diff --git a/admin-dev/ajax-tab.php b/admin-dev/ajax-tab.php index f6abe3658..a6a4ddd07 100755 --- a/admin-dev/ajax-tab.php +++ b/admin-dev/ajax-tab.php @@ -40,11 +40,10 @@ if (empty($tab) and !sizeof($_POST)) $_POST['tab'] = 'AdminHome'; $_POST['token'] = Tools::getAdminTokenLite($tab); } - if ($id_tab = checkingTab($tab)) + if ($adminObj = checkingTab($tab)) { $isoUser = Language::getIsoById(intval($cookie->id_lang)); - if (Validate::isLoadedObject($adminObj)) { $adminObj->ajax = true; diff --git a/admin-dev/tabs/AdminAccess.php b/admin-dev/tabs/AdminAccess.php index bdcdf6f47..4682490f9 100644 --- a/admin-dev/tabs/AdminAccess.php +++ b/admin-dev/tabs/AdminAccess.php @@ -68,14 +68,14 @@ class AdminAccess extends AdminTab $currentProfile = (int)($this->getCurrentProfileId()); $tabs = Tab::getTabs($this->context->language->id); $profiles = Profile::getProfiles($this->context->language->id); - $accesses = Profile::getProfileAccesses($this->context->language->id); + $accesses = Profile::getProfileAccesses($this->context->employee->id_profile); echo '
- +
'; if ($currentProfile != (int)(_PS_ADMIN_PROFILE_)) echo ' - - - - - + + + + + '; if (!sizeof($tabs)) @@ -114,6 +133,10 @@ class AdminAccess extends AdminTab $this->printTabAccess($currentProfile, $child, $accesses[$child['id_tab']], true, $tabsize, sizeof($tabs)); } echo '
+ echo ' '.$this->l('View').'
'.$this->l('Add').'
'.$this->l('Edit').'
'.$this->l('Delete').'
'.$this->l('All').'
 + tabAccess['edit'] == 1 ? 'onclick="ajax_power(this, \'view\', -1, '.$currentProfile.', \''.$this->token.'\', \''.$tabsize.'\', \''.sizeof($tabs).'\')"' : 'disabled="disabled"').' /> + '.$this->l('View').' + + tabAccess['edit'] == 1 ? 'onclick="ajax_power(this, \'add\', -1, '.$currentProfile.', \''.$this->token.'\', \''.$tabsize.'\', \''.sizeof($tabs).'\')"' : 'disabled="disabled"').' /> + '.$this->l('Add').' + + tabAccess['edit'] == 1 ? 'onclick="ajax_power(this, \'edit\', -1, '.$currentProfile.', \''.$this->token.'\', \''.$tabsize.'\', \''.sizeof($tabs).'\')"' : 'disabled="disabled"').' /> + '.$this->l('Edit').' + + tabAccess['edit'] == 1 ? 'onclick="ajax_power(this, \'delete\', -1, '.$currentProfile.', \''.$this->token.'\', \''.$tabsize.'\', \''.sizeof($tabs).'\')"' : 'disabled="disabled"').' /> + '.$this->l('Delete').' + + tabAccess['edit'] == 1 ? 'onclick="ajax_power(this, \'all\', -1, '.$currentProfile.', \''.$this->token.'\', \''.$tabsize.'\', \''.sizeof($tabs).'\')"' : 'disabled="disabled"').' /> + '.$this->l('All').' +
'; + + if ($currentProfile != (int)(_PS_ADMIN_PROFILE_)) + $this->displayModuleAccesses($currentProfile); + echo '
 
'; } private function printTabAccess($currentProfile, $tab, $access, $is_child, $tabsize, $tabnumber) @@ -123,14 +146,102 @@ class AdminAccess extends AdminTab echo ''.($is_child ? ' » ' : '').$tab['name'].''; foreach ($perms as $perm) { - if($this->tabAccess['edit'] == 1) - echo ''; + if ($this->tabAccess['edit'] == 1) + echo ''; else - echo ''; + echo ''; $result_accesses += $access[$perm]; } - echo ''; - + echo ' + tabAccess['edit'] == 1 ? 'onclick="ajax_power(this, \'all\', '.(int)($access['id_tab']).', '.(int)($access['id_profile']).', \''.$this->token.'\', \''.$tabsize.'\', \''.$tabnumber.'\')"' : 'disabled="disabled"').' + '.($result_accesses == 4 ? 'checked="checked"' : '').' + /> + '; + } + + public function ajaxProcess() + { + if (Tools::isSubmit('changeModuleAccess')) + { + if ($action = Tools::getValue('action') AND $variable = Tools::getValue('variable') AND $id_module = (int)Tools::getValue('id_module') AND $id_profile = (int)Tools::getValue('id_profile') AND $this->tabAccess['edit'] == 1) + { + if (!in_array($variable, array('view', 'configure'))) + die (Tools::displayErrors('unknown variable')); + $action = ($action == 'true' ? 1 : 0); + if ($id_module == -1) + Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'module_access` SET `'.pSQL($variable).'` = '.(int)$action.' WHERE `id_profile` = '.(int)$id_profile); + else + Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'module_access` SET `'.pSQL($variable).'` = '.(int)$action.' WHERE `id_module` = '.(int)$id_module.' AND `id_profile` = '.(int)$id_profile); + die ('ok'); + } + die ('inconsistent data'); + } + } + + private function displayModuleAccesses($currentProfile) + { + echo ' + + + + + + + '; + + $modules = Db::getInstance(_PS_USE_SQL_SLAVE_)->ExecuteS(' + SELECT ma.id_module, m.name, ma.`view`, ma.`configure` + FROM '._DB_PREFIX_.'module_access ma + LEFT JOIN '._DB_PREFIX_.'module m ON ma.id_module = m.id_module + WHERE id_profile = '.(int)$currentProfile.' + ORDER BY m.name'); + if (!sizeof($modules)) + echo ''; + else + foreach ($modules AS $module) + echo ' + + + + '; + + echo '
'.$this->l('Modules').'tabAccess['edit'] == 1 ? 'onclick="changeModuleAccess(this, -1, \'view\');"' : 'disabled="disabled"').' /> '.$this->l('View').'tabAccess['edit'] == 1 ? 'onclick="changeModuleAccess(this, -1, \'configure\');"' : 'disabled="disabled"').' /> '.$this->l('Configure').'
'.$this->l('No modules installed').'
» '.$module['name'].' + tabAccess['edit'] == 1 ? 'onclick="changeModuleAccess(this, '.(int)$module['id_module'].', \'view\');"' : 'disabled="disabled"').' + /> + + tabAccess['edit'] == 1 ? 'onclick="changeModuleAccess(this, '.(int)$module['id_module'].', \'configure\');"' : 'disabled="disabled"').' + /> +
'; } } diff --git a/admin-dev/tabs/AdminModules.php b/admin-dev/tabs/AdminModules.php index bf2c9f115..c1a4b6844 100644 --- a/admin-dev/tabs/AdminModules.php +++ b/admin-dev/tabs/AdminModules.php @@ -46,21 +46,24 @@ class AdminModules extends AdminTab function __construct() { - parent::__construct (); + parent::__construct(); $this->_moduleCacheFile = _PS_ROOT_DIR_.'/config/modules_list.xml'; - //refresh modules_list.xml every week + // refresh modules_list.xml every week if (!$this->isFresh()) $this->refresh(); - $this->listTabModules = array('administration' => $this->l('Administration'), 'advertising_marketing' => $this->l('Advertising & Marketing'), - 'analytics_stats' => $this->l('Analytics & Stats'), 'billing_invoicing' => $this->l('Billing & Invoicing'), 'checkout' => $this->l('Checkout'), - 'content_management' => $this->l('Content Management'), 'export' => $this->l('Export'), 'front_office_features' => $this->l('Front Office Features'), - 'i18n_localization' => $this->l('I18n & Localization'), 'merchandizing' => $this->l('Merchandizing'), 'migration_tools' => $this->l('Migration Tools'), - 'payments_gateways' => $this->l('Payments & Gateways'), 'payment_security' => $this->l('Payment Security'), 'pricing_promotion' => $this->l('Pricing & Promotion'), - 'quick_bulk_update' => $this->l('Quick / Bulk update'), 'search_filter' => $this->l('Search & Filter'), 'seo' => $this->l('SEO'), 'shipping_logistics' => $this->l('Shipping & Logistics'), - 'slideshows' => $this->l('Slideshows'), 'smart_shopping' => $this->l('Smart Shopping'), 'market_place' => $this->l('Market Place'), 'social_networks' => $this->l('Social Networks'), 'others'=> $this->l('Other Modules')); + $this->listTabModules = array( + 'administration' => $this->l('Administration'), 'advertising_marketing' => $this->l('Advertising & Marketing'), + 'analytics_stats' => $this->l('Analytics & Stats'), 'billing_invoicing' => $this->l('Billing & Invoicing'), 'checkout' => $this->l('Checkout'), + 'content_management' => $this->l('Content Management'), 'export' => $this->l('Export'), 'front_office_features' => $this->l('Front Office Features'), + 'i18n_localization' => $this->l('I18n & Localization'), 'merchandizing' => $this->l('Merchandizing'), 'migration_tools' => $this->l('Migration Tools'), + 'payments_gateways' => $this->l('Payments & Gateways'), 'payment_security' => $this->l('Payment Security'), 'pricing_promotion' => $this->l('Pricing & Promotion'), + 'quick_bulk_update' => $this->l('Quick / Bulk update'), 'search_filter' => $this->l('Search & Filter'), 'seo' => $this->l('SEO'), 'shipping_logistics' => $this->l('Shipping & Logistics'), + 'slideshows' => $this->l('Slideshows'), 'smart_shopping' => $this->l('Smart Shopping'), 'market_place' => $this->l('Market Place'), 'social_networks' => $this->l('Social Networks'), + 'others'=> $this->l('Other Modules') + ); $xmlModules = @simplexml_load_file($this->_moduleCacheFile); @@ -68,25 +71,25 @@ class AdminModules extends AdminTab if ($xmlModule->attributes() == 'native') foreach($xmlModule->children() as $module) foreach($module->attributes() as $key => $value) - if ($key == 'name') - $this->listNativeModules[] = (string)$value; + if ($key == 'name') + $this->listNativeModules[] = (string)$value; if ($xmlModule->attributes() == 'partner') foreach($xmlModule->children() as $module) foreach($module->attributes() as $key => $value) - if ($key == 'name') - $this->listPartnerModules[] = (string)$value; + if ($key == 'name') + $this->listPartnerModules[] = (string)$value; } public function postProcess() { $id_employee = (int)$this->context->employee->id; $filter_conf = Configuration::getMultiple(array( - 'PS_SHOW_TYPE_MODULES_'.$id_employee, - 'PS_SHOW_COUNTRY_MODULES_'.$id_employee, - 'PS_SHOW_INSTALLED_MODULES_'.$id_employee, - 'PS_SHOW_ENABLED_MODULES_'.$id_employee - )); - //reset filtre + 'PS_SHOW_TYPE_MODULES_'.$id_employee, + 'PS_SHOW_COUNTRY_MODULES_'.$id_employee, + 'PS_SHOW_INSTALLED_MODULES_'.$id_employee, + 'PS_SHOW_ENABLED_MODULES_'.$id_employee + )); + if (Tools::isSubmit('desactive') && isset($filter_conf['PS_SHOW_ENABLED_MODULES_'.$id_employee]) && $filter_conf['PS_SHOW_ENABLED_MODULES_'.$id_employee] != 'enabledDisabled') $this->setFilterModules($filter_conf['PS_SHOW_TYPE_MODULES_'.$id_employee], $filter_conf['PS_SHOW_COUNTRY_MODULES_'.$id_employee], $filter_conf['PS_SHOW_INSTALLED_MODULES_'.$id_employee], 'disabled'); @@ -99,7 +102,6 @@ class AdminModules extends AdminTab if (Tools::isSubmit('install') && isset($filter_conf['PS_SHOW_INSTALLED_MODULES_'.$id_employee]) && $filter_conf['PS_SHOW_INSTALLED_MODULES_'.$id_employee] != 'installedUninstalled') $this->setFilterModules($filter_conf['PS_SHOW_TYPE_MODULES_'.$id_employee], $filter_conf['PS_SHOW_COUNTRY_MODULES_'.$id_employee], 'installed', $filter_conf['PS_SHOW_ENABLED_MODULES_'.$id_employee]); - if (Tools::isSubmit('filterModules')) { $this->setFilterModules(Tools::getValue('module_type'), Tools::getValue('country_module_value'), Tools::getValue('module_install'), Tools::getValue('module_status')); @@ -110,6 +112,7 @@ class AdminModules extends AdminTab $this->resetFilterModules(); Tools::redirectAdmin(self::$currentIndex.'&token='.$this->token); } + if (Tools::isSubmit('active')) { if ($this->tabAccess['edit'] === '1') @@ -117,9 +120,15 @@ class AdminModules extends AdminTab $module = Module::getInstanceByName(Tools::getValue('module_name')); if (Validate::isLoadedObject($module)) { - $module->enable(); - Tools::redirectAdmin(self::$currentIndex.'&conf=5&token='.$this->token.'&tab_module='.$module->tab.'&module_name='.$module->name); - } else + if (!$module->getPermission('configure')) + $this->_errors[] = Tools::displayError('You do not have the permission to use this module'); + else + { + $module->enable(); + Tools::redirectAdmin(self::$currentIndex.'&conf=5&token='.$this->token.'&tab_module='.$module->tab.'&module_name='.$module->name); + } + } + else $this->_errors[] = Tools::displayError('Cannot load module object'); } else $this->_errors[] = Tools::displayError('You do not have permission to add here.'); @@ -131,9 +140,15 @@ class AdminModules extends AdminTab $module = Module::getInstanceByName(Tools::getValue('module_name')); if (Validate::isLoadedObject($module)) { - $module->disable(); - Tools::redirectAdmin(self::$currentIndex.'&conf=5&token='.$this->token.'&tab_module='.$module->tab.'&module_name='.$module->name); - } else + if (!$module->getPermission('configure')) + $this->_errors[] = Tools::displayError('You do not have the permission to use this module'); + else + { + $module->disable(); + Tools::redirectAdmin(self::$currentIndex.'&conf=5&token='.$this->token.'&tab_module='.$module->tab.'&module_name='.$module->name); + } + } + else $this->_errors[] = Tools::displayError('Cannot load module object'); } else $this->_errors[] = Tools::displayError('You do not have permission to add here.'); @@ -145,15 +160,20 @@ class AdminModules extends AdminTab $module = Module::getInstanceByName(Tools::getValue('module_name')); if (Validate::isLoadedObject($module)) { - if ($module->uninstall()) - if ($module->install()) - Tools::redirectAdmin(self::$currentIndex.'&conf=21'.'&token='.$this->token.'&tab_module='.$module->tab.'&module_name='.$module->name); - else - $this->_errors[] = Tools::displayError('Cannot install module'); + if (!$module->getPermission('configure')) + $this->_errors[] = Tools::displayError('You do not have the permission to use this module'); else - $this->_errors[] = Tools::displayError('Cannot uninstall module'); - - } else + { + if ($module->uninstall()) + if ($module->install()) + Tools::redirectAdmin(self::$currentIndex.'&conf=21'.'&token='.$this->token.'&tab_module='.$module->tab.'&module_name='.$module->name); + else + $this->_errors[] = Tools::displayError('Cannot install module'); + else + $this->_errors[] = Tools::displayError('Cannot uninstall module'); + } + } + else $this->_errors[] = Tools::displayError('Cannot load module object'); } else $this->_errors[] = Tools::displayError('You do not have permission to add here.'); @@ -200,11 +220,16 @@ class AdminModules extends AdminTab $module = Module::getInstanceByName(Tools::getValue('module_name')); if (Validate::isLoadedObject($module)) { - if (Tools::getValue('enable')) - $module->enable(); + if (!$module->getPermission('configure')) + $this->_errors[] = Tools::displayError('You do not have the permission to use this module'); else - $module->disable(); - Tools::redirectAdmin($this->getCurrentUrl('enable')); + { + if (Tools::getValue('enable')) + $module->enable(); + else + $module->disable(); + Tools::redirectAdmin($this->getCurrentUrl('enable')); + } } else $this->_errors[] = Tools::displayError('Cannot load module object'); @@ -219,11 +244,16 @@ class AdminModules extends AdminTab { if (Tools::getValue('module_name') != '') { - $moduleDir = _PS_MODULE_DIR_.str_replace(array('.', '/', '\\'), array('', '', ''), Tools::getValue('module_name')); - $this->recursiveDeleteOnDisk($moduleDir); - Tools::redirectAdmin(self::$currentIndex.'&conf=22&token='.$this->token.'&tab_module='.Tools::getValue('tab_module').'&module_name='.Tools::getValue('module_name')); + $module = Module::getInstanceByName(Tools::getValue('module_name')); + if (Validate::isLoadedObject($module) AND !$module->getPermission('configure')) + $this->_errors[] = Tools::displayError('You do not have the permission to use this module'); + else + { + $moduleDir = _PS_MODULE_DIR_.str_replace(array('.', '/', '\\'), array('', '', ''), Tools::getValue('module_name')); + $this->recursiveDeleteOnDisk($moduleDir); + Tools::redirectAdmin(self::$currentIndex.'&conf=22&token='.$this->token.'&tab_module='.Tools::getValue('tab_module').'&module_name='.Tools::getValue('module_name')); + } } - Tools::redirectAdmin(self::$currentIndex.'&token='.$this->token); } else $this->_errors[] = Tools::displayError('You do not have permission to delete here.'); @@ -247,15 +277,15 @@ class AdminModules extends AdminTab if (!($module = Module::getInstanceByName(urldecode($name)))) $this->_errors[] = $this->l('module not found'); elseif ($key == 'install' AND $this->tabAccess['add'] !== '1') - $this->_errors[] = Tools::displayError('You do not have permission to add here.'); - elseif ($key == 'uninstall' AND $this->tabAccess['delete'] !== '1') - $this->_errors[] = Tools::displayError('You do not have permission to delete here.'); - elseif ($key == 'configure' AND $this->tabAccess['edit'] !== '1') - $this->_errors[] = Tools::displayError('You do not have permission to edit here.'); + $this->_errors[] = Tools::displayError('You do not have permission to install a module.'); + elseif ($key == 'uninstall' AND ($this->tabAccess['delete'] !== '1' OR !$module->getPermission('configure'))) + $this->_errors[] = Tools::displayError('You do not have permission to delete this module.'); + elseif ($key == 'configure' AND ($this->tabAccess['edit'] !== '1' OR !$module->getPermission('configure'))) + $this->_errors[] = Tools::displayError('You do not have permission to configure this module.'); elseif ($key == 'install' AND Module::isInstalled($module->name)) - $this->_errors[] = Tools::displayError('This module is already installed : ').$module->name; + $this->_errors[] = Tools::displayError('This module is already installed:').' '.$module->name; elseif ($key == 'uninstall' AND !Module::isInstalled($module->name)) - $this->_errors[] = Tools::displayError('This module is already uninstalled : ').$module->name; + $this->_errors[] = Tools::displayError('This module is already uninstalled:').' '.$module->name; else { if (((method_exists($module, $method) && ($echo = $module->{$method}())) || ($echo = ' ')) AND $key == 'configure' AND Module::isInstalled($module->name)) @@ -311,12 +341,11 @@ class AdminModules extends AdminTab } if (sizeof($module_errors)) { - $htmlError = ''; - + $htmlError = ''; - $this->_errors[] = Tools::displayError('The following module(s) were not installed successfully:'.$htmlError); + $this->_errors[] = Tools::displayError('The following module(s) were not installed successfully:').$htmlError; } } if ($return) @@ -330,9 +359,9 @@ class AdminModules extends AdminTab if (substr($file, -4) == '.zip') { if (!Tools::ZipExtract($file, _PS_MODULE_DIR_)) - $this->_errors[] = Tools::displayError('Error while extracting module (file may be corrupted).'); - } - else + $this->_errors[] = Tools::displayError('Error while extracting module (file may be corrupted).'); + } + else { $archive = new Archive_Tar($file); if ($archive->extract(_PS_MODULE_DIR_)) @@ -505,22 +534,37 @@ class AdminModules extends AdminTab '; } - //filter module list - foreach($modules as $key => $module) + // Filter module list + foreach ($modules as $key => $module) { + if ($module->id AND !Module::getPermissionStatic($module->id, 'view') AND !Module::getPermissionStatic($module->id, 'configure')) + { + unset($modules[$key]); + continue; + } + switch ($showTypeModules) { case 'nativeModules': if (!in_array($module->name, $this->listNativeModules)) + { unset($modules[$key]); + continue; + } break; case 'partnerModules': if (!in_array($module->name, $this->listPartnerModules)) + { unset($modules[$key]); + continue; + } break; case 'otherModules': if (in_array($module->name, $this->listPartnerModules) OR in_array($module->name, $this->listNativeModules)) + { unset($modules[$key]); + continue; + } break; default: if (strpos($showTypeModules, 'authorModules[') !== false) @@ -528,7 +572,10 @@ class AdminModules extends AdminTab $author_selected = $this->_getSubmitedModuleAuthor($showTypeModules); $modulesAuthors[$author_selected] = 'selected'; // setting selected author in authors set if (empty($module->author) || $module->author != $author_selected) + { unset($modules[$key]); + continue; + } } break; @@ -539,11 +586,17 @@ class AdminModules extends AdminTab { case 'installed': if (!$module->id) + { unset($modules[$key]); + continue; + } break; case 'unistalled': if ($module->id) + { unset($modules[$key]); + continue; + } break; } @@ -551,21 +604,31 @@ class AdminModules extends AdminTab { case 'enabled': if (!$module->active) + { unset($modules[$key]); + continue; + } break; case 'disabled': if ($module->active) + { unset($modules[$key]); + continue; + } break; } - if ($showCountryModules) - if (isset($module->limited_countries) AND !empty($module->limited_countries) AND ((is_array($module->limited_countries) AND sizeof($module->limited_countries) AND !in_array(strtolower($isoCountryDefault), $module->limited_countries)) OR (!is_array($module->limited_countries) AND strtolower($isoCountryDefault) != strval($module->limited_countries)))) - unset($modules[$key]); + if ($showCountryModules AND (isset($module->limited_countries) AND !empty($module->limited_countries) AND ((is_array($module->limited_countries) AND sizeof($module->limited_countries) AND !in_array(strtolower($isoCountryDefault), $module->limited_countries)) OR (!is_array($module->limited_countries) AND strtolower($isoCountryDefault) != strval($module->limited_countries))))) + { + unset($modules[$key]); + continue; + } - if (!empty($filterName)) - if (stristr($module->name, $filterName) === false AND stristr($module->displayName, $filterName) === false AND stristr($module->description, $filterName) === false) - unset($modules[$key]); + if (!empty($filterName) AND (stristr($module->name, $filterName) === false AND stristr($module->displayName, $filterName) === false AND stristr($module->description, $filterName) === false)) + { + unset($modules[$key]); + continue; + } } foreach($modules as $module) diff --git a/classes/Module.php b/classes/Module.php index aa8f7d757..5de186ec2 100644 --- a/classes/Module.php +++ b/classes/Module.php @@ -85,6 +85,8 @@ abstract class ModuleCore protected static $_generateConfigXmlMode = false; protected static $l_cache = array(); + + protected static $cache_permissions = array(); /** * @var array used by AdminTab to determine which lang file to use (admin.php or module lang file) @@ -163,6 +165,23 @@ abstract class ModuleCore $this->id = Db::getInstance()->Insert_ID(); $this->enable(true); + + // Permissions management + Db::getInstance()->Execute(' + INSERT INTO `'._DB_PREFIX_.'module_access` (`id_profile`, `id_module`, `view`, `configure`) ( + SELECT id_profile, '.(int)$this->id.', 1, 1 + FROM '._DB_PREFIX_.'access a + WHERE id_tab = (SELECT `id_tab` FROM '._DB_PREFIX_.'tab WHERE class_name = \'AdminModules\' LIMIT 1) + AND a.`view` = 1 + )'); + Db::getInstance()->Execute(' + INSERT INTO `'._DB_PREFIX_.'module_access` (`id_profile`, `id_module`, `view`, `configure`) ( + SELECT id_profile, '.(int)$this->id.', 1, 0 + FROM '._DB_PREFIX_.'access a + WHERE id_tab = (SELECT `id_tab` FROM '._DB_PREFIX_.'tab WHERE class_name = \'AdminModules\' LIMIT 1) + AND a.`view` = 0 + )'); + return true; } @@ -189,10 +208,12 @@ abstract class ModuleCore $this->cleanPositions($row['id_hook']); } $this->disable(true); + + Db::getInstance()->Execute('DELETE FROM `'._DB_PREFIX_.'module_access` WHERE `id_module` = '.(int)$this->id); return Db::getInstance()->Execute(' DELETE FROM `'._DB_PREFIX_.'module` - WHERE `id_module` = '.(int)($this->id)); + WHERE `id_module` = '.(int)$this->id); } /** @@ -766,6 +787,8 @@ abstract class ModuleCore $exceptions = $moduleInstance->getExceptions($array['id_hook']); if (in_array(Dispatcher::getInstance()->getController(), $exceptions)) continue; + if (isset($context->employee) AND !$moduleInstance->getPermission('view', $context->employee)) + continue; if (is_callable(array($moduleInstance, 'hook'.$hook_name))) { @@ -1164,5 +1187,29 @@ abstract class ModuleCore { return is_callable(array($this, 'hook'.ucfirst($hook_name))); } + + public function getPermission($variable, $employee = null) + { + return self::getPermissionStatic($this->id, $variable, $employee); + } + + public function getPermissionStatic($id_module, $variable, $employee = null) + { + if (!in_array($variable, array('view', 'configure'))) + return false; + if (!$employee) + $employee = $this->context->employee; + if (!isset($cache_permissions[$employee->id_profile])) + { + $cache_permissions[$employee->id_profile] = array(); + $result = Db::getInstance(_PS_USE_SQL_SLAVE_)->ExecuteS('SELECT id_module, `view`, `configure` FROM '._DB_PREFIX_.'module_access WHERE id_profile = '.(int)$employee->id_profile); + foreach ($result as $row) + { + $cache_permissions[$employee->id_profile][$row['id_module']]['view'] = $row['view']; + $cache_permissions[$employee->id_profile][$row['id_module']]['configure'] = $row['configure']; + } + } + return (bool)$cache_permissions[$employee->id_profile][$id_module][$variable]; + } } diff --git a/classes/Profile.php b/classes/Profile.php index e347b23fe..c3750f6ed 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -80,22 +80,28 @@ class ProfileCore extends ObjectModel SELECT `name` FROM `'._DB_PREFIX_.'profile` p LEFT JOIN `'._DB_PREFIX_.'profile_lang` pl ON (p.`id_profile` = pl.`id_profile`) - WHERE p.`id_profile` = '.(int)($id_profile).' - AND pl.`id_lang` = '.(int)($id_lang)); + WHERE p.`id_profile` = '.(int)$id_profile.' + AND pl.`id_lang` = '.(int)$id_lang); } public function add($autodate = true, $nullValues = false) { if (parent::add($autodate, true)) - return Db::getInstance()->Execute('INSERT INTO '._DB_PREFIX_.'access (SELECT '.(int)($this->id).', id_tab, 0, 0, 0, 0 FROM '._DB_PREFIX_.'tab)'); + return ( + Db::getInstance()->Execute('INSERT INTO '._DB_PREFIX_.'access (SELECT '.(int)$this->id.', id_tab, 0, 0, 0, 0 FROM '._DB_PREFIX_.'tab)') + && Db::getInstance()->Execute('INSERT INTO '._DB_PREFIX_.'module_access (`id_profile`, `id_module`, `configure`, `view`) (SELECT '.(int)$this->id.', id_module, 0, 1 FROM '._DB_PREFIX_.'module)') + ); return false; } public function delete() { if (parent::delete()) - return Db::getInstance()->Execute('DELETE FROM `'._DB_PREFIX_.'access` WHERE `id_profile` = '.(int)($this->id)); + return ( + Db::getInstance()->Execute('DELETE FROM `'._DB_PREFIX_.'access` WHERE `id_profile` = '.(int)$this->id) + && Db::getInstance()->Execute('DELETE FROM `'._DB_PREFIX_.'module_access` WHERE `id_profile` = '.(int)$this->id) + ); return false; } @@ -117,7 +123,7 @@ class ProfileCore extends ObjectModel WHERE `id_profile` = '.(int)$id_profile); self::$_cache_accesses[$id_profile] = array(); - foreach($result AS $row) + foreach ($result AS $row) { if (!isset(self::$_cache_accesses[$id_profile][$row['id_tab']])) self::$_cache_accesses[$id_profile][$row['id_tab']] = array(); diff --git a/install-dev/sql/db.sql b/install-dev/sql/db.sql index d8385834a..3c834156b 100644 --- a/install-dev/sql/db.sql +++ b/install-dev/sql/db.sql @@ -862,6 +862,14 @@ CREATE TABLE `PREFIX_module` ( KEY `name` (`name`) ) ENGINE=ENGINE_TYPE DEFAULT CHARSET=utf8; +CREATE TABLE `PREFIX_module_access` ( + `id_profile` int(10) unsigned NOT NULL, + `id_module` int(10) unsigned NOT NULL, + `view` tinyint(1) NOT NULL, + `configure` tinyint(1) NOT NULL, + PRIMARY KEY (`id_profile`,`id_module`) +) ENGINE=ENGINE_TYPE DEFAULT CHARSET=utf8; + CREATE TABLE `PREFIX_module_country` ( `id_module` int(10) unsigned NOT NULL, `id_shop` INT(11) UNSIGNED NOT NULL DEFAULT '1', diff --git a/install-dev/sql/db_settings_extends.sql b/install-dev/sql/db_settings_extends.sql index e652c5bb2..06a132097 100644 --- a/install-dev/sql/db_settings_extends.sql +++ b/install-dev/sql/db_settings_extends.sql @@ -59,8 +59,9 @@ INSERT INTO `PREFIX_module` (`id_module`, `name`, `active`) VALUES (1, 'homefeat (47, 'statsbestvouchers', 1),(48, 'statsbestsuppliers', 1),(49, 'statscarrier', 1),(50, 'statsnewsletter', 1),(51, 'statssearch', 1),(52, 'statscheckup', 1),(53, 'statsstock', 1), (54, 'blockstore', 1),(55, 'statsforecast', 1); -INSERT INTO `PREFIX_module_shop` (`id_module`, `id_shop`) (SELECT `id_module`, 1 FROM `PREFIX_module`); +INSERT INTO `PREFIX_module_access` (`id_profile`, `id_module`, `configure`, `view`) (SELECT 1, id_module, 1, 1 FROM PREFIX_module); +INSERT INTO `PREFIX_module_shop` (`id_module`, `id_shop`) (SELECT `id_module`, 1 FROM `PREFIX_module`); INSERT INTO `PREFIX_hook` (`name`, `title`, `description`, `position`) VALUES ('myAccountBlock', 'My account block', 'Display extra informations inside the "my account" block', 1); @@ -1107,6 +1108,10 @@ INSERT INTO `PREFIX_access` (`id_profile`, `id_tab`, `view`, `add`, `edit`, `del (4, 91, 0, 0, 0, 0), (4, 92, 0, 0, 0, 0); +INSERT INTO `PREFIX_module_access` (`id_profile`, `id_module`, `configure`, `view`) (SELECT 2, id_module, 0, 1 FROM PREFIX_module); +INSERT INTO `PREFIX_module_access` (`id_profile`, `id_module`, `configure`, `view`) (SELECT 3, id_module, 0, 1 FROM PREFIX_module); +INSERT INTO `PREFIX_module_access` (`id_profile`, `id_module`, `configure`, `view`) (SELECT 4, id_module, 0, 1 FROM PREFIX_module); + INSERT INTO `PREFIX_profile` (`id_profile`) VALUES (2),(3),(4); INSERT INTO `PREFIX_profile_lang` (`id_lang`, `id_profile`, `name`) VALUES (1, 2, 'Logistician'),(2, 2, 'Logisticien'),(3, 2, 'Logistician'),(4, 2, 'Logistiker'),(5, 2, 'Logista'), diff --git a/install-dev/sql/upgrade/1.5.0.1.sql b/install-dev/sql/upgrade/1.5.0.1.sql new file mode 100644 index 000000000..a83207ffa --- /dev/null +++ b/install-dev/sql/upgrade/1.5.0.1.sql @@ -0,0 +1,23 @@ +SET NAMES 'utf8'; + +CREATE TABLE IF NOT EXISTS `PREFIX_module_access` ( + `id_profile` int(10) unsigned NOT NULL, + `id_module` int(10) unsigned NOT NULL, + `view` tinyint(1) NOT NULL, + `configure` tinyint(1) NOT NULL, + PRIMARY KEY (`id_profile`,`id_module`) +) ENGINE=ENGINE_TYPE DEFAULT CHARSET=utf8; + +INSERT INTO `PREFIX_module_access` (`id_profile`, `id_module`, `configure`, `view`) ( + SELECT id_profile, id_module, 0, 1 + FROM PREFIX_access a, PREFIX_module m + WHERE id_tab = (SELECT `id_tab` FROM PREFIX_tab WHERE class_name = 'AdminModules' LIMIT 1) + AND a.`view` = 0 +); + +INSERT INTO `PREFIX_module_access` (`id_profile`, `id_module`, `configure`, `view`) ( + SELECT id_profile, id_module, 1, 1 + FROM PREFIX_access a, PREFIX_module m + WHERE id_tab = (SELECT `id_tab` FROM PREFIX_tab WHERE class_name = 'AdminModules' LIMIT 1) + AND a.`view` = 1 +); \ No newline at end of file diff --git a/modules/vatnumber/vatnumber.php b/modules/vatnumber/vatnumber.php index 34ffd2283..a0eb98ef4 100755 --- a/modules/vatnumber/vatnumber.php +++ b/modules/vatnumber/vatnumber.php @@ -67,7 +67,8 @@ class VatNumber extends Module public static function getPrefixIntracomVAT() { - $intracom_array = array('AT'=>'AT', //Austria + $intracom_array = array( + 'AT'=>'AT', //Austria 'BE'=>'BE', //Belgium 'DK'=>'DK', //Denmark 'FI'=>'FI', //Finland @@ -148,16 +149,17 @@ class VatNumber extends Module { global $cookie; + $echo = ''; + if (Tools::isSubmit('submitVatNumber')) { - if (Tools::getValue('vatnumber_country')) - if (Configuration::updateValue('VATNUMBER_COUNTRY', (int)(Tools::getValue('vatnumber_country')))) - echo $this->displayConfirmation($this->l('Your country has been updated.')); + if (Configuration::updateValue('VATNUMBER_COUNTRY', (int)(Tools::getValue('vatnumber_country')))) + $echo .= $this->displayConfirmation($this->l('Your country has been updated.')); $check = (int)Tools::getValue('vatnumber_checking'); - if(Configuration::get('VATNUMBER_CHECKING') != $check AND Configuration::updateValue('VATNUMBER_CHECKING', $check)) - echo ($check ? $this->displayConfirmation($this->l('The check of the VAT number with the WebService is now enabled.')) : $this->displayConfirmation($this->l('The check of the VAT number with the WebService is now disabled.'))); + if (Configuration::get('VATNUMBER_CHECKING') != $check AND Configuration::updateValue('VATNUMBER_CHECKING', $check)) + $echo .= ($check ? $this->displayConfirmation($this->l('The check of the VAT number with the WebService is now enabled.')) : $this->displayConfirmation($this->l('The check of the VAT number with the WebService is now disabled.'))); } - echo ' + $echo .= '
'.$this->displayName.'
@@ -165,8 +167,8 @@ class VatNumber extends Module + $echo .= ' '; + $echo .= '
 
@@ -180,6 +182,7 @@ class VatNumber extends Module
'; + return $echo; } }