X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttUser.class.php;h=815eff7c703029dd91657aba72661edcbe1c3766;hb=ecbfa220ec9448151166495a3dad39fa97b6c604;hp=b433e6ef86f4d8b8122b78b3cc1e0b5c77d41d39;hpb=bf5ddc4f34213ffe75d6d601c16148a3fe506455;p=timetracker.git

diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php
index b433e6ef..815eff7c 100644
--- a/WEB-INF/lib/ttUser.class.php
+++ b/WEB-INF/lib/ttUser.class.php
@@ -46,6 +46,9 @@ class ttUser {
   var $project_required = 0;    // Whether project selection is required on time entires.
   var $task_required = 0;       // Whether task selection is required on time entires.
   var $record_type = 0;         // Record type (duration vs start and finish, or both).
+  var $punch_mode = 0;          // Whether punch mode is enabled for user.
+  var $allow_overlap = 0;       // Whether to allow overlapping time entries.
+  var $future_entries = 0;      // Whether to allow creating future entries.
   var $uncompleted_indicators = 0; // Uncompleted time entry indicators (show nowhere or on users page).
   var $bcc_email = null;        // Bcc email.
   var $currency = null;         // Currency.
@@ -56,6 +59,7 @@ class ttUser {
   var $lock_spec = null;        // Cron specification for record locking.
   var $workday_minutes = 480;   // Number of work minutes in a regular day.
   var $rights = 0;              // A mask of user rights.
+  var $rights_array = array();  // An array of user rights, planned replacement of array mask.
 
   // Constructor.
   function __construct($login, $id = null) {
@@ -68,7 +72,7 @@ class ttUser {
 
     $sql = "SELECT u.id, u.login, u.name, u.team_id, u.role, u.client_id, u.email, t.name as team_name, 
       t.currency, t.lang, t.decimal_mark, t.date_format, t.time_format, t.week_start,
-      t.tracking_mode, t.project_required, t.task_required, t.record_type, t.uncompleted_indicators,
+      t.tracking_mode, t.project_required, t.task_required, t.record_type,
       t.bcc_email, t.plugins, t.config, t.lock_spec, t.workday_minutes, t.custom_logo
       FROM tt_users u LEFT JOIN tt_teams t ON (u.team_id = t.id) WHERE ";
     if ($id)
@@ -100,7 +104,6 @@ class ttUser {
       $this->project_required = $val['project_required'];
       $this->task_required = $val['task_required'];
       $this->record_type = $val['record_type'];
-      $this->uncompleted_indicators = $val['uncompleted_indicators'];
       $this->bcc_email = $val['bcc_email'];
       $this->team = $val['team_name'];
       $this->currency = $val['currency'];
@@ -109,9 +112,15 @@ class ttUser {
       $this->workday_minutes = $val['workday_minutes'];
       $this->custom_logo = $val['custom_logo'];
 
-      // Set user config options.
       $this->config = $val['config'];
-      $this->show_holidays = in_array('show_holidays', explode(',', $this->config));
+      $config_array = explode(',', $this->config);
+
+      // Set user config options.
+      $this->show_holidays = in_array('show_holidays', $config_array);
+      $this->punch_mode = in_array('punch_mode', $config_array);
+      $this->allow_overlap = in_array('allow_overlap', $config_array);
+      $this->future_entries = in_array('future_entries', $config_array);
+      $this->uncompleted_indicators = in_array('uncompleted_indicators', $config_array);
 
       // Set "on behalf" id and name.
       if (isset($_SESSION['behalf_id'])) {
@@ -122,15 +131,57 @@ class ttUser {
       // Set user rights.
       if ($this->role == ROLE_USER) {
         $this->rights = right_data_entry|right_view_charts|right_view_reports;
+        // TODO: get customized rights from the database instead.
+        // $this->rights_array[] = "data_entry";          // Enter time and expense records into Time Tracker.
+        // $this->rights_array[] = "view_own_data";       // View own reports and charts.
+        // $this->rights_array[] = "manage_own_settings"; // Edit own settings.
+        // $this->rights_array[] = "view_users";          // View user names and roles in a group.
       } elseif ($this->role == ROLE_CLIENT) {
         $this->rights = right_view_reports|right_view_invoices; // TODO: how about right_view_charts, too?
+        // $this->rights_array[] = "view_own_data";       // View own reports, charts, and invoices.
+        // $this->rights_array[] = "manage_own_settings"; // Edit own settings.
       } elseif ($this->role == ROLE_COMANAGER) {
         $this->rights = right_data_entry|right_view_charts|right_view_reports|right_view_invoices|right_manage_team;
+        // $this->rights_array[] = "data_entry";          // Enter time and expense records into Time Tracker.
+        // $this->rights_array[] = "view_own_data";       // View own reports and charts.
+        // $this->rights_array[] = "manage_own_settings"; // Edit own settings.
+        // $this->rights_array[] = "view_users";          // View user names and roles in a group.
+        // $this->rights_array[] = "on_behalf_data_entry";// Can enter data on behalf of lower roles.
+        // $this->rights_array[] = "view_data";           // Can view data for lower roles.
+        $this->rights_array[] = "override_punch_mode"; // Can input any start and finish times for self and lower roles.
+        // TODO: get rights from the database instead.
       } elseif ($this->role == ROLE_MANAGER) {
         $this->rights = right_data_entry|right_view_charts|right_view_reports|right_view_invoices|right_manage_team|right_assign_roles|right_export_team;
+        $this->rights_array[] = "override_punch_mode"; // Can input any start and finish times for self and lower roles.
       } elseif ($this->role == ROLE_SITE_ADMIN) {
         $this->rights = right_administer_site;
       }
+
+/*
+// TODO: redesign of user rights and roles is currently ongoing.
+// As we run our of bits for sure at some point, rights should be strings instead,
+// for example: "data_entry".
+// Also, we need rights editor page and team-customized roles.
+// Move this stuff from here to ttUser class.
+//
+// User access rights - bits that collectively define an access mask to the system (a role).
+// We'll have some bits here (1,2, etc...) reserved for future use.
+define('right_data_entry', 4);     // Right to enter work hours and expenses.
+define('right_view_charts', 8);    // Right to view charts.
+define('right_view_reports', 16);  // Right to view reports.
+define('right_view_invoices', 32); // Right to view invoices.
+define('right_manage_team', 64);   // Right to manage team. Note that this is not full access to team.
+define('right_assign_roles', 128); // Right to assign user roles.
+define('right_export_team', 256);  // Right to export team data to a file.
+define('right_administer_site', 1024); // Admin account right to manage the application as a whole.
+
+// User roles.
+define('ROLE_USER', 4);          // Regular user.
+define('ROLE_CLIENT', 16);       // Client (to view reports and invoices).
+define('ROLE_COMANAGER', 68);    // Team co-manager. Can do many things but not as much as team manager.
+define('ROLE_MANAGER', 324);     // Team manager. Can do everything for a team.
+define('ROLE_SITE_ADMIN', 1024); // Site administrator.
+*/
     }
   }