From 528793e64e904c116499246e1ba5ec1bdda05bae Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 13 Mar 2006 13:01:41 +0000 Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20permission=20"consulter=20tou?= =?UTF-8?q?s=20les=20clients"=20dans=20le=20module=20commercial,=20afin=20?= =?UTF-8?q?=20qu'un=20commercial=20puisse=20voir=20que=20les=20clients=20q?= =?UTF-8?q?ui=20lui=20sont=20affect=E9s.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/contrat/index.php | 11 ++++++++++- htdocs/contrat/liste.php | 3 +++ htdocs/contrat/services.php | 3 +++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index 6cb467bac61..455ef2ba09c 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -99,9 +99,12 @@ $sql.= ' sum('.$db->ifsql("cd.statut=4 AND cd.date_fin_validite > sysdate()",1,0 $sql.= ' sum('.$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NULL OR cd.date_fin_validite <= sysdate())",1,0).') as nb_late,'; $sql.= ' sum('.$db->ifsql("cd.statut=5",1,0).') as nb_closed,'; $sql.= " c.rowid as cid, c.ref, c.datec, c.statut, s.nom, s.idp as sidp"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " WHERE c.fk_soc = s.idp "; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socidp > 0) $sql .= " AND s.idp = ".$socidp; $sql.= " GROUP BY c.rowid, c.datec, c.statut, s.nom, s.idp"; $sql.= " ORDER BY c.datec DESC"; @@ -161,9 +164,12 @@ print '
'; // Not activated services $sql = "SELECT cd.rowid as cid, c.ref, cd.statut, cd.label, cd.description as note, cd.fk_contrat, c.fk_soc, s.nom"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.statut=1 AND cd.statut = 0"; $sql.= " AND cd.fk_contrat = c.rowid AND c.fk_soc = s.idp"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socidp > 0) $sql.= " AND s.idp = ".$socidp; $sql.= " ORDER BY cd.tms DESC"; @@ -184,7 +190,7 @@ if ( $db->query($sql) ) $var=!$var; print ""; - print ''.img_object($langs->trans("ShowContract"),"contract").' ' + print ''.img_object($langs->trans("ShowContract"),"contract").' ' .(isset($obj->ref) ? $obj->ref : $obj->fk_contrat).''; print ''.img_object($langs->trans("ShowService"),"service"); if ($obj->label) print ' '.dolibarr_trunc($obj->label,20).''; @@ -210,8 +216,11 @@ print '
'; $max=5; $sql = "SELECT cd.rowid as cid, c.ref, cd.statut, cd.label, cd.description as note, cd.fk_contrat, c.fk_soc, s.nom"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.idp"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socidp > 0) $sql.= " AND s.idp = ".$socidp; $sql.= " ORDER BY cd.tms DESC"; diff --git a/htdocs/contrat/liste.php b/htdocs/contrat/liste.php index 85dcf946f29..a75fd875b53 100644 --- a/htdocs/contrat/liste.php +++ b/htdocs/contrat/liste.php @@ -68,9 +68,12 @@ $sql.= ' sum('.$db->ifsql("cd.statut=4 AND cd.date_fin_validite > sysdate()",1,0 $sql.= ' sum('.$db->ifsql("cd.statut=4 AND (cd.date_fin_validite IS NULL OR cd.date_fin_validite <= sysdate())",1,0).') as nb_late,'; $sql.= ' sum('.$db->ifsql("cd.statut=5",1,0).') as nb_closed,'; $sql.= " c.rowid as cid, c.ref, c.datec, c.statut, s.nom, s.idp as sidp"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " WHERE c.fk_soc = s.idp "; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if ($search_nom) $sql.= " AND s.nom like '%".addslashes($search_nom)."%'"; if ($search_contract) $sql.= " AND c.rowid = '".addslashes($search_contract)."'"; if ($sall) $sql.= " AND (s.nom like '%".addslashes($sall)."%' OR cd.label like '%".addslashes($sall)."%' OR cd.description like '%".addslashes($sall)."%')"; diff --git a/htdocs/contrat/services.php b/htdocs/contrat/services.php index ca2c86bbf37..3fcc664a3a7 100644 --- a/htdocs/contrat/services.php +++ b/htdocs/contrat/services.php @@ -63,6 +63,7 @@ llxHeader(); $sql = "SELECT s.nom, c.rowid as cid, s.idp as sidp, cd.rowid, cd.label, cd.statut, p.rowid as pid,"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " sc.fk_soc, sc.fk_user,"; $sql.= " ".$db->pdate("cd.date_ouverture_prevue")." as date_ouverture_prevue,"; $sql.= " ".$db->pdate("cd.date_ouverture")." as date_ouverture,"; $sql.= " ".$db->pdate("cd.date_fin_validite")." as date_fin_validite,"; @@ -70,9 +71,11 @@ $sql.= " ".$db->pdate("cd.date_cloture")." as date_cloture"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql.= " , ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."product as p"; $sql.= " , ".MAIN_DB_PREFIX."contratdet as cd"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.statut > 0"; $sql.= " AND c.rowid = cd.fk_contrat"; $sql.= " AND c.fk_soc = s.idp AND cd.fk_product = p.rowid"; +if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if ($mode == "0") $sql.= " AND cd.statut = 0"; if ($mode == "4") $sql.= " AND cd.statut = 4"; if ($mode == "5") $sql.= " AND cd.statut = 5";