X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/3ced230b9d35b6f2665162d6789af124431f23aa..8c7e44938a661e035f62840e1e177353240ace5d:/bin/mozilla/am.pl diff --git a/bin/mozilla/am.pl b/bin/mozilla/am.pl index fbb5cfd3e..51f8f6981 100644 --- a/bin/mozilla/am.pl +++ b/bin/mozilla/am.pl @@ -31,6 +31,7 @@ # #====================================================================== +use SL::Auth; use SL::AM; use SL::CA; use SL::Form; @@ -57,13 +58,13 @@ sub continue { call_sub($form->{"nextsub"}); } sub add_account { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Add"; $form->{charttype} = "A"; AM->get_account(\%myconfig, \%$form); - $form->{callback} = - "$form->{script}?action=list_account&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=list_account" unless $form->{callback}; &account_header; &form_footer; @@ -74,6 +75,8 @@ sub add_account { sub edit_account { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Edit"; AM->get_account(\%myconfig, \%$form); @@ -90,6 +93,8 @@ sub edit_account { sub account_header { $lxdebug->enter_sub(); + $auth->assert('config'); + if ( $form->{action} eq 'edit_account') { $form->{account_exists} = '1'; } @@ -348,12 +353,11 @@ sub account_header { sub form_footer { $lxdebug->enter_sub(); - print qq| + $auth->assert('config'); - + print qq| -{login}> -{password}> +
|; if ((!$form->{id}) || ($form->{id} && $form->{orphaned}) || (($form->{type} eq "account") && (!$form->{new_chart_valid}))) { @@ -381,6 +385,8 @@ sub form_footer { sub save_account { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("accno", $locale->text('Account Number missing!')); $form->isblank("description", $locale->text('Account Description missing!')); @@ -398,6 +404,8 @@ sub save_account { sub list_account { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{callback} = build_std_url('action=list_account'); my $link_edit_account = build_std_url('action=edit_account', 'callback'); @@ -449,6 +457,8 @@ sub list_account_details { # Ajax Funktion aus list_account_details $lxdebug->enter_sub(); + $auth->assert('config'); + my $chart_id = $form->{args}; CA->all_accounts(\%myconfig, \%$form, $chart_id); @@ -514,6 +524,8 @@ sub list_account_details { sub delete_account { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text('Delete Account'); foreach $id ( @@ -534,12 +546,12 @@ sub delete_account { sub add_department { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Add"; $form->{role} = "P"; - $form->{callback} = - "$form->{script}?action=add_department&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=add_department" unless $form->{callback}; &department_header; &form_footer; @@ -550,6 +562,8 @@ sub add_department { sub edit_department { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Edit"; AM->get_department(\%myconfig, \%$form); @@ -563,10 +577,11 @@ sub edit_department { sub list_department { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->departments(\%myconfig, \%$form); - $form->{callback} = - "$form->{script}?action=list_department&login=$form->{login}&password=$form->{password}"; + $form->{callback} = "am.pl?action=list_department"; $callback = $form->escape($form->{callback}); @@ -622,7 +637,7 @@ sub list_department { $profitcenter = ($ref->{role} eq "P") ? "X" : ""; $column_data{description} = - qq|{script}?action=edit_department&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{description}|; + qq|$ref->{description}|; $column_data{cost} = qq|$costcenter|; $column_data{profit} = qq|$profitcenter|; @@ -643,15 +658,12 @@ sub list_department {
-

{script}> + -{login}> -{password}> - @@ -667,6 +679,8 @@ sub list_department { sub department_header { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("$form->{title} Department"); # $locale->text('Add Department') @@ -690,7 +704,7 @@ sub department_header { print qq| -{script}> + {id}> @@ -723,6 +737,8 @@ sub department_header { sub save_department { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("description", $locale->text('Description missing!')); AM->save_department(\%myconfig, \%$form); $form->redirect($locale->text('Department saved!')); @@ -733,6 +749,8 @@ sub save_department { sub delete_department { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_department(\%myconfig, \%$form); $form->redirect($locale->text('Department deleted!')); @@ -742,11 +760,11 @@ sub delete_department { sub add_lead { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Add"; - $form->{callback} = - "$form->{script}?action=add_lead&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=add_lead" unless $form->{callback}; &lead_header; &form_footer; @@ -757,6 +775,8 @@ sub add_lead { sub edit_lead { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Edit"; AM->get_lead(\%myconfig, \%$form); @@ -772,10 +792,11 @@ sub edit_lead { sub list_lead { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->lead(\%myconfig, \%$form); - $form->{callback} = - "$form->{script}?action=list_lead&login=$form->{login}&password=$form->{password}"; + $form->{callback} = "am.pl?action=list_lead"; $callback = $form->escape($form->{callback}); @@ -818,8 +839,7 @@ sub list_lead { $lead = $ref->{lead}; - $column_data{description} = - qq|{script}?action=edit_lead&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{lead}|; + $column_data{description} = qq|$ref->{lead}|; map { print "$column_data{$_}\n" } @column_index; @@ -835,15 +855,12 @@ sub list_lead {
-{script}> + -{login}> -{password}> - @@ -859,6 +876,8 @@ sub list_lead { sub lead_header { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("$form->{title} Lead"); # $locale->text('Add Lead') @@ -874,7 +893,7 @@ sub lead_header { print qq| -{script}> + {id}> @@ -899,6 +918,8 @@ sub lead_header { sub save_lead { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("description", $locale->text('Description missing!')); AM->save_lead(\%myconfig, \%$form); $form->redirect($locale->text('lead saved!')); @@ -909,6 +930,8 @@ sub save_lead { sub delete_lead { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_lead(\%myconfig, \%$form); $form->redirect($locale->text('lead deleted!')); @@ -918,11 +941,11 @@ sub delete_lead { sub add_business { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Add"; - $form->{callback} = - "$form->{script}?action=add_business&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=add_business" unless $form->{callback}; &business_header; &form_footer; @@ -948,10 +971,11 @@ sub edit_business { sub list_business { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->business(\%myconfig, \%$form); - $form->{callback} = - "$form->{script}?action=list_business&login=$form->{login}&password=$form->{password}"; + $form->{callback} = "am.pl?action=list_business"; $callback = $form->escape($form->{callback}); @@ -1007,8 +1031,7 @@ sub list_business { $form->format_amount(\%myconfig, $ref->{discount} * 100); $description = $ref->{description}; - $column_data{description} = - qq|{script}?action=edit_business&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$description|; + $column_data{description} = qq|$description|; $column_data{discount} = qq|$discount|; $column_data{customernumberinit} = qq|$ref->{customernumberinit}|; @@ -1030,15 +1053,12 @@ sub list_business {
-{script}> + -{login}> -{password}> - @@ -1054,6 +1074,8 @@ sub list_business { sub business_header { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("$form->{title} Business"); # $locale->text('Add Business') @@ -1068,7 +1090,7 @@ sub business_header { print qq| -{script}> + {id}> @@ -1101,6 +1123,8 @@ sub business_header { sub save_business { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("description", $locale->text('Description missing!')); $form->{discount} = $form->parse_amount(\%myconfig, $form->{discount}) / 100; AM->save_business(\%myconfig, \%$form); @@ -1112,6 +1136,8 @@ sub save_business { sub delete_business { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_business(\%myconfig, \%$form); $form->redirect($locale->text('Business deleted!')); @@ -1121,11 +1147,11 @@ sub delete_business { sub add_language { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Add"; - $form->{callback} = - "$form->{script}?action=add_language&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=add_language" unless $form->{callback}; &language_header; &form_footer; @@ -1136,6 +1162,8 @@ sub add_language { sub edit_language { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Edit"; AM->get_language(\%myconfig, \%$form); @@ -1151,10 +1179,11 @@ sub edit_language { sub list_language { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->language(\%myconfig, \%$form); - $form->{callback} = - "$form->{script}?action=list_language&login=$form->{login}&password=$form->{password}"; + $form->{callback} = "am.pl?action=list_language"; $callback = $form->escape($form->{callback}); @@ -1220,7 +1249,7 @@ sub list_language { $column_data{description} = - qq|{script}?action=edit_language&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{description}|; + qq|$ref->{description}|; $column_data{template_code} = qq|$ref->{template_code}|; $column_data{article_code} = qq|$ref->{article_code}|; @@ -1256,15 +1285,12 @@ sub list_language {
-{script}> + -{login}> -{password}> - @@ -1280,6 +1306,8 @@ sub list_language { sub language_header { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("$form->{title} Language"); # $locale->text('Add Language') @@ -1317,7 +1345,7 @@ sub language_header { print qq| -{script}> + {id}> @@ -1368,6 +1396,8 @@ sub language_header { sub save_language { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("description", $locale->text('Language missing!')); $form->isblank("template_code", $locale->text('Template Code missing!')); $form->isblank("article_code", $locale->text('Article Code missing!')); @@ -1380,6 +1410,8 @@ sub save_language { sub delete_language { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_language(\%myconfig, \%$form); $form->redirect($locale->text('Language deleted!')); @@ -1390,13 +1422,14 @@ sub delete_language { sub add_buchungsgruppe { $lxdebug->enter_sub(); + $auth->assert('config'); + # $locale->text("Add Buchungsgruppe") # $locale->text("Edit Buchungsgruppe") $form->{title} = "Add"; - $form->{callback} = - "$form->{script}?action=add_buchungsgruppe&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=add_buchungsgruppe" unless $form->{callback}; + AM->get_buchungsgruppe(\%myconfig, \%$form); $form->{"inventory_accno_id"} = $form->{"std_inventory_accno_id"}; for (my $i = 0; 4 > $i; $i++) { @@ -1413,6 +1446,8 @@ sub add_buchungsgruppe { sub edit_buchungsgruppe { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Edit"; AM->get_buchungsgruppe(\%myconfig, \%$form); @@ -1427,10 +1462,11 @@ sub edit_buchungsgruppe { sub list_buchungsgruppe { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->buchungsgruppe(\%myconfig, \%$form); - $form->{callback} = - "$form->{script}?action=list_buchungsgruppe&login=$form->{login}&password=$form->{password}"; + $form->{callback} = "am.pl?action=list_buchungsgruppe"; $callback = $form->escape($form->{callback}); @@ -1512,9 +1548,7 @@ sub list_buchungsgruppe { |; - my $swap_link = qq|$form->{script}?action=swap_buchungsgruppen&|; - map({ $swap_link .= $_ . "=" . $form->escape($form->{$_}) . "&" } - qw(login password)); + my $swap_link = qq|am.pl?action=swap_buchungsgruppen&|; my $row = 0; foreach $ref (@{ $form->{ALL} }) { @@ -1548,8 +1582,7 @@ sub list_buchungsgruppe { qq||; } - $column_data{description} = - qq|{script}?action=edit_buchungsgruppe&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{description}|; + $column_data{description} = qq|$ref->{description}|; $column_data{inventory_accno} = qq|$ref->{inventory_accno}|; $column_data{income_accno_0} = qq|$ref->{income_accno_0}|; @@ -1583,15 +1616,12 @@ sub list_buchungsgruppe {
-{script}> + -{login}> -{password}> - @@ -1607,6 +1637,8 @@ sub list_buchungsgruppe { sub buchungsgruppe_header { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("$form->{title} Buchungsgruppe"); # $locale->text('Add Accounting Group') @@ -1721,7 +1753,7 @@ sub buchungsgruppe_header { print qq| -{script}> + {id}> @@ -1747,6 +1779,8 @@ sub buchungsgruppe_header { sub save_buchungsgruppe { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("description", $locale->text('Description missing!')); AM->save_buchungsgruppe(\%myconfig, \%$form); @@ -1758,6 +1792,8 @@ sub save_buchungsgruppe { sub delete_buchungsgruppe { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_buchungsgruppe(\%myconfig, \%$form); $form->redirect($locale->text('Accounting Group deleted!')); @@ -1767,6 +1803,8 @@ sub delete_buchungsgruppe { sub swap_buchungsgruppen { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->swap_sortkeys(\%myconfig, $form, "buchungsgruppen"); list_buchungsgruppe(); @@ -1777,11 +1815,11 @@ sub swap_buchungsgruppen { sub add_printer { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Add"; - $form->{callback} = - "$form->{script}?action=add_printer&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=add_printer" unless $form->{callback}; &printer_header; &form_footer; @@ -1792,6 +1830,8 @@ sub add_printer { sub edit_printer { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Edit"; AM->get_printer(\%myconfig, \%$form); @@ -1807,10 +1847,11 @@ sub edit_printer { sub list_printer { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->printer(\%myconfig, \%$form); - $form->{callback} = - "$form->{script}?action=list_printer&login=$form->{login}&password=$form->{password}"; + $form->{callback} = "am.pl?action=list_printer"; $callback = $form->escape($form->{callback}); @@ -1863,8 +1904,7 @@ sub list_printer { |; - $column_data{printer_description} = - qq|{script}?action=edit_printer&id=$ref->{id}&login=$form->{login}&password=$form->{password}&callback=$callback>$ref->{printer_description}|; + $column_data{printer_description} = qq|$ref->{printer_description}"|; $column_data{printer_command} = qq|$ref->{printer_command}|; $column_data{template_code} = qq|$ref->{template_code}|; @@ -1886,15 +1926,12 @@ sub list_printer {
-{script}> + -{login}> -{password}> - @@ -1910,6 +1947,8 @@ sub list_printer { sub printer_header { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("$form->{title} Printer"); # $locale->text('Add Printer') @@ -1925,7 +1964,7 @@ sub printer_header { print qq| -{script}> + {id}> @@ -1958,6 +1997,8 @@ sub printer_header { sub save_printer { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("printer_description", $locale->text('Description missing!')); $form->isblank("printer_command", $locale->text('Printer Command missing!')); AM->save_printer(\%myconfig, \%$form); @@ -1969,6 +2010,8 @@ sub save_printer { sub delete_printer { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_printer(\%myconfig, \%$form); $form->redirect($locale->text('Printer deleted!')); @@ -1978,11 +2021,11 @@ sub delete_printer { sub add_payment { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Add"; - $form->{callback} = - "$form->{script}?action=add_payment&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} = "am.pl?action=add_payment" unless $form->{callback}; $form->{terms_netto} = 0; $form->{terms_skonto} = 0; @@ -2000,6 +2043,8 @@ sub add_payment { sub edit_payment { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = "Edit"; AM->get_payment(\%myconfig, $form); @@ -2017,6 +2062,8 @@ sub edit_payment { sub list_payment { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->payment(\%myconfig, \%$form); $form->{callback} = build_std_url("action=list_payment"); @@ -2145,15 +2192,12 @@ sub list_payment {
-{script}> + -{login}> -{password}> - @@ -2169,6 +2213,8 @@ sub list_payment { sub payment_header { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("$form->{title} Payment Terms"); # $locale->text('Add Payment Terms') @@ -2183,7 +2229,7 @@ sub payment_header { print qq| -{script}> + {id}> @@ -2275,6 +2321,8 @@ sub payment_header { sub save_payment { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("description", $locale->text('Description missing!')); $form->{"percent_skonto"} = $form->parse_amount(\%myconfig, $form->{percent_skonto}) / 100; @@ -2287,6 +2335,8 @@ sub save_payment { sub delete_payment { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_payment(\%myconfig, \%$form); $form->redirect($locale->text('Payment terms deleted!')); @@ -2296,6 +2346,8 @@ sub delete_payment { sub swap_payment_terms { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->swap_sortkeys(\%myconfig, $form, "payment_terms"); list_payment(); @@ -2438,6 +2490,7 @@ sub config { $myconfig{show_form_details} = 1 unless (defined($myconfig{show_form_details})); $form->{"menustyle_$myconfig{menustyle}"} = 1; + $form->{CAN_CHANGE_PASSWORD} = $auth->can_change_password(); $form->{title} = $locale->text('Edit Preferences for #1', $form->{login}); @@ -2452,10 +2505,7 @@ sub save_preferences { $form->{stylesheet} = $form->{usestylesheet}; - $form->redirect($locale->text('Preferences saved!')) - if ( - AM->save_preferences(\%myconfig, \%$form, $memberfile, $userspath, $webdav - )); + $form->redirect($locale->text('Preferences saved!')) if (AM->save_preferences(\%myconfig, \%$form, $webdav)); $form->error($locale->text('Cannot save preferences!')); $lxdebug->leave_sub(); @@ -2464,6 +2514,8 @@ sub save_preferences { sub audit_control { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text('Audit Control'); AM->closedto(\%myconfig, \%$form); @@ -2479,10 +2531,7 @@ sub audit_control { print qq| -{script}> - -{login}> -{password}> + @@ -2528,6 +2577,8 @@ sub audit_control { sub doclose { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->closebooks(\%myconfig, \%$form); if ($form->{revtrans}) { @@ -2549,6 +2600,8 @@ sub doclose { sub edit_units { $lxdebug->enter_sub(); + $auth->assert('config'); + $units = AM->retrieve_units(\%myconfig, $form, $form->{"unit_type"}, "resolved_"); AM->units_in_use(\%myconfig, $form, $units); map({ $units->{$_}->{"BASE_UNIT_DDBOX"} = AM->unit_select_data($units, $units->{$_}->{"base_unit"}, 1); } keys(%{$units})); @@ -2592,6 +2645,8 @@ sub edit_units { sub add_unit { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("new_name", $locale->text("The name is missing.")); $units = AM->retrieve_units(\%myconfig, $form, $form->{"unit_type"}); $all_units = AM->retrieve_units(\%myconfig, $form); @@ -2628,6 +2683,8 @@ sub add_unit { sub set_unit_languages { $lxdebug->enter_sub(); + $auth->assert('config'); + my ($unit, $languages, $idx) = @_; $unit->{"LANGUAGES"} = []; @@ -2646,6 +2703,8 @@ sub set_unit_languages { sub save_unit { $lxdebug->enter_sub(); + $auth->assert('config'); + $old_units = AM->retrieve_units(\%myconfig, $form, $form->{"unit_type"}, "resolved_"); AM->units_in_use(\%myconfig, $form, $old_units); @@ -2724,6 +2783,8 @@ sub save_unit { sub show_history_search { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text("History Search"); $form->header(); @@ -2734,6 +2795,9 @@ sub show_history_search { sub show_am_history { $lxdebug->enter_sub(); + + $auth->assert('config'); + my %search = ( "Artikelnummer" => "parts", "Kundennummer" => "customer", "Lieferantennummer" => "vendor", @@ -2819,6 +2883,9 @@ sub show_am_history { sub get_employee_id { $lxdebug->enter_sub(); + + $auth->assert('config'); + my $query = qq|SELECT id FROM employee WHERE name = '| . $_[0] . qq|'|; my $sth = $_[1]->prepare($query); $sth->execute() || $form->dberror($query); @@ -2831,6 +2898,8 @@ sub get_employee_id { sub swap_units { $lxdebug->enter_sub(); + $auth->assert('config'); + my $dir = $form->{"dir"} eq "down" ? "down" : "up"; my $unit_type = $form->{"unit_type"} eq "dimension" ? "dimension" : "service"; @@ -2844,11 +2913,11 @@ sub swap_units { sub add_tax { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text('Add'); - $form->{callback} = - "$form->{script}?action=add_tax&login=$form->{login}&password=$form->{password}" - unless $form->{callback}; + $form->{callback} ||= "am.pl?action=add_tax"; _get_taxaccount_selection(); @@ -2867,6 +2936,8 @@ sub add_tax { sub edit_tax { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text('Edit'); AM->get_tax(\%myconfig, \%$form); @@ -2888,6 +2959,8 @@ sub edit_tax { sub list_tax { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->taxes(\%myconfig, \%$form); map { $_->{rate} = $form->format_amount(\%myconfig, $_->{rate}, 2) } @{ $form->{TAX} }; @@ -2907,6 +2980,8 @@ sub list_tax { sub _get_taxaccount_selection{ $lxdebug->enter_sub(); + $auth->assert('config'); + AM->get_tax_accounts(\%myconfig, \%$form); map { $_->{selected} = $form->{chart_id} == $_->{id} } @{ $form->{ACCOUNTS} }; @@ -2917,6 +2992,8 @@ sub _get_taxaccount_selection{ sub save_tax { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("rate", $locale->text('Taxrate missing!')); $form->isblank("taxdescription", $locale->text('Taxdescription missing!')); $form->isblank("taxkey", $locale->text('Taxkey missing!')); @@ -2940,6 +3017,8 @@ sub save_tax { sub delete_tax { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_tax(\%myconfig, \%$form); $form->redirect($locale->text('Tax deleted!')); @@ -2949,6 +3028,8 @@ sub delete_tax { sub add_price_factor { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text('Add Price Factor'); $form->{callback} ||= build_std_url('action=add_price_factor'); $form->{fokus} = 'description'; @@ -2962,6 +3043,8 @@ sub add_price_factor { sub edit_price_factor { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->{title} = $locale->text('Edit Price Factor'); $form->{callback} ||= build_std_url('action=add_price_factor'); $form->{fokus} = 'description'; @@ -2979,6 +3062,8 @@ sub edit_price_factor { sub list_price_factors { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->get_all_price_factors(\%myconfig, \%$form); my $previous; @@ -3006,6 +3091,8 @@ sub list_price_factors { sub save_price_factor { $lxdebug->enter_sub(); + $auth->assert('config'); + $form->isblank("description", $locale->text('Description missing!')); $form->isblank("factor", $locale->text('Factor missing!')); @@ -3023,6 +3110,8 @@ sub save_price_factor { sub delete_price_factor { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->delete_price_factor(\%myconfig, \%$form); $form->{callback} .= '&MESSAGE=' . $form->escape($locale->text('Price factor deleted!')) if ($form->{callback}); @@ -3035,6 +3124,8 @@ sub delete_price_factor { sub swap_price_factors { $lxdebug->enter_sub(); + $auth->assert('config'); + AM->swap_sortkeys(\%myconfig, $form, 'price_factors'); list_price_factors();

$form->{title}