use List::UtilsBy qw(sort_by);
use English qw(-no_match_vars);
+use SL::DB::BankTransactionAccTrans;
use SL::DB::Default;
use SL::DB::Customer;
use SL::DB::Department;
# end of main
+sub _may_view_or_edit_this_invoice {
+ return 1 if $::auth->assert('invoice_edit', 1); # may edit all invoices
+ return 0 if !$::form->{id}; # creating new invoices isn't allowed without invoice_edit
+ return 0 if !$::form->{globalproject_id}; # existing records without a project ID are not allowed
+ return SL::DB::Project->new(id => $::form->{globalproject_id})->load->may_employee_view_project_invoices(SL::DB::Manager::Employee->current);
+}
+
+sub _assert_access {
+ my $cache = $::request->cache('is.pl::_assert_access');
+
+ $cache->{_may_view_or_edit_this_invoice} = _may_view_or_edit_this_invoice() if !exists $cache->{_may_view_or_edit_this_invoice};
+ $::form->show_generic_error($::locale->text("You do not have the permissions to access this function.")) if ! $cache->{_may_view_or_edit_this_invoice};
+}
+
sub add {
$main::lxdebug->enter_sub();
$form->{callback} = "$form->{script}?action=add&type=$form->{type}" unless $form->{callback};
- &invoice_links;
+ invoice_links(is_new => 1);
&prepare_invoice;
&display_form;
sub edit {
$main::lxdebug->enter_sub();
+ # Delay access check to after the invoice's been loaded in
+ # "invoice_links" so that project-specific invoice rights can be
+ # evaluated.
+
my $form = $main::form;
my $locale = $main::locale;
- $main::auth->assert('invoice_edit');
-
$form->{show_details} = $::myconfig{show_form_details};
$form->{taxincluded_changed_by_user} = 1;
sub invoice_links {
$main::lxdebug->enter_sub();
+ # Delay access check to after the invoice's been loaded so that
+ # project-specific invoice rights can be evaluated.
+
+ my %params = @_;
my $form = $main::form;
my %myconfig = %main::myconfig;
- $main::auth->assert('invoice_edit');
-
$form->{vc} = 'customer';
# create links
$form->create_links("AR", \%myconfig, "customer");
+ _assert_access();
+
my $editing = $form->{id};
$form->backup_vars(qw(payment_id language_id taxzone_id salesman_id
IS->get_customer(\%myconfig, \%$form);
+ $form->{billing_address_id} = $form->{default_billing_address_id} if $params{is_new};
+
$form->restore_vars(qw(id));
IS->retrieve_invoice(\%myconfig, \%$form);
sub prepare_invoice {
$main::lxdebug->enter_sub();
+ _assert_access();
+
my $form = $main::form;
my %myconfig = %main::myconfig;
- $main::auth->assert('invoice_edit');
-
if ($form->{type} eq "credit_note") {
$form->{type} = "credit_note";
$form->{formname} = "credit_note";
my $form = $::form;
my $change_never = $::instance_conf->get_is_changeable == 0;
my $change_on_same_day_only = $::instance_conf->get_is_changeable == 2 && ($form->current_date(\%::myconfig) ne $form->{gldate});
- my @req_trans_desc = qw(kivi.SalesPurchase.check_transaction_description) x!!$::instance_conf->get_require_transaction_description_ps;
-
+ my $payments_balanced = ($::form->{oldtotalpaid} == 0);
+ my $has_storno = ($::form->{storno} && !$::form->{storno_id});
+ my $may_edit_create = $::auth->assert('invoice_edit', 1);
+ my ($is_linked_bank_transaction, $warn_unlinked_delivery_order);
+ if ($::form->{id}
+ && SL::DB::Default->get->payments_changeable != 0
+ && SL::DB::Manager::BankTransactionAccTrans->find_by(ar_id => $::form->{id})) {
+
+ $is_linked_bank_transaction = 1;
+ }
+ if ($::instance_conf->get_warn_no_delivery_order_for_invoice && !$form->{id}) {
+ $warn_unlinked_delivery_order = 1 unless $form->{convert_from_do_ids};
+ }
for my $bar ($::request->layout->get('actionbar')) {
$bar->add(
action => [
t8('Update'),
submit => [ '#form', { action => "update" } ],
- disabled => $form->{locked} ? t8('The billing period has already been locked.') : undef,
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : $form->{locked} ? t8('The billing period has already been locked.')
+ : undef,
id => 'update_button',
accesskey => 'enter',
],
action => [
t8('Post'),
submit => [ '#form', { action => "post" } ],
- checks => [ @req_trans_desc ],
- disabled => $form->{locked} ? t8('The billing period has already been locked.')
+ checks => [ 'kivi.validate_form' ],
+ confirm => t8('The invoice is not linked with a sales delivery order. Post anyway?') x !!$warn_unlinked_delivery_order,
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : $form->{locked} ? t8('The billing period has already been locked.')
: $form->{storno} ? t8('A canceled invoice cannot be posted.')
: ($form->{id} && $change_never) ? t8('Changing invoices has been disabled in the configuration.')
: ($form->{id} && $change_on_same_day_only) ? t8('Invoices can only be changed on the day they are posted.')
+ : $is_linked_bank_transaction ? t8('This transaction is linked with a bank transaction. Please undo and redo the bank transaction booking if needed.')
: undef,
],
action => [
t8('Post Payment'),
submit => [ '#form', { action => "post_payment" } ],
- checks => [ @req_trans_desc ],
- disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef,
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : !$form->{id} ? t8('This invoice has not been posted yet.')
+ : $is_linked_bank_transaction ? t8('This transaction is linked with a bank transaction. Please undo and redo the bank transaction booking if needed.')
+ : undef,
],
action => [ t8('Mark as paid'),
submit => [ '#form', { action => "mark_as_paid" } ],
confirm => t8('This will remove the invoice from showing as unpaid even if the unpaid amount does not match the amount. Proceed?'),
- disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef,
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : !$form->{id} ? t8('This invoice has not been posted yet.')
+ : undef,
only_if => $::instance_conf->get_is_show_mark_as_paid,
],
], # end of combobox "Post"
action => [ t8('Storno'),
submit => [ '#form', { action => "storno" } ],
confirm => t8('Do you really want to cancel this invoice?'),
- checks => [ @req_trans_desc ],
- disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef,
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : !$form->{id} ? t8('This invoice has not been posted yet.')
+ : $form->{storno} ? t8('Cannot storno storno invoice!')
+ : $form->{locked} ? t8('The billing period has already been locked.')
+ : !$payments_balanced ? t8('Cancelling is disallowed. Either undo or balance the current payments until the open amount matches the invoice amount')
+ : undef,
],
action => [ t8('Delete'),
submit => [ '#form', { action => "delete" } ],
confirm => t8('Do you really want to delete this object?'),
- checks => [ @req_trans_desc ],
- disabled => !$form->{id} ? t8('This invoice has not been posted yet.')
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : !$form->{id} ? t8('This invoice has not been posted yet.')
: $form->{locked} ? t8('The billing period has already been locked.')
: $change_never ? t8('Changing invoices has been disabled in the configuration.')
: $change_on_same_day_only ? t8('Invoices can only be changed on the day they are posted.')
+ : $has_storno ? t8('Can only delete the "Storno zu" part of the cancellation pair.')
: undef,
],
], # end of combobox "Storno"
action => [
t8('Use As New'),
submit => [ '#form', { action => "use_as_new" } ],
- disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef,
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : !$form->{id} ? t8('This invoice has not been posted yet.')
+ : undef,
],
action => [
t8('Credit Note'),
submit => [ '#form', { action => "credit_note" } ],
- checks => [ @req_trans_desc ],
- disabled => $form->{type} eq "credit_note" ? t8('Credit notes cannot be converted into other credit notes.')
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : $form->{type} eq "credit_note" ? t8('Credit notes cannot be converted into other credit notes.')
: !$form->{id} ? t8('This invoice has not been posted yet.')
+ : $form->{storno} ? t8('A canceled invoice cannot be used. Please undo the cancellation first.')
: undef,
],
action => [
t8('Sales Order'),
submit => [ '#form', { action => "order" } ],
+ checks => [ 'kivi.validate_form' ],
disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef,
],
], # end of combobox "Workflow"
action => [
($form->{id} ? t8('Print') : t8('Preview')),
call => [ 'kivi.SalesPurchase.show_print_dialog', $form->{id} ? 'print' : 'preview' ],
- checks => [ @req_trans_desc ],
- disabled => !$form->{id} && $form->{locked} ? t8('The billing period has already been locked.') : undef,
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You must not print this invoice.')
+ : !$form->{id} && $form->{locked} ? t8('The billing period has already been locked.')
+ : undef,
],
action => [ t8('Print and Post'),
- call => [ 'kivi.SalesPurchase.show_print_dialog', $form->{id} ? 'print' : 'print_and_post' ],
- checks => [ @req_trans_desc ],
- disabled => $form->{id} ? t8('This invoice has already been posted.') : undef,,
+ call => [ 'kivi.SalesPurchase.show_print_dialog', 'print_and_post' ],
+ checks => [ 'kivi.validate_form' ],
+ confirm => t8('The invoice is not linked with a sales delivery order. Post anyway?') x !!$warn_unlinked_delivery_order,
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : $form->{locked} ? t8('The billing period has already been locked.')
+ : $form->{storno} ? t8('A canceled invoice cannot be posted.')
+ : ($form->{id} && $change_never) ? t8('Changing invoices has been disabled in the configuration.')
+ : ($form->{id} && $change_on_same_day_only) ? t8('Invoices can only be changed on the day they are posted.')
+ : $is_linked_bank_transaction ? t8('This transaction is linked with a bank transaction. Please undo and redo the bank transaction booking if needed.')
+ : undef,
],
action => [ t8('E Mail'),
call => [ 'kivi.SalesPurchase.show_email_dialog' ],
- checks => [ @req_trans_desc ],
- disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef,
+ checks => [ 'kivi.validate_form' ],
+ disabled => !$may_edit_create ? t8('You must not print this invoice.')
+ : !$form->{id} ? t8('This invoice has not been posted yet.')
+ : $form->{postal_invoice} ? t8('This customer wants a postal invoices.')
+ : undef,
],
], # end of combobox "Export"
action => [
t8('Drafts'),
call => [ 'kivi.Draft.popup', 'is', 'invoice', $form->{draft_id}, $form->{draft_description} ],
- disabled => $form->{id} ? t8('This invoice has already been posted.')
- : $form->{locked} ? t8('The billing period has already been locked.')
- : undef,
+ disabled => !$may_edit_create ? t8('You must not change this invoice.')
+ : $form->{id} ? t8('This invoice has already been posted.')
+ : $form->{locked} ? t8('The billing period has already been locked.')
+ : undef,
],
], # end of combobox "more"
);
}
+ $::request->layout->add_javascripts('kivi.Validator.js');
}
sub form_header {
$main::lxdebug->enter_sub();
+ _assert_access();
+
my $form = $main::form;
my %myconfig = %main::myconfig;
my $locale = $main::locale;
my $cgi = $::request->{cgi};
- $main::auth->assert('invoice_edit');
-
my %TMPL_VAR = ();
my @custom_hiddens;
$TMPL_VAR{customer_obj} = SL::DB::Customer->load_cached($form->{customer_id}) if $form->{customer_id};
$TMPL_VAR{invoice_obj} = SL::DB::Invoice->load_cached($form->{id}) if $form->{id};
+ # only print, no mail
+ $form->{postal_invoice} = $TMPL_VAR{customer_obj}->postal_invoice if ref $TMPL_VAR{customer_obj} eq 'SL::DB::Customer';
+
my $current_employee = SL::DB::Manager::Employee->current;
$form->{employee_id} = $form->{old_employee_id} if $form->{old_employee_id};
$form->{salesman_id} = $form->{old_salesman_id} if $form->{old_salesman_id};
"price_factors" => "ALL_PRICE_FACTORS");
$form->{ALL_DEPARTMENTS} = SL::DB::Manager::Department->get_all_sorted;
+ $form->{ALL_LANGUAGES} = SL::DB::Manager::Language->get_all_sorted;
# Projects
my @old_project_ids = uniq grep { $_ } map { $_ * 1 } ($form->{"globalproject_id"}, map { $form->{"project_id_$_"} } 1..$form->{"rowcount"});
invoice_id
show_details
), @custom_hiddens,
- map { $_.'_rate', $_.'_description', $_.'_taxnumber' } split / /, $form->{taxaccounts}];
+ map { $_.'_rate', $_.'_description', $_.'_taxnumber', $_.'_tax_id' } split / /, $form->{taxaccounts}];
- $::request->{layout}->use_javascript(map { "${_}.js" } qw(kivi.Draft kivi.File kivi.SalesPurchase kivi.Part ckeditor/ckeditor ckeditor/adapters/jquery kivi.io autocomplete_customer client_js));
+ $::request->{layout}->use_javascript(map { "${_}.js" } qw(kivi.Draft kivi.File kivi.SalesPurchase kivi.Part kivi.CustomerVendor kivi.Validator ckeditor/ckeditor ckeditor/adapters/jquery kivi.io client_js));
$TMPL_VAR{payment_terms_obj} = get_payment_terms_for_invoice();
$form->{duedate} = $TMPL_VAR{payment_terms_obj}->calc_date(reference_date => $form->{invdate}, due_date => $form->{duedate})->to_kivitendo if $TMPL_VAR{payment_terms_obj};
sub form_footer {
$main::lxdebug->enter_sub();
+ _assert_access();
+
my $form = $main::form;
my %myconfig = %main::myconfig;
my $locale = $main::locale;
- $main::auth->assert('invoice_edit');
-
$form->{invtotal} = $form->{invsubtotal};
- # note rows
- $form->{rows} = max 2,
- $form->numtextrows($form->{notes}, 26, 8),
- $form->numtextrows($form->{intnotes}, 35, 8);
-
-
# tax, total and subtotal calculations
my ($tax, $subtotal);
$form->{taxaccounts_array} = [ split(/ /, $form->{taxaccounts}) ];
$form->{ALL_DELIVERY_TERMS} = SL::DB::Manager::DeliveryTerm->get_all_sorted();
+ my $shipto_cvars = SL::DB::Shipto->new->cvars_by_config;
+ foreach my $var (@{ $shipto_cvars }) {
+ my $name = "shiptocvar_" . $var->config->name;
+ $var->value($form->{$name}) if exists $form->{$name};
+ }
+
print $form->parse_html_template('is/form_footer', {
is_type_credit_note => ($form->{type} eq "credit_note"),
totalpaid => $totalpaid,
: ($::instance_conf->get_is_changeable == 1),
today => DateTime->today,
vc_obj => $form->{customer_id} ? SL::DB::Customer->load_cached($form->{customer_id}) : undef,
+ shipto_cvars => $shipto_cvars,
});
##print $form->parse_html_template('is/_payments'); # parser
##print $form->parse_html_template('webdav/_list'); # parser
sub update {
$main::lxdebug->enter_sub();
+ _assert_access();
+
my $form = $main::form;
my %myconfig = %main::myconfig;
- $main::auth->assert('invoice_edit');
-
my ($recursive_call) = @_;
$form->{print_and_post} = 0 if $form->{second_run};
$::form->{salesman_id} = SL::DB::Manager::Employee->current->id if exists $::form->{salesman_id};
IS->get_customer(\%myconfig, $form);
+ $::form->{billing_address_id} = $::form->{default_billing_address_id};
}
$form->{taxincluded} ||= $taxincluded;
for my $i (1 .. $form->{paidaccounts}) {
next unless $form->{"paid_$i"};
- map { $form->{"${_}_$i"} = $form->parse_amount(\%myconfig, $form->{"${_}_$i"}) } qw(paid exchangerate);
- if (!$form->{"forex_$i"}) { #read exchangerate from input field (not hidden)
- $form->{exchangerate} = $form->{"exchangerate_$i"};
- }
+ map { $form->{"${_}_$i"} = $form->parse_amount(\%myconfig, $form->{"${_}_$i"}) } qw(paid exchangerate);
$form->{"forex_$i"} = $form->check_exchangerate(\%myconfig, $form->{currency}, $form->{"datepaid_$i"}, 'buy');
$form->{"exchangerate_$i"} = $form->{"forex_$i"} if $form->{"forex_$i"};
}
# ask if it is a part or service item
if ( $form->{"partsgroup_$i"}
- && ($form->{"partsnumber_$i"} eq "")
+ && ($form->{"partnumber_$i" } eq "")
&& ($form->{"description_$i"} eq "")) {
$form->{rowcount}--;
$form->{"discount_$i"} = "";
sub display_form {
$::lxdebug->enter_sub;
- $::auth->assert('invoice_edit');
+ _assert_access();
relink_accounts();
projects / kivitendo-erp.git / blobdiff