From 6162711f226c398c071d1479442c04504fcd54b5 Mon Sep 17 00:00:00 2001 From: "G. Richardson" Date: Tue, 15 Dec 2015 12:35:34 +0100 Subject: [PATCH] =?utf8?q?Bei=20Kunden/Lieferanten=20Recht=20customer=5Fve?= =?utf8?q?ndor=5Fall=5Fedit=20pr=C3=BCfen=202?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Nachschlag zu 826f6eb2b3e , das Wichtigste wurde vergessen. Beim Öffnen / Verändern / Speichern von Kunden prüfen, ob Verkäufer mit Bearbeiter übereinstimmt, wenn Benutzer nicht das Recht customer_vendor_all_edit hat. --- SL/Controller/CustomerVendor.pm | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/SL/Controller/CustomerVendor.pm b/SL/Controller/CustomerVendor.pm index f77c65e20..625ec62e0 100644 --- a/SL/Controller/CustomerVendor.pm +++ b/SL/Controller/CustomerVendor.pm @@ -826,6 +826,16 @@ sub _load_customer_vendor { } } +sub _check_customer_vendor_all_edit { + my ($self) = @_; + + unless ($::auth->assert('customer_vendor_all_edit', 1)) { + die($::locale->text("You don't have the rights to edit this customer.") . "\n") + if $self->{cv}->is_customer and + SL::DB::Manager::Employee->current->id != $self->{cv}->salesman_id; + }; +}; + sub _create_customer_vendor { my ($self) = @_; -- 2.20.1