lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: A lot of bugs in project permission

Browse Source
This commit is contained in:
Laurent Destailleur 2010-05-30 21:07:47 +00:00
parent 4cd49aecea
commit 7813ef32ea
9 changed files with 20 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/includes/menus/barre_left/eldy.lib.php
View File

@ -724,13 +724,13 @@ function print_left_eldy_menu($db,$menu_array)
// Project affected to user
$newmenu->add(DOL_URL_ROOT."/projet/activity/index.php?mode=mine", $langs->trans("MyActivities"), 0, $user->rights->projet->lire);
$newmenu->add(DOL_URL_ROOT."/projet/tasks/fiche.php?action=create&mode=mine", $langs->trans("NewTask"), 1, $user->rights->projet->creer);
$newmenu->add(DOL_URL_ROOT."/projet/tasks.php?action=create&mode=mine", $langs->trans("NewTask"), 1, $user->rights->projet->creer);
$newmenu->add(DOL_URL_ROOT."/projet/tasks/index.php?mode=mine", $langs->trans("List"), 1, $user->rights->projet->lire);
$newmenu->add(DOL_URL_ROOT."/projet/activity/list.php?mode=mine", $langs->trans("NewTimeSpent"), 1, $user->rights->projet->creer);
// All project i have permission on
$newmenu->add(DOL_URL_ROOT."/projet/activity/index.php", $langs->trans("Activities"), 0, $user->rights->projet->lire && $user->rights->projet->lire);
$newmenu->add(DOL_URL_ROOT."/projet/tasks/fiche.php?action=create", $langs->trans("NewTask"), 1, $user->rights->projet->creer && $user->rights->projet->creer);
$newmenu->add(DOL_URL_ROOT."/projet/tasks.php?action=create", $langs->trans("NewTask"), 1, $user->rights->projet->creer && $user->rights->projet->creer);
$newmenu->add(DOL_URL_ROOT."/projet/tasks/index.php", $langs->trans("List"), 1, $user->rights->projet->lire && $user->rights->projet->lire);
$newmenu->add(DOL_URL_ROOT."/projet/activity/list.php", $langs->trans("NewTimeSpent"), 1, $user->rights->projet->creer && $user->rights->projet->creer);
}

4
htdocs/includes/menus/init_menu_auguria.sql
View File

@ -237,12 +237,12 @@ insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3612__+MAX_llx_menu__, 'project', '', 3610__+MAX_llx_menu__, '/projet/liste.php?leftmenu=projects&mode=mine', 'List', 1, 'projects', '$user->rights->projet->lire', '', 2, 2, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3700__+MAX_llx_menu__, 'project', '', 7__+MAX_llx_menu__, '/projet/activity/index.php?leftmenu=projects', 'Activities', 0, 'projects', '$user->rights->projet->lire', '', 2, 0, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3701__+MAX_llx_menu__, 'project', '', 3700__+MAX_llx_menu__, '/projet/tasks/fiche.php?leftmenu=projects&action=create', 'NewTask', 1, 'projects', '$user->rights->projet->creer', '', 2, 1, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3701__+MAX_llx_menu__, 'project', '', 3700__+MAX_llx_menu__, '/projet/tasks.php?leftmenu=projects&action=create', 'NewTask', 1, 'projects', '$user->rights->projet->creer', '', 2, 1, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3702__+MAX_llx_menu__, 'project', '', 3700__+MAX_llx_menu__, '/projet/tasks/index.php?leftmenu=projects', 'List', 1, 'projects', '$user->rights->projet->lire', '', 2, 2, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3703__+MAX_llx_menu__, 'project', '', 3700__+MAX_llx_menu__, '/projet/activity/list.php?leftmenu=projects', 'NewTimeSpent', 1, 'projects', '$user->rights->projet->lire', '', 2, 3, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3800__+MAX_llx_menu__, 'project', '', 7__+MAX_llx_menu__, '/projet/activity/index.php?leftmenu=projects&mode=mine', 'MyActivities', 0, 'projects', '$user->rights->projet->lire', '', 2, 0, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3801__+MAX_llx_menu__, 'project', '', 3800__+MAX_llx_menu__, '/projet/tasks/fiche.php?leftmenu=projects&action=create&mode=mine', 'NewTask', 1, 'projects', '$user->rights->projet->creer', '', 2, 1, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3801__+MAX_llx_menu__, 'project', '', 3800__+MAX_llx_menu__, '/projet/tasks.php?leftmenu=projects&action=create&mode=mine', 'NewTask', 1, 'projects', '$user->rights->projet->creer', '', 2, 1, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3802__+MAX_llx_menu__, 'project', '', 3800__+MAX_llx_menu__, '/projet/tasks/index.php?leftmenu=projects&mode=mine', 'List', 1, 'projects', '$user->rights->projet->lire', '', 2, 2, __ENTITY__);
insert into llx_menu (enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('$conf->projet->enabled', 'auguria', 'left', 3803__+MAX_llx_menu__, 'project', '', 3800__+MAX_llx_menu__, '/projet/activity/list.php?leftmenu=projects&mode=mine', 'NewTimeSpent', 1, 'projects', '$user->rights->projet->lire', '', 2, 3, __ENTITY__);

2
htdocs/lib/project.lib.php
View File

@ -86,7 +86,7 @@ function project_prepare_head($object)
$h++;
/* Now this is a filter in the Task tab.
$head[$h][0] = DOL_URL_ROOT.'/projet/tasks/fiche.php?id='.$object->id.'&mode=mine';
$head[$h][0] = DOL_URL_ROOT.'/projet/tasks.php?id='.$object->id.'&mode=mine';
$head[$h][1] = $langs->trans("MyTasks");
$head[$h][2] = 'mytasks';
$h++;

3
htdocs/projet/tasks/contact.php
View File

@ -181,7 +181,8 @@ if ($id > 0 || ! empty($ref))
if (! empty($project->socid)) $project->societe->fetch($project->socid);
// To verify role of users
$userAccess = $project->restrictedProjectArea($user);
//$userAccess = $projectstatic->restrictedProjectArea($user); // We allow task affected to user even if a not allowed project
//$arrayofuseridoftask=$task->getListContactId('internal');
$head = task_prepare_head($task);
dol_fiche_head($head, 'contact', $langs->trans("Task"), 0, 'projecttask');

3
htdocs/projet/tasks/document.php
View File

@ -136,7 +136,8 @@ llxHeader('',$langs->trans('Project'));
if ($id > 0 || ! empty($ref))
{
// To verify role of users
$userAccess = $projectstatic->restrictedProjectArea($user);
//$userAccess = $projectstatic->restrictedProjectArea($user); // We allow task affected to user even if a not allowed project
//$arrayofuseridoftask=$task->getListContactId('internal');
$head = task_prepare_head($task);
dol_fiche_head($head, 'document', $langs->trans("Task"), 0, 'projecttask');

3
htdocs/projet/tasks/index.php
View File

@ -58,7 +58,6 @@ if ($mine) $title=$langs->trans("MyActivities");
llxHeader("",$title,"Projet");
$form=new Form($db);
$projectstatic = new Project($db);
$taskstatic = new Task($db);
@ -108,7 +107,7 @@ print '</div>';
if ($user->rights->projet->creer)
{
print '<div class="tabsAction">';
print '<a class="butAction" href="'.DOL_URL_ROOT.'/projet/tasks/fiche.php?action=create">'.$langs->trans('AddTask').'</a>';
print '<a class="butAction" href="'.DOL_URL_ROOT.'/projet/tasks.php?action=create">'.$langs->trans('AddTask').'</a>';
print '</div>';
}

5
htdocs/projet/tasks/note.php
View File

@ -110,7 +110,8 @@ if ($id > 0 || ! empty($ref))
if (! empty($projectstatic->socid)) $projectstatic->societe->fetch($projectstatic->socid);
// To verify role of users
$userAccess = $projectstatic->restrictedProjectArea($user);
//$userAccess = $projectstatic->restrictedProjectArea($user); // We allow task affected to user even if a not allowed project
//$arrayofuseridoftask=$task->getListContactId('internal');
$head = task_prepare_head($task);
dol_fiche_head($head, 'note', $langs->trans('Task'), 0, 'projecttask');
@ -188,7 +189,7 @@ if ($id > 0 || ! empty($ref))
*/
print '<div class="tabsAction">';
if ((($user->rights->projet->creer && $userAccess) || $user->rights->projet->all->creer) && $_GET['action'] <> 'edit')
if (($user->rights->projet->creer || $user->rights->projet->all->creer) && $_GET['action'] <> 'edit')
{
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$task->id.'&amp;action=edit">'.$langs->trans('Modify').'</a>';
}

3
htdocs/projet/tasks/task.php
View File

@ -128,7 +128,8 @@ if ($taskid)
if (! empty($projectstatic->socid)) $projectstatic->societe->fetch($projectstatic->socid);
// To verify role of users
$userAccess = $projectstatic->restrictedProjectArea($user);
//$userAccess = $projectstatic->restrictedProjectArea($user); // We allow task affected to user even if a not allowed project
//$arrayofuseridoftask=$task->getListContactId('internal');
if ($mesg) print $mesg;

10
htdocs/projet/tasks/time.php
View File

@ -152,7 +152,6 @@ if ($_GET["id"] > 0)
{
/*
* Fiche projet en mode visu
*
*/
$task = new Task($db);
$projectstatic = new Project($db);
@ -163,8 +162,9 @@ if ($_GET["id"] > 0)
$result=$projectstatic->fetch($task->fk_project);
if (! empty($projectstatic->socid)) $projectstatic->societe->fetch($projectstatic->socid);
// To verify role of users
$userAccess = $projectstatic->restrictedProjectArea($user);
// To get role of users
//$userAccess = $projectstatic->restrictedProjectArea($user); // We allow task affected to user even if a not allowed project
//$arrayofuseridoftask=$task->getListContactId('internal');
$head=task_prepare_head($task);
@ -210,7 +210,7 @@ if ($_GET["id"] > 0)
/*
* Add time spent
*/
if ($user->rights->projet->creer && $userAccess)
if ($user->rights->projet->creer)
{
print '<br>';
@ -374,7 +374,7 @@ if ($_GET["id"] > 0)
print '<br>';
print '<input type="submit" class="button" name="cancel" value="'.$langs->trans('Cancel').'">';
}
else if ($user->rights->projet->creer && $userAccess)
else if ($user->rights->projet->creer)
{
print '&nbsp;';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$task->id.'&amp;action=editline&amp;lineid='.$task_time->rowid.'">';