use Modern::Perl;
use CGI qw ( -utf8 );
-use C4::Auth;
-use C4::Output;
-use C4::Acquisition;
-use C4::Budgets;
+use C4::Auth qw( get_template_and_user );
+use C4::Output qw( output_and_exit output_html_with_http_headers );
+use C4::Acquisition qw( CloseInvoice ReopenInvoice ModInvoice MergeInvoices DelInvoice GetInvoice GetInvoiceDetails get_rounded_price );
+use C4::Budgets qw( GetBudgetHierarchy GetBudget CanUserUseBudget );
use Koha::Acquisition::Booksellers;
-use Koha::Acquisition::Currencies;
-use Koha::DateUtils;
+use Koha::Acquisition::Currencies qw( get_active );
+use Koha::DateUtils qw( output_pref );
use Koha::Misc::Files;
use Koha::Acquisition::Invoice::Adjustments;
-my $input = new CGI;
+my $input = CGI->new;
my ( $template, $loggedinuser, $cookie, $flags ) = get_template_and_user(
{
template_name => 'acqui/invoice.tt',
query => $input,
type => 'intranet',
- authnotrequired => 0,
flagsrequired => { 'acquisition' => '*' },
- debug => 1,
}
);
output_and_exit( $input, $cookie, $template, 'insufficient_permission' )
if $op
- && not $logged_in_patron->has_permission( { acquisition => 'edit_invoices' } );
+ && ! $logged_in_patron->has_permission( { acquisition => 'edit_invoices' } )
+ && ! $logged_in_patron->has_permission( { acquisition => 'reopen_closed_invoices' } )
+ && ! $logged_in_patron->has_permission( { acquisition => 'merge_invoices' } )
+ && ! $logged_in_patron->has_permission( { acquisition => 'delete_invoices' } );
my $invoice_files;
if ( C4::Context->preference('AcqEnableFiles') ) {
}
if ( $op && $op eq 'close' ) {
- CloseInvoice($invoiceid);
+ output_and_exit( $input, $cookie, $template, 'insufficient_permission' )
+ unless $logged_in_patron->has_permission( { acquisition => 'edit_invoices' } );
+ my @invoiceid = $input->multi_param('invoiceid');
+ foreach my $invoiceid ( @invoiceid ) {
+ CloseInvoice($invoiceid);
+ }
my $referer = $input->param('referer');
if ($referer) {
print $input->redirect($referer);
elsif ( $op && $op eq 'reopen' ) {
output_and_exit( $input, $cookie, $template, 'insufficient_permission' )
unless $logged_in_patron->has_permission( { acquisition => 'reopen_closed_invoices' } );
-
- ReopenInvoice($invoiceid);
+ my @invoiceid = $input->multi_param('invoiceid');
+ foreach my $invoiceid ( @invoiceid ) {
+ ReopenInvoice($invoiceid);
+ }
my $referer = $input->param('referer');
if ($referer) {
print $input->redirect($referer);
ReopenInvoice($invoiceid)
if $logged_in_patron->has_permission( { acquisition => 'reopen_closed_invoices' } );
} elsif ($input->param('close')) {
+
+ output_and_exit( $input, $cookie, $template, 'insufficient_permission' )
+ unless $logged_in_patron->has_permission( { acquisition => 'edit_invoices' } );
+
CloseInvoice($invoiceid);
} elsif ($input->param('merge')) {
+
+ output_and_exit( $input, $cookie, $template, 'insufficient_permission' )
+ unless $logged_in_patron->has_permission( { acquisition => 'merge_invoices' } );
+
my @sources = $input->multi_param('merge');
MergeInvoices($invoiceid, \@sources);
defined($invoice_files) && $invoice_files->MergeFileRecIds(@sources);
}
}
elsif ( $op && $op eq 'del_adj' ) {
+
+ output_and_exit( $input, $cookie, $template, 'insufficient_permission' )
+ unless $logged_in_patron->has_permission( { acquisition => 'edit_invoices' } );
+
my $adjustment_id = $input->param('adjustment_id');
my $del_adj = Koha::Acquisition::Invoice::Adjustments->find( $adjustment_id );
$del_adj->delete() if ($del_adj);
}
elsif ( $op && $op eq 'mod_adj' ) {
+
+ output_and_exit( $input, $cookie, $template, 'insufficient_permission' )
+ unless $logged_in_patron->has_permission( { acquisition => 'edit_invoices' } );
+
my @adjustment_id = $input->multi_param('adjustment_id');
my @adjustment = $input->multi_param('adjustment');
my @reason = $input->multi_param('reason');
foreach my $r ( @{$budgets} ) {
next unless ( CanUserUseBudget( $loggedinuser, $r, $flags ) );
- if ( !defined $r->{budget_amount} || $r->{budget_amount} == 0 ) {
- next;
- }
-
my $selected = $shipmentcost_budgetid ? $r->{budget_id} eq $shipmentcost_budgetid : 0;
push @{$budget_loop},