lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: only once superadmin and an admin can not delete/modify a

Browse Source 
superadmin
This commit is contained in:
Regis Houssin 2013-01-23 15:26:18 +01:00
parent b12101a650
commit 459adb146c
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/user/fiche.php
View File

@ -1360,7 +1360,7 @@ else
print '<div class="tabsAction">';
if ($caneditfield && (empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
if ($caneditfield && ((empty($conf->multicompany->enabled) && $fuser->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
{
if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED))
{
@ -1372,7 +1372,7 @@ else
}
}
elseif ($caneditpassword && ! $object->ldap_sid &&
(empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
((empty($conf->multicompany->enabled) && $fuser->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
{
print '<a class="butAction" href="fiche.php?id='.$object->id.'&amp;action=edit">'.$langs->trans("EditPassword").'</a>';
}
@ -1385,7 +1385,7 @@ else
print '<a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->trans("UserDisabled")).'">'.$langs->trans("ReinitPassword").'</a>';
}
elseif (($user->id != $id && $caneditpassword) && $object->login && !$object->ldap_sid &&
(empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
((empty($conf->multicompany->enabled) && $fuser->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
{
print '<a class="butAction" href="fiche.php?id='.$object->id.'&amp;action=password">'.$langs->trans("ReinitPassword").'</a>';
}
@ -1395,7 +1395,7 @@ else
print '<a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->trans("UserDisabled")).'">'.$langs->trans("SendNewPassword").'</a>';
}
else if (($user->id != $id && $caneditpassword) && $object->login && !$object->ldap_sid &&
(empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
((empty($conf->multicompany->enabled) && $fuser->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
{
if ($object->email) print '<a class="butAction" href="fiche.php?id='.$object->id.'&amp;action=passwordsend">'.$langs->trans("SendNewPassword").'</a>';
else print '<a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->trans("NoEMail")).'">'.$langs->trans("SendNewPassword").'</a>';
@ -1404,19 +1404,19 @@ else
// Activer
if ($user->id <> $id && $candisableuser && $object->statut == 0 &&
(empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
((empty($conf->multicompany->enabled) && $fuser->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
{
print '<a class="butAction" href="fiche.php?id='.$object->id.'&amp;action=enable">'.$langs->trans("Reactivate").'</a>';
}
// Desactiver
if ($user->id <> $id && $candisableuser && $object->statut == 1 &&
(empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
((empty($conf->multicompany->enabled) && $fuser->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
{
print '<a class="butActionDelete" href="fiche.php?action=disable&amp;id='.$object->id.'">'.$langs->trans("DisableUser").'</a>';
}
// Delete
if ($user->id <> $id && $candisableuser &&
(empty($conf->multicompany->enabled) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
((empty($conf->multicompany->enabled) && $fuser->entity == $user->entity) || ! $user->entity || ($object->entity == $conf->entity) || ($conf->multicompany->transverse_mode && $conf->entity == 1)))
{
if ($user->admin || ! $object->admin) // If user edited is admin, delete is possible on for an admin
{