From 9ad9d7c4937b46158570f1c366ec72369dffd2a5 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 29 Oct 2010 05:38:33 +0000 Subject: [PATCH] New: Task #10725 --- htdocs/includes/modules/modUser.class.php | 12 ++++++-- htdocs/langs/en_US/admin.lang | 7 +++-- htdocs/langs/fr_FR/admin.lang | 7 +++-- htdocs/lib/usergroups.lib.php | 35 +++++++++++++++-------- 4 files changed, 41 insertions(+), 20 deletions(-) diff --git a/htdocs/includes/modules/modUser.class.php b/htdocs/includes/modules/modUser.class.php index c097f522edf..ee43307961d 100644 --- a/htdocs/includes/modules/modUser.class.php +++ b/htdocs/includes/modules/modUser.class.php @@ -127,6 +127,14 @@ class modUser extends DolibarrModules $r++; $this->rights[$r][0] = 256; + $this->rights[$r][1] = 'Consulter ses propres permissions'; + $this->rights[$r][2] = 'r'; + $this->rights[$r][3] = 1; + $this->rights[$r][4] = 'self'; + $this->rights[$r][5] = 'readperms'; + + $r++; + $this->rights[$r][0] = 257; $this->rights[$r][1] = 'Creer/modifier ses propres infos utilisateur'; $this->rights[$r][2] = 'w'; $this->rights[$r][3] = 1; @@ -134,7 +142,7 @@ class modUser extends DolibarrModules $this->rights[$r][5] = 'creer'; $r++; - $this->rights[$r][0] = 257; + $this->rights[$r][0] = 258; $this->rights[$r][1] = 'Modifier son propre mot de passe'; $this->rights[$r][2] = 'w'; $this->rights[$r][3] = 1; @@ -142,7 +150,7 @@ class modUser extends DolibarrModules $this->rights[$r][5] = 'password'; $r++; - $this->rights[$r][0] = 258; + $this->rights[$r][0] = 259; $this->rights[$r][1] = 'Modifier ses propres permissions'; $this->rights[$r][2] = 'w'; $this->rights[$r][3] = 1; diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index a61102a2f49..00c5ad2daf8 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -517,9 +517,10 @@ Permission252=Read permissions of other users Permission253=Create/modify other users and permissions Permission254=Modify other users password Permission255=Delete or disable other users -Permission256=Create/modify his own user information -Permission257=Modify his own password -Permission258=Modify its own permissions +Permission256=Read its own permissions +Permission257=Create/modify his own user information +Permission258=Modify his own password +Permission259=Modify its own permissions Permission262=Extend access to all third parties (not only those linked to user). Not effective for external users (always limited to themselves). Permission271=Read CA Permission272=Read invoices diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index 248acfcfdce..d07bf4d9b44 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -519,9 +519,10 @@ Permission252= Consulter les permissions des autres utilisateurs Permission253= Créer/modifier les autres utilisateurs et leurs permissions Permission254= Modifier le mot de passe des autres utilisateurs Permission255= Supprimer ou désactiver les autres utilisateurs -Permission256= Créer/modifier ses propres infos utilisateur -Permission257= Modifier son propre mot de passe -Permission258= Modifier ses propres permissions +Permission256= Consulter ses propres permissions +Permission257= Créer/modifier ses propres infos utilisateur +Permission258= Modifier son propre mot de passe +Permission259= Modifier ses propres permissions Permission262= Étendre l'accès à tous les tiers (Pas seulement ceux liés à l'utilisateur). Non effectif pour utilisateurs externes (toujours limité à eux-même). Permission271= Consulter le CA Permission272= Consulter les factures diff --git a/htdocs/lib/usergroups.lib.php b/htdocs/lib/usergroups.lib.php index f72a193d990..871b147c6fd 100644 --- a/htdocs/lib/usergroups.lib.php +++ b/htdocs/lib/usergroups.lib.php @@ -26,8 +26,11 @@ */ function user_prepare_head($object) { - global $langs, $conf; + global $langs, $conf, $user; + $langs->load("users"); + + $canreadperms=($user->admin || ($user->id != $object->id && $user->user->user->readperms) || ($user->id == $object->id && $user->user->self->readperms)); $h = 0; $head = array(); @@ -45,11 +48,14 @@ function user_prepare_head($object) $head[$h][2] = 'ldap'; $h++; } - - $head[$h][0] = DOL_URL_ROOT.'/user/perms.php?id='.$object->id; - $head[$h][1] = $langs->trans("UserRights"); - $head[$h][2] = 'rights'; - $h++; + + if ($canreadperms) + { + $head[$h][0] = DOL_URL_ROOT.'/user/perms.php?id='.$object->id; + $head[$h][1] = $langs->trans("UserRights"); + $head[$h][2] = 'rights'; + $h++; + } $head[$h][0] = DOL_URL_ROOT.'/user/param_ihm.php?id='.$object->id; $head[$h][1] = $langs->trans("UserGUISetup"); @@ -97,7 +103,9 @@ function user_prepare_head($object) function group_prepare_head($object) { - global $langs, $conf; + global $langs, $conf, $user; + + $canreadperms=($user->admin || $user->user->group->readperms); $h = 0; $head = array(); @@ -115,11 +123,14 @@ function group_prepare_head($object) $head[$h][2] = 'ldap'; $h++; } - - $head[$h][0] = DOL_URL_ROOT.'/user/group/perms.php?id='.$object->id; - $head[$h][1] = $langs->trans("GroupRights"); - $head[$h][2] = 'rights'; - $h++; + + if ($canreadperms) + { + $head[$h][0] = DOL_URL_ROOT.'/user/group/perms.php?id='.$object->id; + $head[$h][1] = $langs->trans("GroupRights"); + $head[$h][2] = 'rights'; + $h++; + } // Show more tabs from modules // Entries must be declared in modules descriptor with line