forked from Wavyzz/dolibarr
Fix: better sql request with multicompany transverse mode
This commit is contained in:
Regis Houssin
@@ -1500,7 +1500,7 @@ abstract class CommonObject
|
|||||||
*/
|
*/
|
||||||
function load_previous_next_ref($filter, $fieldid, $nodbprefix=0)
|
function load_previous_next_ref($filter, $fieldid, $nodbprefix=0)
|
||||||
{
|
{
|
||||||
global $user;
|
global $conf, $user;
|
||||||
|
|
||||||
if (! $this->table_element)
|
if (! $this->table_element)
|
||||||
{
|
{
|
||||||
@@ -1520,6 +1520,9 @@ abstract class CommonObject
|
|||||||
|
|
||||||
$sql = "SELECT MAX(te.".$fieldid.")";
|
$sql = "SELECT MAX(te.".$fieldid.")";
|
||||||
$sql.= " FROM ".(empty($nodbprefix)?MAIN_DB_PREFIX:'').$this->table_element." as te";
|
$sql.= " FROM ".(empty($nodbprefix)?MAIN_DB_PREFIX:'').$this->table_element." as te";
|
||||||
|
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
|
||||||
|
$sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug";
|
||||||
|
}
|
||||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to entity
|
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to entity
|
||||||
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
|
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
|
||||||
else if ($this->restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
|
else if ($this->restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
|
||||||
@@ -1534,7 +1537,14 @@ abstract class CommonObject
|
|||||||
}
|
}
|
||||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
|
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
|
||||||
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
|
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
|
||||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN ('.getEntity($this->element).')';
|
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
|
||||||
|
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
|
||||||
|
$sql.= " AND (ug.fk_user = te.rowid";
|
||||||
|
$sql.= " AND ug.entity IN (".getEntity($this->element)."))";
|
||||||
|
} else {
|
||||||
|
$sql.= ' AND te.entity IN ('.getEntity($this->element).')';
|
||||||
|
}
|
||||||
|
}
|
||||||
if ($this->restrictiononfksoc == 1 && $socid && $this->element != 'societe') $sql.= ' AND te.fk_soc = ' . $socid;
|
if ($this->restrictiononfksoc == 1 && $socid && $this->element != 'societe') $sql.= ' AND te.fk_soc = ' . $socid;
|
||||||
if ($this->restrictiononfksoc == 2 && $socid && $this->element != 'societe') $sql.= ' AND (te.fk_soc = ' . $socid.' OR te.fk_soc IS NULL)';
|
if ($this->restrictiononfksoc == 2 && $socid && $this->element != 'societe') $sql.= ' AND (te.fk_soc = ' . $socid.' OR te.fk_soc IS NULL)';
|
||||||
if ($this->restrictiononfksoc && $socid && $this->element == 'societe') $sql.= ' AND te.rowid = ' . $socid;
|
if ($this->restrictiononfksoc && $socid && $this->element == 'societe') $sql.= ' AND te.rowid = ' . $socid;
|
||||||
@@ -1552,6 +1562,9 @@ abstract class CommonObject
|
|||||||
|
|
||||||
$sql = "SELECT MIN(te.".$fieldid.")";
|
$sql = "SELECT MIN(te.".$fieldid.")";
|
||||||
$sql.= " FROM ".(empty($nodbprefix)?MAIN_DB_PREFIX:'').$this->table_element." as te";
|
$sql.= " FROM ".(empty($nodbprefix)?MAIN_DB_PREFIX:'').$this->table_element." as te";
|
||||||
|
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
|
||||||
|
$sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug";
|
||||||
|
}
|
||||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to entity
|
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to entity
|
||||||
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
|
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe as s"; // If we need to link to societe to limit select to socid
|
||||||
else if ($this->restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
|
else if ($this->restrictiononfksoc == 2 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON te.fk_soc = s.rowid"; // If we need to link to societe to limit select to socid
|
||||||
@@ -1566,7 +1579,14 @@ abstract class CommonObject
|
|||||||
}
|
}
|
||||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
|
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
|
||||||
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
|
else if ($this->restrictiononfksoc == 1 && $this->element != 'societe' && !$user->rights->societe->client->voir && !$socid) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to socid
|
||||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN ('.getEntity($this->element).')';
|
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
|
||||||
|
if ($this->element == 'user' && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
|
||||||
|
$sql.= " AND (ug.fk_user = te.rowid";
|
||||||
|
$sql.= " AND ug.entity IN (".getEntity($this->element)."))";
|
||||||
|
} else {
|
||||||
|
$sql.= ' AND te.entity IN ('.getEntity($this->element).')';
|
||||||
|
}
|
||||||
|
}
|
||||||
if ($this->restrictiononfksoc == 1 && $socid && $this->element != 'societe') $sql.= ' AND te.fk_soc = ' . $socid;
|
if ($this->restrictiononfksoc == 1 && $socid && $this->element != 'societe') $sql.= ' AND te.fk_soc = ' . $socid;
|
||||||
if ($this->restrictiononfksoc == 2 && $socid && $this->element != 'societe') $sql.= ' AND (te.fk_soc = ' . $socid.' OR te.fk_soc IS NULL)';
|
if ($this->restrictiononfksoc == 2 && $socid && $this->element != 'societe') $sql.= ' AND (te.fk_soc = ' . $socid.' OR te.fk_soc IS NULL)';
|
||||||
if ($this->restrictiononfksoc && $socid && $this->element == 'societe') $sql.= ' AND te.rowid = ' . $socid;
|
if ($this->restrictiononfksoc && $socid && $this->element == 'societe') $sql.= ' AND te.rowid = ' . $socid;
|
||||||
|
|||||||
@@ -470,13 +470,32 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
|
|||||||
{
|
{
|
||||||
$sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
|
$sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
|
||||||
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
||||||
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
|
if (($feature == 'user' || $feature == 'usergroup') && ! empty($conf->multicompany->enabled))
|
||||||
if (($feature == 'user' || $feature == 'usergroup') && ! empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && ! $user->entity)
|
|
||||||
{
|
{
|
||||||
$sql.= " AND dbt.entity IS NOT NULL";
|
if (! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE))
|
||||||
|
{
|
||||||
|
if ($conf->entity == 1 && $user->admin && ! $user->entity)
|
||||||
|
{
|
||||||
|
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
|
||||||
|
$sql.= " AND dbt.entity IS NOT NULL";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug";
|
||||||
|
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
|
||||||
|
$sql.= " AND (ug.fk_user = dbt.rowid";
|
||||||
|
$sql.= " AND ug.entity IN (".getEntity('user')."))";
|
||||||
|
$sql.= " OR dbt.entity = 0"; // Show always superadmin
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
|
||||||
|
$sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
|
||||||
$sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
|
$sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -510,12 +529,12 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
|
|||||||
else if (in_array($feature,$checkother)) // Test on entity and link to societe. Allowed if link is empty (Ex: contacts...).
|
else if (in_array($feature,$checkother)) // Test on entity and link to societe. Allowed if link is empty (Ex: contacts...).
|
||||||
{
|
{
|
||||||
// If external user: Check permission for external users
|
// If external user: Check permission for external users
|
||||||
if ($user->societe_id > 0)
|
if ($user->socid > 0)
|
||||||
{
|
{
|
||||||
$sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
|
$sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
|
||||||
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
||||||
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
|
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
|
||||||
$sql.= " AND dbt.fk_soc = ".$user->societe_id;
|
$sql.= " AND dbt.fk_soc = ".$user->socid;
|
||||||
}
|
}
|
||||||
// If internal user: Check permission for internal users that are restricted on their objects
|
// If internal user: Check permission for internal users that are restricted on their objects
|
||||||
else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
|
else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
|
||||||
@@ -578,13 +597,13 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
|
|||||||
else if (! in_array($feature,$nocheck)) // By default (case of $checkdefault), we check on object entity + link to third party on field $dbt_keyfield
|
else if (! in_array($feature,$nocheck)) // By default (case of $checkdefault), we check on object entity + link to third party on field $dbt_keyfield
|
||||||
{
|
{
|
||||||
// If external user: Check permission for external users
|
// If external user: Check permission for external users
|
||||||
if ($user->societe_id > 0)
|
if ($user->socid > 0)
|
||||||
{
|
{
|
||||||
if (empty($dbt_keyfield)) dol_print_error('','Param dbt_keyfield is required but not defined');
|
if (empty($dbt_keyfield)) dol_print_error('','Param dbt_keyfield is required but not defined');
|
||||||
$sql = "SELECT COUNT(dbt.".$dbt_keyfield.") as nb";
|
$sql = "SELECT COUNT(dbt.".$dbt_keyfield.") as nb";
|
||||||
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
|
||||||
$sql.= " WHERE dbt.rowid IN (".$objectid.")";
|
$sql.= " WHERE dbt.rowid IN (".$objectid.")";
|
||||||
$sql.= " AND dbt.".$dbt_keyfield." = ".$user->societe_id;
|
$sql.= " AND dbt.".$dbt_keyfield." = ".$user->socid;
|
||||||
}
|
}
|
||||||
// If internal user: Check permission for internal users that are restricted on their objects
|
// If internal user: Check permission for internal users that are restricted on their objects
|
||||||
else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
|
else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
|
||||||
|
|||||||
Reference in New Issue
Block a user