Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix: problem wht perms

Browse Source 
Fix: remove linked usergroup if user is deleted
This commit is contained in:
Regis Houssin
2010-11-10 10:53:39 +00:00
parent 6cbae5ad30
commit 200319137b
3 changed files with 16 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/lib/functions.lib.php
View File

@@ -1577,9 +1577,9 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
//dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename,$feature2,$dbt_socfield,$dbt_select"); //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename,$feature2,$dbt_socfield,$dbt_select");
if ($dbt_select != 'rowid') $objectid = "'".$objectid."'"; if ($dbt_select != 'rowid') $objectid = "'".$objectid."'";
//print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", object_id=".$objectid; //print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid;
//print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select; //print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
//print ", user_societe_contact_lire=".$user->rights->societe->contact->lire."<br>"; //print ", perm: ".$features."->".$feature2."=".$user->rights->$features->$feature2->lire."<br>";
// More features to check // More features to check
$features = explode("&",$features); $features = explode("&",$features);
@@ -1738,6 +1738,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
} }
} }
//print "Delete access is ko";
if (! $deleteok) accessforbidden(); if (! $deleteok) accessforbidden();
//print "Delete access is ok"; //print "Delete access is ok";
} }

7
htdocs/user/class/user.class.php
View File

@@ -634,6 +634,13 @@ class User extends CommonObject
if ($this->db->query($sql)) if ($this->db->query($sql))
{ {
}
// Remove group
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_user WHERE fk_user = ".$this->id;
if ($this->db->query($sql))
{
} }
// Si contact, supprime lien // Si contact, supprime lien

19
htdocs/user/fiche.php
View File

@@ -63,16 +63,9 @@ $confirm=GETPOST("confirm");
// Security check // Security check
$socid=0; $socid=0;
if ($user->societe_id > 0) if ($user->societe_id > 0) $socid = $user->societe_id;
{ $feature2='user';
$socid = $user->societe_id; if ($user->id == $_GET["id"]) { $feature2=''; $canreaduser=1; } // A user can always read its own card
$feature2='user';
}
if ($user->id == $_GET["id"]) // A user can always read its own card
{
$feature2='';
$canreaduser=1;
}
$result = restrictedArea($user, 'user', $_GET["id"], '', $feature2); $result = restrictedArea($user, 'user', $_GET["id"], '', $feature2);
if ($user->id <> $_GET["id"] && ! $canreaduser) accessforbidden(); if ($user->id <> $_GET["id"] && ! $canreaduser) accessforbidden();
@@ -106,7 +99,7 @@ if ($_GET["subaction"] == 'delrights' && $canedituser)
$edituser->delrights($_GET["rights"]); $edituser->delrights($_GET["rights"]);
} }
if ($action == 'confirm_disable' && $confirm == "yes") if ($action == 'confirm_disable' && $confirm == "yes" && $candisableuser)
{ {
if ($_GET["id"] <> $user->id) if ($_GET["id"] <> $user->id)
{ {
@@ -117,7 +110,7 @@ if ($action == 'confirm_disable' && $confirm == "yes")
exit; exit;
} }
} }
if ($action == 'confirm_enable' && $confirm == "yes") if ($action == 'confirm_enable' && $confirm == "yes" && $candisableuser)
{ {
if ($_GET["id"] <> $user->id) if ($_GET["id"] <> $user->id)
{ {
@@ -144,7 +137,7 @@ if ($action == 'confirm_enable' && $confirm == "yes")
} }
} }
if ($action == 'confirm_delete' && $confirm == "yes") if ($action == 'confirm_delete' && $confirm == "yes" && $candisableuser)
{ {
if ($_GET["id"] <> $user->id) if ($_GET["id"] <> $user->id)
{ {