Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Debug v18

Browse Source
This commit is contained in:
Laurent Destailleur
2023-04-03 12:06:16 +02:00
parent 254e785c47
commit 2f34f179b9
4 changed files with 17 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/core/lib/security.lib.php
View File

@@ -332,7 +332,7 @@ function dolGetLdapPasswordHash($password, $type = 'md5')
* This method check permission on module then call checkUserAccessToObject() for permission on object (according to entity and socid of user).
*
* @param User $user User to check
* @param string $features Features to check (it must be module $object->element. Can be a 'or' check with 'levela|levelb'.
* @param string $features Features to check (it must be module name or $object->element. Can be a 'or' check with 'levela|levelb'.
* Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...)
* This is used to check permission $user->rights->features->...
* @param int|string|object $object Object or Object ID or list of Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional).
@@ -364,7 +364,7 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '',
//dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename, $feature2, $dbt_socfield, $dbt_select, $isdraft");
//print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid;
//print ", dbtablename=".$tableandshare.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
//print ", perm: ".$features."->".$feature2."=".($user->rights->$features->$feature2->lire)."<br>";
//print ", perm: ".$features."->".$feature2."=".($user->hasRight($features, $feature2, 'lire'))."<br>";
$parentfortableentity = '';
@@ -388,9 +388,7 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '',
$features = 'adherent';
$feature2 = 'cotisation';
}
if ($features == 'websitepage') {
$features = 'website';
$tableandshare = 'website_page';
if ($features == 'website' && is_object($object) && $object->element == 'websitepage') {
$parentfortableentity = 'fk_website@website';
}
if ($features == 'project') {