Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 09:38:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

New: works on sharings between entities

Browse Source 
Fix: more simple, more flexible, add in global conf
This commit is contained in:
Regis Houssin
2011-04-18 10:49:39 +00:00
parent d0ba1c37fa
commit bb209e3c34
5 changed files with 22 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
htdocs/core/class/commonobject.class.php
View File

@@ -558,14 +558,6 @@ class CommonObject
// 0=No test on entity, 1=Test with field entity, 2=Test with link by societe // 0=No test on entity, 1=Test with field entity, 2=Test with link by societe
$alias = 's'; $alias = 's';
if ($this->element == 'societe') $alias = 'te'; if ($this->element == 'societe') $alias = 'te';
// Sharings between entities
if ($conf->global->MAIN_MODULE_MULTICOMPANY && $this->ismultientitymanaged == 1)
{
dol_include_once('/multicompany/class/actions_multicompany.class.php');
$mc = new ActionsMulticompany($db);
$mc->getEntitySharing($this->element);
}
$sql = "SELECT MAX(te.".$fieldid.")"; $sql = "SELECT MAX(te.".$fieldid.")";
$sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as te"; $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element." as te";
@@ -575,7 +567,7 @@ class CommonObject
if (!$this->isnolinkedbythird && !$user->rights->societe->client->voir) $sql.= " AND sc.fk_user = " .$user->id; if (!$this->isnolinkedbythird && !$user->rights->societe->client->voir) $sql.= " AND sc.fk_user = " .$user->id;
if (! empty($filter)) $sql.=" AND ".$filter; if (! empty($filter)) $sql.=" AND ".$filter;
if ($this->ismultientitymanaged == 2 || ($this->element != 'societe' && !$this->isnolinkedbythird && !$user->rights->societe->client->voir)) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity if ($this->ismultientitymanaged == 2 || ($this->element != 'societe' && !$this->isnolinkedbythird && !$user->rights->societe->client->voir)) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
if ($this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN (0,'.($mc->share ? $mc->share : $conf->entity).')'; if ($this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN (0,'.(! empty($conf->entities[$this->element]) ? $conf->entities[$this->element] : $conf->entity).')';
//print $sql."<br>"; //print $sql."<br>";
$result = $this->db->query($sql) ; $result = $this->db->query($sql) ;
@@ -596,7 +588,7 @@ class CommonObject
if (!$this->isnolinkedbythird && !$user->rights->societe->client->voir) $sql.= " AND sc.fk_user = " .$user->id; if (!$this->isnolinkedbythird && !$user->rights->societe->client->voir) $sql.= " AND sc.fk_user = " .$user->id;
if (isset($filter)) $sql.=" AND ".$filter; if (isset($filter)) $sql.=" AND ".$filter;
if ($this->ismultientitymanaged == 2 || ($this->element != 'societe' && !$this->isnolinkedbythird && !$user->rights->societe->client->voir)) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity if ($this->ismultientitymanaged == 2 || ($this->element != 'societe' && !$this->isnolinkedbythird && !$user->rights->societe->client->voir)) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity
if ($this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN (0,'.($mc->share ? $mc->share : $conf->entity).')'; if ($this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN (0,'.(! empty($conf->entities[$this->element]) ? $conf->entities[$this->element] : $conf->entity).')';
// Rem: Bug in some mysql version: SELECT MIN(rowid) FROM llx_socpeople WHERE rowid > 1 when one row in database with rowid=1, returns 1 instead of null // Rem: Bug in some mysql version: SELECT MIN(rowid) FROM llx_socpeople WHERE rowid > 1 when one row in database with rowid=1, returns 1 instead of null
//print $sql."<br>"; //print $sql."<br>";

10
htdocs/core/class/conf.class.php
View File

@@ -62,6 +62,7 @@ class Conf
var $login_method_modules = array(); var $login_method_modules = array();
var $need_smarty = array(); var $need_smarty = array();
var $modules = array(); var $modules = array();
var $entities = array();
var $logbuffer = array(); var $logbuffer = array();
@@ -183,6 +184,15 @@ class Conf
$this->modules[]=$module; $this->modules[]=$module;
} }
} }
// Sharings between entities
else if ($value && preg_match('/^MULTICOMPANY_([A-Z_]+)_SHARING$/',$key,$reg))
{
dol_include_once('/multicompany/class/actions_multicompany.class.php');
$mc = new ActionsMulticompany($db);
$module=strtolower($reg[1]);
$mc->getEntitySharing($module);
$this->entities[$module]=$mc->entities;
}
} }
$i++; $i++;
} }

22
htdocs/lib/functions.lib.php
View File

@@ -1918,14 +1918,6 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
// If dbtable not defined, we use same name for table than module name // If dbtable not defined, we use same name for table than module name
if (empty($dbtablename)) $dbtablename = $feature; if (empty($dbtablename)) $dbtablename = $feature;
// Sharings between entities
if ($conf->global->MAIN_MODULE_MULTICOMPANY)
{
dol_include_once('/multicompany/class/actions_multicompany.class.php');
$mc = new ActionsMulticompany($db);
$mc->getEntitySharing($dbtablename);
}
// Check permission for object with entity // Check permission for object with entity
if (in_array($feature,$check)) if (in_array($feature,$check))
@@ -1933,7 +1925,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
$sql = "SELECT dbt.".$dbt_select; $sql = "SELECT dbt.".$dbt_select;
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
$sql.= " WHERE dbt.".$dbt_select." = ".$objectid; $sql.= " WHERE dbt.".$dbt_select." = ".$objectid;
$sql.= " AND dbt.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " AND dbt.entity IN (0,".(! empty($conf->entities[$dbtablename]) ? $conf->entities[$dbtablename] : $conf->entity).")";
} }
else if (in_array($feature,$checksoc)) else if (in_array($feature,$checksoc))
{ {
@@ -1951,7 +1943,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
$sql.= " WHERE sc.fk_soc = ".$objectid; $sql.= " WHERE sc.fk_soc = ".$objectid;
$sql.= " AND sc.fk_user = ".$user->id; $sql.= " AND sc.fk_user = ".$user->id;
$sql.= " AND sc.fk_soc = s.rowid"; $sql.= " AND sc.fk_soc = s.rowid";
$sql.= " AND s.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " AND s.entity IN (0,".(! empty($conf->entities[$dbtablename]) ? $conf->entities[$dbtablename] : $conf->entity).")";
} }
// If multicompany and internal users with all permissions, check user is in correct entity // If multicompany and internal users with all permissions, check user is in correct entity
else if ($conf->global->MAIN_MODULE_MULTICOMPANY) else if ($conf->global->MAIN_MODULE_MULTICOMPANY)
@@ -1959,7 +1951,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
$sql = "SELECT s.rowid"; $sql = "SELECT s.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql.= " WHERE s.rowid = ".$objectid; $sql.= " WHERE s.rowid = ".$objectid;
$sql.= " AND s.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " AND s.entity IN (0,".(! empty($conf->entities[$dbtablename]) ? $conf->entities[$dbtablename] : $conf->entity).")";
} }
} }
else if (in_array($feature,$checkother)) else if (in_array($feature,$checkother))
@@ -1980,7 +1972,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = '".$user->id."'"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = '".$user->id."'";
$sql.= " WHERE dbt.rowid = ".$objectid; $sql.= " WHERE dbt.rowid = ".$objectid;
$sql.= " AND (dbt.fk_soc IS NULL OR sc.fk_soc IS NOT NULL)"; // Contact not linked to a company or to a company of user $sql.= " AND (dbt.fk_soc IS NULL OR sc.fk_soc IS NOT NULL)"; // Contact not linked to a company or to a company of user
$sql.= " AND dbt.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " AND dbt.entity IN (0,".(! empty($conf->entities[$dbtablename]) ? $conf->entities[$dbtablename] : $conf->entity).")";
} }
// If multicompany and internal users with all permissions, check user is in correct entity // If multicompany and internal users with all permissions, check user is in correct entity
else if ($conf->global->MAIN_MODULE_MULTICOMPANY) else if ($conf->global->MAIN_MODULE_MULTICOMPANY)
@@ -1988,7 +1980,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
$sql = "SELECT dbt.rowid"; $sql = "SELECT dbt.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
$sql.= " WHERE dbt.rowid = ".$objectid; $sql.= " WHERE dbt.rowid = ".$objectid;
$sql.= " AND dbt.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " AND dbt.entity IN (0,".(! empty($conf->entities[$dbtablename]) ? $conf->entities[$dbtablename] : $conf->entity).")";
} }
} }
else if (in_array($feature,$checkproject)) else if (in_array($feature,$checkproject))
@@ -2022,7 +2014,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
$sql.= " WHERE dbt.".$dbt_select." = ".$objectid; $sql.= " WHERE dbt.".$dbt_select." = ".$objectid;
$sql.= " AND sc.fk_soc = dbt.".$dbt_keyfield; $sql.= " AND sc.fk_soc = dbt.".$dbt_keyfield;
$sql.= " AND dbt.".$dbt_keyfield." = s.rowid"; $sql.= " AND dbt.".$dbt_keyfield." = s.rowid";
$sql.= " AND s.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " AND s.entity IN (0,".(! empty($conf->entities[$dbtablename]) ? $conf->entities[$dbtablename] : $conf->entity).")";
$sql.= " AND sc.fk_user = ".$user->id; $sql.= " AND sc.fk_user = ".$user->id;
} }
// If multicompany and internal users with all permissions, check user is in correct entity // If multicompany and internal users with all permissions, check user is in correct entity
@@ -2031,7 +2023,7 @@ function restrictedArea($user, $features='societe', $objectid=0, $dbtablename=''
$sql = "SELECT dbt.".$dbt_select; $sql = "SELECT dbt.".$dbt_select;
$sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
$sql.= " WHERE dbt.".$dbt_select." = ".$objectid; $sql.= " WHERE dbt.".$dbt_select." = ".$objectid;
$sql.= " AND dbt.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " AND dbt.entity IN (0,".(! empty($conf->entities[$dbtablename]) ? $conf->entities[$dbtablename] : $conf->entity).")";
} }
} }

12
htdocs/product/index.php
View File

@@ -41,14 +41,6 @@ $langs->load("products");
$product_static = new Product($db); $product_static = new Product($db);
// Sharings between entities
if ($conf->global->MAIN_MODULE_MULTICOMPANY)
{
dol_include_once('/multicompany/class/actions_multicompany.class.php');
$mc = new ActionsMulticompany($db);
$mc->getEntitySharing('product');
}
/* /*
* View * View
@@ -115,7 +107,7 @@ $prodser[0][0]=$prodser[0][1]=$prodser[1][0]=$prodser[1][1]=0;
$sql = "SELECT COUNT(p.rowid) as total, p.fk_product_type, p.tosell, p.tobuy"; $sql = "SELECT COUNT(p.rowid) as total, p.fk_product_type, p.tosell, p.tobuy";
$sql.= " FROM ".MAIN_DB_PREFIX."product as p"; $sql.= " FROM ".MAIN_DB_PREFIX."product as p";
$sql.= " WHERE p.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " WHERE p.entity IN (0,".(! empty($conf->entities['product']) ? $conf->entities['product'] : $conf->entity).")";
$sql.= " GROUP BY p.fk_product_type, p.tosell, p.tobuy"; $sql.= " GROUP BY p.fk_product_type, p.tosell, p.tobuy";
$result = $db->query($sql); $result = $db->query($sql);
while ($objp = $db->fetch_object($result)) while ($objp = $db->fetch_object($result))
@@ -175,7 +167,7 @@ $max=15;
$sql = "SELECT p.rowid, p.label, p.price, p.ref, p.fk_product_type, p.tosell, p.tobuy,"; $sql = "SELECT p.rowid, p.label, p.price, p.ref, p.fk_product_type, p.tosell, p.tobuy,";
$sql.= " p.tms as datem"; $sql.= " p.tms as datem";
$sql.= " FROM ".MAIN_DB_PREFIX."product as p"; $sql.= " FROM ".MAIN_DB_PREFIX."product as p";
$sql.= " WHERE p.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= " WHERE p.entity IN (0,".(! empty($conf->entities['product']) ? $conf->entities['product'] : $conf->entity).")";
if (empty($user->rights->produit->hidden) && empty($user->rights->service->hidden)) $sql.=' AND p.hidden=0'; if (empty($user->rights->produit->hidden) && empty($user->rights->service->hidden)) $sql.=' AND p.hidden=0';
else else
{ {

10
htdocs/product/liste.php
View File

@@ -81,14 +81,6 @@ else
else $result=restrictedArea($user,'produit|service'); else $result=restrictedArea($user,'produit|service');
} }
// Sharings between entities
if ($conf->global->MAIN_MODULE_MULTICOMPANY)
{
dol_include_once('/multicompany/class/actions_multicompany.class.php');
$mc = new ActionsMulticompany($db);
$mc->getEntitySharing('product');
}
/* /*
* Actions * Actions
@@ -156,7 +148,7 @@ if ($_GET["fourn_id"] > 0) // The DISTINCT is used to avoid duplicate from this
$fourn_id = $_GET["fourn_id"]; $fourn_id = $_GET["fourn_id"];
$sql.= ", ".MAIN_DB_PREFIX."product_fournisseur as pf"; $sql.= ", ".MAIN_DB_PREFIX."product_fournisseur as pf";
} }
$sql.= " WHERE p.entity IN (0,".($mc->share ? $mc->share : $conf->entity).")"; $sql.= ' WHERE p.entity IN (0,'.(! empty($conf->entities['product']) ? $conf->entities['product'] : $conf->entity).')';
if ($search_categ) $sql.= " AND p.rowid = cp.fk_product"; // Join for the needed table to filter by categ if ($search_categ) $sql.= " AND p.rowid = cp.fk_product"; // Join for the needed table to filter by categ
if (!$user->rights->produit->hidden && !$user->rights->service->hidden) if (!$user->rights->produit->hidden && !$user->rights->service->hidden)
{ {