diff --git a/htdocs/comm/action/contact.php b/htdocs/comm/action/contact.php index 70ea24067b3..84b50893844 100644 --- a/htdocs/comm/action/contact.php +++ b/htdocs/comm/action/contact.php @@ -50,7 +50,7 @@ if ($user->societe_id > 0) unset($_GET["action"]); $action=''; } -$result = restrictedArea($user, 'agenda', $objectid, 'actioncomm&societe', 'myactions&allactions', 'fk_soc', 'id'); +$result = restrictedArea($user, 'agenda', $objectid, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id'); $object = new ActionComm($db); @@ -236,9 +236,9 @@ if ($id > 0 || ! empty($ref)) print ''; dol_fiche_end(); - + print '
'; - + // Contacts lines (modules that overwrite templates must declare this into descriptor) $dirtpls=array_merge($conf->modules_parts['tpl'],array('/core/tpl')); foreach($dirtpls as $reldir) diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index 55993db2fc2..694536b6d14 100644 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -53,7 +53,7 @@ if ($user->societe_id > 0) unset($_GET["action"]); $action=''; } -$result = restrictedArea($user, 'agenda', $objectid, 'actioncomm&societe', 'myactions&allactions', 'fk_soc', 'id'); +$result = restrictedArea($user, 'agenda', $objectid, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id'); $object = new ActionComm($db); diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index 373a7b9d6a2..d7a4c7daa6f 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -58,7 +58,7 @@ $originid=GETPOST('originid','int'); $socid = GETPOST('socid','int'); $id = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions&allactions', 'fk_soc', 'id'); +$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id'); if ($user->societe_id && $socid) $result = restrictedArea($user,'societe',$socid); $error=GETPOST("error"); diff --git a/htdocs/comm/action/info.php b/htdocs/comm/action/info.php index 4367e6cdb80..93881b35564 100644 --- a/htdocs/comm/action/info.php +++ b/htdocs/comm/action/info.php @@ -40,7 +40,7 @@ if ($user->societe_id > 0) $socid = $user->societe_id; } -$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions&allactions', 'fk_soc', 'id'); +$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id'); /* diff --git a/htdocs/compta/charges/index.php b/htdocs/compta/charges/index.php index f7ce301b89c..f38f7e72aa2 100644 --- a/htdocs/compta/charges/index.php +++ b/htdocs/compta/charges/index.php @@ -36,7 +36,7 @@ $langs->load("bills"); // Security check if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'tax', '', '', 'charges'); +$result = restrictedArea($user, 'tax|salaries', '', '', 'charges|'); $year=$_GET["year"]; $filtre=$_GET["filtre"]; @@ -247,13 +247,13 @@ if ($conf->tax->enabled) // Type payment print ''; if ($obj->payment_code) print $langs->trans("PaymentTypeShort".$obj->payment_code).' '; - print $obj->num_payment.''; + print $obj->num_payment.''; // Paid print ''; if ($obj->totalpaye) print price($obj->totalpaye); print ''; print ''; - + $total = $total + $obj->total; $totalnb = $totalnb + $obj->nb; $totalpaye = $totalpaye + $obj->totalpaye; diff --git a/htdocs/compta/salaries/fiche.php b/htdocs/compta/salaries/fiche.php index 5476fd595be..b4816b10c61 100644 --- a/htdocs/compta/salaries/fiche.php +++ b/htdocs/compta/salaries/fiche.php @@ -37,14 +37,14 @@ $id=GETPOST("id",'int'); $action=GETPOST('action'); // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST("socid","int"); if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'tax', '', '', 'charges'); +$result = restrictedArea($user, 'salaries', '', '', ''); $sal = new PaymentSalary($db); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array -$hookmanager->initHooks(array('taxsalarycard')); +$hookmanager->initHooks(array('salarycard')); diff --git a/htdocs/compta/salaries/index.php b/htdocs/compta/salaries/index.php index 1d0358f17cd..5cee6ad4d82 100644 --- a/htdocs/compta/salaries/index.php +++ b/htdocs/compta/salaries/index.php @@ -29,9 +29,9 @@ $langs->load("salaries"); $langs->load("bills"); // Security check -$socid = isset($_GET["socid"])?$_GET["socid"]:''; +$socid = GETPOST("socid","int"); if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'tax', '', '', 'charges'); +$result = restrictedArea($user, 'salaries', '', '', ''); $sortfield = GETPOST("sortfield",'alpha'); $sortorder = GETPOST("sortorder",'alpha'); @@ -101,11 +101,11 @@ if ($result) $param=''; if ($typeid) $param.='&typeid='.$typeid; - + print_barre_liste($langs->trans("SalariesPayments"),$page,$_SERVER["PHP_SELF"],$param,$sortfield,$sortorder,'',$num,$totalnboflines); dol_htmloutput_mesg($mesg); - + print '
'; print ''; @@ -118,7 +118,7 @@ if ($result) print_liste_field_titre($langs->trans("PayedByThisPayment"),$_SERVER["PHP_SELF"],"s.amount","",$param,'align="right"',$sortfield,$sortorder); print_liste_field_titre(""); print "\n"; - + print ''; print ''; print ''; @@ -133,7 +133,7 @@ if ($result) print ''; print ''; print "\n"; - + while ($i < min($num,$limit)) { $obj = $db->fetch_object($result); @@ -157,7 +157,7 @@ if ($result) print "\n"; $total = $total + $obj->amount; - + $i++; } print ''; @@ -165,9 +165,9 @@ if ($result) print ""; print "
  
'.$langs->trans("Total").' 
"; - + print '
'; - + $db->free($result); } else diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index df6704992a5..6c1a51471fa 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -97,7 +97,7 @@ function dol_hash($chain,$type=0) * If GETPOST('action') defined, we also check write and delete permission. * * @param User $user User to check - * @param string $features Features to check (it must be module name. Examples: 'societe', 'contact', 'produit&service', ...) + * @param string $features Features to check (it must be module name. Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...) * @param int $objectid Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional). * @param string $dbtablename 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity. Not used if objectid is null (optional) * @param string $feature2 Feature to check, second level of permission (optional) @@ -123,12 +123,13 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature if ($dbt_select != 'rowid' && $dbt_select != 'id') $objectid = "'".$objectid."'"; - // More features to check - $features = explode("&", $features); + // Features/modules to check + $featuresarray = array($features); + if (preg_match('/&/', $features)) $featuresarray = explode("&", $features); + else if (preg_match('/\|/', $features)) $featuresarray = explode("|", $features); // More subfeatures to check - if (!empty($feature2)) - $feature2 = explode("&", $feature2); + if (! empty($feature2)) $feature2 = explode("|", $feature2); // More parameters $params = explode('&', $dbtablename); @@ -138,106 +139,113 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature $listofmodules=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL); // Check read permission from module - $readok=1; - foreach ($features as $feature) + $readok=1; $nbko=0; + foreach ($featuresarray as $feature) { if (! empty($user->societe_id) && ! empty($conf->global->MAIN_MODULES_FOR_EXTERNAL) && ! in_array($feature,$listofmodules)) // If limits on modules for external users, module must be into list of modules for external users { - $readok=0; + $readok=0; $nbko++; continue; } if ($feature == 'societe') { - if (! $user->rights->societe->lire && ! $user->rights->fournisseur->lire) $readok=0; + if (! $user->rights->societe->lire && ! $user->rights->fournisseur->lire) { $readok=0; $nbko++; } } else if ($feature == 'contact') { - if (! $user->rights->societe->contact->lire) $readok=0; + if (! $user->rights->societe->contact->lire) { $readok=0; $nbko++; } } else if ($feature == 'produit|service') { - if (! $user->rights->produit->lire && ! $user->rights->service->lire) $readok=0; + if (! $user->rights->produit->lire && ! $user->rights->service->lire) { $readok=0; $nbko++; } } else if ($feature == 'prelevement') { - if (! $user->rights->prelevement->bons->lire) $readok=0; + if (! $user->rights->prelevement->bons->lire) { $readok=0; $nbko++; } } else if ($feature == 'cheque') { - if (! $user->rights->banque->cheque) $readok=0; + if (! $user->rights->banque->cheque) { $readok=0; $nbko++; } } else if ($feature == 'projet') { - if (! $user->rights->projet->lire && ! $user->rights->projet->all->lire) $readok=0; + if (! $user->rights->projet->lire && ! $user->rights->projet->all->lire) { $readok=0; $nbko++; } } else if (! empty($feature2)) // This should be used for future changes { foreach($feature2 as $subfeature) { - if (empty($user->rights->$feature->$subfeature->lire) && empty($user->rights->$feature->$subfeature->read)) $readok=0; - else { $readok=1; break; } // For bypass the second test if the first is ok + if (! empty($subfeature) && empty($user->rights->$feature->$subfeature->lire) && empty($user->rights->$feature->$subfeature->read)) { $readok=0; $nbko++; } + else if (empty($subfeature) && empty($user->rights->$feature->lire) && empty($user->rights->$feature->read)) { $readok=0; $nbko++; } + else { $readok=1; break; } // Break is to bypass second test if the first is ok } } else if (! empty($feature) && ($feature!='user' && $feature!='usergroup')) // This is for old permissions { if (empty($user->rights->$feature->lire) && empty($user->rights->$feature->read) - && empty($user->rights->$feature->run)) $readok=0; + && empty($user->rights->$feature->run)) { $readok=0; $nbko++; } } } + // If a or and at least one ok + if (preg_match('/\|/', $features) && $nbko < count($featuresarray)) $readok=1; + if (! $readok) accessforbidden(); //print "Read access is ok"; // Check write permission from module - $createok=1; + $createok=1; $nbko=0; if (GETPOST("action") == 'create') { - foreach ($features as $feature) + foreach ($featuresarray as $feature) { if ($feature == 'contact') { - if (! $user->rights->societe->contact->creer) $createok=0; + if (! $user->rights->societe->contact->creer) { $createok=0; $nbko++; } } else if ($feature == 'produit|service') { - if (! $user->rights->produit->creer && ! $user->rights->service->creer) $createok=0; + if (! $user->rights->produit->creer && ! $user->rights->service->creer) { $createok=0; $nbko++; } } else if ($feature == 'prelevement') { - if (! $user->rights->prelevement->bons->creer) $createok=0; + if (! $user->rights->prelevement->bons->creer) { $createok=0; $nbko++; } } else if ($feature == 'commande_fournisseur') { - if (! $user->rights->fournisseur->commande->creer) $createok=0; + if (! $user->rights->fournisseur->commande->creer) { $createok=0; $nbko++; } } else if ($feature == 'banque') { - if (! $user->rights->banque->modifier) $createok=0; + if (! $user->rights->banque->modifier) { $createok=0; $nbko++; } } else if ($feature == 'cheque') { - if (! $user->rights->banque->cheque) $createok=0; + if (! $user->rights->banque->cheque) { $createok=0; $nbko++; } } - else if (! empty($feature2)) // This should be used for future changes + else if (! empty($feature2)) // This should be used { foreach($feature2 as $subfeature) { if (empty($user->rights->$feature->$subfeature->creer) && empty($user->rights->$feature->$subfeature->write) - && empty($user->rights->$feature->$subfeature->create)) $createok=0; - else { $createok=1; break; } // For bypass the second test if the first is ok + && empty($user->rights->$feature->$subfeature->create)) { $createok=0; $nbko++; } + else { $createok=1; break; } // Break to bypass second test if the first is ok } } - else if (! empty($feature)) // This is for old permissions + else if (! empty($feature)) // This is for old permissions ('creer' or 'write') { //print '
feature='.$feature.' creer='.$user->rights->$feature->creer.' write='.$user->rights->$feature->write; if (empty($user->rights->$feature->creer) - && empty($user->rights->$feature->write)) $createok=0; + && empty($user->rights->$feature->write)) { $createok=0; $nbko++; } } } + // If a or and at least one ok + if (preg_match('/\|/', $features) && $nbko < count($featuresarray)) $createok=1; + if (! $createok) accessforbidden(); //print "Write access is ok"; } @@ -253,10 +261,10 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature } // Check delete permission from module - $deleteok=1; + $deleteok=1; $nbko=0; if ((GETPOST("action") == 'confirm_delete' && GETPOST("confirm") == 'yes') || GETPOST("action") == 'delete') { - foreach ($features as $feature) + foreach ($featuresarray as $feature) { if ($feature == 'contact') { @@ -312,7 +320,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature // is linked to a company allowed to $user. if (! empty($objectid) && $objectid > 0) { - foreach ($features as $feature) + foreach ($featuresarray as $feature) { $sql=''; diff --git a/htdocs/core/menus/init_menu_auguria.sql b/htdocs/core/menus/init_menu_auguria.sql index 96e3a25e516..f8e5828bbd1 100644 --- a/htdocs/core/menus/init_menu_auguria.sql +++ b/htdocs/core/menus/init_menu_auguria.sql @@ -175,10 +175,10 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->don->enabled && $leftmenu=="donations"', __HANDLER__, 'left', 2002__+MAX_llx_menu__, 'accountancy', '', 2000__+MAX_llx_menu__, '/compta/dons/liste.php?leftmenu=donations&mainmenu=accountancy', 'List', 1, 'donations', '$user->rights->don->lire', '', 2, 1, __ENTITY__); --insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->don->enabled && $leftmenu=="donations"', __HANDLER__, 'left', 2003__+MAX_llx_menu__, 'accountancy', '', 2000__+MAX_llx_menu__, '/compta/dons/stats.php?leftmenu=donations&mainmenu=accountancy', 'Statistics', 1, 'donations', '$user->rights->don->lire', '', 2, 2, __ENTITY__); -- Special expenses -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled || $conf->salaries->enabled', __HANDLER__, 'left', 2200__+MAX_llx_menu__, 'accountancy', 'tax', 6__+MAX_llx_menu__, '/compta/charges/index.php?leftmenu=tax&mainmenu=accountancy', 'MenuSpecialExpenses', 0, 'compta', '1', '', 0, 6, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled', __HANDLER__, 'left', 2201__+MAX_llx_menu__, 'accountancy', 'tax_sal', 2200__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary&mainmenu=accountancy', 'Salaries', 1, 'salaries', '$user->rights->tax->charges->lire', '', 0, 1, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2202__+MAX_llx_menu__, 'accountancy', '', 2201__+MAX_llx_menu__, '/compta/salaries/fiche.php?leftmenu=tax_salary&action=create', 'NewPayment', 2, 'companies', '$user->rights->tax->charges->creer', '', 0, 2, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2203__+MAX_llx_menu__, 'accountancy', '', 2201__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary', 'Payments', 2, 'companies', '$user->rights->tax->charges->lire', '', 0, 3, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled || $conf->salaries->enabled', __HANDLER__, 'left', 2200__+MAX_llx_menu__, 'accountancy', 'tax', 6__+MAX_llx_menu__, '/compta/charges/index.php?leftmenu=tax&mainmenu=accountancy', 'MenuSpecialExpenses', 0, 'compta', '(! empty($conf->tax->enabled) && $user->rights->tax->charges->lire) || (! empty($conf->salaries->enabled) && $user->rights->salaries->read)', '', 0, 6, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled', __HANDLER__, 'left', 2210__+MAX_llx_menu__, 'accountancy', 'tax_sal', 2200__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary&mainmenu=accountancy', 'Salaries', 1, 'salaries', '$user->rights->salaries->read', '', 0, 1, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2211__+MAX_llx_menu__, 'accountancy', '', 2210__+MAX_llx_menu__, '/compta/salaries/fiche.php?leftmenu=tax_salary&action=create', 'NewPayment', 2, 'companies', '$user->rights->salaries->write', '', 0, 2, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->salaries->enabled && $leftmenu=="tax_salary"', __HANDLER__, 'left', 2212__+MAX_llx_menu__, 'accountancy', '', 2210__+MAX_llx_menu__, '/compta/salaries/index.php?leftmenu=tax_salary', 'Payments', 2, 'companies', '$user->rights->salaries->read', '', 0, 3, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled', __HANDLER__, 'left', 2250__+MAX_llx_menu__, 'accountancy', 'tax_social', 2200__+MAX_llx_menu__, '/compta/sociales/index.php?leftmenu=tax_social', 'SocialContributions', 1, '', '$user->rights->tax->charges->lire', '', 0, 1, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled && $leftmenu=="tax_social"', __HANDLER__, 'left', 2251__+MAX_llx_menu__, 'accountancy', '', 2250__+MAX_llx_menu__, '/compta/sociales/charges.php?leftmenu=tax_social&action=create', 'MenuNewSocialContribution', 2, '', '$user->rights->tax->charges->creer', '', 0, 2, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->tax->enabled && $leftmenu=="tax_social"', __HANDLER__, 'left', 2252__+MAX_llx_menu__, 'accountancy', '', 2250__+MAX_llx_menu__, '/compta/charges/index.php?leftmenu=tax_social&mainmenu=accountancy&mode=sconly', 'Payments', 2, '', '$user->rights->tax->charges->lire', '', 0, 3, __ENTITY__); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 99c53ac089f..4f8051e2ee3 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -797,42 +797,46 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu { global $mysoc; - $newmenu->add("/compta/charges/index.php?leftmenu=tax&mainmenu=accountancy",$langs->trans("MenuSpecialExpenses"), 0, $user->rights->tax->charges->lire, '', $mainmenu, 'tax'); + $permtoshowmenu=((! empty($conf->tax->enabled) && $user->rights->tax->charges->lire) || (! empty($conf->salaries->enabled) && $user->rights->salaries->read)); + $newmenu->add("/compta/charges/index.php?leftmenu=tax&mainmenu=accountancy",$langs->trans("MenuSpecialExpenses"), 0, $permtoshowmenu, '', $mainmenu, 'tax'); // Salaries if (! empty($conf->salaries->enabled)) { $langs->load("salaries"); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary&mainmenu=accountancy",$langs->trans("Salaries"),1,$user->rights->salaries->read, '', $mainmenu, 'tax_salary'); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/salaries/fiche.php?leftmenu=tax_salary&action=create",$langs->trans("NewPayment"),2,$user->rights->salaries->create); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary",$langs->trans("Payments"),2,$user->rights->salaries->read); + $newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary&mainmenu=accountancy",$langs->trans("Salaries"),1,$user->rights->salaries->read, '', $mainmenu, 'tax_salary'); + if (empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/fiche.php?leftmenu=tax_salary&action=create",$langs->trans("NewPayment"),2,$user->rights->salaries->write); + if (empty($leftmenu) || preg_match('/^tax_salary/i',$leftmenu)) $newmenu->add("/compta/salaries/index.php?leftmenu=tax_salary",$langs->trans("Payments"),2,$user->rights->salaries->read); } + // Social contributions - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/sociales/index.php?leftmenu=tax_social",$langs->trans("MenuSocialContributions"),1,$user->rights->tax->charges->lire); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/sociales/charges.php?leftmenu=tax_social&action=create",$langs->trans("MenuNewSocialContribution"), 2, $user->rights->tax->charges->creer); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/charges/index.php?leftmenu=tax_social&mainmenu=accountancy&mode=sconly",$langs->trans("Payments"), 2, $user->rights->tax->charges->lire); - // VAT - if (empty($conf->global->TAX_DISABLE_VAT_MENUS)) + if (! empty($conf->tax->enabled)) { - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/tva/index.php?leftmenu=tax_vat&mainmenu=accountancy",$langs->trans("VAT"),1,$user->rights->tax->charges->lire, '', $mainmenu, 'tax_vat'); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/tva/fiche.php?leftmenu=tax_vat&action=create",$langs->trans("NewPayment"),2,$user->rights->tax->charges->creer); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/tva/reglement.php?leftmenu=tax_vat",$langs->trans("Payments"),2,$user->rights->tax->charges->lire); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/tva/clients.php?leftmenu=tax_vat", $langs->trans("ReportByCustomers"), 2, $user->rights->tax->charges->lire); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/tva/quadri_detail.php?leftmenu=tax_vat", $langs->trans("ReportByQuarter"), 2, $user->rights->tax->charges->lire); - global $mysoc; - - //Local Taxes - if($mysoc->country_code=='ES' && (isset($mysoc->localtax2_assuj) && $mysoc->localtax2_assuj=="1")) + $newmenu->add("/compta/sociales/index.php?leftmenu=tax_social",$langs->trans("MenuSocialContributions"),1,$user->rights->tax->charges->lire); + if (empty($leftmenu) || preg_match('/^tax_social/i',$leftmenu)) $newmenu->add("/compta/sociales/charges.php?leftmenu=tax_social&action=create",$langs->trans("MenuNewSocialContribution"), 2, $user->rights->tax->charges->creer); + if (empty($leftmenu) || preg_match('/^tax_social/i',$leftmenu)) $newmenu->add("/compta/charges/index.php?leftmenu=tax_social&mainmenu=accountancy&mode=sconly",$langs->trans("Payments"), 2, $user->rights->tax->charges->lire); + // VAT + if (empty($conf->global->TAX_DISABLE_VAT_MENUS)) { - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/localtax/index.php?leftmenu=tax_vat&mainmenu=accountancy",$langs->transcountry("LT2",$mysoc->country_code),1,$user->rights->tax->charges->lire); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/localtax/fiche.php?leftmenu=tax_vat&action=create",$langs->trans("NewPayment"),2,$user->rights->tax->charges->creer); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/localtax/reglement.php?leftmenu=tax_vat",$langs->trans("Payments"),2,$user->rights->tax->charges->lire); - if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/localtax/clients.php?leftmenu=tax_vat", $langs->trans("ReportByCustomers"), 2, $user->rights->tax->charges->lire); - //if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/localtax/quadri_detail.php?leftmenu=tax_vat", $langs->trans("ReportByQuarter"), 2, $user->rights->tax->charges->lire); + $newmenu->add("/compta/tva/index.php?leftmenu=tax_vat&mainmenu=accountancy",$langs->trans("VAT"),1,$user->rights->tax->charges->lire, '', $mainmenu, 'tax_vat'); + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/tva/fiche.php?leftmenu=tax_vat&action=create",$langs->trans("NewPayment"),2,$user->rights->tax->charges->creer); + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/tva/reglement.php?leftmenu=tax_vat",$langs->trans("Payments"),2,$user->rights->tax->charges->lire); + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/tva/clients.php?leftmenu=tax_vat", $langs->trans("ReportByCustomers"), 2, $user->rights->tax->charges->lire); + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/tva/quadri_detail.php?leftmenu=tax_vat", $langs->trans("ReportByQuarter"), 2, $user->rights->tax->charges->lire); + global $mysoc; + + //Local Taxes + if($mysoc->country_code=='ES' && (isset($mysoc->localtax2_assuj) && $mysoc->localtax2_assuj=="1")) + { + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/localtax/index.php?leftmenu=tax_vat&mainmenu=accountancy",$langs->transcountry("LT2",$mysoc->country_code),1,$user->rights->tax->charges->lire); + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/localtax/fiche.php?leftmenu=tax_vat&action=create",$langs->trans("NewPayment"),2,$user->rights->tax->charges->creer); + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/localtax/reglement.php?leftmenu=tax_vat",$langs->trans("Payments"),2,$user->rights->tax->charges->lire); + if (empty($leftmenu) || preg_match('/^tax_vat/i',$leftmenu)) $newmenu->add("/compta/localtax/clients.php?leftmenu=tax_vat", $langs->trans("ReportByCustomers"), 2, $user->rights->tax->charges->lire); + //if (empty($leftmenu) || preg_match('/^tax/i',$leftmenu)) $newmenu->add("/compta/localtax/quadri_detail.php?leftmenu=tax_vat", $langs->trans("ReportByQuarter"), 2, $user->rights->tax->charges->lire); + } + } - } - } // Compta simple diff --git a/htdocs/core/modules/modSalaries.class.php b/htdocs/core/modules/modSalaries.class.php index 9947cdce87c..18c9e2e9e08 100644 --- a/htdocs/core/modules/modSalaries.class.php +++ b/htdocs/core/modules/modSalaries.class.php @@ -1,6 +1,6 @@ - * Copyright (C) 2004-2012 Laurent Destailleur + * Copyright (C) 2004-2014 Laurent Destailleur * Copyright (C) 2004 Sebastien Di Cintio * Copyright (C) 2004 Benoit Mortier * Copyright (C) 2005-2012 Regis Houssin @@ -93,15 +93,15 @@ class modSalaries extends DolibarrModules $this->rights[$r][5] = ''; $r++; - $this->rights[$r][0] = 511; + $this->rights[$r][0] = 512; $this->rights[$r][1] = 'Create/modify salaries'; $this->rights[$r][2] = 'w'; $this->rights[$r][3] = 0; - $this->rights[$r][4] = 'create'; + $this->rights[$r][4] = 'write'; $this->rights[$r][5] = ''; $r++; - $this->rights[$r][0] = 512; + $this->rights[$r][0] = 514; $this->rights[$r][1] = 'Delete salaries'; $this->rights[$r][2] = 'd'; $this->rights[$r][3] = 0; @@ -109,7 +109,7 @@ class modSalaries extends DolibarrModules $this->rights[$r][5] = ''; $r++; - $this->rights[$r][0] = 515; + $this->rights[$r][0] = 517; $this->rights[$r][1] = 'Export salaries'; $this->rights[$r][2] = 'r'; $this->rights[$r][3] = 0;