From c4d8a25c5a09f018fd42a9b346085c36fa8a87ee Mon Sep 17 00:00:00 2001 From: florian HENRY Date: Mon, 10 Aug 2020 13:40:55 +0200 Subject: [PATCH 1/3] fix external module multidiroutput --- htdocs/core/lib/files.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 23b631bae53..cb139edd29b 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2992,7 +2992,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, if ($partofdirinoriginalfile && ($fuser->rights->$modulepart->$partofdirinoriginalfile->{$lire} || $fuser->rights->$modulepart->$partofdirinoriginalfile->{$read})) $accessallowed = 1; if ($fuser->rights->$modulepart->{$lire} || $fuser->rights->$modulepart->{$read}) $accessallowed = 1; //} - $original_file = $conf->$modulepart->dir_output.'/'.$original_file; + $original_file = $conf->$modulepart->multidir_output[$entity].'/'.$original_file; } // For modules who wants to manage different levels of permissions for documents From 5ff7e376962e0a78d7c292a441b24fd28c80c122 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Sun, 27 Sep 2020 18:05:19 +0200 Subject: [PATCH 2/3] review code --- htdocs/core/lib/files.lib.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index cb139edd29b..ddd20159e09 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2992,7 +2992,11 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, if ($partofdirinoriginalfile && ($fuser->rights->$modulepart->$partofdirinoriginalfile->{$lire} || $fuser->rights->$modulepart->$partofdirinoriginalfile->{$read})) $accessallowed = 1; if ($fuser->rights->$modulepart->{$lire} || $fuser->rights->$modulepart->{$read}) $accessallowed = 1; //} - $original_file = $conf->$modulepart->multidir_output[$entity].'/'.$original_file; + if (is_array($conf->$modulepart->multidir_output) && array_key_exists($entity, $conf->$modulepart->multidir_output)) { + $original_file = $conf->$modulepart->multidir_output[$entity].'/'.$original_file; + } else { + $original_file = $conf->$modulepart->dir_output.'/'.$original_file; + } } // For modules who wants to manage different levels of permissions for documents From 5c9ad3ec9bad0399314195855ebc57429e67a94f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 27 Sep 2020 18:55:09 +0200 Subject: [PATCH 3/3] Update files.lib.php --- htdocs/core/lib/files.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index ddd20159e09..2d126b4e4f7 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2992,7 +2992,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, if ($partofdirinoriginalfile && ($fuser->rights->$modulepart->$partofdirinoriginalfile->{$lire} || $fuser->rights->$modulepart->$partofdirinoriginalfile->{$read})) $accessallowed = 1; if ($fuser->rights->$modulepart->{$lire} || $fuser->rights->$modulepart->{$read}) $accessallowed = 1; //} - if (is_array($conf->$modulepart->multidir_output) && array_key_exists($entity, $conf->$modulepart->multidir_output)) { + if (is_array($conf->$modulepart->multidir_output) && !empty($conf->$modulepart->multidir_output[$entity])) { $original_file = $conf->$modulepart->multidir_output[$entity].'/'.$original_file; } else { $original_file = $conf->$modulepart->dir_output.'/'.$original_file;