From f73f3cd55f271a43d8bdca2e9d8dae9911b4caee Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Tue, 2 Nov 2021 04:50:29 +0100 Subject: [PATCH 1/7] typo --- htdocs/core/lib/company.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index ddaf1d320c3..313dd5d8fbe 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -295,7 +295,7 @@ function societe_prepare_head(Societe $object) // Notifications if (!empty($conf->notification->enabled)) { $nbNotif = 0; - // Enable caching of thirdrparty count notifications + // Enable caching of thirdparty count notifications require_once DOL_DOCUMENT_ROOT.'/core/lib/memory.lib.php'; $cachekey = 'count_notifications_thirdparty_'.$object->id; $dataretrieved = dol_getcache($cachekey); From fb0002a38ee7efdbbf35791f4bbeb2098aa1097e Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Tue, 2 Nov 2021 04:51:18 +0100 Subject: [PATCH 2/7] Factorize user rights --- htdocs/societe/paymentmodes.php | 61 ++++++++++++++++----------------- 1 file changed, 30 insertions(+), 31 deletions(-) diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index 9cb0eadecf5..18d560f6d9f 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -1,12 +1,13 @@ - * Copyright (C) 2003 Jean-Louis Bergamo - * Copyright (C) 2004-2018 Laurent Destailleur - * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2013 Peter Fontaine - * Copyright (C) 2015-2016 Marcos García - * Copyright (C) 2017 Ferran Marcet - * Copyright (C) 2018 -2021Thibault FOUCART +/* Copyright (C) 2002-2004 Rodolphe Quiedeville + * Copyright (C) 2003 Jean-Louis Bergamo + * Copyright (C) 2004-2018 Laurent Destailleur + * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2013 Peter Fontaine + * Copyright (C) 2015-2016 Marcos García + * Copyright (C) 2017 Ferran Marcet + * Copyright (C) 2018-2021 Thibault FOUCART + * Copyright (C) 2021 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,7 +42,6 @@ require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php'; $langs->loadLangs(array("companies", "commercial", "banks", "bills", 'paypal', 'stripe', 'withdrawals')); - // Security check $socid = GETPOST("socid", "int"); if ($user->socid) { @@ -70,6 +70,10 @@ $extrafields->fetch_name_optionals_label($object->table_element); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('thirdpartybancard', 'globalcard')); +$permissiontoread = $user->rights->societe->lire; +$permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_builddoc.inc.php + +$permissiontoaddupdatepaymentinformation = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $permissiontoadd) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->societe->addupdate_thirdparty_payment_information->write))); if (!empty($conf->stripe->enabled)) { $service = 'StripeTest'; @@ -455,7 +459,6 @@ if (empty($reshook)) { $id = $socid; $upload_dir = $conf->societe->multidir_output[$object->entity]; - $permissiontoadd = $user->rights->societe->creer; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; $id = $savid; @@ -703,7 +706,7 @@ if (empty($companybankaccount->socid)) { $companybankaccount->socid = $object->id; } -if ($socid && ($action == 'edit' || $action == 'editcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoadd) { print '
'; print ''; $actionforadd = 'update'; @@ -713,7 +716,7 @@ if ($socid && ($action == 'edit' || $action == 'editcard') && $user->rights->soc print ''; print ''; } -if ($socid && ($action == 'create' || $action == 'createcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoadd) { print ''; print ''; $actionforadd = 'add'; @@ -787,12 +790,11 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } if (!empty($conf->stripe->enabled)) { - $permissiontowrite = $user->rights->societe->creer; // Stripe customer key 'cu_....' stored into llx_societe_account print ''; - print $form->editfieldkey("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontowrite, 'string', '', 0, 2, 'socid'); + print $form->editfieldkey("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoadd, 'string', '', 0, 2, 'socid'); print ''; - print $form->editfieldval("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontowrite, 'string', '', null, null, '', 2, '', 'socid'); + print $form->editfieldval("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoadd, 'string', '', null, null, '', 2, '', 'socid'); if (!empty($conf->stripe->enabled) && $stripecu && $action != 'editkey_account') { $connect = ''; if (!empty($stripeacc)) { @@ -849,14 +851,13 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } if (!empty($conf->stripe->enabled) && !empty($conf->stripeconnect->enabled) && $conf->global->MAIN_FEATURES_LEVEL >= 2) { - $permissiontowrite = $user->rights->societe->creer; $stripesupplieracc = $stripe->getStripeAccount($service, $object->id); // Get Stripe OAuth connect account (no network access here) // Stripe customer key 'cu_....' stored into llx_societe_account print ''; - print $form->editfieldkey("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontowrite, 'string', '', 0, 2, 'socid'); + print $form->editfieldkey("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoadd, 'string', '', 0, 2, 'socid'); print ''; - print $form->editfieldval("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontowrite, 'string', '', null, null, '', 2, '', 'socid'); + print $form->editfieldval("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoadd, 'string', '', null, null, '', 2, '', 'socid'); if (!empty($conf->stripe->enabled) && $stripesupplieracc && $action != 'editkey_account_supplier') { $connect = ''; @@ -1061,7 +1062,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' print $hookmanager->resPrint; // Action column print ''; - if ($user->rights->societe->creer) { + if ($permissiontoadd) { if ($stripecu && empty($companypaymentmodetemp->stripe_card_ref)) { print ''.$langs->trans("CreateCardOnStripe").''; } @@ -1214,7 +1215,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' print $hookmanager->resPrint; // Action column print ''; - if ($user->rights->societe->creer) { + if ($permissiontoadd) { print ''; print img_picto($langs->trans("Delete"), 'delete'); print ''; @@ -1288,7 +1289,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' $rib_list = $object->get_all_rib(); if (is_array($rib_list)) { - print '
'; // You can use div-table-responsive-no-min if you dont need reserved height for your table + print '
'; // You can use div-table-responsive-no-min if you don't need reserved height for your table print ''; print ''; @@ -1446,7 +1447,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' // Edit/Delete print '
'; - if ($user->rights->societe->creer) { + if ($permissiontoadd) { print ''; print img_picto($langs->trans("Modify"), 'edit'); print ''; @@ -1486,10 +1487,8 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' */ $filedir = $conf->societe->multidir_output[$object->entity].'/'.$object->id; $urlsource = $_SERVER["PHP_SELF"]."?socid=".$object->id; - $genallowed = $user->rights->societe->lire; - $delallowed = $user->rights->societe->creer; - print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); + print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $permissiontoread, $permissiontoadd, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); // Show direct download link if (!empty($conf->global->BANK_ACCOUNT_ALLOW_EXTERNAL_DOWNLOAD)) { @@ -1536,7 +1535,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } // Edit BAN -if ($socid && $action == 'edit' && $user->rights->societe->creer) { +if ($socid && $action == 'edit' && $permissiontoadd) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1655,7 +1654,7 @@ if ($socid && $action == 'edit' && $user->rights->societe->creer) { } // Edit Card -if ($socid && $action == 'editcard' && $user->rights->societe->creer) { +if ($socid && $action == 'editcard' && $permissiontoadd) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1698,7 +1697,7 @@ if ($socid && $action == 'editcard' && $user->rights->societe->creer) { // Create BAN -if ($socid && $action == 'create' && $user->rights->societe->creer) { +if ($socid && $action == 'create' && $permissiontoadd) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1813,7 +1812,7 @@ if ($socid && $action == 'create' && $user->rights->societe->creer) { } // Create Card -if ($socid && $action == 'createcard' && $user->rights->societe->creer) { +if ($socid && $action == 'createcard' && $permissiontoadd) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1857,10 +1856,10 @@ if ($socid && $action == 'createcard' && $user->rights->societe->creer) { print $form->buttonsSaveCancel("Add"); } -if ($socid && ($action == 'edit' || $action == 'editcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoadd) { print ''; } -if ($socid && ($action == 'create' || $action == 'createcard') && $user->rights->societe->creer) { +if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoadd) { print ''; } From 155eae1772e6f2fa647b8d31704bc20cc4a1e1f3 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Tue, 2 Nov 2021 04:52:16 +0100 Subject: [PATCH 3/7] Add advanced right to add / update thirdparty payment information --- htdocs/core/modules/modSociete.class.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/htdocs/core/modules/modSociete.class.php b/htdocs/core/modules/modSociete.class.php index c3eba65673b..a177f367c23 100644 --- a/htdocs/core/modules/modSociete.class.php +++ b/htdocs/core/modules/modSociete.class.php @@ -197,6 +197,13 @@ class modSociete extends DolibarrModules $this->rights[$r][3] = 0; // La permission est-elle une permission par defaut $this->rights[$r][4] = 'export'; + $r++; + $this->rights[$r][0] = 130; + $this->rights[$r][1] = 'Modify thirdparty information payment'; + $this->rights[$r][3] = 0; + $this->rights[$r][4] = 'addupdate_thirdparty_payment_information'; // Visible if option MAIN_USE_ADVANCED_PERMS is on + $this->rights[$r][5] = 'write'; + // 262 : Restrict access to sales representative $r++; $this->rights[$r][0] = 262; From b128fb5ad9887c949ab321f49bd216ff884ffe53 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Tue, 2 Nov 2021 04:55:20 +0100 Subject: [PATCH 4/7] Add advanced right to add / update thirdparty payment information --- htdocs/societe/paymentmodes.php | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index 07f0193359c..fa4b6069430 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -706,7 +706,7 @@ if (empty($companybankaccount->socid)) { $companybankaccount->socid = $object->id; } -if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoadd) { +if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoaddupdatepaymentinformation) { print '
'; print ''; $actionforadd = 'update'; @@ -716,7 +716,7 @@ if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoadd) print ''; print ''; } -if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoadd) { +if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoaddupdatepaymentinformation) { print ''; print ''; $actionforadd = 'add'; @@ -792,9 +792,9 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' if (!empty($conf->stripe->enabled)) { // Stripe customer key 'cu_....' stored into llx_societe_account print '
'; - print $form->editfieldkey("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoadd, 'string', '', 0, 2, 'socid'); + print $form->editfieldkey("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoaddupdatepaymentinformation, 'string', '', 0, 2, 'socid'); print ''; - print $form->editfieldval("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoadd, 'string', '', null, null, '', 2, '', 'socid'); + print $form->editfieldval("StripeCustomerId", 'key_account', $stripecu, $object, $permissiontoaddupdatepaymentinformation, 'string', '', null, null, '', 2, '', 'socid'); if (!empty($conf->stripe->enabled) && $stripecu && $action != 'editkey_account') { $connect = ''; if (!empty($stripeacc)) { @@ -855,9 +855,9 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' // Stripe customer key 'cu_....' stored into llx_societe_account print '
'; - print $form->editfieldkey("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoadd, 'string', '', 0, 2, 'socid'); + print $form->editfieldkey("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoaddupdatepaymentinformation, 'string', '', 0, 2, 'socid'); print ''; - print $form->editfieldval("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoadd, 'string', '', null, null, '', 2, '', 'socid'); + print $form->editfieldval("StripeConnectAccount", 'key_account_supplier', $stripesupplieracc, $object, $permissiontoaddupdatepaymentinformation, 'string', '', null, null, '', 2, '', 'socid'); if (!empty($conf->stripe->enabled) && $stripesupplieracc && $action != 'editkey_account_supplier') { $connect = ''; @@ -1062,7 +1062,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' print $hookmanager->resPrint; // Action column print ''; - if ($permissiontoadd) { + if ($permissiontoaddupdatepaymentinformation) { if ($stripecu && empty($companypaymentmodetemp->stripe_card_ref)) { print ''.$langs->trans("CreateCardOnStripe").''; } @@ -1215,7 +1215,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' print $hookmanager->resPrint; // Action column print ''; - if ($permissiontoadd) { + if ($permissiontoaddupdatepaymentinformation) { print ''; print img_picto($langs->trans("Delete"), 'delete'); print ''; @@ -1449,7 +1449,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' // Edit/Delete print ''; - if ($permissiontoadd) { + if ($permissiontoaddupdatepaymentinformation) { print ''; print img_picto($langs->trans("Modify"), 'edit'); print ''; @@ -1490,7 +1490,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' $filedir = $conf->societe->multidir_output[$object->entity].'/'.$object->id; $urlsource = $_SERVER["PHP_SELF"]."?socid=".$object->id; - print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $permissiontoread, $permissiontoadd, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); + print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $permissiontoread, $permissiontoaddupdatepaymentinformation, $object->model_pdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); // Show direct download link if (!empty($conf->global->BANK_ACCOUNT_ALLOW_EXTERNAL_DOWNLOAD)) { @@ -1537,7 +1537,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } // Edit BAN -if ($socid && $action == 'edit' && $permissiontoadd) { +if ($socid && $action == 'edit' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1656,7 +1656,7 @@ if ($socid && $action == 'edit' && $permissiontoadd) { } // Edit Card -if ($socid && $action == 'editcard' && $permissiontoadd) { +if ($socid && $action == 'editcard' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1699,7 +1699,7 @@ if ($socid && $action == 'editcard' && $permissiontoadd) { // Create BAN -if ($socid && $action == 'create' && $permissiontoadd) { +if ($socid && $action == 'create' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1814,7 +1814,7 @@ if ($socid && $action == 'create' && $permissiontoadd) { } // Create Card -if ($socid && $action == 'createcard' && $permissiontoadd) { +if ($socid && $action == 'createcard' && $permissiontoaddupdatepaymentinformation) { print dol_get_fiche_head($head, 'rib', $langs->trans("ThirdParty"), 0, 'company'); $linkback = ''.$langs->trans("BackToList").''; @@ -1858,10 +1858,10 @@ if ($socid && $action == 'createcard' && $permissiontoadd) { print $form->buttonsSaveCancel("Add"); } -if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoadd) { +if ($socid && ($action == 'edit' || $action == 'editcard') && $permissiontoaddupdatepaymentinformation) { print ''; } -if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoadd) { +if ($socid && ($action == 'create' || $action == 'createcard') && $permissiontoaddupdatepaymentinformation) { print ''; } From 8992276e25bc1fab93059730c01b8d2cfbdcb9e9 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Tue, 2 Nov 2021 05:18:32 +0100 Subject: [PATCH 5/7] Hidden button without specific advancedright --- htdocs/societe/paymentmodes.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index fa4b6069430..b278c7c6da3 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -1282,8 +1282,9 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard' } // List of bank accounts - - $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?socid='.$object->id.'&action=create'); + if ($permissiontoaddupdatepaymentinformation) { + $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"] . '?socid=' . $object->id . '&action=create'); + } print load_fiche_titre($langs->trans("BankAccounts"), $morehtmlright, 'bank'); From 13123c3370d352625dccdb54f1ecaba87e74a491 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Tue, 2 Nov 2021 05:31:51 +0100 Subject: [PATCH 6/7] Permission language key --- htdocs/langs/en_US/admin.lang | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 7ffbe0328c1..9e5cefe79a3 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -762,6 +762,7 @@ Permission121=Read third parties linked to user Permission122=Create/modify third parties linked to user Permission125=Delete third parties linked to user Permission126=Export third parties +Permission130=Create/modify third parties payment information Permission141=Read all projects and tasks (also private projects for which I am not a contact) Permission142=Create/modify all projects and tasks (also private projects for which I am not a contact) Permission144=Delete all projects and tasks (also private projects i am not contact for) From 1107c6a208177d8c514328ea129f239d60bad277 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Tue, 16 Nov 2021 04:32:09 +0100 Subject: [PATCH 7/7] Modify name of advance right --- htdocs/core/modules/modSociete.class.php | 2 +- htdocs/societe/paymentmodes.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/modSociete.class.php b/htdocs/core/modules/modSociete.class.php index ba8373a9269..e70011a2195 100644 --- a/htdocs/core/modules/modSociete.class.php +++ b/htdocs/core/modules/modSociete.class.php @@ -201,7 +201,7 @@ class modSociete extends DolibarrModules $this->rights[$r][0] = 130; $this->rights[$r][1] = 'Modify thirdparty information payment'; $this->rights[$r][3] = 0; - $this->rights[$r][4] = 'addupdate_thirdparty_payment_information'; // Visible if option MAIN_USE_ADVANCED_PERMS is on + $this->rights[$r][4] = 'thirdparty_paymentinformation_advance'; // Visible if option MAIN_USE_ADVANCED_PERMS is on $this->rights[$r][5] = 'write'; // 262 : Restrict access to sales representative diff --git a/htdocs/societe/paymentmodes.php b/htdocs/societe/paymentmodes.php index ec8117d3b0e..7d93a7d347e 100644 --- a/htdocs/societe/paymentmodes.php +++ b/htdocs/societe/paymentmodes.php @@ -73,7 +73,7 @@ $hookmanager->initHooks(array('thirdpartybancard', 'globalcard')); $permissiontoread = $user->rights->societe->lire; $permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_builddoc.inc.php -$permissiontoaddupdatepaymentinformation = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $permissiontoadd) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->societe->addupdate_thirdparty_payment_information->write))); +$permissiontoaddupdatepaymentinformation = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $permissiontoadd) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->societe->thirdparty_paymentinformation_advance->write))); if (!empty($conf->stripe->enabled)) { $service = 'StripeTest';