Revision a2212188
Von Tamino Steinert vor mehr als 1 Jahr hinzugefügt
bin/mozilla/ar.pl | ||
---|---|---|
1537 | 1537 |
$::request->layout->add_javascripts('kivi.Validator.js'); |
1538 | 1538 |
} |
1539 | 1539 |
|
1540 |
sub webdav_pdf_export { |
|
1540 |
sub _check_access_right_for_ids { |
|
1541 |
my ($ids) = @_; |
|
1541 | 1542 |
$main::lxdebug->enter_sub(); |
1542 | 1543 |
|
1543 |
# TODO(Tamino): rights? |
|
1544 |
$::auth->assert('ar_transactions'); |
|
1545 |
$::auth->assert('invoice_edit'); |
|
1544 |
my $form = Form->new; |
|
1545 |
AR->ar_transactions(\%::myconfig, \%$form); |
|
1546 |
my %allowed_ids = (); |
|
1547 |
|
|
1548 |
my @allowed_ar_ids = map {$_->{id}} @{$form->{AR}}; |
|
1549 |
foreach my $ar_id (@allowed_ar_ids) { |
|
1550 |
$allowed_ids{$ar_id} = 1 ; |
|
1551 |
} |
|
1552 |
foreach my $id (@$ids) { |
|
1553 |
unless ($allowed_ids{$id}) { |
|
1554 |
$::auth->deny_access(); |
|
1555 |
} |
|
1556 |
} |
|
1557 |
|
|
1558 |
$main::lxdebug->leave_sub(); |
|
1559 |
} |
|
1560 |
|
|
1561 |
sub webdav_pdf_export { |
|
1562 |
$main::lxdebug->enter_sub(); |
|
1546 | 1563 |
|
1547 | 1564 |
my $form = $main::form; |
1548 | 1565 |
my $ids = $form->{id}; |
1549 | 1566 |
|
1567 |
_check_access_right_for_ids($ids); |
|
1568 |
|
|
1550 | 1569 |
my $invoices = SL::DB::Manager::Invoice->get_all(where => [ id => $ids ]); |
1551 | 1570 |
|
1552 | 1571 |
my %file_name_to_path = (); |
... | ... | |
1554 | 1573 |
foreach my $invoice (@{$invoices}) { |
1555 | 1574 |
if ($invoice->type eq '') { |
1556 | 1575 |
$no_files .= $invoice->displayable_name() . "\n"; |
1557 |
$main::lxdebug->dump(0, "TST: no_files loop", $no_files); |
|
1558 | 1576 |
next; |
1559 | 1577 |
} |
1560 | 1578 |
my $webdav = SL::Webdav->new( |
... | ... | |
1578 | 1596 |
sub files_pdf_export { |
1579 | 1597 |
$main::lxdebug->enter_sub(); |
1580 | 1598 |
|
1581 |
# TODO(Tamino): rights? |
|
1582 |
$::auth->assert('ar_transactions'); |
|
1583 |
$::auth->assert('invoice_edit'); |
|
1584 |
|
|
1585 | 1599 |
my $form = $main::form; |
1586 | 1600 |
my $ids = $form->{id}; |
1587 | 1601 |
|
1602 |
_check_access_right_for_ids($ids); |
|
1603 |
|
|
1588 | 1604 |
my $invoices = SL::DB::Manager::Invoice->get_all(where => [ id => $ids ]); |
1589 | 1605 |
|
1590 | 1606 |
my %file_name_to_path = (); |
Auch abrufbar als: Unified diff
FIX: Richtige Rechte für Beleg-Pdf-Download von Rechnungen/Gutschriften