diff --git a/htdocs/comm/propal.php3 b/htdocs/comm/propal.php3
index e1114b289cd..51bf8a717a6 100644
--- a/htdocs/comm/propal.php3
+++ b/htdocs/comm/propal.php3
@@ -93,7 +93,7 @@ if ($action == 'pdf')
propale_pdf_create($db, $propalid, $propal->modelpdf);
}
-if ($action == 'setstatut')
+if ($action == 'setstatut' && $user->rights->propale->cloturer)
{
/*
* Cloture de la propale
@@ -104,7 +104,7 @@ if ($action == 'setstatut')
}
-if ($action == 'modif')
+if ($action == 'modif' && $user->rights->propale->creer)
{
/*
* Repasse la propale en mode brouillon
@@ -115,7 +115,7 @@ if ($action == 'modif')
}
-if ($HTTP_POST_VARS["action"] == 'addligne')
+if ($HTTP_POST_VARS["action"] == 'addligne' && $user->rights->propale->creer)
{
/*
* Ajout d'une ligne produit dans la propale
@@ -128,7 +128,7 @@ if ($HTTP_POST_VARS["action"] == 'addligne')
}
}
-if ($action == 'del_ligne')
+if ($action == 'del_ligne' && $user->rights->propale->creer)
{
/*
* Supprime une ligne produit dans la propale
@@ -139,7 +139,7 @@ if ($action == 'del_ligne')
}
-if ( $action == 'delete' )
+if ( $action == 'delete' && $user->rights->propale->supprimer )
{
$sql = "DELETE FROM llx_propal WHERE rowid = $propalid;";
if ( $db->query($sql) )
@@ -181,11 +181,11 @@ if ($propalid)
$propal->fetch($propalid);
- if ($valid == 1)
+ if ($valid == 1 && $user->rights->propale->valider)
{
$propal->update_price($propalid);
propale_pdf_create($db, $propalid);
- $propal->valid($user->id);
+ $propal->valid($user);
}
/*
*
@@ -320,17 +320,21 @@ if ($propalid)
print "| [$objp->ref] | \n";
print ''.$objp->product.' | ';
print "".price($objp->price)." | ".$objp->qty." | \n";
- if ($obj->statut == 0)
+ if ($obj->statut == 0 && $user->rights->propale->creer)
{
print 'Supprimer | ';
}
+ else
+ {
+ print '- | ';
+ }
print "";
$i++;
}
}
- if ($obj->statut == 0)
+ if ($obj->statut == 0 && $user->rights->propale->creer)
{
$sql = "SELECT p.rowid,p.label,p.ref,p.price FROM llx_product as p WHERE p.envente=1 ORDER BY p.nbvente DESC LIMIT 20";
@@ -374,13 +378,20 @@ if ($propalid)
if ($obj->statut == 0)
{
- print "[Supprimer] | ";
+ if ($user->rights->propale->supprimer)
+ {
+ print "[Supprimer] | ";
+ }
+ else
+ {
+ print "- | ";
+ }
}
else
{
- if ($obj->statut == 1)
+ if ($obj->statut == 1 && $user->rights->propale->cloturer)
{
- print "[Cloturer] | ";
+ print "[Cloturer] | ";
}
else
{
@@ -390,13 +401,13 @@ if ($propalid)
/*
*
*/
- if ($obj->statut < 2)
+ if ($obj->statut < 2 && $user->rights->propale->creer)
{
print '[Générer] | ";
}
else
{
- print "- | ";
+ print '- | ';
}
/*
@@ -407,8 +418,15 @@ if ($propalid)
$file = PROPALE_OUTPUTDIR. "/$obj->ref/$obj->ref.pdf";
if (file_exists($file))
{
- print "";
- print "[Envoyer la proposition] | ";
+ if ($user->rights->propale->envoyer)
+ {
+ print "";
+ print "[Envoyer la proposition] | ";
+ }
+ else
+ {
+ print '- | ';
+ }
}
else
{
@@ -424,15 +442,29 @@ if ($propalid)
*/
if ($obj->statut == 0)
{
- print "[Valider] | ";
+ if ($user->rights->propale->valider)
+ {
+ print "[Valider] | ";
+ }
+ else
+ {
+ print '- | ';
+ }
}
elseif ($obj->statut == 1)
{
- print "[Modifier] | ";
+ if ($user->rights->propale->creer)
+ {
+ print "[Modifier] | ";
+ }
+ else
+ {
+ print '- | ';
+ }
}
else
{
- print "- | ";
+ print '- | ';
}
print "";
}
diff --git a/htdocs/user/fiche.php3 b/htdocs/user/fiche.php3
index bb50c3b2de1..0b008ca608a 100644
--- a/htdocs/user/fiche.php3
+++ b/htdocs/user/fiche.php3
@@ -401,16 +401,22 @@ else
* Droits
*/
print '';
- $sql = "SELECT r.id, r.libelle FROM llx_rights_def as r ORDER BY r.id ASC";
+ $sql = "SELECT r.id, r.libelle, r.module FROM llx_rights_def as r ORDER BY r.id ASC";
if ($db->query($sql))
{
$num = $db->num_rows();
$i = 0;
+ $var = True;
while ($i < $num)
{
$obj = $db->fetch_object($i);
- print '| Ajouter | ';
+ if ($oldmod <> $obj->module)
+ {
+ $oldmod = $obj->module;
+ $var = !$var;
+ }
+ print ' |
| Ajouter | ';
print $obj->libelle . ' | ';
print 'Supprimer |
';
$i++;