X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Faccess_levels.inc;h=3bb331d78533b8247dcce48599df6d17261549d6;hb=cae3ea743a1a1c96a4e679e2378c758500cd233e;hp=3c60a0922a83a308498896ac2fc63b4cf2314ded;hpb=c70823611ef71079c28542f4810cc50c183a8cd5;p=fa-stable.git

diff --git a/includes/access_levels.inc b/includes/access_levels.inc
index 3c60a092..3bb331d7 100644
--- a/includes/access_levels.inc
+++ b/includes/access_levels.inc
@@ -19,6 +19,10 @@
 	Every security section can contain up to 256 different areas.
 	External modules can extend security roles system by adding rows to 
 	$security_sections and $security_areas using section codes >=100.
+	Security areas and sections created by extension modules/plugins
+	have dynamically assigned 3-byte integer codes. The highest byte is zero
+	for sections/areas defined in this file, and extid+1 for those defined 
+	by extensions 
 */
 define('SS_SADMIN',	1<<8);	// site admin
 define('SS_SETUP',	2<<8);	// company level setup
@@ -64,6 +68,7 @@ $security_sections = array(
  SS_MANUF_C => _("Manufacturing configuration"),
  SS_MANUF => _("Manufacturing transations"),
  SS_MANUF_A => _("Manufacturing analytics"),
+ SS_DIM_C => _("Dimensions configuration"),
  SS_DIM => _("Dimensions"),
  SS_GL_C => _("Banking & GL configuration"),
  SS_GL => _("Banking & GL transactions"),
@@ -128,6 +133,7 @@ $security_areas =array(
 
 	'SA_SALESTRANSVIEW' => array(SS_SALES|1,  _("Sales transactions view")),
 	'SA_CUSTOMER' => array(SS_SALES|2,  _("Sales customer and branches changes")),
+	'SA_SALESQUOTE' => array(SS_SALES|10, _("Sales quotations")),
 	'SA_SALESORDER' => array(SS_SALES|3, _("Sales orders edition")),
 	'SA_SALESDELIVERY' => array(SS_SALES|4, _("Sales deliveries edition")),
 	'SA_SALESINVOICE' => array(SS_SALES|5, _("Sales invoices edition")),
@@ -198,6 +204,8 @@ $security_areas =array(
 //
 // Dimensions
 //
+	'SA_DIMTAGS' => array(SS_DIM_C|1, _("Dimension tags")),
+
 	'SA_DIMTRANSVIEW' => array(SS_DIM|1, _("Dimension view")),
 
 	'SA_DIMENSION' => array(SS_DIM|2, _("Dimension entry")),
@@ -217,6 +225,7 @@ $security_areas =array(
 	'SA_TAXGROUPS' => array(SS_GL_C|8, _("Tax groups")),
 	'SA_FISCALYEARS' => array(SS_GL_C|9, _("Fiscal years maintenance")),
 	'SA_GLSETUP' => array(SS_GL_C|10, _("Company GL setup")),
+	'SA_GLACCOUNTTAGS' => array(SS_GL_C|11, _("GL Account tags")),
 
 	'SA_BANKTRANSVIEW' => array(SS_GL|1, _("Bank transactions view")),
 	'SA_GLTRANSVIEW' => array(SS_GL|2, _("GL postings view")),
@@ -240,16 +249,58 @@ $security_areas =array(
 	with new security areas and/or sections i.e.: 
 	. on any page with non-standard security areas
 	. in security roles editor
+	The call should be placed between session.inc inclusion and page() call.
+	Up to 155 security sections and 155 security areas for any extension can be installed.
 */
 function add_access_extensions()
 {
-	global $path_to_root, $security_areas, $security_sections;
-	
-	// Add extension private access levels
-	include($path_to_root.'/installed_extensions.php');
-	foreach($installed_extensions as $ext) {
-		if (isset($ext['acc_file']))
-			include_once($path_to_root.($ext['type'] == 'plugin' ? '/modules/':'/').$ext['path'].'/'.$ext['acc_file']);
+	global $security_areas, $security_sections, $installed_extensions;
+
+	foreach($installed_extensions as $extid => $ext) {
+		$scode = 100;
+		$acode = 100;
+		$accext = get_access_extensions($extid);
+		$extsections = $accext[1];
+		$extareas = $accext[0];
+		$extcode = $extid<<16;
+		
+		$trans = array();
+		foreach($extsections as $code =>$name) {
+			$trans[$code] = $scode<<8;
+			// reassign section codes
+			$security_sections[$trans[$code]|$extcode] = $name;
+			$scode++;
+		}
+		foreach($extareas as $code => $area) {
+			$section = $area[0]&0xff00;
+			// extension modules:
+			// if area belongs to nonstandard section
+			// use translated section codes and
+			// preserve lower part of area code
+			if (isset($trans[$section])) {
+				$section = $trans[$section];
+			} 
+				// otherwise assign next available
+				// area code >99
+			$area[0] = $extcode | $section | ($acode++);
+			$security_areas[$code] = $area;
+		}
 	}
 }
+/*
+	Helper function to retrieve extension access definitions in isolated environment.
+*/
+function get_access_extensions($id) {
+	global $path_to_root, $installed_extensions;
+	
+	$ext = $installed_extensions[$id];
+	
+	$security_sections = $security_areas = array();
+	
+	if (isset($ext['acc_file']))
+		include($path_to_root.($ext['type'] == 'plugin' ? '/modules/':'/').$ext['path'].'/'.$ext['acc_file']);
+
+	return array($security_areas, $security_sections);
+}
+
 ?>
\ No newline at end of file