From 496f305a8107938a7fdbced9c333be4579194891 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Wed, 3 Feb 2010 22:21:46 +0000
Subject: [PATCH] Fix: bad rights for user author

---
 htdocs/projet/contact.php     | 22 +++++++++++++---------
 htdocs/projet/fiche.php       |  3 +--
 htdocs/projet/note.php        | 22 +++++++++++++---------
 htdocs/projet/tasks/fiche.php | 22 +++++++++++++---------
 4 files changed, 40 insertions(+), 29 deletions(-)

diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php
index 496c8bdca3d..2c4e0800582 100644
--- a/htdocs/projet/contact.php
+++ b/htdocs/projet/contact.php
@@ -177,19 +177,23 @@ if ($id > 0 || ! empty($ref))
 
 		// To verify role of users
 		$userAccess = 0;
-		foreach(array('internal','external') as $source)
+		if (!empty($project->user_author_id) && $project->user_author_id == $user->id) $userAccess=1;
+		else
 		{
-			$userRole = $project->liste_contact(4,$source);
-			$num=sizeof($userRole);
-
-			$i = 0;
-			while ($i < $num)
+			foreach(array('internal','external') as $source)
 			{
-				if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id'])
+				$userRole = $project->liste_contact(4,$source);
+				$num=sizeof($userRole);
+				
+				$i = 0;
+				while ($i < $num)
 				{
-					$userAccess++;
+					if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id'])
+					{
+						$userAccess++;
+					}
+					$i++;
 				}
-				$i++;
 			}
 		}
 
diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php
index e9941961162..635c22d424f 100644
--- a/htdocs/projet/fiche.php
+++ b/htdocs/projet/fiche.php
@@ -323,8 +323,7 @@ else
 
 	// To verify role of users
 	$userAccess = 0;
-	var_dump($project);
-	if (empty($project->user_author_id)) $userAccess=1;
+	if (!empty($project->user_author_id) && $project->user_author_id == $user->id) $userAccess=1;
 	else
 	{
 		foreach(array('internal','external') as $source)
diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php
index f5c234063c0..7294ea98bdd 100644
--- a/htdocs/projet/note.php
+++ b/htdocs/projet/note.php
@@ -108,19 +108,23 @@ if ($id > 0 || ! empty($ref))
 
 		// To verify role of users
 		$userAccess = 0;
-		foreach(array('internal','external') as $source)
+		if (!empty($project->user_author_id) && $project->user_author_id == $user->id) $userAccess=1;
+		else
 		{
-			$userRole = $project->liste_contact(4,$source);
-			$num=sizeof($userRole);
-
-			$i = 0;
-			while ($i < $num)
+			foreach(array('internal','external') as $source)
 			{
-				if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id'])
+				$userRole = $project->liste_contact(4,$source);
+				$num=sizeof($userRole);
+				
+				$i = 0;
+				while ($i < $num)
 				{
-					$userAccess++;
+					if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id'])
+					{
+						$userAccess++;
+					}
+					$i++;
 				}
-				$i++;
 			}
 		}
 
diff --git a/htdocs/projet/tasks/fiche.php b/htdocs/projet/tasks/fiche.php
index d3ba9538881..2cc5fa1aaf5 100644
--- a/htdocs/projet/tasks/fiche.php
+++ b/htdocs/projet/tasks/fiche.php
@@ -120,19 +120,23 @@ if ($id > 0 || ! empty($ref))
 	
 	// To verify role of users
 	$userAccess = 0;
-	foreach(array('internal','external') as $source)
+	if (!empty($project->user_author_id) && $project->user_author_id == $user->id) $userAccess=1;
+	else
 	{
-		$userRole = $project->liste_contact(4,$source);
-		$num=sizeof($userRole);
-		
-		$i = 0;
-		while ($i < $num)
+		foreach(array('internal','external') as $source)
 		{
-			if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id'])
+			$userRole = $project->liste_contact(4,$source);
+			$num=sizeof($userRole);
+			
+			$i = 0;
+			while ($i < $num)
 			{
-				$userAccess++;
+				if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id'])
+				{
+					$userAccess++;
+				}
+				$i++;
 			}
-			$i++;
 		}
 	}
 }