X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=bin%2Fmozilla%2Fis.pl;h=76d4b3edbca01d284e4667aeba1f39422915d964;hb=844a541e0d8f59644540413f675e8f07cd154cf6;hp=2d196cc2b40f4f85d7f1edd697401cb801f944fa;hpb=1a9f445680c2505fc7460a285e5a3d56b616600a;p=kivitendo-erp.git diff --git a/bin/mozilla/is.pl b/bin/mozilla/is.pl index 2d196cc2b..76d4b3edb 100644 --- a/bin/mozilla/is.pl +++ b/bin/mozilla/is.pl @@ -43,6 +43,7 @@ use List::Util qw(max sum); use List::UtilsBy qw(sort_by); use English qw(-no_match_vars); +use SL::DB::BankTransactionAccTrans; use SL::DB::Default; use SL::DB::Customer; use SL::DB::Department; @@ -58,6 +59,20 @@ use strict; # end of main +sub _may_view_or_edit_this_invoice { + return 1 if $::auth->assert('invoice_edit', 1); # may edit all invoices + return 0 if !$::form->{id}; # creating new invoices isn't allowed without invoice_edit + return 0 if !$::form->{globalproject_id}; # existing records without a project ID are not allowed + return SL::DB::Project->new(id => $::form->{globalproject_id})->load->may_employee_view_project_invoices(SL::DB::Manager::Employee->current); +} + +sub _assert_access { + my $cache = $::request->cache('is.pl::_assert_access'); + + $cache->{_may_view_or_edit_this_invoice} = _may_view_or_edit_this_invoice() if !exists $cache->{_may_view_or_edit_this_invoice}; + $::form->show_generic_error($::locale->text("You do not have the permissions to access this function.")) if ! $cache->{_may_view_or_edit_this_invoice}; +} + sub add { $main::lxdebug->enter_sub(); @@ -82,7 +97,7 @@ sub add { $form->{callback} = "$form->{script}?action=add&type=$form->{type}" unless $form->{callback}; - &invoice_links; + invoice_links(is_new => 1); &prepare_invoice; &display_form; @@ -92,11 +107,13 @@ sub add { sub edit { $main::lxdebug->enter_sub(); + # Delay access check to after the invoice's been loaded in + # "invoice_links" so that project-specific invoice rights can be + # evaluated. + my $form = $main::form; my $locale = $main::locale; - $main::auth->assert('invoice_edit'); - $form->{show_details} = $::myconfig{show_form_details}; $form->{taxincluded_changed_by_user} = 1; @@ -134,16 +151,20 @@ sub edit { sub invoice_links { $main::lxdebug->enter_sub(); + # Delay access check to after the invoice's been loaded so that + # project-specific invoice rights can be evaluated. + + my %params = @_; my $form = $main::form; my %myconfig = %main::myconfig; - $main::auth->assert('invoice_edit'); - $form->{vc} = 'customer'; # create links $form->create_links("AR", \%myconfig, "customer"); + _assert_access(); + my $editing = $form->{id}; $form->backup_vars(qw(payment_id language_id taxzone_id salesman_id @@ -152,6 +173,8 @@ sub invoice_links { IS->get_customer(\%myconfig, \%$form); + $form->{billing_address_id} = $form->{default_billing_address_id} if $params{is_new}; + $form->restore_vars(qw(id)); IS->retrieve_invoice(\%myconfig, \%$form); @@ -206,11 +229,11 @@ sub invoice_links { sub prepare_invoice { $main::lxdebug->enter_sub(); + _assert_access(); + my $form = $main::form; my %myconfig = %main::myconfig; - $main::auth->assert('invoice_edit'); - if ($form->{type} eq "credit_note") { $form->{type} = "credit_note"; $form->{formname} = "credit_note"; @@ -256,14 +279,27 @@ sub setup_is_action_bar { my $form = $::form; my $change_never = $::instance_conf->get_is_changeable == 0; my $change_on_same_day_only = $::instance_conf->get_is_changeable == 2 && ($form->current_date(\%::myconfig) ne $form->{gldate}); - my @req_trans_desc = qw(kivi.SalesPurchase.check_transaction_description) x!!$::instance_conf->get_require_transaction_description_ps; - + my $payments_balanced = ($::form->{oldtotalpaid} == 0); + my $has_storno = ($::form->{storno} && !$::form->{storno_id}); + my $may_edit_create = $::auth->assert('invoice_edit', 1); + my ($is_linked_bank_transaction, $warn_unlinked_delivery_order); + if ($::form->{id} + && SL::DB::Default->get->payments_changeable != 0 + && SL::DB::Manager::BankTransactionAccTrans->find_by(ar_id => $::form->{id})) { + + $is_linked_bank_transaction = 1; + } + if ($::instance_conf->get_warn_no_delivery_order_for_invoice && !$form->{id}) { + $warn_unlinked_delivery_order = 1 unless $form->{convert_from_do_ids}; + } for my $bar ($::request->layout->get('actionbar')) { $bar->add( action => [ t8('Update'), submit => [ '#form', { action => "update" } ], - disabled => $form->{locked} ? t8('The billing period has already been locked.') : undef, + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : $form->{locked} ? t8('The billing period has already been locked.') + : undef, id => 'update_button', accesskey => 'enter', ], @@ -272,23 +308,31 @@ sub setup_is_action_bar { action => [ t8('Post'), submit => [ '#form', { action => "post" } ], - checks => [ @req_trans_desc ], - disabled => $form->{locked} ? t8('The billing period has already been locked.') + checks => [ 'kivi.validate_form' ], + confirm => t8('The invoice is not linked with a sales delivery order. Post anyway?') x !!$warn_unlinked_delivery_order, + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : $form->{locked} ? t8('The billing period has already been locked.') : $form->{storno} ? t8('A canceled invoice cannot be posted.') : ($form->{id} && $change_never) ? t8('Changing invoices has been disabled in the configuration.') : ($form->{id} && $change_on_same_day_only) ? t8('Invoices can only be changed on the day they are posted.') + : $is_linked_bank_transaction ? t8('This transaction is linked with a bank transaction. Please undo and redo the bank transaction booking if needed.') : undef, ], action => [ t8('Post Payment'), submit => [ '#form', { action => "post_payment" } ], - checks => [ @req_trans_desc ], - disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef, + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : !$form->{id} ? t8('This invoice has not been posted yet.') + : $is_linked_bank_transaction ? t8('This transaction is linked with a bank transaction. Please undo and redo the bank transaction booking if needed.') + : undef, ], action => [ t8('Mark as paid'), submit => [ '#form', { action => "mark_as_paid" } ], confirm => t8('This will remove the invoice from showing as unpaid even if the unpaid amount does not match the amount. Proceed?'), - disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef, + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : !$form->{id} ? t8('This invoice has not been posted yet.') + : undef, only_if => $::instance_conf->get_is_show_mark_as_paid, ], ], # end of combobox "Post" @@ -297,17 +341,24 @@ sub setup_is_action_bar { action => [ t8('Storno'), submit => [ '#form', { action => "storno" } ], confirm => t8('Do you really want to cancel this invoice?'), - checks => [ @req_trans_desc ], - disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef, + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : !$form->{id} ? t8('This invoice has not been posted yet.') + : $form->{storno} ? t8('Cannot storno storno invoice!') + : $form->{locked} ? t8('The billing period has already been locked.') + : !$payments_balanced ? t8('Cancelling is disallowed. Either undo or balance the current payments until the open amount matches the invoice amount') + : undef, ], action => [ t8('Delete'), submit => [ '#form', { action => "delete" } ], confirm => t8('Do you really want to delete this object?'), - checks => [ @req_trans_desc ], - disabled => !$form->{id} ? t8('This invoice has not been posted yet.') + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : !$form->{id} ? t8('This invoice has not been posted yet.') : $form->{locked} ? t8('The billing period has already been locked.') : $change_never ? t8('Changing invoices has been disabled in the configuration.') : $change_on_same_day_only ? t8('Invoices can only be changed on the day they are posted.') + : $has_storno ? t8('Can only delete the "Storno zu" part of the cancellation pair.') : undef, ], ], # end of combobox "Storno" @@ -319,19 +370,25 @@ sub setup_is_action_bar { action => [ t8('Use As New'), submit => [ '#form', { action => "use_as_new" } ], - disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef, + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : !$form->{id} ? t8('This invoice has not been posted yet.') + : undef, ], action => [ t8('Credit Note'), submit => [ '#form', { action => "credit_note" } ], - checks => [ @req_trans_desc ], - disabled => $form->{type} eq "credit_note" ? t8('Credit notes cannot be converted into other credit notes.') + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : $form->{type} eq "credit_note" ? t8('Credit notes cannot be converted into other credit notes.') : !$form->{id} ? t8('This invoice has not been posted yet.') + : $form->{storno} ? t8('A canceled invoice cannot be used. Please undo the cancellation first.') : undef, ], action => [ t8('Sales Order'), submit => [ '#form', { action => "order" } ], + checks => [ 'kivi.validate_form' ], disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef, ], ], # end of combobox "Workflow" @@ -341,13 +398,30 @@ sub setup_is_action_bar { action => [ ($form->{id} ? t8('Print') : t8('Preview')), call => [ 'kivi.SalesPurchase.show_print_dialog', $form->{id} ? 'print' : 'preview' ], - checks => [ @req_trans_desc ], - disabled => !$form->{id} && $form->{locked} ? t8('The billing period has already been locked.') : undef, + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You must not print this invoice.') + : !$form->{id} && $form->{locked} ? t8('The billing period has already been locked.') + : undef, + ], + action => [ t8('Print and Post'), + call => [ 'kivi.SalesPurchase.show_print_dialog', 'print_and_post' ], + checks => [ 'kivi.validate_form' ], + confirm => t8('The invoice is not linked with a sales delivery order. Post anyway?') x !!$warn_unlinked_delivery_order, + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : $form->{locked} ? t8('The billing period has already been locked.') + : $form->{storno} ? t8('A canceled invoice cannot be posted.') + : ($form->{id} && $change_never) ? t8('Changing invoices has been disabled in the configuration.') + : ($form->{id} && $change_on_same_day_only) ? t8('Invoices can only be changed on the day they are posted.') + : $is_linked_bank_transaction ? t8('This transaction is linked with a bank transaction. Please undo and redo the bank transaction booking if needed.') + : undef, ], action => [ t8('E Mail'), call => [ 'kivi.SalesPurchase.show_email_dialog' ], - checks => [ @req_trans_desc ], - disabled => !$form->{id} ? t8('This invoice has not been posted yet.') : undef, + checks => [ 'kivi.validate_form' ], + disabled => !$may_edit_create ? t8('You must not print this invoice.') + : !$form->{id} ? t8('This invoice has not been posted yet.') + : $form->{postal_invoice} ? t8('This customer wants a postal invoices.') + : undef, ], ], # end of combobox "Export" @@ -366,33 +440,41 @@ sub setup_is_action_bar { action => [ t8('Drafts'), call => [ 'kivi.Draft.popup', 'is', 'invoice', $form->{draft_id}, $form->{draft_description} ], - disabled => $form->{id} ? t8('This invoice has already been posted.') - : $form->{locked} ? t8('The billing period has already been locked.') - : undef, + disabled => !$may_edit_create ? t8('You must not change this invoice.') + : $form->{id} ? t8('This invoice has already been posted.') + : $form->{locked} ? t8('The billing period has already been locked.') + : undef, ], ], # end of combobox "more" ); } + $::request->layout->add_javascripts('kivi.Validator.js'); } sub form_header { $main::lxdebug->enter_sub(); + _assert_access(); + my $form = $main::form; my %myconfig = %main::myconfig; my $locale = $main::locale; my $cgi = $::request->{cgi}; - $main::auth->assert('invoice_edit'); - my %TMPL_VAR = (); my @custom_hiddens; $TMPL_VAR{customer_obj} = SL::DB::Customer->load_cached($form->{customer_id}) if $form->{customer_id}; $TMPL_VAR{invoice_obj} = SL::DB::Invoice->load_cached($form->{id}) if $form->{id}; - $form->{employee_id} = $form->{old_employee_id} if $form->{old_employee_id}; - $form->{salesman_id} = $form->{old_salesman_id} if $form->{old_salesman_id}; + # only print, no mail + $form->{postal_invoice} = $TMPL_VAR{customer_obj}->postal_invoice if ref $TMPL_VAR{customer_obj} eq 'SL::DB::Customer'; + + my $current_employee = SL::DB::Manager::Employee->current; + $form->{employee_id} = $form->{old_employee_id} if $form->{old_employee_id}; + $form->{salesman_id} = $form->{old_salesman_id} if $form->{old_salesman_id}; + $form->{employee_id} ||= $current_employee->id; + $form->{salesman_id} ||= $current_employee->id; $form->{defaultcurrency} = $form->get_default_currency(\%myconfig); @@ -401,6 +483,7 @@ sub form_header { "price_factors" => "ALL_PRICE_FACTORS"); $form->{ALL_DEPARTMENTS} = SL::DB::Manager::Department->get_all_sorted; + $form->{ALL_LANGUAGES} = SL::DB::Manager::Language->get_all_sorted; # Projects my @old_project_ids = uniq grep { $_ } map { $_ * 1 } ($form->{"globalproject_id"}, map { $form->{"project_id_$_"} } 1..$form->{"rowcount"}); @@ -472,9 +555,9 @@ sub form_header { invoice_id show_details ), @custom_hiddens, - map { $_.'_rate', $_.'_description', $_.'_taxnumber' } split / /, $form->{taxaccounts}]; + map { $_.'_rate', $_.'_description', $_.'_taxnumber', $_.'_tax_id' } split / /, $form->{taxaccounts}]; - $::request->{layout}->use_javascript(map { "${_}.js" } qw(kivi.Draft kivi.File kivi.SalesPurchase kivi.Part ckeditor/ckeditor ckeditor/adapters/jquery kivi.io autocomplete_customer client_js)); + $::request->{layout}->use_javascript(map { "${_}.js" } qw(kivi.Draft kivi.File kivi.SalesPurchase kivi.Part kivi.CustomerVendor kivi.Validator ckeditor/ckeditor ckeditor/adapters/jquery kivi.io client_js)); $TMPL_VAR{payment_terms_obj} = get_payment_terms_for_invoice(); $form->{duedate} = $TMPL_VAR{payment_terms_obj}->calc_date(reference_date => $form->{invdate}, due_date => $form->{duedate})->to_kivitendo if $TMPL_VAR{payment_terms_obj}; @@ -510,20 +593,14 @@ sub _sort_payments { sub form_footer { $main::lxdebug->enter_sub(); + _assert_access(); + my $form = $main::form; my %myconfig = %main::myconfig; my $locale = $main::locale; - $main::auth->assert('invoice_edit'); - $form->{invtotal} = $form->{invsubtotal}; - # note rows - $form->{rows} = max 2, - $form->numtextrows($form->{notes}, 26, 8), - $form->numtextrows($form->{intnotes}, 35, 8); - - # tax, total and subtotal calculations my ($tax, $subtotal); $form->{taxaccounts_array} = [ split(/ /, $form->{taxaccounts}) ]; @@ -599,6 +676,12 @@ sub form_footer { $form->{ALL_DELIVERY_TERMS} = SL::DB::Manager::DeliveryTerm->get_all_sorted(); + my $shipto_cvars = SL::DB::Shipto->new->cvars_by_config; + foreach my $var (@{ $shipto_cvars }) { + my $name = "shiptocvar_" . $var->config->name; + $var->value($form->{$name}) if exists $form->{$name}; + } + print $form->parse_html_template('is/form_footer', { is_type_credit_note => ($form->{type} eq "credit_note"), totalpaid => $totalpaid, @@ -610,6 +693,7 @@ sub form_footer { : ($::instance_conf->get_is_changeable == 1), today => DateTime->today, vc_obj => $form->{customer_id} ? SL::DB::Customer->load_cached($form->{customer_id}) : undef, + shipto_cvars => $shipto_cvars, }); ##print $form->parse_html_template('is/_payments'); # parser ##print $form->parse_html_template('webdav/_list'); # parser @@ -635,11 +719,11 @@ sub show_draft { sub update { $main::lxdebug->enter_sub(); + _assert_access(); + my $form = $main::form; my %myconfig = %main::myconfig; - $main::auth->assert('invoice_edit'); - my ($recursive_call) = @_; $form->{print_and_post} = 0 if $form->{second_run}; @@ -650,6 +734,7 @@ sub update { $::form->{salesman_id} = SL::DB::Manager::Employee->current->id if exists $::form->{salesman_id}; IS->get_customer(\%myconfig, $form); + $::form->{billing_address_id} = $::form->{default_billing_address_id}; } $form->{taxincluded} ||= $taxincluded; @@ -662,10 +747,7 @@ sub update { for my $i (1 .. $form->{paidaccounts}) { next unless $form->{"paid_$i"}; - map { $form->{"${_}_$i"} = $form->parse_amount(\%myconfig, $form->{"${_}_$i"}) } qw(paid exchangerate); - if (!$form->{"forex_$i"}) { #read exchangerate from input field (not hidden) - $form->{exchangerate} = $form->{"exchangerate_$i"}; - } + map { $form->{"${_}_$i"} = $form->parse_amount(\%myconfig, $form->{"${_}_$i"}) } qw(paid exchangerate); $form->{"forex_$i"} = $form->check_exchangerate(\%myconfig, $form->{currency}, $form->{"datepaid_$i"}, 'buy'); $form->{"exchangerate_$i"} = $form->{"forex_$i"} if $form->{"forex_$i"}; } @@ -760,7 +842,7 @@ sub update { # ask if it is a part or service item if ( $form->{"partsgroup_$i"} - && ($form->{"partsnumber_$i"} eq "") + && ($form->{"partnumber_$i" } eq "") && ($form->{"description_$i"} eq "")) { $form->{rowcount}--; $form->{"discount_$i"} = ""; @@ -1157,7 +1239,7 @@ sub credit_note { sub display_form { $::lxdebug->enter_sub; - $::auth->assert('invoice_edit'); + _assert_access(); relink_accounts();