[interchange-cvs] interchange - jon modified 3 files
interchange-core@interchange.redhat.com
interchange-core@interchange.redhat.com
Wed Nov 21 23:25:01 2001
User: jon
Date: 2001-11-22 04:24:02 GMT
Modified: dist/lib/UI/pages/admin order.html order_view.html
Modified: dist/lib/UI/pages/include order_delete_archive
Log:
Check for delete permissions before giving option and/or allowing delete
of orders. Resolves bug #333. Thanks to Donal Harrington and Mark Johnson
for pointing this out.
Revision Changes Path
2.5 +6 -2 interchange/dist/lib/UI/pages/admin/order.html
rev 2.5, prev_rev 2.4
Index: order.html
===================================================================
RCS file: /var/cvs/interchange/dist/lib/UI/pages/admin/order.html,v
retrieving revision 2.4
retrieving revision 2.5
diff -u -u -r2.4 -r2.5
--- order.html 2001/08/16 18:07:24 2.4
+++ order.html 2001/11/22 04:24:02 2.5
@@ -50,6 +50,8 @@
[bounce page="__UI_BASE__/error"]
[/if-mm]
+[tmp can_delete][if-mm advanced order=d]1[/if-mm][/tmp]
+
[include include/order_delete_archive]
[calc]
@@ -231,6 +233,7 @@
[scratch archive_nm]order=1
order=[item-code]
"]<IMG SRC="[scratch archive_img]" HEIGHT=10 WIDTH=11 ALT="[scratch archive_nm] [item-code]" BORDER=0></A>
+[if scratch can_delete]
<A HREF="[area
href='@@MV_PAGE@@'
form='
@@ -238,6 +241,7 @@
order=[item-code]
']"
onClick="return confirm('Are you sure you want to delete order [item-code]?')"><IMG src="delsm.gif" ALT="DELETE [item-code]" BORDER=0></A>
+[/if]
</TD>
<TD>[page href=__UI_BASE__/order_view form="order=[item-code]"][item-code]</A></TD>
<TD>
@@ -269,11 +273,11 @@
</tr>
[/more-list]
</table>
-[if-mm advanced order=d]
+[if scratch can_delete]
[button form=batch text="[L]Delete checked orders[/L]"
confirm='[L]Are you sure you want to delete the checked orders?[/L]']deleteorder=1
[/button]
-[/if-mm]
+[/if]
[button form=batch src="[scratch archive_img]"
text=`
my $tmp = "$Scratch->{archive_nm} checked orders";
2.3 +2 -0 interchange/dist/lib/UI/pages/admin/order_view.html
rev 2.3, prev_rev 2.2
Index: order_view.html
===================================================================
RCS file: /var/cvs/interchange/dist/lib/UI/pages/admin/order_view.html,v
retrieving revision 2.2
retrieving revision 2.3
diff -u -u -r2.2 -r2.3
--- order_view.html 2001/08/22 13:29:12 2.2
+++ order_view.html 2001/11/22 04:24:02 2.3
@@ -387,8 +387,10 @@
<input type=submit name="archiveorder" value="[L]Archive order and view next[/L]">
[/else]
[/if-loop-data]
+[if-mm advanced order=d]
<input type=submit name="deleteorder" value="[L]Delete order and view next[/L]"
onClick="return confirm('[L]Are you sure you want to delete this order?[/L]')">
+[/if-mm]
</form>
</SMALL>
1.2 +1 -1 interchange/dist/lib/UI/pages/include/order_delete_archive
rev 1.2, prev_rev 1.1
Index: order_delete_archive
===================================================================
RCS file: /var/cvs/interchange/dist/lib/UI/pages/include/order_delete_archive,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -u -r1.1 -r1.2
--- order_delete_archive 2001/08/10 00:17:27 1.1
+++ order_delete_archive 2001/11/22 04:24:02 1.2
@@ -18,7 +18,7 @@
$value = 0;
$action_col = 'archived';
}
- elsif($CGI->{deleteorder}) {
+ elsif($CGI->{deleteorder} and $Scratch->{can_delete}) {
$value = 1;
$action_col = 'deleted';
}