diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 861c46328dfc1..f65898bda6812 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -124,6 +124,9 @@ if ($cancel) $action = ''; +$usercanread = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->lire) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->lire)); +$usercancreate = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); +$usercandelete = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->supprimer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->supprimer)); $createbarcode=empty($conf->barcode->enabled)?0:1; if (! empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->barcode->creer_advance)) $createbarcode=0; @@ -134,7 +137,7 @@ if (empty($reshook)) { // Type - if ($action == 'setfk_product_type' && $user->rights->produit->creer) + if ($action == 'setfk_product_type' && $usercancreate) { $result = $object->setValueFrom('fk_product_type', GETPOST('fk_product_type'), '', null, 'text', '', $user, 'PRODUCT_MODIFY'); header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id); @@ -143,7 +146,7 @@ // Actions to build doc $upload_dir = $conf->produit->dir_output; - $permissioncreate = $user->rights->produit->creer; + $permissioncreate = $usercancreate; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; include DOL_DOCUMENT_ROOT.'/core/actions_printing.inc.php'; @@ -181,7 +184,7 @@ } // Add a product or service - if ($action == 'add' && ($user->rights->produit->creer || $user->rights->service->creer)) + if ($action == 'add' && $usercancreate) { $error=0; @@ -360,7 +363,7 @@ } // Update a product or service - if ($action == 'update' && ($user->rights->produit->creer || $user->rights->service->creer)) + if ($action == 'update' && $usercancreate) { if (GETPOST('cancel','alpha')) { @@ -477,7 +480,7 @@ // Action clone object if ($action == 'confirm_clone' && $confirm != 'yes') { $action=''; } - if ($action == 'confirm_clone' && $confirm == 'yes' && ($user->rights->produit->creer || $user->rights->service->creer)) + if ($action == 'confirm_clone' && $confirm == 'yes' && $usercancreate) { if (! GETPOST('clone_content') && ! GETPOST('clone_prices') ) { @@ -565,12 +568,9 @@ // Delete a product if ($action == 'confirm_delete' && $confirm != 'yes') { $action=''; } - if ($action == 'confirm_delete' && $confirm == 'yes') - { - if (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->supprimer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->supprimer)) - { - $result = $object->delete($user); - } + if ($action == 'confirm_delete' && $confirm == 'yes' && $usercandelete) + { + $result = $object->delete($user); if ($result > 0) { @@ -887,7 +887,7 @@ // ----------------------------------------- // When used in standard mode // ----------------------------------------- - if ($action == 'create' && ($user->rights->produit->creer || $user->rights->service->creer)) + if ($action == 'create' && $usercancreate) { //WYSIWYG Editor require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; @@ -1240,7 +1240,7 @@ else if ($object->id > 0) { // Fiche en mode edition - if ($action == 'edit' && ((($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)))) + if ($action == 'edit' && $usercancreate) { //WYSIWYG Editor require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; @@ -1588,15 +1588,15 @@ print '
'; print ''; - // Type - if (! empty($conf->produit->enabled) && ! empty($conf->service->enabled)) - { - // TODO change for compatibility with edit in place - $typeformat='select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); - print ''; - } + // Type + if (! empty($conf->produit->enabled) && ! empty($conf->service->enabled)) + { + // TODO change for compatibility with edit in place + $typeformat='select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); + print ''; + } if ($showbarcode) { @@ -1605,7 +1605,7 @@ print '
'.$form->editfieldkey("Type",'fk_product_type',$object->type,$object,$user->rights->produit->creer||$user->rights->service->creer,$typeformat).''; - print $form->editfieldval("Type",'fk_product_type',$object->type,$object,$user->rights->produit->creer||$user->rights->service->creer,$typeformat); - print '
'.$form->editfieldkey("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat).''; + print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat); + print '
'; - if (($action != 'editbarcodetype') && ! empty($user->rights->produit->creer) && $createbarcode) print ''; + if (($action != 'editbarcodetype') && $usercancreate && $createbarcode) print ''; print '
'; print $langs->trans("BarcodeType"); print 'id.'">'.img_edit($langs->trans('Edit'),1).'id.'">'.img_edit($langs->trans('Edit'),1).'
'; print ''; if ($action == 'editbarcodetype' || $action == 'editbarcode') @@ -1629,7 +1629,7 @@ print ''; - if (($action != 'editbarcode') && ! empty($user->rights->produit->creer) && $createbarcode) print ''; + if (($action != 'editbarcode') && $usercancreate && $createbarcode) print ''; print '
'; print $langs->trans("BarcodeValue"); print 'id.'">'.img_edit($langs->trans('Edit'),1).'id.'">'.img_edit($langs->trans('Edit'),1).'
'; print ''; if ($action == 'editbarcode') @@ -1741,7 +1741,7 @@ // Batch number management (to batch) if (! empty($conf->productbatch->enabled)) { print ''.$langs->trans("ManageLotSerial").''; - if (! empty($conf->use_javascript_ajax) && $user->rights->produit->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { + if (! empty($conf->use_javascript_ajax) && $usercancreate && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { print ajax_object_onoff($object, 'status_batch', 'tobatch', 'ProductStatusOnBatch', 'ProductStatusNotOnBatch'); } else { print $object->getLibStatut(0,2); @@ -1974,9 +1974,8 @@ $parameters=array(); $reshook=$hookmanager->executeHooks('addMoreActionsButtons',$parameters,$object,$action); // Note that $action and $object may have been modified by hook if (empty($reshook)) - { - if (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer ) || - ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)) + { + if ($usercancreate) { if (! isset($object->no_button_edit) || $object->no_button_edit <> 1) print '
id.'">'.$langs->trans("Modify").'
'; @@ -1994,8 +1993,7 @@ } $object_is_used = $object->isObjectUsed($object->id); - if (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->supprimer) - || ($object->type == Product::TYPE_SERVICE && $user->rights->service->supprimer)) + if ($usercandelete) { if (empty($object_is_used) && (! isset($object->no_button_delete) || $object->no_button_delete <> 1)) { @@ -2151,8 +2149,8 @@ $relativepath = $comref . '/' . $objectref . '.pdf'; $filedir = $conf->produit->dir_output . '/' . $objectref; $urlsource=$_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed=$user->rights->produit->lire; - $delallowed=$user->rights->produit->creer; + $genallowed=$usercanread; + $delallowed=$usercancreate; $var=true;