Merge branch '9.0' of git@github.com:Dolibarr/dolibarr.git into 10.0
Conflicts: htdocs/expensereport/list.php htdocs/holiday/list.php
This commit is contained in:
Laurent Destailleur
commit
1dc247705d
@ -47,10 +47,25 @@ $confirm=GETPOST('confirm', 'alpha');
|
||||
$toselect = GETPOST('toselect', 'array');
|
||||
$contextpage=GETPOST('contextpage', 'aZ')?GETPOST('contextpage', 'aZ'):'expensereportlist';
|
||||
|
||||
$childids = $user->getAllChildIds(1);
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST('socid', 'int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'expensereport', '', '');
|
||||
$id = GETPOST('id', 'int');
|
||||
// If we are on the view of a specific user
|
||||
if ($id > 0)
|
||||
{
|
||||
$canread=0;
|
||||
if ($id == $user->id) $canread=1;
|
||||
if (! empty($user->rights->expensereport->readall)) $canread=1;
|
||||
if (! empty($user->rights->expensereport->lire) && in_array($id, $childids)) $canread=1;
|
||||
if (! $canread)
|
||||
{
|
||||
accessforbidden();
|
||||
}
|
||||
}
|
||||
|
||||
$diroutputmassaction=$conf->expensereport->dir_output . '/temp/massgeneration/'.$user->id;
|
||||
|
||||
@ -67,7 +82,6 @@ $pagenext = $page + 1;
|
||||
if (!$sortorder) $sortorder="DESC";
|
||||
if (!$sortfield) $sortfield="d.date_debut";
|
||||
|
||||
$id = GETPOST('id', 'int');
|
||||
|
||||
$sall = trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml'));
|
||||
$search_ref = GETPOST('search_ref', 'alpha');
|
||||
@ -291,7 +305,6 @@ if ($search_status != '' && $search_status >= 0) $sql.=" AND d.fk_statut IN (".$
|
||||
if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous)
|
||||
&& (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->expensereport->writeall_advance)))
|
||||
{
|
||||
$childids = $user->getAllChildIds(1);
|
||||
$sql.= " AND d.fk_user_author IN (".join(',', $childids).")\n";
|
||||
}
|
||||
// Add where from extra fields
|
||||
|
||||
@ -61,6 +61,18 @@ if ($user->societe_id > 0) // Protection if external user
|
||||
}
|
||||
$result = restrictedArea($user, 'holiday', $id, '');
|
||||
$id = GETPOST('id', 'int');
|
||||
// If we are on the view of a specific user
|
||||
if ($id > 0)
|
||||
{
|
||||
$canread=0;
|
||||
if ($id == $user->id) $canread=1;
|
||||
if (! empty($user->rights->holiday->read_all)) $canread=1;
|
||||
if (! empty($user->rights->holiday->read) && in_array($id, $childids)) $canread=1;
|
||||
if (! $canread)
|
||||
{
|
||||
accessforbidden();
|
||||
}
|
||||
}
|
||||
|
||||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
|
||||
|
||||
@ -199,6 +199,15 @@ delete from llx_element_element where sourcetype='commande' and fk_source not in
|
||||
DELETE FROM llx_actioncomm_resources WHERE fk_actioncomm not in (select id from llx_actioncomm);
|
||||
|
||||
|
||||
-- Fix link on parent that were removed
|
||||
DROP table tmp_user;
|
||||
CREATE TABLE tmp_user as (select * from llx_user);
|
||||
UPDATE llx_user SET fk_user = NULL where fk_user NOT IN (select rowid from tmp_user);
|
||||
|
||||
|
||||
update llx_user set fk_user = null where fk_user not in (select rowid from llx_user);
|
||||
|
||||
|
||||
UPDATE llx_product SET canvas = NULL where canvas = 'default@product';
|
||||
UPDATE llx_product SET canvas = NULL where canvas = 'service@product';
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user