lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix permission to open supplier order

Browse Source
This commit is contained in:
Laurent Destailleur 2018-01-17 15:54:27 +01:00
parent 5d4eda68e0
commit bc7bd77cea
6 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/fourn/commande/card.php
View File

@ -81,7 +81,7 @@ $datelivraison=dol_mktime(GETPOST('liv_hour','int'), GETPOST('liv_min','int'), G
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('ordersuppliercard','globalcard')); $hookmanager->initHooks(array('ordersuppliercard','globalcard'));

18
htdocs/fourn/commande/contact.php
View File

@ -44,7 +44,7 @@ $action = GETPOST('action', 'alpha');
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
$object = new CommandeFournisseur($db); $object = new CommandeFournisseur($db);
@ -141,11 +141,11 @@ if ($id > 0 || ! empty($ref))
$head = ordersupplier_prepare_head($object); $head = ordersupplier_prepare_head($object);
dol_fiche_head($head, 'contact', $langs->trans("SupplierOrder"), 0, 'order'); dol_fiche_head($head, 'contact', $langs->trans("SupplierOrder"), 0, 'order');
// Supplier order card // Supplier order card
$linkback = '<a href="'.DOL_URL_ROOT.'/fourn/commande/list.php'.(! empty($socid)?'?socid='.$socid:'').'">'.$langs->trans("BackToList").'</a>'; $linkback = '<a href="'.DOL_URL_ROOT.'/fourn/commande/list.php'.(! empty($socid)?'?socid='.$socid:'').'">'.$langs->trans("BackToList").'</a>';
$morehtmlref='<div class="refidno">'; $morehtmlref='<div class="refidno">';
// Ref supplier // Ref supplier
$morehtmlref.=$form->editfieldkey("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, 0, 'string', '', 0, 1); $morehtmlref.=$form->editfieldkey("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, 0, 'string', '', 0, 1);
@ -186,12 +186,12 @@ if ($id > 0 || ! empty($ref))
} }
} }
$morehtmlref.='</div>'; $morehtmlref.='</div>';
dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref, '', 0, '', '', 1); dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref, '', 0, '', '', 1);
dol_fiche_end(); dol_fiche_end();
// Contacts lines // Contacts lines
include DOL_DOCUMENT_ROOT.'/core/tpl/contacts.tpl.php'; include DOL_DOCUMENT_ROOT.'/core/tpl/contacts.tpl.php';

2
htdocs/fourn/commande/dispatch.php
View File

@ -56,7 +56,7 @@ $lineid = GETPOST('lineid', 'int');
$action = GETPOST('action','aZ09'); $action = GETPOST('action','aZ09');
if ($user->societe_id) if ($user->societe_id)
$socid = $user->societe_id; $socid = $user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
if (empty($conf->stock->enabled)) { if (empty($conf->stock->enabled)) {
accessforbidden(); accessforbidden();

2
htdocs/fourn/commande/document.php
View File

@ -54,7 +54,7 @@ $confirm = GETPOST('confirm','alpha');
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
// Get parameters // Get parameters
$sortfield = GETPOST("sortfield",'alpha'); $sortfield = GETPOST("sortfield",'alpha');

2
htdocs/fourn/commande/info.php
View File

@ -56,7 +56,7 @@ $search_agenda_label=GETPOST('search_agenda_label');
// Security check // Security check
$socid=0; $socid=0;
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'fournisseur',$id,'', 'commande'); $result=restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
if (!$user->rights->fournisseur->commande->lire) accessforbidden(); if (!$user->rights->fournisseur->commande->lire) accessforbidden();

2
htdocs/fourn/commande/note.php
View File

@ -43,7 +43,7 @@ $action = GETPOST('action','aZ09');
// Security check // Security check
if ($user->societe_id) $socid=$user->societe_id; if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'fournisseur', $id, '', 'commande'); $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'commande');
$object = new CommandeFournisseur($db); $object = new CommandeFournisseur($db);
$object->fetch($id, $ref); $object->fetch($id, $ref);