From d1ae66dd1158d97c88a1ce1fc1837778e09a9b26 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Wed, 9 Nov 2022 12:37:00 +0100 Subject: [PATCH 01/13] Fix issue variables whithread and errors --- htdocs/core/class/html.formticket.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 0e5e6ff9e7c..b796215cd29 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -126,7 +126,7 @@ class FormTicket $this->withcompany = isModEnabled("societe"); $this->withfromsocid = 0; $this->withfromcontactid = 0; - //$this->withreadid=0; + $this->withreadid=0; //$this->withtitletopic=''; $this->withnotifytiersatcreate = 0; $this->withusercreate = 1; @@ -1394,7 +1394,7 @@ class FormTicket $result = $formmail->fetchAllEMailTemplate($this->param["models"], $user, $outputlangs); if ($result < 0) { - setEventMessages($this->error, $this->errors, 'errors'); + setEventMessage($this->error, 'errors'); } $modelmail_array = array(); foreach ($formmail->lines_model as $line) { From 628ec01daede88ff35652a02f8e184c4ccecb0eb Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Wed, 9 Nov 2022 18:20:21 +0100 Subject: [PATCH 02/13] fix issue after PR --- htdocs/core/class/html.formticket.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index b796215cd29..8611417f0e3 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -81,6 +81,7 @@ class FormTicket public $withtitletopic; public $withtopicreadonly; public $withreadid; + public $withcompany; // to show company drop-down list public $withfromsocid; public $withfromcontactid; @@ -108,6 +109,7 @@ class FormTicket * @var string Error code (or message) */ public $error; + public $errors = array(); /** @@ -1394,7 +1396,7 @@ class FormTicket $result = $formmail->fetchAllEMailTemplate($this->param["models"], $user, $outputlangs); if ($result < 0) { - setEventMessage($this->error, 'errors'); + setEventMessages($this->error, $this->errors, 'errors'); } $modelmail_array = array(); foreach ($formmail->lines_model as $line) { From e7fde14c7a923d9369ae50bd764882b59c13d265 Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Wed, 9 Nov 2022 18:24:46 +0100 Subject: [PATCH 03/13] fix issue after PR --- htdocs/core/class/html.formticket.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 8611417f0e3..c41d0739269 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -133,7 +133,7 @@ class FormTicket $this->withnotifytiersatcreate = 0; $this->withusercreate = 1; $this->withcreatereadonly = 1; - $this->withemail = 0; + //$this->withemail = 0; $this->withref = 0; $this->withextrafields = 0; // to show extrafields or not //$this->withtopicreadonly=0; From 58a66ca8a6c5d75804889faddfc002f38c999d4d Mon Sep 17 00:00:00 2001 From: Lamrani Abdel Date: Mon, 14 Nov 2022 16:19:21 +0100 Subject: [PATCH 04/13] uncomment attribute withemail in the constuct --- htdocs/core/class/html.formticket.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index c41d0739269..8611417f0e3 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -133,7 +133,7 @@ class FormTicket $this->withnotifytiersatcreate = 0; $this->withusercreate = 1; $this->withcreatereadonly = 1; - //$this->withemail = 0; + $this->withemail = 0; $this->withref = 0; $this->withextrafields = 0; // to show extrafields or not //$this->withtopicreadonly=0; From cacce73d9a418572d32f99be31198b0728c83de8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 11:00:33 +0100 Subject: [PATCH 05/13] Doc --- dev/setup/apache/virtualhost | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/dev/setup/apache/virtualhost b/dev/setup/apache/virtualhost index 8c7682fe3d9..7508bbca171 100644 --- a/dev/setup/apache/virtualhost +++ b/dev/setup/apache/virtualhost @@ -3,7 +3,14 @@ #php_admin_value mail.force_extra_parameters "-f postmaster@mydomain.com" php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f postmaster@mydomain.com" php_admin_value open_basedir /tmp/:/home/.../htdocs:/home/.../dolibarr_documents: + + # Add this to use a custom apparmor profile when using apache php handler + + AADefaultHatName sellyoursaas-instances + + + ServerName myvirtualalias ServerAlias myvirtualalias @@ -82,9 +89,9 @@ # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. - SSLCertificateFile /etc/letsencrypt/live/www.mydomain.com/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/www.mydomain.com/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/www.mydomain.com/chain.pem + #SSLCertificateFile /etc/letsencrypt/live/www.mydomain.com/cert.pem + #SSLCertificateKeyFile /etc/letsencrypt/live/www.mydomain.com/privkey.pem + #SSLCertificateChainFile /etc/letsencrypt/live/www.mydomain.com/chain.pem #RewriteEngine on #RewriteCond %{SERVER_PORT} ^80$ From 4280b8bc028b0927469c296fa4eb393b7593e51f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 13:09:17 +0100 Subject: [PATCH 06/13] Debug v17 --- htdocs/core/class/html.formticket.class.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 1d7af10ef14..06e00317f01 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -339,20 +339,18 @@ class FormTicket // Subject if ($this->withtitletopic) { print ''; - // Answer to a ticket : display of the thread title in readonly if ($this->withtopicreadonly) { print $langs->trans('SubjectAnswerToTicket').' '.$this->topic_title; - print ''; } else { - if (isset($this->withreadid) && $this->withreadid > 0) { + if (isset($this->withreadid) && $this->withreadid > 0) { $subject = $langs->trans('SubjectAnswerToTicket').' '.$this->withreadid.' : '.$this->topic_title.''; } else { $subject = GETPOST('subject', 'alpha'); } print ''; - print ''; } + print ''; } if (!empty($conf->knowledgemanagement->enabled)) { From 1c287297c018add17ebfd9be2b591e0778555f84 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 13:49:02 +0100 Subject: [PATCH 07/13] Fix duplicate data c_action_trigger and c_tva --- htdocs/install/mysql/data/llx_c_action_trigger.sql | 5 +---- htdocs/install/mysql/data/llx_c_tva.sql | 1 - 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/htdocs/install/mysql/data/llx_c_action_trigger.sql b/htdocs/install/mysql/data/llx_c_action_trigger.sql index 83d4bb6e775..9aa28c116c8 100644 --- a/htdocs/install/mysql/data/llx_c_action_trigger.sql +++ b/htdocs/install/mysql/data/llx_c_action_trigger.sql @@ -119,9 +119,6 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_APPROVE','Expense report approved','Executed when an expense report is approved','expensereport',203); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_PAID','Expense report billed','Executed when an expense report is set as billed','expensereport',204); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('EXPENSE_REPORT_DELETE','Expense report deleted','Executed when an expense report is deleted','expensereport',205); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_VALIDATE','Expense report validated','Executed when an expense report is validated','expensereport',211); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_MODIFY','Expense report modified','Executed when an expense report is modified','expensereport',212); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Expense report approved','Executed when an expense report is approved','expensereport',212); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_CREATE','Project creation','Executed when a project is created','project',140); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_VALIDATE','Project validation','Executed when a project is validated','project',141); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_MODIFY','Project modified','Executed when a project is modified','project',142); @@ -172,7 +169,7 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_CREATE','Holiday created','Executed when a holiday is created','holiday',800); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_MODIFY','Holiday modified','Executed when a holiday is modified','holiday',801); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_VALIDATE','Holiday validated','Executed when a holiday is validated','holiday',802); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Holiday aprouved','Executed when a holiday is aprouved','holiday',803); +insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_APPROVE','Holiday approved','Executed when a holiday is aprouved','holiday',803); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_CANCEL','Holiday canceled','Executed when a holiday is canceled','holiday',802); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('HOLIDAY_DELETE','Holiday deleted','Executed when a holiday is deleted','holiday',804); diff --git a/htdocs/install/mysql/data/llx_c_tva.sql b/htdocs/install/mysql/data/llx_c_tva.sql index d78fea4ad4d..6c96cb46605 100644 --- a/htdocs/install/mysql/data/llx_c_tva.sql +++ b/htdocs/install/mysql/data/llx_c_tva.sql @@ -137,7 +137,6 @@ insert into llx_c_tva(rowid,fk_pays,taux,code,recuperableonly,localtax1,localtax -- GERMANY (id country=5) insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 51, 5, '0','0','No VAT', 1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 52, 5, '7.0','0','ermäßigte USt.', 1); -insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 53, 5, '0.0','0','keine USt.', 1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 54, 5, '5.5','0','USt. Forst', 0); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 55, 5, '10.7','0','USt. Landwirtschaft', 0); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values ( 56, 5, '19.0','0','allgemeine Ust.',1); From 78e1e6be8c23d2de8c07067b0a42d615794fe5e9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 14:09:08 +0100 Subject: [PATCH 08/13] Remove default deprecated constant --- htdocs/install/mysql/data/llx_const.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/data/llx_const.sql b/htdocs/install/mysql/data/llx_const.sql index 61c7336f48b..06463207069 100644 --- a/htdocs/install/mysql/data/llx_const.sql +++ b/htdocs/install/mysql/data/llx_const.sql @@ -35,7 +35,7 @@ insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_NOT_INSTALLED','1','chaine','Setup is running',1,0); insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_FEATURES_LEVEL','0','chaine','Level of features to show: -1=stable+deprecated, 0=stable only (default), 1=stable+experimental, 2=stable+experimental+development',1,0); insert into llx_const (name, value, type, note, visible, entity) values ('MAILING_LIMIT_SENDBYWEB','25','chaine','Number of targets to defined packet size when sending mass email',1,0); -insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_ENABLE_LOG_TO_HTML','0','chaine','If this option is set to 1, it is possible to see log output at end of HTML sources by adding paramater logtohtml=1 on URL. Module log must also be enabled.',1,0); +--insert into llx_const (name, value, type, note, visible, entity) values ('MAIN_ENABLE_LOG_TO_HTML','0','chaine','If this option is set to 1, it is possible to see log output at end of HTML sources by adding paramater logtohtml=1 on URL. Module log must also be enabled.',1,0); -- Hidden and common to all entities insert into llx_const (name, value, type, note, visible, entity) values ('SYSLOG_HANDLERS','["mod_syslog_file"]','chaine','Which logger to use',0,0); From 17b541ab5e550140b61b3c195fde012c3299588c Mon Sep 17 00:00:00 2001 From: Florent Poinsaut <1256948+FlorentPoinsaut@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:38:42 +0100 Subject: [PATCH 09/13] Fix uninitialized var [php:error] [pid 9969] [client 172.18.0.2:60266] PHP Fatal error: Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in /var/www/html/admin/oauth.php:153\nStack trace:\n#0 {main}\n thrown in /var/www/html/admin/oauth.php on line 153, referer: https://erp.hype-assets.eu/admin/oauthlogintokens.php --- htdocs/admin/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index 6bf59508d11..64968b1a516 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -210,7 +210,7 @@ print dol_get_fiche_end(); print ''; - +$listinsetup = []; // Define $listinsetup foreach ($conf->global as $key => $val) { if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) { From 9002d5002f269751e15ddd89bebb25a1ef92dac6 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 15 Nov 2022 15:18:17 +0100 Subject: [PATCH 10/13] fix : php 8.1 warnings --- htdocs/adherents/card.php | 46 +++++++++---------- htdocs/adherents/document.php | 10 ++-- htdocs/adherents/list.php | 12 ++--- htdocs/adherents/note.php | 10 ++-- htdocs/adherents/type.php | 10 ++-- htdocs/adherents/type_translation.php | 4 +- htdocs/admin/mails_templates.php | 2 +- htdocs/core/boxes/box_birthdays_members.php | 2 +- .../core/boxes/box_dolibarr_state_board.php | 14 +++--- .../boxes/box_graph_new_vs_close_ticket.php | 2 +- .../boxes/box_graph_ticket_by_severity.php | 2 +- .../core/boxes/box_last_modified_ticket.php | 2 +- htdocs/cron/class/cronjob.class.php | 4 +- htdocs/hrm/index.php | 2 +- htdocs/hrm/skill_tab.php | 4 +- htdocs/public/partnership/new.php | 4 +- htdocs/public/recruitment/index.php | 1 + 17 files changed, 66 insertions(+), 65 deletions(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index c47321dbf7c..66a75b0b804 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -98,14 +98,14 @@ if ($id > 0 || !empty($ref)) { $result = $object->fetch($id, $ref); // Define variables to know what current user can do on users - $canadduser = ($user->admin || $user->rights->user->user->creer); + $canadduser = ($user->admin || $user->hasRight('user', 'user', 'creer')); // Define variables to know what current user can do on properties of user linked to edited member if ($object->user_id) { // $User is the user who edits, $object->user_id is the id of the related user in the edited member - $caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer) - || (($user->id != $object->user_id) && $user->rights->user->user->creer)); - $caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password) - || (($user->id != $object->user_id) && $user->rights->user->user->password)); + $caneditfielduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'creer')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer'))); + $caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password'))); } } @@ -154,9 +154,9 @@ if (empty($reshook)) { $action = ''; } - if ($action == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer)) { + if ($action == 'setuserid' && ($user->hasRight('user', 'self', 'creer') || $user->hasRight('user', 'user', 'creer'))) { $error = 0; - if (empty($user->rights->user->user->creer)) { // If can edit only itself user, we can link to itself only + if (empty($user->hasRight('user', 'user', 'creer'))) { // If can edit only itself user, we can link to itself only if ($userid != $user->id && $userid != $object->user_id) { $error++; setEventMessages($langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly"), null, 'errors'); @@ -206,7 +206,7 @@ if (empty($reshook)) { } // Create user from a member - if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->rights->user->user->creer) { + if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->hasRight('user', 'user', 'creer')) { if ($result > 0) { // Creation user $nuser = new User($db); @@ -230,7 +230,7 @@ if (empty($reshook)) { } // Create third party from a member - if ($action == 'confirm_create_thirdparty' && $confirm == 'yes' && $user->rights->societe->creer) { + if ($action == 'confirm_create_thirdparty' && $confirm == 'yes' && $user->hasRight('societe', 'creer')) { if ($result > 0) { // User creation $company = new Societe($db); @@ -617,7 +617,7 @@ if (empty($reshook)) { } } - if ($user->rights->adherent->supprimer && $action == 'confirm_delete' && $confirm == 'yes') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_delete' && $confirm == 'yes') { $result = $object->delete($id, $user); if ($result > 0) { if (!empty($backtopage)) { @@ -706,7 +706,7 @@ if (empty($reshook)) { $action = ''; } - if ($user->rights->adherent->supprimer && $action == 'confirm_resiliate') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_resiliate') { $error = 0; if ($confirm == 'yes') { @@ -777,7 +777,7 @@ if (empty($reshook)) { } } - if ($user->rights->adherent->supprimer && $action == 'confirm_exclude') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_exclude') { $error = 0; if ($confirm == 'yes') { @@ -849,7 +849,7 @@ if (empty($reshook)) { } // SPIP Management - if ($user->rights->adherent->supprimer && $action == 'confirm_del_spip' && $confirm == 'yes') { + if ($user->hasRight('adherent', 'supprimer') && $action == 'confirm_del_spip' && $confirm == 'yes') { if (!count($object->errors)) { if (!$mailmanspip->del_to_spip($object)) { setEventMessages($langs->trans('DeleteIntoSpipError').': '.$mailmanspip->error, null, 'errors'); @@ -1118,7 +1118,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "\n"; // Categories - if (isModEnabled('categorie') && !empty($user->rights->categorie->lire)) { + if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { print ''.$form->editfieldkey("Categories", 'memcats', '', $object, 0).''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_MEMBER, null, 'parent', null, null, 1); print img_picto('', 'category').$form->multiselectarray('memcats', $cate_arbo, GETPOST('memcats', 'array'), null, null, 'quatrevingtpercent widthcentpercentminusx', 0, 0); @@ -1367,7 +1367,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "\n"; // Categories - if (isModEnabled('categorie') && !empty($user->rights->categorie->lire)) { + if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { print ''.$form->editfieldkey("Categories", 'memcats', '', $object, 0).''; print ''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_MEMBER, null, null, null, null, 1); @@ -1793,7 +1793,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; // Tags / Categories - if (isModEnabled('categorie') && !empty($user->rights->categorie->lire)) { + if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { print ''; print '"; diff --git a/htdocs/adherents/type_translation.php b/htdocs/adherents/type_translation.php index 33c93704b80..9539250cb44 100644 --- a/htdocs/adherents/type_translation.php +++ b/htdocs/adherents/type_translation.php @@ -190,7 +190,7 @@ print dol_get_fiche_end(); print "\n
\n"; if ($action == '') { - if ($user->rights->produit->creer || $user->rights->service->creer) { + if ($user->hasRight('produit', 'creer') || $user->hasRight('service', 'creer')) { print ''.$langs->trans("Add").''; if ($cnt_trans > 0) { print ''.$langs->trans("Update").''; @@ -271,7 +271,7 @@ if ($action == 'edit') { * Form to add a new translation */ -if ($action == 'create' && $user->rights->adherent->configurer) { +if ($action == 'create' && $user->hasRight('adherent', 'configurer')) { //WYSIWYG Editor require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php index 5a4eac7bcca..999bfecf562 100644 --- a/htdocs/admin/mails_templates.php +++ b/htdocs/admin/mails_templates.php @@ -366,7 +366,7 @@ if (empty($reshook)) { // List of values $i = 0; foreach ($listfieldinsert as $f => $value) { - $keycode = $listfieldvalue[$i]; + $keycode = isset($listfieldvalue[$i]) ? $listfieldvalue[$i] : ""; if ($value == 'lang') { $keycode = 'langcode'; } diff --git a/htdocs/core/boxes/box_birthdays_members.php b/htdocs/core/boxes/box_birthdays_members.php index df8e51f348f..fc8dc4c6745 100644 --- a/htdocs/core/boxes/box_birthdays_members.php +++ b/htdocs/core/boxes/box_birthdays_members.php @@ -60,7 +60,7 @@ class box_birthdays_members extends ModeleBoxes $this->db = $db; - $this->hidden = !($user->rights->adherent->lire && empty($user->socid)); + $this->hidden = !($user->hasRight("adherent", "lire") && empty($user->socid)); } /** diff --git a/htdocs/core/boxes/box_dolibarr_state_board.php b/htdocs/core/boxes/box_dolibarr_state_board.php index 0f63582370c..9a2e94b8a1d 100644 --- a/htdocs/core/boxes/box_dolibarr_state_board.php +++ b/htdocs/core/boxes/box_dolibarr_state_board.php @@ -113,12 +113,12 @@ class box_dolibarr_state_board extends ModeleBoxes ); $conditions = array( 'users' => $user->hasRight('user', 'user', 'lire'), - 'members' => isModEnabled('adherent') && $user->rights->adherent->lire, + 'members' => isModEnabled('adherent') && $user->hasRight('adherent', 'lire'), 'customers' => isModEnabled('societe') && $user->hasRight('societe', 'lire') && empty($conf->global->SOCIETE_DISABLE_CUSTOMERS) && empty($conf->global->SOCIETE_DISABLE_CUSTOMERS_STATS), 'prospects' => isModEnabled('societe') && $user->hasRight('societe', 'lire') && empty($conf->global->SOCIETE_DISABLE_PROSPECTS) && empty($conf->global->SOCIETE_DISABLE_PROSPECTS_STATS), - 'suppliers' => ((isModEnabled("fournisseur") && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->rights->fournisseur->lire) - || (isModEnabled("supplier_order") && $user->rights->supplier_order->lire) - || (isModEnabled("supplier_invoice") && $user->rights->supplier_invoice->lire) + 'suppliers' => ((isModEnabled("fournisseur") && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->hasRight('fournisseur', 'lire')) + || (isModEnabled("supplier_order") && $user->hasRight('supplier_order', 'lire')) + || (isModEnabled("supplier_invoice") && $user->hasRight('supplier_invoice', 'lire')) ) && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_STATS), 'contacts' => isModEnabled('societe') && $user->hasRight('societe', 'contact', 'lire'), @@ -130,9 +130,9 @@ class box_dolibarr_state_board extends ModeleBoxes 'donations' => isModEnabled('don') && $user->hasRight('don', 'lire'), 'contracts' => isModEnabled('contrat') && $user->hasRight('contrat', 'lire'), 'interventions' => isModEnabled('ficheinter') && $user->hasRight('ficheinter', 'lire'), - 'supplier_orders' => isModEnabled('supplier_order') && $user->rights->fournisseur->commande->lire && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_ORDERS_STATS), - 'supplier_invoices' => isModEnabled('supplier_invoice') && $user->rights->fournisseur->facture->lire && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_INVOICES_STATS), - 'supplier_proposals' => isModEnabled('supplier_proposal') && $user->rights->supplier_proposal->lire && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_PROPOSAL_STATS), + 'supplier_orders' => isModEnabled('supplier_order') && $user->hasRight('fournisseur', 'commande', 'lire') && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_ORDERS_STATS), + 'supplier_invoices' => isModEnabled('supplier_invoice') && $user->hasRight('fournisseur', 'facture', 'lire') && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_INVOICES_STATS), + 'supplier_proposals' => isModEnabled('supplier_proposal') && $user->hasRight('supplier_proposal', 'lire') && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_PROPOSAL_STATS), 'projects' => isModEnabled('project') && $user->hasRight('projet', 'lire'), 'expensereports' => isModEnabled('expensereport') && $user->hasRight('expensereport', 'lire'), 'holidays' => isModEnabled('holiday') && $user->hasRight('holiday', 'read'), diff --git a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php index 435cc76451e..e07fc4d3ba0 100644 --- a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php +++ b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php @@ -85,7 +85,7 @@ class box_graph_new_vs_close_ticket extends ModeleBoxes 'limit' => dol_strlen($text) ); - if ($user->rights->ticket->read) { + if ($user->hasRight('ticket', 'read')) { $data = array(); $totalnb = 0; $sql = "SELECT COUNT(t.datec) as nb"; diff --git a/htdocs/core/boxes/box_graph_ticket_by_severity.php b/htdocs/core/boxes/box_graph_ticket_by_severity.php index c668894d991..b20a72e528c 100644 --- a/htdocs/core/boxes/box_graph_ticket_by_severity.php +++ b/htdocs/core/boxes/box_graph_ticket_by_severity.php @@ -99,7 +99,7 @@ class box_graph_ticket_by_severity extends ModeleBoxes $listofopplabel = array(); $listofoppcode = array(); $colorseriesstat = array(); - if ($user->rights->ticket->read) { + if ($user->hasRight('ticket', 'read')) { $sql = "SELECT cts.rowid, cts.label, cts.code"; $sql .= " FROM " . MAIN_DB_PREFIX . "c_ticket_severity as cts"; $sql .= " WHERE cts.active = 1"; diff --git a/htdocs/core/boxes/box_last_modified_ticket.php b/htdocs/core/boxes/box_last_modified_ticket.php index 311f76e5011..2813a7c3d5b 100644 --- a/htdocs/core/boxes/box_last_modified_ticket.php +++ b/htdocs/core/boxes/box_last_modified_ticket.php @@ -84,7 +84,7 @@ class box_last_modified_ticket extends ModeleBoxes 'text' => $langs->trans("BoxLastModifiedTicketContent"), ); - if ($user->rights->ticket->read) { + if ($user->hasRight('ticket', 'read')) { $sql = "SELECT t.rowid as id, t.ref, t.track_id, t.fk_soc, t.fk_user_create, t.fk_user_assign, t.subject, t.message, t.fk_statut, t.type_code, t.category_code, t.severity_code, t.datec, t.tms as datem, t.date_read, t.date_close, t.origin_email "; $sql .= ", type.label as type_label, category.label as category_label, severity.label as severity_label"; $sql .= ", s.nom as company_name, s.email as socemail, s.client, s.fournisseur"; diff --git a/htdocs/cron/class/cronjob.class.php b/htdocs/cron/class/cronjob.class.php index 8f4b32ae502..d26c83f4772 100644 --- a/htdocs/cron/class/cronjob.class.php +++ b/htdocs/cron/class/cronjob.class.php @@ -1262,13 +1262,13 @@ class Cronjob extends CommonObject dol_syslog(get_class($this)."::run_jobs END result=".$result." error=".$errmsg, LOG_ERR); $this->error = $errmsg; - $this->lastoutput = ($object->output ? $object->output."\n" : "").$errmsg; + $this->lastoutput = (!empty($object->output) ? $object->output."\n" : "").$errmsg; $this->lastresult = is_numeric($result) ? $result : -1; $retval = $this->lastresult; $error++; } else { dol_syslog(get_class($this)."::run_jobs END"); - $this->lastoutput = $object->output; + $this->lastoutput = (!empty($object->output) ? $object->output : ""); $this->lastresult = var_export($result, true); $retval = $this->lastresult; } diff --git a/htdocs/hrm/index.php b/htdocs/hrm/index.php index 05967606a8e..d81044d4a23 100644 --- a/htdocs/hrm/index.php +++ b/htdocs/hrm/index.php @@ -187,7 +187,7 @@ print '
'; // Latest leave requests -if (isModEnabled('holiday') && $user->rights->holiday->read) { +if (isModEnabled('holiday') && $user->hasRight('holiday', 'read')) { $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.login, u.email, u.photo, u.statut as user_status,"; $sql .= " x.rowid, x.ref, x.fk_type, x.date_debut as date_start, x.date_fin as date_end, x.halfday, x.tms as dm, x.statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."holiday as x, ".MAIN_DB_PREFIX."user as u"; diff --git a/htdocs/hrm/skill_tab.php b/htdocs/hrm/skill_tab.php index d479a843776..1682d304fbb 100644 --- a/htdocs/hrm/skill_tab.php +++ b/htdocs/hrm/skill_tab.php @@ -74,8 +74,8 @@ $hookmanager->initHooks(array('skilltab', 'globalcard')); // Note that conf->hoo include DOL_DOCUMENT_ROOT . '/core/actions_fetchobject.inc.php'; // Must be include, not include_once. // Permissions -$permissiontoread = $user->rights->hrm->all->read; -$permissiontoadd = $user->rights->hrm->all->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php +$permissiontoread = $user->hasRight('hrm', 'all', 'read'); +$permissiontoadd = $user->hasRight('hrm', 'all', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/public/partnership/new.php b/htdocs/public/partnership/new.php index 68e9034a761..5064ec68695 100644 --- a/htdocs/public/partnership/new.php +++ b/htdocs/public/partnership/new.php @@ -502,7 +502,7 @@ if (empty($reshook) && $action == 'added') { $form = new Form($db); $formcompany = new FormCompany($db); -$extrafields->fetch_name_optionals_label($partnership->table_element); // fetch optionals attributes and labels +$extrafields->fetch_name_optionals_label($object->table_element); // fetch optionals attributes and labels llxHeaderVierge($langs->trans("NewPartnershipRequest")); @@ -518,7 +518,7 @@ print '
'; if (!empty($conf->global->PARTNERSHIP_NEWFORM_TEXT)) { print $langs->trans($conf->global->PARTNERSHIP_NEWFORM_TEXT)."
\n"; } else { - print $langs->trans("NewPartnershipRequestDesc", $conf->global->MAIN_INFO_SOCIETE_MAIL)."
\n"; + print $langs->trans("NewPartnershipRequestDesc", getDolGlobalString("MAIN_INFO_SOCIETE_MAIL"))."
\n"; } print '
'; diff --git a/htdocs/public/recruitment/index.php b/htdocs/public/recruitment/index.php index bb135d54d50..23a180b9a7b 100644 --- a/htdocs/public/recruitment/index.php +++ b/htdocs/public/recruitment/index.php @@ -171,6 +171,7 @@ if (!empty($conf->global->RECRUITMENT_IMAGE_PUBLIC_INTERFACE)) { $results = $object->fetchAll($sortfield, $sortorder, 0, 0, array('status' => 1)); +$now = dol_now(); if (is_array($results)) { if (empty($results)) { From 1b8fd261d31c2c5627e5f25c6494d50a58da35cc Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 15 Nov 2022 15:41:47 +0100 Subject: [PATCH 11/13] update --- htdocs/adherents/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 66a75b0b804..1c564aa9bf0 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -156,7 +156,7 @@ if (empty($reshook)) { if ($action == 'setuserid' && ($user->hasRight('user', 'self', 'creer') || $user->hasRight('user', 'user', 'creer'))) { $error = 0; - if (empty($user->hasRight('user', 'user', 'creer'))) { // If can edit only itself user, we can link to itself only + if (!$user->hasRight('user', 'user', 'creer')) { // If can edit only itself user, we can link to itself only if ($userid != $user->id && $userid != $object->user_id) { $error++; setEventMessages($langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly"), null, 'errors'); From 73db58a700b97a7bc85263c91e00485bf71f6791 Mon Sep 17 00:00:00 2001 From: FLIO Date: Tue, 15 Nov 2022 17:10:04 +0100 Subject: [PATCH 12/13] Fix(Scrutinizer) add public --- htdocs/comm/propal/class/propal.class.php | 5 +++++ htdocs/core/class/commonorder.class.php | 5 +++++ htdocs/reception/class/reception.class.php | 5 +++++ 3 files changed, 15 insertions(+) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index d9b7147fefa..8c6bf7eaea5 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -53,6 +53,11 @@ class Propal extends CommonObject { use CommonIncoterm; + /** + * @var string code + */ + public $code = ""; + /** * @var string ID to identify managed object */ diff --git a/htdocs/core/class/commonorder.class.php b/htdocs/core/class/commonorder.class.php index 870d4c1d8df..966d7963d7c 100644 --- a/htdocs/core/class/commonorder.class.php +++ b/htdocs/core/class/commonorder.class.php @@ -31,6 +31,11 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/commonincoterm.class.php'; abstract class CommonOrder extends CommonObject { use CommonIncoterm; + + /** + * @var string code + */ + public $code = ""; } /** diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index ebb50154eda..0bff44a13d9 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -50,6 +50,11 @@ class Reception extends CommonObject { use CommonIncoterm; + /** + * @var string code + */ + public $code = ""; + /** * @var string element name */ From a17c9d5d36d7f5bdc4177e66f626e9426557f604 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Nov 2022 22:23:10 +0100 Subject: [PATCH 13/13] Fix perf index --- htdocs/install/mysql/tables/llx_projet.key.sql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/install/mysql/tables/llx_projet.key.sql b/htdocs/install/mysql/tables/llx_projet.key.sql index 4b9dd008943..26869454c41 100644 --- a/htdocs/install/mysql/tables/llx_projet.key.sql +++ b/htdocs/install/mysql/tables/llx_projet.key.sql @@ -22,4 +22,8 @@ ALTER TABLE llx_projet ADD UNIQUE INDEX uk_projet_ref (ref, entity); ALTER TABLE llx_projet ADD INDEX idx_projet_fk_soc (fk_soc); +ALTER TABLE llx_projet ADD INDEX idx_projet_ref (ref); +ALTER TABLE llx_projet ADD INDEX idx_projet_fk_statut (fk_statut); +ALTER TABLE llx_projet ADD INDEX idx_projet_fk_opp_status (fk_opp_status); + ALTER TABLE llx_projet ADD CONSTRAINT fk_projet_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid);
'.$langs->trans("Categories").''; print $form->showCategories($object->id, Categorie::TYPE_MEMBER, 1); @@ -1862,7 +1862,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Login Dolibarr - Link to user print '
'; - $editenable = $user->hasRight('adherent', 'creer') && $user->rights->user->user->creer; + $editenable = $user->hasRight('adherent', 'creer') && $user->hasRight('user', 'user', 'creer'); print $form->editfieldkey('LinkedToDolibarrUser', 'login', '', $object, $editenable); print ''; if ($action == 'editlogin') { @@ -1944,7 +1944,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Resiliate if (Adherent::STATUS_VALIDATED == $object->statut) { - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.$langs->trans("Resiliate")."\n"; } else { print ''.$langs->trans("Resiliate").''."\n"; @@ -1953,7 +1953,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Exclude if (Adherent::STATUS_VALIDATED == $object->statut) { - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.$langs->trans("Exclude")."\n"; } else { print ''.$langs->trans("Exclude").''."\n"; @@ -1962,7 +1962,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Create third party if (isModEnabled('societe') && !$object->socid) { - if ($user->rights->societe->creer) { + if ($user->hasRight('societe', 'creer')) { if (Adherent::STATUS_DRAFT != $object->statut) { print ''.$langs->trans("CreateDolibarrThirdParty").''."\n"; } else { @@ -1975,7 +1975,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Create user if (!$user->socid && !$object->user_id) { - if ($user->rights->user->user->creer) { + if ($user->hasRight('user', 'user', 'creer')) { if (Adherent::STATUS_DRAFT != $object->statut) { print ''.$langs->trans("CreateDolibarrLogin").''."\n"; } else { @@ -1999,7 +1999,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } // Delete - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.$langs->trans("Delete").''."\n"; } else { print ''.$langs->trans("Delete").''."\n"; @@ -2026,7 +2026,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member'); $urlsource = $_SERVER['PHP_SELF'].'?id='.$object->id; - $genallowed = $user->rights->adherent->lire; + $genallowed = $user->hasRight('adherent', 'lire'); $delallowed = $user->hasRight('adherent', 'creer'); print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', (empty($object->default_lang) ? '' : $object->default_lang), '', $object); diff --git a/htdocs/adherents/document.php b/htdocs/adherents/document.php index 37d6e72a97e..4517bee15c6 100644 --- a/htdocs/adherents/document.php +++ b/htdocs/adherents/document.php @@ -76,14 +76,14 @@ if ($id > 0 || !empty($ref)) { $result = $object->fetch($id, $ref); // Define variables to know what current user can do on users - $canadduser = ($user->admin || $user->rights->user->user->creer); + $canadduser = ($user->admin || $user->hasRight('user', 'user', 'creer')); // Define variables to know what current user can do on properties of user linked to edited member if ($object->user_id) { // $User is the user who edits, $object->user_id is the id of the related user in the edited member - $caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer) - || (($user->id != $object->user_id) && $user->rights->user->user->creer)); - $caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password) - || (($user->id != $object->user_id) && $user->rights->user->user->password)); + $caneditfielduser = ((($user->id == $object->user_id) && $$user->hasRight('user', 'self', 'creer')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer'))); + $caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password'))); } } diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 394a650d7ee..2e54ed03db8 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -300,8 +300,8 @@ if (empty($reshook)) { // Mass actions $objectclass = 'Adherent'; $objectlabel = 'Members'; - $permissiontoread = $user->rights->adherent->lire; - $permissiontodelete = $user->rights->adherent->supprimer; + $permissiontoread = $user->hasRight('adherent', 'lire'); + $permissiontodelete = $user->hasRight('adherent', 'supprimer'); $permissiontoadd = $user->hasRight('adherent', 'creer'); $uploaddir = $conf->adherent->dir_output; include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; @@ -614,13 +614,13 @@ $arrayofmassactions = array( if ($user->hasRight('adherent', 'creer')) { $arrayofmassactions['close'] = img_picto('', 'close_title', 'class="pictofixedwidth"').$langs->trans("Resiliate"); } -if ($user->rights->adherent->supprimer) { +if ($user->hasRight('adherent', 'supprimer')) { $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete"); } -if (isModEnabled('category') && $user->rights->adherent->creer) { +if (isModEnabled('category') && $user->hasRight('adherent', 'creer')) { $arrayofmassactions['preaffecttag'] = img_picto('', 'category', 'class="pictofixedwidth"').$langs->trans("AffectTag"); } -if ($user->hasRight('adherent', 'creer') && $user->rights->user->user->creer) { +if ($user->hasRight('adherent', 'creer') && $user->hasRight('user', 'user', 'creer')) { $arrayofmassactions['createexternaluser'] = img_picto('', 'user', 'class="pictofixedwidth"').$langs->trans("CreateExternalUser"); } if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete', 'preaffecttag'))) { @@ -661,7 +661,7 @@ if ($sall) { // Filter on categories $moreforfilter = ''; -if (isModEnabled('categorie') && $user->rights->categorie->lire) { +if (isModEnabled('categorie') && $user->hasRight('categorie', 'lire')) { require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; $moreforfilter .= '
'; $moreforfilter .= img_picto($langs->trans('Categories'), 'category', 'class="pictofixedlength"').$formother->select_categories(Categorie::TYPE_MEMBER, $search_categ, 'search_categ', 1, $langs->trans("MembersCategoriesShort")); diff --git a/htdocs/adherents/note.php b/htdocs/adherents/note.php index 938ab368ae1..4d3bc4dd638 100644 --- a/htdocs/adherents/note.php +++ b/htdocs/adherents/note.php @@ -59,14 +59,14 @@ if ($id > 0 || !empty($ref)) { $result = $object->fetch($id, $ref); // Define variables to know what current user can do on users - $canadduser = ($user->admin || $user->rights->user->user->creer); + $canadduser = ($user->admin || $user->hasRight('user', 'user', 'creer')); // Define variables to know what current user can do on properties of user linked to edited member if ($object->user_id) { // $User is the user who edits, $object->user_id is the id of the related user in the edited member - $caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer) - || (($user->id != $object->user_id) && $user->rights->user->user->creer)); - $caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password) - || (($user->id != $object->user_id) && $user->rights->user->user->password)); + $caneditfielduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'creer')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer'))); + $caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password')) + || (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password'))); } } diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php index fcdb643a006..257e7266e5a 100644 --- a/htdocs/adherents/type.php +++ b/htdocs/adherents/type.php @@ -118,7 +118,7 @@ if ($cancel) { } } -if ($action == 'add' && $user->rights->adherent->configurer) { +if ($action == 'add' && $user->hasRight('adherent', 'configurer')) { $object->label = trim($label); $object->morphy = trim($morphy); $object->status = (int) $status; @@ -505,19 +505,19 @@ if ($rowid > 0) { print '
'; // Edit - if ($user->rights->adherent->configurer) { + if ($user->hasRight('adherent', 'configurer')) { print '
'.$langs->trans("Modify").'
'; } // Add - if ($user->rights->adherent->configurer && !empty($object->status)) { + if ($user->hasRight('adherent', 'configurer')&& !empty($object->status)) { print '
'.$langs->trans("AddMember").'
'; } else { print '
'.$langs->trans("AddMember").'
'; } // Delete - if ($user->rights->adherent->configurer) { + if ($user->hasRight('adherent', 'configurer')) { print '
'.$langs->trans("DeleteType").'
'; } @@ -758,7 +758,7 @@ if ($rowid > 0) { if ($user->hasRight('adherent', 'creer')) { print ''.img_edit().''; } - if ($user->rights->adherent->supprimer) { + if ($user->hasRight('adherent', 'supprimer')) { print ''.img_picto($langs->trans("Resiliate"), 'disable.png').''; } print "