header('Location: access_denied.php');
exit();
}
+if (!$user->isPluginEnabled('at')) {
+ header('Location: feature_disabled.php');
+ exit();
+}
$cl_id = (int)$request->getParameter('id');
-$time_rec = ttTimeHelper::getRecord($cl_id);
+$time_rec = ttTimeHelper::getRecordForFileView($cl_id);
if (!$time_rec) {
header('Location: access_denied.php');
exit();
}
-if (!$user->isPluginEnabled('at')) {
- header('Location: feature_disabled.php');
- exit();
-}
-// TODO: review access checks, specifically for on behalf operations.
// End of access checks.
if ($request->isPost()) {
}
} // isPost
-$canEdit = !($time_rec['approved'] || $time_rec['timesheet_id'] || $time_rec['invoice_id']);
-$smarty->assign('can_edit', $canEdit);
+$smarty->assign('can_edit', $time_rec['can_edit']);
$smarty->assign('forms', array($form->getName()=>$form->toArray()));
$smarty->assign('files', $files);
$smarty->assign('title', $i18n->get('title.time_files'));