lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch '7.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source 
Conflicts:
	htdocs/accountancy/admin/account.php
	htdocs/core/modules/modStock.class.php
	htdocs/product/inventory/list.php
This commit is contained in:
Laurent Destailleur 2018-05-05 14:40:39 +02:00
commit 546da0ceda
19 changed files with 73 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/accountancy/admin/account.php
View File

@ -170,9 +170,9 @@ $pcgver = $conf->global->CHARTOFACCOUNTS;
$sql = "SELECT aa.rowid, aa.fk_pcg_version, aa.pcg_type, aa.pcg_subtype, aa.account_number, aa.account_parent , aa.label, aa.active, ";
$sql .= " a2.rowid as rowid2, a2.label as label2, a2.account_number as account_number2";
$sql .= " FROM " . MAIN_DB_PREFIX . "accounting_account as aa";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_system as asy ON aa.fk_pcg_version = asy.pcg_version";
if ($db->type == 'pgsql') $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as a2 ON a2.rowid = aa.account_parent";
else $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as a2 ON a2.rowid = aa.account_parent";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_system as asy ON aa.fk_pcg_version = asy.pcg_version AND aa.entity = " . $conf->entity;
if ($db->type == 'pgsql') $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as a2 ON a2.rowid = aa.account_parent AND a2.entity = " . $conf->entity;
else $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as a2 ON a2.rowid = aa.account_parent AND a2.entity = " . $conf->entity;
$sql .= " WHERE asy.rowid = " . $pcgver;
//print $sql;
if (strlen(trim($search_account))) $sql .= natural_search("aa.account_number", $search_account);

4
htdocs/accountancy/admin/journals_list.php
View File

@ -84,7 +84,7 @@ $tablib[35]= "DictionaryAccountancyJournal";
// Requests to extract data
$tabsql=array();
$tabsql[35]= "SELECT a.rowid as rowid, a.code as code, a.label, a.nature, a.active FROM ".MAIN_DB_PREFIX."accounting_journal as a";
$tabsql[35]= "SELECT a.rowid as rowid, a.code as code, a.label, a.nature, a.active FROM ".MAIN_DB_PREFIX."accounting_journal as a WHERE a.entity=".$conf->entity;
// Criteria to sort dictionaries
$tabsqlsort=array();
@ -100,7 +100,7 @@ $tabfieldvalue[35]= "code,label,nature";
// Nom des champs dans la table pour insertion d'un enregistrement
$tabfieldinsert=array();
$tabfieldinsert[35]= "code,label,nature";
$tabfieldinsert[35]= "code,label,nature,entity";
// Nom du rowid si le champ n'est pas de type autoincrement
// Example: "" if id field is "rowid" and has autoincrement on

14
htdocs/commande/card.php
View File

@ -28,9 +28,9 @@
*/
/**
* \file htdocs/commande/card.php
* \file htdocs/commande/card.php
* \ingroup commande
* \brief Page to show customer order
* \brief Page to show customer order
*/
require '../main.inc.php';
@ -68,6 +68,7 @@ $action = GETPOST('action', 'alpha');
$cancel = GETPOST('cancel', 'alpha');
$confirm = GETPOST('confirm', 'alpha');
$lineid = GETPOST('lineid', 'int');
$projectid = GETPOST('projectid', 'int');
$origin = GETPOST('origin', 'alpha');
$originid = (GETPOST('originid', 'int') ? GETPOST('originid', 'int') : GETPOST('origin_id', 'int')); // For backward compatibility
@ -220,7 +221,7 @@ if (empty($reshook))
// Link to a project
else if ($action == 'classin' && $user->rights->commande->creer)
{
$object->setProject(GETPOST('projectid'));
$object->setProject(GETPOST('projectid','int'));
}
// Add order
@ -251,8 +252,8 @@ if (empty($reshook))
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->source = GETPOST('source_id');
$object->fk_project = GETPOST('projectid');
$object->ref_client = GETPOST('ref_client');
$object->fk_project = GETPOST('projectid','int');
$object->ref_client = GETPOST('ref_client','alpha');
$object->modelpdf = GETPOST('model');
$object->cond_reglement_id = GETPOST('cond_reglement_id');
$object->mode_reglement_id = GETPOST('mode_reglement_id');
@ -1375,7 +1376,6 @@ if ($action == 'create' && $user->rights->commande->creer)
if ($socid > 0)
$res = $soc->fetch($socid);
$projectid = 0;
$remise_absolue = 0;
$currency_code = $conf->currency;
@ -1472,7 +1472,6 @@ if ($action == 'create' && $user->rights->commande->creer)
$remise_percent = $soc->remise_percent;
$remise_absolue = 0;
$dateorder = empty($conf->global->MAIN_AUTOFILL_DATE_ORDER)?-1:'';
$projectid = 0;
if (!empty($conf->multicurrency->enabled) && !empty($soc->multicurrency_code)) $currency_code = $soc->multicurrency_code;
@ -1480,7 +1479,6 @@ if ($action == 'create' && $user->rights->commande->creer)
$note_public = $object->getDefaultCreateValueFor('note_public');
}
print '<form name="crea_commande" action="' . $_SERVER["PHP_SELF"] . '" method="POST">';
print '<input type="hidden" name="token" value="' . $_SESSION ['newtoken'] . '">';
print '<input type="hidden" name="action" value="add">';

2
htdocs/compta/bank/various_payment/card.php
View File

@ -349,7 +349,7 @@ if ($action == 'create')
print '<div class="center">';
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
print ' &nbsp; ';
print '<input type="submit" class="button" name="cancel" value="'.$langs->trans("Cancel").'">';
print '<input type="button" class="button" value="'.$langs->trans("Cancel").'" onclick="javascript:history.go(-1)">';
print '</div>';
print '</form>';

1
htdocs/core/class/html.formaccounting.class.php
View File

@ -274,6 +274,7 @@ class FormAccounting extends Form
$sql .= " INNER JOIN " . MAIN_DB_PREFIX . "accounting_system as asy ON aa.fk_pcg_version = asy.pcg_version";
$sql .= " AND asy.rowid = " . $conf->global->CHARTOFACCOUNTS;
$sql .= " AND aa.active = 1";
$sql .= " AND aa.entity=".$conf->entity;
$sql .= " ORDER BY aa.account_number";
dol_syslog(get_class($this) . "::select_account", LOG_DEBUG);

3
htdocs/core/lib/functions.lib.php
View File

@ -4672,7 +4672,8 @@ function get_localtax($vatrate, $local, $thirdparty_buyer="", $thirdparty_seller
if ($local == 2)
{
if (! $mysoc->localtax2_assuj || (string) $vatratecleaned == "0") return 0;
//if (! $mysoc->localtax2_assuj || (string) $vatratecleaned == "0") return 0;
if (! $mysoc->localtax2_assuj) return 0; // If main vat is 0, IRPF may be different than 0.
if ($thirdparty_seller->id == $mysoc->id)
{
if (! $thirdparty_buyer->localtax2_assuj) return 0;

24
htdocs/core/menus/standard/eldy.lib.php
View File

@ -1281,18 +1281,18 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu
if (! empty($conf->stock->enabled))
{
$langs->load("stocks");
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
$newmenu->add("/product/inventory/list.php?leftmenu=stock", $langs->trans("Inventory"), 0, $user->rights->stock->lire, '', $mainmenu, 'stock');
$newmenu->add("/product/inventory/card.php?action=create", $langs->trans("NewInventory"), 1, $user->rights->stock->creer);
$newmenu->add("/product/inventory/list.php", $langs->trans("List"), 1, $user->rights->stock->lire);
}
else
{
$newmenu->add("/product/inventory/list.php?leftmenu=stock", $langs->trans("Inventory"), 0, $user->rights->stock->advance_inventory->read, '', $mainmenu, 'stock');
$newmenu->add("/product/inventory/card.php?action=create", $langs->trans("NewInventory"), 1, $user->rights->stock->advance_inventory->write);
$newmenu->add("/product/inventory/list.php", $langs->trans("List"), 1, $user->rights->stock->advance_inventory->read);
}
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
$newmenu->add("/product/inventory/list.php?leftmenu=stock", $langs->trans("Inventory"), 0, $user->rights->stock->lire, '', $mainmenu, 'stock');
$newmenu->add("/product/inventory/card.php?action=create", $langs->trans("NewInventory"), 1, $user->rights->stock->creer);
$newmenu->add("/product/inventory/list.php", $langs->trans("List"), 1, $user->rights->stock->lire);
}
else
{
$newmenu->add("/product/inventory/list.php?leftmenu=stock", $langs->trans("Inventory"), 0, $user->rights->stock->inventory_advance->read, '', $mainmenu, 'stock');
$newmenu->add("/product/inventory/card.php?action=create", $langs->trans("NewInventory"), 1, $user->rights->stock->inventory_advance->write);
$newmenu->add("/product/inventory/list.php", $langs->trans("List"), 1, $user->rights->stock->inventory_advance->read);
}
}
}

8
htdocs/core/modules/modStock.class.php
View File

@ -121,25 +121,25 @@ class modStock extends DolibarrModules
$this->rights[5][0] = 1011;
$this->rights[5][1] = 'inventoryReadPermission'; // Permission label
$this->rights[5][3] = 0; // Permission by default for new user (0/1)
$this->rights[5][4] = 'advance_inventory'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[5][4] = 'inventory_advance'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[5][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[6][0] = 1012;
$this->rights[6][1] = 'inventoryCreatePermission'; // Permission label
$this->rights[6][3] = 0; // Permission by default for new user (0/1)
$this->rights[6][4] = 'advance_inventory'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[6][4] = 'inventory_advance'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[6][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[8][0] = 1014;
$this->rights[8][1] = 'inventoryValidatePermission'; // Permission label
$this->rights[8][3] = 0; // Permission by default for new user (0/1)
$this->rights[8][4] = 'advance_inventory'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[8][4] = 'inventory_advance'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[8][5] = 'validate'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[9][0] = 1015;
$this->rights[9][1] = 'inventoryChangePMPPermission'; // Permission label
$this->rights[9][3] = 0; // Permission by default for new user (0/1)
$this->rights[9][4] = 'advance_inventory'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[9][4] = 'inventory_advance'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
$this->rights[9][5] = 'changePMP'; // In php code, permission will be checked by test if ($user->rights->permkey->level1->level2)
}

2
htdocs/product/class/product.class.php
View File

@ -1103,7 +1103,7 @@ class Product extends CommonObject
//If it is a parent product, then we remove the association with child products
$prodcomb = new ProductCombination($this->db);
if ($prodcomb->deleteByFkProductParent($id) < 0) {
if ($prodcomb->deleteByFkProductParent($user, $id) < 0) {
$error++;
$this->errors[] = 'Error deleting combinations';
}

6
htdocs/product/inventory/card.php
View File

@ -42,7 +42,7 @@ if (empty($conf->global->MAIN_USE_ADVANCED_PERMS))
}
else
{
$result = restrictedArea($user, 'stock', $id, '', 'advance_inventory');
$result = restrictedArea($user, 'stock', $id, '', 'inventory_advance');
}
// Initialize technical objects
@ -82,8 +82,8 @@ if (empty($conf->global->MAIN_USE_ADVANCED_PERMS))
}
else
{
$permissiontoadd = $user->rights->stock->advance_inventory->create;
$permissiontodelete = $user->rights->stock->advance_inventory->write;
$permissiontoadd = $user->rights->stock->inventory_advance->create;
$permissiontodelete = $user->rights->stock->inventory_advance->write;
}

2
htdocs/product/inventory/list.php
View File

@ -78,7 +78,7 @@ if (empty($conf->global->MAIN_USE_ADVANCED_PERMS))
}
else
{
$result = restrictedArea($user, 'stock', $objectid, '', 'advance_inventory');
$result = restrictedArea($user, 'stock', $objectid, '', 'inventory_advance');
}
// Initialize array of search criterias

3
htdocs/projet/activity/perday.php
View File

@ -49,7 +49,8 @@ $projectid=isset($_GET["id"])?$_GET["id"]:$_POST["projectid"];
// Security check
$socid=0;
if ($user->societe_id > 0) $socid=$user->societe_id;
// For external user, no check is done on company because readability is managed by public status of project and assignement.
//if ($user->societe_id > 0) $socid=$user->societe_id;
$result = restrictedArea($user, 'projet', $projectid);
$now=dol_now();

3
htdocs/projet/activity/perweek.php
View File

@ -49,7 +49,8 @@ $projectid=isset($_GET["id"])?$_GET["id"]:$_POST["projectid"];
// Security check
$socid=0;
if ($user->societe_id > 0) $socid=$user->societe_id;
// For external user, no check is done on company because readability is managed by public status of project and assignement.
// if ($user->societe_id > 0) $socid=$user->societe_id;
$result = restrictedArea($user, 'projet', $projectid);
$now=dol_now();

19
htdocs/projet/class/project.class.php
View File

@ -1723,23 +1723,26 @@ class Project extends CommonObject
{
global $conf, $langs;
$mine=0; $socid=$user->societe_id;
$projectsListId = $this->getProjectsAuthorizedForUser($user,$mine?$mine:($user->rights->projet->all->lire?2:0),1,$socid);
// For external user, no check is done on company because readability is managed by public status of project and assignement.
//$socid=$user->societe_id;
if (! $user->rights->projet->all->lire) $projectsListId = $this->getProjectsAuthorizedForUser($user,0,1,$socid);
$sql = "SELECT p.rowid, p.fk_statut as status, p.fk_opp_status, p.datee as datee";
$sql.= " FROM (".MAIN_DB_PREFIX."projet as p";
$sql.= ")";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
// For external user, no check is done on company permission because readability is managed by public status of project and assignement.
//if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
$sql.= " WHERE p.fk_statut = 1";
$sql.= " AND p.entity IN (".getEntity('project', 0).')';
if ($mine || ! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")";
if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")";
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
//if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")";
if ($socid) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")";
if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
// For external user, no check is done on company permission because readability is managed by public status of project and assignement.
//if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
//print $sql;
$resql=$this->db->query($sql);
if ($resql)
{

17
htdocs/projet/class/task.class.php
View File

@ -1826,28 +1826,31 @@ class Task extends CommonObject
{
global $conf, $langs;
$mine=0; $socid=$user->societe_id;
// For external user, no check is done on company because readability is managed by public status of project and assignement.
//$socid=$user->societe_id;
$projectstatic = new Project($this->db);
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,$mine,1,$socid);
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,1,$socid);
// List of tasks (does not care about permissions. Filtering will be done later)
$sql = "SELECT p.rowid as projectid, p.fk_statut as projectstatus,";
$sql.= " t.rowid as taskid, t.progress as progress, t.fk_statut as status,";
$sql.= " t.dateo as date_start, t.datee as datee";
$sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
//if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
$sql.= ", ".MAIN_DB_PREFIX."projet_task as t";
$sql.= " WHERE p.entity IN (".getEntity('project', 0).')';
$sql.= " AND p.fk_statut = 1";
$sql.= " AND t.fk_projet = p.rowid";
$sql.= " AND t.progress < 100"; // tasks to do
if ($mine || ! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")";
if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")";
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
//if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")";
if ($socid) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")";
if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
// if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
//print $sql;
$resql=$this->db->query($sql);
if ($resql)

2
htdocs/projet/tasks/list.php
View File

@ -727,7 +727,7 @@ while ($i < min($num,$limit))
$showlineingray=0;$showproject=1;
print '<td class="center">';
if ($showlineingray) print '<i>';
else print '<a href="'.DOL_URL_ROOT.'/projet/tasks/time.php?id='.$lines[$i]->id.($showproject?'':'&withproject=1').'">';
else print '<a href="'.DOL_URL_ROOT.'/projet/tasks/time.php?id='.$object->id.($showproject?'':'&withproject=1').'">';
if ($obj->duration_effective) print convertSecondToTime($obj->duration_effective,$timespentoutputformat);
else print '--:--';
if ($showlineingray) print '</i>';

11
htdocs/supplier_proposal/card.php
View File

@ -67,6 +67,7 @@ $action = GETPOST('action', 'alpha');
$origin = GETPOST('origin', 'alpha');
$originid = GETPOST('originid', 'int');
$confirm = GETPOST('confirm', 'alpha');
$projectid = GETPOST('projectid', 'int');
$lineid = GETPOST('lineid', 'int');
$contactid = GETPOST('contactid','int');
@ -265,7 +266,7 @@ if (empty($reshook))
$object->remise_percent = GETPOST('remise_percent');
$object->remise_absolue = GETPOST('remise_absolue');
$object->socid = GETPOST('socid');
$object->fk_project = GETPOST('projectid');
$object->fk_project = GETPOST('projectid','int');
$object->modelpdf = GETPOST('model');
$object->author = $user->id; // deprecated
$object->note = GETPOST('note','none');
@ -283,7 +284,7 @@ if (empty($reshook))
$object->cond_reglement_id = GETPOST('cond_reglement_id');
$object->mode_reglement_id = GETPOST('mode_reglement_id');
$object->fk_account = GETPOST('fk_account', 'int');
$object->fk_project = GETPOST('projectid');
$object->fk_project = GETPOST('projectid','int');
$object->modelpdf = GETPOST('model');
$object->author = $user->id; // deprecated
$object->note = GETPOST('note','none');
@ -906,7 +907,7 @@ if (empty($reshook))
// Set project
else if ($action == 'classin' && $user->rights->supplier_proposal->creer) {
$object->setProject($_POST['projectid']);
$object->setProject(GETPOST('projectid'),'int');
}
// Delai de livraison
@ -1136,9 +1137,7 @@ if ($action == 'create')
$formproject = new FormProjets($db);
$projectid = 0;
if ($origin == 'project')
$projectid = ($originid ? $originid : 0);
if ($origin == 'project') $projectid = ($originid ? $originid : 0);
print '<tr>';
print '<td>' . $langs->trans("Project") . '</td><td colspan="2">';

9
htdocs/variants/class/ProductCombination.class.php
View File

@ -275,10 +275,11 @@ class ProductCombination
/**
* Deletes all product combinations of a parent product
*
* @param int $fk_product_parent Rowid of parent product
* @param User $user Object user
* @param int $fk_product_parent Rowid of parent product
* @return int <0 KO >0 OK
*/
public function deleteByFkProductParent($fk_product_parent)
public function deleteByFkProductParent($user, $fk_product_parent)
{
$this->db->begin();
@ -289,11 +290,11 @@ class ProductCombination
$res = $prodstatic->fetch($prodcomb->fk_product_child);
if ($res > 0) {
$res = $prodcomb->delete();
$res = $prodcomb->delete($user);
}
if ($res > 0 && !$prodstatic->isObjectUsed($prodstatic->id)) {
$res = $prodstatic->delete();
$res = $prodstatic->delete($user);
}
if ($res < 0) {

2
htdocs/variants/generator.php
View File

@ -95,7 +95,7 @@ if ($_POST) {
$delete_prev_comb_res = 1;
if (!$donotremove) {
$delete_prev_comb_res = $combination->deleteByFkProductParent($id);
$delete_prev_comb_res = $combination->deleteByFkProductParent($user, $id);
}
//Current combinations will be deleted