diff options
| author | mark <mark> | 2009-06-18 01:17:09 +0000 | 
|---|---|---|
| committer | mark <mark> | 2009-06-18 01:17:09 +0000 | 
| commit | b236545e63f3653203baba2785506dbafe88a22a (patch) | |
| tree | 70cbfd8480e49d2aa67195836393115e9893aca5 /httemplate | |
| parent | 94ff0d1fe71494acad3cb252b1054c2768671c4a (diff) | |
Fix receivables report ACL checks and menu
Diffstat (limited to 'httemplate')
| -rw-r--r-- | httemplate/elements/menu.html | 41 | ||||
| -rwxr-xr-x | httemplate/search/report_receivables.cgi | 3 | ||||
| -rwxr-xr-x | httemplate/search/report_receivables.html | 3 | 
3 files changed, 27 insertions, 20 deletions
| diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 5154e1127..5789a8a3f 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -185,23 +185,27 @@ tie my %report_bill_event, 'Tie::IxHash',    'Invoice event errors' => [ $fsurl.'search/cust_bill_event.html?failed=1', 'Reports on deprecated, old-style events for failed credit cards, processor or printer problems, etc.' ],  ; -tie my %report_financial, 'Tie::IxHash',  -  'Sales, Credits and Receipts' => [ $fsurl.'graph/report_money_time.html', 'Sales, credits and receipts summary graph' ], -  'Sales Report' => [ $fsurl.'graph/report_cust_bill_pkg.html', 'Sales report and graph (by agent, package class and/or date range)' ], -  'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ], -  'Payment Report' => [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ], -; -$report_financial{'Pending Payment Report'} = [ $fsurl.'search/cust_pay_pending.html?magic=_date;statusNOT=done', 'Pending real-time payments' ] -  if $curuser->access_right('View customer pending payments'); -$report_financial{'Payment Batch Report'} = [ $fsurl.'search/pay_batch.html', 'Payment batches (by status and/or date range)' ] -  if $conf->exists('batch-enable') || $conf->config('batch-enable_payby'); -$report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ] -  if $curuser->access_right('Receivables report'); -$report_financial{'Prepaid Income'} = [ $fsurl.'search/report_prepaid_income.html', 'Prepaid income (unearned revenue)  report' ]; -$report_financial{'Sales Tax Liability'} = [ $fsurl.'search/report_tax.html', 'Sales tax liability report (old taxclass system)' ]; -$report_financial{'Tax Liability'} = [ $fsurl.'search/report_newtax.html', 'Tax liability report (new tax products system)' ] -  if $conf->exists('enable_taxproducts'); -; +tie my %report_financial, 'Tie::IxHash'; +if($curuser->access_right('Financial reports')) { +  %report_financial = ( +    'Sales, Credits and Receipts' => [ $fsurl.'graph/report_money_time.html', 'Sales, credits and receipts summary graph' ], +    'Sales Report' => [ $fsurl.'graph/report_cust_bill_pkg.html', 'Sales report and graph (by agent, package class and/or date range)' ], +    'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ], +    'Payment Report' => [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ], +  ); +  $report_financial{'Pending Payment Report'} = [ $fsurl.'search/cust_pay_pending.html?magic=_date;statusNOT=done', 'Pending real-time payments' ] +    if $curuser->access_right('View customer pending payments'); +  $report_financial{'Payment Batch Report'} = [ $fsurl.'search/pay_batch.html', 'Payment batches (by status and/or date range)' ] +    if $conf->exists('batch-enable') || $conf->config('batch-enable_payby'); +  $report_financial{'Prepaid Income'} = [ $fsurl.'search/report_prepaid_income.html', 'Prepaid income (unearned revenue)  report' ]; +  $report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ]; +  $report_financial{'Sales Tax Liability'} = [ $fsurl.'search/report_tax.html', 'Sales tax liability report (old taxclass system)' ]; +  $report_financial{'Tax Liability'} = [ $fsurl.'search/report_newtax.html', 'Tax liability report (new tax products system)' ] +    if $conf->exists('enable_taxproducts'); +} +elsif($curuser->access_right('Receivables report')) { +  $report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ]; +} # else $report_financial contains nothing.  tie my %report_menu, 'Tie::IxHash';  $report_menu{'Customers'}   = [ \%report_customers, 'Customer reports'  ] @@ -217,7 +221,8 @@ $report_menu{'Usage'} =  [ \%report_rating,    'Usage reports'  ]  $report_menu{'Billing events'} =  [ \%report_bill_event, 'Billing events' ]    if $curuser->access_right('Billing event reports');  $report_menu{'Financial'}  = [ \%report_financial, 'Financial reports' ] -  if $curuser->access_right('Financial reports'); +  if $curuser->access_right('Financial reports')  +  or $curuser->access_right('Receivables report');  $report_menu{'SQL Query'}  = [ $fsurl.'search/report_sql.html', 'SQL Query' ]    if $curuser->access_right('Raw SQL'); diff --git a/httemplate/search/report_receivables.cgi b/httemplate/search/report_receivables.cgi index 21d7d94c6..63adba05e 100755 --- a/httemplate/search/report_receivables.cgi +++ b/httemplate/search/report_receivables.cgi @@ -71,7 +71,8 @@  <%init>  die "access denied" -  unless $FS::CurrentUser::CurrentUser->access_right('Receivables report'); +  unless $FS::CurrentUser::CurrentUser->access_right('Receivables report') +      or $FS::CurrentUser::CurrentUser->access_right('Financial reports');  my @ranges = (    [  0, 30 ], diff --git a/httemplate/search/report_receivables.html b/httemplate/search/report_receivables.html index 4f29b063e..bfb016945 100755 --- a/httemplate/search/report_receivables.html +++ b/httemplate/search/report_receivables.html @@ -35,6 +35,7 @@  <%init>  die "access denied" -  unless $FS::CurrentUser::CurrentUser->access_right('Receivables report'); +  unless $FS::CurrentUser::CurrentUser->access_right('Receivables report') +      or $FS::CurrentUser::CurrentUser->access_right('Financial reports');  </%init> | 
