From 03e265b080acf46478ae4049e2557cea3b2153bc Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 28 Jul 2022 11:43:00 +0200 Subject: [PATCH 1/2] FIX - php V8 user right order card --- htdocs/commande/card.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 668787349be..cf8e16f94ec 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -108,16 +108,16 @@ $extrafields->fetch_name_optionals_label($object->table_element); // Load object include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once -$usercanread = $user->rights->commande->lire; -$usercancreate = $user->rights->commande->creer; -$usercandelete = $user->rights->commande->supprimer; +$usercanread = $user->hasRight('commande', 'lire'); +$usercancreate = $user->hasRight('commande', 'creer'); +$usercandelete = $user->hasRight('commande', 'supprimer'); // Advanced permissions -$usercanclose = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->commande->creer)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->commande->order_advance->close))); -$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->commande->order_advance->validate))); -$usercancancel = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->commande->order_advance->annuler))); -$usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->commande->order_advance->send); +$usercanclose = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($usercancreate)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->hasRight('commande', 'order_advance', 'close')))); +$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->hasRight('commande', 'order_advance', 'validate')))); +$usercancancel = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->hasRight('commande', 'order_advance', 'annuler')))); +$usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->hasRight('commande', 'order_advance', 'send')); -$usercancreatepurchaseorder = ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer); +$usercancreatepurchaseorder = ($user->hasRight('fournisseur', 'commande', 'creer') || $user->hasRight('supplier_order', 'creer')); $permissionnote = $usercancreate; // Used by the include of actions_setnotes.inc.php $permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php From a778a5ff78a649043c9b061fc22cb1da8c84a6d9 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 28 Jul 2022 11:50:42 +0200 Subject: [PATCH 2/2] and order lib --- htdocs/commande/card.php | 8 ++++---- htdocs/core/lib/order.lib.php | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index cf8e16f94ec..0af1c2b7d9f 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2747,7 +2747,7 @@ if ($action == 'create' && $usercancreate) { $langs->load("interventions"); if ($object->statut > Commande::STATUS_DRAFT && $object->statut < Commande::STATUS_CLOSED && $object->getNbOfServicesLines() > 0) { - if ($user->rights->ficheinter->creer) { + if ($user->hasRight('ficheinter', 'creer')) { print dolGetButtonAction('', $langs->trans('AddIntervention'), 'default', DOL_URL_ROOT.'/fichinter/card.php?action=create&origin='.$object->element.'&originid='.$object->id.'&socid='.$object->socid, ''); } else { print dolGetButtonAction($langs->trans('NotAllowed'), $langs->trans('AddIntervention'), 'default', $_SERVER['PHP_SELF']. '#', '', false); @@ -2759,7 +2759,7 @@ if ($action == 'create' && $usercancreate) { if (!empty($conf->contrat->enabled) && ($object->statut == Commande::STATUS_VALIDATED || $object->statut == Commande::STATUS_SHIPMENTONPROCESS || $object->statut == Commande::STATUS_CLOSED)) { $langs->load("contracts"); - if ($user->rights->contrat->creer) { + if ($user->hasRight('contrat', 'creer')) { print dolGetButtonAction('', $langs->trans('AddContract'), 'default', DOL_URL_ROOT.'/contrat/card.php?action=create&origin='.$object->element.'&originid='.$object->id.'&socid='.$object->socid, ''); } } @@ -2771,7 +2771,7 @@ if ($action == 'create' && $usercancreate) { if ($object->statut > Commande::STATUS_DRAFT && $object->statut < Commande::STATUS_CLOSED && ($object->getNbOfProductsLines() > 0 || !empty($conf->global->STOCK_SUPPORTS_SERVICES))) { if ((isModEnabled('expedition_bon') && $user->rights->expedition->creer) || ($conf->delivery_note->enabled && $user->rights->expedition->delivery->creer)) { - if ($user->rights->expedition->creer) { + if ($user->hasRight('expedition', 'creer')) { print dolGetButtonAction('', $langs->trans('CreateShipment'), 'default', DOL_URL_ROOT.'/expedition/shipment.php?id='.$object->id, ''); } else { print dolGetButtonAction($langs->trans('NotAllowed'), $langs->trans('CreateShipment'), 'default', $_SERVER['PHP_SELF']. '#', '', false); @@ -2790,7 +2790,7 @@ if ($action == 'create' && $usercancreate) { // Create bill and Classify billed // Note: Even if module invoice is not enabled, we should be able to use button "Classified billed" if ($object->statut > Commande::STATUS_DRAFT && !$object->billed && $object->total_ttc >= 0) { - if (isModEnabled('facture') && $user->rights->facture->creer && empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) { + if (isModEnabled('facture') && $user->hasRight('facture', 'creer') && empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) { print dolGetButtonAction('', $langs->trans('CreateBill'), 'default', DOL_URL_ROOT.'/compta/facture/card.php?action=create&token='.newToken().'&origin='.$object->element.'&originid='.$object->id.'&socid='.$object->socid, ''); } if ($usercancreate && $object->statut >= Commande::STATUS_VALIDATED && empty($conf->global->WORKFLOW_DISABLE_CLASSIFY_BILLED_FROM_ORDER) && empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT)) { diff --git a/htdocs/core/lib/order.lib.php b/htdocs/core/lib/order.lib.php index 8860f4126c4..bde894940de 100644 --- a/htdocs/core/lib/order.lib.php +++ b/htdocs/core/lib/order.lib.php @@ -60,8 +60,8 @@ function commande_prepare_head(Commande $object) $h++; } - if ((isModEnabled('expedition_bon') && $user->rights->expedition->lire) - || ($conf->delivery_note->enabled && $user->rights->expedition->delivery->lire)) { + if ((isModEnabled('expedition_bon') && $user->hasRight('expedition', 'lire')) + || ($conf->delivery_note->enabled && $user->hasRight('expedition', 'delivery', 'lire'))) { $nbShipments = $object->getNbOfShipments(); $nbReceiption = 0; $head[$h][0] = DOL_URL_ROOT.'/expedition/shipment.php?id='.$object->id;