* @copyright 2007-2011 PrestaShop SA * @version Release: $Revision: 6844 $ * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ include_once(_PS_ADMIN_DIR_.'/../classes/AdminTab.php'); class AdminAccess extends AdminTab { private $return_status; private $return_message; public function processSubmitAddAccess() { $perm = Tools::getValue('perm') ; if (!in_array($perm, array('view', 'add', 'edit', 'delete', 'all'))) throw new PrestashopException('permission not exists'); $enabled = (int)Tools::getValue('enabled'); $id_tab = (int)(Tools::getValue('id_tab')); $id_profile = (int)(Tools::getValue('id_profile')); $res = true; if ($id_tab == -1 AND $perm == 'all' AND $enabled == 0) $res &= Db::getInstance()->execute('UPDATE `'._DB_PREFIX_.'access` SET `view` = '.$enabled.', `add` = '.$enabled.', `edit` = '.$enabled.', `delete` = '.$enabled.' WHERE `id_profile` = '.(int)($id_profile).' AND `id_tab` != 31'); else if ($id_tab == -1 AND $perm == 'all') $res &= Db::getInstance()->execute('UPDATE `'._DB_PREFIX_.'access` SET `view` = '.$enabled.', `add` = '.$enabled.', `edit` = '.$enabled.', `delete` = '.$enabled.' WHERE `id_profile` = '.(int)($id_profile)); else if ($id_tab == -1) $res &= Db::getInstance()->execute('UPDATE `'._DB_PREFIX_.'access` SET `'.pSQL($perm).'` = '.$enabled.' WHERE `id_profile` = '.(int)($id_profile)); else if ($perm == 'all') $res &= Db::getInstance()->execute('UPDATE `'._DB_PREFIX_.'access` SET `view` = '.$enabled.', `add` = '.$enabled.', `edit` = '.$enabled.', `delete` = '.$enabled.' WHERE `id_tab` = '.(int)($id_tab).' AND `id_profile` = '.(int)($id_profile)); else $res &= Db::getInstance()->execute('UPDATE `'._DB_PREFIX_.'access` SET `'.pSQL($perm).'` = '.$enabled.' WHERE `id_tab` = '.(int)($id_tab).' AND `id_profile` = '.(int)($id_profile)); $this->return_status = $res?'ok':'error'; if ($res) $this->return_message = $this->l('Access successfully updated'); else $this->return_message = $this->l('An error when updating access'); } public function processChangeModuleAccess() { $perm = Tools::getValue('perm'); $enabled = (int)Tools::getValue('enabled'); $id_module = (int)Tools::getValue('id_module'); $id_profile = (int)Tools::getValue('id_profile'); $res = true; if (!in_array($perm, array('view', 'configure'))) throw new PrestashopException('permission not exists'); if ($id_module == -1) $res &= Db::getInstance()->execute('UPDATE `'._DB_PREFIX_.'module_access` SET `'.pSQL($perm).'` = '.(int)$enabled.' WHERE `id_profile` = '.(int)$id_profile); else $res &= Db::getInstance()->execute('UPDATE `'._DB_PREFIX_.'module_access` SET `'.pSQL($perm).'` = '.(int)$enabled.' WHERE `id_module` = '.(int)$id_module.' AND `id_profile` = '.(int)$id_profile); $this->return_status = $res?'ok':'error'; if ($res) $this->return_message = $this->l('Access successfully updated.'); else $this->return_message = $this->l('An error when updating access.'); } public function displayAjax() { $return = array('result'=>$this->return_status,'msg'=>$this->return_message); echo Tools::jsonEncode($return); } public function display() { $this->displayForm(); echo ''; } /** * Get the current profile id * * @return the $_GET['profile'] if valid, else 1 (the first profile id) */ function getCurrentProfileId() { return (isset($_GET['profile']) AND !empty($_GET['profile']) AND is_numeric($_GET['profile'])) ? (int)($_GET['profile']) : 1; } public function displayForm($isMainTab = true) { parent::displayForm(); $currentProfile = (int)($this->getCurrentProfileId()); $tabs = Tab::getTabs($this->context->language->id); $profiles = Profile::getProfiles($this->context->language->id); $accesses = Profile::getProfileAccesses($currentProfile); echo ' '; if ($currentProfile != (int)(_PS_ADMIN_PROFILE_)) echo ' '; if (!sizeof($tabs)) echo ''; elseif ($currentProfile == (int)(_PS_ADMIN_PROFILE_)) echo ''; else foreach ($tabs AS $tab) if (!$tab['id_parent'] OR (int)($tab['id_parent']) == -1) { $this->printTabAccess((int)($currentProfile), $tab, $accesses[$tab['id_tab']], false, $tabsize, sizeof($tabs)); foreach ($tabs AS $child) if ($child['id_parent'] === $tab['id_tab']) if (isset($accesses[$child['id_tab']])) { $this->printTabAccess($currentProfile, $child, $accesses[$child['id_tab']], true, $tabsize, sizeof($tabs)); } } echo '
tabAccess['edit'] == 1 ? ' rel="-1||'.$currentProfile.'||view||'.$tabsize.'||'.sizeof($tabs).'" class="ajaxPower"' : 'disabled="disabled"').' /> '.$this->l('View').' tabAccess['edit'] == 1 ? ' rel="-1||'.$currentProfile.'||add||'.$tabsize.'||'.sizeof($tabs).'" class="ajaxPower"' : 'disabled="disabled"').' /> '.$this->l('Add').' tabAccess['edit'] == 1 ? ' rel="-1||'.$currentProfile.'||edit||'.$tabsize.'||'.sizeof($tabs).'" class="ajaxPower"' : 'disabled="disabled"').' /> '.$this->l('Edit').' tabAccess['edit'] == 1 ? ' rel="-1||'.$currentProfile.'||delete||'.$tabsize.'||'.sizeof($tabs).'" class="ajaxPower"' : 'disabled="disabled"').' /> '.$this->l('Delete').' tabAccess['edit'] == 1 ? ' rel="-1||'.$currentProfile.'||all||'.$tabsize.'||'.sizeof($tabs).'" class="ajaxPower"' : 'disabled="disabled"').' /> '.$this->l('All').'
'.$this->l('No tab').'
'.$this->l('Administrator permissions can\'t be modified.').'
'; if ($currentProfile != (int)(_PS_ADMIN_PROFILE_)) $this->displayModuleAccesses($currentProfile); echo '
 
'; } private function printTabAccess($currentProfile, $tab, $access, $is_child, $tabsize, $tabnumber) { $result_accesses = 0; $perms = array('view', 'add', 'edit', 'delete'); echo ''.($is_child ? ' » ' : '').$tab['name'].''; foreach ($perms as $perm) { if ($this->tabAccess['edit'] == 1) echo ''; else echo ''; $result_accesses += $access[$perm]; } echo ' tabAccess['edit'] == 1 ? ' rel="'.(int)($access['id_tab']).'||'.(int)($currentProfile).'||all||'.$tabsize.'||'.$tabnumber.'" class="ajaxPower all '.(int)($access['id_tab']).'"' : ' class="all '.(int)($access['id_tab']).'" disabled="disabled"').' '.($result_accesses == 4 ? 'checked="checked"' : '').' /> '; } public function ajaxProcess() { /* PrestaShop demo mode */ if (_PS_MODE_DEMO_) { $this->_errors[] = Tools::displayError('This functionnality has been disabled.'); return; } /* PrestaShop demo mode*/ if ($this->tabAccess['edit'] == 1) { if (Tools::isSubmit('submitAddaccess')) $this->processSubmitAddAccess(); if (Tools::isSubmit('changeModuleAccess')) $this->processChangeModuleAccess(); } } private function displayModuleAccesses($currentProfile) { echo ' '; $modules = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS(' SELECT ma.id_module, m.name, ma.`view`, ma.`configure` FROM '._DB_PREFIX_.'module_access ma LEFT JOIN '._DB_PREFIX_.'module m ON ma.id_module = m.id_module WHERE id_profile = '.(int)$currentProfile.' ORDER BY m.name'); if (!sizeof($modules)) echo ''; else foreach ($modules AS $module) echo ''; echo '
'.$this->l('Modules').' tabAccess['edit'] == 1 ? 'class="changeModuleAccess" rel="-1||view"' : 'disabled="disabled"').' /> '.$this->l('View').' tabAccess['edit'] == 1 ? 'class="changeModuleAccess" rel="-1||configure"' : 'disabled="disabled"').' /> '.$this->l('Configure').'
'.$this->l('No modules installed').'
» '.$module['name'].' tabAccess['edit'] == 1 ? 'class="ajax-ma-view changeModuleAccess" rel="'.(int)$module['id_module'].'||view"' : ' class="ajax-ma-view" disabled="disabled"').' /> tabAccess['edit'] == 1 ? ' class="ajax-ma-configure changeModuleAccess" rel="'.(int)$module['id_module'].'||configure"' : ' class="ajax-ma-configure" disabled="disabled"').' />
'; } }