diff --git a/admin-dev/functions.php b/admin-dev/functions.php index 0cc909d21..d8c30f7cb 100644 --- a/admin-dev/functions.php +++ b/admin-dev/functions.php @@ -397,6 +397,7 @@ function simpleXMLToArray ($xml, $flattenValues = true, $flattenAttributes = tru function generateShopList() { $tree = Shop::getTree(); + $context = Context::getContext(); // Get default value list($shopID, $shopGroupID) = Shop::getContext(); @@ -410,14 +411,18 @@ function generateShopList() // Generate HTML $url = $_SERVER['REQUEST_URI'].(($_SERVER['QUERY_STRING']) ? '&' : '?').'setShopContext='; $html = ''; @@ -496,7 +501,6 @@ function runAdminTab($ajaxMode = false) '.translate('Back Office').' '.$bread.''; - if (!$ajaxMode && Shop::isMultiShopActivated() && Context::shop() != Shop::CONTEXT_ALL) { echo '
'; diff --git a/admin-dev/tabs/AdminEmployees.php b/admin-dev/tabs/AdminEmployees.php index a6629e7c1..7b8681435 100644 --- a/admin-dev/tabs/AdminEmployees.php +++ b/admin-dev/tabs/AdminEmployees.php @@ -182,16 +182,23 @@ class AdminEmployees extends AdminTab '; echo '
'; diff --git a/classes/AdminController.php b/classes/AdminController.php index e1f5974a1..270bfe71e 100644 --- a/classes/AdminController.php +++ b/classes/AdminController.php @@ -222,6 +222,7 @@ class AdminControllerCore extends Controller { if ($disable) return true; + $this->tabAccess = Profile::getProfileAccess($this->context->employee->id_profile, $this->id); if ($this->tabAccess['view'] === '1') @@ -1050,14 +1051,24 @@ class AdminControllerCore extends Controller Tools::redirectAdmin($url['path'].'?'.http_build_query($parseQuery)); } - $shopID = ''; + $shop_id = ''; if ($this->context->cookie->shopContext) { $split = explode('-', $this->context->cookie->shopContext); if (count($split) == 2 && $split[0] == 's') - $shopID = (int)$split[1]; + $shop_id = (int)$split[1]; } - $this->context->shop = new Shop($shopID); + else if ($this->context->employee->id_profile == _PS_ADMIN_PROFILE_) + $shop_id = ''; + else if ($this->context->shop->getTotalShopsWhoExists() != Employee::getTotalEmployeeShopById((int)$this->context->employee->id)) + { + $shops = Employee::getEmployeeShopById((int)$this->context->employee->id); + $shop_id = (int)$shops[0]; + } + else + Employee::getEmployeeShopAccess((int)$this->context->employee->id); + + $this->context->shop = new Shop($shop_id); /* Filter memorization */ if (isset($_POST) && !empty($_POST) && isset($this->table)) diff --git a/classes/AdminTab.php b/classes/AdminTab.php index f3d28ba39..d045018df 100644 --- a/classes/AdminTab.php +++ b/classes/AdminTab.php @@ -898,7 +898,8 @@ abstract class AdminTabCore if (!Shop::isMultiShopActivated()) return ; - $assos = self::getAssoShop($this->table, $id_object); + if(!$assos = self::getAssoShop($this->table, $id_object)) + return; Db::getInstance()->execute('DELETE FROM '._DB_PREFIX_.$this->table.'_'.$assos[1].($id_object ? ' WHERE `'.$this->identifier.'`='.(int)$id_object : '')); foreach ($assos[0] as $asso) @@ -915,7 +916,7 @@ abstract class AdminTabCore else if (isset($groupShopAsso[$table]) && $groupShopAsso[$table]['type'] == 'group_shop') $type = 'group_shop'; else - return ; + return; $assos = array(); foreach ($_POST as $k => $row) diff --git a/classes/Employee.php b/classes/Employee.php index 96f69b9cb..9c49e59c4 100644 --- a/classes/Employee.php +++ b/classes/Employee.php @@ -27,60 +27,60 @@ class EmployeeCore extends ObjectModel { - public $id; + public $id; /** @var string Determine employee profile */ - public $id_profile; + public $id_profile; /** @var string employee language */ - public $id_lang; + public $id_lang; /** @var string Lastname */ - public $lastname; + public $lastname; /** @var string Firstname */ - public $firstname; + public $firstname; /** @var string e-mail */ - public $email; + public $email; /** @var string Password */ - public $passwd; + public $passwd; /** @var datetime Password */ - public $last_passwd_gen; + public $last_passwd_gen; public $stats_date_from; public $stats_date_to; /** @var string Display back office background in the specified color */ - public $bo_color; + public $bo_color; /** @var string employee's chosen theme */ - public $bo_theme; + public $bo_theme; /** @var string / enum hover or click mode */ - public $bo_uimode; + public $bo_uimode; /** @var bool, true */ - public $bo_show_screencast; + public $bo_show_screencast; /** @var boolean Status */ - public $active = 1; + public $active = 1; /** @var boolean show screencast */ - public $show_screencast = 1; + public $show_screencast = 1; - public $remote_addr; + public $remote_addr; - protected $fieldsRequired = array('lastname', 'firstname', 'email', 'passwd', 'id_profile', 'id_lang'); - protected $fieldsSize = array('lastname' => 32, 'firstname' => 32, 'email' => 128, 'passwd' => 32, 'bo_color' => 32, 'bo_theme' => 32); - protected $fieldsValidate = array('lastname' => 'isName', 'firstname' => 'isName', 'email' => 'isEmail', 'id_lang' => 'isUnsignedInt', + protected $fieldsRequired = array('lastname', 'firstname', 'email', 'passwd', 'id_profile', 'id_lang'); + protected $fieldsSize = array('lastname' => 32, 'firstname' => 32, 'email' => 128, 'passwd' => 32, 'bo_color' => 32, 'bo_theme' => 32); + protected $fieldsValidate = array('lastname' => 'isName', 'firstname' => 'isName', 'email' => 'isEmail', 'id_lang' => 'isUnsignedInt', 'passwd' => 'isPasswdAdmin', 'active' => 'isBool', 'id_profile' => 'isInt', 'bo_color' => 'isColor', 'bo_theme' => 'isGenericName', 'bo_uimode' => 'isGenericName', 'show_screencast' => 'isBool', 'bo_show_screencast' => 'isBool'); - protected $table = 'employee'; - protected $identifier = 'id_employee'; + protected $table = 'employee'; + protected $identifier = 'id_employee'; protected $webserviceParameters = array( 'fields' => array( @@ -123,10 +123,10 @@ class EmployeeCore extends ObjectModel return $fields; } - public function add($autodate = true, $nullValues = true) + public function add($autodate = true, $null_values = true) { $this->last_passwd_gen = date('Y-m-d H:i:s', strtotime('-'.Configuration::get('PS_PASSWD_TIME_BACK').'minutes')); - return parent::add($autodate, $nullValues); + return parent::add($autodate, $null_values); } /** @@ -136,9 +136,9 @@ class EmployeeCore extends ObjectModel * @param string $passwd Password is also checked if specified * @return Employee instance */ - public function getByEmail($email, $passwd = NULL) + public function getByEmail($email, $passwd = null) { - if (!Validate::isEmail($email) OR ($passwd != NULL AND !Validate::isPasswd($passwd))) + if (!Validate::isEmail($email) || ($passwd != null && !Validate::isPasswd($passwd))) die(Tools::displayError()); $result = Db::getInstance()->getRow(' @@ -151,7 +151,7 @@ class EmployeeCore extends ObjectModel return false; $this->id = $result['id_employee']; $this->id_profile = $result['id_profile']; - foreach ($result AS $key => $value) + foreach ($result as $key => $value) if (key_exists($key, $this)) $this->{$key} = $value; return $this; @@ -176,7 +176,7 @@ class EmployeeCore extends ObjectModel */ public static function checkPassword($id_employee, $passwd) { - if (!Validate::isUnsignedId($id_employee) OR !Validate::isPasswd($passwd, 8)) + if (!Validate::isUnsignedId($id_employee) || !Validate::isPasswd($passwd, 8)) die (Tools::displayError()); return Db::getInstance()->getValue(' @@ -187,13 +187,13 @@ class EmployeeCore extends ObjectModel AND active = 1'); } - public static function countProfile($id_profile, $activeOnly = false) + public static function countProfile($id_profile, $active_only = false) { return Db::getInstance()->getValue(' SELECT COUNT(*) FROM `'._DB_PREFIX_.'employee` WHERE `id_profile` = '.(int)$id_profile.' - '.($activeOnly ? ' AND `active` = 1' : '')); + '.($active_only ? ' AND `active` = 1' : '')); } public function isLastAdmin() @@ -240,4 +240,60 @@ class EmployeeCore extends ObjectModel Context::getContext()->cookie->logout(); $this->id = null; } + + public static function getEmployeeShopAccess($id_employee) + { + $context = Context::getContext(); + + switch ($type = $context->shop->getContextType()) + { + case 1: + info('context shop'); + if ($context->shop->checkIfShopExist($context->shop->id)) + { + if (!in_array($context->shop->id, self::getEmployeeShopById($id_employee))) + return false; + } + else + return false; + break; + + case 2: + info('context group'); + if ($context->shop->checkIfGroupShopExist($context->shop->getGroupID())) + { + $shops = $context->shop->getIdShopsByIdGroupShop($context->shop->getGroupID()); + foreach ($shops as $shop) + if (!in_array($shop, self::getEmployeeShopById($id_employee))) + return false; + } + else + return false; + break; + + case 3: + info('context all'); + if ($context->employee->id_profile == _PS_ADMIN_PROFILE_ || + $context->shop->getTotalShopsWhoExists() == self::getTotalEmployeeShopById($id_employee)) + return true; + else + return false; + break; + } + return true; + } + + public static function getTotalEmployeeShopById($id) + { + return (int)Db::getInstance()->getValue(sprintf('SELECT COUNT(*) FROM`'._DB_PREFIX_.'employee_shop` WHERE `id_employee` = %d', (int)$id)); + } + + public static function getEmployeeShopById($id) + { + $result = Db::getInstance()->executeS(sprintf('SELECT * FROM`'._DB_PREFIX_.'employee_shop` WHERE `id_employee` = %d', (int)$id)); + $data = array(); + foreach ($result as $group_data) + $data[] = (int)$group_data['id_shop']; + return $data; + } } \ No newline at end of file diff --git a/classes/Profile.php b/classes/Profile.php index 90fdcb834..716230012 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -64,7 +64,7 @@ class ProfileCore extends ObjectModel SELECT p.`id_profile`, `name` FROM `'._DB_PREFIX_.'profile` p LEFT JOIN `'._DB_PREFIX_.'profile_lang` pl ON (p.`id_profile` = pl.`id_profile` AND `id_lang` = '.(int)($id_lang).') - ORDER BY `name` ASC'); + ORDER BY `id_profile` ASC'); } /** diff --git a/classes/shop/Shop.php b/classes/shop/Shop.php index 9d64a029d..fa17bb48d 100644 --- a/classes/shop/Shop.php +++ b/classes/shop/Shop.php @@ -440,6 +440,7 @@ class ShopCore extends ObjectModel public static function getShops($active = true, $id_group_shop = null, $get_as_list_id = false) { Shop::cacheShops(); + $results = array(); foreach (self::$shops as $group_id => $group_data) foreach ($group_data['shops'] as $id => $shop_data) @@ -492,12 +493,29 @@ class ShopCore extends ObjectModel return count(Shop::getShops($active)); } + /** + * @return int Total of shops + */ + public static function getTotalShopsWhoExists() + { + return (int)Db::getInstance()->getValue('SELECT COUNT(*) FROM `'._DB_PREFIX_.'shop`'); + } + /** * @return int Total of shops */ public static function getTotalShopsByIdGroupShop($id) { - return (int)Db::getInstance()->getValue(sprintf('SELECT COUNT(*) FROM '._DB_PREFIX_.'shop WHERE id_group_shop = %d', (int)$id)); + return (int)Db::getInstance()->getValue(sprintf('SELECT COUNT(*) FROM `'._DB_PREFIX_.'shop` WHERE `id_group_shop` = %d', (int)$id)); + } + + public static function getIdShopsByIdGroupShop($id) + { + $result = Db::getInstance()->executeS(sprintf('SELECT `id_shop`, `id_group_shop` FROM `'._DB_PREFIX_.'shop` WHERE `id_group_shop` = %d', (int)$id)); + $data = array(); + foreach ($result as $group_data) + $data[] = (int)$group_data['id_shop']; + return $data; } /** @@ -762,4 +780,14 @@ class ShopCore extends ObjectModel }*/ } } + + public function checkIfShopExist($id) + { + return (int)Db::getInstance()->getValue(sprintf('SELECT COUNT(*) FROM`'._DB_PREFIX_.'shop` WHERE `id_shop` = %d', (int)$id)); + } + + public function checkIfGroupShopExist($id) + { + return (int)Db::getInstance()->getValue(sprintf('SELECT COUNT(*) FROM`'._DB_PREFIX_.'group_shop` WHERE `id_group_shop` = %d', (int)$id)); + } } \ No newline at end of file diff --git a/translations/fr/admin.php b/translations/fr/admin.php index f9872d6bf..366faa71f 100644 --- a/translations/fr/admin.php +++ b/translations/fr/admin.php @@ -315,12 +315,8 @@ $_LANGADM['AdminCarts2fb3b950fd7711136f7f251ae5fbdbdc'] = 'Texte #'; $_LANGADM['AdminCarts853ae90f0351324bd73ea615e6487517'] = ':'; $_LANGADM['AdminCartsf2a6c498fb90ee345d997f888fce3b18'] = 'Supprimer'; $_LANGADM['AdminCarts0071aa279bd1583754a544277740f047'] = 'Supprimer objet #'; -$_LANGADM['AdminCatalog630f6dc397fe74e52d5189e2c80f282b'] = 'Retour à la liste'; -$_LANGADM['AdminCatalog6110e3692a789bcff0870b04b13a06bb'] = 'Retour à l\'accueil'; -$_LANGADM['AdminCatalogc61cd01963c2a9f399c2906e02c7a52a'] = 'Retour au catalogue'; $_LANGADM['AdminCatalog62381fc27e62649a16182a616de3f7ea'] = 'Catégorie actuelle'; $_LANGADM['AdminCatalogaf1b98adf7f686b84cd0b443e022b7a0'] = 'Catégories'; -$_LANGADM['AdminCatalog4afecbe4d149447b74b9ab54434c42e4'] = 'Produits dans cette catégorie'; $_LANGADM['AdminCategoriesb718adec73e04ce3ec720dd11a06a308'] = 'ID'; $_LANGADM['AdminCategories49ee3087348e8d44e1feda1917443987'] = 'Nom'; $_LANGADM['AdminCategoriesb5a7adde1af5c87d7fd797b6245c2a39'] = 'Informations complémentaires'; @@ -867,7 +863,7 @@ $_LANGADM['AdminEmployeesa9e4402481bd9b8e36752bf731f67eb6'] = 'Thème :'; $_LANGADM['AdminEmployeese4b41fb20213ac1461a81cb0c310bd97'] = 'Mode d\'interface'; $_LANGADM['AdminEmployeesf177aa999000021a3901ac78a2728b59'] = 'Affichage au survol'; $_LANGADM['AdminEmployeesd4e0f6342c209912053fec10be72c94b'] = 'Affichage au clic'; -$_LANGADM['AdminEmployees79f79257476673a2aea1b2a41adf3384'] = 'Afficher le screencast:'; +$_LANGADM['AdminEmployees79f79257476673a2aea1b2a41adf3384'] = 'Afficher le screencast :'; $_LANGADM['AdminEmployees00d23a76e43b46dae9ec7aa9dcbebb32'] = 'Activé'; $_LANGADM['AdminEmployeesb9f5c797ebbf55adccdd8539a65a0241'] = 'Désactivé'; $_LANGADM['AdminEmployees4d1f8c97363b784de6d8924bc655cab6'] = 'Afficher la vidéo de présentation sur le tableau de bord du panneau d\'administration'; @@ -875,6 +871,7 @@ $_LANGADM['AdminEmployees24a23d787190f2c4812ff9ab11847a72'] = 'Statut :'; $_LANGADM['AdminEmployees41bc9496fbde8565bd5fc699e513fbd9'] = 'Autoriser cet employé à se connecter au Back Office'; $_LANGADM['AdminEmployees9fbf3617c6172a75648e9ac0a864bb56'] = 'Profil :'; $_LANGADM['AdminEmployees7bc873cba11f035df692c3549366c722'] = '-- Choisissez --'; +$_LANGADM['AdminEmployeesf16b5952df8d25ea30b25ff95ee8fedf'] = 'Boutique associée :'; $_LANGADM['AdminEmployees38fb7d24e0d60a048f540ecb18e13376'] = 'Enregistrer'; $_LANGADM['AdminEmployees19f823c6453c2b1ffd09cb715214813d'] = 'Champs requis'; $_LANGADM['AdminFeatures49ee3087348e8d44e1feda1917443987'] = 'Nom';