From 5af0f1616d7afbe1ccf69bf94b38371c0e4a88be Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Sun, 27 Jun 2004 18:16:53 +0000
Subject: [PATCH] =?UTF-8?q?New:=20Utilisation=20de=20niveaux=20plus=20fin?=
 =?UTF-8?q?=20des=20droits=20de=20compta=20sur=20le=20m=EAme=20mod=E8les?=
 =?UTF-8?q?=20que=20les=20autres=20modules=20(Lire,=20Modifier...).=20Opti?=
 =?UTF-8?q?m:=20La=20fonction=20de=20chargement=20des=20droits=20n'est=20r?=
 =?UTF-8?q?=E9alis=E9e=20qu'une=20fois=20m=EAme=20si=20appel=E9=20plusieur?=
 =?UTF-8?q?s=20fois.=20New:=20Possibilit=E9=20de=20tri=20sur=20la=20liste?=
 =?UTF-8?q?=20des=20user.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/compta/sociales/index.php | 75 +++++++++++++++++---------------
 htdocs/user.class.php            | 18 ++++----
 2 files changed, 49 insertions(+), 44 deletions(-)

diff --git a/htdocs/compta/sociales/index.php b/htdocs/compta/sociales/index.php
index 3c98e178c36..f49ef50178f 100644
--- a/htdocs/compta/sociales/index.php
+++ b/htdocs/compta/sociales/index.php
@@ -25,7 +25,7 @@ require("./pre.inc.php");
 $user->getrights('facture');
 $user->getrights('compta');
 
-if (!$user->admin && !$user->rights->compta->charges)
+if (!$user->admin && !$user->rights->compta->charges->lire)
   accessforbidden();
 
 
@@ -83,11 +83,6 @@ $filtre=$_GET["filtre"];
 print_fiche_titre("Charges sociales",($year?"<a href='$PHP_SELF?year=".($year-1)."'>".img_previous()."</a> Année $year <a href='$PHP_SELF?year=".($year+1)."'>".img_next()."</a>":""));
 print "<br>\n";
 
-//if ($filtre) {
-//    print_titre("Filtre : ".$_GET["filtrelib"]);
-//    print "<br>\n";
-//}
-
 if ($mesg) {
     print "$mesg<br>";
 }
@@ -173,8 +168,14 @@ if ( $db->query($sql) )
 	  print '<td>&nbsp;</td>';
 	} else {
 	  print '<td align="center"><a class="impayee" href="'.$PHP_SELF.'?filtre=paye:0">Impayé</a></td>';
-	  print '<td align="center"><a href="charges.php?id='.$obj->id.'">'.img_edit().'</a>';
-	  print ' &nbsp; <a href="'.$PHP_SELF.'?action=del&id='.$obj->id.'">'.img_delete().'</a></td>';
+	  print '<td align="center" nowrap>';
+	  if ($user->rights->compta->charges->creer) {
+	    print '<a href="charges.php?id='.$obj->id.'">'.img_edit().'</a>';
+	  }
+	  if ($user->rights->compta->charges->supprimer) {
+	    print ' &nbsp; <a href="'.$PHP_SELF.'?action=del&id='.$obj->id.'">'.img_delete().'</a>';
+	  }
+	  print '</td>';
 	}
       print '</tr>';
       $i++;
@@ -189,37 +190,39 @@ else
  * Forumalaire d'ajout d'une charge
  *
  */
-print '<tr class="form" valign="top"><form method="post" action="index.php">';
-print '<input type="hidden" name="action" value="add">';
-print '<td>&nbsp;</td>';
-print '<td><input type="text" size="8" name="date"><br>YYYYMMDD</td>';
-print '<td><input type="text" size="8" name="periode"><br>YYYYMMDD</td>';
-
-print '<td align="left"><select name="type">';
-
-$sql = "SELECT c.id, c.libelle as type FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
-$sql .= " ORDER BY lower(c.libelle) ASC";
-
-if ( $db->query($sql) )
-{
-  $num = $db->num_rows();
-  $i = 0;
-
-  while ($i < $num)
+if ($user->rights->compta->charges->creer) {
+    print '<tr class="form" valign="top"><form method="post" action="index.php">';
+    print '<input type="hidden" name="action" value="add">';
+    print '<td>&nbsp;</td>';
+    print '<td><input type="text" size="8" name="date"><br>YYYYMMDD</td>';
+    print '<td><input type="text" size="8" name="periode"><br>YYYYMMDD</td>';
+    
+    print '<td align="left"><select name="type">';
+    
+    $sql = "SELECT c.id, c.libelle as type FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
+    $sql .= " ORDER BY lower(c.libelle) ASC";
+    
+    if ( $db->query($sql) )
     {
-      $obj = $db->fetch_object( $i);
-      print '<option value="'.$obj->id.'">'.$obj->type;
-      $i++;
+      $num = $db->num_rows();
+      $i = 0;
+    
+      while ($i < $num)
+        {
+          $obj = $db->fetch_object( $i);
+          print '<option value="'.$obj->id.'">'.$obj->type;
+          $i++;
+        }
     }
+    print '</select>';
+    print '</td>';
+    print '<td align="left"><input type="text" size="24" name="libelle"></td>';
+    print '<td align="right"><input type="text" size="6" name="amount"></td>';
+    print '<td>&nbsp;</td>';
+    
+    print '<td><input type="submit" value="Ajouter"></form></td>';
+    print '</tr>';
 }
-print '</select>';
-print '</td>';
-print '<td align="left"><input type="text" size="24" name="libelle"></td>';
-print '<td align="right"><input type="text" size="6" name="amount"></td>';
-print '<td>&nbsp;</td>';
-
-print '<td><input type="submit" value="Ajouter"></form></td>';
-print '</tr>';
 
 print '</table>';
 
diff --git a/htdocs/user.class.php b/htdocs/user.class.php
index 040c1ff153a..f1c58f005b9 100644
--- a/htdocs/user.class.php
+++ b/htdocs/user.class.php
@@ -49,7 +49,7 @@ class User
       $this->compta = 1;
       $this->limite_liste = 0;
 
-      $this->permissions_are_loaded = 0;
+      $this->all_permissions_are_loaded = 0;
 
       return 1;
   }
@@ -185,7 +185,7 @@ class User
    */
   Function getrights($module='')
     {
-      if ($this->permissions_are_loaded) {
+      if ($this->all_permissions_are_loaded) {
         // Si les permissions ont déja été chargé pour ce user, on quitte
         // Cela évite de faire n fois le select quand la fonction est appelée plusieurs fois
         // pour charger les droits de différents modules. On les charges tous la
@@ -196,12 +196,11 @@ class User
       $sql = "SELECT fk_user, fk_id FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user= $this->id";
       if ($this->db->query($sql))
 	{
-	  $rr=array();
 	  $num = $this->db->num_rows();
 	  $i = 0;
 	  while ($i < $num)
 	    {
-	      $obj = $this->db->fetch_object($i);
+	      $obj = $this->db->fetch_object();
 	      
 	      if ($module == 'facture' or $module == '')
 		{
@@ -339,7 +338,7 @@ class User
 
 		  if ($obj->fk_id == 92)
 		    $this->rights->compta->charges->creer = 1;
-
+		    
 		  if ($obj->fk_id == 93)
 		    $this->rights->compta->charges->supprimer = 1;
 
@@ -361,11 +360,14 @@ class User
 
 		}
 	      $i++;
-	      }
-
+	  }
 	    $this->db->free();	    
 
-        $this->permissions_are_loaded=1;
+        if ($module == '') {
+            // Si module etait non defini, alors on a tout chargé, on peut donc considérer
+            // que les droits sont cachés (car tous chargés) pour cet instance de user
+            $this->all_permissions_are_loaded=1;
+        }
 	  }
 	else
 	  {