From 9f23bac505dfa14058e30cde5d7fd7b186b3447a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 20 Feb 2023 18:55:52 +0100 Subject: [PATCH] use hasRight --- htdocs/accountancy/bookkeeping/list.php | 2 +- htdocs/accountancy/bookkeeping/listbyaccount.php | 2 +- htdocs/adherents/subscription/card.php | 4 ++-- htdocs/asset/accountancy_codes.php | 2 +- htdocs/asset/agenda.php | 2 +- htdocs/asset/card.php | 14 +++++++------- htdocs/asset/depreciation_options.php | 2 +- htdocs/asset/disposal.php | 4 ++-- htdocs/asset/document.php | 4 ++-- htdocs/asset/list.php | 6 +++--- htdocs/asset/note.php | 4 ++-- htdocs/bom/bom_card.php | 12 ++++++------ htdocs/bom/bom_document.php | 6 +++--- htdocs/bom/bom_list.php | 10 +++++----- htdocs/bom/bom_net_needs.php | 8 ++++---- htdocs/bom/bom_note.php | 2 +- htdocs/categories/viewcat.php | 6 +++--- htdocs/commande/list.php | 2 +- htdocs/compta/facture/card-rec.php | 14 +++++++------- htdocs/compta/facture/document.php | 6 +++--- htdocs/compta/facture/invoicetemplate_list.php | 6 +++--- htdocs/compta/facture/note.php | 2 +- htdocs/compta/facture/prelevement.php | 2 +- htdocs/contact/card.php | 2 +- htdocs/contact/document.php | 6 +++--- htdocs/contact/list.php | 2 +- htdocs/contact/note.php | 2 +- htdocs/core/tpl/extrafields_view.tpl.php | 4 ++-- htdocs/fourn/facture/list-rec.php | 6 +++--- htdocs/fourn/facture/list.php | 4 ++-- htdocs/hrm/core/tpl/skilldet.fiche.tpl.php | 4 ++-- htdocs/hrm/position_card.php | 2 +- htdocs/mrp/mo_movements.php | 2 +- htdocs/mrp/mo_production.php | 2 +- .../societe/canvas/company/tpl/card_view.tpl.php | 2 +- .../canvas/individual/tpl/card_view.tpl.php | 2 +- 36 files changed, 81 insertions(+), 81 deletions(-) diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index 23bb513a85b..0611e6fe003 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -505,7 +505,7 @@ if (empty($reshook)) { $objectlabel = 'Bookkeeping'; $permissiontoread = $user->hasRight('societe', 'lire'); $permissiontodelete = $user->hasRight('societe', 'supprimer'); - $permissiontoadd = $user->rights->societe->creer; + $permissiontoadd = $user->hasRight('societe', 'creer'); $uploaddir = $conf->societe->dir_output; include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php index 78aea811a5d..17ebe24546a 100644 --- a/htdocs/accountancy/bookkeeping/listbyaccount.php +++ b/htdocs/accountancy/bookkeeping/listbyaccount.php @@ -413,7 +413,7 @@ if (empty($reshook)) { $objectlabel = 'Bookkeeping'; $permissiontoread = $user->hasRight('societe', 'lire'); $permissiontodelete = $user->hasRight('societe', 'supprimer'); - $permissiontoadd = $user->rights->societe->creer; + $permissiontoadd = $user->hasRight('societe', 'creer'); $uploaddir = $conf->societe->dir_output; include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; diff --git a/htdocs/adherents/subscription/card.php b/htdocs/adherents/subscription/card.php index 711191726c3..b97fac372e5 100644 --- a/htdocs/adherents/subscription/card.php +++ b/htdocs/adherents/subscription/card.php @@ -375,8 +375,8 @@ if ($rowid && $action != 'edit') { $filename = dol_sanitizeFileName($object->ref); $filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref); $urlsource = $_SERVER['PHP_SELF'] . '?facid=' . $object->id; - $genallowed = $user->rights->facture->lire; - $delallowed = $user->rights->facture->creer; + $genallowed = $user->hasRight('facture', 'lire'); + $delallowed = $user->hasRight('facture', 'creer'); print $formfile->showdocuments('facture', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $soc->default_lang); $somethingshown = $formfile->numoffiles; diff --git a/htdocs/asset/accountancy_codes.php b/htdocs/asset/accountancy_codes.php index 224380fc295..c6d3d0099ad 100644 --- a/htdocs/asset/accountancy_codes.php +++ b/htdocs/asset/accountancy_codes.php @@ -53,7 +53,7 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id; } -$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php +$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/asset/agenda.php b/htdocs/asset/agenda.php index 5be66bf69ed..166eb12935c 100644 --- a/htdocs/asset/agenda.php +++ b/htdocs/asset/agenda.php @@ -82,7 +82,7 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity]."/".$object->id; } -$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php +$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/asset/card.php b/htdocs/asset/card.php index dba49857aec..bd3255491fc 100644 --- a/htdocs/asset/card.php +++ b/htdocs/asset/card.php @@ -69,11 +69,11 @@ if (empty($action) && empty($id) && empty($ref)) { // Load object include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. -$permissiontoread = $user->rights->asset->read; -$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php -$permissiontodelete = $user->rights->asset->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); -$permissionnote = $user->rights->asset->write; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->asset->write; // Used by the include of actions_dellink.inc.php +$permissiontoread = $user->hasRight('asset', 'read'); +$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php +$permissiontodelete = $user->hasRight('asset', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); +$permissionnote = $user->hasRight('asset', 'write'); // Used by the include of actions_setnotes.inc.php +$permissiondellink = $user->hasRight('asset', 'write'); // Used by the include of actions_dellink.inc.php $upload_dir = $conf->asset->multidir_output[isset($object->entity) ? $object->entity : 1]; // Security check (enable the most restrictive one) @@ -395,8 +395,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $relativepath = $objref.'/'.$objref.'.pdf'; $filedir = $conf->asset->dir_output.'/'.$objref; $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed = $user->rights->asset->read; // If you can read, you can build the PDF to read content - $delallowed = $user->rights->asset->write; // If you can create/edit, you can remove a file on card + $genallowed = $user->hasRight('asset', 'read'); // If you can read, you can build the PDF to read content + $delallowed = $user->hasRight('asset', 'write'); // If you can create/edit, you can remove a file on card print $formfile->showdocuments('asset:Asset', $objref, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $langs->defaultlang); } diff --git a/htdocs/asset/depreciation_options.php b/htdocs/asset/depreciation_options.php index f4558ae6157..5d232670105 100644 --- a/htdocs/asset/depreciation_options.php +++ b/htdocs/asset/depreciation_options.php @@ -53,7 +53,7 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id; } -$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php +$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/asset/disposal.php b/htdocs/asset/disposal.php index 0f1b71e1929..46c5be78a79 100644 --- a/htdocs/asset/disposal.php +++ b/htdocs/asset/disposal.php @@ -51,8 +51,8 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity]."/".$object->id; } -$permissionnote = $user->rights->asset->write; // Used by the include of actions_setnotes.inc.php -$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php +$permissionnote = $user->hasRight('asset', 'write'); // Used by the include of actions_setnotes.inc.php +$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/asset/document.php b/htdocs/asset/document.php index ee5f7845aed..3ead3b3ed57 100644 --- a/htdocs/asset/document.php +++ b/htdocs/asset/document.php @@ -142,9 +142,9 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'asset'; - $permissiontoadd = $user->rights->asset->write; + $permissiontoadd = $user->hasRight('asset', 'write'); // $permissiontoadd = 1; - $permtoedit = $user->rights->asset->write; + $permtoedit = $user->hasRight('asset', 'write'); // $permtoedit = 1; $param = '&id=' . $object->id; diff --git a/htdocs/asset/list.php b/htdocs/asset/list.php index 1ddfd2a1c82..ee35a817be3 100644 --- a/htdocs/asset/list.php +++ b/htdocs/asset/list.php @@ -120,9 +120,9 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); -$permissiontoread = $user->rights->asset->read; -$permissiontoadd = $user->rights->asset->write; -$permissiontodelete = $user->rights->asset->delete; +$permissiontoread = $user->hasRight('asset', 'read'); +$permissiontoadd = $user->hasRight('asset', 'write'); +$permissiontodelete = $user->hasRight('asset', 'delete'); // Security check if (!isModEnabled('asset')) { diff --git a/htdocs/asset/note.php b/htdocs/asset/note.php index fd404a77447..dd31b723cea 100644 --- a/htdocs/asset/note.php +++ b/htdocs/asset/note.php @@ -51,8 +51,8 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->asset->multidir_output[$object->entity]."/".$object->id; } -$permissionnote = $user->rights->asset->write; // Used by the include of actions_setnotes.inc.php -$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php +$permissionnote = $user->hasRight('asset', 'write'); // Used by the include of actions_setnotes.inc.php +$permissiontoadd = $user->hasRight('asset', 'write'); // Used by the include of actions_addupdatedelete.inc.php // Security check (enable the most restrictive one) if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index 3901e18bac4..33e562a8a20 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -87,10 +87,10 @@ $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); $result = restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft); // Permissions -$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->bom->write; // Used by the include of actions_dellink.inc.php -$permissiontoadd = $user->rights->bom->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php -$permissiontodelete = $user->rights->bom->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); +$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php +$permissiondellink = $user->hasRight('bom', 'write'); // Used by the include of actions_dellink.inc.php +$permissiontoadd = $user->hasRight('bom', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php +$permissiontodelete = $user->hasRight('bom', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); $upload_dir = $conf->bom->multidir_output[isset($object->entity) ? $object->entity : 1]; @@ -768,8 +768,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $relativepath = $objref.'/'.$objref.'.pdf'; $filedir = $conf->bom->dir_output.'/'.$objref; $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed = $user->rights->bom->read; // If you can read, you can build the PDF to read content - $delallowed = $user->rights->bom->write; // If you can create/edit, you can remove a file on card + $genallowed = $user->hasRight('bom', 'read'); // If you can read, you can build the PDF to read content + $delallowed = $user->hasRight('bom', 'write'); // If you can create/edit, you can remove a file on card print $formfile->showdocuments('bom', $objref, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $langs->defaultlang); // Show links to link elements diff --git a/htdocs/bom/bom_document.php b/htdocs/bom/bom_document.php index 29aca029d36..03b9f416d43 100644 --- a/htdocs/bom/bom_document.php +++ b/htdocs/bom/bom_document.php @@ -85,7 +85,7 @@ if ($id > 0 || !empty($ref)) { $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft); -$permissiontoadd = $user->rights->bom->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php +$permissiontoadd = $user->hasRight('bom', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php /* @@ -148,8 +148,8 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'bom'; - $permissiontoadd = $user->rights->bom->write; - $permtoedit = $user->rights->bom->write; + $permissiontoadd = $user->hasRight('bom', 'write'); + $permtoedit = $user->hasRight('bom', 'write'); $param = '&id='.$object->id; //$relativepathwithnofile='bom/' . dol_sanitizeFileName($object->id).'/'; diff --git a/htdocs/bom/bom_list.php b/htdocs/bom/bom_list.php index 7e2098bb119..730ad651d0c 100644 --- a/htdocs/bom/bom_list.php +++ b/htdocs/bom/bom_list.php @@ -121,9 +121,9 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); -$permissiontoread = $user->rights->bom->read; -$permissiontoadd = $user->rights->bom->write; -$permissiontodelete = $user->rights->bom->delete; +$permissiontoread = $user->hasRight('bom', 'read'); +$permissiontoadd = $user->hasRight('bom', 'write'); +$permissiontodelete = $user->hasRight('bom', 'delete'); // Security check if ($user->socid > 0) { @@ -175,8 +175,8 @@ if (empty($reshook)) { // Mass actions $objectclass = 'BOM'; $objectlabel = 'BillOfMaterials'; - $permissiontoread = $user->rights->bom->read; - $permissiontodelete = $user->rights->bom->delete; + $permissiontoread = $user->hasRight('bom', 'read'); + $permissiontodelete = $user->hasRight('bom', 'delete'); $uploaddir = $conf->bom->dir_output; include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; diff --git a/htdocs/bom/bom_net_needs.php b/htdocs/bom/bom_net_needs.php index f6644590a2e..7f5bd79890f 100644 --- a/htdocs/bom/bom_net_needs.php +++ b/htdocs/bom/bom_net_needs.php @@ -84,10 +84,10 @@ $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); $result = restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft); // Permissions -$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->bom->write; // Used by the include of actions_dellink.inc.php -$permissiontoadd = $user->rights->bom->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php -$permissiontodelete = $user->rights->bom->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); +$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php +$permissiondellink = $user->hasRight('bom', 'write'); // Used by the include of actions_dellink.inc.php +$permissiontoadd = $user->hasRight('bom', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php +$permissiontodelete = $user->hasRight('bom', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); $upload_dir = $conf->bom->multidir_output[isset($object->entity) ? $object->entity : 1]; diff --git a/htdocs/bom/bom_note.php b/htdocs/bom/bom_note.php index 0c32b8643fb..10c64a1b104 100644 --- a/htdocs/bom/bom_note.php +++ b/htdocs/bom/bom_note.php @@ -61,7 +61,7 @@ if ($id > 0 || !empty($ref)) { $upload_dir = (!empty($conf->bom->multidir_output[$object->entity]) ? $conf->bom->multidir_output[$object->entity] : $conf->bom->dir_output)."/".$object->id; } -$permissionnote = $user->rights->bom->write; // Used by the include of actions_setnotes.inc.php +$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php // Security check - Protection if external user //if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index f494dddb082..37b0632c319 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -571,7 +571,7 @@ if ($type == Categorie::TYPE_PRODUCT) { // List of customers if ($type == Categorie::TYPE_CUSTOMER) { if ($user->hasRight("societe", "read")) { - $permission = $user->rights->societe->creer; + $permission = $user->hasRight('societe', 'creer'); $socs = $object->getObjectsInCateg($type, 0, $limit, $offset); if ($socs < 0) { @@ -651,7 +651,7 @@ if ($type == Categorie::TYPE_CUSTOMER) { // List of suppliers if ($type == Categorie::TYPE_SUPPLIER) { if ($user->hasRight("fournisseur", "read")) { - $permission = $user->rights->societe->creer; + $permission = $user->hasRight('societe', 'creer'); $socs = $object->getObjectsInCateg($type, 0, $limit, $offset); if ($socs < 0) { @@ -816,7 +816,7 @@ if ($type == Categorie::TYPE_MEMBER) { // List of contacts if ($type == Categorie::TYPE_CONTACT) { if ($user->hasRight("societe", "read")) { - $permission = $user->rights->societe->creer; + $permission = $user->hasRight('societe', 'creer'); $contacts = $object->getObjectsInCateg($type, 0, $limit, $offset); if (is_numeric($contacts) && $contacts < 0) { diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 584926cd87e..177f68a1fbb 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -554,7 +554,7 @@ if (empty($reshook)) { // Builddoc $donotredirect = 1; $upload_dir = $conf->facture->dir_output; - $permissiontoadd = $user->rights->facture->creer; + $permissiontoadd = $user->hasRight('facture', 'creer'); // Call action to build doc $savobject = $object; diff --git a/htdocs/compta/facture/card-rec.php b/htdocs/compta/facture/card-rec.php index 1af465a806c..ce7bf072073 100644 --- a/htdocs/compta/facture/card-rec.php +++ b/htdocs/compta/facture/card-rec.php @@ -105,14 +105,14 @@ $extrafields->fetch_name_optionals_label($object->table_element); $search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_'); -$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->facture->creer; // Used by the include of actions_dellink.inc.php -$permissiontoedit = $user->rights->facture->creer; // Used by the include of actions_lineupdonw.inc.php +$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php +$permissiondellink = $user->hasRight('facture', 'creer'); // Used by the include of actions_dellink.inc.php +$permissiontoedit = $user->hasRight('facture', 'creer'); // Used by the include of actions_lineupdonw.inc.php -$usercanread = $user->rights->facture->lire; -$usercancreate = $user->rights->facture->creer; -$usercanissuepayment = $user->rights->facture->paiement; -$usercandelete = $user->rights->facture->supprimer; +$usercanread = $user->hasRight('facture', 'lire'); +$usercancreate = $user->hasRight('facture', 'creer'); +$usercanissuepayment = $user->hasRight('facture', 'paiement'); +$usercandelete = $user->hasRight('facture', 'supprimer'); $usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->validate))); $usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->facture->invoice_advance->send); $usercanreopen = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->facture->invoice_advance->reopen); diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php index 526bbe02068..af633e14f90 100644 --- a/htdocs/compta/facture/document.php +++ b/htdocs/compta/facture/document.php @@ -73,7 +73,7 @@ if ($object->fetch($id, $ref)) { $upload_dir = $conf->facture->dir_output."/".dol_sanitizeFileName($object->ref); } -$permissiontoadd = $user->rights->facture->creer; +$permissiontoadd = $user->hasRight('facture', 'creer'); // Security check if ($user->socid) { @@ -184,8 +184,8 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); $modulepart = 'facture'; - $permissiontoadd = $user->rights->facture->creer; - $permtoedit = $user->rights->facture->creer; + $permissiontoadd = $user->hasRight('facture', 'creer'); + $permtoedit = $user->hasRight('facture', 'creer'); $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/compta/facture/invoicetemplate_list.php b/htdocs/compta/facture/invoicetemplate_list.php index f0d6001d892..addac069636 100644 --- a/htdocs/compta/facture/invoicetemplate_list.php +++ b/htdocs/compta/facture/invoicetemplate_list.php @@ -180,9 +180,9 @@ if ($socid > 0) { $objecttype = 'facture_rec'; -$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->facture->creer; // Used by the include of actions_dellink.inc.php -$permissiontoedit = $user->rights->facture->creer; // Used by the include of actions_lineupdonw.inc.php +$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php +$permissiondellink = $user->hasRight('facture', 'creer'); // Used by the include of actions_dellink.inc.php +$permissiontoedit = $user->hasRight('facture', 'creer'); // Used by the include of actions_lineupdonw.inc.php $result = restrictedArea($user, 'facture', $object->id, $objecttype); diff --git a/htdocs/compta/facture/note.php b/htdocs/compta/facture/note.php index 40f8b969fac..459d32cde87 100644 --- a/htdocs/compta/facture/note.php +++ b/htdocs/compta/facture/note.php @@ -48,7 +48,7 @@ if ($id > 0 || !empty($ref)) { $object->fetch($id, $ref, '', '', (!empty($conf->global->INVOICE_USE_SITUATION) ? $conf->global->INVOICE_USE_SITUATION : 0)); } -$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php +$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php // Security check $socid = 0; diff --git a/htdocs/compta/facture/prelevement.php b/htdocs/compta/facture/prelevement.php index 8af2972e1a0..8a9d4e6c198 100644 --- a/htdocs/compta/facture/prelevement.php +++ b/htdocs/compta/facture/prelevement.php @@ -87,7 +87,7 @@ if ($type == 'bank-transfer') { if ($type == 'bank-transfer') { $usercancreate = ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer); } else { - $usercancreate = $user->rights->facture->creer; + $usercancreate = $user->hasRight('facture', 'creer'); } diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index 1584fdbe41c..d241bb02e9e 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -96,7 +96,7 @@ if (!($object->id > 0) && $action == 'view') { } $triggermodname = 'CONTACT_MODIFY'; -$permissiontoadd = $user->rights->societe->contact->creer; +$permissiontoadd = $user->hasRight('societe', 'contact', 'creer'); // Security check if ($user->socid) { diff --git a/htdocs/contact/document.php b/htdocs/contact/document.php index f62e82ee5a1..ed8bc2d4d93 100644 --- a/htdocs/contact/document.php +++ b/htdocs/contact/document.php @@ -94,7 +94,7 @@ if ($user->socid) { } $result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission -$permissiontoadd = $user->rights->societe->contact->creer; // Used by the include of actions_dellink.inc.php +$permissiontoadd = $user->hasRight('societe', 'contact', 'creer'); // Used by the include of actions_dellink.inc.php /* @@ -192,8 +192,8 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'contact'; - $permissiontoadd = $user->rights->societe->contact->creer; - $permtoedit = $user->rights->societe->contact->creer; + $permissiontoadd = $user->hasRight('societe', 'contact', 'creer'); + $permtoedit = $user->hasRight('societe', 'contact', 'creer'); $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 4bb325f30ae..71154e23b28 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -319,7 +319,7 @@ if (empty($reshook)) { $objectlabel = 'Contact'; $permissiontoread = $user->hasRight('societe', 'lire'); $permissiontodelete = $user->hasRight('societe', 'supprimer'); - $permissiontoadd = $user->rights->societe->creer; + $permissiontoadd = $user->hasRight('societe', 'creer'); $uploaddir = $conf->societe->dir_output; include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; diff --git a/htdocs/contact/note.php b/htdocs/contact/note.php index bf75a3350a7..148d9fb6f04 100644 --- a/htdocs/contact/note.php +++ b/htdocs/contact/note.php @@ -51,7 +51,7 @@ if ($user->socid > 0) { $result = restrictedArea($user, 'contact', $id, 'socpeople&societe'); -$permissionnote = $user->rights->societe->creer; // Used by the include of actions_setnotes.inc.php +$permissionnote = $user->hasRight('societe', 'creer'); // Used by the include of actions_setnotes.inc.php // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context // $hookmanager->initHooks(array('contactcard')); -> Name conflict with product/card.php diff --git a/htdocs/core/tpl/extrafields_view.tpl.php b/htdocs/core/tpl/extrafields_view.tpl.php index a335319ddfd..ec7578e0aa4 100644 --- a/htdocs/core/tpl/extrafields_view.tpl.php +++ b/htdocs/core/tpl/extrafields_view.tpl.php @@ -183,13 +183,13 @@ if (empty($reshook) && isset($extrafields->attributes[$object->table_element]['l $permok = $user->rights->stock->creer; } if ($object->element == 'facturerec') { - $permok = $user->rights->facture->creer; + $permok = $user->hasRight('facture', 'creer'); } if ($object->element == 'mo') { $permok = $user->rights->mrp->write; } if ($object->element == 'contact') { - $permok = $user->rights->societe->contact->creer; + $permok = $user->hasRight('societe', 'contact', 'creer'); } if ($object->element == 'salary') { $permok = $user->rights->salaries->read; diff --git a/htdocs/fourn/facture/list-rec.php b/htdocs/fourn/facture/list-rec.php index e77000b45d3..d45334eba9e 100644 --- a/htdocs/fourn/facture/list-rec.php +++ b/htdocs/fourn/facture/list-rec.php @@ -130,9 +130,9 @@ $extrafields->fetch_name_optionals_label($object->table_element); $search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_'); -$permissionnote = $user->rights->facture->creer; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->facture->creer; // Used by the include of actions_dellink.inc.php -$permissiontoedit = $user->rights->facture->creer; // Used by the include of actions_lineupdonw.inc.php +$permissionnote = $user->hasRight('facture', 'creer'); // Used by the include of actions_setnotes.inc.php +$permissiondellink = $user->hasRight('facture', 'creer'); // Used by the include of actions_dellink.inc.php +$permissiontoedit = $user->hasRight('facture', 'creer'); // Used by the include of actions_lineupdonw.inc.php $arrayfields = array( 'f.titre'=>array('label'=>'Ref', 'checked'=>1), diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index 9395b4245fd..043a92b0648 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -1872,8 +1872,8 @@ $urlsource = $_SERVER['PHP_SELF'].'?sortfield='.$sortfield.'&sortorder='.$sortor $urlsource .= str_replace('&', '&', $param); $filedir = $diroutputmassaction; -$genallowed = $user->rights->facture->lire; -$delallowed = $user->rights->facture->creer; +$genallowed = $user->hasRight('facture', 'lire'); +$delallowed = $user->hasRight('facture', 'creer'); $title = ''; print $formfile->showdocuments('massfilesarea_supplier_invoice', '', $filedir, $urlsource, 0, $delallowed, '', 1, 1, 0, 48, 1, $param, $title, '', '', '', null, $hidegeneratedfilelistifempty); diff --git a/htdocs/hrm/core/tpl/skilldet.fiche.tpl.php b/htdocs/hrm/core/tpl/skilldet.fiche.tpl.php index 81e3f9f2155..42a4506ae96 100644 --- a/htdocs/hrm/core/tpl/skilldet.fiche.tpl.php +++ b/htdocs/hrm/core/tpl/skilldet.fiche.tpl.php @@ -65,9 +65,9 @@ $permission = $user->rights->fournisseur->commande->creer; $permission = $user->rights->supplier_order->creer; } } elseif ($module == 'societe') { -$permission = $user->rights->societe->creer; +$permission = $user->hasRight('societe', 'creer'); } elseif ($module == 'contact') { -$permission = $user->rights->societe->creer; +$permission = $user->hasRight('societe', 'creer'); } elseif ($module == 'shipping') { $permission = $user->rights->expedition->creer; } elseif ($module == 'product') { diff --git a/htdocs/hrm/position_card.php b/htdocs/hrm/position_card.php index 9004e8d2b13..d46548a4693 100644 --- a/htdocs/hrm/position_card.php +++ b/htdocs/hrm/position_card.php @@ -347,7 +347,7 @@ function displayPositionCard(&$object) // $filedir = $conf->societe->multidir_output[$object->entity].'/'.$object->id; // $urlsource = $_SERVER["PHP_SELF"]."?socid=".$object->id; // $genallowed = $user->hasRight('societe', 'lire'); -// $delallowed = $user->rights->societe->creer; +// $delallowed = $user->hasRight('societe', 'creer'); // // print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); // } diff --git a/htdocs/mrp/mo_movements.php b/htdocs/mrp/mo_movements.php index a82f36c913e..c450baf92fe 100644 --- a/htdocs/mrp/mo_movements.php +++ b/htdocs/mrp/mo_movements.php @@ -151,7 +151,7 @@ $permissiontodelete = $user->rights->mrp->delete || ($permissiontoadd && isset($ $upload_dir = $conf->mrp->multidir_output[isset($object->entity) ? $object->entity : 1]; $permissiontoproduce = $permissiontoadd; -$permissiontoupdatecost = $user->rights->bom->write; // User who can define cost must have knowledge of pricing +$permissiontoupdatecost = $user->hasRight('bom', 'write'); // User who can define cost must have knowledge of pricing if ($permissiontoupdatecost) { $arrayfields['m.price']['enabled'] = 1; diff --git a/htdocs/mrp/mo_production.php b/htdocs/mrp/mo_production.php index 4e149201ba3..c4353bd264b 100644 --- a/htdocs/mrp/mo_production.php +++ b/htdocs/mrp/mo_production.php @@ -95,7 +95,7 @@ $permissiontodelete = $user->rights->mrp->delete || ($permissiontoadd && isset($ $upload_dir = $conf->mrp->multidir_output[isset($object->entity) ? $object->entity : 1]; $permissiontoproduce = $permissiontoadd; -$permissiontoupdatecost = $user->rights->bom->read; // User who can define cost must have knowledge of pricing +$permissiontoupdatecost = $user->hasRight('bom', 'read'); // User who can define cost must have knowledge of pricing /* diff --git a/htdocs/societe/canvas/company/tpl/card_view.tpl.php b/htdocs/societe/canvas/company/tpl/card_view.tpl.php index 22c46cb93b5..50541de2dd6 100644 --- a/htdocs/societe/canvas/company/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_view.tpl.php @@ -284,7 +284,7 @@ for ($i = 1; $i <= 4; $i++) { $filedir = $conf->societe->multidir_output[$this->control->tpl['entity']].'/'.$socid; $urlsource = $_SERVER["PHP_SELF"]."?socid=".$socid; $genallowed = $user->hasRight('societe', 'lire'); -$delallowed = $user->rights->societe->creer; +$delallowed = $user->hasRight('societe', 'creer'); print $formfile->showdocuments('company', $socid, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 28, 0, '', 0, '', $objcanvas->control->object->default_lang); ?> diff --git a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php index 11716519f16..3d76eae2f4a 100644 --- a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php @@ -210,7 +210,7 @@ if ($this->control->tpl['action_delete']) { $filedir = $conf->societe->multidir_output[$this->control->tpl['entity']].'/'.$socid; $urlsource = $_SERVER["PHP_SELF"]."?socid=".$socid; $genallowed = $user->hasRight('societe', 'lire'); -$delallowed = $user->rights->societe->creer; +$delallowed = $user->hasRight('societe', 'creer'); print $formfile->showdocuments('company', $socid, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 28, 0, '', 0, '', $objcanvas->control->object->default_lang); ?>