********************************************************************** 3 Copyright (C) FrontAccounting, LLC. 4 Released under the terms of the GNU General Public License, GPL, 5 as published by the Free Software Foundation, either version 3 6 of the License, or (at your option) any later version. 7 This program is distributed in the hope that it will be useful, 8 but WITHOUT ANY WARRANTY; without even the implied warranty of 9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>. 11***********************************************************************/ 12$page_security = 'SA_SECROLES'; 13$path_to_root = ".."; 14include_once($path_to_root . "/includes/session.inc"); 15 16add_access_extensions(); 17 18page(_($help_context = "Access setup")); 19 20include_once($path_to_root . "/includes/ui.inc"); 21include_once($path_to_root . "/includes/access_levels.inc"); 22include_once($path_to_root . "/admin/db/security_db.inc"); 23 24$new_role = get_post('role')=='' || get_post('cancel') || get_post('clone'); 25//-------------------------------------------------------------------------------------------------- 26// Following compare function is used for sorting areas 27// in such a way that security areas defined by module/plugin 28// is properly placed under related section regardless of 29// unique extension number, with order inside sections preserved. 30// 31function comp_areas($area1, $area2) 32{ 33 $sec_comp = ($area1[0]&0xff00)-($area2[0]&0xff00); 34 return $sec_comp == 0 ? ($area1[2]-$area2[2]) : $sec_comp; 35} 36 37function sort_areas($areas) 38{ 39 $old_order = 0; 40 foreach($areas as $key => $area) { 41 $areas[$key][] = $old_order++; 42 } 43 uasort($areas,'comp_areas'); 44 return $areas; 45} 46//-------------------------------------------------------------------------------------------------- 47if (list_updated('role')) { 48 $Ajax->activate('details'); 49 $Ajax->activate('controls'); 50} 51 52function clear_data() 53{ 54 unset($_POST); 55} 56 57if (get_post('addupdate')) 58{ 59 $input_error = 0; 60 if ($_POST['description'] == '') 61 { 62 $input_error = 1; 63 display_error( _("Role description cannot be empty.")); 64 set_focus('description'); 65 } 66 elseif ($_POST['name'] == '') 67 { 68 $input_error = 1; 69 display_error( _("Role name cannot be empty.")); 70 set_focus('name'); 71 } 72 // prevent accidental editor lockup by removing SA_SECROLES 73 if (get_post('role') == $_SESSION['wa_current_user']->access) { 74 if (!isset($_POST['Area'.$security_areas['SA_SECROLES'][0]]) 75 || !isset($_POST['Section'.SS_SETUP])) { 76 display_error(_("Access level edition in Company setup section have to be enabled for your account.")); 77 $input_error = 1; 78 set_focus(!isset($_POST['Section'.SS_SETUP]) 79 ? 'Section'.SS_SETUP : 'Area'.$security_areas['SA_SECROLES'][0]); 80 } 81 } 82 83 if ($input_error == 0) 84 { 85 $sections = array(); 86 $areas = array(); 87 foreach($_POST as $p =>$val) { 88 if (substr($p,0,4) == 'Area' && $val == 1) { 89 $a = substr($p, 4); 90 if (($a&~0xffff) && (($a&0xff00)<(99<<8))) { 91 $sections[] = $a&~0xff; // add extended section for plugins 92 } 93 $areas[] = (int)$a; 94 } 95 if (substr($p,0,7) == 'Section' && $val == 1) 96 $sections[] = (int)substr($p, 7); 97 } 98// $areas = sort_areas($areas); 99 100 $sections = array_values($sections); 101 102 if ($new_role) 103 { 104 add_security_role($_POST['name'], $_POST['description'], $sections, $areas); 105 display_notification(_("New security role has been added.")); 106 } else 107 { 108 update_security_role($_POST['role'], $_POST['name'], $_POST['description'], 109 $sections, $areas); 110 update_record_status($_POST['role'], get_post('inactive'), 111 'security_roles', 'id'); 112 113 display_notification(_("Security role has been updated.")); 114 } 115 $new_role = true; 116 clear_data(); 117 $Ajax->activate('_page_body'); 118 } 119} 120 121//-------------------------------------------------------------------------------------------------- 122 123if (get_post('delete')) 124{ 125 if (check_role_used(get_post('role'))) { 126 display_error(_("This role is currently assigned to some users and cannot be deleted")); 127 } else { 128 delete_security_role(get_post('role')); 129 display_notification(_("Security role has been sucessfully deleted.")); 130 unset($_POST['role']); 131 } 132 $Ajax->activate('_page_body'); 133} 134 135if (get_post('cancel')) 136{ 137 unset($_POST['role']); 138 $Ajax->activate('_page_body'); 139} 140 141if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) { 142 $id = get_post('role'); 143 $clone = get_post('clone'); 144 145 unset($_POST); 146 if ($id) { 147 $row = get_security_role($id); 148 $_POST['description'] = $row['description']; 149 $_POST['name'] = $row['role']; 150// if ($row['inactive'] 151// $_POST['inactive'] = 1; 152 153 $_POST['inactive'] = $row['inactive']; 154 $access = $row['areas']; 155 $sections = $row['sections']; 156 } 157 else { 158 $_POST['description'] = $_POST['name'] = ''; 159 unset($_POST['inactive']); 160 $access = $sections = array(); 161 } 162 foreach($access as $a) $_POST['Area'.$a] = 1; 163 foreach($sections as $s) $_POST['Section'.$s] = 1; 164 165 if($clone) { 166 set_focus('name'); 167 $Ajax->activate('_page_body'); 168 } else 169 $_POST['role'] = $id; 170} 171 172//-------------------------------------------------------------------------------------------------- 173 174start_form(); 175 176start_table(TABLESTYLE_NOBORDER); 177start_row(); 178security_roles_list_cells(_("Role:"). " ", 'role', null, true, true, check_value('show_inactive')); 179$new_role = get_post('role')==''; 180check_cells(_("Show inactive:"), 'show_inactive', null, true); 181end_row(); 182end_table(); 183echo "<hr>"; 184 185if (get_post('_show_inactive_update')) { 186 $Ajax->activate('role'); 187 set_focus('role'); 188} 189if (find_submit('_Section')) { 190 $Ajax->activate('details'); 191} 192//----------------------------------------------------------------------------------------------- 193div_start('details'); 194start_table(TABLESTYLE2); 195 text_row(_("Role name:"), 'name', null, 20, 22); 196 text_row(_("Role description:"), 'description', null, 50, 52); 197 record_status_list_row(_("Current status:"), 'inactive'); 198end_table(1); 199 200 start_table(TABLESTYLE, "width='40%'"); 201 202 $k = $j = 0; //row colour counter 203 $ext = $sec = $m = -1; 204 205 foreach(sort_areas($security_areas) as $area =>$parms ) { 206 // system setup areas are accessable only for site admins i.e. 207 // admins of first registered company 208 if (user_company() && (($parms[0]&0xff00) == SS_SADMIN)) continue; 209 210 $newsec = ($parms[0]>>8)&0xff; 211 $newext = $parms[0]>>16; 212 if ($newsec != $sec || (($newext != $ext) && ($newsec>99))) 213 { // features set selection 214 $ext = $newext; 215 $sec = $newsec; 216 $m = $parms[0] & ~0xff; 217// if(!isset($security_sections[$m])) 218// display_error(sprintf("Bad section %X:", $m)); 219 label_row($security_sections[$m].':', 220 checkbox( null, 'Section'.$m, null, true, 221 _("On/off set of features")), 222 "class='tableheader2'", "class='tableheader'"); 223 } 224 if (check_value('Section'.$m)) { 225 alt_table_row_color($k); 226 check_cells($parms[1], 'Area'.$parms[0], null, 227 false, '', "align='center'"); 228 end_row(); 229 } else { 230 hidden('Area'.$parms[0]); 231 } 232 } 233 end_table(1); 234div_end(); 235 236div_start('controls'); 237 238if ($new_role) 239{ 240 submit_center_first('Update', _("Update view"), '', null); 241 submit_center_last('addupdate', _("Insert New Role"), '', 'default'); 242} 243else 244{ 245 submit_center_first('addupdate', _("Save Role"), '', 'default'); 246 submit('Update', _("Update view"), true, '', null); 247 submit('clone', _("Clone This Role"), true, '', true); 248 submit('delete', _("Delete This Role"), true, '', true); 249 submit_center_last('cancel', _("Cancel"), _("Cancel Edition"), 'cancel'); 250} 251 252div_end(); 253 254end_form(); 255end_page(); 256 257?> 258