diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 80593ee6d0d..4eb8a525620 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1,13 +1,13 @@ - * Copyright (C) 2010 Regis Houssin - * Copyright (C) 2012-2015 Juanjo Menent - * Copyright (C) 2013 Cédric Salvador - * Copyright (C) 2015 Marcos García - * Copyright (C) 2018 Ferran Marcet - * Copyright (C) 2018-2022 Frédéric France - * Copyright (C) 2021 Gauthier VERDOL - * Copyright (C) 2024 MDW +/* Copyright (C) 2010-2022 Laurent Destailleur + * Copyright (C) 2010-2024 Regis Houssin + * Copyright (C) 2012-2015 Juanjo Menent + * Copyright (C) 2013 Cédric Salvador + * Copyright (C) 2015 Marcos García + * Copyright (C) 2018 Ferran Marcet + * Copyright (C) 2018-2022 Frédéric France + * Copyright (C) 2021 Gauthier VERDOL + * Copyright (C) 2024 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -1213,17 +1213,17 @@ function get_left_menu_home($mainmenu, &$newmenu, $usemenuhider = 1, $leftmenu = $newmenu->add("/user/home.php?leftmenu=users", $langs->trans("MenuUsersAndGroups"), 0, $user->hasRight('user', 'user', 'read'), '', $mainmenu, 'users', 0, '', '', '', img_picto('', 'user', 'class="paddingright pictofixedwidth"')); if ($user->hasRight('user', 'user', 'read')) { if ($usemenuhider || empty($leftmenu) || $leftmenu == "users") { - $newmenu->add("", $langs->trans("Users"), 1, $user->hasRight('user', 'user', 'lire') || $user->admin); - $newmenu->add("/user/card.php?leftmenu=users&action=create", $langs->trans("NewUser"), 2, ($user->hasRight("user", "user", "write") || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE')), '', 'home'); - $newmenu->add("/user/list.php?leftmenu=users", $langs->trans("ListOfUsers"), 2, $user->hasRight('user', 'user', 'lire') || $user->admin); - $newmenu->add("/user/hierarchy.php?leftmenu=users", $langs->trans("HierarchicView"), 2, $user->hasRight('user', 'user', 'lire') || $user->admin); + $newmenu->add("", $langs->trans("Users"), 1, $user->hasRight('user', 'user', 'read') || $user->admin); + $newmenu->add("/user/card.php?leftmenu=users&action=create", $langs->trans("NewUser"), 2, ($user->hasRight("user", "user", "write") || $user->admin) && !(isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE')), '', 'home'); + $newmenu->add("/user/list.php?leftmenu=users", $langs->trans("ListOfUsers"), 2, $user->hasRight('user', 'user', 'read') || $user->admin); + $newmenu->add("/user/hierarchy.php?leftmenu=users", $langs->trans("HierarchicView"), 2, $user->hasRight('user', 'user', 'read') || $user->admin); if (isModEnabled('category')) { $langs->load("categories"); - $newmenu->add("/categories/index.php?leftmenu=users&type=7", $langs->trans("UsersCategoriesShort"), 2, $user->hasRight('categorie', 'lire'), '', $mainmenu, 'cat'); + $newmenu->add("/categories/index.php?leftmenu=users&type=7", $langs->trans("UsersCategoriesShort"), 2, $user->hasRight('categorie', 'read'), '', $mainmenu, 'cat'); } - $newmenu->add("", $langs->trans("Groups"), 1, ($user->hasRight('user', 'user', 'lire') || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE'))); - $newmenu->add("/user/group/card.php?leftmenu=users&action=create", $langs->trans("NewGroup"), 2, ((getDolGlobalString('MAIN_USE_ADVANCED_PERMS') ? $user->hasRight("user", "group_advance", "create") : $user->hasRight("user", "user", "creer")) || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE'))); - $newmenu->add("/user/group/list.php?leftmenu=users", $langs->trans("ListOfGroups"), 2, ((getDolGlobalString('MAIN_USE_ADVANCED_PERMS') ? $user->hasRight('user', 'group_advance', 'read') : $user->hasRight('user', 'user', 'lire')) || $user->admin) && !(isModEnabled('multicompany') && $conf->entity > 1 && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE'))); + $newmenu->add("", $langs->trans("Groups"), 1, ($user->hasRight('user', 'user', 'read') || $user->admin) && !(isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE'))); + $newmenu->add("/user/group/card.php?leftmenu=users&action=create", $langs->trans("NewGroup"), 2, ((getDolGlobalString('MAIN_USE_ADVANCED_PERMS') ? $user->hasRight("user", "group_advance", "write") : $user->hasRight("user", "user", "write")) || $user->admin) && !(isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE'))); + $newmenu->add("/user/group/list.php?leftmenu=users", $langs->trans("ListOfGroups"), 2, ((getDolGlobalString('MAIN_USE_ADVANCED_PERMS') ? $user->hasRight('user', 'group_advance', 'read') : $user->hasRight('user', 'user', 'read')) || $user->admin)); } } } diff --git a/htdocs/user/group/list.php b/htdocs/user/group/list.php index f491bdad587..f8d5da2cc8b 100644 --- a/htdocs/user/group/list.php +++ b/htdocs/user/group/list.php @@ -1,9 +1,9 @@ - * Copyright (C) 2004-2018 Laurent Destailleur - * Copyright (C) 2005-2018 Regis Houssin - * Copyright (C) 2011 Herve Prot - * Copyright (C) 2019-2021 Frédéric France + * Copyright (C) 2004-2018 Laurent Destailleur + * Copyright (C) 2005-2024 Regis Houssin + * Copyright (C) 2011 Herve Prot + * Copyright (C) 2019-2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -93,21 +93,16 @@ if (getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) { } } -// Users/Groups management only in master entity if transverse mode -if (isModEnabled('multicompany') && $conf->entity > 1 && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE')) { - accessforbidden(); -} - if (!$user->hasRight("user", "user", "read") && !$user->admin) { accessforbidden(); } // Defini si peux lire/modifier utilisateurs et permissions -$caneditperms = ($user->admin || $user->hasRight("user", "user", "write")); -$permissiontodelete = ($user->admin || $user->hasRight("user", "user", "write")); +$caneditperms = (isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE') ? false : (!empty($user->admin) || $user->hasRight("user", "user", "write"))); +$permissiontodelete = $caneditperms; // Advanced permissions if (getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) { - $caneditperms = ($user->admin || $user->hasRight("user", "group_advance", "write")); + $caneditperms = (isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE') ? false : ($user->admin || $user->hasRight("user", "group_advance", "write"))); } @@ -287,7 +282,7 @@ $newcardbutton .= dolGetButtonTitle($langs->trans('ViewKanban'), '', 'fa fa-th-l if ($caneditperms) { $newcardbutton .= dolGetButtonTitleSeparator(); - $newcardbutton .= dolGetButtonTitle($langs->trans('NewGroup'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/user/group/card.php?action=create&leftmenu='); + $newcardbutton .= dolGetButtonTitle($langs->trans('NewGroup'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/user/group/card.php?action=create&leftmenu=', '', $caneditperms); } print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'object_'.$object->picto, 0, $newcardbutton, '', $limit, 0, 0, 1); diff --git a/htdocs/user/home.php b/htdocs/user/home.php index f9aef49c949..c6af5a06144 100644 --- a/htdocs/user/home.php +++ b/htdocs/user/home.php @@ -1,7 +1,7 @@ - * Copyright (C) 2005-2018 Regis Houssin - * Copyright (C) 2019 Nicolas ZABOURI + * Copyright (C) 2005-2024 Regis Houssin + * Copyright (C) 2019 Nicolas ZABOURI * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -40,7 +40,7 @@ $langs->load("users"); $canreadperms = true; if (getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) { - $canreadperms = ($user->admin || $user->rights->user->group_advance->read); + $canreadperms = (!empty($user->admin) || $user->hasRight("user", "group_advance", "read")); } // Security check (for external users) diff --git a/htdocs/user/list.php b/htdocs/user/list.php index 65955a4c39f..b9234625794 100644 --- a/htdocs/user/list.php +++ b/htdocs/user/list.php @@ -1,10 +1,10 @@ - * Copyright (C) 2004-2021 Laurent Destailleur - * Copyright (C) 2005-2017 Regis Houssin - * Copyright (C) 2015 Alexandre Spangaro - * Copyright (C) 2016 Marcos García - * Copyright (C) 2024 MDW +/* Copyright (C) 2002-2005 Rodolphe Quiedeville + * Copyright (C) 2004-2021 Laurent Destailleur + * Copyright (C) 2005-2024 Regis Houssin + * Copyright (C) 2015 Alexandre Spangaro + * Copyright (C) 2016 Marcos García + * Copyright (C) 2024 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -198,15 +198,15 @@ if ($contextpage == 'employeelist' && !GETPOSTISSET('search_employee')) { } // Define value to know what current user can do on users -$permissiontoadd = (!empty($user->admin) || $user->hasRight("user", "user", "write")); +$permissiontoadd = (isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE') ? false : (!empty($user->admin) || $user->hasRight("user", "user", "write"))); $canreaduser = (!empty($user->admin) || $user->hasRight("user", "user", "read")); -$canedituser = (!empty($user->admin) || $user->hasRight("user", "user", "write")); -$candisableuser = (!empty($user->admin) || $user->hasRight("user", "user", "delete")); +$canedituser = $permissiontoadd; +$candisableuser = (isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE') ? false : (!empty($user->admin) || $user->hasRight("user", "user", "delete"))); $canreadgroup = $canreaduser; $caneditgroup = $canedituser; if (getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) { $canreadgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "read")); - $caneditgroup = (!empty($user->admin) || $user->hasRight("user", "group_advance", "write")); + $caneditgroup = (isModEnabled('multicompany') && !empty($user->entity) && getDolGlobalString('MULTICOMPANY_TRANSVERSE_MODE') ? false : (!empty($user->admin) || $user->hasRight("user", "group_advance", "write"))); } $error = 0;