diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index b729ad51fc5..8f0aee14424 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -1040,7 +1040,7 @@ class FormFile
* @param string $relativepath Relative path of docs (autodefined if not provided), relative to module dir, not to MAIN_DATA_ROOT.
* @param int $permonobject Permission on object (so permission to delete or crop document)
* @param int $useinecm Change output for use in ecm module:
- * 0 or 6: Add a preview column. Show also a rename and crop button.
+ * 0 or 6: Add a preview column. Show also a rename button. Show also a crop button for some values of $modulepart (must be supported into hard coded list in this function + photos_resize.php + restrictedArea + checkUserAccessToObject)
* 1: Add link to edit ECM entry
* 2: Add rename and crop file
* 4: Add a preview column
@@ -1068,7 +1068,7 @@ class FormFile
global $form;
$disablecrop=1;
- if (in_array($modulepart, array('expensereport','holiday','member','project','product','produit','service','societe','tax','ticket','user'))) $disablecrop=0;
+ if (in_array($modulepart, array('bom','expensereport','holiday','member','project','product','produit','service','societe','tax','ticket','user'))) $disablecrop=0;
// Define relative path used to store the file
if (empty($relativepath))
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index dcdc70c3fe6..69d9173e212 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -247,11 +247,12 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
{
if (! $user->rights->projet->lire && ! $user->rights->projet->all->lire) { $readok=0; $nbko++; }
}
- elseif (! empty($feature2)) // This should be used for future changes
+ elseif (! empty($feature2)) // This is for permissions on 2 levels
{
$tmpreadok=1;
foreach($feature2 as $subfeature)
{
+ var_dump($subfeature);
if ($subfeature == 'user' && $user->id == $objectid) continue; // A user can always read its own card
if (! empty($subfeature) && empty($user->rights->$feature->$subfeature->lire) && empty($user->rights->$feature->$subfeature->read)) { $tmpreadok=0; }
elseif (empty($subfeature) && empty($user->rights->$feature->lire) && empty($user->rights->$feature->read)) { $tmpreadok=0; }
@@ -263,7 +264,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
$nbko++;
}
}
- elseif (! empty($feature) && ($feature!='user' && $feature!='usergroup')) // This is for old permissions
+ elseif (! empty($feature) && ($feature!='user' && $feature!='usergroup')) // This is permissions on 1 level
{
if (empty($user->rights->$feature->lire)
&& empty($user->rights->$feature->read)
@@ -307,7 +308,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
{
if (! $user->rights->banque->cheque) { $createok=0; $nbko++; }
}
- elseif (! empty($feature2)) // This should be used
+ elseif (! empty($feature2)) // This is for permissions on one level
{
foreach($feature2 as $subfeature)
{
@@ -317,7 +318,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
else { $createok=1; break; } // Break to bypass second test if the first is ok
}
}
- elseif (! empty($feature)) // This is for old permissions ('creer' or 'write')
+ elseif (! empty($feature)) // This is for permissions on 2 levels ('creer' or 'write')
{
//print '
feature='.$feature.' creer='.$user->rights->$feature->creer.' write='.$user->rights->$feature->write;
if (empty($user->rights->$feature->creer)
@@ -384,7 +385,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
{
if (! $user->rights->salaries->delete) $deleteok=0;
}
- elseif (! empty($feature2)) // This should be used for permissions on 2 levels
+ elseif (! empty($feature2)) // This is for permissions on 2 levels
{
foreach($feature2 as $subfeature)
{
@@ -392,7 +393,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
else { $deleteok=1; break; } // For bypass the second test if the first is ok
}
}
- elseif (! empty($feature)) // This is used for permissions on 1 level
+ elseif (! empty($feature)) // This is used for permissions on 1 level
{
//print '
feature='.$feature.' creer='.$user->rights->$feature->supprimer.' write='.$user->rights->$feature->delete;
if (empty($user->rights->$feature->supprimer)
@@ -451,7 +452,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand
if ($feature == 'project') $feature='projet';
if ($feature == 'task') $feature='projet_task';
- $check = array('adherent','banque','don','user','usergroup','product','produit','service','produit|service','categorie','resource','expensereport','holiday'); // Test on entity only (Objects with no link to company)
+ $check = array('adherent','banque','bom','don','user','usergroup','product','produit','service','produit|service','categorie','resource','expensereport','holiday'); // Test on entity only (Objects with no link to company)
$checksoc = array('societe'); // Test for societe object
$checkother = array('contact','agenda'); // Test on entity and link to third party. Allowed if link is empty (Ex: contacts...).
$checkproject = array('projet','project'); // Test for project object
diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php
index 2ecb127f3b2..47be8cdf974 100644
--- a/htdocs/core/photos_resize.php
+++ b/htdocs/core/photos_resize.php
@@ -53,6 +53,12 @@ elseif ($modulepart == 'project')
if (! $user->rights->projet->lire) accessforbidden();
$accessallowed=1;
}
+elseif ($modulepart == 'bom')
+{
+ $result=restrictedArea($user, 'bom', $id, 'bom_bom');
+ if (! $user->rights->bom->read) accessforbidden();
+ $accessallowed=1;
+}
elseif ($modulepart == 'expensereport')
{
$result=restrictedArea($user, 'expensereport', $id, 'expensereport');
@@ -205,8 +211,19 @@ elseif ($modulepart == 'ticket')
$dir=$conf->ticket->dir_output; // By default
}
}
+elseif ($modulepart == 'bom')
+{
+ require_once DOL_DOCUMENT_ROOT.'/bom/class/bom.class.php';
+ $object = new BOM($db);
+ if ($id > 0)
+ {
+ $result = $object->fetch($id);
+ if ($result <= 0) dol_print_error($db, 'Failed to load object');
+ $dir=$conf->bom->dir_output; // By default
+ }
+}
else {
- print 'Action crop for module part '.$modulepart.' is not supported yet.';
+ print 'Action crop for modulepart = '.$modulepart.' is not supported yet.';
}
if (empty($backtourl))
@@ -220,6 +237,7 @@ if (empty($backtourl))
elseif (in_array($modulepart, array('tax'))) $backtourl=DOL_URL_ROOT."/compta/sociales/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('ticket'))) $backtourl=DOL_URL_ROOT."/ticket/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('user'))) $backtourl=DOL_URL_ROOT."/user/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
+ else $backtourl=DOL_URL_ROOT."/".$modulepart."/".$modulepart."_document.php?id=".$id.'&file='.urldecode($_POST["file"]);
}
diff --git a/htdocs/langs/en_US/mrp.lang b/htdocs/langs/en_US/mrp.lang
index c4bb9193a33..360f4303f07 100644
--- a/htdocs/langs/en_US/mrp.lang
+++ b/htdocs/langs/en_US/mrp.lang
@@ -13,3 +13,5 @@ WatermarkOnDraftBOMs=Watermark on draft BOM
ConfirmCloneBillOfMaterials=Are you sure you want to clone this bill of material ?
ManufacturingEfficiency=Manufacturing efficiency
ValueOfMeansLoss=Value of 0.95 means an average of 5%% of loss during the production
+DeleteBillOfMaterials=Delete Bill Of Materials
+ConfirmDeleteBillOfMaterials=Are you sure you want to delete this Bill Of Material?