diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php
index dbf95bebec8ec96e735dc261dd5e84a93a038b64..ede2839aa0908961861122103f874500aa431b23 100644
--- a/htdocs/projet/index.php
+++ b/htdocs/projet/index.php
@@ -41,7 +41,7 @@ if ($user->societe_id > 0)
* View
*/
-$company=new Societe($db);
+$socstatic=new Societe($db);
$projectstatic=new Project($db);
llxHeader("",$langs->trans("Projects"),"EN:Module_Projects|FR:Module_Projets|ES:Módulo_Proyectos");
@@ -60,13 +60,10 @@ print_liste_field_titre($langs->trans("NbOpenTasks"),"","","","",'align="right"'
print_liste_field_titre($langs->trans("Status"),"","","","",'align="right"',$sortfield,$sortorder);
print "</tr>\n";
-$sql = "SELECT p.title, p.rowid, p.fk_statut, count(t.rowid) as nb";
+$sql = "SELECT p.rowid as projectid, p.ref, p.title, p.fk_user_creat, p.public, p.fk_statut, count(t.rowid) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
-$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
-if (!$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."projet_task as t ON p.rowid = t.fk_projet";
$sql.= " WHERE p.entity = ".$conf->entity;
-//if ($_REQUEST["mode"]=='mine') $sql.=' AND p.fk_user_resp='.$user->id;
if ($socid) $sql.= " AND p.fk_soc = ".$socid;
$sql.= " GROUP BY p.title, p.rowid";
@@ -79,14 +76,24 @@ if ( $resql )
while ($i < $num)
{
- $row = $db->fetch_object($resql);
- $var=!$var;
- print "<tr $bc[$var]>";
- print '<td nowrap="nowrap"><a href="'.DOL_URL_ROOT.'/projet/fiche.php?id='.$row->rowid.'">'.img_object($langs->trans("ShowProject"),"project")." ".$row->title.'</a></td>';
- print '<td align="right">'.$row->nb.'</td>';
- $projectstatic->statut=$row->fk_statut;
- print '<td align="right">'.$projectstatic->getLibStatut(3).'</td>';
- print "</tr>\n";
+ $objp = $db->fetch_object($resql);
+
+ $projectstatic->id = $objp->projectid;
+ $projectstatic->user_author_id = $objp->fk_user_creat;
+ $projectstatic->public = $objp->public;
+
+ $userAccess = $projectstatic->restrictedProjectArea($user,1);
+
+ if ($userAccess >= 0)
+ {
+ $var=!$var;
+ print "<tr $bc[$var]>";
+ print '<td nowrap="nowrap"><a href="'.DOL_URL_ROOT.'/projet/fiche.php?id='.$objp->projectid.'">'.img_object($langs->trans("ShowProject"),"project")." ".$objp->title.'</a></td>';
+ print '<td align="right">'.$objp->nb.'</td>';
+ $projectstatic->statut = $objp->fk_statut;
+ print '<td align="right">'.$projectstatic->getLibStatut(3).'</td>';
+ print "</tr>\n";
+ }
$i++;
}
@@ -108,12 +115,11 @@ print_liste_field_titre($langs->trans("Company"),"index.php","s.nom","","","",$s
print_liste_field_titre($langs->trans("NbOfProjects"),"","","","",'align="right"',$sortfield,$sortorder);
print "</tr>\n";
-$sql = "SELECT count(p.rowid) as nb, s.nom, s.rowid as socid";
+$sql = "SELECT count(p.rowid) as nb";
+$sql.= ", s.nom, s.rowid as socid";
$sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
-if (!$user->rights->societe->client->voir && !$socid) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
$sql.= " WHERE p.entity = ".$conf->entity;
-//if ($_REQUEST["mode"]=='mine') $sql.=' AND p.fk_user_resp='.$user->id;
if ($socid) $sql.= " AND s.rowid = ".$socid;
$sql.= " GROUP BY s.nom, s.rowid";
//$sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit, $offset);
@@ -133,9 +139,9 @@ if ( $resql )
print '<td nowrap="nowrap">';
if ($obj->socid)
{
- $company->id=$obj->socid;
- $company->nom=$obj->nom;
- print $company->getNomUrl(1);
+ $socstatic->id=$obj->socid;
+ $socstatic->nom=$obj->nom;
+ print $socstatic->getNomUrl(1);
}
else
{
diff --git a/htdocs/projet/liste.php b/htdocs/projet/liste.php
index ac6aa34fcc198f0cfa76add206c17d95211e23eb..aecd4798af90fee8729db183c6efd9867da93b76 100644
--- a/htdocs/projet/liste.php
+++ b/htdocs/projet/liste.php
@@ -66,9 +66,9 @@ $pagenext = $page + 1;
llxHeader("",$langs->trans("Projects"),"EN:Module_Projects|FR:Module_Projets|ES:Módulo_Proyectos");
$projectstatic = new Project($db);
-$staticsoc=new Societe($db);
+$socstatic = new Societe($db);
-$sql = "SELECT p.rowid as projectid, p.ref, p.title, p.fk_statut, p.public";
+$sql = "SELECT p.rowid as projectid, p.ref, p.title, p.fk_statut, p.public, p.fk_user_creat";
$sql.= ", p.datec as date_create, p.dateo as date_start, p.datee as date_end";
$sql.= ", s.nom, s.rowid as socid";
$sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
@@ -128,46 +128,57 @@ if ($resql)
while ($i < $num)
{
$objp = $db->fetch_object($resql);
- $var=!$var;
- print "<tr $bc[$var]>";
-
- print "<td>";
- $projectstatic->id=$objp->projectid;
- $projectstatic->ref=$objp->ref;
- print $projectstatic->getNomUrl(1);
- print "</td>";
-
- // Title
- print '<td>';
- print dol_trunc($objp->title,24);
- print '</td>';
-
- // Company
- print '<td>';
- if ($objp->socid)
+
+ $projectstatic->id = $objp->projectid;
+ $projectstatic->user_author_id = $objp->fk_user_creat;
+ $projectstatic->public = $objp->public;
+
+ $userAccess = $projectstatic->restrictedProjectArea($user,1);
+
+ if ($userAccess >= 0)
{
- $staticsoc->id=$objp->socid;
- $staticsoc->nom=$objp->nom;
- print $staticsoc->getNomUrl(1);
- }
- else
- {
- print ' ';
- }
- print '</td>';
-
- // Visibility
- print '<td align="left">';
- if ($objp->public) print $langs->trans('SharedProject');
- else print $langs->trans('Private');
- print '</td>';
-
- // Status
- $projectstatic->statut=$objp->fk_statut;
- print '<td align="right">'.$projectstatic->getLibStatut(3).'</td>';
-
- print "</tr>\n";
+ $var=!$var;
+ print "<tr $bc[$var]>";
+
+ // Project url
+ print "<td>";
+ $projectstatic->ref = $objp->ref;
+ print $projectstatic->getNomUrl(1);
+ print "</td>";
+
+ // Title
+ print '<td>';
+ print dol_trunc($objp->title,24);
+ print '</td>';
+
+ // Company
+ print '<td>';
+ if ($objp->socid)
+ {
+ $socstatic->id=$objp->socid;
+ $socstatic->nom=$objp->nom;
+ print $socstatic->getNomUrl(1);
+ }
+ else
+ {
+ print ' ';
+ }
+ print '</td>';
+
+ // Visibility
+ print '<td align="left">';
+ if ($objp->public) print $langs->trans('SharedProject');
+ else print $langs->trans('Private');
+ print '</td>';
+
+ // Status
+ $projectstatic->statut = $objp->fk_statut;
+ print '<td align="right">'.$projectstatic->getLibStatut(3).'</td>';
+
+ print "</tr>\n";
+ }
+
$i++;
}
diff --git a/htdocs/projet/project.class.php b/htdocs/projet/project.class.php
index 76d7e12fb860aad5736d5080ff08f6cddf5180ab..239443d8c2557d30658a405227ce7f703d1fa402 100644
--- a/htdocs/projet/project.class.php
+++ b/htdocs/projet/project.class.php
@@ -608,7 +608,7 @@ class Project extends CommonObject
/**
* \brief Check permissions
*/
- function restrictedProjectArea($user)
+ function restrictedProjectArea($user,$list=0)
{
// To verify role of users
$userAccess = 0;
@@ -635,7 +635,18 @@ class Project extends CommonObject
}
}
- if (!$userAccess && !$this->public) accessforbidden('',0);
+ if (!$userAccess && !$this->public)
+ {
+ if (!$list)
+ {
+ accessforbidden('',0);
+ }
+ else
+ {
+ return -1;
+ }
+
+ }
return $userAccess;
}