FIX #yogosha5675
This commit is contained in:
Laurent Destailleur
parent
be90f5f2de
commit
7056cf7614
@ -57,14 +57,6 @@ $backtopage = GETPOST('backtopage', 'alpha');
|
||||
|
||||
$userid = GETPOST('user', 'int');
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', $feature2);
|
||||
|
||||
// Users/Groups management only in master entity if transverse mode
|
||||
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
$object = new Usergroup($db);
|
||||
$extrafields = new ExtraFields($db);
|
||||
// fetch optionals attributes and labels
|
||||
@ -77,6 +69,13 @@ $object->getrights();
|
||||
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array
|
||||
$hookmanager->initHooks(array('groupcard', 'globalcard'));
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', $feature2);
|
||||
|
||||
// Users/Groups management only in master entity if transverse mode
|
||||
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
|
||||
@ -28,17 +28,6 @@
|
||||
require '../../main.inc.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';
|
||||
|
||||
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
|
||||
if (!$user->rights->user->group_advance->read && !$user->admin) {
|
||||
accessforbidden();
|
||||
}
|
||||
}
|
||||
|
||||
// Users/Groups management only in master entity if transverse mode
|
||||
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
// Load translation files required by page
|
||||
$langs->load("users");
|
||||
|
||||
@ -78,6 +67,21 @@ $fieldstosearchall = array(
|
||||
'g.note'=>"Note"
|
||||
);
|
||||
|
||||
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
|
||||
if (!$user->rights->user->group_advance->read && !$user->admin) {
|
||||
accessforbidden();
|
||||
}
|
||||
}
|
||||
|
||||
// Users/Groups management only in master entity if transverse mode
|
||||
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
if (!$user->rights->user->user->lire && !$user->admin) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -31,10 +31,6 @@ if (!empty($conf->categorie->enabled)) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
|
||||
}
|
||||
|
||||
if (!$user->rights->user->user->lire && !$user->admin) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
// Load translation files required by page
|
||||
$langs->loadLangs(array('users', 'companies', 'hrm', 'salaries'));
|
||||
|
||||
@ -185,6 +181,10 @@ if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
|
||||
|
||||
$error = 0;
|
||||
|
||||
if (!$user->rights->user->user->lire && !$user->admin) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
$childids = $user->getAllChildIds(1);
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user