sub action_create {
my ($self) = @_;
+ if (!$::auth->assert($::form->{quotation} ? 'sales_quotation_edit' : 'sales_order_edit', 1)) {
+ return $self->js->flash('error', t8("You do not have the permissions to access this function."))->render($self);
+ }
+
# 1. Update sections with selected part IDs.
my $section_attrs = $::form->{sections} || [];
- my $sections = SL::DB::Manager::RequirementSpecItem->get_all(where => [ id => [ map { $_->{id} } @{ $section_attrs } ] ]);
+ my $sections = SL::DB::Manager::RequirementSpecItem->get_all_sorted(where => [ id => [ map { $_->{id} } @{ $section_attrs } ] ]);
my %sections_by_id = map { ($_->{id} => $_) } @{ $sections };
$sections_by_id{ $_->{id} }->update_attributes(order_part_id => $_->{order_part_id}) for @{ $section_attrs };
my $order = $self->rs_order->order;
my $sections = $self->requirement_spec->sections_sorted;
+ if (!$::auth->assert($order->quotation ? 'sales_quotation_edit' : 'sales_order_edit', 1)) {
+ return $self->js->flash('error', t8("You do not have the permissions to access this function."))->render($self);
+ }
+
my (@orderitems, %sections_seen);
foreach my $item (@{ $order->items_sorted }) {
my $section = first { my $num = $_->fb_number; $item->description =~ m{\b\Q${num}\E\b} && !$sections_seen{ $_->id } } @{ $sections };
sub setup {
my ($self) = @_;
- $::auth->assert('sales_quotation_edit');
+ $::auth->assert('requirement_spec_edit');
$::request->{layout}->use_stylesheet("${_}.css") for qw(jquery.contextMenu requirement_spec autocomplete_part);
$::request->{layout}->use_javascript("${_}.js") for qw(jquery.jstree jquery/jquery.contextMenu client_js requirement_spec);
if (!$section->{keep_description}) {
$description = '<%fb_number%> <%title%>' unless $description =~ m{<%};
- $longdescription = '<%description%>' unless $longdescription =~ m{<%};
+ $longdescription = '<%description%>' unless $longdescription =~ m{<%};
- foreach my $field (\$description, \$longdescription) {
- $$field =~ s{<% (.+?) %>}{ $section->can($1) ? $section->$1 : '<' . t8('Invalid variable #1', $1) . '>' }egx;
- }
+ $description =~ s{<% (.+?) %>}{ $section->can($1) ? $section->$1 : '<' . t8('Invalid variable #1', $1) . '>' }egx;
+ $longdescription =~ s{\<\% description \%\>}{!!!!DESCRIPTION!!!!}gx;
+ $longdescription =~ s{<[pP]> !!!!DESCRIPTION!!!! </[pP]>}{!!!!DESCRIPTION!!!!}gx;
+ $longdescription =~ s{\<\% (.+?) \%\>}{ $section->can($1) ? $::locale->quote_special_chars('HTML', $section->$1 // '') : '<' . t8('Invalid variable #1', $1) . '>' }egx;
+ $longdescription =~ s{!!!!DESCRIPTION!!!!}{ $section->description // '' }egx;
}
$item->assign_attributes(