use POSIX qw(strftime);
+use SL::FU;
use SL::OE;
use SL::IR;
use SL::IS;
use SL::PE;
use SL::ReportGenerator;
-use List::Util qw(max reduce);
+use List::Util qw(max reduce sum);
require "bin/mozilla/io.pl";
require "bin/mozilla/arap.pl";
# $locale->text('Workflow request_quotation');
# $locale->text('Workflow sales_quotation');
+my $oe_access_map = {
+ 'sales_order' => 'sales_order_edit',
+ 'purchase_order' => 'purchase_order_edit',
+ 'request_quotation' => 'request_quotation_edit',
+ 'sales_quotation' => 'sales_quotation_edit',
+};
+
+sub check_oe_access {
+ my $right = $oe_access_map->{$form->{type}};
+ $right ||= 'DOES_NOT_EXIST';
+
+ $auth->assert($right);
+}
+
sub set_headings {
$lxdebug->enter_sub();
+ check_oe_access();
+
my ($action) = @_;
if ($form->{type} eq 'purchase_order') {
sub add {
$lxdebug->enter_sub();
+ check_oe_access();
+
set_headings("add");
$form->{callback} =
- "$form->{script}?action=add&type=$form->{type}&vc=$form->{vc}&login=$form->{login}&password=$form->{password}"
+ "$form->{script}?action=add&type=$form->{type}&vc=$form->{vc}"
unless $form->{callback};
&order_links;
sub edit {
$lxdebug->enter_sub();
+
+ check_oe_access();
+
# show history button
$form->{javascript} = qq|<script type="text/javascript" src="js/show_history.js"></script>|;
#/show hhistory button
sub order_links {
$lxdebug->enter_sub();
+
+ check_oe_access();
+
# get customer/vendor
$form->all_vc(\%myconfig, $form->{vc}, ($form->{vc} eq 'customer') ? "AR" : "AP");
sub prepare_order {
$lxdebug->enter_sub();
+
+ check_oe_access();
+
$form->{formname} = $form->{type} unless $form->{formname};
my $i = 0;
$lxdebug->enter_sub();
my @custom_hiddens;
+ check_oe_access();
+
# Container for template variables. Unfortunately this has to be visible in form_footer too, so not my.
our %TMPL_VAR = ();
$credittext = $locale->text('Credit Limit exceeded!!!');
+ my $follow_up_vc = $form->{ $form->{vc} eq 'customer' ? 'customer' : 'vendor' };
+ $follow_up_vc =~ s/--.*?//;
+ $TMPL_VAR{follow_up_trans_info} = ($form->{type} =~ /_quotation$/ ? $form->{quonumber} : $form->{ordnumber}) . " ($follow_up_vc)";
+
+ if ($form->{id}) {
+ my $follow_ups = FU->follow_ups('trans_id' => $form->{id});
+
+ if (scalar @{ $follow_ups }) {
+ $TMPL_VAR{num_follow_ups} = scalar @{ $follow_ups };
+ $TMPL_VAR{num_due_follow_ups} = sum map { $_->{due} * 1 } @{ $follow_ups };
+ }
+ }
+
$onload = ($form->{resubmit} && ($form->{format} eq "html")) ? "window.open('about:blank','Beleg'); document.oe.target = 'Beleg';document.oe.submit()"
: ($form->{resubmit}) ? "document.oe.submit()"
: ($creditwarning) ? "alert('$credittext')"
$onload .= qq|;setupDateFormat('|. $myconfig{dateformat} .qq|', '|. $locale->text("Falsches Datumsformat!") .qq|')|;
$onload .= qq|;setupPoints('|. $myconfig{numberformat} .qq|', '|. $locale->text("wrongformat") .qq|')|;
$TMPL_VAR{onload} = $onload;
-
+
$form->{javascript} .= qq|<script type="text/javascript" src="js/show_form_details.js"></script>|;
$form->{javascript} .= qq|<script type="text/javascript" src="js/show_history.js"></script>|;
$form->{javascript} .= qq|<script type="text/javascript" src="js/show_vc_details.js"></script>|;
sub form_footer {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->{invtotal} = $form->{invsubtotal};
$rows = max 2, $form->numtextrows($form->{notes}, 25, 8);
my ($recursive_call) = shift;
+ check_oe_access();
+
set_headings($form->{"id"} ? "edit" : "add");
- map { $form->{$_} = $form->parse_amount(\%myconfig, $form->{$_}) } qw(exchangerate creditlimit creditremaining) unless $recursive_call;
+ map { $form->{$_} = $form->parse_amount(\%myconfig, $form->{$_}) } qw(exchangerate) unless $recursive_call;
$form->{update} = 1;
$payment_id = $form->{payment_id} if $form->{payment_id};
sub search {
$lxdebug->enter_sub();
+ check_oe_access();
+
if ($form->{type} eq 'purchase_order') {
$form->{title} = $locale->text('Purchase Orders');
$form->{vc} = 'vendor';
<tr>
<td><input name="l_id" class=checkbox type=checkbox value=Y> | . $locale->text('ID') . qq|</td>
<td><input name="l_$ordnumber" class=checkbox type=checkbox value=Y checked> $ordlabel</td>
+ </tr>
+ <tr>
<td><input name="l_transdate" class=checkbox type=checkbox value=Y checked> | . $locale->text('Date') . qq|</td>
<td><input name="l_reqdate" class=checkbox type=checkbox value=Y checked> | . $locale->text('Required by') . qq|</td>
</tr>
<br>
<input type=hidden name=nextsub value=orders>
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
<input type=hidden name=vc value=$form->{vc}>
<input type=hidden name=type value=$form->{type}>
sub orders {
$lxdebug->enter_sub();
+ check_oe_access();
+
$ordnumber = ($form->{type} =~ /_order$/) ? "ordnumber" : "quonumber";
($form->{ $form->{vc} }, $form->{"${form->{vc}}_id"}) = split(/--/, $form->{ $form->{vc} });
'transaction_description' => { 'text' => $locale->text('Transaction description'), },
'open' => { 'text' => $locale->text('Open'), },
'delivered' => { 'text' => $locale->text('Delivered'), },
- 'marge_total' => { 'text' => $locale->text('Ertrag'), },
+ 'marge_total' => { 'text' => $locale->text('Ertrag'), },
'marge_percent' => { 'text' => $locale->text('Ertrag prozentual'), }
);
sub check_delivered_flag {
$lxdebug->enter_sub();
+ check_oe_access();
+
if (($form->{type} ne 'sales_order') && ($form->{type} ne 'purchase_order')) {
return $lxdebug->leave_sub();
}
sub save_and_close {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->{defaultcurrency} = $form->get_default_currency(\%myconfig);
if ($form->{type} =~ /_order$/) {
sub save {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->{defaultcurrency} = $form->get_default_currency(\%myconfig);
sub delete {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->header;
if ($form->{type} =~ /_order$/) {
map { delete $form->{$_} } qw(action header);
foreach $key (keys %$form) {
+ next if (($key eq 'login') || ($key eq 'password') || ('' ne ref $form->{$key}));
$form->{$key} =~ s/\"/"/g;
print qq|<input type=hidden name=$key value="$form->{$key}">\n|;
}
sub delete_order_quotation {
$lxdebug->enter_sub();
+ check_oe_access();
+
if ($form->{type} =~ /_order$/) {
$msg = $locale->text('Order deleted!');
$err = $locale->text('Cannot delete order!');
sub invoice {
$lxdebug->enter_sub();
+ check_oe_access();
+ $auth->assert($form->{type} eq 'purchase_order' || $form->{type} eq 'request_quotation' ? 'vendor_invoice_edit' : 'invoice_edit');
+
$form->{old_employee_id} = $form->{employee_id};
$form->{old_salesman_id} = $form->{salesman_id};
map { $form->{"select$_"} = "" } ($form->{vc}, currency);
- map { $form->{$_} = $form->parse_amount(\%myconfig, $form->{$_}) }
- qw(creditlimit creditremaining);
-
$currency = $form->{currency};
&invoice_links;
sub backorder_exchangerate {
$lxdebug->enter_sub();
+
+ check_oe_access();
+
my ($orddate, $buysell) = @_;
$form->header;
map { delete $form->{$_} } qw(action header exchangerate);
foreach $key (keys %$form) {
+ next if (($key eq 'login') || ($key eq 'password') || ('' ne ref $form->{$key}));
$form->{$key} =~ s/\"/"/g;
print qq|<input type=hidden name=$key value="$form->{$key}">\n|;
}
print qq|
-<input type=hidden name=login value=$form->{login}>
-<input type=hidden name=password value=$form->{password}>
-
<input type=hidden name=exchangeratedate value=$orddate>
<input type=hidden name=buysell value=$buysell>
sub save_as_new {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->{saveasnew} = 1;
$form->{closed} = 0;
map { delete $form->{$_} } qw(printed emailed queued);
sub check_for_direct_delivery_yes {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->{direct_delivery_checked} = 1;
delete @{$form}{grep /^shipto/, keys %{ $form }};
map { s/^CFDD_//; $form->{$_} = $form->{"CFDD_${_}"} } grep /^CFDD_/, keys %{ $form };
sub check_for_direct_delivery_no {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->{direct_delivery_checked} = 1;
delete @{$form}{grep /^shipto/, keys %{ $form }};
purchase_order();
sub check_for_direct_delivery {
$lxdebug->enter_sub();
+ check_oe_access();
+
if ($form->{direct_delivery_checked}
|| (!$form->{shiptoname} && !$form->{shiptostreet} && !$form->{shipto_id})) {
$lxdebug->leave_sub();
}
delete $form->{action};
- $form->{VARIABLES} = [ map { { "key" => $_, "value" => $form->{$_} } } grep { ref $_ eq "" } keys %{ $form } ];
+ $form->{VARIABLES} = [ map { { "key" => $_, "value" => $form->{$_} } } grep { ($_ ne 'login') && ($_ ne 'password') && (ref $_ eq "") } keys %{ $form } ];
$form->header();
print $form->parse_html_template("oe/check_for_direct_delivery");
sub purchase_order {
$lxdebug->enter_sub();
+ check_oe_access();
+ $auth->assert('purchase_order_edit');
+
if ($form->{type} eq 'sales_order') {
check_for_direct_delivery();
}
sub sales_order {
$lxdebug->enter_sub();
+ check_oe_access();
+ $auth->assert('sales_order_edit');
+
if ( $form->{type} eq 'sales_quotation'
|| $form->{type} eq 'request_quotation') {
OE->close_order(\%myconfig, $form);
sub poso {
$lxdebug->enter_sub();
+ check_oe_access();
+ $auth->assert('purchase_order_edit | sales_order_edit');
+
$form->{transdate} = $form->current_date(\%myconfig);
delete $form->{duedate};
qw(partnumber description unit);
}
- map { $form->{$_} = $form->format_amount(\%myconfig, $form->{$_}, 0, "0") }
- qw(creditlimit creditremaining);
-
&update;
$lxdebug->leave_sub();
}
+sub delivery_order {
+ $lxdebug->enter_sub();
+
+ if ($form->{type} =~ /^sales/) {
+ $auth->assert('sales_delivery_order_edit');
+
+ $form->{vc} = 'customer';
+ $form->{type} = 'sales_delivery_order';
+
+ } else {
+ $auth->assert('purchase_delivery_order_edit');
+
+ $form->{vc} = 'vendor';
+ $form->{type} = 'purchase_delivery_order';
+ }
+
+ require "bin/mozilla/do.pl";
+
+ $form->{cp_id} *= 1;
+ $form->{transdate} = $form->current_date(\%myconfig);
+ delete $form->{duedate};
+
+ $form->{closed} = 0;
+
+ $form->{old_employee_id} = $form->{employee_id};
+ $form->{old_salesman_id} = $form->{salesman_id};
+
+ # reset
+ map { delete $form->{$_} } qw(id subject message cc bcc printed emailed queued creditlimit creditremaining discount tradediscount oldinvtotal);
+
+ for $i (1 .. $form->{rowcount}) {
+ map { $form->{"${_}_${i}"} = $form->parse_amount(\%myconfig, $form->{"${_}_${i}"}) if ($form->{"${_}_${i}"}) } qw(ship qty sellprice listprice basefactor);
+ }
+
+ my %old_values = map { $_ => $form->{$_} } qw(customer_id oldcustomer customer vendor_id oldvendor vendor);
+
+ order_links();
+
+ prepare_order();
+
+ map { $form->{$_} = $old_values{$_} if ($old_values{$_}) } keys %old_values;
+
+ update();
+
+ $lxdebug->leave_sub();
+}
+
sub e_mail {
$lxdebug->enter_sub();
+ check_oe_access();
+
$form->{print_and_save} = 1;
$print_post = 1;
save();
- my %saved_vars;
- map({ $saved_vars{$_} = $form->{$_}; } qw(id ordnumber quonumber));
- restore_form($saved_form);
- map({ $form->{$_} = $saved_vars{$_}; } qw(id ordnumber quonumber));
+ restore_form($saved_form, 0, qw(id ordnumber quonumber));
edit_e_mail();
sub display_form {
$lxdebug->enter_sub();
+ check_oe_access();
+
+ retrieve_partunits() if ($form->{type} =~ /_delivery_order$/);
+
$form->{"taxaccounts"} =~ s/\s*$//;
$form->{"taxaccounts"} =~ s/^\s*//;
foreach my $accno (split(/\s*/, $form->{"taxaccounts"})) {
$lxdebug->leave_sub();
}
+sub report_for_todo_list {
+ $lxdebug->enter_sub();
+
+ my $quotations = OE->transactions_for_todo_list();
+ my $content;
+
+ if (@{ $quotations }) {
+ my $edit_url = build_std_url('script=oe.pl', 'action=edit', 'type=sales_quotation', 'vc=customer');
+
+ $content = $form->parse_html_template('oe/report_for_todo_list', { 'QUOTATIONS' => $quotations,
+ 'edit_url' => $edit_url });
+ }
+
+ $lxdebug->leave_sub();
+
+ return $content;
+}
+
projects / kivitendo-erp.git / blobdiff