use List::Util qw(max sum);
use POSIX qw(strftime);
+use SL::Controller::DeliveryOrder;
use SL::DB::DeliveryOrder;
+use SL::DB::DeliveryOrder::TypeData qw(:types validate_type);
use SL::DO;
use SL::IR;
use SL::IS;
# end of main
+sub check_do_access_for_edit {
+ validate_type($::form->{type});
+
+ my $right = SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "edit");
+ $main::auth->assert($right);
+}
+
sub check_do_access {
- $main::auth->assert($main::form->{type} . '_edit');
+ validate_type($::form->{type});
+
+ my $right = SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "view");
+ $main::auth->assert($right);
}
sub set_headings {
sub add {
$main::lxdebug->enter_sub();
- check_do_access();
+ check_do_access_for_edit();
if (($::form->{type} =~ /purchase/) && !$::instance_conf->get_allow_new_purchase_invoice) {
$::form->show_generic_error($::locale->text("You do not have the permissions to access this function."));
$form->{show_details} = $::myconfig{show_form_details};
$form->{callback} = build_std_url('action=add', 'type', 'vc') unless ($form->{callback});
- order_links();
+ order_links(is_new => 1);
prepare_order();
display_form();
check_do_access();
+ my %params = @_;
my $form = $main::form;
my %myconfig = %main::myconfig;
} else {
IS->get_customer(\%myconfig, \%$form);
$form->{discount} = $form->{customer_discount};
+ $form->{billing_address_id} = $form->{default_billing_address_id} if $params{is_new};
}
$form->restore_vars(qw(payment_id language_id taxzone_id intnotes cp_id delivery_term_id));
if (ref $undo_date eq 'DateTime' && ref $insertdate eq 'DateTime') {
$undo_transfer = $insertdate > $undo_date;
}
+
+ my $may_edit_create = $::auth->assert(SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "edit"), 1);
+
for my $bar ($::request->layout->get('actionbar')) {
$bar->add(
action =>
[ t8('Update'),
submit => [ '#form', { action => "update" } ],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
id => 'update_button',
accesskey => 'enter',
],
t8('Save'),
submit => [ '#form', { action => "save" } ],
checks => [ 'kivi.validate_form' ],
- disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : $::form->{delivered} ? t8('This record has already been delivered.')
+ : undef,
],
action => [
t8('Save as new'),
submit => [ '#form', { action => "save_as_new" } ],
checks => [ 'kivi.validate_form' ],
- disabled => !$::form->{id},
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$::form->{id},
],
action => [
t8('Mark as closed'),
submit => [ '#form', { action => "mark_closed" } ],
checks => [ 'kivi.validate_form' ],
confirm => t8('This will remove the delivery order from showing as open even if contents are not delivered. Proceed?'),
- disabled => !$::form->{id} ? t8('This record has not been saved yet.')
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$::form->{id} ? t8('This record has not been saved yet.')
: $::form->{closed} ? t8('This record has already been closed.')
: undef,
],
t8('Delete'),
submit => [ '#form', { action => "delete" } ],
confirm => t8('Do you really want to delete this object?'),
- disabled => !$::form->{id} ? t8('This record has not been saved yet.')
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$::form->{id} ? t8('This record has not been saved yet.')
: $::form->{delivered} ? t8('This record has already been delivered.')
: ($::form->{vc} eq 'customer' && !$::instance_conf->get_sales_delivery_order_show_delete) ? t8('Deleting this type of record has been disabled in the configuration.')
: ($::form->{vc} eq 'vendor' && !$::instance_conf->get_purchase_delivery_order_show_delete) ? t8('Deleting this type of record has been disabled in the configuration.')
t8('Transfer out'),
submit => [ '#form', { action => "transfer_out" } ],
checks => [ 'kivi.validate_form', @transfer_qty ],
- disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : $::form->{delivered} ? t8('This record has already been delivered.')
+ : undef,
only_if => $is_customer,
],
action => [
t8('Transfer out via default'),
submit => [ '#form', { action => "transfer_out_default" } ],
checks => [ 'kivi.validate_form' ],
- disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : $::form->{delivered} ? t8('This record has already been delivered.')
+ : undef,
only_if => $is_customer && $::instance_conf->get_transfer_default,
],
action => [
t8('Transfer in'),
submit => [ '#form', { action => "transfer_in" } ],
checks => [ 'kivi.validate_form', @transfer_qty ],
- disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : $::form->{delivered} ? t8('This record has already been delivered.')
+ : undef,
only_if => !$is_customer,
],
action => [
t8('Transfer in via default'),
submit => [ '#form', { action => "transfer_in_default" } ],
checks => [ 'kivi.validate_form' ],
- disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : $::form->{delivered} ? t8('This record has already been delivered.')
+ : undef,
only_if => !$is_customer && $::instance_conf->get_transfer_default,
],
action => [
submit => [ '#form', { action => "delete_transfers" } ],
checks => [ 'kivi.validate_form' ],
only_if => $::form->{delivered},
- disabled => !$undo_transfer ? t8('Transfer date exceeds the maximum allowed interval.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$undo_transfer ? t8('Transfer date exceeds the maximum allowed interval.')
+ : undef,
],
], # end of combobox "Transfer out"
action => [ t8('Export') ],
action => [
t8('Print'),
- call => [ 'kivi.SalesPurchase.show_print_dialog' ],
- checks => [ 'kivi.validate_form' ],
+ call => [ 'kivi.SalesPurchase.show_print_dialog' ],
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef,
],
action => [
t8('E Mail'),
call => [ 'kivi.SalesPurchase.show_email_dialog' ],
checks => [ 'kivi.validate_form' ],
- disabled => !$::form->{id} ? t8('This record has not been saved yet.') : undef,
+ disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.')
+ : !$::form->{id} ? t8('This record has not been saved yet.')
+ : undef,
],
], # end of combobox "Export"
if (($form->{"previous_${vc}_id"} || $form->{"${vc}_id"}) != $form->{"${vc}_id"}) {
$::form->{salesman_id} = SL::DB::Manager::Employee->current->id if exists $::form->{salesman_id};
- IS->get_customer(\%myconfig, $form) if $vc eq 'customer';
- IR->get_vendor(\%myconfig, $form) if $vc eq 'vendor';
+ if ($vc eq 'customer') {
+ IS->get_customer(\%myconfig, $form);
+ $::form->{billing_address_id} = $::form->{default_billing_address_id};
+ } else {
+ IR->get_vendor(\%myconfig, $form);
+ }
}
$form->{discount} = $form->{"$form->{vc}_discount"} if defined $form->{"$form->{vc}_discount"};
'align' => 'center',
};
- $row->{donumber}->{link} = $edit_url . "&id=" . E($dord->{id}) . "&callback=${callback}";
+ $row->{donumber}->{link} = SL::DB::DeliveryOrder::TypeData::get3($dord->{order_type}, "show_menu", "new_controller")
+ ? SL::Controller::DeliveryOrder->url_for(action => "edit", id => $dord->{id}, type => $dord->{order_type})
+ : $edit_url . "&id=" . E($dord->{id}) . "&callback=${callback}";
$row->{ordnumber}->{link} = $edit_order_url . "&id=" . E($dord->{oe_id}) . "&callback=${callback}" if $dord->{oe_id};
$report->add_data($row);
my (%params) = @_;
- check_do_access();
+ check_do_access_for_edit();
my $form = $main::form;
my %myconfig = %main::myconfig;
if (($form->{"previous_${vc}_id"} || $form->{"${vc}_id"}) != $form->{"${vc}_id"}) {
$::form->{salesman_id} = SL::DB::Manager::Employee->current->id if exists $::form->{salesman_id};
- IS->get_customer(\%myconfig, $form) if $vc eq 'customer';
- IR->get_vendor(\%myconfig, $form) if $vc eq 'vendor';
+ if ($vc eq 'customer') {
+ IS->get_customer(\%myconfig, $form);
+ $::form->{billing_address_id} = $::form->{default_billing_address_id};
+ } else {
+ IR->get_vendor(\%myconfig, $form);
+ }
update();
$::dispatcher->end_request;
sub delete {
$main::lxdebug->enter_sub();
- check_do_access();
+ check_do_access_for_edit();
my $form = $main::form;
my %myconfig = %main::myconfig;
sub delete_transfers {
$main::lxdebug->enter_sub();
- check_do_access();
+ check_do_access_for_edit();
my $form = $main::form;
my %myconfig = %main::myconfig;
sub save_as_new {
$main::lxdebug->enter_sub();
- check_do_access();
+ check_do_access_for_edit();
my $form = $main::form;
sub display_form {
$::lxdebug->enter_sub;
- $::auth->assert('purchase_delivery_order_edit | sales_delivery_order_edit');
+ check_do_access();
relink_accounts();
retrieve_partunits();