admin/security_roles.php

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12 $page_security = 'SA_SECROLES';
  13 $path_to_root = "..";
  14 include_once($path_to_root . "/includes/session.inc");
  15
  16 page(_("Access setup"));
  17
  18 include_once($path_to_root . "/includes/ui.inc");
  19 include_once($path_to_root . "/includes/access_levels.inc");
  20 include_once($path_to_root . "/admin/db/security_db.inc");
  21
  22 $new_role = get_post('role')=='' || get_post('cancel') || get_post('clone');
  23 //--------------------------------------------------------------------------------------------------
  24 if (list_updated('role')) {
  25         $Ajax->activate('details');
  26         $Ajax->activate('controls');
  27 }
  28
  29 function clear_data()
  30 {
  31         unset($_POST);
  32 }
  33
  34 if (get_post('addupdate'))
  35 {
  36         $input_error = 0;
  37         if ($_POST['description'] == '')
  38         {
  39         $input_error = 1;
  40         display_error( _("Role description cannot be empty."));
  41                 set_focus('description');
  42         }
  43         elseif ($_POST['name'] == '')
  44         {
  45         $input_error = 1;
  46         display_error( _("Role name cannot be empty."));
  47                 set_focus('name');
  48         }
  49
  50         if ($input_error == 0)
  51         {
  52                 $sections = array();
  53                 $areas = array();
  54                 foreach($_POST as $p =>$val) {
  55                         if (substr($p,0,4) == 'Area')
  56                                 $areas[] = substr($p, 4);
  57                         if (substr($p,0,6) == 'Section')
  58                                 $sections[] = substr($p, 6);
  59                 }
  60                 sort($areas);
  61                 sort($sections);
  62         if ($new_role)
  63         {
  64                         add_security_role($_POST['name'], $_POST['description'], $sections, $areas);
  65                         display_notification(_("New security role has been added."));
  66         } else
  67         {
  68                         update_security_role($_POST['role'], $_POST['name'], $_POST['description'],
  69                                 $sections, $areas);
  70                         update_record_status($_POST['role'], get_post('inactive'),
  71                                 'security_roles', 'id');
  72
  73                         display_notification(_("Security role has been updated."));
  74         }
  75         $new_role = true;
  76         clear_data();
  77         $Ajax->activate('_page_body');
  78         }
  79 }
  80
  81 //--------------------------------------------------------------------------------------------------
  82
  83 if (get_post('delete'))
  84 {
  85         if (check_role_used(get_post('role'))) {
  86                 display_error(_("This role is currently assigned to some users and cannot be deleted"));
  87         } else {
  88                 delete_security_role(get_post('role'));
  89                 display_notification(_("Security role has been sucessfully deleted."));
  90                 unset($_POST['role']);
  91         }
  92         $Ajax->activate('_page_body');
  93 }
  94
  95 if (get_post('cancel'))
  96 {
  97         unset($_POST['role']);
  98         $Ajax->activate('_page_body');
  99 }
 100
 101 if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) {
 102         $id = get_post('role');
 103         $clone = get_post('clone');
 104 //      clear_data();
 105         unset($_POST);
 106         if ($id) {
 107                 $row = get_security_role($id);
 108                 $_POST['description'] = $row['description'];
 109                 $_POST['name'] = $row['role'];
 110 //      if ($row['inactive']
 111 //              $_POST['inactive'] = 1;
 112
 113                 $_POST['inactive'] = $row['inactive'];
 114                 $access = $row['areas'];
 115                 $sections = $row['sections'];
 116         }
 117         else {
 118                 $_POST['description'] = $_POST['name'] = '';
 119                 unset($_POST['inactive']);
 120                 $access = $sections = array();
 121         }
 122         foreach($access as $a) $_POST['Area'.$a] = 1;
 123         foreach($sections as $s) $_POST['Section'.$s] = 1;
 124
 125         if($clone) {
 126                 set_focus('name');
 127                 $Ajax->activate('_page_body');
 128         } else
 129                 $_POST['role'] = $id;
 130 }
 131
 132 //--------------------------------------------------------------------------------------------------
 133
 134 start_form();
 135
 136 start_table("class='tablestyle_noborder'");
 137 start_row();
 138 security_roles_list_cells(_("Role:"). "&nbsp;", 'role', null, true, true, check_value('show_inactive'));
 139 $new_role = get_post('role')=='';
 140 check_cells(_("Show inactive:"), 'show_inactive', null, true);
 141 end_row();
 142 end_table();
 143 echo "<hr>";
 144
 145 if (get_post('_show_inactive_update')) {
 146         $Ajax->activate('role');
 147         set_focus('role');
 148 }
 149 if (find_submit('_Section')) {
 150         $Ajax->activate('details');
 151 //      set_focus('');
 152 }
 153 //-----------------------------------------------------------------------------------------------
 154 div_start('details');
 155 start_table($table_style2);
 156         text_row(_("Role name:"), 'name', null, 20, 22);
 157         text_row(_("Role description:"), 'description', null, 50, 52);
 158         record_status_list_row(_("Current status:"), 'inactive');
 159 end_table(1);
 160
 161         start_table("$table_style width=40%");
 162
 163         $k = $j = 0; //row colour counter
 164         $m = 0;
 165         asort($security_areas); // in the case installed external modules has added some lines
 166         foreach($security_areas as $area =>$parms ) {
 167                 if (($parms[0]&~0xff) != $m)
 168                 { // features set selection
 169                         $m = $parms[0] & ~0xff;
 170                         label_row($security_sections[$m].':',
 171                                 checkbox( null, 'Section'.$m, null, true,
 172                                         _("On/off set of features")),
 173                         "class='tableheader2'", "class='tableheader'");
 174                 }
 175                 if (check_value('Section'.$m)) {
 176                                 alt_table_row_color($k);
 177                                 check_cells($parms[1], 'Area'.$parms[0], null,
 178                                         false, '', "align='center'");
 179                         end_row();
 180                 } else {
 181                         hidden('Area'.$parms[0]);
 182                 }
 183         }
 184         end_table(1);
 185 div_end();
 186
 187 div_start('controls');
 188
 189 if ($new_role)
 190 {
 191         submit_center_first('Update', _("Update view"), '', null);
 192         submit_center_last('addupdate', _("Insert New Role"), '', 'default');
 193 }
 194 else
 195 {
 196         submit_center_first('addupdate', _("Save Role"), '', 'default');
 197         submit('Update', _("Update view"), true, '', null);
 198         submit('clone', _("Clone This Role"), true, '', true);
 199         submit('delete', _("Delete This Role"), true, '', true);
 200         submit_center_last('cancel', _("Cancel"), _("Cancel Edition"), 'cancel');
 201 }
 202
 203 div_end();
 204
 205 end_form();
 206 end_page();
 207
 208 ?>