diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 0a88e17eb02..143546fbe06 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -682,7 +682,7 @@ class User extends CommonObject 'member' => 'adherent', // We must check $user->rights->adherent... 'mo' => 'mrp', 'order' => 'commande', - 'product' => 'produit', // We must check $user->rights->produit... + //'product' => 'produit', // We must check $user->rights->produit... 'project' => 'projet', 'shipping' => 'expedition', 'task' => 'task@projet', @@ -695,14 +695,24 @@ class User extends CommonObject 'job@hrm' => 'all@hrm', // skill / job / position objects rights are for the moment grouped into right level "all" 'position@hrm' => 'all@hrm' // skill / job / position objects rights are for the moment grouped into right level "all" ); + if (!empty($moduletomoduletouse[$module])) { $module = $moduletomoduletouse[$module]; } + $moduleRightsMapping = array( + 'product' => 'produit', // We must check $user->rights->produit... + ); + + $rightsPath = $module; + if (!empty($moduleRightsMapping[$rightsPath])) { + $rightsPath = $moduleRightsMapping[$rightsPath]; + } + // If module is abc@module, we check permission user->rights->module->abc->permlevel1 - $tmp = explode('@', $module, 2); + $tmp = explode('@', $rightsPath, 2); if (! empty($tmp[1])) { - $module = $tmp[1]; + $rightsPath = $tmp[1]; $permlevel2 = $permlevel1; $permlevel1 = $tmp[0]; } @@ -722,50 +732,50 @@ class User extends CommonObject } if ($permlevel1 == 'recruitmentcandidature') { $permlevel1 = 'recruitmentjobposition'; - } - - //var_dump($module.' '.$permlevel1.' '.$permlevel2); - if (empty($module) || empty($this->rights) || empty($this->rights->$module) || empty($permlevel1)) { + } + //var_dump($module.' '.$permlevel1.' '.$permlevel2. ' '. $rightsPath); + //var_dump($this->rights); + if (empty($rightsPath) || empty($this->rights) || empty($this->rights->$rightsPath) || empty($permlevel1)) { return 0; } - + if ($permlevel2) { - if (!empty($this->rights->$module->$permlevel1)) { - if (!empty($this->rights->$module->$permlevel1->$permlevel2)) { - return $this->rights->$module->$permlevel1->$permlevel2; + if (!empty($this->rights->$rightsPath->$permlevel1)) { + if (!empty($this->rights->$rightsPath->$permlevel1->$permlevel2)) { + return $this->rights->$rightsPath->$permlevel1->$permlevel2; } // For backward compatibility with old permissions called "lire", "creer", "create", "supprimer" // instead of "read", "write", "delete" - if ($permlevel2 == 'read' && !empty($this->rights->$module->$permlevel1->lire)) { - return $this->rights->$module->lire; + if ($permlevel2 == 'read' && !empty($this->rights->$rightsPath->$permlevel1->lire)) { + return $this->rights->$rightsPath->lire; } - if ($permlevel2 == 'write' && !empty($this->rights->$module->$permlevel1->creer)) { - return $this->rights->$module->create; + if ($permlevel2 == 'write' && !empty($this->rights->$rightsPath->$permlevel1->creer)) { + return $this->rights->$rightsPath->create; } - if ($permlevel2 == 'write' && !empty($this->rights->$module->$permlevel1->create)) { - return $this->rights->$module->create; + if ($permlevel2 == 'write' && !empty($this->rights->$rightsPath->$permlevel1->create)) { + return $this->rights->$rightsPath->create; } - if ($permlevel2 == 'delete' && !empty($this->rights->$module->$permlevel1->supprimer)) { - return $this->rights->$module->supprimer; + if ($permlevel2 == 'delete' && !empty($this->rights->$rightsPath->$permlevel1->supprimer)) { + return $this->rights->$rightsPath->supprimer; } } } else { - if (!empty($this->rights->$module->$permlevel1)) { - return $this->rights->$module->$permlevel1; + if (!empty($this->rights->$rightsPath->$permlevel1)) { + return $this->rights->$rightsPath->$permlevel1; } // For backward compatibility with old permissions called "lire", "creer", "create", "supprimer" // instead of "read", "write", "delete" - if ($permlevel1 == 'read' && !empty($this->rights->$module->lire)) { - return $this->rights->$module->lire; + if ($permlevel1 == 'read' && !empty($this->rights->$rightsPath->lire)) { + return $this->rights->$rightsPath->lire; } - if ($permlevel1 == 'write' && !empty($this->rights->$module->creer)) { - return $this->rights->$module->create; + if ($permlevel1 == 'write' && !empty($this->rights->$rightsPath->creer)) { + return $this->rights->$rightsPath->create; } - if ($permlevel1 == 'write' && !empty($this->rights->$module->create)) { - return $this->rights->$module->create; + if ($permlevel1 == 'write' && !empty($this->rights->$rightsPath->create)) { + return $this->rights->$rightsPath->create; } - if ($permlevel1 == 'delete' && !empty($this->rights->$module->supprimer)) { - return $this->rights->$module->supprimer; + if ($permlevel1 == 'delete' && !empty($this->rights->$rightsPath->supprimer)) { + return $this->rights->$rightsPath->supprimer; } } diff --git a/test/phpunit/UserTest.php b/test/phpunit/UserTest.php index 699e9fd89f0..9f106e6e207 100644 --- a/test/phpunit/UserTest.php +++ b/test/phpunit/UserTest.php @@ -78,7 +78,7 @@ class UserTest extends PHPUnit\Framework\TestCase * * @return void */ - public static function setUpBeforeClass() + public static function setUpBeforeClass() { global $conf,$user,$langs,$db; @@ -125,7 +125,7 @@ class UserTest extends PHPUnit\Framework\TestCase * * @return void */ - protected function tearDown() + protected function tearDown() { print __METHOD__."\n"; } @@ -261,6 +261,38 @@ class UserTest extends PHPUnit\Framework\TestCase return $localobject; } + /** + * testUserHasRight + * + * @param User $localobject User + * @return void + */ + + public function testUserHasRight() + { + global $conf,$user,$langs,$db; + $conf=$this->savconf; + $user=$this->savuser; + $langs=$this->savlangs; + $db=$this->savdb; + + /*$result=$localobject->setstatus(0); + print __METHOD__." id=".$localobject->id." result=".$result."\n"; + $this->assertLessThan($result, 0); + */ + + print __METHOD__." id=". $user->id ."\n"; + //$this->assertNotEquals($user->date_creation, ''); + $user->addrights(0, 'supplier_proposal'); + + $this->assertEquals($user->hasRight('member', ''), 0); + $this->assertEquals($user->hasRight('member', 'member'), 0);$this->assertEquals($user->hasRight('product', 'member', 'read'), 0); + $this->assertEquals($user->hasRight('member', 'member'), 0);$this->assertEquals($user->hasRight('produit', 'member', 'read'), 0); + $user->clearrights(); + //print __METHOD__. $user->hasRight('module', 'level11'); + return $user; + } + /** * testUserSetPassword *