diff --git a/application/itopwebpage.class.inc.php b/application/itopwebpage.class.inc.php index 46e2f0aa2..a3a3b5d91 100644 --- a/application/itopwebpage.class.inc.php +++ b/application/itopwebpage.class.inc.php @@ -661,6 +661,15 @@ EOF } $sLogOffMenu .= "\n\n\n"; + if (MetaModel::DBIsReadOnly()) + { + $sApplicationMode = Dict::S('UI:ApplicationReadOnly'); + } + else + { + $sApplicationMode = ''; + } + //$sLogOffMenu = ""; echo '
'; @@ -687,8 +696,8 @@ EOF echo '
'; echo '
'; - echo ' '; //echo '        
'; diff --git a/core/config.class.inc.php b/core/config.class.inc.php index 9db9e398e..0687e9045 100644 --- a/core/config.class.inc.php +++ b/core/config.class.inc.php @@ -134,6 +134,14 @@ class Config 'source_of_value' => '', 'show_in_conf_sample' => false, ), + 'read_only' => array( + 'type' => 'bool', + 'description' => 'Freeze the data for administration purposes - administrators can still do anything... in appearance!', + 'default' => false, + 'value' => '', + 'source_of_value' => '', + 'show_in_conf_sample' => false, + ), ); public function IsProperty($sPropCode) diff --git a/core/dbobject.class.php b/core/dbobject.class.php index e3290987b..4bc995740 100644 --- a/core/dbobject.class.php +++ b/core/dbobject.class.php @@ -849,7 +849,14 @@ abstract class DBObject $sInsertSQL = "INSERT INTO `$sTable` (".join(",", $aFieldsToWrite).") VALUES (".join(", ", $aValuesToWrite).")"; - $iNewKey = CMDBSource::InsertInto($sInsertSQL); + if (MetaModel::DBIsReadOnly()) + { + $iNewKey = -1; + } + else + { + $iNewKey = CMDBSource::InsertInto($sInsertSQL); + } // Note that it is possible to have a key defined here, and the autoincrement expected, this is acceptable in a non root class if (empty($this->m_iKey)) { @@ -1009,7 +1016,10 @@ abstract class DBObject $oFilter->AddCondition('id', $this->m_iKey, '='); $sSQL = MetaModel::MakeUpdateQuery($oFilter, $aChanges); - CMDBSource::Query($sSQL); + if (!MetaModel::DBIsReadOnly()) + { + CMDBSource::Query($sSQL); + } } $this->DBWriteLinks(); @@ -1053,7 +1063,10 @@ abstract class DBObject $this->OnDelete(); $sSQL = MetaModel::MakeDeleteQuery($oFilter); - CMDBSource::Query($sSQL); + if (!MetaModel::DBIsReadOnly()) + { + CMDBSource::Query($sSQL); + } $this->AfterDelete(); diff --git a/core/metamodel.class.php b/core/metamodel.class.php index a8083da8e..b967979a6 100644 --- a/core/metamodel.class.php +++ b/core/metamodel.class.php @@ -1401,6 +1401,7 @@ abstract class MetaModel public static function Init_OverloadStateAttribute($sStateCode, $sAttCode, $iFlags) { + // Warning: this is not sufficient: the flags have to be copied to the states that are inheriting from this state $sTargetClass = self::GetCallersPHPClass("Init"); self::$m_aStates[$sTargetClass][$sStateCode]['attribute_list'][$sAttCode] = $iFlags; } @@ -2535,6 +2536,12 @@ abstract class MetaModel return $aDataDump; } + // Temporary - investigate the cost of such a limitation + public static function DBIsReadOnly() + { + return self::$m_oConfig->Get('read_only'); + } + protected static function MakeDictEntry($sKey, $sValueFromOldSystem, $sDefaultValue, &$bNotInDico) { $sValue = Dict::S($sKey, 'x-no-nothing'); @@ -3505,14 +3512,20 @@ abstract class MetaModel public static function BulkDelete(DBObjectSearch $oFilter) { $sSQL = self::MakeDeleteQuery($oFilter); - CMDBSource::Query($sSQL); + if (!self::DBIsReadOnly()) + { + CMDBSource::Query($sSQL); + } } public static function BulkUpdate(DBObjectSearch $oFilter, array $aValues) { // $aValues is an array of $sAttCode => $value $sSQL = self::MakeUpdateQuery($oFilter, $aValues); - CMDBSource::Query($sSQL); + if (!self::DBIsReadOnly()) + { + CMDBSource::Query($sSQL); + } } // Links diff --git a/core/userrights.class.inc.php b/core/userrights.class.inc.php index 016a3c9b6..cfa981707 100644 --- a/core/userrights.class.inc.php +++ b/core/userrights.class.inc.php @@ -372,6 +372,11 @@ class UserRights public static function CanChangePassword() { + if (MetaModel::DBIsReadOnly()) + { + return false; + } + if (!is_null(self::$m_oUser)) { return self::$m_oUser->CanChangePassword(); @@ -554,6 +559,14 @@ class UserRights if (self::IsAdministrator($oUser)) return true; + if (MetaModel::DBIsReadOnly()) + { + if ($iActionCode == UR_ACTION_MODIFY) return false; + if ($iActionCode == UR_ACTION_DELETE) return false; + if ($iActionCode == UR_ACTION_BULK_MODIFY) return false; + if ($iActionCode == UR_ACTION_BULK_DELETE) return false; + } + if (MetaModel::HasCategory($sClass, 'bizmodel')) { // #@# Temporary????? @@ -584,6 +597,14 @@ class UserRights if (self::IsAdministrator($oUser)) return true; + if (MetaModel::DBIsReadOnly()) + { + if ($iActionCode == UR_ACTION_MODIFY) return false; + if ($iActionCode == UR_ACTION_DELETE) return false; + if ($iActionCode == UR_ACTION_BULK_MODIFY) return false; + if ($iActionCode == UR_ACTION_BULK_DELETE) return false; + } + if (MetaModel::HasCategory($sClass, 'bizmodel')) { if (is_null($oUser)) @@ -606,6 +627,14 @@ class UserRights if (self::IsAdministrator($oUser)) return true; + if (MetaModel::DBIsReadOnly()) + { + if ($iActionCode == UR_ACTION_MODIFY) return false; + if ($iActionCode == UR_ACTION_DELETE) return false; + if ($iActionCode == UR_ACTION_BULK_MODIFY) return false; + if ($iActionCode == UR_ACTION_BULK_DELETE) return false; + } + // this module is forbidden for non admins if (MetaModel::HasCategory($sClass, 'addon/userrights')) return false;