I'm deploying a Magento 1.7 store, but I don't want that customers can see and download invoices from the frontend, accessing to their account. I will manage the invoicing process using a third party application, and I will send it to the customers not involving Magento. I would like to use the "Invoice" button in the admin interface to flag an order as paid and to put the order in the "complete" status, but I need to avoid that customers can access the Magento invoice because it's not the real invoice and does not comply with European law. I found this workaround: I copied the /app/design/frontend/base/default/layout/sales.xml into my template folder and I edited it removing all the lines like
<action method="addLink" translate="label" module="sales"><name>invoice</name><path>*/*/invoice</path><label>Invoices</label></action>
Now in the frontend account all "invoices" links are disappeared, but I'm not sure that's the best solution because I can access to the invoice pointing to the url http://mydomain.com/sales/order/invoice/order_id/7/ where "7" is the invoice number...
Can someone help me finding a best solution?
Thank you in advance!