# safety
__PACKAGE__->run_before('check_auth');
+__PACKAGE__->run_before('check_auth_for_edit',
+ except => [ qw(edit show_customer_vendor_details_dialog price_popup load_second_rows) ]);
+
__PACKAGE__->run_before('recalc',
only => [ qw(save save_as_new save_and_delivery_order save_and_invoice save_and_invoice_for_advance_payment save_and_final_invoice save_and_ap_transaction
print send_email) ]);
: '';
flash_later('info', $text);
- my @redirect_params = (
- action => 'edit',
- type => $self->type,
- id => $self->order->id,
- );
+ my @redirect_params;
+ if ($::form->{back_to_caller}) {
+ @redirect_params = $::form->{callback} ? ($::form->{callback})
+ : (controller => 'LoginScreen', action => 'user_login');
+
+ } else {
+ @redirect_params = (
+ action => 'edit',
+ type => $self->type,
+ id => $self->order->id,
+ callback => $::form->{callback},
+ );
+ }
$self->redirect_to(@redirect_params);
}
my $doc_filename = $form->generate_attachment_filename();
my $doc;
- my @errors = $self->generate_doc(\$doc, { format => $format,
+ my @errors = $self->generate_doc(\$doc, { media => $media,
+ format => $format,
formname => $formname,
language => $self->order->language,
printer_id => $printer_id,
my $pdf_filename = $form->generate_attachment_filename();
my $pdf;
- my @errors = $self->generate_doc(\$pdf, { format => $format,
+ my @errors = $self->generate_doc(\$pdf, { media => $media,
+ format => $format,
formname => $formname,
language => $self->order->language,
});
$::form->{id} = $self->order->id; # this is used in SL::Mailer to create a linked record to the mail
$::form->send_email(\%::myconfig, $::form->{print_options}->{format});
- # internal notes
- my $intnotes = $self->order->intnotes;
- $intnotes .= "\n\n" if $self->order->intnotes;
- $intnotes .= t8('[email]') . "\n";
- $intnotes .= t8('Date') . ": " . $::locale->format_date_object(DateTime->now_local, precision => 'seconds') . "\n";
- $intnotes .= t8('To (email)') . ": " . $::form->{email} . "\n";
- $intnotes .= t8('Cc') . ": " . $::form->{cc} . "\n" if $::form->{cc};
- $intnotes .= t8('Bcc') . ": " . $::form->{bcc} . "\n" if $::form->{bcc};
- $intnotes .= t8('Subject') . ": " . $::form->{subject} . "\n\n";
- $intnotes .= t8('Message') . ": " . SL::HTML::Util->strip($::form->{message});
+ # internal notes unless no email journal
+ unless ($::instance_conf->get_email_journal) {
+ my $intnotes = $self->order->intnotes;
+ $intnotes .= "\n\n" if $self->order->intnotes;
+ $intnotes .= t8('[email]') . "\n";
+ $intnotes .= t8('Date') . ": " . $::locale->format_date_object(DateTime->now_local, precision => 'seconds') . "\n";
+ $intnotes .= t8('To (email)') . ": " . $::form->{email} . "\n";
+ $intnotes .= t8('Cc') . ": " . $::form->{cc} . "\n" if $::form->{cc};
+ $intnotes .= t8('Bcc') . ": " . $::form->{bcc} . "\n" if $::form->{bcc};
+ $intnotes .= t8('Subject') . ": " . $::form->{subject} . "\n\n";
+ $intnotes .= t8('Message') . ": " . SL::HTML::Util->strip($::form->{message});
- $self->order->update_attributes(intnotes => $intnotes);
+ $self->order->update_attributes(intnotes => $intnotes);
+ }
$self->save_history('MAILED');
);
}
+sub action_save_and_supplier_delivery_order {
+ my ($self) = @_;
+
+ $self->save_and_redirect_to(
+ controller => 'controller.pl',
+ action => 'DeliveryOrder/add_from_order',
+ type => 'supplier_delivery_order',
+ );
+}
+
# save the order and redirect to the frontend subroutine for a new
# invoice
sub action_save_and_invoice {
sub check_auth {
my ($self) = @_;
+ my $right_for = { map { $_ => $_.'_edit' . ' | ' . $_.'_view' } @{$self->valid_types} };
+
+ my $right = $right_for->{ $self->type };
+ $right ||= 'DOES_NOT_EXIST';
+
+ $::auth->assert($right);
+}
+
+sub check_auth_for_edit {
+ my ($self) = @_;
+
my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} };
my $right = $right_for->{ $self->type };
sub setup_order_from_cv {
my ($order) = @_;
- $order->$_($order->customervendor->$_) for (qw(taxzone_id payment_id delivery_term_id currency_id));
+ $order->$_($order->customervendor->$_) for (qw(taxzone_id payment_id delivery_term_id currency_id language_id));
$order->intnotes($order->customervendor->notes);
my $destination_type = $::form->{type} eq sales_order_type() ? sales_quotation_type() : request_quotation_type();
$self->order(SL::DB::Order->new_from($self->order, destination_type => $destination_type));
- $self->{converted_from_oe_id} = delete $::form->{id};
+ delete $::form->{id};
+
+ # no linked records from order to quotations
+ delete $::form->{$_} for qw(converted_from_oe_id converted_from_orderitems_ids);
# set item ids to new fake id, to identify them as new items
foreach my $item (@{$self->order->items_sorted}) {
$self->{all_taxzones} = SL::DB::Manager::TaxZone->get_all_sorted();
$self->{all_currencies} = SL::DB::Manager::Currency->get_all_sorted();
$self->{all_departments} = SL::DB::Manager::Department->get_all_sorted();
- $self->{all_languages} = SL::DB::Manager::Language->get_all_sorted();
+ $self->{all_languages} = SL::DB::Manager::Language->get_all_sorted( query => [ obsolete => 0 ] );
$self->{all_employees} = SL::DB::Manager::Employee->get_all(where => [ or => [ id => $self->order->employee_id,
deleted => 0 ] ],
sort_by => 'name');
$has_final_invoice = any {'SL::DB::Invoice' eq ref $_ && "final_invoice" eq $_->type} @$lr;
}
+ my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} };
+ my $right = $right_for->{ $self->type };
+ $right ||= 'DOES_NOT_EXIST';
+ my $may_edit_create = $::auth->assert($right, 'may fail');
+
for my $bar ($::request->layout->get('actionbar')) {
$bar->add(
combobox => [
checks => [ 'kivi.Order.check_save_active_periodic_invoices', ['kivi.validate_form','#order_form'],
@req_trans_cost_art, @req_cusordnumber,
],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
+ ],
+ action => [
+ t8('Save and Close'),
+ call => [ 'kivi.Order.save', 'save', $::instance_conf->get_order_warn_duplicate_parts,
+ $::instance_conf->get_order_warn_no_deliverydate,
+ 1
+ ],
+ checks => [ 'kivi.Order.check_save_active_periodic_invoices', ['kivi.validate_form','#order_form'],
+ @req_trans_cost_art, @req_cusordnumber,
+ ],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save as new'),
checks => [ 'kivi.Order.check_save_active_periodic_invoices',
@req_trans_cost_art, @req_cusordnumber,
],
- disabled => !$self->order->id ? t8('This object has not been saved yet.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$self->order->id ? t8('This object has not been saved yet.')
+ : undef,
],
], # end of combobox "Save"
submit => [ '#order_form', { action => "Order/sales_quotation" } ],
checks => [ @req_trans_cost_art, @req_cusordnumber ],
only_if => (any { $self->type eq $_ } (sales_order_type())),
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save and RFQ'),
submit => [ '#order_form', { action => "Order/request_for_quotation" } ],
only_if => (any { $self->type eq $_ } (purchase_order_type())),
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save and Sales Order'),
submit => [ '#order_form', { action => "Order/sales_order" } ],
checks => [ @req_trans_cost_art ],
only_if => (any { $self->type eq $_ } (sales_quotation_type(), purchase_order_type())),
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save and Purchase Order'),
call => [ 'kivi.Order.purchase_order_check_for_direct_delivery' ],
checks => [ @req_trans_cost_art, @req_cusordnumber ],
only_if => (any { $self->type eq $_ } (sales_order_type(), request_quotation_type())),
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save and Delivery Order'),
checks => [ 'kivi.Order.check_save_active_periodic_invoices',
@req_trans_cost_art, @req_cusordnumber,
],
- only_if => (any { $self->type eq $_ } (sales_order_type(), purchase_order_type()))
+ only_if => (any { $self->type eq $_ } (sales_order_type(), purchase_order_type())),
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
+ ],
+ action => [
+ t8('Save and Supplier Delivery Order'),
+ call => [ 'kivi.Order.save', 'save_and_supplier_delivery_order', $::instance_conf->get_order_warn_duplicate_parts,
+ $::instance_conf->get_order_warn_no_deliverydate,
+ ],
+ checks => [ 'kivi.Order.check_save_active_periodic_invoices',
+ @req_trans_cost_art, @req_cusordnumber,
+ ],
+ only_if => (any { $self->type eq $_ } (purchase_order_type())),
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save and Invoice'),
checks => [ 'kivi.Order.check_save_active_periodic_invoices',
@req_trans_cost_art, @req_cusordnumber,
],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
($has_invoice_for_advance_payment ? t8('Save and Further Invoice for Advance Payment') : t8('Save and Invoice for Advance Payment')),
checks => [ 'kivi.Order.check_save_active_periodic_invoices',
@req_trans_cost_art, @req_cusordnumber,
],
- disabled => $has_final_invoice ? t8('This order has already a final invoice.')
- : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : $has_final_invoice ? t8('This order has already a final invoice.')
+ : undef,
only_if => (any { $self->type eq $_ } (sales_order_type())),
],
action => [
checks => [ 'kivi.Order.check_save_active_periodic_invoices',
@req_trans_cost_art, @req_cusordnumber,
],
- disabled => $has_final_invoice ? t8('This order has already a final invoice.')
- : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : $has_final_invoice ? t8('This order has already a final invoice.')
+ : undef,
only_if => (any { $self->type eq $_ } (sales_order_type())) && $has_invoice_for_advance_payment,
],
action => [
t8('Save and AP Transaction'),
call => [ 'kivi.Order.save', 'save_and_ap_transaction', $::instance_conf->get_order_warn_duplicate_parts ],
- only_if => (any { $self->type eq $_ } (purchase_order_type()))
+ only_if => (any { $self->type eq $_ } (purchase_order_type())),
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
], # end of combobox "Workflow"
],
action => [
t8('Save and preview PDF'),
- call => [ 'kivi.Order.save', 'preview_pdf', $::instance_conf->get_order_warn_duplicate_parts,
- $::instance_conf->get_order_warn_no_deliverydate,
- ],
- checks => [ @req_trans_cost_art, @req_cusordnumber ],
+ call => [ 'kivi.Order.save', 'preview_pdf', $::instance_conf->get_order_warn_duplicate_parts,
+ $::instance_conf->get_order_warn_no_deliverydate,
+ ],
+ checks => [ @req_trans_cost_art, @req_cusordnumber ],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save and print'),
- call => [ 'kivi.Order.show_print_options', $::instance_conf->get_order_warn_duplicate_parts,
- $::instance_conf->get_order_warn_no_deliverydate,
- ],
- checks => [ @req_trans_cost_art, @req_cusordnumber ],
+ call => [ 'kivi.Order.show_print_options', $::instance_conf->get_order_warn_duplicate_parts,
+ $::instance_conf->get_order_warn_no_deliverydate,
+ ],
+ checks => [ @req_trans_cost_art, @req_cusordnumber ],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('Save and E-mail'),
- id => 'save_and_email_action',
- call => [ 'kivi.Order.save', 'save_and_show_email_dialog', $::instance_conf->get_order_warn_duplicate_parts,
- $::instance_conf->get_order_warn_no_deliverydate,
- ],
- disabled => !$self->order->id ? t8('This object has not been saved yet.') : undef,
+ id => 'save_and_email_action',
+ call => [ 'kivi.Order.save', 'save_and_show_email_dialog', $::instance_conf->get_order_warn_duplicate_parts,
+ $::instance_conf->get_order_warn_no_deliverydate,
+ ],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$self->order->id ? t8('This object has not been saved yet.')
+ : undef,
],
action => [
t8('Download attachments of all parts'),
t8('Delete'),
call => [ 'kivi.Order.delete_order' ],
confirm => $::locale->text('Do you really want to delete this object?'),
- disabled => !$self->order->id ? t8('This object has not been saved yet.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$self->order->id ? t8('This object has not been saved yet.')
+ : undef,
only_if => $deletion_allowed,
],