Merge branch '4.0' of git@github.com:Dolibarr/dolibarr.git into 4.0

Conflicts: htdocs/projet/class/project.class.php
2017-03-21 17:19:30 +01:00 · 2017-03-21 17:19:30 +01:00 · e7e51d9e4f
commit e7e51d9e4f
parent 43e70830ed 9e545e9628
5 changed files with 23 additions and 15 deletions
--- a/htdocs/contrat/class/contrat.class.php
+++ b/htdocs/contrat/class/contrat.class.php
@ -2045,7 +2045,7 @@ class Contrat extends CommonObject
 		$sql = "SELECT count(c.rowid) as nb";
 		$sql.= " FROM ".MAIN_DB_PREFIX."contrat as c";
 		$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid";
-		if (!$user->rights->contrat->lire && !$user->societe_id)
+		if (!$user->rights->societe->client->voir && !$user->societe_id)
 		{
 			$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc";
 			$sql.= " WHERE sc.fk_user = " .$user->id;
--- a/htdocs/core/boxes/box_factures_imp.php
+++ b/htdocs/core/boxes/box_factures_imp.php
@ -78,8 +78,9 @@ class box_factures_imp extends ModeleBoxes
            $sql.= " f.total_ttc,";
 			$sql.= " f.paye, f.fk_statut, f.rowid as facid";
 			$sql.= ", sum(pf.amount) as am";
-			$sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f";
+			$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
 			if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
+			$sql.= ", ".MAIN_DB_PREFIX."facture as f";
 			$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid=pf.fk_facture ";
 			$sql.= " WHERE f.fk_soc = s.rowid";
 			$sql.= " AND f.entity = ".$conf->entity;
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@ -576,9 +576,10 @@ if (! defined('NOLOGIN'))
    {
        // We are already into an authenticated session
        $login=$_SESSION["dol_login"];
-        dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login, LOG_DEBUG);
+        $entity=$_SESSION["dol_entity"];
+        dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG);

-        $resultFetchUser=$user->fetch('',$login);
+        $resultFetchUser=$user->fetch('',$login,'',1,($entity > 0 ? $entity : -1));
        if ($resultFetchUser <= 0)
        {
            // Account has been removed after login
--- a/htdocs/projet/class/project.class.php
+++ b/htdocs/projet/class/project.class.php
@ -3,7 +3,7 @@
 * Copyright (C) 2005-2016 Laurent Destailleur  <eldy@users.sourceforge.net>
 * Copyright (C) 2005-2010 Regis Houssin        <regis.houssin@capnetworks.com>
 * Copyright (C) 2013	   Florian Henry        <florian.henry@open-concept.pro>
- * Copyright (C) 2014-2015 Marcos García        <marcosgdf@gmail.com>
+ * Copyright (C) 2014-2017 Marcos García        <marcosgdf@gmail.com>
 * Copyright (C) 2017      Ferran Marcet        <fmarcet@2byte.es>
 *
 * This program is free software; you can redistribute it and/or modify
@ -1690,17 +1690,21 @@ class Project extends CommonObject
 	 */
 	function load_state_board()
 	{
-	    global $conf;
+	    global $user;
 	
 	    $this->nb=array();
-	
-	    $sql = "SELECT count(u.rowid) as nb";
-	    $sql.= " FROM ".MAIN_DB_PREFIX."projet as u";
-	    $sql.= " WHERE";
-	    //$sql.= " WHERE u.fk_statut > 0";
-	    //$sql.= " AND employee != 0";
-	    $sql.= " u.entity IN (".getEntity('projet', 1).")";
-	
+
+		$sql = "SELECT DISTINCT
+  count(p.rowid) as nb
+FROM ".MAIN_DB_PREFIX."projet AS p LEFT JOIN ".MAIN_DB_PREFIX."societe AS s ON p.fk_soc = s.rowid
+  LEFT JOIN ".MAIN_DB_PREFIX."c_lead_status AS cls ON p.fk_opp_status = cls.rowid
+WHERE p.entity IN (".getEntity('projet', 1).")";
+
+		if (! $user->rights->projet->all->lire) {
+			$projectsListId = $this->getProjectsAuthorizedForUser($user,0,1);
+			$sql .= "AND p.rowid IN (".$projectsListId.")";
+		}
+
 	    $resql=$this->db->query($sql);
 	    if ($resql)
 	    {
--- a/htdocs/projet/element.php
+++ b/htdocs/projet/element.php
@ -612,7 +612,9 @@ foreach ($listofreferent as $key => $value)
 		{
 			$addform.='<div class="inline-block valignmiddle">';
 			if ($testnew) $addform.='<a class="buttonxxx" href="'.$urlnew.'">'.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).'</a>';
-			else $addform.='<a class="buttonxxx buttonRefused" disabled="disabled" href="#">'.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).'</a>';
+			elseif (empty($conf->global->MAIN_BUTTON_HIDE_UNAUTHORIZED)) {
+				$addform.='<a class="buttonxxx buttonRefused" disabled="disabled" href="#">'.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).'</a>';
+			}
            $addform.='<div>';
 		}