search

Dolibarr / dolibarr

Dolibarr ERP CRM is a modern software package to manage your company or foundation's activity (contacts, suppliers, invoices, orders, stocks, agenda, accounting, ...). it's an open source Web application (written in PHP) designed for businesses of any sizes, foundations and freelancers.
https://www.dolibarr.org
GNU General Public License v3.0
5.53k stars 2.81k forks source link

Regular users can't list projects #3604

Closed fonkyzeus closed 9 years ago

fonkyzeus commented 9 years ago

Un utilisateur, non-administrateur, qui a tous les droits sur la gestion/modification de projets et tâches ne peut pas accéder à la liste des tâches. Le message d'erreut suivant est affiche. En tant qu'administrateur, je peux accéder à la liste des tâches.

Environment

Dolibarr a détecté une erreur technique. Voici les informations qui pourront aider au diagnostic: Date: 20150925115408 Dolibarr: 3.8.0 Niveau de fonctionnalités: 0 PHP: 5.3.29 Server: Apache OS: Linux webm396.mp.ha.ovh.net 3.14.33-grsec-hosting-web-3.14 #1 SMP Thu Apr 16 08:53:31 UTC 2015 x86_64 UserAgent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36

Url sollicitée: /341/htdocs/projet/list.php Referer: http://www.gestion-animage.fr/341/htdocs/projet/index.php?leftmenu=projects Gestionnaire de menu: eldy_menu.php

Type gestionnaire de base de données: mysqli Requête dernier accès en base en erreur: SELECT p.rowid as projectid, p.ref, p.title, p.fk_statut, p.fk_opp_status, p.public, p.fk_user_creat, p.datec as date_create, p.dateo as date_start, p.datee as date_end, p.opp_amount, s.nom as name, s.rowid as socid, cls.code as opp_status_code FROM llx_projet as p LEFT JOIN llx_societe as s on p.fk_soc = s.rowid LEFT JOIN llx_c_lead_status as cls on p.fk_opp_status = cls.rowid, llx_societe_commerciaux as sc WHERE p.entity = 1 AND s.rowid = sc.fk_soc AND sc.fk_user = ORDER BY p.ref ASC LIMIT 51 Code retour dernier accès en base en erreur: DB_ERROR_SYNTAX Information sur le dernier accès en base en erreur: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY p.ref ASC LIMIT 51' at line 1

fonkyzeus commented 9 years ago

Lorsque je donne a ce salarié le droit de voir les tiers qui ne lui sont pas associés, il n'y a plus de bug -> gênant car je ne veux pas qu'il voit les marges associés aux tiers...

rdoursenaud commented 9 years ago

We are an international community now. We expect the bug reports to be in english. Please edit accordingly. Thanks!

fonkyzeus commented 9 years ago

In english : A user, not administrator, who has full rights to manage / edit projects and tasks can not access the list of tasks. The following error message is displayed.

When I put it to an administrator, I can access the task list.

Edit 2 : i noted that when I give this employee the right to access to all clients, includinf those not associated with it, there's no bug -> annoying because I do not want him to see the margins associated with clients ...

Environment##

Version: 3.8.0 OS: Linux Web server: Apache PHP: cgi-fcgi 5.3.29 Database: MySQL or MariaDB 5.1.73-2+squeeze+build1+1-log URL: /341/htdocs/projet/list.php Report

Error message## Dolibarr a détecté une erreur technique. Voici les informations qui pourront aider au diagnostic: Date: 20150925115408 Dolibarr: 3.8.0 Niveau de fonctionnalités: 0 PHP: 5.3.29 Server: Apache OS: Linux webm396.mp.ha.ovh.net 3.14.33-grsec-hosting-web-3.14 #1 SMP Thu Apr 16 08:53:31 UTC 2015 x86_64 UserAgent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36

Url sollicitée: /341/htdocs/projet/list.php Referer: http://www.gestion-animage.fr/341/htdocs/projet/index.php?leftmenu=projects Gestionnaire de menu: eldy_menu.php

Type gestionnaire de base de données: mysqli Requête dernier accès en base en erreur: SELECT p.rowid as projectid, p.ref, p.title, p.fk_statut, p.fk_opp_status, p.public, p.fk_user_creat, p.datec as date_create, p.dateo as date_start, p.datee as date_end, p.opp_amount, s.nom as name, s.rowid as socid, cls.code as opp_status_code FROM llx_projet as p LEFT JOIN llx_societe as s on p.fk_soc = s.rowid LEFT JOIN llx_c_lead_status as cls on p.fk_opp_status = cls.rowid, llx_societe_commerciaux as sc WHERE p.entity = 1 AND s.rowid = sc.fk_soc AND sc.fk_user = ORDER BY p.ref ASC LIMIT 51 Code retour dernier accès en base en erreur: DB_ERROR_SYNTAX Information sur le dernier accès en base en erreur: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY p.ref ASC LIMIT 51' at line 1

eldy commented 9 years ago

Fixed by f1cf629b80f3e88dbcc3ff7fb94cb9a6ed5a6f51