A few bugs fixed related to role revamp.

[timetracker.git] / expense_edit.php

diff --git a/expense_edit.php b/expense_edit.php
index 7a256d6..dbd14d9 100644 (file)
--- a/expense_edit.php
+++ b/expense_edit.php
@@ -33,7 +33,7 @@ import('DateAndTime');
 import('ttExpenseHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
+if (!ttAccessAllowed('track_own_expenses') || !$user->isPluginEnabled('ex')) {
   header('Location: access_denied.php');
   exit();
 }
@@ -56,12 +56,15 @@ if ($request->isPost()) {
   $cl_project = $request->getParameter('project');
   $cl_item_name = trim($request->getParameter('item_name'));
   $cl_cost = trim($request->getParameter('cost'));
+  if ($user->isPluginEnabled('ps'))
+    $cl_paid = $request->getParameter('paid');
 } else {
   $cl_date = $item_date->toString($user->date_format);
   $cl_client = $expense_item['client_id'];
   $cl_project = $expense_item['project_id'];
   $cl_item_name = $expense_item['name'];
   $cl_cost = $expense_item['cost'];
+  $cl_paid = $expense_item['paid'];
 }
 
 // Initialize elements of 'expenseItemForm'.
@@ -134,6 +137,8 @@ if ($predefined_expenses) {
 }
 $form->addInput(array('type'=>'textarea','maxlength'=>'800','name'=>'item_name','style'=>'width: 250px; height:'.NOTE_INPUT_HEIGHT.'px;','value'=>$cl_item_name));
 $form->addInput(array('type'=>'text','maxlength'=>'40','name'=>'cost','style'=>'width: 100px;','value'=>$cl_cost));
+if ($user->canManageTeam() && $user->isPluginEnabled('ps'))
+  $form->addInput(array('type'=>'checkbox','name'=>'paid','value'=>$cl_paid));
 $form->addInput(array('type'=>'datefield','name'=>'date','maxlength'=>'20','value'=>$cl_date));
 // Hidden control for record id.
 $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_id));
@@ -157,7 +162,7 @@ if ($request->isPost()) {
   $new_date = new DateAndTime($user->date_format, $cl_date);
 
   // Prohibit creating entries in future.
-  if (defined('FUTURE_ENTRIES') && !isTrue(FUTURE_ENTRIES)) {
+  if (!$user->future_entries) {
     $browser_today = new DateAndTime(DB_DATEFORMAT, $request->getParameter('browser_today', null));
     if ($new_date->after($browser_today))
       $err->add($i18n->getKey('error.future_date'));
@@ -181,7 +186,7 @@ if ($request->isPost()) {
     // Now, an update.
     if ($err->no()) {
       if (ttExpenseHelper::update(array('id'=>$cl_id,'date'=>$new_date->toString(DB_DATEFORMAT),'user_id'=>$user->getActiveUser(),
-          'client_id'=>$cl_client,'project_id'=>$cl_project,'name'=>$cl_item_name,'cost'=>$cl_cost))) {
+          'client_id'=>$cl_client,'project_id'=>$cl_project,'name'=>$cl_item_name,'cost'=>$cl_cost,'paid'=>$cl_paid))) {
         header('Location: expenses.php?date='.$new_date->toString(DB_DATEFORMAT));
         exit();
       }