Merge pull request #22059 from ptibogxiv/patch-46
NEW private and public note on user.php
This commit is contained in:
Laurent Destailleur
GitHub
commit
3cc4bcbe17
@ -91,6 +91,8 @@ if ($module == 'propal') {
|
||||
$permission = $user->rights->produit->creer;
|
||||
} elseif ($module == 'ecmfiles') {
|
||||
$permission = $user->rights->ecm->setup;
|
||||
} elseif ($module == 'user') {
|
||||
$permission = $user->hasRight("user", "self", "write");
|
||||
}
|
||||
//else dol_print_error('','Bad value '.$module.' for param module');
|
||||
|
||||
|
||||
@ -142,3 +142,5 @@ CREATE TABLE llx_bank_extrafields
|
||||
)ENGINE=innodb;
|
||||
|
||||
ALTER TABLE llx_bank_extrafields ADD INDEX idx_bank_extrafields (fk_object);
|
||||
|
||||
ALTER TABLE llx_user CHANGE COLUMN note note_private text;
|
||||
|
||||
@ -76,7 +76,7 @@ create table llx_user
|
||||
idpers3 varchar(128),
|
||||
|
||||
note_public text,
|
||||
note text DEFAULT NULL,
|
||||
note_private text DEFAULT NULL,
|
||||
model_pdf varchar(255) DEFAULT NULL,
|
||||
datelastlogin datetime,
|
||||
datepreviouslogin datetime,
|
||||
|
||||
@ -433,7 +433,7 @@ class User extends CommonObject
|
||||
$sql .= " u.socialnetworks,";
|
||||
$sql .= " u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile,";
|
||||
$sql .= " u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id,";
|
||||
$sql .= " u.admin, u.login, u.note as note_private, u.note_public,";
|
||||
$sql .= " u.admin, u.login, u.note_private, u.note_public,";
|
||||
$sql .= " u.pass, u.pass_crypted, u.pass_temp, u.api_key,";
|
||||
$sql .= " u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator,";
|
||||
$sql .= " u.statut, u.lang, u.entity,";
|
||||
@ -1979,7 +1979,7 @@ class User extends CommonObject
|
||||
$sql .= ", dateemploymentend=".(strval($this->dateemploymentend) != '' ? "'".$this->db->idate($this->dateemploymentend)."'" : 'null');
|
||||
$sql .= ", datestartvalidity=".(strval($this->datestartvalidity) != '' ? "'".$this->db->idate($this->datestartvalidity)."'" : 'null');
|
||||
$sql .= ", dateendvalidity=".(strval($this->dateendvalidity) != '' ? "'".$this->db->idate($this->dateendvalidity)."'" : 'null');
|
||||
$sql .= ", note = '".$this->db->escape($this->note_private)."'";
|
||||
$sql .= ", note_private = '".$this->db->escape($this->note_private)."'";
|
||||
$sql .= ", note_public = '".$this->db->escape($this->note_public)."'";
|
||||
$sql .= ", photo = ".($this->photo ? "'".$this->db->escape($this->photo)."'" : "null");
|
||||
$sql .= ", openid = ".($this->openid ? "'".$this->db->escape($this->openid)."'" : "null");
|
||||
|
||||
@ -27,6 +27,7 @@ require '../main.inc.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/usergroups.lib.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
|
||||
|
||||
// Get parameters
|
||||
$id = GETPOST('id', 'int');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'usernote'; // To manage different context of search
|
||||
@ -43,6 +44,9 @@ if (($object->id != $user->id) && (!$user->hasRight("user", "user", "read"))) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
// Permissions
|
||||
$permissionnote = $user->hasRight("user", "self", "write"); // Used by the include of actions_setnotes.inc.php
|
||||
|
||||
// Security check
|
||||
$socid = 0;
|
||||
if ($user->socid > 0) {
|
||||
@ -59,37 +63,23 @@ $hookmanager->initHooks(array('usercard', 'usernote', 'globalcard'));
|
||||
/*
|
||||
* Actions
|
||||
*/
|
||||
|
||||
$parameters = array('id'=>$socid);
|
||||
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
|
||||
if ($reshook < 0) {
|
||||
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
|
||||
}
|
||||
|
||||
if (empty($reshook)) {
|
||||
if ($action == 'update' && $user->hasRight("user", "user", "write") && !GETPOST("cancel")) {
|
||||
$db->begin();
|
||||
|
||||
$res = $object->update_note(dol_html_entity_decode(GETPOST('note_private', 'restricthtml'), ENT_QUOTES | ENT_HTML5));
|
||||
if ($res < 0) {
|
||||
$mesg = '<div class="error">'.$adh->error.'</div>';
|
||||
$db->rollback();
|
||||
} else {
|
||||
$db->commit();
|
||||
}
|
||||
}
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include, not include_once
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* View
|
||||
*/
|
||||
$form = new Form($db);
|
||||
|
||||
$person_name = !empty($object->firstname) ? $object->lastname.", ".$object->firstname : $object->lastname;
|
||||
$title = $person_name." - ".$langs->trans('Notes');
|
||||
$help_url = '';
|
||||
llxHeader('', $title, $help_url);
|
||||
llxHeader();
|
||||
|
||||
$form = new Form($db);
|
||||
|
||||
if ($id) {
|
||||
$head = user_prepare_head($object);
|
||||
@ -138,46 +128,20 @@ if ($id) {
|
||||
}
|
||||
print '</tr>';
|
||||
|
||||
$editenabled = (($action == 'edit') && $user->hasRight("user", "user", "write"));
|
||||
|
||||
// Note
|
||||
print '<tr><td class="tdtop">'.$langs->trans("Note").'</td>';
|
||||
print '<td class="'.($editenabled ? '' : 'sensiblehtmlcontent').'">';
|
||||
if ($editenabled) {
|
||||
print "<input type=\"hidden\" name=\"action\" value=\"update\">";
|
||||
print "<input type=\"hidden\" name=\"id\" value=\"".$object->id."\">";
|
||||
// Editeur wysiwyg
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
|
||||
$doleditor = new DolEditor('note_private', $object->note_private, '', 280, 'dolibarr_notes', 'In', true, false, getDolGlobalInt('FCKEDITOR_ENABLE_SOCIETE'), ROWS_8, '90%');
|
||||
$doleditor->Create();
|
||||
} else {
|
||||
print dol_string_onlythesehtmltags(dol_htmlentitiesbr($object->note_private));
|
||||
}
|
||||
print "</td></tr>";
|
||||
|
||||
print "</table>";
|
||||
|
||||
print '</div>';
|
||||
|
||||
|
||||
//print '<br>';
|
||||
|
||||
//print '<div class="underbanner clearboth"></div>';
|
||||
include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php';
|
||||
|
||||
print dol_get_fiche_end();
|
||||
|
||||
if ($action == 'edit') {
|
||||
print $form->buttonsSaveCancel();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
*/
|
||||
|
||||
print '<div class="tabsAction">';
|
||||
|
||||
if ($user->hasRight("user", "user", "write") && $action != 'edit') {
|
||||
print '<a class="butAction" href="note.php?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans('Modify')."</a>";
|
||||
}
|
||||
|
||||
print "</div>";
|
||||
|
||||
print "</form>\n";
|
||||
} else {
|
||||
$langs->load("errors");
|
||||
print $langs->trans("ErrorRecordNotFound");
|
||||
}
|
||||
|
||||
// End of page
|
||||
|
||||
Loading…
Reference in New Issue
Block a user