projects / fa-stable.git / blob
? search:


a6792f863da9417508b390388a1879c5bc5a19c7
[fa-stable.git] / admin / security_roles.php
1 <?php
2 /**********************************************************************
3     Copyright (C) FrontAccounting, LLC.
4         Released under the terms of the GNU General Public License, GPL, 
5         as published by the Free Software Foundation, either version 3 
6         of the License, or (at your option) any later version.
7     This program is distributed in the hope that it will be useful,
8     but WITHOUT ANY WARRANTY; without even the implied warranty of
9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
12 $page_security = 'SA_SECROLES';
13 $path_to_root = "..";
14 include_once($path_to_root . "/includes/session.inc");
15
16 add_access_extensions();
17
18 page(_("Access setup"));
19
20 include_once($path_to_root . "/includes/ui.inc");
21 include_once($path_to_root . "/includes/access_levels.inc");
22 include_once($path_to_root . "/admin/db/security_db.inc");
23
24 $new_role = get_post('role')=='' || get_post('cancel') || get_post('clone'); 
25 //--------------------------------------------------------------------------------------------------
26 if (list_updated('role')) {
27         $Ajax->activate('details');
28         $Ajax->activate('controls');
29 }
30
31 function clear_data()
32 {
33         unset($_POST);
34 }
35
36 if (get_post('addupdate'))
37 {
38         $input_error = 0;
39         if ($_POST['description'] == '')
40         {
41         $input_error = 1;
42         display_error( _("Role description cannot be empty."));
43                 set_focus('description');
44         }
45         elseif ($_POST['name'] == '')
46         {
47         $input_error = 1;
48         display_error( _("Role name cannot be empty."));
49                 set_focus('name');
50         }
51         
52         if ($input_error == 0)
53         {
54                 $sections = array();
55                 $areas = array();
56                 foreach($_POST as $p =>$val) {
57                         if (substr($p,0,4) == 'Area')
58                                 $areas[] = substr($p, 4);
59                         if (substr($p,0,7) == 'Section')
60                                 $sections[] = substr($p, 7);
61                 }
62                 sort($areas);
63                 sort($sections);
64         if ($new_role) 
65         {
66                         add_security_role($_POST['name'], $_POST['description'], $sections, $areas); 
67                         display_notification(_("New security role has been added."));
68         } else
69         {
70                         update_security_role($_POST['role'], $_POST['name'], $_POST['description'], 
71                                 $sections, $areas); 
72                         update_record_status($_POST['role'], get_post('inactive'),
73                                 'security_roles', 'id');
74
75                         display_notification(_("Security role has been updated."));
76         }
77         $new_role = true;
78         clear_data();
79         $Ajax->activate('_page_body');
80         }
81 }
82
83 //--------------------------------------------------------------------------------------------------
84
85 if (get_post('delete'))
86 {
87         if (check_role_used(get_post('role'))) {
88                 display_error(_("This role is currently assigned to some users and cannot be deleted"));
89         } else {
90                 delete_security_role(get_post('role'));
91                 display_notification(_("Security role has been sucessfully deleted."));
92                 unset($_POST['role']);
93         }
94         $Ajax->activate('_page_body');
95 }
96
97 if (get_post('cancel'))
98 {
99         unset($_POST['role']);
100         $Ajax->activate('_page_body');
101 }
102
103 if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) {
104         $id = get_post('role');
105         $clone = get_post('clone');
106 //      clear_data();
107         unset($_POST);
108         if ($id) {
109                 $row = get_security_role($id);
110                 $_POST['description'] = $row['description'];
111                 $_POST['name'] = $row['role'];
112 //      if ($row['inactive']
113 //              $_POST['inactive'] = 1;
114         
115                 $_POST['inactive'] = $row['inactive'];
116                 $access = $row['areas'];
117                 $sections = $row['sections'];
118         }
119         else {
120                 $_POST['description'] = $_POST['name'] = '';
121                 unset($_POST['inactive']);
122                 $access = $sections = array();
123         }
124         foreach($access as $a) $_POST['Area'.$a] = 1;
125         foreach($sections as $s) $_POST['Section'.$s] = 1;
126
127         if($clone) {
128                 set_focus('name');
129                 $Ajax->activate('_page_body');
130         } else
131                 $_POST['role'] = $id;
132 }
133
134 //--------------------------------------------------------------------------------------------------
135
136 start_form();
137
138 start_table("class='tablestyle_noborder'");
139 start_row();
140 security_roles_list_cells(_("Role:"). "&nbsp;", 'role', null, true, true, check_value('show_inactive'));
141 $new_role = get_post('role')=='';
142 check_cells(_("Show inactive:"), 'show_inactive', null, true);
143 end_row();
144 end_table();
145 echo "<hr>";
146
147 if (get_post('_show_inactive_update')) {
148         $Ajax->activate('role');
149         set_focus('role');
150 }
151 if (find_submit('_Section')) {
152         $Ajax->activate('details');
153 //      set_focus('');
154 }
155 //-----------------------------------------------------------------------------------------------
156 div_start('details');
157 start_table($table_style2);
158         text_row(_("Role name:"), 'name', null, 20, 22);
159         text_row(_("Role description:"), 'description', null, 50, 52);
160         record_status_list_row(_("Current status:"), 'inactive');
161 end_table(1);
162
163         start_table("$table_style width=40%");
164
165         $k = $j = 0; //row colour counter
166         $m = 0;
167         asort($security_areas); // in the case installed external modules has added some lines
168         foreach($security_areas as $area =>$parms ) {
169                 if (($parms[0]&~0xff) != $m)
170                 { // features set selection
171                         $m = $parms[0] & ~0xff;
172                         label_row($security_sections[$m].':', 
173                                 checkbox( null, 'Section'.$m, null, true, 
174                                         _("On/off set of features")),
175                         "class='tableheader2'", "class='tableheader'");
176                 }
177                 if (check_value('Section'.$m)) {
178                                 alt_table_row_color($k);
179                                 check_cells($parms[1], 'Area'.$parms[0], null, 
180                                         false, '', "align='center'");
181                         end_row();
182                 } else {
183                         hidden('Area'.$parms[0]);
184                 }
185         }
186         end_table(1);
187 div_end();
188
189 div_start('controls');
190
191 if ($new_role) 
192 {
193         submit_center_first('Update', _("Update view"), '', null);
194         submit_center_last('addupdate', _("Insert New Role"), '', 'default');
195
196 else 
197 {
198         submit_center_first('addupdate', _("Save Role"), '', 'default');
199         submit('Update', _("Update view"), true, '', null);
200         submit('clone', _("Clone This Role"), true, '', true);
201         submit('delete', _("Delete This Role"), true, '', true);
202         submit_center_last('cancel', _("Cancel"), _("Cancel Edition"), 'cancel');
203 }
204
205 div_end();
206
207 end_form();
208 end_page();
209
210 ?>
FrontAccounting stable branch