From 4d49cb029f3873172e323635845f2b631d81f186 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Mon, 5 Oct 2020 23:49:32 +1100
Subject: [PATCH 01/26] Change part views to require permissions

Also adds custom 403 page
---
 InvenTree/part/views.py                  | 93 ++++++++++++++++++++++--
 InvenTree/templates/403.html             | 18 +++++
 InvenTree/templates/InvenTree/index.html |  4 +-
 3 files changed, 108 insertions(+), 7 deletions(-)
 create mode 100644 InvenTree/templates/403.html

diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index dc8d07f5cd..84628eff04 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -12,6 +12,7 @@ from django.shortcuts import HttpResponseRedirect
 from django.utils.translation import gettext_lazy as _
 from django.urls import reverse, reverse_lazy
 from django.views.generic import DetailView, ListView, FormView, UpdateView
+from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.forms.models import model_to_dict
 from django.forms import HiddenInput, CheckboxInput
 from django.conf import settings
@@ -42,12 +43,13 @@ from InvenTree.views import QRCodeView
 from InvenTree.helpers import DownloadFile, str2bool
 
 
-class PartIndex(ListView):
+class PartIndex(PermissionRequiredMixin, ListView):
     """ View for displaying list of Part objects
     """
     model = Part
     template_name = 'part/category.html'
     context_object_name = 'parts'
+    permission_required = ('part.view_part', 'part.view_partcategory')
 
     def get_queryset(self):
         return Part.objects.all().select_related('category')
@@ -76,6 +78,8 @@ class PartAttachmentCreate(AjaxCreateView):
     ajax_form_title = _("Add part attachment")
     ajax_template_name = "modal_form.html"
 
+    permission_required = 'part.create_partattachment'
+
     def post_save(self):
         """ Record the user that uploaded the attachment """
         self.object.user = self.request.user
@@ -123,6 +127,8 @@ class PartAttachmentEdit(AjaxUpdateView):
     form_class = part_forms.EditPartAttachmentForm
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Edit attachment')
+
+    permission_required = 'part.change_partattachment'
     
     def get_data(self):
         return {
@@ -145,6 +151,8 @@ class PartAttachmentDelete(AjaxDeleteView):
     ajax_template_name = "attachment_delete.html"
     context_object_name = "attachment"
 
+    permission_required = 'part.delete_partattachment'
+
     def get_data(self):
         return {
             'danger': _('Deleted part attachment')
@@ -157,6 +165,8 @@ class PartTestTemplateCreate(AjaxCreateView):
     model = PartTestTemplate
     form_class = part_forms.EditPartTestTemplateForm
     ajax_form_title = _("Create Test Template")
+
+    permission_required = 'part.create_parttesttemplate'
     
     def get_initial(self):
 
@@ -185,6 +195,8 @@ class PartTestTemplateEdit(AjaxUpdateView):
     form_class = part_forms.EditPartTestTemplateForm
     ajax_form_title = _("Edit Test Template")
 
+    permission_required = 'part.change_parttesttemplate'
+
     def get_form(self):
 
         form = super().get_form()
@@ -199,6 +211,8 @@ class PartTestTemplateDelete(AjaxDeleteView):
     model = PartTestTemplate
     ajax_form_title = _("Delete Test Template")
 
+    permission_required = 'part.delete_parttesttemplate'
+
 
 class PartSetCategory(AjaxUpdateView):
     """ View for settings the part category for multiple parts at once """
@@ -207,6 +221,8 @@ class PartSetCategory(AjaxUpdateView):
     ajax_form_title = _('Set Part Category')
     form_class = part_forms.SetPartCategoryForm
 
+    permission_required = 'part.change_part'
+
     category = None
     parts = []
     
@@ -290,6 +306,8 @@ class MakePartVariant(AjaxCreateView):
     ajax_form_title = _('Create Variant')
     ajax_template_name = 'part/variant_part.html'
 
+    permission_required = 'part.create_part'
+
     def get_part_template(self):
         return get_object_or_404(Part, id=self.kwargs['pk'])
 
@@ -368,6 +386,8 @@ class PartDuplicate(AjaxCreateView):
     ajax_form_title = _("Duplicate Part")
     ajax_template_name = "part/copy_part.html"
 
+    permission_required = 'part.create_part'
+
     def get_data(self):
         return {
             'success': _('Copied part')
@@ -491,6 +511,8 @@ class PartCreate(AjaxCreateView):
     ajax_form_title = _('Create new part')
     ajax_template_name = 'part/create_part.html'
 
+    permission_required = 'part.create_part'
+
     def get_data(self):
         return {
             'success': _("Created new part"),
@@ -613,6 +635,8 @@ class PartNotes(UpdateView):
     template_name = 'part/notes.html'
     model = Part
 
+    permission_required = 'part.update_part'
+
     fields = ['notes']
 
     def get_success_url(self):
@@ -634,7 +658,7 @@ class PartNotes(UpdateView):
         return ctx
 
 
-class PartDetail(DetailView):
+class PartDetail(PermissionRequiredMixin, DetailView):
     """ Detail view for Part object
     """
 
@@ -642,6 +666,8 @@ class PartDetail(DetailView):
     queryset = Part.objects.all().select_related('category')
     template_name = 'part/detail.html'
 
+    permission_required = 'part.view_part'
+
     # Add in some extra context information based on query params
     def get_context_data(self, **kwargs):
         """ Provide extra context data to template
@@ -706,6 +732,8 @@ class PartQRCode(QRCodeView):
 
     ajax_form_title = _("Part QR Code")
 
+    permission_required = 'part.view_part'
+
     def get_qr_data(self):
         """ Generate QR code data for the Part """
 
@@ -722,8 +750,11 @@ class PartImageUpload(AjaxUpdateView):
     model = Part
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Upload Part Image')
+
     form_class = part_forms.PartImageForm
 
+    permission_required = 'part.update_part'
+
     def get_data(self):
         return {
             'success': _('Updated part image'),
@@ -737,6 +768,8 @@ class PartImageSelect(AjaxUpdateView):
     ajax_template_name = 'part/select_image.html'
     ajax_form_title = _('Select Part Image')
 
+    permission_required = 'part.update_part'
+
     fields = [
         'image',
     ]
@@ -778,6 +811,8 @@ class PartEdit(AjaxUpdateView):
     ajax_form_title = _('Edit Part Properties')
     context_object_name = 'part'
 
+    permission_required = 'part.update_part'
+
     def get_form(self):
         """ Create form for Part editing.
         Overrides default get_form() method to limit the choices
@@ -802,6 +837,8 @@ class BomValidate(AjaxUpdateView):
     context_object_name = 'part'
     form_class = part_forms.BomValidateForm
 
+    permission_required = ('part.update_part')
+
     def get_context(self):
         return {
             'part': self.get_object(),
@@ -832,7 +869,7 @@ class BomValidate(AjaxUpdateView):
         return self.renderJsonResponse(request, form, data, context=self.get_context())
 
 
-class BomUpload(FormView):
+class BomUpload(PermissionRequiredMixin, FormView):
     """ View for uploading a BOM file, and handling BOM data importing.
 
     The BOM upload process is as follows:
@@ -868,6 +905,8 @@ class BomUpload(FormView):
     missing_columns = []
     allowed_parts = []
 
+    permission_required = ('part.update_part', 'part.create_bomitem')
+
     def get_success_url(self):
         part = self.get_object()
         return reverse('upload-bom', kwargs={'pk': part.id})
@@ -1466,6 +1505,8 @@ class BomUpload(FormView):
 class PartExport(AjaxView):
     """ Export a CSV file containing information on multiple parts """
 
+    permission_required = 'part.view_part'
+
     def get_parts(self, request):
         """ Extract part list from the POST parameters.
         Parts can be supplied as:
@@ -1543,6 +1584,8 @@ class BomDownload(AjaxView):
     - File format should be passed as a query param e.g. ?format=csv
     """
 
+    permission_required = ('part.view_part', 'part.view_bomitem')
+
     model = Part
 
     def get(self, request, *args, **kwargs):
@@ -1596,6 +1639,8 @@ class BomExport(AjaxView):
     form_class = part_forms.BomExportForm
     ajax_form_title = _("Export Bill of Materials")
 
+    permission_required = ('part.view_part', 'part.view_bomitem')
+
     def get(self, request, *args, **kwargs):
         return self.renderJsonResponse(request, self.form_class())
 
@@ -1645,6 +1690,8 @@ class PartDelete(AjaxDeleteView):
     ajax_form_title = _('Confirm Part Deletion')
     context_object_name = 'part'
 
+    permission_required = 'part.delete_part'
+
     success_url = '/part/'
 
     def get_data(self):
@@ -1661,6 +1708,8 @@ class PartPricing(AjaxView):
     ajax_form_title = _("Part Pricing")
     form_class = part_forms.PartPriceForm
 
+    permission_required = ('company.view_supplierpricebreak', 'part.view_part')
+
     def get_part(self):
         try:
             return Part.objects.get(id=self.kwargs['pk'])
@@ -1778,6 +1827,8 @@ class PartPricing(AjaxView):
 class PartParameterTemplateCreate(AjaxCreateView):
     """ View for creating a new PartParameterTemplate """
 
+    permission_required = 'part.create_partparametertemplate'
+
     model = PartParameterTemplate
     form_class = part_forms.EditPartParameterTemplateForm
     ajax_form_title = _('Create Part Parameter Template')
@@ -1786,6 +1837,8 @@ class PartParameterTemplateCreate(AjaxCreateView):
 class PartParameterTemplateEdit(AjaxUpdateView):
     """ View for editing a PartParameterTemplate """
 
+    permission_required = 'part.change_partparametertemplate'
+
     model = PartParameterTemplate
     form_class = part_forms.EditPartParameterTemplateForm
     ajax_form_title = _('Edit Part Parameter Template')
@@ -1794,6 +1847,8 @@ class PartParameterTemplateEdit(AjaxUpdateView):
 class PartParameterTemplateDelete(AjaxDeleteView):
     """ View for deleting an existing PartParameterTemplate """
 
+    permission_required = 'part.delete_partparametertemplate'
+
     model = PartParameterTemplate
     ajax_form_title = _("Delete Part Parameter Template")
 
@@ -1801,6 +1856,8 @@ class PartParameterTemplateDelete(AjaxDeleteView):
 class PartParameterCreate(AjaxCreateView):
     """ View for creating a new PartParameter """
 
+    permission_required = 'part.create_partparameter'
+
     model = PartParameter
     form_class = part_forms.EditPartParameterForm
     ajax_form_title = _('Create Part Parameter')
@@ -1851,6 +1908,8 @@ class PartParameterCreate(AjaxCreateView):
 class PartParameterEdit(AjaxUpdateView):
     """ View for editing a PartParameter """
 
+    permission_required = 'part.change_partparameter'
+
     model = PartParameter
     form_class = part_forms.EditPartParameterForm
     ajax_form_title = _('Edit Part Parameter')
@@ -1865,12 +1924,14 @@ class PartParameterEdit(AjaxUpdateView):
 class PartParameterDelete(AjaxDeleteView):
     """ View for deleting a PartParameter """
 
+    permission_required = 'part.delete_partparameter'
+
     model = PartParameter
     ajax_template_name = 'part/param_delete.html'
     ajax_form_title = _('Delete Part Parameter')
     
 
-class CategoryDetail(DetailView):
+class CategoryDetail(PermissionRequiredMixin, DetailView):
     """ Detail view for PartCategory """
 
     model = PartCategory
@@ -1878,6 +1939,8 @@ class CategoryDetail(DetailView):
     queryset = PartCategory.objects.all().prefetch_related('children')
     template_name = 'part/category_partlist.html'
 
+    permission_required = 'part.view_partcategory'
+
     def get_context_data(self, **kwargs):
 
         context = super(CategoryDetail, self).get_context_data(**kwargs).copy()
@@ -1926,6 +1989,8 @@ class CategoryEdit(AjaxUpdateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Edit Part Category')
 
+    permission_required = 'part.change_partcategory'
+
     def get_context_data(self, **kwargs):
         context = super(CategoryEdit, self).get_context_data(**kwargs).copy()
 
@@ -1963,6 +2028,8 @@ class CategoryDelete(AjaxDeleteView):
     context_object_name = 'category'
     success_url = '/part/'
 
+    permission_required = 'part.delete_partcategory'
+
     def get_data(self):
         return {
             'danger': _('Part category was deleted'),
@@ -1977,6 +2044,8 @@ class CategoryCreate(AjaxCreateView):
     ajax_template_name = 'modal_form.html'
     form_class = part_forms.EditCategoryForm
 
+    permission_required = 'part.create_partcategory'
+
     def get_context_data(self, **kwargs):
         """ Add extra context data to template.
 
@@ -2012,12 +2081,14 @@ class CategoryCreate(AjaxCreateView):
         return initials
 
 
-class BomItemDetail(DetailView):
+class BomItemDetail(PermissionRequiredMixin, DetailView):
     """ Detail view for BomItem """
     context_object_name = 'item'
     queryset = BomItem.objects.all()
     template_name = 'part/bom-detail.html'
 
+    permission_required = 'part.view_bomitem'
+
 
 class BomItemCreate(AjaxCreateView):
     """ Create view for making a new BomItem object """
@@ -2026,6 +2097,8 @@ class BomItemCreate(AjaxCreateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Create BOM item')
 
+    permission_required = 'part.create_bomitem'
+
     def get_form(self):
         """ Override get_form() method to reduce Part selection options.
 
@@ -2092,6 +2165,8 @@ class BomItemEdit(AjaxUpdateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Edit BOM item')
 
+    permission_required = 'part.change_bomitem'
+
     def get_form(self):
         """ Override get_form() method to filter part selection options
 
@@ -2140,6 +2215,8 @@ class BomItemDelete(AjaxDeleteView):
     context_object_name = 'item'
     ajax_form_title = _('Confim BOM item deletion')
 
+    permission_required = 'part.delete_bomitem'
+
 
 class PartSalePriceBreakCreate(AjaxCreateView):
     """ View for creating a sale price break for a part """
@@ -2147,6 +2224,8 @@ class PartSalePriceBreakCreate(AjaxCreateView):
     model = PartSellPriceBreak
     form_class = part_forms.EditPartSalePriceBreakForm
     ajax_form_title = _('Add Price Break')
+
+    permission_required = 'part.create_partsellpricebreak'
     
     def get_data(self):
         return {
@@ -2197,6 +2276,8 @@ class PartSalePriceBreakEdit(AjaxUpdateView):
     form_class = part_forms.EditPartSalePriceBreakForm
     ajax_form_title = _('Edit Price Break')
 
+    permission_required = 'part.change_partsellpricebreak'
+
     def get_form(self):
 
         form = super().get_form()
@@ -2211,3 +2292,5 @@ class PartSalePriceBreakDelete(AjaxDeleteView):
     model = PartSellPriceBreak
     ajax_form_title = _("Delete Price Break")
     ajax_template_name = "modal_delete_form.html"
+
+    permission_required = 'part.delete_partsalepricebreak'
diff --git a/InvenTree/templates/403.html b/InvenTree/templates/403.html
new file mode 100644
index 0000000000..372bd9fe27
--- /dev/null
+++ b/InvenTree/templates/403.html
@@ -0,0 +1,18 @@
+{% extends "base.html" %}
+{% load i18n %}
+
+{% block page_title %}
+InvenTree | {% trans "Permission Denied" %}
+{% endblock %}
+
+{% block content %}
+
+<div class='container-fluid'>
+    <h3>{% trans "Permission Denied" %}</h3>
+
+    <div class='alert alert-danger alert-block'>
+        {% trans "You do not have permission to view this page." %}
+    </div>
+</div>
+
+{% endblock %}
\ No newline at end of file
diff --git a/InvenTree/templates/InvenTree/index.html b/InvenTree/templates/InvenTree/index.html
index a9e4ae92ea..b20d61116d 100644
--- a/InvenTree/templates/InvenTree/index.html
+++ b/InvenTree/templates/InvenTree/index.html
@@ -1,7 +1,7 @@
 {% extends "base.html" %}
-
+{% load i18n %}
 {% block page_title %}
-InvenTree | Index
+InvenTree | {% trans "Index" %}
 {% endblock %}
 
 {% block content %}

From 66bdce3d04d1a08be9b87e7016ce6100b8dbf4b2 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Mon, 5 Oct 2020 23:53:24 +1100
Subject: [PATCH 02/26] Hide elements on the PartCategory page, based on
 permissions

---
 InvenTree/part/templates/part/category.html | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/InvenTree/part/templates/part/category.html b/InvenTree/part/templates/part/category.html
index 9a6fb9d7e5..44c8cd7df9 100644
--- a/InvenTree/part/templates/part/category.html
+++ b/InvenTree/part/templates/part/category.html
@@ -20,17 +20,23 @@
         {% endif %}
         <p>
             <div class='btn-group action-buttons'>
+                {% if perms.part.create_partcategory %}
                 <button class='btn btn-default' id='cat-create' title='{% trans "Create new part category" %}'>
                     <span class='fas fa-plus-circle icon-green'/>
                 </button>
+                {% endif %}
                 {% if category %}
+                {% if perms.part.change_partcategory %}
                 <button class='btn btn-default' id='cat-edit' title='{% trans "Edit part category" %}'>
                     <span class='fas fa-edit icon-blue'/>
                 </button>
+                {% endif %}
+                {% if perms.part.delete_partcategory %}
                 <button class='btn btn-default' id='cat-delete' title='{% trans "Delete part category" %}'>
                     <span class='fas fa-trash-alt icon-red'/>
                 </button>
                 {% endif %}
+                {% endif %}
             </div>
         </p>
     </div>
@@ -104,11 +110,15 @@
     <div class='button-toolbar container-fluid' style="float: right;">
         <div class='btn-group'>
             <button class='btn btn-default' id='part-export' title='{% trans "Export Part Data" %}'>{% trans "Export" %}</button>
+            {% if perms.part.create_part %}
             <button class='btn btn-success' id='part-create' title='{% trans "Create new part" %}'>{% trans "New Part" %}</button>
+            {% endif %}
             <div class='btn-group'>
                 <button id='part-options' class='btn btn-primary dropdown-toggle' type='button' data-toggle="dropdown">{% trans "Options" %}<span class='caret'></span></button>
                 <ul class='dropdown-menu'>
+                    {% if perms.part.change_part %}
                     <li><a href='#' id='multi-part-category' title='{% trans "Set category" %}'>{% trans "Set Category" %}</a></li>
+                    {% endif %}
                     <li><a href='#' id='multi-part-order' title='{% trans "Order parts" %}'>{% trans "Order Parts" %}</a></li>
                     <li><a href='#' id='multi-part-export' title='{% trans "Export" %}'>{% trans "Export Data" %}</a></li>
                 </ul>
@@ -180,6 +190,7 @@
         location.href = url;
     });
 
+    {% if perms.part.create_part %}
     $("#part-create").click(function() {
         launchModalForm(
             "{% url 'part-create' %}",
@@ -207,6 +218,7 @@
             }
         );
     });
+    {% endif %}
 
     {% if category %}
     $("#cat-edit").click(function () {

From afadd51a1437e15cad23ff51a45bb0cb76c7bb41 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 00:19:44 +1100
Subject: [PATCH 03/26] Fix permissions in views.py

Silly, "add" not "create"
---
 InvenTree/part/views.py | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index 84628eff04..47a77078be 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -78,7 +78,7 @@ class PartAttachmentCreate(AjaxCreateView):
     ajax_form_title = _("Add part attachment")
     ajax_template_name = "modal_form.html"
 
-    permission_required = 'part.create_partattachment'
+    permission_required = 'part.add_partattachment'
 
     def post_save(self):
         """ Record the user that uploaded the attachment """
@@ -166,7 +166,7 @@ class PartTestTemplateCreate(AjaxCreateView):
     form_class = part_forms.EditPartTestTemplateForm
     ajax_form_title = _("Create Test Template")
 
-    permission_required = 'part.create_parttesttemplate'
+    permission_required = 'part.add_parttesttemplate'
     
     def get_initial(self):
 
@@ -306,7 +306,7 @@ class MakePartVariant(AjaxCreateView):
     ajax_form_title = _('Create Variant')
     ajax_template_name = 'part/variant_part.html'
 
-    permission_required = 'part.create_part'
+    permission_required = 'part.add_part'
 
     def get_part_template(self):
         return get_object_or_404(Part, id=self.kwargs['pk'])
@@ -386,7 +386,7 @@ class PartDuplicate(AjaxCreateView):
     ajax_form_title = _("Duplicate Part")
     ajax_template_name = "part/copy_part.html"
 
-    permission_required = 'part.create_part'
+    permission_required = 'part.add_part'
 
     def get_data(self):
         return {
@@ -511,7 +511,7 @@ class PartCreate(AjaxCreateView):
     ajax_form_title = _('Create new part')
     ajax_template_name = 'part/create_part.html'
 
-    permission_required = 'part.create_part'
+    permission_required = 'part.add_part'
 
     def get_data(self):
         return {
@@ -905,7 +905,7 @@ class BomUpload(PermissionRequiredMixin, FormView):
     missing_columns = []
     allowed_parts = []
 
-    permission_required = ('part.update_part', 'part.create_bomitem')
+    permission_required = ('part.update_part', 'part.add_bomitem')
 
     def get_success_url(self):
         part = self.get_object()
@@ -1827,7 +1827,7 @@ class PartPricing(AjaxView):
 class PartParameterTemplateCreate(AjaxCreateView):
     """ View for creating a new PartParameterTemplate """
 
-    permission_required = 'part.create_partparametertemplate'
+    permission_required = 'part.add_partparametertemplate'
 
     model = PartParameterTemplate
     form_class = part_forms.EditPartParameterTemplateForm
@@ -1856,7 +1856,7 @@ class PartParameterTemplateDelete(AjaxDeleteView):
 class PartParameterCreate(AjaxCreateView):
     """ View for creating a new PartParameter """
 
-    permission_required = 'part.create_partparameter'
+    permission_required = 'part.add_partparameter'
 
     model = PartParameter
     form_class = part_forms.EditPartParameterForm
@@ -2044,7 +2044,7 @@ class CategoryCreate(AjaxCreateView):
     ajax_template_name = 'modal_form.html'
     form_class = part_forms.EditCategoryForm
 
-    permission_required = 'part.create_partcategory'
+    permission_required = 'part.add_partcategory'
 
     def get_context_data(self, **kwargs):
         """ Add extra context data to template.
@@ -2097,7 +2097,7 @@ class BomItemCreate(AjaxCreateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Create BOM item')
 
-    permission_required = 'part.create_bomitem'
+    permission_required = 'part.add_bomitem'
 
     def get_form(self):
         """ Override get_form() method to reduce Part selection options.
@@ -2225,7 +2225,7 @@ class PartSalePriceBreakCreate(AjaxCreateView):
     form_class = part_forms.EditPartSalePriceBreakForm
     ajax_form_title = _('Add Price Break')
 
-    permission_required = 'part.create_partsellpricebreak'
+    permission_required = 'part.add_partsellpricebreak'
     
     def get_data(self):
         return {

From ba4c829b10137ca1a37cf7d1dde0b73ce8d0cb57 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 00:20:45 +1100
Subject: [PATCH 04/26] Add permission requirements in various part templates

---
 InvenTree/part/templates/part/bom.html       |  2 ++
 InvenTree/part/templates/part/build.html     |  7 +++++--
 InvenTree/part/templates/part/category.html  |  6 +++---
 InvenTree/part/templates/part/notes.html     |  2 ++
 InvenTree/part/templates/part/params.html    |  8 +++++++
 InvenTree/part/templates/part/part_base.html | 22 ++++++++++++++++----
 InvenTree/part/templates/part/tabs.html      |  9 +++++---
 InvenTree/templates/slide.html               |  2 +-
 InvenTree/templates/stock_table.html         |  8 +++++++
 9 files changed, 53 insertions(+), 13 deletions(-)

diff --git a/InvenTree/part/templates/part/bom.html b/InvenTree/part/templates/part/bom.html
index 2653a42575..610e60847a 100644
--- a/InvenTree/part/templates/part/bom.html
+++ b/InvenTree/part/templates/part/bom.html
@@ -39,10 +39,12 @@
     <button class='btn btn-default action-button' type='button' title='{% trans "New BOM Item" %}' id='bom-item-new'><span class='fas fa-plus-circle'></span></button>
     <button class='btn btn-default action-button' type='button' title='{% trans "Finish Editing" %}' id='editing-finished'><span class='fas fa-check-circle'></span></button>
     {% elif part.active %}
+    {% if perms.part.change_part %}
     <button class='btn btn-default action-button' type='button' title='{% trans "Edit BOM" %}' id='edit-bom'><span class='fas fa-edit'></span></button>
     {% if part.is_bom_valid == False %}
     <button class='btn btn-default action-button' id='validate-bom' title='{% trans "Validate Bill of Materials" %}' type='button'><span class='fas fa-clipboard-check'></span></button>
     {% endif %}
+    {% endif %}
     <button title='{% trans "Export Bill of Materials" %}' class='btn btn-default action-button' id='download-bom' type='button'><span class='fas fa-file-download'></span></button>
     {% endif %}
 </div>
diff --git a/InvenTree/part/templates/part/build.html b/InvenTree/part/templates/part/build.html
index 442693ddeb..ad51d33ab2 100644
--- a/InvenTree/part/templates/part/build.html
+++ b/InvenTree/part/templates/part/build.html
@@ -1,15 +1,18 @@
 {% extends "part/part_base.html" %}
 {% load static %}
+{% load i18n %}
 {% block details %}
 
 {% include 'part/tabs.html' with tab='build' %}
 
-<h3>Part Builds</h3>
+<h3>{% trans "Part Builds" %}</h3>
 
 <div id='button-toolbar'>
     <div class='button-toolbar container-flui' style='float: right';>
         {% if part.active %}
-        <button class="btn btn-success" id='start-build'>Start New Build</button>
+        {% if perms.build.add_build %}
+        <button class="btn btn-success" id='start-build'>{% trans "Start New Build" %}</button>
+        {% endif %}
         {% endif %}
         <div class='filter-list' id='filter-list-build'>
             <!-- Empty div for filters -->
diff --git a/InvenTree/part/templates/part/category.html b/InvenTree/part/templates/part/category.html
index 44c8cd7df9..25417a1d9b 100644
--- a/InvenTree/part/templates/part/category.html
+++ b/InvenTree/part/templates/part/category.html
@@ -20,7 +20,7 @@
         {% endif %}
         <p>
             <div class='btn-group action-buttons'>
-                {% if perms.part.create_partcategory %}
+                {% if perms.part.add_partcategory %}
                 <button class='btn btn-default' id='cat-create' title='{% trans "Create new part category" %}'>
                     <span class='fas fa-plus-circle icon-green'/>
                 </button>
@@ -110,7 +110,7 @@
     <div class='button-toolbar container-fluid' style="float: right;">
         <div class='btn-group'>
             <button class='btn btn-default' id='part-export' title='{% trans "Export Part Data" %}'>{% trans "Export" %}</button>
-            {% if perms.part.create_part %}
+            {% if perms.part.add_part %}
             <button class='btn btn-success' id='part-create' title='{% trans "Create new part" %}'>{% trans "New Part" %}</button>
             {% endif %}
             <div class='btn-group'>
@@ -190,7 +190,7 @@
         location.href = url;
     });
 
-    {% if perms.part.create_part %}
+    {% if perms.part.add_part %}
     $("#part-create").click(function() {
         launchModalForm(
             "{% url 'part-create' %}",
diff --git a/InvenTree/part/templates/part/notes.html b/InvenTree/part/templates/part/notes.html
index afa215600d..68711c881e 100644
--- a/InvenTree/part/templates/part/notes.html
+++ b/InvenTree/part/templates/part/notes.html
@@ -29,7 +29,9 @@
         <h4>{% trans "Part Notes" %}</h4>
     </div>
     <div class='col-sm-6'>
+        {% if perms.part.change_part %}
         <button title='{% trans "Edit notes" %}' class='btn btn-default action-button float-right' id='edit-notes'><span class='fas fa-edit'></span></button>
+        {% endif %}
     </div>
 </div>
 <hr>
diff --git a/InvenTree/part/templates/part/params.html b/InvenTree/part/templates/part/params.html
index 8ad4f61252..9984830242 100644
--- a/InvenTree/part/templates/part/params.html
+++ b/InvenTree/part/templates/part/params.html
@@ -10,7 +10,9 @@
 
 <div id='button-toolbar'>
     <div class='button-toolbar container-fluid' style='float: right;'>
+        {% if perms.part.add_partparameter %}
         <button title='{% trans "Add new parameter" %}' class='btn btn-success' id='param-create'>{% trans "New Parameter" %}</button>
+        {% endif %}
     </div>
 </div>
 
@@ -30,8 +32,12 @@
             <td>
                 {{ param.template.units }}
                 <div class='btn-group' style='float: right;'>
+                    {% if perms.part.change_partparameter %}
                     <button title='{% trans "Edit" %}' class='btn btn-default btn-glyph param-edit' url="{% url 'part-param-edit' param.id %}" type='button'><span class='fas fa-edit'/></button>
+                    {% endif %}
+                    {% if perms.part.delete_partparameter %}
                     <button title='{% trans "Delete" %}' class='btn btn-default btn-glyph param-delete' url="{% url 'part-param-delete' param.id %}" type='button'><span class='fas fa-trash-alt icon-red'/></button>
+                    {% endif %}
                 </div>
             </td>
         </tr>
@@ -48,6 +54,7 @@
     $('#param-table').inventreeTable({
     });
 
+    {% if perms.part.add_partparameter %}
     $('#param-create').click(function() {
         launchModalForm("{% url 'part-param-create' %}?part={{ part.id }}", {
             reload: true,
@@ -59,6 +66,7 @@
             }],
         });
     });
+    {% endif %}
 
     $('.param-edit').click(function() {
         var button = $(this);
diff --git a/InvenTree/part/templates/part/part_base.html b/InvenTree/part/templates/part/part_base.html
index 1de4976740..6103cb5369 100644
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@@ -56,26 +56,36 @@
             <button type='button' class='btn btn-default' id='price-button' title='{% trans "Show pricing information" %}'>
                 <span id='part-price-icon' class='fas fa-dollar-sign'/>
             </button>
-            <button type='button' class='btn btn-default' id='part-count' title='Count part stock'>
+            {% if perms.stock.change_stockitem %}
+            <button type='button' class='btn btn-default' id='part-count' title='{% trans "Count part stock" %}'>
                 <span class='fas fa-clipboard-list'/>
             </button>
+            {% endif %}
             {% if part.purchaseable %}
-            <button type='button' class='btn btn-default' id='part-order' title='Order part'>
+            {% if perms.order.add_purchaseorder %}
+            <button type='button' class='btn btn-default' id='part-order' title='{% trans "Order part" %}'>
                 <span id='part-order-icon' class='fas fa-shopping-cart'/>
             </button>
             {% endif %}
             {% endif %}
+            {% endif %}
             <!-- Part actions -->
+            {% if perms.part.add_part or perms.part.change_part or perms.part.delete_part %}
             <div class='btn-group'>
                 <button id='part-actions' title='{% trans "Part actions" %}' class='btn btn-default dropdown-toggle' type='button' data-toggle='dropdown'> <span class='fas fa-shapes'></span> <span class='caret'></span></button>
                 <ul class='dropdown-menu'>
+                    {% if perms.part.add_part %}
                     <li><a href='#' id='part-duplicate'><span class='fas fa-copy'></span> {% trans "Duplicate part" %}</a></li>
+                    {% endif %}
+                    {% if perms.part.change_part %}
                     <li><a href='#' id='part-edit'><span class='fas fa-edit icon-blue'></span> {% trans "Edit part" %}</a></li>
-                    {% if not part.active %}
+                    {% endif %}
+                    {% if not part.active and perms.part.delete_part %}
                     <li><a href='#' id='part-delete'><span class='fas fa-trash-alt icon-red'></span> {% trans "Delete part" %}</a></li>
                     {% endif %}
                 </ul>
             </div>
+            {% endif %}
         </div>
         <table class='table table-condensed'>
             <col width='25'>
@@ -274,6 +284,7 @@
                         });
     });
 
+    {% if perms.part.change_part %}
     $("#part-edit").click(function() {
         launchModalForm(
             "{% url 'part-edit' part.id %}",
@@ -282,6 +293,7 @@
             }
         );
     });
+    {% endif %}
 
     $("#part-order").click(function() {
         launchModalForm("{% url 'order-parts' %}", {
@@ -292,6 +304,7 @@
         });
     });
 
+    {% if perms.part.add_part %}
     $("#part-duplicate").click(function() {
         launchModalForm(
             "{% url 'part-duplicate' part.id %}",
@@ -300,8 +313,9 @@
             }
         );
     });
+    {% endif %}
 
-    {% if not part.active %}
+    {% if not part.active and perms.part.delete_part %}
     $("#part-delete").click(function() {
         launchModalForm(
             "{% url 'part-delete' part.id %}",
diff --git a/InvenTree/part/templates/part/tabs.html b/InvenTree/part/templates/part/tabs.html
index 1eab299ed5..02d8672979 100644
--- a/InvenTree/part/templates/part/tabs.html
+++ b/InvenTree/part/templates/part/tabs.html
@@ -26,14 +26,17 @@
     {% if part.assembly %}
     <li{% ifequal tab 'bom' %} class="active"{% endifequal %}>
         <a href="{% url 'part-bom' part.id %}">{% trans "BOM" %}<span class="badge{% if part.is_bom_valid == False %} badge-alert{% endif %}">{{ part.bom_count }}</span></a></li>
+    {% if perms.build.view_build %}
     <li{% ifequal tab 'build' %} class="active"{% endifequal %}>
-        <a href="{% url 'part-build' part.id %}">{% trans "Build Orders" %}<span class='badge'>{{ part.builds.count }}</span></a></li>
+        <a href="{% url 'part-build' part.id %}">{% trans "Build Orders" %}<span class='badge'>{{ part.builds.count }}</span></a>
+    </li>
+    {% endif %}
     {% endif %}
     {% if part.component or part.used_in_count > 0 %}
     <li{% ifequal tab 'used' %} class="active"{% endifequal %}>
         <a href="{% url 'part-used-in' part.id %}">{% trans "Used In" %} {% if part.used_in_count > 0 %}<span class="badge">{{ part.used_in_count }}</span>{% endif %}</a></li>
     {% endif %}
-    {% if part.purchaseable %}
+    {% if part.purchaseable and perms.order.view_purchaseorder %}
     {% if part.is_template == False %}
     <li{% ifequal tab 'suppliers' %} class="active"{% endifequal %}>
         <a href="{% url 'part-suppliers' part.id %}">{% trans "Suppliers" %}
@@ -45,7 +48,7 @@
         <a href="{% url 'part-orders' part.id %}">{% trans "Purchase Orders" %} <span class='badge'>{{ part.purchase_orders|length }}</span></a>
     </li>
     {% endif %}
-    {% if part.salable %}
+    {% if part.salable and perms.order.view_salesorder %}
     <li {% if tab == 'sales-prices' %}class='active'{% endif %}>
         <a href="{% url 'part-sale-prices' part.id %}">{% trans "Sale Price" %}</a>
     </li>
diff --git a/InvenTree/templates/slide.html b/InvenTree/templates/slide.html
index e2fe2e932f..45535786c9 100644
--- a/InvenTree/templates/slide.html
+++ b/InvenTree/templates/slide.html
@@ -1,3 +1,3 @@
 <div>
-    <input fieldname='{{ field }}' class='slidey' type="checkbox" data-offstyle='warning' data-onstyle="success" data-size='small' data-toggle="toggle" {% if disabled %}disabled {% endif %}{% if state %}checked=""{% endif %} autocomplete="off">
+    <input fieldname='{{ field }}' class='slidey' type="checkbox" data-offstyle='warning' data-onstyle="success" data-size='small' data-toggle="toggle" {% if disabled or not perms.part.change_part %}disabled {% endif %}{% if state %}checked=""{% endif %} autocomplete="off">
 </div>
\ No newline at end of file
diff --git a/InvenTree/templates/stock_table.html b/InvenTree/templates/stock_table.html
index c41d2181c9..be26b1a976 100644
--- a/InvenTree/templates/stock_table.html
+++ b/InvenTree/templates/stock_table.html
@@ -6,19 +6,27 @@
             <button class='btn btn-default' id='stock-export' title='{% trans "Export Stock Information" %}'>{% trans "Export" %}</button>
             {% if read_only %}
             {% else %}
+            {% if perms.stock.add_stockitem %}
             <button class="btn btn-success" id='item-create'>{% trans "New Stock Item" %}</button>
+            {% endif %}
+            {% if perms.stock.change_stockitem or perms.stock.delete_stockitem %}
             <div class="btn-group">
                 <button id='stock-options' class="btn btn-primary dropdown-toggle" type="button" data-toggle="dropdown">{% trans "Options" %}<span class="caret"></span></button>
                 <ul class="dropdown-menu">
+                    {% if perms.stock.change_stockitem %}
                     <li><a href="#" id='multi-item-add' title='{% trans "Add to selected stock items" %}'>{% trans "Add stock" %}</a></li>
                     <li><a href="#" id='multi-item-remove' title='{% trans "Remove from selected stock items" %}'>{% trans "Remove stock" %}</a></li>
                     <li><a href="#" id='multi-item-stocktake' title='{% trans "Stocktake selected stock items" %}'>{% trans "Count stock" %}</a></li>
                     <li><a href='#' id='multi-item-move' title='{% trans "Move selected stock items" %}'>{% trans "Move stock" %}</a></li>
                     <li><a href='#' id='multi-item-order' title='{% trans "Order selected items" %}'>{% trans "Order stock" %}</a></li>
+                    {% endif %}
+                    {% if perms.stock.delete_stockitem %}
                     <li><a href='#' id='multi-item-delete' title='{% trans "Delete selected items" %}'>{% trans "Delete Stock" %}</a></li>
+                    {% endif %}
                 </ul>
             </div>
             {% endif %}
+            {% endif %}
         </div>
         <div class='filter-list' id='filter-list-stock'>
             <!-- An empty div in which the filter list will be constructed -->

From 8ee16d6f98600e4a618254f1dc0a79ab7113c2ed Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 00:20:57 +1100
Subject: [PATCH 05/26] update translation files

---
 InvenTree/locale/de/LC_MESSAGES/django.po | 405 ++++++++++++++--------
 InvenTree/locale/en/LC_MESSAGES/django.po | 397 ++++++++++++---------
 InvenTree/locale/es/LC_MESSAGES/django.po | 397 ++++++++++++---------
 3 files changed, 731 insertions(+), 468 deletions(-)

diff --git a/InvenTree/locale/de/LC_MESSAGES/django.po b/InvenTree/locale/de/LC_MESSAGES/django.po
index 493d4a8b06..7632fadc4c 100644
--- a/InvenTree/locale/de/LC_MESSAGES/django.po
+++ b/InvenTree/locale/de/LC_MESSAGES/django.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-10-04 14:02+0000\n"
+"POT-Creation-Date: 2020-10-05 13:20+0000\n"
 "PO-Revision-Date: 2020-05-03 11:32+0200\n"
 "Last-Translator: Christian Schlüter <chschlue@gmail.com>\n"
 "Language-Team: C <kde-i18n-doc@kde.org>\n"
@@ -96,7 +96,7 @@ msgstr "Datei-Kommentar"
 msgid "User"
 msgstr "Benutzer"
 
-#: InvenTree/models.py:106 part/templates/part/params.html:20
+#: InvenTree/models.py:106 part/templates/part/params.html:22
 #: templates/js/part.html:81
 msgid "Name"
 msgstr "Name"
@@ -107,19 +107,19 @@ msgstr "Name"
 msgid "Description (optional)"
 msgstr "Firmenbeschreibung"
 
-#: InvenTree/settings.py:342
+#: InvenTree/settings.py:343
 msgid "English"
 msgstr "Englisch"
 
-#: InvenTree/settings.py:343
+#: InvenTree/settings.py:344
 msgid "German"
 msgstr "Deutsch"
 
-#: InvenTree/settings.py:344
+#: InvenTree/settings.py:345
 msgid "French"
 msgstr "Französisch"
 
-#: InvenTree/settings.py:345
+#: InvenTree/settings.py:346
 msgid "Polish"
 msgstr "Polnisch"
 
@@ -345,7 +345,7 @@ msgstr "Bau-Anzahl"
 msgid "Number of parts to build"
 msgstr "Anzahl der zu bauenden Teile"
 
-#: build/models.py:128 part/templates/part/part_base.html:145
+#: build/models.py:128 part/templates/part/part_base.html:155
 msgid "Build Status"
 msgstr "Bau-Status"
 
@@ -364,7 +364,7 @@ msgstr "Chargennummer für diese Bau-Ausgabe"
 #: build/models.py:155 build/templates/build/detail.html:55
 #: company/templates/company/supplier_part_base.html:60
 #: company/templates/company/supplier_part_detail.html:24
-#: part/templates/part/detail.html:80 part/templates/part/part_base.html:92
+#: part/templates/part/detail.html:80 part/templates/part/part_base.html:102
 #: stock/models.py:381 stock/templates/stock/item_base.html:244
 msgid "External Link"
 msgstr "Externer Link"
@@ -376,7 +376,7 @@ msgstr "Link zu einer externen URL"
 #: build/models.py:160 build/templates/build/tabs.html:14 company/models.py:310
 #: company/templates/company/tabs.html:33 order/templates/order/po_tabs.html:15
 #: order/templates/order/purchase_order_detail.html:202
-#: order/templates/order/so_tabs.html:23 part/templates/part/tabs.html:67
+#: order/templates/order/so_tabs.html:23 part/templates/part/tabs.html:70
 #: stock/forms.py:306 stock/forms.py:338 stock/forms.py:366 stock/models.py:453
 #: stock/models.py:1404 stock/templates/stock/tabs.html:26
 #: templates/js/barcode.html:391 templates/js/bom.html:223
@@ -425,7 +425,7 @@ msgstr "Lagerobjekt-Anzahl dem Bau zuweisen"
 
 #: build/templates/build/allocate.html:17
 #: company/templates/company/detail_part.html:18 order/views.py:779
-#: part/templates/part/category.html:112
+#: part/templates/part/category.html:122
 msgid "Order Parts"
 msgstr "Teile bestellen"
 
@@ -441,7 +441,7 @@ msgstr "Automatisches Zuweisen"
 msgid "Unallocate"
 msgstr "Zuweisung aufheben"
 
-#: build/templates/build/allocate.html:87 templates/stock_table.html:9
+#: build/templates/build/allocate.html:87 templates/stock_table.html:10
 msgid "New Stock Item"
 msgstr "Neues Lagerobjekt"
 
@@ -574,7 +574,7 @@ msgstr "Lagerobjekt wurde zugewiesen"
 #: build/templates/build/build_base.html:34
 #: build/templates/build/complete.html:6
 #: stock/templates/stock/item_base.html:223 templates/js/build.html:39
-#: templates/navbar.html:20
+#: templates/navbar.html:25
 msgid "Build"
 msgstr "Bau"
 
@@ -717,7 +717,7 @@ msgstr "Fertig"
 
 #: build/templates/build/index.html:6 build/templates/build/index.html:14
 #: order/templates/order/so_builds.html:11 order/templates/order/so_tabs.html:9
-#: part/templates/part/tabs.html:30
+#: part/templates/part/tabs.html:31 users/models.py:30
 msgid "Build Orders"
 msgstr "Bauaufträge"
 
@@ -739,7 +739,7 @@ msgstr "Speichern"
 #: build/templates/build/notes.html:33 company/templates/company/notes.html:30
 #: order/templates/order/order_notes.html:32
 #: order/templates/order/sales_order_notes.html:37
-#: part/templates/part/notes.html:32 stock/templates/stock/item_notes.html:33
+#: part/templates/part/notes.html:33 stock/templates/stock/item_notes.html:33
 msgid "Edit notes"
 msgstr "Bermerkungen bearbeiten"
 
@@ -1085,13 +1085,13 @@ msgid "New Supplier Part"
 msgstr "Neues Zulieferer-Teil"
 
 #: company/templates/company/detail_part.html:15
-#: part/templates/part/category.html:109 part/templates/part/supplier.html:15
-#: templates/stock_table.html:11
+#: part/templates/part/category.html:117 part/templates/part/supplier.html:15
+#: templates/stock_table.html:14
 msgid "Options"
 msgstr "Optionen"
 
 #: company/templates/company/detail_part.html:18
-#: part/templates/part/category.html:112
+#: part/templates/part/category.html:122
 #, fuzzy
 #| msgid "Order part"
 msgid "Order parts"
@@ -1108,7 +1108,7 @@ msgid "Delete Parts"
 msgstr "Teile löschen"
 
 #: company/templates/company/detail_part.html:43
-#: part/templates/part/category.html:107 templates/js/stock.html:791
+#: part/templates/part/category.html:114 templates/js/stock.html:791
 msgid "New Part"
 msgstr "Neues Teil"
 
@@ -1140,7 +1140,7 @@ msgstr "Zuliefererbestand"
 
 #: company/templates/company/detail_stock.html:35
 #: company/templates/company/supplier_part_stock.html:33
-#: part/templates/part/category.html:106 part/templates/part/category.html:113
+#: part/templates/part/category.html:112 part/templates/part/category.html:123
 #: part/templates/part/stock.html:51 templates/stock_table.html:6
 msgid "Export"
 msgstr "Exportieren"
@@ -1163,8 +1163,8 @@ msgstr ""
 #: company/templates/company/tabs.html:17
 #: order/templates/order/purchase_orders.html:7
 #: order/templates/order/purchase_orders.html:12
-#: part/templates/part/orders.html:9 part/templates/part/tabs.html:45
-#: templates/navbar.html:26
+#: part/templates/part/orders.html:9 part/templates/part/tabs.html:48
+#: templates/navbar.html:33 users/models.py:31
 msgid "Purchase Orders"
 msgstr "Bestellungen"
 
@@ -1182,8 +1182,8 @@ msgstr "Neue Bestellung"
 #: company/templates/company/tabs.html:22
 #: order/templates/order/sales_orders.html:7
 #: order/templates/order/sales_orders.html:12
-#: part/templates/part/sales_orders.html:9 part/templates/part/tabs.html:53
-#: templates/navbar.html:33
+#: part/templates/part/sales_orders.html:9 part/templates/part/tabs.html:56
+#: templates/navbar.html:42 users/models.py:32
 msgid "Sales Orders"
 msgstr "Bestellungen"
 
@@ -1204,7 +1204,7 @@ msgid "Supplier Part"
 msgstr "Zulieferer-Teil"
 
 #: company/templates/company/supplier_part_base.html:23
-#: part/templates/part/orders.html:14
+#: part/templates/part/orders.html:14 part/templates/part/part_base.html:66
 msgid "Order part"
 msgstr "Teil bestellen"
 
@@ -1251,7 +1251,7 @@ msgid "Pricing Information"
 msgstr "Preisinformationen ansehen"
 
 #: company/templates/company/supplier_part_pricing.html:15 company/views.py:399
-#: part/templates/part/sale_prices.html:13 part/views.py:2149
+#: part/templates/part/sale_prices.html:13 part/views.py:2226
 msgid "Add Price Break"
 msgstr "Preisstaffel hinzufügen"
 
@@ -1293,7 +1293,7 @@ msgstr "Bepreisung"
 #: company/templates/company/tabs.html:12 part/templates/part/tabs.html:18
 #: stock/templates/stock/location.html:17 templates/InvenTree/search.html:155
 #: templates/js/part.html:124 templates/js/part.html:372
-#: templates/js/stock.html:452 templates/navbar.html:19
+#: templates/js/stock.html:452 templates/navbar.html:22 users/models.py:29
 msgid "Stock"
 msgstr "Lagerbestand"
 
@@ -1303,22 +1303,22 @@ msgstr "Bestellungen"
 
 #: company/templates/company/tabs.html:9
 #: order/templates/order/receive_parts.html:14 part/models.py:294
-#: part/templates/part/cat_link.html:7 part/templates/part/category.html:88
-#: part/templates/part/category_tabs.html:6 templates/navbar.html:18
-#: templates/stats.html:8 templates/stats.html:17
+#: part/templates/part/cat_link.html:7 part/templates/part/category.html:94
+#: part/templates/part/category_tabs.html:6 templates/navbar.html:19
+#: templates/stats.html:8 templates/stats.html:17 users/models.py:28
 msgid "Parts"
 msgstr "Teile"
 
-#: company/views.py:50 part/templates/part/tabs.html:39
-#: templates/navbar.html:24
+#: company/views.py:50 part/templates/part/tabs.html:42
+#: templates/navbar.html:31
 msgid "Suppliers"
 msgstr "Zulieferer"
 
-#: company/views.py:57 templates/navbar.html:25
+#: company/views.py:57 templates/navbar.html:32
 msgid "Manufacturers"
 msgstr "Hersteller"
 
-#: company/views.py:64 templates/navbar.html:32
+#: company/views.py:64 templates/navbar.html:41
 msgid "Customers"
 msgstr "Kunden"
 
@@ -1382,17 +1382,17 @@ msgstr "Neues Zuliefererteil anlegen"
 msgid "Delete Supplier Part"
 msgstr "Zuliefererteil entfernen"
 
-#: company/views.py:404 part/views.py:2153
+#: company/views.py:404 part/views.py:2232
 #, fuzzy
 #| msgid "Add Price Break"
 msgid "Added new price break"
 msgstr "Preisstaffel hinzufügen"
 
-#: company/views.py:441 part/views.py:2198
+#: company/views.py:441 part/views.py:2277
 msgid "Edit Price Break"
 msgstr "Preisstaffel bearbeiten"
 
-#: company/views.py:456 part/views.py:2212
+#: company/views.py:456 part/views.py:2293
 msgid "Delete Price Break"
 msgstr "Preisstaffel löschen"
 
@@ -1497,7 +1497,7 @@ msgstr ""
 msgid "Date order was completed"
 msgstr "Bestellung als vollständig markieren"
 
-#: order/models.py:185 order/models.py:259 part/views.py:1304
+#: order/models.py:185 order/models.py:259 part/views.py:1343
 #: stock/models.py:241 stock/models.py:805
 msgid "Quantity must be greater than zero"
 msgstr "Anzahl muss größer Null sein"
@@ -1667,7 +1667,7 @@ msgid "Purchase Order Attachments"
 msgstr "Bestellanhänge"
 
 #: order/templates/order/po_tabs.html:8 order/templates/order/so_tabs.html:16
-#: part/templates/part/tabs.html:64 stock/templates/stock/tabs.html:32
+#: part/templates/part/tabs.html:67 stock/templates/stock/tabs.html:32
 msgid "Attachments"
 msgstr "Anhänge"
 
@@ -1683,7 +1683,7 @@ msgstr "Bestellpositionen"
 
 #: order/templates/order/purchase_order_detail.html:38
 #: order/templates/order/purchase_order_detail.html:118
-#: part/templates/part/category.html:161 part/templates/part/category.html:202
+#: part/templates/part/category.html:171 part/templates/part/category.html:213
 #: templates/js/stock.html:803
 msgid "New Location"
 msgstr "Neuer Standort"
@@ -1725,7 +1725,7 @@ msgid "Select parts to receive against this order"
 msgstr ""
 
 #: order/templates/order/receive_parts.html:21
-#: part/templates/part/part_base.html:135 templates/js/part.html:388
+#: part/templates/part/part_base.html:145 templates/js/part.html:388
 msgid "On Order"
 msgstr "bestellt"
 
@@ -1823,7 +1823,7 @@ msgstr "Bestellungspositionen"
 msgid "Add Purchase Order Attachment"
 msgstr "Bestellanhang hinzufügen"
 
-#: order/views.py:102 order/views.py:149 part/views.py:86 stock/views.py:167
+#: order/views.py:102 order/views.py:149 part/views.py:90 stock/views.py:167
 msgid "Added attachment"
 msgstr "Anhang hinzugefügt"
 
@@ -1963,12 +1963,12 @@ msgstr "Zuordnung bearbeiten"
 msgid "Remove allocation"
 msgstr "Zuordnung entfernen"
 
-#: part/bom.py:138 part/templates/part/category.html:55
+#: part/bom.py:138 part/templates/part/category.html:61
 #: part/templates/part/detail.html:87
 msgid "Default Location"
 msgstr "Standard-Lagerort"
 
-#: part/bom.py:139 part/templates/part/part_base.html:108
+#: part/bom.py:139 part/templates/part/part_base.html:118
 msgid "Available Stock"
 msgstr "Verfügbarer Lagerbestand"
 
@@ -2100,7 +2100,7 @@ msgid "Part Category"
 msgstr "Teilkategorie"
 
 #: part/models.py:76 part/templates/part/category.html:18
-#: part/templates/part/category.html:83 templates/stats.html:12
+#: part/templates/part/category.html:89 templates/stats.html:12
 msgid "Part Categories"
 msgstr "Teile-Kategorien"
 
@@ -2339,7 +2339,7 @@ msgstr "Notizen zum Stücklisten-Objekt"
 msgid "BOM line checksum"
 msgstr "Prüfsumme der Stückliste"
 
-#: part/models.py:1612 part/views.py:1310 part/views.py:1362
+#: part/models.py:1612 part/views.py:1349 part/views.py:1401
 #: stock/models.py:231
 #, fuzzy
 #| msgid "Overage must be an integer value or a percentage"
@@ -2402,25 +2402,25 @@ msgstr "Neue Stücklistenposition"
 msgid "Finish Editing"
 msgstr "Bearbeitung beenden"
 
-#: part/templates/part/bom.html:42
+#: part/templates/part/bom.html:43
 msgid "Edit BOM"
 msgstr "Stückliste bearbeiten"
 
-#: part/templates/part/bom.html:44
+#: part/templates/part/bom.html:45
 msgid "Validate Bill of Materials"
 msgstr "Stückliste validieren"
 
-#: part/templates/part/bom.html:46 part/views.py:1597
+#: part/templates/part/bom.html:48 part/views.py:1640
 msgid "Export Bill of Materials"
 msgstr "Stückliste exportieren"
 
-#: part/templates/part/bom.html:101
+#: part/templates/part/bom.html:103
 #, fuzzy
 #| msgid "Remove selected BOM items"
 msgid "Delete selected BOM items?"
 msgstr "Ausgewählte Stücklistenpositionen entfernen"
 
-#: part/templates/part/bom.html:102
+#: part/templates/part/bom.html:104
 #, fuzzy
 #| msgid "Remove selected BOM items"
 msgid "All selected BOM items will be deleted"
@@ -2510,101 +2510,113 @@ msgstr "Neues Bild hochladen"
 msgid "Each part must already exist in the database"
 msgstr ""
 
+#: part/templates/part/build.html:8
+#, fuzzy
+#| msgid "Parent Build"
+msgid "Part Builds"
+msgstr "Eltern-Bau"
+
+#: part/templates/part/build.html:14
+#, fuzzy
+#| msgid "Start new Build"
+msgid "Start New Build"
+msgstr "Neuen Bau beginnen"
+
 #: part/templates/part/category.html:19
 msgid "All parts"
 msgstr "Alle Teile"
 
-#: part/templates/part/category.html:23 part/views.py:1976
+#: part/templates/part/category.html:24 part/views.py:2043
 msgid "Create new part category"
 msgstr "Teilkategorie anlegen"
 
-#: part/templates/part/category.html:27
+#: part/templates/part/category.html:30
 #, fuzzy
 #| msgid "Edit Part Category"
 msgid "Edit part category"
 msgstr "Teilkategorie bearbeiten"
 
-#: part/templates/part/category.html:30
+#: part/templates/part/category.html:35
 #, fuzzy
 #| msgid "Select part category"
 msgid "Delete part category"
 msgstr "Teilekategorie wählen"
 
-#: part/templates/part/category.html:39 part/templates/part/category.html:78
+#: part/templates/part/category.html:45 part/templates/part/category.html:84
 msgid "Category Details"
 msgstr "Kategorie-Details"
 
-#: part/templates/part/category.html:44
+#: part/templates/part/category.html:50
 msgid "Category Path"
 msgstr "Pfad zur Kategorie"
 
-#: part/templates/part/category.html:49
+#: part/templates/part/category.html:55
 msgid "Category Description"
 msgstr "Kategorie-Beschreibung"
 
-#: part/templates/part/category.html:62 part/templates/part/detail.html:64
+#: part/templates/part/category.html:68 part/templates/part/detail.html:64
 msgid "Keywords"
 msgstr "Schlüsselwörter"
 
-#: part/templates/part/category.html:68
+#: part/templates/part/category.html:74
 msgid "Subcategories"
 msgstr "Unter-Kategorien"
 
-#: part/templates/part/category.html:73
+#: part/templates/part/category.html:79
 msgid "Parts (Including subcategories)"
 msgstr "Teile (inklusive Unter-Kategorien)"
 
-#: part/templates/part/category.html:106
+#: part/templates/part/category.html:112
 msgid "Export Part Data"
 msgstr ""
 
-#: part/templates/part/category.html:107 part/views.py:491
+#: part/templates/part/category.html:114 part/views.py:511
 msgid "Create new part"
 msgstr "Neues Teil anlegen"
 
-#: part/templates/part/category.html:111
+#: part/templates/part/category.html:120
 #, fuzzy
 #| msgid "Part category"
 msgid "Set category"
 msgstr "Teile-Kategorie"
 
-#: part/templates/part/category.html:111
+#: part/templates/part/category.html:120
 #, fuzzy
 #| msgid "Set Part Category"
 msgid "Set Category"
 msgstr "Teilkategorie auswählen"
 
-#: part/templates/part/category.html:113
+#: part/templates/part/category.html:123
 #, fuzzy
 #| msgid "Export"
 msgid "Export Data"
 msgstr "Exportieren"
 
-#: part/templates/part/category.html:162
+#: part/templates/part/category.html:172
 #, fuzzy
 #| msgid "Create New Location"
 msgid "Create new location"
 msgstr "Neuen Standort anlegen"
 
-#: part/templates/part/category.html:167 part/templates/part/category.html:196
+#: part/templates/part/category.html:177 part/templates/part/category.html:207
 #, fuzzy
 #| msgid "Category"
 msgid "New Category"
 msgstr "Kategorie"
 
-#: part/templates/part/category.html:168
+#: part/templates/part/category.html:178
 #, fuzzy
 #| msgid "Create new part category"
 msgid "Create new category"
 msgstr "Teilkategorie anlegen"
 
-#: part/templates/part/category.html:197
+#: part/templates/part/category.html:208
 #, fuzzy
 #| msgid "Create new part category"
 msgid "Create new Part Category"
 msgstr "Teilkategorie anlegen"
 
-#: part/templates/part/category.html:203 stock/views.py:1314
+#: part/templates/part/category.html:214 stock/views.py:1314
 msgid "Create new Stock Location"
 msgstr "Neuen Lager-Standort erstellen"
 
@@ -2618,7 +2630,7 @@ msgstr "Parameter Wert"
 msgid "Part Details"
 msgstr "Teile-Details"
 
-#: part/templates/part/detail.html:25 part/templates/part/part_base.html:85
+#: part/templates/part/detail.html:25 part/templates/part/part_base.html:95
 #: templates/js/part.html:112
 msgid "IPN"
 msgstr "IPN (Interne Produktnummer)"
@@ -2652,7 +2664,7 @@ msgstr "Kategorie"
 msgid "Default Supplier"
 msgstr "Standard-Zulieferer"
 
-#: part/templates/part/detail.html:102 part/templates/part/params.html:22
+#: part/templates/part/detail.html:102 part/templates/part/params.html:24
 msgid "Units"
 msgstr "Einheiten"
 
@@ -2785,24 +2797,25 @@ msgstr "Teil bestellen"
 msgid "Part Parameters"
 msgstr "Teilparameter"
 
-#: part/templates/part/params.html:13
+#: part/templates/part/params.html:14
 msgid "Add new parameter"
 msgstr "Parameter hinzufügen"
 
-#: part/templates/part/params.html:13 templates/InvenTree/settings/part.html:12
+#: part/templates/part/params.html:14 templates/InvenTree/settings/part.html:12
 msgid "New Parameter"
 msgstr "Neuer Parameter"
 
-#: part/templates/part/params.html:21 stock/models.py:1391
+#: part/templates/part/params.html:23 stock/models.py:1391
 #: templates/js/stock.html:112
 msgid "Value"
 msgstr "Wert"
 
-#: part/templates/part/params.html:33
+#: part/templates/part/params.html:36
 msgid "Edit"
 msgstr "Bearbeiten"
 
-#: part/templates/part/params.html:34 part/templates/part/supplier.html:17
+#: part/templates/part/params.html:39 part/templates/part/supplier.html:17
+#: users/models.py:141
 msgid "Delete"
 msgstr "Löschen"
 
@@ -2859,47 +2872,53 @@ msgstr ""
 msgid "Show pricing information"
 msgstr "Kosteninformationen ansehen"
 
-#: part/templates/part/part_base.html:70
+#: part/templates/part/part_base.html:60
+#, fuzzy
+#| msgid "Count stock"
+msgid "Count part stock"
+msgstr "Bestand zählen"
+
+#: part/templates/part/part_base.html:75
 #, fuzzy
 #| msgid "Source Location"
 msgid "Part actions"
 msgstr "Quell-Standort"
 
-#: part/templates/part/part_base.html:72
+#: part/templates/part/part_base.html:78
 #, fuzzy
 #| msgid "Duplicate Part"
 msgid "Duplicate part"
 msgstr "Teil duplizieren"
 
-#: part/templates/part/part_base.html:73
+#: part/templates/part/part_base.html:81
 #, fuzzy
 #| msgid "Edit Template"
 msgid "Edit part"
 msgstr "Vorlage bearbeiten"
 
-#: part/templates/part/part_base.html:75
+#: part/templates/part/part_base.html:84
 #, fuzzy
 #| msgid "Delete Parts"
 msgid "Delete part"
 msgstr "Teile löschen"
 
-#: part/templates/part/part_base.html:114 templates/js/table_filters.html:65
+#: part/templates/part/part_base.html:124 templates/js/table_filters.html:65
 msgid "In Stock"
 msgstr "Auf Lager"
 
-#: part/templates/part/part_base.html:121
+#: part/templates/part/part_base.html:131
 msgid "Allocated to Build Orders"
 msgstr "Zu Bauaufträgen zugeordnet"
 
-#: part/templates/part/part_base.html:128
+#: part/templates/part/part_base.html:138
 msgid "Allocated to Sales Orders"
 msgstr "Zu Aufträgen zugeordnet"
 
-#: part/templates/part/part_base.html:150
+#: part/templates/part/part_base.html:160
 msgid "Can Build"
 msgstr "Herstellbar?"
 
-#: part/templates/part/part_base.html:156
+#: part/templates/part/part_base.html:166
 msgid "Underway"
 msgstr "unterwegs"
 
@@ -2923,7 +2942,7 @@ msgstr "Aus vorhandenen Bildern auswählen"
 msgid "Upload new image"
 msgstr "Neues Bild hochladen"
 
-#: part/templates/part/sale_prices.html:9 part/templates/part/tabs.html:50
+#: part/templates/part/sale_prices.html:9 part/templates/part/tabs.html:53
 #, fuzzy
 #| msgid "Price"
 msgid "Sale Price"
@@ -2994,11 +3013,11 @@ msgstr "Varianten"
 msgid "BOM"
 msgstr "Stückliste"
 
-#: part/templates/part/tabs.html:34
+#: part/templates/part/tabs.html:37
 msgid "Used In"
 msgstr "Benutzt in"
 
-#: part/templates/part/tabs.html:58 stock/templates/stock/item_base.html:282
+#: part/templates/part/tabs.html:61 stock/templates/stock/item_base.html:282
 msgid "Tests"
 msgstr ""
 
@@ -3032,184 +3051,184 @@ msgstr "Neues Teil hinzufügen"
 msgid "New Variant"
 msgstr "Varianten"
 
-#: part/views.py:76
+#: part/views.py:78
 msgid "Add part attachment"
 msgstr "Teilanhang hinzufügen"
 
-#: part/views.py:125 templates/attachment_table.html:30
+#: part/views.py:129 templates/attachment_table.html:30
 msgid "Edit attachment"
 msgstr "Anhang bearbeiten"
 
-#: part/views.py:129
+#: part/views.py:135
 msgid "Part attachment updated"
 msgstr "Teilanhang aktualisiert"
 
-#: part/views.py:144
+#: part/views.py:150
 msgid "Delete Part Attachment"
 msgstr "Teilanhang löschen"
 
-#: part/views.py:150
+#: part/views.py:158
 msgid "Deleted part attachment"
 msgstr "Teilanhang gelöscht"
 
-#: part/views.py:159
+#: part/views.py:167
 #, fuzzy
 #| msgid "Create Part Parameter Template"
 msgid "Create Test Template"
 msgstr "Teilparametervorlage anlegen"
 
-#: part/views.py:186
+#: part/views.py:196
 #, fuzzy
 #| msgid "Edit Template"
 msgid "Edit Test Template"
 msgstr "Vorlage bearbeiten"
 
-#: part/views.py:200
+#: part/views.py:212
 #, fuzzy
 #| msgid "Delete Template"
 msgid "Delete Test Template"
 msgstr "Vorlage löschen"
 
-#: part/views.py:207
+#: part/views.py:221
 msgid "Set Part Category"
 msgstr "Teilkategorie auswählen"
 
-#: part/views.py:255
+#: part/views.py:271
 #, python-brace-format
 msgid "Set category for {n} parts"
 msgstr "Kategorie für {n} Teile setzen"
 
-#: part/views.py:290
+#: part/views.py:306
 msgid "Create Variant"
 msgstr "Variante anlegen"
 
-#: part/views.py:368
+#: part/views.py:386
 msgid "Duplicate Part"
 msgstr "Teil duplizieren"
 
-#: part/views.py:373
+#: part/views.py:393
 msgid "Copied part"
 msgstr "Teil kopiert"
 
-#: part/views.py:496
+#: part/views.py:518
 msgid "Created new part"
 msgstr "Neues Teil angelegt"
 
-#: part/views.py:707
+#: part/views.py:733
 msgid "Part QR Code"
 msgstr "Teil-QR-Code"
 
-#: part/views.py:724
+#: part/views.py:752
 msgid "Upload Part Image"
 msgstr "Teilbild hochladen"
 
-#: part/views.py:729 part/views.py:764
+#: part/views.py:760 part/views.py:797
 msgid "Updated part image"
 msgstr "Teilbild aktualisiert"
 
-#: part/views.py:738
+#: part/views.py:769
 msgid "Select Part Image"
 msgstr "Teilbild auswählen"
 
-#: part/views.py:767
+#: part/views.py:800
 msgid "Part image not found"
 msgstr "Teilbild nicht gefunden"
 
-#: part/views.py:778
+#: part/views.py:811
 msgid "Edit Part Properties"
 msgstr "Teileigenschaften bearbeiten"
 
-#: part/views.py:800
+#: part/views.py:835
 msgid "Validate BOM"
 msgstr "BOM validieren"
 
-#: part/views.py:963
+#: part/views.py:1002
 msgid "No BOM file provided"
 msgstr "Keine Stückliste angegeben"
 
-#: part/views.py:1313
+#: part/views.py:1352
 msgid "Enter a valid quantity"
 msgstr "Bitte eine gültige Anzahl eingeben"
 
-#: part/views.py:1338 part/views.py:1341
+#: part/views.py:1377 part/views.py:1380
 msgid "Select valid part"
 msgstr "Bitte ein gültiges Teil auswählen"
 
-#: part/views.py:1347
+#: part/views.py:1386
 msgid "Duplicate part selected"
 msgstr "Teil doppelt ausgewählt"
 
-#: part/views.py:1385
+#: part/views.py:1424
 msgid "Select a part"
 msgstr "Teil auswählen"
 
-#: part/views.py:1391
+#: part/views.py:1430
 #, fuzzy
 #| msgid "Select part to be used in BOM"
 msgid "Selected part creates a circular BOM"
 msgstr "Teil für die Nutzung in der Stückliste auswählen"
 
-#: part/views.py:1395
+#: part/views.py:1434
 msgid "Specify quantity"
 msgstr "Anzahl angeben"
 
-#: part/views.py:1645
+#: part/views.py:1690
 msgid "Confirm Part Deletion"
 msgstr "Löschen des Teils bestätigen"
 
-#: part/views.py:1652
+#: part/views.py:1699
 msgid "Part was deleted"
 msgstr "Teil wurde gelöscht"
 
-#: part/views.py:1661
+#: part/views.py:1708
 msgid "Part Pricing"
 msgstr "Teilbepreisung"
 
-#: part/views.py:1783
+#: part/views.py:1834
 msgid "Create Part Parameter Template"
 msgstr "Teilparametervorlage anlegen"
 
-#: part/views.py:1791
+#: part/views.py:1844
 msgid "Edit Part Parameter Template"
 msgstr "Teilparametervorlage bearbeiten"
 
-#: part/views.py:1798
+#: part/views.py:1853
 msgid "Delete Part Parameter Template"
 msgstr "Teilparametervorlage löschen"
 
-#: part/views.py:1806
+#: part/views.py:1863
 msgid "Create Part Parameter"
 msgstr "Teilparameter anlegen"
 
-#: part/views.py:1856
+#: part/views.py:1915
 msgid "Edit Part Parameter"
 msgstr "Teilparameter bearbeiten"
 
-#: part/views.py:1870
+#: part/views.py:1931
 msgid "Delete Part Parameter"
 msgstr "Teilparameter löschen"
 
-#: part/views.py:1927
+#: part/views.py:1990
 msgid "Edit Part Category"
 msgstr "Teilkategorie bearbeiten"
 
-#: part/views.py:1962
+#: part/views.py:2027
 msgid "Delete Part Category"
 msgstr "Teilkategorie löschen"
 
-#: part/views.py:1968
+#: part/views.py:2035
 msgid "Part category was deleted"
 msgstr "Teilekategorie wurde gelöscht"
 
-#: part/views.py:2027
+#: part/views.py:2098
 msgid "Create BOM item"
 msgstr "BOM-Position anlegen"
 
-#: part/views.py:2093
+#: part/views.py:2166
 msgid "Edit BOM item"
 msgstr "BOM-Position beaarbeiten"
 
-#: part/views.py:2141
+#: part/views.py:2216
 msgid "Confim BOM item deletion"
 msgstr "Löschung von BOM-Position bestätigen"
 
@@ -3653,15 +3672,15 @@ msgid "Stock adjustment actions"
 msgstr "Bestands-Anpassung bestätigen"
 
 #: stock/templates/stock/item_base.html:98
-#: stock/templates/stock/location.html:38 templates/stock_table.html:15
+#: stock/templates/stock/location.html:38 templates/stock_table.html:19
 msgid "Count stock"
 msgstr "Bestand zählen"
 
-#: stock/templates/stock/item_base.html:99 templates/stock_table.html:13
+#: stock/templates/stock/item_base.html:99 templates/stock_table.html:17
 msgid "Add stock"
 msgstr "Bestand hinzufügen"
 
-#: stock/templates/stock/item_base.html:100 templates/stock_table.html:14
+#: stock/templates/stock/item_base.html:100 templates/stock_table.html:18
 msgid "Remove stock"
 msgstr "Bestand entfernen"
 
@@ -4191,6 +4210,14 @@ msgstr "Lagerbestands-Tracking-Eintrag bearbeiten"
 msgid "Add Stock Tracking Entry"
 msgstr "Lagerbestands-Tracking-Eintrag hinzufügen"
 
+#: templates/403.html:5 templates/403.html:11
+msgid "Permission Denied"
+msgstr ""
+
+#: templates/403.html:14
+msgid "You do not have permission to view this page."
+msgstr ""
+
 #: templates/InvenTree/bom_invalid.html:7
 msgid "BOM Waiting Validation"
 msgstr ""
@@ -4201,6 +4228,10 @@ msgstr ""
 msgid "Pending Builds"
 msgstr "Eltern-Bau"
 
+#: templates/InvenTree/index.html:4
+msgid "Index"
+msgstr ""
+
 #: templates/InvenTree/latest_parts.html:7
 #, fuzzy
 #| msgid "Parent Part"
@@ -4884,39 +4915,39 @@ msgstr "Favorit"
 msgid "Purchasable"
 msgstr "Käuflich"
 
-#: templates/navbar.html:22
+#: templates/navbar.html:29
 msgid "Buy"
 msgstr "Kaufen"
 
-#: templates/navbar.html:30
+#: templates/navbar.html:39
 msgid "Sell"
 msgstr "Verkaufen"
 
-#: templates/navbar.html:40
+#: templates/navbar.html:50
 msgid "Scan Barcode"
 msgstr ""
 
-#: templates/navbar.html:49
+#: templates/navbar.html:59 users/models.py:27
 msgid "Admin"
 msgstr "Admin"
 
-#: templates/navbar.html:52
+#: templates/navbar.html:62
 msgid "Settings"
 msgstr "Einstellungen"
 
-#: templates/navbar.html:53
+#: templates/navbar.html:63
 msgid "Logout"
 msgstr "Ausloggen"
 
-#: templates/navbar.html:55
+#: templates/navbar.html:65
 msgid "Login"
 msgstr "Einloggen"
 
-#: templates/navbar.html:58
+#: templates/navbar.html:68
 msgid "About InvenTree"
 msgstr "Über InvenBaum"
 
-#: templates/navbar.html:59
+#: templates/navbar.html:69
 msgid "Statistics"
 msgstr "Statistiken"
 
@@ -4930,54 +4961,124 @@ msgstr "Suche"
 msgid "Export Stock Information"
 msgstr "Lagerobjekt-Standort bearbeiten"
 
-#: templates/stock_table.html:13
+#: templates/stock_table.html:17
 #, fuzzy
 #| msgid "Added stock to {n} items"
 msgid "Add to selected stock items"
 msgstr "Vorrat zu {n} Lagerobjekten hinzugefügt"
 
-#: templates/stock_table.html:14
+#: templates/stock_table.html:18
 #, fuzzy
 #| msgid "Remove selected BOM items"
 msgid "Remove from selected stock items"
 msgstr "Ausgewählte Stücklistenpositionen entfernen"
 
-#: templates/stock_table.html:15
+#: templates/stock_table.html:19
 #, fuzzy
 #| msgid "Delete Stock Item"
 msgid "Stocktake selected stock items"
 msgstr "Lagerobjekt löschen"
 
-#: templates/stock_table.html:16
+#: templates/stock_table.html:20
 #, fuzzy
 #| msgid "Delete Stock Item"
 msgid "Move selected stock items"
 msgstr "Lagerobjekt löschen"
 
-#: templates/stock_table.html:16
+#: templates/stock_table.html:20
 msgid "Move stock"
 msgstr "Bestand bewegen"
 
-#: templates/stock_table.html:17
+#: templates/stock_table.html:21
 #, fuzzy
 #| msgid "Remove selected BOM items"
 msgid "Order selected items"
 msgstr "Ausgewählte Stücklistenpositionen entfernen"
 
-#: templates/stock_table.html:17
+#: templates/stock_table.html:21
 msgid "Order stock"
 msgstr "Bestand bestellen"
 
-#: templates/stock_table.html:18
+#: templates/stock_table.html:24
 #, fuzzy
 #| msgid "Delete line item"
 msgid "Delete selected items"
 msgstr "Position löschen"
 
-#: templates/stock_table.html:18
+#: templates/stock_table.html:24
 msgid "Delete Stock"
 msgstr "Bestand löschen"
 
+#: users/admin.py:62
+#, fuzzy
+#| msgid "User"
+msgid "Users"
+msgstr "Benutzer"
+
+#: users/admin.py:63
+msgid "Select which users are assigned to this group"
+msgstr ""
+
+#: users/admin.py:124
+#, fuzzy
+#| msgid "External Link"
+msgid "Personal info"
+msgstr "Externer Link"
+
+#: users/admin.py:125
+#, fuzzy
+#| msgid "Revision"
+msgid "Permissions"
+msgstr "Revision"
+
+#: users/admin.py:128
+#, fuzzy
+#| msgid "Import BOM data"
+msgid "Important dates"
+msgstr "Stückliste importieren"
+
+#: users/models.py:124
+msgid "Permission set"
+msgstr ""
+
+#: users/models.py:132
+msgid "Group"
+msgstr ""
+
+#: users/models.py:135
+msgid "View"
+msgstr ""
+
+#: users/models.py:135
+msgid "Permission to view items"
+msgstr ""
+
+#: users/models.py:137
+#, fuzzy
+#| msgid "Created"
+msgid "Create"
+msgstr "Erstellt"
+
+#: users/models.py:137
+msgid "Permission to add items"
+msgstr ""
+
+#: users/models.py:139
+#, fuzzy
+#| msgid "Last Updated"
+msgid "Update"
+msgstr "Zuletzt aktualisiert"
+
+#: users/models.py:139
+msgid "Permissions to edit items"
+msgstr ""
+
+#: users/models.py:141
+#, fuzzy
+#| msgid "Remove selected BOM items"
+msgid "Permission to delete items"
+msgstr "Ausgewählte Stücklistenpositionen entfernen"
+
 #~ msgid "Belongs To"
 #~ msgstr "Gehört zu"
 
diff --git a/InvenTree/locale/en/LC_MESSAGES/django.po b/InvenTree/locale/en/LC_MESSAGES/django.po
index 0b5425db6e..0f38022f92 100644
--- a/InvenTree/locale/en/LC_MESSAGES/django.po
+++ b/InvenTree/locale/en/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-10-04 14:02+0000\n"
+"POT-Creation-Date: 2020-10-05 13:20+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -90,7 +90,7 @@ msgstr ""
 msgid "User"
 msgstr ""
 
-#: InvenTree/models.py:106 part/templates/part/params.html:20
+#: InvenTree/models.py:106 part/templates/part/params.html:22
 #: templates/js/part.html:81
 msgid "Name"
 msgstr ""
@@ -99,19 +99,19 @@ msgstr ""
 msgid "Description (optional)"
 msgstr ""
 
-#: InvenTree/settings.py:342
+#: InvenTree/settings.py:343
 msgid "English"
 msgstr ""
 
-#: InvenTree/settings.py:343
+#: InvenTree/settings.py:344
 msgid "German"
 msgstr ""
 
-#: InvenTree/settings.py:344
+#: InvenTree/settings.py:345
 msgid "French"
 msgstr ""
 
-#: InvenTree/settings.py:345
+#: InvenTree/settings.py:346
 msgid "Polish"
 msgstr ""
 
@@ -325,7 +325,7 @@ msgstr ""
 msgid "Number of parts to build"
 msgstr ""
 
-#: build/models.py:128 part/templates/part/part_base.html:145
+#: build/models.py:128 part/templates/part/part_base.html:155
 msgid "Build Status"
 msgstr ""
 
@@ -344,7 +344,7 @@ msgstr ""
 #: build/models.py:155 build/templates/build/detail.html:55
 #: company/templates/company/supplier_part_base.html:60
 #: company/templates/company/supplier_part_detail.html:24
-#: part/templates/part/detail.html:80 part/templates/part/part_base.html:92
+#: part/templates/part/detail.html:80 part/templates/part/part_base.html:102
 #: stock/models.py:381 stock/templates/stock/item_base.html:244
 msgid "External Link"
 msgstr ""
@@ -356,7 +356,7 @@ msgstr ""
 #: build/models.py:160 build/templates/build/tabs.html:14 company/models.py:310
 #: company/templates/company/tabs.html:33 order/templates/order/po_tabs.html:15
 #: order/templates/order/purchase_order_detail.html:202
-#: order/templates/order/so_tabs.html:23 part/templates/part/tabs.html:67
+#: order/templates/order/so_tabs.html:23 part/templates/part/tabs.html:70
 #: stock/forms.py:306 stock/forms.py:338 stock/forms.py:366 stock/models.py:453
 #: stock/models.py:1404 stock/templates/stock/tabs.html:26
 #: templates/js/barcode.html:391 templates/js/bom.html:223
@@ -404,7 +404,7 @@ msgstr ""
 
 #: build/templates/build/allocate.html:17
 #: company/templates/company/detail_part.html:18 order/views.py:779
-#: part/templates/part/category.html:112
+#: part/templates/part/category.html:122
 msgid "Order Parts"
 msgstr ""
 
@@ -420,7 +420,7 @@ msgstr ""
 msgid "Unallocate"
 msgstr ""
 
-#: build/templates/build/allocate.html:87 templates/stock_table.html:9
+#: build/templates/build/allocate.html:87 templates/stock_table.html:10
 msgid "New Stock Item"
 msgstr ""
 
@@ -548,7 +548,7 @@ msgstr ""
 #: build/templates/build/build_base.html:34
 #: build/templates/build/complete.html:6
 #: stock/templates/stock/item_base.html:223 templates/js/build.html:39
-#: templates/navbar.html:20
+#: templates/navbar.html:25
 msgid "Build"
 msgstr ""
 
@@ -687,7 +687,7 @@ msgstr ""
 
 #: build/templates/build/index.html:6 build/templates/build/index.html:14
 #: order/templates/order/so_builds.html:11 order/templates/order/so_tabs.html:9
-#: part/templates/part/tabs.html:30
+#: part/templates/part/tabs.html:31 users/models.py:30
 msgid "Build Orders"
 msgstr ""
 
@@ -709,7 +709,7 @@ msgstr ""
 #: build/templates/build/notes.html:33 company/templates/company/notes.html:30
 #: order/templates/order/order_notes.html:32
 #: order/templates/order/sales_order_notes.html:37
-#: part/templates/part/notes.html:32 stock/templates/stock/item_notes.html:33
+#: part/templates/part/notes.html:33 stock/templates/stock/item_notes.html:33
 msgid "Edit notes"
 msgstr ""
 
@@ -1044,13 +1044,13 @@ msgid "New Supplier Part"
 msgstr ""
 
 #: company/templates/company/detail_part.html:15
-#: part/templates/part/category.html:109 part/templates/part/supplier.html:15
-#: templates/stock_table.html:11
+#: part/templates/part/category.html:117 part/templates/part/supplier.html:15
+#: templates/stock_table.html:14
 msgid "Options"
 msgstr ""
 
 #: company/templates/company/detail_part.html:18
-#: part/templates/part/category.html:112
+#: part/templates/part/category.html:122
 msgid "Order parts"
 msgstr ""
 
@@ -1063,7 +1063,7 @@ msgid "Delete Parts"
 msgstr ""
 
 #: company/templates/company/detail_part.html:43
-#: part/templates/part/category.html:107 templates/js/stock.html:791
+#: part/templates/part/category.html:114 templates/js/stock.html:791
 msgid "New Part"
 msgstr ""
 
@@ -1095,7 +1095,7 @@ msgstr ""
 
 #: company/templates/company/detail_stock.html:35
 #: company/templates/company/supplier_part_stock.html:33
-#: part/templates/part/category.html:106 part/templates/part/category.html:113
+#: part/templates/part/category.html:112 part/templates/part/category.html:123
 #: part/templates/part/stock.html:51 templates/stock_table.html:6
 msgid "Export"
 msgstr ""
@@ -1117,8 +1117,8 @@ msgstr ""
 #: company/templates/company/tabs.html:17
 #: order/templates/order/purchase_orders.html:7
 #: order/templates/order/purchase_orders.html:12
-#: part/templates/part/orders.html:9 part/templates/part/tabs.html:45
-#: templates/navbar.html:26
+#: part/templates/part/orders.html:9 part/templates/part/tabs.html:48
+#: templates/navbar.html:33 users/models.py:31
 msgid "Purchase Orders"
 msgstr ""
 
@@ -1136,8 +1136,8 @@ msgstr ""
 #: company/templates/company/tabs.html:22
 #: order/templates/order/sales_orders.html:7
 #: order/templates/order/sales_orders.html:12
-#: part/templates/part/sales_orders.html:9 part/templates/part/tabs.html:53
-#: templates/navbar.html:33
+#: part/templates/part/sales_orders.html:9 part/templates/part/tabs.html:56
+#: templates/navbar.html:42 users/models.py:32
 msgid "Sales Orders"
 msgstr ""
 
@@ -1158,7 +1158,7 @@ msgid "Supplier Part"
 msgstr ""
 
 #: company/templates/company/supplier_part_base.html:23
-#: part/templates/part/orders.html:14
+#: part/templates/part/orders.html:14 part/templates/part/part_base.html:66
 msgid "Order part"
 msgstr ""
 
@@ -1205,7 +1205,7 @@ msgid "Pricing Information"
 msgstr ""
 
 #: company/templates/company/supplier_part_pricing.html:15 company/views.py:399
-#: part/templates/part/sale_prices.html:13 part/views.py:2149
+#: part/templates/part/sale_prices.html:13 part/views.py:2226
 msgid "Add Price Break"
 msgstr ""
 
@@ -1241,7 +1241,7 @@ msgstr ""
 #: company/templates/company/tabs.html:12 part/templates/part/tabs.html:18
 #: stock/templates/stock/location.html:17 templates/InvenTree/search.html:155
 #: templates/js/part.html:124 templates/js/part.html:372
-#: templates/js/stock.html:452 templates/navbar.html:19
+#: templates/js/stock.html:452 templates/navbar.html:22 users/models.py:29
 msgid "Stock"
 msgstr ""
 
@@ -1251,22 +1251,22 @@ msgstr ""
 
 #: company/templates/company/tabs.html:9
 #: order/templates/order/receive_parts.html:14 part/models.py:294
-#: part/templates/part/cat_link.html:7 part/templates/part/category.html:88
-#: part/templates/part/category_tabs.html:6 templates/navbar.html:18
-#: templates/stats.html:8 templates/stats.html:17
+#: part/templates/part/cat_link.html:7 part/templates/part/category.html:94
+#: part/templates/part/category_tabs.html:6 templates/navbar.html:19
+#: templates/stats.html:8 templates/stats.html:17 users/models.py:28
 msgid "Parts"
 msgstr ""
 
-#: company/views.py:50 part/templates/part/tabs.html:39
-#: templates/navbar.html:24
+#: company/views.py:50 part/templates/part/tabs.html:42
+#: templates/navbar.html:31
 msgid "Suppliers"
 msgstr ""
 
-#: company/views.py:57 templates/navbar.html:25
+#: company/views.py:57 templates/navbar.html:32
 msgid "Manufacturers"
 msgstr ""
 
-#: company/views.py:64 templates/navbar.html:32
+#: company/views.py:64 templates/navbar.html:41
 msgid "Customers"
 msgstr ""
 
@@ -1330,15 +1330,15 @@ msgstr ""
 msgid "Delete Supplier Part"
 msgstr ""
 
-#: company/views.py:404 part/views.py:2153
+#: company/views.py:404 part/views.py:2232
 msgid "Added new price break"
 msgstr ""
 
-#: company/views.py:441 part/views.py:2198
+#: company/views.py:441 part/views.py:2277
 msgid "Edit Price Break"
 msgstr ""
 
-#: company/views.py:456 part/views.py:2212
+#: company/views.py:456 part/views.py:2293
 msgid "Delete Price Break"
 msgstr ""
 
@@ -1431,7 +1431,7 @@ msgstr ""
 msgid "Date order was completed"
 msgstr ""
 
-#: order/models.py:185 order/models.py:259 part/views.py:1304
+#: order/models.py:185 order/models.py:259 part/views.py:1343
 #: stock/models.py:241 stock/models.py:805
 msgid "Quantity must be greater than zero"
 msgstr ""
@@ -1600,7 +1600,7 @@ msgid "Purchase Order Attachments"
 msgstr ""
 
 #: order/templates/order/po_tabs.html:8 order/templates/order/so_tabs.html:16
-#: part/templates/part/tabs.html:64 stock/templates/stock/tabs.html:32
+#: part/templates/part/tabs.html:67 stock/templates/stock/tabs.html:32
 msgid "Attachments"
 msgstr ""
 
@@ -1616,7 +1616,7 @@ msgstr ""
 
 #: order/templates/order/purchase_order_detail.html:38
 #: order/templates/order/purchase_order_detail.html:118
-#: part/templates/part/category.html:161 part/templates/part/category.html:202
+#: part/templates/part/category.html:171 part/templates/part/category.html:213
 #: templates/js/stock.html:803
 msgid "New Location"
 msgstr ""
@@ -1658,7 +1658,7 @@ msgid "Select parts to receive against this order"
 msgstr ""
 
 #: order/templates/order/receive_parts.html:21
-#: part/templates/part/part_base.html:135 templates/js/part.html:388
+#: part/templates/part/part_base.html:145 templates/js/part.html:388
 msgid "On Order"
 msgstr ""
 
@@ -1750,7 +1750,7 @@ msgstr ""
 msgid "Add Purchase Order Attachment"
 msgstr ""
 
-#: order/views.py:102 order/views.py:149 part/views.py:86 stock/views.py:167
+#: order/views.py:102 order/views.py:149 part/views.py:90 stock/views.py:167
 msgid "Added attachment"
 msgstr ""
 
@@ -1890,12 +1890,12 @@ msgstr ""
 msgid "Remove allocation"
 msgstr ""
 
-#: part/bom.py:138 part/templates/part/category.html:55
+#: part/bom.py:138 part/templates/part/category.html:61
 #: part/templates/part/detail.html:87
 msgid "Default Location"
 msgstr ""
 
-#: part/bom.py:139 part/templates/part/part_base.html:108
+#: part/bom.py:139 part/templates/part/part_base.html:118
 msgid "Available Stock"
 msgstr ""
 
@@ -2013,7 +2013,7 @@ msgid "Part Category"
 msgstr ""
 
 #: part/models.py:76 part/templates/part/category.html:18
-#: part/templates/part/category.html:83 templates/stats.html:12
+#: part/templates/part/category.html:89 templates/stats.html:12
 msgid "Part Categories"
 msgstr ""
 
@@ -2226,7 +2226,7 @@ msgstr ""
 msgid "BOM line checksum"
 msgstr ""
 
-#: part/models.py:1612 part/views.py:1310 part/views.py:1362
+#: part/models.py:1612 part/views.py:1349 part/views.py:1401
 #: stock/models.py:231
 msgid "Quantity must be integer value for trackable parts"
 msgstr ""
@@ -2285,23 +2285,23 @@ msgstr ""
 msgid "Finish Editing"
 msgstr ""
 
-#: part/templates/part/bom.html:42
+#: part/templates/part/bom.html:43
 msgid "Edit BOM"
 msgstr ""
 
-#: part/templates/part/bom.html:44
+#: part/templates/part/bom.html:45
 msgid "Validate Bill of Materials"
 msgstr ""
 
-#: part/templates/part/bom.html:46 part/views.py:1597
+#: part/templates/part/bom.html:48 part/views.py:1640
 msgid "Export Bill of Materials"
 msgstr ""
 
-#: part/templates/part/bom.html:101
+#: part/templates/part/bom.html:103
 msgid "Delete selected BOM items?"
 msgstr ""
 
-#: part/templates/part/bom.html:102
+#: part/templates/part/bom.html:104
 msgid "All selected BOM items will be deleted"
 msgstr ""
 
@@ -2373,83 +2373,91 @@ msgstr ""
 msgid "Each part must already exist in the database"
 msgstr ""
 
+#: part/templates/part/build.html:8
+msgid "Part Builds"
+msgstr ""
+
+#: part/templates/part/build.html:14
+msgid "Start New Build"
+msgstr ""
+
 #: part/templates/part/category.html:19
 msgid "All parts"
 msgstr ""
 
-#: part/templates/part/category.html:23 part/views.py:1976
+#: part/templates/part/category.html:24 part/views.py:2043
 msgid "Create new part category"
 msgstr ""
 
-#: part/templates/part/category.html:27
+#: part/templates/part/category.html:30
 msgid "Edit part category"
 msgstr ""
 
-#: part/templates/part/category.html:30
+#: part/templates/part/category.html:35
 msgid "Delete part category"
 msgstr ""
 
-#: part/templates/part/category.html:39 part/templates/part/category.html:78
+#: part/templates/part/category.html:45 part/templates/part/category.html:84
 msgid "Category Details"
 msgstr ""
 
-#: part/templates/part/category.html:44
+#: part/templates/part/category.html:50
 msgid "Category Path"
 msgstr ""
 
-#: part/templates/part/category.html:49
+#: part/templates/part/category.html:55
 msgid "Category Description"
 msgstr ""
 
-#: part/templates/part/category.html:62 part/templates/part/detail.html:64
+#: part/templates/part/category.html:68 part/templates/part/detail.html:64
 msgid "Keywords"
 msgstr ""
 
-#: part/templates/part/category.html:68
+#: part/templates/part/category.html:74
 msgid "Subcategories"
 msgstr ""
 
-#: part/templates/part/category.html:73
+#: part/templates/part/category.html:79
 msgid "Parts (Including subcategories)"
 msgstr ""
 
-#: part/templates/part/category.html:106
+#: part/templates/part/category.html:112
 msgid "Export Part Data"
 msgstr ""
 
-#: part/templates/part/category.html:107 part/views.py:491
+#: part/templates/part/category.html:114 part/views.py:511
 msgid "Create new part"
 msgstr ""
 
-#: part/templates/part/category.html:111
+#: part/templates/part/category.html:120
 msgid "Set category"
 msgstr ""
 
-#: part/templates/part/category.html:111
+#: part/templates/part/category.html:120
 msgid "Set Category"
 msgstr ""
 
-#: part/templates/part/category.html:113
+#: part/templates/part/category.html:123
 msgid "Export Data"
 msgstr ""
 
-#: part/templates/part/category.html:162
+#: part/templates/part/category.html:172
 msgid "Create new location"
 msgstr ""
 
-#: part/templates/part/category.html:167 part/templates/part/category.html:196
+#: part/templates/part/category.html:177 part/templates/part/category.html:207
 msgid "New Category"
 msgstr ""
 
-#: part/templates/part/category.html:168
+#: part/templates/part/category.html:178
 msgid "Create new category"
 msgstr ""
 
-#: part/templates/part/category.html:197
+#: part/templates/part/category.html:208
 msgid "Create new Part Category"
 msgstr ""
 
-#: part/templates/part/category.html:203 stock/views.py:1314
+#: part/templates/part/category.html:214 stock/views.py:1314
 msgid "Create new Stock Location"
 msgstr ""
 
@@ -2461,7 +2469,7 @@ msgstr ""
 msgid "Part Details"
 msgstr ""
 
-#: part/templates/part/detail.html:25 part/templates/part/part_base.html:85
+#: part/templates/part/detail.html:25 part/templates/part/part_base.html:95
 #: templates/js/part.html:112
 msgid "IPN"
 msgstr ""
@@ -2491,7 +2499,7 @@ msgstr ""
 msgid "Default Supplier"
 msgstr ""
 
-#: part/templates/part/detail.html:102 part/templates/part/params.html:22
+#: part/templates/part/detail.html:102 part/templates/part/params.html:24
 msgid "Units"
 msgstr ""
 
@@ -2616,24 +2624,25 @@ msgstr ""
 msgid "Part Parameters"
 msgstr ""
 
-#: part/templates/part/params.html:13
+#: part/templates/part/params.html:14
 msgid "Add new parameter"
 msgstr ""
 
-#: part/templates/part/params.html:13 templates/InvenTree/settings/part.html:12
+#: part/templates/part/params.html:14 templates/InvenTree/settings/part.html:12
 msgid "New Parameter"
 msgstr ""
 
-#: part/templates/part/params.html:21 stock/models.py:1391
+#: part/templates/part/params.html:23 stock/models.py:1391
 #: templates/js/stock.html:112
 msgid "Value"
 msgstr ""
 
-#: part/templates/part/params.html:33
+#: part/templates/part/params.html:36
 msgid "Edit"
 msgstr ""
 
-#: part/templates/part/params.html:34 part/templates/part/supplier.html:17
+#: part/templates/part/params.html:39 part/templates/part/supplier.html:17
+#: users/models.py:141
 msgid "Delete"
 msgstr ""
 
@@ -2684,39 +2693,43 @@ msgstr ""
 msgid "Show pricing information"
 msgstr ""
 
-#: part/templates/part/part_base.html:70
-msgid "Part actions"
-msgstr ""
-
-#: part/templates/part/part_base.html:72
-msgid "Duplicate part"
-msgstr ""
-
-#: part/templates/part/part_base.html:73
-msgid "Edit part"
+#: part/templates/part/part_base.html:60
+msgid "Count part stock"
 msgstr ""
 
 #: part/templates/part/part_base.html:75
+msgid "Part actions"
+msgstr ""
+
+#: part/templates/part/part_base.html:78
+msgid "Duplicate part"
+msgstr ""
+
+#: part/templates/part/part_base.html:81
+msgid "Edit part"
+msgstr ""
+
+#: part/templates/part/part_base.html:84
 msgid "Delete part"
 msgstr ""
 
-#: part/templates/part/part_base.html:114 templates/js/table_filters.html:65
+#: part/templates/part/part_base.html:124 templates/js/table_filters.html:65
 msgid "In Stock"
 msgstr ""
 
-#: part/templates/part/part_base.html:121
+#: part/templates/part/part_base.html:131
 msgid "Allocated to Build Orders"
 msgstr ""
 
-#: part/templates/part/part_base.html:128
+#: part/templates/part/part_base.html:138
 msgid "Allocated to Sales Orders"
 msgstr ""
 
-#: part/templates/part/part_base.html:150
+#: part/templates/part/part_base.html:160
 msgid "Can Build"
 msgstr ""
 
-#: part/templates/part/part_base.html:156
+#: part/templates/part/part_base.html:166
 msgid "Underway"
 msgstr ""
 
@@ -2736,7 +2749,7 @@ msgstr ""
 msgid "Upload new image"
 msgstr ""
 
-#: part/templates/part/sale_prices.html:9 part/templates/part/tabs.html:50
+#: part/templates/part/sale_prices.html:9 part/templates/part/tabs.html:53
 msgid "Sale Price"
 msgstr ""
 
@@ -2797,11 +2810,11 @@ msgstr ""
 msgid "BOM"
 msgstr ""
 
-#: part/templates/part/tabs.html:34
+#: part/templates/part/tabs.html:37
 msgid "Used In"
 msgstr ""
 
-#: part/templates/part/tabs.html:58 stock/templates/stock/item_base.html:282
+#: part/templates/part/tabs.html:61 stock/templates/stock/item_base.html:282
 msgid "Tests"
 msgstr ""
 
@@ -2829,176 +2842,176 @@ msgstr ""
 msgid "New Variant"
 msgstr ""
 
-#: part/views.py:76
+#: part/views.py:78
 msgid "Add part attachment"
 msgstr ""
 
-#: part/views.py:125 templates/attachment_table.html:30
+#: part/views.py:129 templates/attachment_table.html:30
 msgid "Edit attachment"
 msgstr ""
 
-#: part/views.py:129
+#: part/views.py:135
 msgid "Part attachment updated"
 msgstr ""
 
-#: part/views.py:144
+#: part/views.py:150
 msgid "Delete Part Attachment"
 msgstr ""
 
-#: part/views.py:150
+#: part/views.py:158
 msgid "Deleted part attachment"
 msgstr ""
 
-#: part/views.py:159
+#: part/views.py:167
 msgid "Create Test Template"
 msgstr ""
 
-#: part/views.py:186
+#: part/views.py:196
 msgid "Edit Test Template"
 msgstr ""
 
-#: part/views.py:200
+#: part/views.py:212
 msgid "Delete Test Template"
 msgstr ""
 
-#: part/views.py:207
+#: part/views.py:221
 msgid "Set Part Category"
 msgstr ""
 
-#: part/views.py:255
+#: part/views.py:271
 #, python-brace-format
 msgid "Set category for {n} parts"
 msgstr ""
 
-#: part/views.py:290
+#: part/views.py:306
 msgid "Create Variant"
 msgstr ""
 
-#: part/views.py:368
+#: part/views.py:386
 msgid "Duplicate Part"
 msgstr ""
 
-#: part/views.py:373
+#: part/views.py:393
 msgid "Copied part"
 msgstr ""
 
-#: part/views.py:496
+#: part/views.py:518
 msgid "Created new part"
 msgstr ""
 
-#: part/views.py:707
+#: part/views.py:733
 msgid "Part QR Code"
 msgstr ""
 
-#: part/views.py:724
+#: part/views.py:752
 msgid "Upload Part Image"
 msgstr ""
 
-#: part/views.py:729 part/views.py:764
+#: part/views.py:760 part/views.py:797
 msgid "Updated part image"
 msgstr ""
 
-#: part/views.py:738
+#: part/views.py:769
 msgid "Select Part Image"
 msgstr ""
 
-#: part/views.py:767
+#: part/views.py:800
 msgid "Part image not found"
 msgstr ""
 
-#: part/views.py:778
+#: part/views.py:811
 msgid "Edit Part Properties"
 msgstr ""
 
-#: part/views.py:800
+#: part/views.py:835
 msgid "Validate BOM"
 msgstr ""
 
-#: part/views.py:963
+#: part/views.py:1002
 msgid "No BOM file provided"
 msgstr ""
 
-#: part/views.py:1313
+#: part/views.py:1352
 msgid "Enter a valid quantity"
 msgstr ""
 
-#: part/views.py:1338 part/views.py:1341
+#: part/views.py:1377 part/views.py:1380
 msgid "Select valid part"
 msgstr ""
 
-#: part/views.py:1347
+#: part/views.py:1386
 msgid "Duplicate part selected"
 msgstr ""
 
-#: part/views.py:1385
+#: part/views.py:1424
 msgid "Select a part"
 msgstr ""
 
-#: part/views.py:1391
+#: part/views.py:1430
 msgid "Selected part creates a circular BOM"
 msgstr ""
 
-#: part/views.py:1395
+#: part/views.py:1434
 msgid "Specify quantity"
 msgstr ""
 
-#: part/views.py:1645
+#: part/views.py:1690
 msgid "Confirm Part Deletion"
 msgstr ""
 
-#: part/views.py:1652
+#: part/views.py:1699
 msgid "Part was deleted"
 msgstr ""
 
-#: part/views.py:1661
+#: part/views.py:1708
 msgid "Part Pricing"
 msgstr ""
 
-#: part/views.py:1783
+#: part/views.py:1834
 msgid "Create Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1791
+#: part/views.py:1844
 msgid "Edit Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1798
+#: part/views.py:1853
 msgid "Delete Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1806
+#: part/views.py:1863
 msgid "Create Part Parameter"
 msgstr ""
 
-#: part/views.py:1856
+#: part/views.py:1915
 msgid "Edit Part Parameter"
 msgstr ""
 
-#: part/views.py:1870
+#: part/views.py:1931
 msgid "Delete Part Parameter"
 msgstr ""
 
-#: part/views.py:1927
+#: part/views.py:1990
 msgid "Edit Part Category"
 msgstr ""
 
-#: part/views.py:1962
+#: part/views.py:2027
 msgid "Delete Part Category"
 msgstr ""
 
-#: part/views.py:1968
+#: part/views.py:2035
 msgid "Part category was deleted"
 msgstr ""
 
-#: part/views.py:2027
+#: part/views.py:2098
 msgid "Create BOM item"
 msgstr ""
 
-#: part/views.py:2093
+#: part/views.py:2166
 msgid "Edit BOM item"
 msgstr ""
 
-#: part/views.py:2141
+#: part/views.py:2216
 msgid "Confim BOM item deletion"
 msgstr ""
 
@@ -3371,15 +3384,15 @@ msgid "Stock adjustment actions"
 msgstr ""
 
 #: stock/templates/stock/item_base.html:98
-#: stock/templates/stock/location.html:38 templates/stock_table.html:15
+#: stock/templates/stock/location.html:38 templates/stock_table.html:19
 msgid "Count stock"
 msgstr ""
 
-#: stock/templates/stock/item_base.html:99 templates/stock_table.html:13
+#: stock/templates/stock/item_base.html:99 templates/stock_table.html:17
 msgid "Add stock"
 msgstr ""
 
-#: stock/templates/stock/item_base.html:100 templates/stock_table.html:14
+#: stock/templates/stock/item_base.html:100 templates/stock_table.html:18
 msgid "Remove stock"
 msgstr ""
 
@@ -3819,6 +3832,14 @@ msgstr ""
 msgid "Add Stock Tracking Entry"
 msgstr ""
 
+#: templates/403.html:5 templates/403.html:11
+msgid "Permission Denied"
+msgstr ""
+
+#: templates/403.html:14
+msgid "You do not have permission to view this page."
+msgstr ""
+
 #: templates/InvenTree/bom_invalid.html:7
 msgid "BOM Waiting Validation"
 msgstr ""
@@ -3827,6 +3848,10 @@ msgstr ""
 msgid "Pending Builds"
 msgstr ""
 
+#: templates/InvenTree/index.html:4
+msgid "Index"
+msgstr ""
+
 #: templates/InvenTree/latest_parts.html:7
 msgid "Latest Parts"
 msgstr ""
@@ -4392,39 +4417,39 @@ msgstr ""
 msgid "Purchasable"
 msgstr ""
 
-#: templates/navbar.html:22
+#: templates/navbar.html:29
 msgid "Buy"
 msgstr ""
 
-#: templates/navbar.html:30
+#: templates/navbar.html:39
 msgid "Sell"
 msgstr ""
 
-#: templates/navbar.html:40
+#: templates/navbar.html:50
 msgid "Scan Barcode"
 msgstr ""
 
-#: templates/navbar.html:49
+#: templates/navbar.html:59 users/models.py:27
 msgid "Admin"
 msgstr ""
 
-#: templates/navbar.html:52
+#: templates/navbar.html:62
 msgid "Settings"
 msgstr ""
 
-#: templates/navbar.html:53
+#: templates/navbar.html:63
 msgid "Logout"
 msgstr ""
 
-#: templates/navbar.html:55
+#: templates/navbar.html:65
 msgid "Login"
 msgstr ""
 
-#: templates/navbar.html:58
+#: templates/navbar.html:68
 msgid "About InvenTree"
 msgstr ""
 
-#: templates/navbar.html:59
+#: templates/navbar.html:69
 msgid "Statistics"
 msgstr ""
 
@@ -4436,38 +4461,94 @@ msgstr ""
 msgid "Export Stock Information"
 msgstr ""
 
-#: templates/stock_table.html:13
+#: templates/stock_table.html:17
 msgid "Add to selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:14
+#: templates/stock_table.html:18
 msgid "Remove from selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:15
+#: templates/stock_table.html:19
 msgid "Stocktake selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:16
+#: templates/stock_table.html:20
 msgid "Move selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:16
+#: templates/stock_table.html:20
 msgid "Move stock"
 msgstr ""
 
-#: templates/stock_table.html:17
+#: templates/stock_table.html:21
 msgid "Order selected items"
 msgstr ""
 
-#: templates/stock_table.html:17
+#: templates/stock_table.html:21
 msgid "Order stock"
 msgstr ""
 
-#: templates/stock_table.html:18
+#: templates/stock_table.html:24
 msgid "Delete selected items"
 msgstr ""
 
-#: templates/stock_table.html:18
+#: templates/stock_table.html:24
 msgid "Delete Stock"
 msgstr ""
+
+#: users/admin.py:62
+msgid "Users"
+msgstr ""
+
+#: users/admin.py:63
+msgid "Select which users are assigned to this group"
+msgstr ""
+
+#: users/admin.py:124
+msgid "Personal info"
+msgstr ""
+
+#: users/admin.py:125
+msgid "Permissions"
+msgstr ""
+
+#: users/admin.py:128
+msgid "Important dates"
+msgstr ""
+
+#: users/models.py:124
+msgid "Permission set"
+msgstr ""
+
+#: users/models.py:132
+msgid "Group"
+msgstr ""
+
+#: users/models.py:135
+msgid "View"
+msgstr ""
+
+#: users/models.py:135
+msgid "Permission to view items"
+msgstr ""
+
+#: users/models.py:137
+msgid "Create"
+msgstr ""
+
+#: users/models.py:137
+msgid "Permission to add items"
+msgstr ""
+
+#: users/models.py:139
+msgid "Update"
+msgstr ""
+
+#: users/models.py:139
+msgid "Permissions to edit items"
+msgstr ""
+
+#: users/models.py:141
+msgid "Permission to delete items"
+msgstr ""
diff --git a/InvenTree/locale/es/LC_MESSAGES/django.po b/InvenTree/locale/es/LC_MESSAGES/django.po
index 0b5425db6e..0f38022f92 100644
--- a/InvenTree/locale/es/LC_MESSAGES/django.po
+++ b/InvenTree/locale/es/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-10-04 14:02+0000\n"
+"POT-Creation-Date: 2020-10-05 13:20+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -90,7 +90,7 @@ msgstr ""
 msgid "User"
 msgstr ""
 
-#: InvenTree/models.py:106 part/templates/part/params.html:20
+#: InvenTree/models.py:106 part/templates/part/params.html:22
 #: templates/js/part.html:81
 msgid "Name"
 msgstr ""
@@ -99,19 +99,19 @@ msgstr ""
 msgid "Description (optional)"
 msgstr ""
 
-#: InvenTree/settings.py:342
+#: InvenTree/settings.py:343
 msgid "English"
 msgstr ""
 
-#: InvenTree/settings.py:343
+#: InvenTree/settings.py:344
 msgid "German"
 msgstr ""
 
-#: InvenTree/settings.py:344
+#: InvenTree/settings.py:345
 msgid "French"
 msgstr ""
 
-#: InvenTree/settings.py:345
+#: InvenTree/settings.py:346
 msgid "Polish"
 msgstr ""
 
@@ -325,7 +325,7 @@ msgstr ""
 msgid "Number of parts to build"
 msgstr ""
 
-#: build/models.py:128 part/templates/part/part_base.html:145
+#: build/models.py:128 part/templates/part/part_base.html:155
 msgid "Build Status"
 msgstr ""
 
@@ -344,7 +344,7 @@ msgstr ""
 #: build/models.py:155 build/templates/build/detail.html:55
 #: company/templates/company/supplier_part_base.html:60
 #: company/templates/company/supplier_part_detail.html:24
-#: part/templates/part/detail.html:80 part/templates/part/part_base.html:92
+#: part/templates/part/detail.html:80 part/templates/part/part_base.html:102
 #: stock/models.py:381 stock/templates/stock/item_base.html:244
 msgid "External Link"
 msgstr ""
@@ -356,7 +356,7 @@ msgstr ""
 #: build/models.py:160 build/templates/build/tabs.html:14 company/models.py:310
 #: company/templates/company/tabs.html:33 order/templates/order/po_tabs.html:15
 #: order/templates/order/purchase_order_detail.html:202
-#: order/templates/order/so_tabs.html:23 part/templates/part/tabs.html:67
+#: order/templates/order/so_tabs.html:23 part/templates/part/tabs.html:70
 #: stock/forms.py:306 stock/forms.py:338 stock/forms.py:366 stock/models.py:453
 #: stock/models.py:1404 stock/templates/stock/tabs.html:26
 #: templates/js/barcode.html:391 templates/js/bom.html:223
@@ -404,7 +404,7 @@ msgstr ""
 
 #: build/templates/build/allocate.html:17
 #: company/templates/company/detail_part.html:18 order/views.py:779
-#: part/templates/part/category.html:112
+#: part/templates/part/category.html:122
 msgid "Order Parts"
 msgstr ""
 
@@ -420,7 +420,7 @@ msgstr ""
 msgid "Unallocate"
 msgstr ""
 
-#: build/templates/build/allocate.html:87 templates/stock_table.html:9
+#: build/templates/build/allocate.html:87 templates/stock_table.html:10
 msgid "New Stock Item"
 msgstr ""
 
@@ -548,7 +548,7 @@ msgstr ""
 #: build/templates/build/build_base.html:34
 #: build/templates/build/complete.html:6
 #: stock/templates/stock/item_base.html:223 templates/js/build.html:39
-#: templates/navbar.html:20
+#: templates/navbar.html:25
 msgid "Build"
 msgstr ""
 
@@ -687,7 +687,7 @@ msgstr ""
 
 #: build/templates/build/index.html:6 build/templates/build/index.html:14
 #: order/templates/order/so_builds.html:11 order/templates/order/so_tabs.html:9
-#: part/templates/part/tabs.html:30
+#: part/templates/part/tabs.html:31 users/models.py:30
 msgid "Build Orders"
 msgstr ""
 
@@ -709,7 +709,7 @@ msgstr ""
 #: build/templates/build/notes.html:33 company/templates/company/notes.html:30
 #: order/templates/order/order_notes.html:32
 #: order/templates/order/sales_order_notes.html:37
-#: part/templates/part/notes.html:32 stock/templates/stock/item_notes.html:33
+#: part/templates/part/notes.html:33 stock/templates/stock/item_notes.html:33
 msgid "Edit notes"
 msgstr ""
 
@@ -1044,13 +1044,13 @@ msgid "New Supplier Part"
 msgstr ""
 
 #: company/templates/company/detail_part.html:15
-#: part/templates/part/category.html:109 part/templates/part/supplier.html:15
-#: templates/stock_table.html:11
+#: part/templates/part/category.html:117 part/templates/part/supplier.html:15
+#: templates/stock_table.html:14
 msgid "Options"
 msgstr ""
 
 #: company/templates/company/detail_part.html:18
-#: part/templates/part/category.html:112
+#: part/templates/part/category.html:122
 msgid "Order parts"
 msgstr ""
 
@@ -1063,7 +1063,7 @@ msgid "Delete Parts"
 msgstr ""
 
 #: company/templates/company/detail_part.html:43
-#: part/templates/part/category.html:107 templates/js/stock.html:791
+#: part/templates/part/category.html:114 templates/js/stock.html:791
 msgid "New Part"
 msgstr ""
 
@@ -1095,7 +1095,7 @@ msgstr ""
 
 #: company/templates/company/detail_stock.html:35
 #: company/templates/company/supplier_part_stock.html:33
-#: part/templates/part/category.html:106 part/templates/part/category.html:113
+#: part/templates/part/category.html:112 part/templates/part/category.html:123
 #: part/templates/part/stock.html:51 templates/stock_table.html:6
 msgid "Export"
 msgstr ""
@@ -1117,8 +1117,8 @@ msgstr ""
 #: company/templates/company/tabs.html:17
 #: order/templates/order/purchase_orders.html:7
 #: order/templates/order/purchase_orders.html:12
-#: part/templates/part/orders.html:9 part/templates/part/tabs.html:45
-#: templates/navbar.html:26
+#: part/templates/part/orders.html:9 part/templates/part/tabs.html:48
+#: templates/navbar.html:33 users/models.py:31
 msgid "Purchase Orders"
 msgstr ""
 
@@ -1136,8 +1136,8 @@ msgstr ""
 #: company/templates/company/tabs.html:22
 #: order/templates/order/sales_orders.html:7
 #: order/templates/order/sales_orders.html:12
-#: part/templates/part/sales_orders.html:9 part/templates/part/tabs.html:53
-#: templates/navbar.html:33
+#: part/templates/part/sales_orders.html:9 part/templates/part/tabs.html:56
+#: templates/navbar.html:42 users/models.py:32
 msgid "Sales Orders"
 msgstr ""
 
@@ -1158,7 +1158,7 @@ msgid "Supplier Part"
 msgstr ""
 
 #: company/templates/company/supplier_part_base.html:23
-#: part/templates/part/orders.html:14
+#: part/templates/part/orders.html:14 part/templates/part/part_base.html:66
 msgid "Order part"
 msgstr ""
 
@@ -1205,7 +1205,7 @@ msgid "Pricing Information"
 msgstr ""
 
 #: company/templates/company/supplier_part_pricing.html:15 company/views.py:399
-#: part/templates/part/sale_prices.html:13 part/views.py:2149
+#: part/templates/part/sale_prices.html:13 part/views.py:2226
 msgid "Add Price Break"
 msgstr ""
 
@@ -1241,7 +1241,7 @@ msgstr ""
 #: company/templates/company/tabs.html:12 part/templates/part/tabs.html:18
 #: stock/templates/stock/location.html:17 templates/InvenTree/search.html:155
 #: templates/js/part.html:124 templates/js/part.html:372
-#: templates/js/stock.html:452 templates/navbar.html:19
+#: templates/js/stock.html:452 templates/navbar.html:22 users/models.py:29
 msgid "Stock"
 msgstr ""
 
@@ -1251,22 +1251,22 @@ msgstr ""
 
 #: company/templates/company/tabs.html:9
 #: order/templates/order/receive_parts.html:14 part/models.py:294
-#: part/templates/part/cat_link.html:7 part/templates/part/category.html:88
-#: part/templates/part/category_tabs.html:6 templates/navbar.html:18
-#: templates/stats.html:8 templates/stats.html:17
+#: part/templates/part/cat_link.html:7 part/templates/part/category.html:94
+#: part/templates/part/category_tabs.html:6 templates/navbar.html:19
+#: templates/stats.html:8 templates/stats.html:17 users/models.py:28
 msgid "Parts"
 msgstr ""
 
-#: company/views.py:50 part/templates/part/tabs.html:39
-#: templates/navbar.html:24
+#: company/views.py:50 part/templates/part/tabs.html:42
+#: templates/navbar.html:31
 msgid "Suppliers"
 msgstr ""
 
-#: company/views.py:57 templates/navbar.html:25
+#: company/views.py:57 templates/navbar.html:32
 msgid "Manufacturers"
 msgstr ""
 
-#: company/views.py:64 templates/navbar.html:32
+#: company/views.py:64 templates/navbar.html:41
 msgid "Customers"
 msgstr ""
 
@@ -1330,15 +1330,15 @@ msgstr ""
 msgid "Delete Supplier Part"
 msgstr ""
 
-#: company/views.py:404 part/views.py:2153
+#: company/views.py:404 part/views.py:2232
 msgid "Added new price break"
 msgstr ""
 
-#: company/views.py:441 part/views.py:2198
+#: company/views.py:441 part/views.py:2277
 msgid "Edit Price Break"
 msgstr ""
 
-#: company/views.py:456 part/views.py:2212
+#: company/views.py:456 part/views.py:2293
 msgid "Delete Price Break"
 msgstr ""
 
@@ -1431,7 +1431,7 @@ msgstr ""
 msgid "Date order was completed"
 msgstr ""
 
-#: order/models.py:185 order/models.py:259 part/views.py:1304
+#: order/models.py:185 order/models.py:259 part/views.py:1343
 #: stock/models.py:241 stock/models.py:805
 msgid "Quantity must be greater than zero"
 msgstr ""
@@ -1600,7 +1600,7 @@ msgid "Purchase Order Attachments"
 msgstr ""
 
 #: order/templates/order/po_tabs.html:8 order/templates/order/so_tabs.html:16
-#: part/templates/part/tabs.html:64 stock/templates/stock/tabs.html:32
+#: part/templates/part/tabs.html:67 stock/templates/stock/tabs.html:32
 msgid "Attachments"
 msgstr ""
 
@@ -1616,7 +1616,7 @@ msgstr ""
 
 #: order/templates/order/purchase_order_detail.html:38
 #: order/templates/order/purchase_order_detail.html:118
-#: part/templates/part/category.html:161 part/templates/part/category.html:202
+#: part/templates/part/category.html:171 part/templates/part/category.html:213
 #: templates/js/stock.html:803
 msgid "New Location"
 msgstr ""
@@ -1658,7 +1658,7 @@ msgid "Select parts to receive against this order"
 msgstr ""
 
 #: order/templates/order/receive_parts.html:21
-#: part/templates/part/part_base.html:135 templates/js/part.html:388
+#: part/templates/part/part_base.html:145 templates/js/part.html:388
 msgid "On Order"
 msgstr ""
 
@@ -1750,7 +1750,7 @@ msgstr ""
 msgid "Add Purchase Order Attachment"
 msgstr ""
 
-#: order/views.py:102 order/views.py:149 part/views.py:86 stock/views.py:167
+#: order/views.py:102 order/views.py:149 part/views.py:90 stock/views.py:167
 msgid "Added attachment"
 msgstr ""
 
@@ -1890,12 +1890,12 @@ msgstr ""
 msgid "Remove allocation"
 msgstr ""
 
-#: part/bom.py:138 part/templates/part/category.html:55
+#: part/bom.py:138 part/templates/part/category.html:61
 #: part/templates/part/detail.html:87
 msgid "Default Location"
 msgstr ""
 
-#: part/bom.py:139 part/templates/part/part_base.html:108
+#: part/bom.py:139 part/templates/part/part_base.html:118
 msgid "Available Stock"
 msgstr ""
 
@@ -2013,7 +2013,7 @@ msgid "Part Category"
 msgstr ""
 
 #: part/models.py:76 part/templates/part/category.html:18
-#: part/templates/part/category.html:83 templates/stats.html:12
+#: part/templates/part/category.html:89 templates/stats.html:12
 msgid "Part Categories"
 msgstr ""
 
@@ -2226,7 +2226,7 @@ msgstr ""
 msgid "BOM line checksum"
 msgstr ""
 
-#: part/models.py:1612 part/views.py:1310 part/views.py:1362
+#: part/models.py:1612 part/views.py:1349 part/views.py:1401
 #: stock/models.py:231
 msgid "Quantity must be integer value for trackable parts"
 msgstr ""
@@ -2285,23 +2285,23 @@ msgstr ""
 msgid "Finish Editing"
 msgstr ""
 
-#: part/templates/part/bom.html:42
+#: part/templates/part/bom.html:43
 msgid "Edit BOM"
 msgstr ""
 
-#: part/templates/part/bom.html:44
+#: part/templates/part/bom.html:45
 msgid "Validate Bill of Materials"
 msgstr ""
 
-#: part/templates/part/bom.html:46 part/views.py:1597
+#: part/templates/part/bom.html:48 part/views.py:1640
 msgid "Export Bill of Materials"
 msgstr ""
 
-#: part/templates/part/bom.html:101
+#: part/templates/part/bom.html:103
 msgid "Delete selected BOM items?"
 msgstr ""
 
-#: part/templates/part/bom.html:102
+#: part/templates/part/bom.html:104
 msgid "All selected BOM items will be deleted"
 msgstr ""
 
@@ -2373,83 +2373,91 @@ msgstr ""
 msgid "Each part must already exist in the database"
 msgstr ""
 
+#: part/templates/part/build.html:8
+msgid "Part Builds"
+msgstr ""
+
+#: part/templates/part/build.html:14
+msgid "Start New Build"
+msgstr ""
+
 #: part/templates/part/category.html:19
 msgid "All parts"
 msgstr ""
 
-#: part/templates/part/category.html:23 part/views.py:1976
+#: part/templates/part/category.html:24 part/views.py:2043
 msgid "Create new part category"
 msgstr ""
 
-#: part/templates/part/category.html:27
+#: part/templates/part/category.html:30
 msgid "Edit part category"
 msgstr ""
 
-#: part/templates/part/category.html:30
+#: part/templates/part/category.html:35
 msgid "Delete part category"
 msgstr ""
 
-#: part/templates/part/category.html:39 part/templates/part/category.html:78
+#: part/templates/part/category.html:45 part/templates/part/category.html:84
 msgid "Category Details"
 msgstr ""
 
-#: part/templates/part/category.html:44
+#: part/templates/part/category.html:50
 msgid "Category Path"
 msgstr ""
 
-#: part/templates/part/category.html:49
+#: part/templates/part/category.html:55
 msgid "Category Description"
 msgstr ""
 
-#: part/templates/part/category.html:62 part/templates/part/detail.html:64
+#: part/templates/part/category.html:68 part/templates/part/detail.html:64
 msgid "Keywords"
 msgstr ""
 
-#: part/templates/part/category.html:68
+#: part/templates/part/category.html:74
 msgid "Subcategories"
 msgstr ""
 
-#: part/templates/part/category.html:73
+#: part/templates/part/category.html:79
 msgid "Parts (Including subcategories)"
 msgstr ""
 
-#: part/templates/part/category.html:106
+#: part/templates/part/category.html:112
 msgid "Export Part Data"
 msgstr ""
 
-#: part/templates/part/category.html:107 part/views.py:491
+#: part/templates/part/category.html:114 part/views.py:511
 msgid "Create new part"
 msgstr ""
 
-#: part/templates/part/category.html:111
+#: part/templates/part/category.html:120
 msgid "Set category"
 msgstr ""
 
-#: part/templates/part/category.html:111
+#: part/templates/part/category.html:120
 msgid "Set Category"
 msgstr ""
 
-#: part/templates/part/category.html:113
+#: part/templates/part/category.html:123
 msgid "Export Data"
 msgstr ""
 
-#: part/templates/part/category.html:162
+#: part/templates/part/category.html:172
 msgid "Create new location"
 msgstr ""
 
-#: part/templates/part/category.html:167 part/templates/part/category.html:196
+#: part/templates/part/category.html:177 part/templates/part/category.html:207
 msgid "New Category"
 msgstr ""
 
-#: part/templates/part/category.html:168
+#: part/templates/part/category.html:178
 msgid "Create new category"
 msgstr ""
 
-#: part/templates/part/category.html:197
+#: part/templates/part/category.html:208
 msgid "Create new Part Category"
 msgstr ""
 
-#: part/templates/part/category.html:203 stock/views.py:1314
+#: part/templates/part/category.html:214 stock/views.py:1314
 msgid "Create new Stock Location"
 msgstr ""
 
@@ -2461,7 +2469,7 @@ msgstr ""
 msgid "Part Details"
 msgstr ""
 
-#: part/templates/part/detail.html:25 part/templates/part/part_base.html:85
+#: part/templates/part/detail.html:25 part/templates/part/part_base.html:95
 #: templates/js/part.html:112
 msgid "IPN"
 msgstr ""
@@ -2491,7 +2499,7 @@ msgstr ""
 msgid "Default Supplier"
 msgstr ""
 
-#: part/templates/part/detail.html:102 part/templates/part/params.html:22
+#: part/templates/part/detail.html:102 part/templates/part/params.html:24
 msgid "Units"
 msgstr ""
 
@@ -2616,24 +2624,25 @@ msgstr ""
 msgid "Part Parameters"
 msgstr ""
 
-#: part/templates/part/params.html:13
+#: part/templates/part/params.html:14
 msgid "Add new parameter"
 msgstr ""
 
-#: part/templates/part/params.html:13 templates/InvenTree/settings/part.html:12
+#: part/templates/part/params.html:14 templates/InvenTree/settings/part.html:12
 msgid "New Parameter"
 msgstr ""
 
-#: part/templates/part/params.html:21 stock/models.py:1391
+#: part/templates/part/params.html:23 stock/models.py:1391
 #: templates/js/stock.html:112
 msgid "Value"
 msgstr ""
 
-#: part/templates/part/params.html:33
+#: part/templates/part/params.html:36
 msgid "Edit"
 msgstr ""
 
-#: part/templates/part/params.html:34 part/templates/part/supplier.html:17
+#: part/templates/part/params.html:39 part/templates/part/supplier.html:17
+#: users/models.py:141
 msgid "Delete"
 msgstr ""
 
@@ -2684,39 +2693,43 @@ msgstr ""
 msgid "Show pricing information"
 msgstr ""
 
-#: part/templates/part/part_base.html:70
-msgid "Part actions"
-msgstr ""
-
-#: part/templates/part/part_base.html:72
-msgid "Duplicate part"
-msgstr ""
-
-#: part/templates/part/part_base.html:73
-msgid "Edit part"
+#: part/templates/part/part_base.html:60
+msgid "Count part stock"
 msgstr ""
 
 #: part/templates/part/part_base.html:75
+msgid "Part actions"
+msgstr ""
+
+#: part/templates/part/part_base.html:78
+msgid "Duplicate part"
+msgstr ""
+
+#: part/templates/part/part_base.html:81
+msgid "Edit part"
+msgstr ""
+
+#: part/templates/part/part_base.html:84
 msgid "Delete part"
 msgstr ""
 
-#: part/templates/part/part_base.html:114 templates/js/table_filters.html:65
+#: part/templates/part/part_base.html:124 templates/js/table_filters.html:65
 msgid "In Stock"
 msgstr ""
 
-#: part/templates/part/part_base.html:121
+#: part/templates/part/part_base.html:131
 msgid "Allocated to Build Orders"
 msgstr ""
 
-#: part/templates/part/part_base.html:128
+#: part/templates/part/part_base.html:138
 msgid "Allocated to Sales Orders"
 msgstr ""
 
-#: part/templates/part/part_base.html:150
+#: part/templates/part/part_base.html:160
 msgid "Can Build"
 msgstr ""
 
-#: part/templates/part/part_base.html:156
+#: part/templates/part/part_base.html:166
 msgid "Underway"
 msgstr ""
 
@@ -2736,7 +2749,7 @@ msgstr ""
 msgid "Upload new image"
 msgstr ""
 
-#: part/templates/part/sale_prices.html:9 part/templates/part/tabs.html:50
+#: part/templates/part/sale_prices.html:9 part/templates/part/tabs.html:53
 msgid "Sale Price"
 msgstr ""
 
@@ -2797,11 +2810,11 @@ msgstr ""
 msgid "BOM"
 msgstr ""
 
-#: part/templates/part/tabs.html:34
+#: part/templates/part/tabs.html:37
 msgid "Used In"
 msgstr ""
 
-#: part/templates/part/tabs.html:58 stock/templates/stock/item_base.html:282
+#: part/templates/part/tabs.html:61 stock/templates/stock/item_base.html:282
 msgid "Tests"
 msgstr ""
 
@@ -2829,176 +2842,176 @@ msgstr ""
 msgid "New Variant"
 msgstr ""
 
-#: part/views.py:76
+#: part/views.py:78
 msgid "Add part attachment"
 msgstr ""
 
-#: part/views.py:125 templates/attachment_table.html:30
+#: part/views.py:129 templates/attachment_table.html:30
 msgid "Edit attachment"
 msgstr ""
 
-#: part/views.py:129
+#: part/views.py:135
 msgid "Part attachment updated"
 msgstr ""
 
-#: part/views.py:144
+#: part/views.py:150
 msgid "Delete Part Attachment"
 msgstr ""
 
-#: part/views.py:150
+#: part/views.py:158
 msgid "Deleted part attachment"
 msgstr ""
 
-#: part/views.py:159
+#: part/views.py:167
 msgid "Create Test Template"
 msgstr ""
 
-#: part/views.py:186
+#: part/views.py:196
 msgid "Edit Test Template"
 msgstr ""
 
-#: part/views.py:200
+#: part/views.py:212
 msgid "Delete Test Template"
 msgstr ""
 
-#: part/views.py:207
+#: part/views.py:221
 msgid "Set Part Category"
 msgstr ""
 
-#: part/views.py:255
+#: part/views.py:271
 #, python-brace-format
 msgid "Set category for {n} parts"
 msgstr ""
 
-#: part/views.py:290
+#: part/views.py:306
 msgid "Create Variant"
 msgstr ""
 
-#: part/views.py:368
+#: part/views.py:386
 msgid "Duplicate Part"
 msgstr ""
 
-#: part/views.py:373
+#: part/views.py:393
 msgid "Copied part"
 msgstr ""
 
-#: part/views.py:496
+#: part/views.py:518
 msgid "Created new part"
 msgstr ""
 
-#: part/views.py:707
+#: part/views.py:733
 msgid "Part QR Code"
 msgstr ""
 
-#: part/views.py:724
+#: part/views.py:752
 msgid "Upload Part Image"
 msgstr ""
 
-#: part/views.py:729 part/views.py:764
+#: part/views.py:760 part/views.py:797
 msgid "Updated part image"
 msgstr ""
 
-#: part/views.py:738
+#: part/views.py:769
 msgid "Select Part Image"
 msgstr ""
 
-#: part/views.py:767
+#: part/views.py:800
 msgid "Part image not found"
 msgstr ""
 
-#: part/views.py:778
+#: part/views.py:811
 msgid "Edit Part Properties"
 msgstr ""
 
-#: part/views.py:800
+#: part/views.py:835
 msgid "Validate BOM"
 msgstr ""
 
-#: part/views.py:963
+#: part/views.py:1002
 msgid "No BOM file provided"
 msgstr ""
 
-#: part/views.py:1313
+#: part/views.py:1352
 msgid "Enter a valid quantity"
 msgstr ""
 
-#: part/views.py:1338 part/views.py:1341
+#: part/views.py:1377 part/views.py:1380
 msgid "Select valid part"
 msgstr ""
 
-#: part/views.py:1347
+#: part/views.py:1386
 msgid "Duplicate part selected"
 msgstr ""
 
-#: part/views.py:1385
+#: part/views.py:1424
 msgid "Select a part"
 msgstr ""
 
-#: part/views.py:1391
+#: part/views.py:1430
 msgid "Selected part creates a circular BOM"
 msgstr ""
 
-#: part/views.py:1395
+#: part/views.py:1434
 msgid "Specify quantity"
 msgstr ""
 
-#: part/views.py:1645
+#: part/views.py:1690
 msgid "Confirm Part Deletion"
 msgstr ""
 
-#: part/views.py:1652
+#: part/views.py:1699
 msgid "Part was deleted"
 msgstr ""
 
-#: part/views.py:1661
+#: part/views.py:1708
 msgid "Part Pricing"
 msgstr ""
 
-#: part/views.py:1783
+#: part/views.py:1834
 msgid "Create Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1791
+#: part/views.py:1844
 msgid "Edit Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1798
+#: part/views.py:1853
 msgid "Delete Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1806
+#: part/views.py:1863
 msgid "Create Part Parameter"
 msgstr ""
 
-#: part/views.py:1856
+#: part/views.py:1915
 msgid "Edit Part Parameter"
 msgstr ""
 
-#: part/views.py:1870
+#: part/views.py:1931
 msgid "Delete Part Parameter"
 msgstr ""
 
-#: part/views.py:1927
+#: part/views.py:1990
 msgid "Edit Part Category"
 msgstr ""
 
-#: part/views.py:1962
+#: part/views.py:2027
 msgid "Delete Part Category"
 msgstr ""
 
-#: part/views.py:1968
+#: part/views.py:2035
 msgid "Part category was deleted"
 msgstr ""
 
-#: part/views.py:2027
+#: part/views.py:2098
 msgid "Create BOM item"
 msgstr ""
 
-#: part/views.py:2093
+#: part/views.py:2166
 msgid "Edit BOM item"
 msgstr ""
 
-#: part/views.py:2141
+#: part/views.py:2216
 msgid "Confim BOM item deletion"
 msgstr ""
 
@@ -3371,15 +3384,15 @@ msgid "Stock adjustment actions"
 msgstr ""
 
 #: stock/templates/stock/item_base.html:98
-#: stock/templates/stock/location.html:38 templates/stock_table.html:15
+#: stock/templates/stock/location.html:38 templates/stock_table.html:19
 msgid "Count stock"
 msgstr ""
 
-#: stock/templates/stock/item_base.html:99 templates/stock_table.html:13
+#: stock/templates/stock/item_base.html:99 templates/stock_table.html:17
 msgid "Add stock"
 msgstr ""
 
-#: stock/templates/stock/item_base.html:100 templates/stock_table.html:14
+#: stock/templates/stock/item_base.html:100 templates/stock_table.html:18
 msgid "Remove stock"
 msgstr ""
 
@@ -3819,6 +3832,14 @@ msgstr ""
 msgid "Add Stock Tracking Entry"
 msgstr ""
 
+#: templates/403.html:5 templates/403.html:11
+msgid "Permission Denied"
+msgstr ""
+
+#: templates/403.html:14
+msgid "You do not have permission to view this page."
+msgstr ""
+
 #: templates/InvenTree/bom_invalid.html:7
 msgid "BOM Waiting Validation"
 msgstr ""
@@ -3827,6 +3848,10 @@ msgstr ""
 msgid "Pending Builds"
 msgstr ""
 
+#: templates/InvenTree/index.html:4
+msgid "Index"
+msgstr ""
+
 #: templates/InvenTree/latest_parts.html:7
 msgid "Latest Parts"
 msgstr ""
@@ -4392,39 +4417,39 @@ msgstr ""
 msgid "Purchasable"
 msgstr ""
 
-#: templates/navbar.html:22
+#: templates/navbar.html:29
 msgid "Buy"
 msgstr ""
 
-#: templates/navbar.html:30
+#: templates/navbar.html:39
 msgid "Sell"
 msgstr ""
 
-#: templates/navbar.html:40
+#: templates/navbar.html:50
 msgid "Scan Barcode"
 msgstr ""
 
-#: templates/navbar.html:49
+#: templates/navbar.html:59 users/models.py:27
 msgid "Admin"
 msgstr ""
 
-#: templates/navbar.html:52
+#: templates/navbar.html:62
 msgid "Settings"
 msgstr ""
 
-#: templates/navbar.html:53
+#: templates/navbar.html:63
 msgid "Logout"
 msgstr ""
 
-#: templates/navbar.html:55
+#: templates/navbar.html:65
 msgid "Login"
 msgstr ""
 
-#: templates/navbar.html:58
+#: templates/navbar.html:68
 msgid "About InvenTree"
 msgstr ""
 
-#: templates/navbar.html:59
+#: templates/navbar.html:69
 msgid "Statistics"
 msgstr ""
 
@@ -4436,38 +4461,94 @@ msgstr ""
 msgid "Export Stock Information"
 msgstr ""
 
-#: templates/stock_table.html:13
+#: templates/stock_table.html:17
 msgid "Add to selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:14
+#: templates/stock_table.html:18
 msgid "Remove from selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:15
+#: templates/stock_table.html:19
 msgid "Stocktake selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:16
+#: templates/stock_table.html:20
 msgid "Move selected stock items"
 msgstr ""
 
-#: templates/stock_table.html:16
+#: templates/stock_table.html:20
 msgid "Move stock"
 msgstr ""
 
-#: templates/stock_table.html:17
+#: templates/stock_table.html:21
 msgid "Order selected items"
 msgstr ""
 
-#: templates/stock_table.html:17
+#: templates/stock_table.html:21
 msgid "Order stock"
 msgstr ""
 
-#: templates/stock_table.html:18
+#: templates/stock_table.html:24
 msgid "Delete selected items"
 msgstr ""
 
-#: templates/stock_table.html:18
+#: templates/stock_table.html:24
 msgid "Delete Stock"
 msgstr ""
+
+#: users/admin.py:62
+msgid "Users"
+msgstr ""
+
+#: users/admin.py:63
+msgid "Select which users are assigned to this group"
+msgstr ""
+
+#: users/admin.py:124
+msgid "Personal info"
+msgstr ""
+
+#: users/admin.py:125
+msgid "Permissions"
+msgstr ""
+
+#: users/admin.py:128
+msgid "Important dates"
+msgstr ""
+
+#: users/models.py:124
+msgid "Permission set"
+msgstr ""
+
+#: users/models.py:132
+msgid "Group"
+msgstr ""
+
+#: users/models.py:135
+msgid "View"
+msgstr ""
+
+#: users/models.py:135
+msgid "Permission to view items"
+msgstr ""
+
+#: users/models.py:137
+msgid "Create"
+msgstr ""
+
+#: users/models.py:137
+msgid "Permission to add items"
+msgstr ""
+
+#: users/models.py:139
+msgid "Update"
+msgstr ""
+
+#: users/models.py:139
+msgid "Permissions to edit items"
+msgstr ""
+
+#: users/models.py:141
+msgid "Permission to delete items"
+msgstr ""

From 16d720b62c08b5e22289d019f4ea27d949e26bca Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 00:36:55 +1100
Subject: [PATCH 06/26] Update permission requirements for API

- Automatically use model permissions by default!
-
---
 InvenTree/InvenTree/settings.py |  4 ++++
 InvenTree/build/api.py          | 14 +-----------
 InvenTree/company/api.py        | 19 +----------------
 InvenTree/order/api.py          | 28 +-----------------------
 InvenTree/part/api.py           | 38 ---------------------------------
 InvenTree/stock/api.py          | 15 -------------
 6 files changed, 7 insertions(+), 111 deletions(-)

diff --git a/InvenTree/InvenTree/settings.py b/InvenTree/InvenTree/settings.py
index 21b8a0ead1..75f6f58993 100644
--- a/InvenTree/InvenTree/settings.py
+++ b/InvenTree/InvenTree/settings.py
@@ -231,6 +231,10 @@ REST_FRAMEWORK = {
         'rest_framework.authentication.SessionAuthentication',
         'rest_framework.authentication.TokenAuthentication',
     ),
+    'DEFAULT_PERMISSION_CLASSES': (
+        'rest_framework.permissions.IsAuthenticated',
+        'rest_framework.permissions.DjangoModelPermissions',
+    ),
     'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.coreapi.AutoSchema'
 }
 
diff --git a/InvenTree/build/api.py b/InvenTree/build/api.py
index c0faee6c15..d4e458c506 100644
--- a/InvenTree/build/api.py
+++ b/InvenTree/build/api.py
@@ -7,7 +7,7 @@ from __future__ import unicode_literals
 
 from django_filters.rest_framework import DjangoFilterBackend
 from rest_framework import filters
-from rest_framework import generics, permissions
+from rest_framework import generics
 
 from django.conf.urls import url, include
 
@@ -28,10 +28,6 @@ class BuildList(generics.ListCreateAPIView):
     queryset = Build.objects.all()
     serializer_class = BuildSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -99,10 +95,6 @@ class BuildDetail(generics.RetrieveUpdateAPIView):
     queryset = Build.objects.all()
     serializer_class = BuildSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
 
 class BuildItemList(generics.ListCreateAPIView):
     """ API endpoint for accessing a list of BuildItem objects
@@ -137,10 +129,6 @@ class BuildItemList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
     ]
diff --git a/InvenTree/company/api.py b/InvenTree/company/api.py
index 0e54d7d7fb..548ac96016 100644
--- a/InvenTree/company/api.py
+++ b/InvenTree/company/api.py
@@ -7,7 +7,7 @@ from __future__ import unicode_literals
 
 from django_filters.rest_framework import DjangoFilterBackend
 from rest_framework import filters
-from rest_framework import generics, permissions
+from rest_framework import generics
 
 from django.conf.urls import url, include
 from django.db.models import Q
@@ -40,10 +40,6 @@ class CompanyList(generics.ListCreateAPIView):
 
         return queryset
     
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -82,10 +78,6 @@ class CompanyDetail(generics.RetrieveUpdateDestroyAPIView):
 
         return queryset
     
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
 
 class SupplierPartList(generics.ListCreateAPIView):
     """ API endpoint for list view of SupplierPart object
@@ -170,10 +162,6 @@ class SupplierPartList(generics.ListCreateAPIView):
 
     serializer_class = SupplierPartSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -202,7 +190,6 @@ class SupplierPartDetail(generics.RetrieveUpdateDestroyAPIView):
 
     queryset = SupplierPart.objects.all()
     serializer_class = SupplierPartSerializer
-    permission_classes = (permissions.IsAuthenticated,)
 
     read_only_fields = [
     ]
@@ -218,10 +205,6 @@ class SupplierPriceBreakList(generics.ListCreateAPIView):
     queryset = SupplierPriceBreak.objects.all()
     serializer_class = SupplierPriceBreakSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
     ]
diff --git a/InvenTree/order/api.py b/InvenTree/order/api.py
index a7915878c5..4a9dbfa2ac 100644
--- a/InvenTree/order/api.py
+++ b/InvenTree/order/api.py
@@ -6,7 +6,7 @@ JSON API for the Order app
 from __future__ import unicode_literals
 
 from django_filters.rest_framework import DjangoFilterBackend
-from rest_framework import generics, permissions
+from rest_framework import generics
 from rest_framework import filters
 
 from django.conf.urls import url, include
@@ -109,10 +109,6 @@ class POList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -162,10 +158,6 @@ class PODetail(generics.RetrieveUpdateAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated
-    ]
-
 
 class POLineItemList(generics.ListCreateAPIView):
     """ API endpoint for accessing a list of POLineItem objects
@@ -188,10 +180,6 @@ class POLineItemList(generics.ListCreateAPIView):
 
         return self.serializer_class(*args, **kwargs)
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
     ]
@@ -208,10 +196,6 @@ class POLineItemDetail(generics.RetrieveUpdateAPIView):
     queryset = PurchaseOrderLineItem
     serializer_class = POLineItemSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
 
 class SOAttachmentList(generics.ListCreateAPIView, AttachmentMixin):
     """
@@ -300,10 +284,6 @@ class SOList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -351,8 +331,6 @@ class SODetail(generics.RetrieveUpdateAPIView):
 
         return queryset
 
-    permission_classes = [permissions.IsAuthenticated]
-
 
 class SOLineItemList(generics.ListCreateAPIView):
     """
@@ -398,8 +376,6 @@ class SOLineItemList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [permissions.IsAuthenticated]
-
     filter_backends = [DjangoFilterBackend]
 
     filter_fields = [
@@ -414,8 +390,6 @@ class SOLineItemDetail(generics.RetrieveUpdateAPIView):
     queryset = SalesOrderLineItem.objects.all()
     serializer_class = SOLineItemSerializer
 
-    permission_classes = [permissions.IsAuthenticated]
-
 
 class POAttachmentList(generics.ListCreateAPIView, AttachmentMixin):
     """
diff --git a/InvenTree/part/api.py b/InvenTree/part/api.py
index 6834503466..d4aeec5bd9 100644
--- a/InvenTree/part/api.py
+++ b/InvenTree/part/api.py
@@ -55,10 +55,6 @@ class CategoryList(generics.ListCreateAPIView):
     queryset = PartCategory.objects.all()
     serializer_class = part_serializers.CategorySerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     def get_queryset(self):
         """
         Custom filtering:
@@ -119,10 +115,6 @@ class PartSalePriceList(generics.ListCreateAPIView):
     queryset = PartSellPriceBreak.objects.all()
     serializer_class = part_serializers.PartSalePriceSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend
     ]
@@ -182,8 +174,6 @@ class PartTestTemplateList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [permissions.IsAuthenticated]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.OrderingFilter,
@@ -221,10 +211,6 @@ class PartThumbsUpdate(generics.RetrieveUpdateAPIView):
     queryset = Part.objects.all()
     serializer_class = part_serializers.PartThumbSerializerUpdate
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend
     ]
@@ -246,10 +232,6 @@ class PartDetail(generics.RetrieveUpdateDestroyAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     def get_serializer(self, *args, **kwargs):
 
         try:
@@ -580,10 +562,6 @@ class PartList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -676,10 +654,6 @@ class PartParameterTemplateList(generics.ListCreateAPIView):
     queryset = PartParameterTemplate.objects.all()
     serializer_class = part_serializers.PartParameterTemplateSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         filters.OrderingFilter,
     ]
@@ -699,10 +673,6 @@ class PartParameterList(generics.ListCreateAPIView):
     queryset = PartParameter.objects.all()
     serializer_class = part_serializers.PartParameterSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend
     ]
@@ -796,10 +766,6 @@ class BomList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -816,10 +782,6 @@ class BomDetail(generics.RetrieveUpdateDestroyAPIView):
     queryset = BomItem.objects.all()
     serializer_class = part_serializers.BomItemSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
 
 class BomItemValidate(generics.UpdateAPIView):
     """ API endpoint for validating a BomItem """
diff --git a/InvenTree/stock/api.py b/InvenTree/stock/api.py
index 55bc62a44e..790de7d879 100644
--- a/InvenTree/stock/api.py
+++ b/InvenTree/stock/api.py
@@ -68,7 +68,6 @@ class StockDetail(generics.RetrieveUpdateDestroyAPIView):
 
     queryset = StockItem.objects.all()
     serializer_class = StockItemSerializer
-    permission_classes = (permissions.IsAuthenticated,)
 
     def get_queryset(self, *args, **kwargs):
 
@@ -289,10 +288,6 @@ class StockLocationList(generics.ListCreateAPIView):
             
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -695,10 +690,6 @@ class StockList(generics.ListCreateAPIView):
 
         return queryset
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -744,10 +735,6 @@ class StockItemTestResultList(generics.ListCreateAPIView):
     queryset = StockItemTestResult.objects.all()
     serializer_class = StockItemTestResultSerializer
 
-    permission_classes = [
-        permissions.IsAuthenticated,
-    ]
-
     filter_backends = [
         DjangoFilterBackend,
         filters.SearchFilter,
@@ -799,7 +786,6 @@ class StockTrackingList(generics.ListCreateAPIView):
 
     queryset = StockItemTracking.objects.all()
     serializer_class = StockTrackingSerializer
-    permission_classes = [permissions.IsAuthenticated]
 
     def get_serializer(self, *args, **kwargs):
         try:
@@ -871,7 +857,6 @@ class LocationDetail(generics.RetrieveUpdateDestroyAPIView):
 
     queryset = StockLocation.objects.all()
     serializer_class = LocationSerializer
-    permission_classes = (permissions.IsAuthenticated,)
 
 
 stock_endpoints = [

From 3f59ce3f93030c37afe37e2f69a547f927ddd70d Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 01:30:36 +1100
Subject: [PATCH 07/26] Update unit tests

- requires the user to actually have the necessary permissions!
---
 InvenTree/InvenTree/api.py     |  2 ++
 InvenTree/InvenTree/helpers.py | 20 +++++++++++++++++++
 InvenTree/company/test_api.py  | 13 ++++++++++++-
 InvenTree/part/test_api.py     | 29 +++++++++++++++++++++++++++-
 InvenTree/part/test_views.py   | 35 ++++++++++++++++++++++++++++++++--
 InvenTree/part/views.py        | 12 ++++++------
 InvenTree/stock/test_api.py    | 16 ++++++++++++++++
 7 files changed, 117 insertions(+), 10 deletions(-)

diff --git a/InvenTree/InvenTree/api.py b/InvenTree/InvenTree/api.py
index 44e7ec383f..1bdfb79ceb 100644
--- a/InvenTree/InvenTree/api.py
+++ b/InvenTree/InvenTree/api.py
@@ -30,6 +30,8 @@ class InfoView(AjaxView):
     Use to confirm that the server is running, etc.
     """
 
+    permission_classes = [permissions.AllowAny]
+
     def get(self, request, *args, **kwargs):
 
         data = {
diff --git a/InvenTree/InvenTree/helpers.py b/InvenTree/InvenTree/helpers.py
index 9b470902b1..13b770539c 100644
--- a/InvenTree/InvenTree/helpers.py
+++ b/InvenTree/InvenTree/helpers.py
@@ -15,6 +15,8 @@ from django.http import StreamingHttpResponse
 from django.core.exceptions import ValidationError
 from django.utils.translation import ugettext as _
 
+from django.contrib.auth.models import Permission
+
 import InvenTree.version
 
 from .settings import MEDIA_URL, STATIC_URL
@@ -441,3 +443,21 @@ def validateFilterString(value):
         results[k] = v
 
     return results
+
+
+def addUserPermission(user, permission):
+    """
+    Shortcut function for adding a certain permission to a user.
+    """
+    
+    perm = Permission.objects.get(codename=permission)
+    user.user_permissions.add(perm)
+
+
+def addUserPermissions(user, permissions):
+    """
+    Shortcut function for adding multiple permissions to a user.
+    """
+
+    for permission in permissions:
+        addUserPermission(user, permission)
diff --git a/InvenTree/company/test_api.py b/InvenTree/company/test_api.py
index bf4cc6643e..643608542d 100644
--- a/InvenTree/company/test_api.py
+++ b/InvenTree/company/test_api.py
@@ -3,6 +3,8 @@ from rest_framework import status
 from django.urls import reverse
 from django.contrib.auth import get_user_model
 
+from InvenTree.helpers import addUserPermissions
+
 from .models import Company
 
 
@@ -14,7 +16,16 @@ class CompanyTest(APITestCase):
     def setUp(self):
         # Create a user for auth
         User = get_user_model()
-        User.objects.create_user('testuser', 'test@testing.com', 'password')
+        self.user = User.objects.create_user('testuser', 'test@testing.com', 'password')
+        
+        perms = [
+            'view_company',
+            'change_company',
+            'add_company',
+        ]
+
+        addUserPermissions(self.user, perms)
+        
         self.client.login(username='testuser', password='password')
 
         Company.objects.create(name='ACME', description='Supplier', is_customer=False, is_supplier=True)
diff --git a/InvenTree/part/test_api.py b/InvenTree/part/test_api.py
index 3b116fa445..9fdc2688cb 100644
--- a/InvenTree/part/test_api.py
+++ b/InvenTree/part/test_api.py
@@ -9,6 +9,7 @@ from stock.models import StockItem
 from company.models import Company
 
 from InvenTree.status_codes import StockStatus
+from InvenTree.helpers import addUserPermissions
 
 
 class PartAPITest(APITestCase):
@@ -29,7 +30,33 @@ class PartAPITest(APITestCase):
     def setUp(self):
         # Create a user for auth
         User = get_user_model()
-        User.objects.create_user('testuser', 'test@testing.com', 'password')
+        self.user = User.objects.create_user(
+            username='testuser',
+            email='test@testing.com',
+            password='password'
+        )
+
+        # Add the permissions required to access the API endpoints
+        perms = [
+            'view_part',
+            'add_part',
+            'change_part',
+            'delete_part',
+            'view_partcategory',
+            'add_partcategory',
+            'change_partcategory',
+            'view_bomitem',
+            'add_bomitem',
+            'change_bomitem',
+            'view_partattachment',
+            'change_partattachment',
+            'add_partattachment',
+            'view_parttesttemplate',
+            'add_parttesttemplate',
+            'change_parttesttemplate',
+        ]
+
+        addUserPermissions(self.user, perms)
 
         self.client.login(username='testuser', password='password')
 
diff --git a/InvenTree/part/test_views.py b/InvenTree/part/test_views.py
index bc09784a47..b1ae991a0c 100644
--- a/InvenTree/part/test_views.py
+++ b/InvenTree/part/test_views.py
@@ -4,6 +4,8 @@ from django.test import TestCase
 from django.urls import reverse
 from django.contrib.auth import get_user_model
 
+from InvenTree.helpers import addUserPermissions
+
 from .models import Part
 
 
@@ -23,7 +25,32 @@ class PartViewTestCase(TestCase):
 
         # Create a user
         User = get_user_model()
-        User.objects.create_user('username', 'user@email.com', 'password')
+        self.user = User.objects.create_user(
+            username='username',
+            email='user@email.com',
+            password='password'
+        )
+
+        # Add the permissions required to access the pages
+        perms = [
+            'view_part',
+            'add_part',
+            'change_part',
+            'delete_part',
+            'view_partcategory',
+            'add_partcategory',
+            'change_partcategory',
+            'view_bomitem',
+            'add_bomitem',
+            'change_bomitem',
+            'view_partattachment',
+            'change_partattachment',
+            'add_partattachment',
+        ]
+
+        addUserPermissions(self.user, perms)
+
+        self.user.save()
 
         self.client.login(username='username', password='password')
 
@@ -140,12 +167,14 @@ class PartTests(PartViewTestCase):
     """ Tests for Part forms """
 
     def test_part_edit(self):
+
         response = self.client.get(reverse('part-edit', args=(1,)), HTTP_X_REQUESTED_WITH='XMLHttpRequest')
-        self.assertEqual(response.status_code, 200)
 
         keys = response.context.keys()
         data = str(response.content)
 
+        self.assertEqual(response.status_code, 200)
+
         self.assertIn('part', keys)
         self.assertIn('csrf_token', keys)
 
@@ -189,6 +218,8 @@ class PartAttachmentTests(PartViewTestCase):
         response = self.client.get(reverse('part-attachment-create'), {'part': 1}, HTTP_X_REQUESTED_WITH='XMLHttpRequest')
         self.assertEqual(response.status_code, 200)
 
+        # TODO - Create a new attachment using this view
+
     def test_invalid_create(self):
         """ test creation of an attachment for an invalid part """
 
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index 47a77078be..8e0980c35e 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -635,7 +635,7 @@ class PartNotes(UpdateView):
     template_name = 'part/notes.html'
     model = Part
 
-    permission_required = 'part.update_part'
+    permission_required = 'part.change_part'
 
     fields = ['notes']
 
@@ -753,7 +753,7 @@ class PartImageUpload(AjaxUpdateView):
 
     form_class = part_forms.PartImageForm
 
-    permission_required = 'part.update_part'
+    permission_required = 'part.change_part'
 
     def get_data(self):
         return {
@@ -768,7 +768,7 @@ class PartImageSelect(AjaxUpdateView):
     ajax_template_name = 'part/select_image.html'
     ajax_form_title = _('Select Part Image')
 
-    permission_required = 'part.update_part'
+    permission_required = 'part.change_part'
 
     fields = [
         'image',
@@ -811,7 +811,7 @@ class PartEdit(AjaxUpdateView):
     ajax_form_title = _('Edit Part Properties')
     context_object_name = 'part'
 
-    permission_required = 'part.update_part'
+    permission_required = 'part.change_part'
 
     def get_form(self):
         """ Create form for Part editing.
@@ -837,7 +837,7 @@ class BomValidate(AjaxUpdateView):
     context_object_name = 'part'
     form_class = part_forms.BomValidateForm
 
-    permission_required = ('part.update_part')
+    permission_required = ('part.change_part')
 
     def get_context(self):
         return {
@@ -905,7 +905,7 @@ class BomUpload(PermissionRequiredMixin, FormView):
     missing_columns = []
     allowed_parts = []
 
-    permission_required = ('part.update_part', 'part.add_bomitem')
+    permission_required = ('part.change_part', 'part.add_bomitem')
 
     def get_success_url(self):
         part = self.get_object()
diff --git a/InvenTree/stock/test_api.py b/InvenTree/stock/test_api.py
index a522bc5415..8348a3e331 100644
--- a/InvenTree/stock/test_api.py
+++ b/InvenTree/stock/test_api.py
@@ -3,6 +3,8 @@ from rest_framework import status
 from django.urls import reverse
 from django.contrib.auth import get_user_model
 
+from InvenTree.helpers import addUserPermissions
+
 from .models import StockLocation
 
 
@@ -22,6 +24,20 @@ class StockAPITestCase(APITestCase):
         # Create a user for auth
         User = get_user_model()
         self.user = User.objects.create_user('testuser', 'test@testing.com', 'password')
+
+        # Add the necessary permissions to the user
+        perms = [
+            'view_stockitemtestresult',
+            'change_stockitemtestresult',
+            'add_stockitemtestresult',
+            'add_stocklocation',
+            'change_stocklocation',
+            'add_stockitem',
+            'change_stockitem',
+        ]
+
+        addUserPermissions(self.user, perms)
+
         self.client.login(username='testuser', password='password')
 
     def doPost(self, url, data={}):

From c910307ce5aeabf6f79eba77c661e819fffc1bfc Mon Sep 17 00:00:00 2001
From: eeintech <eeintech@eeinte.ch>
Date: Mon, 5 Oct 2020 10:04:54 -0500
Subject: [PATCH 08/26] Only saving Group model rulesets on instance creation
 and when inlines are saved

---
 InvenTree/users/admin.py  |  8 ++------
 InvenTree/users/models.py | 16 +++++++++++++---
 2 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/InvenTree/users/admin.py b/InvenTree/users/admin.py
index 86d4bb1a86..765bc0d795 100644
--- a/InvenTree/users/admin.py
+++ b/InvenTree/users/admin.py
@@ -97,15 +97,11 @@ class RoleGroupAdmin(admin.ModelAdmin):
     # Save inlines before model
     # https://stackoverflow.com/a/14860703/12794913
     def save_model(self, request, obj, form, change):
-        if obj is not None:
-            # Save model immediately only if in 'Add role' view
-            super().save_model(request, obj, form, change)
-        else:
-            pass  # don't actually save the parent instance
+        pass  # don't actually save the parent instance
 
     def save_formset(self, request, form, formset, change):
         formset.save()  # this will save the children
-        form.instance.save()  # form.instance is the parent
+        form.instance.save(update_fields=['name'])  # form.instance is the parent
 
 
 class InvenTreeUserAdmin(UserAdmin):
diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index 5fe86e15fa..990d3770c0 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -155,8 +155,15 @@ class RuleSet(models.Model):
             model=model
         )
 
-    def __str__(self):
-        return self.name
+    def __str__(self, debug=False):
+        """ Ruleset string representation """
+        if debug:
+            # Makes debugging easier
+            return f'{str(self.group).ljust(15)}: {self.name.title().ljust(15)} | ' \
+                   f'v: {str(self.can_view).ljust(5)} | a: {str(self.can_add).ljust(5)} | ' \
+                   f'c: {str(self.can_change).ljust(5)} | d: {str(self.can_delete).ljust(5)}'
+        else:
+            return self.name
 
     def save(self, *args, **kwargs):
 
@@ -327,5 +334,8 @@ def create_missing_rule_sets(sender, instance, **kwargs):
     then we can now use these RuleSet values to update the
     group permissions.
     """
+    created = kwargs.get('created', False)
+    update_fields = kwargs.get('update_fields', None)
 
-    update_group_roles(instance)
+    if created or update_fields:
+        update_group_roles(instance)

From d980da72472a430219988be89fabcfd50993535f Mon Sep 17 00:00:00 2001
From: eeintech <eeintech@eeinte.ch>
Date: Mon, 5 Oct 2020 10:52:47 -0500
Subject: [PATCH 09/26] Fixed permission assign test unit

---
 InvenTree/users/admin.py  | 1 +
 InvenTree/users/models.py | 1 +
 InvenTree/users/tests.py  | 6 ++++--
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/InvenTree/users/admin.py b/InvenTree/users/admin.py
index 765bc0d795..e4974a3f7a 100644
--- a/InvenTree/users/admin.py
+++ b/InvenTree/users/admin.py
@@ -101,6 +101,7 @@ class RoleGroupAdmin(admin.ModelAdmin):
 
     def save_formset(self, request, form, formset, change):
         formset.save()  # this will save the children
+        # update_fields is required to trigger permissions update
         form.instance.save(update_fields=['name'])  # form.instance is the parent
 
 
diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index 990d3770c0..df8e91d293 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -335,6 +335,7 @@ def create_missing_rule_sets(sender, instance, **kwargs):
     group permissions.
     """
     created = kwargs.get('created', False)
+    # To trigger the group permissions update: update_fields should not be None
     update_fields = kwargs.get('update_fields', None)
 
     if created or update_fields:
diff --git a/InvenTree/users/tests.py b/InvenTree/users/tests.py
index d14ffc4950..e277422f71 100644
--- a/InvenTree/users/tests.py
+++ b/InvenTree/users/tests.py
@@ -137,7 +137,8 @@ class RuleSetModelTest(TestCase):
 
             rule.save()
 
-        group.save()
+        # update_fields is required to trigger permissions update
+        group.save(update_fields=['name'])
 
         # There should now be three permissions for each rule set
         self.assertEqual(group.permissions.count(), 3 * len(permission_set))
@@ -151,7 +152,8 @@ class RuleSetModelTest(TestCase):
 
             rule.save()
 
-        group.save()
+        # update_fields is required to trigger permissions update
+        group.save(update_fields=['name'])
 
         # There should now not be any permissions assigned to this group
         self.assertEqual(group.permissions.count(), 0)

From 8b2189dacad374b39478a1452a9a72d186a1b840 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 09:27:22 +1100
Subject: [PATCH 10/26] Add global context 'roles'

- Access via template e.g. {% if roles.part.view %}
- Always True if the user is a superuser
---
 InvenTree/InvenTree/context.py  | 33 +++++++++++++++++++++++++++++++++
 InvenTree/InvenTree/settings.py |  1 +
 2 files changed, 34 insertions(+)

diff --git a/InvenTree/InvenTree/context.py b/InvenTree/InvenTree/context.py
index 7de41eef15..71aee5c2c5 100644
--- a/InvenTree/InvenTree/context.py
+++ b/InvenTree/InvenTree/context.py
@@ -17,3 +17,36 @@ def status_codes(request):
         'BuildStatus': BuildStatus,
         'StockStatus': StockStatus,
     }
+
+
+def user_roles(request):
+    """
+    Return a map of the current roles assigned to the user.
+    
+    Roles are denoted by their simple names, and then the permission type.
+
+    Permissions can be access as follows:
+
+    - roles.part.view
+    - roles.build.delete
+
+    Each value will return a boolean True / False
+    """
+
+    user = request.user
+
+    roles = {}
+
+    for group in user.groups.all():
+        for rule in group.rule_sets.all():
+            roles[rule.name] = {
+                'view': rule.can_view or user.is_superuser,
+                'add': rule.can_add or user.is_superuser,
+                'change': rule.can_change or user.is_superuser,
+                'delete': rule.can_delete or user.is_superuser,
+            }
+
+    print("Roles:")
+    print(roles)
+
+    return {'roles': roles}
diff --git a/InvenTree/InvenTree/settings.py b/InvenTree/InvenTree/settings.py
index 75f6f58993..c6f8b40069 100644
--- a/InvenTree/InvenTree/settings.py
+++ b/InvenTree/InvenTree/settings.py
@@ -210,6 +210,7 @@ TEMPLATES = [
                 'django.contrib.auth.context_processors.auth',
                 'django.contrib.messages.context_processors.messages',
                 'InvenTree.context.status_codes',
+                'InvenTree.context.user_roles',
             ],
         },
     },

From 556ffa1099197a0f41d734dbdcc4782e2e40b5ee Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 09:28:05 +1100
Subject: [PATCH 11/26] Change label for permissions to match django permission
 names

---
 .../migrations/0003_auto_20201005_2227.py     | 23 +++++++++++++++++++
 InvenTree/users/models.py                     |  4 ++--
 2 files changed, 25 insertions(+), 2 deletions(-)
 create mode 100644 InvenTree/users/migrations/0003_auto_20201005_2227.py

diff --git a/InvenTree/users/migrations/0003_auto_20201005_2227.py b/InvenTree/users/migrations/0003_auto_20201005_2227.py
new file mode 100644
index 0000000000..92d7e341fa
--- /dev/null
+++ b/InvenTree/users/migrations/0003_auto_20201005_2227.py
@@ -0,0 +1,23 @@
+# Generated by Django 3.0.7 on 2020-10-05 22:27
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('users', '0002_auto_20201004_0158'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='ruleset',
+            name='can_add',
+            field=models.BooleanField(default=False, help_text='Permission to add items', verbose_name='Add'),
+        ),
+        migrations.AlterField(
+            model_name='ruleset',
+            name='can_change',
+            field=models.BooleanField(default=False, help_text='Permissions to edit items', verbose_name='Change'),
+        ),
+    ]
diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index 5fe86e15fa..3bd976f0a4 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -134,9 +134,9 @@ class RuleSet(models.Model):
 
     can_view = models.BooleanField(verbose_name=_('View'), default=True, help_text=_('Permission to view items'))
 
-    can_add = models.BooleanField(verbose_name=_('Create'), default=False, help_text=_('Permission to add items'))
+    can_add = models.BooleanField(verbose_name=_('Add'), default=False, help_text=_('Permission to add items'))
 
-    can_change = models.BooleanField(verbose_name=_('Update'), default=False, help_text=_('Permissions to edit items'))
+    can_change = models.BooleanField(verbose_name=_('Change'), default=False, help_text=_('Permissions to edit items'))
 
     can_delete = models.BooleanField(verbose_name=_('Delete'), default=False, help_text=_('Permission to delete items'))
     

From 23aee234f0002b35f93945994562ccb3037d5d92 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 09:32:05 +1100
Subject: [PATCH 12/26] Change index page to use roles rather than perms to
 determine user permissions

---
 InvenTree/templates/InvenTree/index.html | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/InvenTree/templates/InvenTree/index.html b/InvenTree/templates/InvenTree/index.html
index b20d61116d..8e59d51d2b 100644
--- a/InvenTree/templates/InvenTree/index.html
+++ b/InvenTree/templates/InvenTree/index.html
@@ -9,24 +9,24 @@ InvenTree | {% trans "Index" %}
 <hr>
 
 <div class='col-sm-6'>
-    {% if perms.part.view_part %}
+    {% if roles.part.view %}
     {% include "InvenTree/latest_parts.html" with collapse_id="latest_parts" %}
     {% include "InvenTree/bom_invalid.html" with collapse_id="bom_invalid" %}
     {% include "InvenTree/starred_parts.html" with collapse_id="starred" %}
     {% endif %}
-    {% if perms.build.view_build %}
+    {% if roles.build.view %}
     {% include "InvenTree/build_pending.html" with collapse_id="build_pending" %}
     {% endif %}
 </div>
 <div class='col-sm-6'>
-    {% if perms.stock.view_stockitem %}
+    {% if roles.stock.view %}
     {% include "InvenTree/low_stock.html" with collapse_id="order" %}
     {% include "InvenTree/required_stock_build.html" with collapse_id="stock_to_build" %}
     {% endif %}
-    {% if perms.order.view_purchaseorder %}
+    {% if roles.purchase_order.view %}
     {% include "InvenTree/po_outstanding.html" with collapse_id="po_outstanding" %}
     {% endif %}
-    {% if perms.order.view_salesorder %}
+    {% if roles.sales_order.view %}
     {% include "InvenTree/so_outstanding.html" with collapse_id="so_outstanding" %}
     {% endif %}
 </div>

From fa21d66c411aadf71031ba415b02ea12e64fd3cf Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 09:54:37 +1100
Subject: [PATCH 13/26] Fix logic for global context object 'roles'

- User may be a part of multiple groups
- Roles are additive across groups
---
 InvenTree/InvenTree/context.py | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/InvenTree/InvenTree/context.py b/InvenTree/InvenTree/context.py
index 71aee5c2c5..f9d856f566 100644
--- a/InvenTree/InvenTree/context.py
+++ b/InvenTree/InvenTree/context.py
@@ -35,18 +35,25 @@ def user_roles(request):
 
     user = request.user
 
-    roles = {}
+    roles = {
+    }
 
     for group in user.groups.all():
         for rule in group.rule_sets.all():
-            roles[rule.name] = {
-                'view': rule.can_view or user.is_superuser,
-                'add': rule.can_add or user.is_superuser,
-                'change': rule.can_change or user.is_superuser,
-                'delete': rule.can_delete or user.is_superuser,
-            }
 
-    print("Roles:")
-    print(roles)
+            # Ensure the role name is in the dict
+            if rule.name not in roles:
+                roles[rule.name] = {
+                    'view': user.is_superuser,
+                    'add': user.is_superuser,
+                    'change': user.is_superuser,
+                    'delete': user.is_superuser
+                }
+
+            # Roles are additive across groups
+            roles[rule.name]['view'] |= rule.can_view
+            roles[rule.name]['add'] |= rule.can_add
+            roles[rule.name]['change'] |= rule.can_change
+            roles[rule.name]['delete'] |= rule.can_delete
 
     return {'roles': roles}

From d2e2e7511f70e90c2e6f3787bc66bc5ea65a9df3 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 10:07:39 +1100
Subject: [PATCH 14/26] Update templates: Change perms to roles

---
 InvenTree/part/templates/part/bom.html       |  2 +-
 InvenTree/part/templates/part/build.html     |  2 +-
 InvenTree/part/templates/part/category.html  | 14 +++++++-------
 InvenTree/part/templates/part/notes.html     |  2 +-
 InvenTree/part/templates/part/params.html    |  8 ++++----
 InvenTree/part/templates/part/part_base.html | 16 ++++++++--------
 InvenTree/part/templates/part/tabs.html      |  2 +-
 InvenTree/templates/navbar.html              | 10 +++++-----
 InvenTree/templates/stock_table.html         |  8 ++++----
 9 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/InvenTree/part/templates/part/bom.html b/InvenTree/part/templates/part/bom.html
index 610e60847a..c996edc2db 100644
--- a/InvenTree/part/templates/part/bom.html
+++ b/InvenTree/part/templates/part/bom.html
@@ -39,7 +39,7 @@
     <button class='btn btn-default action-button' type='button' title='{% trans "New BOM Item" %}' id='bom-item-new'><span class='fas fa-plus-circle'></span></button>
     <button class='btn btn-default action-button' type='button' title='{% trans "Finish Editing" %}' id='editing-finished'><span class='fas fa-check-circle'></span></button>
     {% elif part.active %}
-    {% if perms.part.change_part %}
+    {% if roles.part.change %}
     <button class='btn btn-default action-button' type='button' title='{% trans "Edit BOM" %}' id='edit-bom'><span class='fas fa-edit'></span></button>
     {% if part.is_bom_valid == False %}
     <button class='btn btn-default action-button' id='validate-bom' title='{% trans "Validate Bill of Materials" %}' type='button'><span class='fas fa-clipboard-check'></span></button>
diff --git a/InvenTree/part/templates/part/build.html b/InvenTree/part/templates/part/build.html
index ad51d33ab2..bfd72a2f70 100644
--- a/InvenTree/part/templates/part/build.html
+++ b/InvenTree/part/templates/part/build.html
@@ -10,7 +10,7 @@
 <div id='button-toolbar'>
     <div class='button-toolbar container-flui' style='float: right';>
         {% if part.active %}
-        {% if perms.build.add_build %}
+        {% if roles.build.add %}
         <button class="btn btn-success" id='start-build'>{% trans "Start New Build" %}</button>
         {% endif %}
         {% endif %}
diff --git a/InvenTree/part/templates/part/category.html b/InvenTree/part/templates/part/category.html
index 25417a1d9b..d73aba0291 100644
--- a/InvenTree/part/templates/part/category.html
+++ b/InvenTree/part/templates/part/category.html
@@ -9,7 +9,7 @@
         {% if category %}
         <h3>
             {{ category.name }}
-            {% if user.is_staff and perms.part.change_partcategory %}
+            {% if user.is_staff and roles.part.change %}
             <a href="{% url 'admin:part_partcategory_change' category.pk %}"><span title="{% trans 'Admin view' %}" class='fas fa-user-shield'></span></a>
             {% endif %}
         </h3>
@@ -20,18 +20,18 @@
         {% endif %}
         <p>
             <div class='btn-group action-buttons'>
-                {% if perms.part.add_partcategory %}
+                {% if roles.part.add %}
                 <button class='btn btn-default' id='cat-create' title='{% trans "Create new part category" %}'>
                     <span class='fas fa-plus-circle icon-green'/>
                 </button>
                 {% endif %}
                 {% if category %}
-                {% if perms.part.change_partcategory %}
+                {% if roles.part.change %}
                 <button class='btn btn-default' id='cat-edit' title='{% trans "Edit part category" %}'>
                     <span class='fas fa-edit icon-blue'/>
                 </button>
                 {% endif %}
-                {% if perms.part.delete_partcategory %}
+                {% if roles.part.delete %}
                 <button class='btn btn-default' id='cat-delete' title='{% trans "Delete part category" %}'>
                     <span class='fas fa-trash-alt icon-red'/>
                 </button>
@@ -110,13 +110,13 @@
     <div class='button-toolbar container-fluid' style="float: right;">
         <div class='btn-group'>
             <button class='btn btn-default' id='part-export' title='{% trans "Export Part Data" %}'>{% trans "Export" %}</button>
-            {% if perms.part.add_part %}
+            {% if roles.part.add %}
             <button class='btn btn-success' id='part-create' title='{% trans "Create new part" %}'>{% trans "New Part" %}</button>
             {% endif %}
             <div class='btn-group'>
                 <button id='part-options' class='btn btn-primary dropdown-toggle' type='button' data-toggle="dropdown">{% trans "Options" %}<span class='caret'></span></button>
                 <ul class='dropdown-menu'>
-                    {% if perms.part.change_part %}
+                    {% if roles.part.change %}
                     <li><a href='#' id='multi-part-category' title='{% trans "Set category" %}'>{% trans "Set Category" %}</a></li>
                     {% endif %}
                     <li><a href='#' id='multi-part-order' title='{% trans "Order parts" %}'>{% trans "Order Parts" %}</a></li>
@@ -190,7 +190,7 @@
         location.href = url;
     });
 
-    {% if perms.part.add_part %}
+    {% if roles.part.add %}
     $("#part-create").click(function() {
         launchModalForm(
             "{% url 'part-create' %}",
diff --git a/InvenTree/part/templates/part/notes.html b/InvenTree/part/templates/part/notes.html
index 68711c881e..3f833325cd 100644
--- a/InvenTree/part/templates/part/notes.html
+++ b/InvenTree/part/templates/part/notes.html
@@ -29,7 +29,7 @@
         <h4>{% trans "Part Notes" %}</h4>
     </div>
     <div class='col-sm-6'>
-        {% if perms.part.change_part %}
+        {% if roles.part.change %}
         <button title='{% trans "Edit notes" %}' class='btn btn-default action-button float-right' id='edit-notes'><span class='fas fa-edit'></span></button>
         {% endif %}
     </div>
diff --git a/InvenTree/part/templates/part/params.html b/InvenTree/part/templates/part/params.html
index 9984830242..ba8aa0566d 100644
--- a/InvenTree/part/templates/part/params.html
+++ b/InvenTree/part/templates/part/params.html
@@ -10,7 +10,7 @@
 
 <div id='button-toolbar'>
     <div class='button-toolbar container-fluid' style='float: right;'>
-        {% if perms.part.add_partparameter %}
+        {% if roles.part.add %}
         <button title='{% trans "Add new parameter" %}' class='btn btn-success' id='param-create'>{% trans "New Parameter" %}</button>
         {% endif %}
     </div>
@@ -32,10 +32,10 @@
             <td>
                 {{ param.template.units }}
                 <div class='btn-group' style='float: right;'>
-                    {% if perms.part.change_partparameter %}
+                    {% if roles.part.change %}
                     <button title='{% trans "Edit" %}' class='btn btn-default btn-glyph param-edit' url="{% url 'part-param-edit' param.id %}" type='button'><span class='fas fa-edit'/></button>
                     {% endif %}
-                    {% if perms.part.delete_partparameter %}
+                    {% if roles.part.delete %}
                     <button title='{% trans "Delete" %}' class='btn btn-default btn-glyph param-delete' url="{% url 'part-param-delete' param.id %}" type='button'><span class='fas fa-trash-alt icon-red'/></button>
                     {% endif %}
                 </div>
@@ -54,7 +54,7 @@
     $('#param-table').inventreeTable({
     });
 
-    {% if perms.part.add_partparameter %}
+    {% if roles.part.add %}
     $('#param-create').click(function() {
         launchModalForm("{% url 'part-param-create' %}?part={{ part.id }}", {
             reload: true,
diff --git a/InvenTree/part/templates/part/part_base.html b/InvenTree/part/templates/part/part_base.html
index 6103cb5369..750f3f3806 100644
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@@ -56,13 +56,13 @@
             <button type='button' class='btn btn-default' id='price-button' title='{% trans "Show pricing information" %}'>
                 <span id='part-price-icon' class='fas fa-dollar-sign'/>
             </button>
-            {% if perms.stock.change_stockitem %}
+            {% if roles.stock.change %}
             <button type='button' class='btn btn-default' id='part-count' title='{% trans "Count part stock" %}'>
                 <span class='fas fa-clipboard-list'/>
             </button>
             {% endif %}
             {% if part.purchaseable %}
-            {% if perms.order.add_purchaseorder %}
+            {% if roles.purchase_order.add %}
             <button type='button' class='btn btn-default' id='part-order' title='{% trans "Order part" %}'>
                 <span id='part-order-icon' class='fas fa-shopping-cart'/>
             </button>
@@ -70,17 +70,17 @@
             {% endif %}
             {% endif %}
             <!-- Part actions -->
-            {% if perms.part.add_part or perms.part.change_part or perms.part.delete_part %}
+            {% if roles.part.add or roles.part.change or roles.part.delete %}
             <div class='btn-group'>
                 <button id='part-actions' title='{% trans "Part actions" %}' class='btn btn-default dropdown-toggle' type='button' data-toggle='dropdown'> <span class='fas fa-shapes'></span> <span class='caret'></span></button>
                 <ul class='dropdown-menu'>
-                    {% if perms.part.add_part %}
+                    {% if roles.part.add %}
                     <li><a href='#' id='part-duplicate'><span class='fas fa-copy'></span> {% trans "Duplicate part" %}</a></li>
                     {% endif %}
-                    {% if perms.part.change_part %}
+                    {% if roles.part.change %}
                     <li><a href='#' id='part-edit'><span class='fas fa-edit icon-blue'></span> {% trans "Edit part" %}</a></li>
                     {% endif %}
-                    {% if not part.active and perms.part.delete_part %}
+                    {% if not part.active and roles.part.delete %}
                     <li><a href='#' id='part-delete'><span class='fas fa-trash-alt icon-red'></span> {% trans "Delete part" %}</a></li>
                     {% endif %}
                 </ul>
@@ -284,7 +284,7 @@
                         });
     });
 
-    {% if perms.part.change_part %}
+    {% if roles.part.change %}
     $("#part-edit").click(function() {
         launchModalForm(
             "{% url 'part-edit' part.id %}",
@@ -304,7 +304,7 @@
         });
     });
 
-    {% if perms.part.add_part %}
+    {% if roles.part.add %}
     $("#part-duplicate").click(function() {
         launchModalForm(
             "{% url 'part-duplicate' part.id %}",
diff --git a/InvenTree/part/templates/part/tabs.html b/InvenTree/part/templates/part/tabs.html
index 02d8672979..e36675eeab 100644
--- a/InvenTree/part/templates/part/tabs.html
+++ b/InvenTree/part/templates/part/tabs.html
@@ -26,7 +26,7 @@
     {% if part.assembly %}
     <li{% ifequal tab 'bom' %} class="active"{% endifequal %}>
         <a href="{% url 'part-bom' part.id %}">{% trans "BOM" %}<span class="badge{% if part.is_bom_valid == False %} badge-alert{% endif %}">{{ part.bom_count }}</span></a></li>
-    {% if perms.build.view_build %}
+    {% if roles.build.view %}
     <li{% ifequal tab 'build' %} class="active"{% endifequal %}>
         <a href="{% url 'part-build' part.id %}">{% trans "Build Orders" %}<span class='badge'>{{ part.builds.count }}</span></a>
     </li>
diff --git a/InvenTree/templates/navbar.html b/InvenTree/templates/navbar.html
index 2224d85bc4..148a96c583 100644
--- a/InvenTree/templates/navbar.html
+++ b/InvenTree/templates/navbar.html
@@ -15,16 +15,16 @@
     </div>
     <div class="navbar-collapse collapse">
       <ul class="nav navbar-nav">
-        {% if perms.part.view_part or perms.part.view_partcategory %}
+        {% if roles.part.view %}
         <li><a href="{% url 'part-index' %}"><span class='fas fa-shapes icon-header'></span>{% trans "Parts" %}</a></li>
         {% endif %}
-        {% if perms.stock.view_stockitem or perms.part.view_stocklocation %}
+        {% if roles.stock.view %}
         <li><a href="{% url 'stock-index' %}"><span class='fas fa-boxes icon-header'></span>{% trans "Stock" %}</a></li>
         {% endif %}
-        {% if perms.build.view_build %}
+        {% if roles.build.view %}
         <li><a href="{% url 'build-index' %}"><span class='fas fa-tools icon-header'></span>{% trans "Build" %}</a></li>
         {% endif %}
-        {% if perms.order.view_purchaseorder %}
+        {% if roles.purchase_order.view %}
         <li class='nav navbar-nav'>
           <a class='dropdown-toggle' data-toggle='dropdown' href='#'><span class='fas fa-shopping-cart icon-header'></span>{% trans "Buy" %}</a>
           <ul class='dropdown-menu'>
@@ -34,7 +34,7 @@
           </ul>
         </li>
         {% endif %}
-        {% if perms.order.view_salesorder %}
+        {% if roles.sales_order.view %}
         <li class='nav navbar-nav'>
           <a class='dropdown-toggle' data-toggle='dropdown' href='#'><span class='fas fa-truck icon-header'></span>{% trans "Sell" %}</a>
           <ul class='dropdown-menu'>
diff --git a/InvenTree/templates/stock_table.html b/InvenTree/templates/stock_table.html
index be26b1a976..b4b1b9d50f 100644
--- a/InvenTree/templates/stock_table.html
+++ b/InvenTree/templates/stock_table.html
@@ -6,21 +6,21 @@
             <button class='btn btn-default' id='stock-export' title='{% trans "Export Stock Information" %}'>{% trans "Export" %}</button>
             {% if read_only %}
             {% else %}
-            {% if perms.stock.add_stockitem %}
+            {% if roles.stock.add %}
             <button class="btn btn-success" id='item-create'>{% trans "New Stock Item" %}</button>
             {% endif %}
-            {% if perms.stock.change_stockitem or perms.stock.delete_stockitem %}
+            {% if roles.stock.change or roles.stock.delete %}
             <div class="btn-group">
                 <button id='stock-options' class="btn btn-primary dropdown-toggle" type="button" data-toggle="dropdown">{% trans "Options" %}<span class="caret"></span></button>
                 <ul class="dropdown-menu">
-                    {% if perms.stock.change_stockitem %}
+                    {% if roles.stock.change %}
                     <li><a href="#" id='multi-item-add' title='{% trans "Add to selected stock items" %}'>{% trans "Add stock" %}</a></li>
                     <li><a href="#" id='multi-item-remove' title='{% trans "Remove from selected stock items" %}'>{% trans "Remove stock" %}</a></li>
                     <li><a href="#" id='multi-item-stocktake' title='{% trans "Stocktake selected stock items" %}'>{% trans "Count stock" %}</a></li>
                     <li><a href='#' id='multi-item-move' title='{% trans "Move selected stock items" %}'>{% trans "Move stock" %}</a></li>
                     <li><a href='#' id='multi-item-order' title='{% trans "Order selected items" %}'>{% trans "Order stock" %}</a></li>
                     {% endif %}
-                    {% if perms.stock.delete_stockitem %}
+                    {% if roles.stock.delete %}
                     <li><a href='#' id='multi-item-delete' title='{% trans "Delete selected items" %}'>{% trans "Delete Stock" %}</a></li>
                     {% endif %}
                 </ul>

From dc2c9aa662e9a4af344ed60da0db84045da1e3a0 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 11:29:38 +1100
Subject: [PATCH 15/26] Add InvenTreeRoleMixin

- Simplifies permission requirements for views
- e.g. 'part.view' rather than 'part.view_partcategory'
---
 InvenTree/InvenTree/views.py | 54 ++++++++++++++++++++++++++++++++++++
 InvenTree/part/api.py        |  4 +++
 InvenTree/part/views.py      | 25 +++++++++--------
 InvenTree/stock/api.py       |  4 +++
 InvenTree/users/models.py    | 32 +++++++++++++++++++++
 5 files changed, 108 insertions(+), 11 deletions(-)

diff --git a/InvenTree/InvenTree/views.py b/InvenTree/InvenTree/views.py
index d940229ebe..9cd4aeb514 100644
--- a/InvenTree/InvenTree/views.py
+++ b/InvenTree/InvenTree/views.py
@@ -22,6 +22,7 @@ from django.views.generic.base import TemplateView
 from part.models import Part, PartCategory
 from stock.models import StockLocation, StockItem
 from common.models import InvenTreeSetting, ColorTheme
+from users.models import check_user_role, RuleSet
 
 from .forms import DeleteForm, EditUserForm, SetPasswordForm, ColorThemeSelectForm
 from .helpers import str2bool
@@ -682,3 +683,56 @@ class DatabaseStatsView(AjaxView):
         """
 
         return ctx
+
+
+class InvenTreeRoleMixin(PermissionRequiredMixin):
+    """
+    Permission class based on user roles, not user 'permissions'.
+
+    To specify which role is required for the mixin,
+    set the class attribute 'role_required' to something like the following:
+
+    role_required = 'part.add'
+    role_required = [
+        'part.change',
+        'build.add',
+    ]
+    """
+
+    # By default, no roles are required
+    # Roles must be specified 
+    role_required = None
+
+    def has_permission(self):
+        """
+        Determine if the current user 
+        """
+
+        roles_required = []
+
+        if type(self.role_required) is str:
+            roles_required.append(self.role_required)
+        elif type(self.role_required) in [list, tuple]:
+            roles_required = self.role_required
+
+        # List of permissions that will be required
+        permissions = []
+
+        user = self.request.user
+
+        # Superuser can have any permissions they desire
+        if user.is_superuser:
+            return True
+
+        print(type(self), "Required roles:", roles_required)
+
+        for required in roles_required:
+
+            (role, permission) = required.split('.')
+            
+            # Return False if the user does not have *any* of the required roles
+            if not check_user_role(user, role, permission):
+                return False
+
+        # We did not fail any required checks
+        return True
diff --git a/InvenTree/part/api.py b/InvenTree/part/api.py
index d4aeec5bd9..d643b8671a 100644
--- a/InvenTree/part/api.py
+++ b/InvenTree/part/api.py
@@ -44,6 +44,10 @@ class PartCategoryTree(TreeSerializer):
     def get_items(self):
         return PartCategory.objects.all().prefetch_related('parts', 'children')
 
+    permission_classes = [
+        permissions.IsAuthenticated,
+    ]
+
 
 class CategoryList(generics.ListCreateAPIView):
     """ API endpoint for accessing a list of PartCategory objects.
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index 8e0980c35e..e352cddb08 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -12,7 +12,6 @@ from django.shortcuts import HttpResponseRedirect
 from django.utils.translation import gettext_lazy as _
 from django.urls import reverse, reverse_lazy
 from django.views.generic import DetailView, ListView, FormView, UpdateView
-from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.forms.models import model_to_dict
 from django.forms import HiddenInput, CheckboxInput
 from django.conf import settings
@@ -39,17 +38,21 @@ from .admin import PartResource
 
 from InvenTree.views import AjaxView, AjaxCreateView, AjaxUpdateView, AjaxDeleteView
 from InvenTree.views import QRCodeView
+from InvenTree.views import InvenTreeRoleMixin
 
 from InvenTree.helpers import DownloadFile, str2bool
 
 
-class PartIndex(PermissionRequiredMixin, ListView):
+class PartIndex(InvenTreeRoleMixin, ListView):
     """ View for displaying list of Part objects
     """
+
     model = Part
     template_name = 'part/category.html'
     context_object_name = 'parts'
-    permission_required = ('part.view_part', 'part.view_partcategory')
+
+    role_required = 'part.view'
+
 
     def get_queryset(self):
         return Part.objects.all().select_related('category')
@@ -658,7 +661,7 @@ class PartNotes(UpdateView):
         return ctx
 
 
-class PartDetail(PermissionRequiredMixin, DetailView):
+class PartDetail(InvenTreeRoleMixin, DetailView):
     """ Detail view for Part object
     """
 
@@ -666,7 +669,7 @@ class PartDetail(PermissionRequiredMixin, DetailView):
     queryset = Part.objects.all().select_related('category')
     template_name = 'part/detail.html'
 
-    permission_required = 'part.view_part'
+    role_required = 'part.view'
 
     # Add in some extra context information based on query params
     def get_context_data(self, **kwargs):
@@ -869,7 +872,7 @@ class BomValidate(AjaxUpdateView):
         return self.renderJsonResponse(request, form, data, context=self.get_context())
 
 
-class BomUpload(PermissionRequiredMixin, FormView):
+class BomUpload(InvenTreeRoleMixin, FormView):
     """ View for uploading a BOM file, and handling BOM data importing.
 
     The BOM upload process is as follows:
@@ -905,7 +908,7 @@ class BomUpload(PermissionRequiredMixin, FormView):
     missing_columns = []
     allowed_parts = []
 
-    permission_required = ('part.change_part', 'part.add_bomitem')
+    role_required = ('part.change', 'part.add')
 
     def get_success_url(self):
         part = self.get_object()
@@ -1931,7 +1934,7 @@ class PartParameterDelete(AjaxDeleteView):
     ajax_form_title = _('Delete Part Parameter')
     
 
-class CategoryDetail(PermissionRequiredMixin, DetailView):
+class CategoryDetail(InvenTreeRoleMixin, DetailView):
     """ Detail view for PartCategory """
 
     model = PartCategory
@@ -1939,7 +1942,7 @@ class CategoryDetail(PermissionRequiredMixin, DetailView):
     queryset = PartCategory.objects.all().prefetch_related('children')
     template_name = 'part/category_partlist.html'
 
-    permission_required = 'part.view_partcategory'
+    role_required = 'part.view'
 
     def get_context_data(self, **kwargs):
 
@@ -2081,13 +2084,13 @@ class CategoryCreate(AjaxCreateView):
         return initials
 
 
-class BomItemDetail(PermissionRequiredMixin, DetailView):
+class BomItemDetail(InvenTreeRoleMixin, DetailView):
     """ Detail view for BomItem """
     context_object_name = 'item'
     queryset = BomItem.objects.all()
     template_name = 'part/bom-detail.html'
 
-    permission_required = 'part.view_bomitem'
+    role_required = 'part.view'
 
 
 class BomItemCreate(AjaxCreateView):
diff --git a/InvenTree/stock/api.py b/InvenTree/stock/api.py
index 790de7d879..ba802b75d9 100644
--- a/InvenTree/stock/api.py
+++ b/InvenTree/stock/api.py
@@ -52,6 +52,10 @@ class StockCategoryTree(TreeSerializer):
     def get_items(self):
         return StockLocation.objects.all().prefetch_related('stock_items', 'children')
 
+    permission_classes = [
+        permissions.IsAuthenticated,
+    ]
+
 
 class StockDetail(generics.RetrieveUpdateDestroyAPIView):
     """ API detail endpoint for Stock object
diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index 3bd976f0a4..24b0318695 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -329,3 +329,35 @@ def create_missing_rule_sets(sender, instance, **kwargs):
     """
 
     update_group_roles(instance)
+
+
+def check_user_role(user, role, permission):
+    """
+    Check if a user has a particular role:permission combination.
+
+    If the user is a superuser, this will return True
+    """
+
+    if user.is_superuser:
+        return True
+
+    for group in user.groups.all():
+
+        for rule in group.rule_sets.all():
+
+            if rule.name == role:
+
+                if permission == 'add' and rule.can_add:
+                    return True
+
+                if permission == 'change' and rule.can_change:
+                    return True
+
+                if permission == 'view' and rule.can_view:
+                    return True
+
+                if permission == 'delete' and rule.can_delete:
+                    return True
+
+    # No matching permissions found
+    return False

From c740cce5e435523e800e15dcb73433c1673b2f46 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 11:31:04 +1100
Subject: [PATCH 16/26] PEP fixes

---
 InvenTree/InvenTree/views.py | 9 +++------
 InvenTree/part/views.py      | 1 -
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/InvenTree/InvenTree/views.py b/InvenTree/InvenTree/views.py
index 9cd4aeb514..ca8f6c646c 100644
--- a/InvenTree/InvenTree/views.py
+++ b/InvenTree/InvenTree/views.py
@@ -22,7 +22,7 @@ from django.views.generic.base import TemplateView
 from part.models import Part, PartCategory
 from stock.models import StockLocation, StockItem
 from common.models import InvenTreeSetting, ColorTheme
-from users.models import check_user_role, RuleSet
+from users.models import check_user_role
 
 from .forms import DeleteForm, EditUserForm, SetPasswordForm, ColorThemeSelectForm
 from .helpers import str2bool
@@ -700,12 +700,12 @@ class InvenTreeRoleMixin(PermissionRequiredMixin):
     """
 
     # By default, no roles are required
-    # Roles must be specified 
+    # Roles must be specified
     role_required = None
 
     def has_permission(self):
         """
-        Determine if the current user 
+        Determine if the current user
         """
 
         roles_required = []
@@ -715,9 +715,6 @@ class InvenTreeRoleMixin(PermissionRequiredMixin):
         elif type(self.role_required) in [list, tuple]:
             roles_required = self.role_required
 
-        # List of permissions that will be required
-        permissions = []
-
         user = self.request.user
 
         # Superuser can have any permissions they desire
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index e352cddb08..09390bf8c0 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -53,7 +53,6 @@ class PartIndex(InvenTreeRoleMixin, ListView):
 
     role_required = 'part.view'
 
-
     def get_queryset(self):
         return Part.objects.all().select_related('category')
 

From 11d31960c7c64b78b6ced94fe662d611119596a9 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 11:42:16 +1100
Subject: [PATCH 17/26] Change modal form permissions to use new "role"
 strategy

---
 InvenTree/InvenTree/views.py | 119 +++++++++++++++--------------------
 InvenTree/part/views.py      |  74 +++++++++++-----------
 2 files changed, 89 insertions(+), 104 deletions(-)

diff --git a/InvenTree/InvenTree/views.py b/InvenTree/InvenTree/views.py
index ca8f6c646c..198903db9a 100644
--- a/InvenTree/InvenTree/views.py
+++ b/InvenTree/InvenTree/views.py
@@ -108,31 +108,66 @@ class TreeSerializer(views.APIView):
         return JsonResponse(response, safe=False)
 
 
-class AjaxMixin(PermissionRequiredMixin):
+class InvenTreeRoleMixin(PermissionRequiredMixin):
+    """
+    Permission class based on user roles, not user 'permissions'.
+
+    To specify which role is required for the mixin,
+    set the class attribute 'role_required' to something like the following:
+
+    role_required = 'part.add'
+    role_required = [
+        'part.change',
+        'build.add',
+    ]
+    """
+
+    # By default, no roles are required
+    # Roles must be specified
+    role_required = None
+
+    def has_permission(self):
+        """
+        Determine if the current user
+        """
+
+        roles_required = []
+
+        if type(self.role_required) is str:
+            roles_required.append(self.role_required)
+        elif type(self.role_required) in [list, tuple]:
+            roles_required = self.role_required
+
+        user = self.request.user
+
+        # Superuser can have any permissions they desire
+        if user.is_superuser:
+            return True
+
+        for required in roles_required:
+
+            (role, permission) = required.split('.')
+            
+            # Return False if the user does not have *any* of the required roles
+            if not check_user_role(user, role, permission):
+                return False
+
+        # We did not fail any required checks
+        return True
+
+
+class AjaxMixin(InvenTreeRoleMixin):
     """ AjaxMixin provides basic functionality for rendering a Django form to JSON.
     Handles jsonResponse rendering, and adds extra data for the modal forms to process
     on the client side.
 
     Any view which inherits the AjaxMixin will need
-    correct permissions set using the 'permission_required' attribute
+    correct permissions set using the 'role_required' attribute
 
     """
 
-    # By default, allow *any* permissions
-    permission_required = '*'
-
-    def has_permission(self):
-        """
-        Override the default behaviour of has_permission from PermissionRequiredMixin.
-
-        Basically, if permission_required attribute = '*',
-        no permissions are actually required!
-        """
-
-        if self.permission_required == '*':
-            return True
-        else:
-            return super().has_permission()
+    # By default, allow *any* role
+    role_required = None
 
     # By default, point to the modal_form template
     # (this can be overridden by a child class)
@@ -683,53 +718,3 @@ class DatabaseStatsView(AjaxView):
         """
 
         return ctx
-
-
-class InvenTreeRoleMixin(PermissionRequiredMixin):
-    """
-    Permission class based on user roles, not user 'permissions'.
-
-    To specify which role is required for the mixin,
-    set the class attribute 'role_required' to something like the following:
-
-    role_required = 'part.add'
-    role_required = [
-        'part.change',
-        'build.add',
-    ]
-    """
-
-    # By default, no roles are required
-    # Roles must be specified
-    role_required = None
-
-    def has_permission(self):
-        """
-        Determine if the current user
-        """
-
-        roles_required = []
-
-        if type(self.role_required) is str:
-            roles_required.append(self.role_required)
-        elif type(self.role_required) in [list, tuple]:
-            roles_required = self.role_required
-
-        user = self.request.user
-
-        # Superuser can have any permissions they desire
-        if user.is_superuser:
-            return True
-
-        print(type(self), "Required roles:", roles_required)
-
-        for required in roles_required:
-
-            (role, permission) = required.split('.')
-            
-            # Return False if the user does not have *any* of the required roles
-            if not check_user_role(user, role, permission):
-                return False
-
-        # We did not fail any required checks
-        return True
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index 09390bf8c0..6498774285 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -80,7 +80,7 @@ class PartAttachmentCreate(AjaxCreateView):
     ajax_form_title = _("Add part attachment")
     ajax_template_name = "modal_form.html"
 
-    permission_required = 'part.add_partattachment'
+    role_required = 'part.add'
 
     def post_save(self):
         """ Record the user that uploaded the attachment """
@@ -130,7 +130,7 @@ class PartAttachmentEdit(AjaxUpdateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Edit attachment')
 
-    permission_required = 'part.change_partattachment'
+    role_required = 'part.change'
     
     def get_data(self):
         return {
@@ -153,7 +153,7 @@ class PartAttachmentDelete(AjaxDeleteView):
     ajax_template_name = "attachment_delete.html"
     context_object_name = "attachment"
 
-    permission_required = 'part.delete_partattachment'
+    role_required = 'part.delete'
 
     def get_data(self):
         return {
@@ -168,7 +168,7 @@ class PartTestTemplateCreate(AjaxCreateView):
     form_class = part_forms.EditPartTestTemplateForm
     ajax_form_title = _("Create Test Template")
 
-    permission_required = 'part.add_parttesttemplate'
+    role_required = 'part.add'
     
     def get_initial(self):
 
@@ -197,7 +197,7 @@ class PartTestTemplateEdit(AjaxUpdateView):
     form_class = part_forms.EditPartTestTemplateForm
     ajax_form_title = _("Edit Test Template")
 
-    permission_required = 'part.change_parttesttemplate'
+    role_required = 'part.change'
 
     def get_form(self):
 
@@ -213,7 +213,7 @@ class PartTestTemplateDelete(AjaxDeleteView):
     model = PartTestTemplate
     ajax_form_title = _("Delete Test Template")
 
-    permission_required = 'part.delete_parttesttemplate'
+    role_required = 'part.delete'
 
 
 class PartSetCategory(AjaxUpdateView):
@@ -223,7 +223,7 @@ class PartSetCategory(AjaxUpdateView):
     ajax_form_title = _('Set Part Category')
     form_class = part_forms.SetPartCategoryForm
 
-    permission_required = 'part.change_part'
+    role_required = 'part.change'
 
     category = None
     parts = []
@@ -308,7 +308,7 @@ class MakePartVariant(AjaxCreateView):
     ajax_form_title = _('Create Variant')
     ajax_template_name = 'part/variant_part.html'
 
-    permission_required = 'part.add_part'
+    role_required = 'part.add'
 
     def get_part_template(self):
         return get_object_or_404(Part, id=self.kwargs['pk'])
@@ -388,7 +388,7 @@ class PartDuplicate(AjaxCreateView):
     ajax_form_title = _("Duplicate Part")
     ajax_template_name = "part/copy_part.html"
 
-    permission_required = 'part.add_part'
+    role_required = 'part.add'
 
     def get_data(self):
         return {
@@ -513,7 +513,7 @@ class PartCreate(AjaxCreateView):
     ajax_form_title = _('Create new part')
     ajax_template_name = 'part/create_part.html'
 
-    permission_required = 'part.add_part'
+    role_required = 'part.add'
 
     def get_data(self):
         return {
@@ -637,7 +637,7 @@ class PartNotes(UpdateView):
     template_name = 'part/notes.html'
     model = Part
 
-    permission_required = 'part.change_part'
+    role_required = 'part.change'
 
     fields = ['notes']
 
@@ -734,7 +734,7 @@ class PartQRCode(QRCodeView):
 
     ajax_form_title = _("Part QR Code")
 
-    permission_required = 'part.view_part'
+    role_required = 'part.view'
 
     def get_qr_data(self):
         """ Generate QR code data for the Part """
@@ -755,7 +755,7 @@ class PartImageUpload(AjaxUpdateView):
 
     form_class = part_forms.PartImageForm
 
-    permission_required = 'part.change_part'
+    role_required = 'part.change'
 
     def get_data(self):
         return {
@@ -770,7 +770,7 @@ class PartImageSelect(AjaxUpdateView):
     ajax_template_name = 'part/select_image.html'
     ajax_form_title = _('Select Part Image')
 
-    permission_required = 'part.change_part'
+    role_required = 'part.change'
 
     fields = [
         'image',
@@ -813,7 +813,7 @@ class PartEdit(AjaxUpdateView):
     ajax_form_title = _('Edit Part Properties')
     context_object_name = 'part'
 
-    permission_required = 'part.change_part'
+    role_required = 'part.change'
 
     def get_form(self):
         """ Create form for Part editing.
@@ -839,7 +839,7 @@ class BomValidate(AjaxUpdateView):
     context_object_name = 'part'
     form_class = part_forms.BomValidateForm
 
-    permission_required = ('part.change_part')
+    role_required = 'part.change'
 
     def get_context(self):
         return {
@@ -1507,7 +1507,7 @@ class BomUpload(InvenTreeRoleMixin, FormView):
 class PartExport(AjaxView):
     """ Export a CSV file containing information on multiple parts """
 
-    permission_required = 'part.view_part'
+    role_required = 'part.view'
 
     def get_parts(self, request):
         """ Extract part list from the POST parameters.
@@ -1586,7 +1586,7 @@ class BomDownload(AjaxView):
     - File format should be passed as a query param e.g. ?format=csv
     """
 
-    permission_required = ('part.view_part', 'part.view_bomitem')
+    role_required = 'part.view'
 
     model = Part
 
@@ -1641,7 +1641,7 @@ class BomExport(AjaxView):
     form_class = part_forms.BomExportForm
     ajax_form_title = _("Export Bill of Materials")
 
-    permission_required = ('part.view_part', 'part.view_bomitem')
+    role_required = 'part.view'
 
     def get(self, request, *args, **kwargs):
         return self.renderJsonResponse(request, self.form_class())
@@ -1692,7 +1692,7 @@ class PartDelete(AjaxDeleteView):
     ajax_form_title = _('Confirm Part Deletion')
     context_object_name = 'part'
 
-    permission_required = 'part.delete_part'
+    role_required = 'part.delete'
 
     success_url = '/part/'
 
@@ -1710,8 +1710,8 @@ class PartPricing(AjaxView):
     ajax_form_title = _("Part Pricing")
     form_class = part_forms.PartPriceForm
 
-    permission_required = ('company.view_supplierpricebreak', 'part.view_part')
-
+    role_required = ['sales_order.view', 'part.view']
+    
     def get_part(self):
         try:
             return Part.objects.get(id=self.kwargs['pk'])
@@ -1829,7 +1829,7 @@ class PartPricing(AjaxView):
 class PartParameterTemplateCreate(AjaxCreateView):
     """ View for creating a new PartParameterTemplate """
 
-    permission_required = 'part.add_partparametertemplate'
+    role_required = 'part.add'
 
     model = PartParameterTemplate
     form_class = part_forms.EditPartParameterTemplateForm
@@ -1839,7 +1839,7 @@ class PartParameterTemplateCreate(AjaxCreateView):
 class PartParameterTemplateEdit(AjaxUpdateView):
     """ View for editing a PartParameterTemplate """
 
-    permission_required = 'part.change_partparametertemplate'
+    role_required = 'part.change'
 
     model = PartParameterTemplate
     form_class = part_forms.EditPartParameterTemplateForm
@@ -1849,7 +1849,7 @@ class PartParameterTemplateEdit(AjaxUpdateView):
 class PartParameterTemplateDelete(AjaxDeleteView):
     """ View for deleting an existing PartParameterTemplate """
 
-    permission_required = 'part.delete_partparametertemplate'
+    role_required = 'part.delete'
 
     model = PartParameterTemplate
     ajax_form_title = _("Delete Part Parameter Template")
@@ -1858,7 +1858,7 @@ class PartParameterTemplateDelete(AjaxDeleteView):
 class PartParameterCreate(AjaxCreateView):
     """ View for creating a new PartParameter """
 
-    permission_required = 'part.add_partparameter'
+    role_required = 'part.add'
 
     model = PartParameter
     form_class = part_forms.EditPartParameterForm
@@ -1910,7 +1910,7 @@ class PartParameterCreate(AjaxCreateView):
 class PartParameterEdit(AjaxUpdateView):
     """ View for editing a PartParameter """
 
-    permission_required = 'part.change_partparameter'
+    role_required = 'part.change'
 
     model = PartParameter
     form_class = part_forms.EditPartParameterForm
@@ -1926,7 +1926,7 @@ class PartParameterEdit(AjaxUpdateView):
 class PartParameterDelete(AjaxDeleteView):
     """ View for deleting a PartParameter """
 
-    permission_required = 'part.delete_partparameter'
+    role_required = 'part.delete'
 
     model = PartParameter
     ajax_template_name = 'part/param_delete.html'
@@ -1991,7 +1991,7 @@ class CategoryEdit(AjaxUpdateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Edit Part Category')
 
-    permission_required = 'part.change_partcategory'
+    role_required = 'part.change'
 
     def get_context_data(self, **kwargs):
         context = super(CategoryEdit, self).get_context_data(**kwargs).copy()
@@ -2030,7 +2030,7 @@ class CategoryDelete(AjaxDeleteView):
     context_object_name = 'category'
     success_url = '/part/'
 
-    permission_required = 'part.delete_partcategory'
+    role_required = 'part.delete'
 
     def get_data(self):
         return {
@@ -2046,7 +2046,7 @@ class CategoryCreate(AjaxCreateView):
     ajax_template_name = 'modal_form.html'
     form_class = part_forms.EditCategoryForm
 
-    permission_required = 'part.add_partcategory'
+    role_required = 'part.add'
 
     def get_context_data(self, **kwargs):
         """ Add extra context data to template.
@@ -2099,7 +2099,7 @@ class BomItemCreate(AjaxCreateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Create BOM item')
 
-    permission_required = 'part.add_bomitem'
+    role_required = 'part.add'
 
     def get_form(self):
         """ Override get_form() method to reduce Part selection options.
@@ -2167,7 +2167,7 @@ class BomItemEdit(AjaxUpdateView):
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Edit BOM item')
 
-    permission_required = 'part.change_bomitem'
+    role_required = 'part.change'
 
     def get_form(self):
         """ Override get_form() method to filter part selection options
@@ -2217,7 +2217,7 @@ class BomItemDelete(AjaxDeleteView):
     context_object_name = 'item'
     ajax_form_title = _('Confim BOM item deletion')
 
-    permission_required = 'part.delete_bomitem'
+    role_required = 'part.delete'
 
 
 class PartSalePriceBreakCreate(AjaxCreateView):
@@ -2227,7 +2227,7 @@ class PartSalePriceBreakCreate(AjaxCreateView):
     form_class = part_forms.EditPartSalePriceBreakForm
     ajax_form_title = _('Add Price Break')
 
-    permission_required = 'part.add_partsellpricebreak'
+    role_required = 'part.add'
     
     def get_data(self):
         return {
@@ -2278,7 +2278,7 @@ class PartSalePriceBreakEdit(AjaxUpdateView):
     form_class = part_forms.EditPartSalePriceBreakForm
     ajax_form_title = _('Edit Price Break')
 
-    permission_required = 'part.change_partsellpricebreak'
+    role_required = 'part.change'
 
     def get_form(self):
 
@@ -2295,4 +2295,4 @@ class PartSalePriceBreakDelete(AjaxDeleteView):
     ajax_form_title = _("Delete Price Break")
     ajax_template_name = "modal_delete_form.html"
 
-    permission_required = 'part.delete_partsalepricebreak'
+    role_required = 'part.delete'

From d691b15f4b0a42f2356c6c1563c96a862e7c8a75 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 12:34:30 +1100
Subject: [PATCH 18/26] Fix conflicts

---
 InvenTree/users/models.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index 24b0318695..773dec36f7 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -328,7 +328,12 @@ def create_missing_rule_sets(sender, instance, **kwargs):
     group permissions.
     """
 
-    update_group_roles(instance)
+    created = kwargs.get('created', False)
+    # To trigger the group permissions update: update_fields should not be None
+    update_fields = kwargs.get('update_fields', None)
+
+    if created or update_fields:
+        update_group_roles(instance)
 
 
 def check_user_role(user, role, permission):

From b3e4efd96e79cfe1562d249bbd17502c08e12deb Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 16:03:19 +1100
Subject: [PATCH 19/26] Unit testing fixes

---
 InvenTree/part/test_api.py   | 35 ++++++++++++++---------------------
 InvenTree/part/test_views.py | 31 +++++++++++--------------------
 InvenTree/users/models.py    | 11 +++++------
 3 files changed, 30 insertions(+), 47 deletions(-)

diff --git a/InvenTree/part/test_api.py b/InvenTree/part/test_api.py
index 9fdc2688cb..328ad3ef9e 100644
--- a/InvenTree/part/test_api.py
+++ b/InvenTree/part/test_api.py
@@ -3,13 +3,13 @@ from rest_framework import status
 
 from django.urls import reverse
 from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group
 
 from part.models import Part
 from stock.models import StockItem
 from company.models import Company
 
 from InvenTree.status_codes import StockStatus
-from InvenTree.helpers import addUserPermissions
 
 
 class PartAPITest(APITestCase):
@@ -36,27 +36,20 @@ class PartAPITest(APITestCase):
             password='password'
         )
 
-        # Add the permissions required to access the API endpoints
-        perms = [
-            'view_part',
-            'add_part',
-            'change_part',
-            'delete_part',
-            'view_partcategory',
-            'add_partcategory',
-            'change_partcategory',
-            'view_bomitem',
-            'add_bomitem',
-            'change_bomitem',
-            'view_partattachment',
-            'change_partattachment',
-            'add_partattachment',
-            'view_parttesttemplate',
-            'add_parttesttemplate',
-            'change_parttesttemplate',
-        ]
+        # Put the user into a group with the correct permissions
+        group = Group.objects.create(name='mygroup')
+        self.user.groups.add(group)
 
-        addUserPermissions(self.user, perms)
+        # Give the group *all* the permissions!
+        for rule in group.rule_sets.all():
+            rule.can_view = True
+            rule.can_change = True
+            rule.can_add = True
+            rule.can_delete = True
+
+            rule.save()
+
+        group.save()
 
         self.client.login(username='testuser', password='password')
 
diff --git a/InvenTree/part/test_views.py b/InvenTree/part/test_views.py
index b1ae991a0c..d8c345d243 100644
--- a/InvenTree/part/test_views.py
+++ b/InvenTree/part/test_views.py
@@ -3,8 +3,7 @@
 from django.test import TestCase
 from django.urls import reverse
 from django.contrib.auth import get_user_model
-
-from InvenTree.helpers import addUserPermissions
+from django.contrib.auth.models import Group
 
 from .models import Part
 
@@ -31,26 +30,18 @@ class PartViewTestCase(TestCase):
             password='password'
         )
 
-        # Add the permissions required to access the pages
-        perms = [
-            'view_part',
-            'add_part',
-            'change_part',
-            'delete_part',
-            'view_partcategory',
-            'add_partcategory',
-            'change_partcategory',
-            'view_bomitem',
-            'add_bomitem',
-            'change_bomitem',
-            'view_partattachment',
-            'change_partattachment',
-            'add_partattachment',
-        ]
+        # Put the user into a group with the correct permissions
+        group = Group.objects.create(name='mygroup')
+        self.user.groups.add(group)
 
-        addUserPermissions(self.user, perms)
+        # Give the group *all* the permissions!
+        for rule in group.rule_sets.all():
+            rule.can_view = True
+            rule.can_change = True
+            rule.can_add = True
+            rule.can_delete = True
 
-        self.user.save()
+            rule.save()
 
         self.client.login(username='username', password='password')
 
diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index 773dec36f7..050bbe2ef9 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -171,6 +171,10 @@ class RuleSet(models.Model):
 
         super().save(*args, **kwargs)
 
+        if self.group:
+            # Update the group too!
+            self.group.save()
+
     def get_models(self):
         """
         Return the database tables / models that this ruleset covers.
@@ -328,12 +332,7 @@ def create_missing_rule_sets(sender, instance, **kwargs):
     group permissions.
     """
 
-    created = kwargs.get('created', False)
-    # To trigger the group permissions update: update_fields should not be None
-    update_fields = kwargs.get('update_fields', None)
-
-    if created or update_fields:
-        update_group_roles(instance)
+    update_group_roles(instance)
 
 
 def check_user_role(user, role, permission):

From 88f73443ee6922980356adc15e28aa6df55875b4 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 16:43:39 +1100
Subject: [PATCH 20/26] Yet more style fixes

---
 InvenTree/users/models.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index 6513e979aa..fcf137bb01 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -338,9 +338,6 @@ def create_missing_rule_sets(sender, instance, **kwargs):
     then we can now use these RuleSet values to update the
     group permissions.
     """
-    created = kwargs.get('created', False)
-    # To trigger the group permissions update: update_fields should not be None
-    update_fields = kwargs.get('update_fields', None)
 
     update_group_roles(instance)
 

From ab454e5ba4fdac8567ef2f7656fb60120f20a205 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 16:46:13 +1100
Subject: [PATCH 21/26] More template changes: perms -> roles

---
 InvenTree/build/templates/build/build_base.html       | 2 +-
 InvenTree/company/templates/company/company_base.html | 2 +-
 InvenTree/order/templates/order/order_base.html       | 2 +-
 InvenTree/order/templates/order/sales_order_base.html | 2 +-
 InvenTree/part/templates/part/part_base.html          | 4 ++--
 InvenTree/part/templates/part/tabs.html               | 4 ++--
 InvenTree/stock/templates/stock/item_base.html        | 2 +-
 InvenTree/stock/templates/stock/location.html         | 2 +-
 InvenTree/templates/slide.html                        | 2 +-
 9 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/InvenTree/build/templates/build/build_base.html b/InvenTree/build/templates/build/build_base.html
index 915433b055..ed3da576d5 100644
--- a/InvenTree/build/templates/build/build_base.html
+++ b/InvenTree/build/templates/build/build_base.html
@@ -35,7 +35,7 @@ src="{% static 'img/blank_image.png' %}"
 <hr>
 <h4>
     {{ build.quantity }} x {{ build.part.full_name }}
-    {% if user.is_staff and perms.build.change_build %}
+    {% if user.is_staff and roles.build.change %}
     <a  href="{% url 'admin:build_build_change' build.pk %}"><span title="{% trans 'Admin view' %}" class='fas fa-user-shield'></span></a>
 {% endif %}
 </h4>
diff --git a/InvenTree/company/templates/company/company_base.html b/InvenTree/company/templates/company/company_base.html
index 73ebecf979..f20107277d 100644
--- a/InvenTree/company/templates/company/company_base.html
+++ b/InvenTree/company/templates/company/company_base.html
@@ -23,7 +23,7 @@ InvenTree | {% trans "Company" %} - {{ company.name }}
 <hr>
 <h4>
     {{ company.name }}
-    {% if user.is_staff and perms.company.change_company %}
+    {% if user.is_staff and roles.company.change %}
     <a  href="{% url 'admin:company_company_change' company.pk %}"><span title="{% trans 'Admin view' %}" class='fas fa-user-shield'></span></a>
     {% endif %}
 </h4>
diff --git a/InvenTree/order/templates/order/order_base.html b/InvenTree/order/templates/order/order_base.html
index 036021b12d..71e3455722 100644
--- a/InvenTree/order/templates/order/order_base.html
+++ b/InvenTree/order/templates/order/order_base.html
@@ -24,7 +24,7 @@ src="{% static 'img/blank_image.png' %}"
 <hr>
 <h4>
     {{ order }}
-    {% if user.is_staff and perms.order.change_purchaseorder %}
+    {% if user.is_staff and roles.purchase_order.change %}
     <a href="{% url 'admin:order_purchaseorder_change' order.pk %}"><span title='{% trans "Admin view" %}' class='fas fa-user-shield'></span></a>
     {% endif %}
 </h4>
diff --git a/InvenTree/order/templates/order/sales_order_base.html b/InvenTree/order/templates/order/sales_order_base.html
index 70505ddccc..0572104e09 100644
--- a/InvenTree/order/templates/order/sales_order_base.html
+++ b/InvenTree/order/templates/order/sales_order_base.html
@@ -34,7 +34,7 @@ src="{% static 'img/blank_image.png' %}"
 <hr>
 <h4>
     {{ order }}
-    {% if user.is_staff and perms.order.change_salesorder %}
+    {% if user.is_staff and roles.sales_order.change %}
     <a href="{% url 'admin:order_salesorder_change' order.pk %}"><span title='{% trans "Admin view" %}' class='fas fa-user-shield'></span></a>
     {% endif %}
 </h4>
diff --git a/InvenTree/part/templates/part/part_base.html b/InvenTree/part/templates/part/part_base.html
index 750f3f3806..d7604deae4 100644
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@@ -28,7 +28,7 @@
     <div class="media-body">
         <h3>
             {{ part.full_name }}
-            {% if user.is_staff and perms.part.change_part %}
+            {% if user.is_staff and roles.part.change %}
             <a  href="{% url 'admin:part_part_change' part.pk %}"><span title="{% trans 'Admin view' %}" class='fas fa-user-shield'></span></a>
             {% endif %}
             {% if not part.active %}
@@ -315,7 +315,7 @@
     });
     {% endif %}
 
-    {% if not part.active and perms.part.delete_part %}
+    {% if not part.active and roles.part.delete %}
     $("#part-delete").click(function() {
         launchModalForm(
             "{% url 'part-delete' part.id %}",
diff --git a/InvenTree/part/templates/part/tabs.html b/InvenTree/part/templates/part/tabs.html
index e36675eeab..8322a225bc 100644
--- a/InvenTree/part/templates/part/tabs.html
+++ b/InvenTree/part/templates/part/tabs.html
@@ -36,7 +36,7 @@
     <li{% ifequal tab 'used' %} class="active"{% endifequal %}>
         <a href="{% url 'part-used-in' part.id %}">{% trans "Used In" %} {% if part.used_in_count > 0 %}<span class="badge">{{ part.used_in_count }}</span>{% endif %}</a></li>
     {% endif %}
-    {% if part.purchaseable and perms.order.view_purchaseorder %}
+    {% if part.purchaseable and roles.purchase_order.view %}
     {% if part.is_template == False %}
     <li{% ifequal tab 'suppliers' %} class="active"{% endifequal %}>
         <a href="{% url 'part-suppliers' part.id %}">{% trans "Suppliers" %}
@@ -48,7 +48,7 @@
         <a href="{% url 'part-orders' part.id %}">{% trans "Purchase Orders" %} <span class='badge'>{{ part.purchase_orders|length }}</span></a>
     </li>
     {% endif %}
-    {% if part.salable and perms.order.view_salesorder %}
+    {% if part.salable and roles.sales_order.view %}
     <li {% if tab == 'sales-prices' %}class='active'{% endif %}>
         <a href="{% url 'part-sale-prices' part.id %}">{% trans "Sale Price" %}</a>
     </li>
diff --git a/InvenTree/stock/templates/stock/item_base.html b/InvenTree/stock/templates/stock/item_base.html
index b3fb9af743..928aa6b7a1 100644
--- a/InvenTree/stock/templates/stock/item_base.html
+++ b/InvenTree/stock/templates/stock/item_base.html
@@ -65,7 +65,7 @@ InvenTree | {% trans "Stock Item" %} - {{ item }}
 {% else %}
     <a href='{% url "part-detail" item.part.pk %}'>{{ item.part.full_name }}</a> &times {% decimal item.quantity %}
 {% endif %}
-{% if user.is_staff and perms.stock.change_stockitem %}
+{% if user.is_staff and roles.stock.change %}
     <a  href="{% url 'admin:stock_stockitem_change' item.pk %}"><span title="{% trans 'Admin view' %}" class='fas fa-user-shield'></span></a>
 {% endif %}
 </h4>
diff --git a/InvenTree/stock/templates/stock/location.html b/InvenTree/stock/templates/stock/location.html
index 2f319f4925..d411891078 100644
--- a/InvenTree/stock/templates/stock/location.html
+++ b/InvenTree/stock/templates/stock/location.html
@@ -8,7 +8,7 @@
     {% if location %}
     <h3>
         {{ location.name }}
-        {% if user.is_staff and perms.stock.change_stocklocation %}
+        {% if user.is_staff and roles.stock.change %}
         <a  href="{% url 'admin:stock_stocklocation_change' location.pk %}"><span title="{% trans 'Admin view' %}" class='fas fa-user-shield'></span></a>
         {% endif %}
     </h3>
diff --git a/InvenTree/templates/slide.html b/InvenTree/templates/slide.html
index 45535786c9..edd39e75a2 100644
--- a/InvenTree/templates/slide.html
+++ b/InvenTree/templates/slide.html
@@ -1,3 +1,3 @@
 <div>
-    <input fieldname='{{ field }}' class='slidey' type="checkbox" data-offstyle='warning' data-onstyle="success" data-size='small' data-toggle="toggle" {% if disabled or not perms.part.change_part %}disabled {% endif %}{% if state %}checked=""{% endif %} autocomplete="off">
+    <input fieldname='{{ field }}' class='slidey' type="checkbox" data-offstyle='warning' data-onstyle="success" data-size='small' data-toggle="toggle" {% if disabled or not roles.part.change %}disabled {% endif %}{% if state %}checked=""{% endif %} autocomplete="off">
 </div>
\ No newline at end of file

From 1c97aaf87a4474df73198b2b6d46f702ff802b66 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 19:46:53 +1100
Subject: [PATCH 22/26] Set permissions for order views

---
 InvenTree/InvenTree/views.py                  |  8 ++-
 .../templates/order/sales_order_base.html     |  2 +-
 InvenTree/order/views.py                      | 53 ++++++++++++++++---
 InvenTree/users/models.py                     |  4 ++
 4 files changed, 58 insertions(+), 9 deletions(-)

diff --git a/InvenTree/InvenTree/views.py b/InvenTree/InvenTree/views.py
index 198903db9a..bb7c1e6f5d 100644
--- a/InvenTree/InvenTree/views.py
+++ b/InvenTree/InvenTree/views.py
@@ -22,7 +22,7 @@ from django.views.generic.base import TemplateView
 from part.models import Part, PartCategory
 from stock.models import StockLocation, StockItem
 from common.models import InvenTreeSetting, ColorTheme
-from users.models import check_user_role
+from users.models import check_user_role, RuleSet
 
 from .forms import DeleteForm, EditUserForm, SetPasswordForm, ColorThemeSelectForm
 from .helpers import str2bool
@@ -147,7 +147,13 @@ class InvenTreeRoleMixin(PermissionRequiredMixin):
         for required in roles_required:
 
             (role, permission) = required.split('.')
+
+            if role not in RuleSet.RULESET_NAMES:
+                raise ValueError(f"Role '{role}' is not a valid role")
             
+            if permission not in RuleSet.RULESET_PERMISSIONS:
+                raise ValueError(f"Permission '{permission}' is not a valid permission")
+
             # Return False if the user does not have *any* of the required roles
             if not check_user_role(user, role, permission):
                 return False
diff --git a/InvenTree/order/templates/order/sales_order_base.html b/InvenTree/order/templates/order/sales_order_base.html
index 0572104e09..52856cadbd 100644
--- a/InvenTree/order/templates/order/sales_order_base.html
+++ b/InvenTree/order/templates/order/sales_order_base.html
@@ -44,7 +44,7 @@ src="{% static 'img/blank_image.png' %}"
         <button type='button' class='btn btn-default' id='edit-order' title='Edit order information'>
             <span class='fas fa-edit icon-green'></span>
         </button>
-        <button type='button' class='btn btn-default' id='packing-list' title='{% trans "Packing List" %}'>
+        <button type='button' disabled='' class='btn btn-default' id='packing-list' title='{% trans "Packing List" %}'>
             <span class='fas fa-clipboard-list'></span>
         </button>
         {% if order.status == SalesOrderStatus.PENDING %}
diff --git a/InvenTree/order/views.py b/InvenTree/order/views.py
index 5d140fb77c..28b8416b65 100644
--- a/InvenTree/order/views.py
+++ b/InvenTree/order/views.py
@@ -28,19 +28,22 @@ from . import forms as order_forms
 
 from InvenTree.views import AjaxView, AjaxCreateView, AjaxUpdateView, AjaxDeleteView
 from InvenTree.helpers import DownloadFile, str2bool
+from InvenTree.views import InvenTreeRoleMixin
 
 from InvenTree.status_codes import PurchaseOrderStatus, SalesOrderStatus, StockStatus
 
 logger = logging.getLogger(__name__)
 
 
-class PurchaseOrderIndex(ListView):
+class PurchaseOrderIndex(InvenTreeRoleMixin, ListView):
     """ List view for all purchase orders """
 
     model = PurchaseOrder
     template_name = 'order/purchase_orders.html'
     context_object_name = 'orders'
 
+    role_required = 'purchase_order.view'
+
     def get_queryset(self):
         """ Retrieve the list of purchase orders,
         ensure that the most recent ones are returned first. """
@@ -55,19 +58,21 @@ class PurchaseOrderIndex(ListView):
         return ctx
 
 
-class SalesOrderIndex(ListView):
+class SalesOrderIndex(InvenTreeRoleMixin, ListView):
 
     model = SalesOrder
     template_name = 'order/sales_orders.html'
     context_object_name = 'orders'
+    role_required = 'sales_order.view'
 
 
-class PurchaseOrderDetail(DetailView):
+class PurchaseOrderDetail(InvenTreeRoleMixin, DetailView):
     """ Detail view for a PurchaseOrder object """
 
     context_object_name = 'order'
     queryset = PurchaseOrder.objects.all().prefetch_related('lines')
     template_name = 'order/purchase_order_detail.html'
+    role_required = 'purchase_order.view'
 
     def get_context_data(self, **kwargs):
         ctx = super().get_context_data(**kwargs)
@@ -75,12 +80,13 @@ class PurchaseOrderDetail(DetailView):
         return ctx
 
 
-class SalesOrderDetail(DetailView):
+class SalesOrderDetail(InvenTreeRoleMixin, DetailView):
     """ Detail view for a SalesOrder object """
 
     context_object_name = 'order'
     queryset = SalesOrder.objects.all().prefetch_related('lines')
     template_name = 'order/sales_order_detail.html'
+    role_required = 'sales_order.view'
 
 
 class PurchaseOrderAttachmentCreate(AjaxCreateView):
@@ -92,6 +98,7 @@ class PurchaseOrderAttachmentCreate(AjaxCreateView):
     form_class = order_forms.EditPurchaseOrderAttachmentForm
     ajax_form_title = _("Add Purchase Order Attachment")
     ajax_template_name = "modal_form.html"
+    role_required = 'purchase_order.add'
 
     def post_save(self, **kwargs):
         self.object.user = self.request.user
@@ -139,6 +146,7 @@ class SalesOrderAttachmentCreate(AjaxCreateView):
     model = SalesOrderAttachment
     form_class = order_forms.EditSalesOrderAttachmentForm
     ajax_form_title = _('Add Sales Order Attachment')
+    role_required = 'sales_order.add'
 
     def post_save(self, **kwargs):
         self.object.user = self.request.user
@@ -174,6 +182,7 @@ class PurchaseOrderAttachmentEdit(AjaxUpdateView):
     model = PurchaseOrderAttachment
     form_class = order_forms.EditPurchaseOrderAttachmentForm
     ajax_form_title = _("Edit Attachment")
+    role_required = 'purchase_order.change'
 
     def get_data(self):
         return {
@@ -195,6 +204,7 @@ class SalesOrderAttachmentEdit(AjaxUpdateView):
     model = SalesOrderAttachment
     form_class = order_forms.EditSalesOrderAttachmentForm
     ajax_form_title = _("Edit Attachment")
+    role_required = 'sales_order.change'
 
     def get_data(self):
         return {
@@ -216,6 +226,7 @@ class PurchaseOrderAttachmentDelete(AjaxDeleteView):
     ajax_form_title = _("Delete Attachment")
     ajax_template_name = "order/delete_attachment.html"
     context_object_name = "attachment"
+    role_required = 'purchase_order.delete'
 
     def get_data(self):
         return {
@@ -230,6 +241,7 @@ class SalesOrderAttachmentDelete(AjaxDeleteView):
     ajax_form_title = _("Delete Attachment")
     ajax_template_name = "order/delete_attachment.html"
     context_object_name = "attachment"
+    role_required = 'sales_order.delete'
 
     def get_data(self):
         return {
@@ -237,12 +249,13 @@ class SalesOrderAttachmentDelete(AjaxDeleteView):
         }
 
 
-class PurchaseOrderNotes(UpdateView):
+class PurchaseOrderNotes(InvenTreeRoleMixin, UpdateView):
     """ View for updating the 'notes' field of a PurchaseOrder """
 
     context_object_name = 'order'
     template_name = 'order/order_notes.html'
     model = PurchaseOrder
+    role_required = 'purchase_order.change'
 
     fields = ['notes']
 
@@ -259,12 +272,13 @@ class PurchaseOrderNotes(UpdateView):
         return ctx
 
 
-class SalesOrderNotes(UpdateView):
+class SalesOrderNotes(InvenTreeRoleMixin, UpdateView):
     """ View for editing the 'notes' field of a SalesORder """
 
     context_object_name = 'order'
     template_name = 'order/sales_order_notes.html'
     model = SalesOrder
+    role_required = 'sales_order.view'
 
     fields = ['notes']
 
@@ -286,6 +300,7 @@ class PurchaseOrderCreate(AjaxCreateView):
     model = PurchaseOrder
     ajax_form_title = _("Create Purchase Order")
     form_class = order_forms.EditPurchaseOrderForm
+    role_required = 'purchase_order.add'
 
     def get_initial(self):
         initials = super().get_initial().copy()
@@ -317,6 +332,7 @@ class SalesOrderCreate(AjaxCreateView):
     model = SalesOrder
     ajax_form_title = _("Create Sales Order")
     form_class = order_forms.EditSalesOrderForm
+    role_required = 'sales_order.add'
 
     def get_initial(self):
         initials = super().get_initial().copy()
@@ -347,6 +363,7 @@ class PurchaseOrderEdit(AjaxUpdateView):
     model = PurchaseOrder
     ajax_form_title = _('Edit Purchase Order')
     form_class = order_forms.EditPurchaseOrderForm
+    role_required = 'purchase_order.change'
 
     def get_form(self):
 
@@ -367,6 +384,7 @@ class SalesOrderEdit(AjaxUpdateView):
     model = SalesOrder
     ajax_form_title = _('Edit Sales Order')
     form_class = order_forms.EditSalesOrderForm
+    role_required = 'sales_order.change'
 
     def get_form(self):
         form = super().get_form()
@@ -384,6 +402,7 @@ class PurchaseOrderCancel(AjaxUpdateView):
     ajax_form_title = _('Cancel Order')
     ajax_template_name = 'order/order_cancel.html'
     form_class = order_forms.CancelPurchaseOrderForm
+    role_required = 'purchase_order.change'
 
     def post(self, request, *args, **kwargs):
         """ Mark the PO as 'CANCELLED' """
@@ -417,6 +436,7 @@ class SalesOrderCancel(AjaxUpdateView):
     ajax_form_title = _("Cancel sales order")
     ajax_template_name = "order/sales_order_cancel.html"
     form_class = order_forms.CancelSalesOrderForm
+    role_required = 'sales_order.change'
 
     def post(self, request, *args, **kwargs):
 
@@ -451,6 +471,7 @@ class PurchaseOrderIssue(AjaxUpdateView):
     ajax_form_title = _('Issue Order')
     ajax_template_name = "order/order_issue.html"
     form_class = order_forms.IssuePurchaseOrderForm
+    role_required = 'purchase_order.change'
 
     def post(self, request, *args, **kwargs):
         """ Mark the purchase order as 'PLACED' """
@@ -486,6 +507,7 @@ class PurchaseOrderComplete(AjaxUpdateView):
     ajax_template_name = "order/order_complete.html"
     ajax_form_title = _("Complete Order")
     context_object_name = 'order'
+    role_required = 'purchase_order.change'
 
     def get_context_data(self):
 
@@ -520,6 +542,7 @@ class SalesOrderShip(AjaxUpdateView):
     context_object_name = 'order'
     ajax_template_name = 'order/sales_order_ship.html'
     ajax_form_title = _('Ship Order')
+    role_required = 'sales_order.change'
 
     def post(self, request, *args, **kwargs):
 
@@ -563,6 +586,7 @@ class PurchaseOrderExport(AjaxView):
     """
 
     model = PurchaseOrder
+    role_required = 'purchase_order.view'
 
     def get(self, request, *args, **kwargs):
 
@@ -594,6 +618,7 @@ class PurchaseOrderReceive(AjaxUpdateView):
     form_class = order_forms.ReceivePurchaseOrderForm
     ajax_form_title = _("Receive Parts")
     ajax_template_name = "order/receive_parts.html"
+    role_required = 'purchase_order.change'
 
     # Where the parts will be going (selected in POST request)
     destination = None
@@ -779,6 +804,11 @@ class OrderParts(AjaxView):
     ajax_form_title = _("Order Parts")
     ajax_template_name = 'order/order_wizard/select_parts.html'
 
+    role_required = [
+        'part.view',
+        'purchase_order.change',
+    ]
+
     # List of Parts we wish to order
     parts = []
     suppliers = []
@@ -1085,6 +1115,7 @@ class POLineItemCreate(AjaxCreateView):
     context_object_name = 'line'
     form_class = order_forms.EditPurchaseOrderLineItemForm
     ajax_form_title = _('Add Line Item')
+    role_required = 'purchase_order.add'
 
     def post(self, request, *arg, **kwargs):
 
@@ -1199,6 +1230,7 @@ class SOLineItemCreate(AjaxCreateView):
     context_order_name = 'line'
     form_class = order_forms.EditSalesOrderLineItemForm
     ajax_form_title = _('Add Line Item')
+    role_required = 'sales_order.add'
 
     def get_form(self, *args, **kwargs):
 
@@ -1250,6 +1282,7 @@ class SOLineItemEdit(AjaxUpdateView):
     model = SalesOrderLineItem
     form_class = order_forms.EditSalesOrderLineItemForm
     ajax_form_title = _('Edit Line Item')
+    role_required = 'sales_order.change'
 
     def get_form(self):
         form = super().get_form()
@@ -1268,6 +1301,7 @@ class POLineItemEdit(AjaxUpdateView):
     form_class = order_forms.EditPurchaseOrderLineItemForm
     ajax_template_name = 'modal_form.html'
     ajax_form_title = _('Edit Line Item')
+    role_required = 'purchase_order.change'
 
     def get_form(self):
         form = super().get_form()
@@ -1285,7 +1319,8 @@ class POLineItemDelete(AjaxDeleteView):
     model = PurchaseOrderLineItem
     ajax_form_title = _('Delete Line Item')
     ajax_template_name = 'order/po_lineitem_delete.html'
-    
+    role_required = 'purchase_order.delete'
+
     def get_data(self):
         return {
             'danger': _('Deleted line item'),
@@ -1297,6 +1332,7 @@ class SOLineItemDelete(AjaxDeleteView):
     model = SalesOrderLineItem
     ajax_form_title = _("Delete Line Item")
     ajax_template_name = "order/so_lineitem_delete.html"
+    role_required = 'sales_order.delete'
 
     def get_data(self):
         return {
@@ -1310,6 +1346,7 @@ class SalesOrderAllocationCreate(AjaxCreateView):
     model = SalesOrderAllocation
     form_class = order_forms.EditSalesOrderAllocationForm
     ajax_form_title = _('Allocate Stock to Order')
+    role_required = 'sales_order.add'
 
     def get_initial(self):
         initials = super().get_initial().copy()
@@ -1379,6 +1416,7 @@ class SalesOrderAllocationEdit(AjaxUpdateView):
     model = SalesOrderAllocation
     form_class = order_forms.EditSalesOrderAllocationForm
     ajax_form_title = _('Edit Allocation Quantity')
+    role_required = 'sales_order.change'
 
     def get_form(self):
         form = super().get_form()
@@ -1396,3 +1434,4 @@ class SalesOrderAllocationDelete(AjaxDeleteView):
     ajax_form_title = _("Remove allocation")
     context_object_name = 'allocation'
     ajax_template_name = "order/so_allocation_delete.html"
+    role_required = 'sales_order.delete'
diff --git a/InvenTree/users/models.py b/InvenTree/users/models.py
index fcf137bb01..d3c713d07d 100644
--- a/InvenTree/users/models.py
+++ b/InvenTree/users/models.py
@@ -36,6 +36,10 @@ class RuleSet(models.Model):
         choice[0] for choice in RULESET_CHOICES
     ]
 
+    RULESET_PERMISSIONS = [
+        'view', 'add', 'change', 'delete',
+    ]
+
     RULESET_MODELS = {
         'admin': [
             'auth_group',

From 9abb211cdf35331e5f525d9a70ec9cf3af794148 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 20:09:55 +1100
Subject: [PATCH 23/26] Update template permissions

---
 .../order/templates/order/order_base.html      | 18 ++++++++++--------
 .../order/templates/order/order_notes.html     |  2 ++
 .../order/templates/order/po_attachments.html  |  1 -
 .../templates/order/purchase_order_detail.html |  6 +++---
 .../order/templates/order/purchase_orders.html |  2 ++
 .../templates/order/sales_order_base.html      |  8 +++++---
 .../order/templates/order/sales_orders.html    |  2 ++
 7 files changed, 24 insertions(+), 15 deletions(-)

diff --git a/InvenTree/order/templates/order/order_base.html b/InvenTree/order/templates/order/order_base.html
index 71e3455722..3b199c1840 100644
--- a/InvenTree/order/templates/order/order_base.html
+++ b/InvenTree/order/templates/order/order_base.html
@@ -32,29 +32,31 @@ src="{% static 'img/blank_image.png' %}"
 <p>
     <div class='btn-row'>
         <div class='btn-group action-buttons'>
-            <button type='button' class='btn btn-default' id='edit-order' title='Edit order information'>
+            {% if roles.purchase_order.change %}
+            <button type='button' class='btn btn-default' id='edit-order' title='{% trans "Edit order information" %}'>
                 <span class='fas fa-edit icon-green'></span>
             </button>
-            <button type='button' class='btn btn-default' id='export-order' title='Export order to file'>
-                <span class='fas fa-file-download'></span>
-            </button>
             {% if order.status == PurchaseOrderStatus.PENDING and order.lines.count > 0 %}
-            <button type='button' class='btn btn-default' id='place-order' title='Place order'>
+            <button type='button' class='btn btn-default' id='place-order' title='{% trans "Place order" %}'>
                 <span class='fas fa-paper-plane icon-blue'></span>
             </button>
             {% elif order.status == PurchaseOrderStatus.PLACED %}
-            <button type='button' class='btn btn-default' id='receive-order' title='Receive items'>
+            <button type='button' class='btn btn-default' id='receive-order' title='{% trans "Receive items" %}'>
                 <span class='fas fa-clipboard-check'></span>
             </button>
-            <button type='button' class='btn btn-default' id='complete-order' title='Mark order as complete'>
+            <button type='button' class='btn btn-default' id='complete-order' title='{% trans "Mark order as complete" %}'>
                 <span class='fas fa-check-circle'></span>
             </button>
             {% endif %}
             {% if order.status == PurchaseOrderStatus.PENDING or order.status == PurchaseOrderStatus.PLACED %}
-            <button type='button' class='btn btn-default' id='cancel-order' title='Cancel order'>
+            <button type='button' class='btn btn-default' id='cancel-order' title='{% trans "Cancel order" %}'>
                 <span class='fas fa-times-circle icon-red'></span>
             </button>
             {% endif %}
+            {% endif %}
+            <button type='button' class='btn btn-default' id='export-order' title='{% trans "Export order to file" %}'>
+                <span class='fas fa-file-download'></span>
+            </button>
         </div>
     </div>
 </p>
diff --git a/InvenTree/order/templates/order/order_notes.html b/InvenTree/order/templates/order/order_notes.html
index 237098e10d..0b45a5da4b 100644
--- a/InvenTree/order/templates/order/order_notes.html
+++ b/InvenTree/order/templates/order/order_notes.html
@@ -28,9 +28,11 @@
     <div class='col-sm-6'>
         <h4>{% trans "Order Notes" %}</h4>
     </div>
+    {% if roles.purchase_order.change %}
     <div class='col-sm-6'>
         <button title='{% trans "Edit notes" %}' class='btn btn-default action-button float-right' id='edit-notes'><span class='fas fa-edit'></span></button>
     </div>
+    {% endif %}
 </div>
 <hr>
 <div class='panel panel-default'>
diff --git a/InvenTree/order/templates/order/po_attachments.html b/InvenTree/order/templates/order/po_attachments.html
index f5421e8760..d60d605771 100644
--- a/InvenTree/order/templates/order/po_attachments.html
+++ b/InvenTree/order/templates/order/po_attachments.html
@@ -14,7 +14,6 @@
 
 {% include "attachment_table.html" with attachments=order.attachments.all %}
 
-
 {% endblock %}
 
 {% block js_ready %}
diff --git a/InvenTree/order/templates/order/purchase_order_detail.html b/InvenTree/order/templates/order/purchase_order_detail.html
index 9b9eddb887..642ff96d4a 100644
--- a/InvenTree/order/templates/order/purchase_order_detail.html
+++ b/InvenTree/order/templates/order/purchase_order_detail.html
@@ -12,7 +12,7 @@
 <hr>
 
 <div id='order-toolbar-buttons' class='btn-group' style='float: right;'>
-    {% if order.status == PurchaseOrderStatus.PENDING %}
+    {% if order.status == PurchaseOrderStatus.PENDING and roles.purchase_order.change %}
     <button type='button' class='btn btn-default' id='new-po-line'>{% trans "Add Line Item" %}</button>
     {% endif %}
 </div>
@@ -209,12 +209,12 @@ $("#po-table").inventreeTable({
 
                 var pk = row.pk;
 
-                {% if order.status == PurchaseOrderStatus.PENDING %}
+                {% if order.status == PurchaseOrderStatus.PENDING and roles.purchase_order.delete %}
                 html += makeIconButton('fa-edit icon-blue', 'button-line-edit', pk, '{% trans "Edit line item" %}');
                 html += makeIconButton('fa-trash-alt icon-red', 'button-line-delete', pk, '{% trans "Delete line item" %}');
                 {% endif %}
 
-                {% if order.status == PurchaseOrderStatus.PLACED %}
+                {% if order.status == PurchaseOrderStatus.PLACED and roles.purchase_order.change %}
                 if (row.received < row.quantity) {
                     html += makeIconButton('fa-clipboard-check', 'button-line-receive', pk, '{% trans "Receive line item" %}');
                 }
diff --git a/InvenTree/order/templates/order/purchase_orders.html b/InvenTree/order/templates/order/purchase_orders.html
index 1019092151..d02af36ff5 100644
--- a/InvenTree/order/templates/order/purchase_orders.html
+++ b/InvenTree/order/templates/order/purchase_orders.html
@@ -14,7 +14,9 @@ InvenTree | {% trans "Purchase Orders" %}
 
 <div id='table-buttons'>
     <div class='button-toolbar container-fluid' style='float: right;'>
+        {% if roles.purchase_order.add %}
         <button class='btn btn-primary' type='button' id='po-create' title='{% trans "Create new purchase order" %}'>{% trans "New Purchase Order" %}</button>
+        {% endif %}
         <div class='filter-list' id='filter-list-purchaseorder'>
             <!-- An empty div in which the filter list will be constructed -->
         </div>
diff --git a/InvenTree/order/templates/order/sales_order_base.html b/InvenTree/order/templates/order/sales_order_base.html
index 52856cadbd..2eb13eaa64 100644
--- a/InvenTree/order/templates/order/sales_order_base.html
+++ b/InvenTree/order/templates/order/sales_order_base.html
@@ -41,12 +41,10 @@ src="{% static 'img/blank_image.png' %}"
 <p>{{ order.description }}</p>
 <div class='btn-row'>
     <div class='btn-group action-buttons'>
+        {% if roles.sales_order.change %}
         <button type='button' class='btn btn-default' id='edit-order' title='Edit order information'>
             <span class='fas fa-edit icon-green'></span>
         </button>
-        <button type='button' disabled='' class='btn btn-default' id='packing-list' title='{% trans "Packing List" %}'>
-            <span class='fas fa-clipboard-list'></span>
-        </button>
         {% if order.status == SalesOrderStatus.PENDING %}
         <button type='button' class='btn btn-default' id='ship-order' title='{% trans "Ship order" %}'>
             <span class='fas fa-paper-plane icon-blue'></span>
@@ -55,6 +53,10 @@ src="{% static 'img/blank_image.png' %}"
             <span class='fas fa-times-circle icon-red'></span>
         </button>
         {% endif %}
+        {% endif %}
+        <button type='button' disabled='' class='btn btn-default' id='packing-list' title='{% trans "Packing List" %}'>
+            <span class='fas fa-clipboard-list'></span>
+        </button>
     </div>
 </div>
 {% endblock %}
diff --git a/InvenTree/order/templates/order/sales_orders.html b/InvenTree/order/templates/order/sales_orders.html
index 4e29156773..dfe09d5d0d 100644
--- a/InvenTree/order/templates/order/sales_orders.html
+++ b/InvenTree/order/templates/order/sales_orders.html
@@ -14,7 +14,9 @@ InvenTree | {% trans "Sales Orders" %}
 
 <div id='table-buttons'>
     <div class='button-toolbar container-fluid' style='float: right;'>
+        {% if roles.sales_order.add %}
         <button class='btn btn-primary' type='button' id='so-create' title='{% trans "Create new sales order" %}'>{% trans "New Sales Order" %}</button>
+        {% endif %}
         <div class='filter-list' id='filter-list-salesorder'>
             <!-- An empty div in which the filter list will be constructed -->
         </div>

From 2325b1e4bad9a0fb21449992831337f2c7bc12c5 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 20:10:14 +1100
Subject: [PATCH 24/26] Unit test fixes

---
 InvenTree/order/test_views.py | 17 ++++++++++++++++-
 InvenTree/order/views.py      |  2 +-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/InvenTree/order/test_views.py b/InvenTree/order/test_views.py
index 932cac9060..246cc2dd48 100644
--- a/InvenTree/order/test_views.py
+++ b/InvenTree/order/test_views.py
@@ -6,6 +6,7 @@ from __future__ import unicode_literals
 from django.test import TestCase
 from django.urls import reverse
 from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group
 
 from InvenTree.status_codes import PurchaseOrderStatus
 
@@ -32,7 +33,21 @@ class OrderViewTestCase(TestCase):
 
         # Create a user
         User = get_user_model()
-        User.objects.create_user('username', 'user@email.com', 'password')
+        user = User.objects.create_user('username', 'user@email.com', 'password')
+
+        # Ensure that the user has the correct permissions!
+        g = Group.objects.create(name='orders')
+        user.groups.add(g)
+
+        for rule in g.rule_sets.all():
+            if rule.name in ['purchase_order', 'sales_order']:
+                rule.can_change = True
+                rule.can_add = True
+                rule.can_delete = True
+
+                rule.save()
+
+        g.save()
 
         self.client.login(username='username', password='password')
 
diff --git a/InvenTree/order/views.py b/InvenTree/order/views.py
index 28b8416b65..d2d02bb2c9 100644
--- a/InvenTree/order/views.py
+++ b/InvenTree/order/views.py
@@ -255,7 +255,7 @@ class PurchaseOrderNotes(InvenTreeRoleMixin, UpdateView):
     context_object_name = 'order'
     template_name = 'order/order_notes.html'
     model = PurchaseOrder
-    role_required = 'purchase_order.change'
+    role_required = 'purchase_order.view'
 
     fields = ['notes']
 

From b80e4302baffe5cc79aedca35aaf85cc5ef61eff Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 20:29:16 +1100
Subject: [PATCH 25/26] Update permissions for build app

---
 .../build/templates/build/build_base.html     | 12 ++---
 InvenTree/build/tests.py                      | 45 ++++++++++++++++++-
 InvenTree/build/views.py                      | 18 +++++++-
 3 files changed, 67 insertions(+), 8 deletions(-)

diff --git a/InvenTree/build/templates/build/build_base.html b/InvenTree/build/templates/build/build_base.html
index ed3da576d5..f076013def 100644
--- a/InvenTree/build/templates/build/build_base.html
+++ b/InvenTree/build/templates/build/build_base.html
@@ -41,19 +41,21 @@ src="{% static 'img/blank_image.png' %}"
 </h4>
 <div class='btn-row'>
     <div class='btn-group action-buttons'>
-        <button type='button' class='btn btn-default' id='build-edit' title='Edit Build'>
+        {% if roles.build.change %}
+        <button type='button' class='btn btn-default' id='build-edit' title='{% trans "Edit Build" %}'>
             <span class='fas fa-edit icon-green'/>
         </button>
         {% if build.is_active %}
-        <button type='button' class='btn btn-default' id='build-complete' title="Complete Build">
+        <button type='button' class='btn btn-default' id='build-complete' title='{% trans "Complete Build" %}'>
             <span class='fas fa-tools'/>
         </button>
-        <button type='button' class='btn btn-default btn-glyph' id='build-cancel' title='Cancel Build'>
+        <button type='button' class='btn btn-default btn-glyph' id='build-cancel' title='{% trans "Cancel Build" %}'>
             <span class='fas fa-times-circle icon-red'/>
         </button>
         {% endif %}
-        {% if build.status == BuildStatus.CANCELLED %}
-        <button type='button' class='btn btn-default btn-glyph' id='build-delete' title='Delete Build'>
+        {% endif %}
+        {% if build.status == BuildStatus.CANCELLED and roles.build.delete %}
+        <button type='button' class='btn btn-default btn-glyph' id='build-delete' title='{% trans "Delete Build" %}'>
             <span class='fas fa-trash-alt icon-red'/>
         </button>
         {% endif %}
diff --git a/InvenTree/build/tests.py b/InvenTree/build/tests.py
index 9b6d51c33a..92ca034a4a 100644
--- a/InvenTree/build/tests.py
+++ b/InvenTree/build/tests.py
@@ -4,6 +4,7 @@ from __future__ import unicode_literals
 from django.test import TestCase
 from django.urls import reverse
 from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group
 
 from rest_framework.test import APITestCase
 from rest_framework import status
@@ -30,6 +31,20 @@ class BuildTestSimple(TestCase):
         User.objects.create_user('testuser', 'test@testing.com', 'password')
 
         self.user = User.objects.get(username='testuser')
+
+        g = Group.objects.create(name='builders')
+        self.user.groups.add(g)
+
+        for rule in g.rule_sets.all():
+            if rule.name == 'build':
+                rule.can_change = True
+                rule.can_add = True
+                rule.can_delete = True
+
+                rule.save()
+
+        g.save()
+
         self.client.login(username='testuser', password='password')
 
     def test_build_objects(self):
@@ -94,7 +109,20 @@ class TestBuildAPI(APITestCase):
     def setUp(self):
         # Create a user for auth
         User = get_user_model()
-        User.objects.create_user('testuser', 'test@testing.com', 'password')
+        user = User.objects.create_user('testuser', 'test@testing.com', 'password')
+
+        g = Group.objects.create(name='builders')
+        user.groups.add(g)
+
+        for rule in g.rule_sets.all():
+            if rule.name == 'build':
+                rule.can_change = True
+                rule.can_add = True
+                rule.can_delete = True
+
+                rule.save()
+
+        g.save()
 
         self.client.login(username='testuser', password='password')
 
@@ -131,7 +159,20 @@ class TestBuildViews(TestCase):
 
         # Create a user
         User = get_user_model()
-        User.objects.create_user('username', 'user@email.com', 'password')
+        user = User.objects.create_user('username', 'user@email.com', 'password')
+
+        g = Group.objects.create(name='builders')
+        user.groups.add(g)
+
+        for rule in g.rule_sets.all():
+            if rule.name == 'build':
+                rule.can_change = True
+                rule.can_add = True
+                rule.can_delete = True
+
+                rule.save()
+
+        g.save()
 
         self.client.login(username='username', password='password')
 
diff --git a/InvenTree/build/views.py b/InvenTree/build/views.py
index 88dc66085f..b2b8b24502 100644
--- a/InvenTree/build/views.py
+++ b/InvenTree/build/views.py
@@ -17,16 +17,18 @@ from . import forms
 from stock.models import StockLocation, StockItem
 
 from InvenTree.views import AjaxUpdateView, AjaxCreateView, AjaxDeleteView
+from InvenTree.views import InvenTreeRoleMixin
 from InvenTree.helpers import str2bool, ExtractSerialNumbers
 from InvenTree.status_codes import BuildStatus
 
 
-class BuildIndex(ListView):
+class BuildIndex(InvenTreeRoleMixin, ListView):
     """ View for displaying list of Builds
     """
     model = Build
     template_name = 'build/index.html'
     context_object_name = 'builds'
+    role_required = 'build.view'
 
     def get_queryset(self):
         """ Return all Build objects (order by date, newest first) """
@@ -56,6 +58,7 @@ class BuildCancel(AjaxUpdateView):
     ajax_form_title = _('Cancel Build')
     context_object_name = 'build'
     form_class = forms.CancelBuildForm
+    role_required = 'build.change'
 
     def post(self, request, *args, **kwargs):
         """ Handle POST request. Mark the build status as CANCELLED """
@@ -94,6 +97,7 @@ class BuildAutoAllocate(AjaxUpdateView):
     context_object_name = 'build'
     ajax_form_title = _('Allocate Stock')
     ajax_template_name = 'build/auto_allocate.html'
+    role_required = 'build.change'
 
     def get_context_data(self, *args, **kwargs):
         """ Get the context data for form rendering. """
@@ -147,6 +151,7 @@ class BuildUnallocate(AjaxUpdateView):
     form_class = forms.ConfirmBuildForm
     ajax_form_title = _("Unallocate Stock")
     ajax_template_name = "build/unallocate.html"
+    form_required = 'build.change'
 
     def post(self, request, *args, **kwargs):
 
@@ -184,6 +189,7 @@ class BuildComplete(AjaxUpdateView):
     context_object_name = "build"
     ajax_form_title = _("Complete Build")
     ajax_template_name = "build/complete.html"
+    role_required = 'build.change'
 
     def get_form(self):
         """ Get the form object.
@@ -325,6 +331,7 @@ class BuildNotes(UpdateView):
     context_object_name = 'build'
     template_name = 'build/notes.html'
     model = Build
+    role_required = 'build.view'
 
     fields = ['notes']
 
@@ -342,9 +349,11 @@ class BuildNotes(UpdateView):
 
 class BuildDetail(DetailView):
     """ Detail view of a single Build object. """
+
     model = Build
     template_name = 'build/detail.html'
     context_object_name = 'build'
+    role_required = 'build.view'
 
     def get_context_data(self, **kwargs):
 
@@ -363,6 +372,7 @@ class BuildAllocate(DetailView):
     model = Build
     context_object_name = 'build'
     template_name = 'build/allocate.html'
+    role_required = ['build.change']
 
     def get_context_data(self, **kwargs):
         """ Provide extra context information for the Build allocation page """
@@ -392,6 +402,7 @@ class BuildCreate(AjaxCreateView):
     form_class = forms.EditBuildForm
     ajax_form_title = _('Start new Build')
     ajax_template_name = 'modal_form.html'
+    role_required = 'build.add'
 
     def get_initial(self):
         """ Get initial parameters for Build creation.
@@ -427,6 +438,7 @@ class BuildUpdate(AjaxUpdateView):
     context_object_name = 'build'
     ajax_form_title = _('Edit Build Details')
     ajax_template_name = 'modal_form.html'
+    role_required = 'build.change'
 
     def get_data(self):
         return {
@@ -440,6 +452,7 @@ class BuildDelete(AjaxDeleteView):
     model = Build
     ajax_template_name = 'build/delete_build.html'
     ajax_form_title = _('Delete Build')
+    role_required = 'build.delete'
 
 
 class BuildItemDelete(AjaxDeleteView):
@@ -451,6 +464,7 @@ class BuildItemDelete(AjaxDeleteView):
     ajax_template_name = 'build/delete_build_item.html'
     ajax_form_title = _('Unallocate Stock')
     context_object_name = 'item'
+    role_required = 'build.delete'
 
     def get_data(self):
         return {
@@ -465,6 +479,7 @@ class BuildItemCreate(AjaxCreateView):
     form_class = forms.EditBuildItemForm
     ajax_template_name = 'build/create_build_item.html'
     ajax_form_title = _('Allocate new Part')
+    role_required = 'build.add'
 
     part = None
     available_stock = None
@@ -618,6 +633,7 @@ class BuildItemEdit(AjaxUpdateView):
     ajax_template_name = 'modal_form.html'
     form_class = forms.EditBuildItemForm
     ajax_form_title = _('Edit Stock Allocation')
+    role_required = 'build.change'
 
     def get_data(self):
         return {

From 8b37229e4b3b84c5e241f5e4418e2f1eaee3fc29 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 6 Oct 2020 20:31:38 +1100
Subject: [PATCH 26/26] The real translations are the ones we made along the
 way

---
 InvenTree/locale/de/LC_MESSAGES/django.po | 442 ++++++++++++----------
 InvenTree/locale/en/LC_MESSAGES/django.po | 416 ++++++++++----------
 InvenTree/locale/es/LC_MESSAGES/django.po | 416 ++++++++++----------
 3 files changed, 668 insertions(+), 606 deletions(-)

diff --git a/InvenTree/locale/de/LC_MESSAGES/django.po b/InvenTree/locale/de/LC_MESSAGES/django.po
index 7632fadc4c..7f955ffea2 100644
--- a/InvenTree/locale/de/LC_MESSAGES/django.po
+++ b/InvenTree/locale/de/LC_MESSAGES/django.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-10-05 13:20+0000\n"
+"POT-Creation-Date: 2020-10-06 09:31+0000\n"
 "PO-Revision-Date: 2020-05-03 11:32+0200\n"
 "Last-Translator: Christian Schlüter <chschlue@gmail.com>\n"
 "Language-Team: C <kde-i18n-doc@kde.org>\n"
@@ -17,11 +17,11 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 "X-Generator: Lokalize 19.12.0\n"
 
-#: InvenTree/api.py:83
+#: InvenTree/api.py:85
 msgid "No action specified"
 msgstr "Keine Aktion angegeben"
 
-#: InvenTree/api.py:97
+#: InvenTree/api.py:99
 msgid "No matching action found"
 msgstr "Keine passende Aktion gefunden"
 
@@ -49,35 +49,35 @@ msgstr ""
 msgid "Apply Theme"
 msgstr ""
 
-#: InvenTree/helpers.py:337 order/models.py:187 order/models.py:261
+#: InvenTree/helpers.py:339 order/models.py:187 order/models.py:261
 msgid "Invalid quantity provided"
 msgstr "Keine gültige Menge"
 
-#: InvenTree/helpers.py:340
+#: InvenTree/helpers.py:342
 msgid "Empty serial number string"
 msgstr "Keine Seriennummer angegeben"
 
-#: InvenTree/helpers.py:361
+#: InvenTree/helpers.py:363
 #, python-brace-format
 msgid "Duplicate serial: {n}"
 msgstr "Doppelte Seriennummer: {n}"
 
-#: InvenTree/helpers.py:365 InvenTree/helpers.py:368 InvenTree/helpers.py:371
+#: InvenTree/helpers.py:367 InvenTree/helpers.py:370 InvenTree/helpers.py:373
 #, python-brace-format
 msgid "Invalid group: {g}"
 msgstr "Ungültige Gruppe: {g}"
 
-#: InvenTree/helpers.py:376
+#: InvenTree/helpers.py:378
 #, fuzzy, python-brace-format
 #| msgid "Duplicate serial: {n}"
 msgid "Duplicate serial: {g}"
 msgstr "Doppelte Seriennummer: {n}"
 
-#: InvenTree/helpers.py:384
+#: InvenTree/helpers.py:386
 msgid "No serial numbers found"
 msgstr "Keine Seriennummern gefunden"
 
-#: InvenTree/helpers.py:388
+#: InvenTree/helpers.py:390
 #, python-brace-format
 msgid "Number of unique serial number ({s}) must match quantity ({q})"
 msgstr ""
@@ -107,19 +107,19 @@ msgstr "Name"
 msgid "Description (optional)"
 msgstr "Firmenbeschreibung"
 
-#: InvenTree/settings.py:343
+#: InvenTree/settings.py:348
 msgid "English"
 msgstr "Englisch"
 
-#: InvenTree/settings.py:344
+#: InvenTree/settings.py:349
 msgid "German"
 msgstr "Deutsch"
 
-#: InvenTree/settings.py:345
+#: InvenTree/settings.py:350
 msgid "French"
 msgstr "Französisch"
 
-#: InvenTree/settings.py:346
+#: InvenTree/settings.py:351
 msgid "Polish"
 msgstr "Polnisch"
 
@@ -152,7 +152,7 @@ msgid "Returned"
 msgstr "Zurückgegeben"
 
 #: InvenTree/status_codes.py:136
-#: order/templates/order/sales_order_base.html:103
+#: order/templates/order/sales_order_base.html:105
 msgid "Shipped"
 msgstr "Versendet"
 
@@ -207,7 +207,7 @@ msgstr "Überschuss darf 100% nicht überschreiten"
 msgid "Overage must be an integer value or a percentage"
 msgstr "Überschuss muss eine Ganzzahl oder ein Prozentwert sein"
 
-#: InvenTree/views.py:661
+#: InvenTree/views.py:703
 msgid "Database Statistics"
 msgstr "Datenbankstatistiken"
 
@@ -281,7 +281,7 @@ msgstr "Bau-Fertigstellung bestätigen"
 msgid "Build quantity must be integer value for trackable parts"
 msgstr "Überschuss muss eine Ganzzahl oder ein Prozentwert sein"
 
-#: build/models.py:73 build/templates/build/build_base.html:70
+#: build/models.py:73 build/templates/build/build_base.html:72
 msgid "Build Title"
 msgstr "Bau-Titel"
 
@@ -289,7 +289,7 @@ msgstr "Bau-Titel"
 msgid "Brief description of the build"
 msgstr "Kurze Beschreibung des Baus"
 
-#: build/models.py:84 build/templates/build/build_base.html:91
+#: build/models.py:84 build/templates/build/build_base.html:93
 msgid "Parent Build"
 msgstr "Eltern-Bau"
 
@@ -299,7 +299,7 @@ msgstr "Eltern-Bau, dem dieser Bau zugewiesen ist"
 
 #: build/models.py:90 build/templates/build/allocate.html:329
 #: build/templates/build/auto_allocate.html:19
-#: build/templates/build/build_base.html:75
+#: build/templates/build/build_base.html:77
 #: build/templates/build/detail.html:22 order/models.py:501
 #: order/templates/order/order_wizard/select_parts.html:30
 #: order/templates/order/purchase_order_detail.html:147
@@ -424,7 +424,7 @@ msgid "Stock quantity to allocate to build"
 msgstr "Lagerobjekt-Anzahl dem Bau zuweisen"
 
 #: build/templates/build/allocate.html:17
-#: company/templates/company/detail_part.html:18 order/views.py:779
+#: company/templates/company/detail_part.html:18 order/views.py:804
 #: part/templates/part/category.html:122
 msgid "Order Parts"
 msgstr "Teile bestellen"
@@ -458,7 +458,7 @@ msgstr "Seriennummer"
 
 #: build/templates/build/allocate.html:172
 #: build/templates/build/auto_allocate.html:20
-#: build/templates/build/build_base.html:80
+#: build/templates/build/build_base.html:82
 #: build/templates/build/detail.html:27
 #: company/templates/company/supplier_part_pricing.html:71
 #: order/templates/order/order_wizard/select_parts.html:32
@@ -598,11 +598,29 @@ msgstr "Dieser Bau ist Kind von Bau"
 msgid "Admin view"
 msgstr "Admin"
 
-#: build/templates/build/build_base.html:66 build/templates/build/detail.html:9
+#: build/templates/build/build_base.html:45
+#, fuzzy
+#| msgid "Edited build"
+msgid "Edit Build"
+msgstr "Bau bearbeitet"
+
+#: build/templates/build/build_base.html:49 build/views.py:190
+msgid "Complete Build"
+msgstr "Bau fertigstellen"
+
+#: build/templates/build/build_base.html:52 build/views.py:58
+msgid "Cancel Build"
+msgstr "Bau abbrechen"
+
+#: build/templates/build/build_base.html:58 build/views.py:454
+msgid "Delete Build"
+msgstr "Bau entfernt"
+
+#: build/templates/build/build_base.html:68 build/templates/build/detail.html:9
 msgid "Build Details"
 msgstr "Bau-Status"
 
-#: build/templates/build/build_base.html:85
+#: build/templates/build/build_base.html:87
 #: build/templates/build/detail.html:42
 #: order/templates/order/receive_parts.html:24
 #: stock/templates/stock/item_base.html:276 templates/InvenTree/search.html:175
@@ -612,7 +630,7 @@ msgstr "Bau-Status"
 msgid "Status"
 msgstr "Status"
 
-#: build/templates/build/build_base.html:98 order/models.py:499
+#: build/templates/build/build_base.html:100 order/models.py:499
 #: order/templates/order/sales_order_base.html:9
 #: order/templates/order/sales_order_base.html:33
 #: order/templates/order/sales_order_notes.html:10
@@ -622,15 +640,15 @@ msgstr "Status"
 msgid "Sales Order"
 msgstr "Bestellung"
 
-#: build/templates/build/build_base.html:104
+#: build/templates/build/build_base.html:106
 msgid "BOM Price"
 msgstr "Stücklistenpreis"
 
-#: build/templates/build/build_base.html:109
+#: build/templates/build/build_base.html:111
 msgid "BOM pricing is incomplete"
 msgstr "Stücklistenbepreisung ist unvollständig"
 
-#: build/templates/build/build_base.html:112
+#: build/templates/build/build_base.html:114
 msgid "No pricing information"
 msgstr "Keine Preisinformation"
 
@@ -694,8 +712,8 @@ msgid "Batch"
 msgstr "Los"
 
 #: build/templates/build/detail.html:61
-#: order/templates/order/order_base.html:98
-#: order/templates/order/sales_order_base.html:97 templates/js/build.html:71
+#: order/templates/order/order_base.html:100
+#: order/templates/order/sales_order_base.html:99 templates/js/build.html:71
 msgid "Created"
 msgstr "Erstellt"
 
@@ -737,7 +755,7 @@ msgid "Save"
 msgstr "Speichern"
 
 #: build/templates/build/notes.html:33 company/templates/company/notes.html:30
-#: order/templates/order/order_notes.html:32
+#: order/templates/order/order_notes.html:33
 #: order/templates/order/sales_order_notes.html:37
 #: part/templates/part/notes.html:33 stock/templates/stock/item_notes.html:33
 msgid "Edit notes"
@@ -757,100 +775,88 @@ msgid "Are you sure you wish to unallocate all stock for this build?"
 msgstr ""
 "Sind Sie sicher, dass sie alle Lagerobjekte von diesem Bau entfernen möchten?"
 
-#: build/views.py:56
-msgid "Cancel Build"
-msgstr "Bau abbrechen"
-
-#: build/views.py:74
+#: build/views.py:77
 msgid "Confirm build cancellation"
 msgstr "Bauabbruch bestätigen"
 
-#: build/views.py:79
+#: build/views.py:82
 msgid "Build was cancelled"
 msgstr "Bau wurde abgebrochen"
 
-#: build/views.py:95
+#: build/views.py:98
 msgid "Allocate Stock"
 msgstr "Lagerbestand zuweisen"
 
-#: build/views.py:108
+#: build/views.py:112
 msgid "No matching build found"
 msgstr "Kein passender Bau gefunden"
 
-#: build/views.py:127
+#: build/views.py:131
 msgid "Confirm stock allocation"
 msgstr "Lagerbestandszuordnung bestätigen"
 
-#: build/views.py:128
+#: build/views.py:132
 msgid "Check the confirmation box at the bottom of the list"
 msgstr "Bestätigunsbox am Ende der Liste bestätigen"
 
-#: build/views.py:148 build/views.py:452
+#: build/views.py:152 build/views.py:465
 msgid "Unallocate Stock"
 msgstr "Zuweisung aufheben"
 
-#: build/views.py:161
+#: build/views.py:166
 msgid "Confirm unallocation of build stock"
 msgstr "Zuweisungsaufhebung bestätigen"
 
-#: build/views.py:162 stock/views.py:405
+#: build/views.py:167 stock/views.py:405
 msgid "Check the confirmation box"
 msgstr "Bestätigungsbox bestätigen"
 
-#: build/views.py:185
-msgid "Complete Build"
-msgstr "Bau fertigstellen"
-
-#: build/views.py:264
+#: build/views.py:270
 msgid "Confirm completion of build"
 msgstr "Baufertigstellung bestätigen"
 
-#: build/views.py:271
+#: build/views.py:277
 msgid "Invalid location selected"
 msgstr "Ungültige Ortsauswahl"
 
-#: build/views.py:296 stock/views.py:1621
+#: build/views.py:302 stock/views.py:1621
 #, python-brace-format
 msgid "The following serial numbers already exist: ({sn})"
 msgstr "Die folgende Seriennummer existiert bereits: ({sn})"
 
-#: build/views.py:317
+#: build/views.py:323
 msgid "Build marked as COMPLETE"
 msgstr "Bau als FERTIG markiert"
 
-#: build/views.py:393
+#: build/views.py:403
 msgid "Start new Build"
 msgstr "Neuen Bau beginnen"
 
-#: build/views.py:418
+#: build/views.py:429
 msgid "Created new build"
 msgstr "Neuen Bau angelegt"
 
-#: build/views.py:428
+#: build/views.py:439
 msgid "Edit Build Details"
 msgstr "Baudetails bearbeiten"
 
-#: build/views.py:433
+#: build/views.py:445
 msgid "Edited build"
 msgstr "Bau bearbeitet"
 
-#: build/views.py:442
-msgid "Delete Build"
-msgstr "Bau entfernt"
-
-#: build/views.py:457
+#: build/views.py:471
 msgid "Removed parts from build allocation"
 msgstr "Teile von Bauzuordnung entfernt"
 
-#: build/views.py:467
+#: build/views.py:481
 msgid "Allocate new Part"
 msgstr "Neues Teil zuordnen"
 
-#: build/views.py:620
+#: build/views.py:635
 msgid "Edit Stock Allocation"
 msgstr "Teilzuordnung bearbeiten"
 
-#: build/views.py:624
+#: build/views.py:640
 msgid "Updated Build Item"
 msgstr "Bauobjekt aktualisiert"
 
@@ -1055,7 +1061,7 @@ msgstr "Hersteller"
 #: company/templates/company/detail.html:21
 #: company/templates/company/supplier_part_base.html:66
 #: company/templates/company/supplier_part_detail.html:21
-#: order/templates/order/order_base.html:79
+#: order/templates/order/order_base.html:81
 #: order/templates/order/order_wizard/select_pos.html:30 part/bom.py:170
 #: stock/templates/stock/item_base.html:251 templates/js/company.html:48
 #: templates/js/company.html:162 templates/js/order.html:146
@@ -1063,7 +1069,7 @@ msgid "Supplier"
 msgstr "Zulieferer"
 
 #: company/templates/company/detail.html:26
-#: order/templates/order/sales_order_base.html:78 stock/models.py:370
+#: order/templates/order/sales_order_base.html:80 stock/models.py:370
 #: stock/models.py:371 stock/templates/stock/item_base.html:169
 #: templates/js/company.html:40 templates/js/order.html:221
 msgid "Customer"
@@ -1169,12 +1175,12 @@ msgid "Purchase Orders"
 msgstr "Bestellungen"
 
 #: company/templates/company/purchase_orders.html:14
-#: order/templates/order/purchase_orders.html:17
+#: order/templates/order/purchase_orders.html:18
 msgid "Create new purchase order"
 msgstr "Neue Bestellung anlegen"
 
 #: company/templates/company/purchase_orders.html:14
-#: order/templates/order/purchase_orders.html:17
+#: order/templates/order/purchase_orders.html:18
 msgid "New Purchase Order"
 msgstr "Neue Bestellung"
 
@@ -1188,12 +1194,12 @@ msgid "Sales Orders"
 msgstr "Bestellungen"
 
 #: company/templates/company/sales_orders.html:14
-#: order/templates/order/sales_orders.html:17
+#: order/templates/order/sales_orders.html:18
 msgid "Create new sales order"
 msgstr "Neuen Auftrag anlegen"
 
 #: company/templates/company/sales_orders.html:14
-#: order/templates/order/sales_orders.html:17
+#: order/templates/order/sales_orders.html:18
 msgid "New Sales Order"
 msgstr "Neuer Auftrag"
 
@@ -1251,7 +1257,7 @@ msgid "Pricing Information"
 msgstr "Preisinformationen ansehen"
 
 #: company/templates/company/supplier_part_pricing.html:15 company/views.py:399
-#: part/templates/part/sale_prices.html:13 part/views.py:2226
+#: part/templates/part/sale_prices.html:13 part/views.py:2228
 msgid "Add Price Break"
 msgstr "Preisstaffel hinzufügen"
 
@@ -1382,17 +1388,17 @@ msgstr "Neues Zuliefererteil anlegen"
 msgid "Delete Supplier Part"
 msgstr "Zuliefererteil entfernen"
 
-#: company/views.py:404 part/views.py:2232
+#: company/views.py:404 part/views.py:2234
 #, fuzzy
 #| msgid "Add Price Break"
 msgid "Added new price break"
 msgstr "Preisstaffel hinzufügen"
 
-#: company/views.py:441 part/views.py:2277
+#: company/views.py:441 part/views.py:2279
 msgid "Edit Price Break"
 msgstr "Preisstaffel bearbeiten"
 
-#: company/views.py:456 part/views.py:2293
+#: company/views.py:456 part/views.py:2295
 msgid "Delete Price Break"
 msgstr "Preisstaffel löschen"
 
@@ -1424,20 +1430,20 @@ msgstr ""
 msgid "Enabled"
 msgstr ""
 
-#: order/forms.py:24
+#: order/forms.py:24 order/templates/order/order_base.html:40
 msgid "Place order"
 msgstr "Bestellung aufgeben"
 
-#: order/forms.py:35
+#: order/forms.py:35 order/templates/order/order_base.html:47
 msgid "Mark order as complete"
 msgstr "Bestellung als vollständig markieren"
 
-#: order/forms.py:46 order/forms.py:57
-#: order/templates/order/sales_order_base.html:54
+#: order/forms.py:46 order/forms.py:57 order/templates/order/order_base.html:52
+#: order/templates/order/sales_order_base.html:52
 msgid "Cancel order"
 msgstr "Bestellung stornieren"
 
-#: order/forms.py:68 order/templates/order/sales_order_base.html:51
+#: order/forms.py:68 order/templates/order/sales_order_base.html:49
 msgid "Ship order"
 msgstr "Bestellung versenden"
 
@@ -1497,7 +1503,7 @@ msgstr ""
 msgid "Date order was completed"
 msgstr "Bestellung als vollständig markieren"
 
-#: order/models.py:185 order/models.py:259 part/views.py:1343
+#: order/models.py:185 order/models.py:259 part/views.py:1345
 #: stock/models.py:241 stock/models.py:805
 msgid "Quantity must be greater than zero"
 msgstr "Anzahl muss größer Null sein"
@@ -1578,32 +1584,48 @@ msgstr "Zuordnungsanzahl eingeben"
 msgid "Are you sure you want to delete this attachment?"
 msgstr "Sind Sie sicher, dass Sie diesen Anhang löschen wollen?"
 
-#: order/templates/order/order_base.html:64
+#: order/templates/order/order_base.html:36
+#, fuzzy
+#| msgid "Edited company information"
+msgid "Edit order information"
+msgstr "Firmeninformation bearbeitet"
+
+#: order/templates/order/order_base.html:44
+#, fuzzy
+#| msgid "Receive line item"
+msgid "Receive items"
+msgstr "Position empfangen"
+
+#: order/templates/order/order_base.html:57
+msgid "Export order to file"
+msgstr ""
+
+#: order/templates/order/order_base.html:66
 msgid "Purchase Order Details"
 msgstr "Bestelldetails"
 
-#: order/templates/order/order_base.html:69
-#: order/templates/order/sales_order_base.html:68
+#: order/templates/order/order_base.html:71
+#: order/templates/order/sales_order_base.html:70
 msgid "Order Reference"
 msgstr "Bestellreferenz"
 
-#: order/templates/order/order_base.html:74
-#: order/templates/order/sales_order_base.html:73
+#: order/templates/order/order_base.html:76
+#: order/templates/order/sales_order_base.html:75
 msgid "Order Status"
 msgstr "Bestellstatus"
 
-#: order/templates/order/order_base.html:85 templates/js/order.html:153
+#: order/templates/order/order_base.html:87 templates/js/order.html:153
 msgid "Supplier Reference"
 msgstr "Zuliefererreferenz"
 
-#: order/templates/order/order_base.html:104
+#: order/templates/order/order_base.html:106
 msgid "Issued"
 msgstr "Aufgegeben"
 
-#: order/templates/order/order_base.html:111
+#: order/templates/order/order_base.html:113
 #: order/templates/order/purchase_order_detail.html:182
 #: order/templates/order/receive_parts.html:22
-#: order/templates/order/sales_order_base.html:110
+#: order/templates/order/sales_order_base.html:112
 msgid "Received"
 msgstr "Empfangen"
 
@@ -1672,8 +1694,8 @@ msgid "Attachments"
 msgstr "Anhänge"
 
 #: order/templates/order/purchase_order_detail.html:16
-#: order/templates/order/sales_order_detail.html:17 order/views.py:1087
-#: order/views.py:1201
+#: order/templates/order/sales_order_detail.html:17 order/views.py:1117
+#: order/views.py:1232
 msgid "Add Line Item"
 msgstr "Position hinzufügen"
 
@@ -1743,15 +1765,15 @@ msgstr ""
 msgid "This SalesOrder has not been fully allocated"
 msgstr "Dieser Auftrag ist nicht vollständig zugeordnet"
 
-#: order/templates/order/sales_order_base.html:47
+#: order/templates/order/sales_order_base.html:57
 msgid "Packing List"
 msgstr "Packliste"
 
-#: order/templates/order/sales_order_base.html:63
+#: order/templates/order/sales_order_base.html:65
 msgid "Sales Order Details"
 msgstr "Auftragsdetails"
 
-#: order/templates/order/sales_order_base.html:84 templates/js/order.html:228
+#: order/templates/order/sales_order_base.html:86 templates/js/order.html:228
 msgid "Customer Reference"
 msgstr "Kundenreferenz"
 
@@ -1819,147 +1841,147 @@ msgstr "Sind Sie sicher, dass Sie diese Position löschen möchten?"
 msgid "Order Items"
 msgstr "Bestellungspositionen"
 
-#: order/views.py:93
+#: order/views.py:99
 msgid "Add Purchase Order Attachment"
 msgstr "Bestellanhang hinzufügen"
 
-#: order/views.py:102 order/views.py:149 part/views.py:90 stock/views.py:167
+#: order/views.py:109 order/views.py:157 part/views.py:92 stock/views.py:167
 msgid "Added attachment"
 msgstr "Anhang hinzugefügt"
 
-#: order/views.py:141
+#: order/views.py:148
 msgid "Add Sales Order Attachment"
 msgstr "Auftragsanhang hinzufügen"
 
-#: order/views.py:176 order/views.py:197
+#: order/views.py:184 order/views.py:206
 msgid "Edit Attachment"
 msgstr "Anhang bearbeiten"
 
-#: order/views.py:180 order/views.py:201
+#: order/views.py:189 order/views.py:211
 msgid "Attachment updated"
 msgstr "Anhang aktualisiert"
 
-#: order/views.py:216 order/views.py:230
+#: order/views.py:226 order/views.py:241
 msgid "Delete Attachment"
 msgstr "Anhang löschen"
 
-#: order/views.py:222 order/views.py:236 stock/views.py:223
+#: order/views.py:233 order/views.py:248 stock/views.py:223
 msgid "Deleted attachment"
 msgstr "Anhang gelöscht"
 
-#: order/views.py:287
+#: order/views.py:301
 msgid "Create Purchase Order"
 msgstr "Bestellung anlegen"
 
-#: order/views.py:318
+#: order/views.py:333
 msgid "Create Sales Order"
 msgstr "Auftrag anlegen"
 
-#: order/views.py:348
+#: order/views.py:364
 msgid "Edit Purchase Order"
 msgstr "Bestellung bearbeiten"
 
-#: order/views.py:368
+#: order/views.py:385
 msgid "Edit Sales Order"
 msgstr "Auftrag bearbeiten"
 
-#: order/views.py:384
+#: order/views.py:402
 msgid "Cancel Order"
 msgstr "Bestellung stornieren"
 
-#: order/views.py:399 order/views.py:431
+#: order/views.py:418 order/views.py:451
 msgid "Confirm order cancellation"
 msgstr "Bestellstornierung bestätigen"
 
-#: order/views.py:417
+#: order/views.py:436
 msgid "Cancel sales order"
 msgstr "Auftrag stornieren"
 
-#: order/views.py:437
+#: order/views.py:457
 msgid "Could not cancel order"
 msgstr "Stornierung fehlgeschlagen"
 
-#: order/views.py:451
+#: order/views.py:471
 msgid "Issue Order"
 msgstr "Bestellung aufgeben"
 
-#: order/views.py:466
+#: order/views.py:487
 msgid "Confirm order placement"
 msgstr "Bestellungstätigung bestätigen"
 
-#: order/views.py:487
+#: order/views.py:508
 msgid "Complete Order"
 msgstr "Auftrag fertigstellen"
 
-#: order/views.py:522
+#: order/views.py:544
 msgid "Ship Order"
 msgstr "Versenden"
 
-#: order/views.py:538
+#: order/views.py:561
 msgid "Confirm order shipment"
 msgstr "Versand bestätigen"
 
-#: order/views.py:544
+#: order/views.py:567
 msgid "Could not ship order"
 msgstr "Versand fehlgeschlagen"
 
-#: order/views.py:595
+#: order/views.py:619
 msgid "Receive Parts"
 msgstr "Teile empfangen"
 
-#: order/views.py:662
+#: order/views.py:687
 msgid "Items received"
 msgstr "Anzahl empfangener Positionen"
 
-#: order/views.py:676
+#: order/views.py:701
 msgid "No destination set"
 msgstr "Kein Ziel gesetzt"
 
-#: order/views.py:721
+#: order/views.py:746
 msgid "Error converting quantity to number"
 msgstr "Fehler beim Konvertieren zu Zahl"
 
-#: order/views.py:727
+#: order/views.py:752
 msgid "Receive quantity less than zero"
 msgstr "Anzahl kleiner null empfangen"
 
-#: order/views.py:733
+#: order/views.py:758
 msgid "No lines specified"
 msgstr "Keine Zeilen angegeben"
 
-#: order/views.py:1107
+#: order/views.py:1138
 msgid "Invalid Purchase Order"
 msgstr "Ungültige Bestellung"
 
-#: order/views.py:1115
+#: order/views.py:1146
 msgid "Supplier must match for Part and Order"
 msgstr "Zulieferer muss zum Teil und zur Bestellung passen"
 
-#: order/views.py:1120
+#: order/views.py:1151
 msgid "Invalid SupplierPart selection"
 msgstr "Ungültige Wahl des Zulieferer-Teils"
 
-#: order/views.py:1252 order/views.py:1270
+#: order/views.py:1284 order/views.py:1303
 msgid "Edit Line Item"
 msgstr "Position bearbeiten"
 
-#: order/views.py:1286 order/views.py:1298
+#: order/views.py:1320 order/views.py:1333
 msgid "Delete Line Item"
 msgstr "Position löschen"
 
-#: order/views.py:1291 order/views.py:1303
+#: order/views.py:1326 order/views.py:1339
 msgid "Deleted line item"
 msgstr "Position gelöscht"
 
-#: order/views.py:1312
+#: order/views.py:1348
 msgid "Allocate Stock to Order"
 msgstr "Lagerbestand dem Auftrag zuweisen"
 
-#: order/views.py:1381
+#: order/views.py:1418
 msgid "Edit Allocation Quantity"
 msgstr "Zuordnung bearbeiten"
 
-#: order/views.py:1396
+#: order/views.py:1434
 msgid "Remove allocation"
 msgstr "Zuordnung entfernen"
 
@@ -2339,7 +2361,7 @@ msgstr "Notizen zum Stücklisten-Objekt"
 msgid "BOM line checksum"
 msgstr "Prüfsumme der Stückliste"
 
-#: part/models.py:1612 part/views.py:1349 part/views.py:1401
+#: part/models.py:1612 part/views.py:1351 part/views.py:1403
 #: stock/models.py:231
 #, fuzzy
 #| msgid "Overage must be an integer value or a percentage"
@@ -2410,7 +2432,7 @@ msgstr "Stückliste bearbeiten"
 msgid "Validate Bill of Materials"
 msgstr "Stückliste validieren"
 
-#: part/templates/part/bom.html:48 part/views.py:1640
+#: part/templates/part/bom.html:48 part/views.py:1642
 msgid "Export Bill of Materials"
 msgstr "Stückliste exportieren"
 
@@ -2526,7 +2548,7 @@ msgstr "Neuen Bau beginnen"
 msgid "All parts"
 msgstr "Alle Teile"
 
-#: part/templates/part/category.html:24 part/views.py:2043
+#: part/templates/part/category.html:24 part/views.py:2045
 msgid "Create new part category"
 msgstr "Teilkategorie anlegen"
 
@@ -2570,7 +2592,7 @@ msgstr "Teile (inklusive Unter-Kategorien)"
 msgid "Export Part Data"
 msgstr ""
 
-#: part/templates/part/category.html:114 part/views.py:511
+#: part/templates/part/category.html:114 part/views.py:513
 msgid "Create new part"
 msgstr "Neues Teil anlegen"
 
@@ -2815,7 +2837,7 @@ msgid "Edit"
 msgstr "Bearbeiten"
 
 #: part/templates/part/params.html:39 part/templates/part/supplier.html:17
-#: users/models.py:141
+#: users/models.py:145
 msgid "Delete"
 msgstr "Löschen"
 
@@ -3051,184 +3073,184 @@ msgstr "Neues Teil hinzufügen"
 msgid "New Variant"
 msgstr "Varianten"
 
-#: part/views.py:78
+#: part/views.py:80
 msgid "Add part attachment"
 msgstr "Teilanhang hinzufügen"
 
-#: part/views.py:129 templates/attachment_table.html:30
+#: part/views.py:131 templates/attachment_table.html:30
 msgid "Edit attachment"
 msgstr "Anhang bearbeiten"
 
-#: part/views.py:135
+#: part/views.py:137
 msgid "Part attachment updated"
 msgstr "Teilanhang aktualisiert"
 
-#: part/views.py:150
+#: part/views.py:152
 msgid "Delete Part Attachment"
 msgstr "Teilanhang löschen"
 
-#: part/views.py:158
+#: part/views.py:160
 msgid "Deleted part attachment"
 msgstr "Teilanhang gelöscht"
 
-#: part/views.py:167
+#: part/views.py:169
 #, fuzzy
 #| msgid "Create Part Parameter Template"
 msgid "Create Test Template"
 msgstr "Teilparametervorlage anlegen"
 
-#: part/views.py:196
+#: part/views.py:198
 #, fuzzy
 #| msgid "Edit Template"
 msgid "Edit Test Template"
 msgstr "Vorlage bearbeiten"
 
-#: part/views.py:212
+#: part/views.py:214
 #, fuzzy
 #| msgid "Delete Template"
 msgid "Delete Test Template"
 msgstr "Vorlage löschen"
 
-#: part/views.py:221
+#: part/views.py:223
 msgid "Set Part Category"
 msgstr "Teilkategorie auswählen"
 
-#: part/views.py:271
+#: part/views.py:273
 #, python-brace-format
 msgid "Set category for {n} parts"
 msgstr "Kategorie für {n} Teile setzen"
 
-#: part/views.py:306
+#: part/views.py:308
 msgid "Create Variant"
 msgstr "Variante anlegen"
 
-#: part/views.py:386
+#: part/views.py:388
 msgid "Duplicate Part"
 msgstr "Teil duplizieren"
 
-#: part/views.py:393
+#: part/views.py:395
 msgid "Copied part"
 msgstr "Teil kopiert"
 
-#: part/views.py:518
+#: part/views.py:520
 msgid "Created new part"
 msgstr "Neues Teil angelegt"
 
-#: part/views.py:733
+#: part/views.py:735
 msgid "Part QR Code"
 msgstr "Teil-QR-Code"
 
-#: part/views.py:752
+#: part/views.py:754
 msgid "Upload Part Image"
 msgstr "Teilbild hochladen"
 
-#: part/views.py:760 part/views.py:797
+#: part/views.py:762 part/views.py:799
 msgid "Updated part image"
 msgstr "Teilbild aktualisiert"
 
-#: part/views.py:769
+#: part/views.py:771
 msgid "Select Part Image"
 msgstr "Teilbild auswählen"
 
-#: part/views.py:800
+#: part/views.py:802
 msgid "Part image not found"
 msgstr "Teilbild nicht gefunden"
 
-#: part/views.py:811
+#: part/views.py:813
 msgid "Edit Part Properties"
 msgstr "Teileigenschaften bearbeiten"
 
-#: part/views.py:835
+#: part/views.py:837
 msgid "Validate BOM"
 msgstr "BOM validieren"
 
-#: part/views.py:1002
+#: part/views.py:1004
 msgid "No BOM file provided"
 msgstr "Keine Stückliste angegeben"
 
-#: part/views.py:1352
+#: part/views.py:1354
 msgid "Enter a valid quantity"
 msgstr "Bitte eine gültige Anzahl eingeben"
 
-#: part/views.py:1377 part/views.py:1380
+#: part/views.py:1379 part/views.py:1382
 msgid "Select valid part"
 msgstr "Bitte ein gültiges Teil auswählen"
 
-#: part/views.py:1386
+#: part/views.py:1388
 msgid "Duplicate part selected"
 msgstr "Teil doppelt ausgewählt"
 
-#: part/views.py:1424
+#: part/views.py:1426
 msgid "Select a part"
 msgstr "Teil auswählen"
 
-#: part/views.py:1430
+#: part/views.py:1432
 #, fuzzy
 #| msgid "Select part to be used in BOM"
 msgid "Selected part creates a circular BOM"
 msgstr "Teil für die Nutzung in der Stückliste auswählen"
 
-#: part/views.py:1434
+#: part/views.py:1436
 msgid "Specify quantity"
 msgstr "Anzahl angeben"
 
-#: part/views.py:1690
+#: part/views.py:1692
 msgid "Confirm Part Deletion"
 msgstr "Löschen des Teils bestätigen"
 
-#: part/views.py:1699
+#: part/views.py:1701
 msgid "Part was deleted"
 msgstr "Teil wurde gelöscht"
 
-#: part/views.py:1708
+#: part/views.py:1710
 msgid "Part Pricing"
 msgstr "Teilbepreisung"
 
-#: part/views.py:1834
+#: part/views.py:1836
 msgid "Create Part Parameter Template"
 msgstr "Teilparametervorlage anlegen"
 
-#: part/views.py:1844
+#: part/views.py:1846
 msgid "Edit Part Parameter Template"
 msgstr "Teilparametervorlage bearbeiten"
 
-#: part/views.py:1853
+#: part/views.py:1855
 msgid "Delete Part Parameter Template"
 msgstr "Teilparametervorlage löschen"
 
-#: part/views.py:1863
+#: part/views.py:1865
 msgid "Create Part Parameter"
 msgstr "Teilparameter anlegen"
 
-#: part/views.py:1915
+#: part/views.py:1917
 msgid "Edit Part Parameter"
 msgstr "Teilparameter bearbeiten"
 
-#: part/views.py:1931
+#: part/views.py:1933
 msgid "Delete Part Parameter"
 msgstr "Teilparameter löschen"
 
-#: part/views.py:1990
+#: part/views.py:1992
 msgid "Edit Part Category"
 msgstr "Teilkategorie bearbeiten"
 
-#: part/views.py:2027
+#: part/views.py:2029
 msgid "Delete Part Category"
 msgstr "Teilkategorie löschen"
 
-#: part/views.py:2035
+#: part/views.py:2037
 msgid "Part category was deleted"
 msgstr "Teilekategorie wurde gelöscht"
 
-#: part/views.py:2098
+#: part/views.py:2100
 msgid "Create BOM item"
 msgstr "BOM-Position anlegen"
 
-#: part/views.py:2166
+#: part/views.py:2168
 msgid "Edit BOM item"
 msgstr "BOM-Position beaarbeiten"
 
-#: part/views.py:2216
+#: part/views.py:2218
 msgid "Confim BOM item deletion"
 msgstr "Löschung von BOM-Position bestätigen"
 
@@ -5009,76 +5031,84 @@ msgstr "Position löschen"
 msgid "Delete Stock"
 msgstr "Bestand löschen"
 
-#: users/admin.py:62
+#: users/admin.py:61
 #, fuzzy
 #| msgid "User"
 msgid "Users"
 msgstr "Benutzer"
 
-#: users/admin.py:63
+#: users/admin.py:62
 msgid "Select which users are assigned to this group"
 msgstr ""
 
-#: users/admin.py:124
+#: users/admin.py:120
 #, fuzzy
 #| msgid "External Link"
 msgid "Personal info"
 msgstr "Externer Link"
 
-#: users/admin.py:125
+#: users/admin.py:121
 #, fuzzy
 #| msgid "Revision"
 msgid "Permissions"
 msgstr "Revision"
 
-#: users/admin.py:128
+#: users/admin.py:124
 #, fuzzy
 #| msgid "Import BOM data"
 msgid "Important dates"
 msgstr "Stückliste importieren"
 
-#: users/models.py:124
+#: users/models.py:128
 msgid "Permission set"
 msgstr ""
 
-#: users/models.py:132
+#: users/models.py:136
 msgid "Group"
 msgstr ""
 
-#: users/models.py:135
+#: users/models.py:139
 msgid "View"
 msgstr ""
 
-#: users/models.py:135
+#: users/models.py:139
 msgid "Permission to view items"
 msgstr ""
 
-#: users/models.py:137
-#, fuzzy
-#| msgid "Created"
-msgid "Create"
-msgstr "Erstellt"
-
-#: users/models.py:137
-msgid "Permission to add items"
-msgstr ""
-
-#: users/models.py:139
-#, fuzzy
-#| msgid "Last Updated"
-msgid "Update"
-msgstr "Zuletzt aktualisiert"
-
-#: users/models.py:139
-msgid "Permissions to edit items"
-msgstr ""
-
 #: users/models.py:141
 #, fuzzy
+#| msgid "Address"
+msgid "Add"
+msgstr "Adresse"
+
+#: users/models.py:141
+msgid "Permission to add items"
+msgstr ""
+
+#: users/models.py:143
+msgid "Change"
+msgstr ""
+
+#: users/models.py:143
+msgid "Permissions to edit items"
+msgstr ""
+
+#: users/models.py:145
+#, fuzzy
 #| msgid "Remove selected BOM items"
 msgid "Permission to delete items"
 msgstr "Ausgewählte Stücklistenpositionen entfernen"
 
+#, fuzzy
+#~| msgid "Created"
+#~ msgid "Create"
+#~ msgstr "Erstellt"
+
+#, fuzzy
+#~| msgid "Last Updated"
+#~ msgid "Update"
+#~ msgstr "Zuletzt aktualisiert"
+
 #~ msgid "Belongs To"
 #~ msgstr "Gehört zu"
 
diff --git a/InvenTree/locale/en/LC_MESSAGES/django.po b/InvenTree/locale/en/LC_MESSAGES/django.po
index 0f38022f92..74b435c791 100644
--- a/InvenTree/locale/en/LC_MESSAGES/django.po
+++ b/InvenTree/locale/en/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-10-05 13:20+0000\n"
+"POT-Creation-Date: 2020-10-06 09:31+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -18,11 +18,11 @@ msgstr ""
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 
-#: InvenTree/api.py:83
+#: InvenTree/api.py:85
 msgid "No action specified"
 msgstr ""
 
-#: InvenTree/api.py:97
+#: InvenTree/api.py:99
 msgid "No matching action found"
 msgstr ""
 
@@ -46,34 +46,34 @@ msgstr ""
 msgid "Apply Theme"
 msgstr ""
 
-#: InvenTree/helpers.py:337 order/models.py:187 order/models.py:261
+#: InvenTree/helpers.py:339 order/models.py:187 order/models.py:261
 msgid "Invalid quantity provided"
 msgstr ""
 
-#: InvenTree/helpers.py:340
+#: InvenTree/helpers.py:342
 msgid "Empty serial number string"
 msgstr ""
 
-#: InvenTree/helpers.py:361
+#: InvenTree/helpers.py:363
 #, python-brace-format
 msgid "Duplicate serial: {n}"
 msgstr ""
 
-#: InvenTree/helpers.py:365 InvenTree/helpers.py:368 InvenTree/helpers.py:371
+#: InvenTree/helpers.py:367 InvenTree/helpers.py:370 InvenTree/helpers.py:373
 #, python-brace-format
 msgid "Invalid group: {g}"
 msgstr ""
 
-#: InvenTree/helpers.py:376
+#: InvenTree/helpers.py:378
 #, python-brace-format
 msgid "Duplicate serial: {g}"
 msgstr ""
 
-#: InvenTree/helpers.py:384
+#: InvenTree/helpers.py:386
 msgid "No serial numbers found"
 msgstr ""
 
-#: InvenTree/helpers.py:388
+#: InvenTree/helpers.py:390
 #, python-brace-format
 msgid "Number of unique serial number ({s}) must match quantity ({q})"
 msgstr ""
@@ -99,19 +99,19 @@ msgstr ""
 msgid "Description (optional)"
 msgstr ""
 
-#: InvenTree/settings.py:343
+#: InvenTree/settings.py:348
 msgid "English"
 msgstr ""
 
-#: InvenTree/settings.py:344
+#: InvenTree/settings.py:349
 msgid "German"
 msgstr ""
 
-#: InvenTree/settings.py:345
+#: InvenTree/settings.py:350
 msgid "French"
 msgstr ""
 
-#: InvenTree/settings.py:346
+#: InvenTree/settings.py:351
 msgid "Polish"
 msgstr ""
 
@@ -144,7 +144,7 @@ msgid "Returned"
 msgstr ""
 
 #: InvenTree/status_codes.py:136
-#: order/templates/order/sales_order_base.html:103
+#: order/templates/order/sales_order_base.html:105
 msgid "Shipped"
 msgstr ""
 
@@ -199,7 +199,7 @@ msgstr ""
 msgid "Overage must be an integer value or a percentage"
 msgstr ""
 
-#: InvenTree/views.py:661
+#: InvenTree/views.py:703
 msgid "Database Statistics"
 msgstr ""
 
@@ -263,7 +263,7 @@ msgstr ""
 msgid "Build quantity must be integer value for trackable parts"
 msgstr ""
 
-#: build/models.py:73 build/templates/build/build_base.html:70
+#: build/models.py:73 build/templates/build/build_base.html:72
 msgid "Build Title"
 msgstr ""
 
@@ -271,7 +271,7 @@ msgstr ""
 msgid "Brief description of the build"
 msgstr ""
 
-#: build/models.py:84 build/templates/build/build_base.html:91
+#: build/models.py:84 build/templates/build/build_base.html:93
 msgid "Parent Build"
 msgstr ""
 
@@ -281,7 +281,7 @@ msgstr ""
 
 #: build/models.py:90 build/templates/build/allocate.html:329
 #: build/templates/build/auto_allocate.html:19
-#: build/templates/build/build_base.html:75
+#: build/templates/build/build_base.html:77
 #: build/templates/build/detail.html:22 order/models.py:501
 #: order/templates/order/order_wizard/select_parts.html:30
 #: order/templates/order/purchase_order_detail.html:147
@@ -403,7 +403,7 @@ msgid "Stock quantity to allocate to build"
 msgstr ""
 
 #: build/templates/build/allocate.html:17
-#: company/templates/company/detail_part.html:18 order/views.py:779
+#: company/templates/company/detail_part.html:18 order/views.py:804
 #: part/templates/part/category.html:122
 msgid "Order Parts"
 msgstr ""
@@ -437,7 +437,7 @@ msgstr ""
 
 #: build/templates/build/allocate.html:172
 #: build/templates/build/auto_allocate.html:20
-#: build/templates/build/build_base.html:80
+#: build/templates/build/build_base.html:82
 #: build/templates/build/detail.html:27
 #: company/templates/company/supplier_part_pricing.html:71
 #: order/templates/order/order_wizard/select_parts.html:32
@@ -570,11 +570,27 @@ msgstr ""
 msgid "Admin view"
 msgstr ""
 
-#: build/templates/build/build_base.html:66 build/templates/build/detail.html:9
+#: build/templates/build/build_base.html:45
+msgid "Edit Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:49 build/views.py:190
+msgid "Complete Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:52 build/views.py:58
+msgid "Cancel Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:58 build/views.py:454
+msgid "Delete Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:68 build/templates/build/detail.html:9
 msgid "Build Details"
 msgstr ""
 
-#: build/templates/build/build_base.html:85
+#: build/templates/build/build_base.html:87
 #: build/templates/build/detail.html:42
 #: order/templates/order/receive_parts.html:24
 #: stock/templates/stock/item_base.html:276 templates/InvenTree/search.html:175
@@ -584,7 +600,7 @@ msgstr ""
 msgid "Status"
 msgstr ""
 
-#: build/templates/build/build_base.html:98 order/models.py:499
+#: build/templates/build/build_base.html:100 order/models.py:499
 #: order/templates/order/sales_order_base.html:9
 #: order/templates/order/sales_order_base.html:33
 #: order/templates/order/sales_order_notes.html:10
@@ -594,15 +610,15 @@ msgstr ""
 msgid "Sales Order"
 msgstr ""
 
-#: build/templates/build/build_base.html:104
+#: build/templates/build/build_base.html:106
 msgid "BOM Price"
 msgstr ""
 
-#: build/templates/build/build_base.html:109
+#: build/templates/build/build_base.html:111
 msgid "BOM pricing is incomplete"
 msgstr ""
 
-#: build/templates/build/build_base.html:112
+#: build/templates/build/build_base.html:114
 msgid "No pricing information"
 msgstr ""
 
@@ -664,8 +680,8 @@ msgid "Batch"
 msgstr ""
 
 #: build/templates/build/detail.html:61
-#: order/templates/order/order_base.html:98
-#: order/templates/order/sales_order_base.html:97 templates/js/build.html:71
+#: order/templates/order/order_base.html:100
+#: order/templates/order/sales_order_base.html:99 templates/js/build.html:71
 msgid "Created"
 msgstr ""
 
@@ -707,7 +723,7 @@ msgid "Save"
 msgstr ""
 
 #: build/templates/build/notes.html:33 company/templates/company/notes.html:30
-#: order/templates/order/order_notes.html:32
+#: order/templates/order/order_notes.html:33
 #: order/templates/order/sales_order_notes.html:37
 #: part/templates/part/notes.html:33 stock/templates/stock/item_notes.html:33
 msgid "Edit notes"
@@ -726,100 +742,88 @@ msgstr ""
 msgid "Are you sure you wish to unallocate all stock for this build?"
 msgstr ""
 
-#: build/views.py:56
-msgid "Cancel Build"
-msgstr ""
-
-#: build/views.py:74
+#: build/views.py:77
 msgid "Confirm build cancellation"
 msgstr ""
 
-#: build/views.py:79
+#: build/views.py:82
 msgid "Build was cancelled"
 msgstr ""
 
-#: build/views.py:95
+#: build/views.py:98
 msgid "Allocate Stock"
 msgstr ""
 
-#: build/views.py:108
+#: build/views.py:112
 msgid "No matching build found"
 msgstr ""
 
-#: build/views.py:127
+#: build/views.py:131
 msgid "Confirm stock allocation"
 msgstr ""
 
-#: build/views.py:128
+#: build/views.py:132
 msgid "Check the confirmation box at the bottom of the list"
 msgstr ""
 
-#: build/views.py:148 build/views.py:452
+#: build/views.py:152 build/views.py:465
 msgid "Unallocate Stock"
 msgstr ""
 
-#: build/views.py:161
+#: build/views.py:166
 msgid "Confirm unallocation of build stock"
 msgstr ""
 
-#: build/views.py:162 stock/views.py:405
+#: build/views.py:167 stock/views.py:405
 msgid "Check the confirmation box"
 msgstr ""
 
-#: build/views.py:185
-msgid "Complete Build"
-msgstr ""
-
-#: build/views.py:264
+#: build/views.py:270
 msgid "Confirm completion of build"
 msgstr ""
 
-#: build/views.py:271
+#: build/views.py:277
 msgid "Invalid location selected"
 msgstr ""
 
-#: build/views.py:296 stock/views.py:1621
+#: build/views.py:302 stock/views.py:1621
 #, python-brace-format
 msgid "The following serial numbers already exist: ({sn})"
 msgstr ""
 
-#: build/views.py:317
+#: build/views.py:323
 msgid "Build marked as COMPLETE"
 msgstr ""
 
-#: build/views.py:393
+#: build/views.py:403
 msgid "Start new Build"
 msgstr ""
 
-#: build/views.py:418
+#: build/views.py:429
 msgid "Created new build"
 msgstr ""
 
-#: build/views.py:428
+#: build/views.py:439
 msgid "Edit Build Details"
 msgstr ""
 
-#: build/views.py:433
+#: build/views.py:445
 msgid "Edited build"
 msgstr ""
 
-#: build/views.py:442
-msgid "Delete Build"
-msgstr ""
-
-#: build/views.py:457
+#: build/views.py:471
 msgid "Removed parts from build allocation"
 msgstr ""
 
-#: build/views.py:467
+#: build/views.py:481
 msgid "Allocate new Part"
 msgstr ""
 
-#: build/views.py:620
+#: build/views.py:635
 msgid "Edit Stock Allocation"
 msgstr ""
 
-#: build/views.py:624
+#: build/views.py:640
 msgid "Updated Build Item"
 msgstr ""
 
@@ -1014,7 +1018,7 @@ msgstr ""
 #: company/templates/company/detail.html:21
 #: company/templates/company/supplier_part_base.html:66
 #: company/templates/company/supplier_part_detail.html:21
-#: order/templates/order/order_base.html:79
+#: order/templates/order/order_base.html:81
 #: order/templates/order/order_wizard/select_pos.html:30 part/bom.py:170
 #: stock/templates/stock/item_base.html:251 templates/js/company.html:48
 #: templates/js/company.html:162 templates/js/order.html:146
@@ -1022,7 +1026,7 @@ msgid "Supplier"
 msgstr ""
 
 #: company/templates/company/detail.html:26
-#: order/templates/order/sales_order_base.html:78 stock/models.py:370
+#: order/templates/order/sales_order_base.html:80 stock/models.py:370
 #: stock/models.py:371 stock/templates/stock/item_base.html:169
 #: templates/js/company.html:40 templates/js/order.html:221
 msgid "Customer"
@@ -1123,12 +1127,12 @@ msgid "Purchase Orders"
 msgstr ""
 
 #: company/templates/company/purchase_orders.html:14
-#: order/templates/order/purchase_orders.html:17
+#: order/templates/order/purchase_orders.html:18
 msgid "Create new purchase order"
 msgstr ""
 
 #: company/templates/company/purchase_orders.html:14
-#: order/templates/order/purchase_orders.html:17
+#: order/templates/order/purchase_orders.html:18
 msgid "New Purchase Order"
 msgstr ""
 
@@ -1142,12 +1146,12 @@ msgid "Sales Orders"
 msgstr ""
 
 #: company/templates/company/sales_orders.html:14
-#: order/templates/order/sales_orders.html:17
+#: order/templates/order/sales_orders.html:18
 msgid "Create new sales order"
 msgstr ""
 
 #: company/templates/company/sales_orders.html:14
-#: order/templates/order/sales_orders.html:17
+#: order/templates/order/sales_orders.html:18
 msgid "New Sales Order"
 msgstr ""
 
@@ -1205,7 +1209,7 @@ msgid "Pricing Information"
 msgstr ""
 
 #: company/templates/company/supplier_part_pricing.html:15 company/views.py:399
-#: part/templates/part/sale_prices.html:13 part/views.py:2226
+#: part/templates/part/sale_prices.html:13 part/views.py:2228
 msgid "Add Price Break"
 msgstr ""
 
@@ -1330,15 +1334,15 @@ msgstr ""
 msgid "Delete Supplier Part"
 msgstr ""
 
-#: company/views.py:404 part/views.py:2232
+#: company/views.py:404 part/views.py:2234
 msgid "Added new price break"
 msgstr ""
 
-#: company/views.py:441 part/views.py:2277
+#: company/views.py:441 part/views.py:2279
 msgid "Edit Price Break"
 msgstr ""
 
-#: company/views.py:456 part/views.py:2293
+#: company/views.py:456 part/views.py:2295
 msgid "Delete Price Break"
 msgstr ""
 
@@ -1366,20 +1370,20 @@ msgstr ""
 msgid "Enabled"
 msgstr ""
 
-#: order/forms.py:24
+#: order/forms.py:24 order/templates/order/order_base.html:40
 msgid "Place order"
 msgstr ""
 
-#: order/forms.py:35
+#: order/forms.py:35 order/templates/order/order_base.html:47
 msgid "Mark order as complete"
 msgstr ""
 
-#: order/forms.py:46 order/forms.py:57
-#: order/templates/order/sales_order_base.html:54
+#: order/forms.py:46 order/forms.py:57 order/templates/order/order_base.html:52
+#: order/templates/order/sales_order_base.html:52
 msgid "Cancel order"
 msgstr ""
 
-#: order/forms.py:68 order/templates/order/sales_order_base.html:51
+#: order/forms.py:68 order/templates/order/sales_order_base.html:49
 msgid "Ship order"
 msgstr ""
 
@@ -1431,7 +1435,7 @@ msgstr ""
 msgid "Date order was completed"
 msgstr ""
 
-#: order/models.py:185 order/models.py:259 part/views.py:1343
+#: order/models.py:185 order/models.py:259 part/views.py:1345
 #: stock/models.py:241 stock/models.py:805
 msgid "Quantity must be greater than zero"
 msgstr ""
@@ -1512,32 +1516,44 @@ msgstr ""
 msgid "Are you sure you want to delete this attachment?"
 msgstr ""
 
-#: order/templates/order/order_base.html:64
+#: order/templates/order/order_base.html:36
+msgid "Edit order information"
+msgstr ""
+
+#: order/templates/order/order_base.html:44
+msgid "Receive items"
+msgstr ""
+
+#: order/templates/order/order_base.html:57
+msgid "Export order to file"
+msgstr ""
+
+#: order/templates/order/order_base.html:66
 msgid "Purchase Order Details"
 msgstr ""
 
-#: order/templates/order/order_base.html:69
-#: order/templates/order/sales_order_base.html:68
+#: order/templates/order/order_base.html:71
+#: order/templates/order/sales_order_base.html:70
 msgid "Order Reference"
 msgstr ""
 
-#: order/templates/order/order_base.html:74
-#: order/templates/order/sales_order_base.html:73
+#: order/templates/order/order_base.html:76
+#: order/templates/order/sales_order_base.html:75
 msgid "Order Status"
 msgstr ""
 
-#: order/templates/order/order_base.html:85 templates/js/order.html:153
+#: order/templates/order/order_base.html:87 templates/js/order.html:153
 msgid "Supplier Reference"
 msgstr ""
 
-#: order/templates/order/order_base.html:104
+#: order/templates/order/order_base.html:106
 msgid "Issued"
 msgstr ""
 
-#: order/templates/order/order_base.html:111
+#: order/templates/order/order_base.html:113
 #: order/templates/order/purchase_order_detail.html:182
 #: order/templates/order/receive_parts.html:22
-#: order/templates/order/sales_order_base.html:110
+#: order/templates/order/sales_order_base.html:112
 msgid "Received"
 msgstr ""
 
@@ -1605,8 +1621,8 @@ msgid "Attachments"
 msgstr ""
 
 #: order/templates/order/purchase_order_detail.html:16
-#: order/templates/order/sales_order_detail.html:17 order/views.py:1087
-#: order/views.py:1201
+#: order/templates/order/sales_order_detail.html:17 order/views.py:1117
+#: order/views.py:1232
 msgid "Add Line Item"
 msgstr ""
 
@@ -1674,15 +1690,15 @@ msgstr ""
 msgid "This SalesOrder has not been fully allocated"
 msgstr ""
 
-#: order/templates/order/sales_order_base.html:47
+#: order/templates/order/sales_order_base.html:57
 msgid "Packing List"
 msgstr ""
 
-#: order/templates/order/sales_order_base.html:63
+#: order/templates/order/sales_order_base.html:65
 msgid "Sales Order Details"
 msgstr ""
 
-#: order/templates/order/sales_order_base.html:84 templates/js/order.html:228
+#: order/templates/order/sales_order_base.html:86 templates/js/order.html:228
 msgid "Customer Reference"
 msgstr ""
 
@@ -1746,147 +1762,147 @@ msgstr ""
 msgid "Order Items"
 msgstr ""
 
-#: order/views.py:93
+#: order/views.py:99
 msgid "Add Purchase Order Attachment"
 msgstr ""
 
-#: order/views.py:102 order/views.py:149 part/views.py:90 stock/views.py:167
+#: order/views.py:109 order/views.py:157 part/views.py:92 stock/views.py:167
 msgid "Added attachment"
 msgstr ""
 
-#: order/views.py:141
+#: order/views.py:148
 msgid "Add Sales Order Attachment"
 msgstr ""
 
-#: order/views.py:176 order/views.py:197
+#: order/views.py:184 order/views.py:206
 msgid "Edit Attachment"
 msgstr ""
 
-#: order/views.py:180 order/views.py:201
+#: order/views.py:189 order/views.py:211
 msgid "Attachment updated"
 msgstr ""
 
-#: order/views.py:216 order/views.py:230
+#: order/views.py:226 order/views.py:241
 msgid "Delete Attachment"
 msgstr ""
 
-#: order/views.py:222 order/views.py:236 stock/views.py:223
+#: order/views.py:233 order/views.py:248 stock/views.py:223
 msgid "Deleted attachment"
 msgstr ""
 
-#: order/views.py:287
+#: order/views.py:301
 msgid "Create Purchase Order"
 msgstr ""
 
-#: order/views.py:318
+#: order/views.py:333
 msgid "Create Sales Order"
 msgstr ""
 
-#: order/views.py:348
+#: order/views.py:364
 msgid "Edit Purchase Order"
 msgstr ""
 
-#: order/views.py:368
+#: order/views.py:385
 msgid "Edit Sales Order"
 msgstr ""
 
-#: order/views.py:384
+#: order/views.py:402
 msgid "Cancel Order"
 msgstr ""
 
-#: order/views.py:399 order/views.py:431
+#: order/views.py:418 order/views.py:451
 msgid "Confirm order cancellation"
 msgstr ""
 
-#: order/views.py:417
+#: order/views.py:436
 msgid "Cancel sales order"
 msgstr ""
 
-#: order/views.py:437
+#: order/views.py:457
 msgid "Could not cancel order"
 msgstr ""
 
-#: order/views.py:451
+#: order/views.py:471
 msgid "Issue Order"
 msgstr ""
 
-#: order/views.py:466
+#: order/views.py:487
 msgid "Confirm order placement"
 msgstr ""
 
-#: order/views.py:487
+#: order/views.py:508
 msgid "Complete Order"
 msgstr ""
 
-#: order/views.py:522
+#: order/views.py:544
 msgid "Ship Order"
 msgstr ""
 
-#: order/views.py:538
+#: order/views.py:561
 msgid "Confirm order shipment"
 msgstr ""
 
-#: order/views.py:544
+#: order/views.py:567
 msgid "Could not ship order"
 msgstr ""
 
-#: order/views.py:595
+#: order/views.py:619
 msgid "Receive Parts"
 msgstr ""
 
-#: order/views.py:662
+#: order/views.py:687
 msgid "Items received"
 msgstr ""
 
-#: order/views.py:676
+#: order/views.py:701
 msgid "No destination set"
 msgstr ""
 
-#: order/views.py:721
+#: order/views.py:746
 msgid "Error converting quantity to number"
 msgstr ""
 
-#: order/views.py:727
+#: order/views.py:752
 msgid "Receive quantity less than zero"
 msgstr ""
 
-#: order/views.py:733
+#: order/views.py:758
 msgid "No lines specified"
 msgstr ""
 
-#: order/views.py:1107
+#: order/views.py:1138
 msgid "Invalid Purchase Order"
 msgstr ""
 
-#: order/views.py:1115
+#: order/views.py:1146
 msgid "Supplier must match for Part and Order"
 msgstr ""
 
-#: order/views.py:1120
+#: order/views.py:1151
 msgid "Invalid SupplierPart selection"
 msgstr ""
 
-#: order/views.py:1252 order/views.py:1270
+#: order/views.py:1284 order/views.py:1303
 msgid "Edit Line Item"
 msgstr ""
 
-#: order/views.py:1286 order/views.py:1298
+#: order/views.py:1320 order/views.py:1333
 msgid "Delete Line Item"
 msgstr ""
 
-#: order/views.py:1291 order/views.py:1303
+#: order/views.py:1326 order/views.py:1339
 msgid "Deleted line item"
 msgstr ""
 
-#: order/views.py:1312
+#: order/views.py:1348
 msgid "Allocate Stock to Order"
 msgstr ""
 
-#: order/views.py:1381
+#: order/views.py:1418
 msgid "Edit Allocation Quantity"
 msgstr ""
 
-#: order/views.py:1396
+#: order/views.py:1434
 msgid "Remove allocation"
 msgstr ""
 
@@ -2226,7 +2242,7 @@ msgstr ""
 msgid "BOM line checksum"
 msgstr ""
 
-#: part/models.py:1612 part/views.py:1349 part/views.py:1401
+#: part/models.py:1612 part/views.py:1351 part/views.py:1403
 #: stock/models.py:231
 msgid "Quantity must be integer value for trackable parts"
 msgstr ""
@@ -2293,7 +2309,7 @@ msgstr ""
 msgid "Validate Bill of Materials"
 msgstr ""
 
-#: part/templates/part/bom.html:48 part/views.py:1640
+#: part/templates/part/bom.html:48 part/views.py:1642
 msgid "Export Bill of Materials"
 msgstr ""
 
@@ -2385,7 +2401,7 @@ msgstr ""
 msgid "All parts"
 msgstr ""
 
-#: part/templates/part/category.html:24 part/views.py:2043
+#: part/templates/part/category.html:24 part/views.py:2045
 msgid "Create new part category"
 msgstr ""
 
@@ -2425,7 +2441,7 @@ msgstr ""
 msgid "Export Part Data"
 msgstr ""
 
-#: part/templates/part/category.html:114 part/views.py:511
+#: part/templates/part/category.html:114 part/views.py:513
 msgid "Create new part"
 msgstr ""
 
@@ -2642,7 +2658,7 @@ msgid "Edit"
 msgstr ""
 
 #: part/templates/part/params.html:39 part/templates/part/supplier.html:17
-#: users/models.py:141
+#: users/models.py:145
 msgid "Delete"
 msgstr ""
 
@@ -2842,176 +2858,176 @@ msgstr ""
 msgid "New Variant"
 msgstr ""
 
-#: part/views.py:78
+#: part/views.py:80
 msgid "Add part attachment"
 msgstr ""
 
-#: part/views.py:129 templates/attachment_table.html:30
+#: part/views.py:131 templates/attachment_table.html:30
 msgid "Edit attachment"
 msgstr ""
 
-#: part/views.py:135
+#: part/views.py:137
 msgid "Part attachment updated"
 msgstr ""
 
-#: part/views.py:150
+#: part/views.py:152
 msgid "Delete Part Attachment"
 msgstr ""
 
-#: part/views.py:158
+#: part/views.py:160
 msgid "Deleted part attachment"
 msgstr ""
 
-#: part/views.py:167
+#: part/views.py:169
 msgid "Create Test Template"
 msgstr ""
 
-#: part/views.py:196
+#: part/views.py:198
 msgid "Edit Test Template"
 msgstr ""
 
-#: part/views.py:212
+#: part/views.py:214
 msgid "Delete Test Template"
 msgstr ""
 
-#: part/views.py:221
+#: part/views.py:223
 msgid "Set Part Category"
 msgstr ""
 
-#: part/views.py:271
+#: part/views.py:273
 #, python-brace-format
 msgid "Set category for {n} parts"
 msgstr ""
 
-#: part/views.py:306
+#: part/views.py:308
 msgid "Create Variant"
 msgstr ""
 
-#: part/views.py:386
+#: part/views.py:388
 msgid "Duplicate Part"
 msgstr ""
 
-#: part/views.py:393
+#: part/views.py:395
 msgid "Copied part"
 msgstr ""
 
-#: part/views.py:518
+#: part/views.py:520
 msgid "Created new part"
 msgstr ""
 
-#: part/views.py:733
+#: part/views.py:735
 msgid "Part QR Code"
 msgstr ""
 
-#: part/views.py:752
+#: part/views.py:754
 msgid "Upload Part Image"
 msgstr ""
 
-#: part/views.py:760 part/views.py:797
+#: part/views.py:762 part/views.py:799
 msgid "Updated part image"
 msgstr ""
 
-#: part/views.py:769
+#: part/views.py:771
 msgid "Select Part Image"
 msgstr ""
 
-#: part/views.py:800
+#: part/views.py:802
 msgid "Part image not found"
 msgstr ""
 
-#: part/views.py:811
+#: part/views.py:813
 msgid "Edit Part Properties"
 msgstr ""
 
-#: part/views.py:835
+#: part/views.py:837
 msgid "Validate BOM"
 msgstr ""
 
-#: part/views.py:1002
+#: part/views.py:1004
 msgid "No BOM file provided"
 msgstr ""
 
-#: part/views.py:1352
+#: part/views.py:1354
 msgid "Enter a valid quantity"
 msgstr ""
 
-#: part/views.py:1377 part/views.py:1380
+#: part/views.py:1379 part/views.py:1382
 msgid "Select valid part"
 msgstr ""
 
-#: part/views.py:1386
+#: part/views.py:1388
 msgid "Duplicate part selected"
 msgstr ""
 
-#: part/views.py:1424
+#: part/views.py:1426
 msgid "Select a part"
 msgstr ""
 
-#: part/views.py:1430
+#: part/views.py:1432
 msgid "Selected part creates a circular BOM"
 msgstr ""
 
-#: part/views.py:1434
+#: part/views.py:1436
 msgid "Specify quantity"
 msgstr ""
 
-#: part/views.py:1690
+#: part/views.py:1692
 msgid "Confirm Part Deletion"
 msgstr ""
 
-#: part/views.py:1699
+#: part/views.py:1701
 msgid "Part was deleted"
 msgstr ""
 
-#: part/views.py:1708
+#: part/views.py:1710
 msgid "Part Pricing"
 msgstr ""
 
-#: part/views.py:1834
+#: part/views.py:1836
 msgid "Create Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1844
+#: part/views.py:1846
 msgid "Edit Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1853
+#: part/views.py:1855
 msgid "Delete Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1863
+#: part/views.py:1865
 msgid "Create Part Parameter"
 msgstr ""
 
-#: part/views.py:1915
+#: part/views.py:1917
 msgid "Edit Part Parameter"
 msgstr ""
 
-#: part/views.py:1931
+#: part/views.py:1933
 msgid "Delete Part Parameter"
 msgstr ""
 
-#: part/views.py:1990
+#: part/views.py:1992
 msgid "Edit Part Category"
 msgstr ""
 
-#: part/views.py:2027
+#: part/views.py:2029
 msgid "Delete Part Category"
 msgstr ""
 
-#: part/views.py:2035
+#: part/views.py:2037
 msgid "Part category was deleted"
 msgstr ""
 
-#: part/views.py:2098
+#: part/views.py:2100
 msgid "Create BOM item"
 msgstr ""
 
-#: part/views.py:2166
+#: part/views.py:2168
 msgid "Edit BOM item"
 msgstr ""
 
-#: part/views.py:2216
+#: part/views.py:2218
 msgid "Confim BOM item deletion"
 msgstr ""
 
@@ -4497,58 +4513,58 @@ msgstr ""
 msgid "Delete Stock"
 msgstr ""
 
-#: users/admin.py:62
+#: users/admin.py:61
 msgid "Users"
 msgstr ""
 
-#: users/admin.py:63
+#: users/admin.py:62
 msgid "Select which users are assigned to this group"
 msgstr ""
 
-#: users/admin.py:124
+#: users/admin.py:120
 msgid "Personal info"
 msgstr ""
 
-#: users/admin.py:125
+#: users/admin.py:121
 msgid "Permissions"
 msgstr ""
 
-#: users/admin.py:128
+#: users/admin.py:124
 msgid "Important dates"
 msgstr ""
 
-#: users/models.py:124
+#: users/models.py:128
 msgid "Permission set"
 msgstr ""
 
-#: users/models.py:132
+#: users/models.py:136
 msgid "Group"
 msgstr ""
 
-#: users/models.py:135
+#: users/models.py:139
 msgid "View"
 msgstr ""
 
-#: users/models.py:135
+#: users/models.py:139
 msgid "Permission to view items"
 msgstr ""
 
-#: users/models.py:137
-msgid "Create"
-msgstr ""
-
-#: users/models.py:137
-msgid "Permission to add items"
-msgstr ""
-
-#: users/models.py:139
-msgid "Update"
-msgstr ""
-
-#: users/models.py:139
-msgid "Permissions to edit items"
+#: users/models.py:141
+msgid "Add"
 msgstr ""
 
 #: users/models.py:141
+msgid "Permission to add items"
+msgstr ""
+
+#: users/models.py:143
+msgid "Change"
+msgstr ""
+
+#: users/models.py:143
+msgid "Permissions to edit items"
+msgstr ""
+
+#: users/models.py:145
 msgid "Permission to delete items"
 msgstr ""
diff --git a/InvenTree/locale/es/LC_MESSAGES/django.po b/InvenTree/locale/es/LC_MESSAGES/django.po
index 0f38022f92..74b435c791 100644
--- a/InvenTree/locale/es/LC_MESSAGES/django.po
+++ b/InvenTree/locale/es/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-10-05 13:20+0000\n"
+"POT-Creation-Date: 2020-10-06 09:31+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -18,11 +18,11 @@ msgstr ""
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 
-#: InvenTree/api.py:83
+#: InvenTree/api.py:85
 msgid "No action specified"
 msgstr ""
 
-#: InvenTree/api.py:97
+#: InvenTree/api.py:99
 msgid "No matching action found"
 msgstr ""
 
@@ -46,34 +46,34 @@ msgstr ""
 msgid "Apply Theme"
 msgstr ""
 
-#: InvenTree/helpers.py:337 order/models.py:187 order/models.py:261
+#: InvenTree/helpers.py:339 order/models.py:187 order/models.py:261
 msgid "Invalid quantity provided"
 msgstr ""
 
-#: InvenTree/helpers.py:340
+#: InvenTree/helpers.py:342
 msgid "Empty serial number string"
 msgstr ""
 
-#: InvenTree/helpers.py:361
+#: InvenTree/helpers.py:363
 #, python-brace-format
 msgid "Duplicate serial: {n}"
 msgstr ""
 
-#: InvenTree/helpers.py:365 InvenTree/helpers.py:368 InvenTree/helpers.py:371
+#: InvenTree/helpers.py:367 InvenTree/helpers.py:370 InvenTree/helpers.py:373
 #, python-brace-format
 msgid "Invalid group: {g}"
 msgstr ""
 
-#: InvenTree/helpers.py:376
+#: InvenTree/helpers.py:378
 #, python-brace-format
 msgid "Duplicate serial: {g}"
 msgstr ""
 
-#: InvenTree/helpers.py:384
+#: InvenTree/helpers.py:386
 msgid "No serial numbers found"
 msgstr ""
 
-#: InvenTree/helpers.py:388
+#: InvenTree/helpers.py:390
 #, python-brace-format
 msgid "Number of unique serial number ({s}) must match quantity ({q})"
 msgstr ""
@@ -99,19 +99,19 @@ msgstr ""
 msgid "Description (optional)"
 msgstr ""
 
-#: InvenTree/settings.py:343
+#: InvenTree/settings.py:348
 msgid "English"
 msgstr ""
 
-#: InvenTree/settings.py:344
+#: InvenTree/settings.py:349
 msgid "German"
 msgstr ""
 
-#: InvenTree/settings.py:345
+#: InvenTree/settings.py:350
 msgid "French"
 msgstr ""
 
-#: InvenTree/settings.py:346
+#: InvenTree/settings.py:351
 msgid "Polish"
 msgstr ""
 
@@ -144,7 +144,7 @@ msgid "Returned"
 msgstr ""
 
 #: InvenTree/status_codes.py:136
-#: order/templates/order/sales_order_base.html:103
+#: order/templates/order/sales_order_base.html:105
 msgid "Shipped"
 msgstr ""
 
@@ -199,7 +199,7 @@ msgstr ""
 msgid "Overage must be an integer value or a percentage"
 msgstr ""
 
-#: InvenTree/views.py:661
+#: InvenTree/views.py:703
 msgid "Database Statistics"
 msgstr ""
 
@@ -263,7 +263,7 @@ msgstr ""
 msgid "Build quantity must be integer value for trackable parts"
 msgstr ""
 
-#: build/models.py:73 build/templates/build/build_base.html:70
+#: build/models.py:73 build/templates/build/build_base.html:72
 msgid "Build Title"
 msgstr ""
 
@@ -271,7 +271,7 @@ msgstr ""
 msgid "Brief description of the build"
 msgstr ""
 
-#: build/models.py:84 build/templates/build/build_base.html:91
+#: build/models.py:84 build/templates/build/build_base.html:93
 msgid "Parent Build"
 msgstr ""
 
@@ -281,7 +281,7 @@ msgstr ""
 
 #: build/models.py:90 build/templates/build/allocate.html:329
 #: build/templates/build/auto_allocate.html:19
-#: build/templates/build/build_base.html:75
+#: build/templates/build/build_base.html:77
 #: build/templates/build/detail.html:22 order/models.py:501
 #: order/templates/order/order_wizard/select_parts.html:30
 #: order/templates/order/purchase_order_detail.html:147
@@ -403,7 +403,7 @@ msgid "Stock quantity to allocate to build"
 msgstr ""
 
 #: build/templates/build/allocate.html:17
-#: company/templates/company/detail_part.html:18 order/views.py:779
+#: company/templates/company/detail_part.html:18 order/views.py:804
 #: part/templates/part/category.html:122
 msgid "Order Parts"
 msgstr ""
@@ -437,7 +437,7 @@ msgstr ""
 
 #: build/templates/build/allocate.html:172
 #: build/templates/build/auto_allocate.html:20
-#: build/templates/build/build_base.html:80
+#: build/templates/build/build_base.html:82
 #: build/templates/build/detail.html:27
 #: company/templates/company/supplier_part_pricing.html:71
 #: order/templates/order/order_wizard/select_parts.html:32
@@ -570,11 +570,27 @@ msgstr ""
 msgid "Admin view"
 msgstr ""
 
-#: build/templates/build/build_base.html:66 build/templates/build/detail.html:9
+#: build/templates/build/build_base.html:45
+msgid "Edit Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:49 build/views.py:190
+msgid "Complete Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:52 build/views.py:58
+msgid "Cancel Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:58 build/views.py:454
+msgid "Delete Build"
+msgstr ""
+
+#: build/templates/build/build_base.html:68 build/templates/build/detail.html:9
 msgid "Build Details"
 msgstr ""
 
-#: build/templates/build/build_base.html:85
+#: build/templates/build/build_base.html:87
 #: build/templates/build/detail.html:42
 #: order/templates/order/receive_parts.html:24
 #: stock/templates/stock/item_base.html:276 templates/InvenTree/search.html:175
@@ -584,7 +600,7 @@ msgstr ""
 msgid "Status"
 msgstr ""
 
-#: build/templates/build/build_base.html:98 order/models.py:499
+#: build/templates/build/build_base.html:100 order/models.py:499
 #: order/templates/order/sales_order_base.html:9
 #: order/templates/order/sales_order_base.html:33
 #: order/templates/order/sales_order_notes.html:10
@@ -594,15 +610,15 @@ msgstr ""
 msgid "Sales Order"
 msgstr ""
 
-#: build/templates/build/build_base.html:104
+#: build/templates/build/build_base.html:106
 msgid "BOM Price"
 msgstr ""
 
-#: build/templates/build/build_base.html:109
+#: build/templates/build/build_base.html:111
 msgid "BOM pricing is incomplete"
 msgstr ""
 
-#: build/templates/build/build_base.html:112
+#: build/templates/build/build_base.html:114
 msgid "No pricing information"
 msgstr ""
 
@@ -664,8 +680,8 @@ msgid "Batch"
 msgstr ""
 
 #: build/templates/build/detail.html:61
-#: order/templates/order/order_base.html:98
-#: order/templates/order/sales_order_base.html:97 templates/js/build.html:71
+#: order/templates/order/order_base.html:100
+#: order/templates/order/sales_order_base.html:99 templates/js/build.html:71
 msgid "Created"
 msgstr ""
 
@@ -707,7 +723,7 @@ msgid "Save"
 msgstr ""
 
 #: build/templates/build/notes.html:33 company/templates/company/notes.html:30
-#: order/templates/order/order_notes.html:32
+#: order/templates/order/order_notes.html:33
 #: order/templates/order/sales_order_notes.html:37
 #: part/templates/part/notes.html:33 stock/templates/stock/item_notes.html:33
 msgid "Edit notes"
@@ -726,100 +742,88 @@ msgstr ""
 msgid "Are you sure you wish to unallocate all stock for this build?"
 msgstr ""
 
-#: build/views.py:56
-msgid "Cancel Build"
-msgstr ""
-
-#: build/views.py:74
+#: build/views.py:77
 msgid "Confirm build cancellation"
 msgstr ""
 
-#: build/views.py:79
+#: build/views.py:82
 msgid "Build was cancelled"
 msgstr ""
 
-#: build/views.py:95
+#: build/views.py:98
 msgid "Allocate Stock"
 msgstr ""
 
-#: build/views.py:108
+#: build/views.py:112
 msgid "No matching build found"
 msgstr ""
 
-#: build/views.py:127
+#: build/views.py:131
 msgid "Confirm stock allocation"
 msgstr ""
 
-#: build/views.py:128
+#: build/views.py:132
 msgid "Check the confirmation box at the bottom of the list"
 msgstr ""
 
-#: build/views.py:148 build/views.py:452
+#: build/views.py:152 build/views.py:465
 msgid "Unallocate Stock"
 msgstr ""
 
-#: build/views.py:161
+#: build/views.py:166
 msgid "Confirm unallocation of build stock"
 msgstr ""
 
-#: build/views.py:162 stock/views.py:405
+#: build/views.py:167 stock/views.py:405
 msgid "Check the confirmation box"
 msgstr ""
 
-#: build/views.py:185
-msgid "Complete Build"
-msgstr ""
-
-#: build/views.py:264
+#: build/views.py:270
 msgid "Confirm completion of build"
 msgstr ""
 
-#: build/views.py:271
+#: build/views.py:277
 msgid "Invalid location selected"
 msgstr ""
 
-#: build/views.py:296 stock/views.py:1621
+#: build/views.py:302 stock/views.py:1621
 #, python-brace-format
 msgid "The following serial numbers already exist: ({sn})"
 msgstr ""
 
-#: build/views.py:317
+#: build/views.py:323
 msgid "Build marked as COMPLETE"
 msgstr ""
 
-#: build/views.py:393
+#: build/views.py:403
 msgid "Start new Build"
 msgstr ""
 
-#: build/views.py:418
+#: build/views.py:429
 msgid "Created new build"
 msgstr ""
 
-#: build/views.py:428
+#: build/views.py:439
 msgid "Edit Build Details"
 msgstr ""
 
-#: build/views.py:433
+#: build/views.py:445
 msgid "Edited build"
 msgstr ""
 
-#: build/views.py:442
-msgid "Delete Build"
-msgstr ""
-
-#: build/views.py:457
+#: build/views.py:471
 msgid "Removed parts from build allocation"
 msgstr ""
 
-#: build/views.py:467
+#: build/views.py:481
 msgid "Allocate new Part"
 msgstr ""
 
-#: build/views.py:620
+#: build/views.py:635
 msgid "Edit Stock Allocation"
 msgstr ""
 
-#: build/views.py:624
+#: build/views.py:640
 msgid "Updated Build Item"
 msgstr ""
 
@@ -1014,7 +1018,7 @@ msgstr ""
 #: company/templates/company/detail.html:21
 #: company/templates/company/supplier_part_base.html:66
 #: company/templates/company/supplier_part_detail.html:21
-#: order/templates/order/order_base.html:79
+#: order/templates/order/order_base.html:81
 #: order/templates/order/order_wizard/select_pos.html:30 part/bom.py:170
 #: stock/templates/stock/item_base.html:251 templates/js/company.html:48
 #: templates/js/company.html:162 templates/js/order.html:146
@@ -1022,7 +1026,7 @@ msgid "Supplier"
 msgstr ""
 
 #: company/templates/company/detail.html:26
-#: order/templates/order/sales_order_base.html:78 stock/models.py:370
+#: order/templates/order/sales_order_base.html:80 stock/models.py:370
 #: stock/models.py:371 stock/templates/stock/item_base.html:169
 #: templates/js/company.html:40 templates/js/order.html:221
 msgid "Customer"
@@ -1123,12 +1127,12 @@ msgid "Purchase Orders"
 msgstr ""
 
 #: company/templates/company/purchase_orders.html:14
-#: order/templates/order/purchase_orders.html:17
+#: order/templates/order/purchase_orders.html:18
 msgid "Create new purchase order"
 msgstr ""
 
 #: company/templates/company/purchase_orders.html:14
-#: order/templates/order/purchase_orders.html:17
+#: order/templates/order/purchase_orders.html:18
 msgid "New Purchase Order"
 msgstr ""
 
@@ -1142,12 +1146,12 @@ msgid "Sales Orders"
 msgstr ""
 
 #: company/templates/company/sales_orders.html:14
-#: order/templates/order/sales_orders.html:17
+#: order/templates/order/sales_orders.html:18
 msgid "Create new sales order"
 msgstr ""
 
 #: company/templates/company/sales_orders.html:14
-#: order/templates/order/sales_orders.html:17
+#: order/templates/order/sales_orders.html:18
 msgid "New Sales Order"
 msgstr ""
 
@@ -1205,7 +1209,7 @@ msgid "Pricing Information"
 msgstr ""
 
 #: company/templates/company/supplier_part_pricing.html:15 company/views.py:399
-#: part/templates/part/sale_prices.html:13 part/views.py:2226
+#: part/templates/part/sale_prices.html:13 part/views.py:2228
 msgid "Add Price Break"
 msgstr ""
 
@@ -1330,15 +1334,15 @@ msgstr ""
 msgid "Delete Supplier Part"
 msgstr ""
 
-#: company/views.py:404 part/views.py:2232
+#: company/views.py:404 part/views.py:2234
 msgid "Added new price break"
 msgstr ""
 
-#: company/views.py:441 part/views.py:2277
+#: company/views.py:441 part/views.py:2279
 msgid "Edit Price Break"
 msgstr ""
 
-#: company/views.py:456 part/views.py:2293
+#: company/views.py:456 part/views.py:2295
 msgid "Delete Price Break"
 msgstr ""
 
@@ -1366,20 +1370,20 @@ msgstr ""
 msgid "Enabled"
 msgstr ""
 
-#: order/forms.py:24
+#: order/forms.py:24 order/templates/order/order_base.html:40
 msgid "Place order"
 msgstr ""
 
-#: order/forms.py:35
+#: order/forms.py:35 order/templates/order/order_base.html:47
 msgid "Mark order as complete"
 msgstr ""
 
-#: order/forms.py:46 order/forms.py:57
-#: order/templates/order/sales_order_base.html:54
+#: order/forms.py:46 order/forms.py:57 order/templates/order/order_base.html:52
+#: order/templates/order/sales_order_base.html:52
 msgid "Cancel order"
 msgstr ""
 
-#: order/forms.py:68 order/templates/order/sales_order_base.html:51
+#: order/forms.py:68 order/templates/order/sales_order_base.html:49
 msgid "Ship order"
 msgstr ""
 
@@ -1431,7 +1435,7 @@ msgstr ""
 msgid "Date order was completed"
 msgstr ""
 
-#: order/models.py:185 order/models.py:259 part/views.py:1343
+#: order/models.py:185 order/models.py:259 part/views.py:1345
 #: stock/models.py:241 stock/models.py:805
 msgid "Quantity must be greater than zero"
 msgstr ""
@@ -1512,32 +1516,44 @@ msgstr ""
 msgid "Are you sure you want to delete this attachment?"
 msgstr ""
 
-#: order/templates/order/order_base.html:64
+#: order/templates/order/order_base.html:36
+msgid "Edit order information"
+msgstr ""
+
+#: order/templates/order/order_base.html:44
+msgid "Receive items"
+msgstr ""
+
+#: order/templates/order/order_base.html:57
+msgid "Export order to file"
+msgstr ""
+
+#: order/templates/order/order_base.html:66
 msgid "Purchase Order Details"
 msgstr ""
 
-#: order/templates/order/order_base.html:69
-#: order/templates/order/sales_order_base.html:68
+#: order/templates/order/order_base.html:71
+#: order/templates/order/sales_order_base.html:70
 msgid "Order Reference"
 msgstr ""
 
-#: order/templates/order/order_base.html:74
-#: order/templates/order/sales_order_base.html:73
+#: order/templates/order/order_base.html:76
+#: order/templates/order/sales_order_base.html:75
 msgid "Order Status"
 msgstr ""
 
-#: order/templates/order/order_base.html:85 templates/js/order.html:153
+#: order/templates/order/order_base.html:87 templates/js/order.html:153
 msgid "Supplier Reference"
 msgstr ""
 
-#: order/templates/order/order_base.html:104
+#: order/templates/order/order_base.html:106
 msgid "Issued"
 msgstr ""
 
-#: order/templates/order/order_base.html:111
+#: order/templates/order/order_base.html:113
 #: order/templates/order/purchase_order_detail.html:182
 #: order/templates/order/receive_parts.html:22
-#: order/templates/order/sales_order_base.html:110
+#: order/templates/order/sales_order_base.html:112
 msgid "Received"
 msgstr ""
 
@@ -1605,8 +1621,8 @@ msgid "Attachments"
 msgstr ""
 
 #: order/templates/order/purchase_order_detail.html:16
-#: order/templates/order/sales_order_detail.html:17 order/views.py:1087
-#: order/views.py:1201
+#: order/templates/order/sales_order_detail.html:17 order/views.py:1117
+#: order/views.py:1232
 msgid "Add Line Item"
 msgstr ""
 
@@ -1674,15 +1690,15 @@ msgstr ""
 msgid "This SalesOrder has not been fully allocated"
 msgstr ""
 
-#: order/templates/order/sales_order_base.html:47
+#: order/templates/order/sales_order_base.html:57
 msgid "Packing List"
 msgstr ""
 
-#: order/templates/order/sales_order_base.html:63
+#: order/templates/order/sales_order_base.html:65
 msgid "Sales Order Details"
 msgstr ""
 
-#: order/templates/order/sales_order_base.html:84 templates/js/order.html:228
+#: order/templates/order/sales_order_base.html:86 templates/js/order.html:228
 msgid "Customer Reference"
 msgstr ""
 
@@ -1746,147 +1762,147 @@ msgstr ""
 msgid "Order Items"
 msgstr ""
 
-#: order/views.py:93
+#: order/views.py:99
 msgid "Add Purchase Order Attachment"
 msgstr ""
 
-#: order/views.py:102 order/views.py:149 part/views.py:90 stock/views.py:167
+#: order/views.py:109 order/views.py:157 part/views.py:92 stock/views.py:167
 msgid "Added attachment"
 msgstr ""
 
-#: order/views.py:141
+#: order/views.py:148
 msgid "Add Sales Order Attachment"
 msgstr ""
 
-#: order/views.py:176 order/views.py:197
+#: order/views.py:184 order/views.py:206
 msgid "Edit Attachment"
 msgstr ""
 
-#: order/views.py:180 order/views.py:201
+#: order/views.py:189 order/views.py:211
 msgid "Attachment updated"
 msgstr ""
 
-#: order/views.py:216 order/views.py:230
+#: order/views.py:226 order/views.py:241
 msgid "Delete Attachment"
 msgstr ""
 
-#: order/views.py:222 order/views.py:236 stock/views.py:223
+#: order/views.py:233 order/views.py:248 stock/views.py:223
 msgid "Deleted attachment"
 msgstr ""
 
-#: order/views.py:287
+#: order/views.py:301
 msgid "Create Purchase Order"
 msgstr ""
 
-#: order/views.py:318
+#: order/views.py:333
 msgid "Create Sales Order"
 msgstr ""
 
-#: order/views.py:348
+#: order/views.py:364
 msgid "Edit Purchase Order"
 msgstr ""
 
-#: order/views.py:368
+#: order/views.py:385
 msgid "Edit Sales Order"
 msgstr ""
 
-#: order/views.py:384
+#: order/views.py:402
 msgid "Cancel Order"
 msgstr ""
 
-#: order/views.py:399 order/views.py:431
+#: order/views.py:418 order/views.py:451
 msgid "Confirm order cancellation"
 msgstr ""
 
-#: order/views.py:417
+#: order/views.py:436
 msgid "Cancel sales order"
 msgstr ""
 
-#: order/views.py:437
+#: order/views.py:457
 msgid "Could not cancel order"
 msgstr ""
 
-#: order/views.py:451
+#: order/views.py:471
 msgid "Issue Order"
 msgstr ""
 
-#: order/views.py:466
+#: order/views.py:487
 msgid "Confirm order placement"
 msgstr ""
 
-#: order/views.py:487
+#: order/views.py:508
 msgid "Complete Order"
 msgstr ""
 
-#: order/views.py:522
+#: order/views.py:544
 msgid "Ship Order"
 msgstr ""
 
-#: order/views.py:538
+#: order/views.py:561
 msgid "Confirm order shipment"
 msgstr ""
 
-#: order/views.py:544
+#: order/views.py:567
 msgid "Could not ship order"
 msgstr ""
 
-#: order/views.py:595
+#: order/views.py:619
 msgid "Receive Parts"
 msgstr ""
 
-#: order/views.py:662
+#: order/views.py:687
 msgid "Items received"
 msgstr ""
 
-#: order/views.py:676
+#: order/views.py:701
 msgid "No destination set"
 msgstr ""
 
-#: order/views.py:721
+#: order/views.py:746
 msgid "Error converting quantity to number"
 msgstr ""
 
-#: order/views.py:727
+#: order/views.py:752
 msgid "Receive quantity less than zero"
 msgstr ""
 
-#: order/views.py:733
+#: order/views.py:758
 msgid "No lines specified"
 msgstr ""
 
-#: order/views.py:1107
+#: order/views.py:1138
 msgid "Invalid Purchase Order"
 msgstr ""
 
-#: order/views.py:1115
+#: order/views.py:1146
 msgid "Supplier must match for Part and Order"
 msgstr ""
 
-#: order/views.py:1120
+#: order/views.py:1151
 msgid "Invalid SupplierPart selection"
 msgstr ""
 
-#: order/views.py:1252 order/views.py:1270
+#: order/views.py:1284 order/views.py:1303
 msgid "Edit Line Item"
 msgstr ""
 
-#: order/views.py:1286 order/views.py:1298
+#: order/views.py:1320 order/views.py:1333
 msgid "Delete Line Item"
 msgstr ""
 
-#: order/views.py:1291 order/views.py:1303
+#: order/views.py:1326 order/views.py:1339
 msgid "Deleted line item"
 msgstr ""
 
-#: order/views.py:1312
+#: order/views.py:1348
 msgid "Allocate Stock to Order"
 msgstr ""
 
-#: order/views.py:1381
+#: order/views.py:1418
 msgid "Edit Allocation Quantity"
 msgstr ""
 
-#: order/views.py:1396
+#: order/views.py:1434
 msgid "Remove allocation"
 msgstr ""
 
@@ -2226,7 +2242,7 @@ msgstr ""
 msgid "BOM line checksum"
 msgstr ""
 
-#: part/models.py:1612 part/views.py:1349 part/views.py:1401
+#: part/models.py:1612 part/views.py:1351 part/views.py:1403
 #: stock/models.py:231
 msgid "Quantity must be integer value for trackable parts"
 msgstr ""
@@ -2293,7 +2309,7 @@ msgstr ""
 msgid "Validate Bill of Materials"
 msgstr ""
 
-#: part/templates/part/bom.html:48 part/views.py:1640
+#: part/templates/part/bom.html:48 part/views.py:1642
 msgid "Export Bill of Materials"
 msgstr ""
 
@@ -2385,7 +2401,7 @@ msgstr ""
 msgid "All parts"
 msgstr ""
 
-#: part/templates/part/category.html:24 part/views.py:2043
+#: part/templates/part/category.html:24 part/views.py:2045
 msgid "Create new part category"
 msgstr ""
 
@@ -2425,7 +2441,7 @@ msgstr ""
 msgid "Export Part Data"
 msgstr ""
 
-#: part/templates/part/category.html:114 part/views.py:511
+#: part/templates/part/category.html:114 part/views.py:513
 msgid "Create new part"
 msgstr ""
 
@@ -2642,7 +2658,7 @@ msgid "Edit"
 msgstr ""
 
 #: part/templates/part/params.html:39 part/templates/part/supplier.html:17
-#: users/models.py:141
+#: users/models.py:145
 msgid "Delete"
 msgstr ""
 
@@ -2842,176 +2858,176 @@ msgstr ""
 msgid "New Variant"
 msgstr ""
 
-#: part/views.py:78
+#: part/views.py:80
 msgid "Add part attachment"
 msgstr ""
 
-#: part/views.py:129 templates/attachment_table.html:30
+#: part/views.py:131 templates/attachment_table.html:30
 msgid "Edit attachment"
 msgstr ""
 
-#: part/views.py:135
+#: part/views.py:137
 msgid "Part attachment updated"
 msgstr ""
 
-#: part/views.py:150
+#: part/views.py:152
 msgid "Delete Part Attachment"
 msgstr ""
 
-#: part/views.py:158
+#: part/views.py:160
 msgid "Deleted part attachment"
 msgstr ""
 
-#: part/views.py:167
+#: part/views.py:169
 msgid "Create Test Template"
 msgstr ""
 
-#: part/views.py:196
+#: part/views.py:198
 msgid "Edit Test Template"
 msgstr ""
 
-#: part/views.py:212
+#: part/views.py:214
 msgid "Delete Test Template"
 msgstr ""
 
-#: part/views.py:221
+#: part/views.py:223
 msgid "Set Part Category"
 msgstr ""
 
-#: part/views.py:271
+#: part/views.py:273
 #, python-brace-format
 msgid "Set category for {n} parts"
 msgstr ""
 
-#: part/views.py:306
+#: part/views.py:308
 msgid "Create Variant"
 msgstr ""
 
-#: part/views.py:386
+#: part/views.py:388
 msgid "Duplicate Part"
 msgstr ""
 
-#: part/views.py:393
+#: part/views.py:395
 msgid "Copied part"
 msgstr ""
 
-#: part/views.py:518
+#: part/views.py:520
 msgid "Created new part"
 msgstr ""
 
-#: part/views.py:733
+#: part/views.py:735
 msgid "Part QR Code"
 msgstr ""
 
-#: part/views.py:752
+#: part/views.py:754
 msgid "Upload Part Image"
 msgstr ""
 
-#: part/views.py:760 part/views.py:797
+#: part/views.py:762 part/views.py:799
 msgid "Updated part image"
 msgstr ""
 
-#: part/views.py:769
+#: part/views.py:771
 msgid "Select Part Image"
 msgstr ""
 
-#: part/views.py:800
+#: part/views.py:802
 msgid "Part image not found"
 msgstr ""
 
-#: part/views.py:811
+#: part/views.py:813
 msgid "Edit Part Properties"
 msgstr ""
 
-#: part/views.py:835
+#: part/views.py:837
 msgid "Validate BOM"
 msgstr ""
 
-#: part/views.py:1002
+#: part/views.py:1004
 msgid "No BOM file provided"
 msgstr ""
 
-#: part/views.py:1352
+#: part/views.py:1354
 msgid "Enter a valid quantity"
 msgstr ""
 
-#: part/views.py:1377 part/views.py:1380
+#: part/views.py:1379 part/views.py:1382
 msgid "Select valid part"
 msgstr ""
 
-#: part/views.py:1386
+#: part/views.py:1388
 msgid "Duplicate part selected"
 msgstr ""
 
-#: part/views.py:1424
+#: part/views.py:1426
 msgid "Select a part"
 msgstr ""
 
-#: part/views.py:1430
+#: part/views.py:1432
 msgid "Selected part creates a circular BOM"
 msgstr ""
 
-#: part/views.py:1434
+#: part/views.py:1436
 msgid "Specify quantity"
 msgstr ""
 
-#: part/views.py:1690
+#: part/views.py:1692
 msgid "Confirm Part Deletion"
 msgstr ""
 
-#: part/views.py:1699
+#: part/views.py:1701
 msgid "Part was deleted"
 msgstr ""
 
-#: part/views.py:1708
+#: part/views.py:1710
 msgid "Part Pricing"
 msgstr ""
 
-#: part/views.py:1834
+#: part/views.py:1836
 msgid "Create Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1844
+#: part/views.py:1846
 msgid "Edit Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1853
+#: part/views.py:1855
 msgid "Delete Part Parameter Template"
 msgstr ""
 
-#: part/views.py:1863
+#: part/views.py:1865
 msgid "Create Part Parameter"
 msgstr ""
 
-#: part/views.py:1915
+#: part/views.py:1917
 msgid "Edit Part Parameter"
 msgstr ""
 
-#: part/views.py:1931
+#: part/views.py:1933
 msgid "Delete Part Parameter"
 msgstr ""
 
-#: part/views.py:1990
+#: part/views.py:1992
 msgid "Edit Part Category"
 msgstr ""
 
-#: part/views.py:2027
+#: part/views.py:2029
 msgid "Delete Part Category"
 msgstr ""
 
-#: part/views.py:2035
+#: part/views.py:2037
 msgid "Part category was deleted"
 msgstr ""
 
-#: part/views.py:2098
+#: part/views.py:2100
 msgid "Create BOM item"
 msgstr ""
 
-#: part/views.py:2166
+#: part/views.py:2168
 msgid "Edit BOM item"
 msgstr ""
 
-#: part/views.py:2216
+#: part/views.py:2218
 msgid "Confim BOM item deletion"
 msgstr ""
 
@@ -4497,58 +4513,58 @@ msgstr ""
 msgid "Delete Stock"
 msgstr ""
 
-#: users/admin.py:62
+#: users/admin.py:61
 msgid "Users"
 msgstr ""
 
-#: users/admin.py:63
+#: users/admin.py:62
 msgid "Select which users are assigned to this group"
 msgstr ""
 
-#: users/admin.py:124
+#: users/admin.py:120
 msgid "Personal info"
 msgstr ""
 
-#: users/admin.py:125
+#: users/admin.py:121
 msgid "Permissions"
 msgstr ""
 
-#: users/admin.py:128
+#: users/admin.py:124
 msgid "Important dates"
 msgstr ""
 
-#: users/models.py:124
+#: users/models.py:128
 msgid "Permission set"
 msgstr ""
 
-#: users/models.py:132
+#: users/models.py:136
 msgid "Group"
 msgstr ""
 
-#: users/models.py:135
+#: users/models.py:139
 msgid "View"
 msgstr ""
 
-#: users/models.py:135
+#: users/models.py:139
 msgid "Permission to view items"
 msgstr ""
 
-#: users/models.py:137
-msgid "Create"
-msgstr ""
-
-#: users/models.py:137
-msgid "Permission to add items"
-msgstr ""
-
-#: users/models.py:139
-msgid "Update"
-msgstr ""
-
-#: users/models.py:139
-msgid "Permissions to edit items"
+#: users/models.py:141
+msgid "Add"
 msgstr ""
 
 #: users/models.py:141
+msgid "Permission to add items"
+msgstr ""
+
+#: users/models.py:143
+msgid "Change"
+msgstr ""
+
+#: users/models.py:143
+msgid "Permissions to edit items"
+msgstr ""
+
+#: users/models.py:145
 msgid "Permission to delete items"
 msgstr ""