From 9afc0b39f11bc5e203b3990f0acf5f3222db33e1 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Mon, 31 Jul 2006 22:34:42 +0000
Subject: [PATCH] =?UTF-8?q?La=20modif=20des=20carac=20de=20soci=E9t=E9s=20?=
 =?UTF-8?q?(conditions=20r=E9glement,=20mode=20r=E9glement=20par=20d=E9fau?=
 =?UTF-8?q?t)=20est=20conditionn=E9=20sur=20droit=20modif=20plutot=20que?=
 =?UTF-8?q?=20sur=20utilisateur=20externe/interne?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/comm/fiche.php | 46 +++++++++++++++++++++----------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/htdocs/comm/fiche.php b/htdocs/comm/fiche.php
index 4e1d3be899a..aeaa0ad5eab 100644
--- a/htdocs/comm/fiche.php
+++ b/htdocs/comm/fiche.php
@@ -58,14 +58,14 @@ if ($user->societe_id > 0)
 // Protection restriction commercial
 if (!$user->rights->commercial->client->voir && $socidp && !$user->societe_id > 0)
 {
-        $sql = "SELECT sc.fk_soc, s.client";
-        $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."societe as s";
-        $sql .= " WHERE sc.fk_soc = ".$socidp." AND sc.fk_user = ".$user->id." AND s.client = 1";
-
-        if ( $db->query($sql) )
-        {
-          if ( $db->num_rows() == 0) accessforbidden();
-        }
+	$sql = "SELECT sc.fk_soc, s.client";
+	$sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."societe as s";
+	$sql .= " WHERE sc.fk_soc = ".$socidp." AND sc.fk_user = ".$user->id." AND s.client = 1";
+	
+	if ( $db->query($sql) )
+	{
+		if ( $db->num_rows() == 0) accessforbidden();
+	}
 }
 
 
@@ -81,7 +81,7 @@ if ($_GET["action"] == 'attribute_prefix')
     $societe->attribute_prefix($db, $_GET["socid"]);
 }
 // conditions de règlement
-if ($_POST["action"] == 'setconditions' && (!$user->societe_id > 0))
+if ($_POST["action"] == 'setconditions' && $user->rights->societe->creer)
 {
     
 	$societe = new Societe($db, $_GET["socid"]);
@@ -92,7 +92,7 @@ if ($_POST["action"] == 'setconditions' && (!$user->societe_id > 0))
     if (! $result) dolibarr_print_error($result);
 }
 // mode de règlement
-if ($_POST["action"] == 'setmode' && (!$user->societe_id > 0))
+if ($_POST["action"] == 'setmode' && $user->rights->societe->creer)
 {
     $societe = new Societe($db, $_GET["socid"]);
     $societe->mode_reglement=$_POST['mode_reglement_id'];
@@ -102,7 +102,7 @@ if ($_POST["action"] == 'setmode' && (!$user->societe_id > 0))
     if (! $result) dolibarr_print_error($result);
 }
 // assujétissement à la TVA
-if ($_POST["action"] == 'setassujtva' && (!$user->societe_id > 0))
+if ($_POST["action"] == 'setassujtva' && $user->rights->societe->creer)
 {
 	$societe = new Societe($db, $_GET["socid"]);
     $societe->tva_assuj=$_POST['assujtva_value'];
@@ -247,7 +247,7 @@ if ($socidp > 0)
 	print '<table width="100%" class="nobordernopadding"><tr><td nowrap>';
 	print $langs->trans('PaymentConditions');
 	print '<td>';
-	if (($_GET['action'] != 'editconditions') && (!$user->societe_id > 0)) print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;socid='.$objsoc->id.'">'.img_edit($langs->trans('SetConditions'),1).'</a></td>';
+	if (($_GET['action'] != 'editconditions') && $user->rights->societe->creer) print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;socid='.$objsoc->id.'">'.img_edit($langs->trans('SetConditions'),1).'</a></td>';
 	print '</tr></table>';
 	print '</td><td colspan="3">';
 	if ($_GET['action'] == 'editconditions')
@@ -266,7 +266,7 @@ if ($socidp > 0)
 	print '<table width="100%" class="nobordernopadding"><tr><td nowrap>';
 	print $langs->trans('PaymentMode');
 	print '<td>';
-	if (($_GET['action'] != 'editmode') && (!$user->societe_id > 0)) print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;socid='.$objsoc->id.'">'.img_edit($langs->trans('SetMode'),1).'</a></td>';
+	if (($_GET['action'] != 'editmode') && $user->rights->societe->creer) print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;socid='.$objsoc->id.'">'.img_edit($langs->trans('SetMode'),1).'</a></td>';
 	print '</tr></table>';
 	print '</td><td colspan="3">';
 	if ($_GET['action'] == 'editmode')
@@ -285,7 +285,7 @@ if ($socidp > 0)
     print '<table width="100%" class="nobordernopadding"><tr><td nowrap>';
     print $langs->trans("CustomerRelativeDiscountShort");
     print '<td><td align="right">';
-    if (!$user->societe_id > 0)
+    if ($user->rights->societe->creer)
     {
     	print '<a href="'.DOL_URL_ROOT.'/comm/remise.php?id='.$objsoc->id.'">'.img_edit($langs->trans("Modify")).'</a>';
     }
@@ -299,7 +299,7 @@ if ($socidp > 0)
     print '<tr><td nowrap>';
     print $langs->trans("CustomerAbsoluteDiscountShort");
     print '<td><td align="right">';
-    if (!$user->societe_id > 0)
+    if ($user->rights->societe->creer)
     {
     	print '<a href="'.DOL_URL_ROOT.'/comm/remx.php?id='.$objsoc->id.'">'.img_edit($langs->trans("Modify")).'</a>';
     }
@@ -320,10 +320,10 @@ if ($socidp > 0)
 		print '<table width="100%" class="nobordernopadding"><tr><td nowrap>';
 		print $langs->trans("PriceLevel");
 		print '<td><td align="right">';
-		if (!$user->societe_id > 0)
-    {
-    	print '<a href="'.DOL_URL_ROOT.'/comm/multiprix.php?id='.$objsoc->id.'">'.img_edit($langs->trans("Modify")).'</a>';
-    }
+		if ($user->rights->societe->creer)
+		{
+			print '<a href="'.DOL_URL_ROOT.'/comm/multiprix.php?id='.$objsoc->id.'">'.img_edit($langs->trans("Modify")).'</a>';
+		}
 		print '</td></tr></table>';
 		print '</td><td colspan="3">'.$objsoc->price_level."</td>";
 		print '</tr>';
@@ -336,10 +336,10 @@ if ($socidp > 0)
 		print '<table width="100%" class="nobordernopadding"><tr><td nowrap>';
 		print $langs->trans("DeliveriesAddress");
 		print '<td><td align="right">';
-		if (!$user->societe_id > 0)
-    {
-    	print '<a href="'.DOL_URL_ROOT.'/comm/adresse_livraison.php?socid='.$objsoc->id.'">'.img_edit($langs->trans("Modify")).'</a>';
-    }
+		if ($user->rights->societe->creer)
+	    {
+    		print '<a href="'.DOL_URL_ROOT.'/comm/adresse_livraison.php?socid='.$objsoc->id.'">'.img_edit($langs->trans("Modify")).'</a>';
+    	}
 		print '</td></tr></table>';
 		print '</td><td colspan="3">';