From 1ecd6db530dcbde0733a72c5716dd0957b5a194e Mon Sep 17 00:00:00 2001 From: Rodolphe Quiedeville <rodolphe@quiedeville.org> Date: Tue, 30 Aug 2005 13:15:04 +0000 Subject: [PATCH] Modif permissions --- htdocs/telephonie/tarifs/index.php | 20 ++++++++------ htdocs/telephonie/tarifs/pre.inc.php | 12 ++++++-- htdocs/telephonie/tarifs/tarif.php | 41 +++++++--------------------- 3 files changed, 31 insertions(+), 42 deletions(-) diff --git a/htdocs/telephonie/tarifs/index.php b/htdocs/telephonie/tarifs/index.php index 471637ce8b1..0032f806fb1 100644 --- a/htdocs/telephonie/tarifs/index.php +++ b/htdocs/telephonie/tarifs/index.php @@ -75,14 +75,19 @@ $sql .= " , t.libelle as tarif, t.rowid as tarif_id"; $sql .= " , m.temporel, m.fixe"; $sql .= " , u.code"; $sql .= " FROM ".MAIN_DB_PREFIX."telephonie_tarif_grille as d"; -$sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_montant as m"; -$sql .= "," . MAIN_DB_PREFIX."telephonie_tarif as t"; -$sql .= "," . MAIN_DB_PREFIX."user as u"; +$sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_grille_rights as r"; +$sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_montant as m"; +$sql .= "," . MAIN_DB_PREFIX."telephonie_tarif as t"; +$sql .= "," . MAIN_DB_PREFIX."user as u"; $sqlc .= " WHERE d.rowid = m.fk_tarif_desc"; $sqlc .= " AND m.fk_tarif = t.rowid"; $sqlc .= " AND m.fk_user = u.rowid"; +$sqlc .= " AND d.rowid = r.fk_grille"; +$sqlc .= " AND r.fk_user =".$user->id; +$sqlc .= " AND r.pread = 1"; + if ($_GET["search_libelle"]) { $sqlc .=" AND t.libelle LIKE '%".$_GET["search_libelle"]."%'"; @@ -98,14 +103,13 @@ if ($_GET["type"]) $sqlc .= " AND d.type_tarif = '".$_GET["type"]."'"; } - $sql = $sql . $sqlc . " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset); -$result = $db->query($sql); -if ($result) +$resql = $db->query($sql); +if ($resql) { - $num = $db->num_rows(); + $num = $db->num_rows($resql); $i = 0; print_barre_liste("Tarifs", $page, "index.php", "&type=".$_GET["type"], $sortfield, $sortorder, '', $num); @@ -139,7 +143,7 @@ if ($result) while ($i < min($num,$conf->liste_limit)) { - $obj = $db->fetch_object($i); + $obj = $db->fetch_object($resql); $var=!$var; print "<tr $bc[$var]>"; diff --git a/htdocs/telephonie/tarifs/pre.inc.php b/htdocs/telephonie/tarifs/pre.inc.php index 66010fde907..51ddde31839 100644 --- a/htdocs/telephonie/tarifs/pre.inc.php +++ b/htdocs/telephonie/tarifs/pre.inc.php @@ -50,9 +50,11 @@ function llxHeader($head = "", $title="") { $menu->add(DOL_URL_ROOT."/telephonie/ligne/index.php", "Lignes"); - $menu->add(DOL_URL_ROOT."/telephonie/ligne/commande/", "Commandes"); + if ($user->rights->telephonie->ligne_commander) + $menu->add(DOL_URL_ROOT."/telephonie/ligne/commande/", "Commandes"); - $menu->add(DOL_URL_ROOT."/telephonie/stats/", "Statistiques"); + if ($user->rights->telephonie->stats->lire) + $menu->add(DOL_URL_ROOT."/telephonie/stats/", "Statistiques"); $menu->add(DOL_URL_ROOT."/telephonie/facture/", "Factures"); @@ -66,7 +68,11 @@ function llxHeader($head = "", $title="") { $menu->add_submenu(DOL_URL_ROOT."/telephonie/tarifs/prefix.php", "Prefix"); - $menu->add(DOL_URL_ROOT."/telephonie/fournisseurs.php", "Fournisseurs"); + if ($user->rights->telephonie->tarif->permission) + $menu->add_submenu(DOL_URL_ROOT."/telephonie/tarifs/permissions.php", "Permissions"); + + if ($user->rights->telephonie->fournisseur->lire) + $menu->add(DOL_URL_ROOT."/telephonie/fournisseurs.php", "Fournisseurs"); left_menu($menu->liste); diff --git a/htdocs/telephonie/tarifs/tarif.php b/htdocs/telephonie/tarifs/tarif.php index 96ce3153783..63317c1e80a 100644 --- a/htdocs/telephonie/tarifs/tarif.php +++ b/htdocs/telephonie/tarifs/tarif.php @@ -23,37 +23,6 @@ require("./pre.inc.php"); llxHeader(); -/* - * S�curit� acc�s client - */ -if ($user->societe_id > 0) -{ - $action = ''; - $socidp = $user->societe_id; -} - - - -/* - * Recherche - * - * - */ -if ($mode == 'search') { - if ($mode-search == 'soc') { - $sql = "SELECT s.idp FROM ".MAIN_DB_PREFIX."societe as s "; - $sql .= " WHERE lower(s.nom) like '%".strtolower($socname)."%'"; - } - - if ( $db->query($sql) ) { - if ( $db->num_rows() == 1) { - $obj = $db->fetch_object(0); - $socid = $obj->idp; - } - $db->free(); - } -} - /* * Mode Liste * @@ -66,6 +35,7 @@ $sql = "SELECT d.libelle as tarif_desc, d.type_tarif, d.rowid"; $sql .= " , t.libelle as tarif"; $sql .= " , m.temporel, m.fixe"; $sql .= " FROM ".MAIN_DB_PREFIX."telephonie_tarif_grille as d"; +$sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_grille_rights as r"; $sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_montant as m"; $sql .= "," . MAIN_DB_PREFIX."telephonie_tarif as t"; @@ -73,6 +43,10 @@ $sql .= " WHERE d.rowid = m.fk_tarif_desc"; $sql .= " AND m.fk_tarif = t.rowid"; $sql .= " AND t.rowid = '".$_GET["id"]."'"; $sql .= " AND d.type_tarif = 'vente'"; +$sql .= " AND d.rowid = r.fk_grille"; +$sql .= " AND r.fk_user =".$user->id; +$sql .= " AND r.pread = 1"; + $sql .= " ORDER BY t.libelle asc"; $resql = $db->query($sql); @@ -122,6 +96,7 @@ $sql = "SELECT d.libelle as tarif_desc, d.type_tarif, d.rowid"; $sql .= " , t.libelle as tarif"; $sql .= " , m.temporel, m.fixe"; $sql .= " FROM ".MAIN_DB_PREFIX."telephonie_tarif_grille as d"; +$sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_grille_rights as r"; $sql .= "," . MAIN_DB_PREFIX."telephonie_tarif_montant as m"; $sql .= "," . MAIN_DB_PREFIX."telephonie_tarif as t"; @@ -130,6 +105,10 @@ $sql .= " AND m.fk_tarif = t.rowid"; $sql .= " AND t.rowid = '".$_GET["id"]."'"; $sql .= " AND d.type_tarif = 'achat'"; +$sql .= " AND d.rowid = r.fk_grille"; +$sql .= " AND r.fk_user =".$user->id; +$sql .= " AND r.pread = 1"; + $sql .= " ORDER BY t.libelle ASC"; $resql = $db->query($sql); -- GitLab