Revision c9e93ded
Von Jan Büren vor fast 15 Jahren hinzugefügt
SL/AR.pm | ||
---|---|---|
480 | 480 |
} |
481 | 481 |
} |
482 | 482 |
|
483 |
if (!$main::auth->assert('sales_all_edit', 1)) { |
|
484 |
$where .= " AND a.employee_id = (select id from employee where login= ?)"; |
|
485 |
push (@values, $form->{login}); |
|
486 |
} |
|
483 | 487 |
my @a = qw(transdate invnumber name); |
484 | 488 |
push @a, "employee" if $form->{l_employee}; |
485 | 489 |
my $sortdir = !defined $form->{sortdir} ? 'ASC' : $form->{sortdir} ? 'ASC' : 'DESC'; |
SL/Auth.pm | ||
---|---|---|
654 | 654 |
["sales_delivery_order_edit", $locale->text("Create and edit sales delivery orders")], |
655 | 655 |
["invoice_edit", $locale->text("Create and edit invoices and credit notes")], |
656 | 656 |
["dunning_edit", $locale->text("Create and edit dunnings")], |
657 |
["sales_all_edit", $locale->text("View/edit all employees sales documents")], |
|
657 | 658 |
["--ap", $locale->text("AP")], |
658 | 659 |
["request_quotation_edit", $locale->text("Create and edit RFQs")], |
659 | 660 |
["purchase_order_edit", $locale->text("Create and edit purchase orders")], |
SL/DO.pm | ||
---|---|---|
104 | 104 |
push @where, "dord.$item = ?"; |
105 | 105 |
push @values, conv_i($form->{$item}); |
106 | 106 |
} |
107 |
if (!$main::auth->assert('sales_all_edit', 1)) { |
|
108 |
push @where, qq|dord.employee_id = (select id from employee where login= ?)|; |
|
109 |
push @values, $form->{login}; |
|
110 |
} |
|
107 | 111 |
|
108 | 112 |
foreach my $item (qw(donumber ordnumber cusordnumber transaction_description)) { |
109 | 113 |
next unless ($form->{$item}); |
SL/OE.pm | ||
---|---|---|
122 | 122 |
push(@values, '%' . $form->{$vc} . '%'); |
123 | 123 |
} |
124 | 124 |
|
125 |
if (!$main::auth->assert('sales_all_edit', 1)) { |
|
126 |
$query .= " AND o.employee_id = (select id from employee where login= ?)"; |
|
127 |
push @values, $form->{login}; |
|
128 |
} |
|
125 | 129 |
if ($form->{employee_id}) { |
126 | 130 |
$query .= " AND o.employee_id = ?"; |
127 | 131 |
push @values, conv_i($form->{employee_id}); |
bin/mozilla/ct.pl | ||
---|---|---|
662 | 662 |
$main::lxdebug->enter_sub(); |
663 | 663 |
|
664 | 664 |
$main::auth->assert('customer_vendor_edit'); |
665 |
$main::auth->assert('sales_all_edit'); |
|
665 | 666 |
|
666 | 667 |
my $form = $main::form; |
667 | 668 |
my %myconfig = %main::myconfig; |
locale/de/all | ||
---|---|---|
1784 | 1784 |
'View License' => 'Lizenz ansehen', |
1785 | 1785 |
'View SEPA export' => 'SEPA-Export-Details ansehen', |
1786 | 1786 |
'View warehouse content' => 'Lagerbestand ansehen', |
1787 |
'View/edit all employees sales documents' => 'Bearbeiten/ansehen der Verkaufsdokumente aller Mitarbeiter', |
|
1787 | 1788 |
'Von Konto: ' => 'von Konto: ', |
1788 | 1789 |
'WEBDAV access' => 'WEBDAV-Zugriff', |
1789 | 1790 |
'WHJournal' => 'Lagerbuchungen', |
sql/Pg-upgrade2/auth_enable_sales_all_edit.pl | ||
---|---|---|
1 |
# @tag: auth_enable_sales_all_edit |
|
2 |
# @description: Neues gruppenbezogenes Recht für den Bereich Verkauf hinzugefügt (sales_all_edit := Nur wenn angehakt, können Verkaufsdokumente von anderen Bearbeitern eingesehen werden) Das Skript hakt standardmässig dieses Recht an, sodass es keinen Unterschied zu vorhergehenden Version gibt. |
|
3 |
# @depends: release_2_6_0 |
|
4 |
# @charset: utf-8 |
|
5 |
|
|
6 |
use strict; |
|
7 |
use Data::Dumper; |
|
8 |
die("This script cannot be run from the command line.") unless ($main::form); |
|
9 |
|
|
10 |
sub mydberror { |
|
11 |
my ($msg) = @_; |
|
12 |
die($dbup_locale->text("Database update error:") . |
|
13 |
"<br>$msg<br>" . $DBI::errstr); |
|
14 |
} |
|
15 |
|
|
16 |
sub do_query { |
|
17 |
my ($query, $may_fail) = @_; |
|
18 |
|
|
19 |
if (!$dbh->do($query)) { |
|
20 |
mydberror($query) unless ($may_fail); |
|
21 |
$dbh->rollback(); |
|
22 |
$dbh->begin_work(); |
|
23 |
} |
|
24 |
} |
|
25 |
|
|
26 |
sub do_update { |
|
27 |
my @queries; |
|
28 |
|
|
29 |
# do_query("ALTER TABLE project ADD PRIMARY KEY (id);", 1); |
|
30 |
# map({ do_query($_, 0); } @queries); |
|
31 |
# print "hieryy"; |
|
32 |
# print (Dumper($main::form)); |
|
33 |
my $dbh = $main::auth->dbconnect(); |
|
34 |
my $query = qq|SELECT distinct group_id from auth.user_group|; |
|
35 |
my $sth_all_groups = prepare_execute_query($form, $dbh, $query); |
|
36 |
while (my $hash_ref = $sth_all_groups->fetchrow_hashref()) { # Schleife |
|
37 |
push @queries, "INSERT INTO auth.group_rights (group_id, \"right\", granted) VALUES (" . $hash_ref->{group_id} . ", 'sales_all_edit', 't')"; |
|
38 |
} |
|
39 |
# if in doubt use brute force ;-) jb |
|
40 |
foreach my $query (@queries){ |
|
41 |
# print "hier:" . $query; |
|
42 |
my $dbh = $main::auth->dbconnect(); |
|
43 |
my $sth = prepare_query($form, $dbh, $query); |
|
44 |
do_statement($form,$sth,$query); |
|
45 |
$sth->finish(); |
|
46 |
$dbh ->commit(); |
|
47 |
} |
|
48 |
return 1; |
|
49 |
} |
|
50 |
|
|
51 |
return do_update(); |
|
52 |
|
Auch abrufbar als: Unified diff
Benutzerverwaltung im Bereich Verkauf
> Ansicht nur auf eigene Verkaufsdokumente erweitert. Standardmässig bleibt alles wie vorher (Db-Upgrade-Skript was dieses Recht für alle vorhandenen Gruppen setzt) Sobald das Recht für die Gruppe nicht gesetzt wird, wird entsprechend bei den Verkaufsberichten auth>assert('sales_all_edit') auf employee_id geprüft. Bei Stammdaten->Kunden->Lieferung wird zusätzlich auf dieses Recht geprüft