use hasRight
This commit is contained in:
Frédéric FRANCE
parent
659718b41f
commit
9f23bac505
@ -505,7 +505,7 @@ if (empty($reshook)) {
|
||||
$objectlabel = 'Bookkeeping';
|
||||
$permissiontoread = $user->hasRight('societe', 'lire');
|
||||
$permissiontodelete = $user->hasRight('societe', 'supprimer');
|
||||
$permissiontoadd = $user->rights->societe->creer;
|
||||
$permissiontoadd = $user->hasRight('societe', 'creer');
|
||||
$uploaddir = $conf->societe->dir_output;
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
|
||||
|
||||
|
||||
@ -413,7 +413,7 @@ if (empty($reshook)) {
|
||||
$objectlabel = 'Bookkeeping';
|
||||
$permissiontoread = $user->hasRight('societe', 'lire');
|
||||
$permissiontodelete = $user->hasRight('societe', 'supprimer');
|
||||
$permissiontoadd = $user->rights->societe->creer;
|
||||
$permissiontoadd = $user->hasRight('societe', 'creer');
|
||||
$uploaddir = $conf->societe->dir_output;
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
|
||||
|
||||
|
||||
@ -375,8 +375,8 @@ if ($rowid && $action != 'edit') {
|
||||
$filename = dol_sanitizeFileName($object->ref);
|
||||
$filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref);
|
||||
$urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id;
|
||||
$genallowed = $user->rights->facture->lire;
|
||||
$delallowed = $user->rights->facture->creer;
|
||||
$genallowed = $user->hasRight('facture', 'lire');
|
||||
$delallowed = $user->hasRight('facture', 'creer');
|
||||
|
||||
print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang);
|
||||
$somethingshown = $formfile->numoffiles;
|
||||
|
||||
@ -53,7 +53,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id;
|
||||
}
|
||||
|
||||
$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@ -82,7 +82,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity]."/".$object->id;
|
||||
}
|
||||
|
||||
$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@ -69,11 +69,11 @@ if (empty($action) && empty($id) && empty($ref)) {
|
||||
// Load object
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
|
||||
|
||||
$permissiontoread = $user->rights->asset->read;
|
||||
$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->rights->asset->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$permissionnote = $user->rights->asset->write; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->asset->write; // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoread = $user->hasRight('asset', 'read');
|
||||
$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->hasRight('asset', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$permissionnote = $user->hasRight('asset', 'write'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->hasRight('asset', 'write'); // Used by the include of actions_dellink.inc.php
|
||||
$upload_dir = $conf->asset->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
@ -395,8 +395,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
$relativepath = $objref.'/'.$objref.'.pdf';
|
||||
$filedir = $conf->asset->dir_output.'/'.$objref;
|
||||
$urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id;
|
||||
$genallowed = $user->rights->asset->read; // If you can read, you can build the PDF to read content
|
||||
$delallowed = $user->rights->asset->write; // If you can create/edit, you can remove a file on card
|
||||
$genallowed = $user->hasRight('asset', 'read'); // If you can read, you can build the PDF to read content
|
||||
$delallowed = $user->hasRight('asset', 'write'); // If you can create/edit, you can remove a file on card
|
||||
print $formfile->showdocuments('asset:Asset', $objref, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $langs->defaultlang);
|
||||
}
|
||||
|
||||
|
||||
@ -53,7 +53,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id;
|
||||
}
|
||||
|
||||
$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@ -51,8 +51,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity]."/".$object->id;
|
||||
}
|
||||
|
||||
$permissionnote = $user->rights->asset->write; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissionnote = $user->hasRight('asset', 'write'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@ -142,9 +142,9 @@ if ($object->id) {
|
||||
print dol_get_fiche_end();
|
||||
|
||||
$modulepart = 'asset';
|
||||
$permissiontoadd = $user->rights->asset->write;
|
||||
$permissiontoadd = $user->hasRight('asset', 'write');
|
||||
// $permissiontoadd = 1;
|
||||
$permtoedit = $user->rights->asset->write;
|
||||
$permtoedit = $user->hasRight('asset', 'write');
|
||||
// $permtoedit = 1;
|
||||
$param = '&id=' . $object->id;
|
||||
|
||||
|
||||
@ -120,9 +120,9 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php';
|
||||
$object->fields = dol_sort_array($object->fields, 'position');
|
||||
$arrayfields = dol_sort_array($arrayfields, 'position');
|
||||
|
||||
$permissiontoread = $user->rights->asset->read;
|
||||
$permissiontoadd = $user->rights->asset->write;
|
||||
$permissiontodelete = $user->rights->asset->delete;
|
||||
$permissiontoread = $user->hasRight('asset', 'read');
|
||||
$permissiontoadd = $user->hasRight('asset', 'write');
|
||||
$permissiontodelete = $user->hasRight('asset', 'delete');
|
||||
|
||||
// Security check
|
||||
if (!isModEnabled('asset')) {
|
||||
|
||||
@ -51,8 +51,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity]."/".$object->id;
|
||||
}
|
||||
|
||||
$permissionnote = $user->rights->asset->write; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissionnote = $user->hasRight('asset', 'write'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@ -87,10 +87,10 @@ $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
$result = restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
|
||||
|
||||
// Permissions
|
||||
$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->bom->write; // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoadd = $user->rights->bom->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->rights->bom->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->hasRight('bom', 'write'); // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoadd = $user->hasRight('bom', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->hasRight('bom', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$upload_dir = $conf->bom->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
|
||||
@ -768,8 +768,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
||||
$relativepath = $objref.'/'.$objref.'.pdf';
|
||||
$filedir = $conf->bom->dir_output.'/'.$objref;
|
||||
$urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id;
|
||||
$genallowed = $user->rights->bom->read; // If you can read, you can build the PDF to read content
|
||||
$delallowed = $user->rights->bom->write; // If you can create/edit, you can remove a file on card
|
||||
$genallowed = $user->hasRight('bom', 'read'); // If you can read, you can build the PDF to read content
|
||||
$delallowed = $user->hasRight('bom', 'write'); // If you can create/edit, you can remove a file on card
|
||||
print $formfile->showdocuments('bom', $objref, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $langs->defaultlang);
|
||||
|
||||
// Show links to link elements
|
||||
|
||||
@ -85,7 +85,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
|
||||
|
||||
$permissiontoadd = $user->rights->bom->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php
|
||||
$permissiontoadd = $user->hasRight('bom', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php
|
||||
|
||||
|
||||
/*
|
||||
@ -148,8 +148,8 @@ if ($object->id) {
|
||||
print dol_get_fiche_end();
|
||||
|
||||
$modulepart = 'bom';
|
||||
$permissiontoadd = $user->rights->bom->write;
|
||||
$permtoedit = $user->rights->bom->write;
|
||||
$permissiontoadd = $user->hasRight('bom', 'write');
|
||||
$permtoedit = $user->hasRight('bom', 'write');
|
||||
$param = '&id='.$object->id;
|
||||
|
||||
//$relativepathwithnofile='bom/' . dol_sanitizeFileName($object->id).'/';
|
||||
|
||||
@ -121,9 +121,9 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php';
|
||||
$object->fields = dol_sort_array($object->fields, 'position');
|
||||
$arrayfields = dol_sort_array($arrayfields, 'position');
|
||||
|
||||
$permissiontoread = $user->rights->bom->read;
|
||||
$permissiontoadd = $user->rights->bom->write;
|
||||
$permissiontodelete = $user->rights->bom->delete;
|
||||
$permissiontoread = $user->hasRight('bom', 'read');
|
||||
$permissiontoadd = $user->hasRight('bom', 'write');
|
||||
$permissiontodelete = $user->hasRight('bom', 'delete');
|
||||
|
||||
// Security check
|
||||
if ($user->socid > 0) {
|
||||
@ -175,8 +175,8 @@ if (empty($reshook)) {
|
||||
// Mass actions
|
||||
$objectclass = 'BOM';
|
||||
$objectlabel = 'BillOfMaterials';
|
||||
$permissiontoread = $user->rights->bom->read;
|
||||
$permissiontodelete = $user->rights->bom->delete;
|
||||
$permissiontoread = $user->hasRight('bom', 'read');
|
||||
$permissiontodelete = $user->hasRight('bom', 'delete');
|
||||
$uploaddir = $conf->bom->dir_output;
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
|
||||
|
||||
|
||||
@ -84,10 +84,10 @@ $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
$result = restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
|
||||
|
||||
// Permissions
|
||||
$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->bom->write; // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoadd = $user->rights->bom->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->rights->bom->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->hasRight('bom', 'write'); // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoadd = $user->hasRight('bom', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = $user->hasRight('bom', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$upload_dir = $conf->bom->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
|
||||
|
||||
@ -61,7 +61,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = (!empty($conf->bom->multidir_output[$object->entity]) ? $conf->bom->multidir_output[$object->entity] : $conf->bom->dir_output)."/".$object->id;
|
||||
}
|
||||
|
||||
$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php
|
||||
$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php
|
||||
|
||||
// Security check - Protection if external user
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@ -571,7 +571,7 @@ if ($type == Categorie::TYPE_PRODUCT) {
|
||||
// List of customers
|
||||
if ($type == Categorie::TYPE_CUSTOMER) {
|
||||
if ($user->hasRight("societe", "read")) {
|
||||
$permission = $user->rights->societe->creer;
|
||||
$permission = $user->hasRight('societe', 'creer');
|
||||
|
||||
$socs = $object->getObjectsInCateg($type, 0, $limit, $offset);
|
||||
if ($socs < 0) {
|
||||
@ -651,7 +651,7 @@ if ($type == Categorie::TYPE_CUSTOMER) {
|
||||
// List of suppliers
|
||||
if ($type == Categorie::TYPE_SUPPLIER) {
|
||||
if ($user->hasRight("fournisseur", "read")) {
|
||||
$permission = $user->rights->societe->creer;
|
||||
$permission = $user->hasRight('societe', 'creer');
|
||||
|
||||
$socs = $object->getObjectsInCateg($type, 0, $limit, $offset);
|
||||
if ($socs < 0) {
|
||||
@ -816,7 +816,7 @@ if ($type == Categorie::TYPE_MEMBER) {
|
||||
// List of contacts
|
||||
if ($type == Categorie::TYPE_CONTACT) {
|
||||
if ($user->hasRight("societe", "read")) {
|
||||
$permission = $user->rights->societe->creer;
|
||||
$permission = $user->hasRight('societe', 'creer');
|
||||
|
||||
$contacts = $object->getObjectsInCateg($type, 0, $limit, $offset);
|
||||
if (is_numeric($contacts) && $contacts < 0) {
|
||||
|
||||
@ -554,7 +554,7 @@ if (empty($reshook)) {
|
||||
// Builddoc
|
||||
$donotredirect = 1;
|
||||
$upload_dir = $conf->facture->dir_output;
|
||||
$permissiontoadd = $user->rights->facture->creer;
|
||||
$permissiontoadd = $user->hasRight('facture', 'creer');
|
||||
|
||||
// Call action to build doc
|
||||
$savobject = $object;
|
||||
|
||||
@ -105,14 +105,14 @@ $extrafields->fetch_name_optionals_label($object->table_element);
|
||||
|
||||
$search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
|
||||
|
||||
$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->facture->creer; // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoedit = $user->rights->facture->creer; // Used by the include of actions_lineupdonw.inc.php
|
||||
$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->hasRight('facture', 'creer'); // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoedit = $user->hasRight('facture', 'creer'); // Used by the include of actions_lineupdonw.inc.php
|
||||
|
||||
$usercanread = $user->rights->facture->lire;
|
||||
$usercancreate = $user->rights->facture->creer;
|
||||
$usercanissuepayment = $user->rights->facture->paiement;
|
||||
$usercandelete = $user->rights->facture->supprimer;
|
||||
$usercanread = $user->hasRight('facture', 'lire');
|
||||
$usercancreate = $user->hasRight('facture', 'creer');
|
||||
$usercanissuepayment = $user->hasRight('facture', 'paiement');
|
||||
$usercandelete = $user->hasRight('facture', 'supprimer');
|
||||
$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->validate)));
|
||||
$usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->facture->invoice_advance->send);
|
||||
$usercanreopen = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->facture->invoice_advance->reopen);
|
||||
|
||||
@ -73,7 +73,7 @@ if ($object->fetch($id, $ref)) {
|
||||
$upload_dir = $conf->facture->dir_output."/".dol_sanitizeFileName($object->ref);
|
||||
}
|
||||
|
||||
$permissiontoadd = $user->rights->facture->creer;
|
||||
$permissiontoadd = $user->hasRight('facture', 'creer');
|
||||
|
||||
// Security check
|
||||
if ($user->socid) {
|
||||
@ -184,8 +184,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
print dol_get_fiche_end();
|
||||
|
||||
$modulepart = 'facture';
|
||||
$permissiontoadd = $user->rights->facture->creer;
|
||||
$permtoedit = $user->rights->facture->creer;
|
||||
$permissiontoadd = $user->hasRight('facture', 'creer');
|
||||
$permtoedit = $user->hasRight('facture', 'creer');
|
||||
$param = '&id='.$object->id;
|
||||
include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php';
|
||||
} else {
|
||||
|
||||
@ -180,9 +180,9 @@ if ($socid > 0) {
|
||||
|
||||
$objecttype = 'facture_rec';
|
||||
|
||||
$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->facture->creer; // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoedit = $user->rights->facture->creer; // Used by the include of actions_lineupdonw.inc.php
|
||||
$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->hasRight('facture', 'creer'); // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoedit = $user->hasRight('facture', 'creer'); // Used by the include of actions_lineupdonw.inc.php
|
||||
|
||||
$result = restrictedArea($user, 'facture', $object->id, $objecttype);
|
||||
|
||||
|
||||
@ -48,7 +48,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
$object->fetch($id, $ref, '', '', (!empty($conf->global->INVOICE_USE_SITUATION) ? $conf->global->INVOICE_USE_SITUATION : 0));
|
||||
}
|
||||
|
||||
$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php
|
||||
$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php
|
||||
|
||||
// Security check
|
||||
$socid = 0;
|
||||
|
||||
@ -87,7 +87,7 @@ if ($type == 'bank-transfer') {
|
||||
if ($type == 'bank-transfer') {
|
||||
$usercancreate = ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer);
|
||||
} else {
|
||||
$usercancreate = $user->rights->facture->creer;
|
||||
$usercancreate = $user->hasRight('facture', 'creer');
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -96,7 +96,7 @@ if (!($object->id > 0) && $action == 'view') {
|
||||
}
|
||||
|
||||
$triggermodname = 'CONTACT_MODIFY';
|
||||
$permissiontoadd = $user->rights->societe->contact->creer;
|
||||
$permissiontoadd = $user->hasRight('societe', 'contact', 'creer');
|
||||
|
||||
// Security check
|
||||
if ($user->socid) {
|
||||
|
||||
@ -94,7 +94,7 @@ if ($user->socid) {
|
||||
}
|
||||
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission
|
||||
|
||||
$permissiontoadd = $user->rights->societe->contact->creer; // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoadd = $user->hasRight('societe', 'contact', 'creer'); // Used by the include of actions_dellink.inc.php
|
||||
|
||||
|
||||
/*
|
||||
@ -192,8 +192,8 @@ if ($object->id) {
|
||||
print dol_get_fiche_end();
|
||||
|
||||
$modulepart = 'contact';
|
||||
$permissiontoadd = $user->rights->societe->contact->creer;
|
||||
$permtoedit = $user->rights->societe->contact->creer;
|
||||
$permissiontoadd = $user->hasRight('societe', 'contact', 'creer');
|
||||
$permtoedit = $user->hasRight('societe', 'contact', 'creer');
|
||||
$param = '&id='.$object->id;
|
||||
include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php';
|
||||
} else {
|
||||
|
||||
@ -319,7 +319,7 @@ if (empty($reshook)) {
|
||||
$objectlabel = 'Contact';
|
||||
$permissiontoread = $user->hasRight('societe', 'lire');
|
||||
$permissiontodelete = $user->hasRight('societe', 'supprimer');
|
||||
$permissiontoadd = $user->rights->societe->creer;
|
||||
$permissiontoadd = $user->hasRight('societe', 'creer');
|
||||
$uploaddir = $conf->societe->dir_output;
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
|
||||
|
||||
|
||||
@ -51,7 +51,7 @@ if ($user->socid > 0) {
|
||||
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe');
|
||||
|
||||
|
||||
$permissionnote = $user->rights->societe->creer; // Used by the include of actions_setnotes.inc.php
|
||||
$permissionnote = $user->hasRight('societe', 'creer'); // Used by the include of actions_setnotes.inc.php
|
||||
|
||||
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
|
||||
// $hookmanager->initHooks(array('contactcard')); -> Name conflict with product/card.php
|
||||
|
||||
@ -183,13 +183,13 @@ if (empty($reshook) && isset($extrafields->attributes[$object->table_element]['l
|
||||
$permok = $user->rights->stock->creer;
|
||||
}
|
||||
if ($object->element == 'facturerec') {
|
||||
$permok = $user->rights->facture->creer;
|
||||
$permok = $user->hasRight('facture', 'creer');
|
||||
}
|
||||
if ($object->element == 'mo') {
|
||||
$permok = $user->rights->mrp->write;
|
||||
}
|
||||
if ($object->element == 'contact') {
|
||||
$permok = $user->rights->societe->contact->creer;
|
||||
$permok = $user->hasRight('societe', 'contact', 'creer');
|
||||
}
|
||||
if ($object->element == 'salary') {
|
||||
$permok = $user->rights->salaries->read;
|
||||
|
||||
@ -130,9 +130,9 @@ $extrafields->fetch_name_optionals_label($object->table_element);
|
||||
|
||||
$search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
|
||||
|
||||
$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->rights->facture->creer; // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoedit = $user->rights->facture->creer; // Used by the include of actions_lineupdonw.inc.php
|
||||
$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $user->hasRight('facture', 'creer'); // Used by the include of actions_dellink.inc.php
|
||||
$permissiontoedit = $user->hasRight('facture', 'creer'); // Used by the include of actions_lineupdonw.inc.php
|
||||
|
||||
$arrayfields = array(
|
||||
'f.titre'=>array('label'=>'Ref', 'checked'=>1),
|
||||
|
||||
@ -1872,8 +1872,8 @@ $urlsource = $_SERVER['PHP_SELF'].'?sortfield='.$sortfield.'&sortorder='.$sortor
|
||||
$urlsource .= str_replace('&', '&', $param);
|
||||
|
||||
$filedir = $diroutputmassaction;
|
||||
$genallowed = $user->rights->facture->lire;
|
||||
$delallowed = $user->rights->facture->creer;
|
||||
$genallowed = $user->hasRight('facture', 'lire');
|
||||
$delallowed = $user->hasRight('facture', 'creer');
|
||||
$title = '';
|
||||
|
||||
print $formfile->showdocuments('massfilesarea_supplier_invoice', '', $filedir, $urlsource, 0, $delallowed, '', 1, 1, 0, 48, 1, $param, $title, '', '', '', null, $hidegeneratedfilelistifempty);
|
||||
|
||||
@ -65,9 +65,9 @@ $permission = $user->rights->fournisseur->commande->creer;
|
||||
$permission = $user->rights->supplier_order->creer;
|
||||
}
|
||||
} elseif ($module == 'societe') {
|
||||
$permission = $user->rights->societe->creer;
|
||||
$permission = $user->hasRight('societe', 'creer');
|
||||
} elseif ($module == 'contact') {
|
||||
$permission = $user->rights->societe->creer;
|
||||
$permission = $user->hasRight('societe', 'creer');
|
||||
} elseif ($module == 'shipping') {
|
||||
$permission = $user->rights->expedition->creer;
|
||||
} elseif ($module == 'product') {
|
||||
|
||||
@ -347,7 +347,7 @@ function displayPositionCard(&$object)
|
||||
// $filedir = $conf->societe->multidir_output[$object->entity].'/'.$object->id;
|
||||
// $urlsource = $_SERVER["PHP_SELF"]."?socid=".$object->id;
|
||||
// $genallowed = $user->hasRight('societe', 'lire');
|
||||
// $delallowed = $user->rights->societe->creer;
|
||||
// $delallowed = $user->hasRight('societe', 'creer');
|
||||
//
|
||||
// print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang);
|
||||
// }
|
||||
|
||||
@ -151,7 +151,7 @@ $permissiontodelete = $user->rights->mrp->delete || ($permissiontoadd && isset($
|
||||
$upload_dir = $conf->mrp->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
$permissiontoproduce = $permissiontoadd;
|
||||
$permissiontoupdatecost = $user->rights->bom->write; // User who can define cost must have knowledge of pricing
|
||||
$permissiontoupdatecost = $user->hasRight('bom', 'write'); // User who can define cost must have knowledge of pricing
|
||||
|
||||
if ($permissiontoupdatecost) {
|
||||
$arrayfields['m.price']['enabled'] = 1;
|
||||
|
||||
@ -95,7 +95,7 @@ $permissiontodelete = $user->rights->mrp->delete || ($permissiontoadd && isset($
|
||||
$upload_dir = $conf->mrp->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
$permissiontoproduce = $permissiontoadd;
|
||||
$permissiontoupdatecost = $user->rights->bom->read; // User who can define cost must have knowledge of pricing
|
||||
$permissiontoupdatecost = $user->hasRight('bom', 'read'); // User who can define cost must have knowledge of pricing
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@ -284,7 +284,7 @@ for ($i = 1; $i <= 4; $i++) {
|
||||
$filedir = $conf->societe->multidir_output[$this->control->tpl['entity']].'/'.$socid;
|
||||
$urlsource = $_SERVER["PHP_SELF"]."?socid=".$socid;
|
||||
$genallowed = $user->hasRight('societe', 'lire');
|
||||
$delallowed = $user->rights->societe->creer;
|
||||
$delallowed = $user->hasRight('societe', 'creer');
|
||||
|
||||
print $formfile->showdocuments('company', $socid, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 28, 0, '', 0, '', $objcanvas->control->object->default_lang);
|
||||
?>
|
||||
|
||||
@ -210,7 +210,7 @@ if ($this->control->tpl['action_delete']) {
|
||||
$filedir = $conf->societe->multidir_output[$this->control->tpl['entity']].'/'.$socid;
|
||||
$urlsource = $_SERVER["PHP_SELF"]."?socid=".$socid;
|
||||
$genallowed = $user->hasRight('societe', 'lire');
|
||||
$delallowed = $user->rights->societe->creer;
|
||||
$delallowed = $user->hasRight('societe', 'creer');
|
||||
|
||||
print $formfile->showdocuments('company', $socid, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 28, 0, '', 0, '', $objcanvas->control->object->default_lang);
|
||||
?>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user