lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix/FIX: making sure the return agenda is only specific to user

Browse Source
This commit is contained in:
Paul Vincent M. Ancajas 2021-02-01 01:41:19 +08:00
parent 726e0ceff0
commit d80709a7b9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/comm/action/class/actioncomm.class.php
View File

@ -1201,8 +1201,8 @@ class ActionComm extends CommonObject
}
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm as a";
if (!$user->rights->societe->client->voir && !$user->socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc";
if (!$user->rights->agenda->allactions->read) { // If bloack Added by PV
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources AS ar ON a.id = ar.fk_actioncomm";
if (!$user->rights->agenda->allactions->read) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources AS ar ON a.id = ar.fk_actioncomm AND ar.element_type ='user' AND ar.fk_element = ".$user->id;
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid";
$sql .= " WHERE 1 = 1";