diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index b286adae481..89ce32b9069 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -10422,7 +10422,7 @@ function dolGetButtonAction($label, $html = '', $actionType = 'default', $url = global $hookmanager, $action, $object, $langs; //var_dump($params); - if ($params['isDropdown']) + if (!empty($params['isDropdown'])) $class = "dropdown-item"; else { $class = 'butAction'; diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 3b2a1c1ec50..4707657d3e3 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1154,7 +1154,7 @@ function get_left_menu_home($mainmenu, &$newmenu, $usemenuhider = 1, $leftmenu = if ($user->rights->user->user->lire) { if ($usemenuhider || empty($leftmenu) || $leftmenu == "users") { $newmenu->add("", $langs->trans("Users"), 1, $user->rights->user->user->lire || $user->admin); - $newmenu->add("/user/card.php?leftmenu=users&action=create", $langs->trans("NewUser"), 2, ($user->rights->user->user->creer || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE), '', 'home'); + $newmenu->add("/user/card.php?leftmenu=users&action=create", $langs->trans("NewUser"), 2, ($user->hasRight("user", "user", "write") || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE), '', 'home'); $newmenu->add("/user/list.php?leftmenu=users", $langs->trans("ListOfUsers"), 2, $user->rights->user->user->lire || $user->admin); $newmenu->add("/user/hierarchy.php?leftmenu=users", $langs->trans("HierarchicView"), 2, $user->rights->user->user->lire || $user->admin); if (isModEnabled('categorie')) { @@ -1162,7 +1162,7 @@ function get_left_menu_home($mainmenu, &$newmenu, $usemenuhider = 1, $leftmenu = $newmenu->add("/categories/index.php?leftmenu=users&type=7", $langs->trans("UsersCategoriesShort"), 2, $user->rights->categorie->lire, '', $mainmenu, 'cat'); } $newmenu->add("", $langs->trans("Groups"), 1, ($user->rights->user->user->lire || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)); - $newmenu->add("/user/group/card.php?leftmenu=users&action=create", $langs->trans("NewGroup"), 2, ((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) ? $user->rights->user->group_advance->write : $user->rights->user->user->creer) || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)); + $newmenu->add("/user/group/card.php?leftmenu=users&action=create", $langs->trans("NewGroup"), 2, ((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) ? $user->hasRight("user", "group_advance", "create") : $user->hasRight("user", "user", "create")) || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)); $newmenu->add("/user/group/list.php?leftmenu=users", $langs->trans("ListOfGroups"), 2, ((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) ? $user->rights->user->group_advance->read : $user->rights->user->user->lire) || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)); } } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 5108a5eb332..782f75b0190 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -2413,7 +2413,7 @@ function printDropdownQuickadd() "title" => "MenuNewMember@members", "name" => "Adherent@members", "picto" => "object_member", - "activation" => !empty($conf->adherent->enabled) && $user->rights->adherent->creer, // vs hooking + "activation" => !empty($conf->adherent->enabled) && $user->hasRight("adherent", "write"), // vs hooking "position" => 5, ), array( @@ -2421,7 +2421,7 @@ function printDropdownQuickadd() "title" => "MenuNewThirdParty@companies", "name" => "ThirdParty@companies", "picto" => "object_company", - "activation" => !empty($conf->societe->enabled) && $user->rights->societe->creer, // vs hooking + "activation" => !empty($conf->societe->enabled) && $user->hasRight("societe", "write"), // vs hooking "position" => 10, ), array( @@ -2429,7 +2429,7 @@ function printDropdownQuickadd() "title" => "NewContactAddress@companies", "name" => "Contact@companies", "picto" => "object_contact", - "activation" => !empty($conf->societe->enabled) && $user->rights->societe->contact->creer, // vs hooking + "activation" => !empty($conf->societe->enabled) && $user->hasRight("societe", "contact", "write"), // vs hooking "position" => 20, ), array( @@ -2437,7 +2437,7 @@ function printDropdownQuickadd() "title" => "NewPropal@propal", "name" => "Proposal@propal", "picto" => "object_propal", - "activation" => !empty($conf->propal->enabled) && $user->rights->propale->creer, // vs hooking + "activation" => !empty($conf->propal->enabled) && $user->hasRight("propale", "write"), // vs hooking "position" => 30, ), @@ -2446,7 +2446,7 @@ function printDropdownQuickadd() "title" => "NewOrder@orders", "name" => "Order@orders", "picto" => "object_order", - "activation" => !empty($conf->commande->enabled) && $user->rights->commande->creer, // vs hooking + "activation" => !empty($conf->commande->enabled) && $user->hasRight("commande", "write"), // vs hooking "position" => 40, ), array( @@ -2454,7 +2454,7 @@ function printDropdownQuickadd() "title" => "NewBill@bills", "name" => "Bill@bills", "picto" => "object_bill", - "activation" => isModEnabled('facture') && $user->rights->facture->creer, // vs hooking + "activation" => isModEnabled('facture') && $user->hasRight("facture", "write"), // vs hooking "position" => 50, ), array( @@ -2462,7 +2462,7 @@ function printDropdownQuickadd() "title" => "NewContractSubscription@contracts", "name" => "Contract@contracts", "picto" => "object_contract", - "activation" => !empty($conf->contrat->enabled) && $user->rights->contrat->creer, // vs hooking + "activation" => !empty($conf->contrat->enabled) && $user->hasRight("contrat", "write"), // vs hooking "position" => 60, ), array( @@ -2470,7 +2470,7 @@ function printDropdownQuickadd() "title" => "SupplierProposalNew@supplier_proposal", "name" => "SupplierProposal@supplier_proposal", "picto" => "supplier_proposal", - "activation" => !empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposal->creer, // vs hooking + "activation" => !empty($conf->supplier_proposal->enabled) && $user->hasRight("supplier_invoice", "write"), // vs hooking "position" => 70, ), array( @@ -2478,7 +2478,7 @@ function printDropdownQuickadd() "title" => "NewSupplierOrderShort@orders", "name" => "SupplierOrder@orders", "picto" => "supplier_order", - "activation" => (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->rights->fournisseur->commande->creer) || (!empty($conf->supplier_order->enabled) && $user->rights->supplier_order->creer), // vs hooking + "activation" => (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->hasRight("fournisseur", "commande", "write")) || (!empty($conf->supplier_order->enabled) && $user->hasRight("supplier_invoice", "write")), // vs hooking "position" => 80, ), array( @@ -2486,7 +2486,7 @@ function printDropdownQuickadd() "title" => "NewBill@bills", "name" => "SupplierBill@bills", "picto" => "supplier_invoice", - "activation" => (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->rights->fournisseur->facture->creer) || (!empty($conf->supplier_invoice->enabled) && $user->rights->supplier_invoice->creer), // vs hooking + "activation" => (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->hasRight("fournisseur", "facture", "write")) || (!empty($conf->supplier_invoice->enabled) && $user->hasRight("supplier_invoice", "write")), // vs hooking "position" => 90, ), array( @@ -2494,7 +2494,7 @@ function printDropdownQuickadd() "title" => "NewProduct@products", "name" => "Product@products", "picto" => "object_product", - "activation" => !empty($conf->product->enabled) && $user->rights->produit->creer, // vs hooking + "activation" => !empty($conf->product->enabled) && $user->hasRight("produit", "write"), // vs hooking "position" => 100, ), array( @@ -2502,7 +2502,7 @@ function printDropdownQuickadd() "title" => "NewService@products", "name" => "Service@products", "picto" => "object_service", - "activation" => !empty($conf->service->enabled) && $user->rights->service->creer, // vs hooking + "activation" => !empty($conf->service->enabled) && $user->hasRight("service", "write"), // vs hooking "position" => 110, ), array( @@ -2510,7 +2510,7 @@ function printDropdownQuickadd() "title" => "AddUser@users", "name" => "User@users", "picto" => "user", - "activation" => $user->rights->user->user->creer, // vs hooking + "activation" => $user->hasRight("user", "user", "write"), // vs hooking "position" => 500, ), ), diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 5f8a4be0446..8e375933a91 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -76,15 +76,15 @@ $dateendvalidity = dol_mktime(0, 0, 0, GETPOST('dateendvaliditymonth', 'int'), G $dateofbirth = dol_mktime(0, 0, 0, GETPOST('dateofbirthmonth', 'int'), GETPOST('dateofbirthday', 'int'), GETPOST('dateofbirthyear', 'int')); // Define value to know what current user can do on users -$canadduser = (!empty($user->admin) || $user->rights->user->user->creer); -$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire); -$canedituser = (!empty($user->admin) || $user->rights->user->user->creer); -$candisableuser = (!empty($user->admin) || $user->rights->user->user->supprimer); +$canadduser = (!empty($user->admin) || $user->hasRight("user", "user", "write")); +$canreaduser = (!empty($user->admin) || $user->hasRight("user", "user", "read")); +$canedituser = (!empty($user->admin) || $user->hasRight("user", "user", "write")); +$candisableuser = (!empty($user->admin) || $user->hasRight("user", "user", "delete")); $canreadgroup = $canreaduser; $caneditgroup = $canedituser; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $canreadgroup = (!empty($user->admin) || $user->rights->user->group_advance->read); - $caneditgroup = (!empty($user->admin) || $user->rights->user->group_advance->write); + $canreadgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "read")); + $caneditgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "write")); } $childids = $user->getAllChildIds(1); // For later, test on salary visibility @@ -92,8 +92,8 @@ $childids = $user->getAllChildIds(1); // For later, test on salary visibility // Define value to know what current user can do on properties of edited user if ($id > 0) { // $user is the current logged user, $id is the user we want to edit - $caneditfield = ((($user->id == $id) && $user->rights->user->self->creer) || (($user->id != $id) && $user->rights->user->user->creer)); - $caneditpassword = ((($user->id == $id) && $user->rights->user->self->password) || (($user->id != $id) && $user->rights->user->user->password)); + $caneditfield = ((($user->id == $id) && $user->hasRight("user", "self", "write")) || (($user->id != $id) && $user->hasRight("user", "user", "write"))); + $caneditpassword = ((($user->id == $id) && $user->hasRight("user", "self", "password")) || (($user->id != $id) && $user->hasRight("user", "user", "password"))); } // Security check @@ -712,7 +712,7 @@ if (empty($reshook)) { // Actions to build doc $upload_dir = $conf->user->dir_output; - $permissiontoadd = $user->rights->user->user->creer; + $permissiontoadd = $user->hasRight("user", "user", "write"); include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; } @@ -1165,7 +1165,7 @@ if ($action == 'create' || $action == 'adduserldap') { } // Categories - if (!empty($conf->categorie->enabled) && !empty($user->rights->categorie->lire)) { + if (!empty($conf->categorie->enabled) && !empty($user->hasRight("categorie", "read"))) { print ''.$form->editfieldkey('Categories', 'usercats', '', $object, 0).''; $cate_arbo = $form->select_all_categories('user', null, 'parent', null, null, 1); print img_picto('', 'category', 'class="pictofixedwidth"').$form->multiselectarray('usercats', $cate_arbo, GETPOST('usercats', 'array'), 0, 0, 'maxwdith300 widthcentpercentminusx', 0, '90%'); @@ -1234,9 +1234,9 @@ if ($action == 'create' || $action == 'adduserldap') { print ''; print ''; - if ((!empty($conf->salaries->enabled) && !empty($user->rights->salaries->read) && in_array($id, $childids)) - || (!empty($conf->salaries->enabled) && !empty($user->rights->salaries->readall)) - || (!empty($conf->hrm->enabled) && !empty($user->rights->hrm->employee->read))) { + if ((!empty($conf->salaries->enabled) && !empty($user->hasRight("salaries", "read")) && in_array($id, $childids)) + || (!empty($conf->salaries->enabled) && !empty($user->hasRight("salaries", "readall"))) + || (!empty($conf->hrm->enabled) && !empty($user->hasRight("hrm", "employee", "read")))) { $langs->load("salaries"); // THM @@ -1365,7 +1365,7 @@ if ($action == 'create' || $action == 'adduserldap') { $title = $langs->trans("User"); $linkback = ''; - if ($user->rights->user->user->lire || $user->admin) { + if ($user->hasRight("user", "user", "read") || $user->admin) { $linkback = ''.$langs->trans("BackToList").''; } } @@ -1417,7 +1417,7 @@ if ($action == 'create' || $action == 'adduserldap') { $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"'); $morehtmlref .= ''; - dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin, 'rowid', 'ref', $morehtmlref); + dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin, 'rowid', 'ref', $morehtmlref); print '
'; print '
'; @@ -1541,8 +1541,8 @@ if ($action == 'create' || $action == 'adduserldap') { // Sensitive salary/value information if ((empty($user->socid) && in_array($id, $childids)) // A user can always see salary/value information for its subordinates - || (!empty($conf->salaries->enabled) && !empty($user->rights->salaries->readall)) - || (!empty($conf->hrm->enabled) && !empty($user->rights->hrm->employee->read))) { + || (!empty($conf->salaries->enabled) && !empty($user->hasRight("salaries", "readall"))) + || (!empty($conf->hrm->enabled) && !empty($user->hasRight("hrm", "employee", "read")))) { $langs->load("salaries"); // Salary @@ -1625,7 +1625,7 @@ if ($action == 'create' || $action == 'adduserldap') { } // Categories - if (!empty($conf->categorie->enabled) && !empty($user->rights->categorie->lire)) { + if (!empty($conf->categorie->enabled) && !empty($user->hasRight("categorie", "read"))) { print ''.$langs->trans("Categories").''; print ''; print $form->showCategories($object->id, Categorie::TYPE_USER, 1); @@ -1804,7 +1804,7 @@ if ($action == 'create' || $action == 'adduserldap') { print ''."\n"; // API key - if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin || $user->rights->api->apikey->generate)) { + if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin || $user->hasRight("api", "apikey", "generate"))) { print ''.$langs->trans("ApiKey").''; print ''; if (!empty($object->api_key)) { @@ -2369,7 +2369,7 @@ if ($action == 'create' || $action == 'adduserldap') { print "\n"; // API key - if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin || $user->rights->api->apikey->generate)) { + if (!empty($conf->api->enabled) && ($user->id == $id || $user->admin || $user->hasRight("api", "apikey", "generate"))) { print ''.$langs->trans("ApiKey").''; print ''; print ''; @@ -2566,7 +2566,7 @@ if ($action == 'create' || $action == 'adduserldap') { print ''; // Categories - if (!empty($conf->categorie->enabled) && !empty($user->rights->categorie->lire)) { + if (!empty($conf->categorie->enabled) && !empty($user->hasRight("categorie", "read"))) { print ''.$form->editfieldkey('Categories', 'usercats', '', $object, 0).''; print ''; print img_picto('', 'category', 'class="pictofixedwidth"'); @@ -2711,8 +2711,8 @@ if ($action == 'create' || $action == 'adduserldap') { // Sensitive salary/value information if ((empty($user->socid) && in_array($id, $childids)) // A user can always see salary/value information for its subordinates - || (!empty($conf->salaries->enabled) && !empty($user->rights->salaries->readall)) - || (!empty($conf->hrm->enabled) && !empty($user->rights->hrm->employee->read))) { + || (!empty($conf->salaries->enabled) && !empty($user->hasRight("salaries", "readall"))) + || (!empty($conf->hrm->enabled) && !empty($user->hasRight("hrm", "employee", "read")))) { $langs->load("salaries"); // Salary @@ -2803,8 +2803,8 @@ if ($action == 'create' || $action == 'adduserldap') { $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->user->dir_output."/".dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed = $user->rights->user->user->lire; - $delallowed = $user->rights->user->user->creer; + $genallowed = $user->hasRight("user", "user", "read"); + $delallowed = $user->hasRight("user", "user", "write"); print $formfile->showdocuments('user', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', 0, '', empty($soc->default_lang) ? '' : $soc->default_lang); $somethingshown = $formfile->numoffiles; diff --git a/htdocs/user/document.php b/htdocs/user/document.php index ed1fe30df4e..31ec618a795 100644 --- a/htdocs/user/document.php +++ b/htdocs/user/document.php @@ -41,23 +41,23 @@ $ref = GETPOST('ref', 'alpha'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'userdoc'; // To manage different context of search // Define value to know what current user can do on users -$canadduser = (!empty($user->admin) || $user->rights->user->user->creer); -$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire); -$canedituser = (!empty($user->admin) || $user->rights->user->user->creer); -$candisableuser = (!empty($user->admin) || $user->rights->user->user->supprimer); +$canadduser = (!empty($user->admin) || $user->hasRight("user", "user", "write")); +$canreaduser = (!empty($user->admin) || $user->hasRight("user", "user", "read")); +$canedituser = (!empty($user->admin) || $user->hasRight("user", "user", "write")); +$candisableuser = (!empty($user->admin) || $user->hasRight("user", "user", "delete")); $canreadgroup = $canreaduser; $caneditgroup = $canedituser; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $canreadgroup = (!empty($user->admin) || $user->rights->user->group_advance->read); - $caneditgroup = (!empty($user->admin) || $user->rights->user->group_advance->write); + $canreadgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "read")); + $caneditgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "write")); } // Define value to know what current user can do on properties of edited user if ($id) { // $user est le user qui edite, $id est l'id de l'utilisateur edite - $caneditfield = ((($user->id == $id) && $user->rights->user->self->creer) - || (($user->id != $id) && $user->rights->user->user->creer)); - $caneditpassword = ((($user->id == $id) && $user->rights->user->self->password) - || (($user->id != $id) && $user->rights->user->user->password)); + $caneditfield = ((($user->id == $id) && $user->hasRight("user", "self", "write")) + || (($user->id != $id) && $user->hasRight("user", "user", "write"))); + $caneditpassword = ((($user->id == $id) && $user->hasRight("user", "self", "password")) + || (($user->id != $id) && $user->hasRight("user", "user", "passsword"))); } $permissiontoadd = $caneditfield; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles @@ -147,7 +147,7 @@ if ($object->id) { print dol_get_fiche_head($head, 'document', $langs->trans("User"), -1, 'user'); $linkback = ''; - if ($user->rights->user->user->lire || $user->admin) { + if ($user->hasRight("user", "user", "read") || $user->admin) { $linkback = ''.$langs->trans("BackToList").''; } @@ -155,7 +155,7 @@ if ($object->id) { $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"'); $morehtmlref .= ''; - dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin, 'rowid', 'ref', $morehtmlref); + dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin, 'rowid', 'ref', $morehtmlref); print '
'; print '
'; diff --git a/htdocs/user/group/card.php b/htdocs/user/group/card.php index 92d309e554b..9b6e9e1c317 100644 --- a/htdocs/user/group/card.php +++ b/htdocs/user/group/card.php @@ -32,16 +32,16 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; // Defini si peux lire/modifier utilisateurs et permisssions -$canreadperms = ($user->admin || $user->rights->user->user->lire); -$caneditperms = ($user->admin || $user->rights->user->user->creer); -$candisableperms = ($user->admin || $user->rights->user->user->supprimer); +$canreadperms = ($user->admin || $user->hasRight("user", "user", "read")); +$caneditperms = ($user->admin || $user->hasRight("user", "user", "write")); +$candisableperms = ($user->admin || $user->hasRight("user", "user", "delete")); $feature2 = 'user'; // Advanced permissions if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $canreadperms = ($user->admin || $user->rights->user->group_advance->read); - $caneditperms = ($user->admin || $user->rights->user->group_advance->write); - $candisableperms = ($user->admin || $user->rights->user->group_advance->delete); + $canreadperms = ($user->admin || $user->hasRight("user", "group_advance", "read")); + $caneditperms = ($user->admin || $user->hasRight("user", "group_advance", "write")); + $candisableperms = ($user->admin || $user->hasRight("user", "group_advance", "delete")); $feature2 = 'group_advance'; } @@ -238,7 +238,7 @@ if (empty($reshook)) { // Actions to build doc $upload_dir = $conf->user->dir_output.'/usergroups'; - $permissiontoadd = $user->rights->user->user->creer; + $permissiontoadd = $user->hasRight("user", "user", "write"); include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; } @@ -250,7 +250,7 @@ $title = $object->name.' - '.$langs->trans("Card"); if ($action == 'create') { $title = $langs->trans("NewGroup"); } - +$help_url = ""; llxHeader('', $title, $help_url); @@ -329,7 +329,7 @@ if ($action == 'create') { $linkback = ''.$langs->trans("BackToList").''; - dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin); + dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin); print '
'; print '
'; @@ -485,8 +485,8 @@ if ($action == 'create') { $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->user->dir_output."/usergroups/".dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed = $user->rights->user->user->creer; - $delallowed = $user->rights->user->user->supprimer; + $genallowed = $user->hasRight("user", "user", "write"); + $delallowed = $user->hasRight("user", "user", "delete"); $somethingshown = $formfile->showdocuments('usergroup', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', 0, '', $mysoc->default_lang); diff --git a/htdocs/user/group/list.php b/htdocs/user/group/list.php index bb130b33e75..8f7f907eb7b 100644 --- a/htdocs/user/group/list.php +++ b/htdocs/user/group/list.php @@ -38,10 +38,10 @@ $massaction = GETPOST('massaction', 'alpha'); // The bulk action (combo box choi $contextpage = GETPOST('optioncss', 'aZ09'); // Defini si peux lire/modifier utilisateurs et permisssions -$caneditperms = ($user->admin || $user->rights->user->user->creer); +$caneditperms = ($user->admin || $user->hasRight("user", "user", "write")); // Advanced permissions if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $caneditperms = ($user->admin || $user->rights->user->group_advance->write); + $caneditperms = ($user->admin || $user->hasRight("user", "group_advance", "write")); } // Load variable for pagination @@ -70,7 +70,7 @@ $fieldstosearchall = array( ); if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - if (!$user->rights->user->group_advance->read && !$user->admin) { + if (!$user->hasRight("user", "group_advance", "read") && !$user->admin) { accessforbidden(); } } @@ -80,7 +80,7 @@ if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global-> accessforbidden(); } -if (!$user->rights->user->user->lire && !$user->admin) { +if (!$user->hasRight("user", "user", "read") && !$user->admin) { accessforbidden(); } @@ -121,6 +121,7 @@ if (empty($reshook)) { * View */ $title = $langs->trans("ListOfGroups"); +$help_url=""; llxHeader('', $title, $help_url); $sql = "SELECT g.rowid, g.nom as name, g.note, g.entity, g.datec, g.tms as datem, COUNT(DISTINCT ugu.fk_user) as nb, COUNT(DISTINCT ugr.fk_id) as nbpermissions"; diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index edf20d0884c..15fcc2a319f 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -50,15 +50,15 @@ if (!isset($id) || empty($id)) { } // Define if user can read permissions -$canreadperms = ($user->admin || $user->rights->user->user->lire); +$canreadperms = ($user->admin || $user->hasRight("user", "user", "read")); // Define if user can modify group permissions -$caneditperms = ($user->admin || $user->rights->user->user->creer); +$caneditperms = ($user->admin || $user->hasRight("user", "user", "write")); // Advanced permissions $advancedpermsactive = false; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { $advancedpermsactive = true; - $canreadperms = ($user->admin || ($user->rights->user->group_advance->read && $user->rights->user->group_advance->readperms)); - $caneditperms = ($user->admin || $user->rights->user->group_advance->write); + $canreadperms = ($user->admin || ($user->hasRight("user", "group_advance", "read") && $user->hasRight("user", "group_advance", "readperms"))); + $caneditperms = ($user->admin || $user->hasRight("user", "group_advance", "write")); } // Security check @@ -206,7 +206,7 @@ if ($object->id > 0) { $linkback = ''.$langs->trans("BackToList").''; - dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin); + dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin); print '
'; print '
'; diff --git a/htdocs/user/hierarchy.php b/htdocs/user/hierarchy.php index 92d0490f1c6..3f8326d3b7b 100644 --- a/htdocs/user/hierarchy.php +++ b/htdocs/user/hierarchy.php @@ -60,9 +60,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $userstatic = new User($db); // Define value to know what current user can do on users -$canadduser = (!empty($user->admin) || $user->rights->user->user->creer); +$canadduser = (!empty($user->admin) || $user->hasRight("user", "user", "write")); -if (!$user->rights->user->user->lire && !$user->admin) { +if (!$user->hasRight("user", "user", "read") && !$user->admin) { accessforbidden(); } diff --git a/htdocs/user/list.php b/htdocs/user/list.php index a47fa7a51c2..f0196789e25 100644 --- a/htdocs/user/list.php +++ b/htdocs/user/list.php @@ -131,7 +131,7 @@ $arrayfields = array( 'u.email'=>array('label'=>"EMail", 'checked'=>1, 'position'=>35), 'u.api_key'=>array('label'=>"ApiKey", 'checked'=>0, 'position'=>40, "enabled"=>(!empty($conf->api->enabled) && $user->admin)), 'u.fk_soc'=>array('label'=>"Company", 'checked'=>($contextpage == 'employeelist' ? 0 : 1), 'position'=>45), - 'u.salary'=>array('label'=>"Salary", 'checked'=>1, 'position'=>80, 'enabled'=>(!empty($conf->salaries->enabled) && !empty($user->rights->salaries->readall))), + 'u.salary'=>array('label'=>"Salary", 'checked'=>1, 'position'=>80, 'enabled'=>(!empty($conf->salaries->enabled) && !empty($user->hasRight("salaries", "readall")))), 'u.datelastlogin'=>array('label'=>"LastConnexion", 'checked'=>1, 'position'=>100), 'u.datepreviouslogin'=>array('label'=>"PreviousConnexion", 'checked'=>0, 'position'=>110), 'u.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), @@ -174,26 +174,26 @@ if ($mode == 'employee' && !GETPOSTISSET('search_employee')) { } // Define value to know what current user can do on users -$permissiontoadd = (!empty($user->admin) || $user->rights->user->user->creer); -$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire); -$canedituser = (!empty($user->admin) || $user->rights->user->user->creer); -$candisableuser = (!empty($user->admin) || $user->rights->user->user->supprimer); +$permissiontoadd = (!empty($user->admin) || $user->hasRight("user", "user", "write")); +$canreaduser = (!empty($user->admin) || $user->hasRight("user", "user", "read")); +$canedituser = (!empty($user->admin) || $user->hasRight("user", "user", "write")); +$candisableuser = (!empty($user->admin) || $user->hasRight("user", "user", "delete")); $canreadgroup = $canreaduser; $caneditgroup = $canedituser; if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $canreadgroup = (!empty($user->admin) || $user->rights->user->group_advance->read); - $caneditgroup = (!empty($user->admin) || $user->rights->user->group_advance->write); + $canreadgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "read")); + $caneditgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "write")); } $error = 0; // Permission to list if ($mode == 'employee') { - if (empty($user->rights->salaries->read)) { + if (empty($user->hasRight("salaries", "read"))) { accessforbidden(); } } else { - if (empty($user->rights->user->user->lire) && empty($user->admin)) { + if (empty($user->hasRight("user", "user", "read")) && empty($user->admin)) { accessforbidden(); } } @@ -441,7 +441,7 @@ if ($search_categ == -2) { if ($search_warehouse > 0) { $sql .= " AND u.fk_warehouse = ".((int) $search_warehouse); } -if ($mode == 'employee' && empty($user->rights->salaries->readall)) { +if ($mode == 'employee' && empty($user->hasRight("salaries", "readall"))) { $sql .= " AND u.rowid IN (".$db->sanitize(join(',', $childids)).")"; } // Add where from extra fields @@ -658,7 +658,7 @@ $moreforfilter = ''; $moreforfilter.= '
';*/ // Filter on categories -if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { +if (!empty($conf->categorie->enabled) && $user->hasRight("categorie", "read")) { $moreforfilter .= '
'; $tmptitle = $langs->trans('Category'); $moreforfilter .= img_picto($langs->trans("Category"), 'category', 'class="pictofixedwidth"').$formother->select_categories(Categorie::TYPE_USER, $search_categ, 'search_categ', 1, $tmptitle); @@ -939,9 +939,9 @@ while ($i < $imaxinloop) { $li = $object->getNomUrl(-1, '', 0, 0, 24, 1, 'login', '', 1); $canreadhrmdata = 0; - if ((!empty($conf->salaries->enabled) && !empty($user->rights->salaries->read) && in_array($obj->rowid, $childids)) - || (!empty($conf->salaries->enabled) && !empty($user->rights->salaries->readall)) - || (!empty($conf->hrm->enabled) && !empty($user->rights->hrm->employee->read))) { + if ((!empty($conf->salaries->enabled) && !empty($user->hasRight("salaries", "read")) && in_array($obj->rowid, $childids)) + || (!empty($conf->salaries->enabled) && !empty($user->hasRight("salaries", "readall"))) + || (!empty($conf->hrm->enabled) && !empty($user->hasRight("hrm", "employee", "read")))) { $canreadhrmdata = 1; } $canreadsecretapi = 0; diff --git a/htdocs/user/note.php b/htdocs/user/note.php index 2aeb496c20f..2b1e02b1376 100644 --- a/htdocs/user/note.php +++ b/htdocs/user/note.php @@ -39,7 +39,7 @@ $object->fetch($id, '', '', 1); $object->getrights(); // If user is not user read and no permission to read other users, we stop -if (($object->id != $user->id) && (!$user->rights->user->user->lire)) { +if (($object->id != $user->id) && (!$user->hasRight("user", "user", "read"))) { accessforbidden(); } @@ -48,7 +48,7 @@ $socid = 0; if ($user->socid > 0) { $socid = $user->socid; } -$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user'); +$feature2 = (($socid && $user->hasRight("user", "self", "write")) ? '' : 'user'); $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); @@ -67,7 +67,7 @@ if ($reshook < 0) { } if (empty($reshook)) { - if ($action == 'update' && $user->rights->user->user->creer && !GETPOST("cancel")) { + if ($action == 'update' && $user->hasRight("user", "user", "write") && !GETPOST("cancel")) { $db->begin(); $res = $object->update_note(dol_html_entity_decode(GETPOST('note_private', 'restricthtml'), ENT_QUOTES | ENT_HTML5)); @@ -99,7 +99,7 @@ if ($id) { $linkback = ''; - if ($user->rights->user->user->lire || $user->admin) { + if ($user->hasRight("user", "user", "read") || $user->admin) { $linkback = ''.$langs->trans("BackToList").''; } @@ -107,7 +107,7 @@ if ($id) { $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"'); $morehtmlref .= ''; - dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin, 'rowid', 'ref', $morehtmlref); + dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin, 'rowid', 'ref', $morehtmlref); print '
'; @@ -138,7 +138,7 @@ if ($id) { } print ''; - $editenabled = (($action == 'edit') && !empty($user->rights->user->user->creer)); + $editenabled = (($action == 'edit') && !empty($user->hasRight("user", "user", "write"))); // Note print ''.$langs->trans("Note").''; @@ -171,7 +171,7 @@ if ($id) { print '
'; - if ($user->rights->user->user->creer && $action != 'edit') { + if ($user->hasRight("user", "user", "write") && $action != 'edit') { print ''.$langs->trans('Modify').""; } diff --git a/htdocs/user/param_ihm.php b/htdocs/user/param_ihm.php index 4c138bfde6e..6a5eea96490 100644 --- a/htdocs/user/param_ihm.php +++ b/htdocs/user/param_ihm.php @@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php'; $langs->loadLangs(array('companies', 'products', 'admin', 'users', 'languages', 'projects', 'members')); // Defini si peux lire/modifier permisssions -$canreaduser = ($user->admin || $user->rights->user->user->lire); +$canreaduser = ($user->admin || $user->hasRight("user", "user", "read")); $id = GETPOST('id', 'int'); $action = GETPOST('action', 'aZ09'); @@ -40,8 +40,8 @@ $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'use if ($id) { // $user est le user qui edite, $id est l'id de l'utilisateur edite - $caneditfield = ((($user->id == $id) && $user->rights->user->self->creer) - || (($user->id != $id) && $user->rights->user->user->creer)); + $caneditfield = ((($user->id == $id) && $user->hasRight("user", "self", "write")) + || (($user->id != $id) && $user->hasRight("user", "user", "write"))); } // Security check @@ -49,7 +49,7 @@ $socid = 0; if ($user->socid > 0) { $socid = $user->socid; } -$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user'); +$feature2 = (($socid && $user->hasRight("user", "self", "write")) ? '' : 'user'); $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); if ($user->id <> $id && !$canreaduser) { @@ -231,11 +231,11 @@ if ($action == 'edit') { $linkback = ''; - if ($user->rights->user->user->lire || $user->admin) { + if ($user->hasRight("user", "user", "read") || $user->admin) { $linkback = ''.$langs->trans("BackToList").''; } - dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin); + dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin); print '
'; @@ -346,7 +346,7 @@ if ($action == 'edit') { $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"'); $morehtmlref .= ''; - dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin, 'rowid', 'ref', $morehtmlref); + dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin, 'rowid', 'ref', $morehtmlref); print '
'; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 47d68703d69..bfc234abce1 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -50,13 +50,13 @@ if (!isset($id) || empty($id)) { } // Define if user can read permissions -$canreaduser = ($user->admin || $user->rights->user->user->lire); +$canreaduser = ($user->admin || $user->hasRight("user", "user", "read")); // Define if user can modify other users and permissions -$caneditperms = ($user->admin || $user->rights->user->user->creer); +$caneditperms = ($user->admin || $user->hasRight("user", "user", "write")); // Advanced permissions if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $canreaduser = ($user->admin || ($user->rights->user->user->lire && $user->rights->user->user_advance->readperms)); - $caneditselfperms = ($user->id == $id && $user->rights->user->self_advance->writeperms); + $canreaduser = ($user->admin || ($user->hasRight("user", "user", "read") && $user->hasRight("user", "user_advance", "readperms"))); + $caneditselfperms = ($user->id == $id && $user->hasRight("user", "self_advance", "writeperms")); $caneditperms = (($caneditperms || $caneditselfperms) ? 1 : 0); } @@ -65,9 +65,9 @@ $socid = 0; if (isset($user->socid) && $user->socid > 0) { $socid = $user->socid; } -$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user'); +$feature2 = (($socid && $user->hasRight("user", "self", "write")) ? '' : 'user'); // A user can always read its own card if not advanced perms enabled, or if he has advanced perms, except for admin -if ($user->id == $id && (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->user->self_advance->readperms) && empty($user->admin))) { +if ($user->id == $id && (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->hasRight("user", "self_advance", "readperms")) && empty($user->admin))) { accessforbidden(); } @@ -249,7 +249,7 @@ if ($result) { $linkback = ''; -if ($user->rights->user->user->lire || $user->admin) { +if ($user->hasRight("user", "user", "read") || $user->admin) { $linkback = ''.$langs->trans("BackToList").''; } @@ -257,7 +257,7 @@ $morehtmlref = 'trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"'); $morehtmlref .= ''; -dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin, 'rowid', 'ref', $morehtmlref); +dol_banner_tab($object, 'id', $linkback, $user->hasRight("user", "user", "read") || $user->admin, 'rowid', 'ref', $morehtmlref); print '
';