lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update security.lib.php

Browse Source 
Avoid regression on test of restrictArea
This commit is contained in:
Laurent Destailleur 2019-02-14 15:21:01 +01:00 committed by GitHub
parent 359318392f
commit d2ee00d4bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/lib/security.lib.php
View File

@ -451,12 +451,12 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
if ($feature == 'project') $feature='projet';
if ($feature == 'task') $feature='projet_task';
$check = array('adherent','banque','don','user','usergroup','product','produit','service','produit|service','stock','categorie','resource'); // Test on entity only (Objects with no link to company)
$check = array('adherent','banque','don','user','usergroup','product','produit','service','produit|service','categorie','resource'); // Test on entity only (Objects with no link to company)
$checksoc = array('societe'); // Test for societe object
$checkother = array('contact','agenda'); // Test on entity and link to third party. Allowed if link is empty (Ex: contacts...).
$checkproject = array('projet','project'); // Test for project object
$checktask = array('projet_task');
$nocheck = array('barcode'); // No test
$nocheck = array('barcode','stock'); // No test
$checkdefault = 'all other not already defined'; // Test on entity and link to third party. Not allowed if link is empty (Ex: invoice, orders...).
// If dbtablename not defined, we use same name for table than module name