X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FController%2FTimeRecording.pm;h=e852ba1a930b9c16e7b596afe00b1aa37c016ee0;hb=9c2d09b80c7fe80982c4e63b5fb051002a152411;hp=9ed3c72373b3d1be1e1343d1c161597c06ee3848;hpb=2ba42577fce2f8a7da0e9aead95292ba6ccff0b0;p=kivitendo-erp.git

diff --git a/SL/Controller/TimeRecording.pm b/SL/Controller/TimeRecording.pm
index 9ed3c7237..e852ba1a9 100644
--- a/SL/Controller/TimeRecording.pm
+++ b/SL/Controller/TimeRecording.pm
@@ -11,35 +11,39 @@ use SL::Controller::Helper::GetModels;
 use SL::Controller::Helper::ReportGenerator;
 use SL::DB::Customer;
 use SL::DB::Employee;
+use SL::DB::Part;
 use SL::DB::TimeRecording;
+use SL::DB::TimeRecordingArticle;
 use SL::Locale::String qw(t8);
 use SL::ReportGenerator;
 
 use Rose::Object::MakeMethods::Generic
 (
 # scalar                  => [ qw() ],
- 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees can_view_all) ],
+ 'scalar --get_set_init' => [ qw(time_recording models all_employees all_time_recording_articles can_view_all can_edit_all) ],
 );
 
 
 # safety
 __PACKAGE__->run_before('check_auth');
-
-#
-# actions
-#
+__PACKAGE__->run_before('check_auth_edit', only => [ qw(edit save delete) ]);
 
 my %sort_columns = (
   start_time   => t8('Start'),
   end_time     => t8('End'),
   customer     => t8('Customer'),
-  type         => t8('Type'),
+  part         => t8('Article'),
   project      => t8('Project'),
   description  => t8('Description'),
   staff_member => t8('Mitarbeiter'),
   duration     => t8('Duration'),
+  booked       => t8('Booked'),
 );
 
+#
+# actions
+#
+
 sub action_list {
   my ($self, %params) = @_;
 
@@ -102,8 +106,9 @@ sub action_delete {
 }
 
 sub init_time_recording {
-  my $time_recording = ($::form->{id}) ? SL::DB::TimeRecording->new(id => $::form->{id})->load
-                                       : SL::DB::TimeRecording->new(start_time => DateTime->now_local);
+  my $is_new         = !$::form->{id};
+  my $time_recording = $is_new ? SL::DB::TimeRecording->new(start_time => DateTime->now_local)
+                               : SL::DB::TimeRecording->new(id => $::form->{id})->load;
 
   my %attributes = %{ $::form->{time_recording} || {} };
 
@@ -119,7 +124,11 @@ sub init_time_recording {
     }
   }
 
-  $attributes{staff_member_id} = $attributes{employee_id} = SL::DB::Manager::Employee->current->id;
+  # do not overwright staff member if you do not have the right
+  delete $attributes{staff_member_id} if !$_[0]->can_edit_all;
+  $attributes{staff_member_id} = SL::DB::Manager::Employee->current->id if $is_new;
+
+  $attributes{employee_id}     = SL::DB::Manager::Employee->current->id;
 
   $time_recording->assign_attributes(%attributes);
 
@@ -130,6 +139,10 @@ sub init_can_view_all {
   $::auth->assert('time_recording_show_all', 1) || $::auth->assert('time_recording_edit_all', 1)
 }
 
+sub init_can_edit_all {
+  $::auth->assert('time_recording_edit_all', 1)
+}
+
 sub init_models {
   my ($self) = @_;
 
@@ -141,29 +154,48 @@ sub init_models {
     sorted         => \%sort_columns,
     disable_plugin => 'paginated',
     query          => \@where,
-    with_objects   => [ 'customer', 'type', 'project', 'staff_member', 'employee' ],
+    with_objects   => [ 'customer', 'part', 'project', 'staff_member', 'employee' ],
   );
 }
 
-sub init_all_time_recording_types {
-  SL::DB::Manager::TimeRecordingType->get_all_sorted(query => [obsolete => 0]);
-}
-
 sub init_all_employees {
   SL::DB::Manager::Employee->get_all_sorted(query => [ deleted => 0 ]);
 }
 
+sub init_all_time_recording_articles {
+  my $selectable_parts = SL::DB::Manager::TimeRecordingArticle->get_all_sorted(
+    query        => [or => [ 'part.obsolete' => 0, 'part.obsolete' => undef ]],
+    with_objects => ['part']);
+
+  my $res              = [ map { {id => $_->part_id, description => $_->part->displayable_name} } @$selectable_parts];
+  my $curr_id          = $_[0]->time_recording->part_id;
+
+  if ($curr_id && !grep { $curr_id == $_->{id} } @$res) {
+    unshift @$res, {id => $curr_id, description => $_[0]->time_recording->part->displayable_name};
+  }
+
+  return $res;
+}
+
 sub check_auth {
   $::auth->assert('time_recording');
 }
 
+sub check_auth_edit {
+  my ($self) = @_;
+
+  if (!$self->can_edit_all && ($self->time_recording->staff_member_id != SL::DB::Manager::Employee->current->id)) {
+    $::form->error(t8('You do not have permission to access this entry.'));
+  }
+}
+
 sub prepare_report {
   my ($self) = @_;
 
   my $report      = SL::ReportGenerator->new(\%::myconfig, $::form);
   $self->{report} = $report;
 
-  my @columns  = qw(start_time end_time customer type project description staff_member duration);
+  my @columns  = qw(start_time end_time customer part project description staff_member duration booked);
 
   my %column_defs = (
     start_time   => { text => t8('Start'),        sub => sub { $_[0]->start_time_as_timestamp },
@@ -171,7 +203,7 @@ sub prepare_report {
     end_time     => { text => t8('End'),          sub => sub { $_[0]->end_time_as_timestamp },
                       obj_link => sub { $self->url_for(action => 'edit', 'id' => $_[0]->id, callback => $self->models->get_callback) }  },
     customer     => { text => t8('Customer'),     sub => sub { $_[0]->customer->displayable_name } },
-    type         => { text => t8('Type'),         sub => sub { $_[0]->type && $_[0]->type->abbreviation } },
+    part         => { text => t8('Article'),      sub => sub { $_[0]->part && $_[0]->part->displayable_name } },
     project      => { text => t8('Project'),      sub => sub { $_[0]->project && $_[0]->project->displayable_name } },
     description  => { text => t8('Description'),  sub => sub { $_[0]->description_as_stripped_html },
                       raw_data => sub { $_[0]->description_as_restricted_html }, # raw_data only used for html(?)
@@ -179,13 +211,17 @@ sub prepare_report {
     staff_member => { text => t8('Mitarbeiter'),  sub => sub { $_[0]->staff_member->safe_name } },
     duration     => { text => t8('Duration'),     sub => sub { $_[0]->duration_as_duration_string },
                       align => 'right'},
+    booked       => { text => t8('Booked'),       sub => sub { $_[0]->booked ? t8('Yes') : t8('No') } },
   );
 
+  my $title        = t8('Time Recordings');
+  $report->{title} = $title;    # for browser titlebar (title-tag)
+
   $report->set_options(
     controller_class      => 'TimeRecording',
     std_column_visibility => 1,
     output_format         => 'HTML',
-    title                 => t8('Time Recordings'),
+    title                 => $title, # for heading
     allow_pdf_export      => 1,
     allow_csv_export      => 1,
   );
@@ -196,7 +232,7 @@ sub prepare_report {
   $report->set_options_from_form;
 
   $self->models->disable_plugin('paginated') if $report->{options}{output_format} =~ /^(pdf|csv)$/i;
-  #$self->models->add_additional_url_params();
+  $self->models->add_additional_url_params(filter => $::form->{filter});
   $self->models->finalize;
   $self->models->set_report_generator_sort_options(report => $report, sortable_columns => [keys %sort_columns]);