From 402c9313bf4b61db28e5eedd5902f95026dabdce Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Wed, 8 Mar 2006 14:22:53 +0000
Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20permission=20"consulter=20tou?=
 =?UTF-8?q?s=20les=20clients"=20dans=20le=20module=20commercial,=20afin=20?=
 =?UTF-8?q?=20qu'un=20commercial=20puisse=20voir=20que=20les=20clients=20q?=
 =?UTF-8?q?ui=20lui=20sont=20affect=E9s.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/societe.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/htdocs/societe.php b/htdocs/societe.php
index c05feb36974..f7228aa7463 100644
--- a/htdocs/societe.php
+++ b/htdocs/societe.php
@@ -79,8 +79,12 @@ if ($mode == 'search')
 {
     $_POST["search_nom"]="$socname";
 
-    $sql = "SELECT s.idp FROM ".MAIN_DB_PREFIX."societe as s ";
+    $sql = "SELECT s.idp";
+    if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user";
+    $sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
+    if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
     $sql .= " WHERE s.nom like '%".$socname."%'";
+    if (!$user->rights->commercial->client->voir) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
 
     $result=$db->query($sql);
     if ($result)