diff --git a/htdocs/admin/agenda.php b/htdocs/admin/agenda.php index 22679ca697b..a30ebad4703 100644 --- a/htdocs/admin/agenda.php +++ b/htdocs/admin/agenda.php @@ -33,6 +33,7 @@ if (!$user->admin) $langs->load("admin"); $langs->load("other"); +$langs->load("agenda"); $action = GETPOST('action','alpha'); $cancel = GETPOST('cancel','alpha'); @@ -172,7 +173,7 @@ if (! empty($triggers)) if ($trigger['code'] == 'FICHINTER_CLASSIFY_BILLED' && empty($conf->global->FICHINTER_CLASSIFY_BILLED)) continue; if ($trigger['code'] == 'FICHINTER_CLASSIFY_UNBILLED' && empty($conf->global->FICHINTER_CLASSIFY_BILLED)) continue; - + print ''; print ''.$trigger['code'].''; print ''.$trigger['label'].''; diff --git a/htdocs/admin/agenda_other.php b/htdocs/admin/agenda_other.php index 44ec3ade889..31bcf1077e6 100644 --- a/htdocs/admin/agenda_other.php +++ b/htdocs/admin/agenda_other.php @@ -36,6 +36,7 @@ if (!$user->admin) $langs->load("admin"); $langs->load("other"); +$langs->load("agenda"); $action = GETPOST('action','alpha'); $value = GETPOST('value','alpha'); diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php index f32c721a826..40737a83799 100644 --- a/htdocs/comm/action/class/api_agendaevents.class.php +++ b/htdocs/comm/action/class/api_agendaevents.class.php @@ -111,8 +111,11 @@ class AgendaEvents extends DolibarrApi if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id; $sql = "SELECT t.id as rowid"; + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) $sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as t"; + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale $sql.= ' WHERE t.entity IN ('.getEntity('agenda').')'; + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc"; if ($user_ids) $sql.=" AND t.fk_user_action IN (".$user_ids.")"; if ($socid > 0) $sql.= " AND t.fk_soc = ".$socid; // Insert sale filter @@ -298,4 +301,59 @@ class AgendaEvents extends DolibarrApi } return $event; } + + /** + * Clean sensible object datas + * + * @param object $object Object to clean + * @return array Array of cleaned object properties + */ + function _cleanObjectDatas($object) { + + $object = parent::_cleanObjectDatas($object); + + unset($object->import_key); + unset($object->array_options); + unset($object->linkedObjectsIds); + unset($object->context); + unset($object->canvas); + unset($object->fk_project); + unset($object->contact); + unset($object->contact_id); + unset($object->thirdparty); + unset($object->user); + unset($object->origin); + unset($object->origin_id); + unset($object->ref_ext); + unset($object->statut); + unset($object->country); + unset($object->country_id); + unset($object->country_code); + unset($object->barcode_type); + unset($object->barcode_type_code); + unset($object->barcode_type_label); + unset($object->barcode_type_coder); + unset($object->mode_reglement_id); + unset($object->cond_reglement_id); + unset($object->cond_reglement); + unset($object->fk_delivery_address); + unset($object->shipping_method_id); + unset($object->fk_account); + unset($object->total_ht); + unset($object->total_tva); + unset($object->total_localtax1); + unset($object->total_localtax2); + unset($object->total_ttc); + unset($object->fk_incoterms); + unset($object->libelle_incoterms); + unset($object->location_incoterms); + unset($object->name); + unset($object->lastname); + unset($object->firstname); + unset($object->civility_id); + unset($object->contact); + unset($object->societe); + + return $object; + } }