From 85740a618ebf64d40b65b9d20da9675f467ba706 Mon Sep 17 00:00:00 2001 From: gauthier Date: Mon, 6 Jun 2016 16:21:05 +0200 Subject: [PATCH 1/3] NEW : add restrictions on standard exports (societe, propal, expedition) --- htdocs/core/modules/modExpedition.class.php | 4 +++- htdocs/core/modules/modPropale.class.php | 4 +++- htdocs/core/modules/modSociete.class.php | 7 +++++-- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/htdocs/core/modules/modExpedition.class.php b/htdocs/core/modules/modExpedition.class.php index 4f7baff0c64..26dbfc5a803 100644 --- a/htdocs/core/modules/modExpedition.class.php +++ b/htdocs/core/modules/modExpedition.class.php @@ -43,7 +43,7 @@ class modExpedition extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 80; @@ -257,6 +257,7 @@ class modExpedition extends DolibarrModules $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'expedition as c'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'expedition_extrafields as extra ON c.rowid = extra.fk_object,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'societe as s'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'expeditiondet as ed'; @@ -271,6 +272,7 @@ class modExpedition extends DolibarrModules } $this->export_sql_end[$r] .=' WHERE c.fk_soc = s.rowid AND c.rowid = ed.fk_expedition AND ed.fk_origin_line = cd.rowid'; $this->export_sql_end[$r] .=' AND c.entity IN ('.getEntity('shipment',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; } diff --git a/htdocs/core/modules/modPropale.class.php b/htdocs/core/modules/modPropale.class.php index 32ebb340e71..dd8f819c5eb 100644 --- a/htdocs/core/modules/modPropale.class.php +++ b/htdocs/core/modules/modPropale.class.php @@ -43,7 +43,7 @@ class modPropale extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 20; @@ -184,6 +184,7 @@ class modPropale extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s '; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'propal as c'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON c.fk_projet = pj.rowid'; @@ -196,6 +197,7 @@ class modPropale extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'product_extrafields as extra3 on p.rowid = extra3.fk_object'; $this->export_sql_end[$r] .=' WHERE c.fk_soc = s.rowid AND c.rowid = cd.fk_propal'; $this->export_sql_end[$r] .=' AND c.entity IN ('.getEntity('propal',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; } diff --git a/htdocs/core/modules/modSociete.class.php b/htdocs/core/modules/modSociete.class.php index baf680f0352..ec60d7aafeb 100644 --- a/htdocs/core/modules/modSociete.class.php +++ b/htdocs/core/modules/modSociete.class.php @@ -43,7 +43,7 @@ class modSociete extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 1; @@ -274,7 +274,8 @@ class modSociete extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_stcomm as st ON s.fk_stcomm = st.id'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid LEFT JOIN '.MAIN_DB_PREFIX.'user as u ON sc.fk_user = u.rowid'; $this->export_sql_end[$r] .=' WHERE s.entity IN ('.getEntity('societe', 1).')'; - + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; + // Export list of contacts and attributes $r++; $this->export_code[$r]=$this->rights_class.'_'.$r; @@ -295,10 +296,12 @@ class modSociete extends DolibarrModules $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'socpeople as c'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON c.fk_soc = s.rowid'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON c.fk_departement = d.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON c.fk_pays = co.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'socpeople_extrafields as extra ON extra.fk_object = c.rowid'; $this->export_sql_end[$r] .=' WHERE c.entity IN ('.getEntity("societe", 1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; // Imports From a2df6dc59f66c4b24e5c2570c6b23f637b119ebe Mon Sep 17 00:00:00 2001 From: gauthier Date: Mon, 6 Jun 2016 17:51:39 +0200 Subject: [PATCH 2/3] NEW : add restrictions on standard exports (agenda, order, deplacement, facture, fournisseur) --- htdocs/core/modules/modAgenda.class.php | 6 +++++- htdocs/core/modules/modCommande.class.php | 4 +++- htdocs/core/modules/modDeplacement.class.php | 10 +++++++++- htdocs/core/modules/modFacture.class.php | 6 +++++- htdocs/core/modules/modFournisseur.class.php | 8 +++++++- 5 files changed, 29 insertions(+), 5 deletions(-) diff --git a/htdocs/core/modules/modAgenda.class.php b/htdocs/core/modules/modAgenda.class.php index 0d0720d7440..b4e12ab3c5a 100644 --- a/htdocs/core/modules/modAgenda.class.php +++ b/htdocs/core/modules/modAgenda.class.php @@ -44,7 +44,7 @@ class modAgenda extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 2400; @@ -392,10 +392,14 @@ class modAgenda extends DolibarrModules $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'actioncomm as ac'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_actioncomm as cac on ac.fk_action = cac.id'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'actioncomm_resources acr on ac.id = acr.fk_actioncomm'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'socpeople as sp on ac.fk_contact = sp.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s on ac.fk_soc = s.rowid'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co on s.fk_pays = co.rowid'; $this->export_sql_end[$r] .=' WHERE ac.entity IN ('.getEntity('agenda',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND (sc.fk_user = '.$user->id.' OR ac.fk_soc IS NULL)'; + if(!$user->rights->agenda->allactions->read) $this->export_sql_end[$r] .=' AND acr.fk_element = '.$user->id; $this->export_sql_end[$r] .=' ORDER BY ac.datep'; } diff --git a/htdocs/core/modules/modCommande.class.php b/htdocs/core/modules/modCommande.class.php index ec11708641c..be644dca471 100644 --- a/htdocs/core/modules/modCommande.class.php +++ b/htdocs/core/modules/modCommande.class.php @@ -45,7 +45,7 @@ class modCommande extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 25; @@ -191,6 +191,7 @@ class modCommande extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'commande as c'; @@ -204,6 +205,7 @@ class modCommande extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'product_extrafields as extra3 on p.rowid = extra3.fk_object'; $this->export_sql_end[$r] .=' WHERE c.fk_soc = s.rowid AND c.rowid = cd.fk_commande'; $this->export_sql_end[$r] .=' AND c.entity IN ('.getEntity('commande',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; } diff --git a/htdocs/core/modules/modDeplacement.class.php b/htdocs/core/modules/modDeplacement.class.php index 19ef73f37bc..d1fa2e4ad33 100644 --- a/htdocs/core/modules/modDeplacement.class.php +++ b/htdocs/core/modules/modDeplacement.class.php @@ -39,7 +39,7 @@ class modDeplacement extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 75 ; @@ -124,8 +124,16 @@ class modDeplacement extends DolibarrModules $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'user as u'; $this->export_sql_end[$r] .=', '.MAIN_DB_PREFIX.'deplacement as d'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON d.fk_soc = s.rowid'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' WHERE d.fk_user = u.rowid'; $this->export_sql_end[$r] .=' AND d.entity IN ('.getEntity('deplacement',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND (sc.fk_user = '.$user->id.' OR d.fk_soc IS NULL)'; + + $childids = $user->getAllChildIds(); + $childids[]=$user->id; + + if (!$user->rights->deplacement->readall && !$user->rights->deplacement->lire_tous) $sql.=' AND d.fk_user IN ('.join(',',$childids).')'; + } diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index c4f9dc20243..b35af14ba6f 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -42,7 +42,7 @@ class modFacture extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 30; @@ -205,6 +205,7 @@ class modFacture extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c on s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON f.fk_projet = pj.rowid'; @@ -217,6 +218,7 @@ class modFacture extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'product_extrafields as extra3 on p.rowid = extra3.fk_object'; $this->export_sql_end[$r] .=' WHERE f.fk_soc = s.rowid AND f.rowid = fd.fk_facture'; $this->export_sql_end[$r] .=' AND f.entity IN ('.getEntity('facture',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; $r++; $this->export_code[$r]=$this->rights_class.'_'.$r; @@ -232,6 +234,7 @@ class modFacture extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c on s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON f.fk_projet = pj.rowid'; @@ -245,6 +248,7 @@ class modFacture extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON ba.rowid = b.fk_account'; $this->export_sql_end[$r] .=' WHERE f.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' AND f.entity IN ('.getEntity('facture',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; $r++; } diff --git a/htdocs/core/modules/modFournisseur.class.php b/htdocs/core/modules/modFournisseur.class.php index 3cf63b6cfb9..5bc4bddd8cf 100644 --- a/htdocs/core/modules/modFournisseur.class.php +++ b/htdocs/core/modules/modFournisseur.class.php @@ -42,7 +42,7 @@ class modFournisseur extends DolibarrModules */ function __construct($db) { - global $conf; + global $conf, $user; $this->db = $db; $this->numero = 40; @@ -366,6 +366,7 @@ class modFournisseur extends DolibarrModules // End add extra fields line $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c ON s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture_fourn as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as project on (f.fk_projet = project.rowid)'; @@ -375,6 +376,7 @@ class modFournisseur extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'product as p on (fd.fk_product = p.rowid)'; $this->export_sql_end[$r] .=' WHERE f.fk_soc = s.rowid AND f.rowid = fd.fk_facture_fourn'; $this->export_sql_end[$r] .=' AND f.entity IN ('.getEntity('supplier_invoice',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; $r++; $this->export_code[$r]=$this->rights_class.'_'.$r; @@ -428,6 +430,7 @@ class modFournisseur extends DolibarrModules // End add extra fields object $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c ON s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture_fourn as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as project on (f.fk_projet = project.rowid)'; @@ -436,6 +439,7 @@ class modFournisseur extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn as p ON pf.fk_paiementfourn = p.rowid'; $this->export_sql_end[$r] .=' WHERE f.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' AND f.entity IN ('.getEntity('supplier_invoice',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; // Order $r++; @@ -532,6 +536,7 @@ class modFournisseur extends DolibarrModules // End add extra fields line $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; + $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c ON s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'commande_fournisseur as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as project on (f.fk_projet = project.rowid)'; @@ -543,6 +548,7 @@ class modFournisseur extends DolibarrModules $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'product as p on (fd.fk_product = p.rowid)'; $this->export_sql_end[$r] .=' WHERE f.fk_soc = s.rowid AND f.rowid = fd.fk_commande'; $this->export_sql_end[$r] .=' AND f.entity IN ('.getEntity('supplier_order',1).')'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND sc.fk_user = '.$user->id; } From 2aa688e6f2e68e7d9670cb2bd3732a84c827815b Mon Sep 17 00:00:00 2001 From: gauthier Date: Tue, 7 Jun 2016 09:39:48 +0200 Subject: [PATCH 3/3] NEW : tests for LEFT JOIN --- htdocs/core/modules/modAgenda.class.php | 4 ++-- htdocs/core/modules/modCommande.class.php | 2 +- htdocs/core/modules/modDeplacement.class.php | 2 +- htdocs/core/modules/modExpedition.class.php | 2 +- htdocs/core/modules/modFacture.class.php | 4 ++-- htdocs/core/modules/modFournisseur.class.php | 6 +++--- htdocs/core/modules/modPropale.class.php | 2 +- htdocs/core/modules/modSociete.class.php | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/htdocs/core/modules/modAgenda.class.php b/htdocs/core/modules/modAgenda.class.php index b4e12ab3c5a..8224673f1a2 100644 --- a/htdocs/core/modules/modAgenda.class.php +++ b/htdocs/core/modules/modAgenda.class.php @@ -392,10 +392,10 @@ class modAgenda extends DolibarrModules $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'actioncomm as ac'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_actioncomm as cac on ac.fk_action = cac.id'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'actioncomm_resources acr on ac.id = acr.fk_actioncomm'; + if(!$user->rights->agenda->allactions->read) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'actioncomm_resources acr on ac.id = acr.fk_actioncomm'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'socpeople as sp on ac.fk_contact = sp.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s on ac.fk_soc = s.rowid'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co on s.fk_pays = co.rowid'; $this->export_sql_end[$r] .=' WHERE ac.entity IN ('.getEntity('agenda',1).')'; if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND (sc.fk_user = '.$user->id.' OR ac.fk_soc IS NULL)'; diff --git a/htdocs/core/modules/modCommande.class.php b/htdocs/core/modules/modCommande.class.php index be644dca471..7d38a427e1c 100644 --- a/htdocs/core/modules/modCommande.class.php +++ b/htdocs/core/modules/modCommande.class.php @@ -191,7 +191,7 @@ class modCommande extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'commande as c'; diff --git a/htdocs/core/modules/modDeplacement.class.php b/htdocs/core/modules/modDeplacement.class.php index d1fa2e4ad33..c1e9c092ff6 100644 --- a/htdocs/core/modules/modDeplacement.class.php +++ b/htdocs/core/modules/modDeplacement.class.php @@ -124,7 +124,7 @@ class modDeplacement extends DolibarrModules $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'user as u'; $this->export_sql_end[$r] .=', '.MAIN_DB_PREFIX.'deplacement as d'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON d.fk_soc = s.rowid'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' WHERE d.fk_user = u.rowid'; $this->export_sql_end[$r] .=' AND d.entity IN ('.getEntity('deplacement',1).')'; if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' AND (sc.fk_user = '.$user->id.' OR d.fk_soc IS NULL)'; diff --git a/htdocs/core/modules/modExpedition.class.php b/htdocs/core/modules/modExpedition.class.php index 26dbfc5a803..189d31265a4 100644 --- a/htdocs/core/modules/modExpedition.class.php +++ b/htdocs/core/modules/modExpedition.class.php @@ -257,7 +257,7 @@ class modExpedition extends DolibarrModules $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'expedition as c'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'expedition_extrafields as extra ON c.rowid = extra.fk_object,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'societe as s'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'expeditiondet as ed'; diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index b35af14ba6f..794032c59f5 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -205,7 +205,7 @@ class modFacture extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c on s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON f.fk_projet = pj.rowid'; @@ -234,7 +234,7 @@ class modFacture extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c on s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON f.fk_projet = pj.rowid'; diff --git a/htdocs/core/modules/modFournisseur.class.php b/htdocs/core/modules/modFournisseur.class.php index 5bc4bddd8cf..794b6cb50ff 100644 --- a/htdocs/core/modules/modFournisseur.class.php +++ b/htdocs/core/modules/modFournisseur.class.php @@ -366,7 +366,7 @@ class modFournisseur extends DolibarrModules // End add extra fields line $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c ON s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture_fourn as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as project on (f.fk_projet = project.rowid)'; @@ -430,7 +430,7 @@ class modFournisseur extends DolibarrModules // End add extra fields object $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c ON s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'facture_fourn as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as project on (f.fk_projet = project.rowid)'; @@ -536,7 +536,7 @@ class modFournisseur extends DolibarrModules // End add extra fields line $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as c ON s.fk_pays = c.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'commande_fournisseur as f'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as project on (f.fk_projet = project.rowid)'; diff --git a/htdocs/core/modules/modPropale.class.php b/htdocs/core/modules/modPropale.class.php index dd8f819c5eb..e9fe448baf7 100644 --- a/htdocs/core/modules/modPropale.class.php +++ b/htdocs/core/modules/modPropale.class.php @@ -184,7 +184,7 @@ class modPropale extends DolibarrModules include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'societe as s '; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,'; $this->export_sql_end[$r] .=' '.MAIN_DB_PREFIX.'propal as c'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON c.fk_projet = pj.rowid'; diff --git a/htdocs/core/modules/modSociete.class.php b/htdocs/core/modules/modSociete.class.php index ec60d7aafeb..c238470ce6f 100644 --- a/htdocs/core/modules/modSociete.class.php +++ b/htdocs/core/modules/modSociete.class.php @@ -296,7 +296,7 @@ class modSociete extends DolibarrModules $this->export_sql_start[$r]='SELECT DISTINCT '; $this->export_sql_end[$r] =' FROM '.MAIN_DB_PREFIX.'socpeople as c'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON c.fk_soc = s.rowid'; - $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; + if(!$user->rights->societe->client->voir) $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'societe_commerciaux as sc ON sc.fk_soc = s.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON c.fk_departement = d.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON c.fk_pays = co.rowid'; $this->export_sql_end[$r] .=' LEFT JOIN '.MAIN_DB_PREFIX.'socpeople_extrafields as extra ON extra.fk_object = c.rowid';