diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php index b61b82aeca2..60de7a205ab 100644 --- a/htdocs/accountancy/bookkeeping/listbyaccount.php +++ b/htdocs/accountancy/bookkeeping/listbyaccount.php @@ -1297,7 +1297,7 @@ print ""; print ''; // TODO Replace this with mass delete action -//if ($user->rights->accounting->mouvements->supprimer_tous) { +//if ($user->hasRight('accounting', 'mouvements, 'supprimer_tous')) { // print '
'."\n"; // print ''.$langs->trans("DeleteMvt").''; // print '
'; diff --git a/htdocs/asset/agenda.php b/htdocs/asset/agenda.php index 11c956d8d59..35fafc2645b 100644 --- a/htdocs/asset/agenda.php +++ b/htdocs/asset/agenda.php @@ -166,7 +166,7 @@ if ($object->id > 0) { $out = '&origin=' . urlencode($object->element . '@' . $object->module) . '&originid=' . urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'] . '?id=' . $object->id; $out .= '&backtopage=' . urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='id > 0) { $objcon = new stdClass(); $out = '&origin='.$object->element.'&originid='.$object->id; - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='id > 0) { $out = '&origin='.urlencode($object->element.'@'.$object->module).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='rights->categorie->lire) { +if (!$user->hasRight('categorie', 'lire')) { accessforbidden(); } diff --git a/htdocs/categories/index.php b/htdocs/categories/index.php index 21be2954d3f..69747248906 100644 --- a/htdocs/categories/index.php +++ b/htdocs/categories/index.php @@ -49,7 +49,7 @@ if (is_numeric($type)) { // Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array $hookmanager->initHooks(array('categoryindex')); -if (!$user->rights->categorie->lire) { +if (!$user->hasRight('categorie', 'lire')) { accessforbidden(); } diff --git a/htdocs/categories/info.php b/htdocs/categories/info.php index 81685a51e7b..f5f63091f9c 100644 --- a/htdocs/categories/info.php +++ b/htdocs/categories/info.php @@ -29,7 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/categories.lib.php'; -if (!$user->rights->categorie->lire) { +if (!$user->hasRight('categorie', 'lire')) { accessforbidden(); } diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 5d9995bfaba..b2a149ead79 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -2514,8 +2514,8 @@ if ($id > 0) { $filedir = $conf->agenda->multidir_output[$conf->entity].'/'.$object->id; $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed = $user->rights->agenda->myactions->read; - $delallowed = $user->rights->agenda->myactions->create; + $genallowed = $user->hasRight('agenda', 'myactions', 'read'); + $delallowed = $user->hasRight('agenda', 'myactions', 'create'); print $formfile->showdocuments('actions', $object->id, $filedir, $urlsource, $genallowed, $delallowed, '', 0, 0, 0, 0, 0, '', '', '', $langs->getDefaultLang()); diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index 66d115c171c..95387ec4cb0 100644 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -305,7 +305,7 @@ if ($object->id > 0) { $modulepart = 'actions'; - $permissiontoadd = $user->rights->agenda->myactions->create || $user->hasRight('agenda', 'allactions', 'create'); + $permissiontoadd = $user->hasRight('agenda', 'myactions', 'create') || $user->hasRight('agenda', 'allactions', 'create'); $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index 79330cd57bf..f9f25a6fcff 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -267,7 +267,7 @@ if (empty($reshook)) { $uploaddir = true; // Only users that can delete any event can remove records. $permissiontodelete = $user->rights->agenda->allactions->delete; - $permissiontoadd = $user->rights->agenda->myactions->create; + $permissiontoadd = $user->hasRight('agenda', 'myactions', 'create'); include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; } diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 4be7cd47f4c..1ae1ae0a6fb 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -799,7 +799,7 @@ if ((isModEnabled("supplier_order") || isModEnabled("supplier_invoice")) && $use /* * Last actions */ -/*if ($user->rights->agenda->myactions->read) { +/*if ($user->hasRight('agenda', 'myactions', 'read')) { show_array_last_actions_done($max); }*/ @@ -807,7 +807,7 @@ if ((isModEnabled("supplier_order") || isModEnabled("supplier_invoice")) && $use /* * Actions to do */ -/*if ($user->rights->agenda->myactions->read) { +/*if ($user->hasRight('agenda', 'myactions', 'read')) { show_array_actions_to_do($max); }*/ diff --git a/htdocs/comm/propal/agenda.php b/htdocs/comm/propal/agenda.php index 97cb9584aaf..aa8f5d4aecb 100644 --- a/htdocs/comm/propal/agenda.php +++ b/htdocs/comm/propal/agenda.php @@ -194,7 +194,7 @@ if ($object->id > 0) { $out = '&origin='.urlencode($object->element.(property_exists($object, 'module') ? '@'.$object->module : '')).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='displayCanvasExists($action)) { $out = ''; $newcardbutton = ''; if (isModEnabled('agenda')) { - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { if (is_object($objthirdparty) && get_class($objthirdparty) == 'Societe') { $out .= '&originid='.$objthirdparty->id.($objthirdparty->id > 0 ? '&socid='.$objthirdparty->id : ''); diff --git a/htdocs/core/boxes/box_accountancy_last_manual_entries.php b/htdocs/core/boxes/box_accountancy_last_manual_entries.php index a15728a04f0..b2619c9cada 100644 --- a/htdocs/core/boxes/box_accountancy_last_manual_entries.php +++ b/htdocs/core/boxes/box_accountancy_last_manual_entries.php @@ -79,7 +79,7 @@ class box_accountancy_last_manual_entries extends ModeleBoxes $this->info_box_head = array('text' => $langs->trans("BoxTitleLastManualEntries", $max)); - if ($user->rights->accounting->mouvements->lire) { + if ($user->hasRight('accounting', 'mouvements, 'lire')) { $sql = "SELECT DISTINCT b.piece_num"; $sql .= ", b.doc_date as date_movement"; $sql .= ", b.label_operation"; diff --git a/htdocs/core/boxes/box_accountancy_suspense_account.php b/htdocs/core/boxes/box_accountancy_suspense_account.php index 3ea5b191799..378464ab579 100644 --- a/htdocs/core/boxes/box_accountancy_suspense_account.php +++ b/htdocs/core/boxes/box_accountancy_suspense_account.php @@ -78,7 +78,7 @@ class box_accountancy_suspense_account extends ModeleBoxes $this->info_box_head = array('text' => $langs->trans("BoxTitleSuspenseAccount")); - if ($user->rights->accounting->mouvements->lire) { + if ($user->hasRight('accounting', 'mouvements, 'lire')) { $suspenseAccount = $conf->global->ACCOUNTING_ACCOUNT_SUSPENSE; if (!empty($suspenseAccount) && $suspenseAccount > 0) { $sql = "SELECT COUNT(*) as nb_suspense_account"; diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 31852cfe9ff..5b58511817e 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -84,7 +84,7 @@ class box_actions extends ModeleBoxes $this->info_box_head = array('text' => $langs->trans("BoxTitleOldestActionsToDo", $max)); - if ($user->rights->agenda->myactions->read) { + if ($user->hasRight('agenda', 'myactions', 'read')) { $sql = "SELECT a.id, a.label, a.datep as dp, a.percent as percentage"; $sql .= ", ta.code"; $sql .= ", ta.libelle as type_label"; diff --git a/htdocs/core/boxes/box_actions_future.php b/htdocs/core/boxes/box_actions_future.php index 61340ca8c85..e45322d9efe 100644 --- a/htdocs/core/boxes/box_actions_future.php +++ b/htdocs/core/boxes/box_actions_future.php @@ -86,7 +86,7 @@ class box_actions_future extends ModeleBoxes $this->info_box_head = array('text' => $langs->trans("BoxTitleFutureActions", $max)); - if ($user->rights->agenda->myactions->read) { + if ($user->hasRight('agenda', 'myactions', 'read')) { $sql = "SELECT a.id, a.label, a.datep as dp, a.percent as percentage"; $sql .= ", ta.code"; $sql .= ", ta.libelle as type_label"; diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 0cfc8029a76..f5572753854 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -693,7 +693,7 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '', $deleteok = 0; } } elseif ($feature == 'produit|service') { - if (!$user->rights->produit->supprimer && !$user->rights->service->supprimer) { + if (!$user->hasRight('produit', 'supprimer') && !$user->hasRight('service', 'supprimer')) { $deleteok = 0; } } elseif ($feature == 'commande_fournisseur') { diff --git a/htdocs/core/menus/standard/auguria.lib.php b/htdocs/core/menus/standard/auguria.lib.php index ea05679b2d7..961004c8ba8 100644 --- a/htdocs/core/menus/standard/auguria.lib.php +++ b/htdocs/core/menus/standard/auguria.lib.php @@ -374,8 +374,8 @@ function print_left_auguria_menu($db, $menu_array_before, $menu_array_after, &$t $db->free($resql); } - if (isModEnabled('accounting') && !empty($user->rights->accounting->comptarapport->lire) && $mainmenu == 'accountancy') { // Entry in accountancy journal for each bank account - $newmenu->add('', $langs->trans("RegistrationInAccounting"), 1, $user->rights->accounting->comptarapport->lire, '', 'accountancy', 'accountancy', 10); + if (isModEnabled('accounting') && $user->hasRight('accounting', 'comptarapport', 'lire') && $mainmenu == 'accountancy') { // Entry in accountancy journal for each bank account + $newmenu->add('', $langs->trans("RegistrationInAccounting"), 1, $user->hasRight('accounting', 'comptarapport', 'lire'), '', 'accountancy', 'accountancy', 10); // Multi journal $sql = "SELECT rowid, code, label, nature"; @@ -430,13 +430,13 @@ function print_left_auguria_menu($db, $menu_array_before, $menu_array_after, &$t if ($nature) { $langs->load('accountancy'); $journallabel = $langs->transnoentities($objp->label); // Labels in this table are set by loading llx_accounting_abc.sql. Label can be 'ACCOUNTING_SELL_JOURNAL', 'InventoryJournal', ... - $newmenu->add('/accountancy/journal/'.$nature.'journal.php?mainmenu=accountancy&leftmenu=accountancy_journal&id_journal='.$objp->rowid, $journallabel, 2, $user->rights->accounting->comptarapport->lire); + $newmenu->add('/accountancy/journal/'.$nature.'journal.php?mainmenu=accountancy&leftmenu=accountancy_journal&id_journal='.$objp->rowid, $journallabel, 2, $user->hasRight('accounting', 'comptarapport', 'lire')); } $i++; } } else { // Should not happend. Entries are added - $newmenu->add('', $langs->trans("NoJournalDefined"), 2, $user->rights->accounting->comptarapport->lire); + $newmenu->add('', $langs->trans("NoJournalDefined"), 2, $user->hasRight('accounting', 'comptarapport', 'lire')); } } else { dol_print_error($db); diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php index b35e7748570..c73a2dcfb9f 100644 --- a/htdocs/core/photos_resize.php +++ b/htdocs/core/photos_resize.php @@ -51,7 +51,7 @@ if (empty($modulepart)) { $accessallowed = 0; if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'service' || $modulepart == 'produit|service') { $result = restrictedArea($user, 'produit|service', $id, 'product&product'); - if ($modulepart == 'produit|service' && (!$user->rights->produit->lire && !$user->rights->service->lire)) { + if ($modulepart == 'produit|service' && (!$user->hasRight('produit', 'lire') && !$user->hasRight('service', 'lire'))) { accessforbidden(); } $accessallowed = 1; diff --git a/htdocs/core/tpl/contacts.tpl.php b/htdocs/core/tpl/contacts.tpl.php index e4258d45aba..0b6c6fb9939 100644 --- a/htdocs/core/tpl/contacts.tpl.php +++ b/htdocs/core/tpl/contacts.tpl.php @@ -59,7 +59,7 @@ if ($module == 'propal') { } elseif ($module == 'project') { $permission = $user->rights->projet->creer; } elseif ($module == 'action') { - $permission = $user->rights->agenda->myactions->create; + $permission = $user->hasRight('agenda', 'myactions', 'create'); } elseif ($module == 'shipping') { $permission = $user->rights->expedition->creer; } elseif ($module == 'reception') { diff --git a/htdocs/fichinter/agenda.php b/htdocs/fichinter/agenda.php index dda47feda1f..0b1ecaa9592 100644 --- a/htdocs/fichinter/agenda.php +++ b/htdocs/fichinter/agenda.php @@ -195,7 +195,7 @@ if ($object->id > 0) { $out = '&origin='.urlencode($object->element.(property_exists($object, 'module') ? '@'.$object->module : '')).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='id > 0) { $out = '&origin='.urlencode($object->element.'@'.$object->module).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='id > 0) { $out = '&origin='.urlencode($object->element.'@'.$object->module).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='id > 0) { $out = '&origin='.urlencode($object->element.(property_exists($object, 'module') ? '@'.$object->module : '')).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='id > 0) { $out = '&origin='.urlencode($object->element.'@'.$object->module).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='id; diff --git a/htdocs/projet/agenda.php b/htdocs/projet/agenda.php index fa84d0706b5..5e8f0dfafbf 100644 --- a/htdocs/projet/agenda.php +++ b/htdocs/projet/agenda.php @@ -162,7 +162,7 @@ print dol_get_fiche_end(); // Actions buttons $out = ''; -$permok = $user->rights->agenda->myactions->create; +$permok = $user->hasRight('agenda', 'myactions', 'create'); if ($permok) { $out .= '&projectid='.$object->id; } diff --git a/htdocs/recruitment/recruitmentcandidature_agenda.php b/htdocs/recruitment/recruitmentcandidature_agenda.php index 2011bf006a8..757c9ac19d5 100644 --- a/htdocs/recruitment/recruitmentcandidature_agenda.php +++ b/htdocs/recruitment/recruitmentcandidature_agenda.php @@ -207,7 +207,7 @@ if ($object->id > 0) { $objcon = new stdClass(); $out = '&origin='.$object->element.'@recruitment&originid='.$object->id; - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='rights->categorie->lire) { +if (!$user->hasRight('categorie', 'lire')) { accessforbidden(); } diff --git a/htdocs/workstation/workstation_agenda.php b/htdocs/workstation/workstation_agenda.php index 0a6ace8f3d6..1e181ac46bd 100644 --- a/htdocs/workstation/workstation_agenda.php +++ b/htdocs/workstation/workstation_agenda.php @@ -207,7 +207,7 @@ if ($object->id > 0) { $out = '&origin='.urlencode($object->element.'@'.$object->module).'&originid='.urlencode($object->id); $urlbacktopage = $_SERVER['PHP_SELF'].'?id='.$object->id; $out .= '&backtopage='.urlencode($urlbacktopage); - $permok = $user->rights->agenda->myactions->create; + $permok = $user->hasRight('agenda', 'myactions', 'create'); if ((!empty($objthirdparty->id) || !empty($objcon->id)) && $permok) { //$out.='