Revision 2a72d256
Von Moritz Bunkus vor fast 4 Jahren hinzugefügt
| SL/Controller/CustomerVendor.pm | ||
|---|---|---|
| 41 | 41 |
use Data::Dumper; |
| 42 | 42 |
|
| 43 | 43 |
use Rose::Object::MakeMethods::Generic ( |
| 44 |
scalar => [ qw(user_has_edit_rights) ], |
|
| 44 | 45 |
'scalar --get_set_init' => [ qw(customer_models vendor_models zugferd_settings) ], |
| 45 | 46 |
); |
| 46 | 47 |
|
| 47 | 48 |
# safety |
| 48 |
__PACKAGE__->run_before( |
|
| 49 |
sub {
|
|
| 50 |
$::auth->assert('customer_vendor_edit');
|
|
| 51 |
}, |
|
| 52 |
except => [ qw(ajaj_autocomplete) ], |
|
| 53 |
); |
|
| 54 | 49 |
__PACKAGE__->run_before( |
| 55 | 50 |
'_instantiate_args', |
| 56 | 51 |
only => [ |
| ... | ... | |
| 81 | 76 |
); |
| 82 | 77 |
|
| 83 | 78 |
# make sure this comes after _load_customer_vendor |
| 84 |
__PACKAGE__->run_before( |
|
| 85 |
'_check_customer_vendor_all_edit', |
|
| 86 |
only => [ |
|
| 87 |
'edit', |
|
| 88 |
'show', |
|
| 89 |
'update', |
|
| 90 |
'delete', |
|
| 91 |
'save', |
|
| 92 |
'save_and_ap_transaction', |
|
| 93 |
'save_and_ar_transaction', |
|
| 94 |
'save_and_close', |
|
| 95 |
'save_and_invoice', |
|
| 96 |
'save_and_order', |
|
| 97 |
'save_and_quotation', |
|
| 98 |
'save_and_rfq', |
|
| 99 |
'delete', |
|
| 100 |
'delete_contact', |
|
| 101 |
'delete_shipto', |
|
| 102 |
] |
|
| 103 |
); |
|
| 79 |
__PACKAGE__->run_before('_check_auth');
|
|
| 104 | 80 |
|
| 105 | 81 |
__PACKAGE__->run_before( |
| 106 | 82 |
'_create_customer_vendor', |
| ... | ... | |
| 656 | 632 |
if (1 == scalar @{ $exact_matches = $manager->get_all(
|
| 657 | 633 |
query => [ |
| 658 | 634 |
obsolete => 0, |
| 659 |
(salesman_id => SL::DB::Manager::Employee->current->id) x !$::auth->assert('customer_vendor_all_edit', 1),
|
|
| 660 | 635 |
or => [ |
| 661 | 636 |
name => { ilike => $::form->{filter}{'all:substr:multi::ilike'} },
|
| 662 | 637 |
$number => { ilike => $::form->{filter}{'all:substr:multi::ilike'} },
|
| ... | ... | |
| 912 | 887 |
} |
| 913 | 888 |
} |
| 914 | 889 |
|
| 915 |
sub _check_customer_vendor_all_edit {
|
|
| 916 |
my ($self) = @_;
|
|
| 890 |
sub _check_auth {
|
|
| 891 |
my ($self, $action) = @_;
|
|
| 917 | 892 |
|
| 918 |
unless ($::auth->assert('customer_vendor_all_edit', 1)) {
|
|
| 919 |
die($::locale->text("You don't have the rights to edit this customer.") . "\n")
|
|
| 920 |
if $self->{cv}->is_customer and
|
|
| 921 |
SL::DB::Manager::Employee->current->id != $self->{cv}->salesman_id;
|
|
| 922 |
}; |
|
| 923 |
}; |
|
| 893 |
my $is_new = !$self->{cv} || !$self->{cv}->id;
|
|
| 894 |
my $is_own_customer = !$is_new |
|
| 895 |
&& $self->{cv}->is_customer
|
|
| 896 |
&& (SL::DB::Manager::Employee->current->id == $self->{cv}->salesman_id);
|
|
| 897 |
my $has_edit_rights = $::auth->assert('customer_vendor_all_edit', 1);
|
|
| 898 |
$has_edit_rights ||= $::auth->assert('customer_vendor_edit', 1) && ($is_new || $is_own_customer);
|
|
| 899 |
my $needs_edit_rights = $action =~ m{^(?:add|save|delete|update)};
|
|
| 900 |
|
|
| 901 |
$self->user_has_edit_rights($has_edit_rights); |
|
| 902 |
|
|
| 903 |
return 1 if $has_edit_rights; |
|
| 904 |
return 0 if $needs_edit_rights; |
|
| 905 |
return 1; |
|
| 906 |
} |
|
| 924 | 907 |
|
| 925 | 908 |
sub _create_customer_vendor {
|
| 926 | 909 |
my ($self) = @_; |
| ... | ... | |
| 1075 | 1058 |
sub _setup_form_action_bar {
|
| 1076 | 1059 |
my ($self) = @_; |
| 1077 | 1060 |
|
| 1061 |
my $no_rights = $self->user_has_edit_rights ? undef |
|
| 1062 |
: $self->{cv}->is_customer ? t8("You don't have the rights to edit this customer.")
|
|
| 1063 |
: t8("You don't have the rights to edit this vendor.");
|
|
| 1064 |
|
|
| 1078 | 1065 |
for my $bar ($::request->layout->get('actionbar')) {
|
| 1079 | 1066 |
$bar->add( |
| 1080 | 1067 |
combobox => [ |
| ... | ... | |
| 1083 | 1070 |
submit => [ '#form', { action => "CustomerVendor/save" } ],
|
| 1084 | 1071 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1085 | 1072 |
accesskey => 'enter', |
| 1073 |
disabled => $no_rights, |
|
| 1086 | 1074 |
], |
| 1087 | 1075 |
action => [ |
| 1088 | 1076 |
t8('Save and Close'),
|
| 1089 | 1077 |
submit => [ '#form', { action => "CustomerVendor/save_and_close" } ],
|
| 1090 | 1078 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1079 |
disabled => $no_rights, |
|
| 1091 | 1080 |
], |
| 1092 | 1081 |
], # end of combobox "Save" |
| 1093 | 1082 |
|
| ... | ... | |
| 1097 | 1086 |
t8('Save and AP Transaction'),
|
| 1098 | 1087 |
submit => [ '#form', { action => "CustomerVendor/save_and_ap_transaction" } ],
|
| 1099 | 1088 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1089 |
disabled => $no_rights, |
|
| 1100 | 1090 |
]) x !!$self->is_vendor, |
| 1101 | 1091 |
(action => [ |
| 1102 | 1092 |
t8('Save and AR Transaction'),
|
| 1103 | 1093 |
submit => [ '#form', { action => "CustomerVendor/save_and_ar_transaction" } ],
|
| 1104 | 1094 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1095 |
disabled => $no_rights, |
|
| 1105 | 1096 |
]) x !$self->is_vendor, |
| 1106 | 1097 |
action => [ |
| 1107 | 1098 |
t8('Save and Invoice'),
|
| 1108 | 1099 |
submit => [ '#form', { action => "CustomerVendor/save_and_invoice" } ],
|
| 1109 | 1100 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1101 |
disabled => $no_rights, |
|
| 1110 | 1102 |
], |
| 1111 | 1103 |
action => [ |
| 1112 | 1104 |
t8('Save and Order'),
|
| 1113 | 1105 |
submit => [ '#form', { action => "CustomerVendor/save_and_order" } ],
|
| 1114 | 1106 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1107 |
disabled => $no_rights, |
|
| 1115 | 1108 |
], |
| 1116 | 1109 |
(action => [ |
| 1117 | 1110 |
t8('Save and RFQ'),
|
| 1118 | 1111 |
submit => [ '#form', { action => "CustomerVendor/save_and_rfq" } ],
|
| 1119 | 1112 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1113 |
disabled => $no_rights, |
|
| 1120 | 1114 |
]) x !!$self->is_vendor, |
| 1121 | 1115 |
(action => [ |
| 1122 | 1116 |
t8('Save and Quotation'),
|
| 1123 | 1117 |
submit => [ '#form', { action => "CustomerVendor/save_and_quotation" } ],
|
| 1124 | 1118 |
checks => [ 'check_taxzone_and_ustid' ], |
| 1119 |
disabled => $no_rights, |
|
| 1125 | 1120 |
]) x !$self->is_vendor, |
| 1126 | 1121 |
], # end of combobox "Workflow" |
| 1127 | 1122 |
|
| ... | ... | |
| 1131 | 1126 |
confirm => t8('Do you really want to delete this object?'),
|
| 1132 | 1127 |
disabled => !$self->{cv}->id ? t8('This object has not been saved yet.')
|
| 1133 | 1128 |
: !$self->is_orphaned ? t8('This object has already been used.')
|
| 1134 |
: undef,
|
|
| 1129 |
: $no_rights,
|
|
| 1135 | 1130 |
], |
| 1136 | 1131 |
|
| 1137 | 1132 |
'separator', |
| ... | ... | |
| 1214 | 1209 |
}, |
| 1215 | 1210 |
customernumber => t8('Customer Number'),
|
| 1216 | 1211 |
}, |
| 1217 |
query => [ |
|
| 1218 |
( salesman_id => SL::DB::Manager::Employee->current->id) x !$::auth->assert('customer_vendor_all_edit', 1),
|
|
| 1219 |
], |
|
| 1220 | 1212 |
); |
| 1221 | 1213 |
} |
| 1222 | 1214 |
|
Auch abrufbar als: Unified diff
Kunden-/Lieferantenstammdaten: Berechtigungsmodell gefixt
Neues Modell sieht wie folgt aus:
1. Alle Personen haben Leserechte auf alle Kunden- &
Lieferantenstammdaten. Das betrifft nicht nur die Stammdatenmasken,
sondern auch die AJAJ-Autovervollständigung (Kunden-/
Lieferanten-Picker) oder die Detail-Popup-Fenster in Einkaufs-/
Verkaufsbelegmasken.
2. Personen mit »edit«-Recht aber ohne »edit all«-Recht dürfen nur die
eigenen Kundenstammdaten verändern (speichern/löschen), wobei
»eigen« definiert ist als »aktuelle Person ist Verkäufer*in des
Kunden«. Neue Kunden dürfen angelegt werden. Bei Lieferanten dürfen
hingegen alle Stammdaten bearbeitet werden.
3. Personen mit »edit all«-Recht haben Vollzugriff auf alle Kunden- &
Lieferantenstammdaten.
(cherry picked from commit 433f3b22eb2ebfa433f090b60bd27797d5dd3b04)