Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

use user hasRight

Browse Source
This commit is contained in:
Frédéric France 2023-06-19 23:18:13 +02:00
parent 14b045f2b9
commit ebf83fdab6
16 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/api/class/api_documents.class.php
View File

@ -421,7 +421,7 @@ class Documents extends DolibarrApi
} elseif ($modulepart == 'facture' || $modulepart == 'invoice') {
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}

4
htdocs/api/class/api_setup.class.php
View File

@ -193,7 +193,7 @@ class Setup extends DolibarrApi
{
$list = array();
if (!DolibarrApiAccess::$user->rights->propal->lire && !DolibarrApiAccess::$user->rights->commande->lire && !DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->rights->propal->lire && !DolibarrApiAccess::$user->rights->commande->lire && !DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
@ -1249,7 +1249,7 @@ class Setup extends DolibarrApi
{
$list = array();
if (!DolibarrApiAccess::$user->rights->propal->lire && !DolibarrApiAccess::$user->rights->commande->lire && !DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->rights->propal->lire && !DolibarrApiAccess::$user->rights->commande->lire && !DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}

2
htdocs/comm/action/class/cactioncomm.class.php
View File

@ -195,7 +195,7 @@ class CActionComm
}
if ($qualified && !empty($obj->module)) {
//var_dump($obj->type.' '.$obj->module.' '); var_dump($user->rights->facture->lire);
//var_dump($obj->type.' '.$obj->module.' '); var_dump($user->hasRight('facture', 'lire'));
$qualified = 0;
// Special cases
if ($obj->module == 'invoice' && isModEnabled('facture') && $user->hasRight('facture', 'lire')) {

2
htdocs/compta/clients.php
View File

@ -36,7 +36,7 @@ if ($user->socid > 0) {
$socid = $user->socid;
}
if (!$user->rights->facture->lire) {
if (!$user->hasRight('facture', 'lire')) {
accessforbidden();
}

14
htdocs/compta/facture/class/api_invoices.class.php
View File

@ -127,7 +127,7 @@ class Invoices extends DolibarrApi
*/
private function _fetch($id, $ref = '', $ref_ext = '', $contact_list = 1)
{
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
@ -180,7 +180,7 @@ class Invoices extends DolibarrApi
{
global $db, $conf;
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
@ -372,7 +372,7 @@ class Invoices extends DolibarrApi
*/
public function getLines($id)
{
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
@ -647,7 +647,7 @@ class Invoices extends DolibarrApi
*/
public function delete($id)
{
if (!DolibarrApiAccess::$user->rights->facture->supprimer) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'supprimer')) {
throw new RestException(401);
}
$result = $this->invoice->fetch($id);
@ -1029,7 +1029,7 @@ class Invoices extends DolibarrApi
{
require_once DOL_DOCUMENT_ROOT.'/core/class/discount.class.php';
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
@ -1331,7 +1331,7 @@ class Invoices extends DolibarrApi
public function getPayments($id)
{
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
if (empty($id)) {
@ -1741,7 +1741,7 @@ class Invoices extends DolibarrApi
*/
private function _fetchTemplateInvoice($id, $ref = '', $ref_ext = '', $contact_list = 1)
{
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}

2
htdocs/compta/facture/prelevement.php
View File

@ -81,7 +81,7 @@ if ($type == 'bank-transfer') {
}
} else {
$result = restrictedArea($user, 'facture', $id, '', '', 'fk_soc', $fieldid, $isdraft);
if (!$user->rights->facture->lire) {
if (!$user->hasRight('facture', 'lire')) {
accessforbidden();
}
}

2
htdocs/compta/facture/stats/index.php
View File

@ -44,7 +44,7 @@ $HEIGHT = DolGraph::getDefaultGraphSizeForStats('height');
$langs->loadLangs(array('bills', 'companies', 'other'));
$mode = GETPOST("mode") ? GETPOST("mode") : 'customer';
if ($mode == 'customer' && !$user->rights->facture->lire) {
if ($mode == 'customer' && !$user->hasRight('facture', 'lire')) {
accessforbidden();
}
if ($mode == 'supplier' && empty($user->rights->fournisseur->facture->lire)) {

2
htdocs/compta/paiement/rapport.php
View File

@ -50,7 +50,7 @@ if (!$year) {
}
// Security check
if (empty($user->rights->facture->lire)) {
if (!$user->hasRight('facture', 'lire')) {
accessforbidden();
}

2
htdocs/compta/paiement/tovalidate.php
View File

@ -53,7 +53,7 @@ if (!$sortfield) {
}
// Security check
if (empty($user->rights->facture->lire)) {
if (!$user->hasRight('facture', 'lire')) {
accessforbidden();
}

2
htdocs/core/boxes/box_factures.php
View File

@ -58,7 +58,7 @@ class box_factures extends ModeleBoxes
$this->db = $db;
$this->hidden = empty($user->rights->facture->lire);
$this->hidden = !$user->hasRight('facture', 'lire');
}
/**

2
htdocs/core/boxes/box_graph_invoices_permonth.php
View File

@ -56,7 +56,7 @@ class box_graph_invoices_permonth extends ModeleBoxes
$this->db = $db;
$this->hidden = empty($user->rights->facture->lire);
$this->hidden = !$user->hasRight('facture', 'lire');
}
/**

2
htdocs/core/boxes/box_graph_invoices_peryear.php
View File

@ -54,7 +54,7 @@ class box_graph_invoices_peryear extends ModeleBoxes
$this->db = $db;
$this->hidden = empty($user->rights->facture->lire);
$this->hidden = !$user->hasRight('facture', 'lire');
}
/**

2
htdocs/core/boxes/box_graph_product_distribution.php
View File

@ -107,7 +107,7 @@ class box_graph_product_distribution extends ModeleBoxes
$showinvoicenb = 1;
$showordernb = 1;
}
if (!isModEnabled('facture') || empty($user->rights->facture->lire)) {
if (!isModEnabled('facture') || !$user->hasRight('facture', 'lire')) {
$showinvoicenb = 0;
}
if (isModEnabled('propal') || empty($user->rights->propal->lire)) {

2
htdocs/core/lib/security.lib.php
View File

@ -504,7 +504,7 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '',
$nbko++;
}
} elseif ($feature == 'payment') {
if (empty($user->rights->facture->lire)) {
if (!$user->hasRight('facture', 'lire')) {
$readok = 0;
$nbko++;
}

2
htdocs/product/stats/card.php
View File

@ -467,7 +467,7 @@ if ($result || !($id > 0)) {
if ($graphfiles == 'order' && empty($user->rights->commande->lire)) {
continue;
}
if ($graphfiles == 'invoices' && empty($user->rights->facture->lire)) {
if ($graphfiles == 'invoices' && !$user->hasRight('facture', 'lire')) {
continue;
}
if ($graphfiles == 'proposals_suppliers' && empty($user->rights->supplier_proposal->lire)) {

4
htdocs/societe/class/api_thirdparties.class.php
View File

@ -1084,7 +1084,7 @@ class Thirdparties extends DolibarrApi
*/
public function getInvoicesQualifiedForReplacement($id)
{
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
if (empty($id)) {
@ -1127,7 +1127,7 @@ class Thirdparties extends DolibarrApi
*/
public function getInvoicesQualifiedForCreditNote($id)
{
if (!DolibarrApiAccess::$user->rights->facture->lire) {
if (!DolibarrApiAccess::$user->hasRight('facture', 'lire')) {
throw new RestException(401);
}
if (empty($id)) {