lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: Restrictions accs manquantes

Browse Source
This commit is contained in:
Laurent Destailleur 2005-10-08 19:13:58 +00:00
parent ce5bdddfec
commit 4dab301931
11 changed files with 216 additions and 161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/admin/dict.php
View File

@ -348,7 +348,7 @@ if ($_GET["id"])
if ($fieldlist[$field]=='libelle') $valuetoshow=$langs->trans("Label")."*";
if ($fieldlist[$field]=='libelle_facture') $valuetoshow=$langs->trans("LabelOnDocuments")."*";
if ($fieldlist[$field]=='pays') $valuetoshow=$langs->trans("Country");
if ($fieldlist[$field]=='recuperableonly') $valuetoshow=$langs->trans("VATReceivedOnly");
if ($fieldlist[$field]=='recuperableonly') $valuetoshow=MENTION_NPR;
if ($fieldlist[$field]=='nbjour') $valuetoshow=$langs->trans("NbOfDays");
if ($fieldlist[$field]=='fdm') $valuetoshow=$langs->trans("AtEndOfMonth");
print '<td>';
@ -460,7 +460,7 @@ if ($_GET["id"])
if ($fieldlist[$field]=='libelle') $valuetoshow=$langs->trans("Label")."*";
if ($fieldlist[$field]=='libelle_facture') $valuetoshow=$langs->trans("LabelOnDocuments")."*";
if ($fieldlist[$field]=='pays') $valuetoshow=$langs->trans("Country");
if ($fieldlist[$field]=='recuperableonly') $valuetoshow=$langs->trans("VATReceivedOnly");
if ($fieldlist[$field]=='recuperableonly') $valuetoshow=MENTION_NPR;
if ($fieldlist[$field]=='nbjour') $valuetoshow=$langs->trans("NbOfDays");
if ($fieldlist[$field]=='fdm') $valuetoshow=$langs->trans("AtEndOfMonth");
// Affiche nom du champ

3
htdocs/compta/facture/impayees.php
View File

@ -137,7 +137,8 @@ if ($user->rights->facture->lire)
$soc->fetch($socidp);
}
print_barre_liste($langs->trans("BillsCustomersUnpayed")." ".($socidp?" $soc->nom":""),$page,"impayees.php","&amp;socidp=$socidp",$sortfield,$sortorder,'',$num);
$titre=($socidp?$langs->trans("BillsCustomersUnpayedForCompany",$soc->nom):$langs->trans("BillsCustomersUnpayed"));
print_barre_liste($titre,$page,"impayees.php","&amp;socidp=$socidp",$sortfield,$sortorder,'',$num);
$i = 0;
print '<table class="liste" width="100%">';
print '<tr class="liste_titre">';

120
htdocs/compta/paiement/avalider.php
View File

@ -18,27 +18,32 @@
*
* $Id$
* $Source$
*
*/
/**
\file htdocs/compta/paiement/avalider.php
\ingroup compta
\brief Page liste des paiements a valider des factures clients
\version $Revision$
\file htdocs/compta/paiement/avalider.php
\ingroup compta
\brief Page liste des paiements a valider des factures clients
\version $Revision$
*/
require("./pre.inc.php");
/*
* Sécurité accés client
*/
$user->getrights("facture");
// Sécurité accés client
if (! $user->rights->facture->lire)
accessforbidden();
$socidp=0;
if ($user->societe_id > 0)
{
$action = '';
$socidp = $user->societe_id;
$action = '';
$socidp = $user->societe_id;
}
/*
* Affichage
*/
@ -48,67 +53,72 @@ llxHeader();
$page=$_GET["page"];
$sortorder=$_GET["sortorder"];
$sortfield=$_GET["sortfield"];
if ($page == -1)
$page = 0 ;
$limit = $conf->liste_limit;
$offset = $limit * $page ;
if (! $sortorder) $sortorder="DESC";
if (! $sortfield) $sortfield="p.rowid";
if ($page == -1) $page = 0 ;
$limit = $conf->liste_limit;
$offset = $limit * $page ;
$sql = "SELECT p.rowid,".$db->pdate("p.datep")." as dp, p.amount, p.statut";
$sql .=", c.libelle as paiement_type, p.num_paiement";
$sql .= " FROM ".MAIN_DB_PREFIX."paiement as p, ".MAIN_DB_PREFIX."c_paiement as c";
if ($socidp)
{
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON pf.fk_facture = f.rowid";
}
$sql .= " WHERE p.fk_paiement = c.id";
if ($socidp)
{
$sql.= " AND f.fk_soc = ".$socidp;
}
$sql .= " AND p.statut = 0";
$sql .= " ORDER BY $sortfield $sortorder";
$sql .= $db->plimit( $limit +1 ,$offset);
$result = $db->query($sql);
$resql = $db->query($sql);
if ($result)
if ($resql)
{
$num = $db->num_rows();
$i = 0;
$var=True;
print_barre_liste("Paiements clients a valider", $page, "avalider.php","",$sortfield,$sortorder,'',$num);
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Ref"),"avalider.php","p.rowid","","","",$sortfield);
print_liste_field_titre($langs->trans("Date"),"avalider.php","dp","","","",$sortfield);
print_liste_field_titre($langs->trans("Type"),"avalider.php","c.libelle","","","",$sortfield);
print '<td align="right">'.$langs->trans("AmountTTC").'</td>';
print "<td>&nbsp;</td>";
print "</tr>\n";
while ($i < min($num,$limit))
$num = $db->num_rows($resql);
$i = 0;
$var=True;
print_barre_liste($langs->trans("ReceivedCustomersPaymentsToValid"), $page, "avalider.php","",$sortfield,$sortorder,'',$num);
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Ref"),"avalider.php","p.rowid","","","",$sortfield);
print_liste_field_titre($langs->trans("Date"),"avalider.php","dp","","","",$sortfield);
print_liste_field_titre($langs->trans("Type"),"avalider.php","c.libelle","","","",$sortfield);
print '<td align="right">'.$langs->trans("AmountTTC").'</td>';
print "<td>&nbsp;</td>";
print "</tr>\n";
while ($i < min($num,$limit))
{
$objp = $db->fetch_object($result);
$var=!$var;
print "<tr $bc[$var]>";
print '<td>'.'<a href="'.DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$objp->rowid.'">'.img_object($langs->trans("ShowPayment"),"payment").' '.$objp->rowid.'</a></td>';
print '<td>'.dolibarr_print_date($objp->dp)."</td>\n";
print "<td>$objp->paiement_type $objp->num_paiement</td>\n";
print '<td align="right">'.price($objp->amount).'</td>';
print '<td align="center">';
$objp = $db->fetch_object($resql);
$var=!$var;
print "<tr $bc[$var]>";
print '<td>'.'<a href="'.DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$objp->rowid.'">'.img_object($langs->trans("ShowPayment"),"payment").' '.$objp->rowid.'</a></td>';
print '<td>'.dolibarr_print_date($objp->dp)."</td>\n";
print "<td>$objp->paiement_type $objp->num_paiement</td>\n";
print '<td align="right">'.price($objp->amount).'</td>';
print '<td align="center">';
if ($objp->statut == 0)
{
print '<a href="fiche.php?id='.$objp->rowid.'&amp;action=valide">A valider</a>';
}
else
{
print "-";
}
if ($objp->statut == 0)
{
print '<a href="fiche.php?id='.$objp->rowid.'&amp;action=valide">'.$langs->trans("ToValid").'</a>';
}
else
{
print "-";
}
print '</td>';
print "</tr>";
$i++;
print '</td>';
print "</tr>";
$i++;
}
print "</table>";
print "</table>";
}
$db->close();

117
htdocs/compta/paiement/liste.php
View File

@ -31,8 +31,13 @@ require("./pre.inc.php");
$langs->load("bills");
$user->getrights("facture");
// Sécurité accés client
if (! $user->rights->facture->lire)
accessforbidden();
$socidp=0;
if ($user->societe_id > 0)
{
$action = '';
@ -63,8 +68,16 @@ $sql.= " FROM ".MAIN_DB_PREFIX."paiement as p,";
$sql.= " ".MAIN_DB_PREFIX."c_paiement as c";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank as b ON p.fk_bank = b.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON b.fk_account = ba.rowid";
if ($socidp)
{
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON p.rowid = pf.fk_paiement";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON pf.fk_facture = f.rowid";
}
$sql.= " WHERE p.fk_paiement = c.id";
if ($socidp)
{
$sql.= " AND f.fk_soc = ".$socidp;
}
if ($_GET["search_montant"])
{
$sql .=" AND p.amount=".ereg_replace(",",".",$_GET["search_montant"]);
@ -90,67 +103,67 @@ $resql = $db->query($sql);
if ($resql)
{
$num = $db->num_rows($resql);
$i = 0;
$var=True;
$paramlist=($_GET["orphelins"]?"&orphelins=1":"");
print_barre_liste($langs->trans("ReceivedPayments"), $page, "liste.php",$paramlist,$sortfield,$sortorder,'',$num);
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Ref"),"liste.php","p.rowid","",$paramlist,"",$sortfield);
print_liste_field_titre($langs->trans("Date"),"liste.php","dp","",$paramlist,'align="center"',$sortfield);
print_liste_field_titre($langs->trans("Type"),"liste.php","c.libelle","",$paramlist,"",$sortfield);
print_liste_field_titre($langs->trans("Account"),"liste.php","ba.label","",$paramlist,"",$sortfield);
print_liste_field_titre($langs->trans("Amount"),"liste.php","p.amount","",$paramlist,'align="right"',$sortfield);
print_liste_field_titre($langs->trans("Status"),"liste.php","p.statut","",$paramlist,'align="center"',$sortfield);
print "</tr>\n";
$num = $db->num_rows($resql);
$i = 0;
$var=True;
// Lignes des champs de filtre
print '<form method="get" action="liste.php">';
print '<tr class="liste_titre">';
print '<td colspan="4">&nbsp;</td>';
$paramlist=($_GET["orphelins"]?"&orphelins=1":"");
print_barre_liste($langs->trans("ReceivedCustomersPayments"), $page, "liste.php",$paramlist,$sortfield,$sortorder,'',$num);
print '<td align="right">';
print '<input class="fat" type="text" size="6" name="search_montant" value="'.$_GET["search_montant"].'">';
print '</td><td align="center">';
print '<input type="image" class="liste_titre" name="button_search" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/search.png" alt="'.$langs->trans("Search").'">';
print '</td>';
print "</tr>\n";
print '</form>';
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Ref"),"liste.php","p.rowid","",$paramlist,"",$sortfield);
print_liste_field_titre($langs->trans("Date"),"liste.php","dp","",$paramlist,'align="center"',$sortfield);
print_liste_field_titre($langs->trans("Type"),"liste.php","c.libelle","",$paramlist,"",$sortfield);
print_liste_field_titre($langs->trans("Account"),"liste.php","ba.label","",$paramlist,"",$sortfield);
print_liste_field_titre($langs->trans("Amount"),"liste.php","p.amount","",$paramlist,'align="right"',$sortfield);
print_liste_field_titre($langs->trans("Status"),"liste.php","p.statut","",$paramlist,'align="center"',$sortfield);
print "</tr>\n";
while ($i < min($num,$limit))
// Lignes des champs de filtre
print '<form method="get" action="liste.php">';
print '<tr class="liste_titre">';
print '<td colspan="4">&nbsp;</td>';
print '<td align="right">';
print '<input class="fat" type="text" size="6" name="search_montant" value="'.$_GET["search_montant"].'">';
print '</td><td align="right">';
print '<input type="image" class="liste_titre" name="button_search" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/search.png" alt="'.$langs->trans("Search").'">';
print '</td>';
print "</tr>\n";
print '</form>';
while ($i < min($num,$limit))
{
$objp = $db->fetch_object($resql);
$var=!$var;
print "<tr $bc[$var]>";
print '<td width="40"><a href="'.DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$objp->rowid.'">'.img_object($langs->trans("ShowPayment"),"payment").'</a>';
$objp = $db->fetch_object($resql);
$var=!$var;
print "<tr $bc[$var]>";
print '<td width="40"><a href="'.DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$objp->rowid.'">'.img_object($langs->trans("ShowPayment"),"payment").'</a>';
print '&nbsp;<a href="'.DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$objp->rowid.'">'.$objp->rowid.'</a></td>';
print '&nbsp;<a href="'.DOL_URL_ROOT.'/compta/paiement/fiche.php?id='.$objp->rowid.'">'.$objp->rowid.'</a></td>';
print '<td align="center">'.dolibarr_print_date($objp->dp).'</td>';
print '<td>'.$objp->paiement_type.' '.$objp->num_paiement.'</td>';
print '<td><a href="'.DOL_URL_ROOT.'/compta/bank/account.php?account='.$objp->bid.'">'.$objp->label.'</a></td>';
print '<td align="right">'.price($objp->amount).'</td>';
print '<td align="center">';
print '<td align="center">'.dolibarr_print_date($objp->dp).'</td>';
print '<td>'.$objp->paiement_type.' '.$objp->num_paiement.'</td>';
print '<td><a href="'.DOL_URL_ROOT.'/compta/bank/account.php?account='.$objp->bid.'">'.$objp->label.'</a></td>';
print '<td align="right">'.price($objp->amount).'</td>';
print '<td align="center">';
if ($objp->statut == 0)
{
print '<a href="fiche.php?id='.$objp->rowid.'&amp;action=valide">'.$langs->trans("ToValidate").'</a>';
}
else
{
print img_tick();
}
if ($objp->statut == 0)
{
print '<a href="fiche.php?id='.$objp->rowid.'&amp;action=valide">'.$langs->trans("ToValidate").'</a>';
}
else
{
print img_tick();
}
print '</td></tr>';
$i++;
print '</td></tr>';
$i++;
}
print "</table>";
print "</table>";
}
else
{

18
htdocs/compta/paiement/rapport.php
View File

@ -29,13 +29,20 @@
require("./pre.inc.php");
$user->getrights("facture");
/*
* Sécurité accés
*/
if (!$user->admin && $user->societe_id > 0)
// Sécurité accés
if (! $user->rights->facture->lire)
accessforbidden();
$socidp=0;
if ($user->societe_id > 0)
{
$action = '';
$socidp = $user->societe_id;
}
$year = $_GET["year"];
@ -64,7 +71,8 @@ llxHeader();
* Affichage liste des paiements
*
*/
print_titre("Rapport paiements".($year?" $year":""));
$titre=($year?$langs->trans("PaymentsReportsForYear",$year):$langs->trans("PaymentsReports"));
print_titre($titre);
// Formulaire de génération
print '<br><form method="post" action="rapport.php?year='.$year.'">';

7
htdocs/contact/index.php
View File

@ -65,12 +65,13 @@ if ($page < 0) { $page = 0 ; }
$limit = $conf->liste_limit;
$offset = $limit * $page ;
if ($type == "f") { $text.=$langs->trans("Suppliers"); }
if ($type == "c") { $text.=$langs->trans("Customers"); }
$titre=$langs->trans("ListOfContacts");
if ($type == "c") { $titre=$langs->trans("ListOfCustomersContacts"); }
if ($type == "f") { $titre=$langs->trans("ListOfSuppliersContacts"); }
if ($view == 'phone') { $text="(Vue Téléphones)"; }
if ($view == 'mail') { $text="(Vue EMail)"; }
if ($view == 'recent') { $text="(Récents)"; }
$titre = $langs->trans("ListOfContacts")." $text";
$titre = $titre." $text";
if ($_POST["button_removefilter"])
{

94
htdocs/includes/modules/modComptabilite.class.php
View File

@ -87,55 +87,63 @@ class modComptabilite extends DolibarrModules
// Permissions
$this->rights = array();
$this->rights_class = 'compta';
$r=0;
$r++;
$this->rights[$r][0] = 91;
$this->rights[$r][1] = 'Lire les charges';
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 1;
$this->rights[$r][4] = 'charges';
$this->rights[$r][5] = 'lire';
$this->rights[1][0] = 91;
$this->rights[1][1] = 'Lire les charges';
$this->rights[1][2] = 'r';
$this->rights[1][3] = 1;
$this->rights[1][4] = 'charges';
$this->rights[1][5] = 'lire';
$r++;
$this->rights[$r][0] = 92;
$this->rights[$r][1] = 'Créer modifier les charges';
$this->rights[$r][2] = 'w';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'charges';
$this->rights[$r][5] = 'creer';
$this->rights[2][0] = 92;
$this->rights[2][1] = 'Créer modifier les charges';
$this->rights[2][2] = 'w';
$this->rights[2][3] = 0;
$this->rights[2][4] = 'charges';
$this->rights[2][5] = 'creer';
$r++;
$this->rights[$r][0] = 93;
$this->rights[$r][1] = 'Supprimer les charges';
$this->rights[$r][2] = 'd';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'charges';
$this->rights[$r][5] = 'supprimer';
$this->rights[3][0] = 93;
$this->rights[3][1] = 'Supprimer les charges';
$this->rights[3][2] = 'd';
$this->rights[3][3] = 0;
$this->rights[3][4] = 'charges';
$this->rights[3][5] = 'supprimer';
$r++;
$this->rights[$r][0] = 95;
$this->rights[$r][1] = 'Lire CA, bilans, résultats';
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 1;
$this->rights[$r][4] = 'resultat';
$this->rights[$r][5] = 'lire';
$this->rights[4][0] = 95;
$this->rights[4][1] = 'Lire CA, bilans, résultats';
$this->rights[4][2] = 'r';
$this->rights[4][3] = 1;
$this->rights[4][4] = 'resultat';
$this->rights[4][5] = 'lire';
$r++;
$this->rights[$r][0] = 96;
$this->rights[$r][1] = 'Paramétrer la ventilation';
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'ventilation';
$this->rights[$r][5] = 'parametrer';
$this->rights[5][0] = 96;
$this->rights[5][1] = 'Paramétrer la ventilation';
$this->rights[5][2] = 'r';
$this->rights[5][3] = 0;
$this->rights[5][4] = 'ventilation';
$this->rights[5][5] = 'parametrer';
$r++;
$this->rights[$r][0] = 97;
$this->rights[$r][1] = 'Ventiler les lignes de facture';
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'ventilation';
$this->rights[$r][5] = 'creer';
$this->rights[6][0] = 97;
$this->rights[6][1] = 'Ventiler les lignes de facture';
$this->rights[6][2] = 'r';
$this->rights[6][3] = 0;
$this->rights[6][4] = 'ventilation';
$this->rights[6][5] = 'creer';
$this->rights[7][0] = 98;
$this->rights[7][1] = "Accès à l'espace compta/tréso";
$this->rights[7][2] = 'r';
$this->rights[7][3] = 0;
$this->rights[7][4] = 'general';
$this->rights[7][5] = 'lire';
$r++;
$this->rights[$r][0] = 98;
$this->rights[$r][1] = "Accès à l'espace compta/tréso";
$this->rights[$r][2] = 'r';
$this->rights[$r][3] = 0;
$this->rights[$r][4] = 'general';
$this->rights[$r][5] = 'lire';
}

5
htdocs/langs/en_US/bills.lang
View File

@ -4,6 +4,7 @@ Bills=Invoices
BillsCustomers=Customers' invoices
BillsSuppliers=Suppliers' invoices
BillsCustomersUnpayed=Unpayed customers' invoices
BillsCustomersUnpayedForCompany=Unpayed customers' invoices for %s
BillsSuppliersUnpayed=Unpayed suppliers' invoices
BillsUnpayed=Unpayed
BillsStatistics=Invoices statistics
@ -13,6 +14,10 @@ SupplierBills=suppliers invoices
Payment=Payment
Payments=Payments
ReceivedPayments=Received payments
ReceivedCustomersPayments=Received customers payments
ReceivedCustomersPaymentsToValid=Received customers payments to validate
PaymentsReportsForYear=Payments reports for %s
PaymentsReports=Payments reports
PaymentsAlreadyDone=Payments already done
PaymentMode=Payment mode
PaymentConditions=Payment conditions

2
htdocs/langs/en_US/companies.lang
View File

@ -77,6 +77,8 @@ LastProspect=Last
ProspectToContact=Prospect to contact
CompanyDeleted=Company "%s" deleted from database.
ListOfContacts=List of contacts
ListOfCustomersContacts=List of customer contacts
ListOfSuppliersContacts=List of supplier contacts
ListOfCompanies=List of companies
ShowCompany=Show company
ShowContact=Show contact

5
htdocs/langs/fr_FR/bills.lang
View File

@ -4,6 +4,7 @@ Bills=Factures
BillsCustomers=Factures clients
BillsSuppliers=Factures fournisseurs
BillsCustomersUnpayed=Factures clients impayées
BillsCustomersUnpayedForCompany=Factures clients impayées pour %s
BillsSuppliersUnpayed=Factures fournisseurs impayées
BillsUnpayed=Impayées
BillsStatistics=Statistiques factures
@ -13,6 +14,10 @@ SupplierBills=Factures fournisseurs
Payment=Paiement
Payments=Paiements
ReceivedPayments=Paiements reçus
ReceivedCustomersPayments=Paiements clients reçus
ReceivedCustomersPaymentsToValid=Paiements clients reçus à valider
PaymentsReportsForYear=Rapports de paiements pour %s
PaymentsReports=Rapports de paiements
PaymentsAlreadyDone=Versements déjà effectués
PaymentMode=Mode de réglement
PaymentConditions=Conditions de réglement

2
htdocs/langs/fr_FR/companies.lang
View File

@ -77,6 +77,8 @@ LastProspect=Dernier prospect
ProspectToContact=Prospect à contacter
CompanyDeleted=La société "%s" a été supprimée de la base.
ListOfContacts=Liste des contacts
ListOfCustomersContacts=Liste des contacts clients
ListOfSuppliersContacts=Liste des contacts fournisseurs
ListOfCompanies=Liste des sociétés
ShowCompany=Afficher société
ShowContact=Afficher contact