Recht: Ansehen von Belegen bei Angebot und Auftrag berücksichtigen
[kivitendo-erp.git] / SL / Controller / Order.pm
index b4328a1..87a9e9c 100644 (file)
@@ -56,6 +56,9 @@ use Rose::Object::MakeMethods::Generic
 # safety
 __PACKAGE__->run_before('check_auth');
 
+__PACKAGE__->run_before('check_auth_save',
+                        except => [ qw(edit show_customer_vendor_details_dialog price_popup load_second_rows) ]);
+
 __PACKAGE__->run_before('recalc',
                         only => [ qw(save save_as_new save_and_delivery_order save_and_invoice save_and_invoice_for_advance_payment save_and_final_invoice save_and_ap_transaction
                                      print send_email) ]);
@@ -301,7 +304,8 @@ sub action_print {
   my $doc_filename          = $form->generate_attachment_filename();
 
   my $doc;
-  my @errors = $self->generate_doc(\$doc, { format     => $format,
+  my @errors = $self->generate_doc(\$doc, { media      => $media,
+                                            format     => $format,
                                             formname   => $formname,
                                             language   => $self->order->language,
                                             printer_id => $printer_id,
@@ -368,7 +372,8 @@ sub action_preview_pdf {
   my $pdf_filename          = $form->generate_attachment_filename();
 
   my $pdf;
-  my @errors = $self->generate_doc(\$pdf, { format     => $format,
+  my @errors = $self->generate_doc(\$pdf, { media      => $media,
+                                            format     => $format,
                                             formname   => $formname,
                                             language   => $self->order->language,
                                           });
@@ -677,6 +682,16 @@ sub action_save_and_delivery_order {
   );
 }
 
+sub action_save_and_supplier_delivery_order {
+  my ($self) = @_;
+
+  $self->save_and_redirect_to(
+    controller => 'controller.pl',
+    action     => 'DeliveryOrder/add_from_order',
+    type       => 'supplier_delivery_order',
+  );
+}
+
 # save the order and redirect to the frontend subroutine for a new
 # invoice
 sub action_save_and_invoice {
@@ -1358,6 +1373,17 @@ sub init_part_picker_classification_ids {
 sub check_auth {
   my ($self) = @_;
 
+  my $right_for = { map { $_ => $_.'_edit' . ' | ' . $_.'_view' } @{$self->valid_types} };
+
+  my $right   = $right_for->{ $self->type };
+  $right    ||= 'DOES_NOT_EXIST';
+
+  $::auth->assert($right);
+}
+
+sub check_auth_save {
+  my ($self) = @_;
+
   my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} };
 
   my $right   = $right_for->{ $self->type };
@@ -2006,6 +2032,11 @@ sub setup_edit_action_bar {
     $has_final_invoice               = any {'SL::DB::Invoice' eq ref $_ && "final_invoice" eq $_->type} @$lr;
   }
 
+  my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} };
+  my $right     = $right_for->{ $self->type };
+  $right      ||= 'DOES_NOT_EXIST';
+
+  if ($::auth->assert($right, 1)) {
   for my $bar ($::request->layout->get('actionbar')) {
     $bar->add(
       combobox => [
@@ -2065,6 +2096,16 @@ sub setup_edit_action_bar {
           ],
           only_if   => (any { $self->type eq $_ } (sales_order_type(), purchase_order_type()))
         ],
+        action => [
+          t8('Save and Supplier Delivery Order'),
+          call      => [ 'kivi.Order.save', 'save_and_supplier_delivery_order', $::instance_conf->get_order_warn_duplicate_parts,
+                                                                       $::instance_conf->get_order_warn_no_deliverydate,
+                                                                                                                        ],
+          checks    => [ 'kivi.Order.check_save_active_periodic_invoices',
+                         @req_trans_cost_art, @req_cusordnumber,
+          ],
+          only_if   => (any { $self->type eq $_ } (purchase_order_type()))
+        ],
         action => [
           t8('Save and Invoice'),
           call      => [ 'kivi.Order.save', 'save_and_invoice', $::instance_conf->get_order_warn_duplicate_parts ],
@@ -2142,6 +2183,12 @@ sub setup_edit_action_bar {
         only_if  => $deletion_allowed,
       ],
 
+    );
+  }
+  }
+
+  for my $bar ($::request->layout->get('actionbar')) {
+    $bar->add(
       combobox => [
         action => [
           t8('more')
@@ -2160,6 +2207,7 @@ sub setup_edit_action_bar {
       ], # end of combobox "more"
     );
   }
+
 }
 
 sub generate_doc {