- unless ($::auth->assert('customer_vendor_all_edit', 1)) {
- die($::locale->text("You don't have the rights to edit this customer.") . "\n")
- if $self->{cv}->is_customer and
- SL::DB::Manager::Employee->current->id != $self->{cv}->salesman_id;
- };
-};
+ my $is_new = !$self->{cv} || !$self->{cv}->id;
+ my $is_own_customer = !$is_new
+ && $self->{cv}->is_customer
+ && (SL::DB::Manager::Employee->current->id == $self->{cv}->salesman_id);
+ my $has_edit_rights = $::auth->assert('customer_vendor_all_edit', 1);
+ $has_edit_rights ||= $::auth->assert('customer_vendor_edit', 1) && ($is_new || $is_own_customer);
+ my $needs_edit_rights = $action =~ m{^(?:add|save|delete|update)};
+
+ $self->user_has_edit_rights($has_edit_rights);
+
+ return 1 if $has_edit_rights;
+ return 0 if $needs_edit_rights;
+ return 1;
+}
+
+sub _check_auth {
+ my ($self, $action) = @_;
+
+ if (!$self->_may_access_action($action)) {
+ $::auth->deny_access;
+ }
+}