return false;
}
- // The getRoleID looks up a role by its rank.
- static function getRoleByRank($rank) {
+ // isClientRole determines if the role is a "client" role.
+ // This simply means the role has no "track_own_time" right.
+ static function isClientRole($role_id) {
+ global $user;
+ $mdb2 = getConnection();
+
+ $sql = "select rights from tt_roles where team_id = $user->team_id and id = $role_id";
+ $res = $mdb2->query($sql);
+
+ if (!is_a($res, 'PEAR_Error')) {
+ $val = $res->fetchRow();
+ if ($val['rights']) {
+ return !in_array('track_own_time', explode(',', $val['rights']));
+ }
+ }
+ return false;
+ }
+
+ // getRoleByRank looks up a role by its rank.
+ static function getRoleByRank($rank, $team_id) {
global $user;
$mdb2 = getConnection();
$rank = (int) $rank; // Cast to int just in case for better security.
- $sql = "select id from tt_roles where team_id = $user->team_id and rank = $rank and (status = 1 or status = 0)";
+ $sql = "select id from tt_roles where team_id = $team_id and rank = $rank and (status = 1 or status = 0)";
$res = $mdb2->query($sql);
if (!is_a($res, 'PEAR_Error')) {
$val = $res->fetchRow();
if ($val['id'])
- return $val;
+ return $val['id'];
}
return false;
}
$id = (int)$fields['id'];
if (isset($fields['name'])) $name_part = 'name = '.$mdb2->quote($fields['name']);
+ if (isset($fields['rank'])) $rank_part = ', rank = '.(int)$fields['rank'];
if (isset($fields['description'])) $descr_part = ', description = '.$mdb2->quote($fields['description']);
if (isset($fields['status'])) $status_part = ', status = '.(int)$fields['status'];
if (isset($fields['rights'])) $rights_part = ', rights = '.$mdb2->quote($fields['rights']);
- $parts = trim($name_part.$descr_part.$status_part.$rights_part, ',');
+ $parts = trim($name_part.$rank_part.$descr_part.$status_part.$rights_part, ',');
$sql = "update tt_roles set $parts where id = $id and team_id = $user->team_id";
$affected = $mdb2->exec($sql);
return (!is_a($affected, 'PEAR_Error'));
if (is_a($affected, 'PEAR_Error'))
return false;
- return true;
- }
-
- // rolesExist - checks whether roles for team already exist.
- static function rolesExist()
- {
- $mdb2 = getConnection();
- global $user;
-
- $sql = "select count(*) as count from tt_roles where team_id = $user->team_id";
+ $sql = "SELECT LAST_INSERT_ID() AS last_id";
$res = $mdb2->query($sql);
- if (!is_a($res, 'PEAR_Error')) {
- $val = $res->fetchRow();
- if ($val['count'] > 0)
- return true; // Roles for team exist.
- }
- return false;
+ $val = $res->fetchRow();
+ $last_id = $val['last_id'];
+ return $last_id;
}
// createPredefinedRoles - creates a set of predefined roles for the team to use.
$mdb2 = getConnection();
- $rights_client = 'view_own_data,manage_own_settings';
- $rights_user = 'data_entry,view_own_data,manage_own_settings,view_users';
- $rights_supervisor = $rights_user.',on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets';
+ $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
+ $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,manage_own_settings,view_users';
+ $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets';
$rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices';
$rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
// Active roles.
- $name = $mdb2->quote($i18n->getKey('role.user.label'));
- $description = $mdb2->quote($i18n->getKey('role.user.description'));
+ $name = $mdb2->quote($i18n->get('role.user.label'));
+ $description = $mdb2->quote($i18n->get('role.user.description'));
$rights = $mdb2->quote($rights_user);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 4, $rights, 1)";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error'))
return false;
- $name = $mdb2->quote($i18n->getKey('role.client.label'));
- $description = $mdb2->quote($i18n->getKey('role.client.description'));
+ $name = $mdb2->quote($i18n->get('role.client.label'));
+ $description = $mdb2->quote($i18n->get('role.client.description'));
$rights = $mdb2->quote($rights_client);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 16, $rights, 1)";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error'))
return false;
- $name = $mdb2->quote($i18n->getKey('role.comanager.label'));
- $description = $mdb2->quote($i18n->getKey('role.comanager.description'));
+ $name = $mdb2->quote($i18n->get('role.comanager.label'));
+ $description = $mdb2->quote($i18n->get('role.comanager.description'));
$rights = $mdb2->quote($rights_comanager);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 68, $rights, 1)";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error'))
return false;
- $name = $mdb2->quote($i18n->getKey('role.manager.label'));
- $description = $mdb2->quote($i18n->getKey('role.manager.description'));
+ $name = $mdb2->quote($i18n->get('role.manager.label'));
+ $description = $mdb2->quote($i18n->get('role.manager.description'));
$rights = $mdb2->quote($rights_manager);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 324, $rights, 1)";
$affected = $mdb2->exec($sql);
return false;
// Inactive roles.
- $name = $mdb2->quote($i18n->getKey('role.supervisor.label'));
- $description = $mdb2->quote($i18n->getKey('role.supervisor.description'));
+ $name = $mdb2->quote($i18n->get('role.supervisor.label'));
+ $description = $mdb2->quote($i18n->get('role.supervisor.description'));
$rights = $mdb2->quote($rights_supervisor);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 12, $rights, 0)";
$affected = $mdb2->exec($sql);
global $i18n;
global $user;
- $rights_client = 'view_own_data,manage_own_settings';
- $rights_user = 'data_entry,view_own_data,manage_own_settings,view_users';
- $rights_supervisor = $rights_user.',on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets';
+ $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
+ $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,manage_own_settings,view_users';
+ $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets';
$rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices';
$rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
// Active roles.
- $name = $mdb2->quote($i18n->getKey('role.user.label'));
- $description = $mdb2->quote($i18n->getKey('role.user.description'));
+ $name = $mdb2->quote($i18n->get('role.user.label'));
+ $description = $mdb2->quote($i18n->get('role.user.description'));
$rights = $mdb2->quote($rights_user);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 4, $rights, 1)";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error'))
return false;
- $name = $mdb2->quote($i18n->getKey('role.client.label'));
- $description = $mdb2->quote($i18n->getKey('role.client.description'));
+ $name = $mdb2->quote($i18n->get('role.client.label'));
+ $description = $mdb2->quote($i18n->get('role.client.description'));
$rights = $mdb2->quote($rights_client);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 16, $rights, 1)";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error'))
return false;
- $name = $mdb2->quote($i18n->getKey('role.comanager.label'));
- $description = $mdb2->quote($i18n->getKey('role.comanager.description'));
+ $name = $mdb2->quote($i18n->get('role.comanager.label'));
+ $description = $mdb2->quote($i18n->get('role.comanager.description'));
$rights = $mdb2->quote($rights_comanager);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 68, $rights, 1)";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error'))
return false;
- $name = $mdb2->quote($i18n->getKey('role.manager.label'));
- $description = $mdb2->quote($i18n->getKey('role.manager.description'));
+ $name = $mdb2->quote($i18n->get('role.manager.label'));
+ $description = $mdb2->quote($i18n->get('role.manager.description'));
$rights = $mdb2->quote($rights_manager);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 324, $rights, 1)";
$affected = $mdb2->exec($sql);
return false;
// Inactive roles.
- $name = $mdb2->quote($i18n->getKey('role.supervisor.label'));
- $description = $mdb2->quote($i18n->getKey('role.supervisor.description'));
+ $name = $mdb2->quote($i18n->get('role.supervisor.label'));
+ $description = $mdb2->quote($i18n->get('role.supervisor.description'));
$rights = $mdb2->quote($rights_supervisor);
$sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 12, $rights, 0)";
$affected = $mdb2->exec($sql);