From 9ba7d422ff2d6a4952e4922d1f92fa0103deaaa4 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 2 Feb 2010 11:34:32 +0000 Subject: [PATCH] Works on enhancement of project tasks Fix: limit modification to project leader --- htdocs/projet/contact.php | 26 +++++++++++-- htdocs/projet/fiche.php | 72 ++++++++++++++++++++++++++++++----- htdocs/projet/tasks/fiche.php | 36 +++++++++--------- 3 files changed, 102 insertions(+), 32 deletions(-) diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php index 768e89dd235..c0f895d7b15 100644 --- a/htdocs/projet/contact.php +++ b/htdocs/projet/contact.php @@ -172,6 +172,24 @@ if ($id > 0 || ! empty($ref)) if ( $project->fetch($id,$ref) > 0) { if ($project->societe->id > 0) $result=$project->societe->fetch($project->societe->id); + + // To verify role of users + $userAccess = 0; + foreach(array('internal','external') as $source) + { + $userRole = $project->liste_contact(4,$source); + $num=sizeof($userRole); + + $i = 0; + while ($i < $num) + { + if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id']) + { + $userAccess++; + } + $i++; + } + } $head = project_prepare_head($project); dol_fiche_head($head, 'contact', $langs->trans("Project"), 0, 'project'); @@ -212,7 +230,7 @@ if ($id > 0 || ! empty($ref)) * Ajouter une ligne de contact * Non affiche en mode modification de ligne */ - if ($_GET["action"] != 'editline' && $user->rights->projet->creer) + if ($_GET["action"] != 'editline' && $user->rights->projet->creer && $userAccess) { print ''; print ''.$langs->trans("Source").''; @@ -358,14 +376,14 @@ if ($id > 0 || ! empty($ref)) // Statut print ''; // Activation desativation du contact - if ($project->statut >= 0) print ''; + if ($project->statut >= 0 && $userAccess) print ''; print $contactstatic->LibStatut($tab[$i]['status'],3); - if ($project->statut >= 0) print ''; + if ($project->statut >= 0 && $userAccess) print ''; print ''; // Icon update et delete print ''; - if ($user->rights->projet->creer) + if ($user->rights->projet->creer && $userAccess) { print ' '; print ''; diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php index c336045cc28..fed7ba50c9e 100644 --- a/htdocs/projet/fiche.php +++ b/htdocs/projet/fiche.php @@ -320,6 +320,24 @@ else $project->fetch($projectid,$projectref); if ($project->societe->id > 0) $result=$project->societe->fetch($project->societe->id); + + // To verify role of users + $userAccess = 0; + foreach(array('internal','external') as $source) + { + $userRole = $project->liste_contact(4,$source); + $num=sizeof($userRole); + + $i = 0; + while ($i < $num) + { + if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id']) + { + $userAccess++; + } + $i++; + } + } $head=project_prepare_head($project); dol_fiche_head($head, 'project', $langs->trans("Project"),0,'project'); @@ -350,7 +368,7 @@ else } - if ($_GET["action"] == 'edit') + if ($_GET["action"] == 'edit' && $userAccess) { print '
'; print ''; @@ -494,37 +512,71 @@ else */ print '
'; - if ($_GET["action"] != "edit") + if ($_GET["action"] != "edit" ) { // Validate if ($project->statut == 0 && $user->rights->projet->creer) { - print ''.$langs->trans("Valid").''; + if ($userAccess) + { + print ''.$langs->trans("Valid").''; + } + else + { + print ''.$langs->trans('Valid').''; + } } // Modify if ($project->statut != 2 && $user->rights->projet->creer) { - print ''.$langs->trans("Modify").''; + if ($userAccess) + { + print ''.$langs->trans("Modify").''; + } + else + { + print ''.$langs->trans('Modify').''; + } } // Close if ($project->statut != 2 && $user->rights->projet->creer) { - print ''.$langs->trans("Close").''; + if ($userAccess) + { + print ''.$langs->trans("Close").''; + } + else + { + print ''.$langs->trans('Close').''; + } } // Reopen if ($project->statut == 2 && $user->rights->projet->creer) { - print ''.$langs->trans("ReOpen").''; + if ($userAccess) + { + print ''.$langs->trans("ReOpen").''; + } + else + { + print ''.$langs->trans('ReOpen').''; + } } // Delete if ($user->rights->projet->supprimer) { - print ''.$langs->trans("Delete").''; + if ($userAccess) + { + print ''.$langs->trans("Delete").''; + } + else + { + print ''.$langs->trans('Delete').''; + } } } @@ -543,8 +595,8 @@ else $filename=dol_sanitizeFileName($project->ref); $filedir=$conf->projet->dir_output . "/" . dol_sanitizeFileName($project->ref); $urlsource=$_SERVER["PHP_SELF"]."?id=".$project->id; - $genallowed=$user->rights->projet->creer; - $delallowed=$user->rights->projet->supprimer; + $genallowed=($user->rights->projet->creer && $userAccess); + $delallowed=($user->rights->projet->supprimer && $userAccess); $var=true; diff --git a/htdocs/projet/tasks/fiche.php b/htdocs/projet/tasks/fiche.php index ec9d2c14547..28ed64ac767 100644 --- a/htdocs/projet/tasks/fiche.php +++ b/htdocs/projet/tasks/fiche.php @@ -117,6 +117,24 @@ if ($id > 0 || ! empty($ref)) $project = new Project($db); $project->fetch($_REQUEST["id"],$_GET["ref"]); if ($project->societe->id > 0) $result=$project->societe->fetch($project->societe->id); + + // To verify role of users + $userAccess = 0; + foreach(array('internal','external') as $source) + { + $userRole = $project->liste_contact(4,$source); + $num=sizeof($userRole); + + $i = 0; + while ($i < $num) + { + if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id']) + { + $userAccess++; + } + $i++; + } + } } if ($_GET["action"] == 'create' && $user->rights->projet->creer) @@ -196,24 +214,6 @@ else dol_fiche_head($head, $tab, $langs->trans("Project"),0,'project'); $param=($_REQUEST["mode"]=='mine'?'&mode=mine':''); - - // To verify role of users - $userAccess = 0; - foreach(array('internal','external') as $source) - { - $userRole = $project->liste_contact(4,$source); - $num=sizeof($userRole); - - $i = 0; - while ($i < $num) - { - if ($userRole[$i]['code'] == 'PROJECTLEADER' && $user->id == $userRole[$i]['id']) - { - $userAccess++; - } - $i++; - } - } print '';