Revision c9e93ded
Von Jan Büren vor fast 15 Jahren hinzugefügt
| SL/AR.pm | ||
|---|---|---|
|
}
|
||
|
}
|
||
|
|
||
|
if (!$main::auth->assert('sales_all_edit', 1)) {
|
||
|
$where .= " AND a.employee_id = (select id from employee where login= ?)";
|
||
|
push (@values, $form->{login});
|
||
|
}
|
||
|
my @a = qw(transdate invnumber name);
|
||
|
push @a, "employee" if $form->{l_employee};
|
||
|
my $sortdir = !defined $form->{sortdir} ? 'ASC' : $form->{sortdir} ? 'ASC' : 'DESC';
|
||
| SL/Auth.pm | ||
|---|---|---|
|
["sales_delivery_order_edit", $locale->text("Create and edit sales delivery orders")],
|
||
|
["invoice_edit", $locale->text("Create and edit invoices and credit notes")],
|
||
|
["dunning_edit", $locale->text("Create and edit dunnings")],
|
||
|
["sales_all_edit", $locale->text("View/edit all employees sales documents")],
|
||
|
["--ap", $locale->text("AP")],
|
||
|
["request_quotation_edit", $locale->text("Create and edit RFQs")],
|
||
|
["purchase_order_edit", $locale->text("Create and edit purchase orders")],
|
||
| SL/DO.pm | ||
|---|---|---|
|
push @where, "dord.$item = ?";
|
||
|
push @values, conv_i($form->{$item});
|
||
|
}
|
||
|
if (!$main::auth->assert('sales_all_edit', 1)) {
|
||
|
push @where, qq|dord.employee_id = (select id from employee where login= ?)|;
|
||
|
push @values, $form->{login};
|
||
|
}
|
||
|
|
||
|
foreach my $item (qw(donumber ordnumber cusordnumber transaction_description)) {
|
||
|
next unless ($form->{$item});
|
||
| SL/OE.pm | ||
|---|---|---|
|
push(@values, '%' . $form->{$vc} . '%');
|
||
|
}
|
||
|
|
||
|
if (!$main::auth->assert('sales_all_edit', 1)) {
|
||
|
$query .= " AND o.employee_id = (select id from employee where login= ?)";
|
||
|
push @values, $form->{login};
|
||
|
}
|
||
|
if ($form->{employee_id}) {
|
||
|
$query .= " AND o.employee_id = ?";
|
||
|
push @values, conv_i($form->{employee_id});
|
||
| bin/mozilla/ct.pl | ||
|---|---|---|
|
$main::lxdebug->enter_sub();
|
||
|
|
||
|
$main::auth->assert('customer_vendor_edit');
|
||
|
$main::auth->assert('sales_all_edit');
|
||
|
|
||
|
my $form = $main::form;
|
||
|
my %myconfig = %main::myconfig;
|
||
| locale/de/all | ||
|---|---|---|
|
'View License' => 'Lizenz ansehen',
|
||
|
'View SEPA export' => 'SEPA-Export-Details ansehen',
|
||
|
'View warehouse content' => 'Lagerbestand ansehen',
|
||
|
'View/edit all employees sales documents' => 'Bearbeiten/ansehen der Verkaufsdokumente aller Mitarbeiter',
|
||
|
'Von Konto: ' => 'von Konto: ',
|
||
|
'WEBDAV access' => 'WEBDAV-Zugriff',
|
||
|
'WHJournal' => 'Lagerbuchungen',
|
||
| sql/Pg-upgrade2/auth_enable_sales_all_edit.pl | ||
|---|---|---|
|
# @tag: auth_enable_sales_all_edit
|
||
|
# @description: Neues gruppenbezogenes Recht für den Bereich Verkauf hinzugefügt (sales_all_edit := Nur wenn angehakt, können Verkaufsdokumente von anderen Bearbeitern eingesehen werden) Das Skript hakt standardmässig dieses Recht an, sodass es keinen Unterschied zu vorhergehenden Version gibt.
|
||
|
# @depends: release_2_6_0
|
||
|
# @charset: utf-8
|
||
|
|
||
|
use strict;
|
||
|
use Data::Dumper;
|
||
|
die("This script cannot be run from the command line.") unless ($main::form);
|
||
|
|
||
|
sub mydberror {
|
||
|
my ($msg) = @_;
|
||
|
die($dbup_locale->text("Database update error:") .
|
||
|
"<br>$msg<br>" . $DBI::errstr);
|
||
|
}
|
||
|
|
||
|
sub do_query {
|
||
|
my ($query, $may_fail) = @_;
|
||
|
|
||
|
if (!$dbh->do($query)) {
|
||
|
mydberror($query) unless ($may_fail);
|
||
|
$dbh->rollback();
|
||
|
$dbh->begin_work();
|
||
|
}
|
||
|
}
|
||
|
|
||
|
sub do_update {
|
||
|
my @queries;
|
||
|
|
||
|
# do_query("ALTER TABLE project ADD PRIMARY KEY (id);", 1);
|
||
|
# map({ do_query($_, 0); } @queries);
|
||
|
# print "hieryy";
|
||
|
# print (Dumper($main::form));
|
||
|
my $dbh = $main::auth->dbconnect();
|
||
|
my $query = qq|SELECT distinct group_id from auth.user_group|;
|
||
|
my $sth_all_groups = prepare_execute_query($form, $dbh, $query);
|
||
|
while (my $hash_ref = $sth_all_groups->fetchrow_hashref()) { # Schleife
|
||
|
push @queries, "INSERT INTO auth.group_rights (group_id, \"right\", granted) VALUES (" . $hash_ref->{group_id} . ", 'sales_all_edit', 't')";
|
||
|
}
|
||
|
# if in doubt use brute force ;-) jb
|
||
|
foreach my $query (@queries){
|
||
|
# print "hier:" . $query;
|
||
|
my $dbh = $main::auth->dbconnect();
|
||
|
my $sth = prepare_query($form, $dbh, $query);
|
||
|
do_statement($form,$sth,$query);
|
||
|
$sth->finish();
|
||
|
$dbh ->commit();
|
||
|
}
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
return do_update();
|
||
|
|
||
Auch abrufbar als: Unified diff
Benutzerverwaltung im Bereich Verkauf
> Ansicht nur auf eigene Verkaufsdokumente erweitert. Standardmässig bleibt alles wie vorher (Db-Upgrade-Skript was dieses Recht für alle vorhandenen Gruppen setzt) Sobald das Recht für die Gruppe nicht gesetzt wird, wird entsprechend bei den Verkaufsberichten auth>assert('sales_all_edit') auf employee_id geprüft. Bei Stammdaten->Kunden->Lieferung wird zusätzlich auf dieses Recht geprüft