-
Notifications
You must be signed in to change notification settings - Fork 14
/
query_rights.php
123 lines (90 loc) · 3.2 KB
/
query_rights.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
require 'config.php';
dol_include_once('/query/class/query.class.php');
dol_include_once('/query/lib/query.lib.php');
$PDOdb = new TPDOdb;
$langs->load('query@query');
if(!$user->rights->query->all->create) accessforbidden();
$action = GETPOST('action','alpha');
$query_id = GETPOST('id','int');
$query = new TQuery();
$query->load($PDOdb, $query_id);
$objectright=new TQueryRights;
switch ($action) {
case 'add':
$objectright->set_values($_REQUEST);
$fk_element = (isset($_REQUEST['fk_group']) ? $_REQUEST['fk_group'] : $_REQUEST['fk_user']);
$objectright->fk_element = $fk_element;
if(!empty($objectright->fk_element) && !empty($objectright->element) && !empty($objectright->fk_query)) {
$objectright->save($PDOdb);
setEventMessage('RightSaved');
}
break;
case 'remove':
$objectright->load($PDOdb, GETPOST('rights_id','int'));
$objectright->delete($PDOdb);
setEventMessage('RightDeleted');
break;
default:
break;
}
_list($PDOdb, $query);
function _list(&$PDOdb, &$query) {
global $langs, $conf,$user,$db;
$formdoli = new Form($db);
llxHeader('', 'Query - '.$query->title);
$head = queryPrepareHead($query);
dol_fiche_head($head, 'rights', $langs->trans("Query"));
echo $langs->trans('Title') . ' : ' . $query->title;
echo '<br><br>';
// Utilisateurs associés
$l=new TListviewTBS('lRightsUser');
$sql = "SELECT qr.rowid, qr.element, qr.fk_element
, CASE WHEN qr.element = 'user' THEN CONCAT(u.firstname, ' ', u.lastname) ELSE g.nom END as label
,'' as action
FROM ".MAIN_DB_PREFIX."query_rights qr
LEFT JOIN ".MAIN_DB_PREFIX."user u ON (u.rowid = qr.fk_element AND qr.element = 'user')
LEFT JOIN ".MAIN_DB_PREFIX."usergroup g ON (g.rowid = qr.fk_element AND qr.element = 'group')
WHERE fk_query = ".$query->getId()."
ORDER BY element ASC";
echo $l->render($PDOdb, $sql,array(
'title'=>array(
'title'=>$langs->trans('Title')
,'fk_element'=>$langs->trans('LinkedElement')
,'element'=>$langs->trans('Element')
,'action'=>$langs->trans('Delete')
,'label'=>$langs->trans('Name')
)
,'translate'=>array(
'element'=> array('user'=>$langs->trans('User'), 'group'=>$langs->trans('Group'))
)
,'link'=>array(
'action'=>'<a href="'.dol_buildpath('/query/query_rights.php',1).'?rights_id=@rowid@&id='.$query->getId().'&action=remove">'.img_delete().'</a>'
)
,'hide'=>array('rowid','fk_element')
,'type'=>array(
)
));
echo '<br>';
$form = new TFormCore('auto','add_user');
echo $form->hidden('action', 'add');
echo $form->hidden('element', 'user');
echo $form->hidden('fk_query', $query->getId());
echo $form->hidden('id', $query->getId());
echo $langs->trans('AddUser') . ' : ';
echo $formdoli->select_dolusers('','fk_user');
echo $form->btsubmit($langs->trans('Add'), 'add');
echo $form->end_form();
$form = new TFormCore('auto','add_group');
echo $form->hidden('action', 'add');
echo $form->hidden('element', 'group');
echo $form->hidden('fk_query', $query->getId());
echo $form->hidden('id', $query->getId());
echo $langs->trans('AddGroup') . ' : ';
echo $formdoli->select_dolgroups('','fk_group');
echo $form->btsubmit($langs->trans('Add'), 'add');
echo $form->end_form();
// pied de page
dol_fiche_end();
llxFooter();
}