// Utilisateur connecté à l'interface\r
$dao = new extranetDAOUtilisateur($this->con);\r
$this->user = $dao->selectByLoginPassword($_SESSION['user_email'], $_SESSION['user_password']);\r
+ if ($this->user->grade == 0) {\r
+ $daoClient = new extranetDAOClient($this->con);\r
+ $this->user->collegues = $daoClient->getColleguesList($this->user->utilisateur_id);\r
+ }\r
}\r
\r
/**\r
}\r
}\r
\r
- protected static function verifDroits($proprietaire, $client, $action = 'r', $error = true)\r
+ protected static function verifDroits($proprietaire, $client, $action = 'r', $error = true, $collegues = false)\r
{\r
global $core;\r
\r
return true;\r
}\r
}\r
- } elseif ($core->user->grade == 0 && $action == 'r' && $client == $core->user->utilisateur_id) {\r
+ } elseif ($core->user->grade == 0 && $action == 'r' && ($client == $core->user->utilisateur_id || ($collegues && in_array($client, $core->user->collegues)))) {\r
return true;\r
} elseif ($core->user->grade == 3 && $action == 'r') {\r
return true;\r
\r
public static function devis($devis, $action , $error = true)\r
{\r
- return self::verifDroits($devis->createur_id, $devis->client_id, $action, $error);\r
+ return self::verifDroits($devis->createur_id, $devis->client_id, $action, $error, true);\r
}\r
\r
public static function facture($facture, $action, $error = true)\r
{\r
- return self::verifDroits($facture->createur_id, $facture->client_id, $action, $error);\r
+ return self::verifDroits($facture->createur_id, $facture->client_id, $action, $error, true);\r
}\r
\r
public static function projet($projet, $error)\r
public static function recherche($page)\r
{\r
global $core;\r
- $droits = array('projets' => 1, 'factures' => 1, 'devis' => 1, 'clients' => 1, 'timereport' => 1, 'fichiers' => 0,'books'=>0);\r
+ $droits = array('projets' => 1, 'factures' => 1, 'devis' => 1, 'clients' => 1, 'timereport' => 1, 'fichiers' => 0, 'books' => 0);\r
return (isset($droits[$page]) && $droits[$page] <= $core->user->grade);\r
}\r
\r
\r
$dao = new extranetDAODevis($core->con);\r
$settings = $core->user->getSettings('devis');\r
- $liste = $dao->getListeForClient($core->user->utilisateur_id, $settings['orderby'], $settings['sens']);\r
+ $liste = $dao->getListeForEntreprise($core->user->entreprise, $settings['orderby'], $settings['sens']);\r
$res = '<table class="liste">';\r
$res .= '<th>' . self::orderby(__('Nom'), 'nom', $settings, 'sortDevis') . '</th>';\r
$res .= '<th>' . self::orderby(__('Date'), 'date_creation', $settings, 'sortDevis') . '</th>';\r
cubePage::truePopup();\r
$settings = $core->user->getSettings('factures');\r
$dao = new extranetDAOFacture($core->con);\r
- $liste = $dao->getListeForClient($core->user->utilisateur_id, $settings['orderby'], $settings['sens']);\r
+ $liste = $dao->getListeForEntreprise($core->user->entreprise, $settings['orderby'], $settings['sens'], true);\r
\r
$res = '<table class="liste">';\r
$res .= '<tr><th>' . self::orderby('#', 'facture_id', $settings, 'sortFacture') . '</th>';\r
{\r
$utilisateur = new extranetClient();\r
$utilisateur->rs = $r->rs;\r
+ $utilisateur->collegues = array();\r
return parent::singleton($r, $utilisateur);\r
}\r
\r
{\r
$utilisateur = new extranetClient();\r
$utilisateur->rs = '';\r
+ $utilisateur->collegues = array();\r
return parent::cree($utilisateur);\r
}\r
\r
{\r
$r = $this->con->select('SELECT * FROM clients WHERE utilisateur_id=' . $this->con->escape($client_id) . ' LIMIT 1');\r
$res = $this->factory($r);\r
+\r
if (!count($res)) {\r
return null;\r
}\r
public function getListe($orderby = null, $sens = null, $limit = null)\r
{\r
$sql = $this->getQueryList('clients', $orderby, $sens, $limit);\r
- fb($sql);\r
$r = $this->con->select($sql);\r
return $this->factory($r);\r
}\r
\r
public function getCollegues($utilisateur_id)\r
{\r
- $r = $this->con->select('SELECT * FROM clients WHERE entreprise IN (SELECT entreprise FROM utilisateurs WHERE utilisateur_id=\'' . $this->con->escape($utilisateur_id) . '\')');\r
+ $r = $this->con->select('SELECT * FROM clients WHERE entreprise IN (SELECT entreprise FROM utilisateurs WHERE utilisateur_id=\'' . $this->con->escape($utilisateur_id) . '\') AND utilisateur_id!=\'' . $this->con->escape($utilisateur_id) . '\'');\r
return $this->factory($r);\r
}\r
\r
+ public function getColleguesList($utilisateur_id)\r
+ {\r
+ $r = $this->con->select('SELECT utilisateur_id FROM clients WHERE entreprise IN (SELECT entreprise FROM utilisateurs WHERE utilisateur_id=\'' . $this->con->escape($utilisateur_id) . '\') AND utilisateur_id!=\'' . $this->con->escape($utilisateur_id) . '\'');\r
+ $res = array();\r
+ while ($r->fetch()) {\r
+ $res[] = $r->utilisateur_id;\r
+ }\r
+ return $res;\r
+ }\r
+\r
public function querySearchByName($q)\r
{\r
return 'SELECT utilisateur_id FROM utilisateurs WHERE (' . $this->whereSearchByName($q) . ') AND grade=0';\r
return $this->factory($r);\r
}\r
\r
+ public function getListeForEntreprise($entreprise_id, $orderby, $sens)\r
+ {\r
+ $sql = 'SELECT * FROM devis_vue WHERE client_id IN (SELECT utilisateur_id FROM utilisateurs WHERE entreprise=\'' . $this->con->escape($entreprise_id) . '\') AND status>0 ORDER BY ' . $orderby . ' ' . $sens;\r
+ $r = $this->con->select($sql);\r
+ return $this->factory($r);\r
+ }\r
+\r
/**\r
* extranetDAODevis::sauve()\r
*\r
return $this->factory($r);\r
}\r
\r
+ public function getListeForEntreprise($entreprise_id, $orderby, $sens)\r
+ {\r
+ $sql = 'SELECT * FROM factures_vue WHERE client_id IN(SELECT utilisateur_id FROM utilisateurs WHERE entreprise=\'' . $this->con->escape($entreprise_id) . '\') AND status>0 ORDER BY ' . $orderby . ' ' . $sens;\r
+ $r = $this->con->select($sql);\r
+ return $this->factory($r);\r
+ }\r
+\r
public function getImpayesOfClient($client_id)\r
{\r
$sql = 'SELECT * FROM factures_vue WHERE client_id=\'' . $this->con->escape($client_id) . '\' AND status=1 ORDER BY date_creation';\r
$utilisateur->connected = false;\r
$utilisateur->notes = $r->notes;\r
$utilisateur->entreprise = $r->entreprise;\r
+ $utilisateur->collegues = array();\r
\r
return $utilisateur;\r
}\r
\r
public function selectByLoginPassword($login, $password)\r
{\r
- $r = $this->con->select('SELECT * FROM utilisateurs WHERE (email=\'' . $this->con->escape($login) . '\' OR login=\'' . $this->con->escape($login) . '\') AND (password=\'' . $this->con->escape($password) . '\' OR ws_password=\''.$this->con->escape($password).'\') LIMIT 1');\r
+ $r = $this->con->select('SELECT * FROM utilisateurs WHERE (email=\'' . $this->con->escape($login) . '\' OR login=\'' . $this->con->escape($login) . '\') AND (password=\'' . $this->con->escape($password) . '\' OR ws_password=\'' . $this->con->escape($password) . '\') LIMIT 1');\r
if (!$r->count()) {\r
return false;\r
}\r
protected $entreprise;\r
protected $tva_intra;\r
protected $rs;\r
+ protected $collegues;\r
protected $ws_admin;\r
protected $ws_grade;\r
\r
projects / cubeextranet.git / commitdiff