diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index 6a65bc99ced..a2fd5cf6f18 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -3,7 +3,7 @@ * Copyright (C) 2017 Regis Houssin * Copyright (C) 2020 Thibault FOUCART * Copyright (C) 2020-2024 Frédéric France - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -37,7 +37,11 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php'; class Members extends DolibarrApi { /** +<<<<<<< HEAD * @var string[] $FIELDS Mandatory fields, checked when create and update object +======= + * @var string[] Mandatory fields, checked when create and update object +>>>>>>> branch '20.0' of git@github.com:Dolibarr/dolibarr.git */ public static $FIELDS = array( 'morphy', @@ -355,7 +359,13 @@ class Members extends DolibarrApi /** * Create member object * +<<<<<<< HEAD * @param array $request_data Request data +======= + * @param array $request_data Request data + * @phan-param ?array $request_data + * @phpstan-param ?array $request_data +>>>>>>> branch '20.0' of git@github.com:Dolibarr/dolibarr.git * @return int ID of member * * @throws RestException 403 Access denied diff --git a/htdocs/adherents/class/api_memberstypes.class.php b/htdocs/adherents/class/api_memberstypes.class.php index 9d0c1ebfd7e..e017099af18 100644 --- a/htdocs/adherents/class/api_memberstypes.class.php +++ b/htdocs/adherents/class/api_memberstypes.class.php @@ -1,6 +1,7 @@ - * Copyright (C) 2025 Frédéric France + * Copyright (C) 2025 Frédéric France + * Copyright (C) 2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -29,7 +30,11 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php'; class MembersTypes extends DolibarrApi { /** +<<<<<<< HEAD * @var string[] Mandatory fields, checked when create and update object +======= + * @var string[] Mandatory fields, checked when create and update object +>>>>>>> branch '20.0' of git@github.com:Dolibarr/dolibarr.git */ public static $FIELDS = array( 'label', @@ -291,8 +296,8 @@ class MembersTypes extends DolibarrApi /** * Clean sensible object datas * - * @param Object $object Object to clean - * @return Object Object with cleaned properties + * @param Object $object Object to clean + * @return Object Object with cleaned properties */ protected function _cleanObjectDatas($object) { diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 7ec045037ad..71e27fc5729 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -1269,7 +1269,9 @@ if ($mode == 'marketplace') { print '
'; - if (!getDolGlobalString('MAIN_DISABLE_DOLISTORE_SEARCH') && getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 1) { + $conf->global->MAIN_DISABLE_DOLISTORE_SEARCH = 1; // avoid warning with the new Dolistore website + + if (!getDolGlobalString('MAIN_DISABLE_DOLISTORE_SEARCH') && getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) { // $options is array with filter criteria if (getDolGlobalInt('MAIN_ENANLE_OLD_DOLISTORE')) { diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index a1905157121..3b5a124fa4a 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -156,13 +156,13 @@ if (isModEnabled("propal") && $user->hasRight("propal", "lire") && is_object($pr $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_DRAFT; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -256,13 +256,13 @@ if (isModEnabled('supplier_proposal') && $user->hasRight("supplier_proposal", "l $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($supplierproposalstatic->element).")"; $sql .= " AND p.fk_statut = ".SupplierProposal::STATUS_DRAFT; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -355,13 +355,13 @@ if (isModEnabled('order') && $user->hasRight('commande', 'lire') && is_object($o $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_statut = ".Commande::STATUS_DRAFT; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -457,13 +457,13 @@ if ((isModEnabled("fournisseur") && !getDolGlobalString('MAIN_USE_NEW_SUPPLIERMO $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cf.entity IN (".getEntity($supplierorderstatic->element).")"; $sql .= " AND cf.fk_statut = ".CommandeFournisseur::STATUS_DRAFT; $sql .= " AND cf.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -556,7 +556,7 @@ if (isModEnabled('intervention') && is_object($fichinterstatic)) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -565,7 +565,7 @@ if (isModEnabled('intervention') && is_object($fichinterstatic)) { if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -641,12 +641,12 @@ if (isModEnabled("societe") && $user->hasRight('societe', 'lire')) { $sql .= ", s.canvas"; $sql .= ", s.datec, s.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.client IN (".Societe::CUSTOMER.", ".Societe::PROSPECT.", ".Societe::CUSTOMER_AND_PROSPECT.")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks @@ -750,7 +750,7 @@ if (isModEnabled('propal') && is_object($propalstatic)) { $sql .= " AND c.fk_soc = s.rowid"; // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -845,7 +845,7 @@ if (isModEnabled('order')) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -854,7 +854,7 @@ if (isModEnabled('order')) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -933,12 +933,12 @@ if ((isModEnabled("supplier_order") || isModEnabled("supplier_invoice")) && $use $sql .= ", s.canvas"; $sql .= ", s.datec as dc, s.tms as dm"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.fournisseur = ".Societe::SUPPLIER; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks @@ -1049,13 +1049,13 @@ if (isModEnabled('contract') && $user->hasRight("contrat", "lire") && 0) { // TO $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."product as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($staticcontrat->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_product = p.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1125,13 +1125,13 @@ if (isModEnabled("propal") && $user->hasRight("propal", "lire")) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1245,13 +1245,13 @@ if (isModEnabled('order') && $user->hasRight('commande', 'lire') && is_object($o $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS_SHIPMENTONPROCESS.")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index f22834a8934..cbc2ec2f1d0 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -2925,7 +2925,7 @@ class Propal extends CommonObject // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -3448,7 +3448,7 @@ class Propal extends CommonObject } // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -3625,7 +3625,7 @@ class Propal extends CommonObject // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative diff --git a/htdocs/comm/propal/class/propalestats.class.php b/htdocs/comm/propal/class/propalestats.class.php index a96dc3486f8..ab24c41a58b 100644 --- a/htdocs/comm/propal/class/propalestats.class.php +++ b/htdocs/comm/propal/class/propalestats.class.php @@ -145,7 +145,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -170,7 +170,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -194,7 +194,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, SUM(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -219,7 +219,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, AVG(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -242,7 +242,7 @@ class PropaleStats extends Stats $sql = "SELECT date_format(".$this->field_date.",'%Y') as year, COUNT(*) as nb, SUM(".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -269,7 +269,7 @@ class PropaleStats extends Stats $sql .= " FROM ".$this->from; $sql .= " INNER JOIN ".$this->from_line." ON p.rowid = tl.fk_propal"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."product as product ON tl.fk_product = product.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 1f79dadeb1d..79e32cc27d7 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -296,7 +296,8 @@ foreach ($object->fields as $key => $val) { } }*/ -if (!$user->hasRight('societe', 'client', 'voir')) { +// Check only if it's an internal user (external users are already filtered by company whatever are permissions on this) +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index 57c5e0cf975..03359651426 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -2763,16 +2763,16 @@ class Commande extends CommonOrder $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " c.rowid as cid, c.ref"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX.$this->table_element." as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -3599,7 +3599,7 @@ class Commande extends CommonOrder $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.date_livraison as delivery_date, c.fk_statut, c.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -3774,6 +3774,7 @@ class Commande extends CommonOrder /** * getTooltipContentArray + * * @param array $params params to construct tooltip data * @since v18 * @return array{picto?:string,ref?:string,refsupplier?:string,label?:string,date?:string,date_echeance?:string,amountht?:string,total_ht?:string,totaltva?:string,amountlt1?:string,amountlt2?:string,amountrevenustamp?:string,totalttc?:string}|array{optimize:string} @@ -4108,7 +4109,7 @@ class Commande extends CommonOrder $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as co"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/commande/class/commandestats.class.php b/htdocs/commande/class/commandestats.class.php index f7fb16a08d2..c56d95c38ef 100644 --- a/htdocs/commande/class/commandestats.class.php +++ b/htdocs/commande/class/commandestats.class.php @@ -159,7 +159,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -184,7 +184,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -208,7 +208,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -233,7 +233,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%m') as dm, AVG(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -256,7 +256,7 @@ class CommandeStats extends Stats $sql = "SELECT date_format(c.date_commande,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -282,7 +282,7 @@ class CommandeStats extends Stats $sql .= " FROM ".$this->from; $sql .= " INNER JOIN ".$this->from_line." ON c.rowid = tl.fk_commande"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."product as product ON tl.fk_product = product.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index c6bc5234b45..cfbd0fafdb9 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -105,7 +105,7 @@ if (isModEnabled('order')) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -114,7 +114,7 @@ if (isModEnabled('order')) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -171,7 +171,7 @@ $sql .= ", s.code_client"; $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -180,7 +180,7 @@ $sql .= " AND c.entity IN (".getEntity('commande').")"; if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -257,7 +257,7 @@ if (isModEnabled('order')) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -266,7 +266,7 @@ if (isModEnabled('order')) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; @@ -346,7 +346,7 @@ if (isModEnabled('order')) { $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -355,7 +355,7 @@ if (isModEnabled('order')) { if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 7cce1de80c1..245c4f4072f 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -951,9 +951,8 @@ $sql .= ' AND c.entity IN ('.getEntity('commande').')'; if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); } - // Restriction on sale representative -if (!$permissiontoreadallthirdparty) { +if (empty($user->socid) && !$permissiontoreadallthirdparty) { $sql .= " AND (EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id).")"; if (getDolGlobalInt('MAIN_SEE_SUBORDINATES') && $userschilds) { $sql .= " OR EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = c.fk_soc AND sc.fk_user IN (".$db->sanitize(implode(',', $userschilds))."))"; @@ -1682,7 +1681,7 @@ if (!empty($arrayfields['p.title']['checked'])) { // Thirpdarty if (!empty($arrayfields['s.nom']['checked'])) { print ''; - print ''; + print 'socid) ? " disabled" : "").'>'; print ''; } // Alias diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 73ae657c12f..e18e8d78afd 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -77,6 +77,11 @@ class Facture extends CommonInvoice */ public $table_element_line = 'facturedet'; + /** + * @var string Name of class line + */ + public $class_element_line = 'FactureLigne'; + /** * @var string Fieldname with ID of parent key if this field has a parent */ @@ -4831,7 +4836,7 @@ class Facture extends CommonInvoice } // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -5025,7 +5030,7 @@ class Facture extends CommonInvoice $sql = "SELECT f.rowid, f.date_lim_reglement as datefin, f.fk_statut as status, f.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON f.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -5273,7 +5278,7 @@ class Facture extends CommonInvoice $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/compta/facture/class/facturestats.class.php b/htdocs/compta/facture/class/facturestats.class.php index 4d69db45350..ac09b9adeb5 100644 --- a/htdocs/compta/facture/class/facturestats.class.php +++ b/htdocs/compta/facture/class/facturestats.class.php @@ -154,7 +154,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(f.datef,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -180,7 +180,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(f.datef,'%Y') as dm, COUNT(*), SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -205,7 +205,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%m') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -231,7 +231,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%m') as dm, AVG(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -254,7 +254,7 @@ class FactureStats extends Stats $sql = "SELECT date_format(datef,'%Y') as year, COUNT(*) as nb, SUM(f.".$this->field.") as total, AVG(f.".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -278,7 +278,7 @@ class FactureStats extends Stats $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -306,7 +306,7 @@ class FactureStats extends Stats $startYear = $endYear - $numberYears; $sql = "SELECT date_format(datef,'%Y') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 238121bb533..e80235798e3 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -316,7 +316,8 @@ $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); '@phan-var-force array,position?:int,help?:string}> $arrayfields'; // dol_sort_array looses type for Phan -if (!$user->hasRight('societe', 'client', 'voir')) { +// Check only if it's an internal user, external users are already filtered by $socid +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -325,6 +326,10 @@ $fieldid = (!empty($ref) ? 'ref' : 'rowid'); if (!empty($user->socid)) { $socid = $user->socid; } +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { + $search_sale = $user->id; +} + $result = restrictedArea($user, 'facture', $id, '', '', 'fk_soc', $fieldid); diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index 0d129b745a1..1ba1f950242 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -161,7 +161,7 @@ if (isModEnabled('invoice') && $user->hasRight('facture', 'lire')) { $sql .= " AND f.fk_soc = ".((int) $socid); } // Filter on sale representative - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = f.fk_soc AND sc.fk_user = ".((int) $user->id).")"; } // Add where from hooks @@ -312,7 +312,7 @@ if ((isModEnabled('fournisseur') && !getDolGlobalString('MAIN_USE_NEW_SUPPLIERMO $sql .= " AND ff.fk_soc = ".((int) $socid); } // Filter on sale representative - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = ff.fk_soc AND sc.fk_user = ".((int) $user->id).")"; } // Add where from hooks @@ -635,7 +635,7 @@ if (isModEnabled('invoice') && isModEnabled('order') && $user->hasRight("command $sql .= " AND c.fk_statut = ".((int) Commande::STATUS_CLOSED); $sql .= " AND c.facture = 0"; // Filter on sale representative - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id).")"; } diff --git a/htdocs/compta/sociales/card.php b/htdocs/compta/sociales/card.php index 123f3c0bf4b..4bda1228b91 100644 --- a/htdocs/compta/sociales/card.php +++ b/htdocs/compta/sociales/card.php @@ -215,6 +215,7 @@ if (empty($reshook)) { $object->mode_reglement_id = GETPOSTINT('mode_reglement_id'); $object->fk_account = GETPOSTINT('fk_account'); $object->fk_project = GETPOSTINT('fk_project'); + $object->paye = ChargeSociales::STATUS_UNPAID; $id = $object->create($user); if ($id <= 0) { diff --git a/htdocs/compta/sociales/list.php b/htdocs/compta/sociales/list.php index f2a4f3ecba0..0e7eaabe7d8 100644 --- a/htdocs/compta/sociales/list.php +++ b/htdocs/compta/sociales/list.php @@ -80,7 +80,7 @@ $search_date_limit_endyear = GETPOSTINT('search_date_limit_endyear'); $search_date_limit_start = dol_mktime(0, 0, 0, $search_date_limit_startmonth, $search_date_limit_startday, $search_date_limit_startyear); $search_date_limit_end = dol_mktime(23, 59, 59, $search_date_limit_endmonth, $search_date_limit_endday, $search_date_limit_endyear); $search_project_ref = GETPOST('search_project_ref', 'alpha'); -$search_users = GETPOST('search_users', 'intcomma'); +$search_users = GETPOST('search_users', 'array:int'); $search_type = GETPOST('search_type', 'alpha'); $search_account = GETPOST('search_account', 'alpha'); diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 8e8600420be..324dfea4dde 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -2294,7 +2294,7 @@ class Contrat extends CommonObject $this->from = " FROM ".MAIN_DB_PREFIX."contrat as c"; $this->from .= ", ".MAIN_DB_PREFIX."contratdet as cd"; $this->from .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $this->from .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } @@ -2325,7 +2325,7 @@ class Contrat extends CommonObject if ($user->socid) { $sql .= " AND c.fk_soc = ".((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -2393,7 +2393,7 @@ class Contrat extends CommonObject $sql = "SELECT count(c.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index a3adefa2526..5dc7e793af9 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -212,7 +212,7 @@ $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); '@phan-var-force array,position?:int,help?:string}> $arrayfields'; // dol_sort_array looses type for Phan -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -903,7 +903,7 @@ if (!empty($arrayfields['c.ref_supplier']['checked'])) { } if (!empty($arrayfields['s.nom']['checked'])) { print ''; - print ''; + print 'socid > 0 ? " disabled" : "").'>'; print ''; } if (!empty($arrayfields['s.email']['checked'])) { diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 17151fe3a4a..7c9659aaf5d 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -87,14 +87,14 @@ class box_actions extends ModeleBoxes $sql .= ", s.code_client, s.code_compta as code_compta_client, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, ".MAIN_DB_PREFIX."actioncomm AS a"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE a.fk_action = ta.id"; $sql .= " AND a.entity IN (".getEntity('actioncomm').")"; $sql .= " AND a.percent >= 0 AND a.percent < 100"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { diff --git a/htdocs/core/boxes/box_actions_future.php b/htdocs/core/boxes/box_actions_future.php index 5d4e8dcd2e8..fbfa230883c 100644 --- a/htdocs/core/boxes/box_actions_future.php +++ b/htdocs/core/boxes/box_actions_future.php @@ -86,14 +86,14 @@ class box_actions_future extends ModeleBoxes $sql .= ", s.code_client, s.code_compta as code_compta_client, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, ".MAIN_DB_PREFIX."actioncomm AS a"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE a.fk_action = ta.id"; $sql .= " AND a.entity IN (".getEntity('actioncomm').")"; //$sql .= " AND a.percent >= 0 AND a.percent < 100"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { diff --git a/htdocs/core/boxes/box_activity.php b/htdocs/core/boxes/box_activity.php index 9ab9544671e..739ee6cb3eb 100644 --- a/htdocs/core/boxes/box_activity.php +++ b/htdocs/core/boxes/box_activity.php @@ -105,13 +105,13 @@ class box_activity extends ModeleBoxes $sql = "SELECT p.fk_statut, SUM(p.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE p.entity IN (".getEntity('propal').")"; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -194,13 +194,13 @@ class box_activity extends ModeleBoxes $sql = "SELECT c.fk_statut, sum(c.total_ttc) as Mnttot, count(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -279,12 +279,12 @@ class box_activity extends ModeleBoxes $data = array(); $sql = "SELECT f.fk_statut, SUM(f.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE f.entity IN (".getEntity('invoice').')'; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 9825232ba94..2d9aae70395 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -89,12 +89,12 @@ class box_clients extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index e4ea864271a..7aadb7c1c72 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -97,7 +97,7 @@ class box_commandes extends ModeleBoxes $sql .= ", c.total_tva"; $sql .= ", c.total_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -105,7 +105,7 @@ class box_commandes extends ModeleBoxes if (getDolGlobalString('ORDER_BOX_LAST_ORDERS_VALIDATED_ONLY')) { $sql .= " AND c.fk_statut = 1"; } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index 6db28aca4f9..c9c8ae98986 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -102,11 +102,11 @@ class box_contacts extends ModeleBoxes if (getDolGlobalString('MAIN_COMPANY_PERENTITY_SHARED')) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE sp.entity IN (".getEntity('contact').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND ((sp.fk_user_creat = ".((int) $user->id)." AND sp.priv = 1) OR sp.priv = 0)"; // check if this is a private contact diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index e7700692e3e..4ca3d92aa5b 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -80,12 +80,12 @@ class box_contracts extends ModeleBoxes $sql .= " c.rowid, c.ref, c.statut as fk_statut, c.date_contrat, c.datec, c.tms as date_modification, c.fin_validite, c.date_cloture,"; $sql .= " c.ref_customer, c.ref_supplier"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php index 8dcd6a5ecc7..53d2179b05c 100644 --- a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php +++ b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php @@ -85,12 +85,12 @@ class box_customers_outstanding_bill_reached extends ModeleBoxes $sql .= ", s.outstanding_limit"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index ee333e1eec5..95f4f631491 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -95,13 +95,13 @@ class box_factures extends ModeleBoxes $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid = pf.fk_facture,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.fk_statut > 0"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index 511a041a035..b3a4e1fd0a6 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -93,12 +93,12 @@ class box_factures_fourn extends ModeleBoxes $sql .= ', f.date_lim_reglement as datelimite, f.tms, f.type'; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index 21ef52a56fc..cd5a8c98eae 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -93,14 +93,14 @@ class box_factures_fourn_imp extends ModeleBoxes $sql2 = " FROM ".MAIN_DB_PREFIX."societe as s"; $sql2 .= ",".MAIN_DB_PREFIX."facture_fourn as f"; $sql2 .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf ON f.rowid = pf.fk_facturefourn"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql2 .= " WHERE f.fk_soc = s.rowid"; $sql2 .= " AND f.entity IN (".getEntity('supplier_invoice').")"; $sql2 .= " AND f.paye = 0"; $sql2 .= " AND fk_statut = 1"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index fb7e8f914ea..a4f91c30985 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -104,7 +104,7 @@ class box_factures_imp extends ModeleBoxes if (getDolGlobalString('MAIN_COMPANY_PERENTITY_SHARED')) { $sql2 .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql2 .= ", ".MAIN_DB_PREFIX."facture as f"; @@ -113,7 +113,7 @@ class box_factures_imp extends ModeleBoxes $sql2 .= " AND f.entity IN (".getEntity('invoice').")"; $sql2 .= " AND f.paye = 0"; $sql2 .= " AND fk_statut = 1"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index ff12319eebe..0c771693b79 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -83,13 +83,13 @@ class box_ficheinter extends ModeleBoxes $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."fichinter as f"; $sql .= " WHERE f.fk_soc = s.rowid "; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index 6cd7b8c3bab..21f77044f1f 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -81,12 +81,12 @@ class box_fournisseurs extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index 7e2fb8d27d1..6948f00912f 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -97,7 +97,7 @@ class box_graph_propales_permonth extends ModeleBoxes if ($user->socid) { $socid = $user->socid; } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index 09b12577f48..a4a280bfa9d 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -85,12 +85,12 @@ class box_propales extends ModeleBoxes $sql .= ", s.logo, s.email, s.entity"; $sql .= ", p.rowid, p.ref, p.fk_statut as status, p.datep as dp, p.datec, p.fin_validite, p.date_cloture, p.total_ht, p.total_tva, p.total_ttc, p.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index dd90e6f1910..16669191454 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -90,12 +90,12 @@ class box_prospect extends ModeleBoxes $sql .= ", s.fk_stcomm"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (2, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index 172e26153fa..5d255f2887f 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -90,7 +90,7 @@ class box_services_contracts extends ModeleBoxes $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contrat as c ON s.rowid = c.fk_soc"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= ")"; diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index 13ed4b8d54d..96cd2ccb416 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -78,7 +78,7 @@ class box_services_expired extends ModeleBoxes $sql .= " s.nom as name, s.rowid as socid, s.email, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,"; $sql .= " MIN(cd.date_fin_validite) as date_line, COUNT(cd.rowid) as nb_services"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe s, ".MAIN_DB_PREFIX."contratdet as cd"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.statut = 4 AND cd.date_fin_validite <= '".$this->db->idate($now)."'"; @@ -87,7 +87,7 @@ class box_services_expired extends ModeleBoxes if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.rowid, c.ref, c.statut, c.date_contrat, c.ref_customer, c.ref_supplier, s.nom, s.rowid"; diff --git a/htdocs/core/boxes/box_shipments.php b/htdocs/core/boxes/box_shipments.php index a2d54f3e948..0dd5e4e0718 100644 --- a/htdocs/core/boxes/box_shipments.php +++ b/htdocs/core/boxes/box_shipments.php @@ -96,7 +96,7 @@ class box_shipments extends ModeleBoxes $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; @@ -106,7 +106,7 @@ class box_shipments extends ModeleBoxes if ($user->socid > 0) { $sql .= " AND s.rowid = ".((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND sc.fk_user = ".((int) $user->id); } else { $sql .= " ORDER BY e.tms DESC, e.date_delivery DESC, e.ref DESC"; diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index 1c6c9475c09..52edf4b8fa4 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -88,12 +88,12 @@ class box_supplier_orders extends ModeleBoxes $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php index 2b89a8ed436..1eb4159ae4a 100644 --- a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php +++ b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php @@ -82,14 +82,14 @@ class box_supplier_orders_awaiting_reception extends ModeleBoxes $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; $sql .= " AND c.date_livraison IS NOT NULL"; $sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".CommandeFournisseur::STATUS_RECEIVED_PARTIALLY.")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 085c5a276d8..71031684d57 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -4071,16 +4071,16 @@ class Form $optstart .= ' data-product-id="' . dol_escape_htmltag($objp->rowid) . '"'; $optstart .= ' data-price-id="' . dol_escape_htmltag($objp->idprodfournprice) . '"'; $optstart .= ' data-qty="' . dol_escape_htmltag($objp->quantity) . '"'; - $optstart .= ' data-up="' . dol_escape_htmltag(price2num($objp->unitprice)) . '"'; - $optstart .= ' data-up-locale="' . dol_escape_htmltag(price($objp->unitprice)) . '"'; + $optstart .= ' data-up="' . dol_escape_htmltag(price2num($objp->unitprice)) . '"'; // the price with numeric international format + $optstart .= ' data-up-locale="' . dol_escape_htmltag(price($objp->unitprice)) . '"'; // the price formatted in user language $optstart .= ' data-discount="' . dol_escape_htmltag($outdiscount) . '"'; - $optstart .= ' data-tvatx="' . dol_escape_htmltag(price2num($objp->tva_tx)) . '"'; - $optstart .= ' data-tvatx-formated="' . dol_escape_htmltag(price($objp->tva_tx, 0, $langs, 1, -1, 2)) . '"'; + $optstart .= ' data-tvatx="' . dol_escape_htmltag(price2num($objp->tva_tx)) . '"'; // the rate with numeric international format + $optstart .= ' data-tvatx-formated="' . dol_escape_htmltag(price($objp->tva_tx, 0, $langs, 1, -1, 2)) . '"'; // the rate formatted in user language $optstart .= ' data-default-vat-code="' . dol_escape_htmltag($objp->default_vat_code) . '"'; $optstart .= ' data-supplier-ref="' . dol_escape_htmltag($objp->ref_fourn) . '"'; if (isModEnabled('multicurrency')) { $optstart .= ' data-multicurrency-code="' . dol_escape_htmltag($objp->multicurrency_code) . '"'; - $optstart .= ' data-multicurrency-unitprice="' . dol_escape_htmltag($objp->multicurrency_unitprice) . '"'; + $optstart .= ' data-multicurrency-unitprice="' . dol_escape_htmltag(price2num($objp->multicurrency_unitprice)) . '"'; // the price with numeric international format } } $optstart .= ' data-description="' . dol_escape_htmltag($objp->description, 0, 1) . '"'; @@ -7306,17 +7306,17 @@ class Form if ($d) { // Show date with popup if ($usecalendar != 'combo') { - $formated_date = ''; + $formatted_date = ''; //print "e".$set_time." t ".$conf->format_date_short; if (strval($set_time) != '' && $set_time != -1) { - //$formated_date=dol_print_date($set_time,$conf->format_date_short); - $formated_date = dol_print_date($set_time, $langs->trans("FormatDateShortInput"), $gm); // FormatDateShortInput for dol_print_date / FormatDateShortJavaInput that is same for javascript + //$formatted_date=dol_print_date($set_time,$conf->format_date_short); + $formatted_date = dol_print_date($set_time, $langs->trans("FormatDateShortInput"), $gm); // FormatDateShortInput for dol_print_date / FormatDateShortJavaInput that is same for javascript } // Calendrier popup version eldy if ($usecalendar == "eldy") { // Input area to enter date manually - $retstring .= 'trans("FormatDateShortJavaInput")) . '\'); "'; // FormatDateShortInput for dol_print_date / FormatDateShortJavaInput that is same for javascript $retstring .= ' autocomplete="off">'; @@ -7373,7 +7373,7 @@ class Form // Input area to enter date manually $retstring .= '
'; - $retstring .= 'trans("FormatDateShortJavaInput")) . '\'); "'; // FormatDateShortInput for dol_print_date / FormatDateShortJavaInput that is same for javascript @@ -10189,7 +10189,15 @@ class Form if (is_object($hookmanager)) { $parameters = array('showrefnav' => true); $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters, $object); // Note that $action and $object may have been modified by hook - $object->next_prev_filter .= $hookmanager->resPrint; + if (!empty($hookmanager->resPrint)) { + if (empty($object->next_prev_filter) && preg_match('/^\s*AND/i', $hookmanager->resPrint)) { + $object->next_prev_filter = preg_replace('/^\s*AND\s*/i', '', $hookmanager->resPrint); + } elseif (!empty($object->next_prev_filter) && !preg_match('/^\s*AND/i', $hookmanager->resPrint)) { + $object->next_prev_filter .= ' AND '.$hookmanager->resPrint; + } else { + $object->next_prev_filter .= $hookmanager->resPrint; + } + } } $previous_ref = $next_ref = ''; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 868815a49b8..ed6a0165d93 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -11379,7 +11379,7 @@ function printCommonFooter($zone = 'private') } // Management of focus and mandatory for fields - if ($action == 'create' || $action == 'edit' || (empty($action) && (preg_match('/new\.php/', $_SERVER["PHP_SELF"]))) || ((empty($action) || $action == 'addline') && (preg_match('/card\.php/', $_SERVER["PHP_SELF"])))) { + if ($action == 'create' || $action == 'add' || $action == 'edit' || (empty($action) && (preg_match('/new\.php/', $_SERVER["PHP_SELF"]))) || ((empty($action) || $action == 'addline') && (preg_match('/card\.php/', $_SERVER["PHP_SELF"])))) { print '/* JS CODE TO ENABLE to manage focus and mandatory form fields */'."\n"; $relativepathstring = $_SERVER["PHP_SELF"]; // Clean $relativepathstring @@ -11450,7 +11450,7 @@ function printCommonFooter($zone = 'private') // Solution 1: Add handler on submit to check if mandatory fields are empty print 'var form = $(\'#'.dol_escape_js($paramkey).'\').closest("form");'."\n"; print "form.on('submit', function(event) { - var submitter = event.originalEvent.submitter; + var submitter = $(this).find(':submit:focus').get(0); if (submitter) { var buttonName = $(submitter).attr('name'); if (buttonName == 'cancel') { @@ -11477,10 +11477,10 @@ function printCommonFooter($zone = 'private') if (tmpvalue === null || tmpvalue === undefined || tmpvalue === '' || tmpvalue === -1) { tmpvalueisempty = true; } - if (tmpvalue === '0' && tmptypefield == 'select') { + if (tmpvalue === '0' && (tmptypefield == 'select' || tmptypefield == 'input')) { tmpvalueisempty = true; } - if (tmpvalueisempty) { + if (tmpvalueisempty && (buttonName == 'save')) { console.log('field has type '+tmptypefield+' and is empty, we cancel the submit'); event.preventDefault(); // Stop submission of form to allow custom code to decide. event.stopPropagation(); // Stop other handlers. diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 84f3b42937f..4228c0a499f 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -569,6 +569,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $result = ''; if (isModEnabled('invoice') && $user->hasRight('facture', 'lire')) { + if ($user->socid > 0) $socid = $user->socid; $maxofloop = (!getDolGlobalString('MAIN_MAXLIST_OVERLOAD') ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); $tmpinvoice = new Facture($db); @@ -579,16 +580,16 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= ", s.rowid as socid, s.email"; $sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -603,7 +604,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,"; $sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,"; $sql .= " cc.rowid, cc.code"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", sc.fk_soc, sc.fk_user"; } @@ -720,6 +721,7 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $result = ''; if ((isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && $user->hasRight('facture', 'lire')) { + if ($user->socid > 0) $socid = $user->socid; $maxofloop = (!getDolGlobalString('MAIN_MAXLIST_OVERLOAD') ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); $facturesupplierstatic = new FactureFournisseur($db); @@ -731,12 +733,12 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $sql .= ", s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -852,12 +854,12 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.type, f.total_ht, f.total_tva, f.total_ttc, f.datec,"; $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -865,7 +867,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -961,12 +963,12 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.datec,"; $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -974,7 +976,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -1079,6 +1081,7 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $result = ''; if (isModEnabled('invoice') && $user->hasRight('facture', 'lire')) { + if ($user->socid > 0) $socid = $user->socid; $tmpinvoice = new Facture($db); $sql = "SELECT f.rowid, f.ref, f.fk_statut as status, f.datef, f.type, f.total_ht, f.total_tva, f.total_ttc, f.paye, f.tms"; @@ -1091,12 +1094,12 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays,".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.paye = 0 AND f.fk_statut = ".Facture::STATUS_VALIDATED; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1268,6 +1271,7 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $result = ''; if (isModEnabled("supplier_invoice") && ($user->hasRight('fournisseur', 'facture', 'lire') || $user->hasRight('supplier_invoice', 'read'))) { + if ($user->socid > 0) $socid = $user->socid; $facstatic = new FactureFournisseur($db); $sql = "SELECT ff.rowid, ff.ref, ff.fk_statut as status, ff.type, ff.libelle as label, ff.total_ht, ff.total_tva, ff.total_ttc, ff.paye"; @@ -1279,14 +1283,14 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; $sql .= " AND ff.entity = ".$conf->entity; $sql .= " AND ff.paye = 0"; $sql .= " AND ff.fk_statut = ".FactureFournisseur::STATUS_VALIDATED; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/core/lib/order.lib.php b/htdocs/core/lib/order.lib.php index 0f50d417ccc..7b573154886 100644 --- a/htdocs/core/lib/order.lib.php +++ b/htdocs/core/lib/order.lib.php @@ -240,11 +240,11 @@ function getCustomerOrderPieChart($socid = 0) /* * Statistics */ - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT count(c.rowid) as nb, c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -252,7 +252,7 @@ function getCustomerOrderPieChart($socid = 0) if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.fk_statut"; diff --git a/htdocs/core/lib/propal.lib.php b/htdocs/core/lib/propal.lib.php index 40d98c78ec8..ab2c5d40b0f 100644 --- a/htdocs/core/lib/propal.lib.php +++ b/htdocs/core/lib/propal.lib.php @@ -222,11 +222,11 @@ function getCustomerProposalPieChart($socid = 0) $listofstatus = array(Propal::STATUS_DRAFT, Propal::STATUS_VALIDATED, Propal::STATUS_SIGNED, Propal::STATUS_NOTSIGNED, Propal::STATUS_BILLED); $propalstatic = new Propal($db); - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT count(p.rowid) as nb, p.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if ($user->socid == 0 && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; @@ -234,7 +234,7 @@ function getCustomerProposalPieChart($socid = 0) if ($user->socid) { $sql .= ' AND p.fk_soc = '.((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if ($user->socid == 0 && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND p.fk_statut IN (".$db->sanitize(implode(" ,", $listofstatus)).")"; diff --git a/htdocs/fichinter/class/fichinterstats.class.php b/htdocs/fichinter/class/fichinterstats.class.php index fea319988a1..1c8f611492d 100644 --- a/htdocs/fichinter/class/fichinterstats.class.php +++ b/htdocs/fichinter/class/fichinterstats.class.php @@ -114,7 +114,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -138,7 +138,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, 0"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -161,7 +161,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -185,7 +185,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -207,7 +207,7 @@ class FichinterStats extends Stats $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, 0 as total, 0 as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index f3635cbd023..a2270349bab 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -307,7 +307,7 @@ $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object, $action); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."societe as s"; diff --git a/htdocs/fourn/class/fournisseur.class.php b/htdocs/fourn/class/fournisseur.class.php index 54b835dcac2..2529bce86ec 100644 --- a/htdocs/fourn/class/fournisseur.class.php +++ b/htdocs/fourn/class/fournisseur.class.php @@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.product.class.php'; */ class Fournisseur extends Societe { - public $next_prev_filter = "te.fournisseur:=:1"; // Used to add a filter in Form::showrefnav method + public $next_prev_filter = "(te.fournisseur:=:1)"; // Used to add a filter in Form::showrefnav method /** diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 3e529a3727a..53e533f798b 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -3284,7 +3284,7 @@ class CommandeFournisseur extends CommonOrder $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".$this->db->prefix()."commande_fournisseur as co"; $sql .= " LEFT JOIN ".$this->db->prefix()."societe as s ON co.fk_soc = s.rowid"; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir") && !$user->socid) { $sql .= " LEFT JOIN ".$this->db->prefix()."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; @@ -3320,7 +3320,7 @@ class CommandeFournisseur extends CommonOrder $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.fk_statut, c.date_livraison as delivery_date, c.total_ht"; $sql .= " FROM ".$this->db->prefix()."commande_fournisseur as c"; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir") && !$user->socid) { $sql .= " JOIN ".$this->db->prefix()."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " WHERE c.entity = ".$conf->entity; diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index dab5dea6d6c..88331cf8bbd 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -2715,7 +2715,7 @@ class FactureFournisseur extends CommonInvoice $sql = 'SELECT ff.rowid, ff.date_lim_reglement as datefin, ff.fk_statut as status, ff.total_ht, ff.total_ttc'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as ff'; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir")) { $sql .= " JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ff.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= ' WHERE ff.paye = 0'; @@ -3135,7 +3135,7 @@ class FactureFournisseur extends CommonInvoice $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir")) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index 4ba693846f4..5fd1c22b0ce 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -234,7 +234,8 @@ $arrayfields = dol_sort_array($arrayfields, 'position'); $error = 0; -if (!$user->hasRight('societe', 'client', 'voir')) { +// Check only if it's an internal user +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -534,6 +535,7 @@ if (empty($reshook)) { } $tva_tx = $lines[$i]->tva_tx; + // @phan-suppress-next-line PhanTypeMismatchArgumentInternal if (!empty($lines[$i]->vat_src_code) && !preg_match('/\(/', (string) $tva_tx)) { $tva_tx .= ' ('.$lines[$i]->vat_src_code.')'; } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 39d971bba99..e71d2927d76 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -1347,6 +1347,7 @@ if (empty($reshook)) { } $tva_tx = $lines[$i]->tva_tx; + // @phan-suppress-next-line PhanTypeMismatchArgumentInternal if (!empty($lines[$i]->vat_src_code) && !preg_match('/\(/', (string) $tva_tx)) { $tva_tx .= ' ('.$lines[$i]->vat_src_code.')'; } diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index ddcc72864ca..883dfa9955f 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -236,7 +236,8 @@ if ((!$user->hasRight("fournisseur", "facture", "lire") && !getDolGlobalString(' accessforbidden(); } -if (!$user->hasRight('societe', 'client', 'voir')) { +// Check only if it' an internal user +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -317,7 +318,6 @@ if (empty($reshook)) { $search_categ_sup = 0; $filter = ''; $option = ''; - $socid = ""; } // Mass actions diff --git a/htdocs/install/mysql/migration/19.0.0-20.0.0.sql b/htdocs/install/mysql/migration/19.0.0-20.0.0.sql index ec3053a6a40..cf2697e3567 100644 --- a/htdocs/install/mysql/migration/19.0.0-20.0.0.sql +++ b/htdocs/install/mysql/migration/19.0.0-20.0.0.sql @@ -349,7 +349,7 @@ ALTER TABLE llx_societe_commerciaux ADD COLUMN fk_c_type_contact_code varchar(32 -- VPGSQL8.2 DROP INDEX uk_societe_commerciaux; ALTER TABLE llx_societe_commerciaux ADD UNIQUE INDEX uk_societe_commerciaux_c_type_contact (fk_soc, fk_user, fk_c_type_contact_code); ALTER TABLE llx_c_type_contact ADD INDEX idx_c_type_contact_code (code); ---Removed, not unique. ALTER TABLE llx_societe_commerciaux ADD CONSTRAINT fk_societe_commerciaux_fk_c_type_contact_code FOREIGN KEY (fk_c_type_contact_code) REFERENCES llx_c_type_contact(code); +-- Removed, not unique. ALTER TABLE llx_societe_commerciaux ADD CONSTRAINT fk_societe_commerciaux_fk_c_type_contact_code FOREIGN KEY (fk_c_type_contact_code) REFERENCES llx_c_type_contact(code); ALTER TABLE llx_societe_commerciaux DROP FOREIGN KEY fk_societe_commerciaux_fk_c_type_contact_code; ALTER TABLE llx_societe_commerciaux ADD CONSTRAINT fk_societe_commerciaux_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe(rowid); ALTER TABLE llx_societe_commerciaux ADD CONSTRAINT fk_societe_commerciaux_fk_user FOREIGN KEY (fk_user) REFERENCES llx_user(rowid); @@ -363,7 +363,7 @@ ALTER TABLE llx_ecm_files DROP column keyword; ALTER TABLE llx_c_type_container ADD COLUMN typecontainer varchar(10) DEFAULT 'page'; UPDATE llx_c_type_container SET typecontainer = 'container' WHERE code IN ('banner', 'other', 'menu'); ---UPDATE llx_c_type_container SET typecontainer = 'page' WHERE code IN ('page', 'blogpost'); +-- UPDATE llx_c_type_container SET typecontainer = 'page' WHERE code IN ('page', 'blogpost'); UPDATE llx_c_type_container SET position = 10 WHERE code IN ('page'); UPDATE llx_c_type_container SET position = 20 WHERE code IN ('blogpost'); @@ -413,7 +413,7 @@ ALTER TABLE llx_hrm_evaluation ADD COLUMN entity INTEGER DEFAULT 1 NOT NULL; -- Error SQL DB_ERROR_1170 BLOB/TEXT column 'url' used in key specification without a key length, so we remove completely the unique key ALTER TABLE llx_menu DROP INDEX idx_menu_uk_menu; ALTER TABLE llx_menu MODIFY COLUMN url TEXT NOT NULL; ---ALTER TABLE llx_menu ADD UNIQUE INDEX idx_menu_uk_menu (menu_handler, fk_menu, position, entity, url); +-- ALTER TABLE llx_menu ADD UNIQUE INDEX idx_menu_uk_menu (menu_handler, fk_menu, position, entity, url); UPDATE llx_c_units SET short_label = 'mn' WHERE short_label = 'i' AND code = 'MI'; diff --git a/htdocs/margin/tabs/productMargins.php b/htdocs/margin/tabs/productMargins.php index c29a2cb62a2..cb4c213efc6 100644 --- a/htdocs/margin/tabs/productMargins.php +++ b/htdocs/margin/tabs/productMargins.php @@ -168,6 +168,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_head($head, 'margin', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; dol_banner_tab($object, 'ref', $linkback, ($user->socid ? 0 : 1), 'ref'); diff --git a/htdocs/product/agenda.php b/htdocs/product/agenda.php index 00032c9acbc..254999a5269 100644 --- a/htdocs/product/agenda.php +++ b/htdocs/product/agenda.php @@ -170,7 +170,7 @@ $picto = ($object->type == Product::TYPE_SERVICE ? 'service' : 'product'); print dol_get_fiche_head($head, 'agenda', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; -$object->next_prev_filter = "fk_product_type:=:".((int) $object->type); // usf filter +$object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/canvas/product/tpl/card_view.tpl.php b/htdocs/product/canvas/product/tpl/card_view.tpl.php index e7b26f58762..4dac736d8b1 100644 --- a/htdocs/product/canvas/product/tpl/card_view.tpl.php +++ b/htdocs/product/canvas/product/tpl/card_view.tpl.php @@ -15,6 +15,7 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ + /** * @var Conf $conf * @var Translate $langs @@ -39,7 +40,7 @@ $titre = $langs->trans("CardProduct".$object->type); print dol_get_fiche_head($head, 'card', $titre, -1, 'product'); $linkback = ''.$langs->trans("BackToList").''; -$object->next_prev_filter = "fk_product_type:=:".((int) $object->type); // usf filter +$object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/canvas/service/tpl/card_view.tpl.php b/htdocs/product/canvas/service/tpl/card_view.tpl.php index b5fd7372b39..8e6379125d3 100644 --- a/htdocs/product/canvas/service/tpl/card_view.tpl.php +++ b/htdocs/product/canvas/service/tpl/card_view.tpl.php @@ -39,7 +39,7 @@ $titre = $langs->trans("CardProduct".$object->type); print dol_get_fiche_head($head, 'card', $titre, -1, 'service'); $linkback = ''.$langs->trans("BackToList").''; -$object->next_prev_filter = " fk_product_type:=:".((int) $object->type); +$object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 4ce8eb72df0..e10dbc20e46 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -2528,7 +2528,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($canvasdisplayactio print dol_get_fiche_head($head, 'card', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; - $object->next_prev_filter = "fk_product_type:=:".((int) $object->type); + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/document.php b/htdocs/product/document.php index dd97f6cf96a..d1ee197aaab 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -248,7 +248,7 @@ if ($object->id > 0) { $linkback = ''.$langs->trans("BackToList").''; - $object->next_prev_filter = "fk_product_type:=:".((int) $object->type); // usf filter + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/messaging.php b/htdocs/product/messaging.php index 354018c5499..d006600a60b 100644 --- a/htdocs/product/messaging.php +++ b/htdocs/product/messaging.php @@ -170,7 +170,7 @@ $picto = ($object->type == Product::TYPE_SERVICE ? 'service' : 'product'); print dol_get_fiche_head($head, 'agenda', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; -$object->next_prev_filter = "fk_product_type:=:".((int) $object->type); // usf filter +$object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/note.php b/htdocs/product/note.php index a3a4ba2fa8d..f6627e0a51a 100644 --- a/htdocs/product/note.php +++ b/htdocs/product/note.php @@ -130,7 +130,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_head($head, 'note', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; - $object->next_prev_filter = "fk_product_type:=:".((int) $object->type); // usf filter + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 2ca40d0bad0..1b55ff6dda4 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -1007,7 +1007,7 @@ $picto = ($object->type == Product::TYPE_SERVICE ? 'service' : 'product'); print dol_get_fiche_head($head, 'price', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; -$object->next_prev_filter = "fk_product_type:=:".((int) $object->type); +$object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/price_suppliers.php b/htdocs/product/price_suppliers.php index 220f9f667dc..32720ebf10a 100644 --- a/htdocs/product/price_suppliers.php +++ b/htdocs/product/price_suppliers.php @@ -403,7 +403,7 @@ if ($id > 0 || $ref) { print dol_get_fiche_head($head, 'suppliers', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; - $object->next_prev_filter = "fk_product_type:=:".((int) $object->type); // usf filter + $prod->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; // use $prod instead $object $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index f2708e0df27..4505e050091 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -159,6 +159,7 @@ if ($result && ($id > 0 || !empty($ref)) && empty($notab)) { print dol_get_fiche_head($head, 'stats', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; dol_banner_tab($object, 'ref', $linkback, ($user->socid ? 0 : 1), 'ref', '', '', '', 0, '', '', 1); diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index 7a5f7b3334c..1ab2be5deff 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -178,6 +178,7 @@ if ($id > 0 || !empty($ref)) { } $linkback = ''.$langs->trans("BackToList").''; + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('product', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/product/stock/list.php b/htdocs/product/stock/list.php index dad98f949c6..d49bb4078d7 100644 --- a/htdocs/product/stock/list.php +++ b/htdocs/product/stock/list.php @@ -208,6 +208,7 @@ $form = new Form($db); $warehouse = new Entrepot($db); $now = dol_now(); +$totalarray = array(); $title = $langs->trans("Warehouses"); $help_url = 'EN:Module_Stocks_En|FR:Module_Stock|ES:Módulo_Stocks'; @@ -624,7 +625,6 @@ if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) { } print ''."\n"; -$totalarray = array(); $totalarray['nbfield'] = 0; // Fields title label diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 4f9a00461b5..6d66d54c92e 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -624,6 +624,7 @@ if ($id > 0 || $ref) { dol_htmloutput_events(); $linkback = ''.$langs->trans("BackToList").''; + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; $shownav = 1; if ($user->socid && !in_array('stock', explode(',', getDolGlobalString('MAIN_MODULES_FOR_EXTERNAL')))) { diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index 2ced6566fb2..340c2f73eaa 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -1772,9 +1772,7 @@ class Project extends CommonObject // Load source object $clone_project->fetch($fromid); $clone_project->fetch_optionals(); - if ($newthirdpartyid > 0) { - $clone_project->socid = $newthirdpartyid; - } + $clone_project->socid = ($newthirdpartyid > 0 ? $newthirdpartyid : 0); $clone_project->fetch_thirdparty(); $orign_dt_start = $clone_project->date_start; diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 7d3568eb687..a996a670376 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -1566,8 +1566,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($canvasdisplayactio print ''; print ''; - // Supplier code - if ((isModEnabled("fournisseur") && $user->hasRight('fournisseur', 'lire') && !getDolGlobalString('MAIN_USE_NEW_SUPPLIERMOD')) || (isModEnabled("supplier_order") && $user->hasRight('supplier_order', 'lire')) || (isModEnabled("supplier_invoice") && $user->hasRight('supplier_invoice', 'lire'))) { + if ((isModEnabled("fournisseur") && $user->hasRight('fournisseur', 'lire') && !getDolGlobalString('MAIN_USE_NEW_SUPPLIERMOD')) || (isModEnabled("supplier_order") && $user->hasRight('supplier_order', 'lire')) || (isModEnabled("supplier_invoice") && $user->hasRight('supplier_invoice', 'lire')) + || (isModEnabled('supplier_proposal') && $user->hasRight('supplier_proposal', 'lire'))) { if ($conf->browser->layout == 'phone') { print ''; print ''; diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index ec208b3e905..09474546f81 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1992,7 +1992,7 @@ class SupplierProposal extends CommonObject $ga = array(); $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -2261,7 +2261,7 @@ class SupplierProposal extends CommonObject public function load_board($user, $mode) { // phpcs:enable - global $conf, $user, $langs; + global $conf, $langs; $now = dol_now(); @@ -2269,7 +2269,7 @@ class SupplierProposal extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec, p.date_cloture as datefin"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -2427,7 +2427,7 @@ class SupplierProposal extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/supplier_proposal/list.php b/htdocs/supplier_proposal/list.php index 8046729f74c..a6b657987a0 100644 --- a/htdocs/supplier_proposal/list.php +++ b/htdocs/supplier_proposal/list.php @@ -74,8 +74,8 @@ $mode = GETPOST('mode', 'alpha'); $search_user = GETPOST('search_user', 'intcomma'); $search_sale = GETPOST('search_sale', 'intcomma'); $search_ref = GETPOST('sf_ref') ? GETPOST('sf_ref', 'alpha') : GETPOST('search_ref', 'alpha'); -$search_societe = GETPOST('search_societe', 'alpha'); -$search_societe_alias = GETPOST('search_societe_alias', 'alpha'); +$search_company = GETPOST('search_company', 'alpha'); +$search_company_alias = GETPOST('search_company_alias', 'alpha'); $search_login = GETPOST('search_login', 'alpha'); $search_town = GETPOST('search_town', 'alpha'); $search_zip = GETPOST('search_zip', 'alpha'); @@ -208,7 +208,8 @@ $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); '@phan-var-force array,position?:int,help?:string}> $arrayfields'; // dol_sort_array looses type for Phan -if (!$user->hasRight('societe', 'client', 'voir')) { +// Check only if it's an internal user +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -246,8 +247,8 @@ if (empty($reshook)) { $search_user = ''; $search_sale = ''; $search_ref = ''; - $search_societe = ''; - $search_societe_alias = ''; + $search_company = ''; + $search_company_alias = ''; $search_montant_ht = ''; $search_montant_vat = ''; $search_montant_ttc = ''; @@ -304,6 +305,14 @@ $formcompany = new FormCompany($db); $now = dol_now(); +if ($socid > 0) { + $soc = new Societe($db); + $soc->fetch($socid); + if (empty($search_company)) { + $search_company = $soc->name; + } +} + $varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage; $selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields @@ -372,14 +381,14 @@ if ($search_type_thirdparty != '' && $search_type_thirdparty > 0) { if ($search_ref) { $sql .= natural_search('sp.ref', $search_ref); } -if (empty($arrayfields['s.name_alias']['checked']) && $search_societe) { - $sql .= natural_search(array("s.nom", "s.name_alias"), $search_societe); +if (empty($arrayfields['s.name_alias']['checked']) && $search_company) { + $sql .= natural_search(array("s.nom", "s.name_alias"), $search_company); } else { - if ($search_societe) { - $sql .= natural_search('s.nom', $search_societe); + if ($search_company) { + $sql .= natural_search('s.nom', $search_company); } - if ($search_societe_alias) { - $sql .= natural_search('s.name_alias', $search_societe_alias); + if ($search_company_alias) { + $sql .= natural_search('s.name_alias', $search_company_alias); } } if ($search_login) { @@ -581,11 +590,11 @@ if ($resql) { if ($search_ref) { $param .= '&search_ref='.urlencode($search_ref); } - if ($search_societe) { - $param .= '&search_societe='.urlencode($search_societe); + if ($search_company) { + $param .= '&search_company='.urlencode($search_company); } - if ($search_societe_alias) { - $param .= '&search_societe_alias='.urlencode($search_societe_alias); + if ($search_company_alias) { + $param .= '&search_company_alias='.urlencode($search_company_alias); } if ($search_user > 0) { $param .= '&search_user='.urlencode((string) ($search_user)); @@ -752,12 +761,12 @@ if ($resql) { } if (!empty($arrayfields['s.nom']['checked'])) { print ''; - print ''; + print ''; print ''; } if (!empty($arrayfields['s.name_alias']['checked'])) { print ''; - print ''; + print ''; print ''; } if (!empty($arrayfields['s.town']['checked'])) { diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index 643ebf548f4..420cfb0f656 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -890,7 +890,7 @@ class Ticket extends CommonObject $socid = $user->socid ?: 0; // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -3156,7 +3156,7 @@ class Ticket extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; - if (isModEnabled('societe') && !$user->hasRight('societe', 'client', 'voir') && !$user->socid) { + if (empty($user->socid) && isModEnabled('societe') && !$user->hasRight('societe', 'client', 'voir') && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -3220,7 +3220,7 @@ class Ticket extends CommonObject $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/ticket/list.php b/htdocs/ticket/list.php index c54ebd897f0..e2ab49441df 100644 --- a/htdocs/ticket/list.php +++ b/htdocs/ticket/list.php @@ -394,13 +394,15 @@ foreach ($search as $key => $val) { $tmpkey = 't.' . $key; if ($key == 'fk_statut' && !empty($search['fk_statut'])) { $newarrayofstatus = array(); - foreach ($search['fk_statut'] as $key2 => $val2) { - if (in_array($val2, array('openall', 'closeall'))) { - continue; + if (is_array($search['fk_statut'])) { + foreach ($search['fk_statut'] as $key2 => $val2) { + if (in_array($val2, array('openall', 'closeall'))) { + continue; + } + $newarrayofstatus[] = $val2; } - $newarrayofstatus[] = $val2; } - if ($search['fk_statut'] == 'openall' || in_array('openall', $search['fk_statut'])) { + if ($search['fk_statut'] == 'openall' || (is_array($search['fk_statut']) && in_array('openall', $search['fk_statut']))) { $newarrayofstatus[] = Ticket::STATUS_NOT_READ; $newarrayofstatus[] = Ticket::STATUS_READ; $newarrayofstatus[] = Ticket::STATUS_ASSIGNED; @@ -408,7 +410,7 @@ foreach ($search as $key => $val) { $newarrayofstatus[] = Ticket::STATUS_NEED_MORE_INFO; $newarrayofstatus[] = Ticket::STATUS_WAITING; } - if ($search['fk_statut'] == 'closeall' || in_array('closeall', $search['fk_statut'])) { + if ($search['fk_statut'] == 'closeall' || (is_array($search['fk_statut']) && in_array('closeall', $search['fk_statut']))) { $newarrayofstatus[] = Ticket::STATUS_CLOSED; $newarrayofstatus[] = Ticket::STATUS_CANCELED; } @@ -908,7 +910,11 @@ foreach ($object->fields as $key => $val) { //var_dump(array_values($search[$key])); $selectedarray = null; if (!empty($search[$key])) { - $selectedarray = array_values($search[$key]); + if (is_array($search[$key])) { + $selectedarray = array_values($search[$key]); + } else { + $selectedarray = array($search[$key]); // Compatibility with "Default search filters" + } } print Form::multiselectarray('search_fk_statut', $arrayofstatus, $selectedarray, 0, 0, 'search_status width150 onrightofpage', 1, 0, '', '', ''); print ''; diff --git a/htdocs/variants/combinations.php b/htdocs/variants/combinations.php index e32143113c6..eb1ecceddc4 100644 --- a/htdocs/variants/combinations.php +++ b/htdocs/variants/combinations.php @@ -425,7 +425,7 @@ if (!empty($id) || !empty($ref)) { print dol_get_fiche_head($head, 'combinations', $titre, -1, $picto); $linkback = ''.$langs->trans("BackToList").''; - $object->next_prev_filter = "fk_product_type:=:".((int) $object->type); // usf filter + $object->next_prev_filter = "(te.fk_product_type:=:".((int) $object->type).")"; dol_banner_tab($object, 'ref', $linkback, ($user->socid ? 0 : 1), 'ref', '', '', '', 0, '', '');