From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Tue, 22 Jul 2008 09:50:02 +0000 (+0000)
Subject: Berechtigungsprüfung bei den Buttons "Speichern und ..." in den Kunden-/Lieferantenst... 
X-Git-Tag: release-2.6.0beta1~45
X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=63bbdf6f7785384051cdb61b6ef906e4344f48b6;p=kivitendo-erp.git

Berechtigungsprüfung bei den Buttons "Speichern und ..." in den Kunden-/Lieferantenstammdaten korrigiert.
---

diff --git a/bin/mozilla/ct.pl b/bin/mozilla/ct.pl
index 29a0283cd..3b8a459b0 100644
--- a/bin/mozilla/ct.pl
+++ b/bin/mozilla/ct.pl
@@ -314,7 +314,9 @@ sub form_footer {
 sub add_transaction {
   $lxdebug->enter_sub();
 
-  $auth->assert('customer_vendor_edit & general_ledger');
+  $auth->assert('customer_vendor_edit & ' .
+                '(general_ledger         | invoice_edit         | vendor_invoice_edit | ' .
+                ' request_quotation_edit | sales_quotation_edit | sales_order_edit    | purchase_order_edit)');
 
 #  # saving the history
 #  if(!exists $form->{addition}) {
@@ -435,7 +437,11 @@ sub save_and_quotation {
 sub save_and_order {
   $lxdebug->enter_sub();
 
-  $auth->assert('customer_vendor_edit & sales_order_edit');
+  if ($form->{db} eq 'customer') {
+    $auth->assert('customer_vendor_edit & sales_order_edit');
+  } else {
+    $auth->assert('customer_vendor_edit & purchase_order_edit');
+  }
 
   $form->{script} = "oe.pl";
   $form->{type}   =