lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX User approver not visible on holiday

Browse Source
This commit is contained in:
Laurent Destailleur 2022-09-22 18:38:55 +02:00
parent 0f9dd0b04a
commit 9048c99478
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/holiday/card.php
View File

@ -1150,7 +1150,7 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') {
$result = $object->fetch($id, $ref);
$approverexpected = new User($db);
$approverexpected->fetch($object->fk_validator);
$approverexpected->fetch($object->fk_validator); // Use that should be the approver
$userRequest = new User($db);
$userRequest->fetch($object->fk_user);
@ -1364,21 +1364,23 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') {
print '</td>';
print '<td>';
if ($object->statut == Holiday::STATUS_APPROVED || $object->statut == Holiday::STATUS_CANCELED) {
$approverdone = new User($db);
$approverdone->fetch($object->fk_user_valid);
print $approverdone->getNomUrl(-1);
if ($object->fk_user_approve > 0) {
$approverdone = new User($db);
$approverdone->fetch($object->fk_user_approve);
print $approverdone->getNomUrl(-1);
}
} else {
print $approverexpected->getNomUrl(-1);
}
$include_users = $object->fetch_users_approver_holiday();
if (is_array($include_users) && in_array($user->id, $include_users) && $object->statut == Holiday::STATUS_VALIDATED) {
print '<a class="editfielda paddingleft" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editvalidator&token='.newToken().'">'.img_edit($langs->trans("Edit")).'</a>';
print '<a class="editfielda paddingleft" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editvalidator">'.img_edit($langs->trans("Edit")).'</a>';
}
print '</td>';
print '</tr>';
} else {
print '<tr>';
print '<td class="titlefield">'.$langs->trans('ReviewedByCP').'</td>';
print '<td class="titlefield">'.$langs->trans('ReviewedByCP').'</td>'; // Will be approved by
print '<td>';
$include_users = $object->fetch_users_approver_holiday();
if (!in_array($object->fk_validator, $include_users)) { // Add the current validator to the list to not lose it when editing.

2
htdocs/main.inc.php
View File

@ -518,7 +518,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt(
$sensitiveget = false;
if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 3) {
// All GET actions and mass actions are processed as sensitive.
if (GETPOSTISSET('massaction') || !in_array(GETPOST('action', 'aZ09'), array('create', 'createsite', 'edit', 'file_manager', 'presend', 'presend_addmessage'))) { // We exclude the case action='create' and action='file_manager' that are legitimate
if (GETPOSTISSET('massaction') || !in_array(GETPOST('action', 'aZ09'), array('create', 'createsite', 'edit', 'editvalidator', 'file_manager', 'presend', 'presend_addmessage'))) { // We exclude the case action='create' and action='file_manager' that are legitimate
$sensitiveget = true;
}
} elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 2) {