From 34409e8a4dd465556208488dec2be2b8ca8ebe15 Mon Sep 17 00:00:00 2001 From: vmaury Date: Sat, 11 Jan 2025 07:33:08 +0100 Subject: [PATCH 1/4] Fix 31370 Pb with external account --- htdocs/comm/propal/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 59bea619be2b5..4a5a5e69795ee 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -286,7 +286,7 @@ } }*/ -if (!$user->hasRight('societe', 'client', 'voir')) { +if ($socid == 0 && !$user->hasRight('societe', 'client', 'voir')) { // add VMA $search_sale = $user->id; } From 40e22cc40eeb811fad95c1949e8eb85b5e505e92 Mon Sep 17 00:00:00 2001 From: vmaury Date: Sat, 11 Jan 2025 12:31:35 +0100 Subject: [PATCH 2/4] Fix 31370 Pb with external account --- htdocs/comm/propal/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 4a5a5e69795ee..96f5da1ce5f88 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -286,7 +286,7 @@ } }*/ -if ($socid == 0 && !$user->hasRight('societe', 'client', 'voir')) { // add VMA +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } From cf0c04c6ee870b36ff82f3e2ed4f00d225286a92 Mon Sep 17 00:00:00 2001 From: vmaury Date: Mon, 13 Jan 2025 11:58:16 +0100 Subject: [PATCH 3/4] Fix 31370 Pb with external account --- htdocs/comm/index.php | 46 +++++++++---------- htdocs/comm/propal/class/propal.class.php | 6 +-- .../comm/propal/class/propalestats.class.php | 12 ++--- htdocs/commande/class/commande.class.php | 10 ++-- htdocs/commande/class/commandestats.class.php | 12 ++--- htdocs/commande/index.php | 16 +++---- htdocs/commande/list.php | 5 +- htdocs/compta/facture/class/facture.class.php | 6 +-- .../facture/class/facturestats.class.php | 14 +++--- htdocs/compta/facture/list.php | 8 ++-- htdocs/compta/index.php | 6 +-- htdocs/contrat/class/contrat.class.php | 6 +-- htdocs/contrat/list.php | 4 +- htdocs/core/boxes/box_actions.php | 4 +- htdocs/core/boxes/box_actions_future.php | 4 +- htdocs/core/boxes/box_activity.php | 12 ++--- htdocs/core/boxes/box_clients.php | 4 +- htdocs/core/boxes/box_commandes.php | 4 +- htdocs/core/boxes/box_contacts.php | 4 +- htdocs/core/boxes/box_contracts.php | 4 +- ...box_customers_outstanding_bill_reached.php | 4 +- htdocs/core/boxes/box_factures.php | 4 +- htdocs/core/boxes/box_factures_fourn.php | 4 +- htdocs/core/boxes/box_factures_fourn_imp.php | 4 +- htdocs/core/boxes/box_factures_imp.php | 4 +- htdocs/core/boxes/box_ficheinter.php | 4 +- htdocs/core/boxes/box_fournisseurs.php | 4 +- .../boxes/box_graph_propales_permonth.php | 2 +- htdocs/core/boxes/box_propales.php | 4 +- htdocs/core/boxes/box_prospect.php | 4 +- htdocs/core/boxes/box_services_contracts.php | 2 +- htdocs/core/boxes/box_services_expired.php | 4 +- htdocs/core/boxes/box_shipments.php | 4 +- htdocs/core/boxes/box_supplier_orders.php | 4 +- ...box_supplier_orders_awaiting_reception.php | 4 +- htdocs/core/lib/invoice.lib.php | 36 ++++++++------- htdocs/core/lib/order.lib.php | 6 +-- htdocs/core/lib/propal.lib.php | 8 ++-- .../fichinter/class/fichinterstats.class.php | 10 ++-- htdocs/fichinter/list.php | 2 +- .../class/fournisseur.commande.class.php | 4 +- .../fourn/class/fournisseur.facture.class.php | 4 +- .../class/supplier_proposal.class.php | 8 ++-- htdocs/ticket/class/ticket.class.php | 6 +-- 44 files changed, 165 insertions(+), 162 deletions(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 01c96b952f2fd..c45c7cb0fe6e6 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -140,13 +140,13 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_DRAFT; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -239,13 +239,13 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($supplierproposalstatic->element).")"; $sql .= " AND p.fk_statut = ".SupplierProposal::STATUS_DRAFT; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -336,13 +336,13 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_statut = ".Commande::STATUS_DRAFT; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -436,13 +436,13 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as cf,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cf.entity IN (".getEntity($supplierorderstatic->element).")"; $sql .= " AND cf.fk_statut = ".CommandeFournisseur::STATUS_DRAFT; $sql .= " AND cf.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -534,7 +534,7 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."fichinter as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; @@ -543,7 +543,7 @@ if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -617,12 +617,12 @@ $sql .= ", s.canvas"; $sql .= ", s.datec, s.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.client IN (".Societe::CUSTOMER.", ".Societe::PROSPECT.", ".Societe::CUSTOMER_AND_PROSPECT.")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks @@ -725,7 +725,7 @@ $sql .= " AND c.fk_soc = s.rowid"; // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -820,7 +820,7 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -829,7 +829,7 @@ if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -908,12 +908,12 @@ $sql .= ", s.canvas"; $sql .= ", s.datec as dc, s.tms as dm"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($companystatic->element).")"; $sql .= " AND s.fournisseur = ".Societe::SUPPLIER; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks @@ -1023,13 +1023,13 @@ $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."product as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($staticcontrat->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_product = p.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1098,13 +1098,13 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.fk_statut = ".Propal::STATUS_VALIDATED; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1217,13 +1217,13 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity($orderstatic->element).")"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.fk_statut IN (".Commande::STATUS_VALIDATED.", ".Commande::STATUS_SHIPMENTONPROCESS.")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index a27eca21f1866..44fd80ca8b795 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -2861,7 +2861,7 @@ public function liste_array($shortlist = 0, $draft = 0, $notcurrentuser = 0, $so // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -3384,7 +3384,7 @@ public function load_board($user, $mode) } // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -3561,7 +3561,7 @@ public function loadStateBoard() // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative diff --git a/htdocs/comm/propal/class/propalestats.class.php b/htdocs/comm/propal/class/propalestats.class.php index 5321886f0fb8f..ace66cd25bd80 100644 --- a/htdocs/comm/propal/class/propalestats.class.php +++ b/htdocs/comm/propal/class/propalestats.class.php @@ -122,7 +122,7 @@ public function getNbByMonth($year, $format = 0) $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -147,7 +147,7 @@ public function getNbByYear() $sql = "SELECT date_format(".$this->field_date.",'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -171,7 +171,7 @@ public function getAmountByMonth($year, $format = 0) $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, SUM(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -196,7 +196,7 @@ public function getAverageByMonth($year) $sql = "SELECT date_format(".$this->field_date.",'%m') as dm, AVG(p.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -219,7 +219,7 @@ public function getAllByYear() $sql = "SELECT date_format(".$this->field_date.",'%Y') as year, COUNT(*) as nb, SUM(".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -247,7 +247,7 @@ public function getAllByProduct($year, $limit = 10) $sql .= " FROM ".$this->from; $sql .= " INNER JOIN ".$this->from_line." ON p.rowid = tl.fk_propal"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."product as product ON tl.fk_product = product.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index 2ac0d52671a65..70a7656fa0b73 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -2715,16 +2715,16 @@ public function liste_array($shortlist = 0, $draft = 0, $excluser = null, $socid $sql = "SELECT s.rowid, s.nom as name, s.client,"; $sql .= " c.rowid as cid, c.ref"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", sc.fk_soc, sc.fk_user"; } $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -3551,7 +3551,7 @@ public function load_board($user, $mode) $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.date_livraison as delivery_date, c.fk_statut, c.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -4059,7 +4059,7 @@ public function loadStateBoard() $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as co"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON co.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/commande/class/commandestats.class.php b/htdocs/commande/class/commandestats.class.php index f9f49ef7ada2d..332bddd16988a 100644 --- a/htdocs/commande/class/commandestats.class.php +++ b/htdocs/commande/class/commandestats.class.php @@ -123,7 +123,7 @@ public function getNbByMonth($year, $format = 0) $sql = "SELECT date_format(c.date_commande,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -148,7 +148,7 @@ public function getNbByYear() $sql = "SELECT date_format(c.date_commande,'%Y') as dm, COUNT(*) as nb, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -172,7 +172,7 @@ public function getAmountByMonth($year, $format = 0) $sql = "SELECT date_format(c.date_commande,'%m') as dm, SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -197,7 +197,7 @@ public function getAverageByMonth($year) $sql = "SELECT date_format(c.date_commande,'%m') as dm, AVG(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -220,7 +220,7 @@ public function getAllByYear() $sql = "SELECT date_format(c.date_commande,'%Y') as year, COUNT(*) as nb, SUM(c.".$this->field.") as total, AVG(".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; @@ -246,7 +246,7 @@ public function getAllByProduct($year, $limit = 10) $sql .= " FROM ".$this->from; $sql .= " INNER JOIN ".$this->from_line." ON c.rowid = tl.fk_commande"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."product as product ON tl.fk_product = product.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= $this->join; diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index 61be815d34d4b..ff9d1a3a6e22b 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -98,7 +98,7 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -107,7 +107,7 @@ if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -164,7 +164,7 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -173,7 +173,7 @@ if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.tms DESC"; @@ -250,7 +250,7 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -259,7 +259,7 @@ if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; @@ -339,7 +339,7 @@ $sql .= ", s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -348,7 +348,7 @@ if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY c.rowid DESC"; diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 3db787bbcc23b..b60cb2e58fe7a 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -906,9 +906,8 @@ if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); } - // Restriction on sale representative -if (!$permissiontoreadallthirdparty) { +if (empty($user->socid) && !$permissiontoreadallthirdparty) { $sql .= " AND (EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id).")"; if (getDolGlobalInt('MAIN_SEE_SUBORDINATES') && $userschilds) { $sql .= " OR EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = c.fk_soc AND sc.fk_user IN (".$db->sanitize(implode(',', $userschilds))."))"; @@ -1619,7 +1618,7 @@ // Thirpdarty if (!empty($arrayfields['s.nom']['checked'])) { print ''; - print ''; + print 'socid) ? " disabled" : "").'>'; print ''; } // Alias diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 375a9eb087a9f..76ca915f9a805 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -4753,7 +4753,7 @@ public function liste_array($shortlist = 0, $draft = 0, $excluser = null, $socid } // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -4946,7 +4946,7 @@ public function load_board($user) $sql = "SELECT f.rowid, f.date_lim_reglement as datefin, f.fk_statut as status, f.total_ht"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON f.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -5194,7 +5194,7 @@ public function loadStateBoard() $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/compta/facture/class/facturestats.class.php b/htdocs/compta/facture/class/facturestats.class.php index 6476235c9b222..0a02a2294c669 100644 --- a/htdocs/compta/facture/class/facturestats.class.php +++ b/htdocs/compta/facture/class/facturestats.class.php @@ -136,7 +136,7 @@ public function getNbByMonth($year, $format = 0) $sql = "SELECT date_format(f.datef,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -162,7 +162,7 @@ public function getNbByYear() $sql = "SELECT date_format(f.datef,'%Y') as dm, COUNT(*), SUM(c.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -187,7 +187,7 @@ public function getAmountByMonth($year, $format = 0) $sql = "SELECT date_format(datef,'%m') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -213,7 +213,7 @@ public function getAverageByMonth($year) $sql = "SELECT date_format(datef,'%m') as dm, AVG(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -236,7 +236,7 @@ public function getAllByYear() $sql = "SELECT date_format(datef,'%Y') as year, COUNT(*) as nb, SUM(f.".$this->field.") as total, AVG(f.".$this->field.") as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -260,7 +260,7 @@ public function getAllByProduct($year, $limit = 10) $sql = "SELECT product.ref, COUNT(product.ref) as nb, SUM(tl.".$this->field_line.") as total, AVG(tl.".$this->field_line.") as avg"; $sql .= " FROM ".$this->from.", ".$this->from_line.", ".MAIN_DB_PREFIX."product as product"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; @@ -288,7 +288,7 @@ public function getAmountByYear($numberYears, $format = 0) $startYear = $endYear - $numberYears; $sql = "SELECT date_format(datef,'%Y') as dm, SUM(f.".$this->field.")"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= $this->join; diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 29225c9e178d7..fde549cc967f1 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -304,15 +304,15 @@ $arrayfields = dol_sort_array($arrayfields, 'position'); '@phan-var-force array,position?:int,help?:string}> $arrayfields'; // dol_sort_array looses type for Phan -if (!$user->hasRight('societe', 'client', 'voir')) { - $search_sale = $user->id; -} - // Security check $fieldid = (!empty($ref) ? 'ref' : 'rowid'); if (!empty($user->socid)) { $socid = $user->socid; } +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { + $search_sale = $user->id; +} + $result = restrictedArea($user, 'facture', $id, '', '', 'fk_soc', $fieldid); diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index 9968411c62ed4..a238b4f6a2b51 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -153,7 +153,7 @@ $sql .= " AND f.fk_soc = ".((int) $socid); } // Filter on sale representative - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = f.fk_soc AND sc.fk_user = ".((int) $user->id).")"; } // Add where from hooks @@ -304,7 +304,7 @@ $sql .= " AND ff.fk_soc = ".((int) $socid); } // Filter on sale representative - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = ff.fk_soc AND sc.fk_user = ".((int) $user->id).")"; } // Add where from hooks @@ -624,7 +624,7 @@ $sql .= " AND c.fk_statut = ".((int) Commande::STATUS_CLOSED); $sql .= " AND c.facture = 0"; // Filter on sale representative - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = c.fk_soc AND sc.fk_user = ".((int) $user->id).")"; } diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 633034c27f447..8bf66f9fe2e3c 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -2279,7 +2279,7 @@ public function load_board($user, $mode) $this->from = " FROM ".MAIN_DB_PREFIX."contrat as c"; $this->from .= ", ".MAIN_DB_PREFIX."contratdet as cd"; $this->from .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $this->from .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } @@ -2310,7 +2310,7 @@ public function load_board($user, $mode) if ($user->socid) { $sql .= " AND c.fk_soc = ".((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -2376,7 +2376,7 @@ public function loadStateBoard() $sql = "SELECT count(c.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index bc5af2196674f..09d8e040b2644 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -200,7 +200,7 @@ $arrayfields = dol_sort_array($arrayfields, 'position'); '@phan-var-force array,position?:int,help?:string}> $arrayfields'; // dol_sort_array looses type for Phan -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -875,7 +875,7 @@ } if (!empty($arrayfields['s.nom']['checked'])) { print ''; - print ''; + print 'socid > 0 ? " disabled" : "").'>'; print ''; } if (!empty($arrayfields['s.email']['checked'])) { diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 633914ce74bf3..1cd2a57f3dc9d 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -83,14 +83,14 @@ public function loadBox($max = 5) $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, ".MAIN_DB_PREFIX."actioncomm AS a"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE a.fk_action = ta.id"; $sql .= " AND a.entity IN (".getEntity('actioncomm').")"; $sql .= " AND a.percent >= 0 AND a.percent < 100"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { diff --git a/htdocs/core/boxes/box_actions_future.php b/htdocs/core/boxes/box_actions_future.php index 6a202bd9f2b08..e9d8841fcc917 100644 --- a/htdocs/core/boxes/box_actions_future.php +++ b/htdocs/core/boxes/box_actions_future.php @@ -85,14 +85,14 @@ public function loadBox($max = 5) $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."c_actioncomm AS ta, ".MAIN_DB_PREFIX."actioncomm AS a"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON a.fk_soc = sc.fk_soc"; } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON a.fk_soc = s.rowid"; $sql .= " WHERE a.fk_action = ta.id"; $sql .= " AND a.entity IN (".getEntity('actioncomm').")"; //$sql .= " AND a.percent >= 0 AND a.percent < 100"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND (a.fk_soc IS NULL OR sc.fk_user = ".((int) $user->id).")"; } if ($user->socid) { diff --git a/htdocs/core/boxes/box_activity.php b/htdocs/core/boxes/box_activity.php index 88571ed872b4e..3c8d2ce6a83fa 100644 --- a/htdocs/core/boxes/box_activity.php +++ b/htdocs/core/boxes/box_activity.php @@ -104,13 +104,13 @@ public function loadBox($max = 5) $sql = "SELECT p.fk_statut, SUM(p.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."propal as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE p.entity IN (".getEntity('propal').")"; $sql .= " AND p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -193,13 +193,13 @@ public function loadBox($max = 5) $sql = "SELECT c.fk_statut, sum(c.total_ttc) as Mnttot, count(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { @@ -278,12 +278,12 @@ public function loadBox($max = 5) $data = array(); $sql = "SELECT f.fk_statut, SUM(f.total_ttc) as Mnttot, COUNT(*) as nb"; $sql .= " FROM (".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ")"; $sql .= " WHERE f.entity IN (".getEntity('invoice').')'; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 7201ec1da11eb..a8d706fdb63cb 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -85,12 +85,12 @@ public function loadBox($max = 5) $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index d7a87dacbfab8..bbb226fcf0343 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -92,7 +92,7 @@ public function loadBox($max = 5) $sql .= ", c.total_tva"; $sql .= ", c.total_ttc"; $sql .= " FROM ".MAIN_DB_PREFIX."commande as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -100,7 +100,7 @@ public function loadBox($max = 5) if (getDolGlobalString('ORDER_BOX_LAST_ORDERS_VALIDATED_ONLY')) { $sql .= " AND c.fk_statut = 1"; } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index b9be887b2edfe..0d5f91eb35f12 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -98,11 +98,11 @@ public function loadBox($max = 5) if (getDolGlobalString('MAIN_COMPANY_PERENTITY_SHARED')) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE sp.entity IN (".getEntity('contact').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND ((sp.fk_user_creat = ".((int) $user->id)." AND sp.priv = 1) OR sp.priv = 0)"; // check if this is a private contact diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index 2f32b170066fb..2653acb63a16a 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -77,12 +77,12 @@ public function loadBox($max = 5) $sql .= " c.rowid, c.ref, c.statut as fk_statut, c.date_contrat, c.datec, c.tms as date_modification, c.fin_validite, c.date_cloture,"; $sql .= " c.ref_customer, c.ref_supplier"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php index 3aaf3082ae3b0..57237f6a3187c 100644 --- a/htdocs/core/boxes/box_customers_outstanding_bill_reached.php +++ b/htdocs/core/boxes/box_customers_outstanding_bill_reached.php @@ -84,12 +84,12 @@ public function loadBox($max = 5) $sql .= ", s.outstanding_limit"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (1, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index 3e8de6c90e861..8a4f99ffb1cf7 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -93,12 +93,12 @@ public function loadBox($max = 5) $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid = pf.fk_facture,"; $sql .= " ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index cfaeddc5b0f48..4e874faa4eb41 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -91,12 +91,12 @@ public function loadBox($max = 5) $sql .= ', f.date_lim_reglement as datelimite, f.tms, f.type'; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."facture_fourn as f"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index c75418ae958e3..24cecd0024a54 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -93,14 +93,14 @@ public function loadBox($max = 5) $sql2 = " FROM ".MAIN_DB_PREFIX."societe as s"; $sql2 .= ",".MAIN_DB_PREFIX."facture_fourn as f"; $sql2 .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf ON f.rowid = pf.fk_facturefourn"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql2 .= " WHERE f.fk_soc = s.rowid"; $sql2 .= " AND f.entity IN (".getEntity('supplier_invoice').")"; $sql2 .= " AND f.paye = 0"; $sql2 .= " AND fk_statut = 1"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index 6cfb76505470e..8f52032b74281 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -102,7 +102,7 @@ public function loadBox($max = 5) if (getDolGlobalString('MAIN_COMPANY_PERENTITY_SHARED')) { $sql2 .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql2 .= ", ".MAIN_DB_PREFIX."facture as f"; @@ -111,7 +111,7 @@ public function loadBox($max = 5) $sql2 .= " AND f.entity IN (".getEntity('invoice').")"; $sql2 .= " AND f.paye = 0"; $sql2 .= " AND fk_statut = 1"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql2 .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index 636c2b6eb2a31..7da9d06d35063 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -80,13 +80,13 @@ public function loadBox($max = 10) $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.logo, s.email, s.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."fichinter as f"; $sql .= " WHERE f.fk_soc = s.rowid "; $sql .= " AND f.entity = ".$conf->entity; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index ee5ae31472f97..b54c5d7074aec 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -78,12 +78,12 @@ public function loadBox($max = 5) $sql .= ", s.logo, s.email, s.entity"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.fournisseur = 1"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index e153e4bbe9203..0597d7ec8ded9 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -93,7 +93,7 @@ public function loadBox($max = 5) if ($user->socid) { $socid = $user->socid; } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $prefix .= 'private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user } diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index 9922fc1e8816d..3b2b4370237ac 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -81,12 +81,12 @@ public function loadBox($max = 5) $sql .= ", s.logo, s.email, s.entity"; $sql .= ", p.rowid, p.ref, p.fk_statut as status, p.datep as dp, p.datec, p.fin_validite, p.date_cloture, p.total_ht, p.total_tva, p.total_ttc, p.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index aa4725935ab95..159c9bca94620 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -86,12 +86,12 @@ public function loadBox($max = 5) $sql .= ", s.fk_stcomm"; $sql .= ", s.datec, s.tms, s.status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.client IN (2, 3)"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } // Add where from hooks diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index 6a9dd91c55ad3..21259696bfbf1 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -86,7 +86,7 @@ public function loadBox($max = 5) $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contrat as c ON s.rowid = c.fk_soc"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= ")"; diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index e2dea31cd4a8b..0e6b66add1b72 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -74,7 +74,7 @@ public function loadBox($max = 5) $sql .= " s.nom as name, s.rowid as socid, s.email, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,"; $sql .= " MIN(cd.date_fin_validite) as date_line, COUNT(cd.rowid) as nb_services"; $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe s, ".MAIN_DB_PREFIX."contratdet as cd"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE cd.statut = 4 AND cd.date_fin_validite <= '".$this->db->idate($now)."'"; @@ -83,7 +83,7 @@ public function loadBox($max = 5) if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.rowid, c.ref, c.statut, c.date_contrat, c.ref_customer, c.ref_supplier, s.nom, s.rowid"; diff --git a/htdocs/core/boxes/box_shipments.php b/htdocs/core/boxes/box_shipments.php index 512dbc6a944a9..42fa9b4821c07 100644 --- a/htdocs/core/boxes/box_shipments.php +++ b/htdocs/core/boxes/box_shipments.php @@ -92,7 +92,7 @@ public function loadBox($max = 5) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON e.rowid = el.fk_target AND el.targettype = 'shipping' AND el.sourcetype IN ('commande')"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande as c ON el.fk_source = c.rowid AND el.sourcetype IN ('commande') AND el.targettype = 'shipping'"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = e.fk_soc"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON e.fk_soc = sc.fk_soc"; } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; @@ -102,7 +102,7 @@ public function loadBox($max = 5) if ($user->socid > 0) { $sql.= " AND s.rowid = ".((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND sc.fk_user = ".((int) $user->id); } else { $sql .= " ORDER BY e.tms DESC, e.date_delivery DESC, e.ref DESC"; diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index 88e87cff07bae..3287e20c8521a 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -84,12 +84,12 @@ public function loadBox($max = 5) $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php index acddab7dc232e..86f30d122e163 100644 --- a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php +++ b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php @@ -81,14 +81,14 @@ public function loadBox($max = 5) $sql .= ", c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande_fournisseur as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('supplier_order').")"; $sql .= " AND c.date_livraison IS NOT NULL"; $sql .= " AND c.fk_statut IN (".CommandeFournisseur::STATUS_ORDERSENT.", ".CommandeFournisseur::STATUS_RECEIVED_PARTIALLY.")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($user->socid) { diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index b1af5dbd95e13..dee5549fee870 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -492,6 +492,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $result = ''; if (isModEnabled('invoice') && $user->hasRight('facture', 'lire')) { + if ($user->socid > 0) $socid = $user->socid; $maxofloop = (!getDolGlobalString('MAIN_MAXLIST_OVERLOAD') ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); $tmpinvoice = new Facture($db); @@ -502,16 +503,16 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= ", s.rowid as socid, s.email"; $sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", sc.fk_soc, sc.fk_user "; } $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } @@ -526,7 +527,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,"; $sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,"; $sql .= " cc.rowid, cc.code"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", sc.fk_soc, sc.fk_user"; } @@ -642,6 +643,7 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $result = ''; if ((isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && $user->hasRight('facture', 'lire')) { + if ($user->socid > 0) $socid = $user->socid; $maxofloop = (!getDolGlobalString('MAIN_MAXLIST_OVERLOAD') ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); $facturesupplierstatic = new FactureFournisseur($db); @@ -653,12 +655,12 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $sql .= ", s.code_fournisseur, s.code_compta_fournisseur"; $sql .= ", cc.rowid as country_id, cc.code as country_code"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -773,12 +775,12 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.type, f.total_ht, f.total_tva, f.total_ttc, f.datec,"; $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -786,7 +788,7 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -881,12 +883,12 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.datec,"; $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE f.fk_soc = s.rowid"; @@ -894,7 +896,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) if ($socid) { $sql .= " AND f.fk_soc = ".((int) $socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY f.tms DESC"; @@ -999,6 +1001,7 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $result = ''; if (isModEnabled('invoice') && $user->hasRight('facture', 'lire')) { + if ($user->socid > 0) $socid = $user->socid; $tmpinvoice = new Facture($db); $sql = "SELECT f.rowid, f.ref, f.fk_statut as status, f.datef, f.type, f.total_ht, f.total_tva, f.total_ttc, f.paye, f.tms"; @@ -1011,12 +1014,12 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays,".MAIN_DB_PREFIX."facture as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf on f.rowid=pf.fk_facture"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = f.fk_soc AND f.paye = 0 AND f.fk_statut = ".Facture::STATUS_VALIDATED; $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { @@ -1187,6 +1190,7 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $result = ''; if (isModEnabled("supplier_invoice") && ($user->hasRight('fournisseur', 'facture', 'lire') || $user->hasRight('supplier_invoice', 'read'))) { + if ($user->socid > 0) $socid = $user->socid; $facstatic = new FactureFournisseur($db); $sql = "SELECT ff.rowid, ff.ref, ff.fk_statut as status, ff.type, ff.libelle as label, ff.total_ht, ff.total_tva, ff.total_ttc, ff.paye"; @@ -1198,14 +1202,14 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= ", sum(pf.amount) as am"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as ff"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiementfourn_facturefourn as pf on ff.rowid=pf.fk_facturefourn"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.rowid = ff.fk_soc"; $sql .= " AND ff.entity = ".$conf->entity; $sql .= " AND ff.paye = 0"; $sql .= " AND ff.fk_statut = ".FactureFournisseur::STATUS_VALIDATED; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { diff --git a/htdocs/core/lib/order.lib.php b/htdocs/core/lib/order.lib.php index 2f2d71a978b42..72bf04842b8fd 100644 --- a/htdocs/core/lib/order.lib.php +++ b/htdocs/core/lib/order.lib.php @@ -239,11 +239,11 @@ function getCustomerOrderPieChart($socid = 0) /* * Statistics */ - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT count(c.rowid) as nb, c.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."commande as c"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.fk_soc = s.rowid"; @@ -251,7 +251,7 @@ function getCustomerOrderPieChart($socid = 0) if ($user->socid) { $sql .= ' AND c.fk_soc = '.((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY c.fk_statut"; diff --git a/htdocs/core/lib/propal.lib.php b/htdocs/core/lib/propal.lib.php index 46cf91ce68493..f9247d84d1fe7 100644 --- a/htdocs/core/lib/propal.lib.php +++ b/htdocs/core/lib/propal.lib.php @@ -217,15 +217,15 @@ function getCustomerProposalPieChart($socid = 0) if (!isModEnabled('propal') || !$user->hasRight('propal', 'lire')) { return ''; } - + $listofstatus = array(Propal::STATUS_DRAFT, Propal::STATUS_VALIDATED, Propal::STATUS_SIGNED, Propal::STATUS_NOTSIGNED, Propal::STATUS_BILLED); $propalstatic = new Propal($db); - + if ($user->socid > 0) $socid = $user->socid; $sql = "SELECT count(p.rowid) as nb, p.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if ($user->socid == 0 && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")"; @@ -233,7 +233,7 @@ function getCustomerProposalPieChart($socid = 0) if ($user->socid) { $sql .= ' AND p.fk_soc = '.((int) $user->socid); } - if (!$user->hasRight('societe', 'client', 'voir')) { + if ($user->socid == 0 && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " AND p.fk_statut IN (".$db->sanitize(implode(" ,", $listofstatus)).")"; diff --git a/htdocs/fichinter/class/fichinterstats.class.php b/htdocs/fichinter/class/fichinterstats.class.php index 15d19eaba73cb..fea03d405fac2 100644 --- a/htdocs/fichinter/class/fichinterstats.class.php +++ b/htdocs/fichinter/class/fichinterstats.class.php @@ -98,7 +98,7 @@ public function getNbByMonth($year, $format = 0) $sql = "SELECT date_format(c.date_valid,'%m') as dm, COUNT(*) as nb"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -122,7 +122,7 @@ public function getNbByYear() $sql = "SELECT date_format(c.date_valid,'%Y') as dm, COUNT(*) as nb, 0"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; @@ -145,7 +145,7 @@ public function getAmountByMonth($year, $format = 0) $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -169,7 +169,7 @@ public function getAverageByMonth($year) $sql = "SELECT date_format(c.date_valid,'%m') as dm, 0"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE c.date_valid BETWEEN '".$this->db->idate(dol_get_first_day($year))."' AND '".$this->db->idate(dol_get_last_day($year))."'"; @@ -191,7 +191,7 @@ public function getAllByYear() $sql = "SELECT date_format(c.date_valid,'%Y') as year, COUNT(*) as nb, 0 as total, 0 as avg"; $sql .= " FROM ".$this->from; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE ".$this->where; diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 08b4b55373a34..450396fbe2bb7 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -296,7 +296,7 @@ $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object, $action); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; -if (!$user->hasRight('societe', 'client', 'voir')) { +if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= ", ".MAIN_DB_PREFIX."societe as s"; diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 5eea5501d69e8..cb94ccd736671 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -3207,7 +3207,7 @@ public function loadStateBoard() $sql = "SELECT count(co.rowid) as nb"; $sql .= " FROM ".$this->db->prefix()."commande_fournisseur as co"; $sql .= " LEFT JOIN ".$this->db->prefix()."societe as s ON co.fk_soc = s.rowid"; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir") && !$user->socid) { $sql .= " LEFT JOIN ".$this->db->prefix()."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; @@ -3243,7 +3243,7 @@ public function load_board($user, $mode = 'opened') $sql = "SELECT c.rowid, c.date_creation as datec, c.date_commande, c.fk_statut, c.date_livraison as delivery_date, c.total_ht"; $sql .= " FROM ".$this->db->prefix()."commande_fournisseur as c"; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir") && !$user->socid) { $sql .= " JOIN ".$this->db->prefix()."societe_commerciaux as sc ON c.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " WHERE c.entity = ".$conf->entity; diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 79b345dab2c23..0ca5cf7f33990 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -2703,7 +2703,7 @@ public function load_board($user) $sql = 'SELECT ff.rowid, ff.date_lim_reglement as datefin, ff.fk_statut as status, ff.total_ht, ff.total_ttc'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as ff'; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir")) { $sql .= " JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ff.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= ' WHERE ff.paye = 0'; @@ -3123,7 +3123,7 @@ public function loadStateBoard() $sql = "SELECT count(f.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON f.fk_soc = s.rowid"; - if (!$user->hasRight("societe", "client", "voir") && !$user->socid) { + if (empty($user->socid) && !$user->hasRight("societe", "client", "voir")) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index 959533d131d18..6437570bf0f45 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1943,7 +1943,7 @@ public function liste_array($shortlist = 0, $draft = 0, $notcurrentuser = 0, $so $ga = array(); $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } @@ -2212,7 +2212,7 @@ public function LibStatut($status, $mode = 1) public function load_board($user, $mode) { // phpcs:enable - global $conf, $user, $langs; + global $conf, $langs; $now = dol_now(); @@ -2220,7 +2220,7 @@ public function load_board($user, $mode) $sql = "SELECT p.rowid, p.ref, p.datec as datec, p.date_cloture as datefin"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -2377,7 +2377,7 @@ public function loadStateBoard() $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index 4791136e400a6..839b4e89efa6d 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -891,7 +891,7 @@ public function fetchAll($user, $sortorder = 'ASC', $sortfield = 't.datec', $lim $socid = $user->socid ? $user->socid : 0; // If the internal user must only see his customers, force searching by him $search_sale = 0; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $search_sale = $user->id; } // Search on sale representative @@ -3156,7 +3156,7 @@ public function load_board($user, $mode) $sql = "SELECT p.rowid, p.ref, p.datec as datec"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; - if (isModEnabled('societe') && !$user->hasRight('societe', 'client', 'voir') && !$user->socid) { + if (empty($user->socid) && isModEnabled('societe') && !$user->hasRight('societe', 'client', 'voir') && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = " AND"; @@ -3220,7 +3220,7 @@ public function loadStateBoard() $sql = "SELECT count(p.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON p.fk_soc = s.rowid"; - if (!$user->hasRight('societe', 'client', 'voir')) { + if (empty($user->socid) && !$user->hasRight('societe', 'client', 'voir')) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".((int) $user->id); $clause = "AND"; From df88c74d119c0da18880b7f73c6e411f4c630927 Mon Sep 17 00:00:00 2001 From: vmaury Date: Mon, 13 Jan 2025 12:04:16 +0100 Subject: [PATCH 4/4] Fix 31370 Pb with external account --- htdocs/core/lib/invoice.lib.php | 2 +- htdocs/core/lib/propal.lib.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index dee5549fee870..7eecd6b0131f7 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -1190,7 +1190,7 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $result = ''; if (isModEnabled("supplier_invoice") && ($user->hasRight('fournisseur', 'facture', 'lire') || $user->hasRight('supplier_invoice', 'read'))) { - if ($user->socid > 0) $socid = $user->socid; + if ($user->socid > 0) $socid = $user->socid; $facstatic = new FactureFournisseur($db); $sql = "SELECT ff.rowid, ff.ref, ff.fk_statut as status, ff.type, ff.libelle as label, ff.total_ht, ff.total_tva, ff.total_ttc, ff.paye"; diff --git a/htdocs/core/lib/propal.lib.php b/htdocs/core/lib/propal.lib.php index f9247d84d1fe7..6ec7c824ceebc 100644 --- a/htdocs/core/lib/propal.lib.php +++ b/htdocs/core/lib/propal.lib.php @@ -217,7 +217,7 @@ function getCustomerProposalPieChart($socid = 0) if (!isModEnabled('propal') || !$user->hasRight('propal', 'lire')) { return ''; } - + $listofstatus = array(Propal::STATUS_DRAFT, Propal::STATUS_VALIDATED, Propal::STATUS_SIGNED, Propal::STATUS_NOTSIGNED, Propal::STATUS_BILLED); $propalstatic = new Propal($db);