From bc3a210d12add514e6f96f1ec61bef5f6bd2a995 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 3 Feb 2020 11:46:18 +0100 Subject: [PATCH 01/12] FIX compatibility with multicompany (avoid duplicate data) --- htdocs/holiday/class/holiday.class.php | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 66a118c744b..1e3567549a9 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1658,19 +1658,19 @@ class Holiday extends CommonObject { // Si utilisateur de Dolibarr - $sql = "SELECT u.rowid"; + $sql = "SELECT DISTINCT u.rowid"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { - $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; - $sql.= " WHERE (ug.fk_user = u.rowid"; - $sql.= " AND ug.entity = ".$conf->entity.")"; - $sql.= " OR u.admin = 1"; + $sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug"; + $sql.= " WHERE ((ug.fk_user = u.rowid"; + $sql.= " AND ug.entity IN (".getEntity('user')."))"; + $sql.= " OR u.entity = 0)"; // Show always superadmin } else { - $sql.= " WHERE u.entity IN (0,".$conf->entity.")"; + $sql.= " WHERE u.entity IN (".getEntity('user').")"; } $sql.= " AND u.statut > 0"; if ($filters) $sql.=$filters; @@ -1754,18 +1754,20 @@ class Holiday extends CommonObject // List for Dolibarr users if ($type) { - $sql = "SELECT u.rowid, u.lastname, u.firstname, u.gender, u.photo, u.employee, u.statut, u.fk_user"; + $sql = "SELECT DISTINCT u.rowid, u.lastname, u.firstname, u.gender, u.photo, u.employee, u.statut, u.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { - $sql.= ", ".MAIN_DB_PREFIX."usergroup_user as ug"; - $sql.= " WHERE (ug.fk_user = u.rowid"; - $sql.= " AND ug.entity = ".$conf->entity.")"; - $sql.= " OR u.admin = 1"; + $sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug"; + $sql.= " WHERE ((ug.fk_user = u.rowid"; + $sql.= " AND ug.entity IN (".getEntity('user')."))"; + $sql.= " OR u.entity = 0)"; // Show always superadmin } else - $sql.= " WHERE u.entity IN (0,".$conf->entity.")"; + { + $sql.= " WHERE u.entity IN (".getEntity('user').")"; + } $sql.= " AND u.statut > 0"; if ($filters) $sql.=$filters; From e74e63941d6914241a60d5855a891cda1d9a14e8 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 3 Feb 2020 11:55:55 +0100 Subject: [PATCH 02/12] FIX use "usergroup" instead "user" --- htdocs/holiday/class/holiday.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 1e3567549a9..31723379314 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1665,7 +1665,7 @@ class Holiday extends CommonObject { $sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " WHERE ((ug.fk_user = u.rowid"; - $sql.= " AND ug.entity IN (".getEntity('user')."))"; + $sql.= " AND ug.entity IN (".getEntity('usergroup')."))"; $sql.= " OR u.entity = 0)"; // Show always superadmin } else @@ -1761,7 +1761,7 @@ class Holiday extends CommonObject { $sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " WHERE ((ug.fk_user = u.rowid"; - $sql.= " AND ug.entity IN (".getEntity('user')."))"; + $sql.= " AND ug.entity IN (".getEntity('usergroup')."))"; $sql.= " OR u.entity = 0)"; // Show always superadmin } else From d93a597a1eb62db89392aa44b79b73ba19e7c6bb Mon Sep 17 00:00:00 2001 From: Pierre Ardoin <32256817+mapiolca@users.noreply.github.com> Date: Tue, 4 Feb 2020 09:17:02 +0100 Subject: [PATCH 03/12] Fix Compatbility with Multicompany Before : Show all projects of all entities Now : Show only projects that are allowed by permissions --- htdocs/core/boxes/box_project.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index e7281708802..5e06e154987 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -3,6 +3,7 @@ * Copyright (C) 2014 Marcos García * Copyright (C) 2015 Frederic France * Copyright (C) 2016 Juan José Menent + * Copyright (C) 2020 Pierre Ardoin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -99,6 +100,7 @@ class box_project extends ModeleBoxes $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql.= " WHERE p.fk_statut = 1"; // Only open projects + $sql .= " AND entity IN (".getEntity('projet').")"; // Only current entity or severals if permission ok if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; // public and assigned to, or restricted to company for external users $sql.= " ORDER BY p.datec DESC"; From 262d889700ac6fb2fb149c149799ccfedcce133e Mon Sep 17 00:00:00 2001 From: Pierre Ardoin <32256817+mapiolca@users.noreply.github.com> Date: Wed, 5 Feb 2020 08:50:51 +0100 Subject: [PATCH 04/12] Update box_project.php --- htdocs/core/boxes/box_project.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index 5e06e154987..d3670d05ee1 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -100,7 +100,7 @@ class box_project extends ModeleBoxes $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql.= " WHERE p.fk_statut = 1"; // Only open projects - $sql .= " AND entity IN (".getEntity('projet').")"; // Only current entity or severals if permission ok + $sql .= " AND entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; // public and assigned to, or restricted to company for external users $sql.= " ORDER BY p.datec DESC"; From d5b74a8ca3d1fc210c0d60160cf8e2d42415f125 Mon Sep 17 00:00:00 2001 From: Pierre Ardoin <32256817+mapiolca@users.noreply.github.com> Date: Wed, 5 Feb 2020 09:06:43 +0100 Subject: [PATCH 05/12] Update box_project.php --- htdocs/core/boxes/box_project.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index d3670d05ee1..ca9618aab9a 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -100,7 +100,7 @@ class box_project extends ModeleBoxes $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql.= " WHERE p.fk_statut = 1"; // Only open projects - $sql .= " AND entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok + $sql.= " WHERE entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; // public and assigned to, or restricted to company for external users $sql.= " ORDER BY p.datec DESC"; From 81ed70ffc7ac61844088e1e664324e5fdacb8e78 Mon Sep 17 00:00:00 2001 From: Pierre Ardoin <32256817+mapiolca@users.noreply.github.com> Date: Wed, 5 Feb 2020 09:18:39 +0100 Subject: [PATCH 06/12] Update box_project.php --- htdocs/core/boxes/box_project.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index ca9618aab9a..071e4b013ec 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -99,8 +99,8 @@ class box_project extends ModeleBoxes $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; - $sql.= " WHERE p.fk_statut = 1"; // Only open projects - $sql.= " WHERE entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok + $sql.= " WHERE entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok + $sql.= " AND p.fk_statut = 1"; // Only open projects if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; // public and assigned to, or restricted to company for external users $sql.= " ORDER BY p.datec DESC"; From c3cf9e62b3bad4145fa1f145f9863e84c2b046df Mon Sep 17 00:00:00 2001 From: VESSILLER Date: Wed, 5 Feb 2020 11:31:02 +0100 Subject: [PATCH 07/12] FIX links in products/services index --- htdocs/product/index.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/product/index.php b/htdocs/product/index.php index caeb5e5d873..246d50e5c3e 100644 --- a/htdocs/product/index.php +++ b/htdocs/product/index.php @@ -143,31 +143,31 @@ print ''.$langs->trans("Statistics").'product->enabled)) { $statProducts = ''; - $statProducts.= ''.$langs->trans("ProductsNotOnSell").''.round($prodser[0][0]).''; + $statProducts.= ''.$langs->trans("ProductsNotOnSell").''.round($prodser[0][0]).''; $statProducts.= ""; $statProducts.= ''; - $statProducts.= ''.$langs->trans("ProductsOnSaleOnly").''.round($prodser[0][1]).''; + $statProducts.= ''.$langs->trans("ProductsOnSaleOnly").''.round($prodser[0][1]).''; $statProducts.= ""; $statProducts.= ''; - $statProducts.= ''.$langs->trans("ProductsOnPurchaseOnly").''.round($prodser[0][2]).''; + $statProducts.= ''.$langs->trans("ProductsOnPurchaseOnly").''.round($prodser[0][2]).''; $statProducts.= ""; $statProducts.= ''; - $statProducts.= ''.$langs->trans("ProductsOnSellAndOnBuy").''.round($prodser[0][3]).''; + $statProducts.= ''.$langs->trans("ProductsOnSellAndOnBuy").''.round($prodser[0][3]).''; $statProducts.= ""; } if (! empty($conf->service->enabled)) { $statServices = ''; - $statServices.= ''.$langs->trans("ServicesNotOnSell").''.round($prodser[1][0]).''; + $statServices.= ''.$langs->trans("ServicesNotOnSell").''.round($prodser[1][0]).''; $statServices.= ""; $statServices.= ''; - $statServices.= ''.$langs->trans("ServicesOnSaleOnly").''.round($prodser[1][1]).''; + $statServices.= ''.$langs->trans("ServicesOnSaleOnly").''.round($prodser[1][1]).''; $statServices.= ""; $statServices.= ''; - $statServices.= ''.$langs->trans("ServicesOnPurchaseOnly").''.round($prodser[1][2]).''; + $statServices.= ''.$langs->trans("ServicesOnPurchaseOnly").''.round($prodser[1][2]).''; $statServices.= ""; $statServices.= ''; - $statServices.= ''.$langs->trans("ServicesOnSellAndOnBuy").''.round($prodser[1][3]).''; + $statServices.= ''.$langs->trans("ServicesOnSellAndOnBuy").''.round($prodser[1][3]).''; $statServices.= ""; } $total=0; From 63ba601906cb9e0fda349dd06f0968bc48f3330b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 5 Feb 2020 12:39:00 +0100 Subject: [PATCH 08/12] Update box_project.php --- htdocs/core/boxes/box_project.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index 071e4b013ec..9b3920590d2 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -99,7 +99,7 @@ class box_project extends ModeleBoxes $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; - $sql.= " WHERE entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok + $sql.= " WHERE p.entity IN (".getEntity('project').")"; // Only current entity or severals if permission ok $sql.= " AND p.fk_statut = 1"; // Only open projects if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")"; // public and assigned to, or restricted to company for external users From d35994e5db1a79ddea4babe94f466589f8b8a69a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 5 Feb 2020 13:25:51 +0100 Subject: [PATCH 09/12] Update holiday.class.php --- htdocs/holiday/class/holiday.class.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 31723379314..78210d08bc9 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1656,9 +1656,12 @@ class Holiday extends CommonObject { if ($type) { - // Si utilisateur de Dolibarr - - $sql = "SELECT DISTINCT u.rowid"; + // If user of Dolibarr + $sql = "SELECT"; + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { + $sql .= " DISTINCT"; + } + $sql.= " u.rowid"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) From c101c3dd55ec96f86e23c29618f6a1c4e0ef05ad Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 5 Feb 2020 13:27:22 +0100 Subject: [PATCH 10/12] Update holiday.class.php --- htdocs/holiday/class/holiday.class.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 78210d08bc9..04ccf239766 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1757,7 +1757,12 @@ class Holiday extends CommonObject // List for Dolibarr users if ($type) { - $sql = "SELECT DISTINCT u.rowid, u.lastname, u.firstname, u.gender, u.photo, u.employee, u.statut, u.fk_user"; + // If user of Dolibarr + $sql = "SELECT"; + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { + $sql .= " DISTINCT"; + } + $sql = " u.rowid, u.lastname, u.firstname, u.gender, u.photo, u.employee, u.statut, u.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) From 9100b8a5486857f964b577e9c81d612ea6253317 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 5 Feb 2020 13:41:10 +0100 Subject: [PATCH 11/12] FIX SQL request and phpunit --- htdocs/holiday/class/holiday.class.php | 2 +- test/phpunit/HolidayTest.php | 20 ++++++++------------ 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 66a118c744b..0c058313ad6 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1712,7 +1712,7 @@ class Holiday extends CommonObject // We want only list of vacation balance for user ids $sql = "SELECT DISTINCT cpu.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."holiday_users as cpu, ".MAIN_DB_PREFIX."user as u"; - $sql.= " WHERE cpu.fk_user = u.user"; + $sql.= " WHERE cpu.fk_user = u.rowid"; if ($filters) $sql.=$filters; $resql=$this->db->query($sql); diff --git a/test/phpunit/HolidayTest.php b/test/phpunit/HolidayTest.php index ce3312ba441..190496cf5bf 100644 --- a/test/phpunit/HolidayTest.php +++ b/test/phpunit/HolidayTest.php @@ -247,21 +247,17 @@ class HolidayTest extends PHPUnit\Framework\TestCase $langs=$this->savlangs; $db=$this->savdb; - //$localobject->fetch($localobject->id); + $result = $localobject->fetchUsers(true, true, ''); + $this->assertNotEquals($result, -1); - /* - $result=$localobject->getNomUrl(1); - print __METHOD__." id=".$localobject->id." result=".$result."\n"; - $this->assertNotEquals($result, ''); + $result = $localobject->fetchUsers(true, false, ''); + $this->assertNotEquals($result, -1); - $result=$localobject->getFullAddress(1); - print __METHOD__." id=".$localobject->id." result=".$result."\n"; - $this->assertContains("New address\nNew zip New town\nBelgium", $result); + $result = $localobject->fetchUsers(false, true, ''); + $this->assertNotEquals($result, -1); - $localobject->info($localobject->id); - print __METHOD__." localobject->date_creation=".$localobject->date_creation."\n"; - $this->assertNotEquals($localobject->date_creation, ''); - */ + $result = $localobject->fetchUsers(false, false, ''); + $this->assertNotEquals($result, -1); return $localobject->id; } From a36cf1f86beb63cfe5bda715885bc06bce8ebfd9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 5 Feb 2020 14:08:13 +0100 Subject: [PATCH 12/12] Fix phpunit --- htdocs/holiday/class/holiday.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 1bbeb869995..25f1d9675bb 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1762,7 +1762,7 @@ class Holiday extends CommonObject if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql .= " DISTINCT"; } - $sql = " u.rowid, u.lastname, u.firstname, u.gender, u.photo, u.employee, u.statut, u.fk_user"; + $sql.= " u.rowid, u.lastname, u.firstname, u.gender, u.photo, u.employee, u.statut, u.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u"; if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))