public function displayForm($isMainTab = true) { global $cookie, $currentIndex; parent::displayForm(); $currentProfile = (int) $this->getCurrentProfileId(); $tabs = Tab::getTabs($cookie->id_lang); $profiles = Profile::getProfiles((int) $cookie->id_lang); $accesses = Profile::getProfileAccesses((int) $currentProfile); echo ' <script type="text/javascript"> setLang(Array(\'' . $this->l('Profile updated') . '\', \'' . $this->l('Request failed!') . '\', \'' . $this->l('Update in progress. Please wait.') . '\', \'' . $this->l('Server connection failed!') . '\')); </script> <div id="ajax_confirmation"></div> <table class="table" cellspacing="0"> <tr> <th ' . ($currentProfile == (int) _PS_ADMIN_PROFILE_ ? 'colspan="6"' : '') . '> <select name="profile" onchange="redirect(\'' . Tools::getHttpHost(true, true) . $currentIndex . '&token=' . $this->token . '&profile=\'+this.options[this.selectedIndex].value)">'; if ($profiles) { foreach ($profiles as $profile) { echo '<option value="' . (int) $profile['id_profile'] . '" ' . ((int) $profile['id_profile'] == $currentProfile ? 'selected="selected"' : '') . '>' . $profile['name'] . '</option>'; } } $tabsize = sizeof($tabs); foreach ($tabs as $tab) { if ($tab['id_tab'] > $tabsize) { $tabsize = $tab['id_tab']; } } echo ' </select> </th>'; if ($currentProfile != (int) _PS_ADMIN_PROFILE_) { echo ' <th class="center">' . $this->l('View') . '<br /><input type="checkbox" name="1" id="viewall" onclick="ajax_power(this, \'view\', -1, ' . $currentProfile . ', \'' . $this->token . '\', \'' . $tabsize . '\', \'' . sizeof($tabs) . '\')" /></th> <th class="center">' . $this->l('Add') . '<br /><input type="checkbox" name="1" id="addall" onclick="ajax_power(this, \'add\', -1, ' . $currentProfile . ', \'' . $this->token . '\', \'' . $tabsize . '\', \'' . sizeof($tabs) . '\')" /></th> <th class="center">' . $this->l('Edit') . '<br /><input type="checkbox" name="1" id="editall" onclick="ajax_power(this, \'edit\', -1, ' . $currentProfile . ', \'' . $this->token . '\', \'' . $tabsize . '\', \'' . sizeof($tabs) . '\')" /></th> <th class="center">' . $this->l('Delete') . '<br /><input type="checkbox" name="1" id="deleteall" onclick="ajax_power(this, \'delete\', -1, ' . $currentProfile . ', \'' . $this->token . '\', \'' . $tabsize . '\', \'' . sizeof($tabs) . '\')" /></th> <th class="center">' . $this->l('All') . '<br /><input type="checkbox" name="1" id="allall" onclick="ajax_power(this, \'all\', -1, ' . $currentProfile . ', \'' . $this->token . '\', \'' . $tabsize . '\', \'' . sizeof($tabs) . '\')" /></th> </tr>'; } if (!sizeof($tabs)) { echo '<tr><td colspan="5">' . $this->l('No tab') . '</td></tr>'; } elseif ($currentProfile == (int) _PS_ADMIN_PROFILE_) { echo '<tr><td colspan="5">' . $this->l('Administrator permissions cannot be modified.') . '</td></tr>'; } else { foreach ($tabs as $tab) { if (!$tab['id_parent'] or (int) $tab['id_parent'] == -1) { $this->printTabAccess((int) $currentProfile, $tab, $accesses[$tab['id_tab']], false, $tabsize, sizeof($tabs)); foreach ($tabs as $child) { if ($child['id_parent'] === $tab['id_tab']) { if (isset($accesses[$child['id_tab']])) { $this->printTabAccess($currentProfile, $child, $accesses[$child['id_tab']], true, $tabsize, sizeof($tabs)); } } } } } } echo '</table>'; }
/** * AdminController::renderForm() override * @see AdminController::renderForm() */ public function renderForm() { $current_profile = (int) $this->getCurrentProfileId(); $profiles = Profile::getProfiles($this->context->language->id); $tabs = Tab::getTabs($this->context->language->id); $accesses = array(); foreach ($profiles as $profile) { $accesses[$profile['id_profile']] = Profile::getProfileAccesses($profile['id_profile']); } // Deleted id_tab that do not have access foreach ($tabs as $key => $tab) { // Don't allow permissions for unnamed tabs (ie. AdminLogin) if (empty($tab['name'])) { unset($tabs[$key]); } foreach ($this->accesses_black_list as $id_tab) { if ($tab['id_tab'] == (int) $id_tab) { unset($tabs[$key]); } } } $modules = array(); foreach ($profiles as $profile) { $modules[$profile['id_profile']] = Module::getModulesAccessesByIdProfile($profile['id_profile']); uasort($modules[$profile['id_profile']], array($this, 'sortModuleByName')); } $this->fields_form = array(''); $this->tpl_form_vars = array('profiles' => $profiles, 'accesses' => $accesses, 'id_tab_parentmodule' => (int) Tab::getIdFromClassName('AdminParentModules'), 'id_tab_module' => (int) Tab::getIdFromClassName('AdminModules'), 'tabs' => $this->displayTabs($tabs), 'current_profile' => (int) $current_profile, 'admin_profile' => (int) _PS_ADMIN_PROFILE_, 'access_edit' => $this->access('edit'), 'perms' => array('view', 'add', 'edit', 'delete'), 'modules' => $modules, 'link' => $this->context->link); return parent::renderForm(); }
public function displayForm($isMainTab = true) { global $cookie, $currentIndex; parent::displayForm(); $currentProfile = (int) Tools::getValue('id_profile'); if (!$currentProfile) { $currentProfile = 1; } $tabs = Tab::getTabs((int) $cookie->id_lang); $profiles = Profile::getProfiles((int) $cookie->id_lang); $permissions = Profile::getProfileAccesses((int) $currentProfile); echo ' <form action="' . $currentIndex . '&submitAddPermissions=1&token=' . $this->token . '" id="form_permissions" method="post"> <input type="hidden" name="id_profile" value="' . (int) $currentProfile . '" /> <table class="table" cellspacing="0"> <tr> <th ' . ($currentProfile == (int) _PS_ADMIN_PROFILE_ ? 'colspan="6"' : '') . '>' . $this->l('Profile') . ' <select name="id_profile" onchange="window.location = \'' . Tools::getHttpHost(true, true) . $currentIndex . '&token=' . $this->token . '&id_profile=\'+this.options[this.selectedIndex].value;">'; if ($profiles) { foreach ($profiles as $profile) { echo '<option value="' . (int) $profile['id_profile'] . '" ' . ((int) $profile['id_profile'] == $currentProfile ? 'selected="selected"' : '') . '>' . Tools::safeOutput($profile['name']) . '</option>'; } } echo ' </select> </th>'; if ($currentProfile != (int) _PS_ADMIN_PROFILE_) { echo ' <th class="center">' . $this->l('View') . '<br /><input type="checkbox" name="1" id="viewall" /></th> <th class="center">' . $this->l('Add') . '<br /><input type="checkbox" name="1" id="addall" /></th> <th class="center">' . $this->l('Edit') . '<br /><input type="checkbox" name="1" id="editall" /></th> <th class="center">' . $this->l('Delete') . '<br /><input type="checkbox" name="1" id="deleteall" /></th> <th class="center">' . $this->l('All') . '<br /><input type="checkbox" name="1" id="allall" /></th> </tr>'; } if (!count($tabs)) { echo '<tr><td colspan="5">' . $this->l('No tab') . '</td></tr>'; } elseif ($currentProfile == (int) _PS_ADMIN_PROFILE_) { echo '<tr><td colspan="5">' . $this->l('Administrator permissions cannot be modified.') . '</td></tr>'; } else { foreach ($tabs as $tab) { if (!$tab['id_parent'] || (int) $tab['id_parent'] == -1) { echo $this->printTabAccess((int) $currentProfile, $tab, isset($permissions[(int) $tab['id_tab']]) ? $permissions[(int) $tab['id_tab']] : 0, false); foreach ($tabs as $child) { if ($child['id_parent'] === $tab['id_tab']) { echo $this->printTabAccess($currentProfile, $child, isset($permissions[(int) $child['id_tab']]) ? $permissions[(int) $child['id_tab']] : 0, true); } } } } } echo '</table> <p><input type="submit" value="' . $this->l(' Save ') . '" name="submitAddPermissions" class="button" /></p> </form> <script type="text/javascript">managePermissions();</script>'; }
public function displayForm($isMainTab = true) { global $cookie, $currentIndex; parent::displayForm(); $currentProfile = intval($this->getCurrentProfileId()); $tabs = Tab::getTabs($cookie->id_lang); $profiles = Profile::getProfiles(intval($cookie->id_lang)); $accesses = Profile::getProfileAccesses(intval($currentProfile)); echo ' <script type="text/javascript"> setLang(Array(\'' . $this->l('Profile updated') . '\', \'' . $this->l('Request failed!') . '\', \'' . $this->l('Updating in progress. Please wait.') . '\', \'' . $this->l('Server connection failed!') . '\')); </script> <div id="ajax_confirmation"></div> <table class="table" cellspacing="0"> <tr> <th> <select name="profile" onchange="redirect(\'' . Tools::getHttpHost(true, true) . $currentIndex . '&token=' . $this->token . '&profile=\'+this.options[this.selectedIndex].value)">'; if ($profiles) { foreach ($profiles as $profile) { echo '<option value="' . intval($profile['id_profile']) . '" ' . (intval($profile['id_profile']) == $currentProfile ? 'selected="selected"' : '') . '>' . $profile['name'] . '</option>'; } } echo ' </select> </th> <th>' . $this->l('View') . '</th> <th>' . $this->l('Add') . '</th> <th>' . $this->l('Edit') . '</th> <th>' . $this->l('Delete') . '</th> </tr>'; if (!sizeof($tabs)) { echo '<tr><td colspan="5">' . $this->l('No tab') . '</td></tr>'; } else { if ($currentProfile == intval(_PS_ADMIN_PROFILE_)) { echo '<tr><td colspan="5">' . $this->l('Administrator permissions can\'t be modified.') . '</td></tr>'; } else { foreach ($tabs as $tab) { if (!$tab['id_parent'] or intval($tab['id_parent']) == -1) { $this->printTabAccess(intval($currentProfile), $tab, $accesses[$tab['id_tab']], false); foreach ($tabs as $child) { if ($child['id_parent'] === $tab['id_tab']) { $this->printTabAccess($currentProfile, $child, $accesses[$child['id_tab']], true); } } } } } } echo '</table>'; }
/** * AdminController::renderForm() override * @see AdminController::renderForm() */ public function renderForm() { $current_profile = (int) $this->getCurrentProfileId(); $profiles = Profile::getProfiles($this->context->language->id); $tabs = Tab::getTabs($this->context->language->id); $accesses = array(); foreach ($profiles as $profile) { $accesses[$profile['id_profile']] = Profile::getProfileAccesses($profile['id_profile']); } // Deleted id_tab that do not have access foreach ($tabs as $key => $tab) { // Don't allow permissions for unnamed tabs (ie. AdminLogin) if (empty($tab['name'])) { unset($tabs[$key]); } foreach ($this->accesses_black_list as $id_tab) { if ($tab['id_tab'] == (int) $id_tab) { unset($tabs[$key]); } } } $modules = array(); foreach ($profiles as $profile) { $modules[$profile['id_profile']] = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS(' SELECT ma.`id_module`, m.`name`, ma.`view`, ma.`configure`, ma.`uninstall` FROM ' . _DB_PREFIX_ . 'module_access ma LEFT JOIN ' . _DB_PREFIX_ . 'module m ON ma.id_module = m.id_module WHERE id_profile = ' . (int) $profile['id_profile'] . ' ORDER BY m.name '); foreach ($modules[$profile['id_profile']] as $k => &$module) { $m = Module::getInstanceById($module['id_module']); // the following condition handles invalid modules if ($m) { $module['name'] = $m->displayName; } else { unset($modules[$profile['id_profile']][$k]); } } uasort($modules[$profile['id_profile']], array($this, 'sortModuleByName')); } $this->fields_form = array(''); $this->tpl_form_vars = array('profiles' => $profiles, 'accesses' => $accesses, 'id_tab_parentmodule' => (int) Tab::getIdFromClassName('AdminParentModules'), 'id_tab_module' => (int) Tab::getIdFromClassName('AdminModules'), 'tabs' => $tabs, 'current_profile' => (int) $current_profile, 'admin_profile' => (int) _PS_ADMIN_PROFILE_, 'access_edit' => $this->tabAccess['edit'], 'perms' => array('view', 'add', 'edit', 'delete'), 'modules' => $modules, 'link' => $this->context->link); return parent::renderForm(); }
function displayForm() { global $cookie, $currentIndex; $currentProfile = intval($this->getCurrentProfileId()); $tabs = Tab::getTabs($cookie->id_lang); $profiles = Profile::getProfiles(intval($cookie->id_lang)); $accesses = Profile::getProfileAccesses(intval($currentProfile)); echo ' <script type="text/javascript"> setLang(Array(\'' . $this->l('Profile updated') . '\', \'' . $this->l('Request failed!') . '\', \'' . $this->l('Updating in progress. Please wait.') . '\', \'' . $this->l('Server connection failed!') . '\')); </script> <div id="ajax_confirmation"></div> <table class="table" cellspacing="0"> <tr> <th> <select name="profile" onchange="redirect(\'' . (Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://') . htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8') . $currentIndex . '&token=' . $this->token . '&profile=\'+this.options[this.selectedIndex].value)">'; if ($profiles) { foreach ($profiles as $profile) { echo '<option value="' . intval($profile['id_profile']) . '" ' . (intval($profile['id_profile']) == $currentProfile ? 'selected="selected"' : '') . '>' . $profile['name'] . '</option>'; } } echo ' </select> </th> <th>' . $this->l('View') . '</th> <th>' . $this->l('Add') . '</th> <th>' . $this->l('Edit') . '</th> <th>' . $this->l('Delete') . '</th> </tr>'; if (!sizeof($tabs)) { echo '<tr><td colspan="5">' . $this->l('No tab') . '</td></tr>'; } else { foreach ($tabs as $tab) { if (!$tab['id_parent'] or intval($tab['id_parent']) == -1) { $this->printTabAccess(intval($currentProfile), $tab, $accesses[$tab['id_tab']], false); foreach ($tabs as $child) { if ($child['id_parent'] === $tab['id_tab']) { $this->printTabAccess($currentProfile, $child, $accesses[$child['id_tab']], true); } } } } } echo '</table>'; }
function checkTabRights($id_tab) { global $cookie; static $tabAccesses = NULL; if ($tabAccesses === NULL) { $tabAccesses = Profile::getProfileAccesses($cookie->profile); } if (isset($tabAccesses[(int) $id_tab]['view'])) { return $tabAccesses[(int) $id_tab]['view'] === '1'; } return false; }
/** * @TODO deprecate for Tab::checkTabRights() */ function checkTabRights($id_tab) { static $tabAccesses = null; if ($tabAccesses === null) { $tabAccesses = Profile::getProfileAccesses(Context::getContext()->employee->id_profile); } if (isset($tabAccesses[(int) $id_tab]['view'])) { return $tabAccesses[(int) $id_tab]['view'] === '1'; } return false; }
public static function getProfileAccess($id_profile, $id_tab) { // getProfileAccesses is cached so there is no performance leak $accesses = Profile::getProfileAccesses($id_profile); return isset($accesses[$id_tab]) ? $accesses[$id_tab] : false; }
/** * Assign smarty variables for the header */ public function initHeader() { header('Cache-Control: no-store, no-cache'); // Multishop $is_multishop = Shop::isFeatureActive(); // Quick access $quick_access = QuickAccess::getQuickAccesses($this->context->language->id); foreach ($quick_access as $index => $quick) { if ($quick['link'] == '../' && Shop::getContext() == Shop::CONTEXT_SHOP) { $url = $this->context->shop->getBaseURL(); if (!$url) { unset($quick_access[$index]); continue; } $quick_access[$index]['link'] = $url; } else { preg_match('/controller=(.+)(&.+)?$/', $quick['link'], $admin_tab); if (isset($admin_tab[1])) { if (strpos($admin_tab[1], '&')) { $admin_tab[1] = substr($admin_tab[1], 0, strpos($admin_tab[1], '&')); } $token = Tools::getAdminToken($admin_tab[1] . (int) Tab::getIdFromClassName($admin_tab[1]) . (int) $this->context->employee->id); $quick_access[$index]['target'] = $admin_tab[1]; $quick_access[$index]['link'] .= '&token=' . $token; } } } //$link = preg_replace('/&token=[a-z0-9]{32}/', '', basename($_SERVER['REQUEST_URI'])); //$currentPage = 'index.php?controller='.$this->context->controller->controller_name."&".$this->display.$this->table; // Tab list $tabs = Tab::getTabs($this->context->language->id, 0); $current_id = Tab::getCurrentParentId(); foreach ($tabs as $index => $tab) { if (!Tab::checkTabRights($tab['id_tab']) || $tab['class_name'] == 'AdminStock' && Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT') == 0 || $tab['class_name'] == 'AdminCarrierWizard') { unset($tabs[$index]); continue; } $img_cache_url = 'themes/' . $this->context->employee->bo_theme . '/img/t/' . $tab['class_name'] . '.png'; $img_exists_cache = Tools::file_exists_cache(_PS_ADMIN_DIR_ . $img_cache_url); // retrocompatibility : change png to gif if icon not exists if (!$img_exists_cache) { $img_exists_cache = Tools::file_exists_cache(_PS_ADMIN_DIR_ . str_replace('.png', '.gif', $img_cache_url)); } if ($img_exists_cache) { $path_img = $img = $img_exists_cache; } else { $path_img = _PS_IMG_DIR_ . 't/' . $tab['class_name'] . '.png'; // Relative link will always work, whatever the base uri set in the admin $img = '../img/t/' . $tab['class_name'] . '.png'; } if (trim($tab['module']) != '') { $path_img = _PS_MODULE_DIR_ . $tab['module'] . '/' . $tab['class_name'] . '.png'; // Relative link will always work, whatever the base uri set in the admin $img = '../modules/' . $tab['module'] . '/' . $tab['class_name'] . '.png'; } // retrocompatibility if (!file_exists($path_img)) { $img = str_replace('png', 'gif', $img); } // tab[class_name] does not contains the "Controller" suffix $tabs[$index]['current'] = $tab['class_name'] . 'Controller' == get_class($this) || $current_id == $tab['id_tab']; $tabs[$index]['img'] = $img; $tabs[$index]['href'] = $this->context->link->getAdminLink($tab['class_name']); $sub_tabs = Tab::getTabs($this->context->language->id, $tab['id_tab']); foreach ($sub_tabs as $index2 => $sub_tab) { //check if module is enable and if (isset($sub_tab['module']) && !empty($sub_tab['module'])) { $module = Module::getInstanceByName($sub_tab['module']); if (is_object($module) && !$module->isEnabledForShopContext()) { unset($sub_tabs[$index2]); continue; } } if (Tab::checkTabRights($sub_tab['id_tab']) === true && (bool) $sub_tab['active'] && $sub_tab['class_name'] != 'AdminCarrierWizard') { $sub_tabs[$index2]['href'] = $this->context->link->getAdminLink($sub_tab['class_name']); $sub_tabs[$index2]['current'] = $sub_tab['class_name'] . 'Controller' == get_class($this) || $sub_tab['class_name'] == Tools::getValue('controller'); } elseif ($sub_tab['class_name'] == 'AdminCarrierWizard' && $sub_tab['class_name'] . 'Controller' == get_class($this)) { foreach ($sub_tabs as $i => $tab) { if ($tab['class_name'] == 'AdminCarriers') { break; } } $sub_tabs[$i]['current'] = true; unset($sub_tabs[$index2]); } else { unset($sub_tabs[$index2]); } } $tabs[$index]['sub_tabs'] = $sub_tabs; } if (Validate::isLoadedObject($this->context->employee)) { $accesses = Profile::getProfileAccesses($this->context->employee->id_profile, 'class_name'); /* Hooks are volontary out the initialize array (need those variables already assigned) */ $bo_color = empty($this->context->employee->bo_color) ? '#FFFFFF' : $this->context->employee->bo_color; $this->context->smarty->assign(array('autorefresh_notifications' => Configuration::get('PS_ADMINREFRESH_NOTIFICATION'), 'help_box' => Configuration::get('PS_HELPBOX'), 'round_mode' => Configuration::get('PS_PRICE_ROUND_MODE'), 'brightness' => Tools::getBrightness($bo_color) < 128 ? 'white' : '#383838', 'bo_width' => (int) $this->context->employee->bo_width, 'bo_color' => isset($this->context->employee->bo_color) ? Tools::htmlentitiesUTF8($this->context->employee->bo_color) : null, 'show_new_orders' => Configuration::get('PS_SHOW_NEW_ORDERS') && isset($accesses['AdminOrders']) && $accesses['AdminOrders']['view'], 'show_new_customers' => Configuration::get('PS_SHOW_NEW_CUSTOMERS') && isset($accesses['AdminCustomers']) && $accesses['AdminCustomers']['view'], 'show_new_messages' => Configuration::get('PS_SHOW_NEW_MESSAGES') && isset($accesses['AdminCustomerThreads']) && $accesses['AdminCustomerThreads']['view'], 'employee' => $this->context->employee, 'search_type' => Tools::getValue('bo_search_type'), 'bo_query' => Tools::safeOutput(Tools::stripslashes(Tools::getValue('bo_query'))), 'quick_access' => $quick_access, 'multi_shop' => Shop::isFeatureActive(), 'shop_list' => Helper::renderShopList(), 'shop' => $this->context->shop, 'shop_group' => new ShopGroup((int) Shop::getContextShopGroupID()), 'current_parent_id' => (int) Tab::getCurrentParentId(), 'tabs' => $tabs, 'is_multishop' => $is_multishop, 'multishop_context' => $this->multishop_context, 'default_tab_link' => $this->context->link->getAdminLink(Tab::getClassNameById((int) Context::getContext()->employee->default_tab)), 'collapse_menu' => isset($this->context->cookie->collapse_menu) ? (int) $this->context->cookie->collapse_menu : 0)); } else { $this->context->smarty->assign('default_tab_link', $this->context->link->getAdminLink('AdminDashboard')); } // Shop::initialize() in config.php may empty $this->context->shop->virtual_uri so using a new shop instance for getBaseUrl() $this->context->shop = new Shop((int) $this->context->shop->id); $this->context->smarty->assign(array('img_dir' => _PS_IMG_, 'iso' => $this->context->language->iso_code, 'class_name' => $this->className, 'iso_user' => $this->context->language->iso_code, 'country_iso_code' => $this->context->country->iso_code, 'version' => _PS_VERSION_, 'lang_iso' => $this->context->language->iso_code, 'full_language_code' => $this->context->language->language_code, 'link' => $this->context->link, 'shop_name' => Configuration::get('PS_SHOP_NAME'), 'base_url' => $this->context->shop->getBaseURL(), 'tab' => isset($tab) ? $tab : null, 'current_parent_id' => (int) Tab::getCurrentParentId(), 'tabs' => $tabs, 'install_dir_exists' => file_exists(_PS_ADMIN_DIR_ . '/../install'), 'pic_dir' => _THEME_PROD_PIC_DIR_, 'controller_name' => htmlentities(Tools::getValue('controller')), 'currentIndex' => self::$currentIndex, 'bootstrap' => $this->bootstrap, 'default_language' => (int) Configuration::get('PS_LANG_DEFAULT'), 'display_addons_connection' => Tab::checkTabRights(Tab::getIdFromClassName('AdminModulesController')))); $module = Module::getInstanceByName('themeconfigurator'); $lang = ''; if (Configuration::get('PS_REWRITING_SETTINGS') && count(Language::getLanguages(true)) > 1) { $lang = Language::getIsoById($this->context->employee->id_lang) . '/'; } if (is_object($module) && $module->active && (int) Configuration::get('PS_TC_ACTIVE') == 1 && $this->context->shop->getBaseURL()) { $this->context->smarty->assign('base_url_tc', $this->context->shop->getBaseUrl() . (Configuration::get('PS_REWRITING_SETTINGS') ? '' : 'index.php') . $lang . '?live_configurator_token=' . $module->getLiveConfiguratorToken() . '&id_employee=' . (int) $this->context->employee->id . '&id_shop=' . (int) $this->context->shop->id . (Configuration::get('PS_TC_THEME') != '' ? '&theme=' . Configuration::get('PS_TC_THEME') : '') . (Configuration::get('PS_TC_FONT') != '' ? '&theme_font=' . Configuration::get('PS_TC_FONT') : '')); } }
public static function list_permissions($profileId) { $configuration = PS_CLI_CONFIGURE::getConfigurationInstance(); if (!Validate::isUnsignedInt($profileId)) { echo "Error, {$profileId} is not a valid profile ID\n"; return false; } $profile = new Profile($profileId); if (!Validate::IsLoadedObject($profile)) { echo "Error, could not find a profile with ID: {$profileId}\n"; return false; } $accesses = Profile::getProfileAccesses($profileId, 'id_tab'); echo "Access rights for profile " . array_pop($profile->name) . " ({$profileId})\n"; $table = new Cli\Table(); $table->setHeaders(array('Tab', 'View', 'Add', 'Edit', 'Delete')); $allowedStr = 'X'; $deniedStr = ''; foreach ($accesses as $access) { $tab = new Tab($access['id_tab'], $configuration->lang); $table->addRow(array($tab->name, $access['view'] == 1 ? $allowedStr : $deniedStr, $access['add'] == 1 ? $allowedStr : $deniedStr, $access['edit'] == 1 ? $allowedStr : $deniedStr, $access['delete'] == 1 ? $allowedStr : $deniedStr)); } $table->display(); }
protected function getQuickLinks() { $quick_links = array(); $profile_access = Profile::getProfileAccesses($this->context->employee->id_profile); if ($profile_access[(int) Tab::getIdFromClassName('AdminStats')]['view']) { $quick_links['first'] = array('href' => $this->context->link->getAdminLink('AdminStats') . '&module=statsbestproducts', 'title' => $this->l('Recently sold products.'), 'description' => $this->l('Create a new category and organize your catalog.')); } if ($profile_access[(int) Tab::getIdFromClassName('AdminOrders')]['add']) { $quick_links['second'] = array('href' => $this->context->link->getAdminLink('AdminOrders') . '&addorder', 'title' => $this->l('New order'), 'description' => $this->l('Fill your catalog with new products.')); } if ($profile_access[(int) Tab::getIdFromClassName('AdminSpecificPriceRule')]['add']) { $quick_links['third'] = array('href' => $this->context->link->getAdminLink('AdminSpecificPriceRule') . '&addspecific_price_rule', 'title' => $this->l('New price rule for catalog'), 'description' => $this->l('Monitor your activity with a thorough analysis of your shop.')); } if ($profile_access[(int) Tab::getIdFromClassName('AdminProducts')]['add']) { $quick_links['fourth'] = array('href' => $this->context->link->getAdminLink('AdminProducts') . '&addproduct', 'title' => $this->l('New product'), 'description' => $this->l('Add a new employee account and discharge a part of your duties as shop owner.')); } if ($profile_access[(int) Tab::getIdFromClassName('AdminModules')]['view']) { $quick_links['fifth'] = array('href' => $this->context->link->getAdminLink('AdminModules'), 'title' => $this->l('New module'), 'description' => $this->l('Configure your modules')); } if ($profile_access[(int) Tab::getIdFromClassName('AdminCartRules')]['add']) { $quick_links['sixth'] = array('href' => $this->context->link->getAdminLink('AdminCartRules') . '&addcart_rule', 'title' => $this->l('New price rule for cart'), 'description' => $this->l('Add new cart rule')); } if ($profile_access[(int) Tab::getIdFromClassName('AdminCmsContent')]['add']) { $quick_links['seventh'] = array('href' => $this->context->link->getAdminLink('AdminCmsContent') . '&addcms', 'title' => $this->l('New CMS page'), 'description' => $this->l('Add a new CMS page.')); } if ($profile_access[(int) Tab::getIdFromClassName('AdminCarts')]['view']) { $quick_links['eighth'] = array('href' => $this->context->link->getAdminLink('AdminCarts') . '&id_cart', 'title' => $this->l('Abandoned shopping carts'), 'description' => $this->l('View your customer\'s carts.')); } return $quick_links; }
/** * Assign smarty variables for the header */ public function initHeader() { // Multishop $is_multishop = Shop::isFeatureActive(); // Quick access $quick_access = QuickAccess::getQuickAccesses($this->context->language->id); foreach ($quick_access as $index => $quick) { if ($quick['link'] == '../' && Shop::getContext() == Shop::CONTEXT_SHOP) { $url = $this->context->shop->getBaseURL(); if (!$url) { unset($quick_access[$index]); continue; } $quick_access[$index]['link'] = $url; } else { preg_match('/controller=(.+)(&.+)?$/', $quick['link'], $admin_tab); if (isset($admin_tab[1])) { if (strpos($admin_tab[1], '&')) { $admin_tab[1] = substr($admin_tab[1], 0, strpos($admin_tab[1], '&')); } $token = Tools::getAdminToken($admin_tab[1] . (int) Tab::getIdFromClassName($admin_tab[1]) . (int) $this->context->employee->id); $quick_access[$index]['link'] .= '&token=' . $token; } } } // Tab list $tabs = Tab::getTabs($this->context->language->id, 0); $current_id = Tab::getCurrentParentId(); foreach ($tabs as $index => $tab) { if (!checkTabRights($tab['id_tab']) || $tab['class_name'] == 'AdminStock' && Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT') == 0 || $tab['class_name'] == 'AdminCarrierWizard') { unset($tabs[$index]); continue; } $img_cache_url = 'themes/' . $this->context->employee->bo_theme . '/img/t/' . $tab['class_name'] . '.png'; $img_exists_cache = Tools::file_exists_cache(_PS_ADMIN_DIR_ . $img_cache_url); // retrocompatibility : change png to gif if icon not exists if (!$img_exists_cache) { $img_exists_cache = Tools::file_exists_cache(_PS_ADMIN_DIR_ . str_replace('.png', '.gif', $img_cache_url)); } if ($img_exists_cache) { $path_img = $img = $img_exists_cache; } else { $path_img = _PS_IMG_DIR_ . 't/' . $tab['class_name'] . '.png'; // Relative link will always work, whatever the base uri set in the admin $img = '../img/t/' . $tab['class_name'] . '.png'; } if (trim($tab['module']) != '') { $path_img = _PS_MODULE_DIR_ . $tab['module'] . '/' . $tab['class_name'] . '.png'; // Relative link will always work, whatever the base uri set in the admin $img = '../modules/' . $tab['module'] . '/' . $tab['class_name'] . '.png'; } // retrocompatibility if (!file_exists($path_img)) { $img = str_replace('png', 'gif', $img); } // tab[class_name] does not contains the "Controller" suffix $tabs[$index]['current'] = $tab['class_name'] . 'Controller' == get_class($this) || $current_id == $tab['id_tab']; $tabs[$index]['img'] = $img; $tabs[$index]['href'] = $this->context->link->getAdminLink($tab['class_name']); $sub_tabs = Tab::getTabs($this->context->language->id, $tab['id_tab']); foreach ($sub_tabs as $index2 => $sub_tab) { // class_name is the name of the class controller if (Tab::checkTabRights($sub_tab['id_tab']) === true && (bool) $sub_tab['active'] && $sub_tab['class_name'] != 'AdminCarrierWizard') { $sub_tabs[$index2]['href'] = $this->context->link->getAdminLink($sub_tab['class_name']); $sub_tabs[$index2]['current'] = $sub_tab['class_name'] . 'Controller' == get_class($this); } else { unset($sub_tabs[$index2]); } } $tabs[$index]['sub_tabs'] = $sub_tabs; } if (Validate::isLoadedObject($this->context->employee)) { $accesses = Profile::getProfileAccesses($this->context->employee->id_profile, 'class_name'); /* Hooks are volontary out the initialize array (need those variables already assigned) */ $bo_color = empty($this->context->employee->bo_color) ? '#FFFFFF' : $this->context->employee->bo_color; $this->context->smarty->assign(array('autorefresh_notifications' => Configuration::get('PS_ADMINREFRESH_NOTIFICATION'), 'help_box' => Configuration::get('PS_HELPBOX'), 'round_mode' => Configuration::get('PS_PRICE_ROUND_MODE'), 'brightness' => Tools::getBrightness($bo_color) < 128 ? 'white' : '#383838', 'bo_width' => (int) $this->context->employee->bo_width, 'bo_color' => isset($this->context->employee->bo_color) ? Tools::htmlentitiesUTF8($this->context->employee->bo_color) : null, 'show_new_orders' => Configuration::get('PS_SHOW_NEW_ORDERS') && $accesses['AdminOrders']['view'], 'show_new_customers' => Configuration::get('PS_SHOW_NEW_CUSTOMERS') && $accesses['AdminCustomers']['view'], 'show_new_messages' => Configuration::get('PS_SHOW_NEW_MESSAGES') && $accesses['AdminCustomerThreads']['view'], 'first_name' => Tools::substr($this->context->employee->firstname, 0, 1), 'last_name' => Tools::safeOutput($this->context->employee->lastname), 'employee' => $this->context->employee, 'search_type' => Tools::getValue('bo_search_type'), 'bo_query' => Tools::safeOutput(Tools::stripslashes(Tools::getValue('bo_query'))), 'quick_access' => $quick_access, 'multi_shop' => Shop::isFeatureActive(), 'shop_list' => Helper::renderShopList(), 'shop' => $this->context->shop, 'shop_group' => new ShopGroup((int) Shop::getContextShopGroupID()), 'current_parent_id' => (int) Tab::getCurrentParentId(), 'tabs' => $tabs, 'is_multishop' => $is_multishop, 'multishop_context' => $this->multishop_context, 'default_tab_link' => $this->context->link->getAdminLink(Tab::getClassNameById((int) Context::getContext()->employee->default_tab)), 'employee_avatar' => ImageManager::thumbnail($this->context->employee->getImage(), 'employee' . '_' . (int) $this->context->employee->id . '.' . $this->imageType, 150, $this->imageType, true, true), 'collapse_menu' => isset($this->context->cookie->collapse_menu) ? (int) $this->context->cookie->collapse_menu : 0)); } else { $this->context->smarty->assign('default_tab_link', $this->context->link->getAdminLink('AdminDashboard')); } $this->context->smarty->assign(array('img_dir' => _PS_IMG_, 'iso' => $this->context->language->iso_code, 'class_name' => $this->className, 'iso_user' => $this->context->language->iso_code, 'country_iso_code' => $this->context->country->iso_code, 'version' => _PS_VERSION_, 'lang_iso' => $this->context->language->iso_code, 'link' => $this->context->link, 'shop_name' => Configuration::get('PS_SHOP_NAME'), 'base_url' => $this->context->shop->getBaseURL(), 'tab' => isset($tab) ? $tab : null, 'current_parent_id' => (int) Tab::getCurrentParentId(), 'tabs' => $tabs, 'install_dir_exists' => file_exists(_PS_ADMIN_DIR_ . '/../install'), 'pic_dir' => _THEME_PROD_PIC_DIR_, 'controller_name' => htmlentities(Tools::getValue('controller')), 'currentIndex' => self::$currentIndex, 'bootstrap' => $this->bootstrap, 'default_language' => (int) Configuration::get('PS_LANG_DEFAULT'))); }
/** * Assign smarty variables for the header */ public function initHeader() { header('Cache-Control: no-store, no-cache'); // Multishop $is_multishop = Shop::isFeatureActive(); // Quick access if ((int) $this->context->employee->id) { $quick_access = QuickAccess::getQuickAccesses($this->context->language->id); foreach ($quick_access as $index => $quick) { if ($quick['link'] == '../' && Shop::getContext() == Shop::CONTEXT_SHOP) { $url = $this->context->shop->getBaseURL(); if (!$url) { unset($quick_access[$index]); continue; } $quick_access[$index]['link'] = $url; } else { preg_match('/controller=(.+)(&.+)?$/', $quick['link'], $admin_tab); if (isset($admin_tab[1])) { if (strpos($admin_tab[1], '&')) { $admin_tab[1] = substr($admin_tab[1], 0, strpos($admin_tab[1], '&')); } $token = Tools::getAdminToken($admin_tab[1] . (int) Tab::getIdFromClassName($admin_tab[1]) . (int) $this->context->employee->id); $quick_access[$index]['target'] = $admin_tab[1]; $quick_access[$index]['link'] .= '&token=' . $token; } } } } $tabs = $this->getTabs(); $currentTabLevel = 0; foreach ($tabs as &$tab) { $currentTabLevel = isset($tab['current_level']) ? $tab['current_level'] : $currentTabLevel; } if (Validate::isLoadedObject($this->context->employee)) { $accesses = Profile::getProfileAccesses($this->context->employee->id_profile, 'class_name'); $helperShop = new HelperShop(); /* Hooks are voluntary out the initialize array (need those variables already assigned) */ $bo_color = empty($this->context->employee->bo_color) ? '#FFFFFF' : $this->context->employee->bo_color; $this->context->smarty->assign(array('help_box' => Configuration::get('PS_HELPBOX'), 'round_mode' => Configuration::get('PS_PRICE_ROUND_MODE'), 'brightness' => Tools::getBrightness($bo_color) < 128 ? 'white' : '#383838', 'bo_width' => (int) $this->context->employee->bo_width, 'bo_color' => isset($this->context->employee->bo_color) ? Tools::htmlentitiesUTF8($this->context->employee->bo_color) : null, 'show_new_orders' => Configuration::get('PS_SHOW_NEW_ORDERS') && isset($accesses['AdminOrders']) && $accesses['AdminOrders']['view'], 'show_new_customers' => Configuration::get('PS_SHOW_NEW_CUSTOMERS') && isset($accesses['AdminCustomers']) && $accesses['AdminCustomers']['view'], 'show_new_messages' => Configuration::get('PS_SHOW_NEW_MESSAGES') && isset($accesses['AdminCustomerThreads']) && $accesses['AdminCustomerThreads']['view'], 'employee' => $this->context->employee, 'search_type' => Tools::getValue('bo_search_type'), 'bo_query' => Tools::safeOutput(Tools::stripslashes(Tools::getValue('bo_query'))), 'quick_access' => $quick_access, 'multi_shop' => Shop::isFeatureActive(), 'shop_list' => $helperShop->getRenderedShopList(), 'current_shop_name' => $helperShop->getCurrentShopName(), 'shop' => $this->context->shop, 'shop_group' => new ShopGroup((int) Shop::getContextShopGroupID()), 'is_multishop' => $is_multishop, 'multishop_context' => $this->multishop_context, 'default_tab_link' => $this->context->link->getAdminLink(Tab::getClassNameById((int) Context::getContext()->employee->default_tab)), 'login_link' => $this->context->link->getAdminLink('AdminLogin'), 'collapse_menu' => isset($this->context->cookie->collapse_menu) ? (int) $this->context->cookie->collapse_menu : 0)); } else { $this->context->smarty->assign('default_tab_link', $this->context->link->getAdminLink('AdminDashboard')); } // Shop::initialize() in config.php may empty $this->context->shop->virtual_uri so using a new shop instance for getBaseUrl() $this->context->shop = new Shop((int) $this->context->shop->id); $cldrRepository = new Cldr\Repository($this->context->language->language_code); $this->context->smarty->assign(array('img_dir' => _PS_IMG_, 'iso' => $this->context->language->iso_code, 'class_name' => $this->className, 'iso_user' => $this->context->language->iso_code, 'country_iso_code' => $this->context->country->iso_code, 'version' => _PS_VERSION_, 'lang_iso' => $this->context->language->iso_code, 'full_language_code' => $this->context->language->language_code, 'full_cldr_language_code' => $cldrRepository->getCulture(), 'link' => $this->context->link, 'shop_name' => Configuration::get('PS_SHOP_NAME'), 'base_url' => $this->context->shop->getBaseURL(), 'current_parent_id' => (int) Tab::getCurrentParentId(), 'tabs' => $tabs, 'current_tab_level' => $currentTabLevel, 'install_dir_exists' => file_exists(_PS_ADMIN_DIR_ . '/../install'), 'pic_dir' => _THEME_PROD_PIC_DIR_, 'controller_name' => htmlentities(Tools::getValue('controller')), 'currentIndex' => self::$currentIndex, 'bootstrap' => $this->bootstrap, 'default_language' => (int) Configuration::get('PS_LANG_DEFAULT'), 'display_addons_connection' => Tab::checkTabRights(Tab::getIdFromClassName('AdminModulesController')))); }