return undef;
}
-
+sub fetch_billable_xact {
+ my( $self, $id ) = @_;
+ my($xact, $evt);
+ $logger->debug("Fetching billable transaction %id");
+ $xact = $self->storagereq(
+ 'open-ils.storage.direct.money.billable_transaction.retrieve', $id );
+ $evt = OpenILS::Event->new('TRANSACTION_NOT_FOUND') unless $xact;
+ return ($xact, $evt);
+}
use strict; use warnings;
use OpenILS::Application::AppUtils;
my $apputils = "OpenILS::Application::AppUtils";
+my $U = "OpenILS::Application::AppUtils";
use OpenSRF::EX qw(:try);
use OpenILS::Perm;
sub billing_items {
my( $self, $client, $login, $transid ) = @_;
- my( $staff, $evt ) = $apputils->checksesperm($login, 'VIEW_TRANSACTION');
+ my( $trans, $evt ) = $U->fetch_billable_xact($transid);
return $evt if $evt;
-# we need to grab the transaction by id and check the billing location
-# to determin the permissibility XXX
-
-# $evt = $apputils->check_perms($staff->id,
-# $transaction->billing_location, 'VIEW_TRANSACTION' );
-# return $evt if $evt;
+ my $staff;
+ ($staff, $evt ) = $apputils->checkses($login);
+ return $evt if $evt;
+ if($staff->id ne $trans->usr) {
+ $evt = $U->check_perms($staff->id, $staff->home_ou, 'VIEW_TRANSACTION');
+ return $evt if $evt;
+ }
+
return $apputils->simplereq( 'open-ils.storage',
'open-ils.storage.direct.money.billing.search.xact.atomic', $transid )
-
}
projects / Evergreen.git / commitdiff