#31 , #30

pihel · May 8, 2015 · a9be2e9 · a9be2e9
1 parent ae4d460
commit a9be2e9
Show file tree

Hide file tree

Showing 8 changed files with 49 additions and 12 deletions.
diff --git a/lang/en.php b/lang/en.php
@@ -247,7 +247,9 @@ class LangEn extends iLang {
     225 => "Delete",
     226 => "Access key to the recognition of checks",
     227 => "Purchase map",
-    228 => "Another"
+    228 => "Another",
+    229 => "Threshold sector \"Another\" in graph analysts (in % of total)",
+    230 => "Prohibition editing other people's records"
   );
 
 }
diff --git a/lang/ru.php b/lang/ru.php
@@ -3,8 +3,8 @@ class LangRu extends iLang {
   //name,rate,sign,short_name
   public $currency = array(
     1 => array("Рубль", 1, "ք", "руб."),
-    2 => array("Доллар", 55, "$", "дол."),
-    3 => array("Евро", 65, "€", "евр."),
+    2 => array("Доллар", 51, "$", "дол."),
+    3 => array("Евро", 57, "€", "евр."),
   );
 
   public $translate = array (
@@ -249,7 +249,9 @@ class LangRu extends iLang {
     225 => "Удалить",
     226 => "Ключ доступа к распознаванию чеков",
     227 => "Карта покупок",
-    228 => "Другое"
+    228 => "Другое",
+    229 => "Порог сектора \"Другое\" в графиках аналитики (в % от суммы)",
+    230 => "Запрет редактирования чужих записей"
   );
 
 }
diff --git a/lib/analiz.php b/lib/analiz.php
@@ -16,7 +16,7 @@ public function __construct($_db, $_usr, $_lng) {
 
   protected function reduce($arr, $col_amnt, $col_name) {
     global $settings;
-    $proc = floatval( $settings['proc_analiz'] );
+    $proc = floatval( $settings['proc_analiz'] ) / 100;
     $ret = array();
     $sum = 0;
     foreach($arr as $k=>$v) {

diff --git a/lib/cash.php b/lib/cash.php
@@ -420,7 +420,14 @@ public function getFile($id, $short = false) {
   }
 
   public function edit($data, $files) {
-    if(!$this->usr->canWrite()) return $this->lng->get(159);
+    if(!$this->usr->canWrite()) return array('failure'=>true, 'msg'=> $this->lng->get(159) );
+    global $settings;
+    if(intval($settings['secure_user']) == 1) {
+      $uid = $this->db->element("SELECT uid from cashes WHERE ID = ?", $data['cash_item_edit_id'] );
+      if( intval($uid) != $this->usr->id ) {
+        return array('failure'=>true, 'msg'=> $this->lng->get(159) );
+      }
+    }
 
     $this->db->start_tran();
 

diff --git a/lib/init.php b/lib/init.php
@@ -19,7 +19,7 @@
 $extjs = 'extjs';
 
 /* App version */
-$version = "1.054";
+$version = "1.055";
 //$version = rand(); //for reset cache
 
 /* Path to imgs and js */

diff --git a/lib/update.php b/lib/update.php
@@ -32,6 +32,7 @@ public function updateData($file_ver, $db_ver) {
     $this->db->start_tran();
 
     if($file_ver >= 1.05 && $db_ver < 1.05) $this->updateData_v1_050();
+    if($file_ver >= 1.055 && $db_ver < 1.055) $this->updateData_v1_055();
 
     if($db_ver == 0) {
       $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "version", $this->lng->get(221), $file_ver );
@@ -47,6 +48,11 @@ public function updateData_v1_050() {
     $this->exec("ALTER TABLE cashes ADD COLUMN geo_pos VARCHAR(64)");
   } //updateData_v1_050
 
+  public function updateData_v1_055() {
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "proc_analiz",  $this->lng->get(229), "1.5" );
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "secure_user",  $this->lng->get(230), "0" );
+  } //updateData_v1_050
+
   public function createData($pasw) {  
     $login = "admin";
     if(empty($pasw)) $pasw = $login;
@@ -67,11 +73,13 @@ public function createData($pasw) {
     $this->db->exec("INSERT INTO cashes_type(name) VALUES(?)", $this->lng->get(206));
 
     global $settings;
-    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "site_name",  $this->lng->get(207), $this->lng->get(208));
-    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "mail",       $this->lng->get(209), "");
-    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "version",    $this->lng->get(221), $settings['version'] );
-    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "round",      $this->lng->get(223), 0 );
-    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "ocr",        $this->lng->get(226), "" );
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "site_name",    $this->lng->get(207), $this->lng->get(208));
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "mail",         $this->lng->get(209), "");
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "version",      $this->lng->get(221), $settings['version'] );
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "round",        $this->lng->get(223), 0 );
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "ocr",          $this->lng->get(226), "" );
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "proc_analiz",  $this->lng->get(229), "1.5" );
+    $this->db->exec("INSERT INTO cashes_setting(name, descr, value) VALUES(?, ?, ?)", "secure_user",  $this->lng->get(230), "0" );
 
     $this->db->exec("INSERT INTO cashes_group(name) VALUES(?)", $this->lng->get(210)); 
     $this->db->exec("INSERT INTO cashes_group(name) VALUES(?)", $this->lng->get(211));

diff --git a/static/js/add.js b/static/js/add.js
@@ -538,6 +538,12 @@ function cash_list_add_load() {
           Ext.getCmp('cash_item_file').setWidth(Ext.getCmp('cash_item_nmcl_cb').getWidth());
           Ext.getCmp('cash_item_price').focus(false, 200);
           v_edit_id = 0;
+        } else {
+          if( parseInt(settings.secure_user) == 1 ) {
+            if( obj.uid != uid ) {
+              Ext.getCmp('cash_list_add').setDisabled(1);
+            }            
+          } 
         }
 
         setAnkhor();

diff --git a/static/js/list.js b/static/js/list.js
@@ -149,9 +149,19 @@ var cash_list_grid = Ext.create('Ext.grid.Panel', {
 
 var loadMask_cash_list_grid = new Ext.LoadMask(cash_list_grid, {msg:lang(39), store: cash_list_store});
 
+function checkWriteSec(v_id) {
+  if( parseInt(settings.secure_user) == 1 ) {
+    if( cash_list_store.findRecord("id", v_id).get('uid') != uid ) {
+      return false;
+    }
+  }  
+  return true;
+} //checkWriteSec
 
 function editItem(v_id) {
   if(parseInt(rights.write) == 0) return;
+  if(!checkWriteSec(v_id)) return;
+
   loadScript('static/js/add.js', function() {
     v_edit_id = v_id;
     v_copy = false;
@@ -171,6 +181,8 @@ function copyItem(v_id) {
 
 function deleteItem(v_id) {
   if(parseInt(rights.write) == 0) return;
+  if(!checkWriteSec(v_id)) return;
+
   Ext.Msg.show({
       title:lang(40),
       msg: lang(41),