/**
* 2007-2015 PrestaShop
*
* NOTICE OF LICENSE
*
* This source file is subject to the Open Software License (OSL 3.0)
* that is bundled with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://opensource.org/licenses/osl-3.0.php
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@prestashop.com so we can send you a copy immediately.
*
* DISCLAIMER
*
* Do not edit or add to this file if you wish to upgrade PrestaShop to newer
* versions in the future. If you wish to customize PrestaShop for your
* needs please refer to http://www.prestashop.com for more information.
*
* @author PrestaShop SA <*****@*****.**>
* @copyright 2007-2015 PrestaShop SA
* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
* International Registered Trademark & Property of PrestaShop SA
*/
function ps_1702_right_management()
{
$actions = array('CREATE', 'READ', 'UPDATE', 'DELETE');
/**
* Add roles
*/
foreach (array('TAB', 'MODULE') as $element) {
foreach ($actions as $action) {
Db::getInstance()->execute('
INSERT INTO `' . _DB_PREFIX_ . 'authorization_role`
(`slug`)
SELECT CONCAT("ROLE_MOD_' . $element . '_", UCASE(`class_name`), "_' . $action . '")
FROM `' . _DB_PREFIX_ . strtolower($element) . '`
');
}
}
/**
* Add access
*/
$accessObject = new Access();
// Tabs
$oldAccess = Db::getInstance()->executeS('SELECT * FROM `' . _DB_PREFIX_ . 'access_old`');
foreach ($oldAccess as $currOldAccess) {
foreach (array('view', 'add', 'edit', 'delete') as $action) {
if (array_key_exists($action, $currOldAccess) && $currOldAccess[$action] == '1') {
$accessObject->updateLgcAccess($currOldAccess['id_profile'], $currOldAccess['id_tab'], $action, true);
}
}
}
// Modules
$oldAccess = Db::getInstance()->executeS('SELECT * FROM `' . _DB_PREFIX_ . 'module_access_old`');
foreach ($oldAccess as $currOldAccess) {
foreach (array('configure', 'view', 'uninstall') as $action) {
if (array_key_exists($action, $currOldAccess) && $currOldAccess[$action] == '1') {
$accessObject->updateLgcAccess($currOldAccess['id_profile'], $currOldAccess['id_tab'], $action, true);
}
}
}
}
public function ajaxProcessUpdateAccess()
{
if (_PS_MODE_DEMO_) {
throw new PrestaShopException($this->trans('This functionality has been disabled.', array(), 'Admin.Notifications.Error'));
}
if ($this->access('edit') != '1') {
throw new PrestaShopException($this->trans('You do not have permission to edit this.', array(), 'Admin.Notifications.Error'));
}
if (Tools::isSubmit('submitAddAccess')) {
$res = array();
$access = new Access();
$perm = Tools::getValue('perm');
if (!in_array($perm, array('view', 'add', 'edit', 'delete', 'all'))) {
throw new PrestaShopException('permission does not exist');
}
$enabled = (int) Tools::getValue('enabled');
$id_tab = (int) Tools::getValue('id_tab');
$id_profile = (int) Tools::getValue('id_profile');
die($access->updateLgcAccess((int) $id_profile, $id_tab, $perm, $enabled));
}
}
/** When creating a new tab $id_tab, this add default rights to the table access
*
* @todo this should not be public static but protected
* @param int $id_tab
* @param Context $context
* @return bool true if succeed
*/
public static function initAccess($id_tab, Context $context = null)
{
if (!$context) {
$context = Context::getContext();
}
if (!$context->employee || !$context->employee->id_profile) {
return false;
}
/* Profile selection */
$profiles = Db::getInstance()->executeS('SELECT `id_profile` FROM ' . _DB_PREFIX_ . 'profile WHERE `id_profile` != 1');
if (!$profiles || empty($profiles)) {
return true;
}
/* Right management */
$slug = 'ROLE_MOD_TAB_' . strtoupper(self::getClassNameById($id_tab));
foreach (array('CREATE', 'READ', 'UPDATE', 'DELETE') as $action) {
Db::getInstance()->execute('INSERT INTO `' . _DB_PREFIX_ . 'authorization_role` (`slug`) VALUES ("' . $slug . '_' . $action . '")');
}
$access = new Access();
foreach (array('view', 'add', 'edit', 'delete') as $action) {
$access->updateLgcAccess('1', $id_tab, $action, true);
$access->updateLgcAccess($context->employee->id_profile, $id_tab, $action, true);
}
return true;
}