X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Faccess_levels.inc;h=815a0b1a72b6b8efc4d0782bac7d068519ab3a09;hb=264c09696d65efe4532c197f317162daf8c24f32;hp=d884e741d76bbd363b65f53250559639230e9a8b;hpb=6689754b6114b76ee9bc4c53762f0dfb03b95238;p=fa-stable.git diff --git a/includes/access_levels.inc b/includes/access_levels.inc index d884e741..815a0b1a 100644 --- a/includes/access_levels.inc +++ b/includes/access_levels.inc @@ -19,6 +19,10 @@ Every security section can contain up to 256 different areas. External modules can extend security roles system by adding rows to $security_sections and $security_areas using section codes >=100. + Security areas and sections created by extension modules/plugins + have dynamically assigned 3-byte integer codes. The highest byte is zero + for sections/areas defined in this file, and extid+1 for those defined + by extensions */ define('SS_SADMIN', 1<<8); // site admin define('SS_SETUP', 2<<8); // company level setup @@ -62,8 +66,9 @@ $security_sections = array( SS_ITEMS => _("Inventory operations"), SS_ITEMS_A => _("Inventory analytics"), SS_MANUF_C => _("Manufacturing configuration"), - SS_MANUF => _("Manufacturing transations"), + SS_MANUF => _("Manufacturing transactions"), SS_MANUF_A => _("Manufacturing analytics"), + SS_DIM_C => _("Dimensions configuration"), SS_DIM => _("Dimensions"), SS_GL_C => _("Banking & GL configuration"), SS_GL => _("Banking & GL transactions"), @@ -105,6 +110,7 @@ $security_areas =array( 'SA_INVENTORYMOVETYPE' => array(SS_SETUP|11, _("Inventory movement types")), 'SA_WORKCENTRES' => array(SS_SETUP|12, _("Manufacture work centres")), 'SA_FORMSETUP' => array(SS_SETUP|13, _("Forms setup")), + 'SA_CRMCATEGORY' => array(SS_SETUP|14, _("Contact categories")), // // Special and common functions // @@ -112,9 +118,9 @@ $security_areas =array( 'SA_BACKUP' => array(SS_SPEC|2, _("Database backup/restore")), 'SA_VIEWPRINTTRANSACTION' => array(SS_SPEC|3, _("Common view/print transactions interface")), 'SA_ATTACHDOCUMENT' => array(SS_SPEC|4, _("Attaching documents")), - 'SA_SETUPDISPLAY' => array(SS_SPEC|5, _("Display preferences")), //??? - 'SA_CHGPASSWD' => array(SS_SPEC|6, _("Password changes")), //??? - + 'SA_SETUPDISPLAY' => array(SS_SPEC|5, _("Display preferences")), + 'SA_CHGPASSWD' => array(SS_SPEC|6, _("Password changes")), + 'SA_EDITOTHERSTRANS' => array(SS_SPEC|7, _("Edit other users transactions")), // // Sales related functionality // @@ -128,6 +134,7 @@ $security_areas =array( 'SA_SALESTRANSVIEW' => array(SS_SALES|1, _("Sales transactions view")), 'SA_CUSTOMER' => array(SS_SALES|2, _("Sales customer and branches changes")), + 'SA_SALESQUOTE' => array(SS_SALES|10, _("Sales quotations")), 'SA_SALESORDER' => array(SS_SALES|3, _("Sales orders edition")), 'SA_SALESDELIVERY' => array(SS_SALES|4, _("Sales deliveries edition")), 'SA_SALESINVOICE' => array(SS_SALES|5, _("Sales invoices edition")), @@ -160,7 +167,7 @@ $security_areas =array( 'SA_SUPPLIERALLOC' => array(SS_PURCH|8, _("Supplier payments allocations")), 'SA_SUPPLIERANALYTIC' => array(SS_PURCH_A|1, _("Supplier analytical reports")), - 'SA_SUPPBULKREP' => array(SS_SALES_A|2, _("Supplier document bulk reports")), + 'SA_SUPPBULKREP' => array(SS_PURCH_A|2, _("Supplier document bulk reports")), 'SA_SUPPPAYMREP' => array(SS_PURCH_A|3, _("Supplier payments report")), // // Inventory @@ -193,11 +200,13 @@ $security_areas =array( 'SA_WORKORDERANALYTIC' => array(SS_MANUF_A|1, _("Work order analytical reports and inquiries")), 'SA_WORKORDERCOST' => array(SS_MANUF_A|2, _("Manufacturing cost inquiry")), - 'SA_MANUFBULKREP' => array(SS_SALES_A|3, _("Work order bulk reports")), + 'SA_MANUFBULKREP' => array(SS_MANUF_A|3, _("Work order bulk reports")), 'SA_BOMREP' => array(SS_MANUF_A|4, _("Bill of materials reports")), // // Dimensions // + 'SA_DIMTAGS' => array(SS_DIM_C|1, _("Dimension tags")), + 'SA_DIMTRANSVIEW' => array(SS_DIM|1, _("Dimension view")), 'SA_DIMENSION' => array(SS_DIM|2, _("Dimension entry")), @@ -214,9 +223,13 @@ $security_areas =array( 'SA_CURRENCY' => array(SS_GL_C|6, _("Currencies")), 'SA_BANKACCOUNT' => array(SS_GL_C|7, _("Bank accounts")), 'SA_TAXRATES' => array(SS_GL_C|8, _("Tax rates")), - 'SA_TAXGROUPS' => array(SS_GL_C|8, _("Tax groups")), + 'SA_TAXGROUPS' => array(SS_GL_C|12, _("Tax groups")), 'SA_FISCALYEARS' => array(SS_GL_C|9, _("Fiscal years maintenance")), 'SA_GLSETUP' => array(SS_GL_C|10, _("Company GL setup")), + 'SA_GLACCOUNTTAGS' => array(SS_GL_C|11, _("GL Account tags")), + 'SA_GLCLOSE' => array(SS_GL_C|14, _("Closing GL transactions")), + 'SA_GLREOPEN' => array(SS_GL_C|15, _("Reopening GL transactions")), // see below + 'SA_MULTIFISCALYEARS' => array(SS_GL_C|13, _("Allow entry on non closed Fiscal years")), 'SA_BANKTRANSVIEW' => array(SS_GL|1, _("Bank transactions view")), 'SA_GLTRANSVIEW' => array(SS_GL|2, _("GL postings view")), @@ -229,10 +242,76 @@ $security_areas =array( 'SA_BANKJOURNAL' => array(SS_GL|11, _("Journal entries to bank related accounts")), 'SA_BUDGETENTRY' => array(SS_GL|9, _("Budget edition")), 'SA_STANDARDCOST' => array(SS_GL|10, _("Item standard costs")), + 'SA_ACCRUALS' => array(SS_GL|12, _("Revenue / Cost Accruals")), 'SA_GLANALYTIC' => array(SS_GL_A|1, _("GL analytical reports and inquiries")), 'SA_TAXREP' => array(SS_GL_A|2, _("Tax reports and inquiries")), 'SA_BANKREP' => array(SS_GL_A|3, _("Bank reports and inquiries")), 'SA_GLREP' => array(SS_GL_A|4, _("GL reports and inquiries")), ); + +if (!@$allow_gl_reopen) + unset($security_areas['SA_GLREOPEN']); +/* + This function should be called whenever we want to extend core access level system + with new security areas and/or sections i.e.: + . on any page with non-standard security areas + . in security roles editor + The call should be placed between session.inc inclusion and page() call. + Up to 155 security sections and 155 security areas for any extension can be installed. +*/ +function add_access_extensions() +{ + global $security_areas, $security_sections, $installed_extensions; + + foreach($installed_extensions as $extid => $ext) { + $accext = hook_invoke($ext['package'], 'install_access', $dummy); + if ($accext == null) continue; + + $scode = 100; + $acode = 100; + $extsections = $accext[1]; + $extareas = $accext[0]; + $extcode = $extid<<16; + + $trans = array(); + foreach($extsections as $code =>$name) { + $trans[$code] = $scode<<8; + // reassign section codes + $security_sections[$trans[$code]|$extcode] = $name; + $scode++; + } + foreach($extareas as $code => $area) { + $section = $area[0]&0xff00; + // extension modules: + // if area belongs to nonstandard section + // use translated section codes and + // preserve lower part of area code + if (isset($trans[$section])) { + $section = $trans[$section]; + } + // otherwise assign next available + // area code >99 + $area[0] = $extcode | $section | ($acode++); + $security_areas[$code] = $area; + } + } +} +/* + Helper function to retrieve extension access definitions in isolated environment. +*/ +/* +function get_access_extensions($id) { + global $path_to_root, $installed_extensions; + + $ext = $installed_extensions[$id]; + + $security_sections = $security_areas = array(); + + if (isset($ext['acc_file'])) + include_once($path_to_root.'/'.$ext['path'].'/'.$ext['acc_file']); + + return array($security_areas, $security_sections); +} +*/ ?> \ No newline at end of file