From 6f8de50004f41f055f72427e9821ef3cdf4c509e Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Wed, 24 Aug 2022 19:59:06 +0200 Subject: [PATCH] Add right --- htdocs/core/lib/product.lib.php | 15 ++++++++++----- htdocs/core/modules/modProduct.class.php | 8 ++++++++ htdocs/core/modules/modService.class.php | 8 ++++++++ htdocs/langs/en_US/admin.lang | 2 ++ htdocs/product/list.php | 22 +++++++++++++++------- 5 files changed, 43 insertions(+), 12 deletions(-) diff --git a/htdocs/core/lib/product.lib.php b/htdocs/core/lib/product.lib.php index 7b3d1e4637f..5b1d5ba91d0 100644 --- a/htdocs/core/lib/product.lib.php +++ b/htdocs/core/lib/product.lib.php @@ -38,8 +38,11 @@ function product_prepare_head($object) $langs->load("products"); $label = $langs->trans('Product'); + $usercancreadprice = getDolGlobalString('MAIN_USE_ADVANCED_PERMS')?$user->hasRight('product', 'product_advance', 'read_prices'):$user->hasRight('produit', 'lire'); + if ($object->isService()) { $label = $langs->trans('Service'); + $usercancreadprice = getDolGlobalString('MAIN_USE_ADVANCED_PERMS')?$user->hasRight('service', 'service_advance', 'read_prices'):$user->hasRight('service', 'lire'); } $h = 0; @@ -50,7 +53,7 @@ function product_prepare_head($object) $head[$h][2] = 'card'; $h++; - if (!empty($object->status)) { + if (!empty($object->status) && $usercancreadprice) { $head[$h][0] = DOL_URL_ROOT."/product/price.php?id=".$object->id; $head[$h][1] = $langs->trans("SellingPrices"); $head[$h][2] = 'price'; @@ -61,10 +64,12 @@ function product_prepare_head($object) if ((((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->fournisseur->lire) || (!empty($conf->margin->enabled) && $user->rights->margin->liretous) ) { - $head[$h][0] = DOL_URL_ROOT."/product/fournisseurs.php?id=".$object->id; - $head[$h][1] = $langs->trans("BuyingPrices"); - $head[$h][2] = 'suppliers'; - $h++; + if ($usercancreadprice) { + $head[$h][0] = DOL_URL_ROOT."/product/fournisseurs.php?id=".$object->id; + $head[$h][1] = $langs->trans("BuyingPrices"); + $head[$h][2] = 'suppliers'; + $h++; + } } } diff --git a/htdocs/core/modules/modProduct.class.php b/htdocs/core/modules/modProduct.class.php index 090fdd59fa3..b32cc5a3cda 100644 --- a/htdocs/core/modules/modProduct.class.php +++ b/htdocs/core/modules/modProduct.class.php @@ -127,6 +127,14 @@ class modProduct extends DolibarrModules $this->rights[$r][4] = 'creer'; $r++; + $this->rights[$r][0] = 33; // id de la permission + $this->rights[$r][1] = 'Read prices products'; // libelle de la permission + $this->rights[$r][2] = 'w'; // type de la permission (deprecie a ce jour) + $this->rights[$r][3] = 0; // La permission est-elle une permission par defaut + $this->rights[$r][4] = 'product_advance'; + $this->rights[$r][5] = 'read_prices'; + $r++; + $this->rights[$r][0] = 34; // id de la permission $this->rights[$r][1] = 'Delete products'; // libelle de la permission $this->rights[$r][2] = 'd'; // type de la permission (deprecie a ce jour) diff --git a/htdocs/core/modules/modService.class.php b/htdocs/core/modules/modService.class.php index 8f4b697332b..7649e8d5b76 100644 --- a/htdocs/core/modules/modService.class.php +++ b/htdocs/core/modules/modService.class.php @@ -102,6 +102,14 @@ class modService extends DolibarrModules $this->rights[$r][4] = 'creer'; $r++; + $this->rights[$r][0] = 533; // id de la permission + $this->rights[$r][1] = 'Read prices services'; // libelle de la permission + $this->rights[$r][2] = 'w'; // type de la permission (deprecie a ce jour) + $this->rights[$r][3] = 0; // La permission est-elle une permission par defaut + $this->rights[$r][4] = 'service_advance'; + $this->rights[$r][5] = 'read_prices'; + $r++; + $this->rights[$r][0] = 534; // id de la permission $this->rights[$r][1] = 'Delete les services'; // libelle de la permission $this->rights[$r][2] = 'd'; // type de la permission (deprecie a ce jour) diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index c68a0ada7d6..f34d0a17e15 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -714,6 +714,7 @@ Permission27=Delete commercial proposals Permission28=Export commercial proposals Permission31=Read products Permission32=Create/modify products +Permission33=Read prices products Permission34=Delete products Permission36=See/manage hidden products Permission38=Export products @@ -875,6 +876,7 @@ Permission525=Access loan calculator Permission527=Export loans Permission531=Read services Permission532=Create/modify services +Permission533=Read prices services Permission534=Delete services Permission536=See/manage hidden services Permission538=Export services diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 4cc79472ada..f66b1cb5b8b 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -291,7 +291,6 @@ if ($search_type == '0') { $result = restrictedArea($user, 'produit|service', '', '', '', '', '', 0); } - /* * Actions */ @@ -1360,6 +1359,11 @@ if ($resql) { } } + $usercancreadprice = getDolGlobalString('MAIN_USE_ADVANCED_PERMS')?$user->hasRight('product', 'product_advance', 'read_prices'):$user->hasRight('produit', 'lire'); + if ($product_static->isService()) { + $usercancreadprice = getDolGlobalString('MAIN_USE_ADVANCED_PERMS')?$user->hasRight('service', 'service_advance', 'read_prices'):$user->hasRight('service', 'lire'); + } + print ''; // Action column @@ -1622,7 +1626,7 @@ if ($resql) { // Sell price if (!empty($arrayfields['p.sellprice']['checked'])) { print ''; - if ($obj->tosell) { + if ($obj->tosell && $usercancreadprice) { if ($obj->price_base_type == 'TTC') { print ''.price($obj->price_ttc).' '.$langs->trans("TTC").''; } else { @@ -1645,7 +1649,7 @@ if ($resql) { $productpricescache[$obj->rowid] = array(); } - if ($obj->tosell) { + if ($obj->tosell && $usercancreadprice) { // Make 1 request for all price levels (without filter on price_level) and saved result into an cache array // then reuse the cache array if we need prices for other price levels $sqlp = "SELECT p.rowid, p.fk_product, p.price, p.price_ttc, p.price_level, p.date_price, p.price_base_type"; @@ -1695,7 +1699,7 @@ if ($resql) { // Better buy price if (!empty($arrayfields['p.minbuyprice']['checked'])) { print ''; - if ($obj->tobuy && $obj->minsellprice != '') { + if ($obj->tobuy && $obj->minsellprice != '' && $usercancreadprice) { //print price($obj->minsellprice).' '.$langs->trans("HT"); if ($product_fourn->find_min_price_product_fournisseur($obj->rowid) > 0) { if ($product_fourn->product_fourn_price_id > 0) { @@ -1717,7 +1721,7 @@ if ($resql) { // Number of buy prices if (!empty($arrayfields['p.numbuyprice']['checked'])) { print ''; - if ($obj->tobuy) { + if ($obj->tobuy && $usercancreadprice) { if (count($productFournList = $product_fourn->list_product_fournisseur_price($obj->rowid)) > 0) { $htmltext = $product_fourn->display_price_product_fournisseur(1, 1, 0, 1, $productFournList); print $form->textwithpicto(count($productFournList), $htmltext); @@ -1739,14 +1743,18 @@ if ($resql) { // WAP if (!empty($arrayfields['p.pmp']['checked'])) { print ''; - print ''.price($product_static->pmp, 1, $langs).""; + if ($usercancreadprice) { + print ''.price($product_static->pmp, 1, $langs).""; + } print ''; } // Cost price if (!empty($arrayfields['p.cost_price']['checked'])) { print ''; //print $obj->cost_price; - print ''.price($obj->cost_price).' '.$langs->trans("HT").''; + if ($usercancreadprice) { + print ''.price($obj->cost_price).' '.$langs->trans("HT").''; + } print ''; }