Dolibarr ERP & CRM » Bugs » bug #1926 [contract] Wrong Rights CheckedÉtat Détails |
Submitted by: | damien clochard (daamien) | | Submitted on: | 06/05/2015 12:42 |
Last Modified On: | 06/05/2015 12:42 | |
Summary: | [contract] Wrong Rights Checked |
Description: |
Version 3.6, in contrat/fiche.php
Line 1140 is wrong :
if ($action == 'edit_extras' && $user->rights->commande->creer && GETPOST('attribute') == $key) {
the "commande->creer" right is checked but it should be "contract->creer" or "contrat->creer"
and also line 1153 :
if ($object->statut == 0 && $user->rights->commande->creer)
Again the "commande->creer" right is checked
And the statut check is not correct too : user should able to modify teh extra fields even if the contract is not in statut 'brouillon'
|
Step to reproduce bug: | |
Detected in version: | 3.6.2 | | Category: | Module: Contracts |
Severity: | 5 - Major | | OS Type/Version: | |
PHP version: | | | Database type and version: | |
Etat |
Status: | Open | | Assigned to: | HENRY Florian (fhenry) |
Resolution: | Aucun | |
Répondre
|
|