diff --git a/.github/workflows/ci-on-release.yml b/.github/workflows/ci-on-release.yml new file mode 100644 index 00000000000..7c3b0d716e3 --- /dev/null +++ b/.github/workflows/ci-on-release.yml @@ -0,0 +1,22 @@ +name: "CI-RELEASE" + +on: + release: + types: [published] + +jobs: + trigger-docker: + steps: + - name: Generate a token + id: generate-token + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ vars.RELEASE_DOCKER_ID }} + private-key: ${{ secrets.RELEASE_DOCKER_SECRET }} + + - uses: peter-evans/repository-dispatch@v4 + with: + token: ${{ steps.generate-token.outputs.token }} + repository: Dolibarr/dolibarr-docker + event-type: new-release + client-payload: '{"version": "${{ github.event.release.tag_name }}"}' diff --git a/htdocs/core/actions_addupdatedelete.inc.php b/htdocs/core/actions_addupdatedelete.inc.php index 78ca677f9fa..6bf15d2ab03 100644 --- a/htdocs/core/actions_addupdatedelete.inc.php +++ b/htdocs/core/actions_addupdatedelete.inc.php @@ -426,7 +426,7 @@ if ($action == "update_extras" && GETPOSTINT('id') > 0 && !empty($permissiontoad $object->oldcopy = dol_clone($object, 2); // @phan-suppress-current-line PhanTypeMismatchProperty - $attribute = GETPOST('attribute', 'alphanohtml'); + $attribute = GETPOST('attribute', 'aZ09'); $error = 0; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index eaf87871a67..6b7bfbf5fa5 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1173,8 +1173,8 @@ function GETPOSTDATE($prefix, $hourTime = '', $gm = 'auto') $m = array(); if ($hourTime === 'getpost') { $hour = GETPOSTINT($prefix . 'hour'); - $minute = GETPOSTINT($prefix . 'minute'); - $second = GETPOSTINT($prefix . 'second'); + $minute = GETPOSTINT($prefix . 'min'); + $second = GETPOSTINT($prefix . 'sec'); } elseif (preg_match('/^(\d\d):(\d\d):(\d\d)$/', $hourTime, $m)) { $hour = intval($m[1]); $minute = intval($m[2]); @@ -15220,8 +15220,8 @@ function buildParamDate($prefix, $timestamp = null, $hourTime = '', $gm = 'auto' if ($hourTime === 'getpost' || ($timestamp !== null && dol_print_date($timestamp, '%H:%M:%S') !== '00:00:00')) { $TParam = array_merge($TParam, array( $prefix . 'hour' => intval(dol_print_date($timestamp, '%H')), - $prefix . 'minute' => intval(dol_print_date($timestamp, '%M')), - $prefix . 'second' => intval(dol_print_date($timestamp, '%S')) + $prefix . 'min' => intval(dol_print_date($timestamp, '%M')), + $prefix . 'sec' => intval(dol_print_date($timestamp, '%S')) )); } diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index ecc83bde06d..458af07d5ab 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -992,14 +992,14 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl $checkonentitydone = 0; // Array to define rules of checks to do - $check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement'); // Test on entity only (Objects with no link to company) + $check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement', 'stock'); // Test on entity only (Objects with no link to company) $checksoc = array('societe'); // Test for object Societe $checkparentsoc = array('agenda', 'contact', 'contrat'); // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...). $checkproject = array('projet', 'project'); // Test for project object $checktask = array('projet_task', 'project_task'); // Test for task object $checkhierarchy = array('expensereport', 'holiday', 'hrm'); // check permission among the hierarchy of user $checkuser = array('bookmark'); // check permission among the fk_user (must be myself or null) - $nocheck = array('barcode', 'stock'); // No test + $nocheck = array('barcode'); // No test //$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...). diff --git a/htdocs/hrm/evaluation_agenda.php b/htdocs/hrm/evaluation_agenda.php index ec3d106630b..0e22cce8901 100644 --- a/htdocs/hrm/evaluation_agenda.php +++ b/htdocs/hrm/evaluation_agenda.php @@ -105,8 +105,9 @@ $permissiontoread = $user->hasRight('hrm', 'evaluation', 'read'); // Used by the // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); +$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0; +restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); + if (!isModEnabled('hrm')) { accessforbidden(); } diff --git a/htdocs/hrm/evaluation_contact.php b/htdocs/hrm/evaluation_contact.php index 48165b9d7a4..1e58563f9bf 100644 --- a/htdocs/hrm/evaluation_contact.php +++ b/htdocs/hrm/evaluation_contact.php @@ -71,10 +71,8 @@ $permission = $user->hasRight('hrm', 'evaluation', 'write'); // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->hrm->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0; +restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); diff --git a/htdocs/hrm/evaluation_document.php b/htdocs/hrm/evaluation_document.php index 8438a700cae..c413fc8782d 100644 --- a/htdocs/hrm/evaluation_document.php +++ b/htdocs/hrm/evaluation_document.php @@ -94,16 +94,12 @@ $permissiontoadd = $user->hasRight('hrm', 'evaluation', 'write'); // Used by th $permissiontoread = $user->hasRight('hrm', 'evaluation', 'read'); // Security check (enable the most restrictive one) -//if ($user->socid > 0) accessforbidden(); -//if ($user->socid > 0) $socid = $user->socid; -//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -if (empty($conf->hrm->enabled)) { - accessforbidden(); -} -if (!$permissiontoread) { - accessforbidden(); -} + +$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0; +restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); + +if (!isModEnabled('hrm')) accessforbidden(); +if (!$permissiontoread) accessforbidden(); /* diff --git a/htdocs/hrm/evaluation_note.php b/htdocs/hrm/evaluation_note.php index 033e314750c..e60aaf70d16 100644 --- a/htdocs/hrm/evaluation_note.php +++ b/htdocs/hrm/evaluation_note.php @@ -75,10 +75,10 @@ $permissiontoread = $user->hasRight('hrm', 'evaluation', 'read'); // Used by th // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); -//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); -//if (empty($conf->hrm->enabled)) accessforbidden(); -//if (!$permissiontoread) accessforbidden(); +$isdraft = (($object->status == Evaluation::STATUS_DRAFT) ? 1 : 0); +restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +if (empty($conf->hrm->enabled)) accessforbidden(); +if (!$permissiontoread) accessforbidden(); /* diff --git a/htdocs/product/inventory/card.php b/htdocs/product/inventory/card.php index 81c52b976da..3b14512ccbf 100644 --- a/htdocs/product/inventory/card.php +++ b/htdocs/product/inventory/card.php @@ -54,9 +54,9 @@ $include_sub_warehouse = !empty(GETPOST('include_sub_warehouse')) ? GETPOST('inc $hookmanager->initHooks(array('inventorycard', 'globalcard')); // Note that conf->hooks_modules contains array if (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) { - $result = restrictedArea($user, 'stock', $id); + $result = restrictedArea($user, 'stock', $id, 'inventory&stock'); } else { - $result = restrictedArea($user, 'stock', $id, '', 'inventory_advance'); + $result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance'); } // Initialize a technical objects diff --git a/htdocs/product/inventory/inventory.php b/htdocs/product/inventory/inventory.php index 4d860191269..31700b82227 100644 --- a/htdocs/product/inventory/inventory.php +++ b/htdocs/product/inventory/inventory.php @@ -71,9 +71,9 @@ $totalExpectedValuation = 0; $totalRealValuation = 0; $hookmanager->initHooks(array('inventorycard')); // Note that conf->hooks_modules contains array if (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) { - $result = restrictedArea($user, 'stock', $id); + $result = restrictedArea($user, 'stock', $id, 'inventory&stock'); } else { - $result = restrictedArea($user, 'stock', $id, '', 'inventory_advance'); + $result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance'); } // Initialize a technical objects diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index f462ae9a03d..22e4c49b61a 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -85,8 +85,7 @@ if (!$sortorder) { $hookmanager->initHooks(array('warehousecard', 'stocklist', 'globalcard')); // Security check -//$result=restrictedArea($user,'stock', $id, 'entrepot&stock'); -$result = restrictedArea($user, 'stock'); +$result=restrictedArea($user,'stock', $id, 'entrepot&stock'); $object = new Entrepot($db); $extrafields = new ExtraFields($db);