import('ttConfigHelper');
// Access checks.
-if (!(ttAccessAllowed('manage_basic_settings') || ttAccessAllowed('manage_advanced_settings'))) {
- header('Location: access_denied.php');
- exit();
+// There are 4 distinct situations:
+// 1) Editing home group in get or post.
+// 2) Editing a subgroup in get or post.
+// We'll check access separately as it is about different right checks.
+if ($request->isGet()) {
+ $group_id = $request->getParameter('id') ? $request->getParameter('id') : $user->getGroup();
+} else {
+ $group_id = $request->getParameter('group') ? $request->getParameter('group') : $user->getGroup();
+}
+$home_group = $user->group_id == $group_id;
+if ($home_group) {
+ // Editing home group.
+ if (!(ttAccessAllowed('manage_basic_settings') || ttAccessAllowed('manage_advanced_settings'))) {
+ header('Location: access_denied.php'); // Not allowed to edit home group settings.
+ exit();
+ }
+} else {
+ // Editing a subgroup.
+ if (!ttAccessAllowed('manage_subgroups')) {
+ header('Location: access_denied.php'); // No right to manage subgroups.
+ exit();
+ }
+ if (!$user->isSubgroupValid($group_id)) {
+ header('Location: access_denied.php'); // Wrong subgroup.
+ exit();
+ }
}
// End of access checks.
-$config = new ttConfigHelper($user->config);
+// Set on behalf group accordingly.
+$groupChanged = $request->getParameter('group_changed');
+if ($request->isPost() && $groupChanged) {
+ $user->setOnBehalfGroup($group_id);
+}
+
+$groups = $user->getGroupsForDropdown();
+$group = ttGroupHelper::getGroupAttrs($group_id);
+$config = new ttConfigHelper($group['config']);
-$advanced_settings = $user->can('manage_advanced_settings');
+$advanced_settings = $home_group ? $user->can('manage_advanced_settings') : true;
if (!defined('CURRENCY_DEFAULT')) define('CURRENCY_DEFAULT', '$');
-if ($request->isPost()) {
+if ($request->isPost() && !$groupChanged) {
$cl_group = trim($request->getParameter('group_name'));
+ $cl_description = trim($request->getParameter('description'));
$cl_currency = trim($request->getParameter('currency'));
if (!$cl_currency) $cl_currency = CURRENCY_DEFAULT;
$cl_lang = $request->getParameter('lang');
$cl_allow_overlap = $request->getParameter('allow_overlap');
$cl_future_entries = $request->getParameter('future_entries');
$cl_uncompleted_indicators = $request->getParameter('uncompleted_indicators');
+ $cl_confirm_save = $request->getParameter('confirm_save');
$cl_bcc_email = trim($request->getParameter('bcc_email'));
$cl_allow_ip = trim($request->getParameter('allow_ip'));
} else {
- $cl_group = $user->group_name;
- $cl_currency = ($user->currency == ''? CURRENCY_DEFAULT : $user->currency);
- $cl_lang = $user->lang;
- $cl_decimal_mark = $user->decimal_mark;
- $cl_date_format = $user->date_format;
- $cl_time_format = $user->time_format;
- $cl_start_week = $user->week_start;
- $cl_show_holidays = $user->show_holidays;
- $cl_tracking_mode = $user->tracking_mode;
- $cl_project_required = $user->project_required;
- $cl_task_required = $user->task_required;
- $cl_record_type = $user->record_type;
- $cl_punch_mode = $user->punch_mode;
- $cl_allow_overlap = $user->allow_overlap;
- $cl_future_entries = $user->future_entries;
- $cl_uncompleted_indicators = $user->uncompleted_indicators;
- $cl_bcc_email = $user->bcc_email;
- $cl_allow_ip = $user->allow_ip;
+ $cl_group = $group['name'];
+ $cl_description = $group['description'];
+ $cl_currency = ($group['currency'] == ''? CURRENCY_DEFAULT : $group['currency']);
+ $cl_lang = $group['lang'];
+ $cl_decimal_mark = $group['decimal_mark'];
+ $cl_date_format = $group['date_format'];
+ $cl_time_format = $group['time_format'];
+ $cl_start_week = $group['week_start'];
+ $cl_show_holidays = $config->getDefinedValue('show_holidays');
+ $cl_tracking_mode = $group['tracking_mode'];
+ $cl_project_required = $group['project_required'];
+ $cl_task_required = $group['task_required'];
+ $cl_record_type = $group['record_type'];
+ $cl_punch_mode = $config->getDefinedValue('punch_mode');
+ $cl_allow_overlap = $config->getDefinedValue('allow_overlap');
+ $cl_future_entries = $config->getDefinedValue('future_entries');
+ $cl_uncompleted_indicators = $config->getDefinedValue('uncompleted_indicators');
+ $cl_confirm_save = $config->getDefinedValue('confirm_save');
+ $cl_bcc_email = $group['bcc_email'];
+ $cl_allow_ip = $group['allow_ip'];
}
$form = new Form('groupForm');
+$form->addInput(array('type'=>'hidden','name'=>'id','value'=>$group_id));
+if (count($groups) > 1) {
+ $form->addInput(array('type'=>'combobox',
+ 'onchange'=>'document.groupForm.group_changed.value=1;document.groupForm.submit();',
+ 'name'=>'group',
+ 'style'=>'width: 250px;',
+ 'value'=>$group_id,
+ 'data'=>$groups,
+ 'datakeys'=>array('id','name')));
+ $form->addInput(array('type'=>'hidden','name'=>'group_changed'));
+ $smarty->assign('group_dropdown', 1);
+}
$form->addInput(array('type'=>'text','maxlength'=>'200','name'=>'group_name','value'=>$cl_group,'enable'=>$advanced_settings));
+$form->addInput(array('type'=>'textarea','name'=>'description','style'=>'width: 250px; height: 40px;','value'=>$cl_description));
$form->addInput(array('type'=>'text','maxlength'=>'7','name'=>'currency','value'=>$cl_currency));
// Prepare an array of available languages.
// Uncompleted indicators checkbox.
$form->addInput(array('type'=>'checkbox','name'=>'uncompleted_indicators','value'=>$cl_uncompleted_indicators));
+// Confirm save checkbox.
+$form->addInput(array('type'=>'checkbox','name'=>'confirm_save','value'=>$cl_confirm_save));
+
// Add bcc email control.
if ($advanced_settings) {
$form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'bcc_email','value'=>$cl_bcc_email));
$form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->get('button.save')));
if ($user->can('delete_group')) $form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('button.delete')));
+$form->setValueByElement('group_changed','');
+
if ($request->isPost()) {
if ($request->getParameter('btn_delete')) {
// Delete button pressed, redirect.
- header('Location: group_delete.php?id='.$user->group_id);
+ header('Location: group_delete.php?id='.$group_id);
exit();
}
- // Validate user input.
- if (!ttValidString($cl_group, true)) $err->add($i18n->get('error.field'), $i18n->get('label.group_name'));
- if (!ttValidString($cl_currency, true)) $err->add($i18n->get('error.field'), $i18n->get('label.currency'));
- if ($advanced_settings) {
- if (!ttValidEmail($cl_bcc_email, true)) $err->add($i18n->get('error.field'), $i18n->get('label.bcc'));
- if (!ttValidIP($cl_allow_ip, true)) $err->add($i18n->get('error.field'), $i18n->get('form.group_edit.allow_ip'));
- }
- // Finished validating user input.
-
- if ($err->no()) {
- // Update config.
- $config->setDefinedValue('show_holidays', $cl_show_holidays);
- $config->setDefinedValue('punch_mode', $cl_punch_mode);
- $config->setDefinedValue('allow_overlap', $cl_allow_overlap);
- $config->setDefinedValue('future_entries', $cl_future_entries);
- $config->setDefinedValue('uncompleted_indicators', $cl_uncompleted_indicators);
-
- if ($user->updateGroup(array(
- 'name' => $cl_group,
- 'currency' => $cl_currency,
- 'lang' => $cl_lang,
- 'decimal_mark' => $cl_decimal_mark,
- 'date_format' => $cl_date_format,
- 'time_format' => $cl_time_format,
- 'week_start' => $cl_start_week,
- 'tracking_mode' => $cl_tracking_mode,
- 'project_required' => $cl_project_required,
- 'task_required' => $cl_task_required,
- 'record_type' => $cl_record_type,
- 'uncompleted_indicators' => $cl_uncompleted_indicators,
- 'bcc_email' => $cl_bcc_email,
- 'allow_ip' => $cl_allow_ip,
- 'config' => $config->getConfig()))) {
- header('Location: time.php');
- exit();
- } else
- $err->add($i18n->get('error.db'));
+ if ($request->getParameter('btn_save')) {
+ // Validate user input.
+ if (!ttValidString($cl_group)) $err->add($i18n->get('error.field'), $i18n->get('label.group_name'));
+ if (!ttValidString($cl_description, true)) $err->add($i18n->get('error.field'), $i18n->get('label.description'));
+ if (!ttValidString($cl_currency, true)) $err->add($i18n->get('error.field'), $i18n->get('label.currency'));
+ if ($advanced_settings) {
+ if (!ttValidEmail($cl_bcc_email, true)) $err->add($i18n->get('error.field'), $i18n->get('label.bcc'));
+ if (!ttValidIP($cl_allow_ip, true)) $err->add($i18n->get('error.field'), $i18n->get('form.group_edit.allow_ip'));
+ }
+ // Finished validating user input.
+
+ if ($err->no()) {
+ // Update config.
+ $config->setDefinedValue('show_holidays', $cl_show_holidays);
+ $config->setDefinedValue('punch_mode', $cl_punch_mode);
+ $config->setDefinedValue('allow_overlap', $cl_allow_overlap);
+ $config->setDefinedValue('future_entries', $cl_future_entries);
+ $config->setDefinedValue('uncompleted_indicators', $cl_uncompleted_indicators);
+ $config->setDefinedValue('confirm_save', $cl_confirm_save);
+
+ if ($user->updateGroup(array(
+ 'group_id' => $group_id,
+ 'name' => $cl_group,
+ 'description' => $cl_description,
+ 'currency' => $cl_currency,
+ 'lang' => $cl_lang,
+ 'decimal_mark' => $cl_decimal_mark,
+ 'date_format' => $cl_date_format,
+ 'time_format' => $cl_time_format,
+ 'week_start' => $cl_start_week,
+ 'tracking_mode' => $cl_tracking_mode,
+ 'project_required' => $cl_project_required,
+ 'task_required' => $cl_task_required,
+ 'record_type' => $cl_record_type,
+ 'uncompleted_indicators' => $cl_uncompleted_indicators,
+ 'bcc_email' => $cl_bcc_email,
+ 'allow_ip' => $cl_allow_ip,
+ 'config' => $config->getConfig()))) {
+ header('Location: success.php');
+ exit();
+ } else
+ $err->add($i18n->get('error.db'));
+ }
}
} // isPost
$smarty->assign('auth_external', $auth->isPasswordExternal());
+$smarty->assign('group_id', $group_id);
+$smarty->assign('group_dropdown', count($groups) > 1);
$smarty->assign('forms', array($form->getName()=>$form->toArray()));
$smarty->assign('onload', 'onLoad="handleTaskRequiredCheckbox(); handlePluginCheckboxes();"');
$smarty->assign('title', $i18n->get('title.edit_group'));