Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

More phpunit tests

Browse Source
This commit is contained in:
Laurent Destailleur
2012-02-12 18:30:50 +01:00
parent 036e578e0f
commit 447922c218
2 changed files with 22 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
htdocs/core/lib/security.lib.php
View File

@@ -85,7 +85,7 @@ function dol_hash($chain,$type=0)
* If GETPOST('action') defined, we also check write and delete permission.
*
* @param User $user User to check
* @param string $features Features to check (in most cases, it's module name)
* @param string $features Features to check (in most cases, it's module name. Examples: 'societe', 'contact', 'produit|service', ...)
* @param int $objectid Object ID if we want to check permission on a particular record (optionnal)
* @param string $dbtablename Table name where object is stored. Not used if objectid is null (optionnal)
* @param string $feature2 Feature to check, second level of permission (optionnal)
@@ -94,7 +94,7 @@ function dol_hash($chain,$type=0)
* @param Canvas $objcanvas Object canvas
* @return int Always 1, die process if not allowed
*/
function restrictedArea($user, $features='societe', $objectid=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $objcanvas=null)
function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $objcanvas=null)
{
global $db, $conf;
@@ -163,11 +163,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
}
}
if (! $readok)
{
//print "Read access is down";
accessforbidden();
}
if (! $readok) accessforbidden();
//print "Read access is ok";
// Check write permission from module