lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ajout de la permission "consulter tous les clients" dans le module commercial, afin

Browse Source 
qu'un commercial puisse voir que les clients qui lui sont affects.
This commit is contained in:
Regis Houssin 2006-03-13 13:19:24 +00:00
parent 528793e64e
commit b50f12cd0a
1 changed files with 29 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
htdocs/contrat/fiche.php
View File

@ -38,10 +38,39 @@ $langs->load("orders");
$langs->load("companies");
$user->getrights('contrat');
$user->getrights('commercial');
if (! $user->rights->contrat->lire)
accessforbidden();
// Sécurité accés client et commerciaux
$contratid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id > 0)
{
$action = '';
$socidp = $user->societe_id;
}
// Protection restriction commercial
if ($contratid)
{
$sql = "SELECT sc.fk_soc, c.fk_soc";
$sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."contrat as c";
$sql .= " WHERE c.rowid = ".$contratid;
if (!$user->rights->commercial->client->voir && !$user->societe_id > 0)
{
$sql .= " AND sc.fk_soc = c.fk_soc AND sc.fk_user = ".$user->id;
}
if ($user->societe_id > 0) $sql .= " AND c.fk_soc = ".$socidp;
if ( $db->query($sql) )
{
if ( $db->num_rows() == 0) accessforbidden();
}
}
// Param si create
$date_start='';
$date_end='';
@ -75,13 +104,6 @@ if ($_POST["date_end_real_updatemonth"] && $_POST["date_end_real_updateday"] &&
$date_end_real_update=mktime(12, 0 , 0, $_POST["date_end_real_updatemonth"], $_POST["date_end_real_updateday"], $_POST["date_end_real_updateyear"]);
}
// Sécurité accés client
if ($user->societe_id > 0)
{
$action = '';
$socidp = $user->societe_id;
}
/*
* Actions