lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: refining permissions to modify an action without the right to remove

Browse Source
This commit is contained in:
Regis Houssin 2009-11-10 12:49:09 +00:00
parent 8fec814876
commit a3e5607dca
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/comm/action/fiche.php
View File

@ -886,8 +886,7 @@ if ($_GET["id"])
if ($_GET["action"] != 'edit')
{
if ($user->rights->agenda->allactions->modify ||
(($act->author->id == $user->id && $user->rights->agenda->myactions->modify) ||
($act->usertodo->id == $user->id && $user->rights->agenda->myactions->modify)))
(($act->author->id == $user->id || $act->usertodo->id == $user->id) && $user->rights->agenda->myactions->modify))
{
print '<a class="butAction" href="fiche.php?action=edit&id='.$act->id.'">'.$langs->trans("Modify").'</a>';
}
@ -896,9 +895,8 @@ if ($_GET["id"])
print '<a class="butActionRefused" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans("Modify").'</a>';
}
if ($user->rights->agenda->allactions->create ||
(($act->author->id == $user->id && $user->rights->agenda->myactions->create) ||
($act->usertodo->id == $user->id && $user->rights->agenda->myactions->create)))
if ($user->rights->agenda->allactions->modify ||
(($act->author->id == $user->id || $act->usertodo->id == $user->id) && $user->rights->agenda->myactions->modify))
{
print '<a class="butActionDelete" href="fiche.php?action=delete&id='.$act->id.'">'.$langs->trans("Delete").'</a>';
}