Add role_invoices

This new role allows users to create invoices without role_finance. Users can then only modify their own created invoices until somebody with the role_finance sets the paid_on value.
2016-02-17 21:07:35 +01:00 · 2016-02-17 21:07:35 +01:00 · 1315103a7d
parent 273969ac90
commit 1315103a7d
20 changed files with 73 additions and 20 deletions
--- a/app/assets/images/role-invoices.png
+++ b/app/assets/images/role-invoices.png
--- a/app/controllers/finance/invoices_controller.rb
+++ b/app/controllers/finance/invoices_controller.rb
@ -1,11 +1,13 @@
 class Finance::InvoicesController < ApplicationController
  before_filter :find_invoice, only: [:show, :edit, :update, :destroy]
  before_filter :ensure_can_edit, only: [:edit, :update, :destroy]
  def index
    @invoices = Invoice.includes(:supplier, :deliveries, :orders).order('date DESC').page(params[:page]).per(@per_page)
  end
  def show
    @invoice = Invoice.find(params[:id])
  end
  def new
@ -15,7 +17,6 @@ class Finance::InvoicesController < ApplicationController
  end
  def edit
    @invoice = Invoice.find(params[:id])
  end
  def create
@ -36,8 +37,6 @@ class Finance::InvoicesController < ApplicationController
  end
  def update
    @invoice = Invoice.find(params[:id])
    if @invoice.update_attributes(params[:invoice])
      redirect_to [:finance, @invoice], notice: I18n.t('finance.update.notice')
    else
@ -46,9 +45,21 @@ class Finance::InvoicesController < ApplicationController
  end
  def destroy
    @invoice = Invoice.find(params[:id])
    @invoice.destroy
    redirect_to finance_invoices_url
  end
  private
  def find_invoice
    @invoice = Invoice.find(params[:id])
  end
  # Returns true if @current_user can edit the invoice..
  def ensure_can_edit
    unless @invoice.user_can_edit?(current_user)
      deny_access
    end
  end
 end
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -150,7 +150,7 @@ module ApplicationHelper
  end
  def format_roles(record, icon=false)
-    roles = %w(suppliers article_meta orders finance admin)
+    roles = %w(suppliers article_meta orders finance invoices admin)
    roles.select! {|role| record.send "role_#{role}?"}
    names = Hash[roles.map{|r| [r, I18n.t("helpers.application.role_#{r}")]}]
    if icon
--- a/app/models/invoice.rb
+++ b/app/models/invoice.rb
@ -13,6 +13,10 @@ class Invoice < ActiveRecord::Base
  # Replace numeric seperator with database format
  localize_input_of :amount, :deposit, :deposit_credit
  def user_can_edit?(user)
    user.role_finance? || (user.role_invoices? && !self.paid_on && self.created_by.id == user.id)
  end
  # Amount without deposit
  def net_amount
    amount - deposit + deposit_credit
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -143,7 +143,12 @@ class User < ActiveRecord::Base
  def role_finance?
    groups.detect {|group| group.role_finance?}
  end
-  
+
  # Checks the invoices role
  def role_invoices?
    groups.detect {|group| group.role_invoices?}
  end
  # Checks the article_meta role
  def role_article_meta?
    groups.detect {|group| group.role_article_meta?}
--- a/app/views/admin/workgroups/_form.html.haml
+++ b/app/views/admin/workgroups/_form.html.haml
@ -6,6 +6,7 @@
    = f.input :role_article_meta
    = f.input :role_orders
    = f.input :role_finance
    = f.input :role_invoices
    = f.input :role_admin
  = render 'shared/group_form_fields', :f => f, captured: captured
  .form-actions
--- a/app/views/finance/invoices/_form.html.haml
+++ b/app/views/finance/invoices/_form.html.haml
@ -15,7 +15,8 @@
  = f.association :supplier, hint: false
  = f.input :number
  = f.input :date, as: :date_picker
-  = f.input :paid_on, as: :date_picker
+  - if current_user.role_finance?
    = f.input :paid_on, as: :date_picker
  = f.input :amount, as: :string
  = f.input :deposit, as: :string
  = f.input :deposit_credit, as: :string
--- a/app/views/finance/invoices/_invoices.html.haml
+++ b/app/views/finance/invoices/_invoices.html.haml
@ -32,6 +32,10 @@
            = ', ' if index > 0
            = link_to format_date(order.ends), new_finance_order_path(order_id: order)
        %td= truncate(invoice.note)
-        %td= link_to t('ui.edit'), edit_finance_invoice_path(invoice), class: 'btn btn-mini'
+        %td
-        %td= link_to t('ui.delete'), finance_invoice_path(invoice), :data => {:confirm => t('.confirm_delete')}, :method => :delete,
+          - if invoice.user_can_edit?(current_user)
-          class: 'btn btn-danger btn-mini'
+            = link_to t('ui.edit'), edit_finance_invoice_path(invoice), class: 'btn btn-mini'
        %td
          - if invoice.user_can_edit?(current_user)
            = link_to t('ui.delete'), finance_invoice_path(invoice), :data => {:confirm => t('.confirm_delete')}, :method => :delete,
            class: 'btn btn-danger btn-mini'
--- a/app/views/finance/invoices/show.html.haml
+++ b/app/views/finance/invoices/show.html.haml
@ -47,5 +47,6 @@
  %b= heading_helper(Invoice, :note) + ':'
  =h @invoice.note
-= link_to t('ui.edit'), edit_finance_invoice_path(@invoice)
+- if @invoice.user_can_edit?(current_user)
  = link_to t('ui.edit'), edit_finance_invoice_path(@invoice)
 = link_to t('ui.or_cancel'), finance_invoices_path
--- a/app/views/ordergroups/edit.html.haml
+++ b/app/views/ordergroups/edit.html.haml
@ -41,6 +41,10 @@
    = f.label :role_finance
    %br/
    = f.check_box :role_finance
  %p
    = f.label :role_invoices
    %br/
    = f.check_box :role_invoices
  %p
    = f.label :role_orders
    %br/
--- a/app/views/ordergroups/index.html.haml
+++ b/app/views/ordergroups/index.html.haml
@ -11,6 +11,7 @@
    %th Role Suppliers
    %th Role Article Meta
    %th Role Finance
    %th Role Invoices
    %th Role Orders
    %th Deleted At
    %th Contact Person
@ -28,6 +29,7 @@
      %td= h ordergroup.role_suppliers
      %td= h ordergroup.role_article_meta
      %td= h ordergroup.role_finance
      %td= h ordergroup.role_invoices
      %td= h ordergroup.role_orders
      %td= h ordergroup.deleted_at
      %td= h ordergroup.contact_person
--- a/app/views/workgroups/edit.html.haml
+++ b/app/views/workgroups/edit.html.haml
@ -41,6 +41,10 @@
    = f.label :role_finance
    %br/
    = f.check_box :role_finance
  %p
    = f.label :role_invoices
    %br/
    = f.check_box :role_invoices
  %p
    = f.label :role_orders
    %br/
--- a/app/views/workgroups/index.html.haml
+++ b/app/views/workgroups/index.html.haml
@ -11,6 +11,7 @@
    %th Role Suppliers
    %th Role Article Meta
    %th Role Finance
    %th Role Invoices
    %th Role Orders
    %th Deleted At
    %th Contact Person
@ -28,6 +29,7 @@
      %td= h workgroup.role_suppliers
      %td= h workgroup.role_article_meta
      %td= h workgroup.role_finance
      %td= h workgroup.role_invoices
      %td= h workgroup.role_orders
      %td= h workgroup.deleted_at
      %td= h workgroup.contact_person
--- a/config/locales/de.yml
+++ b/config/locales/de.yml
@ -169,6 +169,7 @@ de:
        role_admin: Administration
        role_article_meta: Artikeldatenbank
        role_finance: Finanzen
        role_invoices: Rechnungen
        role_orders: Bestellverwaltung
        role_suppliers: Lieferanten
        user_tokens: Mitglieder
@ -900,6 +901,7 @@ de:
      role_admin: Admin
      role_article_meta: Artikel
      role_finance: Finanzen
      role_invoices: Rechnungen
      role_orders: Bestellung
      role_suppliers: Lieferanten
      show_google_maps: Show it on Google maps
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -170,6 +170,7 @@ en:
        role_admin: Administration
        role_article_meta: Article database
        role_finance: Finances
        role_invoices: Invoices
        role_orders: Order management
        role_suppliers: Suppliers
        user_tokens: Members
@ -913,6 +914,7 @@ en:
      role_admin: Admin
      role_article_meta: Articles
      role_finance: Finance
      role_invoices: Invoices
      role_orders: Orders
      role_suppliers: Suppliers
      show_google_maps: Show it on Google maps
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@ -169,6 +169,7 @@ fr:
        role_admin: Administration
        role_article_meta: Base de données des produits
        role_finance: Trésorerie
        role_invoices: Facture
        role_orders: Gestion des commandes
        role_suppliers: Contact avec les fournisseur-e-s
        user_tokens: Membres
@ -178,12 +179,12 @@ fr:
        article:
          attributes:
            name:
-              taken: 
+              taken:
-              taken_with_unit: 
+              taken_with_unit:
        supplier:
          attributes:
            shared_sync_method:
-              included: 
+              included:
        task:
          attributes:
            done:
@ -906,6 +907,7 @@ fr:
      role_admin: Administrateur
      role_article_meta: Article
      role_finance: Finances
      role_invoices: Facture
      role_orders: Commande
      role_suppliers: Fournisseur-e
      show_google_maps: Afficher la position sur Google maps
--- a/config/locales/nl.yml
+++ b/config/locales/nl.yml
@ -169,6 +169,7 @@ nl:
        role_admin: Beheer
        role_article_meta: Artikelen
        role_finance: Financiën
        role_invoices: Facturen
        role_orders: Bestellingen
        role_suppliers: Leveranciers
        user_tokens: Leden
@ -900,6 +901,7 @@ nl:
      role_admin: Admin
      role_article_meta: Artikelen
      role_finance: Financiën
      role_invoices: Facturen
      role_orders: Bestelling
      role_suppliers: Leveranciers
      show_google_maps: Op Google maps bekijken
--- a/config/navigation.rb
+++ b/config/navigation.rb
@ -33,10 +33,10 @@ SimpleNavigation::Configuration.run do |navigation|
      subnav.item :categories, I18n.t('navigation.articles.categories'), article_categories_path
    end
-    primary.item :finance, I18n.t('navigation.finances.title'), '#', if: Proc.new { current_user.role_finance? } do |subnav|
+    primary.item :finance, I18n.t('navigation.finances.title'), '#', if: Proc.new { current_user.role_finance? || current_user.role_invoices? } do |subnav|
-      subnav.item :finance_home, I18n.t('navigation.finances.home'), finance_root_path
+      subnav.item :finance_home, I18n.t('navigation.finances.home'), finance_root_path, if: Proc.new { current_user.role_finance? }
-      subnav.item :accounts, I18n.t('navigation.finances.accounts'), finance_ordergroups_path
+      subnav.item :accounts, I18n.t('navigation.finances.accounts'), finance_ordergroups_path, if: Proc.new { current_user.role_finance? }
-      subnav.item :balancing, I18n.t('navigation.finances.balancing'), finance_order_index_path
+      subnav.item :balancing, I18n.t('navigation.finances.balancing'), finance_order_index_path, if: Proc.new { current_user.role_finance? }
      subnav.item :invoices, I18n.t('navigation.finances.invoices'), finance_invoices_path
    end
--- a/db/migrate/20160217194036_add_role_invoices_to_group.rb
+++ b/db/migrate/20160217194036_add_role_invoices_to_group.rb
@ -0,0 +1,5 @@
 class AddRoleInvoicesToGroup < ActiveRecord::Migration
  def change
    add_column :groups, :role_invoices, :boolean, :default => false, :null => false
  end
 end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20160217134742) do
+ActiveRecord::Schema.define(version: 20160217194036) do
  create_table "article_categories", force: :cascade do |t|
    t.string "name",        limit: 255, default: "", null: false
@ -140,6 +140,7 @@ ActiveRecord::Schema.define(version: 20160217134742) do
    t.text     "stats",                    limit: 65535
    t.integer  "next_weekly_tasks_number", limit: 4,                              default: 8
    t.boolean  "ignore_apple_restriction",                                        default: false
    t.boolean  "role_invoices",                                                   default: false, null: false
  end
  add_index "groups", ["name"], name: "index_groups_on_name", unique: true, using: :btree