Ajout de la permission "consulter tous les clients" dans le module commercial, afin
qu'un commercial puisse voir que les clients qui lui sont affects.
This commit is contained in:
Regis Houssin
parent
35d8be1e5e
commit
fb4d524b50
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
|
||||
* Copyright (C) 2004-2005 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2005-2006 Regis Houssin <regis.houssin@cap-networks.com>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
/* Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
|
||||
* Copyright (C) 2004-2005 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2005-2006 Regis Houssin <regis.houssin@cap-networks.com>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@ -59,9 +60,12 @@ $offset = $limit * $page ;
|
||||
*
|
||||
*/
|
||||
|
||||
$sql = "SELECT s.idp, s.nom, st.libelle as stcomm, p.idp as cidp, p.name, p.firstname, p.email, p.phone ";
|
||||
$sql = "SELECT s.idp, s.nom, st.libelle as stcomm, p.idp as cidp, p.name, p.firstname, p.email, p.phone";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."socpeople as p, ".MAIN_DB_PREFIX."c_stcomm as st";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE s.fk_stcomm = st.id AND s.fournisseur = 1 AND s.idp = p.fk_soc";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
|
||||
if (strlen($stcomm)) {
|
||||
$sql .= " AND s.fk_stcomm=$stcomm";
|
||||
|
||||
@ -33,13 +33,13 @@ if (!$user->rights->fournisseur->facture->lire)
|
||||
accessforbidden();
|
||||
|
||||
|
||||
$socid = $_GET["socid"];
|
||||
$socidp = $_GET["socidp"];
|
||||
|
||||
// Sécurité accés client
|
||||
if ($user->societe_id > 0)
|
||||
{
|
||||
$_GET["action"] = '';
|
||||
$socid = $user->societe_id;
|
||||
$socidp = $user->societe_id;
|
||||
}
|
||||
|
||||
if ($_GET["action"] == 'delete')
|
||||
@ -80,7 +80,7 @@ if ($_POST["mode"] == 'search')
|
||||
if ( $db->num_rows() == 1)
|
||||
{
|
||||
$obj = $db->fetch_object();
|
||||
$socid = $obj->idp;
|
||||
$socidp = $obj->idp;
|
||||
}
|
||||
$db->free();
|
||||
}
|
||||
@ -96,12 +96,16 @@ if ($_POST["mode"] == 'search')
|
||||
|
||||
llxHeader();
|
||||
|
||||
$sql = "SELECT s.idp as socid, s.nom, ".$db->pdate("fac.date_lim_reglement")." as date_echeance, fac.total_ht, fac.total_ttc, fac.paye as paye, fac.fk_statut as fk_statut, fac.libelle, fac.rowid as facid, fac.facnumber";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as fac ";
|
||||
$sql = "SELECT s.idp as socid, s.nom, ".$db->pdate("fac.date_lim_reglement")." as date_echeance, fac.total_ht";
|
||||
$sql .= ", fac.total_ttc, fac.paye as paye, fac.fk_statut as fk_statut, fac.libelle, fac.rowid as facid, fac.facnumber";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as fac";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE fac.fk_soc = s.idp";
|
||||
if ($socid)
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= " AND s.idp = $socid";
|
||||
$sql .= " AND s.idp = $socidp";
|
||||
}
|
||||
if ($_GET["filtre"])
|
||||
{
|
||||
@ -147,22 +151,22 @@ if ($resql)
|
||||
$num = $db->num_rows($resql);
|
||||
$i = 0;
|
||||
|
||||
if ($socid) {
|
||||
if ($socidp) {
|
||||
$soc = new Societe($db);
|
||||
$soc->fetch($socid);
|
||||
$soc->fetch($socidp);
|
||||
}
|
||||
|
||||
print_barre_liste($langs->trans("BillsSuppliers").($socid?" $soc->nom":""),$page,"index.php","&socidp=$socidp",$sortfield,$sortorder,'',$num);
|
||||
print_barre_liste($langs->trans("BillsSuppliers").($socidp?" $soc->nom":""),$page,"index.php","&socidp=$socidp",$sortfield,$sortorder,'',$num);
|
||||
|
||||
print '<table class="liste" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
print_liste_field_titre($langs->trans("Ref"),"index.php","facnumber","&socid=$socid","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("DateEcheance"),"index.php","fac.datef","&socid=$socid","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("Label"),"index.php","fac.libelle","&socid=$socid","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("Company"),"index.php","s.nom","&socid=$socid","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("AmountHT"),"index.php","fac.total_ht","&socid=$socid","",'align="right"',$sortfield);
|
||||
print_liste_field_titre($langs->trans("AmountTTC"),"index.php","fac.total_ttc","&socid=$socid","",'align="right"',$sortfield);
|
||||
print_liste_field_titre($langs->trans("Status"),"index.php","fk_statut,paye","&socid=$socid","",'align="center"',$sortfield);
|
||||
print_liste_field_titre($langs->trans("Ref"),"index.php","facnumber","&socidp=$socidp","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("DateEcheance"),"index.php","fac.datef","&socidp=$socidp","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("Label"),"index.php","fac.libelle","&socidp=$socidp","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("Company"),"index.php","s.nom","&socidp=$socidp","","",$sortfield);
|
||||
print_liste_field_titre($langs->trans("AmountHT"),"index.php","fac.total_ht","&socidp=$socidp","",'align="right"',$sortfield);
|
||||
print_liste_field_titre($langs->trans("AmountTTC"),"index.php","fac.total_ttc","&socidp=$socidp","",'align="right"',$sortfield);
|
||||
print_liste_field_titre($langs->trans("Status"),"index.php","fk_statut,paye","&socidp=$socidp","",'align="center"',$sortfield);
|
||||
print "</tr>\n";
|
||||
|
||||
// Lignes des champs de filtre
|
||||
|
||||
@ -356,13 +356,16 @@ if (! $_GET['action'] && ! $_POST['action'])
|
||||
$sql .= ', f.amount as fa_amount, f.facnumber, s.nom';
|
||||
$sql .= ', f.rowid as facid, c.libelle as paiement_type, p.num_paiement';
|
||||
$sql .= ', ba.rowid as bid, ba.label';
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'paiementfourn AS p';
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn AS pf ON p.rowid=pf.fk_paiementfourn';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'facture_fourn AS f ON f.rowid=pf.fk_facturefourn ';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement AS c ON p.fk_paiement = c.id';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'societe AS s ON s.idp = f.fk_soc';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON b.fk_account = ba.rowid';
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " WHERE s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp)
|
||||
{
|
||||
$sql .= ' WHERE f.fk_soc = '.$socidp;
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
/* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
|
||||
* Copyright (C) 2004-2005 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2005-2006 Regis Houssin <regis.houssin@cap-networks.com>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@ -67,8 +68,11 @@ if (! $sortfield) $sortfield="nom";
|
||||
*/
|
||||
|
||||
$sql = "SELECT s.idp, s.nom, s.ville,".$db->pdate("s.datec")." as datec, ".$db->pdate("s.datea")." as datea, st.libelle as stcomm, s.prefix_comm";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user ";
|
||||
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."c_stcomm as st";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql.= " WHERE s.fk_stcomm = st.id AND s.fournisseur=1";
|
||||
if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id;
|
||||
if ($socidp) $sql .= " AND s.idp=$socidp";
|
||||
if ($socname) {
|
||||
$sql .= " AND lower(s.nom) like '%".strtolower($socname)."%'";
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
<?php
|
||||
/* Copyright (C) 2003-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
|
||||
* Copyright (C) 2004-2005 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2005 Regis Houssin <regis.houssin@cap-networks.com>
|
||||
* Copyright (C) 2005-2006 Regis Houssin <regis.houssin@cap-networks.com>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
||||
Loading…
Reference in New Issue
Block a user