lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX Problems with permissions of module to record payment of salaries

Browse Source
This commit is contained in:
Laurent Destailleur 2018-09-07 13:32:56 +02:00
parent ff05997f0a
commit 0ef17fe581
11 changed files with 31 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/compta/charges/index.php
View File

@ -455,7 +455,7 @@ while($j<$numlt)
// Payment Salary
if (! empty($conf->salaries->enabled) && $user->rights->salaries->read)
if (! empty($conf->salaries->enabled) && ! empty($user->rights->salaries->read))
{
if (! $mode || $mode != 'sconly')
{

2
htdocs/compta/salaries/card.php
View File

@ -39,7 +39,7 @@ $action=GETPOST('action','aZ09');
// Security check
$socid = GETPOST("socid","int");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'salaries', '', '', 'payment');
$result = restrictedArea($user, 'salaries', '', '', '');
$object = new PaymentSalary($db);

3
htdocs/compta/salaries/document.php
View File

@ -44,8 +44,9 @@ $action = GETPOST('action','alpha');
$confirm = GETPOST('confirm','alpha');
// Security check
$socid = GETPOST("socid","int");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'salaries', $id, '');
$result = restrictedArea($user, 'salaries', '', '', '');
// Get parameters

2
htdocs/compta/salaries/index.php
View File

@ -148,7 +148,7 @@ if ($result)
if ($optioncss != '') $param.='&amp;optioncss='.$optioncss;
$newcardbutton='';
if ($user->rights->salaries->payment->write)
if (! empty($user->rights->salaries->write))
{
$newcardbutton='<a class="butActionNew" href="'.DOL_URL_ROOT.'/compta/salaries/card.php?action=create"><span class="valignmiddle">'.$langs->trans('NewSalaryPayment').'</span>';
$newcardbutton.= '<span class="fa fa-plus-circle valignmiddle"></span>';

17
htdocs/compta/salaries/stats/index.php
View File

@ -41,18 +41,6 @@ $socid = GETPOST("socid","int");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'salaries', '', '', '');
// Other security check
$childids = $user->getAllChildIds();
$childids[]=$user->id;
if ($userid > 0)
{
if (empty($user->rights->salaries->payment->readall) && ! in_array($userid, $childids))
{
accessforbidden();
exit;
}
}
$nowyear=strftime("%Y", dol_now());
$year = GETPOST('year')>0?GETPOST('year'):$nowyear;
//$startyear=$year-2;
@ -77,11 +65,6 @@ print load_fiche_titre($title, $mesg);
dol_mkdir($dir);
$useridtofilter=$userid; // Filter from parameters
if (empty($useridtofilter))
{
$useridtofilter=$childids;
if (! empty($user->rights->salaries->payment->readall)) $useridtofilter=0;
}
$stats = new SalariesStats($db, $socid, $useridtofilter);

2
htdocs/compta/sociales/payments.php
View File

@ -397,7 +397,7 @@ while($j<$numlt)
// Payment Salary
if (! empty($conf->salaries->enabled) && $user->rights->salaries->read)
if (! empty($conf->salaries->enabled) && ! empty($user->rights->salaries->read))
{
if (! $mode || $mode != 'sconly')
{

10
htdocs/core/menus/init_menu_auguria.sql
View File

@ -198,11 +198,11 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->don->enabled && $leftmenu=="donations"', __HANDLER__, 'left', 2002__+MAX_llx_menu__, 'billing', '', 2000__+MAX_llx_menu__, '/don/list.php?leftmenu=donations&amp;mainmenu=billing', 'List', 1, 'donations', '$user->rights->don->lire', '', 2, 1, __ENTITY__);
-- insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->don->enabled && $leftmenu=="donations"', __HANDLER__, 'left', 2003__+MAX_llx_menu__, 'billing', '', 2000__+MAX_llx_menu__, '/don/stats/index.php?leftmenu=donations&amp;mainmenu=billing', 'Statistics', 1, 'donations', '$user->rights->don->lire', '', 2, 2, __ENTITY__);
-- Special expenses
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled || $conf->salaries->enabled || $conf->loan->enabled || $conf->banque->enabled', __HANDLER__, 'left', 2200__+MAX_llx_menu__, 'billing', 'tax', 6__+MAX_llx_menu__, '/compta/charges/index.php?leftmenu=tax&amp;mainmenu=billing', 'MenuSpecialExpenses', 0, 'compta', '(! empty($conf->tax->enabled) && $user->rights->tax->charges->lire) || (! empty($conf->salaries->enabled) && $user->rights->salaries->read) || (! empty($conf->loan->enabled) && $user->rights->loan->read) || (! empty($conf->banque->enabled) && $user->rights->banque->lire)', '', 0, 6, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled', __HANDLER__, 'left', 2210__+MAX_llx_menu__, 'billing', 'tax_sal', 2200__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary&amp;mainmenu=billing', 'Salaries', 1, 'salaries', '$user->rights->salaries->payment->read', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2211__+MAX_llx_menu__, 'billing', '', 2210__+MAX_llx_menu__, '/compta/salaries/card.php?leftmenu=tax_salary&amp;action=create', 'NewPayment', 2, 'companies', '$user->rights->salaries->payment->write', '', 0, 2, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2212__+MAX_llx_menu__, 'billing', '', 2210__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary', 'Payments', 2, 'companies', '$user->rights->salaries->payment->read', '', 0, 3, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2213__+MAX_llx_menu__, 'billing', '', 2210__+MAX_llx_menu__, '/compta/salaries/stats/index.php?leftmenu=tax_salary', 'Statistics', 2, 'companies', '$user->rights->salaries->payment->read', '', 0, 4, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled || $conf->salaries->enabled || $conf->loan->enabled || $conf->banque->enabled', __HANDLER__, 'left', 2200__+MAX_llx_menu__, 'billing', 'tax', 6__+MAX_llx_menu__, '/compta/charges/index.php?leftmenu=tax&amp;mainmenu=billing', 'MenuSpecialExpenses', 0, 'compta', '(! empty($conf->tax->enabled) && $user->rights->tax->charges->lire) || (! empty($conf->salaries->enabled) && ! empty($user->rights->salaries->read)) || (! empty($conf->loan->enabled) && $user->rights->loan->read) || (! empty($conf->banque->enabled) && $user->rights->banque->lire)', '', 0, 6, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled', __HANDLER__, 'left', 2210__+MAX_llx_menu__, 'billing', 'tax_sal', 2200__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary&amp;mainmenu=billing', 'Salaries', 1, 'salaries', '$user->rights->salaries->read', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2211__+MAX_llx_menu__, 'billing', '', 2210__+MAX_llx_menu__, '/compta/salaries/card.php?leftmenu=tax_salary&amp;action=create', 'NewPayment', 2, 'companies', '$user->rights->salaries->write', '', 0, 2, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2212__+MAX_llx_menu__, 'billing', '', 2210__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary', 'Payments', 2, 'companies', '$user->rights->salaries->read', '', 0, 3, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2213__+MAX_llx_menu__, 'billing', '', 2210__+MAX_llx_menu__, '/compta/salaries/stats/index.php?leftmenu=tax_salary', 'Statistics', 2, 'companies', '$user->rights->salaries->read', '', 0, 4, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->loan->enabled', __HANDLER__, 'left', 2220__+MAX_llx_menu__, 'billing', 'tax_loan', 2200__+MAX_llx_menu__, '/loan/index.php?leftmenu=tax_loan&amp;mainmenu=billing', 'Loans', 1, 'loan', '$user->rights->loan->read', '', 0, 1, __ENTITY__);
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->loan->enabled && $leftmenu=="tax_loan"', __HANDLER__, 'left', 2221__+MAX_llx_menu__, 'billing', '', 2220__+MAX_llx_menu__, '/loan/card.php?leftmenu=tax_loan&amp;action=create', 'NewLoan', 2, 'loan', '$user->rights->loan->write', '', 0, 2, __ENTITY__);
--insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->loan->enabled && $leftmenu=="tax_loan"', __HANDLER__, 'left', 2222__+MAX_llx_menu__, 'billing', '', 2220__+MAX_llx_menu__, '/loan/payment/list.php?leftmenu=tax_loan', 'Payments', 2, 'companies', '$user->rights->loan->read', '', 0, 3, __ENTITY__);

12
htdocs/core/menus/standard/eldy.lib.php
View File

@ -152,7 +152,7 @@ function print_eldy_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0,$mode
if (! empty($conf->loan->enabled)) $menuqualified++;
$tmpentry=array(
'enabled'=>$menuqualified,
'perms'=>(! empty($user->rights->facture->lire) || ! empty($user->rights->don->lire) || ! empty($user->rights->tax->charges->lire) || ! empty($user->rights->salaries->read) || ! empty($user->rights->fournisseur->facture->lire) || ! empty($user->rights->loan->read)),
'perms'=>(! empty($user->rights->facture->lire) || ! empty($user->rights->don->lire) || ! empty($user->rights->tax->charges->lire) || ! empty($user->rights->salaries->read) || ! empty($user->rights->fournisseur->facture->lire) || ! empty($user->rights->loan->read)),
'module'=>'facture|supplier_invoice|don|tax|salaries|loan');
$showmode=isVisibleToUserType($type_user, $tmpentry, $listofmodulesforexternal);
if ($showmode)
@ -883,7 +883,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu
{
global $mysoc;
$permtoshowmenu=((! empty($conf->tax->enabled) && $user->rights->tax->charges->lire) || (! empty($conf->salaries->enabled) && $user->rights->salaries->read) || (! empty($conf->loan->enabled) && $user->rights->loan->read) || (! empty($conf->banque->enabled) && $user->rights->banque->lire));
$permtoshowmenu=((! empty($conf->tax->enabled) && $user->rights->tax->charges->lire) || (! empty($conf->salaries->enabled) && ! empty($user->rights->salaries->read)) || (! empty($conf->loan->enabled) && $user->rights->loan->read) || (! empty($conf->banque->enabled) && $user->rights->banque->lire));
$newmenu->add("/compta/charges/index.php?leftmenu=tax&amp;mainmenu=billing",$langs->trans("MenuSpecialExpenses"), 0, $permtoshowmenu, '', $mainmenu, 'tax');
// Social contributions
@ -931,10 +931,10 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu
if (! empty($conf->salaries->enabled))
{
$langs->load("salaries");
$newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary&amp;mainmenu=billing",$langs->trans("Salaries"),1,$user->rights->salaries->payment->read, '', $mainmenu, 'tax_salary');
if ($usemenuhider || empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/card.php?leftmenu=tax_salary&action=create",$langs->trans("NewPayment"),2,$user->rights->salaries->payment->write);
if ($usemenuhider || empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary",$langs->trans("Payments"),2,$user->rights->salaries->payment->read);
if ($usemenuhider || empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/stats/index.php?leftmenu=tax_salary", $langs->trans("Statistics"),2,$user->rights->salaries->payment->read);
$newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary&amp;mainmenu=billing",$langs->trans("Salaries"),1,$user->rights->salaries->read, '', $mainmenu, 'tax_salary');
if ($usemenuhider || empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/card.php?leftmenu=tax_salary&action=create",$langs->trans("NewPayment"),2,$user->rights->salaries->write);
if ($usemenuhider || empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary",$langs->trans("Payments"),2,$user->rights->salaries->read);
if ($usemenuhider || empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/stats/index.php?leftmenu=tax_salary", $langs->trans("Statistics"),2,$user->rights->salaries->read);
}
// Loan

37
htdocs/core/modules/modSalaries.class.php
View File

@ -50,7 +50,7 @@ class modSalaries extends DolibarrModules
$this->db = $db;
$this->numero = 510; // Perms from 501..519
$this->family = "hr";
$this->family = "compta";
// Module label (no space allowed), used if translation string 'ModuleXXXName' not found (where XXX is value of numeric property 'numero' of module)
$this->name = preg_replace('/^mod/i','',get_class($this));
// Module description used if translation string 'ModuleXXXDesc' not found (where XXX is value of numeric property 'numero' of module)
@ -97,55 +97,32 @@ class modSalaries extends DolibarrModules
$r=0;
$r++;
$this->rights[$r][0] = 501;
$this->rights[$r][1] = 'Read employee contracts/salaries';
$this->rights[$r][0] = 511;
$this->rights[$r][1] = 'Read payments of employee salaries';
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'read';
$this->rights[$r][5] = '';
$r++;
$this->rights[$r][0] = 502;
$this->rights[$r][1] = 'Create/modify employee contracts/salaries';
$this->rights[$r][0] = 512;
$this->rights[$r][1] = 'Create/modify payments of empoyee salaries';
$this->rights[$r][2] = 'w';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'write';
$this->rights[$r][5] = '';
$r++;
$this->rights[$r][0] = 511;
$this->rights[$r][1] = 'Read payment of salaries';
$this->rights[$r][2] = 'w';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'payment';
$this->rights[$r][5] = 'read';
$r++;
$this->rights[$r][0] = 512;
$this->rights[$r][1] = 'Create/modify payment of salaries';
$this->rights[$r][2] = 'w';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'payment';
$this->rights[$r][5] = 'write';
$r++;
$this->rights[$r][0] = 514;
$this->rights[$r][1] = 'Delete contracts/salaries';
$this->rights[$r][1] = 'Delete payments of employee salary';
$this->rights[$r][2] = 'd';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'delete';
$this->rights[$r][5] = '';
$this->rights[$r][0] = 515;
$this->rights[$r][1] = 'Read all salaries';
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'payment';
$this->rights[$r][5] = 'readall';
$r++;
$this->rights[$r][0] = 517;
$this->rights[$r][1] = 'Export employee contracts and salaries payments';
$this->rights[$r][1] = 'Export payments of employee salaries';
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'export';

8
htdocs/langs/en_US/admin.lang
View File

@ -789,11 +789,9 @@ Permission401=Read discounts
Permission402=Create/modify discounts
Permission403=Validate discounts
Permission404=Delete discounts
Permission501=Read employee contracts/salaries
Permission502=Create/modify employee contracts/salaries
Permission511=Read payment of salaries
Permission512=Create/modify payment of salaries
Permission514=Delete salaries
Permission511=Read payments of salaries
Permission512=Create/modify payments of salaries
Permission514=Delete payments of salaries
Permission517=Export salaries
Permission520=Read Loans
Permission522=Create/modify loans

9
htdocs/user/bank.php
View File

@ -48,13 +48,12 @@ $cancel = GETPOST('cancel','alpha');
$socid=0;
if ($user->societe_id > 0) $socid = $user->societe_id;
$feature2 = (($socid && $user->rights->user->self->creer)?'':'user');
// Ok if user->rights->salaries->read or user->rights->salaries->payment->write or user->rights->hrm->read
// Ok if user->rights->salaries->read or user->rights->hrm->read
//$result = restrictedArea($user, 'salaries|hrm', $id, 'user&user', $feature2);
$ok=false;
if ($user->id == $id) $ok=true; // A user can always read its own card
if ($user->rights->salaries->read) $ok=true;
if ($user->rights->salaries->payment->write) $ok=true;
if ($user->rights->hrm->read) $ok=true;
if (! empty($user->rights->salaries->read)) $ok=true;
if (! empty($user->rights->hrm->read)) $ok=true;
if (! $ok)
{
accessforbidden();
@ -293,7 +292,7 @@ if ($action != 'edit' && $action != 'create') // If not bank account yet, $acco
* Last salaries
*/
if (! empty($conf->salaries->enabled) &&
($user->rights->salaries->read || ($user->rights->salaries->read && $object->id == $user->id))
($user->rights->salaries->read && $object->id == $user->id)
)
{
$salary = new PaymentSalary($db);