From 1315103a7d4ed62f16d15bd6246fe4301a7282d1 Mon Sep 17 00:00:00 2001 From: Patrick Gansterer Date: Wed, 17 Feb 2016 21:07:35 +0100 Subject: [PATCH] Add role_invoices This new role allows users to create invoices without role_finance. Users can then only modify their own created invoices until somebody with the role_finance sets the paid_on value. --- app/assets/images/role-invoices.png | Bin 0 -> 627 bytes .../finance/invoices_controller.rb | 21 +++++++++++++----- app/helpers/application_helper.rb | 2 +- app/models/invoice.rb | 4 ++++ app/models/user.rb | 7 +++++- app/views/admin/workgroups/_form.html.haml | 1 + app/views/finance/invoices/_form.html.haml | 3 ++- .../finance/invoices/_invoices.html.haml | 10 ++++++--- app/views/finance/invoices/show.html.haml | 3 ++- app/views/ordergroups/edit.html.haml | 4 ++++ app/views/ordergroups/index.html.haml | 2 ++ app/views/workgroups/edit.html.haml | 4 ++++ app/views/workgroups/index.html.haml | 2 ++ config/locales/de.yml | 2 ++ config/locales/en.yml | 2 ++ config/locales/fr.yml | 8 ++++--- config/locales/nl.yml | 2 ++ config/navigation.rb | 8 +++---- ...160217194036_add_role_invoices_to_group.rb | 5 +++++ db/schema.rb | 3 ++- 20 files changed, 73 insertions(+), 20 deletions(-) create mode 100644 app/assets/images/role-invoices.png create mode 100644 db/migrate/20160217194036_add_role_invoices_to_group.rb diff --git a/app/assets/images/role-invoices.png b/app/assets/images/role-invoices.png new file mode 100644 index 0000000000000000000000000000000000000000..bb78f2ad76e7dc0fe457e38c38c3428ad4264274 GIT binary patch literal 627 zcmV-(0*w8MP)Px%ElET{R9Fe^mcL6@Q5eTfDo`rWRU8C&kqiQnz>qfo0Fe;XMTfQ!8zdFcW}!9I z6hs^pTpC<-&`k$*(j^*FXfZ>I^z(f^*Z25(?tSiy_tnKOeD8Vgd4BSoANQ7(T}2PC z+wiPJRBYu4qK(;7B`%DsTsb_91jbe;pD=#(=Cc%s2v!M|>ze}m1(a(7{DGfxQudGc zgj4}huDp&~~ z*No5MPdEopp@|7B^wBu-EN9(Z;m0KO-sSvi3w(4RL{Mz`DpwBH9{7UQuM5+}=O)@! zXK~0l?PPUk-pS?=>VWA~q`|cgSbN|l3C5tc2X?R-gi7!T4#O7s0}eoS!bGS88+e7* zJ2dyfWq4KKGv#G2x&ys9>l^;m3lb95fk~%WXM6{B64ZfF7z=9&^bgk$ExTiEqNAoS zpsww&P(L>(Fc#J+=*Cm0K&?ySF8X>XJcDac_TOPMjD=M|JDv|>z4MAX#0K|T!x;TH zR3U3m#KLNA2c9aTA~wQ>;(%e**{BMAW3TR4a&tR*l5+|=N{ zfIIJizX_vnxpus6zfvGNO;N5ZIofzTyCo`D5IxN5`Ylx literal 0 HcmV?d00001 diff --git a/app/controllers/finance/invoices_controller.rb b/app/controllers/finance/invoices_controller.rb index a21d2f96..5b0dda36 100644 --- a/app/controllers/finance/invoices_controller.rb +++ b/app/controllers/finance/invoices_controller.rb @@ -1,11 +1,13 @@ class Finance::InvoicesController < ApplicationController + before_filter :find_invoice, only: [:show, :edit, :update, :destroy] + before_filter :ensure_can_edit, only: [:edit, :update, :destroy] + def index @invoices = Invoice.includes(:supplier, :deliveries, :orders).order('date DESC').page(params[:page]).per(@per_page) end def show - @invoice = Invoice.find(params[:id]) end def new @@ -15,7 +17,6 @@ class Finance::InvoicesController < ApplicationController end def edit - @invoice = Invoice.find(params[:id]) end def create @@ -36,8 +37,6 @@ class Finance::InvoicesController < ApplicationController end def update - @invoice = Invoice.find(params[:id]) - if @invoice.update_attributes(params[:invoice]) redirect_to [:finance, @invoice], notice: I18n.t('finance.update.notice') else @@ -46,9 +45,21 @@ class Finance::InvoicesController < ApplicationController end def destroy - @invoice = Invoice.find(params[:id]) @invoice.destroy redirect_to finance_invoices_url end + + private + + def find_invoice + @invoice = Invoice.find(params[:id]) + end + + # Returns true if @current_user can edit the invoice.. + def ensure_can_edit + unless @invoice.user_can_edit?(current_user) + deny_access + end + end end diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index b739f1ce..fdb8ae42 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -150,7 +150,7 @@ module ApplicationHelper end def format_roles(record, icon=false) - roles = %w(suppliers article_meta orders finance admin) + roles = %w(suppliers article_meta orders finance invoices admin) roles.select! {|role| record.send "role_#{role}?"} names = Hash[roles.map{|r| [r, I18n.t("helpers.application.role_#{r}")]}] if icon diff --git a/app/models/invoice.rb b/app/models/invoice.rb index 0491e153..3f910f80 100644 --- a/app/models/invoice.rb +++ b/app/models/invoice.rb @@ -13,6 +13,10 @@ class Invoice < ActiveRecord::Base # Replace numeric seperator with database format localize_input_of :amount, :deposit, :deposit_credit + def user_can_edit?(user) + user.role_finance? || (user.role_invoices? && !self.paid_on && self.created_by.id == user.id) + end + # Amount without deposit def net_amount amount - deposit + deposit_credit diff --git a/app/models/user.rb b/app/models/user.rb index 0300f7c2..e0164e1c 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -143,7 +143,12 @@ class User < ActiveRecord::Base def role_finance? groups.detect {|group| group.role_finance?} end - + + # Checks the invoices role + def role_invoices? + groups.detect {|group| group.role_invoices?} + end + # Checks the article_meta role def role_article_meta? groups.detect {|group| group.role_article_meta?} diff --git a/app/views/admin/workgroups/_form.html.haml b/app/views/admin/workgroups/_form.html.haml index 3832e380..ec27c2f9 100644 --- a/app/views/admin/workgroups/_form.html.haml +++ b/app/views/admin/workgroups/_form.html.haml @@ -6,6 +6,7 @@ = f.input :role_article_meta = f.input :role_orders = f.input :role_finance + = f.input :role_invoices = f.input :role_admin = render 'shared/group_form_fields', :f => f, captured: captured .form-actions diff --git a/app/views/finance/invoices/_form.html.haml b/app/views/finance/invoices/_form.html.haml index 2b305756..f2592c9d 100644 --- a/app/views/finance/invoices/_form.html.haml +++ b/app/views/finance/invoices/_form.html.haml @@ -15,7 +15,8 @@ = f.association :supplier, hint: false = f.input :number = f.input :date, as: :date_picker - = f.input :paid_on, as: :date_picker + - if current_user.role_finance? + = f.input :paid_on, as: :date_picker = f.input :amount, as: :string = f.input :deposit, as: :string = f.input :deposit_credit, as: :string diff --git a/app/views/finance/invoices/_invoices.html.haml b/app/views/finance/invoices/_invoices.html.haml index 830eb0e2..fe995bd3 100644 --- a/app/views/finance/invoices/_invoices.html.haml +++ b/app/views/finance/invoices/_invoices.html.haml @@ -32,6 +32,10 @@ = ', ' if index > 0 = link_to format_date(order.ends), new_finance_order_path(order_id: order) %td= truncate(invoice.note) - %td= link_to t('ui.edit'), edit_finance_invoice_path(invoice), class: 'btn btn-mini' - %td= link_to t('ui.delete'), finance_invoice_path(invoice), :data => {:confirm => t('.confirm_delete')}, :method => :delete, - class: 'btn btn-danger btn-mini' + %td + - if invoice.user_can_edit?(current_user) + = link_to t('ui.edit'), edit_finance_invoice_path(invoice), class: 'btn btn-mini' + %td + - if invoice.user_can_edit?(current_user) + = link_to t('ui.delete'), finance_invoice_path(invoice), :data => {:confirm => t('.confirm_delete')}, :method => :delete, + class: 'btn btn-danger btn-mini' diff --git a/app/views/finance/invoices/show.html.haml b/app/views/finance/invoices/show.html.haml index 748de7f4..2912361d 100644 --- a/app/views/finance/invoices/show.html.haml +++ b/app/views/finance/invoices/show.html.haml @@ -47,5 +47,6 @@ %b= heading_helper(Invoice, :note) + ':' =h @invoice.note -= link_to t('ui.edit'), edit_finance_invoice_path(@invoice) +- if @invoice.user_can_edit?(current_user) + = link_to t('ui.edit'), edit_finance_invoice_path(@invoice) = link_to t('ui.or_cancel'), finance_invoices_path diff --git a/app/views/ordergroups/edit.html.haml b/app/views/ordergroups/edit.html.haml index 7fec2484..1cba43e6 100644 --- a/app/views/ordergroups/edit.html.haml +++ b/app/views/ordergroups/edit.html.haml @@ -41,6 +41,10 @@ = f.label :role_finance %br/ = f.check_box :role_finance + %p + = f.label :role_invoices + %br/ + = f.check_box :role_invoices %p = f.label :role_orders %br/ diff --git a/app/views/ordergroups/index.html.haml b/app/views/ordergroups/index.html.haml index 35c1b4ac..5b63e261 100644 --- a/app/views/ordergroups/index.html.haml +++ b/app/views/ordergroups/index.html.haml @@ -11,6 +11,7 @@ %th Role Suppliers %th Role Article Meta %th Role Finance + %th Role Invoices %th Role Orders %th Deleted At %th Contact Person @@ -28,6 +29,7 @@ %td= h ordergroup.role_suppliers %td= h ordergroup.role_article_meta %td= h ordergroup.role_finance + %td= h ordergroup.role_invoices %td= h ordergroup.role_orders %td= h ordergroup.deleted_at %td= h ordergroup.contact_person diff --git a/app/views/workgroups/edit.html.haml b/app/views/workgroups/edit.html.haml index 896c8a91..5fed3104 100644 --- a/app/views/workgroups/edit.html.haml +++ b/app/views/workgroups/edit.html.haml @@ -41,6 +41,10 @@ = f.label :role_finance %br/ = f.check_box :role_finance + %p + = f.label :role_invoices + %br/ + = f.check_box :role_invoices %p = f.label :role_orders %br/ diff --git a/app/views/workgroups/index.html.haml b/app/views/workgroups/index.html.haml index ed688695..00094af6 100644 --- a/app/views/workgroups/index.html.haml +++ b/app/views/workgroups/index.html.haml @@ -11,6 +11,7 @@ %th Role Suppliers %th Role Article Meta %th Role Finance + %th Role Invoices %th Role Orders %th Deleted At %th Contact Person @@ -28,6 +29,7 @@ %td= h workgroup.role_suppliers %td= h workgroup.role_article_meta %td= h workgroup.role_finance + %td= h workgroup.role_invoices %td= h workgroup.role_orders %td= h workgroup.deleted_at %td= h workgroup.contact_person diff --git a/config/locales/de.yml b/config/locales/de.yml index 8950c7ff..9908a9e0 100644 --- a/config/locales/de.yml +++ b/config/locales/de.yml @@ -169,6 +169,7 @@ de: role_admin: Administration role_article_meta: Artikeldatenbank role_finance: Finanzen + role_invoices: Rechnungen role_orders: Bestellverwaltung role_suppliers: Lieferanten user_tokens: Mitglieder @@ -900,6 +901,7 @@ de: role_admin: Admin role_article_meta: Artikel role_finance: Finanzen + role_invoices: Rechnungen role_orders: Bestellung role_suppliers: Lieferanten show_google_maps: Show it on Google maps diff --git a/config/locales/en.yml b/config/locales/en.yml index 3ddc80b9..112ba2be 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -170,6 +170,7 @@ en: role_admin: Administration role_article_meta: Article database role_finance: Finances + role_invoices: Invoices role_orders: Order management role_suppliers: Suppliers user_tokens: Members @@ -913,6 +914,7 @@ en: role_admin: Admin role_article_meta: Articles role_finance: Finance + role_invoices: Invoices role_orders: Orders role_suppliers: Suppliers show_google_maps: Show it on Google maps diff --git a/config/locales/fr.yml b/config/locales/fr.yml index fc31d566..e649fdf9 100644 --- a/config/locales/fr.yml +++ b/config/locales/fr.yml @@ -169,6 +169,7 @@ fr: role_admin: Administration role_article_meta: Base de données des produits role_finance: Trésorerie + role_invoices: Facture role_orders: Gestion des commandes role_suppliers: Contact avec les fournisseur-e-s user_tokens: Membres @@ -178,12 +179,12 @@ fr: article: attributes: name: - taken: - taken_with_unit: + taken: + taken_with_unit: supplier: attributes: shared_sync_method: - included: + included: task: attributes: done: @@ -906,6 +907,7 @@ fr: role_admin: Administrateur role_article_meta: Article role_finance: Finances + role_invoices: Facture role_orders: Commande role_suppliers: Fournisseur-e show_google_maps: Afficher la position sur Google maps diff --git a/config/locales/nl.yml b/config/locales/nl.yml index f10f1546..fa8f793c 100644 --- a/config/locales/nl.yml +++ b/config/locales/nl.yml @@ -169,6 +169,7 @@ nl: role_admin: Beheer role_article_meta: Artikelen role_finance: Financiën + role_invoices: Facturen role_orders: Bestellingen role_suppliers: Leveranciers user_tokens: Leden @@ -900,6 +901,7 @@ nl: role_admin: Admin role_article_meta: Artikelen role_finance: Financiën + role_invoices: Facturen role_orders: Bestelling role_suppliers: Leveranciers show_google_maps: Op Google maps bekijken diff --git a/config/navigation.rb b/config/navigation.rb index dd5d1f17..42e0b337 100644 --- a/config/navigation.rb +++ b/config/navigation.rb @@ -33,10 +33,10 @@ SimpleNavigation::Configuration.run do |navigation| subnav.item :categories, I18n.t('navigation.articles.categories'), article_categories_path end - primary.item :finance, I18n.t('navigation.finances.title'), '#', if: Proc.new { current_user.role_finance? } do |subnav| - subnav.item :finance_home, I18n.t('navigation.finances.home'), finance_root_path - subnav.item :accounts, I18n.t('navigation.finances.accounts'), finance_ordergroups_path - subnav.item :balancing, I18n.t('navigation.finances.balancing'), finance_order_index_path + primary.item :finance, I18n.t('navigation.finances.title'), '#', if: Proc.new { current_user.role_finance? || current_user.role_invoices? } do |subnav| + subnav.item :finance_home, I18n.t('navigation.finances.home'), finance_root_path, if: Proc.new { current_user.role_finance? } + subnav.item :accounts, I18n.t('navigation.finances.accounts'), finance_ordergroups_path, if: Proc.new { current_user.role_finance? } + subnav.item :balancing, I18n.t('navigation.finances.balancing'), finance_order_index_path, if: Proc.new { current_user.role_finance? } subnav.item :invoices, I18n.t('navigation.finances.invoices'), finance_invoices_path end diff --git a/db/migrate/20160217194036_add_role_invoices_to_group.rb b/db/migrate/20160217194036_add_role_invoices_to_group.rb new file mode 100644 index 00000000..e194db84 --- /dev/null +++ b/db/migrate/20160217194036_add_role_invoices_to_group.rb @@ -0,0 +1,5 @@ +class AddRoleInvoicesToGroup < ActiveRecord::Migration + def change + add_column :groups, :role_invoices, :boolean, :default => false, :null => false + end +end diff --git a/db/schema.rb b/db/schema.rb index edffedda..983e6992 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20160217134742) do +ActiveRecord::Schema.define(version: 20160217194036) do create_table "article_categories", force: :cascade do |t| t.string "name", limit: 255, default: "", null: false @@ -140,6 +140,7 @@ ActiveRecord::Schema.define(version: 20160217134742) do t.text "stats", limit: 65535 t.integer "next_weekly_tasks_number", limit: 4, default: 8 t.boolean "ignore_apple_restriction", default: false + t.boolean "role_invoices", default: false, null: false end add_index "groups", ["name"], name: "index_groups_on_name", unique: true, using: :btree