From fe664ddae2585d0ab3de1fb5ea25910dd622d661 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 9 Mar 2006 14:05:35 +0000 Subject: [PATCH] =?UTF-8?q?Ajout=20de=20la=20permission=20"consulter=20tou?= =?UTF-8?q?s=20les=20clients"=20dans=20le=20module=20commercial,=20afin=20?= =?UTF-8?q?=20qu'un=20commercial=20puisse=20voir=20que=20les=20clients=20q?= =?UTF-8?q?ui=20lui=20sont=20affect=E9s.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/includes/boxes/box_factures.php | 6 +++++- htdocs/includes/boxes/box_propales.php | 14 +++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/htdocs/includes/boxes/box_factures.php b/htdocs/includes/boxes/box_factures.php index e6e1aba58dc..e3e4a729ae0 100644 --- a/htdocs/includes/boxes/box_factures.php +++ b/htdocs/includes/boxes/box_factures.php @@ -66,7 +66,11 @@ class box_factures extends ModeleBoxes { if ($user->rights->facture->lire) { $sql = "SELECT s.nom,s.idp,f.facnumber,f.amount,".$db->pdate("f.datef")." as df,f.paye,f.rowid as facid"; - $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f WHERE f.fk_soc = s.idp"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; + $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + $sql .= " WHERE f.fk_soc = s.idp"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) { $sql .= " AND s.idp = $user->societe_id"; diff --git a/htdocs/includes/boxes/box_propales.php b/htdocs/includes/boxes/box_propales.php index cf1219b71ed..6884de32423 100644 --- a/htdocs/includes/boxes/box_propales.php +++ b/htdocs/includes/boxes/box_propales.php @@ -58,10 +58,6 @@ class box_propales extends ModeleBoxes { */ function loadBox($max=5) { - if ($user->societe_id) - { - $socidp = $user->societe_id; - } global $user, $langs, $db; @@ -73,14 +69,14 @@ class box_propales extends ModeleBoxes { { $sql = "SELECT s.nom,s.idp,p.ref,".$db->pdate("p.datep")." as dp,p.rowid"; - if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", sc.fk_soc, sc.fk_user"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."propal as p"; - if (!$user->rights->commercial->client->voir && !$socidp) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= " WHERE p.fk_soc = s.idp"; - if (!$user->rights->commercial->client->voir && !$socidp) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; - if($socidp) + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND s.idp = sc.fk_soc AND sc.fk_user = " .$user->id; + if($user->societe_id) { - $sql .= " AND s.idp = $socidp"; + $sql .= " AND s.idp = $user->societe_id"; } $sql .= " ORDER BY p.datep DESC, p.ref DESC "; $sql .= $db->plimit($max, 0);