From 57ed890b73da8e2ff3ad5a3f209d47b5c9bd71ed Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 23 Feb 2022 12:28:37 +0100 Subject: [PATCH 01/26] NEW : dol_uncompress new extensions --- htdocs/core/lib/files.lib.php | 120 +++++++++++++++++++++------------- 1 file changed, 76 insertions(+), 44 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 60382cc4906..86c740c4f44 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2083,65 +2083,97 @@ function dol_compress_file($inputfile, $outputfile, $mode = "gz", &$errorstring */ function dol_uncompress($inputfile, $outputdir) { - global $conf, $langs; + global $conf, $langs, $db; - if (defined('ODTPHP_PATHTOPCLZIP') && empty($conf->global->MAIN_USE_ZIPARCHIVE_FOR_ZIP_UNCOMPRESS)) { - dol_syslog("Constant ODTPHP_PATHTOPCLZIP for pclzip library is set to ".ODTPHP_PATHTOPCLZIP.", so we use Pclzip to unzip into ".$outputdir); - include_once ODTPHP_PATHTOPCLZIP.'/pclzip.lib.php'; - $archive = new PclZip($inputfile); + include_once DOL_DOCUMENT_ROOT."/core/class/utils.class.php"; + $utils = new Utils($db); + $fileinfo = pathinfo($inputfile); + if ($fileinfo["extension"] == "zip") { + if (defined('ODTPHP_PATHTOPCLZIP') && empty($conf->global->MAIN_USE_ZIPARCHIVE_FOR_ZIP_UNCOMPRESS)) { + dol_syslog("Constant ODTPHP_PATHTOPCLZIP for pclzip library is set to ".ODTPHP_PATHTOPCLZIP.", so we use Pclzip to unzip into ".$outputdir); + include_once ODTPHP_PATHTOPCLZIP.'/pclzip.lib.php'; + $archive = new PclZip($inputfile); - // Extract into outputdir, but only files that match the regex '/^((?!\.\.).)*$/' that means "does not include .." - $result = $archive->extract(PCLZIP_OPT_PATH, $outputdir, PCLZIP_OPT_BY_PREG, '/^((?!\.\.).)*$/'); + // Extract into outputdir, but only files that match the regex '/^((?!\.\.).)*$/' that means "does not include .." + $result = $archive->extract(PCLZIP_OPT_PATH, $outputdir, PCLZIP_OPT_BY_PREG, '/^((?!\.\.).)*$/'); - if (!is_array($result) && $result <= 0) { - return array('error'=>$archive->errorInfo(true)); - } else { - $ok = 1; - $errmsg = ''; - // Loop on each file to check result for unzipping file - foreach ($result as $key => $val) { - if ($val['status'] == 'path_creation_fail') { - $langs->load("errors"); - $ok = 0; - $errmsg = $langs->trans("ErrorFailToCreateDir", $val['filename']); - break; + if (!is_array($result) && $result <= 0) { + return array('error'=>$archive->errorInfo(true)); + } else { + $ok = 1; + $errmsg = ''; + // Loop on each file to check result for unzipping file + foreach ($result as $key => $val) { + if ($val['status'] == 'path_creation_fail') { + $langs->load("errors"); + $ok = 0; + $errmsg = $langs->trans("ErrorFailToCreateDir", $val['filename']); + break; + } + } + + if ($ok) { + return array(); + } else { + return array('error'=>$errmsg); } } + } - if ($ok) { + if (class_exists('ZipArchive')) { // Must install php-zip to have it + dol_syslog("Class ZipArchive is set so we unzip using ZipArchive to unzip into ".$outputdir); + $zip = new ZipArchive; + $res = $zip->open($inputfile); + if ($res === true) { + //$zip->extractTo($outputdir.'/'); + // We must extract one file at time so we can check that file name does not contains '..' to avoid transversal path of zip built for example using + // python3 path_traversal_archiver.py test.zip -l 10 -p tmp/ + // with -l is the range of dot to go back in path. + // and path_traversal_archiver.py found at https://github.com/Alamot/code-snippets/blob/master/path_traversal/path_traversal_archiver.py + for ($i = 0; $i < $zip->numFiles; $i++) { + if (preg_match('/\.\./', $zip->getNameIndex($i))) { + dol_syslog("Warning: Try to unzip a file with a transversal path ".$zip->getNameIndex($i), LOG_WARNING); + continue; // Discard the file + } + $zip->extractTo($outputdir.'/', array($zip->getNameIndex($i))); + } + + $zip->close(); return array(); } else { - return array('error'=>$errmsg); + return array('error'=>'ErrUnzipFails'); } } - } - if (class_exists('ZipArchive')) { // Must install php-zip to have it - dol_syslog("Class ZipArchive is set so we unzip using ZipArchive to unzip into ".$outputdir); - $zip = new ZipArchive; - $res = $zip->open($inputfile); - if ($res === true) { - //$zip->extractTo($outputdir.'/'); - // We must extract one file at time so we can check that file name does not contains '..' to avoid transversal path of zip built for example using - // python3 path_traversal_archiver.py test.zip -l 10 -p tmp/ - // with -l is the range of dot to go back in path. - // and path_traversal_archiver.py found at https://github.com/Alamot/code-snippets/blob/master/path_traversal/path_traversal_archiver.py - for ($i = 0; $i < $zip->numFiles; $i++) { - if (preg_match('/\.\./', $zip->getNameIndex($i))) { - dol_syslog("Warning: Try to unzip a file with a transversal path ".$zip->getNameIndex($i), LOG_WARNING); - continue; // Discard the file - } - $zip->extractTo($outputdir.'/', array($zip->getNameIndex($i))); - } - - $zip->close(); - return array(); + return array('error'=>'ErrNoZipEngine'); + } elseif ($fileinfo["extension"] == "gz" || $fileinfo["extension"] == "bz2") { + $extension = pathinfo($fileinfo["filename"], PATHINFO_EXTENSION); + if ($extension == "tar") { + $cmd = "tar -C ".$outputdir." -xvf ".$fileinfo["dirname"]."/".$fileinfo["basename"]; + $resarray = $utils->executeCLI($cmd, $outputdir); } else { - return array('error'=>'ErrUnzipFails'); + $program = ""; + if ($fileinfo["extension"] == "gz") { + $program = "gzip"; + } elseif ($fileinfo["extension"] == "bz2") { + $program = "bzip2"; + } else { + return array('error'=>'ErrFileExtension'); + } + $cmd = $program." -dc ".$fileinfo["dirname"]."/".$fileinfo["basename"]; + $outputfilename = $outputdir."/".$fileinfo["filename"]; + $resarray = $utils->executeCLI($cmd, $outputfilename, 0, $outputfilename); + if ($resarray["output"] == 2) { + $resarray["error"] = "ErrFilePermOrFileNotFound"; + } + if ($resarray["output"] == 1) { + $resarray["error"] = "Error"; + } } + return $resarray["output"] != 0 ? $resarray["error"] : array(); } - return array('error'=>'ErrNoZipEngine'); + return array('error'=>'ErrFileExtension'); } From 08fa2dfadd3725e917d18da16e850396956946e2 Mon Sep 17 00:00:00 2001 From: steve Date: Mon, 28 Feb 2022 15:58:23 +0100 Subject: [PATCH 02/26] wip: add read employee and write employee --- htdocs/core/modules/modHRM.class.php | 16 ++++++++++++++++ htdocs/langs/en_US/admin.lang | 2 ++ 2 files changed, 18 insertions(+) diff --git a/htdocs/core/modules/modHRM.class.php b/htdocs/core/modules/modHRM.class.php index 3e75f8efcd5..32bdc267276 100644 --- a/htdocs/core/modules/modHRM.class.php +++ b/htdocs/core/modules/modHRM.class.php @@ -249,6 +249,22 @@ class modHRM extends DolibarrModules $this->rights[$r][4] = 'compare_advance'; $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->compare_advance->read) $r++; + + // Read employee + $this->rights[$r][0] = 4031; // Permission id (must not be already used) + $this->rights[$r][1] = 'Read employee'; // Permission label + $this->rights[$r][3] = 0; // Permission by default for new user (0/1) + $this->rights[$r][4] = 'read_employee'; + $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->compare_advance->read) + $r++; + + // Write employee + $this->rights[$r][0] = 4032; // Permission id (must not be already used) + $this->rights[$r][1] = 'Write employee'; // Permission label + $this->rights[$r][3] = 0; // Permission by default for new user (0/1) + $this->rights[$r][4] = 'write_employee'; + $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->compare_advance->read) + $r++; } /** diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 426e1186868..61f40fdb1c1 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -969,6 +969,8 @@ Permission4021=Create/modify your evaluation Permission4022=Validate evaluation Permission4023=Delete evaluation Permission4030=See comparison menu +Permission4031=Read employee +Permission4032=Write employee Permission10001=Read website content Permission10002=Create/modify website content (html and javascript content) Permission10003=Create/modify website content (dynamic php code). Dangerous, must be reserved to restricted developers. From 91ee90ebeba24a8fcb04ef0535efbc95ceca3aa0 Mon Sep 17 00:00:00 2001 From: steve Date: Mon, 28 Feb 2022 16:48:08 +0100 Subject: [PATCH 03/26] fix: read employee and write employee --- htdocs/core/lib/usergroups.lib.php | 2 +- htdocs/core/modules/modHRM.class.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php index 2792b6d9997..8e764c14ea4 100644 --- a/htdocs/core/lib/usergroups.lib.php +++ b/htdocs/core/lib/usergroups.lib.php @@ -141,7 +141,7 @@ function user_prepare_head($object) // $this->tabs = array('entity:-tabname); to remove a tab complete_head_from_modules($conf, $langs, $object, $head, $h, 'user'); - if ((!empty($conf->salaries->enabled) && !empty($user->rights->salaries->read)) + if ((!empty($conf->salaries->enabled) && !empty($user->rights->salaries->read) && !empty($user->rights->hrm->read_employee->read)) || (!empty($conf->hrm->enabled) && !empty($user->rights->hrm->employee->read)) || (!empty($conf->expensereport->enabled) && !empty($user->rights->expensereport->lire) && ($user->id == $object->id || $user->rights->expensereport->readall)) || (!empty($conf->holiday->enabled) && !empty($user->rights->holiday->read) && ($user->id == $object->id || $user->rights->holiday->readall)) diff --git a/htdocs/core/modules/modHRM.class.php b/htdocs/core/modules/modHRM.class.php index 32bdc267276..35deea09a07 100644 --- a/htdocs/core/modules/modHRM.class.php +++ b/htdocs/core/modules/modHRM.class.php @@ -255,7 +255,7 @@ class modHRM extends DolibarrModules $this->rights[$r][1] = 'Read employee'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][4] = 'read_employee'; - $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->compare_advance->read) + $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->read_employee->read) $r++; // Write employee @@ -263,7 +263,7 @@ class modHRM extends DolibarrModules $this->rights[$r][1] = 'Write employee'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][4] = 'write_employee'; - $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->compare_advance->read) + $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->write_employee->write) $r++; } From 1908acb1311150e1fcdb7d3a91dc23f0b21e9a61 Mon Sep 17 00:00:00 2001 From: steve Date: Tue, 1 Mar 2022 11:42:10 +0100 Subject: [PATCH 04/26] feat: add Accountancy code --- htdocs/user/bank.php | 6 ++++++ htdocs/user/card.php | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index fa4c7231de5..47cc3826e51 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -502,6 +502,12 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac print ''; } + // Accountancy code + if (!empty($conf->accounting->enabled)) { + print ''.$langs->trans("AccountancyCode").''; + print ''.$object->accountancy_code.''; + } + print ''; print '
'; diff --git a/htdocs/user/card.php b/htdocs/user/card.php index de1ca3a5d92..f50a4622cd4 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -1577,10 +1577,10 @@ if ($action == 'create' || $action == 'adduserldap') { } // Accountancy code - if (!empty($conf->accounting->enabled)) { - print ''.$langs->trans("AccountancyCode").''; - print ''.$object->accountancy_code.''; - } + //if (!empty($conf->accounting->enabled)) { + // print ''.$langs->trans("AccountancyCode").''; + // print ''.$object->accountancy_code.''; + //} print ''; From cb17f2029ed1bddd2d6b310bd307725fb251242f Mon Sep 17 00:00:00 2001 From: Steve Date: Wed, 2 Mar 2022 11:20:07 +0100 Subject: [PATCH 05/26] wip: add ref_employee and national_registration_number fields --- .../install/mysql/migration/15.0.0-16.0.0.sql | 5 ++++- htdocs/install/mysql/tables/llx_user.sql | 2 ++ htdocs/user/bank.php | 13 ++++++++++++ htdocs/user/card.php | 21 +++++++++++++++++++ htdocs/user/class/user.class.php | 21 +++++++++++++++++++ 5 files changed, 61 insertions(+), 1 deletion(-) diff --git a/htdocs/install/mysql/migration/15.0.0-16.0.0.sql b/htdocs/install/mysql/migration/15.0.0-16.0.0.sql index 5d838fc8bb1..fd32936fb04 100644 --- a/htdocs/install/mysql/migration/15.0.0-16.0.0.sql +++ b/htdocs/install/mysql/migration/15.0.0-16.0.0.sql @@ -272,4 +272,7 @@ ALTER TABLE llx_reception MODIFY COLUMN ref_supplier varchar(128); ALTER TABLE llx_bank_account ADD COLUMN pti_in_ctti smallint DEFAULT 0 AFTER domiciliation; -- Set default ticket type to OTHER if no default exists -UPDATE llx_c_ticket_type SET use_default=1 WHERE code='OTHER' AND NOT EXISTS(SELECT * FROM (SELECT * FROM llx_c_ticket_type) AS t WHERE use_default=1); \ No newline at end of file +UPDATE llx_c_ticket_type SET use_default=1 WHERE code='OTHER' AND NOT EXISTS(SELECT * FROM (SELECT * FROM llx_c_ticket_type) AS t WHERE use_default=1); + +ALTER TABLE llx_user ADD COLUMN ref_employee varchar(50) DEFAULT NULL; +ALTER TABLE llx_user ADD COLUMN national_registration_number varchar(50) DEFAULT NULL; diff --git a/htdocs/install/mysql/tables/llx_user.sql b/htdocs/install/mysql/tables/llx_user.sql index 6cfdf8bfbb8..694ed360b21 100644 --- a/htdocs/install/mysql/tables/llx_user.sql +++ b/htdocs/install/mysql/tables/llx_user.sql @@ -108,5 +108,7 @@ create table llx_user import_key varchar(14), -- import key default_range integer, default_c_exp_tax_cat integer, + employee_number varchar(50), + national_registration_number varchar(50), fk_warehouse integer -- default warehouse os user )ENGINE=innodb; diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 47cc3826e51..17d52d7cbb6 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -508,6 +508,19 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac print ''.$object->accountancy_code.''; } + // Employee Number + if (!empty($conf->accounting->enabled)) { + print ''.$langs->trans("ref_employee").''; + print ''.$object->ref_employee.''; + } + + // National registration number + if (!empty($conf->accounting->enabled)) { + print ''.$langs->trans("NationalRegistrationNumber").''; + print ''.$object->national_registration_number.''; + } + + print ''; print '
'; diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 00c94feaf44..68b62950811 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -247,6 +247,8 @@ if (empty($reshook)) { $object->civility_code = GETPOST("civility_code", 'aZ09'); $object->lastname = GETPOST("lastname", 'alphanohtml'); $object->firstname = GETPOST("firstname", 'alphanohtml'); + $object->ref_employee = GETPOST("ref_employee", 'alphanohtml'); + $object->national_registration_number = GETPOST("national_registration_number", 'alphanohtml'); $object->login = GETPOST("login", 'alphanohtml'); $object->api_key = GETPOST("api_key", 'alphanohtml'); $object->gender = GETPOST("gender", 'aZ09'); @@ -259,6 +261,7 @@ if (empty($reshook)) { $object->office_phone = GETPOST("office_phone", 'alphanohtml'); $object->office_fax = GETPOST("office_fax", 'alphanohtml'); $object->user_mobile = GETPOST("user_mobile", 'alphanohtml'); + $object->ref_employee = GETPOST("ref_employee", 'alphanohtml'); if (!empty($conf->socialnetworks->enabled)) { $object->socialnetworks = array(); @@ -402,6 +405,7 @@ if (empty($reshook)) { $object->civility_code = GETPOST("civility_code", 'aZ09'); $object->lastname = GETPOST("lastname", 'alphanohtml'); $object->firstname = GETPOST("firstname", 'alphanohtml'); + $object->ref_employee = GETPOST("ref_employee", 'alphanohtml'); $object->gender = GETPOST("gender", 'aZ09'); $object->pass = GETPOST("password", 'none'); // We can keep 'none' for password fields $object->api_key = (GETPOST("api_key", 'alphanohtml')) ? GETPOST("api_key", 'alphanohtml') : $object->api_key; @@ -845,6 +849,12 @@ if ($action == 'create' || $action == 'adduserldap') { } print ''; + // Ref remployee + print ''.$langs->trans("ref_employee").''; + print ''; + print ''; + print ''; + // Login print ''.$langs->trans("Login").''; print ''; @@ -2089,6 +2099,17 @@ if ($action == 'create' || $action == 'adduserldap') { } print ''; + // Ref employee + print "".''.$langs->trans("ref_employee").''; + print ''; + if ($caneditfield && !$object->ldap_sid) { + print ''; + } else { + print ''; + print $object->ref_employee; + } + print ''; + // Login print "".''.$langs->trans("Login").''; print ''; diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 6c5926f8c43..84118961692 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -339,6 +339,17 @@ class User extends CommonObject public $dateemploymentend; // Define date of employment end by company public $default_c_exp_tax_cat; + + /** + * @var string ref for employee + */ + public $ref_employee; + + /** + * @var string national registration number + */ + public $national_registration_number; + public $default_range; /** @@ -350,6 +361,8 @@ class User extends CommonObject 'rowid'=>array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'index'=>1, 'position'=>1, 'comment'=>'Id'), 'lastname'=>array('type'=>'varchar(50)', 'label'=>'LastName', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>20, 'searchall'=>1), 'firstname'=>array('type'=>'varchar(50)', 'label'=>'FirstName', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1), + 'ref_employee'=>array('type'=>'varchar(50)', 'label'=>'ref_employee', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>30, 'searchall'=>1), + 'national_registration_number'=>array('type'=>'varchar(50)', 'label'=>'national_registration_number', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>40, 'searchall'=>1) ); @@ -437,6 +450,8 @@ class User extends CommonObject $sql .= " u.fk_warehouse,"; $sql .= " u.ref_ext,"; $sql .= " u.default_range, u.default_c_exp_tax_cat,"; // Expense report default mode + $sql .= " u.national_registration_number,"; + $sql .= " u.ref_employee,"; $sql .= " c.code as country_code, c.label as country,"; $sql .= " d.code_departement as state_code, d.nom as state"; $sql .= " FROM ".$this->db->prefix()."user as u"; @@ -488,6 +503,8 @@ class User extends CommonObject $this->civility_code = $obj->civility_code; $this->lastname = $obj->lastname; $this->firstname = $obj->firstname; + $this->ref_employee = $obj->ref_employee; + $this->national_registration_number = $obj->national_registration_number; $this->employee = $obj->employee; @@ -1755,6 +1772,8 @@ class User extends CommonObject $this->civility_code = trim($this->civility_code); $this->lastname = trim($this->lastname); $this->firstname = trim($this->firstname); + $this->ref_employee = trim($this->ref_employee); + $this->national_registration_number = trim($this->national_registration_number); $this->employee = $this->employee ? $this->employee : 0; $this->login = trim($this->login); $this->gender = trim($this->gender); @@ -1847,6 +1866,8 @@ class User extends CommonObject $sql .= " civility = '".$this->db->escape($this->civility_code)."'"; $sql .= ", lastname = '".$this->db->escape($this->lastname)."'"; $sql .= ", firstname = '".$this->db->escape($this->firstname)."'"; + $sql .= ", ref_employee = '".$this->db->escape($this->ref_employee)."'"; + $sql .= ", national_registration_number = '".$this->db->escape($this->national_registration_number)."'"; $sql .= ", employee = ".(int) $this->employee; $sql .= ", login = '".$this->db->escape($this->login)."'"; $sql .= ", api_key = ".($this->api_key ? "'".$this->db->escape($this->api_key)."'" : "null"); From dcabd046d92b16f286542eaf6f59176e9bebdfa7 Mon Sep 17 00:00:00 2001 From: steve Date: Wed, 2 Mar 2022 11:52:44 +0100 Subject: [PATCH 06/26] feat: add ref_employee and national_registration_number fields --- htdocs/user/card.php | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 68b62950811..961ace97f53 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -261,7 +261,6 @@ if (empty($reshook)) { $object->office_phone = GETPOST("office_phone", 'alphanohtml'); $object->office_fax = GETPOST("office_fax", 'alphanohtml'); $object->user_mobile = GETPOST("user_mobile", 'alphanohtml'); - $object->ref_employee = GETPOST("ref_employee", 'alphanohtml'); if (!empty($conf->socialnetworks->enabled)) { $object->socialnetworks = array(); @@ -406,6 +405,7 @@ if (empty($reshook)) { $object->lastname = GETPOST("lastname", 'alphanohtml'); $object->firstname = GETPOST("firstname", 'alphanohtml'); $object->ref_employee = GETPOST("ref_employee", 'alphanohtml'); + $object->national_registration_number = GETPOST("national_registration_number", 'alphanohtml'); $object->gender = GETPOST("gender", 'aZ09'); $object->pass = GETPOST("password", 'none'); // We can keep 'none' for password fields $object->api_key = (GETPOST("api_key", 'alphanohtml')) ? GETPOST("api_key", 'alphanohtml') : $object->api_key; @@ -855,6 +855,12 @@ if ($action == 'create' || $action == 'adduserldap') { print ''; print ''; + // National registration number + print ''.$langs->trans("national_registration_number").''; + print ''; + print ''; + print ''; + // Login print ''.$langs->trans("Login").''; print ''; @@ -2110,6 +2116,17 @@ if ($action == 'create' || $action == 'adduserldap') { } print ''; + // National registration number + print "".''.$langs->trans("national_registration_number").''; + print ''; + if ($caneditfield && !$object->ldap_sid) { + print ''; + } else { + print ''; + print $object->national_registration_number; + } + print ''; + // Login print "".''.$langs->trans("Login").''; print ''; From e2f727ef55b794c5a0d9b63593040bbc3bcd5687 Mon Sep 17 00:00:00 2001 From: steve Date: Wed, 2 Mar 2022 14:21:49 +0100 Subject: [PATCH 07/26] feat: langs trans ref_employee and national registration number --- htdocs/langs/en_US/companies.lang | 2 ++ htdocs/user/bank.php | 2 +- htdocs/user/card.php | 8 ++++---- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/htdocs/langs/en_US/companies.lang b/htdocs/langs/en_US/companies.lang index 3e85f1b35f7..edd6f7b7dd8 100644 --- a/htdocs/langs/en_US/companies.lang +++ b/htdocs/langs/en_US/companies.lang @@ -51,6 +51,8 @@ CivilityCode=Civility code RegisteredOffice=Registered office Lastname=Last name Firstname=First name +RefEmployee=Employee reference +NationalRegistrationNumber=National registration number PostOrFunction=Job position UserTitle=Title NatureOfThirdParty=Nature of Third party diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 17d52d7cbb6..b84ae16c55f 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -510,7 +510,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac // Employee Number if (!empty($conf->accounting->enabled)) { - print ''.$langs->trans("ref_employee").''; + print ''.$langs->trans("RefEmployee").''; print ''.$object->ref_employee.''; } diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 961ace97f53..3bbf6438489 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -850,13 +850,13 @@ if ($action == 'create' || $action == 'adduserldap') { print ''; // Ref remployee - print ''.$langs->trans("ref_employee").''; + print ''.$langs->trans("RefEmployee").''; print ''; print ''; print ''; // National registration number - print ''.$langs->trans("national_registration_number").''; + print ''.$langs->trans("NationalRegistrationNumber").''; print ''; print ''; print ''; @@ -2106,7 +2106,7 @@ if ($action == 'create' || $action == 'adduserldap') { print ''; // Ref employee - print "".''.$langs->trans("ref_employee").''; + print "".''.$langs->trans("RefEmployee").''; print ''; if ($caneditfield && !$object->ldap_sid) { print ''; @@ -2117,7 +2117,7 @@ if ($action == 'create' || $action == 'adduserldap') { print ''; // National registration number - print "".''.$langs->trans("national_registration_number").''; + print "".''.$langs->trans("NationalRegistrationNumber").''; print ''; if ($caneditfield && !$object->ldap_sid) { print ''; From 9900e5dd319692905785bbdbbf3406740021490a Mon Sep 17 00:00:00 2001 From: steve Date: Wed, 2 Mar 2022 14:51:16 +0100 Subject: [PATCH 08/26] Clean --- htdocs/user/card.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 3bbf6438489..720387e6c47 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -1592,12 +1592,6 @@ if ($action == 'create' || $action == 'adduserldap') { print ''; } - // Accountancy code - //if (!empty($conf->accounting->enabled)) { - // print ''.$langs->trans("AccountancyCode").''; - // print ''.$object->accountancy_code.''; - //} - print ''; print '
'; From 436b8fa5b5d94a9df8da0b17e958c00468f38baf Mon Sep 17 00:00:00 2001 From: steve Date: Thu, 3 Mar 2022 16:18:09 +0100 Subject: [PATCH 09/26] apply feedbacks --- htdocs/core/lib/usergroups.lib.php | 2 +- htdocs/core/modules/modHRM.class.php | 16 ----------- htdocs/langs/en_US/admin.lang | 2 -- htdocs/user/bank.php | 41 ++++++++++++++++++++++------ htdocs/user/card.php | 34 ----------------------- 5 files changed, 33 insertions(+), 62 deletions(-) diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php index 8e764c14ea4..2792b6d9997 100644 --- a/htdocs/core/lib/usergroups.lib.php +++ b/htdocs/core/lib/usergroups.lib.php @@ -141,7 +141,7 @@ function user_prepare_head($object) // $this->tabs = array('entity:-tabname); to remove a tab complete_head_from_modules($conf, $langs, $object, $head, $h, 'user'); - if ((!empty($conf->salaries->enabled) && !empty($user->rights->salaries->read) && !empty($user->rights->hrm->read_employee->read)) + if ((!empty($conf->salaries->enabled) && !empty($user->rights->salaries->read)) || (!empty($conf->hrm->enabled) && !empty($user->rights->hrm->employee->read)) || (!empty($conf->expensereport->enabled) && !empty($user->rights->expensereport->lire) && ($user->id == $object->id || $user->rights->expensereport->readall)) || (!empty($conf->holiday->enabled) && !empty($user->rights->holiday->read) && ($user->id == $object->id || $user->rights->holiday->readall)) diff --git a/htdocs/core/modules/modHRM.class.php b/htdocs/core/modules/modHRM.class.php index 35deea09a07..3e75f8efcd5 100644 --- a/htdocs/core/modules/modHRM.class.php +++ b/htdocs/core/modules/modHRM.class.php @@ -249,22 +249,6 @@ class modHRM extends DolibarrModules $this->rights[$r][4] = 'compare_advance'; $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->compare_advance->read) $r++; - - // Read employee - $this->rights[$r][0] = 4031; // Permission id (must not be already used) - $this->rights[$r][1] = 'Read employee'; // Permission label - $this->rights[$r][3] = 0; // Permission by default for new user (0/1) - $this->rights[$r][4] = 'read_employee'; - $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->read_employee->read) - $r++; - - // Write employee - $this->rights[$r][0] = 4032; // Permission id (must not be already used) - $this->rights[$r][1] = 'Write employee'; // Permission label - $this->rights[$r][3] = 0; // Permission by default for new user (0/1) - $this->rights[$r][4] = 'write_employee'; - $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->write_employee->write) - $r++; } /** diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 6674f6cb58a..cffd3532c05 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -969,8 +969,6 @@ Permission4021=Create/modify your evaluation Permission4022=Validate evaluation Permission4023=Delete evaluation Permission4030=See comparison menu -Permission4031=Read employee -Permission4032=Write employee Permission10001=Read website content Permission10002=Create/modify website content (html and javascript content) Permission10003=Create/modify website content (dynamic php code). Dangerous, must be reserved to restricted developers. diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index b84ae16c55f..38b6066e9d2 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -230,6 +230,24 @@ if ($action == 'setpersonal_mobile' && $canadduser && !$cancel) { } } +// update ref_employee +if ($action == 'setref_employee' && $canadduser && !$cancel) { + $object->ref_employee = (string) GETPOST('ref_employee', 'alphanohtml'); + $result = $object->update($user); + if ($result < 0) { + setEventMessages($object->error, $object->errors, 'errors'); + } +} + +// update national_registration_number +if ($action == 'setnational_registration_number' && $canadduser && !$cancel) { + $object->national_registration_number = (string) GETPOST('national_registration_number', 'alphanohtml'); + $result = $object->update($user); + if ($result < 0) { + setEventMessages($object->error, $object->errors, 'errors'); + } +} + if (!empty($conf->global->MAIN_USE_EXPENSE_IK)) { // update default_c_exp_tax_cat if ($action == 'setdefault_c_exp_tax_cat' && $canadduser) { @@ -509,17 +527,22 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac } // Employee Number - if (!empty($conf->accounting->enabled)) { - print ''.$langs->trans("RefEmployee").''; - print ''.$object->ref_employee.''; - } + print ''; + print ''; + print $form->editfieldkey("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer); + print ''; + print $form->editfieldval("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer, 'string', $object->ref_employee); + print ''; + print ''; // National registration number - if (!empty($conf->accounting->enabled)) { - print ''.$langs->trans("NationalRegistrationNumber").''; - print ''.$object->national_registration_number.''; - } - + print ''; + print ''; + print $form->editfieldkey("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer); + print ''; + print $form->editfieldval("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer, 'string', $object->national_registration_number); + print ''; + print ''; print ''; diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 720387e6c47..e5381a7271e 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -849,18 +849,6 @@ if ($action == 'create' || $action == 'adduserldap') { } print ''; - // Ref remployee - print ''.$langs->trans("RefEmployee").''; - print ''; - print ''; - print ''; - - // National registration number - print ''.$langs->trans("NationalRegistrationNumber").''; - print ''; - print ''; - print ''; - // Login print ''.$langs->trans("Login").''; print ''; @@ -2099,28 +2087,6 @@ if ($action == 'create' || $action == 'adduserldap') { } print ''; - // Ref employee - print "".''.$langs->trans("RefEmployee").''; - print ''; - if ($caneditfield && !$object->ldap_sid) { - print ''; - } else { - print ''; - print $object->ref_employee; - } - print ''; - - // National registration number - print "".''.$langs->trans("NationalRegistrationNumber").''; - print ''; - if ($caneditfield && !$object->ldap_sid) { - print ''; - } else { - print ''; - print $object->national_registration_number; - } - print ''; - // Login print "".''.$langs->trans("Login").''; print ''; From 8d11813ea5fbefc3cfbb6e3295dc8fd5fcfc8d3d Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Mon, 14 Mar 2022 11:45:23 +0100 Subject: [PATCH 10/26] fix security problems and add zstd support --- htdocs/core/lib/files.lib.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 86c740c4f44..37bc946a8b6 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2146,22 +2146,24 @@ function dol_uncompress($inputfile, $outputdir) } return array('error'=>'ErrNoZipEngine'); - } elseif ($fileinfo["extension"] == "gz" || $fileinfo["extension"] == "bz2") { + } elseif (in_array($fileinfo["extension"], array('gz','bz2','zst'))) { $extension = pathinfo($fileinfo["filename"], PATHINFO_EXTENSION); if ($extension == "tar") { - $cmd = "tar -C ".$outputdir." -xvf ".$fileinfo["dirname"]."/".$fileinfo["basename"]; + $cmd = 'tar -C '.escapeshellcmd(dol_sanitizePathName($outputdir)).' -xvf '.escapeshellcmd(dol_sanitizePathName($fileinfo["dirname"]).'/'.dol_sanitizeFileName($fileinfo["basename"])); $resarray = $utils->executeCLI($cmd, $outputdir); } else { $program = ""; if ($fileinfo["extension"] == "gz") { - $program = "gzip"; + $program = 'gzip'; } elseif ($fileinfo["extension"] == "bz2") { - $program = "bzip2"; + $program = 'bzip2'; + } elseif ($fileinfo["extension"] == "zst") { + $program = 'zstd'; } else { return array('error'=>'ErrFileExtension'); } - $cmd = $program." -dc ".$fileinfo["dirname"]."/".$fileinfo["basename"]; - $outputfilename = $outputdir."/".$fileinfo["filename"]; + $cmd = $program.' -dc '.escapeshellcmd(dol_sanitizePathName($fileinfo["dirname"]).'/'.dol_sanitizeFileName($fileinfo["basename"])); + $outputfilename = escapeshellcmd(dol_sanitizePathName($outputdir).'/'.dol_sanitizeFileName($fileinfo["filename"])); $resarray = $utils->executeCLI($cmd, $outputfilename, 0, $outputfilename); if ($resarray["output"] == 2) { $resarray["error"] = "ErrFilePermOrFileNotFound"; From 1555a95ce881bcc8c278c43426c98d784fa63226 Mon Sep 17 00:00:00 2001 From: steve Date: Mon, 14 Mar 2022 16:50:43 +0100 Subject: [PATCH 11/26] Activate new rights read and write --- htdocs/core/modules/modHRM.class.php | 16 ++++++ htdocs/langs/en_US/admin.lang | 2 + htdocs/user/bank.php | 86 ++++++++++++++++------------ 3 files changed, 66 insertions(+), 38 deletions(-) diff --git a/htdocs/core/modules/modHRM.class.php b/htdocs/core/modules/modHRM.class.php index 3e75f8efcd5..35deea09a07 100644 --- a/htdocs/core/modules/modHRM.class.php +++ b/htdocs/core/modules/modHRM.class.php @@ -249,6 +249,22 @@ class modHRM extends DolibarrModules $this->rights[$r][4] = 'compare_advance'; $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->compare_advance->read) $r++; + + // Read employee + $this->rights[$r][0] = 4031; // Permission id (must not be already used) + $this->rights[$r][1] = 'Read employee'; // Permission label + $this->rights[$r][3] = 0; // Permission by default for new user (0/1) + $this->rights[$r][4] = 'read_employee'; + $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->read_employee->read) + $r++; + + // Write employee + $this->rights[$r][0] = 4032; // Permission id (must not be already used) + $this->rights[$r][1] = 'Write employee'; // Permission label + $this->rights[$r][3] = 0; // Permission by default for new user (0/1) + $this->rights[$r][4] = 'write_employee'; + $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->write_employee->write) + $r++; } /** diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index cffd3532c05..6674f6cb58a 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -969,6 +969,8 @@ Permission4021=Create/modify your evaluation Permission4022=Validate evaluation Permission4023=Delete evaluation Permission4030=See comparison menu +Permission4031=Read employee +Permission4032=Write employee Permission10001=Read website content Permission10002=Create/modify website content (html and javascript content) Permission10003=Create/modify website content (dynamic php code). Dangerous, must be reserved to restricted developers. diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 38b6066e9d2..d9bbb16f3aa 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -78,8 +78,8 @@ if (empty($account->userid)) { // Define value to know what current user can do on users -$canadduser = (!empty($user->admin) || $user->rights->user->user->creer); -$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire); +$canadduser = (!empty($user->admin) || $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); +$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire || $user->rights->hrm->read_employee->read); $permissiontoaddbankaccount = (!empty($user->rights->salaries->write) || !empty($user->rights->hrm->employee->write) || !empty($user->rights->user->creer)); // Ok if user->rights->salaries->read or user->rights->hrm->read @@ -281,7 +281,7 @@ llxHeader(null, $langs->trans("BankAccounts")); $head = user_prepare_head($object); -if ($id && $bankid && $action == 'edit' && $user->rights->user->user->creer) { +if ($id && $bankid && $action == 'edit' && ($user->rights->user->user->creer || $user->rights->hrm->write_employee->write)) { print '
'; print ''; print ''; @@ -446,31 +446,37 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac print "\n"; // Date of birth - print ''; - print ''; - print $form->editfieldkey("DateOfBirth", 'birth', $object->birth, $object, $user->rights->user->user->creer); - print ''; - print $form->editfieldval("DateOfBirth", 'birth', $object->birth, $object, $user->rights->user->user->creer, 'day', $object->birth); - print ''; - print "\n"; + if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + print ''; + print ''; + print $form->editfieldkey("DateOfBirth", 'birth', $object->birth, $object, $user->rights->user->user->creer); + print ''; + print $form->editfieldval("DateOfBirth", 'birth', $object->birth, $object, $user->rights->user->user->creer, 'day', $object->birth); + print ''; + print "\n"; + } // Personal email - print ''; - print ''; - print $form->editfieldkey("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer); - print ''; - print $form->editfieldval("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer, 'email', '', null, null, '', 0, 'dol_print_email'); - print ''; - print ''; + if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + print ''; + print ''; + print $form->editfieldkey("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print ''; + print $form->editfieldval("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'email', '', null, null, '', 0, 'dol_print_email'); + print ''; + print ''; + } // Personal phone - print ''; - print ''; - print $form->editfieldkey("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer); - print ''; - print $form->editfieldval("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer, 'string', '', null, null, '', 0, 'dol_print_phone'); - print ''; - print ''; + if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + print ''; + print ''; + print $form->editfieldkey("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print ''; + print $form->editfieldval("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'string', '', null, null, '', 0, 'dol_print_phone'); + print ''; + print ''; + } if (!empty($conf->global->MAIN_USE_EXPENSE_IK)) { print ''; @@ -527,22 +533,26 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac } // Employee Number - print ''; - print ''; - print $form->editfieldkey("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer); - print ''; - print $form->editfieldval("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer, 'string', $object->ref_employee); - print ''; - print ''; + if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + print ''; + print ''; + print $form->editfieldkey("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print ''; + print $form->editfieldval("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'string', $object->ref_employee); + print ''; + print ''; + } // National registration number - print ''; - print ''; - print $form->editfieldkey("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer); - print ''; - print $form->editfieldval("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer, 'string', $object->national_registration_number); - print ''; - print ''; + if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + print ''; + print ''; + print $form->editfieldkey("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print ''; + print $form->editfieldval("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'string', $object->national_registration_number); + print ''; + print ''; + } print ''; From 8f39efd2b915d07be5aab11a3a5b66bb3b35ec01 Mon Sep 17 00:00:00 2001 From: steve Date: Wed, 30 Mar 2022 12:10:06 +0200 Subject: [PATCH 12/26] fix: change Read and Write employee label with personal information --- htdocs/core/modules/modHRM.class.php | 12 +++++------ htdocs/langs/en_US/admin.lang | 4 ++-- htdocs/user/bank.php | 32 ++++++++++++++-------------- 3 files changed, 24 insertions(+), 24 deletions(-) diff --git a/htdocs/core/modules/modHRM.class.php b/htdocs/core/modules/modHRM.class.php index 35deea09a07..bffd760bad6 100644 --- a/htdocs/core/modules/modHRM.class.php +++ b/htdocs/core/modules/modHRM.class.php @@ -252,18 +252,18 @@ class modHRM extends DolibarrModules // Read employee $this->rights[$r][0] = 4031; // Permission id (must not be already used) - $this->rights[$r][1] = 'Read employee'; // Permission label + $this->rights[$r][1] = 'Read personal information'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) - $this->rights[$r][4] = 'read_employee'; - $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->read_employee->read) + $this->rights[$r][4] = 'read_personal_information'; + $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->read_personal_information->read) $r++; // Write employee $this->rights[$r][0] = 4032; // Permission id (must not be already used) - $this->rights[$r][1] = 'Write employee'; // Permission label + $this->rights[$r][1] = 'Write personal information'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) - $this->rights[$r][4] = 'write_employee'; - $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->write_employee->write) + $this->rights[$r][4] = 'write_personal_information'; + $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->write_personal_information->write) $r++; } diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 6674f6cb58a..70aa9f9cacf 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -969,8 +969,8 @@ Permission4021=Create/modify your evaluation Permission4022=Validate evaluation Permission4023=Delete evaluation Permission4030=See comparison menu -Permission4031=Read employee -Permission4032=Write employee +Permission4031=Read personal information +Permission4032=Write personal information Permission10001=Read website content Permission10002=Create/modify website content (html and javascript content) Permission10003=Create/modify website content (dynamic php code). Dangerous, must be reserved to restricted developers. diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index d9bbb16f3aa..16030f0f95c 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -78,8 +78,8 @@ if (empty($account->userid)) { // Define value to know what current user can do on users -$canadduser = (!empty($user->admin) || $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); -$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire || $user->rights->hrm->read_employee->read); +$canadduser = (!empty($user->admin) || $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); +$canreaduser = (!empty($user->admin) || $user->rights->user->user->lire || $user->rights->hrm->read_personal_information->read); $permissiontoaddbankaccount = (!empty($user->rights->salaries->write) || !empty($user->rights->hrm->employee->write) || !empty($user->rights->user->creer)); // Ok if user->rights->salaries->read or user->rights->hrm->read @@ -281,7 +281,7 @@ llxHeader(null, $langs->trans("BankAccounts")); $head = user_prepare_head($object); -if ($id && $bankid && $action == 'edit' && ($user->rights->user->user->creer || $user->rights->hrm->write_employee->write)) { +if ($id && $bankid && $action == 'edit' && ($user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write)) { print ''; print ''; print ''; @@ -446,7 +446,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac print "\n"; // Date of birth - if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { print ''; print ''; print $form->editfieldkey("DateOfBirth", 'birth', $object->birth, $object, $user->rights->user->user->creer); @@ -457,23 +457,23 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac } // Personal email - if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { print ''; print ''; - print $form->editfieldkey("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print $form->editfieldkey("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); print ''; - print $form->editfieldval("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'email', '', null, null, '', 0, 'dol_print_email'); + print $form->editfieldval("UserPersonalEmail", 'personal_email', $object->personal_email, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write, 'email', '', null, null, '', 0, 'dol_print_email'); print ''; print ''; } // Personal phone - if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { print ''; print ''; - print $form->editfieldkey("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print $form->editfieldkey("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); print ''; - print $form->editfieldval("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'string', '', null, null, '', 0, 'dol_print_phone'); + print $form->editfieldval("UserPersonalMobile", 'personal_mobile', $object->personal_mobile, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write, 'string', '', null, null, '', 0, 'dol_print_phone'); print ''; print ''; } @@ -533,23 +533,23 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac } // Employee Number - if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { print ''; print ''; - print $form->editfieldkey("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print $form->editfieldkey("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); print ''; - print $form->editfieldval("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'string', $object->ref_employee); + print $form->editfieldval("RefEmployee", 'ref_employee', $object->ref_employee, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write, 'string', $object->ref_employee); print ''; print ''; } // National registration number - if ($user->rights->hrm->read_employee->read || $user->rights->hrm->write_employee->write) { + if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { print ''; print ''; - print $form->editfieldkey("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write); + print $form->editfieldkey("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); print ''; - print $form->editfieldval("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer || $user->rights->hrm->write_employee->write, 'string', $object->national_registration_number); + print $form->editfieldval("NationalRegistrationNumber", 'national_registration_number', $object->national_registration_number, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write, 'string', $object->national_registration_number); print ''; print ''; } From 199faaa6f6e137a438240228673238996036b055 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 30 Mar 2022 15:19:57 +0200 Subject: [PATCH 13/26] Update modHRM.class.php --- htdocs/core/modules/modHRM.class.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/core/modules/modHRM.class.php b/htdocs/core/modules/modHRM.class.php index bffd760bad6..bd81f06dae7 100644 --- a/htdocs/core/modules/modHRM.class.php +++ b/htdocs/core/modules/modHRM.class.php @@ -214,28 +214,28 @@ class modHRM extends DolibarrModules $r++; // Evaluation - $this->rights[$r][0] = 4020; // Permission id (must not be already used) + $this->rights[$r][0] = 4021; // Permission id (must not be already used) $this->rights[$r][1] = 'Read evaluations'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][4] = 'evaluation'; $this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->hrm->evaluation->read) $r++; - $this->rights[$r][0] = 4021; // Permission id (must not be already used) + $this->rights[$r][0] = 4022; // Permission id (must not be already used) $this->rights[$r][1] = 'Create/modify your evaluation'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][4] = 'evaluation'; $this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->hrm->evaluation->write) $r++; - $this->rights[$r][0] = 4022; // Permission id (must not be already used) + $this->rights[$r][0] = 4023; // Permission id (must not be already used) $this->rights[$r][1] = 'Validate evaluation'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][4] = 'evaluation_advance'; $this->rights[$r][5] = 'validate'; // In php code, permission will be checked by test if ($user->rights->hrm->evaluation->validate) $r++; - $this->rights[$r][0] = 4023; // Permission id (must not be already used) + $this->rights[$r][0] = 4025; // Permission id (must not be already used) $this->rights[$r][1] = 'Delete evaluations'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][4] = 'evaluation'; @@ -243,7 +243,7 @@ class modHRM extends DolibarrModules $r++; // Comparison - $this->rights[$r][0] = 4030; // Permission id (must not be already used) + $this->rights[$r][0] = 4028; // Permission id (must not be already used) $this->rights[$r][1] = 'See comparison menu'; // Permission label $this->rights[$r][3] = 0; // Permission by default for new user (0/1) $this->rights[$r][4] = 'compare_advance'; From 0c0ff4dec9c77f18a84110f4aa42d2e6b61d6a5f Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Thu, 10 Feb 2022 17:06:46 +0100 Subject: [PATCH 14/26] add WORKFLOW_TICKET_CREATE_INTERVENTION to workflow constants --- htdocs/core/modules/modWorkflow.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/modules/modWorkflow.class.php b/htdocs/core/modules/modWorkflow.class.php index dc05bf9dc66..248d3c006ce 100644 --- a/htdocs/core/modules/modWorkflow.class.php +++ b/htdocs/core/modules/modWorkflow.class.php @@ -95,7 +95,8 @@ class modWorkflow extends DolibarrModules 8=>array('WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_SUPPLIER_ORDER', 'chaine', '1', 'WORKFLOW_INVOICE_AMOUNT_CLASSIFY_BILLED_SUPPLIER_ORDER', 0, 'current', 0), 9=>array('WORKFLOW_BILL_ON_RECEPTION', 'chaine', '1', 'WORKFLOW_BILL_ON_RECEPTION', 0, 'current', 0), 10=>array('WORKFLOW_TICKET_LINK_CONTRACT', 'chaine', '0', 'Automatically link a ticket to available contracts', 0, 'current', 0), - 11=>array('WORKFLOW_TICKET_USE_PARENT_COMPANY_CONTRACTS', 'chaine', '0', 'Search among parent companies contracts when automatically linking a ticket to available contracts', 0, 'current', 0) + 11=>array('WORKFLOW_TICKET_USE_PARENT_COMPANY_CONTRACTS', 'chaine', '0', 'Search among parent companies contracts when automatically linking a ticket to available contracts', 0, 'current', 0), + 11=>array('WORKFLOW_TICKET_CREATE_INTERVENTION', 'chaine', '1', 'WORKFLOW_TICKET_CREATE_INTERVENTION', 0, 'current', 0) ); // Boxes From 4790006c3a1adabd9e87af11efb0cc9cc6469af4 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Thu, 10 Feb 2022 17:09:09 +0100 Subject: [PATCH 15/26] workflow config: add button for WORKFLOW_TICKET_CREATE_INTERVENTION --- htdocs/admin/workflow.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/admin/workflow.php b/htdocs/admin/workflow.php index da82f163a7f..a684d642b2f 100644 --- a/htdocs/admin/workflow.php +++ b/htdocs/admin/workflow.php @@ -71,6 +71,12 @@ $workflowcodes = array( 'enabled'=>(!empty($conf->commande->enabled) && !empty($conf->facture->enabled)), 'picto'=>'bill' ), + 'WORKFLOW_TICKET_CREATE_INTERVENTION' => array ( + 'family'=>'create', + 'position'=>25, + 'enabled'=>(!empty($conf->ticket->enabled) && !empty($conf->ficheinter->enabled)), + 'picto'=>'ticket' + ), 'separator1'=>array('family'=>'separator', 'position'=>25, 'title'=>''), From 8db171ae4153dbafc41bf3037b8d575d2d5ba912 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Thu, 10 Feb 2022 17:11:35 +0100 Subject: [PATCH 16/26] add translation string for workflow ticket fichinter creation --- htdocs/langs/en_US/workflow.lang | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/langs/en_US/workflow.lang b/htdocs/langs/en_US/workflow.lang index 6ddf8d9c6a3..e5c07583931 100644 --- a/htdocs/langs/en_US/workflow.lang +++ b/htdocs/langs/en_US/workflow.lang @@ -7,6 +7,7 @@ descWORKFLOW_PROPAL_AUTOCREATE_ORDER=Automatically create a sales order after a descWORKFLOW_PROPAL_AUTOCREATE_INVOICE=Automatically create a customer invoice after a commercial proposal is signed (the new invoice will have same amount as the proposal) descWORKFLOW_CONTRACT_AUTOCREATE_INVOICE=Automatically create a customer invoice after a contract is validated descWORKFLOW_ORDER_AUTOCREATE_INVOICE=Automatically create a customer invoice after a sales order is closed (the new invoice will have same amount as the order) +descWORKFLOW_TICKET_CREATE_INTERVENTION=Create an intervention when opening a ticket from backend and link it to the ticket. # Autoclassify customer proposal or order descWORKFLOW_ORDER_CLASSIFY_BILLED_PROPAL=Classify linked source proposal as billed when sales order is set to billed (and if the amount of the order is the same as the total amount of the signed linked proposal) descWORKFLOW_INVOICE_CLASSIFY_BILLED_PROPAL=Classify linked source proposal as billed when customer invoice is validated (and if the amount of the invoice is the same as the total amount of the signed linked proposal) From ea68ed9c07e55e84cc3a356d906db27960d2c3a6 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Mon, 7 Feb 2022 17:02:19 +0100 Subject: [PATCH 17/26] move automatic intervention creation from ticket/card.php to triggers/workflow.php --- ...e_20_modWorkflow_WorkflowManager.class.php | 23 ++++++++++++++++++- htdocs/ticket/card.php | 22 ------------------ 2 files changed, 22 insertions(+), 23 deletions(-) diff --git a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php index 4e98af5c6c7..ff9787dbb06 100644 --- a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php +++ b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php @@ -435,7 +435,6 @@ class InterfaceWorkflowManager extends DolibarrTriggers $number_contracts_found = 0; foreach ($company_ids as $company_id) { $contrat->socid = $company_id; - $list = $contrat->getListOfContracts($option = 'all', $status = [Contrat::STATUS_DRAFT, Contrat::STATUS_VALIDATED], $product_categories = [$conf->global->TICKET_PRODUCT_CATEGORY], $line_status = [ContratLigne::STATUS_INITIAL, ContratLigne::STATUS_OPEN]); if (is_array($list) && !empty($list)) { $number_contracts_found = count($list); @@ -457,6 +456,28 @@ class InterfaceWorkflowManager extends DolibarrTriggers if (empty(NOLOGIN)) setEventMessage($langs->trans('TicketNoContractFoundToLink'), 'mesgs'); } } + // Automatically create intervention + if (!empty($conf->ficheinter->enabled) && !empty($conf->ticket->enabled) && !empty($conf->workflow->enabled) && !empty($conf->global->WORKFLOW_TICKET_CREATE_INTERVENTION) && !empty($object->fk_soc)) { + $fichinter = new Fichinter($this->db); + $fichinter->socid = $object->fk_soc; + $fichinter->fk_project = $projectid; + $fichinter->fk_contrat = (int) $object->fk_contract; + $fichinter->author = $user->id; + $fichinter->model_pdf = 'soleil'; + $fichinter->origin = $object->element; + $fichinter->origin_id = $object->id; + + // Extrafields + $extrafields = new ExtraFields($this->db); + $extrafields->fetch_name_optionals_label($fichinter->table_element); + $array_options = $extrafields->getOptionalsFromPost($fichinter->table_element); + $fichinter->array_options = $array_options; + + $id = $fichinter->create($user); + if ($id <= 0) { + setEventMessages($fichinter->error, null, 'errors'); + } + } } return 0; } diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 1cebeec3506..99913e6c997 100755 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -254,28 +254,6 @@ if (empty($reshook)) { $result = $object->assignUser($user, $user->id, 1); $object->add_contact($user->id, "SUPPORTTEC", 'internal'); } - - // Auto create fiche intervention - if (!empty($conf->global->TICKET_AUTO_CREATE_FICHINTER_CREATE)) { - $fichinter = new Fichinter($db); - $fichinter->socid = $object->fk_soc; - $fichinter->fk_project = $projectid; - $fichinter->fk_contrat = $object->fk_contract; - $fichinter->author = $user->id; - $fichinter->model_pdf = 'soleil'; - $fichinter->origin = $object->element; - $fichinter->origin_id = $object->id; - - // Extrafields - $extrafields->fetch_name_optionals_label($fichinter->table_element); - $array_options = $extrafields->getOptionalsFromPost($fichinter->table_element); - $fichinter->array_options = $array_options; - - $id = $fichinter->create($user); - if ($id <= 0) { - setEventMessages($fichinter->error, null, 'errors'); - } - } } if (!$error) { From 424125ca03403532778069c430e381b323064ca9 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Tue, 8 Feb 2022 11:22:38 +0100 Subject: [PATCH 18/26] Workflow fichinter: use default fichinter pdf model --- .../triggers/interface_20_modWorkflow_WorkflowManager.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php index ff9787dbb06..e229e40fd8a 100644 --- a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php +++ b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php @@ -463,7 +463,7 @@ class InterfaceWorkflowManager extends DolibarrTriggers $fichinter->fk_project = $projectid; $fichinter->fk_contrat = (int) $object->fk_contract; $fichinter->author = $user->id; - $fichinter->model_pdf = 'soleil'; + $fichinter->model_pdf = (!empty($conf->global->FICHEINTER_ADDON_PDF)) ? $conf->global->FICHEINTER_ADDON_PDF : 'soleil'; $fichinter->origin = $object->element; $fichinter->origin_id = $object->id; From 35d596e1dcedd7634c39a16b6e0ceea005c505e3 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Thu, 10 Feb 2022 17:28:18 +0100 Subject: [PATCH 19/26] rename constant TICKET_AUTO_CREATE_FICHINTER_CREATE to WORKFLOW_TICKET_CREATE_INTERVENTION --- htdocs/install/mysql/migration/15.0.0-16.0.0.sql | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/install/mysql/migration/15.0.0-16.0.0.sql b/htdocs/install/mysql/migration/15.0.0-16.0.0.sql index 1876d3428b4..3859c1331e2 100644 --- a/htdocs/install/mysql/migration/15.0.0-16.0.0.sql +++ b/htdocs/install/mysql/migration/15.0.0-16.0.0.sql @@ -117,6 +117,7 @@ INSERT INTO llx_c_action_trigger (code,label,description,elementtype,rang) value ALTER TABLE llx_ticket ADD COLUMN date_last_msg_sent datetime AFTER date_read; UPDATE llx_const SET name = 'WORKFLOW_TICKET_LINK_CONTRACT' WHERE name = 'TICKET_AUTO_ASSIGN_CONTRACT_CREATE'; +UPDATE llx_const SET name = 'WORKFLOW_TICKET_CREATE_INTERVENTION' WHERE name = 'TICKET_AUTO_CREATE_FICHINTER_CREATE'; CREATE TABLE llx_stock_mouvement_extrafields ( rowid integer AUTO_INCREMENT PRIMARY KEY, From ac7f02e0d37bff9e45884f3630287155158eadd1 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Thu, 10 Feb 2022 17:47:40 +0100 Subject: [PATCH 20/26] stickler corrections --- htdocs/admin/workflow.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/admin/workflow.php b/htdocs/admin/workflow.php index a684d642b2f..a68f49e36e3 100644 --- a/htdocs/admin/workflow.php +++ b/htdocs/admin/workflow.php @@ -72,10 +72,10 @@ $workflowcodes = array( 'picto'=>'bill' ), 'WORKFLOW_TICKET_CREATE_INTERVENTION' => array ( - 'family'=>'create', - 'position'=>25, - 'enabled'=>(!empty($conf->ticket->enabled) && !empty($conf->ficheinter->enabled)), - 'picto'=>'ticket' + 'family'=>'create', + 'position'=>25, + 'enabled'=>(!empty($conf->ticket->enabled) && !empty($conf->ficheinter->enabled)), + 'picto'=>'ticket' ), 'separator1'=>array('family'=>'separator', 'position'=>25, 'title'=>''), From 2ec7818c75cdf2c03801a074aade499e6e2fe7c2 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Fri, 18 Mar 2022 10:13:19 +0100 Subject: [PATCH 21/26] When the ficheinter can't be created, display an error. --- .../interface_20_modWorkflow_WorkflowManager.class.php | 4 ++-- htdocs/fichinter/class/fichinter.class.php | 2 +- htdocs/langs/en_US/interventions.lang | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php index e229e40fd8a..1d46aec1008 100644 --- a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php +++ b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php @@ -457,9 +457,9 @@ class InterfaceWorkflowManager extends DolibarrTriggers } } // Automatically create intervention - if (!empty($conf->ficheinter->enabled) && !empty($conf->ticket->enabled) && !empty($conf->workflow->enabled) && !empty($conf->global->WORKFLOW_TICKET_CREATE_INTERVENTION) && !empty($object->fk_soc)) { + if (!empty($conf->ficheinter->enabled) && !empty($conf->ticket->enabled) && !empty($conf->workflow->enabled) && !empty($conf->global->WORKFLOW_TICKET_CREATE_INTERVENTION)) { $fichinter = new Fichinter($this->db); - $fichinter->socid = $object->fk_soc; + $fichinter->socid = (int) $object->fk_soc; $fichinter->fk_project = $projectid; $fichinter->fk_contrat = (int) $object->fk_contract; $fichinter->author = $user->id; diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index fac008ec304..ee2bf9269ce 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -255,7 +255,7 @@ class Fichinter extends CommonObject } if ($this->socid <= 0) { - $this->error = 'ErrorBadParameterForFunc'; + $this->error = 'ErrorFicheinterCompanyDoesNotExist'; dol_syslog(get_class($this)."::create ".$this->error, LOG_ERR); return -1; } diff --git a/htdocs/langs/en_US/interventions.lang b/htdocs/langs/en_US/interventions.lang index 7c117fcd1f2..a57a84fc4c8 100644 --- a/htdocs/langs/en_US/interventions.lang +++ b/htdocs/langs/en_US/interventions.lang @@ -67,3 +67,4 @@ ToCreateAPredefinedIntervention=To create a predefined or recurring intervention ConfirmReopenIntervention=Are you sure you want to open back the intervention %s? GenerateInter=Generate intervention FichinterNoContractLinked=Intervention %s has been created without a linked contract. +ErrorFicheinterCompanyDoesNotExist=Company does not exist. Intervention has not been created. From 7469cf79f5b5694242c0f4c1715828c9f387ea01 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Fri, 18 Mar 2022 10:17:16 +0100 Subject: [PATCH 22/26] enhance option explanation string --- htdocs/langs/en_US/workflow.lang | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/workflow.lang b/htdocs/langs/en_US/workflow.lang index e5c07583931..803a31c9646 100644 --- a/htdocs/langs/en_US/workflow.lang +++ b/htdocs/langs/en_US/workflow.lang @@ -7,7 +7,7 @@ descWORKFLOW_PROPAL_AUTOCREATE_ORDER=Automatically create a sales order after a descWORKFLOW_PROPAL_AUTOCREATE_INVOICE=Automatically create a customer invoice after a commercial proposal is signed (the new invoice will have same amount as the proposal) descWORKFLOW_CONTRACT_AUTOCREATE_INVOICE=Automatically create a customer invoice after a contract is validated descWORKFLOW_ORDER_AUTOCREATE_INVOICE=Automatically create a customer invoice after a sales order is closed (the new invoice will have same amount as the order) -descWORKFLOW_TICKET_CREATE_INTERVENTION=Create an intervention when opening a ticket from backend and link it to the ticket. +descWORKFLOW_TICKET_CREATE_INTERVENTION=On ticket creation, automatically create an intervention. # Autoclassify customer proposal or order descWORKFLOW_ORDER_CLASSIFY_BILLED_PROPAL=Classify linked source proposal as billed when sales order is set to billed (and if the amount of the order is the same as the total amount of the signed linked proposal) descWORKFLOW_INVOICE_CLASSIFY_BILLED_PROPAL=Classify linked source proposal as billed when customer invoice is validated (and if the amount of the invoice is the same as the total amount of the signed linked proposal) From a913bf387546a30f5176281640e632ecab2387f9 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Mon, 4 Apr 2022 09:47:34 +0200 Subject: [PATCH 23/26] fix regression: use $hookmanager as a global variable to avoid errors on thirdparty page. --- htdocs/core/lib/company.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index 116c2beeb20..99921ac5fb0 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -41,7 +41,7 @@ */ function societe_prepare_head(Societe $object) { - global $db, $langs, $conf, $user; + global $db, $langs, $conf, $user, $hookmanager; $h = 0; $head = array(); From 9fec63c9088c75c83da68dde7ffcac19cedfc047 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Mon, 4 Apr 2022 10:20:43 +0200 Subject: [PATCH 24/26] Empty commit to re-launch Travis From 759f7e051e62efe14dd593d032c80374af8dea45 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 5 Apr 2022 15:18:52 +0200 Subject: [PATCH 25/26] Update files.lib.php --- htdocs/core/lib/files.lib.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 37bc946a8b6..58e282bf7a5 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2087,7 +2087,10 @@ function dol_uncompress($inputfile, $outputdir) include_once DOL_DOCUMENT_ROOT."/core/class/utils.class.php"; $utils = new Utils($db); + $fileinfo = pathinfo($inputfile); + $fileinfo["extension"] = strtolower($fileinfo["extension"]); + if ($fileinfo["extension"] == "zip") { if (defined('ODTPHP_PATHTOPCLZIP') && empty($conf->global->MAIN_USE_ZIPARCHIVE_FOR_ZIP_UNCOMPRESS)) { dol_syslog("Constant ODTPHP_PATHTOPCLZIP for pclzip library is set to ".ODTPHP_PATHTOPCLZIP.", so we use Pclzip to unzip into ".$outputdir); @@ -2146,8 +2149,8 @@ function dol_uncompress($inputfile, $outputdir) } return array('error'=>'ErrNoZipEngine'); - } elseif (in_array($fileinfo["extension"], array('gz','bz2','zst'))) { - $extension = pathinfo($fileinfo["filename"], PATHINFO_EXTENSION); + } elseif (in_array($fileinfo["extension"], array('gz', 'bz2', 'zst'))) { + $extension = strtolower(pathinfo($fileinfo["filename"], PATHINFO_EXTENSION)); if ($extension == "tar") { $cmd = 'tar -C '.escapeshellcmd(dol_sanitizePathName($outputdir)).' -xvf '.escapeshellcmd(dol_sanitizePathName($fileinfo["dirname"]).'/'.dol_sanitizeFileName($fileinfo["basename"])); $resarray = $utils->executeCLI($cmd, $outputdir); From 3385cb80718bc3baf77db81551cc9e4f74a93b56 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 5 Apr 2022 15:19:55 +0200 Subject: [PATCH 26/26] Update files.lib.php --- htdocs/core/lib/files.lib.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 58e282bf7a5..472636d7354 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2085,9 +2085,6 @@ function dol_uncompress($inputfile, $outputdir) { global $conf, $langs, $db; - include_once DOL_DOCUMENT_ROOT."/core/class/utils.class.php"; - $utils = new Utils($db); - $fileinfo = pathinfo($inputfile); $fileinfo["extension"] = strtolower($fileinfo["extension"]); @@ -2150,6 +2147,9 @@ function dol_uncompress($inputfile, $outputdir) return array('error'=>'ErrNoZipEngine'); } elseif (in_array($fileinfo["extension"], array('gz', 'bz2', 'zst'))) { + include_once DOL_DOCUMENT_ROOT."/core/class/utils.class.php"; + $utils = new Utils($db); + $extension = strtolower(pathinfo($fileinfo["filename"], PATHINFO_EXTENSION)); if ($extension == "tar") { $cmd = 'tar -C '.escapeshellcmd(dol_sanitizePathName($outputdir)).' -xvf '.escapeshellcmd(dol_sanitizePathName($fileinfo["dirname"]).'/'.dol_sanitizeFileName($fileinfo["basename"]));