Revision 727d8065
Von Kivitendo Admin vor mehr als 11 Jahren hinzugefügt
| SL/AP.pm | ||
|---|---|---|
| 492 | 492 |
|
| 493 | 493 |
my $where = ''; |
| 494 | 494 |
|
| 495 |
unless ( $main::auth->check_right($form->{login}, 'show_ap_transactions') ) {
|
|
| 495 |
unless ( $::auth->assert('show_ap_transactions', 1) ) {
|
|
| 496 | 496 |
$where .= " AND NOT invoice = 'f' "; # remove ap transactions from Sales -> Reports -> Invoices |
| 497 | 497 |
}; |
| 498 | 498 |
|
| SL/AR.pm | ||
|---|---|---|
| 516 | 516 |
|
| 517 | 517 |
my $where = "1 = 1"; |
| 518 | 518 |
|
| 519 |
unless ( $main::auth->check_right($form->{login}, 'show_ar_transactions') ) {
|
|
| 519 |
unless ( $::auth->assert('show_ar_transactions', 1) ) {
|
|
| 520 | 520 |
$where .= " AND NOT invoice = 'f' "; # remove ar transactions from Sales -> Reports -> Invoices |
| 521 | 521 |
}; |
| 522 | 522 |
|
Auch abrufbar als: Unified diff
Recht für Debitoren- und Kreditorenbuchungen verbessert
auf Hinweis von Sven hin:
statt $::auth->check_right($form->{login}, $right) assert benutzen: $::auth->assert($right, 1)
$form lässt sich leicht manipulieren.