From a4b1c28696dbfd3a0308bae880adcb4ead44160e Mon Sep 17 00:00:00 2001 From: florian HENRY Date: Wed, 5 Jul 2017 11:33:58 +0200 Subject: [PATCH 1/7] fix : accountancy right management --- htdocs/accountancy/admin/categories.php | 4 ++-- htdocs/accountancy/admin/categories_list.php | 2 +- htdocs/accountancy/admin/defaultaccounts.php | 2 +- htdocs/accountancy/admin/export.php | 2 +- htdocs/accountancy/admin/fiscalyear_card.php | 18 +++++++++--------- htdocs/accountancy/admin/index.php | 2 +- htdocs/accountancy/admin/journals_list.php | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/htdocs/accountancy/admin/categories.php b/htdocs/accountancy/admin/categories.php index fd8c67246f4..11913c6d2e9 100644 --- a/htdocs/accountancy/admin/categories.php +++ b/htdocs/accountancy/admin/categories.php @@ -46,7 +46,7 @@ if ($cat_id == 0) { } // Security check -if (! empty($user->rights->accountancy->chartofaccount)) +if (! $user->rights->accounting-->chartofaccount) { accessforbidden(); } @@ -104,7 +104,7 @@ $formaccounting->select_accounting_category($cat_id, 'account_category', 1, 0, 0 print ''; print ''; -if (! empty($cat_id)) +if (! empty($cat_id)) { $return = $accountingcategory->getAccountsWithNoCategory($cat_id); if ($return < 0) { diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index cb852d82e0c..6c2b94d727a 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -57,7 +57,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (! empty($user->rights->accountancy->chartofaccount)) +if (! $user->rights->accounting-->chartofaccount) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/defaultaccounts.php b/htdocs/accountancy/admin/defaultaccounts.php index 9cf4d2977fd..60b8424ff3e 100644 --- a/htdocs/accountancy/admin/defaultaccounts.php +++ b/htdocs/accountancy/admin/defaultaccounts.php @@ -42,7 +42,7 @@ $langs->load("salaries"); $langs->load("loan"); // Security check -if (! empty($user->rights->accountancy->chartofaccount)) +if (! $user->rights->accounting-->chartofaccount) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/export.php b/htdocs/accountancy/admin/export.php index 7a209be45b1..dfbeb09f25e 100644 --- a/htdocs/accountancy/admin/export.php +++ b/htdocs/accountancy/admin/export.php @@ -38,7 +38,7 @@ $langs->load("admin"); $langs->load("accountancy"); // Security check -if (empty($user->admin) || ! empty($user->rights->accountancy->chartofaccount)) +if (empty($user->admin) || ! $user->rights->accounting-->chartofaccount) { accessforbidden(); } diff --git a/htdocs/accountancy/admin/fiscalyear_card.php b/htdocs/accountancy/admin/fiscalyear_card.php index 7a8ab0673a7..fa817942a54 100644 --- a/htdocs/accountancy/admin/fiscalyear_card.php +++ b/htdocs/accountancy/admin/fiscalyear_card.php @@ -43,10 +43,10 @@ $id = GETPOST('id', 'int'); // List of statut static $tmpstatut2label = array ( '0' => 'OpenFiscalYear', - '1' => 'CloseFiscalYear' + '1' => 'CloseFiscalYear' ); $statut2label = array ( - '' + '' ); foreach ( $tmpstatut2label as $key => $val ) $statut2label[$key] = $langs->trans($val); @@ -69,7 +69,7 @@ if ($action == 'confirm_delete' && $confirm == "yes") { } else { setEventMessages($object->error, $object->errors, 'errors'); } -} +} else if ($action == 'add') { if (! GETPOST('cancel', 'alpha')) { @@ -113,7 +113,7 @@ else if ($action == 'add') { header("Location: ./fiscalyear.php"); exit(); } -} +} // Update record else if ($action == 'update') { @@ -126,7 +126,7 @@ else if ($action == 'update') { $object->statut = GETPOST('statut', 'int'); $result = $object->update($user); - + if ($result > 0) { header("Location: " . $_SERVER["PHP_SELF"] . "?id=" . $id); exit(); @@ -151,7 +151,7 @@ llxHeader("",$title,$helpurl); $form = new Form($db); -if ($action == 'create') +if ($action == 'create') { print load_fiche_titre($langs->trans("NewFiscalYear")); @@ -184,7 +184,7 @@ if ($action == 'create') print $form->selectarray('statut', $statut2label, GETPOST('statut')); print ''; */ - + print ''; dol_fiche_end(); @@ -306,9 +306,9 @@ if ($action == 'create') print '
'; print '' . $langs->trans('Modify') . ''; - + // print '' . $langs->trans('Delete') . ''; - + print '
'; } } diff --git a/htdocs/accountancy/admin/index.php b/htdocs/accountancy/admin/index.php index ead997a5d8c..ce17979157b 100644 --- a/htdocs/accountancy/admin/index.php +++ b/htdocs/accountancy/admin/index.php @@ -266,7 +266,7 @@ if (! empty($user->admin)) } -// Param a user $user->rights->accountancy->chartofaccount can access +// Param a user $user->rights->accounting-->chartofaccount can access foreach ($list as $key) { print ''; diff --git a/htdocs/accountancy/admin/journals_list.php b/htdocs/accountancy/admin/journals_list.php index dca29fd28b8..e0e41a776be 100644 --- a/htdocs/accountancy/admin/journals_list.php +++ b/htdocs/accountancy/admin/journals_list.php @@ -41,7 +41,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (! empty($user->rights->accountancy->chartofaccount)) +if (!$user->rights->accounting->chartofaccount) { accessforbidden(); } From 0fc6f6920e119f1630cb9a94dfdd72efd802cb87 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:03:14 +0200 Subject: [PATCH 2/7] Update categories.php --- htdocs/accountancy/admin/categories.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/admin/categories.php b/htdocs/accountancy/admin/categories.php index 11913c6d2e9..f9200a575be 100644 --- a/htdocs/accountancy/admin/categories.php +++ b/htdocs/accountancy/admin/categories.php @@ -46,7 +46,7 @@ if ($cat_id == 0) { } // Security check -if (! $user->rights->accounting-->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } @@ -164,4 +164,4 @@ if ($action == 'display' || $action == 'delete') { llxFooter(); -$db->close(); \ No newline at end of file +$db->close(); From d880c943ae7961fcf925aea2f542a5e7c4525df5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:03:39 +0200 Subject: [PATCH 3/7] Update categories_list.php --- htdocs/accountancy/admin/categories_list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index 6c2b94d727a..270d882eac7 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -57,7 +57,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (! $user->rights->accounting-->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } From 51a9c4fad56644701fa6b166f66bb85c8c591ecc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:03:57 +0200 Subject: [PATCH 4/7] Update defaultaccounts.php --- htdocs/accountancy/admin/defaultaccounts.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/defaultaccounts.php b/htdocs/accountancy/admin/defaultaccounts.php index 60b8424ff3e..ce99bd6296c 100644 --- a/htdocs/accountancy/admin/defaultaccounts.php +++ b/htdocs/accountancy/admin/defaultaccounts.php @@ -42,7 +42,7 @@ $langs->load("salaries"); $langs->load("loan"); // Security check -if (! $user->rights->accounting-->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } From 2dd9cb61a6a18ec398607dd4a3d02bcf44313175 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:04:29 +0200 Subject: [PATCH 5/7] Update export.php --- htdocs/accountancy/admin/export.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/export.php b/htdocs/accountancy/admin/export.php index dfbeb09f25e..433448fa688 100644 --- a/htdocs/accountancy/admin/export.php +++ b/htdocs/accountancy/admin/export.php @@ -38,7 +38,7 @@ $langs->load("admin"); $langs->load("accountancy"); // Security check -if (empty($user->admin) || ! $user->rights->accounting-->chartofaccount) +if (empty($user->admin) && empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } From 5eaf49a265a9fb5b10edc2b863ed7dce06eb683c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:05:32 +0200 Subject: [PATCH 6/7] Update journals_list.php --- htdocs/accountancy/admin/journals_list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/accountancy/admin/journals_list.php b/htdocs/accountancy/admin/journals_list.php index e0e41a776be..eca8a4bdca0 100644 --- a/htdocs/accountancy/admin/journals_list.php +++ b/htdocs/accountancy/admin/journals_list.php @@ -41,7 +41,7 @@ $rowid=GETPOST('rowid','alpha'); $code=GETPOST('code','alpha'); // Security access -if (!$user->rights->accounting->chartofaccount) +if (empty($user->rights->accounting->chartofaccount)) { accessforbidden(); } @@ -743,4 +743,4 @@ function fieldList($fieldlist, $obj='', $tabname='', $context='') print ''; } } -} \ No newline at end of file +} From 3270d141b040c59163ceb2e9b9be85ceaa9a5927 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 7 Jul 2017 20:07:28 +0200 Subject: [PATCH 7/7] Update index.php --- htdocs/accountancy/admin/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/index.php b/htdocs/accountancy/admin/index.php index ce17979157b..b6aceb52ad4 100644 --- a/htdocs/accountancy/admin/index.php +++ b/htdocs/accountancy/admin/index.php @@ -266,7 +266,7 @@ if (! empty($user->admin)) } -// Param a user $user->rights->accounting-->chartofaccount can access +// Param a user $user->rights->accounting->chartofaccount can access foreach ($list as $key) { print '';