From ae4c2dc469f1662031ef04ea735e3bafb4acdfd1 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Sun, 4 May 2008 16:09:54 +0000
Subject: [PATCH] =?UTF-8?q?Fix:=20ajout=20des=20droits=20d'acc=E8s=20sur?=
 =?UTF-8?q?=20les=20documents=20Todo:=20pr=E9voir=20un=20droit=20de=20supp?=
 =?UTF-8?q?ression=20des=20documents?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/ecm/docmine.php | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/htdocs/ecm/docmine.php b/htdocs/ecm/docmine.php
index 89427dcb461..eb6389860fe 100644
--- a/htdocs/ecm/docmine.php
+++ b/htdocs/ecm/docmine.php
@@ -95,13 +95,13 @@ if ( $_POST["sendit"] && $conf->upload != 0)
   if (is_dir($upload_dir))
   {
   	$result = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0);
-  	if ($result == 1)
+  	if ($result > 0)
   	{
     	//$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
     	//print_r($_FILES);
     	$result=$ecmdir->changeNbOfFiles('+');
     }
-    else if (!$result)
+    else if ($result < 0)
     {
     	// Echec transfert (fichier depassant la limite ?)
     	$mesg = '<div class="error">'.$langs->trans("ErrorFileNotUploaded").'</div>';
@@ -292,17 +292,21 @@ if ($_GET['action'] == 'delete_dir')
 	print '<br>';
 }
 
-
-// Affiche formulaire upload
 $formfile=new FormFile($db);
-$formfile->form_attach_new_file(DOL_URL_ROOT.'/ecm/docmine.php','',0,$section);
 
+// Affiche formulaire upload
+if ($user->rights->ecm->create)
+{
+	$formfile->form_attach_new_file(DOL_URL_ROOT.'/ecm/docmine.php','',0,$section);
+}
 
 // List of document
-$param='&amp;section='.$section;
-$formfile->list_of_documents($filearray,'','ecm',$param,1,$relativepath);
-
-
+// TODO: prevoir un droit sur la suppression des documents
+if ($user->rights->ecm->read)
+{
+	$param='&amp;section='.$section;
+	$formfile->list_of_documents($filearray,'','ecm',$param,1,$relativepath);
+}
 
 // End of page
 $db->close();
-- 
GitLab