forked from Wavyzz/dolibarr
UIUX adds a new permission that restricts the user to seeing their salaries and only those. (#35293)
* Update admin.lang Add translate "Permission511=Lire les salaires et leur paiement (les vôtres et ceux de vos subordonnées)" and move old 511->512 and 512->513. * Update modSalaries.class.php Add the new permission 'Read employee salaries and payments (yours only)' * Update list.php add the new permission filter "read child" * Update payments.php Add the new permission "readchild" * Update index.php Add support off new permission * Update index.php * Update index.php * Update index.php * Update list.php * Update list.php * Update list.php * Update payments.php
This commit is contained in:
Pierre Ardoin
@@ -98,14 +98,22 @@ class modSalaries extends DolibarrModules
|
||||
|
||||
$r++;
|
||||
$this->rights[$r][0] = 511;
|
||||
$this->rights[$r][1] = 'Read employee salaries and payments (yours and your subordinates)';
|
||||
$this->rights[$r][1] = 'Read employee salaries and payments (yours only)';
|
||||
$this->rights[$r][2] = 'r';
|
||||
$this->rights[$r][3] = 0;
|
||||
$this->rights[$r][4] = 'read';
|
||||
$this->rights[$r][5] = '';
|
||||
|
||||
$r++;
|
||||
$this->rights[$r][0] = 512;
|
||||
$this->rights[$r][0] = 511;
|
||||
$this->rights[$r][1] = 'Read employee salaries and payments (yours and your subordinates)';
|
||||
$this->rights[$r][2] = 'r';
|
||||
$this->rights[$r][3] = 0;
|
||||
$this->rights[$r][4] = 'readchild';
|
||||
$this->rights[$r][5] = '';
|
||||
|
||||
$r++;
|
||||
$this->rights[$r][0] = 513;
|
||||
$this->rights[$r][1] = 'Create/modify payments of empoyee salaries';
|
||||
$this->rights[$r][2] = 'w';
|
||||
$this->rights[$r][3] = 0;
|
||||
|
||||
@@ -920,8 +920,9 @@ Permission402=Créer/modifier les avoirs
|
||||
Permission403=Valider les avoirs
|
||||
Permission404=Supprimer les avoirs
|
||||
Permission431=Utilisez la barre de débogage
|
||||
Permission511=Lire les salaires et leur paiement (les vôtres et ceux de vos subordonnées)
|
||||
Permission512=Créer/modifier les salaires et leur paiement
|
||||
Permission511=Lire les salaires et leur paiement (les vôtres seulement)
|
||||
Permission512=Lire les salaires et leur paiement (les vôtres et ceux de vos subordonnées)
|
||||
Permission513=Créer/modifier les salaires et leur paiement
|
||||
Permission514=Supprimer les salaires et leur paiement
|
||||
Permission517=Lire les salaires et leur paiement de tout le monde
|
||||
Permission519=Exporter les salaires
|
||||
|
||||
@@ -361,9 +361,13 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account ba ON (ba.rowid = s.fk_accoun
|
||||
$sql .= " ".MAIN_DB_PREFIX."user as u";
|
||||
$sql .= " WHERE u.rowid = s.fk_user";
|
||||
$sql .= " AND s.entity IN (".getEntity('salaries').")";
|
||||
if (!$user->hasRight('salaries', 'readchild')) {
|
||||
$sql .= " AND s.fk_user = ".(int) $user->id;
|
||||
}
|
||||
if (!$user->hasRight('salaries', 'readall')) {
|
||||
$sql .= " AND s.fk_user IN (".$db->sanitize(implode(',', $childids)).")";
|
||||
}
|
||||
|
||||
//print $sql;
|
||||
|
||||
// Search criteria
|
||||
|
||||
@@ -255,8 +255,11 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON b.fk_account = ba.ro
|
||||
$sql .= " ".MAIN_DB_PREFIX."user as u";
|
||||
$sql .= " WHERE u.rowid = sal.fk_user";
|
||||
$sql .= " AND s.entity IN (".getEntity('payment_salaries').")";
|
||||
if (!$user->hasRight('salaries', 'readchild')) {
|
||||
$sql .= " AND s.fk_user = ".(int) $user->id;
|
||||
}
|
||||
if (!$user->hasRight('salaries', 'readall')) {
|
||||
$sql .= " AND sal.fk_user IN (".$db->sanitize(implode(',', $childids)).")";
|
||||
$sql .= " AND s.fk_user IN (".$db->sanitize(implode(',', $childids)).")";
|
||||
}
|
||||
|
||||
// Search criteria
|
||||
|
||||
@@ -85,6 +85,9 @@ dol_mkdir($dir);
|
||||
|
||||
$useridtofilter = $userid; // Filter from parameters
|
||||
|
||||
if (!$user->hasRight('salaries', 'readchild') && empty($useridtofilter)) {
|
||||
$useridtofilter = $user->id;
|
||||
}
|
||||
if (!$user->hasRight('salaries', 'readall') && empty($useridtofilter)) {
|
||||
$useridtofilter = $user->getAllChildIds(1);
|
||||
}
|
||||
@@ -216,14 +219,19 @@ print '<div class="fichecenter"><div class="fichethirdleft">';
|
||||
// Show filter box
|
||||
print '<form name="stats" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.newToken().'">';
|
||||
|
||||
print '<table class="noborder centpercent">';
|
||||
print '<tr class="liste_titre"><td class="liste_titre" colspan="2">'.$langs->trans("Filter").'</td></tr>';
|
||||
|
||||
// User
|
||||
print '<tr><td>'.$langs->trans("Employee").'</td><td>';
|
||||
print img_picto('', 'user', 'class="pictofixedwidth"');
|
||||
print $form->select_dolusers(($userid ? $userid : -1), 'userid', 1, null, 0, !$user->hasRight('salaries', 'readall') ? 'hierarchyme' : '', '', '0', 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300');
|
||||
if (!$user->hasRight('salaries', 'readchild') && empty($useridtofilter)) {
|
||||
print img_picto('', 'user', 'class="pictofixedwidth"');
|
||||
print $form->select_dolusers(($userid ? $userid : -1), 'userid', 1, null, 0, !$user->hasRight('salaries', 'readall') ? 'hierarchyme' : '', '', '0', 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300');
|
||||
} else {
|
||||
print $user->getNomUrl(1);
|
||||
}
|
||||
print '</td></tr>';
|
||||
|
||||
// Year
|
||||
print '<tr><td>'.$langs->trans("Year").'</td><td>';
|
||||
if (!in_array($year, $arrayyears)) {
|
||||
@@ -236,7 +244,6 @@ print '<tr><td align="center" colspan="2"><input type="submit" name="submit" cla
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
print '<br><br>';
|
||||
|
||||
print '<div class="div-table-responsive-no-min">';
|
||||
print '<table class="noborder centpercent">';
|
||||
print '<tr class="liste_titre" height="24">';
|
||||
|
||||
Reference in New Issue
Block a user