ADD check user's rights
This commit is contained in:
Inovea Conseil
parent
d8dd658ec1
commit
30cff2bb36
@ -4,7 +4,8 @@
|
||||
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@capnetworks.com>
|
||||
* Copyright (C) 2011-2017 Juanjo Menent <jmenent@2byte.es>
|
||||
* Copyright (C) 2015 Marcos García <marcosgdf@gmail.com>
|
||||
*
|
||||
* Copyright (C) 2018 Nicolas ZABOURI <info@inovea-conseil.com>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
@ -1220,7 +1221,10 @@ class ActionComm extends CommonObject
|
||||
|
||||
if (! empty($conf->dol_no_mouse_hover)) $notooltip=1; // Force disable tooltips
|
||||
|
||||
$label = $this->label;
|
||||
if ((!$user->rights->agenda->allactions->read && $this->author->id != $user->id) || (!$user->rights->agenda->myactions->read && $this->author->id == $user->id))
|
||||
$option = 'nolink';
|
||||
|
||||
$label = $this->label;
|
||||
if (empty($label)) $label=$this->libelle; // For backward compatibility
|
||||
|
||||
$result='';
|
||||
@ -1286,6 +1290,10 @@ class ActionComm extends CommonObject
|
||||
$linkstart.=$linkclose.'>';
|
||||
$linkend='</a>';
|
||||
|
||||
if ($option == 'nolink') {
|
||||
$linkstart = '';
|
||||
$linkend = '';
|
||||
}
|
||||
//print 'rrr'.$this->libelle.'rrr'.$this->label.'rrr'.$withpicto;
|
||||
|
||||
if ($withpicto == 2)
|
||||
|
||||
@ -3422,6 +3422,9 @@ class Commande extends CommonOrder
|
||||
if (! empty($conf->expedition->enabled) && ($option == '1' || $option == '2')) $url = DOL_URL_ROOT.'/expedition/shipment.php?id='.$this->id;
|
||||
else $url = DOL_URL_ROOT.'/commande/card.php?id='.$this->id;
|
||||
|
||||
if (!$user->rights->commande->lire)
|
||||
$option = 'nolink';
|
||||
|
||||
if ($option !== 'nolink')
|
||||
{
|
||||
// Add param to save lastsearch_values or not
|
||||
@ -3465,6 +3468,11 @@ class Commande extends CommonOrder
|
||||
$linkstart.=$linkclose.'>';
|
||||
$linkend='</a>';
|
||||
|
||||
if ($option == 'nolink') {
|
||||
$linkstart = '';
|
||||
$linkend = '';
|
||||
}
|
||||
|
||||
$result .= $linkstart;
|
||||
if ($withpicto) $result.=img_object(($notooltip?'':$label), $this->picto, ($notooltip?(($withpicto != 2) ? 'class="paddingright"' : ''):'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip?0:1);
|
||||
if ($withpicto != 2) $result.= $this->ref;
|
||||
|
||||
@ -1301,13 +1301,17 @@ class Account extends CommonObject
|
||||
*/
|
||||
function getNomUrl($withpicto=0, $mode='', $option='', $save_lastsearch_value=-1, $notooltip=0)
|
||||
{
|
||||
global $conf, $langs;
|
||||
global $conf, $langs, $user;
|
||||
|
||||
$result='';
|
||||
$label = '<u>' . $langs->trans("ShowAccount") . '</u>';
|
||||
$label .= '<br><b>' . $langs->trans('BankAccount') . ':</b> ' . $this->label;
|
||||
$label .= '<br><b>' . $langs->trans('AccountNumber') . ':</b> ' . $this->number;
|
||||
$label .= '<br><b>' . $langs->trans("AccountCurrency") . ':</b> ' . $this->currency_code;
|
||||
|
||||
if (!$user->rights->accounting->read || !empty($user->socid))
|
||||
$option = 'nolink';
|
||||
|
||||
if (! empty($conf->accounting->enabled))
|
||||
{
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
|
||||
@ -1338,6 +1342,11 @@ class Account extends CommonObject
|
||||
$linkstart = '<a href="'.$url.$linkclose;
|
||||
$linkend = '</a>';
|
||||
|
||||
if ($option == 'nolink') {
|
||||
$linkstart = '';
|
||||
$linkend = '';
|
||||
}
|
||||
|
||||
$result .= $linkstart;
|
||||
if ($withpicto) $result.=img_object(($notooltip?'':$label), $this->picto, ($notooltip?(($withpicto != 2) ? 'class="paddingright"' : ''):'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip?0:1);
|
||||
if ($withpicto != 2) $result.= $this->ref.($option == 'reflabel' && $this->label ? ' - '.$this->label : '');
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -2136,10 +2136,12 @@ class User extends CommonObject
|
||||
*/
|
||||
function getNomUrl($withpictoimg=0, $option='', $infologin=0, $notooltip=0, $maxlen=24, $hidethirdpartylogo=0, $mode='',$morecss='', $save_lastsearch_value=-1)
|
||||
{
|
||||
global $langs, $conf, $db, $hookmanager;
|
||||
global $langs, $conf, $db, $hookmanager, $user;
|
||||
global $dolibarr_main_authentication, $dolibarr_main_demo;
|
||||
global $menumanager;
|
||||
|
||||
if(!$user->rights->user->user->lire && $user->id !=$this->id) $option='nolink';
|
||||
|
||||
if (! empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER) && $withpictoimg) $withpictoimg=0;
|
||||
|
||||
$result=''; $label='';
|
||||
@ -2271,18 +2273,27 @@ class User extends CommonObject
|
||||
*/
|
||||
function getLoginUrl($withpicto=0,$option='')
|
||||
{
|
||||
global $langs;
|
||||
global $langs, $user;
|
||||
|
||||
$result='';
|
||||
|
||||
$linkstart = '<a href="'.DOL_URL_ROOT.'/user/card.php?id='.$this->id.'">';
|
||||
$linkend='</a>';
|
||||
|
||||
//Check user's rights to see an other user
|
||||
if((!$user->rights->user->user->lire && $this->id !=$user->id)) $option='nolink';
|
||||
|
||||
if ($option == 'xxx')
|
||||
{
|
||||
$linkstart = '<a href="'.DOL_URL_ROOT.'/user/card.php?id='.$this->id.'">';
|
||||
$linkend='</a>';
|
||||
}
|
||||
|
||||
if ($option == 'nolink')
|
||||
{
|
||||
$linkstart = '';
|
||||
$linkend='';
|
||||
}
|
||||
|
||||
$result.=$linkstart;
|
||||
if ($withpicto) $result.=img_object($langs->trans("ShowUser"), 'user', 'class="paddingright"');
|
||||
|
||||
Loading…
Reference in New Issue
Block a user