diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index fa3cc2b2d4e..dd3edfcced0 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -3304,8 +3304,8 @@ class Product extends CommonObject $sql .= " SUM(mp.qty) as qty"; $sql .= " FROM ".$this->db->prefix()."mrp_mo as c"; $sql .= " INNER JOIN ".$this->db->prefix()."mrp_production as mp ON mp.fk_mo=c.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc=c.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir')) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " WHERE "; $sql .= " c.entity IN (".getEntity('mo').")"; @@ -3363,7 +3363,7 @@ class Product extends CommonObject $sql = "SELECT COUNT(DISTINCT b.rowid) as nb_toproduce,"; $sql .= " SUM(b.qty) as qty_toproduce"; $sql .= " FROM ".$this->db->prefix()."bom_bom as b"; - $sql .= " INNER JOIN ".$this->db->prefix()."bom_bomline as bl ON bl.fk_bom=b.rowid"; + $sql .= " INNER JOIN ".$this->db->prefix()."bom_bomline as bl ON bl.fk_bom = b.rowid"; $sql .= " WHERE "; $sql .= " b.entity IN (".getEntity('bom').")"; $sql .= " AND b.fk_product =".((int) $this->id); @@ -3427,15 +3427,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."propaldet as pd"; $sql .= ", ".$this->db->prefix()."propal as p"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE p.rowid = pd.fk_propal"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; $sql .= " AND pd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir')) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = p.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND pr.fk_statut != 0"; if ($socid > 0) { @@ -3502,15 +3499,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."supplier_proposaldet as pd"; $sql .= ", ".$this->db->prefix()."supplier_proposal as p"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE p.rowid = pd.fk_supplier_proposal"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " AND pd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir')) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = p.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND pr.fk_statut != 0"; if ($socid > 0) { @@ -3558,15 +3552,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."commandedet as cd"; $sql .= ", ".$this->db->prefix()."commande as c"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE c.rowid = cd.fk_commande"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity($forVirtualStock && getDolGlobalString('STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE') ? 'stock' : 'commande').")"; $sql .= " AND cd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -3686,15 +3677,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."commande_fournisseurdet as cd"; $sql .= ", ".$this->db->prefix()."commande_fournisseur as c"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE c.rowid = cd.fk_commande"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity($forVirtualStock && getDolGlobalString('STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE') ? 'stock' : 'supplier_order').")"; $sql .= " AND cd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND c.fk_soc = ".((int) $socid); @@ -3749,17 +3737,14 @@ class Product extends CommonObject $sql .= ", ".$this->db->prefix()."commande as c"; $sql .= ", ".$this->db->prefix()."expedition as e"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE e.rowid = ed.fk_expedition"; $sql .= " AND c.rowid = cd.fk_commande"; $sql .= " AND e.fk_soc = s.rowid"; $sql .= " AND e.entity IN (".getEntity($forVirtualStock && getDolGlobalString('STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE') ? 'stock' : 'expedition').")"; $sql .= " AND ed.fk_elementdet = cd.rowid"; $sql .= " AND cd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= " AND e.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = e.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND e.fk_soc = ".((int) $socid); @@ -3833,15 +3818,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."receptiondet_batch as fd"; $sql .= ", ".$this->db->prefix()."commande_fournisseur as cf"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE cf.rowid = fd.fk_element"; $sql .= " AND cf.fk_soc = s.rowid"; $sql .= " AND cf.entity IN (".getEntity($forVirtualStock && getDolGlobalString('STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE') ? 'stock' : 'supplier_order').")"; $sql .= " AND fd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= " AND cf.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = cf.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND cf.fk_soc = ".((int) $socid); @@ -3897,15 +3879,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."mrp_production as mp"; $sql .= ", ".$this->db->prefix()."mrp_mo as m"; $sql .= " LEFT JOIN ".$this->db->prefix()."societe as s ON s.rowid = m.fk_soc"; - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE m.rowid = mp.fk_mo"; $sql .= " AND m.entity IN (".getEntity(($forVirtualStock && getDolGlobalString('STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE')) ? 'stock' : 'mrp').")"; $sql .= " AND mp.fk_product = ".((int) $this->id); $sql .= " AND (mp.disable_stock_change IN (0) OR mp.disable_stock_change IS NULL)"; - if (!$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { - $sql .= " AND m.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir') && !$forVirtualStock) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = m.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid > 0) { $sql .= " AND m.fk_soc = ".((int) $socid); @@ -4018,15 +3997,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."contratdet as cd"; $sql .= ", ".$this->db->prefix()."contrat as c"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE c.rowid = cd.fk_contrat"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('contract').")"; $sql .= " AND cd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir')) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND c.statut != 0"; if ($socid > 0) { @@ -4092,15 +4068,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."facturedet as fd"; $sql .= ", ".$this->db->prefix()."facture as f"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE f.rowid = fd.fk_facture"; $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND fd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir')) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = f.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { @@ -4167,15 +4140,12 @@ class Product extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."facturedet_rec as fd"; $sql .= ", ".MAIN_DB_PREFIX."facture_rec as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - } $sql .= " WHERE f.rowid = fd.fk_facture"; $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND fd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir')) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = f.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { @@ -4241,15 +4211,12 @@ class Product extends CommonObject $sql .= " FROM ".$this->db->prefix()."facture_fourn_det as fd"; $sql .= ", ".$this->db->prefix()."facture_fourn as f"; $sql .= ", ".$this->db->prefix()."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= ", ".$this->db->prefix()."societe_commerciaux as sc"; - } $sql .= " WHERE f.rowid = fd.fk_facture_fourn"; $sql .= " AND f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; $sql .= " AND fd.fk_product = ".((int) $this->id); - if (!$user->hasRight('societe', 'client', 'voir')) { - $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + if (empty($user->fk_soc) && !$user->hasRight('societe', 'client', 'voir')) { // For external user, restriction is done on filter on fk_soc directly + $sql .= " INNER JOIN ".$this->db->prefix()."societe_commerciaux as sc ON sc.fk_soc = f.fk_soc AND sc.fk_user = ".((int) $user->id); } //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) {