// Liste des utilisateurs
$listFunctions = CGroups::loadCurrent()->loadFunctions(PERM_READ);
foreach ($listFunctions as &$curr_function) {
$curr_function->loadRefsUsers();
}
// Matrice des droits
$perms = array(PERM_DENY => "interdit", PERM_READ => "lecture", PERM_EDIT => "ecriture");
$views = array(PERM_DENY => "caché", PERM_READ => "menu", PERM_EDIT => "administration");
$icons = array(PERM_DENY => "empty", PERM_READ => "read", PERM_EDIT => "edit");
$where = array();
$whereGeneral = array("mod_id" => "IS NULL");
$matrice = array();
foreach ($listFunctions as $curr_func) {
foreach ($curr_func->_ref_users as $curr_user) {
$curr_user->loadRefProfile();
$permModule = new CPermModule();
$whereGeneral["user_id"] = "= '{$curr_user->user_id}'";
$where["user_id"] = "= '{$curr_user->user_id}'";
$listPermsModules = $permModule->loadList($where);
$where["user_id"] = "= '{$curr_user->_profile_id}'";
$listPermsModulesProfil = $permModule->loadList($where);
$permModule->loadObject($whereGeneral);
if ($permModule->_id) {
$permGeneralPermission = $permModule->permission;
$permGeneralView = $permModule->view;
} else {
$permGeneralPermission = PERM_DENY;
$permGeneralView = PERM_DENY;
}
foreach ($listModules as $curr_mod) {
$matrice[$curr_user->_id][$curr_mod->_id] = array("text" => $perms[$permGeneralPermission] . "/" . $views[$permGeneralView], "type" => "général", "permIcon" => $icons[$permGeneralPermission], "viewIcon" => $icons[$permGeneralView]);
// common sera toujours au debut
$prefs = array("common" => array());
// Classement par module et par permission fonctionnelle
CPreferences::loadModules(true);
foreach (CPreferences::$modules as $modname => $prefnames) {
$module = CModule::getActive($modname);
$canRead = $module ? CPermModule::getPermModule($module->_id, PERM_READ, $user_id) : false;
if ($modname == "common" || $user_id == "default" || $canRead) {
$prefs[$modname] = array();
foreach ($prefnames as $prefname) {
$prefs[$modname][$prefname] = array("default" => CMbArray::extract($prefvalues["default"], $prefname), "template" => CMbArray::extract($prefvalues["template"], $prefname), "user" => CMbArray::extract($prefvalues["user"], $prefname));
}
}
}
// Warning: user clone necessary!
// Some module index change $user global
$user_clone = $user;
// Chargement des modules
$modules = CPermModule::getVisibleModules();
foreach ($modules as $module) {
// Module might not be present
@(include "./modules/{$module->mod_name}/index.php");
}
$user = $user_clone;
$smarty = new CSmartyDP();
$smarty->assign("user", $user);
$smarty->assign("prof", $prof);
$smarty->assign("user_id", $user_id);
$smarty->assign("modules", $modules);
$smarty->assign("prefs", $prefs);
$smarty->display("vw_edit_functional_perms.tpl");
}
$modulesInstalled = CModule::getInstalled();
$isAdminPermSet = false;
$profile = new CUser();
if ($user->profile_id) {
$where["user_id"] = "= '{$user->profile_id}'";
$profile->loadObject($where);
}
$order = "mod_id";
//Droit de l'utilisateur sur les modules
$whereUser = array();
$whereUser["user_id"] = "= '{$user->user_id}'";
$whereProfil = array();
$whereProfil["user_id"] = "= '{$user->profile_id}'";
// DROITS SUR LES MODULES
$permModule = new CPermModule();
$permsModule = array();
$permsModuleCount = 0;
// Droit du profil sur les modules
foreach ($permModule->loadList($whereProfil, $order) as $_perm) {
$permsModuleCount++;
$_perm->_owner = "template";
$_perm->loadRefDBModule();
$permsModule[$_perm->mod_id]["profil"] = $_perm;
}
foreach ($permModule->loadList($whereUser, $order) as $_perm) {
$permsModuleCount++;
$_perm->_owner = "user";
$module = $_perm->loadRefDBModule();
if (!$module->_id) {
$isAdminPermSet = true;
// Destroy the current session and output login page
CSessionHandler::end(true);
CApp::rip();
}
$tab = 1;
$m = $m_get = CValue::get("m");
$post_request = $_SERVER['REQUEST_METHOD'] == 'POST';
if ($post_request) {
$m = CValue::post("m") ?: $m;
}
$m = CAppUI::checkFileName($m);
if (null == $m) {
$m = CPermModule::getFirstVisibleModule();
$parts = explode("-", CAppUI::pref("DEFMODULE"), 2);
$pref_module = $parts[0];
if ($pref_module && CPermModule::getViewModule(CModule::getInstalled($pref_module)->mod_id, PERM_READ)) {
$m = $pref_module;
}
if (count($parts) == 2) {
$tab = $parts[1];
CValue::setSession("tab", $tab);
}
}
// Still no target module
if (null == $m) {
CAppUI::redirect("m=system&a=access_denied");
}
if (null == ($module = CModule::getInstalled($m))) {
// dP remover super hack
if (null == ($module = CModule::getInstalled("dP{$m}"))) {
CAppUI::redirect("m=system&a=module_missing&mod={$m}");
/**
* Return all the visible modules
*
* @return CModule[]
*/
static function getVisibleModules()
{
$listReadable = array();
$listModules = CModule::getVisible();
foreach ($listModules as $module) {
if (CPermModule::getViewModule($module->mod_id, PERM_READ)) {
$listReadable[$module->mod_name] = $module;
}
}
return $listReadable;
}
/**
* Gets the permission on the module
*
* @param CStoredObject $object Object to load the permissions of
* @param int $permType Permission level
* @param CStoredObject $defaultObject Default object to load the permissions from
* @param int $user_id User ID
*
* @return bool
*/
static function getPermObject(CStoredObject $object, $permType, $defaultObject = null, $user_id = null)
{
$user = CUser::get($user_id);
// Shorteners
$class = $object->_class;
$id = $object->_id;
// Use permission query cache when available
if (isset(self::$users_cache[$user->_id][$class][$id])) {
return self::$users_cache[$user->_id][$class][$id] >= $permType;
}
// New cached permissions system : DO NOT REMOVE
if (is_array(self::$users_perms)) {
self::buildUser($user->_id);
$perms = self::$users_perms[$user->_id];
// Object specific, or Class specific, or Module generic
$perm = isset($perms[$class][$id]) ? $perms[$class][$id] : (isset($perms[$class]["all"]) ? $perms[$class]["all"] : "module");
// In case of module check, first build module cache, then get value from cache
if ($perm == "module") {
$mod_id = $object->_ref_module->_id;
CPermModule::getPermModule($mod_id, $permType, $user->_id);
$perm = CPermModule::$users_cache[$user->_id][$mod_id]["permission"];
}
self::$users_cache[$user->_id][$class][$id] = $perm;
return $perm >= $permType;
}
global $userPermsObjects;
$object_class = $object->_class;
$object_id = $object->_id;
if (isset($userPermsObjects[$object_class][$object_id])) {
return $userPermsObjects[$object_class][$object_id]->permission >= $permType;
}
if (isset($userPermsObjects[$object_class][0])) {
return $userPermsObjects[$object_class][0]->permission >= $permType;
}
return $defaultObject != null ? $defaultObject->getPerm($permType) : $object->_ref_module->getPerm($permType);
}
foreach ($fiche->_ref_items as $keyItem => $_item) {
if ($_item->ei_categorie_id == $keyCat) {
if (!isset($catFiche[$_categorie->nom])) {
$catFiche[$_categorie->nom] = array();
}
$catFiche[$_categorie->nom][] = $_item;
}
}
}
}
$user = new CMediusers();
/** @var CMediusers[] $listUsersTermine */
$listUsersTermine = $user->loadListFromType();
// Chargement de la liste des Chef de services / utilisateur
$module = CModule::getInstalled("dPqualite");
$perm = new CPermModule();
/** @var CMediusers[] $listUsersEdit */
$listUsersEdit = $user->loadListFromType(null, PERM_READ);
foreach ($listUsersEdit as $keyUser => $_user) {
if (!$perm->getInfoModule("permission", $module->mod_id, PERM_EDIT, $keyUser)) {
unset($listUsersEdit[$keyUser]);
}
}
/** @var CEiItem[] $items */
$items = array();
if ($evenements) {
$where = array();
$where["ei_categorie_id"] = " = '{$evenements}'";
$item = new CEiItem();
$items = $item->loadList($where);
}
function removePerms()
{
$this->completeField("user_id");
$perm = new CPermModule();
$perm->user_id = $this->user_id;
$perms = $perm->loadMatchingList();
foreach ($perms as $_perm) {
$_perm->delete();
}
$perm = new CPermObject();
$perm->user_id = $this->user_id;
$perms = $perm->loadMatchingList();
foreach ($perms as $_perm) {
$_perm->delete();
}
}
function getView($permType)
{
return CPermModule::getViewModule($this->mod_id, $permType);
}