echo _('Add/Edit');
?>
</th>
<th><?php
echo _('View');
?>
</th>
<th><?php
echo _('Delete');
?>
</th>
</tr>
</thead>
<tbody>
<?php
$mod_standard_permission = new ModuleStandardPermission();
$profile_standard_permission_rel = $do_profile->get_all_module_standard_permissions();
$profile_module_rel = $do_profile->get_all_module_permissions();
while ($do_module->next()) {
?>
<tr>
<td>
<?php
if (array_key_exists($profile_module_rel[$do_module->idmodule], $profile_module_rel)) {
if ($profile_module_rel[$do_module->idmodule] == 1) {
$profile_mod_permission_dis = '<a href="#" class="btn btn-success btn-xs"><i class="glyphicon glyphicon-ok"></i></a>';
} else {
$profile_mod_permission_dis = '<a href="#" class="btn btn-default btn-xs active"><i class="glyphicon glyphicon-remove"></i></a>';
}
} else {
$profile_mod_permission_dis = '<a href="#" class="btn btn-default btn-xs active"><i class="glyphicon glyphicon-remove"></i></a>';
/**
* function to set the different privileges for the CRM
* the privileges are all defined on the profile so loading all the different privileges
* sets the data in the form of an arrray in the persistent user object so that the data is
* available across the CRM in the current session.
* NOTE : any change in the profile permissions would require the user to logout so that on next
* login the new privileges are loaded again and become available for the current session.
* This idea is to ignore same set of queries again and again for each time the privileges are checked
* @see User::eventLogin()
*/
protected function set_user_crm_privileges()
{
$do_roles = new Roles();
//Get the role details of the user
$role_id = $this->idrole;
$this->set_user_role_info($do_roles->get_role_detail($role_id));
// Set the groups to which the user is associated
$do_group_user_rel = new GroupUserRelation();
$this->set_user_associated_to_groups($do_group_user_rel->get_groups_by_user($_SESSION["do_user"]->iduser, array(), true));
// Now lets find the profile and actual permissions set in the profile
$do_profile = new Profile();
$do_role_profile_rel = new RoleProfileRelation();
$do_module_standard_permission = new ModuleStandardPermission();
$do_role_profile_rel->get_pofiles_related_to_role($role_id);
$module_permissions = array();
$module_standard_permissions_per_profile_array = array();
if ($do_role_profile_rel->getNumRows() > 0) {
$associated_profiles = array();
while ($do_role_profile_rel->next()) {
$associated_profiles[] = $do_role_profile_rel->idprofile;
}
// Loading the active modules for the CRM available. The object "do_module" is persistent and is instantiated in module.php
if (!is_object($_SESSION["do_module"])) {
$do_module = new Module();
$do_module->sessionPersistent("do_module", "logout.php", TTL);
$_SESSION["do_module"]->load_active_modules();
}
$active_modules = $_SESSION["do_module"]->get_active_modules_for_crm();
// variables to hold the permissions when user is associated with multiple roles
$profile_standard_permission_rel_previous = array();
$profile_module_rel_previous = array();
foreach ($associated_profiles as $idprofile) {
// Getting all the module standard permissions vailable to the profile
$profile_standard_permission_rel = $do_profile->get_all_module_standard_permissions($idprofile);
// Getting if the module is permitted for the profile
$profile_module_rel = $do_profile->get_all_module_permissions($idprofile);
foreach ($active_modules as $module => $idmodule) {
if (array_key_exists($profile_module_rel[$idmodule], $profile_module_rel)) {
if (count($profile_module_rel_previous) > 0 && array_key_exists($profile_module_rel_previous[$idmodule], $profile_module_rel_previous)) {
if ($profile_module_rel_previous[$idmodule] > $module_permissions[$idmodule]["module_permission"]) {
$module_permissions[$idmodule]["module_permission"] = $profile_module_rel_previous[$idmodule];
} else {
$module_permissions[$idmodule]["module_permission"] = $profile_module_rel[$idmodule];
}
} else {
$module_permissions[$idmodule]["module_permission"] = $profile_module_rel[$idmodule];
}
$profile_module_rel_previous[$idmodule] = $profile_module_rel[$idmodule];
}
// Loading the module standard permissions
$do_module_standard_permission->get_module_standard_permissions($idmodule);
if ($do_module_standard_permission->getNumRows() > 0) {
while ($do_module_standard_permission->next()) {
if (array_key_exists($profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission], $profile_standard_permission_rel)) {
if (count($profile_standard_permission_rel_previous) > 0 && array_key_exists($profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission], $profile_standard_permission_rel_previous)) {
if ($profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission] > $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission]) {
$module_standard_permissions_per_profile_array[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission];
} else {
$module_standard_permissions_per_profile_array[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission];
}
} else {
$module_standard_permissions_per_profile_array[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission];
}
$profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission];
}
}
} else {
$module_standard_permissions_per_profile_array[$idmodule][2] = 1;
}
}
}
foreach ($module_standard_permissions_per_profile_array as $idmodule => $standard_permissions) {
$module_permissions[$idmodule]["standard_permissions"] = $standard_permissions;
}
}
$this->set_user_module_privileges($module_permissions);
}
/**
* Update the profile permission information
* @param object $evctl
*/
public function eventUpdateProfile(EventControler $evctl)
{
$permission = $_SESSION["do_user"]->is_admin == 1 ? true : false;
if (true === $permission) {
$idprofile = $evctl->idprofile;
if ($idprofile != '') {
if ($evctl->global_view_all == 'on') {
$global_view_all = 1;
} else {
$global_view_all = 0;
}
if ($evctl->global_addedit_all == 'on') {
$global_addedit_all = 1;
} else {
$global_addedit_all = 0;
}
$do_module = new Module();
$do_mod_standard_permission = new ModuleStandardPermission();
$do_mod_standard_permission->getAll();
// 1=add/edit, 2 = view, 3 = delete ,this is hard coded
$standard_permissions = array(1, 2, 3);
// Array to keep all the profile to module permissions
$profile_to_mod_permission_values = array();
// Array to keep all the profile to module standard permissions
$profile_to_mod_standard_permission_values = array();
$do_module->get_all_active_module();
while ($do_module->next()) {
$form_post_variable_mod_permission = 'mod_' . $do_module->idmodule;
$profile_to_mod_permission_values[$do_module->idmodule] = $evctl->{$form_post_variable_mod_permission};
foreach ($standard_permissions as $std_permission) {
$form_post_variable_mod_standard_permission = 'm_' . $do_module->idmodule . '_' . $std_permission;
$profile_to_mod_standard_permission_values[$do_module->idmodule][$std_permission] = $evctl->{$form_post_variable_mod_standard_permission};
}
}
$do_profile_to_module_rel = new ProfileToModuleRelation();
foreach ($profile_to_mod_permission_values as $idmodule => $permissions) {
// update profile to module permissions
if ($permissions == 'on') {
$permission = 1;
} else {
$permission = 0;
}
$qry = "\n\t\t\t\t\tupdate profile_module_rel \n\t\t\t\t\tset permission_flag = ?\n\t\t\t\t\twhere\n\t\t\t\t\tidprofile = ? AND idmodule = ? limit 1";
$do_profile_to_module_rel->query($qry, array($permission, $idprofile, $idmodule));
}
// updating to profile_standard_permission_rel
$do_profile_standard_permission_rel = new ProfileToStandardPermissionRelation();
foreach ($profile_to_mod_standard_permission_values as $idmodule => $permissions) {
foreach ($permissions as $std_permission => $permission) {
if ($permission == 'on') {
$permission = 1;
} else {
$permission = 0;
}
$qry = "\n\t\t\t\t\t\tupdate profile_standard_permission_rel \n\t\t\t\t\t\tset permission_flag = ?\n\t\t\t\t\t\twhere\n\t\t\t\t\t\tidmodule = ?\n\t\t\t\t\t\tAND idprofile = ?\n\t\t\t\t\t\tAND idstandard_permission = ? LIMIT 1";
$do_profile_standard_permission_rel->query($qry, array($permission, $idmodule, $idprofile, $std_permission));
}
}
// And finally update the global permissions
$do_profile_global_permission_rel = new ProfileToGlobalPermissionRelation();
$qry = "\n\t\t\t\tupdate profile_global_permission_rel \n\t\t\t\tset permission_flag = ?\n\t\t\t\twhere \n\t\t\t\tidprofile = ?\n\t\t\t\tAND idglobal_permission = 1 LIMIT 1";
$do_profile_global_permission_rel->query($qry, array($global_view_all, $idprofile));
$qry = "\n\t\t\t\tupdate profile_global_permission_rel \n\t\t\t\tset permission_flag = ?\n\t\t\t\twhere \n\t\t\t\tidprofile = ?\n\t\t\t\tAND idglobal_permission = 2 LIMIT 1";
$do_profile_global_permission_rel->query($qry, array($global_addedit_all, $idprofile));
$next_page = NavigationControl::getNavigationLink("Settings", "profile_details");
$dis = new Display($next_page);
$dis->addParam("sqrecord", $idprofile);
$evctl->setDisplayNext($dis);
}
} else {
$_SESSION["do_crm_messages"]->set_message('error', _('You do not have permission to edit record !'));
$next_page = NavigationControl::getNavigationLink("Settings", "index");
$dis = new Display($next_page);
$evctl->setDisplayNext($dis);
}
}
