diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index ddaf1d320c3..313dd5d8fbe 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -295,7 +295,7 @@ function societe_prepare_head(Societe $object) // Notifications if (!empty($conf->notification->enabled)) { $nbNotif = 0; - // Enable caching of thirdrparty count notifications + // Enable caching of thirdparty count notifications require_once DOL_DOCUMENT_ROOT.'/core/lib/memory.lib.php'; $cachekey = 'count_notifications_thirdparty_'.$object->id; $dataretrieved = dol_getcache($cachekey); diff --git a/htdocs/core/modules/modSociete.class.php b/htdocs/core/modules/modSociete.class.php index 2826091155c..e70011a2195 100644 --- a/htdocs/core/modules/modSociete.class.php +++ b/htdocs/core/modules/modSociete.class.php @@ -197,6 +197,13 @@ class modSociete extends DolibarrModules $this->rights[$r][3] = 0; // La permission est-elle une permission par defaut $this->rights[$r][4] = 'export'; + $r++; + $this->rights[$r][0] = 130; + $this->rights[$r][1] = 'Modify thirdparty information payment'; + $this->rights[$r][3] = 0; + $this->rights[$r][4] = 'thirdparty_paymentinformation_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on + $this->rights[$r][5] = 'write'; + // 262 : Restrict access to sales representative $r++; $this->rights[$r][0] = 262; diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 28d585b8f6f..f984e130c80 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -762,6 +762,7 @@ Permission121=Read third parties linked to user Permission122=Create/modify third parties linked to user Permission125=Delete third parties linked to user Permission126=Export third parties +Permission130=Create/modify third parties payment information Permission141=Read all projects and tasks (also private projects for which I am not a contact) Permission142=Create/modify all projects and tasks (also private projects for which I am not a contact) Permission144=Delete all projects and tasks (also private projects i am not contact for) diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index 995558ae2f5..7d93a7d347e 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -1,12 +1,13 @@ - * Copyright (C) 2003 Jean-Louis Bergamo - * Copyright (C) 2004-2018 Laurent Destailleur - * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2013 Peter Fontaine - * Copyright (C) 2015-2016 Marcos García - * Copyright (C) 2017 Ferran Marcet - * Copyright (C) 2018 -2021Thibault FOUCART +/* Copyright (C) 2002-2004 Rodolphe Quiedeville + * Copyright (C) 2003 Jean-Louis Bergamo + * Copyright (C) 2004-2018 Laurent Destailleur + * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2013 Peter Fontaine + * Copyright (C) 2015-2016 Marcos García + * Copyright (C) 2017 Ferran Marcet + * Copyright (C) 2018-2021 Thibault FOUCART + * Copyright (C) 2021 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,7 +42,6 @@ require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php'; $langs->loadLangs(array("companies", "commercial", "banks", "bills", 'paypal', 'stripe', 'withdrawals')); - // Security check $socid = GETPOST("socid", "int"); if ($user->socid) { @@ -70,6 +70,10 @@ $extrafields->fetch_name_optionals_label($object->table_element); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('thirdpartybancard', 'globalcard')); +$permissiontoread = $user->rights->societe->lire; +$permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_builddoc.inc.php + +$permissiontoaddupdatepaymentinformation = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $permissiontoadd) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->societe->thirdparty_paymentinformation_advance->write))); if (!empty($conf->stripe->enabled)) { $service = 'StripeTest'; @@ -455,7 +459,6 @@ if (empty($reshook)) { $id = $socid; $upload_dir = $conf->societe->multidir_output[$object->entity]; - $permissiontoadd = $user->rights->societe->creer; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; $id = $savid; @@ -703,7 +706,7 @@ if (empty($companybankaccount->socid)) { $companybankaccount->socid = $object->id; } -if ($socid && ($action == 'edit' || $action == 'editcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoaddupdatepaymentinformation) { print '
'; print ''; $actionforadd = 'update'; @@ -713,7 +716,7 @@ if ($socid && ($action == 'edit' || $action == 'editcard') && $user->rights->soc print ''; print ''; } -if ($socid && ($action == 'create' || $action == 'createcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoaddupdatepaymentinformation) { print ''; print ''; $actionforadd = 'add'; @@ -787,12 +790,11 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } if (!empty($conf->stripe->enabled)) { - $permissiontowrite = $user->rights->societe->creer; // Stripe customer key 'cu_....' stored into llx_societe_account print ''; - print $form->editfieldkey("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontowrite, 'string', '', 0, 2, 'socid'); + print $form->editfieldkey("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoaddupdatepaymentinformation, 'string', '', 0, 2, 'socid'); print ''; - print $form->editfieldval("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontowrite, 'string', '', null, null, '', 2, '', 'socid'); + print $form->editfieldval("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoaddupdatepaymentinformation, 'string', '', null, null, '', 2, '', 'socid'); if (!empty($conf->stripe->enabled) && $stripecu && $action != 'editkey_account') { $connect = ''; if (!empty($stripeacc)) { @@ -849,14 +851,13 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } if (!empty($conf->stripe->enabled) && !empty($conf->stripeconnect->enabled) && getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) { - $permissiontowrite = $user->rights->societe->creer; $stripesupplieracc = $stripe->getStripeAccount($service, $object->id); // Get Stripe OAuth connect account (no network access here) // Stripe customer key 'cu_....' stored into llx_societe_account print ''; - print $form->editfieldkey("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontowrite, 'string', '', 0, 2, 'socid'); + print $form->editfieldkey("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoaddupdatepaymentinformation, 'string', '', 0, 2, 'socid'); print ''; - print $form->editfieldval("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontowrite, 'string', '', null, null, '', 2, '', 'socid'); + print $form->editfieldval("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoaddupdatepaymentinformation, 'string', '', null, null, '', 2, '', 'socid'); if (!empty($conf->stripe->enabled) && $stripesupplieracc && $action != 'editkey_account_supplier') { $connect = ''; @@ -1061,7 +1062,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' print $hookmanager->resPrint; // Action column print ''; - if ($user->rights->societe->creer) { + if ($permissiontoaddupdatepaymentinformation) { if ($stripecu && empty($companypaymentmodetemp->stripe_card_ref)) { print ''.$langs->trans("CreateCardOnStripe").''; } @@ -1214,7 +1215,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' print $hookmanager->resPrint; // Action column print ''; - if ($user->rights->societe->creer) { + if ($permissiontoaddupdatepaymentinformation) { print ''; print img_picto($langs->trans("Delete"), 'delete'); print ''; @@ -1281,14 +1282,15 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } // List of bank accounts - - $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?socid='.$object->id.'&action=create'); + if ($permissiontoaddupdatepaymentinformation) { + $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"] . '?socid=' . $object->id . '&action=create'); + } print load_fiche_titre($langs->trans("BankAccounts"), $morehtmlright, 'bank'); $rib_list = $object->get_all_rib(); if (is_array($rib_list)) { - print '
'; // You can use div-table-responsive-no-min if you dont need reserved height for your table + print '
'; // You can use div-table-responsive-no-min if you don't need reserved height for your table print ''; print ''; @@ -1448,7 +1450,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' // Edit/Delete print '
'; - if ($user->rights->societe->creer) { + if ($permissiontoaddupdatepaymentinformation) { print ''; print img_picto($langs->trans("Modify"), 'edit'); print ''; @@ -1488,10 +1490,8 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' */ $filedir = $conf->societe->multidir_output[$object->entity].'/'.$object->id; $urlsource = $_SERVER["PHP_SELF"]."?socid=".$object->id; - $genallowed = $user->rights->societe->lire; - $delallowed = $user->rights->societe->creer; - print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); + print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $permissiontoread, $permissiontoaddupdatepaymentinformation, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); // Show direct download link if (!empty($conf->global->BANK_ACCOUNT_ALLOW_EXTERNAL_DOWNLOAD)) { @@ -1538,7 +1538,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } // Edit BAN -if ($socid && $action == 'edit' && $user->rights->societe->creer) { +if ($socid && $action == 'edit' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1657,7 +1657,7 @@ if ($socid && $action == 'edit' && $user->rights->societe->creer) { } // Edit Card -if ($socid && $action == 'editcard' && $user->rights->societe->creer) { +if ($socid && $action == 'editcard' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1700,7 +1700,7 @@ if ($socid && $action == 'editcard' && $user->rights->societe->creer) { // Create BAN -if ($socid && $action == 'create' && $user->rights->societe->creer) { +if ($socid && $action == 'create' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1815,7 +1815,7 @@ if ($socid && $action == 'create' && $user->rights->societe->creer) { } // Create Card -if ($socid && $action == 'createcard' && $user->rights->societe->creer) { +if ($socid && $action == 'createcard' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1859,10 +1859,10 @@ if ($socid && $action == 'createcard' && $user->rights->societe->creer) { print $form->buttonsSaveCancel("Add"); } -if ($socid && ($action == 'edit' || $action == 'editcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoaddupdatepaymentinformation) { print ''; } -if ($socid && ($action == 'create' || $action == 'createcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoaddupdatepaymentinformation) { print ''; }