Merge branch 'develop' of https://github.com/Dolibarr/dolibarr.git into develop

htdocs/core/class/html.formother.class.php

@@ -462,7 +462,7 @@ class FormOther
      */
     function select_color($set_color='', $prefix='f_color', $form_name='objForm', $showcolorbox=1, $arrayofcolors='')
     {
-    	print selectColor($set_color, $prefix, $form_name, $showcolorbox, $arrayofcolors);
+    	print $this->selectColor($set_color, $prefix, $form_name, $showcolorbox, $arrayofcolors);
     }
 
     /**

htdocs/core/lib/security2.lib.php

@@ -54,7 +54,7 @@ function checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmod
 	global $conf,$langs;
     //global $dolauthmode;    // To return authentication finally used
 
-	// Check parameetrs
+	// Check parameters
 	if ($entitytotest == '') $entitytotest=1;
 
     dol_syslog("checkLoginPassEntity usertotest=".$usertotest." entitytotest=".$entitytotest." authmode=".join(',',$authmode));

htdocs/core/login/functions_dolibarr.php

@@ -36,9 +36,14 @@
 function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=1)
 {
 	global $db,$conf,$langs;
+	global $mc;
 
 	dol_syslog("functions_dolibarr::check_user_password_dolibarr usertotest=".$usertotest);
 
+	// Force master entity in transversal mode
+	$entity=$entitytotest;
+	if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) $entity=1;
+
 	$login='';
 
 	if (! empty($usertotest))
@@ -48,10 +53,10 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
 		$usernamecol = 'login';
 		$entitycol = 'entity';
 
-		$sql ='SELECT pass, pass_crypted';
+		$sql ='SELECT rowid, entity, pass, pass_crypted';
 		$sql.=' FROM '.$table;
 		$sql.=' WHERE '.$usernamecol." = '".$db->escape($usertotest)."'";
-		$sql.=' AND '.$entitycol." IN (0," . ($entitytotest ? $entitytotest : 1) . ")";
+		$sql.=' AND '.$entitycol." IN (0," . ($entity ? $entity : 1) . ")";
 
 		dol_syslog("functions_dolibarr::check_user_password_dolibarr sql=".$sql);
 		$resql=$db->query($sql);
@@ -92,6 +97,12 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
 					}
 				}
 
+				if ($passok && ! empty($obj->entity) && (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)))
+				{
+					$ret=$mc->checkRight($obj->rowid, $entitytotest);
+					if ($ret < 0) $passok=false;
+				}
+
 				// Password ok ?
 				if ($passok)
 				{

htdocs/main.inc.php

@@ -358,7 +358,7 @@ if (! defined('NOLOGIN'))
                 // Appel des triggers
                 include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
                 $interface=new Interfaces($db);
-                $result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,GETPOST('entity','int',2));
+                $result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,GETPOST('entity','int'));
                 if ($result < 0) {
                     $error++;
                 }
@@ -752,7 +752,7 @@ $heightforframes=52;
 // Switch to another entity
 if (! empty($conf->multicompany->enabled) && GETPOST('action') == 'switchentity')
 {
-    if ($mc->switchEntity(GETPOST('entity','int',2)) > 0)
+    if ($mc->switchEntity(GETPOST('entity','int')) > 0)
     {
         Header("Location: ".DOL_URL_ROOT.'/');
         exit;

htdocs/user/class/user.class.php

@@ -150,7 +150,7 @@ class User extends CommonObject
 		$sql.= " u.ref_int, u.ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
 
-		if(! empty($conf->multicompany->enabled) && $conf->entity == 1)
+		if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))
 		{
 			$sql.= " WHERE u.entity IS NOT NULL";
 		}

htdocs/user/class/usergroup.class.php

@@ -145,12 +145,15 @@ class UserGroup extends CommonObject
 		if ($result)
 		{
 			while ($obj = $this->db->fetch_object($result))
+			{
+				if (! array_key_exists($obj->rowid, $ret))
 				{
 					$newgroup=new UserGroup($this->db);
 					$newgroup->fetch($obj->rowid);
-				$newgroup->usergroup_entity = $obj->usergroup_entity;
+					$ret[$obj->rowid]=$newgroup;
+				}
 
-				$ret[]=$newgroup;
+				$ret[$obj->rowid]->usergroup_entity[]=$obj->usergroup_entity;
 			}
 
 			$this->db->free($result);
@@ -181,7 +184,7 @@ class UserGroup extends CommonObject
 		$sql.= " ".MAIN_DB_PREFIX."usergroup_user as ug";
 		$sql.= " WHERE ug.fk_user = u.rowid";
 		$sql.= " AND ug.fk_usergroup = ".$this->id;
-		if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && ! $user->entity)
+		if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && ! $user->entity)
 		{
 			$sql.= " AND u.entity IS NOT NULL";
 		}
@@ -189,17 +192,21 @@ class UserGroup extends CommonObject
 		{
 			$sql.= " AND u.entity IN (0,".$conf->entity.")";
 		}
+
 		dol_syslog(get_class($this)."::listUsersForGroup sql=".$sql,LOG_DEBUG);
 		$result = $this->db->query($sql);
 		if ($result)
 		{
 			while ($obj = $this->db->fetch_object($result))
+			{
+				if (! array_key_exists($obj->rowid, $ret))
 				{
 					$newuser=new User($this->db);
 					$newuser->fetch($obj->rowid);
-				$newuser->usergroup_entity = $obj->usergroup_entity;
+					$ret[$obj->rowid]=$newuser;
+				}
 
-				$ret[]=$newuser;
+				$ret[$obj->rowid]->usergroup_entity[]=$obj->usergroup_entity;
 			}
 
 			$this->db->free($result);

htdocs/user/fiche.php

@@ -1394,8 +1394,17 @@ else
                         print '</td>';
                         if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity)
                         {
-                            $mc->getInfo($group->usergroup_entity);
-                            print '<td class="valeur">'.$mc->label."</td>";
+                        	print '<td class="valeur">';
+                        	if (! empty($group->usergroup_entity))
+                        	{
+                        		$nb=0;
+                        		foreach($group->usergroup_entity as $group_entity)
+                        		{
+                        			$mc->getInfo($group_entity);
+                        			print ($nb > 0 ? ', ' : '').$mc->label;
+                        			$nb++;
+                        		}
+                        	}
                         }
                         print '<td align="right">';
                         if ($caneditgroup)

htdocs/user/group/fiche.php

@@ -354,7 +354,7 @@ else
 
             if (! empty($object->members))
             {
-                if( !($conf->multicompany->enabled && $conf->multicompany->transverse_mode))
+                if (! ($conf->multicompany->enabled && $conf->multicompany->transverse_mode))
                 {
                     foreach($object->members as $useringroup)
                     {
@@ -404,7 +404,7 @@ else
             print '<td class="liste_titre">'.$langs->trans("Login").'</td>';
             print '<td class="liste_titre">'.$langs->trans("Lastname").'</td>';
             print '<td class="liste_titre">'.$langs->trans("Firstname").'</td>';
-			if(! empty($conf->multicompany->enabled) && $conf->entity == 1)
+			if (! empty($conf->multicompany->enabled) && $conf->entity == 1)
             {
             	print '<td class="liste_titre">'.$langs->trans("Entity").'</td>';
             }
@@ -428,10 +428,20 @@ else
             		print '</td>';
             		print '<td>'.$useringroup->lastname.'</td>';
             		print '<td>'.$useringroup->firstname.'</td>';
-            		if(! empty($conf->multicompany->enabled) && $conf->entity == 1)
+            		if (! empty($conf->multicompany->enabled) && $conf->entity == 1)
             		{
-            			$mc->getInfo($useringroup->usergroup_entity);
-            			print '<td class="valeur">'.$mc->label."</td>";
+            			print '<td class="valeur">';
+            			if (! empty($useringroup->usergroup_entity))
+            			{
+            				$nb=0;
+            				foreach($useringroup->usergroup_entity as $group_entity)
+            				{
+            					$mc->getInfo($group_entity);
+            					print ($nb > 0 ? ', ' : '').$mc->label;
+            					$nb++;
+            				}
+            			}
+            			print '</td>';
             		}
             		print '<td align="center">'.$useringroup->getLibStatut(3).'</td>';
             		print '<td align="right">';

htdocs/user/group/index.php

@@ -55,10 +55,10 @@ llxHeader();
 
 print_fiche_titre($langs->trans("ListOfGroups"));
 
-$sql = "SELECT g.rowid, g.nom, g.entity, g.datec, COUNT(ugu.rowid) as nb";
+$sql = "SELECT g.rowid, g.nom, g.entity, g.datec, COUNT(DISTINCT ugu.fk_user) as nb";
 $sql.= " FROM ".MAIN_DB_PREFIX."usergroup as g";
 $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ugu ON ugu.fk_usergroup = g.rowid";
-if(! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity)))
+if (! empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->multicompany->transverse_mode || ($user->admin && ! $user->entity)))
 {
 	$sql.= " WHERE g.entity IS NOT NULL";
 }
@@ -100,13 +100,13 @@ if ($resql)
 
         print "<tr $bc[$var]>";
         print '<td><a href="fiche.php?id='.$obj->rowid.'">'.img_object($langs->trans("ShowGroup"),"group").' '.$obj->nom.'</a>';
-        if (!$obj->entity)
+        if (! $obj->entity)
         {
         	print img_picto($langs->trans("GlobalGroup"),'redstar');
         }
         print "</td>";
         //multicompany
-        if(! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1)
+        if (! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode) && $conf->entity == 1)
         {
             $mc->getInfo($obj->entity);
             print '<td align="center">'.$mc->label.'</td>';