X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fsecurity_roles.php;h=bce6661f2e2cc88a414f68f4238f33c38ee44b10;hb=31966256a900343308ce287a246fe3a52e9a613c;hp=5617eb79a9ede3b45bfe730bfa74e561f0c0bd9f;hpb=a6b28bd57bd9c1d75e231dff552b2913dbf5ab8f;p=fa-stable.git diff --git a/admin/security_roles.php b/admin/security_roles.php index 5617eb79..bce6661f 100644 --- a/admin/security_roles.php +++ b/admin/security_roles.php @@ -15,7 +15,7 @@ include_once($path_to_root . "/includes/session.inc"); add_access_extensions(); -page(_("Access setup")); +page(_($help_context = "Access setup")); include_once($path_to_root . "/includes/ui.inc"); include_once($path_to_root . "/includes/access_levels.inc"); @@ -23,6 +23,27 @@ include_once($path_to_root . "/admin/db/security_db.inc"); $new_role = get_post('role')=='' || get_post('cancel') || get_post('clone'); //-------------------------------------------------------------------------------------------------- +// Following compare function is used for sorting areas +// in such a way that security areas defined by module/plugin +// is properly placed under related section regardless of +// unique extension number, with order inside sections preserved. +// +function comp_areas($area1, $area2) +{ + $sec_comp = ($area1[0]&0xff00)-($area2[0]&0xff00); + return $sec_comp == 0 ? ($area1[2]-$area2[2]) : $sec_comp; +} + +function sort_areas($areas) +{ + $old_order = 0; + foreach($areas as $key => $area) { + $areas[$key][] = $old_order++; + } + uasort($areas,'comp_areas'); + return $areas; +} +//-------------------------------------------------------------------------------------------------- if (list_updated('role')) { $Ajax->activate('details'); $Ajax->activate('controls'); @@ -64,14 +85,20 @@ if (get_post('addupdate')) $sections = array(); $areas = array(); foreach($_POST as $p =>$val) { - if (substr($p,0,4) == 'Area') - $areas[] = substr($p, 4); + if (substr($p,0,4) == 'Area') { + $a = substr($p, 4); + if (($a&~0xffff) && (($a&0xff00)<(99<<8))) { + $sections[] = $a&~0xff; // add extended section for plugins + } + $areas[] = $a; + } if (substr($p,0,7) == 'Section') $sections[] = substr($p, 7); } - - sort($areas); - sort($sections); +// $areas = sort_areas($areas); + + $sections = array_values($sections); + if ($new_role) { add_security_role($_POST['name'], $_POST['description'], $sections, $areas); @@ -114,7 +141,7 @@ if (get_post('cancel')) if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) { $id = get_post('role'); $clone = get_post('clone'); -// clear_data(); + unset($_POST); if ($id) { $row = get_security_role($id); @@ -161,7 +188,6 @@ if (get_post('_show_inactive_update')) { } if (find_submit('_Section')) { $Ajax->activate('details'); -// set_focus(''); } //----------------------------------------------------------------------------------------------- div_start('details'); @@ -174,16 +200,22 @@ end_table(1); start_table("$table_style width=40%"); $k = $j = 0; //row colour counter - $m = 0; - asort($security_areas); // in the case installed external modules has added some lines - foreach($security_areas as $area =>$parms ) { + $ext = $sec = $m = -1; + + foreach(sort_areas($security_areas) as $area =>$parms ) { // system setup areas are accessable only for site admins i.e. // admins of first registered company - if (user_company() && (($parms[0]&~0xff) == SS_SADMIN)) continue; - - if (($parms[0]&~0xff) != $m) + if (user_company() && (($parms[0]&0xff00) == SS_SADMIN)) continue; + + $newsec = ($parms[0]>>8)&0xff; + $newext = $parms[0]>>16; + if ($newsec != $sec || (($newext != $ext) && ($newsec>99))) { // features set selection + $ext = $newext; + $sec = $newsec; $m = $parms[0] & ~0xff; +// if(!isset($security_sections[$m])) +// display_error(sprintf("Bad section %X:", $m)); label_row($security_sections[$m].':', checkbox( null, 'Section'.$m, null, true, _("On/off set of features")),