From b236545e63f3653203baba2785506dbafe88a22a Mon Sep 17 00:00:00 2001 From: mark Date: Thu, 18 Jun 2009 01:17:09 +0000 Subject: [PATCH] Fix receivables report ACL checks and menu --- httemplate/elements/menu.html | 41 +++++++++++++++++-------------- httemplate/search/report_receivables.cgi | 3 ++- httemplate/search/report_receivables.html | 3 ++- 3 files changed, 27 insertions(+), 20 deletions(-) diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 5154e1127..5789a8a3f 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -185,23 +185,27 @@ tie my %report_bill_event, 'Tie::IxHash', 'Invoice event errors' => [ $fsurl.'search/cust_bill_event.html?failed=1', 'Reports on deprecated, old-style events for failed credit cards, processor or printer problems, etc.' ], ; -tie my %report_financial, 'Tie::IxHash', - 'Sales, Credits and Receipts' => [ $fsurl.'graph/report_money_time.html', 'Sales, credits and receipts summary graph' ], - 'Sales Report' => [ $fsurl.'graph/report_cust_bill_pkg.html', 'Sales report and graph (by agent, package class and/or date range)' ], - 'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ], - 'Payment Report' => [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ], -; -$report_financial{'Pending Payment Report'} = [ $fsurl.'search/cust_pay_pending.html?magic=_date;statusNOT=done', 'Pending real-time payments' ] - if $curuser->access_right('View customer pending payments'); -$report_financial{'Payment Batch Report'} = [ $fsurl.'search/pay_batch.html', 'Payment batches (by status and/or date range)' ] - if $conf->exists('batch-enable') || $conf->config('batch-enable_payby'); -$report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ] - if $curuser->access_right('Receivables report'); -$report_financial{'Prepaid Income'} = [ $fsurl.'search/report_prepaid_income.html', 'Prepaid income (unearned revenue) report' ]; -$report_financial{'Sales Tax Liability'} = [ $fsurl.'search/report_tax.html', 'Sales tax liability report (old taxclass system)' ]; -$report_financial{'Tax Liability'} = [ $fsurl.'search/report_newtax.html', 'Tax liability report (new tax products system)' ] - if $conf->exists('enable_taxproducts'); -; +tie my %report_financial, 'Tie::IxHash'; +if($curuser->access_right('Financial reports')) { + %report_financial = ( + 'Sales, Credits and Receipts' => [ $fsurl.'graph/report_money_time.html', 'Sales, credits and receipts summary graph' ], + 'Sales Report' => [ $fsurl.'graph/report_cust_bill_pkg.html', 'Sales report and graph (by agent, package class and/or date range)' ], + 'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ], + 'Payment Report' => [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ], + ); + $report_financial{'Pending Payment Report'} = [ $fsurl.'search/cust_pay_pending.html?magic=_date;statusNOT=done', 'Pending real-time payments' ] + if $curuser->access_right('View customer pending payments'); + $report_financial{'Payment Batch Report'} = [ $fsurl.'search/pay_batch.html', 'Payment batches (by status and/or date range)' ] + if $conf->exists('batch-enable') || $conf->config('batch-enable_payby'); + $report_financial{'Prepaid Income'} = [ $fsurl.'search/report_prepaid_income.html', 'Prepaid income (unearned revenue) report' ]; + $report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ]; + $report_financial{'Sales Tax Liability'} = [ $fsurl.'search/report_tax.html', 'Sales tax liability report (old taxclass system)' ]; + $report_financial{'Tax Liability'} = [ $fsurl.'search/report_newtax.html', 'Tax liability report (new tax products system)' ] + if $conf->exists('enable_taxproducts'); +} +elsif($curuser->access_right('Receivables report')) { + $report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ]; +} # else $report_financial contains nothing. tie my %report_menu, 'Tie::IxHash'; $report_menu{'Customers'} = [ \%report_customers, 'Customer reports' ] @@ -217,7 +221,8 @@ $report_menu{'Usage'} = [ \%report_rating, 'Usage reports' ] $report_menu{'Billing events'} = [ \%report_bill_event, 'Billing events' ] if $curuser->access_right('Billing event reports'); $report_menu{'Financial'} = [ \%report_financial, 'Financial reports' ] - if $curuser->access_right('Financial reports'); + if $curuser->access_right('Financial reports') + or $curuser->access_right('Receivables report'); $report_menu{'SQL Query'} = [ $fsurl.'search/report_sql.html', 'SQL Query' ] if $curuser->access_right('Raw SQL'); diff --git a/httemplate/search/report_receivables.cgi b/httemplate/search/report_receivables.cgi index 21d7d94c6..63adba05e 100755 --- a/httemplate/search/report_receivables.cgi +++ b/httemplate/search/report_receivables.cgi @@ -71,7 +71,8 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Receivables report'); + unless $FS::CurrentUser::CurrentUser->access_right('Receivables report') + or $FS::CurrentUser::CurrentUser->access_right('Financial reports'); my @ranges = ( [ 0, 30 ], diff --git a/httemplate/search/report_receivables.html b/httemplate/search/report_receivables.html index 4f29b063e..bfb016945 100755 --- a/httemplate/search/report_receivables.html +++ b/httemplate/search/report_receivables.html @@ -35,6 +35,7 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Receivables report'); + unless $FS::CurrentUser::CurrentUser->access_right('Receivables report') + or $FS::CurrentUser::CurrentUser->access_right('Financial reports'); -- 2.11.0