From 7f780fcb57fac451874945d65d5b79c095689bae Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 8 Apr 2024 11:53:49 +0200
Subject: [PATCH] It seems constant are for storing data only and used for
 DolibarrModules.class.php file only (main code shoud only use ->hasRight), so
 i try to move them.

---
 htdocs/core/modules/DolibarrModules.class.php |  41 +++--
 htdocs/core/modules/modUser.class.php         | 150 +++++++++---------
 htdocs/user/class/user.class.php              |  15 --
 3 files changed, 100 insertions(+), 106 deletions(-)

diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php
index 9a2f6e5ff7a..0217a82d7f2 100644
--- a/htdocs/core/modules/DolibarrModules.class.php
+++ b/htdocs/core/modules/DolibarrModules.class.php
@@ -138,6 +138,15 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it
 	 */
 	public $rights_class;
 
+	const KEY_ID = 0;
+	const KEY_LABEL = 1;
+	const KEY_TYPE = 2;	// deprecated
+	const KEY_DEFAULT = 3;
+	const KEY_FIRST_LEVEL = 4;
+	const KEY_SECOND_LEVEL = 5;
+	const KEY_MODULE = 6;
+	const KEY_ENABLED = 7;
+
 	/**
 	 * @var array|int 	Module menu entries (1 means the menu entries are not declared into module descriptor but are hardcoded into menu manager)
 	 */
@@ -1899,24 +1908,24 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it
 				include_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
 
 				// TODO rights parameters with integer indexes are deprecated
-				// $this->rights[$key][0] = $this->rights[$key][Rights::KEY_ID]
-				// $this->rights[$key][1] = $this->rights[$key][Rights::KEY_LABEL]
-				// $this->rights[$key][3] = $this->rights[$key][Rights::KEY_DEFAULT]
-				// $this->rights[$key][4] = $this->rights[$key][Rights::KEY_FIRST_LEVEL]
-				// $this->rights[$key][5] = $this->rights[$key][Rights::KEY_SECOND_LEVEL]
+				// $this->rights[$key][0] = $this->rights[$key][self::KEY_ID]
+				// $this->rights[$key][1] = $this->rights[$key][self::KEY_LABEL]
+				// $this->rights[$key][3] = $this->rights[$key][self::KEY_DEFAULT]
+				// $this->rights[$key][4] = $this->rights[$key][self::KEY_FIRST_LEVEL]
+				// $this->rights[$key][5] = $this->rights[$key][self::KEY_SECOND_LEVEL]
 
 				// new parameters
-				// $this->rights[$key][Rights::KEY_MODULE]	// possibility to define user right for an another module (default: current module name)
-				// $this->rights[$key][Rights::KEY_ENABLED]	// condition to show or hide a user right (default: 1) (eg isModEnabled('anothermodule'))
+				// $this->rights[$key][self::KEY_MODULE]	// possibility to define user right for an another module (default: current module name)
+				// $this->rights[$key][self::KEY_ENABLED]	// condition to show or hide a user right (default: 1) (eg isModEnabled('anothermodule'))
 
 				// If the module is active
 				foreach ($this->rights as $key => $value) {
-					$r_id = $this->rights[$key][Rights::KEY_ID];	// permission id in llx_rights_def (not unique because primary key is couple id-entity)
-					$r_label = $this->rights[$key][Rights::KEY_LABEL];
-					$r_type	= $this->rights[$key][Rights::KEY_TYPE] ?? 'w';	// TODO deprecated
-					$r_default = $this->rights[$key][Rights::KEY_DEFAULT] ?? 0;
-					$r_perms = $this->rights[$key][Rights::KEY_FIRST_LEVEL] ?? '';
-					$r_subperms = $this->rights[$key][Rights::KEY_SECOND_LEVEL] ?? '';
+					$r_id = $this->rights[$key][self::KEY_ID];	// permission id in llx_rights_def (not unique because primary key is couple id-entity)
+					$r_label = $this->rights[$key][self::KEY_LABEL];
+					$r_type	= $this->rights[$key][self::KEY_TYPE] ?? 'w';	// TODO deprecated
+					$r_default = $this->rights[$key][self::KEY_DEFAULT] ?? 0;
+					$r_perms = $this->rights[$key][self::KEY_FIRST_LEVEL] ?? '';
+					$r_subperms = $this->rights[$key][self::KEY_SECOND_LEVEL] ?? '';
 
 					// KEY_FIRST_LEVEL (perms) must not be empty
 					if (empty($r_perms)) {
@@ -1929,15 +1938,15 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it
 					// name of the module from which the right comes (default: empty means same module the permission is for)
 					$r_module_origin = '';
 
-					if (isset($this->rights[$key][Rights::KEY_MODULE])) {
+					if (isset($this->rights[$key][self::KEY_MODULE])) {
 						// name of the module to which the right must be applied
-						$r_module = $this->rights[$key][Rights::KEY_MODULE];
+						$r_module = $this->rights[$key][self::KEY_MODULE];
 						// name of the module from which the right comes
 						$r_module_origin = (empty($this->rights_class) ? strtolower($this->name) : $this->rights_class);
 					}
 
 					// condition to show or hide a user right (default: 1) (eg isModEnabled('anothermodule') or ($conf->global->MAIN_FEATURES_LEVEL > 0) or etc..)
-					$r_enabled	= $this->rights[$key][Rights::KEY_ENABLED] ?? '1';
+					$r_enabled	= $this->rights[$key][self::KEY_ENABLED] ?? '1';
 
 					// Search if perm already present
 					$sql = "SELECT count(*) as nb FROM ".MAIN_DB_PREFIX."rights_def";
diff --git a/htdocs/core/modules/modUser.class.php b/htdocs/core/modules/modUser.class.php
index fe2e187601f..002b3ceb2be 100644
--- a/htdocs/core/modules/modUser.class.php
+++ b/htdocs/core/modules/modUser.class.php
@@ -89,109 +89,109 @@ class modUser extends DolibarrModules
 		$r = 0;
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 251;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Read information of other users, groups and permissions';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'user';
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'lire';
+		$this->rights[$r][self::KEY_ID] = 251;
+		$this->rights[$r][self::KEY_LABEL] = 'Read information of other users, groups and permissions';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'user';
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'lire';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 252;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Read permissions of other users';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'user_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'readperms';
+		$this->rights[$r][self::KEY_ID] = 252;
+		$this->rights[$r][self::KEY_LABEL] = 'Read permissions of other users';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'user_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'readperms';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 253;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Create/modify internal and external users, groups and permissions';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'user';
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'creer';
+		$this->rights[$r][self::KEY_ID] = 253;
+		$this->rights[$r][self::KEY_LABEL] = 'Create/modify internal and external users, groups and permissions';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'user';
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'creer';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 254;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Create/modify external users only';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'user_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'write';
+		$this->rights[$r][self::KEY_ID] = 254;
+		$this->rights[$r][self::KEY_LABEL] = 'Create/modify external users only';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'user_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'write';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 255;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Modify the password of other users';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'user';
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'password';
+		$this->rights[$r][self::KEY_ID] = 255;
+		$this->rights[$r][self::KEY_LABEL] = 'Modify the password of other users';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'user';
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'password';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 256;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Delete or disable other users';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'user';
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'supprimer';
+		$this->rights[$r][self::KEY_ID] = 256;
+		$this->rights[$r][self::KEY_LABEL] = 'Delete or disable other users';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'user';
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'supprimer';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 341;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Read its own permissions';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'self_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'readperms';
+		$this->rights[$r][self::KEY_ID] = 341;
+		$this->rights[$r][self::KEY_LABEL] = 'Read its own permissions';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'self_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'readperms';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 342;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Create/modify of its own user';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'self';
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'creer';
+		$this->rights[$r][self::KEY_ID] = 342;
+		$this->rights[$r][self::KEY_LABEL] = 'Create/modify of its own user';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'self';
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'creer';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 343;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Modify its own password';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'self';
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'password';
+		$this->rights[$r][self::KEY_ID] = 343;
+		$this->rights[$r][self::KEY_LABEL] = 'Modify its own password';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'self';
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'password';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 344;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Modify its own permissions';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'self_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'writeperms';
+		$this->rights[$r][self::KEY_ID] = 344;
+		$this->rights[$r][self::KEY_LABEL] = 'Modify its own permissions';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'self_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'writeperms';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 351;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Read groups';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'read';
+		$this->rights[$r][self::KEY_ID] = 351;
+		$this->rights[$r][self::KEY_LABEL] = 'Read groups';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'read';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 352;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Read permissions of groups';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'readperms';
+		$this->rights[$r][self::KEY_ID] = 352;
+		$this->rights[$r][self::KEY_LABEL] = 'Read permissions of groups';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'readperms';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 353;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Create/modify groups and permissions';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'write';
+		$this->rights[$r][self::KEY_ID] = 353;
+		$this->rights[$r][self::KEY_LABEL] = 'Create/modify groups and permissions';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'write';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 354;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Delete groups';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'delete';
+		$this->rights[$r][self::KEY_ID] = 354;
+		$this->rights[$r][self::KEY_LABEL] = 'Delete groups';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'group_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'delete';
 
 		$r++;
-		$this->rights[$r][Rights::KEY_ID] = 358;
-		$this->rights[$r][Rights::KEY_LABEL] = 'Export all users';
-		$this->rights[$r][Rights::KEY_DEFAULT] = 0;
-		$this->rights[$r][Rights::KEY_FIRST_LEVEL] = 'user';
-		$this->rights[$r][Rights::KEY_SECOND_LEVEL] = 'export';
+		$this->rights[$r][self::KEY_ID] = 358;
+		$this->rights[$r][self::KEY_LABEL] = 'Export all users';
+		$this->rights[$r][self::KEY_DEFAULT] = 0;
+		$this->rights[$r][self::KEY_FIRST_LEVEL] = 'user';
+		$this->rights[$r][self::KEY_SECOND_LEVEL] = 'export';
 
 
 		// Menus
diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index aeb3d64d89f..ae0a362bf23 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -4176,18 +4176,3 @@ class User extends CommonObject
 		return $this->findUserIdByEmailCache[$email];
 	}
 }
-
-/**
- *	Class to manage Dolibarr users rights
- */
-class Rights
-{
-	const KEY_ID = 0;
-	const KEY_LABEL = 1;
-	const KEY_TYPE = 2;	// deprecated
-	const KEY_DEFAULT = 3;
-	const KEY_FIRST_LEVEL = 4;
-	const KEY_SECOND_LEVEL = 5;
-	const KEY_MODULE = 6;
-	const KEY_ENABLED = 7;
-}