Merge branch '8.0' of git@github.com:Dolibarr/dolibarr.git into 9.0
This commit is contained in:
Laurent Destailleur
commit
ae00743590
@ -46,10 +46,25 @@ $confirm=GETPOST('confirm','alpha');
|
||||
$toselect = GETPOST('toselect', 'array');
|
||||
$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'expensereportlist';
|
||||
|
||||
$childids = $user->getAllChildIds(1);
|
||||
|
||||
// Security check
|
||||
$socid = GETPOST('socid','int');
|
||||
if ($user->societe_id) $socid=$user->societe_id;
|
||||
$result = restrictedArea($user, 'expensereport','','');
|
||||
$id = GETPOST('id', 'int');
|
||||
// If we are on the view of a specific user
|
||||
if ($id > 0)
|
||||
{
|
||||
$canread=0;
|
||||
if ($id == $user->id) $canread=1;
|
||||
if (! empty($user->rights->expensereport->readall)) $canread=1;
|
||||
if (! empty($user->rights->expensereport->lire) && in_array($id, $childids)) $canread=1;
|
||||
if (! $canread)
|
||||
{
|
||||
accessforbidden();
|
||||
}
|
||||
}
|
||||
|
||||
$diroutputmassaction=$conf->expensereport->dir_output . '/temp/massgeneration/'.$user->id;
|
||||
|
||||
@ -66,7 +81,6 @@ $pagenext = $page + 1;
|
||||
if (!$sortorder) $sortorder="DESC";
|
||||
if (!$sortfield) $sortfield="d.date_debut";
|
||||
|
||||
$id = GETPOST('id', 'int');
|
||||
|
||||
$sall = trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml'));
|
||||
$search_ref = GETPOST('search_ref', 'alpha');
|
||||
|
||||
@ -60,6 +60,18 @@ if ($user->societe_id > 0) // Protection if external user
|
||||
}
|
||||
$result = restrictedArea($user, 'holiday', $id, '');
|
||||
$id = GETPOST('id','int');
|
||||
// If we are on the view of a specific user
|
||||
if ($id > 0)
|
||||
{
|
||||
$canread=0;
|
||||
if ($id == $user->id) $canread=1;
|
||||
if (! empty($user->rights->holiday->read_all)) $canread=1;
|
||||
if (! empty($user->rights->holiday->read) && in_array($id, $childids)) $canread=1;
|
||||
if (! $canread)
|
||||
{
|
||||
accessforbidden();
|
||||
}
|
||||
}
|
||||
|
||||
// Load variable for pagination
|
||||
$limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit;
|
||||
|
||||
@ -199,6 +199,15 @@ delete from llx_element_element where sourcetype='commande' and fk_source not in
|
||||
DELETE FROM llx_actioncomm_resources WHERE fk_actioncomm not in (select id from llx_actioncomm);
|
||||
|
||||
|
||||
-- Fix link on parent that were removed
|
||||
DROP table tmp_user;
|
||||
CREATE TABLE tmp_user as (select * from llx_user);
|
||||
UPDATE llx_user SET fk_user = NULL where fk_user NOT IN (select rowid from tmp_user);
|
||||
|
||||
|
||||
update llx_user set fk_user = null where fk_user not in (select rowid from llx_user);
|
||||
|
||||
|
||||
UPDATE llx_product SET canvas = NULL where canvas = 'default@product';
|
||||
UPDATE llx_product SET canvas = NULL where canvas = 'service@product';
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user