Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision 3ad96f21

Von Bernd Bleßmann vor fast 3 Jahren hinzugefügt

  • ID 3ad96f211f51589c061900f0dfad4cd1daedd2f6
  • Vorgänger 64e2e511
  • Nachfolger e81f9f44

Recht: Ansehen von Belegen bei Angebot und Auftrag berücksichtigen

Ansehen nur im neuen Auftrags-Controller

Unterschiede anzeigen:

SL/Controller/Order.pm
56 56
# safety
57 57
__PACKAGE__->run_before('check_auth');
58 58

  
59
__PACKAGE__->run_before('check_auth_save',
60
                        except => [ qw(edit show_customer_vendor_details_dialog price_popup load_second_rows) ]);
61

  
59 62
__PACKAGE__->run_before('recalc',
60 63
                        only => [ qw(save save_as_new save_and_delivery_order save_and_invoice save_and_invoice_for_advance_payment save_and_final_invoice save_and_ap_transaction
61 64
                                     print send_email) ]);
......
1370 1373
sub check_auth {
1371 1374
  my ($self) = @_;
1372 1375

  
1376
  my $right_for = { map { $_ => $_.'_edit' . ' | ' . $_.'_view' } @{$self->valid_types} };
1377

  
1378
  my $right   = $right_for->{ $self->type };
1379
  $right    ||= 'DOES_NOT_EXIST';
1380

  
1381
  $::auth->assert($right);
1382
}
1383

  
1384
sub check_auth_save {
1385
  my ($self) = @_;
1386

  
1373 1387
  my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} };
1374 1388

  
1375 1389
  my $right   = $right_for->{ $self->type };
......
2018 2032
    $has_final_invoice               = any {'SL::DB::Invoice' eq ref $_ && "final_invoice" eq $_->type} @$lr;
2019 2033
  }
2020 2034

  
2035
  my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} };
2036
  my $right     = $right_for->{ $self->type };
2037
  $right      ||= 'DOES_NOT_EXIST';
2038

  
2039
  if ($::auth->assert($right, 1)) {
2021 2040
  for my $bar ($::request->layout->get('actionbar')) {
2022 2041
    $bar->add(
2023 2042
      combobox => [
......
2164 2183
        only_if  => $deletion_allowed,
2165 2184
      ],
2166 2185

  
2186
    );
2187
  }
2188
  }
2189

  
2190
  for my $bar ($::request->layout->get('actionbar')) {
2191
    $bar->add(
2167 2192
      combobox => [
2168 2193
        action => [
2169 2194
          t8('more')
......
2182 2207
      ], # end of combobox "more"
2183 2208
    );
2184 2209
  }
2210

  
2185 2211
}
2186 2212

  
2187 2213
sub generate_doc {
SL/Controller/TopQuickSearch/PurchaseOrder.pm
5 5

  
6 6
use SL::Locale::String qw(t8);
7 7

  
8
sub auth { 'purchase_order_edit' }
8
sub auth { 'purchase_order_edit | purchase_order_view' }
9 9

  
10 10
sub name { 'purchase_order' }
11 11

  
SL/Controller/TopQuickSearch/RequestForQuotation.pm
5 5

  
6 6
use SL::Locale::String qw(t8);
7 7

  
8
sub auth { 'request_quotation_edit' }
8
sub auth { 'request_quotation_edit | request_quotation_view' }
9 9

  
10 10
sub name { 'request_quotation' }
11 11

  
SL/Controller/TopQuickSearch/SalesOrder.pm
5 5

  
6 6
use SL::Locale::String qw(t8);
7 7

  
8
sub auth { 'sales_order_edit' }
8
sub auth { 'sales_order_edit | sales_order_view' }
9 9

  
10 10
sub name { 'sales_order' }
11 11

  
SL/Controller/TopQuickSearch/SalesQuotation.pm
5 5

  
6 6
use SL::Locale::String qw(t8);
7 7

  
8
sub auth { 'sales_quotation_edit' }
8
sub auth { 'sales_quotation_edit | sales_quotation_view' }
9 9

  
10 10
sub name { 'sales_quotation' }
11 11

  
bin/mozilla/oe.pl
84 84
  'sales_quotation'   => 'sales_quotation_edit',
85 85
};
86 86

  
87
my $oe_view_access_map = {
88
  'sales_order'       => 'sales_order_edit       | sales_order_view',
89
  'purchase_order'    => 'purchase_order_edit    | purchase_order_view',
90
  'request_quotation' => 'request_quotation_edit | request_quotation_view',
91
  'sales_quotation'   => 'sales_quotation_edit   | sales_quotation_view',
92
};
93

  
87 94
sub check_oe_access {
95
  my (%params) = @_;
88 96
  my $form     = $main::form;
89 97

  
90
  my $right   = $oe_access_map->{$form->{type}};
98
  my $right   = ($params{with_view}) ? $oe_view_access_map->{$form->{type}} : $oe_access_map->{$form->{type}};
91 99
  $right    ||= 'DOES_NOT_EXIST';
92 100

  
93 101
  $main::auth->assert($right);
......
926 934
  my %myconfig = %main::myconfig;
927 935
  my $locale   = $main::locale;
928 936

  
929
  check_oe_access();
937
  check_oe_access(with_view => 1);
930 938

  
931 939
  if ($form->{type} eq 'purchase_order') {
932 940
    $form->{vc}        = 'vendor';
......
1017 1025
  my $cgi      = $::request->{cgi};
1018 1026

  
1019 1027
  my %params   = @_;
1020
  check_oe_access();
1028
  check_oe_access(with_view => 1);
1021 1029

  
1022 1030
  my $ordnumber = ($form->{type} =~ /_order$/) ? "ordnumber" : "quonumber";
1023 1031

  
menus/user/00-erp.yaml
275 275
  name: Quotations
276 276
  icon: report_quotations
277 277
  order: 200
278
  access: sales_quotation_edit
278
  access: sales_quotation_edit | sales_quotation_view
279 279
  module: oe.pl
280 280
  params:
281 281
    action: search
......
285 285
  name: Sales Orders
286 286
  icon: report_sales_orders
287 287
  order: 300
288
  access: sales_order_edit
288
  access: sales_order_edit | sales_order_view
289 289
  module: oe.pl
290 290
  params:
291 291
    action: search
......
446 446
  name: RFQs
447 447
  icon: rfq_report
448 448
  order: 100
449
  access: request_quotation_edit
449
  access: request_quotation_edit | request_quotation_view
450 450
  module: oe.pl
451 451
  params:
452 452
    action: search
......
456 456
  name: Purchase Orders
457 457
  icon: purchase_order_report
458 458
  order: 200
459
  access: purchase_order_edit
459
  access: purchase_order_edit | purchase_order_view
460 460
  module: oe.pl
461 461
  params:
462 462
    action: search

Auch abrufbar als: Unified diff