Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-05 17:18:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX : Implementation of multi-company compatibility with inventory/warehouse management

Browse Source
This commit is contained in:
Adrien Raze
2025-11-26 12:30:22 +01:00
parent 1e16bf5160
commit c1c2358e75
4 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/lib/security.lib.php
View File

@@ -902,14 +902,14 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
$checkonentitydone = 0;
// Array to define rules of checks to do
$check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement'); // Test on entity only (Objects with no link to company)
$check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement', 'stock'); // Test on entity only (Objects with no link to company)
$checksoc = array('societe'); // Test for object Societe
$checkparentsoc = array('agenda', 'contact', 'contrat'); // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...).
$checkproject = array('projet', 'project'); // Test for project object
$checktask = array('projet_task', 'project_task'); // Test for task object
$checkhierarchy = array('expensereport', 'holiday', 'hrm'); // check permission among the hierarchy of user
$checkuser = array('bookmark'); // check permission among the fk_user (must be myself or null)
$nocheck = array('barcode', 'stock'); // No test
$nocheck = array('barcode'); // No test
//$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...).

4
htdocs/product/inventory/card.php
View File

@@ -42,9 +42,9 @@ $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'inv
$backtopage = GETPOST('backtopage', 'alpha');
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$result = restrictedArea($user, 'stock', $id);
$result = restrictedArea($user, 'stock', $id, 'inventory&stock');
} else {
$result = restrictedArea($user, 'stock', $id, '', 'inventory_advance');
$result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance');
}
// Initialize technical objects

4
htdocs/product/inventory/inventory.php
View File

@@ -59,9 +59,9 @@ $batch = GETPOST('batch', 'alphanohtml');
$totalExpectedValuation = 0;
$totalRealValuation = 0;
if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$result = restrictedArea($user, 'stock', $id);
$result = restrictedArea($user, 'stock', $id, 'inventory&stock');
} else {
$result = restrictedArea($user, 'stock', $id, '', 'inventory_advance');
$result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance');
}
// Initialize technical objects

3
htdocs/product/stock/card.php
View File

@@ -70,8 +70,7 @@ if (!$sortorder) {
$backtopage = GETPOST('backtopage', 'alpha');
// Security check
//$result=restrictedArea($user,'stock', $id, 'entrepot&stock');
$result = restrictedArea($user, 'stock');
$result=restrictedArea($user,'stock', $id, 'entrepot&stock');
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('warehousecard', 'globalcard'));