Home Explore Help
Sign In
iProspective
/
dolibarr
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #6683 from marcosgdf/bug-6679

FIX #6679 User with restricted supplier invoice permissions can edit project, payment conditions, payment mode
Laurent Destailleur 8 years ago
parent
4d72165288 12df7b6ab9
commit
17da4f64a7
1 changed files with 8 additions and 4 deletions
Split View Show Diff Stats
  1. 8 4
      htdocs/fourn/facture/card.php

+ 8 - 4
htdocs/fourn/facture/card.php
View File 

@@ -870,7 +870,7 @@ if (empty($reshook))
 
 	    $action = '';
 
 	}
 
 
-	elseif ($action == 'classin')
 
+	elseif ($action == 'classin' && $user->rights->fournisseur->facture->creer)
 
 	{
 
 	    $object->fetch($id);
 
 	    $result=$object->setProject($projectid);
 
@@ -1844,7 +1844,9 @@ else
 
 		print '<table width="100%" class="nobordernopadding"><tr><td class="nowrap">';
 
 		print $langs->trans('PaymentConditions');
 
 		print '<td>';
 
-		if ($action != 'editconditions') print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;id='.$object->id.'">'.img_edit($langs->trans('SetConditions'),1).'</a></td>';
 
+		if ($action != 'editconditions' && $user->rights->fournisseur->facture->creer) {
 
+			print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;id='.$object->id.'">'.img_edit($langs->trans('SetConditions'),1).'</a></td>';
 
+		}
 
 		print '</tr></table>';
 
 		print '</td><td colspan="2">';
 
 		if ($action == 'editconditions')
 
@@ -1864,7 +1866,9 @@ else
 
 		print '<table width="100%" class="nobordernopadding"><tr><td class="nowrap">';
 
 		print $langs->trans('PaymentMode');
 
 		print '</td>';
 
-		if ($action != 'editmode') print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;id='.$object->id.'">'.img_edit($langs->trans('SetMode'),1).'</a></td>';
 
+		if ($action != 'editmode' && $user->rights->fournisseur->facture->creer) {
 
+			print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;id='.$object->id.'">'.img_edit($langs->trans('SetMode'),1).'</a></td>';
 
+		}
 
 		print '</tr></table>';
 
 		print '</td><td colspan="2">';
 
 		if ($action == 'editmode')
 
@@ -1994,7 +1998,7 @@ else
 
             print '<table class="nobordernopadding" width="100%"><tr><td>';
 
             print $langs->trans('Project');
 
             print '</td>';
 
-            if ($action != 'classify')
 
+            if ($action != 'classify' && $user->rights->fournisseur->facture->creer)
 
             {
 
                 print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=classify&amp;id='.$object->id.'">';
 
                 print img_edit($langs->trans('SetProject'),1);