From a575b696e76f350d5ecbaab7bc600b448f1cce93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20France?= Date: Mon, 19 Jun 2023 23:27:24 +0200 Subject: [PATCH] use user hasRight --- htdocs/api/class/api_documents.class.php | 4 ++-- htdocs/api/class/api_setup.class.php | 10 +++++----- htdocs/comm/action/class/cactioncomm.class.php | 2 +- htdocs/comm/propal/class/api_proposals.class.php | 6 +++--- htdocs/comm/propal/class/propal.class.php | 2 +- htdocs/comm/propal/tpl/linkedobjectblock.tpl.php | 2 +- htdocs/commande/class/api_orders.class.php | 10 +++++----- htdocs/compta/facture/class/api_invoices.class.php | 2 +- htdocs/core/boxes/box_graph_propales_permonth.php | 2 +- htdocs/core/boxes/box_propales.php | 2 +- htdocs/product/stats/card.php | 2 +- htdocs/product/stats/propal.php | 2 +- htdocs/product/stats/supplier_proposal.php | 2 +- 13 files changed, 24 insertions(+), 24 deletions(-) diff --git a/htdocs/api/class/api_documents.class.php b/htdocs/api/class/api_documents.class.php index 3d45956a0cb..7372ea88798 100644 --- a/htdocs/api/class/api_documents.class.php +++ b/htdocs/api/class/api_documents.class.php @@ -349,7 +349,7 @@ class Documents extends DolibarrApi } elseif ($modulepart == 'propal' || $modulepart == 'proposal') { require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php'; - if (!DolibarrApiAccess::$user->rights->propal->lire) { + if (!DolibarrApiAccess::$user->hasRight('propal', 'lire')) { throw new RestException(401); } @@ -377,7 +377,7 @@ class Documents extends DolibarrApi } elseif ($modulepart == 'commande' || $modulepart == 'order') { require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php'; - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index fab4e0bfafe..abb09397361 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -68,7 +68,7 @@ class Setup extends DolibarrApi { $list = array(); - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } @@ -130,7 +130,7 @@ class Setup extends DolibarrApi { $list = array(); - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } @@ -193,7 +193,7 @@ class Setup extends DolibarrApi { $list = array(); - if (!DolibarrApiAccess::$user->rights->propal->lire && !DolibarrApiAccess::$user->rights->commande->lire && !DolibarrApiAccess::$user->hasRight('facture', 'lire')) { + if (!DolibarrApiAccess::$user->hasRight('propal', 'lire') && !DolibarrApiAccess::$user->hasRight('commande', 'lire') && !DolibarrApiAccess::$user->hasRight('facture', 'lire')) { throw new RestException(401); } @@ -659,7 +659,7 @@ class Setup extends DolibarrApi { $list = array(); - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } @@ -1249,7 +1249,7 @@ class Setup extends DolibarrApi { $list = array(); - if (!DolibarrApiAccess::$user->rights->propal->lire && !DolibarrApiAccess::$user->rights->commande->lire && !DolibarrApiAccess::$user->hasRight('facture', 'lire')) { + if (!DolibarrApiAccess::$user->hasRight('propal', 'lire') && !DolibarrApiAccess::$user->hasRight('commande', 'lire') && !DolibarrApiAccess::$user->hasRight('facture', 'lire')) { throw new RestException(401); } diff --git a/htdocs/comm/action/class/cactioncomm.class.php b/htdocs/comm/action/class/cactioncomm.class.php index ee2e6d2d38d..d40a8b15240 100644 --- a/htdocs/comm/action/class/cactioncomm.class.php +++ b/htdocs/comm/action/class/cactioncomm.class.php @@ -201,7 +201,7 @@ class CActionComm if ($obj->module == 'invoice' && isModEnabled('facture') && $user->hasRight('facture', 'lire')) { $qualified = 1; } - if ($obj->module == 'order' && isModEnabled('commande') && empty($user->rights->commande->lire)) { + if ($obj->module == 'order' && isModEnabled('commande') && !$user->hasRight('commande', 'lire')) { $qualified = 1; } if ($obj->module == 'propal' && isModEnabled("propal") && $user->hasRight('propal', 'lire')) { diff --git a/htdocs/comm/propal/class/api_proposals.class.php b/htdocs/comm/propal/class/api_proposals.class.php index fdb44741e48..8658c759202 100644 --- a/htdocs/comm/propal/class/api_proposals.class.php +++ b/htdocs/comm/propal/class/api_proposals.class.php @@ -121,7 +121,7 @@ class Proposals extends DolibarrApi */ private function _fetch($id, $ref = '', $ref_ext = '', $contact_list = 1) { - if (!DolibarrApiAccess::$user->rights->propal->lire) { + if (!DolibarrApiAccess::$user->hasRight('propal', 'lire')) { throw new RestException(401); } @@ -162,7 +162,7 @@ class Proposals extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->propal->lire) { + if (!DolibarrApiAccess::$user->hasRight('propal', 'lire')) { throw new RestException(401); } @@ -295,7 +295,7 @@ class Proposals extends DolibarrApi { $filters = ""; - if (!DolibarrApiAccess::$user->rights->propal->lire) { + if (!DolibarrApiAccess::$user->hasRight('propal', 'lire')) { throw new RestException(401); } diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 2983f6e83ca..40ea890c846 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -3813,7 +3813,7 @@ class Propal extends CommonObject } $url = ''; - if ($user->rights->propal->lire) { + if ($user->hasRight('propal', 'lire')) { if ($option == '') { $url = DOL_URL_ROOT.'/comm/propal/card.php?id='.$this->id.$get_params; } elseif ($option == 'compta') { // deprecated diff --git a/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php b/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php index 8aa72d9c43f..b81a31e1891 100644 --- a/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php +++ b/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php @@ -62,7 +62,7 @@ foreach ($linkedObjectBlock as $key => $objectlink) { print ''.$objectlink->ref_client.''; print ''.dol_print_date($objectlink->date, 'day').''; print ''; - if ($user->rights->propal->lire) { + if ($user->hasRight('propal', 'lire')) { $total = $total + $objectlink->total_ht; echo price($objectlink->total_ht); } diff --git a/htdocs/commande/class/api_orders.class.php b/htdocs/commande/class/api_orders.class.php index ae9625fbcb5..b82bd618a42 100644 --- a/htdocs/commande/class/api_orders.class.php +++ b/htdocs/commande/class/api_orders.class.php @@ -118,7 +118,7 @@ class Orders extends DolibarrApi */ private function _fetch($id, $ref = '', $ref_ext = '', $contact_list = 1) { - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } @@ -165,7 +165,7 @@ class Orders extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } @@ -301,7 +301,7 @@ class Orders extends DolibarrApi */ public function getLines($id) { - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } @@ -504,7 +504,7 @@ class Orders extends DolibarrApi */ public function getContacts($id, $type = '') { - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } @@ -943,7 +943,7 @@ class Orders extends DolibarrApi require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php'; - if (!DolibarrApiAccess::$user->rights->propal->lire) { + if (!DolibarrApiAccess::$user->hasRight('propal', 'lire')) { throw new RestException(401); } if (!DolibarrApiAccess::$user->rights->commande->creer) { diff --git a/htdocs/compta/facture/class/api_invoices.class.php b/htdocs/compta/facture/class/api_invoices.class.php index 0964573d58f..d48740ea68d 100644 --- a/htdocs/compta/facture/class/api_invoices.class.php +++ b/htdocs/compta/facture/class/api_invoices.class.php @@ -338,7 +338,7 @@ class Invoices extends DolibarrApi { require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php'; - if (!DolibarrApiAccess::$user->rights->commande->lire) { + if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) { throw new RestException(401); } if (!DolibarrApiAccess::$user->rights->facture->creer) { diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index e881db92412..89475095eb4 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -105,7 +105,7 @@ class box_graph_propales_permonth extends ModeleBoxes $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } - if ($user->rights->propal->lire) { + if ($user->hasRight('propal', 'lire')) { $param_year = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; $param_shownb = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_shownb'; $param_showtot = 'DOLUSERCOOKIE_box_'.$this->boxcode.'_showtot'; diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index a0ff56aa625..d731e017842 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -83,7 +83,7 @@ class box_propales extends ModeleBoxes $this->info_box_head = array('text' => $langs->trans("BoxTitleLast".(!empty($conf->global->MAIN_LASTBOX_ON_OBJECT_DATE) ? "" : "Modified")."Propals", $max)); - if ($user->rights->propal->lire) { + if ($user->hasRight('propal', 'lire')) { $sql = "SELECT s.rowid as socid, s.nom as name, s.name_alias"; $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index c986e489539..a91927e77d4 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -464,7 +464,7 @@ if ($result || !($id > 0)) { if ($graphfiles == 'propal' && empty($user->rights->propal->lire)) { continue; } - if ($graphfiles == 'order' && empty($user->rights->commande->lire)) { + if ($graphfiles == 'order' && !$user->hasRight('commande', 'lire')) { continue; } if ($graphfiles == 'invoices' && !$user->hasRight('facture', 'lire')) { diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index f93c5022fd2..f7bb4d6051d 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -138,7 +138,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); - if ($user->rights->propal->lire) { + if ($user->hasRight('propal', 'lire')) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; $sql .= " p.ref_client,"; $sql .= "p.datep, p.fk_statut as statut, d.rowid, d.qty"; diff --git a/htdocs/product/stats/supplier_proposal.php b/htdocs/product/stats/supplier_proposal.php index f2957ffaeb1..e6c07c4cb58 100644 --- a/htdocs/product/stats/supplier_proposal.php +++ b/htdocs/product/stats/supplier_proposal.php @@ -137,7 +137,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); - if ($user->rights->propal->lire) { + if ($user->hasRight('propal', 'lire')) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; //$sql .= " p.ref_supplier,"; $sql .= "p.date_valid, p.fk_statut as statut, d.rowid, d.qty";