Benutzerverwaltung im Bereich Verkauf -> Ansicht nur auf eigene Verkaufsdokumente...

diff --git a/SL/AR.pm b/SL/AR.pm
index 7d03783..8cc5ea6 100644 (file)
--- a/SL/AR.pm
+++ b/SL/AR.pm
@@ -480,6 +480,10 @@ sub ar_transactions {
     }
   }
 
+ if (!$main::auth->assert('sales_all_edit', 1)) {
+    $where .= " AND a.employee_id = (select id from employee where login= ?)";
+    push (@values, $form->{login});
+  }
   my @a = qw(transdate invnumber name);
   push @a, "employee" if $form->{l_employee};
   my $sortdir   = !defined $form->{sortdir} ? 'ASC' : $form->{sortdir} ? 'ASC' : 'DESC';

diff --git a/SL/Auth.pm b/SL/Auth.pm
index af19e71..4b6f2fa 100644 (file)
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -654,6 +654,7 @@ sub all_rights_full {
     ["sales_delivery_order_edit",      $locale->text("Create and edit sales delivery orders")],
     ["invoice_edit",                   $locale->text("Create and edit invoices and credit notes")],
     ["dunning_edit",                   $locale->text("Create and edit dunnings")],
+    ["sales_all_edit",                 $locale->text("View/edit all employees sales documents")],
     ["--ap",                           $locale->text("AP")],
     ["request_quotation_edit",         $locale->text("Create and edit RFQs")],
     ["purchase_order_edit",            $locale->text("Create and edit purchase orders")],

diff --git a/SL/DO.pm b/SL/DO.pm
index 092fd0b..73314bc 100644 (file)
--- a/SL/DO.pm
+++ b/SL/DO.pm
@@ -104,6 +104,10 @@ sub transactions {
     push @where, "dord.$item = ?";
     push @values, conv_i($form->{$item});
   }
+  if (!$main::auth->assert('sales_all_edit', 1)) {
+    push @where, qq|dord.employee_id = (select id from employee where login= ?)|;
+    push @values, $form->{login};
+  }
 
   foreach my $item (qw(donumber ordnumber cusordnumber transaction_description)) {
     next unless ($form->{$item});

diff --git a/SL/OE.pm b/SL/OE.pm
index b1e1f9f..6cc4a50 100644 (file)
--- a/SL/OE.pm
+++ b/SL/OE.pm
@@ -122,6 +122,10 @@ SQL
     push(@values, '%' . $form->{$vc} . '%');
   }
 
+  if (!$main::auth->assert('sales_all_edit', 1)) {
+    $query .= " AND o.employee_id = (select id from employee where login= ?)";
+    push @values, $form->{login};
+  }
   if ($form->{employee_id}) {
     $query .= " AND o.employee_id = ?";
     push @values, conv_i($form->{employee_id});

diff --git a/bin/mozilla/ct.pl b/bin/mozilla/ct.pl
index c3d0955..8abe73a 100644 (file)
--- a/bin/mozilla/ct.pl
+++ b/bin/mozilla/ct.pl
@@ -662,6 +662,7 @@ sub get_delivery {
   $main::lxdebug->enter_sub();
 
   $main::auth->assert('customer_vendor_edit');
+  $main::auth->assert('sales_all_edit');
 
   my $form     = $main::form;
   my %myconfig = %main::myconfig;

diff --git a/locale/de/all b/locale/de/all
index 305a847..0bdf41d 100644 (file)
--- a/locale/de/all
+++ b/locale/de/all
@@ -1784,6 +1784,7 @@ $self->{texts} = {
   'View License'                => 'Lizenz ansehen',
   'View SEPA export'            => 'SEPA-Export-Details ansehen',
   'View warehouse content'      => 'Lagerbestand ansehen',
+  'View/edit all employees sales documents' => 'Bearbeiten/ansehen der Verkaufsdokumente aller Mitarbeiter',
   'Von Konto: '                 => 'von Konto: ',
   'WEBDAV access'               => 'WEBDAV-Zugriff',
   'WHJournal'                   => 'Lagerbuchungen',

diff --git a/sql/Pg-upgrade2/auth_enable_sales_all_edit.pl b/sql/Pg-upgrade2/auth_enable_sales_all_edit.pl
new file mode 100644 (file)
index 0000000..e223cd8
--- /dev/null
+++ b/sql/Pg-upgrade2/auth_enable_sales_all_edit.pl
@@ -0,0 +1,52 @@
+# @tag: auth_enable_sales_all_edit
+# @description: Neues gruppenbezogenes Recht für den Bereich Verkauf hinzugefügt (sales_all_edit := Nur wenn angehakt, können Verkaufsdokumente von anderen Bearbeitern eingesehen werden) Das Skript hakt standardmässig dieses Recht an, sodass es keinen Unterschied zu vorhergehenden Version gibt.
+# @depends: release_2_6_0
+# @charset: utf-8
+
+use strict;
+use Data::Dumper;
+die("This script cannot be run from the command line.") unless ($main::form);
+
+sub mydberror {
+  my ($msg) = @_;
+  die($dbup_locale->text("Database update error:") .
+      "<br>$msg<br>" . $DBI::errstr);
+}
+
+sub do_query {
+  my ($query, $may_fail) = @_;
+
+  if (!$dbh->do($query)) {
+    mydberror($query) unless ($may_fail);
+    $dbh->rollback();
+    $dbh->begin_work();
+  }
+}
+
+sub do_update {
+  my @queries;
+
+#  do_query("ALTER TABLE project ADD PRIMARY KEY (id);", 1);
+#  map({ do_query($_, 0); } @queries);
+#  print "hieryy";
+#  print (Dumper($main::form));
+  my $dbh = $main::auth->dbconnect();
+  my $query = qq|SELECT distinct group_id from auth.user_group|;
+  my $sth_all_groups = prepare_execute_query($form, $dbh, $query);
+  while (my $hash_ref = $sth_all_groups->fetchrow_hashref()) {  # Schleife
+    push @queries, "INSERT INTO auth.group_rights (group_id, \"right\", granted) VALUES (" . $hash_ref->{group_id} . ", 'sales_all_edit', 't')";
+}
+# if in doubt use brute force ;-) jb
+  foreach my $query (@queries){
+#    print "hier:" . $query;
+    my $dbh = $main::auth->dbconnect();
+    my $sth   = prepare_query($form, $dbh, $query);
+    do_statement($form,$sth,$query);
+    $sth->finish();
+    $dbh ->commit();
+}
+  return 1;
+}
+
+return do_update();
+