diff --git a/apps/maarch_entreprise/actions/process.php b/apps/maarch_entreprise/actions/process.php
index a79a5cd97b235794e3aca7ab2ff7e6759c3c94d0..428c516a8aa658ac9dbaa9fd78d956371c3e7ec1 100755
--- a/apps/maarch_entreprise/actions/process.php
+++ b/apps/maarch_entreprise/actions/process.php
@@ -919,7 +919,7 @@ function manage_form($arr_id, $history, $id_action, $label_action, $status, $col
}
}
//DIFFLIST
- if ($core->is_module_loaded('entities') && count($_SESSION['redirect']['diff_list']) == 0) {
+ if ($core->is_module_loaded('entities') && (empty($_SESSION['redirect']['diff_list']) || !is_array($_SESSION['redirect']['diff_list']) || count($_SESSION['redirect']['diff_list']) == 0)) {
require_once 'modules/entities/class/class_manage_listdiff.php';
$list = new diffusion_list();
diff --git a/apps/maarch_entreprise/indexing_searching/details.php b/apps/maarch_entreprise/indexing_searching/details.php
index 55841b416eb3ee9124da2cd82f1d5906bfb5f8ef..5cdef5e639d638451456c43f04f144f8e8ea4509 100755
--- a/apps/maarch_entreprise/indexing_searching/details.php
+++ b/apps/maarch_entreprise/indexing_searching/details.php
@@ -12,10 +12,8 @@
*/
//DECLARATIONS
-require_once 'core/manage_bitmask.php';
require_once 'core/class/class_request.php';
require_once 'core/class/class_security.php';
-require_once 'apps/'.$_SESSION['config']['app_id'].'/security_bitmask.php';
require_once 'apps/'.$_SESSION['config']['app_id'].'/class/class_list_show.php';
require_once 'core/class/class_history.php';
require_once 'core/class/LinkController.php';
diff --git a/apps/maarch_entreprise/indexing_searching/little_details_invoices.php b/apps/maarch_entreprise/indexing_searching/little_details_invoices.php
index 5010e090ac42408c74478a9e9d51b8f2ca5e28cc..889d88002f081e3cc613a8129eacdd8184fa59f9 100755
--- a/apps/maarch_entreprise/indexing_searching/little_details_invoices.php
+++ b/apps/maarch_entreprise/indexing_searching/little_details_invoices.php
@@ -13,9 +13,6 @@ require 'core/class/class_request.php';
require 'apps/'.$_SESSION['config']['app_id'].'/class/class_list_show.php';
require_once 'core/class/class_security.php';
require_once 'core/class/class_history.php';
-require_once 'core/manage_bitmask.php';
-require_once 'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id']
- .DIRECTORY_SEPARATOR.'security_bitmask.php';
require_once 'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id']
.DIRECTORY_SEPARATOR.'class'.DIRECTORY_SEPARATOR
.'class_indexing_searching_app.php';
diff --git a/apps/maarch_entreprise/security_bitmask.php b/apps/maarch_entreprise/security_bitmask.php
deleted file mode 100755
index f8fb76bf0d939f4d1e1855bf2d0917d95c4dd2b9..0000000000000000000000000000000000000000
--- a/apps/maarch_entreprise/security_bitmask.php
+++ /dev/null
@@ -1,116 +0,0 @@
-<?php
-$core = new core_tools();
-$core->load_lang();
-
-if ($core->is_module_loaded('moreq')) {
- define('ADD_RECORD', 1);
- define('CREATE_SERIE', 2);
- define('CREATE_OTHER_AGREGATION', 4);
- define('DATA_MODIFICATION', 8);
- define('DELETE_RECORD', 16);
- define('DELETE_SERIE', 32);
- define('DELETE_OTHER_AGREGATION', 64);
- define('VIEW_LOG', 128);
-
- // If you add new bitmask, don't forget to increase this constant
- define('MAX_BITMASK', 255);
-
- $_ENV['security_bitmask'] = array();
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => ADD_RECORD,
- 'LABEL' => _ADD_RECORD_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => CREATE_SERIE,
- 'LABEL' => _CREATE_CLASS_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => CREATE_OTHER_AGREGATION,
- 'LABEL' => _CREATE_OTHER_AGREGATION_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => DATA_MODIFICATION,
- 'LABEL' => _DATA_MODIFICATION_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => DELETE_RECORD,
- 'LABEL' => _DELETE_RECORD_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => DELETE_SERIE,
- 'LABEL' => _DELETE_SERIE_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => DELETE_OTHER_AGREGATION,
- 'LABEL' => _DELETE_OTHER_AGREGATION_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => VIEW_LOG,
- 'LABEL' => _VIEW_LOG_LABEL,
- )
- );
-} else {
- // define('ADD_RECORD', 1);
- define('DATA_MODIFICATION', 8);
- define('DELETE_RECORD', 16);
- // define('VIEW_LOG', 128);
-
- // If you add new bitmask, don't forget to increase this constant
- define('MAX_BITMASK', 255);
-
- $_ENV['security_bitmask'] = array();
-/* array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => ADD_RECORD,
- 'LABEL' => _ADD_RECORD_LABEL,
- )
- );*/
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => DATA_MODIFICATION,
- 'LABEL' => _DATA_MODIFICATION_LABEL,
- )
- );
- array_push(
- $_ENV['security_bitmask'],
- array(
- 'ID' => DELETE_RECORD,
- 'LABEL' => _DELETE_RECORD_LABEL,
- )
- );
-}
-
-function getTaskLabel($taskId, $tasksArray)
-{
- for ($i = 0; $i < count($tasksArray); $i ++) {
- if ($tasksArray[$i]['ID'] == $taskId) {
- return $tasksArray[$i]['LABEL'];
- }
- }
- return '';
-}
diff --git a/core/class/SecurityControler.php b/core/class/SecurityControler.php
index df00ad9e1c0e667d5ff5b61944c26a2ede4598cb..f77a5033aca2885ca9129edff64247f9839da3e6 100755
--- a/core/class/SecurityControler.php
+++ b/core/class/SecurityControler.php
@@ -32,7 +32,6 @@
// Loads the required class
try {
require_once 'core/core_tables.php';
- require_once 'core/manage_bitmask.php';
require_once 'core/class/class_db.php';
require_once 'core/class/users_controler.php';
require_once 'core/class/session_security_controler.php';
@@ -287,7 +286,7 @@ class SecurityControler
);
}
- public function check_where_clause($collId, $target, $whereClause,
+ public function check_where_clause($collId, $whereClause,
$view, $userId)
{
$res = array(
@@ -295,7 +294,7 @@ class SecurityControler
'TXT' => '',
);
- if (empty($collId) || empty($target) || empty($whereClause)) {
+ if (empty($collId) || empty($whereClause)) {
$res['TXT'] = _ERROR_PARAMETERS_FUNCTION;
return $res;
}
@@ -308,13 +307,7 @@ class SecurityControler
$where = str_replace('where', ' ', $where);
$db = new Database();
- if ($target == 'ALL' || $target == 'DOC') {
- $query = 'select res_id from ' . $view . ' where ' . $where;
- }
- if ($target == 'ALL' || $target == 'CLASS') {
- $query = 'select mr_aggregation_id from ' . $view
- . ' where '. $where;
- }
+ $query = 'select res_id from ' . $view . ' where ' . $where;
$ok = $db->query($query, array(), true);
if (!$ok) {
@@ -436,24 +429,19 @@ class SecurityControler
*/
public function load_security($userId)
{
- require_once 'apps/' . $_SESSION['config']['app_id']
- . '/security_bitmask.php';
$tab['collections'] = array();
$tab['security'] = array();
$func = new functions();
if ($userId == "superadmin") {
for ($i = 0; $i < count($_SESSION['collections']); $i ++) {
- $tab['security'][ $_SESSION['collections'][$i]['id']] = array();
- foreach (array_keys($_ENV['targets']) as $key) {
- $tab['security'][ $_SESSION['collections'][$i]['id']][$key] = array(
- 'table' => $_SESSION['collections'][$i]['table'],
- 'label_coll' => $_SESSION['collections'][$i]['label'],
- 'view' => $_SESSION['collections'][$i]['view'],
- 'where' => " (1=1) ",
- 'securityBitmask' => MAX_BITMASK,
- );
- }
+ $tab['security'][$_SESSION['collections'][$i]['id']] = array();
+ $tab['security'][$_SESSION['collections'][$i]['id']]['DOC'] = array(
+ 'table' => $_SESSION['collections'][$i]['table'],
+ 'label_coll' => $_SESSION['collections'][$i]['label'],
+ 'view' => $_SESSION['collections'][$i]['view'],
+ 'where' => " (1=1) ",
+ );
array_push(
$tab['collections'], $_SESSION['collections'][$i]['id']
);
@@ -471,11 +459,6 @@ class SecurityControler
}
for ($i = 0; $i < count($access); $i ++) {
// TO DO : vérifier les dates
- $startDate = $access[$i]->__get('mr_start_date');
- $stopDate = $access[$i]->__get('mr_stop_date');
-
- $bitmask = $access[$i] ->__get('rights_bitmask');
- $target = $access[$i]->__get('where_target');
$collId = $access[$i]->__get('coll_id');
$whereClause = $access[$i]->__get('where_clause');
$whereClause = $this->process_security_where_clause(
@@ -493,64 +476,25 @@ class SecurityControler
if (! in_array($collId, $tab['collections'])) {
$tab['security'][$collId] = array();
- if ($target == 'ALL') {
- foreach (array_keys($_ENV['targets']) as $key) {
- $tab['security'][$collId][$key] = array(
- 'table' => $_SESSION['collections'][$ind]['table'],
- 'label_coll' => $_SESSION['collections'][$ind]['label'],
- 'view' => $_SESSION['collections'][$ind]['view'],
- 'where' => $where,
- 'securityBitmask' => $bitmask,
- );
- }
- } else {
- $tab['security'][$collId][$target] = array(
- 'table' => $_SESSION['collections'][$ind]['table'],
- 'label_coll' => $_SESSION['collections'][$ind]['label'],
- 'view' => $_SESSION['collections'][$ind]['view'],
- 'where' => $where,
- 'securityBitmask' => $bitmask,
- );
- }
+ $tab['security'][$collId]['DOC'] = array(
+ 'table' => $_SESSION['collections'][$ind]['table'],
+ 'label_coll' => $_SESSION['collections'][$ind]['label'],
+ 'view' => $_SESSION['collections'][$ind]['view'],
+ 'where' => $where,
+ );
array_push($tab['collections'], $collId);
} else {
- if (isset($tab['security'][$collId][$target])
- && count($tab['security'][$collId][$target]) > 0
+ if (isset($tab['security'][$collId]['DOC'])
+ && count($tab['security'][$collId]['DOC']) > 0
) {
- $tab['security'][ $collId][$target]['securityBitmask'] = set_right(
- $tab['security'][ $collId][$target]['securityBitmask'],
- $bitmask
- );
- $tab['security'][ $collId][$target]['where'] .= " or "
+ $tab['security'][ $collId]['DOC']['where'] .= " or "
. $where;
- } else if ($target == 'ALL') {
- foreach (array_keys($_ENV['targets']) as $key) {
- if (isset($tab['security'][$collId][$key])
- && count($tab['security'][$collId][$key]) > 0
- ) {
- $tab['security'][ $collId][$target]['securityBitmask'] = set_right(
- $tab['security'][ $collId][$target]['securityBitmask'],
- $bitmask
- );
- $tab['security'][$collId][$key]['where'] .= " or "
- . $where;
- } else {
- $tab['security'][$collId][$key] = array(
- 'table' => $_SESSION['collections'][$ind]['table'],
- 'label_coll' => $_SESSION['collections'][$ind]['label'],
- 'view' => $_SESSION['collections'][$ind]['view'],
- 'where' => $where,
- 'securityBitmask' => $bitmask,
- );
- }
- }
} else {
- $tab['security'][$collId][$target] = array(
+ $tab['security'][$collId]['DOC'] = array(
'table' => $_SESSION['collections'][$ind]['table'],
'label_coll' => $_SESSION['collections'][$ind]['label'],
'view' => $_SESSION['collections'][$ind]['view'],
'where' => $where,
- 'securityBitmask' => $bitmask,
);
}
}
@@ -577,126 +521,6 @@ class SecurityControler
}
- /**
- * Give action bitmask for given $userId over given
- * object
- * @param string $userId
- * @param bigint $objectId
- * @return bitmask
- */
- public function getActions($userId, $objectId, $objectType='aggregation')
- {
- $ctrl = new session_security_controler();
- // Select from security session table
- $sessionSec = $ctrl->get($userId);
- if ($sessionSec->__get('last_object_id') == $objectId) {
- return $sessionSec->__get('last_available_bitmask');
- } else {
- return $this->setActions($userId, $objectId, $objectType);
- }
- }
-
- /**
- * Update security session table with
- * bitmask, according with given user
- * and aggregation.
- * Return computed bitmask
- * @param string $userId
- * @param bigint $objectId
- * @return bitmask
- */
- public function setActions($userId, $objectId, $objectType)
- {
- if ($userId == 'superadmin') {
- return MAX_BITMASK;
- }
- // Compute action bitmask
- $fullBitmask = 0;
- $uc = new users_controler();
- $groups = $uc->getGroups($userId);
- //print_r($groups);
-
- $fullWhere = "";
- for ($i = 0; $i < count($groups); $i ++) {
- $access = $this->getAccessForGroup($groups[$i]['GROUP_ID']);
- //var_dump($access);
- for ($j = 0; $j < count($access); $j ++) {
- $target = $access[$j]->__get('where_target');
- $collId = $access[$j]->__get('coll_id');
- $whereClause = $access[$j]->__get('where_clause');
- $whereClause = $this->process_security_where_clause(
- $whereClause, $userId
- );
- $whereClause = str_replace('where', '', $whereClause);
- $bitmask = $access[$j]->__get('rights_bitmask');
-
- $ind = $this->get_ind_collection($collId);
- if (trim($whereClause) == "") {
- $where = "-1";
- } else {
- $where = "( " . $this->show_string($whereClause) . " )";
- }
-
- $query = '';
- if ($objectType == 'aggregation'
- && ($target == 'CLASS' || $target == 'ALL')
- ) {
- $query = "select mr_aggregation_id from "
- . _CLASSIFICATION_SCHEME_VIEW . " where (" . $where
- . ') ';
- if (isset($objectId) && ! empty($objectId)) {
- $query .= 'and mr_aggregation_id = ' . $objectId;
- }
- } else if ($objectType == 'classification_scheme'
- && ($target == 'CLASS' || $target == 'ALL')
- ) {
- $query = "select mr_classification_scheme_id from "
- . _CLASSIFICATION_SCHEME_VIEW . " where (" . $where
- . ') and mr_classification_scheme_id = ' . $objectId;
- } else if ($objectType == 'doc'
- && ($target == 'DOC' || $target == 'ALL')
- ) {
- $query = "select res_id from "
- . $_SESSION['collections'][$ind]['view'] . " where ("
- . $where . ') and res_id = ?';
- }
- $db = new Database();
-
- if (! empty($query)) {
- $stmt = $db->query($query, array($objectId));
- }
- if ($stmt->rowCount() > 0) {
- if ($bitmask > 0) {
- $fullBitmask = set_right($fullBitmask, $bitmask);
- }
-
- if (! empty($fullWhere)) {
- $fullWhere .= " and (" . $where . ") ";
- } else {
- $fullWhere .= $where;
- }
- }
- }
- }
-
- // Update security session table
- $func = new functions();
- $sessionSecurity = new session_security();
- $sessionSecurity->setArray(
- array(
- 'user_id' => $userId,
- 'session_begin_date' => date("Y-m-d H:i"),
- 'full_where_clause' => $fullWhere,
- 'last_available_bitmask' => $fullBitmask,
- 'last_object_id' => $objectId
- )
- ); // TO DO : calculate the session_end_date
- $ctrl = new session_security_controler();
- $ctrl->save($sessionSecurity);
-
- return $fullBitmask;
- }
-
/**
* Check the where clause syntax
*
diff --git a/core/class/class_security.php b/core/class/class_security.php
index 018279c1f1da3777ce116ff9c8ebf44de4870c2a..20ee4a5a9b3b3f5ca6d07f04a59aaca3b6ac658a 100755
--- a/core/class/class_security.php
+++ b/core/class/class_security.php
@@ -47,7 +47,6 @@ require_once 'core/class/class_db_pdo.php';
require_once 'core/class/class_history.php';
require_once 'core/class/SecurityControler.php';
require_once 'core/class/class_core_tools.php';
-require_once 'core/where_targets.php';
require_once 'core/class/users_controler.php';
if (isset($_SESSION['config']['app_id'])) {
require_once 'apps/'.$_SESSION['config']['app_id']
@@ -56,6 +55,8 @@ if (isset($_SESSION['config']['app_id'])) {
require_once 'core/class/usergroups_controler.php';
require_once 'core/class/ServiceControler.php';
+$core = new core_tools();
+$core->load_lang();
//require_once('lib/FirePHP/Init.php');
class security extends Database
@@ -715,7 +716,7 @@ class security extends Database
{
$arr = array();
for ($i = 0; $i < count($_SESSION['user']['security']); ++$i) {
- if (isset($_SESSION['user']['security'][$i]['table']) && !empty($_SESSION['user']['security'][$i]['table']) && $_SESSION['user']['security'][$i]['can_insert'] == 'Y') {
+ if (isset($_SESSION['user']['security'][$i]['table']) && !empty($_SESSION['user']['security'][$i]['table'])) {
$ind = $this->get_ind_collection($_SESSION['user']['security'][$i]['coll_id']);
array_push($arr, array('coll_id' => $_SESSION['user']['security'][$i]['coll_id'], 'label_coll' => $_SESSION['collections'][$ind]['label'], 'table' => $_SESSION['user']['security'][$i]['table']));
}
@@ -728,7 +729,6 @@ class security extends Database
* Checks if the current user can do the action on the collection.
*
* @param string $coll_id Collection identifier
- * @param string $action can_insert, can_update, can_delete
*
* @return true if the user can do the action on the collection, False otherwise
*/
diff --git a/core/class/usergroups_controler.php b/core/class/usergroups_controler.php
index 3bf11b31b572c02e44ee5d1436cd2433d5f11ce4..c94336b361ebe388cf9f9652b93127bdf0d3df5e 100755
--- a/core/class/usergroups_controler.php
+++ b/core/class/usergroups_controler.php
@@ -228,11 +228,6 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
* 'COLL_ID' => collection identifier,
* 'WHERE_CLAUSE' => where clause on the view,
* 'COMMENT' => comment on the access,
- * 'WHERE_TARGET' => target view (DOC = view of the collection),
- * 'RIGHTS_BITMASK' => Access bitmask = rights allowed for the access
- * on the where target,
- * 'START_DATE' => Start date of the access(NOT FULLY IMPLEMENTED YET),
- * 'STOP_DATE' => Start date of the access (NOT FULLY IMPLEMENTED YET)
* )
* @param $services Array of services identifier
* @param $mode Mode (add or up)
@@ -253,7 +248,6 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
public function save($group, $security = array(), $services = array(),
$mode = '', $params = array())
{
- $control = array();
$secCtrl = new SecurityControler();
$sec = new security();
$func = new functions();
@@ -297,8 +291,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
);
} else {
$res = $secCtrl->check_where_clause(
- $security[$i]['COLL_ID'], $security[$i]['WHERE_TARGET'],
- $security[$i]['WHERE_CLAUSE'], $view, $params['user_id']
+ $security[$i]['COLL_ID'], $security[$i]['WHERE_CLAUSE'], $view, $params['user_id']
);
}
if ($res['RESULT'] == false) {
@@ -321,31 +314,8 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
'coll_id' => $security[$i]['COLL_ID'],
'where_clause' => $security[$i]['WHERE_CLAUSE'],
'maarch_comment' => $security[$i]['COMMENT'],
- 'where_target' => $security[$i]['WHERE_TARGET']
);
- $bitmask = '0';
- if (isset($security[$i]['RIGHTS_BITMASK'])
- && !empty($security[$i]['RIGHTS_BITMASK'])
- ) {
- $bitmask = (string) $security[$i]['RIGHTS_BITMASK'];
- }
- $values['rights_bitmask'] = $bitmask;
-
- if (isset($security[$i]['START_DATE'])
- && !empty($security[$i]['START_DATE'])
- ) {
- $values['mr_start_date'] = $func->format_date_db(
- $security[$i]['START_DATE']
- );
- }
- if (isset($security[$i]['STOP_DATE'])
- && !empty($security[$i]['STOP_DATE'])
- ) {
- $values['mr_stop_date'] = $func->format_date_db(
- $security[$i]['STOP_DATE']
- );
- }
$sec = new SecurityObj();
$sec->setArray($values);
diff --git a/core/manage_bitmask.php b/core/manage_bitmask.php
deleted file mode 100755
index db99ab7d1cb86aff7dfa002288398baf986446bd..0000000000000000000000000000000000000000
--- a/core/manage_bitmask.php
+++ /dev/null
@@ -1,15 +0,0 @@
-<?php
-
-function check_right($intToCheck, $right)
-{
- if ($intToCheck & $right) {
- return true;
- } else {
- return false;
- }
-}
-
-function set_right($intToSet = 0, $right)
-{
- return $intToSet | (int) $right;
-}
diff --git a/core/where_targets.php b/core/where_targets.php
deleted file mode 100755
index 4ac472d737ebdea1a330b31cb2b7a39cffda4b65..0000000000000000000000000000000000000000
--- a/core/where_targets.php
+++ /dev/null
@@ -1,5 +0,0 @@
-<?php
-$core = new core_tools();
-$core->load_lang();
-$_ENV['targets'] = array();
-$_ENV['targets']['DOC'] = _DOCS;
diff --git a/modules/basket/class/class_modules_tools_Abstract.php b/modules/basket/class/class_modules_tools_Abstract.php
index 33c7888b5d0693ed83a2255090fdb111753b48cf..28f91712d5a826299bb10659936fe22e8061ac52 100755
--- a/modules/basket/class/class_modules_tools_Abstract.php
+++ b/modules/basket/class/class_modules_tools_Abstract.php
@@ -641,11 +641,19 @@ abstract class basket_Abstract extends Database
// Browsing the current basket actions to build the actions array
for ($i = 0; $i < count($_SESSION['current_basket']['actions']); $i++) {
$noFilterOnCat = true;
- if (count($_SESSION['current_basket']['actions'][$i]['CATEGORIES']) > 0) {
+ if (!empty($_SESSION['current_basket']['actions'][$i]['CATEGORIES'])
+ && is_array($_SESSION['current_basket']['actions'][$i]['CATEGORIES'])
+ && count($_SESSION['current_basket']['actions'][$i]['CATEGORIES']) > 0)
+ {
$noFilterOnCat = false;
}
$categoryIdForActions = '';
- for ($cptCat=0; $cptCat < count($_SESSION['current_basket']['actions'][$i]['CATEGORIES']); $cptCat++) {
+ $cl = 0;
+ if (!empty($_SESSION['current_basket']['actions'][$i]['CATEGORIES']) && is_array($_SESSION['current_basket']['actions'][$i]['CATEGORIES'])) {
+ $cl = count($_SESSION['current_basket']['actions'][$i]['CATEGORIES']);
+ }
+
+ for ($cptCat=0; $cptCat < $cl; $cptCat++) {
if ($_SESSION['current_basket']['actions'][$i]['CATEGORIES'][$cptCat] == $_SESSION['category_id']) {
$categoryIdForActions = $_SESSION['category_id'];
}
diff --git a/modules/life_cycle/batch/custom.php b/modules/life_cycle/batch/custom.php
index cc4db16c7a7e44c6413a8a815515a211ce7f7246..6ba33c9ed3a6e490a5b8708046f67b2d741e2896 100755
--- a/modules/life_cycle/batch/custom.php
+++ b/modules/life_cycle/batch/custom.php
@@ -78,18 +78,6 @@ function createPDI($resInContainer)
'COMMENT', $securityRecordset->maarch_comment
);
$accessRight->appendChild($comment);
- $canInsert = $docXML->createElement(
- 'CAN_INSERT', $securityRecordset->can_insert
- );
- $accessRight->appendChild($canInsert);
- $canUpdate = $docXML->createElement(
- 'CAN_UPDATE', $securityRecordset->can_update
- );
- $accessRight->appendChild($canUpdate);
- $canDelete = $docXML->createElement(
- 'CAN_DELETE', $securityRecordset->can_delete
- );
- $accessRight->appendChild($canDelete);
}
for ($cptRes = 0;$cptRes < count($resInContainer);$cptRes++) {
//a record
diff --git a/sql/data_fr.sql b/sql/data_fr.sql
index 3b3eebf3901d4de64b5fff4cbb3c5a31d1e4f33c..41385f4a11dcb6b70ddb959447cbbfb6af4aeb39 100755
--- a/sql/data_fr.sql
+++ b/sql/data_fr.sql
@@ -973,23 +973,23 @@ INSERT INTO groupbasket (group_id, basket_id, result_page) VALUES ('COURRIER', '
-- Create Security
TRUNCATE TABLE security;
DELETE FROM security WHERE group_id = 'COURRIER';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('COURRIER', 'letterbox_coll', 'typist=@user', 'Les courriers que j''ai numérisé, pendant 3 mois','N','N','N', 25, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('COURRIER', 'letterbox_coll', 'typist=@user', 'Les courriers que j''ai numérisé, pendant 3 mois');
DELETE FROM security WHERE group_id = 'AGENT';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('AGENT', 'letterbox_coll', 'destination in (@my_entities, @subentities[@my_primary_entity])', 'Les courriers non confidentiels de mes services et sous-services','N','N','N', 25, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('AGENT', 'letterbox_coll', 'destination in (@my_entities, @subentities[@my_primary_entity])', 'Les courriers non confidentiels de mes services et sous-services');
DELETE FROM security WHERE group_id = 'RESP_COURRIER';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('RESP_COURRIER', 'letterbox_coll', '1=1', 'Tous les courriers','N','N','N', 9, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('RESP_COURRIER', 'letterbox_coll', '1=1', 'Tous les courriers');
DELETE FROM security WHERE group_id = 'RESPONSABLE';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('RESPONSABLE', 'letterbox_coll', 'destination in (@my_entities, @subentities[@my_primary_entity])', 'Les courriers de mes services et sous-services','N','N','N', 25, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('RESPONSABLE', 'letterbox_coll', 'destination in (@my_entities, @subentities[@my_primary_entity])', 'Les courriers de mes services et sous-services');
DELETE FROM security WHERE group_id = 'ADMINISTRATEUR';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('ADMINISTRATEUR', 'letterbox_coll', '1=1', 'Tous les courriers','N','N','N', 24, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('ADMINISTRATEUR', 'letterbox_coll', '1=1', 'Tous les courriers');
DELETE FROM security WHERE group_id = 'DIRECTEUR';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('DIRECTEUR', 'letterbox_coll', '1=0', 'Tous les courriers','N','N','N', 25, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('DIRECTEUR', 'letterbox_coll', '1=0', 'Tous les courriers');
DELETE FROM security WHERE group_id = 'ELU';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('ELU', 'letterbox_coll', '1=1', 'Tous les courriers','N','N','N', 0, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('ELU', 'letterbox_coll', '1=1', 'Tous les courriers');
DELETE FROM security WHERE group_id = 'ARCHIVISTE';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('ARCHIVISTE', 'letterbox_coll', '1=1', 'Tous les courriers','N','N','N', 0, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('ARCHIVISTE', 'letterbox_coll', '1=1', 'Tous les courriers');
DELETE FROM security WHERE group_id = 'MAARCHTOGEC';
-INSERT INTO security (group_id, coll_id, where_clause, maarch_comment, can_insert, can_update, can_delete, rights_bitmask, mr_start_date, mr_stop_date, where_target) VALUES ('MAARCHTOGEC', 'letterbox_coll', '1=0', 'Aucun courrier','N','N','N', 0, NULL, NULL, 'DOC');
+INSERT INTO security (group_id, coll_id, where_clause, maarch_comment) VALUES ('MAARCHTOGEC', 'letterbox_coll', '1=0', 'Aucun courrier');
-- Donnees manuelles
------------
diff --git a/sql/develop.sql b/sql/develop.sql
index a49c3995c01b5996566c81d663378e7a64537325..9b0d80241ac732b30a7ddd4aaa95e85de4b10345 100644
--- a/sql/develop.sql
+++ b/sql/develop.sql
@@ -76,4 +76,10 @@ DROP TABLE IF EXISTS res_version_x;
DROP TABLE IF EXISTS adr_x;
ALTER TABLE baskets DROP COLUMN IF EXISTS is_generic;
ALTER TABLE baskets DROP COLUMN IF EXISTS except_notif;
-
+ALTER TABLE security DROP COLUMN IF EXISTS can_insert;
+ALTER TABLE security DROP COLUMN IF EXISTS can_update;
+ALTER TABLE security DROP COLUMN IF EXISTS can_delete;
+ALTER TABLE security DROP COLUMN IF EXISTS rights_bitmask;
+ALTER TABLE security DROP COLUMN IF EXISTS mr_start_date;
+ALTER TABLE security DROP COLUMN IF EXISTS mr_stop_date;
+ALTER TABLE security DROP COLUMN IF EXISTS where_target;
diff --git a/sql/structure.sql b/sql/structure.sql
index 0074ca236a3c33354305ea3935003ec1dde3d345..9b08b9e72a711de8223b5a2c2f5b9a8f6a988037 100755
--- a/sql/structure.sql
+++ b/sql/structure.sql
@@ -157,13 +157,6 @@ CREATE TABLE "security"
coll_id character varying(32) NOT NULL,
where_clause text,
maarch_comment text,
- can_insert character(1) NOT NULL DEFAULT 'N'::bpchar,
- can_update character(1) NOT NULL DEFAULT 'N'::bpchar,
- can_delete character(1) NOT NULL DEFAULT 'N'::bpchar,
- rights_bitmask integer NOT NULL DEFAULT 0,
- mr_start_date timestamp without time zone DEFAULT NULL,
- mr_stop_date timestamp without time zone DEFAULT NULL,
- where_target character varying(15) DEFAULT 'DOC'::character varying,
CONSTRAINT security_pkey PRIMARY KEY (security_id)
)
WITH (OIDS=FALSE);
diff --git a/src/app/group/models/GroupModelAbstract.php b/src/app/group/models/GroupModelAbstract.php
index da6a5044d8d0251b90d7e7b1eadbb1591a3c7b14..f1c0ad73966a81f1f3842318d561fa845115b938 100644
--- a/src/app/group/models/GroupModelAbstract.php
+++ b/src/app/group/models/GroupModelAbstract.php
@@ -84,7 +84,6 @@ abstract class GroupModelAbstract
'coll_id' => 'letterbox_coll',
'where_clause' => $aArgs['clause'],
'maarch_comment' => $aArgs['comment'],
- 'where_target' => 'DOC',
]
]);
@@ -223,7 +222,7 @@ abstract class GroupModelAbstract
ValidatorModel::stringType($aArgs, ['groupId']);
$aData = DatabaseModel::select([
- 'select' => ['where_clause', 'maarch_comment', 'mr_start_date', 'mr_stop_date'],
+ 'select' => ['where_clause', 'maarch_comment'],
'table' => ['security'],
'where' => ['group_id = ?'],
'data' => [$aArgs['groupId']]
diff --git a/test/GroupControllerTest.php b/test/GroupControllerTest.php
index d29e3a09681069d490f93da7c019e8f639145308..fc323c47a34b57707727871cc3b9219adea9033c 100644
--- a/test/GroupControllerTest.php
+++ b/test/GroupControllerTest.php
@@ -51,8 +51,6 @@ class GroupControllerTest extends TestCase
$this->assertSame('Y', $responseBody->group->enabled);
$this->assertSame('1=2', $responseBody->group->security->where_clause);
$this->assertSame('commentateur du dimanche', $responseBody->group->security->maarch_comment);
- $this->assertSame(null, $responseBody->group->security->mr_start_date);
- $this->assertSame(null, $responseBody->group->security->mr_stop_date);
}
public function testUpdate()
@@ -88,8 +86,6 @@ class GroupControllerTest extends TestCase
$this->assertSame('Y', $responseBody->group->enabled);
$this->assertSame('1=3', $responseBody->group->security->where_clause);
$this->assertSame('commentateur du dimanche #2', $responseBody->group->security->maarch_comment);
- $this->assertSame(null, $responseBody->group->security->mr_start_date);
- $this->assertSame(null, $responseBody->group->security->mr_stop_date);
}
public function testDelete()