noalyss Version-9
NOALYSS : serveur de comptabilité et ERP (2002)
Loading...
Searching...
No Matches
param_sec.inc.php
Go to the documentation of this file.
1<?php
2/*
3 * This file is part of NOALYSS.
4 *
5 * NOALYSS is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * NOALYSS is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with NOALYSS; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18*/
19// Copyright Author Dany De Bontridder danydb@aevalys.eu
20
21
22/*! \file
23 * \brief Set the security for an user
24 */
25if ( ! defined ('ALLOWED') ) die('Appel direct ne sont pas permis');
26require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
27
29
30$gDossier=dossier::id();
31$str_dossier=dossier::get();
32
33/* Admin. Dossier */
34$cn=Dossier::connect();
35global $g_user;
36$g_user->Check();
37$g_user->check_dossier($gDossier);
38
39require_once NOALYSS_INCLUDE.'/lib/user_menu.php';
40
41/////////////////////////////////////////////////////////////////////////
42// List users
43/////////////////////////////////////////////////////////////////////////
44if ( ! isset($_REQUEST['action']))
45{
46 $base_url=NOALYSS_URL."/do.php?".http_build_query(array("ac"=>$http->request("ac"),"gDossier"=>dossier::id()));
47
48 echo '<DIV class="content" >';
49 $header=new Sort_Table();
50 $header->add(_('Login'),$base_url,"order by use_login asc","order by use_login desc",'la','ld');
51 $header->add(_('Nom'),$base_url,"order by use_name asc,use_first_name asc","order by use_name desc,use_first_name desc",'na','nd');
52 $header->add(_("Type d'utilisateur"),$base_url,"order by use_admin asc,use_login asc","order by use_admin desc,use_login desc",'ta','td');
53
54
55 $order=$http->request("ord","string","la");
56
57 $ord_sql=$header->get_sql_order($order);
58
59
60 $repo=new Database();
61 /* Show all the active users, including admin */
62 $user_sql = $repo->exec_sql("select use_id,
63 use_first_name,
64 use_name,
65 use_login,
66 use_admin
67 from ac_users left join jnt_use_dos using (use_id)
68 where use_login != $2 and use_active=1
69 and (dos_id=$1 or (dos_id is null and use_admin=1))" . $ord_sql,
71
72 $MaxUser = Database::num_row($user_sql);
73
74 echo \HtmlInput::filter_table("user_security_tb", '0,1,2,3', 1);
75 echo '<TABLE id="user_security_tb" class="result" >';
76 echo "<tr>";
77 echo '<th>'.$header->get_header(0).'</th>';
78 echo '<th>'.$header->get_header(1).'</th>';
79 echo th(_('prénom'));
80 echo th(_('profil'));
81 echo th(_('Séc. Journaux actif'));
82 echo th(_('Séc. Action actif'));
83 echo '<th>'.$header->get_header(2).'</th>';
84 for ($i = 0;$i < $MaxUser;$i++)
85 {
86 echo '<tr>';
87 $l_line=Database::fetch_array($user_sql,$i);
88
89
90 $str="";
91 $str=_('Utilisateur Normal');
92 if ( $l_line['use_admin'] == 1 )
93 $str=_('Administrateur');
94
95 // get profile
96 $profile=$cn->get_value("select p_name from profile
97 join profile_user using(p_id) where user_name=$1",array($l_line['use_login']));
98
99 $url=$base_url."&action=view&user_id=".$l_line['use_id'];
100 echo "<td>";
101 echo HtmlInput::anchor($l_line['use_login'], $url);
102 echo "</td>";
103 echo td($l_line['use_name']);
104 echo td($l_line['use_first_name']);
105 echo td($profile);
106 // status of security on ledger and action
107 $a_sec=$cn->get_row("select us_ledger,us_action from user_active_security where us_login =$1",
108 [$l_line['use_login']]);
109 if ( ! empty($a_sec ) ) {
110 echo td($a_sec['us_ledger']);
111 echo td($a_sec['us_action']);
112 } else {
113 echo td(_("Erreur sécurité"));
114 echo td("");
115 }
116 echo td($str);
117 echo "</TR>";
118 }
119 echo '</TABLE>';
120}
122
123if ( isset ($_GET["action"] ))
124{
125 $action=$http->get("action");
126
127}
128
129
130
131
132
133//--------------------------------------------------------------------------------
134// Action == View detail for users
135//--------------------------------------------------------------------------------
136
137if ( $action == "view" )
138{
139 $l_Db=sprintf("dossier%d",$gDossier);
140 $return= HtmlInput::button_anchor(_('Retour à la liste'),'?&ac='.$http->request('ac').'&'.dossier::get(),_('retour'),"",'button');
141
142 $repo=new Database();
143 $user_id=$http->get('user_id',"number");
144 $User=new Noalyss_user($repo,$user_id);
145 $admin=0;
146 $access=$User->get_folder_access($gDossier);
147
148 $str=_("Aucun accès");
149
150 if ($access=='R')
151 {
152 $str=_('Utilisateur normal');
153 }
154
155 if ( $User->admin==1 )
156 {
157 $str=_('Administrateur');
158 $admin=1;
159 }
160 $str=" ".$str;
161 echo '<h2>'.h($User->first_name).' '.h($User->name).' '.hi($User->login)."($str)</h2>";
162
163
164 if ( $user_id == 1 )
165 {
166 echo '<h2 class="notice"> '.
167 _("Cet utilisateur est administrateur, il a tous les droits").
168 '</h2>';
169 echo "<p>".
170 _("Impossible de modifier cet utilisateur dans cet écran, il faut passer par
171 l'écran administration -> utilisateur.").
172 "</p>";
173 echo $return;
174 return;
175 }
176 //
177 // Check if the user can access that folder
178 if ( $access == 'X' )
179 {
180 echo "<H2 class=\"error\">"
181 ._("L'utilisateur n'a pas accès à ce dossier")."</H2>";
182 echo "<p> ".
183 _("Impossible de modifier cet utilisateur dans cet écran, il faut passer par
184 l'écran administration -> utilisateur.").
185 "</p>";
186 echo $return;
187 $action="";
188 return;
189 }
190
191
192 //--------------------------------------------------------------------------------
193 // Show access for journal
194 //--------------------------------------------------------------------------------
195
196 $sec_User=new Noalyss_user($cn,$user_id);
197 $Res=$cn->exec_sql("
198 select jrn_def_id
199 ,jrn_def_name
200 ,coalesce(usr1.uj_priv,'X') priv
201 from jrn_def jrn1
202 left join user_sec_jrn usr1 on (usr1.uj_jrn_id=jrn1.jrn_def_id and usr1.uj_login=$1)
203 order by jrn_def_name",[$sec_User->login]);
204
205 $n_dossier_id=Dossier::id();
206 $sHref=http_build_query(["act"=>"PDF:sec","user_id"=>$user_id,"gDossier"=>$n_dossier_id]);
207
208 echo dossier::hidden();
209 echo HtmlInput::hidden('action','sec');
210 echo HtmlInput::hidden('user_id',$user_id);
211 $i_profile=new ISelect ('profile');
212 $i_profile->id=uniqid("profile");
213 $i_profile->value=$cn->make_array("select p_id,p_name from profile where p_id > 0
214 order by p_name");
215
216 $i_profile->selected=$sec_User->get_profile();
217 $ie_profile=new Inplace_Edit($i_profile);
218
219 $ie_profile->set_callback("ajax_misc.php");
220 $ie_profile->add_json_param("op", "profile");
221 $ie_profile->add_json_param("gDossier", $n_dossier_id);
222 $ie_profile->add_json_param("user_id", $user_id);
223 $ie_profile->add_json_param("profile_id", $i_profile->selected);
224
225 echo "<p>";
226 echo _("Profil")." ".$ie_profile->input();
227 echo "</p>";
228 echo '<Fieldset><legend>'._('Journaux').'</legend>';
229
230 //-------------------------------------------------------------------------
231 // Enable or not the security on ledger
232 //-------------------------------------------------------------------------
233 echo "<p>";
234 echo _("Sécurité sur les journaux")." ";
235 $status_sec_ledger=$sec_User->get_status_security_ledger();
236 //--
237 // Administrator can always access all the ledgers
238 if ( $sec_User->admin==1) {
239 echo '<p>';
240 echo _("Les administrateurs NOALYSS ont toujours accès à tout");
241 $status_sec_ledger=0;
242 $sec_User->set_status_security_ledger(0);
243 } else {
244
245 $sec_ledger=new Inplace_Switch("sec_ledger", $status_sec_ledger);
246 $sec_ledger->set_callback("ajax_misc.php");
247 $sec_ledger->add_json_param("gDossier", $n_dossier_id);
248 $sec_ledger->add_json_param("user_id", $user_id);
249 $sec_ledger->add_json_param("op", "user_sec_ledger");
250 $sec_ledger->set_jscript(" if ( $('security_ledger_tbl').visible() || {$sec_User->Admin()}==1) { $('security_ledger_tbl').hide();} else { $('security_ledger_tbl').show();}");
251 echo $sec_ledger->input();
252 echo "<p class='info'>";
253 echo _("La sécurité sur les journaux, permet de limiter l'accès de l'utilisateur aux journaux, si cette ".
254 " sécurité n'est pas activée , l'utilisateur a accès à tous les journaux en lecture et écriture");
255 echo "</p>";
256 }
257 echo "</p>";
258 //------------------------------------------------------------------------
259 // Access by ledgers, needed if the security on ledger is enable
260 //------------------------------------------------------------------------
261 echo '<div id="security_ledger_tbl">';
262 echo HtmlInput::button("grant_all", _("Accès à tout"), " onclick=\" grant_ledgers ('W') \"");
263 echo HtmlInput::button("grant_readonly", _("Uniquement Lecture"), " onclick=\" grant_ledgers ('R') \"");
264 echo HtmlInput::button("revoke_all", _("Aucun accès"), " onclick=\" grant_ledgers ('X') \"");
265 echo '<table>';
266 $MaxJrn=Database::num_row($Res);
267 $jrn_priv=new ISelect("iledger");
268 $array=array(
269 array ('value'=>'R','label'=>_('Uniquement lecture')),
270 array ('value'=>'W','label'=>_('Lecture et écriture')),
271 array ('value'=>'X','label'=>_('Aucun accès'))
272 );
273 for ( $i =0 ; $i < $MaxJrn; $i++ )
274 {
275 /* set the widget */
277 $jrn_priv->value=$array;
278 $jrn_priv->selected=$l_line['priv'];
279 $jrn_priv->id="ledas".uniqid();
280 $ie_input=new Inplace_Edit($jrn_priv);
281 $ie_input->set_callback("ajax_misc.php");
282 $ie_input->add_json_param("jrn_def_id", $l_line['jrn_def_id']);
283 $ie_input->add_json_param("op", "ledger_access");
284 $ie_input->add_json_param("gDossier", $n_dossier_id);
285 $ie_input->add_json_param("user_id", $user_id);
286 $ie_input->set_value($l_line['priv']);
287 echo '<TR> ';
288 if ( $i == 0 ) echo '<TD class="num"> <B> Journal </B> </TD>';
289 else echo "<TD></TD>";
290 echo "<TD class=\"num\"> $l_line[jrn_def_name] </TD>";
291 echo '<td>';
292 echo $ie_input->input();
293 echo '</td>';
294 echo '</tr>';
295 }
296 echo '</table>';
297 echo '</div>';
298 echo '</fieldset>';
299
300 echo '<hr>';
301 //**********************************************************************
302 // Show Priv. for actions
303 //**********************************************************************
304 echo '<fieldset> <legend>'._('Actions').'</legend>';
305
306 //-------------------------------------------------------------------------
307 // Enable or not the security on ledger
308 //-------------------------------------------------------------------------
309 echo "<p>";
310 echo _("Sécurité sur les actions")." ";
311 // Administrator always have all action
312 if ( $sec_User->admin==1) {
313 echo '<p>';
314 echo _("Les administrateurs NOALYSS ont toujours accès à tout");
315 $status_sec_action=0;
316 $sec_User->set_status_security_action(0);
317 } else {
318
319 $status_sec_action=$sec_User->get_status_security_action();
320 $sec_action=new Inplace_Switch("sec_action", $status_sec_action);
321 $sec_action->set_callback("ajax_misc.php");
322 $sec_action->add_json_param("gDossier", $n_dossier_id);
323 $sec_action->add_json_param("user_id", $user_id);
324 $sec_action->add_json_param("op", "user_sec_action");
325 $sec_action->set_jscript(" if ( $('security_action_tbl').visible() ) { $('security_action_tbl').hide();} else { $('security_action_tbl').show();}");
326 echo $sec_action->input();
327 echo "<p class='info'>";
328 echo _("La sécurité sur les actions permet de limiter ce que l'utilisateur peut faire, si "
329 . " elle n'est pas active l'utilisateur a donc accès à toutes ces actions");
330 echo "</p>";
331 }
332 echo "</p>";
333
334
335 include(NOALYSS_TEMPLATE.'/security_list_action.php');
336 echo '</fieldset>';
337 echo HtmlInput::button('Imprime',_('imprime'),"onclick=\"window.open('export.php?".$sHref."');\"");
338 echo $return;
339
340 ?>
341 <script>
342 function grant_ledgers(p_access) {
343 waiting_box();
344 var a_select=document.getElementsByTagName('span');
345 var i=0;
346 var str_id="";
347 for (i = 0;i < a_select.length;i++) {
348 str_id = new String( a_select[i].id);
349 if ( str_id.search(/ledas/) > -1 ) {
350 if ( p_access==="W") {
351 a_select[i].innerHTML="<?php echo _("Lecture et écriture");?>";
352 } else if (p_access === "R") {
353 a_select[i].innerHTML="<?php echo _("Uniquement lecture");?>";
354 } else if (p_access === "X") {
355 a_select[i].innerHTML="<?php echo _("Aucun accès");?>";
356 }
357
358 }
359 }
360
361 new Ajax.Request("ajax_misc.php",{method:"post",
362 parameters:{
363 op:"ledger_access_all",
364 gDossier:<?php echo $n_dossier_id?>,
365 method:"get",
366 user_id:<?php echo $user_id;?>,
367 access:p_access
368 }
369 });
370 remove_waiting_box();
371 }
372 function grant_action(p_value) {
373 var a_select=document.getElementsByTagName('span');
374 var i=0;
375 var str_id="";
376 for (i = 0;i < a_select.length;i++) {
377
378 str_id = new String( a_select[i].id);
379 if ( str_id == 'sec_action') {
380 continue;
381 }
382 if ( str_id.search(/action/) > -1 ) {
383 if ( p_value == 0 ) {
384 a_select[i].setStyle("color:red");
385 a_select[i].innerHTML='&#xf204';
386 } else {
387 a_select[i].setStyle("color:green");
388 a_select[i].innerHTML='&#xf205';
389 }
390 }
391 } // loop
392 new Ajax.Request("ajax_misc.php",{method:"get",
393 parameters:{
394 op:"action_access_all",
395 gDossier:<?php echo $n_dossier_id?>,
396 method:"get",
397 user_id:<?php echo $user_id;?>,
398 access:p_value
399 }
400 });
401 }
402 function display_security_ledger(p_value) {
403 if ( p_value == 1) {
404 $('security_ledger_tbl').show();}
405 else {
406 $('security_ledger_tbl').hide();}
407 }
408 display_security_ledger(<?=$status_sec_ledger?>);
409 function display_security_action(p_value) {
410 if ( p_value == 1) {
411 $('security_action_tbl').show();}
412 else {
413 $('security_action_tbl').hide();}
414 }
415 display_security_action(<?=$status_sec_action?>);
416 </script>
417<?php
418} // end of the form
419echo "</DIV>";
421?>
th($p_string, $p_extra='', $raw='')
Definition ac_common.php:58
hi($p_string)
Definition ac_common.php:48
html_page_stop()
end tag
td($p_string='', $p_extra='')
surround the string with td
Definition ac_common.php:83
global $g_user
if no group available , then stop
h( $row[ 'oa_description'])
if($ledger=="") $access
if(isset($_REQUEST['gDossier']) && $http->request("gDossier","number", 0) !=0) $repo
$_REQUEST['ac']
if($g_user->check_module("C0SEC")==0) $n_dossier_id
$str_dossier
_("actif, passif,charge,...")
$_GET['qcode']
static fetch_array($ret, $p_indice=0, $p_mode=PGSQL_ASSOC)
wrapper for the function pg_fetch_array
static num_row($ret)
wrapper for the function pg_num_rows
contains the class for connecting to Noalyss
manage the http input (get , post, request) and extract from an array
Html Input , create a tag <SELECT> ... </SELECT> if readonly == true then display the label correspon...
Inplace_edit class for ajax update of HtmlInput object.
A switch let you switch between 2 values : 0 and 1, it is used to replace the check.
Description of class_syn_sort_table.
$jrn_priv
if(count($a_accounting)==0) $header
$str
Definition fiche.inc.php:91
NOALYSS_ADMINISTRATOR
Definition install.php:744