Fix permission on page to set resource of an object

htdocs/comm/action/document.php

@@ -201,9 +201,9 @@ if ($object->id > 0) {
 	// Date start
 	print '<tr><td>'.$langs->trans("DateActionStart").'</td><td colspan="3">';
 	if (!$object->fulldayevent) {
-		print dol_print_date($object->datep, 'dayhour');
+		print dol_print_date($object->datep, 'dayhour', 'tzuser');
 	} else {
-		print dol_print_date($object->datep, 'day');
+		print dol_print_date($object->datep, 'day', 'tzuser');
 	}
 	if ($object->percentage == 0 && $object->datep && $object->datep < ($now - $delay_warning)) {
 		print img_warning($langs->trans("Late"));
@@ -214,9 +214,9 @@ if ($object->id > 0) {
 	// Date end
 	print '<tr><td>'.$langs->trans("DateActionEnd").'</td><td colspan="3">';
 	if (!$object->fulldayevent) {
-		print dol_print_date($object->datef, 'dayhour');
+		print dol_print_date($object->datef, 'dayhour', 'tzuser');
 	} else {
-		print dol_print_date($object->datef, 'day');
+		print dol_print_date($object->datef, 'day', 'tzuser');
 	}
 	if ($object->percentage > 0 && $object->percentage < 100 && $object->datef && $object->datef < ($now - $delay_warning)) {
 		print img_warning($langs->trans("Late"));

htdocs/fichinter/card.php

@@ -66,6 +66,8 @@ $originid = (GETPOST('originid', 'int') ?GETPOST('originid', 'int') : GETPOST('o
 $note_public = GETPOST('note_public', 'restricthtml');
 $lineid = GETPOST('line_id', 'int');
 
+$error = 0;
+
 //PDF
 $hidedetails = (GETPOST('hidedetails', 'int') ? GETPOST('hidedetails', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS) ? 1 : 0));
 $hidedesc = (GETPOST('hidedesc', 'int') ? GETPOST('hidedesc', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 1 : 0));
@@ -99,8 +101,6 @@ $result = restrictedArea($user, 'ficheinter', $id, 'fichinter');
 $permissionnote = $user->rights->ficheinter->creer; // Used by the include of actions_setnotes.inc.php
 $permissiondellink = $user->rights->ficheinter->creer; // Used by the include of actions_dellink.inc.php
 
-$error = 0;
-
 
 /*
  * Actions

htdocs/resource/element_resource.php

@@ -77,6 +77,18 @@ if ($socid > 0) { // Special for thirdparty
 }
 
 // Permission is not permission on resources. We just make link here on objects.
+if ($element == 'action') {
+	$result = restrictedArea($user, 'agenda', $element_id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
+}
+if ($element == 'fichinter') {
+	$result = restrictedArea($user, 'ficheinter', $element_id, 'fichinter');
+}
+if ($element == 'product' || $element == 'service') {	// When RESOURCE_ON_PRODUCTS or RESOURCE_ON_SERVICES is set
+	$tmpobject = new Product($db);
+	$tmpobject->fetch($element_id);
+	$fieldtype = $tmpobject->type;
+	$result = restrictedArea($user, 'produit|service', $element_id, 'product&product', '', '', $fieldtype);
+}
 
 
 /*
@@ -371,9 +383,9 @@ if (!$ret) {
 			// Date start
 			print '<tr><td>'.$langs->trans("DateActionStart").'</td><td colspan="3">';
 			if (!$act->fulldayevent) {
-				print dol_print_date($act->datep, 'dayhour');
+				print dol_print_date($act->datep, 'dayhour', 'tzuser');
 			} else {
-				print dol_print_date($act->datep, 'day');
+				print dol_print_date($act->datep, 'day', 'tzuser');
 			}
 			if ($act->percentage == 0 && $act->datep && $act->datep < ($now - $delay_warning)) {
 				print img_warning($langs->trans("Late"));
@@ -384,9 +396,9 @@ if (!$ret) {
 			// Date end
 			print '<tr><td>'.$langs->trans("DateActionEnd").'</td><td colspan="3">';
 			if (!$act->fulldayevent) {
-				print dol_print_date($act->datef, 'dayhour');
+				print dol_print_date($act->datef, 'dayhour', 'tzuser');
 			} else {
-				print dol_print_date($act->datef, 'day');
+				print dol_print_date($act->datef, 'day', 'tzuser');
 			}
 			if ($act->percentage > 0 && $act->percentage < 100 && $act->datef && $act->datef < ($now - $delay_warning)) {
 				print img_warning($langs->trans("Late"));