X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Faccess_levels.inc;h=62a71cb61d4f334cefe22364f91cc618b936331a;hb=5a3cbfe6d2df1c8c32edcab8bf93e8a8432a15fc;hp=9c502debbee2fd634ca801472afe87f44947885d;hpb=1760750c302521293d3d7403dc8d69d8c4cf7c2c;p=fa-stable.git diff --git a/includes/access_levels.inc b/includes/access_levels.inc index 9c502deb..62a71cb6 100644 --- a/includes/access_levels.inc +++ b/includes/access_levels.inc @@ -40,6 +40,10 @@ define('SS_ITEMS_C',31<<8); define('SS_ITEMS', 32<<8); define('SS_ITEMS_A',33<<8); +define('SS_ASSETS_C',36<<8); +define('SS_ASSETS', 37<<8); +define('SS_ASSETS_A',38<<8); + define('SS_MANUF_C',41<<8); define('SS_MANUF', 42<<8); define('SS_MANUF_A',43<<8); @@ -53,26 +57,29 @@ define('SS_GL', 62<<8); define('SS_GL_A', 63<<8); $security_sections = array( - SS_SADMIN => _("System administration"), - SS_SETUP => _("Company setup"), - SS_SPEC => _("Special maintenance"), - SS_SALES_C => _("Sales configuration"), - SS_SALES => _("Sales transactions"), - SS_SALES_A => _("Sales related reports"), - SS_PURCH_C => _("Purchase configuration"), - SS_PURCH => _("Purchase transactions"), - SS_PURCH_A => _("Purchase analytics"), - SS_ITEMS_C => _("Inventory configuration"), - SS_ITEMS => _("Inventory operations"), - SS_ITEMS_A => _("Inventory analytics"), - SS_MANUF_C => _("Manufacturing configuration"), - SS_MANUF => _("Manufacturing transations"), - SS_MANUF_A => _("Manufacturing analytics"), - SS_DIM_C => _("Dimensions configuration"), - SS_DIM => _("Dimensions"), - SS_GL_C => _("Banking & GL configuration"), - SS_GL => _("Banking & GL transactions"), - SS_GL_A => _("Banking & GL analytics") + SS_SADMIN => _("System administration"), + SS_SETUP => _("Company setup"), + SS_SPEC => _("Special maintenance"), + SS_SALES_C => _("Sales configuration"), + SS_SALES => _("Sales transactions"), + SS_SALES_A => _("Sales related reports"), + SS_PURCH_C => _("Purchase configuration"), + SS_PURCH => _("Purchase transactions"), + SS_PURCH_A => _("Purchase analytics"), + SS_ITEMS_C => _("Inventory configuration"), + SS_ITEMS => _("Inventory operations"), + SS_ITEMS_A => _("Inventory analytics"), + SS_ASSETS_C => _("Fixed Assets configuration"), + SS_ASSETS => _("Fixed Assets operations"), + SS_ASSETS_A => _("Fixed Assets analytics"), + SS_MANUF_C => _("Manufacturing configuration"), + SS_MANUF => _("Manufacturing transactions"), + SS_MANUF_A => _("Manufacturing analytics"), + SS_DIM_C => _("Dimensions configuration"), + SS_DIM => _("Dimensions"), + SS_GL_C => _("Banking & GL configuration"), + SS_GL => _("Banking & GL transactions"), + SS_GL_A => _("Banking & GL analytics") ); /* @@ -110,6 +117,7 @@ $security_areas =array( 'SA_INVENTORYMOVETYPE' => array(SS_SETUP|11, _("Inventory movement types")), 'SA_WORKCENTRES' => array(SS_SETUP|12, _("Manufacture work centres")), 'SA_FORMSETUP' => array(SS_SETUP|13, _("Forms setup")), + 'SA_CRMCATEGORY' => array(SS_SETUP|14, _("Contact categories")), // // Special and common functions // @@ -117,9 +125,9 @@ $security_areas =array( 'SA_BACKUP' => array(SS_SPEC|2, _("Database backup/restore")), 'SA_VIEWPRINTTRANSACTION' => array(SS_SPEC|3, _("Common view/print transactions interface")), 'SA_ATTACHDOCUMENT' => array(SS_SPEC|4, _("Attaching documents")), - 'SA_SETUPDISPLAY' => array(SS_SPEC|5, _("Display preferences")), //??? - 'SA_CHGPASSWD' => array(SS_SPEC|6, _("Password changes")), //??? - + 'SA_SETUPDISPLAY' => array(SS_SPEC|5, _("Display preferences")), + 'SA_CHGPASSWD' => array(SS_SPEC|6, _("Password changes")), + 'SA_EDITOTHERSTRANS' => array(SS_SPEC|7, _("Edit other users transactions")), // // Sales related functionality // @@ -186,6 +194,20 @@ $security_areas =array( 'SA_ITEMSANALYTIC' => array(SS_ITEMS_A|2, _("Items analytical reports and inquiries")), 'SA_ITEMSVALREP' => array(SS_ITEMS_A|3, _("Inventory valuation report")), +// +// Fixed Assets +// + 'SA_ASSET' => array(SS_ASSETS_C|1, _("Fixed Asset items add/edit")), + 'SA_ASSETCATEGORY' => array(SS_ASSETS_C|2, _("Fixed Asset categories")), + 'SA_ASSETCLASS' => array(SS_ASSETS_C|4, _("Fixed Asset classes")), + + 'SA_ASSETSTRANSVIEW' => array(SS_ASSETS|1, _("Fixed Asset transactions view")), + 'SA_ASSETTRANSFER' => array(SS_ASSETS|2, _("Fixed Asset location transfers")), + 'SA_ASSETDISPOSAL' => array(SS_ASSETS|3, _("Fixed Asset disposals")), + 'SA_DEPRECIATION' => array(SS_ASSETS|4, _("Depreciation")), + + 'SA_ASSETSANALYTIC' => array(SS_ASSETS_A|1, _("Fixed Asset analytical reports and inquiries")), + // // Manufacturing module // @@ -199,7 +221,7 @@ $security_areas =array( 'SA_WORKORDERANALYTIC' => array(SS_MANUF_A|1, _("Work order analytical reports and inquiries")), 'SA_WORKORDERCOST' => array(SS_MANUF_A|2, _("Manufacturing cost inquiry")), - 'SA_MANUFBULKREP' => array(SS_SALES_A|3, _("Work order bulk reports")), + 'SA_MANUFBULKREP' => array(SS_MANUF_A|3, _("Work order bulk reports")), 'SA_BOMREP' => array(SS_MANUF_A|4, _("Bill of materials reports")), // // Dimensions @@ -222,10 +244,13 @@ $security_areas =array( 'SA_CURRENCY' => array(SS_GL_C|6, _("Currencies")), 'SA_BANKACCOUNT' => array(SS_GL_C|7, _("Bank accounts")), 'SA_TAXRATES' => array(SS_GL_C|8, _("Tax rates")), - 'SA_TAXGROUPS' => array(SS_GL_C|8, _("Tax groups")), + 'SA_TAXGROUPS' => array(SS_GL_C|12, _("Tax groups")), 'SA_FISCALYEARS' => array(SS_GL_C|9, _("Fiscal years maintenance")), 'SA_GLSETUP' => array(SS_GL_C|10, _("Company GL setup")), 'SA_GLACCOUNTTAGS' => array(SS_GL_C|11, _("GL Account tags")), + 'SA_GLCLOSE' => array(SS_GL_C|14, _("Closing GL transactions")), + 'SA_GLREOPEN' => array(SS_GL_C|15, _("Reopening GL transactions")), // see below + 'SA_MULTIFISCALYEARS' => array(SS_GL_C|13, _("Allow entry on non closed Fiscal years")), 'SA_BANKTRANSVIEW' => array(SS_GL|1, _("Bank transactions view")), 'SA_GLTRANSVIEW' => array(SS_GL|2, _("GL postings view")), @@ -238,12 +263,16 @@ $security_areas =array( 'SA_BANKJOURNAL' => array(SS_GL|11, _("Journal entries to bank related accounts")), 'SA_BUDGETENTRY' => array(SS_GL|9, _("Budget edition")), 'SA_STANDARDCOST' => array(SS_GL|10, _("Item standard costs")), + 'SA_ACCRUALS' => array(SS_GL|12, _("Revenue / Cost Accruals")), 'SA_GLANALYTIC' => array(SS_GL_A|1, _("GL analytical reports and inquiries")), 'SA_TAXREP' => array(SS_GL_A|2, _("Tax reports and inquiries")), 'SA_BANKREP' => array(SS_GL_A|3, _("Bank reports and inquiries")), 'SA_GLREP' => array(SS_GL_A|4, _("GL reports and inquiries")), ); + +if (!@$SysPrefs->allow_gl_reopen) + unset($security_areas['SA_GLREOPEN']); /* This function should be called whenever we want to extend core access level system with new security areas and/or sections i.e.: @@ -257,9 +286,11 @@ function add_access_extensions() global $security_areas, $security_sections, $installed_extensions; foreach($installed_extensions as $extid => $ext) { + $accext = hook_invoke($ext['package'], 'install_access', $dummy); + if ($accext == null) continue; + $scode = 100; $acode = 100; - $accext = get_access_extensions($extid); $extsections = $accext[1]; $extareas = $accext[0]; $extcode = $extid<<16; @@ -287,20 +318,39 @@ function add_access_extensions() } } } + +function check_edit_access($name) +{ + global $input_security; + + $access = @$input_security[$name]; + + if (!$access) + $access = @$input_security['']; // default access level + + if (!$access) + return true; // if constraint is not defined edit access is allowed + + return user_check_access($access); +} /* - Helper function to retrieve extension access definitions in isolated environment. + Returns POST value or null if edit access to $name control is forbidden. */ -function get_access_extensions($id) { - global $path_to_root, $installed_extensions; - - $ext = $installed_extensions[$id]; - - $security_sections = $security_areas = array(); - - if (isset($ext['acc_file'])) - include($path_to_root.($ext['type'] == 'plugin' ? '/modules/':'/').$ext['path'].'/'.$ext['acc_file']); - - return array($security_areas, $security_sections); +function access_post($name, $dflt=null) +{ + if (!check_edit_access($name)) + return $dflt; + else + return get_post($name, $dflt); } -?> \ No newline at end of file +/* + Returns numeric input value or null if edit access to $name control is forbidden. +*/ +function access_num($name, $dflt=null) +{ + if (!check_edit_access($name)) + return $dflt; + else + return input_num($name, $dflt); +}