From 6689754b6114b76ee9bc4c53762f0dfb03b95238 Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Wed, 9 Sep 2009 09:24:01 +0000 Subject: [PATCH] Added two special access areas for bank gl postings and GRN removal. --- gl/gl_journal.php | 2 +- gl/includes/ui/gl_journal_ui.inc | 2 +- includes/access_levels.inc | 2 ++ purchasing/includes/ui/invoice_ui.inc | 8 ++++---- purchasing/supplier_invoice.php | 2 +- 5 files changed, 9 insertions(+), 7 deletions(-) diff --git a/gl/gl_journal.php b/gl/gl_journal.php index 4e23d2f7..33431822 100644 --- a/gl/gl_journal.php +++ b/gl/gl_journal.php @@ -239,7 +239,7 @@ function check_item_data() return false; } - if ($_SESSION["wa_current_user"]->access != 2 && is_bank_account($_POST['code_id'])) + if (!$_SESSION["wa_current_user"]->can_access('SA_BANKJOURNAL') && is_bank_account($_POST['code_id'])) { display_error(_("You cannot make a journal entry for a bank account. Please use one of the banking functions for bank transactions.")); set_focus('code_id'); diff --git a/gl/includes/ui/gl_journal_ui.inc b/gl/includes/ui/gl_journal_ui.inc index 4c724229..db92a7bb 100644 --- a/gl/includes/ui/gl_journal_ui.inc +++ b/gl/includes/ui/gl_journal_ui.inc @@ -192,7 +192,7 @@ function gl_edit_item_controls(&$order, $dim, $Index=null) $Ajax->activate('code_id'); } - $skip_bank = ($_SESSION["wa_current_user"]->access != 2); + $skip_bank = !$_SESSION["wa_current_user"]->can_access('SA_BANKJOURNAL'); gl_all_accounts_list('code_id', null, $skip_bank, true); if ($dim >= 1) dimensions_list_cells(null, 'dimension_id', null, true, " ", false, 1); diff --git a/includes/access_levels.inc b/includes/access_levels.inc index f1ccc7f6..d884e741 100644 --- a/includes/access_levels.inc +++ b/includes/access_levels.inc @@ -154,6 +154,7 @@ $security_areas =array( 'SA_PURCHASEORDER' => array(SS_PURCH|3, _("Purchase order entry")), 'SA_GRN' => array(SS_PURCH|4, _("Purchase receive")), 'SA_SUPPLIERINVOICE' => array(SS_PURCH|5, _("Supplier invoices")), + 'SA_GRNDELETE' => array(SS_PURCH|9, _("Deleting GRN items during invoice entry")), 'SA_SUPPLIERCREDIT' => array(SS_PURCH|6, _("Supplier credit notes")), 'SA_SUPPLIERPAYMNT' => array(SS_PURCH|7, _("Supplier payments")), 'SA_SUPPLIERALLOC' => array(SS_PURCH|8, _("Supplier payments allocations")), @@ -225,6 +226,7 @@ $security_areas =array( 'SA_BANKTRANSFER' => array(SS_GL|6, _("Bank account transfers")), 'SA_RECONCILE' => array(SS_GL|7, _("Bank reconciliation")), 'SA_JOURNALENTRY' => array(SS_GL|8, _("Manual journal entries")), + 'SA_BANKJOURNAL' => array(SS_GL|11, _("Journal entries to bank related accounts")), 'SA_BUDGETENTRY' => array(SS_GL|9, _("Budget edition")), 'SA_STANDARDCOST' => array(SS_GL|10, _("Item standard costs")), diff --git a/purchasing/includes/ui/invoice_ui.inc b/purchasing/includes/ui/invoice_ui.inc index cee5abbd..a3a599cb 100644 --- a/purchasing/includes/ui/invoice_ui.inc +++ b/purchasing/includes/ui/invoice_ui.inc @@ -390,7 +390,7 @@ function display_grn_items_for_selection(&$supp_trans, $k) submit_cells('grn_item_id'.$n, _("Add"), '', _("Add to Invoice"), true); else submit_cells('grn_item_id'.$n, _("Add"), '', _("Add to Credit Note"), true); - if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->access == 2) { // Added 2008-10-18 by Joe Hunt. Only admins can remove GRNs + if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->can_access('SA_GRNDELETE')) { // Added 2008-10-18 by Joe Hunt. Special access rights needed. submit_cells('void_item_id'.$n, _("Remove"), '', _("WARNING! Be careful with removal. The operation is executed immediately and cannot be undone !!!"), true); submit_js_confirm('void_item_id'.$n, sprintf(_('You are about to remove all yet non-invoiced items from delivery line #%d. This operation also irreversibly changes related order line. Do you want to continue ?'), $n)); @@ -425,7 +425,7 @@ function display_grn_items(&$supp_trans, $mode=0) if ($supp_trans->is_invoice) { $heading = _("Items Received Yet to be Invoiced"); - if ($_SESSION["wa_current_user"]->access == 2) // Added 2008-10-18 by Joe Hunt. Only admins can remove GRNs + if ($_SESSION["wa_current_user"]->can_access('SA_GRNDELETE')) // Added 2008-10-18 by Joe Hunt. Only admins can remove GRNs $heading2 = _("WARNING! Be careful with removal. The operation is executed immediately and cannot be undone !!!"); } else @@ -472,7 +472,7 @@ function display_grn_items(&$supp_trans, $mode=0) $th = array(_("Delivery"), _("Sequence #"), _("P.O."), _("Item"), _("Description"), _("Received On"), _("Quantity Received"), _("Quantity Invoiced"), _("Qty Yet To Invoice"), _("Order Price"), _("Total"), ""); - if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->access == 2) // Added 2008-10-18 by Joe Hunt. Only admins can remove GRNs + if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->can_access('SA_GRNDELETE')) // Added 2008-10-18 by Joe Hunt. Only admins can remove GRNs $th[] = ""; if (!$supp_trans->is_invoice) { @@ -518,7 +518,7 @@ function display_grn_items(&$supp_trans, $mode=0) if ($mode == 1) { delete_button_cell("Delete" . $entered_grn->id, _("Edit"), _('Edit document line')); - if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->access == 2) + if ($supp_trans->is_invoice && $_SESSION["wa_current_user"]->can_access('SA_GRNDELETE')) label_cell(""); } end_row(); diff --git a/purchasing/supplier_invoice.php b/purchasing/supplier_invoice.php index 11cd376a..5302ee67 100644 --- a/purchasing/supplier_invoice.php +++ b/purchasing/supplier_invoice.php @@ -334,7 +334,7 @@ if ($id4 != -1) } $id2 = -1; -if ($_SESSION["wa_current_user"]->access == 2) +if ($_SESSION["wa_current_user"]->can_access('SA_GRNDELETE')) { $id2 = find_submit('void_item_id'); if ($id2 != -1) -- 2.30.2