Merge branch 'master' of github.com:kivitendo/kivitendo-erp

[kivitendo-erp.git] / bin / mozilla / fu.pl

diff --git a/bin/mozilla/fu.pl b/bin/mozilla/fu.pl
index ec32241..ef80a73 100644 (file)
--- a/bin/mozilla/fu.pl
+++ b/bin/mozilla/fu.pl
@@ -10,6 +10,8 @@ use strict;
 sub _collect_links {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $dest = shift;
 
   my $form     = $main::form;
@@ -28,6 +30,8 @@ sub _collect_links {
 sub add {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my %myconfig = %main::myconfig;
   my $locale   = $main::locale;
@@ -57,6 +61,8 @@ sub add {
 sub edit {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my $locale   = $main::locale;
 
@@ -82,6 +88,8 @@ sub edit {
 sub display_form {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
 
   $form->get_lists("employees" => "EMPLOYEES");
@@ -93,7 +101,7 @@ sub display_form {
 
   $form->{jsscript}   = 1;
 
-  $form->header();
+  $form->header(no_layout => $::form->{POPUP_MODE});
   print $form->parse_html_template('fu/add_edit');
 
   $main::lxdebug->leave_sub();
@@ -102,6 +110,8 @@ sub display_form {
 sub save_follow_up {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my $locale   = $main::locale;
 
@@ -139,6 +149,8 @@ sub save_follow_up {
 sub finish {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my $locale   = $main::locale;
 
@@ -175,6 +187,8 @@ sub finish {
 sub delete {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my $locale   = $main::locale;
 
@@ -211,6 +225,8 @@ sub delete {
 sub search {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my $locale   = $main::locale;
 
@@ -228,10 +244,12 @@ sub search {
 sub report {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my %myconfig = %main::myconfig;
   my $locale   = $main::locale;
-  my $cgi      = $main::cgi;
+  my $cgi      = $::request->{cgi};
 
   my @report_params = qw(created_for subject body reference follow_up_date_from follow_up_date_to itime_from itime_to due_only all_users done not_done);
 
@@ -340,6 +358,8 @@ sub report {
 sub report_for_todo_list {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
 
   my @report_params = qw(created_for subject body reference follow_up_date_from follow_up_date_to itime_from itime_to due_only all_users done not_done);
@@ -379,12 +399,14 @@ sub report_for_todo_list {
 sub edit_access_rights {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my $locale   = $main::locale;
 
   my $access = FU->retrieve_access_rights();
 
-  $form->get_lists("employees" => "EMPLOYEES");
+  $form->{EMPLOYEES} = SL::DB::Manager::Employee->get_all(query => [ deleted => 0 ]);
 
   map { $_->{access} = $access->{$_->{id}} } @{ $form->{EMPLOYEES} };
 
@@ -399,6 +421,8 @@ sub edit_access_rights {
 sub save_access_rights {
   $main::lxdebug->enter_sub();
 
+  $main::auth->assert('productivity');
+
   my $form     = $main::form;
   my $locale   = $main::locale;
 
@@ -427,6 +451,8 @@ sub continue {
 }
 
 sub save {
+  $main::auth->assert('productivity');
+
   if ($main::form->{save_nextsub}) {
     call_sub($main::form->{save_nextsub});
   } else {