X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Faccess_levels.inc;h=fc3d48df8e4e4b87d3ef9521e7301e749c9cb823;hb=7561718ee5113232ce917f63085d272884b0929c;hp=afc364f313e658d0d93ba4d8ad752672cb17dade;hpb=b11418d0e2c2691abcb5330e6b62bc1d45b741f1;p=fa-stable.git

diff --git a/includes/access_levels.inc b/includes/access_levels.inc
index afc364f3..fc3d48df 100644
--- a/includes/access_levels.inc
+++ b/includes/access_levels.inc
@@ -66,7 +66,7 @@ $security_sections = array(
  SS_ITEMS => _("Inventory operations"),
  SS_ITEMS_A => _("Inventory analytics"),
  SS_MANUF_C => _("Manufacturing configuration"),
- SS_MANUF => _("Manufacturing transations"),
+ SS_MANUF => _("Manufacturing transactions"),
  SS_MANUF_A => _("Manufacturing analytics"),
  SS_DIM_C => _("Dimensions configuration"),
  SS_DIM => _("Dimensions"),
@@ -118,9 +118,9 @@ $security_areas =array(
 	'SA_BACKUP' => array(SS_SPEC|2, _("Database backup/restore")),
 	'SA_VIEWPRINTTRANSACTION' => array(SS_SPEC|3, _("Common view/print transactions interface")),
 	'SA_ATTACHDOCUMENT' => array(SS_SPEC|4, _("Attaching documents")),
-	'SA_SETUPDISPLAY' => array(SS_SPEC|5, _("Display preferences")), //???
-	'SA_CHGPASSWD' => array(SS_SPEC|6, _("Password changes")), //???
-
+	'SA_SETUPDISPLAY' => array(SS_SPEC|5, _("Display preferences")),
+	'SA_CHGPASSWD' => array(SS_SPEC|6, _("Password changes")),
+	'SA_EDITOTHERSTRANS' => array(SS_SPEC|7, _("Edit other users transactions")),
 //
 // Sales related functionality
 //
@@ -250,7 +250,7 @@ $security_areas =array(
 	'SA_GLREP' => array(SS_GL_A|4, _("GL reports and inquiries")),
 );
 
-if (!@$allow_gl_reopen)
+if (!@$SysPrefs->allow_gl_reopen)
 	unset($security_areas['SA_GLREOPEN']);
 /*
 	This function should be called whenever we want to extend core access level system
@@ -314,4 +314,39 @@ function get_access_extensions($id) {
 	return array($security_areas, $security_sections);
 }
 */
-?>
\ No newline at end of file
+
+function check_edit_access($name)
+{
+	global $input_security;
+
+	$access = @$input_security[$name];
+
+	if (!$access)
+		$access = @$input_security['']; // default access level
+
+	if (!$access)
+		return true; // if constraint is not defined edit access is allowed
+
+	return  user_check_access($access);
+}
+/*
+	Returns POST value or null if edit access to $name control is forbidden.
+*/
+function access_post($name, $dflt=null)
+{
+	if (!check_edit_access($name))
+		return $dflt;
+	else
+		return get_post($name, $dflt);
+}
+
+/*
+	Returns numeric input value or null if edit access to $name control is forbidden.
+*/
+function access_num($name, $dflt=null)
+{
+	if (!check_edit_access($name))
+		return $dflt;
+	else
+		return input_num($name, $dflt);
+}