Author: hansbak
Date: Fri Jun 22 04:04:50 2012
New Revision: 1352768
URL:
http://svn.apache.org/viewvc?rev=1352768&view=revLog:
allow ACCOUNTING_ADMIN also to do MANUAL_PAYMENT
Modified:
ofbiz/trunk/applications/accounting/data/AccountingSecurityPermissionSeedData.xml
ofbiz/trunk/applications/accounting/src/org/ofbiz/accounting/payment/PaymentGatewayServices.java
ofbiz/trunk/applications/accounting/webapp/accounting/payment/manualTx.ftl
ofbiz/trunk/applications/accounting/widget/AccountingMenus.xml
Modified: ofbiz/trunk/applications/accounting/data/AccountingSecurityPermissionSeedData.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/data/AccountingSecurityPermissionSeedData.xml?rev=1352768&r1=1352767&r2=1352768&view=diff==============================================================================
--- ofbiz/trunk/applications/accounting/data/AccountingSecurityPermissionSeedData.xml (original)
+++ ofbiz/trunk/applications/accounting/data/AccountingSecurityPermissionSeedData.xml Fri Jun 22 04:04:50 2012
@@ -70,7 +70,6 @@ under the License.
<SecurityGroupPermission groupId="SUPER" permissionId="ACCOUNTING_ADMIN"/>
<SecurityGroupPermission groupId="SUPER" permissionId="PAYPROC_ADMIN"/>
<SecurityGroupPermission groupId="SUPER" permissionId="PAY_INFO_ADMIN"/>
- <SecurityGroupPermission groupId="SUPER" permissionId="MANUAL_PAYMENT"/>
<SecurityGroupPermission groupId="SUPER" permissionId="ACCOUNTING_COMM_VIEW"/>
<SecurityGroupPermission groupId="SUPER" permissionId="ACCOUNTING_PRINT_CHECKS"/>
<SecurityGroupPermission groupId="SUPER" permissionId="ACCTG_PREF_ADMIN"/>
Modified: ofbiz/trunk/applications/accounting/src/org/ofbiz/accounting/payment/PaymentGatewayServices.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/src/org/ofbiz/accounting/payment/PaymentGatewayServices.java?rev=1352768&r1=1352767&r2=1352768&view=diff==============================================================================
--- ofbiz/trunk/applications/accounting/src/org/ofbiz/accounting/payment/PaymentGatewayServices.java (original)
+++ ofbiz/trunk/applications/accounting/src/org/ofbiz/accounting/payment/PaymentGatewayServices.java Fri Jun 22 04:04:50 2012
@@ -2995,7 +2995,7 @@ public class PaymentGatewayServices {
Security security = dctx.getSecurity();
// security check
- if (!security.hasEntityPermission("MANUAL", "_PAYMENT", userLogin)) {
+ if (!security.hasEntityPermission("MANUAL", "_PAYMENT", userLogin) && !security.hasEntityPermission("ACCOUNTING", "_ADMIN", userLogin)) {
Debug.logWarning("**** Security [" + (new Date()).toString() + "]: " + userLogin.get("userLoginId") + " attempt to run manual payment transaction!", module);
return ServiceUtil.returnError(UtilProperties.getMessage(resource,
"AccountingPaymentTransactionNotAuthorized", locale));
@@ -3130,7 +3130,7 @@ public class PaymentGatewayServices {
Delegator delegator = dctx.getDelegator();
Security security = dctx.getSecurity();
// security check
- if (!security.hasEntityPermission("MANUAL", "_PAYMENT", userLogin)) {
+ if (!security.hasEntityPermission("MANUAL", "_PAYMENT", userLogin) && !security.hasEntityPermission("MANUAL", "_PAYMENT", userLogin)) {
Debug.logWarning("**** Security [" + (new Date()).toString() + "]: " + userLogin.get("userLoginId") + " attempt to run manual payment transaction!", module);
return ServiceUtil.returnError(UtilProperties.getMessage(resource,
"AccountingPaymentTransactionNotAuthorized", locale));
Modified: ofbiz/trunk/applications/accounting/webapp/accounting/payment/manualTx.ftl
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/accounting/payment/manualTx.ftl?rev=1352768&r1=1352767&r2=1352768&view=diff==============================================================================
--- ofbiz/trunk/applications/accounting/webapp/accounting/payment/manualTx.ftl (original)
+++ ofbiz/trunk/applications/accounting/webapp/accounting/payment/manualTx.ftl Fri Jun 22 04:04:50 2012
@@ -20,7 +20,7 @@ under the License.
<h1>${uiLabelMap.AccountingManualTransaction}</h1>
<br />
-<#if security.hasEntityPermission("MANUAL", "_PAYMENT", session)>
+<#if security.hasEntityPermission("MANUAL", "_PAYMENT", session) || security.hasEntityPermission("ACCOUNTING", "_ADMIN", session)>
${setRequestAttribute("validTx", "false")}
<form name="manualTxForm" method="post" action="<@ofbizUrl>manualETx</@ofbizUrl>">
<#if requestParameters.paymentMethodId?exists>
Modified: ofbiz/trunk/applications/accounting/widget/AccountingMenus.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/widget/AccountingMenus.xml?rev=1352768&r1=1352767&r2=1352768&view=diff==============================================================================
--- ofbiz/trunk/applications/accounting/widget/AccountingMenus.xml (original)
+++ ofbiz/trunk/applications/accounting/widget/AccountingMenus.xml Fri Jun 22 04:04:50 2012
@@ -27,7 +27,10 @@ under the License.
<menu-item name="PaymentGroup" title="${uiLabelMap.AccountingPaymentGroup}"><link target="FindPaymentGroup"/></menu-item>
<menu-item name="transaction" title="${uiLabelMap.AccountingTransactions}">
<condition>
+ <or>
<if-has-permission permission="MANUAL" action="_PAYMENT"/>
+ <if-has-permission permission="ACCOUNTING" action="_ADMIN"/>
+ </or>
</condition>
<link target="FindGatewayResponses"/>
</menu-item>
Locked
