Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision a2212188

Von Tamino Steinert vor fast 2 Jahren hinzugefügt

FIX: Richtige Rechte für Beleg-Pdf-Download von Rechnungen/Gutschriften

Unterschiede anzeigen:

bin/mozilla/ar.pl
$::request->layout->add_javascripts('kivi.Validator.js');
}
sub webdav_pdf_export {
sub _check_access_right_for_ids {
my ($ids) = @_;
$main::lxdebug->enter_sub();
# TODO(Tamino): rights?
$::auth->assert('ar_transactions');
$::auth->assert('invoice_edit');
my $form = Form->new;
AR->ar_transactions(\%::myconfig, \%$form);
my %allowed_ids = ();
my @allowed_ar_ids = map {$_->{id}} @{$form->{AR}};
foreach my $ar_id (@allowed_ar_ids) {
$allowed_ids{$ar_id} = 1 ;
}
foreach my $id (@$ids) {
unless ($allowed_ids{$id}) {
$::auth->deny_access();
}
}
$main::lxdebug->leave_sub();
}
sub webdav_pdf_export {
$main::lxdebug->enter_sub();
my $form = $main::form;
my $ids = $form->{id};
_check_access_right_for_ids($ids);
my $invoices = SL::DB::Manager::Invoice->get_all(where => [ id => $ids ]);
my %file_name_to_path = ();
......
foreach my $invoice (@{$invoices}) {
if ($invoice->type eq '') {
$no_files .= $invoice->displayable_name() . "\n";
$main::lxdebug->dump(0, "TST: no_files loop", $no_files);
next;
}
my $webdav = SL::Webdav->new(
......
sub files_pdf_export {
$main::lxdebug->enter_sub();
# TODO(Tamino): rights?
$::auth->assert('ar_transactions');
$::auth->assert('invoice_edit');
my $form = $main::form;
my $ids = $form->{id};
_check_access_right_for_ids($ids);
my $invoices = SL::DB::Manager::Invoice->get_all(where => [ id => $ids ]);
my %file_name_to_path = ();

Auch abrufbar als: Unified diff