mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-05 09:08:09 +01:00
Compare commits
89 Commits
phpstan-ba
...
22.0
| Author | SHA1 | Date | |
|---|---|---|---|
|
b4c374fd48 | ||
|
|
c9d1f3baa3 | ||
|
|
a3dfae7792 | ||
|
|
78316a577d | ||
|
|
7e264b0097 | ||
|
|
12936afb13 | ||
|
|
3068a778da | ||
|
|
9d307a4238 | ||
|
|
193a42cd47 | ||
|
|
222cd76799 | ||
|
|
47799b88cf | ||
|
|
78ca968db6 | ||
|
|
e6f9741987 | ||
|
|
50db4e6499 | ||
|
|
0235e86f64 | ||
|
|
526da8e5a7 | ||
|
|
8deec3f918 | ||
|
|
23db225ec3 | ||
|
|
d647a95de8 | ||
|
|
7f3ac106fc | ||
|
|
c39cba8395 | ||
|
|
aa8fac1deb | ||
|
|
68004a4009 | ||
|
|
a38ffa02ac | ||
|
|
2ebdcfda5c | ||
|
|
70431043af | ||
|
|
ad37ece7bc | ||
|
|
11cd186e9a | ||
|
|
8dc2eb0fe4 | ||
|
|
66d3df4cc6 | ||
|
|
a1476fd221 | ||
|
|
59ccde0087 | ||
|
|
268996c672 | ||
|
|
ddd2927e31 | ||
|
|
b48fed1719 | ||
|
|
26a39d1cc8 | ||
|
|
6f18235bab | ||
|
|
1c697607b1 | ||
|
|
36415f1fd2 | ||
|
|
9941a20fa8 | ||
|
|
6545957cbd | ||
|
|
7828311250 | ||
|
|
efd58a5f48 | ||
|
|
6fbc380e52 | ||
|
|
14c949c8c9 | ||
|
|
894bbd5786 | ||
|
|
55977d16f1 | ||
|
|
792070b5f5 | ||
|
|
64bab261a9 | ||
|
|
1c94462405 | ||
|
|
dad4bbddd2 | ||
|
|
0e1c580f11 | ||
|
|
a96727726e | ||
|
|
9cd4c05f5b | ||
|
|
4223ff08ce | ||
|
|
d16f8b68db | ||
|
|
819453b546 | ||
|
|
9801f022f9 | ||
|
|
f7fee10e23 | ||
|
|
579f1ab1f7 | ||
|
|
bd31e922c8 | ||
|
|
6676171146 | ||
|
|
58afc38ec4 | ||
|
|
9a47931329 | ||
|
|
dbd98af0c3 | ||
|
|
18d8cfd510 | ||
|
|
9b0732dd49 | ||
|
|
8664f74154 | ||
|
|
f4bcf47008 | ||
|
|
5c6b4f62c8 | ||
|
|
d8891130f5 | ||
|
|
b2f9de7489 | ||
|
|
2dcdf773d0 | ||
|
|
63cc9127ba | ||
|
|
097168cb05 | ||
|
|
f1971e1d14 | ||
|
|
5103e2d846 | ||
|
|
9e44c0a5c9 | ||
|
|
f3b467a9ba | ||
|
|
4585facfcc | ||
|
|
c1c2358e75 | ||
|
|
b2bb2fea1b | ||
|
|
5a5764d73c | ||
|
|
e9a8a4efca | ||
|
|
3f90e51792 | ||
|
|
966a69bab0 | ||
|
|
b4b202cb18 | ||
|
|
1cd3ca3222 | ||
|
|
8ddf9f6075 |
24
.github/workflows/ci-on-release.yml
vendored
Normal file
24
.github/workflows/ci-on-release.yml
vendored
Normal file
@@ -0,0 +1,24 @@
|
||||
name: "CI-RELEASE"
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
jobs:
|
||||
trigger-docker:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Generate a token
|
||||
id: generate-token
|
||||
uses: actions/create-github-app-token@v2
|
||||
with:
|
||||
app-id: ${{ vars.RELEASE_DOCKER_ID }}
|
||||
private-key: ${{ secrets.RELEASE_DOCKER_SECRET }}
|
||||
|
||||
- uses: peter-evans/repository-dispatch@v4
|
||||
with:
|
||||
token: ${{ steps.generate-token.outputs.token }}
|
||||
repository: Dolibarr/dolibarr-docker
|
||||
event-type: new-release
|
||||
client-payload: '{"version": "${{ github.event.release.tag_name }}"}'
|
||||
@@ -19,6 +19,7 @@
|
||||
* Copyright (C) 2023 William Mead <william.mead@manchenumerique.fr>
|
||||
* Copyright (C) 2024-2025 MDW <mdeweerd@users.noreply.github.com>
|
||||
* Copyright (C) 2024 Alexandre Spangaro <alexandre@inovea-conseil.com>
|
||||
* Copyright (C) 2025 Benjamin Falière <benjamin@faliere.com>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@@ -1932,6 +1933,12 @@ if (empty($reshook)) {
|
||||
|
||||
$type = $product->type;
|
||||
$price_base_type = $product->price_base_type;
|
||||
|
||||
// If base type TTc, we change pu value to define the TTC one
|
||||
if ($price_base_type == 'TTC') {
|
||||
$pu = $pu_ttc;
|
||||
}
|
||||
|
||||
$label = ((GETPOST('update_label') && GETPOST('product_label')) ? GETPOST('product_label') : '');
|
||||
|
||||
$price_min = $product->price_min;
|
||||
@@ -3456,14 +3463,15 @@ if ($action == 'create') {
|
||||
if (empty($reshook)) {
|
||||
if ($action != 'editline') {
|
||||
// Subtotal
|
||||
if ($object->status == Propal::STATUS_DRAFT && isModEnabled('subtotals') && getDolGlobalString('SUBTOTAL_TITLE_'.strtoupper($object->element))) {
|
||||
if ($object->status == Propal::STATUS_DRAFT && isModEnabled('subtotals')
|
||||
&& (getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element)) || getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element)))) {
|
||||
$langs->load('subtotals');
|
||||
|
||||
$url_button = array();
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('propal') && $object->status == Propal::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('propal') && $object->status == Propal::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddTitleLine'),
|
||||
'url' => '/comm/propal/card.php?id='.$object->id.'&action=add_title_line&token='.newToken()
|
||||
@@ -3471,7 +3479,7 @@ if ($action == 'create') {
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('propal') && $object->status == Propal::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('propal') && $object->status == Propal::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddSubtotalLine'),
|
||||
'url' => '/comm/propal/card.php?id='.$object->id.'&action=add_subtotal_line&token='.newToken()
|
||||
|
||||
@@ -3445,14 +3445,15 @@ if ($action == 'create' && $usercancreate) {
|
||||
}
|
||||
|
||||
// Subtotal
|
||||
if ($object->status == Commande::STATUS_DRAFT && isModEnabled('subtotals') && getDolGlobalString('SUBTOTAL_TITLE_'.strtoupper($object->element))) {
|
||||
if ($object->status == Commande::STATUS_DRAFT && isModEnabled('subtotals')
|
||||
&& (getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element)) || getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element)))) {
|
||||
$langs->load('subtotals');
|
||||
|
||||
$url_button = array();
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('order') && $object->status == Commande::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('order') && $object->status == Commande::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddTitleLine'),
|
||||
'url' => '/commande/card.php?id='.$object->id.'&action=add_title_line&token='.newToken()
|
||||
@@ -3460,7 +3461,7 @@ if ($action == 'create' && $usercancreate) {
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('order') && $object->status == Commande::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('order') && $object->status == Commande::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddSubtotalLine'),
|
||||
'url' => '/commande/card.php?id='.$object->id.'&action=add_subtotal_line&token='.newToken()
|
||||
|
||||
@@ -606,6 +606,13 @@ if (empty($reshook)) {
|
||||
$lines[$i]->fk_unit
|
||||
);
|
||||
if ($result > 0) {
|
||||
if (!empty($lines[$i]->extraparams)) {
|
||||
$factureLine = new FactureLigne($db);
|
||||
$factureLine->id = $result;
|
||||
$factureLine->extraparams = $lines[$i]->extraparams;
|
||||
$factureLine->setExtraParameters();
|
||||
}
|
||||
|
||||
$lineid = $result;
|
||||
} else {
|
||||
$lineid = 0;
|
||||
|
||||
@@ -2076,14 +2076,15 @@ if ($action == 'create') {
|
||||
);
|
||||
|
||||
// Subtotal
|
||||
if (empty($object->suspended) && isModEnabled('subtotals') && getDolGlobalString('SUBTOTAL_TITLE_'.strtoupper($object->element))) {
|
||||
if (empty($object->suspended) && isModEnabled('subtotals')
|
||||
&& (getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element)) || getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element)))) {
|
||||
$langs->load("subtotals");
|
||||
|
||||
$url_button = array();
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddTitleLine'),
|
||||
'url' => '/compta/facture/card-rec.php?id='.$object->id.'&action=add_title_line&token='.newToken()
|
||||
@@ -2091,7 +2092,7 @@ if ($action == 'create') {
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddSubtotalLine'),
|
||||
'url' => '/compta/facture/card-rec.php?id='.$object->id.'&action=add_subtotal_line&token='.newToken()
|
||||
|
||||
@@ -6390,14 +6390,15 @@ if ($action == 'create') {
|
||||
}
|
||||
|
||||
// Subtotal
|
||||
if ($object->status == Facture::STATUS_DRAFT && isModEnabled('subtotals') && getDolGlobalString('SUBTOTAL_TITLE_'.strtoupper($object->element))) {
|
||||
if ($object->status == Facture::STATUS_DRAFT && isModEnabled('subtotals')
|
||||
&& (getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element)) || getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element)))) {
|
||||
$langs->load("subtotals");
|
||||
|
||||
$url_button = array();
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_TITLE_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddTitleLine'),
|
||||
'url' => '/compta/facture/card.php?facid='.$object->id.'&action=add_title_line&token='.newToken()
|
||||
@@ -6405,7 +6406,7 @@ if ($action == 'create') {
|
||||
|
||||
$url_button[] = array(
|
||||
'lang' => 'subtotals',
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT),
|
||||
'enabled' => (isModEnabled('invoice') && $object->status == Facture::STATUS_DRAFT && getDolGlobalInt('SUBTOTAL_'.strtoupper($object->element))),
|
||||
'perm' => (bool) $usercancreate,
|
||||
'label' => $langs->trans('AddSubtotalLine'),
|
||||
'url' => '/compta/facture/card.php?facid='.$object->id.'&action=add_subtotal_line&token='.newToken()
|
||||
|
||||
@@ -21,6 +21,7 @@
|
||||
use Luracast\Restler\RestException;
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/contrat/class/contrat.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
|
||||
|
||||
/**
|
||||
* API class for contracts
|
||||
@@ -76,7 +77,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->contract->fetchObjectLinked();
|
||||
@@ -158,7 +159,6 @@ class Contracts extends DolibarrApi
|
||||
$sql .= $this->db->plimit($limit + 1, $offset);
|
||||
}
|
||||
|
||||
dol_syslog("API Rest request");
|
||||
$result = $this->db->query($sql);
|
||||
|
||||
if ($result) {
|
||||
@@ -208,8 +208,19 @@ class Contracts extends DolibarrApi
|
||||
public function post($request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight('contrat', 'creer')) {
|
||||
throw new RestException(403, "Insufficient rights");
|
||||
throw new RestException(403, "Missing permission: Create/modify contracts/subscriptions");
|
||||
}
|
||||
|
||||
$socid = (int) $request_data['socid'];
|
||||
$thirdpartytmp = new Societe($this->db);
|
||||
$thirdparty_result = $thirdpartytmp->fetch($socid);
|
||||
if ($thirdparty_result < 1) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$socid.' not found or not allowed');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $thirdpartytmp->id)) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$thirdpartytmp->id.' not found or not allowed');
|
||||
}
|
||||
|
||||
// Check mandatory fields
|
||||
$result = $this->_validate($request_data);
|
||||
|
||||
@@ -268,7 +279,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$obj_ret = [];
|
||||
@@ -300,7 +311,6 @@ class Contracts extends DolibarrApi
|
||||
$sql .= $this->db->plimit($limit + 1, $offset);
|
||||
}
|
||||
|
||||
dol_syslog("API Rest request");
|
||||
$result = $this->db->query($sql);
|
||||
if ($result) {
|
||||
$num = $this->db->num_rows($result);
|
||||
@@ -360,7 +370,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
@@ -420,7 +430,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
@@ -568,7 +578,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->contract->active_line(DolibarrApiAccess::$user, $lineid, (int) $datestart, $dateend, $comment);
|
||||
@@ -606,7 +616,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->contract->close_line(DolibarrApiAccess::$user, $lineid, (int) $datestart, $comment);
|
||||
@@ -646,7 +656,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// TODO Check the lineid $lineid is a line of object
|
||||
@@ -673,14 +683,23 @@ class Contracts extends DolibarrApi
|
||||
if (!DolibarrApiAccess::$user->hasRight('contrat', 'creer')) {
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
$result = $this->contract->fetch($id);
|
||||
if (!$result) {
|
||||
throw new RestException(404, 'Contrat not found');
|
||||
}
|
||||
|
||||
$old_socid = $this->contract->socid;
|
||||
$oldthirdpartytmp = new Societe($this->db);
|
||||
$old_thirdparty_result = $oldthirdpartytmp->fetch($old_socid);
|
||||
if ($old_thirdparty_result < 1) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$old_socid.' not found or not allowed');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $old_socid)) {
|
||||
throw new RestException(403, 'Access to old thirdparty='.$old_socid.' is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
@@ -698,6 +717,18 @@ class Contracts extends DolibarrApi
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($field == 'socid') {
|
||||
$new_socid = (int) $value;
|
||||
$loopthirdpartytmp = new Societe($this->db);
|
||||
$new_thirdparty_result = $loopthirdpartytmp->fetch($new_socid);
|
||||
if ($new_thirdparty_result < 1) {
|
||||
throw new RestException(404, 'Thirdparty with id='.$new_socid.' not found or not allowed');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $new_socid)) {
|
||||
throw new RestException(403, 'Access to new thirdparty='.$new_socid.' is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
}
|
||||
|
||||
$this->contract->$field = $this->_checkValForAPI($field, $value, $this->contract);
|
||||
}
|
||||
|
||||
@@ -720,7 +751,7 @@ class Contracts extends DolibarrApi
|
||||
public function delete($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight('contrat', 'supprimer')) {
|
||||
throw new RestException(403);
|
||||
throw new RestException(403, 'Missing permission: Delete contracts/subscriptions');
|
||||
}
|
||||
$result = $this->contract->fetch($id);
|
||||
if (!$result) {
|
||||
@@ -728,7 +759,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->contract->delete(DolibarrApiAccess::$user)) {
|
||||
@@ -773,7 +804,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->contract->validate(DolibarrApiAccess::$user, '', $notrigger);
|
||||
@@ -822,7 +853,7 @@ class Contracts extends DolibarrApi
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access to this contract is not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->contract->closeAll(DolibarrApiAccess::$user, $notrigger);
|
||||
|
||||
@@ -57,6 +57,9 @@ class CLeadStatus extends CommonDict
|
||||
*/
|
||||
public $percent;
|
||||
|
||||
/**
|
||||
* @var array<string,array{type:string,label:string,enabled:int<0,2>|string,position:int,notnull?:int,visible:int<-5,5>|string,alwayseditable?:int<0,1>,noteditable?:int<0,1>,default?:string,index?:int,foreignkey?:string,searchall?:int<0,1>,isameasure?:int<0,1>,css?:string,csslist?:string,help?:string,showoncombobox?:int<0,4>,disabled?:int<0,1>,arrayofkeyval?:array<int|string,string>,autofocusoncreate?:int<0,1>,comment?:string,copytoclipboard?:int<1,2>,validate?:int<0,1>,showonheader?:int<0,1>}>
|
||||
*/
|
||||
public $fields = array(
|
||||
'rowid' => array('type' => 'integer', 'label' => 'TechnicalID', 'enabled' => 1, 'position' => 1, 'notnull' => 1, 'visible' => 0, 'noteditable' => 1, 'index' => 1, 'css' => 'left', 'comment' => "Id"),
|
||||
'label' => array('type' => 'varchar(128)', 'label' => 'Label', 'enabled' => 1, 'position' => 20, 'notnull' => 1, 'visible' => 1, 'index' => 1, 'searchall' => 1, 'showoncombobox' => 1, 'comment' => "Label of status"),
|
||||
|
||||
@@ -818,7 +818,9 @@ class FormFile
|
||||
$out .= '<input type="hidden" name="page_y" value="">';
|
||||
$out .= '<input type="hidden" name="token" value="'.newToken().'">';
|
||||
|
||||
$out .= load_fiche_titre($titletoshow, '', '');
|
||||
if ($titletoshow) {
|
||||
$out .= load_fiche_titre($titletoshow, '', '');
|
||||
}
|
||||
$out .= '<div class="div-table-responsive-no-min">';
|
||||
$out .= '<table class="liste formdoc noborder centpercent">';
|
||||
|
||||
|
||||
@@ -105,6 +105,7 @@ class TimeSpent extends CommonObject
|
||||
*/
|
||||
public $fields = array(
|
||||
'rowid' => array('type' => 'integer', 'label' => 'TechnicalID', 'enabled' => 1, 'position' => 1, 'notnull' => 1, 'visible' => 0, 'noteditable' => 1, 'index' => 1, 'css' => 'left', 'comment' => "Id"),
|
||||
'ref_ext' => array('type' => 'varchar(255)', 'label' => 'RefExt', 'enabled' => 1, 'visible' => 0, 'position' => 20),
|
||||
'tms' => array('type' => 'timestamp', 'label' => 'DateModification', 'enabled' => 1, 'position' => 17, 'notnull' => 0, 'visible' => -2,),
|
||||
'import_key' => array('type' => 'varchar(14)', 'label' => 'import_key', 'enabled' => 1, 'position' => 15, 'notnull' => 0, 'visible' => -1,),
|
||||
'fk_element' => array('type' => 'integer', 'label' => 'fk_element', 'enabled' => 1, 'position' => 2, 'notnull' => 1, 'visible' => -1,),
|
||||
|
||||
@@ -1225,7 +1225,7 @@ function GETPOSTDATE($prefix, $hourTime = '', $gm = 'auto', $saverestore = '')
|
||||
if ($hourTime === 'getpost' || $hourTime === 'getpostend') {
|
||||
$hour = (GETPOSTISSET($prefix . 'hour') && GETPOSTINT($prefix . 'hour') >= 0) ? GETPOSTINT($prefix . 'hour') : ($hourTime === 'getpostend' ? 23 : 0);
|
||||
$minute = (GETPOSTISSET($prefix . 'min') && GETPOSTINT($prefix . 'min') >= 0) ? GETPOSTINT($prefix . 'min') : ($hourTime === 'getpostend' ? 59 : 0);
|
||||
$second = (GETPOSTISSET($prefix . 'second') && GETPOSTINT($prefix . 'second') >= 0) ? GETPOSTINT($prefix . 'second') : ($hourTime === 'getpostend' ? 59 : 0);
|
||||
$second = (GETPOSTISSET($prefix . 'sec') && GETPOSTINT($prefix . 'sec') >= 0) ? GETPOSTINT($prefix . 'sec') : ($hourTime === 'getpostend' ? 59 : 0);
|
||||
} elseif (preg_match('/^(\d\d):(\d\d):(\d\d)$/', $hourTime, $m)) {
|
||||
$hour = intval($m[1]);
|
||||
$minute = intval($m[2]);
|
||||
@@ -15811,8 +15811,8 @@ function buildParamDate($prefix, $timestamp = null, $hourTime = '', $gm = 'auto'
|
||||
if ($hourTime === 'getpost' || ($timestamp !== null && dol_print_date($timestamp, '%H:%M:%S') !== '00:00:00')) {
|
||||
$TParam = array_merge($TParam, array(
|
||||
$prefix . 'hour' => intval(dol_print_date($timestamp, '%H')),
|
||||
$prefix . 'minute' => intval(dol_print_date($timestamp, '%M')),
|
||||
$prefix . 'second' => intval(dol_print_date($timestamp, '%S'))
|
||||
$prefix . 'min' => intval(dol_print_date($timestamp, '%M')),
|
||||
$prefix . 'sec' => intval(dol_print_date($timestamp, '%S'))
|
||||
));
|
||||
}
|
||||
|
||||
|
||||
@@ -976,6 +976,7 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
|
||||
}
|
||||
if ($feature == 'task' || $feature == 'projet_task') {
|
||||
$feature = 'project_task';
|
||||
$dbtablename = 'projet_task';
|
||||
}
|
||||
if ($feature == 'eventorganization') {
|
||||
$feature = 'agenda';
|
||||
@@ -992,14 +993,14 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
|
||||
$checkonentitydone = 0;
|
||||
|
||||
// Array to define rules of checks to do
|
||||
$check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement'); // Test on entity only (Objects with no link to company)
|
||||
$check = array('adherent', 'banque', 'bom', 'don', 'mrp', 'user', 'usergroup', 'payment', 'payment_supplier', 'payment_sc', 'product', 'produit', 'service', 'produit|service', 'categorie', 'resource', 'expensereport', 'holiday', 'salaries', 'website', 'recruitment', 'chargesociales', 'knowledgemanagement', 'stock'); // Test on entity only (Objects with no link to company)
|
||||
$checksoc = array('societe'); // Test for object Societe
|
||||
$checkparentsoc = array('agenda', 'contact', 'contrat'); // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...).
|
||||
$checkproject = array('projet', 'project'); // Test for project object
|
||||
$checktask = array('projet_task', 'project_task'); // Test for task object
|
||||
$checkhierarchy = array('expensereport', 'holiday', 'hrm'); // check permission among the hierarchy of user
|
||||
$checkuser = array('bookmark'); // check permission among the fk_user (must be myself or null)
|
||||
$nocheck = array('barcode', 'stock'); // No test
|
||||
$nocheck = array('barcode'); // No test
|
||||
|
||||
//$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...).
|
||||
|
||||
@@ -1052,6 +1053,9 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
|
||||
if ($user->socid != $objectid) {
|
||||
return false;
|
||||
}
|
||||
} elseif (isModEnabled('societe') && !$user->hasRight('societe', 'lire') && !$user->hasRight('societe', 'client', 'voir')) {
|
||||
dol_syslog("security.lib.php::checkUserAccessToObject Deny access due: (isModEnabled('societe') && !user->hasRight('societe', 'lire') && !user->hasRight('societe', 'client', 'voir'))", LOG_DEBUG);
|
||||
return false;
|
||||
} elseif (isModEnabled("societe") && ($user->hasRight('societe', 'lire') && !$user->hasRight('societe', 'client', 'voir'))) {
|
||||
// If internal user: Check permission for internal users that are restricted on their objects
|
||||
$sql = "SELECT COUNT(sc.fk_soc) as nb";
|
||||
@@ -1236,7 +1240,7 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
|
||||
// the user can't view any evaluations
|
||||
return false;
|
||||
}
|
||||
// the user can only their own evaluations or their subordinates'
|
||||
// the user can only see their own evaluations or their subordinates'
|
||||
return in_array($useridtocheck, $childids);
|
||||
}
|
||||
}
|
||||
@@ -1258,12 +1262,13 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
dol_syslog("Bad forged sql in checkUserAccessToObject", LOG_WARNING);
|
||||
dol_syslog("Bad forged sql in security.lib.php::checkUserAccessToObject", LOG_WARNING);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
dol_syslog("security.lib.php::checkUserAccessToObject::return True", LOG_DEBUG);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@@ -339,18 +339,18 @@ class modEventOrganization extends DolibarrModules
|
||||
$this->export_TypeFields_array[$r]['t.fk_soc'] = 'Numeric';
|
||||
//$this->export_fields_array[$r]['t.fieldtoadd']='FieldToAdd'; $this->export_TypeFields_array[$r]['t.fieldtoadd']='Text';
|
||||
//unset($this->export_fields_array[$r]['t.fieldtoremove']);
|
||||
$keyforselect = 'conferenceorboothattendee';
|
||||
$keyforselect = 'eventorganization_conferenceorboothattendee'; // The value in column elementtype of llx_extrafields table
|
||||
$keyforaliasextra = 'extra';
|
||||
$keyforelement = 'conferenceorboothattendee';
|
||||
$keyforelement = 'conferenceorboothattendee'; // The value of key for icon and class
|
||||
include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php';
|
||||
//$this->export_dependencies_array[$r] = array('aaaline'=>array('tl.rowid','tl.ref')); // To force to activate one or several fields if we select some fields that need same (like to select a unique key if we ask a field of a child to avoid the DISTINCT to discard them, or for computed field than need several other fields)
|
||||
//$this->export_special_array[$r] = array('t.field'=>'...');
|
||||
//$this->export_examplevalues_array[$r] = array('t.field'=>'Example');
|
||||
//$this->export_help_array[$r] = array('t.field'=>'FieldDescHelp');
|
||||
$this->export_sql_start[$r] = 'SELECT DISTINCT ';
|
||||
$this->export_sql_end[$r] = ' FROM '.MAIN_DB_PREFIX.'eventorganization_conferenceorboothattendee as t, '.MAIN_DB_PREFIX.'projet as p';
|
||||
$this->export_sql_end[$r] .= ' WHERE t.fk_project = p.rowid';
|
||||
$this->export_sql_end[$r] .= ' AND p.entity IN ('.getEntity('conferenceorboothattendee').')';
|
||||
$this->export_sql_end[$r] = ' FROM '.MAIN_DB_PREFIX.'eventorganization_conferenceorboothattendee as t';
|
||||
$this->export_sql_end[$r] .= ' INNER JOIN '.MAIN_DB_PREFIX.'projet as p ON t.fk_project = p.rowid AND p.entity IN ('.getEntity('conferenceorboothattendee').')';
|
||||
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'eventorganization_conferenceorboothattendee_extrafields as extra on t.rowid = extra.fk_object';
|
||||
$r++;
|
||||
/* END MODULEBUILDER EXPORT CONFERENCEORBOOTHATTENDEES */
|
||||
|
||||
@@ -388,7 +388,7 @@ class modEventOrganization extends DolibarrModules
|
||||
$this->export_TypeFields_array[$r]['s.nom'] = 'Text';
|
||||
//$this->export_fields_array[$r]['t.fieldtoadd']='FieldToAdd'; $this->export_TypeFields_array[$r]['t.fieldtoadd']='Text';
|
||||
//unset($this->export_fields_array[$r]['t.fieldtoremove']);
|
||||
$keyforselect = 'conferenceorbooth';
|
||||
$keyforselect = 'actioncomm'; // The value in column elementtype of llx_extrafields table
|
||||
$keyforaliasextra = 'extra';
|
||||
$keyforelement = 'conferenceorbooth';
|
||||
include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php';
|
||||
@@ -396,16 +396,13 @@ class modEventOrganization extends DolibarrModules
|
||||
//$this->export_special_array[$r] = array('t.field'=>'...');
|
||||
//$this->export_examplevalues_array[$r] = array('t.field'=>'Example');
|
||||
//$this->export_help_array[$r] = array('t.field'=>'FieldDescHelp');
|
||||
$this->export_sql_start[$r] = 'SELECT DISTINCT ';
|
||||
$this->export_sql_start[$r] = "SELECT DISTINCT ";
|
||||
$this->export_sql_end[$r] = ' FROM '.MAIN_DB_PREFIX.'actioncomm as t';
|
||||
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON t.fk_soc = s.rowid,';
|
||||
$this->export_sql_end[$r] .= ' '.MAIN_DB_PREFIX.'projet as p,';
|
||||
$this->export_sql_end[$r] .= ' '.MAIN_DB_PREFIX.'c_actioncomm as ca';
|
||||
$this->export_sql_end[$r] .= ' WHERE t.fk_project = p.rowid';
|
||||
$this->export_sql_end[$r] .= ' AND ca.id = t.fk_action';
|
||||
$this->export_sql_end[$r] .= " AND t.code LIKE 'AC_EO_%'";
|
||||
$this->export_sql_end[$r] .= ' AND p.usage_organize_event = 1';
|
||||
$this->export_sql_end[$r] .= ' AND p.entity IN ('.getEntity('conferenceorboothattendee').')';
|
||||
$this->export_sql_end[$r] .= ' INNER JOIN '.MAIN_DB_PREFIX.'projet as p ON t.fk_project = p.rowid AND p.usage_organize_event = 1 AND p.entity IN ('.getEntity('conferenceorboothattendee').')';
|
||||
$this->export_sql_end[$r] .= ' INNER JOIN '.MAIN_DB_PREFIX.'c_actioncomm as ca ON ca.id = t.fk_action';
|
||||
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'societe as s ON t.fk_soc = s.rowid';
|
||||
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'actioncomm_extrafields as extra on t.id = extra.fk_object';
|
||||
$this->export_sql_end[$r] .= " WHERE t.code LIKE 'AC_EO_%'";
|
||||
$r++;
|
||||
/* END MODULEBUILDER EXPORT CONFERENCEORBOOTH */
|
||||
|
||||
|
||||
@@ -144,6 +144,7 @@ $entitytolang = array(
|
||||
'bomline' => 'BOMLine',
|
||||
'mrp' => 'ManufacturingOrder',
|
||||
'mrp_line' => 'ManufacturingOrderLine',
|
||||
'conferenceorbooth' => 'ConferenceOrBooth',
|
||||
'conferenceorboothattendee' => 'Attendee',
|
||||
'inventory' => 'Inventory',
|
||||
'inventory_line' => 'InventoryLine'
|
||||
@@ -1023,6 +1024,7 @@ if ($step == 4 && $datatoexport) {
|
||||
// Select request if all fields are selected
|
||||
$sqlmaxforexport = $objexport->build_sql(0, array(), array());
|
||||
|
||||
print '<br>';
|
||||
print '<div class="marginbottomonly"><span class="opacitymedium">'.$langs->trans("ChooseFieldsOrdersAndTitle").'</span></div>';
|
||||
|
||||
print '<div class="div-table-responsive-no-min">'; // You can use div-table-responsive-no-min if you don't need reserved height for your table
|
||||
@@ -1353,15 +1355,16 @@ if ($step == 5 && $datatoexport) {
|
||||
}
|
||||
$htmltabloflibs .= '</table><br>';
|
||||
|
||||
print '<br>';
|
||||
print '<span class="opacitymedium">'.$form->textwithpicto($langs->trans("NowClickToGenerateToBuildExportFile"), $htmltabloflibs, 1, 'help', '', 0, 2, 'helphonformat').'</span>';
|
||||
//print $htmltabloflibs;
|
||||
print '<br>';
|
||||
|
||||
print '</div>';
|
||||
|
||||
|
||||
if ($sqlusedforexport && $user->admin) {
|
||||
print info_admin($langs->trans("SQLUsedForExport").':<br> '.$sqlusedforexport, 0, 0, '1', '', 'TechnicalInformation');
|
||||
print info_admin($langs->trans("SQLUsedForExport").':<br> '.$sqlusedforexport, 0, 0, '1', '', 'TechnicalInformation').'<br>';
|
||||
print '<br>';
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -13,6 +13,7 @@
|
||||
* Copyright (C) 2023-2024 William Mead <william.mead@manchenumerique.fr>
|
||||
* Copyright (C) 2024-2025 MDW <mdeweerd@users.noreply.github.com>
|
||||
* Copyright (C) 2024 Alexandre Spangaro <alexandre@inovea-conseil.com>
|
||||
* Copyright (C) 2025 Pierre Ardoin <developpeur@lesmetiersdubatiment.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
||||
@@ -358,8 +358,8 @@ class CommandeFournisseurLigne extends CommonOrderLine
|
||||
} else {
|
||||
$sql .= "null,";
|
||||
}
|
||||
$sql .= "'".$this->db->escape((string) $this->product_type)."',";
|
||||
$sql .= ((int) $this->special_code) . ",";
|
||||
$sql .= ((int) $this->product_type).",";
|
||||
$sql .= ((int) $this->special_code).",";
|
||||
$sql .= "'".$this->db->escape((string) $this->rang)."',";
|
||||
$sql .= "'".$this->db->escape((string) $this->qty)."', ";
|
||||
$sql .= " ".(empty($this->vat_src_code) ? "''" : "'".$this->db->escape((string) $this->vat_src_code)."'").",";
|
||||
|
||||
@@ -225,7 +225,7 @@ class Evaluation extends CommonObject
|
||||
}
|
||||
|
||||
if (!$user->hasRight('hrm', 'evaluation', 'readall')) {
|
||||
$this->fields['fk_user']['type'] .= ':t.rowid:IN:'.$this->db->sanitize(implode(",", $user->getAllChildIds(1)));
|
||||
$this->fields['fk_user']['type'] .= ' AND (t.rowid:IN:'.$this->db->sanitize(implode(",", $user->getAllChildIds(1))) .')';
|
||||
}
|
||||
|
||||
$this->date_eval = dol_now();
|
||||
|
||||
@@ -105,8 +105,9 @@ $permissiontoread = $user->hasRight('hrm', 'evaluation', 'read'); // Used by the
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft);
|
||||
$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0;
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
if (!isModEnabled('hrm')) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
@@ -71,10 +71,8 @@ $permission = $user->hasRight('hrm', 'evaluation', 'write');
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
//if (empty($conf->hrm->enabled)) accessforbidden();
|
||||
//if (!$permissiontoread) accessforbidden();
|
||||
$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0;
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -94,16 +94,12 @@ $permissiontoadd = $user->hasRight('hrm', 'evaluation', 'write'); // Used by th
|
||||
$permissiontoread = $user->hasRight('hrm', 'evaluation', 'read');
|
||||
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
if (empty($conf->hrm->enabled)) {
|
||||
accessforbidden();
|
||||
}
|
||||
if (!$permissiontoread) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
$isdraft = $object->status == Evaluation::STATUS_DRAFT ? 1 : 0;
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
|
||||
if (!isModEnabled('hrm')) accessforbidden();
|
||||
if (!$permissiontoread) accessforbidden();
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -75,10 +75,10 @@ $permissiontoread = $user->hasRight('hrm', 'evaluation', 'read'); // Used by th
|
||||
// Security check (enable the most restrictive one)
|
||||
//if ($user->socid > 0) accessforbidden();
|
||||
//if ($user->socid > 0) $socid = $user->socid;
|
||||
//$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
|
||||
//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
//if (empty($conf->hrm->enabled)) accessforbidden();
|
||||
//if (!$permissiontoread) accessforbidden();
|
||||
$isdraft = (($object->status == Evaluation::STATUS_DRAFT) ? 1 : 0);
|
||||
restrictedArea($user, $object->element, $object, $object->table_element, '', 'fk_soc', 'rowid', $isdraft);
|
||||
if (empty($conf->hrm->enabled)) accessforbidden();
|
||||
if (!$permissiontoread) accessforbidden();
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -1898,7 +1898,7 @@ if ($step == 5 && $datatoimport) {
|
||||
//dol_syslog("line ".$sourcelinenb.' - '.$nboflines.' - '.$excludefirstline.' - '.$endatlinenb);
|
||||
$arrayrecord = $obj->import_read_record();
|
||||
if ($arrayrecord === false) {
|
||||
$arrayofwarnings[$sourcelinenb][0] = array('lib' => 'File has '.$nboflines.' lines. However we reach the end of file or an empty line at record '.$sourcelinenb.'. This may occurs when some records are split onto several lines and not correctly delimited by the "Char delimiter", or if there is line with no data on all fields.', 'type' => 'EOF_RECORD_ON_SEVERAL_LINES');
|
||||
$arrayofwarnings[$sourcelinenb][0] = array('lib' => $langs->trans('ErrorFileLinesReachEOF', $nboflines, $sourcelinenb), 'type' => 'EOF_RECORD_ON_SEVERAL_LINES');
|
||||
$endoffile++;
|
||||
continue;
|
||||
}
|
||||
@@ -2321,7 +2321,7 @@ if ($step == 6 && $datatoimport) {
|
||||
$sourcelinenb++;
|
||||
$arrayrecord = $obj->import_read_record();
|
||||
if ($arrayrecord === false) {
|
||||
$arrayofwarnings[$sourcelinenb][0] = array('lib' => 'File has '.$nboflines.' lines. However we reach the end of file or an empty line at record '.$sourcelinenb.'. This may occurs when some records are split onto several lines and not correctly delimited by the "Char delimiter", or if there is line with no data on all fields.', 'type' => 'EOF_RECORD_ON_SEVERAL_LINES');
|
||||
$arrayofwarnings[$sourcelinenb][0] = array('lib' => $langs->trans('ErrorFileLinesReachEOF', $nboflines, $sourcelinenb), 'type' => 'EOF_RECORD_ON_SEVERAL_LINES');
|
||||
$endoffile++;
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -152,3 +152,4 @@ MandatoryTargetFieldsNotMapped=Some mandatory target fields are not mapped
|
||||
AllTargetMandatoryFieldsAreMapped=All target fields that need a mandatory value are mapped
|
||||
ResultOfSimulationNoError=Result of simulation: No error
|
||||
NumberOfLinesLimited=Number of lines limited
|
||||
ErrorFileLinesReachEOF=File has %s lines. However we reach the end of file or an empty line at record %s. This may occurs when some records are split onto several lines and not correctly delimited by the "Char delimiter", or if there is line with no data on all fields.
|
||||
|
||||
@@ -337,7 +337,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt(
|
||||
if ((GETPOSTISSET('massaction') || $tmpaction) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 3) {
|
||||
// All GET actions (except the listed exceptions that are usually post for pre-actions and not real action) and mass actions are processed as sensitive.
|
||||
// We exclude some action that are not sensitive so legitimate
|
||||
if (GETPOSTISSET('massaction') || (strpos($tmpaction, 'display') !== 0 && !in_array($tmpaction, array('create', 'create2', 'createsite', 'createcard', 'edit', 'editcontract', 'editvalidator', 'file_manager', 'presend', 'presend_addmessage', 'preview', 'reconcile', 'specimen')))) {
|
||||
if (GETPOSTISSET('massaction') || (strpos($tmpaction, 'display') !== 0 && !in_array($tmpaction, array('create', 'create2', 'createsite', 'createcard', 'edit', 'editcontract', 'editvalidator', 'file_manager', 'presend', 'presend_addmessage', 'preview', 'reconcile', 'specimen', 'validatenewpassword')))) {
|
||||
$sensitiveget = true;
|
||||
}
|
||||
} elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 2) {
|
||||
|
||||
@@ -55,9 +55,9 @@ $include_sub_warehouse = !empty(GETPOST('include_sub_warehouse')) ? GETPOST('inc
|
||||
$hookmanager->initHooks(array('inventorycard', 'globalcard')); // Note that conf->hooks_modules contains array
|
||||
|
||||
if (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
|
||||
$result = restrictedArea($user, 'stock', $id);
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock');
|
||||
} else {
|
||||
$result = restrictedArea($user, 'stock', $id, '', 'inventory_advance');
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance');
|
||||
}
|
||||
|
||||
// Initialize a technical objects
|
||||
|
||||
@@ -72,9 +72,9 @@ $totalExpectedValuation = 0;
|
||||
$totalRealValuation = 0;
|
||||
$hookmanager->initHooks(array('inventorycard')); // Note that conf->hooks_modules contains array
|
||||
if (!getDolGlobalString('MAIN_USE_ADVANCED_PERMS')) {
|
||||
$result = restrictedArea($user, 'stock', $id);
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock');
|
||||
} else {
|
||||
$result = restrictedArea($user, 'stock', $id, '', 'inventory_advance');
|
||||
$result = restrictedArea($user, 'stock', $id, 'inventory&stock', 'inventory_advance');
|
||||
}
|
||||
|
||||
// Initialize a technical objects
|
||||
|
||||
@@ -85,8 +85,7 @@ if (!$sortorder) {
|
||||
$hookmanager->initHooks(array('warehousecard', 'stocklist', 'globalcard'));
|
||||
|
||||
// Security check
|
||||
//$result=restrictedArea($user,'stock', $id, 'entrepot&stock');
|
||||
$result = restrictedArea($user, 'stock');
|
||||
$result=restrictedArea($user, 'stock', $id, 'entrepot&stock');
|
||||
|
||||
$object = new Entrepot($db);
|
||||
$extrafields = new ExtraFields($db);
|
||||
|
||||
@@ -22,7 +22,7 @@ use Luracast\Restler\RestException;
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/class/timespent.class.php';
|
||||
|
||||
/**
|
||||
* API class for projects
|
||||
@@ -528,6 +528,44 @@ class Tasks extends DolibarrApi
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get time spent of a task
|
||||
*
|
||||
* @param int $id Id of task
|
||||
* @param int $timespent_id Id of timespent
|
||||
*
|
||||
* @url GET {id}/getTimeSpent/{timespent_id}
|
||||
*
|
||||
* @return Object data without useless information
|
||||
*
|
||||
* @throws RestException
|
||||
*/
|
||||
public function getTimeSpent($id, $timespent_id)
|
||||
{
|
||||
dol_syslog("API Rest request::getTimeSpent", LOG_DEBUG);
|
||||
if (! DolibarrApiAccess::$user->hasRight('projet', 'lire')) {
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
$taskresult = $this->task->fetch($id);
|
||||
if (!$taskresult ) {
|
||||
throw new RestException(404, 'Task with id='.$id.' not found');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$timespent = new TimeSpent($this->db);
|
||||
$timeresult = $timespent->fetch($timespent_id);
|
||||
if (!$timeresult ) {
|
||||
throw new RestException(404, 'Timespent with id='.$timespent_id.' not found');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('time', $timespent->id)) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanTimeSpentObjectDatas($timespent);
|
||||
}
|
||||
|
||||
/**
|
||||
* Add time spent to a task of a project.
|
||||
@@ -538,6 +576,7 @@ class Tasks extends DolibarrApi
|
||||
* @param datetime $date Date (YYYY-MM-DD HH:MI:SS in GMT)
|
||||
* @phan-param string $date
|
||||
* @param int $duration Duration in seconds (3600 = 1h)
|
||||
* @param int $product_id The product id that is used, default is null
|
||||
* @param int $user_id User (Use 0 for connected user)
|
||||
* @param string $note Note
|
||||
*
|
||||
@@ -548,7 +587,7 @@ class Tasks extends DolibarrApi
|
||||
* @phan-return array{success:array{code:int,message:string}}
|
||||
* @phpstan-return array{success:array{code:int,message:string}}
|
||||
*/
|
||||
public function addTimeSpent($id, $date, $duration, $user_id = 0, $note = '')
|
||||
public function addTimeSpent($id, $date, $duration, $product_id = null, $user_id = 0, $note = '')
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight('projet', 'creer')) {
|
||||
throw new RestException(403);
|
||||
@@ -572,6 +611,7 @@ class Tasks extends DolibarrApi
|
||||
$this->task->timespent_datehour = $newdate;
|
||||
$this->task->timespent_withhour = 1;
|
||||
$this->task->timespent_duration = $duration;
|
||||
$this->task->timespent_fk_product = $product_id;
|
||||
$this->task->timespent_fk_user = $uid;
|
||||
$this->task->timespent_note = $note;
|
||||
|
||||
@@ -601,6 +641,7 @@ class Tasks extends DolibarrApi
|
||||
* @param datetime $date Date (YYYY-MM-DD HH:MI:SS in GMT)
|
||||
* @phan-param string $date
|
||||
* @param int $duration Duration in seconds (3600 = 1h)
|
||||
* @param int $product_id The product id that is used, default is null
|
||||
* @param int $user_id User (Use 0 for connected user)
|
||||
* @param string $note Note
|
||||
*
|
||||
@@ -610,7 +651,7 @@ class Tasks extends DolibarrApi
|
||||
* @phan-return array{success:array{code:int,message:string}}
|
||||
* @phpstan-return array{success:array{code:int,message:string}}
|
||||
*/
|
||||
public function putTimeSpent($id, $timespent_id, $date, $duration, $user_id = 0, $note = '')
|
||||
public function putTimeSpent($id, $timespent_id, $date, $duration, $product_id = null, $user_id = 0, $note = '')
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight('projet', 'creer')) {
|
||||
throw new RestException(403);
|
||||
@@ -626,6 +667,7 @@ class Tasks extends DolibarrApi
|
||||
$this->task->timespent_datehour = $newdate;
|
||||
$this->task->timespent_withhour = 1;
|
||||
$this->task->timespent_duration = $duration;
|
||||
$this->task->timespent_fk_product = $product_id;
|
||||
$this->task->timespent_fk_user = $user_id ?? DolibarrApiAccess::$user->id;
|
||||
$this->task->timespent_note = $note;
|
||||
|
||||
@@ -689,8 +731,9 @@ class Tasks extends DolibarrApi
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
protected function timespentRecordChecks($id, $timespent_id)
|
||||
private function timespentRecordChecks($id, $timespent_id)
|
||||
{
|
||||
dol_syslog("API Rest request::timespentRecordChecks", LOG_DEBUG);
|
||||
if ($this->task->fetch($id) <= 0) {
|
||||
throw new RestException(404, 'Task not found');
|
||||
}
|
||||
@@ -755,6 +798,132 @@ class Tasks extends DolibarrApi
|
||||
return $object;
|
||||
}
|
||||
|
||||
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
|
||||
/**
|
||||
* Clean sensitive object data
|
||||
* @phpstan-template T of Object
|
||||
*
|
||||
* @param Object $object Object to clean
|
||||
* @return Object Object with cleaned properties
|
||||
*
|
||||
* @phpstan-param T $object
|
||||
* @phpstan-return T
|
||||
*/
|
||||
protected function _cleanTimeSpentObjectDatas($object)
|
||||
{
|
||||
if (!$object->note_private) {
|
||||
$object->note_private = $object->note;
|
||||
// unsure if we should use note_private or note_public, but note_private should be more secure
|
||||
}
|
||||
$saving_fk_element = $object->fk_element;
|
||||
// because calling parent::_cleanObjectDatas clears fk_element
|
||||
|
||||
// phpcs:enable
|
||||
$object = parent::_cleanObjectDatas($object);
|
||||
|
||||
unset($object->barcode_type);
|
||||
unset($object->barcode_type_code);
|
||||
unset($object->barcode_type_label);
|
||||
unset($object->barcode_type_coder);
|
||||
unset($object->cond_reglement_id);
|
||||
unset($object->cond_reglement);
|
||||
unset($object->fk_delivery_address);
|
||||
unset($object->shipping_method_id);
|
||||
unset($object->fk_account);
|
||||
unset($object->fk_incoterms);
|
||||
unset($object->label_incoterms);
|
||||
unset($object->location_incoterms);
|
||||
unset($object->name);
|
||||
unset($object->lastname);
|
||||
unset($object->firstname);
|
||||
unset($object->civility_id);
|
||||
unset($object->mode_reglement_id);
|
||||
unset($object->country);
|
||||
unset($object->country_id);
|
||||
unset($object->country_code);
|
||||
|
||||
unset($object->weekWorkLoad);
|
||||
unset($object->weekWorkLoad);
|
||||
|
||||
unset($object->actiontypecode);
|
||||
unset($object->array_languages);
|
||||
unset($object->array_options);
|
||||
unset($object->canvas);
|
||||
unset($object->civility_code);
|
||||
unset($object->cond_reglement_supplier_id);
|
||||
unset($object->contact_id);
|
||||
unset($object->contacts_ids);
|
||||
unset($object->contacts_ids_internal);
|
||||
unset($object->date_cloture);
|
||||
unset($object->date_validation);
|
||||
unset($object->demand_reason_id);
|
||||
unset($object->deposit_percent);
|
||||
unset($object->entity);
|
||||
unset($object->extraparams);
|
||||
unset($object->fk_multicurrency);
|
||||
unset($object->fk_project);
|
||||
unset($object->fk_user_creat);
|
||||
unset($object->fk_user_modif);
|
||||
unset($object->last_main_doc);
|
||||
unset($object->lines);
|
||||
unset($object->linkedObjectsIds);
|
||||
unset($object->module);
|
||||
unset($object->multicurrency_code);
|
||||
unset($object->multicurrency_total_ht);
|
||||
unset($object->multicurrency_total_localtax1);
|
||||
unset($object->multicurrency_total_localtax2);
|
||||
unset($object->multicurrency_total_ttc);
|
||||
unset($object->multicurrency_total_tva);
|
||||
unset($object->multicurrency_tx);
|
||||
unset($object->note_public);
|
||||
unset($object->origin_id);
|
||||
unset($object->origin_type);
|
||||
unset($object->product);
|
||||
unset($object->ref);
|
||||
unset($object->region_id);
|
||||
unset($object->retained_warranty_fk_cond_reglement);
|
||||
unset($object->rowid);
|
||||
unset($object->shipping_method);
|
||||
unset($object->specimen);
|
||||
unset($object->state_id);
|
||||
unset($object->status);
|
||||
unset($object->statut);
|
||||
unset($object->totalpaid);
|
||||
unset($object->transport_mode_id);
|
||||
unset($object->user);
|
||||
unset($object->user_author);
|
||||
unset($object->user_closing_id);
|
||||
unset($object->user_creation);
|
||||
unset($object->user_creation_id);
|
||||
unset($object->user_modification);
|
||||
unset($object->user_modification_id);
|
||||
unset($object->user_valid);
|
||||
unset($object->user_validation);
|
||||
unset($object->user_validation_id);
|
||||
unset($object->warehouse_id);
|
||||
|
||||
unset($object->total_ht);
|
||||
unset($object->total_tva);
|
||||
unset($object->total_localtax1);
|
||||
unset($object->total_localtax2);
|
||||
unset($object->total_ttc);
|
||||
|
||||
unset($object->comments);
|
||||
|
||||
if (!$object->date_creation) {
|
||||
$object->date_creation = $object->datec;
|
||||
}
|
||||
if (!$object->date_modification) {
|
||||
$object->date_modification = $object->tms;
|
||||
}
|
||||
if (!$object->fk_element) {
|
||||
$object->fk_element = $saving_fk_element;
|
||||
// because calling parent::_cleanObjectDatas clears fk_element
|
||||
}
|
||||
|
||||
return $object;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate fields before create or update object
|
||||
*
|
||||
@@ -776,8 +945,4 @@ class Tasks extends DolibarrApi
|
||||
}
|
||||
return $object;
|
||||
}
|
||||
|
||||
|
||||
// \todo
|
||||
// getSummaryOfTimeSpent
|
||||
}
|
||||
|
||||
@@ -1753,6 +1753,7 @@ class Task extends CommonObjectLine
|
||||
$sql .= " ptt.element_date_withhour as task_date_withhour,";
|
||||
$sql .= " ptt.element_duration as task_duration,";
|
||||
$sql .= " ptt.fk_user,";
|
||||
$sql .= " ptt.fk_product,";
|
||||
$sql .= " ptt.note,";
|
||||
$sql .= " ptt.thm,";
|
||||
$sql .= " pt.rowid as task_id,";
|
||||
@@ -1803,6 +1804,7 @@ class Task extends CommonObjectLine
|
||||
$newobj->timespent_line_withhour = $obj->task_date_withhour;
|
||||
$newobj->timespent_line_duration = $obj->task_duration;
|
||||
$newobj->timespent_line_fk_user = $obj->fk_user;
|
||||
$newobj->timespent_line_fk_product = $obj->fk_product;
|
||||
$newobj->timespent_line_thm = $obj->thm; // hourly rate
|
||||
$newobj->timespent_line_note = $obj->note;
|
||||
|
||||
|
||||
@@ -140,8 +140,8 @@ if (g.getDivId() != null)
|
||||
'task_alternate_id' => (int) -$t['task_project_id'],
|
||||
'task_name' => $projecttmp->ref.' '.$projecttmp->title,
|
||||
'task_resources' => '',
|
||||
'task_start_date' => 0,
|
||||
'task_end_date' => 0,
|
||||
'task_start_date' => $projecttmp->date_start,
|
||||
'task_end_date' => (!empty($projecttmp->date_end) ? $projecttmp->date_end : 0),
|
||||
'task_is_group' => 1, 'task_position' => 0, 'task_css' => 'ggroupblack', 'task_milestone' => 0, 'task_parent' => 0, 'task_parent_alternate_id' => 0,
|
||||
'note' => '',
|
||||
'task_planned_workload' => 0
|
||||
|
||||
@@ -204,7 +204,7 @@ if (($id > 0 && is_numeric($id)) || !empty($ref)) {
|
||||
print '</td></tr>';
|
||||
|
||||
// Date start - end project
|
||||
print '<tr><td>'.$langs->trans("Dates").'</td><td>';
|
||||
print '<tr><td>'.$langs->trans("DateStart").' - '.$langs->trans("DateEnd").'</td><td>';
|
||||
$start = dol_print_date($object->date_start, 'day');
|
||||
print($start ? $start : '?');
|
||||
$end = dol_print_date($object->date_end, 'day');
|
||||
|
||||
Reference in New Issue
Block a user