forked from Wavyzz/dolibarr
Laurent Destailleur
@@ -720,7 +720,7 @@ if ($limit > 0 && $limit != $conf->liste_limit) {
|
||||
|
||||
// List of mass actions available
|
||||
$arrayofmassactions = array();
|
||||
if (getDolGlobalInt('ACCOUNTING_ENABLE_LETTERING') && $user->rights->accounting->mouvements->creer) {
|
||||
if (getDolGlobalInt('ACCOUNTING_ENABLE_LETTERING') && $user->hasRight('accounting', 'mouvements', 'creer')) {
|
||||
$arrayofmassactions['letteringauto'] = img_picto('', 'check', 'class="pictofixedwidth"') . $langs->trans('LetteringAuto');
|
||||
$arrayofmassactions['preunletteringauto'] = img_picto('', 'uncheck', 'class="pictofixedwidth"') . $langs->trans('UnletteringAuto');
|
||||
$arrayofmassactions['letteringmanual'] = img_picto('', 'check', 'class="pictofixedwidth"') . $langs->trans('LetteringManual');
|
||||
|
||||
@@ -381,7 +381,7 @@ if (empty($reshook)) {
|
||||
$param = '&type='.$type.$param;
|
||||
}
|
||||
|
||||
//if ($action == 'delbookkeepingyearconfirm' && $user->rights->accounting->mouvements->supprimer_tous) {
|
||||
//if ($action == 'delbookkeepingyearconfirm' && $user->hasRight('accounting', 'mouvements', 'supprimer')_tous) {
|
||||
// $delmonth = GETPOST('delmonth', 'int');
|
||||
// $delyear = GETPOST('delyear', 'int');
|
||||
// if ($delyear == -1) {
|
||||
|
||||
@@ -166,7 +166,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
|
||||
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
|
||||
if ($massaction == 'ventil' && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
$msg = '';
|
||||
|
||||
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';
|
||||
@@ -446,7 +446,7 @@ if ($result) {
|
||||
//'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
|
||||
//'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
|
||||
);
|
||||
//if ($user->rights->mymodule->supprimer) $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
|
||||
//if ($user->hasRight('mymodule', 'supprimer')) $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
|
||||
//if (in_array($massaction, array('presend','predelete'))) $arrayofmassactions=array();
|
||||
if ($massaction !== 'set_default_account') {
|
||||
$massactionbutton = $form->selectMassAction('ventil', $arrayofmassactions, 1);
|
||||
|
||||
@@ -57,7 +57,7 @@ if (empty($user->rights->accounting->mouvements->lire)) {
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($action == 'ventil' && $user->rights->accounting->bind->write) {
|
||||
if ($action == 'ventil' && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
if (!$cancel) {
|
||||
if ($codeventil < 0) {
|
||||
$codeventil = 0;
|
||||
|
||||
@@ -118,7 +118,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
|
||||
$search_date_end = '';
|
||||
}
|
||||
|
||||
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
|
||||
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
$error = 0;
|
||||
|
||||
if (!(GETPOST('account_parent', 'int') >= 0)) {
|
||||
|
||||
@@ -158,7 +158,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
|
||||
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
|
||||
if ($massaction == 'ventil' && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
$msg = '';
|
||||
|
||||
if (!empty($mesCasesCochees)) {
|
||||
|
||||
@@ -57,7 +57,7 @@ if (empty($user->rights->accounting->mouvements->lire)) {
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($action == 'ventil' && $user->rights->accounting->bind->write) {
|
||||
if ($action == 'ventil' && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
if (!$cancel) {
|
||||
if ($codeventil < 0) {
|
||||
$codeventil = 0;
|
||||
|
||||
@@ -91,7 +91,7 @@ if (empty($user->rights->accounting->mouvements->lire)) {
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) {
|
||||
if (($action == 'clean' || $action == 'validatehistory') && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
// Clean database
|
||||
$db->begin();
|
||||
$sql1 = "UPDATE ".$db->prefix()."facture_fourn_det as fd";
|
||||
|
||||
@@ -133,7 +133,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
|
||||
$search_tvaintra = '';
|
||||
}
|
||||
|
||||
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
|
||||
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
$error = 0;
|
||||
|
||||
if (!(GETPOST('account_parent', 'int') >= 0)) {
|
||||
|
||||
@@ -169,7 +169,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
|
||||
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
|
||||
if ($massaction == 'ventil' && $user->hasRight('accounting', 'bind', 'write')) {
|
||||
$msg = '';
|
||||
|
||||
if (!empty($mesCasesCochees)) {
|
||||
@@ -453,7 +453,7 @@ if ($result) {
|
||||
//'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
|
||||
//'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
|
||||
);
|
||||
//if ($user->rights->mymodule->supprimer) $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
|
||||
//if ($user->hasRight('mymodule', 'supprimer')) $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
|
||||
//if (in_array($massaction, array('presend','predelete'))) $arrayofmassactions=array();
|
||||
if ($massaction !== 'set_default_account') {
|
||||
$massactionbutton = $form->selectMassAction('ventil', $arrayofmassactions, 1);
|
||||
|
||||
@@ -1008,7 +1008,7 @@ class AdherentType extends CommonObject
|
||||
|
||||
//$return .= '<input id="cb'.$this->id.'" class="flat checkforselect fright" type="checkbox" name="toselect[]" value="'.$this->id.'"'.($selected ? ' checked="checked"' : '').'>';
|
||||
|
||||
if ($user->rights->adherent->configurer) {
|
||||
if ($user->hasRight('adherent', 'configurer')) {
|
||||
$return .= '<span class="right paddingleft"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.urlencode($this->ref).'">'.img_edit().'</a></span>';
|
||||
} else {
|
||||
$return .= '<span class="right"> </span>';
|
||||
|
||||
@@ -57,7 +57,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
|
||||
$caneditfielduser = ((($user->id == $object->user_id) && !empty($user->rights->user->self->creer))
|
||||
|| (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer')));
|
||||
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|
||||
$caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password'))
|
||||
|| (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password')));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -134,7 +134,7 @@ if ($reshook < 0) {
|
||||
}
|
||||
|
||||
// Create third party from a member
|
||||
if (empty($reshook) && $action == 'confirm_create_thirdparty' && $confirm == 'yes' && $user->rights->societe->creer) {
|
||||
if (empty($reshook) && $action == 'confirm_create_thirdparty' && $confirm == 'yes' && $user->hasRight('societe', 'creer')) {
|
||||
if ($result > 0) {
|
||||
// Creation of thirdparty
|
||||
$company = new Societe($db);
|
||||
|
||||
@@ -350,7 +350,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
|
||||
} else {
|
||||
print '<tr class="oddeven">';
|
||||
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
|
||||
if ($user->rights->adherent->configurer) {
|
||||
if ($user->hasRight('adherent', 'configurer')) {
|
||||
print '<td class="center"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
|
||||
}
|
||||
}
|
||||
@@ -374,7 +374,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
|
||||
print '<td class="center">'.yn($objp->vote).'</td>';
|
||||
print '<td class="center">'.$membertype->getLibStatut(5).'</td>';
|
||||
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
|
||||
if ($user->rights->adherent->configurer) {
|
||||
if ($user->hasRight('adherent', 'configurer')) {
|
||||
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -53,8 +53,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id;
|
||||
}
|
||||
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'read')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'write')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@@ -82,8 +82,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity] . "/model/" . $object->id;
|
||||
}
|
||||
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'read')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'write')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@@ -69,9 +69,9 @@ if (empty($action) && empty($id) && empty($ref)) {
|
||||
// Load object
|
||||
include DOL_DOCUMENT_ROOT . '/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
|
||||
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->delete) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->delete))) || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'read')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'write')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'delete')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->delete))) || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
|
||||
$permissionnote = $permissiontoadd; // Used by the include of actions_setnotes.inc.php
|
||||
$permissiondellink = $permissiontoadd; // Used by the include of actions_dellink.inc.php
|
||||
$upload_dir = $conf->asset->multidir_output[isset($object->entity) ? $object->entity : 1];
|
||||
|
||||
@@ -53,8 +53,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id;
|
||||
}
|
||||
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'read')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'write')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
if ($user->socid > 0) accessforbidden();
|
||||
|
||||
@@ -121,9 +121,9 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php';
|
||||
$object->fields = dol_sort_array($object->fields, 'position');
|
||||
$arrayfields = dol_sort_array($arrayfields, 'position');
|
||||
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write)));
|
||||
$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->delete) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->delete)));
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'read')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'write')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write)));
|
||||
$permissiontodelete = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'delete')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->delete)));
|
||||
|
||||
// Security check
|
||||
if (!isModEnabled('asset')) {
|
||||
|
||||
@@ -51,8 +51,8 @@ if ($id > 0 || !empty($ref)) {
|
||||
$upload_dir = $conf->asset->multidir_output[$object->entity] . "/" . $object->id;
|
||||
}
|
||||
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->read) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->asset->write) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissiontoread = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'read')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->read)));
|
||||
$permissiontoadd = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('asset', 'write')) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->asset->model_advance->write))); // Used by the include of actions_addupdatedelete.inc.php
|
||||
$permissionnote = $permissiontoadd; // Used by the include of actions_setnotes.inc.php
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
|
||||
@@ -112,11 +112,11 @@ if ($id > 0 && $removeelem > 0 && $action == 'unlink') {
|
||||
$tmpobject = new Product($db);
|
||||
$result = $tmpobject->fetch($removeelem);
|
||||
$elementtype = 'product';
|
||||
} elseif ($type == Categorie::TYPE_SUPPLIER && $user->rights->societe->creer) {
|
||||
} elseif ($type == Categorie::TYPE_SUPPLIER && $user->hasRight('societe', 'creer')) {
|
||||
$tmpobject = new Societe($db);
|
||||
$result = $tmpobject->fetch($removeelem);
|
||||
$elementtype = 'supplier';
|
||||
} elseif ($type == Categorie::TYPE_CUSTOMER && $user->rights->societe->creer) {
|
||||
} elseif ($type == Categorie::TYPE_CUSTOMER && $user->hasRight('societe', 'creer')) {
|
||||
$tmpobject = new Societe($db);
|
||||
$result = $tmpobject->fetch($removeelem);
|
||||
$elementtype = 'customer';
|
||||
@@ -125,7 +125,7 @@ if ($id > 0 && $removeelem > 0 && $action == 'unlink') {
|
||||
$tmpobject = new Adherent($db);
|
||||
$result = $tmpobject->fetch($removeelem);
|
||||
$elementtype = 'member';
|
||||
} elseif ($type == Categorie::TYPE_CONTACT && $user->rights->societe->creer) {
|
||||
} elseif ($type == Categorie::TYPE_CONTACT && $user->hasRight('societe', 'creer')) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
|
||||
$tmpobject = new Contact($db);
|
||||
$result = $tmpobject->fetch($removeelem);
|
||||
@@ -140,7 +140,7 @@ if ($id > 0 && $removeelem > 0 && $action == 'unlink') {
|
||||
$tmpobject = new Project($db);
|
||||
$result = $tmpobject->fetch($removeelem);
|
||||
$elementtype = 'project';
|
||||
} elseif ($type == Categorie::TYPE_USER && $user->rights->user->user->creer) {
|
||||
} elseif ($type == Categorie::TYPE_USER && $user->hasRight('user', 'user', 'creer')) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
|
||||
$tmpobject = new User($db);
|
||||
$result = $tmpobject->fetch($removeelem);
|
||||
@@ -174,13 +174,13 @@ if ($user->rights->categorie->supprimer && $action == 'confirm_delete' && $confi
|
||||
|
||||
if ($elemid && $action == 'addintocategory' &&
|
||||
(($type == Categorie::TYPE_PRODUCT && ($user->rights->produit->creer || $user->rights->service->creer)) ||
|
||||
($type == Categorie::TYPE_CUSTOMER && $user->rights->societe->creer) ||
|
||||
($type == Categorie::TYPE_SUPPLIER && $user->rights->societe->creer) ||
|
||||
($type == Categorie::TYPE_CUSTOMER && $user->hasRight('societe', 'creer')) ||
|
||||
($type == Categorie::TYPE_SUPPLIER && $user->hasRight('societe', 'creer')) ||
|
||||
($type == Categorie::TYPE_TICKET && $user->rights->ticket->write) ||
|
||||
($type == Categorie::TYPE_PROJECT && $user->rights->projet->creer) ||
|
||||
($type == Categorie::TYPE_MEMBER && $user->hasRight('adherent', 'creer')) ||
|
||||
($type == Categorie::TYPE_CONTACT && $user->rights->societe->creer) ||
|
||||
($type == Categorie::TYPE_USER && $user->rights->user->user->creer) ||
|
||||
($type == Categorie::TYPE_CONTACT && $user->hasRight('societe', 'creer')) ||
|
||||
($type == Categorie::TYPE_USER && $user->hasRight('user', 'user', 'creer')) ||
|
||||
($type == Categorie::TYPE_ACCOUNT && $user->rights->banque->configurer)
|
||||
)) {
|
||||
if ($type == Categorie::TYPE_PRODUCT) {
|
||||
|
||||
@@ -155,7 +155,7 @@ $TDurationTypes = array('y'=>$langs->trans('Years'), 'm'=>$langs->trans('Month')
|
||||
|
||||
$result = restrictedArea($user, 'agenda', $object, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
|
||||
|
||||
$usercancreate = $user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create);
|
||||
$usercancreate = $user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'create'));
|
||||
|
||||
|
||||
/*
|
||||
@@ -215,7 +215,7 @@ if (empty($reshook) && (GETPOST('addassignedtouser') || GETPOST('updateassignedt
|
||||
|
||||
// Link to a project
|
||||
if (empty($reshook) && $action == 'classin' && ($user->hasRight('agenda', 'allactions', 'create') ||
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create))) {
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'create')))) {
|
||||
//$object->fetch($id);
|
||||
$object->setProject(GETPOST('projectid', 'int'));
|
||||
}
|
||||
@@ -970,7 +970,7 @@ if (empty($reshook) && $action == 'confirm_delete' && GETPOST("confirm") == 'yes
|
||||
$object->fetch_userassigned();
|
||||
$object->oldcopy = dol_clone($object);
|
||||
|
||||
if ($user->rights->agenda->myactions->delete
|
||||
if ($user->hasRight('agenda', 'myactions', 'delete')
|
||||
|| $user->rights->agenda->allactions->delete) {
|
||||
$result = $object->delete();
|
||||
|
||||
@@ -1089,7 +1089,7 @@ if (empty($reshook) && GETPOST('actionmove', 'alpha') == 'mupdate') {
|
||||
|
||||
// Actions to delete doc
|
||||
$upload_dir = $conf->agenda->dir_output.'/'.dol_sanitizeFileName($object->ref);
|
||||
$permissiontoadd = ($user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->read));
|
||||
$permissiontoadd = ($user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'read')));
|
||||
if (empty($reshook)) {
|
||||
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
|
||||
}
|
||||
@@ -2478,21 +2478,21 @@ if ($id > 0) {
|
||||
if (empty($reshook)) {
|
||||
if ($action != 'edit') {
|
||||
if ($user->hasRight('agenda', 'allactions', 'create') ||
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create)) {
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'create'))) {
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?action=edit&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Modify").'</a></div>';
|
||||
} else {
|
||||
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans("Modify").'</a></div>';
|
||||
}
|
||||
|
||||
if ($user->hasRight('agenda', 'allactions', 'create') ||
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create)) {
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'create'))) {
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?action=clone&object='.$object->element.'&id='.$object->id.'">'.$langs->trans("ToClone").'</a></div>';
|
||||
} else {
|
||||
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans("ToClone").'</a></div>';
|
||||
}
|
||||
|
||||
if ($user->rights->agenda->allactions->delete ||
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->delete)) {
|
||||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'delete'))) {
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?action=delete&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Delete").'</a></div>';
|
||||
} else {
|
||||
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans("Delete").'</a></div>';
|
||||
|
||||
@@ -289,7 +289,7 @@ class AgendaEvents extends DolibarrApi
|
||||
*/
|
||||
public function delete($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->rights->agenda->myactions->delete) {
|
||||
if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'delete')) {
|
||||
throw new RestException(401, "Insufficient rights to delete your Agenda Event");
|
||||
}
|
||||
|
||||
|
||||
@@ -92,7 +92,7 @@ if ($user->socid && $socid) {
|
||||
$result = restrictedArea($user, 'societe', $socid);
|
||||
}
|
||||
|
||||
$usercancreate = $user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create);
|
||||
$usercancreate = $user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'create'));
|
||||
$permissiontoadd = $usercancreate;
|
||||
|
||||
|
||||
|
||||
@@ -1875,7 +1875,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
|
||||
}
|
||||
} else {
|
||||
if ($user->hasRight('agenda', 'allactions', 'create') ||
|
||||
(($event->authorid == $user->id || $event->userownerid == $user->id) && $user->rights->agenda->myactions->create)) {
|
||||
(($event->authorid == $user->id || $event->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'create'))) {
|
||||
$cssclass .= " movable cursormove";
|
||||
} else {
|
||||
$cssclass .= " unmovable";
|
||||
|
||||
@@ -53,7 +53,7 @@ if ($user->socid && $socid) {
|
||||
$result = restrictedArea($user, 'societe', $socid);
|
||||
}
|
||||
|
||||
$usercancreate = $user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create);
|
||||
$usercancreate = $user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->hasRight('agenda', 'myactions', 'create'));
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -401,7 +401,7 @@ $arrayofmassactions = array(
|
||||
if ($user->rights->agenda->allactions->delete) {
|
||||
$arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
|
||||
}
|
||||
if (isModEnabled('category') && $user->rights->agenda->myactions->create) {
|
||||
if (isModEnabled('category') && $user->hasRight('agenda', 'myactions', 'create')) {
|
||||
$arrayofmassactions['preaffecttag'] = img_picto('', 'category', 'class="pictofixedwidth"').$langs->trans("AffectTag");
|
||||
}
|
||||
if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete','preaffecttag'))) {
|
||||
|
||||
@@ -54,7 +54,7 @@ $result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($action == 'setpricelevel' && $user->rights->societe->creer) {
|
||||
if ($action == 'setpricelevel' && $user->hasRight('societe', 'creer')) {
|
||||
$soc = new Societe($db);
|
||||
$soc->fetch($id);
|
||||
$soc->setPriceLevel(GETPOST("price_level"), $user);
|
||||
|
||||
@@ -68,7 +68,7 @@ if (GETPOST('cancel', 'alpha') && !empty($backtopage)) {
|
||||
|
||||
if ($action == 'confirm_split' && GETPOST("confirm", "alpha") == 'yes' && $permissiontocreate) {
|
||||
//if ($user->rights->societe->creer)
|
||||
//if ($user->rights->facture->creer)
|
||||
//if ($user->hasRight('facture', 'creer'))
|
||||
|
||||
$amount_ttc_1 = GETPOST('amount_ttc_1', 'alpha');
|
||||
$amount_ttc_1 = price2num($amount_ttc_1);
|
||||
@@ -159,7 +159,7 @@ if ($action == 'confirm_split' && GETPOST("confirm", "alpha") == 'yes' && $permi
|
||||
|
||||
if ($action == 'setremise' && $permissiontocreate) {
|
||||
//if ($user->rights->societe->creer)
|
||||
//if ($user->rights->facture->creer)
|
||||
//if ($user->hasRight('facture', 'creer'))
|
||||
|
||||
$amount = price2num(GETPOST('amount', 'alpha'), '', 2);
|
||||
$desc = GETPOST('desc', 'alpha');
|
||||
@@ -199,7 +199,7 @@ if ($action == 'setremise' && $permissiontocreate) {
|
||||
|
||||
if (GETPOST('action', 'aZ09') == 'confirm_remove' && GETPOST("confirm") == 'yes' && $permissiontocreate) {
|
||||
//if ($user->rights->societe->creer)
|
||||
//if ($user->rights->facture->creer)
|
||||
//if ($user->hasRight('facture', 'creer'))
|
||||
|
||||
$db->begin();
|
||||
|
||||
|
||||
@@ -2089,7 +2089,7 @@ if ($resql) {
|
||||
|
||||
// If module invoices enabled and user with invoice creation permissions
|
||||
if (isModEnabled('facture') && !empty($conf->global->ORDER_BILLING_ALL_CUSTOMER)) {
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
if (($obj->fk_statut > 0 && $obj->fk_statut < 3) || ($obj->fk_statut == 3 && $obj->billed == 0)) {
|
||||
print ' <a href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$companystatic->id.'&search_billed=0&autoselectall=1">';
|
||||
print img_picto($langs->trans("CreateInvoiceForThisCustomer").' : '.$companystatic->name, 'object_bill', 'hideonsmartphone').'</a>';
|
||||
|
||||
@@ -1601,7 +1601,7 @@ if ($resql) {
|
||||
|
||||
// If module invoices enabled and user with invoice creation permissions
|
||||
if (isModEnabled('facture') && !empty($conf->global->ORDER_BILLING_ALL_CUSTOMER)) {
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
if (($obj->fk_statut > 0 && $obj->fk_statut < 3) || ($obj->fk_statut == 3 && $obj->billed == 0)) {
|
||||
print ' <a href="'.DOL_URL_ROOT.'/commande/list.php?socid='.$companystatic->id.'&search_billed=0&autoselectall=1">';
|
||||
print img_picto($langs->trans("CreateInvoiceForThisCustomer").' : '.$companystatic->name, 'object_bill', 'hideonsmartphone').'</a>';
|
||||
|
||||
@@ -1229,7 +1229,7 @@ if ($action == 'create') {
|
||||
if (isModEnabled('project')) {
|
||||
$langs->load("projects");
|
||||
$morehtmlref .= '<br>'.$langs->trans('Project').' ';
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
if ($action != 'classify') {
|
||||
$morehtmlref .= '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?action=classify&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetProject')).'</a> : ';
|
||||
}
|
||||
@@ -1684,7 +1684,7 @@ if ($action == 'create') {
|
||||
),
|
||||
);
|
||||
if (empty($object->suspended)) {
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
if (!empty($object->frequency) && $object->nb_gen_max > 0 && ($object->nb_gen_done >= $object->nb_gen_max)) {
|
||||
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="' . dol_escape_htmltag($langs->trans("MaxGenerationReached")) . '">' . $langs->trans("CreateBill") . '</a></div>';
|
||||
} else {
|
||||
@@ -1699,7 +1699,7 @@ if ($action == 'create') {
|
||||
}
|
||||
}
|
||||
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
if (empty($object->suspended)) {
|
||||
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=disable&id='.$object->id.'&token='.newToken().'">'.$langs->trans("Disable").'</a></div>';
|
||||
} else {
|
||||
|
||||
@@ -4440,7 +4440,7 @@ class Facture extends CommonInvoice
|
||||
$remise = 0;
|
||||
}
|
||||
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
$remise = price2num($remise, 2);
|
||||
|
||||
$error = 0;
|
||||
@@ -4504,7 +4504,7 @@ class Facture extends CommonInvoice
|
||||
$remise = 0;
|
||||
}
|
||||
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
$error = 0;
|
||||
|
||||
$this->db->begin();
|
||||
|
||||
@@ -854,7 +854,7 @@ while ($i < $imaxinloop) {
|
||||
// Action column
|
||||
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
|
||||
print '<td class="nowrap center">';
|
||||
if ($user->rights->facture->creer && empty($invoicerectmp->suspended)) {
|
||||
if ($user->hasRight('facture', 'creer') && empty($invoicerectmp->suspended)) {
|
||||
if ($invoicerectmp->isMaxNbGenReached()) {
|
||||
print $langs->trans("MaxNumberOfGenerationReached");
|
||||
} elseif (empty($objp->frequency) || $db->jdate($objp->date_when) <= $today) {
|
||||
@@ -1044,7 +1044,7 @@ while ($i < $imaxinloop) {
|
||||
// Action column
|
||||
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
|
||||
print '<td class="nowrap center tdoverflowmax125">';
|
||||
if ($user->rights->facture->creer && empty($invoicerectmp->suspended)) {
|
||||
if ($user->hasRight('facture', 'creer') && empty($invoicerectmp->suspended)) {
|
||||
if ($invoicerectmp->isMaxNbGenReached()) {
|
||||
print $langs->trans("MaxNumberOfGenerationReached");
|
||||
} elseif (empty($objp->frequency) || $db->jdate($objp->date_when) <= $today) {
|
||||
|
||||
@@ -51,7 +51,7 @@ foreach ($linkedObjectBlock as $key => $objectlink) {
|
||||
<td class="linkedcol-ref" align="center"></td>
|
||||
<td class="linkedcol-date" align="center"><?php echo dol_print_date($objectlink->date_when, 'day'); ?></td>
|
||||
<td class="linkedcol-amount right"><?php
|
||||
if ($user->rights->facture->lire) {
|
||||
if ($user->hasRight('facture', 'lire')) {
|
||||
$total = $total + $objectlink->total_ht;
|
||||
echo price($objectlink->total_ht);
|
||||
}
|
||||
|
||||
@@ -537,7 +537,7 @@ print '<div class="tabsAction">';
|
||||
|
||||
if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION)) {
|
||||
if ($user->socid == 0 && $object->statut == 0 && $action == '') {
|
||||
if ($user->rights->facture->paiement) {
|
||||
if ($user->hasRight('facture', 'paiement')) {
|
||||
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$id.'&action=valide&token='.newToken().'">'.$langs->trans('Valid').'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -246,8 +246,7 @@ if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
|
||||
{
|
||||
if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '')
|
||||
{
|
||||
if ($user->rights->facture->paiement)
|
||||
{
|
||||
if ($user->hasRight('facture', 'paiement')){
|
||||
print '<a class="butAction" href="card.php?id='.GETPOST('id', 'int').'&facid='.$objp->facid.'&action=valide">'.$langs->trans('Valid').'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -287,8 +287,7 @@ if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
|
||||
{
|
||||
if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '')
|
||||
{
|
||||
if ($user->rights->facture->paiement)
|
||||
{
|
||||
if ($user->hasRight('facture', 'paiement')) {
|
||||
print '<a class="butAction" href="card.php?id='.GETPOST('id', 'int').'&facid='.$objp->facid.'&action=valide">'.$langs->trans('Valid').'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -110,7 +110,7 @@ class ActionsContactCardDefault extends ActionsContactCardCommon
|
||||
$this->tpl['actionsdone'] = show_actions_done($conf, $langs, $db, $objsoc, $this->object, 1);
|
||||
} else {
|
||||
// Confirm delete contact
|
||||
if ($action == 'delete' && $user->rights->societe->contact->supprimer) {
|
||||
if ($action == 'delete' && $user->hasRight('societe', 'contact', 'supprimer')) {
|
||||
$this->tpl['action_delete'] = $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$this->object->id, $langs->trans("DeleteContact"), $langs->trans("ConfirmDeleteContact"), "confirm_delete", '', 0, 1);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -142,7 +142,7 @@ if (empty($user->socid)) {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
|
||||
}
|
||||
|
||||
if (!$this->control->tpl['user_id'] && $user->rights->user->user->creer) {
|
||||
if (!$this->control->tpl['user_id'] && $user->hasRight('user', 'user', 'creer')) {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
}
|
||||
|
||||
|
||||
@@ -143,7 +143,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Creation utilisateur depuis contact
|
||||
if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->rights->user->user->creer) {
|
||||
if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->hasRight('user', 'user', 'creer')) {
|
||||
// Recuperation contact actuel
|
||||
$result = $object->fetch($id);
|
||||
|
||||
@@ -313,7 +313,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($action == 'confirm_delete' && $confirm == 'yes' && $user->rights->societe->contact->supprimer) {
|
||||
if ($action == 'confirm_delete' && $confirm == 'yes' && $user->hasRight('societe', 'contact', 'supprimer')) {
|
||||
$result = $object->fetch($id);
|
||||
$object->oldcopy = clone $object;
|
||||
|
||||
@@ -1390,7 +1390,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
print '<table width="100%" class="nobordernopadding"><tr><td class="nowrap">';
|
||||
print $langs->trans('ProspectLevel');
|
||||
print '<td>';
|
||||
if ($action != 'editlevel' && $user->rights->societe->contact->creer) {
|
||||
if ($action != 'editlevel' && $user->hasRight('societe', 'contact', 'creer')) {
|
||||
print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editlevel&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('Modify'), 1).'</a></td>';
|
||||
}
|
||||
print '</tr></table>';
|
||||
@@ -1491,7 +1491,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
print $dolibarr_user->getLoginUrl(-1);
|
||||
} else {
|
||||
//print '<span class="opacitymedium">'.$langs->trans("NoDolibarrAccess").'</span>';
|
||||
if (!$object->user_id && $user->rights->user->user->creer) {
|
||||
if (!$object->user_id && $user->hasRight('user', 'user', 'creer')) {
|
||||
print '<a class="aaa" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=create_user&token='.newToken().'">'.img_picto($langs->trans("CreateDolibarrLogin"), 'add', 'class="pictofixedwidth"').$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
}
|
||||
}
|
||||
@@ -1527,11 +1527,11 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
}
|
||||
|
||||
// Activer
|
||||
if ($object->statut == 0 && $user->rights->societe->contact->creer) {
|
||||
if ($object->statut == 0 && $user->hasRight('societe', 'contact', 'creer')) {
|
||||
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=enable&token='.newToken().'">'.$langs->trans("Reactivate").'</a>';
|
||||
}
|
||||
// Desactiver
|
||||
if ($object->statut == 1 && $user->rights->societe->contact->creer) {
|
||||
if ($object->statut == 1 && $user->hasRight('societe', 'contact', 'creer')) {
|
||||
print '<a class="butActionDelete" href="'.$_SERVER['PHP_SELF'].'?action=disable&id='.$object->id.'&token='.newToken().'">'.$langs->trans("DisableUser").'</a>';
|
||||
}
|
||||
|
||||
|
||||
@@ -847,7 +847,7 @@ $arrayofmassactions = array(
|
||||
if (!empty($permissiontodelete)) {
|
||||
$arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
|
||||
}
|
||||
if (isModEnabled('category') && $user->rights->societe->creer) {
|
||||
if (isModEnabled('category') && $user->hasRight('societe', 'creer')) {
|
||||
$arrayofmassactions['preaffecttag'] = img_picto('', 'category', 'class="pictofixedwidth"').$langs->trans("AffectTag");
|
||||
}
|
||||
if (in_array($massaction, array('presend', 'predelete','preaffecttag'))) {
|
||||
|
||||
@@ -50,7 +50,7 @@ $errors = array();
|
||||
* Action
|
||||
*/
|
||||
|
||||
if ($action == 'update' && !GETPOST("cancel") && $user->rights->societe->contact->creer) {
|
||||
if ($action == 'update' && !GETPOST("cancel") && $user->hasRight('societe', 'contact', 'creer')) {
|
||||
$ret = $object->fetch($id);
|
||||
|
||||
// Note: Correct date should be completed with location to have exact GM time of birth.
|
||||
|
||||
@@ -2150,7 +2150,7 @@ if ($action == 'create') {
|
||||
|
||||
if (isModEnabled('facture') && $object->statut > 0) {
|
||||
$langs->load("bills");
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
print dolGetButtonAction($langs->trans('CreateBill'), '', 'default', DOL_URL_ROOT.'/compta/facture/card.php?action=create&origin='.$object->element.'&originid='.$object->id.'&socid='.$object->thirdparty->id, '', true, $params);
|
||||
} else {
|
||||
$params['attr']['title'] = $langs->trans("NotEnoughPermissions");
|
||||
|
||||
@@ -85,7 +85,7 @@ class box_contacts extends ModeleBoxes
|
||||
|
||||
$this->info_box_head = array('text' => $langs->trans("BoxTitleLastModifiedContacts", $max));
|
||||
|
||||
if ($user->hasRight('societe', 'lire') && $user->rights->societe->contact->lire) {
|
||||
if ($user->hasRight('societe', 'lire') && $user->hasRight('societe', 'contact', 'lire')) {
|
||||
$sql = "SELECT sp.rowid as id, sp.lastname, sp.firstname, sp.civility as civility_id, sp.datec, sp.tms, sp.fk_soc, sp.statut as status";
|
||||
|
||||
$sql .= ", sp.address, sp.zip, sp.town, sp.phone, sp.phone_perso, sp.phone_mobile, sp.email as spemail";
|
||||
|
||||
@@ -87,7 +87,7 @@ class box_factures extends ModeleBoxes
|
||||
'limit'=> dol_strlen($text)
|
||||
);
|
||||
|
||||
if ($user->rights->facture->lire) {
|
||||
if ($user->hasRight('facture', 'lire')) {
|
||||
$sql = "SELECT f.rowid as facid";
|
||||
$sql .= ", f.ref, f.type, f.total_ht";
|
||||
$sql .= ", f.total_tva";
|
||||
|
||||
@@ -84,7 +84,7 @@ class box_factures_fourn extends ModeleBoxes
|
||||
'text' => $langs->trans("BoxTitleLast".(!empty($conf->global->MAIN_LASTBOX_ON_OBJECT_DATE) ? "" : "Modified")."SupplierBills", $max)
|
||||
);
|
||||
|
||||
if ($user->rights->fournisseur->facture->lire) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'lire')) {
|
||||
$langs->load("bills");
|
||||
|
||||
$sql = "SELECT s.rowid as socid, s.nom as name, s.name_alias";
|
||||
|
||||
@@ -103,7 +103,7 @@ class box_graph_invoices_permonth extends ModeleBoxes
|
||||
$prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
if ($user->rights->facture->lire) {
|
||||
if ($user->hasRight('facture', 'lire')) {
|
||||
$mesg = '';
|
||||
|
||||
$param_year = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_year';
|
||||
|
||||
@@ -95,7 +95,7 @@ class box_graph_invoices_peryear extends ModeleBoxes
|
||||
if ($user->socid) $socid = $user->socid;
|
||||
if (empty($user->rights->societe->client->voir) || $socid) $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
|
||||
if ($user->rights->facture->lire) {
|
||||
if ($user->hasRight('facture', 'lire')) {
|
||||
$mesg = '';
|
||||
|
||||
$param_year = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_year';
|
||||
|
||||
@@ -102,7 +102,7 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes
|
||||
$prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user
|
||||
}
|
||||
|
||||
if ($user->rights->fournisseur->facture->lire) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'lire')) {
|
||||
$param_year = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_year';
|
||||
$param_shownb = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_shownb';
|
||||
$param_showtot = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_showtot';
|
||||
|
||||
@@ -93,7 +93,7 @@ class box_members_by_tags extends ModeleBoxes
|
||||
|
||||
$this->info_box_head = array('text' => $langs->trans("BoxTitleMembersByTags").($numberyears ? ' ('.($year - $numberyears).' - '.$year.')' : ''));
|
||||
|
||||
if ($user->rights->adherent->lire) {
|
||||
if ($user->hasRight('adherent', 'lire')) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherentstats.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
|
||||
$stats = new AdherentStats($this->db, $user->socid, $user->id);
|
||||
|
||||
@@ -94,7 +94,7 @@ class box_members_by_type extends ModeleBoxes
|
||||
|
||||
$this->info_box_head = array('text' => $langs->trans("BoxTitleMembersByType").($numberyears ? ' ('.($year-$numberyears).' - '.$year.')' : ''));
|
||||
|
||||
if ($user->rights->adherent->lire) {
|
||||
if ($user->hasRight('adherent', 'lire')) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherentstats.class.php';
|
||||
$stats = new AdherentStats($this->db, $user->socid, $user->id);
|
||||
// Show array
|
||||
|
||||
@@ -90,7 +90,7 @@ class box_members_last_modified extends ModeleBoxes
|
||||
|
||||
$this->info_box_head = array('text' => $langs->trans("BoxTitleLastModifiedMembers", $max));
|
||||
|
||||
if ($user->rights->adherent->lire) {
|
||||
if ($user->hasRight('adherent', 'lire')) {
|
||||
$sql = "SELECT a.rowid, a.ref, a.lastname, a.firstname, a.societe as company, a.fk_soc,";
|
||||
$sql .= " a.datec, a.tms as datem, a.statut as status, a.datefin as date_end_subscription,";
|
||||
$sql .= ' a.photo, a.email, a.gender, a.morphy,';
|
||||
|
||||
@@ -92,7 +92,7 @@ class box_members_last_subscriptions extends ModeleBoxes
|
||||
|
||||
$this->info_box_head = array('text' => $langs->trans("LastSubscriptionsModified", $max));
|
||||
|
||||
if ($user->rights->adherent->lire) {
|
||||
if ($user->hasRight('adherent', 'lire')) {
|
||||
$sql = "SELECT a.rowid, a.statut as status, a.lastname, a.firstname, a.societe as company, a.fk_soc,";
|
||||
$sql .= " a.gender, a.email, a.photo, a.morphy,";
|
||||
$sql .= " a.datefin as date_end_subscription,";
|
||||
|
||||
@@ -90,7 +90,7 @@ class box_members_subscriptions_by_year extends ModeleBoxes
|
||||
|
||||
$this->info_box_head = array('text' => $langs->trans("BoxTitleMembersSubscriptionsByYear", $max));
|
||||
|
||||
if ($user->rights->adherent->lire) {
|
||||
if ($user->hasRight('adherent', 'lire')) {
|
||||
$num = 0;
|
||||
$line = 0;
|
||||
// List of subscription by year
|
||||
|
||||
@@ -3298,7 +3298,7 @@ function dol_print_socialnetworks($value, $cid, $socid, $type, $dictsocialnetwor
|
||||
$htmllink .= '?chat" alt="'.$langs->trans("Chat").' '.$value.'" title="'.dol_escape_htmltag($langs->trans("Chat").' '.$value).'">';
|
||||
$htmllink .= '<img class="paddingleft" src="'.DOL_URL_ROOT.'/theme/common/skype_chatbutton.png" border="0">';
|
||||
$htmllink .= '</a>';
|
||||
if (($cid || $socid) && isModEnabled('agenda') && $user->rights->agenda->myactions->create) {
|
||||
if (($cid || $socid) && isModEnabled('agenda') && $user->hasRight('agenda', 'myactions', 'create')) {
|
||||
$addlink = 'AC_SKYPE';
|
||||
$link = '';
|
||||
if (!empty($conf->global->AGENDA_ADDACTIONFORSKYPE)) {
|
||||
@@ -3634,7 +3634,7 @@ function dol_print_phone($phone, $countrycode = '', $cid = 0, $socid = 0, $addli
|
||||
}
|
||||
}
|
||||
|
||||
//if (($cid || $socid) && isModEnabled('agenda') && $user->rights->agenda->myactions->create)
|
||||
//if (($cid || $socid) && isModEnabled('agenda') && $user->hasRight('agenda', 'myactions', 'create'))
|
||||
if (isModEnabled('agenda') && $user->hasRight("agenda", "myactions", "create")) {
|
||||
$type = 'AC_TEL';
|
||||
$link = '';
|
||||
|
||||
@@ -608,13 +608,13 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '',
|
||||
}
|
||||
} elseif (!empty($feature2)) { // This is for permissions on 2 levels (module->object->write)
|
||||
foreach ($feature2 as $subfeature) {
|
||||
if ($subfeature == 'user' && $user->id == $objectid && $user->rights->user->self->creer) {
|
||||
if ($subfeature == 'user' && $user->id == $objectid && $user->hasRight('user', 'self', 'creer')) {
|
||||
continue; // User can edit its own card
|
||||
}
|
||||
if ($subfeature == 'user' && $user->id == $objectid && $user->rights->user->self->password) {
|
||||
if ($subfeature == 'user' && $user->id == $objectid && $user->hasRight('user', 'self', 'password')) {
|
||||
continue; // User can edit its own password
|
||||
}
|
||||
if ($subfeature == 'user' && $user->id != $objectid && $user->rights->user->user->password) {
|
||||
if ($subfeature == 'user' && $user->id != $objectid && $user->hasRight('user', 'user', 'password')) {
|
||||
continue; // User can edit another user's password
|
||||
}
|
||||
|
||||
|
||||
@@ -40,7 +40,7 @@ function user_prepare_head(User $object)
|
||||
|
||||
$canreadperms = true;
|
||||
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
|
||||
$canreadperms = ($user->admin || ($user->id != $object->id && $user->rights->user->user_advance->readperms) || ($user->id == $object->id && $user->rights->user->self_advance->readperms));
|
||||
$canreadperms = ($user->admin || ($user->id != $object->id && $user->hasRight('user', 'user_advance', 'readperms')) || ($user->id == $object->id && $user->hasRight('user', 'self_advance', 'readperms')));
|
||||
}
|
||||
|
||||
$h = 0;
|
||||
|
||||
@@ -151,7 +151,7 @@ if ($permission) {
|
||||
$nbofcontacts = $form->num;
|
||||
|
||||
$newcardbutton = '';
|
||||
if (!empty($object->socid) && $object->socid > 1 && $user->rights->societe->creer) {
|
||||
if (!empty($object->socid) && $object->socid > 1 && $user->hasRight('societe', 'creer')) {
|
||||
$newcardbutton .= '<a href="'.DOL_URL_ROOT.'/contact/card.php?socid='.$selectedCompany.'&action=create&backtopage='.urlencode($_SERVER["PHP_SELF"].'?id='.$object->id).'" title="'.$langs->trans('NewContact').'"><span class="fa fa-plus-circle valignmiddle paddingleft"></span></a>';
|
||||
}
|
||||
print $newcardbutton;
|
||||
|
||||
@@ -2593,7 +2593,7 @@ if ($action == 'create') {
|
||||
|
||||
// Create bill
|
||||
if (isModEnabled('facture') && ($object->statut == Expedition::STATUS_VALIDATED || $object->statut == Expedition::STATUS_CLOSED)) {
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
// TODO show button only if (!empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT))
|
||||
// If we do that, we must also make this option official.
|
||||
print dolGetButtonAction('', $langs->trans('CreateBill'), 'default', DOL_URL_ROOT.'/compta/facture/card.php?action=create&origin='.$object->element.'&originid='.$object->id.'&socid='.$object->socid, '');
|
||||
|
||||
@@ -1660,7 +1660,7 @@ if ($action == 'create') {
|
||||
if (isModEnabled('facture') && $object->statut > Fichinter::STATUS_DRAFT) {
|
||||
$langs->load("bills");
|
||||
if ($object->statut < Fichinter::STATUS_BILLED) {
|
||||
if ($user->rights->facture->creer) {
|
||||
if ($user->hasRight('facture', 'creer')) {
|
||||
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/compta/facture/card.php?action=create&origin='.$object->element.'&originid='.$object->id.'&socid='.$object->socid.'">'.$langs->trans("AddBill").'</a></div>';
|
||||
} else {
|
||||
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotEnoughPermissions").'">'.$langs->trans("AddBill").'</a></div>';
|
||||
|
||||
@@ -807,7 +807,7 @@ if ($object->id > 0) {
|
||||
$langs->load('bills');
|
||||
$facturestatic = new FactureFournisseur($db);
|
||||
|
||||
if ($user->rights->fournisseur->facture->lire) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'lire')) {
|
||||
// TODO move to DAO class
|
||||
$sql = 'SELECT f.rowid, f.libelle as label, f.ref, f.ref_supplier, f.fk_statut, f.datef as df, f.total_ht, f.total_tva, f.total_ttc, f.paye,';
|
||||
$sql .= ' SUM(pf.amount) as am';
|
||||
|
||||
@@ -2600,7 +2600,7 @@ if ($action == 'create') {
|
||||
//if (isModEnabled('facture'))
|
||||
//{
|
||||
if (isModEnabled("supplier_invoice") && ($object->statut >= 2 && $object->statut != 7 && $object->billed != 1)) { // statut 2 means approved, 7 means canceled
|
||||
if ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'creer') || $user->rights->supplier_invoice->creer) {
|
||||
print '<a class="butAction" href="'.DOL_URL_ROOT.'/fourn/facture/card.php?action=create&origin='.$object->element.'&originid='.$object->id.'&socid='.$object->socid.'">'.$langs->trans("CreateBill").'</a>';
|
||||
}
|
||||
}
|
||||
@@ -2612,7 +2612,7 @@ if ($action == 'create') {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=classifybilled&token='.newToken().'">'.$langs->trans("ClassifyBilled").'</a>';
|
||||
} else {
|
||||
if (!empty($object->linkedObjectsIds['invoice_supplier'])) {
|
||||
if ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'creer') || $user->rights->supplier_invoice->creer) {
|
||||
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=classifybilled&token='.newToken().'">'.$langs->trans("ClassifyBilled").'</a>';
|
||||
}
|
||||
} else {
|
||||
|
||||
@@ -1184,7 +1184,7 @@ if ($resql) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'creer') || $user->rights->supplier_invoice->creer) {
|
||||
$arrayofmassactions['createbills'] = img_picto('', 'bill', 'class="pictofixedwidth"').$langs->trans("CreateInvoiceForThisSupplier");
|
||||
}
|
||||
if ($permissiontodelete) {
|
||||
|
||||
@@ -873,7 +873,7 @@ if ($resql) {
|
||||
}
|
||||
// Action column
|
||||
print '<td class="center tdoverflowmax125">';
|
||||
if ($user->rights->facture->creer && empty($supplierinvoicerectmp->suspended)) {
|
||||
if ($user->hasRight('facture', 'creer') && empty($supplierinvoicerectmp->suspended)) {
|
||||
if ($supplierinvoicerectmp->isMaxNbGenReached()) {
|
||||
print $langs->trans("MaxNumberOfGenerationReached");
|
||||
} elseif (empty($objp->frequency) || $db->jdate($objp->date_when) <= $today) {
|
||||
|
||||
@@ -51,7 +51,7 @@ foreach ($linkedObjectBlock as $key => $objectlink) {
|
||||
<td class="left"><?php echo $objectlink->ref_supplier; ?></td>
|
||||
<td class="center"><?php echo dol_print_date($objectlink->date, 'day'); ?></td>
|
||||
<td class="right"><?php
|
||||
if ($user->rights->fournisseur->facture->lire) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'lire')) {
|
||||
$sign = 1;
|
||||
if ($object->type == FactureFournisseur::TYPE_CREDIT_NOTE) {
|
||||
$sign = -1;
|
||||
|
||||
@@ -373,7 +373,7 @@ if ($result > 0) {
|
||||
|
||||
// Delete payment
|
||||
if ($user->socid == 0 && $action == '') {
|
||||
if ($user->rights->fournisseur->facture->supprimer) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'supprimer')) {
|
||||
if ($allow_delete) {
|
||||
print dolGetButtonAction($langs->trans("Delete"), '', 'delete', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken(), 'delete', 1);
|
||||
} else {
|
||||
|
||||
@@ -141,7 +141,7 @@ $arrayofmassactions = array(
|
||||
'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
|
||||
'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
|
||||
);
|
||||
if ($user->rights->mymodule->supprimer) {
|
||||
if ($user->hasRight('mymodule', 'supprimer')) {
|
||||
$arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
|
||||
}
|
||||
if (in_array($massaction, array('presend', 'predelete'))) {
|
||||
|
||||
@@ -296,7 +296,7 @@ class ActionsMyModule
|
||||
global $user;
|
||||
|
||||
if ($parameters['features'] == 'myobject') {
|
||||
if ($user->rights->mymodule->myobject->read) {
|
||||
if ($user->hasRight('mymodule', 'myobject', 'read')) {
|
||||
$this->results['result'] = 1;
|
||||
return 1;
|
||||
} else {
|
||||
|
||||
@@ -271,17 +271,17 @@ class modMyModule extends DolibarrModules
|
||||
$this->rights[$r][0] = $this->numero . sprintf("%02d", $r + 1); // Permission id (must not be already used)
|
||||
$this->rights[$r][1] = 'Read objects of MyModule'; // Permission label
|
||||
$this->rights[$r][4] = 'myobject';
|
||||
$this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->rights->mymodule->myobject->read)
|
||||
$this->rights[$r][5] = 'read'; // In php code, permission will be checked by test if ($user->hasRight('mymodule', 'myobject', 'read'))
|
||||
$r++;
|
||||
$this->rights[$r][0] = $this->numero . sprintf("%02d", $r + 1); // Permission id (must not be already used)
|
||||
$this->rights[$r][1] = 'Create/Update objects of MyModule'; // Permission label
|
||||
$this->rights[$r][4] = 'myobject';
|
||||
$this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->rights->mymodule->myobject->write)
|
||||
$this->rights[$r][5] = 'write'; // In php code, permission will be checked by test if ($user->hasRight('mymodule', 'myobject', 'write'))
|
||||
$r++;
|
||||
$this->rights[$r][0] = $this->numero . sprintf("%02d", $r + 1); // Permission id (must not be already used)
|
||||
$this->rights[$r][1] = 'Delete objects of MyModule'; // Permission label
|
||||
$this->rights[$r][4] = 'myobject';
|
||||
$this->rights[$r][5] = 'delete'; // In php code, permission will be checked by test if ($user->rights->mymodule->myobject->delete)
|
||||
$this->rights[$r][5] = 'delete'; // In php code, permission will be checked by test if ($user->hasRight('mymodule', 'myobject', 'delete'))
|
||||
$r++;
|
||||
/* END MODULEBUILDER PERMISSIONS */
|
||||
|
||||
|
||||
@@ -95,7 +95,7 @@ class PartnershipType extends CommonObject
|
||||
}
|
||||
|
||||
// Example to show how to set values of fields definition dynamically
|
||||
/*if ($user->rights->mymodule->myobject->read) {
|
||||
/*if ($user->hasRight('mymodule', 'myobject', 'read')) {
|
||||
$this->fields['myfield']['visible'] = 1;
|
||||
$this->fields['myfield']['noteditable'] = 0;
|
||||
}*/
|
||||
|
||||
@@ -242,7 +242,7 @@ if (empty($reshook)) {
|
||||
$action = '';
|
||||
}
|
||||
// merge products
|
||||
if ($action == 'confirm_merge' && $confirm == 'yes' && $user->rights->societe->creer) {
|
||||
if ($action == 'confirm_merge' && $confirm == 'yes' && $user->hasRight('societe', 'creer')) {
|
||||
$error = 0;
|
||||
$productOriginId = GETPOST('product_origin', 'int');
|
||||
$productOrigin = new Product($db);
|
||||
|
||||
@@ -137,7 +137,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
print dol_get_fiche_end();
|
||||
|
||||
|
||||
if ($user->rights->fournisseur->facture->lire) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'lire')) {
|
||||
$sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client, d.rowid, d.total_ht as line_total_ht,";
|
||||
$sql .= " f.rowid as facid, f.ref, f.ref_supplier, f.datef, f.libelle as label, f.total_ht, f.total_ttc, f.total_tva, f.paye, f.fk_statut as statut, d.qty";
|
||||
if (empty($user->rights->societe->client->voir) && !$socid) {
|
||||
|
||||
@@ -154,7 +154,7 @@ if ($id > 0 || !empty($ref)) {
|
||||
|
||||
if ($showmessage && $nboflines > 1) {
|
||||
print '<span class="opacitymedium">'.$langs->trans("ClinkOnALinkOfColumn", $langs->transnoentitiesnoconv("Referers")).'</span>';
|
||||
} elseif ($user->rights->facture->lire) {
|
||||
} elseif ($user->hasRight('facture', 'lire')) {
|
||||
$sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,";
|
||||
$sql .= "f.titre, f.datec, f.rowid as facid, f.suspended as suspended,";
|
||||
$sql .= " d.rowid, d.total_ht as total_ht, d.qty"; // We must keep the d.rowid here to not loose record because of the distinct used to ignore duplicate line when link on societe_commerciaux is used
|
||||
|
||||
@@ -630,7 +630,7 @@ $listofreferent = array(
|
||||
'lang'=>'agenda',
|
||||
'buttonnew'=>'AddEvent',
|
||||
'testnew'=>$user->rights->agenda->myactions->create,
|
||||
'test'=> isModEnabled('agenda') && $user->rights->agenda->myactions->read),
|
||||
'test'=> isModEnabled('agenda') && $user->hasRight('agenda', 'myactions', 'read')),
|
||||
*/
|
||||
);
|
||||
|
||||
|
||||
@@ -860,7 +860,7 @@ $arrayofmassactions = array(
|
||||
// 'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
|
||||
);
|
||||
|
||||
if ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer) {
|
||||
if ($user->hasRight('fournisseur', 'facture', 'creer') || $user->rights->supplier_invoice->creer) {
|
||||
$arrayofmassactions['createbills'] = $langs->trans("CreateInvoiceForThisReceptions");
|
||||
}
|
||||
if ($massaction == 'createbills') {
|
||||
|
||||
@@ -201,7 +201,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Create user from a member
|
||||
if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->rights->user->user->creer) {
|
||||
if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->hasRight('user', 'user', 'creer')) {
|
||||
$jobposition = new RecruitmentJobPosition($db);
|
||||
$jobposition->fetch($object->fk_recruitmentjobposition);
|
||||
|
||||
|
||||
@@ -188,7 +188,7 @@ if (empty($reshook)) {
|
||||
$action = '';
|
||||
}
|
||||
|
||||
if ($action == 'confirm_merge' && $confirm == 'yes' && $user->rights->societe->creer) {
|
||||
if ($action == 'confirm_merge' && $confirm == 'yes' && $user->hasRight('societe', 'creer')) {
|
||||
$error = 0;
|
||||
$soc_origin_id = GETPOST('soc_origin', 'int');
|
||||
$soc_origin = new Societe($db);
|
||||
@@ -413,7 +413,7 @@ if (empty($reshook)) {
|
||||
|
||||
// Add new or update third party
|
||||
if ((!GETPOST('getcustomercode') && !GETPOST('getsuppliercode'))
|
||||
&& ($action == 'add' || $action == 'update') && $user->rights->societe->creer) {
|
||||
&& ($action == 'add' || $action == 'update') && $user->hasRight('societe', 'creer')) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
|
||||
|
||||
if (!GETPOST('name')) {
|
||||
@@ -933,31 +933,31 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Set third-party type
|
||||
if ($action == 'set_thirdpartytype' && $user->rights->societe->creer) {
|
||||
if ($action == 'set_thirdpartytype' && $user->hasRight('societe', 'creer')) {
|
||||
$object->fetch($socid);
|
||||
$result = $object->setThirdpartyType(GETPOST('typent_id', 'int'));
|
||||
}
|
||||
|
||||
// Set incoterm
|
||||
if ($action == 'set_incoterms' && $user->rights->societe->creer && isModEnabled('incoterm')) {
|
||||
if ($action == 'set_incoterms' && $user->hasRight('societe', 'creer') && isModEnabled('incoterm')) {
|
||||
$object->fetch($socid);
|
||||
$result = $object->setIncoterms(GETPOST('incoterm_id', 'int'), GETPOST('location_incoterms', 'alpha'));
|
||||
}
|
||||
|
||||
// Set parent company
|
||||
if ($action == 'set_thirdparty' && $user->rights->societe->creer) {
|
||||
if ($action == 'set_thirdparty' && $user->hasRight('societe', 'creer')) {
|
||||
$object->fetch($socid);
|
||||
$result = $object->setParent(GETPOST('parent_id', 'int'));
|
||||
}
|
||||
|
||||
// Set sales representatives
|
||||
if ($action == 'set_salesrepresentatives' && $user->rights->societe->creer) {
|
||||
if ($action == 'set_salesrepresentatives' && $user->hasRight('societe', 'creer')) {
|
||||
$object->fetch($socid);
|
||||
$result = $object->setSalesRep(GETPOST('commercial', 'array'));
|
||||
}
|
||||
|
||||
// warehouse
|
||||
if ($action == 'setwarehouse' && $user->rights->societe->creer) {
|
||||
if ($action == 'setwarehouse' && $user->hasRight('societe', 'creer')) {
|
||||
$result = $object->setWarehouse(GETPOST('fk_warehouse', 'int'));
|
||||
}
|
||||
|
||||
@@ -3192,7 +3192,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
print $dolibarr_user->getLoginUrl(-1);
|
||||
} else {
|
||||
//print '<span class="opacitymedium">'.$langs->trans("NoDolibarrAccess").'</span>';
|
||||
if (!$object->user_id && $user->rights->user->user->creer) {
|
||||
if (!$object->user_id && $user->hasRight('user', 'user', 'creer')) {
|
||||
print '<a class="aaa" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=create_user&token='.newToken().'">'.img_picto($langs->trans("CreateDolibarrLogin"), 'add').' '.$langs->trans("CreateDolibarrLogin").'</a>';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -147,7 +147,7 @@ if (!empty($conf->global->SOCIETE_USEPREFIX)) { // Old not used prefix field
|
||||
print '<tr><td class="titlefield">'.$langs->trans('Prefix').'</td><td colspan="3">'.$object->prefix_comm.'</td></tr>';
|
||||
}
|
||||
|
||||
//if (isModEnabled('agenda') && $user->rights->agenda->myactions->read) $elementTypeArray['action']=$langs->transnoentitiesnoconv('Events');
|
||||
//if (isModEnabled('agenda') && $user->hasRight('agenda', 'myactions', 'read')) $elementTypeArray['action']=$langs->transnoentitiesnoconv('Events');
|
||||
$elementTypeArray = array();
|
||||
|
||||
if ($object->client) {
|
||||
|
||||
@@ -78,7 +78,7 @@ $hookmanager->initHooks(array('contactthirdparty', 'globalcard'));
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($action == 'addcontact' && $user->rights->societe->creer) {
|
||||
if ($action == 'addcontact' && $user->hasRight('societe', 'creer')) {
|
||||
$result = $object->fetch($id);
|
||||
|
||||
if ($result > 0 && $id > 0) {
|
||||
@@ -98,14 +98,14 @@ if ($action == 'addcontact' && $user->rights->societe->creer) {
|
||||
$mesg = '<div class="error">'.$object->error.'</div>';
|
||||
}
|
||||
}
|
||||
} elseif ($action == 'swapstatut' && $user->rights->societe->creer) {
|
||||
} elseif ($action == 'swapstatut' && $user->hasRight('societe', 'creer')) {
|
||||
// bascule du statut d'un contact
|
||||
if ($object->fetch($id)) {
|
||||
$result = $object->swapContactStatus(GETPOST('ligne', 'int'));
|
||||
} else {
|
||||
dol_print_error($db);
|
||||
}
|
||||
} elseif ($action == 'deletecontact' && $user->rights->societe->creer) {
|
||||
} elseif ($action == 'deletecontact' && $user->hasRight('societe', 'creer')) {
|
||||
// Efface un contact
|
||||
$object->fetch($id);
|
||||
$result = $object->delete_contact(GETPOST("lineid", 'int'));
|
||||
|
||||
@@ -349,7 +349,7 @@ $arrayofmassactions = array(
|
||||
//'presend'=>$langs->trans("SendByMail"),
|
||||
//'builddoc'=>$langs->trans("PDFMerge"),
|
||||
);
|
||||
if ($user->rights->mymodule->delete) {
|
||||
if ($user->hasRight('mymodule', 'delete')) {
|
||||
$arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
|
||||
}
|
||||
if (in_array($massaction, array('presend', 'predelete'))) {
|
||||
|
||||
@@ -194,7 +194,7 @@ class CTicketCategory extends CommonObject
|
||||
}
|
||||
|
||||
// Example to show how to set values of fields definition dynamically
|
||||
/*if ($user->rights->mymodule->myobject->read) {
|
||||
/*if ($user->hasRight('mymodule', 'myobject', 'read')) {
|
||||
$this->fields['myfield']['visible'] = 1;
|
||||
$this->fields['myfield']['noteditable'] = 0;
|
||||
}*/
|
||||
|
||||
@@ -61,7 +61,7 @@ $socid = 0;
|
||||
if ($user->socid > 0) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
|
||||
$feature2 = (($socid && $user->hasRight('user', 'self', 'creer')) ? '' : 'user');
|
||||
|
||||
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
|
||||
|
||||
|
||||
@@ -61,7 +61,7 @@ $socid = 0;
|
||||
if ($user->socid > 0) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
|
||||
$feature2 = (($socid && $user->hasRight('user', 'self', 'creer')) ? '' : 'user');
|
||||
|
||||
$object = new User($db);
|
||||
if ($id > 0 || !empty($ref)) {
|
||||
@@ -287,7 +287,7 @@ if ($id && $bankid && $action == 'edit' && ($user->rights->user->user->creer ||
|
||||
print '<input type="hidden" name="id" value="'.GETPOST("id", 'int').'">';
|
||||
print '<input type="hidden" name="bankid" value="'.$bankid.'">';
|
||||
}
|
||||
if ($id && $action == 'create' && $user->rights->user->user->creer) {
|
||||
if ($id && $action == 'create' && $user->hasRight('user', 'user', 'creer')) {
|
||||
if ($conf->use_javascript_ajax) {
|
||||
print "\n<script>";
|
||||
print 'jQuery(document).ready(function () {
|
||||
@@ -867,7 +867,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac
|
||||
}
|
||||
|
||||
// Edit
|
||||
if ($id && ($action == 'edit' || $action == 'create') && $user->rights->user->user->creer) {
|
||||
if ($id && ($action == 'edit' || $action == 'create') && $user->hasRight('user', 'user', 'creer')) {
|
||||
$title = $langs->trans("User");
|
||||
print dol_get_fiche_head($head, 'bank', $title, 0, 'user');
|
||||
|
||||
@@ -982,11 +982,11 @@ if ($id && ($action == 'edit' || $action == 'create') && $user->rights->user->us
|
||||
print $form->buttonsSaveCancel("Modify");
|
||||
}
|
||||
|
||||
if ($id && $action == 'edit' && $user->rights->user->user->creer) {
|
||||
if ($id && $action == 'edit' && $user->hasRight('user', 'user', 'creer')) {
|
||||
print '</form>';
|
||||
}
|
||||
|
||||
if ($id && $action == 'create' && $user->rights->user->user->creer) {
|
||||
if ($id && $action == 'create' && $user->hasRight('user', 'user', 'creer')) {
|
||||
print '</form>';
|
||||
}
|
||||
|
||||
|
||||
@@ -37,7 +37,7 @@ $socid = 0;
|
||||
if ($user->socid > 0) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
|
||||
$feature2 = (($socid && $user->hasRight('user', 'self', 'creer')) ? '' : 'user');
|
||||
|
||||
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
|
||||
|
||||
|
||||
@@ -46,7 +46,7 @@ $socid = 0;
|
||||
if ($user->socid > 0) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
|
||||
$feature2 = (($socid && $user->hasRight('user', 'self', 'creer')) ? '' : 'user');
|
||||
|
||||
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
|
||||
|
||||
|
||||
@@ -40,7 +40,7 @@ $socid = 0;
|
||||
if ($user->socid > 0) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
|
||||
$feature2 = (($socid && $user->hasRight('user', 'self', 'creer')) ? '' : 'user');
|
||||
|
||||
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
|
||||
|
||||
|
||||
@@ -52,7 +52,7 @@ $socid = 0;
|
||||
if ($user->socid > 0) {
|
||||
$socid = $user->socid;
|
||||
}
|
||||
$feature2 = (($socid && $user->rights->user->self->creer) ? '' : 'user');
|
||||
$feature2 = (($socid && $user->hasRight('user', 'self', 'creer')) ? '' : 'user');
|
||||
|
||||
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user