Revision c9e93ded
Von Jan Büren vor mehr als 14 Jahren hinzugefügt
| SL/AR.pm | ||
|---|---|---|
| 480 | 480 |
} |
| 481 | 481 |
} |
| 482 | 482 |
|
| 483 |
if (!$main::auth->assert('sales_all_edit', 1)) {
|
|
| 484 |
$where .= " AND a.employee_id = (select id from employee where login= ?)"; |
|
| 485 |
push (@values, $form->{login});
|
|
| 486 |
} |
|
| 483 | 487 |
my @a = qw(transdate invnumber name); |
| 484 | 488 |
push @a, "employee" if $form->{l_employee};
|
| 485 | 489 |
my $sortdir = !defined $form->{sortdir} ? 'ASC' : $form->{sortdir} ? 'ASC' : 'DESC';
|
| SL/Auth.pm | ||
|---|---|---|
| 654 | 654 |
["sales_delivery_order_edit", $locale->text("Create and edit sales delivery orders")],
|
| 655 | 655 |
["invoice_edit", $locale->text("Create and edit invoices and credit notes")],
|
| 656 | 656 |
["dunning_edit", $locale->text("Create and edit dunnings")],
|
| 657 |
["sales_all_edit", $locale->text("View/edit all employees sales documents")],
|
|
| 657 | 658 |
["--ap", $locale->text("AP")],
|
| 658 | 659 |
["request_quotation_edit", $locale->text("Create and edit RFQs")],
|
| 659 | 660 |
["purchase_order_edit", $locale->text("Create and edit purchase orders")],
|
| SL/DO.pm | ||
|---|---|---|
| 104 | 104 |
push @where, "dord.$item = ?"; |
| 105 | 105 |
push @values, conv_i($form->{$item});
|
| 106 | 106 |
} |
| 107 |
if (!$main::auth->assert('sales_all_edit', 1)) {
|
|
| 108 |
push @where, qq|dord.employee_id = (select id from employee where login= ?)|; |
|
| 109 |
push @values, $form->{login};
|
|
| 110 |
} |
|
| 107 | 111 |
|
| 108 | 112 |
foreach my $item (qw(donumber ordnumber cusordnumber transaction_description)) {
|
| 109 | 113 |
next unless ($form->{$item});
|
| SL/OE.pm | ||
|---|---|---|
| 122 | 122 |
push(@values, '%' . $form->{$vc} . '%');
|
| 123 | 123 |
} |
| 124 | 124 |
|
| 125 |
if (!$main::auth->assert('sales_all_edit', 1)) {
|
|
| 126 |
$query .= " AND o.employee_id = (select id from employee where login= ?)"; |
|
| 127 |
push @values, $form->{login};
|
|
| 128 |
} |
|
| 125 | 129 |
if ($form->{employee_id}) {
|
| 126 | 130 |
$query .= " AND o.employee_id = ?"; |
| 127 | 131 |
push @values, conv_i($form->{employee_id});
|
| bin/mozilla/ct.pl | ||
|---|---|---|
| 662 | 662 |
$main::lxdebug->enter_sub(); |
| 663 | 663 |
|
| 664 | 664 |
$main::auth->assert('customer_vendor_edit');
|
| 665 |
$main::auth->assert('sales_all_edit');
|
|
| 665 | 666 |
|
| 666 | 667 |
my $form = $main::form; |
| 667 | 668 |
my %myconfig = %main::myconfig; |
| locale/de/all | ||
|---|---|---|
| 1784 | 1784 |
'View License' => 'Lizenz ansehen', |
| 1785 | 1785 |
'View SEPA export' => 'SEPA-Export-Details ansehen', |
| 1786 | 1786 |
'View warehouse content' => 'Lagerbestand ansehen', |
| 1787 |
'View/edit all employees sales documents' => 'Bearbeiten/ansehen der Verkaufsdokumente aller Mitarbeiter', |
|
| 1787 | 1788 |
'Von Konto: ' => 'von Konto: ', |
| 1788 | 1789 |
'WEBDAV access' => 'WEBDAV-Zugriff', |
| 1789 | 1790 |
'WHJournal' => 'Lagerbuchungen', |
| sql/Pg-upgrade2/auth_enable_sales_all_edit.pl | ||
|---|---|---|
| 1 |
# @tag: auth_enable_sales_all_edit |
|
| 2 |
# @description: Neues gruppenbezogenes Recht für den Bereich Verkauf hinzugefügt (sales_all_edit := Nur wenn angehakt, können Verkaufsdokumente von anderen Bearbeitern eingesehen werden) Das Skript hakt standardmässig dieses Recht an, sodass es keinen Unterschied zu vorhergehenden Version gibt. |
|
| 3 |
# @depends: release_2_6_0 |
|
| 4 |
# @charset: utf-8 |
|
| 5 |
|
|
| 6 |
use strict; |
|
| 7 |
use Data::Dumper; |
|
| 8 |
die("This script cannot be run from the command line.") unless ($main::form);
|
|
| 9 |
|
|
| 10 |
sub mydberror {
|
|
| 11 |
my ($msg) = @_; |
|
| 12 |
die($dbup_locale->text("Database update error:") .
|
|
| 13 |
"<br>$msg<br>" . $DBI::errstr); |
|
| 14 |
} |
|
| 15 |
|
|
| 16 |
sub do_query {
|
|
| 17 |
my ($query, $may_fail) = @_; |
|
| 18 |
|
|
| 19 |
if (!$dbh->do($query)) {
|
|
| 20 |
mydberror($query) unless ($may_fail); |
|
| 21 |
$dbh->rollback(); |
|
| 22 |
$dbh->begin_work(); |
|
| 23 |
} |
|
| 24 |
} |
|
| 25 |
|
|
| 26 |
sub do_update {
|
|
| 27 |
my @queries; |
|
| 28 |
|
|
| 29 |
# do_query("ALTER TABLE project ADD PRIMARY KEY (id);", 1);
|
|
| 30 |
# map({ do_query($_, 0); } @queries);
|
|
| 31 |
# print "hieryy"; |
|
| 32 |
# print (Dumper($main::form)); |
|
| 33 |
my $dbh = $main::auth->dbconnect(); |
|
| 34 |
my $query = qq|SELECT distinct group_id from auth.user_group|; |
|
| 35 |
my $sth_all_groups = prepare_execute_query($form, $dbh, $query); |
|
| 36 |
while (my $hash_ref = $sth_all_groups->fetchrow_hashref()) { # Schleife
|
|
| 37 |
push @queries, "INSERT INTO auth.group_rights (group_id, \"right\", granted) VALUES (" . $hash_ref->{group_id} . ", 'sales_all_edit', 't')";
|
|
| 38 |
} |
|
| 39 |
# if in doubt use brute force ;-) jb |
|
| 40 |
foreach my $query (@queries){
|
|
| 41 |
# print "hier:" . $query; |
|
| 42 |
my $dbh = $main::auth->dbconnect(); |
|
| 43 |
my $sth = prepare_query($form, $dbh, $query); |
|
| 44 |
do_statement($form,$sth,$query); |
|
| 45 |
$sth->finish(); |
|
| 46 |
$dbh ->commit(); |
|
| 47 |
} |
|
| 48 |
return 1; |
|
| 49 |
} |
|
| 50 |
|
|
| 51 |
return do_update(); |
|
| 52 |
|
|
Auch abrufbar als: Unified diff
Benutzerverwaltung im Bereich Verkauf
> Ansicht nur auf eigene Verkaufsdokumente erweitert. Standardmässig bleibt alles wie vorher (Db-Upgrade-Skript was dieses Recht für alle vorhandenen Gruppen setzt) Sobald das Recht für die Gruppe nicht gesetzt wird, wird entsprechend bei den Verkaufsberichten auth>assert('sales_all_edit') auf employee_id geprüft. Bei Stammdaten->Kunden->Lieferung wird zusätzlich auf dieses Recht geprüft