use Modern::Perl;
use CGI;
-use C4::Auth;
-use C4::Output;
+use C4::Auth qw( get_template_and_user );
+use C4::Output qw( output_html_with_http_headers );
use C4::Context;
use Koha::Cash::Registers;
query => $input,
type => 'intranet',
authnotrequired => 0,
+ flagsrequired => { cash_management => [ 'cashup', 'anonymous_refund' ] },
}
);
my $logged_in_user = Koha::Patrons->find($loggedinuser) or die "Not logged in";
my $op = $input->param('op') // '';
if ( $op eq 'cashup' ) {
- my $registerid = $input->param('registerid');
- if ($registerid) {
- my $register = Koha::Cash::Registers->find( { id => $registerid } );
- $register->add_cashup(
- {
- manager_id => $logged_in_user->id,
- amount => $register->outstanding_accountlines->total
- }
- );
- }
- else {
- for my $register ( $registers->as_list ) {
+ if ( $logged_in_user->has_permission( { cash_management => 'cashup' } ) ) {
+ my $registerid = $input->param('registerid');
+ if ($registerid) {
+ my $register = Koha::Cash::Registers->find( { id => $registerid } );
$register->add_cashup(
{
manager_id => $logged_in_user->id,
}
);
}
+ else {
+ for my $register ( $registers->as_list ) {
+ $register->add_cashup(
+ {
+ manager_id => $logged_in_user->id,
+ amount => $register->outstanding_accountlines->total
+ }
+ );
+ }
+ }
+ }
+ else {
+ $template->param( error_cashup_permission => 1 );
}
}