瀏覽代碼

use user hasRgiht

Frédéric FRANCE 2 年之前
父節點
當前提交
0118b4ac89

+ 1 - 1
htdocs/categories/card.php

@@ -38,7 +38,7 @@ $langs->load("categories");
 
 // Security check
 $socid = (int) GETPOST('socid', 'int');
-if (!$user->rights->categorie->lire) {
+if (!$user->hasRight('categorie', 'lire')) {
 	accessforbidden();
 }
 

+ 1 - 1
htdocs/categories/index.php

@@ -49,7 +49,7 @@ if (is_numeric($type)) {
 // Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array
 $hookmanager->initHooks(array('categoryindex'));
 
-if (!$user->rights->categorie->lire) {
+if (!$user->hasRight('categorie', 'lire')) {
 	accessforbidden();
 }
 

+ 1 - 1
htdocs/categories/info.php

@@ -29,7 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/lib/categories.lib.php';
 
-if (!$user->rights->categorie->lire) {
+if (!$user->hasRight('categorie', 'lire')) {
 	accessforbidden();
 }
 

+ 1 - 1
htdocs/core/lib/security.lib.php

@@ -691,7 +691,7 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '',
 					$deleteok = 0;
 				}
 			} elseif ($feature == 'produit|service') {
-				if (!$user->rights->produit->supprimer && !$user->rights->service->supprimer) {
+				if (!$user->hasRight('produit', 'supprimer') && !$user->hasRight('service', 'supprimer')) {
 					$deleteok = 0;
 				}
 			} elseif ($feature == 'commande_fournisseur') {

+ 1 - 1
htdocs/core/photos_resize.php

@@ -51,7 +51,7 @@ if (empty($modulepart)) {
 $accessallowed = 0;
 if ($modulepart == 'produit' || $modulepart == 'product' || $modulepart == 'service' || $modulepart == 'produit|service') {
 	$result = restrictedArea($user, 'produit|service', $id, 'product&product');
-	if ($modulepart == 'produit|service' && (!$user->rights->produit->lire && !$user->rights->service->lire)) {
+	if ($modulepart == 'produit|service' && (!$user->hasRight('produit', 'lire') && !$user->hasRight('service', 'lire'))) {
 		accessforbidden();
 	}
 	$accessallowed = 1;

+ 1 - 1
htdocs/product/stock/stats/commande_fournisseur.php

@@ -81,7 +81,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter',
 	$search_year = '';
 }
 
-if (!$user->rights->produit->lire) accessforbidden();
+if (!$user->hasRight('produit', 'lire')) accessforbidden();
 
 
 /*

+ 1 - 1
htdocs/product/stock/stats/expedition.php

@@ -81,7 +81,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter',
 	$search_year = '';
 }
 
-if (!$user->rights->produit->lire) accessforbidden();
+if (!$user->hasRight('produit', 'lire')) accessforbidden();
 
 
 /*

+ 1 - 1
htdocs/product/stock/stats/mo.php

@@ -74,7 +74,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter',
 	$search_year = '';
 }
 
-if (!$user->rights->produit->lire) accessforbidden();
+if (!$user->hasRight('produit', 'lire')) accessforbidden();
 
 
 /*

+ 1 - 1
htdocs/product/stock/stats/reception.php

@@ -81,7 +81,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter',
 	$search_year = '';
 }
 
-if (!$user->rights->produit->lire) accessforbidden();
+if (!$user->hasRight('produit', 'lire')) accessforbidden();
 
 
 /*

+ 1 - 1
htdocs/takepos/admin/orderprinters.php

@@ -47,7 +47,7 @@ if (is_numeric($type)) {
 	$type = Categorie::$MAP_ID_TO_CODE[$type]; // For backward compatibility
 }
 
-if (!$user->rights->categorie->lire) {
+if (!$user->hasRight('categorie', 'lire')) {
 	accessforbidden();
 }
 

+ 1 - 1
htdocs/zapier/admin/about.php

@@ -42,7 +42,7 @@ if (!$user->admin) {
 	accessforbidden();
 }
 
-if (empty($conf->zapier->enabled)) accessforbidden();
+if (!isModEnabled('zapier')) accessforbidden();
 if (empty($user->admin)) accessforbidden();
 
 

+ 1 - 1
htdocs/zapier/admin/setup.php

@@ -46,7 +46,7 @@ $arrayofparameters = array(
 //	'ZAPIERFORDOLIBARR_MYPARAM2'=>array('css'=>'minwidth500', 'enabled'=>1)
 );
 
-if (empty($conf->zapier->enabled)) accessforbidden();
+if (!isModEnabled('zapier')) accessforbidden();
 if (empty($user->admin)) accessforbidden();