import('ttTimeHelper');
import('DateAndTime');
-// Access check.
+// Access checks.
if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) {
header('Location: access_denied.php');
exit();
}
+$cl_id = (int)$request->getParameter('id');
+$time_rec = ttTimeHelper::getRecord($cl_id, $user->getActiveUser());
+if (!$time_rec || $time_rec['invoice_id']) {
+ // Prohibit editing not ours or invoiced records.
+ header('Location: access_denied.php');
+ exit();
+}
+// End of access checks.
// Use custom fields plugin if it is enabled.
if ($user->isPluginEnabled('cf')) {
require_once('plugins/CustomFields.class.php');
- $custom_fields = new CustomFields($user->team_id);
+ $custom_fields = new CustomFields($user->group_id);
$smarty->assign('custom_fields', $custom_fields);
}
-$cl_id = $request->getParameter('id');
-
-// Get the time record we are editing.
-$time_rec = ttTimeHelper::getRecord($cl_id, $user->getActiveUser());
-
-// Prohibit editing invoiced records.
-if ($time_rec['invoice_id']) die($i18n->get('error.sys'));
-
$item_date = new DateAndTime(DB_DATEFORMAT, $time_rec['date']);
// Initialize variables.
// Dropdown for clients in MODE_TIME. Use all active clients.
if (MODE_TIME == $user->tracking_mode && $user->isPluginEnabled('cl')) {
- $active_clients = ttTeamHelper::getActiveClients($user->team_id, true);
+ $active_clients = ttTeamHelper::getActiveClients($user->group_id, true);
$form->addInput(array('type'=>'combobox',
'onchange'=>'fillProjectDropdown(this.value);',
'name'=>'client',
// Dropdown for clients if the clients plugin is enabled.
if ($user->isPluginEnabled('cl')) {
- $active_clients = ttTeamHelper::getActiveClients($user->team_id, true);
+ $active_clients = ttTeamHelper::getActiveClients($user->group_id, true);
// We need an array of assigned project ids to do some trimming.
foreach($project_list as $project)
$projects_assigned_to_user[] = $project['id'];
}
if (MODE_PROJECTS_AND_TASKS == $user->tracking_mode) {
- $task_list = ttTeamHelper::getActiveTasks($user->team_id);
+ $task_list = ttTeamHelper::getActiveTasks($user->group_id);
$form->addInput(array('type'=>'combobox',
'name'=>'task',
'style'=>'width: 250px;',
$form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_id));
if ($user->isPluginEnabled('iv'))
$form->addInput(array('type'=>'checkbox','name'=>'billable','value'=>$cl_billable));
-if ($user->canManageTeam() && $user->isPluginEnabled('ps'))
+if ($user->can('manage_invoices') && $user->isPluginEnabled('ps'))
$form->addInput(array('type'=>'checkbox','name'=>'paid','value'=>$cl_paid));
$form->addInput(array('type'=>'hidden','name'=>'browser_today','value'=>'')); // User current date, which gets filled in on btn_save or btn_copy click.
$form->addInput(array('type'=>'submit','name'=>'btn_save','onclick'=>'browser_today.value=get_date()','value'=>$i18n->get('button.save')));
$id = ttTimeHelper::insert(array(
'date'=>$new_date->toString(DB_DATEFORMAT),
'user_id'=>$user->getActiveUser(),
+ 'group_id'=>$user->getActiveGroup(),
+ 'org_id' => $user->org_id,
'client'=>$cl_client,
'project'=>$cl_project,
'task'=>$cl_task,