From 5b62c59877e22afb2059664c43039197759a79e0 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 13 Mar 2006 14:06:26 +0000 Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20permission=20"consulter=20tou?= =?UTF-8?q?s=20les=20clients"=20dans=20le=20module=20commercial,=20afin=20?= =?UTF-8?q?=20qu'un=20commercial=20puisse=20voir=20que=20les=20clients=20q?= =?UTF-8?q?ui=20lui=20sont=20affect=E9s.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/product/stats/contrat.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index a17777d31d6..905536abc61 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -246,9 +246,12 @@ if ($_GET["id"]) $sql = "SELECT distinct(s.nom), s.idp, s.code_client, c.rowid, "; $sql.= " ".$db->pdate("c.datec")." as date, c.statut as statut, c.rowid as contratid"; + if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", sc.fk_soc, sc.fk_user "; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."contratdet as d"; - $sql.= " WHERE c.fk_soc = s.idp"; + if (!$user->rights->commercial->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + $sql.= " WHERE c.fk_soc = s.idp"; $sql.= " AND d.fk_contrat = c.rowid AND d.fk_product =".$product->id; + if (!$user->rights->commercial->client->voir && !$socid) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) { $sql .= " AND c.fk_soc = $socid";