Ajout de la permission "consulter tous les clients" dans le module commercial, afin

qu'un commercial puisse voir que les clients qui lui sont affect�s.

htdocs/comm/contact.php

@@ -84,11 +84,14 @@ if ($type == "f")
  */
 
 $sql = "SELECT s.idp, s.nom,  st.libelle as stcomm";
-$sql .= ", p.idp as cidp, p.name, p.firstname, p.email, p.phone ";
+$sql .= ", p.idp as cidp, p.name, p.firstname, p.email, p.phone";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
 $sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
 $sql .= " , ".MAIN_DB_PREFIX."socpeople as p";
 $sql .= " , ".MAIN_DB_PREFIX."c_stcomm as st";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 $sql .= " WHERE s.fk_stcomm = st.id AND s.idp = p.fk_soc";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
 
 if ($type == "c") $sql .= " AND s.client = 1";
 if ($type == "p") $sql .= " AND s.client = 2";

htdocs/comm/prospect/index.php

@@ -1,6 +1,7 @@
 <?php
 /* Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (C) 2004-2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2005-2006 Regis Houssin        <regis.houssin@cap-networks.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -85,8 +86,11 @@ if ($conf->propal->enabled)
  */  
 
 $sql = "SELECT count(*) as cc, st.libelle, st.id";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
 $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st ";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 $sql .= " WHERE s.fk_stcomm = st.id AND s.client=2";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
 $sql .= " GROUP BY st.id";
 $sql .= " ORDER BY st.id";
 
@@ -123,8 +127,11 @@ if ($resql)
 if ($conf->propal->enabled && $user->rights->propale->lire)
 {
     $sql = "SELECT p.rowid, p.ref, p.price, s.nom";
+    if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
     $sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s";
+    if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
     $sql .= " WHERE p.fk_statut = 0 and p.fk_soc = s.idp";
+    if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
 
     $resql=$db->query($sql);
     if ($resql)
@@ -169,8 +176,11 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
 print '</td><td valign="top" width="70%" class="notopnoleftnoright">';
 
 $sql = "SELECT a.id, ".$db->pdate("a.datea")." as da, c.code, c.libelle, a.fk_user_author, s.nom as sname, s.idp";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
 $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a, ".MAIN_DB_PREFIX."c_actioncomm as c, ".MAIN_DB_PREFIX."societe as s";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 $sql .= " WHERE c.id=a.fk_action AND a.percent < 100 AND s.idp = a.fk_soc AND a.fk_user_action = $user->id";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
 $sql .= " ORDER BY a.datea DESC";
 
 $resql=$db->query($sql);
@@ -217,8 +227,11 @@ else
 if ($conf->propal->enabled && $user->rights->propale->lire)
 {
     $sql = "SELECT s.nom, s.idp, p.rowid as propalid, p.price, p.ref,".$db->pdate("p.datep")." as dp, c.label as statut, c.id as statutid";
+    if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
     $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."c_propalst as c";
+    if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
     $sql .= " WHERE p.fk_soc = s.idp AND p.fk_statut = c.id AND p.fk_statut = 1";
+    if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
     if ($socidp) $sql .= " AND s.idp = $socidp";
     $sql .= " ORDER BY p.rowid DESC";
     $sql .= $db->plimit(5, 0);
@@ -263,8 +276,11 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
  *
  */
 $sql = "SELECT s.nom, s.idp";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
 $sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 $sql .= " WHERE s.fk_stcomm = 1";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
 $sql .= " ORDER BY s.tms ASC";
 $sql .= $db->plimit(15, 0);
 

htdocs/comm/prospect/prospects.php

@@ -78,9 +78,12 @@ if ($_GET["action"] == 'cstc')
 
 $sql = "SELECT s.idp, s.nom, s.ville, ".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea,  st.libelle as stcomm, s.prefix_comm, s.fk_stcomm ";
 $sql .= ", d.nom as departement";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user";
 $sql .= " FROM ".MAIN_DB_PREFIX."c_stcomm as st, ".MAIN_DB_PREFIX."societe as s";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 $sql .= " LEFT join ".MAIN_DB_PREFIX."c_departements as d on d.rowid = s.fk_departement";
 $sql .= " WHERE s.fk_stcomm = st.id AND s.client=2";
+if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
 
 if (isset($_GET["stcomm"]))
 {