mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-05 09:08:09 +01:00
Compare commits
56 Commits
526da8e5a7
...
b4c374fd48
| Author | SHA1 | Date | |
|---|---|---|---|
|
b4c374fd48 | ||
|
|
c9d1f3baa3 | ||
|
|
a3dfae7792 | ||
|
|
78316a577d | ||
|
|
7e264b0097 | ||
|
|
12936afb13 | ||
|
|
3068a778da | ||
|
|
9d307a4238 | ||
|
|
193a42cd47 | ||
|
|
222cd76799 | ||
|
|
47799b88cf | ||
|
|
78ca968db6 | ||
|
|
e6f9741987 | ||
|
|
50db4e6499 | ||
|
|
0235e86f64 | ||
|
|
8deec3f918 | ||
|
|
7f3ac106fc | ||
|
|
c39cba8395 | ||
|
|
aa8fac1deb | ||
|
|
2ebdcfda5c | ||
|
|
70431043af | ||
|
|
ad37ece7bc | ||
|
|
11cd186e9a | ||
|
|
8dc2eb0fe4 | ||
|
|
66d3df4cc6 | ||
|
|
a1476fd221 | ||
|
|
59ccde0087 | ||
|
|
268996c672 | ||
|
|
ddd2927e31 | ||
|
|
b48fed1719 | ||
|
|
26a39d1cc8 | ||
|
|
6f18235bab | ||
|
|
1c697607b1 | ||
|
|
36415f1fd2 | ||
|
|
9941a20fa8 | ||
|
|
894bbd5786 | ||
|
|
55977d16f1 | ||
|
|
792070b5f5 | ||
|
|
64bab261a9 | ||
|
|
1c94462405 | ||
|
|
dad4bbddd2 | ||
|
|
0e1c580f11 | ||
|
|
4223ff08ce | ||
|
|
d16f8b68db | ||
|
|
8664f74154 | ||
|
|
f4bcf47008 | ||
|
|
5c6b4f62c8 | ||
|
|
d8891130f5 | ||
|
|
b2f9de7489 | ||
|
|
63cc9127ba | ||
|
|
097168cb05 | ||
|
|
f3b467a9ba | ||
|
|
4585facfcc | ||
|
|
c1c2358e75 | ||
|
|
1cd3ca3222 | ||
|
|
8ddf9f6075 |
24
.github/workflows/ci-on-release.yml
vendored
Normal file
24
.github/workflows/ci-on-release.yml
vendored
Normal file
@@ -0,0 +1,24 @@
|
||||
name: "CI-RELEASE"
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
jobs:
|
||||
trigger-docker:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Generate a token
|
||||
id: generate-token
|
||||
uses: actions/create-github-app-token@v2
|
||||
with:
|
||||
app-id: ${{ vars.RELEASE_DOCKER_ID }}
|
||||
private-key: ${{ secrets.RELEASE_DOCKER_SECRET }}
|
||||
|
||||
- uses: peter-evans/repository-dispatch@v4
|
||||
with:
|
||||
token: ${{ steps.generate-token.outputs.token }}
|
||||
repository: Dolibarr/dolibarr-docker
|
||||
event-type: new-release
|
||||
client-payload: '{"version": "${{ github.event.release.tag_name }}"}'
|
||||
@@ -606,6 +606,13 @@ if (empty($reshook)) {
|
||||
$lines[$i]->fk_unit
|
||||
);
|
||||
if ($result > 0) {
|
||||
if (!empty($lines[$i]->extraparams)) {
|
||||
$factureLine = new FactureLigne($db);
|
||||
$factureLine->id = $result;
|
||||
$factureLine->extraparams = $lines[$i]->extraparams;
|
||||
$factureLine->setExtraParameters();
|
||||
}
|
||||
|
||||
$lineid = $result;
|
||||
} else {
|
||||
$lineid = 0;
|
||||
|
||||
@@ -21,6 +21,7 @@
|
||||
use Luracast\Restler\RestException;
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/contrat/class/contrat.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
|
||||
|
||||
/**
|
||||
* API class for contracts
|
||||
@@ -76,7 +77,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->contract->fetchObjectLinked();
|
||||
@@ -158,7 +159,6 @@ class Contracts extends DolibarrApi
|
||||
$sql .= $this->db->plimit($limit + 1, $offset);
|
||||
}
|
||||
|
||||
dol_syslog("API Rest request");
|
||||
$result = $this->db->query($sql);
|
||||
|
||||
if ($result) {
|
||||
@@ -208,8 +208,19 @@ class Contracts extends DolibarrApi
|
||||
public function post($request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight('contrat', 'creer')) {
|
||||
throw new RestException(403, "Insufficient rights");
|
||||
throw new RestException(403, "Missing permission: Create/modify contracts/subscriptions");
|
||||
}
|
||||
|
||||
$socid = (int) $request_data['socid'];
|
||||
$thirdpartytmp = new Societe($this->db);
|
||||
$thirdparty_result = $thirdpartytmp->fetch($socid);
|
||||
if ($thirdparty_result < 1) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$socid.' not found or not allowed');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $thirdpartytmp->id)) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$thirdpartytmp->id.' not found or not allowed');
|
||||
}
|
||||
|
||||
// Check mandatory fields
|
||||
$result = $this->_validate($request_data);
|
||||
|
||||
@@ -268,7 +279,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$obj_ret = [];
|
||||
@@ -300,7 +311,6 @@ class Contracts extends DolibarrApi
|
||||
$sql .= $this->db->plimit($limit + 1, $offset);
|
||||
}
|
||||
|
||||
dol_syslog("API Rest request");
|
||||
$result = $this->db->query($sql);
|
||||
if ($result) {
|
||||
$num = $this->db->num_rows($result);
|
||||
@@ -360,7 +370,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
@@ -420,7 +430,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
@@ -568,7 +578,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->contract->active_line(DolibarrApiAccess::$user, $lineid, (int) $datestart, $dateend, $comment);
|
||||
@@ -606,7 +616,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->contract->close_line(DolibarrApiAccess::$user, $lineid, (int) $datestart, $comment);
|
||||
@@ -646,7 +656,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// TODO Check the lineid $lineid is a line of object
|
||||
@@ -673,14 +683,23 @@ class Contracts extends DolibarrApi
|
||||
if (!DolibarrApiAccess::$user->hasRight('contrat', 'creer')) {
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
$result = $this->contract->fetch($id);
|
||||
if (!$result) {
|
||||
throw new RestException(404, 'Contrat not found');
|
||||
}
|
||||
|
||||
$old_socid = $this->contract->socid;
|
||||
$oldthirdpartytmp = new Societe($this->db);
|
||||
$old_thirdparty_result = $oldthirdpartytmp->fetch($old_socid);
|
||||
if ($old_thirdparty_result < 1) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$old_socid.' not found or not allowed');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $old_socid)) {
|
||||
throw new RestException(403, 'Access to old thirdparty='.$old_socid.' is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
@@ -698,6 +717,18 @@ class Contracts extends DolibarrApi
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($field == 'socid') {
|
||||
$new_socid = (int) $value;
|
||||
$loopthirdpartytmp = new Societe($this->db);
|
||||
$new_thirdparty_result = $loopthirdpartytmp->fetch($new_socid);
|
||||
if ($new_thirdparty_result < 1) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$new_socid.' not found or not allowed');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $new_socid)) {
|
||||
throw new RestException(403, 'Access to new thirdparty='.$new_socid.' is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
}
|
||||
|
||||
$this->contract->$field = $this->_checkValForAPI($field, $value, $this->contract);
|
||||
}
|
||||
|
||||
@@ -720,7 +751,7 @@ class Contracts extends DolibarrApi
|
||||
public function delete($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight('contrat', 'supprimer')) {
|
||||
throw new RestException(403);
|
||||
throw new RestException(403, 'Missing permission: Delete contracts/subscriptions');
|
||||
}
|
||||
$result = $this->contract->fetch($id);
|
||||
if (!$result) {
|
||||
@@ -728,7 +759,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->contract->delete(DolibarrApiAccess::$user)) {
|
||||
@@ -773,7 +804,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->contract->validate(DolibarrApiAccess::$user, '', $notrigger);
|
||||
@@ -822,7 +853,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->contract->closeAll(DolibarrApiAccess::$user, $notrigger);
|
||||
|
||||
@@ -1225,7 +1225,7 @@ function GETPOSTDATE($prefix, $hourTime = '', $gm = 'auto', $saverestore = '')
|
||||
if ($hourTime === 'getpost' || $hourTime === 'getpostend') {
|
||||
$hour = (GETPOSTISSET($prefix . 'hour') && GETPOSTINT($prefix . 'hour') >= 0) ? GETPOSTINT($prefix . 'hour') : ($hourTime === 'getpostend' ? 23 : 0);
|
||||
$minute = (GETPOSTISSET($prefix . 'min') && GETPOSTINT($prefix . 'min') >= 0) ? GETPOSTINT($prefix . 'min') : ($hourTime === 'getpostend' ? 59 : 0);
|
||||
$second = (GETPOSTISSET($prefix . 'second') && GETPOSTINT($prefix . 'second') >= 0) ? GETPOSTINT($prefix . 'second') : ($hourTime === 'getpostend' ? 59 : 0);
|
||||
$second = (GETPOSTISSET($prefix . 'sec') && GETPOSTINT($prefix . 'sec') >= 0) ? GETPOSTINT($prefix . 'sec') : ($hourTime === 'getpostend' ? 59 : 0);
|
||||
} elseif (preg_match('/^(\d\d):(\d\d):(\d\d)$/', $hourTime, $m)) {
|
||||
$hour = intval($m[1]);
|
||||
$minute = intval($m[2]);
|
||||
@@ -15811,8 +15811,8 @@ function buildParamDate($prefix, $timestamp = null, $hourTime = '', $gm = 'auto'
|
||||
if ($hourTime === 'getpost' || ($timestamp !== null && dol_print_date($timestamp, '%H:%M:%S') !== '00:00:00')) {
|
||||
$TParam = array_merge($TParam, array(
|
||||
$prefix . 'hour' => intval(dol_print_date($timestamp, '%H')),
|
||||
$prefix . 'minute' => intval(dol_print_date($timestamp, '%M')),
|
||||
$prefix . 'second' => intval(dol_print_date($timestamp, '%S'))
|
||||
$prefix . 'min' => intval(dol_print_date($timestamp, '%M')),
|
||||
$prefix . 'sec' => intval(dol_print_date($timestamp, '%S'))
|
||||
));
|
||||
}
|
||||
|
||||
|
||||
@@ -993,14 +993,14 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
|
||||
$checkonentitydone = 0;
|
||||
|
||||
// Array to define rules of checks to do
|
||||
$check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement'); // Test on entity only (Objects with no link to company)
|
||||
$check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement', 'stock'); // Test on entity only (Objects with no link to company)
|
||||
$checksoc = array('societe'); // Test for object Societe
|
||||
$checkparentsoc = array('agenda', 'contact', 'contrat'); // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...).
|
||||
$checkproject = array('projet', 'project'); // Test for project object
|
||||
$checktask = array('projet_task', 'project_task'); // Test for task object
|
||||
$checkhierarchy = array('expensereport', 'holiday', 'hrm'); // check permission among the hierarchy of user
|
||||
$checkuser = array('bookmark'); // check permission among the fk_user (must be myself or null)
|
||||
$nocheck = array('barcode', 'stock'); // No test
|
||||
$nocheck = array('barcode'); // No test
|
||||
|
||||
//$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...).
|
||||
|
||||
|
||||
@@ -13,6 +13,7 @@
|
||||
* Copyright (C) 2023-2024 William Mead <william.mead@manchenumerique.fr>
|
||||
* Copyright (C) 2024-2025 MDW <mdeweerd@users.noreply.github.com>
|
||||
* Copyright (C) 2024 Alexandre Spangaro <alexandre@inovea-conseil.com>
|
||||
* Copyright (C) 2025 Pierre Ardoin <developpeur@lesmetiersdubatiment.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
||||
@@ -358,8 +358,8 @@ class CommandeFournisseurLigne extends CommonOrderLine
|
||||
} else {
|
||||
$sql .= "null,";
|
||||
}
|
||||
$sql .= "'".$this->db->escape((string) $this->product_type)."',";
|
||||
$sql .= ((int) $this->special_code) . ",";
|
||||
$sql .= ((int) $this->product_type).",";
|
||||
$sql .= ((int) $this->special_code).",";
|
||||
$sql .= "'".$this->db->escape((string) $this->rang)."',";
|
||||
$sql .= "'".$this->db->escape((string) $this->qty)."', ";
|
||||
$sql .= " ".(empty($this->vat_src_code) ? "''" : "'".$this->db->escape((string) $this->vat_src_code)."'").",";
|
||||
|
||||
@@ -225,7 +225,7 @@ class Evaluation extends CommonObject
|
||||
}
|
||||
|
||||
if (!$user->hasRight('hrm', 'evaluation', 'readall')) {
|
||||
$this->fields['fk_user']['type'] .= ':t.rowid:IN:'.$this->db->sanitize(implode(",", $user->getAllChildIds(1)));
|
||||
$this->fields['fk_user']['type'] .= ' AND (t.rowid:IN:'.$this->db->sanitize(implode(",", $user->getAllChildIds(1))) .')';
|
||||
}
|
||||
|
||||
$this->date_eval = dol_now();
|
||||
|
||||
@@ -105,8 +105,9 @@ $permissiontoread = $user->hasRight('hrm', 'evaluation', 'read'); // Used by the
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft);
|
||||
$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0;
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
if (!isModEnabled('hrm')) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
@@ -71,10 +71,8 @@ $permission = $user->hasRight('hrm', 'evaluation', 'write');
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
//if (empty($conf->hrm->enabled)) accessforbidden();
|
||||
//if (!$permissiontoread) accessforbidden();
|
||||
$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0;
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -94,16 +94,12 @@ $permissiontoadd = $user->hasRight('hrm', 'evaluation', 'write'); // Used by th
|
||||
$permissiontoread = $user->hasRight('hrm', 'evaluation', 'read');
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
if (empty($conf->hrm->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$permissiontoread) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0;
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
if (!isModEnabled('hrm')) accessforbidden();
|
||||
if (!$permissiontoread) accessforbidden();
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -75,10 +75,10 @@ $permissiontoread = $user->hasRight('hrm', 'evaluation', 'read'); // Used by th
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
//if (empty($conf->hrm->enabled)) accessforbidden();
|
||||
//if (!$permissiontoread) accessforbidden();
|
||||
$isdraft = (($object->status == Evaluation::STATUS_DRAFT) ? 1 : 0);
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
if (empty($conf->hrm->enabled)) accessforbidden();
|
||||
if (!$permissiontoread) accessforbidden();
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -55,9 +55,9 @@ $include_sub_warehouse = !empty(GETPOST('include_sub_warehouse')) ? GETPOST('inc
|
||||
$hookmanager->initHooks(array('inventorycard', 'globalcard')); // Note that conf->hooks_modules contains array
|
||||
|
||||
if (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
|
||||
$result = restrictedArea($user, 'stock', $id);
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock');
|
||||
} else {
|
||||
$result = restrictedArea($user, 'stock', $id, '', 'inventory_advance');
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance');
|
||||
}
|
||||
|
||||
// Initialize a technical objects
|
||||
|
||||
@@ -72,9 +72,9 @@ $totalExpectedValuation = 0;
|
||||
$totalRealValuation = 0;
|
||||
$hookmanager->initHooks(array('inventorycard')); // Note that conf->hooks_modules contains array
|
||||
if (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
|
||||
$result = restrictedArea($user, 'stock', $id);
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock');
|
||||
} else {
|
||||
$result = restrictedArea($user, 'stock', $id, '', 'inventory_advance');
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance');
|
||||
}
|
||||
|
||||
// Initialize a technical objects
|
||||
|
||||
@@ -85,8 +85,7 @@ if (!$sortorder) {
|
||||
$hookmanager->initHooks(array('warehousecard', 'stocklist', 'globalcard'));
|
||||
|
||||
// Security check
|
||||
//$result=restrictedArea($user,'stock', $id, 'entrepot&stock');
|
||||
$result = restrictedArea($user, 'stock');
|
||||
$result=restrictedArea($user, 'stock', $id, 'entrepot&stock');
|
||||
|
||||
$object = new Entrepot($db);
|
||||
$extrafields = new ExtraFields($db);
|
||||
|
||||
@@ -536,7 +536,7 @@ class Tasks extends DolibarrApi
|
||||
*
|
||||
* @url GET {id}/getTimeSpent/{timespent_id}
|
||||
*
|
||||
* @return TimeSpent
|
||||
* @return Object data without useless information
|
||||
*
|
||||
* @throws RestException
|
||||
*/
|
||||
@@ -945,8 +945,4 @@ class Tasks extends DolibarrApi
|
||||
}
|
||||
return $object;
|
||||
}
|
||||
|
||||
|
||||
// \todo
|
||||
// getSummaryOfTimeSpent
|
||||
}
|
||||
|
||||
@@ -141,7 +141,7 @@ if (g.getDivId() != null)
|
||||
'task_name' => $projecttmp->ref.' '.$projecttmp->title,
|
||||
'task_resources' => '',
|
||||
'task_start_date' => $projecttmp->date_start,
|
||||
'task_end_date' => $projecttmp->date_end,
|
||||
'task_end_date' => (!empty($projecttmp->date_end) ? $projecttmp->date_end : 0),
|
||||
'task_is_group' => 1, 'task_position' => 0, 'task_css' => 'ggroupblack', 'task_milestone' => 0, 'task_parent' => 0, 'task_parent_alternate_id' => 0,
|
||||
'note' => '',
|
||||
'task_planned_workload' => 0
|
||||
|
||||
Reference in New Issue
Block a user