23if (!defined(
'NOTOKENRENEWAL')) {
24 define(
'NOTOKENRENEWAL',
'1');
26if (!defined(
'NOREQUIREMENU')) {
27 define(
'NOREQUIREMENU',
'1');
29if (!defined(
'NOREQUIREAJAX')) {
30 define(
'NOREQUIREAJAX',
'1');
32if (!defined(
'NOREQUIRESOC')) {
33 define(
'NOREQUIRESOC',
'1');
37require
'../../main.inc.php';
38require_once DOL_DOCUMENT_ROOT.
'/core/class/genericobject.class.php';
40$field =
GETPOST(
'field',
'alpha');
41$element =
GETPOST(
'element',
'alpha');
42$table_element =
GETPOST(
'table_element',
'alpha');
43$fk_element =
GETPOST(
'fk_element',
'alpha');
51$usesublevelpermission = ($module != $element ? $element :
'');
52if ($usesublevelpermission && !$user->hasRight($module, $element)) {
53 $usesublevelpermission =
'';
78if (!empty($field) && !empty($element) && !empty($table_element) && !empty($fk_element)) {
79 $ext_element =
GETPOST(
'ext_element',
'alpha');
80 $field = substr($field, 8);
81 $type =
GETPOST(
'type',
'alpha');
82 $loadmethod = (
GETPOST(
'loadmethod',
'alpha') ?
GETPOST(
'loadmethod',
'alpha') :
'getValueFrom');
84 if ($element !=
'order_supplier' && $element !=
'invoice_supplier' && preg_match(
'/^([^_]+)_([^_]+)/i', $element, $regs)) {
86 $subelement = $regs[2];
89 if ($element ==
'propal') {
91 } elseif ($element ==
'fichinter') {
92 $element =
'ficheinter';
93 } elseif ($element ==
'product') {
95 } elseif ($element ==
'member') {
96 $element =
'adherent';
97 } elseif ($element ==
'order_supplier') {
98 $element =
'fournisseur';
99 $subelement =
'commande';
100 } elseif ($element ==
'invoice_supplier') {
101 $element =
'fournisseur';
102 $subelement =
'facture';
105 if ($user->hasRight($element,
'lire') || $user->hasRight($element,
'read')
106 || (isset($subelement) && ($user->hasRight($element, $subelement,
'lire') || $user->hasRight($element, $subelement,
'read')))
107 || ($element ==
'payment' && $user->hasRight(
'facture',
'lire'))
108 || ($element ==
'payment_supplier' && $user->hasRight(
'fournisseur',
'facture',
'lire'))) {
109 if ($type ==
'select') {
110 $methodname =
'load_cache_'.$loadmethod;
111 $cachename =
'cache_'.GETPOST(
'loadmethod',
'alpha');
113 $form =
new Form($db);
114 if (method_exists($form, $methodname)) {
115 $ret = $form->$methodname();
117 echo json_encode($form->$cachename);
119 } elseif (!empty($ext_element)) {
120 $module = $subelement = $ext_element;
122 if (preg_match(
'/^([^_]+)_([^_]+)/i', $ext_element, $regs)) {
124 $subelement = $regs[2];
128 $classname =
'Actions'.ucfirst($subelement);
130 $ret =
$object->$methodname($fk_element);
132 echo json_encode(
$object->$cachename);
137 $value =
$object->$loadmethod($table_element, $fk_element, $field);
141 echo $langs->transnoentities(
'NotEnoughPermissions');
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Class of a generic business object.
if(!function_exists( 'dol_getprefix')) dol_include_once($relpath, $classname='')
Make an include_once using default root and alternate root if it fails.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
fetchObjectByElement($element_id, $element_type, $element_ref='', $useCache=0, $maxCacheByType=10)
Fetch an object from its id and element_type Inclusion of classes is automatic.
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
httponly_accessforbidden($message='1', $http_response_code=403, $stringalreadysanitized=0)
Show a message to say access is forbidden and stop program.
restrictedArea(User $user, $features, $object=0, $tableandshare='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $isdraft=0, $mode=0)
Check permissions of a user to show a page and an object.