diff --git a/ChangeLog b/ChangeLog index 15c1dc404f5..74b35ce985a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,7 @@ English Dolibarr ChangeLog For developers: NEW: Add a lot of API REST: dictionaryevents, memberstypes, ... +NEW: Big refactorization of multicompany transverse mode WARNING: @@ -21,6 +22,7 @@ Following changes may create regression for some external modules, but were nece * Removed Societe::set_commnucation_level (was deprecated in 4.0). Was not used. * Removed the trigger file of PAYPAL module that stored data that was not used by Dolibarr. The trigger event still exists, but if an external module need action on it, it must provides itself its trigger file. +* Use $conf->global->MULTICOMPANY_TRANSVERSE_MODE instead $conf->multicompany->transverse_mode ***** ChangeLog for 5.0.3 compared to 5.0.2 ***** FIX: #6677 Expired contracts dashboard box does not show the name of the thirdparty diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index c76c35dfdeb..03e4a0ec9f3 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -235,7 +235,7 @@ $sql = "SELECT b.rowid, b.box_id, b.position, b.box_order,"; $sql.= " bd.rowid as boxid"; $sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as bd"; $sql.= " WHERE b.box_id = bd.rowid"; -$sql.= " AND b.entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; +$sql.= " AND b.entity IN (0,".$conf->entity.")"; $sql.= " AND b.fk_user=0"; $sql.= " ORDER by b.position, b.box_order"; @@ -342,7 +342,7 @@ print "\n"; $var=true; foreach($boxtoadd as $box) { - + if (preg_match('/^([^@]+)@([^@]+)$/i',$box->boximg)) { @@ -479,7 +479,7 @@ print ''; // Activate FileCache - Developement if ($conf->global->MAIN_FEATURES_LEVEL == 2 || ! empty($conf->global->MAIN_ACTIVATE_FILECACHE)) { - + print ''.$langs->trans("EnableFileCache").''; print $form->selectyesno('MAIN_ACTIVATE_FILECACHE',$conf->global->MAIN_ACTIVATE_FILECACHE,1); print ''; diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php index 0c7ed656d9f..7528fb09115 100644 --- a/htdocs/admin/perms.php +++ b/htdocs/admin/perms.php @@ -131,7 +131,7 @@ print ''; $sql = "SELECT r.id, r.libelle, r.module, r.perms, r.subperms, r.bydefault"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r"; $sql.= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" -$sql.= " AND entity IN (".(! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; +$sql.= " AND entity = ".$conf->entity; if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql.= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is not enabled $sql.= " ORDER BY r.module, r.id"; @@ -185,7 +185,7 @@ if ($result) print "\n"; } - + print ''; print ''; } - + // Background color THEME_ELDY_BACKBODY if ($foruserprofile) { @@ -508,7 +480,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) else print ''; } if ($edit) print '
('.$langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis").')'; - print '';*/ + print '';*/ } else { @@ -530,7 +502,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) print $form->textwithpicto('', $langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis")); print ''; } - + // TopMenuBackgroundColor if ($foruserprofile) { @@ -553,13 +525,13 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) else print ''; } if ($edit) print '
('.$langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis").')'; - print '';*/ + print '';*/ } else { $default='5a6482'; if ($conf->theme == 'md') $default='5a3278'; - + print ''; print ''; print ''; } - + // BackgroundTableTitleColor if ($foruserprofile) { - - + + } else - { + { print ''; print ''; print ''; print ''; print ''; } - + // BackgroundTableLineEvenColor if ($foruserprofile) { - + } else { $default='f8f8f8'; if ($conf->theme == 'md') $default='f8f8f8'; - + print ''; print ''; print ''; } - + // TextTitleColor if ($foruserprofile) { - - + + } else { @@ -681,12 +653,12 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) } print '   ('.$langs->trans("Default").': 3c3c14) '; print $form->textwithpicto('', $langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis")); - + print ''; - + print ''; } - + // Text LinkColor if ($foruserprofile) { @@ -724,7 +696,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) { $color = colorArrayToHex(colorStringToArray($conf->global->THEME_ELDY_TEXTLINK,array()),''); if ($color) print ''; - else + else { //print ''; //print ''.$langs->trans("Default").''; @@ -735,7 +707,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) print $form->textwithpicto('', $langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis")); print ''; } - + // Use Hover if ($foruserprofile) { @@ -767,7 +739,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) { if ($conf->global->THEME_ELDY_USE_HOVER == '1') $color='edf4fb'; else $color = colorArrayToHex(colorStringToArray($conf->global->THEME_ELDY_USE_HOVER,array()),''); - if ($color) + if ($color) { if ($color != 'edf4fb') print ''; else print $langs->trans("Default"); @@ -779,7 +751,6 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) print ''; print ''; } - + print '
'.img_object('',$picto).' '.$objMod->getName(); print ' '; diff --git a/htdocs/conf/conf.php.example b/htdocs/conf/conf.php.example index 89e1458d4fd..356e76ba374 100644 --- a/htdocs/conf/conf.php.example +++ b/htdocs/conf/conf.php.example @@ -324,14 +324,4 @@ $dolibarr_nocsrfcheck='0'; // External module //############################## -// multicompany_transverse_mode -// Prerequisite: Need external module "multicompany" -// Pyramidal (0): The rights and groups are managed in each entity. Each user belongs to the entity he was created into. -// Transversal (1): The user is created and managed only into master entity but can login to all entities if he is admmin -// of entity or belongs to at least one user group created into entity. - -// Default value: 0 (pyramidal) -// Examples: -// $multicompany_transverse_mode='1'; - diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 578ed17049e..7a70549a2d1 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -2,7 +2,7 @@ /* Copyright (C) 2003-2007 Rodolphe Quiedeville * Copyright (C) 2003 Xavier Dutoit * Copyright (C) 2004-2016 Laurent Destailleur - * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2006 Jean Heimburger * * This program is free software; you can redistribute it and/or modify @@ -132,14 +132,7 @@ class Conf $sql = "SELECT ".$db->decrypt('name')." as name,"; $sql.= " ".$db->decrypt('value')." as value, entity"; $sql.= " FROM ".MAIN_DB_PREFIX."const"; - if (! empty($this->multicompany->transverse_mode)) - { - $sql.= " WHERE entity IN (0,1,".$this->entity.")"; - } - else - { - $sql.= " WHERE entity IN (0,".$this->entity.")"; - } + $sql.= " WHERE entity IN (0,".$this->entity.")"; $sql.= " ORDER BY entity"; // This is to have entity 0 first, then entity 1 that overwrite. $resql = $db->query($sql); @@ -320,7 +313,7 @@ class Conf // For backward compatibility $this->user->dir_output=$rootforuser."/users"; $this->user->dir_temp=$rootforuser."/users/temp"; - + // UserGroup $this->usergroup->dir_output=$rootforuser."/usergroups"; $this->usergroup->dir_temp=$rootforuser."/usergroups/temp"; @@ -386,13 +379,13 @@ class Conf $this->global->MAIN_ACTIVATE_HTML5=1; $this->global->MAIN_MAIL_USE_MULTI_PART=1; - + // societe if (empty($this->global->SOCIETE_CODECLIENT_ADDON)) $this->global->SOCIETE_CODECLIENT_ADDON="mod_codeclient_leopard"; if (empty($this->global->SOCIETE_CODECOMPTA_ADDON)) $this->global->SOCIETE_CODECOMPTA_ADDON="mod_codecompta_panicum"; if (empty($this->global->CHEQUERECEIPTS_ADDON)) $this->global->CHEQUERECEIPTS_ADDON='mod_chequereceipt_mint'; - + // Security if (empty($this->global->USER_PASSWORD_GENERATED)) $this->global->USER_PASSWORD_GENERATED='standard'; // Default password generator if (empty($this->global->MAIN_UMASK)) $this->global->MAIN_UMASK='0664'; // Default mask @@ -425,7 +418,7 @@ class Conf $this->currency=$this->global->MAIN_MONNAIE; if (empty($conf->global->MAIN_BROWSER_NOTIFICATION_FREQUENCY)) $conf->global->MAIN_BROWSER_NOTIFICATION_FREQUENCY = 30; // Less than 1 minutes to be sure - + // conf->global->ACCOUNTING_MODE = Option des modules Comptabilites (simple ou expert). Defini le mode de calcul des etats comptables (CA,...) if (empty($this->global->ACCOUNTING_MODE)) $this->global->ACCOUNTING_MODE='RECETTES-DEPENSES'; // By default. Can be 'RECETTES-DEPENSES' ou 'CREANCES-DETTES' @@ -434,7 +427,7 @@ class Conf // MAIN_HTML_TITLE if (! isset($this->global->MAIN_HTML_TITLE)) $this->global->MAIN_HTML_TITLE='noapp,thirdpartynameonly,contactnameonly,projectnameonly'; - + // conf->liste_limit = constante de taille maximale des listes if (empty($this->global->MAIN_SIZE_LISTE_LIMIT)) $this->global->MAIN_SIZE_LISTE_LIMIT=25; $this->liste_limit=$this->global->MAIN_SIZE_LISTE_LIMIT; @@ -461,7 +454,7 @@ class Conf $this->mailing->email_from=$this->email_from; if (! empty($this->global->MAILING_EMAIL_FROM)) $this->mailing->email_from=$this->global->MAILING_EMAIL_FROM; if (! isset($this->global->MAIN_EMAIL_ADD_TRACK_ID)) $this->global->MAIN_EMAIL_ADD_TRACK_ID=1; - + // Format for date (used by default when not found or not searched in lang) $this->format_date_short="%d/%m/%Y"; // Format of day with PHP/C tags (strftime functions) $this->format_date_short_java="dd/MM/yyyy"; // Format of day with Java tags @@ -485,7 +478,7 @@ class Conf // Default pdf option if (! isset($this->global->MAIN_PDF_DASH_BETWEEN_LINES)) $this->global->MAIN_PDF_DASH_BETWEEN_LINES=1; // use dash between lines if (! isset($this->global->PDF_ALLOW_HTML_FOR_FREE_TEXT)) $this->global->PDF_ALLOW_HTML_FOR_FREE_TEXT=1; // allow html content into free footer text - + // Set default value to MAIN_SHOW_LOGO if (! isset($this->global->MAIN_SHOW_LOGO)) $this->global->MAIN_SHOW_LOGO=1; @@ -500,7 +493,7 @@ class Conf // By default, we open card if one found if (! isset($this->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE)) $this->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE=1; - + // Define list of limited modules (value must be key found for "name" property of module, so for example 'supplierproposal' for Module "Supplier Proposal" if (! isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) $this->global->MAIN_MODULES_FOR_EXTERNAL='user,societe,propal,commande,facture,categorie,supplierproposal,fournisseur,contact,projet,contrat,ficheinter,expedition,agenda,resource,adherent'; // '' means 'all'. Note that contact is added here as it should be a module later. @@ -568,12 +561,12 @@ class Conf $this->expensereport->payment = new stdClass(); $this->expensereport->payment->warning_delay=(isset($this->global->MAIN_DELAY_EXPENSEREPORTS_TO_PAY)?$this->global->MAIN_DELAY_EXPENSEREPORTS_TO_PAY:0)*24*60*60; } - + if (! empty($this->global->PRODUIT_MULTIPRICES) && empty($this->global->PRODUIT_MULTIPRICES_LIMIT)) { $this->global->PRODUIT_MULTIPRICES_LIMIT = 5; } - + // For modules that want to disable top or left menu if (! empty($this->global->MAIN_HIDE_TOP_MENU)) $this->dol_hide_topmenu=$this->global->MAIN_HIDE_TOP_MENU; if (! empty($this->global->MAIN_HIDE_LEFT_MENU)) $this->dol_hide_leftmenu=$this->global->MAIN_HIDE_LEFT_MENU; @@ -585,7 +578,7 @@ class Conf { $conf->global->AGENDA_DEFAULT_FILTER_TYPE='0'; // 'AC_NON_AUTO' does not exists when AGENDA_DEFAULT_FILTER_TYPE is not on. } - + // For backward compatibility if (isset($this->product)) $this->produit=$this->product; if (isset($this->facture)) $this->invoice=$this->facture; @@ -633,7 +626,7 @@ class Conf $this->loghandlers[$handler] = $loghandlerinstance; } } - + } } diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index b14f72a1b7b..52f46ba6863 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -1468,7 +1468,7 @@ class Form } else { - if (! empty($conf->multicompany->transverse_mode)) + if (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " ON ug.fk_user = u.rowid"; @@ -1565,7 +1565,7 @@ class Form $moreinfo++; } } - if (! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) + if (! empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { if ($obj->admin && ! $obj->entity) { @@ -6196,7 +6196,7 @@ class Form $out.= '>'; $out.= $obj->name; - if (! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1) + if (! empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1) { $out.= " (".$obj->label.")"; } diff --git a/htdocs/core/class/infobox.class.php b/htdocs/core/class/infobox.class.php index 419f31dca4d..e77a1196530 100644 --- a/htdocs/core/class/infobox.class.php +++ b/htdocs/core/class/infobox.class.php @@ -60,7 +60,7 @@ class InfoBox $sql.= " d.rowid as box_id, d.file, d.note, d.tms"; $sql.= " FROM ".MAIN_DB_PREFIX."boxes as b, ".MAIN_DB_PREFIX."boxes_def as d"; $sql.= " WHERE b.box_id = d.rowid"; - $sql.= " AND b.entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; + $sql.= " AND b.entity IN (0,".$conf->entity.")"; if ($zone >= 0) $sql.= " AND b.position = ".$zone; if (is_object($user)) $sql.= " AND b.fk_user IN (0,".$user->id.")"; else $sql.= " AND b.fk_user = 0"; @@ -70,9 +70,9 @@ class InfoBox { $sql = "SELECT d.rowid as box_id, d.file, d.note, d.tms"; $sql.= " FROM ".MAIN_DB_PREFIX."boxes_def as d"; - $sql.= " WHERE d.entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; + $sql.= " WHERE d.entity IN (0,".$conf->entity.")"; } - + dol_syslog(get_class()."::listBoxes get default box list for mode=".$mode." userid=".(is_object($user)?$user->id:'')."", LOG_DEBUG); $resql = $db->query($sql); if ($resql) diff --git a/htdocs/core/class/menubase.class.php b/htdocs/core/class/menubase.class.php index ed6b9929a32..a6770b57c37 100644 --- a/htdocs/core/class/menubase.class.php +++ b/htdocs/core/class/menubase.class.php @@ -508,7 +508,7 @@ class Menubase $sql = "SELECT m.rowid, m.type, m.module, m.fk_menu, m.fk_mainmenu, m.fk_leftmenu, m.url, m.titre, m.langs, m.perms, m.enabled, m.target, m.mainmenu, m.leftmenu, m.position"; $sql.= " FROM ".MAIN_DB_PREFIX."menu as m"; - $sql.= " WHERE m.entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; + $sql.= " WHERE m.entity IN (0,".$conf->entity.")"; $sql.= " AND m.menu_handler IN ('".$menu_handler."','all')"; if ($type_user == 0) $sql.= " AND m.usertype IN (0,2)"; if ($type_user == 1) $sql.= " AND m.usertype IN (1,2)"; diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index c3d8714ab89..b68d7706e43 100755 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -98,7 +98,7 @@ function dolGetModulesDirs($subdir='') while (($file = readdir($handle))!==false) { if (preg_match('/disabled/',$file)) continue; // We discard module if it contains disabled into name. - + if (is_dir($dirroot.'/'.$file) && substr($file, 0, 1) <> '.' && substr($file, 0, 3) <> 'CVS' && $file != 'includes') { if (is_dir($dirroot . '/' . $file . '/core/modules'.$subdir.'/')) @@ -207,7 +207,7 @@ function dol_print_object_info($object, $usetable=0) //print "x".$deltadateforserver." - ".$deltadateforclient." - ".$deltadateforuser; if ($usetable) print ''; - + // Import key if (! empty($object->import_key)) { @@ -378,7 +378,7 @@ function dol_print_object_info($object, $usetable=0) if ($usetable) print ''; else print '
'; } - + // Date approve if (! empty($object->date_approve2)) { @@ -391,7 +391,7 @@ function dol_print_object_info($object, $usetable=0) if ($usetable) print ''; else print '
'; } - + // User close if (! empty($object->user_cloture)) { @@ -476,7 +476,7 @@ function dol_print_object_info($object, $usetable=0) if ($usetable) print ''; else print '
'; } - + if ($usetable) print '
'; } @@ -799,7 +799,7 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m if(!empty($user->array_options['options_'.$extra])){ $mask = preg_replace('#('.$start.')(.*?)('.$end.')#si', $user->array_options['options_'.$extra], $mask); } - } + } $maskwithonlyymcode=$mask; $maskwithonlyymcode=preg_replace('/\{(0+)([@\+][0-9\-\+\=]+)?([@\+][0-9\-\+\=]+)?\}/i',$maskcounter,$maskwithonlyymcode); $maskwithonlyymcode=preg_replace('/\{dd\}/i','dd',$maskwithonlyymcode); @@ -928,11 +928,11 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m //print "masktri=".$masktri." maskcounter=".$maskcounter." maskraz=".$maskraz." maskoffset=".$maskoffset."
\n"; // Define $sqlstring - if (function_exists('mb_strrpos')) + if (function_exists('mb_strrpos')) { $posnumstart=mb_strrpos($maskwithnocode,$maskcounter, 'UTF-8'); - } - else + } + else { $posnumstart=strrpos($maskwithnocode,$maskcounter); } // Pos of counter in final string (from 0 to ...) @@ -1123,7 +1123,7 @@ function get_string_between($string, $start, $end){ $string = " ".$string; $ini = strpos($string,$start); if ($ini == 0) return ""; - $ini += strlen($start); + $ini += strlen($start); $len = strpos($string,$end,$ini) - $ini; return substr($string,$ini,$len); } @@ -1539,9 +1539,9 @@ function getListOfModels($db,$type,$maxfilenamelength=0) $sql = "SELECT nom as id, nom as lib, libelle as label, description as description"; $sql.= " FROM ".MAIN_DB_PREFIX."document_model"; $sql.= " WHERE type = '".$type."'"; - $sql.= " AND entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; + $sql.= " AND entity IN (0,".$conf->entity.")"; $sql.= " ORDER BY description DESC"; - + dol_syslog('/core/lib/function2.lib.php::getListOfModels', LOG_DEBUG); $resql = $db->query($sql); if ($resql) @@ -1625,7 +1625,7 @@ function getListOfModels($db,$type,$maxfilenamelength=0) /** * This function evaluates a string that should be a valid IPv4 * Note: For ip 169.254.0.0, it returns 0 with some PHP (5.6.24) and 2 with some minor patchs of PHP (5.6.25). See https://github.com/php/php-src/pull/1954. - * + * * @param string $ip IP Address * @return int 0 if not valid or reserved range, 1 if valid and public IP, 2 if valid and private range IP */ diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php index 1c919237f44..f39e6ecd628 100644 --- a/htdocs/core/lib/usergroups.lib.php +++ b/htdocs/core/lib/usergroups.lib.php @@ -1,6 +1,6 @@ - * Copyright (C) 2010-2012 Regis Houssin + * Copyright (C) 2010-2017 Regis Houssin * Copyright (C) 2015 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify @@ -76,7 +76,7 @@ function user_prepare_head($object) { if (empty($conf->global->AGENDA_EXT_NB)) $conf->global->AGENDA_EXT_NB=5; $MAXAGENDA=$conf->global->AGENDA_EXT_NB; - + $i=1; $nbagenda = 0; while ($i <= $MAXAGENDA) @@ -87,10 +87,10 @@ function user_prepare_head($object) $offsettz='AGENDA_EXT_OFFSETTZ_'.$object->id.'_'.$key; $color='AGENDA_EXT_COLOR_'.$object->id.'_'.$key; $i++; - + if (! empty($object->conf->$name)) $nbagenda++; } - + $head[$h][0] = DOL_URL_ROOT.'/user/agenda_extsites.php?id='.$object->id; $head[$h][1] = $langs->trans("ExtSites").($nbagenda ? ' '.$nbagenda.'' : ''); $head[$h][2] = 'extsites'; @@ -238,8 +238,6 @@ function group_prepare_head($object) return $head; } - - /** * Prepare array with list of tabs * @@ -283,32 +281,6 @@ function user_admin_prepare_head() return $head; } - - -/** - * Prepare array with list of tabs - * - * @param Object $object Object related to tabs - * @param array $aEntities Entities array - * @return array Array of tabs - */ -function entity_prepare_head($object, $aEntities) -{ - global $mc; - - $head = array(); - - foreach($aEntities as $entity) - { - $mc->getInfo($entity); - $head[$entity][0] = $_SERVER['PHP_SELF'].'?id='.$object->id.'&entity='.$entity; - $head[$entity][1] = $mc->label; - $head[$entity][2] = $entity; - } - - return $head; -} - /** * Show list of themes. Show all thumbs of themes * @@ -485,7 +457,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) print $form->textwithpicto('', $langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis")); print '
'.$langs->trans("TopMenuBackgroundColor").''; @@ -577,15 +549,15 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) print $form->textwithpicto('', $langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis")); print '
'.$langs->trans("BackgroundTableTitleColor").''; @@ -613,7 +585,7 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) { $default='ffffff'; if ($conf->theme == 'md') $default='ffffff'; - + print '
'.$langs->trans("BackgroundTableLineOddColor").''; @@ -631,17 +603,17 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) print $form->textwithpicto('', $langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis")); print '
'.$langs->trans("BackgroundTableLineEvenColor").''; @@ -659,12 +631,12 @@ function show_theme($fuser,$edit=0,$foruserprofile=false) print $form->textwithpicto('', $langs->trans("NotSupportedByAllThemes").', '.$langs->trans("PressF5AfterChangingThis")); print '
'; } - diff --git a/htdocs/core/login/functions_dolibarr.php b/htdocs/core/login/functions_dolibarr.php index daf82b2f995..190d779d90b 100644 --- a/htdocs/core/login/functions_dolibarr.php +++ b/htdocs/core/login/functions_dolibarr.php @@ -39,7 +39,7 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest= // Force master entity in transversal mode $entity=$entitytotest; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) $entity=1; + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $entity=1; $login=''; diff --git a/htdocs/core/login/functions_ldap.php b/htdocs/core/login/functions_ldap.php index c94312c8aa2..129bbcedf38 100644 --- a/htdocs/core/login/functions_ldap.php +++ b/htdocs/core/login/functions_ldap.php @@ -45,7 +45,7 @@ function check_user_password_ldap($usertotest,$passwordtotest,$entitytotest) // Force master entity in transversal mode $entity=$entitytotest; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) $entity=1; + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $entity=1; $login=''; $resultFetchUser=''; diff --git a/htdocs/core/menus/init_menu_auguria.sql b/htdocs/core/menus/init_menu_auguria.sql index 7a60f330727..a32d3ef6886 100644 --- a/htdocs/core/menus/init_menu_auguria.sql +++ b/htdocs/core/menus/init_menu_auguria.sql @@ -63,9 +63,9 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left -- Home - Menu users and groups insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '1', __HANDLER__, 'left', 400__+MAX_llx_menu__, 'home', 'users', 1__+MAX_llx_menu__, '/user/home.php?leftmenu=users', 'MenuUsersAndGroups', 0, 'users', '', '', 2, 4, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$leftmenu=="users"', __HANDLER__, 'left', 401__+MAX_llx_menu__, 'home', '', 400__+MAX_llx_menu__, '/user/index.php?leftmenu=users', 'Users', 1, 'users', '$user->rights->user->user->lire || $user->admin', '', 2, 0, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$leftmenu=="users"', __HANDLER__, 'left', 402__+MAX_llx_menu__, 'home', '', 401__+MAX_llx_menu__, '/user/card.php?leftmenu=users&action=create', 'NewUser', 2, 'users', '$user->rights->user->user->creer || $user->admin', '', 2, 0, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$leftmenu=="users"', __HANDLER__, 'left', 403__+MAX_llx_menu__, 'home', '', 400__+MAX_llx_menu__, '/user/group/index.php?leftmenu=users', 'Groups', 1, 'users', '($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->read:$user->rights->user->user->lire) || $user->admin', '', 2, 1, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$leftmenu=="users"', __HANDLER__, 'left', 404__+MAX_llx_menu__, 'home', '', 403__+MAX_llx_menu__, '/user/group/card.php?leftmenu=users&action=create', 'NewGroup', 2, 'users', '($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->write:$user->rights->user->user->creer) || $user->admin', '', 2, 0, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$leftmenu=="users"', __HANDLER__, 'left', 402__+MAX_llx_menu__, 'home', '', 401__+MAX_llx_menu__, '/user/card.php?leftmenu=users&action=create', 'NewUser', 2, 'users', '($user->rights->user->user->creer || $user->admin) && !(! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)', '', 2, 0, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$leftmenu=="users"', __HANDLER__, 'left', 403__+MAX_llx_menu__, 'home', '', 400__+MAX_llx_menu__, '/user/group/index.php?leftmenu=users', 'Groups', 1, 'users', '(($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->read:$user->rights->user->user->lire) || $user->admin) && !(! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)', '', 2, 1, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$leftmenu=="users"', __HANDLER__, 'left', 404__+MAX_llx_menu__, 'home', '', 403__+MAX_llx_menu__, '/user/group/card.php?leftmenu=users&action=create', 'NewGroup', 2, 'users', '(($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->write:$user->rights->user->user->creer) || $user->admin) && !(! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)', '', 2, 0, __ENTITY__); -- Third parties insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 500__+MAX_llx_menu__, 'companies', 'thirdparties', 2__+MAX_llx_menu__, '/societe/index.php?leftmenu=thirdparties', 'ThirdParty', 0, 'companies', '$user->rights->societe->lire', '', 2, 0, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 501__+MAX_llx_menu__, 'companies', '', 500__+MAX_llx_menu__, '/societe/card.php?action=create', 'MenuNewThirdParty', 1, 'companies', '$user->rights->societe->lire', '', 2, 0, __ENTITY__); @@ -211,7 +211,7 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->accounting->enabled', __HANDLER__, 'left', 2400__+MAX_llx_menu__, 'accountancy', 'accounting', 6__+MAX_llx_menu__, '/accountancy/index.php?leftmenu=accountancy', 'MenuAccountancy', 0, 'accountancy', '! empty($conf->accounting->enabled) || $user->rights->accounting->bind->write || $user->rights->accounting->bind->write || $user->rights->compta->resultat->lire', '', 0, 7, __ENTITY__); -- Setup insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->accounting->enabled', __HANDLER__, 'left', 2451__+MAX_llx_menu__, 'accountancy', 'accountancy_admin', 2400__+MAX_llx_menu__, '/accountancy/index.php?mainmenu=accountancy&leftmenu=accountancy_admin', 'Setup', 1, 'accountancy', '$user->rights->accounting->chartofaccount', '', 0, 1, __ENTITY__); - insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->accounting->enabled && $leftmenu=="accountancy_admin"', __HANDLER__, 'left', 2457__+MAX_llx_menu__, 'accountancy', 'accountancy_admin_journal', 2451__+MAX_llx_menu__, '/accountancy/admin/journals_list.php?id=35&mainmenu=accountancy&leftmenu=accountancy_admin', 'AccountingJournals', 2, 'accountancy', '$user->rights->accounting->chartofaccount', '', 0, 10, __ENTITY__); + insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->accounting->enabled && $leftmenu=="accountancy_admin"', __HANDLER__, 'left', 2454__+MAX_llx_menu__, 'accountancy', 'accountancy_admin_journal', 2451__+MAX_llx_menu__, '/accountancy/admin/journals_list.php?id=35&mainmenu=accountancy&leftmenu=accountancy_admin', 'AccountingJournals', 2, 'accountancy', '$user->rights->accounting->chartofaccount', '', 0, 10, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->accounting->enabled && $leftmenu=="accountancy_admin"', __HANDLER__, 'left', 2455__+MAX_llx_menu__, 'accountancy', 'accountancy_admin_chartmodel', 2451__+MAX_llx_menu__, '/accountancy/admin/account.php?mainmenu=accountancy&leftmenu=accountancy_admin', 'Pcg_version', 2, 'accountancy', '$user->rights->accounting->chartofaccount', '', 0, 20, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->accounting->enabled && $leftmenu=="accountancy_admin"', __HANDLER__, 'left', 2456__+MAX_llx_menu__, 'accountancy', 'accountancy_admin_chart', 2451__+MAX_llx_menu__, '/accountancy/admin/account.php?mainmenu=accountancy&leftmenu=accountancy_admin', 'Chartofaccounts', 2, 'accountancy', '$user->rights->accounting->chartofaccount', '', 0, 30, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->accounting->enabled && $leftmenu=="accountancy_admin"', __HANDLER__, 'left', 2457__+MAX_llx_menu__, 'accountancy', 'accountancy_admin_chart_group', 2451__+MAX_llx_menu__, '/accountancy/admin/categories_list.php?id=32&mainmenu=accountancy&leftmenu=accountancy_admin', 'AccountingCategory', 2, 'accountancy', '$user->rights->accounting->chartofaccount', '', 0, 40, __ENTITY__); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 38a9a66a137..af8bfff5f2c 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -597,12 +597,12 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu if ($usemenuhider || empty($leftmenu) || $leftmenu=="users") { $newmenu->add("", $langs->trans("Users"), 1, $user->rights->user->user->lire || $user->admin); - $newmenu->add("/user/card.php?leftmenu=users&action=create", $langs->trans("NewUser"),2, $user->rights->user->user->creer || $user->admin, '', 'home'); + $newmenu->add("/user/card.php?leftmenu=users&action=create", $langs->trans("NewUser"),2, ($user->rights->user->user->creer || $user->admin) && !(! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE), '', 'home'); $newmenu->add("/user/index.php?leftmenu=users", $langs->trans("ListOfUsers"), 2, $user->rights->user->user->lire || $user->admin); $newmenu->add("/user/hierarchy.php?leftmenu=users", $langs->trans("HierarchicView"), 2, $user->rights->user->user->lire || $user->admin); - $newmenu->add("", $langs->trans("Groups"), 1, $user->rights->user->user->lire || $user->admin); - $newmenu->add("/user/group/card.php?leftmenu=users&action=create", $langs->trans("NewGroup"), 2, ($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->write:$user->rights->user->user->creer) || $user->admin); - $newmenu->add("/user/group/index.php?leftmenu=users", $langs->trans("ListOfGroups"), 2, ($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->read:$user->rights->user->user->lire) || $user->admin); + $newmenu->add("", $langs->trans("Groups"), 1, ($user->rights->user->user->lire || $user->admin) && !(! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)); + $newmenu->add("/user/group/card.php?leftmenu=users&action=create", $langs->trans("NewGroup"), 2, (($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->write:$user->rights->user->user->creer) || $user->admin) && !(! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)); + $newmenu->add("/user/group/index.php?leftmenu=users", $langs->trans("ListOfGroups"), 2, (($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->read:$user->rights->user->user->lire) || $user->admin) && !(! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)); } } diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index 2bb2121411f..6d14f47af10 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -156,9 +156,6 @@ if (empty($dolibarr_main_limit_users)) $dolibarr_main_limit_users=0; if (empty($dolibarr_mailing_limit_sendbyweb)) $dolibarr_mailing_limit_sendbyweb=0; if (empty($dolibarr_mailing_limit_sendbycli)) $dolibarr_mailing_limit_sendbycli=0; if (empty($dolibarr_strict_mode)) $dolibarr_strict_mode=0; // For debug in php strict mode -// TODO Multicompany Remove this. Useless. -if (empty($multicompany_transverse_mode)) $multicompany_transverse_mode=0; -if (empty($multicompany_force_entity)) $multicompany_force_entity=0; // To force entity in login page // Security: CSRF protection // This test check if referrer ($_SERVER['HTTP_REFERER']) is same web site than Dolibarr ($_SERVER['HTTP_HOST']) diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index ba36d911971..c99ea6899a2 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1209,7 +1209,7 @@ class Holiday extends CommonObject $sql = "SELECT u.rowid"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " WHERE (ug.fk_user = u.rowid"; @@ -1305,7 +1305,7 @@ class Holiday extends CommonObject $sql = "SELECT u.rowid, u.lastname, u.firstname, u.gender, u.photo, u.employee, u.statut"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " WHERE (ug.fk_user = u.rowid"; diff --git a/htdocs/index.php b/htdocs/index.php index 5303587150e..90c014b0e99 100644 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -1,9 +1,9 @@ - * Copyright (C) 2004-2015 Laurent Destailleur - * Copyright (C) 2005-2015 Regis Houssin - * Copyright (C) 2011-2012 Juanjo Menent - * Copyright (C) 2015 Marcos García +/* Copyright (C) 2001-2004 Rodolphe Quiedeville + * Copyright (C) 2004-2015 Laurent Destailleur + * Copyright (C) 2005-2017 Regis Houssin + * Copyright (C) 2011-2012 Juanjo Menent + * Copyright (C) 2015 Marcos García * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -165,7 +165,7 @@ if (empty($user->societe_id)) DOL_DOCUMENT_ROOT."/contact/class/contact.class.php", DOL_DOCUMENT_ROOT."/adherents/class/adherent.class.php", DOL_DOCUMENT_ROOT."/product/class/product.class.php", - DOL_DOCUMENT_ROOT."/product/class/service.class.php", + DOL_DOCUMENT_ROOT."/product/class/product.class.php", DOL_DOCUMENT_ROOT."/comm/propal/class/propal.class.php", DOL_DOCUMENT_ROOT."/commande/class/commande.class.php", DOL_DOCUMENT_ROOT."/compta/facture/class/facture.class.php", diff --git a/htdocs/install/mysql/migration/5.0.0-6.0.0.sql b/htdocs/install/mysql/migration/5.0.0-6.0.0.sql index d7e68346511..e807c446830 100644 --- a/htdocs/install/mysql/migration/5.0.0-6.0.0.sql +++ b/htdocs/install/mysql/migration/5.0.0-6.0.0.sql @@ -379,3 +379,19 @@ create table llx_loan_schedule fk_user_modif integer )ENGINE=innodb; +ALTER TABLE llx_user_rights ADD COLUMN entity integer DEFAULT 1 NOT NULL AFTER rowid; +ALTER TABLE llx_user_rights DROP FOREIGN KEY fk_user_rights_fk_user_user; +ALTER TABLE llx_user_rights DROP INDEX uk_user_rights; +ALTER TABLE llx_user_rights DROP INDEX fk_user; +ALTER TABLE llx_user_rights ADD UNIQUE INDEX uk_user_rights (entity, fk_user, fk_id); +ALTER TABLE llx_user_rights ADD CONSTRAINT fk_user_rights_fk_user_user FOREIGN KEY (fk_user) REFERENCES llx_user (rowid); + +ALTER TABLE llx_usergroup_rights ADD COLUMN entity integer DEFAULT 1 NOT NULL AFTER rowid; +ALTER TABLE llx_usergroup_rights DROP FOREIGN KEY fk_usergroup_rights_fk_usergroup; +ALTER TABLE llx_usergroup_rights DROP INDEX fk_usergroup; +ALTER TABLE llx_usergroup_rights ADD UNIQUE INDEX uk_usergroup_rights (entity, fk_usergroup, fk_id); +ALTER TABLE llx_usergroup_rights ADD CONSTRAINT fk_usergroup_rights_fk_usergroup FOREIGN KEY (fk_usergroup) REFERENCES llx_usergroup (rowid); + + + + diff --git a/htdocs/install/mysql/tables/llx_user_rights.key.sql b/htdocs/install/mysql/tables/llx_user_rights.key.sql index 6e87568e247..8fae1c1a160 100644 --- a/htdocs/install/mysql/tables/llx_user_rights.key.sql +++ b/htdocs/install/mysql/tables/llx_user_rights.key.sql @@ -1,6 +1,7 @@ -- ============================================================================ --- Copyright (C) 2003 Rodolphe Quiedeville --- Copyright (C) 2005 Laurent Destailleur +-- Copyright (C) 2003 Rodolphe Quiedeville +-- Copyright (C) 2005 Laurent Destailleur +-- Copyright (C) 2017 Regis Houssin -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by @@ -21,7 +22,6 @@ -- Delete orphans -- V4 DELETE llx_user_rights FROM llx_user_rights LEFT JOIN llx_user ON llx_user_rights.fk_user = llx_user.rowid WHERE llx_user.rowid IS NULL; +ALTER TABLE llx_user_rights ADD UNIQUE INDEX uk_user_rights (entity, fk_user, fk_id); ALTER TABLE llx_user_rights ADD CONSTRAINT fk_user_rights_fk_user_user FOREIGN KEY (fk_user) REFERENCES llx_user (rowid); - -ALTER TABLE llx_user_rights ADD UNIQUE INDEX uk_user_rights (fk_user, fk_id); diff --git a/htdocs/install/mysql/tables/llx_user_rights.sql b/htdocs/install/mysql/tables/llx_user_rights.sql index bd4c0afc242..cedfa8a00c9 100644 --- a/htdocs/install/mysql/tables/llx_user_rights.sql +++ b/htdocs/install/mysql/tables/llx_user_rights.sql @@ -1,5 +1,6 @@ -- ============================================================================ --- Copyright (C) 2003 Rodolphe Quiedeville +-- Copyright (C) 2003 Rodolphe Quiedeville +-- Copyright (C) 2017 Regis Houssin -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by @@ -18,8 +19,9 @@ create table llx_user_rights ( - rowid integer AUTO_INCREMENT PRIMARY KEY, - fk_user integer NOT NULL, - fk_id integer NOT NULL + rowid integer AUTO_INCREMENT PRIMARY KEY, + entity integer DEFAULT 1 NOT NULL, -- multi company id + fk_user integer NOT NULL, + fk_id integer NOT NULL )ENGINE=innodb; diff --git a/htdocs/install/mysql/tables/llx_usergroup_rights.key.sql b/htdocs/install/mysql/tables/llx_usergroup_rights.key.sql index 119ce8982b5..f08a6f62637 100644 --- a/htdocs/install/mysql/tables/llx_usergroup_rights.key.sql +++ b/htdocs/install/mysql/tables/llx_usergroup_rights.key.sql @@ -1,5 +1,6 @@ -- ============================================================================ --- Copyright (C) 2005 Laurent Destailleur +-- Copyright (C) 2005 Laurent Destailleur +-- Copyright (C) 2017 Regis Houssin -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by @@ -20,5 +21,6 @@ -- Supprime orhpelins pour permettre montee de la cle -- V4 DELETE llx_usergroup_rights FROM llx_usergroup_rights LEFT JOIN llx_usergroup ON llx_usergroup_rights.fk_usergroup = llx_usergroup.rowid WHERE llx_usergroup.rowid IS NULL; +ALTER TABLE llx_usergroup_rights ADD UNIQUE INDEX uk_usergroup_rights (entity, fk_usergroup, fk_id); ALTER TABLE llx_usergroup_rights ADD CONSTRAINT fk_usergroup_rights_fk_usergroup FOREIGN KEY (fk_usergroup) REFERENCES llx_usergroup (rowid); diff --git a/htdocs/install/mysql/tables/llx_usergroup_rights.sql b/htdocs/install/mysql/tables/llx_usergroup_rights.sql index 850648edea4..e8a3af37e7c 100644 --- a/htdocs/install/mysql/tables/llx_usergroup_rights.sql +++ b/htdocs/install/mysql/tables/llx_usergroup_rights.sql @@ -1,5 +1,6 @@ -- ============================================================================ --- Copyright (C) 2005 Laurent Destailleur +-- Copyright (C) 2005 Laurent Destailleur +-- Copyright (C) 2017 Regis Houssin -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by @@ -18,10 +19,10 @@ create table llx_usergroup_rights ( - rowid integer AUTO_INCREMENT PRIMARY KEY, - fk_usergroup integer NOT NULL, - fk_id integer NOT NULL, + rowid integer AUTO_INCREMENT PRIMARY KEY, + entity integer DEFAULT 1 NOT NULL, -- multi company id + fk_usergroup integer NOT NULL, + fk_id integer NOT NULL - UNIQUE(fk_usergroup,fk_id) )ENGINE=innodb; diff --git a/htdocs/master.inc.php b/htdocs/master.inc.php index 90a4cb70611..ecb1c46478f 100644 --- a/htdocs/master.inc.php +++ b/htdocs/master.inc.php @@ -1,14 +1,14 @@ - * Copyright (C) 2003 Xavier Dutoit - * Copyright (C) 2004-2012 Laurent Destailleur - * Copyright (C) 2004 Sebastien Di Cintio - * Copyright (C) 2004 Benoit Mortier - * Copyright (C) 2005-2012 Regis Houssin - * Copyright (C) 2005 Simon Tosser - * Copyright (C) 2006 Andre Cianfarani - * Copyright (C) 2010 Juanjo Menent - * Copyright (C) 2011 Philippe Grand +/* Copyright (C) 2002-2007 Rodolphe Quiedeville + * Copyright (C) 2003 Xavier Dutoit + * Copyright (C) 2004-2012 Laurent Destailleur + * Copyright (C) 2004 Sebastien Di Cintio + * Copyright (C) 2004 Benoit Mortier + * Copyright (C) 2005-2017 Regis Houssin + * Copyright (C) 2005 Simon Tosser + * Copyright (C) 2006 Andre Cianfarani + * Copyright (C) 2010 Juanjo Menent + * Copyright (C) 2011 Philippe Grand * Copyright (C) 2014 Teddy Andreotti <125155@supinfo.com> * * This program is free software; you can redistribute it and/or modify @@ -98,11 +98,6 @@ if (! empty($dolibarr_main_document_root_alt)) } } -// Set properties specific to multicompany -// TODO Multicompany Remove this. Useless. Var should be read when required. -$conf->multicompany->transverse_mode = empty($multicompany_transverse_mode)?'':$multicompany_transverse_mode; // Force Multi-Company transverse mode -$conf->multicompany->force_entity = empty($multicompany_force_entity)?'':(int) $multicompany_force_entity; // Force entity in login page - // Chargement des includes principaux de librairies communes if (! defined('NOREQUIREUSER')) require_once DOL_DOCUMENT_ROOT .'/user/class/user.class.php'; // Need 500ko memory if (! defined('NOREQUIRETRAN')) require_once DOL_DOCUMENT_ROOT .'/core/class/translate.class.php'; @@ -170,10 +165,6 @@ if (! defined('NOREQUIREDB')) { $conf->entity = $_COOKIE['DOLENTITY']; } - else if (! empty($conf->multicompany->force_entity) && is_numeric($conf->multicompany->force_entity)) // To force entity in login page - { - $conf->entity = $conf->multicompany->force_entity; - } // Sanitize entity if (! is_numeric($conf->entity)) $conf->entity=1; diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index a935b87bd58..c3a11ac7cab 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -110,7 +110,7 @@ if (empty($user->socid)) $fieldstosearchall["t.note_private"]="NotePrivate"; $arrayfields=array( 't.field1'=>array('label'=>"Field1", 'checked'=>1), 't.field2'=>array('label'=>"Field2", 'checked'=>1), - //'t.entity'=>array('label'=>"Entity", 'checked'=>1, 'enabled'=>(! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode))), + //'t.entity'=>array('label'=>"Entity", 'checked'=>1, 'enabled'=>(! empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))), 't.datec'=>array('label'=>"DateCreationShort", 'checked'=>0, 'position'=>500), 't.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>500), //'t.statut'=>array('label'=>"Status", 'checked'=>1, 'position'=>1000), diff --git a/htdocs/product/stock/productlot_list.php b/htdocs/product/stock/productlot_list.php index 78d3c470cb1..162bd6d04b6 100644 --- a/htdocs/product/stock/productlot_list.php +++ b/htdocs/product/stock/productlot_list.php @@ -102,7 +102,7 @@ $arrayfields=array( 't.eatby'=>array('label'=>$langs->trans("EatByDate"), 'checked'=>1), 't.sellby'=>array('label'=>$langs->trans("SellByDate"), 'checked'=>1), //'t.import_key'=>array('label'=>$langs->trans("ImportKey"), 'checked'=>1), - //'t.entity'=>array('label'=>$langs->trans("Entity"), 'checked'=>1, 'enabled'=>(! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode))), + //'t.entity'=>array('label'=>$langs->trans("Entity"), 'checked'=>1, 'enabled'=>(! empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))), //'t.fk_user_creat'=>array('label'=>$langs->trans("UserCreationShort"), 'checked'=>0, 'position'=>500), //'t.fk_user_modif'=>array('label'=>$langs->trans("UserModificationShort"), 'checked'=>0, 'position'=>500), 't.datec'=>array('label'=>$langs->trans("DateCreationShort"), 'checked'=>0, 'position'=>500), diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index ebd06dbd5c4..5b300f39b33 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -1695,7 +1695,7 @@ class Societe extends CommonObject $sql = "SELECT DISTINCT u.rowid, u.login, u.lastname, u.firstname, u.email, u.statut, u.entity, u.photo"; $sql.= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."user as u"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " WHERE ((ug.fk_user = sc.fk_user"; diff --git a/htdocs/societe/commerciaux.php b/htdocs/societe/commerciaux.php index 89bb836d119..7046310fa6f 100644 --- a/htdocs/societe/commerciaux.php +++ b/htdocs/societe/commerciaux.php @@ -142,13 +142,13 @@ if (! empty($socid)) $sql = "SELECT DISTINCT u.rowid, u.login, u.fk_soc, u.lastname, u.firstname, u.statut, u.entity, u.photo"; $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; $sql .= " , ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; } $sql .= " WHERE sc.fk_soc =".$object->id; $sql .= " AND sc.fk_user = u.rowid"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql.= " AND ((ug.fk_user = sc.fk_user"; $sql.= " AND ug.entity = ".$conf->entity.")"; @@ -232,7 +232,7 @@ if (! empty($socid)) $sql = "SELECT DISTINCT u.rowid, u.lastname, u.firstname, u.login, u.email, u.statut, u.fk_soc, u.photo"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " WHERE ((ug.fk_user = u.rowid"; diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 92951de98e8..86bb168c54f 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -3,7 +3,7 @@ * Copyright (C) 2002-2003 Jean-Louis Bergamo * Copyright (C) 2004-2015 Laurent Destailleur * Copyright (C) 2004 Eric Seigne - * Copyright (C) 2005-2016 Regis Houssin + * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2005 Lionel Cousteix * Copyright (C) 2011 Herve Prot * Copyright (C) 2012 Juanjo Menent @@ -57,6 +57,12 @@ $subaction = GETPOST('subaction','alpha'); $group = GETPOST("group","int",3); $cancel = GETPOST('cancel'); +// Users/Groups management only in master entity if transverse mode +if (($action == 'create' || $action == 'adduserldap') && ! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) +{ + accessforbidden(); +} + // Define value to know what current user can do on users $canadduser=(! empty($user->admin) || $user->rights->user->user->creer); $canreaduser=(! empty($user->admin) || $user->rights->user->user->lire); @@ -228,11 +234,11 @@ if (empty($reshook)) { // Set entity property $entity = GETPOST('entity', 'int'); - if (!empty($conf->multicompany->enabled)) { - if (!empty($_POST["superadmin"])) { + if (! empty($conf->multicompany->enabled)) { + if (GETPOST('superadmin', 'int')) { $object->entity = 0; } else { - if ($conf->multicompany->transverse_mode) { + if (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $object->entity = 1; // all users are forced into master entity } else { $object->entity = ($entity == '' ? 1 : $entity); @@ -249,8 +255,8 @@ if (empty($reshook)) { $id = $object->create($user); if ($id > 0) { - if (isset($_POST['password']) && trim($_POST['password'])) { - $object->setPassword($user, trim($_POST['password'])); + if (GETPOST('password')) { + $object->setPassword($user, GETPOST('password')); } if (! empty($conf->categorie->enabled)) { // Categories association @@ -283,10 +289,10 @@ if (empty($reshook)) { $object->fetch($id); if ($action == 'addgroup') { - $object->SetInGroup($group, ($conf->multicompany->transverse_mode ? GETPOST("entity") : $editgroup->entity)); + $object->SetInGroup($group, (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) ? GETPOST('entity', 'int') : $editgroup->entity)); } if ($action == 'removegroup') { - $object->RemoveFromGroup($group, ($conf->multicompany->transverse_mode ? GETPOST("entity") : $editgroup->entity)); + $object->RemoveFromGroup($group, (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) ? GETPOST('entity', 'int') : $editgroup->entity)); } if ($result > 0) { @@ -300,7 +306,7 @@ if (empty($reshook)) { } } - if ($action == 'update' && ! $cancel) + if ($action == 'update' && ! $cancel) { require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; @@ -319,7 +325,7 @@ if (empty($reshook)) { $error ++; } - if (!$error) + if (!$error) { $object->fetch($id); @@ -367,7 +373,7 @@ if (empty($reshook)) { { $object->entity = 0; } - else if ($conf->multicompany->transverse_mode) + else if (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $object->entity = 1; // all users in master entity } @@ -409,7 +415,7 @@ if (empty($reshook)) { } } - if (!$error && isset($_POST['contactid'])) { + if (!$error && GETPOST('contactid', 'int')) { $contactid = GETPOST('contactid', 'int'); if ($contactid > 0) { @@ -456,7 +462,7 @@ if (empty($reshook)) { setEventMessages($langs->trans("ErrorFailedToSaveFile"), null, 'errors'); } else { // Create thumbs - $object->addThumbs($newfile); + $object->addThumbs($newfile); } } else { $error ++; @@ -465,7 +471,7 @@ if (empty($reshook)) { } } } - + if (! $error && ! count($object->errors)) { // Then we add the associated categories @@ -476,7 +482,7 @@ if (empty($reshook)) { if (!$error && !count($object->errors)) { setEventMessages($langs->trans("UserModified"), null, 'mesgs'); $db->commit(); - + $login = $_SESSION["dol_login"]; if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login { @@ -495,11 +501,11 @@ if (empty($reshook)) { if ($caneditpassword) // Case we can edit only password { dol_syslog("Not allowed to change fields, only password"); - + $object->fetch($id); - + $object->oldcopy = clone $object; - + $ret = $object->setPassword($user, GETPOST("password")); if ($ret < 0) { @@ -591,14 +597,14 @@ if (empty($reshook)) { setEventMessages($ldap->error, $ldap->errors, 'errors'); } } - + // Actions to send emails $trigger_name='USER_SENTBYMAIL'; $paramname='id'; // Name of param key to open the card $mode='emailfromuser'; $trackid='use'.$object->id; include DOL_DOCUMENT_ROOT.'/core/actions_sendmails.inc.php'; - + // Actions to build doc $upload_dir = $conf->user->dir_output; $permissioncreate=$user->rights->user->user->creer; @@ -617,7 +623,7 @@ $formfile = new FormFile($db); llxHeader('',$langs->trans("UserCard")); -if (($action == 'create') || ($action == 'adduserldap')) +if ($action == 'create' || $action == 'adduserldap') { /* ************************************************************************** */ /* */ @@ -858,7 +864,7 @@ if (($action == 'create') || ($action == 'adduserldap')) print ''; print $form->selectyesno('admin',GETPOST('admin'),1); - if (! empty($conf->multicompany->enabled) && ! $user->entity && empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! $user->entity && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { if (! empty($conf->use_javascript_ajax)) { @@ -888,8 +894,8 @@ if (($action == 'create') || ($action == 'adduserldap')) }); '; } - $checked=($_POST["superadmin"]?' checked':''); - $disabled=($_POST["superadmin"]?'':' disabled'); + $checked=(GETPOST('superadmin', 'int')?' checked':''); + $disabled=(GETPOST('superadmin', 'int')?'':' disabled'); print ' '.$langs->trans("SuperAdministrator"); } print "\n"; @@ -1005,9 +1011,9 @@ if (($action == 'create') || ($action == 'adduserldap')) print ''; // Multicompany - if (! empty($conf->multicompany->enabled)) + if (! empty($conf->multicompany->enabled) && is_object($mc)) { - if (empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity && is_object($mc)) + if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { print "".''.$langs->trans("Entity").''; print "".$mc->select_entities($conf->entity); @@ -1027,9 +1033,9 @@ if (($action == 'create') || ($action == 'adduserldap')) print ''; print ''; } - + // TODO Move this into tab RH (HierarchicalResponsible must be on both tab) - + // Hierarchy print ''.$langs->trans("HierarchicalResponsible").''; print ''; @@ -1076,7 +1082,7 @@ if (($action == 'create') || ($action == 'adduserldap')) print ''; print ''; print "\n"; - + // Date employment print ''.$langs->trans("DateEmployment").''; print ''; @@ -1092,9 +1098,9 @@ if (($action == 'create') || ($action == 'adduserldap')) print $formother->selectColor(GETPOST('color')?GETPOST('color'):$object->color, 'color', null, 1, '', 'hideifnotset'); print ''; } - + // Categories - if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) + if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) { print '' . fieldLabel('Categories', 'usercats') . ''; $cate_arbo = $form->select_all_categories('user', null, 'parent', null, null, 1); @@ -1110,7 +1116,7 @@ if (($action == 'create') || ($action == 'adduserldap')) { print $object->showOptionals($extrafields,'edit'); } - + // Note print ''; print $langs->trans("Note"); @@ -1127,7 +1133,7 @@ if (($action == 'create') || ($action == 'adduserldap')) $doleditor=new DolEditor('signature',GETPOST('signature'),'',138,'dolibarr_mailings','In',true,true,empty($conf->global->FCKEDITOR_ENABLE_USERSIGN)?0:1,ROWS_4,'90%'); print $doleditor->Create(1); print ''; - + print "\n"; dol_fiche_end(); @@ -1153,7 +1159,7 @@ else $object->fetch($id, '', '', 1); if ($res < 0) { dol_print_error($db,$object->error); exit; } $res=$object->fetch_optionals($object->id,$extralabels); - + // Check if user has rights $object->getrights(); if(empty($object->nb_rights)) setEventMessages($langs->trans('UserHasNoPermissions'), null, 'warnings'); @@ -1226,7 +1232,7 @@ else */ if ($action == 'password') { - print $form->formconfirm("card.php?id=$object->id",$langs->trans("ReinitPassword"),$langs->trans("ConfirmReinitPassword",$object->login),"confirm_password", '', 0, 1); + print $form->formconfirm($_SERVER['PHP_SELF']."?id=$object->id",$langs->trans("ReinitPassword"),$langs->trans("ConfirmReinitPassword",$object->login),"confirm_password", '', 0, 1); } /* @@ -1234,7 +1240,7 @@ else */ if ($action == 'passwordsend') { - print $form->formconfirm("card.php?id=$object->id",$langs->trans("SendNewPassword"),$langs->trans("ConfirmSendNewPassword",$object->login),"confirm_passwordsend", '', 0, 1); + print $form->formconfirm($_SERVER['PHP_SELF']."?id=$object->id",$langs->trans("SendNewPassword"),$langs->trans("ConfirmSendNewPassword",$object->login),"confirm_passwordsend", '', 0, 1); } /* @@ -1242,7 +1248,7 @@ else */ if ($action == 'disable') { - print $form->formconfirm("card.php?id=$object->id",$langs->trans("DisableAUser"),$langs->trans("ConfirmDisableUser",$object->login),"confirm_disable", '', 0, 1); + print $form->formconfirm($_SERVER['PHP_SELF']."?id=$object->id",$langs->trans("DisableAUser"),$langs->trans("ConfirmDisableUser",$object->login),"confirm_disable", '', 0, 1); } /* @@ -1250,7 +1256,7 @@ else */ if ($action == 'enable') { - print $form->formconfirm("card.php?id=$object->id",$langs->trans("EnableAUser"),$langs->trans("ConfirmEnableUser",$object->login),"confirm_enable", '', 0, 1); + print $form->formconfirm($_SERVER['PHP_SELF']."?id=$object->id",$langs->trans("EnableAUser"),$langs->trans("ConfirmEnableUser",$object->login),"confirm_enable", '', 0, 1); } /* @@ -1258,7 +1264,7 @@ else */ if ($action == 'delete') { - print $form->formconfirm("card.php?id=$object->id",$langs->trans("DeleteAUser"),$langs->trans("ConfirmDeleteUser",$object->login),"confirm_delete", '', 0, 1); + print $form->formconfirm($_SERVER['PHP_SELF']."?id=$object->id",$langs->trans("DeleteAUser"),$langs->trans("ConfirmDeleteUser",$object->login),"confirm_delete", '', 0, 1); } /* @@ -1387,7 +1393,7 @@ else print ''.$langs->trans("AccountancyCode").''; print ''.$object->accountancy_code.''; } - + // TODO Move this into tab RH, visible when salarie or RH is visible (HierarchicalResponsible must be on both tab) // Hierarchy @@ -1468,7 +1474,7 @@ else } // Categories - if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) + if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) { print '' . $langs->trans( "Categories" ) . ''; print ''; @@ -1476,71 +1482,52 @@ else print ''; } - // Multicompany - // TODO This should be done with hook formObjectOption - if (is_object($mc)) - { - if (! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) - { - print ''.$langs->trans("Entity").''; - if (empty($object->entity)) - { - print $langs->trans("AllEntities"); - } - else - { - $mc->getInfo($object->entity); - print $mc->label; - } - print "\n"; - } - } - if (isset($conf->file->main_authentication) && preg_match('/openid/',$conf->file->main_authentication) && ! empty($conf->global->MAIN_OPENIDURL_PERUSER)) { print ''.$langs->trans("OpenIDURL").''; print ''.$object->openid.''; print "\n"; } - + print ''.$langs->trans("LastConnexion").''; print ''.dol_print_date($object->datelastlogin,"dayhour").''; print "\n"; - + print ''.$langs->trans("PreviousConnexion").''; print ''.dol_print_date($object->datepreviouslogin,"dayhour").''; print "\n"; - + // Other attributes $parameters=array(); $reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; if (empty($reshook) && ! empty($extrafields->attribute_label)) { print $object->showOptionals($extrafields); } - + // Company / Contact if (! empty($conf->societe->enabled)) { print ''.$langs->trans("LinkToCompanyContact").''; print ''; - if (isset($object->societe_id) && $object->societe_id > 0) + if (isset($object->socid) && $object->socid > 0) { $societe = new Societe($db); - $societe->fetch($object->societe_id); + $societe->fetch($object->socid); print $societe->getNomUrl(1,''); } else { print $langs->trans("ThisUserIsNot"); } - if (! empty($object->contact_id)) + if (! empty($object->contactid)) { $contact = new Contact($db); - $contact->fetch($object->contact_id); - if ($object->societe_id > 0) print ' / '; + $contact->fetch($object->contactid); + if ($object->socid > 0) print ' / '; else print '
'; - print ''.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).''; + print ''.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).''; } print ''; print ''."\n"; @@ -1598,8 +1585,8 @@ else $langs->load("mails"); print '
'.$langs->trans('SendMail').'
'; } - - if ($caneditfield && (empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1))) + + if ($caneditfield && (empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->global->MULTICOMPANY_TRANSVERSE_MODE && $conf->entity == 1))) { if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) { @@ -1611,7 +1598,7 @@ else } } elseif ($caneditpassword && ! $object->ldap_sid && - (empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1))) + (empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->global->MULTICOMPANY_TRANSVERSE_MODE && $conf->entity == 1))) { print '
'.$langs->trans("EditPassword").'
'; } @@ -1624,7 +1611,7 @@ else print '
'.$langs->trans("ReinitPassword").'
'; } elseif (($user->id != $id && $caneditpassword) && $object->login && !$object->ldap_sid && - ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1))) + ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->global->MULTICOMPANY_TRANSVERSE_MODE && $conf->entity == 1))) { print '
'.$langs->trans("ReinitPassword").'
'; } @@ -1634,7 +1621,7 @@ else print '
'.$langs->trans("SendNewPassword").'
'; } else if (($user->id != $id && $caneditpassword) && $object->login && !$object->ldap_sid && - ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1))) + ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->global->MULTICOMPANY_TRANSVERSE_MODE && $conf->entity == 1))) { if ($object->email) print '
'.$langs->trans("SendNewPassword").'
'; else print '
'.$langs->trans("SendNewPassword").'
'; @@ -1643,19 +1630,19 @@ else // Activer if ($user->id <> $id && $candisableuser && $object->statut == 0 && - ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1))) + ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->global->MULTICOMPANY_TRANSVERSE_MODE && $conf->entity == 1))) { print '
'.$langs->trans("Reactivate").'
'; } // Desactiver if ($user->id <> $id && $candisableuser && $object->statut == 1 && - ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1))) + ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->global->MULTICOMPANY_TRANSVERSE_MODE && $conf->entity == 1))) { print '
'.$langs->trans("DisableUser").'
'; } // Delete if ($user->id <> $id && $candisableuser && - ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1))) + ((empty($conf->multicompany->enabled) && $object->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->global->MULTICOMPANY_TRANSVERSE_MODE && $conf->entity == 1))) { if ($user->admin || ! $object->admin) // If user edited is admin, delete is possible on for an admin { @@ -1680,36 +1667,36 @@ else /* * Affiche formulaire mail */ - + // By default if $action=='presend' $titreform='SendMail'; $topicmail=''; $action='send'; $modelmail='user'; - + print '
'; print load_fiche_titre($langs->trans($titreform)); - + dol_fiche_head(); - + // Define output language $outputlangs = $langs; $newlang = ''; if ($conf->global->MAIN_MULTILANGS && empty($newlang) && ! empty($_REQUEST['lang_id'])) $newlang = $_REQUEST['lang_id']; - + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang = $object->default_lang; - + // Cree l'objet formulaire mail include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; $formmail = new FormMail($db); $formmail->param['langsmodels']=(empty($newlang)?$langs->defaultlang:$newlang); $formmail->fromtype = (GETPOST('fromtype')?GETPOST('fromtype'):(!empty($conf->global->MAIN_MAIL_DEFAULT_FROMTYPE)?$conf->global->MAIN_MAIL_DEFAULT_FROMTYPE:'user')); - + if($formmail->fromtype === 'user'){ $formmail->fromid = $user->id; - + } $formmail->trackid='thi'.$object->id; if (! empty($conf->global->MAIN_EMAIL_ADD_TRACK_ID) && ($conf->global->MAIN_EMAIL_ADD_TRACK_ID & 2)) // If bit 2 is set @@ -1733,40 +1720,40 @@ else $formmail->substit['__FIRSTNAME__']=$object->firstname; $formmail->substit['__SIGNATURE__']=$user->signature; $formmail->substit['__PERSONALIZED__']=''; - + //Find the good contact adress /* $custcontact=''; $contactarr=array(); $contactarr=$object->liste_contact(-1,'external'); - + if (is_array($contactarr) && count($contactarr)>0) { foreach($contactarr as $contact) { if ($contact['libelle']==$langs->trans('TypeContact_facture_external_BILLING')) { - + require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php'; - + $contactstatic=new Contact($db); $contactstatic->fetch($contact['id']); $custcontact=$contactstatic->getFullName($langs,1); } } - + if (!empty($custcontact)) { $formmail->substit['__CONTACTCIVNAME__']=$custcontact; } }*/ - - + + // Tableau des parametres complementaires du post $formmail->param['action']=$action; $formmail->param['models']=$modelmail; $formmail->param['models_id']=GETPOST('modelmailselected','int'); $formmail->param['socid']=$object->id; $formmail->param['returnurl']=$_SERVER["PHP_SELF"].'?id='.$object->id; - + // Init list of files if (GETPOST("mode")=='init') { @@ -1774,7 +1761,7 @@ else $formmail->add_attached_files($file,basename($file),dol_mimetype($file)); } print $formmail->get_form(); - + dol_fiche_end(); } @@ -1783,20 +1770,20 @@ else /* * List of groups of user */ - + if ($canreadgroup) { print load_fiche_titre($langs->trans("ListOfGroupsForUser"),'',''); - + // On selectionne les groupes auquel fait parti le user $exclude = array(); - + $usergroup=new UserGroup($db); $groupslist = $usergroup->listGroupsForUser($object->id); - + if (! empty($groupslist)) { - if (! (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))) + if (! (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))) { foreach($groupslist as $groupforuser) { @@ -1804,46 +1791,54 @@ else } } } - + if ($caneditgroup) { print '
'."\n"; print ''; print ''; } - + print ''."\n"; print ''."\n"; - if(! empty($conf->multicompany->enabled) && !empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { print ''; } print ''; - print "'; + print "'."\n"; - + /* * Groups assigned to user */ @@ -1851,8 +1846,8 @@ else { foreach($groupslist as $group) { - - + + print ''; print ''; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { print ''; } - + print "
'.$langs->trans("Groups").''.$langs->trans("Entity").''; if ($caneditgroup) { - print $form->select_dolgroups('', 'group', 1, $exclude, 0, '', '', $object->entity); - print '   '; - // Multicompany - if (! empty($conf->multicompany->enabled)) - { - if ($conf->entity == 1 && $conf->multicompany->transverse_mode) - { - print ''.$langs->trans("Entity").'".$mc->select_entities($conf->entity); - } - else - { - print ''; - } - } - else - { - print ''; - } - print ''; + // Users/Groups management only in master entity if transverse mode + if (! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) + { + // nothing + } + else + { + print $form->select_dolgroups('', 'group', 1, $exclude, 0, '', '', $object->entity); + print '   '; + // Multicompany + if (! empty($conf->multicompany->enabled)) + { + if ($conf->entity == 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) + { + print ''.$langs->trans("Entity").'".$mc->select_entities($conf->entity); + } + else + { + print ''; + } + } + else + { + print ''; + } + print ''; + } } print '
'; if ($caneditgroup) @@ -1864,7 +1859,7 @@ else print img_object($langs->trans("ShowGroup"),"group").' '.$group->name; } print ''; if (! empty($group->usergroup_entity)) @@ -1882,7 +1877,7 @@ else } } print ''; - if ($caneditgroup && empty($conf->multicompany->transverse_mode)) + if ($caneditgroup && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { print ''; print img_delete($langs->trans("RemoveFromGroup")); @@ -1899,9 +1894,9 @@ else { print '
'.$langs->trans("None").'
"; - + if ($caneditgroup) { print '
'; @@ -1910,7 +1905,7 @@ else } } } - + /* * Fiche en mode edition */ @@ -2030,7 +2025,7 @@ else print "\n"; // API key - if(! empty($conf->api->enabled) && $user->admin) + if(! empty($conf->api->enabled) && $user->admin) { print ''.$langs->trans("ApiKey").''; print ''; @@ -2042,7 +2037,7 @@ else // Administrator print ''.$langs->trans("Administrator").''; - if ($object->societe_id > 0) + if ($object->socid > 0) { $langs->load("admin"); print ''; @@ -2067,7 +2062,7 @@ else { print $form->selectyesno('admin',$object->admin,1); - if (! empty($conf->multicompany->enabled) && ! $user->entity && empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && ! $user->entity && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { if ($conf->use_javascript_ajax) { @@ -2129,7 +2124,7 @@ else if ($user->id == $object->id || ! $user->admin) { $type=$langs->trans("Internal"); - if ($object->societe_id) $type=$langs->trans("External"); + if ($object->socid) $type=$langs->trans("External"); print $form->textwithpicto($type,$langs->trans("InternalExternalDesc")); if ($object->ldap_sid) print ' ('.$langs->trans("DomainUser").')'; } @@ -2280,9 +2275,9 @@ else print ''; print ""; } - + // TODO Move this into tab RH (HierarchicalResponsible must be on both tab) - + // Hierarchy print ''.$langs->trans("HierarchicalResponsible").''; print ''; @@ -2355,7 +2350,7 @@ else print $formother->selectColor(GETPOST('color')?GETPOST('color'):$object->color, 'color', null, 1, '', 'hideifnotset'); print ''; } - + // Photo print ''; print ''.$langs->trans("Photo").''; @@ -2363,9 +2358,9 @@ else print $form->showphoto('userphoto',$object,60,0,$caneditfield,'photowithmargin','small'); print ''; print ''; - + // Categories - if (!empty( $conf->categorie->enabled ) && !empty( $user->rights->categorie->lire )) + if (!empty( $conf->categorie->enabled ) && !empty( $user->rights->categorie->lire )) { print '' . fieldLabel( 'Categories', 'usercats' ) . ''; print ''; @@ -2390,16 +2385,16 @@ else { print ''.$langs->trans("LinkToCompanyContact").''; print ''; - if ($object->societe_id > 0) + if ($object->socid > 0) { $societe = new Societe($db); - $societe->fetch($object->societe_id); + $societe->fetch($object->socid); print $societe->getNomUrl(1,''); - if ($object->contact_id) + if ($object->contactid) { $contact = new Contact($db); - $contact->fetch($object->contact_id); - print ' / '.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).''; + $contact->fetch($object->contactid); + print ' / '.img_object($langs->trans("ShowContact"),'contact').' '.dol_trunc($contact->getFullName($langs),32).''; } } else @@ -2432,25 +2427,10 @@ else print "\n"; } - // Multicompany - // TODO check if user not linked with the current entity before change entity (thirdparty, invoice, etc.) !! - if (! empty($conf->multicompany->enabled) && is_object($mc)) - { - if (empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) - { - print "".''.$langs->trans("Entity").''; - print "".$mc->select_entities($object->entity, 'entity', '', 0, 1); // last parameter 1 means, show also a choice 0=>'all entities' - print "\n"; - } - else - { - print ''; - } - } - // Other attributes $parameters=array('colspan' => ' colspan="2"'); $reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; if (empty($reshook) && ! empty($extrafields->attribute_label)) { print $object->showOptionals($extrafields,'edit'); @@ -2470,7 +2450,7 @@ else print dol_htmlentitiesbr($object->signature); } print ''; - + print ''; dol_fiche_end(); @@ -2495,27 +2475,28 @@ else $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; $genallowed = $user->rights->user->user->creer; $delallowed = $user->rights->user->user->supprimer; - - $somethingshown = $formfile->show_documents('user', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang); - + + print $formfile->showdocuments('user', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang); + $somethingshown = $formfile->numoffiles; + // Show links to link elements $linktoelem = $form->showLinkToObjectBlock($object, null, null); $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - + print '
'; - + // List of actions on element include_once DOL_DOCUMENT_ROOT . '/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'user', $socid); - - + + print '
'; } - + if (! empty($conf->ldap->enabled) && ! empty($object->ldap_sid)) $ldap->close(); } - + } if (! empty($conf->api->enabled) && ! empty($conf->use_javascript_ajax)) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index e09e52c1882..5ec9d54300d 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -107,16 +107,16 @@ class User extends CommonObject public $all_permissions_are_loaded; // All permission are loaded public $nb_rights; // Number of rights granted to the user private $_tab_loaded=array(); // Cache array of already loaded permissions - + public $conf; // To store personal config public $default_values; // To store default values for user public $lastsearch_values_tmp; // To store current search criterias for user public $lastsearch_values; // To store last saved search criterias for user - + public $users; // To store all tree of users hierarchy public $parentof; // To store an array of all parents for all ids. private $cache_childids; - + public $accountancy_code; // Accountancy code in prevision of the complete accountancy module public $thm; // Average cost of employee - Used for valuation of time spent @@ -207,7 +207,7 @@ class User extends CommonObject if ($entity < 0) { - if ((empty($conf->multicompany->enabled) || empty($conf->multicompany->transverse_mode)) && (! empty($user->entity))) + if ((empty($conf->multicompany->enabled) || empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) && (! empty($user->entity))) { $sql.= " WHERE u.entity IN (0,".$conf->entity.")"; } @@ -218,7 +218,7 @@ class User extends CommonObject } else // The fetch was forced on an entity { - if (!empty($conf->multicompany->enabled) && !empty($conf->multicompany->transverse_mode)) + if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $sql.= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database else $sql.= " WHERE u.entity IN (0, ".$conf->entity.")"; @@ -365,7 +365,7 @@ class User extends CommonObject $this->error=$this->db->lasterror(); return -2; } - + // Load user->default_values for user. TODO Save this in memcached ? $sql = "SELECT rowid, entity, type, page, param, value"; $sql.= " FROM ".MAIN_DB_PREFIX."default_values"; @@ -376,7 +376,7 @@ class User extends CommonObject { while ($obj = $this->db->fetch_object($resql)) { - if (! empty($obj->page) && ! empty($obj->type) && ! empty($obj->param)) + if (! empty($obj->page) && ! empty($obj->type) && ! empty($obj->param)) { $this->default_values[$obj->page][$obj->type][$obj->param]=$obj->value; } @@ -389,7 +389,7 @@ class User extends CommonObject return -3; } } - + return 1; } @@ -469,9 +469,9 @@ class User extends CommonObject $obj = $this->db->fetch_object($result); $nid = $obj->id; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".$this->id." AND fk_id=".$nid; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".$this->id." AND fk_id=".$nid." AND entity = ".$entity; if (! $this->db->query($sql)) $error++; - $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (fk_user, fk_id) VALUES (".$this->id.", ".$nid.")"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (entity, fk_user, fk_id) VALUES (".$entity.", ".$this->id.", ".$nid.")"; if (! $this->db->query($sql)) $error++; $i++; @@ -581,6 +581,7 @@ class User extends CommonObject $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights"; $sql.= " WHERE fk_user = ".$this->id." AND fk_id=".$nid; + $sql.= " AND entity = ".$entity; if (! $this->db->query($sql)) $error++; $i++; @@ -660,7 +661,7 @@ class User extends CommonObject $sql.= " FROM ".MAIN_DB_PREFIX."user_rights as ur"; $sql.= ", ".MAIN_DB_PREFIX."rights_def as r"; $sql.= " WHERE r.id = ur.fk_id"; - $sql.= " AND r.entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; + $sql.= " AND ur.entity = ".$conf->entity; $sql.= " AND ur.fk_user= ".$this->id; $sql.= " AND r.perms IS NOT NULL"; if ($moduletag) $sql.= " AND r.module = '".$this->db->escape($moduletag)."'"; @@ -706,11 +707,8 @@ class User extends CommonObject $sql.= " ".MAIN_DB_PREFIX."usergroup_user as gu,"; $sql.= " ".MAIN_DB_PREFIX."rights_def as r"; $sql.= " WHERE r.id = gr.fk_id"; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) { - $sql.= " AND gu.entity IN (0,".$conf->entity.")"; - } else { - $sql.= " AND r.entity = ".$conf->entity; - } + $sql.= " AND gr.entity = ".$conf->entity; + $sql.= " AND r.entity = ".$conf->entity; $sql.= " AND gr.fk_usergroup = gu.fk_usergroup"; $sql.= " AND gu.fk_user = ".$this->id; $sql.= " AND r.perms IS NOT NULL"; @@ -2014,14 +2012,14 @@ class User extends CommonObject $result=''; $label=''; $link=''; $linkstart=''; $linkend=''; - + if (! empty($this->photo)) { $label.= '
'; $label.= Form::showphoto('userphoto', $this, 80, 0, 0, 'photowithmargin photologintooltip', 'small', 0, 1); $label.= '
'; } - + $label.= '
'; $label.= '' . $langs->trans("User") . '
'; $label.= '' . $langs->trans('Name') . ': ' . $this->getFullName($langs,'',''); @@ -2112,9 +2110,9 @@ class User extends CommonObject } $result.=$linkend; //if ($withpictoimg == -1) $result.='
'; - + $result.=$companylink; - + return $result; } @@ -2573,7 +2571,7 @@ class User extends CommonObject // Init $this->users array $sql = "SELECT DISTINCT u.rowid, u.firstname, u.lastname, u.fk_user, u.fk_soc, u.login, u.email, u.gender, u.admin, u.statut, u.photo, u.entity"; // Distinct reduce pb with old tables with duplicates $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; - if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && (! empty($conf->multicompany->transverse_mode) || (! empty($user->admin) && empty($user->entity)))) + if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) || (! empty($user->admin) && empty($user->entity)))) { $sql.= " WHERE u.entity IS NOT NULL"; } diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index af73e1305bb..be9bb0e1f4c 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -39,7 +39,7 @@ class UserGroup extends CommonObject protected $ismultientitymanaged = 1; // 0=No test on entity, 1=Test with field entity, 2=Test with link by societe public $picto='group'; public $entity; // Entity of group - + /** * @deprecated * @see name @@ -252,16 +252,19 @@ class UserGroup extends CommonObject /** * Add a permission to a group * - * @param int $rid id du droit a ajouter - * @param string $allmodule Ajouter tous les droits du module allmodule - * @param string $allperms Ajouter tous les droits du module allmodule, perms allperms - * @return int > 0 if OK, < 0 if KO + * @param int $rid id du droit a ajouter + * @param string $allmodule Ajouter tous les droits du module allmodule + * @param string $allperms Ajouter tous les droits du module allmodule, perms allperms + * @param int $entity Entity to use + * @return int > 0 if OK, < 0 if KO */ - function addrights($rid,$allmodule='',$allperms='') + function addrights($rid, $allmodule='', $allperms='', $entity=0) { global $conf, $user, $langs; - dol_syslog(get_class($this)."::addrights $rid, $allmodule, $allperms"); + $entity = (! empty($entity)?$entity:$conf->entity); + + dol_syslog(get_class($this)."::addrights $rid, $allmodule, $allperms, $entity"); $error=0; $whereforadd=''; @@ -274,7 +277,7 @@ class UserGroup extends CommonObject $sql = "SELECT module, perms, subperms"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; $sql.= " WHERE id = '".$this->db->escape($rid)."'"; - $sql.= " AND entity = ".$conf->entity; + $sql.= " AND entity = ".$entity; $result=$this->db->query($sql); if ($result) { @@ -311,7 +314,7 @@ class UserGroup extends CommonObject $sql = "SELECT id"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; $sql.= " WHERE $whereforadd"; - $sql.= " AND entity = ".$conf->entity; + $sql.= " AND entity = ".$entity; $result=$this->db->query($sql); if ($result) @@ -323,9 +326,9 @@ class UserGroup extends CommonObject $obj = $this->db->fetch_object($result); $nid = $obj->id; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=".$nid; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=".$nid." AND entity = ".$entity; if (! $this->db->query($sql)) $error++; - $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (entity, fk_usergroup, fk_id) VALUES (".$entity.", ".$this->id.", ".$nid.")"; if (! $this->db->query($sql)) $error++; $i++; @@ -363,18 +366,21 @@ class UserGroup extends CommonObject /** * Remove a permission from group * - * @param int $rid id du droit a retirer - * @param string $allmodule Retirer tous les droits du module allmodule - * @param string $allperms Retirer tous les droits du module allmodule, perms allperms - * @return int > 0 if OK, < 0 if OK + * @param int $rid id du droit a retirer + * @param string $allmodule Retirer tous les droits du module allmodule + * @param string $allperms Retirer tous les droits du module allmodule, perms allperms + * @param int $entity Entity to use + * @return int > 0 if OK, < 0 if OK */ - function delrights($rid,$allmodule='',$allperms='') + function delrights($rid, $allmodule='', $allperms='', $entity=0) { global $conf, $user, $langs; $error=0; $wherefordel=''; + $entity = (! empty($entity)?$entity:$conf->entity); + $this->db->begin(); if (! empty($rid)) @@ -384,7 +390,7 @@ class UserGroup extends CommonObject $sql = "SELECT module, perms, subperms"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; $sql.= " WHERE id = '".$this->db->escape($rid)."'"; - $sql.= " AND entity = ".$conf->entity; + $sql.= " AND entity = ".$entity; $result=$this->db->query($sql); if ($result) { @@ -421,7 +427,7 @@ class UserGroup extends CommonObject $sql = "SELECT id"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def"; $sql.= " WHERE $wherefordel"; - $sql.= " AND entity = ".$conf->entity; + $sql.= " AND entity = ".$entity; $result=$this->db->query($sql); if ($result) @@ -435,6 +441,7 @@ class UserGroup extends CommonObject $sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights"; $sql.= " WHERE fk_usergroup = $this->id AND fk_id=".$nid; + $sql.= " AND entity = ".$entity; if (! $this->db->query($sql)) $error++; $i++; @@ -498,6 +505,7 @@ class UserGroup extends CommonObject $sql.= " FROM ".MAIN_DB_PREFIX."usergroup_rights as u, ".MAIN_DB_PREFIX."rights_def as r"; $sql.= " WHERE r.id = u.fk_id"; $sql.= " AND r.entity = ".$conf->entity; + $sql.= " AND u.entity = ".$conf->entity; $sql.= " AND u.fk_usergroup = ".$this->id; $sql.= " AND r.perms IS NOT NULL"; if ($moduletag) $sql.= " AND r.module = '".$this->db->escape($moduletag)."'"; @@ -755,7 +763,7 @@ class UserGroup extends CommonObject { return $this->LibStatut(0,$mode); } - + /** * Renvoi le libelle d'un statut donne * @@ -769,7 +777,7 @@ class UserGroup extends CommonObject $langs->load('users'); return ''; } - + /** * Retourne chaine DN complete dans l'annuaire LDAP pour l'objet * @@ -849,7 +857,7 @@ class UserGroup extends CommonObject $user->id => $user ); } - + /** * Create a document onto disk according to template module. * diff --git a/htdocs/user/group/card.php b/htdocs/user/group/card.php index bbcbd38c168..0b23fc10932 100644 --- a/htdocs/user/group/card.php +++ b/htdocs/user/group/card.php @@ -1,7 +1,7 @@ * Copyright (C) 2005-2015 Laurent Destailleur - * Copyright (C) 2005-2015 Regis Houssin + * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2011 Herve Prot * Copyright (C) 2012 Florian Henry * @@ -54,7 +54,8 @@ $userid=GETPOST('user', 'int'); // Security check $result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', 'user'); -if (! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->multicompany->transverse_mode) +// Users/Groups management only in master entity if transverse mode +if (! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) { accessforbidden(); } @@ -105,7 +106,7 @@ if ($action == 'add') $ret = $extrafields->setOptionalsFromPost($extralabels,$object); if ($ret < 0) $error++; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) $object->entity = 0; + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $object->entity = 0; else $object->entity = $_POST["entity"]; $db->begin(); @@ -148,8 +149,8 @@ if ($action == 'adduser' || $action =='removeuser') $edituser = new User($db); $edituser->fetch($userid); - if ($action == 'adduser') $result=$edituser->SetInGroup($object->id,(! empty($conf->multicompany->transverse_mode)?GETPOST('entity','int'):$object->entity)); - if ($action == 'removeuser') $result=$edituser->RemoveFromGroup($object->id,(! empty($conf->multicompany->transverse_mode)?GETPOST('entity','int'):$object->entity)); + if ($action == 'adduser') $result=$edituser->SetInGroup($object->id,(! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)?GETPOST('entity','int'):$object->entity)); + if ($action == 'removeuser') $result=$edituser->RemoveFromGroup($object->id,(! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)?GETPOST('entity','int'):$object->entity)); if ($result > 0) { @@ -188,7 +189,7 @@ if ($action == 'update') $ret = $extrafields->setOptionalsFromPost($extralabels,$object); if ($ret < 0) $error++; - if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) $object->entity = 0; + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $object->entity = 0; else $object->entity = $_POST["entity"]; $ret=$object->update(); @@ -210,7 +211,7 @@ if ($action == 'update') setEventMessages($langs->trans('ErrorForbidden'), null, 'mesgs'); } } - + // Actions to build doc $upload_dir = $conf->usergroup->dir_output; $permissioncreate=$user->rights->user->user->creer; @@ -250,7 +251,7 @@ if ($action == 'create') // Multicompany if (! empty($conf->multicompany->enabled) && is_object($mc)) { - if (empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) + if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { print "".''.$langs->trans("Entity").''; print "".$mc->select_entities($conf->entity); @@ -317,10 +318,10 @@ else dol_fiche_head($head, 'group', $title, -1, 'group'); dol_banner_tab($object,'id','',$user->rights->user->user->lire || $user->admin); - + print '
'; print '
'; - + print ''; // Name @@ -333,7 +334,7 @@ else print "\n"; // Multicompany - if (! empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) + if (! empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { $mc->getInfo($object->entity); print "".''; @@ -356,7 +357,7 @@ else print "
'.$langs->trans("Entity").'
\n"; print '
'; - + dol_fiche_end(); @@ -386,7 +387,7 @@ else if (! empty($object->members)) { - if (! (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))) + if (! (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))) { foreach($object->members as $useringroup) { @@ -408,7 +409,7 @@ else // Multicompany if (! empty($conf->multicompany->enabled) && is_object($mc)) { - if ($conf->entity == 1 && $conf->multicompany->transverse_mode) + if ($conf->entity == 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) { print ''.$langs->trans("Entity").''; print "".$mc->select_entities($conf->entity); @@ -448,7 +449,7 @@ else { foreach($object->members as $useringroup) { - + print ''; print ''; @@ -458,7 +459,7 @@ else print ''; print ''.$useringroup->lastname.''; print ''.$useringroup->firstname.''; - if (! empty($conf->multicompany->enabled) && is_object($mc) && ! empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) + if (! empty($conf->multicompany->enabled) && is_object($mc) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { print ''; if (! empty($useringroup->usergroup_entity)) @@ -497,7 +498,7 @@ else } print ""; print "
"; - + /* * Documents generes */ @@ -506,21 +507,21 @@ else $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; $genallowed = $user->rights->user->user->creer; $delallowed = $user->rights->user->user->supprimer; - + $somethingshown = $formfile->show_documents('usergroup', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang); - + // Show links to link elements $linktoelem = $form->showLinkToObjectBlock($object, null, null); $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); - + print '
'; - + // List of actions on element include_once DOL_DOCUMENT_ROOT . '/core/class/html.formactions.class.php'; $formactions = new FormActions($db); $somethingshown = $formactions->showactions($object, 'usergroup', $socid); - - + + print '
'; } @@ -543,7 +544,7 @@ else // Multicompany if (! empty($conf->multicompany->enabled) && is_object($mc)) { - if (empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) + if (empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1 && $user->admin && ! $user->entity) { print "".''.$langs->trans("Entity").''; print "".$mc->select_entities($object->entity); diff --git a/htdocs/user/group/index.php b/htdocs/user/group/index.php index 38fdf68b2ba..16091381e8d 100644 --- a/htdocs/user/group/index.php +++ b/htdocs/user/group/index.php @@ -32,6 +32,12 @@ if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS)) accessforbidden(); } +// Users/Groups management only in master entity if transverse mode +if (! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) +{ + accessforbidden(); +} + $langs->load("users"); $sall=GETPOST('sall', 'alphanohtml'); @@ -95,7 +101,7 @@ llxHeader(); $sql = "SELECT g.rowid, g.nom as name, g.entity, g.datec, COUNT(DISTINCT ugu.fk_user) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."usergroup as g"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ugu ON ugu.fk_usergroup = g.rowid"; -if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity))) +if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && ! $user->entity))) { $sql.= " WHERE g.entity IS NOT NULL"; } @@ -160,7 +166,7 @@ if ($resql) print ''; print_liste_field_titre($langs->trans("Group"),$_SERVER["PHP_SELF"],"g.nom",$param,"","",$sortfield,$sortorder); //multicompany - if(! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1) + if(! empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1) { print_liste_field_titre($langs->trans("Entity"),$_SERVER["PHP_SELF"],"g.entity",$param,"",'align="center"',$sortfield,$sortorder); } @@ -172,7 +178,7 @@ if ($resql) while ($i < $num) { $obj = $db->fetch_object($resql); - + print ''; print ''.img_object($langs->trans("ShowGroup"),"group").' '.$obj->name.''; @@ -182,7 +188,7 @@ if ($resql) } print ""; //multicompany - if (! empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1) + if (! empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) && $conf->entity == 1) { $mc->getInfo($obj->entity); print ''.$mc->label.''; diff --git a/htdocs/user/group/ldap.php b/htdocs/user/group/ldap.php index 2ced8e11d4b..6d987be85cb 100644 --- a/htdocs/user/group/ldap.php +++ b/htdocs/user/group/ldap.php @@ -1,6 +1,6 @@ - * Copyright (C) 2006-2012 Regis Houssin + * Copyright (C) 2006-2017 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -33,6 +33,12 @@ $langs->load("companies"); $langs->load("ldap"); $langs->load("users"); +// Users/Groups management only in master entity if transverse mode +if (! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) +{ + accessforbidden(); +} + $canreadperms=true; if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { @@ -98,7 +104,7 @@ $head = group_prepare_head($object); dol_fiche_head($head, 'ldap', $langs->trans("Group"), -1, 'group'); dol_banner_tab($object,'id','',$user->rights->user->user->lire || $user->admin); - + print '
'; print '
'; diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index 5262857afb2..77532de7c3e 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -3,7 +3,7 @@ * Copyright (C) 2002-2003 Jean-Louis Bergamo * Copyright (C) 2004-2010 Laurent Destailleur * Copyright (C) 2004 Eric Seigne - * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2005-2017 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,6 +38,12 @@ $confirm=GETPOST('confirm', 'alpha'); $module=GETPOST('module', 'alpha'); $rights=GETPOST('rights', 'int'); +// Users/Groups management only in master entity if transverse mode +if (! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) +{ + accessforbidden(); +} + // Defini si peux lire les permissions $canreadperms=($user->admin || $user->rights->user->user->lire); // Defini si peux modifier les permissions @@ -53,22 +59,44 @@ if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS)) if (! $canreadperms) accessforbidden(); +$object = new Usergroup($db); +$object->fetch($id); +$object->getrights(); + +$entity=$conf->entity; +if (! empty($conf->multicompany->enabled)) +{ + if (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) + $entity=(GETPOST('entity','int') ? GETPOST('entity','int') : $conf->entity); + else + $entity=(! empty($object->entity) ? $object->entity : $conf->entity); +} + +// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('groupcard','globalcard')); + /** * Actions */ -if ($action == 'addrights' && $caneditperms) -{ - $editgroup = new Usergroup($db); - $result=$editgroup->fetch($id); - if ($result > 0) $editgroup->addrights($rights, $module); -} +$parameters=array(); +$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); -if ($action == 'delrights' && $caneditperms) -{ - $editgroup = new Usergroup($db); - $result=$editgroup->fetch($id); - if ($result > 0) $editgroup->delrights($rights, $module); +if (empty($reshook)) { + if ($action == 'addrights' && $caneditperms) + { + $editgroup = new Usergroup($db); + $result=$editgroup->fetch($id); + if ($result > 0) $editgroup->addrights($rights, $module, '', $entity); + } + + if ($action == 'delrights' && $caneditperms) + { + $editgroup = new Usergroup($db); + $result=$editgroup->fetch($id); + if ($result > 0) $editgroup->delrights($rights, $module, '', $entity); + } } @@ -80,12 +108,8 @@ $form = new Form($db); llxHeader('',$langs->trans("Permissions")); -if ($id) +if ($object->id) { - $object = new Usergroup($db); - $object->fetch($id); - $object->getrights(); - /* * Affichage onglets */ @@ -127,7 +151,6 @@ if ($id) // Load all permissions if ($objMod->rights_class) { - $entity=((! empty($conf->multicompany->enabled) && ! empty($object->entity)) ? $object->entity : null); $ret=$objMod->insert_permissions(0, $entity); $modules[$objMod->rights_class]=$objMod; } @@ -140,56 +163,42 @@ if ($id) $db->commit(); // Lecture des droits groupes - $permsgroup = array(); + $permsgroupbyentity = array(); - $sql = "SELECT r.id, r.libelle, r.module "; - $sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r"; - $sql.= ", ".MAIN_DB_PREFIX."usergroup_rights as ugr"; - $sql.= " WHERE ugr.fk_id = r.id"; - if(! empty($conf->multicompany->enabled)) - { - if (empty($conf->multicompany->transverse_mode)) - { - $sql.= " AND r.entity = ".$object->entity; - } - else - { - $sql.= " AND r.entity IN (0,1)"; - } - } - else - { - $sql.= " AND r.entity IN (0,".$conf->entity.")"; - } - - $sql.= " AND ugr.fk_usergroup = ".$object->id; + $sql = "SELECT DISTINCT r.id, r.libelle, r.module, gr.entity"; + $sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r,"; + $sql.= " ".MAIN_DB_PREFIX."usergroup_rights as gr"; + $sql.= " WHERE gr.fk_id = r.id"; + $sql.= " AND gr.entity = ".$entity; + $sql.= " AND gr.fk_usergroup = ".$object->id; + dol_syslog("get user perms", LOG_DEBUG); $result=$db->query($sql); - if ($result) { - $num = $db->num_rows($result); - $i = 0; - while ($i < $num) - { - $obj = $db->fetch_object($result); - array_push($permsgroup,$obj->id); - $i++; - } - $db->free($result); + $num = $db->num_rows($result); + $i = 0; + while ($i < $num) + { + $obj = $db->fetch_object($result); + if (! isset($permsgroupbyentity[$obj->entity])) + $permsgroupbyentity[$obj->entity] = array(); + array_push($permsgroupbyentity[$obj->entity], $obj->id); + $i++; + } + $db->free($result); } else { - dol_print_error($db); + dol_print_error($db); } - - + dol_banner_tab($object,'id','',$user->rights->user->user->lire || $user->admin); - + print '
'; print '
'; - + /* * Ecran ajout/suppression permission */ @@ -214,6 +223,10 @@ if ($id) if ($user->admin) print info_admin($langs->trans("WarningOnlyPermissionOfActivatedModules")); + $parameters=array(); + $reshook=$hookmanager->executeHooks('insertExtraHeader',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks + if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + print ''; print ''; print ''; @@ -225,22 +238,7 @@ if ($id) $sql = "SELECT r.id, r.libelle, r.module"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r"; $sql.= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" - if(! empty($conf->multicompany->enabled)) - { - if (empty($conf->multicompany->transverse_mode)) - { - $sql.= " AND r.entity = ".$object->entity; - } - else - { - $sql.= " AND r.entity IN (0,1)"; - } - } - else - { - $sql.= " AND r.entity = ".$conf->entity; - } - + $sql.= " AND r.entity = " . $entity; if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql.= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable $sql.= " ORDER BY r.module, r.id"; @@ -279,9 +277,9 @@ if ($id) print ''; print ''; print ''; print ''; @@ -293,25 +291,37 @@ if ($id) // Module print ''; - if (in_array($obj->id, $permsgroup)) + if (is_array($permsgroupbyentity[$entity])) { - // Own permission by group - if ($caneditperms) - { - print ''; - } - print ''; + if (in_array($obj->id, $permsgroupbyentity[$entity])) + { + // Own permission by group + if ($caneditperms) + { + print ''; + } + print ''; + } + else + { + // Do not own permission + if ($caneditperms) + { + print ''; + } + print ''; + } } else { - // Do not own permission - if ($caneditperms) - { - print ''; - } - print ''; + // Do not own permission + if ($caneditperms) + { + print ''; + } + print ''; } $perm_libelle=($conf->global->MAIN_USE_ADVANCED_PERMS && ($langs->trans("PermissionAdvanced".$obj->id)!=("PermissionAdvanced".$obj->id))?$langs->trans("PermissionAdvanced".$obj->id):(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$langs->trans($obj->libelle))); @@ -323,9 +333,13 @@ if ($id) } } print '
'.$langs->trans("Module").''.img_object('',$picto).' '.$objMod->getName(); print ' '; - print ''.$langs->trans("All").""; + print 'module.'#'.$objMod->getName().'">'.$langs->trans("All").""; print '/'; - print ''.$langs->trans("None").""; + print 'module.'#'.$objMod->getName().'">'.$langs->trans("None").""; print ' 
'.img_object('',$picto).' '.$objMod->getName().''.img_edit_remove($langs->trans("Remove")).''; - print img_picto($langs->trans("Active"),'tick'); - print 'id.'">'.img_edit_remove($langs->trans("Remove")).''; + print img_picto($langs->trans("Active"),'tick'); + print 'id.'">'.img_edit_add($langs->trans("Add")).' '.img_edit_add($langs->trans("Add")).' id.'">'.img_edit_add($langs->trans("Add")).' 
'; - + print '
'; - + + $parameters=array(); + $reshook=$hookmanager->executeHooks('insertExtraFooter',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks + if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + dol_fiche_end(); } diff --git a/htdocs/user/hierarchy.php b/htdocs/user/hierarchy.php index 9e7f6583f6e..3e82e2b6357 100644 --- a/htdocs/user/hierarchy.php +++ b/htdocs/user/hierarchy.php @@ -73,7 +73,7 @@ $user_arbo = $userstatic->get_full_tree(0, ($search_statut != '' && $search_stat if (! is_array($user_arbo) && $user_arbo < 0) { - setEventMessages($userstatic->error, $userstatic->errors, 'warnings'); + setEventMessages($userstatic->error, $userstatic->errors, 'warnings'); } else { @@ -97,24 +97,21 @@ foreach($fulltree as $key => $val) $userstatic->admin=$val['admin']; $userstatic->entity=$val['entity']; $userstatic->photo=$val['photo']; - + $entity=$val['entity']; $entitystring=''; // TODO Set of entitystring should be done with a hook - if (is_object($mc)) + if (! empty($conf->multicompany->enabled) && is_object($mc)) { - if (! empty($conf->multicompany->enabled)) + if (empty($entity)) { - if (empty($entity)) - { - $entitystring=$langs->trans("AllEntities"); - } - else - { - $mc->getInfo($entity); - $entitystring=$mc->label; - } + $entitystring=$langs->trans("AllEntities"); + } + else + { + $mc->getInfo($entity); + $entitystring=$mc->label; } } @@ -128,7 +125,7 @@ foreach($fulltree as $key => $val) $li.=img_picto($langs->trans("Administrator"),'star'); } $li.=' ('.$val['login'].($entitystring?' - '.$entitystring:'').')'; - + $data[] = array( 'rowid'=>$val['rowid'], 'fk_menu'=>$val['fk_user'], diff --git a/htdocs/user/home.php b/htdocs/user/home.php index 66a4448491e..7c464ce2e45 100644 --- a/htdocs/user/home.php +++ b/htdocs/user/home.php @@ -100,7 +100,7 @@ $sql.= ", s.code_client"; $sql.= ", s.canvas"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON u.fk_soc = s.rowid"; -if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity))) +if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && ! $user->entity))) { $sql.= " WHERE u.entity IS NOT NULL"; } @@ -212,7 +212,7 @@ if ($canreadperms) $sql = "SELECT g.rowid, g.nom as name, g.note, g.entity, g.datec"; $sql.= " FROM ".MAIN_DB_PREFIX."usergroup as g"; - if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity))) + if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && ! $user->entity))) { $sql.= " WHERE g.entity IS NOT NULL"; } diff --git a/htdocs/user/index.php b/htdocs/user/index.php index 8333acbbb79..984479465ff 100644 --- a/htdocs/user/index.php +++ b/htdocs/user/index.php @@ -92,7 +92,7 @@ $arrayfields=array( 'u.accountancy_code'=>array('label'=>$langs->trans("AccountancyCode"), 'checked'=>0), 'u.email'=>array('label'=>$langs->trans("EMail"), 'checked'=>1), 'u.fk_soc'=>array('label'=>$langs->trans("Company"), 'checked'=>1), - 'u.entity'=>array('label'=>$langs->trans("Entity"), 'checked'=>1, 'enabled'=>(! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode))), + 'u.entity'=>array('label'=>$langs->trans("Entity"), 'checked'=>1, 'enabled'=>(! empty($conf->multicompany->enabled) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))), 'u.fk_user'=>array('label'=>$langs->trans("HierarchicalResponsible"), 'checked'=>1), 'u.datelastlogin'=>array('label'=>$langs->trans("LastConnexion"), 'checked'=>1, 'position'=>100), 'u.datepreviouslogin'=>array('label'=>$langs->trans("PreviousConnexion"), 'checked'=>0, 'position'=>110), @@ -194,7 +194,7 @@ $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user_extrafields as ef on (u.rowid = ef.fk_object)"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON u.fk_soc = s.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u2 ON u.fk_user = u2.rowid"; -if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && (! empty($conf->multicompany->transverse_mode) || (! empty($user->admin) && empty($user->entity)))) +if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) || (! empty($user->admin) && empty($user->entity)))) { $sql.= " WHERE u.entity IS NOT NULL"; } @@ -545,7 +545,7 @@ while ($i < min($num,$limit)) print ''; } // Multicompany enabled - if (! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode)) + if (! empty($conf->multicompany->enabled) && is_object($mc) && empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { if (! empty($arrayfields['u.entity']['checked'])) { @@ -556,12 +556,8 @@ while ($i < min($num,$limit)) } else { - // $mc is defined in conf.class.php if multicompany enabled. - if (is_object($mc)) - { - $mc->getInfo($obj->entity); - print $mc->label; - } + $mc->getInfo($obj->entity); + print $mc->label; } print ''; } @@ -581,7 +577,7 @@ while ($i < min($num,$limit)) $user2->photo=$obj->photo2; $user2->admin=$obj->admin2; $user2->email=$obj->email2; - $user2->societe_id=$obj->fk_soc2; + $user2->socid=$obj->fk_soc2; print $user2->getNomUrl(-1,'',0,0,24,0,''); if (! empty($conf->multicompany->enabled) && $obj->admin2 && ! $obj->entity2) { diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index b40c79f783e..5de1a3b80ac 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -3,7 +3,7 @@ * Copyright (C) 2002-2003 Jean-Louis Bergamo * Copyright (C) 2004-2015 Laurent Destailleur * Copyright (C) 2004 Eric Seigne - * Copyright (C) 2005-2015 Regis Houssin + * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify @@ -38,7 +38,6 @@ $action=GETPOST('action', 'alpha'); $confirm=GETPOST('confirm', 'alpha'); $module=GETPOST('module', 'alpha'); $rights=GETPOST('rights', 'int'); -$entity=(GETPOST('entity','int')?GETPOST('entity','int'):$conf->entity); if (! isset($id) || empty($id)) accessforbidden(); @@ -71,6 +70,15 @@ $object = new User($db); $object->fetch($id, '', '', 1); $object->getrights(); +$entity=$conf->entity; +if (! empty($conf->multicompany->enabled)) +{ + if (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) + $entity=(GETPOST('entity','int') ? GETPOST('entity','int') : $conf->entity); + else + $entity=(! empty($object->entity) ? $object->entity : $conf->entity); +} + // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('usercard','globalcard')); @@ -86,12 +94,11 @@ if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'e if (empty($reshook)) { if ($action == 'addrights' && $caneditperms) { $edituser = new User($db); - $edituser->fetch($id); - //$edituser->addrights($rights, $module, '', $entity); // TODO unused for the moment - $edituser->addrights($rights, $module); + $edituser->fetch($object->id); + $edituser->addrights($rights, $module, '', $entity); // Si on a touche a ses propres droits, on recharge - if ($id == $user->id) { + if ($object->id == $user->id) { $user->clearrights(); $user->getrights(); $menumanager->loadMenu(); @@ -100,12 +107,11 @@ if (empty($reshook)) { if ($action == 'delrights' && $caneditperms) { $edituser = new User($db); - $edituser->fetch($id); - //$edituser->delrights($rights, $module, '', $entity); // TODO unused for the moment - $edituser->delrights($rights, $module); + $edituser->fetch($object->id); + $edituser->delrights($rights, $module, '', $entity); // Si on a touche a ses propres droits, on recharge - if ($id == $user->id) { + if ($object->id == $user->id) { $user->clearrights(); $user->getrights(); $menumanager->loadMenu(); @@ -161,8 +167,7 @@ foreach($modulesdir as $dir) // Load all permissions if ($objMod->rights_class) { - $forceEntity=((! empty($conf->multicompany->enabled) && ! empty($object->entity)) ? $object->entity : null); - $ret=$objMod->insert_permissions(0, $forceEntity); + $ret=$objMod->insert_permissions(0, $entity); $modules[$objMod->rights_class]=$objMod; //print "modules[".$objMod->rights_class."]=$objMod;"; } @@ -177,22 +182,11 @@ $db->commit(); // Lecture des droits utilisateurs $permsuser = array(); -$sql = "SELECT r.id, r.libelle, r.module"; +$sql = "SELECT DISTINCT r.id, r.libelle, r.module"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r,"; $sql.= " ".MAIN_DB_PREFIX."user_rights as ur"; $sql.= " WHERE ur.fk_id = r.id"; -if (! empty($conf->multicompany->enabled)) -{ - if (1==2 && ! empty($conf->multicompany->transverse_mode)) { - $sql.= " AND r.entity = ".(GETPOST('entity','int')?GETPOST('entity','int'):$conf->entity); // TODO unused for the moment - } else { - $sql.= " AND r.entity = ".(! empty($object->entity) ? $object->entity : $conf->entity); - } -} -else -{ - $sql.= " AND r.entity = ".$conf->entity; -} +$sql.= " AND ur.entity = ".$entity; $sql.= " AND ur.fk_user = ".$object->id; dol_syslog("get user perms", LOG_DEBUG); @@ -216,18 +210,13 @@ else // Lecture des droits groupes $permsgroupbyentity = array(); -$aEntities = array(); -$sql = "SELECT r.id, r.libelle, r.module, gu.entity"; +$sql = "SELECT DISTINCT r.id, r.libelle, r.module, gu.entity"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r,"; $sql.= " ".MAIN_DB_PREFIX."usergroup_rights as gr,"; $sql.= " ".MAIN_DB_PREFIX."usergroup_user as gu"; $sql.= " WHERE gr.fk_id = r.id"; -if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) { - $sql.= " AND gu.entity IS NOT NULL"; -} else { - $sql.= " AND r.entity = ".((! empty($conf->multicompany->enabled) && ! empty($object->entity)) ? $object->entity : $conf->entity); -} +$sql.= " AND gr.entity = ".$entity; $sql.= " AND gr.fk_usergroup = gu.fk_usergroup"; $sql.= " AND gu.fk_user = ".$object->id; @@ -272,17 +261,10 @@ if ($user->admin) print info_admin($langs->trans("WarningOnlyPermissionOfActivat // Show warning about external users if (empty($user->societe_id)) print info_admin(showModulesExludedForExternal($modules))."\n"; -// For multicompany transversal mode -// TODO Place a hook here -if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) -{ - $aEntities=array_keys($permsgroupbyentity); - sort($aEntities); - $entity = (GETPOST('entity', 'int')?GETPOST('entity', 'int'):$aEntities[0]); - $head = entity_prepare_head($object, $aEntities); - $title = $langs->trans("Entities"); - dol_fiche_head($head, $entity, $title, 1, 'multicompany@multicompany'); -} +$parameters=array('permsgroupbyentity'=>$permsgroupbyentity); +$reshook=$hookmanager->executeHooks('insertExtraHeader',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + print "\n"; print ''; @@ -297,7 +279,7 @@ print ''."\n"; $sql = "SELECT r.id, r.libelle, r.module"; $sql.= " FROM ".MAIN_DB_PREFIX."rights_def as r"; $sql.= " WHERE r.libelle NOT LIKE 'tou%'"; // On ignore droits "tous" -$sql.= " AND r.entity = ".((! empty($conf->multicompany->enabled) && ! empty($object->entity)) ? $object->entity : $conf->entity); +$sql.= " AND r.entity = " . $entity; if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) $sql.= " AND r.perms NOT LIKE '%_advance'"; // Hide advanced perms if option is disable $sql.= " ORDER BY r.module, r.id"; @@ -336,9 +318,9 @@ if ($result) print ''; print ''; print ''; print ''."\n"; @@ -365,7 +347,7 @@ if ($result) { if ($caneditperms) { - print ''; + print ''; } print ''; + print ''; } print ''; } @@ -401,7 +383,7 @@ if ($result) // Do not own permission if ($caneditperms) { - print ''; + print ''; } print ''; } @@ -417,13 +399,10 @@ if ($result) else dol_print_error($db); print '
'.img_object('',$picto).' '.$objMod->getName(); print ''; - print ''.$langs->trans("All").""; + print 'module.'">'.$langs->trans("All").""; print '/'; - print ''.$langs->trans("None").""; + print 'module.'">'.$langs->trans("None").""; print ' 
'.img_edit_remove($langs->trans("Remove")).'id.'">'.img_edit_remove($langs->trans("Remove")).''; print img_picto($langs->trans("Active"),'tick'); @@ -391,7 +373,7 @@ if ($result) // Do not own permission if ($caneditperms) { - print ''.img_edit_add($langs->trans("Add")).'id.'">'.img_edit_add($langs->trans("Add")).' '.img_edit_add($langs->trans("Add")).'id.'">'.img_edit_add($langs->trans("Add")).' 
'; +$parameters=array(); +$reshook=$hookmanager->executeHooks('insertExtraFooter',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); -// For multicompany transversal mode -// TODO Place a hook here -if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) -{ - dol_fiche_end(); -} dol_fiche_end(); diff --git a/htdocs/webservices/server_user.php b/htdocs/webservices/server_user.php index c4d8ce08724..3de5ef815c9 100644 --- a/htdocs/webservices/server_user.php +++ b/htdocs/webservices/server_user.php @@ -416,7 +416,7 @@ function getListOfGroups($authentication) $sql = "SELECT g.rowid, g.nom as name, g.entity, g.datec, COUNT(DISTINCT ugu.fk_user) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."usergroup as g"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ugu ON ugu.fk_usergroup = g.rowid"; - if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity))) + if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($user->admin && ! $user->entity))) { $sql.= " WHERE g.entity IS NOT NULL"; }