Revision 74e45f0f
Von Martin Helmling martin.helmling@octosoft.eu vor mehr als 8 Jahren hinzugefügt
SL/Controller/CsvImport.pm | ||
---|---|---|
32 | 32 |
use Rose::Object::MakeMethods::Generic |
33 | 33 |
( |
34 | 34 |
scalar => [ qw(type profile file all_profiles all_charsets sep_char all_sep_chars quote_char all_quote_chars escape_char all_escape_chars all_buchungsgruppen all_units |
35 |
csv_import_access |
|
36 | 35 |
import_status errors headers raw_data_headers info_headers data num_importable displayable_columns file all_taxzones) ], |
37 | 36 |
'scalar --get_set_init' => [ qw(worker task_server num_imported mappings) ], |
38 | 37 |
'array' => [ |
... | ... | |
41 | 40 |
], |
42 | 41 |
); |
43 | 42 |
|
44 |
__PACKAGE__->run_before('check_auth'); |
|
43 |
__PACKAGE__->run_before('check_auth', except => [ qw(report) ]);
|
|
45 | 44 |
__PACKAGE__->run_before('ensure_form_structure'); |
46 | 45 |
__PACKAGE__->run_before('check_type', except => [ qw(report) ]); |
47 | 46 |
__PACKAGE__->run_before('load_all_profiles'); |
... | ... | |
267 | 266 |
# |
268 | 267 |
|
269 | 268 |
sub check_auth { |
270 |
my ($self) = @_; |
|
271 |
if ( $::form->{csv_import_access} ) { |
|
272 |
$self->csv_import_access($::form->{csv_import_access}); |
|
273 |
return $::auth->assert($self->csv_import_access); |
|
274 |
} else { |
|
275 |
return $::auth->assert('config'); |
|
276 |
} |
|
269 |
$_[0]->check_type; |
|
270 |
$_[0]->worker->check_auth; |
|
277 | 271 |
} |
278 | 272 |
|
279 | 273 |
sub check_type { |
SL/Controller/CsvImport/BankTransaction.pm | ||
---|---|---|
183 | 183 |
$object->remote_name($remote_name); |
184 | 184 |
} |
185 | 185 |
|
186 |
sub check_auth { |
|
187 |
$::auth->assert('config') if ! $::auth->assert('bank_transaction',1); |
|
188 |
} |
|
189 |
|
|
186 | 190 |
1; |
SL/Controller/CsvImport/Base.pm | ||
---|---|---|
339 | 339 |
sub check_duplicates { |
340 | 340 |
} |
341 | 341 |
|
342 |
sub check_auth { |
|
343 |
$::auth->assert('config'); |
|
344 |
} |
|
345 |
|
|
342 | 346 |
sub check_std_duplicates { |
343 | 347 |
my $self = shift; |
344 | 348 |
|
templates/webpages/csv_import/_deferred_report.html | ||
---|---|---|
20 | 20 |
|
21 | 21 |
$(document).ready(function(){ |
22 | 22 |
[%- IF SELF.background_job.data_as_hash.report_id %] |
23 |
get_report('#csv_import_report', 'controller.pl', { action: 'CsvImport/report', 'no_layout': 1, 'id': [% SELF.background_job.data_as_hash.report_id %], 'csv_import_access' : '[% SELF.csv_import_access %]' });
|
|
23 |
get_report('#csv_import_report', 'controller.pl', { action: 'CsvImport/report', 'no_layout': 1, 'id': [% SELF.background_job.data_as_hash.report_id %] }); |
|
24 | 24 |
[%- END %] |
25 | 25 |
}); |
26 | 26 |
|
templates/webpages/csv_import/_deferred_results.html | ||
---|---|---|
16 | 16 |
data: { |
17 | 17 |
action: 'CsvImport/result', |
18 | 18 |
'profile.type': '[% SELF.profile.type %]', |
19 |
'csv_import_access' : '[% SELF.csv_import_access %]', |
|
20 | 19 |
job: '[% SELF.background_job.id %]' |
21 | 20 |
}, |
22 | 21 |
success: function(data) { $('#results').html(data) }, |
templates/webpages/csv_import/form.html | ||
---|---|---|
10 | 10 |
[% L.hidden_tag('form_sent', '1') %] |
11 | 11 |
[% L.hidden_tag('action', 'CsvImport/dispatch') %] |
12 | 12 |
[% L.hidden_tag('profile.type', SELF.profile.type) %] |
13 |
[% L.hidden_tag('csv_import_access', SELF.csv_import_access) %] |
|
14 | 13 |
|
15 |
[%- IF SELF.csv_import_access %]
|
|
14 |
[%- IF SELF.profile.get('dont_edit_profile') %]
|
|
16 | 15 |
[% L.hidden_tag('force_profile', 1) %] |
17 | 16 |
[% L.hidden_tag('profile.id', SELF.profile.id) %] |
18 | 17 |
[%- ELSE %] |
Auch abrufbar als: Unified diff
Spezifisches Recht für CSV-Import(2)
Neue Implementierung: Die access-Prüfung findet nun im "Worker" statt,
so kann für die Banktransaktionen in "CsvImport/BankTransaction"
neben "config" auch das Recht "bank_transaction" zugelassen werden.
Davon getrennt ist nun das Verhalten, das bei einem vorgegebenen Profil
dieses nich tzum Editieren angeboten wird, sondern gleich in den Import->Test gegangen wird.
Dazu ist im entsprechenden Profil der Parameter "dont_edit_profile" auf "1" zu setzen.