Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision 2e19657a

Von Bernd Bleßmann vor fast 3 Jahren hinzugefügt

  • ID 2e19657a12d946c4e9cdd1466af1bbab992284ee
  • Vorgänger dc154326
  • Nachfolger c7172f34

Recht: Ansehen von Lieferscheinen berücksichtigen (VK+EK/alter+neuer Controller)

Unterschiede anzeigen:

bin/mozilla/do.pl
57 57

  
58 58
# end of main
59 59

  
60
sub check_do_access_for_edit {
61
  validate_type($::form->{type});
62

  
63
  my $right = SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "edit");
64
  $main::auth->assert($right);
65
}
66

  
60 67
sub check_do_access {
61 68
  validate_type($::form->{type});
62 69

  
63
  my $right = SL::DB::DeliveryOrder::TypeData::get($::form->{type}, "right");
70
  my $right = SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "view");
64 71
  $main::auth->assert($right);
65 72
}
66 73

  
......
90 97
sub add {
91 98
  $main::lxdebug->enter_sub();
92 99

  
93
  check_do_access();
100
  check_do_access_for_edit();
94 101

  
95 102
  if (($::form->{type} =~ /purchase/) && !$::instance_conf->get_allow_new_purchase_invoice) {
96 103
    $::form->show_generic_error($::locale->text("You do not have the permissions to access this function."));
......
254 261
  if (ref $undo_date eq 'DateTime' && ref $insertdate eq 'DateTime') {
255 262
    $undo_transfer = $insertdate > $undo_date;
256 263
  }
264

  
265
  my $may_edit_create = $::auth->assert(SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "edit"), 1);
266

  
257 267
  for my $bar ($::request->layout->get('actionbar')) {
258 268
    $bar->add(
259 269
      action =>
260 270
        [ t8('Update'),
261 271
          submit    => [ '#form', { action => "update" } ],
272
          disabled  => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
262 273
          id        => 'update_button',
263 274
          accesskey => 'enter',
264 275
        ],
......
268 279
          t8('Save'),
269 280
          submit   => [ '#form', { action => "save" } ],
270 281
          checks   => [ 'kivi.validate_form' ],
271
          disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
282
          disabled => !$may_edit_create    ? t8('You do not have the permissions to access this function.')
283
                    : $::form->{delivered} ? t8('This record has already been delivered.')
284
                    :                        undef,
272 285
        ],
273 286
        action => [
274 287
          t8('Save as new'),
275 288
          submit   => [ '#form', { action => "save_as_new" } ],
276 289
          checks   => [ 'kivi.validate_form' ],
277
          disabled => !$::form->{id},
290
          disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
291
                    : !$::form->{id},
278 292
        ],
279 293
        action => [
280 294
          t8('Mark as closed'),
281 295
          submit   => [ '#form', { action => "mark_closed" } ],
282 296
          checks   => [ 'kivi.validate_form' ],
283 297
          confirm  => t8('This will remove the delivery order from showing as open even if contents are not delivered. Proceed?'),
284
          disabled => !$::form->{id}    ? t8('This record has not been saved yet.')
298
          disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
299
                    : !$::form->{id}    ? t8('This record has not been saved yet.')
285 300
                    : $::form->{closed} ? t8('This record has already been closed.')
286 301
                    :                     undef,
287 302
        ],
......
291 306
        t8('Delete'),
292 307
        submit   => [ '#form', { action => "delete" } ],
293 308
        confirm  => t8('Do you really want to delete this object?'),
294
        disabled => !$::form->{id}                                                                              ? t8('This record has not been saved yet.')
309
        disabled => !$may_edit_create                                                                           ? t8('You do not have the permissions to access this function.')
310
                  : !$::form->{id}                                                                              ? t8('This record has not been saved yet.')
295 311
                  : $::form->{delivered}                                                                        ? t8('This record has already been delivered.')
296 312
                  : ($::form->{vc} eq 'customer' && !$::instance_conf->get_sales_delivery_order_show_delete)    ? t8('Deleting this type of record has been disabled in the configuration.')
297 313
                  : ($::form->{vc} eq 'vendor'   && !$::instance_conf->get_purchase_delivery_order_show_delete) ? t8('Deleting this type of record has been disabled in the configuration.')
......
303 319
          t8('Transfer out'),
304 320
          submit   => [ '#form', { action => "transfer_out" } ],
305 321
          checks   => [ 'kivi.validate_form', @transfer_qty ],
306
          disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
322
          disabled => !$may_edit_create    ? t8('You do not have the permissions to access this function.')
323
                    : $::form->{delivered} ? t8('This record has already been delivered.')
324
                    :                        undef,
307 325
          only_if  => $is_customer,
308 326
        ],
309 327
        action => [
310 328
          t8('Transfer out via default'),
311 329
          submit   => [ '#form', { action => "transfer_out_default" } ],
312 330
          checks   => [ 'kivi.validate_form' ],
313
          disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
331
          disabled => !$may_edit_create    ? t8('You do not have the permissions to access this function.')
332
                    : $::form->{delivered} ? t8('This record has already been delivered.')
333
                    :                        undef,
314 334
          only_if  => $is_customer && $::instance_conf->get_transfer_default,
315 335
        ],
316 336
        action => [
317 337
          t8('Transfer in'),
318 338
          submit   => [ '#form', { action => "transfer_in" } ],
319 339
          checks   => [ 'kivi.validate_form', @transfer_qty ],
320
          disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
340
          disabled => !$may_edit_create    ? t8('You do not have the permissions to access this function.')
341
                    : $::form->{delivered} ? t8('This record has already been delivered.')
342
                    :                        undef,
321 343
          only_if  => !$is_customer,
322 344
        ],
323 345
        action => [
324 346
          t8('Transfer in via default'),
325 347
          submit   => [ '#form', { action => "transfer_in_default" } ],
326 348
          checks   => [ 'kivi.validate_form' ],
327
          disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
349
          disabled => !$may_edit_create    ? t8('You do not have the permissions to access this function.')
350
                    : $::form->{delivered} ? t8('This record has already been delivered.')
351
                    :                        undef,
328 352
          only_if  => !$is_customer && $::instance_conf->get_transfer_default,
329 353
        ],
330 354
        action => [
......
332 356
          submit   => [ '#form', { action => "delete_transfers" } ],
333 357
          checks   => [ 'kivi.validate_form' ],
334 358
          only_if  => $::form->{delivered},
335
          disabled => !$undo_transfer ? t8('Transfer date exceeds the maximum allowed interval.') : undef,
359
          disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
360
                    : !$undo_transfer   ? t8('Transfer date exceeds the maximum allowed interval.')
361
                    :                     undef,
336 362
        ],
337 363
      ], # end of combobox "Transfer out"
338 364

  
......
353 379
        action => [ t8('Export') ],
354 380
        action => [
355 381
          t8('Print'),
356
          call   => [ 'kivi.SalesPurchase.show_print_dialog' ],
357
          checks => [ 'kivi.validate_form' ],
382
          call     => [ 'kivi.SalesPurchase.show_print_dialog' ],
383
          checks   => [ 'kivi.validate_form' ],
384
          disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
358 385
        ],
359 386
        action => [
360 387
          t8('E Mail'),
361 388
          call   => [ 'kivi.SalesPurchase.show_email_dialog' ],
362 389
          checks => [ 'kivi.validate_form' ],
363
          disabled => !$::form->{id} ? t8('This record has not been saved yet.') : undef,
390
          disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
391
                    : !$::form->{id} ?    t8('This record has not been saved yet.')
392
                    :                     undef,
364 393
        ],
365 394
      ], # end of combobox "Export"
366 395

  
......
913 942

  
914 943
  my (%params) = @_;
915 944

  
916
  check_do_access();
945
  check_do_access_for_edit();
917 946

  
918 947
  my $form     = $main::form;
919 948
  my %myconfig = %main::myconfig;
......
995 1024
sub delete {
996 1025
  $main::lxdebug->enter_sub();
997 1026

  
998
  check_do_access();
1027
  check_do_access_for_edit();
999 1028

  
1000 1029
  my $form     = $main::form;
1001 1030
  my %myconfig = %main::myconfig;
......
1021 1050
sub delete_transfers {
1022 1051
  $main::lxdebug->enter_sub();
1023 1052

  
1024
  check_do_access();
1053
  check_do_access_for_edit();
1025 1054

  
1026 1055
  my $form     = $main::form;
1027 1056
  my %myconfig = %main::myconfig;
......
1275 1304
sub save_as_new {
1276 1305
  $main::lxdebug->enter_sub();
1277 1306

  
1278
  check_do_access();
1307
  check_do_access_for_edit();
1279 1308

  
1280 1309
  my $form     = $main::form;
1281 1310

  

Auch abrufbar als: Unified diff