diff --git a/htdocs/core/lib/modulebuilder.lib.php b/htdocs/core/lib/modulebuilder.lib.php index d94f2071134..5f8b34442db 100644 --- a/htdocs/core/lib/modulebuilder.lib.php +++ b/htdocs/core/lib/modulebuilder.lib.php @@ -418,68 +418,83 @@ function rebuildObjectSql($destdir, $module, $objectname, $newmask, $readdir = ' } /** - * Rewriting all permissions after updating file + * delete all permissions * @param string $file file with path - * @param string $objectname name of the permission object - * @param string $right permission of object - * @param string $rightUpdated permission of object updated - * @param int $action 0 for delete, 1 for add, 2 fo update * @return void */ -function rewritingAllPermissions($file, $objectname, $right, $rightUpdated, $action) +function deletePerms($file) { - global $langs; $start = "/* BEGIN MODULEBUILDER PERMISSIONS */"; $end = "/* END MODULEBUILDER PERMISSIONS */"; - $perms_after_action = ''; - $error = 0; - if (empty($right)) { - $error++; + $i = 1; + $array = array(); + $lines = file($file); + // Search for start and end lines + foreach ($lines as $i => $line) { + if (strpos($line, $start) !== false) { + $start_line = $i + 1; + + // Copy lines until the end on array + while (($line = $lines[++$i]) !== false) { + if (strpos($line, $end) !== false) { + $end_line = $i + 1; + break; + } + $array[] = $line; + } + break; + } } - if ($action == 2 && empty($rightUpdated)) { + $allContent = implode("", $array); + dolReplaceInFile($file, array($allContent => '')); +} + +/** + * Rewriting all permissions after any actions + * @param string $file filename or path + * @param array $permissions permissions existing in file + * @param int|null $key key for permission needed + * @param array|null $right $right to update or add + * @param int $action 0 for delete, 1 for add, 2 for update + * @return int 1 if OK,-1 if KO + */ +function reWriteAllPermissions($file, $permissions, $key, $right, $action) +{ + $error = 0; + $rights = array(); + if ($action == 0) { + // delete right from permissions array + array_splice($permissions, array_search($permissions[$key], $permissions), 1); + } elseif ($action == 1) { + array_push($permissions, $right); + } elseif ($action == 2 && !empty($right)) { + // update right from permissions array + array_splice($permissions, array_search($permissions[$key], $permissions), 1, $right); + } else { $error++; } if (!$error) { - // Open the file and read line by line - $handle = fopen($file, "r"); - $i = 1; - $lines = array(); - - while (($line = fgets($handle)) !== false) { - //search line begin - if (strpos($line, $start) !== false) { - $start_line = $i; - - // Copy lines until the end on array - while (($line = fgets($handle)) !== false) { - if (strpos($line, $end) !== false) { - $end_line = $i; - break; - } - $lines[] = $line; - $i++; - } - break; - } - $i++; + // prepare permissions array + $count_perms = count($permissions); + for ($i = 0;$i<$count_perms;$i++) { + $permissions[$i][0] = "\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1)"; + $permissions[$i][1] = "\$this->rights[\$r][1] = '".$permissions[$i][1]."'"; + $permissions[$i][4] = "\$this->rights[\$r][4] = '".$permissions[$i][4]."'"; + $permissions[$i][5] = "\$this->rights[\$r][5] = '".$permissions[$i][5]."';\n\t\t"; } - $allContent = implode("", $lines); - if (str_contains($allContent, $right)) { - if ($action == 0) { - $perms_after_action = str_replace($right, "\n\t\t", $allContent); - if (!str_contains($perms_after_action, $objectname)) { - $perms_after_action = str_replace(['/*'.strtoupper($objectname).'*/','/*END '.strtoupper($objectname).'*/'], "", $perms_after_action); - } - } - if ($action == 2) { - $perms_after_action = str_replace($right, $rightUpdated."\n\t\t", $allContent); - } - if ($action == 1 && !empty($right)) { - $perms_after_action = str_replace("", $right, $allContent); - } - dolReplaceInFile($file, array($allContent => '')); - dolReplaceInFile($file, array('/* BEGIN MODULEBUILDER PERMISSIONS */' => '/* BEGIN MODULEBUILDER PERMISSIONS */'."\n".$perms_after_action)); + + //convert to string + foreach ($permissions as $perms) { + $rights[] = implode(";\n\t\t", $perms); + $rights[] = "\$r++;\n\t\t"; } - fclose($handle); + $rights_str = implode("", $rights); + // delete all permission from file + deletePerms($file); + // rewrite all permission again + dolReplaceInFile($file, array('/* BEGIN MODULEBUILDER PERMISSIONS */' => '/* BEGIN MODULEBUILDER PERMISSIONS */'."\n\t\t".$rights_str)); + return 1; + } else { + return -1; } } diff --git a/htdocs/modulebuilder/index.php b/htdocs/modulebuilder/index.php index 9a5aff0e8d6..0ede69fae56 100644 --- a/htdocs/modulebuilder/index.php +++ b/htdocs/modulebuilder/index.php @@ -2146,6 +2146,7 @@ if ($dirins && $action == 'addright' && !empty($module) && empty($cancel)) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Rights")), null, 'errors'); } + $id = GETPOST('id', 'alpha'); $label = GETPOST('label', 'alpha'); $objectForPerms = strtolower(GETPOST('permissionObj', 'alpha')); $crud = GETPOST('crud', 'alpha'); @@ -2168,8 +2169,6 @@ if ($dirins && $action == 'addright' && !empty($module) && empty($cancel)) { $counter = 0; $permsForObject =array(); $permissions = $moduleobj->rights; - $firstRight = 0; - $existRight = 0; $allObject = array(); $countPerms = count($permissions); @@ -2188,55 +2187,34 @@ if ($dirins && $action == 'addright' && !empty($module) && empty($cancel)) { $countPermsObj = count($permsForObject); for ($j = 0; $j<$countPermsObj; $j++) { if (in_array($label, $permsForObject[$j])) { - $existRight++; + $error++; setEventMessages($langs->trans("ErrorExistingPermission", $langs->transnoentities($label), $langs->transnoentities($objectForPerms)), null, 'errors'); } } - // if not found permission for the object - if (!in_array($objectForPerms, array_unique($allObject))) { - $firstRight++; - $existRight++; - } + if (!$error) { + $key = $countPerms + 1; + //prepare right to add + $rightToAdd = [ + 0=> $id, + 1=>$label, + 4=>$objectForPerms, + 5=>$crud + ]; + + $moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php'; + //rewriting all permissions after add a right + reWriteAllPermissions($moduledescriptorfile, $permissions, $key, $rightToAdd, 1); + setEventMessages($langs->trans('PermissionAddedSuccesfuly'), null); + if (isModEnabled(strtolower($module))) { $result = unActivateModule(strtolower($module)); dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity); if ($result) { setEventMessages($result, null, 'errors'); } - header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module); setEventMessages($langs->trans('WarningModuleNeedRefrech', $langs->transnoentities($module)), null, 'warnings'); } - //prepare stirng to add - $rightToAdd = " - \$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1); - \$this->rights[\$r][1] = '$label'; - \$this->rights[\$r][4] = '$objectForPerms'; - \$this->rights[\$r][5] = '$crud'; - \$r++; - "; - $moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php'; - - //var_dump($existRight.' '.$firstRight);exit; - if (!$existRight) { - dolReplaceInFile($moduledescriptorfile, array('/*END '.strtoupper($objectForPerms).'*/' => $rightToAdd.'/*END '.strtoupper($objectForPerms).'*/')); - setEventMessages($langs->trans('PermissionAddedSuccesfuly'), null); - } - if ($firstRight > 0) { - $filecontentbefore = file_get_contents($moduledescriptorfile); - - $result = dolReplaceInFile($moduledescriptorfile, array('/* END MODULEBUILDER PERMISSIONS */' => '/*'.strtoupper($objectForPerms).'*/'.$rightToAdd."/*END ".strtoupper($objectForPerms).'*/'."\n\t\t".'/* END MODULEBUILDER PERMISSIONS */')); - - $filecontentafter = file_get_contents($moduledescriptorfile); - - if ($filecontentbefore != $filecontentafter) { - setEventMessages($langs->trans('PermissionAddedSuccesfuly'), null); - } else { - setEventMessages($langs->trans('FailedToAddCodeIntoDescriptor', 'END MODULEBUILDER PERMISSIONS'), null, 'warnings'); - } - } - - rewritingAllPermissions($moduledescriptorfile, $objectForPerms, $right, '', 1); } clearstatcache(true); @@ -2293,11 +2271,11 @@ if ($dirins && GETPOST('action') == 'update_right' && GETPOST('modifyright')&& e } $permissions = $moduleobj->rights; - $r =(int) GETPOST('counter'); + $key =(int) GETPOST('counter')-1; //get permission want to delete from permissions array - $x1 = $permissions[$r-1][1]; - $x2 = $permissions[$r-1][4]; - $x3 = $permissions[$r-1][5]; + $x1 = $permissions[$key][1]; + $x2 = $permissions[$key][4]; + $x3 = $permissions[$key][5]; //check existing object permission $counter = 0; $permsForObject =array(); @@ -2327,24 +2305,6 @@ if ($dirins && GETPOST('action') == 'update_right' && GETPOST('modifyright')&& e } } - // TODO ALI Update of permission must be done by rewriting completely the permission section - //prepare right want to delete - $right = " - \$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1); - \$this->rights[\$r][1] = '$x1'; - \$this->rights[\$r][4] = '$x2'; - \$this->rights[\$r][5] = '$x3'; - \$r++; - "; - // right after editing - $rightUpdated = " - \$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1); - \$this->rights[\$r][1] = '$label'; - \$this->rights[\$r][4] = '$objectForPerms'; - \$this->rights[\$r][5] = '$crud'; - \$r++; - "; - if (!$error) { if (isModEnabled(strtolower($module))) { $result = unActivateModule(strtolower($module)); @@ -2352,13 +2312,12 @@ if ($dirins && GETPOST('action') == 'update_right' && GETPOST('modifyright')&& e if ($result) { setEventMessages($result, null, 'errors'); } - header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module); setEventMessages($langs->trans('WarningModuleNeedRefrech', $langs->transnoentities($module)), null, 'warnings'); } $moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php'; - - rewritingAllPermissions($moduledescriptorfile, $x2, $right, $rightUpdated, 2); + // rewriting all permissions after update permission needed + reWriteAllPermissions($moduledescriptorfile, $permissions, $key, $rightUpdated, 2); setEventMessages($langs->trans('PermissionUpdatedSuccesfuly'), null); @@ -2389,27 +2348,13 @@ if ($dirins && $action == 'confirm_deleteright' && !empty($module) && GETPOST('p $permissions = $moduleobj->rights; $key = (int) GETPOST('permskey', 'int')-1; - //get permission want to delete from permissions array - $x1 = $permissions[$key][1]; - $x2 = $permissions[$key][4]; - $x3 = $permissions[$key][5]; - //prepare right want to delete - $rightTodelete = " - \$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1); - \$this->rights[\$r][1] = '$x1'; - \$this->rights[\$r][4] = '$x2'; - \$this->rights[\$r][5] = '$x3'; - \$r++; - "; - - $moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php'; - //reriting all permissions - rewritingAllPermissions($moduledescriptorfile, $x2, $rightTodelete, '', 0); - - - if (!$error) { + $moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php'; + + // rewriting all permissions + reWriteAllPermissions($moduledescriptorfile, $permissions, $key, '', 0); + // check if module is enabled if (isModEnabled(strtolower($module))) { $result = unActivateModule(strtolower($module));