From 738e9b7eba1ffa45e1dc7083ba753c7f836aba86 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 31 Mar 2006 16:26:48 +0000 Subject: [PATCH] ajout droit manquant sur les stats pour les commerciaux --- htdocs/actioncomm.class.php | 7 +++++-- htdocs/commande/commande.class.php | 7 +++++-- htdocs/contrat/contrat.class.php | 9 +++++++-- htdocs/facture.class.php | 7 +++++-- htdocs/fourn/fournisseur.facture.class.php | 7 +++++-- htdocs/index.php | 2 +- htdocs/propal.class.php | 7 +++++-- 7 files changed, 33 insertions(+), 13 deletions(-) diff --git a/htdocs/actioncomm.class.php b/htdocs/actioncomm.class.php index 877fa0ebb14..f6d8cdb7361 100644 --- a/htdocs/actioncomm.class.php +++ b/htdocs/actioncomm.class.php @@ -223,13 +223,16 @@ class ActionComm */ function load_board($user) { - global $conf; + global $conf, $user; $this->nbtodo=$this->nbtodolate=0; $sql = "SELECT a.id,".$this->db->pdate("a.datea")." as da"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as a"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE a.percent < 100"; - if ($user->societe_id) $sql.=" AND fk_soc = ".$user->societe_id; + if ($user->societe_id) $sql.=" AND a.fk_soc = ".$user->societe_id; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND a.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/commande/commande.class.php b/htdocs/commande/commande.class.php index 8a2f684d27b..8d05748577a 100644 --- a/htdocs/commande/commande.class.php +++ b/htdocs/commande/commande.class.php @@ -1273,13 +1273,16 @@ class Commande */ function load_board($user) { - global $conf; + global $conf, $user; $this->nbtodo=$this->nbtodolate=0; $sql = 'SELECT c.rowid,'.$this->db->pdate('c.date_creation').' as datec'; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= ' FROM '.MAIN_DB_PREFIX.'commande as c'; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ' WHERE c.fk_statut BETWEEN 1 AND 2'; - if ($user->societe_id) $sql.=' AND fk_soc = '.$user->societe_id; + if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/contrat/contrat.class.php b/htdocs/contrat/contrat.class.php index 8e1c966f8b2..96a806952cf 100644 --- a/htdocs/contrat/contrat.class.php +++ b/htdocs/contrat/contrat.class.php @@ -1006,25 +1006,30 @@ class Contrat */ function load_board($user,$mode) { - global $conf; + global $conf, $user; $this->nbtodo=$this->nbtodolate=0; if ($mode == 'inactives') { $sql = "SELECT cd.rowid,".$this->db->pdate("cd.date_ouverture_prevue")." as datefin"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."contratdet as cd"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.statut = 1 AND c.rowid = cd.fk_contrat"; $sql.= " AND cd.statut = 0"; } if ($mode == 'expired') { $sql = "SELECT cd.rowid,".$this->db->pdate("cd.date_fin_validite")." as datefin"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."contratdet as cd"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.statut = 1 AND c.rowid = cd.fk_contrat"; $sql.= " AND cd.statut = 4"; $sql.= " AND cd.date_fin_validite < '".$this->db->idate(time())."'"; } - if ($user->societe_id) $sql.=" AND fk_soc = ".$user->societe_id; + if ($user->societe_id) $sql.=" AND c.fk_soc = ".$user->societe_id; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/facture.class.php b/htdocs/facture.class.php index a4b8e3ccef2..7c634a697bf 100644 --- a/htdocs/facture.class.php +++ b/htdocs/facture.class.php @@ -1916,13 +1916,16 @@ class Facture */ function load_board($user) { - global $conf; + global $conf, $user; $this->nbtodo=$this->nbtodolate=0; $sql = 'SELECT f.rowid,'.$this->db->pdate('f.date_lim_reglement').' as datefin'; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= ' FROM '.MAIN_DB_PREFIX.'facture as f'; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ' WHERE f.paye=0 AND f.fk_statut = 1'; - if ($user->societe_id) $sql.=' AND fk_soc = '.$user->societe_id; + if ($user->societe_id) $sql.=' AND f.fk_soc = '.$user->societe_id; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND f.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/fourn/fournisseur.facture.class.php b/htdocs/fourn/fournisseur.facture.class.php index 203ce76a97e..9c5b5fe5c0c 100644 --- a/htdocs/fourn/fournisseur.facture.class.php +++ b/htdocs/fourn/fournisseur.facture.class.php @@ -650,13 +650,16 @@ class FactureFournisseur */ function load_board($user) { - global $conf; + global $conf, $user; $this->nbtodo=$this->nbtodolate=0; $sql = 'SELECT ff.rowid,'.$this->db->pdate('ff.date_lim_reglement').' as datefin'; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as ff'; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ' WHERE ff.paye=0'; - if ($user->societe_id) $sql.=' AND fk_soc = '.$user->societe_id; + if ($user->societe_id) $sql.=' AND ff.fk_soc = '.$user->societe_id; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND ff.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/index.php b/htdocs/index.php index b87dd341737..1a25396d865 100644 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -370,7 +370,7 @@ if (MAIN_SHOW_WORKBOARD == 1) { $langs->load("bills"); - include_once("./fourn/fournisseur.facture.class.php"); + include_once(DOL_DOCUMENT_ROOT."/fourn/fournisseur.facture.class.php"); $board=new FactureFournisseur($db); $board->load_board($user); diff --git a/htdocs/propal.class.php b/htdocs/propal.class.php index 1de1d7f6748..3cb27a0a283 100644 --- a/htdocs/propal.class.php +++ b/htdocs/propal.class.php @@ -1437,14 +1437,17 @@ class Propal */ function load_board($user,$mode) { - global $conf; + global $conf, $user; $this->nbtodo=$this->nbtodolate=0; $sql ="SELECT p.rowid,".$this->db->pdate("p.datec")." as datec,".$this->db->pdate("p.fin_validite")." as datefin"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", sc.fk_soc, sc.fk_user"; $sql.=" FROM ".MAIN_DB_PREFIX."propal as p"; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; if ($mode == 'opened') $sql.=" WHERE p.fk_statut = 1"; if ($mode == 'signed') $sql.=" WHERE p.fk_statut = 2"; - if ($user->societe_id) $sql.=" AND fk_soc = ".$user->societe_id; + if ($user->societe_id) $sql.=" AND p.fk_soc = ".$user->societe_id; + if (!$user->rights->commercial->client->voir && !$user->societe_id) $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id; $resql=$this->db->query($sql); if ($resql) {