Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

FIX Security access problem with external users on projects/tasks

Browse Source
This commit is contained in:
Laurent Destailleur
2017-01-12 15:23:30 +01:00
parent 8d5c853267
commit f185a09693
18 changed files with 26 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/projet/document.php
View File

@@ -42,7 +42,7 @@ $mine = (GETPOST('mode','alpha') == 'mine' ? 1 : 0);
// Security check
$socid=0;
if ($user->societe_id > 0) $socid=$user->societe_id;
//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement.
$result=restrictedArea($user,'projet',$id,'projet&project');
$object = new Project($db);