X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FDraft.pm;h=ed2f602ce6b995a7ee3ee702493c6b4bd3817860;hb=b058e195e82aa1f6b7614b8f83be6122ec3d3dca;hp=3f03f2c67b1dc69b99721d8232c6fe6f88d5c2cb;hpb=a8e3100cce96084268ed6905033c99fffd8af776;p=kivitendo-erp.git

diff --git a/SL/Controller/Draft.pm b/SL/Controller/Draft.pm
index 3f03f2c67..ed2f602ce 100644
--- a/SL/Controller/Draft.pm
+++ b/SL/Controller/Draft.pm
@@ -68,6 +68,7 @@ sub action_save {
     $self->js
       ->flash('info', t8("Draft saved."))
       ->dialog->close('#save_draft')
+      ->val('#draft_id', $draft->id)
       ->render;
   }
 }
@@ -81,8 +82,6 @@ sub action_load {
     package main;
     require $allowed_modules{ $self->draft->module };
   }
-
-
   my $params = delete $::form->{form};
   my $new_form = YAML::Load($self->draft->form);
   $::form->{$_} = $new_form->{$_} for keys %$new_form;
@@ -91,9 +90,8 @@ sub action_load {
   if ($params && 'HASH' eq ref $params) {
     $::form->{$_} = $params->{$_} for keys %$params;
   }
-
   $::form->{script} = $self->draft->module . '.pl';
-  ::update();
+  ::show_draft();
 }
 
 sub action_delete {
@@ -134,13 +132,24 @@ sub _build_form {
 sub draft_list {
   my ($self) = @_;
 
-  my $result = selectall_hashref_query($::form, $::form->get_standard_dbh, <<SQL, $self->module, $self->submodule);
-    SELECT d.*, date(d.itime) AS date, e.name AS employee_name
+  if ($::auth->assert('all_drafts_edit', 1)) {
+   my $result = selectall_hashref_query($::form, $::form->get_standard_dbh, <<SQL, $self->module, $self->submodule);
+    SELECT d.*, date(d.itime) AS date
+    FROM drafts d
+    WHERE (d.module      = ?)
+      AND (d.submodule   = ?)
+    ORDER BY d.itime
+SQL
+  } else {
+    my $result = selectall_hashref_query($::form, $::form->get_standard_dbh, <<SQL, $self->module, $self->submodule, SL::DB::Manager::Employee->current->id);
+    SELECT d.*, date(d.itime) AS date
     FROM drafts d
-    LEFT JOIN employee e ON d.employee_id = e.id
-    WHERE (d.module = ?) AND (d.submodule = ?)
+    WHERE (d.module      = ?)
+      AND (d.submodule   = ?)
+      AND (d.employee_id = ?)
     ORDER BY d.itime
 SQL
+  }
 }
 
 sub dialog_html {
@@ -164,7 +173,7 @@ sub init_draft {
 }
 
 sub check_auth {
-  $::auth->assert('vendor_invoice_edit | invoice_edit | general_ledger');
+  $::auth->assert('vendor_invoice_edit | invoice_edit | ap_transactions | ar_transactions');
 }
 
 1;