From 8626d6279ae4349f66ce355005fa592140a31d0b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 18 Oct 2017 17:21:30 +0200 Subject: [PATCH] Fix perm to delete files --- htdocs/adherents/card.php | 4 +- htdocs/adherents/subscription/card.php | 4 +- htdocs/comm/action/card.php | 4 +- htdocs/comm/action/document.php | 2 +- htdocs/comm/propal/card.php | 4 +- htdocs/comm/propal/list.php | 2 +- htdocs/commande/card.php | 4 +- htdocs/commande/list.php | 2 +- htdocs/compta/facture/card.php | 6 +-- htdocs/compta/facture/list.php | 2 +- htdocs/contrat/card.php | 10 ++-- htdocs/don/card.php | 4 +- htdocs/expedition/card.php | 2 +- htdocs/expensereport/card.php | 4 +- htdocs/expensereport/list.php | 2 +- htdocs/fichinter/card.php | 4 +- htdocs/fichinter/list.php | 2 +- htdocs/fourn/commande/card.php | 4 +- htdocs/fourn/commande/list.php | 2 +- htdocs/fourn/facture/card.php | 6 +-- htdocs/fourn/facture/list.php | 2 +- htdocs/fourn/paiement/card.php | 20 +++---- htdocs/livraison/card.php | 54 +++++++++---------- .../modulebuilder/template/myobject_card.php | 4 +- .../modulebuilder/template/myobject_list.php | 2 +- htdocs/product/card.php | 4 +- htdocs/product/inventory/card.php | 4 +- htdocs/product/inventory/list.php | 2 +- htdocs/product/stock/productlot_list.php | 2 +- .../canvas/company/tpl/card_view.tpl.php | 4 +- .../canvas/individual/tpl/card_view.tpl.php | 4 +- htdocs/societe/card.php | 4 +- htdocs/societe/rib.php | 4 +- htdocs/supplier_proposal/card.php | 4 +- htdocs/supplier_proposal/list.php | 2 +- htdocs/user/card.php | 4 +- 36 files changed, 97 insertions(+), 97 deletions(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 78969a8df14..66b1324f39b 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -1730,8 +1730,8 @@ else //$filedir = $conf->adherent->dir_output . '/' . get_exdir($object->id, 2, 0, 0, $object, 'member') . dol_sanitizeFileName($object->ref); $filedir = $conf->adherent->dir_output . '/' . get_exdir(0, 0, 0, 0, $object, 'member'); $urlsource = $_SERVER['PHP_SELF'] . '?id=' . $object->id; - $genallowed = $user->rights->adherent->creer; - $delallowed = $user->rights->adherent->supprimer; + $genallowed = $user->rights->adherent->lire; + $delallowed = $user->rights->adherent->creer; print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $object->default_lang, '', $object); $somethingshown = $formfile->numoffiles; diff --git a/htdocs/adherents/subscription/card.php b/htdocs/adherents/subscription/card.php index 3c368c05c9a..701a6e74760 100644 --- a/htdocs/adherents/subscription/card.php +++ b/htdocs/adherents/subscription/card.php @@ -390,8 +390,8 @@ if ($rowid && $action != 'edit') $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id; - $genallowed = $user->rights->facture->creer; - $delallowed = $user->rights->facture->supprimer; + $genallowed = $user->rights->facture->lire; + $delallowed = $user->rights->facture->creer; print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang); $somethingshown = $formfile->numoffiles; diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 7b1c81af59c..d97982c3db8 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -1483,8 +1483,8 @@ if ($id > 0) $filedir=$conf->agenda->multidir_output[$conf->entity].'/'.$object->id; $urlsource=$_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed=$user->rights->agenda->myactions->create; - $delallowed=$user->rights->agenda->myactions->delete; + $genallowed=$user->rights->agenda->myactions->read; + $delallowed=$user->rights->agenda->myactions->create; $var=true; diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index 1e54db9d449..493236b5ddf 100644 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -75,7 +75,7 @@ if (! $sortorder) $sortorder="ASC"; if (! $sortfield) $sortfield="name"; $upload_dir = $conf->agenda->dir_output.'/'.dol_sanitizeFileName($object->ref); -$modulepart='contract'; +$modulepart='actions'; /* diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 7fb13234a94..006f0a439e3 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -2355,8 +2355,8 @@ if ($action == 'create') $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->propal->dir_output . "/" . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; - $genallowed = $user->rights->propal->creer; - $delallowed = $user->rights->propal->supprimer; + $genallowed = $user->rights->propal->lire; + $delallowed = $user->rights->propal->creer; $var = true; diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 92bb80d9655..480ad7f4fda 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -1031,7 +1031,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->propal->lire; - $delallowed=$user->rights->propal->lire; + $delallowed=$user->rights->propal->creer; print $formfile->showdocuments('massfilesarea_proposals','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,'',''); } diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 5daf56eaeca..5c830c7c4e1 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2576,8 +2576,8 @@ if ($action == 'create' && $user->rights->commande->creer) $relativepath = $comref . '/' . $comref . '.pdf'; $filedir = $conf->commande->dir_output . '/' . $comref; $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; - $genallowed = $user->rights->commande->creer; - $delallowed = $user->rights->commande->supprimer; + $genallowed = $user->rights->commande->lire; + $delallowed = $user->rights->commande->creer; print $formfile->showdocuments('commande', $comref, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang); diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 1efd428159a..86a5f463840 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -1452,7 +1452,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->commande->lire; - $delallowed=$user->rights->commande->supprimer; + $delallowed=$user->rights->commande->creer; print $formfile->showdocuments('massfilesarea_orders','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 9c0aff43abf..6276f75e7b6 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1378,7 +1378,7 @@ if (empty($reshook)) $object->situation_counter = $object->situation_counter + 1; $id = $object->createFromCurrent($user); - if ($id <= 0) + if ($id <= 0) { $mesg = $object->error; } @@ -4291,8 +4291,8 @@ else if ($id > 0 || ! empty($ref)) $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id; - $genallowed = $user->rights->facture->creer; - $delallowed = $user->rights->facture->supprimer; + $genallowed = $user->rights->facture->lire; + $delallowed = $user->rights->facture->creer; print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang); $somethingshown = $formfile->numoffiles; diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 67ef9c96973..8563572da7c 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -1332,7 +1332,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->facture->lire; - $delallowed=$user->rights->facture->lire; + $delallowed=$user->rights->facture->creer; print $formfile->showdocuments('massfilesarea_invoices','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php index ce3915cf2ee..d618a7c4b1e 100644 --- a/htdocs/contrat/card.php +++ b/htdocs/contrat/card.php @@ -2112,17 +2112,17 @@ else $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->contrat->dir_output . "/" . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; - $genallowed = $user->rights->contrat->creer; - $delallowed = $user->rights->contrat->supprimer; + $genallowed = $user->rights->contrat->lire; + $delallowed = $user->rights->contrat->creer; $var = true; print $formfile->showdocuments('contract', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang); - // Show links to link elements - $linktoelem = $form->showLinkToObjectBlock($object, null, array('contrat')); - $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); + // Show links to link elements + $linktoelem = $form->showLinkToObjectBlock($object, null, array('contrat')); + $somethingshown = $form->showLinkedObjectBlock($object, $linktoelem); print '
'; diff --git a/htdocs/don/card.php b/htdocs/don/card.php index 72ea8e84792..92a6b7eab30 100644 --- a/htdocs/don/card.php +++ b/htdocs/don/card.php @@ -760,8 +760,8 @@ if (! empty($id) && $action != 'edit') $filename = dol_sanitizeFileName($object->id); $filedir = $conf->don->dir_output . "/" . dol_sanitizeFileName($object->id); $urlsource = $_SERVER['PHP_SELF'].'?rowid='.$object->id; - $genallowed = ($object->statut == 2 && ($object->paid == 0 || $user->admin) && $user->rights->don->creer); - $delallowed = $user->rights->don->supprimer; + $genallowed = ($object->statut == 2 && ($object->paid == 0 || $user->admin) && $user->rights->don->lire); + $delallowed = $user->rights->don->creer; print $formfile->showdocuments('donation',$filename,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf); diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 728556b3940..b2715e7d35a 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -2122,7 +2122,7 @@ else if ($id || $ref) $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; $genallowed=$user->rights->expedition->lire; - $delallowed=$user->rights->expedition->supprimer; + $delallowed=$user->rights->expedition->creer; print $formfile->showdocuments('expedition',$objectref,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf,1,0,0,28,0,'','','',$soc->default_lang); diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 78cab9bb733..5e3cb946f10 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -2395,8 +2395,8 @@ if($user->rights->expensereport->export && $action != 'create' && $action != 'ed $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->expensereport->dir_output . "/" . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed = 1; - $delallowed = 1; + $genallowed = $user->rights->expensereport->export; + $delallowed = $user->rights->expensereport->export; $var = true; print $formfile->showdocuments('expensereport',$filename,$filedir,$urlsource,$genallowed,$delallowed); $somethingshown = $formfile->numoffiles; diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index 28fcdefcf62..3024c8c55ae 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -732,7 +732,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->expensereport->lire; - $delallowed=$user->rights->expensereport->lire; + $delallowed=$user->rights->expensereport->creer; print $formfile->showdocuments('massfilesarea_expensereport','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 96455838a03..2cce9534873 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1688,8 +1688,8 @@ else if ($id > 0 || ! empty($ref)) $filename=dol_sanitizeFileName($object->ref); $filedir=$conf->ficheinter->dir_output . "/".$filename; $urlsource=$_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed=$user->rights->ficheinter->creer; - $delallowed=$user->rights->ficheinter->supprimer; + $genallowed=$user->rights->ficheinter->lire; + $delallowed=$user->rights->ficheinter->creer; print $formfile->showdocuments('ficheinter',$filename,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf,1,0,0,28,0,'','','',$soc->default_lang); // Show links to link elements diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 866d8cab17c..61f40e238e9 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -633,7 +633,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->ficheinter->lire; - $delallowed=$user->rights->ficheinter->supprimer; + $delallowed=$user->rights->ficheinter->creer; print $formfile->showdocuments('massfilesarea_interventions','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 03a39f2a5e3..edfcfeccc17 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -2748,8 +2748,8 @@ if ($action != 'makeorder') $relativepath = $comfournref.'/'.$comfournref.'.pdf'; $filedir = $conf->fournisseur->dir_output . '/commande/' . $comfournref; $urlsource=$_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed=$user->rights->fournisseur->commande->creer; - $delallowed=$user->rights->fournisseur->commande->supprimer; + $genallowed=$user->rights->fournisseur->commande->lire; + $delallowed=$user->rights->fournisseur->commande->creer; print $formfile->showdocuments('commande_fournisseur',$comfournref,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf,1,0,0,0,0,'','','',$object->thirdparty->default_lang); $somethingshown=$formfile->numoffiles; diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index 706e7e22024..4d5f2999943 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -1324,7 +1324,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->fournisseur->commande->lire; - $delallowed=$user->rights->fournisseur->commande->lire; + $delallowed=$user->rights->fournisseur->commande->creer; print $formfile->showdocuments('massfilesarea_supplier_order','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 0f18f7f1acc..a4eeb1c5e1b 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -1432,7 +1432,7 @@ if ($action == 'create') $dateinvoice=($datetmp==''?(empty($conf->global->MAIN_AUTOFILL_DATE)?-1:''):$datetmp); $datetmp=dol_mktime(12,0,0,$_POST['echmonth'],$_POST['echday'],$_POST['echyear']); $datedue=($datetmp==''?-1:$datetmp); - + // Replicate extrafields $objectsrc->fetch_optionals($originid); $object->array_options = $objectsrc->array_options; @@ -2801,8 +2801,8 @@ else $subdir = get_exdir($object->id, 2, 0, 0, $object, 'invoice_supplier').$ref; $filedir = $conf->fournisseur->facture->dir_output.'/'.$subdir; $urlsource=$_SERVER['PHP_SELF'].'?id='.$object->id; - $genallowed=$user->rights->fournisseur->facture->creer; - $delallowed=$user->rights->fournisseur->facture->supprimer; + $genallowed=$user->rights->fournisseur->facture->lire; + $delallowed=$user->rights->fournisseur->facture->creer; $modelpdf=(! empty($object->modelpdf)?$object->modelpdf:(empty($conf->global->INVOICE_SUPPLIER_ADDON_PDF)?'':$conf->global->INVOICE_SUPPLIER_ADDON_PDF)); print $formfile->showdocuments('facture_fournisseur',$subdir,$filedir,$urlsource,$genallowed,$delallowed,$modelpdf,1,0,0,40,0,'','','',$societe->default_lang); diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index 6d388540053..a602badfb05 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -1251,7 +1251,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->facture->lire; - $delallowed=$user->rights->facture->lire; + $delallowed=$user->rights->facture->creer; print $formfile->showdocuments('massfilesarea_invoices','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/fourn/paiement/card.php b/htdocs/fourn/paiement/card.php index 91586c86449..46052b74c1c 100644 --- a/htdocs/fourn/paiement/card.php +++ b/htdocs/fourn/paiement/card.php @@ -182,13 +182,13 @@ if ($result > 0) } $linkback = '' . $langs->trans("BackToList") . ''; - - + + dol_banner_tab($object,'id',$linkback,1,'rowid','ref'); - + print '
'; print '
'; - + print ''; /*print ''; @@ -258,7 +258,7 @@ if ($result > 0) print '
'; print '
'; - + print '
'; /** @@ -295,7 +295,7 @@ if ($result > 0) while ($i < $num) { $objp = $db->fetch_object($resql); - + print ''; // Ref print ''.img_object($langs->trans('ShowBill'),'bill').' '; @@ -321,7 +321,7 @@ if ($result > 0) $i++; } } - + print "\n"; $db->free($resql); @@ -366,7 +366,7 @@ if ($result > 0) } } print '
'; - + print '
'; /* @@ -375,8 +375,8 @@ if ($result > 0) $ref=dol_sanitizeFileName($object->ref); $filedir = $conf->fournisseur->payment->dir_output.'/'.dol_sanitizeFileName($object->ref); $urlsource=$_SERVER['PHP_SELF'].'?id='.$object->id; - $genallowed=$user->rights->fournisseur->facture->creer; - $delallowed=$user->rights->fournisseur->facture->supprimer; + $genallowed=$user->rights->fournisseur->facture->lire; + $delallowed=$user->rights->fournisseur->facture->creer; $modelpdf=(! empty($object->modelpdf)?$object->modelpdf:(empty($conf->global->SUPPLIER_PAYMENT_ADDON_PDF)?'':$conf->global->SUPPLIER_PAYMENT_ADDON_PDF)); print $formfile->showdocuments('supplier_payment',$ref,$filedir,$urlsource,$genallowed,$delallowed,$modelpdf,1,0,0,40,0,'','','',$societe->default_lang); diff --git a/htdocs/livraison/card.php b/htdocs/livraison/card.php index e6d39ec7019..092fcc94795 100644 --- a/htdocs/livraison/card.php +++ b/htdocs/livraison/card.php @@ -44,7 +44,7 @@ if (! empty($conf->projet->enabled)) { require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; } - + $langs->load("sendings"); $langs->load("bills"); @@ -223,7 +223,7 @@ if ($action == 'update_extras_line') { $array_options=array(); $num=count($object->lines); - + for ($i = 0; $i < $num; $i++) { // Extrafields @@ -236,7 +236,7 @@ if ($action == 'update_extras_line') unset($_POST["options_" . $key]); } } - + $ret = $object->update_line($object->lines[$i]->id,$array_options[$i]); // extrafields update if ($ret < 0) { @@ -305,7 +305,7 @@ $formfile = new FormFile($db); if ($action == 'create') // Seems to no be used { - + } else /* *************************************************************************** */ @@ -333,16 +333,16 @@ else $head=delivery_prepare_head($object); - + print '
'; print ''; print ''; print ''; print ''; print ''; - + dol_fiche_head($head, 'delivery', $langs->trans("Shipment"), 0, 'sending'); - + /* * Confirmation de la suppression * @@ -367,7 +367,7 @@ else /* * Livraison */ - + if ($typeobject == 'commande' && $expedition->origin_id > 0 && ! empty($conf->commande->enabled)) { $objectsrc=new Commande($db); @@ -381,7 +381,7 @@ else // Shipment card $linkback = ''.$langs->trans("BackToList").''; - + $morehtmlref='
'; // Ref customer shipment $morehtmlref.=$form->editfieldkey("RefCustomer", '', $expedition->ref_customer, $expedition, $user->rights->expedition->creer, 'string', '', 0, 1); @@ -422,17 +422,17 @@ else } } $morehtmlref.='
'; - + $morehtmlright = $langs->trans("StatusReceipt").' : '.$object->getLibStatut(6).'
'; - + dol_banner_tab($expedition, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref, '', 0, '', $morehtmlright); - - + + print '
'; print '
'; - + print ''; - + // Shipment /* if (($object->origin == 'shipment' || $object->origin == 'expedition') && $object->origin_id > 0) @@ -459,7 +459,7 @@ else print ''; print ""; */ - + // Document origine if ($typeobject == 'commande' && $expedition->origin_id && ! empty($conf->commande->enabled)) { @@ -535,7 +535,7 @@ else print ''; } - /* A delivery note should be just more properties of a shipment, so notes are on shipment + /* A delivery note should be just more properties of a shipment, so notes are on shipment // Note Public print ''; print ''; print ''; } - + // Other attributes if ($action = 'create_delivery') { // copy from expedition @@ -579,7 +579,7 @@ else print "
'.$soc->getNomUrl(1).'
'.$langs->trans("NotePublic").''; @@ -563,7 +563,7 @@ else print ''.$entrepot->libelle.'

\n"; print '
'; - + /* * Lignes produits */ @@ -602,7 +602,7 @@ else $var=true; while ($i < $num_prod) { - + print ''; if ($object->lines[$i]->fk_product > 0) @@ -666,7 +666,7 @@ else print ''.$object->lines[$i]->qty_shipped.''; print ""; - + //Display lines extrafields if (is_array($extralabelslines) && count($extralabelslines)>0) { $colspan=2; @@ -689,14 +689,14 @@ else } print "\n"; - + dol_fiche_end(); //if ($object->statut == 0) // only if draft // print '
'; - + print '
'; - + /* * Boutons actions @@ -706,7 +706,7 @@ else { print '
'; - if ($object->statut == 0 && $num_prod > 0) + if ($object->statut == 0 && $num_prod > 0) { if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! empty($user->rights->expedition->livraison->creer)) || (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && ! empty($user->rights->expedition->livraison_advance->validate))) @@ -741,8 +741,8 @@ else $filedir = $conf->expedition->dir_output . "/receipt/" . $objectref; $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed=$user->rights->expedition->livraison->creer; - $delallowed=$user->rights->expedition->livraison->supprimer; + $genallowed=$user->rights->expedition->livraison->lire; + $delallowed=$user->rights->expedition->livraison->creer; print $formfile->showdocuments('livraison',$objectref,$filedir,$urlsource,$genallowed,$delallowed,$object->modelpdf,1,0,0,28,0,'','','',$soc->default_lang); diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index e8cc7e33735..310d53f08b0 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -471,8 +471,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $relativepath = $comref . '/' . $comref . '.pdf'; $filedir = $conf->mymodule->dir_output . '/' . $comref; $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; - $genallowed = $user->rights->mymodule->creer; - $delallowed = $user->rights->mymodule->supprimer; + $genallowed = $user->rights->mymodule->read; // If you can read, you can build the PDF to read content + $delallowed = $user->rights->mymodule->create; // If you can create/edit, you can remove a file on card print $formfile->showdocuments('mymodule', $comref, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang); diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index c4e7875e89a..9ba043774e6 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -640,7 +640,7 @@ if ($nbtotalofrecords === '' || $nbtotalofrecords) $filedir=$diroutputmassaction; $genallowed=$user->rights->mymodule->read; - $delallowed=$user->rights->mymodule->read; + $delallowed=$user->rights->mymodule->create; print $formfile->showdocuments('massfilesarea_mymodule','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 0a6c9052b91..2b4c8d205f8 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -2030,8 +2030,8 @@ if ($action != 'create' && $action != 'edit' && $action != 'delete') $relativepath = $comref . '/' . $objectref . '.pdf'; $filedir = $conf->produit->dir_output . '/' . $objectref; $urlsource=$_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed=$user->rights->produit->creer; - $delallowed=$user->rights->produit->supprimer; + $genallowed=$user->rights->produit->lire; + $delallowed=$user->rights->produit->creer; $var=true; diff --git a/htdocs/product/inventory/card.php b/htdocs/product/inventory/card.php index 5506bad0fbb..8d3acdecbc1 100644 --- a/htdocs/product/inventory/card.php +++ b/htdocs/product/inventory/card.php @@ -472,8 +472,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $relativepath = $comref . '/' . $comref . '.pdf'; $filedir = $conf->inventory->dir_output . '/' . $comref; $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; - $genallowed = $user->rights->inventory->creer; - $delallowed = $user->rights->inventory->supprimer; + $genallowed = $user->rights->inventory->read; + $delallowed = $user->rights->inventory->create; print $formfile->showdocuments('inventory', $comref, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang); diff --git a/htdocs/product/inventory/list.php b/htdocs/product/inventory/list.php index 162567878d1..0fea44f0f83 100644 --- a/htdocs/product/inventory/list.php +++ b/htdocs/product/inventory/list.php @@ -625,7 +625,7 @@ if ($nbtotalofrecords === '' || $nbtotalofrecords) $filedir=$diroutputmassaction; $genallowed=$user->rights->inventory->read; - $delallowed=$user->rights->inventory->read; + $delallowed=$user->rights->inventory->create; print $formfile->showdocuments('massfilesarea_inventory','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/product/stock/productlot_list.php b/htdocs/product/stock/productlot_list.php index 3cf1e022e7f..325ddd5f796 100644 --- a/htdocs/product/stock/productlot_list.php +++ b/htdocs/product/stock/productlot_list.php @@ -604,7 +604,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->facture->lire; - $delallowed=$user->rights->facture->lire; + $delallowed=$user->rights->facture->creer; print $formfile->showdocuments('massfilesarea_orders','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,$title,''); } diff --git a/htdocs/societe/canvas/company/tpl/card_view.tpl.php b/htdocs/societe/canvas/company/tpl/card_view.tpl.php index c6e80e87a91..21645f14d00 100644 --- a/htdocs/societe/canvas/company/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_view.tpl.php @@ -257,8 +257,8 @@ for ($i=1; $i<=4; $i++) { */ $filedir=$conf->societe->multidir_output[$this->control->tpl['entity']].'/'.$socid; $urlsource=$_SERVER["PHP_SELF"]."?socid=".$socid; -$genallowed=$user->rights->societe->creer; -$delallowed=$user->rights->societe->supprimer; +$genallowed=$user->rights->societe->lire; +$delallowed=$user->rights->societe->creer; print $formfile->showdocuments('company',$socid,$filedir,$urlsource,$genallowed,$delallowed,'',0,0,0,28,0,'',0,'',$objcanvas->control->object->default_lang); ?> diff --git a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php index 21f0cafcbb1..10136048ae6 100644 --- a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php @@ -201,8 +201,8 @@ dol_fiche_head($head, 'card', $langs->trans("ThirdParty"),0,'company'); */ $filedir=$conf->societe->multidir_output[$this->control->tpl['entity']].'/'.$socid; $urlsource=$_SERVER["PHP_SELF"]."?socid=".$socid; -$genallowed=$user->rights->societe->creer; -$delallowed=$user->rights->societe->supprimer; +$genallowed=$user->rights->societe->lire; +$delallowed=$user->rights->societe->creer; print $formfile->showdocuments('company',$socid,$filedir,$urlsource,$genallowed,$delallowed,'',0,0,0,28,0,'',0,'',$objcanvas->control->object->default_lang); ?> diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 53c5a1add14..876300aef28 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -2574,8 +2574,8 @@ else */ $filedir=$conf->societe->multidir_output[$object->entity].'/'.$object->id; $urlsource=$_SERVER["PHP_SELF"]."?socid=".$object->id; - $genallowed=$user->rights->societe->creer; - $delallowed=$user->rights->societe->supprimer; + $genallowed=$user->rights->societe->lire; + $delallowed=$user->rights->societe->creer; $var=true; diff --git a/htdocs/societe/rib.php b/htdocs/societe/rib.php index 615fba52659..2be3e096517 100644 --- a/htdocs/societe/rib.php +++ b/htdocs/societe/rib.php @@ -655,8 +655,8 @@ if ($socid && $action != 'edit' && $action != "create") */ $filedir=$conf->societe->multidir_output[$object->entity].'/'.$object->id; $urlsource=$_SERVER["PHP_SELF"]."?socid=".$object->id; - $genallowed=$user->rights->societe->creer; - $delallowed=$user->rights->societe->supprimer; + $genallowed=$user->rights->societe->lire; + $delallowed=$user->rights->societe->creer; $var=true; diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php index cfb8ca52234..c39f7e1e0ea 100644 --- a/htdocs/supplier_proposal/card.php +++ b/htdocs/supplier_proposal/card.php @@ -1789,8 +1789,8 @@ if ($action == 'create') $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->supplier_proposal->dir_output . "/" . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; - $genallowed = $user->rights->supplier_proposal->creer; - $delallowed = $user->rights->supplier_proposal->supprimer; + $genallowed = $user->rights->supplier_proposal->lire; + $delallowed = $user->rights->supplier_proposal->creer; print $formfile->showdocuments('supplier_proposal', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang); diff --git a/htdocs/supplier_proposal/list.php b/htdocs/supplier_proposal/list.php index f92c0e6305d..4240ca72a08 100644 --- a/htdocs/supplier_proposal/list.php +++ b/htdocs/supplier_proposal/list.php @@ -1027,7 +1027,7 @@ if ($resql) $filedir=$diroutputmassaction; $genallowed=$user->rights->supplier_proposal->lire; - $delallowed=$user->rights->supplier_proposal->lire; + $delallowed=$user->rights->supplier_proposal->creer; print $formfile->showdocuments('massfilesarea_supplier_proposal','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,'',''); } diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 4902e0b6de0..846c9dffc9a 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -2482,8 +2482,8 @@ else $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->user->dir_output . "/" . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER["PHP_SELF"] . "?id=" . $object->id; - $genallowed = $user->rights->user->user->creer; - $delallowed = $user->rights->user->user->supprimer; + $genallowed = $user->rights->user->user->lire; + $delallowed = $user->rights->user->user->creer; print $formfile->showdocuments('user', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 1, 0, 0, 28, 0, '', 0, '', $soc->default_lang); $somethingshown = $formfile->numoffiles;