From 12df7b6ab904bdcb11dcf5b818528fcfc3e3a7a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sun, 9 Apr 2017 18:09:08 +0200 Subject: [PATCH] FIX #6679 User with restricted supplier invoice permissions can edit project, payment conditions, payment mode Close #6679 --- htdocs/fourn/facture/card.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 2a1f1dab8bc..d91f341b278 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -870,7 +870,7 @@ if (empty($reshook)) $action = ''; } - elseif ($action == 'classin') + elseif ($action == 'classin' && $user->rights->fournisseur->facture->creer) { $object->fetch($id); $result=$object->setProject($projectid); @@ -1844,7 +1844,9 @@ else print ''; + if ($action != 'editconditions' && $user->rights->fournisseur->facture->creer) { + print ''; + } print '
'; print $langs->trans('PaymentConditions'); print ''; - if ($action != 'editconditions') print 'id.'">'.img_edit($langs->trans('SetConditions'),1).'id.'">'.img_edit($langs->trans('SetConditions'),1).'
'; print ''; if ($action == 'editconditions') @@ -1864,7 +1866,9 @@ else print ''; - if ($action != 'editmode') print ''; + if ($action != 'editmode' && $user->rights->fournisseur->facture->creer) { + print ''; + } print '
'; print $langs->trans('PaymentMode'); print 'id.'">'.img_edit($langs->trans('SetMode'),1).'id.'">'.img_edit($langs->trans('SetMode'),1).'
'; print ''; if ($action == 'editmode') @@ -1994,7 +1998,7 @@ else print ''; - if ($action != 'classify') + if ($action != 'classify' && $user->rights->fournisseur->facture->creer) { print '
'; print $langs->trans('Project'); print 'id.'">'; print img_edit($langs->trans('SetProject'),1);