Skip to content

Commit

Permalink
Merge branch '8.0' of git@github.com:Dolibarr/dolibarr.git into 9.0
Browse files Browse the repository at this point in the history 
Conflicts:
	htdocs/holiday/card.php
  • Loading branch information
@eldy
eldy committed Jun 23, 2019
2 parents c725db1 + b153019 commit 0854984
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 10 deletions.
14 changes: 13 additions & 1 deletion htdocs/expensereport/card.php
View file
Expand Up @@ -62,6 +62,8 @@
$fk_c_type_fees=GETPOST('fk_c_type_fees','int');
$socid = GETPOST('socid','int')?GETPOST('socid','int'):GETPOST('socid_id','int');

$childids = $user->getAllChildIds(1);

// Security check
$id=GETPOST("id",'int');
if ($user->societe_id) $socid=$user->societe_id;
Expand Down Expand Up @@ -105,7 +107,17 @@
$permissiondellink = $user->rights->expensereport->creer; // Used by the include of actions_dellink.inc.php
$permissionedit = $user->rights->expensereport->creer; // Used by the include of actions_lineupdown.inc.php


if ($object->id > 0)
{
// Check current user can read this expense report
$canread = 0;
if (! empty($user->rights->expensereport->readall)) $canread=1;
if (! empty($user->rights->expensereport->lire) && in_array($object->fk_user_author, $childids)) $canread=1;
if (! $canread)
{
accessforbidden();
}
}


/*
Expand Down
27 changes: 18 additions & 9 deletions htdocs/holiday/card.php
View file
Expand Up @@ -66,6 +66,22 @@

$error = 0;

$object = new Holiday($db);
if ($id > 0)
{
$object->fetch($id);

// Check current user can read this leave request
$canread = 0;
if (! empty($user->rights->holiday->read_all)) $canread=1;
if (! empty($user->rights->holiday->read) && in_array($object->fk_user, $childids)) $canread=1;
if (! $canread)
{
accessforbidden();
}
}


/*
* Actions
*/
Expand All @@ -78,7 +94,6 @@
// If create a request
if ($action == 'create')
{
$object = new Holiday($db);

// If no right to create a request
if (! $cancreate)
Expand All @@ -90,6 +105,8 @@

if (! $error)
{
$object = new Holiday($db);

$db->begin();

$date_debut = dol_mktime(0, 0, 0, GETPOST('date_debut_month'), GETPOST('date_debut_day'), GETPOST('date_debut_year'));
Expand Down Expand Up @@ -199,7 +216,6 @@

if ($action == 'update' && GETPOSTISSET('savevalidator') && ! empty($user->rights->holiday->approve))
{
$object = new Holiday($db);
$object->fetch($id);

$object->oldcopy = dol_clone($object);
Expand Down Expand Up @@ -245,7 +261,6 @@
exit;
}

$object = new Holiday($db);
$object->fetch($id);

// If under validation
Expand Down Expand Up @@ -329,7 +344,6 @@

$db->begin();

$object = new Holiday($db);
$object->fetch($id);

// If this is a rough draft, approved, canceled or refused
Expand Down Expand Up @@ -363,7 +377,6 @@
// Action validate (+ send email for approval)
if ($action == 'confirm_send')
{
$object = new Holiday($db);
$object->fetch($id);

// Si brouillon et créateur
Expand Down Expand Up @@ -468,7 +481,6 @@
// Approve leave request
if ($action == 'confirm_valid')
{
$object = new Holiday($db);
$object->fetch($id);

// Si statut en attente de validation et valideur = utilisateur
Expand Down Expand Up @@ -582,7 +594,6 @@
{
if (! empty($_POST['detail_refuse']))
{
$object = new Holiday($db);
$object->fetch($id);

// Si statut en attente de validation et valideur = utilisateur
Expand Down Expand Up @@ -682,7 +693,6 @@
{
$error = 0;

$object = new Holiday($db);
$object->fetch($id);

$oldstatus = $object->statut;
Expand Down Expand Up @@ -713,7 +723,6 @@
{
$error = 0;

$object = new Holiday($db);
$object->fetch($id);

// Si statut en attente de validation et valideur = valideur ou utilisateur, ou droits de faire pour les autres
Expand Down

0 comments on commit 0854984

Please sign in to comment.