lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Works on contact canvas in relation to the thirdparty canvas module

Browse Source
This commit is contained in:
Regis Houssin 2010-11-05 10:48:20 +00:00
parent 955e094a75
commit c70fe8007b
4 changed files with 60 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/core/class/canvas.class.php
View File

@ -153,16 +153,16 @@ class Canvas
{
// Include dataservice class (model)
$modelclassfile = DOL_DOCUMENT_ROOT.'/'.$this->aliasmodule.'/canvas/'.$this->canvas.'/dao_'.$this->targetmodule.'_'.$this->canvas.'.class.php';
include_once($modelclassfile);
require_once($modelclassfile);
// Include actions class (controller)
$controlclassfile = DOL_DOCUMENT_ROOT.'/'.$this->aliasmodule.'/canvas/'.$this->canvas.'/actions_'.$this->card.'_'.$this->canvas.'.class.php';
include_once($controlclassfile);
require_once($controlclassfile);
// Include specific library
if (file_exists(DOL_DOCUMENT_ROOT.'/'.$this->aliasmodule.'/lib/'.$this->aliasmodule.'.lib.php'))
{
include_once(DOL_DOCUMENT_ROOT.'/'.$this->aliasmodule.'/lib/'.$this->aliasmodule.'.lib.php');
require_once(DOL_DOCUMENT_ROOT.'/'.$this->aliasmodule.'/lib/'.$this->aliasmodule.'.lib.php');
}
// Instantiate actions class (controller)

51
htdocs/lib/functions.lib.php
View File

@ -1550,7 +1550,7 @@ function info_admin($texte,$infoonimgalt=0)
/**
* \brief Check permissions of a user to show a page and an object. Check read permission
* If $_REQUEST['action'] defined, we also check write permission.
* If $_REQUEST['action'] defined, we also check write and delete permission.
* \param user User to check
* \param features Features to check (in most cases, it's module name)
* \param objectid Object ID if we want to check permission on a particular record (optionnal)
@ -1638,11 +1638,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
{
foreach ($features as $feature)
{
if ($feature == 'societe')
{
if (! $user->rights->societe->creer && ! $user->rights->fournisseur->creer) $createok=0;
}
else if ($feature == 'contact')
if ($feature == 'contact')
{
if (! $user->rights->societe->contact->creer) $createok=0;
}
@ -1682,6 +1678,49 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
if (! $createok) accessforbidden();
//print "Write access is ok";
}
// Check delete permission from module
$deleteok=1;
if ( (GETPOST("action") && GETPOST("action") == 'confirm_delete') && (GETPOST("confirm") && GETPOST("confirm") == 'yes') )
{
foreach ($features as $feature)
{
if ($feature == 'contact')
{
if (! $user->rights->societe->contact->supprimer) $deleteok=0;
}
else if ($feature == 'produit|service')
{
if (! $user->rights->produit->supprimer && ! $user->rights->service->supprimer) $deleteok=0;
}
else if ($feature == 'commande_fournisseur')
{
if (! $user->rights->fournisseur->commande->supprimer) $deleteok=0;
}
else if ($feature == 'banque')
{
if (! $user->rights->banque->modifier) $deleteok=0;
}
else if ($feature == 'cheque')
{
if (! $user->rights->banque->cheque) $deleteok=0;
}
else if (! empty($feature2)) // This should be used for future changes
{
if (empty($user->rights->$feature->$feature2->supprimer)
&& empty($user->rights->$feature->$feature2->delete)) $deleteok=0;
}
else if (! empty($feature)) // This is for old permissions
{
//print '<br>feature='.$feature.' creer='.$user->rights->$feature->supprimer.' write='.$user->rights->$feature->delete;
if (empty($user->rights->$feature->supprimer)
&& empty($user->rights->$feature->delete)) $deleteok=0;
}
}
if (! $deleteok) accessforbidden();
//print "Delete access is ok";
}
// If we have a particular object to check permissions on, we check this object
// is linked to a company allowed to $user.

26
htdocs/societe/canvas/actions_card_common.class.php
View File

@ -337,8 +337,8 @@ class ActionsCardCommon
$this->object->code_fournisseur = $_POST["code_fournisseur"];
$this->object->adresse = $_POST["adresse"]; // TODO obsolete
$this->object->address = $_POST["adresse"];
$this->object->cp = $_POST["cp"];
$this->object->ville = $_POST["ville"];
$this->object->cp = $_POST["zipcode"];
$this->object->ville = $_POST["town"];
$this->object->pays_id = $_POST["pays_id"]?$_POST["pays_id"]:$mysoc->pays_id;
$this->object->departement_id = $_POST["departement_id"];
$this->object->tel = $_POST["tel"];
@ -404,7 +404,7 @@ class ActionsCardCommon
// Add new third party
if ((! $_POST["getcustomercode"] && ! $_POST["getsuppliercode"])
&& ($_POST["action"] == 'add' || $_POST["action"] == 'update') && $user->rights->societe->creer)
&& ($_POST["action"] == 'add' || $_POST["action"] == 'update'))
{
require_once(DOL_DOCUMENT_ROOT."/lib/functions2.lib.php");
$error=0;
@ -431,8 +431,8 @@ class ActionsCardCommon
$this->object->address = $_POST["adresse"];
$this->object->adresse = $_POST["adresse"]; // TODO obsolete
$this->object->cp = $_POST["cp"];
$this->object->ville = $_POST["ville"];
$this->object->cp = $_POST["zipcode"];
$this->object->ville = $_POST["town"];
$this->object->pays_id = $_POST["pays_id"];
$this->object->departement_id = $_POST["departement_id"];
$this->object->tel = $_POST["tel"];
@ -604,7 +604,7 @@ class ActionsCardCommon
}
}
if ($_REQUEST["action"] == 'confirm_delete' && $_REQUEST["confirm"] == 'yes' && $user->rights->societe->supprimer)
if (GETPOST("action") == 'confirm_delete' && GETPOST("confirm") == 'yes')
{
$this->object->fetch($socid);
@ -626,9 +626,9 @@ class ActionsCardCommon
/*
* Generate document
*/
if ($_REQUEST['action'] == 'builddoc') // En get ou en post
if (GETPOST('action') == 'builddoc') // En get ou en post
{
if (is_numeric($_REQUEST['model']))
if (is_numeric(GETPOST('model')))
{
$this->error=$langs->trans("ErrorFieldRequired",$langs->transnoentities("Model"));
}
@ -639,23 +639,17 @@ class ActionsCardCommon
$this->object->fetch($socid);
$this->object->fetch_thirdparty();
/*if ($_REQUEST['model'])
{
$fac->setDocModel($user, $_REQUEST['model']);
}
*/
// Define output language
$outputlangs = $langs;
$newlang='';
if ($conf->global->MAIN_MULTILANGS && empty($newlang) && ! empty($_REQUEST['lang_id'])) $newlang=$_REQUEST['lang_id'];
if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id') ) $newlang=GETPOST('lang_id');
if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$this->object->default_lang;
if (! empty($newlang))
{
$outputlangs = new Translate("",$conf);
$outputlangs->setDefaultLang($newlang);
}
$result=thirdparty_doc_create($this->db, $this->object->id, '', $_REQUEST['model'], $outputlangs);
$result=thirdparty_doc_create($this->db, $this->object->id, '', GETPOST('model'), $outputlangs);
if ($result <= 0)
{
dol_print_error($this->db,$result);

4
htdocs/societe/class/societe.class.php
View File

@ -463,8 +463,8 @@ class Societe extends CommonObject
$sql .= ",fk_forme_juridique = ".($this->forme_juridique_code?"'".$this->forme_juridique_code."'":"null");
$sql .= ",client = " . $this->client;
$sql .= ",fournisseur = " . $this->fournisseur;
$sql .= ",client = " . ($this->client?$this->client:0);
$sql .= ",fournisseur = " . ($this->fournisseur?$this->fournisseur:0);
$sql .= ",gencod = ".($this->gencod?"'".$this->gencod."'":"null");
$sql .= ",default_lang = ".($this->default_lang?"'".$this->default_lang."'":"null");