From 351fb8da86c1c20e0f672b3262850d14f756bedf Mon Sep 17 00:00:00 2001 From: Ivan Kohler Date: Mon, 15 Apr 2013 19:18:59 -0700 Subject: [PATCH] add separate ACL for employee reports, RT#22516 --- FS/FS/AccessRight.pm | 2 ++ FS/FS/access_right.pm | 3 ++ httemplate/elements/menu.html | 35 ++++++++++++++--------- httemplate/search/employee_audit.html | 2 +- httemplate/search/part_pkg.html | 2 +- httemplate/search/report_employee_audit.html | 2 +- httemplate/search/report_employee_commission.html | 2 +- 7 files changed, 31 insertions(+), 17 deletions(-) diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index e1001d714..091e7af2c 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -304,6 +304,8 @@ tie my %rights, 'Tie::IxHash', 'Usage: Call Detail Records (CDRs)', 'Usage: Unrateable CDRs', 'Usage: Time worked', + { rightname=>'Employees: Commission Report', global=>1 }, + { rightname=>'Employees: Audit Report', global=>1 }, #{ rightname => 'List customers of all agents', global=>1 }, ], diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm index e6c847da4..a9d5de241 100644 --- a/FS/FS/access_right.pm +++ b/FS/FS/access_right.pm @@ -230,6 +230,9 @@ sub _upgrade_data { # class method 'Provision customer service' => [ 'Edit password' ], + 'Financial reports' => [ 'Employees: Commission Report', + 'Employees: Audit Report', + ], ; foreach my $old_acl ( keys %onetime ) { diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 0560b37e6..1c55c14f4 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -310,8 +310,7 @@ $report_payments{'Deleted Payments / Payment history table'} = [ $fsurl.'search/ if $conf->exists('payment-history-report'); tie my %report_financial, 'Tie::IxHash'; -if($curuser->access_right('Financial reports')) { - +if ( $curuser->access_right('Financial reports') ) { %report_financial = ( 'Sales, Credits and Receipts' => [ $fsurl.'graph/report_money_time.html', 'Sales, credits and receipts summary graph' ], 'Daily Sales, Credits and Receipts' => [ $fsurl.'graph/report_money_time_daily.html', 'Sales, credits and receipts (broken down by day) summary graph' ], @@ -319,14 +318,25 @@ if($curuser->access_right('Financial reports')) { 'Rated Call Sales Report' => [ $fsurl.'graph/report_cust_bill_pkg_detail.html', 'Sales report and graph (by agent, package class, usage class and/or date range)' ], 'Sales With Advertising Source' => [ $fsurl.'search/report_cust_bill_pkg_referral.html' ], 'Sales with Agent Commissions' => [ $fsurl.'search/report_agent_commission.html' ], - 'Employee Commission Report' => [ $fsurl.'search/report_employee_commission.html', '' ], - 'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ], - 'Credit application detail' => [ $fsurl.'search/report_cust_credit_bill_pkg.html', 'Line item application detail' ], 'Unapplied Credits' => [ $fsurl.'search/report_cust_credit.html?unapplied=1', 'Unapplied credit report (by type and/or date range)' ], - 'Refund Report' => [ $fsurl.'search/report_cust_refund.html', 'Refund report (by type and/or date range)' ], - 'Unapplied Refunds' => [ $fsurl.'search/report_cust_refund.html?unapplied=1', 'Unapplied refund report (by type and/or date range)' ], - 'Package Costs Report' => [ $fsurl.'graph/report_cust_pkg_cost.html', 'Package setup and recurring costs graph' ], - 'Employee Audit Report' => [ $fsurl.'search/report_employee_audit.html', 'Employee audit report' ], ); +} + +$report_financial{'Employee Commission Report'} = [ $fsurl.'search/report_employee_commission.html', '' ] + if $curuser->access_right('Employees: Commission Report'); + +if ( $curuser->access_right('Financial reports')) { + $report_financial{'Credit Report'} = [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ]; + $report_financial{'Credit application detail'} = [ $fsurl.'search/report_cust_credit_bill_pkg.html', 'Line item application detail' ]; + $report_financial{'Unapplied Credits'} = [ $fsurl.'search/report_cust_credit.html?unapplied=1', 'Unapplied credit report (by type and/or date range)' ]; + $report_financial{'Refund Report'} = [ $fsurl.'search/report_cust_refund.html', 'Refund report (by type and/or date range)' ]; + $report_financial{'Unapplied Refunds'} = [ $fsurl.'search/report_cust_refund.html?unapplied=1', 'Unapplied refund report (by type and/or date range)' ]; + $report_financial{'Package Costs Report'} = [ $fsurl.'graph/report_cust_pkg_cost.html', 'Package setup and recurring costs graph' ]; +} + +$report_financial{'Employee Audit Report'} = [ $fsurl.'search/report_employee_audit.html', 'Employee audit report' ] + if $curuser->access_right('Employees: Audit Report'); + +if ( $curuser->access_right('Financial reports')) { $report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ]; $report_financial{'Prepaid Income'} = [ $fsurl.'search/report_prepaid_income.html', 'Prepaid income (unearned revenue) report' ]; @@ -337,11 +347,11 @@ if($curuser->access_right('Financial reports')) { $report_financial{'Customer Accounting Summary'} = [ $fsurl.'search/report_customer_accounting_summary.html', 'Customer accounting summary report' ]; -} elsif($curuser->access_right('Receivables report')) { +} elsif ($curuser->access_right('Receivables report')) { $report_financial{'A/R Aging'} = [ $fsurl.'search/report_receivables.html', 'Accounts Receivable Aging report' ]; -} # else $report_financial contains nothing. +} tie my %report_logs, 'Tie::IxHash'; $report_logs{'System log'} = [ $fsurl.'search/log.html', 'View system events and debugging information.' ], @@ -376,8 +386,7 @@ $report_menu{'Tickets'} = [ \%report_ticketing, 'Ticket reports' ] $report_menu{'Billing events'} = [ \%report_bill_event, 'Billing events' ] if $curuser->access_right('Billing event reports'); $report_menu{'Financial'} = [ \%report_financial, 'Financial reports' ] - if $curuser->access_right('Financial reports') - or $curuser->access_right('Receivables report'); + if keys %report_financial; $report_menu{'Logs'} = [ \%report_logs, 'System and email logs' ] if (keys %report_logs); # empty if the user has no rights to it $report_menu{'SQL Query'} = [ $fsurl.'search/report_sql.html', 'SQL Query' ] diff --git a/httemplate/search/employee_audit.html b/httemplate/search/employee_audit.html index 753c7bff3..2bc6ff46e 100644 --- a/httemplate/search/employee_audit.html +++ b/httemplate/search/employee_audit.html @@ -7,7 +7,7 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Financial reports'); + unless $FS::CurrentUser::CurrentUser->access_right('Employees: Audit Report'); my %tables = ( cust_pay => 'Payments', diff --git a/httemplate/search/part_pkg.html b/httemplate/search/part_pkg.html index 2178346e2..a90f13c95 100644 --- a/httemplate/search/part_pkg.html +++ b/httemplate/search/part_pkg.html @@ -23,7 +23,7 @@ my $curuser = $FS::CurrentUser::CurrentUser; die "access denied" - unless $curuser->access_right('Financial reports'); + unless $curuser->access_right('Employees: Commission Report'); #that's all this does so far my $conf = new FS::Conf; my $money_char = $conf->config('money_char') || '$'; diff --git a/httemplate/search/report_employee_audit.html b/httemplate/search/report_employee_audit.html index 757b8232f..461849b76 100644 --- a/httemplate/search/report_employee_audit.html +++ b/httemplate/search/report_employee_audit.html @@ -23,7 +23,7 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Financial reports'); + unless $FS::CurrentUser::CurrentUser->access_right('Employees: Audit Report'); my %tables = ( cust_pay => 'Payments', diff --git a/httemplate/search/report_employee_commission.html b/httemplate/search/report_employee_commission.html index 51afad3b5..ebfcae82d 100644 --- a/httemplate/search/report_employee_commission.html +++ b/httemplate/search/report_employee_commission.html @@ -25,6 +25,6 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Financial reports'); + unless $FS::CurrentUser::CurrentUser->access_right('Employees: Commission Report'); -- 2.11.0