$path_to_root = "..";
include_once($path_to_root . "/includes/session.inc");
-page(_("Access setup"));
+add_access_extensions();
+
+page(_($help_context = "Access setup"));
include_once($path_to_root . "/includes/ui.inc");
include_once($path_to_root . "/includes/access_levels.inc");
$new_role = get_post('role')=='' || get_post('cancel') || get_post('clone');
//--------------------------------------------------------------------------------------------------
+// Following compare function is used for sorting areas
+// in such a way that security areas defined by module/plugin
+// is properly placed under related section regardless of
+// unique extension number, with order inside sections preserved.
+//
+function comp_areas($area1, $area2)
+{
+ $sec_comp = ($area1[0]&0xff00)-($area2[0]&0xff00);
+ return $sec_comp == 0 ? ($area1[2]-$area2[2]) : $sec_comp;
+}
+
+function sort_areas($areas)
+{
+ $old_order = 0;
+ foreach($areas as $key => $area) {
+ $areas[$key][] = $old_order++;
+ }
+ uasort($areas,'comp_areas');
+ return $areas;
+}
+//--------------------------------------------------------------------------------------------------
if (list_updated('role')) {
$Ajax->activate('details');
$Ajax->activate('controls');
display_error( _("Role name cannot be empty."));
set_focus('name');
}
-
+ // prevent accidental editor lockup by removing SA_SECROLES
+ if (get_post('role') == $_SESSION['wa_current_user']->access) {
+ if (!isset($_POST['Area'.$security_areas['SA_SECROLES'][0]])
+ || !isset($_POST['Section'.SS_SETUP])) {
+ display_error(_("Access level edition in Company setup section have to be enabled for your account."));
+ $input_error = 1;
+ set_focus(!isset($_POST['Section'.SS_SETUP])
+ ? 'Section'.SS_SETUP : 'Area'.$security_areas['SA_SECROLES'][0]);
+ }
+ }
+
if ($input_error == 0)
{
$sections = array();
$areas = array();
foreach($_POST as $p =>$val) {
- if (substr($p,0,4) == 'Area')
- $areas[] = substr($p, 4);
- if (substr($p,0,7) == 'Section')
- $sections[] = substr($p, 7);
+ if (substr($p,0,4) == 'Area' && $val == 1) {
+ $a = substr($p, 4);
+ if (($a&~0xffff) && (($a&0xff00)<(99<<8))) {
+ $sections[] = $a&~0xff; // add extended section for plugins
+ }
+ $areas[] = (int)$a;
+ }
+ if (substr($p,0,7) == 'Section' && $val == 1)
+ $sections[] = (int)substr($p, 7);
}
- sort($areas);
- sort($sections);
+// $areas = sort_areas($areas);
+
+ $sections = array_values($sections);
+
if ($new_role)
{
add_security_role($_POST['name'], $_POST['description'], $sections, $areas);
if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) {
$id = get_post('role');
$clone = get_post('clone');
-// clear_data();
+
unset($_POST);
if ($id) {
$row = get_security_role($id);
$_POST['description'] = $row['description'];
$_POST['name'] = $row['role'];
-// if ($row['inactive']
-// $_POST['inactive'] = 1;
-
$_POST['inactive'] = $row['inactive'];
$access = $row['areas'];
$sections = $row['sections'];
start_form();
-start_table("class='tablestyle_noborder'");
+start_table(TABLESTYLE_NOBORDER);
start_row();
security_roles_list_cells(_("Role:"). " ", 'role', null, true, true, check_value('show_inactive'));
$new_role = get_post('role')=='';
}
if (find_submit('_Section')) {
$Ajax->activate('details');
-// set_focus('');
}
//-----------------------------------------------------------------------------------------------
div_start('details');
-start_table($table_style2);
+start_table(TABLESTYLE2);
text_row(_("Role name:"), 'name', null, 20, 22);
text_row(_("Role description:"), 'description', null, 50, 52);
record_status_list_row(_("Current status:"), 'inactive');
end_table(1);
- start_table("$table_style width=40%");
+ start_table(TABLESTYLE, "width='40%'");
$k = $j = 0; //row colour counter
- $m = 0;
- asort($security_areas); // in the case installed external modules has added some lines
- foreach($security_areas as $area =>$parms ) {
- if (($parms[0]&~0xff) != $m)
+ $ext = $sec = $m = -1;
+
+ foreach(sort_areas($security_areas) as $area =>$parms ) {
+ // system setup areas are accessable only for site admins i.e.
+ // admins of first registered company
+ if (user_company() && (($parms[0]&0xff00) == SS_SADMIN)) continue;
+
+ $newsec = ($parms[0]>>8)&0xff;
+ $newext = $parms[0]>>16;
+ if ($newsec != $sec || (($newext != $ext) && ($newsec>99)))
{ // features set selection
+ $ext = $newext;
+ $sec = $newsec;
$m = $parms[0] & ~0xff;
label_row($security_sections[$m].':',
checkbox( null, 'Section'.$m, null, true,
end_form();
end_page();
-?>
projects / fa-stable.git / blobdiff