Select Git revision
-
tarrsalah authored
When a user don't have the permission `$user->rights->projet->all->lire`, viewing some tasks related entities (like `tasks/contact.php?id=1&withproject=1`) cause `Call to undefined method Task::getProjectsAuthorizedForUser()` fatal error. The problem is caused by calling getProjectsAuthorizedForUser on $object insted of $projectstatic.
tarrsalah authoredWhen a user don't have the permission `$user->rights->projet->all->lire`, viewing some tasks related entities (like `tasks/contact.php?id=1&withproject=1`) cause `Call to undefined method Task::getProjectsAuthorizedForUser()` fatal error. The problem is caused by calling getProjectsAuthorizedForUser on $object insted of $projectstatic.
note.php 7.10 KiB
<?php
/* Copyright (C) 2010-2012 Regis Houssin <regis.houssin@capnetworks.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/projet/tasks/note.php
* \ingroup project
* \brief Page to show information on a task
*/
require ("../../main.inc.php");
require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
require_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/project.lib.php';
$langs->load('projects');
$action=GETPOST('action','alpha');
$confirm=GETPOST('confirm','alpha');
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
//if (! $user->rights->projet->all->lire) $mine=1; // Special for projects
$id = GETPOST('id','int');
$ref= GETPOST('ref', 'alpha');
$withproject=GETPOST('withproject','int');
$project_ref = GETPOST('project_ref','alpha');
// Security check
$socid=0;
if ($user->societe_id > 0) $socid = $user->societe_id;
if (!$user->rights->projet->lire) accessforbidden();
//$result = restrictedArea($user, 'projet', $id, '', 'task'); // TODO ameliorer la verification
$object = new Task($db);
$projectstatic = new Project($db);
if ($id > 0 || ! empty($ref))
{
if ($object->fetch($id,$ref) > 0)
{
$projectstatic->fetch($object->fk_project);
if (! empty($projectstatic->socid)) $projectstatic->fetch_thirdparty();
$object->project = clone $projectstatic;
}
else
{
dol_print_error($db);
}
}
// Retreive First Task ID of Project if withprojet is on to allow project prev next to work
if (! empty($project_ref) && ! empty($withproject))
{
if ($projectstatic->fetch(0,$project_ref) > 0)
{
$tasksarray=$object->getTasksArray(0, 0, $projectstatic->id, $socid, 0);
if (count($tasksarray) > 0)
{
$id=$tasksarray[0]->id;
$object->fetch($id);
}
else
{
header("Location: ".DOL_URL_ROOT.'/projet/tasks.php?id='.$projectstatic->id.(empty($mode)?'':'&mode='.$mode));
}
}
}
$permissionnote=($user->rights->projet->creer || $user->rights->projet->all->creer);
/*
* Actions
*/
include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php';
/*
* View
*/
llxHeader('', $langs->trans("Task"));
$form = new Form($db);
$userstatic = new User($db);
$now=dol_now();
if ($object->id > 0)
{
$userWrite = $projectstatic->restrictedProjectArea($user,'write');
if (! empty($withproject))
{
// Tabs for project
$tab='tasks';
$head=project_prepare_head($projectstatic);
dol_fiche_head($head, $tab, $langs->trans("Project"),0,($projectstatic->public?'projectpub':'project'));
$param=($mode=='mine'?'&mode=mine':'');
// Project card
$linkback = '<a href="'.DOL_URL_ROOT.'/projet/list.php">'.$langs->trans("BackToList").'</a>';
$morehtmlref='<div class="refidno">';
// Title
$morehtmlref.=$projectstatic->title;
// Thirdparty
if ($projectstatic->thirdparty->id > 0)
{
$morehtmlref.='<br>'.$langs->trans('ThirdParty') . ' : ' . $projectstatic->thirdparty->getNomUrl(1, 'project');
}
$morehtmlref.='</div>';
// Define a complementary filter for search of next/prev ref.
if (! $user->rights->projet->all->lire)
{
$objectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,0);
$projectstatic->next_prev_filter=" rowid in (".(count($objectsListId)?join(',',array_keys($objectsListId)):'0').")";
}
dol_banner_tab($projectstatic, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref);
print '<div class="fichecenter">';
print '<div class="fichehalfleft">';
print '<div class="underbanner clearboth"></div>';
print '<table class="border" width="100%">';
// Visibility
print '<tr><td class="titlefield">'.$langs->trans("Visibility").'</td><td>';
if ($projectstatic->public) print $langs->trans('SharedProject');
else print $langs->trans('PrivateProject');
print '</td></tr>';
// Date start - end
print '<tr><td>'.$langs->trans("DateStart").' - '.$langs->trans("DateEnd").'</td><td>';
print dol_print_date($projectstatic->date_start,'day');
$end=dol_print_date($projectstatic->date_end,'day');
if ($end) print ' - '.$end;
print '</td></tr>';
// Budget
print '<tr><td>'.$langs->trans("Budget").'</td><td>';
if (strcmp($projectstatic->budget_amount, '')) print price($projectstatic->budget_amount,'',$langs,1,0,0,$conf->currency);
print '</td></tr>';
// Other attributes
$cols = 2;
//include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php';
print '</table>';
print '</div>';
print '<div class="fichehalfright">';
print '<div class="ficheaddleft">';
print '<div class="underbanner clearboth"></div>';
print '<table class="border" width="100%">';
// Description
print '<td class="titlefield tdtop">'.$langs->trans("Description").'</td><td>';
print nl2br($projectstatic->description);
print '</td></tr>';
// Categories
if($conf->categorie->enabled) {
print '<tr><td valign="middle">'.$langs->trans("Categories").'</td><td>';
print $form->showCategories($projectstatic->id,'project',1);
print "</td></tr>";
}
print '</table>';
print '</div>';
print '</div>';
print '</div>';
print '<div class="clearboth"></div>';
dol_fiche_end();
}
$head = task_prepare_head($object);
dol_fiche_head($head, 'task_notes', $langs->trans('Task'), 0, 'projecttask');
print '<table class="border" width="100%">';
$param=(GETPOST('withproject')?'&withproject=1':'');
$linkback=GETPOST('withproject')?'<a href="'.DOL_URL_ROOT.'/projet/tasks.php?id='.$projectstatic->id.'">'.$langs->trans("BackToList").'</a>':'';
// Ref
print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td>';
if (empty($withproject) || empty($projectstatic->id))
{
$projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,1);
$object->next_prev_filter=" fk_projet in (".$projectsListId.")";
}
else $object->next_prev_filter=" fk_projet = ".$projectstatic->id;
print $form->showrefnav($object,'ref',$linkback,1,'ref','ref','',$param);
print '</td></tr>';
// Label
print '<tr><td>'.$langs->trans("Label").'</td><td>'.$object->label.'</td></tr>';
// Project
if (empty($withproject))
{
print '<tr><td>'.$langs->trans("Project").'</td><td colspan="3">';
print $projectstatic->getNomUrl(1);
print '</td></tr>';
// Third party
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
if ($projectstatic->thirdparty->id > 0) print $projectstatic->thirdparty->getNomUrl(1);
else print' ';
print '</td></tr>';
}
print "</table>";
print '<br>';
$cssclass='titlefield';
$moreparam=$param;
include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php';
dol_fiche_end();
}
llxFooter();
$db->close();