MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
-$page_security = 20;
-$path_to_root="..";
+$page_security = 'SA_SECROLES';
+$path_to_root = "..";
include_once($path_to_root . "/includes/session.inc");
-page(_("Access setup"));
+add_access_extensions();
+
+page(_($help_context = "Access setup"));
include_once($path_to_root . "/includes/ui.inc");
include_once($path_to_root . "/includes/access_levels.inc");
$new_role = get_post('role')=='' || get_post('cancel') || get_post('clone');
//--------------------------------------------------------------------------------------------------
+// Following compare function is used for sorting areas
+// in such a way that security areas defined by module/plugin
+// is properly placed under related section regardless of
+// unique extension number, with order inside sections preserved.
+//
+function comp_areas($area1, $area2)
+{
+ $sec_comp = ($area1[0]&0xff00)-($area2[0]&0xff00);
+ return $sec_comp == 0 ? ($area1[2]-$area2[2]) : $sec_comp;
+}
+
+function sort_areas($areas)
+{
+ $old_order = 0;
+ foreach($areas as $key => $area) {
+ $areas[$key][] = $old_order++;
+ }
+ uasort($areas,'comp_areas');
+ return $areas;
+}
+//--------------------------------------------------------------------------------------------------
if (list_updated('role')) {
$Ajax->activate('details');
$Ajax->activate('controls');
display_error( _("Role name cannot be empty."));
set_focus('name');
}
-
+ // prevent accidental editor lockup by removing SA_SECROLES
+ if (get_post('role') == $_SESSION['wa_current_user']->access) {
+ if (!isset($_POST['Area'.$security_areas['SA_SECROLES'][0]])
+ || !isset($_POST['Section'.SS_SETUP])) {
+ display_error(_("Access level edition in Company setup section have to be enabled for your account."));
+ $input_error = 1;
+ set_focus(!isset($_POST['Section'.SS_SETUP])
+ ? 'Section'.SS_SETUP : 'Area'.$security_areas['SA_SECROLES'][0]);
+ }
+ }
+
if ($input_error == 0)
{
- $modules = array();
+ $sections = array();
$areas = array();
foreach($_POST as $p =>$val) {
- if (substr($p,0,4) == 'Area')
- $areas[] = substr($p, 4);
- if (substr($p,0,6) == 'Module')
- $modules[] = substr($p, 6);
+ if (substr($p,0,4) == 'Area' && $val == 1) {
+ $a = substr($p, 4);
+ if (($a&~0xffff) && (($a&0xff00)<(99<<8))) {
+ $sections[] = $a&~0xff; // add extended section for plugins
+ }
+ $areas[] = (int)$a;
+ }
+ if (substr($p,0,7) == 'Section' && $val == 1)
+ $sections[] = (int)substr($p, 7);
}
- sort($areas);
- sort($modules);
+// $areas = sort_areas($areas);
+
+ $sections = array_values($sections);
+
if ($new_role)
{
- add_security_role($_POST['name'], $_POST['description'], $modules, $areas);
+ add_security_role($_POST['name'], $_POST['description'], $sections, $areas);
display_notification(_("New security role has been added."));
} else
{
update_security_role($_POST['role'], $_POST['name'], $_POST['description'],
- $modules, $areas);
+ $sections, $areas);
update_record_status($_POST['role'], get_post('inactive'),
'security_roles', 'id');
if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) {
$id = get_post('role');
$clone = get_post('clone');
- clear_data();
+
+ unset($_POST);
if ($id) {
$row = get_security_role($id);
$_POST['description'] = $row['description'];
$_POST['name'] = $row['role'];
-// if ($row['inactive']
-// $_POST['inactive'] = 1;
-
$_POST['inactive'] = $row['inactive'];
$access = $row['areas'];
- $modules = $row['modules'];
+ $sections = $row['sections'];
}
else {
$_POST['description'] = $_POST['name'] = '';
unset($_POST['inactive']);
- $access = $modules = array();
+ $access = $sections = array();
}
foreach($access as $a) $_POST['Area'.$a] = 1;
- foreach($modules as $m) $_POST['Module'.$m] = 1;
+ foreach($sections as $s) $_POST['Section'.$s] = 1;
if($clone) {
set_focus('name');
start_form();
-start_table("class='tablestyle_noborder'");
+start_table(TABLESTYLE_NOBORDER);
start_row();
security_roles_list_cells(_("Role:"). " ", 'role', null, true, true, check_value('show_inactive'));
-//$new_role = get_post('role')=='';
+$new_role = get_post('role')=='';
check_cells(_("Show inactive:"), 'show_inactive', null, true);
end_row();
end_table();
$Ajax->activate('role');
set_focus('role');
}
-if (find_submit('_Module')) {
+if (find_submit('_Section')) {
$Ajax->activate('details');
-// set_focus('');
}
//-----------------------------------------------------------------------------------------------
div_start('details');
-start_table($table_style2);
+start_table(TABLESTYLE2);
text_row(_("Role name:"), 'name', null, 20, 22);
text_row(_("Role description:"), 'description', null, 50, 52);
record_status_list_row(_("Current status:"), 'inactive');
end_table(1);
- start_table("$table_style width=50%");
+ start_table(TABLESTYLE, "width='40%'");
$k = $j = 0; //row colour counter
- $m = 0;
- foreach($security_areas as $area =>$descr ) {
- if (($area&~0xff) != $m)
- { // features set selection
- $m = $area & ~0xff;
- label_row(sprintf(_("%s features:"), $security_modules[$m]),
- checkbox( null, 'Module'.$m, null, true,
- _("Set access to security features area")),
- "class='tableheader2'", "class='tableheader'");
- }
- if (check_value('Module'.$m)) {
+ $ext = $sec = $m = -1;
+
+ foreach(sort_areas($security_areas) as $area =>$parms ) {
+ // system setup areas are accessable only for site admins i.e.
+ // admins of first registered company
+ if (user_company() && (($parms[0]&0xff00) == SS_SADMIN)) continue;
+
+ $newsec = ($parms[0]>>8)&0xff;
+ $newext = $parms[0]>>16;
+ if ($newsec != $sec || (($newext != $ext) && ($newsec>99)))
+ { // features set selection
+ $ext = $newext;
+ $sec = $newsec;
+ $m = $parms[0] & ~0xff;
+ label_row($security_sections[$m].':',
+ checkbox( null, 'Section'.$m, null, true,
+ _("On/off set of features")),
+ "class='tableheader2'", "class='tableheader'");
+ }
+ if (check_value('Section'.$m)) {
alt_table_row_color($k);
- check_cells($descr, 'Area'.$area, null,
+ check_cells($parms[1], 'Area'.$parms[0], null,
false, '', "align='center'");
- end_row();
- } else {
- hidden('Area'.$area);
- }
- }
+ end_row();
+ } else {
+ hidden('Area'.$parms[0]);
+ }
+ }
end_table(1);
div_end();
div_start('controls');
+
if ($new_role)
{
- submit_center('addupdate', _("Insert New Role"), true, '', 'default');
+ submit_center_first('Update', _("Update view"), '', null);
+ submit_center_last('addupdate', _("Insert New Role"), '', 'default');
}
else
{
- submit_center_first('addupdate', _("Update Role"), '', 'default');
+ submit_center_first('addupdate', _("Save Role"), '', 'default');
+ submit('Update', _("Update view"), true, '', null);
submit('clone', _("Clone This Role"), true, '', true);
submit('delete', _("Delete This Role"), true, '', true);
submit_center_last('cancel', _("Cancel"), _("Cancel Edition"), 'cancel');
end_form();
end_page();
-?>