Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Merge pull request #10686 from hregis/9.0_merge

Browse Source 
FIX wrong feature2 when user rights "group_advance" is used
This commit is contained in:
Laurent Destailleur
2019-02-27 13:29:16 +01:00
committed by GitHub
parent cbaa57b1e2 6fa016dc85
commit 0d99bfbf1c
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/user/group/card.php
View File

@@ -35,12 +35,15 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
$canreadperms=($user->admin || $user->rights->user->user->lire);
$caneditperms=($user->admin || $user->rights->user->user->creer);
$candisableperms=($user->admin || $user->rights->user->user->supprimer);
$feature2 = 'user';
// Advanced permissions
if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS))
{
$canreadperms=($user->admin || $user->rights->user->group_advance->read);
$caneditperms=($user->admin || $user->rights->user->group_advance->write);
$candisableperms=($user->admin || $user->rights->user->group_advance->delete);
$feature2 = 'group_advance';
}
// Load translation files required by page
@@ -55,7 +58,7 @@ $contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'groupcard'
$userid = GETPOST('user', 'int');
// Security check
$result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', 'user');
$result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', $feature2);
// Users/Groups management only in master entity if transverse mode
if (! empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE)