From 9d8cb459f1c935ee82ee315da5f505ed0e3ad23c Mon Sep 17 00:00:00 2001 From: Juanjo Menent Date: Tue, 7 Apr 2015 20:28:45 +0200 Subject: [PATCH] Fix: Bad permission assignments for stock movements actions --- ChangeLog | 1 + htdocs/core/menus/init_menu_auguria.sql | 4 ++-- htdocs/core/menus/standard/eldy.lib.php | 6 +++--- htdocs/product/stock/mouvement.php | 3 ++- htdocs/product/stock/product.php | 4 ++-- 5 files changed, 10 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index a69eab23790..a55e95630d7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,6 +36,7 @@ English Dolibarr ChangeLog - Fix: [ bug #2535 ] Untranslated string in "Linked objects" page of a project - Fix: [ bug #2545 ] Missing object_margin.png in Amarok theme - Fix: [ bug #2542 ] Contracts store localtax preferences +- Fix: Bad permission assignments for stock movements actions ***** ChangeLog for 3.6.2 compared to 3.6.1 ***** - Fix: fix ErrorBadValueForParamNotAString error message in price customer multiprice. diff --git a/htdocs/core/menus/init_menu_auguria.sql b/htdocs/core/menus/init_menu_auguria.sql index cf05e461e35..89c37098f2a 100644 --- a/htdocs/core/menus/init_menu_auguria.sql +++ b/htdocs/core/menus/init_menu_auguria.sql @@ -102,8 +102,8 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3102__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/liste.php', 'List', 1, 'stocks', '$user->rights->stock->lire', '', 2, 1, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3103__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/valo.php', 'EnhancedValue', 1, 'stocks', '$user->rights->stock->lire', '', 2, 2, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3104__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/mouvement.php', 'Movements', 1, 'stocks', '$user->rights->stock->mouvement->lire', '', 2, 3, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled && $conf->fournisseur->enabled', __HANDLER__, 'left', 3105__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/replenish.php', 'Replenishments', 1, 'stocks', '$user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire', '', 2, 4, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled && $conf->fournisseur->enabled', __HANDLER__, 'left', 3106__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/massstockmove.php', 'StockTransfer', 1, 'stocks', '$user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire', '', 2, 5, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled && $conf->fournisseur->enabled', __HANDLER__, 'left', 3105__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/replenish.php', 'Replenishments', 1, 'stocks', '$user->rights->stock->mouvement->creer && $user->rights->fournisseur->lire', '', 2, 4, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->stock->enabled', __HANDLER__, 'left', 3106__+MAX_llx_menu__, 'products', '', 3100__+MAX_llx_menu__, '/product/stock/massstockmove.php', 'StockTransfer', 1, 'stocks', '$user->rights->stock->mouvement->creer', '', 2, 5, __ENTITY__); -- Product - Categories insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->categorie->enabled', __HANDLER__, 'left', 3200__+MAX_llx_menu__, 'products', 'cat', 3__+MAX_llx_menu__, '/categories/index.php?leftmenu=cat&type=0', 'Categories', 0, 'categories', '$user->rights->categorie->lire', '', 2, 4, __ENTITY__); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index b42fc258c6d..273ea7f6336 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1,7 +1,7 @@ * Copyright (C) 2010 Regis Houssin - * Copyright (C) 2012-2013 Juanjo Menent + * Copyright (C) 2012-2015 Juanjo Menent * Copyright (C) 2013 Cédric Salvador * * This program is free software; you can redistribute it and/or modify @@ -1000,8 +1000,8 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/liste.php", $langs->trans("List"), 1, $user->rights->stock->lire); if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/valo.php", $langs->trans("EnhancedValue"), 1, $user->rights->stock->lire); if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/mouvement.php", $langs->trans("Movements"), 1, $user->rights->stock->mouvement->lire); - if ($conf->fournisseur->enabled) if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/replenish.php", $langs->trans("Replenishment"), 1, $user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire); - if ($conf->fournisseur->enabled) if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/massstockmove.php", $langs->trans("StockTransfer"), 1, $user->rights->stock->mouvement->lire && $user->rights->fournisseur->lire); + if ($conf->fournisseur->enabled) if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/replenish.php", $langs->trans("Replenishment"), 1, $user->rights->stock->mouvement->creer && $user->rights->fournisseur->lire); + if (empty($leftmenu) || $leftmenu=="stock") $newmenu->add("/product/stock/massstockmove.php", $langs->trans("StockTransfer"), 1, $user->rights->stock->mouvement->creer); } // Expeditions diff --git a/htdocs/product/stock/mouvement.php b/htdocs/product/stock/mouvement.php index 1498b12a033..8794b00137d 100644 --- a/htdocs/product/stock/mouvement.php +++ b/htdocs/product/stock/mouvement.php @@ -2,6 +2,7 @@ /* Copyright (C) 2001-2006 Rodolphe Quiedeville * Copyright (C) 2004-2013 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2015 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -387,7 +388,7 @@ if ($resql) { print "
\n"; - if ($user->rights->stock->creer) + if ($user->rights->stock->mouvement->creer) { print ''.$langs->trans("StockCorrection").''; } diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 400c3c1f006..0241c0d4dcf 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -5,7 +5,7 @@ * Copyright (C) 2005 Simon TOSSER * Copyright (C) 2005-2009 Regis Houssin * Copyright (C) 2013 Cédric Salvador - * Copyright (C) 2013 Juanjo Menent + * Copyright (C) 2013-2015 Juanjo Menent * Copyright (C) 2014 Cédric Gross * * This program is free software; you can redistribute it and/or modify @@ -543,7 +543,7 @@ if (empty($action) && $product->id) { print "
\n"; - if ($user->rights->stock->creer) + if ($user->rights->stock->mouvement->creer) { print ''.$langs->trans("StockCorrection").''; }