From 7afdad60a04cfa89348773700e2e169e9c6cf43c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 6 Jan 2014 12:42:50 +0100 Subject: [PATCH 1/3] Fix: [ bug #1208 ] Users without read permission on the tasks can still see all project tasks --- htdocs/core/lib/project.lib.php | 18 +++++++++++++++++- htdocs/projet/tasks/index.php | 4 ++-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/htdocs/core/lib/project.lib.php b/htdocs/core/lib/project.lib.php index 5e096760fce..1fc2592c6a5 100644 --- a/htdocs/core/lib/project.lib.php +++ b/htdocs/core/lib/project.lib.php @@ -257,6 +257,22 @@ function projectLinesa(&$inc, $parent, &$lines, &$level, $var, $showproject, &$t } } } + else + { + // Caller did not ask to filter on tasks of a specific user (this probably means he want also tasks of all users, into public project + // or into all other projects if user has permission to). + if (empty($user->rights->project->all->lire)) + { + // User is not allowed on this project and project is not public, so we hide line + if (! in_array($lines[$i]->fk_project, $projectsArrayId)) + { + // TODO + // If user is assigned to a task into a private project user has no permission on, we must use showlinegray=1 (to show task without showing project) + // if user is not assigned to any task into tree, we must use showline=0 + $showline=0; + } + } + } if ($showline) { @@ -367,7 +383,7 @@ function projectLinesa(&$inc, $parent, &$lines, &$level, $var, $showproject, &$t if (! $showlineingray) $inc++; $level++; - if ($lines[$i]->id) projectLinesa($inc, $lines[$i]->id, $lines, $level, $var, $showproject, $taskrole, $projectsListId); + if ($lines[$i]->id) projectLinesa($inc, $lines[$i]->id, $lines, $level, $var, $showproject, $taskrole, $projectsListId, 0, $showalsopublicproj); $level--; $total += $lines[$i]->duration; } diff --git a/htdocs/projet/tasks/index.php b/htdocs/projet/tasks/index.php index 077a56c1976..8795cf98486 100644 --- a/htdocs/projet/tasks/index.php +++ b/htdocs/projet/tasks/index.php @@ -80,7 +80,7 @@ else else print $langs->trans("ProjectsPublicDesc").'

'; } -// Get list of project id allowed to user +// Get list of project id allowed to user (in a string list separated by coma) $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,$mine,1,$socid); // Get list of tasks in tasksarray and taskarrayfiltered @@ -121,7 +121,7 @@ print "\n"; // Show all lines in taskarray (recursive function to go down on tree) $j=0; $level=0; -$nboftaskshown=projectLinesa($j, 0, $tasksarray, $level, true, 1, $tasksrole, $projectsListId); +$nboftaskshown=projectLinesa($j, 0, $tasksarray, $level, true, 1, $tasksrole, $projectsListId, 0); print ""; print ''; From 7fd34e5ff6a7633bb04542a880971f5803ffaf6f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 6 Jan 2014 13:02:20 +0100 Subject: [PATCH 2/3] Fix: [ bug #1208 ] Users without read permission on the tasks can still see all project tasks Fix: function clean_orhpelins was reporting wrong number of cleaned orphelins. --- htdocs/core/lib/project.lib.php | 12 ++++++------ htdocs/projet/class/project.class.php | 17 +++++++++++------ htdocs/projet/tasks.php | 22 ++++++++++++---------- 3 files changed, 29 insertions(+), 22 deletions(-) diff --git a/htdocs/core/lib/project.lib.php b/htdocs/core/lib/project.lib.php index 1fc2592c6a5..751ebbdfc5f 100644 --- a/htdocs/core/lib/project.lib.php +++ b/htdocs/core/lib/project.lib.php @@ -207,7 +207,7 @@ function project_admin_prepare_head() * @param string $var Color * @param int $showproject Show project columns * @param int &$taskrole Array of roles of user for each tasks - * @param int $projectsListId List of id of project allowed to user (separated with comma) + * @param int $projectsListId List of id of project allowed to user (string separated with comma) * @param int $addordertick Add a tick to move task * @return void */ @@ -261,15 +261,15 @@ function projectLinesa(&$inc, $parent, &$lines, &$level, $var, $showproject, &$t { // Caller did not ask to filter on tasks of a specific user (this probably means he want also tasks of all users, into public project // or into all other projects if user has permission to). - if (empty($user->rights->project->all->lire)) + if (empty($user->rights->projet->all->lire)) { // User is not allowed on this project and project is not public, so we hide line if (! in_array($lines[$i]->fk_project, $projectsArrayId)) { - // TODO - // If user is assigned to a task into a private project user has no permission on, we must use showlinegray=1 (to show task without showing project) - // if user is not assigned to any task into tree, we must use showline=0 - $showline=0; + // Note that having a user assigned to a task into a project user has no permission on, should not be possible + // because assignement on task can be done only on contact of project. + // If assignement was done and after, was removed from contact of project, then we can hide the line. + $showline=0; } } } diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index cea067d67e5..9924dddf4f4 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -1281,7 +1281,7 @@ class Project extends CommonObject } /** - * Clean task not linked to a parent + * Clean tasks not linked to an existing parent * * @return int Nb of records deleted */ @@ -1292,7 +1292,7 @@ class Project extends CommonObject // There is orphelins. We clean that $listofid=array(); - // Get list of id in array listofid + // Get list of all id in array listofid $sql='SELECT rowid FROM '.MAIN_DB_PREFIX.'projet_task'; $resql = $this->db->query($sql); if ($resql) @@ -1313,19 +1313,24 @@ class Project extends CommonObject if (count($listofid)) { - // Removed orphelins records - print 'Some orphelins were found and restored to be parents so records are visible again: '; - print join(',',$listofid); + print 'Code asked to check and clean orphelins.'; $sql = "UPDATE ".MAIN_DB_PREFIX."projet_task"; $sql.= " SET fk_task_parent = 0"; - $sql.= " WHERE fk_task_parent NOT IN (".join(',',$listofid).")"; + $sql.= " WHERE fk_task_parent NOT IN (".join(',',$listofid).")"; // So we update only records linked to a non existing parent $resql = $this->db->query($sql); if ($resql) { $nb=$this->db->affected_rows($sql); + if ($nb > 0) + { + // Removed orphelins records + print 'Some orphelins were found and modified to be parent so records are visible again: '; + print join(',',$listofid); + } + return $nb; } else diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index c45248db741..794a1198c35 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -79,7 +79,7 @@ $userAccess=0; /* * Actions -*/ + */ if ($action == 'createtask' && $user->rights->projet->creer) { @@ -396,8 +396,7 @@ else print ''; // Get list of tasks in tasksarray and taskarrayfiltered - // We need all tasks (even not limited to a user because a task to user - // can have a parent that is not affected to him). + // We need all tasks (even not limited to a user because a task to user can have a parent that is not affected to him). $tasksarray=$taskstatic->getTasksArray(0, 0, $object->id, $socid, 0); // We load also tasks limited to a particular user $tasksrole=($mode=='mine' ? $taskstatic->getUserRolesForProjectsOrTasks(0,$user,$object->id,0) : ''); @@ -426,7 +425,7 @@ else { // Show all lines in taskarray (recursive function to go down on tree) $j=0; - $nboftaskshown=projectLinesa($j, 0, $tasksarray, $level, true, 0, $tasksrole, '', 1); + $nboftaskshown=projectLinesa($j, 0, $tasksarray, $level, true, 0, $tasksrole, $id, 1); } else { @@ -437,13 +436,16 @@ else // Test if database is clean. If not we clean it. //print 'mode='.$_REQUEST["mode"].' $nboftaskshown='.$nboftaskshown.' count($tasksarray)='.count($tasksarray).' count($tasksrole)='.count($tasksrole).'
'; - if ($mode=='mine') + if (! empty($user->rights->projet->all->lire)) // We make test to clean only if user has permission to see all (test may report false positive otherwise) { - if ($nboftaskshown < count($tasksrole)) $object->clean_orphelins(); - } - else - { - if ($nboftaskshown < count($tasksarray)) $object->clean_orphelins(); + if ($mode=='mine') + { + if ($nboftaskshown < count($tasksrole)) $object->clean_orphelins(); + } + else + { + if ($nboftaskshown < count($tasksarray)) $object->clean_orphelins(); + } } } From 0e3184c436c69716bcf457e44f9084992aa42db9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 6 Jan 2014 17:17:57 +0100 Subject: [PATCH 3/3] Fix: W3C. Fix: Permission on a button. Conflicts: htdocs/core/lib/company.lib.php htdocs/societe/soc.php Fix: Some menu entry not visible. --- htdocs/comm/fiche.php | 9 ++-- htdocs/core/lib/company.lib.php | 28 ++++++---- htdocs/core/menus/standard/eldy.lib.php | 70 +++++-------------------- htdocs/societe/agenda.php | 9 +++- htdocs/societe/soc.php | 12 ++--- 5 files changed, 51 insertions(+), 77 deletions(-) diff --git a/htdocs/comm/fiche.php b/htdocs/comm/fiche.php index 29ee792c738..67e6fb1d17a 100644 --- a/htdocs/comm/fiche.php +++ b/htdocs/comm/fiche.php @@ -250,9 +250,12 @@ if ($id > 0) // Country print ''.$langs->trans("Country").''; - $img=picto_from_langcode($object->country_code); - if ($object->isInEEC()) print $form->textwithpicto(($img?$img.' ':'').$object->country,$langs->trans("CountryIsInEEC"),1,0); - else print ($img?$img.' ':'').$object->country; + if (! empty($object->country_code)) + { + $img=picto_from_langcode($object->country_code); + if ($object->isInEEC()) print $form->textwithpicto(($img?$img.' ':'').$object->country,$langs->trans("CountryIsInEEC"),1,0); + else print ($img?$img.' ':'').$object->country; + } print ''; // EMail diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index 58ad856a62b..bcd6c53d489 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -567,7 +567,7 @@ function show_contacts($conf,$langs,$db,$object,$backtopage='') if ($search_status != '') $param.='&search_status='.$search_status; if ($search_name != '') $param.='&search_name='.urlencode($search_name); - $colspan=8; + $colspan=9; print ''; print_liste_field_titre($langs->trans("Name"),$_SERVER["PHP_SELF"],"p.lastname","",$param,'',$sortfield,$sortorder); print_liste_field_titre($langs->trans("Poste"),$_SERVER["PHP_SELF"],"p.poste","",$param,'',$sortfield,$sortorder); @@ -581,17 +581,16 @@ function show_contacts($conf,$langs,$db,$object,$backtopage='') print ''.$langs->trans("Skype").''; } print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"p.statut","",$param,'',$sortfield,$sortorder); + // Copy to clipboard print " "; + // Add to agenda if (! empty($conf->agenda->enabled) && $user->rights->agenda->myactions->create) { $colspan++; print ' '; } - if ($user->rights->societe->contact->creer) - { - $colspan++; - print ' '; - } + // Edit + print ' '; print ""; @@ -613,19 +612,23 @@ function show_contacts($conf,$langs,$db,$object,$backtopage='') $colspan++; print ' '; } + // Status print ''; print $form->selectarray('search_status', array('0'=>$langs->trans('ActivityCeased'),'1'=>$langs->trans('InActivity')),$search_status); print ''; + // Copy to clipboard print " "; + + // Add to agenda if (! empty($conf->agenda->enabled) && $user->rights->agenda->myactions->create) { $colspan++; print ' '; } - + // Edit print ''; print ''; print ''; @@ -688,9 +691,10 @@ function show_contacts($conf,$langs,$db,$object,$backtopage='') print ''; } + // Status print ''.$contactstatic->getLibStatut(5).''; - // copy in clipboard + // Copy to clipboard $coords = ''; if (!empty($object->name)) $coords .= addslashes($object->name)."
"; @@ -721,10 +725,12 @@ function show_contacts($conf,$langs,$db,$object,$backtopage='') if (!empty($object->country)) $coords .= "
".addslashes($object->country); } + print ''; print img_picto($langs->trans("Address"), 'object_address.png'); print ''; + // Add to agenda if (! empty($conf->agenda->enabled) && $user->rights->agenda->myactions->create) { print ''; @@ -738,8 +744,8 @@ function show_contacts($conf,$langs,$db,$object,$backtopage='') print img_object($langs->trans("Event"),"action"); print ''; } - - + + // Edit if ($user->rights->societe->contact->creer) { print ''; @@ -747,7 +753,7 @@ function show_contacts($conf,$langs,$db,$object,$backtopage='') print img_edit(); print ''; } - + else print ' '; print "\n"; $i++; diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 230287420b5..954cdc1c2d1 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -613,11 +613,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("suppliers"); $newmenu->add("/fourn/liste.php?leftmenu=suppliers", $langs->trans("ListSuppliersShort"), 1, $user->rights->fournisseur->lire, '', $mainmenu, 'suppliers'); - - if (empty($user->societe_id)) - { - $newmenu->add("/societe/soc.php?leftmenu=suppliers&action=create&type=f",$langs->trans("MenuNewSupplier"), 2, $user->rights->societe->creer && $user->rights->fournisseur->lire); - } + $newmenu->add("/societe/soc.php?leftmenu=suppliers&action=create&type=f",$langs->trans("MenuNewSupplier"), 2, $user->rights->societe->creer && $user->rights->fournisseur->lire); //$newmenu->add("/fourn/liste.php?leftmenu=suppliers", $langs->trans("List"), 2, $user->rights->societe->lire && $user->rights->fournisseur->lire); //$newmenu->add("/contact/list.php?leftmenu=suppliers&type=f",$langs->trans("Contacts"), 2, $user->rights->societe->lire && $user->rights->fournisseur->lire && $user->rights->societe->contact->lire); } @@ -640,25 +636,16 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { // Categories prospects/customers $newmenu->add("/categories/index.php?leftmenu=cat&type=2", $langs->trans("CustomersProspectsCategoriesShort"), 0, $user->rights->categorie->lire, '', $mainmenu, 'cat'); - if (empty($user->societe_id)) - { - $newmenu->add("/categories/fiche.php?action=create&type=2", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); - } + $newmenu->add("/categories/fiche.php?action=create&type=2", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); } // Categories Contact $newmenu->add("/categories/index.php?leftmenu=cat&type=4", $langs->trans("ContactCategoriesShort"), 0, $user->rights->categorie->lire, '', $mainmenu, 'cat'); - if (empty($user->societe_id)) - { - $newmenu->add("/categories/fiche.php?action=create&type=4", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); - } + $newmenu->add("/categories/fiche.php?action=create&type=4", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); // Categories suppliers if (! empty($conf->fournisseur->enabled)) { $newmenu->add("/categories/index.php?leftmenu=cat&type=1", $langs->trans("SuppliersCategoriesShort"), 0, $user->rights->categorie->lire); - if (empty($user->societe_id)) - { - $newmenu->add("/categories/fiche.php?action=create&type=1", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); - } + $newmenu->add("/categories/fiche.php?action=create&type=1", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); } //if (empty($leftmenu) || $leftmenu=="cat") $newmenu->add("/categories/liste.php", $langs->trans("List"), 1, $user->rights->categorie->lire); } @@ -752,10 +739,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("bills"); $newmenu->add("/compta/facture/list.php?leftmenu=customers_bills",$langs->trans("BillsCustomers"),0,$user->rights->facture->lire, '', $mainmenu, 'customers_bills'); - if (empty($user->societe_id)) - { - $newmenu->add("/compta/facture.php?action=create&leftmenu=customers_bills",$langs->trans("NewBill"),1,$user->rights->facture->creer); - } + $newmenu->add("/compta/facture.php?action=create&leftmenu=customers_bills",$langs->trans("NewBill"),1,$user->rights->facture->creer); $newmenu->add("/compta/facture/fiche-rec.php?leftmenu=customers_bills",$langs->trans("Repeatables"),1,$user->rights->facture->lire); $newmenu->add("/compta/facture/impayees.php?leftmenu=customers_bills",$langs->trans("Unpaid"),1,$user->rights->facture->lire); @@ -778,10 +762,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("bills"); $newmenu->add("/fourn/facture/list.php?leftmenu=suppliers_bills", $langs->trans("BillsSuppliers"),0,$user->rights->fournisseur->facture->lire, '', $mainmenu, 'suppliers_bills'); - if (empty($user->societe_id)) - { - $newmenu->add("/fourn/facture/fiche.php?action=create",$langs->trans("NewBill"),1,$user->rights->fournisseur->facture->creer); - } + $newmenu->add("/fourn/facture/fiche.php?action=create",$langs->trans("NewBill"),1,$user->rights->fournisseur->facture->creer); $newmenu->add("/fourn/facture/impayees.php", $langs->trans("Unpaid"),1,$user->rights->fournisseur->facture->lire); $newmenu->add("/fourn/facture/paiement.php", $langs->trans("Payments"),1,$user->rights->fournisseur->facture->lire); @@ -959,11 +940,8 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu if (! empty($conf->product->enabled)) { $newmenu->add("/product/index.php?leftmenu=product&type=0", $langs->trans("Products"), 0, $user->rights->produit->lire, '', $mainmenu, 'product'); - if (empty($user->societe_id)) - { - $newmenu->add("/product/fiche.php?leftmenu=product&action=create&type=0", $langs->trans("NewProduct"), 1, $user->rights->produit->creer); - $newmenu->add("/product/liste.php?leftmenu=product&type=0", $langs->trans("List"), 1, $user->rights->produit->lire); - } + $newmenu->add("/product/fiche.php?leftmenu=product&action=create&type=0", $langs->trans("NewProduct"), 1, $user->rights->produit->creer); + $newmenu->add("/product/liste.php?leftmenu=product&type=0", $langs->trans("List"), 1, $user->rights->produit->lire); if (! empty($conf->propal->enabled)) { $newmenu->add("/product/popuprop.php?leftmenu=stats&type=0", $langs->trans("Statistics"), 1, $user->rights->produit->lire && $user->rights->propale->lire); @@ -978,10 +956,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu if (! empty($conf->service->enabled)) { $newmenu->add("/product/index.php?leftmenu=service&type=1", $langs->trans("Services"), 0, $user->rights->service->lire, '', $mainmenu, 'service'); - if (empty($user->societe_id)) - { - $newmenu->add("/product/fiche.php?leftmenu=service&action=create&type=1", $langs->trans("NewService"), 1, $user->rights->service->creer); - } + $newmenu->add("/product/fiche.php?leftmenu=service&action=create&type=1", $langs->trans("NewService"), 1, $user->rights->service->creer); $newmenu->add("/product/liste.php?leftmenu=service&type=1", $langs->trans("List"), 1, $user->rights->service->lire); if (! empty($conf->propal->enabled)) { @@ -994,10 +969,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("categories"); $newmenu->add("/categories/index.php?leftmenu=cat&type=0", $langs->trans("Categories"), 0, $user->rights->categorie->lire, '', $mainmenu, 'cat'); - if (empty($user->societe_id)) - { - $newmenu->add("/categories/fiche.php?action=create&type=0", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); - } + $newmenu->add("/categories/fiche.php?action=create&type=0", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); //if (empty($leftmenu) || $leftmenu=="cat") $newmenu->add("/categories/liste.php", $langs->trans("List"), 1, $user->rights->categorie->lire); } @@ -1039,10 +1011,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu $newmenu->add("/fourn/index.php?leftmenu=suppliers", $langs->trans("Suppliers"), 0, $user->rights->societe->lire && $user->rights->fournisseur->lire, '', $mainmenu, 'suppliers'); // Security check - if (empty($user->societe_id)) - { - $newmenu->add("/societe/soc.php?leftmenu=suppliers&action=create&type=f",$langs->trans("NewSupplier"), 1, $user->rights->societe->creer && $user->rights->fournisseur->lire); - } + $newmenu->add("/societe/soc.php?leftmenu=suppliers&action=create&type=f",$langs->trans("NewSupplier"), 1, $user->rights->societe->creer && $user->rights->fournisseur->lire); $newmenu->add("/fourn/liste.php",$langs->trans("List"), 1, $user->rights->societe->lire && $user->rights->fournisseur->lire); $newmenu->add("/contact/list.php?leftmenu=suppliers&type=f",$langs->trans("Contacts"), 1, $user->rights->societe->contact->lire && $user->rights->fournisseur->lire); $newmenu->add("/fourn/stats.php",$langs->trans("Statistics"), 1, $user->rights->societe->lire && $user->rights->fournisseur->lire); @@ -1052,12 +1021,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("bills"); $newmenu->add("/fourn/facture/list.php?leftmenu=orders", $langs->trans("Bills"), 0, $user->rights->fournisseur->facture->lire, '', $mainmenu, 'orders'); - - if (empty($user->societe_id)) - { - $newmenu->add("/fourn/facture/fiche.php?action=create",$langs->trans("NewBill"), 1, $user->rights->fournisseur->facture->creer); - } - + $newmenu->add("/fourn/facture/fiche.php?action=create",$langs->trans("NewBill"), 1, $user->rights->fournisseur->facture->creer); $newmenu->add("/fourn/facture/paiement.php", $langs->trans("Payments"), 1, $user->rights->fournisseur->facture->lire); } @@ -1073,10 +1037,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("categories"); $newmenu->add("/categories/index.php?leftmenu=cat&type=1", $langs->trans("Categories"), 0, $user->rights->categorie->lire, '', $mainmenu, 'cat'); - if (empty($user->societe_id)) - { - $newmenu->add("/categories/fiche.php?action=create&type=1", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); - } + $newmenu->add("/categories/fiche.php?action=create&type=1", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); //if (empty($leftmenu) || $leftmenu=="cat") $newmenu->add("/categories/liste.php", $langs->trans("List"), 1, $user->rights->categorie->lire); } @@ -1196,10 +1157,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { $langs->load("categories"); $newmenu->add("/categories/index.php?leftmenu=cat&type=3", $langs->trans("Categories"), 0, $user->rights->categorie->lire, '', $mainmenu, 'cat'); - if (empty($user->societe_id)) - { - $newmenu->add("/categories/fiche.php?action=create&type=3", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); - } + $newmenu->add("/categories/fiche.php?action=create&type=3", $langs->trans("NewCategory"), 1, $user->rights->categorie->creer); //if (empty($leftmenu) || $leftmenu=="cat") $newmenu->add("/categories/liste.php", $langs->trans("List"), 1, $user->rights->categorie->lire); } diff --git a/htdocs/societe/agenda.php b/htdocs/societe/agenda.php index ec258dda9d8..a1c2d641b71 100644 --- a/htdocs/societe/agenda.php +++ b/htdocs/societe/agenda.php @@ -158,7 +158,14 @@ if ($socid) if (! empty($conf->agenda->enabled)) { - print ''.$langs->trans("AddAction").''; + if (! empty($user->rights->agenda->myactions->create) || ! empty($user->rights->agenda->allactions->create)) + { + print ''.$langs->trans("AddAction").''; + } + else + { + print ''.$langs->trans("AddAction").''; + } } print ''; diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php index 4655c04fc8e..5e1a6ed40d7 100644 --- a/htdocs/societe/soc.php +++ b/htdocs/societe/soc.php @@ -1576,12 +1576,12 @@ else // Country print ''.$langs->trans("Country").''; - if ($object->country_code) - { - $img=picto_from_langcode($object->country_code); - if ($object->isInEEC()) print $form->textwithpicto(($img?$img.' ':'').$object->country,$langs->trans("CountryIsInEEC"),1,0); - else print ($img?$img.' ':'').$object->country; - } + if (! empty($object->country_code)) + { + $img=picto_from_langcode($object->country_code); + if ($object->isInEEC()) print $form->textwithpicto(($img?$img.' ':'').$object->country,$langs->trans("CountryIsInEEC"),1,0); + else print ($img?$img.' ':'').$object->country; + } print ''; // State