375function restrictedArea(
User $user, $features,
$object = 0, $tableandshare =
'', $feature2 =
'', $dbt_keyfield =
'fk_soc', $dbt_select =
'rowid', $isdraft = 0, $mode = 0)
385 if ($objectid ==
"-1") {
389 $objectid = preg_replace(
'/[^0-9\.\,]/',
'', (
string) $objectid);
398 $parentfortableentity =
'';
402 $originalfeatures = $features;
403 if ($features ==
'agenda') {
404 $tableandshare =
'actioncomm&societe';
405 $feature2 =
'myactions|allactions';
408 if ($features ==
'bank') {
409 $features =
'banque';
411 if ($features ==
'facturerec') {
412 $features =
'facture';
414 if ($features ==
'supplier_invoicerec') {
415 $features =
'fournisseur';
416 $feature2 =
'facture';
418 if ($features ==
'mo') {
421 if ($features ==
'member') {
422 $features =
'adherent';
424 if ($features ==
'subscription') {
425 $features =
'adherent';
426 $feature2 =
'cotisation';
428 if ($features ==
'website' && is_object(
$object) &&
$object->element ==
'websitepage') {
429 $parentfortableentity =
'fk_website@website';
431 if ($features ==
'project') {
432 $features =
'projet';
434 if ($features ==
'product') {
435 $features =
'produit';
437 if ($features ==
'productbatch') {
438 $features =
'produit';
440 if ($features ==
'tax') {
441 $feature2 =
'charges';
443 if ($features ==
'workstation') {
444 $feature2 =
'workstation';
446 if ($features ==
'fournisseur') {
447 $features =
'fournisseur';
448 if (is_object(
$object) &&
$object->element ==
'invoice_supplier') {
449 $feature2 =
'facture';
450 } elseif (is_object(
$object) &&
$object->element ==
'order_supplier') {
451 $feature2 =
'commande';
454 if ($features ==
'payment_sc') {
455 $tableandshare =
'paiementcharge';
456 $parentfortableentity =
'fk_charge@chargesociales';
460 if (in_array($features, [
'commandedet',
'propaldet',
'facturedet',
'supplier_proposaldet',
'evaluationdet',
'skilldet',
'deliverydet',
'contratdet'])) {
461 $features = substr($features, 0, -3);
462 } elseif (in_array($features, [
'stocktransferline',
'inventoryline',
'bomline',
'expensereport_det',
'facture_fourn_det'])) {
463 $features = substr($features, 0, -4);
464 } elseif ($features ==
'commandefournisseurdispatch') {
465 $features =
'commandefournisseur';
466 } elseif ($features ==
'invoice_supplier_det_rec') {
467 $features =
'invoice_supplier_rec';
480 $parameters = array(
'features' => $features,
'originalfeatures' => $originalfeatures,
'objectid' => $objectid,
'dbt_select' => $dbt_select,
'idtype' => $dbt_select,
'isdraft' => $isdraft);
481 if (!empty($hookmanager)) {
482 $reshook = $hookmanager->executeHooks(
'restrictedArea', $parameters);
484 if (isset($hookmanager->resArray[
'result'])) {
485 if ($hookmanager->resArray[
'result'] == 0) {
499 $featuresarray = array($features);
500 if (preg_match(
'/&/', $features)) {
501 $featuresarray = explode(
"&", $features);
502 } elseif (preg_match(
'/\|/', $features)) {
503 $featuresarray = explode(
"|", $features);
507 if (!empty($feature2)) {
508 $feature2 = explode(
"|", $feature2);
516 foreach ($featuresarray as $feature) {
517 $featureforlistofmodule = $feature;
518 if ($featureforlistofmodule ==
'produit') {
519 $featureforlistofmodule =
'product';
521 if ($featureforlistofmodule ==
'supplier_proposal') {
522 $featureforlistofmodule =
'supplierproposal';
524 if (!empty($user->socid) &&
getDolGlobalString(
'MAIN_MODULES_FOR_EXTERNAL') && !in_array($featureforlistofmodule, $listofmodules)) {
530 if ($feature ==
'societe' && (empty($feature2) || !in_array(
'contact', $feature2))) {
531 if (!$user->hasRight(
'societe',
'lire') && !$user->hasRight(
'fournisseur',
'lire')) {
535 } elseif (($feature ==
'societe' && (!empty($feature2) && in_array(
'contact', $feature2))) || $feature ==
'contact') {
536 if (!$user->hasRight(
'societe',
'contact',
'lire')) {
540 } elseif ($feature ==
'produit|service') {
541 if (!$user->hasRight(
'produit',
'lire') && !$user->hasRight(
'service',
'lire')) {
545 } elseif ($feature ==
'prelevement') {
546 if (!$user->hasRight(
'prelevement',
'bons',
'lire')) {
550 } elseif ($feature ==
'cheque') {
551 if (!$user->hasRight(
'banque',
'cheque')) {
555 } elseif ($feature ==
'projet') {
556 if (!$user->hasRight(
'projet',
'lire') && !$user->hasRight(
'projet',
'all',
'lire')) {
560 } elseif ($feature ==
'payment') {
561 if (!$user->hasRight(
'facture',
'lire')) {
565 } elseif ($feature ==
'payment_supplier') {
566 if (!$user->hasRight(
'fournisseur',
'facture',
'lire')) {
570 } elseif ($feature ==
'payment_sc') {
571 if (!$user->hasRight(
'tax',
'charges',
'lire')) {
575 } elseif (!empty($feature2)) {
577 foreach ($feature2 as $subfeature) {
578 if ($subfeature ==
'user' && $user->id == $objectid) {
581 if ($subfeature ==
'fiscalyear' && $user->hasRight(
'accounting',
'fiscalyear',
'write')) {
586 if (!empty($subfeature) && !$user->hasRight($feature, $subfeature,
'lire') && !$user->hasRight($feature, $subfeature,
'read')) {
588 } elseif (empty($subfeature) && !$user->hasRight($feature,
'lire') && !$user->hasRight($feature,
'read')) {
599 } elseif (!empty($feature) && ($feature !=
'user' && $feature !=
'usergroup')) {
600 if (!$user->hasRight($feature,
'lire')
601 && !$user->hasRight($feature,
'read')
602 && !$user->hasRight($feature,
'run')) {
610 if (preg_match(
'/\|/', $features) && $nbko < count($featuresarray)) {
626 $wemustcheckpermissionforcreate = (
GETPOST(
'sendit',
'alpha') ||
GETPOST(
'linkit',
'alpha') || in_array(
GETPOST(
'action',
'aZ09'), array(
'create',
'update',
'set',
'upload',
'add_element_resource',
'confirm_deletebank',
'confirm_delete_linked_resource')) ||
GETPOST(
'roworder',
'alpha', 2));
627 $wemustcheckpermissionfordeletedraft = ((
GETPOST(
"action",
"aZ09") ==
'confirm_delete' &&
GETPOST(
"confirm",
"aZ09") ==
'yes') ||
GETPOST(
"action",
"aZ09") ==
'delete');
629 if ($wemustcheckpermissionforcreate || $wemustcheckpermissionfordeletedraft) {
630 foreach ($featuresarray as $feature) {
631 if ($feature ==
'contact') {
632 if (!$user->hasRight(
'societe',
'contact',
'creer')) {
636 } elseif ($feature ==
'produit|service') {
637 if (!$user->hasRight(
'produit',
'creer') && !$user->hasRight(
'service',
'creer')) {
641 } elseif ($feature ==
'prelevement') {
642 if (!$user->hasRight(
'prelevement',
'bons',
'creer')) {
646 } elseif ($feature ==
'commande_fournisseur') {
647 if (!$user->hasRight(
'fournisseur',
'commande',
'creer') || !$user->hasRight(
'supplier_order',
'creer')) {
651 } elseif ($feature ==
'banque') {
652 if (!$user->hasRight(
'banque',
'modifier')) {
656 } elseif ($feature ==
'cheque') {
657 if (!$user->hasRight(
'banque',
'cheque')) {
661 } elseif ($feature ==
'import') {
662 if (!$user->hasRight(
'import',
'run')) {
666 } elseif ($feature ==
'ecm') {
667 if (!$user->hasRight(
'ecm',
'upload')) {
671 } elseif ($feature ==
'modulebuilder') {
672 if (!$user->hasRight(
'modulebuilder',
'run')) {
676 } elseif (!empty($feature2)) {
677 foreach ($feature2 as $subfeature) {
678 if ($subfeature ==
'user' && $user->id == $objectid && $user->hasRight(
'user',
'self',
'creer')) {
681 if ($subfeature ==
'user' && $user->id == $objectid && $user->hasRight(
'user',
'self',
'password')) {
684 if ($subfeature ==
'user' && $user->id != $objectid && $user->hasRight(
'user',
'user',
'password')) {
688 if (!$user->hasRight($feature, $subfeature,
'creer')
689 && !$user->hasRight($feature, $subfeature,
'write')
690 && !$user->hasRight($feature, $subfeature,
'create')) {
699 } elseif (!empty($feature)) {
701 if (!$user->hasRight($feature,
'creer')
702 && !$user->hasRight($feature,
'write')
703 && !$user->hasRight($feature,
'create')) {
711 if (preg_match(
'/\|/', $features) && $nbko < count($featuresarray)) {
715 if ($wemustcheckpermissionforcreate && !$createok) {
727 if (
GETPOST(
'action',
'aZ09') ==
'confirm_create_user' &&
GETPOST(
"confirm",
'aZ09') ==
'yes') {
728 if (!$user->hasRight(
'user',
'user',
'creer')) {
732 if (!$createuserok) {
745 if ((
GETPOST(
"action",
"aZ09") ==
'confirm_delete' &&
GETPOST(
"confirm",
"aZ09") ==
'yes') ||
GETPOST(
"action",
"aZ09") ==
'delete') {
746 foreach ($featuresarray as $feature) {
747 if ($feature ==
'bookmark') {
748 if (!$user->hasRight(
'bookmark',
'supprimer')) {
749 if ($user->id !=
$object->fk_user || !$user->hasRight(
'bookmark',
'creer')) {
753 } elseif ($feature ==
'contact') {
754 if (!$user->hasRight(
'societe',
'contact',
'supprimer')) {
757 } elseif ($feature ==
'produit|service') {
758 if (!$user->hasRight(
'produit',
'supprimer') && !$user->hasRight(
'service',
'supprimer')) {
761 } elseif ($feature ==
'commande_fournisseur') {
762 if (!$user->hasRight(
'fournisseur',
'commande',
'supprimer')) {
765 } elseif ($feature ==
'payment_supplier') {
766 if (!$user->hasRight(
'fournisseur',
'facture',
'creer')) {
769 } elseif ($feature ==
'payment') {
770 if (!$user->hasRight(
'facture',
'paiement')) {
773 } elseif ($feature ==
'payment_sc') {
774 if (!$user->hasRight(
'tax',
'charges',
'creer')) {
777 } elseif ($feature ==
'banque') {
778 if (!$user->hasRight(
'banque',
'modifier')) {
781 } elseif ($feature ==
'cheque') {
782 if (!$user->hasRight(
'banque',
'cheque')) {
785 } elseif ($feature ==
'ecm') {
786 if (!$user->hasRight(
'ecm',
'upload')) {
789 } elseif ($feature ==
'ftp') {
790 if (!$user->hasRight(
'ftp',
'write')) {
793 } elseif ($feature ==
'salaries') {
794 if (!$user->hasRight(
'salaries',
'delete')) {
797 } elseif ($feature ==
'adherent') {
798 if (!$user->hasRight(
'adherent',
'supprimer')) {
801 } elseif ($feature ==
'paymentbybanktransfer') {
802 if (!$user->hasRight(
'paymentbybanktransfer',
'create')) {
805 } elseif ($feature ==
'prelevement') {
806 if (!$user->hasRight(
'prelevement',
'bons',
'creer')) {
809 } elseif (!empty($feature2)) {
810 foreach ($feature2 as $subfeature) {
811 if (!$user->hasRight($feature, $subfeature,
'supprimer') && !$user->hasRight($feature, $subfeature,
'delete')) {
818 } elseif (!empty($feature)) {
820 if (!$user->hasRight($feature,
'supprimer')
821 && !$user->hasRight($feature,
'delete')
822 && !$user->hasRight($feature,
'run')) {
829 if (preg_match(
'/\|/', $features) && $nbko < count($featuresarray)) {
833 if (!$deleteok && !($isdraft && $createok)) {
845 if (!empty($objectid) && $objectid > 0) {
847 $params = array(
'objectid' => $objectid,
'features' => implode(
',', $featuresarray),
'features2' => $feature2);
878function checkUserAccessToObject($user, array $featuresarray,
$object = 0, $tableandshare =
'', $feature2 =
'', $dbt_keyfield =
'', $dbt_select =
'rowid', $parenttableforentity =
'')
887 $objectid = preg_replace(
'/[^0-9\.\,]/',
'', $objectid);
894 $params = explode(
'&', $tableandshare);
895 $dbtablename = (!empty($params[0]) ? $params[0] :
'');
896 $sharedelement = (!empty($params[1]) ? $params[1] : $dbtablename);
898 foreach ($featuresarray as $feature) {
904 if ($feature ==
'societe' && !empty($feature2) && is_array($feature2) && in_array(
'contact', $feature2)) {
905 $feature =
'contact';
908 if ($feature ==
'member') {
909 $feature =
'adherent';
911 if ($feature ==
'project') {
914 if ($feature ==
'task') {
915 $feature =
'projet_task';
917 if ($feature ==
'eventorganization') {
919 $dbtablename =
'actioncomm';
921 if ($feature ==
'payment_sc' && empty($parenttableforentity)) {
923 $parenttableforentity =
'';
924 $dbtablename =
"chargesociales";
925 $feature =
"chargesociales";
926 $objectid =
$object->fk_charge;
929 $checkonentitydone = 0;
932 $check = array(
'adherent',
'banque',
'bom',
'don',
'mrp',
'user',
'usergroup',
'payment',
'payment_supplier',
'payment_sc',
'product',
'produit',
'service',
'produit|service',
'categorie',
'resource',
'expensereport',
'holiday',
'salaries',
'website',
'recruitment',
'chargesociales',
'knowledgemanagement');
933 $checksoc = array(
'societe');
934 $checkparentsoc = array(
'agenda',
'contact',
'contrat');
935 $checkproject = array(
'projet',
'project');
936 $checktask = array(
'projet_task');
937 $checkhierarchy = array(
'expensereport',
'holiday');
938 $checkuser = array(
'bookmark');
939 $nocheck = array(
'barcode',
'stock');
944 if (empty($dbtablename)) {
945 $dbtablename = $feature;
946 $sharedelement = (!empty($params[1]) ? $params[1] : $dbtablename);
950 if ($dbt_select !=
'rowid' && $dbt_select !=
'id') {
951 $objectid =
"'".$objectid.
"'";
954 if (in_array($feature, $check) && $objectid > 0) {
955 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
956 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
957 if (($feature ==
'user' || $feature ==
'usergroup') && isModEnabled(
'multicompany')) {
959 if (
$conf->entity == 1 && $user->admin && !$user->entity) {
960 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
961 $sql .=
" AND dbt.entity IS NOT NULL";
963 $sql .=
",".MAIN_DB_PREFIX.
"usergroup_user as ug";
964 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
965 $sql .=
" AND ((ug.fk_user = dbt.rowid";
966 $sql .=
" AND ug.entity IN (".getEntity(
'usergroup').
"))";
967 $sql .=
" OR dbt.entity = 0)";
970 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
971 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
975 if ($parenttableforentity && preg_match(
'/(.*)@(.*)/', $parenttableforentity, $reg)) {
976 $sql .=
", ".MAIN_DB_PREFIX.$reg[2].
" as dbtp";
977 $sql .=
" WHERE dbt.".$reg[1].
" = dbtp.rowid AND dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
978 $sql .=
" AND dbtp.entity IN (".getEntity($sharedelement, 1).
")";
980 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
981 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
984 $checkonentitydone = 1;
986 if (in_array($feature, $checksoc) && $objectid > 0) {
988 if ($user->socid > 0) {
989 if ($user->socid != $objectid) {
992 } elseif (isModEnabled(
"societe") && ($user->hasRight(
'societe',
'lire') && !$user->hasRight(
'societe',
'client',
'voir'))) {
994 $sql =
"SELECT COUNT(sc.fk_soc) as nb";
995 $sql .=
" FROM (".MAIN_DB_PREFIX.
"societe_commerciaux as sc";
996 $sql .=
", ".MAIN_DB_PREFIX.
"societe as s)";
997 $sql .=
" WHERE sc.fk_soc IN (".$db->sanitize($objectid, 1).
")";
998 $sql .=
" AND (sc.fk_user = ".((int) $user->id);
1000 $userschilds = $user->getAllChildIds();
1001 $sql .=
" OR sc.fk_user IN (".$db->sanitize(implode(
',', $userschilds)).
")";
1004 $sql .=
" AND sc.fk_soc = s.rowid";
1005 $sql .=
" AND s.entity IN (".getEntity($sharedelement, 1).
")";
1006 } elseif (isModEnabled(
'multicompany')) {
1008 $sql =
"SELECT COUNT(s.rowid) as nb";
1009 $sql .=
" FROM ".MAIN_DB_PREFIX.
"societe as s";
1010 $sql .=
" WHERE s.rowid IN (".$db->sanitize($objectid, 1).
")";
1011 $sql .=
" AND s.entity IN (".getEntity($sharedelement, 1).
")";
1014 $checkonentitydone = 1;
1016 if (in_array($feature, $checkparentsoc) && $objectid > 0) {
1018 if ($user->socid > 0) {
1019 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
1020 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1021 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1022 $sql .=
" AND dbt.fk_soc = ".((int) $user->socid);
1023 } elseif (isModEnabled(
"societe") && ($user->hasRight(
'societe',
'lire') && !$user->hasRight(
'societe',
'client',
'voir'))) {
1025 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
1026 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1027 $sql .=
" LEFT JOIN ".MAIN_DB_PREFIX.
"societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
1028 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1029 $sql .=
" AND (dbt.fk_soc IS NULL OR sc.fk_soc IS NOT NULL)";
1030 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
1031 } elseif (isModEnabled(
'multicompany')) {
1033 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
1034 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1035 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1036 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
1039 $checkonentitydone = 1;
1041 if (in_array($feature, $checkproject) && $objectid > 0) {
1042 if (isModEnabled(
'project') && !$user->hasRight(
'projet',
'all',
'lire')) {
1043 $projectid = $objectid;
1045 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
1046 $projectstatic =
new Project($db);
1047 $tmps = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, 0);
1049 $tmparray = explode(
',', $tmps);
1050 if (!in_array($projectid, $tmparray)) {
1054 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
1055 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1056 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1057 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
1059 $checkonentitydone = 1;
1061 if (in_array($feature, $checktask) && $objectid > 0) {
1062 if (isModEnabled(
'project') && !$user->hasRight(
'projet',
'all',
'lire')) {
1063 $task =
new Task($db);
1064 $task->fetch($objectid);
1065 $projectid = $task->fk_project;
1067 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
1068 $projectstatic =
new Project($db);
1069 $tmps = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, 0);
1071 $tmparray = explode(
',', $tmps);
1072 if (!in_array($projectid, $tmparray)) {
1076 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
1077 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1078 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1079 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
1082 $checkonentitydone = 1;
1086 if (!$checkonentitydone && !in_array($feature, $nocheck) && $objectid > 0) {
1088 if ($user->socid > 0) {
1089 if (empty($dbt_keyfield)) {
1090 dol_print_error(
null,
'Param dbt_keyfield is required but not defined');
1092 $sql =
"SELECT COUNT(dbt.".$dbt_keyfield.
") as nb";
1093 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1094 $sql .=
" WHERE dbt.rowid IN (".$db->sanitize($objectid, 1).
")";
1095 $sql .=
" AND dbt.".$dbt_keyfield.
" = ".((int) $user->socid);
1096 } elseif (isModEnabled(
"societe") && !$user->hasRight(
'societe',
'client',
'voir')) {
1098 if ($feature !=
'ticket') {
1099 if (empty($dbt_keyfield)) {
1100 dol_print_error(
null,
'Param dbt_keyfield is required but not defined');
1102 $sql =
"SELECT COUNT(sc.fk_soc) as nb";
1103 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1104 $sql .=
", ".MAIN_DB_PREFIX.
"societe_commerciaux as sc";
1105 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1106 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
1107 $sql .=
" AND sc.fk_soc = dbt.".$dbt_keyfield;
1108 $sql .=
" AND (sc.fk_user = ".((int) $user->id);
1110 $userschilds = $user->getAllChildIds();
1111 foreach ($userschilds as $key => $value) {
1112 $sql .=
' OR sc.fk_user = '.((int) $value);
1118 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
1119 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1120 $sql .=
" LEFT JOIN ".MAIN_DB_PREFIX.
"societe_commerciaux as sc ON sc.fk_soc = dbt.".$dbt_keyfield.
" AND sc.fk_user = ".((int) $user->id);
1121 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1122 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
1123 $sql .=
" AND (sc.fk_user = ".((int) $user->id).
" OR sc.fk_user IS NULL)";
1125 } elseif (isModEnabled(
'multicompany')) {
1127 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
1128 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
1129 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
1130 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
1135 if ($feature ===
'agenda' && $objectid > 0) {
1137 if ($objectid > 0 && !$user->hasRight(
'agenda',
'allactions',
'read')) {
1138 require_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
1140 $action->fetch($objectid);
1141 if ($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id, $action->userassigned))) {
1149 if (in_array($feature, $checkhierarchy) && is_object(
$object) && $objectid > 0) {
1150 $childids = $user->getAllChildIds(1);
1152 if ($feature ==
'holiday') {
1153 $useridtocheck =
$object->fk_user;
1154 if (!$user->hasRight(
'holiday',
'readall') && !in_array($useridtocheck, $childids) && !in_array(
$object->fk_validator, $childids)) {
1158 if ($feature ==
'expensereport') {
1159 $useridtocheck =
$object->fk_user_author;
1160 if (!$user->hasRight(
'expensereport',
'readall')) {
1161 if (!in_array($useridtocheck, $childids)) {
1170 if (in_array($feature, $checkuser) && is_object(
$object) && $objectid > 0) {
1171 $useridtocheck =
$object->fk_user;
1172 if (!empty($useridtocheck) && $useridtocheck > 0 && $useridtocheck != $user->id && empty($user->admin)) {
1178 $resql = $db->query($sql);
1180 $obj = $db->fetch_object($resql);
1181 if (!$obj || $obj->nb < count(explode(
',', $objectid))) {
1185 dol_syslog(
"Bad forged sql in checkUserAccessToObject", LOG_WARNING);
1233function accessforbidden($message =
'', $printheader = 1, $printfooter = 1, $showonlymessage = 0, $params =
null)
1235 global
$conf, $db, $user, $langs, $hookmanager;
1238 if (!is_object($langs)) {
1239 include_once DOL_DOCUMENT_ROOT.
'/core/class/translate.class.php';
1241 $langs->setDefaultLang();
1244 $langs->loadLangs(array(
"main",
"errors"));
1246 if ($printheader && !defined(
'NOHEADERNOFOOTER')) {
1247 if (function_exists(
"llxHeader")) {
1249 } elseif (function_exists(
"llxHeaderVierge")) {
1252 print
'<div style="padding: 20px">';
1254 print
'<div class="error">';
1255 if (empty($message)) {
1256 print $langs->trans(
"ErrorForbidden");
1258 print $langs->trans($message);
1262 if (empty($showonlymessage)) {
1263 if (empty($hookmanager)) {
1264 include_once DOL_DOCUMENT_ROOT.
'/core/class/hookmanager.class.php';
1267 $hookmanager->initHooks(array(
'main'));
1270 $parameters = array(
'message' => $message,
'params' => $params);
1271 $reshook = $hookmanager->executeHooks(
'getAccessForbiddenMessage', $parameters,
$object, $action);
1272 print $hookmanager->resPrint;
1273 if (empty($reshook)) {
1274 $langs->loadLangs(array(
"errors"));
1276 print $langs->trans(
"CurrentLogin").
': <span class="error">'.$user->login.
'</span><br>';
1277 print $langs->trans(
"ErrorForbidden2", $langs->transnoentitiesnoconv(
"Home"), $langs->transnoentitiesnoconv(
"Users"));
1278 print $langs->trans(
"ErrorForbidden4");
1280 print $langs->trans(
"ErrorForbidden3");
1284 if ($printfooter && !defined(
'NOHEADERNOFOOTER') && function_exists(
"llxFooter")) {
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.