Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

[ bug #1591 ] Linked object block shows Total HT/TTC even if not having permission to read them

Browse Source
This commit is contained in:
Marcos García de La Fuente 2014-09-14 13:09:31 +02:00
parent ba70c1a08a
commit 949ae2f160
7 changed files with 74 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -25,6 +25,7 @@ Fix: [ bug #1544 ] Can remove date from invoice.
Fix: list event view lost type event filter.
Fix: Add code save on create event.
Fix: SQL injection.
Fix: [ bug #1591 ] Linked object block shows Total HT/TTC even if not having permission to read them
***** ChangeLog for 3.5.4 compared to 3.5.3 *****
Fix: Hide title of event when agenda module disabled.

17
htdocs/comm/propal/tpl/linkedobjectblock.tpl.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -27,6 +28,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@ -52,17 +55,23 @@ foreach($linkedObjectBlock as $object)
<a href="<?php echo DOL_URL_ROOT.'/comm/propal.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowPropal"),"propal").' '.$object->ref; ?></a></td>
<td><?php echo $object->ref_client; ?></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->propale->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="3"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->propale->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

15
htdocs/commande/tpl/linkedobjectblock.tpl.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -22,6 +23,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@ -47,17 +50,23 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $GLOBALS['bc'][$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/commande/fiche.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowOrder"),"order").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->commande->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->commande->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

15
htdocs/compta/facture/tpl/linkedobjectblock.tpl.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -22,6 +23,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@ -47,16 +50,22 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $GLOBALS['bc'][$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/compta/facture.php?facid='.$object->id ?>"><?php echo img_object($langs->trans("ShowBill"),"bill").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->facture->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans("TotalHT"); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->facture->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

15
htdocs/expedition/tpl/linkedobjectblock.tpl.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2012 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -21,6 +22,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@ -47,17 +50,23 @@ foreach($linkedObjectBlock as $object)
<a href="<?php echo DOL_URL_ROOT.'/expedition/fiche.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowShipping"),"sending").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date_creation,'day'); ?></td>
<td align="center"><?php echo dol_print_date($object->date_delivery,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->expedition->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="3"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->expedition->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

15
htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -21,6 +22,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@ -44,17 +47,23 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $bc[$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/fourn/commande/fiche.php?id='.$object->id ?>"><?php echo img_object($langs->trans("ShowOrder"),"order").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->commande->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans('TotalHT'); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->commande->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>

15
htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -21,6 +22,8 @@
<?php
global $user;
$langs = $GLOBALS['langs'];
$linkedObjectBlock = $GLOBALS['linkedObjectBlock'];
@ -45,16 +48,22 @@ foreach($linkedObjectBlock as $object)
<tr <?php echo $bc[$var]; ?> ><td>
<a href="<?php echo DOL_URL_ROOT.'/fourn/facture/fiche.php?facid='.$object->id ?>"><?php echo img_object($langs->trans("ShowBill"),"bill").' '.$object->ref; ?></a></td>
<td align="center"><?php echo dol_print_date($object->date,'day'); ?></td>
<td align="right"><?php echo price($object->total_ht); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->facture->lire) {
$total = $total + $object->total_ht;
echo price($object->total_ht);
} ?></td>
<td align="right"><?php echo $object->getLibStatut(3); ?></td>
</tr>
<?php
$total = $total + $object->total_ht;
}
?>
<tr class="liste_total">
<td align="left" colspan="2"><?php echo $langs->trans("TotalHT"); ?></td>
<td align="right"><?php echo price($total); ?></td>
<td align="right"><?php
if ($user->rights->fournisseur->facture->lire) {
echo price($total);
} ?></td>
<td>&nbsp;</td>
</tr>
</table>