2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License, GPL,
5 as published by the Free Software Foundation, either version 3
6 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
12 $page_security = 'SA_SECROLES';
14 include_once($path_to_root . "/includes/session.inc");
16 add_access_extensions();
18 page(_($help_context = "Access setup"));
20 include_once($path_to_root . "/includes/ui.inc");
21 include_once($path_to_root . "/includes/access_levels.inc");
22 include_once($path_to_root . "/admin/db/security_db.inc");
24 $new_role = get_post('role')=='' || get_post('cancel') || get_post('clone');
25 //--------------------------------------------------------------------------------------------------
26 // Following compare function is used for sorting areas
27 // in such a way that security areas defined by module/plugin
28 // is properly placed under related section regardless of
29 // unique extension number, with order inside sections preserved.
31 function comp_areas($area1, $area2)
33 $sec_comp = ($area1[0]&0xff00)-($area2[0]&0xff00);
34 return $sec_comp == 0 ? ($area1[2]-$area2[2]) : $sec_comp;
37 function sort_areas($areas)
40 foreach($areas as $key => $area) {
41 $areas[$key][] = $old_order++;
43 uasort($areas,'comp_areas');
46 //--------------------------------------------------------------------------------------------------
47 if (list_updated('role')) {
48 $Ajax->activate('details');
49 $Ajax->activate('controls');
57 if (get_post('addupdate'))
60 if ($_POST['description'] == '')
63 display_error( _("Role description cannot be empty."));
64 set_focus('description');
66 elseif ($_POST['name'] == '')
69 display_error( _("Role name cannot be empty."));
72 // prevent accidental editor lockup by removing SA_SECROLES
73 if (get_post('role') == $_SESSION['wa_current_user']->access) {
74 if (!isset($_POST['Area'.$security_areas['SA_SECROLES'][0]])
75 || !isset($_POST['Section'.SS_SETUP])) {
76 display_error(_("Access level edition in Company setup section have to be enabled for your account."));
78 set_focus(!isset($_POST['Section'.SS_SETUP])
79 ? 'Section'.SS_SETUP : 'Area'.$security_areas['SA_SECROLES'][0]);
83 if ($input_error == 0)
87 foreach($_POST as $p =>$val) {
88 if (substr($p,0,4) == 'Area' && $val == 1) {
90 if (($a&~0xffff) && (($a&0xff00)<(99<<8))) {
91 $sections[] = $a&~0xff; // add extended section for plugins
95 if (substr($p,0,7) == 'Section' && $val == 1)
96 $sections[] = (int)substr($p, 7);
98 // $areas = sort_areas($areas);
100 write_security_role($_POST['role'], $_POST['name'], $_POST['description'],
101 $sections, $areas, get_post('inactive'));
104 display_notification(_("New security role has been added."));
106 display_notification(_("Security role has been updated."));
109 $Ajax->activate('_page_body');
113 //--------------------------------------------------------------------------------------------------
115 if (get_post('delete'))
117 if (check_role_used(get_post('role'))) {
118 display_error(_("This role is currently assigned to some users and cannot be deleted"));
120 delete_security_role(get_post('role'));
121 display_notification(_("Security role has been sucessfully deleted."));
122 unset($_POST['role']);
124 $Ajax->activate('_page_body');
127 if (get_post('cancel'))
129 unset($_POST['role']);
130 $Ajax->activate('_page_body');
133 if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) {
134 $id = get_post('role');
135 $clone = get_post('clone');
139 $row = get_security_role($id);
140 $_POST['description'] = $row['description'];
141 $_POST['name'] = $row['role'];
142 $_POST['inactive'] = $row['inactive'];
143 $access = $row['areas'];
144 $sections = $row['sections'];
147 $_POST['description'] = $_POST['name'] = '';
148 unset($_POST['inactive']);
149 $access = $sections = array();
151 foreach($access as $a) $_POST['Area'.$a] = 1;
152 foreach($sections as $s) $_POST['Section'.$s] = 1;
156 $Ajax->activate('_page_body');
158 $_POST['role'] = $id;
161 //--------------------------------------------------------------------------------------------------
165 start_table(TABLESTYLE_NOBORDER);
167 security_roles_list_cells(_("Role:"). " ", 'role', null, true, true, check_value('show_inactive'));
168 $new_role = get_post('role')=='';
169 check_cells(_("Show inactive:"), 'show_inactive', null, true);
174 if (get_post('_show_inactive_update')) {
175 $Ajax->activate('role');
178 if (find_submit('_Section')) {
179 $Ajax->activate('details');
181 //-----------------------------------------------------------------------------------------------
182 div_start('details');
183 start_table(TABLESTYLE2);
184 text_row(_("Role name:"), 'name', null, 20, 22);
185 text_row(_("Role description:"), 'description', null, 50, 52);
186 record_status_list_row(_("Current status:"), 'inactive');
189 start_table(TABLESTYLE, "width='40%'");
191 $k = $j = 0; //row colour counter
192 $ext = $sec = $m = -1;
194 foreach(sort_areas($security_areas) as $area =>$parms ) {
195 // system setup areas are accessable only for site admins i.e.
196 // admins of first registered company
197 if (user_company() && (($parms[0]&0xff00) == SS_SADMIN)) continue;
199 $newsec = ($parms[0]>>8)&0xff;
200 $newext = $parms[0]>>16;
201 if ($newsec != $sec || (($newext != $ext) && ($newsec>99)))
202 { // features set selection
205 $m = $parms[0] & ~0xff;
206 label_row($security_sections[$m].':',
207 checkbox( null, 'Section'.$m, null, true,
208 _("On/off set of features")),
209 "class='tableheader2'", "class='tableheader'");
211 if (check_value('Section'.$m)) {
212 alt_table_row_color($k);
213 check_cells($parms[1], 'Area'.$parms[0], null,
214 false, '', "align='center'");
217 hidden('Area'.$parms[0]);
223 div_start('controls');
227 submit_center_first('Update', _("Update view"), '', null);
228 submit_center_last('addupdate', _("Insert New Role"), '', 'default');
232 submit_center_first('addupdate', _("Save Role"), '', 'default');
233 submit('Update', _("Update view"), true, '', null);
234 submit('clone', _("Clone This Role"), true, '', true);
235 submit('delete', _("Delete This Role"), true, '', true);
236 submit_center_last('cancel', _("Cancel"), _("Cancel Edition"), 'cancel');