X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=bin%2Fmozilla%2Fdo.pl;h=e0b4dbc54ed7270990f16661c8e4afa916f7fb1a;hb=94f5cb152afa9210162295b6727801c296af0631;hp=faaea12fabc54aeef2ea70c196d1af257efeb013;hpb=c7b5d49e014471b65e1e1c5a466f11e0a14079fc;p=kivitendo-erp.git diff --git a/bin/mozilla/do.pl b/bin/mozilla/do.pl index faaea12fa..e0b4dbc54 100644 --- a/bin/mozilla/do.pl +++ b/bin/mozilla/do.pl @@ -36,7 +36,10 @@ use List::MoreUtils qw(uniq); use List::Util qw(max sum); use POSIX qw(strftime); +use SL::Controller::DeliveryOrder; use SL::DB::DeliveryOrder; +use SL::DB::DeliveryOrder::TypeData qw(:types validate_type); +use SL::Helper::UserPreferences::DisplayPreferences; use SL::DO; use SL::IR; use SL::IS; @@ -55,8 +58,18 @@ use strict; # end of main +sub check_do_access_for_edit { + validate_type($::form->{type}); + + my $right = SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "edit"); + $main::auth->assert($right); +} + sub check_do_access { - $main::auth->assert($main::form->{type} . '_edit'); + validate_type($::form->{type}); + + my $right = SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "view"); + $main::auth->assert($right); } sub set_headings { @@ -85,7 +98,7 @@ sub set_headings { sub add { $main::lxdebug->enter_sub(); - check_do_access(); + check_do_access_for_edit(); if (($::form->{type} =~ /purchase/) && !$::instance_conf->get_allow_new_purchase_invoice) { $::form->show_generic_error($::locale->text("You do not have the permissions to access this function.")); @@ -98,7 +111,7 @@ sub add { $form->{show_details} = $::myconfig{show_form_details}; $form->{callback} = build_std_url('action=add', 'type', 'vc') unless ($form->{callback}); - order_links(); + order_links(is_new => 1); prepare_order(); display_form(); @@ -168,6 +181,7 @@ sub order_links { check_do_access(); + my %params = @_; my $form = $main::form; my %myconfig = %main::myconfig; @@ -186,6 +200,7 @@ sub order_links { } else { IS->get_customer(\%myconfig, \%$form); $form->{discount} = $form->{customer_discount}; + $form->{billing_address_id} = $form->{default_billing_address_id} if $params{is_new}; } $form->restore_vars(qw(payment_id language_id taxzone_id intnotes cp_id delivery_term_id)); @@ -247,11 +262,15 @@ sub setup_do_action_bar { if (ref $undo_date eq 'DateTime' && ref $insertdate eq 'DateTime') { $undo_transfer = $insertdate > $undo_date; } + + my $may_edit_create = $::auth->assert(SL::DB::DeliveryOrder::TypeData::get3($::form->{type}, "rights", "edit"), 1); + for my $bar ($::request->layout->get('actionbar')) { $bar->add( action => [ t8('Update'), submit => [ '#form', { action => "update" } ], + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, id => 'update_button', accesskey => 'enter', ], @@ -261,20 +280,24 @@ sub setup_do_action_bar { t8('Save'), submit => [ '#form', { action => "save" } ], checks => [ 'kivi.validate_form' ], - disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : $::form->{delivered} ? t8('This record has already been delivered.') + : undef, ], action => [ t8('Save as new'), submit => [ '#form', { action => "save_as_new" } ], checks => [ 'kivi.validate_form' ], - disabled => !$::form->{id}, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$::form->{id}, ], action => [ t8('Mark as closed'), submit => [ '#form', { action => "mark_closed" } ], checks => [ 'kivi.validate_form' ], confirm => t8('This will remove the delivery order from showing as open even if contents are not delivered. Proceed?'), - disabled => !$::form->{id} ? t8('This record has not been saved yet.') + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$::form->{id} ? t8('This record has not been saved yet.') : $::form->{closed} ? t8('This record has already been closed.') : undef, ], @@ -284,7 +307,8 @@ sub setup_do_action_bar { t8('Delete'), submit => [ '#form', { action => "delete" } ], confirm => t8('Do you really want to delete this object?'), - disabled => !$::form->{id} ? t8('This record has not been saved yet.') + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$::form->{id} ? t8('This record has not been saved yet.') : $::form->{delivered} ? t8('This record has already been delivered.') : ($::form->{vc} eq 'customer' && !$::instance_conf->get_sales_delivery_order_show_delete) ? t8('Deleting this type of record has been disabled in the configuration.') : ($::form->{vc} eq 'vendor' && !$::instance_conf->get_purchase_delivery_order_show_delete) ? t8('Deleting this type of record has been disabled in the configuration.') @@ -296,28 +320,36 @@ sub setup_do_action_bar { t8('Transfer out'), submit => [ '#form', { action => "transfer_out" } ], checks => [ 'kivi.validate_form', @transfer_qty ], - disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : $::form->{delivered} ? t8('This record has already been delivered.') + : undef, only_if => $is_customer, ], action => [ t8('Transfer out via default'), submit => [ '#form', { action => "transfer_out_default" } ], checks => [ 'kivi.validate_form' ], - disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : $::form->{delivered} ? t8('This record has already been delivered.') + : undef, only_if => $is_customer && $::instance_conf->get_transfer_default, ], action => [ t8('Transfer in'), submit => [ '#form', { action => "transfer_in" } ], checks => [ 'kivi.validate_form', @transfer_qty ], - disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : $::form->{delivered} ? t8('This record has already been delivered.') + : undef, only_if => !$is_customer, ], action => [ t8('Transfer in via default'), submit => [ '#form', { action => "transfer_in_default" } ], checks => [ 'kivi.validate_form' ], - disabled => $::form->{delivered} ? t8('This record has already been delivered.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : $::form->{delivered} ? t8('This record has already been delivered.') + : undef, only_if => !$is_customer && $::instance_conf->get_transfer_default, ], action => [ @@ -325,7 +357,9 @@ sub setup_do_action_bar { submit => [ '#form', { action => "delete_transfers" } ], checks => [ 'kivi.validate_form' ], only_if => $::form->{delivered}, - disabled => !$undo_transfer ? t8('Transfer date exceeds the maximum allowed interval.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$undo_transfer ? t8('Transfer date exceeds the maximum allowed interval.') + : undef, ], ], # end of combobox "Transfer out" @@ -346,14 +380,17 @@ sub setup_do_action_bar { action => [ t8('Export') ], action => [ t8('Print'), - call => [ 'kivi.SalesPurchase.show_print_dialog' ], - checks => [ 'kivi.validate_form' ], + call => [ 'kivi.SalesPurchase.show_print_dialog' ], + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') : undef, ], action => [ t8('E Mail'), call => [ 'kivi.SalesPurchase.show_email_dialog' ], checks => [ 'kivi.validate_form' ], - disabled => !$::form->{id} ? t8('This record has not been saved yet.') : undef, + disabled => !$may_edit_create ? t8('You do not have the permissions to access this function.') + : !$::form->{id} ? t8('This record has not been saved yet.') + : undef, ], ], # end of combobox "Export" @@ -481,6 +518,7 @@ sub form_header { $form->{follow_up_trans_info} = $form->{donumber} .'('. $form->{VC_OBJ}->name .')' if $form->{VC_OBJ}; + $form->{longdescription_dialog_size_percentage} = SL::Helper::UserPreferences::DisplayPreferences->new()->get_longdescription_dialog_size_percentage(); $::request->{layout}->use_javascript(map { "${_}.js" } qw(kivi.File kivi.MassDeliveryOrderPrint kivi.SalesPurchase kivi.Part kivi.CustomerVendor kivi.Validator ckeditor/ckeditor ckeditor/adapters/jquery kivi.io)); @@ -548,8 +586,12 @@ sub update_delivery_order { if (($form->{"previous_${vc}_id"} || $form->{"${vc}_id"}) != $form->{"${vc}_id"}) { $::form->{salesman_id} = SL::DB::Manager::Employee->current->id if exists $::form->{salesman_id}; - IS->get_customer(\%myconfig, $form) if $vc eq 'customer'; - IR->get_vendor(\%myconfig, $form) if $vc eq 'vendor'; + if ($vc eq 'customer') { + IS->get_customer(\%myconfig, $form); + $::form->{billing_address_id} = $::form->{default_billing_address_id}; + } else { + IR->get_vendor(\%myconfig, $form); + } } $form->{discount} = $form->{"$form->{vc}_discount"} if defined $form->{"$form->{vc}_discount"}; @@ -881,7 +923,9 @@ sub orders { 'align' => 'center', }; - $row->{donumber}->{link} = $edit_url . "&id=" . E($dord->{id}) . "&callback=${callback}"; + $row->{donumber}->{link} = SL::DB::DeliveryOrder::TypeData::get3($dord->{order_type}, "show_menu", "new_controller") + ? SL::Controller::DeliveryOrder->url_for(action => "edit", id => $dord->{id}, type => $dord->{order_type}) + : $edit_url . "&id=" . E($dord->{id}) . "&callback=${callback}"; $row->{ordnumber}->{link} = $edit_order_url . "&id=" . E($dord->{oe_id}) . "&callback=${callback}" if $dord->{oe_id}; $report->add_data($row); @@ -900,7 +944,7 @@ sub save { my (%params) = @_; - check_do_access(); + check_do_access_for_edit(); my $form = $main::form; my %myconfig = %main::myconfig; @@ -935,8 +979,12 @@ sub save { if (($form->{"previous_${vc}_id"} || $form->{"${vc}_id"}) != $form->{"${vc}_id"}) { $::form->{salesman_id} = SL::DB::Manager::Employee->current->id if exists $::form->{salesman_id}; - IS->get_customer(\%myconfig, $form) if $vc eq 'customer'; - IR->get_vendor(\%myconfig, $form) if $vc eq 'vendor'; + if ($vc eq 'customer') { + IS->get_customer(\%myconfig, $form); + $::form->{billing_address_id} = $::form->{default_billing_address_id}; + } else { + IR->get_vendor(\%myconfig, $form); + } update(); $::dispatcher->end_request; @@ -978,7 +1026,7 @@ sub save { sub delete { $main::lxdebug->enter_sub(); - check_do_access(); + check_do_access_for_edit(); my $form = $main::form; my %myconfig = %main::myconfig; @@ -1004,7 +1052,7 @@ sub delete { sub delete_transfers { $main::lxdebug->enter_sub(); - check_do_access(); + check_do_access_for_edit(); my $form = $main::form; my %myconfig = %main::myconfig; @@ -1258,7 +1306,7 @@ sub invoice_multi { sub save_as_new { $main::lxdebug->enter_sub(); - check_do_access(); + check_do_access_for_edit(); my $form = $main::form; @@ -1775,7 +1823,7 @@ sub mark_closed { sub display_form { $::lxdebug->enter_sub; - $::auth->assert('purchase_delivery_order_edit | sales_delivery_order_edit'); + check_do_access(); relink_accounts(); retrieve_partunits();