Skip to content

Commit

Permalink
Merge pull request #86 from leon-mbs/dev
Browse files Browse the repository at this point in the history 
v4.3.0
  • Loading branch information
@leon-mbs
leon-mbs authored May 26, 2020
2 parents b8d237b + 12aa09f commit 7e7f360
Show file tree
Hide file tree
Showing 58 changed files with 1,293 additions and 691 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
CHANGELOG
=========

### v4.3.0 (2020-05-25)
* добавлены роли пользователей. Теперь разделение доступа и оперативное меню настраивается на уровне роли.
Для обновления выполнить update421to430.sql обновить папки app, templates, templates_ua


### v4.2.1 (2020-05-23)
* усовершенствован ввод накладной с учетом валют
* настраиваемое форматирование дат
Expand Down
59 changes: 48 additions & 11 deletions db/db.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ CREATE TABLE `docstatelog` (
`hostname` varchar(64) NOT NULL,
PRIMARY KEY (`log_id`),
KEY `document_id` (`document_id`)
) AUTO_INCREMENT=978 DEFAULT CHARSET=utf8;
) AUTO_INCREMENT=998 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `docstatelog_view`;
/*!50001 DROP VIEW IF EXISTS `docstatelog_view`*/;
Expand Down Expand Up @@ -103,7 +103,7 @@ CREATE TABLE `documents` (
KEY `customer_id` (`customer_id`),
KEY `user_id` (`user_id`),
KEY `branch_id` (`branch_id`)
) AUTO_INCREMENT=258 DEFAULT CHARSET=utf8;
) AUTO_INCREMENT=262 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `documents_view`;
/*!50001 DROP VIEW IF EXISTS `documents_view`*/;
Expand Down Expand Up @@ -157,7 +157,7 @@ CREATE TABLE `entrylist` (
PRIMARY KEY (`entry_id`),
KEY `document_id` (`document_id`),
KEY `stock_id` (`stock_id`)
) AUTO_INCREMENT=730 DEFAULT CHARSET=utf8;
) AUTO_INCREMENT=740 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
/*!50003 SET @saved_cs_client = @@character_set_client */ ;
/*!50003 SET @saved_cs_results = @@character_set_results */ ;
Expand All @@ -168,7 +168,7 @@ CREATE TABLE `entrylist` (
/*!50003 SET @saved_sql_mode = @@sql_mode */ ;
/*!50003 SET sql_mode = 'STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION' */ ;
DELIMITER ;;
/*!50003 CREATE*/ /*!50003 TRIGGER `entrylist_after_ins_tr` AFTER INSERT ON `entrylist`
/*!50003 CREATE*/ /*!50003 TRIGGER `entrylist_after_ins_tr` AFTER INSERT ON `entrylist`
FOR EACH ROW
BEGIN

Expand Down Expand Up @@ -422,7 +422,7 @@ CREATE TABLE `item_set` (
`pitem_id` int(11) DEFAULT '0',
`qty` decimal(11,3) DEFAULT '0.000',
PRIMARY KEY (`set_id`)
) AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
) AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `item_set_view`;
/*!50001 DROP VIEW IF EXISTS `item_set_view`*/;
Expand Down Expand Up @@ -655,7 +655,7 @@ CREATE TABLE `paylist` (
`paytype` tinyint(4) NOT NULL DEFAULT '0',
PRIMARY KEY (`pl_id`),
KEY `document_id` (`document_id`)
) AUTO_INCREMENT=243 DEFAULT CHARSET=utf8;
) AUTO_INCREMENT=249 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `paylist_view`;
/*!50001 DROP VIEW IF EXISTS `paylist_view`*/;
Expand Down Expand Up @@ -687,6 +687,26 @@ CREATE TABLE `poslist` (
PRIMARY KEY (`pos_id`)
) AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `roles`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `roles` (
`role_id` int(11) NOT NULL AUTO_INCREMENT,
`rolename` varchar(255) DEFAULT NULL,
`acl` mediumtext,
PRIMARY KEY (`role_id`)
) AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `roles_view`;
/*!50001 DROP VIEW IF EXISTS `roles_view`*/;
SET @saved_cs_client = @@character_set_client;
SET character_set_client = utf8;
/*!50001 CREATE VIEW `roles_view` AS SELECT
1 AS `role_id`,
1 AS `rolename`,
1 AS `acl`,
1 AS `cnt`*/;
SET character_set_client = @saved_cs_client;
DROP TABLE IF EXISTS `services`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
Expand Down Expand Up @@ -855,7 +875,7 @@ CREATE TABLE `store_stock` (
`sdate` date DEFAULT NULL,
PRIMARY KEY (`stock_id`),
KEY `item_id` (`item_id`)
) AUTO_INCREMENT=566 DEFAULT CHARSET=utf8;
) AUTO_INCREMENT=569 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
DROP TABLE IF EXISTS `store_stock_view`;
/*!50001 DROP VIEW IF EXISTS `store_stock_view`*/;
Expand Down Expand Up @@ -901,6 +921,7 @@ CREATE TABLE `users` (
`acl` mediumtext NOT NULL,
`disabled` int(1) NOT NULL DEFAULT '0',
`options` longtext,
`role_id` int(11) DEFAULT NULL,
PRIMARY KEY (`user_id`),
UNIQUE KEY `userlogin` (`userlogin`)
) AUTO_INCREMENT=8 DEFAULT CHARSET=utf8;
Expand All @@ -918,6 +939,9 @@ SET character_set_client = utf8;
1 AS `acl`,
1 AS `options`,
1 AS `disabled`,
1 AS `rolename`,
1 AS `role_id`,
1 AS `roleacl`,
1 AS `employee_id`,
1 AS `username`*/;
SET character_set_client = @saved_cs_client;
Expand Down Expand Up @@ -1116,6 +1140,19 @@ SET character_set_client = @saved_cs_client;
/*!50001 SET character_set_client = @saved_cs_client */;
/*!50001 SET character_set_results = @saved_cs_results */;
/*!50001 SET collation_connection = @saved_col_connection */;
/*!50001 DROP VIEW IF EXISTS `roles_view`*/;
/*!50001 SET @saved_cs_client = @@character_set_client */;
/*!50001 SET @saved_cs_results = @@character_set_results */;
/*!50001 SET @saved_col_connection = @@collation_connection */;
/*!50001 SET character_set_client = utf8mb4 */;
/*!50001 SET character_set_results = utf8mb4 */;
/*!50001 SET collation_connection = utf8mb4_unicode_ci */;
/*!50001 CREATE */
/*!50013 */
/*!50001 VIEW `roles_view` AS select `roles`.`role_id` AS `role_id`,`roles`.`rolename` AS `rolename`,`roles`.`acl` AS `acl`,(select coalesce(count(0),0) from `users` where (`users`.`role_id` = `roles`.`role_id`)) AS `cnt` from `roles` */;
/*!50001 SET character_set_client = @saved_cs_client */;
/*!50001 SET character_set_results = @saved_cs_results */;
/*!50001 SET collation_connection = @saved_col_connection */;
/*!50001 DROP VIEW IF EXISTS `shop_attributes_view`*/;
/*!50001 SET @saved_cs_client = @@character_set_client */;
/*!50001 SET @saved_cs_results = @@character_set_results */;
Expand Down Expand Up @@ -1172,12 +1209,12 @@ SET character_set_client = @saved_cs_client;
/*!50001 SET @saved_cs_client = @@character_set_client */;
/*!50001 SET @saved_cs_results = @@character_set_results */;
/*!50001 SET @saved_col_connection = @@collation_connection */;
/*!50001 SET character_set_client = latin1 */;
/*!50001 SET character_set_results = latin1 */;
/*!50001 SET collation_connection = latin1_swedish_ci */;
/*!50001 SET character_set_client = utf8mb4 */;
/*!50001 SET character_set_results = utf8mb4 */;
/*!50001 SET collation_connection = utf8mb4_unicode_ci */;
/*!50001 CREATE */
/*!50013 */
/*!50001 VIEW `users_view` AS select `users`.`user_id` AS `user_id`,`users`.`userlogin` AS `userlogin`,`users`.`userpass` AS `userpass`,`users`.`createdon` AS `createdon`,`users`.`email` AS `email`,`users`.`acl` AS `acl`,`users`.`options` AS `options`,`users`.`disabled` AS `disabled`,coalesce(`employees`.`employee_id`,0) AS `employee_id`,(case when isnull(`employees`.`emp_name`) then `users`.`userlogin` else `employees`.`emp_name` end) AS `username` from (`users` left join `employees` on(((`users`.`userlogin` = `employees`.`login`) and (`employees`.`disabled` <> 1)))) */;
/*!50001 VIEW `users_view` AS select `users`.`user_id` AS `user_id`,`users`.`userlogin` AS `userlogin`,`users`.`userpass` AS `userpass`,`users`.`createdon` AS `createdon`,`users`.`email` AS `email`,`users`.`acl` AS `acl`,`users`.`options` AS `options`,`users`.`disabled` AS `disabled`,`roles`.`rolename` AS `rolename`,`users`.`role_id` AS `role_id`,`roles`.`acl` AS `roleacl`,coalesce(`employees`.`employee_id`,0) AS `employee_id`,(case when isnull(`employees`.`emp_name`) then `users`.`userlogin` else `employees`.`emp_name` end) AS `username` from ((`users` left join `employees` on(((`users`.`userlogin` = `employees`.`login`) and (`employees`.`disabled` <> 1)))) left join `roles` on((`users`.`role_id` = `roles`.`role_id`))) */;
/*!50001 SET character_set_client = @saved_cs_client */;
/*!50001 SET character_set_results = @saved_cs_results */;
/*!50001 SET collation_connection = @saved_col_connection */;
Expand Down
8 changes: 5 additions & 3 deletions db/initdata.sql
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@

SET NAMES 'utf8';



INSERT INTO `users` (`user_id`, `userlogin`, `userpass`, `createdon`, `email`, `acl`, `disabled`, `options`) VALUES(4, 'admin', '$2y$10$GsjC.thVpQAPMQMO6b4Ma.olbIFr2KMGFz12l5/wnmxI1PEqRDQf.', '2017-01-01', '[email protected]', 'a:8:{s:7:"acltype";i:0;s:6:"onlymy";i:0;s:7:"aclview";N;s:7:"acledit";N;s:6:"aclexe";N;s:9:"aclbranch";N;s:7:"widgets";N;s:7:"modules";N;}', 0, 'a:4:{s:9:"smartmenu";s:3:"7,8";s:8:"defstore";s:2:"19";s:5:"defmf";s:1:"2";s:8:"pagesize";s:2:"15";}');
INSERT INTO `users` ( `userlogin`, `userpass`, `createdon`, `email`, `acl`, `disabled`, `options`) VALUES( 'admin', '$2y$10$GsjC.thVpQAPMQMO6b4Ma.olbIFr2KMGFz12l5/wnmxI1PEqRDQf.', '2017-01-01', '[email protected]', 'a:8:{s:7:"acltype";i:0;s:6:"onlymy";i:0;s:7:"aclview";N;s:7:"acledit";N;s:6:"aclexe";N;s:9:"aclbranch";N;s:7:"widgets";N;s:7:"modules";N;}', 0, 'a:4:{s:9:"smartmenu";s:3:"7,8";s:8:"defstore";s:2:"19";s:5:"defmf";s:1:"2";s:8:"pagesize";s:2:"15";}');
INSERT INTO `roles` ( `rolename`, `acl`) VALUES ( 'admins', NULL);
UPDATE users set role_id=(select role_id from roles where rolename='admins' limit 0,1 ) where userlogin='admin' ;


INSERT INTO `stores` ( `storename`, `description`) VALUES( 'Основной склад', '');
Expand Down Expand Up @@ -71,4 +72,5 @@ INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `men
INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES(71, 3, 'Товары на складе', 'ItemList', 'Склад', 0);
INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES(76, 1, 'Выплата зарплаты', 'OutSalary', 'Платежи', 0);
INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES(77, 2, 'Отчет по зарплате', 'SalaryRep', 'Платежи', 0);
INSERT INTO `metadata` ( `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES( 2, 'Движение по контрагентам', 'CustActivity', 'Платежи', 0);
INSERT INTO `metadata` (`meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES( 2, 'Движение по контрагентам', 'CustActivity', 'Платежи', 0);

4 changes: 3 additions & 1 deletion db/initdata_ua.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ SET NAMES 'utf8';


INSERT INTO `users` (`user_id`, `userlogin`, `userpass`, `createdon`, `email`, `acl`, `disabled`, `options`) VALUES(4, 'admin', '$2y$10$GsjC.thVpQAPMQMO6b4Ma.olbIFr2KMGFz12l5/wnmxI1PEqRDQf.', '2017-01-01', '[email protected]', 'a:8:{s:7:"acltype";i:0;s:6:"onlymy";i:0;s:7:"aclview";N;s:7:"acledit";N;s:6:"aclexe";N;s:9:"aclbranch";N;s:7:"widgets";N;s:7:"modules";N;}', 0, 'a:4:{s:9:"smartmenu";s:3:"7,8";s:8:"defstore";s:2:"19";s:5:"defmf";s:1:"2";s:8:"pagesize";s:2:"15";}');
INSERT INTO `roles` ( `rolename`, `acl`) VALUES ( 'admins', NULL);
UPDATE users set role_id=(select role_id from roles where rolename='admins' limit 0,1 ) where userlogin='admin';


INSERT INTO `stores` (`store_id`, `storename`, `description`, `branch_id`) VALUES (28, 'Основний склад', '', 0);
Expand Down Expand Up @@ -71,4 +73,4 @@ INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `men
INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES(75, 5, 'Експорт', 'Export', '', 0);
INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES(76, 1, 'Виплата зарплати', 'OutSalary', 'Платежі', 0);
INSERT INTO `metadata` (`meta_id`, `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES(77, 2, 'Звіт по зарплаті', 'SalaryRep', 'Платежі', 0);
INSERT INTO `metadata` ( `meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES( 2, 'Рух по контрагентах', 'CustActivity', 'Платежі', 0);
INSERT INTO `metadata` (`meta_type`, `description`, `meta_name`, `menugroup`, `disabled`) VALUES( 2, 'Рух по контрагентах', 'CustActivity', 'Платежі', 0);
46 changes: 46 additions & 0 deletions db/update421to430.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
CREATE TABLE `roles` ( `role_id` INT NOT NULL AUTO_INCREMENT , `rolename` VARCHAR(255) NULL , `acl` MEDIUMTEXT NULL , PRIMARY KEY (`role_id`)) ;

ALTER TABLE `users` ADD `role_id` INT NULL ;

CREATE VIEW `roles_view` AS
select
`roles`.`role_id` AS `role_id`,
`roles`.`rolename` AS `rolename`,
`roles`.`acl` AS `acl`,
(
select
coalesce(count(*), 0)
from
`users`
where
(`users`.`role_id` = `roles`.`role_id`)) AS `cnt`
from
`roles`;


ALTER VIEW `users_view` AS
select
`users`.`user_id` AS `user_id`,
`users`.`userlogin` AS `userlogin`,
`users`.`userpass` AS `userpass`,
`users`.`createdon` AS `createdon`,
`users`.`email` AS `email`,
`users`.`acl` AS `acl`,
`users`.`options` AS `options`,
`users`.`disabled` AS `disabled`,
`roles`.`rolename` AS `rolename`,
`users`.`role_id` AS `role_id`,
`roles`.`acl` AS `roleacl`,
coalesce(`employees`.`employee_id`,
0) AS `employee_id`,
(case when isnull(`employees`.`emp_name`) then `users`.`userlogin` else `employees`.`emp_name` end) AS `username`
from
((`users` left join `employees` on(((`users`.`userlogin` = `employees`.`login`) and (`employees`.`disabled` <> 1)))) left join `roles` on((`users`.`role_id` = `roles`.`role_id`)));


INSERT INTO `roles` (`role_id`, `rolename`, `acl`) VALUES (NULL, 'admins', NULL);

UPDATE users set role_id=(select role_id from roles where rolename='admins' limit 0,1 ) where userlogin='admin'



57 changes: 43 additions & 14 deletions www/app/acl.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ private static function load() {
//проверка на доступ к отчету
public static function checkShowReport($rep, $showerror = true) {

if (System::getUser()->acltype != 2) {
if (System::getUser()->rolename == 'admins') {
return true;
}

Expand All @@ -51,7 +51,7 @@ public static function checkShowReport($rep, $showerror = true) {

//проверка на доступ к справочнику
public static function checkShowRef($ref) {
if (System::getUser()->acltype != 2) {
if (System::getUser()->rolename == 'admins') {
return true;
}

Expand All @@ -71,7 +71,7 @@ public static function checkShowRef($ref) {

//проверка на доступ к редактированю справочника
public static function checkEditRef($ref, $showerror = true) {
if (System::getUser()->acltype != 2) {
if (System::getUser()->rolename == 'admins') {
return true;
}

Expand All @@ -92,7 +92,7 @@ public static function checkEditRef($ref, $showerror = true) {

//проверка на доступ к журналу
public static function checkShowReg($reg, $showerror = true) {
if (System::getUser()->acltype != 2) {
if (System::getUser()->rolename == 'admins') {
return true;
}

Expand All @@ -115,7 +115,7 @@ public static function checkShowReg($reg, $showerror = true) {
//проверка на доступ к просмотру документа
public static function checkShowDoc($doc, $inreg = false, $showerror = true) {
$user = System::getUser();
if ($user->acltype != 2) {
if ($user->rolename == 'admins') {
return true;
}

Expand Down Expand Up @@ -152,7 +152,7 @@ public static function checkShowDoc($doc, $inreg = false, $showerror = true) {
//проверка на доступ к редактированию документа
public static function checkEditDoc($doc, $inreg = false, $showerror = true) {
$user = System::getUser();
if ($user->acltype != 2) {
if ($user->rolename == 'admins') {
return true;
}

Expand Down Expand Up @@ -196,7 +196,7 @@ public static function checkEditDoc($doc, $inreg = false, $showerror = true) {
*/
public static function checkExeDoc($doc, $inreg = false, $showerror = true) {
$user = System::getUser();
if ($user->acltype != 2) {
if ($user->rolename == 'admins') {
return true;
}

Expand All @@ -217,9 +217,38 @@ public static function checkExeDoc($doc, $inreg = false, $showerror = true) {
return false;
}


/**
* проверка на доступ к отмене документа.
*
* @param mixed $doc документ
* @param mixed $showerror показывать сообщение об ошибке иначе просто вернуть false
*/
public static function checkCancelDoc($doc, $inreg = true, $showerror = true) {
$user = System::getUser();
if ($user->rolename =='admins')
return true;

self::load();

$aclcancel = explode(',', $user->aclcancel);

if (in_array($doc->meta_id, $aclcancel)) {
return true;
}
if ($showerror == true) {
System::setErrorMsg('Нет права отмены документа ' . self::$_metasdesc[$doc]);
if ($inreg == false)
App::RedirectHome();
}

return false;
}


//проверка на доступ к сервисным станицам
public static function checkShowSer($ser, $showerror = true) {
if (System::getUser()->acltype != 2) {
if (System::getUser()->rolename == 'admins') {
return true;
}

Expand Down Expand Up @@ -261,7 +290,7 @@ public static function getBranchConstraint($nul = false) {


$user = \App\System::getUser();
if ($user->username == 'admin') {
if ($user->rolename == 'admins') {
return '';
}

Expand Down Expand Up @@ -313,7 +342,7 @@ public static function getStoreBranchConstraint() {
}

$user = \App\System::getUser();
if ($user->username == 'admin') {
if ($user->rolename == 'admins') {
return '';
}

Expand All @@ -339,7 +368,7 @@ public static function getMFBranchConstraint() {
}

$user = \App\System::getUser();
if ($user->username == 'admin') {
if ($user->rolename == 'admins') {
return '';
}

Expand All @@ -365,7 +394,7 @@ public static function getEmpBranchConstraint() {
}

$user = \App\System::getUser();
if ($user->username == 'admin') {
if ($user->rolename == 'admins') {
return '';
}

Expand All @@ -391,7 +420,7 @@ public static function getDocBranchConstraint() {
}

$user = \App\System::getUser();
if ($user->username == 'admin') {
if ($user->rolename == 'admins') {
return '';
}

Expand All @@ -418,7 +447,7 @@ public static function getBranchIDsConstraint() {


$user = \App\System::getUser();
if ($user->username == 'admin') {
if ($user->rolename == 'admins') {
return '';
}

Expand Down
Loading

0 comments on commit 7e7f360

Please sign in to comment.