X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FOrder.pm;h=b7793b1beffbcce17481b596b1c9a8b555417429;hb=7bacc2aae8c0bf72a8fe1eaf757890184e6950f8;hp=b4328a1e23cdb1cd5d3276c9362e0fd9057f285c;hpb=9f0c5105e2c79feead651fd0de5d9ba725a2c1ff;p=kivitendo-erp.git diff --git a/SL/Controller/Order.pm b/SL/Controller/Order.pm index b4328a1e2..b7793b1be 100644 --- a/SL/Controller/Order.pm +++ b/SL/Controller/Order.pm @@ -56,6 +56,9 @@ use Rose::Object::MakeMethods::Generic # safety __PACKAGE__->run_before('check_auth'); +__PACKAGE__->run_before('check_auth_for_edit', + except => [ qw(edit show_customer_vendor_details_dialog price_popup load_second_rows) ]); + __PACKAGE__->run_before('recalc', only => [ qw(save save_as_new save_and_delivery_order save_and_invoice save_and_invoice_for_advance_payment save_and_final_invoice save_and_ap_transaction print send_email) ]); @@ -301,7 +304,8 @@ sub action_print { my $doc_filename = $form->generate_attachment_filename(); my $doc; - my @errors = $self->generate_doc(\$doc, { format => $format, + my @errors = $self->generate_doc(\$doc, { media => $media, + format => $format, formname => $formname, language => $self->order->language, printer_id => $printer_id, @@ -368,7 +372,8 @@ sub action_preview_pdf { my $pdf_filename = $form->generate_attachment_filename(); my $pdf; - my @errors = $self->generate_doc(\$pdf, { format => $format, + my @errors = $self->generate_doc(\$pdf, { media => $media, + format => $format, formname => $formname, language => $self->order->language, }); @@ -514,18 +519,20 @@ sub action_send_email { $::form->{id} = $self->order->id; # this is used in SL::Mailer to create a linked record to the mail $::form->send_email(\%::myconfig, $::form->{print_options}->{format}); - # internal notes - my $intnotes = $self->order->intnotes; - $intnotes .= "\n\n" if $self->order->intnotes; - $intnotes .= t8('[email]') . "\n"; - $intnotes .= t8('Date') . ": " . $::locale->format_date_object(DateTime->now_local, precision => 'seconds') . "\n"; - $intnotes .= t8('To (email)') . ": " . $::form->{email} . "\n"; - $intnotes .= t8('Cc') . ": " . $::form->{cc} . "\n" if $::form->{cc}; - $intnotes .= t8('Bcc') . ": " . $::form->{bcc} . "\n" if $::form->{bcc}; - $intnotes .= t8('Subject') . ": " . $::form->{subject} . "\n\n"; - $intnotes .= t8('Message') . ": " . SL::HTML::Util->strip($::form->{message}); + # internal notes unless no email journal + unless ($::instance_conf->get_email_journal) { + my $intnotes = $self->order->intnotes; + $intnotes .= "\n\n" if $self->order->intnotes; + $intnotes .= t8('[email]') . "\n"; + $intnotes .= t8('Date') . ": " . $::locale->format_date_object(DateTime->now_local, precision => 'seconds') . "\n"; + $intnotes .= t8('To (email)') . ": " . $::form->{email} . "\n"; + $intnotes .= t8('Cc') . ": " . $::form->{cc} . "\n" if $::form->{cc}; + $intnotes .= t8('Bcc') . ": " . $::form->{bcc} . "\n" if $::form->{bcc}; + $intnotes .= t8('Subject') . ": " . $::form->{subject} . "\n\n"; + $intnotes .= t8('Message') . ": " . SL::HTML::Util->strip($::form->{message}); - $self->order->update_attributes(intnotes => $intnotes); + $self->order->update_attributes(intnotes => $intnotes); + } $self->save_history('MAILED'); @@ -677,6 +684,16 @@ sub action_save_and_delivery_order { ); } +sub action_save_and_supplier_delivery_order { + my ($self) = @_; + + $self->save_and_redirect_to( + controller => 'controller.pl', + action => 'DeliveryOrder/add_from_order', + type => 'supplier_delivery_order', + ); +} + # save the order and redirect to the frontend subroutine for a new # invoice sub action_save_and_invoice { @@ -1358,6 +1375,17 @@ sub init_part_picker_classification_ids { sub check_auth { my ($self) = @_; + my $right_for = { map { $_ => $_.'_edit' . ' | ' . $_.'_view' } @{$self->valid_types} }; + + my $right = $right_for->{ $self->type }; + $right ||= 'DOES_NOT_EXIST'; + + $::auth->assert($right); +} + +sub check_auth_for_edit { + my ($self) = @_; + my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} }; my $right = $right_for->{ $self->type }; @@ -1652,7 +1680,7 @@ sub new_item { sub setup_order_from_cv { my ($order) = @_; - $order->$_($order->customervendor->$_) for (qw(taxzone_id payment_id delivery_term_id currency_id)); + $order->$_($order->customervendor->$_) for (qw(taxzone_id payment_id delivery_term_id currency_id language_id)); $order->intnotes($order->customervendor->notes); @@ -1819,7 +1847,10 @@ sub workflow_sales_or_request_for_quotation { my $destination_type = $::form->{type} eq sales_order_type() ? sales_quotation_type() : request_quotation_type(); $self->order(SL::DB::Order->new_from($self->order, destination_type => $destination_type)); - $self->{converted_from_oe_id} = delete $::form->{id}; + delete $::form->{id}; + + # no linked records from order to quotations + delete $::form->{$_} for qw(converted_from_oe_id converted_from_orderitems_ids); # set item ids to new fake id, to identify them as new items foreach my $item (@{$self->order->items_sorted}) { @@ -2006,6 +2037,11 @@ sub setup_edit_action_bar { $has_final_invoice = any {'SL::DB::Invoice' eq ref $_ && "final_invoice" eq $_->type} @$lr; } + my $right_for = { map { $_ => $_.'_edit' } @{$self->valid_types} }; + my $right = $right_for->{ $self->type }; + $right ||= 'DOES_NOT_EXIST'; + my $may_edit_create = $::auth->assert($right, 'may fail'); + for my $bar ($::request->layout->get('actionbar')) { $bar->add( combobox => [ @@ -2017,6 +2053,7 @@ sub setup_edit_action_bar { checks => [ 'kivi.Order.check_save_active_periodic_invoices', ['kivi.validate_form','#order_form'], @req_trans_cost_art, @req_cusordnumber, ], + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save as new'), @@ -2024,7 +2061,9 @@ sub setup_edit_action_bar { checks => [ 'kivi.Order.check_save_active_periodic_invoices', @req_trans_cost_art, @req_cusordnumber, ], - disabled => !$self->order->id ? t8('This object has not been saved yet.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$self->order->id ? t8('This object has not been saved yet.') + : undef, ], ], # end of combobox "Save" @@ -2037,23 +2076,27 @@ sub setup_edit_action_bar { submit => [ '#order_form', { action => "Order/sales_quotation" } ], checks => [ @req_trans_cost_art, @req_cusordnumber ], only_if => (any { $self->type eq $_ } (sales_order_type())), + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save and RFQ'), submit => [ '#order_form', { action => "Order/request_for_quotation" } ], only_if => (any { $self->type eq $_ } (purchase_order_type())), + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save and Sales Order'), submit => [ '#order_form', { action => "Order/sales_order" } ], checks => [ @req_trans_cost_art ], only_if => (any { $self->type eq $_ } (sales_quotation_type(), purchase_order_type())), + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save and Purchase Order'), call => [ 'kivi.Order.purchase_order_check_for_direct_delivery' ], checks => [ @req_trans_cost_art, @req_cusordnumber ], only_if => (any { $self->type eq $_ } (sales_order_type(), request_quotation_type())), + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save and Delivery Order'), @@ -2063,7 +2106,19 @@ sub setup_edit_action_bar { checks => [ 'kivi.Order.check_save_active_periodic_invoices', @req_trans_cost_art, @req_cusordnumber, ], - only_if => (any { $self->type eq $_ } (sales_order_type(), purchase_order_type())) + only_if => (any { $self->type eq $_ } (sales_order_type(), purchase_order_type())), + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, + ], + action => [ + t8('Save and Supplier Delivery Order'), + call => [ 'kivi.Order.save', 'save_and_supplier_delivery_order', $::instance_conf->get_order_warn_duplicate_parts, + $::instance_conf->get_order_warn_no_deliverydate, + ], + checks => [ 'kivi.Order.check_save_active_periodic_invoices', + @req_trans_cost_art, @req_cusordnumber, + ], + only_if => (any { $self->type eq $_ } (purchase_order_type())), + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save and Invoice'), @@ -2071,6 +2126,7 @@ sub setup_edit_action_bar { checks => [ 'kivi.Order.check_save_active_periodic_invoices', @req_trans_cost_art, @req_cusordnumber, ], + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ ($has_invoice_for_advance_payment ? t8('Save and Further Invoice for Advance Payment') : t8('Save and Invoice for Advance Payment')), @@ -2078,8 +2134,9 @@ sub setup_edit_action_bar { checks => [ 'kivi.Order.check_save_active_periodic_invoices', @req_trans_cost_art, @req_cusordnumber, ], - disabled => $has_final_invoice ? t8('This order has already a final invoice.') - : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : $has_final_invoice ? t8('This order has already a final invoice.') + : undef, only_if => (any { $self->type eq $_ } (sales_order_type())), ], action => [ @@ -2088,14 +2145,16 @@ sub setup_edit_action_bar { checks => [ 'kivi.Order.check_save_active_periodic_invoices', @req_trans_cost_art, @req_cusordnumber, ], - disabled => $has_final_invoice ? t8('This order has already a final invoice.') - : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : $has_final_invoice ? t8('This order has already a final invoice.') + : undef, only_if => (any { $self->type eq $_ } (sales_order_type())) && $has_invoice_for_advance_payment, ], action => [ t8('Save and AP Transaction'), call => [ 'kivi.Order.save', 'save_and_ap_transaction', $::instance_conf->get_order_warn_duplicate_parts ], - only_if => (any { $self->type eq $_ } (purchase_order_type())) + only_if => (any { $self->type eq $_ } (purchase_order_type())), + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], ], # end of combobox "Workflow" @@ -2106,25 +2165,29 @@ sub setup_edit_action_bar { ], action => [ t8('Save and preview PDF'), - call => [ 'kivi.Order.save', 'preview_pdf', $::instance_conf->get_order_warn_duplicate_parts, - $::instance_conf->get_order_warn_no_deliverydate, - ], - checks => [ @req_trans_cost_art, @req_cusordnumber ], + call => [ 'kivi.Order.save', 'preview_pdf', $::instance_conf->get_order_warn_duplicate_parts, + $::instance_conf->get_order_warn_no_deliverydate, + ], + checks => [ @req_trans_cost_art, @req_cusordnumber ], + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save and print'), - call => [ 'kivi.Order.show_print_options', $::instance_conf->get_order_warn_duplicate_parts, - $::instance_conf->get_order_warn_no_deliverydate, - ], - checks => [ @req_trans_cost_art, @req_cusordnumber ], + call => [ 'kivi.Order.show_print_options', $::instance_conf->get_order_warn_duplicate_parts, + $::instance_conf->get_order_warn_no_deliverydate, + ], + checks => [ @req_trans_cost_art, @req_cusordnumber ], + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('Save and E-mail'), - id => 'save_and_email_action', - call => [ 'kivi.Order.save', 'save_and_show_email_dialog', $::instance_conf->get_order_warn_duplicate_parts, - $::instance_conf->get_order_warn_no_deliverydate, - ], - disabled => !$self->order->id ? t8('This object has not been saved yet.') : undef, + id => 'save_and_email_action', + call => [ 'kivi.Order.save', 'save_and_show_email_dialog', $::instance_conf->get_order_warn_duplicate_parts, + $::instance_conf->get_order_warn_no_deliverydate, + ], + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$self->order->id ? t8('This object has not been saved yet.') + : undef, ], action => [ t8('Download attachments of all parts'), @@ -2138,26 +2201,12 @@ sub setup_edit_action_bar { t8('Delete'), call => [ 'kivi.Order.delete_order' ], confirm => $::locale->text('Do you really want to delete this object?'), - disabled => !$self->order->id ? t8('This object has not been saved yet.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$self->order->id ? t8('This object has not been saved yet.') + : undef, only_if => $deletion_allowed, ], - combobox => [ - action => [ - t8('more') - ], - action => [ - t8('History'), - call => [ 'set_history_window', $self->order->id, 'id' ], - disabled => !$self->order->id ? t8('This record has not been saved yet.') : undef, - ], - action => [ - t8('Follow-Up'), - call => [ 'kivi.Order.follow_up_window' ], - disabled => !$self->order->id ? t8('This object has not been saved yet.') : undef, - only_if => $::auth->assert('productivity', 1), - ], - ], # end of combobox "more" ); } }