Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision b4ddf2d4

Von Bernd Bleßmann vor fast 3 Jahren hinzugefügt

  • ID b4ddf2d433ca367128cdab950d2fcc391657de38
  • Vorgänger ab010352
  • Nachfolger d53d7a0a

Recht: Ansehen von Verkaufsrechnungen berücksichtigen

Unterschiede anzeigen:

SL/AR.pm
521 521 
  # Permissions:
522 522 
  # - Always return invoices & AR transactions for projects the employee has "view invoices" permissions for, no matter what the other rules say.
523 523 
  # - Exclude AR transactions if no permissions for them exist.
524 
  # - Limit to own invoices unless may edit all invoices.
525 
  # - If may edit all, allow filtering by employee/salesman.
524 
  # - Limit to own invoices unless may edit all invoices or view invoices is allowed.
525 
  # - If may edit all or view invoices is allowed, allow filtering by employee/salesman.
526 526 
  my (@permission_where, @permission_values);
527 527 

  		




  528
  
  
    
  if ($::auth->assert('invoice_edit', 1)) {


  		




  
  528
  
    
  if ($::auth->assert('invoice_edit', 1) || $::auth->assert('sales_invoice_view', 1)) {


  		




  529
  529
  
    
    if (!$::auth->assert('show_ar_transactions', 1) ) {


  		




  530
  530
  
    
      push @permission_where, "NOT invoice = 'f'";  # remove ar transactions from Sales -> Reports -> Invoices


  		




  531
  531
  
    
    }


  		




  532
  532
  
    

  		




  533
  
  
    
    if (!$::auth->assert('sales_all_edit', 1)) {


  		




  
  533
  
    
    if (!$::auth->assert('sales_all_edit', 1) && !$::auth->assert('sales_invoice_view', 1)) {


  		




  534
  534
  
    
      # only show own invoices


  		




  535
  535
  
    
      push @permission_where,  "a.employee_id = ?";


  		




  536
  536
  
    
      push @permission_values, SL::DB::Manager::Employee->current->id;


  		




  ......




  547
  547
  
    
    }


  		




  548
  548
  
    
  }


  		




  549
  549
  
    

  		




  550
  
  
    
  if (@permission_where || !$::auth->assert('invoice_edit', 1)) {


  		




  
  550
  
    
  if (@permission_where || (!$::auth->assert('invoice_edit', 1) && !$::auth->assert('sales_invoice_view', 1))) {


  		




  551
  551
  
    
    my $permission_where_str = @permission_where ? "OR (" . join(" AND ", map { "($_)" } @permission_where) . ")" : "";


  		




  552
  552
  
    
    $where .= qq|


  		




  553
  553
  
    
      AND (   (a.globalproject_id IN (


  		












  

    
      bin/mozilla/is.pl
    
  





  62
  62
  
    
# end of main


  		




  63
  63
  
    

  		




  64
  64
  
    
sub _may_view_or_edit_this_invoice {


  		




  65
  
  
    
  return 1 if  $::auth->assert('invoice_edit', 1); # may edit all invoices


  		




  66
  
  
    
  return 0 if !$::form->{id};                      # creating new invoices isn't allowed without invoice_edit


  		




  67
  
  
    
  return 0 if !$::form->{globalproject_id};        # existing records without a project ID are not allowed


  		




  
  65
  
    
  return 1 if  $::auth->assert('invoice_edit', 1);       # may edit all invoices


  		




  
  66
  
    
  return 0 if !$::form->{id};                            # creating new invoices isn't allowed without invoice_edit


  		




  
  67
  
    
  return 1 if  $::auth->assert('sales_invoice_view', 1); # viewing is allowed with this right


  		




  
  68
  
    
  return 0 if !$::form->{globalproject_id};              # existing records without a project ID are not allowed


  		




  68
  69
  
    
  return SL::DB::Project->new(id => $::form->{globalproject_id})->load->may_employee_view_project_invoices(SL::DB::Manager::Employee->current);


  		




  69
  70
  
    
}


  		




  70
  71
  
    

  		












Auch abrufbar als:  Unified diff