Merge remote-tracking branch 'upstream/develop' into camelCaps

2026-02-08 00:52:01 +01:00 · 2018-08-25 09:07:04 +02:00
parent 6b6daf178f a896fb419f
commit d8bf4a0ecf
33 changed files with 180 additions and 80 deletions
--- a/htdocs/modulebuilder/template/class/api_mymodule.class.php
+++ b/htdocs/modulebuilder/template/class/api_mymodule.class.php
@@ -117,27 +117,29 @@ class MyModuleApi extends DolibarrApi

        $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';

+        $restictonsocid = 0;	// Set to 1 if there is a field socid in table of object
+
        // If the internal user must only see his customers, force searching by him
-        if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;
+        if ($restictonsocid && ! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;

-        $sql = "SELECT s.rowid";
-        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
-        $sql.= " FROM ".MAIN_DB_PREFIX."myobject as s";
+        $sql = "SELECT t.rowid";
+        if ($restictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
+        $sql.= " FROM ".MAIN_DB_PREFIX."myobject_mytable as t";

-        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
-        $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st";
-        $sql.= " WHERE s.fk_stcomm = st.id";
+        if ($restictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
+        $sql.= " WHERE 1 = 1";

        // Example of use $mode
        //if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
        //if ($mode == 2) $sql.= " AND s.client IN (2, 3)";

-        $sql.= ' AND s.entity IN ('.getEntity('myobject').')';
-        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.fk_soc = sc.fk_soc";
-        if ($socid) $sql.= " AND s.fk_soc = ".$socid;
-        if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc";		// Join for the needed table to filter by sale
+        $tmpobject = new MyObject($db);
+        if ($tmpobject->ismultientitymanaged) $sql.= ' AND t.entity IN ('.getEntity('myobject').')';
+        if ($restictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc";
+        if ($restictonsocid && $socid) $sql.= " AND t.fk_soc = ".$socid;
+        if ($restictonsocid && $search_sale > 0) $sql.= " AND t.rowid = sc.fk_soc";		// Join for the needed table to filter by sale
        // Insert sale filter
-        if ($search_sale > 0)
+        if ($restictonsocid && $search_sale > 0)
        {
            $sql .= " AND sc.fk_user = ".$search_sale;
        }
@@ -171,7 +173,7 @@ class MyModuleApi extends DolibarrApi
                $obj = $db->fetch_object($result);
                $myobject_static = new MyObject($db);
                if($myobject_static->fetch($obj->rowid)) {
-                    $obj_ret[] = parent::_cleanObjectDatas($myobject_static);
+                    $obj_ret[] = $this->_cleanObjectDatas($myobject_static);
                }
                $i++;
            }
@@ -254,7 +256,7 @@ class MyModuleApi extends DolibarrApi
     */
    function delete($id)
    {
-        if(! DolibarrApiAccess::$user->rights->myobject->supprimer) {
+    	if(! DolibarrApiAccess::$user->rights->myobject->delete) {
 			throw new RestException(401);
 		}
        $result = $this->myobject->fetch($id);
@@ -266,7 +268,7 @@ class MyModuleApi extends DolibarrApi
            throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
        }

-        if( !$this->myobject->delete($id))
+		if( !$this->myobject->delete(DolibarrApiAccess::$user, 0))
        {
            throw new RestException(500);
        }
@@ -280,6 +282,27 @@ class MyModuleApi extends DolibarrApi

    }

+
+    /**
+     * Clean sensible object datas
+     *
+     * @param   object  $object    Object to clean
+     * @return    array    Array of cleaned object properties
+     */
+    function _cleanObjectDatas($object)
+    {
+    	$object = parent::_cleanObjectDatas($object);
+
+    	/*unset($object->note);
+    	unset($object->address);
+    	unset($object->barcode_type);
+    	unset($object->barcode_type_code);
+    	unset($object->barcode_type_label);
+    	unset($object->barcode_type_coder);*/
+
+    	return $object;
+    }
+
    /**
     * Validate fields before create or update object
     *
--- a/htdocs/modulebuilder/template/class/myobject.class.php
+++ b/htdocs/modulebuilder/template/class/myobject.class.php
@@ -66,6 +66,7 @@ class MyObject extends CommonObject
 	 *  'position' is the sort order of field.
 	 *  'searchall' is 1 if we want to search in this field when making a search from the quick search button.
 	 *  'isameasure' must be set to 1 if you want to have a total on list for this field. Field type must be summable like integer or double(24,8).
+	 *  'css' is the CSS style to use on field. For example: 'maxwidth200'
 	 *  'help' is a string visible as a tooltip on field
 	 *  'comment' is not used. You can store here any text of your choice. It is not used by application.
 	 *  'showoncombobox' if value of the field must be visible into the label of the combobox that list record
@@ -285,7 +286,7 @@ class MyObject extends CommonObject
 	 */
 	function getNomUrl($withpicto=0, $option='', $notooltip=0, $morecss='', $save_lastsearch_value=-1)
 	{
-		global $db, $conf, $langs, $hoomanager;
+		global $db, $conf, $langs, $hookmanager;
        global $dolibarr_main_authentication, $dolibarr_main_demo;
        global $menumanager;

--- a/htdocs/modulebuilder/template/myobject_card.php
+++ b/htdocs/modulebuilder/template/myobject_card.php
@@ -122,7 +122,7 @@ if (empty($reshook))

 	$permissiontoadd = $user->rights->mymodule->write;
 	$permissiontodelete = $user->rights->mymodule->delete;
-	if (empty($backtopage)) $backtopage = dol_buildpath('/mymodule/myobject_card.php',1).'?id=__ID__';
+	if (empty($backtopage)) $backtopage = dol_buildpath('/mymodule/myobject_card.php',1).'?id='.($id > 0 ? $id : '__ID__');
 	$backurlforlist = dol_buildpath('/mymodule/myobject_list.php',1);
 	$triggermodname = 'MYMODULE_MYOBJECT_MODIFY';	// Name of trigger action code to execute when we modify record