-$security_areas = array(
- // database table crud operations and administrative areas
- SA_CUSTOMER => _("Sales customer and branches"),
- _("Sales groups"),
- _("Sales prices"),
- _("Sales staff"),
- _("Sales areas"),
- _("Credit status definitions"),
- _("Sales templates"),
- _("Recurrent invoices definitions"),
- // documents, transactions entry
- SA_SALESORDER => _("Sales order entry"),
- _("Sales deliveries"),
- _("Sales invoices"),
- _("Sales credit notes against invoice"),
- _("Sales freehand credit notes"),
- _("Customer payments"),
- // maintenance and analytics
- SA_SALESALLOC => _("Customer allocations"),
- _("Customer analytical reports and inquiries"),
- _("Sales reports"),
- _("Sales other reports and inquires"),
- // database table crud operations and administrative areas
- SA_SUPPLIER => _("Suppliers"),
- // documents, transactions entry
- SA_PURCHASEORDER => _("Purchase Order Entry"),
- _("Outstanding Purchase Orders"),
- _("Supplier Invoices"),
- _("Supplier Credit Notes"),
- _("Supplier Payments"),
- // maintenance and analytics
- SA_SUPPLIERALLOC => _("Supplier allocations"),
- _("Supplier analytical reports and inquiries"),
- _("Supplier reports"),
- _("Supplier other reports and inquiries"),
- // database table crud operations and administrative areas
- SA_ITEM => _("Items"),
- _("Foreign Item Codes"),
- _("Sales Kits"),
- _("Item Categories"),
- _("Inventory Locations"),
- _("Inventory Movement Types"),
- _("Item Tax Types"),
- _("Unit of Measures"),
- _("Reorder Levels"),
- // documents, transactions entry
- SA_LOCATIONTRANSFER => _("Inventory Location Transfers"),
- _("Inventory Adjustments"),
- // maintenance and analytics
- SA_ITEMSANALYTIC => _("Items analytical reports and inquiries"),
- _("Inventory reports"),
- _("Inventory other reports and inquiries"),
- SA_SALESPRICING => _("Item Sales Pricing"),
- _("Item Purchasing Pricing"),
- _("Item Standard Costs"),
- // database table crud operations and administrative areas
- SA_BOM => _("Bill of Materials"),
- _("Work Centres"),
- // documents, transactions entry
- SA_WORKORDERENTRY => _("Work Order Entries"),
- _("Work Order Operations"),
- // maintenance and analytics
- SA_WORKORDERANALYTIC => _("Work Order analytical reports and inquiries"),
- _("Work Order Reports"),
- _("Work Order other reports and inquiries"),
- // database table crud operations and administrative areas
- SA_DIMENSION => _("Dimensions"),
- // documents, transactions entry
- SA_DIMENSiONOPERATION => _("Dimension Operations"),
- // maintenance and analytics
- SA_DIMENSIONANALYTIC => _("Dimension analytical reports and inquiries"),
- _("Dimension Reports"),
- _("Dimension other reports and inquiries"),
- // database table crud operations and administrative areas
- SA_BANKACCOUNT => _("Bank Accounts"),
- _("Quick Entries"),
- _("Currencies"),
- _("Exchange Rates"),
- _("GL Accounts"),
- _("GL Account Groups"),
- _("GL Account Classes"),
- // documents, transactions entry
- SA_PAYMENT => _("Bank Payments"),
- _("Bank Deposits"),
- _("Bank Account Transfers"),
- _("Journal Entries"),
- _("Budget Entries"),
- _("Bank Reconcile"),
- // maintenance and analytics
- SA_GLANALYTIC => _("Bank and GL analytical reports and inquiries"),
- _("Bank and GL Reports"),
- _("Bank and GL other reports and inquiries"),
- // database table crud operations and administrative areas
- SA_SETUPCOMPANY => _("Company Setup"),
- _("Users Setup"),
- _("Forms Setup"),
- _("Taxes"),
- _("Fiscal Years"),
- _("Print Profiles"),
- _("Payment Terms"),
- _("Shipping"),
- _("Point of Sales"),
- _("Printer Setup"),
- // documents, transactions entry
- SA_VOIDTRANSACTION => _("Voiding Transactions"),
- _("Viev and Print Transactions"),
- _("Attaching Documents"),
- _("Backup and Restore"),
- _("Install/Update Companies"),
- _("Install/Update Languages"),
- _("Install/Upgrade Modules"),
- _("Software Upgrades"),
-);
-?>
\ No newline at end of file
+function add_access_extensions()
+{
+ global $security_areas, $security_sections, $installed_extensions;
+
+ foreach($installed_extensions as $extid => $ext) {
+ $accext = hook_invoke($ext['package'], 'install_access', $dummy);
+ if ($accext == null) continue;
+
+ $scode = 100;
+ $acode = 100;
+ $extsections = $accext[1];
+ $extareas = $accext[0];
+ $extcode = $extid<<16;
+
+ $trans = array();
+ foreach($extsections as $code =>$name) {
+ $trans[$code] = $scode<<8;
+ // reassign section codes
+ $security_sections[$trans[$code]|$extcode] = $name;
+ $scode++;
+ }
+ foreach($extareas as $code => $area) {
+ $section = $area[0]&0xff00;
+ // extension modules:
+ // if area belongs to nonstandard section
+ // use translated section codes and
+ // preserve lower part of area code
+ if (isset($trans[$section])) {
+ $section = $trans[$section];
+ }
+ // otherwise assign next available
+ // area code >99
+ $area[0] = $extcode | $section | ($acode++);
+ $security_areas[$code] = $area;
+ }
+ }
+}
+
+function check_edit_access($name)
+{
+ global $input_security;
+
+ $access = @$input_security[$name];
+
+ if (!$access)
+ $access = @$input_security['']; // default access level
+
+ if (!$access)
+ return true; // if constraint is not defined edit access is allowed
+
+ return user_check_access($access);
+}
+/*
+ Returns POST value or null if edit access to $name control is forbidden.
+*/
+function access_post($name, $dflt=null)
+{
+ if (!check_edit_access($name))
+ return $dflt;
+ else
+ return get_post($name, $dflt);
+}
+
+/*
+ Returns numeric input value or null if edit access to $name control is forbidden.
+*/
+function access_num($name, $dflt=null)
+{
+ if (!check_edit_access($name))
+ return $dflt;
+ else
+ return input_num($name, $dflt);
+}