Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source 
Conflicts:
	htdocs/cashdesk/index.php
	htdocs/compta/index.php
	htdocs/core/lib/security.lib.php
	htdocs/societe/list.php
This commit is contained in:
Laurent Destailleur 2018-01-16 20:23:32 +01:00
commit 26ba0a9ec2
6 changed files with 60 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/cashdesk/admin/cashdesk.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2008-2011 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2017 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -103,7 +103,7 @@ print "</tr>\n";
print '<tr class="oddeven"><td width=\"50%\">'.$langs->trans("CashDeskThirdPartyForSell").'</td>';
print '<td colspan="2">';
print $form->select_company($conf->global->CASHDESK_ID_THIRDPARTY,'socid','s.client in (1,3)',1,0,1,array(),0);
print $form->select_company($conf->global->CASHDESK_ID_THIRDPARTY,'socid','s.client in (1,3) AND s.status = 1',1,0,1,array(),0);
print '</td></tr>';
if (! empty($conf->banque->enabled))
{

4
htdocs/cashdesk/index.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2007-2008 Jeremie Ollivier <jeremie.o@laposte.net>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2017 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
@ -105,7 +105,7 @@ print '<td>';
$disabled=0;
$langs->load("companies");
if (! empty($conf->global->CASHDESK_ID_THIRDPARTY)) $disabled=1; // If a particular third party is defined, we disable choice
print $form->select_company(GETPOST('socid','int')?GETPOST('socid','int'):$conf->global->CASHDESK_ID_THIRDPARTY, 'socid', 's.client in (1,3)', !$disabled, 0, 0);
print $form->select_company(GETPOST('socid','int')?GETPOST('socid','int'):$conf->global->CASHDESK_ID_THIRDPARTY, 'socid', 's.client in (1,3) AND s.status = 1', !$disabled, $disabled, 1);
//print '<input name="warehouse_id" class="texte_login" type="warehouse_id" value="" />';
print '</td>';
print "</tr>\n";

4
htdocs/cashdesk/tpl/menu.tpl.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2007-2008 Jeremie Ollivier <jeremie.o@laposte.net>
* Copyright (C) 2008-2010 Laurent Destailleur <eldy@uers.sourceforge.net>
* Copyright (C) 2009 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2017 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2012 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
@ -79,7 +79,7 @@ print '<li class="menu_choix0">'.$langs->trans("User").': '.$_SESSION['firstname
print ' <a href="deconnexion.php">'.img_picto($langs->trans('Logout'), 'logout.png').'</a><br>';
print '<form id="frmThirdparty" class="formulaire1 inline-block" method="post" action="facturation_verif.php?action=change_thirdparty">';
print $langs->trans("CashDeskThirdParty").': ';
print $form->select_company($_SESSION["CASHDESK_ID_THIRDPARTY"], 'CASHDESK_ID_THIRDPARTY', 's.client IN (1,3)', '', 0, 0, null, 0, 'valignmiddle inline-block');
print $form->select_company($_SESSION["CASHDESK_ID_THIRDPARTY"], 'CASHDESK_ID_THIRDPARTY', 's.client IN (1,3) AND s.status = 1', '', 0, 0, null, 0, 'valignmiddle inline-block');
print '<input class="button bouton_change_thirdparty inline-block valignmiddle" type="submit" id="bouton_change_thirdparty" value="'.$langs->trans("Modify").'">';
//print $companyLink;
print '<br>';

45
htdocs/compta/index.php
View File

@ -63,6 +63,7 @@ if ($user->societe_id > 0)
$max=3;
$hookmanager->initHooks(array('invoiceindex'));
/*
* Actions
@ -152,6 +153,10 @@ if (! empty($conf->facture->enabled) && $user->rights->facture->lire)
{
$sql .= " AND f.fk_soc = $socid";
}
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereCustomerDraft',$parameters);
$sql.=$hookmanager->resPrint;
$resql = $db->query($sql);
@ -229,7 +234,10 @@ if (! empty($conf->fournisseur->enabled) && $user->rights->fournisseur->facture-
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND f.fk_soc = ".$socid;
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereSupplierDraft',$parameters);
$sql.=$hookmanager->resPrint;
$resql = $db->query($sql);
if ( $resql )
@ -312,6 +320,11 @@ if (! empty($conf->facture->enabled) && $user->rights->facture->lire)
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND f.fk_soc = ".$socid;
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereCustomerLastModified',$parameters);
$sql.=$hookmanager->resPrint;
$sql.= " GROUP BY f.rowid, f.facnumber, f.fk_statut, f.type, f.total, f.tva, f.total_ttc, f.paye, f.tms, f.date_lim_reglement, s.nom, s.rowid, s.code_client";
$sql.= " ORDER BY f.tms DESC ";
$sql.= $db->plimit($max, 0);
@ -421,6 +434,11 @@ if (! empty($conf->fournisseur->enabled) && $user->rights->fournisseur->facture-
$sql.= " AND ff.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
if ($socid) $sql.= " AND ff.fk_soc = ".$socid;
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereSupplierLastModified',$parameters);
$sql.=$hookmanager->resPrint;
$sql.= " GROUP BY ff.rowid, ff.ref, ff.fk_statut, ff.libelle, ff.total_ht, ff.tva, ff.total_tva, ff.total_ttc, ff.tms, ff.paye, s.nom, s.rowid, s.code_fournisseur";
$sql.= " ORDER BY ff.tms DESC ";
$sql.= $db->plimit($max, 0);
@ -500,6 +518,11 @@ if (! empty($conf->don->enabled) && $user->rights->societe->lire)
$sql = "SELECT d.rowid, d.lastname, d.firstname, d.societe, d.datedon as date, d.tms as dm, d.amount, d.fk_statut";
$sql.= " FROM ".MAIN_DB_PREFIX."don as d";
$sql.= " WHERE d.entity IN (".getEntity('donation').")";
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereLastDonations',$parameters);
$sql.=$hookmanager->resPrint;
$sql.= $db->order("d.tms","DESC");
$sql.= $db->plimit($max, 0);
@ -575,6 +598,11 @@ if (! empty($conf->tax->enabled) && $user->rights->tax->charges->lire)
$sql.= " WHERE c.fk_type = cc.id";
$sql.= " AND c.entity = ".$conf->entity;
$sql.= " AND c.paye = 0";
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereSocialContributions',$parameters);
$sql.=$hookmanager->resPrint;
$sql.= " GROUP BY c.rowid, c.amount, c.date_ech, c.paye, cc.libelle";
$resql = $db->query($sql);
@ -660,6 +688,11 @@ if (! empty($conf->facture->enabled) && ! empty($conf->commande->enabled) && $us
if ($socid) $sql.= " AND c.fk_soc = ".$socid;
$sql.= " AND c.fk_statut = 3";
$sql.= " AND c.facture = 0";
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereCustomerOrderToBill',$parameters);
$sql.=$hookmanager->resPrint;
$sql.= " GROUP BY s.nom, s.rowid, s.code_client, c.rowid, c.ref, c.facture, c.fk_statut, c.tva, c.total_ht, c.total_ttc";
$resql = $db->query($sql);
@ -764,6 +797,11 @@ if (! empty($conf->facture->enabled) && $user->rights->facture->lire)
$sql.= " AND f.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($socid) $sql.= " AND f.fk_soc = ".$socid;
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereCustomerUnpaid',$parameters);
$sql.=$hookmanager->resPrint;
$sql.= " GROUP BY f.rowid, f.facnumber, f.fk_statut, f.datef, f.type, f.total, f.tva, f.total_ttc, f.paye, f.tms, f.date_lim_reglement, s.nom, s.rowid, s.code_client";
$sql.= " ORDER BY f.datef ASC, f.facnumber ASC";
@ -887,6 +925,11 @@ if (! empty($conf->fournisseur->enabled) && $user->rights->fournisseur->facture-
$sql.= " AND ff.fk_statut = 1";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
if ($socid) $sql.= " AND ff.fk_soc = ".$socid;
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListWhereSupplierUnpaid',$parameters);
$sql.=$hookmanager->resPrint;
$sql.= " GROUP BY ff.rowid, ff.ref, ff.fk_statut, ff.libelle, ff.total_ht, ff.tva, ff.total_tva, ff.total_ttc, ff.paye,";
$sql.= " s.nom, s.rowid, s.code_client, s.code_fournisseur, ff.date_lim_reglement";
$sql.= " ORDER BY ff.date_lim_reglement ASC";

8
htdocs/core/lib/security.lib.php
View File

@ -383,12 +383,12 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
if ($feature == 'project') $feature='projet';
if ($feature == 'task') $feature='projet_task';
$check = array('adherent','banque','user','usergroup','produit','service','produit|service','categorie','resource'); // Test on entity only (Objects with no link to company)
$check = array('adherent','banque','don','user','usergroup','produit','service','produit|service','categorie','resource'); // Test on entity only (Objects with no link to company)
$checksoc = array('societe'); // Test for societe object
$checkother = array('contact','agenda'); // Test on entity and link to third party. Allowed if link is empty (Ex: contacts...).
$checkproject = array('projet','project'); // Test for project object
$checktask = array('projet_task');
$nocheck = array('barcode','stock','fournisseur','don'); // No test
$nocheck = array('barcode','stock'); // No test
$checkdefault = 'all other not already defined'; // Test on entity and link to third party. Not allowed if link is empty (Ex: invoice, orders...).
// If dbtablename not defined, we use same name for table than module name
@ -508,7 +508,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
$sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
}
}
else if (! in_array($feature,$nocheck)) // By default we check with link to third party
else if (! in_array($feature,$nocheck)) // By default (case of $checkdefault), we check on object entity + link to third party on field $dbt_keyfield
{
// If external user: Check permission for external users
if ($user->societe_id > 0)
@ -530,7 +530,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql.= " AND sc.fk_soc = dbt.".$dbt_keyfield;
$sql.= " AND dbt.".$dbt_keyfield." = s.rowid";
$sql.= " AND s.entity IN (".getEntity($sharedelement, 1).")";
$sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
$sql.= " AND sc.fk_user = ".$user->id;
}
// If multicompany and internal users with all permissions, check user is in correct entity

8
htdocs/societe/list.php
View File

@ -8,6 +8,7 @@
* Copyright (C) 2016 Josep Lluis Amador <joseplluis@lliuretic.cat>
* Copyright (C) 2016 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2017 Rui Strecht <rui.strecht@aliartalentos.com>
* Copyright (C) 2017 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -965,8 +966,8 @@ while ($i < min($num, $limit))
$companystatic->id=$obj->rowid;
$companystatic->name=$obj->name;
$companystatic->logo=$obj->logo;
$companystatic->name_alias=$obj->name_alias;
$companystatic->logo=$obj->logo;
$companystatic->canvas=$obj->canvas;
$companystatic->client=$obj->client;
$companystatic->status=$obj->status;
@ -990,6 +991,8 @@ while ($i < min($num, $limit))
}
if (! empty($arrayfields['s.nom']['checked']))
{
$savalias = $obj->name_alias;
if (! empty($arrayfields['s.name_alias']['checked'])) $companystatic->name_alias='';
print '<td class="tdoverflowmax200">';
//if (! empty($arrayfields['s.name_alias']['checked'])) // Hide alias from output
//{
@ -1002,7 +1005,8 @@ while ($i < min($num, $limit))
$companystatic->name_alias=$savalias;
//}
print "</td>\n";
if (! $i) $totalarray['nbfield']++;
$companystatic->name_alias = $savalias;
if (! $i) $totalarray['nbfield']++;
}
if (! empty($arrayfields['s.name_alias']['checked']))
{