From 5e5ccc8f066453f4d0183eacaa149b2e64751878 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 8 Mar 2006 16:14:25 +0000 Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20permission=20"consulter=20tou?= =?UTF-8?q?s=20les=20clients"=20dans=20le=20module=20commercial,=20afin=20?= =?UTF-8?q?=20qu'un=20commercial=20puisse=20voir=20que=20les=20clients=20q?= =?UTF-8?q?ui=20lui=20sont=20affect=E9s.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/expedition/liste.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/htdocs/expedition/liste.php b/htdocs/expedition/liste.php index 2aec9282c77..73fa731808d 100644 --- a/htdocs/expedition/liste.php +++ b/htdocs/expedition/liste.php @@ -1,6 +1,7 @@ * Copyright (C) 2004-2006 Laurent Destailleur + * Copyright (C) 2005-2006 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -56,8 +57,10 @@ $offset = $limit * $_GET["page"] ; llxHeader('',$langs->trans('ListOfSendings'),'ch-expedition.html'); -$sql = "SELECT e.rowid, e.ref,".$db->pdate("e.date_expedition")." as date_expedition, e.fk_statut" ; +$sql = "SELECT e.rowid, e.ref,".$db->pdate("e.date_expedition")." as date_expedition, e.fk_statut"; +if (!$user->rights->commercial->client->voir) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e"; +if (!$user->rights->commercial->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."commande as c"; if ($socidp) $sql.=", ".MAIN_DB_PREFIX."commande as c"; $sql_add = " WHERE "; if ($socidp) @@ -68,6 +71,11 @@ if ($socidp) if ($_POST["sf_ref"]) { $sql.= $sql_add . " e.ref like '%".addslashes($_POST["sf_ref"])."%'"; + $sql_add = " AND "; +} +if (!$user->rights->commercial->client->voir) //restriction +{ + $sql .= $sql_add . " e.fk_commande = c.rowid AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; } $expedition = new Expedition($db);