1<?php 2/* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org> 3 * Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net> 4 * Copyright (C) 2005-2013 Regis Houssin <regis.houssin@inodbox.com> 5 * Copyright (C) 2011 Herve Prot <herve.prot@symeos.com> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 3 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program. If not, see <https://www.gnu.org/licenses/>. 19 */ 20 21/** 22 * \file htdocs/admin/perms.php 23 * \ingroup core 24 * \brief Page d'administration/configuration des permissions par defaut 25 */ 26 27require '../main.inc.php'; 28require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; 29require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; 30 31// Load translation files required by the page 32$langs->loadLangs(array('admin', 'users', 'other')); 33 34$action = GETPOST('action', 'aZ09'); 35 36if (!$user->admin) accessforbidden(); 37 38$entity = $conf->entity; 39 40 41/* 42 * Actions 43 */ 44 45if ($action == 'add') 46{ 47 $sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=1"; 48 $sql .= " WHERE id = ".GETPOST("pid", 'int'); 49 $sql .= " AND entity = ".$conf->entity; 50 $db->query($sql); 51} 52 53if ($action == 'remove') 54{ 55 $sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=0"; 56 $sql .= " WHERE id = ".GETPOST('pid', 'int'); 57 $sql .= " AND entity = ".$conf->entity; 58 $db->query($sql); 59} 60 61 62/* 63 * View 64 */ 65 66$wikihelp = 'EN:Setup_Security|FR:Paramétrage_Sécurité|ES:Configuración_Seguridad'; 67llxHeader('', $langs->trans("DefaultRights"), $wikihelp); 68 69print load_fiche_titre($langs->trans("SecuritySetup"), '', 'title_setup'); 70 71print '<span class="opacitymedium">'.$langs->trans("DefaultRightsDesc")." ".$langs->trans("OnlyActiveElementsAreShown")."</span><br><br>\n"; 72 73$db->begin(); 74 75// Search all modules with permission and reload permissions def. 76$modules = array(); 77$modulesdir = dolGetModulesDirs(); 78 79foreach ($modulesdir as $dir) 80{ 81 $handle = @opendir(dol_osencode($dir)); 82 if (is_resource($handle)) 83 { 84 while (($file = readdir($handle)) !== false) 85 { 86 if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php') 87 { 88 $modName = substr($file, 0, dol_strlen($file) - 10); 89 if ($modName) 90 { 91 include_once $dir.$file; 92 $objMod = new $modName($db); 93 94 // Load all lang files of module 95 if (isset($objMod->langfiles) && is_array($objMod->langfiles)) 96 { 97 foreach ($objMod->langfiles as $domain) 98 { 99 $langs->load($domain); 100 } 101 } 102 // Load all permissions 103 if ($objMod->rights_class) 104 { 105 $ret = $objMod->insert_permissions(0, $entity); 106 $modules[$objMod->rights_class] = $objMod; 107 //print "modules[".$objMod->rights_class."]=$objMod;"; 108 } 109 } 110 } 111 } 112 } 113} 114 115$db->commit(); 116 117$head = security_prepare_head(); 118 119print dol_get_fiche_head($head, 'default', '', -1); 120 121 122// Show warning about external users 123print info_admin(showModulesExludedForExternal($modules)).'<br>'."\n"; 124 125print "\n"; 126print '<div class="div-table-responsive-no-min">'; 127print '<table class="noborder centpercent">'; 128 129print '<tr class="liste_titre">'; 130print '<td>'.$langs->trans("Module").'</td>'; 131print '<td class="center">'.$langs->trans("Default").'</td>'; 132print '<td class="center"> </td>'; 133print '<td>'.$langs->trans("Permissions").'</td>'; 134if ($user->admin) print '<td class="right">'.$langs->trans("ID").'</td>'; 135print '</tr>'."\n"; 136 137//print "xx".$conf->global->MAIN_USE_ADVANCED_PERMS; 138$sql = "SELECT r.id, r.libelle as label, r.module, r.module_position, r.perms, r.subperms, r.bydefault"; 139$sql .= " FROM ".MAIN_DB_PREFIX."rights_def as r"; 140$sql .= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" 141$sql .= " AND r.entity = ".$entity; 142if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql .= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is not enabled 143$sql .= " ORDER BY r.family_position, r.module_position, r.module, r.id"; 144 145$result = $db->query($sql); 146if ($result) 147{ 148 $num = $db->num_rows($result); 149 $i = 0; 150 $oldmod = ''; 151 152 while ($i < $num) 153 { 154 $obj = $db->fetch_object($result); 155 156 // If line is for a module that doe snot existe anymore (absent of includes/module), we ignore it 157 if (empty($modules[$obj->module])) 158 { 159 $i++; 160 continue; 161 } 162 163 // Save field module_position in database if value is still zero 164 if (empty($obj->module_position)) 165 { 166 if (is_object($modules[$obj->module]) && ($modules[$obj->module]->module_position > 0)) 167 { 168 // TODO Define familyposition 169 $family = $modules[$obj->module]->family_position; 170 $familyposition = 0; 171 $sqlupdate = 'UPDATE '.MAIN_DB_PREFIX."rights_def SET module_position = ".$modules[$obj->module]->module_position.","; 172 $sqlupdate .= " family_position = ".$familyposition; 173 $sqlupdate .= " WHERE module_position = 0 AND module = '".$db->escape($obj->module)."'"; 174 $db->query($sqlupdate); 175 } 176 } 177 178 // Check if permission we found is inside a module definition. If not, we discard it. 179 $found = false; 180 foreach ($modules[$obj->module]->rights as $key => $val) 181 { 182 if ($val[4] == $obj->perms && (empty($val[5]) || $val[5] == $obj->subperms)) 183 { 184 $found = true; 185 break; 186 } 187 } 188 if (!$found) 189 { 190 $i++; 191 continue; 192 } 193 194 // Break found, it's a new module to catch 195 if (isset($obj->module) && ($oldmod <> $obj->module)) 196 { 197 $oldmod = $obj->module; 198 199 // Break detected, we get objMod 200 $objMod = $modules[$obj->module]; 201 $picto = ($objMod->picto ? $objMod->picto : 'generic'); 202 203 // Show break line 204 print '<tr class="oddeven trforbreak">'; 205 print '<td class="maxwidthonsmartphone tdoverflowonsmartphone">'; 206 print img_object('', $picto, 'class="pictoobjectwidth paddingright"').' '.$objMod->getName(); 207 print '<a name="'.$objMod->getName().'"></a>'; 208 print '</td>'; 209 print '<td> </td>'; 210 print '<td> </td>'; 211 print '<td> </td>'; 212 // Permission id 213 if ($user->admin) print '<td class="right"></td>'; 214 print '</tr>'."\n"; 215 } 216 217 $perm_libelle = ($conf->global->MAIN_USE_ADVANCED_PERMS && ($langs->trans("PermissionAdvanced".$obj->id) != ("PermissionAdvanced".$obj->id)) ? $langs->trans("PermissionAdvanced".$obj->id) : (($langs->trans("Permission".$obj->id) != ("Permission".$obj->id)) ? $langs->trans("Permission".$obj->id) : $obj->label)); 218 219 print '<tr class="oddeven">'; 220 221 // Picto and label of module 222 print '<td class="maxwidthonsmartphone tdoverflowonsmartphone">'; 223 print '</td>'; 224 225 // Tick 226 if ($obj->bydefault == 1) 227 { 228 print '<td class="center">'; 229 print '<a class="reposition" href="perms.php?pid='.$obj->id.'&action=remove">'; 230 //print img_edit_remove(); 231 print img_picto('', 'switch_on'); 232 print '</a>'; 233 print '</td>'; 234 print '<td class="center">'; 235 //print img_picto($langs->trans("Active"), 'tick'); 236 print '</td>'; 237 } else { 238 print '<td class="center">'; 239 print '<a class="reposition" href="perms.php?pid='.$obj->id.'&action=add">'; 240 //print img_edit_add(); 241 print img_picto('', 'switch_off'); 242 print '</a>'; 243 print '</td>'; 244 print '<td class="center">'; 245 print ' '; 246 print '</td>'; 247 } 248 249 // Permission and tick 250 print '<td>'.$perm_libelle.'</td>'; 251 252 // Permission id 253 if ($user->admin) print '<td class="right"><span class="opacitymedium">'.$obj->id.'</span></td>'; 254 255 print '</tr>'."\n"; 256 257 $i++; 258 } 259} else dol_print_error($db); 260print '</table>'; 261print '</div>'; 262 263print dol_get_fiche_end(); 264 265// End of page 266llxFooter(); 267$db->close(); 268