X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;ds=sidebyside;f=tofile.php;h=909fdd3eb9d3602714d685957e2969b67e2828f5;hb=4497564f2b685457b53b2523300178a18005b850;hp=abd1f278bd855ea0ed87479f690c53fb17da2cd4;hpb=a8a4278a6a87c600835890a10c774dfdc58e930a;p=timetracker.git diff --git a/tofile.php b/tofile.php index abd1f278..909fdd3e 100644 --- a/tofile.php +++ b/tofile.php @@ -31,16 +31,17 @@ import('form.Form'); import('form.ActionForm'); import('ttReportHelper'); -// Access check. +// Access checks. if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports'))) { header('Location: access_denied.php'); exit(); } +// End of access checks. // Use custom fields plugin if it is enabled. if ($user->isPluginEnabled('cf')) { require_once('plugins/CustomFields.class.php'); - $custom_fields = new CustomFields($user->team_id); + $custom_fields = new CustomFields($user->group_id); } // Report settings are stored in session bean before we get here. @@ -96,7 +97,7 @@ if ('xml' == $type) { } if ($bean->getAttribute('chcost')) { print "\tcanManageTeam() || $user->isClient()) + if ($user->can('manage_invoices') || $user->isClient()) print $subtotal['cost']; else print $subtotal['expenses']; @@ -110,7 +111,7 @@ if ('xml' == $type) { print "\n"; print "\t\n"; - if ($user->canManageTeam() || $user->isClient()) print "\t\n"; + if ($user->can('view_reports') || $user->can('view_all_reports') || $user->isClient()) print "\t\n"; if ($bean->getAttribute('chclient')) print "\t\n"; if ($bean->getAttribute('chproject')) print "\t\n"; if ($bean->getAttribute('chtask')) print "\t\n"; @@ -126,7 +127,7 @@ if ('xml' == $type) { if ($bean->getAttribute('chnote')) print "\t\n"; if ($bean->getAttribute('chcost')) { print "\tcanManageTeam() || $user->isClient()) + if ($user->can('manage_invoices') || $user->isClient()) print $item['cost']; else print $item['expense']; @@ -183,7 +184,7 @@ if ('csv' == $type) { print ',"'.$val.'"'; } if ($bean->getAttribute('chcost')) { - if ($user->canManageTeam() || $user->isClient()) + if ($user->can('manage_invoices') || $user->isClient()) print ',"'.$subtotal['cost'].'"'; else print ',"'.$subtotal['expenses'].'"'; @@ -193,7 +194,7 @@ if ('csv' == $type) { } else { // Normal report. Print headers. print '"'.$i18n->get('label.date').'"'; - if ($user->canManageTeam() || $user->isClient()) print ',"'.$i18n->get('label.user').'"'; + if ($user->can('view_reports') || $user->can('view_all_reports') || $user->isClient()) print ',"'.$i18n->get('label.user').'"'; if ($bean->getAttribute('chclient')) print ',"'.$i18n->get('label.client').'"'; if ($bean->getAttribute('chproject')) print ',"'.$i18n->get('label.project').'"'; if ($bean->getAttribute('chtask')) print ',"'.$i18n->get('label.task').'"'; @@ -211,7 +212,7 @@ if ('csv' == $type) { // Print items. foreach ($items as $item) { print '"'.$item['date'].'"'; - if ($user->canManageTeam() || $user->isClient()) print ',"'.str_replace('"','""',$item['user']).'"'; + if ($user->can('view_reports') || $user->can('view_all_reports') || $user->isClient()) print ',"'.str_replace('"','""',$item['user']).'"'; if ($bean->getAttribute('chclient')) print ',"'.str_replace('"','""',$item['client']).'"'; if ($bean->getAttribute('chproject')) print ',"'.str_replace('"','""',$item['project']).'"'; if ($bean->getAttribute('chtask')) print ',"'.str_replace('"','""',$item['task']).'"'; @@ -226,7 +227,7 @@ if ('csv' == $type) { } if ($bean->getAttribute('chnote')) print ',"'.str_replace('"','""',$item['note']).'"'; if ($bean->getAttribute('chcost')) { - if ($user->canManageTeam() || $user->isClient()) + if ($user->can('manage_invoices') || $user->isClient()) print ',"'.$item['cost'].'"'; else print ',"'.$item['expense'].'"';