Fix: Protection de creation des user par rapport aux droits
This commit is contained in:
Laurent Destailleur
parent
da9baf3bb4
commit
de3b7d3df7
@ -145,10 +145,10 @@ class MenuLeft {
|
||||
|
||||
$langs->load("users");
|
||||
$newmenu->add(DOL_URL_ROOT."/user/home.php?leftmenu=users", $langs->trans("MenuUsersAndGroups"));
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/index.php", $langs->trans("Users"));
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/fiche.php?action=create", $langs->trans("NewUser"),2);
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/group/index.php", $langs->trans("Groups"));
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/group/fiche.php?action=create", $langs->trans("NewGroup"),2);
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/index.php", $langs->trans("Users"), 1, $user->rights->user->user->lire || $user->admin);
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/fiche.php?action=create", $langs->trans("NewUser"),2, $user->rights->user->user->creer || $user->admin);
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/group/index.php", $langs->trans("Groups"), 1, $user->rights->user->user->lire || $user->admin);
|
||||
if ($leftmenu=="users") $newmenu->add_submenu(DOL_URL_ROOT."/user/group/fiche.php?action=create", $langs->trans("NewGroup"), 2, $user->rights->user->user->creer || $user->admin);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@ -315,11 +315,14 @@ if ($action == 'create')
|
||||
print '<tr><td valign="top">'.$langs->trans("Password").'</td>';
|
||||
print '<td class="valeur"><input size="30" maxsize="32" type="text" name="password" value=""></td></tr>';
|
||||
|
||||
print '<tr><td valign="top">'.$langs->trans("Administrator").'</td>';
|
||||
print '<td class="valeur">';
|
||||
$form->selectyesnonum('admin',0);
|
||||
print "</td></tr>\n";
|
||||
|
||||
if ($user->admin)
|
||||
{
|
||||
print '<tr><td valign="top">'.$langs->trans("Administrator").'</td>';
|
||||
print '<td class="valeur">';
|
||||
$form->selectyesnonum('admin',0);
|
||||
print "</td></tr>\n";
|
||||
}
|
||||
|
||||
print '<tr><td valign="top">'.$langs->trans("Phone").'</td>';
|
||||
print '<td class="valeur"><input size="20" type="text" name="office_phone" value=""></td></tr>';
|
||||
|
||||
@ -486,7 +489,7 @@ else
|
||||
if ($fuser->admin) print ' '.img_picto($langs->trans("Administrator"),"star");
|
||||
print '</td>';
|
||||
print "</tr>\n";
|
||||
|
||||
|
||||
// Source
|
||||
print '<tr><td width="25%" valign="top">'.$langs->trans("Source").'</td>';
|
||||
print '<td class="valeur">';
|
||||
@ -763,13 +766,20 @@ else
|
||||
if ($fuser->societe_id > 0)
|
||||
{
|
||||
print '<td class="valeur">';
|
||||
print '<input type="hidden" name="admin" value="0">'.$langs->trans("No");
|
||||
print '<input type="hidden" name="admin" value="'.$fuser->admin.'">'.yn($fuser->admin);
|
||||
print '</td></tr>';
|
||||
}
|
||||
else
|
||||
{
|
||||
print '<td class="valeur">';
|
||||
$form->selectyesnonum('admin',$fuser->admin);
|
||||
if ($user->admin)
|
||||
{
|
||||
$form->selectyesnonum('admin',$fuser->admin);
|
||||
}
|
||||
else
|
||||
{
|
||||
print '<input type="hidden" name="admin" value="'.$fuser->admin.'">'.yn($fuser->admin);
|
||||
}
|
||||
print '</td></tr>';
|
||||
}
|
||||
|
||||
|
||||
@ -32,36 +32,37 @@ require(DOL_DOCUMENT_ROOT.'/usergroup.class.php');
|
||||
|
||||
function llxHeader($head = "", $urlp = "")
|
||||
{
|
||||
global $user, $langs;
|
||||
|
||||
/*
|
||||
*
|
||||
*
|
||||
*/
|
||||
top_menu($head);
|
||||
|
||||
$menu = new Menu();
|
||||
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Users"));
|
||||
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/", $langs->trans("List"));
|
||||
|
||||
if($user->admin)
|
||||
global $user, $langs;
|
||||
|
||||
top_menu($head);
|
||||
|
||||
$menu = new Menu();
|
||||
|
||||
|
||||
if ($user->rights->user->user->lire || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/fiche.php?&action=create",$langs->trans("NewUser"));
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Users"));
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/", $langs->trans("List"));
|
||||
}
|
||||
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Groups"));
|
||||
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/", $langs->trans("List"));
|
||||
|
||||
if($user->admin)
|
||||
|
||||
if($user->rights->user->user->creer || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/fiche.php?&action=create",$langs->trans("NewGroup"));
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/fiche.php?&action=create", $langs->trans("NewUser"));
|
||||
}
|
||||
|
||||
|
||||
left_menu($menu->liste);
|
||||
|
||||
if ($user->rights->user->user->lire || $user->admin)
|
||||
{
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Groups"));
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/", $langs->trans("List"));
|
||||
}
|
||||
|
||||
if($user->rights->user->user->creer || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/fiche.php?&action=create", $langs->trans("NewGroup"));
|
||||
}
|
||||
|
||||
|
||||
left_menu($menu->liste);
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@ -32,42 +32,36 @@ $user->getrights('user');
|
||||
|
||||
function llxHeader($head = "", $title = "")
|
||||
{
|
||||
global $user,$langs;
|
||||
global $user,$langs;
|
||||
|
||||
/*
|
||||
*
|
||||
*
|
||||
*/
|
||||
top_menu($head, $title);
|
||||
top_menu($head, $title);
|
||||
|
||||
$menu = new Menu();
|
||||
$menu = new Menu();
|
||||
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Users"));
|
||||
|
||||
if ($user->rights->user->user->lire || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/", $langs->trans("List"));
|
||||
}
|
||||
|
||||
if($user->admin)
|
||||
if ($user->rights->user->user->lire || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/fiche.php?&action=create", $langs->trans("NewUser"));
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Users"));
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/", $langs->trans("List"));
|
||||
}
|
||||
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Groups"));
|
||||
|
||||
if ($user->rights->user->user->lire || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/", $langs->trans("List"));
|
||||
}
|
||||
|
||||
if($user->admin)
|
||||
if($user->rights->user->user->creer || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/fiche.php?&action=create", $langs->trans("NewGroup"));
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/fiche.php?&action=create", $langs->trans("NewUser"));
|
||||
}
|
||||
|
||||
if ($user->rights->user->user->lire || $user->admin)
|
||||
{
|
||||
$menu->add(DOL_URL_ROOT."/user/home.php", $langs->trans("Groups"));
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/", $langs->trans("List"));
|
||||
}
|
||||
|
||||
if($user->rights->user->user->creer || $user->admin)
|
||||
{
|
||||
$menu->add_submenu(DOL_URL_ROOT."/user/group/fiche.php?&action=create", $langs->trans("NewGroup"));
|
||||
}
|
||||
|
||||
|
||||
left_menu($menu->liste);
|
||||
left_menu($menu->liste);
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user