|
@@ -1825,28 +1825,31 @@ class Task extends CommonObject
|
|
|
{
|
|
|
global $conf, $langs;
|
|
|
|
|
|
- $mine=0; $socid=$user->societe_id;
|
|
|
-
|
|
|
+ // For external user, no check is done on company because readability is managed by public status of project and assignement.
|
|
|
+ //$socid=$user->societe_id;
|
|
|
+
|
|
|
$projectstatic = new Project($this->db);
|
|
|
- $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,$mine,1,$socid);
|
|
|
-
|
|
|
+ $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,1,$socid);
|
|
|
+
|
|
|
// List of tasks (does not care about permissions. Filtering will be done later)
|
|
|
$sql = "SELECT p.rowid as projectid, p.fk_statut as projectstatus,";
|
|
|
$sql.= " t.rowid as taskid, t.progress as progress, t.fk_statut as status,";
|
|
|
$sql.= " t.dateo as date_start, t.datee as datee";
|
|
|
$sql.= " FROM ".MAIN_DB_PREFIX."projet as p";
|
|
|
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid";
|
|
|
- if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
|
|
|
+ //if (! $user->rights->societe->client->voir && ! $socid) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid";
|
|
|
$sql.= ", ".MAIN_DB_PREFIX."projet_task as t";
|
|
|
$sql.= " WHERE p.entity IN (".getEntity('project', 0).')';
|
|
|
$sql.= " AND p.fk_statut = 1";
|
|
|
$sql.= " AND t.fk_projet = p.rowid";
|
|
|
$sql.= " AND t.progress < 100"; // tasks to do
|
|
|
- if ($mine || ! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")";
|
|
|
+ if (! $user->rights->projet->all->lire) $sql.= " AND p.rowid IN (".$projectsListId.")";
|
|
|
// No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
|
|
|
//if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")";
|
|
|
if ($socid) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")";
|
|
|
- if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
|
|
|
+ // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser
|
|
|
+ // if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))";
|
|
|
+
|
|
|
//print $sql;
|
|
|
$resql=$this->db->query($sql);
|
|
|
if ($resql)
|