Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision d53d7a0a

Von Bernd Bleßmann vor mehr als 2 Jahren hinzugefügt

  • ID d53d7a0a5ddc16d962ae32326ad4a8f8bf871978
  • Vorgänger b4ddf2d4
  • Nachfolger 51a586e7

Recht: Ansehen von Einkaufsrechnungen berücksichtigen

Unterschiede anzeigen:

SL/AP.pm
487 487 
  # Permissions:
488 488 
  # - Always return invoices & AP transactions for projects the employee has "view invoices" permissions for, no matter what the other rules say.
489 489 
  # - Exclude AP transactions if no permissions for them exist.
490 
  # - Limit to own invoices unless may edit all invoices.
491 
  # - If may edit all, allow filtering by employee.
490 
  # - Limit to own invoices unless may edit all invoices or view invoices is allowed.
491 
  # - If may edit all or view invoices is allowed, allow filtering by employee.
492 492 
  my (@permission_where, @permission_values);
493 493 

  		




  494
  
  
    
  if ($::auth->assert('vendor_invoice_edit', 1)) {


  		




  
  494
  
    
  if ($::auth->assert('vendor_invoice_edit', 1) || $::auth->assert('purchase_invoice_view', 1)) {


  		




  495
  495
  
    
    if (!$::auth->assert('show_ap_transactions', 1)) {


  		




  496
  496
  
    
      push @permission_where, "NOT invoice = 'f'"; # remove ap transactions from Purchase -> Reports -> Invoices


  		




  497
  497
  
    
    }


  		




  498
  498
  
    

  		




  499
  
  
    
    if (!$::auth->assert('purchase_all_edit', 1)) {


  		




  
  499
  
    
    if (!$::auth->assert('purchase_all_edit', 1) && !$::auth->assert('purchase_invoice_view', 1)) {


  		




  500
  500
  
    
      # only show own invoices


  		




  501
  501
  
    
      push @permission_where,  "a.employee_id = ?";


  		




  502
  502
  
    
      push @permission_values, SL::DB::Manager::Employee->current->id;


  		




  ......




  509
  509
  
    
    }


  		




  510
  510
  
    
  }


  		




  511
  511
  
    

  		




  512
  
  
    
  if (@permission_where || !$::auth->assert('vendor_invoice_edit', 1)) {


  		




  
  512
  
    
  if (@permission_where || (!$::auth->assert('vendor_invoice_edit', 1) && !$::auth->assert('purchase_invoice_view', 1))) {


  		




  513
  513
  
    
    my $permission_where_str = @permission_where ? "OR (" . join(" AND ", map { "($_)" } @permission_where) . ")" : "";


  		




  514
  514
  
    
    $where .= qq|


  		




  515
  515
  
    
      AND (   (a.globalproject_id IN (


  		












Auch abrufbar als:  Unified diff