From 74f0ae5bbb8a3a8660b7e6fbfff50605153d42e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?=
<marcosgdf@gmail.com>
Date: Sun, 9 Apr 2017 14:09:33 +0200
Subject: [PATCH] FIX #6623 User card shows "Return to list" link even if the
user has no rights to list users
Close #6623
---
htdocs/user/agenda_extsites.php | 6 +++++-
htdocs/user/bank.php | 6 +++++-
htdocs/user/card.php | 6 +++++-
htdocs/user/clicktodial.php | 6 +++++-
htdocs/user/document.php | 6 +++++-
htdocs/user/info.php | 6 +++++-
htdocs/user/ldap.php | 6 +++++-
htdocs/user/note.php | 6 +++++-
htdocs/user/param_ihm.php | 8 ++++++--
htdocs/user/perms.php | 6 +++++-
10 files changed, 51 insertions(+), 11 deletions(-)
diff --git a/htdocs/user/agenda_extsites.php b/htdocs/user/agenda_extsites.php
index 823f5ad307e..52f67aaac0c 100644
--- a/htdocs/user/agenda_extsites.php
+++ b/htdocs/user/agenda_extsites.php
@@ -153,7 +153,11 @@ $head=user_prepare_head($object);
dol_fiche_head($head, 'extsites', $langs->trans("User"), 0, 'user');
-$linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+$linkback = '';
+
+if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+}
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php
index 951c3a6ef7e..f8ff1aab18b 100644
--- a/htdocs/user/bank.php
+++ b/htdocs/user/bank.php
@@ -133,7 +133,11 @@ if ($id && $action != 'edit')
$title = $langs->trans("User");
dol_fiche_head($head, 'bank', $title, 0, 'user');
- $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ $linkback = '';
+
+ if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ }
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/card.php b/htdocs/user/card.php
index 1728b0b170b..a225edc1873 100644
--- a/htdocs/user/card.php
+++ b/htdocs/user/card.php
@@ -1183,7 +1183,11 @@ else
else
{
$title = $langs->trans("User");
- $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ $linkback = '';
+
+ if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ }
}
$head = user_prepare_head($object);
diff --git a/htdocs/user/clicktodial.php b/htdocs/user/clicktodial.php
index cb1e9f875aa..159cf038a01 100644
--- a/htdocs/user/clicktodial.php
+++ b/htdocs/user/clicktodial.php
@@ -98,7 +98,11 @@ if ($id > 0)
dol_fiche_head($head, 'clicktodial', $title, 0, 'user');
- $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ $linkback = '';
+
+ if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ }
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/document.php b/htdocs/user/document.php
index 36338f03e10..b77cc400e56 100644
--- a/htdocs/user/document.php
+++ b/htdocs/user/document.php
@@ -129,7 +129,11 @@ if ($object->id)
dol_fiche_head($head, 'document', $langs->trans("User"),0,'user');
- $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ $linkback = '';
+
+ if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ }
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/info.php b/htdocs/user/info.php
index 1d10875b3eb..4b5ea6506c3 100644
--- a/htdocs/user/info.php
+++ b/htdocs/user/info.php
@@ -67,7 +67,11 @@ $title = $langs->trans("User");
dol_fiche_head($head, 'info', $title, 0, 'user');
-$linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+$linkback = '';
+
+if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+}
dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/ldap.php b/htdocs/user/ldap.php
index 1da5911861c..0f0cc6b4ed7 100644
--- a/htdocs/user/ldap.php
+++ b/htdocs/user/ldap.php
@@ -96,7 +96,11 @@ $head = user_prepare_head($object);
$title = $langs->trans("User");
dol_fiche_head($head, 'ldap', $title, 0, 'user');
-$linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+$linkback = '';
+
+if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+}
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/note.php b/htdocs/user/note.php
index ccd7eb153a4..4fc274208d7 100644
--- a/htdocs/user/note.php
+++ b/htdocs/user/note.php
@@ -89,7 +89,11 @@ if ($id)
$title = $langs->trans("User");
dol_fiche_head($head, 'note', $title, 0, 'user');
- $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ $linkback = '';
+
+ if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ }
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/param_ihm.php b/htdocs/user/param_ihm.php
index 4d254349a7d..f71934be80f 100644
--- a/htdocs/user/param_ihm.php
+++ b/htdocs/user/param_ihm.php
@@ -161,8 +161,12 @@ if ($action == 'edit')
if ($action == 'edit')
{
dol_fiche_head($head, 'guisetup', $title, 0, 'user');
-
- $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+
+ $linkback = '';
+
+ if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+ }
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php
index 3240ae2d5ec..3dd6e329380 100644
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -257,7 +257,11 @@ else
* Ecran ajout/suppression permission
*/
-$linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+$linkback = '';
+
+if ($user->rights->user->user->lire || $user->admin) {
+ $linkback = '<a href="'.DOL_URL_ROOT.'/user/index.php">'.$langs->trans("BackToList").'</a>';
+}
dol_banner_tab($object,'id',$linkback,$user->rights->user->user->lire || $user->admin);
--
GitLab