admin/security_roles.php

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12 $page_security = 'SA_SECROLES';
  13 $path_to_root = "..";
  14 include_once($path_to_root . "/includes/session.inc");
  15
  16 add_access_extensions();
  17
  18 page(_("Access setup"));
  19
  20 include_once($path_to_root . "/includes/ui.inc");
  21 include_once($path_to_root . "/includes/access_levels.inc");
  22 include_once($path_to_root . "/admin/db/security_db.inc");
  23
  24 $new_role = get_post('role')=='' || get_post('cancel') || get_post('clone');
  25 //--------------------------------------------------------------------------------------------------
  26 if (list_updated('role')) {
  27         $Ajax->activate('details');
  28         $Ajax->activate('controls');
  29 }
  30
  31 function clear_data()
  32 {
  33         unset($_POST);
  34 }
  35
  36 if (get_post('addupdate'))
  37 {
  38         $input_error = 0;
  39         if ($_POST['description'] == '')
  40         {
  41         $input_error = 1;
  42         display_error( _("Role description cannot be empty."));
  43                 set_focus('description');
  44         }
  45         elseif ($_POST['name'] == '')
  46         {
  47         $input_error = 1;
  48         display_error( _("Role name cannot be empty."));
  49                 set_focus('name');
  50         }
  51                 // prevent accidental editor lockup by removing SA_SECROLES
  52         if (get_post('role') == $_SESSION['wa_current_user']->access) {
  53                 if (!isset($_POST['Area'.$security_areas['SA_SECROLES'][0]])
  54                         || !isset($_POST['Section'.SS_SETUP])) {
  55                         display_error(_("Access level edition in Company setup section have to be enabled for your account."));
  56                 $input_error = 1;
  57                 set_focus(!isset($_POST['Section'.SS_SETUP])
  58                         ? 'Section'.SS_SETUP : 'Area'.$security_areas['SA_SECROLES'][0]);
  59                 }
  60         }
  61
  62         if ($input_error == 0)
  63         {
  64                 $sections = array();
  65                 $areas = array();
  66                 foreach($_POST as $p =>$val) {
  67                         if (substr($p,0,4) == 'Area')
  68                                 $areas[] = substr($p, 4);
  69                         if (substr($p,0,7) == 'Section')
  70                                 $sections[] = substr($p, 7);
  71                 }
  72
  73                 sort($areas);
  74                 sort($sections);
  75         if ($new_role)
  76         {
  77                         add_security_role($_POST['name'], $_POST['description'], $sections, $areas);
  78                         display_notification(_("New security role has been added."));
  79         } else
  80         {
  81                         update_security_role($_POST['role'], $_POST['name'], $_POST['description'],
  82                                 $sections, $areas);
  83                         update_record_status($_POST['role'], get_post('inactive'),
  84                                 'security_roles', 'id');
  85
  86                         display_notification(_("Security role has been updated."));
  87         }
  88         $new_role = true;
  89         clear_data();
  90         $Ajax->activate('_page_body');
  91         }
  92 }
  93
  94 //--------------------------------------------------------------------------------------------------
  95
  96 if (get_post('delete'))
  97 {
  98         if (check_role_used(get_post('role'))) {
  99                 display_error(_("This role is currently assigned to some users and cannot be deleted"));
 100         } else {
 101                 delete_security_role(get_post('role'));
 102                 display_notification(_("Security role has been sucessfully deleted."));
 103                 unset($_POST['role']);
 104         }
 105         $Ajax->activate('_page_body');
 106 }
 107
 108 if (get_post('cancel'))
 109 {
 110         unset($_POST['role']);
 111         $Ajax->activate('_page_body');
 112 }
 113
 114 if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) {
 115         $id = get_post('role');
 116         $clone = get_post('clone');
 117 //      clear_data();
 118         unset($_POST);
 119         if ($id) {
 120                 $row = get_security_role($id);
 121                 $_POST['description'] = $row['description'];
 122                 $_POST['name'] = $row['role'];
 123 //      if ($row['inactive']
 124 //              $_POST['inactive'] = 1;
 125
 126                 $_POST['inactive'] = $row['inactive'];
 127                 $access = $row['areas'];
 128                 $sections = $row['sections'];
 129         }
 130         else {
 131                 $_POST['description'] = $_POST['name'] = '';
 132                 unset($_POST['inactive']);
 133                 $access = $sections = array();
 134         }
 135         foreach($access as $a) $_POST['Area'.$a] = 1;
 136         foreach($sections as $s) $_POST['Section'.$s] = 1;
 137
 138         if($clone) {
 139                 set_focus('name');
 140                 $Ajax->activate('_page_body');
 141         } else
 142                 $_POST['role'] = $id;
 143 }
 144
 145 //--------------------------------------------------------------------------------------------------
 146
 147 start_form();
 148
 149 start_table("class='tablestyle_noborder'");
 150 start_row();
 151 security_roles_list_cells(_("Role:"). "&nbsp;", 'role', null, true, true, check_value('show_inactive'));
 152 $new_role = get_post('role')=='';
 153 check_cells(_("Show inactive:"), 'show_inactive', null, true);
 154 end_row();
 155 end_table();
 156 echo "<hr>";
 157
 158 if (get_post('_show_inactive_update')) {
 159         $Ajax->activate('role');
 160         set_focus('role');
 161 }
 162 if (find_submit('_Section')) {
 163         $Ajax->activate('details');
 164 //      set_focus('');
 165 }
 166 //-----------------------------------------------------------------------------------------------
 167 div_start('details');
 168 start_table($table_style2);
 169         text_row(_("Role name:"), 'name', null, 20, 22);
 170         text_row(_("Role description:"), 'description', null, 50, 52);
 171         record_status_list_row(_("Current status:"), 'inactive');
 172 end_table(1);
 173
 174         start_table("$table_style width=40%");
 175
 176         $k = $j = 0; //row colour counter
 177         $m = 0;
 178         asort($security_areas); // in the case installed external modules has added some lines
 179         foreach($security_areas as $area =>$parms ) {
 180                 // system setup areas are accessable only for site admins i.e.
 181                 // admins of first registered company
 182                 if (user_company() && (($parms[0]&~0xff) == SS_SADMIN)) continue;
 183
 184                 if (($parms[0]&~0xff) != $m)
 185                 { // features set selection
 186                         $m = $parms[0] & ~0xff;
 187                         label_row($security_sections[$m].':',
 188                                 checkbox( null, 'Section'.$m, null, true,
 189                                         _("On/off set of features")),
 190                         "class='tableheader2'", "class='tableheader'");
 191                 }
 192                 if (check_value('Section'.$m)) {
 193                                 alt_table_row_color($k);
 194                                 check_cells($parms[1], 'Area'.$parms[0], null,
 195                                         false, '', "align='center'");
 196                         end_row();
 197                 } else {
 198                         hidden('Area'.$parms[0]);
 199                 }
 200         }
 201         end_table(1);
 202 div_end();
 203
 204 div_start('controls');
 205
 206 if ($new_role)
 207 {
 208         submit_center_first('Update', _("Update view"), '', null);
 209         submit_center_last('addupdate', _("Insert New Role"), '', 'default');
 210 }
 211 else
 212 {
 213         submit_center_first('addupdate', _("Save Role"), '', 'default');
 214         submit('Update', _("Update view"), true, '', null);
 215         submit('clone', _("Clone This Role"), true, '', true);
 216         submit('delete', _("Delete This Role"), true, '', true);
 217         submit_center_last('cancel', _("Cancel"), _("Cancel Edition"), 'cancel');
 218 }
 219
 220 div_end();
 221
 222 end_form();
 223 end_page();
 224
 225 ?>