Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur 2024-07-21 14:46:09 +02:00
commit 6d0e16c7b2
20 changed files with 757 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
.pre-commit-config.yaml
View File

@ -235,25 +235,26 @@ repos:
- id: shellcheck
args: [-W, "100"]
# Check sql file syntax
- repo: https://github.com/sqlfluff/sqlfluff
rev: 3.0.4
hooks:
- id: sqlfluff-lint
stages: [pre-commit, manual] # manual needed for ci
exclude: (?x)^
(htdocs/includes/.*
|htdocs/install/doctemplates/websites/.*_template
(dev/initdemo/mysqldump_.*\.sql
|htdocs/core/menus/init_menu_auguria\.sql
|htdocs/install/doctemplates/websites/website_template-.*\.sql
|(htdocs/install/mysql/data/(llx_20_c_departements\.sql
|llx_accounting_account_.*\.sql)
|(htdocs/install/mysql/migration/3\.[256]\.0-.*\.sql)
)
|htdocs/includes/.*
|htdocs/install/doctemplates/websites/.*_template
|htdocs/install/doctemplates/websites/website_template.*\.sql
|htdocs/install/mysql/data/llx_20_c_departements\.sql
|htdocs/install/mysql/data/llx_accounting_account_.*\.sql
|htdocs/install/mysql/migration/3\..*\.sql
|htdocs/install/mysql/migration/(1[0-5]|[456789])\.0\.0-.*\.sql
|htdocs/install/mysql/migration/3\.([0134789])\.0-.*\.sql
|htdocs/install/mysql/migration/repair\.sql
|htdocs/install/mysql/tables/llx_bookcal_availabilities-bookcal\.sql
|htdocs/install/mysql/tables/llx_categorie(_(account|actioncomm|contact|fournisseur|knowledgemanagement-knowledgemanagement|member|product|project|societe|ticket-ticket|user|warehouse|website_page-website)?\.key\.sql)
|htdocs/install/mysql/tables/llx_categorie.*\.key\.sql
|htdocs/install/mysql/tables/llx_rights_def\.key\.sql
|htdocs/install/pgsql/functions/functions(-(don|loan|mailing|opensurvey|partnership|recruitment|website))?\.sql
|htdocs/install/pgsql/functions/functions.*\.sql
|htdocs/modulebuilder/template/sql/.*\.sql
)$

3
dev/setup/pre-commit/README.md
View File

@ -25,7 +25,10 @@ the project: `pre-commit-config.yaml`.
1. Install pre-commit tool.\
If you do not have python installed, install [python](https://www.python.org) first.\
`sudo apt install python3`
If you do not have [`pip`](https://pypi.org/project/pip), install that as well.\\
`sudo apt install pip`
Then you can install pre-commit tool:
`python3 -m pip install pre-commit`

249
htdocs/admin/openid_connect.php Normal file
View File

@ -0,0 +1,249 @@
<?php
/* Copyright (C) 2023 Maximilien Rozniecki <mrozniecki@easya.solutions>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/admin/openid_connect.php
* \ingroup openid_connect
* \brief Page to setup openid_connect module
*/
// Load Dolibarr environment
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/openid_connect.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
dol_include_once('/core/lib/openid_connect.lib.php');
$langs->load("admin");
$langs->load("openidconnect");
if (!$user->admin) accessforbidden();
$action = GETPOST('action', 'alpha');
/*
* Actions
*/
$errors = [];
$error = 0;
if ($action == 'set') {
$client_id = GETPOST('MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM', $client_id, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
$client_id = GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_ID', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_CLIENT_ID', $client_id, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
$client_secret = GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET', $client_secret, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
$scopes = GETPOST('MAIN_AUTHENTICATION_OIDC_SCOPES', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_SCOPES', $scopes, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
$authorize_url = GETPOST('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL', $authorize_url, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
$value = GETPOST('MAIN_AUTHENTICATION_OIDC_TOKEN_URL', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_TOKEN_URL', $value, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
$value = GETPOST('MAIN_AUTHENTICATION_OIDC_USERINFO_URL', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_USERINFO_URL', $value, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
$logout_url = GETPOST('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL', 'alpha');
$res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_LOGOUT_URL', $logout_url, 'chaine', 0, '', 0);
if (!$res > 0) {
$errors[] = $db->lasterror();
$error++;
}
}
if ($action != '') {
if (!$error) {
setEventMessage($langs->trans("SetupSaved"));
header("Location: " . $_SERVER["PHP_SELF"]);
exit;
} else {
setEventMessages('', $errors, 'errors');
}
}
/*
* View
*/
$form = new Form($db);
llxHeader();
$linkback='<a href="'.DOL_URL_ROOT.'/admin/modules.php">'.$langs->trans("BackToModuleList").'</a>';
print load_fiche_titre($langs->trans("OpenIDconnectSetup"), $linkback, 'title_setup');
print "<br>\n";
$head = openid_connect_prepare_head();
print dol_get_fiche_head($head, 'settings', $langs->trans("Parameters"), 0, 'action');
print '<br>';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="set">';
$var=true;
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Parameters").'</td>'."\n";
print '<td align="center">&nbsp;</td>'."\n";
print '<td align="right">'.$langs->trans("Value").'</td>'."\n";
print "</tr>\n";
// MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcLoginClaimName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcLoginClaimDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input name="MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM" id="MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM') ? GETPOST('MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// MAIN_AUTHENTICATION_OIDC_CLIENT_ID
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcClientIdName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcClientIdDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input name="MAIN_AUTHENTICATION_OIDC_CLIENT_ID" id="MAIN_AUTHENTICATION_OIDC_CLIENT_ID" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_CLIENT_ID') ? GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_ID', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_CLIENT_ID) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_CLIENT_ID") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcClientSecretName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcClientSecretDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input type="password" name="MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET" id="MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET') ? GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// MAIN_AUTHENTICATION_OIDC_SCOPES
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcScopesName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcScopesDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input name="MAIN_AUTHENTICATION_OIDC_SCOPES" id="MAIN_AUTHENTICATION_OIDC_SCOPES" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_SCOPES') ? GETPOST('MAIN_AUTHENTICATION_OIDC_SCOPES', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_SCOPES) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_SCOPES") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcAuthorizeUrlName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcAuthorizeUrlDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input name="MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL" id="MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// MAIN_AUTHENTICATION_OIDC_TOKEN_URL
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcTokenUrlName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcTokenUrlDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input name="MAIN_AUTHENTICATION_OIDC_TOKEN_URL" id="MAIN_AUTHENTICATION_OIDC_TOKEN_URL" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_TOKEN_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_TOKEN_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_TOKEN_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_TOKEN_URL") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// MAIN_AUTHENTICATION_OIDC_USERINFO_URL
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcUserinfoUrlName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcUserinfoUrlDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input name="MAIN_AUTHENTICATION_OIDC_USERINFO_URL" id="MAIN_AUTHENTICATION_OIDC_USERINFO_URL" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_USERINFO_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_USERINFO_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_USERINFO_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_USERINFO_URL") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// MAIN_AUTHENTICATION_OIDC_LOGOUT_URL
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcLogoutUrlName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcLogoutUrlDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input name="MAIN_AUTHENTICATION_OIDC_LOGOUT_URL" id="MAIN_AUTHENTICATION_OIDC_LOGOUT_URL" class="minwidth300" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_LOGOUT_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_LOGOUT_URL") : ''))).'"></td></tr>';
print '</td></tr>' . "\n";
// REDIRECT_URL
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcRedirectUrlName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcRedirectUrlDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input class="minwidth300" value="'.dol_escape_htmltag(openid_connect_get_redirect_url()).'" disabled></td></tr>';
print '</td></tr>' . "\n";
// LOGOUT_URL
$var = !$var;
print '<tr ' . $bc[$var] . '>' . "\n";
print '<td>'.$langs->trans("MainAuthenticationOidcLogoutRedirectUrlName").'</td>'."\n";
print '<td>'.$langs->trans("MainAuthenticationOidcLogoutRedirectUrlDesc").'</td>'."\n";
print '<td align="right">' . "\n";
print '<input class="minwidth300" value="'.dol_escape_htmltag(getDolGlobalString('MAIN_LOGOUT_GOTO_URL', DOL_MAIN_URL_ROOT . "/index.php")).'" disabled></td></tr>';
print '</td></tr>' . "\n";
print '</table>'."\n";
print '<br>';
print '<div align="center">';
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
print '</div>';
print '</form>';
print '<br>';
print dol_get_fiche_end();
llxFooter();

74
htdocs/comm/card.php
View File

@ -42,6 +42,7 @@ require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
require_once DOL_DOCUMENT_ROOT . '/projet/class/project.class.php';
if (isModEnabled('invoice')) {
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture-rec.class.php';
@ -311,6 +312,7 @@ $contactstatic = new Contact($db);
$userstatic = new User($db);
$form = new Form($db);
$formcompany = new FormCompany($db);
$project = new Project($db);
$title = $langs->trans("ThirdParty")." - ".$langs->trans('Customer');
if (getDolGlobalString('MAIN_HTML_TITLE') && preg_match('/thirdpartynameonly/', getDolGlobalString('MAIN_HTML_TITLE')) && $object->name) {
@ -824,7 +826,7 @@ if ($object->id > 0) {
if (isModEnabled("propal") && $user->hasRight('propal', 'lire')) {
$langs->load("propal");
$sql = "SELECT s.nom, s.rowid, p.rowid as propalid, p.fk_statut, p.total_ht";
$sql = "SELECT s.nom, s.rowid, p.rowid as propalid, p.fk_projet, p.fk_statut, p.total_ht";
$sql .= ", p.total_tva";
$sql .= ", p.total_ttc";
$sql .= ", p.ref, p.ref_client, p.remise";
@ -845,7 +847,7 @@ if ($object->id > 0) {
print '<table class="noborder centpercent lastrecordtable">';
print '<tr class="liste_titre">';
print '<td colspan="4"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastPropals", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/comm/propal/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllPropals").'</span><span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '<td colspan="5"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastPropals", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/comm/propal/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllPropals").'</span><span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '<td width="20px" class="right"><a href="'.DOL_URL_ROOT.'/comm/propal/stats/index.php?socid='.$object->id.'">'.img_picto($langs->trans("Statistics"), 'stats').'</a></td>';
print '</tr></table></td>';
print '</tr>';
@ -861,6 +863,7 @@ if ($object->id > 0) {
$propal_static->ref = $objp->ref;
$propal_static->ref_client = $objp->ref_client; // deprecated
$propal_static->ref_customer = $objp->ref_client;
$propal_static->fk_project = $objp->fk_projet;
$propal_static->total_ht = $objp->total_ht;
$propal_static->total_tva = $objp->total_tva;
$propal_static->total_ttc = $objp->total_ttc;
@ -891,6 +894,11 @@ if ($object->id > 0) {
$relativepath = dol_sanitizeFileName($objp->ref).'/'.dol_sanitizeFileName($objp->ref).'.pdf';
print $formfile->showPreview($file_list, $propal_static->element, $relativepath, 0);
}
print '</td><td class="left">';
if ($propal_static->fk_project > 0) {
$project->fetch($propal_static->fk_project);
print $project->getNomUrl(1);
}
// $filename = dol_sanitizeFileName($objp->ref);
// $filedir = $conf->propal->multidir_output[$objp->entity].'/'.dol_sanitizeFileName($objp->ref);
// $urlsource = '/comm/propal/card.php?id='.$objp->cid;
@ -921,7 +929,7 @@ if ($object->id > 0) {
$param ="";
$sql = "SELECT s.nom, s.rowid";
$sql .= ", c.rowid as cid, c.entity, c.total_ht";
$sql .= ", c.rowid as cid, c.entity, c.fk_projet, c.total_ht";
$sql .= ", c.total_tva";
$sql .= ", c.total_ttc";
$sql .= ", c.ref, c.ref_client, c.fk_statut, c.facture";
@ -957,7 +965,7 @@ if ($object->id > 0) {
print '<table class="noborder centpercent lastrecordtable">';
print '<tr class="liste_titre">';
print '<td colspan="4"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastCustomerOrders", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllOrders").'</span><span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '<td colspan="5"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastCustomerOrders", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllOrders").'</span><span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '<td width="20px" class="right"><a href="'.DOL_URL_ROOT.'/commande/stats/index.php?socid='.$object->id.'">'.img_picto($langs->trans("Statistics"), 'stats').'</a></td>';
print '</tr></table></td>';
print '</tr>';
@ -970,6 +978,7 @@ if ($object->id > 0) {
$commande_static->id = $objp->cid;
$commande_static->ref = $objp->ref;
$commande_static->ref_client = $objp->ref_client;
$commande_static->fk_project = $objp->fk_projet;
$commande_static->total_ht = $objp->total_ht;
$commande_static->total_tva = $objp->total_tva;
$commande_static->total_ttc = $objp->total_ttc;
@ -1003,6 +1012,11 @@ if ($object->id > 0) {
$relativepath = dol_sanitizeFileName($objp->ref).'/'.dol_sanitizeFileName($objp->ref).'.pdf';
print $formfile->showPreview($file_list, $commande_static->element, $relativepath, 0, $param);
}
print '</td><td class="left">';
if ($commande_static->fk_project > 0) {
$project->fetch($commande_static->fk_project);
print $project->getNomUrl(1);
}
// $filename = dol_sanitizeFileName($objp->ref);
// $filedir = $conf->order->multidir_output[$objp->entity].'/'.dol_sanitizeFileName($objp->ref);
// $urlsource = '/commande/card.php?id='.$objp->cid;
@ -1030,7 +1044,7 @@ if ($object->id > 0) {
*/
if (isModEnabled("shipping") && $user->hasRight('expedition', 'lire')) {
$sql = 'SELECT e.rowid as id';
$sql .= ', e.ref, e.entity';
$sql .= ', e.ref, e.entity, e.fk_projet';
$sql .= ', e.date_creation';
$sql .= ', e.fk_statut as statut';
$sql .= ', s.nom';
@ -1056,7 +1070,7 @@ if ($object->id > 0) {
print '<table class="noborder centpercent lastrecordtable">';
print '<tr class="liste_titre">';
print '<td colspan="4"><table class="centpercent nobordernopadding"><tr><td>'.$langs->trans("LastSendings", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/expedition/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllSendings").'</span><span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '<td colspan="5"><table class="centpercent nobordernopadding"><tr><td>'.$langs->trans("LastSendings", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/expedition/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllSendings").'</span><span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
print '<td width="20px" class="right"><a href="'.DOL_URL_ROOT.'/expedition/stats/index.php?socid='.$object->id.'">'.img_picto($langs->trans("Statistics"), 'stats').'</a></td>';
print '</tr></table></td>';
print '</tr>';
@ -1068,6 +1082,7 @@ if ($object->id > 0) {
$sendingstatic->id = $objp->id;
$sendingstatic->ref = $objp->ref;
$sendingstatic->fk_project = $objp->fk_projet;
print '<tr class="oddeven">';
print '<td class="nowraponall">';
@ -1097,6 +1112,11 @@ if ($object->id > 0) {
$relativepath = dol_sanitizeFileName($objp->ref).'/'.dol_sanitizeFileName($objp->ref).'.pdf';
print $formfile->showPreview($file_list, $sendingstatic->table_element, $relativepath, 0, $param);
}
print '</td><td class="left">';
if ($sendingstatic->fk_project > 0) {
$project->fetch($sendingstatic->fk_project);
print $project->getNomUrl(1);
}
// $filename = dol_sanitizeFileName($objp->ref);
// $filedir = $conf->expedition->multidir_output[$objp->entity].'/'.dol_sanitizeFileName($objp->ref);
// $urlsource = '/expedition/card.php?id='.$objp->cid;
@ -1108,7 +1128,7 @@ if ($object->id > 0) {
print '<td class="right"><b>!!!</b></td>';
}
print '<td class="nowrap right centpercent">'.$sendingstatic->LibStatut($objp->statut, 5).'</td>';
print '<td class="nowrap right">'.$sendingstatic->LibStatut($objp->statut, 5).'</td>';
print "</tr>\n";
$i++;
}
@ -1127,7 +1147,7 @@ if ($object->id > 0) {
* Latest contracts
*/
if (isModEnabled('contract') && $user->hasRight('contrat', 'lire')) {
$sql = "SELECT s.nom, s.rowid, c.rowid as id, c.ref as ref, c.statut as contract_status, c.datec as dc, c.date_contrat as dcon, c.ref_customer as refcus, c.ref_supplier as refsup, c.entity,";
$sql = "SELECT s.nom, s.rowid, c.rowid as id, c.ref as ref, c.fk_projet, c.statut as contract_status, c.datec as dc, c.date_contrat as dcon, c.ref_customer as refcus, c.ref_supplier as refsup, c.entity,";
$sql .= " c.last_main_doc, c.model_pdf";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c";
$sql .= " WHERE c.fk_soc = s.rowid ";
@ -1145,7 +1165,7 @@ if ($object->id > 0) {
print '<table class="noborder centpercent lastrecordtable">';
print '<tr class="liste_titre">';
print '<td colspan="5"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastContracts", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td>';
print '<td colspan="6"><table width="100%" class="nobordernopadding"><tr><td>'.$langs->trans("LastContracts", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td>';
print '<td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/contrat/list.php?socid='.$object->id.'">'.$langs->trans("AllContracts").'<span class="badge marginleftonlyshort">'.$num.'</span></a></td>';
//print '<td width="20px" class="right"><a href="'.DOL_URL_ROOT.'/contract/stats/index.php?socid='.$object->id.'">'.img_picto($langs->trans("Statistics"),'stats').'</a></td>';
print '</tr></table></td>';
@ -1160,6 +1180,7 @@ if ($object->id > 0) {
$contrat->ref = $objp->ref ? $objp->ref : $objp->id;
$contrat->ref_customer = $objp->refcus;
$contrat->ref_supplier = $objp->refsup;
$contrat->fk_project = $objp->fk_projet;
$contrat->statut = $objp->contract_status;
$contrat->last_main_doc = $objp->last_main_doc;
$contrat->model_pdf = $objp->model_pdf;
@ -1204,6 +1225,11 @@ if ($object->id > 0) {
print $formfile->showPreview($file_list, $contrat->element, $relativepath, 0);
}
}
print '</td><td class="left">';
if ($contrat->fk_project > 0) {
$project->fetch($contrat->fk_project);
print $project->getNomUrl(1);
}
// $filename = dol_sanitizeFileName($objp->ref);
// $filedir = $conf->contrat->multidir_output[$objp->entity].'/'.dol_sanitizeFileName($objp->ref);
// $urlsource = '/contrat/card.php?id='.$objp->cid;
@ -1237,7 +1263,7 @@ if ($object->id > 0) {
* Latest interventions
*/
if (isModEnabled('intervention') && $user->hasRight('ficheinter', 'lire')) {
$sql = "SELECT s.nom, s.rowid, f.rowid as id, f.ref, f.fk_statut, f.duree as duration, f.datei as startdate, f.entity";
$sql = "SELECT s.nom, s.rowid, f.rowid as id, f.ref, f.fk_projet, f.fk_statut, f.duree as duration, f.datei as startdate, f.entity";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as f";
$sql .= " WHERE f.fk_soc = s.rowid";
$sql .= " AND s.rowid = ".((int) $object->id);
@ -1254,7 +1280,7 @@ if ($object->id > 0) {
print '<table class="noborder centpercent lastrecordtable">';
print '<tr class="liste_titre">';
print '<td colspan="3"><table class="centpercent nobordernopadding"><tr><td>'.$langs->trans("LastInterventions", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/fichinter/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllInterventions").'</span><span class="badge marginleftonlyshort">'.$num.'</span></td>';
print '<td colspan="4"><table class="centpercent nobordernopadding"><tr><td>'.$langs->trans("LastInterventions", ($num <= $MAXLIST ? "" : $MAXLIST)).'</td><td class="right"><a class="notasortlink" href="'.DOL_URL_ROOT.'/fichinter/list.php?socid='.$object->id.'"><span class="hideonsmartphone">'.$langs->trans("AllInterventions").'</span><span class="badge marginleftonlyshort">'.$num.'</span></td>';
print '<td width="20px" class="right"><a href="'.DOL_URL_ROOT.'/fichinter/stats/index.php?socid='.$object->id.'">'.img_picto($langs->trans("Statistics"), 'stats').'</a></td>';
print '</tr></table></td>';
print '</tr>';
@ -1267,6 +1293,7 @@ if ($object->id > 0) {
$fichinter_static->id = $objp->id;
$fichinter_static->ref = $objp->ref;
$fichinter_static->statut = $objp->fk_statut;
$fichinter_static->fk_project = $objp->fk_projet;
print '<tr class="oddeven">';
print '<td class="nowraponall">';
@ -1296,6 +1323,11 @@ if ($object->id > 0) {
$relativepath = dol_sanitizeFileName($objp->ref).'/'.dol_sanitizeFileName($objp->ref).'.pdf';
print $formfile->showPreview($file_list, $fichinter_static->element, $relativepath, 0);
}
print '</td><td class="left">';
if ($fichinter_static->fk_project > 0) {
$project->fetch($fichinter_static->fk_project);
print $project->getNomUrl(1);
}
// $filename = dol_sanitizeFileName($objp->ref);
// $filedir = getMultidirOutput($fichinter_static).'/'.dol_sanitizeFileName($objp->ref);
// $urlsource = '/fichinter/card.php?id='.$objp->cid;
@ -1323,7 +1355,7 @@ if ($object->id > 0) {
* Latest invoices templates
*/
if (isModEnabled('invoice') && $user->hasRight('facture', 'lire')) {
$sql = 'SELECT f.rowid as id, f.titre as ref';
$sql = 'SELECT f.rowid as id, f.titre as ref, f.fk_projet';
$sql .= ', f.total_ht';
$sql .= ', f.total_tva';
$sql .= ', f.total_ttc';
@ -1351,7 +1383,7 @@ if ($object->id > 0) {
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent lastrecordtable">';
print '<tr class="liste_titre">';
$colspan = 4;
$colspan = 5;
if (getDolGlobalString('MAIN_SHOW_PRICE_WITH_TAX_IN_SUMMARIES')) {
$colspan++;
}
@ -1369,6 +1401,7 @@ if ($object->id > 0) {
$invoicetemplate->id = $objp->id;
$invoicetemplate->ref = $objp->ref;
$invoicetemplate->fk_project = $objp->fk_projet;
$invoicetemplate->suspended = $objp->suspended;
$invoicetemplate->frequency = $objp->frequency;
$invoicetemplate->unit_frequency = $objp->unit_frequency;
@ -1381,6 +1414,11 @@ if ($object->id > 0) {
print '<tr class="oddeven">';
print '<td class="tdoverflowmax250">';
print $invoicetemplate->getNomUrl(1);
print '</td><td class="left">';
if ($invoicetemplate->fk_project > 0) {
$project->fetch($invoicetemplate->fk_project);
print $project->getNomUrl(1);
}
print '</td>';
if ($objp->frequency && $objp->date_last_gen > 0) {
@ -1424,7 +1462,7 @@ if ($object->id > 0) {
* Latest invoices
*/
if (isModEnabled('invoice') && $user->hasRight('facture', 'lire')) {
$sql = 'SELECT f.rowid as facid, f.ref, f.type, f.ref_client';
$sql = 'SELECT f.rowid as facid, f.ref, f.type, f.ref_client, f.fk_projet';
$sql .= ', f.total_ht';
$sql .= ', f.total_tva';
$sql .= ', f.total_ttc';
@ -1450,7 +1488,7 @@ if ($object->id > 0) {
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent lastrecordtable">';
print '<tr class="liste_titre">';
$colspan = 5;
$colspan = 6;
if (getDolGlobalString('MAIN_SHOW_PRICE_WITH_TAX_IN_SUMMARIES')) {
$colspan++;
}
@ -1472,6 +1510,7 @@ if ($object->id > 0) {
$facturestatic->id = $objp->facid;
$facturestatic->ref = $objp->ref;
$facturestatic->ref_client = $objp->ref_client;
$facturestatic->fk_project = $objp->fk_projet;
$facturestatic->type = $objp->type;
$facturestatic->total_ht = $objp->total_ht;
$facturestatic->total_tva = $objp->total_tva;
@ -1512,6 +1551,11 @@ if ($object->id > 0) {
$relativepath = dol_sanitizeFileName($objp->ref).'/'.dol_sanitizeFileName($objp->ref).'.pdf';
print $formfile->showPreview($file_list, $facturestatic->element, $relativepath, 0);
}
print '</td><td class="left">';
if ($facturestatic->fk_project > 0) {
$project->fetch($facturestatic->fk_project);
print $project->getNomUrl(1);
}
// $filename = dol_sanitizeFileName($objp->ref);
// $filedir = $conf->facture->multidir_output[$objp->entity].'/'.dol_sanitizeFileName($objp->ref);
// $urlsource = '/compta/facture/card.php?id='.$objp->cid;

8
htdocs/compta/prelevement/class/bonprelevement.class.php
View File

@ -2211,13 +2211,13 @@ class BonPrelevement extends CommonObject
$XML_DEBITOR .= ' <AmdmntInd>false</AmdmntInd>' . $CrLf;
$XML_DEBITOR .= ' </MndtRltdInf>' . $CrLf;
$XML_DEBITOR .= ' </DrctDbtTx>' . $CrLf;
$XML_DEBITOR .= ' <DbtrAgt>' . $CrLf;
$XML_DEBITOR .= ' <FinInstnId>' . $CrLf;
if (getDolGlobalInt('WITHDRAWAL_WITHOUT_BIC')==0) {
$XML_DEBITOR .= ' <DbtrAgt>' . $CrLf;
$XML_DEBITOR .= ' <FinInstnId>' . $CrLf;
$XML_DEBITOR .= ' <BIC>' . $row_bic . '</BIC>' . $CrLf;
$XML_DEBITOR .= ' </FinInstnId>' . $CrLf;
$XML_DEBITOR .= ' </DbtrAgt>' . $CrLf;
}
$XML_DEBITOR .= ' </FinInstnId>' . $CrLf;
$XML_DEBITOR .= ' </DbtrAgt>' . $CrLf;
$XML_DEBITOR .= ' <Dbtr>' . $CrLf;
$XML_DEBITOR .= ' <Nm>' . dolEscapeXML(strtoupper(dol_string_nospecial(dol_string_unaccent($row_nom), ' '))) . '</Nm>' . $CrLf;
$XML_DEBITOR .= ' <PstlAdr>' . $CrLf;

9
htdocs/core/boxes/box_factures_imp.php
View File

@ -139,10 +139,9 @@ class box_factures_imp extends ModeleBoxes
while ($line < min($num, $this->max)) {
$objp = $this->db->fetch_object($result);
$datelimite = $this->db->jdate($objp->datelimite);
$date = $this->db->jdate($objp->date);
$datem = $this->db->jdate($objp->tms);
$datelimit = $this->db->jdate(datelimite);
$datelimit = $this->db->jdate($objp->datelimite);
$facturestatic->id = $objp->facid;
$facturestatic->ref = $objp->ref;
@ -182,7 +181,7 @@ class box_factures_imp extends ModeleBoxes
$late = '';
if ($facturestatic->hasDelay()) {
// @phan-suppress-next-line PhanPluginPrintfVariableFormatString
$late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel')));
$late = img_warning(sprintf($l_due_date, dol_print_date($datelimit, 'day', 'tzuserrel')));
}
$this->info_box_contents[$line][] = array(
@ -204,8 +203,8 @@ class box_factures_imp extends ModeleBoxes
);
$this->info_box_contents[$line][] = array(
'td' => 'class="center nowraponall" title="'.dol_escape_htmltag($langs->trans("DateDue").': '.dol_print_date($datelimite, 'day', 'tzuserrel')).'"',
'text' => dol_print_date($datelimite, 'day', 'tzuserrel'),
'td' => 'class="center nowraponall" title="'.dol_escape_htmltag($langs->trans("DateDue").': '.dol_print_date($datelimit, 'day', 'tzuserrel')).'"',
'text' => dol_print_date($datelimit, 'day', 'tzuserrel'),
);
$this->info_box_contents[$line][] = array(

76
htdocs/core/lib/openid_connect.lib.php Normal file
View File

@ -0,0 +1,76 @@
<?php
/* Copyright (C) 2017 Open-DSI <support@open-dsi.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/admin/openid_connect.php
* \ingroup openid_connect
* \brief Functions for the module openid_connect
*/
/**
* Prepare array with list of tabs
*
* @return array Array of tabs to show
*/
function openid_connect_prepare_head()
{
global $langs, $conf, $user;
$h = 0;
$head = array();
$head[$h][0] = dol_buildpath("/admin/openid_connect.php", 1);
$head[$h][1] = $langs->trans("Parameters");
$head[$h][2] = 'settings';
$h++;
complete_head_from_modules($conf, $langs, null, $head, $h, 'openid_connect_admin');
return $head;
}
/**
* return the current state
*
* @return string String containing the state
*/
function openid_connect_get_state()
{
return hash('sha256', session_id());
}
/**
* return the redirect url
*
* @return string Redirect url
*/
function openid_connect_get_redirect_url()
{
return DOL_MAIN_URL_ROOT . '/core/modules/openid_connect/callback.php';
}
/**
* Return authentication url
*
* @return string Authentication url
*/
function openid_connect_get_url()
{
return getDolGlobalString('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL') . '?client_id=' . getDolGlobalString('MAIN_AUTHENTICATION_OIDC_CLIENT_ID') . '&redirect_uri=' . openid_connect_get_redirect_url() . '&scope=' . getDolGlobalString('MAIN_AUTHENTICATION_OIDC_SCOPES') . '&response_type=code&state=' . openid_connect_get_state();
}

11
htdocs/core/login/functions_openid_connect.php
View File

@ -27,6 +27,7 @@
*/
include_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php';
include_once DOL_DOCUMENT_ROOT.'/core/lib/openid_connect.lib.php';
/**
* Check validity of user/password/entity
@ -41,6 +42,12 @@ function check_user_password_openid_connect($usertotest, $passwordtotest, $entit
{
global $db;
if (getDolGlobalInt('MAIN_MODULE_OPENIDCONNECT', 0) <= 0) {
$_SESSION["dol_loginmesg"] = "OpenID Connect is disabled";
dol_syslog("functions_openid_connect::check_user_password_openid_connect Module disabled");
return false;
}
// Force master entity in transversal mode
$entity = $entitytotest;
if (isModEnabled('multicompany') && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE')) {
@ -72,7 +79,7 @@ function check_user_password_openid_connect($usertotest, $passwordtotest, $entit
$state = GETPOST('state', 'aZ09');
dol_syslog('functions_openid_connect::check_user_password_openid_connect code='.$auth_code.' state='.$state);
if ($state !== hash('sha256', session_id())) {
if ($state !== openid_connect_get_state()) {
// State does not match
$_SESSION["dol_loginmesg"] = "Error in OAuth 2.0 flow (state does not match)";
dol_syslog("functions_openid_connect::check_user_password_openid_connect::state does not match", LOG_ERR);
@ -85,7 +92,7 @@ function check_user_password_openid_connect($usertotest, $passwordtotest, $entit
'client_id' => getDolGlobalString('MAIN_AUTHENTICATION_OIDC_CLIENT_ID'),
'client_secret' => getDolGlobalString('MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET'),
'code' => $auth_code,
'redirect_uri' => getDolGlobalString('MAIN_AUTHENTICATION_OIDC_REDIRECT_URL')
'redirect_uri' => openid_connect_get_redirect_url()
];
$token_response = getURLContent(getDolGlobalString('MAIN_AUTHENTICATION_OIDC_TOKEN_URL'), 'POST', http_build_query($auth_param), 1, array(), array('https'), 2);

113
htdocs/core/modules/modOpenIDConnect.class.php Normal file
View File

@ -0,0 +1,113 @@
<?php
/* Copyright (C) 2014-2015 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2015 Frederic France <frederic.france@free.fr>
* Copyright (C) 2023 Maximilien Rozniecki <mrozniecki@easya.solutions>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/** \defgroup openid_connect Module OpenID Connect
* \brief Module for activation of OpenID Connect authentication method
*/
/**
* \file htdocs/core/modules/modOpenIDConnect.class.php
* \ingroup openid_connect
* \brief Description and activation file for the module OpenID Connect
*/
include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php';
/**
* Class to describe and activate module OpenID Connect
*/
class modOpenIDConnect extends DolibarrModules
{
/**
* Constructor
*
* @param DoliDB $db Database handler
*/
public function __construct($db)
{
$this->db = $db;
$this->numero = 69000; // ToDo
// Family can be 'crm','financial','hr','projects','products','ecm','technic','other'
// It is used to group modules in module setup page
$this->family = "interface";
$this->module_position = '32';
// Module label (no space allowed), used if translation string 'ModuleXXXName' not found (where XXX is value of numeric property 'numero' of module)
$this->name = preg_replace('/^mod/i', '', get_class($this));
// Module description, used if translation string 'ModuleXXXDesc' not found (where XXX is value of numeric property 'numero' of module)
$this->description = "Enable OpenID Connect authentication";
// Possible values for version are: 'development', 'experimental', 'dolibarr' or 'dolibarr_deprecated' or version
$this->version = 'dolibarr';
$this->const_name = 'MAIN_MODULE_'.strtoupper($this->name);
// Name of image file used for this module.
// If file is in theme/yourtheme/img directory under name object_pictovalue.png, use this->picto='pictovalue'
// If file is in module/img directory under name object_pictovalue.png, use this->picto='pictovalue@module'
$this->picto = 'technic';
// Data directories to create when module is enabled.
$this->dirs = array();
// Config pages
$this->config_page_url = array("openid_connect.php");
// Dependencies
$this->hidden = false; // A condition to hide module
$this->depends = array(); // List of module class names as string that must be enabled if this module is enabled
$this->requiredby = array(); // List of module ids to disable if this one is disabled
$this->conflictwith = array(); // List of module class names as string this module is in conflict with
$this->phpmin = array(7, 0); // Minimum version of PHP required by module // Minimum version of PHP required by module
$this->need_dolibarr_version = array(3, 7, -2); // Minimum version of Dolibarr required by module
$this->conflictwith = array();
$this->langfiles = array("openid_connect");
// Constants
$this->const = array();
// Boxes
$this->boxes = array();
// Permissions
$this->rights = array();
$this->rights_class = 'openid_connect';
// List of menus to add
$this->menu = array();
}
/**
* Function called when module is enabled.
* The init function add constants, boxes, permissions and menus (defined in constructor) into Dolibarr database.
* It also creates data directories
*
* @param string $options Options when enabling module ('', 'noboxes')
* @return int 1 if OK, 0 if KO
*/
public function init($options = '')
{
global $conf;
// Clean before activation
$this->remove($options);
$sql = array();
return $this->_init($sql, $options);
}
}

72
htdocs/core/modules/openid_connect/callback.php Normal file
View File

@ -0,0 +1,72 @@
top_htmlhead <?php
/* Copyright (C) 2023 Maximilien Rozniecki <mrozniecki@easya.solutions>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/core/modules/openid_connect/public/callback.php
* \ingroup openid_connect
* \brief OpenID Connect: Authorization Code flow authentication
*/
define('NOLOGIN', '1');
if (!defined('NOTOKENRENEWAL')) {
define('NOTOKENRENEWAL', '1');
}
require '../../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php';
// Javascript code on logon page only to detect user tz, dst_observed, dst_first, dst_second
$arrayofjs = array(
'/includes/jstz/jstz.min.js'.(empty($conf->dol_use_jmobile) ? '' : '?version='.urlencode(DOL_VERSION)),
'/core/js/dst.js'.(empty($conf->dol_use_jmobile) ? '' : '?version='.urlencode(DOL_VERSION))
);
top_htmlhead('', '', 0, 0, $arrayofjs);
$prefix = dol_getprefix('');
$rollback_url = $_COOKIE["DOL_rollback_url_$prefix"];
if (empty($rollback_url) || $rollback_url === '/') {
$action = $dolibarr_main_url_root . '/index.php?mainmenu=home&leftmenu=';
} else {
$action = $rollback_url;
setcookie('DOL_rollback_url_' . dol_getprefix(''), "", time() + 1, '/');
}
?>
<form id="login" name="login" method="post" action="<?php echo $action; ?>">
<!-- Add fields to send OpenID information -->
<input type="hidden" name="openid_mode" value="true" />
<input type="hidden" name="state" value="<?php echo GETPOST('state'); ?>" />
<input type="hidden" name="session_state" value="<?php echo GETPOST('session_state'); ?>" />
<input type="hidden" name="code" value="<?php echo GETPOST('code'); ?>" />
<input type="hidden" name="token" value="<?php echo newToken(); ?>" />
<!-- Add fields to send local user information -->
<input type="hidden" name="tz" id="tz" value="" />
<input type="hidden" name="tz_string" id="tz_string" value="" />
<input type="hidden" name="dst_observed" id="dst_observed" value="" />
<input type="hidden" name="dst_first" id="dst_first" value="" />
<input type="hidden" name="dst_second" id="dst_second" value="" />
<input type="hidden" name="screenwidth" id="screenwidth" value="" />
<input type="hidden" name="screenheight" id="screenheight" value="" />
</form>
<script type="text/javascript">
$(document).ready(function () {
document.forms['login'].submit();
});
</script>

42
htdocs/core/modules/societe/mod_codeclient_elephant.php
View File

@ -5,7 +5,8 @@
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2013-2018 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2020-2024 Frédéric France <frederic.france@free.fr>
* Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
* Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
* Copyright (C) 2024 Eric Seigne <eric.seigne@cap-rel.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -93,6 +94,8 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode
$texte .= '<input type="hidden" name="action" value="setModuleOptions">';
$texte .= '<input type="hidden" name="param1" value="COMPANY_ELEPHANT_MASK_CUSTOMER">';
$texte .= '<input type="hidden" name="param2" value="COMPANY_ELEPHANT_MASK_SUPPLIER">';
$texte .= '<input type="hidden" name="param3" value="COMPANY_ELEPHANT_DATE_START">';
$texte .= '<input type="hidden" name="param4" value="COMPANY_ELEPHANT_DATE_START_ENABLE">';
$texte .= '<table class="nobordernopadding" width="100%">';
$tooltip = $langs->trans("GenericMaskCodes", $langs->transnoentities("ThirdParty"), $langs->transnoentities("ThirdParty"));
@ -103,7 +106,7 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode
// Parametrage du prefix customers
$texte .= '<tr><td>'.$langs->trans("Mask").' ('.$langs->trans("CustomerCodeModel").'):</td>';
$texte .= '<td class="right">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="value1" value="'.getDolGlobalString('COMPANY_ELEPHANT_MASK_CUSTOMER').'"'.$disabled.'>', $tooltip, 1, 1).'</td>';
$texte .= '<td class="right nowraponall">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="value1" value="'.getDolGlobalString('COMPANY_ELEPHANT_MASK_CUSTOMER').'"'.$disabled.'>', $tooltip, 1, 1).'</td>';
$texte .= '<td class="left" rowspan="2">&nbsp; <input type="submit" class="button button-edit reposition smallpaddingimp" name="modify" value="'.$langs->trans("Modify").'"'.$disabled.'></td>';
@ -111,7 +114,35 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode
// Parametrage du prefix suppliers
$texte .= '<tr><td>'.$langs->trans("Mask").' ('.$langs->trans("SupplierCodeModel").'):</td>';
$texte .= '<td class="right">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="value2" value="'.getDolGlobalString('COMPANY_ELEPHANT_MASK_SUPPLIER').'"'.$disabled.'>', $tooltip, 1, 1).'</td>';
$texte .= '<td class="right nowraponall">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="value2" value="'.getDolGlobalString('COMPANY_ELEPHANT_MASK_SUPPLIER').'"'.$disabled.'>', $tooltip, 1, 1).'</td>';
$texte .= '</tr>';
// Date of switch to that numbering model
$datedb = getDolGlobalString('COMPANY_ELEPHANT_DATE_START');
// After save, default dolibarr store data like displayed : 20/05/2024 and we need a timestamp -> override data
if (!empty($datedb)) {
if (!is_numeric($datedb) && GETPOSTISSET('value3')) {
if (GETPOST('value4') == 1) {
$dateinput = GETPOSTDATE('value3');
$res = dolibarr_set_const($this->db, 'COMPANY_ELEPHANT_DATE_START', $dateinput, 'chaine', 0, '', $conf->entity);
} else {
$res = dolibarr_set_const($this->db, 'COMPANY_ELEPHANT_DATE_START', '', 'chaine', 0, '', $conf->entity);
}
} else {
$dateinput = $datedb;
}
}
if (empty($dateinput)) {
$dateinput = dol_now();
}
$texte .= '<tr><td>';
$texte .= $form->textwithpicto($langs->trans("DateStartThatModel"), $langs->trans("DateStartThatModelHelp")).'</td>';
$texte .= '<td class="nowraponall right">';
$texte .= '<input type="checkbox" onclick="let d=document.getElementById(\'elephantchoosedate\'); if(this.checked){d.style.cssText = \'display: block;\'}else{{d.style.cssText = \'display: none;\'}}" name="value4" value="1" style="float: left;"/>';
$texte .= '<div style="display: none;" id="elephantchoosedate">';
$texte .= $form->selectDate($dateinput, 'value3', 0, 0, 1, '', 1, 1, $disabled ? 1 : 0);
$texte .= '</div>';
$texte .= '</td>';
$texte .= '</tr>';
$texte .= '</table>';
@ -271,6 +302,9 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode
$result = 0;
$code = strtoupper(trim($code));
if (getDolGlobalString('COMPANY_ELEPHANT_DATE_START_ENABLE') && $soc->date_creation < getDolGlobalString('COMPANY_ELEPHANT_DATE_START')) {
return -5;
}
if (empty($code) && $this->code_null && !getDolGlobalString('MAIN_COMPANY_CODE_ALWAYS_REQUIRED')) {
$result = 0;
} elseif (empty($code) && (!$this->code_null || getDolGlobalString('MAIN_COMPANY_CODE_ALWAYS_REQUIRED'))) {
@ -325,7 +359,7 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode
$sql .= " WHERE code_client = '".$db->escape($code)."'";
}
if ($soc->id > 0) {
$sql .= " AND rowid <> ".$soc->id;
$sql .= " AND rowid <> ".((int) $soc->id);
}
$sql .= " AND entity IN (".getEntity('societe').")";

69
htdocs/core/tpl/login.tpl.php
View File

@ -103,6 +103,29 @@ if (getDolGlobalString('MAIN_OPTIMIZEFORTEXTBROWSER')) {
$disablenofollow = 0;
}
// If OpenID Connect is set as an authentication
if (getDolGlobalInt('MAIN_MODULE_OPENIDCONNECT', 0) > 0 && isset($conf->file->main_authentication) && preg_match('/openid_connect/', $conf->file->main_authentication)) {
// Set a cookie to transfer rollback page information
$prefix = dol_getprefix('');
if (empty($_COOKIE["DOL_rollback_url_$prefix"])) {
setcookie('DOL_rollback_url_' . $prefix, $_SERVER['REQUEST_URI'], time() + 3600, '/');
}
// Auto redirect if OpenID Connect is the only authentication
if ($conf->file->main_authentication === 'openid_connect') {
// Avoid redirection hell
if (empty(GETPOST('openid_mode'))) {
dol_include_once('/core/lib/openid_connect.lib.php');
header("Location: " . openid_connect_get_url(), true, 302);
} elseif (!empty($_SESSION['dol_loginmesg'])) {
// Show login error without the login form
print '<div class="center login_main_message"><div class="error">' . dol_escape_htmltag($_SESSION['dol_loginmesg']) . '</div></div>';
}
// We shouldn't continue executing this page
exit();
}
}
top_htmlhead('', $titleofloginpage, 0, 0, $arrayofjs, array(), 1, $disablenofollow);
@ -335,15 +358,19 @@ if ($forgetpasslink || $helpcenterlink) {
echo '</div>';
}
if (isset($conf->file->main_authentication) && preg_match('/openid/', $conf->file->main_authentication)) {
if (getDolGlobalInt('MAIN_MODULE_OPENIDCONNECT', 0) > 0 && isset($conf->file->main_authentication) && preg_match('/openid/', $conf->file->main_authentication)) {
dol_include_once('/core/lib/openid_connect.lib.php');
$langs->load("users");
//if (!empty($conf->global->MAIN_OPENIDURL_PERUSER)) $url=
print '<div class="center" style="margin-top: 20px; margin-bottom: 10px">';
print '<div class="loginbuttonexternal">';
$state = hash('sha256', session_id());
$url = getDolGlobalString('MAIN_AUTHENTICATION_OPENID_URL').'&state='.$state;
if (!getDolGlobalString("MAIN_AUTHENTICATION_OPENID_URL")) {
$url = openid_connect_get_url();
} else {
$url = getDolGlobalString('MAIN_AUTHENTICATION_OPENID_URL').'&state=' . openid_connect_get_state();
}
if (!empty($url)) {
print '<a class="alogin" href="'.$url.'">'.$langs->trans("LoginUsingOpenID").'</a>';
} else {
@ -400,20 +427,34 @@ if (isset($conf->file->main_authentication) && preg_match('/google/', $conf->fil
<?php
// Show error message if defined
if (!empty($_SESSION['dol_loginmesg'])) {
?>
<div class="center login_main_message">
<?php
$message = $_SESSION['dol_loginmesg']; // By default this is an error message
if (preg_match('/<!-- warning -->/', $message)) { // if it contains this comment, this is a warning message
$message = str_replace('<!-- warning -->', '', $message);
print '<div class="warning" role="alert">';
if (!empty($conf->use_javascript_ajax)) {
if (preg_match('/<!-- warning -->/', $message)) { // if it contains this comment, this is a warning message
$message = str_replace('<!-- warning -->', '', $message);
dol_htmloutput_mesg($message, array(), 'warning');
} else {
dol_htmloutput_mesg($message, array(), 'error');
}
print '<script>
$(document).ready(function() {
$(".jnotify-container").addClass("jnotify-container-login");
});
</script>';
} else {
print '<div class="error" role="alert">';
?>
<div class="center login_main_message">
<?php
if (preg_match('/<!-- warning -->/', $message)) { // if it contains this comment, this is a warning message
$message = str_replace('<!-- warning -->', '', $message);
print '<div class="warning" role="alert">';
} else {
print '<div class="error" role="alert">';
}
print dol_escape_htmltag($message);
print '</div>'; ?>
</div>
<?php
}
print dol_escape_htmltag($message);
print '</div>'; ?>
</div>
<?php
}
// Add commit strip

42
htdocs/includes/jquery/plugins/jnotify/jquery.jnotify-alt.min.css vendored
View File

@ -1,10 +1,10 @@
.jnotify-container {
position: fixed;
top: 0;
right: 0;
width: 70%;
position: fixed;
top: 0;
right: 0;
width: 70%;
z-index: 100000;
/* set maximum number of notes to show */
max-height: 270px;
overflow-x: hidden;
@ -12,23 +12,23 @@
}
.jnotify-container .jnotify-notification {
position: relative;
position: relative;
margin-top: 4px;
margin-bottom: 10px;
margin-right: 4px;
}
.jnotify-container .jnotify-notification .jnotify-background {
position: absolute;
top: 0;
left: 0;
width: 100%;
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-color: #e3f0db;
filter: alpha(opacity=90);
-moz-opacity: 0.90;
opacity: 0.90;
z-index: 1;
background-color: #e3f0db;
filter: alpha(opacity=90);
-moz-opacity: 0.90;
opacity: 0.90;
z-index: 1;
/* round the corners */
-moz-border-radius: 10px;
@ -54,13 +54,13 @@
}
.jnotify-container .jnotify-notification .jnotify-message {
position: relative;
z-index: 2;
position: relative;
z-index: 2;
padding: 20px;
text-align: left;
color: #446548;
color: #446548;
font: bold 1.2em verdana, arial, helvetica;
line-height: 1.2em;
line-height: 1.2em;
}
.jnotify-container .jnotify-notification .jnotify-message * {
@ -69,7 +69,7 @@
/* notification type == "error" */
.jnotify-container .jnotify-notification-error .jnotify-background {
background-color: #d79eac !important;
background-color: #d79eac !important;
}
.jnotify-container .jnotify-notification-error .jnotify-close,
@ -79,7 +79,7 @@
/* notification type == "warning" */
.jnotify-container .jnotify-notification-warning .jnotify-background {
background-color: #fff7d1 !important;
background-color: #fff7d1 !important;
}
.jnotify-container .jnotify-notification-warning .jnotify-close,

23
htdocs/langs/en_US/admin.lang
View File

@ -372,6 +372,8 @@ GenericMaskCodes4b=<u>Example on third party created on 2023-01-31:</u><br>
GenericMaskCodes4c=<u>Example on product created on 2023-01-31:</u><br>
GenericMaskCodes5=<b>ABC{yy}{mm}-{000000}</b> will give <b>ABC2301-000099</b><br><b>{0000+100@1}-ZZZ/{dd}/XXX</b> will give <b>0199-ZZZ/31/XXX</b><br><b>IN{yy}{mm}-{0000}-{t}</b> will give <b>IN2301-0099-A</b> if the type of company is 'Responsable Inscripto' with code for type that is 'A_RI'
GenericNumRefModelDesc=Returns a customizable number according to a defined mask.
DateStartThatModel=Disable use of this numbering rule for all thirdparties created before
DateStartThatModelHelp=You can disable elephant numbering rule for thirdparties created before a date (imported by a migration from another software using a different rule for example). Let that field empty to have the rule applied on all thirdparties.
ServerAvailableOnIPOrPort=Server is available at address <b>%s</b> on port <b>%s</b>
ServerNotAvailableOnIPOrPort=Server is not available at address <b>%s</b> on port <b>%s</b>
DoTestServerAvailability=Test server connectivity
@ -2511,5 +2513,26 @@ SendToUrl=Send to Url
WebsiteTemplateWasCopied=The website template(s) "%s" provided by this module has been saved into the directory of website templates (/doctemplates/websites) and is ready to be imported as a new web site.
EnabledByDefaultAtInstall=Enabled by default at install
VulnerableToRCEAttack=You are vulnerable to RCE attacks by using the custom dol_json_decode function
OpenIDconnectSetup=Configuration of the OpenID Connect module
MainAuthenticationOidcClientIdName=Client ID
MainAuthenticationOidcClientIdDesc=OpenID Connect Client ID
MainAuthenticationOidcClientSecretName=Client secret
MainAuthenticationOidcClientSecretDesc=OpenID Connect Client Secret
MainAuthenticationOidcScopesName=Scopes
MainAuthenticationOidcScopesDesc=OpenID scopes to allow access to user information
MainAuthenticationOidcAuthorizeUrlName=Authorize URL
MainAuthenticationOidcAuthorizeUrlDesc=(example: https://example.com/oauth2/authorize)
MainAuthenticationOidcTokenUrlName=Token URL
MainAuthenticationOidcTokenUrlDesc=(example: https://example.com/oauth2/token)
MainAuthenticationOidcUserinfoUrlName=User info URL
MainAuthenticationOidcUserinfoUrlDesc=(example: https://example.com/oauth2/userinfo)
MainAuthenticationOidcLogoutUrlName=Logout URL
MainAuthenticationOidcLogoutUrlDesc=(example: https://example.com/oauth2/logout)
MainAuthenticationOidcRedirectUrlName=Redirect URL
MainAuthenticationOidcRedirectUrlDesc=Redirect URL to authorize on the OpenID provider side
MainAuthenticationOidcLogoutRedirectUrlName=Dolibarr logout URL
MainAuthenticationOidcLogoutRedirectUrlDesc=Dolibarr logout URL to authorize on the OpenID provider side
MainAuthenticationOidcLoginClaimName=Login claim
MainAuthenticationOidcLoginClaimDesc=OpenID Connect claim matching the Dolibarr user login. If not set or empty, defaults to email
BlackListWords=Black list of words
AddBlackList=Add to black list

2
htdocs/main.inc.php
View File

@ -887,7 +887,7 @@ if (!defined('NOLOGIN')) {
if (GETPOST("username", "alpha", $allowedmethodtopostusername)) { // For posting the login form
$goontestloop = true;
}
if (GETPOST('openid_mode', 'alpha', 1)) { // For openid_connect ?
if (GETPOST('openid_mode', 'alpha')) { // For openid_connect ?
$goontestloop = true;
}
if (GETPOST('beforeoauthloginredirect') || GETPOST('afteroauthloginreturn')) { // For oauth login

6
htdocs/theme/eldy/global.inc.php
View File

@ -6488,6 +6488,7 @@ div#ecm-layout-center {
max-width: 1024px;
padding-left: 10px !important;
padding-right: 10px !important;
padding-top: 10px !important;
word-wrap: break-word;
}
.jnotify-container .jnotify-notification .jnotify-message {
@ -6502,10 +6503,11 @@ div#ecm-layout-center {
/* use or not ? */
div.jnotify-background {
opacity : 0.95 !important;
-webkit-box-shadow: 2px 2px 4px #888 !important;
box-shadow: 2px 2px 4px #888 !important;
-webkit-box-shadow: 2px 2px 4px #8888 !important;
box-shadow: 2px 2px 4px #8888 !important;
}
/* ============================================================================== */
/* blockUI */
/* ============================================================================== */

6
htdocs/theme/md/style.css.php
View File

@ -6465,6 +6465,7 @@ div#ecm-layout-center {
max-width: 1024px;
padding-left: 10px !important;
padding-right: 10px !important;
padding-top: 10px !important;
word-wrap: break-word;
}
.jnotify-container .jnotify-notification .jnotify-message {
@ -6479,10 +6480,11 @@ div#ecm-layout-center {
/* use or not ? */
div.jnotify-background {
opacity : 0.95 !important;
-webkit-box-shadow: 2px 2px 4px #888 !important;
box-shadow: 2px 2px 4px #888 !important;
-webkit-box-shadow: 2px 2px 4px #8888 !important;
box-shadow: 2px 2px 4px #8888 !important;
}
/* ============================================================================== */
/* blockUI */
/* ============================================================================== */

9
htdocs/user/logout.php
View File

@ -99,6 +99,15 @@ if (GETPOST('dol_use_jmobile')) {
$url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_use_jmobile=1';
}
// Logout openid_connect sessions using OIDC logout URL if defined
if (getDolGlobalInt('MAIN_MODULE_OPENIDCONNECT', 0) > 0 && !empty($_SESSION['OPENID_CONNECT']) && getDolGlobalString("MAIN_AUTHENTICATION_OIDC_LOGOUT_URL")) {
// We need the full URL
if (strpos($url, '/') === 0) {
$url = DOL_MAIN_URL_ROOT . $url;
}
$url = getDolGlobalString('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL') . '?client_id=' . getDolGlobalString('MAIN_AUTHENTICATION_OIDC_CLIENT_ID') . '&returnTo=' . urlencode($url);
}
// Destroy session
dol_syslog("End of session ".session_id());
if (session_status() === PHP_SESSION_ACTIVE) {

2
htdocs/zapier/admin/about.php
View File

@ -71,7 +71,7 @@ $form = new Form($db);
$page_name = "ZapierForDolibarrSetup";
$help_url = 'EN:Module_Zapier';
llxHeader('', $langs->trans($page_name), $help_url);
llxHeader('', $langs->trans($page_name), $help_url, '', 0, 0, '', '', '', 'mod-zapier page-admin_about');
// Subheader
$linkback = '<a href="'.($backtopage ? $backtopage : DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1').'">'.$langs->trans("BackToModuleList").'</a>';

2
htdocs/zapier/admin/setup.php
View File

@ -66,7 +66,7 @@ include DOL_DOCUMENT_ROOT . '/core/actions_setmoduleoptions.inc.php';
$page_name = 'ZapierForDolibarrSetup';
$help_url = 'EN:Module_Zapier';
llxHeader('', $langs->trans($page_name), $help_url);
llxHeader('', $langs->trans($page_name), $help_url, '', 0, 0, '', '', '', 'mod-zapier page-admin_setup');
// Subheader
$linkback = '<a href="' . ($backtopage ? $backtopage : DOL_URL_ROOT . '/admin/modules.php?restore_lastsearch_values=1') . '">' . $langs->trans("BackToModuleList") . '</a>';