Hintergrund ist, daß es derzeit z.B. möglich ist, daß Benutzer die nur
Rechte haben um Angebote zu sehen, über die verknüpften Belege eine
Übersicht über alle anderen Belege aus dem Workflow, bis hin zur
Rechnung zu sehen. Zumindest eine Zusammenfassung (Datum, Beträge), ohne
jedoch die Belege öffnen zu können. Dies ist aber nicht immer gewünscht,
daher kann man jetzt die Reiter für verknüpfte Belege komplett
ausblenden.
Eine bessere Lösung wäre nur die Belege anzuzeigen, für die der Benutzer
auch Bearbeitungsrechte hat.
scalar => [ qw(object object_model object_id link_type link_direction link_type_desc) ],
);
scalar => [ qw(object object_model object_id link_type link_direction link_type_desc) ],
);
+__PACKAGE__->run_before('check_auth');
__PACKAGE__->run_before('check_object_params', only => [ qw(ajax_list ajax_delete ajax_add_select_type ajax_add_filter ajax_add_list ajax_add_do) ]);
__PACKAGE__->run_before('check_link_params', only => [ qw( ajax_add_list ajax_add_do) ]);
__PACKAGE__->run_before('check_object_params', only => [ qw(ajax_list ajax_delete ajax_add_select_type ajax_add_filter ajax_add_list ajax_add_do) ]);
__PACKAGE__->run_before('check_link_params', only => [ qw( ajax_add_list ajax_add_do) ]);
+sub check_auth {
+ $::auth->assert('record_links');
+}
+
# Veränderungen von kivitendo #
###############################
# Veränderungen von kivitendo #
###############################
+2016-xx-xx - Release 3.4.x Unstable
+
+ - Neues Recht "Verknüpfte Belege", standardmäßig erlaubt. Betrifft alle
+ Belege und die Projektstammdaten
+
2016-07-05 - Release 3.4.1
kleinere neue Features und Detailverbesserungen:
2016-07-05 - Release 3.4.1
kleinere neue Features und Detailverbesserungen:
- Bugfix #165 inventory.shippingdate wird nicht konsequent benutzt
- Bugfix #166 Presenter Links gehen im ReportGenerator Export kaputt
- Bugfix #165 inventory.shippingdate wird nicht konsequent benutzt
- Bugfix #166 Presenter Links gehen im ReportGenerator Export kaputt
-2016-03-12 - Release 3.4.0
--- /dev/null
+# @tag: record_links_rights
+# @description: Setzt das Recht um den Tab verknüpfte Belege zu sehen, per Default erlaubt (wie vorher auch)
+# @depends: release_3_4_0 master_rights_position_gaps
+package SL::DBUpgrade2::record_links_rights;
+
+use strict;
+use utf8;
+
+use parent qw(SL::DBUpgrade2::Base);
+
+use SL::DBUtils;
+
+sub run {
+ my ($self) = @_;
+
+ $self->db_query("INSERT INTO auth.master_rights (position, name, description) VALUES ( 4750, 'record_links', 'Linked Records')");
+
+ my $groups = $main::auth->read_groups();
+
+ foreach my $group (values %{$groups}) {
+ $group->{rights}->{record_links} = 1;
+ $main::auth->save_group($group);
+ }
+
+ return 1;
+} # end run
+
+1;
<ul>
<li><a href="#ui-tabs-basic-data">[% 'Basic Data' | $T8 %]</a></li>
[%- IF id %]
<ul>
<li><a href="#ui-tabs-basic-data">[% 'Basic Data' | $T8 %]</a></li>
[%- IF id %]
+ [%- IF AUTH.assert('record_links', 1) %]
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=PurchaseInvoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=PurchaseInvoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
</ul>
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
</ul>
<ul>
<li><a href="#ui-tabs-basic-data">[% 'Basic Data' | $T8 %]</a></li>
[%- IF id %]
<ul>
<li><a href="#ui-tabs-basic-data">[% 'Basic Data' | $T8 %]</a></li>
[%- IF id %]
+ [% IF AUTH.assert('record_links', 1) %]
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=Invoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=Invoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
</ul>
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
</ul>
[%- IF INSTANCE_CONF.get_webdav %]
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
[%- IF INSTANCE_CONF.get_webdav %]
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
+[%- IF id AND AUTH.assert('record_links', 1) %]
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=DeliveryOrder&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
[%- END %]
</ul>
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=DeliveryOrder&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
[%- END %]
</ul>
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
[%- IF id %]
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
[%- IF id %]
+ [%- IF AUTH.assert('record_links', 1) %]
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=PurchaseInvoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=PurchaseInvoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
</ul>
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
</ul>
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
[%- IF id %]
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
[%- IF id %]
+ [%- IF AUTH.assert('record_links', 1) %]
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=Invoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=Invoice&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
[%- IF AUTH.assert('general_ledger', 1) %]
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
[%- IF AUTH.assert('general_ledger', 1) %]
<li><a href="[% 'controller.pl?action=AccTrans/list_transactions&trans_id=' _ HTML.url(id) | html %]">[% LxERP.t8('Transactions') %]</a></li>
[%- END %]
[%- IF INSTANCE_CONF.get_webdav %]
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
[%- IF INSTANCE_CONF.get_webdav %]
<li><a href="#ui-tabs-webdav">[% 'WebDAV' | $T8 %]</a></li>
[%- END %]
+[%- IF id AND AUTH.assert('record_links', 1) %]
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=Order&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
[%- END %]
</ul>
<li><a href="controller.pl?action=RecordLinks/ajax_list&object_model=Order&object_id=[% HTML.url(id) %]">[% 'Linked Records' | $T8 %]</a></li>
[%- END %]
</ul>
[%- IF CUSTOM_VARIABLES.size %]
<li><a href="#custom_variables">[% 'Custom Variables' | $T8 %]</a></li>
[%- END %]
[%- IF CUSTOM_VARIABLES.size %]
<li><a href="#custom_variables">[% 'Custom Variables' | $T8 %]</a></li>
[%- END %]
- [%- IF SELF.project.id %]
+ [%- IF SELF.project.id and AUTH.assert('record_links', 1) %]
<li><a href="#linked_records">[% 'Linked Records' | $T8 %]</a></li>
[%- END %]
</ul>
<li><a href="#linked_records">[% 'Linked Records' | $T8 %]</a></li>
[%- END %]
</ul>
- [%- IF SELF.project.id %]
+ [%- IF SELF.project.id and AUTH.assert('record_links', 1) %]
<div id="linked_records">
[%- PROCESS 'project/_linked_records.html' records=SELF.linked_records %]
</div>
<div id="linked_records">
[%- PROCESS 'project/_linked_records.html' records=SELF.linked_records %]
</div>
projects / kivitendo-erp.git / commitdiff