Partial changes for new access control system.

diff --git a/admin/db/security_db.inc b/admin/db/security_db.inc
new file mode 100644 (file)
index 0000000..55e56b5
--- /dev/null
+++ b/admin/db/security_db.inc
@@ -0,0 +1,65 @@
+<?php
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+       Released under the terms of the GNU General Public License, GPL, 
+       as published by the Free Software Foundation, either version 3 
+       of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+//--------------------------------------------------------------------------------------------------
+
+function get_security_role($id)
+{
+       $sql = "SELECT * FROM ".TB_PREF."security_roles WHERE id='$id'";
+       $ret = db_query($sql, "could not retrieve security roles");
+       $row = db_fetch($ret);
+       $row['areas'] = explode(';', $row['areas']);
+       $row['modules'] = explode(';', $row['modules']);
+       return $row;
+}
+
+//--------------------------------------------------------------------------------------------------
+
+function add_security_role($name, $description, $modules, $areas)
+{
+       $sql = "INSERT INTO ".TB_PREF."security_roles (role, description, modules, areas)
+       VALUES ("
+       .db_escape($name).","
+       .db_escape($description).","
+       .db_escape(implode(';',$modules)).","
+       .db_escape(implode(';',$areas)).")";
+
+       db_query($sql, "could not add new security role");
+}
+
+//--------------------------------------------------------------------------------------------------
+
+function update_security_role($id, $name, $description, $modules, $areas)
+{
+       $sql = "UPDATE ".TB_PREF."security_roles SET role=".db_escape($name)
+       .",description=".db_escape($description)
+       .",modules=".db_escape(implode(';',$modules))
+       .",areas=".db_escape(implode(';',$areas))
+       ." WHERE id=$id";
+       db_query($sql, "could not update role");
+}
+//--------------------------------------------------------------------------------------------------
+
+function delete_security_role($id)
+{
+       $sql = "DELETE FROM ".TB_PREF."security_roles WHERE id=$id";
+
+       db_query($sql, "could not delete role");
+}
+//--------------------------------------------------------------------------------------------------
+
+function check_role_used($id) {
+       $sql = "SELECT count(*) FROM ".TB_PREF."users WHERE full_access=$id";
+       $ret = db_query($sql, 'cannot check role usage');
+       $row = db_fetch($ret);
+       return $row[0];
+}
+?>
\ No newline at end of file

diff --git a/admin/security_roles.php b/admin/security_roles.php
new file mode 100644 (file)
index 0000000..e0aaab9
--- /dev/null
+++ b/admin/security_roles.php
@@ -0,0 +1,203 @@
+<?php
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+       Released under the terms of the GNU General Public License, GPL, 
+       as published by the Free Software Foundation, either version 3 
+       of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+$page_security = 20;
+$path_to_root="..";
+include_once($path_to_root . "/includes/session.inc");
+
+page(_("Access setup"));
+
+include_once($path_to_root . "/includes/ui.inc");
+include_once($path_to_root . "/includes/access_levels.inc");
+include_once($path_to_root . "/admin/db/security_db.inc");
+
+$new_role = get_post('role')=='' || get_post('cancel') || get_post('clone'); 
+//--------------------------------------------------------------------------------------------------
+if (list_updated('role')) {
+       $Ajax->activate('details');
+       $Ajax->activate('controls');
+}
+
+function clear_data()
+{
+       unset($_POST);
+}
+
+if (get_post('addupdate'))
+{
+       $input_error = 0;
+       if ($_POST['description'] == '')
+       {
+       $input_error = 1;
+       display_error( _("Role description cannot be empty."));
+               set_focus('description');
+       }
+       elseif ($_POST['name'] == '')
+       {
+       $input_error = 1;
+       display_error( _("Role name cannot be empty."));
+               set_focus('name');
+       }
+       
+       if ($input_error == 0)
+       {
+               $modules = array();
+               $areas = array();
+               foreach($_POST as $p =>$val) {
+                       if (substr($p,0,4) == 'Area')
+                               $areas[] = substr($p, 4);
+                       if (substr($p,0,6) == 'Module')
+                               $modules[] = substr($p, 6);
+               }
+               sort($areas);
+               sort($modules);
+       if ($new_role) 
+               {
+                       add_security_role($_POST['name'], $_POST['description'], $modules, $areas); 
+                       display_notification(_("New security role has been added."));
+               } else
+               {
+                       update_security_role($_POST['role'], $_POST['name'], $_POST['description'], 
+                               $modules, $areas); 
+                       update_record_status($_POST['role'], get_post('inactive'),
+                               'security_roles', 'id');
+
+                       display_notification(_("Security role has been updated."));
+               }
+       $new_role = true;
+       clear_data();
+       $Ajax->activate('_page_body');
+       }
+}
+
+//--------------------------------------------------------------------------------------------------
+
+if (get_post('delete'))
+{
+       if (check_role_used(get_post('role'))) {
+               display_error(_("This role is currently assigned to some users and cannot be deleted"));
+       } else {
+               delete_security_role(get_post('role'));
+               display_notification(_("Security role has been sucessfully deleted."));
+               unset($_POST['role']);
+       }
+       $Ajax->activate('_page_body');
+}
+
+if (get_post('cancel'))
+{
+       unset($_POST['role']);
+       $Ajax->activate('_page_body');
+}
+
+if (!isset($_POST['role']) || get_post('clone') || list_updated('role')) {
+       $id = get_post('role');
+       $clone = get_post('clone');
+       clear_data();
+       if ($id) {
+               $row = get_security_role($id);
+               $_POST['description'] = $row['description'];
+               $_POST['name'] = $row['role'];
+//     if ($row['inactive']
+//             $_POST['inactive'] = 1;
+       
+               $_POST['inactive'] = $row['inactive'];
+               $access = $row['areas'];
+               $modules = $row['modules'];
+       }
+       else {
+               $_POST['description'] = $_POST['name'] = '';
+               unset($_POST['inactive']);
+               $access = $modules = array();
+       }
+       foreach($access as $a) $_POST['Area'.$a] = 1;
+       foreach($modules as $m) $_POST['Module'.$m] = 1;
+
+       if($clone) {
+               set_focus('name');
+               $Ajax->activate('_page_body');
+       } else
+               $_POST['role'] = $id;
+}
+
+//--------------------------------------------------------------------------------------------------
+
+start_form();
+
+start_table("class='tablestyle_noborder'");
+start_row();
+security_roles_list_cells(_("Role:"). "&nbsp;", 'role', null, true, true, check_value('show_inactive'));
+//$new_role = get_post('role')=='';
+check_cells(_("Show inactive:"), 'show_inactive', null, true);
+end_row();
+end_table();
+echo "<hr>";
+
+if (get_post('_show_inactive_update')) {
+       $Ajax->activate('role');
+       set_focus('role');
+}
+if (find_submit('_Module')) {
+       $Ajax->activate('details');
+//     set_focus('');
+}
+//-----------------------------------------------------------------------------------------------
+div_start('details');
+start_table($table_style2);
+       text_row(_("Role name:"), 'name', null, 20, 22);
+       text_row(_("Role description:"), 'description', null, 50, 52);
+       record_status_list_row(_("Current status:"), 'inactive');
+end_table(1);
+
+       start_table("$table_style width=50%");
+
+       $k = $j = 0; //row colour counter
+       $m = 0;
+               foreach($security_areas as $area =>$descr ) {
+            if (($area&~0xff) != $m)
+            { // features set selection
+               $m = $area & ~0xff;
+                               label_row(sprintf(_("%s features:"), $security_modules[$m]), 
+                                       checkbox( null, 'Module'.$m, null, true, 
+                                               _("Set access to security features area")),
+                               "class='tableheader2'", "class='tableheader'");
+            }
+               if (check_value('Module'.$m)) {
+                               alt_table_row_color($k);
+                               check_cells($descr, 'Area'.$area, null, 
+                                       false, '', "align='center'");
+                       end_row();
+               } else {
+                       hidden('Area'.$area);
+               }
+        }
+       end_table(1);
+div_end();
+
+div_start('controls');
+if ($new_role) 
+{
+       submit_center('addupdate', _("Insert New Role"), true, '', 'default');
+} 
+else 
+{
+       submit_center_first('addupdate', _("Update Role"), '', 'default');
+       submit('clone', _("Clone This Role"), true, '', true);
+       submit('delete', _("Delete This Role"), true, '', true);
+       submit_center_last('cancel', _("Cancel"), _("Cancel Edition"), 'cancel');
+}
+
+div_end();
+
+end_form();
+end_page();
+
+?>

diff --git a/includes/access_levels.inc b/includes/access_levels.inc
index 5e807ecda9d95b5c3f8ba9a27668c3ba5953a938..5067b6ec7b6289421e73f80c1e415f4aeb6e6dbb 100644 (file)
--- a/includes/access_levels.inc
+++ b/includes/access_levels.inc
@@ -10,6 +10,29 @@
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
 //
+/*
+       This table is introduced only for additional grouping of sales areas,
+       and should be consistent with convention used above.
+*/
+
+define('SM_SALES', 1<<8);
+define('SM_PURCH', 2<<8);
+define('SM_ITEMS', 3<<8);
+define('SM_MANUF', 4<<8);
+define('SM_DIM', 5<<8);
+define('SM_GL', 6<<8);
+define('SM_SETUP', 7<<8);
+
+$security_modules = array(
+ SM_SALES => _("Sales"),
+ SM_PURCH => _("Purchases"),
+ SM_ITEMS => _("Items and Inventory"),
+ SM_MANUF => _("Manufacturing"),
+ SM_DIM => _("Dimensions"),
+ SM_GL => _("Banking & General Ledger"),
+ SM_SETUP => _("Setup")
+);
+
 //     Access areas used in FrontAccounting. 
 //     Constants defined below should be used wherever access rights for current
 //     user are checked. Set of allowed access areas is retrieved during login from
@@ -19,135 +42,135 @@
 //----------------------------------------------------------------------------------
 // Sales module
 //
-define('SA_CUSTOMER', 101);
-define('SA_SALESGROUP', 102);
-define('SA_PRICE', 103);
-define('SA_SALESMAN', 104);
-define('SA_SALESAREA', 105);
-define('SA_STATUS', 106);
-define('SA_STEMPLATE', 107);
-define('SA_SRECCURENT', 108);
+define('SA_CUSTOMER',  SM_SALES|1);
+define('SA_SALESGROUP',        SM_SALES|2);
+define('SA_PRICE',             SM_SALES|3);
+define('SA_SALESMAN',  SM_SALES|4);
+define('SA_SALESAREA',         SM_SALES|5);
+define('SA_STATUS',    SM_SALES|6);
+define('SA_STEMPLATE',         SM_SALES|7);
+define('SA_SRECURRENT', SM_SALES|8);
 
-define('SA_SALESORDER', 111);
-define('SA_SALESDELIVERY', 112);
-define('SA_SALESINVOICE', 113);
-define('SA_SALESCREDITINV', 114);
-define('SA_SALESCREDIT', 115);
-define('SA_SALESPAYMNT', 116);
+define('SA_SALESORDER',        SM_SALES|11);
+define('SA_SALESDELIVERY',     SM_SALES|12);
+define('SA_SALESINVOICE',      SM_SALES|13);
+define('SA_SALESCREDITINV', SM_SALES|14);
+define('SA_SALESCREDIT',       SM_SALES|15);
+define('SA_SALESPAYMNT',       SM_SALES|16);
 
-define('SA_SALESALLOC', 121);
-define('SA_SALESANALYTIC', 122);
-define('SA_SALESMANREP', 123);
-define('SA_SALESVARREP', 124);
+define('SA_SALESALLOC', SM_SALES|21);
+define('SA_SALESANALYTIC', SM_SALES|22);
+define('SA_SALESMANREP', SM_SALES|23);
+define('SA_SALESVARREP', SM_SALES|24);
 
 //
 // Purchasing module 
 //
-define('SA_SUPPLIER', 201);
+define('SA_SUPPLIER', SM_PURCH|1);
 
-define('SA_PURCHASEORDER', 211);
-define('SA_GRN', 212);
-define('SA_SUPPLIERINVOICE', 213);
-define('SA_SUPPLIERCREDIT', 214);
-define('SA_SUPPLIERPAYMNT', 215);
+define('SA_PURCHASEORDER', SM_PURCH|11);
+define('SA_GRN', SM_PURCH|12);
+define('SA_SUPPLIERINVOICE', SM_PURCH|13);
+define('SA_SUPPLIERCREDIT', SM_PURCH|14);
+define('SA_SUPPLIERPAYMNT', SM_PURCH|15);
 
-define('SA_SUPPLIERALLOC', 221);
-define('SA_SUPPLIERANALYTIC', 222);
-define('SA_SUPPLIERMANREP', 223);
-define('SA_SUPPLIERVARREP', 224);
+define('SA_SUPPLIERALLOC', SM_PURCH|21);
+define('SA_SUPPLIERANALYTIC', SM_PURCH|22);
+define('SA_SUPPLIERMANREP', SM_PURCH|23);
+define('SA_SUPPLIERVARREP', SM_PURCH|24);
 
 //
 // Inventory module 
 //
-define('SA_ITEM', 301);
-define('SA_FORITEMCODE', 302);
-define('SA_SALESKIT', 303);
-define('SA_ITEMCATEGORY', 304);
-define('SA_INVENTORYLOCATION', 305);
-define('SA_INVENTORYMOVETYPE', 306);
-define('SA_ITEMTAXTYPE', 307);
-define('SA_UOM', 308);
-define('SA_REORDER', 309);
+define('SA_ITEM', SM_ITEMS|1);
+define('SA_FORITEMCODE', SM_ITEMS|2);
+define('SA_SALESKIT', SM_ITEMS|3);
+define('SA_ITEMCATEGORY', SM_ITEMS|4);
+define('SA_INVENTORYLOCATION', SM_ITEMS|5);
+define('SA_INVENTORYMOVETYPE', SM_ITEMS|6);
+define('SA_ITEMTAXTYPE', SM_ITEMS|7);
+define('SA_UOM', SM_ITEMS|8);
+define('SA_REORDER', SM_ITEMS|9);
 
-define('SA_LOCATIONTRANSFER', 311);
-define('SA_INVENTORYADJUSTMENT', 312);
+define('SA_LOCATIONTRANSFER', SM_ITEMS|11);
+define('SA_INVENTORYADJUSTMENT', SM_ITEMS|12);
 
-define('SA_ITEMSANALYTIC', 321);
-define('SA_ITEMSMANREP', 322);
-define('SA_ITEMSVARREP', 323);
+define('SA_ITEMSANALYTIC', SM_ITEMS|21);
+define('SA_ITEMSMANREP', SM_ITEMS|22);
+define('SA_ITEMSVARREP', SM_ITEMS|23);
 
-define('SA_SALESPRICING', 331);
-define('SA_PURCHASEPRICING', 332);
-define('SA_STANDARDCOST', 333);
+define('SA_SALESPRICING', SM_ITEMS|31);
+define('SA_PURCHASEPRICING', SM_ITEMS|32);
+define('SA_STANDARDCOST', SM_ITEMS|33);
 
 //
 // Manufacturing module 
 //
-define('SA_BOM', 401);
-define('SA_WORKCENTRE', 402);
+define('SA_BOM', SM_MANUF|1);
+define('SA_WORKCENTRE', SM_MANUF|2);
 
-define('SA_WORKORDERENTRY', 411);
-define('SA_WORKORDEROPERATION', 412);
+define('SA_WORKORDERENTRY', SM_MANUF|11);
+define('SA_WORKORDEROPERATION', SM_MANUF|12);
 
-define('SA_WORKORDERANALYTIC', 421);
-define('SA_WORKORDERMANREP', 422);
-define('SA_WORKORDERVARREP', 423);
+define('SA_WORKORDERANALYTIC', SM_MANUF|21);
+define('SA_WORKORDERMANREP', SM_MANUF|22);
+define('SA_WORKORDERVARREP', SM_MANUF|23);
 
 //
 // Dimension module 
 //
-define('SA_DIMENSION', 501);
+define('SA_DIMENSION', SM_DIM|1);
 
-define('SA_DIMENTIONOPERATION', 511);
+define('SA_DIMENSIONOPERATION', SM_DIM|11);
 
-define('SA_DIMENSIONANALYTIC', 521);
-define('SA_DIMENSIONMANREP', 522);
-define('SA_DIMENSIONVARREP', 523);
+define('SA_DIMENSIONANALYTIC', SM_DIM|21);
+define('SA_DIMENSIONMANREP', SM_DIM|22);
+define('SA_DIMENSIONVARREP', SM_DIM|23);
 
 //
 // Banking and General Ledger module 
 //
-define('SA_BANKACCOUNT', 601);
-define('SA_QUICKENTRY', 602);
-define('SA_CURRENCY', 603);
-define('SA_EXCHANGERATE', 604);
-define('SA_GLACCOUNT', 605);
-define('SA_GLACCOUNTGROUP', 606);
-define('SA_GLACCOUNTCLASS', 607);
+define('SA_BANKACCOUNT', SM_GL|1);
+define('SA_QUICKENTRY', SM_GL|2);
+define('SA_CURRENCY', SM_GL|3);
+define('SA_EXCHANGERATE', SM_GL|4);
+define('SA_GLACCOUNT', SM_GL|5);
+define('SA_GLACCOUNTGROUP', SM_GL|6);
+define('SA_GLACCOUNTCLASS', SM_GL|7);
 
-define('SA_PAYMENT', 611);
-define('SA_DEPOSIT', 612);
-define('SA_BANKACCOUNTTRANSFER', 613);
-define('SA_JOURNALENTRY', 614);
-define('SA_BUDGETENTRY', 615);
-define('SA_RECONCILE', 616);
+define('SA_PAYMENT', SM_GL|11);
+define('SA_DEPOSIT', SM_GL|12);
+define('SA_BANKACCOUNTTRANSFER', SM_GL|13);
+define('SA_JOURNALENTRY', SM_GL|14);
+define('SA_BUDGETENTRY', SM_GL|15);
+define('SA_RECONCILE', SM_GL|16);
 
-define('SA_GLANALYTIC', 621);
-define('SA_GLMANREP', 622);
-define('SA_GLVARREP', 623);
+define('SA_GLANALYTIC', SM_GL|21);
+define('SA_GLMANREP', SM_GL|22);
+define('SA_GLVARREP', SM_GL|23);
 
 //
 // Setup module 
 //
-define('SA_SETUPCOMPANY', 701);
-define('SA_SETUPUSER', 702);
-define('SA_SETUPFORM', 703);
-define('SA_SETUPTAX', 704);
-define('SA_SETUPFISCALYEAR', 705);
-define('SA_PRINTPROFILE', 706);
-define('SA_PAYMENTTERM', 707);
-define('SA_SHIPPING', 708);
-define('SA_SETUPPOS', 709);
-define('SA_SETUPPRINTER', 710);
+define('SA_SETUPCOMPANY', SM_SETUP|1);
+define('SA_SETUPUSER', SM_SETUP|2);
+define('SA_SETUPFORM', SM_SETUP|3);
+define('SA_SETUPTAX', SM_SETUP|4);
+define('SA_SETUPFISCALYEAR', SM_SETUP|5);
+define('SA_PRINTPROFILE', SM_SETUP|6);
+define('SA_PAYMENTTERM', SM_SETUP|7);
+define('SA_SHIPPING', SM_SETUP|8);
+define('SA_SETUPPOS', SM_SETUP|9);
+define('SA_SETUPPRINTER', SM_SETUP|10);
 
-define('SA_VOIDTRANSACTION', 711);
-define('SA_VIEWPRINTTRANSACTION', 712);
-define('SA_ATTACHDOCUMENT', 713);
-define('SA_BACKUP', 714);
-define('SA_CREATECOMPANY', 715);
-define('SA_CREATELANGUAGE', 716);
-define('SA_CREATEMODULES', 717);
-define('SA_SORTWAREUPGRADE', 718);
+define('SA_VOIDTRANSACTION', SM_SETUP|11);
+define('SA_VIEWPRINTTRANSACTION', SM_SETUP|12);
+define('SA_ATTACHDOCUMENT', SM_SETUP|13);
+define('SA_BACKUP', SM_SETUP|14);
+define('SA_CREATECOMPANY', SM_SETUP|15);
+define('SA_CREATELANGUAGE', SM_SETUP|16);
+define('SA_CREATEMODULES', SM_SETUP|17);
+define('SA_SOFTWAREUPGRADE', SM_SETUP|18);
 
 /*
        This table stores security area ranges. It is used by security_role 
@@ -222,7 +245,7 @@ $security_areas = array(
        // database table crud operations and administrative areas
        SA_DIMENSION => _("Dimensions"),
        // documents, transactions entry
-       SA_DIMENSiONOPERATION => _("Dimension Operations"),
+       SA_DIMENSIONOPERATION => _("Dimension Operations"),
        // maintenance and analytics
        SA_DIMENSIONANALYTIC => _("Dimension analytical reports and inquiries"),
                _("Dimension Reports"),
@@ -265,6 +288,6 @@ $security_areas = array(
                _("Install/Update Companies"),
                _("Install/Update Languages"),
                _("Install/Upgrade Modules"),
-               _("Software Upgrades"),
+               _("Software Upgrades")
 );
 ?>
\ No newline at end of file

diff --git a/includes/ui/ui_lists.inc b/includes/ui/ui_lists.inc
index e409ce6360a08eaa1b5c3751c67170446e92f814..320e13cfad2230d3b11fd212c7565dcb1ea8d1c8 100644 (file)
--- a/includes/ui/ui_lists.inc
+++ b/includes/ui/ui_lists.inc
@@ -2096,5 +2096,43 @@ function class_types_list_row($label, $name, $selected_id=null, $submit_on_chang
        echo "</td></tr>\n";
 }
 
+//------------------------------------------------------------------------------------------------
+
+function security_roles_list($name, $selected_id=null, $new_item=false, $submit_on_change=false,
+       $show_inactive = false)
+{
+       global $all_items;
+
+       $sql = "SELECT id, role, inactive FROM ".TB_PREF."security_roles";
+
+return combo_input($name, $selected_id, $sql, 'id', 'description',
+       array(
+               'spec_option'=>$new_item ? _("New role") : false,
+               'spec_id' => '',
+               'select_submit'=> $submit_on_change,
+               'show_inactive' => $show_inactive
+       ) );
+}
+
+function security_roles_list_cells($label, $name, $selected_id=null, $new_item=false, $submit_on_change=false,
+       $show_inactive = false)
+{
+       if ($label != null)
+               echo "<td>$label</td>\n";
+       echo "<td>";
+       $str = security_roles_list($name, $selected_id, $new_item, $submit_on_change, $show_inactive);
+       echo "</td>\n";
+       return $str;
+}
+
+function security_roles_list_row($label, $name, $selected_id=null, $new_item=false, $submit_on_change=false,
+       $show_inactive = false)
+{
+       echo "<tr>";
+       $str = security_roles_list_cells($label, $name, $selected_id, $new_item, $submit_on_change, $show_inactive);
+       echo "</tr>\n";
+       return $str;
+}
+
 
 ?>
\ No newline at end of file

diff --git a/sql/alter2.2.sql b/sql/alter2.2.sql
index 3ea59ce2538420144e3ccd3d4d932c0bec10b126..f8848998eee393db88b8e93470b541bae1cf5a30 100644 (file)
--- a/sql/alter2.2.sql
+++ b/sql/alter2.2.sql
@@ -81,3 +81,14 @@ ALTER TABLE `0_suppliers` ADD COLUMN `supp_ref` varchar(30) NOT NULL;
 UPDATE `0_suppliers` SET `supp_ref`=`supp_name` WHERE 1; 
 ALTER TABLE `0_cust_branch` ADD COLUMN `branch_ref`    varchar(30) NOT NULL;
 UPDATE `0_cust_branch` SET `branch_ref`=`br_name` WHERE 1; 
+
+CREATE TABLE `0_security_roles` (
+  `id` int(11) NOT NULL auto_increment,
+  `role` varchar(20) NOT NULL,
+  `description` varchar(50) default NULL,
+  `modules` text,
+  `areas` text,
+  `inactive` tinyint(1) NOT NULL default '0',
+  PRIMARY KEY  (`id`),
+  UNIQUE KEY `role` (`role`)
+) TYPE=MyISAM AUTO_INCREMENT=8 AUTO_INCREMENT=8 ;

diff --git a/sql/en_US-demo.sql b/sql/en_US-demo.sql
index 88dba3aba755a761a044c513a62fecaabcba527f..2f1599483d6e22a84af628d1d420ec1196878359 100644 (file)
--- a/sql/en_US-demo.sql
+++ b/sql/en_US-demo.sql
@@ -2026,3 +2026,23 @@ INSERT INTO `0_workorders` VALUES ('4', '4', 'DEF', '4', '3400', '2009-06-21', '
 INSERT INTO `0_workorders` VALUES ('5', '5', 'DEF', '5', '3400', '2009-06-21', '0', '2009-06-21', '2009-06-21', '5', '1', '1', '10');
 INSERT INTO `0_workorders` VALUES ('6', '6', 'DEF', '-5', '3400', '2009-06-21', '1', '2009-06-21', '2009-06-21', '-5', '1', '1', '0');
 INSERT INTO `0_workorders` VALUES ('7', '7', 'DEF', '-2', '3400', '2009-06-21', '1', '2009-06-21', '2009-06-21', '-2', '1', '1', '10');
+
+DROP TABLE IF EXISTS `0_security_roles`;
+
+CREATE TABLE `0_security_roles` (
+  `id` int(11) NOT NULL auto_increment,
+  `role` varchar(20) NOT NULL,
+  `description` varchar(50) default NULL,
+  `modules` text,
+  `areas` text,
+  `inactive` tinyint(1) NOT NULL default '0',
+  PRIMARY KEY  (`id`),
+  UNIQUE KEY `role` (`role`)
+) ENGINE=MyISAM AUTO_INCREMENT=8 DEFAULT CHARSET=latin1 AUTO_INCREMENT=8 ;
+
+
+### Data of table `0_security_roles` ###
+
+INSERT INTO `0_security_roles` VALUES ('2', 'System Admin', 'Full system access', '256;512;768;1024;1280;1536;1792', '257;258;259;260;261;262;263;264;267;268;269;270;271;272;277;278;279;280;513;523;524;525;526;527;533;534;535;536;769;770;771;772;773;774;775;776;777;779;780;789;790;791;799;800;801;1025;1026;1035;1036;1045;1046;1047;1281;1291;1301;1302;1303;1537;1538;1539;1540;1541;1542;1543;1547;1548;1549;1550;1551;1552;1557;1558;1559;1793;1794;1795;1796;1797;1798;1799;1800;1801;1802;1803;1804;1805;1806;1807;1808;1809;1810', '0');
+INSERT INTO `0_security_roles` VALUES ('7', 'Accountant', 'Accounting features and most non-admin options', '256;512;768;1024;1280;1536;1792', '257;258;263;264;267;268;269;270;271;272;277;278;279;280;513;523;524;525;526;527;533;534;535;536;769;770;771;772;773;774;775;776;777;779;780;789;790;791;799;800;801;1026;1045;1046;1047;1291;1301;1302;1538;1547;1548;1549;1550;1552;1557;1558;1559;1796;1804;1805', '0');
+INSERT INTO `0_security_roles` VALUES ('6', 'Sub Admin', 'Near full system access', '256;512;768;1024;1280;1536;1792', '257;258;263;264;267;268;269;270;271;272;277;278;279;280;513;523;524;525;526;527;533;534;535;536;769;770;771;772;773;774;775;776;777;779;780;789;790;791;799;800;801;1026;1045;1046;1047;1291;1301;1302;1538;1547;1548;1549;1550;1552;1557;1558;1559;1796;1804;1805', '0');