diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index 896291fddef3f16c44955982ea5ec2b485fb8ab2..ea2f58299efdfba6b0454f5987cd255fa2e82408 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -150,10 +150,6 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
{
if (! $user->rights->prelevement->bons->lire) $readok=0;
}
- else if ($feature == 'commande_fournisseur')
- {
- if (! $user->rights->fournisseur->commande->lire) $readok=0;
- }
else if ($feature == 'cheque')
{
if (! $user->rights->banque->cheque) $readok=0;
diff --git a/htdocs/fourn/commande/contact.php b/htdocs/fourn/commande/contact.php
index 3d183a2392df3d29a9d88eb3e4471bb5c854384e..7840ae22042720498efed0a52dec8752acda3232 100644
--- a/htdocs/fourn/commande/contact.php
+++ b/htdocs/fourn/commande/contact.php
@@ -40,7 +40,7 @@ $action = GETPOST('action', 'alpha');
// Security check
if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $id,'');
+$result = restrictedArea($user, 'fournisseur', $id, '', 'commande');
$object = new CommandeFournisseur($db);
@@ -166,10 +166,10 @@ if ($id > 0 || ! empty($ref))
print '</div>';
print '<br>';
-
+
// Contacts lines
include DOL_DOCUMENT_ROOT.'/core/tpl/contacts.tpl.php';
-
+
}
else
{
diff --git a/htdocs/fourn/commande/dispatch.php b/htdocs/fourn/commande/dispatch.php
index 911e6b7fd903c02961cea5ac34a90c7942c75f01..1a41324479c31f77a903161f35b129f3f61290f8 100644
--- a/htdocs/fourn/commande/dispatch.php
+++ b/htdocs/fourn/commande/dispatch.php
@@ -44,7 +44,7 @@ $langs->load('stocks');
// Security check
$id = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $id,'');
+$result = restrictedArea($user, 'fournisseur', $id, '', 'commande');
if (empty($conf->stock->enabled))
{
@@ -84,7 +84,7 @@ if ($_POST["action"] == 'dispatch' && $user->rights->fournisseur->commande->rece
}
}
}
-
+
if (! $notrigger)
{
global $conf, $langs, $user;
@@ -94,7 +94,7 @@ if ($_POST["action"] == 'dispatch' && $user->rights->fournisseur->commande->rece
$result_trigger=$interface->run_triggers('ORDER_SUPPLIER_DISPATCH',$this,$user,$langs,$conf);
if ($result_trigger < 0) { $error++; $this->errors=$interface->errors; }
// Fin appel triggers
-
+
$this->db->commit();
}
@@ -282,7 +282,7 @@ if ($id > 0 || ! empty($ref))
print '<a href="'.DOL_URL_ROOT.'/product/fournisseurs.php?id='.$objp->fk_product.'">'.img_object($langs->trans("ShowProduct"),'product').' '.$objp->ref.'</a>';
print ' - '.$objp->label;
// To show detail cref and description value, we must make calculation by cref
- //print ($objp->cref?' ('.$objp->cref.')':'');
+ //print ($objp->cref?' ('.$objp->cref.')':'');
//if ($objp->description) print '<br>'.nl2br($objp->description);
print '<input name="product_'.$i.'" type="hidden" value="'.$objp->fk_product.'">';
print '<input name="pu_'.$i.'" type="hidden" value="'.$objp->subprice.'">';
diff --git a/htdocs/fourn/commande/document.php b/htdocs/fourn/commande/document.php
index 394d234e47b81dee4ba4d4ee9603eb24b9dc1f1d..d1fdaeb113eddd42a8267efc6004590851aec816 100644
--- a/htdocs/fourn/commande/document.php
+++ b/htdocs/fourn/commande/document.php
@@ -49,7 +49,7 @@ $confirm = GETPOST('confirm','alpha');
// Security check
if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $id,'');
+$result = restrictedArea($user, 'fournisseur', $id, '', 'commande');
// Get parameters
$sortfield = GETPOST("sortfield",'alpha');
diff --git a/htdocs/fourn/commande/fiche.php b/htdocs/fourn/commande/fiche.php
index 6a3698737555156a8dac935ae76a174bc7c568dc..856c92c88bfe8276c339be44425ecef8bd39ecf1 100644
--- a/htdocs/fourn/commande/fiche.php
+++ b/htdocs/fourn/commande/fiche.php
@@ -67,7 +67,7 @@ $hideref = (GETPOST('hideref','int') ? GETPOST('hideref','int') : (! empty($co
// Security check
if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $id,'');
+$result = restrictedArea($user, 'fournisseur', $id, '', 'commande');
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array('ordersuppliercard'));
@@ -683,7 +683,7 @@ else if ($action == 'add' && $user->rights->fournisseur->commande->creer)
{
$error++;
}
-
+
if ($error)
{
$langs->load("errors");
@@ -840,7 +840,7 @@ if ($action == 'send' && ! GETPOST('addfile') && ! GETPOST('removedfile') && ! G
else
{
// Redirect here
- // This avoid sending mail twice if going out and then back to page
+ // This avoid sending mail twice if going out and then back to page
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
@@ -959,28 +959,28 @@ $now=dol_now();
if ($action=="create")
{
print_fiche_titre($langs->trans('NewOrder'));
-
+
dol_htmloutput_mesg($mesg);
-
+
$societe='';
if ($socid>0)
{
$societe=new Societe($db);
$societe->fetch($socid);
}
-
+
print '<form name="add" action="'.$_SERVER["PHP_SELF"].'" method="post">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="add">';
print '<table class="border" width="100%">';
-
+
// Ref
print '<tr><td>'.$langs->trans('Ref').'</td><td>'.$langs->trans('Draft').'</td></tr>';
-
+
// Third party
print '<tr><td class="fieldrequired">'.$langs->trans('Supplier').'</td>';
print '<td>';
-
+
if ($socid > 0)
{
print $societe->getNomUrl(1);
@@ -991,30 +991,30 @@ if ($action=="create")
print $form->select_company((empty($socid)?'':$socid),'socid','s.fournisseur = 1',1);
}
print '</td>';
-
+
// Ref supplier
print '<tr><td>'.$langs->trans('RefSupplier').'</td><td><input name="refsupplier" type="text"></td>';
print '</tr>';
-
+
print '</td></tr>';
-
+
print '<tr><td>'.$langs->trans('Note').'</td>';
print '<td><textarea name="note" wrap="soft" cols="60" rows="'.ROWS_5.'"></textarea></td>';
print '</tr>';
-
+
print '<tr><td>'.$langs->trans('NotePublic').'</td>';
print '<td><textarea name="note_public" wrap="soft" cols="60" rows="'.ROWS_5.'"></textarea></td>';
print '</tr>';
-
+
// Other options
$parameters=array();
$reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action); // Note that $action and $object may have been modified by hook
-
+
// Bouton "Create Draft"
print "</table>\n";
-
+
print '<br><center><input type="submit" class="button" name="bouton" value="'.$langs->trans('CreateDraft').'"></center>';
-
+
print "</form>\n";
}
elseif (! empty($object->id))
@@ -1909,12 +1909,12 @@ elseif (! empty($object->id))
$formmail->substit['__SIGNATURE__']=$user->signature;
$formmail->substit['__PERSONALIZED__']='';
$formmail->substit['__CONTACTCIVNAME__']='';
-
+
//Find the good contact adress
$custcontact='';
$contactarr=array();
$contactarr=$object->liste_contact(-1,'external');
-
+
if (is_array($contactarr) && count($contactarr)>0) {
foreach($contactarr as $contact) {
if ($contact['libelle']==$langs->trans('TypeContact_order_supplier_external_BILLING')) {
@@ -1924,12 +1924,12 @@ elseif (! empty($object->id))
$custcontact=$contactstatic->getFullName($langs,1);
}
}
-
+
if (!empty($custcontact)) {
$formmail->substit['__CONTACTCIVNAME__']=$custcontact;
}
}
-
+
// Tableau des parametres complementaires
$formmail->param['action']='send';
$formmail->param['models']='order_supplier_send';
diff --git a/htdocs/fourn/commande/history.php b/htdocs/fourn/commande/history.php
index 80a68650d4881f1ace359480e728e4fd85961b42..77e5ddccf49922bf8c73536f8e40509ef8f56a4d 100644
--- a/htdocs/fourn/commande/history.php
+++ b/htdocs/fourn/commande/history.php
@@ -38,7 +38,7 @@ $ref=GETPOST('ref','alpha');
// Security check
$socid='';
if (! empty($user->societe_id)) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $id,'');
+$result = restrictedArea($user, 'fournisseur', $id, '', 'commande');
/*
diff --git a/htdocs/fourn/commande/index.php b/htdocs/fourn/commande/index.php
index c55765fd238302569963699ada963fa098580c65..f8101a185fe15eb620bb9b6e974d97aeb2d2c32e 100755
--- a/htdocs/fourn/commande/index.php
+++ b/htdocs/fourn/commande/index.php
@@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
// Security check
$orderid = GETPOST('orderid');
if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $orderid,'');
+$result = restrictedArea($user, 'fournisseur', $orderid, '', 'commande');
$langs->load("suppliers");
$langs->load("orders");
diff --git a/htdocs/fourn/commande/liste.php b/htdocs/fourn/commande/liste.php
index 3dd246b75df2e74fca94bd1b40b305350382943a..da493a8cd1715fb14c7480e3d7412b849e0d2102 100644
--- a/htdocs/fourn/commande/liste.php
+++ b/htdocs/fourn/commande/liste.php
@@ -43,7 +43,7 @@ $sortfield = GETPOST('sortfield','alpha');
// Security check
$orderid = GETPOST('orderid');
if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $orderid,'');
+$result = restrictedArea($user, 'fournisseur', $orderid, '', 'commande');
/*
diff --git a/htdocs/fourn/commande/note.php b/htdocs/fourn/commande/note.php
index 17a23ef990d8abcea4e8440e91601f879c8b4816..63cd69a89a070120daa079fc202b53d84afdb34b 100644
--- a/htdocs/fourn/commande/note.php
+++ b/htdocs/fourn/commande/note.php
@@ -39,7 +39,7 @@ $action = GETPOST('action');
// Security check
if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'commande_fournisseur', $id,'');
+$result = restrictedArea($user, 'fournisseur', $id, '', 'commande');
$object = new CommandeFournisseur($db);
$object->fetch($id, $ref);