Hi Guys. Does anyone know if there is an idiot-proof way to block certain roles from viewing invoices. I need some users to view the order page to get some information from it, but I don't want them to see the full order or invoice. I have restricted the panels which are displayed on the view order page (which is great), but can't get rid of the "Invoice" tab.
Is this a function that could be easily added to the user permissions page? Maybe it would allow you to choose who can see invoices alongside the other permission to allow users to view orders.
I've tried Tab Tamer, but that doesn't offer the functionality to do this... I just wondered if you guys might have a better idea. Thanks in advance!
Comment | File | Size | Author |
---|---|---|---|
#6 | 1667674-view-invoice-permission-6.patch | 4.56 KB | longwave |
#4 | 1667674-view-invoice-permission.patch | 2.84 KB | longwave |
Comments
Comment #1
cockers CreditAttribution: cockers commentedActually, it turns out that I was wrong. If anyone else wants to do this all you need to do is install tab tamer, turn on the admin tabs, and then refresh the cache. After that you get access to all of the Ubercart tabs as well as the others.
Although this is fine for now. Would it be possible to add the permissions I asked about before? That would be a little less messy...
Comment #2
longwaveThere is a checkbox for this at /admin/store/settings/orders but it should be changed into a permission.
Comment #3
TR CreditAttribution: TR commentedLet's change this in 7.x-3.x first.
Comment #4
longwaveThis patch converts the checkbox to a permission, and adds the permission to authenticated user if the checkbox was previously set.
Comment #5
longwave/user/%user/orders/%uc_order/invoice and /user/%user/orders/%uc_order/print paths should be changed to use the new permission.
Comment #6
longwaveImproved uc_order_can_view_order() to handle 'view own invoices', and added some explanatory comments.
Comment #7
longwaveCommitted #6.