Dolibarr ERP & CRM » Bugs » bug #1926 [contract] Wrong Rights CheckedDernières modifications
Répondre
État| Détails |
| Last Modified On: | 06/05/2015 12:42 | | Submitted by: | damien clochard (daamien) |
| Submitted on: | 06/05/2015 12:42 | |
| Summary: | [contract] Wrong Rights Checked |
| Description: | Version 3.6, in contrat/fiche.php
Line 1140 is wrong :
if ($action == 'edit_extras' && $user->rights->commande->creer && GETPOST('attribute') == $key) {
the "commande->creer" right is checked but it should be "contract->creer" or "contrat->creer"
and also line 1153 :
if ($object->statut == 0 && $user->rights->commande->creer)
Again the "commande->creer" right is checked
And the statut check is not correct too : user should able to modify teh extra fields even if the contract is not in statut 'brouillon'
|
| Step to reproduce bug: | |
| Detected in version: | 3.6.2 | | Category: | Module: Contracts |
| Severity: | 5 - Major | | OS Type/Version: | |
| PHP version: | | | Database type and version: | |
| Etat |
| Status: | Open | | Assigned to: | HENRY Florian (fhenry) |
| Resolution: | Fixed | |
Commentaires- HENRY Florian 07/05/2015 17:26
- https://github.com/Dolibarr/dolibarr/pull/2801
|
|
Aucun→ Fixed