lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix permission to open supplier order

Browse Source
This commit is contained in:
Laurent Destailleur 2018-01-17 15:54:27 +01:00
parent 5d4eda68e0
commit bc7bd77cea
6 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/fourn/commande/card.php
View File

@ -81,7 +81,7 @@ $datelivraison=dol_mktime(GETPOST('liv_hour','int'), GETPOST('liv_min','int'), G
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('ordersuppliercard','globalcard')); $hookmanager->initHooks(array('ordersuppliercard','globalcard'));

2
htdocs/fourn/commande/contact.php
View File

@ -44,7 +44,7 @@ $action = GETPOST('action', 'alpha');
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
$object = new CommandeFournisseur($db); $object = new CommandeFournisseur($db);

2
htdocs/fourn/commande/dispatch.php
View File

@ -56,7 +56,7 @@ $lineid = GETPOST('lineid', 'int');
$action = GETPOST('action','aZ09'); $action = GETPOST('action','aZ09');
if ($user->societe_id) if ($user->societe_id)
$socid = $user->societe_id; $socid = $user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
if (empty($conf->stock->enabled)) { if (empty($conf->stock->enabled)) {
accessforbidden(); accessforbidden();

2
htdocs/fourn/commande/document.php
View File

@ -54,7 +54,7 @@ $confirm = GETPOST('confirm','alpha');
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
// Get parameters // Get parameters
$sortfield = GETPOST("sortfield",'alpha'); $sortfield = GETPOST("sortfield",'alpha');

2
htdocs/fourn/commande/info.php
View File

@ -56,7 +56,7 @@ $search_agenda_label=GETPOST('search_agenda_label');
// Security check // Security check
$socid=0; $socid=0;
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'fournisseur',$id,'', 'commande'); $result=restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
if (!$user->rights->fournisseur->commande->lire) accessforbidden(); if (!$user->rights->fournisseur->commande->lire) accessforbidden();

2
htdocs/fourn/commande/note.php
View File

@ -43,7 +43,7 @@ $action = GETPOST('action','aZ09');
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
$object = new CommandeFournisseur($db); $object = new CommandeFournisseur($db);
$object->fetch($id, $ref); $object->fetch($id, $ref);